agestra 4.14.2 → 4.14.3

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agestra",
-  "version": "4.14.2",
+  "version": "4.14.3",
   "description": "Multi-host MCP orchestration for Claude Code, Codex CLI, Gemini CLI, and local models",
   "type": "module",
   "packageManager": "npm@11.11.0",

package/scripts/host-assets/categories.mjs

@@ -33,6 +33,9 @@ const ORCHESTRATOR_LEAD_MCP = Object.freeze(
     "environment_check",
     "provider_list",
     "provider_health",
+    "provider_readiness",
+    "provider_trust_apply",
+    "run_observable_events",
     "trace_query",
     "trace_summary",
     "trace_visualize",

package/skills/design.md

@@ -68,7 +68,7 @@ Greenfield: no relevant source code exists for the feature. Brownfield: modifyin
 - Anything the user wants to explain in their own words.
 
 **Host research consensus inputs (mandatory before provider fan-out):**
-- "Provider-backed design uses host-led research consensus. What should the host-led investigation look for: existing patterns in this codebase, prior art / competing implementations, constraints / regulations, current-information needs, or skip?"
+- "Provider-backed design can use Host-led, Council, or Provider-seeded research. What should the selected investigation look for: existing patterns in this codebase, prior art / competing implementations, constraints / regulations, current-information needs, or skip?"
 - "Should any participant or lens receive a specific research assignment, or should team-lead choose the assignment rows?"
 
 **After each user answer:**
@@ -93,9 +93,22 @@ Greenfield: no relevant source code exists for the feature. Brownfield: modifyin
 
 **Hard gate:** Do not start `environment_check`, `provider_list`, team-lead handoff, or provider fan-out until the design subject and need-to-know dimensions have explicit user-provided values, explicit user-requested defaults, or explicit defer/skip values. If the user says "enough" before ambiguity is low, record the residual risk in the handoff packet instead of silently filling gaps.
 
-### Phase 2: Route execution
+### Phase 2: Choose 조사 방식
 
-This skill is **information-gathering only**. After Phase 1, hand off to the appropriate executor based on environment.
+Before provider fan-out, ask once which investigation topology to use unless the user already specified it:
+
+| Option | Description |
+|--------|-------------|
+| **Host-led Research (Recommended)** | The current host/native researchers inspect the codebase and prepare the first design evidence packet; providers challenge and debate it. Record internally as `host-seeded`. |
+| **Council Research** | Host and providers independently investigate design options with assigned lenses before consolidation and debate. |
+| **Provider-seeded Research** | One selected provider creates the first design seed/evidence artifact; host and other providers challenge it. |
+| **Decide automatically** | Use Host-led for bounded design work, Council for broad architecture exploration, and Provider-seeded only when the user named a provider to lead. |
+
+Use `AskUserQuestion` when available, or a plain numbered prompt as fallback. This is a cost/latency gate, not a design clarification. If a host-level no-questions directive prevents asking, choose Host-led Research (`host-seeded`) and report that broader provider investigation was skipped. If Provider-seeded Research is selected and the seed provider is not explicit, record the seed provider as pending; after provider availability is listed, ask which available provider should seed. Do not infer it.
+
+### Phase 3: Route execution
+
+This skill is **information-gathering only**. After Phases 1-2, hand off to the appropriate executor based on environment.
 
 Call `environment_check` and `provider_list`.
 
@@ -105,7 +118,7 @@ Call `environment_check` and `provider_list`.
 Stop Agestra orchestration and tell the user to run `/agestra setup` to enable a provider, or ask the current host to do design work directly outside Agestra. Do not spawn a host specialist from this skill.
 
 **Provider-backed path — 1+ external providers available (multi-AI):**
-Hand off to the `agestra:agestra-team-lead` agent with multi-AI mode **pre-selected**. Provider-backed design uses the host research consensus flow:
+Hand off to the `agestra:agestra-team-lead` agent with multi-AI mode **pre-selected**. Provider-backed design uses the selected research topology flow:
 
 ```text
 호스트가 조사한다.
@@ -125,7 +138,8 @@ External AI research and debate run in separate fresh sessions, even when the sa
 - **Idea decision record:** {path under `docs/ideas/` if the design came from a saved idea}
 - **Existing design docs:** {paths under `docs/plans/` if any}
 - **Consensus domain:** `design`
-- **Research notes:** {what the host-led investigation should look for — existing patterns, prior art, constraints, current-information needs}
+- **Research topology / 조사 방식:** {selected in Phase 2 — `host-seeded`, `council`, `provider-seeded`, or `automatic`}
+- **Research notes:** {what the selected investigation should look for — existing patterns, prior art, constraints, current-information needs}
 - **Research assignments:** {optional participant/lens rows for `research_assignments`, or "team-lead choose"}
 - **Available providers:** {from environment_check}
 - **Requested providers:** {explicit names captured from the user's wording, e.g. `[codex, gemini]`; otherwise "all available"}
@@ -135,7 +149,7 @@ External AI research and debate run in separate fresh sessions, even when the sa
 
 Team-lead owns:
 - Building the participant team (host designer + external providers + auto-injected specialists when applicable)
-- Calling `agent_research_consensus_start` with `domain: "design"`, the design `objective`, `participants`, optional `research_assignments`, optional `provider_order`, bounded `max_rounds`, and output document flags.
+- Resolving the selected research topology, then calling `agent_research_consensus_start` when investigation fan-out is required or `agent_consensus_start` with prepared `initial_aggregation.items` when seed/host evidence is already available.
 - Ensuring external AI research and debate use separate fresh sessions.
 - Never creating a bundled research pseudo-participant and never carrying research bundles through `source_documents`.
 - Inspecting `aggregation_record.json`, `open_debate_items.json`, `round_packet.{round}.{provider}.json`, the aggregation document, and the leader-authored final decision document under `docs/agestra/`.

package/skills/idea.md

@@ -12,7 +12,7 @@ description: >
 
 Idea and inspiration discovery. Help the user find what might be worth making, changing, or exploring next. Research similar projects when requested, collect user wishes and reference points, compare capabilities, and generate grounded but creative possibilities without filtering too early for implementation feasibility.
 
-Provider-backed idea discovery uses the host research consensus flow:
+Provider-backed idea discovery uses the selected research topology flow:
 
 ```text
 호스트가 조사한다.
@@ -65,7 +65,7 @@ Before researching, understand what the user needs through targeted questions. A
 | Area | "What kind of ideas should we explore? (design, usability, onboarding, new features, automation, performance, accessibility, docs, DX, integrations, monetization, community, other)" | Narrow or widen the search space |
 | User wishes | "What have users asked for, complained about, or seemed to want? Choose none if there are no known signals." | Anchor ideas in real demand |
 | Current audience | "Who uses this now, and what do they use it for most?" | Keep ideas relevant to actual users |
-| Research notes | "Provider-backed idea discovery uses host-led research consensus. What should the host-led investigation look for: competitors, user praise/complaints, current information, source constraints, or skip?" | Shape the research assignments |
+| Research notes | "Provider-backed idea discovery can use Host-led, Council, or Provider-seeded research. What should the selected investigation look for: competitors, user praise/complaints, current information, source constraints, or skip?" | Shape the research assignments |
 | Research assignments | "Should any participant or lens receive a specific research assignment, or should team-lead choose the assignment rows?" | Capture preferred division of labor |
 | Identity and boundaries | "What should not change about this project? Any identity, workflow, or area you want to protect? Choose unspecified if you are not sure." | Avoid ideas that break what already works |
 | Free notes | "Anything else you want me to keep in mind? Choose skip if not." | Capture taste, hunches, and side constraints |
@@ -85,7 +85,7 @@ After gathering context:
 | Must-have | "Is there one point that absolutely should exist?" | Preserve the user's spark |
 | Inspiration | "Are there apps, games, sites, or tools you want to reference? Choose none if there are no references." | Seed taste and competitor research |
 | Difference | "How should this feel different from existing apps? Choose unspecified if you are not sure." | Encourage differentiation without over-constraining |
-| Research notes | "Provider-backed idea discovery uses host-led research consensus. What should the host-led investigation look for: similar apps, user praise/complaints, current information, source constraints, or skip?" | Shape the research assignments |
+| Research notes | "Provider-backed idea discovery can use Host-led, Council, or Provider-seeded research. What should the selected investigation look for: similar apps, user praise/complaints, current information, source constraints, or skip?" | Shape the research assignments |
 | Research assignments | "Should any participant or lens receive a specific research assignment, or should team-lead choose the assignment rows?" | Capture preferred division of labor |
 | Free notes | "Anything else you want to say, even if it is rough? Choose skip if not." | Let vague inspiration stay useful |
 
@@ -93,9 +93,22 @@ After gathering context:
 
 **Early exit:** If the user provides all required fields upfront, skip redundant questions and proceed to Phase 2. If any required field is missing, ask for it one at a time.
 
-### Phase 2: Route execution
+### Phase 2: Choose 조사 방식
 
-This skill is **information-gathering only**. After Phase 1, hand off to the appropriate executor based on environment.
+Before provider fan-out, ask once which investigation topology to use unless the user already specified it:
+
+| Option | Description |
+|--------|-------------|
+| **Host-led Research (Recommended)** | The current host prepares the first evidence packet, then providers challenge and debate it. Fastest and lowest-cost default. Record internally as `host-seeded`. |
+| **Council Research** | Host and providers independently investigate assigned lenses before consolidation and debate. Stronger for broad/open-ended exploration. |
+| **Provider-seeded Research** | One selected provider creates the first seed/evidence artifact, then host and other providers challenge it. |
+| **Decide automatically** | Use Host-led for bounded topics, Council for broad idea discovery, and Provider-seeded only when the user named a provider to lead. |
+
+Use `AskUserQuestion` when available, or a plain numbered prompt as fallback. This is a cost/latency gate, not a domain clarification. If a host-level no-questions directive prevents asking, choose Host-led Research (`host-seeded`) and report that broader provider investigation was skipped. If Provider-seeded Research is selected and the seed provider is not explicit, record the seed provider as pending; after provider availability is listed, ask which available provider should seed. Do not infer it.
+
+### Phase 3: Route execution
+
+This skill is **information-gathering only**. After Phases 1-2, hand off to the appropriate executor based on environment.
 
 Call `environment_check` and `provider_list`.
 
@@ -110,10 +123,11 @@ Hand off to the `agestra:agestra-team-lead` agent with multi-AI mode **pre-selec
 - **Domain:** `idea`
 - **Mode:** `multi-ai` (pre-selected — team-lead must NOT re-ask orchestration mode)
 - **Idea mode:** `A` (existing project) or `B` (new project) — from Phase 1 detection
-- **Interview answers:** {all dimensions captured in Phase 1 — Intent/Area/User wishes/Current audience/Research route/Research notes/Identity and boundaries/Free notes for Mode A; Kind/Seed/Audience/Must-have/Inspiration/Difference/Research route/Research notes/Free notes for Mode B}
+- **Interview answers:** {all dimensions captured in Phase 1 — Intent/Area/User wishes/Current audience/Research notes/Identity and boundaries/Free notes for Mode A; Kind/Seed/Audience/Must-have/Inspiration/Difference/Research notes/Free notes for Mode B}
 - **Project context:** {README summary, current feature set if Mode A; seed idea verbatim if Mode B}
 - **Consensus domain:** `idea`
-- **Research notes:** {what the host-led investigation should look for}
+- **Research topology / 조사 방식:** {selected in Phase 2 — `host-seeded`, `council`, `provider-seeded`, or `automatic`}
+- **Research notes:** {what the selected investigation should look for}
 - **Research assignments:** {optional participant/lens rows for `research_assignments`, or "team-lead choose"}
 - **Available providers:** {from environment_check}
 - **Requested providers:** {explicit names captured from the user's wording; otherwise "all available"}
@@ -123,7 +137,8 @@ Hand off to the `agestra:agestra-team-lead` agent with multi-AI mode **pre-selec
 
 Team-lead owns:
 - Building the participant team. Any host ideator is invoked through the active host layer; external providers are MCP/CLI/chat participants only.
-- Calling `agent_research_consensus_start` with `domain: "idea"`, the idea `objective`, `participants`, optional `research_assignments`, optional `provider_order`, bounded `max_rounds`, and output document flags.
+- Resolving the selected research topology, then calling `agent_research_consensus_start` when investigation fan-out is required or `agent_consensus_start` with prepared `initial_aggregation.items` when seed/host evidence is already available.
+- For research fan-out, pass `domain: "idea"` to `agent_research_consensus_start`.
 - Ensuring external AI research and debate use separate fresh sessions.
 - Never creating a bundled research pseudo-participant and never carrying research bundles through `source_documents`.
 - Writing the project-facing idea decision record under `docs/agestra/YYYY-MM-DD-idea-<session-id>-result.md` from the aggregation document, JSON artifacts, consensus state, and the user's interview answers. Preserve disputed positions and weak-evidence flags rather than averaging them away.

package/skills/leader.md

@@ -30,9 +30,11 @@ off to the appropriate Agestra workflow with multi-AI mode pre-selected.
 
 Plain review/QA/check requests without `/agestra` or explicit multi-AI/provider wording stay with the current host; they are not Agestra natural-language auto-triggers.
 
-This skill is a **thin router** — it does not perform the work itself. The
-`agestra:agestra-team-lead` agent and the matching domain workflow execute the actual work
-in their own contexts.
+This skill is a **thin router** — it does not perform the work itself. It should
+auto-classify clear requests and route them quietly. It shows the domain menu
+only when the request is genuinely ambiguous. The matching domain skill gathers
+domain-specific requirements, then the `agestra:agestra-team-lead` agent executes
+the actual orchestration.
 
 ## When NOT to use
 
@@ -98,6 +100,14 @@ Distinguish `review` vs `qa`:
 - Inform the user once: "이 작업은 N단계로 나눕니다 — 먼저 X, 다음 Y." (in user's language)
 - Run them sequentially via repeated domain-skill → team-lead handoffs.
 
+**Clear-domain requests:**
+- Do not ask "which command?" when the domain is clear from the request.
+- Route directly to the matching domain skill.
+- Domain-specific cost, trust, runtime-depth, write, provider, or research-topology gates
+  are asked inside the domain skill or by team-lead, not here.
+- If the user says "알아서", "decide automatically", or equivalent and the
+  domain is clear, pass `automatic` intent forward instead of opening the menu.
+
 **Ambiguous requests** (multi-AI signal present but no clear domain):
 - Ask ONE targeted question via `AskUserQuestion` (or a plain numbered prompt as fallback).
 - Present the SIX options below. Match the question language to the user's language.
@@ -175,7 +185,7 @@ the domain skill should read:
 | `design` | `agestra:design` | |
 | `idea` | `agestra:idea` | |
 | `review` | `agestra:review` | |
-| `qa` | `agestra:qa` | Verification only. Asks QA depth, requires provider-backed QA Brigade, and stops with setup/direct-host guidance when no providers are available |
+| `qa` | `agestra:qa` | Verification only. Asks Host-only vs QA Brigade, then QA depth; provider-backed QA Brigade is optional and falls back to Host-only/setup guidance when no providers are available |
 | `security` | `agestra:security` | Dedicated security audit |
 | `implement` (default) | `agestra:implement` | Code changes + QA. Team-lead runs provider-backed code execution, host-owned evidence collection, and Phase 5M structured QA debate |
 
@@ -193,13 +203,23 @@ The domain skill is responsible for:
 
 1. Skipping its own domain-classification step (already done here)
 2. Running its information-gathering phase (Clarity Gate, scope, focus areas, Mode A/B)
-3. Building the handoff packet for `agestra:agestra-team-lead`
-4. Invoking team-lead with `Mode: multi-ai` pre-selected so team-lead does not re-interview
+3. Capturing the domain's `조사 방식` / research topology gate when provider-backed
+   investigation is possible: `host-seeded`, `council`, `provider-seeded`, or `automatic`
+4. Building the handoff packet for `agestra:agestra-team-lead`
+5. Invoking team-lead with `Mode: multi-ai` pre-selected so team-lead does not re-interview
 
 team-lead then owns:
 
 - Building the participant team from the reduced host-native agents (`agestra-research`, `agestra-debate`, `agestra-implementer`) and named external providers. External providers participate through MCP/CLI/chat routes and do not create or manage native host agents.
-- `agent_consensus_start` orchestration from prepared `initial_aggregation`
+- Resolving the selected research topology into concrete host-native research
+  assignments, external provider assignments, seed-provider work, and debate
+  participants. If topology is missing and asking is allowed, team-lead asks one
+  concise topology question; if no-questions mode blocks asking, team-lead uses
+  host-seeded research and reports that choice.
+- Consensus orchestration: `agent_research_consensus_start` when the selected
+  topology requires investigation before debate, or `agent_consensus_start` from
+  prepared `initial_aggregation` when the domain skill/team-lead already has
+  sufficient evidence
 - Approval gate (`agent_debate_approve` / `_continue` / `_reject`)
 - For `implement`: code edits via `agestra:agestra-implementer` or CLI workers
   (`cli_worker_spawn`), then `agent_changes_review` before merge

package/skills/provider-guide.md

@@ -58,7 +58,19 @@ Available via `/agestra review`, `/agestra qa`, `/agestra security`, `/agestra d
 |------|-------------|-------------|
 | **Consensus debate** | Independent work → aggregation → review rounds until consensus | Providers available (default) |
 
-When providers are enabled, commands go directly to consensus debate mode. No mode selection needed.
+When providers are enabled, explicit multi-AI/provider requests can go directly
+to the matching domain skill, but the domain skill still owns its question sheet
+and cost gates before team-lead dispatches providers. Idea, design, review,
+security, and explicit research workflows ask for `조사 방식` / research topology
+when provider-backed investigation is possible: Host-led Research, Council
+Research, Provider-seeded Research, or Decide automatically.
+
+`/agestra qa` is the exception: it must ask for Host-only QA, QA Brigade, or
+automatic selection because configured providers alone should not turn a
+verification request into a long provider-research run.
+If a host-level no-questions directive prevents that gate, use Host-only QA and
+report that provider fan-out was skipped. Trust registration remains a separate
+security approval gate and cannot be inferred from no-questions instructions.
 When no providers are enabled, run setup or handle the task directly outside Agestra.
 
 ### Implementation Work (실제 구현)
@@ -197,7 +209,7 @@ Phase 7: Report
 - `Multi-AI`: CLI workers + capability-matched local/tool model work for parallelized execution; team lead supervises and merges
 
 **QA domain:**
-- `/agestra qa` verifies existing work without code changes. It asks Standard vs Full E2E depth, writes a QA report under `docs/reports/qa/`, collects host-owned evidence, runs Connection / Boundary Checks (API/consumer data shape, route/link mapping, state transition completeness, command/result consistency, and E2E artifact interpretation), then runs the provider-backed QA Brigade. If no providers are enabled, it stops with setup/direct-host guidance. QA-only mode does not modify product code. It never spawns implementer or CLI workers for product fixes. If QA decides persistent E2E tests are needed, team-lead asks the user and routes only the approved test work to `agestra-implementer` with `mode: e2e-test-authoring`.
+- `/agestra qa` verifies existing work without code changes. It first asks Host-only QA vs QA Brigade vs automatic selection, then asks Standard vs Full E2E depth, writes a QA report under `docs/reports/qa/`, collects host-owned evidence, and runs Connection / Boundary Checks (API/consumer data shape, route/link mapping, state transition completeness, command/result consistency, and E2E artifact interpretation). QA Brigade cross-checks host-prepared findings through a short consensus round; it does not start with external provider research unless the user explicitly asks for deep provider research. If no providers are enabled, it offers Host-only QA or setup. QA-only mode does not modify product code. It never spawns implementer or CLI workers for product fixes. If QA decides persistent E2E tests are needed, team-lead asks the user and routes only the approved test work to `agestra-implementer` with `mode: e2e-test-authoring`.
 
 **Security domain:**
 - `/agestra security` writes a security report under `docs/reports/security/`. Tool installs, heavyweight static scans, networked package audits, and large-log scans require explicit user approval with the exact command, scope, privacy/telemetry note, expected time, and artifact path.

package/skills/qa.md

@@ -31,7 +31,19 @@ or `Current config: not found`:
 Use the provided design document or implemented scope. If unclear, ask which `docs/plans/` document should be the source of truth. If no design document exists, request `/agestra design` first.
 Use `AskUserQuestion` when available, or a plain numbered prompt as fallback. Do not proceed to QA depth or provider routing until the QA target/source-of-truth is explicit.
 
-### Phase 2: Choose QA Depth
+### Phase 2: Choose QA Execution Mode
+
+Ask once unless already specified:
+
+| Option | Description |
+|--------|-------------|
+| **Host-only QA (Recommended)** | Fastest path. The current host collects evidence, runs `qa_run`, writes the QA report, and does not call external providers. |
+| **QA Brigade** | Host evidence first, then enabled providers cross-check prepared findings through a short consensus round. Takes longer. |
+| **Decide automatically** | Use Host-only QA unless the target is broad/high-risk, the user explicitly asked for multiple AIs/providers, or the design has disputed evidence. |
+
+Use `AskUserQuestion` when available, or a plain numbered prompt as fallback. This is a cost/permission gate, not a clarifying question. Do not infer provider-backed QA merely because `/agestra qa` was invoked or providers are configured. Skip this question only when the user already explicitly requested current-host-only QA, named provider-backed/multi-AI QA, or selected a mode in the same request. If a host-level no-questions directive prevents asking, choose Host-only QA and report that provider fan-out was skipped.
+
+### Phase 3: Choose QA Depth
 
 Ask once unless already specified:
 
@@ -42,21 +54,31 @@ Ask once unless already specified:
 | **Decide automatically** | Include E2E for UI-heavy, auth, file, public-release, destructive, or complex state-flow work |
 
 Warn that E2E can cost more time, tokens, and local runtime setup.
-Use `AskUserQuestion` when available, or a plain numbered prompt as fallback. Do not infer QA depth unless the user chose `Decide automatically` or the request already explicitly asked for Standard QA or Full QA/E2E.
+Use `AskUserQuestion` when available, or a plain numbered prompt as fallback. This is a cost/permission gate, not a clarifying question. Do not infer QA depth unless the user chose `Decide automatically` or the request already explicitly asked for Standard QA or Full QA/E2E. If a host-level no-questions directive prevents asking, choose Standard QA and report that E2E was skipped unless the user explicitly requested it.
 
 Persistent E2E test files are not created or maintained by QA. If they are needed, QA returns an `E2E_TEST_WORK_REQUEST` packet; after explicit user approval, route it to `agestra:agestra-implementer` with `mode: e2e-test-authoring` and re-run QA after those tests exist. Use `AskUserQuestion` when available, or a plain numbered prompt as fallback. Do not infer approval.
 
-Also ask host-led research inputs before provider fan-out:
-- "Provider-backed QA uses host-led research consensus. What should the host-led investigation look for: spec-to-code mapping gaps, API/consumer data shape, route/link mapping, state transition completeness, command/result consistency, suspected regressions, integration/regression risk, edge / error states, test adequacy, safety hygiene, E2E artifact interpretation, or skip?"
-- "Should any participant or lens receive a specific research assignment, or should team-lead choose the assignment rows?"
+If QA Brigade was selected, also ask focused provider cross-check inputs before provider fan-out:
+- "QA Brigade uses host-prepared evidence first. What should providers cross-check: spec-to-code mapping gaps, API/consumer data shape, route/link mapping, state transition completeness, command/result consistency, suspected regressions, integration/regression risk, edge / error states, test adequacy, safety hygiene, E2E artifact interpretation, or skip?"
+- "Should any provider or host-native lens receive a specific cross-check assignment, or should team-lead choose the assignment rows?"
 
-### Phase 3: Route Execution
+### Phase 4: Route Execution
 
 Call `environment_check` and `provider_list`.
 
-If no external providers are available, stop Agestra orchestration and tell the user to run `/agestra setup` to enable a provider, or ask the current host to verify directly outside Agestra. Do not spawn a deleted standalone QA agent.
+If Host-only QA was selected, run the host-owned QA evidence pass directly:
+
+- Use `qa_run` for build/test verification where applicable.
+- Inspect the design/progress contract, implementation files, command output, and runtime/E2E artifacts according to the selected depth.
+- Use host-native `agestra-research` only as a bounded native helper assignment when the current host exposes native agents and the evidence question is narrow.
+- Write the QA report under `docs/reports/qa/`.
+- Do not call `agent_research_consensus_start`, `agent_consensus_start`, `ai_chat`, or external provider tools.
+
+If QA Brigade was selected but no external providers are available, stop provider orchestration and offer Host-only QA or `/agestra setup`. Do not spawn a provider-backed consensus with zero providers.
 
-If external providers are available, hand off to `agestra:agestra-team-lead`. Provider-backed QA uses the host research consensus flow:
+If QA Brigade was selected and external providers are available, first run workspace trust readiness for the exact target root. If supported providers are blocked, ask once whether to register only this project folder. This is a security approval gate, not a clarifying question; "keep going" / no-questions instructions are not approval. After approval, call `provider_trust_apply` once per blocked provider. Use `provider_trust_apply_all` only when the host permission model explicitly allows batch trust changes. If approval cannot be obtained, skip blocked providers or fall back to Host-only QA. Pass `workspace_base_dir` explicitly to provider readiness/trust and consensus calls whenever the host workspace root may be ambiguous.
+
+Then hand off to `agestra:agestra-team-lead`. Provider-backed QA uses the fast host-prepared consensus path by default:
 
 ```text
 호스트가 조사한다.
@@ -65,27 +87,30 @@ If external providers are available, hand off to `agestra:agestra-team-lead`. Pr
 호스트가 문서화한다.
 ```
 
-External AI research and debate run in separate fresh sessions, even when the same provider participates in both phases. Build a self-contained handoff packet:
+The host must prepare QA evidence before provider fan-out. External providers cross-check the prepared evidence; they do not run the initial research phase. Build a self-contained handoff packet:
 
 - **Domain:** `qa`
 - **Submode:** `qa-only`
-- **Mode:** `multi-ai`
+- **Mode:** `qa-brigade` (selected by the user; do not re-ask)
 - **QA depth:** {selected depth}
 - **Design doc reference:** {path under docs/plans}
 - **Report artifact path expectation:** `docs/reports/qa/YYYY-MM-DD-qa-[target].md`
 - **Consensus domain:** `qa`
 - **Connection / Boundary Checks:** API/consumer data shape, route/link mapping, state transition completeness, command/result consistency, and E2E artifact interpretation when E2E ran
-- **Research notes:** {what the host-led investigation should look for — spec-to-code gaps, boundary mismatches, regressions, integration risk, edge/error states, test adequacy, safety hygiene}
-- **Research assignments:** {optional participant/lens rows for `research_assignments`, or "team-lead choose"}
+- **Research notes:** {what the host-owned evidence pass should look for — spec-to-code gaps, boundary mismatches, regressions, integration risk, edge/error states, test adequacy, safety hygiene}
+- **Cross-check assignments:** {optional provider/lens rows for the short consensus round, or "team-lead choose"}
 - **Target workspace root:** {absolute project folder if supplied or implied; pass as `workspace_base_dir`}
 - **Locale:** {from setup_status}
 - **Original user request:** {preserve verbatim}
 
-Team-lead calls `agent_research_consensus_start` with `domain: "qa"`, the QA `objective`, `participants`, optional `research_assignments`, optional `provider_order`, bounded `max_rounds`, and output document flags. Team-lead must inspect `aggregation_record.json`, `open_debate_items.json`, `round_packet.{round}.{provider}.json`, the aggregation document, and the leader-authored final decision document under `docs/agestra/`. Do not create a bundled research pseudo-participant, and do not carry research bundles through `source_documents`.
+Team-lead runs the host-owned QA evidence pass, prepares `initial_aggregation.items` from concrete evidence, and calls `agent_consensus_start` with metadata for `domain: "qa"`, exact provider participants, `participant_routes` for any host-native `agestra-debate` participant, `max_rounds: 1` for Standard QA, and a bounded participant timeout. Team-lead must poll `agent_debate_status` and `run_observable_events` when a locator is available, then surface concise progress at least every 30-60 seconds while provider work is running. When the status reports pending host turns, team-lead dispatches the native `agestra-debate` agent and submits the JSON with `agent_consensus_submit_turn`. If the current host cannot surface progress from a background team-lead, the caller must poll and relay progress, or choose Host-only QA for the current run.
+
+Do not call `agent_research_consensus_start` for the default QA Brigade path. That tool is reserved for an explicit deep provider-research mode; in that exception, External AI research and debate run in separate fresh sessions, even when the same provider participates in both phases. Default QA Brigade must avoid the extra external research round because QA already has host-owned executable evidence.
 
-### Phase 4: Present
+### Phase 5: Present
 
 Report:
+- QA execution mode
 - QA depth and E2E status
 - QA report path
 - Design document used

package/skills/research.md

@@ -86,6 +86,10 @@ Recommend or confirm one 조사 방식:
 - Host-seeded Research: the active host creates and persists the first seed/source document, then external participants challenge it through `domain: "research"`.
 - Provider-seeded Research: the selected seed provider creates the first seed/evidence artifact, then host/reviewer participants challenge it independently.
 
+This is a cost/latency gate, not a clarifying question. If a host-level
+no-questions directive prevents asking, choose Host-seeded Research and report
+that broader provider investigation was skipped.
+
 If no external providers are available, stop Agestra orchestration and tell the user to run setup or handle the research directly outside Agestra.
 
 For Council Research, first create a table of domain-specific investigation items and AI/worker assignments, then ask the user to approve or modify it.

package/skills/review.md

@@ -72,13 +72,26 @@ Ask tone when useful:
 
 Use `AskUserQuestion` when available, or a plain numbered prompt as fallback. Do not infer review lens/depth/tone when the user has not provided enough signal; explicit defaults such as `Balanced review`, `Standard review`, or `skip tone` are acceptable.
 
-Also ask host-led research inputs before provider fan-out:
-- "Provider-backed review uses host-led research consensus. What should the host-led investigation look for: regression-prone areas, blast radius / downstream callers, prior incidents, dependency / supply-chain concerns, current-information needs, or skip?"
+Also ask selected research inputs before provider fan-out:
+- "Provider-backed review can use Host-led, Council, or Provider-seeded research. What should the selected investigation look for: regression-prone areas, blast radius / downstream callers, prior incidents, dependency / supply-chain concerns, current-information needs, or skip?"
 - "Should any participant or lens receive a specific research assignment, or should team-lead choose the assignment rows?"
 
-### Phase 3: Route execution
+### Phase 3: Choose 조사 방식
 
-This skill is **information-gathering only**. After Phase 2, hand off to the appropriate executor based on environment.
+Before provider fan-out, ask once which investigation topology to use unless the user already specified it:
+
+| Option | Description |
+|--------|-------------|
+| **Host-led Research (Recommended)** | The current host prepares bounded review evidence first; providers challenge and debate the prepared findings. Record internally as `host-seeded`. |
+| **Council Research** | Host and providers independently inspect assigned review lenses before consolidation and debate. |
+| **Provider-seeded Research** | One selected provider creates the first review seed/evidence artifact; host and other providers challenge it. |
+| **Decide automatically** | Use Host-led for scoped reviews, Council for whole-project/deep reviews, and Provider-seeded only when the user named a provider to lead. |
+
+Use `AskUserQuestion` when available, or a plain numbered prompt as fallback. This is a cost/latency gate, not a review clarification. If a host-level no-questions directive prevents asking, choose Host-led Research (`host-seeded`) and report that broader provider investigation was skipped. If Provider-seeded Research is selected and the seed provider is not explicit, record the seed provider as pending; after provider availability is listed, ask which available provider should seed. Do not infer it.
+
+### Phase 4: Route execution
+
+This skill is **information-gathering only**. After Phases 1-3, hand off to the appropriate executor based on environment.
 
 Call `environment_check` and `provider_list`.
 
@@ -86,7 +99,7 @@ Call `environment_check` and `provider_list`.
 Stop Agestra orchestration and tell the user to run `/agestra setup` to enable a provider, or ask the current host to review directly outside Agestra. Do not spawn a host specialist from this skill.
 
 **Provider-backed path — 1+ external providers available (multi-AI):**
-Hand off to the `agestra:agestra-team-lead` agent with multi-AI mode **pre-selected**. Provider-backed review uses the host research consensus flow:
+Hand off to the `agestra:agestra-team-lead` agent with multi-AI mode **pre-selected**. Provider-backed review uses the selected research topology flow:
 
 ```text
 호스트가 조사한다.
@@ -105,7 +118,8 @@ External AI research and debate run in separate fresh sessions, even when the sa
 - **Boundary:** critique/evaluation only; QA and deep security are separate workflows
 - **Report artifact path expectation:** `docs/reports/review/YYYY-MM-DD-review-[target].md`
 - **Consensus domain:** `review`
-- **Research notes:** {what the host-led investigation should look for — regression-prone areas, blast radius, prior incidents, dependency concerns, current-information needs}
+- **Research topology / 조사 방식:** {selected in Phase 3 — `host-seeded`, `council`, `provider-seeded`, or `automatic`}
+- **Research notes:** {what the selected investigation should look for — regression-prone areas, blast radius, prior incidents, dependency concerns, current-information needs}
 - **Research assignments:** {optional participant/lens rows for `research_assignments`, or "team-lead choose"}
 - **Available providers:** {from environment_check, exclude `ollama` unless explicitly requested for lightweight commentary}
 - **Requested providers:** {explicit names captured from the user's wording, e.g. `[codex, gemini]`; otherwise "all available review-capable"}
@@ -115,7 +129,7 @@ External AI research and debate run in separate fresh sessions, even when the sa
 
 Team-lead owns:
 - Building the participant team (host reviewer + external providers)
-- Calling `agent_research_consensus_start` with `domain: "review"`, the review `objective`, `participants`, optional `research_assignments`, optional `provider_order`, bounded `max_rounds`, and output document flags.
+- Resolving the selected research topology, then calling `agent_research_consensus_start` when investigation fan-out is required or `agent_consensus_start` with prepared `initial_aggregation.items` when seed/host evidence is already available.
 - Ensuring external AI research and debate use separate fresh sessions.
 - Never creating a bundled research pseudo-participant and never carrying research bundles through `source_documents`.
 - Inspecting `aggregation_record.json`, `open_debate_items.json`, `round_packet.{round}.{provider}.json`, the aggregation document, and the leader-authored final decision document under `docs/agestra/`.
@@ -128,7 +142,7 @@ Team-lead owns:
 
 Direct execution from this skill bypasses team-lead's task design, capability-based routing with optional trace-assisted signals (`trace_summary`), and consistency enforcement. Always go through team-lead in the provider-backed path.
 
-### Phase 4: Review Verdict
+### Phase 5: Review Verdict
 
 The reviewer returns a review verdict:
 
@@ -140,7 +154,7 @@ The reviewer returns a review verdict:
 
 This is not a QA verdict and not a security certification.
 
-### Phase 5: Present
+### Phase 6: Present
 
 Surface the result to the user in the user's language:
 - Review report path

package/skills/security.md

@@ -41,17 +41,30 @@ Use `AskUserQuestion` when available, or a plain numbered prompt as fallback. Do
 
 Ask separately before any tool-assisted scan that installs tools, contacts package registries, uses network access, or produces large logs. The user must approve the exact tool, command, scope, expected time, privacy/telemetry behavior, and artifact path. If declined, continue manual review and record skipped checks as residual risk.
 
-Also ask host-led research inputs before provider fan-out:
-- "Provider-backed security uses host-led research consensus. What should the host-led investigation look for: secrets / API key surfaces, auth / authz boundaries, file / command execution paths, network exposure, dependency / supply-chain concerns, unsafe defaults, or skip?"
+Also ask selected research inputs before provider fan-out:
+- "Provider-backed security can use Host-led, Council, or Provider-seeded research. What should the selected investigation look for: secrets / API key surfaces, auth / authz boundaries, file / command execution paths, network exposure, dependency / supply-chain concerns, unsafe defaults, or skip?"
 - "Should any participant or lens receive a specific research assignment, or should team-lead choose the assignment rows?"
 
-### Phase 3: Route Execution
+### Phase 3: Choose 조사 방식
+
+Before provider fan-out, ask once which investigation topology to use unless the user already specified it:
+
+| Option | Description |
+|--------|-------------|
+| **Host-led Research (Recommended)** | The current host prepares bounded security evidence first; providers challenge and debate the prepared findings. Record internally as `host-seeded`. |
+| **Council Research** | Host and providers independently inspect assigned security surfaces before consolidation and debate. |
+| **Provider-seeded Research** | One selected provider creates the first security seed/evidence artifact; host and other providers challenge it. |
+| **Decide automatically** | Use Host-led for bounded audits, Council for broad/full security reviews, and Provider-seeded only when the user named a provider to lead. |
+
+Use `AskUserQuestion` when available, or a plain numbered prompt as fallback. This is a cost/latency gate, not a security clarification. If a host-level no-questions directive prevents asking, choose Host-led Research (`host-seeded`) and report that broader provider investigation was skipped. If Provider-seeded Research is selected and the seed provider is not explicit, record the seed provider as pending; after provider availability is listed, ask which available provider should seed. Do not infer it.
+
+### Phase 4: Route Execution
 
 Call `environment_check` and `provider_list`.
 
 If no external providers are available, stop Agestra orchestration and tell the user to run `/agestra setup` to enable a provider, or ask the current host to run a security review directly outside Agestra. Do not spawn a host specialist from this skill.
 
-If external providers are available or named, hand off to `agestra:agestra-team-lead`. Provider-backed security uses the host research consensus flow:
+If external providers are available or named, hand off to `agestra:agestra-team-lead`. Provider-backed security uses the selected research topology flow:
 
 ```text
 호스트가 조사한다.
@@ -70,20 +83,21 @@ External AI research and debate run in separate fresh sessions, even when the sa
 - **Tool permission choices:** approved / declined / not asked, with exact approved commands if any
 - **Report artifact path expectation:** `docs/reports/security/YYYY-MM-DD-security-[target].md`
 - **Consensus domain:** `security`
-- **Research notes:** {what the host-led investigation should look for — secrets/keys, auth/authz boundaries, file/command execution, network exposure, dependency concerns, unsafe defaults}
+- **Research topology / 조사 방식:** {selected in Phase 3 — `host-seeded`, `council`, `provider-seeded`, or `automatic`}
+- **Research notes:** {what the selected investigation should look for — secrets/keys, auth/authz boundaries, file/command execution, network exposure, dependency concerns, unsafe defaults}
 - **Research assignments:** {optional participant/lens rows for `research_assignments`, or "team-lead choose"}
 - **Locale:** {from setup_status}
 - **Target workspace root:** {absolute project folder if supplied or implied; pass as `workspace_base_dir`}
 - **Original user request:** {preserve verbatim}
 
 Team-lead owns:
-- Calling `agent_research_consensus_start` with `domain: "security"`, the security `objective`, `participants`, optional `research_assignments`, optional `provider_order`, bounded `max_rounds`, and output document flags.
+- Resolving the selected research topology, then calling `agent_research_consensus_start` when investigation fan-out is required or `agent_consensus_start` with prepared `initial_aggregation.items` when seed/host evidence is already available.
 - Ensuring external AI research and debate use separate fresh sessions.
 - Never creating a bundled research pseudo-participant and never carrying research bundles through `source_documents`.
 - Inspecting `aggregation_record.json`, `open_debate_items.json`, `round_packet.{round}.{provider}.json`, the aggregation document, and the leader-authored final decision document under `docs/agestra/`.
 - The brigade must not run destructive exploit tests and must not install tools or run heavyweight/networked scans without explicit user approval.
 
-### Phase 4: Present
+### Phase 5: Present
 
 Report:
 - Security report path

package/skills/setup.md

@@ -107,6 +107,9 @@ Use the existing config without asking on every session. The user can rerun
 ## Integration with Debate
 
 When user triggers review/idea/design (via hook or command):
-- Skip orchestration-mode selection
-- Go directly to consensus debate mode using the enabled providers
+- Use the existing provider config instead of asking provider setup again
+- Still run the matching domain skill's question sheet, including domain-specific
+  cost gates and `조사 방식` / research topology selection when provider-backed
+  research is possible
+- Route through team-lead for consensus/debate using the enabled providers
 - If only 1 provider is enabled, inform user that debate needs 2+ participants and offer to add Claude as participant