agileflow 3.0.1 → 3.1.0

package/scripts/team-manager.js

@@ -128,16 +128,43 @@ function listTemplates(rootDir) {
   return { ok: true, templates };
 }
 
+/**
+ * Validate template name to prevent path traversal.
+ * Only allows alphanumeric characters, hyphens, and underscores.
+ */
+function validateTemplateName(name) {
+  if (typeof name !== 'string' || name.length === 0 || name.length > 255) {
+    return { valid: false, error: 'Template name must be 1-255 characters' };
+  }
+  if (!/^[a-zA-Z0-9_-]+$/.test(name)) {
+    return { valid: false, error: 'Template name must contain only alphanumeric characters, hyphens, and underscores' };
+  }
+  return { valid: true };
+}
+
 /**
  * Get a specific template by name
  */
 function getTemplate(rootDir, name) {
+  const validation = validateTemplateName(name);
+  if (!validation.valid) {
+    return { ok: false, error: validation.error };
+  }
+
   const teamsDir = getTeamsDir(rootDir);
   if (!teamsDir) {
     return { ok: false, error: 'No teams directory found' };
   }
 
   const filePath = path.join(teamsDir, `${name}.json`);
+
+  // Defense-in-depth: verify resolved path stays within teams directory
+  const resolvedPath = path.resolve(filePath);
+  const resolvedTeamsDir = path.resolve(teamsDir);
+  if (!resolvedPath.startsWith(resolvedTeamsDir + path.sep)) {
+    return { ok: false, error: 'Invalid template path' };
+  }
+
   if (!fs.existsSync(filePath)) {
     return { ok: false, error: `Template "${name}" not found` };
   }
@@ -172,6 +199,62 @@ function buildNativeTeamPayload(template, templateName) {
   };
 }
 
+/**
+ * Build a rich prompt for a teammate from template data.
+ * Used when spawning teammates via the Task tool to give them
+ * full context about their role, quality gates, and project state.
+ *
+ * @param {object} teammate - Teammate entry from template (agent, role, domain, description, instructions)
+ * @param {object} template - Full team template (for quality_gates context)
+ * @returns {string} Formatted prompt string
+ */
+function buildTeammatePrompt(teammate, template) {
+  const parts = [];
+
+  // Role and domain header
+  parts.push(`## Role: ${teammate.role || 'teammate'} (${teammate.domain || 'general'})`);
+  parts.push('');
+
+  // Instructions - prefer explicit instructions, fall back to description, then auto-generate
+  if (teammate.instructions) {
+    parts.push(teammate.instructions);
+  } else if (teammate.description) {
+    parts.push(teammate.description);
+  } else {
+    parts.push(`You are the ${teammate.role || 'teammate'} agent responsible for the ${teammate.domain || 'general'} domain.`);
+  }
+  parts.push('');
+
+  // Quality gate awareness
+  if (template && template.quality_gates) {
+    const gates = template.quality_gates;
+    const requirements = [];
+
+    if (gates.teammate_idle) {
+      if (gates.teammate_idle.tests) requirements.push('tests must pass');
+      if (gates.teammate_idle.lint) requirements.push('linting must pass');
+      if (gates.teammate_idle.types) requirements.push('type checking must pass');
+    }
+    if (gates.task_completed && gates.task_completed.require_validator_approval) {
+      requirements.push('validator approval required');
+    }
+
+    if (requirements.length > 0) {
+      parts.push('## Quality Gates');
+      parts.push(`Before marking work complete: ${requirements.join(', ')}.`);
+      parts.push('');
+    }
+  }
+
+  // Project context pointers
+  parts.push('## Context');
+  parts.push('- Read CLAUDE.md for project conventions');
+  parts.push('- Check `docs/09-agents/status.json` for current work items and team state');
+  parts.push('');
+
+  return parts.join('\n');
+}
+
 /**
  * Start a team from a template.
  * When native Agent Teams is enabled, builds a TeamCreate-compatible payload.
@@ -204,7 +287,7 @@ function startTeam(rootDir, templateName) {
     const sessionStatePath = paths.getSessionStatePath(rootDir);
     const fileLock = getFileLock();
 
-    const updateState = (state) => {
+    const updateState = state => {
       state.active_team = {
         template: templateName,
         mode,
@@ -458,6 +541,8 @@ module.exports = {
   stopTeam,
   getTeamsDir,
   buildNativeTeamPayload,
+  buildTeammatePrompt,
+  validateTemplateName,
 };
 
 // Run CLI if invoked directly

package/scripts/tmux-task-name.sh

@@ -0,0 +1,105 @@
+#!/usr/bin/env bash
+# tmux-task-name.sh - Rename current tmux window based on task/work description
+#
+# Called by Claude Code when starting work on a task (via TaskCreate/TaskUpdate).
+# Reads the task subject from ~/.claude/tasks/ or accepts it as an argument.
+#
+# Usage:
+#   tmux-task-name.sh "Fix auth middleware"          # Rename to task subject
+#   tmux-task-name.sh --scan                         # Auto-detect from task files
+#   tmux-task-name.sh --scan --session <UUID>        # Scan only one session's tasks
+#   tmux-task-name.sh --reset                        # Reset to default "claude-N"
+#
+# The script is best-effort: silently exits if not inside tmux.
+
+set -euo pipefail
+
+# Exit silently if not in tmux
+[ -n "${TMUX:-}" ] || exit 0
+
+MAX_LEN=30
+
+truncate_name() {
+  local name="$1"
+  if [ ${#name} -gt $MAX_LEN ]; then
+    echo "${name:0:$((MAX_LEN - 1))}…"
+  else
+    echo "$name"
+  fi
+}
+
+# Mode: reset to default sequential name
+if [ "${1:-}" = "--reset" ]; then
+  N=$(( $(tmux list-windows -F '#{window_name}' 2>/dev/null | grep -c '^claude') ))
+  [ "$N" -eq 0 ] && N=1
+  tmux rename-window "claude-$N" 2>/dev/null || true
+  exit 0
+fi
+
+# Mode: scan ~/.claude/tasks/ for most recently modified in-progress task
+if [ "${1:-}" = "--scan" ]; then
+  TASKS_BASE="${HOME}/.claude/tasks"
+  [ -d "$TASKS_BASE" ] || exit 0
+
+  # Determine session scope: --session param, pane option, or global scan
+  SESSION_ID=""
+  if [ "${2:-}" = "--session" ] && [ -n "${3:-}" ]; then
+    # Validate session ID is alphanumeric + hyphens only (prevent path traversal)
+    if [[ "$3" =~ ^[a-zA-Z0-9_-]+$ ]]; then
+      SESSION_ID="$3"
+    fi
+  elif [ -n "${TMUX:-}" ]; then
+    SESSION_ID=$(tmux show-options -pqv @claude_session_id 2>/dev/null || true)
+  fi
+
+  BEST_SUBJECT=""
+  BEST_MTIME=0
+
+  if [ -n "$SESSION_ID" ]; then
+    # Scoped scan: only look at this session's tasks
+    SCAN_DIR="$TASKS_BASE/$SESSION_ID"
+    if [ -d "$SCAN_DIR" ]; then
+      for f in "$SCAN_DIR"/*.json; do
+        [ -f "$f" ] || continue
+        status=$(python3 -c "import json,sys; d=json.load(open('$f')); print(d.get('status',''))" 2>/dev/null || echo "")
+        if [ "$status" = "in_progress" ]; then
+          mtime=$(stat -c %Y "$f" 2>/dev/null || stat -f %m "$f" 2>/dev/null || echo "0")
+          if [ "$mtime" -gt "$BEST_MTIME" ]; then
+            BEST_MTIME=$mtime
+            BEST_SUBJECT=$(python3 -c "import json; d=json.load(open('$f')); print(d.get('subject',''))" 2>/dev/null || echo "")
+          fi
+        fi
+      done
+    fi
+  else
+    # Global scan: all sessions (fallback for no session context)
+    for dir in "$TASKS_BASE"/*/; do
+      [ -d "$dir" ] || continue
+      for f in "$dir"*.json; do
+        [ -f "$f" ] || continue
+        status=$(python3 -c "import json,sys; d=json.load(open('$f')); print(d.get('status',''))" 2>/dev/null || echo "")
+        if [ "$status" = "in_progress" ]; then
+          mtime=$(stat -c %Y "$f" 2>/dev/null || stat -f %m "$f" 2>/dev/null || echo "0")
+          if [ "$mtime" -gt "$BEST_MTIME" ]; then
+            BEST_MTIME=$mtime
+            BEST_SUBJECT=$(python3 -c "import json; d=json.load(open('$f')); print(d.get('subject',''))" 2>/dev/null || echo "")
+          fi
+        fi
+      done
+    done
+  fi
+
+  if [ -n "$BEST_SUBJECT" ]; then
+    tmux rename-window "$(truncate_name "$BEST_SUBJECT")" 2>/dev/null || true
+  fi
+  exit 0
+fi
+
+# Mode: direct - rename to provided argument
+if [ -n "${1:-}" ]; then
+  tmux rename-window "$(truncate_name "$1")" 2>/dev/null || true
+  exit 0
+fi
+
+echo "Usage: tmux-task-name.sh <task-subject> | --scan | --reset" >&2
+exit 1

package/scripts/tmux-task-watcher.sh

@@ -0,0 +1,344 @@
+#!/usr/bin/env bash
+# tmux-task-watcher.sh - Auto-rename tmux window based on Claude Code tasks
+#
+# Launched automatically by SessionStart hook. Self-backgrounds immediately.
+# Polls ~/.claude/tasks/<session-id>/ for in-progress tasks every few seconds.
+# Renames the tmux window to match the active task subject.
+#
+# Usage:
+#   tmux-task-watcher.sh           # Start watcher (backgrounds itself)
+#   tmux-task-watcher.sh stop      # Stop watcher for current pane
+#
+# Requirements:
+#   - Must be inside tmux ($TMUX set)
+#   - Node.js available (for JSON parsing)
+#   - Claude Code session active ($CLAUDECODE=1)
+
+set -euo pipefail
+
+# Only run inside tmux
+[ -n "${TMUX:-}" ] || exit 0
+
+MODE="${1:-start}"
+MAX_LEN=30
+
+# Get current pane ID for per-pane tracking
+PANE_ID=$(tmux display-message -p '#{pane_id}' 2>/dev/null || true)
+[ -n "$PANE_ID" ] || exit 0
+
+# PID file keyed by pane to allow multiple watchers (one per window)
+SAFE_PANE_ID="${PANE_ID//[^a-zA-Z0-9]/_}"
+PID_FILE="/tmp/tmux-task-watcher-${SAFE_PANE_ID}.pid"
+
+# Claim file: marks which pane owns which session to prevent cross-contamination
+CLAIM_DIR="/tmp/tmux-session-claims"
+
+cleanup_claims() {
+  [ -d "$CLAIM_DIR" ] || return 0
+  for cf in "$CLAIM_DIR"/claim-*; do
+    [ -f "$cf" ] || continue
+    local claimer
+    claimer=$(cat "$cf" 2>/dev/null || true)
+    if [ "$claimer" = "$PANE_ID" ]; then
+      rm -f "$cf"
+    fi
+  done
+}
+
+# --- Stop mode ---
+if [ "$MODE" = "stop" ]; then
+  if [ -f "$PID_FILE" ]; then
+    kill "$(cat "$PID_FILE")" 2>/dev/null || true
+    rm "$PID_FILE" 2>/dev/null || true
+  fi
+  cleanup_claims
+  exit 0
+fi
+
+# --- Start mode ---
+if [ "$MODE" = "start" ]; then
+  # Kill any existing watcher for this pane first
+  if [ -f "$PID_FILE" ]; then
+    kill "$(cat "$PID_FILE")" 2>/dev/null || true
+    rm "$PID_FILE" 2>/dev/null || true
+  fi
+
+  # Self-background: parent exits immediately so hook completes fast
+  _WATCHER_BG=1 nohup "$0" "_run" >/dev/null 2>&1 &
+  echo $! > "$PID_FILE"
+  exit 0
+fi
+
+# --- _run mode: skip to background worker below ---
+
+# ============================================================
+# Background watcher logic (runs in forked process)
+# ============================================================
+
+# Disable strict mode for background worker - we handle errors ourselves
+set +eu
+
+# Derive Claude Code project dir from PWD
+CLAUDE_PROJECT_DIR="${HOME}/.claude/projects/$(pwd | sed 's|/|-|g')"
+
+# --- Session claim helpers ---
+mkdir -p "$CLAIM_DIR" 2>/dev/null || true
+
+claim_session() {
+  local sid="$1"
+  echo "$PANE_ID" > "$CLAIM_DIR/claim-${sid}" 2>/dev/null || true
+}
+
+is_claimed_by_other() {
+  local sid="$1"
+  local cf="$CLAIM_DIR/claim-${sid}"
+  [ -f "$cf" ] || return 1  # not claimed
+  local claimer
+  claimer=$(cat "$cf" 2>/dev/null || true)
+  # Empty or unreadable claim file - treat as unclaimed
+  [ -n "$claimer" ] || return 1
+  [ "$claimer" != "$PANE_ID" ] || return 1  # claimed by us = not "other"
+  # Check if claimer pane is still alive
+  if tmux list-panes -a -F '#{pane_id}' 2>/dev/null | grep -qF "$claimer"; then
+    return 0  # claimed by another live pane
+  fi
+  # Claimer is dead - remove stale claim
+  rm -f "$cf"
+  return 1
+}
+
+# Find Claude PID running inside this tmux pane
+find_claude_pid() {
+  local pane_pid
+  pane_pid=$(tmux display-message -p -t "$PANE_ID" '#{pane_pid}' 2>/dev/null || true)
+  [ -n "$pane_pid" ] || return 1
+
+  # Walk descendants of the pane shell looking for claude/claude-code process
+  # Process tree: pane_shell -> (possibly bash/claude-smart.sh) -> claude
+  local candidates
+  candidates=$(ps -eo pid,ppid,comm 2>/dev/null | awk -v root="$pane_pid" '
+    BEGIN { pids[root]=1 }
+    { child=$1; parent=$2; comm=$3; children[parent]=children[parent] " " child; comms[child]=comm }
+    END {
+      # BFS through process tree
+      queue[1]=root; qi=1; qn=1
+      while (qi <= qn) {
+        p = queue[qi++]
+        n = split(children[p], kids, " ")
+        for (i=1; i<=n; i++) {
+          if (kids[i] != "") {
+            qn++; queue[qn] = kids[i]
+            pids[kids[i]] = 1
+          }
+        }
+      }
+      for (p in pids) {
+        c = comms[p]
+        if (c == "claude" || c == "claude-code" || c ~ /^node.*claude/) {
+          print p
+        }
+      }
+    }
+  ' || true)
+
+  # Return the first match
+  echo "$candidates" | head -n1 | tr -d '[:space:]'
+}
+
+# Get process start time (epoch seconds) from /proc
+get_pid_start_time() {
+  local pid="$1"
+  # /proc/<pid>/stat field 22 is starttime in clock ticks since boot
+  # Simpler: use stat on /proc/<pid> - ctime ≈ process creation
+  if [ -d "/proc/$pid" ]; then
+    stat -c '%Z' "/proc/$pid" 2>/dev/null && return
+  fi
+  # Fallback: ps-based start time
+  ps -o lstart= -p "$pid" 2>/dev/null | xargs -I{} date -d '{}' +%s 2>/dev/null || echo "0"
+}
+
+# --- 3-tier session finder ---
+# Tier 1: Check tmux pane option (set by previous run or claude-smart.sh)
+# Tier 2: Correlate Claude PID start time with JSONL birth time
+# Tier 3: Newest unclaimed JSONL as fallback
+find_session_id() {
+  [ -d "$CLAUDE_PROJECT_DIR" ] || return 1
+
+  # -- Tier 1: Cached pane option --
+  local cached_id
+  cached_id=$(tmux show-options -pqv @claude_session_id 2>/dev/null || true)
+  if [ -n "$cached_id" ]; then
+    local cached_dir="${HOME}/.claude/tasks/${cached_id}"
+    if [ -d "$cached_dir" ] || [ -f "$CLAUDE_PROJECT_DIR/${cached_id}.jsonl" ]; then
+      # Verify not claimed by another live pane
+      if ! is_claimed_by_other "$cached_id"; then
+        echo "$cached_id"
+        return 0
+      fi
+    fi
+  fi
+  # Also check @claude_uuid (set by claude-smart.sh)
+  cached_id=$(tmux show-options -pqv @claude_uuid 2>/dev/null || true)
+  if [ -n "$cached_id" ] && [ -f "$CLAUDE_PROJECT_DIR/${cached_id}.jsonl" ]; then
+    if ! is_claimed_by_other "$cached_id"; then
+      echo "$cached_id"
+      return 0
+    fi
+  fi
+
+  # -- Tier 2: PID-to-JSONL time correlation --
+  local claude_pid
+  claude_pid=$(find_claude_pid || true)
+  if [ -n "$claude_pid" ]; then
+    local pid_start
+    pid_start=$(get_pid_start_time "$claude_pid" || echo "0")
+    if [ "$pid_start" -gt 0 ] 2>/dev/null; then
+      local best_file="" best_delta=999999
+      for f in "$CLAUDE_PROJECT_DIR"/*.jsonl; do
+        [ -f "$f" ] || continue
+        local birth
+        birth=$(stat -c '%W' "$f" 2>/dev/null || echo "0")
+        [ "$birth" -gt 0 ] 2>/dev/null || continue
+        # JSONL should be born AFTER the PID started (within 120s window)
+        local delta=$(( birth - pid_start ))
+        if [ "$delta" -ge 0 ] && [ "$delta" -le 120 ] && [ "$delta" -lt "$best_delta" ]; then
+          best_delta=$delta
+          best_file=$f
+        fi
+      done
+      if [ -n "$best_file" ]; then
+        basename "$best_file" .jsonl
+        return 0
+      fi
+    fi
+  fi
+
+  # -- Tier 3: Newest unclaimed JSONL --
+  local best_file="" best_birth=0
+  for f in "$CLAUDE_PROJECT_DIR"/*.jsonl; do
+    [ -f "$f" ] || continue
+    local sid
+    sid=$(basename "$f" .jsonl)
+    # Skip if claimed by another live pane
+    if is_claimed_by_other "$sid"; then
+      continue
+    fi
+    local birth
+    birth=$(stat -c '%W' "$f" 2>/dev/null || echo "0")
+    if [ "$birth" -gt "$best_birth" ] 2>/dev/null; then
+      best_birth=$birth
+      best_file=$f
+    fi
+  done
+  [ -n "$best_file" ] || return 1
+  basename "$best_file" .jsonl
+}
+
+# Wait briefly for session file to be created/updated
+sleep 2
+
+SESSION_ID=$(find_session_id || true)
+if [ -z "$SESSION_ID" ]; then
+  # Retry after a longer wait
+  sleep 5
+  SESSION_ID=$(find_session_id || true)
+fi
+
+# Store session ID and claim it for this pane
+if [ -n "$SESSION_ID" ]; then
+  tmux set-option -p @claude_session_id "$SESSION_ID" 2>/dev/null || true
+  claim_session "$SESSION_ID"
+fi
+
+# Only set TASKS_DIR if we have a valid session (avoid scanning parent dir)
+TASKS_DIR=""
+if [ -n "$SESSION_ID" ]; then
+  TASKS_DIR="${HOME}/.claude/tasks/${SESSION_ID}"
+fi
+LAST_WINDOW_NAME=""
+POLL_INTERVAL=5
+MAX_RUNTIME=$((12 * 3600))  # 12 hours safety limit
+START_TIME=$(date +%s)
+
+# Parse task files and find the most recent in-progress task subject
+get_active_task() {
+  [ -d "$TASKS_DIR" ] || return
+  node -e "
+    const fs = require('fs'), path = require('path');
+    const dir = process.argv[1];
+    let best = { mtime: 0, subject: '' };
+    try {
+      for (const f of fs.readdirSync(dir)) {
+        if (!f.endsWith('.json') || f === '.lock') continue;
+        const fp = path.join(dir, f);
+        const data = JSON.parse(fs.readFileSync(fp, 'utf8'));
+        if (data.status === 'in_progress') {
+          const mt = fs.statSync(fp).mtimeMs;
+          if (mt > best.mtime) {
+            best = { mtime: mt, subject: data.subject || data.activeForm || '' };
+          }
+        }
+      }
+    } catch(e) {}
+    if (best.subject) process.stdout.write(best.subject);
+  " "$TASKS_DIR" 2>/dev/null || true
+}
+
+truncate_name() {
+  local name="$1"
+  if [ ${#name} -gt $MAX_LEN ]; then
+    printf '%s' "${name:0:$((MAX_LEN - 1))}"
+  else
+    printf '%s' "$name"
+  fi
+}
+
+# Main polling loop
+while true; do
+  # Safety timeout
+  NOW=$(date +%s)
+  if [ $((NOW - START_TIME)) -gt $MAX_RUNTIME ]; then
+    break
+  fi
+
+  # Check if our pane is still alive
+  if ! tmux list-panes -a -F '#{pane_id}' 2>/dev/null | grep -qF "$PANE_ID"; then
+    break
+  fi
+
+  # Re-validate that our session hasn't been claimed by another pane
+  if [ -n "$SESSION_ID" ] && is_claimed_by_other "$SESSION_ID"; then
+    SESSION_ID=""
+    TASKS_DIR=""
+  fi
+
+  # If we don't have a session ID yet, retry finding it
+  if [ -z "$SESSION_ID" ]; then
+    SESSION_ID=$(find_session_id || true)
+    if [ -n "$SESSION_ID" ]; then
+      tmux set-option -p @claude_session_id "$SESSION_ID" 2>/dev/null || true
+      claim_session "$SESSION_ID"
+      TASKS_DIR="${HOME}/.claude/tasks/${SESSION_ID}"
+    fi
+  fi
+
+  # Get active task subject (only if we have a valid session)
+  ACTIVE_TASK=""
+  if [ -n "$TASKS_DIR" ]; then
+    ACTIVE_TASK=$(get_active_task 2>/dev/null || true)
+  fi
+
+  if [ -n "$ACTIVE_TASK" ]; then
+    NEW_NAME=$(truncate_name "$ACTIVE_TASK")
+    if [ "$NEW_NAME" != "$LAST_WINDOW_NAME" ]; then
+      tmux rename-window -t "$PANE_ID" "$NEW_NAME" 2>/dev/null || true
+      LAST_WINDOW_NAME="$NEW_NAME"
+    fi
+  fi
+
+  sleep "$POLL_INTERVAL"
+done
+
+# Cleanup
+cleanup_claims
+rm -f "$PID_FILE"

package/src/core/agents/legal-analyzer-a11y.md

@@ -0,0 +1,110 @@
+---
+name: legal-analyzer-a11y
+description: Accessibility compliance analyzer for ADA, Section 508, and WCAG violations that trigger lawsuits
+tools: Read, Glob, Grep
+model: haiku
+team_role: utility
+---
+
+
+# Legal Analyzer: Accessibility Compliance
+
+You are a specialized legal risk analyzer focused on **accessibility violations that trigger ADA and Section 508 lawsuits**. Your job is to find WCAG compliance gaps that create legal liability, not just UX improvements.
+
+---
+
+## Your Focus Areas
+
+1. **Images without alt text**: Missing alt attributes on images (WCAG 1.1.1)
+2. **Forms without labels**: Input fields without associated labels (WCAG 1.3.1)
+3. **Keyboard navigation**: Interactive elements not keyboard-accessible (WCAG 2.1.1)
+4. **Color contrast**: Insufficient contrast ratios in styles (WCAG 1.4.3)
+5. **ARIA attributes**: Missing ARIA on interactive/dynamic elements (WCAG 4.1.2)
+6. **Skip navigation**: No skip-to-content link (WCAG 2.4.1)
+7. **Media accessibility**: Videos/audio without captions or transcripts (WCAG 1.2.1)
+8. **Language declaration**: Missing lang attribute on HTML element (WCAG 3.1.1)
+
+---
+
+## Analysis Process
+
+### Step 1: Read the Target Code
+
+Read the files you're asked to analyze. Focus on:
+- HTML templates and JSX components
+- CSS/style files (color values, contrast)
+- Form components
+- Navigation and layout components
+- Media embedding code
+
+### Step 2: Look for These Patterns
+
+**Pattern 1: Images without alt text**
+```jsx
+// RISK: ADA lawsuit - decorative and content images must have alt
+<img src={product.image} />
+<img src="/hero.jpg" className="banner" />
+```
+
+**Pattern 2: Form inputs without labels**
+```jsx
+// RISK: Screen readers cannot identify form fields
+<input type="text" placeholder="Search..." />
+<input type="email" name="email" />
+// No <label> or aria-label associated
+```
+
+**Pattern 3: Click handlers on non-interactive elements**
+```jsx
+// RISK: Keyboard users cannot activate this element
+<div onClick={handleClick} className="card">
+  {content}
+</div>
+// Missing role="button", tabIndex, onKeyDown
+```
+
+---
+
+## Output Format
+
+For each potential issue found, output:
+
+```markdown
+### FINDING-{N}: {Brief Title}
+
+**Location**: `{file}:{line}`
+**Risk Level**: CRITICAL (lawsuit risk) | HIGH (regulatory fine) | MEDIUM (best practice gap) | LOW (advisory)
+**Confidence**: HIGH | MEDIUM | LOW
+**Legal Basis**: {ADA Title III / Section 508 / WCAG 2.1 Level AA criterion X.X.X / EN 301 549}
+
+**Code**:
+\`\`\`{language}
+{relevant code snippet, 3-7 lines}
+\`\`\`
+
+**Issue**: {Clear explanation of the accessibility violation and legal risk}
+
+**Remediation**:
+- {Specific step to fix the issue}
+- {Additional steps if needed}
+```
+
+---
+
+## Important Rules
+
+1. **Be SPECIFIC**: Include exact file paths, line numbers, and WCAG criterion
+2. **Focus on legal risk**: Prioritize issues that trigger actual lawsuits (images, forms, keyboard access)
+3. **Verify before reporting**: Check if aria-label or sr-only text exists nearby
+4. **Count instances**: Note how many occurrences exist (systemic vs isolated)
+5. **Consider component patterns**: A missing alt in a reusable component affects every usage
+
+---
+
+## What NOT to Report
+
+- Minor UX improvements without legal implications
+- Color preferences or design opinions
+- Performance optimizations
+- Browser compatibility issues
+- Issues where proper accessibility attributes are present