aiwcli 0.10.1 → 0.10.3

package/dist/templates/cc-native/_cc-native/lib/utils.py

@@ -153,13 +153,18 @@ def is_plan_already_reviewed(session_id: str, plan_hash: str) -> bool:
 
 
 def was_plan_previously_denied(session_id: str, plan_hash: str) -> bool:
-    """Check if this plan hash was previously reviewed and denied."""
+    """Check if this plan hash was previously reviewed and denied.
+
+    Matches any deny variant: "deny", "hook_deny_iteration", "hook_deny_final".
+    """
     marker_path = get_review_marker_path(session_id)
     if not marker_path.exists():
         return False
     try:
         data = json.loads(marker_path.read_text(encoding="utf-8"))
-        return data.get("plan_hash") == plan_hash and data.get("decision") == "deny"
+        decision = data.get("decision", "")
+        is_denied = decision == "deny" or decision.startswith("hook_deny")
+        return data.get("plan_hash") == plan_hash and is_denied
     except Exception:
         return False
 
@@ -362,13 +367,15 @@ def compute_review_decision(
     all_verdicts: List[str],
     warn_threshold: float = 0.5,
 ) -> Tuple[bool, str, float]:
-    """Verdict aggregation: only fail triggers a block.
+    """Verdict aggregation: fail veto triggers a block.
 
-    Fail Veto: Any fail -> deny. From safety engineering (ISO 61508) —
-    critical alarms use zero-tolerance.
+    Per-agent high-severity override happens upstream (caller overrides
+    individual agent verdicts to "fail" when they exceed the threshold),
+    so this function only needs fail_veto logic.
 
-    Warns are informational only — the warn_ratio is computed for logging
-    and visibility but does NOT trigger blocking.
+    Priority order:
+    1. Fail Veto: Any fail -> deny (ISO 61508 zero-tolerance).
+    2. Acceptable: warns are informational only.
 
     Error exclusion: Detectors that produce no signal (error/skip) are excluded
     from the denominator. They provide no information about plan quality.
@@ -381,7 +388,7 @@ def compute_review_decision(
         Tuple of (should_deny, reason, score).
         - should_deny: True if the plan should be denied.
         - reason: "fail_veto", "acceptable", or "no_signal".
-        - score: 1.0 for fail_veto, warn_ratio for informational cases, 0.0 for no_signal.
+        - score: 1.0 for deny cases, warn_ratio for informational, 0.0 for no_signal.
     """
     # Exclude non-signal verdicts
     signal_verdicts = [v for v in all_verdicts if v in ("pass", "warn", "fail")]
@@ -389,7 +396,7 @@ def compute_review_decision(
     if not signal_verdicts:
         return False, "no_signal", 0.0
 
-    # Only fail blocks — warns are informational
+    # Fail blocks unconditionally
     fail_count = signal_verdicts.count("fail")
     if fail_count > 0:
         return True, "fail_veto", 1.0
@@ -677,13 +684,17 @@ def extract_top_issues_text(
 ) -> str:
     """Extract top issues as a compact text string for permissionDecisionReason.
 
+    Collects the first matching issue from each reviewer/agent, prefixed with
+    the reviewer name for attribution. This gives breadth across agents rather
+    than depth from a single one.
+
     Args:
         combined: The combined review result.
         max_count: Maximum number of issues to include.
         severity: Severity level to filter for.
 
     Returns:
-        Compact semicolon-separated issue text.
+        Compact semicolon-separated issue text with agent attribution.
     """
     all_reviewers: List[ReviewerResult] = []
     all_reviewers.extend(combined.cli_reviewers.values())
@@ -697,9 +708,8 @@ def extract_top_issues_text(
             if issue.get("severity") == severity:
                 text = issue.get("issue", "").strip()
                 if text:
-                    issues.append(text)
-            if len(issues) >= max_count:
-                break
+                    issues.append(f"[{r.name}] {text}")
+                break  # first high issue per reviewer only
         if len(issues) >= max_count:
             break
 
@@ -708,6 +718,40 @@ def extract_top_issues_text(
     return "; ".join(issues)
 
 
+def build_high_issues_document(combined: CombinedReviewResult) -> str:
+    """Build a markdown document containing ONLY high-severity issues.
+
+    Grouped by reviewer/agent name with issue text and suggested fix.
+    This is the primary signal document for plan revision — high severity
+    only, no noise from medium/low issues.
+    """
+    lines = ["# High-Severity Issues\n"]
+    all_reviewers = list(combined.cli_reviewers.values()) + list(combined.agents.values())
+
+    found_any = False
+    for r in all_reviewers:
+        if not r.data:
+            continue
+        high_issues = [i for i in r.data.get("issues", []) if i.get("severity") == "high"]
+        if not high_issues:
+            continue
+        found_any = True
+        lines.append(f"## {r.name} ({r.verdict})\n")
+        for issue in high_issues:
+            cat = issue.get("category", "general")
+            text = issue.get("issue", "").strip()
+            fix = issue.get("suggested_fix", "").strip()
+            lines.append(f"- **[{cat}]** {text}")
+            if fix:
+                lines.append(f"  - Fix: {fix}")
+        lines.append("")  # blank line between agents
+
+    if not found_any:
+        lines.append("No high-severity issues found.\n")
+
+    return "\n".join(lines)
+
+
 def _append_review_details(
     lines: List[str],
     data: Dict[str, Any],

package/dist/templates/cc-native/_cc-native/plan-review.config.json

@@ -25,21 +25,25 @@
     "warnThreshold": 0.01,
     "orchestrator": {
       "enabled": true,
-      "model": "haiku",
-      "timeout": 30
+      "model": "opus",
+      "timeout": 60
     },
     "legacyMode": false,
-    "mandatoryAgents": ["handoff-readiness", "clarity-auditor", "skeptic"],
+    "mandatoryAgents": {
+      "always": ["handoff-readiness", "clarity-auditor", "skeptic"],
+      "medium+": ["documentation-philosophy"]
+    },
     "fallbackByComplexity": {
       "simple": 0,
-      "medium": 5,
-      "high": 9
+      "medium": 12,
+      "high": 6
     },
     "reviewIterations": {
       "simple": 1,
       "medium": 1,
       "high": 2
     },
+    "highIssueThreshold": 2,
     "earlyExitOnAllPass": true,
     "display": {
       "maxIssues": 12,
@@ -49,8 +53,8 @@
   },
   "agentSelection": {
     "simple": { "min": 3, "max": 3 },
-    "medium": { "min": 8, "max": 8 },
-    "high": { "min": 12, "max": 12 },
+    "medium": { "min": 12, "max": 12 },
+    "high": { "min": 6, "max": 6 },
     "fallbackCount": 3
   },
   "agentDefaults": {

package/oclif.manifest.json

@@ -195,7 +195,9 @@
         "<%= config.bin %> <%= command.id %> --template cc-native",
         "<%= config.bin %> <%= command.id %> -t cc-native",
         "<%= config.bin %> <%= command.id %> --dry-run",
-        "<%= config.bin %> <%= command.id %> --force"
+        "<%= config.bin %> <%= command.id %> --force",
+        "<%= config.bin %> <%= command.id %> --output",
+        "<%= config.bin %> <%= command.id %> --output --dry-run"
       ],
       "flags": {
         "debug": {
@@ -233,9 +235,22 @@
           "allowNo": false,
           "type": "boolean"
         },
+        "output": {
+          "char": "o",
+          "description": "Clean runtime output artifacts (temp files, caches, log rotation, archives)",
+          "exclusive": [
+            "template"
+          ],
+          "name": "output",
+          "allowNo": false,
+          "type": "boolean"
+        },
         "template": {
           "char": "t",
           "description": "Clear only a specific template (e.g., cc-native)",
+          "exclusive": [
+            "output"
+          ],
           "name": "template",
           "hasDynamicHelp": false,
           "multiple": false,
@@ -401,5 +416,5 @@
       ]
     }
   },
-  "version": "0.10.1"
+  "version": "0.10.3"
 }

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "aiwcli",
   "description": "AI Workflow CLI - Command-line interface for AI-powered workflows",
-  "version": "0.10.1",
+  "version": "0.10.3",
   "author": "jofu-tofu",
   "bin": {
     "aiw": "./bin/run.js"

package/dist/lib/template-merger.d.ts

@@ -1,47 +0,0 @@
-/**
- * Content folder types that should be recursively merged rather than skipped.
- * These are the canonical folder names used in templates for organizing content.
- */
-export declare const CONTENT_FOLDER_TYPES: readonly ["agents", "commands", "workflows", "tasks"];
-/**
- * Result of merging content folders
- */
-export interface MergeResult {
-    /** Files that were copied */
-    copiedFiles: string[];
-    /** Directories that were created */
-    createdDirs: string[];
-    /** Files that were skipped (already exist) */
-    skippedFiles: string[];
-}
-/**
- * Recursively find folders matching the method name within a directory tree.
- * This finds folders like `.claude/commands/bmad/` when methodName is 'bmad'.
- *
- * @param dir - Directory to search
- * @param methodName - Method name to look for (e.g., 'bmad', 'gsd')
- * @returns Array of paths to matching folders
- */
-export declare function findMethodFolders(dir: string, methodName: string): Promise<string[]>;
-/**
- * Merge template content into an existing IDE folder.
- * Recursively finds folders matching the method name and merges their content.
- *
- * This enables adding new agents, commands, workflows, and tasks from a template
- * even when the IDE folder (e.g., .claude) already exists.
- *
- * @param templateIdePath - Path to the template's IDE folder (e.g., template/.claude)
- * @param targetIdePath - Path to the target's IDE folder (e.g., project/.claude)
- * @param methodName - Method name to look for (e.g., 'bmad', 'gsd')
- * @returns Merge results
- */
-export declare function mergeTemplateContent(templateIdePath: string, targetIdePath: string, methodName: string): Promise<MergeResult>;
-/**
- * Merge content type folders (agents, commands, workflows, tasks) from template to target.
- * This is an alternative approach that looks for specific folder types rather than method names.
- *
- * @param templateIdePath - Path to the template's IDE folder
- * @param targetIdePath - Path to the target's IDE folder
- * @returns Merge results
- */
-export declare function mergeContentTypeFolders(templateIdePath: string, targetIdePath: string): Promise<MergeResult>;

package/dist/lib/template-merger.js

@@ -1,162 +0,0 @@
-import { promises as fs } from 'node:fs';
-import { join } from 'node:path';
-import { pathExists } from './paths.js';
-/**
- * Content folder types that should be recursively merged rather than skipped.
- * These are the canonical folder names used in templates for organizing content.
- */
-export const CONTENT_FOLDER_TYPES = ['agents', 'commands', 'workflows', 'tasks'];
-/**
- * Recursively find folders matching the method name within a directory tree.
- * This finds folders like `.claude/commands/bmad/` when methodName is 'bmad'.
- *
- * @param dir - Directory to search
- * @param methodName - Method name to look for (e.g., 'bmad', 'gsd')
- * @returns Array of paths to matching folders
- */
-export async function findMethodFolders(dir, methodName) {
-    const results = [];
-    async function scan(currentDir) {
-        try {
-            const entries = await fs.readdir(currentDir, { withFileTypes: true });
-            const directories = entries.filter((entry) => entry.isDirectory());
-            // Process all directories in parallel
-            await Promise.all(directories.map(async (entry) => {
-                const entryPath = join(currentDir, entry.name);
-                if (entry.name === methodName) {
-                    results.push(entryPath);
-                }
-                // Recursively scan subdirectories
-                await scan(entryPath);
-            }));
-        }
-        catch {
-            // Ignore errors (permission issues, etc.)
-        }
-    }
-    await scan(dir);
-    return results;
-}
-/**
- * Recursively merge a source directory into a target directory.
- * Only copies files that don't already exist in the target.
- * Creates directories as needed.
- *
- * @param srcDir - Source directory to copy from
- * @param destDir - Destination directory to copy to
- * @param result - Accumulator for merge results
- */
-async function mergeDirectory(srcDir, destDir, result) {
-    // Create destination directory if it doesn't exist
-    if (!(await pathExists(destDir))) {
-        await fs.mkdir(destDir, { recursive: true });
-        result.createdDirs.push(destDir);
-    }
-    const entries = await fs.readdir(srcDir, { withFileTypes: true });
-    // Process all entries in parallel
-    await Promise.all(entries.map(async (entry) => {
-        const srcPath = join(srcDir, entry.name);
-        const destPath = join(destDir, entry.name);
-        if (entry.isDirectory()) {
-            // Recursively merge subdirectories
-            await mergeDirectory(srcPath, destPath, result);
-            return;
-        }
-        // Copy file if it doesn't exist
-        const exists = await pathExists(destPath);
-        if (exists) {
-            result.skippedFiles.push(destPath);
-        }
-        else {
-            await fs.copyFile(srcPath, destPath);
-            result.copiedFiles.push(destPath);
-        }
-    }));
-}
-/**
- * Merge template content into an existing IDE folder.
- * Recursively finds folders matching the method name and merges their content.
- *
- * This enables adding new agents, commands, workflows, and tasks from a template
- * even when the IDE folder (e.g., .claude) already exists.
- *
- * @param templateIdePath - Path to the template's IDE folder (e.g., template/.claude)
- * @param targetIdePath - Path to the target's IDE folder (e.g., project/.claude)
- * @param methodName - Method name to look for (e.g., 'bmad', 'gsd')
- * @returns Merge results
- */
-export async function mergeTemplateContent(templateIdePath, targetIdePath, methodName) {
-    const result = {
-        copiedFiles: [],
-        createdDirs: [],
-        skippedFiles: [],
-    };
-    // First, copy root-level files from the template IDE folder (e.g., settings.json)
-    // These are files directly in .claude/ that aren't in method-specific subfolders
-    try {
-        const entries = await fs.readdir(templateIdePath, { withFileTypes: true });
-        const rootFiles = entries.filter((entry) => entry.isFile());
-        await Promise.all(rootFiles.map(async (file) => {
-            const srcPath = join(templateIdePath, file.name);
-            const destPath = join(targetIdePath, file.name);
-            // Only copy if it doesn't exist (skip existing behavior)
-            const exists = await pathExists(destPath);
-            if (exists) {
-                result.skippedFiles.push(destPath);
-            }
-            else {
-                await fs.copyFile(srcPath, destPath);
-                result.copiedFiles.push(destPath);
-            }
-        }));
-    }
-    catch {
-        // Ignore errors (permission issues, missing directory, etc.)
-    }
-    // Find all folders matching the method name in the template
-    const methodFolders = await findMethodFolders(templateIdePath, methodName);
-    // Merge all method folders in parallel
-    await Promise.all(methodFolders.map(async (srcMethodFolder) => {
-        // Calculate the relative path from the template IDE folder
-        const relativePath = srcMethodFolder.slice(templateIdePath.length);
-        const destMethodFolder = join(targetIdePath, relativePath);
-        // Merge this method folder into the target
-        await mergeDirectory(srcMethodFolder, destMethodFolder, result);
-    }));
-    return result;
-}
-/**
- * Merge content type folders (agents, commands, workflows, tasks) from template to target.
- * This is an alternative approach that looks for specific folder types rather than method names.
- *
- * @param templateIdePath - Path to the template's IDE folder
- * @param targetIdePath - Path to the target's IDE folder
- * @returns Merge results
- */
-export async function mergeContentTypeFolders(templateIdePath, targetIdePath) {
-    const result = {
-        copiedFiles: [],
-        createdDirs: [],
-        skippedFiles: [],
-    };
-    async function scanAndMerge(srcDir, destDir) {
-        try {
-            const entries = await fs.readdir(srcDir, { withFileTypes: true });
-            const directories = entries.filter((entry) => entry.isDirectory());
-            // Process all directories in parallel
-            await Promise.all(directories.map(async (entry) => {
-                const srcPath = join(srcDir, entry.name);
-                const destPath = join(destDir, entry.name);
-                // Check if this is a content type folder
-                const isContentType = CONTENT_FOLDER_TYPES.includes(entry.name);
-                // Merge content folders, recursively scan other directories
-                await (isContentType ? mergeDirectory(srcPath, destPath, result) : scanAndMerge(srcPath, destPath));
-            }));
-        }
-        catch {
-            // Ignore errors
-        }
-    }
-    await scanAndMerge(templateIdePath, targetIdePath);
-    return result;
-}

package/dist/templates/cc-native/_cc-native/agents/ACCESSIBILITY-TESTER.md

@@ -1,79 +0,0 @@
----
-name: accessibility-tester
-description: Expert accessibility tester specializing in WCAG compliance, inclusive design, and universal access. Masters screen reader compatibility, keyboard navigation, and assistive technology integration with focus on creating barrier-free digital experiences.
-model: sonnet
-focus: accessibility compliance and UX concerns
-enabled: false
-categories:
-  - code
-  - design
----
-
-## Role
-
-Senior accessibility tester with expertise in WCAG 2.1/2.2 standards, assistive technologies, and inclusive design principles. Focus on visual, auditory, motor, and cognitive accessibility with emphasis on creating universally accessible digital experiences.
-
-## Compliance Framework
-
-Target: WCAG 2.1 Level AA minimum. Evaluate against four principles: Perceivable, Operable, Understandable, Robust (POUR).
-
-## Testing Focus
-
-### 1. Screen Reader Compatibility
-Content announcement order, interactive element labeling, live region behavior, ARIA roles/states/properties, landmark navigation, and table structure.
-
-### 2. Keyboard Navigation
-Logical tab order, visible focus indicators, skip links, keyboard shortcuts, focus trapping prevention, modal accessibility, and form interaction.
-
-### 3. Visual Accessibility
-Color contrast ratios (4.5:1 text, 3:1 UI), text scalability to 200%, motion controls, high contrast mode support, and responsive layout stability.
-
-## Output Format
-
-**Example 1: Screen Reader Issue**
-```
-CRITICAL: Missing accessible name on submit button - components/Form.tsx:45
-- Element: `<button><svg>...</svg></button>`
-- Issue: Screen readers announce "button" with no context
-- Fix: Add aria-label: `<button aria-label="Submit form"><svg>...</svg></button>`
-- WCAG: 4.1.2 Name, Role, Value (Level A)
-```
-
-**Example 2: Keyboard Issue**
-```
-HIGH: Focus trap in modal dialog - components/Modal.tsx:23
-- Issue: Tab key escapes modal to background content
-- Impact: Keyboard users lose context, cannot complete task
-- Fix: Implement focus trap: cycle focus within modal, restore on close
-- WCAG: 2.4.3 Focus Order (Level A)
-```
-
-## Process
-
-1. Run automated accessibility scan (axe, Lighthouse)
-2. Perform keyboard-only navigation test
-3. Test with screen reader (NVDA, VoiceOver, or JAWS)
-4. Verify color contrast and visual requirements
-
-## Communication Protocol
-
-Request accessibility context when starting:
-```json
-{
-  "requesting_agent": "accessibility-tester",
-  "request_type": "get_accessibility_context",
-  "payload": {
-    "query": "Accessibility context needed: application type, compliance requirements, known issues, and platform targets."
-  }
-}
-```
-
-## Assessment Completion
-
-Report findings with WCAG mapping:
-- Specific element and location
-- Clear problem description with user impact
-- Concrete fix with code example
-- WCAG success criterion reference
-
-Prioritize user needs and universal design principles while creating inclusive experiences that work for everyone regardless of ability.

package/dist/templates/cc-native/_cc-native/agents/ARCHITECT-REVIEWER.md

@@ -1,48 +0,0 @@
----
-name: architect-reviewer
-description: Expert architecture reviewer specializing in system design validation, architectural patterns, and technical decision assessment. Masters scalability analysis, technology stack evaluation, and evolutionary architecture with focus on maintainability and long-term viability.
-model: sonnet
-focus: architectural concerns and scalability
-enabled: false
-categories:
-  - code
-  - infrastructure
-  - design
----
-
-# Architect Reviewer - Plan Review Agent
-
-Senior architecture reviewer evaluating system designs, architectural decisions, and technology choices.
-
-## Your Expertise
-
-### 1. Design Patterns & Structure
-Component boundaries, service contracts, dependency management, coupling/cohesion balance, appropriate pattern selection (microservices, event-driven, layered), and domain-driven design alignment.
-
-### 2. Scalability & Performance Architecture
-Horizontal/vertical scaling readiness, data partitioning strategy, caching layers, load distribution, database scaling approach, and performance bottleneck potential.
-
-### 3. Technical Debt & Evolution
-Architecture smells, technology obsolescence risks, complexity metrics, maintenance burden assessment, modernization path clarity, and reversibility of decisions.
-
-## CRITICAL: Single-Turn Review
-
-When reviewing a plan, you MUST:
-1. Analyze the plan content provided directly (do NOT use Read, Write, Edit, Bash, Glob, Grep, or any tools)
-2. Call StructuredOutput IMMEDIATELY with your assessment
-3. Complete your entire review in ONE response
-
-Do NOT:
-- Query context managers or external systems
-- Read files from the codebase
-- Request architecture documentation
-- Ask follow-up questions
-
-## Required Output
-
-Call StructuredOutput with exactly these fields:
-- **verdict**: "pass" (architecturally sound), "warn" (some concerns), or "fail" (critical architectural issues)
-- **summary**: 2-3 sentences explaining your architectural assessment (minimum 20 characters)
-- **issues**: Array of architectural concerns, each with: severity (high/medium/low), category (e.g., "coupling", "scalability", "tech-debt"), issue description, suggested_fix
-- **missing_sections**: Architectural considerations the plan should address but doesn't
-- **questions**: Design decisions that need clarification before implementation

package/dist/templates/cc-native/_cc-native/agents/CODE-REVIEWER.md

@@ -1,70 +0,0 @@
----
-name: code-reviewer
-description: Expert code reviewer specializing in code quality, security vulnerabilities, and best practices across multiple languages. Masters static analysis, design patterns, and performance optimization with focus on maintainability and technical debt reduction.
-model: sonnet
-focus: code quality and security
-enabled: false
-categories:
-  - code
----
-
-## Role
-
-Senior code reviewer with expertise in identifying code quality issues, security vulnerabilities, and optimization opportunities across multiple programming languages. Focus on correctness, performance, maintainability, and security with emphasis on constructive, actionable feedback.
-
-## Review Focus
-
-### 1. Security (Highest Priority)
-Input validation, injection vulnerabilities (SQL, XSS, command), authentication/authorization flaws, sensitive data exposure, cryptographic weaknesses, and dependency vulnerabilities.
-
-### 2. Correctness
-Logic errors, error handling gaps, resource management (leaks, race conditions), edge case coverage, and test quality.
-
-### 3. Maintainability
-SOLID principles compliance, code organization, naming clarity, appropriate abstraction levels, duplication, and documentation completeness.
-
-## Output Format
-
-**Example 1: Security Finding**
-```
-CRITICAL: SQL Injection in user_service.py:47
-- `query = f"SELECT * FROM users WHERE id = {user_id}"` allows injection
-- Fix: Use parameterized queries: `cursor.execute("SELECT * FROM users WHERE id = ?", (user_id,))`
-```
-
-**Example 2: Maintainability Finding**
-```
-MEDIUM: High cyclomatic complexity in process_order() - handlers/orders.py:112
-- Current complexity: 15 (threshold: 10)
-- Suggestion: Extract validation logic into separate functions
-```
-
-## Process
-
-1. Read the code changes thoroughly before commenting
-2. Prioritize security issues, then correctness, then maintainability
-3. Provide specific line references and concrete fix suggestions
-4. Acknowledge good practices alongside issues
-
-## Communication Protocol
-
-Request review context when starting:
-```json
-{
-  "requesting_agent": "code-reviewer",
-  "request_type": "get_review_context",
-  "payload": {
-    "query": "Code review context needed: language, coding standards, security requirements, and review scope."
-  }
-}
-```
-
-## Review Completion
-
-Report findings structured by severity (critical → high → medium → low) with:
-- Specific file and line references
-- Clear problem description
-- Concrete fix suggestion
-- Impact assessment
-
-Prioritize security, correctness, and maintainability while providing constructive feedback that helps improve code quality.