all-for-claudecode 2.4.0 → 2.5.0

package/.claude-plugin/marketplace.json

@@ -6,14 +6,14 @@
   },
   "metadata": {
     "description": "Automated pipeline for Claude Code — spec → plan → implement → review → clean",
-    "version": "2.4.0"
+    "version": "2.5.0"
   },
   "plugins": [
     {
       "name": "afc",
       "source": "./",
       "description": "Automated pipeline for Claude Code. Automates the full development cycle: spec → plan → implement → review → clean.",
-      "version": "2.4.0",
+      "version": "2.5.0",
       "category": "automation",
       "tags": ["pipeline", "automation", "spec", "plan", "implement", "review", "critic-loop"]
     }

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "afc",
-  "version": "2.4.0",
+  "version": "2.5.0",
   "description": "Automated pipeline for Claude Code. Automates the full development cycle: spec → plan → implement → review → clean.",
   "author": { "name": "jhlee0409", "email": "relee6203@gmail.com" },
   "homepage": "https://github.com/jhlee0409/all-for-claudecode",

package/README.md

@@ -6,10 +6,11 @@
 
 **Claude Code plugin that automates the full development cycle — spec → plan → implement → review → clean.**
 
+[![CI](https://github.com/jhlee0409/all-for-claudecode/actions/workflows/ci.yml/badge.svg)](https://github.com/jhlee0409/all-for-claudecode/actions/workflows/ci.yml)
 [![npm version](https://img.shields.io/npm/v/all-for-claudecode)](https://www.npmjs.com/package/all-for-claudecode)
 [![npm downloads](https://img.shields.io/npm/dm/all-for-claudecode)](https://www.npmjs.com/package/all-for-claudecode)
 [![license](https://img.shields.io/github/license/jhlee0409/all-for-claudecode)](./LICENSE)
-[![test](https://img.shields.io/badge/tests-passing-brightgreen)](#how-it-works)
+[![GitHub stars](https://img.shields.io/github/stars/jhlee0409/all-for-claudecode?style=social)](https://github.com/jhlee0409/all-for-claudecode)
 
 > One command (`/afc:auto`) runs the entire cycle. Zero runtime dependencies — pure markdown commands + bash hook scripts.
 

package/agents/afc-impl-worker.md

@@ -9,6 +9,8 @@ tools:
   - Glob
   - Grep
 model: sonnet
+maxTurns: 50
+permissionMode: acceptEdits
 ---
 
 You are a parallel implementation worker for the all-for-claudecode pipeline.

package/agents/afc-pr-analyst.md

@@ -0,0 +1,57 @@
+---
+name: afc-pr-analyst
+description: "PR deep analysis worker — performs build/test/lint verification in an isolated worktree for triage."
+tools:
+  - Read
+  - Bash
+  - Glob
+  - Grep
+model: sonnet
+maxTurns: 15
+---
+
+You are a PR deep-analysis worker for the all-for-claudecode triage pipeline.
+
+## Purpose
+
+You run inside an **isolated worktree** to perform deep analysis that requires checking out the PR branch: building, testing, linting, and architectural impact assessment.
+
+## Workflow
+
+1. **Checkout the PR branch** using `gh pr checkout {number}` (provided in your prompt)
+2. **Detect project tooling**:
+   - Read `.claude/afc.config.md` for CI commands (if present)
+   - Read `CLAUDE.md` for build/test commands
+   - Read `package.json`, `Makefile`, `Cargo.toml`, etc. for standard commands
+3. **Run verification** (skip steps if commands are not available):
+   a. **Build**: run the project build command
+   b. **Lint**: run the project lint command
+   c. **Test**: run the project test command
+4. **Analyze results**:
+   - Parse build/test/lint output for errors and warnings
+   - Identify files with issues
+   - Assess architectural impact (does the PR cross layer boundaries?)
+5. **Return structured report**
+
+## Output Format
+
+```
+BUILD_STATUS: pass|fail|skip
+BUILD_OUTPUT: {first 20 lines of errors if failed, otherwise "clean"}
+TEST_STATUS: pass|fail|skip (N passed, M failed)
+TEST_OUTPUT: {failed test names and first error lines if failed}
+LINT_STATUS: pass|fail|skip
+LINT_OUTPUT: {lint warnings/errors if any}
+ARCHITECTURE_IMPACT: {assessment of cross-cutting changes}
+DEEP_FINDINGS: {key findings from deep analysis, numbered list}
+RECOMMENDATION: merge|request-changes|needs-discussion
+RECOMMENDATION_REASON: {one sentence explanation}
+```
+
+## Rules
+
+- **Read-only intent**: you are analyzing, not fixing. Do not modify code.
+- **Time budget**: keep total execution under 2 minutes. Skip long-running test suites (use `timeout 90s` wrapper).
+- **Error resilience**: if a command fails to run (missing tool, permissions), report `skip` and continue.
+- **No network calls**: do not install dependencies unless the build step explicitly requires it and it completes within the time budget.
+- Follow the project's shell script conventions when running commands.

package/agents/afc-security.md

@@ -8,6 +8,11 @@ tools:
   - Bash
   - Task
   - WebSearch
+disallowedTools:
+  - Write
+  - Edit
+  - MultiEdit
+  - NotebookEdit
 model: sonnet
 memory: project
 isolation: worktree

package/commands/implement.md

@@ -180,11 +180,13 @@ Task("T004: Create AuthService", subagent_type: "afc:afc-impl-worker", isolation
 
 **Failure Recovery** (per-task, not per-batch):
 1. Identify the failed task from the agent's error return
-2. Reset: `TaskUpdate(taskId, status: "pending")`
-3. Track: `TaskUpdate(taskId, metadata: { retryCount: N })`
-4. If retryCount < 3 → re-launch in the next batch round (not immediately — wait for current batch to finish)
-5. If retryCount >= 3 → mark as failed, report: `"T{ID} failed after 3 attempts: {last error}"`
-6. Continue with remaining tasks — a single failure does not block the entire phase
+2. Capture the `agentId` from the failed agent's result (returned in Task tool output)
+3. Reset: `TaskUpdate(taskId, status: "pending")`
+4. Track: `TaskUpdate(taskId, metadata: { retryCount: N, lastAgentId: agentId })`
+5. If retryCount < 3 → re-launch with `resume: lastAgentId` in the next batch round. The resumed agent retains full context from the previous attempt (what it tried, what failed, partial progress), enabling more targeted retry instead of starting from scratch.
+   - **Worktree caveat**: if the failed worker made no file changes, its worktree is auto-cleaned and `resume` will fail. In this case, fall back to a fresh launch (omit `resume`) for the retry.
+6. If retryCount >= 3 → mark as failed, report: `"T{ID} failed after 3 attempts: {last error}"`
+7. Continue with remaining tasks — a single failure does not block the entire phase
 
 #### Swarm Mode (6+ [P] tasks)
 
@@ -247,11 +249,13 @@ Task("Worker 2: T008, T010, T012", subagent_type: "afc:afc-impl-worker", isolati
 When a worker agent returns an error:
 1. Identify which tasks the worker was assigned (from the pre-assigned list)
 2. Check which tasks the worker actually completed (from its result summary)
-3. Reset uncompleted tasks: `TaskUpdate(taskId, status: "pending")`
-4. Track retry count: `TaskUpdate(taskId, metadata: { retryCount: N })`
-5. If retryCount < 3 → reassign to next worker batch
-6. If retryCount >= 3 → mark as failed, report: `"T{ID} failed after 3 attempts: {last error}"`
-7. Continue with remaining tasks
+3. Capture the `agentId` from the failed worker's result
+4. Reset uncompleted tasks: `TaskUpdate(taskId, status: "pending")`
+5. Track retry count: `TaskUpdate(taskId, metadata: { retryCount: N, lastAgentId: agentId })`
+6. If retryCount < 3 → re-launch with `resume: lastAgentId` to preserve context from the previous attempt. The resumed agent retains its full conversation history (files read, changes attempted, errors encountered), enabling targeted retry.
+   - **Worktree caveat**: if the failed worker made no file changes, its worktree is auto-cleaned and `resume` will fail. In this case, fall back to a fresh launch (omit `resume`) for the retry.
+7. If retryCount >= 3 → mark as failed, report: `"T{ID} failed after 3 attempts: {last error}"`
+8. Continue with remaining tasks
 
 > Single task failure does not block the phase. The orchestrator reassigns failed tasks to subsequent batches.
 

package/commands/init.md

@@ -224,22 +224,30 @@ IMPORTANT: For requests matching the afc skill routing table below, always invok
 
 ## Skill Routing
 
-| Intent | Skill | Trigger Keywords |
-|--------|-------|-----------------|
-| Implement/Modify | `afc:implement` | add, modify, refactor, implement |
-| Review | `afc:review` | review, check code, check PR |
-| Debug | `afc:debug` | bug, error, broken, fix |
-| Test | `afc:test` | test, coverage |
-| Design | `afc:plan` | design, plan, how to implement |
-| Validate | `afc:validate` | consistency, validate, validate artifacts |
-| Analyze | `afc:analyze` | analyze, explore, investigate code, root cause |
-| Spec | `afc:spec` | spec, specification |
-| Tasks | `afc:tasks` | break down tasks, decompose |
-| Research | `afc:research` | research, investigate |
-| Ideate | `afc:ideate` | idea, brainstorm, what to build, product brief |
-| Ambiguous | `afc:clarify` | auto-triggered when requirements are unclear |
-| Full auto | `afc:auto` | do it automatically, auto-run |
-| Consult | `afc:consult` | consult, ask expert, advice, which library, what tool, recommend, compare, stack decision, ask backend, ask infra, ask PM, ask design, ask marketing, ask legal, ask security, ask advisor, GDPR, OWASP, SEO, accessibility |
+Classify the user's intent and route to the matching skill. Use semantic understanding — not keyword matching.
+
+| User Intent | Skill | Route When |
+|-------------|-------|------------|
+| Full lifecycle | `afc:auto` | User wants end-to-end feature development, or the request is a non-trivial new feature without an existing plan |
+| Specification | `afc:spec` | User wants to define or write requirements, acceptance criteria, or success conditions |
+| Design/Plan | `afc:plan` | User wants to plan HOW to implement before coding — approach, architecture decisions, design |
+| Implement | `afc:implement` | User wants specific code changes with a clear scope: add feature, refactor, modify. Requires existing plan or precise instructions |
+| Review | `afc:review` | User wants code review, PR review, or quality check on existing/changed code |
+| Debug/Fix | `afc:debug` | User reports a bug, error, or broken behavior and wants diagnosis and fix |
+| Test | `afc:test` | User wants to write tests, improve coverage, or verify behavior |
+| Validate | `afc:validate` | User wants to check consistency or validate existing pipeline artifacts |
+| Analyze | `afc:analyze` | User wants to understand, explore, or audit existing code without modifying it |
+| Research | `afc:research` | User wants deep investigation of external tools, libraries, APIs, or technical concepts |
+| Ideate | `afc:ideate` | User wants to brainstorm ideas, explore possibilities, or draft a product brief |
+| Consult | `afc:consult` | User wants expert advice on a decision: library choice, architecture direction, legal/security/infra guidance |
+| Tasks | `afc:tasks` | User explicitly wants to decompose work into a task breakdown |
+| Ambiguous | `afc:clarify` | User's request is too vague or underspecified to route confidently |
+
+### Routing Rules
+
+1. **Auto vs Implement**: A new feature request without an existing plan routes to `afc:auto`. Only use `afc:implement` when the user has a clear, scoped task or an existing plan/spec.
+2. **Compound intents**: Route to the primary intent. The pipeline handles sequencing internally.
+3. **Design-first**: When scope is non-trivial (multiple files, architectural decisions needed), prefer `afc:auto` or `afc:plan` over direct `afc:implement`.
 
 User-only (not auto-triggered — inform user on request):
 - `afc:launch` — inform user when release artifact generation is requested
@@ -249,6 +257,9 @@ User-only (not auto-triggered — inform user on request):
 - `afc:checkpoint` — inform user when session save is requested
 - `afc:resume` — inform user when session restore is requested
 - `afc:principles` — inform user when project principles management is requested
+- `afc:triage` — inform user when parallel PR/issue triage is requested
+- `afc:pr-comment` — inform user when posting PR review comments to GitHub is requested
+- `afc:release-notes` — inform user when generating release notes from git history is requested
 
 ## Pipeline
 
@@ -257,6 +268,13 @@ spec → plan → implement → review → clean
 ## Override Rules
 
 NEVER use executor, deep-executor, debugger, planner, analyst, verifier, test-engineer, code-reviewer, quality-reviewer, style-reviewer, api-reviewer, security-reviewer, performance-reviewer for tasks that an afc skill covers above. ALWAYS invoke the afc skill instead.
+
+## Source Verification
+
+When analyzing or making claims about external systems, APIs, SDKs, or third-party tools:
+- Verify against official documentation, NOT project-internal docs
+- Do not hardcode reference data when delegating to sub-agents — instruct them to look up primary sources
+- Cross-verify high-severity findings before reporting
 </afc-pipeline>
 <!-- AFC:END -->
 ```

package/commands/pr-comment.md

@@ -0,0 +1,181 @@
+---
+name: afc:pr-comment
+description: "Post PR review comments to GitHub"
+argument-hint: "<PR number> [--severity critical,warning,info]"
+allowed-tools:
+  - Read
+  - Bash
+  - Glob
+  - Grep
+  - Task
+model: sonnet
+---
+
+# /afc:pr-comment — Post PR Review to GitHub
+
+> Analyzes a PR and posts a structured review comment to GitHub.
+> Reuses existing triage reports when available. Asks for user confirmation before posting.
+
+## Arguments
+
+- `$ARGUMENTS` — PR number (required), with optional severity filter
+  - `42` — Analyze and post review for PR #42
+  - `42 --severity critical,warning` — Only include Critical and Warning findings
+  - `42 --severity critical` — Only include Critical findings
+
+Parse the arguments:
+1. Extract the PR number (first numeric argument)
+2. Extract `--severity` filter if present (comma-separated list of: `critical`, `warning`, `info`)
+3. If no PR number is found, ask the user: "Which PR number should I review?"
+
+## Execution Steps
+
+### 1. Collect PR Information
+
+```bash
+gh pr view {number} --json number,title,headRefName,author,body,additions,deletions,changedFiles,labels,reviewDecision,state
+```
+
+```bash
+gh pr diff {number}
+```
+
+Verify the PR exists and is open. If closed/merged, inform the user and ask whether to proceed anyway.
+
+### 2. Check for Existing Triage Report
+
+Look for a recent triage report that covers this PR:
+
+```bash
+ls -t .claude/afc/memory/triage/*.md 2>/dev/null | head -5
+```
+
+If a report exists from today, search it for `PR #{number}` analysis. If found, reuse that analysis as the basis for the review instead of re-analyzing from scratch.
+
+### 3. Analyze PR (if no triage data available)
+
+If no existing triage report covers this PR, perform a focused review of the diff.
+
+Examine the diff from the following perspectives (abbreviated from review.md):
+
+#### A. Code Quality
+- Style compliance, naming conventions, unnecessary complexity
+
+#### B. Architecture
+- Layer violations, boundary crossings, structural concerns
+
+#### C. Security
+- XSS, injection, sensitive data exposure, auth issues
+
+#### D. Performance
+- Latency concerns, unnecessary computation, resource leaks
+
+#### E. Maintainability
+- Function/file size, naming clarity, readability
+
+Classify each finding with a severity:
+- **Critical (C)** — Must fix before merge. Bugs, security vulnerabilities, data loss risks.
+- **Warning (W)** — Should fix. Code quality issues, potential problems, maintainability concerns.
+- **Info (I)** — Nice to have. Suggestions, minor improvements, style preferences.
+
+### 4. Apply Severity Filter
+
+If `--severity` was specified, filter findings to only include the specified severity levels.
+
+Default (no filter): include all severity levels.
+
+### 5. Generate Review Comment
+
+Compose the review comment in this format:
+
+```markdown
+## AFC Code Review — PR #{number}
+
+### Summary
+
+| Severity | Count |
+|----------|-------|
+| Critical | {N} |
+| Warning  | {N} |
+| Info     | {N} |
+
+### Findings
+
+#### C-{N}: {title}
+- **File**: `{path}:{line}`
+- **Issue**: {description}
+- **Suggested fix**: {suggestion}
+
+#### W-{N}: {title}
+{same format}
+
+#### I-{N}: {title}
+{same format}
+
+### Positives
+- {1-2 things done well}
+
+---
+*Reviewed by [all-for-claudecode](https://github.com/anthropics/claude-code)*
+```
+
+If there are zero findings after filtering, the comment should be:
+
+```markdown
+## AFC Code Review — PR #{number}
+
+No issues found. Code looks good!
+
+---
+*Reviewed by [all-for-claudecode](https://github.com/anthropics/claude-code)*
+```
+
+### 6. Preview and Confirm
+
+Display the full review comment to the user in the console.
+
+Then determine the review event type:
+- **Critical findings exist** → `REQUEST_CHANGES`
+- **Only Warning/Info findings** → `COMMENT`
+- **No findings** → `APPROVE`
+
+Tell the user:
+```
+Review event: {APPROVE|COMMENT|REQUEST_CHANGES}
+Findings: Critical {N} / Warning {N} / Info {N}
+```
+
+Ask the user to confirm using AskUserQuestion with these options:
+1. **Post as-is** — Post the review comment to GitHub
+2. **Edit first** — Let me modify the comment before posting (user provides edits, then re-confirm)
+3. **Cancel** — Do not post anything
+
+### 7. Post to GitHub
+
+On approval, write the review comment to a temp file and post via `--body-file` (avoids shell escaping issues with markdown):
+
+```bash
+tmp_file=$(mktemp)
+cat > "$tmp_file" << 'REVIEW_EOF'
+{review comment content}
+REVIEW_EOF
+gh pr review {number} --body-file "$tmp_file" --event {COMMENT|REQUEST_CHANGES|APPROVE}
+rm -f "$tmp_file"
+```
+
+### 8. Final Output
+
+```
+PR review posted
+├─ PR: #{number} ({title})
+├─ Event: {APPROVE|COMMENT|REQUEST_CHANGES}
+├─ Findings: Critical {N} / Warning {N} / Info {N}
+└─ URL: {PR URL from gh pr view}
+```
+
+## Notes
+
+- **User confirmation required**: Never post to GitHub without explicit user approval.
+- **Idempotent**: Running multiple times on the same PR creates additional review comments (GitHub does not deduplicate).
+- **Respects existing reviews**: This command does not dismiss or override other reviewers' reviews.
+- **Rate limits**: Uses a single `gh pr review` call. No rate limit concerns for normal usage.

package/commands/release-notes.md

@@ -0,0 +1,219 @@
+---
+name: afc:release-notes
+description: "Generate user-facing release notes from git history"
+argument-hint: "[v1.0.0..v2.0.0 | v2.0.0 | --post]"
+allowed-tools:
+  - Read
+  - Bash
+  - Glob
+  - Grep
+model: sonnet
+---
+
+# /afc:release-notes — Generate Release Notes
+
+> Rewrites commit/PR history into user-facing release notes and optionally publishes to GitHub Releases.
+> This is a **standalone utility** — not part of the auto pipeline.
+> Does NOT modify local files (CHANGELOG updates are handled by `/afc:launch`).
+
+## Arguments
+
+- `$ARGUMENTS` — (optional) Version range and flags
+  - `v2.3.0..v2.4.0` — specific tag range
+  - `v2.4.0` — from that tag to HEAD
+  - Not specified — auto-detect last tag to HEAD
+  - `--post` — publish to GitHub Releases after preview (can combine with any range)
+
+Parse the arguments:
+1. Extract `--post` flag if present
+2. Parse remaining as version range:
+   - If contains `..`: split into `{from_tag}..{to_tag}`
+   - If single version: use `{version}..HEAD`
+   - If empty: auto-detect with `git describe --tags --abbrev=0`
+
+## Execution Steps
+
+### 1. Determine Range
+
+```bash
+# Auto-detect last tag if no range specified
+git describe --tags --abbrev=0 2>/dev/null
+```
+
+- If a tag is found, set `from_tag` to that tag, `to_tag` to HEAD
+- If no tags exist, inform the user: "No tags found. Include all commits? (y/n)"
+- If a `to_tag` is specified (not HEAD), verify it exists: `git rev-parse --verify {to_tag} 2>/dev/null`
+- Determine the version label for the notes header:
+  - If `to_tag` is a version tag: use it (e.g., `v2.4.0`)
+  - If `to_tag` is HEAD: use "Unreleased" or the `from_tag` bumped (ask user)
+
+### 2. Collect Raw Data
+
+Run these commands to gather change context:
+
+```bash
+# Commit history (no merges)
+git log {from_tag}..{to_tag} --pretty=format:"%H %s" --no-merges
+
+# Merged PRs since the from_tag date
+from_date=$(git log -1 --format=%aI {from_tag})
+gh pr list --state merged --search "merged:>$from_date" --json number,title,author,labels,body --limit 100
+```
+
+If `gh` is not available or the repo has no remote, skip PR collection — proceed with git-only data.
+
+### 3. Detect Breaking Changes
+
+Search commit messages and PR titles for breaking change indicators:
+
+- Patterns: `BREAKING`, `BREAKING CHANGE`, `!:` (conventional commits `feat!:`, `fix!:`)
+- Also check PR labels for: `breaking`, `breaking-change`, `semver-major`
+
+Flag any matches for the Breaking Changes section.
+
+### 4. Categorize and Rewrite
+
+Categorize each commit/PR into one of:
+
+| Category | Conventional Commit Prefixes | Fallback Heuristics |
+|----------|------------------------------|---------------------|
+| Breaking Changes | `!:` suffix, `BREAKING` | Label: `breaking` |
+| New Features | `feat:` | "add", "new", "implement", "support" |
+| Bug Fixes | `fix:` | "fix", "resolve", "correct", "patch" |
+| Other Changes | `chore:`, `docs:`, `ci:`, `refactor:`, `perf:`, `test:`, `style:`, `build:` | Everything else |
+
+**Rewriting rules** — transform each entry from developer-speak to user-facing language:
+
+1. Remove conventional commit prefixes (`feat:`, `fix(scope):`, etc.)
+2. Rewrite in terms of **what the user experiences**, not what the developer changed
+   - Bad: "Refactor ThemeProvider to use context API"
+   - Good: "Improved theme switching reliability"
+   - Bad: "Fix race condition in afc-state.sh"
+   - Good: "Fixed an issue where pipeline state could become corrupted during concurrent execution"
+3. Merge related commits into a single entry when they address the same feature/fix
+4. Include PR number references where available: `(#42)`
+5. For breaking changes, add a brief migration note after the description
+
+### 5. Collect Contributor Info
+
+Build a contributors section:
+
+```bash
+# Get commit authors with their commit counts
+git log {from_tag}..{to_tag} --format="%aN" | sort | uniq -c | sort -rn
+
+# Resolve repo identity for GitHub username lookup
+gh repo view --json owner,name --jq '"\(.owner.login)/\(.name)"'
+
+# Map git authors to GitHub usernames via commit SHAs
+git log {from_tag}..{to_tag} --format="%H" | head -100 | while read sha; do
+  gh api "repos/{owner}/{repo}/commits/$sha" --jq '.author.login // empty' 2>/dev/null
+done | sort -u
+```
+
+For each contributor:
+- Try to resolve GitHub username via the commit SHA lookup above, or from PR author data collected in step 2
+- List their PR numbers if available
+- Fall back to git author name if no GitHub username found
+- If `gh` is not available, skip username resolution entirely — use git author names
+
+### 6. Compose Release Notes
+
+Assemble the final release notes in this format:
+
+```markdown
+# {version}
+
+{2-3 sentence summary: what is the most important thing in this release? Written for end users.}
+
+## Breaking Changes
+
+- {description + migration guide}
+
+## New Features
+
+- {user-facing description} (#{pr_number})
+
+## Bug Fixes
+
+- {user-facing description} (#{pr_number})
+
+## Other Changes
+
+- {description} (#{pr_number})
+
+## Contributors
+
+{contributor list with @mentions and PR numbers}
+```
+
+**Format rules**:
+- Omit empty sections entirely (if no breaking changes, skip that section)
+- Breaking Changes section always comes first when present
+- Each entry is a single bullet point, max 2 sentences
+- Summary paragraph should highlight the top 1-2 changes
+- Contributors section: `@username (#42, #45)` format, or `Name (#42)` if no GitHub username
+
+### 7. Preview Output
+
+Display the complete release notes to the user in the console.
+
+Print a summary:
+```
+Release notes generated
+├─ Version: {version}
+├─ Range: {from_tag}..{to_tag}
+├─ Commits: {N}
+├─ PRs referenced: {N}
+├─ Breaking changes: {count or "none"}
+├─ Contributors: {N}
+└─ --post: {will publish / preview only}
+```
+
+### 8. Publish to GitHub Releases (if --post)
+
+If `--post` flag is present:
+
+1. Determine the tag name:
+   - If `to_tag` is a specific tag: use it
+   - If `to_tag` is HEAD: ask the user what tag to create (suggest next version)
+
+2. Ask user to confirm using AskUserQuestion:
+   - **Post as-is** — Publish the GitHub Release immediately
+   - **Post as draft** — Create as draft release (can review and publish later from GitHub)
+   - **Edit first** — Let me modify the notes before posting
+   - **Cancel** — Do not post
+
+3. On approval, write to a temp file and publish:
+   ```bash
+   tmp_file=$(mktemp)
+   cat > "$tmp_file" << 'NOTES_EOF'
+   {release notes content}
+   NOTES_EOF
+   # Add --draft if user chose "Post as draft"
+   gh release create {tag} --notes-file "$tmp_file" --title "{version}" [--draft]
+   rm -f "$tmp_file"
+   ```
+
+4. Print result:
+   ```
+   GitHub Release published
+   ├─ Tag: {tag}
+   ├─ Title: {version}
+   ├─ Status: {published / draft}
+   └─ URL: {release URL from gh output}
+   ```
+
+If `--post` is not present, print:
+```
+To publish these notes as a GitHub Release, run again with --post flag.
+```
+
+## Notes
+
+- **Read-only by default**: Without `--post`, this command only outputs to console. No files are created or modified.
+- **Complements `/afc:launch`**: Use `launch` for local artifact generation (CHANGELOG, README). Use `release-notes` for GitHub Release publishing.
+- **Conventional Commits aware**: Projects using conventional commits get better categorization. Projects without them still get reasonable results via heuristic matching.
+- **Contributor attribution**: Best effort. GitHub username resolution requires `gh` CLI and repository access.
+- **User confirmation required**: `--post` always asks for explicit approval before publishing to GitHub.
+- **Idempotent**: Running without `--post` is safe to repeat. With `--post`, GitHub Releases for existing tags will fail (GitHub does not allow duplicate release tags).

package/commands/triage.md

@@ -0,0 +1,222 @@
+---
+name: afc:triage
+description: "Parallel triage of open PRs and issues"
+argument-hint: "[scope: --pr, --issue, --all (default), or specific numbers]"
+allowed-tools:
+  - Read
+  - Grep
+  - Glob
+  - Bash
+  - Task
+  - Write
+model: sonnet
+---
+
+# /afc:triage — PR & Issue Triage
+
+> Collects open PRs and issues, analyzes them in parallel, and produces a priority-ranked triage report.
+> Uses lightweight analysis first (no checkout), then selective deep analysis with worktree isolation for PRs that require build/test verification.
+
+## Arguments
+
+- `$ARGUMENTS` — (optional) Triage scope
+  - `--pr` — PRs only
+  - `--issue` — Issues only
+  - `--all` — Both PRs and issues (default)
+  - Specific numbers (e.g., `#42 #43`) — Analyze only those items
+  - `--deep` — Force deep analysis (worktree) for all PRs
+
+## Execution Steps
+
+### 1. Collect Targets
+
+Run the metadata collection script:
+
+```bash
+"${CLAUDE_PLUGIN_ROOT}/scripts/afc-triage.sh" "$ARGUMENTS"
+```
+
+This returns JSON with PR/issue metadata. If the script is not available, fall back to direct `gh` commands:
+
+```bash
+# PRs
+gh pr list --json number,title,headRefName,author,labels,additions,deletions,changedFiles,createdAt,updatedAt,reviewDecision,isDraft --limit 50
+
+# Issues
+gh issue list --json number,title,labels,author,createdAt,updatedAt,comments --limit 50
+```
+
+### 2. Phase 1 — Lightweight Parallel Analysis (no checkout)
+
+For each PR/issue, gather analysis data **without** checking out branches:
+
+#### PR Analysis (parallel — one agent per PR, max 5 concurrent)
+
+Spawn parallel agents in a **single message**:
+
+```
+Task("Triage PR #{number}: {title}", subagent_type: "general-purpose",
+  prompt: "Analyze this PR without checking out the branch.
+
+  PR #{number}: {title}
+  Author: {author}
+  Branch: {headRefName}
+  Changed files: {changedFiles}, +{additions}/-{deletions}
+  Labels: {labels}
+  Review status: {reviewDecision}
+  Draft: {isDraft}
+
+  Steps:
+  1. Run: gh pr diff {number}
+  2. Run: gh pr view {number} --comments
+  3. Analyze the diff for:
+     - What the PR does (1-2 sentence summary)
+     - Risk level: Critical (core logic, auth, data) / Medium (features, UI) / Low (docs, config, tests)
+     - Complexity: High (>10 files or cross-cutting) / Medium (3-10 files) / Low (<3 files)
+     - Whether build/test verification is needed (yes/no + reason)
+     - Potential issues or concerns (max 3)
+     - Suggested reviewers or labels if obvious
+
+  Output as structured text:
+  SUMMARY: ...
+  RISK: Critical|Medium|Low
+  COMPLEXITY: High|Medium|Low
+  NEEDS_DEEP: yes|no
+  DEEP_REASON: ... (if yes)
+  CONCERNS: ...
+  SUGGESTION: ...")
+```
+
+#### Issue Analysis (parallel — one agent per batch of 5 issues)
+
+```
+Task("Triage Issues #{n1}-#{n5}", subagent_type: "general-purpose",
+  prompt: "Analyze these issues:
+  {issue list with titles, labels, comment count}
+
+  For each issue:
+  1. Read issue body and comments: gh issue view {number} --comments
+  2. Classify:
+     - Type: Bug / Feature / Enhancement / Question / Maintenance
+     - Priority: P0 (blocking) / P1 (important) / P2 (nice-to-have) / P3 (backlog)
+     - Estimated effort: Small (< 1 day) / Medium (1-3 days) / Large (3+ days)
+     - Related PRs (if any mentioned)
+  3. One-line summary
+
+  Output as structured text per issue:
+  ISSUE #{number}: {title}
+  TYPE: ...
+  PRIORITY: P0|P1|P2|P3
+  EFFORT: Small|Medium|Large
+  RELATED_PR: #N or none
+  SUMMARY: ...")
+```
+
+### 3. Phase 2 — Selective Deep Analysis (worktree, optional)
+
+From Phase 1 results, identify PRs where `NEEDS_DEEP: yes`.
+
+For each deep-analysis PR, spawn a **worktree-isolated agent**:
+
+```
+Task("Deep triage PR #{number}", subagent_type: "afc:afc-pr-analyst",
+  isolation: "worktree",
+  prompt: "Deep-analyze PR #{number} ({title}).
+
+  Branch: {headRefName}
+  Phase 1 concerns: {concerns from Phase 1}
+
+  Steps:
+  1. Checkout the PR branch: gh pr checkout {number}
+  2. Run project CI/test commands if available (from .claude/afc.config.md or CLAUDE.md)
+  3. Check for type errors, lint issues, test failures
+  4. Analyze architectural impact
+  5. Report findings
+
+  Output:
+  BUILD_STATUS: pass|fail|skip
+  TEST_STATUS: pass|fail|skip (N passed, M failed)
+  LINT_STATUS: pass|fail|skip
+  DEEP_FINDINGS: ...
+  RECOMMENDATION: merge|request-changes|needs-discussion")
+```
+
+**Important**: Launch at most 3 worktree agents concurrently to avoid resource contention.
+
+If `--deep` flag was specified, run Phase 2 for **all** PRs regardless of Phase 1 classification.
+
+### 4. Consolidate Triage Report
+
+Merge Phase 1 and Phase 2 results into a single report:
+
+```markdown
+# Triage Report
+
+> Date: {YYYY-MM-DD}
+> Repository: {owner/repo}
+> Scope: {PRs: N, Issues: M}
+
+## PRs ({count})
+
+### Priority Actions
+
+| # | Title | Risk | Complexity | Status | Action |
+|---|-------|------|------------|--------|--------|
+| {sorted by: Critical first, then by staleness} |
+
+### PR Details
+
+#### PR #{number}: {title}
+- **Author**: {author} | **Branch**: {branch}
+- **Changes**: +{add}/-{del} across {files} files
+- **Risk**: {risk} | **Complexity**: {complexity}
+- **Summary**: {summary}
+- **Concerns**: {concerns or "None"}
+- **Deep analysis**: {findings if Phase 2 ran, otherwise "Skipped"}
+- **Recommendation**: {recommendation}
+
+## Issues ({count})
+
+### By Priority
+
+| Priority | # | Title | Type | Effort | Related PR |
+|----------|---|-------|------|--------|------------|
+| {sorted by priority, then by creation date} |
+
+## Summary
+
+- **Immediate attention**: {list of Critical PRs and P0 issues}
+- **Ready to merge**: {PRs with no concerns and passing checks}
+- **Needs discussion**: {PRs/issues requiring team input}
+- **Stale items**: {PRs/issues with no activity > 14 days}
+```
+
+### 5. Save Report
+
+Save the triage report:
+
+```
+.claude/afc/memory/triage/{YYYY-MM-DD}.md
+```
+
+If a previous triage report exists for today, overwrite it.
+
+### 6. Final Output
+
+```
+Triage complete
+├─ PRs analyzed: {N} (deep: {M})
+├─ Issues analyzed: {N}
+├─ Immediate attention: {count}
+├─ Ready to merge: {count}
+├─ Report: .claude/afc/memory/triage/{date}.md
+└─ Duration: {elapsed}
+```
+
+## Notes
+
+- **Read-only**: Triage does not modify any code, merge PRs, or close issues.
+- **Rate limits**: `gh` API calls are rate-limited. For repos with 50+ open items, consider using `--pr` or `--issue` to reduce scope.
+- **Worktree cleanup**: Worktree agents auto-clean on completion. If a worktree is left behind, use `git worktree prune`.
+- **NEVER use `run_in_background: true` on Phase 1 Task calls**: agents must run in foreground so results are collected before consolidation. Phase 2 worktree agents also run in foreground.
+- **Parallel limits**: Phase 1 — max 5 concurrent agents. Phase 2 — max 3 concurrent worktree agents.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "all-for-claudecode",
-  "version": "2.4.0",
+  "version": "2.5.0",
   "description": "Claude Code plugin that automates the full dev cycle — spec, plan, implement, review, clean.",
   "bin": {
     "all-for-claudecode": "bin/cli.mjs"
@@ -34,7 +34,7 @@
     "url": "https://github.com/jhlee0409/all-for-claudecode/issues"
   },
   "scripts": {
-    "lint": "shellcheck -x --source-path=scripts scripts/*.sh && bash scripts/afc-schema-validate.sh --all && bash scripts/afc-consistency-check.sh",
+    "lint": "shellcheck -x --source-path=scripts --severity=warning scripts/*.sh && bash scripts/afc-schema-validate.sh --all && bash scripts/afc-consistency-check.sh",
     "test": "vendor/shellspec/shellspec",
     "test:all": "npm run lint && npm run test",
     "setup:test": "bash scripts/install-shellspec.sh"

package/scripts/afc-blast-radius.sh

@@ -213,136 +213,58 @@ if [ -s "$HOOKS_REFS" ]; then
   mv "$TMPDIR_WORK/hooks_unique.txt" "$HOOKS_REFS"
 fi
 
-# ── Cycle detection (DFS) ────────────────────────────────
-# Build adjacency: sourced -> sourcer (if sourced changes, sourcer is affected)
-# But for cycles we care about: A sources B, B sources A
-# So we detect cycles in the "sources" graph: edge from sourcer to sourced
+# ── Cycle detection ──────────────────────────────────────
+# Detect cycles using reachability: for each edge A→B, check if B can reach A.
+# Simple and portable — no file-based DFS or md5 hashing needed.
 
 CYCLE_FOUND=0
-NODES_FILE="$TMPDIR_WORK/nodes.txt"
-: > "$NODES_FILE"
 
-# Collect all unique nodes from deps
 if [ -s "$ALL_DEPS" ]; then
-  cut -f1 "$ALL_DEPS" >> "$NODES_FILE"
-  cut -f2 "$ALL_DEPS" >> "$NODES_FILE"
-  sort -u "$NODES_FILE" > "$TMPDIR_WORK/nodes_unique.txt"
-  mv "$TMPDIR_WORK/nodes_unique.txt" "$NODES_FILE"
-fi
-
-NODE_COUNT=$(wc -l < "$NODES_FILE" | tr -d ' ')
-
-if [ "$NODE_COUNT" -gt 0 ]; then
-  COLOR_DIR="$TMPDIR_WORK/colors"
-  mkdir -p "$COLOR_DIR"
-
-  # Initialize all nodes as WHITE (0)
-  while IFS= read -r node || [ -n "$node" ]; do
-    [ -z "$node" ] && continue
-    # Use md5/hash for safe filenames (paths contain /)
-    node_hash=$(printf '%s' "$node" | md5sum 2>/dev/null | cut -d' ' -f1 || printf '%s' "$node" | md5 2>/dev/null || printf '%s' "$node" | tr '/' '_')
-    printf '0' > "$COLOR_DIR/$node_hash"
-    # Map hash back to name
-    printf '%s\t%s\n' "$node_hash" "$node" >> "$TMPDIR_WORK/hash_map.txt"
-  done < "$NODES_FILE"
-
-  # DFS from each white node
-  dfs_visit() {
-    local start_hash="$1"
-    local stack_file="$TMPDIR_WORK/dfs_stack.txt"
-    local path_file="$TMPDIR_WORK/dfs_path.txt"
-    printf '%s\n' "$start_hash" > "$stack_file"
-    : > "$path_file"
-
-    while [ -s "$stack_file" ]; do
-      current_hash="$(tail -1 "$stack_file")"
-
-      color_file="$COLOR_DIR/$current_hash"
-      if [ ! -f "$color_file" ]; then
-        # Remove from stack
-        sed -i '' '$d' "$stack_file" 2>/dev/null || sed -i '$d' "$stack_file"
+  # Check each edge: if A sources B, does B (transitively) source A?
+  while IFS=$'\t' read -r src dst || [ -n "$src" ]; do
+    [ -z "$src" ] || [ -z "$dst" ] && continue
+
+    # BFS from dst to see if we can reach src
+    visited="$TMPDIR_WORK/visited.txt"
+    queue="$TMPDIR_WORK/queue.txt"
+    printf '%s\n' "$dst" > "$queue"
+    : > "$visited"
+
+    while [ -s "$queue" ]; do
+      current=$(head -1 "$queue")
+      # Remove first line from queue
+      tail -n +2 "$queue" > "$TMPDIR_WORK/queue_tmp.txt"
+      mv "$TMPDIR_WORK/queue_tmp.txt" "$queue"
+
+      # Skip if already visited
+      if grep -qxF "$current" "$visited" 2>/dev/null; then
         continue
       fi
+      printf '%s\n' "$current" >> "$visited"
+
+      # Check if we reached src → cycle
+      if [ "$current" = "$src" ]; then
+        CYCLE_FOUND=1
+        # Build cycle path from visited trail
+        cycle_str="CYCLE: ${src} -> ${dst} -> ${src}"
+        printf '%s\n' "$cycle_str" > "$CYCLE_RESULT"
+        break
+      fi
 
-      color="$(cat "$color_file")"
-
-      if [ "$color" = "0" ]; then
-        # Mark GRAY (in progress)
-        printf '1' > "$color_file"
-        printf '%s\n' "$current_hash" >> "$path_file"
-
-        # Get current node name
-        current_name=$(grep -E "^${current_hash}\t" "$TMPDIR_WORK/hash_map.txt" 2>/dev/null | cut -f2 | head -1 || true)
-        [ -z "$current_name" ] && { sed -i '' '$d' "$stack_file" 2>/dev/null || sed -i '$d' "$stack_file"; continue; }
-
-        # Find neighbors (files this script sources)
-        has_neighbor=0
-        while IFS=$'\t' read -r src dst || [ -n "$src" ]; do
-          if [ "$src" = "$current_name" ]; then
-            dst_hash=$(printf '%s' "$dst" | md5sum 2>/dev/null | cut -d' ' -f1 || printf '%s' "$dst" | md5 2>/dev/null || printf '%s' "$dst" | tr '/' '_')
-            dst_color_file="$COLOR_DIR/$dst_hash"
-            [ ! -f "$dst_color_file" ] && continue
-
-            dst_color="$(cat "$dst_color_file")"
-            if [ "$dst_color" = "1" ]; then
-              # Back edge found -> cycle
-              CYCLE_FOUND=1
-              # Reconstruct cycle path
-              dst_name=$(grep -E "^${dst_hash}\t" "$TMPDIR_WORK/hash_map.txt" 2>/dev/null | cut -f2 | head -1 || true)
-              cycle_str="CYCLE:"
-              in_cycle=0
-              while IFS= read -r ph || [ -n "$ph" ]; do
-                if [ "$ph" = "$dst_hash" ]; then
-                  in_cycle=1
-                fi
-                if [ "$in_cycle" -eq 1 ]; then
-                  pname=$(grep -E "^${ph}\t" "$TMPDIR_WORK/hash_map.txt" 2>/dev/null | cut -f2 | head -1 || true)
-                  if [ -n "$pname" ]; then
-                    cycle_str="${cycle_str} ${pname} ->"
-                  fi
-                fi
-              done < "$path_file"
-              cycle_str="${cycle_str} ${dst_name}"
-              printf '%s\n' "$cycle_str" > "$CYCLE_RESULT"
-              return
-            elif [ "$dst_color" = "0" ]; then
-              printf '%s\n' "$dst_hash" >> "$stack_file"
-              has_neighbor=1
-            fi
+      # Enqueue neighbors (files that current sources)
+      while IFS=$'\t' read -r s d || [ -n "$s" ]; do
+        if [ "$s" = "$current" ] && [ -n "$d" ]; then
+          if ! grep -qxF "$d" "$visited" 2>/dev/null; then
+            printf '%s\n' "$d" >> "$queue"
           fi
-        done < "$ALL_DEPS"
-
-        if [ "$has_neighbor" -eq 0 ]; then
-          # Leaf node, mark BLACK
-          printf '2' > "$color_file"
-          sed -i '' '$d' "$stack_file" 2>/dev/null || sed -i '$d' "$stack_file"
-          sed -i '' '$d' "$path_file" 2>/dev/null || sed -i '$d' "$path_file"
         fi
-      elif [ "$color" = "1" ]; then
-        # Returning from recursion, mark BLACK
-        printf '2' > "$color_file"
-        sed -i '' '$d' "$stack_file" 2>/dev/null || sed -i '$d' "$stack_file"
-        sed -i '' '$d' "$path_file" 2>/dev/null || sed -i '$d' "$path_file"
-      else
-        # Already BLACK, skip
-        sed -i '' '$d' "$stack_file" 2>/dev/null || sed -i '$d' "$stack_file"
-      fi
+      done < "$ALL_DEPS"
     done
-  }
-
-  while IFS= read -r node || [ -n "$node" ]; do
-    [ -z "$node" ] && continue
-    node_hash=$(printf '%s' "$node" | md5sum 2>/dev/null | cut -d' ' -f1 || printf '%s' "$node" | md5 2>/dev/null || printf '%s' "$node" | tr '/' '_')
-    color_file="$COLOR_DIR/$node_hash"
-    [ ! -f "$color_file" ] && continue
-    color="$(cat "$color_file")"
-    if [ "$color" = "0" ]; then
-      dfs_visit "$node_hash"
-      if [ "$CYCLE_FOUND" -eq 1 ]; then
-        break
-      fi
+
+    if [ "$CYCLE_FOUND" -eq 1 ]; then
+      break
     fi
-  done < "$NODES_FILE"
+  done < "$ALL_DEPS"
 fi
 
 # ── Generate Report ──────────────────────────────────────

package/scripts/afc-consistency-check.sh

@@ -243,7 +243,7 @@ check_phase_ssot() {
   # Sub-check B: Every command name should map to a valid phase or be a known non-phase command
   # Non-phase commands that are not pipeline phases
   # NOTE: Update this list when adding non-phase commands to commands/
-  local non_phase_cmds="auto|init|doctor|principles|checkpoint|resume|launch|ideate|research|architect|security|debug|analyze|validate|test|consult"
+  local non_phase_cmds="auto|init|doctor|principles|checkpoint|resume|launch|ideate|research|architect|security|debug|analyze|validate|test|consult|triage|pr-comment|release-notes"
   local commands_dir="$PROJECT_DIR/commands"
   if [ -d "$commands_dir" ]; then
     for cmd_file in "$commands_dir"/*.md; do

package/scripts/afc-subagent-context.sh

@@ -32,7 +32,7 @@ FEATURE=$(afc_state_read feature || echo "unknown")
 PHASE=$(afc_state_read phase || echo "unknown")
 
 # 3. Build context string
-CONTEXT="[AFC PIPELINE] Feature: $FEATURE | Phase: $PHASE"
+CONTEXT="[AFC PIPELINE] Feature: $FEATURE | Phase: $PHASE | [AFC] When this task matches an AFC skill (analyze, implement, review, debug, test, plan, spec, research, ideate), use the Skill tool to invoke it. Do not substitute with raw Task agents. When analyzing external systems, verify against official documentation."
 
 # 4. Extract config sections from afc.config.md
 CONFIG_FILE="$PROJECT_DIR/.claude/afc.config.md"

package/scripts/afc-triage.sh

@@ -0,0 +1,131 @@
+#!/bin/bash
+set -euo pipefail
+
+# Triage Metadata Collector: Gathers PR and issue metadata via gh CLI
+#
+# Usage: afc-triage.sh [--pr|--issue|--all|#N #M ...]
+#   --pr     Collect PRs only
+#   --issue  Collect issues only
+#   --all    Collect both (default)
+#   #N #M    Collect specific items by number
+#
+# Output: JSON object with "prs" and "issues" arrays to stdout
+# Exit 0: success
+# Exit 1: gh CLI not available or API error
+
+# shellcheck disable=SC2329
+cleanup() {
+  :
+}
+trap cleanup EXIT
+
+# ── Check prerequisites ──────────────────────────────────
+
+if ! command -v gh >/dev/null 2>&1; then
+  printf '[afc:triage] Error: gh CLI not found. Install from https://cli.github.com/\n' >&2
+  exit 1
+fi
+
+if ! gh auth status >/dev/null 2>&1; then
+  printf '[afc:triage] Error: gh not authenticated. Run: gh auth login\n' >&2
+  exit 1
+fi
+
+# ── Parse arguments ──────────────────────────────────────
+
+MODE="all"
+SPECIFIC_NUMBERS=()
+DEEP_FLAG="false"
+
+for arg in "$@"; do
+  case "$arg" in
+    --pr)    MODE="pr" ;;
+    --issue) MODE="issue" ;;
+    --all)   MODE="all" ;;
+    --deep)  DEEP_FLAG="true" ;;
+    \#*)
+      # Strip leading # and add number
+      num="${arg#\#}"
+      if [[ "$num" =~ ^[0-9]+$ ]]; then
+        SPECIFIC_NUMBERS+=("$num")
+      fi
+      ;;
+    *)
+      # Try as plain number
+      if [[ "$arg" =~ ^[0-9]+$ ]]; then
+        SPECIFIC_NUMBERS+=("$arg")
+      fi
+      ;;
+  esac
+done
+
+# ── Collect metadata ─────────────────────────────────────
+
+PR_JSON="[]"
+ISSUE_JSON="[]"
+
+if [ ${#SPECIFIC_NUMBERS[@]} -gt 0 ]; then
+  # Specific items: try each as PR first, then as issue
+  PR_ITEMS="[]"
+  ISSUE_ITEMS="[]"
+
+  for num in "${SPECIFIC_NUMBERS[@]}"; do
+    # Try as PR
+    pr_data=""
+    pr_data=$(gh pr view "$num" --json number,title,headRefName,author,labels,additions,deletions,changedFiles,createdAt,updatedAt,reviewDecision,isDraft 2>/dev/null || true)
+
+    if [ -n "$pr_data" ]; then
+      if command -v jq >/dev/null 2>&1; then
+        PR_ITEMS=$(printf '%s\n' "$PR_ITEMS" | jq --argjson item "$pr_data" '. + [$item]')
+      else
+        # Fallback: append raw JSON (best effort)
+        PR_ITEMS="$pr_data"
+      fi
+    else
+      # Try as issue
+      issue_data=""
+      issue_data=$(gh issue view "$num" --json number,title,labels,author,createdAt,updatedAt,comments 2>/dev/null || true)
+
+      if [ -n "$issue_data" ]; then
+        if command -v jq >/dev/null 2>&1; then
+          ISSUE_ITEMS=$(printf '%s\n' "$ISSUE_ITEMS" | jq --argjson item "$issue_data" '. + [$item]')
+        else
+          ISSUE_ITEMS="$issue_data"
+        fi
+      else
+        printf '[afc:triage] Warning: #%s not found as PR or issue\n' "$num" >&2
+      fi
+    fi
+  done
+
+  PR_JSON="$PR_ITEMS"
+  ISSUE_JSON="$ISSUE_ITEMS"
+else
+  # Bulk collection by mode
+  if [ "$MODE" = "pr" ] || [ "$MODE" = "all" ]; then
+    PR_JSON=$(gh pr list --json number,title,headRefName,author,labels,additions,deletions,changedFiles,createdAt,updatedAt,reviewDecision,isDraft --limit 50 2>/dev/null || printf '[]')
+  fi
+
+  if [ "$MODE" = "issue" ] || [ "$MODE" = "all" ]; then
+    ISSUE_JSON=$(gh issue list --json number,title,labels,author,createdAt,updatedAt,comments --limit 50 2>/dev/null || printf '[]')
+  fi
+fi
+
+# ── Build output ─────────────────────────────────────────
+
+if command -v jq >/dev/null 2>&1; then
+  jq -n \
+    --argjson prs "$PR_JSON" \
+    --argjson issues "$ISSUE_JSON" \
+    --arg deep "$DEEP_FLAG" \
+    '{prs: $prs, issues: $issues, deep: ($deep == "true"), collectedAt: now | todate}'
+else
+  # Fallback: construct JSON manually
+  printf '{"prs":%s,"issues":%s,"deep":%s,"collectedAt":"%s"}\n' \
+    "$PR_JSON" \
+    "$ISSUE_JSON" \
+    "$DEEP_FLAG" \
+    "$(date -u +%Y-%m-%dT%H:%M:%SZ)"
+fi
+
+exit 0

package/scripts/afc-user-prompt-submit.sh

@@ -1,9 +1,10 @@
 #!/bin/bash
 set -euo pipefail
 
-# UserPromptSubmit Hook: Inject pipeline Phase/Feature context on every prompt
-# Also tracks prompt count and injects drift checkpoint at thresholds
-# Exit 0 immediately if pipeline is inactive (minimize overhead)
+# UserPromptSubmit Hook: Two modes of operation:
+# 1. Pipeline INACTIVE: No action (routing handled by CLAUDE.md intent-based skill table)
+# 2. Pipeline ACTIVE: Inject Phase/Feature context + drift checkpoint at thresholds
+# Exit 0 immediately if no action needed (minimize overhead)
 
 # shellcheck source=afc-state.sh
 . "$(dirname "$0")/afc-state.sh"
@@ -17,11 +18,15 @@ trap cleanup EXIT
 # Consume stdin (required -- pipe breaks if not consumed)
 cat > /dev/null
 
-# Exit silently if pipeline is inactive
+# --- Branch: Pipeline INACTIVE → no action needed ---
+# Routing is handled by CLAUDE.md intent-based skill routing table.
+# The main model classifies user intent natively — no hook-level keyword matching.
 if ! afc_state_is_active; then
   exit 0
 fi
 
+# --- Branch: Pipeline ACTIVE → existing Phase/Feature context ---
+
 # Read Feature/Phase + JSON-safe processing (strip special characters)
 FEATURE="$(afc_state_read feature || echo '')"
 FEATURE="$(printf '%s' "$FEATURE" | tr -d '"' | cut -c1-100)"