azclaude-copilot 0.6.0 → 0.7.0

package/.claude-plugin/marketplace.json

@@ -8,8 +8,8 @@
   "plugins": [
     {
       "name": "azclaude",
-      "description": "AZCLAUDE is a complete AI coding environment for Claude Code. It installs 39 commands, 10 auto-invoked skills, 15 specialized agents, 4 hooks, and a persistent memory system — in one command.\n\nKey features:\n• Memory across sessions — goals.md + checkpoints injected automatically before every session\n• Self-improving loop — /reflect fixes stale CLAUDE.md rules, /reflexes learns from tool-use patterns, /evolve creates agents from git evidence\n• Autonomous copilot mode — /copilot runs a three-tier team (orchestrator → problem-architect → milestone-builder) across sessions until the product ships\n• Spec-driven workflow — /constitute writes project rules, /spec writes structured ACs, /analyze detects plan drift and ghost milestones, /blueprint traces every milestone to a spec\n• Security layer — 111-rule environment scan (/sentinel), pre-write secret blocking, pre-ship credential audit\n• Progressive levels 0–10 — start with CLAUDE.md, grow into multi-agent pipelines and self-evolving environments\n• Zero dependencies — no npm packages, no external APIs, no vector databases. Plain markdown files and Claude Code's native architecture.\n• Smart install — npx azclaude-copilot@latest auto-detects first install vs upgrade vs verify. Context-aware onboarding shows the right next command for your project state.\n\nExample use cases:\n• /setup — scan an existing project, detect stack + domain + scale, fill CLAUDE.md, generate project-specific skills and agents automatically\n• /copilot \"Build a compliance SaaS with trilingual support\" — walk away, come back to working code across multiple sessions\n• /sentinel — run a scored security audit (0–100, grade A–F) across hooks, permissions, MCP servers, agent configs, and secrets\n• /evolve — detect gaps in the environment, generate new skills and agents from git co-change evidence, report score delta (e.g. 42/100 → 68/100)\n• /constitute — write your project's constitution (non-negotiables, architectural commitments, definition of done) — gates all future AI actions\n• /analyze — cross-artifact consistency check: ghost milestones, spec vs. code drift, unplanned commits\n• /reflect — find stale, missing, or contradicting rules in CLAUDE.md and propose exact fixes\n• /debate \"REST vs GraphQL for this project\" — adversarial evidence-based decision with order-independent scoring, logged to decisions.md",
-      "version": "0.6.0",
+      "description": "AZCLAUDE is a complete AI coding environment for Claude Code. It installs 40 commands, 10 auto-invoked skills, 15 specialized agents, 5 hooks, a real-time pipeline visualizer, and a persistent memory system — in one command.\n\nKey features:\n• Memory across sessions — goals.md + checkpoints injected automatically before every session\n• Self-improving loop — /reflect fixes stale CLAUDE.md rules, /reflexes learns from tool-use patterns, /evolve creates agents from git evidence\n• Autonomous copilot mode — /copilot runs a three-tier team (orchestrator → problem-architect → milestone-builder) across sessions until the product ships\n• Spec-driven workflow — /constitute writes project rules, /spec writes structured ACs, /analyze detects plan drift and ghost milestones, /blueprint traces every milestone to a spec\n• Security layer — 111-rule environment scan (/sentinel), pre-write secret blocking, pre-ship credential audit\n• Progressive levels 0–10 — start with CLAUDE.md, grow into multi-agent pipelines and self-evolving environments\n• Zero dependencies — no npm packages, no external APIs, no vector databases. Plain markdown files and Claude Code's native architecture.\n• Smart install — npx azclaude-copilot@latest auto-detects first install vs upgrade vs verify. Context-aware onboarding shows the right next command for your project state.\n\nExample use cases:\n• /setup — scan an existing project, detect stack + domain + scale, fill CLAUDE.md, generate project-specific skills and agents automatically\n• /copilot \"Build a compliance SaaS with trilingual support\" — walk away, come back to working code across multiple sessions\n• /sentinel — run a scored security audit (0–100, grade A–F) across hooks, permissions, MCP servers, agent configs, and secrets\n• /evolve — detect gaps in the environment, generate new skills and agents from git co-change evidence, report score delta (e.g. 42/100 → 68/100)\n• /constitute — write your project's constitution (non-negotiables, architectural commitments, definition of done) — gates all future AI actions\n• /analyze — cross-artifact consistency check: ghost milestones, spec vs. code drift, unplanned commits\n• /reflect — find stale, missing, or contradicting rules in CLAUDE.md and propose exact fixes\n• /debate \"REST vs GraphQL for this project\" — adversarial evidence-based decision with order-independent scoring, logged to decisions.md",
+      "version": "0.7.0",
       "source": {
         "source": "github",
         "repo": "haytamAroui/AZ-CLAUDE-COPILOT",

package/.claude-plugin/plugin.json

@@ -1,7 +1,7 @@
 {
   "name": "azclaude",
-  "version": "0.6.0",
-  "description": "AZCLAUDE is a complete AI coding environment for Claude Code. It installs 39 commands, 10 auto-invoked skills, 15 specialized agents, 4 hooks, and a persistent memory system — in one command.\n\nKey features:\n• Memory across sessions — goals.md + checkpoints injected automatically before every session\n• Self-improving loop — /reflect fixes stale CLAUDE.md rules, /reflexes learns from tool-use patterns, /evolve creates agents from git evidence\n• Autonomous copilot mode — /copilot runs a three-tier team (orchestrator → problem-architect → milestone-builder) across sessions until the product ships\n• Spec-driven workflow — /constitute writes project rules, /spec writes structured ACs, /analyze detects plan drift and ghost milestones, /blueprint traces every milestone to a spec\n• Security layer — 111-rule environment scan (/sentinel), pre-write secret blocking, pre-ship credential audit\n• Progressive levels 0–10 — start with CLAUDE.md, grow into multi-agent pipelines and self-evolving environments\n• Zero dependencies — no npm packages, no external APIs, no vector databases. Plain markdown files and Claude Code's native architecture.\n• Smart install — npx azclaude-copilot@latest auto-detects first install vs upgrade vs verify. Context-aware onboarding shows the right next command for your project state.\n\nExample use cases:\n• /setup — scan an existing project, detect stack + domain + scale, fill CLAUDE.md, generate project-specific skills and agents automatically\n• /copilot \"Build a compliance SaaS with trilingual support\" — walk away, come back to working code across multiple sessions\n• /sentinel — run a scored security audit (0–100, grade A–F) across hooks, permissions, MCP servers, agent configs, and secrets\n• /evolve — detect gaps in the environment, generate new skills and agents from git co-change evidence, report score delta (e.g. 42/100 → 68/100)\n• /constitute — write your project's constitution (non-negotiables, architectural commitments, definition of done) — gates all future AI actions\n• /analyze — cross-artifact consistency check: ghost milestones, spec vs. code drift, unplanned commits\n• /reflect — find stale, missing, or contradicting rules in CLAUDE.md and propose exact fixes\n• /debate \"REST vs GraphQL for this project\" — adversarial evidence-based decision with order-independent scoring, logged to decisions.md",
+  "version": "0.7.0",
+  "description": "AZCLAUDE is a complete AI coding environment for Claude Code. It installs 40 commands, 10 auto-invoked skills, 15 specialized agents, 5 hooks, a real-time pipeline visualizer, and a persistent memory system — in one command.\n\nKey features:\n• Memory across sessions — goals.md + checkpoints injected automatically before every session\n• Self-improving loop — /reflect fixes stale CLAUDE.md rules, /reflexes learns from tool-use patterns, /evolve creates agents from git evidence\n• Autonomous copilot mode — /copilot runs a three-tier team (orchestrator → problem-architect → milestone-builder) across sessions until the product ships\n• Spec-driven workflow — /constitute writes project rules, /spec writes structured ACs, /analyze detects plan drift and ghost milestones, /blueprint traces every milestone to a spec\n• Security layer — 111-rule environment scan (/sentinel), pre-write secret blocking, pre-ship credential audit\n• Progressive levels 0–10 — start with CLAUDE.md, grow into multi-agent pipelines and self-evolving environments\n• Zero dependencies — no npm packages, no external APIs, no vector databases. Plain markdown files and Claude Code's native architecture.\n• Smart install — npx azclaude-copilot@latest auto-detects first install vs upgrade vs verify. Context-aware onboarding shows the right next command for your project state.\n\nExample use cases:\n• /setup — scan an existing project, detect stack + domain + scale, fill CLAUDE.md, generate project-specific skills and agents automatically\n• /copilot \"Build a compliance SaaS with trilingual support\" — walk away, come back to working code across multiple sessions\n• /sentinel — run a scored security audit (0–100, grade A–F) across hooks, permissions, MCP servers, agent configs, and secrets\n• /evolve — detect gaps in the environment, generate new skills and agents from git co-change evidence, report score delta (e.g. 42/100 → 68/100)\n• /constitute — write your project's constitution (non-negotiables, architectural commitments, definition of done) — gates all future AI actions\n• /analyze — cross-artifact consistency check: ghost milestones, spec vs. code drift, unplanned commits\n• /reflect — find stale, missing, or contradicting rules in CLAUDE.md and propose exact fixes\n• /debate \"REST vs GraphQL for this project\" — adversarial evidence-based decision with order-independent scoring, logged to decisions.md",
   "author": {
     "name": "haytamAroui",
     "url": "https://github.com/haytamAroui"

package/README.md

@@ -40,7 +40,7 @@ Repeats the same mistakes.            antipatterns.md prevents known failures.
 Forgets what was decided.             decisions.md logs every architecture choice.
 Loses reasoning mid-session.          /snapshot saves WHY — auto-injected next session.
 Can't work autonomously.              /copilot builds, tests, commits, ships — unattended.
-Agents run serially, one at a time.   Task Classifier + parallel waves run agents simultaneously.
+Agents run serially, one at a time.   DAG dispatch + merge-on-complete runs 6 agents simultaneously.
 ```
 
 One install. Any stack. Zero dependencies.
@@ -110,7 +110,7 @@ npx azclaude-copilot@latest
 
 One command, no flags. Auto-detects whether this is a fresh install or an upgrade:
 
-- **First time** → full install (39 commands, 4 hooks, 15 agents, 10 skills, memory, reflexes). Creates folders, instructions, and hooks — **no manual setup required.**
+- **First time** → full install (40 commands, 5 hooks, 15 agents, 10 skills, memory, reflexes). Creates folders, instructions, and hooks — **no manual setup required.**
 - **Already installed, older version** → auto-upgrades everything to latest templates
 - **Already up to date** → verifies, no overwrites
 
@@ -123,7 +123,7 @@ npx azclaude-copilot@latest doctor   # 32 checks — verify everything is wired
 
 ## What You Get
 
-**39 commands** · **10 auto-invoked skills** · **15 agents** · **4 hooks** · **memory across sessions** · **learned reflexes** · **self-evolving environment**
+**40 commands** · **10 auto-invoked skills** · **15 agents** · **5 hooks** · **memory across sessions** · **learned reflexes** · **self-evolving environment**
 
 ```
 .claude/
@@ -272,7 +272,7 @@ Claude Code
   │   └── stop.js         → Session cleanup, friction logging
   │
   └── Markdown files (capability — Claude reads natively, zero overhead)
-      ├── 39 commands     → Claude reads the .md, follows instructions
+      ├── 40 commands     → Claude reads the .md, follows instructions
       ├── 15 agents       → Claude spawns as subagents with Task tool
       ├── 10 skills       → Auto-invoked when relevant context detected
       ├── 48 capabilities → Lazy-loaded via manifest.md (~100 tokens overhead)
@@ -357,19 +357,19 @@ Never writes code     Never implements
 
 ## Parallel Execution
 
-AZCLAUDE runs multiple Claude Code agents simultaneously — without file corruption or test interference. Each agent works in an isolated git worktree on its own branch.
+AZCLAUDE runs up to 6 Claude Code agents simultaneously using **DAG-based dispatch** — each milestone launches the moment its dependencies are satisfied, not when an entire wave completes. Merge-on-complete means finished agents unblock dependents immediately.
 
 ```
-M1 (schema) → done
-                 ↓
-    ┌────────────┬────────────┬────────────┬──────────────┐
-    M2 (auth)   M3 (profile) M4 (email)   M5 (dashboard)   ← all run simultaneously
-    └────────────┴────────────┴────────────┴──────────────┘
-                 ↓
-              M6 (E2E tests)
+M0 (foundation) → done                          ← auto-detected shared files
+                     ↓
+    ┌────────────┬────────────┬────────────┬────────────┬────────────┬──────────────┐
+    M1 (auth)   M2 (profile) M3 (email)   M4 (tests)  M5 (NIST)   M6 (dashboard)
+    └���────┬──────┴────────────┴─────┬──────┴────────────┴────────────┴──────────────┘
+          ↓                         ↓                    ← merge-on-complete: M1 done → M7 starts
+    M7 (API routes)           M8 (integration)             immediately, doesn't wait for M2-M6
 ```
 
-3 sequential waves instead of 6 sequential milestones. Same output, fraction of the time.
+DAG dispatch instead of sequential waves. Same output, ~50% faster wall clock.
 
 ### Real case — ShopFlow e-commerce sprint
 
@@ -410,13 +410,26 @@ What the classifier caught: M1 and M2 were separate plan milestones but both wro
 
 **On tokens:** You will notice the token counts look large. You would spend the same tokens building this sequentially — the work is identical. What changes is wall-clock time. Sequential execution: each agent waits for the previous one to finish → ~2 hours. Parallel waves: agents run simultaneously → ~15 minutes. Same total tokens. Same output. One-eighth the time.
 
-### Four-layer safety model
+### v0.6.0: What changed in parallel execution
+
+| Before (wave-based) | After (DAG-based) |
+|---------------------|-------------------|
+| Wave 2 waits for ALL of Wave 1 | Each milestone launches when its `Depends:` are satisfied |
+| Max 3 agents at once | Max 6 agents (test-only agents uncapped) |
+| Manual Wave 0 for shared files | Auto-foundation detection extracts shared-file edits |
+| Agents re-read shared files independently | Pre-read injection: shared files read once, injected inline |
+| Agents run full test suite | Scoped tests: each agent runs only its module's tests |
+| Merge after entire wave completes | Merge-on-complete: each branch merges immediately, unblocks dependents |
+| Context loss kills the wave | Wave state file survives compaction, auto-resumes on next session |
+
+### Five-layer safety model
 
 Parallel execution is safe only when agents don't write to the same files. The key insight: **Layer 0 makes conflicts impossible by design** before any safety checking begins.
 
 | Layer | When | What |
 |-------|------|------|
 | **0 — Task Classifier** | `/blueprint`, before milestones exist | Groups coupled work into single milestones. Conflicts become impossible by construction. |
+| **0b — Foundation Detection** | Before dispatch | Auto-detects shared files (models, schemas) → sequential Wave 0 before any parallel agents |
 | **1 — Directory + import check** | `/blueprint`, post-plan | Fast grep: same dirs? shared utility imports? |
 | **2 — problem-architect file scan** | Post-plan, per milestone | Returns exact `Files Written:` paths + `Parallel Safe: YES/NO` |
 | **3 — Orchestrator dispatch gate** | Runtime, final | Overlap check before spawning. Cannot be bypassed. |
@@ -427,12 +440,12 @@ Claude Code's `isolation: "worktree"` in the Task tool is a raw primitive — li
 
 | Without AZCLAUDE | With AZCLAUDE |
 |------------------|---------------|
-| Which tasks to parallelize? | **Task Classifier** — groups coupled work, splits independent work |
-| Is it safe to parallelize? | **Four-layer safety** — classifier + dir check + file scan + dispatch gate |
-| What context does each agent need? | **Problem-Architect** — builds full Team Spec per milestone |
+| Which tasks to parallelize? | **Task Classifier + DAG dispatch** — groups coupled work, launches on dependency satisfaction |
+| Is it safe to parallelize? | **Five-layer safety** — classifier + foundation + dir check + file scan + dispatch gate |
+| What context does each agent need? | **Problem-Architect** — Team Spec + pre-read injection (shared files read once) |
 | What conventions to follow? | **patterns.md / antipatterns.md** — injected automatically |
-| What if one agent fails? | **Blocker recovery + /debate escalation** |
-| What happens when the session ends? | **goals.md + checkpoints + plan.md** — resumes exactly |
+| What if one agent fails? | **Blocker recovery + /debate escalation** (other agents continue) |
+| What happens when the session ends? | **DAG state file + checkpoints** — auto-resumes interrupted waves |
 | How do we improve over time? | **/evolve** — new agents from git evidence every 3 milestones |
 
 **Claude Code is the engine. AZCLAUDE is the transmission, the steering, and the GPS — the system that makes those cylinders produce coordinated forward motion instead of random spinning.**
@@ -624,11 +637,11 @@ AZCLAUDE is a lazy-loaded environment of 48 capability modules. It only loads wh
 
 ## Verified
 
-1836 tests. Every template, command, capability, agent, hook, and CLI feature verified.
+1868 tests. Every template, command, capability, agent, hook, and CLI feature verified.
 
 ```bash
 bash tests/test-features.sh
-# Results: 1836 passed, 0 failed, 1836 total
+# Results: 1868 passed, 0 failed, 1868 total
 ```
 
 ---

package/bin/cli.js

@@ -8,7 +8,7 @@ const { execSync }  = require('child_process');
 
 const TEMPLATE_DIR = path.join(__dirname, '..', 'templates');
 const CORE_COMMANDS     = ['setup', 'fix', 'add', 'audit', 'test', 'blueprint', 'ship', 'pulse', 'explain', 'snapshot', 'persist'];
-const EXTENDED_COMMANDS = ['dream', 'refactor', 'doc', 'loop', 'migrate', 'deps', 'find', 'create', 'reflect', 'hookify', 'sentinel', 'clarify', 'spec', 'analyze', 'constitute', 'tasks', 'issues', 'driven', 'mcp', 'verify', 'inoculate', 'ghost-test'];
+const EXTENDED_COMMANDS = ['dream', 'refactor', 'doc', 'loop', 'migrate', 'deps', 'find', 'create', 'reflect', 'hookify', 'sentinel', 'clarify', 'spec', 'analyze', 'constitute', 'tasks', 'issues', 'driven', 'mcp', 'verify', 'inoculate', 'ghost-test', 'visualize'];
 const ADVANCED_COMMANDS = ['evolve', 'debate', 'level-up', 'copilot', 'reflexes', 'parallel'];
 const COMMANDS          = [...CORE_COMMANDS, ...EXTENDED_COMMANDS, ...ADVANCED_COMMANDS];
 
@@ -118,7 +118,7 @@ function substitutePaths(content, cfg) {
 
 // ─── Hook Scripts ─────────────────────────────────────────────────────────────
 
-const HOOK_SCRIPTS = ['user-prompt.js', 'stop.js', 'post-tool-use.js', 'pre-tool-use.js'];
+const HOOK_SCRIPTS = ['user-prompt.js', 'stop.js', 'post-tool-use.js', 'pre-tool-use.js', 'visualizer-hook.js'];
 
 function copyHookScripts(dstDir) {
   fs.mkdirSync(dstDir, { recursive: true });
@@ -140,11 +140,15 @@ function buildHookEntries(scriptsDir) {
   const stopScript        = path.join(scriptsDir, 'stop.js');
   const postToolUseScript = path.join(scriptsDir, 'post-tool-use.js');
   const preToolUseScript  = path.join(scriptsDir, 'pre-tool-use.js');
+  const vizScript = path.join(scriptsDir, 'visualizer-hook.js');
   return {
     UserPromptSubmit: [{ matcher: '',                           hooks: [{ type: 'command', command: `"${nodeExe}" "${userPromptScript}"` }]  }],
     Stop:             [{ matcher: '',                           hooks: [{ type: 'command', command: `"${nodeExe}" "${stopScript}"` }]         }],
     PreToolUse:       [{ matcher: 'Write|Edit|MultiEdit',      hooks: [{ type: 'command', command: `"${nodeExe}" "${preToolUseScript}"` }]  }],
     PostToolUse:      [{ matcher: 'Write|Edit|Read|Bash|Grep', hooks: [{ type: 'command', command: `"${nodeExe}" "${postToolUseScript}"` }] }],
+    Notification:     [{ matcher: '',                           hooks: [{ type: 'command', command: `"${nodeExe}" "${vizScript}"` }]         }],
+    SubagentStart:    [{ matcher: '',                           hooks: [{ type: 'command', command: `"${nodeExe}" "${vizScript}"` }]         }],
+    SubagentStop:     [{ matcher: '',                           hooks: [{ type: 'command', command: `"${nodeExe}" "${vizScript}"` }]         }],
   };
 }
 
@@ -441,6 +445,23 @@ function installScripts(projectDir, cfg) {
   ok(`Scripts installed/updated (${cfg}/scripts/)`);
 }
 
+// ─── Visualizer (real-time pipeline dashboard) ──────────────────────────────
+
+function installVisualizer(projectDir, cfg) {
+  const src = path.join(TEMPLATE_DIR, 'visualizer');
+  if (!fs.existsSync(src)) return;
+  const dst = path.join(projectDir, cfg, 'visualizer');
+  if (fs.existsSync(dst)) {
+    // Refresh files
+    copyDir(src, dst);
+    info('Visualizer files refreshed');
+    return;
+  }
+  fs.mkdirSync(dst, { recursive: true });
+  copyDir(src, dst);
+  ok(`Visualizer installed (${cfg}/visualizer/) — start with: AZCLAUDE_VISUALIZER=8765 node ${cfg}/visualizer/server.js`);
+}
+
 // ─── Statusline (auto-updating cost/context bar) ─────────────────────────────
 
 function installStatusline(projectDir, cfg) {
@@ -1116,6 +1137,42 @@ function copyDir(src, dst) {
 if (process.argv[2] === 'doctor' && process.argv[3] === '--audit') { runAudit(); process.exit(0); }
 if (process.argv[2] === 'doctor') { runDoctor(); process.exit(0); }
 if (process.argv[2] === 'demo')   { runDemo();   process.exit(0); }
+if (process.argv[2] === 'visualize') {
+  const action = process.argv[3] || 'start';
+  const detectedCli = detectCLI();
+  const vizCfg = detectedCli.cfg;
+  const serverPath = path.join(process.cwd(), vizCfg, 'visualizer', 'server.js');
+  if (!fs.existsSync(serverPath)) {
+    console.error('Visualizer not installed. Run: npx azclaude-copilot');
+    process.exit(1);
+  }
+  if (action === 'stop') {
+    const pidFile = path.join(os.tmpdir(), '.azclaude-visualizer.pid');
+    if (fs.existsSync(pidFile)) {
+      const pid = parseInt(fs.readFileSync(pidFile, 'utf8'), 10);
+      try { process.kill(pid); } catch (_) {}
+      try { fs.unlinkSync(pidFile); } catch (_) {}
+      ok('Visualizer stopped');
+    } else {
+      info('No running visualizer found');
+    }
+  } else {
+    const port = process.argv[4] || '8765';
+    const { spawn } = require('child_process');
+    const child = spawn(process.execPath, [serverPath], {
+      detached: true, stdio: 'ignore',
+      env: Object.assign({}, process.env, { AZCLAUDE_VISUALIZER: port })
+    });
+    child.unref();
+    const pidFile = path.join(os.tmpdir(), '.azclaude-visualizer.pid');
+    fs.writeFileSync(pidFile, String(child.pid));
+    ok(`Visualizer started on port ${port} (PID: ${child.pid})`);
+    info(`Open: http://localhost:${port}`);
+    info(`Set env: AZCLAUDE_VISUALIZER=${port}`);
+  }
+  process.exit(0);
+}
+
 if (process.argv[2] === 'copilot') {
   // Delegate to copilot runner
   const copilotScript = path.join(__dirname, 'copilot.js');
@@ -1182,6 +1239,7 @@ installCapabilities(projectDir, cli.cfg, fullInstall);
 installCommands(projectDir, cli.cfg);
 installSkills(projectDir, cli.cfg);
 installScripts(projectDir, cli.cfg);
+installVisualizer(projectDir, cli.cfg);
 installStatusline(projectDir, cli.cfg);
 installAgents(projectDir, cli.cfg);
 installRulesFile(projectDir, cli.cfg, cli.rulesFile);

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "azclaude-copilot",
-  "version": "0.6.0",
-  "description": "AI coding environment — 39 commands, 10 skills, 15 agents, memory, reflexes, evolution. Install: npx azclaude-copilot@latest, then open Claude Code.",
+  "version": "0.7.0",
+  "description": "AI coding environment — 40 commands, 10 skills, 15 agents, real-time visualizer, memory, reflexes, evolution. Install: npx azclaude-copilot@latest, then open Claude Code.",
   "bin": {
     "azclaude": "bin/cli.js",
     "azclaude-copilot": "bin/copilot.js"

package/templates/commands/visualize.md

@@ -0,0 +1,48 @@
+# /visualize — Real-Time Session Visualizer
+
+Start or stop the AZCLAUDE pipeline-aware visualizer dashboard.
+
+## Quick Start
+
+```bash
+# Start the visualizer server
+AZCLAUDE_VISUALIZER=8765 node .claude/visualizer/server.js &
+
+# Or via CLI
+azclaude-copilot visualize
+
+# Open in browser
+# http://localhost:8765
+```
+
+Set `AZCLAUDE_VISUALIZER=8765` in your environment so hooks send events to the dashboard.
+
+## What You See
+
+**Canvas (left 70%):**
+- Tycho-inspired ambient sunset animation
+- Particle blooms on every tool call (color-coded per tool)
+- Red flash on security blocks, amber on warnings
+- Generative F# pentatonic ambient music (toggle on/off)
+
+**Sidebar (right 30%):**
+- **Pipeline Progress** — 4-stage bar: architect → implement → review → test
+- **Brain Router Intent** — BUILD, FIX, REFACTOR, TEST, PLAN, etc.
+- **Security Events** — blocks and warnings with rule names
+- **Tool Timeline** — smart summaries, live timers, diff stats (+N/-M)
+- **Session Stats** — tool count, total time, session clock
+
+## Stopping
+
+```bash
+azclaude-copilot visualize stop
+# Or just close the terminal running the server
+```
+
+## Configuration
+
+The port is set via the `AZCLAUDE_VISUALIZER` environment variable:
+- `AZCLAUDE_VISUALIZER=8765` — default port
+- `AZCLAUDE_VISUALIZER=9000` — custom port
+
+When the env var is unset, hooks skip the visualizer POST entirely (zero overhead).

package/templates/hooks/post-tool-use.js

@@ -178,12 +178,29 @@ if (HOOK_PROFILE !== 'minimal') {
     if (seq.length > 3) seq = seq.slice(-3);
     try { fs.writeFileSync(seqPath, JSON.stringify(seq)); } catch (_) {}
 
+    const seqStr = seq.join('→');
     const obs = JSON.stringify({
       ts: obsTs, tool, file: safeRel, session: process.ppid || process.pid,
-      event: 'complete', seq: seq.join('→')
+      event: 'complete', seq: seqStr
     });
     fs.appendFileSync(obsPath, obs + '\n');
 
+    // ── Visualizer event (opt-in) ──
+    if (process.env.AZCLAUDE_VISUALIZER) {
+      try {
+        const vPort = parseInt(process.env.AZCLAUDE_VISUALIZER, 10) || 8765;
+        const payload = JSON.stringify({ type: 'tool-complete', tool: tool, file: safeRel, diffStat: diffStat || '', seq: seqStr });
+        const vReq = require('http').request(
+          { hostname: '127.0.0.1', port: vPort, path: '/event', method: 'POST',
+            headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(payload) } },
+          () => {}
+        );
+        vReq.setTimeout(1500, () => vReq.destroy());
+        vReq.on('error', () => {});
+        vReq.end(payload);
+      } catch (_v) {}
+    }
+
     // Auto-truncate: stat-based size check (avoids reading entire file every call)
     try {
       const obsStat = fs.statSync(obsPath);

package/templates/hooks/pre-tool-use.js

@@ -49,6 +49,23 @@ function _logSec(rule, level, target) {
 function _getDedup() { try { return JSON.parse(fs.readFileSync(_dedupPath, 'utf8')); } catch(_) { return {}; } }
 function _saveDedup(d) { try { fs.writeFileSync(_dedupPath, JSON.stringify(d)); } catch(_) {} }
 
+// ── Visualizer relay (opt-in, fire-and-forget) ──
+function _vizPost(payload) {
+  if (!process.env.AZCLAUDE_VISUALIZER) return;
+  try {
+    const vPort = parseInt(process.env.AZCLAUDE_VISUALIZER, 10) || 8765;
+    const data = JSON.stringify(Object.assign({ type: 'security-event' }, payload));
+    const vReq = require('http').request(
+      { hostname: '127.0.0.1', port: vPort, path: '/event', method: 'POST',
+        headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(data) } },
+      () => {}
+    );
+    vReq.setTimeout(1500, () => vReq.destroy());
+    vReq.on('error', () => {});
+    vReq.end(data);
+  } catch (_) {}
+}
+
 // ── Gate: Bash tool — scan shell commands ────────────────────────────────────
 if (toolName === 'Bash' && command) {
   const BASH_RULES = [
@@ -63,12 +80,14 @@ if (toolName === 'Bash' && command) {
     if (!rule.test.test(command)) continue;
     _logSec(rule.id, rule.block ? 'block' : 'warn', command.slice(0, 80));
     if (rule.block) {
+      _vizPost({ level: 'block', rule: rule.id, message: rule.message });
       process.stderr.write(`\n✗ SECURITY BLOCK [${rule.id}]: ${rule.message}\n  Command: ${command.slice(0, 120)}\n\n`);
       process.exit(2);
     }
     const key = `bash:${rule.id}`;
     if (!dedup[key]) {
       dedup[key] = true; _saveDedup(dedup);
+      _vizPost({ level: 'warn', rule: rule.id, message: rule.message });
       process.stderr.write(`\n⚠ SECURITY [${rule.id}]: ${rule.message}\n`);
     }
   }
@@ -321,6 +340,7 @@ for (const rule of RULES) {
   if (rule.block) {
     // Always emit the block message — secrets must never be silently swallowed
     _logSec(rule.id, 'block', displayName);
+    _vizPost({ level: 'block', rule: rule.id, message: rule.message });
     process.stderr.write(
       `\n✗ SECURITY BLOCK: ${rule.message} in ${displayName}.\n` +
       `  Use environment variables instead: process.env.MY_SECRET\n` +
@@ -335,6 +355,7 @@ for (const rule of RULES) {
   dedup[dedupKey] = true;
   saveDedup();
   _logSec(rule.id, 'warn', displayName);
+  _vizPost({ level: 'warn', rule: rule.id, message: rule.message });
 
   process.stderr.write(
     `\n⚠ SECURITY: ${rule.message.split(' — ')[0]} in ${displayName} — ${rule.message.includes(' — ') ? rule.message.split(' — ')[1] : rule.message}\n`

package/templates/hooks/stop.js

@@ -173,6 +173,40 @@ if (fs.existsSync(seclogPath)) {
   } catch (_) {}
 }
 
+// ── Visualizer session-summary event (opt-in) ──
+if (process.env.AZCLAUDE_VISUALIZER) {
+  try {
+    const vPort = parseInt(process.env.AZCLAUDE_VISUALIZER, 10) || 8765;
+    // Gather session data for the dashboard
+    let vizDuration = null, vizBlocks = 0, vizWarnings = 0;
+    const vizStartPath = path.join(os.tmpdir(), `.azclaude-session-start-${process.ppid || process.pid}`);
+    if (fs.existsSync(vizStartPath)) {
+      try {
+        const startMs = new Date(fs.readFileSync(vizStartPath, 'utf8').trim()).getTime();
+        const mins = Math.round((Date.now() - startMs) / 60000);
+        vizDuration = mins > 60 ? Math.floor(mins / 60) + 'h ' + (mins % 60) + 'm' : mins + 'm';
+      } catch (_) {}
+    }
+    if (fs.existsSync(seclogPath)) {
+      try {
+        const secEvents = fs.readFileSync(seclogPath, 'utf8').split('\n').filter(Boolean)
+          .map(l => { try { return JSON.parse(l); } catch (_) { return null; } }).filter(Boolean);
+        vizBlocks = secEvents.filter(e => e.level === 'block').length;
+        vizWarnings = secEvents.filter(e => e.level === 'warn').length;
+      } catch (_) {}
+    }
+    const payload = JSON.stringify({ type: 'session-summary', duration: vizDuration, blocks: vizBlocks, warnings: vizWarnings });
+    const vReq = require('http').request(
+      { hostname: '127.0.0.1', port: vPort, path: '/event', method: 'POST',
+        headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(payload) } },
+      () => {}
+    );
+    vReq.setTimeout(1500, () => vReq.destroy());
+    vReq.on('error', () => {});
+    vReq.end(payload);
+  } catch (_v) {}
+}
+
 // ── Clean ALL session temp files ─────────────────────────────────────────────
 const sid = process.ppid || process.pid;
 const tempPatterns = [

package/templates/hooks/user-prompt.js

@@ -206,6 +206,22 @@ try {
 
       console.log('This pipeline is NON-NEGOTIABLE. Do not skip steps. Do not start coding before Step 1 completes.');
       console.log('--- END PIPELINE ---');
+
+      // ── Visualizer event (opt-in) ──
+      if (process.env.AZCLAUDE_VISUALIZER) {
+        try {
+          const vPort = parseInt(process.env.AZCLAUDE_VISUALIZER, 10) || 8765;
+          const payload = JSON.stringify({ type: 'pipeline-start', intents: intents, tier: tier, tierLabel: tierLabel });
+          const vReq = require('http').request(
+            { hostname: '127.0.0.1', port: vPort, path: '/event', method: 'POST',
+              headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(payload) } },
+            () => {}
+          );
+          vReq.setTimeout(1500, () => vReq.destroy());
+          vReq.on('error', () => {});
+          vReq.end(payload);
+        } catch (_v) {}
+      }
     }
   }
 } catch (_) {}

package/templates/hooks/visualizer-hook.js

@@ -0,0 +1,58 @@
+#!/usr/bin/env node
+'use strict';
+/**
+ * AZCLAUDE — Visualizer event relay hook
+ * Registered for events the other hooks don't cover:
+ *   Notification, SubagentStart, SubagentStop, SessionStart, SessionEnd, PostToolUseFailure
+ * Reads stdin JSON, POSTs to the visualizer server. Fire-and-forget.
+ * Only runs when AZCLAUDE_VISUALIZER env var is set.
+ * 1500ms hard timeout — never blocks Claude Code.
+ */
+
+// Gate: exit immediately if visualizer not enabled
+if (!process.env.AZCLAUDE_VISUALIZER) process.exit(0);
+
+const http = require('http');
+
+const PORT = (() => {
+  const n = parseInt(process.env.AZCLAUDE_VISUALIZER, 10);
+  return (n > 1 && n < 65536) ? n : 8765;
+})();
+
+// Hard safety net
+setTimeout(() => process.exit(0), 1500);
+
+let input = '';
+process.stdin.setEncoding('utf8');
+
+process.stdin.on('data', chunk => { input += chunk; });
+
+process.stdin.on('end', () => {
+  if (!input.trim()) process.exit(0);
+
+  // Validate JSON
+  try { JSON.parse(input); } catch { process.exit(0); }
+
+  const req = http.request({
+    hostname: '127.0.0.1',
+    port: PORT,
+    path: '/event',
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      'Content-Length': Buffer.byteLength(input),
+    },
+    timeout: 1200,
+  }, (res) => {
+    res.resume();
+    res.on('end', () => process.exit(0));
+  });
+
+  req.on('error', () => process.exit(0));
+  req.on('timeout', () => { req.destroy(); process.exit(0); });
+
+  req.write(input);
+  req.end();
+});
+
+process.stdin.on('error', () => process.exit(0));