bigpowers 2.31.0 → 2.33.0

package/.pi/package.json

@@ -1,6 +1,6 @@
 {
   "name": "bigpowers",
-  "version": "2.31.0",
+  "version": "2.33.0",
   "description": "70 skills — 61 agent skills for spec-driven, test-first software development by solo developers",
   "keywords": [
     "pi-package"

package/.pi/prompts/migrate-spec.md

@@ -167,6 +167,73 @@ Use the learnings table from [REFERENCE.md](./REFERENCE.md#learnings-to-adopt).
 
 → verify: `grep -c "\- \[ \]" specs/state.yaml 2>/dev/null && echo "pending items recorded" || echo "no pending items in state.yaml"`
 
+### Step 6 — Adversarial review (optional)
+
+Before the user runs `plan-work`, offer an optional lightweight audit of the migrated artifacts. This catches common migration errors early — incomplete specs, missing verification commands, unresolved decisions.
+
+Prompt: "Run adversarial review of migrated artifacts? [yes / skip]"
+
+If yes, perform these checks:
+
+1. **Scan for incomplete markers** — Find TODO, FIXME, MISSING in specs/
+2. **Verify every epic has `verify:` commands** — Parse all `eNN-*/epic.yaml` files
+3. **Check state.yaml handoff** — Ensure `open_decisions` is documented (even if empty)
+
+Collect findings and write to `specs/archive/MIGRATION-AUDIT.md`:
+
+```markdown
+# Migration Audit — <project-name> from <framework>
+
+**Date:** <ISO 8601 timestamp>
+**Status:** Pass / Fail with findings
+
+## Findings
+
+### High Priority
+- Artifact: specs/epics/e02-auth-ui/epic.yaml
+  Finding: No verify: commands in story tasks
+  Recommendation: Add `verify:` to each task before develop-tdd
+
+### Information
+- Count of TODO markers: 3 (normal for fresh migration)
+```
+
+If findings exist, the handoff block should note: "Adversarial review: N findings — see `specs/archive/MIGRATION-AUDIT.md`"
+
+If skip is chosen, add to handoff: "Adversarial review: skipped — review manually before plan-work"
+
+→ verify: `test -f specs/archive/MIGRATION-AUDIT.md && echo "audit completed" || echo "audit skipped or not performed"`
+
+### Step 7 — Post-migration: Optional two-pass spec writing gate
+
+After Steps 1–6, offer the user an optional two-pass spec writing workflow (spec-kit learning):
+
+Prompt: "Use two-pass spec writing (user journeys first, then technical)? [yes / no]"
+
+If **yes**, initialize the gate in `specs/state.yaml`:
+
+```yaml
+two_pass_spec:
+  journey_pass: pending
+  technical_pass: pending
+  approved_at: null
+```
+
+The journey pass must be marked "complete" by the user (after stakeholder approval of user-journey specs) before the technical pass begins:
+
+```yaml
+two_pass_spec:
+  journey_pass: complete
+  approved_at: "2026-06-26T12:00:00Z"
+  technical_pass: pending
+```
+
+Inform the user: "Journey pass is pending. Run `elaborate-spec` for user journeys, get stakeholder approval, then update `two_pass_spec.journey_pass: complete` in state.yaml before proceeding to technical specs."
+
+If **no**, skip the two-pass gate. Proceed directly to plan-work.
+
+→ verify: `grep -q 'two_pass_spec:' specs/state.yaml && echo "two-pass gate initialized" || echo "two-pass gate not activated"`
+
 
 ## Artifact Mapping Summary
 
@@ -474,7 +541,7 @@ Optional enhancements to offer the user after migration. Present as checkboxes.
 
 ### From spec-kit
 
-- [ ] **Two-pass spec writing** — User-journey pass first, then technical-decisions pass.
+- [x] **Two-pass spec writing** — User-journey pass first, then technical-decisions pass. (adopted: optional post-migration gate)
 - [ ] **Explicit inter-phase gate** — "Approve to proceed?" at end of `elaborate-spec`.
 - [ ] **Epic task isolation** — Each task completable in isolation; `depends-on` explicit in epic YAML.
 
@@ -482,7 +549,7 @@ Optional enhancements to offer the user after migration. Present as checkboxes.
 
 - [x] **FR-XX + UJ-XX in SCOPE_LATEST.yaml** — Rigorous traceability. (adopted: REQUIREMENTS_TRACE.yaml emitted on migration)
 - [ ] **`specs/DECISION-LOG.md`** — Lightweight decisions below ADR threshold.
-- [ ] **Adversarial review pass** — Critique epic shard before `develop-tdd`.
+- [x] **Adversarial review pass** — Critique epic shard before `develop-tdd`. (adopted: optional Step 6 in migration)
 
 ---
 
@@ -520,6 +587,45 @@ For lightweight decisions that don't warrant a full ADR:
 | 2026-05-19 | Use Postgres | Existing ops expertise | SQLite (limited), DynamoDB (no local dev) |
 ```
 
+### MIGRATION-AUDIT.md format
+
+Post-migration adversarial review report. Written to `specs/archive/MIGRATION-AUDIT.md` when Step 6 runs:
+
+```markdown
+# Migration Audit — <project-name>
+
+**Source Framework:** <GSD|spec-kit|BMAD>  
+**Date:** <ISO 8601>  
+**Status:** <Pass|Findings|Critical>
+
+## Summary
+
+- TODO markers: N
+- FIXME markers: N
+- MISSING markers: N
+- Epics without verify: N
+
+## High Priority Findings
+
+- **Artifact:** specs/epics/e02-auth-ui/epic.yaml
+  **Issue:** Story e02s01 has no verify: commands in tasks
+  **Recommendation:** Add runnable verify command before develop-tdd
+
+- **Artifact:** specs/state.yaml
+  **Issue:** open_decisions list empty without comment explanation
+  **Recommendation:** Add # comment if all decisions were resolved during migration
+
+## Information
+
+- Artifact specs/epics/e01-auth/epic.yaml contains TODO: "Define Neon Auth client URL injection" (normal for fresh migration)
+
+## Next Steps
+
+1. Address high-priority findings before plan-work
+2. Run bash scripts/audit-compliance.sh to enforce code quality gates
+3. Begin develop-tdd on highest-WSJF epic
+```
+
 ### in_scope format with ID tracking
 
 Source IDs (REQ-XX, FR-XX, UJ-XX) are emitted as first-class YAML fields:
@@ -623,4 +729,9 @@ handoff:
     - specs/tech-architecture/TECH_STACK_LATEST.md
     - specs/release-plan.yaml
   next_skill: survey-context
+
+two_pass_spec:  # Optional: only if user activates two-pass spec writing gate
+  journey_pass: pending
+  technical_pass: pending
+  approved_at: null
 ```

package/.pi/skills/migrate-spec/SKILL.md

@@ -169,6 +169,73 @@ Use the learnings table from [REFERENCE.md](./REFERENCE.md#learnings-to-adopt).
 
 → verify: `grep -c "\- \[ \]" specs/state.yaml 2>/dev/null && echo "pending items recorded" || echo "no pending items in state.yaml"`
 
+### Step 6 — Adversarial review (optional)
+
+Before the user runs `plan-work`, offer an optional lightweight audit of the migrated artifacts. This catches common migration errors early — incomplete specs, missing verification commands, unresolved decisions.
+
+Prompt: "Run adversarial review of migrated artifacts? [yes / skip]"
+
+If yes, perform these checks:
+
+1. **Scan for incomplete markers** — Find TODO, FIXME, MISSING in specs/
+2. **Verify every epic has `verify:` commands** — Parse all `eNN-*/epic.yaml` files
+3. **Check state.yaml handoff** — Ensure `open_decisions` is documented (even if empty)
+
+Collect findings and write to `specs/archive/MIGRATION-AUDIT.md`:
+
+```markdown
+# Migration Audit — <project-name> from <framework>
+
+**Date:** <ISO 8601 timestamp>
+**Status:** Pass / Fail with findings
+
+## Findings
+
+### High Priority
+- Artifact: specs/epics/e02-auth-ui/epic.yaml
+  Finding: No verify: commands in story tasks
+  Recommendation: Add `verify:` to each task before develop-tdd
+
+### Information
+- Count of TODO markers: 3 (normal for fresh migration)
+```
+
+If findings exist, the handoff block should note: "Adversarial review: N findings — see `specs/archive/MIGRATION-AUDIT.md`"
+
+If skip is chosen, add to handoff: "Adversarial review: skipped — review manually before plan-work"
+
+→ verify: `test -f specs/archive/MIGRATION-AUDIT.md && echo "audit completed" || echo "audit skipped or not performed"`
+
+### Step 7 — Post-migration: Optional two-pass spec writing gate
+
+After Steps 1–6, offer the user an optional two-pass spec writing workflow (spec-kit learning):
+
+Prompt: "Use two-pass spec writing (user journeys first, then technical)? [yes / no]"
+
+If **yes**, initialize the gate in `specs/state.yaml`:
+
+```yaml
+two_pass_spec:
+  journey_pass: pending
+  technical_pass: pending
+  approved_at: null
+```
+
+The journey pass must be marked "complete" by the user (after stakeholder approval of user-journey specs) before the technical pass begins:
+
+```yaml
+two_pass_spec:
+  journey_pass: complete
+  approved_at: "2026-06-26T12:00:00Z"
+  technical_pass: pending
+```
+
+Inform the user: "Journey pass is pending. Run `elaborate-spec` for user journeys, get stakeholder approval, then update `two_pass_spec.journey_pass: complete` in state.yaml before proceeding to technical specs."
+
+If **no**, skip the two-pass gate. Proceed directly to plan-work.
+
+→ verify: `grep -q 'two_pass_spec:' specs/state.yaml && echo "two-pass gate initialized" || echo "two-pass gate not activated"`
+
 
 ## Artifact Mapping Summary
 
@@ -476,7 +543,7 @@ Optional enhancements to offer the user after migration. Present as checkboxes.
 
 ### From spec-kit
 
-- [ ] **Two-pass spec writing** — User-journey pass first, then technical-decisions pass.
+- [x] **Two-pass spec writing** — User-journey pass first, then technical-decisions pass. (adopted: optional post-migration gate)
 - [ ] **Explicit inter-phase gate** — "Approve to proceed?" at end of `elaborate-spec`.
 - [ ] **Epic task isolation** — Each task completable in isolation; `depends-on` explicit in epic YAML.
 
@@ -484,7 +551,7 @@ Optional enhancements to offer the user after migration. Present as checkboxes.
 
 - [x] **FR-XX + UJ-XX in SCOPE_LATEST.yaml** — Rigorous traceability. (adopted: REQUIREMENTS_TRACE.yaml emitted on migration)
 - [ ] **`specs/DECISION-LOG.md`** — Lightweight decisions below ADR threshold.
-- [ ] **Adversarial review pass** — Critique epic shard before `develop-tdd`.
+- [x] **Adversarial review pass** — Critique epic shard before `develop-tdd`. (adopted: optional Step 6 in migration)
 
 ---
 
@@ -522,6 +589,45 @@ For lightweight decisions that don't warrant a full ADR:
 | 2026-05-19 | Use Postgres | Existing ops expertise | SQLite (limited), DynamoDB (no local dev) |
 ```
 
+### MIGRATION-AUDIT.md format
+
+Post-migration adversarial review report. Written to `specs/archive/MIGRATION-AUDIT.md` when Step 6 runs:
+
+```markdown
+# Migration Audit — <project-name>
+
+**Source Framework:** <GSD|spec-kit|BMAD>  
+**Date:** <ISO 8601>  
+**Status:** <Pass|Findings|Critical>
+
+## Summary
+
+- TODO markers: N
+- FIXME markers: N
+- MISSING markers: N
+- Epics without verify: N
+
+## High Priority Findings
+
+- **Artifact:** specs/epics/e02-auth-ui/epic.yaml
+  **Issue:** Story e02s01 has no verify: commands in tasks
+  **Recommendation:** Add runnable verify command before develop-tdd
+
+- **Artifact:** specs/state.yaml
+  **Issue:** open_decisions list empty without comment explanation
+  **Recommendation:** Add # comment if all decisions were resolved during migration
+
+## Information
+
+- Artifact specs/epics/e01-auth/epic.yaml contains TODO: "Define Neon Auth client URL injection" (normal for fresh migration)
+
+## Next Steps
+
+1. Address high-priority findings before plan-work
+2. Run bash scripts/audit-compliance.sh to enforce code quality gates
+3. Begin develop-tdd on highest-WSJF epic
+```
+
 ### in_scope format with ID tracking
 
 Source IDs (REQ-XX, FR-XX, UJ-XX) are emitted as first-class YAML fields:
@@ -625,4 +731,9 @@ handoff:
     - specs/tech-architecture/TECH_STACK_LATEST.md
     - specs/release-plan.yaml
   next_skill: survey-context
+
+two_pass_spec:  # Optional: only if user activates two-pass spec writing gate
+  journey_pass: pending
+  technical_pass: pending
+  approved_at: null
 ```

package/CHANGELOG.md

@@ -1,3 +1,17 @@
+# [2.33.0](https://github.com/danielvm-git/bigpowers/compare/v2.32.0...v2.33.0) (2026-06-26)
+
+
+### Features
+
+* **migrate-spec:** add two-pass spec writing gate ([6d33173](https://github.com/danielvm-git/bigpowers/commit/6d331735554df2d29adab6fdf5ef72844821f5bd))
+
+# [2.32.0](https://github.com/danielvm-git/bigpowers/compare/v2.31.0...v2.32.0) (2026-06-26)
+
+
+### Features
+
+* **migrate-spec:** add optional Step 6 adversarial review pass ([64ae774](https://github.com/danielvm-git/bigpowers/commit/64ae774070068727f7dbb91e9cbb8e722bd0feb0))
+
 # [2.31.0](https://github.com/danielvm-git/bigpowers/compare/v2.30.0...v2.31.0) (2026-06-26)
 
 

package/SKILL-INDEX.md

@@ -3,7 +3,7 @@
 > **DO NOT EDIT** — This file is auto-generated by `scripts/generate-skill-index.sh`.
 > Edit `SKILL.md` source files or `skills-lock.json` instead. Run `bash scripts/sync-skills.sh` to regenerate.
 
-**Generated:** 2026-06-26T22:57:50Z
+**Generated:** 2026-06-26T23:02:01Z
 **Skills:** 70
 
 ---

package/migrate-spec/REFERENCE.md

@@ -138,7 +138,7 @@ Optional enhancements to offer the user after migration. Present as checkboxes.
 
 ### From spec-kit
 
-- [ ] **Two-pass spec writing** — User-journey pass first, then technical-decisions pass.
+- [x] **Two-pass spec writing** — User-journey pass first, then technical-decisions pass. (adopted: optional post-migration gate)
 - [ ] **Explicit inter-phase gate** — "Approve to proceed?" at end of `elaborate-spec`.
 - [ ] **Epic task isolation** — Each task completable in isolation; `depends-on` explicit in epic YAML.
 
@@ -146,7 +146,7 @@ Optional enhancements to offer the user after migration. Present as checkboxes.
 
 - [x] **FR-XX + UJ-XX in SCOPE_LATEST.yaml** — Rigorous traceability. (adopted: REQUIREMENTS_TRACE.yaml emitted on migration)
 - [ ] **`specs/DECISION-LOG.md`** — Lightweight decisions below ADR threshold.
-- [ ] **Adversarial review pass** — Critique epic shard before `develop-tdd`.
+- [x] **Adversarial review pass** — Critique epic shard before `develop-tdd`. (adopted: optional Step 6 in migration)
 
 ---
 
@@ -184,6 +184,45 @@ For lightweight decisions that don't warrant a full ADR:
 | 2026-05-19 | Use Postgres | Existing ops expertise | SQLite (limited), DynamoDB (no local dev) |
 ```
 
+### MIGRATION-AUDIT.md format
+
+Post-migration adversarial review report. Written to `specs/archive/MIGRATION-AUDIT.md` when Step 6 runs:
+
+```markdown
+# Migration Audit — <project-name>
+
+**Source Framework:** <GSD|spec-kit|BMAD>  
+**Date:** <ISO 8601>  
+**Status:** <Pass|Findings|Critical>
+
+## Summary
+
+- TODO markers: N
+- FIXME markers: N
+- MISSING markers: N
+- Epics without verify: N
+
+## High Priority Findings
+
+- **Artifact:** specs/epics/e02-auth-ui/epic.yaml
+  **Issue:** Story e02s01 has no verify: commands in tasks
+  **Recommendation:** Add runnable verify command before develop-tdd
+
+- **Artifact:** specs/state.yaml
+  **Issue:** open_decisions list empty without comment explanation
+  **Recommendation:** Add # comment if all decisions were resolved during migration
+
+## Information
+
+- Artifact specs/epics/e01-auth/epic.yaml contains TODO: "Define Neon Auth client URL injection" (normal for fresh migration)
+
+## Next Steps
+
+1. Address high-priority findings before plan-work
+2. Run bash scripts/audit-compliance.sh to enforce code quality gates
+3. Begin develop-tdd on highest-WSJF epic
+```
+
 ### in_scope format with ID tracking
 
 Source IDs (REQ-XX, FR-XX, UJ-XX) are emitted as first-class YAML fields:
@@ -287,4 +326,9 @@ handoff:
     - specs/tech-architecture/TECH_STACK_LATEST.md
     - specs/release-plan.yaml
   next_skill: survey-context
+
+two_pass_spec:  # Optional: only if user activates two-pass spec writing gate
+  journey_pass: pending
+  technical_pass: pending
+  approved_at: null
 ```

package/migrate-spec/SKILL.md

@@ -170,6 +170,73 @@ Use the learnings table from [REFERENCE.md](./REFERENCE.md#learnings-to-adopt).
 
 → verify: `grep -c "\- \[ \]" specs/state.yaml 2>/dev/null && echo "pending items recorded" || echo "no pending items in state.yaml"`
 
+### Step 6 — Adversarial review (optional)
+
+Before the user runs `plan-work`, offer an optional lightweight audit of the migrated artifacts. This catches common migration errors early — incomplete specs, missing verification commands, unresolved decisions.
+
+Prompt: "Run adversarial review of migrated artifacts? [yes / skip]"
+
+If yes, perform these checks:
+
+1. **Scan for incomplete markers** — Find TODO, FIXME, MISSING in specs/
+2. **Verify every epic has `verify:` commands** — Parse all `eNN-*/epic.yaml` files
+3. **Check state.yaml handoff** — Ensure `open_decisions` is documented (even if empty)
+
+Collect findings and write to `specs/archive/MIGRATION-AUDIT.md`:
+
+```markdown
+# Migration Audit — <project-name> from <framework>
+
+**Date:** <ISO 8601 timestamp>
+**Status:** Pass / Fail with findings
+
+## Findings
+
+### High Priority
+- Artifact: specs/epics/e02-auth-ui/epic.yaml
+  Finding: No verify: commands in story tasks
+  Recommendation: Add `verify:` to each task before develop-tdd
+
+### Information
+- Count of TODO markers: 3 (normal for fresh migration)
+```
+
+If findings exist, the handoff block should note: "Adversarial review: N findings — see `specs/archive/MIGRATION-AUDIT.md`"
+
+If skip is chosen, add to handoff: "Adversarial review: skipped — review manually before plan-work"
+
+→ verify: `test -f specs/archive/MIGRATION-AUDIT.md && echo "audit completed" || echo "audit skipped or not performed"`
+
+### Step 7 — Post-migration: Optional two-pass spec writing gate
+
+After Steps 1–6, offer the user an optional two-pass spec writing workflow (spec-kit learning):
+
+Prompt: "Use two-pass spec writing (user journeys first, then technical)? [yes / no]"
+
+If **yes**, initialize the gate in `specs/state.yaml`:
+
+```yaml
+two_pass_spec:
+  journey_pass: pending
+  technical_pass: pending
+  approved_at: null
+```
+
+The journey pass must be marked "complete" by the user (after stakeholder approval of user-journey specs) before the technical pass begins:
+
+```yaml
+two_pass_spec:
+  journey_pass: complete
+  approved_at: "2026-06-26T12:00:00Z"
+  technical_pass: pending
+```
+
+Inform the user: "Journey pass is pending. Run `elaborate-spec` for user journeys, get stakeholder approval, then update `two_pass_spec.journey_pass: complete` in state.yaml before proceeding to technical specs."
+
+If **no**, skip the two-pass gate. Proceed directly to plan-work.
+
+→ verify: `grep -q 'two_pass_spec:' specs/state.yaml && echo "two-pass gate initialized" || echo "two-pass gate not activated"`
+
 ---
 
 ## Artifact Mapping Summary

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "bigpowers",
-  "version": "2.31.0",
+  "version": "2.33.0",
   "description": "61 agent skills for spec-driven, test-first software development by solo developers",
   "main": "index.js",
   "scripts": {

package/skills-lock.json

@@ -163,7 +163,7 @@
     },
     "migrate-spec": {
       "description": "Detect GSD, spec-kit, or BMAD spec artifacts and transform them into bigpowers YAML layout (state.yaml, release-plan.yaml, epics/, requirements/, plans/, ADRs). Use when migrating foreign spec docs.",
-      "sha256": "897baa6f0f37ea68",
+      "sha256": "93c8cd03a33b7c10",
       "path": "migrate-spec/SKILL.md"
     },
     "model-domain": {