npm - cc-devflow - Versions diffs - 4.5.1 → 4.5.3 - Mend

cc-devflow 4.5.1 → 4.5.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (81) hide show

package/.claude/skills/cc-spec-init/SKILL.md CHANGED Viewed

@@ -1,6 +1,6 @@
 ---
 name: cc-spec-init
-version: 1.0.1
+version: 1.1.0
 description: Use when you need to initialize capability specs under `devflow/specs/`, create or evolve capability truth sources, generate `change-meta.json`, or validate roadmap/change/spec links before roadmap, planning, or closeout work continues.
 ---
@@ -67,6 +67,7 @@ description: Use when you need to initialize capability specs under `devflow/spe
 2. 先判断你是在做 `bootstrap`、`create`、`update-links`、`split`、`merge` 还是 `deprecate`。
 3. 先锁定 capability 边界，再写模板；不要先写 prose 再猜结构。
 4. 先明确 primary capability，再允许 secondary capabilities 存在。
+5. 先检查命名是否已经有 canonical term；同义词、歧义词和关系约束没收口前，不要新建第二套 capability 名称。
 ## Session Protocol
@@ -80,6 +81,7 @@ description: Use when you need to initialize capability specs under `devflow/spe
    - 为当前已知 capability 写最小 spec
 3. 如果是新 capability：
    - 先写 capability 边界、约束、当前 truth、gaps
+   - 再写最小 language block：canonical term、definition、aliases to avoid、relationships、flagged ambiguities
    - 再登记到 `INDEX.md`
 4. 如果是 change 绑定：
    - 生成或更新 `change-meta.json`
@@ -91,6 +93,17 @@ description: Use when you need to initialize capability specs under `devflow/spe
    - `INDEX.md` 引到的 capability 文件都存在
    - `change-meta.json` 里的 capability 都能落到 spec
    - roadmap / backlog 里的 capability 引用仍可追踪
+   - 新 capability 的名称、aliases、relationships 没有和已有 spec 冲突
+## Language Boundary Gate
+capability spec 是长期 truth source，命名必须比一次需求更稳定：
+- canonical term：只选一个主名，优先沿用 roadmap、历史 design/analysis、代码公共接口和用户领域语言里已经稳定的词。
+- aliases to avoid：记录容易混用的别名，说明为什么不能继续用。
+- flagged ambiguity：同一个词指向两个概念时，必须写清拆分边界，必要时拆 capability。
+- relationships：用一句话写清 capability 之间的拥有、依赖、生命周期、输入输出或互斥关系。
+- implementation names：类名、文件名、函数名只有在它们已经是公共领域语言时才进入 spec；否则留在 change 设计里。
 ## Output

package/CHANGELOG.md CHANGED Viewed

@@ -9,6 +9,43 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
+## [4.5.3] - 2026-04-29
+### Skill Strategy Integration
+v4.5.3 absorbs the useful strategies from an external skill library into native
+cc-devflow contracts, keeping the public workflow cohesive instead of adding
+parallel skill surfaces.
+### Changed
+- Added an external skill strategy audit and migrated the useful patterns into native cc-devflow contracts instead of copying external skill prose.
+- Updated `cc-plan` to capture glossary deltas, compare non-trivial interface shapes, mark `AFK` / `HITL` vertical slices, and keep durable handoffs behavior-focused.
+- Updated `cc-investigate` to sharpen feedback loops as investigation products and record prevention handoffs after root-cause freeze.
+- Updated `cc-do` and `cc-check` to enforce tracer-bullet execution and review test fixture honesty around partial data, casts, stubs, and mocks.
+- Updated `cc-simplify` to apply deep-module, deletion-test, and real-seam checks before accepting architecture cleanup findings.
+- Updated `cc-act`, `cc-spec-init`, and `docs-sync` to harden issue handoffs, dangerous git action safety, capability language boundaries, and skill contract quality gates.
+- Updated `cc-check` to require QA feedback-loop and behavior evidence for bugfix and user-visible behavior verification, including reproduction mode, determinism, expected/actual behavior, and test seam follow-ups.
+- Updated `cc-act` to carry QA behavior evidence into PR briefs, handoffs, and release notes, and to write follow-ups as durable behavior briefs before roadmap/backlog writeback.
+- Updated `cc-roadmap`, `cc-plan`, and `cc-investigate` to keep canonical language and durable decisions in cc-devflow-native sources: `devflow/specs/`, roadmap/backlog, design/analysis, and change metadata.
+- Refreshed public examples and skill binding metadata for `cc-roadmap@4.4.1`, `cc-plan@3.7.0`, `cc-investigate@1.2.0`, `cc-do@1.6.0`, `cc-check@1.10.0`, `cc-act@1.8.0`, and `cc-spec-init@1.1.0`.
+## [4.5.2] - 2026-04-28
+### Skill Review Hardening
+v4.5.2 strengthens the verification and cleanup side of the workflow so
+review, QA, investigation, release readiness, and pre-ship simplification carry
+fresh evidence instead of relying on stale chat context.
+### Changed
+- Updated `cc-check` to record review freshness, specialist review facets, QA coverage/browser evidence, and runtime failure ownership before a verdict can enter `cc-act`.
+- Updated `cc-act` to render a readiness dashboard, check PR body accuracy, and rerun verification on each invocation while keeping ship actions idempotent.
+- Updated `cc-investigate` to require a frozen root-cause contract with prior-history checks, boundary probes, backward trace, reference comparison, diagnostic probe cleanup, condition-wait evidence, pattern analysis, sanitized research evidence, and repair-boundary blast-radius fields.
+- Updated `cc-simplify` to a Chinese Codex-native cleanup workflow with scope-aware reviewer dispatch, JSONL findings, confidence-gated deduplication, Fix-First decisions, false-positive suppressions, and fresh validation evidence.
+- Refreshed public examples and skill binding metadata for `cc-investigate@1.1.4`, `cc-check@1.8.4`, `cc-act@1.6.4`, and `cc-simplify@1.3.0`.
 ## [4.5.1] - 2026-04-28
 ### Planning Evidence Gates

package/README.md CHANGED Viewed

@@ -76,9 +76,17 @@ Maintenance skills are shipped with the pack:
 ## Planning Quality Gates
-`cc-roadmap` now records planning posture and evidence maturity before recommending a route. That keeps idea-stage, active-user, paying-customer, infrastructure, and recovery work from being forced through the same questions. Developer-facing or operator-facing roadmap items also carry target user, time to first value, magic moment, and adoption bottleneck into `cc-plan`.
+`cc-roadmap` now records planning posture, evidence maturity, canonical project language, and durable decision context before recommending a route. That keeps idea-stage, active-user, paying-customer, infrastructure, and recovery work from being forced through the same questions, and prevents roadmap items from inventing a second vocabulary. Developer-facing or operator-facing roadmap items also carry target user, time to first value, magic moment, adoption bottleneck, and domain handoff into `cc-plan`.
-`cc-plan` freezes more implementation decisions before `cc-do` starts. Non-trivial plans compare minimal viable and ideal architecture options, full designs include decision horizon plus error/rescue mapping, and test-first plans record test framework evidence, coverage quality, and mandatory regression tests when existing behavior changes.
+Canonical language and durable decisions stay inside cc-devflow-native sources: `devflow/specs/`, `devflow/ROADMAP.md`, `devflow/BACKLOG.md`, `planning/design.md`, `planning/analysis.md`, and `change-meta.json`.
+`cc-plan` freezes more implementation decisions before `cc-do` starts. Non-trivial plans compare minimal viable and ideal architecture options, full designs include decision horizon plus error/rescue mapping, and test-first plans record test framework evidence, public test seams, behavior assertions, mock boundaries, coverage quality, mandatory regression tests, interface depth, and vertical tracer-bullet slices when existing behavior changes.
+## Verification And Ship Gates
+`cc-check` now treats QA as a feedback-loop problem, not only a green-test problem. Bugfix and behavior work records the loop used to prove reality, expected versus actual behavior, reproduction steps, test boundary quality, and architecture follow-ups when no clean public test seam exists.
+`cc-act` carries that evidence into PR briefs, handoffs, and release notes. Follow-ups must be durable behavior briefs with current behavior, desired behavior, key interfaces, acceptance criteria, and explicit out-of-scope notes before they are written back to roadmap or backlog.
 ## Installation Modes

package/README.zh-CN.md CHANGED Viewed

@@ -76,9 +76,17 @@ npx cc-devflow@latest adapt --cwd /path/to/your/project --all
 ## 计划质量门禁
-`cc-roadmap` 现在会先记录 planning posture 和 evidence maturity，再推荐路线。idea、已有用户、付费客户、infra、recovery 场景不会被套进同一组问题。面向开发者或操作者的 roadmap item 还会把目标用户、time to first value、magic moment 和 adoption bottleneck 交给 `cc-plan`。
+`cc-roadmap` 现在会先记录 planning posture、evidence maturity、项目 canonical language 和持久决策上下文，再推荐路线。idea、已有用户、付费客户、infra、recovery 场景不会被套进同一组问题，也不会让 roadmap item 发明第二套词汇。面向开发者或操作者的 roadmap item 还会把目标用户、time to first value、magic moment、adoption bottleneck 和 domain handoff 交给 `cc-plan`。
-`cc-plan` 会在 `cc-do` 开始前冻结更多实现决策。非 trivial 计划需要比较 minimal viable 和 ideal architecture，full-design 需要包含 implementation decision horizon 和 error/rescue map；测试计划要记录测试框架证据、覆盖质量，并在修改既有行为时强制规划 regression test。
+Canonical language 和 durable decisions 只收敛到 cc-devflow 原生真相源：`devflow/specs/`、`devflow/ROADMAP.md`、`devflow/BACKLOG.md`、`planning/design.md`、`planning/analysis.md` 和 `change-meta.json`。
+`cc-plan` 会在 `cc-do` 开始前冻结更多实现决策。非 trivial 计划需要比较 minimal viable 和 ideal architecture，full-design 需要包含 implementation decision horizon 和 error/rescue map；测试计划要记录测试框架证据、public test seam、behavior assertion、mock boundary、覆盖质量、强制 regression test、interface depth 和 vertical tracer-bullet slices。
+## 验证与交付门禁
+`cc-check` 现在把 QA 当成反馈环问题，而不是只看测试是否绿。Bugfix 和行为变更需要记录证明现实的 loop、expected / actual、复现步骤、测试边界质量；如果没有干净的 public test seam，要留下架构 follow-up。
+`cc-act` 会把这些证据带进 PR brief、handoff 和 release note。Follow-up 必须写成 durable behavior brief，包含 current behavior、desired behavior、key interfaces、acceptance criteria 和 out-of-scope，再回写 roadmap 或 backlog。
 ## 安装方式

package/docs/examples/example-bindings.json CHANGED Viewed

@@ -1,13 +1,13 @@
 {
   "updatedAt": "2026-04-28",
   "skills": {
-    "cc-roadmap": "4.3.4",
-    "cc-plan": "3.5.6",
-    "cc-investigate": "1.1.2",
-    "cc-do": "1.5.2",
-    "cc-check": "1.8.2",
-    "cc-act": "1.6.2",
-    "cc-spec-init": "1.0.1"
+    "cc-roadmap": "4.4.1",
+    "cc-plan": "3.7.0",
+    "cc-investigate": "1.2.0",
+    "cc-do": "1.6.0",
+    "cc-check": "1.10.0",
+    "cc-act": "1.8.0",
+    "cc-spec-init": "1.1.0"
   },
   "examples": [
     {

package/docs/examples/full-design-blocked/BACKLOG.md CHANGED Viewed

@@ -3,7 +3,7 @@
 ## Backlog Meta
 - Roadmap version: `roadmap.v2`
-- Skill version: `4.3.4`
+- Skill version: `4.4.1`
 - Last synced: `2026-04-19`
 - Current focus stage: `Stage 2`
 - Tracking source: `roadmap-tracking.json`

package/docs/examples/full-design-blocked/README.md CHANGED Viewed

@@ -4,7 +4,7 @@
 - Example version: `1.0.0`
 - Last reviewed: `2026-04-17`
-- Bound skills: `cc-roadmap@4.3.4`, `cc-plan@3.5.6`, `cc-do@1.5.2`, `cc-check@1.8.2`
+- Bound skills: `cc-roadmap@4.4.1`, `cc-plan@3.7.0`, `cc-do@1.6.0`, `cc-check@1.10.0`
 This example shows a requirement that **looked executable**, but `cc-check` correctly stopped it and sent it back to `cc-plan`.

package/docs/examples/full-design-blocked/ROADMAP.md CHANGED Viewed

@@ -3,7 +3,7 @@
 ## Roadmap Meta
 - Roadmap version: `roadmap.v2`
-- Skill version: `4.3.4`
+- Skill version: `4.4.1`
 - Status: `active`
 - Last updated: `2026-04-16`
 - Owner / decider: `product-owner`

package/docs/examples/full-design-blocked/changes/REQ-002-bulk-invite-import/planning/design.md CHANGED Viewed

@@ -4,7 +4,7 @@
 - Requirement version: `REQ-002.v2`
 - Design version: `design.v2`
-- CC-Plan skill version: `3.5.6`
+- CC-Plan skill version: `3.7.0`
 - Requirement ID: `REQ-002`
 - Design mode: `full-design`
 - Why not `tiny-design`: the feature crosses import parsing, invite rules, billing limits, duplicate handling, and audit logging

package/docs/examples/full-design-blocked/changes/REQ-002-bulk-invite-import/planning/tasks.md CHANGED Viewed

@@ -4,7 +4,7 @@
 - Requirement version: `REQ-002.v2`
 - Design version: `design.v2`
-- CC-Plan skill version: `3.5.6`
+- CC-Plan skill version: `3.7.0`
 - Source roadmap item: `RM-010`
 - Source roadmap version: `roadmap.v2`

package/docs/examples/full-design-blocked/changes/REQ-002-bulk-invite-import/review/report-card.json CHANGED Viewed

@@ -3,6 +3,74 @@
   "verdict": "blocked",
   "overall": "fail",
   "summary": "verdict=blocked quick=2/2 strict=0/0 review=blocked",
+  "specAlignment": "blocked",
+  "specDeltaVerified": false,
+  "specSyncReady": false,
+  "runtime": {
+    "status": "blocked",
+    "failureOwnership": [
+      {
+        "failure": "requirement semantics cannot be proven from current design",
+        "classification": "ambiguous",
+        "touchedByDiff": true,
+        "evidence": "duplicate-email and seat-limit outcomes lack a frozen row matrix",
+        "action": "reroute-cc-plan",
+        "status": "open"
+      }
+    ]
+  },
+  "claimEvidence": [
+    {
+      "claim": "tests-pass",
+      "requiredProof": "fresh targeted test command with exit 0",
+      "commandOrArtifact": "npm test -- src/invite/bulk-import.test.ts",
+      "exitStatus": 0,
+      "keyObservation": "targeted bulk invite rule tests passed",
+      "status": "pass"
+    },
+    {
+      "claim": "requirements-met",
+      "requiredProof": "line-by-line planning/tasks.md and task-manifest.json checklist",
+      "commandOrArtifact": "planning/design.md + planning/task-manifest.json",
+      "exitStatus": null,
+      "keyObservation": "duplicate-email and seat-limit semantics are still underspecified",
+      "status": "blocked"
+    }
+  ],
+  "qa": {
+    "status": "blocked",
+    "regressionProof": [],
+    "testQuality": [
+      {
+        "area": "bulk-invite-rules",
+        "checksRealBehavior": true,
+        "mockBoundary": "none",
+        "testOnlyProductionApi": false,
+        "status": "pass"
+      }
+    ],
+    "coverageAudit": {
+      "status": "blocked",
+      "coveragePct": null,
+      "pathMap": ["bulk invite parser", "admin panel happy path"],
+      "gaps": ["duplicate-email row semantics", "seat-limit partial-failure semantics"],
+      "testsAdded": ["src/invite/bulk-import.test.ts", "src/admin/BulkInvitePanel.test.tsx"],
+      "e2eRequired": true,
+      "evalRequired": false,
+      "qualityStars": "★"
+    },
+    "browserEvidence": {
+      "status": "skipped",
+      "mode": "not-applicable",
+      "affectedRoutes": [],
+      "screenshots": [],
+      "consoleErrors": [],
+      "healthScore": null,
+      "issues": [],
+      "skipReason": "design contract is blocked before browser QA can prove the intended behavior"
+    },
+    "tddException": "design contract is incomplete, so tests cannot prove final requirement semantics yet"
+  },
   "quickGates": [
     {
       "name": "bulk-rule-tests",
@@ -22,10 +90,35 @@
     "status": "blocked",
     "summary": "The implementation evidence is real, but the requirement-level design contract is still incomplete",
     "details": "Diff review found that duplicate-email and seat-limit semantics are still not frozen tightly enough to trust the current implementation as the requirement truth.",
+    "freshness": {
+      "status": "fresh",
+      "reviewedCommit": "example-head",
+      "currentCommit": "example-head",
+      "commitsSinceReview": 0,
+      "staleReason": ""
+    },
+    "qualityScore": 6,
+    "specialistReviews": [
+      {
+        "name": "testing",
+        "status": "blocked",
+        "required": true,
+        "summary": "tests are real but cannot cover semantics that are not frozen in design",
+        "skipReason": "",
+        "findings": []
+      }
+    ],
     "taskReviews": {
       "status": "pass",
       "required": true,
       "summary": "All completed tasks carry spec/code proof",
+      "reviewPacket": {
+        "baseSha": "example-base",
+        "headSha": "example-head",
+        "requirements": "planning/tasks.md",
+        "implemented": "bulk invite import implementation",
+        "reviewerContext": "task manifest plus current implementation evidence"
+      },
       "reviewers": [],
       "findings": []
     },
@@ -33,20 +126,64 @@
       "status": "blocked",
       "required": false,
       "summary": "Requirement-level review says the row-outcome matrix must be reopened in planning",
+      "reviewPacket": {
+        "baseSha": "example-base",
+        "headSha": "example-head",
+        "requirements": "planning/design.md",
+        "implemented": "bulk invite import implementation",
+        "reviewerContext": "requirement diff, plan completion, scope drift, docs staleness"
+      },
       "reviewers": [],
       "findings": [
-        "duplicate-email behavior is still underspecified",
-        "seat-limit partial-failure semantics are not frozen in design.md"
+        {
+          "severity": "important",
+          "confidence": "high",
+          "source": "diff-review",
+          "summary": "duplicate-email behavior is still underspecified",
+          "evidence": "planning/design.md does not freeze row-level duplicate semantics",
+          "action": "reroute-cc-plan",
+          "triageStatus": "clarification-needed",
+          "confidenceScore": 9,
+          "fingerprint": "diff-review:bulk-invite:duplicate-email-semantics",
+          "displayTier": "blocking",
+          "suppressionReason": null
+        },
+        {
+          "severity": "important",
+          "confidence": "high",
+          "source": "diff-review",
+          "summary": "seat-limit partial-failure semantics are not frozen in design.md",
+          "evidence": "planning/design.md lacks accepted row-outcome matrix",
+          "action": "reroute-cc-plan",
+          "triageStatus": "clarification-needed",
+          "confidenceScore": 9,
+          "fingerprint": "diff-review:bulk-invite:seat-limit-partial-failure",
+          "displayTier": "blocking",
+          "suppressionReason": null
+        }
       ]
     },
     "findings": [
-      "The current code may be locally green while still violating the intended admin trust model"
+      {
+        "severity": "important",
+        "confidence": "medium",
+        "source": "diff-review",
+        "summary": "The current code may be locally green while still violating the intended admin trust model",
+        "evidence": "tests pass but requirement claim remains blocked by design ambiguity",
+        "action": "reroute-cc-plan",
+        "triageStatus": "clarification-needed",
+        "confidenceScore": 7,
+        "fingerprint": "diff-review:bulk-invite:trust-model-ambiguous",
+        "displayTier": "warning",
+        "suppressionReason": null
+      }
     ]
   },
   "blockingFindings": [
     "design: duplicate-email row handling is not frozen tightly enough",
     "design: seat-limit partial-failure semantics must be reopened in cc-plan"
   ],
+  "gaps": ["duplicate-email row handling", "seat-limit partial-failure semantics"],
   "reroute": "cc-plan",
   "timestamp": "2026-04-16T12:15:00.000Z"
 }

package/docs/examples/full-design-blocked/roadmap-tracking.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "lastSyncedAt": "2026-04-19",
   "backlogMeta": {
     "roadmapVersion": "roadmap.v2",
-    "skillVersion": "4.3.4",
+    "skillVersion": "4.4.1",
     "currentFocusStage": "Stage 2"
   },
   "dependencyHandoff": {

package/docs/examples/local-handoff/BACKLOG.md CHANGED Viewed

@@ -3,7 +3,7 @@
 ## Backlog Meta
 - Roadmap version: `roadmap.v2`
-- Skill version: `4.3.4`
+- Skill version: `4.4.1`
 - Last synced: `2026-04-19`
 - Current focus stage: `Stage 2`
 - Tracking source: `roadmap-tracking.json`

package/docs/examples/local-handoff/README.md CHANGED Viewed

@@ -4,7 +4,7 @@
 - Example version: `1.0.0`
 - Last reviewed: `2026-04-17`
-- Bound skills: `cc-roadmap@4.3.4`, `cc-plan@3.5.6`, `cc-do@1.5.2`, `cc-check@1.8.2`, `cc-act@1.6.2`
+- Bound skills: `cc-roadmap@4.4.1`, `cc-plan@3.7.0`, `cc-do@1.6.0`, `cc-check@1.10.0`, `cc-act@1.8.0`
 This example shows verified work that is **ready to move forward**, but `cc-act` still chooses `local-handoff`.

package/docs/examples/local-handoff/ROADMAP.md CHANGED Viewed

@@ -3,7 +3,7 @@
 ## Roadmap Meta
 - Roadmap version: `roadmap.v3`
-- Skill version: `4.3.4`
+- Skill version: `4.4.1`
 - Status: `active`
 - Last updated: `2026-04-16`
 - Owner / decider: `product-owner`

package/docs/examples/local-handoff/changes/REQ-003-audit-log-export/planning/design.md CHANGED Viewed

@@ -4,7 +4,7 @@
 - Requirement version: `REQ-003.v1`
 - Design version: `design.v1`
-- CC-Plan skill version: `3.5.6`
+- CC-Plan skill version: `3.7.0`
 - Requirement ID: `REQ-003`
 - Design mode: `tiny-design`
 - Why this stays `tiny-design`: the patch adds one export action inside the existing admin audit UI without changing data contracts

package/docs/examples/local-handoff/changes/REQ-003-audit-log-export/planning/tasks.md CHANGED Viewed

@@ -4,7 +4,7 @@
 - Requirement version: `REQ-003.v1`
 - Design version: `design.v1`
-- CC-Plan skill version: `3.5.6`
+- CC-Plan skill version: `3.7.0`
 - Source roadmap item: `RM-020`
 - Source roadmap version: `roadmap.v3`

package/docs/examples/local-handoff/changes/REQ-003-audit-log-export/review/report-card.json CHANGED Viewed

@@ -3,6 +3,65 @@
   "verdict": "pass",
   "overall": "pass",
   "summary": "verdict=pass quick=2/2 strict=0/0 review=pass",
+  "specAlignment": "pass",
+  "specDeltaVerified": true,
+  "specSyncReady": true,
+  "runtime": {
+    "status": "pass",
+    "failureOwnership": []
+  },
+  "claimEvidence": [
+    {
+      "claim": "tests-pass",
+      "requiredProof": "fresh targeted test command with exit 0",
+      "commandOrArtifact": "npm test -- src/admin/AuditSummaryPanel.test.tsx",
+      "exitStatus": 0,
+      "keyObservation": "audit summary panel targeted tests passed",
+      "status": "pass"
+    },
+    {
+      "claim": "requirements-met",
+      "requiredProof": "line-by-line planning/tasks.md and task-manifest.json checklist",
+      "commandOrArtifact": "planning/tasks.md + planning/task-manifest.json",
+      "exitStatus": null,
+      "keyObservation": "approved tiny-design scope completed",
+      "status": "pass"
+    }
+  ],
+  "qa": {
+    "status": "pass",
+    "regressionProof": [],
+    "testQuality": [
+      {
+        "area": "audit-summary-panel",
+        "checksRealBehavior": true,
+        "mockBoundary": "none",
+        "testOnlyProductionApi": false,
+        "status": "pass"
+      }
+    ],
+    "coverageAudit": {
+      "status": "pass",
+      "coveragePct": 80,
+      "pathMap": ["audit summary render path", "empty audit state"],
+      "gaps": [],
+      "testsAdded": ["src/admin/AuditSummaryPanel.test.tsx"],
+      "e2eRequired": false,
+      "evalRequired": false,
+      "qualityStars": "★★"
+    },
+    "browserEvidence": {
+      "status": "skipped",
+      "mode": "not-applicable",
+      "affectedRoutes": [],
+      "screenshots": [],
+      "consoleErrors": [],
+      "healthScore": null,
+      "issues": [],
+      "skipReason": "local handoff example records component evidence without a live browser fixture"
+    },
+    "tddException": null
+  },
   "quickGates": [
     {
       "name": "targeted-tests",
@@ -22,10 +81,35 @@
     "status": "pass",
     "summary": "Task review proof and requirement-level diff review both passed",
     "details": "The diff stayed inside the approved tiny-design scope and verification evidence is fresh.",
+    "freshness": {
+      "status": "fresh",
+      "reviewedCommit": "example-head",
+      "currentCommit": "example-head",
+      "commitsSinceReview": 0,
+      "staleReason": ""
+    },
+    "qualityScore": 9,
+    "specialistReviews": [
+      {
+        "name": "testing",
+        "status": "pass",
+        "required": true,
+        "summary": "targeted tests cover the audit summary behavior for this example",
+        "skipReason": "",
+        "findings": []
+      }
+    ],
     "taskReviews": {
       "status": "pass",
       "required": true,
       "summary": "All completed tasks carry spec/code proof",
+      "reviewPacket": {
+        "baseSha": "example-base",
+        "headSha": "example-head",
+        "requirements": "planning/tasks.md",
+        "implemented": "audit log export summary view",
+        "reviewerContext": "task manifest plus changed audit panel files"
+      },
       "reviewers": [],
       "findings": []
     },
@@ -33,12 +117,20 @@
       "status": "pass",
       "required": false,
       "summary": "No blocking requirement-level findings",
+      "reviewPacket": {
+        "baseSha": "example-base",
+        "headSha": "example-head",
+        "requirements": "planning/design.md",
+        "implemented": "audit log export summary view",
+        "reviewerContext": "requirement diff, plan completion, scope drift, docs staleness"
+      },
       "reviewers": [],
       "findings": []
     },
     "findings": []
   },
   "blockingFindings": [],
+  "gaps": [],
   "reroute": "none",
   "timestamp": "2026-04-16T14:30:00.000Z"
 }

package/docs/examples/local-handoff/roadmap-tracking.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "lastSyncedAt": "2026-04-19",
   "backlogMeta": {
     "roadmapVersion": "roadmap.v2",
-    "skillVersion": "4.3.4",
+    "skillVersion": "4.4.1",
     "currentFocusStage": "Stage 2"
   },
   "dependencyHandoff": {

package/docs/examples/pdca-loop/BACKLOG.md CHANGED Viewed

@@ -3,7 +3,7 @@
 ## Backlog Meta
 - Roadmap version: `roadmap.v1`
-- Skill version: `4.3.4`
+- Skill version: `4.4.1`
 - Last synced: `2026-04-19`
 - Current focus stage: `Stage 1`
 - Tracking source: `roadmap-tracking.json`

package/docs/examples/pdca-loop/README.md CHANGED Viewed

@@ -4,7 +4,7 @@
 - Example version: `1.0.0`
 - Last reviewed: `2026-04-17`
-- Bound skills: `cc-roadmap@4.3.4`, `cc-plan@3.5.6`, `cc-do@1.5.2`, `cc-check@1.8.2`, `cc-act@1.6.2`
+- Bound skills: `cc-roadmap@4.4.1`, `cc-plan@3.7.0`, `cc-do@1.6.0`, `cc-check@1.10.0`, `cc-act@1.8.0`
 This folder shows one minimal but complete `cc-roadmap -> cc-plan -> cc-do -> cc-check -> cc-act` loop.

package/docs/examples/pdca-loop/ROADMAP.md CHANGED Viewed

@@ -3,7 +3,7 @@
 ## Roadmap Meta
 - Roadmap version: `roadmap.v1`
-- Skill version: `4.3.4`
+- Skill version: `4.4.1`
 - Status: `active`
 - Last updated: `2026-04-15`
 - Owner / decider: `product-owner`

package/docs/examples/pdca-loop/changes/REQ-001-copy-invite-link/handoff/pr-brief.md CHANGED Viewed

@@ -20,6 +20,25 @@
 - Base branch: `main`
 - PR / MR: not created yet
+## Review Range
+- Reviewed base SHA: `example-base`
+- Reviewed head SHA: `example-head`
+- Review packet: `planning/tasks.md#T001-T003`; `planning/design.md`
+- Finding triage: no findings
+- QA / claim evidence: `qa=pass`, `tests-pass=pass`, `requirements-met=pass`
+## Readiness Dashboard
+- Review freshness: `fresh`, reviewed `example-head`, current `example-head`
+- Review quality: `qualityScore=9`
+- Specialist review facets: `testing:pass`
+- QA coverage: `status=pass`, gaps `0`, e2eRequired `false`
+- Browser QA: `skipped`, example fixture uses targeted component evidence instead of a live browser
+- Failure ownership: no open failures recorded
+- Documentation release: README and CLAUDE unchanged for this scoped example
+- PR body accuracy: regenerate the PR body from this brief, current report-card, and current diff
 ## Summary
 - removes a small but visible sharing friction in the beta flow
@@ -35,6 +54,7 @@
 ## Verification Evidence
 - `report-card.json` verdict: `pass`
+- Merged-result verification: not applicable before merge
 - Fresh evidence:
   - `npm test -- src/features/share/ShareDialog.test.tsx`
   - `npm run lint -- src/features/share/ShareDialog.tsx`

package/docs/examples/pdca-loop/changes/REQ-001-copy-invite-link/planning/design.md CHANGED Viewed

@@ -4,7 +4,7 @@
 - Requirement version: `REQ-001.v1`
 - Design version: `design.v1`
-- CC-Plan skill version: `3.5.6`
+- CC-Plan skill version: `3.7.0`
 - Requirement ID: `REQ-001`
 - Design mode: `tiny-design`
 - Why this stays `tiny-design`: the patch is limited to an existing dialog and test file, with no API or data model changes