cc-workspace 5.2.5 → 5.3.0

package/CHANGELOG.md

@@ -1,5 +1,54 @@
 # Changelog
 
+## [5.3.0] — 2026-03-11
+
+### Two-tier worktree model + patch extraction (no more micro-QA Haiku)
+
+Major workflow change: teammates now work in **isolated temporary worktrees** instead of
+directly in the session worktree. The team lead extracts a patch after each commit unit,
+applies it to the session worktree, and the user reviews uncommitted changes in their IDE.
+
+**Two worktree types:**
+- **Session worktree** (`/tmp/{repo}-{session-name}`): created once per session, persists
+  until session close. This is the reference branch where commits accumulate.
+- **Temporary worktree** (`/tmp/{repo}-commit-{N}`): created per commit unit from session
+  worktree HEAD. The teammate works here. Destroyed after patch extraction.
+
+**New 10-step cycle per commit unit:**
+1. Team lead creates temp worktree from session worktree HEAD
+2. Team lead dispatches teammate with temp worktree path
+3. Teammate codes, runs tests, signals "ready" (never commits)
+4. Team lead extracts diff: `git add -A && git diff --cached --binary HEAD`
+5. Team lead applies patch to session worktree: `git apply`
+6. Team lead removes temp worktree
+7. Team lead informs user: "review in your IDE"
+8. User validates (or requests corrections)
+9. Team lead commits in session worktree
+10. Next commit unit
+
+**Micro-QA Haiku removed:**
+- No more Haiku diff review step — the user reviews directly in their IDE
+- Haiku micro-QA subagent template deleted from spawn-templates.md
+- Micro-QA row removed from model-routing.md routing table
+- Phase 3 and 4 merged into a single Phase 3 (Dispatch + Patch + Review + Commit)
+- Phase 5 (post-impl) renumbered to Phase 4
+
+**Files changed:**
+- `agents/team-lead.md` — rules 4, 5, 8 rewritten; workflow table updated; commit tracking without "qa" field; "What you CAN write" updated for patch commands
+- `agents/implementer.md` — description updated for temp worktree; startup simplified (no more leftover changes check)
+- `agents/reviewer.md` — Phase 5 → Phase 4 reference
+- `agents/security-auditor.md` — Phase 5 → Phase 4 references
+- `dispatch-feature/SKILL.md` — Phase 3 rewritten (10-step cycle); Phase 4 removed (merged into Phase 3); Phase 5 renumbered to Phase 4; session recovery adapted; mode descriptions updated
+- `dispatch-feature/references/spawn-templates.md` — all templates use temp_worktree_path; Haiku micro-QA template deleted; failure handling updated
+- `dispatch-feature/references/anti-patterns.md` — micro-QA references replaced; new anti-pattern 19 (never let teammate work in session worktree); new common mistakes rows
+- `dispatch-feature/references/rollback-protocol.md` — split into "before patch apply" and "after patch apply" failure cases
+- `rules/model-routing.md` — Haiku micro-QA row removed; Gather→Reason pattern updated
+- `hooks/orphan-cleanup.sh` — added `/tmp/*-commit-*` pattern for temp worktree cleanup
+- `hooks/user-prompt-guard.sh` — micro-QA → patch extraction in role reminder
+- `hooks/permission-auto-approve.sh` — micro-QA comments updated
+- `metrics/SKILL.md` — micro-QA first-pass rate → patch-apply first-pass rate
+- `cycle-retrospective/SKILL.md` — Phase 5 → Phase 4
+
 ## [5.2.5] — 2026-03-11
 
 ### Fix: team-lead can now spawn teammates

package/README.md

@@ -230,9 +230,9 @@ parallel in each repo via Agent Teams.
 
 | Role | Model | What it does |
 |------|-------|-------------|
-| **Orchestrator** | Opus 4.6 | Clarifies, plans, manages git, delegates, micro-QA between commits. Writes in orchestrator/ only. |
+| **Orchestrator** | Opus 4.6 | Clarifies, plans, manages git, delegates, extracts patches. Writes in orchestrator/ only. |
 | **Init** | Sonnet 4.6 | Diagnostic + interactive workspace configuration. Run once. |
-| **Teammates** | Sonnet 4.6 | Implement in an isolated worktree. One per commit unit, writes code without committing, signals when ready for review. |
+| **Teammates** | Sonnet 4.6 | Implement in an isolated temp worktree. One per commit unit, writes code without committing, signals when ready. Team lead extracts patch. |
 | **Data extractors** | Haiku | Read-only. Collect raw data (types, configs, logs). Never judge or conclude. |
 | **QA** | Opus 4.6 | Hostile mode. Spawns Sonnet investigators. Min 3 problems found per service. |
 | **Reviewer** | Opus 4.6 | Evidence-based code review. Scope check + architecture + constitution compliance. |
@@ -254,10 +254,12 @@ parallel in each repo via Agent Teams.
 CLARIFY  -> ask max 5 questions if ambiguity
 PLAN     -> write the plan in ./plans/, wait for approval
 SESSION  -> create session branches + worktrees in impacted repos (Phase 2.5)
-SPAWN    -> Wave 1: API/data (one teammate per commit unit, user reviews between)
-           Wave 2: frontend with validated API contract
-           Wave 3: infra/config if applicable
-MICRO-QA -> Bash tests + Haiku diff after EVERY commit unit, user review, team lead commits
+DISPATCH -> For each commit unit:
+            1. Create temp worktree from session worktree HEAD
+            2. Teammate implements in temp worktree (never commits)
+            3. Team lead extracts patch, applies to session worktree
+            4. User reviews in IDE, team lead commits after approval
+           Waves: API/data → frontend → infra/config
 VERIFY   -> cross-service-check + qa-ruthless + reviewer + (security-auditor)
 MERGE    -> merge-prep (PRs, conflict detection)
 RETRO    -> cycle-retrospective (mandatory)
@@ -280,7 +282,7 @@ Protection layers:
 
 | Skill | Role | Trigger |
 |-------|------|---------|
-| **dispatch-feature** | 4 modes: Clarify -> Plan -> Git -> Delegate -> Micro-QA -> Track | "Implement X", "new feature" |
+| **dispatch-feature** | 4 modes: Clarify -> Plan -> Git -> Delegate -> Patch -> Review -> Track | "Implement X", "new feature" |
 | **qa-ruthless** | Hostile QA + UX audit (Opus) | "QA", "review", "test" |
 | **cross-service-check** | Inter-repo consistency | "cross-service", "pre-merge" |
 | **incident-debug** | Multi-layer diagnostic | "Bug", "500", "not working" |
@@ -564,7 +566,7 @@ With `--chrome`, the agent:
 |---|---------|--------|
 | 1 | **Agent tool for team-lead** | Fixed missing `Agent` tool in team-lead's tool list — the team-lead can now spawn implementer teammates via `Agent(subagent_type: "implementer", team_name: ...)`. |
 | 2 | **One teammate per commit unit** | Shift from one teammate per repo (handling all commits) to one implementer per commit unit. Eliminates the unreliable "signal and wait" pattern — each implementer handles exactly one unit then stops. |
-| 3 | **User reviews before commit** | Implementers write code without committing. After micro-QA, the team lead presents changes to the user for review. The team lead commits only after user approval. |
+| 3 | **User reviews before commit** | Implementers write code in temp worktrees without committing. Team lead extracts patch, applies to session worktree. User reviews in IDE. Team lead commits after approval. _(v5.3.0: micro-QA Haiku removed, replaced by patch extraction + user IDE review)_ |
 | 4 | **PreToolUse hook blocks git add/commit** | Implementer frontmatter now includes a Bash hook that physically blocks `git add` and `git commit`. Even if the model ignores instructions, commits are prevented. |
 | 5 | **Team lead commits** | The team lead (not the implementer) runs `git add` + `git commit` in the worktree after user approval. Commit tracking includes `user_committed` and `files_modified` fields. |
 | 6 | **Sequential with user gate** | Intra-repo commit units are strictly sequential with a user review gate between each. Cross-repo parallelism is preserved. |
@@ -578,9 +580,9 @@ With `--chrome`, the agent:
 | 1 | **Skills & rules now LOCAL** | Installed in `orchestrator/.claude/skills/` and `rules/` instead of `~/.claude/`. Only agents remain global. Claude behaves normally outside orchestrator/. |
 | 2 | **Automatic legacy cleanup** | `update --force` removes old global skills/rules from `~/.claude/` (from versions < 5.2). |
 | 3 | **Reviewer agent (Opus)** | Evidence-based code review: scope check (plan vs implemented), architecture assessment, constitution compliance. Anchored on constitution + CLAUDE.md + plan, never on legacy code. |
-| 4 | **Security auditor agent (Opus)** | 7-phase audit: auth flow tracing, tenant isolation, secrets scan, dependency CVEs, input validation, headers/CORS, session-scoped delta analysis. Conditional in Phase 5. |
+| 4 | **Security auditor agent (Opus)** | 7-phase audit: auth flow tracing, tenant isolation, secrets scan, dependency CVEs, input validation, headers/CORS, session-scoped delta analysis. Conditional in Phase 4 (post-impl). |
 | 5 | **qa-ruthless explicit Opus** | Added `model: opus` in frontmatter. Previously inherited from caller context. |
-| 6 | **Phase 5 expanded** | Now: cross-service → qa-ruthless → reviewer → (security-auditor) → merge-prep → cycle-retrospective. |
+| 6 | **Post-impl phase expanded** | Now: cross-service → qa-ruthless → reviewer → (security-auditor) → merge-prep → cycle-retrospective. _(v5.3.0: renumbered from Phase 5 to Phase 4)_ |
 
 ---
 
@@ -592,7 +594,7 @@ With `--chrome`, the agent:
 | 2 | **Secure `permission-auto-approve.sh`** | Compound commands rejected before pattern matching. |
 | 3 | **Robust `detectProjectType`** | JSON.parse + dependency lookup instead of string.includes(). |
 | 4 | **Split orphan cleanup** | Extracted into separate `orphan-cleanup.sh` hook. |
-| 5 | **JSON format for micro-QA** | Haiku returns structured `{"status":"OK"}` instead of free text. |
+| 5 | **JSON format for micro-QA** | Haiku returns structured `{"status":"OK"}` instead of free text. _(v5.3.0: micro-QA Haiku removed entirely)_ |
 | 6 | **Chrome MCP check in doctor** | Verifies Chrome DevTools MCP configuration. |
 | 7 | **Hook unit tests** | `test_hooks.sh` with ~30 assertions. CLI unit tests with ~50 assertions. |
 
@@ -602,9 +604,9 @@ With `--chrome`, the agent:
 
 | # | Feature | Detail |
 |---|---------|--------|
-| 1 | **Opus has Bash** | `disallowedTools: Bash` removed from team-lead. Opus manages git (branches, worktrees) and micro-QA directly. |
-| 2 | **One teammate per repo** | Shift from one subagent per commit unit to one teammate per repo. Sequential commits with signal+wait protocol. _(v5.2.3: changed to one teammate per commit unit with user review gate)_ |
-| 3 | **Micro-QA between every commit** | Bash tests + Haiku diff review after each commit. _(v5.2.3: user reviews before team lead commits)_ |
+| 1 | **Opus has Bash** | `disallowedTools: Bash` removed from team-lead. Opus manages git (branches, worktrees) and patch extraction directly. |
+| 2 | **One teammate per repo** | Shift from one subagent per commit unit to one teammate per repo. Sequential commits with signal+wait protocol. _(v5.2.3: one per commit unit; v5.3.0: temp worktrees + patch extraction)_ |
+| 3 | **Micro-QA between every commit** | Bash tests + Haiku diff review after each commit. _(v5.3.0: removed entirely — replaced by patch extraction + user IDE review)_ |
 | 4 | **Worktrees after plan validation** | Branches and worktrees created by Opus only after user approves the plan. |
 | 5 | **Worktrees persist** | `/tmp/` worktrees live until `session close`. No pruning during active sessions. |
 | 6 | **cycle-retrospective mandatory** | Required Phase 5 step, not optional. |

package/global-skills/agents/e2e-validator.md

@@ -1,6 +1,6 @@
 ---
 name: e2e-validator
-prompt_version: 5.2.2
+prompt_version: 5.3.0
 description: >
   E2E validation agent for completed plans. On first boot, sets up the E2E
   environment (docker-compose, test config). On subsequent boots, validates

package/global-skills/agents/implementer.md

@@ -1,11 +1,11 @@
 ---
 name: implementer
-prompt_version: 5.2.3
+prompt_version: 5.3.0
 description: >
-  Implementation teammate for a single commit unit. Receives a ready worktree
-  from the orchestrator and ONE commit unit to implement. Writes code without
-  committing, signals when code is ready for review. No git setup, no git
-  add, no git commit. The team lead commits after user review.
+  Implementation teammate for a single commit unit. Receives a temporary
+  worktree from the orchestrator for a single commit unit. Writes code
+  without committing, signals when code is ready for review. No git setup,
+  no git add, no git commit. The team lead extracts the patch after signal.
 model: sonnet
 tools: Read, Write, Edit, MultiEdit, Bash, Glob, Grep, SendMessage
 memory: project
@@ -56,15 +56,15 @@ You are a focused implementer for one commit unit. You write code and run tests
 commit unit, then signal that the code is ready for review.
 The orchestrator and user will review your work and commit it.
 
-## Startup — go directly to your worktree
+## Startup — go directly to your temporary worktree
 
 The orchestrator provides:
-- `worktree_path`: the /tmp/ path of your ready worktree
-- `session_branch`: the branch already checked out in that worktree
+- `worktree_path`: the /tmp/ path of your isolated temporary worktree (created fresh for this commit unit)
+- `session_branch`: the branch checked out (with all previous commits)
 - Your single commit unit to implement
 
 ```bash
-# 1. Go to your worktree — it's ready
+# 1. Go to your worktree — it's ready and clean
 cd {worktree_path}
 
 # 2. Verify you're on the right branch
@@ -72,11 +72,6 @@ git branch --show-current  # must show session/{name}
 
 # 3. Check what's already on the branch (from previous commits)
 git log --oneline -5
-
-# 4. Check for existing uncommitted changes
-git status --short
-# Uncommitted changes may exist from a previous unit — this is normal in this workflow.
-# Assess: if they look like work from a previous unit, leave them. If junk, ask orchestrator.
 ```
 
 **macOS note**: /tmp is a symlink to /private/tmp. Both paths are valid.

package/global-skills/agents/reviewer.md

@@ -1,13 +1,13 @@
 ---
 name: reviewer
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
   Senior code reviewer agent. Reads the full diff of a session branch
   (or any branch/PR) and produces evidence-based review comments.
   Judges implementation choices against constitution + CLAUDE.md + plan,
   NOT against existing legacy code. Detects scope drift (plan vs implemented).
   Standalone: claude --agent reviewer
-  Also recommended in dispatch-feature Phase 5 after qa-ruthless.
+  Also recommended in dispatch-feature Phase 4 (post-impl) after qa-ruthless.
 model: opus
 tools: Read, Bash, Glob, Grep, Task(Explore)
 memory: project

package/global-skills/agents/security-auditor.md

@@ -1,6 +1,6 @@
 ---
 name: security-auditor
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
   Security audit agent for multi-service workspaces. Traces auth flows
   end-to-end, audits tenant isolation, scans for secrets and exposed
@@ -8,7 +8,7 @@ description: >
   and reviews input validation. Produces a structured security report
   with severity ratings.
   Standalone: claude --agent security-auditor
-  Also invocable by team-lead in Phase 5 for security-sensitive plans,
+  Also invocable by team-lead in Phase 4 (post-impl) for security-sensitive plans,
   or on-demand when user says "security", "audit", "pentest", "vulns",
   "tenant leak", "auth check", "secrets scan", "OWASP".
 model: opus
@@ -324,7 +324,7 @@ Write to `./plans/{plan-name}.md` (append) if session-scoped, or `./plans/securi
 
 ## Invocation by team-lead
 
-The team-lead can invoke this agent in Phase 5 when the plan involves:
+The team-lead can invoke this agent in Phase 4 (post-impl) when the plan involves:
 - Auth changes (new endpoints, middleware modifications, token handling)
 - New models with tenant data
 - File upload features

package/global-skills/agents/team-lead.md

@@ -1,13 +1,13 @@
 ---
 name: team-lead
-prompt_version: 5.2.5
+prompt_version: 5.3.0
 description: >
   Main orchestrator for multi-service workspaces. Clarifies specs,
   plans in markdown, manages git (branches, worktrees) directly,
-  delegates implementation to one teammate per commit unit, tracks progress
-  via micro-QA, presents code for user review, commits after approval.
-  Never codes in repos — can write in orchestrator/ and run git commands.
-  Triggered via claude --agent team-lead.
+  delegates implementation to one teammate per commit unit in temp worktrees,
+  extracts patches, applies to session worktree, user reviews in IDE,
+  commits after approval. Never codes in repos — can write in orchestrator/
+  and run git commands. Triggered via claude --agent team-lead.
 model: opus
 tools: Read, Write, Edit, Bash, Glob, Grep, Task(Explore), Agent, TeamCreate, TeamDelete, SendMessage
 memory: project
@@ -40,12 +40,12 @@ hooks:
 
 1. **NEVER write code in repos** — delegate ALL repo code work to teammates
 2. **ONE teammate per COMMIT UNIT** — one implementer per commit unit, sequentially within each repo
-3. **Opus manages ALL git** — branches, worktrees, verification. Teammates receive a ready worktree path
-4. **Micro-QA after EVERY commit unit, then ask user to review** — Bash tests + Haiku diff review, then present to user for approval before committing
-5. **Worktrees live until session close** — never prune active session worktrees
+3. **Opus manages ALL git** — branches, worktrees, verification. Teammates receive a temp worktree path
+4. **Patch workflow after EVERY commit unit** — extract diff from temp worktree, apply to session worktree, destroy temp worktree, inform user to review in IDE, commit after approval
+5. **Two worktree types** — session worktree persists until session close, temp worktrees are created per commit unit and destroyed after patch extraction
 6. **Full constitution in EVERY spawn prompt** — teammates don't receive it automatically
 7. **UX standards for frontend teammates** — inject frontend-ux-standards.md content
-8. **Sequential within a service** — commit N+1 only after commit N is micro-QA validated AND user has committed. Cross-service parallelism OK
+8. **Sequential within a service** — commit N+1 only after commit N patch is applied, user has reviewed in IDE, AND team lead has committed. Cross-service parallelism OK
 9. **git branch, NEVER git checkout -b** in repos — checkout disrupts parallel sessions
 10. **Teammates must run tests before signaling** — a "code ready" signal without test results is rejected. Re-spawn for retest
 11. **Max 2 re-dispatches** per commit unit — then escalate to user, never loop
@@ -116,11 +116,11 @@ Store the effective source branch in session.json under source_branch_override i
 ```
 
 ### Commit tracking
-Update after each micro-QA + user review:
+Update after each patch apply + user review:
 ```json
 "commits": {
-  "1": { "status": "✅", "hash": "abc123", "files_modified": ["src/foo.ts", "src/bar.ts"], "user_committed": true, "qa": "OK" },
-  "2": { "status": "⏳", "hash": null, "files_modified": null, "user_committed": false, "qa": null }
+  "1": { "status": "✅", "hash": "abc123", "files_modified": ["src/foo.ts", "src/bar.ts"], "user_committed": true },
+  "2": { "status": "⏳", "hash": null, "files_modified": null, "user_committed": false }
 }
 ```
 
@@ -136,9 +136,8 @@ This table is your quick reference — **defer to the skill for specifics**.
 | 2 — Plan | Write ./plans/{name}.md from _TEMPLATE.md | Wait for user validation |
 | 2.5 — Git setup | `git branch` + `git worktree add` via Bash | Only after plan validation |
 | 2.9 — Pre-dispatch | Verify branches + worktrees exist and are clean | Auto-fix simple cases |
-| 3 — Dispatch | ONE teammate per COMMIT UNIT — user reviews between units, team lead commits after approval | See @dispatch-feature/references/spawn-templates.md |
-| 4 — Micro-QA | Verify changes + tests + present to user for review. Team lead commits after user approval | See @dispatch-feature/SKILL.md Phase 4 |
-| 5 — Post-impl | cross-service → qa-ruthless → reviewer → (security-auditor if needed) → merge-prep → retro | All mandatory except security-auditor |
+| 3 — Dispatch + Patch + Review + Commit | ONE teammate per commit unit in temp worktree, extract patch, apply to session worktree, user reviews in IDE, team lead commits | See @dispatch-feature/SKILL.md Phase 3 |
+| 4 — Post-impl | cross-service → qa-ruthless → reviewer → (security-auditor if needed) → merge-prep → retro | All mandatory except security-auditor |
 
 ## Rollback & failure handling
 
@@ -153,8 +152,10 @@ Quick reference:
 ## What you CAN write / execute
 - Plans, sessions, workspace.md, constitution.md — anything in orchestrator/
 - Git commands on sibling repos (branch, worktree, log — never checkout on main trees)
-- Test/typecheck commands in /tmp/ worktrees for micro-QA
-- `git add` + `git commit` in /tmp/ worktrees AFTER user has approved the changes
+- `git worktree add` / `git worktree remove` for temp worktrees
+- `git add -A` + `git diff --cached --binary HEAD` in temp worktrees for patch extraction
+- `git apply` in session worktrees to apply patches
+- `git add` + `git commit` in session worktrees AFTER user has approved the changes
 
 ## Memory hygiene
 

package/global-skills/agents/workspace-init.md

@@ -1,6 +1,6 @@
 ---
 name: workspace-init
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
   Initialization and diagnostic agent for the orchestrator workspace.
   Checks structure, hooks, settings, sibling repos.

package/global-skills/bootstrap-repo/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: bootstrap-repo
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
   Generate a high-quality CLAUDE.md for a repository that doesn't have one.
   Scans the repo to detect stack, patterns, conventions, tests, architecture.

package/global-skills/cleanup/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: cleanup
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
   Clean orphan worktrees, stale sessions, and temporary files left by
   crashed implementers. Session-aware: never removes worktrees belonging

package/global-skills/cross-service-check/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: cross-service-check
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
   Validate technical consistency BETWEEN services. Does not review code
   quality (that's qa-ruthless). Checks: API contracts match frontend types,

package/global-skills/cycle-retrospective/SKILL.md

@@ -1,8 +1,8 @@
 ---
 name: cycle-retrospective
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
-  MANDATORY post-cycle learning and knowledge capture. Always runs as Phase 5
+  MANDATORY post-cycle learning and knowledge capture. Always runs as Phase 4 (post-impl)
   of dispatch-feature after qa-ruthless and merge-prep. Analyzes QA findings, teammate
   session logs, and implementation patterns to improve repo CLAUDE.md files,
   service profiles, and project constitution.

package/global-skills/dispatch-feature/SKILL.md

@@ -1,16 +1,17 @@
 ---
 name: dispatch-feature
-prompt_version: 5.2.3
+prompt_version: 5.3.0
 description: >
   Orchestrate multi-service feature implementation. Clarifies ambiguities,
   explores repos directly (no upfront Haiku scan), writes a persistent
-  markdown plan, sets up git branches and worktrees after plan validation,
-  spawns one teammate per commit unit with full context, runs micro-QA on
-  uncommitted changes, presents to user for review, then team lead commits
-  after approval. Runs cross-service-check, qa-ruthless, reviewer,
-  security-auditor (when needed), merge-prep, and cycle-retrospective.
-  Use whenever the user describes a feature, says "implement", "new feature",
-  "dispatch", "start dev", "launch teammates", or provides a spec.
+  markdown plan, sets up git branches and session worktrees after plan
+  validation, spawns one teammate per commit unit in a temp worktree,
+  extracts patches, applies to session worktree, user reviews in IDE,
+  team lead commits after approval. Runs cross-service-check, qa-ruthless,
+  reviewer, security-auditor (when needed), merge-prep, and
+  cycle-retrospective. Use whenever the user describes a feature, says
+  "implement", "new feature", "dispatch", "start dev", "launch teammates",
+  or provides a spec.
 argument-hint: "[feature description]"
 context: fork
 allowed-tools: Read, Write, Bash, Glob, Grep, Task, TeamCreate, TeamDelete, SendMessage
@@ -27,7 +28,7 @@ Before any phase, check which mode was selected:
 
 | Mode | Behavior |
 |------|----------|
-| **A — Full** | All phases 0-5 (default) |
+| **A — Full** | All phases 0-4 (default) |
 | **B — Quick plan** | Skip Phase 0 (Clarify). Start at Phase 1 exploration with specs as-is. |
 | **C — Go direct** | Skip Phases 0-2. Dispatch immediately from user specs. |
 | **D — Single-service** | Phases 0-2, then spawn ONE teammate. No waves. |
@@ -40,16 +41,16 @@ User provides clear specs upfront (e.g. a Jira ticket, a detailed description).
 1. Skip Phase 0 entirely — do NOT ask clarification questions
 2. Run Phase 1 (targeted exploration) scoped to the user's specs
 3. Run Phase 2 (plan) — write the plan from specs + exploration
-4. Phases 2.5–5 proceed normally (git setup, dispatch, micro-QA, post-impl)
+4. Phases 2.5–4 proceed normally (git setup, dispatch + patch + review, post-impl)
 5. If ambiguities emerge during exploration, ask then (max 3 focused questions)
 
 ### Mode C — Go direct details
 
 For hotfixes, quick patches, or when the user provides exact instructions.
 1. Skip Phases 0–2 — no clarification, no exploration, no written plan
-2. Run Phase 2.5 (git setup) — still create session branch + worktree
+2. Run Phase 2.5 (git setup) — still create session branch + session worktree
 3. Spawn ONE teammate per impacted repo with the user's specs as-is
-4. Micro-QA still runs after each commit (Phase 4 is NOT skipped)
+4. Patch extraction + user IDE review still runs after each commit unit
 5. Post-impl: skip cross-service-check, run qa-ruthless (scoped), merge-prep, retro
 6. Write a minimal plan retroactively after dispatch for traceability
 
@@ -154,13 +155,16 @@ Opus runs git directly via Bash. No subagents for git setup.
 
 For each impacted repo:
 1. `git -C ../{repo} branch session/{name} {source_branch}` — **git branch**, never checkout -b
-2. `git worktree add /tmp/{repo}-{session-name} session/{name}` — persists until session close
+2. `git worktree add /tmp/{repo}-{session-name} session/{name}` — session worktree, persists until session close
 3. Verify worktree appears in `git worktree list`
 
 Write `.sessions/{name}.json` with session metadata (name, created, status, per-repo: path, worktree_path, source_branch, session_branch, commits map).
 
 PR target at session close = effective source branch.
 
+Temp worktrees for each commit unit are created in Phase 3 (not here).
+They use path `/tmp/{repo}-commit-{N}` and are destroyed after patch extraction.
+
 
 ## Phase 2.9: Pre-dispatch check (before spawning any teammate)
 
@@ -176,33 +180,54 @@ Verify via Bash for each repo. Abort and fix before proceeding:
 
 Only proceed to Phase 3 once all checks pass.
 
-## Phase 3: Dispatch — one teammate per COMMIT UNIT
+## Phase 3: Dispatch + Patch + Review + Commit
 
 **ONE teammate per commit unit.** Use `TeamCreate` to create a team for the session, then
 spawn one implementer per commit unit via `Agent(subagent_type: "implementer", team_name: ...)`.
-Each implementer receives ONLY its commit unit's tasks + a summary of previous units.
-The implementer writes code without committing, signals when ready, then STOPS.
-
-After the implementer signals "code ready":
-1. Run micro-QA (Phase 4)
-2. Present results to user for review (worktree path, diff, tests)
-3. Wait for user approval
-4. Team lead commits via Bash (git add + git commit in worktree)
-5. Verify commit, update session.json, proceed to next unit
+Each implementer works in an **isolated temp worktree**, writes code without committing,
+signals when ready, then STOPS. The team lead extracts a patch, applies it to the session
+worktree, and the user reviews the uncommitted changes in their IDE.
 
-### Teammate spawn — workflow
+### Cycle per commit unit (10 steps)
 
 ```
-1. TeamCreate(team_name: "session-{name}")
+1. TeamCreate(team_name: "session-{name}")  — once per session
 2. For each commit unit (sequentially within a repo):
-   a. Agent(subagent_type: "implementer", team_name: "session-{name}", prompt with ONE commit unit)
-   b. Wait for "code ready" signal
-   c. Run micro-QA (Phase 4 Steps 1-2)
-   d. Present to user for review (Phase 4 Step 3)
-   e. Wait for user approval
-   f. Team lead commits: git -C /tmp/{repo}-{session-name} add {files} && git commit -m "..."
-   g. Verify commit, update session.json
-   h. Proceed to next commit unit
+
+   a. Create temp worktree from session worktree HEAD:
+      git worktree add /tmp/{repo}-commit-{N} session/{name}
+
+   b. Dispatch teammate:
+      Agent(subagent_type: "implementer", team_name: "session-{name}",
+            prompt with worktree_path = /tmp/{repo}-commit-{N} and ONE commit unit)
+
+   c. Wait for "code ready" signal (must include test results)
+
+   d. Extract patch from temp worktree:
+      cd /tmp/{repo}-commit-{N}
+      git add -A
+      git diff --cached --binary HEAD > /tmp/patch-{N}.diff
+
+   e. Verify patch applies cleanly:
+      cd /tmp/{repo}-{session-name} && git apply --check /tmp/patch-{N}.diff
+      (if fails: try git apply --3way, else escalate to user)
+
+   f. Apply patch to session worktree:
+      cd /tmp/{repo}-{session-name} && git apply /tmp/patch-{N}.diff
+
+   g. Remove temp worktree:
+      git worktree remove --force /tmp/{repo}-commit-{N}
+      rm -f /tmp/patch-{N}.diff
+
+   h. Inform user:
+      "Commit {N} ready — review in your IDE: /tmp/{repo}-{session-name}"
+      WAIT for user approval.
+
+   i. After user approves, team lead commits:
+      cd /tmp/{repo}-{session-name} && git add {files} && git commit -m "type(scope): description"
+      Verify: git log --oneline -1
+
+   j. Update session.json, proceed to next commit unit
 ```
 
 ### Teammate spawn prompt — context tiering
@@ -210,7 +235,7 @@ After the implementer signals "code ready":
 See @references/spawn-templates.md for full templates.
 
 **Always inject (Tier 1):**
-1. `worktree_path`: /tmp/{repo}-{session-name}/ — ready, no git setup needed
+1. `worktree_path`: /tmp/{repo}-commit-{N}/ — temp worktree, ready, no git setup needed
 2. `session_branch`: session/{name}
 3. This commit unit's tasks ONLY + summary of what previous units implemented
 4. Constitution rules (all from constitution.md, translated to English)
@@ -238,106 +263,51 @@ See @references/spawn-templates.md for full templates.
 ### Wave execution
 
 1. Spawn wave 1 commit units (parallel across repos, sequential within each repo)
-2. For each commit unit: implementer writes → micro-QA → user review → team lead commits
+2. For each commit unit: implementer writes in temp worktree → patch extraction → apply to session worktree → user IDE review → team lead commits
 3. Wait for ALL wave 1 commit units to be user-committed
 4. Collect validated API contracts from wave 1 results
 5. Spawn wave 2 commit units with validated contracts
 6. Repeat for wave 3
 
-## Phase 4: Micro-QA + User review + Team lead commits
-
-After each implementer signals "code ready":
-
-### Step 1 — Bash verification (Opus direct)
-
-```bash
-# 1. Verify uncommitted changes exist
-git -C /tmp/{repo}-{session-name} status --short
-git -C /tmp/{repo}-{session-name} diff --stat
-
-# 2. Run scoped tests — adapt command to repo stack:
-#    PHP/Laravel:
-cd /tmp/{repo}-{session-name} && php artisan test --filter={CommitScope} 2>&1 | tail -30
-#    Vue/Node:
-cd /tmp/{repo}-{session-name} && npm run typecheck 2>&1 | tail -20
-#    Go:
-cd /tmp/{repo}-{session-name} && go test ./... 2>&1 | tail -20
-#    Python:
-cd /tmp/{repo}-{session-name} && pytest {scope_path} -v 2>&1 | tail -30
-
-# 3. Check for debug artifacts in uncommitted changes
-git -C /tmp/{repo}-{session-name} diff \
-  | grep -E "(console\.log|dd\(|var_dump|\.only\(|TODO|FIXME|debugger|dump\()" \
-  | head -20
-```
-
-### Step 2 — Haiku diff review (Task subagent, read-only)
-
-Use the Haiku micro-QA template from @references/spawn-templates.md (section "Haiku micro-QA subagent template").
-
-Spawn Task(Explore, model: haiku) with that template, injecting `git diff` output (uncommitted changes).
+### User review presentation
 
-**Do NOT rephrase or shorten the template** — copy it verbatim from the reference file.
-Haiku needs the exact structured prompt to return clean JSON.
-
-### Step 3 — User review, then team lead commits
-
-If Step 1 and Step 2 pass, present to the user:
+Present to the user after applying the patch:
 
 ```
 ## Commit unit {N}/{total} for {repo} — ready for review
 
-📂 Worktree: /tmp/{repo}-{session-name}
-📝 Files modified: {git diff --stat output}
-✅ Tests: {pass/fail summary}
-🔍 Micro-QA: {OK or issues}
+Worktree: /tmp/{repo}-{session-name}
+Files modified: {git diff --stat output}
+Tests: {pass/fail summary from teammate signal}
 
-You can review the code at the worktree path above.
-Approve to commit, or request changes.
+Changes are uncommitted in the session worktree above.
+Open it in your IDE to review, then approve or request corrections.
 ```
 
 **WAIT for user approval.**
 
-After user approves, the **team lead commits via Bash**:
-```bash
-git -C /tmp/{repo}-{session-name} add {files}
-git -C /tmp/{repo}-{session-name} commit -m "type(scope): description"
+If the user requests modifications:
+1. Discard changes in session worktree: `git -C /tmp/{repo}-{session-name} checkout -- . && git -C /tmp/{repo}-{session-name} clean -fd`
+2. Create a NEW temp worktree: `git worktree add /tmp/{repo}-commit-{N}-retry session/{name}`
+3. Re-spawn implementer with fix instructions in the new temp worktree
+4. Max 2 retries per commit unit, then escalate to user
 
-# Verify commit
-git -C /tmp/{repo}-{session-name} log --oneline -1
-```
+### Update after each commit unit
 
 Update session.json with the commit hash:
 ```json
 "commits": {
-  "N": { "status": "✅", "hash": "abc123", "files_modified": [...], "user_committed": true, "qa": "OK" }
+  "N": { "status": "✅", "hash": "abc123", "files_modified": [...], "user_committed": true }
 }
 ```
 
-If the user requests modifications → re-spawn implementer for the same commit unit with fix instructions.
-
-### Decision (Steps 1-2)
-
-| Bash | Haiku | Action |
-|------|-------|--------|
-| OK | OK | Present to user for review (Step 3). Team lead commits after approval |
-| FAIL | any | Opus analyzes failure, re-spawns implementer with fix instructions OR escalates |
-| OK | BLOCKER | Opus evaluates blocker severity, re-spawns with fix instructions or escalates |
-
-Retry limit: max 2 per commit unit → escalate to user, stop the wave.
-
-### Update after each commit unit
-
 ```bash
-# Update plan progress tracker
-# Mark commit N ✅ or ❌
-
-# Update session.json commits tracking
+# Update plan progress tracker — mark commit N ✅ or ❌
 # Add session log entry:
 # [HH:MM] {repo}-commit-{N}: {status}, {hash}, {N} files, tests {pass/fail}, user_committed: true
 ```
 
-## Phase 5: Post-implementation (all mandatory)
+## Phase 4: Post-implementation (all mandatory)
 
 1. **cross-service-check** — inter-repo consistency (API shapes, env vars, gateway routes)
 2. **qa-ruthless** — adversarial QA, min 3 findings per service
@@ -363,13 +333,16 @@ For targeted fixes or single-repo work:
 
 1. Read ./workspace.md for project context
 2. List ./plans/ for active plans
-3. Check ./.sessions/ for active session JSON — worktrees should still exist in /tmp/
+3. Check ./.sessions/ for active session JSON — session worktrees should still exist in /tmp/
 4. Read active plan — statuses and session log tell you where you are
-5. Verify worktrees still exist: git worktree list for each repo
-6. Check `user_committed` field in session.json to determine where to resume:
+5. Verify session worktrees still exist: `git worktree list` for each repo
+6. Check for orphaned temp worktrees (`/tmp/{repo}-commit-*`):
+   - If temp worktree has uncommitted changes → extract patch, apply to session worktree, present to user
+   - If temp worktree is clean → remove it (work was lost, re-dispatch)
+7. Check `user_committed` field in session.json to determine where to resume:
    - If last unit has `user_committed: true` → spawn next unit's implementer
-   - If last unit has `user_committed: false` or missing → check worktree for uncommitted changes, present to user for review
-7. Resume from the appropriate step (implementer spawn, micro-QA, or user review)
+   - If last unit has `user_committed: false` or missing → check session worktree for uncommitted changes (from a patch already applied), present to user for review
+8. Resume from the appropriate step (temp worktree creation, patch extraction, or user review)
 
 ## Anti-patterns
 

package/global-skills/dispatch-feature/references/anti-patterns.md

@@ -36,8 +36,7 @@ Reference file for dispatch-feature and team-lead. Loaded on-demand.
 13. **NEVER use git checkout -b in repos** — use git branch {name} {source} (no checkout).
     Checkout changes the working directory, which disrupts other sessions running in parallel.
 
-14. **NEVER skip micro-QA between commit units** — Bash tests + Haiku diff after every commit unit, before user review.
-    Waiting until the final QA is too late — issues compound across units.
+14. **NEVER skip patch extraction between commit units** — extract diff from temp worktree, apply to session worktree, user reviews in IDE before team lead commits. Skipping means user cannot review isolated changes.
 
 15. **NEVER prune worktrees during an active session** — worktrees persist until session close.
     The session-start-context.sh hook only cleans worktrees that are truly orphaned (no session JSON).
@@ -45,14 +44,15 @@ Reference file for dispatch-feature and team-lead. Loaded on-demand.
 16. **NEVER over-split commit units** — 10+ commit units per service is excessive.
     Sweet spot: 2-5 per repo. Each spawn has context loading overhead.
 
-17. **NEVER spawn the next commit unit before user has committed the previous** — micro-QA must pass,
-    user must review and approve, team lead must commit — only then spawn the next unit's implementer.
+17. **NEVER spawn the next commit unit before user has committed the previous** — patch must be applied,
+    user must review in IDE and approve, team lead must commit — only then spawn the next unit's implementer.
 
 18. **NEVER let implementer run git add or git commit** — the implementer writes code and runs tests.
     The team lead commits after user review. The PreToolUse hook blocks git add/commit as a safety net.
 
-19. **NEVER spawn the next commit unit before user has committed the previous** — each commit unit
-    requires: implementer writes code → micro-QA → user review → team lead commits → next unit.
+19. **NEVER let a teammate work in the session worktree** — teammates always work in isolated temp
+    worktrees (/tmp/{repo}-commit-{N}). The session worktree is the reference branch where commits
+    accumulate. Direct teammate access risks corruption of committed work.
 
 ## Common mistakes to watch for
 
@@ -64,9 +64,12 @@ Reference file for dispatch-feature and team-lead. Loaded on-demand.
 | API contract has {} placeholder | Frontend can't build types | Complete the contract shapes before wave 2 |
 | Two teammates spawned on same repo | Git conflicts guaranteed | Kill one, let the remaining handle all commits |
 | Implementer runs git add/commit | Code committed without user review | PreToolUse hook should block it; if bypassed, reset with git reset HEAD~1 and re-present for review |
-| Next unit spawned before user committed previous | Uncommitted changes from unit N conflict with unit N+1 | Wait for user approval + team lead commit before spawning next unit |
+| Next unit spawned before user committed previous | Patch from unit N+1 conflicts with uncommitted changes | Wait for user approval + team lead commit before spawning next unit |
+| Temp worktree not cleaned up | git worktree list shows stale entries | git worktree remove /tmp/{repo}-commit-{N} --force |
+| Patch apply fails | git apply --check returns error | Try --3way, or keep temp worktree for manual resolution |
+| New files missing from patch | Untracked files not in git diff | Always git add -A in temp worktree before extracting diff --cached HEAD |
 | No signal from teammate after implementation | Silent failure | Check worktree git status/diff, ask teammate to signal or escalate |
 | Worktree missing after crash | git worktree list shows nothing | Recreate worktree from session branch: git worktree add /tmp/... session/{name} |
 | Giant commit (500+ lines) | Unreadable PR | Note in session log; teammate should split next time |
 | Commit unit not self-contained | Teammate can't understand scope | Rewrite: each unit must be understandable with only previous context |
-| cycle-retrospective skipped | Lessons not captured | Always run Phase 5 fully — retrospective is mandatory |
+| cycle-retrospective skipped | Lessons not captured | Always run Phase 4 (post-impl) fully — retrospective is mandatory |

package/global-skills/dispatch-feature/references/rollback-protocol.md

@@ -20,18 +20,33 @@ If the branch is unrecoverable:
 3. Re-dispatch ALL commit units for this service from scratch
 4. Warn the user — this resets all progress on this service
 
-## Discarding uncommitted changes (failed commit unit)
+## Discarding changes (failed commit unit)
 
-If an implementer produces bad code that fails micro-QA and cannot be fixed:
+Two cases depending on when the failure occurs:
 
-1. Discard all uncommitted changes in the worktree:
+### Before patch apply (failure in temp worktree)
+
+If the teammate fails tests or produces bad code in the temp worktree:
+
+1. Remove the temp worktree: `git worktree remove --force /tmp/{repo}-commit-{N}`
+2. Mark the commit unit ❌ in the plan with reason
+3. Create a new temp worktree: `git worktree add /tmp/{repo}-commit-{N}-retry session/{name}`
+4. Re-spawn implementer with corrected instructions in the new temp worktree
+5. If 2 retries fail → escalate to user
+
+### After patch apply (user rejects changes in session worktree)
+
+If the patch was applied to the session worktree but the user rejects it:
+
+1. Discard all uncommitted changes in the session worktree:
    ```bash
    git -C /tmp/{repo}-{session-name} checkout -- .
-   git -C /tmp/{repo}-{session-name} clean -fd  # remove untracked files if needed
+   git -C /tmp/{repo}-{session-name} clean -fd  # remove untracked new files
    ```
 2. Mark the commit unit ❌ in the plan with reason
-3. Re-spawn implementer with corrected instructions
-4. If 2 retries fail → escalate to user
+3. Create a new temp worktree: `git worktree add /tmp/{repo}-commit-{N}-retry session/{name}`
+4. Re-spawn implementer with corrected instructions (include user feedback)
+5. If 2 retries fail → escalate to user
 
 ## Failed dispatch tracking
 

package/global-skills/dispatch-feature/references/spawn-templates.md

@@ -2,18 +2,19 @@
 
 Reference file for dispatch-feature and team-lead. Loaded on-demand.
 
-> v5.2.3 model: ONE teammate per COMMIT UNIT. The teammate writes code without
-> committing, then signals when code is ready for review. The team lead commits
-> after user approval. Teammates receive a ready worktree — NO git setup in
-> spawn prompts. Implementers do NOT receive the constitution automatically.
-> Every spawn template below includes a "Constitution" section that you MUST
-> fill with all rules from your workspace's constitution.md.
+> v5.3.0 model: ONE teammate per COMMIT UNIT in a temporary worktree. The teammate
+> writes code without committing, then signals when code is ready. The team lead
+> extracts a patch, applies it to the session worktree, and the user reviews in
+> their IDE. Teammates receive a temp worktree — NO git setup in spawn prompts.
+> Implementers do NOT receive the constitution automatically. Every spawn template
+> below includes a "Constitution" section that you MUST fill with all rules from
+> your workspace's constitution.md.
 
 ## Context tiering — what to inject per repo type
 
 | Context | Backend repo | Frontend repo | Infra repo |
 |---------|:-:|:-:|:-:|
-| worktree_path + session_branch | ALWAYS | ALWAYS | ALWAYS |
+| temp_worktree_path + session_branch | ALWAYS | ALWAYS | ALWAYS |
 | This commit unit's tasks ONLY + context summary | ALWAYS | ALWAYS | ALWAYS |
 | Constitution rules | ALWAYS | ALWAYS | ALWAYS |
 | Signal-when-ready instruction (no commit) | ALWAYS | ALWAYS | ALWAYS |
@@ -21,7 +22,7 @@ Reference file for dispatch-feature and team-lead. Loaded on-demand.
 | UX standards | Never | If UI commits | Never |
 
 > **No git instructions in spawn prompts.** The implementer agent knows it has
-> a ready worktree. Only provide the specific values: worktree_path, session_branch.
+> a ready worktree. Only provide: temp_worktree_path (the /tmp/{repo}-commit-{N} path), session_branch.
 
 ## Backend/API teammate spawn template
 
@@ -29,7 +30,7 @@ Reference file for dispatch-feature and team-lead. Loaded on-demand.
 You are the implementer teammate for [{repo}].
 
 ## Your workspace
-- Worktree (ready, go directly here): {worktree_path}
+- Temporary worktree (ready, isolated, go directly here): {temp_worktree_path}
 - Session branch: {session_branch}
 - Your worktree is already on the correct branch — no git setup needed.
 
@@ -58,9 +59,9 @@ Do NOT run git add or git commit. Leave all changes uncommitted.
 The team lead will commit after user review.
 
 ## Instructions
-1. Go directly to your worktree: cd {worktree_path}
+1. Go directly to your worktree: cd {temp_worktree_path}
 2. Read the repo CLAUDE.md — follow its conventions throughout
-3. Check git log to see what's already on the branch (if resuming)
+3. Check git log to see what previous commits already implemented
 4. Implement your commit unit — run tests and report results
 5. Do NOT run git add or git commit
 6. List dead code found
@@ -74,7 +75,7 @@ The team lead will commit after user review.
 You are the implementer teammate for [{repo}].
 
 ## Your workspace
-- Worktree (ready, go directly here): {worktree_path}
+- Temporary worktree (ready, isolated, go directly here): {temp_worktree_path}
 - Session branch: {session_branch}
 - Your worktree is already on the correct branch — no git setup needed.
 
@@ -105,9 +106,9 @@ Do NOT run git add or git commit. Leave all changes uncommitted.
 The team lead will commit after user review.
 
 ## Instructions
-1. Go directly to your worktree: cd {worktree_path}
+1. Go directly to your worktree: cd {temp_worktree_path}
 2. Read the repo CLAUDE.md — follow its conventions throughout
-3. Check git log to see what's already on the branch (if resuming)
+3. Check git log to see what previous commits already implemented
 4. Implement your commit unit
 5. For every UI component: implement all 4 states (skeleton, empty+CTA, error+retry, success)
 6. Run tests — report pass/fail in your signal
@@ -122,7 +123,7 @@ The team lead will commit after user review.
 You are the implementer teammate for [{repo}] (infrastructure/configuration).
 
 ## Your workspace
-- Worktree (ready, go directly here): {worktree_path}
+- Temporary worktree (ready, isolated, go directly here): {temp_worktree_path}
 - Session branch: {session_branch}
 - Your worktree is already on the correct branch — no git setup needed.
 
@@ -146,47 +147,23 @@ Do NOT run git add or git commit. Leave all changes uncommitted.
 The team lead will commit after user review.
 
 ## Instructions
-1. Go directly to your worktree: cd {worktree_path}
+1. Go directly to your worktree: cd {temp_worktree_path}
 2. Implement ONLY configuration changes — no application code
 3. Verify consistency with other services (env vars, routes, schemas)
 4. Do NOT run git add or git commit
 5. Escalate if you hit configuration decisions not covered by the plan
 ```
 
-## Haiku micro-QA subagent template
-
-Used by Opus in Phase 4 micro-QA on uncommitted changes (git diff, not git diff HEAD~1 HEAD).
-
-```
-Read the following git diff (uncommitted changes) and return ONLY a JSON object — no markdown, no preamble:
-
-If no issues found:
-{"status":"OK"}
-
-If a blocking issue found:
-{"status":"BLOCKER","file":"path/to/file","line":42,"reason":"specific reason"}
-
-Check for:
-1. API contract consistency — do returned/sent fields match the contract shapes provided?
-2. Unjustified TypeScript 'any' — any usage that loses type safety without clear reason
-3. Missing error handling — new public endpoints or functions without error handling
-4. Obvious logic errors — visible in the diff without running the code
-
-Return ONLY the JSON object. No text before or after it.
-
-Diff (uncommitted):
-{git diff output}
-```
-
 ## Failure handling
 
-When a teammate signals a failure or when Bash/Haiku micro-QA fails:
+When a teammate signals a failure or when patch extraction/apply fails:
 
 | Situation | Action |
 |-----------|--------|
-| Tests fail on commit unit N | Re-spawn implementer with fix instructions for the same commit unit |
-| Haiku BLOCKER on commit unit N | Opus evaluates — if fixable: re-spawn with instructions; if architectural: escalate to user |
+| Tests fail on commit unit N | Re-spawn implementer with fix instructions in a NEW temp worktree |
+| Patch apply fails | Try `git apply --3way`; if still fails, keep temp worktree, escalate to user |
 | Architectural decision not in plan | STOP the wave, escalate to user, resume after direction |
-| Teammate silent / no signal | Check worktree git status/diff, re-spawn or escalate |
+| Teammate silent / no signal | Check temp worktree git status/diff, re-spawn or escalate |
 | Max 2 retries on same commit | Mark ❌ ESCALATED, stop the wave, present to user |
+| User rejects changes | Discard in session worktree, create new temp worktree, re-dispatch with fix instructions |
 | Corrupted branch | Use rollback protocol (see team-lead agent / rollback-protocol.md) |

package/global-skills/doctor/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: doctor
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
   Full diagnostic of the orchestrator workspace installation. Checks global
   components (skills, rules, agents), local structure (hooks, settings,

package/global-skills/hooks/orphan-cleanup.sh

@@ -12,7 +12,7 @@ SESSIONS_DIR="$PROJECT_DIR/.sessions"
 ORPHAN_COUNT=0
 
 shopt -s nullglob
-for wt in /tmp/*-session-* /tmp/e2e-*; do
+for wt in /tmp/*-session-* /tmp/*-commit-* /tmp/e2e-*; do
     [ -d "$wt" ] || continue
 
     # Check if this worktree belongs to an active session

package/global-skills/hooks/permission-auto-approve.sh

@@ -26,7 +26,7 @@ if [ "$TOOL_NAME" = "Bash" ]; then
 
     # SECURITY: reject compound commands — never auto-approve chained operations
     # This prevents `git branch session/x && rm -rf /` style bypasses
-    # Exception: `cd /tmp/... && <safe-test-command>` is a legitimate micro-QA pattern
+    # Exception: `cd /tmp/... && <safe-test-command>` is a legitimate verification pattern
     if echo "$COMMAND" | grep -qE '(&&|\|\||[;|]|`|\$\()'; then
         # Allow: cd /tmp/{worktree} && {test-command}
         if echo "$COMMAND" | grep -qE '^\s*cd\s+(/private)?/tmp/[a-zA-Z][a-zA-Z0-9_-]+\s+&&\s+(npm run (typecheck|test|lint)|php artisan test|go test|pytest|npx vitest|npx jest|yarn test|pnpm test)\b'; then
@@ -56,7 +56,7 @@ if [ "$TOOL_NAME" = "Bash" ]; then
         exit 0
     fi
 
-    # Safe typecheck/test commands in /tmp/ worktrees (micro-QA)
+    # Safe typecheck/test commands in /tmp/ worktrees
     # Compound check above already rejected chained commands
     if echo "$COMMAND" | grep -qE '^\s*cd\s+(/private)?/tmp/[a-zA-Z]'; then
         echo "$ALLOW_JSON"

package/global-skills/hooks/user-prompt-guard.sh

@@ -1,8 +1,8 @@
 #!/usr/bin/env bash
 # user-prompt-guard.sh
 # UserPromptSubmit hook: conditionally reminds the orchestrator of its role.
-# v5.0: Updated to reflect that Opus can run git/bash on repos for orchestration
-#       purposes (branch creation, worktree management, micro-QA), but not code changes.
+# v5.3: Updated to reflect that Opus can run git/bash on repos for orchestration
+#       purposes (branch creation, worktree management, patch extraction), but not code changes.
 # Non-blocking (exit 0 + stdout = context injection).
 set -euo pipefail
 
@@ -13,7 +13,7 @@ PROMPT=$(echo "$INPUT" | jq -r '.prompt // empty' 2>/dev/null) || true
 
 # Only inject reminder if user prompt matches direct code-writing patterns
 if echo "$PROMPT" | grep -qiE '(modifie.*fichier|édite.*(api|front|light|spring|scraper|krakend|dashboard)|patch.*service|écris.*dans.*repo|write.*in.*repo|code.*dans.*repo)' 2>/dev/null; then
-    echo "Role reminder: Writing application code in sibling repos is for teammates. You can write in orchestrator/ (plans, workspace.md, constitution.md) and run git commands (branch, worktree, log) and test commands in /tmp/ worktrees for micro-QA. For repo application code changes: spawn a teammate."
+    echo "Role reminder: Writing application code in sibling repos is for teammates. You can write in orchestrator/ (plans, workspace.md, constitution.md) and run git commands (branch, worktree, log, diff, apply) in /tmp/ worktrees for patch extraction. For repo application code changes: spawn a teammate."
 fi
 
 exit 0

package/global-skills/incident-debug/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: incident-debug
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
   Debug incidents across a multi-service stack. Spawns parallel
   investigators per layer. Use when user reports a bug, says "erreur",

package/global-skills/merge-prep/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: merge-prep
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
   Prepare branches for merge after QA passes. Checks for conflicts between
   teammate branches, generates PR summaries, lists review points.

package/global-skills/metrics/SKILL.md

@@ -1,10 +1,10 @@
 ---
 name: metrics
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
   Quantitative analysis of orchestrator performance. Parses session logs,
   completed plans, and QA reports to produce KPIs: re-dispatch rate,
-  micro-QA first-pass rate, commits per session, QA findings distribution,
+  patch-apply first-pass rate, commits per session, QA findings distribution,
   escalation rate, and phase timing estimates.
   Use: /metrics, /metrics last-5, /metrics session-name.
   Helps justify model routing decisions and prompt improvements.

package/global-skills/plan-review/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: plan-review
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
   Quick sanity check on a plan before the user validates it. Verifies
   structural completeness: all tasks have a service, waves respect

package/global-skills/qa-ruthless/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: qa-ruthless
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
   Adversarial QA review after feature implementation. MUST find problems —
   a clean report is a failed review. Executes tests, hunts dead code,

package/global-skills/refresh-profiles/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: refresh-profiles
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
   Regenerate service-profiles.md by reading CLAUDE.md from all repos
   listed in workspace.md. Use when conventions changed, or user says

package/global-skills/rules/model-routing.md

@@ -8,7 +8,7 @@ globs: ["workspace.md", "plans/**", "constitution.md", "templates/**"]
 ## Golden rule
 The orchestrator NEVER writes application code in repos. It describes what teammates must do.
 Writing plans, workspace.md, constitution.md in orchestrator/ is expected and normal.
-Running git commands (branch, worktree, log) and test/typecheck in /tmp/ worktrees is expected (micro-QA).
+Running git commands (branch, worktree, log, diff, apply) and test/typecheck in /tmp/ worktrees is expected.
 If you write application code in a repo (not a markdown plan, not a git command, not a test run), you have failed — delegate.
 
 ## Security layers (3 layers in agent frontmatter)
@@ -26,7 +26,6 @@ If you write application code in a repo (not a markdown plan, not a git command,
 | Code reviewer | **Opus** | `claude --agent reviewer` (evidence-based review, architecture judgment) |
 | Security auditor | **Opus** | `claude --agent security-auditor` (auth flows, tenant isolation, secrets, CVEs) |
 | Plan review | **Sonnet** | `plan-review` skill (constitution compliance needs reasoning) |
-| Micro-QA diff review | **Haiku** | `Task(Explore, model: haiku)` — structured diff check only |
 | Data extractors (cross-check, debug, retro) | **Haiku** | `Task(Explore, model: haiku)` — raw data extraction only |
 
 ## Gather → Reason pattern
@@ -41,8 +40,7 @@ Skills that need both data collection and analysis use a two-phase approach:
    the raw data and performs all analysis: comparison, correlation, judgment, diagnosis,
    and report writing.
 
-This pattern applies to: `cross-service-check`, `incident-debug`, `cycle-retrospective`,
-and micro-QA diff review in dispatch-feature Phase 4.
+This pattern applies to: `cross-service-check`, `incident-debug`, `cycle-retrospective`.
 
 It does NOT apply to: `qa-ruthless` (QA investigators are Sonnet — they need to run tests
 and reason about code quality), `plan-review` (Sonnet — constitution compliance requires reasoning).

package/global-skills/session/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: session
-prompt_version: 5.2.1
+prompt_version: 5.3.0
 description: >
   Manage parallel feature sessions. List active sessions, show detailed status
   with commits per repo, or close a session (PRs + branch cleanup + worktree removal).

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cc-workspace",
-  "version": "5.2.5",
+  "version": "5.3.0",
   "description": "Claude Code multi-workspace orchestrator \u2014 skills, hooks, agents, and templates for multi-service projects",
   "bin": {
     "cc-workspace": "./bin/cli.js"