claude-dev-env 1.37.1 → 1.38.0

package/skills/pr-converge/scripts/README.md

@@ -1,172 +1,120 @@
-# pr-converge scripts
+# pr-converge MCP tool references
 
-Thin Python wrappers around the gh CLI calls the skill makes per tick. Centralizing them lets the skill body reference one script path per action and keeps the gh-paginate and gh-body-file rules enforced in one place.
+The GitHub MCP server exposes pull request operations through the tools listed below. Pagination is handled server-side; callers receive the complete result set in a single response.
 
-Scripts that target a specific repository are invoked as `python "${CLAUDE_SKILL_DIR}/scripts/<name>.py" --owner OWNER --repo REPO --number NUMBER ...`. `view_pr_context.py` relies on `gh`'s default repository context and takes no `--owner` / `--repo` / `--number` flags. Scripts return non-zero on subprocess failure and surface gh's stderr through `subprocess.CalledProcessError`.
+## MCP tools
 
-## Scripts
+### PR context: `pull_request_read(method="get")`
 
-### `view_pr_context.py`
+Read PR metadata:
 
-Returns the per-tick PR context as JSON.
+    pull_request_read(method="get", pullNumber=NUMBER, owner=OWNER, repo=REPO)
 
-```bash
-python "${CLAUDE_SKILL_DIR}/scripts/view_pr_context.py"
-```
+Fields: `.number`, `.url`, `.head.sha`, `.base.ref`, `.head.ref`, `.isDraft`.
 
-Output: `{"number", "url", "headRefOid", "baseRefName", "headRefName", "isDraft"}`. Wraps `gh pr view --json number,url,headRefOid,baseRefName,headRefName,isDraft`.
+### Bugbot reviews: `pull_request_read(method="get_reviews")`
 
-### `fetch_bugbot_reviews.py`
+Fetch all reviews and filter for `cursor[bot]`:
 
-Fetches every Cursor Bugbot review on the PR newest-first, classified per body content.
+    pull_request_read(method="get_reviews", pullNumber=NUMBER, owner=OWNER, repo=REPO)
 
-```bash
-python "${CLAUDE_SKILL_DIR}/scripts/fetch_bugbot_reviews.py" \
-  --owner <OWNER> --repo <REPO> --number <NUMBER>
-```
+Classification: clean if review body has no findings count; dirty if body matches "found N potential issue".
 
-Output: JSON array of `{review_id, commit_id, submitted_at, state, body, classification}` where `classification` is `"dirty"` (body matches `Cursor Bugbot has reviewed your changes and found <N> potential issue`) or `"clean"`. Uses `--paginate --slurp` and flattens pages in Python — required by `../../../rules/gh-paginate.md` because `gh --paginate --jq` runs the filter per-page (gh CLI issue 10459). Login filter is a case-insensitive substring match on `cursor` (handles login-shape divergence between review-level and inline-comment endpoints).
+### Bugbot inline comments: `pull_request_read(method="get_review_comments")`
 
-### `fetch_bugbot_inline_comments.py`
+Fetch all review comments and filter for `cursor[bot]`, matching `pull_request_review_id` to the newest Bugbot review on the target commit:
 
-Fetches unaddressed Cursor Bugbot inline comments for the **newest submitted Bugbot review** on the requested ``--commit`` SHA (matches ``pull_request_review_id`` to the review returned by ``fetch_bugbot_reviews.py`` so stale inline threads from an older Bugbot review on the same SHA are ignored).
+    pull_request_read(method="get_review_comments", pullNumber=NUMBER, owner=OWNER, repo=REPO)
 
-```bash
-python "${CLAUDE_SKILL_DIR}/scripts/fetch_bugbot_inline_comments.py" \
-  --owner <OWNER> --repo <REPO> --number <NUMBER> --commit <CURRENT_HEAD>
-```
+### PR head SHA: `pull_request_read(method="get")`
 
-Output: JSON array of `{comment_id, commit_id, path, line, body}`. Uses the same `--paginate --slurp` pattern as `fetch_bugbot_reviews.py`.
+Read the current HEAD SHA from the PR:
 
-### `resolve_pr_head.py`
+    pull_request_read(method="get", pullNumber=NUMBER, owner=OWNER, repo=REPO)
 
-Returns the current HEAD SHA of the PR. Wraps the single-object endpoint `repos/<owner>/<repo>/pulls/<number>` which is not paginated, so `gh`'s built-in `--jq .head.sha` is safe here (see "Single-object endpoints" in `../../../rules/gh-paginate.md`).
+Access `.head.sha` from the response.
 
-```bash
-python "${CLAUDE_SKILL_DIR}/scripts/resolve_pr_head.py" \
-  --owner <OWNER> --repo <REPO> --number <NUMBER>
-```
+### Trigger bugbot: `add_issue_comment`
 
-Output: the SHA on stdout, trailing newline.
+Post the bugbot re-trigger comment:
 
-### `trigger_bugbot.py`
+    add_issue_comment(owner="OWNER", repo="REPO", issueNumber=NUMBER, body="bugbot run")
 
-Posts the literal `bugbot run` re-trigger comment via `gh pr comment --body-file` (per `../../../rules/gh-body-file.md` — passing the body inline can corrupt backticks). Writes and removes the temp body file internally.
+`bugbot run` is the only recognized re-trigger phrase; alternative phrasings silently no-op.
 
-```bash
-python "${CLAUDE_SKILL_DIR}/scripts/trigger_bugbot.py" \
-  --owner <OWNER> --repo <REPO> --number <NUMBER>
-```
+### Mark PR ready: `update_pull_request(draft=false)`
 
-Output: the comment URL from gh on stdout.
+Mark a draft PR as ready for review:
 
-### `mark_pr_ready.py`
+    update_pull_request(pullNumber=NUMBER, owner=OWNER, repo=REPO, draft=false)
 
-Marks a draft PR as ready for review. Convergence action invoked when both bugbot and bugteam are clean against the same HEAD.
+### Reply to inline comment: `add_reply_to_pull_request_comment`
 
-```bash
-python "${CLAUDE_SKILL_DIR}/scripts/mark_pr_ready.py" \
-  --owner <OWNER> --repo <REPO> --number <NUMBER>
-```
+Reply to an inline review comment thread:
 
-### `reply_to_inline_comment.py`
+    add_reply_to_pull_request_comment(
+      commentId=COMMENT_ID,
+      body=REPLY_BODY,
+      owner=OWNER,
+      repo=REPO,
+      pullNumber=NUMBER
+    )
 
-Posts an inline reply to a PR review comment. Reply body is sourced from a caller-supplied file via `gh api ... -F body=@<path>` (per `../../../rules/gh-body-file.md`).
+### Mergeability: `pull_request_read(method="get")`
 
-```bash
-python "${CLAUDE_SKILL_DIR}/scripts/reply_to_inline_comment.py" \
-  --owner <OWNER> --repo <REPO> --number <NUMBER> \
-  --comment-id <COMMENT_ID> --body-file <PATH_TO_REPLY_MD>
-```
+Read mergeability fields from the PR:
 
-Output: the new reply id from gh's JSON response, on stdout.
+    pull_request_read(method="get", pullNumber=NUMBER, owner=OWNER, repo=REPO)
 
-### `check_pr_mergeability.py`
+Fields: `.mergeable`, `.mergeable_state`, `.head.sha`.
 
-Returns the mergeability state of the current PR as JSON. Wraps `gh pr view --json mergeable,mergeStateStatus,headRefOid` (single-object endpoint — no pagination needed). Used by the convergence gate to detect base-branch conflicts (`mergeStateStatus == "DIRTY"` / `mergeable == "CONFLICTING"`) before flipping the PR ready.
+### Copilot reviews: `pull_request_read(method="get_reviews")`
 
-```bash
-python "${CLAUDE_SKILL_DIR}/scripts/check_pr_mergeability.py" \
---owner <OWNER> --repo <REPO> --number <NUMBER>
-```
+Fetch all reviews and filter for `copilot-pull-request-reviewer[bot]`:
 
-Output: `{"mergeable", "mergeStateStatus", "headRefOid"}`.
+    pull_request_read(method="get_reviews", pullNumber=NUMBER, owner=OWNER, repo=REPO)
 
-### `fetch_copilot_reviews.py`
+Classification: `APPROVED` → clean, `CHANGES_REQUESTED` → dirty, `COMMENTED` with non-empty body → dirty.
 
-Fetches every Copilot reviewer (`copilot-pull-request-reviewer[bot]`) review on the PR newest-first, classified per the review's `state` field.
+### Copilot inline comments: `pull_request_read(method="get_review_comments")`
 
-```bash
-python "${CLAUDE_SKILL_DIR}/scripts/fetch_copilot_reviews.py" \
-  --owner <OWNER> --repo <REPO> --number <NUMBER>
-```
+Fetch all review comments and filter for `copilot-pull-request-reviewer[bot]`, matching `pull_request_review_id` to the newest Copilot review on the target commit:
 
-Output: JSON array of `{review_id, commit_id, submitted_at, state, body, classification}` where `classification` is `"clean"` for `state == "APPROVED"`, `"dirty"` for `state == "CHANGES_REQUESTED"`, and `"dirty"` for `state == "COMMENTED"` with a non-empty body. Uses `--paginate --slurp` and flattens pages in Python — required by `../../../rules/gh-paginate.md`. Login filter is a case-insensitive substring match on `copilot` (handles the divergence where Copilot reviews come from `copilot-pull-request-reviewer[bot]` but its inline comments are authored by `Copilot`).
+    pull_request_read(method="get_review_comments", pullNumber=NUMBER, owner=OWNER, repo=REPO)
 
-### `fetch_copilot_inline_comments.py`
+### Request Copilot review: `add_issue_comment` or `request_copilot_review`
 
-Fetches unaddressed Copilot inline comments for the **newest submitted Copilot review** on the requested ``--commit`` SHA (matches ``pull_request_review_id`` to the review returned by ``fetch_copilot_reviews.py`` so stale inline threads from an older Copilot review on the same SHA are ignored).
+Two options:
 
-```bash
-python "${CLAUDE_SKILL_DIR}/scripts/fetch_copilot_inline_comments.py" \
-  --owner <OWNER> --repo <REPO> --number <NUMBER> --commit <CURRENT_HEAD>
-```
+1. Comment-based trigger:
+   ```
+   add_issue_comment(owner=OWNER, repo=REPO, issueNumber=NUMBER, body="@copilot review")
+   ```
+2. Dedicated MCP tool (when available):
+   ```
+   request_copilot_review(owner=OWNER, repo=REPO, pullNumber=NUMBER)
+   ```
 
-Output: JSON array of `{comment_id, commit_id, path, line, body}`. Uses the same `--paginate --slurp` pattern as `fetch_copilot_reviews.py`.
+The `[bot]` suffix is load-bearing per `../../copilot-review/SKILL.md`.
 
-### `request_copilot_review.py`
+### Claude reviews: `pull_request_read(method="get_reviews")`
 
-Requests a Copilot review on the current PR via `gh api -X POST repos/{owner}/{repo}/pulls/{number}/requested_reviewers -f 'reviewers[]=copilot-pull-request-reviewer[bot]'`. The `[bot]` suffix is load-bearing per `../../copilot-review/SKILL.md` — `Copilot`, `copilot`, and `github-copilot` all silently no-op.
+Fetch all reviews and filter for login containing `claude`:
 
-```bash
-python "${CLAUDE_SKILL_DIR}/scripts/request_copilot_review.py" \
-  --owner <OWNER> --repo <REPO> --number <NUMBER>
-```
+    pull_request_read(method="get_reviews", pullNumber=NUMBER, owner=OWNER, repo=REPO)
 
-Output: none on success (gh's stdout is suppressed); `subprocess.CalledProcessError` on failure.
+Classification: same state-based rules as Copilot reviews.
 
-### `fetch_claude_reviews.py`
+### Claude inline comments: `pull_request_read(method="get_review_comments")`
 
-Fetches every Claude reviewer-bot review on the PR newest-first, classified per the review's `state` field. Mirror of `fetch_copilot_reviews.py` for an Anthropic Claude PR review bot (e.g. `claude[bot]`, `claude-code[bot]`, or any login containing `claude`).
+Fetch all review comments and filter for login containing `claude`, matching `pull_request_review_id` to the newest Claude review on the target commit:
 
-```bash
-python "${CLAUDE_SKILL_DIR}/scripts/fetch_claude_reviews.py" \
-  --owner <OWNER> --repo <REPO> --number <NUMBER>
-```
-
-Output: JSON array of `{review_id, commit_id, submitted_at, state, body, classification}` — same shape and same state-based classification rules as `fetch_copilot_reviews.py`. Login filter is a case-insensitive substring match on `claude`.
-
-### `fetch_claude_inline_comments.py`
-
-Fetches unaddressed Claude inline comments for the **newest submitted Claude review** on the requested `--commit` SHA (matches `pull_request_review_id` to the review returned by `fetch_claude_reviews.py` so stale inline threads from an older Claude review on the same SHA are ignored).
-
-```bash
-python "${CLAUDE_SKILL_DIR}/scripts/fetch_claude_inline_comments.py" \
-  --owner <OWNER> --repo <REPO> --number <NUMBER> --commit <CURRENT_HEAD>
-```
-
-Output: JSON array of `{comment_id, commit_id, path, line, body}`. Same `--paginate --slurp` pattern.
+    pull_request_read(method="get_review_comments", pullNumber=NUMBER, owner=OWNER, repo=REPO)
 
 ## Shared modules
 
-The reviewer fetch scripts share their fetch and classification logic via two internal modules. Entry-point scripts (`fetch_bugbot_reviews.py`, `fetch_copilot_reviews.py`, `fetch_claude_reviews.py` and their inline-comment counterparts) are thin wrappers — they import a per-reviewer spec, call the shared core, and shape argparse / JSON output.
-
-### `reviewer_specs.py`
-
-Defines the `ReviewerSpec` frozen dataclass (two fields: `login_filter_substring` and `classify_review`) plus three module-level instances: `bugbot_spec`, `copilot_spec`, `claude_spec`. The state-based classifier used by Copilot and Claude is built via the shared `_make_state_based_classifier` factory; Bugbot has its own body-regex classifier because Bugbot uses `state == "COMMENTED"` for both clean and dirty reviews and only the body distinguishes them.
-
-Spec instances use lowercase names because they are frozen dataclass values rather than scalar configuration constants — keeps them out of the `UPPER_SNAKE` constants-location rule that requires module-level constants outside `config/` to be hoisted there.
-
-### `reviewer_fetch_core.py`
-
-Exports `fetch_reviewer_reviews(spec, ...)` and `fetch_reviewer_inline_comments(spec, ..., all_reviews=...)`. The inline-comments function takes pre-fetched reviews as an argument rather than fetching them internally, so each entry-point script keeps its own patchable `fetch_X_reviews` function for tests that mock the reviews fetch on the entry-point module.
-
-The core enforces the gh-paginate contract (`--paginate --slurp` + Python JSON flattening, never `gh --jq` for cross-page operations) and the case-insensitive substring login filter in one place.
+No shared fetch core modules are needed. Each review or comment fetch is a single MCP tool call with client-side filtering by login.
 
 ## Tests
 
-Each script has a sibling `test_<name>.py`. Run them all with:
-
-```bash
-python -m pytest packages/claude-dev-env/skills/pr-converge/scripts/ -v
-```
+Unit tests for gh wrapper scripts are removed. Reviewer interaction is tested through the MCP server contract.

package/skills/pr-review-responder/EXAMPLES.md

@@ -347,8 +347,8 @@ Found 1 general PR comment (not inline):
 This is a general comment, not tied to specific code lines.
 Cannot auto-respond to general comments.
 
-Suggestion: Reply manually on GitHub or use gh CLI:
-  gh pr comment 91 -b "✅ **Added**: Cache invalidation tests in tests/test_cache.py"
+Suggestion: Reply manually on GitHub or use the MCP tool:
+  `add_issue_comment(owner=owner, repo=repo, issueNumber=91, body="✅ **Added**: Cache invalidation tests in tests/test_cache.py")`
 ```
 
 ---

package/skills/pr-review-responder/PRINCIPLES.md

@@ -242,11 +242,7 @@ One-to-one mapping, clear context.
 **GitHub location**: File diffs, attached to specific line numbers
 
 **How to respond**:
-```bash
-gh api repos/{owner}/{repo}/pulls/comments/{comment_id}/replies \
-  -X POST \
-  -f body="✅ **Fixed**: [description]"
-```
+`add_reply_to_pull_request_comment(commentId={comment_id}, body="✅ **Fixed**: [description]", owner="{owner}", repo="{repo}", pullNumber={pr_number})`
 
 **Skill behavior**: Automatically detects and responds to these
 
@@ -257,9 +253,7 @@ gh api repos/{owner}/{repo}/pulls/comments/{comment_id}/replies \
 **GitHub location**: PR conversation tab
 
 **How to respond**:
-```bash
-gh pr comment {pr_number} -b "✅ **Fixed**: [description]"
-```
+`add_issue_comment(owner=owner, repo=repo, issueNumber={pr_number}, body="✅ **Fixed**: [description]")`
 
 **Skill behavior**: Detects but cannot auto-respond (lacks line context)
 

package/skills/pr-review-responder/README.md

@@ -24,7 +24,6 @@ Use this skill:
 - **SKILL.md**: Core instructions and step-by-step workflow for Claude
 - **EXAMPLES.md**: 8 real-world examples with different scenarios
 - **PRINCIPLES.md**: Theory and best practices for PR communication
-- **scripts/respond_to_reviews.py**: Standalone automation script
 - **README.md**: This file
 
 ## Quick Start
@@ -44,19 +43,6 @@ git commit -m "fix: address PR feedback"
 git push
 ```
 
-### Using Standalone Script
-
-```bash
-# Auto-detect PR and respond to comments
-python scripts/respond_to_reviews.py
-
-# Specify PR number
-python scripts/respond_to_reviews.py --pr 123
-
-# Auto-approve responses (no confirmation)
-python scripts/respond_to_reviews.py --auto-approve
-```
-
 ## Testing
 
 Test the skill with these queries:
@@ -74,23 +60,13 @@ Test the skill with these queries:
 
 ## Requirements
 
-- `gh` CLI installed and authenticated (`gh auth login`)
+- GitHub MCP server (`plugin:github:github`) authenticated
 - Git repository with GitHub remote
 - Current branch with an open PR
 - Changes committed (not just staged)
-- Python 3.8+ (for standalone script)
 
 ## Integration Options
 
-### As Pre-Push Hook
-
-Add to `.git/hooks/pre-push`:
-```bash
-#!/bin/bash
-echo "Checking for PR review comments..."
-python .claude/skills/pr-review-responder/scripts/respond_to_reviews.py
-```
-
 ### As Slash Command
 
 Add to `.claude/settings.json`:
@@ -104,19 +80,6 @@ Add to `.claude/settings.json`:
 
 Usage: `/respond`
 
-### As npm Script
-
-Add to `package.json`:
-```json
-{
-  "scripts": {
-    "respond": "python .claude/skills/pr-review-responder/scripts/respond_to_reviews.py"
-  }
-}
-```
-
-Usage: `npm run respond`
-
 ## Example Response Format
 
 ```
@@ -130,16 +93,16 @@ Usage: `npm run respond`
 ## Troubleshooting
 
 **"No PR found for this branch"**:
-- Create PR first: `gh pr create`
-- Or specify PR: `--pr NUMBER`
+- Create PR first using MCP: `create_pull_request(owner=owner, repo=repo, title=title, body=body, head=head, base=base)`
+- Ensure the branch has an associated open PR
 
 **"No review comments found"**:
 - PR might not have reviews yet
 - Or all comments already responded to
 
 **"Permission denied"**:
-- Run: `gh auth refresh -h github.com -s repo`
-- Ensure write access to repository
+- Ensure the GitHub MCP server has write-scoped authentication
+- Check repository write access
 
 **"Cannot find matching changes"**:
 - Review comments don't match files you modified
@@ -180,9 +143,6 @@ See [PRINCIPLES.md](PRINCIPLES.md) for:
 ```bash
 # Test skill activation
 "Respond to PR review comments"
-
-# Test standalone script
-python scripts/respond_to_reviews.py --help
 ```
 
 ## Version History
@@ -194,15 +154,14 @@ python scripts/respond_to_reviews.py --help
 - Matching changes to comments
 - Drafting responses with standard format
 - Posting via GitHub API
-- Standalone Python script
+- MCP-based GitHub tool integration
 
 ## Contributing
 
 To improve this skill:
 1. Add new examples to EXAMPLES.md
 2. Document anti-patterns in PRINCIPLES.md
-3. Enhance matching logic in scripts/respond_to_reviews.py
-4. Test with various PR scenarios
+3. Test with various PR scenarios
 
 ## License
 

package/skills/pr-review-responder/SKILL.md

@@ -36,8 +36,7 @@ Before doing ANYTHING:
 
 - [ ] FORBIDDEN: Assuming you know what the comments say
 - [ ] FORBIDDEN: Using default pagination (30 results, causes missed comments)
-- [x] REQUIRED: `gh api repos/{owner}/{repo}/pulls/{pr_number}/comments?per_page=100`
-- [x] REQUIRED: Check for additional pages if 100+ comments
+- [x] REQUIRED: `pull_request_read(method="get_review_comments", pullNumber={pr_number}, owner="{owner}", repo="{repo}")`
 
 **WHY:** Missing comments forces extra review rounds. Default pagination (30) silently drops comments.
 
@@ -194,7 +193,7 @@ Cannot add review responses to merged PRs. Report error.
 
 ## Requirements
 
-- `gh` CLI installed and authenticated
+- GitHub MCP server (`plugin:github:github`) authenticated
 - Current branch must have an open PR
 - Git repository with remote on GitHub
 - Write access to repository

package/skills/pr-review-responder/TESTING.md

@@ -213,62 +213,12 @@ git commit -m "fix: latest feedback"
 - Doesn't duplicate on already-replied comments
 - Tracks which were skipped
 
-## Standalone Script Tests
-
-### Test 7: Script with Auto-Approve
-
-**Setup**:
-```bash
-# PR with review comments
-# Changes committed
-```
-
-**Test**:
-```bash
-python scripts/respond_to_reviews.py --auto-approve
-```
-
-**Expected behavior**:
-- Finds comments
-- Drafts responses
-- Posts WITHOUT asking for confirmation
-- Shows success report
-
-**Validation**:
-- No interactive prompts
-- Responses posted automatically
-- Exit code 0
-
-### Test 8: Script with Specific PR Number
-
-**Setup**:
-```bash
-# Multiple PRs open
-# Specify which one
-```
-
-**Test**:
-```bash
-python scripts/respond_to_reviews.py --pr 123
-```
-
-**Expected behavior**:
-- Uses PR #123 (not auto-detect)
-- Processes that PR's comments
-- Posts responses
-
-**Validation**:
-- Correct PR processed
-- Doesn't use current branch's PR
-
 ## Edge Cases
 
 ### Test 9: Authentication Failure
 
 **Setup**:
-```bash
-gh auth logout
-```
+- GitHub MCP server authentication is not configured or has expired
 
 **Test**:
 ```
@@ -277,9 +227,9 @@ gh auth logout
 
 **Expected behavior**:
 - Attempts to fetch PR
-- Gets auth error
+- Gets auth error from MCP server
 - Shows clear error message
-- Suggests: `gh auth login`
+- Suggests re-authenticating the GitHub MCP server
 
 ### Test 10: Merged PR
 
@@ -347,7 +297,7 @@ Before considering skill production-ready:
 - [ ] Happy path works end-to-end
 - [ ] Edge cases handled gracefully
 - [ ] Error messages are clear and actionable
-- [ ] Standalone script works independently
+- [ ] GitHub MCP tools respond correctly for all operations
 - [ ] Documentation is comprehensive
 - [ ] Examples cover common scenarios
 
@@ -375,24 +325,17 @@ If skill doesn't activate:
    - Does it include "respond", "reply", "post"?
    - Are trigger words present?
 
-If script fails:
+If MCP calls fail:
 
-1. **Check gh CLI**:
-   ```bash
-   gh --version
-   gh auth status
-   ```
+1. **Check GitHub MCP server**:
+   - Verify `plugin:github:github` is listed in available MCP servers
+   - Check authentication status within the MCP server configuration
 
 2. **Check git repository**:
    ```bash
    git remote -v
    ```
 
-3. **Run with error output**:
-   ```bash
-   python scripts/respond_to_reviews.py 2>&1 | tee debug.log
-   ```
-
 ## Success Metrics
 
 Skill is working correctly if:

package/skills/qbug/SKILL.md

@@ -66,24 +66,19 @@ Pre-flight checks (in order):
 
 ## Step 1: Resolve PR scope (lead)
 
-1. `gh pr view --json number,baseRefName,headRefName,url`
+1. Call `pull_request_read(method="get", pullNumber=N, owner=O, repo=R)` via the lead's available MCP tools (`N` comes from the parent skill's PR context, or fall back to `search_issues` MCP with the current branch name to recover the PR number). Extract `number`, `baseRefName`, `headRefName`, `url` from the response.
 2. Else `git merge-base HEAD origin/<default>` then `git diff <merge-base>...HEAD`
 3. Else refuse per § When this skill applies.
 
 Capture: `owner/repo`, `baseRefName`, `headRefName`, PR `number`, `url`, `starting_sha = git rev-parse HEAD`.
 
-Resolve the scoped temp directory once, lead-side, before spawning the subagent. Use Python's `tempfile.gettempdir()` so the path is correct on macOS, Linux, Windows cmd.exe, and PowerShell — do not hardcode `/tmp/` because Windows runners do not honor it. Capture the resolved absolute path as `<qbug_temp_dir>` and pass that literal path to the subagent:
+Resolve the scoped temp directory once, lead-side, before spawning the subagent. Use Python's `tempfile.gettempdir()` so the path is correct on macOS, Linux, Windows cmd.exe, and PowerShell — do not hardcode `/tmp/` because Windows runners do not honor it. Pass the resolved absolute path along with the PR metadata to the subagent:
 
 ```python
-import json
-import subprocess
 import tempfile
 from pathlib import Path
 
-pr_view: dict = json.loads(subprocess.check_output(
-    ["gh", "pr", "view", "--json", "number,baseRefName,headRefName,url"]
-))
-pr_number: int = pr_view["number"]
+pr_number: int = ...  # from pull_request_read MCP response above
 qbug_temp_dir: Path = Path(tempfile.gettempdir()) / f"qbug-pr-{pr_number}"
 qbug_temp_dir.mkdir(parents=True, exist_ok=True)
 ```
@@ -183,7 +178,7 @@ The subagent receives this prompt and loops internally — the lead does not re-
        On exit 0: increment loop_count, proceed to AUDIT.
 
     3. AUDIT:
-       Run: `gh pr diff <pr_number> -R <owner>/<repo> > <qbug_temp_dir>/loop-<loop_count>.patch`
+       Call `pull_request_read(method="get_diff", pullNumber=<pr_number>, owner=<owner>, repo=<repo>)` via MCP and save the diff to `<qbug_temp_dir>/loop-<loop_count>.patch`
 
        - Read the patch file.
        - Audit only added/modified lines. Read <categories_file> for the
@@ -204,13 +199,12 @@ The subagent receives this prompt and loops internally — the lead does not re-
        persistence schema.
 
        Post ONE review per loop. Use the payload shape from
-       <categories_file>'s sibling SKILL.md § "PR comments" — build
-       the JSON with jq `--rawfile` / `-Rs` reading per-finding body
-       files, pipe to
-       `gh api repos/<owner>/<repo>/pulls/<pr_number>/reviews -X POST --input -`.
+       <categories_file>'s sibling SKILL.md § "PR comments" — pass
+       the review body as a direct string parameter (not jq/piped files) to
+       `pull_request_review_write(method="create", event="COMMENT", body=<body>, owner=<owner>, repo=<repo>, pullNumber=<pr_number>, commitID=<head_sha>)`.
        Review body first line: `## /qbug loop <N> audit: <P0>P0 / <P1>P1 / <P2>P2`.
        If the review POST fails, fall back to one issue comment on
-       `/issues/<pr_number>/comments` carrying the full body; mark every
+       `add_issue_comment(owner=<owner>, repo=<repo>, issueNumber=<pr_number>, body=<body>)` carrying the full body; mark every
        finding `used_fallback=true`.
 
        Harvest `html_url` for the parent review and each child comment
@@ -252,7 +246,7 @@ The subagent receives this prompt and loops internally — the lead does not re-
        contract's diagnostics schema (all eight keys required).
 
        Reply to each finding at loop_comment_index[finding_id].finding_comment_id
-       using the reply CLI shape (jq `-Rs` → `gh api .../comments/<id>/replies --input -`).
+       using `add_reply_to_pull_request_comment(commentId=<id>, body=<body>, owner=<owner>, repo=<repo>, pullNumber=<pr_number>)`.
        Reply body is one of:
          - `Fixed in <short_sha>`
          - `Could not address this loop: <one-line reason>`
@@ -301,7 +295,7 @@ _From /qbug audit loop 2._
 
 ## Step 3: PR description refresh (lead)
 
-Delegate body composition to the `pr-description-writer` agent (the mandatory-pr-description hook requires it for `gh pr edit` to succeed). Feed it the final PR diff and the original body. Apply via `gh pr edit <number> -R <owner>/<repo> --body-file .qbug-final-body.md`.
+Delegate body composition to the `pr-description-writer` agent (the mandatory-pr-description hook requires it). Feed the agent the final PR diff and the original body. Apply via `update_pull_request(pullNumber=<number>, owner=<owner>, repo=<repo>, body=<new_body>)`.
 
 On error exit paths: best-effort; log the failure in the final report and continue.
 

package/_shared/pr-loop/scripts/config/gh_util_constants.py

@@ -1,31 +0,0 @@
-"""Constants for gh_util.py per CODE_RULES centralized-config rule."""
-
-DEFAULT_TIMEOUT_SECONDS: int = 30
-DEFAULT_RETRIES: int = 2
-DEFAULT_BACKOFF_SECONDS: float = 1.0
-EXPONENTIAL_BACKOFF_BASE: int = 2
-GH_TIMEOUT_RETURN_CODE: int = 124
-INLINE_REVIEW_COMMENTS_PATH_TEMPLATE: str = (
-    "/repos/{owner}/{repo}/pulls/{pull_number}/comments"
-)
-
-ALL_TRANSIENT_ERROR_MARKERS: tuple[str, ...] = (
-    "connection reset",
-    "connection refused",
-    "timeout",
-    "timed out",
-    "temporarily unavailable",
-    "502",
-    "503",
-    "504",
-    "rate limit",
-)
-
-ALL_AUTH_ERROR_MARKERS: tuple[str, ...] = (
-    "gh auth login",
-    "authentication failed",
-    "http 401",
-    "http 403",
-    "forbidden",
-    "resource not accessible",
-)