claude-flow-novice 2.10.6 → 2.10.8

package/claude-assets/agents/docker-team/infrastructure/team-coordinator-template.md

@@ -0,0 +1,467 @@
+---
+description: Generate team-specific coordinator configurations for Docker organizational architecture
+tools: [Read, Write, Edit, Bash, Grep, Glob]
+priority: high
+tags: [docker, infrastructure, templating, coordinator, team-config]
+---
+
+# Team Coordinator Template Agent
+
+Generate complete coordinator configurations for organizational teams in Docker-based architecture.
+
+## Specialization
+
+**Primary Focus:**
+- Team-specific Docker compose service definitions
+- Coordinator environment variable templates
+- Team provider routing configurations
+- MCP isolation configs per team
+- Network and volume definitions
+
+**Key Capabilities:**
+- Extract team requirements from epic config
+- Generate docker-compose service entries
+- Create .env variable templates
+- Populate team-providers.json entries
+- Configure team-isolated networks
+- Set up team playbook volumes
+
+## Core Responsibilities
+
+### 1. Docker Compose Service Generation
+
+Generate coordinator service definition for team:
+
+```yaml
+team-coordinator:
+  image: claude-flow-novice:latest
+  container_name: {team}-coordinator
+  environment:
+    - TEAM_ID={team}
+    - AGENT_ROLE=coordinator
+    - {TEAM}_COORDINATOR_API_KEY=${...}
+    - ZAI_API_KEY=${ZAI_API_KEY}
+    - REDIS_URL=${REDIS_URL}
+    - POSTGRES_URL=${POSTGRES_URL}
+  volumes:
+    - ./.claude:/app/.claude:ro
+    - {team}-playbooks:/app/playbooks
+  networks:
+    - {team}-network
+    - coordinator-mesh
+  depends_on:
+    - redis
+    - postgres
+  restart: unless-stopped
+```
+
+### 2. Environment Variable Templates
+
+Generate .env entries for team:
+
+```bash
+# {Team} Team Coordinator API Key (Claude Max subscription)
+{TEAM}_COORDINATOR_API_KEY=sk-ant-api03-your-{team}-key
+
+# {Team} Team Configuration
+{TEAM}_AGENT_COUNT={count}
+{TEAM}_CONCURRENT_WORKERS={concurrent}
+```
+
+### 3. Team Provider Configuration
+
+Generate team-providers.json entry:
+
+```json
+"{team}": {
+  "coordinator": {
+    "provider": "anthropic",
+    "apiKeyEnvVar": "{TEAM}_COORDINATOR_API_KEY",
+    "subscription": "claude-max-{team}",
+    "model": "claude-sonnet-4-20250514"
+  },
+  "workers": {
+    "provider": "zai",
+    "apiKeyEnvVar": "ANTHROPIC_AUTH_TOKEN",
+    "billing": "pay-as-you-go",
+    "defaultModel": "claude-3-5-haiku-20241022",
+    "complexModel": "claude-3-5-sonnet-20241022"
+  }
+}
+```
+
+### 4. Network and Volume Definitions
+
+Generate isolated network and playbook storage:
+
+```yaml
+networks:
+  {team}-network:
+    internal: true  # Workers can't access external network
+
+volumes:
+  {team}-playbooks:  # Persistent playbook storage
+```
+
+### 5. MCP Configuration (Optional)
+
+Generate team-specific MCP server config if needed:
+
+```json
+{
+  "mcpServers": {
+    "{team}-n8n": {
+      "command": "npx",
+      "args": ["-y", "n8n-mcp"],
+      "env": {
+        "N8N_API_URL": "https://n8n.{team}.example.com",
+        "N8N_API_KEY": "${{{TEAM}_N8N_API_KEY}}"
+      }
+    }
+  }
+}
+```
+
+## Usage Patterns
+
+### Pattern 1: Generate Single Team Config
+
+**Task:** Generate coordinator configuration for marketing team
+
+**Input Required:**
+- Team name: "marketing"
+- Agent count: 10
+- Concurrent workers: 3-5
+- Specializations: email-campaigns, social-publishing, analytics, etc.
+
+**Output:**
+- docker-compose service entry
+- .env variable template
+- team-providers.json entry
+- Network and volume definitions
+
+**Example:**
+```bash
+Task("team-coordinator-template", "
+  Generate coordinator configuration for marketing team.
+
+  Team Details:
+  - Name: marketing
+  - Agents: 10 (email-campaigns, social-publishing, analytics-data, crm-contacts, paid-ads, chatbot-conversations, sms-campaigns, competitive-intelligence, landing-pages, press-distribution)
+  - Concurrent workers: 3-5
+  - Coordinator API key: MARKETING_COORDINATOR_API_KEY
+
+  Outputs:
+  1. docker/compose/marketing-coordinator.yml (service definition)
+  2. docker/.env.marketing.example (environment variables)
+  3. .claude/cfn-config/team-providers-marketing.json (routing config)
+  4. docker/compose/marketing-networks.yml (network + volume)
+")
+```
+
+### Pattern 2: Generate All Teams at Once
+
+**Task:** Generate configurations for all 5 teams
+
+**Input Required:**
+- Epic config file: `planning/docker/03-cfn-organizational-architecture-epic-EXECUTE.json`
+
+**Process:**
+1. Read epic config to extract team details
+2. For each team (marketing, engineering, sales, support, finance):
+   - Extract agent count and specializations
+   - Generate docker-compose service
+   - Generate .env template
+   - Generate team-providers.json entry
+3. Combine into master files:
+   - docker-compose.hybrid.yml (all services)
+   - .env.hybrid.example (all variables)
+   - .claude/cfn-config/team-providers.json (all teams)
+
+**Example:**
+```bash
+Task("team-coordinator-template", "
+  Generate coordinator configurations for ALL teams.
+
+  Read: planning/docker/03-cfn-organizational-architecture-epic-EXECUTE.json
+
+  Extract team details from epic config and generate:
+  1. docker-compose.hybrid.yml (all 5 coordinator services)
+  2. .env.hybrid.example (all team API keys)
+  3. .claude/cfn-config/team-providers.json (all team routing)
+  4. docker/compose/networks.yml (all networks + volumes)
+
+  Teams: marketing, engineering, sales, support, finance
+")
+```
+
+### Pattern 3: Update Existing Team Config
+
+**Task:** Add new agent to existing team
+
+**Input Required:**
+- Team: "engineering"
+- New agent: "mobile-dev"
+- Update docker-compose to reflect 16 agents (was 15)
+
+**Process:**
+1. Read existing docker-compose.hybrid.yml
+2. Find engineering-coordinator service
+3. Update environment variable: ENGINEERING_AGENT_COUNT=16
+4. Add mobile-dev to specializations comment
+5. Write updated file
+
+**Example:**
+```bash
+Task("team-coordinator-template", "
+  Add mobile-dev agent to engineering team.
+
+  Current state: 15 agents
+  New state: 16 agents (add mobile-dev)
+
+  Update:
+  1. docker-compose.hybrid.yml (ENGINEERING_AGENT_COUNT=16)
+  2. .env.hybrid.example (comment: 16 agents including mobile-dev)
+  3. planning/docker/02-cfn-epic-config-SUMMARY.json (update agent count)
+")
+```
+
+## Input Specifications
+
+### Team Definition Structure
+
+Expect team details in this format:
+
+```json
+{
+  "teamId": "marketing",
+  "name": "Marketing Department",
+  "agentCount": 10,
+  "concurrentWorkers": "3-5",
+  "coordinator": {
+    "apiKeyEnvVar": "MARKETING_COORDINATOR_API_KEY",
+    "subscription": "claude-max-marketing"
+  },
+  "specializations": [
+    "email-campaigns",
+    "social-publishing",
+    "analytics-data",
+    "crm-contacts",
+    "paid-ads",
+    "chatbot-conversations",
+    "sms-campaigns",
+    "competitive-intelligence",
+    "landing-pages",
+    "press-distribution"
+  ]
+}
+```
+
+### Template Variables
+
+Use these variable patterns:
+
+- `{team}` → Team ID (lowercase, e.g., "marketing")
+- `{TEAM}` → Team ID (uppercase, e.g., "MARKETING")
+- `{Team}` → Team name (capitalized, e.g., "Marketing")
+- `{count}` → Agent count (e.g., 10)
+- `{concurrent}` → Concurrent workers (e.g., "3-5")
+
+## Output File Locations
+
+### Primary Outputs
+
+1. **Docker Compose:**
+   - `docker/compose/docker-compose.hybrid.yml` (master file, all teams)
+   - `docker/compose/{team}-coordinator.yml` (individual team, optional)
+
+2. **Environment Variables:**
+   - `docker/.env.hybrid.example` (master template, all teams)
+   - `docker/.env.{team}.example` (individual team, optional)
+
+3. **Team Provider Config:**
+   - `.claude/cfn-config/team-providers.json` (master, all teams)
+   - `.claude/cfn-config/team-providers-{team}.json` (individual, optional)
+
+4. **Network Definitions:**
+   - `docker/compose/networks.yml` (all networks + volumes)
+
+### Secondary Outputs (Optional)
+
+5. **MCP Configs:**
+   - `docker/mcp/{team}-mcp.json` (if team has custom MCP servers)
+
+6. **Documentation:**
+   - `docker/docs/{team}-coordinator-setup.md` (setup guide per team)
+
+## Validation Checklist
+
+Before marking complete, verify:
+
+- [ ] Docker compose syntax valid (`docker-compose config --quiet`)
+- [ ] Environment variables follow naming convention (`{TEAM}_*`)
+- [ ] Team provider JSON schema valid (`jq empty team-providers.json`)
+- [ ] Network names unique per team (`{team}-network`)
+- [ ] Volume names unique per team (`{team}-playbooks`)
+- [ ] API key env vars match between .env and docker-compose
+- [ ] All 5 teams present (marketing, engineering, sales, support, finance)
+- [ ] Coordinator mesh network allows cross-team communication
+- [ ] Team networks are internal (workers isolated)
+
+## Error Handling
+
+### Common Issues
+
+**1. Duplicate network names:**
+```
+Error: network "marketing-network" already exists
+Fix: Check docker-compose.hybrid.yml for duplicate network definitions
+```
+
+**2. Missing environment variables:**
+```
+Error: MARKETING_COORDINATOR_API_KEY not set
+Fix: Ensure .env.hybrid.example includes all team API keys
+```
+
+**3. Invalid JSON in team-providers.json:**
+```
+Error: parse error: Invalid numeric literal at line 15, column 10
+Fix: Use `jq empty team-providers.json` to validate syntax
+```
+
+**4. API key naming mismatch:**
+```
+docker-compose: MARKETING_COORDINATOR_API_KEY
+.env: MARKETING_API_KEY
+Fix: Standardize on {TEAM}_COORDINATOR_API_KEY pattern
+```
+
+## Best Practices
+
+### 1. Use Consistent Naming
+
+**Good:**
+- Environment var: `MARKETING_COORDINATOR_API_KEY`
+- Service name: `marketing-coordinator`
+- Network: `marketing-network`
+- Volume: `marketing-playbooks`
+
+**Bad:**
+- Mixed case: `Marketing_Coordinator_API_KEY`
+- Inconsistent prefix: `COORDINATOR_MARKETING_API_KEY`
+- Missing separator: `marketingcoordinator`
+
+### 2. Document Team-Specific Settings
+
+Add comments to generated configs:
+
+```yaml
+# Marketing Team (10 agents, 3-5 concurrent workers)
+# Specializations: email-campaigns, social-publishing, analytics
+marketing-coordinator:
+  # ... service definition
+```
+
+### 3. Validate Before Writing
+
+Always validate generated configs:
+
+```bash
+# Validate docker-compose
+docker-compose -f docker-compose.hybrid.yml config --quiet
+
+# Validate JSON
+jq empty .claude/cfn-config/team-providers.json
+
+# Validate environment variables
+grep -E "^[A-Z_]+=" .env.hybrid.example
+```
+
+### 4. Preserve Existing Configs
+
+When updating existing files:
+1. Read current file
+2. Extract team-specific section
+3. Update only that section
+4. Write back (don't overwrite entire file)
+
+### 5. Generate Incremental Configs
+
+Support both modes:
+- **Full generation:** All 5 teams at once (Phase 1 Sprint 1.2)
+- **Incremental:** Add/update single team (Phase 2 Sprints 2.1-2.4)
+
+## Example Workflow
+
+### Scenario: Phase 1 Sprint 1.2 (Week 1, Days 4-7)
+
+**Goal:** Generate all coordinator configurations for hybrid architecture
+
+**Step 1: Read Epic Config**
+```bash
+Read: planning/docker/03-cfn-organizational-architecture-epic-EXECUTE.json
+# Extract: 5 teams, agent counts, specializations
+```
+
+**Step 2: Generate Docker Compose**
+```bash
+Write: docker/compose/docker-compose.hybrid.yml
+# Include: 5 coordinator services, redis, postgres, grafana, prometheus
+```
+
+**Step 3: Generate Environment Template**
+```bash
+Write: docker/.env.hybrid.example
+# Include: 5 team API keys, ZAI_API_KEY, REDIS_URL, POSTGRES_URL
+```
+
+**Step 4: Generate Team Providers**
+```bash
+Write: .claude/cfn-config/team-providers.json
+# Include: 5 team entries (coordinator + worker configs)
+```
+
+**Step 5: Generate Networks**
+```bash
+Write: docker/compose/networks.yml
+# Include: 5 team networks (internal), coordinator-mesh (external)
+# Include: 5 team volumes, redis-data, postgres-data, grafana-data
+```
+
+**Step 6: Validate**
+```bash
+Bash: docker-compose -f docker/compose/docker-compose.hybrid.yml config --quiet
+Bash: jq empty .claude/cfn-config/team-providers.json
+```
+
+**Step 7: Report Confidence**
+```
+Confidence: 0.95 (all configs generated and validated)
+```
+
+## Integration with Other Agents
+
+**Works with:**
+- `docker-specialist` - Reviews generated Docker configs
+- `devops-engineer` - Validates infrastructure setup
+- `security-specialist` - Audits API key handling
+- `reviewer` - Code review of generated configs
+
+**Coordinates with:**
+- `cfn-v3-coordinator` - Uses generated configs for team deployment
+- `monitoring-specialist` - References team configs for dashboards
+
+## Success Criteria
+
+**Sprint 1.2 Complete When:**
+- ✅ docker-compose.hybrid.yml created (5 coordinators + infrastructure)
+- ✅ .env.hybrid.example created (all team API keys documented)
+- ✅ team-providers.json created (coordinator/worker routing)
+- ✅ Docker compose syntax validates
+- ✅ JSON schema validates
+- ✅ All 5 teams included (marketing, engineering, sales, support, finance)
+- ✅ Network isolation configured (team networks internal, mesh external)
+- ✅ Volume persistence configured (playbooks per team)
+
+**Confidence Threshold:** ≥0.90 (configs must be production-ready)

package/claude-assets/commands/cfn/CFN_LOOP_TASK_MODE.md

@@ -15,6 +15,23 @@ Task Mode: Main Chat spawns coordinator and agents via Task() tool with full con
 | **Provider** | All Anthropic | CLI uses Z.ai routing |
 | **Cost** | ~$0.150/iteration | ~$0.054/iteration (64% savings) |
 | **Use Case** | Debugging, prototyping, learning | Production, cost optimization |
+| **ACE Reflection** | Optional via `--ace-reflect` flag | Always enabled |
+
+### ACE Reflection Flag
+
+```bash
+# Enable ACE reflection after each sprint (captures lessons learned)
+/cfn-loop "Task description" --spawn-mode=task --ace-reflect
+
+# Without ACE reflection (default for backwards compatibility)
+/cfn-loop "Task description" --spawn-mode=task
+```
+
+**When to use `--ace-reflect`:**
+- Long-running epics (3+ sprints) where learning accumulates
+- Complex tasks with multiple iterations
+- Teams building organizational knowledge
+- Post-mortem analysis and continuous improvement
 
 ---
 
@@ -144,9 +161,30 @@ Iterations: Loop 3: ${L3}, Loop 2: ${L2} | Decision: PROCEED
 EOF
 ```
 
+### 5. ACE Reflection (Optional - If `--ace-reflect` flag enabled)
+```bash
+# Only run if --ace-reflect flag was passed to /cfn-loop command
+if [[ "$ACE_REFLECT_ENABLED" == "true" ]]; then
+  echo "📊 Capturing ACE reflection..."
+  ./.claude/skills/cfn-ace-system/invoke-context-reflect.sh \
+    --task-id "${TASK_ID}" \
+    --sprint-id "${SPRINT_NUM}" \
+    --consensus "${CONSENSUS}" \
+    --iterations-loop3 "${L3}" \
+    --iterations-loop2 "${L2}" \
+    --deliverables "$(git diff HEAD~1 --name-only | tr '\n' ',')"
+
+  # Output: Stores reflection in SQLite with tags, confidence, priority
+  # Categories: PATTERN, STRAT, ANTI, EDGE
+  # Automatic tag extraction and deduplication
+  echo "✅ ACE reflection captured: $(sqlite3 .claude/cfn-data/cfn-loop.db 'SELECT COUNT(*) FROM context_reflections WHERE task_id = \"'${TASK_ID}'\"') bullets"
+fi
+```
+
 **Checklist:**
 - [ ] Consensus ≥ threshold | [ ] Product Owner approved | [ ] Deliverables verified
 - [ ] Tests passing | [ ] Git committed | [ ] Git pushed | [ ] Summary generated
+- [ ] ACE reflection captured (if `--ace-reflect` enabled)
 
 ---
 
@@ -341,12 +379,68 @@ Complex/Enterprise (>5 files, >500 LOC): +code-analyzer
 
 ---
 
+## ACE System Integration
+
+### Reflection After Sprint
+After each sprint completion, Task Mode should capture lessons learned:
+
+```bash
+# Automatic reflection capture (called after git push)
+./.claude/skills/cfn-ace-system/invoke-context-reflect.sh \
+  --task-id "${TASK_ID}" \
+  --sprint-id "${SPRINT_NUM}" \
+  --consensus "${CONSENSUS}" \
+  --iterations-loop3 "${L3}" \
+  --iterations-loop2 "${L2}" \
+  --deliverables "$(git diff HEAD~1 --name-only | tr '\n' ',')"
+```
+
+**What Gets Captured:**
+- Patterns that worked well (consensus ≥0.90, low iterations)
+- Anti-patterns that caused issues (high iterations, deliverable failures)
+- Strategy patterns (agent selection, validator scaling effectiveness)
+- Edge cases (timeout scenarios, race conditions, blocking issues)
+
+**Storage:**
+- SQLite database: `.claude/cfn-data/cfn-loop.db`
+- Table: `context_reflections`
+- Automatic tagging, deduplication, confidence scoring
+
+**Benefits:**
+- Future sprints learn from past mistakes
+- Adaptive validator scaling improves over time
+- Pattern recognition across projects
+- Knowledge accumulation (not lost between sessions)
+
+### Optional: Context Injection (Future Enhancement)
+Before spawning agents, inject relevant lessons:
+```bash
+# Not yet implemented in Task Mode, but available:
+./.claude/skills/cfn-ace-system/invoke-context-inject.sh \
+  --task "${TASK_DESCRIPTION}" \
+  --phase "${PHASE_NAME}" \
+  --tags "validation,consensus,deliverables"
+# Returns: Top N relevant bullets from past reflections
+```
+
+### Optional: Context Curation (Periodic Maintenance)
+Merge and deduplicate reflection data:
+```bash
+# Run monthly or after major epics:
+./.claude/skills/cfn-ace-system/invoke-context-curate.sh \
+  --confidence-threshold 0.85 \
+  --merge-similar-patterns
+```
+
+---
+
 ## Related Documentation
 
 - **CFN Coordinator Parameters**: `.claude/commands/cfn/CFN_COORDINATOR_PARAMETERS.md`
 - **Redis Coordination**: `.claude/skills/cfn-redis-coordination/SKILL.md`
 - **Product Owner Decision**: `.claude/skills/cfn-product-owner-decision/SKILL.md`
 - **Agent Output Standards**: `docs/AGENT_OUTPUT_STANDARDS.md`
+- **ACE System**: `.claude/skills/cfn-ace-system/SKILL.md`
 
 ---
 

package/claude-assets/commands/cfn/cfn-loop.md

@@ -1,6 +1,6 @@
 ---
 description: "Execute autonomous 3-loop self-correcting CFN workflow with automatic retry and consensus validation"
-argument-hint: "<task description> [--phase=name] [--mode=mvp|standard|enterprise] [--spawn-mode=cli|task] [--max-loop2=10] [--max-loop3=10]"
+argument-hint: "<task description> [--phase=name] [--mode=mvp|standard|enterprise] [--spawn-mode=cli|task] [--max-loop2=10] [--max-loop3=10] [--ace-reflect]"
 allowed-tools: ["Task", "TodoWrite", "Read", "Write", "Edit", "Bash", "Glob", "Grep"]
 ---
 
@@ -38,10 +38,11 @@ LOOP 3: Primary Swarm Execution with subtask iterations
 - `--phase=<name>`: Optional phase name for tracking
 - `--mode=<mvp|standard|enterprise>`: Coordinator mode (default: standard)
 - `--spawn-mode=<cli|task>`: Agent spawning method (default: cli)
-  - **cli**: Cost-optimized (95-98% savings), background execution, Redis monitoring
-  - **task**: Full visibility in Main Chat, direct spawning, debugging
+  - **cli**: Cost-optimized (95-98% savings), background execution, Redis monitoring, ACE always enabled
+  - **task**: Full visibility in Main Chat, direct spawning, debugging, ACE optional via flag
 - `--max-loop2=<n>`: Max consensus iterations (default: 10)
 - `--max-loop3=<n>`: Max primary swarm iterations (default: 10)
+- `--ace-reflect`: Enable ACE reflection after each sprint (Task mode only, captures lessons learned)
 
 ## Coordinator Modes
 

package/claude-assets/hooks/cfn-invoke-security-validation.sh

@@ -0,0 +1,70 @@
+#!/bin/bash
+# Security Validation Hook for Docker Hybrid Routing
+
+set -euo pipefail
+
+# Validate secret management configurations
+validate_secret_management() {
+    local file_path="$1"
+
+    # Check for hardcoded secrets
+    if grep -qE '(sk-ant-|token-|api_key=)' "$file_path"; then
+        echo "❌ SECURITY RISK: Potential secret exposure in $file_path"
+        return 1
+    fi
+
+    # Check for proper environment variable naming
+    if grep -qE 'API_KEY=|SECRET=|TOKEN=' "$file_path"; then
+        echo "⚠️ NAMING RISK: Inconsistent secret variable names in $file_path"
+        return 2
+    fi
+
+    return 0
+}
+
+# Validate Docker network configurations
+validate_docker_network() {
+    local compose_file="$1"
+
+    # Check for overly permissive network configurations
+    if ! grep -qE 'driver_opts:\n\s*encrypted:\s*"true"' "$compose_file"; then
+        echo "❌ NETWORK RISK: Network encryption not enabled"
+        return 1
+    fi
+
+    if ! grep -qE 'driver:\s*overlay' "$compose_file"; then
+        echo "⚠️ NETWORK CONFIG: Recommended to use overlay network for better isolation"
+        return 2
+    fi
+
+    return 0
+}
+
+# Main validation function
+main() {
+    local file_path="$1"
+    local file_name=$(basename "$file_path")
+    local exit_code=0
+
+    echo "🔒 Running security validation for $file_name"
+
+    case "$file_name" in
+        docker-compose.yml|docker-compose.*.yml)
+            validate_docker_network "$file_path" || exit_code=$?
+            ;;
+        .env|*.env)
+            validate_secret_management "$file_path" || exit_code=$?
+            ;;
+    esac
+
+    if [ $exit_code -eq 0 ]; then
+        echo "✅ Security validation passed for $file_name"
+    else
+        echo "🚨 Security validation failed for $file_name (Error code: $exit_code)"
+    fi
+
+    return $exit_code
+}
+
+# Execute main validation
+main "$@"