npm - claude-flow-novice - Versions diffs - 2.16.0 → 2.16.1 - Mend

claude-flow-novice 2.16.0 → 2.16.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (154) hide show

package/claude-assets/hooks/install-git-hooks.sh ADDED Viewed

@@ -0,0 +1,243 @@
+#!/bin/bash
+# Git Hooks Installation Script
+# Installs security-focused git hooks to prevent credential exposure
+# Usage: bash .claude/hooks/install-git-hooks.sh [--force]
+set -euo pipefail
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+BOLD='\033[1m'
+NC='\033[0m'
+# Configuration
+PROJECT_ROOT=$(git rev-parse --show-toplevel 2>/dev/null || pwd)
+GIT_HOOKS_DIR="$PROJECT_ROOT/.git/hooks"
+HOOKS_SOURCE_DIR="$PROJECT_ROOT/.claude/hooks"
+FORCE_INSTALL=false
+# Exit codes
+EXIT_SUCCESS=0
+EXIT_ERROR=1
+# Parse arguments
+parse_arguments() {
+    while [[ $# -gt 0 ]]; do
+        case "$1" in
+            --force)
+                FORCE_INSTALL=true
+                shift
+                ;;
+            --help)
+                show_help
+                exit $EXIT_SUCCESS
+                ;;
+            *)
+                echo "Unknown argument: $1"
+                show_help
+                exit $EXIT_ERROR
+                ;;
+        esac
+    done
+}
+# Show help message
+show_help() {
+    cat << 'EOF'
+Usage: bash .claude/hooks/install-git-hooks.sh [OPTIONS]
+Install git hooks to prevent credential exposure and ensure code quality.
+Options:
+  --force         Overwrite existing hooks without confirmation
+  --help          Show this help message
+Installed Hooks:
+  .git/hooks/pre-commit - Scans staged files for credentials before commit
+Exit Codes:
+  0 - Installation successful
+  1 - Installation failed
+Examples:
+  # Install with confirmation prompts
+  bash .claude/hooks/install-git-hooks.sh
+  # Install with force overwrite (CI/CD)
+  bash .claude/hooks/install-git-hooks.sh --force
+For more information, see .claude/hooks/README-GIT-HOOKS.md
+EOF
+}
+# Validate project structure
+validate_project() {
+    if [ ! -d "$PROJECT_ROOT/.git" ]; then
+        echo -e "${RED}ERROR: Not a git repository${NC}"
+        echo "Run this script from the root of a git repository"
+        return $EXIT_ERROR
+    fi
+    if [ ! -d "$HOOKS_SOURCE_DIR" ]; then
+        echo -e "${RED}ERROR: .claude/hooks directory not found${NC}"
+        echo "Expected location: $HOOKS_SOURCE_DIR"
+        return $EXIT_ERROR
+    fi
+    return $EXIT_SUCCESS
+}
+# Check if .artifacts/logs directory exists, create if needed
+ensure_logs_directory() {
+    local logs_dir="$PROJECT_ROOT/.artifacts/logs"
+    if [ ! -d "$logs_dir" ]; then
+        mkdir -p "$logs_dir"
+        echo -e "${BLUE}Created logs directory: $logs_dir${NC}"
+    fi
+}
+# Install a single git hook
+install_hook() {
+    local hook_source="$1"
+    local hook_name=$(basename "$hook_source")
+    local hook_dest="$GIT_HOOKS_DIR/$hook_name"
+    # Check if hook source exists
+    if [ ! -f "$hook_source" ]; then
+        echo -e "${YELLOW}WARNING: Hook source not found: $hook_source${NC}"
+        return 1
+    fi
+    # Check if destination hook already exists
+    if [ -f "$hook_dest" ]; then
+        if [ "$FORCE_INSTALL" = false ]; then
+            echo -e "${YELLOW}Hook already exists: $hook_name${NC}"
+            read -p "Overwrite? (y/n) " -n 1 -r
+            echo
+            if [[ ! $REPLY =~ ^[Yy]$ ]]; then
+                echo -e "${BLUE}Skipped: $hook_name${NC}"
+                return 0
+            fi
+        else
+            echo -e "${BLUE}Overwriting: $hook_name${NC}"
+        fi
+    fi
+    # Copy hook file
+    cp "$hook_source" "$hook_dest"
+    chmod +x "$hook_dest"
+    # Validate installation
+    if [ ! -f "$hook_dest" ] || [ ! -x "$hook_dest" ]; then
+        echo -e "${RED}FAILED to install: $hook_name${NC}"
+        return $EXIT_ERROR
+    fi
+    echo -e "${GREEN}Installed: $hook_name${NC}"
+    return $EXIT_SUCCESS
+}
+# Validate hook is functional
+validate_hook() {
+    local hook_name="$1"
+    local hook_path="$GIT_HOOKS_DIR/$hook_name"
+    if [ ! -f "$hook_path" ]; then
+        echo -e "${RED}VALIDATION FAILED: Hook file not found${NC}"
+        return $EXIT_ERROR
+    fi
+    if [ ! -x "$hook_path" ]; then
+        echo -e "${RED}VALIDATION FAILED: Hook is not executable${NC}"
+        return $EXIT_ERROR
+    fi
+    # Check for bash shebang
+    if ! head -1 "$hook_path" | grep -q "^#!/bin/bash"; then
+        echo -e "${RED}VALIDATION FAILED: Hook missing bash shebang${NC}"
+        return $EXIT_ERROR
+    fi
+    echo -e "${GREEN}VALIDATION PASSED: $hook_name${NC}"
+    return $EXIT_SUCCESS
+}
+# Main installation logic
+main() {
+    echo -e "${BOLD}Git Hooks Installation${NC}"
+    echo "========================================"
+    echo ""
+    # Parse arguments
+    parse_arguments "$@"
+    # Validate project structure
+    if ! validate_project; then
+        exit $EXIT_ERROR
+    fi
+    # Ensure logs directory exists
+    ensure_logs_directory
+    echo -e "${BLUE}Installing git hooks to: $GIT_HOOKS_DIR${NC}"
+    echo ""
+    local install_count=0
+    local fail_count=0
+    # Install pre-commit hook
+    if install_hook "$PROJECT_ROOT/.git/hooks/pre-commit"; then
+        install_count=$((install_count + 1))
+    else
+        fail_count=$((fail_count + 1))
+    fi
+    echo ""
+    # Validate installations
+    echo -e "${BOLD}Validating installations...${NC}"
+    echo ""
+    if ! validate_hook "pre-commit"; then
+        fail_count=$((fail_count + 1))
+    fi
+    echo ""
+    echo -e "${BOLD}Installation Summary${NC}"
+    echo "========================================"
+    echo "Installed hooks: $install_count"
+    echo "Failed hooks: $fail_count"
+    echo ""
+    if [ $fail_count -eq 0 ]; then
+        echo -e "${GREEN}✅ All hooks installed successfully${NC}"
+        echo ""
+        echo -e "${BOLD}Next steps:${NC}"
+        echo "  1. Try committing a file with a mock credential:"
+        echo "     git add test.txt"
+        echo "     echo 'API_KEY=sk-ant-test123456789' >> test.txt"
+        echo "     git commit -m 'Test credential detection'"
+        echo ""
+        echo "  2. The pre-commit hook will block the commit"
+        echo ""
+        echo "  3. For test files, use whitelisted patterns:"
+        echo "     - sk-ant-mock"
+        echo "     - npm_MockTestKey"
+        echo "     - test_key / mock_key"
+        echo "     - [REDACTED]"
+        echo ""
+        echo -e "${BOLD}Documentation:${NC}"
+        echo "  .claude/hooks/README-GIT-HOOKS.md"
+        echo ""
+        return $EXIT_SUCCESS
+    else
+        echo -e "${RED}❌ Installation failed${NC}"
+        return $EXIT_ERROR
+    fi
+}
+# Execute main function
+main "$@"

package/claude-assets/hooks/subagent-start.sh ADDED Viewed

@@ -0,0 +1,98 @@
+#!/bin/bash
+# SubagentStart Hook - Claude Code v2.0.43+
+# Automatically invoked when Main Chat spawns a Task() agent
+#
+# High-value features:
+# 1. Automatic SQLite lifecycle tracking
+# 2. Protocol dependency validation (prevents "consensus on vapor")
+set -euo pipefail
+# Hook input (provided by Claude Code)
+AGENT_ID="${AGENT_ID:-unknown}"
+AGENT_TYPE="${AGENT_TYPE:-unknown}"
+TASK_ID="${TASK_ID:-unknown}"
+SPAWNED_AT=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+# Project paths
+PROJECT_ROOT=$(git rev-parse --show-toplevel 2>/dev/null || echo ".")
+DB_PATH="${PROJECT_ROOT}/claude-assets/skills/cfn-redis-coordination/data/cfn-loop.db"
+LOG_PATH="${PROJECT_ROOT}/.artifacts/logs/subagent-lifecycle.log"
+# Ensure directories exist
+mkdir -p "$(dirname "$DB_PATH")"
+mkdir -p "$(dirname "$LOG_PATH")"
+# ============================================================================
+# Feature 1: Automatic SQLite Lifecycle Tracking
+# ============================================================================
+# Initialize database schema if needed
+sqlite3 "$DB_PATH" <<EOF
+CREATE TABLE IF NOT EXISTS agents (
+    id TEXT PRIMARY KEY,
+    type TEXT NOT NULL,
+    status TEXT NOT NULL,
+    confidence REAL,
+    spawned_at TEXT,
+    completed_at TEXT,
+    metadata TEXT
+);
+EOF
+# Insert spawn record
+sqlite3 "$DB_PATH" <<EOF
+INSERT OR REPLACE INTO agents (id, type, status, spawned_at, metadata)
+VALUES (
+    '$AGENT_ID',
+    '$AGENT_TYPE',
+    'spawned',
+    '$SPAWNED_AT',
+    '{"source": "subagent_start_hook", "task_id": "$TASK_ID"}'
+);
+EOF
+echo "[SubagentStart] Lifecycle tracking: $AGENT_ID ($AGENT_TYPE) spawned at $SPAWNED_AT" | tee -a "$LOG_PATH"
+# ============================================================================
+# Feature 2: Protocol Dependency Validation
+# ============================================================================
+# Extract phase from agent type (e.g., "loop2-validator" -> "loop2")
+if [[ "$AGENT_TYPE" =~ ^loop([0-9]+)- ]]; then
+    PHASE="${BASH_REMATCH[1]}"
+    # Loop 2 validators must wait for Loop 3 completion
+    if [ "$PHASE" = "2" ] && [ "$TASK_ID" != "unknown" ]; then
+        LOOP3_COMPLETED=$(sqlite3 "$DB_PATH" "SELECT COUNT(*) FROM agents WHERE metadata LIKE '%\"task_id\": \"$TASK_ID\"%' AND type LIKE 'loop3-%' AND status='completed';")
+        if [ "$LOOP3_COMPLETED" -eq 0 ]; then
+            echo "[SubagentStart] ERROR: Loop 2 agent spawned before Loop 3 completion (task: $TASK_ID)" | tee -a "$LOG_PATH"
+            echo "WARN: Protocol violation detected - Loop 2 validator spawning before Loop 3 implementers complete"
+            echo "This may indicate 'consensus on vapor' anti-pattern"
+            # Don't exit 1 - allow spawn but log warning for debugging
+        else
+            echo "[SubagentStart] Protocol check passed: Loop 3 completed ($LOOP3_COMPLETED agents) before Loop 2 spawn" | tee -a "$LOG_PATH"
+        fi
+    fi
+    # Product Owner must wait for Loop 2 completion
+    if [[ "$AGENT_TYPE" =~ product-owner ]] && [ "$TASK_ID" != "unknown" ]; then
+        LOOP2_COMPLETED=$(sqlite3 "$DB_PATH" "SELECT COUNT(*) FROM agents WHERE metadata LIKE '%\"task_id\": \"$TASK_ID\"%' AND type LIKE 'loop2-%' AND status='completed';")
+        if [ "$LOOP2_COMPLETED" -eq 0 ]; then
+            echo "[SubagentStart] ERROR: Product Owner spawned before Loop 2 completion (task: $TASK_ID)" | tee -a "$LOG_PATH"
+            echo "WARN: Protocol violation - Product Owner making decisions before validator review"
+            # Don't exit 1 - allow spawn but log warning
+        else
+            echo "[SubagentStart] Protocol check passed: Loop 2 completed ($LOOP2_COMPLETED agents) before Product Owner spawn" | tee -a "$LOG_PATH"
+        fi
+    fi
+fi
+# ============================================================================
+# Success Exit
+# ============================================================================
+echo "[SubagentStart] Hook completed successfully for $AGENT_ID" | tee -a "$LOG_PATH"
+exit 0

package/claude-assets/hooks/subagent-stop.sh ADDED Viewed

@@ -0,0 +1,93 @@
+#!/bin/bash
+# SubagentStop Hook - Claude Code v2.0.43+
+# Automatically invoked when Task() agent completes
+#
+# High-value features:
+# 1. Automatic lifecycle completion tracking
+# 2. Transcript collection for post-mortem analysis
+set -euo pipefail
+# Hook input (provided by Claude Code v2.0.42+)
+AGENT_ID="${AGENT_ID:-unknown}"
+AGENT_TYPE="${AGENT_TYPE:-unknown}"
+AGENT_TRANSCRIPT_PATH="${AGENT_TRANSCRIPT_PATH:-}"
+TASK_ID="${TASK_ID:-unknown}"
+COMPLETED_AT=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+# Project paths
+PROJECT_ROOT=$(git rev-parse --show-toplevel 2>/dev/null || echo ".")
+DB_PATH="${PROJECT_ROOT}/claude-assets/skills/cfn-redis-coordination/data/cfn-loop.db"
+LOG_PATH="${PROJECT_ROOT}/.artifacts/logs/subagent-lifecycle.log"
+TRANSCRIPT_DIR="${PROJECT_ROOT}/.artifacts/transcripts"
+# Ensure directories exist
+mkdir -p "$(dirname "$DB_PATH")"
+mkdir -p "$(dirname "$LOG_PATH")"
+mkdir -p "$TRANSCRIPT_DIR"
+# ============================================================================
+# Feature 1: Automatic Lifecycle Completion Tracking
+# ============================================================================
+# Update completion status in SQLite
+sqlite3 "$DB_PATH" <<EOF
+UPDATE agents
+SET
+    status = 'completed',
+    completed_at = '$COMPLETED_AT'
+WHERE id = '$AGENT_ID';
+EOF
+echo "[SubagentStop] Lifecycle tracking: $AGENT_ID ($AGENT_TYPE) completed at $COMPLETED_AT" | tee -a "$LOG_PATH"
+# ============================================================================
+# Feature 2: Transcript Collection for Post-Mortem Analysis
+# ============================================================================
+if [ -n "$AGENT_TRANSCRIPT_PATH" ] && [ -f "$AGENT_TRANSCRIPT_PATH" ]; then
+    # Determine transcript archive path
+    TRANSCRIPT_ARCHIVE="$TRANSCRIPT_DIR/${AGENT_ID}.jsonl"
+    # Copy transcript to archive
+    cp "$AGENT_TRANSCRIPT_PATH" "$TRANSCRIPT_ARCHIVE"
+    # Update metadata with transcript path
+    sqlite3 "$DB_PATH" <<EOF
+UPDATE agents
+SET metadata = json_set(
+    metadata,
+    '$.transcript_path',
+    '$TRANSCRIPT_ARCHIVE'
+)
+WHERE id = '$AGENT_ID';
+EOF
+    # Extract key metrics from transcript (tool usage, confidence scores)
+    # JSONL format: one JSON object per line
+    TOOL_CALLS=$(grep -c '"type":"tool_use"' "$AGENT_TRANSCRIPT_PATH" 2>/dev/null || echo 0)
+    LAST_MESSAGE=$(tail -n 1 "$AGENT_TRANSCRIPT_PATH" 2>/dev/null || echo "{}")
+    echo "[SubagentStop] Transcript collected: $TRANSCRIPT_ARCHIVE ($TOOL_CALLS tool calls)" | tee -a "$LOG_PATH"
+    # Store metrics
+    sqlite3 "$DB_PATH" <<EOF
+UPDATE agents
+SET metadata = json_set(
+    metadata,
+    '$.tool_calls',
+    $TOOL_CALLS
+)
+WHERE id = '$AGENT_ID';
+EOF
+else
+    echo "[SubagentStop] No transcript available for $AGENT_ID (path: $AGENT_TRANSCRIPT_PATH)" | tee -a "$LOG_PATH"
+fi
+# ============================================================================
+# Success Exit
+# ============================================================================
+echo "[SubagentStop] Hook completed successfully for $AGENT_ID" | tee -a "$LOG_PATH"
+exit 0

package/claude-assets/hooks/validators/credential-scanner.sh ADDED Viewed

@@ -0,0 +1,172 @@
+#!/bin/bash
+# Post-Edit Credential Scanner
+# Scans files for exposed credentials before commit
+# Integrated with cfn-post-edit.config.json
+set -euo pipefail
+FILE_PATH="$1"
+AGENT_ID="${2:-unknown}"
+# Exit codes
+EXIT_SUCCESS=0
+EXIT_CREDENTIAL_FOUND=11  # New exit code for credential detection
+EXIT_ERROR=1
+# Credential patterns (high-confidence detection)
+declare -a PATTERNS=(
+    # API Keys
+    "sk-ant-[a-zA-Z0-9_-]{40,}"                           # Anthropic API keys
+    "sk-zai-[a-zA-Z0-9._-]{20,}"                          # Z.ai API keys
+    "npm_[a-zA-Z0-9]{36}"                                 # NPM API keys
+    "tr_dev_[a-zA-Z0-9]{16,}"                             # Trigger.dev API keys
+    "AIzaSy[a-zA-Z0-9_-]{33}"                             # Google API keys
+    "xai-[a-zA-Z0-9]{32,}"                                # XAi API keys
+    "grok-[a-zA-Z0-9]{32,}"                               # Grok API keys
+    # Generic patterns
+    "[a-zA-Z0-9]{32,}\.SUs3hnpAZAGsQDHX"                  # Z.ai token format
+    "[a-zA-Z0-9]{32,}\.QO8R0JxF4fucsoWL"                  # Legacy Z.ai format
+    "[a-zA-Z0-9]{32,}\.gDXkwrMNlYcqE8mF"                  # Legacy Z.ai format
+    # Environment variable assignments (suspicious)
+    "ANTHROPIC_API_KEY\s*=\s*[\"']sk-ant-"
+    "ZAI_API_KEY\s*=\s*[\"'][a-zA-Z0-9._-]{20,}"
+    "NPM_API_KEY\s*=\s*[\"']npm_"
+    "TRIGGER_API_KEY\s*=\s*[\"']tr_dev_"
+    "REDIS_PASSWORD\s*=\s*[\"'][a-zA-Z0-9]{16,}"
+    "POSTGRES_PASSWORD\s*=\s*[\"'][a-zA-Z0-9]{16,}"
+    # JSON/YAML credentials
+    "\"api_key\"\s*:\s*\"[a-zA-Z0-9_-]{20,}\""
+    "\"apiKey\"\s*:\s*\"[a-zA-Z0-9_-]{20,}\""
+    "\"auth_token\"\s*:\s*\"[a-zA-Z0-9._-]{20,}\""
+    "\"password\"\s*:\s*\"[a-zA-Z0-9]{16,}\""
+)
+# Whitelist patterns (safe to ignore)
+declare -a WHITELIST=(
+    "\\[REDACTED\\]"                                      # Already redacted
+    "YOUR_API_KEY"                                        # Placeholder
+    "YOUR_.*_KEY"                                         # Generic placeholder
+    "example\\.com"                                       # Example domains
+    "test[_-]?key"                                        # Test keys
+    "mock[_-]?key"                                        # Mock keys
+    "sk-ant-mock"                                         # Mock Anthropic keys
+    "npm_MockTestKey"                                     # Mock NPM keys
+)
+# Check if file should be scanned
+should_scan_file() {
+    local file="$1"
+    # Skip binary files
+    if file "$file" | grep -q "binary"; then
+        return 1
+    fi
+    # Skip large files (>1MB)
+    if [ $(stat -f%z "$file" 2>/dev/null || stat -c%s "$file" 2>/dev/null) -gt 1048576 ]; then
+        return 1
+    fi
+    # Scan these file types
+    case "$file" in
+        *.ts|*.tsx|*.js|*.jsx|*.json|*.md|*.sh|*.bash|*.env*|*.yaml|*.yml|*.txt)
+            return 0
+            ;;
+        *)
+            return 1
+            ;;
+    esac
+}
+# Check if match is whitelisted
+is_whitelisted() {
+    local match="$1"
+    for pattern in "${WHITELIST[@]}"; do
+        if echo "$match" | grep -qE "$pattern"; then
+            return 0
+        fi
+    done
+    return 1
+}
+# Scan file for credentials
+scan_file() {
+    local file="$1"
+    local findings=0
+    local line_number
+    local matched_line
+    for pattern in "${PATTERNS[@]}"; do
+        while IFS=: read -r line_number matched_line; do
+            # Skip if whitelisted
+            if is_whitelisted "$matched_line"; then
+                continue
+            fi
+            findings=$((findings + 1))
+            # Redact the actual credential in output
+            local redacted_line=$(echo "$matched_line" | sed -E "s/${pattern}/[CREDENTIAL_REDACTED]/g")
+            echo "⚠️  CREDENTIAL DETECTED:"
+            echo "   File: $file"
+            echo "   Line: $line_number"
+            echo "   Match: $redacted_line"
+            echo "   Pattern: $pattern"
+            echo ""
+        done < <(grep -nE "$pattern" "$file" 2>/dev/null || true)
+    done
+    return $findings
+}
+# Main execution
+main() {
+    if [ ! -f "$FILE_PATH" ]; then
+        echo "ERROR: File not found: $FILE_PATH" >&2
+        exit $EXIT_ERROR
+    fi
+    # Check if file should be scanned
+    if ! should_scan_file "$FILE_PATH"; then
+        # File type not scannable, exit success
+        exit $EXIT_SUCCESS
+    fi
+    echo "🔍 Scanning for credentials: $FILE_PATH"
+    # Scan file
+    if scan_file "$FILE_PATH"; then
+        echo ""
+        echo "✅ No credentials detected in $FILE_PATH"
+        exit $EXIT_SUCCESS
+    else
+        findings=$?
+        echo ""
+        echo "❌ SECURITY ALERT: $findings credential(s) detected in $FILE_PATH"
+        echo ""
+        echo "🛡️  REMEDIATION STEPS:"
+        echo "   1. Replace credentials with [REDACTED] placeholder"
+        echo "   2. Move credentials to root .env file"
+        echo "   3. Use environment variables instead of hardcoded values"
+        echo "   4. If this is a test file, use mock credentials"
+        echo ""
+        echo "🚨 BLOCKED: File NOT saved to prevent credential exposure"
+        echo ""
+        # Log finding for audit trail
+        if [ -n "${AGENT_ID:-}" ]; then
+            echo "$(date -Iseconds) | AGENT:$AGENT_ID | FILE:$FILE_PATH | CREDENTIALS:$findings" >> .artifacts/logs/credential-scanner.log
+        fi
+        exit $EXIT_CREDENTIAL_FOUND
+    fi
+}
+main "$@"

package/claude-assets/root-claude-distribute/CFN-CLAUDE.md CHANGED Viewed

@@ -486,7 +486,7 @@ Implement comprehensive test suites that validate both functional requirements a
 - CFN Loop Validation: `.claude/skills/cfn-loop-validation/SKILL.md`
 **CFN Loop Documentation:**
-- **Task Mode Guide**: `.claude/commands/cfn/CFN_LOOP_TASK_MODE.md` (agent specialization, sprint workflow, backlog management, adaptive validator scaling)
+- **Task Mode Guide**: `.claude/commands/CFN_LOOP_TASK_MODE.md` (agent specialization, sprint workflow, backlog management, adaptive validator scaling)
 - Coordinator Parameters: `.claude/commands/cfn/CFN_COORDINATOR_PARAMETERS.md`
 **Migration Analytics:**

package/claude-assets/skills/cfn-backlog-management/SKILL.md CHANGED Viewed

@@ -195,5 +195,5 @@ grep -B 2 "Category: Optimization" readme/BACKLOG.md
 ## References
 - **STRAT-025**: Explicit Deliverable Tracking (adaptive context)
-- **CFN Loop Documentation**: `.claude/commands/cfn/CFN_LOOP_TASK_MODE.md`
+- **CFN Loop Documentation**: `.claude/commands/CFN_LOOP_TASK_MODE.md`
 - **Sprint Execution**: CLAUDE.md Section 6 - Sprint Context Injection