npm - codebyplan - Versions diffs - 1.13.61 → 1.13.62 - Mend

codebyplan 1.13.61 → 1.13.62

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (64) hide show

package/dist/cli.js CHANGED Viewed

@@ -48,7 +48,7 @@ var VERSION, PACKAGE_NAME;
 var init_version = __esm({
   "src/lib/version.ts"() {
     "use strict";
-    VERSION = "1.13.61";
+    VERSION = "1.13.62";
     PACKAGE_NAME = "codebyplan";
   }
 });
@@ -38478,6 +38478,25 @@ function emitTable(result) {
   lines.push("");
   process.stdout.write(lines.join("\n") + "\n");
 }
+function emitFailureDiagnostics(result) {
+  for (const r of result.results) {
+    if (r.status !== "fail" || !r.executed) {
+      continue;
+    }
+    const combined = [r.stdout, r.stderr].filter(Boolean).join("\n").trimEnd();
+    if (combined.length === 0) {
+      continue;
+    }
+    process.stderr.write(
+      `
+--- check: ${r.check} FAILED (captured output) ---
+`
+    );
+    process.stderr.write(combined + "\n");
+    process.stderr.write(`--- end: ${r.check} ---
+`);
+  }
+}
 function runCheckCommand(args) {
   const parsed = parseCheckArgs(args);
   if (parsed === null) {
@@ -38497,6 +38516,7 @@ function runCheckCommand(args) {
   } else {
     emitTable(result);
   }
+  emitFailureDiagnostics(result);
   if (result.any_failed) {
     process.exitCode = 1;
   }
@@ -41095,15 +41115,17 @@ function auditSkill(filePath) {
   const model = fm.model ?? null;
   const effort = fm.effort ?? null;
   const gaps = [];
-  if (model !== null) {
-    gaps.push("model: must be absent for skills");
+  if (model === null) {
+    gaps.push("model: absent (expected 'inherit')");
+  } else if (model !== "inherit") {
+    gaps.push(`model: expected 'inherit', got '${model}'`);
   }
   if (!effort) {
     gaps.push("effort: absent (default xhigh required)");
   } else if (!VALID_EFFORT_VALUES.has(effort)) {
     gaps.push(`effort: invalid value '${effort}'`);
   }
-  const expectedStr = `effort:${effort && VALID_EFFORT_VALUES.has(effort) ? effort : "xhigh"}`;
+  const expectedStr = `model:inherit/effort:${effort && VALID_EFFORT_VALUES.has(effort) ? effort : "xhigh"}`;
   const status = gaps.length === 0 ? "ok" : "gap";
   return {
     path: filePath,
@@ -41145,7 +41167,13 @@ var init_claude_mode_audit = __esm({
       "cbp-mechanical-edits": { model: "haiku", effort: "low" },
       // Read-only module analyzer: bounded structured-map generation, deliberately
       // lighter than the xhigh default. Documented in cbp-build-cc-mode's matrix.
-      "cbp-map-architecture": { model: "sonnet", effort: "high" }
+      "cbp-map-architecture": { model: "sonnet", effort: "high" },
+      // E2E specialist: bounded test-execution scope; sonnet+high calibrated in CHK-229.
+      "cbp-e2e-maestro": { model: "sonnet", effort: "high" },
+      "cbp-e2e-playwright": { model: "sonnet", effort: "high" },
+      "cbp-e2e-tauri": { model: "sonnet", effort: "high" },
+      "cbp-e2e-vscode": { model: "sonnet", effort: "high" },
+      "cbp-e2e-xcuitest": { model: "sonnet", effort: "high" }
     };
     AGENT_DEFAULT = { model: "sonnet", effort: "xhigh" };
     VALID_EFFORT_VALUES = /* @__PURE__ */ new Set(["low", "medium", "high", "xhigh", "max"]);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "codebyplan",
-  "version": "1.13.61",
+  "version": "1.13.62",
   "description": "CLI for CodeByPlan — AI-powered development planning and tracking",
   "type": "module",
   "bin": {

package/templates/agents/cbp-e2e-maestro.md CHANGED Viewed

@@ -3,7 +3,7 @@ name: cbp-e2e-maestro
 description: Maestro E2E flow authoring + execution for Expo/React Native mobile apps (android + ios). Spawned by /cbp-round-build Step 5 and /cbp-checkpoint-check Step 5b when framework is 'maestro'.
 tools: Read, Write, Edit, Glob, Grep, Bash, AskUserQuestion, mcp__codebyplan__get_repos
 model: sonnet
-effort: xhigh
+effort: high
 ---
 # Maestro E2E Agent

package/templates/agents/cbp-e2e-playwright.md CHANGED Viewed

@@ -3,7 +3,7 @@ name: cbp-e2e-playwright
 description: Playwright E2E test authoring + execution for web app routes. Spawned by /cbp-round-build Step 5 and /cbp-checkpoint-check Step 5b when framework is 'playwright'.
 tools: Read, Write, Edit, Glob, Grep, Bash, AskUserQuestion, mcp__codebyplan__get_repos
 model: sonnet
-effort: xhigh
+effort: high
 ---
 # Playwright E2E Agent

package/templates/agents/cbp-e2e-tauri.md CHANGED Viewed

@@ -3,7 +3,7 @@ name: cbp-e2e-tauri
 description: WebDriverIO + tauri-driver E2E test authoring + execution for Tauri desktop apps. Spawned by /cbp-round-build Step 5 and /cbp-checkpoint-check Step 5b when framework is 'webdriverio'.
 tools: Read, Write, Edit, Glob, Grep, Bash, AskUserQuestion, mcp__codebyplan__get_repos
 model: sonnet
-effort: xhigh
+effort: high
 ---
 # Tauri E2E Agent

package/templates/agents/cbp-e2e-vscode.md CHANGED Viewed

@@ -3,7 +3,7 @@ name: cbp-e2e-vscode
 description: VS Code extension E2E test authoring + execution using @vscode/test-cli and @vscode/test-electron. Spawned by /cbp-round-build Step 5 and /cbp-checkpoint-check Step 5b when framework is 'vscode-test'.
 tools: Read, Write, Edit, Glob, Grep, Bash, AskUserQuestion, mcp__codebyplan__get_repos
 model: sonnet
-effort: xhigh
+effort: high
 ---
 # VS Code Extension E2E Agent

package/templates/agents/cbp-e2e-xcuitest.md CHANGED Viewed

@@ -3,7 +3,7 @@ name: cbp-e2e-xcuitest
 description: XCUITest native iOS E2E test authoring + execution for Expo apps targeting system dialogs, HealthKit, watchOS, or other areas Maestro cannot reach. Spawned by /cbp-round-build Step 5 and /cbp-checkpoint-check Step 5b when framework is 'xcuitest'.
 tools: Read, Write, Edit, Glob, Grep, Bash, AskUserQuestion, mcp__codebyplan__get_repos
 model: sonnet
-effort: xhigh
+effort: high
 ---
 # XCUITest E2E Agent

package/templates/rules/effort-and-ultracode.md ADDED Viewed

@@ -0,0 +1,70 @@
+---
+description: Effort ladder (low..max), per-model support, frontmatter usage, and the session-only ultracode mode.
+---
+# Effort and Ultracode
+On-demand reference for effort levels and the ultracode mode in Claude Code.
+## Effort Ladder
+| Level | Gloss |
+|-------|-------|
+| `low` | Latency-sensitive, trivial tasks — minimal reasoning |
+| `medium` | Standard tasks — moderate reasoning |
+| `high` | Default for most models — solid reasoning budget |
+| `xhigh` | Extended reasoning — slower, better for complex multi-step work |
+| `max` | Deepest reasoning available — session-only, can overthink simple tasks |
+## Per-Model Support
+| Model | Supported levels | Default effort |
+|-------|-----------------|----------------|
+| Opus 4.8, Fable 5 | `low` `medium` `high` `xhigh` `max` | `high` |
+| Opus 4.7 | `low` `medium` `high` `xhigh` `max` | `xhigh` |
+| Opus 4.6, Sonnet 4.6 | `low` `medium` `high` `max` (`xhigh` → falls back to `high`) | `high` |
+## Precedence (highest → lowest)
+1. `CLAUDE_CODE_EFFORT_LEVEL` env var
+2. Frontmatter `effort:` (while a skill/agent is active)
+3. `effortLevel` in `settings.json`
+4. Model default
+## Frontmatter Usage
+Skills set `model: inherit` + `effort: <level>`. Subagents pin `model: <id>` + `effort: <level>`.
+Both override the session level only while active.
+`effort: ultracode` is **invalid** in frontmatter — `validate-skill.sh` errors on it. Use
+`effort: max` for the heaviest per-skill reasoning budget; enable ultracode session-wide with
+`/effort ultracode`.
+## settings.json `effortLevel`
+Accepts `low | medium | high | xhigh` **only**. `max` and `ultracode` are session-only and
+rejected by the settings validator.
+This repo's default is `xhigh` (`.claude/settings.json`). You **cannot** default ultracode
+in settings.json — enable it per-session instead.
+## Ultracode Mode
+ultracode = `xhigh` reasoning + automatic Workflow orchestration for substantive tasks.
+It is a **session-only** Claude Code mode, NOT a frontmatter `effort` value, NOT `effortLevel`,
+NOT `--effort`, NOT `CLAUDE_CODE_EFFORT_LEVEL`.
+**Enable via:**
+- `/effort ultracode` (in-session slash command)
+- `claude --settings '{"ultracode": true}'`
+- An Agent SDK control request
+Applies to the current session only — resets on a new session.
+**When to enable:** heavy multi-step checkpoints where deterministic multi-agent fan-out
+helps. See `rules/workflow-orchestration.md` for full orchestration guidance.
+## Related
+- `rules/model-invocation-convention.md` — model pinning in skill/agent frontmatter
+- `rules/workflow-orchestration.md` — Workflow tool pattern, opt-in gate, and when to use it instead of ad-hoc Task/Agent spawns

package/templates/rules/model-invocation-convention.md CHANGED Viewed

@@ -38,3 +38,4 @@ See `.claude/skills/cbp-build-cc-settings/reference/cbp-permission-policy.md` fo
 - `rules/scope-vocabulary.md` — scope marker conventions for managed vs user-created files
 - `cbp-build-cc-settings/reference/cbp-permission-policy.md` — allow/ask tiers
+- `rules/effort-and-ultracode.md` — effort ladder, per-model support, and the session-only ultracode mode

package/templates/rules/workflow-orchestration.md ADDED Viewed

@@ -0,0 +1,59 @@
+---
+description: Workflow tool — deterministic JS multi-agent orchestration for heavy fan-out. What it is, when to reach for it, the opt-in gate, and how it relates to ad-hoc Task/Agent spawning.
+---
+# Workflow Orchestration
+On-demand reference for the `Workflow` tool — the structured alternative to ad-hoc `Task`/`Agent`
+spawning when a step fans out across many independent units of work.
+## What It Is
+`Workflow` runs a deterministic JavaScript orchestration script that spawns and coordinates
+subagents. The control flow (loops, conditionals, fan-out) lives in the script, not in model
+judgement. Core primitives:
+- `agent(prompt, opts)` — spawn a subagent; with a `schema` it returns a validated structured
+  object instead of raw text.
+- `parallel(thunks)` — run tasks concurrently to a **barrier** (awaits all before returning).
+- `pipeline(items, ...stages)` — stream each item through stages with **no barrier** between them
+  (the default for multi-stage work — wall-clock is the slowest single chain, not sum-of-stages).
+- `phase(title)` / `log(message)` — progress grouping and narration.
+Built in: per-agent structured-output validation, a concurrency cap, a shared token budget,
+loop-until-done / loop-until-dry accumulation, and resume from a prior run.
+## When To Reach For It
+- **Many independent items** — a per-module sweep, a per-file migration, a per-surface deploy.
+- **Parallel waves with a barrier** — wave A must fully complete before wave B starts.
+- **Adversarial / multi-vote verification** — N independent reviewers vote to confirm a finding.
+- **Scale beyond one context** — coverage a single conversation cannot hold.
+Contrast: a single one-off subagent stays on the plain `Task`/`Agent` tool. Workflow's setup
+overhead only pays off at fan-out scale.
+## Opt-In Gate
+`Workflow` is **not** invoked by default. Reach for it only when one holds:
+- **ultracode** mode is active in the session (`/effort ultracode`) — under ultracode Claude
+  auto-reaches for Workflow on substantive fan-out tasks; **or**
+- the **user explicitly opts in** ("use a workflow", "fan out agents", "orchestrate this"); **or**
+- a skill or command's own instructions tell you to author one.
+Outside those, do NOT call `Workflow` — use the existing `Task`/`Agent` spawn, or describe what a
+workflow could do and ask first. The tool can spawn dozens of agents and is token-heavy — the scale
+must be requested, not inferred.
+## Relationship to Task/Agent Spawning
+`Task`/`Agent` spawning is the **default** for subagent work and is unchanged everywhere it is used.
+`Workflow` is the **structured alternative** for heavy fan-out — additive, not a replacement. A
+common shape is **hybrid**: scout inline first to discover the work-list, then author a `Workflow`
+that pipelines over it.
+## Related
+- `rules/effort-and-ultracode.md` — effort ladder, per-model support, and the session-only ultracode mode that auto-enables this orchestration path
+- `rules/model-invocation-convention.md` — model pinning in skill/agent frontmatter

package/templates/skills/cbp-build-cc-agent/SKILL.md CHANGED Viewed

@@ -3,6 +3,7 @@ name: cbp-build-cc-agent
 description: Build a Claude Code subagent at .claude/agents/{name}.md (flat form, per the official sub-agents spec) following the official sub-agents spec (frontmatter, tools, model, hooks, skills preload, permission modes, isolation).
 argument-hint: "[agent-name] [--scope=project|user] [--isolation=worktree]"
 allowed-tools: Read, Write, Edit, Glob, Grep, Bash(mkdir *), Bash(chmod *)
+model: inherit
 effort: xhigh
 ---

package/templates/skills/cbp-build-cc-claude-file/SKILL.md CHANGED Viewed

@@ -3,6 +3,7 @@ name: cbp-build-cc-claude-file
 description: Create or update a CLAUDE.md file at any scope (managed, project, user, local) following the official memory spec — imports (@path), nested discovery, AGENTS.md bridge, comment stripping, and claudeMdExcludes.
 argument-hint: "[action] [--scope=managed|project|user|local]"
 allowed-tools: Read, Write, Edit, Glob, Grep
+model: inherit
 effort: xhigh
 ---

package/templates/skills/cbp-build-cc-mode/SKILL.md CHANGED Viewed

@@ -1,8 +1,9 @@
 ---
 name: cbp-build-cc-mode
-description: Audit + apply the CHK-109 model/effort convention across every authoring skill and agent under `packages/codebyplan-package/templates/`. Skills set `effort:` only and inherit the session model; agents pin `model:` + `effort:`. Bare invocation audits and reports frontmatter gaps; with a path argument, edits the target file's frontmatter to the convention-decided values.
+description: Audit + apply the CHK-229 model/effort convention across every authoring skill and agent under `packages/codebyplan-package/templates/`. Skills set `model: inherit` + `effort:`; agents pin `model:` + `effort:`. Bare invocation audits and reports frontmatter gaps; with a path argument, edits the target file's frontmatter to the convention-decided values.
 argument-hint: "[path-to-agent-or-skill]"
 allowed-tools: Read, Write, Edit, Glob, Grep
+model: inherit
 effort: xhigh
 ---
@@ -12,8 +13,8 @@ Audit or apply the canonical model/effort frontmatter convention across every au
 The convention splits by surface:
-- **Skills do NOT pin `model:`.** A skill's inline turn runs inside the user's active session, so it must inherit the session model. Pinning a model (a) forces a model the user did not choose and (b) can carry the session's 1M `[1m]` context tier onto the skill, producing `API Error: Usage credits required for 1M context`. Skills set `effort:` only.
-- **Agents pin `model:` explicitly.** A spawned/forked subagent should not silently inherit the parent's model or context tier — every agent states its model so each subagent's cost/quality is auditable. Agents set both `model:` and `effort:`.
+- **Skills set `model: inherit` AND `effort:`.** The `model: inherit` value signals explicitly that the skill inherits the user's active session model — it is the standard value. A non-inherit model or an absent model field is a gap. A justified explicit pin (e.g. `model: sonnet`) is permitted when documented here as an exception.
+- **Agents pin `model:` explicitly.** A spawned/forked subagent must not silently inherit the parent's model or context tier — every agent states its model so each subagent's cost/quality is auditable. Agents set both `model:` and `effort:`. `model: inherit` is NOT permitted for agents.
 ## When to Use
@@ -23,33 +24,40 @@ The convention splits by surface:
 ## Decision Matrix
-### Skills — `effort:` only, never `model:`
+### Skills — `model: inherit` + `effort:`
-Omit `model:` entirely (inherit the session model). Set `effort:` per the skill's nature. Default `effort: xhigh`; tiers:
+Set `model: inherit` (the standard value) and `effort:` per the skill's nature. Default `effort: xhigh`; tiers:
-| effort   | use for                                                | examples                                                                                                                                                              |
-| -------- | ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `xhigh`  | deep authoring / planning / orchestration (most skills) | build-cc-*, checkpoint-check/end/plan, round-start/input/execute, task-create/start/complete/testing, standalone-task-*, frontend-*, ship, ship-configure, supabase-*, setup-e2e/eslint, session-end |
-| `high`   | summary / orchestration, lighter than xhigh            | checkpoint-create, checkpoint-start, checkpoint-update, round-end, task-check, standalone-task-check, ship-main, merge-main                                           |
-| `medium` | moderate, scoped sync work                             | refresh-infra                                                                                                                                                        |
-| `low`    | pure mechanical / dispatch / templated work            | checkpoint-complete, round-check, round-complete, round-update, todo, session-start, git-commit, git-branch-feat-create    |
+| effort   | use for                                                | examples                                                                                                                                                                    |
+| -------- | ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `xhigh`  | deep authoring / planning / orchestration (most skills) | build-cc-*, checkpoint-check/end/plan, finalize, frontend-design, map-architecture, round-build/plan, ship, standalone-task-complete, supabase-migrate, task-start, verify |
+| `high`   | lighter orchestration, review, setup, targeted flows   | checkpoint-create/start, frontend-ui/ux, merge-main, refresh-arch-map, session-end, setup-cd/ci/e2e/eslint, ship-configure/main, standalone-task-check/create/start/testing, stripe, supabase-branch-check/setup, task-create |
+| `medium` | moderate, scoped sync work                             | checkpoint-update, clear-prep, todo                                                                                                                                          |
+| `low`    | pure mechanical / dispatch / templated work            | checkpoint-complete, clear-continue, git-commit, git-branch-feat-create, round-complete, session-start                                                                      |
-A skill that carries a `model:` line is a **gap** — remove it unless a deliberate, documented exception is recorded here (currently none).
+A skill with an absent `model:` field or a non-`inherit` model value is a **gap** — add `model: inherit` or document the exception here before applying a different pin.
+> **Note on effort tiers**: `max` is the highest frontmatter effort tier. `ultracode` is a SESSION-ONLY runtime mode (`/effort ultracode`) — it is NOT a valid frontmatter value and `validate-skill.sh` rejects `effort: ultracode` with an explicit error.
 ### Agents — `model:` + `effort:`
-Default `model: sonnet` + `effort: xhigh`. Fifteen of the 17 authoring agents take the default (`cbp-cc-executor`, `cbp-database-agent`, `cbp-improve-claude`, `cbp-research`, `cbp-round-builder`, `cbp-security-agent`, `cbp-stripe-agent`, `cbp-verify-reviewer`, `cbp-round-planner`, `cbp-testing-qa-agent`, `cbp-e2e-playwright`, `cbp-e2e-maestro`, `cbp-e2e-tauri`, `cbp-e2e-vscode`, `cbp-e2e-xcuitest`). The other two are exceptions:
+Default `model: sonnet` + `effort: xhigh`. Ten of the 17 authoring agents take the default (`cbp-cc-executor`, `cbp-database-agent`, `cbp-improve-claude`, `cbp-research`, `cbp-round-builder`, `cbp-round-planner`, `cbp-security-agent`, `cbp-stripe-agent`, `cbp-testing-qa-agent`, `cbp-verify-reviewer`). The other seven are exceptions:
 | agent                | model  | effort | reason                                                                              |
 | -------------------- | ------ | ------ | ----------------------------------------------------------------------------------- |
 | cbp-mechanical-edits | haiku  | low    | Mechanical rename/substitution/frontmatter-edit subagent; no judgment, pure dispatch |
 | cbp-map-architecture | sonnet | high   | Read-only module analyzer; bounded structured-map generation, lighter than xhigh     |
+| cbp-e2e-maestro      | sonnet | high   | E2E specialist: bounded test-execution scope; sonnet+high calibrated in CHK-229      |
+| cbp-e2e-playwright   | sonnet | high   | E2E specialist: bounded test-execution scope; sonnet+high calibrated in CHK-229      |
+| cbp-e2e-tauri        | sonnet | high   | E2E specialist: bounded test-execution scope; sonnet+high calibrated in CHK-229      |
+| cbp-e2e-vscode       | sonnet | high   | E2E specialist: bounded test-execution scope; sonnet+high calibrated in CHK-229      |
+| cbp-e2e-xcuitest     | sonnet | high   | E2E specialist: bounded test-execution scope; sonnet+high calibrated in CHK-229      |
 `model: inherit` is NOT permitted for agents — pin an explicit alias (`sonnet` / `haiku`) or a full ID.
 ## Precedence Rule
-A skill's `effort:` applies to the inline-running turn (the orchestrator turn that invokes the skill); the skill runs on that turn's inherited model. An agent's `model:` / `effort:` apply to the spawned/forked subagent context. For `context: fork` skills, the agent named in `agent:` governs the forked subagent (per the official Claude Code spec) — so a forked skill's model comes from that agent, not from the skill.
+A skill's `effort:` applies to the inline-running turn (the orchestrator turn that invokes the skill); the skill runs on that turn's inherited model (declared via `model: inherit`). An agent's `model:` / `effort:` apply to the spawned/forked subagent context. For `context: fork` skills, the agent named in `agent:` governs the forked subagent (per the official Claude Code spec) — so a forked skill's model comes from that agent, not from the skill.
 ## Audit Mode
@@ -70,10 +78,10 @@ Invoked with a path argument (the target `SKILL.md` or agent `.md`). Procedure:
 1. Read the file. Identify the name from the `name:` frontmatter (or the path basename).
 2. Look up the target from the convention above.
 3. Use Edit to set the frontmatter to the target, preserving every other field and the entire body:
-   - **Skill**: REMOVE any `model:` line; set/keep a valid `effort:` (default `xhigh`).
+   - **Skill**: SET `model: inherit` if absent (or correct a non-inherit pin); set/keep a valid `effort:` (default `xhigh`).
    - **Agent**: set `model:` and `effort:` to the table values.
-4. If the name is NOT covered, surface via AskUserQuestion: current state, propose the default (skill → no `model:` + `xhigh`; agent → `sonnet` + `xhigh`), and ask whether to (a) record an exception entry here first, or (b) apply the default.
+4. If the name is NOT covered, surface via AskUserQuestion: current state, propose the default (skill → `model: inherit` + `xhigh`; agent → `sonnet` + `xhigh`), and ask whether to (a) record an exception entry here first, or (b) apply the default.
 ## Self-Conformance
-This skill is itself a skill: its frontmatter sets `effort: xhigh` and NO `model:`. The first audit run after editing this file MUST emit `ok` for `packages/codebyplan-package/templates/skills/cbp-build-cc-mode/SKILL.md` — if it doesn't, the convention is out of sync with reality and must be reconciled before any further apply.
+This skill is itself a skill: its frontmatter declares `model: inherit` + `effort: xhigh`. The first audit run after editing this file MUST emit `ok` for `packages/codebyplan-package/templates/skills/cbp-build-cc-mode/SKILL.md` — if it doesn't, the convention is out of sync with reality and must be reconciled before any further apply.

package/templates/skills/cbp-build-cc-rule/SKILL.md CHANGED Viewed

@@ -3,6 +3,7 @@ name: cbp-build-cc-rule
 description: Build a path-scoped rule file at .claude/rules/{name}.md following the official memory/rules spec (paths globs, always-loaded vs on-demand, symlinks) plus CBP conventions (scope field for structural classification — required only on user-created rules (validate-structure-scope.sh), narrow-paths discipline; hook warns at 100 lines, blocks at 200).
 argument-hint: '[name] [--scope=project|user] [--paths="glob,glob"]'
 allowed-tools: Read, Write, Edit, Glob, Grep
+model: inherit
 effort: xhigh
 ---

package/templates/skills/cbp-build-cc-settings/SKILL.md CHANGED Viewed

@@ -3,6 +3,7 @@ name: cbp-build-cc-settings
 description: Create or update Claude Code settings.json / settings.local.json / managed-settings.json following the official settings spec — scopes, permissions, hooks, sandbox, attribution, plugins, env vars, JSON schema validation.
 argument-hint: "[action] [--scope=user|project|local|managed]"
 allowed-tools: Read, Write, Edit, Glob, Grep, Bash(jq *)
+model: inherit
 effort: xhigh
 ---

package/templates/skills/cbp-build-cc-settings/reference/settings-fields.md CHANGED Viewed

@@ -54,7 +54,7 @@ Source: official Claude Code settings spec. Grouped by category. All fields are
 | `model` | Override default model |
 | `modelOverrides` | Map model IDs (e.g. Bedrock profile ARNs) |
 | `availableModels` | Restrict which models `/model` exposes |
-| `effortLevel` | Persist effort across sessions |
+| `effortLevel` | Persist effort across sessions. Valid values: `low \| medium \| high \| xhigh` only — `max` and `ultracode` are session-only and rejected here. See `rules/effort-and-ultracode.md`. |
 | `alwaysThinkingEnabled` | Extended thinking on by default |
 | `showThinkingSummaries` | Show thinking summaries |

package/templates/skills/cbp-build-cc-skill/SKILL.md CHANGED Viewed

@@ -3,6 +3,7 @@ name: cbp-build-cc-skill
 description: Build a Claude Code skill at .claude/skills/{name}/SKILL.md following the official skills spec — frontmatter, supporting files (templates, examples, reference, scripts), invocation control, argument substitution, dynamic context, fork-to-subagent, allowed-tools.
 argument-hint: "[skill-name] [--scope=project|user] [--fork] [--disable-model-invocation]"
 allowed-tools: Read, Write, Edit, Glob, Grep, Bash(mkdir *), Bash(chmod *)
+model: inherit
 effort: xhigh
 ---
@@ -97,7 +98,7 @@ Key fields by use case:
 | Hide from `/` menu                                   | `user-invocable: false`                                                                                                                                                                                                          |
 | Pre-approve tools                                    | `allowed-tools: Bash(git add *) Bash(git commit *)`                                                                                                                                                                              |
 | Accept arguments                                     | `argument-hint: [file] [mode]`, optionally `arguments: [file mode]` for named `$file`/`$mode`                                                                                                                                    |
-| Set effort (do NOT set model)                        | `effort: xhigh` — default for plugin skills; lower (`high`/`low`) per [/cbp-build-cc-mode](../build-cc-mode/SKILL.md). **Omit `model:`** so the skill inherits the active session model — pinning one forces a model the user didn't choose and can carry the session's 1M `[1m]` tier onto the skill (→ "usage credits required for 1M context"). Pin `model:` only as a deliberate, documented exception |
+| Set model + effort                                   | `model: inherit` (the standard value — explicitly signals session-model inheritance) and `effort: xhigh` (default for plugin skills; lower tiers `high`/`medium`/`low` per [/cbp-build-cc-mode](../build-cc-mode/SKILL.md)). A non-`inherit` model pin forces a model the user didn't choose and can carry the session's 1M `[1m]` tier onto the skill (→ "usage credits required for 1M context"), so pin only as a deliberate, documented exception |
 | Path-scoped auto-load                                | `paths: ["src/api/**/*.ts"]`                                                                                                                                                                                                     |
 | Fork to subagent                                     | `context: fork`, `agent: Explore`                                                                                                                                                                                                |

package/templates/skills/cbp-build-cc-skill/reference/frontmatter-fields.md CHANGED Viewed

@@ -12,7 +12,7 @@ Source: official Claude Code skills spec. All fields are optional; `description`
 | `disable-model-invocation` | `true` → only user can invoke (via `/name`). Upstream skills that auto-trigger this skill MUST emit a `Next: /name` directive instead — model invocation is blocked by the runtime; see SKILL.md Step 4 "Convention: User-only / permission-gated finalizer" |
 | `user-invocable` | `false` → hidden from `/` menu, Claude-only |
 | `allowed-tools` | Pre-approve tools while the skill is active |
-| `model` | Override model for this skill's turn. **CBP skills normally OMIT this** so the skill inherits the active session model. Pinning a model (e.g. `sonnet`) forces that model and can carry the session's 1M `[1m]` context tier onto the skill, triggering "usage credits required for 1M context". Set it only as a deliberate, documented exception — see [/cbp-build-cc-mode](../../build-cc-mode/SKILL.md) |
+| `model` | Model for this skill's turn. **CBP skills set `model: inherit`** (the standard value — explicitly signals session-model inheritance). A non-`inherit` pin (e.g. `sonnet`) forces that model and can carry the session's 1M `[1m]` context tier onto the skill, triggering "usage credits required for 1M context"; use only as a deliberate, documented exception — see [/cbp-build-cc-mode](../../build-cc-mode/SKILL.md) |
 | `effort` | Override effort level (`low`/`medium`/`high`/`xhigh`/`max`). **Plugin skills authored in CBP MUST set this explicitly** (no commented-out placeholder); defaults to `xhigh`. See [/cbp-build-cc-mode](../../build-cc-mode/SKILL.md) for the matrix |
 | `context` | `fork` → run in a subagent |
 | `agent` | Subagent type when `context: fork` — built-in or custom |

package/templates/skills/cbp-build-cc-skill/scripts/validate-skill.sh CHANGED Viewed

@@ -57,19 +57,22 @@ if grep -qE '^scope:\s*' <<< "$fm"; then
   fi
 fi
-# Model — skills MUST NOT pin a model. A skill's inline turn runs in the user's
-# active session, so it inherits the session model. Pinning one forces a model the
-# user didn't choose and can carry the session's 1M [1m] context tier onto the skill
-# ("API Error: Usage credits required for 1M context"). Agents pin model explicitly
-# (validate-agent.sh) — skills never do.
-if grep -qE '^model:' <<< "$fm"; then
-  model=$(grep -E '^model:' <<< "$fm" | head -1 | sed -E 's/^model:[[:space:]]*//; s/[[:space:]]*$//')
-  err "skills must NOT set 'model:' (found '$model') — skills inherit the session model; remove the line (see /cbp-build-cc-mode)"
+# Model — skills MUST declare 'model: inherit' to signal session-model inheritance
+# explicitly. Absent = warning (should be added); non-enum value = error.
+# Valid values: inherit | sonnet | opus | haiku | fable | opusplan | claude-<id> | <id>[1m]
+# Agents pin explicit model values (validate-agent.sh); skills use 'inherit'.
+model_val=$(grep -E '^model:' <<< "$fm" | head -1 | sed -E 's/^model:[[:space:]]*//; s/[[:space:]]*$//' || true)
+if [ -z "$model_val" ]; then
+  echo "  WARN: model: absent — add 'model: inherit' (skills must declare session-model inheritance)" >&2
+elif ! [[ "$model_val" =~ ^(inherit|sonnet|opus|haiku|fable|opusplan|claude-[a-z0-9][a-z0-9.-]*|.*\[1m\])$ ]]; then
+  err "model: invalid value '$model_val' (valid values: inherit | sonnet | opus | haiku | fable | opusplan | claude-<id> | <id>[1m])"
 fi
 # Effort (if present)
 effort=$(grep -E '^effort:' <<< "$fm" | head -1 | sed -E 's/^effort:[[:space:]]*//; s/[[:space:]]*$//; s/^"(.*)"$/\1/' || true)
-if [ -n "$effort" ] && [[ ! "$effort" =~ ^(low|medium|high|xhigh|max)$ ]]; then
+if [ "$effort" = "ultracode" ]; then
+  err "effort: ultracode is a session-only mode, not a frontmatter effort — use max + /effort ultracode"
+elif [ -n "$effort" ] && [[ ! "$effort" =~ ^(low|medium|high|xhigh|max)$ ]]; then
   err "effort invalid: '$effort'"
 fi

package/templates/skills/cbp-checkpoint-check/SKILL.md CHANGED Viewed

@@ -3,6 +3,7 @@ scope: org-shared
 name: cbp-checkpoint-check
 description: Full re-evaluation of a checkpoint with before/after comparison
 argument-hint: [CHK-NNN]
+model: inherit
 effort: xhigh
 ---
@@ -133,6 +134,10 @@ Aggregate the files touched across all tasks (reusing Step 4's deduplicated tabl
    See `cbp-verify` reference `findings-presentation.md` "Infra Issue Absorption Contract — Infra-Class Issue Catalog" row "Checkpoint-level e2e failure" for the routing rationale.
+#### Orchestration (optional)
+Step 5b's parallel whole-checkpoint `cbp-e2e-*` specialist dispatch MAY be authored as a `Workflow(...)` script instead of ad-hoc `Task`/`Agent` spawning — for deterministic fan-out across eligible frameworks and schema-validated aggregation. This is opt-in (ultracode session or explicit user request); the dispatch flow above stays the DEFAULT and is unchanged. See `rules/workflow-orchestration.md`.
 ### Step 6: User Discussion
 Present findings and discuss with user:

package/templates/skills/cbp-checkpoint-complete/SKILL.md CHANGED Viewed

@@ -2,6 +2,7 @@
 name: cbp-checkpoint-complete
 description: Complete a checkpoint after all tasks are done
 argument-hint: [checkpoint-number]
+model: inherit
 effort: low
 ---

package/templates/skills/cbp-checkpoint-create/SKILL.md CHANGED Viewed

@@ -2,6 +2,7 @@
 name: cbp-checkpoint-create
 description: Mechanical checkpoint creation — capture the user's description, infer title + goal, dedup against existing modules, create the checkpoint row + feat branch, then hand off to /cbp-checkpoint-plan for deep planning. Creates ZERO tasks.
 argument-hint: [checkpoint description]
+model: inherit
 effort: high
 ---

package/templates/skills/cbp-checkpoint-end/SKILL.md CHANGED Viewed

@@ -1,6 +1,7 @@
 ---
 name: cbp-checkpoint-end
 description: Single point for all shipment — branch promotion to main via /cbp-ship-main, runtime deploy via /cbp-ship, branch cleanup, summary. Standalone tasks bypass shipment entirely.
+model: inherit
 effort: xhigh
 ---
@@ -161,6 +162,10 @@ If `/cbp-ship` reports `aborted_at` (user aborted) or any surface failed verific
 If the repo has zero configured surfaces (very early-stage), `/cbp-ship` exits with `## No deployable surfaces configured` — that's a success state, continue to cleanup.
+#### Orchestration (optional)
+The multi-step shipment coordinated here (Step 5 `/cbp-ship-main` → Step 7 `/cbp-ship` → screenshot upload) MAY be expressed as a `Workflow(...)` pipeline instead of ad-hoc sequential invocation. This is opt-in (ultracode session or explicit user request); the sequential flow above stays the DEFAULT and is unchanged. See `rules/workflow-orchestration.md`.
 ### Step 7.5: Upload E2E Screenshots to DB (best-effort)
 After `/cbp-ship` completes successfully, upload the checkpoint's new/changed committed E2E screenshots to the CodeByPlan DB so they can be reviewed per-checkpoint in the web UI (CHK-171). This step is **best-effort and non-blocking** — a failure here MUST NOT halt shipment or cleanup.

package/templates/skills/cbp-checkpoint-plan/SKILL.md CHANGED Viewed

@@ -2,6 +2,7 @@
 name: cbp-checkpoint-plan
 description: Deep inline planning for a checkpoint — assess, gap-analyse, decide dependencies, compare alternatives, optionally e2e-probe a suspected-broken area, then create tasks as vertical slices. Runs after /cbp-checkpoint-create (mechanical) and before /cbp-checkpoint-start (activate + claim). Does NOT activate or claim.
 argument-hint: [checkpoint-number]
+model: inherit
 effort: xhigh
 ---
@@ -49,6 +50,10 @@ Iterate ALL `ideas[]` (not just the first). For each:
 Write each idea's analysis into `ideas[N].assessment` (Claude-authored; never touch `description`, which is the user's words).
+#### Orchestration (optional)
+Step 2's `cbp-research` and any e2e-probe subagent spawns MAY be authored as a `Workflow(...)` script instead of ad-hoc `Task` spawning — useful when multiple ideas each warrant an independent research/assessment pass. This is opt-in (ultracode session or explicit user request); the single-spawn flow above stays the DEFAULT and is unchanged. See `rules/workflow-orchestration.md`.
 ### Step 3: Gap Analysis
 Find what the raw request misses — this is the core anti-"half-ass" step. Load `reference/gap-analysis-playbook.md` and run its two passes:

package/templates/skills/cbp-checkpoint-start/SKILL.md CHANGED Viewed

@@ -2,6 +2,7 @@
 name: cbp-checkpoint-start
 description: Activate a planned checkpoint and claim it for the current user/worktree, then route into task work. Runs after /cbp-checkpoint-plan (which produces tasks but never activates). Refuses to start an unplanned checkpoint.
 argument-hint: [checkpoint-number]
+model: inherit
 effort: high
 ---

package/templates/skills/cbp-checkpoint-update/SKILL.md CHANGED Viewed

@@ -2,7 +2,8 @@
 name: cbp-checkpoint-update
 description: Update checkpoint state (activate, update context, etc.)
 argument-hint: [checkpoint-number]
-effort: high
+model: inherit
+effort: medium
 ---
 # Checkpoint Update Command

package/templates/skills/cbp-clear-continue/SKILL.md CHANGED Viewed

@@ -2,7 +2,8 @@
 scope: org-shared
 name: cbp-clear-continue
 description: Resume work after /clear by reading .codebyplan/clear/handoff.md and re-invoking the previously-blocked heavy skill. Reports a friendly error if no handoff file exists.
-effort: xhigh
+model: inherit
+effort: low
 ---
 # cbp-clear-continue

package/templates/skills/cbp-clear-prep/SKILL.md CHANGED Viewed

@@ -3,7 +3,8 @@ scope: org-shared
 name: cbp-clear-prep
 description: Capture a clear-context handoff when the context window is too large to run a heavy skill. Reads active task/round state, writes .codebyplan/clear/handoff.md, then instructs the user to run /clear and /cbp-clear-continue to resume.
 argument-hint: "[blocked-skill]"
-effort: xhigh
+model: inherit
+effort: medium
 ---
 # cbp-clear-prep

package/templates/skills/cbp-finalize/SKILL.md CHANGED Viewed

@@ -3,6 +3,7 @@ name: cbp-finalize
 description: Finalize and complete the current task — commit, merge main, push, complete
 argument-hint: [chk-task]
 triggers: [cbp-task-start, cbp-checkpoint-check]
+model: inherit
 effort: xhigh
 ---

package/templates/skills/cbp-frontend-design/SKILL.md CHANGED Viewed

@@ -1,6 +1,7 @@
 ---
 name: cbp-frontend-design
 description: Up-front design playbook loaded BEFORE writing UI / styling code. Detects the stack, loads the matching reference file, commits to an aesthetic direction, and prevents generic AI-slop output. Modelled on Anthropic's frontend-design skill, adapted for CBP repos with existing design systems.
+model: inherit
 effort: xhigh
 ---

package/templates/skills/cbp-frontend-ui/SKILL.md CHANGED Viewed

@@ -1,7 +1,8 @@
 ---
 name: cbp-frontend-ui
 description: Visual quality self-review pass invoked twice per round — once by round-executor Step 3.8 (phase 'style_only', no screenshots) for token/spacing/typography/color/cohesion, once by /cbp-round-build Step 5b (phase 'screenshot_review', with e2e screenshots) for rendered-output review and baseline regressions. Default phase 'full' runs everything for back-compat.
-effort: xhigh
+model: inherit
+effort: high
 ---
 # Frontend UI (Post-Implementation Visual Self-Review)

package/templates/skills/cbp-frontend-ux/SKILL.md CHANGED Viewed

@@ -1,7 +1,8 @@
 ---
 name: cbp-frontend-ux
 description: Interaction-quality self-review pass loaded by round-executor AFTER UI code is written. Catches navigation flow issues, missing feedback states, cognitive-load problems, form usability gaps, and accessibility violations. Auto-applies in-scope mechanical UX fixes within the round's files_changed. Replaces the post-implementation ux-agent spawn with an inline skill invocation.
-effort: xhigh
+model: inherit
+effort: high
 ---
 # Frontend UX (Post-Implementation Interaction Self-Review)

package/templates/skills/cbp-git-branch-feat-create/SKILL.md CHANGED Viewed

@@ -2,6 +2,7 @@
 name: cbp-git-branch-feat-create
 description: Create feature branch from the production branch (main, config-driven)
 argument-hint: "[name] e.g. add-user-auth"
+model: inherit
 effort: low
 ---

package/templates/skills/cbp-git-commit/SKILL.md CHANGED Viewed

@@ -2,6 +2,7 @@
 name: cbp-git-commit
 description: Create scoped commit with conventional format
 argument-hint: "[--task|--all] [type]: [description]"
+model: inherit
 effort: low
 ---

package/templates/skills/cbp-map-architecture/SKILL.md CHANGED Viewed

@@ -1,5 +1,6 @@
 ---
 name: cbp-map-architecture
+model: inherit
 effort: xhigh
 description: Orchestrate architecture map generation for one or all modules. Spawns the cbp-map-architecture agent per module, writes per-module .md files to .claude/architecture/, regenerates INDEX.md and graph.md, and stamps each module via the CLI. Idempotent — safe to re-run.
 argument-hint: '[--module <path>] [--deep <path,...>]'
@@ -66,6 +67,10 @@ For each module in `targets[]`:
 Modules may be spawned concurrently (parallel Task calls) when there are multiple targets
 with no inter-module dependency. The agent is read-only and safe to parallelize.
+#### Orchestration (optional)
+Step B's per-module `cbp-map-architecture` fan-out MAY be authored as a `Workflow(...)` script instead of ad-hoc parallel `Task` calls — for deterministic per-module fan-out and schema-validated map outputs. This is opt-in (ultracode session or explicit user request); the parallel `Task` flow above stays the DEFAULT and is unchanged. See `rules/workflow-orchestration.md`.
 ### Step C: Regenerate INDEX.md and graph.md
 After all per-module map files are written:

package/templates/skills/cbp-merge-main/SKILL.md CHANGED Viewed

@@ -1,6 +1,7 @@
 ---
 name: cbp-merge-main
 description: Merge main into the current feat branch with interactive per-conflict resolution and inline QA re-run
+model: inherit
 effort: high
 ---

package/templates/skills/cbp-refresh-arch-map/SKILL.md CHANGED Viewed

@@ -1,5 +1,6 @@
 ---
 name: cbp-refresh-arch-map
+model: inherit
 effort: high
 description: Drift-scoped refresh of the .claude/architecture/ map — re-runs the cbp-map-architecture agent for ONLY the modules whose stamped git SHA has changed, regenerates INDEX.md + graph.md, and re-stamps. Idempotent; no-op when no module has drifted.
 argument-hint: '[--module <path>]'

package/templates/skills/cbp-round-build/SKILL.md CHANGED Viewed

@@ -2,6 +2,7 @@
 name: cbp-round-build
 description: Execute the approved plan from /cbp-round-plan — runs per-wave builders, inline testing-qa per wave, and auto-triggers /cbp-verify
 triggers: [cbp-verify]
+model: inherit
 effort: xhigh
 ---
@@ -197,6 +198,10 @@ Input contracts: `cbp-testing-qa-agent` receives `executor_output`, `testing_pro
 **Independence**: neither agent reads the other's output. Baseline-regression findings surface as a BLOCKING gate at `/cbp-verify` (an explicit accept-or-fix user decision; baselines are NEVER auto-accepted). Per-wave spawns MAY run in parallel with the next wave's builder when dependency order allows. The `cbp-e2e-*` specialists are parallel siblings of `cbp-testing-qa-agent` — they do not share state.
+#### Orchestration (optional)
+Under heavy fan-out, Step 5's per-wave builders and their parallel `cbp-testing-qa-agent` + `cbp-e2e-*` siblings MAY be authored as a `Workflow(...)` script instead of ad-hoc `Task`/`Agent` spawning — for deterministic fan-out, wave barriers, and schema-validated outputs. This is opt-in (ultracode session or explicit user request); the spawn flow above stays the DEFAULT and is unchanged. See `rules/workflow-orchestration.md`.
 ### Step 5b: Post-E2E Screenshot Review (cbp-frontend-ui Phase 6.5)
 Aggregate screenshots across ALL specialists that ran: `screenshots = Object.values(round.context.e2e_outputs ?? {}).flatMap(o => o.screenshots ?? [])`. When the aggregated list is non-empty, invoke the `cbp-frontend-ui` skill with `phase: 'screenshot_review'` (input: `files_changed`, `e2e_screenshots: <aggregated screenshots>`, `context: { checkpoint_goal, round_requirements }`). Under this phase the skill runs only Phase 6.5 (Rendered-Output Visual Review) + 7 + 8 — Phases 1-6 (style) already ran inline at builder Step 3.8 with `phase: 'style_only'`.

package/templates/skills/cbp-round-complete/SKILL.md CHANGED Viewed

@@ -4,6 +4,7 @@ description: Reconcile user git-add approvals and complete the round (the ask-ti
 argument-hint: [chk-task-round | task-round]
 disable-model-invocation: true
 triggers: [cbp-round-plan]
+model: inherit
 effort: low
 ---

package/templates/skills/cbp-round-plan/SKILL.md CHANGED Viewed

@@ -3,6 +3,7 @@ name: cbp-round-plan
 description: Plan a round — round-1 planning AND round-2+ deep-analysis of unapproved work, then spawn cbp-round-planner and auto-trigger /cbp-round-build
 triggers: [cbp-round-build]
 argument-hint: [chk-task-round | task-round | requirements-text]  # e.g. `108-1-2`, `45-2`, or free-text
+model: inherit
 effort: xhigh
 ---
@@ -260,6 +261,10 @@ input:
 Wait for planner output. **If the spawn fails, STOP per "Planner Spawn Failure Is A Gate Failure" above** — do not self-certify a plan inline.
+#### Orchestration (optional)
+When a plan warrants independent perspectives, Step 7's `cbp-round-planner` spawn MAY be expressed as a `Workflow(...)` script — e.g. a judge-panel of independent plans, scored and synthesized — instead of a single ad-hoc spawn. This is opt-in (ultracode session or explicit user request); the single-spawn flow above stays the DEFAULT and is unchanged. See `rules/workflow-orchestration.md`.
 ### Step 8: Present Plan
 Present the plan to user:

package/templates/skills/cbp-session-end/SKILL.md CHANGED Viewed

@@ -1,7 +1,8 @@
 ---
 name: cbp-session-end
 description: End a development session
-effort: xhigh
+model: inherit
+effort: high
 ---
 # Session End Command

package/templates/skills/cbp-session-start/SKILL.md CHANGED Viewed

@@ -2,6 +2,7 @@
 name: cbp-session-start
 description: Start a development session
 triggers: [cbp-todo]
+model: inherit
 effort: low
 ---

package/templates/skills/cbp-setup-cd/SKILL.md CHANGED Viewed

@@ -3,7 +3,8 @@ scope: org-shared
 name: cbp-setup-cd
 description: Detect configured CD surfaces, write/update .codebyplan/cd.json via `codebyplan cd init`, scaffold publish.yml and release-desktop.yml GitHub Actions workflows, and walk through environment/approval/OIDC setup. Interactive, idempotent.
 argument-hint: "[--force]"
-effort: xhigh
+model: inherit
+effort: high
 allowed-tools: Read, Write, Edit, Bash(cat *), Bash(jq *), Bash(test *), Bash(ls *), Bash(diff *), Bash(codebyplan cd *), Bash(npx codebyplan cd *), AskUserQuestion
 ---

package/templates/skills/cbp-setup-ci/SKILL.md CHANGED Viewed

@@ -3,7 +3,8 @@ scope: org-shared
 name: cbp-setup-ci
 description: Detect CI platforms, write/update .codebyplan/ci.json, scaffold the GitHub Actions CI workflow, and enforce the required CI status check on the main branch. Interactive, idempotent.
 argument-hint: "[--force]"
-effort: xhigh
+model: inherit
+effort: high
 allowed-tools: Read, Write, Edit, Bash(cat *), Bash(jq *), Bash(test *), Bash(ls *), Bash(codebyplan ci *), Bash(npx codebyplan ci *), Bash(gh api *), Bash(gh auth *), AskUserQuestion
 ---

package/templates/skills/cbp-setup-e2e/SKILL.md CHANGED Viewed

@@ -2,7 +2,8 @@
 name: cbp-setup-e2e
 description: Detect installed E2E frameworks, ask which to enable, record credentials source (gitignored env-file path + var names only, never secrets), and write/refresh .codebyplan/e2e.json. Interactive, idempotent.
 argument-hint: "[--force]"
-effort: xhigh
+model: inherit
+effort: high
 allowed-tools: Read, Write, Edit, Bash(cat *), Bash(jq *), Bash(which *), Bash(test *), Bash(mkdir *), Bash(cp *), Bash(echo *), Bash(date *), Bash(mv *), Bash(git check-ignore *), AskUserQuestion, mcp__codebyplan__get_repos
 ---

package/templates/skills/cbp-setup-eslint/SKILL.md CHANGED Viewed

@@ -2,7 +2,8 @@
 name: cbp-setup-eslint
 description: Detect each app's tech stack, resolve matching DB ESLint presets, confirm which to enable per app, run `codebyplan eslint init` to generate eslint.config.mjs, and write/refresh .codebyplan/eslint.json. Interactive, idempotent.
 argument-hint: "[--force]"
-effort: xhigh
+model: inherit
+effort: high
 allowed-tools: Read, Write, Edit, Bash(cat *), Bash(jq *), Bash(test *), Bash(ls *), Bash(mkdir *), Bash(cp *), Bash(echo *), Bash(mv *), Bash(npx codebyplan eslint *), AskUserQuestion, mcp__codebyplan__get_repos, mcp__codebyplan__get_eslint_presets
 ---

package/templates/skills/cbp-ship/SKILL.md CHANGED Viewed

@@ -1,6 +1,7 @@
 ---
 name: cbp-ship
 description: Orchestrate runtime deployment for a checkpoint — Vercel web, EAS mobile (Expo Go dev build / TestFlight preview), Tauri desktop, npm package publish, VS Code extension, Railway backend, Supabase migrations. Detects configured surfaces, walks the user through what to deploy, executes per-surface deploy steps, verifies each landed.
+model: inherit
 effort: xhigh
 ---
@@ -202,6 +203,10 @@ If a surface fails:
 EXCEPTION: `supabase` migration push failure halts the rest. Schema mismatch downstream is worse than partial shipment.
+#### Orchestration (optional)
+Step 5's per-surface deploys — the independent tails after the mandatory `supabase`-first step — MAY be authored as a `Workflow(...)` script for deterministic parallel fan-out instead of ad-hoc sequencing. This is opt-in (ultracode session or explicit user request); the sequential flow above (including the `supabase`-first ordering) stays the DEFAULT and is unchanged. See `rules/workflow-orchestration.md`.
 ### Step 6 — Verify each surface landed
 After each surface deploys, run its verification:

package/templates/skills/cbp-ship-configure/SKILL.md CHANGED Viewed

@@ -3,7 +3,8 @@ name: cbp-ship-configure
 description: Configure shipment for one or more surfaces in the current repo — Vercel link, EAS project + eas.json scaffold, Apple credentials probe, npm publish auth check (including `codebyplan` asset-publish automation via the publish-on-main workflow), Railway project link, Supabase access token verify; Supabase GitHub branching integration via /cbp-supabase-setup. Interactive step-by-step; never stores credentials in the repo.
 argument-hint: [--surface=<id>]
 allowed-tools: Read, Write, Edit, Bash(which *), Bash(vercel *), Bash(eas *), Bash(npm *), Bash(railway *), Bash(jq *), Bash(mkdir *), Bash(cp *), Bash(echo *), Skill(cbp-supabase-setup)
-effort: xhigh
+model: inherit
+effort: high
 ---
 # Ship Configure Command

package/templates/skills/cbp-ship-main/SKILL.md CHANGED Viewed

@@ -1,6 +1,7 @@
 ---
 name: cbp-ship-main
 description: Ship feat branch to production branch via PR — thin wrapper around `codebyplan ship`
+model: inherit
 effort: high
 ---

package/templates/skills/cbp-standalone-task-check/SKILL.md CHANGED Viewed

@@ -4,6 +4,7 @@ name: cbp-standalone-task-check
 description: AI production review for the current standalone task
 argument-hint: [task]  # e.g. `45` (standalone TASK-45)
 triggers: [cbp-standalone-task-testing]
+model: inherit
 effort: high
 ---

package/templates/skills/cbp-standalone-task-complete/SKILL.md CHANGED Viewed

@@ -3,6 +3,7 @@ scope: repo-only:codebyplan
 name: cbp-standalone-task-complete
 description: Complete a standalone task — ship feat branch to production via PR and mark done
 argument-hint: [task]  # e.g. `45` (standalone TASK-45)
+model: inherit
 effort: xhigh
 ---

package/templates/skills/cbp-standalone-task-create/SKILL.md CHANGED Viewed

@@ -2,7 +2,8 @@
 scope: repo-only:codebyplan
 name: cbp-standalone-task-create
 description: Creates a standalone task (not checkpoint-bound) via create_standalone_task MCP tool
-effort: xhigh
+model: inherit
+effort: high
 ---
 # Standalone Task Create Command

package/templates/skills/cbp-standalone-task-start/SKILL.md CHANGED Viewed

@@ -3,7 +3,8 @@ scope: repo-only:codebyplan
 name: cbp-standalone-task-start
 description: Start a standalone task, load context from DB
 argument-hint: [task]  # e.g. `45` (standalone TASK-45)
-effort: xhigh
+model: inherit
+effort: high
 ---
 # Standalone Task Start Command

package/templates/skills/cbp-standalone-task-testing/SKILL.md CHANGED Viewed

@@ -4,7 +4,8 @@ name: cbp-standalone-task-testing
 description: Run comprehensive task-level testing after /cbp-standalone-task-check passes
 argument-hint: [task]  # e.g. `45` (standalone TASK-45)
 triggers: [cbp-standalone-task-complete]
-effort: xhigh
+model: inherit
+effort: high
 ---
 # Standalone Task Testing Command

package/templates/skills/cbp-stripe/SKILL.md CHANGED Viewed

@@ -2,7 +2,8 @@
 scope: org-shared
 name: cbp-stripe
 description: "Stripe integration guidance — load when implementing or reviewing payments, Checkout, subscriptions/billing, webhooks, Connect, Tax, or Treasury. Encodes the API-selection routing table, the no-payment_method_types rule, restricted-key security, and Stripe SDK conventions."
-effort: xhigh
+model: inherit
+effort: high
 ---
 # Stripe Integration (CBP)

package/templates/skills/cbp-supabase-branch-check/SKILL.md CHANGED Viewed

@@ -3,7 +3,8 @@ name: cbp-supabase-branch-check
 description: Gate skill called by /cbp-ship-main (pre-merge) to verify the Supabase preview branch health check is green before allowing a PR to be merged; skips when no DB-path changes are detected.
 argument-hint: "[--mode pre_pr_create|pre_merge] [--target integration|production]"
 allowed-tools: Bash(git *), Bash(gh *), Bash(jq *), Bash(supabase *), Bash(sleep *), Bash(echo *), Read, mcp__supabase__list_branches, mcp__supabase__get_logs
-effort: xhigh
+model: inherit
+effort: high
 ---
 # Supabase Branch Check

package/templates/skills/cbp-supabase-migrate/SKILL.md CHANGED Viewed

@@ -3,6 +3,7 @@ name: cbp-supabase-migrate
 description: Scaffold or adopt a Supabase migration for the current PR branch, apply to the branch's preview DB, run advisor checks, regenerate TypeScript types. Includes a fresh-branch dry-run pre-flight that uses one persistent dry-run ephemeral branch per feature branch.
 argument-hint: "[--new <name> | <path-to-sql>]"
 allowed-tools: Read, Edit, Write, Bash(codebyplan supabase *), Bash(npx codebyplan supabase *), Bash(npx codebyplan checkpoint update *), Bash(npx codebyplan task update *), Bash(git *), Bash(supabase *), Bash(jq *), Bash(date *), Bash(which *), Bash(cp *), Bash(mv *), Bash(test *), Bash(ls *), mcp__supabase__apply_migration, mcp__supabase__list_migrations, mcp__supabase__get_advisors, mcp__supabase__generate_typescript_types, mcp__supabase__reset_branch, mcp__supabase__list_branches, mcp__supabase__create_branch, mcp__supabase__get_cost, mcp__supabase__confirm_cost, mcp__codebyplan__update_checkpoint, mcp__codebyplan__update_task
+model: inherit
 effort: xhigh
 ---

package/templates/skills/cbp-supabase-setup/SKILL.md CHANGED Viewed

@@ -3,7 +3,8 @@ name: cbp-supabase-setup
 description: Enable Supabase GitHub branching integration — GitHub app authorization, required-status-check enforcement on main + integration branch, persistent branch creation, and idempotency marker in .codebyplan/shipment.json.
 argument-hint: "[--force]"
 allowed-tools: Read, Edit, Bash(supabase *), Bash(jq *), Bash(mv *), Bash(date *), Bash(test *), Bash(which *)
-effort: xhigh
+model: inherit
+effort: high
 ---
 # Supabase Branching Setup

package/templates/skills/cbp-task-create/SKILL.md CHANGED Viewed

@@ -1,7 +1,8 @@
 ---
 name: cbp-task-create
 description: Create a new task within the active checkpoint
-effort: xhigh
+model: inherit
+effort: high
 ---
 # Task Create Command

package/templates/skills/cbp-task-start/SKILL.md CHANGED Viewed

@@ -3,6 +3,7 @@ name: cbp-task-start
 description: Start a task, load context from DB
 triggers: [cbp-round-plan]
 argument-hint: [chk-task]  # e.g. `108-1` (CHK-108 TASK-1)
+model: inherit
 effort: xhigh
 ---

package/templates/skills/cbp-todo/SKILL.md CHANGED Viewed

@@ -1,7 +1,8 @@
 ---
 name: cbp-todo
 description: Entry point - what to work on next
-effort: low
+model: inherit
+effort: medium
 ---
 # Todo Command

package/templates/skills/cbp-verify/SKILL.md CHANGED Viewed

@@ -3,6 +3,7 @@ name: cbp-verify
 description: Unified verify stage — deterministic gates, real-execution proof, and a fresh-context diff review at round or task scope. Auto-triggered by cbp-round-build; escalates to task scope on the last clean round.
 argument-hint: [chk-task[-round] | task[-round]]
 triggers: [cbp-round-plan, cbp-round-complete, cbp-finalize]
+model: inherit
 effort: xhigh
 ---
@@ -98,6 +99,10 @@ Triage the returned findings: in-scope mechanical fixes the orchestrator applies
 (`Edit`/`Write`); blocking out-of-scope findings → `/cbp-round-plan` fix round. A baseline
 regression is a **blocking user-accept gate** — never auto-accepted.
+#### Orchestration (optional)
+When a finding warrants adversarial confirmation, Phase 4's `cbp-verify-reviewer` spawn MAY be expressed as a `Workflow(...)` script — e.g. N independent multi-vote reviewers — instead of a single ad-hoc spawn. This is opt-in (ultracode session or explicit user request); the single-spawn flow above stays the DEFAULT and is unchanged. See `rules/workflow-orchestration.md`.
 ### PHASE 5 — VERDICT + ROUTE (single directive, never an A/B/C menu)
 Combine Phase 2 + 3 + 4. Route on one directive (`feedback-close-out-routing.md`):

package/templates/skills/supabase/SKILL.md CHANGED Viewed

@@ -1,6 +1,8 @@
 ---
 name: supabase
 description: "Use when doing ANY task involving Supabase. Triggers: Supabase products (Database, Auth, Edge Functions, Realtime, Storage, Vectors, Cron, Queues); client libraries and SSR integrations (supabase-js, @supabase/ssr) in Next.js, React, SvelteKit, Astro, Remix; auth issues (login, logout, sessions, JWT, cookies, getSession, getUser, getClaims, RLS); Supabase CLI or MCP server; schema changes, migrations, security audits, Postgres extensions (pg_graphql, pg_cron, pg_vector)."
+model: inherit
+effort: medium
 metadata:
   author: supabase
   version: "0.1.2"

package/templates/skills/supabase-postgres-best-practices/SKILL.md CHANGED Viewed

@@ -2,6 +2,8 @@
 name: supabase-postgres-best-practices
 description: Postgres performance optimization and best practices from Supabase. Use this skill when writing, reviewing, or optimizing Postgres queries, schema designs, or database configurations.
 license: MIT
+model: inherit
+effort: low
 metadata:
   author: supabase
   version: "1.1.1"