codebyplan 1.13.61 → 1.13.63

package/templates/skills/cbp-clear-continue/SKILL.md

@@ -2,7 +2,8 @@
 scope: org-shared
 name: cbp-clear-continue
 description: Resume work after /clear by reading .codebyplan/clear/handoff.md and re-invoking the previously-blocked heavy skill. Reports a friendly error if no handoff file exists.
-effort: xhigh
+model: inherit
+effort: low
 ---
 
 # cbp-clear-continue

package/templates/skills/cbp-clear-prep/SKILL.md

@@ -3,7 +3,8 @@ scope: org-shared
 name: cbp-clear-prep
 description: Capture a clear-context handoff when the context window is too large to run a heavy skill. Reads active task/round state, writes .codebyplan/clear/handoff.md, then instructs the user to run /clear and /cbp-clear-continue to resume.
 argument-hint: "[blocked-skill]"
-effort: xhigh
+model: inherit
+effort: medium
 ---
 
 # cbp-clear-prep

package/templates/skills/cbp-finalize/SKILL.md

@@ -3,6 +3,7 @@ name: cbp-finalize
 description: Finalize and complete the current task — commit, merge main, push, complete
 argument-hint: [chk-task]
 triggers: [cbp-task-start, cbp-checkpoint-check]
+model: inherit
 effort: xhigh
 ---
 
@@ -132,7 +133,7 @@ Skip the push only when nothing was committed in Step 5 AND `/cbp-merge-main` re
 
 ### Step 7: Complete Task
 
-MCP `complete_task(task_id)` — kept on MCP because the CLI `codebyplan task complete` sends an empty POST body and cannot forward `caller_worktree_id`, which the server uses to enforce the mutate-lock. `caller_worktree_id` is auto-injected by the `cbp-mcp-caller-worktree-inject.sh` PreToolUse hook (CHK-198 TASK-2); the server falls back to the repo `main` worktree only when it is absent, then enforces the mutate-lock. The server auto-clears `assigned_user_id` + `assigned_worktree_id` on the task; if this was the last sibling task, it also clears the parent checkpoint's assignment. (Per CHK-104 hard-lock.)
+MCP `complete_task(task_id)`. The server keys on the JWT user (`ctx.userId`) — no worktree param is needed. The server auto-clears `assigned_user_id` on the task; if this was the last sibling task, it also clears the parent checkpoint's assignment.
 
 ### Step 8: Run Cleanup + Migration (inline)
 
@@ -189,7 +190,7 @@ direct you to run `/cbp-clear-prep` first; otherwise checkpoint-check starts on
 - **Triggered by**: `/cbp-verify` (auto, scope=task, when it writes `verify_verdict.verdict === 'READY'`)
 - **Chain**: `/cbp-verify` (scope=task READY) → `/cbp-finalize`
 - **Reads**: `.codebyplan/state/checkpoints/*.json`, `checkpoints/<id>/tasks/*.json`, `checkpoints/<id>/tasks/<id>/rounds/*.json`, `todos.json` (local-first; `npx codebyplan sync` on miss; MCP `get_current_task`/`get_rounds`/`get_tasks` break-glass) — including each round's `verify_manifest` and `task.context.verify_verdict`
-- **Writes**: `codebyplan task update` for `files_changed` (CLI write-through; MCP `update_task` break-glass); MCP `complete_task` for task completion (kept MCP — CLI cannot forward `caller_worktree_id`)
+- **Writes**: `codebyplan task update` for `files_changed` (CLI write-through; MCP `update_task` break-glass); MCP `complete_task` for task completion
 - **Uses skills (inline, no sub-agent)**: `cleanup` (if deletions), `migration` (if exports renamed)
 - **Triggers**: Same-context transitions auto-trigger via the Skill tool (next task in checkpoint → `cbp-task-start {N}`, `allow`-tier, fires silently). Checkpoint-done → auto-triggers `cbp-checkpoint-check` via Skill tool (`ask`-tier, permission prompt IS the human gate). No-task-anywhere fallback → directive `Next: Run /clear, then /cbp-session-end.`
 - **Checkpoint-bound only** — for standalone tasks use `/cbp-standalone-task-complete`

package/templates/skills/cbp-frontend-design/SKILL.md

@@ -1,6 +1,7 @@
 ---
 name: cbp-frontend-design
 description: Up-front design playbook loaded BEFORE writing UI / styling code. Detects the stack, loads the matching reference file, commits to an aesthetic direction, and prevents generic AI-slop output. Modelled on Anthropic's frontend-design skill, adapted for CBP repos with existing design systems.
+model: inherit
 effort: xhigh
 ---
 

package/templates/skills/cbp-frontend-ui/SKILL.md

@@ -1,7 +1,8 @@
 ---
 name: cbp-frontend-ui
 description: Visual quality self-review pass invoked twice per round — once by round-executor Step 3.8 (phase 'style_only', no screenshots) for token/spacing/typography/color/cohesion, once by /cbp-round-build Step 5b (phase 'screenshot_review', with e2e screenshots) for rendered-output review and baseline regressions. Default phase 'full' runs everything for back-compat.
-effort: xhigh
+model: inherit
+effort: high
 ---
 
 # Frontend UI (Post-Implementation Visual Self-Review)

package/templates/skills/cbp-frontend-ux/SKILL.md

@@ -1,7 +1,8 @@
 ---
 name: cbp-frontend-ux
 description: Interaction-quality self-review pass loaded by round-executor AFTER UI code is written. Catches navigation flow issues, missing feedback states, cognitive-load problems, form usability gaps, and accessibility violations. Auto-applies in-scope mechanical UX fixes within the round's files_changed. Replaces the post-implementation ux-agent spawn with an inline skill invocation.
-effort: xhigh
+model: inherit
+effort: high
 ---
 
 # Frontend UX (Post-Implementation Interaction Self-Review)

package/templates/skills/cbp-git-branch-feat-create/SKILL.md

@@ -2,6 +2,7 @@
 name: cbp-git-branch-feat-create
 description: Create feature branch from the production branch (main, config-driven)
 argument-hint: "[name] e.g. add-user-auth"
+model: inherit
 effort: low
 ---
 

package/templates/skills/cbp-git-commit/SKILL.md

@@ -2,6 +2,7 @@
 name: cbp-git-commit
 description: Create scoped commit with conventional format
 argument-hint: "[--task|--all] [type]: [description]"
+model: inherit
 effort: low
 ---
 

package/templates/skills/cbp-map-architecture/SKILL.md

@@ -1,5 +1,6 @@
 ---
 name: cbp-map-architecture
+model: inherit
 effort: xhigh
 description: Orchestrate architecture map generation for one or all modules. Spawns the cbp-map-architecture agent per module, writes per-module .md files to .claude/architecture/, regenerates INDEX.md and graph.md, and stamps each module via the CLI. Idempotent — safe to re-run.
 argument-hint: '[--module <path>] [--deep <path,...>]'
@@ -66,6 +67,10 @@ For each module in `targets[]`:
 Modules may be spawned concurrently (parallel Task calls) when there are multiple targets
 with no inter-module dependency. The agent is read-only and safe to parallelize.
 
+#### Orchestration (optional)
+
+Step B's per-module `cbp-map-architecture` fan-out MAY be authored as a `Workflow(...)` script instead of ad-hoc parallel `Task` calls — for deterministic per-module fan-out and schema-validated map outputs. This is opt-in (ultracode session or explicit user request); the parallel `Task` flow above stays the DEFAULT and is unchanged. See `rules/workflow-orchestration.md`.
+
 ### Step C: Regenerate INDEX.md and graph.md
 
 After all per-module map files are written:

package/templates/skills/cbp-merge-main/SKILL.md

@@ -1,6 +1,7 @@
 ---
 name: cbp-merge-main
 description: Merge main into the current feat branch with interactive per-conflict resolution and inline QA re-run
+model: inherit
 effort: high
 ---
 

package/templates/skills/cbp-refresh-arch-map/SKILL.md

@@ -1,5 +1,6 @@
 ---
 name: cbp-refresh-arch-map
+model: inherit
 effort: high
 description: Drift-scoped refresh of the .claude/architecture/ map — re-runs the cbp-map-architecture agent for ONLY the modules whose stamped git SHA has changed, regenerates INDEX.md + graph.md, and re-stamps. Idempotent; no-op when no module has drifted.
 argument-hint: '[--module <path>]'

package/templates/skills/cbp-round-build/SKILL.md

@@ -2,6 +2,7 @@
 name: cbp-round-build
 description: Execute the approved plan from /cbp-round-plan — runs per-wave builders, inline testing-qa per wave, and auto-triggers /cbp-verify
 triggers: [cbp-verify]
+model: inherit
 effort: xhigh
 ---
 
@@ -197,6 +198,10 @@ Input contracts: `cbp-testing-qa-agent` receives `executor_output`, `testing_pro
 
 **Independence**: neither agent reads the other's output. Baseline-regression findings surface as a BLOCKING gate at `/cbp-verify` (an explicit accept-or-fix user decision; baselines are NEVER auto-accepted). Per-wave spawns MAY run in parallel with the next wave's builder when dependency order allows. The `cbp-e2e-*` specialists are parallel siblings of `cbp-testing-qa-agent` — they do not share state.
 
+#### Orchestration (optional)
+
+Under heavy fan-out, Step 5's per-wave builders and their parallel `cbp-testing-qa-agent` + `cbp-e2e-*` siblings MAY be authored as a `Workflow(...)` script instead of ad-hoc `Task`/`Agent` spawning — for deterministic fan-out, wave barriers, and schema-validated outputs. This is opt-in (ultracode session or explicit user request); the spawn flow above stays the DEFAULT and is unchanged. See `rules/workflow-orchestration.md`.
+
 ### Step 5b: Post-E2E Screenshot Review (cbp-frontend-ui Phase 6.5)
 
 Aggregate screenshots across ALL specialists that ran: `screenshots = Object.values(round.context.e2e_outputs ?? {}).flatMap(o => o.screenshots ?? [])`. When the aggregated list is non-empty, invoke the `cbp-frontend-ui` skill with `phase: 'screenshot_review'` (input: `files_changed`, `e2e_screenshots: <aggregated screenshots>`, `context: { checkpoint_goal, round_requirements }`). Under this phase the skill runs only Phase 6.5 (Rendered-Output Visual Review) + 7 + 8 — Phases 1-6 (style) already ran inline at builder Step 3.8 with `phase: 'style_only'`.

package/templates/skills/cbp-round-complete/SKILL.md

@@ -4,6 +4,7 @@ description: Reconcile user git-add approvals and complete the round (the ask-ti
 argument-hint: [chk-task-round | task-round]
 disable-model-invocation: true
 triggers: [cbp-round-plan]
+model: inherit
 effort: low
 ---
 
@@ -24,7 +25,7 @@ Set `KIND` for the rest of this skill. MCP tool names vary by KIND:
 | Get task | local state (break-glass: `get_current_task`) | `get_current_standalone_task(repo_id)` |
 | Get rounds | local state (break-glass: `get_rounds`) | `get_standalone_rounds(standalone_task_id)` |
 | Update round | `update_round(round_id, ...)` | `update_standalone_round(standalone_round_id, ...)` |
-| Complete round | `complete_round(round_id, duration_minutes?)` | `complete_standalone_round(standalone_round_id, duration_minutes?, caller_worktree_id)` ⚠️ `caller_worktree_id` is REQUIRED for standalone |
+| Complete round | `complete_round(round_id, duration_minutes?)` | `complete_standalone_round(standalone_round_id, duration_minutes?)` |
 
 # Round Complete Command
 
@@ -83,20 +84,7 @@ Reconcile which files the user has approved by staging them. Run:
 npx codebyplan round sync-approvals --round-id <round_id> --task-id <task_id>
 ```
 
-The CLI auto-resolves the caller worktree id with the following precedence:
-1. `--caller-worktree-id <uuid>` override (if passed — skips all resolution)
-2. Per-device branch-keyed cache (`.codebyplan/worktree.local.json`)
-3. In-process tuple API call: `POST /worktrees/resolve` using `(device_id, repo_path, branch)`
-
-On the write path (non `--dry-run`), if the worktree id cannot be resolved the CLI **hard-fails with exit 1** and prints an actionable message. To pre-populate the cache:
-
-```
-npx codebyplan resolve-worktree --cache
-```
-
-If this worktree is not yet registered, run `npx codebyplan setup` first, then re-run `/cbp-round-complete`.
-
-The CLI parses `git status --short`, merges drift + staging + web-UI flag, and writes both round and task (forwarding `caller_worktree_id` on both writes so the server honors the feat-worktree lock). A **cleanly staged** file (`git add`-ed, no further unstaged changes) becomes `user_approved: true`.
+The CLI parses `git status --short`, merges drift + staging + web-UI flag, and writes both round and task. A **cleanly staged** file (`git add`-ed, no further unstaged changes) becomes `user_approved: true`.
 
 Read the stdout JSON: `{ added, stale_marked, reactivated, total_files }`.
 
@@ -109,14 +97,7 @@ This is the **single** explicit reconcile owned by this skill. (The `cbp-mcp-rou
 Calculate duration from the round's `started_at` to now in minutes.
 
 - **checkpoint KIND**: `codebyplan round complete --id <round_id> --task-id <task_id> --checkpoint-id <checkpoint_id>` (CLI write-through: local state file + REST). Break-glass fallback: MCP `complete_round(round_id, duration_minutes)` when the CLI is unavailable. Note: the CLI does not accept `duration_minutes`; the backend computes duration server-side.
-- **standalone KIND**: MCP `complete_standalone_round(standalone_round_id, duration_minutes, caller_worktree_id)`. ⚠️ `caller_worktree_id` is REQUIRED — resolve via `CALLER_WT=$(npx codebyplan resolve-worktree 2>/dev/null)`. If `CALLER_WT` is empty, surface this warning and ask the user to confirm before proceeding:
-
-  ```
-  Warning: could not resolve caller_worktree_id (npx codebyplan resolve-worktree returned empty).
-  The complete_standalone_round call may be rejected by the pre-guard. Proceed anyway? (yes / no)
-  ```
-
-  If the user confirms yes, proceed with `caller_worktree_id: ""`. If no, stop.
+- **standalone KIND**: MCP `complete_standalone_round(standalone_round_id, duration_minutes)`. The server keys on the JWT user (`ctx.userId`) — no worktree param needed or accepted.
 
 `complete_round` / `complete_standalone_round` sets the round `completed`, locks all `file_changes` for the round (`approval_locked: true`), and returns `unapproved_files[]` + `unapproved_count`. Hold those for routing.
 
@@ -157,7 +138,6 @@ Payload: `round.context.round_complete = { staged_count, unstaged_count, route,
 - **Permission prompt = confirmation** — gated by `ask`-tier `Skill(cbp-round-complete)`. Because the skill is `disable-model-invocation: true`, this gate applies to the user's **direct** `/cbp-round-complete` invocation. NEVER add an AskUserQuestion to confirm running; the harness prompt is the gate. A declined permission is a clean no-op.
 - **Step 2 (CLI) must exit 0** — if it fails, STOP before `complete_round`. The merge semantics are enforced by the CLI.
 - **NEVER ask the user to git add files** — Step 2 only reads staging status. **NEVER stage files** — Claude does not touch the git staging area; the user's `git add` is the approval signal.
-- **standalone KIND Step 3**: `caller_worktree_id` is REQUIRED for `complete_standalone_round` — always resolve and pass it.
 
 ## Integration
 

package/templates/skills/cbp-round-plan/SKILL.md

@@ -3,6 +3,7 @@ name: cbp-round-plan
 description: Plan a round — round-1 planning AND round-2+ deep-analysis of unapproved work, then spawn cbp-round-planner and auto-trigger /cbp-round-build
 triggers: [cbp-round-build]
 argument-hint: [chk-task-round | task-round | requirements-text]  # e.g. `108-1-2`, `45-2`, or free-text
+model: inherit
 effort: xhigh
 ---
 
@@ -24,7 +25,7 @@ Set `KIND` for the rest of this skill. Read/write sources vary by KIND:
 | Get rounds | local state (break-glass: `get_rounds`) | `get_standalone_rounds(standalone_task_id)` |
 | Add round | `codebyplan round add` (break-glass: `add_round`) | `add_standalone_round(standalone_task_id, ...)` |
 | Update round | `codebyplan round update` (break-glass: `update_round`) | `update_standalone_round(standalone_round_id, ...)` |
-| Complete round | `complete_round(round_id, duration_minutes?)` | `complete_standalone_round(standalone_round_id, duration_minutes?, caller_worktree_id)` ⚠️ `caller_worktree_id` is REQUIRED for standalone |
+| Complete round | `complete_round(round_id, duration_minutes?)` | `complete_standalone_round(standalone_round_id, duration_minutes?)` |
 | Update task | `codebyplan task update` (break-glass: `update_task`) | `update_standalone_task(standalone_task_id, ...)` |
 
 > **Note**: The `standalone` KIND column uses MCP tools unchanged — standalone local-first migration is out of scope and will be addressed in a later task.
@@ -260,6 +261,10 @@ input:
 
 Wait for planner output. **If the spawn fails, STOP per "Planner Spawn Failure Is A Gate Failure" above** — do not self-certify a plan inline.
 
+#### Orchestration (optional)
+
+When a plan warrants independent perspectives, Step 7's `cbp-round-planner` spawn MAY be expressed as a `Workflow(...)` script — e.g. a judge-panel of independent plans, scored and synthesized — instead of a single ad-hoc spawn. This is opt-in (ultracode session or explicit user request); the single-spawn flow above stays the DEFAULT and is unchanged. See `rules/workflow-orchestration.md`.
+
 ### Step 8: Present Plan
 
 Present the plan to user:

package/templates/skills/cbp-session-end/SKILL.md

@@ -1,7 +1,8 @@
 ---
 name: cbp-session-end
 description: End a development session
-effort: xhigh
+model: inherit
+effort: high
 ---
 
 # Session End Command
@@ -21,35 +22,46 @@ Always write a session log for this session — **even if empty**. `/cbp-session
 2. Pull facts from local state files rather than narrating from memory:
    - Rounds added/completed, tasks advanced/completed during this session (read from `.codebyplan/state/checkpoints/` subtree)
    - Decisions, blockers, or discoveries recorded in checkpoint/task context
-
-### Step 1.3: Capture Handoff Snapshot
-
-Snapshot the current next-action so the next `/cbp-session-start` (Step 4.5) can auto-resume. The handoff write-path + payload shape are specified inline here and in `/cbp-session-start` Step 4.5 (freshness gate).
-
-1. Read `.codebyplan/state/todos.json` (local-first) and take the queue head `rows[0]` (rows are ordered by `sort_order`; `rows[0]` is the current next-action). If missing/stale, run `npx codebyplan sync` once and re-read. Break-glass fallback: MCP `get_todos({ repo_id, worktree_id })` when the state dir is absent and sync fails. The worker stamps `command`, `instructions`, `state`, and the entity ids `checkpoint_id` / `task_id` / `round_id` on every row.
-2. If `rows[0]` exists and its `command` is non-empty (active work in flight):
-   ```yaml
-   handoff:
-     command: <rows[0].command> # e.g. "/cbp-verify"
-     instructions: <rows[0].instructions> # human-readable trigger reason
-     state: <rows[0].state> # workflow state label
-     context: # entity ids used by the Step 4.5 freshness probe
-       checkpoint_id: <rows[0].checkpoint_id>
-       task_id: <rows[0].task_id>
-       round_id: <rows[0].round_id>
-     captured_at: <ISO now> # for entity-drift freshness comparison
-     captured_session_log_id: <current session log id>
-   ```
-3. If the queue is empty or `rows[0].command` is empty / idle: set `handoff = null` so the next session's probe falls through to `/cbp-todo`.
-4. Hold `handoff` in context for Step 1's `update_session_log` call below — it ships in the same write as `ended_at` and `summary`.
-
-Continuing Step 1:
-
-3. Run `codebyplan session update-log --id <log-id> --ended-at <now> --summary <text> --pending <text> --handoff <json>` (CLI write-through: updates `.codebyplan/state/session/current.json` + REST). Break-glass fallback: MCP `update_session_log` when the CLI is unavailable. Fields:
+3. Run `codebyplan session update-log --id <log-id> --ended-at <now> --summary <text> --pending <text> --git-branch <current-branch>` (CLI write-through: updates `.codebyplan/state/session/current.json` + REST). Break-glass fallback: MCP `update_session_log` when the CLI is unavailable. Fields:
    - `ended_at`: now (maps to the `closed_at` column per TASK-2 alias)
-   - `handoff`: from Step 1.3 (jsonb or `null`; MCP write surface aliases to the `content` column transparently per CHK-111 Migration A — `handoff` wins over `content` when both are passed)
    - `summary`: concise — may be empty if nothing happened
    - `pending`: open items the next session should see first
+   - `git_branch`: the current git branch (informational; `git rev-parse --abbrev-ref HEAD`)
+   - **Do NOT pass `--handoff` / `handoff` field.** The DB handoff field is no longer written here. Omit entirely — never pass `handoff:null` (it clobbers summary/pending content).
+
+### Step 1.3: Optional Handoff File (mid-work only)
+
+When an active in-progress task or round exists, offer to write a handoff file so the next session can auto-resume. Skip entirely when not mid-work.
+
+1. Read `.codebyplan/state/todos.json` (local-first) and check `rows[0]` (queue head, ordered by `sort_order`). If missing/stale, run `npx codebyplan sync` once and re-read. Break-glass fallback: MCP `get_todos({ repo_id })` when the state dir is absent and sync fails. The worker stamps `command`, `instructions`, `state`, and entity ids `checkpoint_id` / `task_id` / `round_id` on every row.
+
+2. **If `rows[0]` exists and its `command` is non-empty** (active work in flight):
+   - Determine the handoff file path. The directory is keyed by the human-facing **number** (`<NNN>` checkpoint number / `<N>` standalone task number) — matching the committed `.codebyplan/checkpoint/<NNN>/` plan-artifact convention and the session-start resume probe (which globs by number). Resolve the number from local state (break-glass: MCP):
+     - Checkpoint work: read `.codebyplan/state/checkpoints/<rows[0].checkpoint_id>.json` → `number` (break-glass: MCP `get_checkpoints`). Path: `.codebyplan/checkpoint/<NNN>/handoff.md`.
+     - Standalone work: read the standalone task's `number` from local standalone state (break-glass: MCP `get_standalone_tasks`). Path: `.codebyplan/standalone/<N>/handoff.md`.
+   - Offer to write the file:
+     ```
+     Write handoff file for next session?
+     <path>
+
+     Reply: yes | no
+     ```
+   - On `yes`: write the file with this structure:
+     ```markdown
+     ---
+     command: <rows[0].command>
+     state: <rows[0].state>
+     captured_at: <ISO now>
+     checkpoint_id: <rows[0].checkpoint_id or null>
+     task_id: <rows[0].task_id or null>
+     round_id: <rows[0].round_id or null>
+     ---
+
+     <rows[0].instructions — human-readable trigger reason>
+     ```
+   - The file is committed with the session's final commit (Step 1.5) or the user can stage it manually.
+
+3. **If the queue is empty or `rows[0].command` is empty/idle**: skip — no handoff file is written.
 
 ### Step 1.5: Commit Non-Task Files
 
@@ -116,7 +128,7 @@ Stop this worktree's Realtime watch daemon, non-blocking and non-fatal:
 npx codebyplan watch stop 2>/dev/null || true
 ```
 
-This SIGTERMs the per-worktree pidfile daemon started by `cbp-session-start-hook.sh`. Silently ignored when no daemon is running for this worktree. If there is no daemon to stop (e.g. session-start was skipped), `watch stop` itself exits 0 — the `|| true` guard is defense-in-depth only, so Step 3's session-state write never sees a failure from this step.
+This SIGTERMs the per-worktree pidfile daemon started by `cbp-session-start-hook.sh`. Silently ignored when no daemon is running. If there is no daemon to stop (e.g. session-start was skipped), `watch stop` itself exits 0 — the `|| true` guard is defense-in-depth only, so Step 3's session-state write never sees a failure from this step.
 
 ### Step 3: Update Session State
 
@@ -133,9 +145,8 @@ You can close this window.
 ## Integration
 
 - **Triggered by**: user invocation (prompted by `/cbp-todo` when no work remains)
-- **Reads**: `.codebyplan/repo.json`; local-first reads (with `npx codebyplan sync` + MCP break-glass): `.codebyplan/state/session/current.json` (Step 1 resolve log), `.codebyplan/state/todos.json` (Step 1.3 handoff snapshot + Step 1.5 active-task lookup), `.codebyplan/state/checkpoints/<id>/tasks/<id>/rounds/` (Step 1.5 task-file resolution); `codebyplan session freshness-gate` (Step 1.7 package-freshness gate, without --halt-on-update); `codebyplan session infra-files --json --task-files <csv>` (Step 1.5 infra-file set math)
-- **Writes**: `codebyplan session update-log --id <id> ...` (Step 1 finalize — CLI write-through to `.codebyplan/state/session/current.json`; break-glass: MCP `update_session_log`), `codebyplan session create-log` (Step 1 fallback when no log exists; break-glass: MCP `create_session_log`), `codebyplan session update-state --action deactivate` (Step 3 — CLI write-through to `.codebyplan/state/session/state.json`; break-glass: MCP `update_session_state`)
+- **Reads**: `.codebyplan/repo.json`; local-first reads (with `npx codebyplan sync` + MCP break-glass): `.codebyplan/state/session/current.json` (Step 1 resolve log), `.codebyplan/state/todos.json` (Step 1.3 mid-work detection + Step 1.5 active-task lookup), `.codebyplan/state/checkpoints/<id>/tasks/<id>/rounds/` (Step 1.5 task-file resolution); `codebyplan session freshness-gate` (Step 1.7 package-freshness gate, without --halt-on-update); `codebyplan session infra-files --json --task-files <csv>` (Step 1.5 infra-file set math)
+- **Writes**: `codebyplan session update-log --id <id> --git-branch <branch> ...` (Step 1 finalize — CLI write-through to `.codebyplan/state/session/current.json`; break-glass: MCP `update_session_log`; handoff field never passed), `codebyplan session create-log` (Step 1 fallback when no log exists; break-glass: MCP `create_session_log`), optional handoff file at `.codebyplan/checkpoint/<NNN>/handoff.md` or `.codebyplan/standalone/<N>/handoff.md` (Step 1.3, mid-work only), `codebyplan session update-state --action deactivate` (Step 3 — CLI write-through to `.codebyplan/state/session/state.json`; break-glass: MCP `update_session_state`)
 - **Spawns**: none
 - **Triggers**: none at the skill-contract level. Step 1.5 may invoke `/cbp-git-commit` inline on user approval; Step 1.7 may invoke `/cbp-git-commit` on the `result === 'updated'` path (committing changed `.claude/` and `.codebyplan/` paths).
 - **Paired with**: `/cbp-session-start`
-- **Pairs with**: `/cbp-session-start` Step 4.5 (handoff payload shape + freshness-gate contract; specified inline — no separate rule file)

package/templates/skills/cbp-session-start/SKILL.md

@@ -2,6 +2,7 @@
 name: cbp-session-start
 description: Start a development session
 triggers: [cbp-todo]
+model: inherit
 effort: low
 ---
 
@@ -40,7 +41,7 @@ codebyplan session start --json
 The orchestrator performs (in order, all fail-safe):
 
 1. Resolve `repo_id` from `.codebyplan/repo.json`
-2. `codebyplan resolve-worktree --json` → `worktree_id`, `worktree_error_kind`
+2. `codebyplan whoami --json` → `user_id`, `user_error_kind` (CHK-225 retired worktree identity — concurrency is user-level via `assigned_user_id`; the removed `resolve-worktree` verb no longer exists)
 3. `codebyplan session freshness-gate --halt-on-update` → update_halt short-circuit (no activate, no create-log when halt)
 4. Infra-drift nudge (monorepo-only), arch-map drift nudge, LSP binary nudge
 5. Read previous session log from `.codebyplan/state/session/current.json` (sync on miss)
@@ -48,7 +49,7 @@ The orchestrator performs (in order, all fail-safe):
 7. `codebyplan session update-state --action activate` (write-through)
 8. `codebyplan session create-log` → `session_log_id`
 9. Infra-files set math: active task round files subtracted from `git status --porcelain`
-10. `get_checkpoints({ repo_id, status:'active' })` → ownership partition (owned vs cross)
+10. `get_checkpoints({ repo_id, status:'active' })` → ownership partition (owned by you vs other users)
 11. Compute `next_action` + render the Step 6 output block
 
 The envelope shape:
@@ -57,8 +58,8 @@ The envelope shape:
 {
   status: 'ok' | 'update_halt',
   session_log_id: string | null,
-  worktree_id: string | null,
-  worktree_error_kind: string | null,
+  user_id: string | null,
+  user_error_kind: string | null,
   infra_drift_nudge: string | null,
   arch_map_nudge: string | null,
   lsp_nudges: string[],
@@ -103,13 +104,13 @@ Route from `envelope.next_action`:
 - **`resume_handoff`** — trigger `envelope.handoff.command` directly with `envelope.handoff.context` / `envelope.handoff.state`. Skip Step 5.7.
 - **`commit_then_todo`** — run Step 5.7 (infra commit gate), then trigger `/cbp-todo`.
 - **`trigger_todo`** — trigger `/cbp-todo` (owns active work, or idle path).
-- **`stop`** — do NOT auto-trigger `/cbp-todo`. The Ownership block in `rendered_block` communicates the situation; the user must switch to the owning worktree or start new work explicitly.
+- **`stop`** — do NOT auto-trigger `/cbp-todo`. The Ownership block in `rendered_block` communicates the situation; the user must coordinate with the owning user or start new work explicitly.
 
 ## Integration
 
 - **Triggered by**: user invocation, `/clear` recovery
-- **Reads**: MCP `health_check` (Step 0 hard gate — stays MCP unconditionally); `codebyplan session start --json` (Steps 1–5.8 — the orchestrator reads `.codebyplan/repo.json`, `.codebyplan/git.json`, `.codebyplan/state/session/current.json`, `.codebyplan/state/todos.json`, `.codebyplan/state/checkpoints/` entity files, `scripts/infra-drift.mjs`, `.codebyplan/architecture.json`, `.codebyplan/lsp.json`)
-- **Writes**: orchestrator calls `codebyplan session update-state --action activate` (Step 7) and `codebyplan session create-log` (Step 8) — both SKIPPED on Step 0 hard-fail and on `status: update_halt`
+- **Reads**: MCP `health_check` (Step 0 hard gate — stays MCP unconditionally); `codebyplan session start --json` (Steps 1–5.8 — the orchestrator runs `codebyplan whoami --json` for caller identity and reads `.codebyplan/repo.json`, `.codebyplan/git.json`, `.codebyplan/state/session/current.json`, `.codebyplan/state/todos.json`, `.codebyplan/state/checkpoints/` entity files, `scripts/infra-drift.mjs`, `.codebyplan/architecture.json`, `.codebyplan/lsp.json`)
+- **Writes**: orchestrator calls `codebyplan session update-state --action activate` (Step 7) and `codebyplan session create-log` (Step 8 — user-level; no worktree_id in the body) — both SKIPPED on Step 0 hard-fail and on `status: update_halt`
 - **Spawns**: none
 - **Triggers**: `/cbp-git-commit` (conditional, on user approval at Step 5.7), `envelope.handoff.command` (on `next_action: resume_handoff`), `/cbp-todo` (on `next_action: trigger_todo` or `commit_then_todo`); STOPS with no trigger on `next_action: stop` or `mcp_update_halt`
 - **Paired with**: `/cbp-session-end`

package/templates/skills/cbp-session-start/qa-regression.md

@@ -1,52 +1,59 @@
 ---
 name: cbp-session-start-qa-regression
-description: Manual regression procedure for the cbp-session-start worktree-ownership awareness + resolve-worktree distress channel (CHK-137 TASK-3)
+description: Manual regression procedure for the cbp-session-start user-identity awareness + user-lock routing (CHK-225 TASK-5)
 ---
 
-# cbp-session-start — Worktree-Ownership Regression
+# cbp-session-start — User-Identity Regression
 
-Manual procedure verifying that `/cbp-session-start` correctly resolves the caller's worktree identity, gates Step 7 auto-trigger on ownership, and surfaces distress signals non-blocking. Run these by hand whenever the SKILL's envelope-consumption logic (Step 0 health gate, the `codebyplan session start` invocation, the Step 5.7 commit gate, or the Step 7 `next_action` routing) changes.
+Manual procedure verifying that `/cbp-session-start` correctly resolves the caller's user identity (via `codebyplan whoami --json`), gates Step 7 auto-trigger on user-level ownership, and surfaces distress signals non-blocking. Run these by hand whenever the SKILL's envelope-consumption logic (Step 0 health gate, the `codebyplan session start` invocation, the Step 5.7 commit gate, or the Step 7 `next_action` routing) changes.
 
-Since the worktree resolution, handoff freshness, ownership partition, and Step 6 render are now computed inside `codebyplan session start` (Steps 1–5.8 collapsed into one CLI call), the deterministic behavior is covered by unit tests (`src/cli/session/start.test.ts`, `src/lib/session.test.ts`). These scenarios are now best verified by inspecting the **envelope** the CLI emits — run `codebyplan session start --json` and read its fields — rather than tracing SKILL prose. The `ownership`, `next_action`, `handoff.fresh`, and `worktree_error_kind` fields below correspond to envelope keys.
+Since the user resolution, handoff freshness, ownership partition, and Step 6 render are now computed inside `codebyplan session start` (Steps 1–5.8 collapsed into one CLI call), the deterministic behavior is covered by unit tests (`src/cli/session/start.test.ts`, `src/lib/session.test.ts`). These scenarios are now best verified by inspecting the **envelope** the CLI emits — run `codebyplan session start --json` and read its fields — rather than tracing SKILL prose. The `ownership`, `next_action`, `handoff.fresh`, and `user_error_kind` fields below correspond to envelope keys.
 
 Repo under test: `2ff6d405-39c5-47b8-a6d1-59f998ac0537`.
 
 ## Preconditions
 
 - The SKILL keeps Step 0 (`health_check`) as a hard gate, then delegates Steps 1–5.8 to `codebyplan session start --json` — confirm with `grep -n 'session start --json' SKILL.md` → at least one hit.
-- The orchestrator resolves worktree identity via `resolve-worktree --json` and partitions ownership via `get_checkpoints({ repo_id, status: 'active' })` — confirm the envelope carries `worktree_id` / `worktree_error_kind` / `owned_count` / `total_count`.
+- The orchestrator resolves user identity via `whoami --json` and partitions ownership via `get_checkpoints({ repo_id, status: 'active' })` — confirm the envelope carries `user_id` / `user_error_kind` / `owned_count` / `total_count`.
 - The Step 6 Ownership block (the envelope's `rendered_block`) is READ-ONLY — confirm no "reassign", "release_assignment", or "transfer" language appears in SKILL.md: `grep -n 'reassign\|release_assignment\|transfer' SKILL.md` → no hits.
-- The handoff freshness gate includes the cross-worktree stale rule (checkpoint `worktree_id` non-null and differs from caller) — covered by the `probeHandoff` unit tests; the envelope surfaces the outcome as `handoff.fresh`.
+- The handoff freshness gate includes the cross-user stale rule (checkpoint `assigned_user_id` non-null and differs from caller) — covered by the `probeHandoff` unit tests; the envelope surfaces the outcome as `handoff.fresh`.
 
-## Scenario A — caller owns an active CHK → auto-trigger
+## Scenario A — current user owns an active CHK → auto-trigger
 
-1. Run from a worktree whose `WORKTREE_ID` matches the active checkpoint's `worktree_id` (or both are `null`).
-2. `get_checkpoints({ repo_id, status: 'active' })` returns at least one entry whose `worktree_id === WORKTREE_ID` (or both null).
-3. **Expected**: envelope `owned_count >= 1`, `next_action: 'trigger_todo'`. `rendered_block` shows `Ownership: N active CHK(s), N owned by this worktree`. The SKILL's Step 7 fires `/cbp-todo`.
+1. Run signed in as a user whose `user_id` matches the active checkpoint's `assigned_user_id` (or the checkpoint's `assigned_user_id` is `null`).
+2. `get_checkpoints({ repo_id, status: 'active' })` returns at least one entry whose `assigned_user_id === user_id` (or is null).
+3. **Expected**: envelope `owned_count >= 1`, `next_action: 'trigger_todo'`. `rendered_block` shows `Ownership: N active CHK(s), N owned by you`. The SKILL's Step 7 fires `/cbp-todo`.
 
-## Scenario B — active CHK(s) exist but none owned by caller → Ownership block + STOP
+## Scenario B — active CHK(s) exist, all owned by a different user → Ownership block + STOP
 
-Repro: caller worktree is `codebyplan-claude-2` (`38cd7dfa`). The only active checkpoint is CHK-136, assigned to `codebyplan-cli` (`016bd7f2`).
+Repro: current user is `alice@example.com` (`uuid-A`). The only active checkpoint is CHK-136, assigned to `bob@example.com` (`uuid-B`).
 
-1. `resolve-worktree --json` returns `{"worktree_id":"38cd7dfa-...","error_kind":null}`.
-2. `get_checkpoints({ repo_id, status: 'active' })` returns CHK-136 with `worktree_id = "016bd7f2-..."`.
-3. Step 5.8: `owned_count = 0`, `total_count = 1`, `cross_worktree = [CHK-136]`.
-4. **Expected**: envelope `owned_count = 0`, `total_count = 1`, `next_action: 'stop'`, `cross_checkpoints = [CHK-136]`. `rendered_block` shows `Ownership: 1 active CHK(s), 0 owned by this worktree` and `[Cross-worktree: CHK-136 (…)]`. The SKILL **STOPS** on `next_action: 'stop'` — `/cbp-todo` is NOT auto-triggered. No reassignment language appears.
+1. `whoami --json` returns `{"user_id":"uuid-A","email":"alice@example.com"}`.
+2. `get_checkpoints({ repo_id, status: 'active' })` returns CHK-136 with `assigned_user_id = "uuid-B"`.
+3. Step 5.8: `owned_count = 0`, `total_count = 1`, `cross_checkpoints = [CHK-136]`.
+4. **Expected**: envelope `owned_count = 0`, `total_count = 1`, `next_action: 'stop'`, `cross_checkpoints = [CHK-136]`. `rendered_block` shows `Ownership: 1 active CHK(s), 0 owned by you` and `[Other users: CHK-136 (…)]`. The SKILL **STOPS** on `next_action: 'stop'` — `/cbp-todo` is NOT auto-triggered. No reassignment language appears.
 
 ## Scenario C — no active CHKs anywhere → idle /cbp-todo trigger
 
 1. `get_checkpoints({ repo_id, status: 'active' })` returns `[]`.
 2. Step 5.8: `owned_count = 0`, `total_count = 0`.
-3. **Expected**: envelope `owned_count = 0`, `total_count = 0`, `next_action: 'trigger_todo'`. `rendered_block` shows `Ownership: 0 active CHK(s), 0 owned by this worktree`. The SKILL fires `/cbp-todo` (idle path → checkpoint-create or session-end suggestion).
+3. **Expected**: envelope `owned_count = 0`, `total_count = 0`, `next_action: 'trigger_todo'`. `rendered_block` shows `Ownership: 0 active CHK(s), 0 owned by you`. The SKILL fires `/cbp-todo` (idle path → checkpoint-create or session-end suggestion).
 
-## Scenario D — cross-worktree handoff → Step 4.5 marks stale, falls through
+## Scenario D — stale handoff pointing to a different user's checkpoint → handoff marked stale, falls through
 
-1. The most-recent closed session log contains a handoff payload whose `context.checkpoint_id` resolves to a checkpoint with `worktree_id = "016bd7f2-..."` (a different worktree).
-2. Caller `WORKTREE_ID = "38cd7dfa-..."`.
-3. **Expected**: the orchestrator's handoff freshness gate hits the cross-worktree stale rule (`checkpoint.worktree_id` non-null AND differs from caller) → envelope `handoff.fresh: false`. The mismatched handoff is NOT auto-resumed (`next_action` is never `resume_handoff`); ownership/routing proceed normally per `owned_count`/`total_count`.
+1. The most-recent closed session log contains a handoff payload whose `context.checkpoint_id` resolves to a checkpoint with `assigned_user_id = "uuid-B"` (a different user).
+2. Caller `user_id = "uuid-A"`.
+3. **Expected**: the orchestrator's handoff freshness gate hits the cross-user stale rule (`checkpoint.assigned_user_id` non-null AND differs from caller) → envelope `handoff.fresh: false`. The mismatched handoff is NOT auto-resumed (`next_action` is never `resume_handoff`); ownership/routing proceed normally per `owned_count`/`total_count`.
 
-## Scenario E — resolver distress (non-tuple-miss) → warning line above Ownership block, session proceeds
+## Scenario E — whoami distress (identity unresolved) → session proceeds, non-blocking warning
 
-1. `resolve-worktree --json` returns `{"worktree_id":null,"error_kind":"local_config_read_failed"}` (or any other non-null, non-tuple-miss `error_kind`).
-2. **Expected**: the envelope carries `worktree_error_kind: 'local_config_read_failed'`; `status` stays `'ok'` (non-blocking). `rendered_block` surfaces `⚠ resolve-worktree: local_config_read_failed — local state is broken; routing may be unreliable. Run \`npx codebyplan setup\` to repair.` ABOVE the Ownership block. The orchestrator still activates + creates the session log. `next_action` routes per the `owned_count`/`total_count` values as normal — the skill does NOT hard-stop the way `/cbp-todo` does on the same distress kinds.
-3. **Compound case** (distress typically leaves `worktree_id` null): ownership then classifies every checkpoint with a non-null `worktree_id` as `cross_checkpoints[]` (only truly-null-`worktree_id` checkpoints land in `owned_checkpoints[]`). So if all active checkpoints are assigned, `owned_count = 0` and `next_action: 'stop'` — the distress warning + Ownership block are the only output. The created session log records `worktree_id: null` (the resolver could not read local state); this is expected, not a failure.
+1. `whoami --json` returns `{"user_id":null,"error_kind":"local_config_read_failed"}` (or any other non-null, non-tuple-miss `error_kind`).
+2. **Expected**: the envelope carries `user_error_kind: 'local_config_read_failed'`; `status` stays `'ok'` (non-blocking). `rendered_block` surfaces `⚠ whoami: local_config_read_failed — identity could not be resolved; routing may be unreliable. Run \`npx codebyplan whoami\` to check identity.` ABOVE the Ownership block. The orchestrator still activates + creates the session log. `next_action` routes per the `owned_count`/`total_count` values as normal — the skill does NOT hard-stop the way `/cbp-todo` does on the same distress kinds.
+3. **Compound case** (distress typically leaves `user_id` null): ownership then classifies every checkpoint with a non-null `assigned_user_id` as `cross_checkpoints[]` (only open, null-`assigned_user_id` checkpoints land in `owned_checkpoints[]`). So if all active checkpoints are assigned, `owned_count = 0` and `next_action: 'stop'` — the distress warning + Ownership block are the only output. The created session log records the caller's JWT user server-side; the envelope `user_id: null` (the resolver could not read local identity) is expected, not a failure.
+
+## Scenario F — anonymous session (whoami returns null / signed out) → session proceeds, open checkpoints treated as own
+
+1. `whoami --json` returns `null` (signed out), empty output, or exits non-zero.
+2. `user_id` is treated as null (anonymous) with `user_error_kind: 'tuple_miss'`.
+3. `get_checkpoints({ repo_id, status: 'active' })` returns checkpoints with `assigned_user_id` null or set to real user IDs.
+4. **Expected**: ownership classifies null-`assigned_user_id` checkpoints as `owned_checkpoints[]` (no user to compare against) and non-null-`assigned_user_id` checkpoints as `cross_checkpoints[]` (anonymous caller cannot claim them). `rendered_block` shows the `⚠ Not signed in — run \`npx codebyplan login\` to sign in` line below the User line. `next_action` routes per `owned_count`/`total_count` as normal — the session does NOT hard-stop solely due to anonymous identity. The session log is created in Step 8.

package/templates/skills/cbp-setup-cd/SKILL.md

@@ -3,7 +3,8 @@ scope: org-shared
 name: cbp-setup-cd
 description: Detect configured CD surfaces, write/update .codebyplan/cd.json via `codebyplan cd init`, scaffold publish.yml and release-desktop.yml GitHub Actions workflows, and walk through environment/approval/OIDC setup. Interactive, idempotent.
 argument-hint: "[--force]"
-effort: xhigh
+model: inherit
+effort: high
 allowed-tools: Read, Write, Edit, Bash(cat *), Bash(jq *), Bash(test *), Bash(ls *), Bash(diff *), Bash(codebyplan cd *), Bash(npx codebyplan cd *), AskUserQuestion
 ---
 

package/templates/skills/cbp-setup-ci/SKILL.md

@@ -3,7 +3,8 @@ scope: org-shared
 name: cbp-setup-ci
 description: Detect CI platforms, write/update .codebyplan/ci.json, scaffold the GitHub Actions CI workflow, and enforce the required CI status check on the main branch. Interactive, idempotent.
 argument-hint: "[--force]"
-effort: xhigh
+model: inherit
+effort: high
 allowed-tools: Read, Write, Edit, Bash(cat *), Bash(jq *), Bash(test *), Bash(ls *), Bash(codebyplan ci *), Bash(npx codebyplan ci *), Bash(gh api *), Bash(gh auth *), AskUserQuestion
 ---
 

package/templates/skills/cbp-setup-e2e/SKILL.md

@@ -2,7 +2,8 @@
 name: cbp-setup-e2e
 description: Detect installed E2E frameworks, ask which to enable, record credentials source (gitignored env-file path + var names only, never secrets), and write/refresh .codebyplan/e2e.json. Interactive, idempotent.
 argument-hint: "[--force]"
-effort: xhigh
+model: inherit
+effort: high
 allowed-tools: Read, Write, Edit, Bash(cat *), Bash(jq *), Bash(which *), Bash(test *), Bash(mkdir *), Bash(cp *), Bash(echo *), Bash(date *), Bash(mv *), Bash(git check-ignore *), AskUserQuestion, mcp__codebyplan__get_repos
 ---
 

package/templates/skills/cbp-setup-eslint/SKILL.md

@@ -2,7 +2,8 @@
 name: cbp-setup-eslint
 description: Detect each app's tech stack, resolve matching DB ESLint presets, confirm which to enable per app, run `codebyplan eslint init` to generate eslint.config.mjs, and write/refresh .codebyplan/eslint.json. Interactive, idempotent.
 argument-hint: "[--force]"
-effort: xhigh
+model: inherit
+effort: high
 allowed-tools: Read, Write, Edit, Bash(cat *), Bash(jq *), Bash(test *), Bash(ls *), Bash(mkdir *), Bash(cp *), Bash(echo *), Bash(mv *), Bash(npx codebyplan eslint *), AskUserQuestion, mcp__codebyplan__get_repos, mcp__codebyplan__get_eslint_presets
 ---
 

package/templates/skills/cbp-ship/SKILL.md

@@ -1,6 +1,7 @@
 ---
 name: cbp-ship
 description: Orchestrate runtime deployment for a checkpoint — Vercel web, EAS mobile (Expo Go dev build / TestFlight preview), Tauri desktop, npm package publish, VS Code extension, Railway backend, Supabase migrations. Detects configured surfaces, walks the user through what to deploy, executes per-surface deploy steps, verifies each landed.
+model: inherit
 effort: xhigh
 ---
 
@@ -202,6 +203,10 @@ If a surface fails:
 
 EXCEPTION: `supabase` migration push failure halts the rest. Schema mismatch downstream is worse than partial shipment.
 
+#### Orchestration (optional)
+
+Step 5's per-surface deploys — the independent tails after the mandatory `supabase`-first step — MAY be authored as a `Workflow(...)` script for deterministic parallel fan-out instead of ad-hoc sequencing. This is opt-in (ultracode session or explicit user request); the sequential flow above (including the `supabase`-first ordering) stays the DEFAULT and is unchanged. See `rules/workflow-orchestration.md`.
+
 ### Step 6 — Verify each surface landed
 
 After each surface deploys, run its verification:

package/templates/skills/cbp-ship-configure/SKILL.md

@@ -3,7 +3,8 @@ name: cbp-ship-configure
 description: Configure shipment for one or more surfaces in the current repo — Vercel link, EAS project + eas.json scaffold, Apple credentials probe, npm publish auth check (including `codebyplan` asset-publish automation via the publish-on-main workflow), Railway project link, Supabase access token verify; Supabase GitHub branching integration via /cbp-supabase-setup. Interactive step-by-step; never stores credentials in the repo.
 argument-hint: [--surface=<id>]
 allowed-tools: Read, Write, Edit, Bash(which *), Bash(vercel *), Bash(eas *), Bash(npm *), Bash(railway *), Bash(jq *), Bash(mkdir *), Bash(cp *), Bash(echo *), Skill(cbp-supabase-setup)
-effort: xhigh
+model: inherit
+effort: high
 ---
 
 # Ship Configure Command

package/templates/skills/cbp-ship-main/SKILL.md

@@ -1,6 +1,7 @@
 ---
 name: cbp-ship-main
 description: Ship feat branch to production branch via PR — thin wrapper around `codebyplan ship`
+model: inherit
 effort: high
 ---
 

package/templates/skills/cbp-standalone-task-check/SKILL.md

@@ -4,6 +4,7 @@ name: cbp-standalone-task-check
 description: AI production review for the current standalone task
 argument-hint: [task]  # e.g. `45` (standalone TASK-45)
 triggers: [cbp-standalone-task-testing]
+model: inherit
 effort: high
 ---