codebyplan 1.5.1 → 1.9.0

package/templates/skills/cbp-merge-main/SKILL.md

@@ -0,0 +1,228 @@
+---
+scope: org-shared
+name: cbp-merge-main
+description: Merge main into the current feat branch with interactive per-conflict resolution and inline QA re-run
+model: sonnet
+effort: high
+---
+
+# Merge Main into Feat Branch
+
+Codifies the long-lived-branch-integration auto-memory rule (`[[feedback_long-lived-branch-integration]]`): when working on a feat branch that has diverged from main, merge main INTO the feat branch (not the reverse), resolve conflicts with the user, run a scoped QA pass, then return control to the caller — never rebase, never force-push, never push automatically.
+
+Triggered by `/cbp-task-start` (Step 3.6, optional stale-check), `/cbp-task-complete` (Step 4.5, mandatory pre-complete), and `/cbp-checkpoint-end` (Step 0, mandatory pre-shipment). User can also invoke manually at any time.
+
+## When to Use
+
+- **Auto-trigger (optional)**: `/cbp-task-start` Step 3.6 detects the feat branch is >10 commits behind `origin/{BASE}` OR the last fetch is >24h old.
+- **Auto-trigger (mandatory)**: `/cbp-task-complete` Step 4.5 — always run before marking a task complete to ensure the feat branch includes the latest main work.
+- **Auto-trigger (mandatory)**: `/cbp-checkpoint-end` Step 0 — always run before shipment to ensure no main drift reaches production.
+- **Manual invocation**: user runs `/cbp-merge-main` directly when they know main has advanced and want to pull it in immediately.
+
+## Instructions
+
+### Step 0: Pre-flight
+
+1. Read `.codebyplan/git.json` → `branch_config.base` (default `"main"`, read defensively — file may be absent) and `branch_config.protected` (default `["main"]`). Do NOT reference a removed `branch_config.integration` key.
+2. Run `git branch --show-current` → `CURRENT`. If `CURRENT` is in `branch_config.protected` OR does NOT match `feat/*`, error and STOP:
+
+   ```
+   /cbp-merge-main must run on a feat branch. Current: {CURRENT}.
+   Switch to a feat branch first.
+   ```
+
+3. Working-tree gate:
+   - Run `git diff --quiet`; if exit code is non-zero, `unstaged_dirty=true`, else `unstaged_dirty=false`.
+   - Run `git diff --cached --quiet`; if exit code is non-zero, `staged_present=true`, else `staged_present=false`.
+
+   Decision matrix:
+   - `unstaged_dirty=true` → AskUserQuestion:
+     - **Commit current changes first** (recommended) — trigger `/cbp-git-commit`, then re-check tree, then proceed.
+     - **Proceed with dirty tree** — soft warning; the merge may interleave with uncommitted edits.
+     - **Cancel** — abort the skill.
+   - `unstaged_dirty=false AND staged_present=true` → print one informational line and proceed to Step 1:
+     `Staged changes detected — proceeding with merge.`
+     (Pre-staged files will be included in the merge commit at Step 2 — this is intentional; the caller already approved them via /cbp-round-update.)
+   - `unstaged_dirty=false AND staged_present=false` → proceed silently to Step 1.
+   - Either `git diff` command exits with code ≥ 2 (git hard error — not-a-repo, detached HEAD with no commits, index lock, corrupt object store): surface the raw error output and STOP. Do NOT proceed to Step 1.
+
+   NEVER `git stash` for any reason (per `[[feedback_no-git-stash]]`).
+
+### Step 1: Fetch Latest Main
+
+1. Run `git fetch origin {BASE}`. **If this fails (offline, auth, registry)**, abort:
+
+   ```
+   /cbp-merge-main cannot proceed offline — `git fetch origin {BASE}` failed.
+   Resolve connectivity and re-invoke.
+   ```
+
+2. Measure drift:
+
+   ```bash
+   BEHIND=$(git rev-list --count HEAD..origin/{BASE})
+   AHEAD=$(git rev-list --count origin/{BASE}..HEAD)
+   ```
+
+3. If `BEHIND == 0`: print one-line `Already up to date with origin/{BASE} ({AHEAD} ahead, 0 behind).` and RETURN SUCCESS to the caller. No merge needed.
+
+### Step 1.5: Migration Timestamp Collision Pre-Check
+
+Supabase migrations are version-keyed by their numeric filename prefix. Two files sharing a prefix break `supabase db push`: the schema_migrations table records ONE version per prefix, the second file at the same prefix becomes orphaned, and every subsequent migration stalls — surfacing as the Supabase Preview check failing with `MIGRATIONS_FAILED`. Catch this BEFORE committing the merge, while a clean rollback is one `git merge --abort` away.
+
+1. Probe both sides of the would-be merge. Use `git ls-files` for the HEAD side so any in-progress `git mv` staged in the index (e.g. a rename produced by step 5 of a prior pass through this section) is reflected — `git ls-tree HEAD` would still see the committed-only state and re-trigger the collision. Use `git ls-tree origin/{BASE}` for the main side since we want the committed remote state, not anything locally staged:
+
+   ```bash
+   git ls-files supabase/migrations/ 2>/dev/null \
+     | sed 's|.*/||' | sort > /tmp/cbp-merge-our-names.txt
+   git ls-tree -r --name-only origin/{BASE} supabase/migrations/ 2>/dev/null \
+     | sed 's|.*/||' | sort > /tmp/cbp-merge-their-names.txt
+   ```
+
+2. A true collision is a numeric prefix that appears on BOTH sides with DIFFERENT filenames. A shared filename (same prefix, same basename — i.e. an already-merged migration) is NOT a collision. Compute the unique-to-each-side basenames first, then look for shared prefixes within that unique set:
+
+   ```bash
+   # Files unique to each side (same-named files are NOT collisions)
+   comm -23 /tmp/cbp-merge-our-names.txt /tmp/cbp-merge-their-names.txt > /tmp/cbp-merge-only-ours.txt
+   comm -13 /tmp/cbp-merge-our-names.txt /tmp/cbp-merge-their-names.txt > /tmp/cbp-merge-only-theirs.txt
+   # True collision: a prefix in only-ours also appears in only-theirs (same prefix, different basename)
+   COLLISIONS=$(cat /tmp/cbp-merge-only-ours.txt /tmp/cbp-merge-only-theirs.txt \
+     | sed 's|_.*||' | sort | uniq -d)
+   ```
+
+3. If `COLLISIONS` is empty, proceed silently to Step 2.
+
+4. If `COLLISIONS` is non-empty, for each colliding prefix list both file paths (one from `HEAD`, one from `origin/{BASE}`) and surface via AskUserQuestion:
+
+   - **Rename HEAD-side (Recommended when a main migration is already applied to a shared remote)** — rename the local file to a fresh, sequential timestamp that respects existing apply-order dependencies (probe `supabase migration list --db-url <preview>` if a preview branch exists, or inspect FK references in surrounding migrations). The orchestrator runs `git mv <old> <new>` itself; the rename lands in the git index and is picked up by the re-probe at step 5.
+   - **Rename main-side (manual, OUT-OF-SKILL)** — only when the main file definitely has not been applied anywhere yet AND the user has write access to `{BASE}`. This skill does NOT touch the main branch: it runs on a feat branch (Step 0 enforces this) and the Key Rules below forbid any push from this skill. The user must, in a separate terminal: `git checkout {BASE} && git mv <old> <new> && git commit -m "fix(migration): rename to resolve collision with feat/..." && git push origin {BASE}`. After that push is confirmed remote-side, re-invoke `/cbp-merge-main` — Step 1 will fetch the updated main tip and Step 1.5 will re-probe with the rename in place.
+   - **Defer to a new task in the active checkpoint** — `git merge --abort` is unnecessary because Step 2 has not started. Create a CHK-bound task per `infra-issue-absorption.md` "Resolve-in-Current-Scope by Default" and STOP `/cbp-merge-main`. Resume after the task completes.
+   - **Abort merge** — STOP the skill. User decides later.
+
+5. After any HEAD-side rename action, re-execute Step 1.5 (collisions may chain — fixing one can expose another). The HEAD-side probe at step 1 uses `git ls-files` rather than `git ls-tree HEAD`, so the freshly-staged `git mv` is visible without requiring a commit. Main-side renames require a fresh `/cbp-merge-main` invocation (the user manually fetched and re-ran per option 2 above), not an in-skill loop.
+
+This check is intentionally placed BEFORE Step 2's `git merge`: catching collisions pre-merge means no merge commit to revert, no conflict-resolution work to throw away, no Supabase Preview poll to fail.
+
+### Step 2: Merge with `--no-ff --no-commit`
+
+1. Run:
+
+   ```
+   git merge origin/{BASE} --no-ff --no-commit
+   ```
+
+   `--no-commit` defers the merge commit so Step 3 can resolve conflicts before committing (or `git merge --abort` if the user cancels). NEVER use `--ff-only` or rebase semantics — per locked decision.
+
+2. If git reports `Automatic merge went well; stopped before committing as requested.` (no conflicts):
+   - Commit the merge: `git commit --no-edit` (uses git's default merge message). If that fails (e.g. no MERGE_MSG template), fall back to: `git commit -m "chore(merge): integrate origin/{BASE} into {CURRENT}"`.
+   - Skip to Step 4.
+
+3. If conflicts: continue to Step 3.
+
+### Step 3: Interactive Per-Conflict Resolution
+
+1. List conflicted files and lock the count: `N=$(git diff --name-only --diff-filter=U | wc -l)`. `N` is the canonical conflict count used by Step 3.5 fallback message and Step 5 output; it stays fixed at the initial value across loop-backs.
+
+2. Load cross-reference context. Via MCP, gather all active CHK/TASK file ownership:
+   - `get_checkpoints(repo_id)` filtered to `status IN ('pending', 'active', 'in_progress')`.
+   - For each active checkpoint, also call `get_tasks(checkpoint_id)` and collect every `task.files_changed[].path` — checkpoint-bound task file ownership lives here, NOT on the checkpoint itself.
+   - `get_tasks(repo_id, standalone: true)` filtered to `status IN ('pending', 'in_progress')` — adds standalone-task file ownership.
+
+   Build a map `path -> [referencing CHK-NNN TASK-N + brief context]` by matching each conflicted path against:
+   - `checkpoint.context.files_to_change[]` (checkpoint-level plan)
+   - `task.files_changed[].path` (both checkpoint-bound AND standalone task file ownership)
+   - `task.requirements` (substring match for the path)
+
+3. For each conflicted file, IN ORDER:
+
+   a. Show:
+   - Conflicted file path
+   - `BEHIND` / `AHEAD` summary
+   - Cross-reference matches (`This file is referenced by CHK-NNN TASK-N: <brief>`)
+   - A unified diff of the conflict markers (`git diff -- {path}`)
+
+   b. Surface AskUserQuestion with these options. The "Recommended" tag is computed from cross-reference data:
+   - **Take ours (feat branch)** — `git checkout --ours {path} && git add {path}`.
+     Recommended when the path appears in any active CHK/TASK files_changed (the feat branch's work owns this file).
+   - **Take theirs (main)** — `git checkout --theirs {path} && git add {path}`.
+     Recommended when the path is NOT referenced by any active CHK/TASK (main's evolution wins by default).
+   - **Manual edit** — pause the skill. Prompt: `Edit {path} to resolve, then reply 'done' to continue.` Wait. After 'done': run `grep -l '<<<<<<<' {path}` — if it matches, the file still has conflict markers; surface the same prompt again. When clean: `git add {path}` and move on.
+   - **Show full diff** — print `git diff -- {path}` (working copy vs HEAD). For per-side views, run each separately (the `--base` / `--ours` / `--theirs` flags are mutually exclusive — combining them in one `git diff` invocation is invalid): `git diff --base -- {path}` (ancestor), `git diff --ours -- {path}` (HEAD), `git diff --theirs -- {path}` (MERGE_HEAD). After printing, RE-ASK the question — this option is meta and does not progress.
+
+   c. **Deliberate override of `[[feedback_claude-dir-wholesale-on-merge]]`**: that auto-memory rule recommended a wholesale `.claude/` overwrite for one-off long-lived-branch migrations. THIS skill is the routine periodic-sync mechanism, and the user explicitly chose per-conflict review for ALL paths including `.claude/`. Do NOT add a `.claude/`-wholesale shortcut. If a future maintainer is tempted to optimize by re-introducing the wholesale rule, the comment in this step is the contract: per-conflict review is the policy.
+
+4. After all conflicts resolved, verify clean: `git diff --name-only --diff-filter=U` MUST return empty. If not, loop back to step 3 with the remaining conflicts.
+
+5. Commit the merge:
+
+   ```
+   git commit --no-edit
+   ```
+
+   If that fails (e.g. no merge message template), fall back to explicit message:
+
+   ```
+   git commit -m "chore(merge): integrate origin/{BASE} into {CURRENT} (resolved {N} conflicts)"
+   ```
+
+### Step 4: Inline Automated QA Re-run
+
+Run a scoped subset of the testing-qa check matrix INLINE (no agent spawn — this skill stays lightweight):
+
+1. `pnpm -w lint` — always. On non-zero exit, surface stdout/stderr and AskUserQuestion:
+   - **Continue (commit-as-is)** — leave the merge committed; flag QA failure in output.
+   - **Abort merge** — `git reset --hard HEAD~1` to revert just the merge commit. Stop the skill.
+   - **Skip (mark warn)** — leave the merge committed; treat as warn, not fail.
+
+2. `pnpm exec tsc --noEmit` — only if any merged file matches `*.ts` or `*.tsx`. Same three-option prompt on failure.
+
+3. `pnpm test --run` — only if any merged file matches typical source globs (`src/**`, `apps/**/src/**`, `packages/**/src/**`). Same three-option prompt on failure.
+
+4. Build a `qa_summary` object:
+
+   ```
+   {
+     "lint": "pass" | "fail" | "warn" | "skipped",
+     "tsc": "pass" | "fail" | "warn" | "skipped",
+     "tests": "pass" | "fail" | "warn" | "skipped",
+     "merged_files_count": N,
+     "user_choice_on_failure": "continue" | "abort" | "skip" | null
+   }
+   ```
+
+Do NOT auto-revert without user consent. User-driven gating is the contract.
+
+### Step 5: Output
+
+Print:
+
+```
+## /cbp-merge-main complete
+
+**Merged**: origin/{BASE} → {CURRENT}
+**Commits pulled in**: {BEHIND}
+**Conflicts resolved**: {N}
+**QA**: {pass|warn|fail} ({passed}/{total})
+```
+
+Return control to the caller. **This skill NEVER pushes** — the caller decides when to push (preserves merge-commit review opportunity for the user before it lands on remote).
+
+## Key Rules
+
+- **Never rebase. Never force-push.** Merge-only via `--no-ff` (per `[[feedback_long-lived-branch-integration]]`).
+- **Never `git stash`** (per `[[feedback_no-git-stash]]`). Dirty tree → commit or cancel.
+- **Per-conflict user prompts — no shortcuts.** Deliberate override of `[[feedback_claude-dir-wholesale-on-merge]]`; that rule was scoped to a one-off migration.
+- **Never push.** Caller pushes after reviewing the merge commit.
+- **Abort on offline.** `git fetch` failure is a hard stop.
+
+## Integration
+
+- **Triggered by**:
+  - `/cbp-task-start` Step 3.6 (optional stale-check: >10 commits behind OR >24h fetch age)
+  - `/cbp-task-complete` Step 4.5 (mandatory pre-complete)
+  - `/cbp-checkpoint-end` Step 0 (mandatory pre-shipment)
+  - User-invocable manually
+- **Reads**: `.codebyplan/git.json`, MCP `get_checkpoints`, MCP `get_tasks`, git state
+- **Writes**: git merge commit (no MCP writes; no remote push)
+- **Spawns**: none (`/cbp-git-commit` is inline-triggered at Step 0 dirty-tree handling)
+- **Network**: contacts `origin` via `git fetch`. Offline = abort.

package/templates/skills/cbp-round-check/SKILL.md

@@ -0,0 +1,104 @@
+---
+scope: org-shared
+name: cbp-round-check
+description: Run automated checks standalone for the current round
+effort: low
+---
+
+<!-- Re-read this file before executing. Do not rely on memory. -->
+
+# Round Check Command
+
+Run automated checks independently with mandatory execution. Updates round QA. Hard fails if mandatory checks (build/lint/types) fail.
+
+## Instructions
+
+### Step 1: Get Current Round
+
+Use MCP `get_current_task` to find active task, then `get_rounds` to find the in-progress round.
+
+### Step 2: Determine Project Root
+
+Find the correct app directory:
+```bash
+REPO_ROOT="$(git rev-parse --show-toplevel)"
+```
+Identify app dir from project structure (e.g., `apps/web/` for Next.js).
+
+### Step 3: Execute Mandatory Checks (Hard Fail)
+
+For each check, EXECUTE the command and capture stdout + stderr. Log execution status.
+
+| Check | Command | Hard Fail |
+|-------|---------|-----------|
+| **Build** | `cd {app_dir} && npm run build 2>&1` | YES |
+| **Lint** | `cd {app_dir} && npm run lint 2>&1` | YES |
+| **Types** | `cd {app_dir} && npx tsc --noEmit 2>&1` | YES |
+
+For each:
+- Run the command via Bash tool
+- Log `EXECUTED: <command>` or `FAILED: <command> (exit code: N)`
+- If skipping (infrastructure-only changes): log `SKIPPED: <command> (reason: no app code changed)`
+
+### Step 4: Execute Conditional Checks
+
+| Check | Command | Condition |
+|-------|---------|-----------|
+| **Tests** | `cd {app_dir} && npx vitest --run 2>&1` | Test files exist |
+| **A11y** | Static check (aria, alt, focus) | UI files changed |
+| **API Health** | `curl -s -o /dev/null -w "%{http_code}" http://localhost:{PORT}/` | API routes changed |
+| **Visual** | Visual check flow (page-map + visual-check) | UI work + dev server running |
+
+### Step 5: Analyze Build Output
+
+Scan all captured output for:
+- **Warnings** (not just errors)
+- **Deprecation notices** (`grep -i "deprecat"` in output)
+- **Console.log in changed files**: `grep -rn "console\.\(log\|debug\|info\)" {changed_files}` (exclude tests)
+- **Bundle size warnings**
+
+### Step 6: Save QA Results
+
+Update round QA via MCP `update_round(round_id, qa: ...)`:
+
+```json
+{
+  "items": [
+    {"type": "auto", "check": "build", "status": "pass", "ran_at": "...", "notes": null, "executed": true},
+    {"type": "auto", "check": "lint", "status": "fail", "ran_at": "...", "notes": "3 errors", "executed": true},
+    {"type": "auto", "check": "types", "status": "pass", "ran_at": "...", "notes": null, "executed": true},
+    {"type": "auto", "check": "tests", "status": "skipped", "ran_at": "...", "notes": "no test files", "executed": false}
+  ]
+}
+```
+
+### Step 7: Show Results
+
+```
+## Round Check Results
+
+| Check | Status | Executed | Notes |
+|-------|--------|----------|-------|
+| Build | pass | yes | - |
+| Lint | fail | yes | 3 errors |
+| Types | pass | yes | - |
+| Tests | skipped | no | no test files |
+| Visual | pass | yes | screenshots saved |
+
+### Build Analysis
+- Warnings: [N]
+- Deprecations: [N]
+- Console.logs in code: [N]
+
+**Result**: [N] passed, [N] failed, [N] skipped
+**Hard fail**: [yes/no]
+```
+
+If hard fail: `Mandatory checks failed. Fix issues before continuing.`
+If soft failures only: `Run /cbp-round-start to trigger auto-fix, or fix manually.`
+
+## Integration
+
+- **Reads**: MCP `get_current_task`, `get_rounds`
+- **Writes**: MCP `update_round` (qa field)
+- **Standalone**: Can be run independently at any time

package/templates/skills/cbp-round-end/SKILL.md

@@ -0,0 +1,183 @@
+---
+scope: org-shared
+name: cbp-round-end
+description: Summary wrap-up after testing phase completes
+effort: high
+---
+
+# Round End Command
+
+Summary phase — presents what was done, then runs code quality review to catch bugs and logic errors that automated checks miss.
+
+**Inline-fallback for any spawn failure**: when `cbp-improve-round` (or any peer agent) fails to spawn, the orchestrator falls through to an inline procedure that produces equivalent (lower-fidelity but valid) output. The contract: detect failure class → record in `round.context.improve_round_findings.spawn_failure` → walk the agent's Phase checklist inline → continue the skill. Same procedure for every failure class (org/billing, monthly Agent cap, provider 5xx, rate limit, context overflow, tool not available). Pre-emptive skip applies when the same class fired on the prior round.
+
+See `reference/inline-fallback.md` for full trigger table, procedure, and coverage list.
+
+## Pipeline
+
+```
+/cbp-round-execute → /cbp-round-end → [code review + user decisions] → /cbp-round-update
+```
+
+## Identifier Notation
+
+This skill operates on the **active** task/round resolved via MCP `get_current_task` / `get_rounds` and does not accept a positional identifier argument. Canonical chk-task-round notation — used in prose, error messages, and cross-references — follows `.claude/rules/notation-consistency.md` "CHK / TASK / ROUND Identifier Notation": `108-1` (CHK-108 TASK-1), `45` (standalone TASK-45), `108-1-2` (round 2 of CHK-108 TASK-1), `45-2` (round 2 of standalone TASK-45).
+
+## Instructions
+
+### Step 1: Get Current Task and Round
+
+Use MCP `get_current_task` with repo_id (pass `checkpoint_id` if known to avoid disambiguation) to find the active task.
+Use MCP `get_rounds` for the task to find the in-progress round.
+
+Load round context with all outputs (executor_output, testing_qa_output, reviewer_output).
+
+### Step 2: Collect Files Changed
+
+Collect all files changed during this round from:
+
+- Work executor output
+- `git diff --name-status HEAD` for final state
+
+Build the files list with approval status:
+
+```json
+[
+  {
+    "path": "src/file.ts",
+    "action": "modified",
+    "claude_approved": true,
+    "user_approved": false
+  }
+]
+```
+
+**claude_approved**: `true` if cbp-testing-qa-agent passed for this file. `false` if issues remain.
+**user_approved**: Always `false` initially. User approves via git staging or web UI.
+
+### Step 3: Collect and Aggregate QA Results
+
+**No QA runs here** — all QA was already executed by per-wave `cbp-testing-qa-agent` inside `/cbp-round-execute` Step 5.
+
+This step is the **canonical user_qa[] construction site**. cbp-testing-qa-agent and cbp-test-e2e-agent are fully independent producers (no cross-read); cross-source user_qa items that combine signals from multiple producers are built here, at the user-facing boundary. Single-source user_qa items (derivable from one producer's data alone) stay with that producer.
+
+#### 3a — Collect single-source items from agent outputs
+
+Collect from round context (all three sources are agent-derived):
+
+- **Auto items**: from `testing_qa_output.auto_qa.items`
+- **User items (single-source)**: from `testing_qa_output.user_qa.items` (Phase 4b.1 design-source comparison + Phase 4b.2 mechanical-sweep spot-check + Phase 4b.0 connection smoke — all derivable from cbp-testing-qa-agent's own data)
+- **Default items**: from `testing_qa_output.default_checklist.items`
+
+#### 3b — Construct cross-source user_qa from frontend_ui_review (NEW)
+
+Read `round.context.frontend_ui_review.findings[]` (populated by the `cbp-frontend-ui` skill at `/cbp-round-execute` Step 5b under `phase: 'screenshot_review'`). For each finding, emit a `user_qa` item per the rules below.
+
+| Finding `category` | Finding `severity` | Emitted user_qa item |
+|--------------------|-------------------|---------------------|
+| `baseline_regression` | any | `{ type: 'user', check: 'Visual baseline regression — {page_or_screen}', status: 'pending', round_number: N, instructions: 'Open the diff PNG at `{screenshot}` (the `-diff.png` sibling shows pixel differences). Pixel-diff was `{baseline_diff_pct}%`. Decide: (a) regression — add a task to fix, OR (b) new rendering is correct — run `pnpm exec playwright test --update-snapshots` in `apps/{app}` and commit the updated baselines. Do NOT proceed until a decision is recorded.' }` |
+| `rendered_visual` | `critical` | `{ type: 'user', check: 'Rendered-visual critical — {page_or_screen}', status: 'pending', round_number: N, instructions: 'Open the screenshot at `{screenshot}`. The cbp-frontend-ui review flagged a critical rendering issue: `{finding.issue}`. Suggested fix: `{finding.suggestion}`. Decide whether this needs a fix-round before proceeding.' }` |
+| `rendered_visual` | `warning` | (no user_qa item; finding stays in `frontend_ui_review.findings` and surfaces via Step 7 findings presentation if relevant) |
+| Other categories | any | (no user_qa item from this step) |
+
+Skip Step 3b entirely when `round.context.frontend_ui_review` is absent (no e2e ran, or screenshot-review phase didn't execute).
+
+This is the required user gate for baseline updates — baselines are NEVER auto-accepted.
+
+#### 3c — Merge
+
+Combine the single-source items (3a) and cross-source items (3b) into a single `user_qa[]` for the round. Merge with previous rounds (supersede items for re-modified files, preserve verified items).
+
+### Step 4: Update Task Files and QA
+
+Update via MCP:
+
+- `update_task(task_id, files_changed: [...])` — merge with existing
+- `update_round(round_id, files_changed: [...], qa: {items: [...]})` — round-specific
+- `update_task(task_id, qa: {items: [...]})` — aggregated
+
+### Step 5: Present Summary
+
+```
+## Round [N] Complete - Ready for Review
+
+### Work Done
+[Brief summary from executor_output]
+
+### Files Changed ([N] files, [N] need approval)
+| File | Action | Claude | User |
+|------|--------|--------|------|
+| src/file.ts | modified | approved | pending |
+
+### Auto Checks
+| Check | Status |
+|-------|--------|
+| Build | pass |
+| Lint | pass |
+| Types | pass |
+| Tests | pass/skipped |
+```
+
+### Step 6: Spawn Code Quality Review
+
+Spawn `cbp-improve-round` agent via Agent tool with:
+
+```yaml
+input:
+  repo_id: [from config]
+  task: {id, title, requirements, context}
+  round: {id, number, requirements, files_changed, context}
+  project_path: [working directory]
+```
+
+Wait for agent to complete. If the spawn fails for any reason, apply the inline-fallback procedure documented in `reference/inline-fallback.md` (record `round.context.improve_round_findings.spawn_failure`, walk the agent's Phase checklist inline, continue the skill).
+
+### Step 7: Present Findings
+
+**If `status: 'no_findings'`:** show `### Code Review\nNo issues found. Code looks good.` and skip to Step 8.
+
+**If findings exist**, present them grouped by severity (table + per-finding details), then ask the user via AskUserQuestion which to fix: `all`, `1,2` (specific numbers), `none`, or `inline` (only when all findings qualify under the Trivial-Resolution Exception).
+
+Example tables and the `inline` option gating spec: see `reference/findings-presentation.md`.
+
+### Step 8: Route Based on Decisions
+
+**If `round.context.auto_loop_mode === true`** (auto-loop active):
+
+- Auto-accept ALL findings into `improve_round_findings[]` regardless of severity (the user opted into the loop).
+- Skip the polish-spiral stop-gate (auto-loop has its own cap-exhausted termination).
+- Skip the user findings-decision prompt.
+- Save findings via `update_round` exactly as in manual mode.
+- Auto-trigger `/cbp-round-update` immediately. round-update Step 6 will decide whether to spawn another round or exit clean (see cbp-round-update SKILL.md Step 6).
+
+**Else (manual mode — flag absent or false):**
+
+Run the existing flow:
+
+1. After round 2+, surface the polish-spiral stop-gate per `polish-spiral-stop-gate.md` (defer-to-followups vs continue).
+2. Surface the findings-decision AskUserQuestion (with optional `inline` per the gating rules in `reference/findings-presentation.md`).
+3. Save accepted/rejected findings to round context via MCP `update_round`:
+   ```json
+   {
+     "context": {
+       "improve_round_findings": [accepted findings],
+       "improve_round_rejected": [rejected findings with user reasons]
+     }
+   }
+   ```
+4. Auto-trigger `/cbp-round-update`. round-update will see unapproved files and route to `/cbp-round-input`; `/cbp-round-input` picks up the findings from round context and includes them in the new round's requirements automatically.
+
+## Key Rules
+
+- Claude NEVER git adds files — user does code review
+- Auto-triggers `/cbp-round-update` after findings are handled
+- `/cbp-round-end` is auto-triggered by `/cbp-round-execute` (user does not call it directly)
+- Findings are **presented for user decision** — never auto-fix without user consent
+
+## Integration
+
+- **Triggered by**: `/cbp-round-execute` (auto, after all waves + testing complete)
+- **Reads**: MCP `get_current_task`, `get_rounds`, round context
+- **Writes**: MCP `update_round`, `update_task` (files_changed, qa, findings)
+- **Spawns**: `cbp-improve-round` (code quality review)
+- **Triggers**: `/cbp-round-update` (auto, after findings handled)

package/templates/skills/cbp-round-end/reference/findings-presentation.md

@@ -0,0 +1,44 @@
+# Findings Presentation in `/cbp-round-end` Step 7
+
+When `improve-round` returns findings, Step 7 presents them grouped by severity and asks the user how to proceed.
+
+## Example output
+
+```
+### Code Review Findings
+
+| # | Severity | Category | File | Issue |
+|---|----------|----------|------|-------|
+| 1 | critical | bug | src/api.ts:42 | Missing null check on user input |
+| 2 | high | logic_error | src/calc.ts:15 | Off-by-one in loop boundary |
+| 3 | medium | edge_case | src/form.ts:88 | Empty array not handled |
+
+#### Details
+
+**1. Missing null check on user input** (critical)
+[description + suggested fix from agent]
+
+**2. Off-by-one in loop boundary** (high)
+[description + suggested fix from agent]
+```
+
+## AskUserQuestion options
+
+```
+Which findings should be fixed?
+- "all" — fix all findings in a new round
+- "1,2" — fix specific findings by number
+- "none" — skip all, proceed to round-update
+- "inline" — fix in THIS round before proceeding (only offered when all findings qualify under `infra-issue-absorption.md` Trivial-Resolution Exception)
+- Or explain why specific findings are not issues
+```
+
+## "inline" option gating
+
+Only present the "inline" option when ALL pending findings simultaneously satisfy:
+
+1. Diff is comment-only, annotation-only, banner-only, or single-value rename — no logic, no control flow
+2. Each fix is under ~5 minutes of executor time
+3. Verification is automatic — the existing test/lint/audit pipeline confirms the change
+
+If any finding fails these gates, omit the "inline" option entirely (revert to the 3-option prompt). When inline is chosen, apply the edits via direct `Edit`, re-run the verification commands (hook syntax check + `testing-qa-agent` scoped to modified files) and proceed to `/cbp-round-update` without spawning a new round. Document the decision in `round.context.inline_fix_log = { findings: [ids], rationale: "trivial-resolution exception", applied_at: <ISO> }` (mirrors the `bypass_log` shape from `infra-issue-absorption.md` "Pipeline Bypass for Trivial-Resolution Rounds").

package/templates/skills/cbp-round-end/reference/inline-fallback.md

@@ -0,0 +1,35 @@
+# Inline-Fallback for Any Spawn Failure
+
+When `improve-round` (or any agent spawned by this or peer skills) fails to spawn, the orchestrator falls through to an inline procedure that produces equivalent (lower-fidelity but valid) output. Same contract for every failure class — no special-casing per class.
+
+## Trigger conditions (any one)
+
+| Failure class             | Detection signal                                                                      |
+| ------------------------- | ------------------------------------------------------------------------------------- |
+| Org/billing limit         | `API Error: Extra usage is required for 1M context` (the original Proposal U trigger) |
+| Monthly Agent usage cap   | `API Error: This conversation has reached the monthly Agent usage limit` or similar   |
+| Provider 5xx              | Spawn returns `API Error 500` / `502` / `503` — transient or sustained                |
+| Rate limit                | `API Error 429` with retry hint                                                       |
+| Context overflow at spawn | Spawn returns `Context window exceeded` before agent can run                          |
+| Tool not available        | Skill caller's tool surface lacks Agent (rare — only in nested-agent contexts)        |
+
+## Fallback procedure (uniform across all triggers)
+
+1. Note the failure: `agent_spawned: false`, `skip_reason: "<one-line failure class>"`. Save to `round.context.improve_round_findings.spawn_failure = { class, error_message, decided_at }`.
+2. Perform the agent's analysis inline using whatever tools the orchestrator has (typically `Read` + `Bash` grep/find/head + `Glob`/`Grep`). Use the agent's documented Phase checklist as the script — agents are essentially curated checklists; following them inline produces equivalent (lower-fidelity but valid) output.
+3. Record findings in the same shape the agent would have returned (`findings[]` array with `severity`, `category`, `file`, `description`, `suggested_fix`). Mark each with `mode: 'inline_fallback'` so analytics can distinguish.
+4. Continue the skill — do NOT abort the round on spawn failure. The fallback is intended to keep the pipeline moving; aborting would force the user to manually re-run when the same failure will recur.
+
+**Pre-emptive skip**: when the same failure class fired in the previous round of the same task, skip the spawn attempt entirely and go straight to inline. This avoids one wasted API call per round during a sustained outage.
+
+## Coverage
+
+This fallback applies to:
+
+- `improve-round` spawned by `/cbp-round-end` (Step 6) — original case
+- `task-planner` spawned by `/cbp-round-start` Step 7 — orchestrator falls back to inline planning using the planner's Phase checklist
+- `testing-qa-agent` spawned by `/cbp-round-execute` Step 5 (per-wave) — orchestrator runs build/lint/types/tests inline via Bash and aggregates results in the agent's output shape
+- `task-check` spawned by `/cbp-task-check` skill — orchestrator walks the agent's verdict checklist inline
+- `improve-claude` spawned by its caller (when re-enabled) — orchestrator walks the agent's Phase 0-7 inline
+
+For details, each spawning skill carries a brief "Inline fallback" section pointing back to this contract. The canonical reference is here.