convoke-agents 2.4.0 → 3.0.1

package/_bmad/bme/_gyre/workflows/full-analysis/steps/step-02-detect-stack.md

@@ -0,0 +1,49 @@
+---
+step: 2
+workflow: full-analysis
+title: Detect Stack
+---
+
+# Step 2: Detect Stack
+
+Run the stack-detection workflow inline. This step delegates to the stack-detection workflow steps for the actual scanning, classification, and guard questions.
+
+## MANDATORY EXECUTION RULES
+
+- Execute the stack-detection workflow steps sequentially (scan → classify → guard questions)
+- Write GC1 (Stack Profile) to `.gyre/stack-profile.yaml` on completion
+- If GC1 already exists and mode is **Anticipation**, ask the user: "Your stack was detected previously. Re-detect or keep existing? (re-detect / keep)"
+
+## EXECUTION
+
+### If Crisis or Regeneration Mode
+
+Execute the stack-detection workflow steps in sequence:
+
+1. Load and execute: `{project-root}/_bmad/bme/_gyre/workflows/stack-detection/steps/step-01-scan-filesystem.md`
+2. Load and execute: `{project-root}/_bmad/bme/_gyre/workflows/stack-detection/steps/step-02-classify-stack.md`
+3. Load and execute: `{project-root}/_bmad/bme/_gyre/workflows/stack-detection/steps/step-03-guard-questions.md`
+
+After user confirms the classification, write GC1 to `.gyre/stack-profile.yaml`.
+
+### If Anticipation Mode (GC1 exists)
+
+Present the existing stack profile summary and ask:
+
+```
+Your stack was previously detected as: [archetype summary from GC1]
+
+Would you like to:
+a) Keep this detection and continue to model generation
+b) Re-detect (your project may have changed)
+```
+
+If user chooses (b), run the detection steps above.
+
+---
+
+## NEXT STEP
+
+With GC1 written, proceed to model generation:
+
+Load step: {project-root}/_bmad/bme/_gyre/workflows/full-analysis/steps/step-03-generate-model.md

package/_bmad/bme/_gyre/workflows/full-analysis/steps/step-03-generate-model.md

@@ -0,0 +1,52 @@
+---
+step: 3
+workflow: full-analysis
+title: Generate Model
+---
+
+# Step 3: Generate Model
+
+Run the model-generation workflow inline. Atlas generates a capabilities manifest contextual to the detected stack.
+
+## MANDATORY EXECUTION RULES
+
+- GC1 (Stack Profile) must have been written in step 2 — if missing, STOP
+- If cached model exists and mode is **Anticipation**, load cached and skip generation
+- If mode is **Regeneration** or **Crisis**, run full model generation
+- Execute the model-generation workflow steps sequentially
+
+## EXECUTION
+
+### If Anticipation Mode (capabilities.yaml exists)
+
+Present the existing model summary:
+
+```
+Your capabilities model was previously generated: [N] capabilities for [stack summary].
+
+Would you like to:
+a) Keep this model and continue to gap analysis
+b) Regenerate (fresh model even with existing amendments)
+```
+
+If user chooses (a), skip to next step.
+If user chooses (b), proceed with generation below.
+
+### If Crisis or Regeneration Mode
+
+Execute the model-generation workflow steps in sequence:
+
+1. Load and execute: `{project-root}/_bmad/bme/_gyre/workflows/model-generation/steps/step-01-load-profile.md`
+2. Load and execute: `{project-root}/_bmad/bme/_gyre/workflows/model-generation/steps/step-02-generate-capabilities.md`
+3. Load and execute: `{project-root}/_bmad/bme/_gyre/workflows/model-generation/steps/step-03-web-enrichment.md`
+4. Load and execute: `{project-root}/_bmad/bme/_gyre/workflows/model-generation/steps/step-04-write-manifest.md`
+
+After completion, GC2 is written to `.gyre/capabilities.yaml`.
+
+---
+
+## NEXT STEP
+
+With GC2 written, proceed to gap analysis:
+
+Load step: {project-root}/_bmad/bme/_gyre/workflows/full-analysis/steps/step-04-analyze-gaps.md

package/_bmad/bme/_gyre/workflows/full-analysis/steps/step-04-analyze-gaps.md

@@ -0,0 +1,42 @@
+---
+step: 4
+workflow: full-analysis
+title: Analyze Gaps
+---
+
+# Step 4: Analyze Gaps
+
+Run the gap-analysis workflow inline. Lens compares each capability against filesystem evidence.
+
+## MANDATORY EXECUTION RULES
+
+- GC2 (Capabilities Manifest) must have been written in step 3 — if missing, STOP
+- Execute the gap-analysis workflow steps sequentially
+- Time target: first finding presented <2 minutes from workflow start (NFR1)
+
+## EXECUTION
+
+Execute the gap-analysis workflow steps in sequence:
+
+1. Load and execute: `{project-root}/_bmad/bme/_gyre/workflows/gap-analysis/steps/step-01-load-manifest.md`
+2. Load and execute: `{project-root}/_bmad/bme/_gyre/workflows/gap-analysis/steps/step-02-observability-analysis.md`
+3. Load and execute: `{project-root}/_bmad/bme/_gyre/workflows/gap-analysis/steps/step-03-deployment-analysis.md`
+4. Load and execute: `{project-root}/_bmad/bme/_gyre/workflows/gap-analysis/steps/step-04-cross-domain-correlation.md`
+5. Load and execute: `{project-root}/_bmad/bme/_gyre/workflows/gap-analysis/steps/step-05-present-findings.md`
+
+After completion, GC3 is written to `.gyre/findings.yaml`.
+
+## ERROR RECOVERY
+
+If a domain analysis fails:
+- GC2 (capabilities.yaml) is already safe — it was written in step 3
+- Report what was found so far
+- Offer to retry the failed domain or continue with partial results
+
+---
+
+## NEXT STEP
+
+With GC3 written, proceed to findings review:
+
+Load step: {project-root}/_bmad/bme/_gyre/workflows/full-analysis/steps/step-05-review-findings.md

package/_bmad/bme/_gyre/workflows/full-analysis/steps/step-05-review-findings.md

@@ -0,0 +1,128 @@
+---
+step: 5
+workflow: full-analysis
+title: Review Findings
+implements: Epic 4 (Stories 4.5, 4.7)
+---
+
+# Step 5: Review Findings
+
+Coach presents findings and offers review options. This is the final step of the full-analysis pipeline.
+
+## MANDATORY EXECUTION RULES
+
+- GC3 (Findings Report) must have been written in step 4 — if missing, STOP
+- Present a brief findings summary (severity counts from GC3)
+- Prompt user to review capabilities manifest (FR43)
+- Offer: "Walk through now" / "Later" (deferred flag) / "Skip" (FR55)
+- If user chooses review: execute the model-review workflow inline
+- End with full Gyre compass routing table (NFR18 — all 7 workflows independently runnable)
+
+## EXECUTION
+
+### 1. Verify GC3 Exists
+
+Check that `.gyre/findings.yaml` was written by step 4. If missing:
+
+```
+❌ Findings report not found at .gyre/findings.yaml
+
+Step 4 (gap analysis) may not have completed. Options:
+a) Re-run gap analysis
+b) Exit full-analysis and investigate
+```
+
+### 2. Display Findings Summary
+
+Load GC3 and present a brief summary (not the full presentation — that was done in step 4):
+
+```
+## Analysis Complete
+
+Your findings report has been written to `.gyre/findings.yaml`:
+
+| Severity | Count |
+|----------|:-----:|
+| 🔴 Blockers | [N] |
+| 🟡 Recommended | [N] |
+| 🟢 Nice-to-have | [N] |
+| **Total** | **[N]** |
+```
+
+### 3. Check for Existing Feedback (FR53)
+
+If `.gyre/feedback.yaml` exists with entries:
+
+```
+💡 Your team has [N] previous feedback entries that can inform your review.
+```
+
+### 4. Review Prompt (FR43, FR55)
+
+```
+### Would you like to review your capabilities model?
+
+Coach can walk you through your capabilities one by one — keep, remove, edit, or add.
+This helps customize the model to your specific stack.
+
+1. **Walk through now** — Review capabilities interactively
+2. **Later** — Save a reminder for next run
+3. **Skip** — Go straight to feedback and finish
+
+What would you prefer?
+```
+
+### 5. Handle Response
+
+**Walk through now:**
+Execute the model-review workflow steps inline:
+1. Load step: `{project-root}/_bmad/bme/_gyre/workflows/model-review/steps/step-02-walkthrough.md`
+2. Load step: `{project-root}/_bmad/bme/_gyre/workflows/model-review/steps/step-03-apply-amendments.md`
+3. Load step: `{project-root}/_bmad/bme/_gyre/workflows/model-review/steps/step-04-capture-feedback.md`
+
+**Later:**
+Set `review_deferred: true` in `.gyre/capabilities.yaml` frontmatter.
+```
+✓ Review deferred. Coach will remind you next time you run an analysis.
+```
+Then proceed to feedback capture:
+Load step: `{project-root}/_bmad/bme/_gyre/workflows/model-review/steps/step-04-capture-feedback.md`
+
+**Skip:**
+Proceed directly to feedback capture:
+Load step: `{project-root}/_bmad/bme/_gyre/workflows/model-review/steps/step-04-capture-feedback.md`
+
+### 6. Full-Analysis Complete — Gyre Compass
+
+After review/feedback is done, present the final compass:
+
+```
+---
+
+## Full Analysis Complete 🎯
+
+All 5 steps finished. Your Gyre artifacts:
+- `.gyre/stack-profile.yaml` — Stack Profile (GC1)
+- `.gyre/capabilities.yaml` — Capabilities Manifest (GC2)
+- `.gyre/findings.yaml` — Findings Report (GC3)
+- `.gyre/feedback.yaml` — Feedback Loop (GC4) [if feedback was captured]
+
+💡 **Tip:** Commit the `.gyre/` directory to share these artifacts with your team.
+
+---
+
+## What's Next?
+
+| If you want to... | Consider next... | Agent | Why |
+|---|---|---|---|
+| Detect or re-detect your stack | stack-detection | Scout 🔎 | New project or stack has changed |
+| Generate or regenerate the model | model-generation | Atlas 📐 | First run or want fresh model |
+| Review your capabilities manifest | model-review | Coach 🏋️ | Customize the model to your stack |
+| Run gap analysis | gap-analysis | Lens 🔬 | Find what's missing |
+| See what changed since last run | delta-report | Lens 🔬 | Track progress over time |
+| Run the full pipeline again | full-analysis | Scout 🔎 | Complete end-to-end analysis |
+| Validate model accuracy | accuracy-validation | Atlas 📐 | Pre-pilot quality gate |
+| **Findings impact product discovery** | **Vortex agents** | **Emma 🎯 / Isla 🔍** | Production readiness gaps may inform discovery |
+
+> **Note:** These are recommendations. You can run any Gyre workflow at any time.
+```

package/_bmad/bme/_gyre/workflows/full-analysis/workflow.md

@@ -0,0 +1,39 @@
+---
+name: full-analysis
+agent: stack-detective
+title: Full Gyre Analysis
+description: Orchestrates the complete analysis pipeline — detect stack, generate model, analyze gaps, review findings
+steps: 5
+---
+
+# Full Analysis Workflow
+
+Runs the complete Gyre pipeline end-to-end: **Detect → Model → Analyze → Review**.
+
+## Pipeline
+
+| Step | File | Agent | Action |
+|------|------|-------|--------|
+| 1 | step-01-initialize.md | Scout 🔎 | Check for `.gyre/`, detect mode (crisis/anticipation/regeneration), create `.gyre/` if needed |
+| 2 | step-02-detect-stack.md | Scout 🔎 | Run stack detection, ask guard questions, write GC1 |
+| 3 | step-03-generate-model.md | Atlas 📐 | Load GC1, generate capabilities, write GC2 (skip if cached in anticipation mode) |
+| 4 | step-04-analyze-gaps.md | Lens 🔬 | Load GC2, run absence detection + cross-domain correlation, write GC3 |
+| 5 | step-05-review-findings.md | Coach 🏋️ | Load GC3, present findings, guide review, capture feedback, write GC4 |
+
+## Mode Detection
+
+- `.gyre/` does **not** exist → **crisis mode** (first run — full pipeline)
+- `.gyre/capabilities.yaml` exists → **anticipation mode** (re-run — skip model generation, use cached)
+- User says "regenerate" → **regeneration mode** (fresh model generation even with existing cache)
+
+## Privacy Boundary
+
+The GC1 contract enforces a privacy boundary: only technology categories flow between agents — never file contents, paths, version numbers, or secrets.
+
+## Instructions
+
+Load the first step to begin:
+
+```
+Load step: {project-root}/_bmad/bme/_gyre/workflows/full-analysis/steps/step-01-initialize.md
+```

package/_bmad/bme/_gyre/workflows/gap-analysis/steps/step-01-load-manifest.md

@@ -0,0 +1,70 @@
+---
+step: 1
+workflow: gap-analysis
+title: Load Capabilities Manifest
+---
+
+# Step 1: Load Capabilities Manifest
+
+Load the GC2 Capabilities Manifest and prepare for domain analysis.
+
+## MANDATORY EXECUTION RULES
+
+- Use Claude Code Read tool to load `.gyre/capabilities.yaml`
+- If file doesn't exist, do NOT proceed — inform user to run model-generation first
+- Filter out removed capabilities (removed: true) — they are excluded from analysis
+- Group remaining capabilities by category for domain-specific analysis
+
+## EXECUTION SEQUENCE
+
+### 1. Load GC2 (Capabilities Manifest)
+
+**Read** `.gyre/capabilities.yaml`:
+
+- Parse the YAML content
+- Verify it has GC2 contract frontmatter
+- Extract: version, stack_summary, capability_count, limited_coverage, capabilities array
+
+**If file not found:**
+```
+I need a Capabilities Manifest (GC2) before I can analyze gaps.
+
+Please run Atlas's model generation first:
+- Activate Atlas: /bmad-agent-bme-model-curator
+- Select [GM] Generate Model
+
+Or run the full analysis pipeline:
+- Select [FA] Full Analysis
+```
+Then STOP — do not proceed.
+
+### 2. Filter and Group Capabilities
+
+- Remove capabilities with `removed: true` from the analysis set
+- Group by category:
+  - **Observability:** capabilities with category "observability"
+  - **Deployment:** capabilities with category "deployment"
+  - **Reliability:** capabilities with category "reliability" (analyzed with deployment domain)
+  - **Security:** capabilities with category "security" (analyzed with deployment domain)
+
+### 3. Present Analysis Plan
+
+```
+## Capabilities Manifest Loaded
+
+**Stack:** [stack_summary]
+**Total capabilities:** [capability_count] ([N] active, [M] removed by user)
+**Limited coverage:** [yes/no]
+
+**Analysis plan:**
+- Observability domain: [N] capabilities to check
+- Deployment domain: [N] capabilities to check (includes reliability + security)
+
+Starting observability analysis...
+```
+
+---
+
+## NEXT STEP
+
+Load step: {project-root}/_bmad/bme/_gyre/workflows/gap-analysis/steps/step-02-observability-analysis.md

package/_bmad/bme/_gyre/workflows/gap-analysis/steps/step-02-observability-analysis.md

@@ -0,0 +1,110 @@
+---
+step: 2
+workflow: gap-analysis
+title: Observability Analysis
+---
+
+# Step 2: Observability Analysis
+
+For each observability capability, search the filesystem for implementation evidence.
+
+## MANDATORY EXECUTION RULES
+
+- Use Claude Code tools (Glob, Grep, Read) — do NOT ask the user for this information
+- Search for EVIDENCE OF EXISTENCE, not quality — absence detection, not code review
+- Every finding must cite a detection method (what tool was used and what was searched)
+- Do NOT include file contents in findings — only categorical evidence descriptions
+- Tag every finding with source, confidence, and severity
+
+## ANALYSIS PATTERN
+
+For each observability capability in the manifest:
+
+### 1. Evidence Search
+
+Use a progressive search strategy:
+
+**Glob** — find relevant files:
+- Config files (e.g., `**/otel*.yaml`, `**/prometheus*.yml`, `**/*logging*.*`)
+- Source patterns (e.g., `**/*health*.*`, `**/*metrics*.*`, `**/*trace*.*`)
+- Package configs that declare observability dependencies
+
+**Grep** — search for implementation patterns:
+- Import statements (e.g., `opentelemetry`, `prom-client`, `winston`, `pino`)
+- Configuration patterns (e.g., `healthz`, `readiness`, `liveness`)
+- Metric registration (e.g., `histogram`, `counter`, `gauge`)
+
+**Read** — examine found files for completeness:
+- If a config file exists, is it configured or just a skeleton?
+- If an import exists, is it used or just declared?
+
+### 2. Capability-Specific Search Patterns
+
+| Capability Pattern | Glob For | Grep For |
+|-------------------|----------|----------|
+| Structured logging | `**/*log*config*`, `**/*logger*.*` | `winston`, `pino`, `bunyan`, `structured`, `json.*log` |
+| Distributed tracing | `**/*trace*.*`, `**/*otel*.*` | `opentelemetry`, `@opentelemetry`, `trace`, `span` |
+| Metrics collection | `**/*metric*.*`, `**/*prom*.*` | `prometheus`, `prom-client`, `histogram`, `counter` |
+| Health checks | `**/*health*.*`, `**/readiness*`, `**/liveness*` | `healthz`, `readiness`, `liveness`, `/health` |
+| Alerting | `**/*alert*.*`, `**/*alarm*.*` | `alertmanager`, `cloudwatch.*alarm`, `pagerduty` |
+| Error tracking | `**/*sentry*.*`, `**/*error*track*` | `sentry`, `@sentry`, `errorHandler`, `Bugsnag` |
+
+### 3. Finding Classification
+
+For each capability, classify the result:
+
+| Status | Criteria | Finding Generated? |
+|--------|----------|:-----------------:|
+| **Present** | Multiple evidence sources confirm implementation | No (not a gap) |
+| **Absent** | No evidence found across all search patterns | Yes — finding |
+| **Partial** | Config or dependency exists but implementation incomplete | Yes — finding |
+
+### 4. Finding Tagging
+
+Each finding must include:
+
+```yaml
+- id: "OBS-NNN"              # sequential within observability domain
+  domain: "observability"
+  severity: "[blocker|recommended|nice-to-have]"
+  source: "[static-analysis|contextual-model]"
+  confidence: "[high|medium|low]"
+  capability_ref: "[GC2 capability ID]"
+  description: "[what's missing and why it matters]"
+  evidence_summary: "[what was searched and what was/wasn't found]"
+  severity_rationale: "[why this severity level]"
+```
+
+**Source tagging:**
+- `static-analysis`: Finding based on actual filesystem evidence (file found/not found, pattern matched/not matched)
+- `contextual-model`: Finding inferred from the capabilities manifest — the capability is relevant but no specific search pattern exists
+
+**Severity guidelines:**
+- `blocker`: Missing capability that prevents safe production deployment (e.g., no health checks on K8s)
+- `recommended`: Missing capability that significantly reduces operational visibility or safety
+- `nice-to-have`: Missing capability that would improve operations but isn't critical
+
+**Confidence levels:**
+- `high`: Multiple search patterns confirm absence — confident the capability doesn't exist
+- `medium`: Some patterns checked, some missed — moderately confident
+- `low`: Limited search coverage or ambiguous results — low confidence
+
+## OUTPUT
+
+Store observability findings in working memory. Present brief progress:
+
+```
+Observability analysis complete:
+- [N] capabilities checked
+- [P] present (no gaps)
+- [A] absent (gaps found)
+- [R] partial (incomplete implementation)
+
+Proceeding to deployment analysis...
+```
+
+---
+
+## NEXT STEP
+
+Load step: {project-root}/_bmad/bme/_gyre/workflows/gap-analysis/steps/step-03-deployment-analysis.md

package/_bmad/bme/_gyre/workflows/gap-analysis/steps/step-03-deployment-analysis.md

@@ -0,0 +1,87 @@
+---
+step: 3
+workflow: gap-analysis
+title: Deployment Analysis
+---
+
+# Step 3: Deployment Analysis
+
+For each deployment, reliability, and security capability, search the filesystem for implementation evidence.
+
+## MANDATORY EXECUTION RULES
+
+- Same rules as observability analysis: use tools, search for existence, cite methods, no file contents
+- This step covers three GC2 categories: deployment, reliability, and security
+- Finding IDs use prefix "DEP-" for all three categories in this domain
+
+## ANALYSIS PATTERN
+
+Same progressive search strategy as Step 2, applied to deployment-related capabilities.
+
+### Capability-Specific Search Patterns
+
+**Deployment:**
+
+| Capability Pattern | Glob For | Grep For |
+|-------------------|----------|----------|
+| CI/CD pipeline | `.github/workflows/*`, `.gitlab-ci.yml`, `Jenkinsfile` | `deploy`, `release`, `publish`, `build` |
+| Container config | `Dockerfile*`, `docker-compose*`, `*.dockerfile` | `HEALTHCHECK`, `EXPOSE`, `multi-stage` |
+| K8s manifests | `k8s/**`, `manifests/**`, `helm/**` | `deployment`, `service`, `ingress`, `configmap` |
+| Rollback strategy | `k8s/**`, `.github/workflows/*` | `rollback`, `revision`, `undo`, `canary`, `blue-green` |
+| IaC | `terraform/**`, `*.tf`, `cloudformation/**`, `cdk.json` | `resource`, `module`, `stack` |
+| Environment config | `**/.env*`, `**/config/**` | `environment`, `config`, `secret`, `env_var` |
+| Deployment strategy | `k8s/**`, `.github/workflows/*` | `rollingUpdate`, `canary`, `blue-green`, `maxSurge` |
+
+**Reliability:**
+
+| Capability Pattern | Glob For | Grep For |
+|-------------------|----------|----------|
+| Graceful shutdown | `**/*shutdown*`, `**/*signal*` | `SIGTERM`, `SIGINT`, `graceful`, `drain` |
+| Circuit breakers | `**/*circuit*`, `**/*retry*` | `circuit`, `breaker`, `retry`, `backoff`, `resilience` |
+| Rate limiting | `**/*rate*limit*`, `**/*throttle*` | `rateLimit`, `throttle`, `rate_limit` |
+| Dependency health | `**/*health*`, `**/*ping*` | `dependency.*check`, `upstream.*health`, `ping` |
+
+**Security:**
+
+| Capability Pattern | Glob For | Grep For |
+|-------------------|----------|----------|
+| Secrets management | `**/*secret*`, `**/*vault*` | `vault`, `secrets-manager`, `KMS`, `sealed-secret` |
+| Vulnerability scanning | `.github/workflows/*`, `**/*security*` | `snyk`, `trivy`, `dependabot`, `renovate`, `audit` |
+| Network policies | `k8s/**/*network*`, `**/*firewall*` | `NetworkPolicy`, `security-group`, `firewall` |
+| Auth patterns | `**/*auth*`, `**/*jwt*`, `**/*oauth*` | `authentication`, `authorization`, `jwt`, `oauth`, `rbac` |
+| Image scanning | `.github/workflows/*`, `**/*scan*` | `trivy`, `snyk container`, `docker.*scan`, `ecr.*scan` |
+
+### Finding Classification and Tagging
+
+Same as observability analysis (Step 2):
+- Classify: present / absent / partial
+- Tag with: id (DEP-NNN), domain, severity, source, confidence, capability_ref, description, evidence_summary, severity_rationale
+- Source: `static-analysis` or `contextual-model`
+
+### Severity Guidelines (Deployment Domain)
+
+- `blocker`: Missing capability that creates deployment risk (e.g., no rollback mechanism, no graceful shutdown on K8s)
+- `recommended`: Missing capability that reduces deployment safety or velocity (e.g., no canary strategy, no IaC)
+- `nice-to-have`: Missing capability that would improve deployment hygiene (e.g., no image scanning, no network policies for non-sensitive service)
+
+## OUTPUT
+
+Store deployment findings in working memory alongside observability findings. Present brief progress:
+
+```
+Deployment analysis complete:
+- [N] capabilities checked (deployment + reliability + security)
+- [P] present (no gaps)
+- [A] absent (gaps found)
+- [R] partial (incomplete implementation)
+
+**Combined findings so far:** [total] findings across both domains
+
+Proceeding to cross-domain correlation...
+```
+
+---
+
+## NEXT STEP
+
+Load step: {project-root}/_bmad/bme/_gyre/workflows/gap-analysis/steps/step-04-cross-domain-correlation.md

package/_bmad/bme/_gyre/workflows/gap-analysis/steps/step-04-cross-domain-correlation.md

@@ -0,0 +1,105 @@
+---
+step: 4
+workflow: gap-analysis
+title: Cross-Domain Correlation
+---
+
+# Step 4: Cross-Domain Correlation
+
+Identify compound findings that span observability and deployment domains.
+
+## MANDATORY EXECUTION RULES
+
+- Only run if BOTH domain analyses (steps 2 and 3) completed successfully
+- If either domain failed, skip correlation and note in the report
+- Each compound must reference exactly 2 existing findings from DIFFERENT domains
+- Compound confidence = lower of the two component confidences
+- Suppress compounds when either component has confidence "low" (NFR22)
+
+## CORRELATION PATTERNS
+
+Look for these known amplification patterns between observability and deployment findings:
+
+### High-Priority Compounds
+
+| Observability Finding | + Deployment Finding | = Compound Impact |
+|----------------------|---------------------|-------------------|
+| No health checks | No rollback mechanism | **Deployment risk amplifier:** Failed deployments cannot be detected or reversed automatically |
+| No structured logging | No deployment event markers | **Incident blindness:** Cannot correlate deployment events with application behavior changes |
+| No distributed tracing | No circuit breakers | **Cascade risk:** Service failures propagate without detection or isolation |
+| No metrics collection | No alerting/monitoring | **Silent failure:** System degradation invisible until users report issues |
+| No error tracking | No graceful shutdown | **Data loss risk:** Errors during shutdown go untracked, requests lost silently |
+
+### Medium-Priority Compounds
+
+| Observability Finding | + Deployment Finding | = Compound Impact |
+|----------------------|---------------------|-------------------|
+| No tracing | No canary strategy | **Regression detection gap:** Cannot detect performance regressions during gradual rollout |
+| No metrics | No autoscaling config | **Capacity blindness:** Cannot scale based on load if load isn't measured |
+| No log correlation IDs | Multiple services detected | **Debug difficulty:** Cross-service issues untraceable without correlation |
+
+## COMPOUND FINDING SCHEMA
+
+```yaml
+- id: "COMPOUND-NNN"
+  domain: "cross-domain"
+  severity: "[blocker|recommended|nice-to-have]"
+  source: "contextual-model"
+  confidence: "[lower of two components]"
+  capability_ref: ["[GC2 cap ID 1]", "[GC2 cap ID 2]"]
+  description: "[what the compound gap means]"
+  evidence_summary: "[references to component findings]"
+  related_findings: ["[OBS-NNN]", "[DEP-NNN]"]
+  combined_impact: "[reasoning chain: why these two gaps together are worse than either alone]"
+```
+
+## CORRELATION PROCESS
+
+1. For each observability finding, check if any deployment finding creates an amplification pattern
+2. For each match, verify:
+   - Both component findings are from different domains
+   - Neither component has confidence "low" (suppress if so)
+   - The combination genuinely amplifies risk (not just coincidental co-occurrence)
+3. Assign compound severity based on combined impact (may be higher than either component)
+4. Write reasoning chain explaining WHY these two gaps together are worse
+
+## SANITY CHECK
+
+After correlation, run a sanity check:
+
+```yaml
+sanity_check:
+  passed: boolean
+  warnings: []
+```
+
+Flag warnings for:
+- **>80% of capabilities flagged missing** — may indicate wrong archetype or insufficient detection
+- **>5 compounds generated** — may indicate over-correlation (review each for genuine amplification)
+- **All findings from one domain only** — correlation was skipped or one domain had no findings
+
+## OUTPUT
+
+Store compound findings alongside domain findings. Present brief progress:
+
+```
+Cross-domain correlation complete:
+- [N] amplification patterns checked
+- [M] compound findings identified
+
+[If compounds found]:
+Notable compounds:
+- [COMPOUND-001]: [brief description]
+- [COMPOUND-002]: [brief description]
+
+[If no compounds]:
+No cross-domain amplification patterns detected — your gaps are independent.
+
+Preparing findings report...
+```
+
+---
+
+## NEXT STEP
+
+Load step: {project-root}/_bmad/bme/_gyre/workflows/gap-analysis/steps/step-05-present-findings.md