create-agentic-pdlc 2.1.3 → 2.1.5

package/adapters/claude-code/skill.md

@@ -42,7 +42,7 @@ If any of these files are missing, you are in **Setup Mode**. Do not proceed wit
      - c) **Yes, activate** — *Uncomment the `move-violation-to-board` job in `project-automation.yml`.* → Activate immediately.
    - **QA Agent:** Ask: *"Do you want to use a QA agent to verify PRs automatically before Code Review?"* Present the options:
      - a) **No (Variant A)** — *PRs go straight to Code Review. Standard and simpler.*
-     - b) **Yes (Variant B), but I need help configuring it** — *PRs pass through a QA Agent before being reviewed. Requires a QA Agent (e.g., QAWolf).* → Guide the user through configuration.
+     - b) **Yes (Variant B), but I need help configuring it** — *PRs pass through a QA Agent before being reviewed. Requires a `GEMINI_API_KEY` secret (free tier available at ai.google.dev).* → Guide the user through configuration.
      - c) **Yes (Variant B), I already have it configured** — *PRs pass through a QA Agent before being reviewed.* → Activate Variant B immediately: change `STATUS_CODE_REVIEW_PR` to `STATUS_TESTING` in the `move-card-on-pr-open` job and uncomment the `move-card-on-qa-pass` job in `project-automation.yml`.
    - **Implementation Agent:** Ask: *"Do you use an autonomous implementation agent? (It implements the features you approve for development)"* Present the options:
      - a) **No** — *No autonomous implementation agent.*
@@ -70,6 +70,18 @@ If any of these files are missing, you are in **Setup Mode**. Do not proceed wit
 
 ---
 
+## UPDATE MODE
+
+If the user says anything like "update the pipeline", "update the board", "update agentic-pdlc", or "configure the agents", run:
+
+```bash
+npx create-agentic-pdlc --update
+```
+
+This detects which optional agents (Jules, QA Agent, Sentinel) are already configured in the project and interactively configures the missing ones. It does **not** overwrite user-owned files (`AGENTS.md`, agent config files).
+
+---
+
 ## EXECUTION MODE
 
 If `AGENTS.md` and `docs/pdlc.md` are present, you are in **Execution Mode**. 

package/bin/cli.js

@@ -59,7 +59,19 @@ const i18n = {
   missing_claude: t('❌ Could not find instruction file at ', '❌ Não foi possível encontrar o arquivo de instrução em ', '❌ No se pudo encontrar el archivo de instrucción en '),
   cursor_rules_written: t('✅ Default cursor rules written to .cursorrules', '✅ Regras padrão do cursor salvas em .cursorrules', '✅ Reglas por defecto de cursor guardadas en .cursorrules'),
   setup_done: t('🎉 All set! Continue the setup with your agent:', '🎉 Aqui tá pronto! Continue o setup com o seu agente:', '🎉 ¡Listo! Continúa el setup con tu agente:'),
-  setup_done_hint: t('>>> Tell it to read and execute the .agentic-setup.md file!', '>>> Diga a ele para ler e executar o arquivo .agentic-setup.md!', '>>> Dile que lea y ejecute el archivo .agentic-setup.md!')
+  setup_done_hint: t('>>> Tell it to read and execute the .agentic-setup.md file!', '>>> Diga a ele para ler e executar o arquivo .agentic-setup.md!', '>>> Dile que lea y ejecute el archivo .agentic-setup.md!'),
+  update_title: t('agentic-pdlc — Agent Configuration Status', 'agentic-pdlc — Status de Configuração dos Agentes', 'agentic-pdlc — Estado de Configuración de Agentes'),
+  update_no_context: t('❌ No .agentic-pdlc/cli-context.json found. Run npx create-agentic-pdlc first.', '❌ Arquivo .agentic-pdlc/cli-context.json não encontrado. Rode npx create-agentic-pdlc primeiro.', '❌ Archivo .agentic-pdlc/cli-context.json no encontrado. Ejecuta npx create-agentic-pdlc primero.'),
+  update_all_ok: t('All agents configured!', 'Todos os agentes configurados!', '¡Todos los agentes configurados!'),
+  update_ask_configure: t('Configure missing agents? (Y/n): ', 'Configurar agentes faltantes? (S/n): ', '¿Configurar agentes faltantes? (S/n): '),
+  update_skipped: t('Skipped.', 'Pulado.', 'Omitido.'),
+  update_jules_header: t('— Jules (autonomous implementation agent) —', '— Jules (agente de implementação autônomo) —', '— Jules (agente de implementación autónomo) —'),
+  update_jules_ask: t('  Which agent? (a) @google-labs-jules  (b) Other  (c) Skip: ', '  Qual agente? (a) @google-labs-jules  (b) Outro  (c) Pular: ', '  ¿Qué agente? (a) @google-labs-jules  (b) Otro  (c) Omitir: '),
+  update_jules_ask_handle: t('  Agent handle (e.g. @my-agent): ', '  Handle do agente (ex: @meu-agente): ', '  Handle del agente (ej: @mi-agente): '),
+  update_qa_header: t('— QA Agent (AC verification via Gemini — free tier) —', '— QA Agent (verificação de ACs via Gemini — free tier) —', '— QA Agent (verificación de ACs via Gemini — free tier) —'),
+  update_qa_ask: t('  Activate? Requires GEMINI_API_KEY secret. (Y/n): ', '  Ativar? Requer secret GEMINI_API_KEY. (S/n): ', '  ¿Activar? Requiere el secret GEMINI_API_KEY. (S/n): '),
+  update_sentinel_header: t('— Sentinel (architecture audit via Gemini Code Assist) —', '— Sentinel (auditoria de arquitetura via Gemini Code Assist) —', '— Sentinel (auditoría de arquitectura via Gemini Code Assist) —'),
+  update_sentinel_ask: t('  Activate? Requires Gemini Code Assist CI job. (Y/n): ', '  Ativar? Requer CI job do Gemini Code Assist. (S/n): ', '  ¿Activar? Requiere CI job de Gemini Code Assist. (S/n): '),
 };
 
 const cyan = '\x1b[36m';
@@ -159,6 +171,7 @@ async function runSetup() {
     { name: 'architecture-violation', color: 'd93f0b', description: 'Invariant violation detected by CI' },
     { name: 'qa:approved', color: '0e8a16', description: 'QA Agent approved the implementation' },
     { name: 'qa:needs-work', color: 'd93f0b', description: 'QA Agent found issues' },
+    { name: 'infra:qa-broken', color: 'F97316', description: 'QA Agent failed to run — manual review required' },
     { name: 'jules', color: '5319e7', description: 'Jules AI Agent' }
   ];
 
@@ -372,4 +385,189 @@ async function runSetup() {
   rl.close();
 }
 
-runSetup();
+// ─── Update Mode helpers ──────────────────────────────────────────────────────
+
+function detectAgentState(dir) {
+  const state = { jules: false, julesHandle: null, qaAgent: false, sentinel: false };
+
+  const atPath = path.join(dir, '.github', 'workflows', 'agent-trigger.yml');
+  if (fs.existsSync(atPath)) {
+    const content = fs.readFileSync(atPath, 'utf8');
+    if (!content.includes('{{AGENT_HANDLE}}') && !content.includes('{{IMPLEMENTATION_AGENT_LABEL}}')) {
+      const match = content.match(/(@[\w-]+)/);
+      if (match) { state.jules = true; state.julesHandle = match[1]; }
+    }
+  }
+
+  const paPath = path.join(dir, '.github', 'workflows', 'project-automation.yml');
+  if (fs.existsSync(paPath)) {
+    const content = fs.readFileSync(paPath, 'utf8');
+    state.qaAgent   = /^  move-card-on-qa-pass:/m.test(content);
+    state.sentinel  = /^  move-violation-to-board:/m.test(content);
+  }
+
+  return state;
+}
+
+function uncommentYamlJob(content, jobCommentedLine) {
+  if (!content.includes(jobCommentedLine)) return content;
+  const lines = content.split('\n');
+  const output = [];
+  let state = 'before';
+
+  for (const line of lines) {
+    if (state === 'before') {
+      if (line === jobCommentedLine) {
+        state = 'in-job';
+        output.push(line.replace(/^(\s{2})# ?/, '$1'));
+      } else if (/^\s{2}# (OPTIONAL:|When )/.test(line)) {
+        state = 'in-preamble';
+      } else {
+        output.push(line);
+      }
+    } else if (state === 'in-preamble') {
+      if (line === jobCommentedLine) {
+        state = 'in-job';
+        output.push(line.replace(/^(\s{2})# ?/, '$1'));
+      }
+    } else if (state === 'in-job') {
+      if (/^\s{2}#/.test(line)) {
+        output.push(line.replace(/^(\s{2})# ?/, '$1'));
+      } else {
+        state = 'after';
+        output.push(line);
+      }
+    } else {
+      output.push(line);
+    }
+  }
+
+  return output.join('\n');
+}
+
+function activateQaAgent(paPath) {
+  let content = fs.readFileSync(paPath, 'utf8');
+  content = uncommentYamlJob(content, '  # move-card-on-qa-pass:');
+
+  // Change STATUS_CODE_REVIEW_PR → STATUS_TESTING in move-card-on-pr-open only
+  const variantBIdx = content.indexOf('# 💡 VARIANT B');
+  if (variantBIdx !== -1) {
+    const before = content.slice(0, variantBIdx);
+    const after = content.slice(variantBIdx).replace('process.env.STATUS_CODE_REVIEW_PR', () => 'process.env.STATUS_TESTING');
+    content = before + after;
+  }
+
+  fs.writeFileSync(paPath, content, 'utf8');
+}
+
+function activateSentinel(paPath) {
+  let content = fs.readFileSync(paPath, 'utf8');
+  content = uncommentYamlJob(content, '  # move-violation-to-board:');
+  fs.writeFileSync(paPath, content, 'utf8');
+}
+
+function configureJules(atPath, handle, label) {
+  let content = fs.readFileSync(atPath, 'utf8');
+  const name = handle.replace('@', '');
+  content = content.replace(/\{\{IMPLEMENTATION_AGENT_NAME\}\}/g, () => name);
+  content = content.replace(/\{\{IMPLEMENTATION_AGENT_LABEL\}\}/g, () => label);
+  content = content.replace(/\{\{AGENT_HANDLE\}\}/g, () => handle);
+  fs.writeFileSync(atPath, content, 'utf8');
+}
+
+async function runUpdate() {
+  const contextPath = path.join(targetDir, '.agentic-pdlc', 'cli-context.json');
+  if (!fs.existsSync(contextPath)) {
+    console.error(`\n${red}${i18n.update_no_context}${reset}\n`);
+    rl.close();
+    process.exit(1);
+  }
+
+  const state = detectAgentState(targetDir);
+  const sep = '─'.repeat(55);
+
+  console.log(`\n${cyan}${sep}${reset}`);
+  console.log(`${cyan}  ${i18n.update_title}${reset}`);
+  console.log(`${cyan}${sep}${reset}\n`);
+
+  const julesSuffix = state.julesHandle ? ` (${state.julesHandle})` : '';
+  console.log(`  ${state.jules    ? green + '✅' : red + '❌'}  Jules${julesSuffix} — ${state.jules    ? t('configured','configurado','configurado') : t('not configured','não configurado','no configurado')}${reset}`);
+  console.log(`  ${state.qaAgent  ? green + '✅' : red + '❌'}  QA Agent — ${state.qaAgent  ? t('active (Variant B)','ativo (Variant B)','activo (Variant B)') : t('not active (Variant A)','não ativo (Variant A)','no activo (Variant A)')}${reset}`);
+  console.log(`  ${state.sentinel ? green + '✅' : red + '❌'}  Sentinel — ${state.sentinel ? t('active','ativo','activo') : t('not configured','não configurado','no configurado')}${reset}`);
+
+  if (state.jules && state.qaAgent && state.sentinel) {
+    console.log(`\n${green}${i18n.update_all_ok}${reset}\n`);
+    rl.close();
+    return;
+  }
+
+  console.log(`\n${cyan}${sep}${reset}`);
+  const configureAnswer = await askQuestion(i18n.update_ask_configure);
+  const shouldConfigure = !['n', 'no', 'não', 'nao'].includes(configureAnswer.trim().toLowerCase());
+
+  if (!shouldConfigure) {
+    console.log(`\n${i18n.update_skipped}\n`);
+    rl.close();
+    return;
+  }
+
+  const paPath = path.join(targetDir, '.github', 'workflows', 'project-automation.yml');
+  const atPath = path.join(targetDir, '.github', 'workflows', 'agent-trigger.yml');
+  const results = [];
+
+  if (!state.jules && fs.existsSync(atPath)) {
+    console.log(`\n${cyan}${i18n.update_jules_header}${reset}`);
+    const choice = (await askQuestion(i18n.update_jules_ask)).trim().toLowerCase();
+    if (choice === 'a' || choice === '') {
+      configureJules(atPath, '@google-labs-jules', 'jules');
+      results.push(t('✅  Jules configured (@google-labs-jules)', '✅  Jules configurado (@google-labs-jules)', '✅  Jules configurado (@google-labs-jules)'));
+    } else if (choice === 'b') {
+      const handle = (await askQuestion(i18n.update_jules_ask_handle)).trim();
+      configureJules(atPath, handle, handle.replace('@', '').toLowerCase());
+      results.push(t(`✅  Agent configured (${handle})`, `✅  Agente configurado (${handle})`, `✅  Agente configurado (${handle})`));
+    } else {
+      results.push(t('⏭  Jules — skipped', '⏭  Jules — pulado', '⏭  Jules — omitido'));
+    }
+  }
+
+  if (!state.qaAgent && fs.existsSync(paPath)) {
+    console.log(`\n${cyan}${i18n.update_qa_header}${reset}`);
+    const answer = (await askQuestion(i18n.update_qa_ask)).trim().toLowerCase();
+    if (!['n', 'no', 'não', 'nao'].includes(answer)) {
+      activateQaAgent(paPath);
+      results.push(t(
+        '✅  QA Agent configured — Variant B activated\n     Next: gh secret set GEMINI_API_KEY --body "<your-key>"',
+        '✅  QA Agent configurado — Variant B ativado\n     Próximo: gh secret set GEMINI_API_KEY --body "<sua-chave>"',
+        '✅  QA Agent configurado — Variant B activado\n     Siguiente: gh secret set GEMINI_API_KEY --body "<tu-clave>"'
+      ));
+    } else {
+      results.push(t('⏭  QA Agent — skipped', '⏭  QA Agent — pulado', '⏭  QA Agent — omitido'));
+    }
+  }
+
+  if (!state.sentinel && fs.existsSync(paPath)) {
+    console.log(`\n${cyan}${i18n.update_sentinel_header}${reset}`);
+    const answer = (await askQuestion(i18n.update_sentinel_ask)).trim().toLowerCase();
+    if (!['n', 'no', 'não', 'nao'].includes(answer)) {
+      activateSentinel(paPath);
+      results.push(t('✅  Sentinel configured', '✅  Sentinel configurado', '✅  Sentinel configurado'));
+    } else {
+      results.push(t('⏭  Sentinel — skipped', '⏭  Sentinel — pulado', '⏭  Sentinel — omitido'));
+    }
+  }
+
+  console.log(`\n${cyan}${sep}${reset}`);
+  for (const r of results) console.log(`  ${r}`);
+  console.log(`${cyan}${sep}${reset}\n`);
+
+  rl.close();
+}
+
+// ─── Entry point ──────────────────────────────────────────────────────────────
+
+const args = process.argv.slice(2);
+if (args.includes('--update')) {
+  runUpdate().catch(err => { console.error(err.message); rl.close(); process.exit(1); });
+} else {
+  runSetup().catch(err => { console.error(err.message); rl.close(); process.exit(1); });
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-agentic-pdlc",
-  "version": "2.1.3",
+  "version": "2.1.5",
   "description": "Agentic PDLC Framework - Conversational setup for your AI coding assistants",
   "type": "commonjs",
   "bin": {

package/templates/.github/workflows/project-automation.yml

@@ -2,7 +2,7 @@ name: PDLC Board Automation
 
 on:
   pull_request:
-    types: [opened, reopened, closed]
+    types: [opened, reopened, closed, labeled]
   pull_request_review:
     types: [submitted]
   issues:
@@ -189,6 +189,52 @@ jobs:
             try { await github.rest.issues.removeLabel({ owner, repo, issue_number: prNumber, name: 'pr:in-review' }); } catch {}
             await github.rest.issues.addLabels({ owner, repo, issue_number: prNumber, labels: ['pr:approved'] }).catch(() => {});
 
+  # OPTIONAL: Uncomment for Variant B (QA Agent enabled)
+  # When qa:approved is added to a PR, move linked issue to Code Review / PR
+  # move-card-on-qa-pass:
+  #   name: qa:approved → Code Review / PR
+  #   if: github.event_name == 'pull_request' && github.event.action == 'labeled' && github.event.label.name == 'qa:approved'
+  #   runs-on: ubuntu-latest
+  #   env:
+  #     PROJECT_PAT: ${{ secrets.PROJECT_PAT }}
+  #   steps:
+  #     - name: Move linked issue to Code Review / PR
+  #       if: ${{ env.PROJECT_PAT != '' && env.PROJECT_ID != '{{PROJECT_ID}}' }}
+  #       uses: actions/github-script@v7
+  #       with:
+  #         github-token: ${{ env.PROJECT_PAT }}
+  #         script: |
+  #           const prNumber = context.payload.pull_request.number;
+  #           const { owner, repo } = context.repo;
+  #           const { data: pr } = await github.rest.pulls.get({ owner, repo, pull_number: prNumber });
+  #           const body = pr.body ?? '';
+  #           const linkedIssues = [...body.matchAll(/(?:Closes?|Fixes?|Resolves?)\s+#(\d+)/gi)].map(m => parseInt(m[1]));
+  #           const moveItem = async (nodeId) => {
+  #             const { addProjectV2ItemById: { item } } = await github.graphql(`
+  #               mutation($p: ID!, $c: ID!) {
+  #                 addProjectV2ItemById(input: {projectId: $p, contentId: $c}) { item { id } }
+  #               }`, { p: process.env.PROJECT_ID, c: nodeId });
+  #             await github.graphql(`
+  #               mutation($p: ID!, $i: ID!, $f: ID!, $v: ProjectV2FieldValue!) {
+  #                 updateProjectV2ItemFieldValue(input: {projectId: $p, itemId: $i, fieldId: $f, value: $v}) {
+  #                   projectV2Item { id }
+  #                 }
+  #               }`, {
+  #                 p: process.env.PROJECT_ID, i: item.id, f: process.env.STATUS_FIELD_ID,
+  #                 v: { singleSelectOptionId: process.env.STATUS_CODE_REVIEW_PR }
+  #               });
+  #           };
+  #           if (linkedIssues.length > 0) {
+  #             for (const n of linkedIssues) {
+  #               const { data: issue } = await github.rest.issues.get({ owner, repo, issue_number: n });
+  #               await moveItem(issue.node_id);
+  #               console.log(`Issue #${n} → Code Review / PR`);
+  #             }
+  #           } else {
+  #             await moveItem(pr.node_id);
+  #             console.log(`PR #${prNumber} → Code Review / PR (no linked issue)`);
+  #           }
+
   # PR Merged → Production
   move-card-on-pr-merge:
     name: Merged PR → Production

package/templates/.github/workflows/qa-agent.yml

@@ -6,22 +6,73 @@ on:
 permissions:
   pull-requests: write
   contents: read
+  issues: read
 
 jobs:
   qa:
-    name: Run AI QA Agent
+    name: AC Coverage Verification (Gemini)
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - name: Execute QA Tests
-        run: |
-          echo "Run your QA Agent here."
-          echo "This could be QAWolf, a custom LLM script, or a secondary agent."
-          echo "If tests pass: gh pr edit $PR_URL --add-label 'qa:pass'"
-          echo "If tests fail: gh pr edit $PR_URL --add-label 'qa:fail'"
-          
-          # Example success:
-          # gh pr edit ${{ github.event.pull_request.html_url }} --add-label "qa:pass"
+        with:
+          fetch-depth: 0
+
+      - name: Verify AC Coverage via Gemini
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          PR_URL: ${{ github.event.pull_request.html_url }}
+          GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
+        run: |
+          set -e
+
+          PR_NUMBER="${{ github.event.pull_request.number }}"
+          BASE="${{ github.event.pull_request.base.sha }}"
+          HEAD="${{ github.event.pull_request.head.sha }}"
+
+          # Get PR diff (truncated to 8000 chars to stay within context limits)
+          DIFF=$(git diff "$BASE" "$HEAD" | head -c 8000)
+
+          # Extract linked issues from PR body
+          PR_BODY=$(gh pr view "$PR_NUMBER" --json body --jq '.body // ""')
+          ISSUE_NUMS=$(echo "$PR_BODY" | grep -oiE '(Closes?|Fixes?|Resolves?)\s+#([0-9]+)' | grep -oE '[0-9]+' || true)
+
+          # Build acceptance criteria context
+          AC_CONTEXT=""
+          if [ -n "$ISSUE_NUMS" ]; then
+            for NUM in $ISSUE_NUMS; do
+              ISSUE_BODY=$(gh issue view "$NUM" --json body --jq '.body // ""' 2>/dev/null || echo "")
+              AC_CONTEXT="${AC_CONTEXT}\\n\\n--- Issue #${NUM} ---\\n${ISSUE_BODY}"
+            done
+          fi
+
+          if [ -z "$AC_CONTEXT" ]; then
+            AC_CONTEXT="No linked issue found. Evaluate if the PR description is self-contained."
+          fi
+
+          # Serialize prompt as JSON string and call Gemini API (30s timeout)
+          PROMPT_JSON=$(printf '%s' "You are a senior QA engineer. Review whether this PR diff satisfies the Acceptance Criteria below.\n\nACCEPTANCE CRITERIA:\n${AC_CONTEXT}\n\nPR DIFF:\n${DIFF}\n\nRespond with exactly one word: PASS or FAIL, then on the next line explain briefly why (max 3 sentences)." | python3 -c 'import json,sys; print(json.dumps(sys.stdin.read()))')
+
+          RESPONSE=$(curl -s -X POST \
+            "https://generativelanguage.googleapis.com/v1beta/models/gemini-2.0-flash:generateContent?key=${GEMINI_API_KEY}" \
+            -H "Content-Type: application/json" \
+            -d "{\"contents\":[{\"parts\":[{\"text\":${PROMPT_JSON}}]}]}" \
+            --max-time 30 || echo "API_ERROR")
+
+          if [ "$RESPONSE" = "API_ERROR" ]; then
+            gh pr edit "$PR_NUMBER" --add-label "infra:qa-broken"
+            gh pr comment "$PR_NUMBER" --body "🤖 **QA Agent:** Could not reach Gemini API. Manual review required."
+            exit 0
+          fi
+
+          VERDICT=$(echo "$RESPONSE" | python3 -c 'import json,sys; d=json.load(sys.stdin); t=d.get("candidates",[{}])[0].get("content",{}).get("parts",[{}])[0].get("text","").strip(); print(t.split("\n")[0].upper() if t else "API_ERROR")')
+          EXPLANATION=$(echo "$RESPONSE" | python3 -c 'import json,sys; d=json.load(sys.stdin); t=d.get("candidates",[{}])[0].get("content",{}).get("parts",[{}])[0].get("text","").strip(); lines=t.split("\n",1); print(lines[1].strip() if len(lines)>1 else "")')
+
+          if echo "$VERDICT" | grep -q "^PASS"; then
+            gh pr edit "$PR_NUMBER" --add-label "qa:approved"
+            gh pr comment "$PR_NUMBER" --body "🤖 **QA Agent:** AC coverage verified. ${EXPLANATION}"
+          elif echo "$VERDICT" | grep -q "^FAIL"; then
+            gh pr edit "$PR_NUMBER" --add-label "qa:needs-work"
+            gh pr comment "$PR_NUMBER" --body "🤖 **QA Agent:** AC coverage insufficient. ${EXPLANATION}"
+          else
+            gh pr edit "$PR_NUMBER" --add-label "infra:qa-broken"
+            gh pr comment "$PR_NUMBER" --body "🤖 **QA Agent:** Could not parse Gemini response. Manual review required."
+          fi

package/templates/AGENTS.md

@@ -70,6 +70,7 @@ When detailing a solution in an issue body, you must **always** include both the
 - Never open a PR without passing the tests.
 - Never implement beyond the immediate scope of the issue.
 - Never create future-proofing abstractions for hypothetical features.
+- Never add or remove `stage:*` or `qa:*` labels manually. These are owned by GitHub Actions automation and the PM only.
 {{EXTRA_DONT}}
 
 ## Project Standards

package/templates/docs/pdlc.md

@@ -22,7 +22,7 @@ Adapt columns as needed. The functional baseline is:
 ## Workflow Variants (QA Agent)
 
 - **Variant A (Default):** PRs bypass the `Testing` column and land directly in `Code Review / PR`.
-- **Variant B (QA Agent Enabled):** PRs land in the `Testing` column first. An AI QA agent verifies the PR, adding `qa:pass` or `qa:fail`. Only after a `qa:pass` is the issue moved to `Code Review / PR`.
+- **Variant B (QA Agent Enabled):** PRs land in the `Testing` column first. An AI QA agent verifies the PR, adding `qa:approved` or `qa:needs-work`. Only after a `qa:approved` is the issue moved to `Code Review / PR`.
 
 ## Board Identifiers (GitHub Projects)
 
@@ -77,6 +77,9 @@ REPO         = {{REPO_OWNER}}/{{REPO_NAME}}
 | `spec:approved` | Issue | Green | Gate 2 — agent is cleared to implement |
 | `pr:in-review` | PR | Yellow | Awaiting code review |
 | `pr:approved` | PR | Green | Code review approved |
+| `qa:approved` | PR | Green | QA Agent passed — AC coverage verified |
+| `qa:needs-work` | PR | Red | QA Agent failed — PR needs changes |
+| `infra:qa-broken` | PR | Orange | QA Agent error — manual review required |
 
 ## Approval Gates