create-agentic-pdlc 2.3.0 → 2.4.0

package/templates/.github/workflows/qa-agent.yml

@@ -14,9 +14,9 @@ jobs:
     name: AC Coverage Verification (GitHub Models)
     runs-on: ubuntu-latest
     env:
-      PROJECT_PAT: ${{ secrets.PROJECT_PAT }}
+      PROJECT_TOKEN: ${{ secrets.PROJECT_TOKEN }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5.0.1
         with:
           fetch-depth: 0
 
@@ -31,7 +31,7 @@ jobs:
           HEAD="${{ github.event.pull_request.head.sha }}"
 
           # Get PR diff (truncated to 8000 chars to stay within context limits)
-          DIFF=$(git diff "$BASE" "$HEAD" | head -c 64000)
+          DIFF=$(git diff "$BASE" "$HEAD" | head -c 8000)
 
           # Extract linked issues from PR body
           PR_BODY=$(gh pr view "$PR_NUMBER" --json body --jq '.body // ""')
@@ -51,31 +51,45 @@ jobs:
           fi
 
           # Serialize prompt as JSON string and call GitHub Models API (30s timeout)
-          PROMPT_JSON=$(printf '%s' "You are a senior QA engineer. Review whether this PR diff satisfies the Acceptance Criteria below.\n\nACCEPTANCE CRITERIA:\n${AC_CONTEXT}\n\nPR DIFF:\n${DIFF}\n\nFirst line of your response must be exactly one word: PASS or FAIL. Second line: brief explanation (max 3 sentences)." | python3 -c 'import json,sys; print(json.dumps(sys.stdin.read()))')
+          PROMPT_JSON=$(printf '%s' "You are an adversarial product tester. Your mission is to find what the Acceptance Criteria do NOT cover — undefined edge cases, ambiguous states, missing user scenarios. Do NOT review code quality, file structure, or technical consistency.\n\nACCEPTANCE CRITERIA:\n${AC_CONTEXT}\n\nPR DIFF:\n${DIFF}\n\nRespond in exactly 3 lines (do NOT wrap your response in markdown code blocks or any other formatting):\nLine 1: PASS or FAIL (PASS if the PR diff fully satisfies the stated Acceptance Criteria, FAIL if it falls short of covering them)\nLine 2: Gaps: [one-line summary of AC gaps found, or \"none\"]\nLine 3: Not covered: [AC refs where diff falls short, or \"all covered\"]" | python3 -c 'import json,sys; print(json.dumps(sys.stdin.read()))')
 
-          RESPONSE=$(curl -sf -X POST \
-            "https://models.github.ai/inference/chat/completions" \
-            -H "Authorization: Bearer ${GITHUB_TOKEN}" \
-            -H "Content-Type: application/json" \
-            -d "{\"model\":\"gpt-4o-mini\",\"messages\":[{\"role\":\"user\",\"content\":${PROMPT_JSON}}]}" \
-            --max-time 30 || echo "API_ERROR")
+          RESPONSE="API_ERROR"
+          for attempt in 1 2 3; do
+            RESULT=$(curl -s -X POST \
+              "https://models.github.ai/inference/chat/completions" \
+              -H "Authorization: Bearer ${GITHUB_TOKEN}" \
+              -H "Content-Type: application/json" \
+              -d "{\"model\":\"gpt-4o-mini\",\"messages\":[{\"role\":\"user\",\"content\":${PROMPT_JSON}}]}" \
+              -w "\n__HTTP_STATUS__:%{http_code}" \
+              --max-time 45 2>/dev/null)
+            HTTP_STATUS=$(echo "$RESULT" | grep -o '__HTTP_STATUS__:[0-9]*' | cut -d: -f2)
+            BODY=$(echo "$RESULT" | sed 's/__HTTP_STATUS__:[0-9]*$//')
+            echo "Attempt $attempt: HTTP $HTTP_STATUS"
+            if [ "$HTTP_STATUS" = "200" ]; then RESPONSE="$BODY"; break; fi
+            [ $attempt -lt 3 ] && sleep 20
+          done
 
           if [ "$RESPONSE" = "API_ERROR" ]; then
-            GH_TOKEN="$PROJECT_PAT" gh api "repos/${GITHUB_REPOSITORY}/issues/${PR_NUMBER}/labels" --method POST -f 'labels[]=infra:qa-broken'
+            GH_TOKEN="$PROJECT_TOKEN" gh api "repos/${GITHUB_REPOSITORY}/issues/${PR_NUMBER}/labels" --method POST -f 'labels[]=infra:qa-broken'
             gh pr comment "$PR_NUMBER" --body "🤖 **QA Agent:** Could not reach GitHub Models API. Manual review required."
-            exit 0
+            exit 1
           fi
 
-          VERDICT=$(echo "$RESPONSE" | python3 -c 'import json,sys,re; d=json.load(sys.stdin); t=d.get("choices",[{}])[0].get("message",{}).get("content","").strip(); first=t.split("\n")[0].upper() if t else ""; print("FAIL" if re.search(r"\bFAIL\b",first) else "PASS" if re.search(r"\bPASS\b",first) else "API_ERROR")')
+          VERDICT=$(echo "$RESPONSE" | python3 -c 'import json,sys,re; d=json.load(sys.stdin); t=d.get("choices",[{}])[0].get("message",{}).get("content","").strip(); lines=[l for l in t.split("\n") if not l.strip().startswith("```")]; first=lines[0].upper() if lines else ""; print("FAIL" if re.search(r"\bFAIL\b",first) else "PASS" if re.search(r"\bPASS\b",first) else "API_ERROR")')
           EXPLANATION=$(echo "$RESPONSE" | python3 -c 'import json,sys; d=json.load(sys.stdin); t=d.get("choices",[{}])[0].get("message",{}).get("content","").strip(); lines=t.split("\n",1); print(lines[1].strip() if len(lines)>1 else "")')
 
           if echo "$VERDICT" | grep -q "^PASS"; then
-            GH_TOKEN="$PROJECT_PAT" gh api "repos/${GITHUB_REPOSITORY}/issues/${PR_NUMBER}/labels" --method POST -f 'labels[]=qa:approved'
-            gh pr comment "$PR_NUMBER" --body "🤖 **QA Agent:** AC coverage verified. ${EXPLANATION}"
+            GH_TOKEN="$PROJECT_TOKEN" gh api "repos/${GITHUB_REPOSITORY}/issues/${PR_NUMBER}/labels" --method POST -f 'labels[]=qa:approved'
+            gh pr comment "$PR_NUMBER" --body "🤖 **QA Agent:** PASS
+
+${EXPLANATION}"
           elif echo "$VERDICT" | grep -q "^FAIL"; then
-            GH_TOKEN="$PROJECT_PAT" gh api "repos/${GITHUB_REPOSITORY}/issues/${PR_NUMBER}/labels" --method POST -f 'labels[]=qa:needs-work'
-            gh pr comment "$PR_NUMBER" --body "🤖 **QA Agent:** AC coverage insufficient. ${EXPLANATION}"
+            GH_TOKEN="$PROJECT_TOKEN" gh api "repos/${GITHUB_REPOSITORY}/issues/${PR_NUMBER}/labels" --method POST -f 'labels[]=qa:needs-work'
+            gh pr comment "$PR_NUMBER" --body "🤖 **QA Agent:** FAIL
+
+${EXPLANATION}"
           else
-            GH_TOKEN="$PROJECT_PAT" gh api "repos/${GITHUB_REPOSITORY}/issues/${PR_NUMBER}/labels" --method POST -f 'labels[]=infra:qa-broken'
+            GH_TOKEN="$PROJECT_TOKEN" gh api "repos/${GITHUB_REPOSITORY}/issues/${PR_NUMBER}/labels" --method POST -f 'labels[]=infra:qa-broken'
             gh pr comment "$PR_NUMBER" --body "🤖 **QA Agent:** Could not parse GitHub Models response. Manual review required."
+            exit 1
           fi

package/templates/.github/workflows/qa-gate.yml

@@ -0,0 +1,51 @@
+name: QA Gate
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened, labeled, unlabeled]
+
+permissions:
+  pull-requests: read
+
+jobs:
+  qa-gate:
+    name: QA Gate
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check QA status label
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          set -e
+          PR_NUMBER="${{ github.event.pull_request.number }}"
+          REPO="${{ github.repository }}"
+
+          PR_LABELS=$(gh pr view "$PR_NUMBER" --repo "$REPO" --json labels --jq '.labels[].name')
+
+          if echo "$PR_LABELS" | grep -qx "hotfix"; then
+            echo "✅ QA Gate: hotfix label — bypassed."
+            exit 0
+          fi
+
+          if echo "$PR_LABELS" | grep -qx "human-approved"; then
+            echo "✅ QA Gate: human-approved label — manual QA sign-off, bypassed."
+            exit 0
+          fi
+
+          if echo "$PR_LABELS" | grep -qx "qa:approved"; then
+            echo "✅ QA Gate: qa:approved — merge allowed."
+            exit 0
+          fi
+
+          if echo "$PR_LABELS" | grep -qx "infra:qa-broken"; then
+            echo "❌ QA Gate: infra:qa-broken — GitHub Models API unreachable. Manual QA review required before merge."
+            exit 1
+          fi
+
+          if echo "$PR_LABELS" | grep -qx "qa:needs-work"; then
+            echo "❌ QA Gate: qa:needs-work — acceptance criteria not fully met. Fix required before merge."
+            exit 1
+          fi
+
+          echo "❌ QA Gate: no QA label found — AC Coverage Verification has not completed. Wait for the check to finish."
+          exit 1

package/templates/AGENTS.md

@@ -30,38 +30,56 @@ Always start from the current `main` HEAD. Never work over stale snapshots.
 ## Mandatory Workflow
 
 0. **Identity**: Always prefix your GitHub comments with `🤖 **Agent:** ` to distinguish yourself.
-1. **Initial State**: When beginning work on a new issue, your very first action must be to apply the `stage:brainstorming` label using the GitHub CLI (`gh issue edit <N> --add-label "stage:brainstorming"`).
-2. Read the issue entirely — understand its type (US/BUG/TASK/SPIKE) and the Acceptance Criteria.
-3. Read `docs/pdlc.md` — understand the PDLC and the Definition of Done in this project.
-4. Read all files mentioned in the issue's technical context.
-5. Implement the **minimum viable change** that satisfies the ACs — do not refactor beyond scope.
-6. Run tests: `{{TEST_COMMAND}}`
-7. Run typecheck (if applicable): `{{TYPECHECK_COMMAND}}`
-8. Create a Pull Request with `Closes #N` in the body — automation moves the board.
+1. **Stage Check**: Before applying any label or taking any action, run `gh issue view <N> --json labels,title` to determine the issue's current stage. State: *"Issue #N — [title] — is currently at `<stage>`. Requesting confirmation to advance to `<next>`."* Wait for an explicit stage-advancement signal in this conversation turn. A prioritization signal ("work on X", "tackle X next") does **not** count as confirmation — only an explicit signal counts (e.g. "start brainstorming", "yes advance", "go"). **Exceptions — skip this step and proceed directly**:
+   - `spec:approved` → begin implementation (gate already passed)
+   - `stage:development` or `stage:testing` → issue is owned by automation; do not intervene unless explicitly asked to fix a specific problem
+   - `stage:approval` → spec already written; wait for PM to add `spec:approved` before doing anything
+2. **Initial State**: Apply the `stage:brainstorming` label using the GitHub CLI (`gh issue edit <N> --add-label "stage:brainstorming"`). **Exception — pre-spec'd issue**: if the issue body already contains all required spec sections (`## Problem`, `## Solution`, `## Acceptance Criteria`, `## Edge Cases`, `## Out of Scope`, `## Files to Modify`) — all present and non-empty — apply `stage:approval` directly in a single call instead, skipping `stage:brainstorming` and `stage:detailing`.
+3. Read the issue entirely — understand its type (US/BUG/TASK/SPIKE) and the Acceptance Criteria.
+4. Read `docs/pdlc.md` — understand the PDLC and the Definition of Done in this project.
+5. Read all files mentioned in the issue's technical context.
+6. Implement the **minimum viable change** that satisfies the ACs — do not refactor beyond scope.
+7. Run tests: `{{TEST_COMMAND}}`
+8. Run typecheck (if applicable): `{{TYPECHECK_COMMAND}}`
+9. Create a Pull Request with `Closes #N` in the body — automation moves the board.
 
-### Spec format (Upstream Agents)
+## Spec Format
 
-When detailing a solution in an issue body, you must **always** include both the user story and the acceptance criteria. Never append only the ACs to an existing text; rewrite the full issue body in this standard format:
+When writing or rewriting an issue body during detailing, include ALL sections below. Omitting any section blocks `stage:approval`.
+
+**Destination: the issue body.** Write spec content to the issue body using `gh issue edit <N> --body "..."` — not to a file. A file is acceptable as optional reference only. Automation checks the issue body for `## Acceptance Criteria` and `## Files to Modify` to advance the stage; content that exists only in a file is invisible to it.
 
 ```
-**As** [user],
-**I want** [action],
-**so that** [benefit].
+## Problem
+[1-3 sentences. What fails. Who affected. Measured impact.]
+
+## Sprint Goal / Success Metrics
+| Metric | Baseline | Target | When |
+|--------|----------|--------|------|
 
----
+## Solution
+[Behavioral description of what is built. No implementation details.]
 
 ## Acceptance Criteria
+**AC1 — [name]**
+- Given [precondition]
+- When [action]
+- Then [outcome]
+
+## Edge Cases
+- EC1: [condition] → [expected behavior]
 
-**AC1 — ...**
-- Given ...
-- When ...
-- Then ...
+## Out of Scope
+- [item] — reason
 
-**AC2 — ...**
-...
+## Non-Functional Requirements
+- Performance: [metric with number]
+- Security: [constraint]
+- Reliability: [constraint]
+> For pure docs/markdown issues with zero runtime behavior, include the NFRs section and state "N/A".
 
-## Files to modify
-- `path/to/file.ts` — what changes
+## Files to Modify
+- `path/to/file` — what changes
 ```
 
 ## Stage Transition Rules (non-negotiable)
@@ -74,14 +92,24 @@ MUST NOT add `stage:detailing` label until the user has explicitly selected
 an approach in the current conversation turn. Work done in a prior
 planning session does NOT count as confirmation.
 
-MUST NOT add `spec:approved`, `stage:development`, or manually add
-`stage:approval` — these represent final human approval or the result of it.
-`stage:approval` is only set by system automation after you provide a complete
-spec for human review. Adding them manually triggers irreversible automation
-(Jules dispatch, board move).
+MUST NOT add `spec:approved` or `stage:development` — these represent final
+human approval or automation output. Adding them manually triggers irreversible
+automation (Jules dispatch, board move).
+
+MUST NOT manually add `stage:approval` except via the pre-spec'd exception
+below. In the standard flow, `stage:approval` is set after you write a complete
+spec and the user confirms; it is not applied before the spec exists.
 
 Each stage transition requires a fresh explicit signal from the user in the same
-session where the transition happens. These rules have no exceptions.
+session where the transition happens. The pre-spec'd exception is the only
+deviation from this rule.
+
+**Pre-spec'd exception**: if the issue body already contains all required spec
+sections (`## Problem`, `## Solution`, `## Acceptance Criteria`, `## Edge Cases`,
+`## Out of Scope`, `## Files to Modify`) — all present and non-empty — apply
+`stage:approval` directly in a single `gh issue edit` call, skipping
+`stage:brainstorming` and `stage:detailing`. One label event eliminates the
+race condition that causes the project board to land on the wrong column.
 
 ## Pipeline Updates
 
@@ -103,7 +131,7 @@ Run this when the user says anything like "update the pipeline", "update the boa
   - `spec:approved`: triggers Jules dispatch + board move to Development.
   - `qa:approved`: triggers board move to Code Review.
   - `qa:needs-work`: signals the PR requires changes and halts the flow.
-- Never add or remove stage:* labels manually, except for stage:brainstorming as the initial label when starting work. All other stage transitions are owned by GitHub Actions automation and the PM.
+- Never add or remove stage:* labels manually, except: `stage:brainstorming` as the initial label when starting work, or `stage:approval` directly when applying the pre-spec'd exception. All other stage transitions are owned by GitHub Actions automation and the PM.
 {{EXTRA_DONT}}
 
 ## Project Standards

package/templates/docs/pdlc.md

@@ -58,7 +58,7 @@ REPO         = {{REPO_OWNER}}/{{REPO_NAME}}
 ```
 [icon] [PREFIX]: [short description, imperative tense]
 
-👤 US:     user story
+✨ feat:   new feature or behavioral change
 🐛 BUG:    bug
 🔧 TASK:   operational task
 🔬 SPIKE:  exploration/evaluation spike
@@ -77,7 +77,7 @@ REPO         = {{REPO_OWNER}}/{{REPO_NAME}}
 | `qa:approved` | PR | Green | QA Agent passed — AC coverage verified |
 | `qa:needs-work` | PR | Red | QA Agent failed — PR needs changes |
 | `infra:qa-broken` | PR | Orange | QA Agent error — manual review required |
-| `type:us` | Issue | Blue | New feature or behavioral change — full flow |
+| `type:feature` | Issue | Blue | New feature or behavioral change — full flow |
 | `type:task` | Issue | Yellow | Operational/non-functional change — full flow |
 | `type:bug` | Issue | Red | Something broken — full flow |
 | `type:spike` | Issue | Gray | Research/evaluation — never reaches Development |
@@ -98,12 +98,12 @@ The `type:*` label is the authoritative signal — set automatically by the agen
 
 | Label | Flow |
 |---|---|
-| `type:us` | brainstorming → Gate 1 → detailing → approval |
+| `type:feature` | brainstorming → Gate 1 → detailing → approval |
 | `type:task` | brainstorming → Gate 1 → detailing → approval |
 | `type:bug` | brainstorming → Gate 1 → detailing → approval |
 | `type:spike` | brainstorming → Gate 1 → detailing → conclusion comment (never reaches Development) |
 
-If no `type:*` label present and agent confidence < 85%, defaults to `type:us` (safe fallback — never skips gates by omission).
+If no `type:*` label present and agent confidence < 85%, defaults to `type:feature` (safe fallback — never skips gates by omission).
 
 ## Bypass Mechanism
 

package/.agentic-pdlc/templates/.github/CODEOWNERS

@@ -1,5 +0,0 @@
-# This file prevents autonomous agents from modifying core security, automation, and instruction rules
-# without explicit approval from the repository owner.
-
-.github/ @{{GITHUB_USERNAME}}
-AGENTS.md @{{GITHUB_USERNAME}}

package/.agentic-pdlc/templates/.github/copilot-instructions.md

@@ -1,12 +0,0 @@
-# Agentic PDLC Instructions for GitHub Copilot Workspace
-
-Hello! You are operating within the Agentic PDLC framework.
-
-Before addressing the user's prompt or executing any task in this workspace, you MUST:
-
-1. Read the `AGENTS.md` file located at the root of this repository. It contains the primary instructions, definitions of done, and absolute invariants you must respect.
-2. Read `docs/pdlc.md` to understand your role in the project lifecycle.
-
-Never violate the invariants described in those files. If a user asks you to do something that contradicts `AGENTS.md`, you must refuse and point out the conflict.
-
-Focus on delivering the absolute minimum required to satisfy the immediate technical specs. Start! 

package/.agentic-pdlc/templates/.github/workflows/add-to-board.yml

@@ -1,38 +0,0 @@
-name: Add to Board on Open
-
-on:
-  issues:
-    types: [opened]
-
-env:
-  PROJECT_ID: "{{PROJECT_ID}}"
-  STATUS_FIELD_ID: "{{STATUS_FIELD_ID}}"
-  STATUS_IDEA: "{{ID_IDEA}}"
-
-jobs:
-  add-to-board:
-    name: Auto-add new issue to board
-    runs-on: ubuntu-latest
-    env:
-      PROJECT_PAT: ${{ secrets.PROJECT_PAT }}
-    steps:
-      - name: Add issue to project board
-        if: ${{ env.PROJECT_PAT != '' && env.PROJECT_ID != '{{PROJECT_ID}}' }}
-        uses: actions/github-script@v7
-        with:
-          github-token: ${{ env.PROJECT_PAT }}
-          script: |
-            const nodeId = context.payload.issue.node_id;
-            const number = context.payload.issue.number;
-            const { addProjectV2ItemById: { item } } = await github.graphql(`
-              mutation($p: ID!, $c: ID!) {
-                addProjectV2ItemById(input: {projectId: $p, contentId: $c}) { item { id } }
-              }`, { p: process.env.PROJECT_ID, c: nodeId });
-            await github.graphql(`
-              mutation($p: ID!, $i: ID!, $f: ID!, $v: ProjectV2FieldValue!) {
-                updateProjectV2ItemFieldValue(input: {projectId: $p, itemId: $i, fieldId: $f, value: $v}) {
-                  projectV2Item { id }
-                }
-              }`, { p: process.env.PROJECT_ID, i: item.id, f: process.env.STATUS_FIELD_ID,
-                   v: { singleSelectOptionId: process.env.STATUS_IDEA } });
-            console.log(`Issue #${number} added to board → Idea`);

package/.agentic-pdlc/templates/.github/workflows/agent-trigger.yml

@@ -1,146 +0,0 @@
-name: Trigger Implementation Agent
-
-# Triggers when spec:approved is added to an issue (Gate 2)
-# or when an architecture-violation issue is modified (Sentinel flow)
-on:
-  issues:
-    types: [labeled]
-
-jobs:
-  trigger-implementation-agent:
-    name: Trigger {{IMPLEMENTATION_AGENT_NAME}} for implementation
-    # Runs only when spec:approved is added
-    if: github.event.label.name == 'spec:approved'
-    runs-on: ubuntu-latest
-    permissions:
-      issues: write
-      pull-requests: write
-      contents: read
-    env:
-      PROJECT_PAT: ${{ secrets.PROJECT_PAT }}
-      PROJECT_ID: "{{PROJECT_ID}}"
-      STATUS_FIELD_ID: "{{STATUS_FIELD_ID}}"
-      STATUS_DEVELOPMENT: "{{ID_DEVELOPMENT}}"
-    steps:
-      - name: Update Labels
-        uses: actions/github-script@v7
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          script: |
-            const { owner, repo } = context.repo;
-            const issue_number = context.payload.issue.number;
-
-            try {
-              await github.rest.issues.removeLabel({
-                owner,
-                repo,
-                issue_number,
-                name: 'stage:approval'
-              });
-            } catch (error) {
-              console.log('Label stage:approval not found or could not be removed');
-            }
-
-            const agentLabel = '{{IMPLEMENTATION_AGENT_LABEL}}';
-            const labelsToAdd = ['stage:development'];
-            if (!agentLabel.includes('{{')) labelsToAdd.push(agentLabel, 'agent:working');
-
-            await github.rest.issues.addLabels({
-              owner,
-              repo,
-              issue_number,
-              labels: labelsToAdd
-            });
-
-      - name: Move board card to Development
-        if: ${{ env.PROJECT_PAT != '' && env.PROJECT_ID != '{{PROJECT_ID}}' }}
-        continue-on-error: true
-        uses: actions/github-script@v7
-        with:
-          github-token: ${{ env.PROJECT_PAT }}
-          script: |
-            const nodeId = context.payload.issue.node_id;
-            const number = context.payload.issue.number;
-            const { addProjectV2ItemById: { item } } = await github.graphql(`
-              mutation($p: ID!, $c: ID!) {
-                addProjectV2ItemById(input: {projectId: $p, contentId: $c}) { item { id } }
-              }`, { p: process.env.PROJECT_ID, c: nodeId });
-            await github.graphql(`
-              mutation($p: ID!, $i: ID!, $f: ID!, $v: ProjectV2FieldValue!) {
-                updateProjectV2ItemFieldValue(input: {projectId: $p, itemId: $i, fieldId: $f, value: $v}) {
-                  projectV2Item { id }
-                }
-              }`, { p: process.env.PROJECT_ID, i: item.id, f: process.env.STATUS_FIELD_ID,
-                   v: { singleSelectOptionId: process.env.STATUS_DEVELOPMENT } });
-            console.log(`Issue #${number} → Development`);
-
-      - name: Comment on issue to trigger agent and prevent race conditions
-        if: ${{ !contains('{{IMPLEMENTATION_AGENT_LABEL}}', '{{') && vars.JULES_ENABLED == 'true' }}
-        uses: actions/github-script@v7
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          script: |
-            const issueNumber = context.payload.issue.number;
-            const issueTitle = context.payload.issue.title;
-
-            const body = [
-              `🤖 **Agentic PDLC Orchestrator:** I have dispatched the implementation agent. Please wait for the Pull Request and avoid making concurrent commits on this task to prevent race conditions.`,
-              '',
-              `{{AGENT_HANDLE}} The spec for this issue has been approved. Please implement it exactly as described in the body above.`,
-              '',
-              '**Mandatory steps before you begin:**',
-              '1. `git fetch origin && git checkout main && git pull` — always start from the current HEAD',
-              '2. Read `AGENTS.md` — mandatory rules for agents in this repository',
-              '3. Read `docs/pdlc.md` — Definition of Done and invariants reference',
-              '',
-              '**Rules:**',
-              '- Implement strictly what the Acceptance Criteria describes',
-              '- Run `{{TEST_COMMAND}}` before opening the Pull Request',
-              `- Include \`Closes #${issueNumber}\` in the PR body`,
-              '- Create a descriptive branch branching from `main`',
-            ].join('\n');
-
-            await github.rest.issues.createComment({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: issueNumber,
-              body,
-            });
-
-  trigger-agent-on-violation:
-    name: Trigger {{IMPLEMENTATION_AGENT_NAME}} for architecture violation
-    # Runs when architecture-violation is added (Sentinel flow)
-    if: github.event.label.name == 'architecture-violation'
-    runs-on: ubuntu-latest
-    permissions:
-      issues: write
-      pull-requests: write
-      contents: read
-    steps:
-      - name: Comment on issue to trigger agent
-        if: ${{ !contains('{{IMPLEMENTATION_AGENT_LABEL}}', '{{') && vars.JULES_ENABLED == 'true' }}
-        uses: actions/github-script@v7
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          script: |
-            const issueNumber = context.payload.issue.number;
-
-            const body = [
-              `{{AGENT_HANDLE}} Please fix the architecture violation described in this issue.`,
-              '',
-              '**Mandatory steps before you begin:**',
-              '1. `git fetch origin && git checkout main && git pull` — always start from the current HEAD',
-              '2. Read `AGENTS.md` — mandatory rules for agents in this repository',
-              '',
-              '**Rules:**',
-              '- Fix only what the violation points out — do not refactor unrelated code',
-              '- Run `{{TEST_COMMAND}}` before opening the Pull Request',
-              `- Include \`Closes #${issueNumber}\` in the PR body`,
-            ].join('\n');
-
-            await github.rest.issues.createComment({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: issueNumber,
-              body,
-            });

package/.agentic-pdlc/templates/.github/workflows/auto-approve.yml

@@ -1,16 +0,0 @@
-name: Auto Approve PRs
-on:
-  pull_request:
-    types: [opened, labeled, synchronize]
-
-permissions:
-  pull-requests: write
-
-jobs:
-  auto-approve:
-    runs-on: ubuntu-latest
-    if: contains(github.event.pull_request.labels.*.name, 'auto-approve')
-    steps:
-      - uses: hmarr/auto-approve-action@v4
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}

package/.agentic-pdlc/templates/.github/workflows/ci.yml

@@ -1,54 +0,0 @@
-name: Sentinel / CI
-
-on:
-  pull_request:
-    branches: [ main ]
-  push:
-    branches: [ main ]
-
-jobs:
-  validate:
-    name: Run tests and linters
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Setup environment
-        run: echo "Replace this with your language/toolchain setup (e.g., actions/setup-node)"
-        
-      - name: Install dependencies
-        run: echo "Replace this with your package manager install command"
-
-      - name: Run Linters
-        if: ${{ !contains('{{LINT_COMMAND}}', '{{') }}
-        run: |
-          {{LINT_COMMAND}}
-
-      - name: Typecheck
-        if: ${{ !contains('{{TYPECHECK_COMMAND}}', '{{') }}
-        run: |
-          {{TYPECHECK_COMMAND}}
-
-      - name: Build
-        if: ${{ !contains('{{BUILD_COMMAND}}', '{{') }}
-        run: |
-          {{BUILD_COMMAND}}
-
-      - name: Run Tests
-        if: ${{ !contains('{{TEST_COMMAND}}', '{{') }}
-        run: |
-          {{TEST_COMMAND}}
-
-  ci-status:
-    name: Sentinel / CI
-    needs: [validate]
-    if: always()
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check validate result
-        run: |
-          result="${{ needs.validate.result }}"
-          if [[ "$result" != "success" && "$result" != "skipped" ]]; then
-            echo "CI failed: validate=$result"
-            exit 1
-          fi