create-sdd-project 0.18.1 → 0.18.3

package/lib/adapt-agents.js

@@ -91,6 +91,13 @@ const WORKFLOW_CORE_PROJECT_TYPE_RULES = {
       [/### UI Changes \(if applicable\)\n\n\[Components to add\/modify\. Reference `docs\/specs\/ui-components\.md`\.\]\n\n/, ''],
       [' / `ui-components.md`', ''],
     ],
+    // v0.18.2 (Codex R1 finding C4): pr-template.md is project-type adapted —
+    // moved from inline replaceInFileFn to this table so smart-diff fallback
+    // compare via adaptWorkflowCoreContentForProjectType produces a matching
+    // pristine target on backend/frontend installs (no false-preserve).
+    'skills/development-workflow/references/pr-template.md': [
+      [' / ui-components.md', ''],
+    ],
   },
   frontend: {
     'skills/development-workflow/SKILL.md': [
@@ -101,6 +108,9 @@ const WORKFLOW_CORE_PROJECT_TYPE_RULES = {
       [/### API Changes \(if applicable\)\n\n\[Endpoints to add\/modify\. Reference[^\]]*\]\n\n/, ''],
       ['`api-spec.yaml` / ', ''],
     ],
+    'skills/development-workflow/references/pr-template.md': [
+      ['api-spec.yaml / ', ''],
+    ],
   },
 };
 
@@ -243,25 +253,16 @@ function adaptAgentContentForProjectType(dest, config, replaceInFileFn) {
     replaceInFileFn(path.join(dest, 'AGENTS.md'), [
       [', `ui-ux-designer`', ''],
     ]);
-    for (const dir of toolDirs) {
-      // pr-template: remove ui-components from checklist (out of scope for
-      // v0.17.1 — see dev/ROADMAP.md "Known follow-ups" item 2)
-      replaceInFileFn(path.join(dest, dir, 'skills', 'development-workflow', 'references', 'pr-template.md'), [
-        [' / ui-components.md', ''],
-      ]);
-    }
+    // v0.18.2 (Codex R1 C4): pr-template.md rules moved to WORKFLOW_CORE_PROJECT_TYPE_RULES
+    // (handled by the wfRules loop above) so smart-diff fallback compare can
+    // produce a pristine adapted target via adaptWorkflowCoreContentForProjectType.
     // base-standards.mdc: remove ui-ux-designer table row (shared table above)
     replaceInFileFn(
       path.join(dest, 'ai-specs', 'specs', 'base-standards.mdc'),
       BASE_STANDARDS_PROJECT_TYPE_RULES.backend
     );
-  } else if (config.projectType === 'frontend') {
-    for (const dir of toolDirs) {
-      replaceInFileFn(path.join(dest, dir, 'skills', 'development-workflow', 'references', 'pr-template.md'), [
-        ['api-spec.yaml / ', ''],
-      ]);
-    }
   }
+  // v0.18.2: frontend pr-template rule also moved to WORKFLOW_CORE_PROJECT_TYPE_RULES.
 }
 
 module.exports = {

package/lib/meta.js

@@ -273,14 +273,41 @@ function expectedSmartDiffTrackedPaths(aiTools, projectType) {
   paths.add('ai-specs/specs/documentation-standards.mdc');
 
   // v0.17.1: development-workflow skill core files — filtered by aiTools.
-  // bug-workflow, health-check, pm-orchestrator, project-memory are OUT OF
-  // SCOPE for v0.17.1 (deferred — see dev/ROADMAP.md "Known follow-ups" item 2).
   for (const dir of toolDirs) {
     paths.add(`${dir}/skills/development-workflow/SKILL.md`);
     paths.add(`${dir}/skills/development-workflow/references/ticket-template.md`);
     paths.add(`${dir}/skills/development-workflow/references/merge-checklist.md`);
   }
 
+  // v0.18.2: extend smart-diff coverage to remaining SKILL.md entry points +
+  // 11 reference files (closes ROADMAP "Known follow-ups" item 1 — long-deferred
+  // since v0.17.1). Universal per aiTools (no project-type filtering — skills
+  // and reference templates are stack-agnostic except pr-template.md, which
+  // has project-type rules in WORKFLOW_CORE_PROJECT_TYPE_RULES so the
+  // fallback compare in upgrade-generator.js produces a pristine adapted
+  // target).
+  for (const dir of toolDirs) {
+    // 4 SKILL.md entry points
+    paths.add(`${dir}/skills/bug-workflow/SKILL.md`);
+    paths.add(`${dir}/skills/health-check/SKILL.md`);
+    paths.add(`${dir}/skills/pm-orchestrator/SKILL.md`);
+    paths.add(`${dir}/skills/project-memory/SKILL.md`);
+    // 7 development-workflow references
+    paths.add(`${dir}/skills/development-workflow/references/pr-template.md`);
+    paths.add(`${dir}/skills/development-workflow/references/branching-strategy.md`);
+    paths.add(`${dir}/skills/development-workflow/references/failure-handling.md`);
+    paths.add(`${dir}/skills/development-workflow/references/workflow-example.md`);
+    paths.add(`${dir}/skills/development-workflow/references/complexity-guide.md`);
+    paths.add(`${dir}/skills/development-workflow/references/add-feature-template.md`);
+    paths.add(`${dir}/skills/development-workflow/references/cross-model-review.md`);
+    // 1 pm-orchestrator reference
+    paths.add(`${dir}/skills/pm-orchestrator/references/pm-session-template.md`);
+    // 3 project-memory references
+    paths.add(`${dir}/skills/project-memory/references/bugs_template.md`);
+    paths.add(`${dir}/skills/project-memory/references/decisions_template.md`);
+    paths.add(`${dir}/skills/project-memory/references/key_facts_template.md`);
+  }
+
   // v0.18.1: shipped slash-commands — preserve user customizations across
   // upgrades. Closes v0.18.0 known limitation where audit-merge.md was
   // wholesale-overwritten (notable since teams may tune drift recipes for

package/lib/upgrade-generator.js

@@ -305,21 +305,45 @@ function generateUpgrade(config) {
   const filesToAdapt = new Set();
 
   // v0.17.1: before the skills/ wholesale delete-and-copy, save the content
-  // of the 6 workflow-core files so we can restore them if their hash tells
+  // of the workflow-core files so we can restore them if their hash tells
   // us they were customized. Map keyed by absolute path, value = string or
   // null (null = file didn't exist before upgrade).
+  // v0.18.2: extended from 6 paths to 21 paths × tool dirs (max 42 for
+  // fullstack-both). Adds 4 SKILL.md entry points + 11 reference files,
+  // closing ROADMAP "Known follow-ups" item 1.
   const workflowCoreBackup = new Map();
   const workflowCorePosixPaths = [];
   {
     const dirsForBackup = [];
     if (aiTools !== 'gemini') dirsForBackup.push('.claude');
     if (aiTools !== 'claude') dirsForBackup.push('.gemini');
+    const WORKFLOW_CORE_RELATIVE_PATHS = [
+      // v0.17.1 (3 files)
+      'skills/development-workflow/SKILL.md',
+      'skills/development-workflow/references/ticket-template.md',
+      'skills/development-workflow/references/merge-checklist.md',
+      // v0.18.2: 4 SKILL.md entry points
+      'skills/bug-workflow/SKILL.md',
+      'skills/health-check/SKILL.md',
+      'skills/pm-orchestrator/SKILL.md',
+      'skills/project-memory/SKILL.md',
+      // v0.18.2: 7 development-workflow references
+      'skills/development-workflow/references/pr-template.md',
+      'skills/development-workflow/references/branching-strategy.md',
+      'skills/development-workflow/references/failure-handling.md',
+      'skills/development-workflow/references/workflow-example.md',
+      'skills/development-workflow/references/complexity-guide.md',
+      'skills/development-workflow/references/add-feature-template.md',
+      'skills/development-workflow/references/cross-model-review.md',
+      // v0.18.2: 1 pm-orchestrator reference
+      'skills/pm-orchestrator/references/pm-session-template.md',
+      // v0.18.2: 3 project-memory references
+      'skills/project-memory/references/bugs_template.md',
+      'skills/project-memory/references/decisions_template.md',
+      'skills/project-memory/references/key_facts_template.md',
+    ];
     for (const dir of dirsForBackup) {
-      for (const relSub of [
-        'skills/development-workflow/SKILL.md',
-        'skills/development-workflow/references/ticket-template.md',
-        'skills/development-workflow/references/merge-checklist.md',
-      ]) {
+      for (const relSub of WORKFLOW_CORE_RELATIVE_PATHS) {
         const posix = `${dir}/${relSub}`;
         const abs = path.join(dest, ...posix.split('/'));
         workflowCorePosixPaths.push({ posix, abs });
@@ -370,13 +394,13 @@ function generateUpgrade(config) {
         fs.rmSync(subDir, { recursive: true, force: true });
       }
     }
-    // For .gemini, also remove commands (SDD-owned — Gemini TOML commands)
-    if (dir === '.gemini') {
-      const cmdDir = path.join(base, 'commands');
-      if (fs.existsSync(cmdDir)) {
-        fs.rmSync(cmdDir, { recursive: true, force: true });
-      }
-    }
+    // v0.18.2: do NOT wholesale-delete .gemini/commands. The smart-diff loop
+    // below iterates template command files individually and preserves user
+    // customizations of tracked paths (e.g. audit-merge.toml) — closing the
+    // v0.18.1 plumbing gap where these files were silently overwritten on
+    // every upgrade despite being tracked in expectedSmartDiffTrackedPaths.
+    // Custom Gemini commands (files NOT in the template) are left in place,
+    // mirroring the agent strategy from v0.16.10.
 
     // Copy fresh from template
     const templateToolDir = path.join(templateDir, dir);
@@ -522,16 +546,117 @@ function generateUpgrade(config) {
           continue;
         }
 
-        // For .claude/commands, merge: overwrite SDD template commands, preserve user's custom commands
-        if (dir === '.claude' && sub === 'commands') {
+        // v0.18.2: smart-diff loop for commands (closes v0.18.1 plumbing gap).
+        //
+        // Pre-v0.18.2: .claude/commands wholesale cpSync'd every file (line 525-531)
+        // and .gemini/commands wholesale rmSync'd + recursive cpSync'd (lines 374-378
+        // and the fallback at 532-533). Both branches overwrote user customizations
+        // silently despite the paths being added to expectedSmartDiffTrackedPaths in
+        // v0.18.1 (lib/meta.js:284-320).
+        //
+        // Now: iterate template command files individually. For each file:
+        //   - If posix path is tracked → smart-diff decision tree (preserve customizations)
+        //   - Else → unconditional overwrite (SDD-owned wrappers, e.g. add-feature.toml)
+        // Custom commands (files NOT in template) are NOT touched, mirroring the
+        // agent strategy from v0.16.10.
+        //
+        // Commands have NO project-type or stack adaptations — adapted target == raw template.
+        if (sub === 'commands') {
           fs.mkdirSync(destSub, { recursive: true });
-          for (const file of fs.readdirSync(srcSub)) {
-            // Always overwrite template-owned files (they may have been updated)
-            fs.cpSync(path.join(srcSub, file), path.join(destSub, file));
+          const trackedSet = expectedSmartDiffTrackedPaths(aiTools, projectType);
+          const templateCmdFiles = fs
+            .readdirSync(srcSub, { withFileTypes: true })
+            .filter((e) => e.isFile())
+            .map((e) => e.name);
+
+          for (const file of templateCmdFiles) {
+            const templateCmdPath = path.join(srcSub, file);
+            const existingCmdPath = path.join(destSub, file);
+            const relativePath = path.relative(dest, existingCmdPath);
+            const posixPath = toPosix(relativePath);
+            const rawTemplate = fs.readFileSync(templateCmdPath, 'utf8');
+
+            if (!trackedSet.has(posixPath)) {
+              // SDD-owned (e.g. add-feature.toml, fix-bug.toml, next-task.toml,
+              // show-progress.toml, start-task.toml) — unconditional overwrite.
+              if (fs.existsSync(existingCmdPath)) {
+                backupBeforeReplace(dest, relativePath, backupTimestamp);
+              }
+              fs.writeFileSync(existingCmdPath, rawTemplate, 'utf8');
+              replaced++;
+              continue;
+            }
+
+            // --- v0.18.2 commands smart-diff decision tree (mirror of agents) ---
+            if (!fs.existsSync(existingCmdPath)) {
+              fs.writeFileSync(existingCmdPath, rawTemplate, 'utf8');
+              filesToAdapt.add(posixPath);
+              replaced++;
+              continue;
+            }
+
+            if (config.forceTemplate) {
+              backupBeforeReplace(dest, relativePath, backupTimestamp);
+              fs.writeFileSync(existingCmdPath, rawTemplate, 'utf8');
+              filesToAdapt.add(posixPath);
+              replaced++;
+              continue;
+            }
+
+            const existingContent = fs.readFileSync(existingCmdPath, 'utf8');
+            const storedHash = meta && meta.hashes[posixPath];
+
+            const preserveCmd = () => {
+              backupBeforeReplace(dest, relativePath, backupTimestamp);
+              const newBackupPath = path.join(
+                dest,
+                '.sdd-backup',
+                backupTimestamp,
+                `${relativePath}.new`
+              );
+              try {
+                fs.mkdirSync(path.dirname(newBackupPath), { recursive: true });
+                fs.writeFileSync(newBackupPath, rawTemplate, 'utf8');
+              } catch (e) {
+                console.warn(
+                  `    ⚠ Failed to write .new backup for ${relativePath}: ${e.code || e.message}`
+                );
+              }
+              modifiedAgentsResults.push({ name: relativePath, modified: true });
+              preserved++;
+              // Codex M1 invariant: preserved files do NOT update newHashes.
+            };
+
+            if (storedHash) {
+              const currentHash = computeHash(existingContent);
+              if (currentHash === storedHash) {
+                // Pristine — replace + record new hash.
+                backupBeforeReplace(dest, relativePath, backupTimestamp);
+                fs.writeFileSync(existingCmdPath, rawTemplate, 'utf8');
+                filesToAdapt.add(posixPath);
+                replaced++;
+                continue;
+              }
+              // Hash mismatch → user customized → preserve.
+              preserveCmd();
+              continue;
+            }
+
+            // Fallback — no hash (e.g. pre-v0.18.1 install). Compare against
+            // raw template (commands have no adapters).
+            if (normalizedContentEquals(existingContent, rawTemplate)) {
+              backupBeforeReplace(dest, relativePath, backupTimestamp);
+              fs.writeFileSync(existingCmdPath, rawTemplate, 'utf8');
+              filesToAdapt.add(posixPath);
+              replaced++;
+              continue;
+            }
+            preserveCmd();
           }
-        } else {
-          fs.cpSync(srcSub, destSub, { recursive: true });
+          continue;
         }
+
+        fs.cpSync(srcSub, destSub, { recursive: true });
         replaced++;
       }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-sdd-project",
-  "version": "0.18.1",
+  "version": "0.18.3",
   "description": "Create a new SDD DevFlow project with AI-assisted development workflow",
   "bin": {
     "create-sdd-project": "bin/cli.js"

package/template/.claude/commands/audit-merge.md

@@ -52,12 +52,21 @@ Run only if `git diff origin/<target-branch>..HEAD --name-only` shows `.json` fi
 
 Eleven empirically-validated drift patterns. Failures are NOT blockers for the compliance verdict, but MUST be refreshed before requesting user authorization (the user will otherwise catch them during audit and send the PR back). Each check has a concrete shell recipe — use BSD-grep-compatible regex (no `\K`).
 
-**12. P1 — PR body test count stale.** The PR body's "npm test" line should match the terminal test count in the ticket (AC / DoD / Completion Log last entry). Agents commonly open the PR at Step 4 and add tests during Step 5 review — the PR body number becomes stale.
+**12. P1 — PR body test count stale (v0.18.3 multi-workspace extension — C1).** The PR body's test ratios should all appear in ticket evidence (AC / DoD / Completion Log). Agents commonly open the PR at Step 4 and add tests during Step 5 review — the PR body numbers become stale. In monorepos with multiple workspaces (e.g. api, web, bot, scraper) the PR body may quote several `N/N` ratios; v0.18.3 walks them all instead of comparing only the first. Subset direction: PR ratios ⊆ ticket ratios (the ticket Completion Log is the more comprehensive record and accumulates intermediate per-step ratios that the PR body legitimately omits). Three fallback cases: (a) ≥ 1 ratio on each side → verify each PR ratio appears in ticket; (b) PR has ratios but ticket has none (or vice versa) → emit explicit `P1 N/A` note, no drift flag; (c) neither side has ratios → emit `P1 N/A` note.
 ```bash
-PR_BODY=$(gh pr view --json body -q .body)
-PR_TESTS=$(echo "$PR_BODY" | grep -iE "(npm test|tests?[^|]*[0-9]|[*: ]tests?[*: ]+[0-9])" | grep -oE "[0-9]+/[0-9]+" | head -1)
-TICKET_TESTS=$(grep -iE "(npm test|tests?[^|]*[0-9]|[*: ]tests?[*: ]+[0-9])" "$TICKET" | grep -oE "[0-9]+/[0-9]+" | tail -1)
-[ -n "$PR_TESTS" ] && [ -n "$TICKET_TESTS" ] && [ "$PR_TESTS" != "$TICKET_TESTS" ] && flag "P1 drift: PR body $PR_TESTS vs ticket $TICKET_TESTS"
+TEST_KW_RE='(npm test|pnpm test|tests?[^|]*[0-9]|[*: ]tests?[*: ]+[0-9])'
+PR_BODY=$(gh pr view --json body -q .body 2>/dev/null || true)
+PR_RATIOS=$(echo "$PR_BODY" | grep -iE "$TEST_KW_RE" | grep -oE "[0-9]+/[0-9]+" | sort -u)
+TICKET_RATIOS=$(grep -iE "$TEST_KW_RE" "$TICKET" | grep -oE "[0-9]+/[0-9]+" | sort -u)
+if [ -z "$PR_RATIOS" ] || [ -z "$TICKET_RATIOS" ]; then
+  echo "P1 N/A: no comparable test-count ratios extracted (PR=$(echo "$PR_RATIOS" | tr '\n' ',' ), ticket=$(echo "$TICKET_RATIOS" | tr '\n' ',' ))"
+else
+  while IFS= read -r r; do
+    [ -z "$r" ] && continue
+    echo "$TICKET_RATIOS" | grep -qFx "$r" \
+      || flag "P1 drift: PR ratio $r not found in ticket evidence (ticket ratios: $(echo "$TICKET_RATIOS" | tr '\n' ' '))"
+  done <<< "$PR_RATIOS"
+fi
 ```
 
 **13. P2 — Merge Checklist Evidence rows aspirational.** Rows marked `[x]` with future-tense Evidence ("will land", "to be created", "pending", "next commit", "TBD") — the row claims done but the work hasn't happened yet.
@@ -94,6 +103,8 @@ for t in docs/tickets/*.md; do
   status=$(grep -E "^\*\*Status:\*\*" "$t" | head -1 \
     | sed -E 's/^\*\*Status:\*\*[[:space:]]*\*?\*?//' \
     | sed -E 's/[[:space:]]*\*?\*?[[:space:]]*\|.*//' \
+    | sed -E 's/[[:space:]]+(\(.*\)|—.*|–.*|-.*)$//' \
+    | sed -E 's/\*\*[[:space:]]*$//' \
     | sed -E 's/[[:space:]]+$//')
   [ "$status" = "Done" ] && continue
   ticket_id=$(basename "$t" .md | sed -E 's/-[a-z].*//')
@@ -103,12 +114,27 @@ done
 [ "$FROZEN_COUNT" -eq 1 ] && flag "P5 drift: 1 frozen ticket"
 ```
 
-**17. P6 — AC count off-by-N.** Merge Checklist Evidence row 1 claim ("all N marked" / "AC: X/Y") diverges from actual count of `[x]` + `[ ]` in `## Acceptance Criteria`.
+**17. P6 — AC count off-by-N.** Merge Checklist Evidence row 1 claim diverges from actual count. Two canonical forms: `all N marked` (N = total, implies all are `[x]`) and `AC: X/Y done` (X = marked, Y = total — supports deferred ACs where Y > X intentionally). For `AC: X/Y` form, compare Y to actual total AND X to actual marked. For `all N marked` form, compare N to actual total.
 ```bash
-ACTUAL=$(awk '/^## Acceptance Criteria/,/^## Definition of Done/' "$TICKET" | grep -cE "^- \[[x ]\]")
-CLAIMED=$(grep -oE 'all [0-9]+ marked|AC: [0-9]+/[0-9]+' "$TICKET" | head -1 | grep -oE "[0-9]+" | head -1)
-[ -n "$CLAIMED" ] && [ "$CLAIMED" != "$ACTUAL" ] && [ $((ACTUAL - CLAIMED)) -ge 2 -o $((CLAIMED - ACTUAL)) -ge 2 ] \
-  && flag "P6 drift: claim '$CLAIMED' vs actual AC count $ACTUAL"
+AC_BLOCK=$(awk '/^## Acceptance Criteria/,/^## Definition of Done/' "$TICKET")
+ACTUAL_TOTAL=$(echo "$AC_BLOCK" | grep -cE "^- \[[x ]\]")
+ACTUAL_MARKED=$(echo "$AC_BLOCK" | grep -cE "^- \[x\]")
+CLAIM_LINE=$(grep -oE 'all [0-9]+ marked|AC: [0-9]+/[0-9]+' "$TICKET" | head -1)
+if echo "$CLAIM_LINE" | grep -qE '^AC: [0-9]+/[0-9]+'; then
+  CLAIMED_MARKED=$(echo "$CLAIM_LINE" | grep -oE '[0-9]+' | head -1)
+  CLAIMED_TOTAL=$(echo "$CLAIM_LINE" | grep -oE '[0-9]+' | tail -1)
+  [ -n "$CLAIMED_TOTAL" ] && [ "$CLAIMED_TOTAL" != "$ACTUAL_TOTAL" ] \
+    && [ $((ACTUAL_TOTAL - CLAIMED_TOTAL)) -ge 2 -o $((CLAIMED_TOTAL - ACTUAL_TOTAL)) -ge 2 ] \
+    && flag "P6 drift: claim AC total '$CLAIMED_TOTAL' vs actual total $ACTUAL_TOTAL"
+  [ -n "$CLAIMED_MARKED" ] && [ "$CLAIMED_MARKED" != "$ACTUAL_MARKED" ] \
+    && [ $((ACTUAL_MARKED - CLAIMED_MARKED)) -ge 2 -o $((CLAIMED_MARKED - ACTUAL_MARKED)) -ge 2 ] \
+    && flag "P6 drift: claim AC marked '$CLAIMED_MARKED' vs actual marked $ACTUAL_MARKED"
+elif [ -n "$CLAIM_LINE" ]; then
+  CLAIMED=$(echo "$CLAIM_LINE" | grep -oE '[0-9]+' | head -1)
+  [ -n "$CLAIMED" ] && [ "$CLAIMED" != "$ACTUAL_TOTAL" ] \
+    && [ $((ACTUAL_TOTAL - CLAIMED)) -ge 2 -o $((CLAIMED - ACTUAL_TOTAL)) -ge 2 ] \
+    && flag "P6 drift: 'all $CLAIMED marked' vs actual AC count $ACTUAL_TOTAL"
+fi
 ```
 
 **18. P7 — Test count drift within ticket (final-sections only).** Only flag AC / DoD / tracker Active-Session numbers diverging from Completion Log terminal. Intermediate rows are legitimate.
@@ -157,6 +183,8 @@ awk -F'|' '/^\| [0-9]{4}-[0-9]{2}-[0-9]{2}/ {
 TICKET_STATUS=$(grep -E "^\*\*Status:\*\*" "$TICKET" | head -1 \
     | sed -E 's/^\*\*Status:\*\*[[:space:]]*\*?\*?//' \
     | sed -E 's/[[:space:]]*\*?\*?[[:space:]]*\|.*//' \
+    | sed -E 's/[[:space:]]+(\(.*\)|—.*|–.*|-.*)$//' \
+    | sed -E 's/\*\*[[:space:]]*$//' \
     | sed -E 's/[[:space:]]+$//')
 FEATURE_ID=$(basename "$TICKET" .md | sed -E 's/-[a-z].*//')
 TRACKER_STATUS=$(grep -F "$FEATURE_ID" docs/project_notes/product-tracker.md | grep -oE "\| (in-progress|done|pending|blocked) \|" | head -1 | sed -E 's/\| ([a-z-]+) \|/\1/')
@@ -169,9 +197,89 @@ esac
   && flag "P11 drift: ticket Status='$TICKET_STATUS' expects tracker='$EXPECTED' but tracker='$TRACKER_STATUS'"
 ```
 
+**23. P12 — Tracker HEAD references stale (added v0.18.2).** The `**Last Updated:**` and `**Active Feature:**` lines may embed `HEAD <sha>` or `HEAD: <sha>` references that were correct when written but went stale as further commits landed (empirically observed in fx F-WEB-MENU-VISION-001 audit cycle 2026-05-06: tracker said `HEAD: fd752e4` while `git rev-parse HEAD` was `6fa801e` after the agent's own self-edit commit). Compare each extracted SHA against the active branch HEAD. Bidirectional prefix tolerance: a 7-char tracker SHA matches the full 40-char actual HEAD if it's a prefix; a full 40-char tracker SHA matches if its first 7 chars equal the actual short form. Scoped strictly to the two header lines so narrative SHAs in "Last Completed" prose never false-positive-fire.
+```bash
+TRACKER=docs/project_notes/product-tracker.md
+if [ -f "$TRACKER" ]; then
+  ACTUAL_HEAD=$(git rev-parse HEAD 2>/dev/null || true)
+  if [ -n "$ACTUAL_HEAD" ]; then
+    ACTUAL_SHORT=$(printf '%s' "$ACTUAL_HEAD" | cut -c1-7)
+    TRACKER_HEADS=$(grep -E '^\*\*(Last Updated|Active Feature):\*\*' "$TRACKER" 2>/dev/null \
+      | grep -oE 'HEAD[[:space:]:]+`?[a-f0-9]{7,40}`?' \
+      | grep -oE '[a-f0-9]{7,40}' \
+      | sort -u || true)
+    for sha in $TRACKER_HEADS; do
+      case "$ACTUAL_HEAD" in "$sha"*) continue ;; esac
+      case "$sha" in "$ACTUAL_SHORT"*) continue ;; esac
+      flag "P12 drift: tracker HEAD reference $sha does not match git rev-parse HEAD ($ACTUAL_HEAD); refresh tracker"
+    done
+  fi
+fi
+```
+
+**24. P13 — key_facts delta vs ticket atom-count mismatch (added v0.18.3).** When the ticket's Completion Log or MCE quantifies a delta against `key_facts.md` (e.g. `+8 atoms`, `+5 aliases`, `+27 dishes`), the corresponding feature row in `key_facts.md` should record the same delta. Whitespace-safe iteration via `while IFS= read -r`; FEATURE_ID-anchored block scan avoids false-pass on identical deltas elsewhere in the file. English keyword set; Spanish (`átomos`, `platos`) deferred to v0.19.x.
+```bash
+KEY_FACTS=docs/project_notes/key_facts.md
+if [ -f "$KEY_FACTS" ]; then
+  FEATURE_ID=$(basename "$TICKET" .md | sed -E 's/-[a-z].*//')
+  TICKET_DELTAS=$(grep -oE '\+[0-9]+ (atoms?|aliases?|dishes?|entries|rows)' "$TICKET" | sort -u)
+  KEY_FACTS_BLOCK=$(grep -A 3 -F "$FEATURE_ID" "$KEY_FACTS" 2>/dev/null || true)
+  while IFS= read -r claim; do
+    [ -z "$claim" ] && continue
+    if [ -z "$KEY_FACTS_BLOCK" ] || ! echo "$KEY_FACTS_BLOCK" | grep -qF "$claim"; then
+      flag "P13 drift: ticket claims '$claim' but key_facts.md block for $FEATURE_ID lacks the same delta"
+    fi
+  done <<< "$TICKET_DELTAS"
+fi
+```
+
+**25. P14 — MCE Action 1 row stale post-merge (added v0.18.3).** When ticket Status normalizes to `Done` AND the MCE Action 1 row still has `Step 6 [ ]` / `Step 6 [-]`, the row was written pre-merge and not updated post-squash. **Strict scoping**: awk state machine terminates the MCE block at the NEXT `^## ` line of any name (NOT `[^M]` — that incorrectly absorbs subsequent `## M*` sections). **Strict signal**: only `Step 6 [ ]` / `Step 6 [-]` patterns flag; standalone `(this merge)` is omitted because it commonly appears in past-tense narrative ("merged at SHA (this merge)") and produces false positives. Reuses `TICKET_STATUS` defined in P11; do NOT use `$status` from the P5 loop. NIT severity.
+```bash
+if [ "$TICKET_STATUS" = "Done" ]; then
+  MCE_BLOCK=$(awk '
+    /^## Merge Checklist Evidence/ { in_mce=1; print; next }
+    in_mce && /^## / { in_mce=0 }
+    in_mce { print }
+  ' "$TICKET")
+  if echo "$MCE_BLOCK" | grep -qE 'Step 6 \[[ -]\]'; then
+    flag "P14 drift (NIT): MCE Action 1 row contains 'Step 6 [ ]' / 'Step 6 [-]' after merge — flip to [x] and append squash + housekeeping SHAs"
+  fi
+fi
+```
+
+**26. P15 — AC with `post-deploy` keyword admitted without Completion Log evidence (added v0.18.3).** ACs containing production-parity keywords (`post-deploy`, `post-merge`, `production parity`, `prod verification`, `on dev API`, `on prod`) are explicit gates; marking them `[x]` without a dated Completion Log row defeats their purpose. Empirical origin: fx F-CATALOG-COV-001 AC-NEW-qa-battery silent-PASS until external audit caught it. Line-safe iteration via `while IFS= read -r`.
+```bash
+COMPLETION=$(awk '/^## Completion Log/,/^## Merge Checklist/' "$TICKET")
+AC_LINES=$(grep -nE '^[[:space:]]*-[[:space:]]*\[[ x]\][[:space:]]+AC-[A-Za-z0-9_-]+' "$TICKET" \
+  | grep -iE 'post-deploy|post-merge|production parity|prod verification|on dev API|on prod')
+while IFS= read -r line; do
+  [ -z "$line" ] && continue
+  echo "$line" | grep -q '\[x\]' || continue
+  ac_id=$(echo "$line" | grep -oE 'AC-[A-Za-z0-9_-]+' | head -1)
+  [ -z "$ac_id" ] && continue
+  if ! echo "$COMPLETION" | grep -E "^\|[[:space:]]*[0-9]{4}-[0-9]{2}-[0-9]{2}" | grep -qF "$ac_id"; then
+    flag "P15 drift: $ac_id marked [x] with post-deploy semantics but no dated Completion Log entry anchoring this AC-ID"
+  fi
+done <<< "$AC_LINES"
+```
+
+**27. P16 — Feature missing from Features table (added v0.18.3).** Ticket Status `Ready for Merge` / `Done` should have a row in some `## Features — *` table in `product-tracker.md`. **Strict signal**: requires the feature ID to appear as the first cell of a pipe-table row (`| FEATURE_ID |` with optional whitespace), NOT just anywhere in the tracker — narrative mentions or `**Active Feature:**` references must not silence the drift. NIT severity. Reuses `TICKET_STATUS` and `FEATURE_ID` defined in P11.
+```bash
+TRACKER=docs/project_notes/product-tracker.md
+case "$TICKET_STATUS" in
+  "Ready for Merge"|"Done")
+    if [ -f "$TRACKER" ]; then
+      if ! grep -qE "^\|[[:space:]]*$FEATURE_ID[[:space:]]*\|" "$TRACKER"; then
+        flag "P16 drift (NIT): $FEATURE_ID not in any Features table row (must appear as first cell in '| FEATURE_ID | ... |' form)"
+      fi
+    fi
+    ;;
+esac
+```
+
 ### Execution discipline (added v0.18.1)
 
-For each of the 11 drift checks (P1–P11), if you declare PASS, **include the literal command output** (or its absence — explicit "no rows matched", "extracted: feature/foo", "FROZEN_COUNT=0") as evidence in your report. A bare "PASS" without supporting output is treated as **NOT EXECUTED** by the auditor — re-run with output captured.
+For each of the 16 drift checks (P1–P16), if you declare PASS, **include the literal command output** (or its absence — explicit "no rows matched", "extracted: feature/foo", "FROZEN_COUNT=0") as evidence in your report. A bare "PASS" without supporting output is treated as **NOT EXECUTED** by the auditor — re-run with output captured.
 
 Recommended pattern:
 
@@ -208,7 +316,7 @@ Report two tables — one for **structural (blocking)** compliance, one for **dr
 
 **STRUCTURAL: READY FOR MERGE** (or **STRUCTURAL: NEEDS FIX — N blockers**)
 
-### Drift (12-22) — advisory, refresh before user authorization
+### Drift (12-27) — advisory, refresh before user authorization
 
 | # | Pattern | Status | Detail |
 |---|---------|:------:|--------|
@@ -223,6 +331,11 @@ Report two tables — one for **structural (blocking)** compliance, one for **dr
 | 20 | P9 Tracker header stale | PASS | header = detail |
 | 21 | P10 Duplicate log rows | PASS | no duplicates |
 | 22 | P11 Tracker status mismatch | PASS | in-progress for Ready for Merge |
+| 23 | P12 Tracker HEAD reference | PASS | tracker HEAD = git HEAD |
+| 24 | P13 key_facts delta mismatch | PASS | N/A — no quantified deltas |
+| 25 | P14 MCE Action 1 stale post-merge | PASS | N/A pre-merge / row past-tense |
+| 26 | P15 Post-deploy AC without evidence | PASS | no post-deploy keyword in ACs |
+| 27 | P16 Feature missing from tracker | PASS | feature in Features table |
 
 **DRIFT: CLEAN** (or **DRIFT: N advisories — refresh before merge**)
 
@@ -242,18 +355,23 @@ Fix them directly:
 - Merge base diverged → `git merge origin/<target-branch>` and resolve conflicts
 - Data file issues → fix the data
 
-**Drift advisories (12-22) fixes:**
+**Drift advisories (12-27) fixes:**
 - **P1 (PR body test count stale)** → edit PR body "Quality Gates" / "npm test" line to match ticket terminal count; add "(+N new tests)" delta note
 - **P2 (Aspirational Evidence)** → rewrite `[x]` rows with past-tense text + commit SHA + concrete numbers
 - **P3 (Post-merge action unlogged)** → add a Completion Log row documenting the post-merge execution with date + action + empirical result
 - **P4 (Remote branch orphan)** → `git push origin --delete <branch>` after confirming merge succeeded
 - **P5 (Frozen ticket Status)** → update each ticket's `**Status:**` field from "In Progress"/"Ready for Merge" to `Done`; this often belongs in a docs-only tracker-sync PR if the cycle is retroactive
-- **P6 (AC count off-by-N)** → recount AC items; update the Merge Checklist Evidence row 1 claim to match actual
+- **P6 (AC count off-by-N)** → recount AC items; update the Merge Checklist Evidence row 1 claim. Use canonical `AC: <marked>/<total>` form (see `merge-checklist.md`) — `total` includes intentionally-deferred ACs
 - **P7 (Intra-ticket test drift)** → refresh AC / DoD / tracker numbers to match the Completion Log terminal entry
 - **P8 (Completion Log gap)** → add a Completion Log row per missing Step with agent verdict + commit SHA
 - **P9 (Tracker header stale)** → update `**Last Updated:**` line step reference to match Active Feature detail
 - **P10 (Duplicate log rows)** → remove duplicate rows
 - **P11 (Tracker status mismatch)** → sync tracker Features row status to ticket header Status
+- **P12 (Tracker HEAD reference stale)** → update `**Last Updated:**` and `**Active Feature:**` `HEAD: <sha>` tokens to match `git rev-parse HEAD`. Use `git rev-parse --short HEAD` for the 7-char form.
+- **P13 (key_facts delta mismatch)** → reconcile: either correct the ticket's claimed delta (`+N atoms`/`+M aliases`) to match the actual key_facts.md row, or update key_facts.md to match the truthful delta
+- **P14 (MCE Action 1 stale post-merge)** → flip Step 6 checkbox to `[x]` and remove the `(this merge)` qualifier; append squash SHA + housekeeping SHA to the Workflow evidence line
+- **P15 (Post-deploy AC without evidence)** → add a dated Completion Log row anchoring the AC-ID with empirical results from the production verification (QA battery output, dev-API smoke result, telemetry confirmation); OR re-mark the AC `[ ]` until verification lands
+- **P16 (Feature missing from tracker)** → add a row to the relevant `## Features — *` table in `product-tracker.md` (or document explicitly in the ticket why standalone is intentional with a tracker-side note)
 
 After fixing, re-run the audit to confirm all checks pass.
 

package/template/.claude/skills/development-workflow/references/merge-checklist.md

@@ -72,6 +72,8 @@ In the ticket, fill the `## Merge Checklist Evidence` table. For each action (0
 | 0. Validate ticket structure | [x] | Sections verified: Spec, Plan, AC, DoD, Workflow, Log, Evidence |
 | 1. Mark all items | [x] | AC: 12/12, DoD: 7/7, Workflow: 0-5/6 |
 
+**Canonical form for the AC count claim:** write `AC: <marked>/<total>` — `marked` is the count of `[x]` Acceptance Criteria, `total` is the count of all AC items including any intentionally deferred `[ ]`. When all are checked use the matching form `AC: N/N` (or the shorthand `all N marked`). The `/audit-merge` P6 drift check parses both forms.
+
 ## Action 9: Run compliance audit
 
 Run `/audit-merge` to verify all compliance checks pass automatically. If any check fails, fix it and re-run until all pass.

package/template/.gemini/commands/audit-merge-instructions.md

@@ -52,12 +52,21 @@ Run only if `git diff origin/<target-branch>..HEAD --name-only` shows `.json` fi
 
 Eleven empirically-validated drift patterns. Failures are NOT blockers for the compliance verdict, but MUST be refreshed before requesting user authorization. Use BSD-grep-compatible regex (no `\K`).
 
-**12. P1 — PR body test count stale.** Ratio must co-occur with test/pass/green marker to avoid AC/DoD ratios (14/14, 7/7).
+**12. P1 — PR body test count stale (v0.18.3 multi-workspace extension — C1).** All PR-body ratios must appear in ticket evidence. Subset direction: PR ⊆ ticket. Three fallback cases: (a) ratios on both sides → walk each PR ratio; (b)/(c) missing on either side → emit `P1 N/A`.
 ```bash
-PR_BODY=$(gh pr view --json body -q .body)
-PR_TESTS=$(echo "$PR_BODY" | grep -iE "(npm test|tests?[^|]*[0-9]|[*: ]tests?[*: ]+[0-9])" | grep -oE "[0-9]+/[0-9]+" | head -1)
-TICKET_TESTS=$(grep -iE "(npm test|tests?[^|]*[0-9]|[*: ]tests?[*: ]+[0-9])" "$TICKET" | grep -oE "[0-9]+/[0-9]+" | tail -1)
-[ -n "$PR_TESTS" ] && [ -n "$TICKET_TESTS" ] && [ "$PR_TESTS" != "$TICKET_TESTS" ] && flag "P1 drift: PR body $PR_TESTS vs ticket $TICKET_TESTS"
+TEST_KW_RE='(npm test|pnpm test|tests?[^|]*[0-9]|[*: ]tests?[*: ]+[0-9])'
+PR_BODY=$(gh pr view --json body -q .body 2>/dev/null || true)
+PR_RATIOS=$(echo "$PR_BODY" | grep -iE "$TEST_KW_RE" | grep -oE "[0-9]+/[0-9]+" | sort -u)
+TICKET_RATIOS=$(grep -iE "$TEST_KW_RE" "$TICKET" | grep -oE "[0-9]+/[0-9]+" | sort -u)
+if [ -z "$PR_RATIOS" ] || [ -z "$TICKET_RATIOS" ]; then
+  echo "P1 N/A: no comparable test-count ratios extracted (PR=$(echo "$PR_RATIOS" | tr '\n' ',' ), ticket=$(echo "$TICKET_RATIOS" | tr '\n' ',' ))"
+else
+  while IFS= read -r r; do
+    [ -z "$r" ] && continue
+    echo "$TICKET_RATIOS" | grep -qFx "$r" \
+      || flag "P1 drift: PR ratio $r not found in ticket evidence (ticket ratios: $(echo "$TICKET_RATIOS" | tr '\n' ' '))"
+  done <<< "$PR_RATIOS"
+fi
 ```
 
 **13. P2 — Merge Checklist Evidence aspirational.** `[x]` rows with future-tense text.
@@ -94,6 +103,8 @@ for t in docs/tickets/*.md; do
   status=$(grep -E "^\*\*Status:\*\*" "$t" | head -1 \
     | sed -E 's/^\*\*Status:\*\*[[:space:]]*\*?\*?//' \
     | sed -E 's/[[:space:]]*\*?\*?[[:space:]]*\|.*//' \
+    | sed -E 's/[[:space:]]+(\(.*\)|—.*|–.*|-.*)$//' \
+    | sed -E 's/\*\*[[:space:]]*$//' \
     | sed -E 's/[[:space:]]+$//')
   [ "$status" = "Done" ] && continue
   ticket_id=$(basename "$t" .md | sed -E 's/-[a-z].*//')
@@ -103,12 +114,27 @@ done
 [ "$FROZEN_COUNT" -eq 1 ] && flag "P5 drift: 1 frozen ticket"
 ```
 
-**17. P6 — AC count off-by-N.**
+**17. P6 — AC count off-by-N.** Two claim forms supported: `all N marked` (N = total) and `AC: X/Y done` (X = marked, Y = total — handles deferred ACs where Y > X).
 ```bash
-ACTUAL=$(awk '/^## Acceptance Criteria/,/^## Definition of Done/' "$TICKET" | grep -cE "^- \[[x ]\]")
-CLAIMED=$(grep -oE 'all [0-9]+ marked|AC: [0-9]+/[0-9]+' "$TICKET" | head -1 | grep -oE "[0-9]+" | head -1)
-[ -n "$CLAIMED" ] && [ "$CLAIMED" != "$ACTUAL" ] && [ $((ACTUAL - CLAIMED)) -ge 2 -o $((CLAIMED - ACTUAL)) -ge 2 ] \
-  && flag "P6 drift: claim '$CLAIMED' vs actual AC count $ACTUAL"
+AC_BLOCK=$(awk '/^## Acceptance Criteria/,/^## Definition of Done/' "$TICKET")
+ACTUAL_TOTAL=$(echo "$AC_BLOCK" | grep -cE "^- \[[x ]\]")
+ACTUAL_MARKED=$(echo "$AC_BLOCK" | grep -cE "^- \[x\]")
+CLAIM_LINE=$(grep -oE 'all [0-9]+ marked|AC: [0-9]+/[0-9]+' "$TICKET" | head -1)
+if echo "$CLAIM_LINE" | grep -qE '^AC: [0-9]+/[0-9]+'; then
+  CLAIMED_MARKED=$(echo "$CLAIM_LINE" | grep -oE '[0-9]+' | head -1)
+  CLAIMED_TOTAL=$(echo "$CLAIM_LINE" | grep -oE '[0-9]+' | tail -1)
+  [ -n "$CLAIMED_TOTAL" ] && [ "$CLAIMED_TOTAL" != "$ACTUAL_TOTAL" ] \
+    && [ $((ACTUAL_TOTAL - CLAIMED_TOTAL)) -ge 2 -o $((CLAIMED_TOTAL - ACTUAL_TOTAL)) -ge 2 ] \
+    && flag "P6 drift: claim AC total '$CLAIMED_TOTAL' vs actual total $ACTUAL_TOTAL"
+  [ -n "$CLAIMED_MARKED" ] && [ "$CLAIMED_MARKED" != "$ACTUAL_MARKED" ] \
+    && [ $((ACTUAL_MARKED - CLAIMED_MARKED)) -ge 2 -o $((CLAIMED_MARKED - ACTUAL_MARKED)) -ge 2 ] \
+    && flag "P6 drift: claim AC marked '$CLAIMED_MARKED' vs actual marked $ACTUAL_MARKED"
+elif [ -n "$CLAIM_LINE" ]; then
+  CLAIMED=$(echo "$CLAIM_LINE" | grep -oE '[0-9]+' | head -1)
+  [ -n "$CLAIMED" ] && [ "$CLAIMED" != "$ACTUAL_TOTAL" ] \
+    && [ $((ACTUAL_TOTAL - CLAIMED)) -ge 2 -o $((CLAIMED - ACTUAL_TOTAL)) -ge 2 ] \
+    && flag "P6 drift: 'all $CLAIMED marked' vs actual AC count $ACTUAL_TOTAL"
+fi
 ```
 
 **18. P7 — Test count drift within ticket (final-sections only).**
@@ -157,6 +183,8 @@ awk -F'|' '/^\| [0-9]{4}-[0-9]{2}-[0-9]{2}/ {
 TICKET_STATUS=$(grep -E "^\*\*Status:\*\*" "$TICKET" | head -1 \
     | sed -E 's/^\*\*Status:\*\*[[:space:]]*\*?\*?//' \
     | sed -E 's/[[:space:]]*\*?\*?[[:space:]]*\|.*//' \
+    | sed -E 's/[[:space:]]+(\(.*\)|—.*|–.*|-.*)$//' \
+    | sed -E 's/\*\*[[:space:]]*$//' \
     | sed -E 's/[[:space:]]+$//')
 FEATURE_ID=$(basename "$TICKET" .md | sed -E 's/-[a-z].*//')
 TRACKER_STATUS=$(grep -F "$FEATURE_ID" docs/project_notes/product-tracker.md | grep -oE "\| (in-progress|done|pending|blocked) \|" | head -1 | sed -E 's/\| ([a-z-]+) \|/\1/')
@@ -169,9 +197,89 @@ esac
   && flag "P11 drift: ticket Status='$TICKET_STATUS' expects tracker='$EXPECTED' but tracker='$TRACKER_STATUS'"
 ```
 
+**23. P12 — Tracker HEAD references stale (added v0.18.2).** The `**Last Updated:**` and `**Active Feature:**` lines may embed `HEAD <sha>` or `HEAD: <sha>` references that were correct when written but went stale as further commits landed (empirically observed in fx F-WEB-MENU-VISION-001 audit cycle 2026-05-06: tracker said `HEAD: fd752e4` while `git rev-parse HEAD` was `6fa801e` after the agent's own self-edit commit). Compare each extracted SHA against the active branch HEAD. Bidirectional prefix tolerance: a 7-char tracker SHA matches the full 40-char actual HEAD if it's a prefix; a full 40-char tracker SHA matches if its first 7 chars equal the actual short form. Scoped strictly to the two header lines so narrative SHAs in "Last Completed" prose never false-positive-fire.
+```bash
+TRACKER=docs/project_notes/product-tracker.md
+if [ -f "$TRACKER" ]; then
+  ACTUAL_HEAD=$(git rev-parse HEAD 2>/dev/null || true)
+  if [ -n "$ACTUAL_HEAD" ]; then
+    ACTUAL_SHORT=$(printf '%s' "$ACTUAL_HEAD" | cut -c1-7)
+    TRACKER_HEADS=$(grep -E '^\*\*(Last Updated|Active Feature):\*\*' "$TRACKER" 2>/dev/null \
+      | grep -oE 'HEAD[[:space:]:]+`?[a-f0-9]{7,40}`?' \
+      | grep -oE '[a-f0-9]{7,40}' \
+      | sort -u || true)
+    for sha in $TRACKER_HEADS; do
+      case "$ACTUAL_HEAD" in "$sha"*) continue ;; esac
+      case "$sha" in "$ACTUAL_SHORT"*) continue ;; esac
+      flag "P12 drift: tracker HEAD reference $sha does not match git rev-parse HEAD ($ACTUAL_HEAD); refresh tracker"
+    done
+  fi
+fi
+```
+
+**24. P13 — key_facts delta vs ticket atom-count mismatch (added v0.18.3).** Whitespace-safe iteration + FEATURE_ID anchoring.
+```bash
+KEY_FACTS=docs/project_notes/key_facts.md
+if [ -f "$KEY_FACTS" ]; then
+  FEATURE_ID=$(basename "$TICKET" .md | sed -E 's/-[a-z].*//')
+  TICKET_DELTAS=$(grep -oE '\+[0-9]+ (atoms?|aliases?|dishes?|entries|rows)' "$TICKET" | sort -u)
+  KEY_FACTS_BLOCK=$(grep -A 3 -F "$FEATURE_ID" "$KEY_FACTS" 2>/dev/null || true)
+  while IFS= read -r claim; do
+    [ -z "$claim" ] && continue
+    if [ -z "$KEY_FACTS_BLOCK" ] || ! echo "$KEY_FACTS_BLOCK" | grep -qF "$claim"; then
+      flag "P13 drift: ticket claims '$claim' but key_facts.md block for $FEATURE_ID lacks the same delta"
+    fi
+  done <<< "$TICKET_DELTAS"
+fi
+```
+
+**25. P14 — MCE Action 1 row stale post-merge (added v0.18.3).** Strict awk state machine terminates MCE block at NEXT `^## ` of any name (not `[^M]`). Strict signal `Step 6 [ ]` / `Step 6 [-]` only — standalone `(this merge)` omitted to prevent false positives on past-tense narrative. Reuses `TICKET_STATUS` from P11. NIT severity.
+```bash
+if [ "$TICKET_STATUS" = "Done" ]; then
+  MCE_BLOCK=$(awk '
+    /^## Merge Checklist Evidence/ { in_mce=1; print; next }
+    in_mce && /^## / { in_mce=0 }
+    in_mce { print }
+  ' "$TICKET")
+  if echo "$MCE_BLOCK" | grep -qE 'Step 6 \[[ -]\]'; then
+    flag "P14 drift (NIT): MCE Action 1 row contains 'Step 6 [ ]' / 'Step 6 [-]' after merge — flip to [x] and append squash + housekeeping SHAs"
+  fi
+fi
+```
+
+**26. P15 — AC with post-deploy keyword admitted without Completion Log evidence (added v0.18.3).** Line-safe iteration via `while IFS= read -r`.
+```bash
+COMPLETION=$(awk '/^## Completion Log/,/^## Merge Checklist/' "$TICKET")
+AC_LINES=$(grep -nE '^[[:space:]]*-[[:space:]]*\[[ x]\][[:space:]]+AC-[A-Za-z0-9_-]+' "$TICKET" \
+  | grep -iE 'post-deploy|post-merge|production parity|prod verification|on dev API|on prod')
+while IFS= read -r line; do
+  [ -z "$line" ] && continue
+  echo "$line" | grep -q '\[x\]' || continue
+  ac_id=$(echo "$line" | grep -oE 'AC-[A-Za-z0-9_-]+' | head -1)
+  [ -z "$ac_id" ] && continue
+  if ! echo "$COMPLETION" | grep -E "^\|[[:space:]]*[0-9]{4}-[0-9]{2}-[0-9]{2}" | grep -qF "$ac_id"; then
+    flag "P15 drift: $ac_id marked [x] with post-deploy semantics but no dated Completion Log entry anchoring this AC-ID"
+  fi
+done <<< "$AC_LINES"
+```
+
+**27. P16 — Feature missing from Features table (added v0.18.3).** Strict signal: feature ID must appear as first cell of a pipe-table row (`| FEATURE_ID |`) — narrative mentions / `**Active Feature:**` references must not silence the drift. NIT severity. Reuses `TICKET_STATUS` and `FEATURE_ID` from P11.
+```bash
+TRACKER=docs/project_notes/product-tracker.md
+case "$TICKET_STATUS" in
+  "Ready for Merge"|"Done")
+    if [ -f "$TRACKER" ]; then
+      if ! grep -qE "^\|[[:space:]]*$FEATURE_ID[[:space:]]*\|" "$TRACKER"; then
+        flag "P16 drift (NIT): $FEATURE_ID not in any Features table row (must appear as first cell in '| FEATURE_ID | ... |' form)"
+      fi
+    fi
+    ;;
+esac
+```
+
 ### Execution discipline (added v0.18.1)
 
-For each of the 11 drift checks (P1–P11), if you declare PASS, **include the literal command output** (or its absence — explicit "no rows matched", "extracted: feature/foo", "FROZEN_COUNT=0") as evidence in your report. A bare "PASS" without supporting output is treated as **NOT EXECUTED** by the auditor — re-run with output captured.
+For each of the 16 drift checks (P1–P16), if you declare PASS, **include the literal command output** (or its absence — explicit "no rows matched", "extracted: feature/foo", "FROZEN_COUNT=0") as evidence in your report. A bare "PASS" without supporting output is treated as **NOT EXECUTED** by the auditor — re-run with output captured.
 
 Recommended pattern:
 
@@ -208,7 +316,7 @@ Report two tables — one for **structural (blocking)** compliance, one for **dr
 
 **STRUCTURAL: READY FOR MERGE** (or **STRUCTURAL: NEEDS FIX — N blockers**)
 
-### Drift (12-22) — advisory, refresh before user authorization
+### Drift (12-27) — advisory, refresh before user authorization
 
 | # | Pattern | Status | Detail |
 |---|---------|:------:|--------|
@@ -223,6 +331,11 @@ Report two tables — one for **structural (blocking)** compliance, one for **dr
 | 20 | P9 Tracker header stale | PASS | header = detail |
 | 21 | P10 Duplicate log rows | PASS | no duplicates |
 | 22 | P11 Tracker status mismatch | PASS | status consistent |
+| 23 | P12 Tracker HEAD reference | PASS | tracker HEAD = git HEAD |
+| 24 | P13 key_facts delta mismatch | PASS | N/A — no quantified deltas |
+| 25 | P14 MCE Action 1 stale post-merge | PASS | N/A pre-merge / row past-tense |
+| 26 | P15 Post-deploy AC without evidence | PASS | no post-deploy keyword in ACs |
+| 27 | P16 Feature missing from tracker | PASS | feature in Features table |
 
 **DRIFT: CLEAN** (or **DRIFT: N advisories — refresh before merge**)
 
@@ -242,18 +355,23 @@ Fix them directly:
 - Merge base diverged → `git merge origin/<target-branch>` and resolve conflicts
 - Data file issues → fix the data
 
-**Drift advisories (12-22) fixes:**
+**Drift advisories (12-27) fixes:**
 - **P1** → edit PR body npm test line to match ticket terminal count
 - **P2** → rewrite `[x]` rows with past-tense + commit SHA
 - **P3** → add Completion Log row for each post-merge execution
 - **P4** → `git push origin --delete <branch>` after merge
 - **P5** → update ticket Status from "In Progress"/"Ready for Merge" to `Done`
-- **P6** → recount ACs and update Merge Checklist row 1 claim
+- **P6** → recount ACs; use canonical `AC: <marked>/<total>` form (see `merge-checklist.md`) — `total` includes intentionally-deferred ACs
 - **P7** → sync AC/DoD/tracker numbers to Completion Log terminal
 - **P8** → add Completion Log row per missing Step with agent verdict + commit SHA
 - **P9** → refresh `**Last Updated:**` step reference
 - **P10** → remove duplicate rows
 - **P11** → sync tracker Features row status to ticket header Status
+- **P12 (Tracker HEAD reference stale)** → update `**Last Updated:**` and `**Active Feature:**` `HEAD: <sha>` tokens to match `git rev-parse HEAD`. Use `git rev-parse --short HEAD` for the 7-char form.
+- **P13 (key_facts delta mismatch)** → reconcile ticket delta claim with key_facts.md feature row
+- **P14 (MCE Action 1 stale post-merge)** → flip Step 6 checkbox to `[x]` and remove the `(this merge)` qualifier
+- **P15 (Post-deploy AC without evidence)** → add a dated Completion Log row with empirical post-deploy results, OR re-mark the AC `[ ]` until verification lands
+- **P16 (Feature missing from tracker)** → add a row to the relevant `## Features — *` table in `product-tracker.md`
 
 After fixing, re-run the audit to confirm all checks pass.
 

package/template/.gemini/skills/development-workflow/references/merge-checklist.md

@@ -72,6 +72,8 @@ In the ticket, fill the `## Merge Checklist Evidence` table. For each action (0
 | 0. Validate ticket structure | [x] | Sections verified: Spec, Plan, AC, DoD, Workflow, Log, Evidence |
 | 1. Mark all items | [x] | AC: 12/12, DoD: 7/7, Workflow: 0-5/6 |
 
+**Canonical form for the AC count claim:** write `AC: <marked>/<total>` — `marked` is the count of `[x]` Acceptance Criteria, `total` is the count of all AC items including any intentionally deferred `[ ]`. When all are checked use the matching form `AC: N/N` (or the shorthand `all N marked`). The `/audit-merge` P6 drift check parses both forms.
+
 ## Action 9: Run compliance audit
 
 Run `/audit-merge` to verify all compliance checks pass automatically. If any check fails, fix it and re-run until all pass.