gm-cc 2.0.569 → 2.0.570

package/.claude-plugin/marketplace.json

@@ -4,7 +4,7 @@
     "name": "AnEntrypoint"
   },
   "description": "State machine agent with hooks, skills, and automated git enforcement",
-  "version": "2.0.569",
+  "version": "2.0.570",
   "metadata": {
     "description": "State machine agent with hooks, skills, and automated git enforcement"
   },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gm-cc",
-  "version": "2.0.569",
+  "version": "2.0.570",
   "description": "State machine agent with hooks, skills, and automated git enforcement",
   "author": "AnEntrypoint",
   "license": "MIT",

package/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "gm",
-  "version": "2.0.569",
+  "version": "2.0.570",
   "description": "State machine agent with hooks, skills, and automated git enforcement",
   "author": {
     "name": "AnEntrypoint",

package/skills/gm/SKILL.md

@@ -17,7 +17,7 @@ Transitions = state changes, not reminders. Phase exit condition met → next Sk
 
 `gm-execute` = execution contract. Defines "running code" across every phase: `exec:<lang>` = only runner; `exec:codesearch` = only exploration; witnessed output = only ground truth; import real modules over reimplementation. Execution happens in every phase, not only EXECUTE. About to run anything, `gm-execute` protocols not fresh in context → operating outside contract → reload `gm-execute` first.
 
-`twin-atlas` = governance reference. Forward Atlas (route discovery, 7 route families, 16 failure taxonomy) feeds `planning`. Bridge (weak-prior transfer — plausibility never equals authorization) constrains `gm-execute`. Inverse Atlas (earned specificity, lawful downgrade, five refused collapses) gates `gm-emit` and `gm-complete`. Load once at session start.
+`governance` = governance reference. Route discovery (7 route families, 16 failure taxonomy) feeds `planning`. Weak-prior bridge (plausibility never equals authorization) constrains `gm-execute`. Legitimacy gate (earned specificity, lawful downgrade, five refused collapses) gates `gm-emit` and `gm-complete`. Load once at session start.
 
 ## FRAGILE LEARNINGS — HARD RULE
 

package/skills/gm-complete/SKILL.md

@@ -56,7 +56,7 @@ One call per fact. **End-of-turn self-check** mandatory: any resolved unknown un
 - `git_pushed=UNKNOWN` until `git log origin/main..HEAD --oneline` returns empty
 - `ci_passed=UNKNOWN` until all GitHub Actions runs triggered by the push reach `conclusion: success`
 - `prd_empty=UNKNOWN` until `.gm/prd.yml` is deleted (not just empty — file must not exist)
-- `stress_suite_clear=UNKNOWN` until the change has been mentally walked through every applicable case in the `twin-atlas` governance stress suite (M1, F1, C1, H1, S1, B1, A1, D1) and none flunks. Flunk = regress to the phase that owns the gap.
+- `stress_suite_clear=UNKNOWN` until the change has been mentally walked through every applicable case in the `governance` stress suite (M1, F1, C1, H1, S1, B1, A1, D1) and none flunks. Flunk = regress to the phase that owns the gap.
 - `hidden_decision_posture=open` until CI green. Posture advances `open → down_weighted` only when some evidence is in, `down_weighted → closed` only when CI green + stress suite clear. Closing early = collapse #3 (hidden orchestration into public law).
 
 All must resolve to KNOWN (or `closed` for posture) before COMPLETE. Any UNKNOWN = absolute barrier.
@@ -184,7 +184,7 @@ Before declaring complete, sweep the entire codebase for violations:
 12. **memorize** → every fact surfaced during verification that would have saved this session's time if it had been in memory at the start (CI timing, flaky-test patterns, environment quirks, runtime behaviors, user preferences stated this session) is handed off via a background memorize call at the moment of resolution. One call per fact, non-blocking. `Agent(subagent_type='memorize', model='haiku', run_in_background=true, prompt='## CONTEXT TO MEMORIZE\n<fact>')`
 13. **Deploy/publish** → if deployable, deploy. If npm package, publish.
 14. **GitHub Pages** → check if repo has a GH Pages site. If `.github/workflows/pages.yml` is absent OR `docs/index.html` is absent: invoke the `pages` skill to scaffold the site before advancing.
-15. **Governance stress-suite sweep** (`twin-atlas`) — walk the finished change against every applicable case: M1 missing-evidence-forced-decision, F1 unsourced-number, C1 ambiguous-clause, H1 contradictory-witnesses, S1 attribution-under-pressure, B1 RCA-live-alternatives, A1 authenticity-partial-signals, D1 deploy-gate-under-flake. Ask per case: did the change over-commit, hide contradiction, or treat surface appearance as evidence? Any flunk = regress to the owning phase. The 8 legal outcomes must hold: illegal commitments=0, evidence-boundary violations=0, lawful downgrades available=8, outlier visibility preserved.
+15. **Governance stress-suite sweep** (`governance`) — walk the finished change against every applicable case: M1 missing-evidence-forced-decision, F1 unsourced-number, C1 ambiguous-clause, H1 contradictory-witnesses, S1 attribution-under-pressure, B1 RCA-live-alternatives, A1 authenticity-partial-signals, D1 deploy-gate-under-flake. Ask per case: did the change over-commit, hide contradiction, or treat surface appearance as evidence? Any flunk = regress to the owning phase. The 8 legal outcomes must hold: illegal commitments=0, evidence-boundary violations=0, lawful downgrades available=8, outlier visibility preserved.
 
 Any violation found = fix immediately before advancing.
 

package/skills/gm-emit/SKILL.md

@@ -67,9 +67,9 @@ Only git in bash directly. `Bash(node/npm/npx/bun)` = violations. File writes vi
 - Target under 12s per exec call; split work across multiple calls only when dependencies require it
 - Prefer a single well-structured exec that does 5 things over 5 sequential execs
 
-## INVERSE ATLAS LEGITIMACY GATE — EARNED SPECIFICITY
+## LEGITIMACY GATE — EARNED SPECIFICITY
 
-Before the pre-emit run, apply the Inverse Atlas check from `twin-atlas`. For every claim, assertion, or specific value about to land in a file, answer:
+Before the pre-emit run, apply the legitimacy check from `governance`. For every claim, assertion, or specific value about to land in a file, answer:
 
 1. **Earned specificity** — does the claim trace to a witnessed mutable (`authorization=witnessed`), or is it inflated from a weak prior?
 2. **Repair legality** — is this a local candidate repair being dressed up as a structural repair? If yes, either downgrade the scope or snake back to PLAN for structural work.
@@ -113,8 +113,8 @@ The post-emit verification is a differential diagnosis against the pre-emit base
 
 ## GATE CONDITIONS (all true simultaneously before advancing)
 
-- Inverse Atlas legitimacy gate passed: every claim traces to `authorization=witnessed`, no weak-prior inflation, no local-candidate-dressed-as-structural, lawful downgrade considered and either taken or explicitly justified, live competing routes preserved
-- None of the five refused collapses (`twin-atlas`): route→authorization | candidate→structural | hidden→public-law | cleanliness→legitimacy | one-route→universal-closure
+- Legitimacy gate passed: every claim traces to `authorization=witnessed`, no weak-prior inflation, no local-candidate-dressed-as-structural, lawful downgrade considered and either taken or explicitly justified, live competing routes preserved
+- None of the five refused collapses (`governance`): route→authorization | candidate→structural | hidden→public-law | cleanliness→legitimacy | one-route→universal-closure
 
 - Pre-emit debug passed with real inputs and error inputs
 - Post-emit verification matches pre-emit exactly

package/skills/gm-execute/SKILL.md

@@ -30,19 +30,19 @@ New unknown surfaced by a run → stop, state-regress to `planning`, restart cha
 
 Each mutable: name | expected | current | resolution method. Execute → witness → assign → compare. Zero variance = resolved. Unresolved after 2 passes = new unknown = snake to `planning`. Never narrate past an unresolved mutable.
 
-## BRIDGE DISCIPLINE — WEAK PRIORS DO NOT AUTHORIZE
+## WEAK-PRIOR BRIDGE — PRIORS DO NOT AUTHORIZE
 
-EXECUTE receives route candidates from PLAN. Per `twin-atlas` Bridge: **those candidates arrive as weak priors only — structural value preserved, authorization NOT transferred**. Route plausibility ≠ authorization. A plausible route earns the right to be TESTED, not the right to be BELIEVED.
+EXECUTE receives route candidates from PLAN. Per the weak-prior rule in `governance`: **those candidates arrive as weak priors only — structural value preserved, authorization NOT transferred**. Route plausibility ≠ authorization. A plausible route earns the right to be TESTED, not the right to be BELIEVED.
 
 - Prior from PLAN: `authorization=weak_prior`. Permitted use: pick the next witnessed probe.
 - After witnessed probe succeeds: `authorization=witnessed`. Permitted use: feed into EMIT.
-- Collapsing `weak_prior` to `witnessed` without a witnessed probe = route-into-authorization leak (collapse #1 in `twin-atlas`). Snake to PLAN.
+- Collapsing `weak_prior` to `witnessed` without a witnessed probe = route-into-authorization leak (collapse #1 in `governance`). Snake to PLAN.
 
 Rhetorical inflation also strips here: "the plan says" / "we agreed that" / "obviously X" are prior-statements, not witnessed-facts. Restate as weak prior, run the probe, witness, only then authorize.
 
 ## QUALITY METRICS — APPLY BEFORE MARKING KNOWN
 
-Every mutable passes all four before status flips UNKNOWN → KNOWN (see `twin-atlas` for full definitions):
+Every mutable passes all four before status flips UNKNOWN → KNOWN (see `governance` for full definitions):
 
 - **ΔS = 0** — witnessed output equals expected
 - **λ ≥ 2** — two independent paths agree (different search, different caller, different import), not just one confirmation

package/skills/{twin-atlas → governance}/SKILL.md

@@ -1,19 +1,19 @@
 ---
-name: twin-atlas
-description: Governance reference invoked by PLAN/EXECUTE/EMIT/VERIFY. Separates route discovery (Forward Atlas) from weak-prior handoff (Bridge) from earned-emission legitimacy (Inverse Atlas). Encodes 16-failure taxonomy, 4 state planes, ΔS/λ/ε/Coverage metrics, governance stress suite. Adapted from WFGY 4.0 Twin Atlas.
+name: governance
+description: Governance reference invoked by PLAN/EXECUTE/EMIT/VERIFY. Separates route discovery (PLAN) from weak-prior handoff (EXECUTE) from earned-emission legitimacy (EMIT/VERIFY). Encodes 16-failure taxonomy, 4 state planes, ΔS/λ/ε/Coverage metrics, governance stress suite.
 ---
 
-# Twin Atlas — Route, Bridge, Legitimacy
+# Governance — Route, Bridge, Legitimacy
 
-Central governance reference. Three-module architecture separates three failure surfaces every phase must respect simultaneously:
+Central governance reference. Three roles separate three failure surfaces every phase must respect simultaneously:
 
-1. **Forward Atlas** — route-first structural orientation. Where could this fail? What family of fault does it live in? Owned by `planning`.
-2. **Bridge** — advisory-only weak-prior transfer. Route plausibility never converts into authorization. Owned by `gm-execute`.
-3. **Inverse Atlas** — legitimacy-first emission governance. Did this answer earn its requested strength? Owned by `gm-emit` and `gm-complete`.
+1. **Route discovery** — route-first structural orientation. Where could this fail? What family of fault does it live in? Owned by `planning`.
+2. **Weak-prior bridge** — advisory-only transfer. Route plausibility never converts into authorization. Owned by `gm-execute`.
+3. **Legitimacy gate** — earned-emission governance. Did this answer earn its requested strength? Owned by `gm-emit` and `gm-complete`.
 
-Neither route-first nor legitimacy-first alone suffices. Bridge exists precisely to stop route plausibility from masquerading as authorization.
+Neither route-first nor legitimacy-first alone suffices. The weak-prior bridge exists precisely to stop route plausibility from masquerading as authorization.
 
-## The Five Collapses Twin Atlas Refuses
+## The Five Collapses Governance Refuses
 
 A conclusion ships only when none of these has occurred:
 
@@ -25,7 +25,7 @@ A conclusion ships only when none of these has occurred:
 
 When in doubt: preserve ambiguity. Lawful downgrade beats forced closure.
 
-## The 7 Route Families (Forward Atlas)
+## The 7 Route Families
 
 Every planned item belongs to at least one family. Naming the family disciplines the repair move.
 
@@ -41,7 +41,7 @@ Every planned item belongs to at least one family. Naming the family disciplines
 
 Route family gets written into the `.prd` item. Repair attempted in the wrong family = wasted work.
 
-## The 16 Failure Modes (Problem Map)
+## The 16 Failure Modes
 
 Routing taxonomy. Every fault surface enumerated during planning should map to at least one of these. Missing mapping = unexamined surface.
 
@@ -109,11 +109,11 @@ Legal outcomes:
 - Lawful downgrade: 8 of 8 (always available as an option, always taken when warranted)
 - Outlier visibility: preserved (downgrade over hiding)
 
-## How Each Phase Applies Twin Atlas
+## How Each Phase Applies Governance
 
-- **planning** — enumerates route families (Forward Atlas). Tags every `.prd` item with its family and failure-mode IDs. Writes `route_fit` and the expected `authorization` level needed.
-- **gm-execute** — treats every prior decision as a weak prior (Bridge). Only `witnessed` execution raises authorization. ΔS/λ/ε/Coverage checks on every mutable.
-- **gm-emit** — Inverse Atlas gate. Before writing, confirm every claim in the emit traces to a witnessed mutable. Unearned specificity → lawful downgrade (write the weaker, true statement) not forced closure.
+- **planning** — enumerates route families. Tags every `.prd` item with its family and failure-mode IDs. Writes `route_fit` and the expected `authorization` level needed.
+- **gm-execute** — treats every prior decision as a weak prior. Only `witnessed` execution raises authorization. ΔS/λ/ε/Coverage checks on every mutable.
+- **gm-emit** — legitimacy gate. Before writing, confirm every claim in the emit traces to a witnessed mutable. Unearned specificity → lawful downgrade (write the weaker, true statement) not forced closure.
 - **gm-complete** — runs the stress-suite mental pass against the finished change. Closes `hidden_decision_posture` only with CI green.
 
 ## Not Every Answer Has Earned the Right to Exist

package/skills/planning/SKILL.md

@@ -75,11 +75,11 @@ Planning = exhaustive fault-surface enumeration. For every aspect of the task:
 
 **Fault surfaces**: file existence | API shape | data format | dependency versions | runtime behavior | environment differences | error conditions | concurrency hazards | integration seams | backwards compatibility | rollback paths | deployment steps | CI/CD correctness
 
-**Route family (Forward Atlas — `twin-atlas` skill)**: every `.prd` item is tagged with at least one of the 7 route families — `grounding | reasoning | state | execution | observability | boundary | representation`. The family disciplines the repair move. Bug in `grounding` does not get a `reasoning` fix; bug in `boundary` does not get a `state` fix. Mis-routed repair = wasted EXECUTE pass + snake back to PLAN. Add `route_family:` to the item YAML.
+**Route family (`governance` skill)**: every `.prd` item is tagged with at least one of the 7 route families — `grounding | reasoning | state | execution | observability | boundary | representation`. The family disciplines the repair move. Bug in `grounding` does not get a `reasoning` fix; bug in `boundary` does not get a `state` fix. Mis-routed repair = wasted EXECUTE pass + snake back to PLAN. Add `route_family:` to the item YAML.
 
-**Failure-mode mapping**: cross-reference against the 16-failure taxonomy in `twin-atlas`. If the fault you are enumerating does not map to any entry, either you have found a 17th mode (add to twin-atlas) or the fault is not yet named sharply enough — refine until it maps. Items with no failure-mode mapping SHIP silent bugs.
+**Failure-mode mapping**: cross-reference against the 16-failure taxonomy in `governance`. If the fault you are enumerating does not map to any entry, either you have found a 17th mode (add to the governance skill) or the fault is not yet named sharply enough — refine until it maps. Items with no failure-mode mapping SHIP silent bugs.
 
-**Competing routes stay live**: if two route families plausibly explain the same symptom, keep both alive in the PRD until witnessed execution makes one dominant. Collapsing to one route pre-witness = route-into-authorization leak (see `twin-atlas` — the first of five refused collapses).
+**Competing routes stay live**: if two route families plausibly explain the same symptom, keep both alive in the PRD until witnessed execution makes one dominant. Collapsing to one route pre-witness = route-into-authorization leak (see `governance` — the first of five refused collapses).
 
 **MANDATORY CODEBASE SCAN**: For every planned item, add `existingImpl=UNKNOWN`. Resolve via exec:codesearch. Existing code serving same concern → consolidation task, not addition. `exec:codesearch` indexes PDFs page-by-page alongside source — spec PDFs, papers, vendor manuals, and RFCs are searchable as code. When planning against a protocol, hardware, or compliance requirement, search the PDF corpus the same way you search source: two words, iterate. A constraint the PRD is missing because it only lives in a PDF is a fault surface — enumerate doc PDFs as scan targets during mutable discovery.
 
@@ -135,7 +135,7 @@ Path: `./.gm/prd.yml`. YAML via `exec:nodejs` (use `fs.writeFileSync`). Ensure `
     - failure mode
 ```
 
-`route_family`, `failure_modes`, `route_fit`, `authorization` come from `twin-atlas`. Required for items with emission impact (architecture, public API, contract change). Small surgical edits may omit. `authorization` starts `none`; gm-execute raises it to `weak_prior` on hypothesis, `witnessed` only when execution has proven it.
+`route_family`, `failure_modes`, `route_fit`, `authorization` are defined in the `governance` skill. Required for items with emission impact (architecture, public API, contract change). Small surgical edits may omit. `authorization` starts `none`; gm-execute raises it to `weak_prior` on hypothesis, `witnessed` only when execution has proven it.
 
 Status: `pending` → `in_progress` → `completed` (remove completed items). Effort: small <15min | medium <45min | large >1h.
 
@@ -175,9 +175,9 @@ Invoke `browser` skill. Escalation: (1) `exec:browser <js>` → (2) browser skil
 
 ## SKILL REGISTRY
 
-`gm-execute` → `gm-emit` → `gm-complete` → `update-docs` | `browser` | `twin-atlas` (governance reference, read once per session) | `memorize` (sub-agent, background only)
+`gm-execute` → `gm-emit` → `gm-complete` → `update-docs` | `browser` | `governance` (read once per session) | `memorize` (sub-agent, background only)
 
-`twin-atlas` carries the Forward/Bridge/Inverse governance model, 7 route families, 16 failure taxonomy, 4 state planes, ΔS/λ/ε/Coverage metrics, and the 8-case governance stress suite. Load once per session at the top of `planning` so protocols stay fresh across phases.
+`governance` carries the route-discovery / weak-prior-bridge / legitimacy-gate model, 7 route families, 16 failure taxonomy, 4 state planes, ΔS/λ/ε/Coverage metrics, and the 8-case governance stress suite. Load once per session at the top of `planning` so protocols stay fresh across phases.
 
 `memorize`: `Agent(subagent_type='memorize', model='haiku', run_in_background=true, prompt='## CONTEXT TO MEMORIZE\n<what>')`