godpowers 1.6.3 → 1.6.4

package/CHANGELOG.md

@@ -5,6 +5,35 @@ All notable changes to Godpowers will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.6.4] - 2026-05-16
+
+Release gate propagation patch. Keeps the 1.6 command surface stable while
+making the safe sync and Critical harden gates apply to direct commands,
+`/god-mode`, and `/god-mode --yolo`.
+
+### Added
+- Added executable router support for `no-critical-findings`.
+- Added safe-sync prerequisites to `/god-observe`, `/god-harden`,
+  `/god-launch`, and `/god-mode`.
+- Added regression tests proving safe sync blocks direct Tier 3 commands and
+  `/god-mode`.
+- Added regression tests proving `/god-launch` blocks unresolved Critical
+  harden findings and allows passed harden gates.
+
+### Changed
+- `god-orchestrator` now explicitly evaluates router prerequisites before
+  command dispatch instead of relying only on structural tier order.
+- `/god-mode --yolo` now documents safe sync and unresolved Critical harden
+  findings as release-truth gates that cannot be bypassed.
+- Generated routing metadata now preserves per-prerequisite auto-complete
+  commands so future generated Tier 3 routes keep the safe sync gate.
+
+### Guardrails
+- This patch does not add slash commands, agents, workflows, recipes, schemas,
+  or public artifact formats.
+- `--yolo` can still auto-pick defaults, but it cannot auto-accept unresolved
+  release truth blockers.
+
 ## [1.6.3] - 2026-05-16
 
 Safe sync routing patch. Keeps the 1.6 command surface stable while making

package/README.md

@@ -2,7 +2,7 @@
 
 [![CI](https://github.com/aihxp/godpowers/actions/workflows/ci.yml/badge.svg)](https://github.com/aihxp/godpowers/actions/workflows/ci.yml)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)
-[![Version](https://img.shields.io/badge/version-1.6.3-blue)](CHANGELOG.md)
+[![Version](https://img.shields.io/badge/version-1.6.4-blue)](CHANGELOG.md)
 [![npm](https://img.shields.io/npm/v/godpowers.svg)](https://www.npmjs.com/package/godpowers)
 
 **Ship fast. Ship right. Ship everything. Ship accountably.**
@@ -12,10 +12,10 @@ idea to hardened production. It runs as **slash commands inside your AI coding
 tool** (Claude Code, Codex, Cursor, etc.) that orchestrate **specialist agents**
 in fresh contexts to do the work.
 
-Version 1.6.3 hardens Godpowers routing around release truth and safe sync:
-`/god-next` now routes unresolved safe-sync blockers to
-`/god-reconcile Release Truth And Safe Sync` before deploy-era work, while
-Codex installs keep per-agent TOML metadata for all 39 specialist agents.
+Version 1.6.4 hardens Godpowers routing around release truth: safe-sync
+blockers and unresolved Critical harden findings now gate direct Tier 3
+commands, `/god-mode`, and `/god-mode --yolo`, while Codex installs keep
+per-agent TOML metadata for all 39 specialist agents.
 
 It fuses four disciplines into one unified workflow:
 

package/RELEASE.md

@@ -1,10 +1,11 @@
-# Godpowers 1.6.3 Release
+# Godpowers 1.6.4 Release
 
 Date: 2026-05-16
 
-Godpowers 1.6.3 hardens release-truth routing around the stable 1.6 surface.
-The goal of this patch is to make `/god-next` and `/god-deploy` honor safe
-sync blockers before Tier 3 work, without changing the public command surface.
+Godpowers 1.6.4 hardens release-truth routing around the stable 1.6 surface.
+The goal of this patch is to make safe sync and unresolved Critical harden
+findings block direct Tier 3 commands, `/god-mode`, and `/god-mode --yolo`,
+without changing the public command surface.
 
 ## What is stable
 
@@ -14,7 +15,8 @@ sync blockers before Tier 3 work, without changing the public command surface.
 - 36 intent recipes
 - 15-runtime installer
 - Codex installs with 39 generated `god-*.toml` agent metadata files
-- Safe-sync routing before deploy, observe, harden, or launch work
+- Safe-sync routing before deploy, observe, harden, launch, or god-mode work
+- Critical harden finding gate before launch
 - Native Pillars project context through `AGENTS.md` and `agents/*.md`
 - `.godpowers/` workflow state and artifact layout
 - Core schemas: intent, state, events, workflow, routing, recipes, extension
@@ -27,18 +29,20 @@ sync blockers before Tier 3 work, without changing the public command surface.
 
 - `/god-next` detects `.godpowers/sync/SAFE-SYNC-PLAN.md` and routes to
   `/god-reconcile Release Truth And Safe Sync` before `/god-deploy`.
-- `/god-next` also detects checkpoint text that marks safe sync as a blocking
-  red gate before deploy.
-- `/god-deploy` has a `safe-sync-clear` prerequisite with the same reconcile
-  route as its auto-complete command.
-- Router tests now cover unresolved safe sync plans, checkpoint blockers,
-  deploy prerequisite failure, and resolved safe sync plans.
+- Direct `/god-observe`, `/god-harden`, `/god-launch`, and `/god-mode`
+  invocations also require `safe-sync-clear`.
+- `/god-launch` now executes the `no-critical-findings` prerequisite instead
+  of treating it as an unknown pass-through check.
+- `god-orchestrator` now checks router prerequisites before command dispatch,
+  including under `--yolo`.
+- Router tests cover unresolved safe sync plans, checkpoint blockers, direct
+  Tier 3 gates, `/god-mode`, unresolved Critical findings, and resolved gates.
 
-## What 1.6.3 means
+## What 1.6.4 means
 
-Godpowers 1.6.3 does not expand the public command surface. It tightens the
-runtime decision path so project truth can override the structural tier order
-when a safe-sync gate is still red.
+Godpowers 1.6.4 does not expand the public command surface. It tightens the
+runtime decision path so project truth can override structural tier order for
+safe sync and harden Critical gates.
 
 The domain glossary remains preparation context. PRD, ARCH, ROADMAP, STACK,
 docs, and Pillars files still carry durable decisions for their own domains.
@@ -48,8 +52,8 @@ docs, and Pillars files still carry durable decisions for their own domains.
 During the 1.x stability window, do not add broad new command families, change
 schema formats, or rename public artifacts without evidence from real use.
 
-The `v1.6.3` git tag points to the release commit that matches the npm
-`godpowers@1.6.3` package. Public publishes should prefer the tag-triggered
+The `v1.6.4` git tag points to the release commit that matches the npm
+`godpowers@1.6.4` package. Public publishes should prefer the tag-triggered
 GitHub workflow so npm provenance, git history, and release notes stay aligned.
 
 Allowed changes:

package/agents/god-orchestrator.md

@@ -223,6 +223,14 @@ When deciding what to spawn next, query the routing definition:
 - `standards.have-nots` -> which have-nots to verify
 - `success-path.next-recommended` -> what to suggest next
 
+Before spawning a command, evaluate `lib/router.js checkPrerequisites(command,
+projectRoot)`. Missing prerequisites are authoritative even when the tier
+order suggests the command is structurally next. If `safe-sync-clear` fails,
+route to `/god-reconcile Release Truth And Safe Sync` before deploy, observe,
+harden, launch, broad migration, or resume work. If `no-critical-findings`
+fails, launch remains blocked until harden is fixed and re-verified or risk is
+explicitly accepted in writing.
+
 Between every tier, run god-standards-check on the produced artifact (if
 the routing config has a `standards` section). Standards check uses fresh
 context, independent of the producing agent, so it catches drift the
@@ -646,11 +654,14 @@ Auto-resolve all pause categories EXCEPT:
 
 **Impossible preflight routing contradictions pause, even with --yolo.**
 
+**Unresolved safe sync blockers pause or route to reconcile, even with --yolo.**
+
 Rationale: shipping with a known Critical vulnerability is a category of risk
 that should never be auto-accepted. A preflight contradiction means the repo
 evidence does not support any safe next route. If god-harden-auditor returns
-Critical findings, or preflight cannot choose between mutually exclusive
-routes from evidence, --yolo does NOT skip. Pause for human resolution.
+Critical findings, unresolved safe sync blockers, or preflight cannot choose
+between mutually exclusive routes from evidence, --yolo does NOT skip. Pause
+for human resolution when no safe automatic reconcile route exists.
 
 These are the only --yolo carve-outs. All other pauses are auto-resolved with
 the agent's documented default, and all repairable mechanical failures are

package/lib/router.js

@@ -19,6 +19,7 @@ const SAFE_SYNC_DONE_FILES = [
   '.godpowers/sync/SAFE-SYNC-DONE.md',
   '.godpowers/sync/SAFE-SYNC-RESOLVED.md'
 ];
+const HARDEN_FINDINGS = '.godpowers/harden/FINDINGS.md';
 
 let _cache = null;
 
@@ -116,6 +117,10 @@ function evaluateCheck(check, projectRoot) {
     return detectSafeSyncBlocker(projectRoot) === null;
   }
 
+  if (check === 'no-critical-findings') {
+    return hasNoCriticalFindings(projectRoot);
+  }
+
   // mode-A-greenfield: pass-through hint, treat as satisfiable
   if (check.includes('greenfield') || check.includes('mode-A')) {
     return !fs.existsSync(path.join(projectRoot, '.godpowers'));
@@ -303,6 +308,32 @@ function safeSyncSuggestion(reason, evidence) {
   };
 }
 
+function hasNoCriticalFindings(projectRoot) {
+  const findingsPath = path.join(projectRoot, HARDEN_FINDINGS);
+  if (!fs.existsSync(findingsPath)) return false;
+
+  const findings = fs.readFileSync(findingsPath, 'utf8');
+  if (/\*\*Launch gate\*\*:\s*PASSED/i.test(findings) || /Launch gate:\s*PASSED/i.test(findings)) {
+    return true;
+  }
+  if (/\*\*Launch gate\*\*:\s*BLOCKED/i.test(findings) || /Launch gate:\s*BLOCKED/i.test(findings)) {
+    return false;
+  }
+
+  const criticalCount = findings.match(/\|\s*Critical\s*\|\s*(\d+)\s*\|/i);
+  if (criticalCount) {
+    return Number(criticalCount[1]) === 0;
+  }
+
+  const criticalSections = findings.match(/^###\s+\[CRITICAL-[^\n]+(?:\n(?!###\s+\[).*)*/gim) || [];
+  if (criticalSections.length === 0) return true;
+
+  return criticalSections.every(section => (
+    /\*\*Status\*\*:\s*(Fixed|Accepted-Risk)/i.test(section)
+    || /Status:\s*(Fixed|Accepted-Risk)/i.test(section)
+  ));
+}
+
 /**
  * Clear cached routing (for tests).
  */
@@ -321,5 +352,6 @@ module.exports = {
   suggestNext,
   evaluateCheck,
   detectSafeSyncBlocker,
+  hasNoCriticalFindings,
   clearCache
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "godpowers",
-  "version": "1.6.3",
+  "version": "1.6.4",
   "description": "AI-powered development system: 106 slash commands and 39 specialist agents that take a project from raw idea to hardened production. Runs inside Claude Code, Codex, Cursor, Windsurf, Gemini, and 10+ other AI coding tools.",
   "bin": {
     "godpowers": "./bin/install.js"

package/routing/god-harden.yaml

@@ -10,6 +10,9 @@ prerequisites:
     - check: state:tier-2.build.status == done
       auto-complete: /god-build
       human-required: true
+    - check: safe-sync-clear
+      auto-complete: /god-reconcile Release Truth And Safe Sync
+      human-required: true
 
 execution:
   spawns: [god-harden-auditor]

package/routing/god-launch.yaml

@@ -10,6 +10,9 @@ prerequisites:
     - check: state:tier-3.harden.status == done
       auto-complete: /god-harden
       human-required: true
+    - check: safe-sync-clear
+      auto-complete: /god-reconcile Release Truth And Safe Sync
+      human-required: true
     - check: no-critical-findings
       auto-complete: /god-harden
       human-required: true

package/routing/god-mode.yaml

@@ -10,6 +10,9 @@ prerequisites:
     - check: file:.godpowers/PROGRESS.md OR mode-A-greenfield
       auto-complete: /god-init
       human-required: true
+    - check: safe-sync-clear
+      auto-complete: /god-reconcile Release Truth And Safe Sync
+      human-required: true
 
 execution:
   spawns: [god-orchestrator]

package/routing/god-observe.yaml

@@ -10,6 +10,9 @@ prerequisites:
     - check: state:tier-3.deploy.status == done
       auto-complete: /god-deploy
       human-required: true
+    - check: safe-sync-clear
+      auto-complete: /god-reconcile Release Truth And Safe Sync
+      human-required: true
 
 execution:
   spawns: [god-observability-engineer]

package/skills/god-doctor.md

@@ -48,7 +48,7 @@ GODPOWERS DOCTOR
 Install: claude (~/.claude/)
   [OK] 106 skills installed
   [OK] 39 agents installed
-  [OK] VERSION matches (1.6.3)
+  [OK] VERSION matches (1.6.4)
   [WARN] routing/god-doctor.yaml exists but skill file did not until now
 
 Project: /Users/.../my-project/.godpowers/

package/skills/god-mode.md

@@ -109,6 +109,14 @@ You are receiving a /god-mode invocation. Your job is to spawn the
    - Instruction that brownfield and bluefield arcs run `/god-preflight`
      automatically when `.godpowers/preflight/PREFLIGHT.md` is absent.
      Greenfield arcs skip preflight unless the user explicitly requests it.
+   - Instruction to run routing prerequisites through `lib/router.js`
+     `checkPrerequisites` before every direct command dispatch. If
+     `safe-sync-clear` fails, run
+     `/god-reconcile Release Truth And Safe Sync` before deploy, observe,
+     harden, launch, broad migration, or resume work.
+   - Instruction that `--yolo` cannot bypass safe sync blockers or unresolved
+     Critical harden findings. These are release-truth gates, not preference
+     pauses.
 
 6. Keep the spawn payload private. Do not echo or summarize raw Task input,
    "Hard instructions", hidden orchestration rules, agent prompts, file
@@ -177,6 +185,10 @@ and logs decisions to `.godpowers/YOLO-DECISIONS.md`. Pillar sync proposals
 generated from durable Godpowers artifact changes are auto-applied in this
 mode and logged as YOLO decisions.
 
+`--yolo` does not skip release-truth gates. If safe sync is unresolved, route
+to `/god-reconcile Release Truth And Safe Sync`. If harden has unresolved
+Critical findings, pause even under `--yolo`.
+
 For brownfield and bluefield, `--yolo` still runs `/god-preflight` first when
 `.godpowers/preflight/PREFLIGHT.md` is absent. The orchestrator then follows
 the preflight report's safest recommended route automatically, logging that

package/skills/god-next.md

@@ -242,6 +242,11 @@ states that safe sync is a blocking red gate, suggest
 The blocker is cleared when `.godpowers/sync/SAFE-SYNC-DONE.md` or
 `.godpowers/sync/SAFE-SYNC-RESOLVED.md` exists.
 
+### Critical harden findings block launch
+If `.godpowers/harden/FINDINGS.md` says the launch gate is blocked, or lists
+unresolved Critical findings, `/god-launch` prerequisites fail through
+`no-critical-findings`. This applies in default mode and `--yolo`.
+
 ### Steady state with multiple workflow options
 If lifecycle-phase = steady-state-active, route by user intent if provided
 (use the User Intent Map below).

package/skills/god-version.md

@@ -14,7 +14,7 @@ Print version and a short capability summary.
 ## Output
 
 ```
-Godpowers v1.6.3
+Godpowers v1.6.4
 Install: /Users/.../.claude/  (matches package.json)
 Surface: 106 skills, 39 agents, 13 workflows, 36 recipes
 Schema: intent.v1, state.v1, events.v1, workflow.v1, routing.v1, recipe.v1