gsdd-cli 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (65) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +528 -0
  3. package/agents/DISTILLATION.md +306 -0
  4. package/agents/README.md +53 -0
  5. package/agents/debugger.md +82 -0
  6. package/agents/executor.md +394 -0
  7. package/agents/integration-checker.md +318 -0
  8. package/agents/mapper.md +103 -0
  9. package/agents/planner.md +296 -0
  10. package/agents/researcher.md +84 -0
  11. package/agents/roadmapper.md +296 -0
  12. package/agents/synthesizer.md +236 -0
  13. package/agents/verifier.md +337 -0
  14. package/bin/adapters/agents.mjs +33 -0
  15. package/bin/adapters/claude.mjs +145 -0
  16. package/bin/adapters/codex.mjs +58 -0
  17. package/bin/adapters/index.mjs +20 -0
  18. package/bin/adapters/opencode.mjs +237 -0
  19. package/bin/gsdd.mjs +102 -0
  20. package/bin/lib/cli-utils.mjs +28 -0
  21. package/bin/lib/health.mjs +248 -0
  22. package/bin/lib/init.mjs +379 -0
  23. package/bin/lib/manifest.mjs +134 -0
  24. package/bin/lib/models.mjs +379 -0
  25. package/bin/lib/phase.mjs +237 -0
  26. package/bin/lib/rendering.mjs +95 -0
  27. package/bin/lib/templates.mjs +207 -0
  28. package/distilled/DESIGN.md +1286 -0
  29. package/distilled/README.md +169 -0
  30. package/distilled/SKILL.md +85 -0
  31. package/distilled/templates/agents.block.md +90 -0
  32. package/distilled/templates/agents.md +13 -0
  33. package/distilled/templates/auth-matrix.md +78 -0
  34. package/distilled/templates/codebase/architecture.md +110 -0
  35. package/distilled/templates/codebase/concerns.md +95 -0
  36. package/distilled/templates/codebase/conventions.md +193 -0
  37. package/distilled/templates/codebase/stack.md +96 -0
  38. package/distilled/templates/delegates/mapper-arch.md +26 -0
  39. package/distilled/templates/delegates/mapper-concerns.md +27 -0
  40. package/distilled/templates/delegates/mapper-quality.md +28 -0
  41. package/distilled/templates/delegates/mapper-tech.md +25 -0
  42. package/distilled/templates/delegates/plan-checker.md +55 -0
  43. package/distilled/templates/delegates/researcher-architecture.md +30 -0
  44. package/distilled/templates/delegates/researcher-features.md +30 -0
  45. package/distilled/templates/delegates/researcher-pitfalls.md +30 -0
  46. package/distilled/templates/delegates/researcher-stack.md +30 -0
  47. package/distilled/templates/delegates/researcher-synthesizer.md +31 -0
  48. package/distilled/templates/research/architecture.md +57 -0
  49. package/distilled/templates/research/features.md +23 -0
  50. package/distilled/templates/research/pitfalls.md +46 -0
  51. package/distilled/templates/research/stack.md +45 -0
  52. package/distilled/templates/research/summary.md +67 -0
  53. package/distilled/templates/roadmap.md +62 -0
  54. package/distilled/templates/spec.md +110 -0
  55. package/distilled/workflows/audit-milestone.md +220 -0
  56. package/distilled/workflows/execute.md +270 -0
  57. package/distilled/workflows/map-codebase.md +246 -0
  58. package/distilled/workflows/new-project.md +418 -0
  59. package/distilled/workflows/pause.md +121 -0
  60. package/distilled/workflows/plan.md +383 -0
  61. package/distilled/workflows/progress.md +199 -0
  62. package/distilled/workflows/quick.md +187 -0
  63. package/distilled/workflows/resume.md +152 -0
  64. package/distilled/workflows/verify.md +307 -0
  65. package/package.json +45 -0
@@ -0,0 +1,23 @@
1
+ # FEATURES.md — Feature Landscape
2
+
3
+ ## Table Stakes
4
+ Features users expect. Without them, your product feels broken.
5
+
6
+ - [ ] [feature] — [why it's expected]
7
+ - [ ] [feature] — [why it's expected]
8
+
9
+ ## Differentiators
10
+ Features that set you apart from competitors.
11
+
12
+ - [ ] [feature] — [what makes this unique]
13
+ - [ ] [feature] — [competitive advantage]
14
+
15
+ ## Anti-Features
16
+ Things to deliberately NOT build. Complexity traps.
17
+
18
+ - [ ] [feature to avoid] — [why: complexity trap / scope creep / premature optimization]
19
+ - [ ] [feature to avoid] — [why]
20
+
21
+ ## Sources
22
+ - [Competitor 1] — [what they do well / poorly]
23
+ - [Competitor 2] — [what they do well / poorly]
@@ -0,0 +1,46 @@
1
+ # Pitfalls Research Template
2
+
3
+ Use when researching common mistakes and gotchas for a domain or technology.
4
+
5
+ Write to: `.planning/research/PITFALLS.md`
6
+
7
+ ---
8
+
9
+ ```markdown
10
+ # Pitfalls
11
+
12
+ **Domain**: [what we're building]
13
+ **Researched**: [date]
14
+
15
+ ## Pitfall 1: [Name]
16
+
17
+ **What goes wrong**: [description]
18
+ **Why it happens**: [root cause]
19
+ **How to avoid**: [prevention strategy]
20
+ **Warning signs**: [how to detect early]
21
+
22
+ ## Pitfall 2: [Name]
23
+
24
+ **What goes wrong**: [description]
25
+ **Why it happens**: [root cause]
26
+ **How to avoid**: [prevention strategy]
27
+ **Warning signs**: [how to detect early]
28
+
29
+ ## Pitfall 3: [Name]
30
+
31
+ **What goes wrong**: [description]
32
+ **Why it happens**: [root cause]
33
+ **How to avoid**: [prevention strategy]
34
+ **Warning signs**: [how to detect early]
35
+
36
+ ---
37
+ *These pitfalls should inform verification criteria in the roadmap.*
38
+ ```
39
+
40
+ ## Guidelines
41
+
42
+ - **Be specific to the domain** — not generic advice like "write tests"
43
+ - **Warning signs** are crucial — they let you catch problems early
44
+ - **Prevention strategies** should be actionable, not vague
45
+ - 3-5 pitfalls is the sweet spot — more than 5 and none get remembered
46
+ - **Link to phases**: note which roadmap phase should address each pitfall
@@ -0,0 +1,45 @@
1
+ # Stack Research Template
2
+
3
+ Use when researching the technology stack for a project or phase.
4
+
5
+ Write to: `.planning/research/STACK.md`
6
+
7
+ ---
8
+
9
+ ```markdown
10
+ # Stack Research
11
+
12
+ **Domain**: [what we're building]
13
+ **Researched**: [date]
14
+
15
+ ## Recommended Stack
16
+
17
+ | Library/Tool | Version | Purpose | Why This One |
18
+ |-------------|---------|---------|--------------|
19
+ | [name] | [ver] | [what it does] | [why it's the right choice] |
20
+ | [name] | [ver] | [what it does] | [why it's the right choice] |
21
+
22
+ ## Alternatives Considered
23
+
24
+ | Recommended | Alternative | Why Not |
25
+ |-------------|------------|---------|
26
+ | [choice] | [option] | [tradeoff] |
27
+
28
+ ## Don't Hand-Roll
29
+
30
+ Problems that look simple but have battle-tested solutions:
31
+
32
+ | Problem | Don't Build | Use Instead | Why |
33
+ |---------|------------|-------------|-----|
34
+ | [problem] | [custom solution] | [library] | [edge cases you'd miss] |
35
+
36
+ ---
37
+ *Confidence: [HIGH/MEDIUM/LOW]*
38
+ ```
39
+
40
+ ## Guidelines
41
+
42
+ - **Specific versions** — not "latest", give actual numbers
43
+ - **"Why This One"** matters more than "What It Does"
44
+ - **Don't Hand-Roll** is the highest-value section — prevents wasted effort on solved problems
45
+ - Keep to ~30-40 lines when filled out
@@ -0,0 +1,67 @@
1
+ # Research Summary
2
+
3
+ **Date:** [YYYY-MM-DD]
4
+ **Topic:** [Domain/feature area]
5
+ **Milestone context:** [greenfield | subsequent]
6
+
7
+ ## Executive Summary (5-10 bullets)
8
+ - [What we learned, in actionable terms — one concrete insight per bullet]
9
+
10
+ ## Confidence Assessment
11
+
12
+ | Area | Confidence | Rationale |
13
+ |------|-----------|-----------|
14
+ | Stack choices | ✅ verified / ⚠️ likely / ❓ uncertain | [why] |
15
+ | Feature set | ✅ verified / ⚠️ likely / ❓ uncertain | [why] |
16
+ | Architecture pattern | ✅ verified / ⚠️ likely / ❓ uncertain | [why] |
17
+ | Key pitfalls | ✅ verified / ⚠️ likely / ❓ uncertain | [why] |
18
+
19
+ ## Recommendations (Prescriptive)
20
+
21
+ For each recommendation, include confidence and the evidence.
22
+
23
+ 1. Recommendation: [Use X / Avoid Y]
24
+ - Confidence: [verified | likely | uncertain]
25
+ - Why: [short rationale]
26
+ - Evidence: [URL(s)]
27
+ - Counterpoints / tradeoffs: [what would change the decision]
28
+
29
+ ## Non-Goals / Anti-Features
30
+ - [What we explicitly will not do in v1, and why — grounded in research findings]
31
+
32
+ ## Pitfalls To Avoid
33
+ - [Concrete mistakes teams make in this domain — phase-mapped where possible]
34
+
35
+ ## Open Questions (Blockers)
36
+ - [What must be decided before planning can proceed]
37
+
38
+ ## Implications for Roadmap
39
+
40
+ This section is the critical handoff from research to ROADMAP.md. The roadmapper reads this.
41
+
42
+ ### Suggested Phase Structure
43
+ Derived from architecture build order + pitfall avoidance priorities:
44
+
45
+ | Phase | Focus | Rationale |
46
+ |-------|-------|-----------|
47
+ | Phase 1 | [Foundation: e.g., data model + auth] | [why this must come first — dependency or risk] |
48
+ | Phase 2 | [Core: e.g., primary user workflow] | [what unblocks after Phase 1] |
49
+ | Phase 3 | [Integration: e.g., external services] | [why deferred — complexity or dependency] |
50
+ | Phase N | [Polish / edge cases] | [why last] |
51
+
52
+ ### Research Flags (Phase-Level)
53
+ These are signals for the planner — which phases need deeper domain research vs standard patterns:
54
+
55
+ | Phase | Flag | Reason |
56
+ |-------|------|--------|
57
+ | Phase 1 | ⚠️ Needs deeper research | [e.g., "auth pattern depends on regulatory context"] |
58
+ | Phase 2 | ✅ Standard pattern | [e.g., "CRUD with established library — no surprises"] |
59
+ | Phase N | ❓ Uncertain | [e.g., "real-time sync has multiple viable approaches"] |
60
+
61
+ ## Sources
62
+
63
+ | Claim | URL | Accessed |
64
+ |-------|-----|---------|
65
+ | [Stack recommendation] | [URL] | [YYYY-MM-DD] |
66
+ | [Architecture pattern] | [URL] | [YYYY-MM-DD] |
67
+ | [Pitfall] | [URL] | [YYYY-MM-DD] |
@@ -0,0 +1,62 @@
1
+ # ROADMAP.md Template
2
+
3
+ Use this template when creating `.planning/ROADMAP.md` (phase breakdown + progress tracker).
4
+
5
+ ```markdown
6
+ # Roadmap: [Project Name]
7
+
8
+ ## Overview
9
+
10
+ [One paragraph: what v1 delivers and why.]
11
+
12
+ ## Phases (Status Legend: [ ] not started, [-] in progress, [x] complete)
13
+
14
+ - [ ] **Phase 1: [Name]** - [One-line goal]
15
+ - [ ] **Phase 2: [Name]** - [One-line goal]
16
+ - [ ] **Phase 3: [Name]** - [One-line goal]
17
+
18
+ ## Phase Details
19
+
20
+ ### Phase 1: [Name]
21
+
22
+ **Goal**: [What this phase delivers]
23
+ **Status**: [ ] / [-] / [x]
24
+ **Requirements**: [REQ-IDs from `.planning/SPEC.md`]
25
+ **Success Criteria** (must be TRUE when done):
26
+ 1. [Observable behavior]
27
+ 2. [Observable behavior]
28
+
29
+ ### Phase 2: [Name]
30
+
31
+ **Goal**: [What this phase delivers]
32
+ **Status**: [ ] / [-] / [x]
33
+ **Depends on**: Phase 1
34
+ **Requirements**: [REQ-IDs]
35
+ **Success Criteria**:
36
+ 1. [Observable behavior]
37
+ 2. [Observable behavior]
38
+
39
+ ---
40
+ *Created: [YYYY-MM-DD]*
41
+ ```
42
+
43
+ ## Guidelines
44
+
45
+ - Prefer 3-8 phases for most projects.
46
+ - Every v1 requirement in `.planning/SPEC.md` must map to exactly one phase (no orphans).
47
+ - Success criteria are 2-5 observable behaviors per phase.
48
+ - No time estimates: focus on verifiable outcomes.
49
+ - These status markers are the portable source of truth. Workflow files and summaries should use `[ ]`, `[-]`, and `[x]` consistently.
50
+
51
+ ## Coverage Verification
52
+
53
+ After creating the roadmap, verify:
54
+ ```
55
+ For each v1 requirement in .planning/SPEC.md:
56
+ [ ] Requirement appears in exactly one phase's "Requirements" list
57
+ [ ] The phase's success criteria would prove the requirement is met
58
+ ```
59
+
60
+ If a requirement doesn't map to any phase: add a phase or expand an existing one.
61
+ If a requirement maps to multiple phases: clarify which phase owns it.
62
+
@@ -0,0 +1,110 @@
1
+ # SPEC.md Template
2
+
3
+ Use this template when creating `.planning/SPEC.md` - the project's single source of truth.
4
+
5
+ > **Agentic PRD Constraint:** Do not write narrative prose or fluff. Use strict checklists, dense tables, and typed schemas. There is no artificial line limit, but every single line must be highly deterministic and actionable for a downstream Subagent.
6
+
7
+ ---
8
+
9
+ ```markdown
10
+ # [Project Name]
11
+
12
+ ## What We're Building
13
+
14
+ [2-3 sentences. What does this product/feature do and who is it for? Use the developer's own language.]
15
+
16
+ ## Core Value
17
+
18
+ [The ONE thing that matters most. If everything else fails, this must work.]
19
+
20
+ ## Core Principles
21
+
22
+ [SOTA: 3-5 governing rules for the project (e.g., Code Quality, UI Consistency, Testing)]
23
+
24
+ ## Typed Data Schemas
25
+
26
+ ```typescript
27
+ // SOTA: Define the core shared data models here early to prevent agent hallucination during handoffs
28
+ // type User = { id: string; role: 'admin' | 'user' };
29
+ ```
30
+
31
+ ## Capability & Security Gates
32
+
33
+ // SOTA [OpenFang]: Define what autonomous agents are explicitly NOT allowed to do without human `/approve`.
34
+ - **Destructive DB actions:** Require human review
35
+ - **External Purchases:** Mandatory approval gate
36
+
37
+ ## Requirements
38
+
39
+ ### Must Have (v1)
40
+
41
+ - [ ] **[CAT-01]**: [User-centric, testable requirement] [Done-When: observable verification criteria]
42
+ - [ ] **[CAT-02]**: [User-centric, testable requirement] [Done-When: observable verification criteria]
43
+ - [ ] **[CAT-03]**: [User-centric, testable requirement] [Done-When: observable verification criteria]
44
+
45
+ ### Nice to Have (v2)
46
+
47
+ - **[CAT-04]**: [Deferred requirement]
48
+ - **[CAT-05]**: [Deferred requirement]
49
+
50
+ ### Out of Scope
51
+
52
+ - [Feature] - [why excluded]
53
+ - [Feature] - [why excluded]
54
+
55
+ ## Constraints
56
+
57
+ - **[Type]**: [What] - [Why]
58
+ - **[Type]**: [What] - [Why]
59
+
60
+ ## Key Decisions
61
+
62
+ | Decision | Rationale | Date |
63
+ |----------|-----------|------|
64
+ | [Choice] | [Why] | [When] |
65
+
66
+ ## Current State
67
+
68
+ - **Active Phase:** Phase [X] - [Name] ([ ]/[-]/[x])
69
+ - **Last Completed:** [What was last done]
70
+ - **In Progress:** [What is currently being worked on]
71
+ - **Decisions:** [Any recent decisions]
72
+ - **Blockers:** [None / description]
73
+
74
+ ---
75
+ *Last updated: [date] after [trigger]*
76
+ ```
77
+
78
+ ---
79
+
80
+ ## Guidelines
81
+
82
+ - **Requirements** must be specific, testable, and user-centric ("User can X", not "System does Y")
83
+ - **Requirement IDs** use `[CATEGORY]-[NUMBER]` format (AUTH-01, DATA-02, UI-03)
84
+ - **v1 requirements** have checkboxes - check them off when verified as complete
85
+ - **Every v1 requirement** must include a `[Done-When: ...]` clause with observable verification criteria
86
+ - **Out of Scope** always includes reasoning (prevents scope creep discussions later)
87
+ - **Key Decisions** are appended throughout the project as they're made
88
+ - **Current State** is updated after each significant milestone - this is how agents resume work across sessions
89
+ - **No Narrative Fluff** - this is an executable Agentic PRD, not a novel. Details live in plans, but core Typed Schemas MUST reside here.
90
+
91
+ ## When Codebase Already Exists (Brownfield)
92
+
93
+ If auditing an existing codebase during `init`:
94
+ - Add a **Validated** section under Requirements:
95
+ ```markdown
96
+ ### Validated (existing capabilities)
97
+ - [x] **[CAT-01]**: User can log in - existing auth system
98
+ - [x] **[CAT-02]**: Data persists across sessions - PostgreSQL database
99
+ ```
100
+ - New requirements go under "Must Have (v1)"
101
+ - Document existing tech stack and patterns in Constraints
102
+ - Document any tech debt discovered in a separate concern note (not in SPEC.md)
103
+
104
+ ## Archive Guidance
105
+
106
+ When a major milestone completes:
107
+ 1. The SPEC.md "Current State" section reflects the new state
108
+ 2. Completed phases have summaries in `.planning/phases/{N}-SUMMARY.md`
109
+ 3. SPEC.md itself stays lean - don't accumulate history here
110
+
@@ -0,0 +1,220 @@
1
+ <role>
2
+ You are the MILESTONE AUDITOR. Your job is to verify that a completed milestone achieved its definition of done by aggregating phase verifications, checking cross-phase integration, and assessing requirements coverage.
3
+
4
+ Core mindset: individual phases can pass while the milestone fails. Integration and requirements coverage are what matter at this level.
5
+ </role>
6
+
7
+ <load_context>
8
+ Before starting, read these files:
9
+ 1. `.planning/ROADMAP.md` - milestone phases, definitions of done, requirement assignments
10
+ 2. `.planning/SPEC.md` - requirement IDs, descriptions, and checkbox status
11
+ 3. All phase VERIFICATION.md files (from `.planning/phases/`)
12
+ 4. All phase SUMMARY.md files (from `.planning/phases/`)
13
+ 5. `.planning/AUTH_MATRIX.md` (if it exists) — authorization matrix for matrix-driven auth verification
14
+ </load_context>
15
+
16
+ <process>
17
+
18
+ ## 1. Determine Milestone Scope
19
+
20
+ Parse `.planning/ROADMAP.md` for:
21
+ - All phases in the current milestone (sorted numerically)
22
+ - Milestone definition of done
23
+ - Phase-to-requirement mappings (the Requirements field in each phase detail)
24
+
25
+ Parse `.planning/SPEC.md` for:
26
+ - All requirement IDs with descriptions
27
+ - Current checkbox status (`[x]` vs `[ ]`)
28
+
29
+ ## 2. Read All Phase Verifications
30
+
31
+ For each phase directory in `.planning/phases/`, read the VERIFICATION.md.
32
+
33
+ From each VERIFICATION.md, extract:
34
+ - **Status:** passed | gaps_found | human_needed
35
+ - **Critical gaps:** (if any - these are blockers)
36
+ - **Non-critical gaps:** tech debt, deferred items, warnings
37
+ - **Anti-patterns found:** TODOs, stubs, placeholders
38
+ - **Requirements coverage:** which requirements satisfied/blocked
39
+
40
+ If a phase has no VERIFICATION.md, flag it as an unverified phase - this is a blocker.
41
+
42
+ ## 3. Spawn Integration Checker
43
+
44
+ With phase context collected, delegate cross-phase integration checking:
45
+
46
+ <delegate>
47
+ **Identity:** Integration Checker
48
+ **Instruction:** Read `.planning/templates/roles/integration-checker.md`, then check cross-phase integration.
49
+
50
+ **Context to provide:**
51
+ - Phase directories in milestone scope
52
+ - Key exports from each phase (extracted from SUMMARYs)
53
+ - API routes and endpoints created
54
+ - Milestone requirement IDs with descriptions and assigned phases
55
+ - `.planning/AUTH_MATRIX.md` path (if it exists)
56
+
57
+ **Task:** Verify cross-phase wiring, API coverage, auth protection, and E2E user flows. Return structured integration report with wiring summary, API coverage, auth protection, E2E flow status, and Requirements Integration Map.
58
+
59
+ **Return:** Structured integration report (wiring, APIs, auth protection, flows, requirements map).
60
+ </delegate>
61
+
62
+ If the runtime supports spawning a subagent: spawn the integration checker as a separate read-only context for independent verification.
63
+
64
+ If the runtime does not support subagent spawn: run the integration check inline within this workflow. Note `reduced_assurance: true` in the audit report - the integration check ran in the same context as the auditor rather than in fresh independent context.
65
+
66
+ Either way, the integration check happens. The quality level is documented.
67
+
68
+ ## 4. Collect Results
69
+
70
+ Combine:
71
+ - Phase-level gaps and tech debt (from step 2)
72
+ - Integration checker's report (wiring gaps, auth gaps, broken flows, requirements integration map)
73
+
74
+ ## 5. 3-Source Cross-Reference
75
+
76
+ Cross-reference three independent sources for each requirement to determine satisfaction status.
77
+
78
+ ### 5a. Parse SPEC.md Requirements
79
+
80
+ Extract all requirement IDs from `.planning/SPEC.md`:
81
+ - Requirement ID, description, checkbox status (`[x]` vs `[ ]`)
82
+
83
+ ### 5b. Parse ROADMAP.md Phase-to-Requirement Mapping
84
+
85
+ For each phase in `.planning/ROADMAP.md`, extract the Requirements field:
86
+ - Which requirements are assigned to which phase
87
+
88
+ ### 5c. Parse Phase VERIFICATION.md Requirements Tables
89
+
90
+ For each phase's VERIFICATION.md, extract the requirements coverage section:
91
+ - Which requirements were verified, with what status and evidence
92
+
93
+ ### 5d. Extract SUMMARY.md Frontmatter
94
+
95
+ For each phase's SUMMARY.md, extract `requirements-completed` from frontmatter when present:
96
+ - Which requirements the executor claims were completed
97
+ - Treat this as corroborating evidence, not as a hard prerequisite for a satisfied requirement
98
+
99
+ ### 5e. Status Determination Matrix
100
+
101
+ For each requirement, determine status using all available sources:
102
+
103
+ | VERIFICATION Status | SUMMARY Frontmatter | SPEC.md Checkbox | Final Status |
104
+ |---------------------|---------------------|------------------|--------------|
105
+ | passed | listed | `[x]` | **satisfied** |
106
+ | passed | listed | `[ ]` | **satisfied** (update spec) |
107
+ | passed | missing | any | **satisfied** (lower confidence; note missing SUMMARY corroboration) |
108
+ | gaps_found | any | any | **unsatisfied** |
109
+ | missing | listed | any | **partial** (verification gap) |
110
+ | missing | missing | any | **unsatisfied** |
111
+
112
+ ### 5f. FAIL Gate and Orphan Detection
113
+
114
+ **FAIL gate:** Any `unsatisfied` requirement forces `gaps_found` status on the milestone audit. No exceptions.
115
+
116
+ **Orphan detection:** Requirements in `.planning/SPEC.md` that are mapped to phases in `.planning/ROADMAP.md` but absent from ALL phase VERIFICATION.md files are orphaned. Orphaned requirements are treated as `unsatisfied` - they were assigned but never verified by any phase.
117
+
118
+ ## 6. Write Milestone Audit Report
119
+
120
+ Create `.planning/v{version}-MILESTONE-AUDIT.md` with structured frontmatter:
121
+
122
+ ```yaml
123
+ ---
124
+ milestone: v{version}
125
+ audited: {ISO-8601 timestamp}
126
+ status: passed | gaps_found | tech_debt
127
+ reduced_assurance: false
128
+ scores:
129
+ requirements: N/M
130
+ phases: N/M
131
+ integration: N/M
132
+ auth: N/M
133
+ flows: N/M
134
+ gaps:
135
+ requirements:
136
+ - id: "REQ-ID"
137
+ status: "unsatisfied | partial | orphaned"
138
+ phase: "assigned phase"
139
+ claimed_by_plans: ["plan files that reference this requirement"]
140
+ completed_by_plans: ["plan files whose SUMMARY marks it complete"]
141
+ verification_status: "passed | gaps_found | missing | orphaned"
142
+ evidence: "specific evidence or lack thereof"
143
+ integration: [...]
144
+ auth:
145
+ - surface: "admin metrics page"
146
+ status: "unprotected"
147
+ evidence: "Sensitive data renders without auth or role gate"
148
+ flows: [...]
149
+ tech_debt:
150
+ - phase: 01-auth
151
+ items:
152
+ - "TODO: add rate limiting"
153
+ ---
154
+ ```
155
+
156
+ Plus full markdown report body with tables for requirements, phases, integration findings, auth findings, and tech debt.
157
+
158
+ **Status values:**
159
+ - `passed` - all requirements met, no critical gaps, integration and auth protection verified
160
+ - `gaps_found` - critical blockers exist (unsatisfied requirements, unprotected sensitive flows, broken flows, or missing verifications)
161
+ - `tech_debt` - no blockers but accumulated deferred items need review
162
+
163
+ ## 7. Present Results
164
+
165
+ Route by audit status:
166
+
167
+ ### If passed:
168
+ - Report: all requirements covered, cross-phase integration verified, auth protection verified, E2E flows complete
169
+ - Next step: complete the milestone (archive and tag)
170
+
171
+ ### If gaps_found:
172
+ - Report: list unsatisfied requirements, auth or cross-phase issues, broken flows
173
+ - Next step: plan gap closure phases to complete the milestone
174
+
175
+ ### If tech_debt:
176
+ - Report: all requirements met, list accumulated tech debt by phase
177
+ - Next step: either complete the milestone (accept debt) or plan a cleanup phase
178
+
179
+ </process>
180
+
181
+ <success_criteria>
182
+ Audit is complete when all of these are true:
183
+
184
+ - [ ] Milestone scope identified from ROADMAP.md
185
+ - [ ] All phase VERIFICATION.md files read (missing ones flagged as blockers)
186
+ - [ ] SUMMARY.md `requirements-completed` frontmatter extracted when present
187
+ - [ ] SPEC.md requirement checkboxes parsed
188
+ - [ ] ROADMAP.md phase-to-requirement mappings extracted
189
+ - [ ] Integration checker ran (subagent or inline with reduced_assurance noted)
190
+ - [ ] 3-source cross-reference completed (VERIFICATION + SUMMARY + SPEC.md)
191
+ - [ ] Orphaned requirements detected (mapped in ROADMAP but absent from all VERIFICATIONs)
192
+ - [ ] Auth-protection findings aggregated for sensitive milestone surfaces
193
+ - [ ] FAIL gate enforced - any unsatisfied requirement forces gaps_found status
194
+ - [ ] Tech debt and deferred gaps aggregated by phase
195
+ - [ ] MILESTONE-AUDIT.md created with structured requirement gap objects
196
+ - [ ] Results presented with actionable next steps based on status
197
+ </success_criteria>
198
+
199
+ <completion>
200
+ Report the audit result to the user, then present the next step:
201
+
202
+ ---
203
+ **Completed:** Milestone audit — created `.planning/v{version}-MILESTONE-AUDIT.md`.
204
+
205
+ If status is `passed`:
206
+ **Next step:** `/gsdd:complete-milestone` — archive the milestone and prepare for the next
207
+
208
+ If status is `gaps_found`:
209
+ **Next step:** `/gsdd:plan` — plan gap-closure phases for the unsatisfied requirements
210
+
211
+ If status is `tech_debt`:
212
+ **Next step:** Either `/gsdd:complete-milestone` (accept debt) or `/gsdd:plan` (cleanup phase)
213
+
214
+ Also available:
215
+ - `/gsdd:verify` — re-verify a specific phase before re-auditing
216
+ - `/gsdd:progress` — check overall project status
217
+
218
+ Consider clearing context before starting the next workflow for best results.
219
+ ---
220
+ </completion>