lgtm-specs 0.0.4 → 0.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (81) hide show
  1. package/AGENTS.md +7 -3
  2. package/LICENSE +21 -0
  3. package/README.md +50 -15
  4. package/VERSION +1 -1
  5. package/agents/modes/build.md +113 -24
  6. package/agents/modes/hack.md +59 -14
  7. package/agents/modes/review.md +5 -3
  8. package/agents/roles/builder.md +22 -2
  9. package/agents/roles/lead.md +26 -7
  10. package/agents/roles/reviewer/BASE.md +1 -0
  11. package/agents/roles/reviewer/OUTPUT_FORMAT.md +6 -3
  12. package/docs/CONTRIBUTING.md +33 -0
  13. package/docs/README.md +2 -0
  14. package/docs/adr/0007-operating-modes-and-gates.md +2 -0
  15. package/docs/agent_architecture.md +6 -3
  16. package/{contribute → docs/contribute}/README.md +1 -0
  17. package/{contribute → docs/contribute}/add-agent.md +7 -5
  18. package/{contribute → docs/contribute}/checklist.md +8 -4
  19. package/docs/contribute/update-models.md +79 -0
  20. package/docs/contribute/verification.md +122 -0
  21. package/docs/local_policies.md +1 -1
  22. package/docs/meta/industry_best_practices.md +28 -10
  23. package/integrate/README.md +56 -449
  24. package/integrate/agent_builder.md +138 -0
  25. package/integrate/artifacts.md +265 -0
  26. package/integrate/context_injection.md +23 -0
  27. package/integrate/context_limits.md +173 -0
  28. package/integrate/counsel_contract.md +65 -0
  29. package/integrate/example_flow.md +149 -0
  30. package/integrate/model_resolver.md +85 -0
  31. package/integrate/versioning.md +22 -6
  32. package/models/README.md +23 -8
  33. package/models/registry.yaml +45 -40
  34. package/package.json +31 -3
  35. package/rules/RULE-00000-EXAMPLE.md +1 -1
  36. package/rules/constitution/CONS-00008-composition.md +1 -1
  37. package/rules/constitution/CONS-00030-rework-cycle.md +4 -2
  38. package/rules/constitution/CONS-00031-checklist.md +10 -2
  39. package/rules/laws/bitcoin/BTC-00007-dust-policy.md +1 -1
  40. package/rules/laws/bitcoin/BTC-00008-min-relay-fee.md +1 -1
  41. package/rules/laws/bitcoin/BTC-00009-feefilter.md +1 -1
  42. package/rules/laws/git/GIT-00001-atomic-commit.md +13 -3
  43. package/rules/laws/git/GIT-00021-partial-staging.md +1 -1
  44. package/rules/laws/git/GIT-00024-dependency-management.md +15 -11
  45. package/rules/laws/git/GIT-00025-large-repository-optimization.md +1 -1
  46. package/rules/laws/go/GO-00001-actor-model.md +1 -1
  47. package/rules/laws/go/GO-00002-api-design.md +4 -2
  48. package/rules/laws/go/GO-00004-context.md +1 -1
  49. package/rules/laws/go/GO-00007-circuit-breakers.md +1 -1
  50. package/rules/laws/go/GO-00008-safety.md +2 -1
  51. package/rules/laws/go/GO-00009-table-driven-test.md +7 -4
  52. package/rules/laws/go/GO-00015-aaa-pattern.md +1 -1
  53. package/rules/laws/go/GO-00016-test-libraries.md +1 -1
  54. package/rules/laws/go/GO-00017-comments.md +1 -1
  55. package/rules/laws/go/GO-00018-test-isolation.md +3 -2
  56. package/rules/laws/go/GO-00020-mocking.md +1 -1
  57. package/rules/laws/go/GO-00021-configuration.md +1 -1
  58. package/rules/laws/go/GO-00023-dependency-management.md +1 -1
  59. package/rules/laws/go/GO-00024-project-layout.md +1 -1
  60. package/rules/laws/go/GO-00025-concurrency-patterns.md +1 -1
  61. package/rules/laws/typescript/TS-00006-interface.md +1 -1
  62. package/rules/laws/typescript/TS-00008-modules.md +1 -1
  63. package/scripts/README.md +8 -1
  64. package/scripts/generate_release_notes.py +4 -1
  65. package/scripts/test_validate_specs.py +127 -0
  66. package/scripts/validate_specs.py +159 -13
  67. package/.claude/settings.local.json +0 -14
  68. package/.gemini/README.md +0 -8
  69. package/.gemini/config.yaml +0 -20
  70. package/.gemini/styleguide.md +0 -35
  71. package/.github/workflows/README.md +0 -5
  72. package/.github/workflows/release.yml +0 -52
  73. package/.github/workflows/validate.yml +0 -27
  74. package/.prettierignore +0 -4
  75. package/.prettierrc +0 -1
  76. package/contribute/update-models.md +0 -47
  77. /package/{contribute → docs/contribute}/add-ci.md +0 -0
  78. /package/{contribute → docs/contribute}/add-constitution.md +0 -0
  79. /package/{contribute → docs/contribute}/add-law.md +0 -0
  80. /package/{contribute → docs/contribute}/add-policy.md +0 -0
  81. /package/{contribute → docs/contribute}/maintenance.md +0 -0
package/AGENTS.md CHANGED
@@ -1,7 +1,7 @@
1
1
  # Agent Instructions (lgtm-specs)
2
2
 
3
- This repository (`lgtm-specs`) is a versioned **Knowledge Graph** of specs (rules + agent prompts). Treat changes as spec
4
- edits, not application code.
3
+ This repository (`lgtm-specs`) is a versioned **Knowledge Graph** of specs (rules + agent prompts).
4
+ Treat changes as spec edits, not application code.
5
5
 
6
6
  Repo-local assistant instructions:
7
7
 
@@ -25,6 +25,9 @@ bun run validate
25
25
  # or:
26
26
  python3 scripts/validate_specs.py
27
27
 
28
+ # Unit tests (validator self-tests)
29
+ bun run test
30
+
28
31
  # Formatting (Prettier)
29
32
  bun run format
30
33
  bun run format:check
@@ -97,7 +100,8 @@ Atomic rule requirements (see `rules/RULE-00000-EXAMPLE.md`):
97
100
  Citations and links:
98
101
 
99
102
  - Source-of-truth material lives in `docs/meta/**`; do not invent citations.
100
- - Use repo-root-relative links (`/rules/...`, `/docs/...`) and ensure targets exist.
103
+ - Links: prefer repo-root-relative links (`/rules/...`, `/docs/...`) for stability.
104
+ Relative links are acceptable; follow the local directory convention.
101
105
  - `**Source**` links into `docs/meta/**` should include an anchor (`#...`).
102
106
 
103
107
  Tags and writing:
package/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2026 yyforyongyu
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
package/README.md CHANGED
@@ -1,8 +1,19 @@
1
1
  # LGTM Specifications
2
2
 
3
- [![Validate Specs](https://github.com/yyforyongyu/lgtm-specs/actions/workflows/validate.yml/badge.svg?branch=main)](https://github.com/yyforyongyu/lgtm-specs/actions/workflows/validate.yml?query=branch%3Amain) [![Version](https://img.shields.io/github/v/tag/yyforyongyu/lgtm-specs?sort=semver)](https://github.com/yyforyongyu/lgtm-specs/releases)
3
+ [![CI](https://github.com/yyforyongyu/lgtm-specs/actions/workflows/validate.yml/badge.svg?branch=main)](https://github.com/yyforyongyu/lgtm-specs/actions/workflows/validate.yml?query=branch%3Amain)
4
+ [![version](https://img.shields.io/npm/v/lgtm-specs?label=version)](https://www.npmjs.com/package/lgtm-specs)
5
+ [![downloads](https://img.shields.io/npm/dm/lgtm-specs?label=downloads)](https://www.npmjs.com/package/lgtm-specs)
4
6
 
5
- LGTM Specifications is a versioned knowledge graph of engineering standards (Rules) and an autonomous workforce (Agents) used by tools to plan, build, and audit changes with high assurance.
7
+ LGTM Specifications is a versioned knowledge graph of engineering standards (Rules) and an agent workforce (Modes/Roles)
8
+ that tools can run to plan, build, and audit changes with high assurance.
9
+
10
+ ## Quick Links
11
+
12
+ - Rules: `rules/README.md`
13
+ - Agents: `agents/README.md`
14
+ - Integration protocol: `integrate/README.md`
15
+ - Docs: `docs/README.md`
16
+ - Contributing: `docs/CONTRIBUTING.md`
6
17
 
7
18
  ## Knowledge
8
19
 
@@ -19,7 +30,7 @@ Start here:
19
30
 
20
31
  ## Workflows
21
32
 
22
- LGTM runs as a set of operating modes that orchestrate a specialist team (Lead, Explorer, Counsel, Planner, Builder, Reviewer panel).
33
+ LGTM runs as operating modes that orchestrate a specialist team (Lead, Explorer, Counsel, Planner, Builder, Reviewers).
23
34
 
24
35
  Modes:
25
36
 
@@ -29,27 +40,46 @@ Modes:
29
40
 
30
41
  Core roles:
31
42
 
32
- - Lead orchestrates and arbitrates.
33
- - Explorer maps the target repo.
34
- - Counsel selects minimal relevant rule paths.
35
- - Planner produces an execution/audit plan.
36
- - Builder implements and produces proof.
37
- - Reviewers audit from specialized perspectives.
43
+ - 🧠 [Lead](agents/roles/lead.md): orchestrates and arbitrates.
44
+ - 🗺️ [Explorer](agents/roles/explorer.md): maps the target repo.
45
+ - ⚖️ [Counsel](agents/roles/counsel.md): selects minimal relevant rule paths.
46
+ - 📐 [Planner](agents/roles/planner.md): produces an execution/audit plan.
47
+ - 🏗️ [Builder](agents/roles/builder.md): implements and produces proof.
48
+ - 🔬 [Reviewers](agents/roles/reviewer/README.md): audit from specialized perspectives.
38
49
 
39
50
  Start here:
40
51
 
41
52
  - [Agent Architecture](docs/agent_architecture.md)
42
53
  - [Agents Index](agents/README.md)
43
54
 
44
- ## Integrating
55
+ ## Consume
45
56
 
46
57
  Tools consume this repo as a read-only spec database.
47
58
 
59
+ Install via npm (recommended):
60
+
61
+ ```bash
62
+ npm install --save-dev lgtm-specs
63
+
64
+ # or:
65
+ bun add -d lgtm-specs
66
+ ```
67
+
68
+ The specs live at `node_modules/lgtm-specs/`.
69
+
70
+ Versioning:
71
+
72
+ - `VERSION` matches `integrate/README.md` `**Spec Version**:`
73
+ - See `integrate/versioning.md` for consumption options (tags, submodules, npm)
74
+
75
+ ## Integrating
76
+
48
77
  Start here:
49
78
 
50
79
  - [Integration Protocol](integrate/README.md)
51
80
 
52
- Copy/paste prompt for a tool/LLM implementing the integration:
81
+ <details>
82
+ <summary>Prompt starter (tools/LLMs implementing the integration)</summary>
53
83
 
54
84
  ```text
55
85
  You are implementing integration for the LGTM specs repo (yyforyongyu/lgtm-specs).
@@ -68,22 +98,25 @@ Output:
68
98
  3) pseudocode for: index loading -> counsel -> rule hydration -> per-agent injection -> execution.
69
99
  ```
70
100
 
101
+ </details>
102
+
71
103
  ## Contributing
72
104
 
73
105
  Contributions should preserve atomicity, indexing, and link integrity.
74
106
 
75
107
  Start here:
76
108
 
77
- - [Contribution Guide](contribute/README.md)
78
- - [Definition of Done Checklist](contribute/checklist.md)
109
+ - [Contribution SOPs](docs/contribute/README.md)
110
+ - [Definition of Done Checklist](docs/contribute/checklist.md)
79
111
  - Local checks: `bun run check` (runs spec validation + `prettier --check`).
80
112
 
81
- Copy/paste prompt for an LLM starting a contribution:
113
+ <details>
114
+ <summary>Prompt starter (LLMs starting a contribution)</summary>
82
115
 
83
116
  ```text
84
117
  You are contributing to the LGTM specs repo (yyforyongyu/lgtm-specs).
85
118
 
86
- Read `contribute/README.md` and `contribute/checklist.md` and follow them strictly.
119
+ Read `docs/contribute/README.md` and `docs/contribute/checklist.md` and follow them strictly.
87
120
  Run `bun run check` before finalizing your changes.
88
121
 
89
122
  Constraints:
@@ -96,3 +129,5 @@ Task:
96
129
  2) propose exact file edits,
97
130
  3) run `python3 scripts/validate_specs.py` and report any failures.
98
131
  ```
132
+
133
+ </details>
package/VERSION CHANGED
@@ -1 +1 @@
1
- 0.0.4
1
+ 0.0.6
@@ -11,6 +11,12 @@ Trigger:
11
11
  - Public API changes.
12
12
  - Database Schema migrations.
13
13
  - "Production Ready" work.
14
+ - (For rapid prototypes, use **[@Hack](hack.md)** instead).
15
+
16
+ SafetyProfile:
17
+
18
+ - Strict gates (plan sign-off, verification, and panel review).
19
+ - Overrides allowed only with explicit risk rationale.
14
20
 
15
21
  Team:
16
22
 
@@ -29,18 +35,32 @@ Team:
29
35
  **Goal**: Ship Features, Refactors, and Production Code.
30
36
  </Role>
31
37
 
38
+ <OutputFormat>
39
+ **Result**: Markdown with:
40
+
41
+ - **PR/Commit**: PR URL or commit hash.
42
+ - **Verification**: Commands run and outcomes.
43
+ - **Notes**: Overrides/arbitrations (if any) and residual risk.
44
+
45
+ </OutputFormat>
46
+
32
47
  <Workflow>
33
48
  ## Phase 1: Clarify & Design (The Blueprint)
34
49
  1. **Orchestrate**: `@Lead` assesses the request and engages `@Explorer` to map the codebase.
35
50
  2. **Compliance**: `@Lead` consults `@Counsel` for Rules and Policies.
36
- * **Inject**: `@Lead` instructs the Runtime to load/hydrate rule content and inject `{{injected_rules}}` into
37
- `@Planner` and all reviewers used in this mode (`@Plan-Reviewer`, `@Reviewer-Lite`, Panel).
51
+ * **Policy (Always)**: The runtime resolves the active Policy (local policy if present; otherwise default) and
52
+ injects it into downstream agents. Policy rules are always active.
53
+ * **Inject (Dynamic)**: `@Lead` instructs the Runtime to load/hydrate rule content and inject
54
+ `{{injected_rules}}`.
55
+ - `@Planner`: plan-level rules/policies.
56
+ - `@Builder`: step-scoped rules per Task (always include the active Policy rules).
57
+ - Reviewers: review-scope rules/policies for `@Plan-Reviewer`, `@Reviewer-Lite`, and the specialist panel.
38
58
  3. **Draft**: `@Planner` creates the **Execution Plan**.
39
59
  * *Input*: User Request + Map + Rules.
40
60
  4. **Plan Review**: Call **two** independent `@Plan-Reviewer` instances.
41
61
  * *Gate*: Must have unanimous approval to proceed.
42
62
  * *Loop*: Max 3 revision cycles.
43
- * *Timeout*: 5 minutes per reviewer per cycle (default; runtime may override).
63
+ * *Timeout*: 5 minutes per reviewer per attempt (default; runtime may override).
44
64
  * *On Timeout*: Re-assign each timed-out reviewer once. If it still times out, treat as a reject for that cycle.
45
65
  * *On Reject*: `@Lead` digests reviewer feedback, decides legitimacy, and asks `@Planner` to revise the plan.
46
66
  * *After Max*: If still not unanimously approved after 3 cycles, `@Lead` must either abort (recommended) or
@@ -52,37 +72,106 @@ Team:
52
72
 
53
73
  For each Task in the Plan:
54
74
 
55
- 1. **Build**: Call `@Builder` with `(Task, Rules, Verification)`.
75
+ 1. **Build**: Call `@Builder` with `(Task, Files, Requirements, Verification)`.
76
+ - _Constraint_: `Files` MUST come from the Plan step. If missing, `@Lead` routes back to `@Planner` to repair the
77
+ plan.
56
78
  - _Constraint_: Verification is mandatory. The proof level is defined per step (tests and/or other evidence).
79
+ - _Timeout_: 20 minutes per attempt (default; runtime may override).
80
+ - _On Timeout_: Re-assign once; if it times out again, treat as a reject and re-plan or abort.
57
81
  2. **Micro-Audit**: Call `@Reviewer-Lite` on the diff.
58
- - _Scope_: Fast sanity gate (obvious correctness breakage + basic style/tooling + commit message); deep specialist review happens in Phase 3.
59
- - _Input_: Include the PR merge target as `Base Ref` and the atomic `Commit Message` when available.
60
- - _Retry_: Max 3 attempts.
82
+ - _Scope_: Fast sanity gate (obvious correctness breakage + basic style/tooling + commit message). Deep specialist
83
+ review happens in Phase 3.
84
+ - _Input_: Provide `User Request` + (`Diff` or `Diff Command`).
85
+ Include `Base Ref` whenever the runtime has git metadata (e.g., PR merge target).
86
+ Include `Head Ref` when available.
87
+ Include the atomic `Commit Message` when available.
88
+ - _Gate_: One Lite decision per atomic commit (no Lite roundtrip).
61
89
  - _Timeout_: 5 minutes per attempt.
62
- - _On Timeout_: Treat as a reject and retry.
63
- - _On Reject_: `@Lead` digests feedback, decides legitimacy, and asks `@Builder` to address it.
64
- - _Fail_: If 3 retries fail, `@Lead` calls `@Planner` to re-plan or overrides with rationale.
90
+ - _On Timeout_: Re-assign once. If it still times out, `@Lead` must either abort or proceed with an explicit risk
91
+ rationale (record in artifacts).
92
+ - _On Reject_: The runtime records the Lite artifact and the commit SHA. `@Builder` MUST respond with a disposition
93
+ per finding using `finding_id` (`<invocation_id>:<bullet_index>`) and a short rationale for any dispute.
94
+ - `bullet_index` is the 1-based index of the top-level bullet in the stored reviewer artifact.
95
+ - If all findings are `accept`: `@Builder` fixes by amending the same commit (`git commit --amend`) when the commit
96
+ is not pushed/shared. If the commit is already pushed/shared, use fixup commits and squash later.
97
+ - If any finding is `dispute`: `@Lead` arbitrates at that commit (no Lite roundtrip). `@Lead` either upholds the
98
+ finding (Builder must fix using the same commit strategy: amend when not pushed/shared; otherwise fixup + squash)
99
+ or overrides with an explicit risk rationale.
100
+ - After all findings are resolved (fixed or overridden), proceed after required verification passes (no Lite
101
+ re-review).
65
102
 
66
103
  ## Phase 3: Consensus (The Jury)
67
104
 
68
105
  1. **Verify**: Ensure required verification passes (including integration tests when required).
69
- 2. **Audit**: Call the **Full Review Panel**.
70
- - Mandatory: `Logic`, `Quality`, `Test`.
71
- - Conditional: `Security` (if tagged), `Performance` (if tagged).
72
- 3. **Gate**: Unanimous Approval Required.
73
- - _Loop_: Max 10 review->fix cycles.
74
- - _Timeout_: 10 minutes per reviewer per cycle.
75
- - _On Timeout_: Re-assign each timed-out reviewer once. If it still times out, treat as a reject for that cycle.
76
- - _Clarify_: If a finding is contested or unclear, `@Lead` asks the specific reviewer to justify or withdraw it (one round-trip max) before planning fixes.
77
- - _Cycle_: On each rejection, `@Lead` digests the panel feedback and calls `@Planner` to produce a remediation todo list. `@Builder` executes tasks one at a time, then the panel re-reviews.
78
- - _Compress_: After each cycle, keep a compact "Resolved / Remaining" summary; do not carry full prior transcripts into later cycles.
79
- - _Arbitration (Conditional)_: If reviewers deadlock/contradict, runtime injects the minimum Tier 2 contested diff and
80
- full contested rules into `@Lead`; `@Lead` judges citing rule IDs and diff evidence.
106
+ 2. **Audit (Round 1: Full Panel)**: Call the **Full Review Panel** in parallel.
107
+ - Mandatory: [Logic](../roles/reviewer/logic.md), [Quality](../roles/reviewer/quality.md),
108
+ [Test](../roles/reviewer/test.md).
109
+ - Conditional: [Security](../roles/reviewer/security.md) when `@Lead` marks the work security-sensitive (or
110
+ `@Counsel` selected `#security` rules).
111
+ - Conditional: [Performance](../roles/reviewer/performance.md) when `@Lead` marks the work perf-sensitive (or
112
+ `@Counsel` selected `#efficiency` rules).
113
+ - _Input (each)_: Provide `User Request` + (`Diff` or `Diff Command`).
114
+ Include `Base Ref` whenever the runtime has git metadata (e.g., PR merge target).
115
+ Include `Head Ref` when available.
116
+ - _Barrier_: The runtime MUST wait for all invoked reviewers to return (`LGTM` | `reject` | `timeout` | `error`) and
117
+ persist the round artifacts before any remediation begins.
118
+ 3. **Assess (After Barrier)**: After the barrier in Step 2, if any reviewer is not `LGTM`, call `@Builder` to produce a
119
+ per-finding assessment.
120
+ - _Output_: For each finding bullet, mark `accept` or `dispute`, citing `finding_id`
121
+ (`<invocation_id>:<bullet_index>`).
122
+ - `bullet_index` is the 1-based index of the top-level bullet in the stored reviewer artifact.
123
+ - The runtime MUST persist this assessment and use it to route disputes.
124
+ 4. **Dispute Routing (Targeted)**: For each disputed finding, the runtime sends the finding + Builder rationale back to
125
+ the originating reviewer for one-step reassessment (`withdraw` | `maintain` | `revise`) and records the outcome.
126
+ - If the reviewer maintains and Builder still disputes, `@Lead` arbitrates once; the ruling is final and recorded.
127
+ 5. **Remediate**: `@Lead` converts accepted findings (and upheld disputes) into remediation Tasks.
128
+ - _Planner (Conditional)_: If remediation requires multi-step coordination or re-architecture, `@Lead` calls
129
+ `@Planner`; otherwise `@Lead` may dispatch Tasks directly to `@Builder`.
130
+ - Each remediation Task MUST complete Phase 2 (Build + Micro-Audit) before re-entering the panel. Micro-Audit is
131
+ complete only when: the Lite decision is recorded; any reject is resolved (fixed or arbitrated); and required
132
+ verification passes.
133
+ 6. **Re-Audit (Selective Rounds)**: Re-run only reviewers who still have open issues (most recent status != `LGTM`) and
134
+ any newly-required specialists.
135
+ - _Diff Scope_: Prefer incremental diffs since the previous panel round for selective rounds.
136
+ - _prev_head_: Use the `Head Ref` recorded in the previous panel timeline entry.
137
+ 7. **Final Consensus (Full Panel)**: Once all selective reviewers are `LGTM` and disputes are resolved, run a final full
138
+ panel round including every reviewer invoked in any prior Phase 3 round (Round 1 + any newly-added specialists).
139
+ - _Diff Scope_: Use the cumulative diff (`Base Ref...Head Ref`).
140
+ - If any reviewer rejects, repeat steps 3-7.
141
+ - _Invariant_: Phase 3 may only conclude immediately after a successful final full-panel round (do not conclude after
142
+ a selective round).
143
+ 8. **Gate**: Unanimous Approval Required.
144
+ - _Loop_: Max 10 panel rounds (selective + final both count).
145
+ - _Timeout_: 10 minutes per reviewer per attempt.
146
+ - _On Timeout_: Re-assign each timed-out reviewer once. If it still times out, treat as a reject for that round.
147
+ - _Compress_: After each round, keep a compact "Resolved / Remaining" summary; do not carry full prior transcripts.
148
+ - _Deadlock Escape_:
149
+ - If the panel stalls for 2 consecutive rounds, `@Lead` must either trigger arbitration or abort.
150
+ - **Majority Consensus (Non-Critical)**: If the change is clearly non-critical-path (no Auth, Payments,
151
+ Cryptography/Secrets, DB schema, or Public API touch points per `@Explorer`), `@Lead` may accept majority
152
+ approval of the invoked panel, overriding strict unanimity with a risk rationale.
81
153
  - _Override_: If needed, `@Lead` may override with an explicit risk rationale.
82
- - _After Max_: If still not unanimous after 10 cycles, `@Lead` must either abort (recommended) or override with an explicit risk rationale.
154
+ - _Guardrail_: If overriding a security- or test-related rejection, `@Lead` must surface the residual risk and get
155
+ explicit user acknowledgement.
156
+ - _After Max_: If still not unanimous after 10 panel rounds, `@Lead` must either abort (recommended) or override with
157
+ an explicit risk rationale.
83
158
 
84
159
  ## Phase 4: Delivery
85
160
 
86
- - **Finalize**: Produce the Production-Ready PR.
161
+ 1. **Squash (Runtime)**: `@Lead` instructs the runtime to consolidate history.
162
+ - Squash "fixup", "wip", or "address comments" commits into the relevant atomic feature commits.
163
+ - Ensure the final history reflects the _story_ of the change, not the _process_ of the review.
164
+ 2. **Finalize**: Produce the Production-Ready PR.
165
+ - **PR Hygiene**: Title/body explain intent, risks, and verification evidence; mark Draft vs Ready explicitly.
166
+ - **Merge Plan**: State merge strategy expectations (squash vs merge-commit vs rebase) per repo policy.
167
+ - **Last Check**: Re-run required verification before marking ready.
87
168
 
88
169
  </Workflow>
170
+
171
+ <Constraints>
172
+ **Hard Blocks**:
173
+ - [ ] Do not proceed to Phase 2 until the Plan is explicitly approved by the user.
174
+ - [ ] Every `@Builder` task MUST include `Files` and `Verification` from the Plan (repair the plan if missing).
175
+ - [ ] Never skip required verification.
176
+ - [ ] Unanimous approval is required by default; any override MUST include an explicit risk rationale.
177
+ </Constraints>
@@ -29,7 +29,7 @@ Team:
29
29
  - **Cartographer**: **[@Explorer](../roles/explorer.md)**.
30
30
  - **Compliance**: **[@Counsel](../roles/counsel.md)** (Optional).
31
31
  - **Researcher**: **[@Librarian](../roles/librarian.md)** (Optional).
32
- - **Architect**: **[@Planner](../roles/planner.md)** (Sketch/Plan).
32
+ - **Architect**: **[@Planner](../roles/planner.md)** (Optional; Sketch/Plan).
33
33
  - **Maker**: **[@Builder](../roles/builder.md)** (Fast Mode).
34
34
  - **Plan Reviewer**: **[@Plan-Reviewer](../roles/reviewer/plan.md)** (Optional).
35
35
  - **Critic**: **[@Reviewer-Lite](../roles/reviewer/lite.md)**.
@@ -39,38 +39,83 @@ Team:
39
39
  **Goal**: PoCs, Experiments, Non-Critical Fixes.
40
40
  </Role>
41
41
 
42
+ <OutputFormat>
43
+ **Result**: Markdown with:
44
+
45
+ - **PR/Branch**: URL or branch name.
46
+ - **Status**: "Prototype / Not Production Ready".
47
+ - **Notes**: Known issues, skipped verification, or follow-ups.
48
+
49
+ </OutputFormat>
50
+
42
51
  <Workflow>
43
52
  ## Phase 1: Sketch
44
53
  1. **Map**: `@Lead` engages `@Explorer` to identify likely touched files and risks.
45
- 2. **Plan**: `@Planner` creates a short "Sketch Plan" (atomic steps + files).
46
- 3. **Rules (Optional)**: If the user requests stricter compliance, `@Lead` consults `@Counsel` and instructs the Runtime
47
- to hydrate and inject `{{injected_rules}}`.
48
- 4. **Plan Review**: Optional. `@Lead` may call `@Plan-Reviewer` (0-1) based on scope (e.g., multi-step/multi-file) or
49
- if the user requests it.
50
- * *Timeout (Default)*: 5 minutes if called.
54
+ 2. **Risk Gate (Advisory)**: If `@Explorer` indicates critical-path scope (Auth, Payments, Cryptography/Secrets, DB
55
+ schema, Public API), `@Lead` warns the user and recommends switching to `@Build`.
56
+ - _Constraint_: Do not auto-escalate or switch modes; run `@Hack` as selected.
57
+ 3. **Policy (Always)**: `@Lead` instructs the Runtime to resolve the active Policy (local policy if present; otherwise
58
+ default) and inject it into downstream agents.
59
+ 4. **Rules (Optional)**: If the user requests stricter compliance, `@Lead` consults `@Counsel` and instructs the Runtime
60
+ to load/hydrate selected rule content and inject `{{injected_rules}}`.
61
+ - `@Planner`: plan-level rules/policies.
62
+ - `@Plan-Reviewer`: review-scope rules/policies (when invoked).
63
+ - `@Builder`: step-scoped rules per Task (always include the active Policy rules).
64
+ - `@Reviewer-Lite`: review-scope rules/policies.
65
+ 5. **Plan (Optional)**: `@Planner` creates a short "Sketch Plan" (atomic steps).
66
+ - Each step MUST include: Action, Files, Verification, and Requirements as rule IDs (may be empty).
67
+ - For trivial changes (single-file, low-risk), `@Lead` may skip `@Planner` and proceed with a single Builder task.
68
+ - If skipping `@Planner`, `@Lead` MUST still provide `@Builder` with `(Task, Files, Requirements, Verification)`.
69
+ - If `@Counsel` ran, `@Lead` MUST include all Counsel-selected rule IDs in `Requirements` for the single task.
70
+ - If the user requests plan review, do not skip `@Planner`.
71
+ 6. **Plan Review**: Optional (only when a Plan exists). `@Lead` may call `@Plan-Reviewer` (0-1) based on scope
72
+ (e.g., multi-step/multi-file) or if the user requests it.
73
+ * *Timeout (Default)*: 5 minutes per attempt (if called).
51
74
  * *On Timeout*: Proceed without plan review.
75
+ * *On Reject*: `@Lead` digests feedback and asks `@Planner` to revise once. If it still rejects, proceed as a
76
+ prototype or abort.
52
77
 
53
78
  ## Phase 2: Code (The Fast Loop)
54
79
 
55
- 1. **Build**: Call `@Builder`.
80
+ 1. **Build**: Call `@Builder` with `(Task, Files, Requirements, Verification)`.
56
81
  - _Constraint_: No mandatory TDD or Unit Tests in `@Hack`.
57
82
  - _Note_: If the user requests tests, include them in the plan.
58
- 2. **Check**: Call `@Reviewer-Lite` (Format + Basic Logic).
59
- - _Scope_: Sanity checks only (no deep architecture review).
60
- - _Input_: Pass the PR merge target as `Base Ref` and the atomic `Commit Message` when available.
61
- - _If REJECT_: `@Lead` digests feedback and asks `@Builder` to address it.
62
- - _Retry_: Max 3 attempts.
83
+ - _Timeout_: 15 minutes.
84
+ - _On Timeout_: Re-assign once; if it times out again, abort or invoke `@Planner` to split the task and retry.
85
+ 2. **Check**: Call `@Reviewer-Lite`.
86
+ - _Scope_: Release blockers only (obvious correctness breakage, basic style/tooling, commit message, docs/index).
87
+ - _Input_: Provide `User Request` + (`Diff` or `Diff Command`).
88
+ Include `Base Ref` whenever the runtime has git metadata (e.g., PR merge target).
89
+ Include `Head Ref` when available.
90
+ Include the atomic `Commit Message` when available.
91
+ - _Gate_: One Lite decision per atomic commit (no Lite roundtrip).
63
92
  - _Timeout_: 5 minutes per attempt.
64
- - _Fail_: If 3 retries fail, `@Lead` decides to proceed (as a prototype) or abort.
93
+ - _On Timeout_: Re-assign once. If it still times out, proceed as prototype or abort.
94
+ - _On Reject_: The runtime records the Lite artifact and the commit SHA. `@Builder` MUST respond with a disposition
95
+ per finding using `finding_id` (`<invocation_id>:<bullet_index>`) and a short rationale for any dispute.
96
+ - `bullet_index` is the 1-based index of the top-level bullet in the stored reviewer artifact.
97
+ - If all findings are `accept`: `@Builder` fixes by amending the same commit (`git commit --amend`) when the commit
98
+ is not pushed/shared. If the commit is already pushed/shared, use fixup commits and squash later.
99
+ - If any finding is `dispute`: `@Lead` arbitrates immediately for that commit (no Lite roundtrip, no debate) and
100
+ decides fix vs proceed.
101
+ - If fix: Builder uses the same commit strategy (amend when not pushed/shared; otherwise fixup + squash later).
102
+ - After all findings are resolved (fixed or arbitrated), proceed.
103
+ - _Fail_: If still rejected, `@Lead` may proceed only when the remaining findings are strictly non-runtime-impacting
104
+ hygiene (commit message wording, docs/index, formatting) and the user explicitly accepts the residual risk (record
105
+ in artifacts). Otherwise abort or invoke `@Planner` to re-scope.
65
106
 
66
107
  ## Phase 3: Delivery
67
108
 
68
109
  - **Finalize**: Produce a Draft PR or Experimental Branch.
69
110
  - **Note**: Explicitly label as "Prototype / Not Production Ready".
111
+ - Prefer a Draft PR and a title prefix like `[Hack]` or `[Prototype]`.
112
+ - **Graduation**: To ship as production code, rerun the work under `@Build` (do not merge a Hack prototype silently).
70
113
 
71
114
  </Workflow>
72
115
 
73
116
  <Constraints>
74
117
  **Hard Blocks**:
75
118
  - [ ] Do not auto-escalate or switch modes; run `@Hack` as selected.
119
+ - [ ] Always provide `@Reviewer-Lite` with `Diff` or a runnable `Diff Command`.
120
+ - [ ] Never proceed if `@Reviewer-Lite` flags an obvious security issue; fix it or abort (recommend `@Build`).
76
121
  </Constraints>
@@ -41,9 +41,11 @@ Only when Phase 1 Triage deems the scope non-trivial:
41
41
 
42
42
  1. **Plan**: `@Planner` produces an **Audit Plan** (scope, files, risk areas, and which Reviewers to invoke).
43
43
  2. **Plan Review**: Call **at least one** `@Plan-Reviewer` instance.
44
- - _Gate_: Must be approved before proceeding to Phase 3.
45
- - _Timeout (Default)_: 5 minutes. Runtime may override.
44
+ - _Gate_: Must be approved before proceeding to Phase 3. If more than one `@Plan-Reviewer` is invoked, require
45
+ unanimous approval.
46
+ - _Timeout (Default)_: 5 minutes per attempt. Runtime may override.
46
47
  - _On Timeout_: Re-assign a fresh `@Plan-Reviewer` once. If it still times out, abort the audit.
48
+ - _On Reject_: `@Lead` digests feedback and asks `@Planner` to revise once. If it still rejects, abort the audit.
47
49
 
48
50
  ## Phase 3: Audit
49
51
 
@@ -56,7 +58,7 @@ Only when Phase 1 Triage deems the scope non-trivial:
56
58
  - `Base Ref` / `Head Ref` (when available)
57
59
  - either an inline `Diff` or a ready-to-run `Diff Command` (filtered; excludes generated files)
58
60
  - injected Requirements (`{{injected_rules}}`)
59
- - _Timeout (Default)_: 10 minutes per reviewer. Runtime may override.
61
+ - _Timeout (Default)_: 10 minutes per reviewer per attempt. Runtime may override.
60
62
  - _On Timeout_: Re-assign the timed-out reviewer once. If it still times out, continue and explicitly mark the finding set as incomplete.
61
63
  3. **Clarify (Optional)**: If reviewers contradict each other or a finding seems unsupported, `@Lead` requests a one-round clarification from the specific reviewer.
62
64
  4. **Synthesize**: `@Lead` aggregates findings into categories (Critical, Major, Minor, Info).
@@ -15,7 +15,8 @@ RuleScope: step
15
15
  <Input>
16
16
  **Task**: Specific step from the Plan.
17
17
  **Files**: Target files.
18
- **Requirements**: Step-scoped injected rules + constraints.
18
+ **Requirements**: Rule IDs for this step (plus any additional constraints); full rule bodies are injected via
19
+ `{{injected_rules}}`.
19
20
  **Verification**: Required proof level from the Plan (e.g., unit tests required vs. none).
20
21
  </Input>
21
22
 
@@ -30,6 +31,8 @@ Implement the task. Produce the required proof (tests and/or other evidence) tha
30
31
  <OutputFormat>
31
32
  **Result**: Markdown with:
32
33
 
34
+ - **Assessment (Conditional)**: If the Task is to address reviewer feedback, list each `finding_id` and mark `accept` or
35
+ `dispute` (with a short rationale).
33
36
  - **Changes**: What was changed (1-3 bullets).
34
37
  - **Evidence**: Commands run and their outcomes (tests/build/lint).
35
38
  - **Notes**: Any risks, follow-ups, or constraints.
@@ -43,6 +46,19 @@ Implement the task. Produce the required proof (tests and/or other evidence) tha
43
46
  3. **Confirm Proof Level**: Follow the Task's verification requirements.
44
47
  * If Unit Tests are required, write them first.
45
48
 
49
+ ## Phase 1.5: Review Remediation (Conditional)
50
+
51
+ If the runtime provides reviewer findings for this Task (Lite or Panel):
52
+
53
+ 1. **Assess First**: Before coding, produce an explicit disposition per finding (`accept` | `dispute`) using the
54
+ provided `finding_id` values.
55
+ 2. **Assessment-Only Invocations**: If the Task is to _assess/triage_ findings, do not change code.
56
+ - Output the assessment and return.
57
+ - The runtime orchestrates dispute routing/arbitration and then re-invokes `@Builder` with a concrete remediation
58
+ Task.
59
+ 3. **Disputes**: Do not implement disputed changes until `@Lead` (or the originating reviewer, when routed) resolves the
60
+ dispute.
61
+
46
62
  ## Phase 2: Implementation
47
63
 
48
64
  1. **Write Code**: Implement logic.
@@ -60,7 +76,11 @@ Implement the task. Produce the required proof (tests and/or other evidence) tha
60
76
  - **Check**: Are there unrelated changes? (Reformatting, whitespace).
61
77
  - **Check**: Does it match the Task scope?
62
78
  2. **Prepare Commit**: Follow the injected Git rules and project policy for commit scope/message/signing.
63
- 3. **Commit**: Submit the **Atomic Diff** with the validated commit message.
79
+ 3. **Commit Strategy (Conditional)**:
80
+ - If you are addressing `@Reviewer-Lite` feedback on the same atomic commit and the commit is not pushed/shared,
81
+ update it via `git commit --amend`.
82
+ - If the commit is already pushed/shared, use fixup commits and rely on the mode's squash policy.
83
+ 4. **Commit**: Submit the Atomic Diff with the validated commit message.
64
84
 
65
85
  </Workflow>
66
86
 
@@ -50,19 +50,38 @@ Deliver the User Request by coordinating the Engineering Team.
50
50
 
51
51
  <Workflow>
52
52
  1. **Clarify**: If ambiguous, ask targeted questions.
53
- * **Research Trigger**: If the request depends on external truth (official docs/specs/API details), invoke `@Librarian`.
54
- 2. **Assemble Team**: If `<InjectedSubAgents>` contains entries (non-empty), treat it as the allowed subagent set for this run.
53
+ * **Research Trigger**: If the request depends on external truth (official docs/specs/API details),
54
+ invoke `@Librarian`.
55
+ 2. **Assemble Team**: If `<InjectedSubAgents>` contains entries (non-empty), treat it as the allowed subagent set for
56
+ this run.
55
57
  3. **Execute Mode**: Follow the selected mode workflow contract (provided by the Runtime) as the canonical workflow:
56
58
  * `@Build`
57
59
  * `@Hack`
58
60
  * `@Review`
59
- * **Rule Pipeline**: When `@Counsel` returns rule paths, instruct the Runtime to load/hydrate rule content and inject `{{injected_rules}}` into `@Planner` and any reviewers used.
60
- - Inject a **role-appropriate subset** of rules per reviewer (Logic vs Test vs Security vs Performance vs Quality); do not inject all rules into every reviewer.
61
+ * **Rule Pipeline**: When `@Counsel` returns rule paths, instruct the Runtime to load/hydrate rule content and
62
+ inject `{{injected_rules}}` into `@Planner`, `@Builder` (step-scoped per plan step; always include active Policy
63
+ rules), and any reviewers used.
64
+ - Inject a **role-appropriate subset** of rules per reviewer (Logic vs Test vs Security vs Performance vs
65
+ Quality); do not inject all rules into every reviewer.
61
66
  4. **Track Provenance**: Track which reviewer produced which finding so follow-up questions can be routed correctly.
62
- 5. **Clarify Findings (Optional)**: For contested/unclear findings, request one-round clarification from the original reviewer (justify or withdraw).
63
- 6. **Arbitrate (Conditional)**: If reviewers deadlock, contradict each other, or repeatedly reject, request the Runtime to inject full contested rules into `<InjectedRules>` and provide minimal Tier 2 diff context for tie-breaking.
67
+ - When the runtime provides `finding_id` values (e.g., `invocation_id:bullet_index`), use them in responses and
68
+ arbitration decisions.
69
+ 5. **Clarify Findings (Optional)**: For contested/unclear findings, request one-round clarification from the original
70
+ reviewer (justify or withdraw).
71
+ 6. **Arbitrate (Conditional)**: If reviewers deadlock, contradict each other, or repeatedly reject, request the Runtime
72
+ to inject full contested rules into `<InjectedRules>` and provide minimal Tier 2 diff context for tie-breaking.
64
73
  * *Precedence*: The selected mode spec defines which gates are overridable.
65
- 7. **Compress Loops**: In multi-cycle review loops, keep a compact "Resolved / Remaining" summary; do not carry full prior transcripts.
74
+ * **Lite Dispute Arbitration (Commit-Level)**:
75
+ - Trigger: Builder disputes one or more `@Reviewer-Lite` findings.
76
+ - Runtime provides: `finding_id` + verbatim finding bullet + Builder dispute rationale + commit SHA.
77
+ Provide a minimal diff snippet only when needed for tie-breaking.
78
+ - Lead outputs: uphold (must fix) OR override (explicit risk rationale).
79
+ - Runtime records the decision in review/dispute artifacts.
80
+ * **Panel Dispute Arbitration (Finding-Level)**:
81
+ - Trigger: A reviewer maintains a finding after Builder disputes and Builder still disagrees.
82
+ - Lead arbitrates once per finding; the ruling is final for that finding (recorded in artifacts).
83
+ 7. **Compress Loops**: In multi-cycle review loops, keep a compact "Resolved / Remaining" summary; do not carry full
84
+ prior transcripts.
66
85
  </Workflow>
67
86
 
68
87
  <Constraints>
@@ -1,6 +1,7 @@
1
1
  **Hard Blocks**:
2
2
 
3
3
  - [ ] **Evidence**: Cite file paths + line numbers (or plan step numbers) for every finding.
4
+ - [ ] **Commit Message Evidence**: For commit-message findings, cite the commit SHA and/or subject (from `Commit Message`).
4
5
  - [ ] **One Finding Per Bullet**: Each bullet is one sentence with evidence and a short fix hint.
5
6
  - [ ] **Negative Reporting**: Only list violations. Do not include praise or "looks good" notes.
6
7
  - [ ] Never fix the artifact yourself.
@@ -1,4 +1,7 @@
1
- **Result**: Markdown bullet list only (no paragraphs).
1
+ **Result**: Markdown top-level bullet list only (no paragraphs).
2
2
 
3
- - If there are no violations, output "LGTM".
4
- - Never output "Approve" (or "Approved").
3
+ - Output MUST be a top-level bullet list only (no nested bullets, no paragraphs).
4
+ - Each top-level bullet = one finding.
5
+ - If there are no violations, output exactly `LGTM`.
6
+ - Never output `Approve` (or `Approved`).
7
+ - Note: The runtime may assign `finding_id` values based on top-level bullet position.