maestro-flow 0.4.8 → 0.4.10

package/.agy/skills/team-review/roles/scanner/role.md

@@ -0,0 +1,77 @@
+---
+role: scanner
+prefix: SCAN
+inner_loop: false
+message_types: 
+---
+
+# Code Scanner
+
+Toolchain + LLM semantic scan producing structured findings. Static analysis tools in parallel, then LLM for issues tools miss. Read-only -- never modifies source code. 4-dimension system: security (SEC), correctness (COR), performance (PRF), maintainability (MNT).
+
+## Phase 2: Context & Toolchain Detection
+
+| Input | Source | Required |
+|-------|--------|----------|
+| Task description | From task subject/description | Yes |
+| Session path | Extracted from task description | Yes |
+| .msg/meta.json | <session>/.msg/meta.json | No |
+
+1. Extract session path, target, dimensions, quick flag from task description
+2. Resolve target files (glob pattern or directory -> `**/*.{ts,tsx,js,jsx,py,go,java,rs}`)
+3. If no source files found -> report empty, complete task cleanly
+4. Detect toolchain availability:
+
+| Tool | Detection | Dimension |
+|------|-----------|-----------|
+| tsc | `tsconfig.json` exists | COR |
+| eslint | `.eslintrc*` or `eslint` in package.json | COR/MNT |
+| semgrep | `.semgrep.yml` exists | SEC |
+| ruff | `pyproject.toml` + ruff available | SEC/COR/MNT |
+| mypy | mypy available + `pyproject.toml` | COR |
+| npmAudit | `package-lock.json` exists | SEC |
+
+5. Load wisdom files from `<session>/wisdom/` if they exist
+
+## Phase 3: Scan Execution
+
+**Quick mode**: Single CLI call with analysis mode, max 20 findings, skip toolchain.
+
+**Standard mode** (sequential):
+
+### 3A: Toolchain Scan
+Run detected tools in parallel via Bash backgrounding. Each tool writes to `<session>/scan/tmp/<tool>.{json|txt}`. After `wait`, parse each output into normalized findings:
+- tsc: `file(line,col): error TSxxxx: msg` -> dimension=correctness, source=tool:tsc
+- eslint: JSON array -> severity 2=correctness/high, else=maintainability/medium
+- semgrep: `{results[]}` -> dimension=security, severity from extra.severity
+- ruff: `[{code,message,filename}]` -> S*=security, F*/B*=correctness, else=maintainability
+- mypy: `file:line: error: msg [code]` -> dimension=correctness
+- npm audit: `{vulnerabilities:{}}` -> dimension=security, category=dependency
+
+Write `<session>/scan/toolchain-findings.json`.
+
+### 3B: Semantic Scan (LLM via CLI)
+Build prompt with target file patterns, toolchain dedup summary, and per-dimension focus areas:
+- SEC: Business logic vulnerabilities, privilege escalation, sensitive data flow, auth bypass
+- COR: Logic errors, unhandled exception paths, state management bugs, race conditions
+- PRF: Algorithm complexity, N+1 queries, unnecessary sync, memory leaks, missing caching
+- MNT: Architectural coupling, abstraction leaks, convention violations, dead code
+
+Execute via `maestro delegate --role review --mode analysis --rule analysis-review-code-quality`. Parse JSON array response, validate required fields (dimension, title, location.file), enforce per-dimension limit (max 5 each), filter minimum severity (medium+). Write `<session>/scan/semantic-findings.json`.
+
+### Tech Profile Scan
+
+After scan execution, emit context-aware trigger signals (based on detected codebase characteristics):
+
+1. Check security findings → signals (`injection_risk`, `eval_usage`, `sql_detected`, `auth_detected`)
+2. Check quality findings → risk signals (`legacy_patterns`, `test_gap`, `perf_sensitive`)
+3. Include `tech_profile` in Phase 5 state_update data
+
+## Phase 4: Aggregate & Output
+
+1. Merge toolchain + semantic findings, deduplicate (same file + line + dimension = duplicate)
+2. Assign dimension-prefixed IDs: SEC-001, COR-001, PRF-001, MNT-001
+3. Write `<session>/scan/scan-results.json` with schema: `{scan_date, target, dimensions, quick_mode, total_findings, by_severity, by_dimension, findings[]}`
+4. Each finding: `{id, dimension, category, severity, title, description, location:{file,line}, source, suggested_fix, effort, confidence}`
+5. Update `<session>/.msg/meta.json` with scan summary (findings_count, by_severity, by_dimension)
+6. Contribute discoveries to `<session>/wisdom/` files

package/.agy/skills/team-review/specs/dimensions.md

@@ -0,0 +1,82 @@
+# Review Dimensions (4-Dimension System)
+
+## Security (SEC)
+
+Vulnerabilities, attack surfaces, and data protection issues.
+
+**Categories**: injection, authentication, authorization, data-exposure, encryption, input-validation, access-control
+
+**Tool Support**: Semgrep (`--config auto`), npm audit, tsc strict mode
+**LLM Focus**: Business logic vulnerabilities, privilege escalation paths, sensitive data flows
+
+**Severity Mapping**:
+- Critical: RCE, SQL injection, auth bypass, data breach
+- High: XSS, CSRF, insecure deserialization, weak crypto
+- Medium: Missing input validation, overly permissive CORS
+- Low: Informational headers, minor config issues
+
+---
+
+## Correctness (COR)
+
+Bugs, logic errors, and type safety issues.
+
+**Categories**: bug, error-handling, edge-case, type-safety, race-condition, null-reference
+
+**Tool Support**: tsc `--noEmit`, ESLint error-level rules
+**LLM Focus**: Logic errors, unhandled exception paths, state management bugs, race conditions
+
+**Severity Mapping**:
+- Critical: Data corruption, crash in production path
+- High: Incorrect business logic, unhandled error in common path
+- Medium: Edge case not handled, missing null check
+- Low: Minor type inconsistency, unused variable
+
+---
+
+## Performance (PRF)
+
+Inefficiencies, resource waste, and scalability issues.
+
+**Categories**: n-plus-one, memory-leak, blocking-operation, complexity, resource-usage, caching
+
+**Tool Support**: None (LLM-only dimension)
+**LLM Focus**: Algorithm complexity, N+1 queries, unnecessary sync operations, memory leaks, missing caching
+
+**Severity Mapping**:
+- Critical: Memory leak in long-running process, O(n³) on user data
+- High: N+1 query in hot path, blocking I/O in async context
+- Medium: Suboptimal algorithm, missing obvious cache
+- Low: Minor inefficiency, premature optimization opportunity
+
+---
+
+## Maintainability (MNT)
+
+Code quality, readability, and structural health.
+
+**Categories**: code-smell, naming, complexity, duplication, dead-code, pattern-violation, coupling
+
+**Tool Support**: ESLint warning-level rules, complexity metrics
+**LLM Focus**: Architectural coupling, abstraction leaks, project convention violations
+
+**Severity Mapping**:
+- High: God class, circular dependency, copy-paste across modules
+- Medium: Long method, magic numbers, unclear naming
+- Low: Minor style inconsistency, commented-out code
+- Info: Pattern observation, refactoring suggestion
+
+---
+
+## Why 4 Dimensions (Not 7)
+
+The original review-cycle used 7 dimensions with significant overlap:
+
+| Original | Problem | Merged Into |
+|----------|---------|-------------|
+| Quality | Overlaps Maintainability + Best-Practices | **Maintainability** |
+| Best-Practices | Overlaps Quality + Maintainability | **Maintainability** |
+| Architecture | Overlaps Maintainability (coupling/layering) | **Maintainability** (structure) + **Security** (security architecture) |
+| Action-Items | Not a dimension — it's a report format | Standard field on every finding |
+
+4 dimensions = clear ownership, no overlap, each maps to distinct tooling.

package/.agy/skills/team-review/specs/finding-schema.json

@@ -0,0 +1,82 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "title": "Finding",
+  "description": "Standardized finding format for team-review pipeline",
+  "type": "object",
+  "required": ["id", "dimension", "category", "severity", "title", "description", "location", "source", "effort", "confidence"],
+  "properties": {
+    "id": {
+      "type": "string",
+      "pattern": "^(SEC|COR|PRF|MNT)-\\d{3}$",
+      "description": "{DIM_PREFIX}-{SEQ}"
+    },
+    "dimension": {
+      "type": "string",
+      "enum": ["security", "correctness", "performance", "maintainability"]
+    },
+    "category": {
+      "type": "string",
+      "description": "Sub-category within the dimension"
+    },
+    "severity": {
+      "type": "string",
+      "enum": ["critical", "high", "medium", "low", "info"]
+    },
+    "title": { "type": "string" },
+    "description": { "type": "string" },
+    "location": {
+      "type": "object",
+      "required": ["file", "line"],
+      "properties": {
+        "file": { "type": "string" },
+        "line": { "type": "integer" },
+        "end_line": { "type": "integer" },
+        "code_snippet": { "type": "string" }
+      }
+    },
+    "source": {
+      "type": "string",
+      "description": "tool:eslint | tool:tsc | tool:semgrep | llm | tool+llm"
+    },
+    "tool_rule": { "type": ["string", "null"] },
+    "suggested_fix": { "type": "string" },
+    "references": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "effort": { "type": "string", "enum": ["low", "medium", "high"] },
+    "confidence": { "type": "string", "enum": ["high", "medium", "low"] },
+    "root_cause": {
+      "type": ["object", "null"],
+      "description": "Populated by reviewer role",
+      "properties": {
+        "description": { "type": "string" },
+        "related_findings": { "type": "array", "items": { "type": "string" } },
+        "is_symptom": { "type": "boolean" }
+      }
+    },
+    "impact": {
+      "type": ["object", "null"],
+      "properties": {
+        "scope": { "type": "string", "enum": ["low", "medium", "high"] },
+        "affected_files": { "type": "array", "items": { "type": "string" } },
+        "blast_radius": { "type": "string" }
+      }
+    },
+    "optimization": {
+      "type": ["object", "null"],
+      "properties": {
+        "approach": { "type": "string" },
+        "alternative": { "type": "string" },
+        "tradeoff": { "type": "string" }
+      }
+    },
+    "fix_strategy": { "type": ["string", "null"], "enum": ["minimal", "refactor", "skip", null] },
+    "fix_complexity": { "type": ["string", "null"], "enum": ["low", "medium", "high", null] },
+    "fix_dependencies": {
+      "type": "array",
+      "items": { "type": "string" },
+      "default": []
+    }
+  }
+}

package/.agy/skills/team-review/specs/pipelines.md

@@ -0,0 +1,102 @@
+# Review Pipelines
+
+Pipeline definitions and task registry for team-review.
+
+## Pipeline Modes
+
+| Mode | Description | Tasks |
+|------|-------------|-------|
+| default | Scan + review | SCAN -> REV |
+| full | Scan + review + fix | SCAN -> REV -> [confirm] -> FIX |
+| fix-only | Fix from existing manifest | FIX |
+| quick | Quick scan only | SCAN (quick=true) |
+
+## Pipeline Definitions
+
+### default Mode (2 tasks, linear)
+
+```
+SCAN-001 -> REV-001
+```
+
+| Task ID | Role | Dependencies | Description |
+|---------|------|-------------|-------------|
+| SCAN-001 | scanner | (none) | Multi-dimension code scan (toolchain + LLM) |
+| REV-001 | reviewer | SCAN-001 | Deep finding analysis and review report |
+
+### full Mode (3 tasks, linear with user checkpoint)
+
+```
+SCAN-001 -> REV-001 -> [user confirm] -> FIX-001
+```
+
+| Task ID | Role | Dependencies | Description |
+|---------|------|-------------|-------------|
+| SCAN-001 | scanner | (none) | Multi-dimension code scan (toolchain + LLM) |
+| REV-001 | reviewer | SCAN-001 | Deep finding analysis and review report |
+| FIX-001 | fixer | REV-001 + user confirm | Plan + execute + verify fixes |
+
+### fix-only Mode (1 task)
+
+```
+FIX-001
+```
+
+| Task ID | Role | Dependencies | Description |
+|---------|------|-------------|-------------|
+| FIX-001 | fixer | (none) | Execute fixes from existing manifest |
+
+### quick Mode (1 task)
+
+```
+SCAN-001 (quick=true)
+```
+
+| Task ID | Role | Dependencies | Description |
+|---------|------|-------------|-------------|
+| SCAN-001 | scanner | (none) | Quick scan, max 20 findings, skip toolchain |
+
+## Review Dimensions (4-Dimension System)
+
+| Dimension | Code | Focus |
+|-----------|------|-------|
+| Security | SEC | Vulnerabilities, auth, data exposure |
+| Correctness | COR | Bugs, logic errors, type safety |
+| Performance | PRF | N+1, memory leaks, blocking ops |
+| Maintainability | MNT | Coupling, complexity, dead code |
+
+## Fix Scope Options
+
+| Scope | Description |
+|-------|-------------|
+| all | Fix all findings |
+| critical,high | Fix critical and high severity only |
+| skip | Skip fix phase |
+
+## Session Directory
+
+```
+.workflow/.team/RV-<slug>-<YYYY-MM-DD>/
+├── .msg/messages.jsonl          # Message bus log
+├── .msg/meta.json               # Session state + cross-role state
+├── wisdom/                     # Cross-task knowledge
+│   ├── learnings.md
+│   ├── decisions.md
+│   ├── conventions.md
+│   └── issues.md
+├── scan/                       # Scanner output
+│   ├── toolchain-findings.json
+│   ├── semantic-findings.json
+│   └── scan-results.json
+├── review/                     # Reviewer output
+│   ├── enriched-findings.json
+│   ├── review-report.json
+│   └── review-report.md
+└── fix/                        # Fixer output
+    ├── fix-manifest.json
+    ├── fix-plan.json
+    ├── execution-results.json
+    ├── verify-results.json
+    ├── fix-summary.json
+    └── fix-summary.md
+```

package/.agy/skills/team-review/specs/team-config.json

@@ -0,0 +1,27 @@
+{
+  "name": "team-review",
+  "description": "Code scanning, vulnerability review, optimization suggestions, and automated fix",
+  "sessionDir": ".workflow/.team-review/",
+  "msgDir": ".workflow/.team-msg/team-review/",
+  "roles": {
+    "coordinator": { "prefix": "RC", "type": "orchestration", "file": "roles/coordinator/role.md" },
+    "scanner":     { "prefix": "SCAN", "type": "read-only-analysis", "file": "roles/scanner/role.md" },
+    "reviewer":    { "prefix": "REV", "type": "read-only-analysis", "file": "roles/reviewer/role.md" },
+    "fixer":       { "prefix": "FIX", "type": "code-generation", "file": "roles/fixer/role.md" }
+  },
+  "collaboration_pattern": "CP-1",
+  "pipeline": ["scanner", "reviewer", "fixer"],
+  "dimensions": {
+    "security":        { "prefix": "SEC", "tools": ["semgrep", "npm-audit"] },
+    "correctness":     { "prefix": "COR", "tools": ["tsc", "eslint-error"] },
+    "performance":     { "prefix": "PRF", "tools": [] },
+    "maintainability": { "prefix": "MNT", "tools": ["eslint-warning"] }
+  },
+  "severity_levels": ["critical", "high", "medium", "low", "info"],
+  "defaults": {
+    "max_deep_analysis": 15,
+    "max_quick_findings": 20,
+    "max_parallel_fixers": 3,
+    "quick_fix_threshold": 5
+  }
+}

package/.agy/skills/team-tech-debt/SKILL.md

@@ -0,0 +1,133 @@
+---
+name: team-tech-debt
+description: Unified team skill for tech debt identification and remediation. Scans codebase for tech debt, assesses severity, plans and executes fixes with validation. Uses team-worker agent architecture with roles/ for domain logic. Coordinator orchestrates pipeline, workers are team-worker agents. Triggers on "team tech debt".
+allowed-tools:
+  - ask_question
+  - define_subagent
+  - grep_search
+  - invoke_subagent
+  - manage_subagents
+  - mcp__ace-tool__search_context
+  - mcp__ccw-tools__edit_file
+  - mcp__ccw-tools__read_file
+  - mcp__ccw-tools__write_file
+  - replace_file_content
+  - run_command
+  - send_message
+  - view_file
+  - write_to_file
+agy-subagents:
+  - team-worker
+---
+
+## Sub-Agent Registration (Antigravity)
+
+Before any `invoke_subagent` call below, register each sub-agent type once per session by reading the system_prompt from `<agy-agents-dir>/<name>.md` and passing it to `define_subagent`. The `<agy-agents-dir>` is:
+- global install: `~/.gemini/antigravity-cli/agents/`
+- workspace install: `<project>/.agents/agents/`
+
+- `define_subagent(name="team-worker", description="<from agents/team-worker.md frontmatter>", system_prompt=<contents of agents/team-worker.md body>, enable_write_tools=true, enable_mcp_tools=true, enable_subagent_tools=false)`
+
+**ConversationId tracking**: `invoke_subagent` returns a ConversationId per spawned instance. Subsequent `send_message(Recipient=<ConversationId>, Message=...)` calls require that ConversationId — never use the role name as the recipient.
+
+---
+
+# Team Tech Debt
+
+Systematic tech debt governance: scan -> assess -> plan -> fix -> validate. Built on **team-worker agent architecture** — all worker roles share a single agent definition with role-specific Phase 2-4 loaded from `roles/<role>/role.md`.
+
+## Architecture
+
+```
+view_file(AbsolutePath="<agy-skills-dir>/team-tech-debt/SKILL.md") + execute inline (args: "task description")
+                    |
+         SKILL.md (this file) = Router
+                    |
+     +--------------+--------------+
+     |                             |
+  no --role flag              --role <name>
+     |                             |
+  Coordinator                  Worker
+  roles/coordinator/role.md    roles/<name>/role.md
+     |
+     +-- analyze → dispatch → spawn workers → STOP
+                                    |
+                    +-------+-------+-------+-------+
+                    v       v       v       v       v
+           [team-worker agents, each loads roles/<role>/role.md]
+          scanner  assessor  planner  executor  validator
+```
+
+## Role Registry
+
+| Role | Path | Prefix | Inner Loop |
+|------|------|--------|------------|
+| coordinator | [roles/coordinator/role.md](roles/coordinator/role.md) | — | — |
+| scanner | [roles/scanner/role.md](roles/scanner/role.md) | TDSCAN-* | false |
+| assessor | [roles/assessor/role.md](roles/assessor/role.md) | TDEVAL-* | false |
+| planner | [roles/planner/role.md](roles/planner/role.md) | TDPLAN-* | false |
+| executor | [roles/executor/role.md](roles/executor/role.md) | TDFIX-* | true |
+| validator | [roles/validator/role.md](roles/validator/role.md) | TDVAL-* | false |
+
+## Role Router
+
+Parse `$ARGUMENTS`:
+- Has `--role <name>` → Read `roles/<name>/role.md`, execute Phase 2-4
+- No `--role` → `@roles/coordinator/role.md`, execute entry router
+
+## Shared Constants
+
+- **Session prefix**: `TD`
+- **Session path**: `.workflow/.team/TD-<slug>-<date>/`
+- **CLI tools**: `maestro delegate --mode analysis` (read-only), `maestro delegate --mode write` (modifications)
+- **Message bus**: `mcp__ccw-tools__team_msg(session_id=<session-id>, ...)`
+- **Max GC rounds**: 3
+
+## Worker Spawn Template
+
+Coordinator spawns workers using this template:
+
+```
+invoke_subagent([{ TypeName: "team-worker", Role: "<role>", Prompt: "<Prompt>", Workspace: "inherit" }])
+```
+
+## User Commands
+
+| Command | Action |
+|---------|--------|
+| `check` / `status` | View execution status graph |
+| `resume` / `continue` | Advance to next step |
+| `--mode=scan` | Run scan-only pipeline (TDSCAN + TDEVAL) |
+| `--mode=targeted` | Run targeted pipeline (TDPLAN + TDFIX + TDVAL) |
+| `--mode=remediate` | Run full pipeline (default) |
+| `-y` / `--yes` | Skip confirmations |
+
+## Specs Reference
+
+- [specs/pipelines.md](specs/pipelines.md) — Pipeline definitions and task registry
+
+## Session Directory
+
+```
+.workflow/.team/TD-<slug>-<date>/
+├── .msg/
+│   ├── messages.jsonl      # Team message bus
+│   └── meta.json           # Pipeline config + role state snapshot
+├── scan/                   # Scanner output
+├── assessment/             # Assessor output
+├── plan/                   # Planner output
+├── fixes/                  # Executor output
+├── validation/             # Validator output
+└── wisdom/                 # Cross-task knowledge
+```
+
+## Error Handling
+
+| Scenario | Resolution |
+|----------|------------|
+| Unknown command | Error with available command list |
+| Role not found | Error with role registry |
+| Session corruption | Attempt recovery, fallback to manual |
+| Fast-advance conflict | Coordinator reconciles on next callback |
+| Completion action fails | Default to Keep Active |
+| Scanner finds no debt | Report clean codebase, skip to summary |

package/.agy/skills/team-tech-debt/roles/assessor/role.md

@@ -0,0 +1,76 @@
+---
+role: assessor
+prefix: TDEVAL
+inner_loop: false
+---
+
+# Tech Debt Assessor
+
+Quantitative evaluator for tech debt items. Score each debt item on business impact (1-5) and fix cost (1-5), classify into priority quadrants, produce priority-matrix.json.
+
+## Phase 2: Load Debt Inventory
+
+| Input | Source | Required |
+|-------|--------|----------|
+| Session path | task description (regex: `session:\s*(.+)`) | Yes |
+| .msg/meta.json | <session>/.msg/meta.json | Yes |
+| Debt inventory | meta.json:debt_inventory OR <session>/scan/debt-inventory.json | Yes |
+
+1. Extract session path from task description
+2. Read .msg/meta.json for team context
+3. Load debt_inventory from shared memory or fallback to debt-inventory.json file
+4. If debt_inventory is empty -> report empty assessment and exit
+
+## Phase 3: Evaluate Each Item
+
+**Strategy selection**:
+
+| Item Count | Strategy |
+|------------|----------|
+| <= 10 | Heuristic: severity-based impact + effort-based cost |
+| 11-50 | CLI batch: single gemini analysis call |
+| > 50 | CLI chunked: batches of 25 items |
+
+**Impact Score Mapping** (heuristic):
+
+| Severity | Impact Score |
+|----------|-------------|
+| critical | 5 |
+| high | 4 |
+| medium | 3 |
+| low | 1 |
+
+**Cost Score Mapping** (heuristic):
+
+| Estimated Effort | Cost Score |
+|------------------|------------|
+| small | 1 |
+| medium | 3 |
+| large | 5 |
+| unknown | 3 |
+
+**Priority Quadrant Classification**:
+
+| Impact | Cost | Quadrant |
+|--------|------|----------|
+| >= 4 | <= 2 | quick-win |
+| >= 4 | >= 3 | strategic |
+| <= 3 | <= 2 | backlog |
+| <= 3 | >= 3 | defer |
+
+For CLI mode, prompt gemini with full debt summary requesting JSON array of `{id, impact_score, cost_score, risk_if_unfixed, priority_quadrant}`. Unevaluated items fall back to heuristic scoring.
+
+### Tech Profile Scan
+
+After assessment, emit context-aware trigger signals (based on detected codebase characteristics):
+
+1. Check debt items → signals (`legacy_patterns`, `perf_sensitive`, `test_gap`)
+2. Check code patterns → risk signals (`sql_detected`, `auth_detected`, `scaling_concern`)
+3. Include `tech_profile` in Phase 5 state_update data
+
+## Phase 4: Generate Priority Matrix
+
+1. Build matrix structure: evaluation_date, total_items, by_quadrant (grouped), summary (counts per quadrant)
+2. Sort within each quadrant by impact_score descending
+3. Write `<session>/assessment/priority-matrix.json`
+4. Update .msg/meta.json with `priority_matrix` summary and evaluated `debt_inventory`

package/.agy/skills/team-tech-debt/roles/coordinator/commands/analyze.md

@@ -0,0 +1,47 @@
+# Analyze Task
+
+Parse user task -> detect tech debt signals -> assess complexity -> determine pipeline mode and roles.
+
+**CONSTRAINT**: Text-level analysis only. NO source code reading, NO codebase exploration.
+
+## Signal Detection
+
+| Keywords | Signal | Mode Hint |
+|----------|--------|-----------|
+| 扫描, scan, 审计, audit | debt-scan | scan |
+| 评估, assess, quantify | debt-assess | scan |
+| 规划, plan, roadmap | debt-plan | targeted |
+| 修复, fix, remediate, clean | debt-fix | remediate |
+| 验证, validate, verify | debt-validate | remediate |
+| 定向, targeted, specific | debt-targeted | targeted |
+
+## Complexity Scoring
+
+| Factor | Points |
+|--------|--------|
+| Full codebase scope | +2 |
+| Multiple debt dimensions | +1 per dimension (max 3) |
+| Large codebase (implied) | +1 |
+| Targeted specific items | -1 |
+
+Results: 1-3 Low (scan mode), 4-6 Medium (remediate), 7+ High (remediate + full pipeline)
+
+## Pipeline Mode Determination
+
+| Score + Signals | Mode |
+|----------------|------|
+| scan/audit keywords | scan |
+| targeted/specific keywords | targeted |
+| Default | remediate |
+
+## Output
+
+Write scope context to coordinator memory:
+```json
+{
+  "pipeline_mode": "<scan|remediate|targeted>",
+  "scope": "<detected-scope>",
+  "focus_dimensions": ["code", "architecture", "testing", "dependency", "documentation"],
+  "complexity": { "score": 0, "level": "Low|Medium|High" }
+}
+```