maestro-flow 0.5.42 → 0.5.43

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (323) hide show
  1. package/.agents/skills/domain-add/SKILL.md +3 -0
  2. package/.agents/skills/learn-decompose/SKILL.md +7 -4
  3. package/.agents/skills/learn-follow/SKILL.md +4 -2
  4. package/.agents/skills/learn-investigate/SKILL.md +8 -6
  5. package/.agents/skills/learn-second-opinion/SKILL.md +6 -3
  6. package/.agents/skills/maestro/SKILL.md +1 -1
  7. package/.agents/skills/maestro-amend/SKILL.md +1 -1
  8. package/.agents/skills/maestro-analyze/SKILL.md +1 -1
  9. package/.agents/skills/maestro-blueprint/SKILL.md +1 -1
  10. package/.agents/skills/maestro-brainstorm/SKILL.md +4 -1
  11. package/.agents/skills/maestro-collab/SKILL.md +6 -2
  12. package/.agents/skills/maestro-companion/SKILL.md +4 -1
  13. package/.agents/skills/maestro-composer/SKILL.md +4 -2
  14. package/.agents/skills/maestro-execute/SKILL.md +26 -8
  15. package/.agents/skills/maestro-fork/SKILL.md +4 -3
  16. package/.agents/skills/maestro-grill/SKILL.md +1 -1
  17. package/.agents/skills/maestro-guard/SKILL.md +2 -2
  18. package/.agents/skills/maestro-impeccable/SKILL.md +2 -1
  19. package/.agents/skills/maestro-init/SKILL.md +1 -1
  20. package/.agents/skills/maestro-merge/SKILL.md +12 -1
  21. package/.agents/skills/maestro-milestone-audit/SKILL.md +1 -0
  22. package/.agents/skills/maestro-milestone-complete/SKILL.md +8 -3
  23. package/.agents/skills/maestro-milestone-release/SKILL.md +8 -4
  24. package/.agents/skills/maestro-overlay/SKILL.md +9 -0
  25. package/.agents/skills/maestro-plan/SKILL.md +1 -0
  26. package/.agents/skills/maestro-player/SKILL.md +2 -2
  27. package/.agents/skills/maestro-quick/SKILL.md +5 -3
  28. package/.agents/skills/maestro-ralph/SKILL.md +8 -8
  29. package/.agents/skills/maestro-ralph-cli/SKILL.md +665 -0
  30. package/.agents/skills/maestro-ralph-cli-execute/SKILL.md +239 -0
  31. package/.agents/skills/maestro-ralph-execute/SKILL.md +127 -11
  32. package/.agents/skills/maestro-roadmap/SKILL.md +1 -1
  33. package/.agents/skills/maestro-swarm-workflow/SKILL.md +16 -14
  34. package/.agents/skills/maestro-tools-register/SKILL.md +16 -1
  35. package/.agents/skills/maestro-ui-codify/SKILL.md +11 -1
  36. package/.agents/skills/maestro-universal-workflow/SKILL.md +28 -5
  37. package/.agents/skills/maestro-update/SKILL.md +10 -7
  38. package/.agents/skills/manage-codebase-rebuild/SKILL.md +5 -1
  39. package/.agents/skills/manage-drift-realign/SKILL.md +6 -2
  40. package/.agents/skills/manage-harvest/SKILL.md +4 -1
  41. package/.agents/skills/manage-issue-discover/SKILL.md +1 -0
  42. package/.agents/skills/manage-kg-extractors/SKILL.md +5 -1
  43. package/.agents/skills/manage-knowhow-capture/SKILL.md +1 -0
  44. package/.agents/skills/manage-knowledge-audit/SKILL.md +3 -0
  45. package/.agents/skills/manage-wiki/SKILL.md +1 -0
  46. package/.agents/skills/odyssey-debug/SKILL.md +2 -1
  47. package/.agents/skills/odyssey-improve/SKILL.md +2 -2
  48. package/.agents/skills/odyssey-planex/SKILL.md +8 -7
  49. package/.agents/skills/odyssey-review-test-fix/SKILL.md +4 -1
  50. package/.agents/skills/odyssey-ui/SKILL.md +4 -4
  51. package/.agents/skills/quality-auto-test/SKILL.md +11 -1
  52. package/.agents/skills/quality-debug/SKILL.md +16 -2
  53. package/.agents/skills/quality-retrospective/SKILL.md +9 -1
  54. package/.agents/skills/quality-review/SKILL.md +8 -0
  55. package/.agents/skills/quality-sync/SKILL.md +2 -2
  56. package/.agents/skills/quality-test/SKILL.md +9 -1
  57. package/.agents/skills/security-audit/SKILL.md +14 -4
  58. package/.agents/skills/spec-add/SKILL.md +5 -2
  59. package/.agents/skills/spec-load/SKILL.md +1 -1
  60. package/.agents/skills/spec-remove/SKILL.md +1 -1
  61. package/.agents/skills/spec-setup/SKILL.md +3 -0
  62. package/.agy/skills/domain-add/SKILL.md +3 -0
  63. package/.agy/skills/learn-decompose/SKILL.md +7 -4
  64. package/.agy/skills/learn-follow/SKILL.md +4 -2
  65. package/.agy/skills/learn-investigate/SKILL.md +8 -6
  66. package/.agy/skills/learn-second-opinion/SKILL.md +6 -3
  67. package/.agy/skills/maestro/SKILL.md +1 -1
  68. package/.agy/skills/maestro-amend/SKILL.md +1 -1
  69. package/.agy/skills/maestro-analyze/SKILL.md +1 -1
  70. package/.agy/skills/maestro-blueprint/SKILL.md +1 -1
  71. package/.agy/skills/maestro-brainstorm/SKILL.md +4 -1
  72. package/.agy/skills/maestro-collab/SKILL.md +6 -2
  73. package/.agy/skills/maestro-companion/SKILL.md +4 -1
  74. package/.agy/skills/maestro-composer/SKILL.md +4 -2
  75. package/.agy/skills/maestro-execute/SKILL.md +26 -8
  76. package/.agy/skills/maestro-fork/SKILL.md +4 -3
  77. package/.agy/skills/maestro-grill/SKILL.md +1 -1
  78. package/.agy/skills/maestro-guard/SKILL.md +2 -2
  79. package/.agy/skills/maestro-impeccable/SKILL.md +2 -1
  80. package/.agy/skills/maestro-init/SKILL.md +1 -1
  81. package/.agy/skills/maestro-merge/SKILL.md +12 -1
  82. package/.agy/skills/maestro-milestone-audit/SKILL.md +1 -0
  83. package/.agy/skills/maestro-milestone-complete/SKILL.md +8 -3
  84. package/.agy/skills/maestro-milestone-release/SKILL.md +8 -4
  85. package/.agy/skills/maestro-overlay/SKILL.md +9 -0
  86. package/.agy/skills/maestro-plan/SKILL.md +1 -0
  87. package/.agy/skills/maestro-player/SKILL.md +2 -2
  88. package/.agy/skills/maestro-quick/SKILL.md +5 -3
  89. package/.agy/skills/maestro-ralph/SKILL.md +8 -8
  90. package/.agy/skills/maestro-ralph-cli/SKILL.md +661 -0
  91. package/.agy/skills/maestro-ralph-cli-execute/SKILL.md +235 -0
  92. package/.agy/skills/maestro-ralph-execute/SKILL.md +127 -11
  93. package/.agy/skills/maestro-roadmap/SKILL.md +1 -1
  94. package/.agy/skills/maestro-swarm-workflow/SKILL.md +16 -14
  95. package/.agy/skills/maestro-tools-register/SKILL.md +16 -1
  96. package/.agy/skills/maestro-ui-codify/SKILL.md +11 -1
  97. package/.agy/skills/maestro-universal-workflow/SKILL.md +28 -5
  98. package/.agy/skills/maestro-update/SKILL.md +10 -7
  99. package/.agy/skills/manage-codebase-rebuild/SKILL.md +5 -1
  100. package/.agy/skills/manage-drift-realign/SKILL.md +6 -2
  101. package/.agy/skills/manage-harvest/SKILL.md +4 -1
  102. package/.agy/skills/manage-issue-discover/SKILL.md +1 -0
  103. package/.agy/skills/manage-kg-extractors/SKILL.md +5 -1
  104. package/.agy/skills/manage-knowhow-capture/SKILL.md +1 -0
  105. package/.agy/skills/manage-knowledge-audit/SKILL.md +3 -0
  106. package/.agy/skills/manage-wiki/SKILL.md +1 -0
  107. package/.agy/skills/odyssey-debug/SKILL.md +2 -1
  108. package/.agy/skills/odyssey-improve/SKILL.md +2 -2
  109. package/.agy/skills/odyssey-planex/SKILL.md +8 -7
  110. package/.agy/skills/odyssey-review-test-fix/SKILL.md +4 -1
  111. package/.agy/skills/odyssey-ui/SKILL.md +4 -4
  112. package/.agy/skills/quality-auto-test/SKILL.md +11 -1
  113. package/.agy/skills/quality-debug/SKILL.md +16 -2
  114. package/.agy/skills/quality-retrospective/SKILL.md +9 -1
  115. package/.agy/skills/quality-review/SKILL.md +8 -0
  116. package/.agy/skills/quality-sync/SKILL.md +2 -2
  117. package/.agy/skills/quality-test/SKILL.md +9 -1
  118. package/.agy/skills/security-audit/SKILL.md +14 -4
  119. package/.agy/skills/spec-add/SKILL.md +5 -2
  120. package/.agy/skills/spec-load/SKILL.md +1 -1
  121. package/.agy/skills/spec-remove/SKILL.md +1 -1
  122. package/.agy/skills/spec-setup/SKILL.md +3 -0
  123. package/.claude/commands/domain-add.md +3 -0
  124. package/.claude/commands/learn-decompose.md +7 -4
  125. package/.claude/commands/learn-follow.md +4 -2
  126. package/.claude/commands/learn-investigate.md +8 -6
  127. package/.claude/commands/learn-second-opinion.md +6 -3
  128. package/.claude/commands/maestro-amend.md +1 -1
  129. package/.claude/commands/maestro-analyze.md +1 -1
  130. package/.claude/commands/maestro-blueprint.md +1 -1
  131. package/.claude/commands/maestro-brainstorm.md +4 -1
  132. package/.claude/commands/maestro-collab.md +6 -2
  133. package/.claude/commands/maestro-companion.md +4 -1
  134. package/.claude/commands/maestro-composer.md +4 -2
  135. package/.claude/commands/maestro-execute.md +26 -8
  136. package/.claude/commands/maestro-fork.md +4 -3
  137. package/.claude/commands/maestro-grill.md +1 -1
  138. package/.claude/commands/maestro-guard.md +2 -2
  139. package/.claude/commands/maestro-impeccable.md +2 -1
  140. package/.claude/commands/maestro-init.md +1 -1
  141. package/.claude/commands/maestro-merge.md +12 -1
  142. package/.claude/commands/maestro-milestone-audit.md +1 -0
  143. package/.claude/commands/maestro-milestone-complete.md +8 -3
  144. package/.claude/commands/maestro-milestone-release.md +8 -4
  145. package/.claude/commands/maestro-overlay.md +9 -0
  146. package/.claude/commands/maestro-plan.md +1 -0
  147. package/.claude/commands/maestro-player.md +2 -2
  148. package/.claude/commands/maestro-quick.md +5 -3
  149. package/.claude/commands/maestro-ralph-cli-execute.md +237 -0
  150. package/.claude/commands/maestro-ralph-cli.md +663 -0
  151. package/.claude/commands/maestro-ralph-execute.md +127 -11
  152. package/.claude/commands/maestro-ralph.md +8 -8
  153. package/.claude/commands/maestro-roadmap.md +1 -1
  154. package/.claude/commands/maestro-swarm-workflow.md +16 -14
  155. package/.claude/commands/maestro-tools-register.md +16 -1
  156. package/.claude/commands/maestro-ui-codify.md +11 -1
  157. package/.claude/commands/maestro-universal-workflow.md +28 -5
  158. package/.claude/commands/maestro-update.md +10 -7
  159. package/.claude/commands/maestro.md +1 -1
  160. package/.claude/commands/manage-codebase-rebuild.md +5 -1
  161. package/.claude/commands/manage-drift-realign.md +6 -2
  162. package/.claude/commands/manage-harvest.md +4 -1
  163. package/.claude/commands/manage-issue-discover.md +1 -0
  164. package/.claude/commands/manage-kg-extractors.md +5 -1
  165. package/.claude/commands/manage-knowhow-capture.md +1 -0
  166. package/.claude/commands/manage-knowledge-audit.md +3 -0
  167. package/.claude/commands/manage-wiki.md +1 -0
  168. package/.claude/commands/odyssey-debug.md +2 -1
  169. package/.claude/commands/odyssey-improve.md +2 -2
  170. package/.claude/commands/odyssey-planex.md +8 -7
  171. package/.claude/commands/odyssey-review-test-fix.md +4 -1
  172. package/.claude/commands/odyssey-ui.md +4 -4
  173. package/.claude/commands/quality-auto-test.md +11 -1
  174. package/.claude/commands/quality-debug.md +16 -2
  175. package/.claude/commands/quality-retrospective.md +9 -1
  176. package/.claude/commands/quality-review.md +8 -0
  177. package/.claude/commands/quality-sync.md +2 -2
  178. package/.claude/commands/quality-test.md +9 -1
  179. package/.claude/commands/security-audit.md +14 -4
  180. package/.claude/commands/spec-add.md +5 -2
  181. package/.claude/commands/spec-load.md +1 -1
  182. package/.claude/commands/spec-remove.md +1 -1
  183. package/.claude/commands/spec-setup.md +3 -0
  184. package/.codex/skills/codify-to-knowhow/SKILL.md +27 -15
  185. package/.codex/skills/domain-add/SKILL.md +5 -3
  186. package/.codex/skills/learn-decompose/SKILL.md +22 -4
  187. package/.codex/skills/learn-follow/SKILL.md +12 -6
  188. package/.codex/skills/learn-investigate/SKILL.md +11 -6
  189. package/.codex/skills/learn-retro/SKILL.md +12 -6
  190. package/.codex/skills/learn-second-opinion/SKILL.md +11 -3
  191. package/.codex/skills/maestro/SKILL.md +19 -13
  192. package/.codex/skills/maestro-amend/SKILL.md +10 -2
  193. package/.codex/skills/maestro-analyze/SKILL.md +7 -1
  194. package/.codex/skills/maestro-blueprint/SKILL.md +1 -1
  195. package/.codex/skills/maestro-brainstorm/SKILL.md +11 -8
  196. package/.codex/skills/maestro-collab/SKILL.md +5 -5
  197. package/.codex/skills/maestro-companion/SKILL.md +4 -1
  198. package/.codex/skills/maestro-composer/SKILL.md +6 -3
  199. package/.codex/skills/maestro-execute/SKILL.md +11 -8
  200. package/.codex/skills/maestro-fork/SKILL.md +4 -3
  201. package/.codex/skills/maestro-grill/SKILL.md +1 -1
  202. package/.codex/skills/maestro-guard/SKILL.md +1 -1
  203. package/.codex/skills/maestro-impeccable/SKILL.md +5 -5
  204. package/.codex/skills/maestro-init/SKILL.md +3 -2
  205. package/.codex/skills/maestro-milestone-audit/SKILL.md +21 -9
  206. package/.codex/skills/maestro-milestone-complete/SKILL.md +3 -3
  207. package/.codex/skills/maestro-milestone-release/SKILL.md +18 -1
  208. package/.codex/skills/maestro-next/SKILL.md +11 -10
  209. package/.codex/skills/maestro-overlay/SKILL.md +16 -6
  210. package/.codex/skills/maestro-player/SKILL.md +11 -5
  211. package/.codex/skills/maestro-quick/SKILL.md +2 -2
  212. package/.codex/skills/maestro-ralph/SKILL.md +44 -31
  213. package/.codex/skills/maestro-ralph-cli/SKILL.md +394 -0
  214. package/.codex/skills/maestro-ralph-cli-execute/SKILL.md +146 -0
  215. package/.codex/skills/maestro-ralph-execute/SKILL.md +105 -24
  216. package/.codex/skills/maestro-roadmap/SKILL.md +8 -2
  217. package/.codex/skills/maestro-tools-execute/SKILL.md +8 -4
  218. package/.codex/skills/maestro-tools-register/SKILL.md +10 -6
  219. package/.codex/skills/maestro-ui-codify/SKILL.md +14 -9
  220. package/.codex/skills/manage-codebase-rebuild/SKILL.md +36 -14
  221. package/.codex/skills/manage-codebase-refresh/SKILL.md +1 -1
  222. package/.codex/skills/manage-drift-realign/SKILL.md +15 -12
  223. package/.codex/skills/manage-harvest/SKILL.md +1 -1
  224. package/.codex/skills/manage-issue/SKILL.md +8 -4
  225. package/.codex/skills/manage-issue-discover/SKILL.md +15 -14
  226. package/.codex/skills/manage-knowhow/SKILL.md +3 -2
  227. package/.codex/skills/manage-knowhow-capture/SKILL.md +4 -3
  228. package/.codex/skills/manage-learn/SKILL.md +2 -2
  229. package/.codex/skills/odyssey-debug/SKILL.md +12 -7
  230. package/.codex/skills/odyssey-improve/SKILL.md +11 -6
  231. package/.codex/skills/odyssey-planex/SKILL.md +14 -8
  232. package/.codex/skills/odyssey-review-test-fix/SKILL.md +12 -7
  233. package/.codex/skills/odyssey-ui/SKILL.md +10 -5
  234. package/.codex/skills/quality-auto-test/SKILL.md +13 -5
  235. package/.codex/skills/quality-debug/SKILL.md +18 -11
  236. package/.codex/skills/quality-refactor/SKILL.md +4 -4
  237. package/.codex/skills/quality-retrospective/SKILL.md +5 -6
  238. package/.codex/skills/quality-review/SKILL.md +18 -11
  239. package/.codex/skills/quality-sync/SKILL.md +2 -2
  240. package/.codex/skills/quality-test/SKILL.md +7 -5
  241. package/.codex/skills/security-audit/SKILL.md +7 -5
  242. package/.codex/skills/spec-add/SKILL.md +9 -7
  243. package/.codex/skills/spec-load/SKILL.md +3 -2
  244. package/.codex/skills/spec-map/SKILL.md +10 -1
  245. package/.codex/skills/spec-remove/SKILL.md +3 -2
  246. package/.codex/skills/team-coordinate/SKILL.md +10 -4
  247. package/.codex/skills/team-lifecycle-v4/SKILL.md +33 -26
  248. package/.codex/skills/team-quality-assurance/SKILL.md +43 -0
  249. package/.codex/skills/team-review/SKILL.md +50 -6
  250. package/.codex/skills/team-tech-debt/SKILL.md +53 -7
  251. package/.codex/skills/team-testing/SKILL.md +50 -2
  252. package/.codex/skills/wiki-connect/SKILL.md +3 -1
  253. package/.codex/skills/wiki-digest/SKILL.md +6 -4
  254. package/dashboard/dist-server/dashboard/src/server/wiki/embedding.d.ts +16 -0
  255. package/dashboard/dist-server/dashboard/src/server/wiki/embedding.js +419 -44
  256. package/dashboard/dist-server/dashboard/src/server/wiki/embedding.js.map +1 -1
  257. package/dashboard/dist-server/dashboard/src/server/wiki/wiki-indexer.js +43 -5
  258. package/dashboard/dist-server/dashboard/src/server/wiki/wiki-indexer.js.map +1 -1
  259. package/dashboard/dist-server/src/graph/kg/db/types.d.ts +3 -0
  260. package/dashboard/dist-server/src/graph/kg/embedding/code-embedding.d.ts +46 -0
  261. package/dashboard/dist-server/src/graph/kg/embedding/code-embedding.js +329 -0
  262. package/dashboard/dist-server/src/graph/kg/embedding/code-embedding.js.map +1 -0
  263. package/dashboard/dist-server/src/graph/kg/embedding/index.d.ts +2 -0
  264. package/dashboard/dist-server/src/graph/kg/embedding/index.js +3 -0
  265. package/dashboard/dist-server/src/graph/kg/embedding/index.js.map +1 -0
  266. package/dashboard/dist-server/src/graph/kg/engine.d.ts +19 -1
  267. package/dashboard/dist-server/src/graph/kg/engine.js +71 -1
  268. package/dashboard/dist-server/src/graph/kg/engine.js.map +1 -1
  269. package/dashboard/dist-server/src/graph/kg/query/scoring.d.ts +5 -0
  270. package/dashboard/dist-server/src/graph/kg/query/scoring.js +85 -1
  271. package/dashboard/dist-server/src/graph/kg/query/scoring.js.map +1 -1
  272. package/dashboard/dist-server/src/graph/kg/query/search.d.ts +7 -0
  273. package/dashboard/dist-server/src/graph/kg/query/search.js +117 -1
  274. package/dashboard/dist-server/src/graph/kg/query/search.js.map +1 -1
  275. package/dashboard/dist-server/src/graph/kg/surface/mcp-tools.js +49 -0
  276. package/dashboard/dist-server/src/graph/kg/surface/mcp-tools.js.map +1 -1
  277. package/dashboard/dist-server/src/hooks/kg-sync-hook.js +3 -0
  278. package/dashboard/dist-server/src/hooks/kg-sync-hook.js.map +1 -1
  279. package/dist/src/core/plugin-bridge.d.ts.map +1 -1
  280. package/dist/src/core/plugin-bridge.js +17 -0
  281. package/dist/src/core/plugin-bridge.js.map +1 -1
  282. package/dist/src/graph/kg/db/types.d.ts +3 -0
  283. package/dist/src/graph/kg/db/types.d.ts.map +1 -1
  284. package/dist/src/graph/kg/embedding/code-embedding.d.ts +47 -0
  285. package/dist/src/graph/kg/embedding/code-embedding.d.ts.map +1 -0
  286. package/dist/src/graph/kg/embedding/code-embedding.js +329 -0
  287. package/dist/src/graph/kg/embedding/code-embedding.js.map +1 -0
  288. package/dist/src/graph/kg/embedding/index.d.ts +3 -0
  289. package/dist/src/graph/kg/embedding/index.d.ts.map +1 -0
  290. package/dist/src/graph/kg/embedding/index.js +3 -0
  291. package/dist/src/graph/kg/embedding/index.js.map +1 -0
  292. package/dist/src/graph/kg/engine.d.ts +19 -1
  293. package/dist/src/graph/kg/engine.d.ts.map +1 -1
  294. package/dist/src/graph/kg/engine.js +71 -1
  295. package/dist/src/graph/kg/engine.js.map +1 -1
  296. package/dist/src/graph/kg/query/scoring.d.ts +5 -0
  297. package/dist/src/graph/kg/query/scoring.d.ts.map +1 -1
  298. package/dist/src/graph/kg/query/scoring.js +85 -1
  299. package/dist/src/graph/kg/query/scoring.js.map +1 -1
  300. package/dist/src/graph/kg/query/search.d.ts +7 -0
  301. package/dist/src/graph/kg/query/search.d.ts.map +1 -1
  302. package/dist/src/graph/kg/query/search.js +117 -1
  303. package/dist/src/graph/kg/query/search.js.map +1 -1
  304. package/dist/src/graph/kg/surface/mcp-tools.d.ts.map +1 -1
  305. package/dist/src/graph/kg/surface/mcp-tools.js +49 -0
  306. package/dist/src/graph/kg/surface/mcp-tools.js.map +1 -1
  307. package/dist/src/hooks/kg-sync-hook.d.ts.map +1 -1
  308. package/dist/src/hooks/kg-sync-hook.js +3 -0
  309. package/dist/src/hooks/kg-sync-hook.js.map +1 -1
  310. package/dist/src/tools/code-semantic-search.d.ts +10 -0
  311. package/dist/src/tools/code-semantic-search.d.ts.map +1 -0
  312. package/dist/src/tools/code-semantic-search.js +81 -0
  313. package/dist/src/tools/code-semantic-search.js.map +1 -0
  314. package/dist/src/tools/index.d.ts.map +1 -1
  315. package/dist/src/tools/index.js +4 -0
  316. package/dist/src/tools/index.js.map +1 -1
  317. package/dist/src/tools/wiki-search.d.ts +13 -0
  318. package/dist/src/tools/wiki-search.d.ts.map +1 -0
  319. package/dist/src/tools/wiki-search.js +114 -0
  320. package/dist/src/tools/wiki-search.js.map +1 -0
  321. package/dist/src/utils/update-notices.js +12 -0
  322. package/dist/src/utils/update-notices.js.map +1 -1
  323. package/package.json +4 -1
@@ -21,7 +21,7 @@ Wave-based hypothesis-driven debugging using `spawn_agents_on_csv`. Wave 1 explo
21
21
  All mean: **return to evidence gathering**.
22
22
 
23
23
  ## Escalation Rule
24
- After **3 failed hypotheses**, STOP. Summarize failures, question architecture, present to user.
24
+ After wave 1, if **0 hypotheses confirmed** (all refuted/inconclusive/failed) AND total hypotheses >= 3: STOP. Skip wave 2. Summarize failures, question architecture assumptions, present to user via `request_user_input` for guidance before proceeding.
25
25
 
26
26
  ## Backward Tracing
27
27
  Find where incorrect value appears → trace backward through call chain → fix at source, not symptom.
@@ -160,7 +160,7 @@ Each wave generates `wave-{N}.csv` with Input columns + `prev_context` only. Out
160
160
  5. **Discovery Board is Append-Only**: Never clear, modify, or recreate discoveries.ndjson
161
161
  6. **Skip on Refuted**: Wave 2 fix tasks skip if their hypothesis was refuted or inconclusive
162
162
  7. **Cleanup Temp Files**: Remove wave-{N}.csv AND wave-{N}-results.csv after results are merged into master tasks.csv
163
- 8. **DO NOT STOP**: Continuous execution until all waves complete
163
+ 8. **Escalation gate**: After wave 1 merge, if 0 hypotheses confirmed AND total >= 3, STOP and present to user (overrides continuous execution). Otherwise, continuous execution until all waves complete
164
164
  </invariants>
165
165
 
166
166
  <execution>
@@ -254,7 +254,7 @@ spawn_agents_on_csv({
254
254
  properties: {
255
255
  id: { type: "string" },
256
256
  result_status: { type: "string", enum: ["completed", "failed"] },
257
- hypothesis_verdict: { type: "string", enum: ["confirmed", "refuted", "inconclusive"], description: "Investigation outcome" },
257
+ hypothesis_verdict: { type: "string", enum: ["confirmed", "refuted", "inconclusive"], description: "Investigation outcome. Use 'inconclusive' as fallback when result_status=failed." },
258
258
  findings: { type: "string", maxLength: 500 },
259
259
  evidence_for: { type: "string" },
260
260
  evidence_against: { type: "string" },
@@ -294,7 +294,7 @@ REQUIRED STEPS:
294
294
  TERMINATION CONTRACT (mandatory — NO worker may end without calling report_agent_job_result):
295
295
  - Success path → result_status=completed, hypothesis_verdict = confirmed | refuted, with evidence
296
296
  - Timeout path → if approaching {max_runtime_seconds}, STOP investigation and report result_status=completed, hypothesis_verdict=inconclusive
297
- - Failure path → on any unrecoverable error, result_status=failed with error message
297
+ - Failure path → on any unrecoverable error, result_status=failed, hypothesis_verdict=inconclusive, with error message
298
298
  - NEVER continue indefinitely. NEVER exit silently. NEVER omit the call.
299
299
 
300
300
  OUTPUT (return via report_agent_job_result; must match output_schema):
@@ -333,10 +333,10 @@ spawn_agents_on_csv({
333
333
  properties: {
334
334
  id: { type: "string" },
335
335
  result_status: { type: "string", enum: ["completed", "failed"] },
336
- fix_result: { type: "string", enum: ["fixed", "fix_failed"], description: "Fix attempt outcome" },
336
+ fix_result: { type: "string", enum: ["fixed", "fix_failed"], description: "Fix attempt outcome. Use 'fix_failed' as fallback when result_status=failed." },
337
337
  findings: { type: "string", maxLength: 500 },
338
338
  fix_applied: { type: "string" },
339
- verified: { type: "string", enum: ["true", "false"] },
339
+ verified: { type: "string", enum: ["true", "false"], description: "Use 'false' as fallback when result_status=failed." },
340
340
  error: { type: "string" }
341
341
  },
342
342
  required: ["id", "result_status", "fix_result", "findings", "verified"]
@@ -366,8 +366,8 @@ REQUIRED STEPS:
366
366
  TERMINATION CONTRACT (mandatory):
367
367
  - Success path → fix applied AND verified → result_status=completed, fix_result=fixed, verified="true"
368
368
  - Partial path → fix applied but verification failed → result_status=completed, fix_result=fix_failed, verified="false"
369
- - Timeout path → approaching {max_runtime_seconds} with no fix applied → result_status=completed, fix_result=fix_failed with error="timeout"
370
- - Failure path → cannot apply fix (file missing, parse error, etc.) → result_status=failed
369
+ - Timeout path → approaching {max_runtime_seconds} with no fix applied → result_status=completed, fix_result=fix_failed, verified="false", error="timeout"
370
+ - Failure path → cannot apply fix (file missing, parse error, etc.) → result_status=failed, fix_result=fix_failed, verified="false", with error message
371
371
  - NEVER continue indefinitely. NEVER exit silently. NEVER omit the call.
372
372
 
373
373
  OUTPUT (return via report_agent_job_result; must match output_schema):
@@ -399,11 +399,18 @@ CONSTRAINTS:
399
399
 
400
400
  Dimensions (4): hypothesis_quality, evidence_completeness, root_cause_isolation, fix_confidence. Factors (weights): evidence_depth(.30), evidence_strength(.25), coverage_breadth(.20), reproduction(.15), consistency(.10). Map to legacy: <40% = low, 40-70% = medium, >70% = high. Append confidence assessment to understanding.md.
401
401
 
402
- 3. **UAT update** (if --from-uat): Update `uat.md` gaps with `root_cause`, `fix_direction`, `affected_files` for confirmed hypotheses.
402
+ 2c. **Side-effect confirmation gate** (skip when `-y/--yes`):
403
+ Before writing to external stores, present a summary to the user via `request_user_input`:
404
+ - UAT gaps to update (count + hypothesis titles) if --from-uat
405
+ - Issues to update (count + issue IDs)
406
+ - Artifact registration in state.json
407
+ The user can approve all, selectively exclude, or skip entirely.
403
408
 
404
- 4. **Issue update**: If `issues.jsonl` exists, update matching issues with status `diagnosed`, add `context.suggested_fix` and `context.notes`.
409
+ 3. **UAT update** (approved items only; if --from-uat): Update `uat.md` gaps with `root_cause`, `fix_direction`, `affected_files` for confirmed hypotheses.
405
410
 
406
- 5. **Register artifact** (phase-scoped only): Append to `state.json.artifacts[]` with `type: "debug"`, `id: DBG-NNN`, `depends_on: triggering_review_id || exec_art.id`.
411
+ 4. **Issue update** (approved items only): If `issues.jsonl` exists, update matching issues with status `diagnosed`, add `context.suggested_fix` and `context.notes`.
412
+
413
+ 5. **Register artifact** (approved items only; phase-scoped): Append to `state.json.artifacts[]` with `type: "debug"`, `id: DBG-NNN`, `depends_on: triggering_review_id || exec_art.id`.
407
414
 
408
415
  6. **Post-debug Knowledge Inquiry**: Prompt user to capture knowledge when:
409
416
  - Recurring root cause pattern detected -> `$spec-add debug`
@@ -95,12 +95,12 @@ Each wave generates `wave-{N}.csv` with extra `prev_context` column populated fr
95
95
 
96
96
  <invariants>
97
97
  1. **Test after every change** -- zero regressions tolerated
98
- 2. **Revert on failure** -- never leave broken state
98
+ 2. **Revert on failure** -- never leave broken state; revert ONLY files listed in the task's `files_modified` output (tracked per worker), never `git checkout .` or `git reset --hard` which may discard unrelated user changes
99
99
  3. **Max 2 retries per task** with strategy adjustment
100
100
  4. **Reflection-driven** -- every round records strategy, outcome, adjustment
101
101
  5. **User approval required** before execution (Step 4)
102
102
  6. **Quick wins first** -- order by risk (low first) and dependency
103
- 7. **CSV waves execute synchronously** — each refactoring task dispatched as single-row wave, wait for completion before next
103
+ 7. **Single-row waves** — each refactoring task dispatched as its own single-row wave (one task per wave, sequential execution). Wave numbers are assigned 1:1 per task in dependency-safe order (low-risk first, deps respected). No multi-row shared waves.
104
104
  8. **Incremental safety** -- each task is independently safe to apply or revert
105
105
  </invariants>
106
106
 
@@ -157,7 +157,7 @@ Initialize session folder `.workflow/.csv-wave/{dateStr}-refactor-{slug}/`.
157
157
  Initialize `reflection-log.md` and `discoveries.ndjson` in session folder.
158
158
  Build `tasks.csv` from plan.json tasks using csv_schema columns.
159
159
 
160
- **Wave computation**: Group independent same-risk tasks into shared waves. Dependent tasks go to later waves. Low-risk tasks wave first, high-risk last.
160
+ **Wave computation**: Each task gets its own wave number (single-row per wave). Order: low-risk first, high-risk last, dependencies respected.
161
161
 
162
162
  For each wave N in ascending order:
163
163
 
@@ -210,7 +210,7 @@ REQUIRED STEPS:
210
210
  2. Apply refactoring per description, modifying only files in scope
211
211
  3. Verify EVERY convergence_criterion via grep (ALL must pass; ANY miss → failure)
212
212
  4. Run verification_cmd via Bash; capture pass/fail
213
- 5. If tests fail OR convergence fails → revert ALL changes for this task using git (or Edit reverse), set files_modified=""
213
+ 5. If tests fail OR convergence fails → revert ONLY files this task modified (track touched files; use `git checkout -- <file>` per file, NOT `git checkout .` or `git reset --hard`), set files_modified=""
214
214
  6. Append discoveries (type=implementation_note / pattern) to {sessionFolder}/discoveries.ndjson
215
215
  7. Call report_agent_job_result EXACTLY ONCE
216
216
 
@@ -2,7 +2,7 @@
2
2
  name: quality-retrospective
3
3
  description: Use after completing a phase to extract lessons, patterns, and improvement opportunities
4
4
  argument-hint: "[phase|N..M] [--lens technical|process|quality|decision] [--all] [--no-route] [--compare N] [-y]"
5
- allowed-tools: Read, Write, Edit, Bash, Glob, Grep
5
+ allowed-tools: Read, Write, Edit, Bash, Glob, Grep, spawn_agent, wait_agent, close_agent, request_user_input
6
6
  ---
7
7
 
8
8
  <purpose>
@@ -130,7 +130,7 @@ Each artifact's type determines its outputs at `.workflow/{a.path}/`:
130
130
  5. **Synthesizer is isolated**: `fork_turns: "none"` -- receives lens results only via message, not full conversation history
131
131
  6. **Stable INS-ids**: `INS-{8hex}` from `hash(phase_num + lens + title)` -- re-runs do not create duplicates
132
132
  7. **Archive before overwrite**: Move existing retrospective.{md,json} to `.history/` with timestamp before writing new ones
133
- 8. **Spec learnings.md backward-compat**: Append to it only if it already exists -- never create it
133
+ 8. **Spec learnings.md**: Create `.workflow/specs/learnings.md` if it does not exist, then append insights
134
134
  9. **Route confirmation**: Unless `-y`, present routing table and ask per-group before writing spec/issue/knowhow
135
135
  10. **Lessons always written**: Append to `.workflow/specs/learnings.md` regardless of `--no-route` -- routing only controls spec/issue/knowhow creation
136
136
  </invariants>
@@ -166,9 +166,6 @@ Update plan: Stages 1-3 → completed; Stage 4 → in_progress.
166
166
 
167
167
  ### Stage 4: Context-Agent Fork + Parallel Lens Analysis
168
168
 
169
- **Archive if overwriting**:
170
- If existing `retrospective.{md,json}` present, move to `{artifact_dir}/.history/` with timestamp suffix before spawning.
171
-
172
169
  **Step 4a: Spawn context agent**
173
170
  ```javascript
174
171
  spawn_agent({
@@ -253,13 +250,15 @@ If `!AUTO_YES`: present routing table and ask confirmation before routing each g
253
250
 
254
251
  ### Stage 7: Write Artifacts
255
252
 
253
+ **Archive if overwriting**: If existing `retrospective.{md,json}` present, move to `{artifact_dir}/.history/` with timestamp suffix before writing new ones.
254
+
256
255
  Write two files to `{target_dir}/`:
257
256
  - **retrospective.json**: phase, slug, timestamp, lenses_run, metrics, findings_by_lens, distilled_insights, routing_summary
258
257
  - **retrospective.md**: Header with phase/slug/timestamp, metrics table (tasks completed, test pass rate, review issues, UAT scenarios), findings by lens, distilled insights, routing summary
259
258
 
260
259
  Append each insight to `.workflow/specs/learnings.md`.
261
260
 
262
- If `.workflow/specs/learnings.md` already exists, append each insight as `<spec-entry>` (category=`learning`, auto-extract keywords, date=today, source=`retrospective`). Never create the file -- only append if it exists.
261
+ If `.workflow/specs/learnings.md` does not exist, create it with a `# Learnings` header. Append each insight as `<spec-entry>` (category=`learning`, auto-extract keywords, date=today, source=`retrospective`).
263
262
 
264
263
  Update plan: Stages 1-7 → completed; Stage 8 → in_progress.
265
264
 
@@ -65,7 +65,7 @@ $quality-review --continue "20260318-review-P3-auth"
65
65
  **Flags**:
66
66
  - `-y, --yes`: Skip all confirmations (auto mode)
67
67
  - `-c, --concurrency N`: Max concurrent agents within each wave (default: 6)
68
- - `--continue`: Resume existing session
68
+ - `--continue [session-id]`: Resume existing session. If session-id provided, load that session directly. If omitted, list available sessions in `.workflow/.csv-wave/` matching `*-review-*` and prompt user to select. Resume reads master `tasks.csv`, skips completed waves, and continues from the next pending wave.
69
69
  - `--level quick|standard|deep`: Explicit review level (default: auto-detect from file count)
70
70
  - `--dimensions <list>`: Comma-separated subset of dimensions to review (overrides level defaults)
71
71
  - `--skip-specs`: Skip loading project specs as review context
@@ -81,14 +81,14 @@ When `--yes` or `-y`: Auto-confirm dimension selection, skip interactive validat
81
81
  ### tasks.csv (Master State)
82
82
 
83
83
  ```csv
84
- id,title,description,dimension,changed_files,project_specs,review_level,deps,context_from,wave
85
- "1","Correctness Review","Review all changed files for correctness: logic errors, missing edge cases, incorrect return values, null/undefined handling, off-by-one errors. Classify each finding as critical/high/medium/low with file:line references.","correctness","src/auth/login.ts;src/auth/register.ts;src/utils/validation.ts","Existing patterns use Result type for error handling","standard","","","1"
86
- "2","Security Review","Review all changed files for security vulnerabilities: injection flaws, XSS, CSRF, auth bypass, sensitive data exposure, insecure crypto. Reference OWASP Top 10. Classify each finding.","security","src/auth/login.ts;src/auth/register.ts;src/utils/validation.ts","Auth uses bcrypt + JWT","standard","","","1"
87
- "3","Performance Review","Review all changed files for performance issues: N+1 queries, unnecessary re-renders, memory leaks, blocking operations, unoptimized algorithms.","performance","src/auth/login.ts;src/auth/register.ts;src/utils/validation.ts","","standard","","","1"
88
- "4","Architecture Review","Review all changed files for architecture issues: layer violations, circular dependencies, inappropriate coupling, missing abstractions, SRP violations.","architecture","src/auth/login.ts;src/auth/register.ts;src/utils/validation.ts","ESM modules, strict TypeScript","standard","","","1"
89
- "5","Maintainability Review","Review all changed files for maintainability: code duplication, overly complex functions, poor naming, missing types, unclear control flow.","maintainability","src/auth/login.ts;src/auth/register.ts;src/utils/validation.ts","","standard","","","1"
90
- "6","Best Practices Review","Review all changed files for best-practice violations: error handling gaps, missing validation, hardcoded values, deprecated API usage, inconsistent patterns.","best-practices","src/auth/login.ts;src/auth/register.ts;src/utils/validation.ts","","standard","","","1"
91
- "7","Aggregate + Deep-Dive","Aggregate all dimension findings. Calculate severity distribution. Determine verdict (PASS/WARN/BLOCK). If critical findings exist, perform deep-dive with cross-file impact analysis.","aggregation","src/auth/login.ts;src/auth/register.ts;src/utils/validation.ts","","standard","1;2;3;4;5;6","1;2;3;4;5;6","2"
84
+ id,title,description,dimension,changed_files,project_specs,review_level,deps,context_from,wave,status
85
+ "1","Correctness Review","Review all changed files for correctness: logic errors, missing edge cases, incorrect return values, null/undefined handling, off-by-one errors. Classify each finding as critical/high/medium/low with file:line references.","correctness","src/auth/login.ts;src/auth/register.ts;src/utils/validation.ts","Existing patterns use Result type for error handling","standard","","","1","pending"
86
+ "2","Security Review","Review all changed files for security vulnerabilities: injection flaws, XSS, CSRF, auth bypass, sensitive data exposure, insecure crypto. Reference OWASP Top 10. Classify each finding.","security","src/auth/login.ts;src/auth/register.ts;src/utils/validation.ts","Auth uses bcrypt + JWT","standard","","","1","pending"
87
+ "3","Performance Review","Review all changed files for performance issues: N+1 queries, unnecessary re-renders, memory leaks, blocking operations, unoptimized algorithms.","performance","src/auth/login.ts;src/auth/register.ts;src/utils/validation.ts","","standard","","","1","pending"
88
+ "4","Architecture Review","Review all changed files for architecture issues: layer violations, circular dependencies, inappropriate coupling, missing abstractions, SRP violations.","architecture","src/auth/login.ts;src/auth/register.ts;src/utils/validation.ts","ESM modules, strict TypeScript","standard","","","1","pending"
89
+ "5","Maintainability Review","Review all changed files for maintainability: code duplication, overly complex functions, poor naming, missing types, unclear control flow.","maintainability","src/auth/login.ts;src/auth/register.ts;src/utils/validation.ts","","standard","","","1","pending"
90
+ "6","Best Practices Review","Review all changed files for best-practice violations: error handling gaps, missing validation, hardcoded values, deprecated API usage, inconsistent patterns.","best-practices","src/auth/login.ts;src/auth/register.ts;src/utils/validation.ts","","standard","","","1","pending"
91
+ "7","Aggregate + Deep-Dive","Aggregate all dimension findings. Calculate severity distribution. Determine verdict (PASS/WARN/BLOCK). If critical findings exist, perform deep-dive with cross-file impact analysis.","aggregation","src/auth/login.ts;src/auth/register.ts;src/utils/validation.ts","","standard","1;2;3;4;5;6","1;2;3;4;5;6","2","pending"
92
92
  ```
93
93
 
94
94
  **Columns**:
@@ -105,6 +105,7 @@ id,title,description,dimension,changed_files,project_specs,review_level,deps,con
105
105
  | `deps` | Input | Semicolon-separated dependency task IDs |
106
106
  | `context_from` | Input | Semicolon-separated task IDs whose findings this task needs |
107
107
  | `wave` | Computed | Wave number (1 = dimension review, 2 = aggregation) |
108
+ | `status` | Lifecycle | Task lifecycle state in master CSV: `pending` / `completed` / `failed` / `skipped` (initialized to `pending`; updated during merge from `result_status`) |
108
109
  | `result_status` | Output | `completed` / `failed` (returned via output_schema) |
109
110
  | `findings` | Output | Key review findings summary (max 500 chars) |
110
111
  | `severity_counts` | Output | JSON: `{"critical":N,"high":N,"medium":N,"low":N}` |
@@ -166,6 +167,12 @@ Parse `$ARGUMENTS` to extract:
166
167
  - `dimsMatch` from `--dimensions <list>`
167
168
  - `phaseArg` = remaining text after stripping all flags
168
169
 
170
+ **Resume flow** (when `--continue`):
171
+ 1. If session-id argument provided: load `.workflow/.csv-wave/{session-id}/tasks.csv` directly
172
+ 2. If no session-id: scan `.workflow/.csv-wave/*-review-*` directories, list sessions with their status (pending wave counts), prompt user to select
173
+ 3. Read master `tasks.csv`, identify next pending wave (lowest wave number with `status == "pending"` rows), skip to Phase 2 for that wave
174
+ 4. If no pending rows remain, skip to Phase 3 (results aggregation)
175
+
169
176
  Session ID: `{YYYYMMDD}-review-P{phaseArg}-{phaseSlug}` (phaseSlug from index.json or roadmap)
170
177
  Session folder: `.workflow/.csv-wave/{sessionId}/` — create via `mkdir -p`
171
178
 
@@ -210,7 +217,7 @@ If `--dimensions` flag provided, override with explicit list.
210
217
 
211
218
  #### Wave 1: Dimension Reviews (Parallel)
212
219
 
213
- Filter master `tasks.csv` for `wave == 1 AND status == pending` → write `wave-1.csv` (no prev_context needed).
220
+ Filter master `tasks.csv` for `wave == 1 AND status == "pending"` → write `wave-1.csv` (no prev_context needed).
214
221
 
215
222
  ```javascript
216
223
  spawn_agents_on_csv({
@@ -275,7 +282,7 @@ CONSTRAINTS:
275
282
 
276
283
  #### Wave 2: Aggregation + Deep-Dive
277
284
 
278
- Filter master `tasks.csv` for `wave == 2 AND status == pending`. If all wave 1 tasks failed, skip aggregation (invariant 6).
285
+ Filter master `tasks.csv` for `wave == 2 AND status == "pending"`. If all wave 1 tasks failed, skip aggregation (invariant 6).
279
286
 
280
287
  Build `prev_context` from wave 1 findings (format: `[Task N: Title] summary...` per task). **Failed-dependency handling**: exclude failed task IDs from prev_context. If SOME wave 1 tasks failed, append gap_note listing missing dimensions so the aggregation agent knows its coverage is incomplete.
281
288
  Write `wave-2.csv` with `prev_context` column → execute `spawn_agents_on_csv` with `REVIEW_AGGREGATION_INSTRUCTION` (same termination contract; output_schema returns `result_status` enum [completed|failed], findings, plus `verdict` enum [PASS|WARN|BLOCK]) → merge results into master `tasks.csv` (map `result_status` → master `status` column) → delete both `wave-2.csv` and `wave-2-results.csv`.
@@ -37,8 +37,8 @@ Verify `.workflow/` directory exists — if missing, raise E001.
37
37
  If `--full`: skip diff, mark all tracked files as changed.
38
38
 
39
39
  Otherwise:
40
- 1. Read last sync timestamp from `state.json` field `last_synced`
41
- 2. If `--since` provided, use that as baseline
40
+ 1. Read last sync commit from `state.json` field `last_synced_commit` (a git commit hash). If `last_synced_commit` is missing, fall back to `git log --reverse --format=%H | head -1` (first commit) as baseline.
41
+ 2. If `--since` provided, use that as baseline (overrides `last_synced_commit`)
42
42
  3. Run `git diff --name-only {baseline} HEAD` to get changed files
43
43
 
44
44
  If no changes and not `--full`, report clean state (W001) and exit.
@@ -39,7 +39,7 @@ id,test_id,cluster,test_name,expected,reported,severity,target_files,issue_id,so
39
39
  ```
40
40
 
41
41
  Input: id, test_id, cluster, test_name, expected, reported, severity, target_files, issue_id, source_context.
42
- Output: root_cause, fix_direction, affected_files, evidence, error.
42
+ Output (via output_schema): root_cause, fix_direction, affected_files, evidence, findings, error.
43
43
  </csv_schema>
44
44
 
45
45
  <invariants>
@@ -49,7 +49,7 @@ Output: root_cause, fix_direction, affected_files, evidence, error.
49
49
  4. **Batched writes** -- on issue, every 5 passes, or completion
50
50
  5. **Gap-fix loop max 2 iterations** -- prevent infinite loops
51
51
  6. **CSV parallel diagnosis** -- spawn_agents_on_csv for gap clusters, not sequential
52
- 7. **Auto-create issues** -- every failed test -> issues.jsonl entry
52
+ 7. **Confirmed issue creation** -- every failed test -> issues.jsonl entry, but only after user confirmation (skip confirmation if `-y`); present batch summary (count + severity + titles) before writing
53
53
  8. **Issue lifecycle sync** -- registered -> planning -> executing -> completed/failed
54
54
  </invariants>
55
55
 
@@ -125,7 +125,7 @@ S_PRESENT:
125
125
  -> S_COMPLETE WHEN: all tests done
126
126
 
127
127
  S_COMPLETE:
128
- -> S_DIAGNOSE WHEN: issues found DO: write output files, register artifact in state.json
128
+ -> S_DIAGNOSE WHEN: issues found DO: write output files (test-results.json, coverage-report.json); artifact registration deferred to A_REPORT
129
129
  -> S_REPORT WHEN: no issues
130
130
 
131
131
  **test-results.json**: `{ target, completed_at, results: [...], summary: { total, passed, issues, skipped } }`
@@ -172,7 +172,7 @@ Response processing:
172
172
  - color/spacing/alignment/looks off/typo -> cosmetic
173
173
  - Default: major
174
174
 
175
- On issue: auto-create in `.workflow/issues/issues.jsonl`:
175
+ On issue: queue issue for creation (do NOT write yet). After all tests are presented (or on batched write triggers), present issue summary to user via `request_user_input` (skip if `-y`): show count, severity, and titles. User can approve all, selectively exclude, or skip. Then write approved issues to `.workflow/issues/issues.jsonl`:
176
176
  ```json
177
177
  { "id": "ISS-{YYYYMMDD}-{NNN}", "title": "UAT: {test.name} - {response truncated 100}",
178
178
  "status": "registered", "priority": "{from severity}", "severity": "{inferred}",
@@ -199,6 +199,7 @@ On issue: auto-create in `.workflow/issues/issues.jsonl`:
199
199
  "root_cause": { "type": "string", "maxLength": 500 },
200
200
  "fix_direction": { "type": "string" },
201
201
  "affected_files": { "type": "string", "description": "Semicolon-separated file:line refs" },
202
+ "evidence": { "type": "string", "description": "File:line references supporting the diagnosis" },
202
203
  "findings": { "type": "string", "maxLength": 500 },
203
204
  "error": { "type": "string" }
204
205
  },
@@ -233,6 +234,7 @@ OUTPUT (must match output_schema):
233
234
  "root_cause": "<concrete root cause with file:line, max 500 chars>",
234
235
  "fix_direction": "<high-level fix strategy, NOT code>",
235
236
  "affected_files": "<semicolon-separated file:line refs>",
237
+ "evidence": "<file:line references supporting the diagnosis>",
236
238
  "findings": "<one-sentence summary>",
237
239
  "error": "<message if not completed>"
238
240
  }
@@ -253,7 +255,7 @@ Max 2 iterations:
253
255
 
254
256
  1. UAT confidence scoring (4 dims: scenario_coverage, diagnostic_depth, observation_quality, closure_completeness). Readiness gate: block if scenario_coverage < 40% or blocker without diagnosis.
255
257
  2. Display summary: smoke results, pass/fail/skip counts, diagnosis stats, auto-fix results
256
- 3. Register artifact in state.json (type: test)
258
+ 3. Register artifact in state.json (type: test) -- this is the ONLY registration point; S_COMPLETE defers registration here to avoid duplicates
257
259
  4. Route: all passed -> milestone-audit; auto-fix succeeded -> maestro-execute; gaps remain -> quality-debug; low coverage -> quality-auto-test
258
260
 
259
261
  </actions>
@@ -2,7 +2,7 @@
2
2
  name: security-audit
3
3
  description: OWASP Top 10 and STRIDE security auditing with supply chain analysis
4
4
  argument-hint: "[quick|standard|deep] [--scope <path>]"
5
- allowed-tools: spawn_agents_on_csv, Read, Bash, Glob, Grep, request_user_input
5
+ allowed-tools: spawn_agents_on_csv, Read, Write, Bash, Glob, Grep, request_user_input
6
6
  ---
7
7
  <purpose>
8
8
  Systematic security audit covering OWASP Top 10, dependency supply chain, secrets detection,
@@ -57,7 +57,9 @@ Use `Grep` for pattern matching (e.g., `eval(`, `exec(`, `innerHTML`, `dangerous
57
57
  `sql.*\+.*req\.`, `process\.env` without validation).
58
58
 
59
59
  For `standard` and `deep` tiers, use `spawn_agents_on_csv` to parallelize OWASP category scans
60
- across multiple agents, one agent per 2-3 categories.
60
+ across multiple agents, one agent per 2-3 categories. Unless `-y/--yes`, use `request_user_input` to confirm scope and category assignments before spawning.
61
+
62
+ **Wave state transitions**: After spawn, merge results. 1+ completed → proceed to next phase. All failed + retry available → retry wave once. All failed + retry exhausted → mark phase `degraded`, continue with available results, log `evidence_incomplete`.
61
63
 
62
64
  **spawn_agents_on_csv contract** (OWASP scan):
63
65
  - CSV columns: `id, title, owasp_categories, scope_glob, deps, wave, status` (initial `status="pending"`); filter `wave==1 AND status=="pending"` before writing wave-1.csv.
@@ -74,11 +76,11 @@ across multiple agents, one agent per 2-3 categories.
74
76
  "top_issues": { "type": "string", "description": "JSON array: [{title, severity, file:line, cwe}]" },
75
77
  "error": { "type": "string" }
76
78
  },
77
- "required": ["id", "result_status", "findings"]
79
+ "required": ["id", "result_status", "findings", "severity_counts"]
78
80
  }
79
81
  ```
80
82
 
81
- - Merge: `result_status` → master `status`; copy `findings`, `severity_counts`, `top_issues`, `error`.
83
+ - Merge: `result_status` → master `status`; copy `findings`, `severity_counts`, `top_issues`, `error`. Clean results with no issues MUST return `severity_counts: "{\"critical\":0,\"high\":0,\"medium\":0,\"low\":0}"`.
82
84
  - **Termination contract** (embed in instruction):
83
85
  ```
84
86
  You MUST call report_agent_job_result EXACTLY ONCE before exiting.
@@ -201,7 +203,7 @@ NEXT: $quality-review
201
203
  --- END STATUS ---
202
204
  ```
203
205
 
204
- **Register artifact on completion** (so retrospective/harvest can trace this audit):
206
+ **Register artifact on completion** (gated: unless `-y`, use `request_user_input` to confirm artifact registration and report writing before proceeding):
205
207
  ```
206
208
  Append to state.json.artifacts[]:
207
209
  {
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  name: spec-add
3
3
  description: Add spec entry by category with role tagging
4
- argument-hint: "<category> <content>"
4
+ argument-hint: "<category> <title> <content>"
5
5
  allowed-tools: Read, Write, Bash, Glob, Grep
6
6
  ---
7
7
 
@@ -17,11 +17,13 @@ $spec-add "quality All API endpoints must return structured error objects"
17
17
 
18
18
  **Valid categories**: coding, arch, quality, debug, test, review, learning, tools, bug, pattern, decision, rule, validation.
19
19
 
20
+ **Input format**: `<category> <title> <content>` — category is the first token, title is a short identifier (quoted if multi-word), content is the remainder.
21
+
20
22
  **CLI alternative**: `maestro spec add <category> "<title>" "<content>" --keywords kw1,kw2 --description "<desc>" --source <src>`. Used by workflow agents (analyze, plan, execute) for programmatic spec enrichment.
21
23
  </purpose>
22
24
 
23
25
  <context>
24
- $ARGUMENTS — `<category> <content>` where category selects the target file.
26
+ $ARGUMENTS — `<category> <title> <content>` where category selects the target file, title is a short identifier, and content is the spec body.
25
27
 
26
28
  **Category-to-file mapping (1:1, same as spec-load):**
27
29
  | Category | Target file |
@@ -49,9 +51,9 @@ Category is determined by the first positional argument.
49
51
 
50
52
  ### Step 1: Parse Input
51
53
 
52
- Extract category (first token) and content (remainder) from arguments.
53
- - Validate category is one of: coding, arch, quality, debug, test, review, learning, bug, pattern, decision, rule, validation (E003 if invalid)
54
- - Validate content is non-empty (E001 if missing)
54
+ Extract category (first token), title (second token or quoted string), and content (remainder) from arguments.
55
+ - Validate category is one of: coding, arch, quality, debug, test, review, learning, tools, bug, pattern, decision, rule, validation (E003 if invalid)
56
+ - Validate title and content are non-empty (E001 if missing)
55
57
 
56
58
  ### Step 2: Validate Specs Directory
57
59
 
@@ -92,9 +94,9 @@ Display: category, target file, extracted keywords, and commands for verify (`$s
92
94
  <error_codes>
93
95
  | Code | Severity | Description |
94
96
  |------|----------|-------------|
95
- | E001 | fatal | Category and content are both required |
97
+ | E001 | fatal | Category, title, and content are all required |
96
98
  | E002 | fatal | `.workflow/specs/` not initialized -- run `$spec-setup` first |
97
- | E003 | fatal | Invalid category -- must be one of: coding, arch, quality, debug, test, review, learning, ui, bug, pattern, decision, rule, validation |
99
+ | E003 | fatal | Invalid category -- must be one of: coding, arch, quality, debug, test, review, learning, tools, bug, pattern, decision, rule, validation |
98
100
  </error_codes>
99
101
 
100
102
  <success_criteria>
@@ -29,8 +29,9 @@ $spec-load "--category review"
29
29
  | `test-conventions.md` | test |
30
30
  | `review-standards.md` | review |
31
31
  | `debug-notes.md` | debug |
32
- | `quality-rules.md` | review |
33
- | `learnings.md` | coding |
32
+ | `quality-rules.md` | quality |
33
+ | `learnings.md` | learning |
34
+ | `tools.md` | tools |
34
35
 
35
36
  **--category loading**: Loads category's primary doc in full + matching entries from other files.
36
37
 
@@ -88,7 +88,7 @@ id,title,description,focus_area,output_file,deps,context_from,wave,status,findin
88
88
  </csv_schema>
89
89
 
90
90
  <invariants>
91
- 1. **Start Immediately**: Initialize session, generate CSV, execute
91
+ 1. **Confirm Before Execute**: After session init and CSV generation, present mapper assignment summary to user via `request_user_input` for confirmation before spawning agents. Skip confirmation only if `-y` flag is set.
92
92
  2. **CSV is Source of Truth**: tasks.csv holds all mapper state
93
93
  3. **Discovery Board is Append-Only**: Mappers share findings
94
94
  4. **Partial Results OK**: If 3/4 mappers succeed, still write available docs
@@ -102,6 +102,8 @@ id,title,description,focus_area,output_file,deps,context_from,wave,status,findin
102
102
 
103
103
  Parse flags from `$ARGUMENTS` (`-y`, `-c N`, `--continue`). Extract focus area (default: "full"). Generate session ID: `{YYYYMMDD}-map-{focusArea}`. Create session folder at `.workflow/.csv-wave/{sessionId}/` and `.workflow/codebase/`.
104
104
 
105
+ **Confirmation gate**: Present mapper assignment summary (4 tasks, focus area, concurrency) to user via `request_user_input`. Skip if `-y` flag is set.
106
+
105
107
  ### Phase 1: Generate tasks.csv
106
108
 
107
109
  Generate 4 mapper rows. If focus area specified, scope descriptions to that area.
@@ -133,6 +135,11 @@ spawn_agents_on_csv({
133
135
 
134
136
  Merge: write `master.status = result_status`, copy `findings` and `error`. Delete `wave-1.csv` and `wave-1-results.csv`.
135
137
 
138
+ **Retry / degraded paths:**
139
+ - If `spawn_agents_on_csv` call fails entirely: retry once. If second attempt fails, abort with E003.
140
+ - If individual mapper fails (`result_status == "failed"`): mark that mapper as failed, continue with remaining mappers. Phase 3 writes partial output from completed mappers only.
141
+ - If all 4 mappers fail: transition to degraded state — write empty output files with headers only, report E004, and exit gracefully.
142
+
136
143
  #### Mapper Worker Contract (MAPPER_INSTRUCTION)
137
144
 
138
145
  ```
@@ -192,6 +199,8 @@ Mappers share discoveries so other mappers can skip redundant exploration (e.g.,
192
199
  | Mapper agent timeout | Mark failed, continue with other mappers |
193
200
  | Mapper agent failed | Mark failed, output partial results |
194
201
  | .workflow/codebase/ exists | Prompt: refresh/skip/merge (auto-refresh with -y) |
202
+ | E003: spawn_agents_on_csv failed twice | Abort with error message |
203
+ | E004: All 4 mappers failed | Write empty output files with headers, exit gracefully |
195
204
 
196
205
  </error_codes>
197
206
 
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  name: spec-remove
3
3
  description: Remove spec entry by ID
4
- argument-hint: "<entry-id> [--cascade]"
4
+ argument-hint: "<entry-id> [--cascade] [-y]"
5
5
  allowed-tools: Read, Write, Edit, Bash, Glob, Grep, request_user_input
6
6
  ---
7
7
 
@@ -25,7 +25,8 @@ $ARGUMENTS — entry ID to remove (e.g., `spec-learnings-003`)
25
25
  - `maestro search "<query>"` — BM25 search
26
26
 
27
27
  **Flags:**
28
- - `--cascade` — When the target spec is a ref-type entry (created via `spec-add --ref` and linked to a knowhow document), also delete the referenced knowhow file. Without this flag, ref-type removal leaves an orphan knowhow file.
28
+ - `--cascade` — When the target spec has a `ref` attribute linking to a knowhow document, also delete the referenced knowhow file. Without this flag, removal leaves an orphan knowhow file. Cascade checks the entry's `ref` attribute in the `<spec-entry>` tag.
29
+ - `-y` — Skip confirmation prompt and proceed with removal immediately.
29
30
  </context>
30
31
 
31
32
  <execution>
@@ -182,6 +182,7 @@ S_EVAL_W3 — Evaluate Wave 3 participation PERSIST: ski
182
182
  S_WAVE_3 — Execute Wave 3 (Implementation) PERSIST: findings in master CSV
183
183
  S_EVAL_W4 — Evaluate Wave 4 participation PERSIST: skipped tasks if any
184
184
  S_WAVE_4 — Execute Wave 4 (Validation/Testing) PERSIST: findings in master CSV
185
+ S_DEGRADED_AGG — Degraded aggregation after all-failed retry PERSIST: partial results
185
186
  S_AGGREGATE — Generate report, export results PERSIST: context.md, results.csv
186
187
  </states>
187
188
 
@@ -193,10 +194,13 @@ S_CSV_GEN → S_EVAL_W1
193
194
 
194
195
  S_EVAL_W{N} → S_WAVE_{N} WHEN: tasks qualify after evaluation
195
196
  S_EVAL_W{N} → S_EVAL_W{N+1} WHEN: all tasks skipped or no tasks in wave
196
- S_WAVE_{N} → S_EVAL_W{N+1} WHEN: wave complete, N < 4
197
+ S_WAVE_{N} → S_EVAL_W{N+1} WHEN: wave complete (some tasks succeeded), N < 4
198
+ S_WAVE_{N} → S_WAVE_{N} WHEN: all tasks in wave failed AND retry_count < 1 (retry once)
199
+ S_WAVE_{N} → S_DEGRADED_AGG WHEN: all tasks in wave failed AND retry_count >= 1
197
200
 
198
201
  S_EVAL_W4 → S_AGGREGATE WHEN: after Wave 4 eval (regardless of skip)
199
202
  S_WAVE_4 → S_AGGREGATE WHEN: Wave 4 complete
203
+ S_DEGRADED_AGG → S_AGGREGATE WHEN: degraded aggregation (partial results only)
200
204
  </transitions>
201
205
 
202
206
  <actions>
@@ -232,10 +236,11 @@ When `--continue`:
232
236
 
233
237
  1. **Parse task description**
234
238
 
235
- 2. **Clarify if ambiguous** (skip if `-y`):
239
+ 2. **Confirm scope and deliverables** (skip if `-y`):
236
240
  - Scope? (specific files, module, project-wide)
237
241
  - Deliverables? (documents, code, reports)
238
242
  - Constraints? (technology, style)
243
+ - Always confirm via `request_user_input` unless `-y` is set
239
244
 
240
245
  3. **Signal detection** — scan keywords against `specs/role-catalog.md` §1 Signal Detection Table:
241
246
  - Match keywords → capabilities → roles
@@ -259,7 +264,7 @@ When `--continue`:
259
264
 
260
265
  8. **Dependency + context_from** — tasks in wave N depend on relevant tasks in wave N-1
261
266
 
262
- 9. **Write `tasks.csv`** with all rows (Input columns only, no status/findings)
267
+ 9. **Write `tasks.csv`** with all rows (Input columns + lifecycle columns initialized: `status=pending`, `findings=""`, `files_modified=""`, `error=""`)
263
268
 
264
269
  10. **Write empty `discoveries.ndjson`**
265
270
 
@@ -454,7 +459,8 @@ Protocol: read before work, append-only, dedup by type+key.
454
459
  |-----------|----------|
455
460
  | No capabilities detected | Default to single `general` role in wave 1 |
456
461
  | All wave 1 tasks failed | Abort pipeline (downstream has no context) |
457
- | All tasks in wave N failed | Skip subsequent waves, proceed to aggregation |
462
+ | All tasks in wave N failed (first attempt) | Retry wave once with same tasks |
463
+ | All tasks in wave N failed (after retry) | Enter S_DEGRADED_AGG: aggregate partial results from prior waves, mark remaining waves skipped |
458
464
  | Evaluation skipped all tasks in wave | Normal — skip wave, continue to next |
459
465
  | Task timeout | Mark failed, cascade skip dependents |
460
466
  | Session not found (--continue) | Error with available session list |