mindforge-cc 11.3.1 → 11.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (475) hide show
  1. package/.agent/CLAUDE.md +13 -0
  2. package/.agent/hooks/lib/hook-flags.js +78 -0
  3. package/.agent/hooks/lib/pretooluse-visible-output.js +46 -0
  4. package/.agent/hooks/mindforge-block-no-verify.js +552 -0
  5. package/.agent/hooks/mindforge-config-protection.js +144 -0
  6. package/.agent/hooks/run-with-flags.js +207 -0
  7. package/.agent/mindforge/checkpoint.md +76 -0
  8. package/.agent/mindforge/harness-audit.md +59 -0
  9. package/.agent/mindforge/instinct.md +46 -0
  10. package/.agent/mindforge/orch-add-feature.md +43 -0
  11. package/.agent/mindforge/orch-build-mvp.md +48 -0
  12. package/.agent/mindforge/orch-change-feature.md +45 -0
  13. package/.agent/mindforge/orch-fix-defect.md +43 -0
  14. package/.agent/mindforge/orch-refine-code.md +43 -0
  15. package/.agent/skills/mindforge-add-backlog/SKILL.md +2 -2
  16. package/.agent/skills/mindforge-add-phase/SKILL.md +2 -2
  17. package/.agent/skills/mindforge-add-tests/SKILL.md +2 -2
  18. package/.agent/skills/mindforge-add-todo/SKILL.md +2 -2
  19. package/.agent/skills/mindforge-audit-milestone/SKILL.md +2 -2
  20. package/.agent/skills/mindforge-audit-uat/SKILL.md +2 -2
  21. package/.agent/skills/mindforge-autonomous/SKILL.md +2 -2
  22. package/.agent/skills/mindforge-brainstorming/SKILL.md +1 -1
  23. package/.agent/skills/mindforge-check-todos/SKILL.md +2 -2
  24. package/.agent/skills/mindforge-cleanup/SKILL.md +2 -2
  25. package/.agent/skills/mindforge-complete-milestone/SKILL.md +2 -2
  26. package/.agent/skills/mindforge-debug/SKILL.md +2 -2
  27. package/.agent/skills/mindforge-debug_extended/SKILL.md +2 -2
  28. package/.agent/skills/mindforge-discuss-phase/SKILL.md +2 -2
  29. package/.agent/skills/mindforge-do/SKILL.md +2 -2
  30. package/.agent/skills/mindforge-execute-phase/SKILL.md +2 -2
  31. package/.agent/skills/mindforge-execute-phase_extended/SKILL.md +2 -2
  32. package/.agent/skills/mindforge-fast/SKILL.md +2 -2
  33. package/.agent/skills/mindforge-forensics/SKILL.md +2 -2
  34. package/.agent/skills/mindforge-health/SKILL.md +2 -2
  35. package/.agent/skills/mindforge-help/SKILL.md +2 -2
  36. package/.agent/skills/mindforge-insert-phase/SKILL.md +2 -2
  37. package/.agent/skills/mindforge-join-discord/SKILL.md +2 -2
  38. package/.agent/skills/mindforge-list-phase-assumptions/SKILL.md +2 -2
  39. package/.agent/skills/mindforge-list-workspaces/SKILL.md +2 -2
  40. package/.agent/skills/mindforge-manager/SKILL.md +2 -2
  41. package/.agent/skills/mindforge-map-codebase/SKILL.md +2 -2
  42. package/.agent/skills/mindforge-milestone-summary/SKILL.md +2 -2
  43. package/.agent/skills/mindforge-neural-orchestrator/SKILL.md +2 -2
  44. package/.agent/skills/mindforge-new-milestone/SKILL.md +2 -2
  45. package/.agent/skills/mindforge-new-project/SKILL.md +2 -2
  46. package/.agent/skills/mindforge-new-workspace/SKILL.md +2 -2
  47. package/.agent/skills/mindforge-next/SKILL.md +2 -2
  48. package/.agent/skills/mindforge-note/SKILL.md +2 -2
  49. package/.agent/skills/mindforge-parallel-mesh_extended/SKILL.md +2 -2
  50. package/.agent/skills/mindforge-pause-work/SKILL.md +2 -2
  51. package/.agent/skills/mindforge-plan-milestone-gaps/SKILL.md +2 -2
  52. package/.agent/skills/mindforge-plan-phase/SKILL.md +2 -2
  53. package/.agent/skills/mindforge-plan-phase_extended/SKILL.md +2 -2
  54. package/.agent/skills/mindforge-plant-seed/SKILL.md +2 -2
  55. package/.agent/skills/mindforge-pr-branch/SKILL.md +2 -2
  56. package/.agent/skills/mindforge-profile-user/SKILL.md +2 -2
  57. package/.agent/skills/mindforge-progress/SKILL.md +2 -2
  58. package/.agent/skills/mindforge-quick/SKILL.md +2 -2
  59. package/.agent/skills/mindforge-reapply-patches/SKILL.md +2 -2
  60. package/.agent/skills/mindforge-remove-phase/SKILL.md +2 -2
  61. package/.agent/skills/mindforge-remove-workspace/SKILL.md +2 -2
  62. package/.agent/skills/mindforge-research-phase/SKILL.md +2 -2
  63. package/.agent/skills/mindforge-resume-work/SKILL.md +2 -2
  64. package/.agent/skills/mindforge-review/SKILL.md +2 -2
  65. package/.agent/skills/mindforge-review-backlog/SKILL.md +2 -2
  66. package/.agent/skills/mindforge-review-inbound/SKILL.md +2 -2
  67. package/.agent/skills/mindforge-review-request/SKILL.md +2 -2
  68. package/.agent/skills/mindforge-session-report/SKILL.md +2 -2
  69. package/.agent/skills/mindforge-set-profile/SKILL.md +2 -2
  70. package/.agent/skills/mindforge-settings/SKILL.md +2 -2
  71. package/.agent/skills/mindforge-ship/SKILL.md +2 -2
  72. package/.agent/skills/mindforge-ship_extended/SKILL.md +2 -2
  73. package/.agent/skills/mindforge-skill-creation/SKILL.md +2 -2
  74. package/.agent/skills/mindforge-stats/SKILL.md +2 -2
  75. package/.agent/skills/mindforge-swarm-execution/SKILL.md +2 -2
  76. package/.agent/skills/mindforge-system-architecture/SKILL.md +2 -2
  77. package/.agent/skills/mindforge-tdd/SKILL.md +2 -2
  78. package/.agent/skills/mindforge-tdd_extended/SKILL.md +2 -2
  79. package/.agent/skills/mindforge-thread/SKILL.md +2 -2
  80. package/.agent/skills/mindforge-ui-phase/SKILL.md +2 -2
  81. package/.agent/skills/mindforge-ui-review/SKILL.md +2 -2
  82. package/.agent/skills/mindforge-update/SKILL.md +2 -2
  83. package/.agent/skills/mindforge-validate-phase/SKILL.md +2 -2
  84. package/.agent/skills/mindforge-verify-work/SKILL.md +2 -2
  85. package/.agent/skills/mindforge-verify-work_extended/SKILL.md +2 -2
  86. package/.agent/skills/mindforge-workspace-isolated/SKILL.md +2 -2
  87. package/.agent/skills/mindforge-workstreams/SKILL.md +2 -2
  88. package/.claude/CLAUDE.md +13 -0
  89. package/.claude/commands/mindforge/add-backlog.md +2 -2
  90. package/.claude/commands/mindforge/agent-deploy.md +1 -1
  91. package/.claude/commands/mindforge/agent-design.md +1 -1
  92. package/.claude/commands/mindforge/agent.md +2 -2
  93. package/.claude/commands/mindforge/ai-cost.md +1 -1
  94. package/.claude/commands/mindforge/ai-safety.md +1 -1
  95. package/.claude/commands/mindforge/approve.md +1 -1
  96. package/.claude/commands/mindforge/audit.md +1 -1
  97. package/.claude/commands/mindforge/auto.md +1 -1
  98. package/.claude/commands/mindforge/benchmark.md +1 -1
  99. package/.claude/commands/mindforge/browse.md +1 -1
  100. package/.claude/commands/mindforge/build-opt.md +1 -1
  101. package/.claude/commands/mindforge/cache.md +1 -1
  102. package/.claude/commands/mindforge/causal.md +1 -1
  103. package/.claude/commands/mindforge/cdn.md +1 -1
  104. package/.claude/commands/mindforge/change.md +1 -1
  105. package/.claude/commands/mindforge/checkpoint.md +76 -0
  106. package/.claude/commands/mindforge/cli.md +1 -1
  107. package/.claude/commands/mindforge/cluster-instincts.md +1 -1
  108. package/.claude/commands/mindforge/communicate.md +1 -1
  109. package/.claude/commands/mindforge/complete-milestone.md +1 -1
  110. package/.claude/commands/mindforge/compliance.md +1 -1
  111. package/.claude/commands/mindforge/consult.md +1 -1
  112. package/.claude/commands/mindforge/contract-test.md +1 -1
  113. package/.claude/commands/mindforge/cost-report.md +1 -1
  114. package/.claude/commands/mindforge/costs.md +1 -1
  115. package/.claude/commands/mindforge/council.md +1 -1
  116. package/.claude/commands/mindforge/create-skill.md +1 -1
  117. package/.claude/commands/mindforge/cross-review.md +1 -1
  118. package/.claude/commands/mindforge/dashboard.md +1 -1
  119. package/.claude/commands/mindforge/data-mesh.md +1 -1
  120. package/.claude/commands/mindforge/data-pipeline.md +1 -1
  121. package/.claude/commands/mindforge/de-slop.md +1 -1
  122. package/.claude/commands/mindforge/debug.md +1 -1
  123. package/.claude/commands/mindforge/degrade.md +1 -1
  124. package/.claude/commands/mindforge/delegate.md +1 -1
  125. package/.claude/commands/mindforge/deploy.md +1 -1
  126. package/.claude/commands/mindforge/discuss-phase.md +1 -1
  127. package/.claude/commands/mindforge/dmux.md +1 -1
  128. package/.claude/commands/mindforge/do.md +2 -2
  129. package/.claude/commands/mindforge/ecommerce.md +1 -1
  130. package/.claude/commands/mindforge/edge.md +1 -1
  131. package/.claude/commands/mindforge/edtech.md +1 -1
  132. package/.claude/commands/mindforge/embeddings.md +1 -1
  133. package/.claude/commands/mindforge/environments.md +1 -1
  134. package/.claude/commands/mindforge/eval.md +1 -1
  135. package/.claude/commands/mindforge/events.md +1 -1
  136. package/.claude/commands/mindforge/evolve-skills.md +1 -1
  137. package/.claude/commands/mindforge/execute-phase.md +48 -7
  138. package/.claude/commands/mindforge/feature-flags.md +1 -1
  139. package/.claude/commands/mindforge/feature-store.md +1 -1
  140. package/.claude/commands/mindforge/finops.md +1 -1
  141. package/.claude/commands/mindforge/fintech.md +1 -1
  142. package/.claude/commands/mindforge/flutter.md +1 -1
  143. package/.claude/commands/mindforge/gaming.md +1 -1
  144. package/.claude/commands/mindforge/graphql.md +1 -1
  145. package/.claude/commands/mindforge/harness-audit.md +59 -0
  146. package/.claude/commands/mindforge/health.md +1 -1
  147. package/.claude/commands/mindforge/healthcare.md +1 -1
  148. package/.claude/commands/mindforge/help.md +1 -1
  149. package/.claude/commands/mindforge/hire.md +1 -1
  150. package/.claude/commands/mindforge/i18n.md +1 -1
  151. package/.claude/commands/mindforge/idempotent.md +1 -1
  152. package/.claude/commands/mindforge/init-org.md +1 -1
  153. package/.claude/commands/mindforge/init-project.md +1 -1
  154. package/.claude/commands/mindforge/install-skill.md +1 -1
  155. package/.claude/commands/mindforge/instinct.md +46 -0
  156. package/.claude/commands/mindforge/introspect.md +1 -1
  157. package/.claude/commands/mindforge/iot.md +1 -1
  158. package/.claude/commands/mindforge/knowledge-graph.md +1 -1
  159. package/.claude/commands/mindforge/lakehouse.md +1 -1
  160. package/.claude/commands/mindforge/lead.md +1 -1
  161. package/.claude/commands/mindforge/learn-instinct.md +1 -1
  162. package/.claude/commands/mindforge/learn.md +1 -1
  163. package/.claude/commands/mindforge/learning.md +1 -1
  164. package/.claude/commands/mindforge/llm-route.md +1 -1
  165. package/.claude/commands/mindforge/load-test.md +1 -1
  166. package/.claude/commands/mindforge/logistics.md +1 -1
  167. package/.claude/commands/mindforge/map-codebase.md +1 -1
  168. package/.claude/commands/mindforge/marketplace.md +1 -1
  169. package/.claude/commands/mindforge/meeting-design.md +1 -1
  170. package/.claude/commands/mindforge/metrics.md +1 -1
  171. package/.claude/commands/mindforge/migrate.md +1 -1
  172. package/.claude/commands/mindforge/migration-mgmt.md +1 -1
  173. package/.claude/commands/mindforge/milestone.md +1 -1
  174. package/.claude/commands/mindforge/mobile.md +1 -1
  175. package/.claude/commands/mindforge/monorepo.md +1 -1
  176. package/.claude/commands/mindforge/multi-tenant.md +1 -1
  177. package/.claude/commands/mindforge/multimodal.md +1 -1
  178. package/.claude/commands/mindforge/new-runtime.md +1 -1
  179. package/.claude/commands/mindforge/next.md +1 -1
  180. package/.claude/commands/mindforge/note.md +2 -2
  181. package/.claude/commands/mindforge/observability-platform.md +1 -1
  182. package/.claude/commands/mindforge/offline.md +1 -1
  183. package/.claude/commands/mindforge/onboard.md +1 -1
  184. package/.claude/commands/mindforge/orch-add-feature.md +43 -0
  185. package/.claude/commands/mindforge/orch-build-mvp.md +48 -0
  186. package/.claude/commands/mindforge/orch-change-feature.md +45 -0
  187. package/.claude/commands/mindforge/orch-fix-defect.md +43 -0
  188. package/.claude/commands/mindforge/orch-refine-code.md +43 -0
  189. package/.claude/commands/mindforge/plan-phase.md +1 -1
  190. package/.claude/commands/mindforge/plan-write.md +11 -0
  191. package/.claude/commands/mindforge/plant-seed.md +2 -2
  192. package/.claude/commands/mindforge/platform.md +1 -1
  193. package/.claude/commands/mindforge/plugins.md +1 -1
  194. package/.claude/commands/mindforge/pr-review.md +1 -1
  195. package/.claude/commands/mindforge/privacy-eng.md +1 -1
  196. package/.claude/commands/mindforge/product-spec.md +76 -0
  197. package/.claude/commands/mindforge/profile-team.md +1 -1
  198. package/.claude/commands/mindforge/publish-skill.md +1 -1
  199. package/.claude/commands/mindforge/push-notify.md +1 -1
  200. package/.claude/commands/mindforge/pwa.md +1 -1
  201. package/.claude/commands/mindforge/qa.md +1 -1
  202. package/.claude/commands/mindforge/quality-audit.md +1 -1
  203. package/.claude/commands/mindforge/queue.md +1 -1
  204. package/.claude/commands/mindforge/quick.md +1 -1
  205. package/.claude/commands/mindforge/rag.md +1 -1
  206. package/.claude/commands/mindforge/rate-limit.md +1 -1
  207. package/.claude/commands/mindforge/react-native.md +1 -1
  208. package/.claude/commands/mindforge/realtime-analytics.md +1 -1
  209. package/.claude/commands/mindforge/record-learning.md +1 -1
  210. package/.claude/commands/mindforge/release.md +1 -1
  211. package/.claude/commands/mindforge/remember.md +1 -1
  212. package/.claude/commands/mindforge/research.md +1 -1
  213. package/.claude/commands/mindforge/retrospective.md +1 -1
  214. package/.claude/commands/mindforge/review-backlog.md +2 -2
  215. package/.claude/commands/mindforge/review.md +1 -1
  216. package/.claude/commands/mindforge/rfc.md +1 -1
  217. package/.claude/commands/mindforge/santa.md +1 -1
  218. package/.claude/commands/mindforge/secrets-mgmt.md +1 -1
  219. package/.claude/commands/mindforge/secrets.md +1 -1
  220. package/.claude/commands/mindforge/security-scan.md +1 -1
  221. package/.claude/commands/mindforge/serverless.md +1 -1
  222. package/.claude/commands/mindforge/session-report.md +2 -2
  223. package/.claude/commands/mindforge/ship.md +1 -1
  224. package/.claude/commands/mindforge/skills.md +1 -1
  225. package/.claude/commands/mindforge/status.md +1 -1
  226. package/.claude/commands/mindforge/steer.md +1 -1
  227. package/.claude/commands/mindforge/stream.md +1 -1
  228. package/.claude/commands/mindforge/sync-confluence.md +1 -1
  229. package/.claude/commands/mindforge/sync-jira.md +1 -1
  230. package/.claude/commands/mindforge/tech-debt.md +1 -1
  231. package/.claude/commands/mindforge/threat-model.md +1 -1
  232. package/.claude/commands/mindforge/tokens.md +1 -1
  233. package/.claude/commands/mindforge/ui-phase.md +2 -2
  234. package/.claude/commands/mindforge/ui-review.md +2 -2
  235. package/.claude/commands/mindforge/update.md +1 -1
  236. package/.claude/commands/mindforge/validate-phase.md +2 -2
  237. package/.claude/commands/mindforge/verify-loop.md +1 -1
  238. package/.claude/commands/mindforge/verify-phase.md +1 -1
  239. package/.claude/commands/mindforge/vibe-check.md +1 -1
  240. package/.claude/commands/mindforge/workspace.md +1 -1
  241. package/.claude/commands/mindforge/workstreams.md +2 -2
  242. package/.claude/commands/mindforge/zero-trust.md +1 -1
  243. package/.mindforge/config.json +2 -2
  244. package/.mindforge/engine/instincts/instinct-schema.md +17 -9
  245. package/.mindforge/imported-agents.jsonl +10 -0
  246. package/.mindforge/manifests/install-components.json +36 -0
  247. package/.mindforge/manifests/install-modules.json +193 -0
  248. package/.mindforge/manifests/install-profiles.json +57 -0
  249. package/.mindforge/memory/sync-manifest.json +1 -1
  250. package/.mindforge/personas/gan-evaluator.md +226 -0
  251. package/.mindforge/personas/gan-generator.md +151 -0
  252. package/.mindforge/personas/gan-planner.md +118 -0
  253. package/.mindforge/personas/harness-optimizer.md +55 -0
  254. package/.mindforge/personas/loop-operator.md +58 -0
  255. package/.mindforge/schemas/hooks.schema.json +199 -0
  256. package/.mindforge/schemas/install-modules.schema.json +44 -0
  257. package/.mindforge/schemas/install-state.schema.json +95 -0
  258. package/.mindforge/schemas/plugin.schema.json +75 -0
  259. package/.mindforge/schemas/provenance.schema.json +31 -0
  260. package/.mindforge/skills/agent-architecture-audit/SKILL.md +272 -0
  261. package/.mindforge/skills/continuous-learning/SKILL.md +16 -0
  262. package/.mindforge/skills/orch-pipeline/SKILL.md +284 -0
  263. package/.mindforge/skills/writing-plans/SKILL.md +76 -0
  264. package/CHANGELOG.md +111 -0
  265. package/MINDFORGE.md +3 -3
  266. package/README.md +25 -3
  267. package/RELEASENOTES.md +131 -1
  268. package/SECURITY.md +16 -0
  269. package/bin/autonomous/auto-runner.js +46 -5
  270. package/bin/autonomous/handoff-schema.js +114 -0
  271. package/bin/autonomous/session-guardian.sh +138 -0
  272. package/bin/autonomous/supervisor.js +98 -0
  273. package/bin/change-classifier.js +19 -5
  274. package/bin/governance/approve.js +61 -28
  275. package/bin/governance/config-manager.js +3 -1
  276. package/bin/governance/rbac-manager.js +14 -6
  277. package/bin/harness-audit.js +520 -0
  278. package/bin/hooks/instinct-capture-hook.js +16 -1
  279. package/bin/hooks/lib/detect-project.js +72 -0
  280. package/bin/installer/harness-adapter-compliance.js +321 -0
  281. package/bin/installer/install-manifests.js +200 -0
  282. package/bin/installer/install-state.js +243 -0
  283. package/bin/installer-core.js +1 -1
  284. package/bin/learning/instinct-cli.js +359 -0
  285. package/bin/learning/lib/ssrf-guard.js +252 -0
  286. package/bin/memory/eis-client.js +31 -10
  287. package/bin/models/llm-errors.js +79 -0
  288. package/bin/models/model-client.js +39 -4
  289. package/bin/models/ollama-provider.js +115 -0
  290. package/bin/models/openai-provider.js +40 -9
  291. package/bin/models/profiles-loader.js +147 -0
  292. package/bin/models/provider-registry.js +59 -0
  293. package/bin/revops/market-evaluator.js +23 -2
  294. package/bin/revops/router-steering-v2.js +17 -2
  295. package/bin/security/trust-boundaries.js +15 -3
  296. package/bin/utils/readiness-gate.js +169 -0
  297. package/bin/worktree/engine.js +497 -0
  298. package/docs/getting-started.md +1 -1
  299. package/docs/troubleshooting.md +1 -1
  300. package/docs/user-guide.md +1 -1
  301. package/package.json +8 -2
  302. package/subagents/categories/01-core-development/.claude-plugin/plugin.json +2 -2
  303. package/subagents/categories/01-core-development/api-designer-cc.md +1 -1
  304. package/subagents/categories/01-core-development/backend-developer.md +1 -1
  305. package/subagents/categories/01-core-development/design-bridge.md +1 -1
  306. package/subagents/categories/01-core-development/electron-pro.md +1 -1
  307. package/subagents/categories/01-core-development/frontend-developer.md +1 -1
  308. package/subagents/categories/01-core-development/fullstack-developer.md +1 -1
  309. package/subagents/categories/01-core-development/graphql-architect.md +1 -1
  310. package/subagents/categories/01-core-development/microservices-architect.md +1 -1
  311. package/subagents/categories/01-core-development/mobile-developer.md +1 -1
  312. package/subagents/categories/01-core-development/ui-designer.md +1 -1
  313. package/subagents/categories/01-core-development/websocket-engineer.md +1 -1
  314. package/subagents/categories/02-language-specialists/.claude-plugin/plugin.json +2 -2
  315. package/subagents/categories/02-language-specialists/angular-architect.md +1 -1
  316. package/subagents/categories/02-language-specialists/cpp-pro.md +1 -1
  317. package/subagents/categories/02-language-specialists/csharp-developer.md +1 -1
  318. package/subagents/categories/02-language-specialists/django-developer.md +1 -1
  319. package/subagents/categories/02-language-specialists/dotnet-core-expert.md +1 -1
  320. package/subagents/categories/02-language-specialists/dotnet-framework-48-expert.md +1 -1
  321. package/subagents/categories/02-language-specialists/elixir-expert.md +1 -1
  322. package/subagents/categories/02-language-specialists/expo-react-native-expert.md +1 -1
  323. package/subagents/categories/02-language-specialists/fastapi-developer.md +1 -1
  324. package/subagents/categories/02-language-specialists/flutter-expert.md +1 -1
  325. package/subagents/categories/02-language-specialists/golang-pro.md +1 -1
  326. package/subagents/categories/02-language-specialists/java-architect.md +1 -1
  327. package/subagents/categories/02-language-specialists/javascript-pro.md +1 -1
  328. package/subagents/categories/02-language-specialists/kotlin-specialist.md +1 -1
  329. package/subagents/categories/02-language-specialists/laravel-specialist.md +1 -1
  330. package/subagents/categories/02-language-specialists/nextjs-developer.md +1 -1
  331. package/subagents/categories/02-language-specialists/node-specialist.md +1 -1
  332. package/subagents/categories/02-language-specialists/php-pro.md +1 -1
  333. package/subagents/categories/02-language-specialists/powershell-51-expert.md +1 -1
  334. package/subagents/categories/02-language-specialists/powershell-7-expert.md +1 -1
  335. package/subagents/categories/02-language-specialists/python-pro.md +1 -1
  336. package/subagents/categories/02-language-specialists/rails-expert.md +1 -1
  337. package/subagents/categories/02-language-specialists/react-specialist-cc.md +1 -1
  338. package/subagents/categories/02-language-specialists/rust-engineer.md +1 -1
  339. package/subagents/categories/02-language-specialists/spring-boot-engineer.md +1 -1
  340. package/subagents/categories/02-language-specialists/sql-pro.md +1 -1
  341. package/subagents/categories/02-language-specialists/swift-expert.md +1 -1
  342. package/subagents/categories/02-language-specialists/symfony-specialist.md +1 -1
  343. package/subagents/categories/02-language-specialists/typescript-pro.md +1 -1
  344. package/subagents/categories/02-language-specialists/vue-expert.md +1 -1
  345. package/subagents/categories/03-infrastructure/.claude-plugin/plugin.json +5 -5
  346. package/subagents/categories/03-infrastructure/azure-infra-engineer.md +1 -1
  347. package/subagents/categories/03-infrastructure/cloud-architect-cc.md +1 -1
  348. package/subagents/categories/03-infrastructure/database-administrator.md +1 -1
  349. package/subagents/categories/03-infrastructure/deployment-engineer.md +1 -1
  350. package/subagents/categories/03-infrastructure/devops-engineer-cc.md +1 -1
  351. package/subagents/categories/03-infrastructure/devops-incident-responder.md +1 -1
  352. package/subagents/categories/03-infrastructure/docker-expert.md +1 -1
  353. package/subagents/categories/03-infrastructure/incident-responder.md +1 -1
  354. package/subagents/categories/03-infrastructure/kubernetes-specialist.md +1 -1
  355. package/subagents/categories/03-infrastructure/network-engineer.md +1 -1
  356. package/subagents/categories/03-infrastructure/platform-engineer-cc.md +1 -1
  357. package/subagents/categories/03-infrastructure/security-engineer.md +1 -1
  358. package/subagents/categories/03-infrastructure/sre-engineer.md +1 -1
  359. package/subagents/categories/03-infrastructure/terraform-engineer.md +1 -1
  360. package/subagents/categories/03-infrastructure/terragrunt-expert.md +2 -2
  361. package/subagents/categories/03-infrastructure/windows-infra-admin.md +1 -1
  362. package/subagents/categories/04-quality-security/.claude-plugin/plugin.json +15 -5
  363. package/subagents/categories/04-quality-security/accessibility-tester-cc.md +1 -1
  364. package/subagents/categories/04-quality-security/ad-security-reviewer.md +1 -1
  365. package/subagents/categories/04-quality-security/ai-writing-auditor.md +1 -1
  366. package/subagents/categories/04-quality-security/architect-reviewer.md +1 -1
  367. package/subagents/categories/04-quality-security/chaos-engineer-cc.md +1 -1
  368. package/subagents/categories/04-quality-security/code-reviewer.md +1 -1
  369. package/subagents/categories/04-quality-security/compliance-auditor-cc.md +1 -1
  370. package/subagents/categories/04-quality-security/debugger-cc.md +1 -1
  371. package/subagents/categories/04-quality-security/error-detective.md +1 -1
  372. package/subagents/categories/04-quality-security/gdpr-ccpa-compliance.md +2 -2
  373. package/subagents/categories/04-quality-security/go-build-resolver.md +105 -0
  374. package/subagents/categories/04-quality-security/go-reviewer.md +87 -0
  375. package/subagents/categories/04-quality-security/penetration-tester.md +1 -1
  376. package/subagents/categories/04-quality-security/performance-engineer.md +1 -1
  377. package/subagents/categories/04-quality-security/powershell-security-hardening.md +1 -1
  378. package/subagents/categories/04-quality-security/python-reviewer.md +109 -0
  379. package/subagents/categories/04-quality-security/qa-expert.md +1 -1
  380. package/subagents/categories/04-quality-security/react-build-resolver.md +215 -0
  381. package/subagents/categories/04-quality-security/react-reviewer.md +167 -0
  382. package/subagents/categories/04-quality-security/rust-build-resolver.md +159 -0
  383. package/subagents/categories/04-quality-security/rust-reviewer.md +105 -0
  384. package/subagents/categories/04-quality-security/security-auditor.md +1 -1
  385. package/subagents/categories/04-quality-security/silent-failure-hunter.md +67 -0
  386. package/subagents/categories/04-quality-security/test-automator.md +1 -1
  387. package/subagents/categories/04-quality-security/type-design-analyzer.md +58 -0
  388. package/subagents/categories/04-quality-security/typescript-reviewer.md +126 -0
  389. package/subagents/categories/04-quality-security/ui-ux-tester.md +1 -1
  390. package/subagents/categories/05-data-ai/.claude-plugin/plugin.json +4 -4
  391. package/subagents/categories/05-data-ai/ai-engineer.md +1 -1
  392. package/subagents/categories/05-data-ai/data-analyst.md +1 -1
  393. package/subagents/categories/05-data-ai/data-engineer-cc.md +1 -1
  394. package/subagents/categories/05-data-ai/data-scientist.md +1 -1
  395. package/subagents/categories/05-data-ai/database-optimizer.md +1 -1
  396. package/subagents/categories/05-data-ai/llm-architect.md +1 -1
  397. package/subagents/categories/05-data-ai/machine-learning-engineer.md +1 -1
  398. package/subagents/categories/05-data-ai/ml-engineer-cc.md +1 -1
  399. package/subagents/categories/05-data-ai/mlops-engineer.md +1 -1
  400. package/subagents/categories/05-data-ai/nlp-engineer.md +1 -1
  401. package/subagents/categories/05-data-ai/postgres-pro.md +1 -1
  402. package/subagents/categories/05-data-ai/prompt-engineer-cc.md +1 -1
  403. package/subagents/categories/05-data-ai/reinforcement-learning-engineer.md +1 -1
  404. package/subagents/categories/06-developer-experience/.claude-plugin/plugin.json +2 -2
  405. package/subagents/categories/06-developer-experience/build-engineer-cc.md +1 -1
  406. package/subagents/categories/06-developer-experience/cli-developer.md +1 -1
  407. package/subagents/categories/06-developer-experience/dependency-manager.md +1 -1
  408. package/subagents/categories/06-developer-experience/documentation-engineer.md +1 -1
  409. package/subagents/categories/06-developer-experience/dx-optimizer.md +1 -1
  410. package/subagents/categories/06-developer-experience/git-workflow-manager.md +1 -1
  411. package/subagents/categories/06-developer-experience/legacy-modernizer.md +1 -1
  412. package/subagents/categories/06-developer-experience/mcp-developer.md +1 -1
  413. package/subagents/categories/06-developer-experience/powershell-module-architect.md +1 -1
  414. package/subagents/categories/06-developer-experience/powershell-ui-architect.md +1 -1
  415. package/subagents/categories/06-developer-experience/readme-generator.md +1 -1
  416. package/subagents/categories/06-developer-experience/refactoring-specialist.md +1 -1
  417. package/subagents/categories/06-developer-experience/slack-expert.md +1 -1
  418. package/subagents/categories/06-developer-experience/tooling-engineer.md +1 -1
  419. package/subagents/categories/06-developer-experience/visual-asset-generator.md +1 -1
  420. package/subagents/categories/07-specialized-domains/.claude-plugin/plugin.json +2 -2
  421. package/subagents/categories/07-specialized-domains/api-documenter.md +1 -1
  422. package/subagents/categories/07-specialized-domains/blockchain-developer.md +1 -1
  423. package/subagents/categories/07-specialized-domains/embedded-systems.md +1 -1
  424. package/subagents/categories/07-specialized-domains/fintech-engineer.md +1 -1
  425. package/subagents/categories/07-specialized-domains/game-developer.md +1 -1
  426. package/subagents/categories/07-specialized-domains/healthcare-admin.md +1 -1
  427. package/subagents/categories/07-specialized-domains/hipaa-compliance.md +2 -2
  428. package/subagents/categories/07-specialized-domains/iot-engineer.md +1 -1
  429. package/subagents/categories/07-specialized-domains/m365-admin.md +1 -1
  430. package/subagents/categories/07-specialized-domains/mobile-app-developer.md +1 -1
  431. package/subagents/categories/07-specialized-domains/payment-integration.md +1 -1
  432. package/subagents/categories/07-specialized-domains/quant-analyst.md +1 -1
  433. package/subagents/categories/07-specialized-domains/risk-manager.md +1 -1
  434. package/subagents/categories/07-specialized-domains/seo-specialist-cc.md +1 -1
  435. package/subagents/categories/08-business-product/.claude-plugin/plugin.json +3 -3
  436. package/subagents/categories/08-business-product/assumption-mapping.md +2 -2
  437. package/subagents/categories/08-business-product/backlog-grooming.md +2 -2
  438. package/subagents/categories/08-business-product/business-analyst-cc.md +1 -1
  439. package/subagents/categories/08-business-product/content-marketer.md +1 -1
  440. package/subagents/categories/08-business-product/content-quality-editor.md +1 -1
  441. package/subagents/categories/08-business-product/customer-success-manager.md +1 -1
  442. package/subagents/categories/08-business-product/growth-loops.md +2 -2
  443. package/subagents/categories/08-business-product/legal-advisor.md +1 -1
  444. package/subagents/categories/08-business-product/license-engineer.md +1 -1
  445. package/subagents/categories/08-business-product/product-manager-cc.md +1 -1
  446. package/subagents/categories/08-business-product/project-manager.md +1 -1
  447. package/subagents/categories/08-business-product/sales-engineer.md +1 -1
  448. package/subagents/categories/08-business-product/scrum-master.md +1 -1
  449. package/subagents/categories/08-business-product/technical-writer.md +1 -1
  450. package/subagents/categories/08-business-product/ux-researcher.md +1 -1
  451. package/subagents/categories/08-business-product/wordpress-master.md +1 -1
  452. package/subagents/categories/09-meta-orchestration/.claude-plugin/plugin.json +1 -1
  453. package/subagents/categories/09-meta-orchestration/agent-installer.md +1 -1
  454. package/subagents/categories/09-meta-orchestration/agent-organizer.md +1 -1
  455. package/subagents/categories/09-meta-orchestration/codebase-orchestrator.md +1 -1
  456. package/subagents/categories/09-meta-orchestration/context-manager.md +1 -1
  457. package/subagents/categories/09-meta-orchestration/error-coordinator.md +1 -1
  458. package/subagents/categories/09-meta-orchestration/it-ops-orchestrator.md +1 -1
  459. package/subagents/categories/09-meta-orchestration/knowledge-synthesizer.md +1 -1
  460. package/subagents/categories/09-meta-orchestration/multi-agent-coordinator.md +1 -1
  461. package/subagents/categories/09-meta-orchestration/performance-monitor.md +1 -1
  462. package/subagents/categories/09-meta-orchestration/task-distributor.md +1 -1
  463. package/subagents/categories/09-meta-orchestration/workflow-orchestrator.md +1 -1
  464. package/subagents/categories/10-research-analysis/.claude-plugin/plugin.json +1 -1
  465. package/subagents/categories/10-research-analysis/ab-test-analysis.md +2 -2
  466. package/subagents/categories/10-research-analysis/cohort-analysis.md +2 -2
  467. package/subagents/categories/10-research-analysis/competitive-analyst.md +1 -1
  468. package/subagents/categories/10-research-analysis/data-researcher.md +1 -1
  469. package/subagents/categories/10-research-analysis/first-principles-thinking.md +2 -2
  470. package/subagents/categories/10-research-analysis/market-researcher.md +1 -1
  471. package/subagents/categories/10-research-analysis/project-idea-validator.md +1 -1
  472. package/subagents/categories/10-research-analysis/research-analyst.md +1 -1
  473. package/subagents/categories/10-research-analysis/scientific-literature-researcher.md +1 -1
  474. package/subagents/categories/10-research-analysis/search-specialist.md +1 -1
  475. package/subagents/categories/10-research-analysis/trend-analyst.md +1 -1
@@ -0,0 +1,272 @@
1
+ ---
2
+ name: agent-architecture-audit
3
+ version: 1.0.0
4
+ min_mindforge_version: 11.4.0
5
+ status: stable
6
+ triggers: agent audit, wrapper regression, memory contamination, tool discipline, hidden repair loop, 12-layer stack, multi-layer self-audit, agent architecture, harness diagnostic, layer-by-layer review, NexusTracer audit, soul-engine audit, swarm wave audit
7
+ compose: agent-introspection-debugging
8
+ ---
9
+
10
+ # Skill — Agent Architecture Audit
11
+
12
+ A full-stack diagnostic for MindForge's own multi-layer agent stack. Audits the
13
+ 12-layer stack for wrapper regression, memory contamination, tool-discipline
14
+ failures, hidden repair loops, and rendering/transport corruption. Produces
15
+ severity-ranked findings with code-first fixes — for agent systems that hide
16
+ failures behind wrapper layers, stale memory, retry loops, or transport
17
+ mutations.
18
+
19
+ This skill **composes with `agent-introspection-debugging`** (already in
20
+ `.mindforge/skills/`): introspection debugs a single runtime failure (loop,
21
+ timeout, hallucination); this skill audits the whole stack for the systemic
22
+ wrapper-layer causes behind those failures. Invoke via `/mindforge:introspect`
23
+ when a single-failure debug keeps recurring or points at a structural cause.
24
+
25
+ ## When this skill activates
26
+
27
+ **MANDATORY for:**
28
+ - Releasing any MindForge-driven agent or LLM-powered behavior to production
29
+ - Shipping features touching tool calling, the Sharded Memory Loop, or
30
+ multi-step swarm workflows
31
+ - Agent behavior degrades after adding a wrapper layer (new PersonaFactory
32
+ patch, new prompt-assembly stage, new WaveExecutor step)
33
+ - User reports "the agent is getting worse" or "tools are flaky"
34
+ - Same model works in playground but breaks inside the MindForge wrapper stack
35
+ - Debugging agent behavior for more than 15 minutes without finding root cause
36
+
37
+ **Especially critical when:**
38
+ - New prompt layers, tool definitions, or memory systems have been added
39
+ - Different swarm specialists behave inconsistently on the same input
40
+ - The model was fine yesterday but is hallucinating today
41
+ - You suspect a hidden repair/retry loop is silently mutating responses
42
+
43
+ **Do not use for:**
44
+ - Single-failure runtime debugging — use `agent-introspection-debugging`
45
+ - Code review — use language-specific reviewer agents
46
+ - Security scanning — use `/mindforge:security-scan` / `security-reviewer`
47
+ - Agent performance benchmarking — use `/mindforge:agent-eval`
48
+ - Writing new features — use the appropriate workflow skill
49
+
50
+ ## Mandatory actions when this skill is active
51
+
52
+ ### The MindForge 12-Layer Stack
53
+
54
+ Every MindForge agent run passes through these layers. Any one can corrupt the
55
+ answer. The concrete MindForge component owning each layer is named so the
56
+ audit has a real target, not an abstraction.
57
+
58
+ | # | Layer | MindForge Component | What Goes Wrong |
59
+ |---|-------|---------------------|-----------------|
60
+ | 1 | System prompt | SOUL.md + MINDFORGE.md + `.agent/CLAUDE.md` assembly | Conflicting directives, instruction bloat across the source-of-truth hierarchy |
61
+ | 2 | Session history | NexusTracer turn log | Stale context injected from previous turns |
62
+ | 3 | Long-term memory | shard-controller (Cold tier) | Pollution across sessions, old topics in new conversations |
63
+ | 4 | Distillation | shard-controller compaction (Hot/Warm rotation) | Compressed shards re-entering as pseudo-facts |
64
+ | 5 | Active recall | continuous-learning instinct recall | Redundant re-summary / instinct replay wasting context |
65
+ | 6 | Tool selection | PersonaFactory + hooks_route routing | Wrong tool routing, model skips a required tool |
66
+ | 7 | Tool execution | swarm WaveExecutor dispatch | Hallucinated execution — claims to call but doesn't |
67
+ | 8 | Tool interpretation | WaveExecutor result consolidation | Misread or ignored tool output |
68
+ | 9 | Answer shaping | SWARM-SUMMARY consolidation | Format corruption in the final response |
69
+ | 10 | Platform rendering | Dashboard (localhost:7339) / CLI / API transport | Transport-layer mutation of a valid answer |
70
+ | 11 | Hidden repair loops | soul-engine ADS rewrite + Temporal hindsight regeneration | Silent fallback/retry running a second LLM pass |
71
+ | 12 | Persistence | auto-state.json + Merkle audit log | Expired state or cached artifacts reused as live evidence |
72
+
73
+ ### Common Failure Patterns
74
+
75
+ #### 1. Wrapper Regression
76
+ The base model produces correct answers, but MindForge's wrapper layers make it
77
+ worse.
78
+
79
+ **Symptoms:**
80
+ - Model works fine in playground or direct API call, breaks in the swarm
81
+ - Added a new PersonaFactory patch or prompt stage, existing behavior degraded
82
+ - Agent sounds confident but is confidently wrong
83
+ - "It was working before the last update"
84
+
85
+ #### 2. Memory Contamination
86
+ Old topics leak into new conversations through NexusTracer history, shard
87
+ recall, or distillation.
88
+
89
+ **Symptoms:**
90
+ - Agent brings up unrelated past topics
91
+ - User corrections don't stick (old shard/instinct overwrites new)
92
+ - Same-session artifacts re-enter as pseudo-facts
93
+ - Cold-tier memory grows without bound, degrading response quality over time
94
+
95
+ #### 3. Tool Discipline Failure
96
+ Tools are declared in the prompt but not enforced in code. The model skips them
97
+ or hallucinates execution.
98
+
99
+ **Symptoms:**
100
+ - "Must use tool X" in the prompt, but model answers without calling it
101
+ - Tool results look correct but were never actually executed by WaveExecutor
102
+ - Different swarm specialists fight over the same responsibility
103
+ - Model uses a tool when it shouldn't, or skips it when it must
104
+
105
+ #### 4. Rendering/Transport Corruption
106
+ The agent's internal answer is correct, but the platform layer mutates it during
107
+ delivery.
108
+
109
+ **Symptoms:**
110
+ - NexusTracer logs show the correct answer, user sees broken output
111
+ - Markdown rendering, JSON parsing, or streaming fragments corrupt valid output
112
+ - A hidden fallback quietly replaces the answer before delivery
113
+ - Output differs between the CLI and the dashboard
114
+
115
+ #### 5. Hidden Agent Layers
116
+ Silent repair, retry, summarization, or recall layers run without explicit
117
+ contracts.
118
+
119
+ **Symptoms:**
120
+ - Output changes between internal generation and user delivery
121
+ - soul-engine ADS "auto-fix" runs a second LLM pass the user doesn't know about
122
+ - Multiple swarm layers modify the same output without coordination
123
+ - Answers get "smoothed" or "corrected" by invisible layers
124
+
125
+ ### Audit Workflow
126
+
127
+ #### Phase 1: Scope
128
+ Define what you're auditing:
129
+ - **Target system** — which MindForge agent / swarm / command?
130
+ - **Entrypoints** — how do users interact (CLI command, dashboard, hook)?
131
+ - **Model stack** — which LLM(s) and providers?
132
+ - **Symptoms** — what does the user report?
133
+ - **Time window** — when did it start?
134
+ - **Layers to audit** — which of the 12 layers apply?
135
+
136
+ #### Phase 2: Evidence Collection
137
+ Gather evidence from the codebase:
138
+ - **Source code** — swarm loop, hooks_route tool router, shard admission, prompt
139
+ assembly across the source-of-truth hierarchy
140
+ - **Logs** — NexusTracer session traces, Merkle-linked AUDIT entries, tool-call
141
+ records
142
+ - **Config** — MINDFORGE.md parameters, tool schemas, PersonaFactory patches,
143
+ provider settings
144
+ - **Memory files** — instinct store, shard archives, `auto-state.json`
145
+
146
+ Use `rg` to search for anti-patterns:
147
+
148
+ ```bash
149
+ # Tool requirements expressed only in prompt text (not code)
150
+ rg "must.*tool|required.*call" --type md
151
+
152
+ # Tool execution without validation
153
+ rg "tool_call|toolCall|tool_use"
154
+
155
+ # Hidden LLM calls outside the main swarm loop
156
+ rg "completion|chat\.create|messages\.create|llm\.invoke"
157
+
158
+ # Shard/instinct admission without user-correction priority
159
+ rg "memory.*admit|shard.*admit|instinct.*capture|persist.*memory"
160
+
161
+ # Fallback / repair loops that run additional LLM calls (soul-engine, hindsight)
162
+ rg "fallback|retry.*llm|repair.*prompt|re-?prompt|soul-engine|regenerat"
163
+
164
+ # Silent output mutation
165
+ rg "mutate|rewrite.*response|transform.*output|shap"
166
+ ```
167
+
168
+ #### Phase 3: Failure Mapping
169
+ For each finding, document:
170
+ - **Symptom** — what the user sees
171
+ - **Mechanism** — how the wrapper causes it
172
+ - **Source layer** — which of the 12 layers (and which MindForge component)
173
+ - **Root cause** — the deepest cause
174
+ - **Evidence** — file:line or NexusTracer/AUDIT row reference
175
+ - **Confidence** — 0.0 to 1.0
176
+
177
+ #### Phase 4: Fix Strategy
178
+ Default fix order (code-first, not prompt-first):
179
+ 1. **Code-gate tool requirements** — enforce in WaveExecutor, not prompt text
180
+ 2. **Remove or narrow hidden repair layers** — make soul-engine / hindsight
181
+ regeneration explicit with contracts
182
+ 3. **Reduce context duplication** — same info through prompt + NexusTracer
183
+ history + shard memory + distillation
184
+ 4. **Tighten memory admission** — user corrections > agent assertions (shard +
185
+ instinct admission)
186
+ 5. **Tighten distillation triggers** — don't compact shards that shouldn't be
187
+ compacted
188
+ 6. **Reduce rendering mutation** — dashboard/CLI pass-through, don't transform
189
+ 7. **Convert to typed JSON envelopes** — structured internal flow (SWARM-SUMMARY
190
+ as schema), not freeform prose
191
+
192
+ ### Severity Model
193
+
194
+ | Level | Meaning | Action |
195
+ |-------|---------|--------|
196
+ | `critical` | Agent can confidently produce wrong operational behavior | Fix before next release |
197
+ | `high` | Agent frequently degrades correctness or stability | Fix this sprint |
198
+ | `medium` | Correctness usually survives but output is fragile or wasteful | Plan for next cycle |
199
+ | `low` | Mostly cosmetic or maintainability issues | Backlog |
200
+
201
+ ### Output Format
202
+ Present findings to the user in this order:
203
+ 1. **Severity-ranked findings** (most critical first)
204
+ 2. **Architecture diagnosis** (which layer / component corrupted what, and why)
205
+ 3. **Ordered fix plan** (code-first, not prompt-first)
206
+
207
+ Do not lead with compliments or summaries. If the system is broken, say so
208
+ directly.
209
+
210
+ ### Quick Diagnostic Questions
211
+ When auditing a MindForge agent system, answer these:
212
+
213
+ | # | Question | If Yes → |
214
+ |---|----------|----------|
215
+ | 1 | Can the model skip a required tool and still answer? | Tool not code-gated in WaveExecutor |
216
+ | 2 | Does old conversation content appear in new turns? | Memory contamination (NexusTracer/shard) |
217
+ | 3 | Is the same info in system prompt AND shard memory AND history? | Context duplication |
218
+ | 4 | Does soul-engine or hindsight run a second LLM pass before delivery? | Hidden repair loop |
219
+ | 5 | Does output differ between internal generation and user delivery? | Rendering corruption (dashboard/CLI) |
220
+ | 6 | Are "must use tool X" rules only in prompt text? | Tool discipline failure |
221
+ | 7 | Can the agent's own monologue become a persistent instinct/shard? | Memory poisoning |
222
+
223
+ ### Anti-Patterns to Avoid
224
+ - Avoid blaming the model before falsifying wrapper-layer regressions.
225
+ - Avoid blaming memory without showing the contamination path (which shard /
226
+ instinct / NexusTracer turn).
227
+ - Do not let a clean current `auto-state.json` erase a dirty historical incident.
228
+ - Do not treat markdown prose as a trustworthy internal protocol.
229
+ - Do not accept "must use tool" in prompt text when WaveExecutor never enforces it.
230
+ - Keep findings direct, evidence-backed, and severity-ranked.
231
+
232
+ ### Report Schema
233
+ Audits MUST produce a structured report following this shape:
234
+
235
+ ```json
236
+ {
237
+ "schema_version": "mindforge.agent-architecture-audit.report.v1",
238
+ "executive_verdict": {
239
+ "overall_health": "high_risk",
240
+ "primary_failure_mode": "string",
241
+ "most_urgent_fix": "string"
242
+ },
243
+ "scope": {
244
+ "target_name": "string",
245
+ "model_stack": ["string"],
246
+ "layers_to_audit": ["string"]
247
+ },
248
+ "findings": [
249
+ {
250
+ "severity": "critical|high|medium|low",
251
+ "title": "string",
252
+ "mechanism": "string",
253
+ "source_layer": "string",
254
+ "root_cause": "string",
255
+ "evidence_refs": ["file:line"],
256
+ "confidence": 0.0,
257
+ "recommended_fix": "string"
258
+ }
259
+ ],
260
+ "ordered_fix_plan": [
261
+ { "order": 1, "goal": "string", "why_now": "string", "expected_effect": "string" }
262
+ ]
263
+ }
264
+ ```
265
+
266
+ ## Self-check before task completion
267
+ - [ ] Did I scope the audit to a concrete MindForge target, entrypoint, and model stack?
268
+ - [ ] Did I map each finding to one of the 12 layers AND its MindForge component (NexusTracer, soul-engine, shard-controller, PersonaFactory, WaveExecutor, etc.)?
269
+ - [ ] Did I check all five failure patterns (wrapper regression, memory contamination, tool discipline, rendering/transport corruption, hidden repair loops)?
270
+ - [ ] Is every finding evidence-backed with a file:line or NexusTracer/AUDIT reference and a confidence score?
271
+ - [ ] Did I emit the `mindforge.agent-architecture-audit.report.v1` JSON report (severity-ranked findings + ordered, code-first fix plan)?
272
+ - [ ] Did I hand off to `agent-introspection-debugging` for any single runtime failure that still needs contained recovery?
@@ -60,6 +60,22 @@ The instinct engine runs in auto-capture mode, watching for:
60
60
  - Instincts inactive for 30 days are auto-pruned
61
61
  - User can manually deprecate any instinct
62
62
 
63
+ ### Project scoping (no cross-project leak)
64
+ Every captured instinct carries a `project_id` (a stable 12-char SHA256 of the
65
+ git remote URL, normalized so https/ssh/scp clones of the same repo match) plus
66
+ a human-readable `project` name. Outside a git repo, both fall back to
67
+ `global`. This enforces the invariant that instincts learned in repo A never
68
+ surface in repo B:
69
+
70
+ - **Read-time filter:** when recalling instincts (status, evolve-skills,
71
+ cluster-instincts), match `project_id` to the current repo's detected id, OR
72
+ `global`. Ignore entries from other projects.
73
+ - **Detection:** `bin/hooks/lib/detect-project.js` (`detectProject(cwd)`) is the
74
+ single source of the id; the capture hook stamps it on write.
75
+ - **Promotion across projects:** an instinct seen in 2+ projects with avg
76
+ confidence >= 0.8 is a candidate to promote to a `global` instinct (deeper
77
+ cross-project promotion criteria are handled by evolve-skills).
78
+
63
79
  ### During any task (passive observation)
64
80
  - Note patterns that repeat across tasks
65
81
  - When user corrects behavior: acknowledge and create instinct
@@ -0,0 +1,284 @@
1
+ ---
2
+ name: orch-pipeline
3
+ version: 1.0.0
4
+ min_mindforge_version: 11.4.0
5
+ status: stable
6
+ triggers: orchestration, multi-agent build, feature pipeline, size classification, blast radius, orch-add-feature, orch-fix-defect, orch-change-feature, orch-refine-code, orch-build-mvp, gated pipeline, research-plan-tdd-review-commit
7
+ origin: ECC (ported and adapted to MindForge)
8
+ ---
9
+
10
+ # Skill — Orchestrator Pipeline (shared engine)
11
+
12
+ The `orch-*` commands are thin wrappers. They do not re-implement any work — they
13
+ classify the request, choose which phases of *this* pipeline run, and delegate
14
+ each phase to an existing MindForge skill, command, persona, or subagent. This
15
+ file is that pipeline.
16
+
17
+ > Invoke an operation command (`/mindforge:orch-add-feature`,
18
+ > `/mindforge:orch-fix-defect`, …) rather than this engine directly. This file is
19
+ > the reference they point at.
20
+
21
+ ## When this skill activates
22
+
23
+ - Loaded indirectly whenever an `orch-*` operation command runs.
24
+ - Activates on the triggers above: orchestration, multi-agent build, feature
25
+ pipeline, size classification, blast radius.
26
+ - Read directly only when adding a new operation to the family or tuning the
27
+ shared phases, gates, agent map, or the size classifier.
28
+
29
+ ## Mandatory actions when this skill is active
30
+
31
+ 1. Run **Step 0 — the SIZE CLASSIFIER** first; ceremony scales to blast radius.
32
+ Never skip it — emitting the size + plan is the contract.
33
+ 2. Drive the work through the phases (research → plan → execute → verify →
34
+ review → commit) using the MindForge XML plan format.
35
+ 3. Honor **both gates**: the plan-approval gate and GATE 2 (commit + AUDIT.jsonl
36
+ with conventional commits).
37
+ 4. Route work through the remapped MindForge agent/capability map — never invoke
38
+ the original ECC agent names.
39
+ 5. Respect the security auto-trigger and Tier-3 governance; the GAN inner loop is
40
+ descoped to `WaveExecutor` / the swarm-execution protocol.
41
+
42
+ ## The operation family
43
+
44
+ | Command | Operation | Trigger | First move |
45
+ |---------|-----------|---------|------------|
46
+ | `/mindforge:orch-add-feature` | feature | capability does not exist yet | research + plan a new slice |
47
+ | `/mindforge:orch-change-feature` | tweak | works, but desired behavior differs | amend existing behavior *and its tests* |
48
+ | `/mindforge:orch-fix-defect` | fix | broken; behavior is wrong | reproduce as a failing test, then fix |
49
+ | `/mindforge:orch-refine-code` | refactor | behavior stays, structure improves | restructure while keeping tests green |
50
+ | `/mindforge:orch-build-mvp` | mvp | bootstrap from a design/spec doc | ingest doc → vertical slices |
51
+
52
+ > These wrappers **compose** existing MindForge capabilities rather than replace
53
+ > them: the `writing-plans` skill + `/mindforge:plan-write`, the
54
+ > `mindforge-tdd_extended` protocol, `/mindforge:cross-review` + `/mindforge:review`,
55
+ > the `04-quality-security` reviewer subagents, and the `quick.md` security
56
+ > auto-trigger. The orch-* family adds the shared **size classifier** and the
57
+ > **two human gates** on top of them, so one umbrella covers all five operations
58
+ > consistently.
59
+
60
+ ---
61
+
62
+ ## Step 0 — SIZE CLASSIFIER (right-sizing) — the novel control
63
+
64
+ > **This is the whole point of the port. Ceremony scales to blast radius.** Do
65
+ > not skip it. Always run Step 0 first and always state the result in one line so
66
+ > the user can override.
67
+
68
+ Score the request on three signals, take the **highest** tier any signal
69
+ reaches, and emit one line:
70
+
71
+ ```
72
+ [orch] size: <tier> — phases <mask> — rationale: <one clause> (override with: size=<tier>)
73
+ ```
74
+
75
+ | Tier | Files touched | New dependency / contract | Design ambiguity | Phases that run |
76
+ |------|---------------|---------------------------|------------------|-----------------|
77
+ | **tiny** | 1, a few lines | none | none — the change is obvious | 4 → 5 → 6 |
78
+ | **small** | 1 file / 1 function | none | clear once you read the code | (1 light) → 4 → 5 → 6 |
79
+ | **medium** | 2–5 files | maybe a new internal module | one real choice to make | 1 → 2 → 4 → 5 → 6 |
80
+ | **large** | many / cross-cutting | new external dep, public API, or a spec doc | multiple open questions | 1 → 2 → (3) → 4 → 5 → 6 |
81
+
82
+ Phase 0 (Intake) always runs and is omitted from the mask column above.
83
+
84
+ **Tie-breakers (force a floor regardless of file count):**
85
+ - Anything touching a **security trigger** (see below) is **at least medium**.
86
+ - Anything touching a **public API / contract / spec doc** is **at least medium**.
87
+ - Anything classified **Tier 3** under the MindForge security policy (see
88
+ `.claude/CLAUDE.md` → CRITICAL SECURITY & AUTO-TRIGGER) is **at least large**
89
+ and requires manual overhead before Gate 1.
90
+ - If the swarm controller (`.mindforge/engine/swarm-controller.md`) would trigger
91
+ on this task (`compositeScore >= AUTO_SWARM_THRESHOLD`, or a multi-disciplinary
92
+ marker like `UI + API` / `Auth + Database`), treat the tier as **large** and
93
+ run the Implement phase via the swarm-execution protocol (see Phase 4).
94
+
95
+ Per-operation default floors (the wrappers pass these in):
96
+ - `orch-fix-defect` → floor **small** (often **tiny**).
97
+ - `orch-change-feature` → floor **small**.
98
+ - `orch-refine-code` → floor **medium** (restructures touch multiple files).
99
+ - `orch-build-mvp` → floor **large**, full pipeline incl. Scaffold (Phase 3).
100
+ - `orch-add-feature` → no floor; classify on the three signals.
101
+
102
+ ---
103
+
104
+ ## The phases
105
+
106
+ Each phase delegates — it does not do the work inline.
107
+
108
+ - **0. Intake** — restate the request in one line. For `orch-build-mvp`, read the
109
+ spec/design doc and extract scope, locked decisions, and a feature list.
110
+ - **1. Research & Reuse** — Search-Before-Building (Builder Ethos): `gh search
111
+ repos` / `gh search code`, then Context7 / vendor docs, then package registries,
112
+ then Exa / web search. Prefer adopting a proven implementation over net-new
113
+ code. Use `/mindforge:research` for a focused research subagent when the task
114
+ involves unfamiliar libraries.
115
+ - **2. Plan** — delegate to the `writing-plans` skill via `/mindforge:plan-write`.
116
+ Output a MindForge **XML plan** (format below), ordered as thin vertical
117
+ slices, written under `.planning/`. → **GATE 1.**
118
+ - **3. Scaffold** — `orch-build-mvp` only: stand up the first end-to-end slice.
119
+ - **4. Implement (TDD)** — drive each task through the `mindforge-tdd_extended`
120
+ protocol (Red → Green → Refactor). Honor the operation's first-move rule. For
121
+ **large**/swarm-triggered tasks, delegate the implement wave to
122
+ `WaveExecutor` / the `mindforge-swarm-execution` protocol
123
+ (`.mindforge/engine/wave-executor.md`) instead of a single-threaded loop.
124
+ - **5. Review** — `/mindforge:review` (code-quality + security), escalating to
125
+ `/mindforge:cross-review` (multi-model consensus) for **large** tiers. Pull in
126
+ the matching `04-quality-security` reviewer subagent for the repo's language
127
+ (`typescript-reviewer`, `python-reviewer`, `rust-reviewer`, `go-reviewer`, …)
128
+ and `security-auditor` / `penetration-tester` whenever the diff touches a
129
+ security trigger.
130
+ - **6. Commit** — conventional commits (`feat:` / `fix:` / `refactor:` / …), one
131
+ per logical chunk, **+ a Merkle-linked AUDIT.jsonl entry per commit**. → **GATE 2.**
132
+
133
+ ---
134
+
135
+ ## The MindForge XML plan format (Phase 2 output)
136
+
137
+ Plans are MindForge XML, written under `.planning/` — **never** ECC
138
+ `.claude/PRPs/` paths. For orch-* work the planning home is
139
+ `.planning/quick/[NNN]-[slug]/PLAN.md` (sequential numbering, per `quick.md`) for
140
+ tiny/small/medium, or `.planning/phases/[phase]/PLAN.md` when a phase is active.
141
+
142
+ ```xml
143
+ <task type="orch-[operation]">
144
+ <n>[task name]</n>
145
+ <size>[tiny|small|medium|large]</size>
146
+ <persona>[appropriate persona — security-reviewer if a trigger is touched]</persona>
147
+ <files>[files to touch]</files>
148
+ <context>[why this work exists; cited file:line patterns from EXPLORE]</context>
149
+ <action>[ordered, no-placeholder vertical slices — the task_list]</action>
150
+ <verify>[exact verification command + expected output]</verify>
151
+ <done>[definition of done — incl. tests + coverage ≥ 80%]</done>
152
+ </task>
153
+ ```
154
+
155
+ The `writing-plans` skill's EXPLORE protocol and "No Prior Knowledge" gate apply:
156
+ every convention the plan references must be cited from the actual codebase.
157
+
158
+ ---
159
+
160
+ ## The two gates
161
+
162
+ This family is **gated, not autonomous**:
163
+
164
+ 1. **GATE 1 — after Plan.** Present the XML `<action>` task_list; do not write
165
+ implementation code until the user approves. For **Tier 3** security-classified
166
+ work, the manual security overhead is completed here before approval.
167
+ 2. **GATE 2 — before Commit.** Present the diff summary and proposed conventional
168
+ commit messages; do not commit until the user confirms. Each confirmed commit
169
+ writes a Merkle-linked AUDIT.jsonl entry (below).
170
+
171
+ Everything between the gates flows without stopping.
172
+
173
+ ---
174
+
175
+ ## Agent / capability map (remapped to MindForge)
176
+
177
+ | Phase | Primary (MindForge) | Fallback / escalation |
178
+ |-------|---------------------|-----------------------|
179
+ | Intake / understand | `/mindforge:map-codebase` / `/mindforge:code-tour` | trace existing paths before a tweak, fix, or refactor |
180
+ | Research | `/mindforge:research` | Context7 / vendor docs / package registries / Exa |
181
+ | Plan | `writing-plans` skill via `/mindforge:plan-write` | `/mindforge:system-design`, `/mindforge:rfc` for structural calls |
182
+ | Implement | `mindforge-tdd_extended` protocol (Red-Green-Refactor) | `/mindforge:debug` on build/test breaks |
183
+ | Implement (large/swarm) | `WaveExecutor` / `mindforge-swarm-execution` protocol | `SwarmController` cluster selection (`.mindforge/engine/swarm-controller.md`) |
184
+ | Review | `/mindforge:review` (code-quality + security) | `/mindforge:cross-review` (multi-model) for large tiers |
185
+ | Language review | `04-quality-security/<lang>-reviewer.md` subagent | match the reviewer to the repo (see its `CLAUDE.md`) |
186
+ | Security | `quick.md` security auto-trigger → `security-reviewer.md` persona + `security-auditor` / `penetration-tester` subagents | `/mindforge:security-scan` PRE-COMMIT |
187
+
188
+ Match the language reviewer to the repo. The `04-quality-security` subagents live
189
+ under `subagents/categories/04-quality-security/`.
190
+
191
+ ---
192
+
193
+ ## Security-review trigger (the quick.md auto-trigger)
194
+
195
+ Reuse the `quick.md` **security auto-trigger**: scan the task description and the
196
+ files in scope for security keywords —
197
+ `auth, authentication, login, password, token, JWT, session, payment, PII, upload,
198
+ credential, secret, key` — and for changes to authorization, user-input handling,
199
+ database queries, file-system paths, external API calls, or cryptography.
200
+
201
+ If any match:
202
+ 1. Load `security-review/SKILL.md` and activate the `security-reviewer.md` persona
203
+ for the Implement and Review phases (required even for tiny/small tiers).
204
+ 2. Pull in the `security-auditor` (+ `penetration-tester` for large) subagents
205
+ from `04-quality-security/` during Phase 5.
206
+ 3. Run `/mindforge:security-scan` PRE-COMMIT. **Fail the gate if any Medium+
207
+ findings are unaddressed** (per `.claude/CLAUDE.md`).
208
+ 4. Treat the task as **at least medium** in Step 0 (Tier 3 → at least large, with
209
+ manual overhead before Gate 1).
210
+
211
+ ---
212
+
213
+ ## Handoff artifacts
214
+
215
+ The pipeline carries no hidden state — the planning docs *are* the handoff:
216
+
217
+ - The XML `<action>` task_list (from Plan) drives the Implement loop.
218
+ - Larger work may also emit PRD / architecture / system_design under `.planning/`
219
+ (via `/mindforge:system-design`, `/mindforge:product-spec`, `/mindforge:rfc`).
220
+ - Review findings (Blocking / CRITICAL / HIGH) must be resolved before Gate 2.
221
+
222
+ ---
223
+
224
+ ## GATE 2 — commit + AUDIT.jsonl (Phase 6)
225
+
226
+ On user confirmation at Gate 2, for **each** logical commit:
227
+
228
+ 1. Commit with a **conventional** message scoped to one logical change:
229
+ `feat(<scope>): …` / `fix(<scope>): …` / `refactor(<scope>): …` / etc.
230
+ 2. Append a **Merkle-linked** AUDIT.jsonl entry to `.planning/AUDIT.jsonl`. Each
231
+ entry sets `previous_hash` to the prior entry's `_hash` and computes its own
232
+ `_hash` (per `.mindforge/audit/AUDIT-SCHEMA.md`):
233
+
234
+ ```json
235
+ {
236
+ "id": "uuid",
237
+ "timestamp": "ISO-8601",
238
+ "event": "orch_commit",
239
+ "agent": "orch-pipeline",
240
+ "operation": "add-feature | fix-defect | change-feature | refine-code | build-mvp",
241
+ "size_tier": "tiny | small | medium | large",
242
+ "phase": null,
243
+ "task_name": "[task name]",
244
+ "commit_sha": "abc1234",
245
+ "commit_type": "feat | fix | refactor",
246
+ "files_changed": ["src/..."],
247
+ "security_trigger": false,
248
+ "review_verdict": "approved | approved_with_conditions",
249
+ "gates_honored": ["gate1_plan", "gate2_commit"],
250
+ "previous_hash": "<prior _hash>",
251
+ "_hash": "<sha256 of this entry>"
252
+ }
253
+ ```
254
+
255
+ ---
256
+
257
+ ## Verification (self-check before task completion)
258
+
259
+ - [ ] **Step 0 size tier was stated in one line** and matched the work.
260
+ - [ ] **Gate 1 (plan)** and **Gate 2 (commit)** were both honored.
261
+ - [ ] The plan was MindForge XML written under `.planning/` (never ECC `PRPs/`).
262
+ - [ ] The `quick.md` security auto-trigger ran; `security-reviewer` engaged iff a
263
+ security trigger was touched; `/mindforge:security-scan` passed PRE-COMMIT
264
+ with no unaddressed Medium+ findings.
265
+ - [ ] Commits are conventional and scoped to one logical change.
266
+ - [ ] Each commit wrote a Merkle-linked AUDIT.jsonl entry (`previous_hash`/`_hash`).
267
+ - [ ] New / changed behavior has tests; coverage ≥ 80%.
268
+
269
+ ---
270
+
271
+ ## Note — GAN inner loop is DESCOPED
272
+
273
+ The ECC original drove `orch-build-mvp`'s inner build loop through a **GAN
274
+ generate/evaluate harness** (`/gan-build`, `gan-generator` → `gan-evaluator`,
275
+ `gan-harness/spec.md` + `eval-rubric.md`). **That GAN harness is not ported.** In
276
+ MindForge, `orch-build-mvp`'s build loop instead **delegates each vertical slice
277
+ to `WaveExecutor` / the `mindforge-swarm-execution` protocol**
278
+ (`.mindforge/engine/wave-executor.md`), with `SwarmController`
279
+ (`.mindforge/engine/swarm-controller.md`) selecting the cluster. The adversarial
280
+ quality bar is provided by the existing `mindforge-tdd_extended` (Red-Green) loop
281
+ plus `/mindforge:cross-review`, not by a GAN evaluator.
282
+
283
+ > **Deferred:** porting the GAN generate/evaluate harness (and its spec /
284
+ > eval-rubric artifacts) into MindForge is out of scope for v1.0.0 of this engine.
@@ -23,6 +23,79 @@ plans, migration plans, refactoring plans, and any multi-step work breakdown.
23
23
  2. **Identify the scope boundary.** What is IN the plan vs OUT of scope?
24
24
  3. **Identify dependencies.** Which steps depend on other steps? Which can be parallel?
25
25
 
26
+ ### EXPLORE — Structured Codebase Discovery (run BEFORE plan authoring)
27
+
28
+ > Adapted from the PRP EXPLORE protocol (PRPs-agentic-eng by Wirasm). This is a
29
+ > discovery discipline that PRECEDES authoring the MindForge XML/structured plan —
30
+ > it does NOT replace the plan format. The output of EXPLORE feeds the plan's
31
+ > Context, Files, and Details sections with real, cited patterns.
32
+
33
+ **Golden Rule**: If you would need to search the codebase *during* implementation,
34
+ capture that knowledge NOW, during EXPLORE.
35
+
36
+ #### The 8 Search Categories
37
+
38
+ Search the codebase directly (grep, find, file reads) for each category. Do NOT
39
+ skip a category by assuming — confirm it against the actual repository.
40
+
41
+ 1. **Existing Patterns** — Architectural patterns already in use (repository,
42
+ service, controller, middleware, hook, etc.) in the area you'll modify.
43
+ 2. **Similar Features** — Existing features that resemble the planned one. The
44
+ closest analogue is the single most valuable reference.
45
+ 3. **Conventions** — How files, functions, variables, classes, and exports are
46
+ named and organized in the relevant area.
47
+ 4. **Dependencies** — Packages, imports, and internal modules used by similar
48
+ features. Note versions where they matter.
49
+ 5. **Tests** — How similar features are tested: test file locations, naming,
50
+ setup/teardown, fixtures, and assertion style.
51
+ 6. **Configs** — Relevant config files, environment variables, and feature flags.
52
+ 7. **Error Handling** — How errors are caught, propagated, logged, and surfaced
53
+ to users in similar code paths.
54
+ 8. **Integration Points** — Entry points, data flow, state changes, and the
55
+ contracts/interfaces the new code must honor.
56
+
57
+ #### Patterns to Mirror (capture as file:line snippet references)
58
+
59
+ For each category that yields a concrete convention, record a **Patterns to Mirror**
60
+ entry. Every entry MUST cite a real `file:line` source and quote the actual snippet
61
+ — never paraphrase, never invent:
62
+
63
+ ```markdown
64
+ ## Patterns to Mirror
65
+
66
+ ### NAMING_CONVENTION
67
+ // SOURCE: src/services/userService.ts:1-5
68
+ [actual snippet copied from the file]
69
+
70
+ ### ERROR_HANDLING
71
+ // SOURCE: src/middleware/errorHandler.ts:10-25
72
+ [actual snippet copied from the file]
73
+
74
+ ### TEST_STRUCTURE
75
+ // SOURCE: tests/services/userService.test.ts:1-30
76
+ [actual snippet copied from the file]
77
+ ```
78
+
79
+ These mirrored snippets get folded into the plan's **Details** blocks so the
80
+ executor writes code indistinguishable from existing code.
81
+
82
+ #### The "No Prior Knowledge" Gate (MANDATORY before authoring)
83
+
84
+ The plan must be executable by someone with **NO prior knowledge of this repo**.
85
+ Therefore:
86
+
87
+ - Every convention the plan references MUST be cited from the actual codebase
88
+ (a real `file:line` + snippet). If you cannot cite it, you have not explored
89
+ enough — go search.
90
+ - NEVER invent a convention, path, type, or import. If the codebase does not
91
+ establish it, the plan does not assume it.
92
+ - If a needed pattern genuinely does not exist yet, say so explicitly and define
93
+ the new convention in the plan (rather than pretending it already exists).
94
+
95
+ **Gate check**: Before moving from EXPLORE to plan authoring, confirm —
96
+ "Could a developer who has never seen this repo implement every step using ONLY
97
+ this plan, without searching or asking?" If not, the EXPLORE pass is incomplete.
98
+
26
99
  ### During plan writing
27
100
 
28
101
  #### Core Principle: NO PLACEHOLDERS
@@ -168,3 +241,6 @@ Before marking a task done when this skill was active:
168
241
  - [ ] Plan scope (IN/OUT) is clearly defined.
169
242
  - [ ] If > 15 steps, organized into phases with phase-level gates.
170
243
  - [ ] All file paths verified to exist (or marked as "new file").
244
+ - [ ] EXPLORE ran across all 8 search categories before authoring.
245
+ - [ ] Patterns to Mirror captured as real `file:line` snippets (no invented conventions).
246
+ - [ ] "No Prior Knowledge" gate passes — every referenced convention is cited from the codebase.