okstra 0.47.0 → 0.48.0

package/runtime/prompts/profiles/final-verification.md

@@ -44,6 +44,8 @@
   3. **Coverage check** — every requirement in the originating plan/task brief is either marked covered (with artifact) or listed as a blocker. No silent omissions.
   4. **Verifier dissent preserved** — if workers reach different verdicts, the disagreement is visible in section 1.2; synthesis hides nothing.
   5. **No source-mutation audit** — scan the run's session transcripts for Edit / Write or state-mutating Bash commands that touch paths OUTSIDE `<PROJECT_ROOT>/.okstra/**` and outside the assigned run-artifact paths. Writes to worker prompts, audit sidecars, team-state, the final-report `data.json`, and rendered reports under the run directory are allowed okstra artifacts. Any source/schema/deployment mutation means the run has crossed into implementation and MUST be re-routed; do NOT silently strip the evidence.
+- Cross-verification mode:
+  - **Acceptance critic (opt-in)**: when `convergence.critic.enabled=true` (chosen via the okstra-run picker or `--critic`), a reused-worker **acceptance devil's-advocate** pass runs after convergence to surface candidate acceptance blockers the verifiers may have missed. Each candidate is verified **confirm-or-downgrade**: confirmed → an `Acceptance Blockers` row (which, since `accepted` requires zero blockers, moves the verdict to `conditional-accept` / `blocked`); unconfirmed → a `Residual Risk` row (never dropped). See `skills/okstra-convergence/SKILL.md` "Acceptance critic pass (final-verification)".
 - Non-goals:
   - proposing unrelated refactors beyond the delivered scope
   - **source code edits, follow-up bug fixes, or scope expansion** — this run renders a verdict only; defects detected here become inputs to a new `error-analysis` or `implementation-planning` run

package/runtime/prompts/profiles/implementation-planning.md

@@ -37,6 +37,10 @@
   - recommended execution order
 - Approval gate (phase-specific addendum to shared authority rule):
   - The YAML frontmatter `approved: true|false` field is the only authorised approval gate. report-writer always emits `approved: false`. The user clears it either by (a) editing the frontmatter line to `approved: true` directly, or (b) invoking the next phase with `--approve` so the CLI flips the frontmatter on the user's behalf. `okstra_ctl.run._validate_approved_plan` reads this field and refuses entry until it is `true`.
+- Cross-verification mode:
+  - Phase 5.5 finding convergence runs in **adversarial mode** for this phase (`convergence.adversarial=true`). Verifiers actively try to refute each worker finding (requirement gap / risk / option) by re-inspecting its cited evidence; the burden of proof sits on the claim. See `skills/okstra-convergence/SKILL.md` §"Adversarial Verification Mode".
+  - §4.5.9 plan-body verification runs with an **adversarial posture** (`skills/okstra-convergence/SKILL.md` §"Adversarial plan-body posture"): verifiers open and confirm every cited path / command and put the burden of proof on the plan. The gate threshold is unchanged — a *majority* `DISAGREE` (`majority-disagree`) is still required to block approval; a single dissent does not.
+  - **Coverage critic (opt-in)**: when `convergence.critic.enabled=true` (chosen via the okstra-run picker or `--critic`), a reused-worker critic pass runs after convergence to surface missed findings; its gaps are merged only after a 1-round adversarial reverify. See `skills/okstra-convergence/SKILL.md` "Coverage critic pass".
 - Non-goals:
   - code-level micro-optimization unless it changes the implementation approach
   - **source code edits of any kind** — this run produces a plan document only; Edit/Write on project source files is forbidden until the plan is approved and a separate `implementation` run starts
@@ -74,7 +78,7 @@
   - the YAML frontmatter MUST include the line `approved: false` (report-writer always emits the unflipped value). The user authorises the next `implementation` run by flipping it to `approved: true` (manual edit or `--approve` CLI). Do NOT recreate any `User Approval Request` body block — the validator fails reports that contain one (see `validators/validate-run.py` deprecated patterns).
   - **the frontmatter `approved: false` line is rendered unconditionally; if the plan-body verification gate (§4.5.9) returns `blocked-by-disagreement` or `aborted-non-result`, the writer MUST keep `approved: false` and the validator refuses any report that ships with `approved: true` under such a gate result.**
   - every ambiguity flagged during pre-planning that the user must resolve before approval registered as a `Blocks=approval` row in the `## 5. Clarification Items` table (do NOT create a separate `Open Questions` block under `4.5.x` — the unified table is the single home)
-  - **§4.5.9 Plan Body Verification (BLOCKING).** After report-writer finishes the draft, the lead MUST run a worker peer-review round on the consolidated plan body (sections 4.5.1 – 4.5.7) and populate `### 4.5.9 Plan Body Verification` in the final report. The round protocol, plan-item ID scheme (`P-Opt-*` / `P-Step-*` / `P-Dep-*` / `P-Val-*` / `P-Rb-*`), verdict semantics, gate-result classification, and dissent log format are defined in `skills/okstra-convergence/SKILL.md` "Plan-body verification mode". The four gate-result values are `passed`, `passed-with-dissent`, `blocked-by-disagreement`, `aborted-non-result`. When the gate would have been `blocked-by-disagreement` or `aborted-non-result`, the lead MUST NOT silently flip it to one of the passing values to "unblock" the run — that is a contract violation.
+  - **§4.5.9 Plan Body Verification (BLOCKING).** After report-writer finishes the draft, the lead MUST run a worker peer-review round on the consolidated plan body (sections 4.5.1 – 4.5.7) and populate `### 4.5.9 Plan Body Verification` in the final report. The round protocol, plan-item ID scheme (`P-Opt-*` / `P-Step-*` / `P-Dep-*` / `P-Val-*` / `P-Rb-*`), verdict semantics, gate-result classification, and dissent log format are defined in `skills/okstra-convergence/SKILL.md` "Plan-body verification mode". The four gate-result values are `passed`, `passed-with-dissent`, `blocked-by-disagreement`, `aborted-non-result`. When the gate would have been `blocked-by-disagreement` or `aborted-non-result`, the lead MUST NOT silently flip it to one of the passing values to "unblock" the run — that is a contract violation. When `convergence.adversarial=true` (the default for this phase), this round uses the adversarial posture — verifiers confirm cited paths/commands and the burden of proof is on the plan — but the gate threshold stays `majority-disagree` (see that skill's §"Adversarial plan-body posture").
   - **Decision-record evaluation (sole owner)**: this phase is the **single owner** of decision-record evaluation in the okstra lifecycle. The brief never evaluates or drafts decision records — it only forwards `adr-candidate:*` signals. Every `adr-candidate:*` entry inherited from the brief's `Open Questions` is a mandatory evaluation target. In addition, evaluate every decision the recommended option introduces against the three criteria:
     1. **Hard to reverse** — would changing the decision later cost meaningfully more than deciding now?
     2. **Surprising without context** — would a future reader, seeing only the code, wonder "why was it built this way?"?

package/runtime/prompts/profiles/requirements-discovery.md

@@ -53,6 +53,7 @@
   - **Evidence note required inside `Statement`**: every clarification row includes `Evidence checked: <path:line>` or `Evidence checked: none — <human-only reason>` in the `Statement` cell. `none` is allowed ONLY when the row's nature is "only a human can answer this" (reporter intent, business priority, external authority). A row with `none` that *could* have been answered by the codebase is a defect.
 - Cross-verification mode:
   - Phase 5.5 convergence runs in **adversarial mode** for this phase (`convergence.adversarial=true`). Verifiers actively try to refute each worker's finding by directly re-inspecting the cited evidence; the burden of proof sits on the claim. See `skills/okstra-convergence/SKILL.md` §"Adversarial Verification Mode". A single evidence-backed refutation prevents a finding from reaching consensus.
+  - **Coverage critic (opt-in)**: when `convergence.critic.enabled=true` (chosen via the okstra-run picker or `--critic`), a reused-worker critic pass runs after convergence to surface missed findings; its gaps are merged only after a 1-round adversarial reverify. See `skills/okstra-convergence/SKILL.md` "Coverage critic pass".
 - Non-goals:
   - full implementation design unless it is required to decide the next phase
   - **source code edits, plan authoring, builds, or deployments** — this run only classifies the work and routes it; deeper analysis and planning belong to subsequent phases

package/runtime/prompts/wizard/prompts.ko.json

@@ -228,6 +228,19 @@
         "_DEFAULT_SUFFIX": " (default)"
       }
     },
+    "critic_pick": {
+      "label": "추가 critic 패스를 돌릴까요? (놓친 finding/blocker 를 캐는 검증 패스 — opt-in)",
+      "echo_template": "critic: {value}",
+      "options": {
+        "off": "사용 안 함 (기본·추천)",
+        "claude": "claude critic (추천)",
+        "__free_input__": "직접 입력 (codex / gemini)"
+      }
+    },
+    "critic_text": {
+      "label": "critic provider 를 직접 입력하세요 (codex / gemini)",
+      "echo_template": "critic: {value}"
+    },
     "defaults_or_custom": {
       "label": "역할별로 어떤 모델을 쓸지 정하는 단계입니다 (참여 워커 구성을 바꾸는 게 아닙니다).\n· 기본값으로 진행 — lead·실행자/워커·report-writer 를 모두 추천 모델로 두고 바로 진행합니다.\n· 커스터마이즈 — 역할별 모델을 직접 고르고, 추가 directive·관련 task 도 지정합니다.",
       "echo_template": "customize: {value}",

package/runtime/python/okstra_ctl/render.py

@@ -903,26 +903,47 @@ def _build_convergence_block(ctx: dict) -> dict:
     - `enabled` default True
     - `maxRounds` default 1 for `requirements-discovery`, 2 otherwise
     - `verificationMode` default "lightweight"
-    - `adversarial` default True for `requirements-discovery` / `error-analysis`
-      (forces `verificationMode` to "full-reanalysis"), False otherwise
+    - `adversarial` default True for `requirements-discovery` / `error-analysis` /
+      `implementation-planning` (forces `verificationMode` to "full-reanalysis"),
+      False otherwise
     - `planBodyVerification` is implementation-planning specific; the key is
       always emitted (dead-letter on other phases) so the schema stays stable.
 
     ctx knobs honoured:
     - `OKSTRA_PLAN_VERIFICATION`: "true" | "false" | "" (empty → default True).
       Wired from CLI `--no-plan-verification` (sets "false").
+    - `CRITIC_CHOICE`: "" | "off" | "claude" | "codex" | "gemini" — critic
+      backing provider (enabled only for requirements-discovery / error-analysis /
+      implementation-planning / final-verification); model taken from that
+      provider's execution value.
     """
     task_type = ctx.get("TASK_TYPE", "")
     default_max_rounds = 1 if task_type == "requirements-discovery" else 2
-    adversarial_phases = {"requirements-discovery", "error-analysis"}
+    adversarial_phases = {"requirements-discovery", "error-analysis", "implementation-planning"}
     is_adversarial = task_type in adversarial_phases
     raw_plan_verify = (ctx.get("OKSTRA_PLAN_VERIFICATION", "") or "").strip().lower()
     plan_verify_enabled = raw_plan_verify != "false"
+    critic_choice = (ctx.get("CRITIC_CHOICE", "") or "").strip().lower()
+    # Independent of `adversarial_phases` above (they answer different questions and
+    # may diverge): the coverage critic is opt-in for the finding-producing phases.
+    critic_phases = {"requirements-discovery", "error-analysis", "implementation-planning", "final-verification"}
+    critic_exec_key = {
+        "claude": "CLAUDE_WORKER_MODEL_EXECUTION_VALUE",
+        "codex": "CODEX_WORKER_MODEL_EXECUTION_VALUE",
+        "gemini": "GEMINI_WORKER_MODEL_EXECUTION_VALUE",
+    }
+    critic_enabled = critic_choice in critic_exec_key and task_type in critic_phases
+    critic_block = {
+        "enabled": critic_enabled,
+        "provider": critic_choice if critic_enabled else None,
+        "modelExecutionValue": (ctx.get(critic_exec_key[critic_choice]) or None) if critic_enabled else None,
+    }
     return {
         "enabled": True,
         "adversarial": is_adversarial,
         "maxRounds": default_max_rounds,
         "verificationMode": "full-reanalysis" if is_adversarial else "lightweight",
+        "critic": critic_block,
         "planBodyVerification": {
             "enabled": plan_verify_enabled,
             "maxRounds": 1,

package/runtime/python/okstra_ctl/run.py

@@ -120,6 +120,7 @@ class PrepareInputs:
     gemini_model: str = ""
     report_writer_model: str = ""
     executor: str = ""
+    critic: str = ""
     related_tasks_raw: str = ""
     work_category: str = ""
     base_ref: str = ""
@@ -499,6 +500,7 @@ def _canonical_argv(inp: PrepareInputs, ctx: dict) -> list[str]:
         ("--gemini-model", inp.gemini_model or ctx.get("GEMINI_WORKER_MODEL", "")),
         ("--report-writer-model", inp.report_writer_model or ctx.get("REPORT_WRITER_MODEL", "")),
         ("--executor", inp.executor or ctx.get("EXECUTOR_PROVIDER", "")),
+        ("--critic", inp.critic or ctx.get("CRITIC_CHOICE", "")),
         ("--related-tasks", inp.related_tasks_raw),
         ("--work-category", inp.work_category),
     ]
@@ -707,6 +709,13 @@ def prepare_task_bundle(inp: PrepareInputs) -> PrepareOutputs:
         default_display=report_writer_default, default_execution=report_writer_default,
     )
 
+    # ---- coverage critic choice (validated; phase-gating happens in render) ----
+    critic_choice = (inp.critic or "").strip().lower()
+    if critic_choice not in ("", "off", "claude", "codex", "gemini"):
+        raise PrepareError(
+            f"--critic must be one of: off, claude, codex, gemini (got: {critic_choice!r})"
+        )
+
     # ---- executor binding (implementation phase only; recorded universally for manifest consistency) ----
     executor_default = _default("OKSTRA_DEFAULT_EXECUTOR", "claude")
     executor_provider = (inp.executor or executor_default).strip().lower()
@@ -842,6 +851,7 @@ def prepare_task_bundle(inp: PrepareInputs) -> PrepareOutputs:
         "EXECUTOR_WORKER_AGENT": executor_worker_agent,
         "EXECUTOR_MODEL_DISPLAY": executor_model_meta.display,
         "EXECUTOR_MODEL_EXECUTION_VALUE": executor_model_meta.execution,
+        "CRITIC_CHOICE": critic_choice,
         "RELATED_TASKS_JSON": related_tasks_json_str,
         "RELATED_TASKS_BULLETS": bullets,
         "RELATED_TASKS_INLINE": inline,
@@ -1098,6 +1108,7 @@ def main(argv: list[str]) -> int:
     p.add_argument("--gemini-model", default="")
     p.add_argument("--report-writer-model", default="")
     p.add_argument("--executor", default="")
+    p.add_argument("--critic", default="")
     p.add_argument("--related-tasks", default="", dest="related_tasks_raw")
     p.add_argument("--approved-plan", default="", dest="approved_plan_path")
     p.add_argument(
@@ -1198,6 +1209,7 @@ def main(argv: list[str]) -> int:
         gemini_model=args.gemini_model,
         report_writer_model=args.report_writer_model,
         executor=args.executor,
+        critic=args.critic,
         related_tasks_raw=args.related_tasks_raw,
         work_category=args.work_category,
         base_ref=args.base_ref,

package/runtime/python/okstra_ctl/wizard.py

@@ -181,6 +181,8 @@ S_APPROVED_PLAN_PICK = "approved_plan_pick"
 S_APPROVED_PLAN = "approved_plan"
 S_STAGE_PICK = "stage_pick"
 S_EXECUTOR = "executor"
+S_CRITIC_PICK = "critic_pick"
+S_CRITIC_TEXT = "critic_text"
 S_DEFAULTS_OR_CUSTOM = "defaults_or_custom"
 S_WORKERS_OVERRIDE = "workers_override"
 S_LEAD_MODEL = "lead_model"
@@ -246,6 +248,8 @@ class WizardState:
     approved_plan_pending_text: bool = False
     selected_stage: str = "auto"
     executor: str = ""
+    critic: str = ""
+    critic_pending_text: bool = False
 
     # customize
     use_defaults: Optional[bool] = None
@@ -1459,6 +1463,55 @@ def _submit_pr_template_pick(state: WizardState, value: str) -> Optional[str]:
     )
 
 
+CRITIC_CHOICES = ["off", "claude", "codex", "gemini"]
+
+
+def _build_critic_pick(state: WizardState) -> Prompt:
+    t = _p(state.workspace_root, "critic_pick")
+    options: list[Option] = []
+    for k, v in t["options"].items():
+        if not k.startswith("_"):
+            options.append(_opt(k, v))
+    custom_label = t["options"].get(PICK_TYPE_CUSTOM, PICK_TYPE_CUSTOM)
+    options.append(_opt(PICK_TYPE_CUSTOM, custom_label))
+    return Prompt(
+        step=S_CRITIC_PICK, kind="pick",
+        label=t["label"],
+        options=options,
+        echo_template=t["echo_template"],
+    )
+
+
+def _submit_critic_pick(state: WizardState, value: str) -> Optional[str]:
+    if value == PICK_TYPE_CUSTOM:
+        state.critic_pending_text = True
+        return None
+    choice = (value or "").strip().lower()
+    if choice not in CRITIC_CHOICES:
+        raise WizardError(f"critic must be one of {CRITIC_CHOICES}, got: {value!r}")
+    state.critic = choice
+    state.critic_pending_text = False
+    return f"critic: {choice}"
+
+
+def _build_critic_text(state: WizardState) -> Prompt:
+    t = _p(state.workspace_root, "critic_text")
+    return Prompt(
+        step=S_CRITIC_TEXT, kind="text",
+        label=t["label"],
+        echo_template=t["echo_template"],
+    )
+
+
+def _submit_critic_text(state: WizardState, value: str) -> Optional[str]:
+    choice = (value or "").strip().lower()
+    if choice not in CRITIC_CHOICES:
+        raise WizardError(f"critic must be one of {CRITIC_CHOICES}, got: {value!r}")
+    state.critic = choice
+    state.critic_pending_text = False
+    return f"critic: {choice}"
+
+
 def _build_executor(state: WizardState) -> Prompt:
     t = _p(state.workspace_root, "executor")
     default_suffix = t["options"].get("_DEFAULT_SUFFIX", "")
@@ -1922,6 +1975,17 @@ STEPS: list[Step] = [
                             and not s.executor),
          build=_build_executor, submit=_submit_executor,
          owns=("executor",)),
+    Step(S_CRITIC_PICK,
+         applies=lambda s: (s.task_type in ("requirements-discovery", "error-analysis", "implementation-planning", "final-verification")
+                            and not s.critic
+                            and not s.critic_pending_text
+                            and S_CRITIC_PICK not in s.answered),
+         build=_build_critic_pick, submit=_submit_critic_pick,
+         owns=("critic", "critic_pending_text")),
+    Step(S_CRITIC_TEXT,
+         applies=lambda s: (s.critic_pending_text and S_CRITIC_TEXT not in s.answered),
+         build=_build_critic_text, submit=_submit_critic_text,
+         owns=("critic", "critic_pending_text")),
     Step(S_DEFAULTS_OR_CUSTOM,
          applies=lambda s: (_identity_ready(s)
                             and s.use_defaults is None),
@@ -2118,7 +2182,8 @@ _FIELD_DEFAULTS: dict[str, Any] = {
     "base_ref_pending_text": False, "approved_plan_path": "",
     "approved_plan_pending_text": False,
     "selected_stage": "auto",
-    "executor": "", "use_defaults": None, "workers_override": "",
+    "executor": "", "critic": "", "critic_pending_text": False,
+    "use_defaults": None, "workers_override": "",
     "lead_model": "", "claude_model": "", "codex_model": "",
     "gemini_model": "", "report_writer_model": "", "directive": "",
     "directive_pending_text": False,
@@ -2200,6 +2265,7 @@ def render_args(state: WizardState) -> dict[str, str]:
         "task-type": state.task_type,
         "task-brief": state.brief_path,
         "executor": state.executor,
+        "critic": state.critic,
         "approved-plan": state.approved_plan_path,
         "stage": (state.selected_stage or "auto") if state.task_type == "implementation" else "",
         "base-ref": base_ref,
@@ -2244,6 +2310,8 @@ def confirmation_block(state: WizardState) -> str:
     if state.report_writer_model:
         lines.append(f"  report-writer : {state.report_writer_model}")
     lines.append(f"  directive     : {state.directive or '(none)'}")
+    if state.task_type in ("requirements-discovery", "error-analysis", "implementation-planning", "final-verification"):
+        lines.append(f"  critic        : {state.critic or '(off)'}")
     if state.task_type == "implementation":
         lines.append(f"  approved-plan : {state.approved_plan_path}")
     if state.clarification_response_path:
@@ -2288,6 +2356,7 @@ def _cli(argv: list[str]) -> int:
     p_init.add_argument("--workspace-root", required=True)
     p_init.add_argument("--project-root", required=True)
     p_init.add_argument("--project-id", required=True)
+    p_init.add_argument("--critic", default="")
 
     p_step = sub.add_parser("step")
     p_step.add_argument("--state-file", required=True)
@@ -2313,6 +2382,8 @@ def _cli(argv: list[str]) -> int:
             project_root=args.project_root,
             project_id=args.project_id,
         )
+        if args.critic:
+            state.critic = args.critic
         save_state_file(state_path, state)
         first = next_prompt(state)
         print(json.dumps({"ok": True, "next": first.to_json()},

package/runtime/skills/okstra-convergence/SKILL.md

@@ -17,8 +17,11 @@ user-invocable: false
   - [Round 1-N: Re-verification Loop (queue-pruned)](#round-1-n-re-verification-loop-queue-pruned)
   - [Convergence Test](#convergence-test)
 - [Verification Mode](#verification-mode)
+- [Adversarial Verification Mode](#adversarial-verification-mode)
 - [Re-verification Agent Dispatch](#re-verification-agent-dispatch)
 - [Convergence State Artifact](#convergence-state-artifact)
+- [Coverage critic pass](#coverage-critic-pass)
+- [Acceptance critic pass (final-verification)](#acceptance-critic-pass-final-verification)
 - [Output](#output)
 - [Convergence Disabled](#convergence-disabled)
 - [Plan-body verification mode (implementation-planning only)](#plan-body-verification-mode-implementation-planning-only)
@@ -46,7 +49,7 @@ Configure this in the `convergence` block of `task-manifest.json`. If the block
 | `enabled` | `true` | If `false`, skip the convergence loop and use the existing consensus/divergence method |
 | `maxRounds` | phase-aware: `1` for `requirements-discovery`, `2` otherwise (range 1–3) | Maximum number of re-verification rounds. Discovery's routing/missing-input outputs gain little from a second round; other phases (especially `error-analysis`) keep `2`. Lead resolves the effective value when the manifest omits the key and records it in `config.maxRounds` of the convergence state artifact. |
 | `verificationMode` | `"lightweight"` | `"lightweight"` or `"full-reanalysis"` |
-| `adversarial` | phase-aware: `true` for `requirements-discovery` / `error-analysis`, `false` otherwise | When `true`, Phase 5.5 runs in **adversarial mode** (see §"Adversarial Verification Mode"): verifiers actively try to refute each finding, the burden of proof sits on the claim, and `verificationMode` is forced to `"full-reanalysis"` scoped to the finding's cited evidence. Resolved by `scripts/okstra_ctl/render.py` `_build_convergence_block` and recorded in `config.adversarial` of the convergence state artifact. |
+| `adversarial` | phase-aware: `true` for `requirements-discovery` / `error-analysis` / `implementation-planning`, `false` otherwise | When `true`, Phase 5.5 runs in **adversarial mode** (see §"Adversarial Verification Mode"): verifiers actively try to refute each finding, the burden of proof sits on the claim, and `verificationMode` is forced to `"full-reanalysis"` scoped to the finding's cited evidence. Resolved by `scripts/okstra_ctl/render.py` `_build_convergence_block` and recorded in `config.adversarial` of the convergence state artifact. |
 
 **Auto-disable rule (BLOCKING).** Convergence requires ≥2 analyser workers to produce a meaningful consensus tally. When the active profile's `Required workers:` block (see `prompts/profiles/*.md`) resolves to fewer than 2 analyser workers — e.g. `release-handoff` (zero analyser workers, lead-only) — the lead MUST treat `convergence.enabled` as `false` for that run regardless of manifest configuration, skip Phases 5.5 and the plan-body verification round, and record `finalState: "converged"` with `totalRounds: 0` and an explanatory note in `config` (e.g. `"autoDisabled": "fewer-than-two-analysers"`). The plan-body round inherits the same rule via its `gating=false` advisory path.
 
@@ -195,13 +198,13 @@ Disadvantages: 2–3 times the cost, increased time
 
 ## Adversarial Verification Mode
 
-Active only when `config.adversarial == true` (default for `requirements-discovery` and `error-analysis`; see §"Configuration"). When `false`, every rule in this section is inert and the collaborative behaviour documented elsewhere in this skill applies unchanged.
+Active only when `config.adversarial == true` (default for `requirements-discovery`, `error-analysis`, and `implementation-planning`; see §"Configuration"). When `false`, every rule in this section is inert and the collaborative behaviour documented elsewhere in this skill applies unchanged.
 
 In adversarial mode the verifier's job inverts: instead of confirming a peer's finding, the verifier **tries to break it**, and the burden of proof sits on the claim — a finding survives only if refutation attempts fail.
 
 ### Scoped full-reanalysis (BLOCKING)
 
-Adversarial mode forces `verificationMode = "full-reanalysis"`, but the re-analysis is **scoped to the evidence the finding under attack cites** (the file paths / line ranges / log lines in its `originEvidence`), plus the immediately surrounding context. The verifier MUST NOT re-read the whole task brief, instruction-set, or `final-report-template.md`. This keeps the documented "single largest avoidable cost in requirements-discovery and error-analysis" (see §"Reverify prompt: required-reading suppression") bounded while making the refutation real rather than a text-only argument.
+Adversarial mode forces `verificationMode = "full-reanalysis"`, but the re-analysis is **scoped to the evidence the finding under attack cites** (the file paths / line ranges / log lines in its `originEvidence`), plus the immediately surrounding context. The verifier MUST NOT re-read the whole task brief, instruction-set, or `final-report-template.md`. This keeps the documented "single largest avoidable cost in requirements-discovery, error-analysis, and implementation-planning" (see §"Reverify prompt: required-reading suppression") bounded while making the refutation real rather than a text-only argument.
 
 ### Adversarial verdict semantics
 
@@ -299,7 +302,7 @@ Reverify prompts MUST NOT inject the Phase 2 `[Required reading]` clause:
 - **Lightweight mode**: the clause directly contradicts the "Do NOT re-analyze the original source materials" instruction below. Including it forces workers to re-read the entire instruction-set per round per worker (3 workers × 2 rounds × 5+ files in the worst case) for no quality gain.
 - **Full-reanalysis mode**: workers DO need to re-read source materials, but only the analysis-worker file list (no `final-report-template.md`). If lead chooses to inject a reading clause here, it MUST mirror the audience-scoped enumeration in [okstra/SKILL.md](../../SKILL.md) Phase 2 (no template).
 
-This is the single largest avoidable cost in `requirements-discovery` and `error-analysis` runs. Treat as BLOCKING.
+This is the single largest avoidable cost in `requirements-discovery`, `error-analysis`, and `implementation-planning` runs. Treat as BLOCKING.
 
 ### Lightweight Re-verification Prompt
 
@@ -493,7 +496,7 @@ Save it to `runs/<task-type>/state/convergence-<task-type>-<seq>.json`.
 Schema rules:
 
 - `schemaVersion`: literal string `"1.2"` for all new runs — both adversarial and collaborative. v1.2 adds `config.adversarial` and `votes.<worker>.disagreeBasis`, written as `false` / `null` respectively on collaborative runs. Readers MUST accept `"1.0"` / `"1.1"` / `"1.2"` for historical artifacts and treat any missing field as `null`.
-- `config.adversarial`: boolean. `true` when this run used adversarial verification (default for `requirements-discovery` / `error-analysis`). When `true`, `config.verificationMode` is `"full-reanalysis"` (scoped) and every `disagree` vote carries a non-null `disagreeBasis`.
+- `config.adversarial`: boolean. `true` when this run used adversarial verification (default for `requirements-discovery` / `error-analysis` / `implementation-planning`). When `true`, `config.verificationMode` is `"full-reanalysis"` (scoped) and every `disagree` vote carries a non-null `disagreeBasis`.
 - `config.effectiveMaxRounds`: the integer the lead actually used after resolving the phase-aware default (`1` for `requirements-discovery`, `2` otherwise). MUST equal `config.maxRounds` when the manifest explicitly set it.
 - `findings[].ticketIds`: array of ticket keys from Phase 4 grouping (parsed per the Round 0 step 5 rule). MAY be empty when the discovering worker tagged the finding `unknown`.
 - `findings[].rounds[].votes.<worker>.verdict`: enum, one of `agree | disagree | supplement | verification-error`. Lower-case tokens; map upper-case AGREE/DISAGREE/SUPPLEMENT verdicts emitted by workers to their lower-case form before persisting. `verification-error` is reserved for terminal non-result dispatches (§"Worker failure handling in reverify").
@@ -509,6 +512,66 @@ Schema rules:
 - `finalState ∈ {converged, max-rounds-reached, aborted-non-result}`. Assigned by the lead at WHILE-loop exit: `converged` when the queue is empty at the end of any round; `max-rounds-reached` when the loop exits because `roundIndex == effectiveMaxRounds` with the queue still non-empty; `aborted-non-result` when the loop exits via the Worker-failure BREAK (per the "Worker failure handling in reverify" section, rule 4). `aborted-non-result` is the new v1.1 value.
 - `totalRounds`: count of rounds actually executed (not `effectiveMaxRounds`). May be `0` when Round 0 produced no queue items (all findings reached consensus during grouping).
 
+## Coverage critic pass
+
+Runs only when `convergence.critic.enabled == true` (set by `--critic <provider>` or the okstra-run `critic_pick` step; default off). Applies to the three finding-producing phases (`requirements-discovery`, `error-analysis`, `implementation-planning`); for `final-verification` the critic runs in a different mode — see §"Acceptance critic pass (final-verification)". This pass targets **coverage** (missed findings), distinct from convergence which targets **agreement quality**.
+
+### When
+After Phase 5.5 finding convergence completes (findings classified) and BEFORE the Phase 6 report-writer dispatch.
+
+### Dispatch (reused worker)
+Dispatch ONE pass to the `config.critic.provider`'s existing subagent (`claude-worker` / `codex-worker` / `gemini-worker`) with `model = config.critic.modelExecutionValue` — no new agent type. If `config.critic.modelExecutionValue` is null/empty (model could not be resolved), skip the critic pass and record `critic-skipped: model-unresolved` in the convergence state rather than dispatching with no model. Result path: `runs/<task-type>/worker-results/<provider>-critic-<task-type>-<seq>.md`. The critic prompt seeds the consolidated findings and asks ONLY for coverage gaps:
+
+```
+You are the coverage critic for <task-key>. Below are the findings the workers
+already agreed on. Your ONLY job is to name what is MISSING:
+- files / directories / execution paths nobody inspected,
+- requirements or acceptance points with zero findings,
+- claims raised but never verified.
+For each gap, emit a NEW finding with evidence (file:line or the requirement quote).
+Do NOT restate an existing finding. If nothing is missing, say so explicitly.
+```
+
+### Gap verification (1 adversarial reverify round)
+Each critic gap enters the verification queue as a finding with `originWorker = "<provider>-critic"` and `source = "critic"`. The lead runs ONE adversarial reverify round (§"Adversarial Verification Mode" classifier) with the Phase 4 analysers (excluding the critic itself) as voters. Only gaps classified `full-consensus` / `partial-consensus` merge into the final report findings; `contested` / `worker-unique` gaps are treated as hallucinations and dropped (recorded in the convergence state, not promoted). If no non-critic analyser is available to vote, the gaps are surfaced as unverified `clarification` items rather than merged, and that fact is recorded.
+
+### State
+- `convergence.critic` manifest block: `{ enabled, provider, modelExecutionValue }`.
+- Convergence state artifact: critic gaps appear in `findings[]` with `source: "critic"`. Add a `config.critic` summary `{ provider, modelExecutionValue, gapsProposed, gapsMerged }`. `source` and `config.critic` are optional v1.2 fields (readers treat absence as null); no enum changes.
+
+## Acceptance critic pass (final-verification)
+
+The `final-verification` phase reuses the SAME reused-worker dispatch as §"Coverage critic pass" (provider + `config.critic.modelExecutionValue` from the `convergence.critic` block; default off; same model-unresolved skip rule). Only the prompt, the verification semantics, and the output sink differ — final-verification's findings are defects/blockers, so the critic acts as an **acceptance devil's advocate** (find reasons NOT to accept), and its candidate blockers are NEVER dropped (that would suppress real defects).
+
+### Prompt
+
+```
+You are the acceptance devil's advocate for <task-key>. The delivered work is about
+to be judged for acceptance. Your ONLY job is to find reasons it should NOT be
+accepted — surface candidate acceptance BLOCKERS the verifiers may have missed:
+- requirements / acceptance points with no covering evidence,
+- DB / IO / SQL changes lacking real-execution evidence,
+- regressions or broken error paths,
+- scope / contract violations.
+For each, emit a candidate blocker with a one-line statement, evidence (file:line /
+log / test output), and a severity (critical / major / minor). Do NOT restate an
+existing Acceptance Blocker. If you find none, say so explicitly.
+```
+
+### Verification — confirm-or-downgrade (BLOCKING)
+
+Each candidate blocker is verified by the Phase 4 analysers (excluding the critic). Do NOT use the adversarial finding classifier's "uncertain → reject" rule here.
+- **Confirmed** (an analyser reproduces it or cites supporting evidence) → promote to a `## 4 Acceptance Blockers` row (keep severity + recommended follow-up phase).
+- **Not confirmed** (cannot reproduce, or evidence is weak) → **downgrade to a Residual Risk row — never drop it.** Record the escalation trigger so the user can re-judge a high-severity-but-unconfirmed candidate.
+
+### Verdict impact
+
+Promoted blockers enter `## 4 Acceptance Blockers`; since `accepted` requires zero blockers, the verdict moves to `conditional-accept` / `blocked` automatically. The existing verdict↔blocker consistency validator (`validators/validate-run.py` `_validate_final_verification_consistency`) enforces this unchanged — no new enum or validator.
+
+### State
+
+Critic output lives at `runs/final-verification/worker-results/<provider>-critic-final-verification-<seq>.md`. The convergence state `config.critic` summary (see §"Coverage critic pass") records `mode: "acceptance-devils-advocate"`, `candidatesProposed`, `confirmedBlockers`, `downgradedToResidual` (optional v1.2 fields; readers treat absence as null).
+
 ## Output
 
 Information to be passed to Phase 6 after executing this skill:
@@ -600,6 +663,16 @@ Worker non-result handling (`timeout`, `error`, no result file, wrapper `cli-fai
 
 Plan-body verification only supports **lightweight mode** (defined in §"Verification Mode" above). `full-reanalysis` is not meaningful here because the "original source materials" for a plan item are the worker's own analysis plus the lead-mediated synthesis — there is no independent ground truth to re-read. The manifest's top-level `verificationMode` is ignored for this round; lightweight is always used.
 
+### Adversarial plan-body posture
+
+When `config.adversarial == true` (the default for `implementation-planning`; see the top-level §"Configuration" table), the plan-body round runs with an **adversarial posture**. The classification rules and gate arithmetic in §"Round protocol" are UNCHANGED — `majority-disagree` (a *majority* of analysers DISAGREE) remains the only classification that blocks the Approval marker, and `dissent-isolated` still passes the gate. Adversarial mode changes only *how each verifier evaluates an item*:
+
+- The burden of proof sits on the plan: an item earns `AGREE` only if the verifier actively tried to break it and could not.
+- The verifier MUST open the file paths / symbols / commands the item cites and confirm they exist and are executable as written. This is the one allowed widening of the lightweight "judge from internal consistency and stated commands / paths" rule — confirming the existence of cited paths is not "re-analyzing the original requirements".
+- If a cited path / command / validation signal cannot be confirmed, the verifier responds `DISAGREE(<kind>)` with the applicable breakage kind (a–e); uncertainty resolves toward DISAGREE, not AGREE.
+
+Plan-body verification stays **lightweight** even under this posture — the `verificationMode = "full-reanalysis"` forcing in §"Adversarial Verification Mode" applies to finding convergence only (see §"Mode constraint"); the adversarial posture here only changes verifier behaviour, not the mode. This raises verification *quality* (active refutation, plan-side burden) without changing the gate *threshold* — a single dissent still does not block approval; a majority is required (deliberate design decision).
+
 ### Round protocol (single round at default `maxRounds=1`)
 
 1. Lead parses the report-writer draft and extracts the `P-*` plan items.
@@ -719,6 +792,8 @@ or worker analyses for this round.
 ...
 ```
 
+When `config.adversarial == true`, the lead prepends the adversarial framing from §"Adversarial plan-body posture" to the `## Instructions` block: the burden of proof is on the plan, the verifier opens and confirms every cited path / command, and an item whose cited references cannot be confirmed is answered `DISAGREE(<kind>)` rather than `AGREE`. The verdict tokens, breakage kinds (a–e), classification, and the majority gate threshold are unchanged. This prepended framing supersedes the template's "Judge solely from plan internal consistency" instruction for the adversarial round.
+
 The "Reverify prompt: required-reading suppression (BLOCKING)" rule (lightweight mode does NOT inject a `[Required reading]` clause) applies here as well.
 
 ### Worker non-result handling in plan-body round (BLOCKING)

package/runtime/skills/okstra-run/SKILL.md

@@ -160,6 +160,7 @@ okstra render-bundle \
   --task-type    "<args.task-type>" \
   --task-brief   "<args.task-brief>" \
   --executor     "<args.executor>" \
+  --critic       "<args.critic>" \
   --approved-plan "<args.approved-plan>" \
   --stage        "<args.stage>" \
   --base-ref     "<args.base-ref>" \