omniconductor 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (118) hide show
  1. package/CHANGELOG.md +64 -0
  2. package/LICENSE +219 -0
  3. package/NOTICE +11 -0
  4. package/README.md +526 -0
  5. package/THIRD_PARTY_NOTICES.md +31 -0
  6. package/TRADEMARKS.md +26 -0
  7. package/VISION.md +106 -0
  8. package/adapters/README.md +121 -0
  9. package/adapters/claude/README.md +102 -0
  10. package/adapters/claude/SUPPORTED-FEATURES.md +66 -0
  11. package/adapters/claude/hookify-templates/.recipe-scoped +9 -0
  12. package/adapters/claude/hookify-templates/README.md +93 -0
  13. package/adapters/claude/hookify-templates/block-completion-claim-without-push.local.md.template +56 -0
  14. package/adapters/claude/hookify-templates/block-direct-push-protected-branch.local.md.template +18 -0
  15. package/adapters/claude/hookify-templates/block-force-push-protected-branch.local.md.template +42 -0
  16. package/adapters/claude/hookify-templates/block-server-secret-in-client.local.md.template +36 -0
  17. package/adapters/claude/hookify-templates/warn-any-type-added.local.md.template +44 -0
  18. package/adapters/claude/hookify-templates/warn-commit-without-pre-commit-review.local.md.template +52 -0
  19. package/adapters/claude/hookify-templates/warn-console-direct.local.md.template +55 -0
  20. package/adapters/claude/hookify-templates/warn-create-table-without-access-control.local.md.template +35 -0
  21. package/adapters/claude/hookify-templates/warn-current-work-without-remaining-tasks.local.md.template +36 -0
  22. package/adapters/claude/hookify-templates/warn-gh-pr-create-without-pre-merge-review.local.md.template +38 -0
  23. package/adapters/claude/hookify-templates/warn-hardcoded-text-without-i18n-key.local.md.template +21 -0
  24. package/adapters/claude/hookify-templates/warn-on-gh-pr-merge.local.md.template +33 -0
  25. package/adapters/claude/hookify-templates/warn-plan-spec-without-remaining-tasks.local.md.template +44 -0
  26. package/adapters/claude/hookify-templates/warn-raw-hex-instead-of-token.local.md.template +21 -0
  27. package/adapters/claude/hookify-templates/warn-security-definer-without-search-path.local.md.template +30 -0
  28. package/adapters/claude/hookify-templates/warn-stop-commit-without-current-work.local.md.template +47 -0
  29. package/adapters/claude/hookify-templates/warn-user-manual-completion.local.md.template +40 -0
  30. package/adapters/claude/transform-spec.md +140 -0
  31. package/adapters/claude/transform.sh +1169 -0
  32. package/adapters/codex/README.md +87 -0
  33. package/adapters/codex/SUPPORTED-FEATURES.md +66 -0
  34. package/adapters/codex/transform-spec.md +90 -0
  35. package/adapters/codex/transform.sh +748 -0
  36. package/adapters/copilot/README.md +88 -0
  37. package/adapters/copilot/SUPPORTED-FEATURES.md +73 -0
  38. package/adapters/copilot/transform-spec.md +111 -0
  39. package/adapters/copilot/transform.sh +757 -0
  40. package/adapters/cursor/README.md +87 -0
  41. package/adapters/cursor/SUPPORTED-FEATURES.md +90 -0
  42. package/adapters/cursor/transform-spec.md +124 -0
  43. package/adapters/cursor/transform.sh +731 -0
  44. package/adapters/gemini/README.md +93 -0
  45. package/adapters/gemini/SUPPORTED-FEATURES.md +80 -0
  46. package/adapters/gemini/transform-spec.md +102 -0
  47. package/adapters/gemini/transform.sh +844 -0
  48. package/adapters/windsurf/README.md +93 -0
  49. package/adapters/windsurf/SUPPORTED-FEATURES.md +67 -0
  50. package/adapters/windsurf/transform-spec.md +99 -0
  51. package/adapters/windsurf/transform.sh +727 -0
  52. package/bin/omniconductor.js +130 -0
  53. package/core/README.md +64 -0
  54. package/core/anti-patterns/README.md +142 -0
  55. package/core/anti-patterns/dynamic-system-prompt.md +113 -0
  56. package/core/anti-patterns/frequent-rule-file-edit.md +83 -0
  57. package/core/anti-patterns/large-file-read-no-range.md +90 -0
  58. package/core/anti-patterns/no-sub-agent-dispatch.md +89 -0
  59. package/core/anti-patterns/single-monolithic-rule-file.md +99 -0
  60. package/core/anti-patterns/skill-eager-load.md +83 -0
  61. package/core/anti-patterns/tool-call-spam.md +93 -0
  62. package/core/docs-templates/CURRENT_WORK.md +64 -0
  63. package/core/docs-templates/INDEX.md +57 -0
  64. package/core/docs-templates/PLANS.md +44 -0
  65. package/core/docs-templates/README.md +40 -0
  66. package/core/docs-templates/REMAINING_TASKS.md +43 -0
  67. package/core/docs-templates/TASKS.md +51 -0
  68. package/core/docs-templates/specs/_example.md +121 -0
  69. package/core/hooks/README.md +62 -0
  70. package/core/hooks/pretool-agent-routing.sh.template +97 -0
  71. package/core/hooks/pretool-commit-current-work-check.sh.template +103 -0
  72. package/core/hooks/pretool-commit-test-coverage-check.sh.template +116 -0
  73. package/core/hooks/pretool-large-file-read-guard.sh.template +117 -0
  74. package/core/hooks/stop-cache-hit-baseline-check.sh.template +133 -0
  75. package/core/hooks/stop-r6-review-check.sh.template +80 -0
  76. package/core/hooks/stop-session-log-check.sh.template +101 -0
  77. package/core/hooks/stop-trajectory-log.sh.template +96 -0
  78. package/core/memory-pattern/EXAMPLES.md +114 -0
  79. package/core/memory-pattern/README.md +133 -0
  80. package/core/recipes/README.md +46 -0
  81. package/core/recipes/auto-mock-data.md +82 -0
  82. package/core/recipes/branch-strategy.md +100 -0
  83. package/core/recipes/coding-conventions.md +123 -0
  84. package/core/recipes/database-discipline.md +65 -0
  85. package/core/recipes/debugging.md +143 -0
  86. package/core/recipes/design-system.md +30 -0
  87. package/core/recipes/i18n.md +118 -0
  88. package/core/recipes/monorepo.md +101 -0
  89. package/core/recipes/self-improvement.md +61 -0
  90. package/core/recipes/tdd.md +128 -0
  91. package/core/recipes/web-mobile-parity.md +87 -0
  92. package/core/reflector/SCHEDULING.md +83 -0
  93. package/core/reflector/prune-lessons.sh +105 -0
  94. package/core/reflector/reflect-brief.md +11 -0
  95. package/core/reflector/reflect.command.md +13 -0
  96. package/core/reflector/run-weekly.sh +54 -0
  97. package/core/reflector/trajectory-log.sh +55 -0
  98. package/core/roles/README.md +61 -0
  99. package/core/roles/builder.md +75 -0
  100. package/core/roles/designer.md +93 -0
  101. package/core/roles/helper.md +70 -0
  102. package/core/roles/planner.md +123 -0
  103. package/core/roles/reflector.md +72 -0
  104. package/core/roles/reviewer.md +104 -0
  105. package/core/roles/scribe.md +89 -0
  106. package/core/universal-rules/README.md +71 -0
  107. package/core/universal-rules/meta-discipline.md +292 -0
  108. package/core/universal-rules/operations.md +162 -0
  109. package/core/universal-rules/quality-gates.md +191 -0
  110. package/core/universal-rules/spec-as-you-go.md +123 -0
  111. package/core/universal-rules/workflow.md +153 -0
  112. package/core/workflow/PHASES.md +134 -0
  113. package/core/workflow/README.md +56 -0
  114. package/docs/MANUAL-INSTALL.md +456 -0
  115. package/package.json +52 -0
  116. package/tools/check-framework-purity.sh +91 -0
  117. package/tools/measure-tokens.sh +169 -0
  118. package/tools/validate-adapter-output.sh +611 -0
@@ -0,0 +1,292 @@
1
+ ---
2
+ rule_id: meta-discipline
3
+ rule_name: "Originality, ambiguity handling, never-skip, token economy, model routing"
4
+ severity: ABSOLUTE
5
+ applies_to: ["all-tools"]
6
+ violation_count: 8+
7
+ enforcement:
8
+ - hook: pretool-agent-routing
9
+ - llm-self-discipline
10
+ linked_rules:
11
+ - workflow
12
+ - quality-gates
13
+ - operations
14
+ ---
15
+
16
+ # Meta-Discipline — How CONDUCTOR Stays CONDUCTOR
17
+
18
+ > Bundles M1 (framework originality), M2 (token economy reference), M3 (model routing reference), M5 (ABSOLUTE rules never skip — cross-link), and the ambiguity policy (ACT-WITH-DECLARATION default + AMB-1..7 triggers).
19
+
20
+ ## 1. Process Over Speed (W5 cross-link)
21
+
22
+ User shortcut phrases never grant permission to skip workflow steps. See `workflow.md` section 4 for the full rule. This file restates it because process-over-speed is the meta-rule that protects every other rule.
23
+
24
+ ---
25
+
26
+ ## 2. Framework Originality (M1)
27
+
28
+ CONDUCTOR core assets MUST NOT borrow names, terminology, or structural conventions from other agent frameworks. The originating project records this as an explicit ABSOLUTE rule:
29
+
30
+ > "Looks similar in concept" is fine. "Took mine" is not.
31
+
32
+ In practice, this means:
33
+
34
+ - Do NOT use external framework names (the names of competing or inspirational multi-agent / agent-CLI frameworks) anywhere in `core/`, `roles/`, `recipes/`, or `hooks/`.
35
+ - Do NOT copy directory structures from external frameworks (e.g., a `crews/` folder borrowed from a known framework).
36
+ - Do NOT use external framework's role vocabulary verbatim (e.g., specific agent role names that are trademarked patterns of other tools).
37
+ - DO compare and reference external frameworks in design documents (`docs/`) where the comparison is the point — but those references stay out of universal rule bodies.
38
+
39
+ ### 2.1 Why
40
+
41
+ The user's framework is their craft. Borrowing names dilutes provenance and creates licensing / attribution ambiguity. CONDUCTOR pays in invented terminology so adopters get a clean, self-contained vocabulary.
42
+
43
+ ### 2.2 CONDUCTOR's own vocabulary (use these)
44
+
45
+ - **orchestrator** — the user-facing leader thread.
46
+ - **role** — a specialized sub-task profile (planner / builder / reviewer / helper / designer / scribe).
47
+ - **dispatch** — the act of delegating a task to a role.
48
+ - **dispatch brief** — the ≤2K-token instruction object passed at dispatch.
49
+ - **stop condition** — explicit done-criteria for a dispatched task.
50
+ - **flat-with-leader** — orchestration topology where roles never dispatch each other; only the orchestrator dispatches.
51
+ - **Single-Agent Mode** — fallback for tools without native sub-agent support; orchestrator + helper collapse into one thread.
52
+ - **AMB triggers** — the 7-item ambiguity catalog that forces ASK behavior.
53
+ - **ACT-WITH-DECLARATION** — proceed-with-best-guess + surface the assumption.
54
+ - **universal rule** vs **recipe** — universal rules apply to every adopter; recipes are opt-in.
55
+
56
+ ### 2.3 Verification
57
+
58
+ Originality is verified by grep at every CONDUCTOR commit:
59
+
60
+ ```bash
61
+ # Run from conductor repo root.
62
+ # Should return zero matches inside core/, roles/, recipes/, hooks/.
63
+ grep -RIE 'MetaGPT|AutoGen|CrewAI|LangGraph|ChatDev|Aider|Cursor|Continue|Cline|SWE-agent' core/ roles/ recipes/ hooks/
64
+ ```
65
+
66
+ References to these names live ONLY in the CONDUCTOR repo's `docs/CONDUCTOR-V0.2-DESIGN.md` and `docs/DESIGN-DECISIONS.md` where comparison is the point.
67
+
68
+ ---
69
+
70
+ ## 3. Ambiguity Handling — ACT-WITH-DECLARATION default + AMB triggers force ASK
71
+
72
+ ### 3.1 Default behavior
73
+
74
+ Unless an AMB trigger fires, the orchestrator proceeds with best-guess interpretation AND surfaces the assumption in the response prefix:
75
+
76
+ ```
77
+ Assumption: I'm interpreting "footer cleanup" as web only (<web-app>/...).
78
+ Plan: ...
79
+ ```
80
+
81
+ This format gives the user a one-glance catch — they can correct in a single follow-up turn before any cost is sunk.
82
+
83
+ ### 3.2 AMB triggers — when to switch to ASK
84
+
85
+ If ANY of the following fire, the orchestrator MUST switch from ACT-WITH-DECLARATION to ASK:
86
+
87
+ | Trigger ID | Pattern | Example | Required action |
88
+ |---|---|---|---|
89
+ | AMB-1 | Deictic references — "this", "like before", "similar to that one" | "this needs to be cleaner" | ASK + present 3 candidate referents as multiple-choice |
90
+ | AMB-2 | Unspecified scope — single vs all, web vs mobile, dev vs prod | "fix the footer" | ASK + (web only / mobile only / both) |
91
+ | AMB-3 | External system invocation that is non-trivially reversible | DB migration, payment ops, mass email | ASK once: "dev only / prod only / both?" |
92
+ | AMB-4 | Merge or push to a protected branch | `gh pr merge`, `git push origin main` | ASK + explicit confirmation required |
93
+ | AMB-5 | Design decisions (color, layout, copy tone) | "make this button more modern" | ASK + 2-3 visual / copy alternatives |
94
+ | AMB-6 | Library or dependency addition | "add an image cropper" | ASK + 3 candidates + trade-off table |
95
+ | AMB-7 | User manual action required (env vars, dashboard config) | "you need to set up the webhook" | ASK + numbered steps + wait for user confirmation |
96
+
97
+ ### 3.3 ASK template (multiple-choice)
98
+
99
+ When ASK fires, the orchestrator uses this template — NOT open-ended questions:
100
+
101
+ ```markdown
102
+ **Situation**: <one-sentence ambiguity summary>
103
+
104
+ **Option A**: <action A> — Trade-off: <pros / cons>
105
+ **Option B**: <action B> — Trade-off: <pros / cons>
106
+ **Option C**: <action C> — Trade-off: <pros / cons>
107
+ **Other**: free-form one-line response if A/B/C don't fit
108
+
109
+ **Recommended default**: <A | B | C> — reason: <one-line>
110
+ ```
111
+
112
+ ### 3.4 Why multiple-choice
113
+
114
+ - User cognitive load drops: 5-second decision vs 30+-second free response.
115
+ - Trade-offs are pre-analyzed, raising decision quality.
116
+ - Fewer follow-up turns (the orchestrator already considered the obvious alternatives).
117
+
118
+ ### 3.5 The "verify before recommending" sub-rule
119
+
120
+ When ASK fires for AMB-6 (dependency) or AMB-5 (design), the orchestrator MUST verify each candidate before recommending:
121
+
122
+ - Library candidates: confirm name + maintenance status + license.
123
+ - Design candidates: render or describe each visually.
124
+
125
+ A recommendation without verification = an opinion, not a recommendation. Mark it as such if you can't verify.
126
+
127
+ ---
128
+
129
+ ## 4. ABSOLUTE Rules Never Skip (W6 cross-link)
130
+
131
+ No user instruction grants exemption from rules marked `severity: ABSOLUTE`. See `workflow.md` section 5 for the full rule. The orchestrator that catches itself about to skip MUST surface the violation explicitly (R5 surface obligation).
132
+
133
+ This rule is restated here because meta-discipline is the file most adopters read first when porting CONDUCTOR to a new tool — and ABSOLUTE-never-skip is the single most-violated rule in production history.
134
+
135
+ ---
136
+
137
+ ## 5. Token Economy (M2)
138
+
139
+ > Goal: minimize wasted context. Applies to orchestrator and every role.
140
+
141
+ ### 5.1 Read discipline (large files)
142
+
143
+ - **Check size first** before opening. Use `wc -l` or grep with line numbers.
144
+ - **Prefer Grep over Read** for symbol lookup. Use `-A` / `-B` context. Read only when 50+ contiguous lines are needed.
145
+ - **Range reads (offset / limit) are mandatory** for files > 200 lines. Default `limit: 100`; expand only if proven necessary.
146
+ - **Never `cat` a whole rules file or large spec.** Grep for the section first, then range-read.
147
+
148
+ ### 5.2 Hidden injection awareness
149
+
150
+ Some tools auto-inject skill / library docs when certain file paths are touched. These injections add hidden tokens (often 200-600 per Read). Be deliberate:
151
+
152
+ - Skip auto-inject when Grep is sufficient.
153
+ - When a Read is unavoidable, batch related Reads in a single response so cache reuses the prefix.
154
+
155
+ ### 5.3 Sub-agent dispatch discipline
156
+
157
+ - Cap dispatch briefs at ~2K tokens. Reference files by path; do not paste content.
158
+ - Tell the dispatched role the EXACT files to read. Don't make the role grep blindly.
159
+ - Specify background execution for any task expected to take > 2 minutes wall-clock.
160
+
161
+ ### 5.4 Cache-friendly prompt order (Claude adapter)
162
+
163
+ When prompt caching is available (Claude / Anthropic SDK):
164
+
165
+ ```
166
+ [Cache prefix — low-frequency change]
167
+ 1. Universal rules (5 bundles)
168
+ 2. Project CLAUDE.md
169
+ 3. Selected recipes
170
+
171
+ [cache_control: { type: "ephemeral" } boundary]
172
+
173
+ [Per-turn — high-frequency change]
174
+ 4. Recent turn history
175
+ 5. Tool results
176
+ 6. User's new message
177
+ ```
178
+
179
+ Full guide: the CONDUCTOR repo's `docs/PROMPT-CACHING-GUIDE.md` (not installed into your project).
180
+
181
+ ### 5.5 Tool description compression
182
+
183
+ When > 30 tools are loaded, the description footprint becomes a measurable cost. Use deferred / lazy-loaded tool patterns where supported.
184
+
185
+ ### 5.6 Touched-file rule scoping
186
+
187
+ Use `paths:` (Claude) / `globs:` (Cursor) / `applyTo:` (Copilot) to scope rule files to the source areas they govern. A rule that fires only when a relevant file is touched is cheaper than a rule loaded into every turn.
188
+
189
+ ### 5.7 Auto-compact threshold
190
+
191
+ When the conversation context approaches the model's window cap, summarize older turns into a compact note and free the budget. Some tools auto-compact at ~80%; others rely on the orchestrator to trigger it.
192
+
193
+ ### 5.8 .ignorefile maintenance
194
+
195
+ Each tool has its own ignore file (`.claudeignore`, `.cursorignore`, `.aiderignore`, etc.). Keep these in sync — they prevent expensive accidental Reads of build outputs, large lockfiles, or vendored code.
196
+
197
+ ---
198
+
199
+ ## 6. Model Routing (M3)
200
+
201
+ The orchestrator classifies every task and selects model tier explicitly. The user does NOT specify the model per request — that responsibility belongs to the orchestrator.
202
+
203
+ ### 6.1 Tier 1 — Conceptual / complex (Opus-tier)
204
+
205
+ Trigger if any of:
206
+
207
+ - Design concept change ("revamp X", "new pattern", palette swap).
208
+ - Architecture redesign or primitive redesign.
209
+ - Multi-file migration (5+ files, cross-cutting).
210
+ - Cross-platform parity work (web ↔ mobile, desktop ↔ web, etc.).
211
+ - Multi-surface root-cause hunt.
212
+ - System-level decision (data model, auth flow, billing logic).
213
+ - Anti-pattern audit + refactor.
214
+ - Documentation work that synthesizes multiple concerns.
215
+
216
+ ### 6.2 Tier 2 — Routine (Sonnet-tier, default for most work)
217
+
218
+ - Single-file or single-component tweak.
219
+ - New page using established shell.
220
+ - Icon / copy / translation swap.
221
+ - Minor responsive / padding fix.
222
+ - Simple CRUD following established service-layer pattern.
223
+ - Spec text update.
224
+ - Translation key propagation across N locales (pattern established).
225
+
226
+ ### 6.3 Tier 3 — Trivial (Haiku-tier)
227
+
228
+ - Read a file, return a specific value.
229
+ - Rename a variable in 1 file.
230
+ - Trivial text edits.
231
+
232
+ ### 6.4 Override rule of thumb
233
+
234
+ > When in doubt, **upgrade one tier**. Cost difference is modest; risk of Sonnet misinterpreting conceptual work is large.
235
+
236
+ ### 6.5 Surface the choice
237
+
238
+ When ambiguous, the orchestrator surfaces its model choice in the dispatch announcement:
239
+
240
+ > "Dispatching to `builder` (Opus) — multi-file refactor across 5 components."
241
+
242
+ This gives the user a chance to override before tokens are spent.
243
+
244
+ ### 6.6 Per-tool applicability
245
+
246
+ | Tool | Model routing applies? |
247
+ |---|---|
248
+ | Claude Code | Yes (Agent tool's `model` parameter; PreToolUse hook validates explicit choice) |
249
+ | Cursor | Yes (Composer model picker — orchestrator chooses by rule) |
250
+ | Copilot | Limited (model selection is account-level, less per-task control) |
251
+ | Gemini / Codex / Windsurf | Limited (single-model context typical) |
252
+
253
+ On limited-routing tools, the orchestrator still classifies the task — even if it can't change the model — because the tier informs effort level (low / medium / high reasoning) and dispatch budget.
254
+
255
+ ---
256
+
257
+ ## 7. Orchestration Topology — Flat-with-Leader (M5)
258
+
259
+ CONDUCTOR adopts a flat-with-leader topology:
260
+
261
+ - The orchestrator (main thread) is the only user-facing leader.
262
+ - All role agents are dispatched 1:1 by the orchestrator. They do NOT call each other.
263
+ - A role agent that needs multi-step work returns intermediate results; the orchestrator decides the next dispatch.
264
+
265
+ ### 7.1 Why no nested dispatch
266
+
267
+ - Solo dev mental model: one leader, several helpers.
268
+ - Nested dispatch causes context to accumulate at every layer → token blow-up.
269
+ - Production experience: nested dispatch attempts surfaced bugs faster than they delivered features.
270
+
271
+ ### 7.2 Enforcement
272
+
273
+ On Claude Code, the `pretool-agent-routing` hook validates that:
274
+ - `subagent_type` is one of the registered roles (not `general-purpose`).
275
+ - `model` is explicitly set.
276
+ - The dispatcher is the orchestrator (not another role).
277
+
278
+ On other tools, the rule text serves as the constraint.
279
+
280
+ ---
281
+
282
+ ## 8. Cross-tool enforcement summary
283
+
284
+ | Discipline | Claude Code | Cursor | Copilot | Gemini | Codex | Windsurf |
285
+ |---|---|---|---|---|---|---|
286
+ | Originality grep | Pre-commit script (orchestrator's responsibility) | Same | Same | Same | Same | Same |
287
+ | AMB-1..7 trigger ASK | Rule text + LLM self-discipline | Same | Same | Same | Same | Same |
288
+ | Token-economy Read discipline | Rule text + Stop-hook reminder when wasteful patterns spike | Rule text | Rule text | Rule text | Rule text | Rule text |
289
+ | Model routing | PreToolUse hook validates explicit `model` | Composer picker manual | Account-level only | Single model | Single model | Single model |
290
+ | Flat-with-leader | PreToolUse hook validates dispatcher | Single-Agent Mode (no sub-agents) | Same | Same | Same | Same |
291
+
292
+ The honest summary: meta-discipline is enforced by rule text on every tool, with hook-based extras on Claude Code only.
@@ -0,0 +1,162 @@
1
+ ---
2
+ rule_id: operations
3
+ rule_name: "Session continuity, completed-task delete, dev/prod sync"
4
+ severity: ABSOLUTE
5
+ applies_to: ["all-tools"]
6
+ violation_count: 4+
7
+ enforcement:
8
+ - hook: stop-session-log-check
9
+ - llm-self-discipline
10
+ linked_rules:
11
+ - workflow
12
+ - spec-as-you-go
13
+ ---
14
+
15
+ # Operations — Session Continuity + Sync Hygiene
16
+
17
+ > Bundles O2 (session continuity / CURRENT_WORK first-read), O3 (completed-task delete), P3 (dev/prod sync). These rules govern how the project state is communicated across sessions and across environments.
18
+
19
+ ## 1. Session Continuity (O2)
20
+
21
+ ### 1.1 First-read on every session start
22
+
23
+ The first file the orchestrator reads on every new session is `docs/CURRENT_WORK.md`. No exceptions. Even if the user's request is unrelated to active work, CURRENT_WORK.md is read first to establish context.
24
+
25
+ ### 1.2 Why
26
+
27
+ CURRENT_WORK.md is the project's single source of "what is happening right now". Without it:
28
+ - Orchestrator duplicates work that another session already finished.
29
+ - Orchestrator pushes code that conflicts with in-progress work elsewhere.
30
+ - The user re-explains everything every session.
31
+
32
+ With it:
33
+ - New session starts with full context in ~150 lines (the file's enforced size cap).
34
+ - In-progress / blocked / done states are visible.
35
+ - Next-step is explicit.
36
+
37
+ ### 1.3 What CURRENT_WORK.md contains
38
+
39
+ Required sections (in order):
40
+
41
+ 1. **Current state** (date, phase, last commit hash, version).
42
+ 2. **Immediate next action** — what the next session should do.
43
+ 3. **In progress** — task list with owner + status + last update timestamp.
44
+ 4. **Recently completed** — last 3-5 deliverables (with commit refs). Older entries archive.
45
+ 5. **Known issues / blockers** — anything that prevents next-action.
46
+ 6. **Decision log** (optional) — recent ADR-style decisions for fast catch-up.
47
+
48
+ ### 1.4 Size cap and archive
49
+
50
+ CURRENT_WORK.md MUST stay under 200 lines (target: 150). When it exceeds 200:
51
+
52
+ - Archive the bottom half into `docs/sessions/<YYYY-MM-DD>.md`.
53
+ - Leave only the most-recent 5-10 entries in CURRENT_WORK.md.
54
+ - The session archive is a permanent reference but no longer auto-loaded.
55
+
56
+ ### 1.5 Stop-hook (Claude only)
57
+
58
+ `stop-session-log-check` (installed by the Claude adapter) blocks session-end if:
59
+
60
+ - Recent commits exist (≥ 1 in the last 30 minutes), AND
61
+ - CURRENT_WORK.md was not modified in the last 30 minutes.
62
+
63
+ The block emits a reason; orchestrator updates CURRENT_WORK.md and proceeds. On non-Claude tools, this rule's text serves as the reminder.
64
+
65
+ ---
66
+
67
+ ## 2. Completed-Task Delete (O3)
68
+
69
+ When a task in CURRENT_WORK.md, REMAINING_TASKS.md, or TASKS.md transitions to `completed`, it MUST be removed from the active list within the next session boundary.
70
+
71
+ ### 2.1 What "next session boundary" means
72
+
73
+ - If task completes mid-session: mark `completed` immediately, then DELETE before declaring the turn done.
74
+ - If task completes at session end: mark `completed`, then on the next session resume, the orchestrator deletes it as part of the first-read checklist.
75
+
76
+ ### 2.2 Why delete (not retain)
77
+
78
+ Active task lists with completed items become unreadable. The completed item history lives in:
79
+ - Git commit log (the actual durable record).
80
+ - Session archive (`docs/sessions/<date>.md`).
81
+ - "Recently completed" section of CURRENT_WORK.md (last 3-5 only).
82
+
83
+ Retaining all completed items in the active list defeats the file's purpose.
84
+
85
+ ### 2.3 Exceptions
86
+
87
+ - Completed milestones with cross-cutting impact may stay in CURRENT_WORK.md "Recently completed" for one session before archiving.
88
+ - Items that surface a new follow-up task: delete the old, add the new — do not chain.
89
+
90
+ ### 2.4 Origin
91
+
92
+ Production case: TASKS.md grew to 400+ lines, with 60% of entries marked `completed` over months. New contributors couldn't find what was actually pending. The corrective rule made `completed` a transient state, not a permanent annotation.
93
+
94
+ ---
95
+
96
+ ## 3. Dev / Prod Sync (P3)
97
+
98
+ When the project has multiple environments (dev / staging / prod), every feature that works in dev MUST work identically in prod once shipped. This rule applies to:
99
+
100
+ - Code (auto-handled by deploy pipeline if branch-strategy is followed).
101
+ - Database schema (migrations applied to all environments before code that depends on them ships).
102
+ - Environment variables (registered in all environments before referencing code is deployed).
103
+ - External service configurations (webhooks, OAuth callbacks, API keys per environment).
104
+ - Cron / scheduled jobs (if dev runs them, prod runs them too — or both don't).
105
+
106
+ ### 3.1 The "dev works, prod broken" failure mode
107
+
108
+ The single most common production incident pattern: a feature passes dev verification, ships to prod, fails because the prod environment is missing one or more of:
109
+
110
+ - A required environment variable (forgot to register in prod dashboard).
111
+ - A database migration (applied to dev but not prod).
112
+ - A webhook URL update (third-party still pointing to old endpoint).
113
+ - A feature flag (default OFF in prod, but on in dev).
114
+
115
+ This failure mode is preventable by treating "dev / prod parity" as a checklist item before shipping.
116
+
117
+ ### 3.2 Pre-deploy parity checklist
118
+
119
+ Before merging code to a release branch:
120
+
121
+ - [ ] All new env vars registered in prod environment (with same names).
122
+ - [ ] All new DB migrations applied to prod (or queued in deploy pipeline).
123
+ - [ ] All third-party service configs updated for prod URL (webhook URLs especially — note the apex-domain trap below).
124
+ - [ ] All feature flags decided for prod (default state explicit).
125
+ - [ ] Cron / scheduled jobs registered in prod scheduler.
126
+
127
+ ### 3.3 Common traps
128
+
129
+ **Trap 1 — Apex vs subdomain in webhook URLs.** Many third-party services do NOT follow HTTP redirects. If your apex domain redirects to `www.` (or vice versa), a webhook registered with the redirecting form silently fails — every event is "delivered" by the third-party but never reaches your handler. Always register webhook URLs with the canonical (non-redirecting) form.
130
+
131
+ **Trap 2 — Env var registered but not redeployed.** Most platforms require a redeploy after env var registration before the new value is visible to running code. Build artifacts produced before the env was registered will not see it. Always trigger a fresh build after env changes.
132
+
133
+ **Trap 3 — Migration applied without code, or code without migration.** Either order causes downtime. Apply schema changes that are backward-compatible first, then deploy code, then apply schema cleanups (drop old columns, etc.). When in doubt, dual-write briefly.
134
+
135
+ ### 3.4 When P3 does not apply
136
+
137
+ If your project is single-environment (no separate prod), this rule is informational only. The rest of the universal-rules still apply.
138
+
139
+ ---
140
+
141
+ ## 4. Branch strategy (informational link)
142
+
143
+ CONDUCTOR's universal rules don't mandate a specific branch strategy — they assume one exists. The opt-in `recipes/branch-strategy.md` documents a common 3-branch pattern (main / develop / release) used by the originating project. Adopters with their own strategy ignore the recipe; the operations rules above still hold.
144
+
145
+ ---
146
+
147
+ ## 5. Push timing (informational)
148
+
149
+ The `recipes/branch-strategy.md` recipe also documents a "push timing" convention: docs-only changes are NOT pushed immediately; they batch with the next code push. This avoids polluting deploy pipelines with docs-only triggers. This is a project-specific preference, not a universal rule. Adopters choose.
150
+
151
+ ---
152
+
153
+ ## 6. Cross-tool enforcement
154
+
155
+ | Mechanism | Tools that enforce automatically |
156
+ |---|---|
157
+ | `stop-session-log-check` (CURRENT_WORK staleness) | Claude Code |
158
+ | Branch protection (force-push block, PR required) | GitHub branch protection (any tool) |
159
+ | Pre-deploy CI checklist | CI pipeline (any tool) |
160
+ | Rule text reminder | All tools |
161
+
162
+ For non-Claude tools, the orchestrator self-checks at session start and session end.
@@ -0,0 +1,191 @@
1
+ ---
2
+ rule_id: quality-gates
3
+ rule_name: "Pre-commit + pre-merge review + test sync + verify-after-changes"
4
+ severity: ABSOLUTE
5
+ applies_to: ["all-tools"]
6
+ violation_count: 3+
7
+ enforcement:
8
+ - hook: stop-r6-review-check
9
+ - llm-self-discipline
10
+ - external: ci-pipeline
11
+ linked_rules:
12
+ - workflow
13
+ - spec-as-you-go
14
+ ---
15
+
16
+ # Quality Gates — Two-Stage Review + Test Sync + Verify
17
+
18
+ > Bundles Q1 (pre-commit code review), Q2 (pre-merge code review), Q3 (test coverage sync), Q4 (verify-after-changes). Every code change passes through this gate before being declared done.
19
+
20
+ ## 1. Pre-Commit Code Review (Q1)
21
+
22
+ Before a code change is committed, an automated reviewer MUST inspect the diff. Block on HIGH-confidence issues (severity ≥ 75 / 100). Lower-severity issues become PR comments.
23
+
24
+ ### 1.1 Reviewer selection (model routing)
25
+
26
+ | Diff size / nature | Reviewer model |
27
+ |---|---|
28
+ | Single file, established pattern | Sonnet-tier |
29
+ | Multi-file (3+) or cross-cutting | Opus-tier |
30
+ | Type-design heavy | Specialized "type-design" reviewer if available |
31
+ | Error-handling heavy | Specialized "silent-failure" reviewer if available |
32
+
33
+ When in doubt, upgrade one tier. The cost difference between Sonnet and Opus reviewer is modest compared to the cost of merging a HIGH-severity bug.
34
+
35
+ ### 1.2 Exemptions (NOT subject to pre-commit review)
36
+
37
+ - 100% docs-only changes (`docs/**`, `*.md` only).
38
+ - Lockfile auto-generated bumps.
39
+ - Generated type files (output of codegen tooling).
40
+
41
+ Mixed PRs (docs + code) are NOT exempt. Any code in the diff triggers review.
42
+
43
+ ### 1.3 What "block on HIGH-confidence" means
44
+
45
+ If the reviewer reports any issue with confidence ≥ 75 and severity ≥ HIGH:
46
+
47
+ - Commit MUST NOT proceed.
48
+ - Orchestrator addresses the issue (fix code, justify in commit message, or escalate to user).
49
+ - Re-run reviewer on the updated diff.
50
+ - Only when no HIGH-confidence issues remain: commit.
51
+
52
+ LOW / MEDIUM issues become commit-message footer notes or follow-up tasks in CURRENT_WORK.md.
53
+
54
+ ---
55
+
56
+ ## 2. Pre-Merge Code Review (Q2)
57
+
58
+ After commit + push + open PR, a SECOND review pass runs on the open PR before merge. This is distinct from Q1 — Q1 reviews the local diff before commit; Q2 reviews the merged-state PR (including CI signals + reviewer comments).
59
+
60
+ ### 2.1 Trigger
61
+
62
+ PR opened on a non-direct-push branch (typically anything that is not `main` / `release` / `develop` per the project's branch strategy). See `recipes/branch-strategy.md` for branch naming patterns.
63
+
64
+ ### 2.2 Cool-down (Claude adapter only)
65
+
66
+ The `stop-r6-review-check` hook (when installed by the Claude adapter) reminds the orchestrator to run pre-merge review at most once per 30 minutes per PR. This avoids reminder spam on rapid push cycles.
67
+
68
+ ### 2.3 Exemptions
69
+
70
+ Same as Q1 (docs-only, lockfile, generated files). Additionally, PRs that have already passed pre-merge review are not re-reviewed unless new commits are pushed.
71
+
72
+ ### 2.4 Cross-tool degradation
73
+
74
+ | Tool | Q2 mechanism |
75
+ |---|---|
76
+ | Claude Code | Slash command (`/code-review`) + Stop-hook reminder |
77
+ | Cursor | Cursor command palette + manual rule reminder |
78
+ | Copilot | GitHub PR comment review (Copilot Code Review native) + manual reminder |
79
+ | Gemini / Codex / Windsurf | Manual reminder via rule text |
80
+
81
+ ---
82
+
83
+ ## 3. Test Coverage Sync (Q3)
84
+
85
+ Every new feature, changed behavior, or new public API MUST have a corresponding test added or updated in the SAME PR.
86
+
87
+ ### 3.1 What test belongs to what change
88
+
89
+ | Code change | Test type | Test location pattern |
90
+ |---|---|---|
91
+ | New page / route | E2E functional | `<test-root>/functional/<area>.spec.*` |
92
+ | New API endpoint | E2E functional (auth + response shape) | Same as above |
93
+ | New UI screen | Visual smoke | `<test-root>/visual/<area>.spec.*` |
94
+ | Existing page UX change | Update existing functional spec (selectors, flow) | Same |
95
+ | New service function | Unit test (happy + error path) | `<service>/__tests__/<service>.spec.*` |
96
+ | New email template / similar render | Snapshot test | `<template-dir>/__tests__/<template>.spec.*` |
97
+
98
+ ### 3.2 Skip / "incomplete" classification
99
+
100
+ A PR that adds a new feature without an accompanying test is treated as INCOMPLETE. Pre-commit review (Q1) catches this when the diff contains source changes but no test changes. Pre-merge review (Q2) catches it when CI runs.
101
+
102
+ ### 3.3 The "verify before push" command pair
103
+
104
+ Before push:
105
+
106
+ 1. Run unit tests (project-specific command, e.g. `npx vitest run`).
107
+ 2. Run functional E2E (project-specific command, e.g. `npm run test:functional`).
108
+
109
+ If either is red, the work is not done. The orchestrator does not push and does not declare the task complete.
110
+
111
+ ---
112
+
113
+ ## 4. Verify-After-Changes (Q4)
114
+
115
+ Every code or configuration change MUST be verified by running the application or relevant subset before reporting "done" to the user.
116
+
117
+ ### 4.1 Verification levels by change type
118
+
119
+ | Change | Verification |
120
+ |---|---|
121
+ | Code | Run unit tests + relevant functional E2E + manual sanity (when UI). |
122
+ | Build config | Run `build` command, verify no errors. |
123
+ | Environment variable | Verify in dev environment (or staging) that the var loads and the dependent path works. |
124
+ | Database schema | Apply migration on dev DB, run mock-data seeds, run a query. |
125
+ | External service config | Trigger the integration end-to-end (test webhook, send test email, etc.). |
126
+
127
+ ### 4.2 Reporting "done" to the user
128
+
129
+ The orchestrator MUST NOT say "fixed" / "implemented" / "deployed" without prior verification evidence. Acceptable evidence:
130
+
131
+ - Test runner output (snippet pasted into the response).
132
+ - Build command exit code 0 (with command name).
133
+ - HTTP request result (status + relevant body field).
134
+ - Screenshot or render snapshot (if UI).
135
+ - Database query result.
136
+
137
+ A response that says "this should fix it" is not a completion report — it's a hypothesis. Mark it as such if you cannot verify.
138
+
139
+ ### 4.3 The "evidence before assertions" principle
140
+
141
+ Borrowed from disciplined debugging practice: evidence ALWAYS precedes the success claim. The orchestrator that claims success without evidence is treated equivalently to silent rule violation (see workflow.md W6).
142
+
143
+ ### 4.4 Sub-agent completion reports are claims, not evidence
144
+
145
+ When a sub-agent returns a "done" / "implemented" summary, that summary is a **claim**, not evidence. Before relaying completion to the user, the orchestrator MUST:
146
+
147
+ 1. `git diff` the sub-agent's changes and grep for the specific pattern the task required (the new structure / function / renamed symbol — not just "files changed").
148
+ 2. Where the change is observable at runtime (UI render, endpoint response, query result), observe it.
149
+ 3. Only then relay completion, citing the diff + observation.
150
+
151
+ A green build or a passing test is a precondition for this check, never a substitute for it. See §4.5 below.
152
+
153
+ ### 4.5 Anti-pattern — false completion from a green build
154
+
155
+ The failure mode §4.3–4.4 exist to prevent: a green build, a passing test suite, or a sub-agent's "done" summary is treated as proof that the *intended* change happened. It is not. A build can be green while the requested change never landed — a token-only edit went in instead of the structural change, the file that mattered was never touched, or a sub-agent edited the wrong surface. **build-green ≠ change-applied.**
156
+
157
+ **Detection:** a "fixed / implemented / done / deployed" claim whose only cited evidence is build/test status or a sub-agent's prose, with no diff inspection or runtime observation of the intended change.
158
+
159
+ **Fix:** (1) `git diff` and grep for the *concrete pattern the task required* — the new structure, function, or renamed symbol, not "files changed"; if the grep does not find it, the change was not applied regardless of build status. (2) Observe it at runtime where applicable (render the page, hit the endpoint, run the query). (3) Only then claim completion, citing the diff + observation. On the Claude adapter, the Stop guard `block-completion-claim-without-push` is the mechanical backstop.
160
+
161
+ ---
162
+
163
+ ## 5. Pre-commit checklist (operator-facing)
164
+
165
+ Before any commit:
166
+
167
+ - [ ] Type checks pass.
168
+ - [ ] No hardcoded secrets / API keys in diff.
169
+ - [ ] Approved UI library only (project-specific — see recipe).
170
+ - [ ] Service-layer pattern preserved.
171
+ - [ ] Result-pattern API responses preserved (where applicable).
172
+ - [ ] Row-level-security or equivalent access control assumed by design.
173
+ - [ ] Folder structure unchanged (no rogue new top-level directories).
174
+ - [ ] Spec(s) updated (`spec-as-you-go.md`).
175
+ - [ ] E2E test added / updated (Q3).
176
+ - [ ] Naming conventions followed.
177
+ - [ ] No duplicated business logic across surfaces (web ↔ mobile, etc.).
178
+ - [ ] **Q1 — Pre-commit review passed.**
179
+
180
+ ---
181
+
182
+ ## 6. Cross-tool enforcement summary
183
+
184
+ | Gate | Claude Code | Cursor | Copilot | Gemini | Codex | Windsurf |
185
+ |---|---|---|---|---|---|---|
186
+ | Q1 pre-commit review (auto) | Manual invoke + Stop-hook reminder | Manual | GitHub Copilot CR | Manual | Manual | Manual |
187
+ | Q2 pre-merge review (auto) | Slash command + Stop-hook | Manual | GitHub native | Manual | Manual | Manual |
188
+ | Q3 test coverage sync | Rule text + checklist | Same | Same | Same | Same | Same |
189
+ | Q4 verify-after-changes | Rule text + LLM self-discipline | Same | Same | Same | Same | Same |
190
+
191
+ The honest summary: only Claude Code has a pre-existing automated reminder mechanism. On other tools, the rule text + the operator's discipline carry the weight. CONDUCTOR does not pretend otherwise.