openclaw-node-harness 2.0.3 → 2.1.0

package/config/harness-rules.json

@@ -0,0 +1,174 @@
+[
+  {
+    "id": "build-before-done",
+    "description": "Never declare work complete without running a build or test",
+    "tier": 1,
+    "type": "inject",
+    "scope": ["local", "mesh"],
+    "content": "HARD RULE: Never declare a task complete without running the build/test and showing the actual output. Files existing on disk is not proof of success.",
+    "pattern": null,
+    "activateOn": null,
+    "active": true,
+    "tags": ["build", "completion", "verification"],
+    "mesh_enforcement": "metric_required",
+    "_mesh_note": "On mesh: if task has no metric, post-completion scan flags for review. Karpathy loop already enforces this for tasks WITH metrics."
+  },
+  {
+    "id": "no-silent-failure",
+    "description": "Never silently swallow errors — always surface them explicitly",
+    "tier": 1,
+    "type": "inject",
+    "scope": ["local", "mesh"],
+    "content": "HARD RULE: Never hide, swallow, or skip past errors. If something fails, stop and report it immediately with the full error output.",
+    "pattern": null,
+    "activateOn": null,
+    "active": true,
+    "tags": ["errors", "visibility"],
+    "mesh_enforcement": "post_scan",
+    "mesh_scan_patterns": ["error:", "Error:", "FAIL", "FAILED", "exception", "Exception", "panic", "PANIC", "Traceback"]
+  },
+  {
+    "id": "no-assume-running",
+    "description": "Never assume a server/process is running without checking",
+    "tier": 1,
+    "type": "inject",
+    "scope": ["local", "mesh"],
+    "content": "HARD RULE: Never assume a server, daemon, or process is running. Verify with a process check or health probe before acting on that assumption.",
+    "pattern": null,
+    "activateOn": null,
+    "active": true,
+    "tags": ["process", "verification"],
+    "mesh_enforcement": "pre_check",
+    "mesh_pre_checks": ["nats"]
+  },
+  {
+    "id": "session-boot-context",
+    "description": "Read session state files before first reply so companion knows where we left off",
+    "tier": 1,
+    "type": "inject",
+    "scope": ["local"],
+    "content": "HARD RULE: At session start, BEFORE your first reply, silently read memory/last-session-recap.md, memory/active-tasks.md (first 50 lines), and .companion-state.md. Lead your first message with a brief status of where we left off. Never make the user re-orient you.",
+    "pattern": null,
+    "activateOn": null,
+    "active": true,
+    "tags": ["boot", "context", "session"]
+  },
+  {
+    "id": "git-conventional-commits",
+    "description": "Use conventional commit format for all git commits",
+    "tier": 2,
+    "type": "inject",
+    "scope": ["local", "mesh"],
+    "content": "RULE: All git commits must use conventional commit format: type(scope): description — e.g. fix(auth): correct token refresh logic",
+    "pattern": null,
+    "activateOn": ["git commit", "commit -m", "git add"],
+    "active": true,
+    "tags": ["git", "commits"],
+    "mesh_enforcement": "post_validate",
+    "mesh_validate_command": "git log -1 --format=%s | grep -qE '^(feat|fix|docs|style|refactor|test|chore|build|ci|perf|revert)(\\(.+\\))?: .+'"
+  },
+  {
+    "id": "no-hardcoded-secrets",
+    "description": "Never hardcode API keys, tokens, or passwords in source files",
+    "tier": 2,
+    "type": "inject",
+    "scope": ["local", "mesh"],
+    "content": "RULE: Never hardcode API keys, tokens, passwords, or secrets directly in source code. Use environment variables or config files excluded from git.",
+    "pattern": null,
+    "activateOn": ["api key", "apikey", "secret", "password", "token", "credential"],
+    "active": true,
+    "tags": ["security", "secrets"],
+    "mesh_enforcement": "pre_commit_scan"
+  },
+  {
+    "id": "playwright-fallback",
+    "description": "Use Playwright web-fetch when WebFetch is blocked or returns empty/broken content",
+    "tier": 2,
+    "type": "inject",
+    "scope": ["local"],
+    "content": "RULE: When WebFetch fails, returns empty content, or a site blocks automated access (anti-bot, JS-rendered, login wall), fall back to Playwright via: node bin/web-fetch.mjs <url> [--html] [--selector \"css\"] [--wait ms] [--screenshot file.png]. This renders the full page with a real Chromium browser.",
+    "pattern": null,
+    "activateOn": ["WebFetch", "web fetch", "scrape", "blocked", "403", "access denied", "anti-bot", "cloudflare"],
+    "active": true,
+    "tags": ["web", "scraping", "fallback"]
+  },
+  {
+    "id": "scope-enforcement",
+    "description": "Reject file changes outside task scope boundaries",
+    "tier": 1,
+    "type": "enforce",
+    "scope": ["mesh"],
+    "content": "Files modified outside the declared task scope will be reverted before commit.",
+    "pattern": null,
+    "activateOn": null,
+    "active": true,
+    "tags": ["scope", "boundaries", "safety"],
+    "mesh_enforcement": "scope_check"
+  },
+  {
+    "id": "block-sudo-in-scripts",
+    "description": "Scripts must not contain bare sudo commands",
+    "tier": 3,
+    "type": "block",
+    "scope": ["local", "mesh"],
+    "content": "Generated scripts must not contain sudo commands without explicit user acknowledgment",
+    "pattern": "\\bsudo\\s+\\S+",
+    "activateOn": null,
+    "active": false,
+    "tags": ["security", "scripts"],
+    "mesh_enforcement": "output_block",
+    "_note": "Disabled by default — too aggressive for general use."
+  },
+  {
+    "id": "block-rm-rf",
+    "description": "Never generate rm -rf without an explicit safety check",
+    "tier": 3,
+    "type": "block",
+    "scope": ["local", "mesh"],
+    "content": "Destructive file operations must include a safety confirmation",
+    "pattern": "rm\\s+-rf\\s+[^{]",
+    "activateOn": null,
+    "active": true,
+    "tags": ["safety", "filesystem"],
+    "mesh_enforcement": "output_block"
+  },
+  {
+    "id": "hyperagent-task-close",
+    "description": "After task completion, log structured performance telemetry",
+    "tier": 2,
+    "type": "inject",
+    "scope": ["local", "mesh"],
+
+    "content": "RULE: After completing any task, log telemetry via: OPENCLAW_NODE_ID=<node> OPENCLAW_SOUL_ID=<soul> node $OPENCLAW_HOME/bin/hyperagent.mjs log '{\"domain\":\"...\",\"subdomain\":\"...\",\"outcome\":\"success|partial|failure\",\"iterations\":N,\"duration_minutes\":N,\"meta_notes\":\"what approach, why, key moment, one hypothesis\"}'. Pattern flags are auto-detected. $OPENCLAW_HOME defaults to ~/.openclaw.",
+    "pattern": null,
+    "activateOn": ["task complete", "waiting-user", "status: waiting"],
+    "active": true,
+    "tags": ["hyperagent", "telemetry"]
+  },
+  {
+    "id": "hyperagent-task-start",
+    "description": "At task start, consult strategy archive for relevant approaches",
+    "tier": 2,
+    "type": "inject",
+    "scope": ["local", "mesh"],
+
+    "content": "RULE: Before starting any non-trivial task, check strategies: node $OPENCLAW_HOME/bin/hyperagent.mjs strategies --domain <domain>. If a strategy exists, use it as starting approach.",
+    "pattern": null,
+    "activateOn": ["task start", "claimed", "begin task", "status: running"],
+    "active": true,
+    "tags": ["hyperagent", "strategy"]
+  },
+  {
+    "id": "hyperagent-reflection-ready",
+    "description": "When a pending reflection exists, synthesize hypotheses and proposals",
+    "tier": 2,
+    "type": "inject",
+    "scope": ["local"],
+
+    "content": "RULE: At session start, run: node $OPENCLAW_HOME/bin/hyperagent.mjs reflect --pending. If output is non-empty JSON, it contains performance stats from recent tasks awaiting synthesis. Analyze the data: identify what worked (with causal hypotheses), what didn't (with root causes), and 1-2 forward proposals (specific changes to strategies or workflows). Then call: node $OPENCLAW_HOME/bin/hyperagent.mjs reflect --write-synthesis '<json>' where json = {reflection_id, hypotheses: [...], proposals: [{title, description, proposal_type, target_ref, diff_content}]}. If output is empty, do nothing.",
+    "pattern": null,
+    "activateOn": ["session start"],
+    "active": true,
+    "tags": ["hyperagent", "reflection"]
+  }
+]

package/config/plan-templates/team-bugfix.yaml

@@ -0,0 +1,52 @@
+id: team-bugfix
+name: "Bugfix: {{context}}"
+description: "Bug fix pipeline — Reproduce → Diagnose → Fix → Regression Test"
+failure_policy: abort_on_first_fail
+
+phases:
+  - wave: 0
+    subtasks:
+      - id: reproduce
+        title: "Reproduce: {{context}}"
+        description: "Write a minimal reproduction of the bug. Create a failing test that demonstrates the issue. Document exact steps."
+        delegation:
+          mode: solo_mesh
+        budget_minutes: 15
+        critical: true
+        metric: "npm test -- --grep 'regression'"
+
+  - wave: 1
+    subtasks:
+      - id: diagnose
+        title: "Diagnose root cause: {{context}}"
+        description: "Analyze the reproduction to identify the root cause. Trace the execution path. Document the failure mechanism."
+        delegation:
+          mode: local
+        budget_minutes: 15
+        critical: true
+        depends_on:
+          - reproduce
+
+  - wave: 2
+    subtasks:
+      - id: fix
+        title: "Fix: {{context}}"
+        description: "Implement the minimal fix for the root cause. Do not refactor surrounding code. Ensure the regression test passes."
+        delegation:
+          mode: auto
+        budget_minutes: 30
+        metric: "npm test"
+        depends_on:
+          - diagnose
+
+  - wave: 3
+    subtasks:
+      - id: regression-test
+        title: "Verify fix: {{context}}"
+        description: "Run full test suite. Verify the regression test passes. Check that no existing tests broke. Document the fix."
+        delegation:
+          mode: solo_mesh
+        budget_minutes: 15
+        metric: "npm test"
+        depends_on:
+          - fix

package/config/plan-templates/team-deploy.yaml

@@ -0,0 +1,50 @@
+id: team-deploy
+name: "Deploy: {{context}}"
+description: "Deployment pipeline — Pre-flight → Deploy → Smoke Test → Monitor"
+failure_policy: abort_on_first_fail
+
+phases:
+  - wave: 0
+    subtasks:
+      - id: preflight
+        title: "Pre-flight checks: {{context}}"
+        description: "Run full test suite, check build, verify config, validate environment variables, check dependency versions."
+        delegation:
+          mode: solo_mesh
+        budget_minutes: 15
+        critical: true
+        metric: "npm test && npm run build"
+
+  - wave: 1
+    subtasks:
+      - id: deploy
+        title: "Deploy: {{context}}"
+        description: "Execute deployment. Follow the deployment runbook. Record deployed version and SHA."
+        delegation:
+          mode: human
+        budget_minutes: 30
+        critical: true
+        depends_on:
+          - preflight
+
+  - wave: 2
+    subtasks:
+      - id: smoke-test
+        title: "Smoke test: {{context}}"
+        description: "Run smoke tests against the deployed environment. Verify core functionality. Check health endpoints."
+        delegation:
+          mode: solo_mesh
+        budget_minutes: 15
+        depends_on:
+          - deploy
+
+  - wave: 3
+    subtasks:
+      - id: monitor
+        title: "Post-deploy monitoring: {{context}}"
+        description: "Monitor error rates, latency, and resource usage for 15 minutes post-deploy. Flag any anomalies."
+        delegation:
+          mode: local
+        budget_minutes: 20
+        depends_on:
+          - smoke-test

package/config/plan-templates/team-feature.yaml

@@ -0,0 +1,71 @@
+id: team-feature
+name: "Feature: {{context}}"
+description: "End-to-end feature pipeline — Design → Architecture → Implement → Test → Review"
+failure_policy: abort_on_critical_fail
+
+phases:
+  - wave: 0
+    subtasks:
+      - id: design
+        title: "Design: {{context}}"
+        description: "Create or update design documentation. Define requirements, acceptance criteria, edge cases, and dependencies."
+        delegation:
+          mode: local
+        budget_minutes: 15
+        critical: true
+        scope:
+          - "docs/"
+          - "design/"
+
+  - wave: 1
+    subtasks:
+      - id: architecture
+        title: "Architecture review: {{context}}"
+        description: "Review the design, define code architecture, interfaces, file structure, and integration points. Identify risks."
+        delegation:
+          mode: collab_mesh
+          collaboration:
+            mode: review
+            min_nodes: 2
+            max_nodes: 3
+            max_rounds: 2
+            convergence:
+              type: unanimous
+        budget_minutes: 20
+        critical: true
+        depends_on:
+          - design
+
+  - wave: 2
+    subtasks:
+      - id: implement
+        title: "Implement: {{context}}"
+        description: "Write the implementation following the approved architecture. Stay within scope. Write clean, tested code."
+        delegation:
+          mode: auto
+        budget_minutes: 45
+        depends_on:
+          - architecture
+
+  - wave: 3
+    subtasks:
+      - id: test
+        title: "Test: {{context}}"
+        description: "Write and run tests. Verify all acceptance criteria. Check edge cases. Measure performance impact."
+        delegation:
+          mode: solo_mesh
+        budget_minutes: 20
+        metric: "npm test"
+        depends_on:
+          - implement
+
+  - wave: 4
+    subtasks:
+      - id: review
+        title: "Code review: {{context}}"
+        description: "Final code review. Check for security issues, style compliance, test coverage, documentation completeness."
+        delegation:
+          mode: human
+        budget_minutes: 10
+        depends_on:
+          - test

package/config/roles/qa-engineer.yaml

@@ -0,0 +1,36 @@
+id: qa-engineer
+name: QA Engineer
+description: Test design, validation, and quality assurance
+
+responsibilities:
+  - "Design test cases covering happy paths, edge cases, and failure modes"
+  - "Write regression tests for every bug fix"
+  - "Verify test coverage meets minimum thresholds"
+  - "Validate gas consumption stays within budget"
+  - "Check that all acceptance criteria are testable"
+
+must_not:
+  - "Modify production source code — only test files"
+  - "Skip edge case testing for gas optimization"
+  - "Mark tests as skipped without documenting why"
+
+framework:
+  name: "Arrange-Act-Assert"
+  prompt: |
+    Structure every test using:
+    - ARRANGE: Set up preconditions and inputs
+    - ACT: Execute the behavior under test
+    - ASSERT: Verify the expected outcome
+    Each test must test exactly ONE behavior. Name tests descriptively:
+    "should revert when caller is not owner" not "test1".
+
+required_outputs:
+  - type: file_match
+    pattern: "test/**"
+    description: "Must produce test files"
+
+scope_paths: ["test/**"]
+
+escalation:
+  on_budget_exceeded: tech-architect
+  on_metric_failure: human

package/config/roles/solidity-dev.yaml

@@ -0,0 +1,51 @@
+id: solidity-dev
+name: Solidity Developer
+description: Smart contract implementation and testing
+
+responsibilities:
+  - "Implement smart contract logic per specification"
+  - "Write comprehensive test coverage for all state transitions"
+  - "Document gas costs for all public functions"
+  - "Emit events on every state change"
+  - "Follow checks-effects-interactions pattern"
+  - "Use OpenZeppelin where applicable for standard patterns"
+
+must_not:
+  - "Modify deployment scripts without explicit delegation"
+  - "Change contract interfaces without architecture review"
+  - "Hardcode addresses — resolve through config or registry"
+  - "Use inline assembly without architecture review"
+  - "Skip reentrancy guards on external calls"
+
+framework:
+  name: "Checks-Effects-Interactions"
+  prompt: |
+    For every state-changing function, verify:
+    1. CHECKS: All require/revert conditions at top
+    2. EFFECTS: State changes before any external calls
+    3. INTERACTIONS: External calls last, with reentrancy guards
+    Document gas implications for any function exceeding 50k gas.
+
+required_outputs:
+  - type: file_match
+    pattern: "test/**/*.test.js"
+    description: "Test file must accompany any contract change"
+  - type: content_check
+    pattern: "contracts/**/*.sol"
+    check: "emit"
+    description: "All state changes must emit events"
+
+forbidden_patterns:
+  - pattern: "0x[a-fA-F0-9]{40}"
+    in: "contracts/**/*.sol"
+    description: "No hardcoded addresses — resolve through config"
+  - pattern: "selfdestruct|delegatecall"
+    in: "contracts/**/*.sol"
+    description: "No selfdestruct or raw delegatecall without architecture review"
+
+scope_paths: ["contracts/**", "test/**"]
+
+escalation:
+  on_scope_violation: tech-architect
+  on_budget_exceeded: tech-architect
+  on_metric_failure: qa-engineer

package/config/roles/tech-architect.yaml

@@ -0,0 +1,36 @@
+id: tech-architect
+name: Technical Architect
+description: Architecture decisions, code review, cross-domain coordination
+
+responsibilities:
+  - "Review architecture for scalability and security"
+  - "Document technical decisions using ADR format"
+  - "Identify cross-domain dependencies and risks"
+  - "Define interfaces between system components"
+  - "Evaluate gas costs and performance implications"
+
+must_not:
+  - "Implement features directly — delegate to specialists"
+  - "Skip ADR documentation for non-obvious choices"
+  - "Approve changes without reviewing test coverage"
+
+framework:
+  name: "ADR Format"
+  prompt: |
+    Document all decisions using Architecture Decision Record format:
+    - CONTEXT: What forces are at play? What constraints exist?
+    - DECISION: What was decided and why?
+    - CONSEQUENCES: What are the tradeoffs? What does this enable/prevent?
+    - STATUS: proposed | accepted | deprecated | superseded
+    Every non-obvious technical choice requires an ADR.
+
+required_outputs:
+  - type: file_match
+    pattern: "docs/adr-*.md"
+    description: "Architecture decisions must produce ADR documents"
+
+scope_paths: ["docs/**", "contracts/**", "src/**"]
+
+escalation:
+  on_scope_violation: tech-architect
+  on_budget_exceeded: human

package/config/rules/framework/solidity.md

@@ -0,0 +1,22 @@
+---
+id: solidity
+version: 1.0.0
+tier: framework
+paths: ["contracts/**", "**/*.sol"]
+detect: ["hardhat.config.js", "hardhat.config.ts", "foundry.toml"]
+priority: 80
+tags: ["solidity", "blockchain", "smart-contracts"]
+---
+
+# Solidity Standards
+
+- Never hardcode contract addresses. Resolve through a registry or deployment config.
+- All external/public functions that modify state must have reentrancy guards.
+- Every state change must emit an event. Events are the indexing layer.
+- Use checks-effects-interactions pattern: validate → update state → external calls.
+- All arithmetic on token amounts must use SafeMath or Solidity 0.8+ built-in overflow protection.
+- Document gas costs for expensive operations. Set gas budgets for user-facing transactions.
+- Upgradeable contracts must use the proxy pattern with storage layout compatibility checks.
+- Never use `selfdestruct` or `delegatecall` to untrusted targets.
+- All deployed contracts must have a verified source on block explorer.
+- Test coverage must include: happy path, edge cases, access control, reentrancy, gas limits.

package/config/rules/framework/typescript.md

@@ -0,0 +1,21 @@
+---
+id: typescript
+version: 1.0.0
+tier: framework
+paths: ["**/*.ts", "**/*.tsx", "src/**"]
+detect: ["tsconfig.json"]
+priority: 70
+tags: ["typescript", "javascript"]
+---
+
+# TypeScript Standards
+
+- Enable strict mode. Never set `strict: false` in tsconfig.
+- Avoid `any` — use `unknown` for truly unknown types, then narrow with type guards.
+- Prefer interfaces over type aliases for object shapes (interfaces are extensible, produce better errors).
+- Use explicit return types on exported functions. Inferred types are fine for internal/private functions.
+- Never use `@ts-ignore` without a comment explaining why and a tracking issue.
+- Use discriminated unions over optional fields for variant types.
+- Prefer `readonly` for properties that shouldn't change after construction.
+- Handle all promise rejections — no unhandled promises. Use try/catch or `.catch()`.
+- Prefer named exports over default exports (better refactoring, better tree-shaking).

package/config/rules/framework/unity.md

@@ -0,0 +1,21 @@
+---
+id: unity
+version: 1.0.0
+tier: framework
+paths: ["Assets/**", "**/*.cs", "Packages/**"]
+detect: ["ProjectSettings/ProjectVersion.txt"]
+priority: 70
+tags: ["unity", "gamedev", "csharp"]
+---
+
+# Unity Standards
+
+- Use delta time (`Time.deltaTime`) for all time-dependent calculations. Never assume fixed frame rate.
+- Zero allocations in `Update()`, `FixedUpdate()`, and `LateUpdate()`. Cache references in `Awake()`/`Start()`.
+- Use object pooling for frequently spawned/destroyed objects (projectiles, particles, UI elements).
+- Never use `Find()`, `FindObjectOfType()`, or tag-based lookups in hot paths. Cache in `Awake()`.
+- All gameplay values must come from ScriptableObjects or external config — never hardcoded in scripts.
+- Use events/delegates for inter-system communication. No direct coupling between unrelated systems.
+- Profile before and after optimization. Use Unity Profiler, not guesswork.
+- Mobile: respect thermal state, target 30fps stable over 60fps with drops, batch draw calls.
+- AR: all geospatial API calls must be async. Never block the main thread on location/anchor resolution.

package/config/rules/universal/design-docs.md

@@ -0,0 +1,18 @@
+---
+id: design-docs
+version: 1.0.0
+tier: universal
+paths: ["docs/**", "design/**", "notes/**", "**/*.md"]
+priority: 60
+tags: ["documentation", "design"]
+---
+
+# Design Documentation Standards
+
+- Every design document must include: Overview, Requirements, Approach, Edge Cases, Acceptance Criteria.
+- Acceptance criteria must be testable — "should feel good" or "works correctly" are not valid criteria.
+- Formulas and algorithms must include variable definitions, valid ranges, and example calculations.
+- Edge cases must explicitly state WHAT happens, not just acknowledge they exist.
+- Dependencies between systems must be bidirectional — if A depends on B, both A and B docs say so.
+- Update documentation when changing the code it describes. Stale docs are worse than no docs.
+- Architecture Decision Records (ADRs) for any non-obvious technical choice: context, decision, consequences.

package/config/rules/universal/git-hygiene.md

@@ -0,0 +1,18 @@
+---
+id: git-hygiene
+version: 1.0.0
+tier: universal
+paths: ["**/*"]
+priority: 40
+tags: ["git", "workflow"]
+---
+
+# Git Hygiene
+
+- Use conventional commit format: `type(scope): description` (feat, fix, refactor, test, docs, chore).
+- Never force-push to main/master. Use feature branches and pull requests.
+- Commits should be atomic — one logical change per commit, not a dump of accumulated work.
+- Write commit messages that explain WHY, not just WHAT. The diff shows what changed.
+- Never commit generated files, build artifacts, or dependency directories (node_modules, dist, build).
+- Resolve merge conflicts by understanding both sides, not by accepting one blindly.
+- Tag releases with semantic versioning. Breaking changes get a major bump.

package/config/rules/universal/security.md

@@ -0,0 +1,19 @@
+---
+id: security
+version: 1.0.0
+tier: universal
+paths: ["**/*"]
+priority: 100
+tags: ["security", "safety"]
+---
+
+# Security Standards
+
+- NEVER hardcode API keys, passwords, tokens, or secrets in source code. Use environment variables or secret managers.
+- Validate all external input at system boundaries (user input, API responses, file reads, URL parameters).
+- Never use `eval()`, `Function()`, or equivalent dynamic code execution on untrusted input.
+- Sanitize data before inserting into SQL queries, HTML templates, shell commands, or file paths. Use parameterized queries and template engines.
+- Never log sensitive data (passwords, tokens, PII). Redact or mask before logging.
+- Use HTTPS for all external communication. Verify TLS certificates.
+- Apply principle of least privilege — request only the permissions and scopes actually needed.
+- Never commit `.env` files, private keys, or credential files to version control.

package/config/rules/universal/test-standards.md

@@ -0,0 +1,19 @@
+---
+id: test-standards
+version: 1.0.0
+tier: universal
+paths: ["test/**", "tests/**", "**/*.test.*", "**/*.spec.*", "**/__tests__/**"]
+priority: 80
+tags: ["testing", "quality"]
+---
+
+# Test Standards
+
+- Use Arrange/Act/Assert structure in every test.
+- Name tests descriptively: `test_[system]_[scenario]_[expected_result]` or `describe/it` equivalent.
+- Tests must be deterministic — no dependencies on network, wall clock, or external state.
+- Every bug fix must include a regression test that fails without the fix and passes with it.
+- Integration tests must clean up after themselves (database records, temp files, external state).
+- Mock external dependencies (APIs, databases, filesystems) in unit tests. Integration tests hit real services.
+- Performance tests must specify acceptable thresholds, not just "faster than before."
+- Never use `sleep()` or fixed delays in tests. Use polling with timeouts or event-driven waits.

package/identity/DELEGATION.md

@@ -48,12 +48,12 @@ Subjective outputs (lore, design) require a verification proxy: word count, form
 
 Check `bin/trust-registry` before delegating to a specialist soul.
 
-| Tier | Min Tasks | Trust >= | Autonomy | Model |
+| Tier | Min Tasks | Trust >= | Autonomy | Capability |
 |---|---|---|---|---|
-| new | 0 | — | atomic (strict I/O) | sonnet |
-| developing | 3 | 0.50 | guided (can decompose, must report steps) | sonnet |
-| proven | 10 | 0.65 | open-ended (pursue sub-goals, report at end) | sonnet |
-| expert | 25 | 0.80 | full (can sub-delegate, minimal oversight) | opus |
+| new | 0 | — | atomic (strict I/O) | fast |
+| developing | 3 | 0.50 | guided (can decompose, must report steps) | standard |
+| proven | 10 | 0.65 | open-ended (pursue sub-goals, report at end) | standard |
+| expert | 25 | 0.80 | full (can sub-delegate, minimal oversight) | reasoning |
 
 After every delegation: `bin/trust-registry update <soul-id> --result success|failure --turns N --verified true|false --task "description"`
 
@@ -81,7 +81,7 @@ Every delegated task: completable in **2-5 minutes**.
 On sub-agent failure:
 1. Retry once with enriched context (add the error + background)
 2. Re-delegate to different soul if capability mismatch
-3. Escalate model (sonnet → opus)
+3. Escalate capability tier (standard → reasoning)
 4. Escalate to Gui if 1-3 fail or task is high-criticality
 
 Never retry same prompt unchanged. Each retry must add information.