opencode-swarm 2.1.2 → 2.3.1

package/README.md

@@ -2,78 +2,312 @@
 
 ![License](https://img.shields.io/badge/license-MIT-blue)
 ![OpenCode Plugin](https://img.shields.io/badge/opencode-plugin-green)
-![Agentic Architecture](https://img.shields.io/badge/architecture-architect--centric-purple)
+![Architecture](https://img.shields.io/badge/architecture-architect--centric-purple)
+![Version](https://img.shields.io/badge/version-2.2.1-orange)
 
-**Architect-driven, multi-agent development for OpenCode.**  
-Design-first orchestration with domain-aware SMEs, heterogeneous model perspectives, production-grade code generation, and layered QA.
+**Architect-driven, multi-agent development for OpenCode.**
 
-OpenCode Swarm is built for engineers who want **structured reasoning, controlled delegation, and predictable outcomes**—not parallel agent noise.
+Design-first orchestration with codebase discovery, domain-aware SMEs, heterogeneous model perspectives, and layered QA review.
 
----
+```
+┌──────────────────────────────────────────────────────────────────────────┐
+│  "Review this PowerShell application for security issues"                │
+└──────────────────────────────────────────────────────────────────────────┘
+                                    │
+                                    ▼
+┌──────────────────────────────────────────────────────────────────────────┐
+│  ARCHITECT: Delegating to @explorer for codebase analysis...             │
+└──────────────────────────────────────────────────────────────────────────┘
+                                    │
+                                    ▼
+┌──────────────────────────────────────────────────────────────────────────┐
+│  EXPLORER: PowerShell module, 12 files, domains: powershell, security    │
+│  → Flagged: auth.ps1, invoke-command.ps1 for SME review                  │
+└──────────────────────────────────────────────────────────────────────────┘
+                                    │
+                                    ▼
+┌──────────────────────────────────────────────────────────────────────────┐
+│  SME_POWERSHELL: Remoting patterns detected, needs constrained endpoints │
+│  SME_SECURITY: Credential handling issues in auth.ps1:42-58              │
+└──────────────────────────────────────────────────────────────────────────┘
+                                    │
+                                    ▼
+┌──────────────────────────────────────────────────────────────────────────┐
+│  ARCHITECT: Collated review with 3 HIGH findings, 2 recommendations      │
+└──────────────────────────────────────────────────────────────────────────┘
+```
 
-## Why OpenCode Swarm
+---
 
-Most agent frameworks parallelize everything and hope coherence emerges later.  
-OpenCode Swarm enforces discipline:
+## Why OpenCode Swarm?
 
-- A single Architect owns analysis and decisions
-- Experts are consulted only when technically relevant
-- Agents execute serially for traceability
-- Security and correctness are validated before delivery
-- Different models can be assigned per role, introducing genuinely distinct perspectives
+Most agent frameworks parallelize everything and hope coherence emerges.
+**OpenCode Swarm enforces discipline:**
 
-This design improves **accuracy, efficiency, and failure detection**, especially on complex or high-stakes tasks.
+| Problem | Our Solution |
+|---------|--------------|
+| Agents read the same files repeatedly | Explorer scans once, shares context |
+| All 11 SMEs consulted for every task | Only relevant domains (1-3) based on Explorer findings |
+| Single model = correlated failures | Different models per role = diverse perspectives |
+| No visibility into agent decisions | Serial execution with clear delegation traces |
+| Code ships without review | Mandatory Security → Audit → Test pipeline |
 
 ---
 
-## Key Advantage: Heterogeneous Model Perspectives
-
-OpenCode Swarm allows **per-role model selection** so that each cognitive function is optimized independently:
+## Architecture
 
-- Architect → deep reasoning and synthesis
-- SMEs → domain recall and speed
-- Coder → implementation fidelity
-- QA → adversarial review and audit rigor
+```
+User Request
+     │
+     ▼
+┌─────────────┐
+│  ARCHITECT  │ ◄── Orchestrates everything, owns all decisions
+└─────────────┘
+     │
+     ▼
+┌─────────────┐
+│  EXPLORER   │ ◄── Fast codebase discovery (read-only)
+└─────────────┘     Returns: structure, languages, domains, flagged files
+     │
+     ▼
+┌─────────────┐
+│    SMEs     │ ◄── Domain experts consulted serially (read-only)
+└─────────────┘     Only domains identified by Explorer
+     │
+     ▼
+┌─────────────┐
+│   CODER     │ ◄── Implements unified specification
+└─────────────┘
+     │
+     ▼
+┌─────────────┐     ┌─────────────┐
+│  SECURITY   │ ──► │   AUDITOR   │ ◄── QA review (read-only)
+└─────────────┘     └─────────────┘
+     │
+     ▼
+┌─────────────┐
+│    TEST     │ ◄── Generates tests for approved code
+└─────────────┘
+```
 
-Using different models per role reduces correlated failure modes, increases early error detection, and mirrors how real engineering teams benefit from diverse expertise.
+### Agent Permissions
 
-See: [docs/design-rationale.md](docs/design-rationale.md)
+| Agent | Read | Write | Role |
+|-------|:----:|:-----:|------|
+| Architect | ✅ | ✅ | Orchestrator - can fall back if delegation fails |
+| Explorer | ✅ | ❌ | Discovery - scans, summarizes, identifies domains |
+| SMEs (×15) | ✅ | ❌ | Advisory - domain expertise, never implements |
+| Coder | ✅ | ✅ | Implementation - writes production code |
+| Security Reviewer | ✅ | ❌ | Audit - vulnerability assessment |
+| Auditor | ✅ | ❌ | Audit - correctness verification |
+| Test Engineer | ✅ | ✅ | Testing - generates test cases |
 
 ---
 
-## Architecture Overview
+## Heterogeneous Model Perspectives
 
-OpenCode Swarm implements a hub-and-spoke pipeline with a single controlling Architect.
+OpenCode Swarm allows **different models per role**, reducing correlated failures:
 
-```
-User → Architect (analysis)
-     → Reader (optional)
-     → Relevant SMEs (serial)
-     → Architect (spec synthesis)
-     → Coder
-     → Security Review → Audit
-     → Architect (triage)
-     → Test Engineer
+```json
+{
+  "agents": {
+    "architect": { "model": "anthropic/claude-sonnet-4-5" },
+    "explorer": { "model": "google/gemini-2.0-flash" },
+    "coder": { "model": "anthropic/claude-sonnet-4-5" },
+    "_sme": { "model": "google/gemini-2.0-flash" },
+    "_qa": { "model": "openai/gpt-4o" },
+    "test_engineer": { "model": "google/gemini-2.0-flash" }
+  }
+}
 ```
 
-See: [docs/architecture.md](docs/architecture.md)
+**Why this matters:**
+- Reasoning-heavy model for Architect decisions
+- Fast/cheap model for Explorer and SME consultation  
+- Different model family for QA catches errors the others miss
+- Mix local (Ollama) and cloud models based on cost/capability
 
 ---
 
 ## Installation
 
+Add to your `opencode.json`:
+
 ```json
 {
   "plugin": ["opencode-swarm"]
 }
 ```
 
+Or install via CLI:
+
 ```bash
 bunx opencode-swarm install
 ```
 
 ---
 
+## Configuration
+
+Create `~/.config/opencode/opencode-swarm.json`:
+
+```json
+{
+  "agents": {
+    "architect": { "model": "anthropic/claude-sonnet-4-5" },
+    "explorer": { "model": "google/gemini-2.0-flash" },
+    "coder": { "model": "anthropic/claude-sonnet-4-5" },
+    "_sme": { "model": "google/gemini-2.0-flash" },
+    "_qa": { "model": "google/gemini-2.0-flash" },
+    "test_engineer": { "model": "google/gemini-2.0-flash" }
+  }
+}
+```
+
+### Category Defaults
+
+`_sme` and `_qa` set defaults for all agents in that category:
+
+```json
+{
+  "agents": {
+    "_sme": { "model": "google/gemini-2.0-flash" },
+    "sme_oracle": { "model": "anthropic/claude-sonnet-4-5" }
+  }
+}
+```
+
+### Disable Unused Domains
+
+```json
+{
+  "agents": {
+    "sme_vmware": { "disabled": true },
+    "sme_azure": { "disabled": true }
+  }
+}
+```
+
+### Custom Prompts
+
+Place in `~/.config/opencode/opencode-swarm/`:
+- `{agent}.md` - Replace default prompt
+- `{agent}_append.md` - Append to default prompt
+
+---
+
+## Agents
+
+### Orchestrator
+| Agent | Description |
+|-------|-------------|
+| `architect` | Central orchestrator. Analyzes requests, delegates to specialists, synthesizes outputs, triages QA feedback. |
+
+### Discovery
+| Agent | Description |
+|-------|-------------|
+| `explorer` | Fast codebase scanner. Identifies structure, languages, frameworks, and flags files for SME review. |
+
+### Domain Experts (SMEs)
+| Agent | Domain |
+|-------|--------|
+| `sme_windows` | Windows internals, registry, services, WMI/CIM |
+| `sme_powershell` | PowerShell scripting, cmdlets, modules, remoting |
+| `sme_python` | Python ecosystem, libraries, packaging |
+| `sme_oracle` | Oracle Database, SQL/PLSQL, administration |
+| `sme_network` | TCP/IP, firewalls, DNS, TLS, load balancing |
+| `sme_security` | STIG compliance, hardening, CVEs, PKI |
+| `sme_linux` | Linux administration, systemd, package management |
+| `sme_vmware` | vSphere, ESXi, PowerCLI, virtualization |
+| `sme_azure` | Azure services, Entra ID, ARM/Bicep |
+| `sme_active_directory` | AD, LDAP, Group Policy, Kerberos |
+| `sme_ui_ux` | UI/UX design, accessibility, interaction patterns |
+| `sme_web` | Flutter, React, Vue, Angular, JS/TS, HTML/CSS |
+| `sme_database` | SQL Server, PostgreSQL, MySQL, MongoDB, Redis |
+| `sme_devops` | Docker, Kubernetes, CI/CD, Terraform, GitHub Actions |
+| `sme_api` | REST, GraphQL, OAuth, JWT, webhooks |
+
+### Implementation
+| Agent | Description |
+|-------|-------------|
+| `coder` | Writes production code from unified specifications |
+| `test_engineer` | Generates test cases and validation scripts |
+
+### Quality Assurance
+| Agent | Description |
+|-------|-------------|
+| `security_reviewer` | Vulnerability assessment, injection risks, data exposure |
+| `auditor` | Correctness verification, logic errors, edge cases |
+
+---
+
+## Tools
+
+| Tool | Description |
+|------|-------------|
+| `gitingest` | Fetch GitHub repository contents for analysis |
+| `detect_domains` | Auto-detect relevant SME domains from text |
+| `extract_code_blocks` | Extract code blocks to files |
+
+### gitingest Example
+
+```
+"Analyze the architecture of https://github.com/user/repo"
+"Use gitingest to fetch https://github.com/user/repo with pattern *.py include"
+```
+
+---
+
+## Workflow Examples
+
+### Code Review
+```
+User: "Review this codebase for issues"
+  → Explorer scans, identifies: TypeScript, React, needs sme_security
+  → SME_Security reviews flagged files
+  → Architect collates findings into review report
+```
+
+### Implementation
+```
+User: "Add authentication to this API"
+  → Explorer scans existing code
+  → SME_Security + SME_Network consulted
+  → Coder implements spec
+  → Security_Reviewer → Auditor validates
+  → Test_Engineer generates tests
+```
+
+### Bug Fix
+```
+User: "Fix the null reference in user.ts:42"
+  → Explorer locates context
+  → Relevant SME consulted
+  → Coder implements fix
+  → QA validates
+```
+
+---
+
+## Design Philosophy
+
+1. **Single point of control** - Architect owns all decisions
+2. **Discovery before action** - Explorer maps the terrain first
+3. **Selective expertise** - Only relevant SMEs consulted
+4. **Serial execution** - Traceable, debuggable, predictable
+5. **Mandatory QA** - No code ships without security + audit review
+6. **Fail-safe orchestration** - Architect can handle tasks itself if agents fail
+
+---
+
+## Documentation
+
+- [Architecture Details](docs/architecture.md)
+- [Design Rationale](docs/design-rationale.md)
+- [Installation Guide](docs/installation.md)
+
+---
+
 ## License
 
 MIT

package/dist/agents/explorer.d.ts

@@ -0,0 +1,2 @@
+import type { AgentDefinition } from './architect';
+export declare function createExplorerAgent(model: string, customPrompt?: string, customAppendPrompt?: string): AgentDefinition;

package/dist/agents/index.d.ts

@@ -13,7 +13,7 @@ export declare function createAgents(config?: PluginConfig): AgentDefinition[];
 export declare function getAgentConfigs(config?: PluginConfig): Record<string, SDKAgentConfig>;
 export { createArchitectAgent } from './architect';
 export { createCoderAgent } from './coder';
-export { createReaderAgent } from './reader';
+export { createExplorerAgent } from './explorer';
 export { createSecurityReviewerAgent } from './security-reviewer';
 export { createAuditorAgent } from './auditor';
 export { createTestEngineerAgent } from './test-engineer';

package/dist/agents/sme/api.d.ts

@@ -0,0 +1,2 @@
+import type { SMEDomainConfig } from './base';
+export declare const apiSMEConfig: SMEDomainConfig;

package/dist/agents/sme/database.d.ts

@@ -0,0 +1,2 @@
+import type { SMEDomainConfig } from './base';
+export declare const databaseSMEConfig: SMEDomainConfig;

package/dist/agents/sme/devops.d.ts

@@ -0,0 +1,2 @@
+import type { SMEDomainConfig } from './base';
+export declare const devopsSMEConfig: SMEDomainConfig;

package/dist/agents/sme/web.d.ts

@@ -0,0 +1,2 @@
+import type { SMEDomainConfig } from './base';
+export declare const webSMEConfig: SMEDomainConfig;

package/dist/config/constants.d.ts

@@ -1,9 +1,9 @@
-export declare const SME_AGENTS: readonly ["sme_windows", "sme_powershell", "sme_python", "sme_oracle", "sme_network", "sme_security", "sme_linux", "sme_vmware", "sme_azure", "sme_active_directory", "sme_ui_ux"];
+export declare const SME_AGENTS: readonly ["sme_windows", "sme_powershell", "sme_python", "sme_oracle", "sme_network", "sme_security", "sme_linux", "sme_vmware", "sme_azure", "sme_active_directory", "sme_ui_ux", "sme_web", "sme_database", "sme_devops", "sme_api"];
 export declare const QA_AGENTS: readonly ["security_reviewer", "auditor"];
-export declare const PIPELINE_AGENTS: readonly ["reader", "coder", "test_engineer"];
+export declare const PIPELINE_AGENTS: readonly ["explorer", "coder", "test_engineer"];
 export declare const ORCHESTRATOR_NAME: "architect";
-export declare const ALL_SUBAGENT_NAMES: readonly ["sme_windows", "sme_powershell", "sme_python", "sme_oracle", "sme_network", "sme_security", "sme_linux", "sme_vmware", "sme_azure", "sme_active_directory", "sme_ui_ux", "security_reviewer", "auditor", "reader", "coder", "test_engineer"];
-export declare const ALL_AGENT_NAMES: readonly ["architect", "sme_windows", "sme_powershell", "sme_python", "sme_oracle", "sme_network", "sme_security", "sme_linux", "sme_vmware", "sme_azure", "sme_active_directory", "sme_ui_ux", "security_reviewer", "auditor", "reader", "coder", "test_engineer"];
+export declare const ALL_SUBAGENT_NAMES: readonly ["sme_windows", "sme_powershell", "sme_python", "sme_oracle", "sme_network", "sme_security", "sme_linux", "sme_vmware", "sme_azure", "sme_active_directory", "sme_ui_ux", "sme_web", "sme_database", "sme_devops", "sme_api", "security_reviewer", "auditor", "explorer", "coder", "test_engineer"];
+export declare const ALL_AGENT_NAMES: readonly ["architect", "sme_windows", "sme_powershell", "sme_python", "sme_oracle", "sme_network", "sme_security", "sme_linux", "sme_vmware", "sme_azure", "sme_active_directory", "sme_ui_ux", "sme_web", "sme_database", "sme_devops", "sme_api", "security_reviewer", "auditor", "explorer", "coder", "test_engineer"];
 export type SMEAgentName = (typeof SME_AGENTS)[number];
 export type QAAgentName = (typeof QA_AGENTS)[number];
 export type PipelineAgentName = (typeof PIPELINE_AGENTS)[number];

package/dist/index.js

@@ -22,10 +22,14 @@ var SME_AGENTS = [
   "sme_vmware",
   "sme_azure",
   "sme_active_directory",
-  "sme_ui_ux"
+  "sme_ui_ux",
+  "sme_web",
+  "sme_database",
+  "sme_devops",
+  "sme_api"
 ];
 var QA_AGENTS = ["security_reviewer", "auditor"];
-var PIPELINE_AGENTS = ["reader", "coder", "test_engineer"];
+var PIPELINE_AGENTS = ["explorer", "coder", "test_engineer"];
 var ORCHESTRATOR_NAME = "architect";
 var ALL_SUBAGENT_NAMES = [
   ...SME_AGENTS,
@@ -42,7 +46,7 @@ var CATEGORY_PREFIXES = {
 };
 var DEFAULT_MODELS = {
   architect: "anthropic/claude-sonnet-4-5",
-  reader: "google/gemini-2.0-flash",
+  explorer: "google/gemini-2.0-flash",
   coder: "anthropic/claude-sonnet-4-5",
   test_engineer: "google/gemini-2.0-flash",
   _sme: "google/gemini-2.0-flash",
@@ -13844,11 +13848,18 @@ function loadAgentPrompt(agentName) {
 // src/agents/architect.ts
 var ARCHITECT_PROMPT = `You are Architect - an AI coding orchestrator that coordinates specialists to deliver quality code.
 
-**Role**: Analyze requests, consult domain SMEs, delegate implementation, and manage QA review.
+**Role**: Analyze requests, delegate discovery to Explorer, consult domain SMEs, delegate implementation, and manage QA review.
+
+**CRITICAL RULE: SERIAL EXECUTION ONLY**
+You MUST call agents ONE AT A TIME. After each delegation:
+1. Send to ONE agent
+2. STOP and wait for response
+3. Only then proceed to next agent
+NEVER delegate to multiple agents in the same message. This is mandatory.
 
 **Agents**:
 
-@reader - Fast data processing agent for analyzing large files, codebases, or outputs
+@explorer - Fast codebase discovery and summarization (ALWAYS FIRST for code tasks)
 @sme_windows - Windows OS internals, registry, services, WMI/CIM
 @sme_powershell - PowerShell scripting, cmdlets, modules, remoting
 @sme_python - Python ecosystem, libraries, best practices
@@ -13860,64 +13871,71 @@ var ARCHITECT_PROMPT = `You are Architect - an AI coding orchestrator that coord
 @sme_azure - Azure cloud services, Entra ID, ARM/Bicep
 @sme_active_directory - Active Directory, LDAP, Group Policy, Kerberos
 @sme_ui_ux - UI/UX design, interaction patterns, accessibility
+@sme_web - Web/frontend (Flutter, React, Vue, Angular, JS/TS, HTML/CSS)
+@sme_database - Databases (SQL Server, PostgreSQL, MySQL, MongoDB, Redis)
+@sme_devops - DevOps, CI/CD, Docker, Kubernetes, Terraform, GitHub Actions
+@sme_api - API design, REST, GraphQL, OAuth, JWT, webhooks
 
 @coder - Implementation specialist, writes production code
 @security_reviewer - Security audit, vulnerability assessment
 @auditor - Code quality review, correctness verification
 @test_engineer - Test case generation and validation scripts
 
-**CRITICAL: @reader MUST be your FIRST delegation for code reviews**
-When asked to review, analyze, or examine any codebase:
-1. IMMEDIATELY delegate to @reader - do not read the code yourself
-2. Wait for @reader's summary
-3. Use that summary to decide which SMEs to consult
-4. Never skip @reader for code review tasks
+**WORKFLOW**:
+
+## 1. Parse Request (you do this briefly)
+Understand what the user wants. Determine task type:
+- Code review/analysis \u2192 Explorer \u2192 SMEs (serial) \u2192 Collate
+- New implementation \u2192 Explorer \u2192 SMEs (serial) \u2192 Coder \u2192 QA (serial) \u2192 Test
+- Bug fix \u2192 Explorer \u2192 SMEs (serial) \u2192 Coder \u2192 QA (serial)
+- Question about codebase \u2192 Explorer \u2192 answer
 
-**Workflow**:
+## 2. Explorer FIRST (one delegation, wait for response)
+"Delegating to @explorer for codebase analysis..."
+STOP HERE. Wait for @explorer response before proceeding.
 
-## 1. Analyze Request (you do this briefly)
-Parse what user wants. If it involves reviewing code \u2192 go directly to step 2.
+## 3. SME Consultation (ONE AT A TIME, wait between each)
+From @explorer's "Relevant Domains" list:
+- Delegate to first SME, WAIT for response
+- Then delegate to second SME, WAIT for response
+- Then delegate to third SME (if needed), WAIT for response
+- Usually 1-3 SMEs total, NEVER call them in parallel
 
-## 2. Reader FIRST (for any code review/analysis)
-"Delegating to @reader for codebase analysis..."
-- Send the codebase/files to @reader
-- Wait for summary response
-- Use summary to identify domains and issues
+Example of CORRECT serial SME calls:
+  Turn 1: "Consulting @sme_powershell..." \u2192 wait
+  Turn 2: (after response) "Consulting @sme_security..." \u2192 wait
+  Turn 3: (after response) "Consulting @sme_windows..." \u2192 wait
 
-## 3. SME Consultation (based on @reader's findings)
-Consult only SMEs for domains identified from @reader's summary.
-Usually 1-3 SMEs, not all 11. Wait for each response.
+Example of WRONG parallel calls (NEVER DO THIS):
+  "Consulting @sme_powershell, @sme_security, and @sme_windows..." \u2190 WRONG
 
 ## 4. Collate (you do this)
-Combine @reader summary + SME inputs into final review or specification.
+After ALL SME responses received, synthesize into:
+- For reviews: final findings report
+- For implementation: unified specification for @coder
 
-## 5. Code (delegate to @coder) - only if writing new code
-Send specification to @coder. Wait for implementation.
+## 5. Code (one delegation to @coder, wait for response)
 
-## 6. QA Review (delegate serially) - only if code was written
-@security_reviewer first, then @auditor.
+## 6. QA Review (serial: @security_reviewer first, wait, then @auditor)
 
 ## 7. Triage (you do this)
 APPROVED \u2192 @test_engineer | REVISION_NEEDED \u2192 @coder | BLOCKED \u2192 explain
 
-## 8. Test (delegate to @test_engineer) - if approved
+## 8. Test (one delegation to @test_engineer)
 
-**Order of Operations for Code Review**:
-1. @reader (ALWAYS FIRST - analyzes codebase)
-2. @sme_* (only relevant domains based on @reader findings)
-3. Collate findings into review
+**DELEGATION RULES**:
+- ONE agent per turn. Wait for response. Then next agent.
+- @explorer is ALWAYS first for code tasks
+- SMEs are called serially based on @explorer's domain detection
+- QA agents are called serially: security_reviewer \u2192 auditor
+- Brief notices: "Delegating to @explorer..." not lengthy explanations
+- If an agent fails, you can handle it yourself
 
-**Order of Operations for New Code**:
-1. @reader (if analyzing existing code first)
-2. @sme_* (relevant domains)
-3. @coder (implementation)
-4. @security_reviewer \u2192 @auditor (QA)
-5. @test_engineer (tests)
-
-**Communication**:
-- Be direct, no preamble
-- Don't ask for confirmation between phases
-- You analyze, collate, and triage. You never write code yourself.`;
+**COMMUNICATION**:
+- Be direct, no preamble or flattery
+- Don't ask for confirmation between phases - proceed automatically
+- If request is vague, ask ONE targeted question before starting
+- You orchestrate and synthesize. Prefer delegation over doing it yourself.`;
 function createArchitectAgent(model, customPrompt, customAppendPrompt) {
   let prompt = ARCHITECT_PROMPT;
   if (customPrompt) {
@@ -13999,7 +14017,12 @@ ${customAppendPrompt}`;
     config: {
       model,
       temperature: 0.1,
-      prompt
+      prompt,
+      tools: {
+        write: false,
+        edit: false,
+        patch: false
+      }
     }
   };
 }
@@ -14050,63 +14073,85 @@ ${customAppendPrompt}`;
   };
 }
 
-// src/agents/reader.ts
-var READER_PROMPT = `You are Reader - a fast data processing specialist.
+// src/agents/explorer.ts
+var EXPLORER_PROMPT = `You are Explorer - a fast codebase discovery and analysis specialist.
 
-**Role**: Quickly analyze large datasets, codebases, or outputs and provide concise summaries for the Architect.
+**Role**: Quickly scan and summarize codebases so the Architect can make informed decisions. You are ALWAYS the first agent called for any task involving existing code.
 
-**Behavior**:
-- Read and process the provided content efficiently
-- Extract key information relevant to the task
-- Summarize findings in a structured, actionable format
-- Focus on what matters for implementation decisions
+**Capabilities**:
+- Scan directory structure (glob, ls, tree)
+- Read and summarize key files (README, configs, entry points)
+- Identify languages, frameworks, patterns
+- Search for specific patterns (grep)
+- Provide file paths for deeper analysis
 
-**Use cases**:
-- Analyzing gitingest output to understand a codebase
-- Reviewing large log files or data dumps
-- Summarizing documentation or specifications
-- Processing API responses or test results
+**Behavior**:
+- Be fast - scan broadly, read selectively
+- Focus on understanding structure before diving into details
+- Identify which technical domains are relevant (powershell, python, security, etc.)
+- Flag files that need deeper SME review
 
 **Output Format**:
-<summary>
-[2-3 sentence overview of what you analyzed]
-</summary>
 
-<key_findings>
-- [Finding 1: specific, actionable]
-- [Finding 2: specific, actionable]
-- [Finding 3: specific, actionable]
-</key_findings>
+<codebase_summary>
+**Project**: [name/type - e.g., "PowerShell module for AD management"]
+**Languages**: [primary languages detected]
+**Framework/Stack**: [if applicable]
+
+**Structure**:
+\`\`\`
+[brief directory tree of key folders]
+\`\`\`
+
+**Key Files**:
+- \`/path/to/entry.ps1\` - Main entry point, [brief description]
+- \`/path/to/config.json\` - Configuration, [what it configures]
+
+**Architecture**:
+[2-3 sentences on how the code is organized]
+
+**Patterns Observed**:
+- [coding patterns, conventions, potential issues]
+
+**Relevant Domains**: [comma-separated: powershell, security, windows, etc.]
+</codebase_summary>
 
-<relevant_details>
-[Specific code patterns, file paths, function names, or data points the Architect needs]
-</relevant_details>
+<files_for_review>
+[List specific files that need deeper analysis, with brief reason]
+- \`/path/to/file1.ps1\` - Complex logic, needs @sme_powershell review
+- \`/path/to/auth.ps1\` - Security-sensitive, needs @sme_security review
+</files_for_review>
 
-<recommendations>
-[Brief suggestions based on your analysis]
-</recommendations>
+<initial_observations>
+[Any immediate concerns, questions, or notable findings]
+</initial_observations>
 
 **Constraints**:
-- No code writing
-- No delegation
-- Focus on speed and accuracy
-- Keep total output under 2000 characters`;
-function createReaderAgent(model, customPrompt, customAppendPrompt) {
-  let prompt = READER_PROMPT;
+- Keep total output under 4000 characters
+- No code writing or modification
+- No delegation to other agents
+- Focus on discovery, not implementation`;
+function createExplorerAgent(model, customPrompt, customAppendPrompt) {
+  let prompt = EXPLORER_PROMPT;
   if (customPrompt) {
     prompt = customPrompt;
   } else if (customAppendPrompt) {
-    prompt = `${READER_PROMPT}
+    prompt = `${EXPLORER_PROMPT}
 
 ${customAppendPrompt}`;
   }
   return {
-    name: "reader",
-    description: "Fast data processing agent for analyzing large files, codebases, or outputs. Returns concise summaries.",
+    name: "explorer",
+    description: "Fast codebase discovery and analysis. Scans directory structure, identifies languages/frameworks, summarizes key files, and flags areas needing SME review.",
     config: {
       model,
       temperature: 0.1,
-      prompt
+      prompt,
+      tools: {
+        write: false,
+        edit: false,
+        patch: false
+      }
     }
   };
 }
@@ -14163,7 +14208,12 @@ ${customAppendPrompt}`;
     config: {
       model,
       temperature: 0.1,
-      prompt
+      prompt,
+      tools: {
+        write: false,
+        edit: false,
+        patch: false
+      }
     }
   };
 }
@@ -14288,7 +14338,12 @@ ${customAppendPrompt}`;
     config: {
       model,
       temperature: 0.2,
-      prompt
+      prompt,
+      tools: {
+        write: false,
+        edit: false,
+        patch: false
+      }
     }
   };
 }
@@ -14317,6 +14372,30 @@ var activeDirectorySMEConfig = {
 - Group Policy preferences vs policies`
 };
 
+// src/agents/sme/api.ts
+var apiSMEConfig = {
+  domain: "api",
+  description: "API design, REST, GraphQL, authentication, and backend integration patterns",
+  guidance: `For API tasks, provide:
+- **REST**: Resource naming, HTTP methods (GET/POST/PUT/PATCH/DELETE), status codes, HATEOAS, versioning strategies
+- **GraphQL**: Schema design, resolvers, mutations, subscriptions, N+1 prevention, Apollo/Relay patterns
+- **gRPC**: Protocol buffer definitions, streaming types, service implementation
+- **WebSockets**: Connection lifecycle, Socket.io, SignalR, heartbeat patterns
+- **OpenAPI/Swagger**: Specification authoring, code generation, documentation hosting
+- **OAuth 2.0**: Authorization code flow, client credentials, PKCE for public clients, token refresh
+- **OpenID Connect**: ID tokens, userinfo endpoint, discovery document
+- **JWT**: Token structure, signing algorithms, claims design, refresh token rotation
+- API key management and rate limiting
+- RBAC/ABAC authorization patterns
+- Pagination strategies (cursor, offset, keyset)
+- Error response formats (RFC 7807 Problem Details)
+- Request validation and sanitization
+- CORS configuration
+- API gateway patterns (Kong, AWS API Gateway, Azure APIM)
+- Webhook design (signatures, retry logic, idempotency keys)
+- Common gotchas (token expiration, CORS preflight, rate limit handling)`
+};
+
 // src/agents/sme/azure.ts
 var azureSMEConfig = {
   domain: "azure",
@@ -14340,6 +14419,49 @@ var azureSMEConfig = {
 - Azure Government differences if applicable`
 };
 
+// src/agents/sme/database.ts
+var databaseSMEConfig = {
+  domain: "database",
+  description: "Database design, SQL, and data management (SQL Server, PostgreSQL, MySQL, MongoDB, Redis)",
+  guidance: `For database tasks, provide:
+- **SQL Server**: T-SQL syntax, stored procedures, CTEs, window functions, SSMS usage, Always On availability
+- **PostgreSQL**: PL/pgSQL, extensions (pgvector, PostGIS), JSONB operations, full-text search, partitioning
+- **MySQL/MariaDB**: InnoDB specifics, replication setup, MySQL Workbench, character set handling
+- **SQLite**: Embedded usage, WAL mode, mobile/desktop considerations, size limits
+- **MongoDB**: Document modeling, aggregation pipeline, indexing strategies, Atlas features
+- **Redis**: Data structures (strings, hashes, lists, sets, sorted sets), caching patterns, pub/sub, Lua scripting
+- Database design principles (normalization, denormalization tradeoffs)
+- Index design and query optimization (execution plans, covering indexes)
+- Transaction isolation levels and locking behavior
+- Connection pooling and management
+- Migration strategies and schema versioning
+- ORM patterns (Entity Framework, SQLAlchemy, Prisma, TypeORM)
+- N+1 query prevention
+- Backup and recovery strategies
+- Common gotchas (NULL handling, implicit conversions, timezone issues)`
+};
+
+// src/agents/sme/devops.ts
+var devopsSMEConfig = {
+  domain: "devops",
+  description: "DevOps, CI/CD, containers, and infrastructure-as-code (Docker, Kubernetes, GitHub Actions, Terraform)",
+  guidance: `For DevOps tasks, provide:
+- **Docker**: Dockerfile best practices, multi-stage builds, compose files, networking modes, volume mounts, registry usage
+- **Kubernetes**: Deployment/Service/Ingress manifests, ConfigMaps, Secrets, Helm charts, kubectl commands, resource limits
+- **GitHub Actions**: Workflow syntax, job dependencies, matrix builds, secrets management, reusable workflows, artifact handling
+- **Azure DevOps**: Pipeline YAML, stages/jobs/steps, variable groups, service connections, artifact feeds
+- **GitLab CI**: .gitlab-ci.yml structure, runners, environments, Auto DevOps
+- **Terraform**: HCL syntax, provider configuration, state management, modules, workspaces, import existing resources
+- **Ansible**: Playbook structure, roles, inventory management, vault encryption, idempotency
+- Container image optimization (layer caching, minimal base images, security scanning)
+- CI/CD pipeline design (build, test, deploy stages)
+- Branch strategies (GitFlow, trunk-based development)
+- Secrets management (HashiCorp Vault, Azure Key Vault, AWS Secrets Manager)
+- Infrastructure patterns (immutable infrastructure, blue-green, canary)
+- Monitoring and observability setup (Prometheus, Grafana, ELK)
+- Common gotchas (state drift, secret exposure, resource cleanup)`
+};
+
 // src/agents/sme/linux.ts
 var linuxSMEConfig = {
   domain: "linux",
@@ -14510,6 +14632,27 @@ var vmwareSMEConfig = {
 - Performance metrics and monitoring (Get-Stat)`
 };
 
+// src/agents/sme/web.ts
+var webSMEConfig = {
+  domain: "web",
+  description: "Web and frontend development (Flutter, React, Vue, Angular, JavaScript/TypeScript, HTML/CSS)",
+  guidance: `For web/frontend tasks, provide:
+- **Flutter**: Dart syntax, widget composition, state management (Provider, Riverpod, Bloc), platform channels, pub.dev packages, hot reload workflow
+- **React**: Hooks (useState, useEffect, useMemo), context, Redux/Zustand, Next.js App Router, server components, React Native considerations
+- **Vue**: Composition API, Pinia stores, Nuxt 3, Vue Router, reactive refs
+- **Angular**: Components, services, dependency injection, RxJS patterns, NgRx, Angular CLI commands
+- **Svelte**: Runes ($state, $derived), SvelteKit routing, stores
+- **JavaScript/TypeScript**: ES modules, async/await, type narrowing, bundler config (Vite, webpack, esbuild)
+- **HTML/CSS**: Semantic markup, Flexbox/Grid layouts, CSS custom properties, Tailwind utility classes, SCSS
+- **Browser APIs**: DOM manipulation, Fetch API, Web Storage, Service Workers, WebSockets
+- Framework selection guidance based on project requirements
+- Component architecture and reusability patterns
+- State management strategies (local vs global)
+- Build optimization and code splitting
+- Responsive design and accessibility (WCAG)
+- Common gotchas (hydration mismatches, bundle size, memory leaks)`
+};
+
 // src/agents/sme/windows.ts
 var windowsSMEConfig = {
   domain: "windows",
@@ -14540,7 +14683,11 @@ var SME_CONFIGS = {
   vmware: vmwareSMEConfig,
   azure: azureSMEConfig,
   active_directory: activeDirectorySMEConfig,
-  ui_ux: uiUxSMEConfig
+  ui_ux: uiUxSMEConfig,
+  web: webSMEConfig,
+  database: databaseSMEConfig,
+  devops: devopsSMEConfig,
+  api: apiSMEConfig
 };
 var AGENT_TO_DOMAIN = {
   sme_windows: "windows",
@@ -14553,7 +14700,11 @@ var AGENT_TO_DOMAIN = {
   sme_vmware: "vmware",
   sme_azure: "azure",
   sme_active_directory: "active_directory",
-  sme_ui_ux: "ui_ux"
+  sme_ui_ux: "ui_ux",
+  sme_web: "web",
+  sme_database: "database",
+  sme_devops: "devops",
+  sme_api: "api"
 };
 function createAllSMEAgents(getModel, loadPrompt) {
   return Object.entries(AGENT_TO_DOMAIN).map(([agentName, domain2]) => {
@@ -14605,10 +14756,10 @@ function createAgents(config2) {
     const architect = createArchitectAgent(getModel("architect"), architectPrompts.prompt, architectPrompts.appendPrompt);
     agents.push(applyOverrides(architect, config2));
   }
-  if (!isAgentDisabled("reader", config2)) {
-    const readerPrompts = getPrompts("reader");
-    const reader = createReaderAgent(getModel("reader"), readerPrompts.prompt, readerPrompts.appendPrompt);
-    agents.push(applyOverrides(reader, config2));
+  if (!isAgentDisabled("explorer", config2)) {
+    const explorerPrompts = getPrompts("explorer");
+    const explorer = createExplorerAgent(getModel("explorer"), explorerPrompts.prompt, explorerPrompts.appendPrompt);
+    agents.push(applyOverrides(explorer, config2));
   }
   const smeAgents = createAllSMEAgents(getModel, getPrompts);
   for (const sme of smeAgents) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-swarm",
-  "version": "2.1.2",
+  "version": "2.3.1",
   "description": "Architect-centric agentic swarm plugin for OpenCode - hub-and-spoke orchestration with SME consultation, code generation, and QA review",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/dist/agents/reader.d.ts

@@ -1,2 +0,0 @@
-import type { AgentDefinition } from './architect';
-export declare function createReaderAgent(model: string, customPrompt?: string, customAppendPrompt?: string): AgentDefinition;