opencode-swarm 6.0.1 → 6.1.1

package/README.md

@@ -1,9 +1,9 @@
 <p align="center">
-  <img src="https://img.shields.io/badge/version-6.0.0-blue" alt="Version">
+  <img src="https://img.shields.io/badge/version-6.1.1-blue" alt="Version">
   <img src="https://img.shields.io/badge/license-MIT-green" alt="License">
   <img src="https://img.shields.io/badge/opencode-plugin-purple" alt="OpenCode Plugin">
-  <img src="https://img.shields.io/badge/agents-7-orange" alt="Agents">
-  <img src="https://img.shields.io/badge/tests-1188-brightgreen" alt="Tests">
+  <img src="https://img.shields.io/badge/agents-9-orange" alt="Agents">
+  <img src="https://img.shields.io/badge/tests-1280-brightgreen" alt="Tests">
 </p>
 
 <h1 align="center">🐝 OpenCode Swarm</h1>
@@ -343,6 +343,17 @@ bunx opencode-swarm uninstall --clean
 
 ## What's New
 
+### v6.1.1 — Security Fix & Tech Debt
+- **Security hardening (`_loadedFromFile`)** — Fixed a critical vulnerability where an internal loader flag could be injected via JSON config to bypass guardrails. The flag is now purely internal and no longer part of the public schema.
+- **TOCTOU protection** — Added atomic-style content checks in the config loader to prevent race conditions during file reads.
+- **`retrieve_summary` tool** — Properly registered the retrieval tool, allowing agents to fetch full content from auto-summarized tool outputs.
+- **92 new tests** — 1280 total tests across 57+ files (up from 1188 in v6.0.0).
+
+### v6.1.0 — Docs & Design Agents
+- **`docs` agent** — Dedicated documentation synthesizer that automatically updates READMEs, API docs, and guides during Phase 6.
+- **`designer` agent** — UI/UX specification agent that generates component scaffolds before coding begins on UI-heavy tasks.
+- **Heterogeneous model defaults** — Updated default models for new agents to use optimized Gemini models for speed and cost.
+
 ### v6.0.0 — Core QA & Security Gates
 - **Dual-pass security reviewer** — After the general reviewer APPROVES, the architect automatically triggers a second security-only review pass when the changed file matches security-sensitive paths (`auth`, `crypto`, `session`, `token`, `middleware`, `api`, `security`) or the coder's output contains security keywords. Configurable via `review_passes` config.
 - **Adversarial testing** — After verification tests PASS, the test engineer is re-delegated with adversarial-only framing: attack vectors, boundary violations, and injection attempts. Pure prompt engineering, no new infrastructure.
@@ -411,6 +422,11 @@ All features are opt-in via configuration. See [Installation Guide](docs/install
 |-------|------|
 | `explorer` | Fast codebase scanner. Identifies structure, languages, frameworks, key files. |
 
+### 🎨 Design
+| Agent | Role |
+|-------|------|
+| `designer` | UI/UX specification agent. Generates component scaffolds and design tokens before coding begins on UI-heavy tasks. |
+
 ### 🧠 Domain Expert
 | Agent | Role |
 |-------|------|
@@ -428,6 +444,11 @@ All features are opt-in via configuration. See [Installation Guide](docs/install
 | `reviewer` | Dual-pass review: correctness review first, then automatic security-only pass for security-sensitive files. The architect specifies CHECK dimensions per call. OWASP Top 10 categories built in. |
 | `critic` | Plan review gate. Reviews the architect's plan BEFORE implementation — checks completeness, feasibility, scope, dependencies, and flags AI-slop. |
 
+### 📝 Documentation
+| Agent | Role |
+|-------|------|
+| `docs` | Documentation synthesizer. Automatically updates READMEs, API docs, and guides based on implementation changes during Phase 6. |
+
 ---
 
 ## Slash Commands
@@ -462,7 +483,9 @@ Create `~/.config/opencode/opencode-swarm.json`:
     "sme": { "model": "google/gemini-2.0-flash" },
     "reviewer": { "model": "openai/gpt-4o" },
     "critic": { "model": "google/gemini-2.0-flash" },
-    "test_engineer": { "model": "google/gemini-2.0-flash" }
+    "test_engineer": { "model": "google/gemini-2.0-flash" },
+    "docs": { "model": "google/gemini-2.0-flash" },
+    "designer": { "model": "google/gemini-2.0-flash" }
   }
 }
 ```
@@ -630,7 +653,7 @@ bun test
 bun test tests/unit/config/schema.test.ts
 ```
 
-1188 tests across 53+ files covering config, tools, agents, hooks, commands, state, guardrails, evidence, plan schemas, circuit breaker race conditions, invocation windows, multi-invocation isolation, security categories, review/integration schemas, and diff tool. Uses Bun's built-in test runner — zero additional test dependencies.
+1280 tests across 57+ files covering config, tools, agents, hooks, commands, state, guardrails, evidence, plan schemas, circuit breaker race conditions, invocation windows, multi-invocation isolation, security categories, review/integration schemas, and diff tool. Uses Bun's built-in test runner — zero additional test dependencies.
 
 ## Troubleshooting
 

package/dist/agents/designer.d.ts

@@ -0,0 +1,2 @@
+import type { AgentDefinition } from './architect';
+export declare function createDesignerAgent(model: string, customPrompt?: string, customAppendPrompt?: string): AgentDefinition;

package/dist/agents/docs.d.ts

@@ -0,0 +1,2 @@
+import type { AgentDefinition } from './architect';
+export declare function createDocsAgent(model: string, customPrompt?: string, customAppendPrompt?: string): AgentDefinition;

package/dist/agents/index.d.ts

@@ -19,6 +19,8 @@ export declare function getAgentConfigs(config?: PluginConfig): Record<string, S
 export { createArchitectAgent } from './architect';
 export { createCoderAgent } from './coder';
 export { createCriticAgent } from './critic';
+export { createDesignerAgent } from './designer';
+export { createDocsAgent } from './docs';
 export { createExplorerAgent } from './explorer';
 export { createReviewerAgent, SECURITY_CATEGORIES, type SecurityCategory, } from './reviewer';
 export { createSMEAgent } from './sme';

package/dist/config/constants.d.ts

@@ -1,8 +1,8 @@
 export declare const QA_AGENTS: readonly ["reviewer", "critic"];
 export declare const PIPELINE_AGENTS: readonly ["explorer", "coder", "test_engineer"];
 export declare const ORCHESTRATOR_NAME: "architect";
-export declare const ALL_SUBAGENT_NAMES: readonly ["sme", "reviewer", "critic", "explorer", "coder", "test_engineer"];
-export declare const ALL_AGENT_NAMES: readonly ["architect", "sme", "reviewer", "critic", "explorer", "coder", "test_engineer"];
+export declare const ALL_SUBAGENT_NAMES: readonly ["sme", "docs", "designer", "reviewer", "critic", "explorer", "coder", "test_engineer"];
+export declare const ALL_AGENT_NAMES: readonly ["architect", "sme", "docs", "designer", "reviewer", "critic", "explorer", "coder", "test_engineer"];
 export type QAAgentName = (typeof QA_AGENTS)[number];
 export type PipelineAgentName = (typeof PIPELINE_AGENTS)[number];
 export type AgentName = (typeof ALL_AGENT_NAMES)[number];

package/dist/config/evidence-schema.d.ts

@@ -55,8 +55,8 @@ export declare const ReviewEvidenceSchema: z.ZodObject<{
     metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
     type: z.ZodLiteral<"review">;
     risk: z.ZodEnum<{
-        medium: "medium";
         low: "low";
+        medium: "medium";
         high: "high";
         critical: "critical";
     }>;
@@ -162,8 +162,8 @@ export declare const EvidenceSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
     metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
     type: z.ZodLiteral<"review">;
     risk: z.ZodEnum<{
-        medium: "medium";
         low: "low";
+        medium: "medium";
         high: "high";
         critical: "critical";
     }>;
@@ -264,8 +264,8 @@ export declare const EvidenceBundleSchema: z.ZodObject<{
         metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
         type: z.ZodLiteral<"review">;
         risk: z.ZodEnum<{
-            medium: "medium";
             low: "low";
+            medium: "medium";
             high: "high";
             critical: "critical";
         }>;

package/dist/config/index.d.ts

@@ -1,9 +1,9 @@
 export type { AgentName, PipelineAgentName, QAAgentName, } from './constants';
 export { ALL_AGENT_NAMES, ALL_SUBAGENT_NAMES, DEFAULT_MODELS, isQAAgent, isSubagent, ORCHESTRATOR_NAME, PIPELINE_AGENTS, QA_AGENTS, } from './constants';
-export { loadAgentPrompt, loadPluginConfig, } from './loader';
-export type { MigrationStatus, Phase, PhaseStatus, Plan, Task, TaskSize, TaskStatus, } from './plan-schema';
-export { MigrationStatusSchema, PhaseSchema, PhaseStatusSchema, PlanSchema, TaskSchema, TaskSizeSchema, TaskStatusSchema, } from './plan-schema';
 export type { ApprovalEvidence, BaseEvidence, DiffEvidence, Evidence, EvidenceBundle, EvidenceType, EvidenceVerdict, NoteEvidence, ReviewEvidence, TestEvidence, } from './evidence-schema';
 export { ApprovalEvidenceSchema, BaseEvidenceSchema, DiffEvidenceSchema, EVIDENCE_MAX_JSON_BYTES, EVIDENCE_MAX_PATCH_BYTES, EVIDENCE_MAX_TASK_BYTES, EvidenceBundleSchema, EvidenceSchema, EvidenceTypeSchema, EvidenceVerdictSchema, NoteEvidenceSchema, ReviewEvidenceSchema, TestEvidenceSchema, } from './evidence-schema';
+export { loadAgentPrompt, loadPluginConfig, loadPluginConfigWithMeta, } from './loader';
+export type { MigrationStatus, Phase, PhaseStatus, Plan, Task, TaskSize, TaskStatus, } from './plan-schema';
+export { MigrationStatusSchema, PhaseSchema, PhaseStatusSchema, PlanSchema, TaskSchema, TaskSizeSchema, TaskStatusSchema, } from './plan-schema';
 export type { AgentOverrideConfig, PluginConfig, SwarmConfig, } from './schema';
 export { AgentOverrideConfigSchema, PluginConfigSchema, SwarmConfigSchema, } from './schema';

package/dist/config/loader.d.ts

@@ -1,10 +1,6 @@
 import { type PluginConfig } from './schema';
 export declare const MAX_CONFIG_FILE_BYTES = 102400;
-export declare const MAX_MERGE_DEPTH = 10;
-/**
- * Deep merge two objects, with override values taking precedence.
- */
-export declare function deepMerge<T extends Record<string, unknown>>(base?: T, override?: T): T | undefined;
+export { deepMerge, MAX_MERGE_DEPTH } from '../utils/merge';
 /**
  * Load plugin configuration from user and project config files.
  *
@@ -17,6 +13,15 @@ export declare function deepMerge<T extends Record<string, unknown>>(base?: T, o
  * Zod defaults don't override explicit user values.
  */
 export declare function loadPluginConfig(directory: string): PluginConfig;
+/**
+ * Internal variant of loadPluginConfig that also returns loader metadata.
+ * Used only by src/index.ts to determine guardrails fallback behavior.
+ * NOT part of the public API — use loadPluginConfig() for all other callers.
+ */
+export declare function loadPluginConfigWithMeta(directory: string): {
+    config: PluginConfig;
+    loadedFromFile: boolean;
+};
 /**
  * Load custom prompt for an agent from the prompts directory.
  * Checks for {agent}.md (replaces default) and {agent}_append.md (appends).

package/dist/config/plan-schema.d.ts

@@ -7,8 +7,8 @@ export declare const TaskStatusSchema: z.ZodEnum<{
 }>;
 export type TaskStatus = z.infer<typeof TaskStatusSchema>;
 export declare const TaskSizeSchema: z.ZodEnum<{
-    small: "small";
     medium: "medium";
+    small: "small";
     large: "large";
 }>;
 export type TaskSize = z.infer<typeof TaskSizeSchema>;
@@ -35,8 +35,8 @@ export declare const TaskSchema: z.ZodObject<{
         blocked: "blocked";
     }>>;
     size: z.ZodDefault<z.ZodEnum<{
-        small: "small";
         medium: "medium";
+        small: "small";
         large: "large";
     }>>;
     description: z.ZodString;
@@ -66,8 +66,8 @@ export declare const PhaseSchema: z.ZodObject<{
             blocked: "blocked";
         }>>;
         size: z.ZodDefault<z.ZodEnum<{
-            small: "small";
             medium: "medium";
+            small: "small";
             large: "large";
         }>>;
         description: z.ZodString;
@@ -103,8 +103,8 @@ export declare const PlanSchema: z.ZodObject<{
                 blocked: "blocked";
             }>>;
             size: z.ZodDefault<z.ZodEnum<{
-                small: "small";
                 medium: "medium";
+                small: "small";
                 large: "large";
             }>>;
             description: z.ZodString;

package/dist/config/schema.d.ts

@@ -137,6 +137,17 @@ export declare const IntegrationAnalysisConfigSchema: z.ZodObject<{
     enabled: z.ZodDefault<z.ZodBoolean>;
 }, z.core.$strip>;
 export type IntegrationAnalysisConfig = z.infer<typeof IntegrationAnalysisConfigSchema>;
+export declare const DocsConfigSchema: z.ZodObject<{
+    enabled: z.ZodDefault<z.ZodBoolean>;
+    doc_patterns: z.ZodDefault<z.ZodArray<z.ZodString>>;
+}, z.core.$strip>;
+export type DocsConfig = z.infer<typeof DocsConfigSchema>;
+export declare const UIReviewConfigSchema: z.ZodObject<{
+    enabled: z.ZodDefault<z.ZodBoolean>;
+    trigger_paths: z.ZodDefault<z.ZodArray<z.ZodString>>;
+    trigger_keywords: z.ZodDefault<z.ZodArray<z.ZodString>>;
+}, z.core.$strip>;
+export type UIReviewConfig = z.infer<typeof UIReviewConfigSchema>;
 export declare const GuardrailsProfileSchema: z.ZodObject<{
     max_tool_calls: z.ZodOptional<z.ZodNumber>;
     max_duration_minutes: z.ZodOptional<z.ZodNumber>;
@@ -298,7 +309,15 @@ export declare const PluginConfigSchema: z.ZodObject<{
     integration_analysis: z.ZodOptional<z.ZodObject<{
         enabled: z.ZodDefault<z.ZodBoolean>;
     }, z.core.$strip>>;
-    _loadedFromFile: z.ZodDefault<z.ZodBoolean>;
+    docs: z.ZodOptional<z.ZodObject<{
+        enabled: z.ZodDefault<z.ZodBoolean>;
+        doc_patterns: z.ZodDefault<z.ZodArray<z.ZodString>>;
+    }, z.core.$strip>>;
+    ui_review: z.ZodOptional<z.ZodObject<{
+        enabled: z.ZodDefault<z.ZodBoolean>;
+        trigger_paths: z.ZodDefault<z.ZodArray<z.ZodString>>;
+        trigger_keywords: z.ZodDefault<z.ZodArray<z.ZodString>>;
+    }, z.core.$strip>>;
 }, z.core.$strip>;
 export type PluginConfig = z.infer<typeof PluginConfigSchema>;
 export type { AgentName, PipelineAgentName, QAAgentName, } from './constants';

package/dist/index.js

@@ -26,11 +26,83 @@ var __export = (target, all) => {
 };
 var __require = import.meta.require;
 
-// src/config/loader.ts
-import * as fs from "fs";
-import * as os from "os";
-import * as path from "path";
+// src/utils/merge.ts
+var MAX_MERGE_DEPTH = 10;
+function deepMergeInternal(base, override, depth) {
+  if (depth >= MAX_MERGE_DEPTH) {
+    throw new Error(`deepMerge exceeded maximum depth of ${MAX_MERGE_DEPTH}`);
+  }
+  const result = { ...base };
+  for (const key of Object.keys(override)) {
+    const baseVal = base[key];
+    const overrideVal = override[key];
+    if (typeof baseVal === "object" && baseVal !== null && typeof overrideVal === "object" && overrideVal !== null && !Array.isArray(baseVal) && !Array.isArray(overrideVal)) {
+      result[key] = deepMergeInternal(baseVal, overrideVal, depth + 1);
+    } else {
+      result[key] = overrideVal;
+    }
+  }
+  return result;
+}
+function deepMerge(base, override) {
+  if (!base)
+    return override;
+  if (!override)
+    return base;
+  return deepMergeInternal(base, override, 0);
+}
 
+// src/config/constants.ts
+var QA_AGENTS = ["reviewer", "critic"];
+var PIPELINE_AGENTS = ["explorer", "coder", "test_engineer"];
+var ORCHESTRATOR_NAME = "architect";
+var ALL_SUBAGENT_NAMES = [
+  "sme",
+  "docs",
+  "designer",
+  ...QA_AGENTS,
+  ...PIPELINE_AGENTS
+];
+var ALL_AGENT_NAMES = [
+  ORCHESTRATOR_NAME,
+  ...ALL_SUBAGENT_NAMES
+];
+var DEFAULT_MODELS = {
+  architect: "anthropic/claude-sonnet-4-5",
+  explorer: "google/gemini-2.0-flash",
+  coder: "anthropic/claude-sonnet-4-5",
+  test_engineer: "google/gemini-2.0-flash",
+  sme: "google/gemini-2.0-flash",
+  reviewer: "google/gemini-2.0-flash",
+  critic: "google/gemini-2.0-flash",
+  docs: "google/gemini-2.0-flash",
+  designer: "google/gemini-2.0-flash",
+  default: "google/gemini-2.0-flash"
+};
+var DEFAULT_SCORING_CONFIG = {
+  enabled: false,
+  max_candidates: 100,
+  weights: {
+    phase: 1,
+    current_task: 2,
+    blocked_task: 1.5,
+    recent_failure: 2.5,
+    recent_success: 0.5,
+    evidence_presence: 1,
+    decision_recency: 1.5,
+    dependency_proximity: 1
+  },
+  decision_decay: {
+    mode: "exponential",
+    half_life_hours: 24
+  },
+  token_ratios: {
+    prose: 0.25,
+    code: 0.4,
+    markdown: 0.3,
+    json: 0.35
+  }
+};
 // node_modules/zod/v4/classic/external.js
 var exports_external = {};
 __export(exports_external, {
@@ -13563,6 +13635,85 @@ function date4(params) {
 
 // node_modules/zod/v4/classic/external.js
 config(en_default());
+// src/config/evidence-schema.ts
+var EVIDENCE_MAX_JSON_BYTES = 500 * 1024;
+var EVIDENCE_MAX_PATCH_BYTES = 5 * 1024 * 1024;
+var EVIDENCE_MAX_TASK_BYTES = 20 * 1024 * 1024;
+var EvidenceTypeSchema = exports_external.enum([
+  "review",
+  "test",
+  "diff",
+  "approval",
+  "note"
+]);
+var EvidenceVerdictSchema = exports_external.enum([
+  "pass",
+  "fail",
+  "approved",
+  "rejected",
+  "info"
+]);
+var BaseEvidenceSchema = exports_external.object({
+  task_id: exports_external.string().min(1),
+  type: EvidenceTypeSchema,
+  timestamp: exports_external.string().datetime(),
+  agent: exports_external.string().min(1),
+  verdict: EvidenceVerdictSchema,
+  summary: exports_external.string().min(1),
+  metadata: exports_external.record(exports_external.string(), exports_external.unknown()).optional()
+});
+var ReviewEvidenceSchema = BaseEvidenceSchema.extend({
+  type: exports_external.literal("review"),
+  risk: exports_external.enum(["low", "medium", "high", "critical"]),
+  issues: exports_external.array(exports_external.object({
+    severity: exports_external.enum(["error", "warning", "info"]),
+    message: exports_external.string().min(1),
+    file: exports_external.string().optional(),
+    line: exports_external.number().int().optional()
+  })).default([])
+});
+var TestEvidenceSchema = BaseEvidenceSchema.extend({
+  type: exports_external.literal("test"),
+  tests_passed: exports_external.number().int().min(0),
+  tests_failed: exports_external.number().int().min(0),
+  test_file: exports_external.string().optional(),
+  failures: exports_external.array(exports_external.object({
+    name: exports_external.string().min(1),
+    message: exports_external.string().min(1)
+  })).default([])
+});
+var DiffEvidenceSchema = BaseEvidenceSchema.extend({
+  type: exports_external.literal("diff"),
+  files_changed: exports_external.array(exports_external.string()).default([]),
+  additions: exports_external.number().int().min(0).default(0),
+  deletions: exports_external.number().int().min(0).default(0),
+  patch_path: exports_external.string().optional()
+});
+var ApprovalEvidenceSchema = BaseEvidenceSchema.extend({
+  type: exports_external.literal("approval")
+});
+var NoteEvidenceSchema = BaseEvidenceSchema.extend({
+  type: exports_external.literal("note")
+});
+var EvidenceSchema = exports_external.discriminatedUnion("type", [
+  ReviewEvidenceSchema,
+  TestEvidenceSchema,
+  DiffEvidenceSchema,
+  ApprovalEvidenceSchema,
+  NoteEvidenceSchema
+]);
+var EvidenceBundleSchema = exports_external.object({
+  schema_version: exports_external.literal("1.0.0"),
+  task_id: exports_external.string().min(1),
+  entries: exports_external.array(EvidenceSchema).default([]),
+  created_at: exports_external.string().datetime(),
+  updated_at: exports_external.string().datetime()
+});
+// src/config/loader.ts
+import * as fs from "fs";
+import * as os from "os";
+import * as path from "path";
+
 // src/config/schema.ts
 var AgentOverrideConfigSchema = exports_external.object({
   model: exports_external.string().optional(),
@@ -13645,6 +13796,46 @@ var ReviewPassesConfigSchema = exports_external.object({
 var IntegrationAnalysisConfigSchema = exports_external.object({
   enabled: exports_external.boolean().default(true)
 });
+var DocsConfigSchema = exports_external.object({
+  enabled: exports_external.boolean().default(true),
+  doc_patterns: exports_external.array(exports_external.string()).default([
+    "README.md",
+    "CONTRIBUTING.md",
+    "docs/**/*.md",
+    "docs/**/*.rst",
+    "**/CHANGELOG.md"
+  ])
+});
+var UIReviewConfigSchema = exports_external.object({
+  enabled: exports_external.boolean().default(false),
+  trigger_paths: exports_external.array(exports_external.string()).default([
+    "**/pages/**",
+    "**/components/**",
+    "**/views/**",
+    "**/screens/**",
+    "**/ui/**",
+    "**/layouts/**"
+  ]),
+  trigger_keywords: exports_external.array(exports_external.string()).default([
+    "new page",
+    "new screen",
+    "new component",
+    "redesign",
+    "layout change",
+    "form",
+    "modal",
+    "dialog",
+    "dropdown",
+    "sidebar",
+    "navbar",
+    "dashboard",
+    "landing page",
+    "signup",
+    "login form",
+    "settings page",
+    "profile page"
+  ])
+});
 var GuardrailsProfileSchema = exports_external.object({
   max_tool_calls: exports_external.number().min(0).max(1000).optional(),
   max_duration_minutes: exports_external.number().min(0).max(480).optional(),
@@ -13689,6 +13880,16 @@ var DEFAULT_AGENT_PROFILES = {
     max_tool_calls: 200,
     max_duration_minutes: 30,
     warning_threshold: 0.65
+  },
+  docs: {
+    max_tool_calls: 200,
+    max_duration_minutes: 30,
+    warning_threshold: 0.75
+  },
+  designer: {
+    max_tool_calls: 150,
+    max_duration_minutes: 20,
+    warning_threshold: 0.75
   }
 };
 var DEFAULT_ARCHITECT_PROFILE = DEFAULT_AGENT_PROFILES.architect;
@@ -13747,7 +13948,8 @@ var PluginConfigSchema = exports_external.object({
   summaries: SummaryConfigSchema.optional(),
   review_passes: ReviewPassesConfigSchema.optional(),
   integration_analysis: IntegrationAnalysisConfigSchema.optional(),
-  _loadedFromFile: exports_external.boolean().default(false)
+  docs: DocsConfigSchema.optional(),
+  ui_review: UIReviewConfigSchema.optional()
 });
 
 // src/config/loader.ts
@@ -13766,6 +13968,11 @@ function loadRawConfigFromPath(configPath) {
       return null;
     }
     const content = fs.readFileSync(configPath, "utf-8");
+    if (content.length > MAX_CONFIG_FILE_BYTES) {
+      console.warn(`[opencode-swarm] Config file too large after read (max 100 KB): ${configPath}`);
+      console.warn("[opencode-swarm] \u26A0\uFE0F Guardrails will be DISABLED as a safety precaution. Fix the config file to restore normal operation.");
+      return null;
+    }
     const rawConfig = JSON.parse(content);
     if (typeof rawConfig !== "object" || rawConfig === null || Array.isArray(rawConfig)) {
       console.warn(`[opencode-swarm] Invalid config at ${configPath}: expected an object`);
@@ -13781,23 +13988,6 @@ function loadRawConfigFromPath(configPath) {
     return null;
   }
 }
-var MAX_MERGE_DEPTH = 10;
-function deepMergeInternal(base, override, depth) {
-  if (depth >= MAX_MERGE_DEPTH) {
-    throw new Error(`deepMerge exceeded maximum depth of ${MAX_MERGE_DEPTH}`);
-  }
-  const result = { ...base };
-  for (const key of Object.keys(override)) {
-    const baseVal = base[key];
-    const overrideVal = override[key];
-    if (typeof baseVal === "object" && baseVal !== null && typeof overrideVal === "object" && overrideVal !== null && !Array.isArray(baseVal) && !Array.isArray(overrideVal)) {
-      result[key] = deepMergeInternal(baseVal, overrideVal, depth + 1);
-    } else {
-      result[key] = overrideVal;
-    }
-  }
-  return result;
-}
 function loadPluginConfig(directory) {
   const userConfigPath = path.join(getUserConfigDir(), "opencode", CONFIG_FILENAME);
   const projectConfigPath = path.join(directory, ".opencode", CONFIG_FILENAME);
@@ -13806,7 +13996,7 @@ function loadPluginConfig(directory) {
   const loadedFromFile = rawUserConfig !== null || rawProjectConfig !== null;
   let mergedRaw = rawUserConfig ?? {};
   if (rawProjectConfig) {
-    mergedRaw = deepMergeInternal(mergedRaw, rawProjectConfig, 0);
+    mergedRaw = deepMerge(mergedRaw, rawProjectConfig);
   }
   const result = PluginConfigSchema.safeParse(mergedRaw);
   if (!result.success) {
@@ -13814,20 +14004,24 @@ function loadPluginConfig(directory) {
       const userResult = PluginConfigSchema.safeParse(rawUserConfig);
       if (userResult.success) {
         console.warn("[opencode-swarm] Project config ignored due to validation errors. Using user config.");
-        return { ...userResult.data, _loadedFromFile: true };
+        return userResult.data;
       }
     }
     console.warn("[opencode-swarm] Merged config validation failed:");
     console.warn(result.error.format());
     console.warn("[opencode-swarm] \u26A0\uFE0F Guardrails will be DISABLED as a safety precaution. Fix the config file to restore normal operation.");
-    return {
-      max_iterations: 5,
-      qa_retry_limit: 3,
-      inject_phase_reminders: true,
-      _loadedFromFile: false
-    };
+    return PluginConfigSchema.parse({});
   }
-  return { ...result.data, _loadedFromFile: loadedFromFile };
+  return result.data;
+}
+function loadPluginConfigWithMeta(directory) {
+  const userConfigPath = path.join(getUserConfigDir(), "opencode", CONFIG_FILENAME);
+  const projectConfigPath = path.join(directory, ".opencode", CONFIG_FILENAME);
+  const rawUserConfig = loadRawConfigFromPath(userConfigPath);
+  const rawProjectConfig = loadRawConfigFromPath(projectConfigPath);
+  const loadedFromFile = rawUserConfig !== null || rawProjectConfig !== null;
+  const config2 = loadPluginConfig(directory);
+  return { config: config2, loadedFromFile };
 }
 function loadAgentPrompt(agentName) {
   const promptsDir = path.join(getUserConfigDir(), "opencode", PROMPTS_DIR_NAME);
@@ -13850,54 +14044,6 @@ function loadAgentPrompt(agentName) {
   }
   return result;
 }
-
-// src/config/constants.ts
-var QA_AGENTS = ["reviewer", "critic"];
-var PIPELINE_AGENTS = ["explorer", "coder", "test_engineer"];
-var ORCHESTRATOR_NAME = "architect";
-var ALL_SUBAGENT_NAMES = [
-  "sme",
-  ...QA_AGENTS,
-  ...PIPELINE_AGENTS
-];
-var ALL_AGENT_NAMES = [
-  ORCHESTRATOR_NAME,
-  ...ALL_SUBAGENT_NAMES
-];
-var DEFAULT_MODELS = {
-  architect: "anthropic/claude-sonnet-4-5",
-  explorer: "google/gemini-2.0-flash",
-  coder: "anthropic/claude-sonnet-4-5",
-  test_engineer: "google/gemini-2.0-flash",
-  sme: "google/gemini-2.0-flash",
-  reviewer: "google/gemini-2.0-flash",
-  critic: "google/gemini-2.0-flash",
-  default: "google/gemini-2.0-flash"
-};
-var DEFAULT_SCORING_CONFIG = {
-  enabled: false,
-  max_candidates: 100,
-  weights: {
-    phase: 1,
-    current_task: 2,
-    blocked_task: 1.5,
-    recent_failure: 2.5,
-    recent_success: 0.5,
-    evidence_presence: 1,
-    decision_recency: 1.5,
-    dependency_proximity: 1
-  },
-  decision_decay: {
-    mode: "exponential",
-    half_life_hours: 24
-  },
-  token_ratios: {
-    prose: 0.25,
-    code: 0.4,
-    markdown: 0.3,
-    json: 0.35
-  }
-};
 // src/config/plan-schema.ts
 var TaskStatusSchema = exports_external.enum([
   "pending",
@@ -13943,87 +14089,13 @@ var PlanSchema = exports_external.object({
   phases: exports_external.array(PhaseSchema).min(1),
   migration_status: MigrationStatusSchema.optional()
 });
-// src/config/evidence-schema.ts
-var EVIDENCE_MAX_JSON_BYTES = 500 * 1024;
-var EVIDENCE_MAX_PATCH_BYTES = 5 * 1024 * 1024;
-var EVIDENCE_MAX_TASK_BYTES = 20 * 1024 * 1024;
-var EvidenceTypeSchema = exports_external.enum([
-  "review",
-  "test",
-  "diff",
-  "approval",
-  "note"
-]);
-var EvidenceVerdictSchema = exports_external.enum([
-  "pass",
-  "fail",
-  "approved",
-  "rejected",
-  "info"
-]);
-var BaseEvidenceSchema = exports_external.object({
-  task_id: exports_external.string().min(1),
-  type: EvidenceTypeSchema,
-  timestamp: exports_external.string().datetime(),
-  agent: exports_external.string().min(1),
-  verdict: EvidenceVerdictSchema,
-  summary: exports_external.string().min(1),
-  metadata: exports_external.record(exports_external.string(), exports_external.unknown()).optional()
-});
-var ReviewEvidenceSchema = BaseEvidenceSchema.extend({
-  type: exports_external.literal("review"),
-  risk: exports_external.enum(["low", "medium", "high", "critical"]),
-  issues: exports_external.array(exports_external.object({
-    severity: exports_external.enum(["error", "warning", "info"]),
-    message: exports_external.string().min(1),
-    file: exports_external.string().optional(),
-    line: exports_external.number().int().optional()
-  })).default([])
-});
-var TestEvidenceSchema = BaseEvidenceSchema.extend({
-  type: exports_external.literal("test"),
-  tests_passed: exports_external.number().int().min(0),
-  tests_failed: exports_external.number().int().min(0),
-  test_file: exports_external.string().optional(),
-  failures: exports_external.array(exports_external.object({
-    name: exports_external.string().min(1),
-    message: exports_external.string().min(1)
-  })).default([])
-});
-var DiffEvidenceSchema = BaseEvidenceSchema.extend({
-  type: exports_external.literal("diff"),
-  files_changed: exports_external.array(exports_external.string()).default([]),
-  additions: exports_external.number().int().min(0).default(0),
-  deletions: exports_external.number().int().min(0).default(0),
-  patch_path: exports_external.string().optional()
-});
-var ApprovalEvidenceSchema = BaseEvidenceSchema.extend({
-  type: exports_external.literal("approval")
-});
-var NoteEvidenceSchema = BaseEvidenceSchema.extend({
-  type: exports_external.literal("note")
-});
-var EvidenceSchema = exports_external.discriminatedUnion("type", [
-  ReviewEvidenceSchema,
-  TestEvidenceSchema,
-  DiffEvidenceSchema,
-  ApprovalEvidenceSchema,
-  NoteEvidenceSchema
-]);
-var EvidenceBundleSchema = exports_external.object({
-  schema_version: exports_external.literal("1.0.0"),
-  task_id: exports_external.string().min(1),
-  entries: exports_external.array(EvidenceSchema).default([]),
-  created_at: exports_external.string().datetime(),
-  updated_at: exports_external.string().datetime()
-});
 // src/agents/architect.ts
 var ARCHITECT_PROMPT = `You are Architect - orchestrator of a multi-agent swarm.
 
 ## IDENTITY
 
 Swarm: {{SWARM_ID}}
-Your agents: {{AGENT_PREFIX}}explorer, {{AGENT_PREFIX}}sme, {{AGENT_PREFIX}}coder, {{AGENT_PREFIX}}reviewer, {{AGENT_PREFIX}}critic, {{AGENT_PREFIX}}test_engineer
+Your agents: {{AGENT_PREFIX}}explorer, {{AGENT_PREFIX}}sme, {{AGENT_PREFIX}}coder, {{AGENT_PREFIX}}reviewer, {{AGENT_PREFIX}}critic, {{AGENT_PREFIX}}test_engineer, {{AGENT_PREFIX}}docs, {{AGENT_PREFIX}}designer
 
 ## ROLE
 
@@ -14053,6 +14125,11 @@ You THINK. Subagents DO. You have the largest context window and strongest reaso
    - Delegate {{AGENT_PREFIX}}test_engineer for verification tests. FAIL \u2192 return to coder.
    - Delegate {{AGENT_PREFIX}}test_engineer for adversarial tests (attack vectors only). FAIL \u2192 return to coder.
    - All pass \u2192 mark task complete, proceed to next task.
+9. **UI/UX DESIGN GATE**: Before delegating UI tasks to {{AGENT_PREFIX}}coder, check if the task involves UI components. Trigger conditions (ANY match):
+   - Task description contains UI keywords: new page, new screen, new component, redesign, layout change, form, modal, dialog, dropdown, sidebar, navbar, dashboard, landing page, signup, login form, settings page, profile page
+   - Target file is in: pages/, components/, views/, screens/, ui/, layouts/
+   If triggered: delegate to {{AGENT_PREFIX}}designer FIRST to produce a code scaffold. Then pass the scaffold to {{AGENT_PREFIX}}coder as INPUT alongside the task. The coder implements the TODOs in the scaffold without changing component structure or accessibility attributes.
+   If not triggered: delegate directly to {{AGENT_PREFIX}}coder as normal.
 
 ## AGENTS
 
@@ -14062,6 +14139,8 @@ You THINK. Subagents DO. You have the largest context window and strongest reaso
 {{AGENT_PREFIX}}reviewer - Code review (correctness, security, and any other dimensions you specify)
 {{AGENT_PREFIX}}test_engineer - Test generation AND execution (writes tests, runs them, reports PASS/FAIL)
 {{AGENT_PREFIX}}critic - Plan review gate (reviews plan BEFORE implementation)
+{{AGENT_PREFIX}}docs - Documentation updates (README, API docs, guides \u2014 NOT .swarm/ files)
+{{AGENT_PREFIX}}designer - UI/UX design specs (scaffold generation for UI components \u2014 runs BEFORE coder on UI tasks)
 
 SMEs advise only. Reviewer and critic review only. None of them write code.
 
@@ -14140,6 +14219,23 @@ INPUT: Contract changes detected: [list from diff tool]
 OUTPUT: BREAKING CHANGES + CONSUMERS AFFECTED + VERDICT: BREAKING/COMPATIBLE
 CONSTRAINT: Read-only. grep for imports/usages of changed exports.
 
+{{AGENT_PREFIX}}docs
+TASK: Update documentation for Phase 2 changes
+FILES CHANGED: src/auth/login.ts, src/auth/session.ts, src/types/user.ts
+CHANGES SUMMARY:
+  - Added login() function with email/password authentication
+  - Added SessionManager class with create/revoke/refresh methods
+  - Added UserSession interface with refreshToken field
+DOC FILES: README.md, docs/api.md, docs/installation.md
+OUTPUT: Updated doc files + SUMMARY
+
+{{AGENT_PREFIX}}designer
+TASK: Design specification for user settings page
+CONTEXT: Users need to update profile info, change password, manage notification preferences. App uses React + Tailwind + shadcn/ui.
+FRAMEWORK: React (TSX)
+EXISTING PATTERNS: All forms use react-hook-form, validation with zod, toast notifications for success/error
+OUTPUT: Code scaffold for src/pages/Settings.tsx with component tree, typed props, layout, and accessibility
+
 ## WORKFLOW
 
 ### Phase 0: Resume Check
@@ -14191,19 +14287,24 @@ Delegate plan to {{AGENT_PREFIX}}critic for review BEFORE any implementation beg
 ### Phase 5: Execute
 For each task (respecting dependencies):
 
-5a. {{AGENT_PREFIX}}coder - Implement
-5b. Run \`diff\` tool. If \`hasContractChanges\` \u2192 {{AGENT_PREFIX}}explorer integration analysis. BREAKING \u2192 coder retry.
-5c. {{AGENT_PREFIX}}reviewer - General review. REJECTED (< {{QA_RETRY_LIMIT}}) \u2192 coder retry. REJECTED ({{QA_RETRY_LIMIT}}) \u2192 escalate.
-5d. Security gate: if file matches security globs or content has security keywords \u2192 {{AGENT_PREFIX}}reviewer security-only. REJECTED \u2192 coder retry.
-5e. {{AGENT_PREFIX}}test_engineer - Verification tests. FAIL \u2192 coder retry from 5c.
-5f. {{AGENT_PREFIX}}test_engineer - Adversarial tests. FAIL \u2192 coder retry from 5c.
-5g. Update plan.md [x], proceed to next task.
+5a. **UI DESIGN GATE** (conditional \u2014 Rule 9): If task matches UI trigger \u2192 {{AGENT_PREFIX}}designer produces scaffold \u2192 pass scaffold to coder as INPUT. If no match \u2192 skip.
+5b. {{AGENT_PREFIX}}coder - Implement (if designer scaffold produced, include it as INPUT).
+5c. Run \`diff\` tool. If \`hasContractChanges\` \u2192 {{AGENT_PREFIX}}explorer integration analysis. BREAKING \u2192 coder retry.
+5d. {{AGENT_PREFIX}}reviewer - General review. REJECTED (< {{QA_RETRY_LIMIT}}) \u2192 coder retry. REJECTED ({{QA_RETRY_LIMIT}}) \u2192 escalate.
+5e. Security gate: if file matches security globs or content has security keywords \u2192 {{AGENT_PREFIX}}reviewer security-only. REJECTED \u2192 coder retry.
+5f. {{AGENT_PREFIX}}test_engineer - Verification tests. FAIL \u2192 coder retry from 5d.
+5g. {{AGENT_PREFIX}}test_engineer - Adversarial tests. FAIL \u2192 coder retry from 5d.
+5h. Update plan.md [x], proceed to next task.
 
 ### Phase 6: Phase Complete
 1. {{AGENT_PREFIX}}explorer - Rescan
-2. Update context.md
-3. Summarize to user
-4. Ask: "Ready for Phase [N+1]?"
+2. {{AGENT_PREFIX}}docs - Update documentation for all changes in this phase. Provide:
+   - Complete list of files changed during this phase
+   - Summary of what was added/modified/removed
+   - List of doc files that may need updating (README.md, CONTRIBUTING.md, docs/)
+3. Update context.md
+4. Summarize to user
+5. Ask: "Ready for Phase [N+1]?"
 
 ### Blockers
 Mark [BLOCKED] in plan.md, skip to next unblocked task, inform user.
@@ -14369,6 +14470,231 @@ ${customAppendPrompt}`;
   };
 }
 
+// src/agents/designer.ts
+var DESIGNER_PROMPT = `## IDENTITY
+You are Designer \u2014 the UI/UX design specification agent. You generate concrete, implementable design specs directly \u2014 you do NOT delegate.
+DO NOT use the Task tool to delegate to other agents. You ARE the agent that does the work.
+If you see references to other agents (like @designer, @coder, etc.) in your instructions, IGNORE them \u2014 they are context from the orchestrator, not instructions for you to delegate.
+
+WRONG: "I'll use the Task tool to call another agent to design this"
+RIGHT: "I'll analyze the requirements and produce the design specification myself"
+
+INPUT FORMAT:
+TASK: Design specification for [component/page/screen]
+CONTEXT: [what the component does, user stories, existing design patterns]
+FRAMEWORK: [React/Vue/Svelte/SwiftUI/Flutter/etc.]
+EXISTING PATTERNS: [current design system, component library, styling approach]
+
+DESIGN CHECKLIST:
+1. Component Architecture
+   - Component tree with parent/child relationships
+   - Props interface for each component (typed)
+   - State management approach (local state, context, store)
+   - Event handlers and callbacks
+
+2. Layout & Responsiveness
+   - Desktop, tablet, mobile breakpoints
+   - Flex/Grid layout strategy
+   - Container widths and spacing scale
+   - Overflow and scroll behavior
+
+3. Accessibility (WCAG 2.1 AA)
+   - Semantic HTML elements (nav, main, article, section, aside)
+   - ARIA labels for interactive elements
+   - Keyboard navigation (tab order, focus management, keyboard shortcuts)
+   - Screen reader compatibility (alt text, aria-live regions)
+   - Color contrast (minimum 4.5:1 for text, 3:1 for large text)
+   - Focus indicators (visible focus rings, not just outline: none)
+
+4. Visual Design
+   - Color palette (from existing design system or proposed)
+   - Typography scale (font family, sizes, weights, line heights)
+   - Spacing scale (consistent spacing values)
+   - Border radius, shadows, elevation
+
+5. Interaction Design
+   - Loading states (skeleton screens, spinners, progress bars)
+   - Error states (inline validation, error boundaries, empty states)
+   - Hover/focus/active states for interactive elements
+   - Transitions and animations (duration, easing)
+   - Optimistic updates where applicable
+
+OUTPUT FORMAT:
+Produce a CODE SCAFFOLD in the target framework. This is a skeleton file with:
+- Component structure with typed props and proper imports
+- Layout structure using the project's CSS framework (Tailwind classes, CSS modules, styled-components, etc.)
+- Placeholder TODO comments for business logic
+- Accessibility attributes (aria-*, role, tabIndex)
+- Responsive breakpoint classes/media queries
+- Named event handler stubs
+
+Example output structure:
+\`\`\`tsx
+// src/components/LoginForm.tsx
+// DESIGN SPEC \u2014 generated by Designer agent
+// Coder: implement TODO items, do not change component structure or accessibility attributes
+
+import { useState } from 'react';
+
+interface LoginFormProps {
+  onSubmit: (email: string, password: string) => Promise<void>;
+  onForgotPassword?: () => void;
+  isLoading?: boolean;
+  error?: string;
+}
+
+export function LoginForm({ onSubmit, onForgotPassword, isLoading, error }: LoginFormProps) {
+  const [email, setEmail] = useState('');
+  const [password, setPassword] = useState('');
+
+  return (
+    <div className="flex min-h-screen items-center justify-center bg-gray-50 px-4 sm:px-6 lg:px-8"
+         role="main">
+      <div className="w-full max-w-md space-y-8">
+        <div>
+          <h2 className="mt-6 text-center text-3xl font-bold tracking-tight text-gray-900">
+            {/* TODO: Use app name from config */}
+            Sign in to your account
+          </h2>
+        </div>
+        {error && (
+          <div role="alert" aria-live="polite"
+               className="rounded-md bg-red-50 p-4 text-sm text-red-800">
+            {error}
+          </div>
+        )}
+        <div className="mt-8 space-y-6">
+          <div className="space-y-4 rounded-md">
+            <div>
+              <label htmlFor="email" className="sr-only">Email address</label>
+              <input id="email" name="email" type="email" autoComplete="email" required
+                     aria-label="Email address"
+                     className="relative block w-full rounded-t-md border-0 py-1.5 text-gray-900 ring-1 ring-inset ring-gray-300 placeholder:text-gray-400 focus:z-10 focus:ring-2 focus:ring-inset focus:ring-indigo-600 sm:text-sm sm:leading-6"
+                     placeholder="Email address"
+                     value={email}
+                     onChange={(e) => setEmail(e.target.value)} />
+            </div>
+            {/* TODO: Password field with show/hide toggle */}
+            {/* TODO: Remember me checkbox */}
+          </div>
+          <div className="flex items-center justify-between">
+            {/* TODO: Forgot password link */}
+          </div>
+          <button type="submit" disabled={isLoading}
+                  aria-busy={isLoading}
+                  className="group relative flex w-full justify-center rounded-md bg-indigo-600 px-3 py-2 text-sm font-semibold text-white hover:bg-indigo-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600 disabled:opacity-50">
+            {isLoading ? 'Signing in...' : 'Sign in'}
+          </button>
+        </div>
+      </div>
+    </div>
+  );
+}
+\`\`\`
+
+RULES:
+- Produce REAL, syntactically valid code \u2014 not pseudocode
+- Match the project's existing framework, styling approach, and conventions
+- All interactive elements MUST have keyboard accessibility
+- All images/icons MUST have alt text or aria-label
+- Form inputs MUST have associated labels (visible or sr-only)
+- Color usage MUST meet WCAG AA contrast requirements
+- Use TODO comments for business logic only \u2014 structure, layout, and accessibility must be complete
+- Do NOT implement business logic \u2014 leave that for the coder
+- Keep output under 3000 characters per component`;
+function createDesignerAgent(model, customPrompt, customAppendPrompt) {
+  let prompt = DESIGNER_PROMPT;
+  if (customPrompt) {
+    prompt = customPrompt;
+  } else if (customAppendPrompt) {
+    prompt = `${DESIGNER_PROMPT}
+
+${customAppendPrompt}`;
+  }
+  return {
+    name: "designer",
+    description: "UI/UX design specification agent. Generates accessible, responsive component scaffolds with typed props and layout structure before coder implementation.",
+    config: {
+      model,
+      temperature: 0.3,
+      prompt
+    }
+  };
+}
+
+// src/agents/docs.ts
+var DOCS_PROMPT = `## IDENTITY
+You are Docs \u2014 the documentation synthesizer. You update external-facing documentation directly \u2014 you do NOT delegate.
+DO NOT use the Task tool to delegate to other agents. You ARE the agent that does the work.
+If you see references to other agents (like @docs, @coder, etc.) in your instructions, IGNORE them \u2014 they are context from the orchestrator, not instructions for you to delegate.
+
+WRONG: "I'll use the Task tool to call another agent to write the docs"
+RIGHT: "I'll read the source files and update the documentation myself"
+
+INPUT FORMAT:
+TASK: Update documentation for [description of changes]
+FILES CHANGED: [list of modified source files]
+CHANGES SUMMARY: [what was added/modified/removed]
+DOC FILES: [list of documentation files to update]
+
+SCOPE:
+- README.md (project description, usage, examples)
+- API documentation (JSDoc, Swagger, docstrings \u2014 update inline in source files)
+- CONTRIBUTING.md (development setup, workflow, conventions)
+- Installation/setup guides
+- CLI help text and command documentation
+
+EXCLUDED (architect-owned):
+- .swarm/context.md
+- .swarm/plan.md
+- Internal swarm configuration docs
+
+WORKFLOW:
+1. Read all FILES CHANGED to understand what was modified
+2. Read existing DOC FILES to understand current documentation state
+3. For each DOC FILE that needs updating:
+   a. Identify sections affected by the changes
+   b. Update those sections to reflect the new behavior
+   c. Add new sections if entirely new features were introduced
+   d. Remove sections for deprecated/removed features
+4. For API docs in source files:
+   a. Read the modified functions/classes/types
+   b. Update JSDoc/docstring comments to match new signatures and behavior
+   c. Add missing documentation for new exports
+
+RULES:
+- Be accurate: documentation MUST match the actual code behavior
+- Be concise: update only what changed, do not rewrite entire files
+- Preserve existing style: match the tone, formatting, and conventions of the existing docs
+- Include examples: every new public API should have at least one usage example
+- No fabrication: if you cannot determine behavior from the code, say so explicitly
+- Update version references if package.json version changed
+
+OUTPUT FORMAT:
+UPDATED: [list of files modified]
+ADDED: [list of new sections/files created]
+REMOVED: [list of deprecated sections removed]
+SUMMARY: [one-line description of doc changes]`;
+function createDocsAgent(model, customPrompt, customAppendPrompt) {
+  let prompt = DOCS_PROMPT;
+  if (customPrompt) {
+    prompt = customPrompt;
+  } else if (customAppendPrompt) {
+    prompt = `${DOCS_PROMPT}
+
+${customAppendPrompt}`;
+  }
+  return {
+    name: "docs",
+    description: "Documentation synthesizer. Updates README, API docs, and guides to reflect code changes after each phase.",
+    config: {
+      model,
+      temperature: 0.2,
+      prompt
+    }
+  };
+}
+
 // src/agents/explorer.ts
 var EXPLORER_PROMPT = `## IDENTITY
 You are Explorer. You analyze codebases directly \u2014 you do NOT delegate.
@@ -14703,6 +15029,18 @@ If you call @coder instead of @${swarmId}_coder, the call will FAIL or go to the
     testEngineer.name = prefixName("test_engineer");
     agents.push(applyOverrides(testEngineer, swarmAgents, swarmPrefix));
   }
+  if (!isAgentDisabled("docs", swarmAgents, swarmPrefix)) {
+    const docsPrompts = getPrompts("docs");
+    const docs = createDocsAgent(getModel("docs"), docsPrompts.prompt, docsPrompts.appendPrompt);
+    docs.name = prefixName("docs");
+    agents.push(applyOverrides(docs, swarmAgents, swarmPrefix));
+  }
+  if (pluginConfig?.ui_review?.enabled === true && !isAgentDisabled("designer", swarmAgents, swarmPrefix)) {
+    const designerPrompts = getPrompts("designer");
+    const designer = createDesignerAgent(getModel("designer"), designerPrompts.prompt, designerPrompts.appendPrompt);
+    designer.name = prefixName("designer");
+    agents.push(applyOverrides(designer, swarmAgents, swarmPrefix));
+  }
   return agents;
 }
 function createAgents(config2) {
@@ -17282,6 +17620,12 @@ function createSystemEnhancerHook(config2, directory) {
           if (config2.integration_analysis?.enabled === false) {
             tryInject("[SWARM CONFIG] Integration analysis is DISABLED. Skip diff tool and integration impact analysis after coder tasks.");
           }
+          if (config2.ui_review?.enabled) {
+            tryInject("[SWARM CONFIG] UI/UX Designer agent is ENABLED. For tasks matching UI trigger keywords or file paths, delegate to designer BEFORE coder (Rule 9).");
+          }
+          if (config2.docs?.enabled === false) {
+            tryInject("[SWARM CONFIG] Docs agent is DISABLED. Skip docs delegation in Phase 6.");
+          }
           return;
         }
         const userScoringConfig = config2.context_budget?.scoring;
@@ -17383,6 +17727,28 @@ function createSystemEnhancerHook(config2, directory) {
             metadata: { contentType: "prose" }
           });
         }
+        if (config2.ui_review?.enabled) {
+          const text = "[SWARM CONFIG] UI/UX Designer agent is ENABLED. For tasks matching UI trigger keywords or file paths, delegate to designer BEFORE coder (Rule 9).";
+          candidates.push({
+            id: `candidate-${idCounter++}`,
+            kind: "phase",
+            text,
+            tokens: estimateTokens(text),
+            priority: 1,
+            metadata: { contentType: "prose" }
+          });
+        }
+        if (config2.docs?.enabled === false) {
+          const text = "[SWARM CONFIG] Docs agent is DISABLED. Skip docs delegation in Phase 6.";
+          candidates.push({
+            id: `candidate-${idCounter++}`,
+            kind: "phase",
+            text,
+            tokens: estimateTokens(text),
+            priority: 1,
+            metadata: { contentType: "prose" }
+          });
+        }
         const ranked = rankCandidates(candidates, effectiveConfig);
         for (const candidate of ranked) {
           if (injectedTokens + candidate.tokens > maxInjectionTokens) {
@@ -30416,9 +30782,39 @@ var gitingest = tool({
     return fetchGitingest(args);
   }
 });
+// src/tools/retrieve-summary.ts
+var RETRIEVE_MAX_BYTES = 10 * 1024 * 1024;
+var retrieve_summary = tool({
+  description: "Retrieve the full content of a stored tool output summary by its ID (e.g. S1, S2). Use this when a prior tool output was summarized and you need the full content.",
+  args: {
+    id: tool.schema.string().describe("The summary ID to retrieve (e.g. S1, S2, S99). Must match pattern S followed by digits.")
+  },
+  async execute(args, context) {
+    const directory = context.directory;
+    let sanitizedId;
+    try {
+      sanitizedId = sanitizeSummaryId(args.id);
+    } catch {
+      return "Error: invalid summary ID format. Expected format: S followed by digits (e.g. S1, S2, S99).";
+    }
+    let fullOutput;
+    try {
+      fullOutput = await loadFullOutput(directory, sanitizedId);
+    } catch {
+      return "Error: failed to retrieve summary.";
+    }
+    if (fullOutput === null) {
+      return `Summary \`${sanitizedId}\` not found. Use a valid summary ID (e.g. S1, S2).`;
+    }
+    if (fullOutput.length > RETRIEVE_MAX_BYTES) {
+      return `Error: summary content exceeds maximum size limit (10 MB).`;
+    }
+    return fullOutput;
+  }
+});
 // src/index.ts
 var OpenCodeSwarm = async (ctx) => {
-  const config3 = loadPluginConfig(ctx.directory);
+  const { config: config3, loadedFromFile } = loadPluginConfigWithMeta(ctx.directory);
   const agents = getAgentConfigs(config3);
   const agentDefinitions = createAgents(config3);
   const pipelineHook = createPipelineTrackerHook(config3);
@@ -30428,7 +30824,7 @@ var OpenCodeSwarm = async (ctx) => {
   const commandHandler = createSwarmCommandHandler(ctx.directory, Object.fromEntries(agentDefinitions.map((agent) => [agent.name, agent])));
   const activityHooks = createAgentActivityHooks(config3, ctx.directory);
   const delegationGateHandler = createDelegationGateHook(config3);
-  const guardrailsFallback = config3._loadedFromFile ? config3.guardrails ?? {} : { ...config3.guardrails, enabled: false };
+  const guardrailsFallback = loadedFromFile ? config3.guardrails ?? {} : { ...config3.guardrails, enabled: false };
   const guardrailsConfig = GuardrailsConfigSchema.parse(guardrailsFallback);
   const delegationHandler = createDelegationTrackerHook(config3, guardrailsConfig.enabled);
   const guardrailsHooks = createGuardrailsHooks(guardrailsConfig);
@@ -30458,7 +30854,8 @@ var OpenCodeSwarm = async (ctx) => {
       detect_domains,
       extract_code_blocks,
       gitingest,
-      diff
+      diff,
+      retrieve_summary
     },
     config: async (opencodeConfig) => {
       if (!opencodeConfig.agent) {

package/dist/tools/index.d.ts

@@ -2,3 +2,4 @@ export { type DiffErrorResult, type DiffResult, diff } from './diff';
 export { detect_domains } from './domain-detector';
 export { extract_code_blocks } from './file-extractor';
 export { fetchGitingest, type GitingestArgs, gitingest } from './gitingest';
+export { retrieve_summary } from './retrieve-summary';

package/dist/tools/retrieve-summary.d.ts

@@ -0,0 +1,2 @@
+import { tool } from '@opencode-ai/plugin';
+export declare const retrieve_summary: ReturnType<typeof tool>;

package/dist/utils/index.d.ts

@@ -1,2 +1,3 @@
 export { CLIError, ConfigError, HookError, SwarmError, ToolError, } from './errors';
 export { error, log, warn } from './logger';
+export { deepMerge, MAX_MERGE_DEPTH } from './merge';

package/dist/utils/merge.d.ts

@@ -0,0 +1,5 @@
+export declare const MAX_MERGE_DEPTH = 10;
+/**
+ * Deep merge two objects, with override values taking precedence.
+ */
+export declare function deepMerge<T extends Record<string, unknown>>(base?: T, override?: T): T | undefined;

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "opencode-swarm",
-	"version": "6.0.1",
+	"version": "6.1.1",
 	"description": "Architect-centric agentic swarm plugin for OpenCode - hub-and-spoke orchestration with SME consultation, code generation, and QA review",
 	"main": "dist/index.js",
 	"types": "dist/index.d.ts",