plan-review 1.0.5 → 1.1.2

package/dist/session.js

@@ -1,133 +0,0 @@
-import { createHash } from 'node:crypto';
-import { mkdirSync, readFileSync, writeFileSync, unlinkSync, readdirSync, existsSync, } from 'node:fs';
-import { join, resolve } from 'node:path';
-import { homedir } from 'node:os';
-// ── Internal helpers (not exported) ────────────────────────────────
-function pathHash(planPath) {
-    const abs = resolve(planPath);
-    const hash = createHash('sha256').update(abs).digest('hex');
-    return hash.slice(0, 16);
-}
-function sessionFilePath(planPath) {
-    return join(getSessionDir(), pathHash(planPath) + '.json');
-}
-// ── Exported functions ─────────────────────────────────────────────
-export function getSessionDir() {
-    const dir = join(homedir(), '.plan-review', 'sessions');
-    mkdirSync(dir, { recursive: true });
-    return dir;
-}
-export function computeContentHash(content) {
-    const hex = createHash('sha256').update(content).digest('hex');
-    return `sha256:${hex}`;
-}
-export function saveSession(planPath, contentHash, comments, activeSection) {
-    try {
-        const data = {
-            version: 1,
-            planPath,
-            contentHash,
-            comments,
-            activeSection,
-            lastModified: new Date().toISOString(),
-        };
-        const filePath = sessionFilePath(planPath);
-        writeFileSync(filePath, JSON.stringify(data, null, 2), 'utf-8');
-    }
-    catch (err) {
-        console.warn(`[plan-review] Failed to save session: ${err.message}`);
-    }
-}
-export function loadSession(planPath, currentContentHash) {
-    const filePath = sessionFilePath(planPath);
-    if (!existsSync(filePath)) {
-        return null;
-    }
-    let raw;
-    try {
-        raw = readFileSync(filePath, 'utf-8');
-    }
-    catch {
-        return null;
-    }
-    let data;
-    try {
-        data = JSON.parse(raw);
-    }
-    catch {
-        console.warn(`[plan-review] Corrupt session file, removing: ${filePath}`);
-        try {
-            unlinkSync(filePath);
-        }
-        catch {
-            // ignore
-        }
-        return null;
-    }
-    // Restore Date objects in comment timestamps
-    const comments = data.comments.map((c) => ({
-        ...c,
-        timestamp: new Date(c.timestamp),
-    }));
-    return {
-        comments,
-        activeSection: data.activeSection,
-        stale: data.contentHash !== currentContentHash,
-    };
-}
-export function clearSession(planPath) {
-    const filePath = sessionFilePath(planPath);
-    try {
-        unlinkSync(filePath);
-    }
-    catch {
-        // No error if missing
-    }
-}
-export function listSessions() {
-    const dir = getSessionDir();
-    let files;
-    try {
-        files = readdirSync(dir);
-    }
-    catch {
-        return [];
-    }
-    const results = [];
-    for (const file of files) {
-        if (!file.endsWith('.json'))
-            continue;
-        const filePath = join(dir, file);
-        let data;
-        try {
-            const raw = readFileSync(filePath, 'utf-8');
-            data = JSON.parse(raw);
-        }
-        catch {
-            console.warn(`[plan-review] Skipping corrupt session file: ${filePath}`);
-            continue;
-        }
-        let stale;
-        if (!existsSync(data.planPath)) {
-            stale = null;
-        }
-        else {
-            try {
-                const currentContent = readFileSync(data.planPath, 'utf-8');
-                const currentHash = computeContentHash(currentContent);
-                stale = currentHash !== data.contentHash;
-            }
-            catch {
-                stale = null;
-            }
-        }
-        results.push({
-            planPath: data.planPath,
-            commentCount: data.comments.length,
-            lastModified: data.lastModified,
-            stale,
-        });
-    }
-    return results;
-}
-//# sourceMappingURL=session.js.map

package/dist/session.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"session.js","sourceRoot":"","sources":["../src/session.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EACL,SAAS,EACT,YAAY,EACZ,aAAa,EACb,UAAU,EACV,WAAW,EACX,UAAU,GACX,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAoBlC,sEAAsE;AAEtE,SAAS,QAAQ,CAAC,QAAgB;IAChC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC9B,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC5D,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAC3B,CAAC;AAED,SAAS,eAAe,CAAC,QAAgB;IACvC,OAAO,IAAI,CAAC,aAAa,EAAE,EAAE,QAAQ,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,CAAC;AAC7D,CAAC;AAED,sEAAsE;AAEtE,MAAM,UAAU,aAAa;IAC3B,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,cAAc,EAAE,UAAU,CAAC,CAAC;IACxD,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACpC,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,MAAM,GAAG,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC/D,OAAO,UAAU,GAAG,EAAE,CAAC;AACzB,CAAC;AAED,MAAM,UAAU,WAAW,CACzB,QAAgB,EAChB,WAAmB,EACnB,QAAyB,EACzB,aAA4B;IAE5B,IAAI,CAAC;QACH,MAAM,IAAI,GAAgB;YACxB,OAAO,EAAE,CAAC;YACV,QAAQ;YACR,WAAW;YACX,QAAQ;YACR,aAAa;YACb,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACvC,CAAC;QACF,MAAM,QAAQ,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;QAC3C,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;IAClE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,yCAA0C,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;IAClF,CAAC;AACH,CAAC;AAED,MAAM,UAAU,WAAW,CACzB,QAAgB,EAChB,kBAA0B;IAE1B,MAAM,QAAQ,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;IAE3C,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,GAAG,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACxC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,IAAiB,CAAC;IACtB,IAAI,CAAC;QACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAgB,CAAC;IACxC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,IAAI,CAAC,iDAAiD,QAAQ,EAAE,CAAC,CAAC;QAC1E,IAAI,CAAC;YACH,UAAU,CAAC,QAAQ,CAAC,CAAC;QACvB,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,6CAA6C;IAC7C,MAAM,QAAQ,GAAoB,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC1D,GAAG,CAAC;QACJ,SAAS,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;KACjC,CAAC,CAAC,CAAC;IAEJ,OAAO;QACL,QAAQ;QACR,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,KAAK,EAAE,IAAI,CAAC,WAAW,KAAK,kBAAkB;KAC/C,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,QAAgB;IAC3C,MAAM,QAAQ,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;IAC3C,IAAI,CAAC;QACH,UAAU,CAAC,QAAQ,CAAC,CAAC;IACvB,CAAC;IAAC,MAAM,CAAC;QACP,sBAAsB;IACxB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,YAAY;IAM1B,MAAM,GAAG,GAAG,aAAa,EAAE,CAAC;IAC5B,IAAI,KAAe,CAAC;IACpB,IAAI,CAAC;QACH,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,OAAO,GAKR,EAAE,CAAC;IAER,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;YAAE,SAAS;QAEtC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACjC,IAAI,IAAiB,CAAC;QACtB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAC5C,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAgB,CAAC;QACxC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,IAAI,CAAC,gDAAgD,QAAQ,EAAE,CAAC,CAAC;YACzE,SAAS;QACX,CAAC;QAED,IAAI,KAAqB,CAAC;QAC1B,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC/B,KAAK,GAAG,IAAI,CAAC;QACf,CAAC;aAAM,CAAC;YACN,IAAI,CAAC;gBACH,MAAM,cAAc,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;gBAC5D,MAAM,WAAW,GAAG,kBAAkB,CAAC,cAAc,CAAC,CAAC;gBACvD,KAAK,GAAG,WAAW,KAAK,IAAI,CAAC,WAAW,CAAC;YAC3C,CAAC;YAAC,MAAM,CAAC;gBACP,KAAK,GAAG,IAAI,CAAC;YACf,CAAC;QACH,CAAC;QAED,OAAO,CAAC,IAAI,CAAC;YACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM;YAClC,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,KAAK;SACN,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/dist/transport.d.ts

@@ -1,22 +0,0 @@
-import type { PlanDocument, ReviewComment } from './types.js';
-export interface Transport {
-    sendDocument(doc: PlanDocument): void;
-    onReviewSubmit(handler: (comments: ReviewComment[]) => void): void;
-    start(port: number): Promise<{
-        url: string;
-    }>;
-    stop(): Promise<void>;
-}
-export declare class HttpTransport implements Transport {
-    private doc;
-    private submitHandler;
-    private sessionSaveHandler;
-    private server;
-    sendDocument(doc: PlanDocument): void;
-    onReviewSubmit(handler: (comments: ReviewComment[]) => void): void;
-    onSessionSave(handler: (comments: ReviewComment[], activeSection: string | null) => void): void;
-    start(port: number): Promise<{
-        url: string;
-    }>;
-    stop(): Promise<void>;
-}

package/dist/transport.js

@@ -1,35 +0,0 @@
-import { createReviewServer, startServer, stopServer } from './server/server.js';
-import { getAssetHtml } from './server/assets.js';
-export class HttpTransport {
-    doc = null;
-    submitHandler = null;
-    sessionSaveHandler = null;
-    server = null;
-    sendDocument(doc) {
-        this.doc = doc;
-    }
-    onReviewSubmit(handler) {
-        this.submitHandler = handler;
-    }
-    onSessionSave(handler) {
-        this.sessionSaveHandler = handler;
-    }
-    async start(port) {
-        if (!this.doc)
-            throw new Error('No document set');
-        this.server = createReviewServer({
-            getDocument: () => this.doc,
-            onSubmit: (comments) => this.submitHandler?.(comments),
-            getAssetHtml: () => getAssetHtml(),
-            onSessionSave: (comments, activeSection) => this.sessionSaveHandler?.(comments, activeSection),
-        });
-        return startServer(this.server, port);
-    }
-    async stop() {
-        if (this.server && this.server.listening) {
-            await stopServer(this.server);
-            this.server = null;
-        }
-    }
-}
-//# sourceMappingURL=transport.js.map

package/dist/transport.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"transport.js","sourceRoot":"","sources":["../src/transport.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,kBAAkB,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AACjF,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AASlD,MAAM,OAAO,aAAa;IAChB,GAAG,GAAwB,IAAI,CAAC;IAChC,aAAa,GAAiD,IAAI,CAAC;IACnE,kBAAkB,GAA+E,IAAI,CAAC;IACtG,MAAM,GAAkB,IAAI,CAAC;IAErC,YAAY,CAAC,GAAiB;QAC5B,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;IACjB,CAAC;IAED,cAAc,CAAC,OAA4C;QACzD,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC;IAC/B,CAAC;IAED,aAAa,CAAC,OAA0E;QACtF,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC;IACpC,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,IAAY;QACtB,IAAI,CAAC,IAAI,CAAC,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAElD,IAAI,CAAC,MAAM,GAAG,kBAAkB,CAAC;YAC/B,WAAW,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAI;YAC5B,QAAQ,EAAE,CAAC,QAAQ,EAAE,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC,QAAQ,CAAC;YACtD,YAAY,EAAE,GAAG,EAAE,CAAC,YAAY,EAAE;YAClC,aAAa,EAAE,CAAC,QAAQ,EAAE,aAAa,EAAE,EAAE,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC,QAAQ,EAAE,aAAa,CAAC;SAC/F,CAAC,CAAC;QAEH,OAAO,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACxC,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACzC,MAAM,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC9B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACrB,CAAC;IACH,CAAC;CACF"}

package/dist/types.d.ts

@@ -1,34 +0,0 @@
-export interface PlanDocument {
-    title: string;
-    metadata: Record<string, string>;
-    mode: 'plan' | 'generic';
-    sections: Section[];
-    comments: ReviewComment[];
-}
-export interface Section {
-    id: string;
-    heading: string;
-    level: number;
-    body: string;
-    parent?: string;
-    dependencies?: {
-        dependsOn: string[];
-        blocks: string[];
-    };
-    relatedFiles?: string[];
-    verification?: string;
-}
-export interface LineAnchor {
-    type: 'lines';
-    startLine: number;
-    endLine: number;
-    lineTexts: string[];
-}
-export interface ReviewComment {
-    sectionId: string;
-    text: string;
-    timestamp: Date;
-    anchor?: LineAnchor;
-}
-export type OutputTarget = 'stdout' | 'clipboard' | 'file' | 'claude';
-export type SplitStrategy = 'heading' | 'separator' | 'auto';

package/dist/types.js

@@ -1,2 +0,0 @@
-export {};
-//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}

package/examples/demo-plan.md

@@ -1,129 +0,0 @@
-# User Authentication System — Implementation Plan
-
-**Goal:** Add email/password authentication with session management to the web app.
-
-**Architecture:** Express middleware + bcrypt + JWT tokens + PostgreSQL sessions table. Three milestones: database schema, auth endpoints, session management.
-
-**Tech Stack:** Node.js, Express, PostgreSQL, bcrypt, jsonwebtoken
-
----
-
-## Milestone 1: Database Foundation
-
-### Task 1.1: Create users table
-
-**Depends On:** (none)
-**Blocks:** 1.2, 2.1, 2.2
-**Related Files:** `src/db/migrations/001_users.sql`, `src/db/schema.ts`
-**Verification:** `npm run migrate && npm test`
-
-Create the users table with the following columns:
-
-| Column | Type | Constraints |
-|--------|------|-------------|
-| id | UUID | PRIMARY KEY, DEFAULT gen_random_uuid() |
-| email | VARCHAR(255) | UNIQUE, NOT NULL |
-| password_hash | VARCHAR(255) | NOT NULL |
-| created_at | TIMESTAMP | DEFAULT NOW() |
-| updated_at | TIMESTAMP | DEFAULT NOW() |
-
-Add an index on `email` for login lookups. The migration should be idempotent (use `IF NOT EXISTS`).
-
-### Task 1.2: Create sessions table
-
-**Depends On:** 1.1
-**Blocks:** 3.1, 3.2
-**Related Files:** `src/db/migrations/002_sessions.sql`, `src/db/schema.ts`
-**Verification:** `npm run migrate && npm test`
-
-Sessions table for server-side session tracking:
-
-- `id` (UUID, primary key)
-- `user_id` (UUID, foreign key → users.id, ON DELETE CASCADE)
-- `token` (VARCHAR, unique, indexed)
-- `expires_at` (TIMESTAMP, NOT NULL)
-- `created_at` (TIMESTAMP, DEFAULT NOW())
-
-Add a cleanup index on `expires_at` for the session pruning job.
-
----
-
-## Milestone 2: Authentication Endpoints
-
-### Task 2.1: POST /auth/register
-
-**Depends On:** 1.1
-**Blocks:** 2.3
-**Related Files:** `src/routes/auth.ts`, `src/services/user.ts`, `tests/auth.test.ts`
-**Verification:** `npm test -- --grep "register"`
-
-Accepts `{ email, password }`. Validates:
-- Email format (basic regex, no need for RFC 5322 compliance)
-- Password minimum 8 characters
-- Email not already registered (unique constraint handles race conditions)
-
-Hash password with bcrypt (cost factor 12). Return `201 { user: { id, email } }` on success, `400` with validation errors, `409` if email exists.
-
-### Task 2.2: POST /auth/login
-
-**Depends On:** 1.1
-**Blocks:** 2.3
-**Related Files:** `src/routes/auth.ts`, `src/services/auth.ts`, `tests/auth.test.ts`
-**Verification:** `npm test -- --grep "login"`
-
-Accepts `{ email, password }`. Compares against stored bcrypt hash.
-
-On success: create a session (Task 3.1), return `200 { token, expiresAt }`.
-On failure: return `401 { error: "Invalid credentials" }`. Do **not** reveal whether the email exists.
-
-Rate limiting: 5 attempts per email per 15 minutes. Use a simple in-memory counter (Redis in v2).
-
-### Task 2.3: Auth middleware
-
-**Depends On:** 2.1, 2.2
-**Blocks:** 3.2
-**Related Files:** `src/middleware/auth.ts`, `tests/middleware.test.ts`
-**Verification:** `npm test -- --grep "middleware"`
-
-Express middleware that:
-1. Extracts `Authorization: Bearer <token>` header
-2. Looks up session by token
-3. Checks `expires_at > NOW()`
-4. Attaches `req.user = { id, email }` if valid
-5. Returns `401` if missing/invalid/expired
-
-Should be composable: `router.get('/profile', requireAuth, handler)`.
-
----
-
-## Milestone 3: Session Management
-
-### Task 3.1: Session creation and token generation
-
-**Depends On:** 1.2
-**Blocks:** 3.2
-**Related Files:** `src/services/session.ts`, `tests/session.test.ts`
-**Verification:** `npm test -- --grep "session"`
-
-Generate tokens using `crypto.randomBytes(32).toString('hex')` — not JWT for session tokens (JWTs can't be revoked without a blacklist, defeating the purpose of server-side sessions).
-
-Default expiry: 7 days. Configurable via `SESSION_TTL_HOURS` env var.
-
-### Task 3.2: Session cleanup and logout
-
-**Depends On:** 1.2, 2.3
-**Blocks:** (none)
-**Related Files:** `src/services/session.ts`, `src/routes/auth.ts`, `tests/session.test.ts`
-**Verification:** `npm test -- --grep "logout|cleanup"`
-
-Two features:
-
-**Logout endpoint** — `POST /auth/logout` (requires auth middleware). Deletes the current session row. Returns `204`.
-
-**Cleanup job** — Runs every hour via `setInterval`. Deletes sessions where `expires_at < NOW()`. Log the count of pruned sessions.
-
-```sql
-DELETE FROM sessions WHERE expires_at < NOW();
-```
-
-Consider: should logout invalidate all sessions for the user, or just the current one? Start with current-only. Add "logout everywhere" as a v2 feature.

package/skills/plan-review/SKILL.md

@@ -1,70 +0,0 @@
----
-name: plan-review
-description: Use when the user asks to review a plan, start plan review, or says "I want to review this plan". Triggers on plan review requests for markdown implementation plans, specs, or design docs — including plans produced on-the-fly in this conversation. Builds and runs the plan-review browser UI, feeds review output back into the conversation.
----
-
-# Plan Review
-
-Launch the plan-review browser UI for interactive review of markdown plans, then feed the structured review output back into this session.
-
-Works with two input sources:
-- **A plan file on disk** (path given by the user, or the most recent plan file in the project).
-- **An on-the-fly plan** produced in this conversation (e.g. from plan mode, or markdown the user just pasted). The plan content is piped in via stdin — no temp file needed.
-
-## Prerequisites
-
-Either the `plan-review` CLI is on `$PATH` (installed via `npm install -g plan-review`) or a local dev checkout exists at `~/desenv/personal/plan-review/`.
-
-## Process
-
-1. **Identify the plan source.** Decide which branch you're in:
-   - **File branch** — the user named a file, or pointed at a path, or asked to review "the plan at X". Also the default when you find a single recent match in `docs/superpowers/plans/*.md`. If multiple candidates exist, ask which one.
-   - **Inline branch** — the user asks to review "this plan" / "the plan above" / "the plan you just wrote" / pastes markdown, or plan mode just produced a plan in the conversation. No file path exists.
-
-2. **Pick the binary.** Prefer the installed CLI; fall back to the local dev build.
-   ```bash
-   if command -v plan-review >/dev/null 2>&1; then
-     PLAN_REVIEW_CMD="plan-review"
-   else
-     # Dev fallback: build if dist missing
-     if [ ! -f ~/desenv/personal/plan-review/dist/index.js ]; then
-       (cd ~/desenv/personal/plan-review && npm run build)
-     fi
-     PLAN_REVIEW_CMD="node $HOME/desenv/personal/plan-review/dist/index.js"
-   fi
-   ```
-
-3. **Run the review.**
-
-   **File branch:**
-   ```bash
-   $PLAN_REVIEW_CMD <plan-file> --browser -o stdout
-   ```
-
-   **Inline branch** — pipe the plan content via a quoted heredoc so markdown is passed through verbatim (no shell expansion, no escaping needed):
-   ```bash
-   $PLAN_REVIEW_CMD --browser -o stdout <<'PLAN_EOF'
-   # My Plan
-
-   ## Section 1
-   ...plan content from this conversation...
-   PLAN_EOF
-   ```
-
-   Both variants open the browser review UI and block until the user clicks "Submit Review", then print structured review output to stdout.
-
-4. **Read the output.** The review output is structured markdown with the user's comments anchored to specific sections. Read it and present a summary to the user.
-
-5. **Act on feedback.** Ask the user what they want to do with the review:
-   - Address the comments (modify the plan or code)
-   - Save the review to a file
-   - Continue discussion about specific comments
-
-## Important
-
-- The `--browser` flag opens a three-panel review UI (TOC + content + comments).
-- The `-o stdout` flag ensures the review output comes back to this session.
-- The command will block until the user clicks "Submit Review" in the browser.
-- **File branch only:** if a session exists for this plan, the user is prompted to resume. Use `--fresh` to skip.
-- **Inline branch:** there is no file anchor, so no session resume — the review is ephemeral.
-- Always use a **quoted** heredoc delimiter (`<<'PLAN_EOF'`) so backticks, `$`, and other shell metacharacters in the plan are left alone.