prizmkit 1.0.103 → 1.0.105

package/bundled/VERSION.json

@@ -1,5 +1,5 @@
 {
-  "frameworkVersion": "1.0.103",
-  "bundledAt": "2026-03-24T17:11:59.061Z",
-  "bundledFrom": "5e837b4"
+  "frameworkVersion": "1.0.105",
+  "bundledAt": "2026-03-25T15:34:22.423Z",
+  "bundledFrom": "c46942e"
 }

package/bundled/dev-pipeline/run.sh

@@ -288,6 +288,18 @@ sys.exit(1)
         fi
     fi
 
+    # Check if session produced a failure-log for future retries
+    if [[ "$session_status" != "success" && -n "$feature_slug" ]]; then
+        local project_root_for_failure
+        project_root_for_failure="$(cd "$SCRIPT_DIR/.." && pwd)"
+        local failure_log="$project_root_for_failure/.prizmkit/specs/${feature_slug}/failure-log.md"
+        if [[ -f "$failure_log" ]]; then
+            log_info "FAILURE_LOG: Session wrote failure-log.md — will be available to next retry"
+        else
+            log_info "FAILURE_LOG: No failure-log.md written by session"
+        fi
+    fi
+
     # Update feature status
     local update_output
     update_output=$(python3 "$SCRIPTS_DIR/update-feature-status.py" \

package/bundled/dev-pipeline/scripts/utils.py

@@ -8,6 +8,7 @@ to avoid duplication across pipeline scripts.
 import json
 import logging
 import os
+import re
 import sys
 
 
@@ -107,26 +108,95 @@ def _build_progress_bar(percent, width=20):
     return "{} {:>3}%".format(bar, int(percent))
 
 
+def _read_file_safe(filepath):
+    """Read a file and return its content, or empty string on error."""
+    try:
+        with open(filepath, "r", encoding="utf-8") as f:
+            return f.read()
+    except (IOError, OSError):
+        return ""
+
+
+def _detect_node_runtime(project_root, pkg):
+    """Detect Node.js runtime version from engines, .nvmrc, or .node-version."""
+    engines = pkg.get("engines", {})
+    node_ver = engines.get("node", "")
+    if node_ver:
+        return "Node.js {}".format(node_ver)
+
+    for version_file in [".nvmrc", ".node-version"]:
+        vpath = os.path.join(project_root, version_file)
+        if os.path.isfile(vpath):
+            content = _read_file_safe(vpath).strip()
+            if content:
+                return "Node.js {}".format(content)
+
+    return "Node.js"
+
+
+def _parse_python_deps(py_content, req_content):
+    """Extract Python package names from pyproject.toml and requirements.txt.
+
+    Returns a set of lowercased package names (without version specifiers).
+    """
+    deps = set()
+
+    # Parse requirements.txt lines: "package==1.0", "package>=2.0", "package"
+    for line in req_content.splitlines():
+        line = line.strip()
+        if not line or line.startswith("#") or line.startswith("-"):
+            continue
+        # Split on version specifiers and extras
+        name = re.split(r"[>=<!~;\[\s]", line, 1)[0].strip()
+        if name:
+            deps.add(name.lower())
+
+    # Parse pyproject.toml dependencies (simplified: look for quoted strings
+    # in [project.dependencies] and [project.optional-dependencies.*] sections)
+    in_deps_section = False
+    for line in py_content.splitlines():
+        stripped = line.strip()
+        if stripped.startswith("["):
+            in_deps_section = (
+                "dependencies" in stripped.lower()
+                and "optional" not in stripped.lower()
+            ) or "dependencies" in stripped.lower()
+            continue
+        if in_deps_section:
+            # Match quoted dependency: "flask>=2.0" or 'django~=4.0'
+            match = re.match(r"""^[\s"']*([a-zA-Z0-9_-]+)""", stripped)
+            if match:
+                deps.add(match.group(1).lower())
+
+    return deps
+
+
 def detect_project_context(project_root):
     """Auto-detect project tech stack from project files.
 
-    Reads package.json, pyproject.toml, and common config files
-    to infer language, test framework, and other stack details.
-    Returns a dict of detected key-value pairs.
+    Reads package.json, pyproject.toml, requirements.txt, docker-compose,
+    and common config files to infer language, frameworks, styling,
+    database, ORM, bundler, testing, and project type.
+
+    Returns a dict of detected key-value pairs. Only detected fields are
+    included — no empty or null values. Adapts to any project type
+    (frontend-only, backend-only, fullstack, library, CLI, monorepo).
     """
     detected = {}
 
-    # 1. Node.js / JavaScript / TypeScript project
+    # ── 1. Node.js / JavaScript / TypeScript project ──
     pkg_path = os.path.join(project_root, "package.json")
     if os.path.isfile(pkg_path):
         try:
             with open(pkg_path, "r", encoding="utf-8") as f:
                 pkg = json.load(f)
 
-            # Language detection
+            # All dependencies combined for detection
             deps = {}
             deps.update(pkg.get("dependencies", {}))
             deps.update(pkg.get("devDependencies", {}))
+
+            # Language
             if "typescript" in deps or os.path.isfile(
                 os.path.join(project_root, "tsconfig.json")
             ):
@@ -134,7 +204,10 @@ def detect_project_context(project_root):
             else:
                 detected["language"] = "JavaScript"
 
-            # Test framework detection (order: more specific first)
+            # Runtime
+            detected["runtime"] = _detect_node_runtime(project_root, pkg)
+
+            # Test framework (more specific first)
             scripts = pkg.get("scripts", {})
             test_script = (
                 scripts.get("test", "")
@@ -150,35 +223,256 @@ def detect_project_context(project_root):
             elif "--test" in test_script or "node:test" in test_script:
                 detected["testing_framework"] = "Node.js built-in test runner"
 
-            # Framework detection
-            if "next" in deps:
-                detected["framework"] = "Next.js"
-            elif "express" in deps:
-                detected["framework"] = "Express.js"
-            elif "fastify" in deps:
-                detected["framework"] = "Fastify"
-            elif "react" in deps:
-                detected["framework"] = "React"
-            elif "vue" in deps:
-                detected["framework"] = "Vue.js"
+            # ── Frontend framework ──
+            frontend_frameworks = [
+                ("next", "Next.js"),
+                ("nuxt", "Nuxt"),
+                ("@angular/core", "Angular"),
+                ("svelte", "Svelte"),
+                ("solid-js", "Solid.js"),
+                ("react", "React"),
+                ("vue", "Vue.js"),
+            ]
+            for dep_name, fw_name in frontend_frameworks:
+                if dep_name in deps:
+                    detected["frontend_framework"] = fw_name
+                    break
+
+            # ── Backend framework ──
+            backend_frameworks = [
+                ("@nestjs/core", "NestJS"),
+                ("express", "Express.js"),
+                ("fastify", "Fastify"),
+                ("koa", "Koa"),
+                ("hapi", "Hapi"),
+                ("hono", "Hono"),
+            ]
+            for dep_name, fw_name in backend_frameworks:
+                if dep_name in deps:
+                    detected["backend_framework"] = fw_name
+                    break
+
+            # Legacy "framework" field for backward compatibility
+            if "frontend_framework" in detected:
+                detected["framework"] = detected["frontend_framework"]
+            elif "backend_framework" in detected:
+                detected["framework"] = detected["backend_framework"]
+
+            # ── Frontend styling ──
+            styling_libs = [
+                ("tailwindcss", "Tailwind CSS"),
+                ("@tailwindcss/vite", "Tailwind CSS"),
+                ("styled-components", "Styled Components"),
+                ("@emotion/react", "Emotion"),
+                ("@emotion/styled", "Emotion"),
+                ("@mui/material", "Material UI"),
+                ("@chakra-ui/react", "Chakra UI"),
+                ("antd", "Ant Design"),
+                ("sass", "SCSS/Sass"),
+                ("node-sass", "SCSS/Sass"),
+                ("less", "Less"),
+            ]
+            for dep_name, style_name in styling_libs:
+                if dep_name in deps:
+                    detected["frontend_styling"] = style_name
+                    break
+
+            # ── Database ──
+            db_libs = [
+                ("pg", "PostgreSQL"),
+                ("postgres", "PostgreSQL"),
+                ("mysql2", "MySQL"),
+                ("mysql", "MySQL"),
+                ("better-sqlite3", "SQLite"),
+                ("mongodb", "MongoDB"),
+                ("mongoose", "MongoDB"),
+                ("redis", "Redis"),
+                ("ioredis", "Redis"),
+            ]
+            for dep_name, db_name in db_libs:
+                if dep_name in deps:
+                    detected["database"] = db_name
+                    break
+
+            # ── ORM ──
+            orm_libs = [
+                ("@prisma/client", "Prisma"),
+                ("prisma", "Prisma"),
+                ("drizzle-orm", "Drizzle"),
+                ("typeorm", "TypeORM"),
+                ("sequelize", "Sequelize"),
+                ("mongoose", "Mongoose"),
+                ("knex", "Knex.js"),
+                ("@mikro-orm/core", "MikroORM"),
+            ]
+            for dep_name, orm_name in orm_libs:
+                if dep_name in deps:
+                    detected["orm"] = orm_name
+                    break
+
+            # ── Bundler ──
+            bundler_libs = [
+                ("vite", "Vite"),
+                ("webpack", "Webpack"),
+                ("esbuild", "esbuild"),
+                ("rollup", "Rollup"),
+                ("parcel", "Parcel"),
+                ("turbo", "Turborepo"),
+                ("@rspack/core", "Rspack"),
+            ]
+            for dep_name, bundler_name in bundler_libs:
+                if dep_name in deps:
+                    detected["bundler"] = bundler_name
+                    break
+
+            # ── Project type inference ──
+            has_frontend = "frontend_framework" in detected
+            has_backend = "backend_framework" in detected
+            has_workspaces = "workspaces" in pkg
+            has_bin = "bin" in pkg
+
+            if has_workspaces:
+                detected["project_type"] = "monorepo"
+            elif has_frontend and has_backend:
+                detected["project_type"] = "fullstack"
+            elif has_frontend:
+                detected["project_type"] = "frontend"
+            elif has_backend:
+                detected["project_type"] = "backend"
+            elif has_bin:
+                detected["project_type"] = "cli"
+            elif "main" in pkg or "exports" in pkg:
+                detected["project_type"] = "library"
+
         except (json.JSONDecodeError, IOError):
             pass
 
-    # 2. Python project detection
-    if not detected:
+    # ── 2. Python project detection ──
+    if "language" not in detected:
+        py_content = ""
         for marker in ["pyproject.toml", "setup.py", "requirements.txt"]:
-            if os.path.isfile(os.path.join(project_root, marker)):
+            marker_path = os.path.join(project_root, marker)
+            if os.path.isfile(marker_path):
                 detected["language"] = "Python"
-                # Check for pytest
-                toml_path = os.path.join(project_root, "pyproject.toml")
-                if os.path.isfile(toml_path):
-                    try:
-                        with open(toml_path, "r", encoding="utf-8") as f:
-                            content = f.read()
-                        if "pytest" in content:
-                            detected["testing_framework"] = "pytest"
-                    except IOError:
-                        pass
+                if marker == "pyproject.toml":
+                    py_content = _read_file_safe(marker_path)
+                break
+
+        if detected.get("language") == "Python":
+            req_path = os.path.join(project_root, "requirements.txt")
+            req_content = _read_file_safe(req_path) if os.path.isfile(req_path) else ""
+            py_deps = _parse_python_deps(py_content, req_content)
+
+            # Runtime version (regex for requires-python = ">=3.11")
+            if py_content:
+                ver_match = re.search(
+                    r'requires-python\s*=\s*["\']([^"\']+)["\']', py_content
+                )
+                if ver_match:
+                    detected["runtime"] = "Python {}".format(ver_match.group(1))
+
+            # Testing
+            if "pytest" in py_deps:
+                detected["testing_framework"] = "pytest"
+
+            # Backend framework
+            py_backend = [
+                ("django", "Django"),
+                ("fastapi", "FastAPI"),
+                ("flask", "Flask"),
+                ("starlette", "Starlette"),
+                ("tornado", "Tornado"),
+                ("aiohttp", "aiohttp"),
+            ]
+            for dep_name, fw_name in py_backend:
+                if dep_name in py_deps:
+                    detected["backend_framework"] = fw_name
+                    detected["framework"] = fw_name
+                    break
+
+            # Database / ORM
+            py_db = [
+                ("psycopg2", "PostgreSQL"),
+                ("psycopg", "PostgreSQL"),
+                ("asyncpg", "PostgreSQL"),
+                ("pymysql", "MySQL"),
+                ("pymongo", "MongoDB"),
+                ("motor", "MongoDB"),
+            ]
+            for dep_name, db_name in py_db:
+                if dep_name in py_deps:
+                    detected["database"] = db_name
+                    break
+
+            py_orm = [
+                ("sqlalchemy", "SQLAlchemy"),
+                ("tortoise-orm", "Tortoise ORM"),
+                ("peewee", "Peewee"),
+            ]
+            for dep_name, orm_name in py_orm:
+                if dep_name in py_deps:
+                    detected["orm"] = orm_name
+                    break
+            # Django ORM: if django is a dep and no other ORM detected
+            if "django" in py_deps and "orm" not in detected:
+                detected["orm"] = "Django ORM"
+
+            # Project type
+            if "backend_framework" in detected:
+                detected["project_type"] = "backend"
+
+    # ── 3. Go project detection ──
+    if "language" not in detected:
+        go_mod_path = os.path.join(project_root, "go.mod")
+        if os.path.isfile(go_mod_path):
+            detected["language"] = "Go"
+            detected["runtime"] = "Go"
+            go_content = _read_file_safe(go_mod_path)
+            if "gin-gonic" in go_content:
+                detected["backend_framework"] = "Gin"
+            elif "labstack/echo" in go_content:
+                detected["backend_framework"] = "Echo"
+            elif "go-chi/chi" in go_content:
+                detected["backend_framework"] = "Chi"
+            if "backend_framework" in detected:
+                detected["framework"] = detected["backend_framework"]
+                detected["project_type"] = "backend"
+
+    # ── 4. Rust / Java / other languages (basic detection) ──
+    if "language" not in detected:
+        if os.path.isfile(os.path.join(project_root, "Cargo.toml")):
+            detected["language"] = "Rust"
+            detected["runtime"] = "Rust"
+        elif os.path.isfile(os.path.join(project_root, "pom.xml")):
+            detected["language"] = "Java"
+            detected["runtime"] = "Java (Maven)"
+        elif os.path.isfile(os.path.join(project_root, "build.gradle")):
+            detected["language"] = "Java/Kotlin"
+            detected["runtime"] = "Java (Gradle)"
+
+    # ── 5. Database from docker-compose (cross-language) ──
+    if "database" not in detected:
+        for dc_name in [
+            "docker-compose.yml",
+            "docker-compose.yaml",
+            "compose.yml",
+            "compose.yaml",
+        ]:
+            dc_path = os.path.join(project_root, dc_name)
+            if os.path.isfile(dc_path):
+                dc_content = _read_file_safe(dc_path).lower()
+                dc_db = [
+                    ("postgres", "PostgreSQL"),
+                    ("mysql", "MySQL"),
+                    ("mariadb", "MariaDB"),
+                    ("mongo", "MongoDB"),
+                    ("redis", "Redis"),
+                    ("sqlite", "SQLite"),
+                ]
+                for pattern, db_name in dc_db:
+                    if pattern in dc_content:
+                        detected["database"] = db_name
+                        break
                 break
 
     return detected
@@ -199,10 +493,18 @@ def enrich_global_context(global_context, project_root):
         "language": "language",
         "testing_framework": "testing_strategy",
         "framework": "framework",
+        "frontend_framework": "frontend_framework",
+        "frontend_styling": "frontend_styling",
+        "backend_framework": "backend_framework",
+        "database": "database",
+        "orm": "orm",
+        "bundler": "bundler",
+        "project_type": "project_type",
+        "runtime": "runtime",
     }
     # Alternate key names that should block auto-detection
     alt_keys = {
-        "testing_strategy": ["testing_framework", "test_framework"],
+        "testing_strategy": ["testing_framework", "test_framework", "testing"],
     }
     for det_key, ctx_key in key_mapping.items():
         if det_key not in detected:

package/bundled/dev-pipeline/templates/bootstrap-tier1.md

@@ -73,6 +73,15 @@ Check `.prizmkit/specs/{{FEATURE_SLUG}}/context-snapshot.md` — if it exists, s
 
 ### Phase 1: Build Context Snapshot
 
+**Check for previous failure log:**
+```bash
+cat .prizmkit/specs/{{FEATURE_SLUG}}/failure-log.md 2>/dev/null || echo "NO_PREVIOUS_FAILURE"
+```
+If failure-log.md exists:
+- Read ROOT_CAUSE and SUGGESTION — adjust your approach accordingly
+- Read DISCOVERED_TRAPS — if any are genuine, inject into .prizm-docs/ during Phase 4 retrospective
+- Do NOT delete failure-log.md until this session succeeds
+
 ```bash
 ls .prizmkit/specs/{{FEATURE_SLUG}}/context-snapshot.md 2>/dev/null && echo "EXISTS" || echo "MISSING"
 ```
@@ -167,6 +176,23 @@ git commit -m "chore({{FEATURE_ID}}): include session artifacts"
 | Context Snapshot | `.prizmkit/specs/{{FEATURE_SLUG}}/context-snapshot.md` |
 | Project Root | {{PROJECT_ROOT}} |
 
+## Failure Capture Protocol
+
+If you encounter an unrecoverable error, context overflow, or are about to exit without completing all phases:
+
+1. Write `.prizmkit/specs/{{FEATURE_SLUG}}/failure-log.md` BEFORE exiting:
+   ```
+   FAILURE_TYPE: timeout | test_failure | review_rejected | context_overflow | unknown
+   PHASE: <which phase failed>
+   ROOT_CAUSE: <1-2 sentence explanation>
+   ATTEMPTED: <approaches already tried>
+   SUGGESTION: <what the next session should try differently>
+   DISCOVERED_TRAPS:
+   - [CRITICAL|HIGH|LOW] <gotcha discovered during this failed session> | FIX: <approach>
+   ```
+
+2. This file is intentionally lightweight — write it BEFORE context runs out.
+
 ## Reminders
 
 - Tier 1: you handle everything directly — no subagents needed

package/bundled/dev-pipeline/templates/bootstrap-tier2.md

@@ -84,6 +84,15 @@ Check `.prizmkit/specs/{{FEATURE_SLUG}}/context-snapshot.md` — if exists, skip
 
 ### Phase 1: Build Context Snapshot (you, the orchestrator)
 
+**Check for previous failure log:**
+```bash
+cat .prizmkit/specs/{{FEATURE_SLUG}}/failure-log.md 2>/dev/null || echo "NO_PREVIOUS_FAILURE"
+```
+If failure-log.md exists:
+- Read ROOT_CAUSE and SUGGESTION — adjust your approach accordingly
+- Read DISCOVERED_TRAPS — if any are genuine, inject into .prizm-docs/ during Phase 5 retrospective
+- Do NOT delete failure-log.md until this session succeeds
+
 ```bash
 ls .prizmkit/specs/{{FEATURE_SLUG}}/context-snapshot.md 2>/dev/null && echo "EXISTS" || echo "MISSING"
 ```
@@ -216,6 +225,23 @@ git commit -m "chore({{FEATURE_ID}}): include session artifacts"
 | Reviewer Agent Def | {{REVIEWER_SUBAGENT_PATH}} |
 | Project Root | {{PROJECT_ROOT}} |
 
+## Failure Capture Protocol
+
+If you encounter an unrecoverable error, context overflow, or are about to exit without completing all phases:
+
+1. Write `.prizmkit/specs/{{FEATURE_SLUG}}/failure-log.md` BEFORE exiting:
+   ```
+   FAILURE_TYPE: timeout | test_failure | review_rejected | context_overflow | unknown
+   PHASE: <which phase failed>
+   ROOT_CAUSE: <1-2 sentence explanation>
+   ATTEMPTED: <approaches already tried>
+   SUGGESTION: <what the next session should try differently>
+   DISCOVERED_TRAPS:
+   - [CRITICAL|HIGH|LOW] <gotcha discovered during this failed session> | FIX: <approach>
+   ```
+
+2. This file is intentionally lightweight — write it BEFORE context runs out.
+
 ## Reminders
 
 - Tier 2: orchestrator builds context+plan, Dev implements, Reviewer reviews+tests — use direct Agent spawn for agents

package/bundled/dev-pipeline/templates/bootstrap-tier3.md

@@ -147,6 +147,15 @@ After team setup: check `.prizmkit/specs/{{FEATURE_SLUG}}/context-snapshot.md`
 
 ### Phase 1-2: Specify + Plan — Orchestrator (you)
 
+**Check for previous failure log:**
+```bash
+cat .prizmkit/specs/{{FEATURE_SLUG}}/failure-log.md 2>/dev/null || echo "NO_PREVIOUS_FAILURE"
+```
+If failure-log.md exists:
+- Read ROOT_CAUSE and SUGGESTION — adjust your approach accordingly
+- Read DISCOVERED_TRAPS — if any are genuine, inject into .prizm-docs/ during Phase 6 retrospective
+- Do NOT delete failure-log.md until this session succeeds
+
 Check existing artifacts first:
 ```bash
 ls .prizmkit/specs/{{FEATURE_SLUG}}/ 2>/dev/null
@@ -396,6 +405,23 @@ git commit -m "chore({{FEATURE_ID}}): include session artifacts"
 | Project Root | {{PROJECT_ROOT}} |
 | Feature List Path | {{FEATURE_LIST_PATH}} |
 
+## Failure Capture Protocol
+
+If you encounter an unrecoverable error, context overflow, or are about to exit without completing all phases:
+
+1. Write `.prizmkit/specs/{{FEATURE_SLUG}}/failure-log.md` BEFORE exiting:
+   ```
+   FAILURE_TYPE: timeout | test_failure | review_rejected | context_overflow | unknown
+   PHASE: <which phase failed>
+   ROOT_CAUSE: <1-2 sentence explanation>
+   ATTEMPTED: <approaches already tried>
+   SUGGESTION: <what the next session should try differently>
+   DISCOVERED_TRAPS:
+   - [CRITICAL|HIGH|LOW] <gotcha discovered during this failed session> | FIX: <approach>
+   ```
+
+2. This file is intentionally lightweight — write it BEFORE context runs out.
+
 ## Reminders
 
 - Tier 3: full team — Dev (implementation) → Reviewer (review + test) — spawn agents directly via Agent tool

package/bundled/dev-pipeline/templates/bug-fix-list-schema.json

@@ -151,7 +151,16 @@
       "description": "Global context for all bug fixes in this batch",
       "properties": {
         "tech_stack": { "type": "string" },
-        "testing_framework": { "type": "string" },
+        "language": { "type": "string" },
+        "runtime": { "type": "string" },
+        "frontend_framework": { "type": "string" },
+        "frontend_styling": { "type": "string" },
+        "backend_framework": { "type": "string" },
+        "database": { "type": "string" },
+        "orm": { "type": "string" },
+        "testing_strategy": { "type": "string" },
+        "bundler": { "type": "string" },
+        "project_type": { "type": "string" },
         "ci_pipeline": { "type": "string" }
       }
     }

package/bundled/dev-pipeline/templates/feature-list-schema.json

@@ -108,8 +108,17 @@
       "type": "object",
       "properties": {
         "tech_stack": { "type": "string" },
+        "language": { "type": "string" },
+        "runtime": { "type": "string" },
+        "frontend_framework": { "type": "string" },
+        "frontend_styling": { "type": "string" },
+        "backend_framework": { "type": "string" },
+        "database": { "type": "string" },
+        "orm": { "type": "string" },
         "design_system": { "type": "string" },
-        "testing_strategy": { "type": "string" }
+        "testing_strategy": { "type": "string" },
+        "bundler": { "type": "string" },
+        "project_type": { "type": "string" }
       }
     }
   }

package/bundled/skills/_metadata.json

@@ -1,5 +1,5 @@
 {
-  "version": "1.0.103",
+  "version": "1.0.105",
   "skills": {
     "prizm-kit": {
       "description": "Full-lifecycle dev toolkit. Covers spec-driven development, Prizm context docs, code quality, debugging, deployment, and knowledge management.",

package/bundled/skills/app-planner/SKILL.md

@@ -47,8 +47,15 @@ Do NOT use this skill when:
 
 Before questions, check optional context files (never block if absent):
 - `.prizm-docs/root.prizm` (architecture/project context)
-- `.prizmkit/config.json` (existing stack preferences)
+- `.prizmkit/config.json` (existing stack preferences and detected tech stack)
 - existing `feature-list.json` (required for incremental mode)
+
+**Tech stack auto-population from config.json:**
+- If `.prizmkit/config.json` contains a `tech_stack` object, use it to pre-fill `global_context` fields in the generated `feature-list.json`.
+- Map config fields to global_context: `language`, `runtime`, `frontend_framework`, `frontend_styling`, `backend_framework`, `database`, `orm`, `testing` → `testing_strategy`, `bundler`, `project_type`.
+- Do NOT re-ask the user for tech stack info that is already present in config.json. Instead, show the detected stack and ask: "Is this correct? Any changes?"
+- If config.json has no `tech_stack`, fall back to asking during Phase 2 (constraints and tech assumptions).
+
 Note:
 - This skill **reads** `.prizmkit/config.json` if present.
 - This skill does **not** create `.prizmkit/config.json` directly.

package/bundled/skills/bug-planner/SKILL.md

@@ -43,8 +43,8 @@ Launch the interactive bug planning process through 4 phases.
 ### Phase 1: Project Context
 
 1. **Identify project**: Read project name and description from existing `feature-list.json` or ask user
-2. **Identify tech stack**: Read from `feature-list.json` global_context or `.prizm-docs/root.prizm`, or ask user
-3. **Identify testing framework**: Auto-detect from package.json/requirements.txt/etc., or ask user
+2. **Identify tech stack**: Read from `.prizmkit/config.json` `tech_stack` (preferred), then `feature-list.json` global_context, then `.prizm-docs/root.prizm`. Only ask user if none of these sources provide tech stack info.
+3. **Identify testing framework**: Read from `.prizmkit/config.json` `tech_stack.testing`, or auto-detect from package.json/requirements.txt/etc., or ask user
 
 Output: `project_name`, `project_description`, `global_context` fields populated.
 

package/bundled/skills/prizmkit-init/SKILL.md

@@ -35,6 +35,8 @@ Project takeover and bootstrap skill. Scans any project (brownfield or greenfiel
 
 MODE DETECTION:
 - If `.prizm-docs/` exists: Ask user if they want to reinitialize or update
+  - **Reinitialize**: overwrites `.prizm-docs/` and `config.json` tech_stack (fresh start)
+  - **Update**: re-scans tech stack and merges changes into existing `config.json` (see Step 3b merge strategy); updates `root.prizm` TECH_STACK if changed; preserves existing `.prizm-docs/` L1/L2 docs
 - If project has source code: brownfield mode
 - If project is nearly empty: greenfield mode
 
@@ -50,6 +52,18 @@ BROWNFIELD WORKFLOW (existing project):
 3. Identify entry points by language convention
 4. Catalog dependencies (external packages)
 5. Count source files per directory
+6. Detect detailed tech stack (adaptive — only include fields that apply to this project):
+   - **Language & Runtime**: e.g. TypeScript + Node.js 20, Python 3.11, Go 1.22
+   - **Frontend framework** (if applicable): React, Vue.js, Angular, Next.js, Svelte, etc.
+   - **Frontend styling** (if applicable): Tailwind CSS, SCSS, Styled Components, Material UI, etc.
+   - **Backend framework** (if applicable): Express.js, FastAPI, Django, NestJS, Gin, etc.
+   - **Database** (if applicable): PostgreSQL, MySQL, MongoDB, Redis, SQLite — detected from deps or `docker-compose.yml`
+   - **ORM** (if applicable): Prisma, Drizzle, TypeORM, SQLAlchemy, Mongoose, etc.
+   - **Bundler** (if applicable): Vite, Webpack, esbuild, Rollup, Turborepo
+   - **Testing**: Vitest, Jest, pytest, Go test, etc.
+   - **Project type** (inferred): `frontend` | `backend` | `fullstack` | `library` | `cli` | `monorepo`
+
+   **IMPORTANT**: Not all projects have all fields. A pure backend API will have no `frontend_framework` or `frontend_styling`. A library may have no database. Only record what is actually detected — never generate empty or placeholder values.
 
 **Step 2: Prizm Documentation Generation**
 Invoke prizmkit-prizm-docs (Init operation), passing the two-tier module structure from Step 1:
@@ -64,6 +78,57 @@ Invoke prizmkit-prizm-docs (Init operation), passing the two-tier module structu
   - `.prizmkit/config.json` (adoption_mode, speckit_hooks_enabled, platform)
   - `.prizmkit/specs/` (empty)
 
+3b. Write detected tech stack to `.prizmkit/config.json`:
+
+   **Merge strategy** (handles re-init without losing user edits):
+   - Read existing `config.json` if present
+   - If `tech_stack` field exists AND `_auto_detected` is `false` or absent:
+     → **SKIP** — user has manually configured tech stack, preserve their settings
+   - If `tech_stack` field exists AND `_auto_detected` is `true`:
+     → **MERGE** — overwrite auto-detected values with new detection results, but preserve any keys the user added manually (keys not in the new detection result)
+   - If `tech_stack` field does NOT exist:
+     → **WRITE** full detected tech stack with `"_auto_detected": true`
+   - Only include fields that were actually detected (no empty/null values)
+
+   Example config.json after init (fullstack project):
+   ```json
+   {
+     "adoption_mode": "passive",
+     "platform": "claude",
+     "tech_stack": {
+       "language": "TypeScript",
+       "runtime": "Node.js 20",
+       "frontend_framework": "React",
+       "frontend_styling": "Tailwind CSS",
+       "backend_framework": "Express.js",
+       "database": "PostgreSQL",
+       "orm": "Prisma",
+       "testing": "Vitest",
+       "bundler": "Vite",
+       "project_type": "fullstack",
+       "_auto_detected": true
+     }
+   }
+   ```
+
+   Example config.json after init (pure Python backend):
+   ```json
+   {
+     "adoption_mode": "passive",
+     "platform": "claude",
+     "tech_stack": {
+       "language": "Python",
+       "runtime": "Python >=3.11",
+       "backend_framework": "FastAPI",
+       "database": "PostgreSQL",
+       "orm": "SQLAlchemy",
+       "testing": "pytest",
+       "project_type": "backend",
+       "_auto_detected": true
+     }
+   }
+   ```
+
 **Step 4: Hook & Settings Configuration**
 
 4a. Read or create platform settings file (`.codebuddy/settings.json` or `.claude/settings.json`)
@@ -74,15 +139,44 @@ Invoke prizmkit-prizm-docs (Init operation), passing the two-tier module structu
 4d. Preserve any existing hooks and settings — never overwrite user's custom configuration
 
 **Step 5: Report**
-Output summary: platform detected, tech stack detected, modules discovered, L1 docs generated, platform-specific configuration applied, next recommended steps.
+Output summary: platform detected, tech stack detected (with detail), modules discovered, L1 docs generated, platform-specific configuration applied, next recommended steps.
+
+Tech stack report format (only show detected fields, adapt to project type):
+```
+Tech stack detected:
+  Language:     TypeScript
+  Runtime:      Node.js 20
+  Frontend:     React + Tailwind CSS
+  Backend:      Express.js
+  Database:     PostgreSQL (Prisma)
+  Testing:      Vitest
+  Bundler:      Vite
+  Project type: fullstack
+```
+
+For a pure backend Python project, the report would show:
+```
+Tech stack detected:
+  Language:     Python
+  Runtime:      Python >=3.11
+  Backend:      FastAPI
+  Database:     PostgreSQL (SQLAlchemy)
+  Testing:      pytest
+  Project type: backend
+```
+
+Saved to: `.prizmkit/config.json` → `tech_stack` field
 
 Include platform-specific guidance:
 - CodeBuddy: "Use `/prizmkit-specify` to start your first feature"
 - Claude Code: "Use `/prizmkit-specify` to start your first feature"
 
 GREENFIELD WORKFLOW (new project):
-- Skip Step 1 (no code to scan)
-- Step 2: Create minimal `.prizm-docs/` with just `root.prizm` skeleton
+- Skip Step 1 (no code to scan) — but ask the user about their intended tech stack:
+  - "What language/framework will you use?" (e.g. React + Node.js, Python + FastAPI, etc.)
+  - Record answers in `config.json` `tech_stack` with `"_auto_detected": false` (user-provided, not auto-detected)
+  - If user is unsure, skip tech_stack — it can be populated later on re-init after code exists
+- Step 2: Create minimal `.prizm-docs/` with just `root.prizm` skeleton (populate TECH_STACK from user answers if provided)
 - Steps 3-5: Same as brownfield (Step 5 Report recommends starting with specify for first feature)
 
 ### Gradual Adoption Path
@@ -107,14 +201,23 @@ User can change mode in `.prizmkit/config.json`: `"adoption_mode": "passive" | "
 
 ## Example
 
-**Brownfield init on a Node.js project:**
+**Brownfield init on a fullstack Node.js project:**
 ```
 $ /prizmkit-init
 
 Platform detected: Claude Code
-Tech stack: TypeScript, Node.js, Express
 Mode: Brownfield (154 source files found)
 
+Tech stack detected:
+  Language:     TypeScript
+  Runtime:      Node.js 20
+  Frontend:     React + Tailwind CSS
+  Backend:      Express.js
+  Database:     PostgreSQL (Prisma)
+  Testing:      Vitest
+  Bundler:      Vite
+  Project type: fullstack
+
 Modules discovered:
   src/routes/     → .prizm-docs/routes.prizm (12 files)
   src/models/     → .prizm-docs/models.prizm (8 files)
@@ -123,8 +226,25 @@ Modules discovered:
 
 Generated: root.prizm + 4 L1 docs + changelog.prizm
 Configured: .claude/rules/ (2 files), hooks in settings.json
+Saved: .prizmkit/config.json (tech_stack recorded)
 
 Next: Use /prizmkit-specify to start your first feature
 ```
 
+**Re-init after PrizmKit upgrade (existing config preserved):**
+```
+$ /prizmkit-init
+
+.prizm-docs/ already exists. Reinitialize or update?
+> Update (preserve existing docs)
+
+Tech stack changes detected:
+  + bundler: Vite (newly detected)
+  ~ testing: Jest → Vitest (updated)
+  = language: TypeScript (unchanged)
+  = frontend: React (unchanged)
+
+Merged into .prizmkit/config.json (2 fields updated, user overrides preserved)
+```
+
 IMPORTANT: Use `${SKILL_DIR}` placeholder for all path references. Never hardcode absolute paths.

package/bundled/skills/prizmkit-prizm-docs/SKILL.md

@@ -121,7 +121,7 @@ Check format compliance and consistency of all .prizm docs.
 PRECONDITION: .prizm-docs/ exists.
 
 STEPS:
-1. FORMAT CHECK: Verify all .prizm files use KEY: value format. Flag any prose paragraphs, code blocks (```), markdown headers (##), emoji, ASCII art, or horizontal rules.
+1. FORMAT CHECK: Verify all .prizm files use KEY: value format. Flag any prose paragraphs, code blocks (```), markdown headers (##), emoji, ASCII art, or horizontal rules. Flag TRAPS entries missing severity prefix ([CRITICAL], [HIGH], or [LOW]). Note: [REVIEW] preceding severity (e.g., `[REVIEW][HIGH]`) is a valid temporary staleness marker, not a format violation.
 2. SIZE CHECK: Verify size limits: L0 <= 4KB, L1 <= 3KB, L2 <= 5KB. Report files exceeding limits with current size.
 3. POINTER CHECK: Verify all arrow (->) references resolve to existing .prizm files. Report broken pointers.
 4. TIMESTAMP CHECK: Verify all docs have UPDATED field. Flag docs with UPDATED older than 30 days as potentially stale.

package/bundled/skills/prizmkit-prizm-docs/assets/PRIZM-SPEC.md

@@ -1,4 +1,4 @@
-PRIZM_SPEC_VERSION: 2
+PRIZM_SPEC_VERSION: 3
 PURPOSE: AI-only documentation framework for vibe coding projects
 AUDIENCE: AI agents (not humans)
 FORMAT: KEY: value pairs, ALL CAPS section headers, arrow pointers
@@ -180,7 +180,7 @@ TEMPLATE:
   - PREFER: <module-specific preference>
 
   TRAPS:
-  - <what looks safe but is dangerous> | FIX: <correct approach>
+  - [CRITICAL|HIGH|LOW] <what looks safe but is dangerous> | FIX: <correct approach>
 
   DECISIONS:
   - <what was decided> — <rationale>
@@ -195,6 +195,16 @@ CONSTRAINTS:
 - SUBDIRS entries must have arrow pointer (->) if L2 doc exists
 - KEY_FILES lists only the most important files (max 10-15)
 - RULES may only SUPPLEMENT root.prizm RULES with module-specific exceptions, never contradict them
+- TRAPS entries MUST have severity prefix ([CRITICAL], [HIGH], or [LOW]). [REVIEW] may precede severity as a temporary staleness marker.
+- TRAPS optional fields: append `| REF: <7-char-hash>` for traceability, `| STALE_IF: <glob>` for auto-expiry detection
+
+TRAPS_FORMAT_REFERENCE (spec-only — do NOT include this block in generated .prizm files):
+- Severity levels: CRITICAL = data loss/security/financial/crash, HIGH = functional failure/silent error, LOW = naming/minor quality
+- Temporary prefix: [REVIEW] may precede severity (e.g., `[REVIEW][HIGH]`) — signals the TRAP needs re-validation. Consumed by the next retrospective: verify and either remove [REVIEW] or delete the TRAP.
+- REF: first 7 chars of the commit where the trap was discovered (optional, for traceability)
+- STALE_IF: glob pattern — when matched files are deleted or heavily rewritten, this trap needs re-validation (optional)
+- Minimal valid format: `- [SEVERITY] <description> | FIX: <approach>`
+- Full format: `- [SEVERITY] <description> | FIX: <approach> | REF: <hash> | STALE_IF: <glob>`
 
 ## 3.3 L2: detail.prizm
 
@@ -220,8 +230,8 @@ TEMPLATE:
   - REJECTED: <approach that was tried/considered and abandoned + why>
 
   TRAPS:
-  - <gotcha: something that looks correct but is wrong or dangerous>
-  - <non-obvious coupling, race condition, or side effect>
+  - [CRITICAL|HIGH|LOW] <gotcha: something that looks correct but is wrong or dangerous> | FIX: <correct approach>
+  - [CRITICAL|HIGH|LOW] <non-obvious coupling, race condition, or side effect> | FIX: <approach>
 
   CHANGELOG:
   - YYYY-MM-DD | <verb>: <description of recent change to this module>
@@ -238,6 +248,9 @@ CONSTRAINTS:
 - DOMAIN-SPECIFIC SECTIONS are flexible, not prescribed
 - DECISIONS is append-only (never delete, archive if >20 entries)
 - TRAPS section is CRITICAL for preventing AI from making known mistakes
+- TRAPS entries MUST have severity prefix ([CRITICAL], [HIGH], or [LOW]). [REVIEW] may precede severity as a temporary staleness marker.
+- TRAPS optional fields: append `| REF: <7-char-hash>` for traceability, `| STALE_IF: <glob>` for auto-expiry detection
+- TRAPS severity guide: CRITICAL = data loss/security/financial/crash, HIGH = functional failure/silent error, LOW = naming/minor quality
 - REJECTED entries prevent AI from re-proposing failed approaches
 - FILES lists all files, not just key ones
 - RULES may only SUPPLEMENT root.prizm RULES with module-specific exceptions, never contradict them
@@ -440,6 +453,7 @@ NEVER: Session-specific context or conversation history (docs are session-indepe
 NEVER: Flowcharts, diagrams, mermaid blocks, or ASCII art (wastes tokens, AI cannot parse visually)
 NEVER: Markdown headers (## / ###) inside .prizm files (use ALL CAPS KEY: format instead)
 NEVER: Rewrite entire .prizm files on update (modify only affected sections)
+NEVER: TRAPS entries without severity prefix ([CRITICAL], [HIGH], or [LOW])
 
 ---
 
@@ -821,6 +835,16 @@ V2 (2026-03-02): Enhanced specification
 - Enhanced Section 9.1 with ON_DEEP_READ trigger alongside ON_MODIFY
 - Updated PRIZM_SPEC_VERSION to 2
 
+V3 (2026-03-25): Knowledge quality and resilience
+- TRAPS entries now MUST have severity prefix: [CRITICAL], [HIGH], or [LOW]
+- TRAPS optional fields: REF (commit hash for traceability), STALE_IF (glob for auto-expiry detection)
+- Added TRAPS staleness check in retrospective (step 1g): auto-archive stale TRAPS when count > 10
+- Added Failure Capture Protocol: bootstrap templates write failure-log.md on session failure for cross-session learning
+- Added retrospective data source: failure-log.md DISCOVERED_TRAPS are prioritized for .prizm-docs/ injection
+- Added TRAPS_FORMAT_REFERENCE as spec-only block (must NOT appear in generated .prizm files)
+- Added V2→V3 migration: auto-tag legacy TRAPS with [LOW] default severity
+- Updated PRIZM_SPEC_VERSION to 3
+
 ---
 
 # SECTION 15: CONFLICT RESOLUTION
@@ -884,8 +908,8 @@ BEST_PRACTICE: Coordinate on MODULE_INDEX changes (adding/removing modules) to a
 
 ## 16.1 Migration Principles
 
-BACKWARD_COMPATIBLE: V2 can read V1 docs without modification
-FORWARD_COMPATIBLE: V1 tools will ignore V2-only fields they do not recognize
+BACKWARD_COMPATIBLE: V3 can parse V2 docs without errors, but Validate will flag TRAPS entries missing severity prefixes and auto-migration (Section 16.3) will add [LOW] defaults
+FORWARD_COMPATIBLE: V2 tools will ignore V3-only fields they do not recognize
 MIGRATION_TRIGGER: AI detects PRIZM_VERSION in root.prizm and applies migration if needed
 
 ## 16.2 V1 to V2 Migration
@@ -911,7 +935,32 @@ ALGORITHM: prizm_migrate_v1_to_v2
 4. UPDATE_CHANGELOG:
    APPEND: - YYYY-MM-DD | root | update: migrated from PRIZM_VERSION 1 to 2
 
-## 16.3 Future Version Migration Pattern
+## 16.3 V2 to V3 Migration
+
+TRIGGER: Automatic on first prizmkit-prizm-docs Update or Validate operation after spec upgrade
+
+ALGORITHM: prizm_migrate_v2_to_v3
+
+1. UPDATE_VERSION:
+   Change: PRIZM_VERSION: 2 -> PRIZM_VERSION: 3
+   In: root.prizm
+
+2. MIGRATE_TRAPS_FORMAT:
+   SCAN: All L1 and L2 .prizm files for TRAPS entries
+   FOR EACH TRAPS entry without severity prefix ([CRITICAL], [HIGH], or [LOW]):
+     PREPEND: [LOW] as conservative default severity
+     EXAMPLE: `- foo is dangerous | FIX: use bar` becomes `- [LOW] foo is dangerous | FIX: bar`
+   RATIONALE: [LOW] is the safest default — it preserves the trap without over-alarming.
+   AI or user can manually upgrade severity to [HIGH] or [CRITICAL] during next retrospective.
+
+3. VALIDATE:
+   Run full Validate operation
+   REPORT: Migration results — number of TRAPS entries migrated, files updated
+
+4. UPDATE_CHANGELOG:
+   APPEND: - YYYY-MM-DD | root | update: migrated from PRIZM_VERSION 2 to 3 (TRAPS severity prefixes added)
+
+## 16.4 Future Version Migration Pattern
 
 FOR any future version N to N+1:
 

package/bundled/skills/prizmkit-retrospective/SKILL.md

@@ -63,6 +63,9 @@ git diff --name-status
 - **L1**: Update FILES count, KEY_FILES (if major files added/removed), INTERFACES (if public API changed), UPDATED timestamp
 - **L0 root.prizm**: Update MODULE_INDEX file counts only if counts changed. Update UPDATED only if structural change (module added/removed).
 
+**1d-migrate.** Legacy TRAPS format migration (opportunistic):
+While updating an affected L1/L2 doc, if you encounter TRAPS entries **without** a severity prefix (e.g., `- foo | FIX: bar` instead of `- [LOW] foo | FIX: bar`), prepend `[LOW]` as a conservative default. This clears legacy format debt incrementally — only in files already being touched, never as a bulk operation.
+
 **1e.** If new directory with 3+ source files matches no existing module: create L1 doc immediately, add to MODULE_INDEX, defer L2.
 
 **1f.** Enforce size limits:
@@ -72,6 +75,15 @@ git diff --name-status
 
 **SKIP structural sync if**: only internal implementation changed (no interface/dependency impact), only comments/whitespace, only test files, only .prizm files, bug fixes with no interface change.
 
+**1g. TRAPS staleness check** (only when an L2 doc's TRAPS section has > 10 entries):
+
+Perform a quick staleness scan on existing TRAPS to prevent unbounded accumulation:
+1. If a TRAP has `STALE_IF:` and the glob-matched files no longer exist (verified via `ls` or `git status`) → delete the TRAP entry, append CHANGELOG: `remove: archived stale TRAP - <summary>`
+2. If a TRAP has `REF:` and the referenced code has been substantially rewritten (>80% of the original diff is gone, checked via `git log --follow`) → prepend `[REVIEW]` to the severity, signaling it needs manual verification
+3. Process at most 5 of the oldest TRAPS per L2 doc per session (to bound context cost)
+
+This step is lightweight — it only triggers when TRAPS exceed 10 entries, and processes at most 5 per run.
+
 ---
 
 ## Job 2: Architecture Knowledge Injection → `.prizm-docs/`
@@ -95,14 +107,29 @@ Extract TRAPS, RULES, and DECISIONS from development work and inject into `.priz
 - `.prizmkit/specs/###-feature-name/context-snapshot.md` — read the '## Implementation Log' section (Dev's changes, decisions, discoveries) and '## Review Notes' section (Reviewer's findings). These are the **preferred source** for pre-categorized decisions and findings. If these sections exist, prefer them over re-extracting from git diff.
 - `.prizmkit/specs/###-feature-name/plan.md` — if feature work, read planned vs actual
 - `.prizmkit/bugfix/<id>/fix-report.md` — if bugfix, read what was discovered
+- `.prizmkit/specs/###-feature-name/failure-log.md` — if a previous session failed, read DISCOVERED_TRAPS. These are high-value TRAPS because they come from actual failures — prioritize injecting them into `.prizm-docs/`
 - The relevant `.prizm-docs/` L1/L2 docs for affected modules
 
 **2b.** Extract knowledge from what was **observed in code**, not invented:
 
 **TRAPS** (highest priority) — things that look safe but break:
-- Format: `- <what looks safe but is dangerous> | FIX: <correct approach>`
+- Minimal format: `- [SEVERITY] <description> | FIX: <approach>`
+- Full format: `- [SEVERITY] <description> | FIX: <approach> | REF: <hash> | STALE_IF: <glob>`
 - Source: actual bugs hit, surprising behavior discovered in code, non-obvious coupling
 
+**TRAPS severity classification guide**:
+- `[CRITICAL]`: data loss, security vulnerability, financial error, system crash
+- `[HIGH]`: functional failure, silent error, interface incompatibility
+- `[LOW]`: misleading naming, non-intuitive API usage, minor performance issue
+
+When writing TRAPS:
+- Severity prefix is MANDATORY (e.g., `[CRITICAL]`, `[HIGH]`, `[LOW]`)
+- OPTIONAL: append `| REF: <7-char-hash>` when you know the relevant commit (for traceability)
+- OPTIONAL: append `| STALE_IF: <glob>` when the TRAP is tightly coupled to specific files (for auto-expiry detection)
+
+**Consuming [REVIEW] markers** (from staleness check 1g):
+- If you encounter a TRAP prefixed with `[REVIEW]` (e.g., `[REVIEW][HIGH] ...`), verify whether the trap is still valid by checking the current code. If still valid: remove the `[REVIEW]` prefix, keeping the severity. If no longer relevant: delete the TRAP entry and append CHANGELOG.
+
 **RULES** — conventions established or constraints discovered:
 - Format: `- MUST/NEVER/PREFER: <rule>`
 - Source: patterns that proved necessary during implementation

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "prizmkit",
-  "version": "1.0.103",
+  "version": "1.0.105",
   "description": "Create a new PrizmKit-powered project with clean initialization — no framework dev files, just what you need.",
   "type": "module",
   "bin": {