prjct-cli 0.10.12 → 0.10.14

package/core/utils/output.js

@@ -1,24 +1,39 @@
 /**
  * Minimal Output System for prjct-cli
  * Spinner while working → Single line result
+ * With ⚡ prjct branding
  */
 
 const chalk = require('chalk')
+const branding = require('./branding')
 
-const FRAMES = ['⠋', '⠙', '⠹', '⠸', '⠼', '⠴', '⠦', '⠧', '⠇', '⠏']
-const SPEED = 80
+const FRAMES = branding.spinner.frames
+const SPEED = branding.spinner.speed
 
 let interval = null
 let frame = 0
 
 const truncate = (s, max = 50) => (s && s.length > max ? s.slice(0, max - 1) + '…' : s || '')
-const clear = () => process.stdout.write('\r' + ' '.repeat(70) + '\r')
+const clear = () => process.stdout.write('\r' + ' '.repeat(80) + '\r')
 
 const out = {
+  // Branding: Show header at start
+  start() {
+    console.log(branding.cli.header())
+    return this
+  },
+
+  // Branding: Show footer at end
+  end() {
+    console.log(branding.cli.footer())
+    return this
+  },
+
+  // Branded spinner: ⚡ prjct ⠋ message...
   spin(msg) {
     this.stop()
     interval = setInterval(() => {
-      process.stdout.write(`\r${chalk.cyan(FRAMES[frame++ % 10])} ${truncate(msg, 55)}`)
+      process.stdout.write(`\r${branding.cli.spin(frame++, truncate(msg, 45))}`)
     }, SPEED)
     return this
   },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "prjct-cli",
-  "version": "0.10.12",
+  "version": "0.10.14",
   "description": "Built for Claude - Ship fast, track progress, stay focused. Developer momentum tool for indie hackers.",
   "main": "core/index.js",
   "bin": {

package/templates/agentic/agent-routing.md

@@ -57,17 +57,49 @@ Consider these agent specializations:
 3. Consider secondary areas
 4. Choose agent with best expertise match
 
-## Output
+## How to Invoke (EFFICIENT)
 
-Return the recommended agent with reasoning:
+After deciding the best agent, **delegate via Task tool with REFERENCE, not content**:
 
-```json
-{
-  "agent": "recommended-agent-type",
-  "reasoning": "why this agent is best for the task",
-  "confidence": "high|medium|low",
-  "alternatives": ["other agents that could help"]
-}
+```
+Task(
+  subagent_type: 'general-purpose',
+  prompt: '
+    ## Agent Assignment
+    Read and apply: ~/.prjct-cli/projects/{projectId}/agents/{agent-name}.md
+
+    ## Task
+    {task description}
+
+    ## Context
+    - Project: {projectPath}
+    - Files affected: {file list if known}
+
+    ## Flow
+    1. Read agent file FIRST
+    2. Apply agent expertise and patterns
+    3. Execute task following agent guidelines
+    4. Return results
+  '
+)
+```
+
+### Why References, Not Content
+
+| Approach | Prompt Size | Issue |
+|----------|-------------|-------|
+| ❌ Inject content | 3-5KB | Bloats context, increases hallucinations |
+| ✅ Pass reference | ~200 bytes | Subagent reads what it needs |
+
+**CRITICAL:** The subagent reads the agent file itself. You do NOT need to read and inject the content.
+
+## Output (After Delegation)
+
+After Task tool returns, summarize:
+
+```
+✅ Delegated to: {agent-name}
+Result: {brief summary from subagent}
 ```
 
 ## Rules
@@ -75,4 +107,5 @@ Return the recommended agent with reasoning:
 - **Task-driven, not tech-driven** - Focus on what needs to be done
 - **Context matters** - Same tech can mean different things in different projects
 - **Be flexible** - One project's "backend" might be another's "full-stack"
+- **Pass PATH, not CONTENT** - Let subagent read the agent file
 - **Explain your reasoning** - Don't just pick, justify

package/templates/agentic/checklist-routing.md

@@ -0,0 +1,98 @@
+---
+allowed-tools: [Read, Glob]
+description: 'Determine which quality checklists to apply - Claude decides'
+---
+
+# Checklist Routing Instructions
+
+## Objective
+
+Determine which quality checklists are relevant for a task by analyzing the ACTUAL task and its scope.
+
+## Step 1: Understand the Task
+
+Read the task description and identify:
+
+- What type of work is being done? (new feature, bug fix, refactor, infra, docs)
+- What domains are affected? (code, UI, API, database, deployment)
+- What is the scope? (small fix, major feature, architectural change)
+
+## Step 2: Consider Task Domains
+
+Each task can touch multiple domains. Consider:
+
+| Domain | Signals |
+|--------|---------|
+| Code Quality | Writing/modifying any code |
+| Architecture | New components, services, or major refactors |
+| UX/UI | User-facing changes, CLI output, visual elements |
+| Infrastructure | Deployment, containers, CI/CD, cloud resources |
+| Security | Auth, user data, external inputs, secrets |
+| Testing | New functionality, bug fixes, critical paths |
+| Documentation | Public APIs, complex features, breaking changes |
+| Performance | Data processing, loops, network calls, rendering |
+| Accessibility | User interfaces (web, mobile, CLI) |
+| Data | Database operations, caching, data transformations |
+
+## Step 3: Match Task to Checklists
+
+Based on your analysis, select relevant checklists:
+
+**DO NOT assume:**
+- Every task needs all checklists
+- "Frontend" = only UX checklist
+- "Backend" = only Code Quality checklist
+
+**DO analyze:**
+- What the task actually touches
+- What quality dimensions matter for this specific work
+- What could go wrong if not checked
+
+## Available Checklists
+
+Located in `templates/checklists/`:
+
+| Checklist | When to Apply |
+|-----------|---------------|
+| `code-quality.md` | Any code changes (any language) |
+| `architecture.md` | New modules, services, significant structural changes |
+| `ux-ui.md` | User-facing interfaces (web, mobile, CLI, API DX) |
+| `infrastructure.md` | Deployment, containers, CI/CD, cloud resources |
+| `security.md` | ALWAYS for: auth, user input, external APIs, secrets |
+| `testing.md` | New features, bug fixes, refactors |
+| `documentation.md` | Public APIs, complex features, configuration changes |
+| `performance.md` | Data-intensive operations, critical paths |
+| `accessibility.md` | Any user interface work |
+| `data.md` | Database, caching, data transformations |
+
+## Decision Process
+
+1. Read task description
+2. Identify primary work domain
+3. List secondary domains affected
+4. Select 2-4 most relevant checklists
+5. Consider Security (almost always relevant)
+
+## Output
+
+Return selected checklists with reasoning:
+
+```json
+{
+  "checklists": ["code-quality", "security", "testing"],
+  "reasoning": "Task involves new API endpoint (code), handles user input (security), and adds business logic (testing)",
+  "priority_items": ["Input validation", "Error handling", "Happy path tests"],
+  "skipped": {
+    "accessibility": "No user interface changes",
+    "infrastructure": "No deployment changes"
+  }
+}
+```
+
+## Rules
+
+- **Task-driven** - Focus on what the specific task needs
+- **Less is more** - 2-4 focused checklists beat 10 unfocused
+- **Security is special** - Default to including unless clearly irrelevant
+- **Explain your reasoning** - Don't just pick, justify selections AND skips
+- **Context matters** - Small typo fix ≠ major refactor in checklist needs

package/templates/checklists/accessibility.md

@@ -0,0 +1,33 @@
+# Accessibility Checklist
+
+> Applies to: Web (WCAG), Mobile, CLI, Desktop
+
+## Perceivable
+- [ ] Text alternatives for non-text content
+- [ ] Sufficient color contrast (4.5:1 minimum)
+- [ ] Content readable without color alone
+- [ ] Resizable text supported (up to 200%)
+
+## Operable
+- [ ] Keyboard accessible (all functionality)
+- [ ] No keyboard traps
+- [ ] Sufficient time for interactions
+- [ ] Seizure-safe (no flashing > 3Hz)
+
+## Understandable
+- [ ] Clear and simple language
+- [ ] Consistent navigation
+- [ ] Input assistance provided
+- [ ] Error identification and suggestions
+
+## Robust
+- [ ] Compatible with assistive technologies
+- [ ] Valid markup/structure
+- [ ] ARIA used correctly (web)
+- [ ] Semantic HTML elements used
+
+## CLI Accessibility
+- [ ] Screen reader compatible output
+- [ ] No color-only information
+- [ ] Clear text formatting
+- [ ] Configurable output verbosity

package/templates/checklists/architecture.md

@@ -0,0 +1,28 @@
+# Architecture Checklist
+
+> Applies to ANY system architecture
+
+## Design Principles
+- [ ] Clear separation of concerns
+- [ ] Loose coupling between components
+- [ ] High cohesion within modules
+- [ ] Single source of truth for data
+- [ ] Explicit dependencies (no hidden coupling)
+
+## Scalability
+- [ ] Stateless where possible
+- [ ] Horizontal scaling considered
+- [ ] Bottlenecks identified
+- [ ] Caching strategy defined
+
+## Resilience
+- [ ] Failure modes documented
+- [ ] Graceful degradation planned
+- [ ] Recovery procedures defined
+- [ ] Circuit breakers where needed
+
+## Maintainability
+- [ ] Clear boundaries between layers
+- [ ] Easy to test in isolation
+- [ ] Configuration externalized
+- [ ] Logging and observability built-in

package/templates/checklists/code-quality.md

@@ -0,0 +1,28 @@
+# Code Quality Checklist
+
+> Universal principles for ANY programming language
+
+## Universal Principles
+- [ ] Single Responsibility: Each unit does ONE thing well
+- [ ] DRY: No duplicated logic (extract shared code)
+- [ ] KISS: Simplest solution that works
+- [ ] Clear naming: Self-documenting identifiers
+- [ ] Consistent patterns: Match existing codebase style
+
+## Error Handling
+- [ ] All error paths handled gracefully
+- [ ] Meaningful error messages
+- [ ] No silent failures
+- [ ] Proper resource cleanup (files, connections, memory)
+
+## Edge Cases
+- [ ] Null/nil/None handling
+- [ ] Empty collections handled
+- [ ] Boundary conditions tested
+- [ ] Invalid input rejected early
+
+## Code Organization
+- [ ] Functions/methods are small and focused
+- [ ] Related code grouped together
+- [ ] Clear module/package boundaries
+- [ ] No circular dependencies

package/templates/checklists/data.md

@@ -0,0 +1,33 @@
+# Data Checklist
+
+> Applies to: SQL, NoSQL, GraphQL, File storage, Caching
+
+## Data Integrity
+- [ ] Schema/structure defined
+- [ ] Constraints enforced
+- [ ] Transactions used appropriately
+- [ ] Referential integrity maintained
+
+## Query Performance
+- [ ] Indexes on frequent queries
+- [ ] N+1 queries eliminated
+- [ ] Query complexity analyzed
+- [ ] Pagination for large datasets
+
+## Data Operations
+- [ ] Migrations versioned and reversible
+- [ ] Backup and restore tested
+- [ ] Data validation at boundary
+- [ ] Soft deletes considered (if applicable)
+
+## Caching
+- [ ] Cache invalidation strategy defined
+- [ ] TTL values appropriate
+- [ ] Cache warming considered
+- [ ] Cache hit/miss monitored
+
+## Data Privacy
+- [ ] PII identified and protected
+- [ ] Data anonymization where needed
+- [ ] Audit trail for sensitive data
+- [ ] Data deletion procedures defined

package/templates/checklists/documentation.md

@@ -0,0 +1,33 @@
+# Documentation Checklist
+
+> Applies to ALL projects
+
+## Essential Docs
+- [ ] README with quick start
+- [ ] Installation instructions
+- [ ] Configuration options documented
+- [ ] Common use cases shown
+
+## Code Documentation
+- [ ] Public APIs documented
+- [ ] Complex logic explained
+- [ ] Architecture decisions recorded (ADRs)
+- [ ] Diagrams for complex flows
+
+## Operational Docs
+- [ ] Deployment process documented
+- [ ] Troubleshooting guide
+- [ ] Runbooks for common issues
+- [ ] Changelog maintained
+
+## API Documentation
+- [ ] All endpoints documented
+- [ ] Request/response examples
+- [ ] Error codes explained
+- [ ] Authentication documented
+
+## Maintenance
+- [ ] Docs updated with code changes
+- [ ] Version-specific documentation
+- [ ] Broken links checked
+- [ ] Examples tested and working

package/templates/checklists/infrastructure.md

@@ -0,0 +1,33 @@
+# Infrastructure Checklist
+
+> Applies to: Cloud, On-prem, Hybrid, Edge
+
+## Deployment
+- [ ] Infrastructure as Code (Terraform, Pulumi, CloudFormation, etc.)
+- [ ] Reproducible environments
+- [ ] Rollback strategy defined
+- [ ] Blue-green or canary deployment option
+
+## Observability
+- [ ] Logging strategy defined
+- [ ] Metrics collection configured
+- [ ] Alerting thresholds set
+- [ ] Distributed tracing (if applicable)
+
+## Security
+- [ ] Secrets management (not in code)
+- [ ] Network segmentation
+- [ ] Least privilege access
+- [ ] Encryption at rest and in transit
+
+## Reliability
+- [ ] Backup strategy defined
+- [ ] Disaster recovery plan
+- [ ] Health checks configured
+- [ ] Auto-scaling rules (if applicable)
+
+## Cost Management
+- [ ] Resource sizing appropriate
+- [ ] Unused resources identified
+- [ ] Cost monitoring in place
+- [ ] Budget alerts configured

package/templates/checklists/performance.md

@@ -0,0 +1,33 @@
+# Performance Checklist
+
+> Applies to: Backend, Frontend, Mobile, Database
+
+## Analysis
+- [ ] Bottlenecks identified with profiling
+- [ ] Baseline metrics established
+- [ ] Performance budgets defined
+- [ ] Benchmarks before/after changes
+
+## Optimization Strategies
+- [ ] Algorithmic complexity reviewed (O(n) vs O(n²))
+- [ ] Appropriate data structures used
+- [ ] Caching implemented where beneficial
+- [ ] Lazy loading for expensive operations
+
+## Resource Management
+- [ ] Memory usage optimized
+- [ ] Connection pooling used
+- [ ] Batch operations where applicable
+- [ ] Async/parallel processing considered
+
+## Frontend Specific
+- [ ] Bundle size optimized
+- [ ] Images optimized
+- [ ] Critical rendering path optimized
+- [ ] Network requests minimized
+
+## Backend Specific
+- [ ] Database queries optimized
+- [ ] Response compression enabled
+- [ ] Proper indexing in place
+- [ ] Connection limits configured

package/templates/checklists/security.md

@@ -0,0 +1,33 @@
+# Security Checklist
+
+> ALWAYS ON - Applies to ALL applications
+
+## Input/Output
+- [ ] All user input validated and sanitized
+- [ ] Output encoded appropriately (prevent injection)
+- [ ] File uploads restricted and scanned
+- [ ] No sensitive data in logs or error messages
+
+## Authentication & Authorization
+- [ ] Strong authentication mechanism
+- [ ] Proper session management
+- [ ] Authorization checked at every access point
+- [ ] Principle of least privilege applied
+
+## Data Protection
+- [ ] Sensitive data encrypted at rest
+- [ ] Secure transmission (TLS/HTTPS)
+- [ ] PII handled according to regulations
+- [ ] Data retention policies followed
+
+## Dependencies
+- [ ] Dependencies from trusted sources
+- [ ] Known vulnerabilities checked
+- [ ] Minimal dependency surface
+- [ ] Regular security updates planned
+
+## API Security
+- [ ] Rate limiting implemented
+- [ ] Authentication required for sensitive endpoints
+- [ ] CORS properly configured
+- [ ] API keys/tokens secured

package/templates/checklists/testing.md

@@ -0,0 +1,33 @@
+# Testing Checklist
+
+> Applies to: Unit, Integration, E2E, Performance testing
+
+## Coverage Strategy
+- [ ] Critical paths have high coverage
+- [ ] Happy path tested
+- [ ] Error paths tested
+- [ ] Edge cases covered
+
+## Test Quality
+- [ ] Tests are deterministic (no flaky tests)
+- [ ] Tests are independent (no order dependency)
+- [ ] Tests are fast (optimize slow tests)
+- [ ] Tests are readable (clear intent)
+
+## Test Types
+- [ ] Unit tests for business logic
+- [ ] Integration tests for boundaries
+- [ ] E2E tests for critical flows
+- [ ] Performance tests for bottlenecks
+
+## Mocking Strategy
+- [ ] External services mocked
+- [ ] Database isolated or mocked
+- [ ] Time-dependent code controlled
+- [ ] Random values seeded
+
+## Test Maintenance
+- [ ] Tests updated with code changes
+- [ ] Dead tests removed
+- [ ] Test data managed properly
+- [ ] CI/CD integration working

package/templates/checklists/ux-ui.md

@@ -0,0 +1,37 @@
+# UX/UI Checklist
+
+> Applies to: Web, Mobile, CLI, Desktop, API DX
+
+## User Experience
+- [ ] Clear user journey/flow
+- [ ] Feedback for every action
+- [ ] Loading states shown
+- [ ] Error states handled gracefully
+- [ ] Success confirmation provided
+
+## Interface Design
+- [ ] Consistent visual language
+- [ ] Intuitive navigation
+- [ ] Responsive/adaptive layout (if applicable)
+- [ ] Touch targets adequate (mobile)
+- [ ] Keyboard navigation (web/desktop)
+
+## CLI Specific
+- [ ] Help text for all commands
+- [ ] Clear error messages with suggestions
+- [ ] Progress indicators for long operations
+- [ ] Consistent flag naming conventions
+- [ ] Exit codes meaningful
+
+## API DX (Developer Experience)
+- [ ] Intuitive endpoint/function naming
+- [ ] Consistent response format
+- [ ] Helpful error messages with codes
+- [ ] Good documentation with examples
+- [ ] Predictable behavior
+
+## Information Architecture
+- [ ] Content hierarchy clear
+- [ ] Important actions prominent
+- [ ] Related items grouped
+- [ ] Search/filter for large datasets

package/templates/commands/bug.md

@@ -1,10 +1,36 @@
 ---
-allowed-tools: [Read, Write]
+allowed-tools: [Read, Write, Task, Glob]
 description: 'Report bug with auto-priority'
 ---
 
 # /p:bug
 
+## Agent Delegation (REQUIRED)
+
+Before fixing a bug, delegate to specialist agent:
+
+1. **List agents**: `Glob("~/.prjct-cli/projects/{projectId}/agents/*.md")`
+2. **Analyze bug domain**: frontend, backend, database, etc.
+3. **Delegate via Task tool**:
+
+```
+Task(
+  subagent_type: 'general-purpose',
+  prompt: '
+    ## Agent
+    Read: ~/.prjct-cli/projects/{projectId}/agents/{agent}.md
+
+    ## Bug
+    {bug description}
+
+    ## Flow
+    1. Read agent file
+    2. Apply expertise to fix bug
+    3. Return fix
+  '
+)
+```
+
 ## Severity Keywords
 - **Critical**: crash, down, broken, production
 - **High**: error, fail, issue

package/templates/commands/feature.md

@@ -1,11 +1,48 @@
 ---
-allowed-tools: [Read, Write, Bash]
+allowed-tools: [Read, Write, Bash, Task, Glob]
 description: 'Value analysis + roadmap + task breakdown + auto-start'
 timestamp-rule: 'GetTimestamp() and GetDate() for ALL timestamps'
 ---
 
 # /p:feature - Add Feature to Roadmap
 
+## Agent Delegation (REQUIRED)
+
+Before executing any code-related task, delegate to a specialist agent:
+
+### Step 0: Assign Agent
+
+1. **List agents**: `Glob("~/.prjct-cli/projects/{projectId}/agents/*.md")`
+2. **Read routing**: `Read("templates/agentic/agent-routing.md")`
+3. **Analyze task**: Determine domain (frontend, backend, testing, etc.)
+4. **Select agent**: Match task to best agent
+5. **Delegate via Task tool** (pass reference, NOT content):
+
+```
+Task(
+  subagent_type: 'general-purpose',
+  prompt: '
+    ## Agent Assignment
+    Read and apply: ~/.prjct-cli/projects/{projectId}/agents/{agent-name}.md
+
+    ## Task
+    {feature description}
+
+    ## Context
+    - Project: {projectPath}
+    - Feature: {feature}
+
+    ## Flow
+    1. Read agent file FIRST
+    2. Apply agent expertise
+    3. Execute task
+    4. Return results
+  '
+)
+```
+
+**CRITICAL:** Pass file PATH, not content. Subagent reads it (~200 bytes vs 3-5KB).
+
 ## Context Variables
 - `{projectId}`: From `.prjct/prjct.config.json`
 - `{globalPath}`: `~/.prjct-cli/projects/{projectId}`

package/templates/commands/task.md

@@ -1,10 +1,36 @@
 ---
-allowed-tools: [Read, Write, TodoWrite]
+allowed-tools: [Read, Write, TodoWrite, Task, Glob]
 description: 'Break down complex tasks'
 ---
 
 # /p:task
 
+## Agent Delegation (REQUIRED)
+
+Before executing task, delegate to specialist agent:
+
+1. **List agents**: `Glob("~/.prjct-cli/projects/{projectId}/agents/*.md")`
+2. **Analyze task domain**: Match to agent expertise
+3. **Delegate via Task tool**:
+
+```
+Task(
+  subagent_type: 'general-purpose',
+  prompt: '
+    ## Agent
+    Read: ~/.prjct-cli/projects/{projectId}/agents/{agent}.md
+
+    ## Task
+    {task description}
+
+    ## Flow
+    1. Read agent file
+    2. Apply expertise
+    3. Execute task
+  '
+)
+```
+
 ## Usage
 
 ```