recall-os 0.1.1 → 0.2.1

package/dist/cli.js

@@ -134,8 +134,8 @@ function parseConfig(value) {
   if (!result.success) {
     throw new ConfigValidationError(
       result.error.issues.map((issue) => {
-        const path16 = issue.path.length > 0 ? `${issue.path.join(".")}: ` : "";
-        return `${path16}${issue.message}`;
+        const path17 = issue.path.length > 0 ? `${issue.path.join(".")}: ` : "";
+        return `${path17}${issue.message}`;
       })
     );
   }
@@ -1230,106 +1230,31 @@ function createDefaultConfig(overrides = {}) {
   });
 }
 
-// src/core/adopt/generate-adoption.ts
-var ADOPTION_REPORT_PATH = "docs/adopt/ADOPTION_REPORT.md";
-function generateAdoptionFiles(options) {
-  const files = [
-    {
-      path: ADOPTION_REPORT_PATH,
-      content: renderReport(options.adrDir, options.signals)
-    }
-  ];
-  for (const framework of options.signals.frameworks) {
-    files.push({
-      path: `${options.adrDir}/proposed/ADR-PROPOSED-adopt-${frameworkSlug(framework)}.md`,
-      content: renderProposedAdr(framework)
-    });
-  }
-  return files;
-}
-function renderReport(adrDir, signals) {
-  return `# Adoption Report
-
-## Status
-
-Proposed. Everything below is inferred from this repository and requires human review. Nothing here
-is accepted repository memory until you accept it.
-
-## Detected Signals
-
-- Languages: ${formatList(signals.languages)}
-- Package manager: ${signals.packageManager ?? "none detected"}
-- Frameworks: ${formatList(signals.frameworks)}
-- Tests present: ${formatBool(signals.hasTests)}
-- README present: ${formatBool(signals.hasReadme)}
-- Docs folder present: ${formatBool(signals.hasDocs)}
-
-## Proposed Decisions
-
-${renderProposedDecisions(adrDir, signals)}
-
-## Review Checklist
-
-- [ ] Confirm the detected languages and package manager.
-- [ ] Accept or reject each proposed framework ADR under \`${adrDir}/proposed/\`.
-- [ ] Run \`recall init\` to establish neutral repository memory if it does not exist yet.
-- [ ] Record any decision you accept with \`recall adr create\` or by accepting the proposed ADR.
-
-## Notes
-
-This report was produced by \`recall adopt\` through read-only inspection of manifest and marker
-files. No repository code was executed and no decision was accepted automatically.
-`;
-}
-function renderProposedDecisions(adrDir, signals) {
-  if (signals.frameworks.length === 0) {
-    return "- No framework decisions were inferred. Add decisions with `recall adr create` as needed.";
-  }
-  return signals.frameworks.map(
-    (framework) => `- Proposed: record **${framework}** as an architecture decision (see \`${adrDir}/proposed/ADR-PROPOSED-adopt-${frameworkSlug(framework)}.md\`). Requires review.`
-  ).join("\n");
-}
-function renderProposedAdr(framework) {
-  return `# Proposed ADR: Use ${framework}
-
-## Status
-
-Proposed
-
-## Context
-
-\`recall adopt\` detected ${framework} in this repository through read-only inspection.
-
-## Decision
-
-Consider recording ${framework} as an accepted architecture decision. This is proposed by adoption
-and is not accepted until a human reviews and accepts it.
-
-## Alternatives Considered
-
-- Record a different framework.
-- Leave the decision unrecorded for now.
-
-## Consequences
-
-- Captures a framework already in use as reviewable repository memory.
-- Requires explicit human acceptance before it becomes repository truth.
-`;
-}
-function frameworkSlug(framework) {
-  return framework.toLowerCase().replace(/\./gu, "").replace(/[^a-z0-9]+/gu, "-").replace(/^-+|-+$/gu, "");
-}
-function formatList(values) {
-  return values.length > 0 ? values.join(", ") : "none detected";
-}
-function formatBool(value) {
-  return value ? "yes" : "no";
-}
-
 // src/core/adopt/inspect-repo.ts
 import { existsSync as existsSync3 } from "fs";
-import { readFile as readFile3 } from "fs/promises";
+import { readFile as readFile3, readdir as readdir4 } from "fs/promises";
 import path6 from "path";
+var FRAMEWORK_SOURCES = {
+  "Next.js": "package.json",
+  React: "package.json",
+  NestJS: "package.json",
+  Express: "package.json",
+  FastAPI: "pyproject.toml / requirements.txt",
+  Flask: "pyproject.toml / requirements.txt",
+  Django: "pyproject.toml / requirements.txt",
+  Gin: "go.mod",
+  Echo: "go.mod",
+  Fiber: "go.mod",
+  Chi: "go.mod",
+  "Spring Boot": "pom.xml / build.gradle",
+  "Actix Web": "Cargo.toml",
+  Axum: "Cargo.toml",
+  Rocket: "Cargo.toml",
+  Laravel: "composer.json",
+  Symfony: "composer.json",
+  "Ruby on Rails": "Gemfile",
+  Flutter: "pubspec.yaml"
+};
 async function inspectRepo(rootDir) {
   const has = (relativePath) => existsSync3(path6.join(rootDir, relativePath));
   const languages = /* @__PURE__ */ new Set();
@@ -1363,6 +1288,22 @@ async function inspectRepo(rootDir) {
     languages.add("Dart");
     frameworks.add("Flutter");
   }
+  if (has("composer.json")) {
+    languages.add("PHP");
+    const composer = (await readText(rootDir, "composer.json")).toLowerCase();
+    if (composer.includes("laravel/framework")) {
+      frameworks.add("Laravel");
+    } else if (composer.includes("symfony/")) {
+      frameworks.add("Symfony");
+    }
+  }
+  if (has("Gemfile")) {
+    languages.add("Ruby");
+    const gemfile = (await readText(rootDir, "Gemfile")).toLowerCase();
+    if (gemfile.includes("rails")) {
+      frameworks.add("Ruby on Rails");
+    }
+  }
   const deps = collectDependencies(pkg);
   if ("next" in deps) {
     frameworks.add("Next.js");
@@ -1382,25 +1323,173 @@ async function inspectRepo(rootDir) {
   } else if (python.includes("django")) {
     frameworks.add("Django");
   }
-  let packageManager = null;
-  if (has("pnpm-lock.yaml")) {
-    packageManager = "pnpm";
-  } else if (has("yarn.lock")) {
-    packageManager = "yarn";
-  } else if (has("package-lock.json")) {
-    packageManager = "npm";
+  if (has("go.mod")) {
+    const goModules = `${await readText(rootDir, "go.mod")}${await readText(rootDir, "go.sum")}`;
+    if (goModules.includes("gin-gonic/gin")) {
+      frameworks.add("Gin");
+    } else if (goModules.includes("labstack/echo")) {
+      frameworks.add("Echo");
+    } else if (goModules.includes("gofiber/fiber")) {
+      frameworks.add("Fiber");
+    } else if (goModules.includes("go-chi/chi")) {
+      frameworks.add("Chi");
+    }
+  }
+  const jvmManifest = `${await readText(rootDir, "pom.xml")}${await readText(rootDir, "build.gradle")}${await readText(rootDir, "build.gradle.kts")}`.toLowerCase();
+  if (jvmManifest.includes("spring-boot") || jvmManifest.includes("springframework")) {
+    frameworks.add("Spring Boot");
+  }
+  if (has("Cargo.toml")) {
+    const cargo = (await readText(rootDir, "Cargo.toml")).toLowerCase();
+    if (cargo.includes("actix-web")) {
+      frameworks.add("Actix Web");
+    } else if (cargo.includes("axum")) {
+      frameworks.add("Axum");
+    } else if (cargo.includes("rocket")) {
+      frameworks.add("Rocket");
+    }
   }
+  const [packageManager, packageManagerSource] = detectPackageManager(has);
   const scripts = pkg !== null && isRecord(pkg.scripts) ? pkg.scripts : {};
-  const hasTests = "test" in scripts || has("test") || has("tests") || has("__tests__") || has("pytest.ini") || python.includes("pytest");
+  const testsEvidence = await detectTestsEvidence(rootDir, has, "test" in scripts, python);
   return {
     languages: [...languages],
     packageManager,
+    packageManagerSource,
     frameworks: [...frameworks],
-    hasTests,
+    hasTests: testsEvidence !== null,
+    testsEvidence,
     hasReadme: has("README.md") || has("README"),
     hasDocs: has("docs")
   };
 }
+function summarizeSignals(signals) {
+  const lines = [];
+  lines.push(`- Languages: ${formatList(signals.languages)}`);
+  lines.push(
+    signals.packageManager === null ? "- Package manager: none detected" : `- Package manager: ${signals.packageManager}${signals.packageManagerSource === null ? "" : ` (from \`${signals.packageManagerSource}\`)`}`
+  );
+  if (signals.frameworks.length === 0) {
+    lines.push("- Frameworks: none detected");
+  } else {
+    const withSource = signals.frameworks.map((framework) => {
+      const source = FRAMEWORK_SOURCES[framework];
+      return source === void 0 ? framework : `${framework} (from \`${source}\`)`;
+    });
+    lines.push(`- Frameworks: ${withSource.join(", ")}`);
+  }
+  lines.push(
+    signals.testsEvidence === null ? "- Tests: none detected \u2014 if tests exist, point Recall at them by correcting this report" : `- Tests: detected via ${signals.testsEvidence}`
+  );
+  lines.push(`- README present: ${signals.hasReadme ? "yes" : "no"}`);
+  lines.push(`- Docs folder present: ${signals.hasDocs ? "yes" : "no"}`);
+  return lines;
+}
+function formatList(values) {
+  return values.length === 0 ? "none detected" : values.join(", ");
+}
+function detectPackageManager(has) {
+  const candidates = [
+    [has("go.mod"), "Go modules", "go.mod"],
+    [has("Cargo.toml"), "Cargo", "Cargo.toml"],
+    [has("pom.xml"), "Maven", "pom.xml"],
+    [has("build.gradle"), "Gradle", "build.gradle"],
+    [has("build.gradle.kts"), "Gradle", "build.gradle.kts"],
+    [has("composer.json"), "Composer", "composer.json"],
+    [has("Gemfile"), "Bundler", "Gemfile"],
+    [has("Package.swift"), "Swift Package Manager", "Package.swift"],
+    [has("pubspec.yaml"), "pub", "pubspec.yaml"],
+    [has("uv.lock"), "uv", "uv.lock"],
+    [has("poetry.lock"), "Poetry", "poetry.lock"],
+    [has("requirements.txt"), "pip", "requirements.txt"],
+    [has("pyproject.toml"), "pip", "pyproject.toml"],
+    [has("pnpm-lock.yaml"), "pnpm", "pnpm-lock.yaml"],
+    [has("yarn.lock"), "yarn", "yarn.lock"],
+    [has("package-lock.json"), "npm", "package-lock.json"],
+    [has("package.json"), "npm", "package.json"]
+  ];
+  for (const [present, name, source] of candidates) {
+    if (present) {
+      return [name, source];
+    }
+  }
+  return [null, null];
+}
+async function detectTestsEvidence(rootDir, has, hasTestScript, pythonText) {
+  if (has("tests")) {
+    return "`tests/` directory";
+  }
+  if (has("test")) {
+    return "`test/` directory";
+  }
+  if (has("__tests__")) {
+    return "`__tests__/` directory";
+  }
+  if (has("pytest.ini") || pythonText.includes("pytest")) {
+    return "pytest configuration";
+  }
+  if (has("phpunit.xml") || has("phpunit.xml.dist")) {
+    return "PHPUnit configuration";
+  }
+  if (hasTestScript) {
+    return '`"test"` script in package.json';
+  }
+  const testFile = await findTestFile(rootDir);
+  if (testFile !== null) {
+    return `\`${testFile}\``;
+  }
+  return null;
+}
+var TEST_FILE_PATTERNS = [
+  /_test\.go$/u,
+  /\.(test|spec)\.[cm]?[jt]sx?$/u,
+  /^test_.+\.py$/u,
+  /_test\.py$/u,
+  /.+Tests?\.(java|kt)$/u,
+  /.+Test\.php$/u,
+  /_spec\.rb$/u,
+  /_test\.rb$/u
+];
+var TEST_WALK_SKIP_DIRS = /* @__PURE__ */ new Set([
+  "node_modules",
+  "vendor",
+  "dist",
+  "build",
+  "target",
+  "coverage",
+  "Pods",
+  "__pycache__"
+]);
+async function findTestFile(rootDir) {
+  let budget = 4e3;
+  const stack = [rootDir];
+  while (stack.length > 0 && budget > 0) {
+    const dir = stack.pop();
+    if (dir === void 0) {
+      break;
+    }
+    let entries;
+    try {
+      entries = await readdir4(dir, { withFileTypes: true });
+    } catch {
+      continue;
+    }
+    for (const entry of entries) {
+      budget -= 1;
+      if (budget <= 0) {
+        break;
+      }
+      if (entry.isDirectory()) {
+        if (!TEST_WALK_SKIP_DIRS.has(entry.name) && !entry.name.startsWith(".")) {
+          stack.push(path6.join(dir, entry.name));
+        }
+      } else if (TEST_FILE_PATTERNS.some((pattern) => pattern.test(entry.name))) {
+        return path6.relative(rootDir, path6.join(dir, entry.name));
+      }
+    }
+  }
+  return null;
+}
 function collectDependencies(pkg) {
   if (pkg === null) {
     return {};
@@ -1428,6 +1517,100 @@ function isRecord(value) {
   return typeof value === "object" && value !== null && !Array.isArray(value);
 }
 
+// src/core/adopt/generate-adoption.ts
+var ADOPTION_REPORT_PATH = "docs/adopt/ADOPTION_REPORT.md";
+function generateAdoptionFiles(options) {
+  const files = [
+    {
+      path: ADOPTION_REPORT_PATH,
+      content: renderReport(options.adrDir, options.signals)
+    }
+  ];
+  for (const framework of options.signals.frameworks) {
+    files.push({
+      path: `${options.adrDir}/proposed/ADR-PROPOSED-adopt-${frameworkSlug(framework)}.md`,
+      content: renderProposedAdr(framework)
+    });
+  }
+  return files;
+}
+function renderReport(adrDir, signals) {
+  return `# Adoption Report
+
+## Status
+
+Proposed. Everything below is inferred from this repository and requires human review. Nothing here
+is accepted repository memory until you accept it.
+
+## Detected Signals
+
+Each signal notes the file it was inferred from. If one is wrong, correct the source or edit this
+report \u2014 nothing here is accepted.
+
+${summarizeSignals(signals).join("\n")}
+
+## Proposed Decisions
+
+${renderProposedDecisions(adrDir, signals)}
+
+## Review Checklist
+
+- [ ] Confirm the detected languages and package manager (and the source each was read from).
+- [ ] Confirm where tests were detected, or point Recall at the right location if it is wrong.
+- [ ] Accept or reject each proposed framework ADR under \`${adrDir}/proposed/\`.
+- [ ] Run \`recall init\` to establish neutral repository memory if it does not exist yet.
+- [ ] Record any decision you accept with \`recall adr create\` or by accepting the proposed ADR.
+
+## Notes
+
+This report was produced by \`recall adopt\` through read-only inspection of manifest and marker
+files. No repository code was executed and no decision was accepted automatically.
+`;
+}
+function renderProposedDecisions(adrDir, signals) {
+  if (signals.frameworks.length === 0) {
+    return "- No framework decisions were inferred. Add decisions with `recall adr create` as needed.";
+  }
+  return signals.frameworks.map(
+    (framework) => `- Proposed: record **${framework}** as an architecture decision (see \`${adrDir}/proposed/ADR-PROPOSED-adopt-${frameworkSlug(framework)}.md\`). Requires review.`
+  ).join("\n");
+}
+function renderProposedAdr(framework) {
+  return `# Proposed ADR: Use ${framework}
+
+## Status
+
+Proposed
+
+## Context
+
+\`recall adopt\` detected ${framework} in this repository through read-only inspection.
+
+## Decision
+
+Consider recording ${framework} as an accepted architecture decision. This is proposed by adoption
+and is not accepted until a human reviews and accepts it.
+
+## Alternatives Considered
+
+- Record a different framework.
+- Leave the decision unrecorded for now.
+
+## Consequences
+
+- Captures a framework already in use as reviewable repository memory.
+- Requires explicit human acceptance before it becomes repository truth.
+
+## Related Documents
+
+- \`docs/10-architecture/ARCHITECTURE.md\` \u2014 record the accepted architecture here once promoted.
+- The adoption report generated alongside this proposal.
+`;
+}
+function frameworkSlug(framework) {
+  return framework.toLowerCase().replace(/\./gu, "").replace(/[^a-z0-9]+/gu, "-").replace(/^-+|-+$/gu, "");
+}
+
 // src/commands/adopt.ts
 var AdoptError = class extends Error {
   code;
@@ -1499,19 +1682,102 @@ function formatList2(values) {
   return values.length > 0 ? values.join(", ") : "none detected";
 }
 
-// src/core/doctor/checks/config-check.ts
-import { readFile as readFile4 } from "fs/promises";
-async function checkConfig(rootDir) {
-  const configPath = resolveSafePath(rootDir, CONFIG_PATH);
-  let rawConfig;
+// src/core/doctor/checks/code-reference-check.ts
+import { existsSync as existsSync4 } from "fs";
+import { readFile as readFile4, readdir as readdir5 } from "fs/promises";
+import path7 from "path";
+var featureFolderPattern = /^F-\d{3,}-[a-z0-9]+(?:-[a-z0-9]+)*$/u;
+var FEATURE_DOCS = ["PRD.md", "ARCHITECTURE_IMPACT.md"];
+var MODULE_DOCS = ["MODULE.md", "DECISIONS.md"];
+var codePathPattern = /`((?:src|tests)\/[A-Za-z0-9._/-]+\.[A-Za-z0-9]+)`/gu;
+var placeholderMarkers = /[<>*]|\.\.\./u;
+async function checkCodeReferences(context) {
+  if (context.config === void 0) {
+    return [];
+  }
+  const findings = [];
+  const featureEntries = await readDirIfExists(context.rootDir, context.config.featuresDir);
+  for (const folder of featureEntries) {
+    if (!folder.isDirectory() || !featureFolderPattern.test(folder.name)) {
+      continue;
+    }
+    for (const doc of FEATURE_DOCS) {
+      const relativePath = path7.posix.join(context.config.featuresDir, folder.name, doc);
+      findings.push(...await checkDoc(context.rootDir, relativePath));
+    }
+  }
+  const moduleEntries = await readDirIfExists(context.rootDir, context.config.modulesDir);
+  for (const folder of moduleEntries) {
+    if (!folder.isDirectory()) {
+      continue;
+    }
+    for (const doc of MODULE_DOCS) {
+      const relativePath = path7.posix.join(context.config.modulesDir, folder.name, doc);
+      findings.push(...await checkDoc(context.rootDir, relativePath));
+    }
+  }
+  return findings;
+}
+async function checkDoc(rootDir, relativePath) {
+  const content = await readFileIfExists(rootDir, relativePath);
+  if (content === void 0) {
+    return [];
+  }
+  const findings = [];
+  const seen = /* @__PURE__ */ new Set();
+  for (const match of content.matchAll(codePathPattern)) {
+    const reference = match[1];
+    if (placeholderMarkers.test(reference) || seen.has(reference)) {
+      continue;
+    }
+    seen.add(reference);
+    if (!existsSync4(path7.join(rootDir, reference))) {
+      findings.push({
+        severity: "warning",
+        check: "drift-code-reference",
+        message: `Repository memory references ${reference}, which does not exist.`,
+        path: relativePath
+      });
+    }
+  }
+  return findings;
+}
+async function readDirIfExists(rootDir, relativePath) {
   try {
-    rawConfig = await readFile4(configPath.absolutePath, "utf8");
+    return await readdir5(path7.join(rootDir, relativePath), { withFileTypes: true });
   } catch (error) {
     const nodeError = error;
     if (nodeError.code === "ENOENT") {
-      return {
-        findings: [
-          {
+      return [];
+    }
+    throw error;
+  }
+}
+async function readFileIfExists(rootDir, relativePath) {
+  try {
+    return await readFile4(path7.join(rootDir, relativePath), "utf8");
+  } catch (error) {
+    const nodeError = error;
+    if (nodeError.code === "ENOENT") {
+      return void 0;
+    }
+    throw error;
+  }
+}
+
+// src/core/doctor/checks/config-check.ts
+import { readFile as readFile5 } from "fs/promises";
+async function checkConfig(rootDir) {
+  const configPath = resolveSafePath(rootDir, CONFIG_PATH);
+  let rawConfig;
+  try {
+    rawConfig = await readFile5(configPath.absolutePath, "utf8");
+  } catch (error) {
+    const nodeError = error;
+    if (nodeError.code === "ENOENT") {
+      return {
+        findings: [
+          {
             severity: "error",
             check: "config",
             message: "Missing .recall/config.json.",
@@ -1568,21 +1834,24 @@ async function checkConfig(rootDir) {
 }
 
 // src/core/doctor/checks/content-check.ts
-import { readFile as readFile5, readdir as readdir4 } from "fs/promises";
-import path7 from "path";
-var featureFolderPattern = /^F-\d{3,}-[a-z0-9]+(?:-[a-z0-9]+)*$/u;
+import { readFile as readFile6, readdir as readdir6 } from "fs/promises";
+import path8 from "path";
+var featureFolderPattern2 = /^F-\d{3,}-[a-z0-9]+(?:-[a-z0-9]+)*$/u;
+var acceptedAdrPattern = /^ADR-\d{4,}-[a-z0-9]+(?:-[a-z0-9]+)*\.md$/u;
+var SECURITY_MODEL_PATH = "docs/20-security/SECURITY_MODEL.md";
+var THREAT_MODEL_PATH = "docs/20-security/THREAT_MODEL.md";
 async function checkContent(context) {
   if (context.config === void 0) {
     return [];
   }
   const findings = [];
-  const entries = await readDirIfExists(context.rootDir, context.config.featuresDir);
+  const entries = await readDirIfExists2(context.rootDir, context.config.featuresDir);
   const featureFolders = entries.filter(
-    (entry) => entry.isDirectory() && featureFolderPattern.test(entry.name)
+    (entry) => entry.isDirectory() && featureFolderPattern2.test(entry.name)
   );
   for (const folder of featureFolders) {
-    const prdPath = path7.posix.join(context.config.featuresDir, folder.name, "PRD.md");
-    const prd = await readFileIfExists(context.rootDir, prdPath);
+    const prdPath = path8.posix.join(context.config.featuresDir, folder.name, "PRD.md");
+    const prd = await readFileIfExists2(context.rootDir, prdPath);
     if (prd === void 0) {
       continue;
     }
@@ -1603,6 +1872,61 @@ async function checkContent(context) {
       });
     }
   }
+  const moduleEntries = await readDirIfExists2(context.rootDir, context.config.modulesDir);
+  const moduleFolders = moduleEntries.filter((entry) => entry.isDirectory());
+  const adrEntries = await readDirIfExists2(context.rootDir, context.config.adrDir);
+  const acceptedAdrs = adrEntries.filter(
+    (entry) => entry.isFile() && acceptedAdrPattern.test(entry.name)
+  );
+  const hasWork = featureFolders.length > 0 || moduleFolders.length > 0 || acceptedAdrs.length > 0;
+  if (hasWork) {
+    findings.push(...await checkSecurityDoc(context.rootDir));
+  }
+  for (const folder of moduleFolders) {
+    const modulePath = path8.posix.join(context.config.modulesDir, folder.name, "MODULE.md");
+    const moduleDoc = await readFileIfExists2(context.rootDir, modulePath);
+    if (moduleDoc === void 0) {
+      continue;
+    }
+    if (sectionIsUnfilled(moduleDoc, "Purpose")) {
+      findings.push({
+        severity: "warning",
+        check: "content-module",
+        message: "Module memory purpose is still an unfilled template.",
+        path: modulePath
+      });
+    }
+    if (sectionIsUnfilled(moduleDoc, "Owns")) {
+      findings.push({
+        severity: "warning",
+        check: "content-module",
+        message: "Module memory owns section is still an unfilled template.",
+        path: modulePath
+      });
+    }
+  }
+  return findings;
+}
+async function checkSecurityDoc(rootDir) {
+  const findings = [];
+  const security = await readFileIfExists2(rootDir, SECURITY_MODEL_PATH);
+  if (security !== void 0 && sectionIsUnfilled(security, "Authentication And Authorization")) {
+    findings.push({
+      severity: "warning",
+      check: "content-security",
+      message: "Security model authentication and authorization section is still an unfilled template.",
+      path: SECURITY_MODEL_PATH
+    });
+  }
+  const threat = await readFileIfExists2(rootDir, THREAT_MODEL_PATH);
+  if (threat !== void 0 && sectionIsUnfilled(threat, "Assets")) {
+    findings.push({
+      severity: "warning",
+      check: "content-threat-model",
+      message: "Threat model assets section is still an unfilled template.",
+      path: THREAT_MODEL_PATH
+    });
+  }
   return findings;
 }
 function sectionIsUnfilled(content, heading) {
@@ -1617,7 +1941,7 @@ function isUnfilled(value) {
   if (normalized === "tbd" || normalized === "todo" || normalized === "pending" || normalized === "none" || normalized === "n/a") {
     return true;
   }
-  return normalized.includes("describe why this feature exists");
+  return normalized.includes("describe why this feature exists") || normalized.includes("describe what this module owns") || normalized.includes("describe how this repository authenticates") || normalized.includes("describe what this repository must protect");
 }
 function getSection(content, heading) {
   const lines = content.split(/\r?\n/u);
@@ -1635,9 +1959,9 @@ function getSection(content, heading) {
   }
   return body.join("\n").trim();
 }
-async function readDirIfExists(rootDir, relativePath) {
+async function readDirIfExists2(rootDir, relativePath) {
   try {
-    return await readdir4(path7.join(rootDir, relativePath), { withFileTypes: true });
+    return await readdir6(path8.join(rootDir, relativePath), { withFileTypes: true });
   } catch (error) {
     const nodeError = error;
     if (nodeError.code === "ENOENT") {
@@ -1646,9 +1970,9 @@ async function readDirIfExists(rootDir, relativePath) {
     throw error;
   }
 }
-async function readFileIfExists(rootDir, relativePath) {
+async function readFileIfExists2(rootDir, relativePath) {
   try {
-    return await readFile5(path7.join(rootDir, relativePath), "utf8");
+    return await readFile6(path8.join(rootDir, relativePath), "utf8");
   } catch (error) {
     const nodeError = error;
     if (nodeError.code === "ENOENT") {
@@ -1659,8 +1983,8 @@ async function readFileIfExists(rootDir, relativePath) {
 }
 
 // src/core/doctor/checks/drift-check.ts
-import { readFile as readFile6, readdir as readdir5 } from "fs/promises";
-import path8 from "path";
+import { readFile as readFile7, readdir as readdir7 } from "fs/promises";
+import path9 from "path";
 var adrFilePattern = /^ADR-(\d{4,})-[a-z0-9]+(?:-[a-z0-9]+)*\.md$/iu;
 var adrReferencePattern = /ADR-\d{4,}/giu;
 async function checkDrift(context) {
@@ -1677,12 +2001,12 @@ async function loadKnownAdrs(rootDir, adrDir) {
   const known = /* @__PURE__ */ new Map();
   const files = await readMarkdownFiles(rootDir, adrDir);
   for (const file of files) {
-    const match = adrFilePattern.exec(path8.basename(file));
+    const match = adrFilePattern.exec(path9.basename(file));
     if (match === null) {
       continue;
     }
     const id = `ADR-${match[1]}`;
-    const content = await readFile6(path8.join(rootDir, file), "utf8");
+    const content = await readFile7(path9.join(rootDir, file), "utf8");
     const accepted = sectionContains(content, "Status", /\baccepted\b/iu);
     const existing = known.get(id);
     if (existing === void 0 || !existing.accepted && accepted) {
@@ -1695,7 +2019,7 @@ async function checkReferences(rootDir, referenceDir, knownAdrs) {
   const findings = [];
   const files = await readMarkdownFiles(rootDir, referenceDir);
   for (const file of files) {
-    const content = await readFile6(path8.join(rootDir, file), "utf8");
+    const content = await readFile7(path9.join(rootDir, file), "utf8");
     const referenced = /* @__PURE__ */ new Set();
     for (const match of stripCode(content).matchAll(adrReferencePattern)) {
       referenced.add(match[0].toUpperCase());
@@ -1727,10 +2051,10 @@ function stripCode(content) {
   return content.replace(/```[\s\S]*?```/gu, " ").replace(/~~~[\s\S]*?~~~/gu, " ").replace(/`[^`]*`/gu, " ");
 }
 async function readMarkdownFiles(rootDir, relativeDir) {
-  const entries = await readDirIfExists2(rootDir, relativeDir);
+  const entries = await readDirIfExists3(rootDir, relativeDir);
   const files = [];
   for (const entry of entries) {
-    const childRelative = path8.posix.join(relativeDir, entry.name);
+    const childRelative = path9.posix.join(relativeDir, entry.name);
     if (entry.isDirectory()) {
       files.push(...await readMarkdownFiles(rootDir, childRelative));
       continue;
@@ -1761,9 +2085,9 @@ function getSection2(content, heading) {
   }
   return body.join("\n").trim();
 }
-async function readDirIfExists2(rootDir, relativePath) {
+async function readDirIfExists3(rootDir, relativePath) {
   try {
-    return await readdir5(path8.join(rootDir, relativePath), { withFileTypes: true });
+    return await readdir7(path9.join(rootDir, relativePath), { withFileTypes: true });
   } catch (error) {
     const nodeError = error;
     if (nodeError.code === "ENOENT") {
@@ -1774,9 +2098,39 @@ async function readDirIfExists2(rootDir, relativePath) {
 }
 
 // src/core/doctor/checks/memory-integrity-check.ts
-import { lstat as lstat2, readFile as readFile7, readdir as readdir6 } from "fs/promises";
-import path9 from "path";
-var featureFolderPattern2 = /^F-\d{3,}-[a-z0-9]+(?:-[a-z0-9]+)*$/u;
+import { lstat as lstat2, readFile as readFile8, readdir as readdir8 } from "fs/promises";
+import path10 from "path";
+
+// src/core/adr/adr-sections.ts
+var REQUIRED_ADR_SECTIONS = [
+  "## Status",
+  "## Context",
+  "## Decision",
+  "## Alternatives Considered",
+  "## Consequences",
+  "## Related Documents"
+];
+var SECTION_PLACEHOLDERS = {
+  "## Related Documents": "- None yet. Link related ADRs, features, or modules as they are accepted."
+};
+function ensureRequiredAdrSections(body) {
+  let result = body.replace(/\s+$/u, "");
+  for (const section of REQUIRED_ADR_SECTIONS) {
+    if (!result.includes(section)) {
+      const placeholder = SECTION_PLACEHOLDERS[section] ?? "To be documented.";
+      result += `
+
+${section}
+
+${placeholder}`;
+    }
+  }
+  return `${result}
+`;
+}
+
+// src/core/doctor/checks/memory-integrity-check.ts
+var featureFolderPattern3 = /^F-\d{3,}-[a-z0-9]+(?:-[a-z0-9]+)*$/u;
 var adrFilePattern2 = /^ADR-\d{4,}-[a-z0-9]+(?:-[a-z0-9]+)*\.md$/u;
 var requiredFeatureDocs = [
   "PRD.md",
@@ -1790,14 +2144,7 @@ var requiredFeatureDocs = [
   "COMPLETION_REPORT.md"
 ];
 var requiredModuleDocs = ["MODULE.md", "TASKS.md", "TEST_PLAN.md", "DECISIONS.md"];
-var requiredAdrSections = [
-  "## Status",
-  "## Context",
-  "## Decision",
-  "## Alternatives Considered",
-  "## Consequences",
-  "## Related Documents"
-];
+var requiredAdrSections = REQUIRED_ADR_SECTIONS;
 async function checkMemoryIntegrity(context) {
   if (context.config === void 0) {
     return [];
@@ -1810,13 +2157,13 @@ async function checkMemoryIntegrity(context) {
 }
 async function checkFeatureFolders(rootDir, featuresDir) {
   const findings = [];
-  const entries = await readDirIfExists3(rootDir, featuresDir);
+  const entries = await readDirIfExists4(rootDir, featuresDir);
   const featureFolders = entries.filter(
-    (entry) => entry.isDirectory() && featureFolderPattern2.test(entry.name)
+    (entry) => entry.isDirectory() && featureFolderPattern3.test(entry.name)
   );
   for (const featureFolder of featureFolders) {
     for (const requiredDoc of requiredFeatureDocs) {
-      const filePath = path9.posix.join(featuresDir, featureFolder.name, requiredDoc);
+      const filePath = path10.posix.join(featuresDir, featureFolder.name, requiredDoc);
       if (!await isFile(rootDir, filePath)) {
         findings.push({
           severity: "error",
@@ -1836,11 +2183,11 @@ async function checkFeatureFolders(rootDir, featuresDir) {
 }
 async function checkModuleFolders(rootDir, modulesDir) {
   const findings = [];
-  const entries = await readDirIfExists3(rootDir, modulesDir);
+  const entries = await readDirIfExists4(rootDir, modulesDir);
   const moduleFolders = entries.filter((entry) => entry.isDirectory());
   for (const moduleFolder of moduleFolders) {
     for (const requiredDoc of requiredModuleDocs) {
-      const filePath = path9.posix.join(modulesDir, moduleFolder.name, requiredDoc);
+      const filePath = path10.posix.join(modulesDir, moduleFolder.name, requiredDoc);
       if (!await isFile(rootDir, filePath)) {
         findings.push({
           severity: "error",
@@ -1860,11 +2207,11 @@ async function checkModuleFolders(rootDir, modulesDir) {
 }
 async function checkAdrFiles(rootDir, adrDir) {
   const findings = [];
-  const entries = await readDirIfExists3(rootDir, adrDir);
+  const entries = await readDirIfExists4(rootDir, adrDir);
   const adrFiles = entries.filter((entry) => entry.isFile() && adrFilePattern2.test(entry.name));
   for (const adrFile of adrFiles) {
-    const filePath = path9.posix.join(adrDir, adrFile.name);
-    const content = await readFile7(path9.join(rootDir, filePath), "utf8");
+    const filePath = path10.posix.join(adrDir, adrFile.name);
+    const content = await readFile8(path10.join(rootDir, filePath), "utf8");
     for (const requiredSection of requiredAdrSections) {
       if (!content.includes(requiredSection)) {
         findings.push({
@@ -1883,9 +2230,9 @@ async function checkAdrFiles(rootDir, adrDir) {
   });
   return findings;
 }
-async function readDirIfExists3(rootDir, relativePath) {
+async function readDirIfExists4(rootDir, relativePath) {
   try {
-    return await readdir6(path9.join(rootDir, relativePath), { withFileTypes: true });
+    return await readdir8(path10.join(rootDir, relativePath), { withFileTypes: true });
   } catch (error) {
     const nodeError = error;
     if (nodeError.code === "ENOENT") {
@@ -1896,7 +2243,7 @@ async function readDirIfExists3(rootDir, relativePath) {
 }
 async function isFile(rootDir, relativePath) {
   try {
-    return (await lstat2(path9.join(rootDir, relativePath))).isFile();
+    return (await lstat2(path10.join(rootDir, relativePath))).isFile();
   } catch (error) {
     const nodeError = error;
     if (nodeError.code === "ENOENT") {
@@ -1908,7 +2255,7 @@ async function isFile(rootDir, relativePath) {
 
 // src/core/doctor/checks/required-files-check.ts
 import { lstat as lstat3 } from "fs/promises";
-import path10 from "path";
+import path11 from "path";
 var rootFiles = ["AGENTS.md", "CLAUDE.md"];
 var requiredDocs = [
   "00-product/PRD.md",
@@ -1935,12 +2282,12 @@ async function checkRequiredFiles(context) {
     }
   }
   for (const relativeDocPath of requiredDocs) {
-    const filePath = path10.posix.join(docsDir, relativeDocPath);
+    const filePath = path11.posix.join(docsDir, relativeDocPath);
     if (!await isFile2(context.rootDir, filePath)) {
       findings.push(missingFile(filePath, "required-docs"));
     }
   }
-  const adrIndexPath = path10.posix.join(context.config?.adrDir ?? "docs/adrs", "README.md");
+  const adrIndexPath = path11.posix.join(context.config?.adrDir ?? "docs/adrs", "README.md");
   if (!await isFile2(context.rootDir, adrIndexPath)) {
     findings.push(missingFile(adrIndexPath, "required-docs"));
   }
@@ -1966,7 +2313,7 @@ async function checkRequiredFiles(context) {
 }
 async function isFile2(rootDir, relativePath) {
   try {
-    return (await lstat3(path10.join(rootDir, relativePath))).isFile();
+    return (await lstat3(path11.join(rootDir, relativePath))).isFile();
   } catch (error) {
     const nodeError = error;
     if (nodeError.code === "ENOENT") {
@@ -1977,7 +2324,7 @@ async function isFile2(rootDir, relativePath) {
 }
 async function isDirectory(rootDir, relativePath) {
   try {
-    return (await lstat3(path10.join(rootDir, relativePath))).isDirectory();
+    return (await lstat3(path11.join(rootDir, relativePath))).isDirectory();
   } catch (error) {
     const nodeError = error;
     if (nodeError.code === "ENOENT") {
@@ -1996,9 +2343,9 @@ function missingFile(pathValue, check) {
 }
 
 // src/core/doctor/checks/standards-check.ts
-import { lstat as lstat4, readFile as readFile8, readdir as readdir7 } from "fs/promises";
-import path11 from "path";
-var featureFolderPattern3 = /^F-\d{3,}-[a-z0-9]+(?:-[a-z0-9]+)*$/u;
+import { lstat as lstat4, readFile as readFile9, readdir as readdir9 } from "fs/promises";
+import path12 from "path";
+var featureFolderPattern4 = /^F-\d{3,}-[a-z0-9]+(?:-[a-z0-9]+)*$/u;
 var adrFilePattern3 = /^ADR-\d{4,}-[a-z0-9]+(?:-[a-z0-9]+)*\.md$/u;
 var securitySensitivePattern = /\b(auth|authentication|authorization|secrets?|storage|networking?|telemetry|file writes?|write policy|dependencies?|mcp|ai api|cloud|runtime)\b/iu;
 async function checkStandards(context) {
@@ -2012,18 +2359,18 @@ async function checkStandards(context) {
 }
 async function checkFeatureStandards(rootDir, featuresDir) {
   const findings = [];
-  const entries = await readDirIfExists4(rootDir, featuresDir);
+  const entries = await readDirIfExists5(rootDir, featuresDir);
   const featureFolders = entries.filter(
-    (entry) => entry.isDirectory() && featureFolderPattern3.test(entry.name)
+    (entry) => entry.isDirectory() && featureFolderPattern4.test(entry.name)
   );
   for (const featureFolder of featureFolders) {
-    const featureDir = path11.posix.join(featuresDir, featureFolder.name);
-    const completionReportPath = path11.posix.join(featureDir, "COMPLETION_REPORT.md");
-    const reviewPath = path11.posix.join(featureDir, "REVIEW.md");
-    const architectureImpactPath = path11.posix.join(featureDir, "ARCHITECTURE_IMPACT.md");
-    const completionReport = await readFileIfExists2(rootDir, completionReportPath);
-    const review = await readFileIfExists2(rootDir, reviewPath);
-    const architectureImpact = await readFileIfExists2(rootDir, architectureImpactPath);
+    const featureDir = path12.posix.join(featuresDir, featureFolder.name);
+    const completionReportPath = path12.posix.join(featureDir, "COMPLETION_REPORT.md");
+    const reviewPath = path12.posix.join(featureDir, "REVIEW.md");
+    const architectureImpactPath = path12.posix.join(featureDir, "ARCHITECTURE_IMPACT.md");
+    const completionReport = await readFileIfExists3(rootDir, completionReportPath);
+    const review = await readFileIfExists3(rootDir, reviewPath);
+    const architectureImpact = await readFileIfExists3(rootDir, architectureImpactPath);
     if (completionReport !== void 0) {
       const featureIsComplete = sectionContains2(completionReport, "Status", /\bcomplete\b/iu);
       if (featureIsComplete) {
@@ -2067,11 +2414,11 @@ async function checkFeatureStandards(rootDir, featuresDir) {
 }
 async function checkAdrStandards(rootDir, adrDir) {
   const findings = [];
-  const entries = await readDirIfExists4(rootDir, adrDir);
+  const entries = await readDirIfExists5(rootDir, adrDir);
   const adrFiles = entries.filter((entry) => entry.isFile() && adrFilePattern3.test(entry.name));
   for (const adrFile of adrFiles) {
-    const adrPath = path11.posix.join(adrDir, adrFile.name);
-    const content = await readFile8(path11.join(rootDir, adrPath), "utf8");
+    const adrPath = path12.posix.join(adrDir, adrFile.name);
+    const content = await readFile9(path12.join(rootDir, adrPath), "utf8");
     const isAccepted = sectionContains2(content, "Status", /\baccepted\b/iu);
     if (!hasMeaningfulSection(content, "Consequences")) {
       findings.push({
@@ -2153,9 +2500,9 @@ function isPlaceholder(value) {
   }
   return normalized.includes("implementation is in progress") || normalized.includes("will be completed after implementation");
 }
-async function readDirIfExists4(rootDir, relativePath) {
+async function readDirIfExists5(rootDir, relativePath) {
   try {
-    return await readdir7(path11.join(rootDir, relativePath), { withFileTypes: true });
+    return await readdir9(path12.join(rootDir, relativePath), { withFileTypes: true });
   } catch (error) {
     const nodeError = error;
     if (nodeError.code === "ENOENT") {
@@ -2164,12 +2511,12 @@ async function readDirIfExists4(rootDir, relativePath) {
     throw error;
   }
 }
-async function readFileIfExists2(rootDir, relativePath) {
+async function readFileIfExists3(rootDir, relativePath) {
   try {
     if (!await isFile3(rootDir, relativePath)) {
       return void 0;
     }
-    return await readFile8(path11.join(rootDir, relativePath), "utf8");
+    return await readFile9(path12.join(rootDir, relativePath), "utf8");
   } catch (error) {
     const nodeError = error;
     if (nodeError.code === "ENOENT") {
@@ -2180,7 +2527,7 @@ async function readFileIfExists2(rootDir, relativePath) {
 }
 async function isFile3(rootDir, relativePath) {
   try {
-    return (await lstat4(path11.join(rootDir, relativePath))).isFile();
+    return (await lstat4(path12.join(rootDir, relativePath))).isFile();
   } catch (error) {
     const nodeError = error;
     if (nodeError.code === "ENOENT") {
@@ -2205,6 +2552,7 @@ async function runDoctor(rootDir) {
     findings.push(...await checkStandards(context));
     findings.push(...await checkDrift(context));
     findings.push(...await checkContent(context));
+    findings.push(...await checkCodeReferences(context));
   }
   return createDoctorReport(findings);
 }
@@ -2281,11 +2629,11 @@ function formatDoctorResult(result) {
 }
 
 // src/commands/init.ts
-import { existsSync as existsSync5 } from "fs";
-import path14 from "path";
+import { existsSync as existsSync6 } from "fs";
+import path15 from "path";
 
 // src/core/generator/generate-init.ts
-import path12 from "path";
+import path13 from "path";
 var neutralTemplates = [
   {
     path: "AGENTS.md",
@@ -2310,11 +2658,41 @@ Repository rules override model preferences. If instructions conflict, stop and
     path: "CLAUDE.md",
     content: `# {{repositoryName}} Claude Instructions
 
-Use this file as a short routing guide.
+This file is loaded automatically every Claude session. The durable project memory lives in \`docs/\`;
+do not rely on chat history as source of truth, and repository rules override model preference.
+
+@AGENTS.md
+
+Read the docs that \`AGENTS.md\` routes to before changing code or repository memory. A SessionStart
+hook (\`.claude/hooks/session-start.sh\`) also injects a memory map at the start of each session.
+`
+  },
+  {
+    // Cursor auto-applies rules under .cursor/rules. alwaysApply makes this the portable equivalent
+    // of the Claude Code SessionStart hook: Cursor injects it into every request so the agent loads
+    // repository memory even though it cannot run the Claude-specific hook.
+    path: ".cursor/rules/recall-memory.mdc",
+    content: `---
+description: {{repositoryName}} repository memory and rules (Recall OS). Read before non-trivial work.
+globs:
+alwaysApply: true
+---
+
+# {{repositoryName}} repository memory
+
+This repository uses Recall OS. Durable memory lives in \`docs/\` and is the source of truth over chat
+history. Do not treat chat history as truth, and repository rules override model preference.
+
+Before non-trivial work:
 
-The durable project memory lives in \`docs/\`. Do not rely on chat history as source of truth.
+- Read \`AGENTS.md\` and the docs it routes to.
+- Accepted decisions live in \`docs/adrs/\`; module memory lives in \`docs/30-modules/\`.
+- If an instruction conflicts with accepted repository memory, stop and report the conflict.
 
-Read \`AGENTS.md\` and the relevant docs before changing code or repository memory.
+Source-of-truth order: accepted ADRs and repository decisions, then architecture docs, engineering
+standards, the current PRD, security and testing docs, module docs, feature plans, then chat history.
+
+Before claiming work is complete, run \`recall doctor\` and fix reported errors.
 `
   },
   {
@@ -2398,26 +2776,78 @@ Default behavior:
     path: "docs/20-security/SECURITY_MODEL.md",
     content: `# Security Model
 
-## Current Status
+## Status
 
-Draft.
+Draft \u2014 fill the prompted sections below with this repository's real model as it grows. \`recall doctor\`
+flags these as warnings once the repository has real work (a feature, module, or accepted decision).
 
 ## Baseline Rules
 
-- Do not commit secrets.
-- Do not read or copy \`.env\` files into docs.
+- Never commit secrets or credentials, and never read or copy \`.env\` files into docs.
+- Validate and authorize untrusted input at every trust boundary.
 - Do not add network, telemetry, cloud, MCP runtime, or AI API behavior without explicit review.
+
+## Authentication And Authorization
+
+Describe how this repository authenticates users or clients and how it authorizes actions, including
+where those checks live.
+
+## Secrets And Configuration
+
+Describe where secrets live, how they are injected, and how configuration is kept out of version
+control.
+
+## Sensitive Data
+
+Describe the sensitive or personal data this repository handles, and how it is protected at rest and
+in transit.
+
+## Dependencies And Supply Chain
+
+Describe how third-party dependencies are vetted, pinned, and updated.
 `
   },
   {
     path: "docs/20-security/THREAT_MODEL.md",
     content: `# Threat Model
 
-## Current Status
+## Status
 
-Draft.
+Draft \u2014 replace the prompts below with this repository's real analysis as it grows. \`recall doctor\`
+flags these as warnings once the repository has real work (a feature, module, or accepted decision).
+
+## Assets
+
+Describe what this repository must protect: user data, credentials, money, availability, or
+reputation.
+
+## Entry Points
+
+Describe where untrusted input enters: HTTP endpoints, webhooks, file uploads, queues, CLI input, or
+third-party callbacks.
+
+## Trust Boundaries
 
-Track repository-specific risks here as the project evolves.
+Describe where trust changes: client to server, service to database, your code to third-party APIs.
+
+## Threats
+
+Describe the concrete threats that apply to this repository, by category:
+
+- Spoofing \u2014 how identities are faked or sessions stolen.
+- Tampering \u2014 how requests, data, or builds are altered (injection, mass assignment).
+- Repudiation \u2014 actions that must remain auditable.
+- Information disclosure \u2014 how sensitive data or secrets could leak.
+- Denial of service \u2014 how the system can be overwhelmed or abused.
+- Elevation of privilege \u2014 how a user could gain access they should not have.
+
+## Mitigations
+
+Describe the control in place or planned for each threat above.
+
+## Open Risks
+
+Describe accepted or unresolved risks and who owns them.
 `
   },
   {
@@ -2670,14 +3100,38 @@ Agents should not implement meaningful feature work without a feature plan or cl
     path: "docs/adrs/README.md",
     content: `# Architecture Decision Records
 
-Accepted architecture choices belong here.
+Accepted ADRs live in this directory as \`ADR-####-<slug>.md\` with \`## Status\` set to \`Accepted\`.
+Proposed ADRs live under \`docs/adrs/proposed/\`.
+
+There is no \`accepted/\` subdirectory: accepted ADRs sit at the top level of \`docs/adrs/\`.
 
-Presets and AI agents may propose decisions, but humans accept them.
+Presets and AI agents may propose decisions; humans accept them with \`recall adr accept <name>\`,
+which promotes a proposal into an accepted ADR here.
+`
+  },
+  {
+    path: ".github/workflows/recall.yml",
+    content: `name: Recall OS
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  doctor:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+      - name: Validate repository memory
+        run: npx --yes recall-os@latest doctor
 `
   }
 ];
 function generateInitFiles(options) {
-  const repositoryName = path12.basename(path12.resolve(options.rootDir)) || "repository";
+  const repositoryName = path13.basename(path13.resolve(options.rootDir)) || "repository";
   const context = createTemplateContext({ repositoryName });
   const files = neutralTemplates.map((template) => ({
     path: template.path,
@@ -2696,24 +3150,25 @@ function generatePresetFiles(preset) {
     })),
     ...preset.proposedDecisions.map((decision) => ({
       path: decision.destination,
-      content: decision.body
+      // Normalize every preset's proposed ADR so it stays Doctor-healthy once accepted.
+      content: ensureRequiredAdrSections(decision.body)
     }))
   ];
 }
 
 // src/core/hooks/detect-gates.ts
-import { existsSync as existsSync4 } from "fs";
-import { readFile as readFile9 } from "fs/promises";
-import path13 from "path";
+import { existsSync as existsSync5 } from "fs";
+import { readFile as readFile10 } from "fs/promises";
+import path14 from "path";
 var KNOWN_SCRIPTS = ["test", "typecheck", "lint"];
 async function detectPreCommitGates(rootDir) {
-  const packageJsonPath = path13.join(rootDir, "package.json");
-  if (!existsSync4(packageJsonPath)) {
+  const packageJsonPath = path14.join(rootDir, "package.json");
+  if (!existsSync5(packageJsonPath)) {
     return [];
   }
   let scripts;
   try {
-    const raw = await readFile9(packageJsonPath, "utf8");
+    const raw = await readFile10(packageJsonPath, "utf8");
     const parsed = JSON.parse(raw);
     scripts = parsed.scripts ?? {};
   } catch {
@@ -2722,16 +3177,16 @@ async function detectPreCommitGates(rootDir) {
   if (typeof scripts !== "object" || scripts === null) {
     return [];
   }
-  const packageManager = detectPackageManager(rootDir);
+  const packageManager = detectPackageManager2(rootDir);
   return KNOWN_SCRIPTS.filter((script) => typeof scripts[script] === "string").map(
     (script) => `${packageManager} run ${script}`
   );
 }
-function detectPackageManager(rootDir) {
-  if (existsSync4(path13.join(rootDir, "pnpm-lock.yaml"))) {
+function detectPackageManager2(rootDir) {
+  if (existsSync5(path14.join(rootDir, "pnpm-lock.yaml"))) {
     return "pnpm";
   }
-  if (existsSync4(path13.join(rootDir, "yarn.lock"))) {
+  if (existsSync5(path14.join(rootDir, "yarn.lock"))) {
     return "yarn";
   }
   return "npm";
@@ -2740,6 +3195,39 @@ function detectPackageManager(rootDir) {
 // src/core/hooks/generate-hook.ts
 var PRE_COMMIT_HOOK_PATH = ".recall/hooks/pre-commit";
 var HOOKS_PATH_ACTIVATION_COMMAND = "git config core.hooksPath .recall/hooks";
+var SESSION_START_HOOK_PATH = ".claude/hooks/session-start.sh";
+var CLAUDE_SETTINGS_PATH = ".claude/settings.json";
+function renderSessionStartHook() {
+  return `#!/bin/sh
+# Recall OS Claude Code SessionStart hook.
+# Generated by \`recall init\`. Injects a repository-memory map into every Claude Code session so a
+# fresh agent reliably loads durable memory. Wired in .claude/settings.json. Read-only.
+
+adrs=$(ls docs/adrs/ADR-*.md 2>/dev/null | sed 's|.*/||;s|\\.md$||' | tr '\\n' ' ')
+modules=$(ls -d docs/30-modules/*/ 2>/dev/null | sed 's|docs/30-modules/||;s|/$||' | tr '\\n' ' ')
+
+context="Recall OS repository memory is the source of truth over chat history. Before non-trivial work, read AGENTS.md and the docs it routes to; repository rules override model preference. Accepted ADRs (docs/adrs/): \${adrs:-none yet}. Modules (docs/30-modules/): \${modules:-none yet}. Run 'recall doctor' before claiming work complete."
+
+printf '{"hookSpecificOutput":{"hookEventName":"SessionStart","additionalContext":"%s"}}\\n' "$context"
+`;
+}
+function renderClaudeSettings() {
+  return `${JSON.stringify(
+    {
+      hooks: {
+        SessionStart: [
+          {
+            matcher: "startup",
+            hooks: [{ type: "command", command: `./${SESSION_START_HOOK_PATH}` }]
+          }
+        ]
+      }
+    },
+    null,
+    2
+  )}
+`;
+}
 function renderPreCommitHook(gates) {
   const lines = [
     "#!/bin/sh",
@@ -3251,73 +3739,129 @@ Consider MVVM with unidirectional state from ViewModels, awaiting human acceptan
   ]
 };
 
-// src/presets/nextjs/preset.ts
-var guidance3 = `# Next.js Preset Guidance
+// src/presets/laravel/shared.ts
+var VARIANTS = {
+  react: {
+    id: "laravel-react",
+    label: "React via Inertia",
+    description: "Opinionated Laravel + Inertia + React opinion pack (proposed decisions only). Matches the official Laravel React starter kit.",
+    frontendLine: "Frontend: Inertia 2 + React 19 + TypeScript + Tailwind, built with Vite (the official React starter kit, with shadcn/ui for components).",
+    deliveryLine: "The app is a server-driven SPA: Laravel controllers return Inertia responses with typed props; there is no separate REST client for first-party screens."
+  },
+  vue: {
+    id: "laravel-vue",
+    label: "Vue via Inertia",
+    description: "Opinionated Laravel + Inertia + Vue opinion pack (proposed decisions only). Matches the official Laravel Vue starter kit.",
+    frontendLine: "Frontend: Inertia 2 + Vue 3 (script setup) + TypeScript + Tailwind, built with Vite (the official Vue starter kit).",
+    deliveryLine: "The app is a server-driven SPA: Laravel controllers return Inertia responses with typed props; there is no separate REST client for first-party screens."
+  },
+  api: {
+    id: "laravel-api",
+    label: "API / SPA backend",
+    description: "Opinionated Laravel API-only opinion pack (proposed decisions only) for a decoupled SPA or mobile client.",
+    frontendLine: "No server-rendered frontend: Laravel is an HTTP JSON API consumed by a separate SPA or mobile app.",
+    deliveryLine: "Controllers return JSON via API Resources; first-party SPAs authenticate with Sanctum cookies, mobile clients with Sanctum tokens."
+  }
+};
+function adr(presetId, topic, title, body) {
+  return {
+    id: `${presetId}-${topic}`,
+    title,
+    status: "proposed",
+    destination: `docs/adrs/proposed/ADR-PROPOSED-${presetId}-${topic}.md`,
+    body
+  };
+}
+function related(presetId, ...extra) {
+  return [
+    `## Related Documents`,
+    ``,
+    `- \`docs/ai/presets/${presetId}-guidance.md\` \u2014 the proposed Laravel stack guidance.`,
+    `- \`docs/10-architecture/ARCHITECTURE.md\` \u2014 record the accepted architecture here once promoted.`,
+    ...extra.map((line) => `- ${line}`),
+    ``
+  ].join("\n");
+}
+function laravelGuidance(variant) {
+  const profile = VARIANTS[variant];
+  return `# Laravel Preset Guidance (${profile.label})
 
 This is proposed guidance, not accepted. Convert any architecture choice into a proposed ADR, then an
-accepted ADR, before treating it as repository truth.
+accepted ADR, before treating it as repository truth. Repository rules override model preference.
+
+## The stack (proposed)
+
+- Laravel 12 on PHP 8.3+, using the official conventions and directory layout.
+- ${profile.frontendLine}
+- Database: PostgreSQL (MySQL is the alternative) through Eloquent and migrations.
+- Auth: Laravel Sanctum for first-party SPA and mobile clients (Passport only if you need third-party OAuth2).
+- Background work: queues, with Redis and Laravel Horizon when throughput grows.
+- Tests: Pest, with database factories and feature tests over real routes.
+
+${profile.deliveryLine}
 
 ## Decision forks this stack forces
 
-- Routing: App Router vs Pages Router.
-- Rendering: Server Components and server actions vs client-heavy rendering.
-- Data layer: Drizzle or Prisma with PostgreSQL vs a hosted backend.
-- Styling: Tailwind CSS vs CSS Modules vs a component library.
-- Testing: Vitest with Testing Library and Playwright vs other runners.
+- Frontend delivery: Inertia (server-driven SPA) vs a decoupled API + separate SPA vs Blade + Livewire.
+- Auth: Sanctum (first-party SPA and mobile) vs Passport (third-party OAuth2) vs a managed identity provider.
+- Database: PostgreSQL vs MySQL, and where read scaling and queues live (Redis vs database driver).
+- Authorization: Policies and Gates vs ad-hoc checks; validation via Form Requests vs inline.
+- Business logic: thin controllers with Action/Service classes vs fat controllers and models.
+- Testing: Pest vs PHPUnit.
 
 ## Recommended structure (proposed)
 
-- The App Router with route groups and colocated server components.
-- A typed data layer isolated from UI components.
-- Shared UI primitives and a consistent styling system.
+- Keep controllers thin: they validate, authorize, delegate, and return a response \u2014 nothing more.
+- Put request validation **and** authorization in Form Requests (\`authorize()\` + \`rules()\`).
+- Put per-model and per-action permission logic in Policies and Gates, not in controllers.
+- Put business logic in single-purpose Action or Service classes, not in controllers or models.
+- Shape every outbound payload with API Resources (or typed Inertia props), never raw models.
+- Declare \`$fillable\` (or \`$guarded\`) explicitly on every Eloquent model to stop mass assignment.
+
+## Data and performance (proposed)
+
+- Eager-load relationships (\`with(...)\`) to avoid N+1 queries; enable \`Model::preventLazyLoading()\` in local and CI.
+- Wrap multi-write operations in database transactions.
+- Paginate list endpoints; never return unbounded collections.
+- Move email, exports, third-party calls, and other slow work into queued jobs.
+- Cache expensive reads deliberately, with explicit invalidation.
 
 ## Testing (proposed)
 
-- Unit and component tests with Vitest and Testing Library.
-- End-to-end tests with Playwright for critical flows.
-- Type-safe data access tested against a disposable database.
+- Write Pest feature tests that exercise real routes end to end, using \`RefreshDatabase\`.
+- Build state with model factories, not hand-rolled fixtures.
+- Test authorization explicitly: a forbidden action must assert a 403, not just a happy path.
+- Cover validation failures, not only the success case.
 
 ## Security considerations (proposed)
 
-- Keep secrets in server-only environment variables, never in client bundles.
-- Validate input on the server, including server actions and route handlers.
-- Scope authentication and authorization on the server, not the client.
-`;
-function proposedAdr3(topic, title, body) {
-  return {
-    id: `nextjs-${topic}`,
-    title,
-    status: "proposed",
-    destination: `docs/adrs/proposed/ADR-PROPOSED-nextjs-${topic}.md`,
-    body
-  };
+- Validate every inbound request through Form Requests; persist only validated data.
+- Authorize every state-changing action through a Policy or Gate.
+- Keep secrets in \`.env\`; never commit \`.env\` or hardcode credentials.
+- Apply rate limiting to auth and write endpoints.
+- Keep mass assignment locked down and never trust client-supplied IDs without an ownership check.
+${variant === "api" ? "- Scope Sanctum tokens to least privilege; SPA clients use the cookie guard with CSRF protection.\n" : "- Inertia uses Laravel's session and CSRF protection; keep auth and authorization on the server, never the client.\n"}`;
 }
-var nextjsPreset = {
-  id: "nextjs",
-  name: "Next.js",
-  description: "Opinionated Next.js opinion pack with proposed decisions only.",
-  templates: [
-    {
-      destination: "docs/ai/presets/nextjs-guidance.md",
-      description: "Next.js guidance that remains proposed until accepted.",
-      content: guidance3
-    }
-  ],
-  guidance: [
+function laravelGuidanceItems() {
+  return [
     {
-      title: "Keep framework choices proposed",
-      body: "Routing, rendering, data layer, styling, and testing choices must remain proposed until accepted in repository memory."
+      title: "Keep stack choices proposed",
+      body: "Framework, frontend delivery, database, auth, and testing choices stay proposed until accepted in repository memory."
     },
     {
-      title: "Keep secrets server-side",
-      body: "Never expose secrets to the client bundle, and record the data and auth approach as proposed decisions before acceptance."
+      title: "Thin controllers, explicit authorization",
+      body: "Validate and authorize in Form Requests and Policies, keep business logic in Action or Service classes, and shape output with Resources \u2014 propose these as decisions before treating them as truth."
     }
-  ],
-  proposedDecisions: [
-    proposedAdr3(
+  ];
+}
+function laravelProposedDecisions(variant) {
+  const presetId = VARIANTS[variant].id;
+  const base = [
+    adr(
+      presetId,
       "framework",
-      "Use Next.js",
-      `# Proposed ADR: Use Next.js
+      "Use Laravel",
+      `# Proposed ADR: Use Laravel
 
 ## Status
 
@@ -3325,28 +3869,30 @@ Proposed
 
 ## Context
 
-The team needs a React framework for a production web application.
+The team needs a productive, batteries-included PHP framework for a production web application.
 
 ## Decision
 
-Consider Next.js as the application framework. This is not accepted until a human reviews and accepts
-it.
+Consider Laravel 12 on PHP 8.3+ as the application framework, following its standard conventions and
+directory structure. This is not accepted until a human reviews and accepts it.
 
 ## Alternatives Considered
 
-- A Vite single-page app with a separate API.
-- Remix or another framework.
+- Symfony for a more component-assembled approach.
+- A different language or framework entirely.
 
 ## Consequences
 
-- Server rendering, routing, and a large ecosystem.
-- Couples the app to Next.js conventions.
-`
+- A mature ecosystem (Eloquent, queues, Sanctum, Horizon) and strong conventions.
+- Couples the application to Laravel's conventions and release cadence.
+
+${related(presetId)}`
     ),
-    proposedAdr3(
-      "routing-app-router",
-      "Use the App Router",
-      `# Proposed ADR: Use the App Router
+    adr(
+      presetId,
+      "database-eloquent",
+      "Use Eloquent and migrations on PostgreSQL",
+      `# Proposed ADR: Use Eloquent and migrations on PostgreSQL
 
 ## Status
 
@@ -3354,27 +3900,30 @@ Proposed
 
 ## Context
 
-Next.js offers the App Router and the legacy Pages Router.
+The application needs a relational database and a schema workflow.
 
 ## Decision
 
-Consider the App Router with Server Components, awaiting human acceptance.
+Consider PostgreSQL (MySQL as the alternative) accessed through Eloquent and versioned migrations,
+awaiting human acceptance.
 
 ## Alternatives Considered
 
-- The Pages Router.
-- A mix during migration.
+- MySQL or MariaDB.
+- The query builder or raw SQL without Eloquent.
 
 ## Consequences
 
-- Server Components and nested layouts.
-- Requires understanding server and client boundaries.
-`
+- Expressive models, relationships, and reproducible schema migrations.
+- Requires discipline against N+1 queries and unbounded result sets.
+
+${related(presetId, "`docs/50-quality/TESTING_STRATEGY.md` \u2014 how database tests use factories and a disposable database.")}`
     ),
-    proposedAdr3(
-      "data-layer",
-      "Use a typed data layer with PostgreSQL",
-      `# Proposed ADR: Use a typed data layer with PostgreSQL
+    adr(
+      presetId,
+      "auth-sanctum",
+      "Use Laravel Sanctum for authentication",
+      `# Proposed ADR: Use Laravel Sanctum for authentication
 
 ## Status
 
@@ -3382,27 +3931,30 @@ Proposed
 
 ## Context
 
-The app needs a database and a typed access layer.
+The application needs authentication for first-party clients (${variant === "api" ? "a separate SPA and mobile apps" : "an Inertia SPA, and possibly mobile apps"}).
 
 ## Decision
 
-Consider Drizzle or Prisma with PostgreSQL, awaiting human acceptance.
+Consider Laravel Sanctum: the cookie-based guard for first-party SPAs and API tokens for mobile or
+scripted clients. This is not accepted until a human reviews and accepts it.
 
 ## Alternatives Considered
 
-- A hosted backend or BaaS.
-- Raw SQL.
+- Laravel Passport for full OAuth2 (third-party delegated access).
+- A managed identity provider.
 
 ## Consequences
 
-- Type-safe queries and migrations.
-- Adds an ORM and schema workflow.
-`
+- Lightweight first-party auth without standing up a full OAuth2 server.
+- If third-party delegated access is ever required, revisit with Passport.
+
+${related(presetId, "`docs/20-security/SECURITY_MODEL.md` \u2014 record the accepted auth and session model here.")}`
     ),
-    proposedAdr3(
-      "styling-tailwind",
-      "Use Tailwind CSS",
-      `# Proposed ADR: Use Tailwind CSS
+    adr(
+      presetId,
+      "validation-authorization",
+      "Validate with Form Requests and authorize with Policies",
+      `# Proposed ADR: Validate with Form Requests and authorize with Policies
 
 ## Status
 
@@ -3410,27 +3962,31 @@ Proposed
 
 ## Context
 
-The app needs a styling approach.
+Input validation and authorization must be consistent and centralized, not scattered across
+controllers.
 
 ## Decision
 
-Consider Tailwind CSS for styling, awaiting human acceptance.
+Consider Form Requests for validation (and request-level authorization) plus Policies and Gates for
+per-model and per-action permission checks, awaiting human acceptance.
 
 ## Alternatives Considered
 
-- CSS Modules.
-- A component library with its own styling.
+- Inline validation and authorization in controllers.
+- A third-party permissions package layered on top.
 
 ## Consequences
 
-- Fast, consistent utility-based styling.
-- Markup includes utility classes that teams must standardize.
-`
+- Controllers stay thin; validation and authorization are testable in isolation.
+- Every state-changing action must have an explicit authorization path.
+
+${related(presetId)}`
     ),
-    proposedAdr3(
-      "testing",
-      "Use Vitest and Playwright",
-      `# Proposed ADR: Use Vitest and Playwright
+    adr(
+      presetId,
+      "application-structure",
+      "Keep controllers thin with Action and Service classes",
+      `# Proposed ADR: Keep controllers thin with Action and Service classes
 
 ## Status
 
@@ -3438,93 +3994,278 @@ Proposed
 
 ## Context
 
-The app needs unit, component, and end-to-end testing.
+Business logic tends to accumulate in controllers and models, which makes it hard to test and reuse.
 
 ## Decision
 
-Consider Vitest with Testing Library and Playwright, awaiting human acceptance.
+Consider thin controllers that delegate to single-purpose Action or Service classes, with outbound
+payloads shaped by API Resources (or typed Inertia props). This is not accepted until a human accepts
+it.
 
 ## Alternatives Considered
 
-- Jest.
-- Cypress for end-to-end tests.
+- Fat controllers.
+- Fat models holding business logic.
 
 ## Consequences
 
-- Fast unit and component tests plus reliable end-to-end coverage.
-- Teams maintain two test toolchains.
-`
+- Reusable, unit-testable business logic and consistent response shapes.
+- More classes and a convention the team must follow.
+
+${related(presetId)}`
+    ),
+    adr(
+      presetId,
+      "queues-horizon",
+      "Run slow work on queues",
+      `# Proposed ADR: Run slow work on queues
+
+## Status
+
+Proposed
+
+## Context
+
+Email, exports, and third-party calls slow down requests and can fail independently.
+
+## Decision
+
+Consider queued jobs for slow or failure-prone work, using the database driver early and Redis with
+Laravel Horizon as throughput grows. This is not accepted until a human reviews and accepts it.
+
+## Alternatives Considered
+
+- Doing the work synchronously in the request.
+- An external task queue or serverless functions.
+
+## Consequences
+
+- Faster responses and isolated, retryable background work.
+- Adds a worker process and queue infrastructure to operate and monitor.
+
+${related(presetId)}`
+    ),
+    adr(
+      presetId,
+      "testing-pest",
+      "Use Pest for testing",
+      `# Proposed ADR: Use Pest for testing
+
+## Status
+
+Proposed
+
+## Context
+
+The application needs a fast, readable testing workflow.
+
+## Decision
+
+Consider Pest with model factories and feature tests that exercise real routes against a disposable
+database, awaiting human acceptance.
+
+## Alternatives Considered
+
+- PHPUnit directly.
+- A thinner test suite focused only on unit tests.
+
+## Consequences
+
+- Concise, expressive tests that cover routes, validation, and authorization.
+- The team standardizes on Pest's syntax and plugins.
+
+${related(presetId, "`docs/50-quality/TESTING_STRATEGY.md` \u2014 record the accepted testing approach here.")}`
     )
-  ]
+  ];
+  return [...base, frontendDecision(variant)];
+}
+function frontendDecision(variant) {
+  const presetId = VARIANTS[variant].id;
+  if (variant === "api") {
+    return adr(
+      presetId,
+      "api-design-rest",
+      "Expose a versioned REST API with API Resources",
+      `# Proposed ADR: Expose a versioned REST API with API Resources
+
+## Status
+
+Proposed
+
+## Context
+
+A decoupled SPA or mobile client consumes Laravel over HTTP, so the API contract must be stable and
+explicit.
+
+## Decision
+
+Consider a versioned REST API (for example \`/api/v1\`) whose responses are shaped by API Resources,
+authenticated with Sanctum, and documented (OpenAPI). This is not accepted until a human accepts it.
+
+## Alternatives Considered
+
+- GraphQL.
+- Server-driven Inertia pages instead of a decoupled API.
+
+## Consequences
+
+- A stable, documented contract that multiple clients can rely on.
+- Versioning and serialization become an explicit, maintained concern.
+
+${related(presetId, "`docs/20-security/SECURITY_MODEL.md` \u2014 record token scopes and the SPA cookie guard here.")}`
+    );
+  }
+  const framework = variant === "react" ? "React 19" : "Vue 3";
+  const components = variant === "react" ? "shadcn/ui components on Tailwind" : "Tailwind with single-file components (script setup)";
+  return adr(
+    presetId,
+    `frontend-inertia-${variant}`,
+    `Use Inertia with ${framework}`,
+    `# Proposed ADR: Use Inertia with ${framework}
+
+## Status
+
+Proposed
+
+## Context
+
+The application needs a modern SPA experience without standing up and securing a separate API for
+first-party screens.
+
+## Decision
+
+Consider Inertia 2 with ${framework} and TypeScript, built with Vite, using ${components}. Controllers
+return Inertia responses with typed props. This is not accepted until a human reviews and accepts it.
+
+## Alternatives Considered
+
+- A decoupled REST or GraphQL API with a standalone SPA.
+- Blade with Livewire.
+
+## Consequences
+
+- Server-driven routing and auth with a reactive ${framework} frontend and no duplicate API layer.
+- Couples the frontend to Inertia's model and the ${framework} ecosystem.
+
+${related(presetId)}`
+  );
+}
+
+// src/presets/laravel-api/preset.ts
+var laravelApiPreset = {
+  id: "laravel-api",
+  name: "Laravel API",
+  description: "Opinionated Laravel API-only opinion pack with proposed decisions only.",
+  templates: [
+    {
+      destination: "docs/ai/presets/laravel-api-guidance.md",
+      description: "Laravel API-only guidance that remains proposed until accepted.",
+      content: laravelGuidance("api")
+    }
+  ],
+  guidance: laravelGuidanceItems(),
+  proposedDecisions: laravelProposedDecisions("api")
 };
 
-// src/presets/python-fastapi/preset.ts
-var guidance4 = `# Python FastAPI Preset Guidance
+// src/presets/laravel-react/preset.ts
+var laravelReactPreset = {
+  id: "laravel-react",
+  name: "Laravel + React",
+  description: "Opinionated Laravel + Inertia + React opinion pack with proposed decisions only.",
+  templates: [
+    {
+      destination: "docs/ai/presets/laravel-react-guidance.md",
+      description: "Laravel + React (Inertia) guidance that remains proposed until accepted.",
+      content: laravelGuidance("react")
+    }
+  ],
+  guidance: laravelGuidanceItems(),
+  proposedDecisions: laravelProposedDecisions("react")
+};
 
-This guidance is proposed, not accepted. Convert any choice you adopt into an accepted ADR in
-repository memory. Until then, treat everything here as a recommendation awaiting human review.
+// src/presets/laravel-vue/preset.ts
+var laravelVuePreset = {
+  id: "laravel-vue",
+  name: "Laravel + Vue",
+  description: "Opinionated Laravel + Inertia + Vue opinion pack with proposed decisions only.",
+  templates: [
+    {
+      destination: "docs/ai/presets/laravel-vue-guidance.md",
+      description: "Laravel + Vue (Inertia) guidance that remains proposed until accepted.",
+      content: laravelGuidance("vue")
+    }
+  ],
+  guidance: laravelGuidanceItems(),
+  proposedDecisions: laravelProposedDecisions("vue")
+};
+
+// src/presets/nextjs/preset.ts
+var guidance3 = `# Next.js Preset Guidance
+
+This is proposed guidance, not accepted. Convert any architecture choice into a proposed ADR, then an
+accepted ADR, before treating it as repository truth.
 
 ## Decision forks this stack forces
 
-- Web framework: FastAPI vs Flask vs Django REST.
-- Database and access: PostgreSQL with SQLAlchemy and Alembic vs an async ORM vs raw SQL.
-- Validation and settings: Pydantic v2 models and settings.
-- Testing: pytest with httpx vs unittest.
-- Background work and caching: Redis, task queues, and async workers.
+- Routing: App Router vs Pages Router.
+- Rendering: Server Components and server actions vs client-heavy rendering.
+- Data layer: Drizzle or Prisma with PostgreSQL vs a hosted backend.
+- Styling: Tailwind CSS vs CSS Modules vs a component library.
+- Testing: Vitest with Testing Library and Playwright vs other runners.
 
 ## Recommended structure (proposed)
 
-- A layered layout: \`api/\` routers, \`services/\` logic, \`repositories/\` data access, \`models/\` schemas.
-- Dependency injection through FastAPI dependencies.
-- Configuration via Pydantic settings loaded from environment variables.
+- The App Router with route groups and colocated server components.
+- A typed data layer isolated from UI components.
+- Shared UI primitives and a consistent styling system.
 
 ## Testing (proposed)
 
-- pytest with the FastAPI test client or httpx \`AsyncClient\`.
-- A disposable test database and transactional fixtures.
-- Contract tests for request and response schemas.
+- Unit and component tests with Vitest and Testing Library.
+- End-to-end tests with Playwright for critical flows.
+- Type-safe data access tested against a disposable database.
 
 ## Security considerations (proposed)
 
-- Load secrets from environment or a secret manager, never from source.
-- Validate and constrain all input with Pydantic models.
-- Scope authentication and authorization at the dependency layer.
+- Keep secrets in server-only environment variables, never in client bundles.
+- Validate input on the server, including server actions and route handlers.
+- Scope authentication and authorization on the server, not the client.
 `;
-function proposedAdr4(topic, title, body) {
+function proposedAdr3(topic, title, body) {
   return {
-    id: `python-fastapi-${topic}`,
+    id: `nextjs-${topic}`,
     title,
     status: "proposed",
-    destination: `docs/adrs/proposed/ADR-PROPOSED-python-fastapi-${topic}.md`,
+    destination: `docs/adrs/proposed/ADR-PROPOSED-nextjs-${topic}.md`,
     body
   };
 }
-var pythonFastapiPreset = {
-  id: "python-fastapi",
-  name: "Python FastAPI",
-  description: "Opinionated Python FastAPI opinion pack with proposed decisions only.",
+var nextjsPreset = {
+  id: "nextjs",
+  name: "Next.js",
+  description: "Opinionated Next.js opinion pack with proposed decisions only.",
   templates: [
     {
-      destination: "docs/ai/presets/python-fastapi-guidance.md",
-      description: "Python FastAPI guidance that remains proposed until accepted.",
-      content: guidance4
+      destination: "docs/ai/presets/nextjs-guidance.md",
+      description: "Next.js guidance that remains proposed until accepted.",
+      content: guidance3
     }
   ],
   guidance: [
     {
-      title: "Keep framework and data choices proposed",
-      body: "FastAPI, the database and ORM, validation, and testing choices must remain proposed until accepted in repository memory."
+      title: "Keep framework choices proposed",
+      body: "Routing, rendering, data layer, styling, and testing choices must remain proposed until accepted in repository memory."
     },
     {
-      title: "Validate all input",
-      body: "Use Pydantic models at the boundary, but record the validation approach as a proposed decision before treating it as accepted."
+      title: "Keep secrets server-side",
+      body: "Never expose secrets to the client bundle, and record the data and auth approach as proposed decisions before acceptance."
     }
   ],
   proposedDecisions: [
-    proposedAdr4(
+    proposedAdr3(
       "framework",
-      "Use FastAPI",
-      `# Proposed ADR: Use FastAPI
+      "Use Next.js",
+      `# Proposed ADR: Use Next.js
 
 ## Status
 
@@ -3532,27 +4273,28 @@ Proposed
 
 ## Context
 
-The service needs a Python web framework for an async API.
+The team needs a React framework for a production web application.
 
 ## Decision
 
-Consider FastAPI as the web framework, awaiting human acceptance.
+Consider Next.js as the application framework. This is not accepted until a human reviews and accepts
+it.
 
 ## Alternatives Considered
 
-- Flask.
-- Django REST Framework.
+- A Vite single-page app with a separate API.
+- Remix or another framework.
 
 ## Consequences
 
-- Async support and automatic OpenAPI docs.
-- Requires comfort with type hints and dependency injection.
+- Server rendering, routing, and a large ecosystem.
+- Couples the app to Next.js conventions.
 `
     ),
-    proposedAdr4(
-      "database-postgres",
-      "Use PostgreSQL with SQLAlchemy and Alembic",
-      `# Proposed ADR: Use PostgreSQL with SQLAlchemy
+    proposedAdr3(
+      "routing-app-router",
+      "Use the App Router",
+      `# Proposed ADR: Use the App Router
 
 ## Status
 
@@ -3560,27 +4302,27 @@ Proposed
 
 ## Context
 
-The service needs a relational database and a migration strategy.
+Next.js offers the App Router and the legacy Pages Router.
 
 ## Decision
 
-Consider PostgreSQL with SQLAlchemy and Alembic migrations, awaiting human acceptance.
+Consider the App Router with Server Components, awaiting human acceptance.
 
 ## Alternatives Considered
 
-- An async ORM such as Tortoise or SQLModel only.
-- Raw SQL with a lightweight driver.
+- The Pages Router.
+- A mix during migration.
 
 ## Consequences
 
-- Mature tooling and explicit migrations.
-- Requires session and connection management discipline.
+- Server Components and nested layouts.
+- Requires understanding server and client boundaries.
 `
     ),
-    proposedAdr4(
-      "validation-pydantic",
-      "Use Pydantic for validation and settings",
-      `# Proposed ADR: Use Pydantic
+    proposedAdr3(
+      "data-layer",
+      "Use a typed data layer with PostgreSQL",
+      `# Proposed ADR: Use a typed data layer with PostgreSQL
 
 ## Status
 
@@ -3588,29 +4330,235 @@ Proposed
 
 ## Context
 
-The service needs request validation and typed configuration.
+The app needs a database and a typed access layer.
 
 ## Decision
 
-Consider Pydantic v2 models for validation and settings, awaiting human acceptance.
+Consider Drizzle or Prisma with PostgreSQL, awaiting human acceptance.
 
 ## Alternatives Considered
 
-- Marshmallow.
-- Hand-written validation.
+- A hosted backend or BaaS.
+- Raw SQL.
 
 ## Consequences
 
-- Strong typing at the boundary and clear settings.
-- Adds Pydantic to the dependency surface.
+- Type-safe queries and migrations.
+- Adds an ORM and schema workflow.
 `
     ),
-    proposedAdr4(
-      "testing-pytest",
-      "Use pytest for testing",
-      `# Proposed ADR: Use pytest
-
-## Status
+    proposedAdr3(
+      "styling-tailwind",
+      "Use Tailwind CSS",
+      `# Proposed ADR: Use Tailwind CSS
+
+## Status
+
+Proposed
+
+## Context
+
+The app needs a styling approach.
+
+## Decision
+
+Consider Tailwind CSS for styling, awaiting human acceptance.
+
+## Alternatives Considered
+
+- CSS Modules.
+- A component library with its own styling.
+
+## Consequences
+
+- Fast, consistent utility-based styling.
+- Markup includes utility classes that teams must standardize.
+`
+    ),
+    proposedAdr3(
+      "testing",
+      "Use Vitest and Playwright",
+      `# Proposed ADR: Use Vitest and Playwright
+
+## Status
+
+Proposed
+
+## Context
+
+The app needs unit, component, and end-to-end testing.
+
+## Decision
+
+Consider Vitest with Testing Library and Playwright, awaiting human acceptance.
+
+## Alternatives Considered
+
+- Jest.
+- Cypress for end-to-end tests.
+
+## Consequences
+
+- Fast unit and component tests plus reliable end-to-end coverage.
+- Teams maintain two test toolchains.
+`
+    )
+  ]
+};
+
+// src/presets/python-fastapi/preset.ts
+var guidance4 = `# Python FastAPI Preset Guidance
+
+This guidance is proposed, not accepted. Convert any choice you adopt into an accepted ADR in
+repository memory. Until then, treat everything here as a recommendation awaiting human review.
+
+## Decision forks this stack forces
+
+- Web framework: FastAPI vs Flask vs Django REST.
+- Database and access: PostgreSQL with SQLAlchemy and Alembic vs an async ORM vs raw SQL.
+- Validation and settings: Pydantic v2 models and settings.
+- Testing: pytest with httpx vs unittest.
+- Background work and caching: Redis, task queues, and async workers.
+
+## Recommended structure (proposed)
+
+- A layered layout: \`api/\` routers, \`services/\` logic, \`repositories/\` data access, \`models/\` schemas.
+- Dependency injection through FastAPI dependencies.
+- Configuration via Pydantic settings loaded from environment variables.
+
+## Testing (proposed)
+
+- pytest with the FastAPI test client or httpx \`AsyncClient\`.
+- A disposable test database and transactional fixtures.
+- Contract tests for request and response schemas.
+
+## Security considerations (proposed)
+
+- Load secrets from environment or a secret manager, never from source.
+- Validate and constrain all input with Pydantic models.
+- Scope authentication and authorization at the dependency layer.
+`;
+function proposedAdr4(topic, title, body) {
+  return {
+    id: `python-fastapi-${topic}`,
+    title,
+    status: "proposed",
+    destination: `docs/adrs/proposed/ADR-PROPOSED-python-fastapi-${topic}.md`,
+    body
+  };
+}
+var pythonFastapiPreset = {
+  id: "python-fastapi",
+  name: "Python FastAPI",
+  description: "Opinionated Python FastAPI opinion pack with proposed decisions only.",
+  templates: [
+    {
+      destination: "docs/ai/presets/python-fastapi-guidance.md",
+      description: "Python FastAPI guidance that remains proposed until accepted.",
+      content: guidance4
+    }
+  ],
+  guidance: [
+    {
+      title: "Keep framework and data choices proposed",
+      body: "FastAPI, the database and ORM, validation, and testing choices must remain proposed until accepted in repository memory."
+    },
+    {
+      title: "Validate all input",
+      body: "Use Pydantic models at the boundary, but record the validation approach as a proposed decision before treating it as accepted."
+    }
+  ],
+  proposedDecisions: [
+    proposedAdr4(
+      "framework",
+      "Use FastAPI",
+      `# Proposed ADR: Use FastAPI
+
+## Status
+
+Proposed
+
+## Context
+
+The service needs a Python web framework for an async API.
+
+## Decision
+
+Consider FastAPI as the web framework, awaiting human acceptance.
+
+## Alternatives Considered
+
+- Flask.
+- Django REST Framework.
+
+## Consequences
+
+- Async support and automatic OpenAPI docs.
+- Requires comfort with type hints and dependency injection.
+`
+    ),
+    proposedAdr4(
+      "database-postgres",
+      "Use PostgreSQL with SQLAlchemy and Alembic",
+      `# Proposed ADR: Use PostgreSQL with SQLAlchemy
+
+## Status
+
+Proposed
+
+## Context
+
+The service needs a relational database and a migration strategy.
+
+## Decision
+
+Consider PostgreSQL with SQLAlchemy and Alembic migrations, awaiting human acceptance.
+
+## Alternatives Considered
+
+- An async ORM such as Tortoise or SQLModel only.
+- Raw SQL with a lightweight driver.
+
+## Consequences
+
+- Mature tooling and explicit migrations.
+- Requires session and connection management discipline.
+`
+    ),
+    proposedAdr4(
+      "validation-pydantic",
+      "Use Pydantic for validation and settings",
+      `# Proposed ADR: Use Pydantic
+
+## Status
+
+Proposed
+
+## Context
+
+The service needs request validation and typed configuration.
+
+## Decision
+
+Consider Pydantic v2 models for validation and settings, awaiting human acceptance.
+
+## Alternatives Considered
+
+- Marshmallow.
+- Hand-written validation.
+
+## Consequences
+
+- Strong typing at the boundary and clear settings.
+- Adds Pydantic to the dependency surface.
+`
+    ),
+    proposedAdr4(
+      "testing-pytest",
+      "Use pytest for testing",
+      `# Proposed ADR: Use pytest
+
+## Status
 
 Proposed
 
@@ -3743,8 +4691,8 @@ function parsePreset(value) {
   if (!result.success) {
     throw new PresetValidationError(
       result.error.issues.map((issue) => {
-        const path16 = issue.path.length > 0 ? `${issue.path.join(".")}: ` : "";
-        return `${path16}${issue.message}`;
+        const path17 = issue.path.length > 0 ? `${issue.path.join(".")}: ` : "";
+        return `${path17}${issue.message}`;
       })
     );
   }
@@ -3770,6 +4718,9 @@ var builtInPresets = validatePresetRegistry([
   genericPreset,
   iosSwiftPreset,
   kotlinAndroidPreset,
+  laravelApiPreset,
+  laravelReactPreset,
+  laravelVuePreset,
   nextjsPreset,
   pythonFastapiPreset
 ]);
@@ -3780,302 +4731,52 @@ function getPreset(id) {
   return builtInPresets.find((preset) => preset.id === id);
 }
 
-// src/commands/init.ts
-var InitError = class extends Error {
-  code;
-  details;
-  constructor(code, message, details = []) {
-    super(message);
-    this.name = "InitError";
-    this.code = code;
-    this.details = details;
-  }
-};
-async function initProject(options) {
-  if (options.force === true && options.reinit !== true && existsSync5(path14.join(options.rootDir, CONFIG_PATH))) {
-    throw new InitError(
-      "EXISTING_INSTALLATION",
-      "Refusing to re-initialize an existing Recall OS installation.",
-      [
-        "An existing .recall/config.json was found in this directory.",
-        "Running init --force here would overwrite existing repository memory.",
-        "Pass --reinit together with --force to overwrite an existing installation."
-      ]
-    );
-  }
-  const preset = resolvePreset(options.preset);
-  const preCommitGates = await detectPreCommitGates(options.rootDir);
-  const config = createDefaultConfig({ preset: preset?.id ?? null, preCommitGates });
-  const files = createInitWriteFiles(options.rootDir, config, preset);
-  const plan = createWritePlan({
-    rootDir: options.rootDir,
-    files,
-    force: options.force
-  });
-  if (plan.hasErrors) {
-    throw new InitError(
-      "WRITE_PLAN_ERROR",
-      "Recall OS init write plan contains errors.",
-      plan.entries.filter((entry) => entry.action === "error").map((entry) => `${entry.path}: ${entry.reason}`)
-    );
-  }
-  const writeResult = await executeWritePlan(plan, { dryRun: options.dryRun });
-  return {
-    preset: preset?.id ?? null,
-    dryRun: options.dryRun ?? false,
-    plan,
-    writeResult
-  };
-}
-function formatInitResult(result) {
-  const lines = [
-    result.dryRun ? "Recall OS init dry run complete." : "Recall OS init complete.",
-    `Preset: ${result.preset ?? "none"}`
-  ];
-  appendWriteSummary(lines, {
-    dryRun: result.dryRun,
-    writeResult: result.writeResult
-  });
-  const hookWritten = result.writeResult.created.includes(PRE_COMMIT_HOOK_PATH) || result.writeResult.overwritten.includes(PRE_COMMIT_HOOK_PATH);
-  if (hookWritten) {
-    lines.push("");
-    lines.push(
-      result.dryRun ? "Pre-commit hook will be written to .recall/hooks/pre-commit." : "Pre-commit hook written to .recall/hooks/pre-commit."
-    );
-    lines.push(`Enable it once per clone: ${HOOKS_PATH_ACTIVATION_COMMAND}`);
-  }
-  if (!result.dryRun) {
-    appendNextSteps(lines, [
-      "Read CLAUDE.md and AGENTS.md, then the docs/ memory they point to.",
-      "Plan your first feature: `recall feature create <name>`.",
-      "Record a decision: `recall adr create <title>`.",
-      "Check repository memory health anytime: `recall doctor`."
-    ]);
-  }
-  return `${lines.join("\n")}
-`;
-}
-function resolvePreset(presetId) {
-  if (presetId === void 0) {
-    return null;
-  }
-  const preset = getPreset(presetId);
-  if (preset === void 0) {
-    throw new InitError("UNKNOWN_PRESET", `Unknown preset "${presetId}".`);
-  }
-  return preset;
-}
-function createInitWriteFiles(rootDir, config, preset) {
-  return [
-    {
-      path: CONFIG_PATH,
-      content: `${JSON.stringify(config, null, 2)}
-`
-    },
-    ...generateInitFiles({ rootDir, preset }),
-    {
-      path: PRE_COMMIT_HOOK_PATH,
-      content: renderPreCommitHook(config.preCommitGates),
-      executable: true
-    }
-  ];
-}
-
-// src/core/mcp/known-servers.ts
-var KNOWN_SERVERS = {
-  figma: {
-    title: "Figma",
-    purpose: "Design variables, components, and layout metadata for building consistent UI.",
-    dataAccessed: [
-      "Design tokens and variables.",
-      "Component and layout metadata.",
-      "Frames and styles."
-    ]
-  },
-  linear: {
-    title: "Linear",
-    purpose: "Tickets, project status, and acceptance criteria.",
-    dataAccessed: [
-      "Issues and tickets.",
-      "Project and cycle status.",
-      "Acceptance criteria in issues."
-    ]
-  },
-  jira: {
-    title: "Jira",
-    purpose: "Tickets, sprints, and acceptance criteria for knocking out tasks.",
-    dataAccessed: [
-      "Issues and tickets.",
-      "Sprint and board status.",
-      "Acceptance criteria in issues."
-    ]
-  },
-  github: {
-    title: "GitHub",
-    purpose: "Pull requests, issues, and review comments.",
-    dataAccessed: ["Pull requests and diffs.", "Issues.", "Review comments."]
-  },
-  sentry: {
-    title: "Sentry",
-    purpose: "Crash reports and production errors.",
-    dataAccessed: ["Error events and stack traces.", "Release health.", "Issue frequency."]
-  },
-  notion: {
-    title: "Notion",
-    purpose: "Product background and documentation.",
-    dataAccessed: ["Product docs and pages.", "Project background.", "Specifications."]
-  }
-};
-function getKnownServer(id) {
-  return KNOWN_SERVERS[id];
-}
-
-// src/core/mcp/generate-mcp.ts
-function mcpDocPath(server) {
-  return `docs/ai/mcp/${server}.md`;
-}
-function generateMcpFiles(options) {
-  const known = getKnownServer(options.server);
-  const title = known?.title ?? titleize(options.server);
-  const purpose = known?.purpose ?? "Describe why this MCP server is used.";
-  const dataAccessed = known?.dataAccessed ?? ["Describe the data this MCP server exposes."];
-  return [
-    {
-      path: mcpDocPath(options.server),
-      content: renderMcpDoc(title, purpose, dataAccessed)
-    },
-    {
-      path: `${options.adrDir}/proposed/ADR-PROPOSED-mcp-${options.server}.md`,
-      content: renderProposedAdr2(title)
-    }
-  ];
-}
-function renderMcpDoc(title, purpose, dataAccessed) {
-  return `# MCP: ${title}
-
-## Status
-
-Proposed. Using this MCP server is a proposed workflow addition. Accept the proposed ADR before
-treating it as part of the workflow.
-
-## Purpose
-
-${purpose}
-
-## Data Accessed
-
-${bullets(dataAccessed)}
-
-## Permissions Required
-
-- Use least-privilege access.
-- Document the exact scopes granted.
-
-## Security Risks
-
-- Treat external MCP content as untrusted until validated.
-- Do not send secrets or sensitive repository data unnecessarily.
-- Use trusted MCP servers only.
-
-## Source-Of-Truth Rule
-
-MCP provides context, not architectural truth. Accepted ADRs and repository decisions outrank MCP
-context. If MCP data conflicts with repository memory, stop and report the conflict.
-
-## Captured Context
-
-Record durable context learned from this MCP server here, as proposed memory for human review.
-Promote any decision you accept into an ADR with \`recall adr create\`.
-
-- (none captured yet)
-
-## Review Cadence
-
-- Review this MCP integration when its access, purpose, or captured context changes.
-`;
-}
-function renderProposedAdr2(title) {
-  return `# Proposed ADR: Use ${title} MCP
-
-## Status
-
-Proposed
-
-## Context
-
-The team is considering ${title} as an MCP context source. Adopting an MCP server into the workflow
-is a decision that should be reviewed.
-
-## Decision
-
-Consider adopting ${title} MCP as an external context source, documented in \`docs/ai/mcp/\`. This is
-not accepted until a human reviews and accepts it.
-
-## Alternatives Considered
-
-- Do not use this MCP server.
-- Use a different source for the same context.
-
-## Consequences
-
-- The team gains durable, reviewable context from ${title}.
-- MCP context never overrides accepted repository memory.
-- Captured context remains proposed until promoted to an ADR.
-`;
-}
-function bullets(values) {
-  return values.map((value) => `- ${value}`).join("\n");
-}
-function titleize(value) {
-  return value.split("-").filter((part) => part.length > 0).map((part) => part.charAt(0).toUpperCase() + part.slice(1)).join(" ");
-}
-
-// src/core/skills/render-skill.ts
-function renderSkill(skill) {
-  const lines = [
-    "---",
-    `name: ${skill.name}`,
-    // JSON-stringify yields a valid double-quoted YAML scalar, so descriptions with any punctuation
-    // stay valid Agent Skills frontmatter.
-    `description: ${JSON.stringify(skill.description)}`,
-    "---",
-    "",
-    `# Skill: ${skill.title}`,
-    "",
-    "## Purpose",
-    "",
-    ...paragraphs(skill.purpose),
-    "",
-    "## Inputs",
-    "",
-    ...bullets2(skill.inputs),
-    "",
-    "## Required Reading",
-    "",
-    ...bullets2(skill.requiredReading),
-    "",
-    "## Output Files",
-    "",
-    ...bullets2(skill.outputFiles),
-    "",
-    "## Process",
-    "",
-    ...numbered(skill.process),
-    ""
-  ];
-  for (const section of skill.extraSections ?? []) {
-    lines.push(`## ${section.heading}`, "", ...bullets2(section.bullets), "");
+// src/core/skills/render-skill.ts
+function renderSkill(skill) {
+  const lines = [
+    "---",
+    `name: ${skill.name}`,
+    // JSON-stringify yields a valid double-quoted YAML scalar, so descriptions with any punctuation
+    // stay valid Agent Skills frontmatter.
+    `description: ${JSON.stringify(skill.description)}`,
+    "---",
+    "",
+    `# Skill: ${skill.title}`,
+    "",
+    "## Purpose",
+    "",
+    ...paragraphs(skill.purpose),
+    "",
+    "## Inputs",
+    "",
+    ...bullets(skill.inputs),
+    "",
+    "## Required Reading",
+    "",
+    ...bullets(skill.requiredReading),
+    "",
+    "## Output Files",
+    "",
+    ...bullets(skill.outputFiles),
+    "",
+    "## Process",
+    "",
+    ...numbered(skill.process),
+    ""
+  ];
+  for (const section of skill.extraSections ?? []) {
+    lines.push(`## ${section.heading}`, "", ...bullets(section.bullets), "");
   }
   lines.push(
     "## Stop Conditions",
     "",
     "Stop and request human decision if:",
     "",
-    ...bullets2(skill.stopConditions),
+    ...bullets(skill.stopConditions),
     "",
     "## Quality Bar",
     "",
-    ...bullets2(skill.qualityBar)
+    ...bullets(skill.qualityBar)
   );
   return `${lines.join("\n")}
 `;
@@ -4090,7 +4791,7 @@ function paragraphs(values) {
   });
   return out;
 }
-function bullets2(values) {
+function bullets(values) {
   return values.map((value) => `- ${value}`);
 }
 function numbered(values) {
@@ -4535,134 +5236,432 @@ var SKILL_CATALOG = [
       "Future agents can tell what the module owns and what it must not own."
     ]
   },
-  {
-    name: "completion-report",
-    title: "Completion Report",
-    description: "Write a completion report with files changed, tests run, results, skipped checks, docs updated, remaining risks, and release readiness notes. Use when recording evidence that a task or feature is complete and ready for review.",
-    purpose: ["Record evidence that a task is complete and safe to review."],
-    inputs: [
-      "Task or feature summary.",
-      "Files changed.",
-      "Commands run.",
-      "Test results.",
-      "Docs updated.",
-      "Known risks."
-    ],
-    requiredReading: [
-      "`docs/50-quality/QUALITY_GATES.md`",
-      "`docs/60-engineering/ENGINEERING_STANDARDS.md`",
-      "Relevant feature `TASKS.md`",
-      "Relevant feature `TEST_PLAN.md`",
-      "Relevant feature `REVIEW.md`"
-    ],
-    outputFiles: [
-      "Relevant feature `COMPLETION_REPORT.md`",
-      "Task or feature docs that need final status updates."
-    ],
-    process: [
-      "Summarize the completed scope.",
-      "List files changed by category.",
-      "List commands run and results.",
-      "List skipped checks and why.",
-      "List docs updated.",
-      "State whether engineering standards were followed.",
-      "List remaining risks and follow-up work.",
-      "State whether the task meets the definition of done."
-    ],
-    stopConditions: [
-      "Test results are missing for risky changes.",
-      "Completion claims conflict with evidence.",
-      "Required docs were not updated.",
-      "Engineering standards were violated.",
-      "Remaining risks are release blockers."
-    ],
-    qualityBar: [
-      "The report is evidence-based.",
-      "It does not hide skipped checks.",
-      "It separates completed work from remaining risk.",
-      "A reviewer can decide what to do next from the report alone."
+  {
+    name: "completion-report",
+    title: "Completion Report",
+    description: "Write a completion report with files changed, tests run, results, skipped checks, docs updated, remaining risks, and release readiness notes. Use when recording evidence that a task or feature is complete and ready for review.",
+    purpose: ["Record evidence that a task is complete and safe to review."],
+    inputs: [
+      "Task or feature summary.",
+      "Files changed.",
+      "Commands run.",
+      "Test results.",
+      "Docs updated.",
+      "Known risks."
+    ],
+    requiredReading: [
+      "`docs/50-quality/QUALITY_GATES.md`",
+      "`docs/60-engineering/ENGINEERING_STANDARDS.md`",
+      "Relevant feature `TASKS.md`",
+      "Relevant feature `TEST_PLAN.md`",
+      "Relevant feature `REVIEW.md`"
+    ],
+    outputFiles: [
+      "Relevant feature `COMPLETION_REPORT.md`",
+      "Task or feature docs that need final status updates."
+    ],
+    process: [
+      "Summarize the completed scope.",
+      "List files changed by category.",
+      "List commands run and results.",
+      "List skipped checks and why.",
+      "List docs updated.",
+      "State whether engineering standards were followed.",
+      "List remaining risks and follow-up work.",
+      "State whether the task meets the definition of done."
+    ],
+    stopConditions: [
+      "Test results are missing for risky changes.",
+      "Completion claims conflict with evidence.",
+      "Required docs were not updated.",
+      "Engineering standards were violated.",
+      "Remaining risks are release blockers."
+    ],
+    qualityBar: [
+      "The report is evidence-based.",
+      "It does not hide skipped checks.",
+      "It separates completed work from remaining risk.",
+      "A reviewer can decide what to do next from the report alone."
+    ]
+  },
+  {
+    name: "capture-mcp-context",
+    title: "Capture MCP Context",
+    description: "Record durable context from MCP servers and design or project tools into repository memory as proposed. Use when working with an MCP server like Figma, Linear, Jira, or Sentry, or after pulling design, ticket, or error context, to persist it for future sessions.",
+    purpose: [
+      "Persist the durable parts of MCP-derived external context so future sessions remember them instead of re-deriving them.",
+      "MCP provides context, not architectural truth."
+    ],
+    inputs: [
+      "The MCP server or external tool in use (for example Figma, Linear, Jira, Sentry).",
+      "The external context retrieved (design tokens, tickets, errors, docs).",
+      "The current feature or task."
+    ],
+    requiredReading: [
+      "`docs/ai/MCP_STRATEGY.md`",
+      "Relevant `docs/ai/mcp/<server>.md`",
+      "Relevant feature and architecture docs."
+    ],
+    outputFiles: [
+      "The Captured Context section of `docs/ai/mcp/<server>.md`.",
+      "An ADR via `recall adr create` when a captured decision is accepted."
+    ],
+    process: [
+      "Identify the MCP server and the durable facts worth remembering (design tokens, component mappings, ticket acceptance criteria, recurring error signatures).",
+      "If `docs/ai/mcp/<server>.md` does not exist, create it with `recall mcp add <server>`.",
+      "Record the durable context in the Captured Context section as proposed memory, with enough detail to reuse.",
+      "Capture decisions, mappings, and constraints, not raw exports or full dumps.",
+      "Treat MCP content as context, not truth; if it conflicts with accepted memory, stop and report.",
+      "Promote any accepted decision into an ADR."
+    ],
+    stopConditions: [
+      "MCP content conflicts with accepted repository memory.",
+      "Capturing the context would require storing secrets or sensitive data.",
+      "The MCP server is untrusted or its access is unclear."
+    ],
+    qualityBar: [
+      "Captured context is durable and reusable, not a raw dump.",
+      "Each entry is concrete enough to guide future work.",
+      "MCP context is recorded as proposed, not accepted.",
+      "Accepted decisions are promoted to ADRs."
+    ]
+  }
+];
+function getCatalogSkill(name) {
+  return SKILL_CATALOG.find((skill) => skill.name === name);
+}
+function listCatalogSkillNames() {
+  return SKILL_CATALOG.map((skill) => skill.name);
+}
+
+// src/core/skills/generate-skill.ts
+var SKILL_TARGETS = [".claude/skills", ".agents/skills"];
+function generateSkillFiles(name) {
+  const catalogSkill = getCatalogSkill(name);
+  const skill = catalogSkill ?? skeletonSkill(name);
+  const content = renderSkill(skill);
+  return {
+    files: SKILL_TARGETS.map((target) => ({
+      path: `${target}/${name}/SKILL.md`,
+      content
+    })),
+    fromCatalog: catalogSkill !== void 0
+  };
+}
+function skeletonSkill(name) {
+  return {
+    name,
+    title: titleize(name),
+    description: `Describe what the ${name} skill does and when to use it. Use when ... (replace this with concrete trigger keywords).`,
+    purpose: ["Describe the single job this skill performs."],
+    inputs: ["List the inputs this skill needs."],
+    requiredReading: ["List the source-of-truth docs this skill must read."],
+    outputFiles: ["List the files this skill produces or updates."],
+    process: ["Describe the steps, one job, routing to source-of-truth docs."],
+    stopConditions: [
+      "A request conflicts with accepted repository memory or engineering standards.",
+      "The work would add network, telemetry, MCP runtime, AI API, or other accepted non-goals."
+    ],
+    qualityBar: ["State how to tell the skill did its job well."]
+  };
+}
+function titleize(name) {
+  return name.split("-").filter((part) => part.length > 0).map((part) => part.charAt(0).toUpperCase() + part.slice(1)).join(" ");
+}
+
+// src/commands/init.ts
+var InitError = class extends Error {
+  code;
+  details;
+  constructor(code, message, details = []) {
+    super(message);
+    this.name = "InitError";
+    this.code = code;
+    this.details = details;
+  }
+};
+async function initProject(options) {
+  if (options.force === true && options.reinit !== true && existsSync6(path15.join(options.rootDir, CONFIG_PATH))) {
+    throw new InitError(
+      "EXISTING_INSTALLATION",
+      "Refusing to re-initialize an existing Recall OS installation.",
+      [
+        "An existing .recall/config.json was found in this directory.",
+        "Running init --force here would overwrite existing repository memory.",
+        "Pass --reinit together with --force to overwrite an existing installation."
+      ]
+    );
+  }
+  const preset = resolvePreset(options.preset);
+  const detected = await inspectRepo(options.rootDir);
+  const preCommitGates = await detectPreCommitGates(options.rootDir);
+  const config = createDefaultConfig({ preset: preset?.id ?? null, preCommitGates });
+  const files = createInitWriteFiles(options.rootDir, config, preset);
+  const plan = createWritePlan({
+    rootDir: options.rootDir,
+    files,
+    force: options.force
+  });
+  if (plan.hasErrors) {
+    throw new InitError(
+      "WRITE_PLAN_ERROR",
+      "Recall OS init write plan contains errors.",
+      plan.entries.filter((entry) => entry.action === "error").map((entry) => `${entry.path}: ${entry.reason}`)
+    );
+  }
+  const writeResult = await executeWritePlan(plan, { dryRun: options.dryRun });
+  return {
+    preset: preset?.id ?? null,
+    dryRun: options.dryRun ?? false,
+    plan,
+    writeResult,
+    detected
+  };
+}
+function formatInitResult(result) {
+  const lines = [
+    result.dryRun ? "Recall OS init dry run complete." : "Recall OS init complete.",
+    `Preset: ${result.preset ?? "none"}`
+  ];
+  if (!result.dryRun) {
+    lines.push(
+      `Generated repository memory, ${listCatalogSkillNames().length} agent skills, a pre-commit hook, a CI workflow, a Claude SessionStart hook, and a Cursor rule that load memory automatically.`
+    );
+  }
+  appendWriteSummary(lines, {
+    dryRun: result.dryRun,
+    writeResult: result.writeResult
+  });
+  appendDetectedStack(lines, result.detected);
+  const hookWritten = result.writeResult.created.includes(PRE_COMMIT_HOOK_PATH) || result.writeResult.overwritten.includes(PRE_COMMIT_HOOK_PATH);
+  if (hookWritten) {
+    lines.push("");
+    lines.push(
+      result.dryRun ? "Pre-commit hook will be written to .recall/hooks/pre-commit." : "Pre-commit hook written to .recall/hooks/pre-commit."
+    );
+    lines.push(`Enable it once per clone: ${HOOKS_PATH_ACTIVATION_COMMAND}`);
+  }
+  if (!result.dryRun) {
+    appendNextSteps(lines, [
+      "Read CLAUDE.md and AGENTS.md, then the docs/ memory they point to.",
+      "AI agent skills are in .claude/skills/ and .agents/skills/ \u2014 restart your AI tool to load them.",
+      "Memory loads automatically per tool: a Claude SessionStart hook (.claude/hooks/session-start.sh), a Cursor rule (.cursor/rules/recall-memory.mdc), and AGENTS.md for Codex.",
+      "CI is wired in .github/workflows/recall.yml; the pre-commit hook is in .recall/hooks/.",
+      "Plan your first feature: `recall feature create <name>`.",
+      "Record a decision: `recall adr create <title>`, then accept it with `recall adr accept`.",
+      "Check repository memory health anytime: `recall doctor`."
+    ]);
+  }
+  return `${lines.join("\n")}
+`;
+}
+function appendDetectedStack(lines, detected) {
+  const hasSignal = detected.languages.length > 0 || detected.frameworks.length > 0 || detected.packageManager !== null || detected.testsEvidence !== null;
+  if (!hasSignal) {
+    return;
+  }
+  const stack = summarizeSignals(detected).filter(
+    (line) => !line.startsWith("- README") && !line.startsWith("- Docs")
+  );
+  lines.push("");
+  lines.push("Detected in this repository (proposed \u2014 review, nothing was accepted):");
+  lines.push(...stack);
+  lines.push(
+    "If any signal is wrong, correct the source file noted. Run `recall adopt` to record this as proposed memory."
+  );
+}
+function resolvePreset(presetId) {
+  if (presetId === void 0) {
+    return null;
+  }
+  const preset = getPreset(presetId);
+  if (preset === void 0) {
+    throw new InitError("UNKNOWN_PRESET", `Unknown preset "${presetId}".`);
+  }
+  return preset;
+}
+function createInitWriteFiles(rootDir, config, preset) {
+  return [
+    {
+      path: CONFIG_PATH,
+      content: `${JSON.stringify(config, null, 2)}
+`
+    },
+    ...generateInitFiles({ rootDir, preset }),
+    {
+      path: PRE_COMMIT_HOOK_PATH,
+      content: renderPreCommitHook(config.preCommitGates),
+      executable: true
+    },
+    // A Claude Code SessionStart hook that injects a memory map every session, so a fresh agent
+    // reliably loads durable memory, plus the settings that wire it (skipped if settings exist).
+    {
+      path: SESSION_START_HOOK_PATH,
+      content: renderSessionStartHook(),
+      executable: true
+    },
+    {
+      path: CLAUDE_SETTINGS_PATH,
+      content: renderClaudeSettings()
+    },
+    // Generate the agent skill set so a fresh repo has the workflows that guide AI agents,
+    // not just the docs. Written to both the Claude and portable Agent Skills targets.
+    ...listCatalogSkillNames().flatMap((name) => generateSkillFiles(name).files)
+  ];
+}
+
+// src/core/mcp/known-servers.ts
+var KNOWN_SERVERS = {
+  figma: {
+    title: "Figma",
+    purpose: "Design variables, components, and layout metadata for building consistent UI.",
+    dataAccessed: [
+      "Design tokens and variables.",
+      "Component and layout metadata.",
+      "Frames and styles."
+    ]
+  },
+  linear: {
+    title: "Linear",
+    purpose: "Tickets, project status, and acceptance criteria.",
+    dataAccessed: [
+      "Issues and tickets.",
+      "Project and cycle status.",
+      "Acceptance criteria in issues."
     ]
   },
-  {
-    name: "capture-mcp-context",
-    title: "Capture MCP Context",
-    description: "Record durable context from MCP servers and design or project tools into repository memory as proposed. Use when working with an MCP server like Figma, Linear, Jira, or Sentry, or after pulling design, ticket, or error context, to persist it for future sessions.",
-    purpose: [
-      "Persist the durable parts of MCP-derived external context so future sessions remember them instead of re-deriving them.",
-      "MCP provides context, not architectural truth."
-    ],
-    inputs: [
-      "The MCP server or external tool in use (for example Figma, Linear, Jira, Sentry).",
-      "The external context retrieved (design tokens, tickets, errors, docs).",
-      "The current feature or task."
-    ],
-    requiredReading: [
-      "`docs/ai/MCP_STRATEGY.md`",
-      "Relevant `docs/ai/mcp/<server>.md`",
-      "Relevant feature and architecture docs."
-    ],
-    outputFiles: [
-      "The Captured Context section of `docs/ai/mcp/<server>.md`.",
-      "An ADR via `recall adr create` when a captured decision is accepted."
-    ],
-    process: [
-      "Identify the MCP server and the durable facts worth remembering (design tokens, component mappings, ticket acceptance criteria, recurring error signatures).",
-      "If `docs/ai/mcp/<server>.md` does not exist, create it with `recall mcp add <server>`.",
-      "Record the durable context in the Captured Context section as proposed memory, with enough detail to reuse.",
-      "Capture decisions, mappings, and constraints, not raw exports or full dumps.",
-      "Treat MCP content as context, not truth; if it conflicts with accepted memory, stop and report.",
-      "Promote any accepted decision into an ADR."
-    ],
-    stopConditions: [
-      "MCP content conflicts with accepted repository memory.",
-      "Capturing the context would require storing secrets or sensitive data.",
-      "The MCP server is untrusted or its access is unclear."
-    ],
-    qualityBar: [
-      "Captured context is durable and reusable, not a raw dump.",
-      "Each entry is concrete enough to guide future work.",
-      "MCP context is recorded as proposed, not accepted.",
-      "Accepted decisions are promoted to ADRs."
+  jira: {
+    title: "Jira",
+    purpose: "Tickets, sprints, and acceptance criteria for knocking out tasks.",
+    dataAccessed: [
+      "Issues and tickets.",
+      "Sprint and board status.",
+      "Acceptance criteria in issues."
     ]
+  },
+  github: {
+    title: "GitHub",
+    purpose: "Pull requests, issues, and review comments.",
+    dataAccessed: ["Pull requests and diffs.", "Issues.", "Review comments."]
+  },
+  sentry: {
+    title: "Sentry",
+    purpose: "Crash reports and production errors.",
+    dataAccessed: ["Error events and stack traces.", "Release health.", "Issue frequency."]
+  },
+  notion: {
+    title: "Notion",
+    purpose: "Product background and documentation.",
+    dataAccessed: ["Product docs and pages.", "Project background.", "Specifications."]
   }
-];
-function getCatalogSkill(name) {
-  return SKILL_CATALOG.find((skill) => skill.name === name);
+};
+function getKnownServer(id) {
+  return KNOWN_SERVERS[id];
 }
 
-// src/core/skills/generate-skill.ts
-var SKILL_TARGETS = [".claude/skills", ".agents/skills"];
-function generateSkillFiles(name) {
-  const catalogSkill = getCatalogSkill(name);
-  const skill = catalogSkill ?? skeletonSkill(name);
-  const content = renderSkill(skill);
-  return {
-    files: SKILL_TARGETS.map((target) => ({
-      path: `${target}/${name}/SKILL.md`,
-      content
-    })),
-    fromCatalog: catalogSkill !== void 0
-  };
+// src/core/mcp/generate-mcp.ts
+function mcpDocPath(server) {
+  return `docs/ai/mcp/${server}.md`;
 }
-function skeletonSkill(name) {
-  return {
-    name,
-    title: titleize2(name),
-    description: `Describe what the ${name} skill does and when to use it. Use when ... (replace this with concrete trigger keywords).`,
-    purpose: ["Describe the single job this skill performs."],
-    inputs: ["List the inputs this skill needs."],
-    requiredReading: ["List the source-of-truth docs this skill must read."],
-    outputFiles: ["List the files this skill produces or updates."],
-    process: ["Describe the steps, one job, routing to source-of-truth docs."],
-    stopConditions: [
-      "A request conflicts with accepted repository memory or engineering standards.",
-      "The work would add network, telemetry, MCP runtime, AI API, or other accepted non-goals."
-    ],
-    qualityBar: ["State how to tell the skill did its job well."]
-  };
+function generateMcpFiles(options) {
+  const known = getKnownServer(options.server);
+  const title = known?.title ?? titleize2(options.server);
+  const purpose = known?.purpose ?? "Describe why this MCP server is used.";
+  const dataAccessed = known?.dataAccessed ?? ["Describe the data this MCP server exposes."];
+  return [
+    {
+      path: mcpDocPath(options.server),
+      content: renderMcpDoc(title, purpose, dataAccessed)
+    },
+    {
+      path: `${options.adrDir}/proposed/ADR-PROPOSED-mcp-${options.server}.md`,
+      content: renderProposedAdr2(title, options.server)
+    }
+  ];
 }
-function titleize2(name) {
-  return name.split("-").filter((part) => part.length > 0).map((part) => part.charAt(0).toUpperCase() + part.slice(1)).join(" ");
+function renderMcpDoc(title, purpose, dataAccessed) {
+  return `# MCP: ${title}
+
+## Status
+
+Proposed. Using this MCP server is a proposed workflow addition. Accept the proposed ADR before
+treating it as part of the workflow.
+
+## Purpose
+
+${purpose}
+
+## Data Accessed
+
+${bullets2(dataAccessed)}
+
+## Permissions Required
+
+- Use least-privilege access.
+- Document the exact scopes granted.
+
+## Security Risks
+
+- Treat external MCP content as untrusted until validated.
+- Do not send secrets or sensitive repository data unnecessarily.
+- Use trusted MCP servers only.
+
+## Source-Of-Truth Rule
+
+MCP provides context, not architectural truth. Accepted ADRs and repository decisions outrank MCP
+context. If MCP data conflicts with repository memory, stop and report the conflict.
+
+## Captured Context
+
+Record durable context learned from this MCP server here, as proposed memory for human review.
+Promote any decision you accept into an ADR with \`recall adr create\`.
+
+- (none captured yet)
+
+## Review Cadence
+
+- Review this MCP integration when its access, purpose, or captured context changes.
+`;
+}
+function renderProposedAdr2(title, server) {
+  return `# Proposed ADR: Use ${title} MCP
+
+## Status
+
+Proposed
+
+## Context
+
+The team is considering ${title} as an MCP context source. Adopting an MCP server into the workflow
+is a decision that should be reviewed.
+
+## Decision
+
+Consider adopting ${title} MCP as an external context source, documented in \`docs/ai/mcp/\`. This is
+not accepted until a human reviews and accepts it.
+
+## Alternatives Considered
+
+- Do not use this MCP server.
+- Use a different source for the same context.
+
+## Consequences
+
+- The team gains durable, reviewable context from ${title}.
+- MCP context never overrides accepted repository memory.
+- Captured context remains proposed until promoted to an ADR.
+
+## Related Documents
+
+- \`docs/ai/mcp/${server}.md\` \u2014 captured ${title} MCP context.
+- \`docs/ai/MCP_STRATEGY.md\` \u2014 how MCP context is captured and ranked.
+`;
+}
+function bullets2(values) {
+  return values.map((value) => `- ${value}`).join("\n");
+}
+function titleize2(value) {
+  return value.split("-").filter((part) => part.length > 0).map((part) => part.charAt(0).toUpperCase() + part.slice(1)).join(" ");
 }
 
 // src/commands/mcp/add.ts
@@ -4746,7 +5745,7 @@ async function loadConfigOrDefault2(rootDir) {
 }
 
 // src/core/generator/generate-module.ts
-import path15 from "path";
+import path16 from "path";
 var moduleTemplates = [
   {
     fileName: "MODULE.md",
@@ -4819,14 +5818,14 @@ Record durable module decisions here.
 ];
 function generateModuleFiles(options) {
   const slug = slugify(options.moduleName);
-  const moduleDir = path15.posix.join(options.modulesDir, slug);
+  const moduleDir = path16.posix.join(options.modulesDir, slug);
   const title = titleizeModuleName(options.moduleName);
   const context = createTemplateContext({
     slug,
     title
   });
   return moduleTemplates.map((template) => ({
-    path: path15.posix.join(moduleDir, template.fileName),
+    path: path16.posix.join(moduleDir, template.fileName),
     content: renderTemplate(template.content, context)
   }));
 }