sequant 1.20.3 → 2.0.1

package/templates/skills/qa/SKILL.md

@@ -97,15 +97,22 @@ fi
 
 **Phase Marker Emission:**
 
-When posting the QA review comment to GitHub, append a phase marker at the end:
+When posting the QA review comment to GitHub, append a phase marker at the end.
+
+**IMPORTANT:** Always include the `commitSHA` field with the current HEAD SHA. This enables incremental re-runs by recording the baseline commit for future QA runs.
+
+```bash
+# Get current HEAD SHA for the phase marker
+COMMIT_SHA=$(git rev-parse HEAD)
+```
 
 ```markdown
-<!-- SEQUANT_PHASE: {"phase":"qa","status":"completed","timestamp":"<ISO-8601>"} -->
+<!-- SEQUANT_PHASE: {"phase":"qa","status":"completed","timestamp":"<ISO-8601>","commitSHA":"<HEAD-SHA>"} -->
 ```
 
 If QA determines AC_NOT_MET, emit:
 ```markdown
-<!-- SEQUANT_PHASE: {"phase":"qa","status":"failed","timestamp":"<ISO-8601>","error":"AC_NOT_MET"} -->
+<!-- SEQUANT_PHASE: {"phase":"qa","status":"failed","timestamp":"<ISO-8601>","error":"AC_NOT_MET","commitSHA":"<HEAD-SHA>"} -->
 ```
 
 Include this marker in every `gh issue comment` that represents QA completion.
@@ -383,7 +390,7 @@ If no feature worktree exists (work was done directly on main):
 # 1. Check for worktree (indicates work may have started)
 worktree_path=$(git worktree list | grep -i "<issue-number>" | awk '{print $1}' | head -1 || true)
 
-# 2. Check for commits on feature branch (vs main)
+# 2. Check for commits on feature branch (vs main) — include ALL file types
 commits_exist=$(git log --oneline main..HEAD 2>/dev/null | head -1)
 
 # 3. Check for uncommitted changes
@@ -391,8 +398,13 @@ uncommitted_changes=$(git status --porcelain | head -1)
 
 # 4. Check for open PR linked to this issue
 pr_exists=$(gh pr list --search "<issue-number>" --state open --json number -q '.[0].number' 2>/dev/null)
+
+# 5. Check for ANY file changes (including .md, prompt-only changes)
+any_diff=$(git diff --name-only main..HEAD 2>/dev/null | head -1 || true)
 ```
 
+**IMPORTANT: Prompt-only and markdown-only changes ARE valid implementations.** Many issues (e.g., skill improvements, documentation features) are implemented entirely via `.md` file changes. The detection logic must count these as real implementation, not skip them.
+
 **Implementation Status Matrix:**
 
 | Worktree | Commits | Uncommitted | PR | Status | Action |
@@ -407,6 +419,20 @@ pr_exists=$(gh pr list --search "<issue-number>" --state open --json number -q '
 **Early Exit Condition:**
 - No commits on feature branch AND no uncommitted changes AND no open PR
 
+**False Negative Prevention (CRITICAL):**
+
+Root cause analysis (#448) found that 33% of multi-attempt QA failures were caused by QA reporting "NOT FOUND" when implementation existed. Common causes:
+
+| Cause | Example | Fix |
+|-------|---------|-----|
+| Prompt-only changes | Skill SKILL.md modifications (#413) | Check `git diff --name-only` for ANY file, not just .ts/.tsx |
+| Cross-repo work | Landing page issue tracked in main repo (#393) | Check exec progress comments for cross-repo indicators |
+| Worktree mismatch | QA runs in wrong directory | Verify `pwd` matches expected worktree path |
+
+**If `git diff --name-only main..HEAD` shows files but standard detection says "NOT FOUND":**
+1. The implementation exists — proceed with QA
+2. Adapt review approach to the file types changed (e.g., review .md changes for content quality rather than TypeScript compilation)
+
 **If early exit triggered:**
 1. **Skip** sub-agent spawning (nothing to check)
 2. **Skip** code review (no code to review)
@@ -446,6 +472,19 @@ No code changes found to review. The acceptance criteria cannot be evaluated wit
 
 **Important:** Do NOT spawn sub-agents when using early exit. This saves tokens and avoids confusing "no changes found" outputs from quality checkers.
 
+**CRITICAL — Before early exit, double-check for false negatives:**
+```bash
+# Final safety check: are there ANY file changes vs main?
+any_changes=$(git diff --name-only main..HEAD 2>/dev/null | wc -l | xargs || echo "0")
+if [[ "$any_changes" -gt 0 ]]; then
+  echo "WARNING: $any_changes files changed but detection said NOT FOUND"
+  echo "Changed files:"
+  git diff --name-only main..HEAD 2>/dev/null | head -20
+  echo "Proceeding with QA instead of early exit."
+  # DO NOT early exit — proceed with QA
+fi
+```
+
 ---
 
 ### Phase 0b: Quality Plan Verification (CONDITIONAL)
@@ -496,7 +535,7 @@ quality_plan_exists=$(gh issue view <issue> --comments --json comments -q '.comm
      sort -u || true)
 
    # Count derived ACs
-   derived_count=$(echo "$derived_acs" | grep -c "AC-" || echo "0")
+   derived_count=$(echo "$derived_acs" | grep -c "AC-" || true)
    echo "Found $derived_count derived ACs"
    ```
 
@@ -560,6 +599,134 @@ quality_plan_exists=$(gh issue view <issue> --comments --json comments -q '.comm
 
 ---
 
+### Phase 0c: Incremental Re-Run Detection (CONDITIONAL)
+
+**When to apply:** On QA re-runs (when a prior QA phase marker exists in issue comments).
+
+**Purpose:** Optimize QA re-runs by detecting what changed since the last QA run and skipping checks whose inputs haven't changed. This significantly reduces token usage and execution time on iterative QA cycles.
+
+**Detection:**
+
+```bash
+# Step 1: Check for prior QA run context in cache
+prior_context=$(npx tsx scripts/qa/qa-cache-cli.ts get-run-context 2>/dev/null || true)
+
+# Step 2: If no cache context found, fall through to full QA run
+if [[ -z "$prior_context" ]] || echo "$prior_context" | grep -q "No QA run context"; then
+  echo "No prior QA context found — running full QA"
+  INCREMENTAL_MODE=false
+else
+  LAST_QA_SHA=$(echo "$prior_context" | jq -r '.lastQACommitSHA')
+  LAST_QA_HASH=$(echo "$prior_context" | jq -r '.lastQADiffHash')
+
+  # Step 3: Validate the commit SHA still exists in git history
+  if ! git cat-file -t "$LAST_QA_SHA" &>/dev/null; then
+    echo "Warning: Last QA commit SHA ($LAST_QA_SHA) not found in history — running full QA"
+    INCREMENTAL_MODE=false
+  else
+    # Step 4: Get files changed since last QA
+    changed_files=$(npx tsx scripts/qa/qa-cache-cli.ts changed-since "$LAST_QA_SHA" 2>/dev/null || true)
+
+    if [[ "$changed_files" == "NO_CHANGES" ]]; then
+      echo "No changes since last QA — all checks can use cached results"
+      INCREMENTAL_MODE=true
+      NO_FILE_CHANGES=true
+    else
+      echo "Changes detected since last QA ($LAST_QA_SHA):"
+      echo "$changed_files" | head -20
+      INCREMENTAL_MODE=true
+      NO_FILE_CHANGES=false
+    fi
+  fi
+fi
+```
+
+**Skip Logic (when INCREMENTAL_MODE=true):**
+
+| Check / Item | Skip Condition | Re-run Condition |
+|-------------|----------------|------------------|
+| Quality checks (type-safety, security, etc.) | Existing diff-hash cache handles this | Hash mismatch -> re-run |
+| Build verification | **Never skip** (always re-run) | Always — cheap and can regress |
+| CI status | **Never skip** (always re-run) | Always — external state changes |
+| AC items with prior status `met` | Skip if NO_FILE_CHANGES=true | Any file changes since last QA |
+| AC items with prior status `not_met` | **Never skip** | Always re-evaluate |
+| AC items with prior status `partially_met` | **Never skip** | Always re-evaluate |
+| AC items with prior status `pending`/`blocked` | **Never skip** | Always re-evaluate |
+
+**AC Re-evaluation Rules:**
+
+When `INCREMENTAL_MODE=true`:
+
+1. **Load prior AC statuses** from run context:
+   ```bash
+   # Extract AC statuses from prior context
+   ac_statuses=$(echo "$prior_context" | jq -r '.acStatuses | to_entries[] | "\(.key)=\(.value)"')
+   ```
+
+2. **For each AC item:**
+   - If prior status is `met` AND `NO_FILE_CHANGES=true`:
+     - **Skip full re-evaluation** — output "Cached: previously MET, no file changes"
+     - Mark as `MET (cached)` in output
+   - If prior status is `met` AND files changed:
+     - **Re-evaluate** — changes may have caused regression
+   - If prior status is `not_met` or `partially_met`:
+     - **Always re-evaluate** — this is the primary purpose of re-runs
+   - If prior status is `pending` or `blocked`:
+     - **Always re-evaluate** — status may have changed
+
+3. **`--no-cache` flag behavior:**
+   - When `--no-cache` is passed, set `INCREMENTAL_MODE=false`
+   - This forces full re-evaluation of ALL checks and AC items
+   - Run context is still saved at the end for future re-runs
+
+**Output Format (Incremental QA Summary):**
+
+When `INCREMENTAL_MODE=true`, prepend this section to the QA output:
+
+```markdown
+### Incremental QA Summary
+
+**Last QA:** <timestamp> (commit: <sha-short>)
+**Changes since last QA:** N files
+
+| Check / AC | Status | Re-run? | Reason |
+|------------|--------|---------|--------|
+| type-safety | PASS | Cached | Diff hash unchanged |
+| security | PASS | Cached | Diff hash unchanged |
+| build | PASS | Re-run | Always fresh |
+| CI status | PASS | Re-run | Always fresh |
+| AC-1 | MET | Cached | Previously MET, no file changes |
+| AC-2 | MET | Re-evaluated | Was NOT_MET |
+| AC-3 | MET | Re-evaluated | Files changed since last QA |
+
+**Summary:** X checks cached, Y re-evaluated, Z always-fresh
+```
+
+**Run Context Persistence:**
+
+After QA completes (regardless of incremental mode), save the run context:
+
+```bash
+# Get current HEAD SHA
+current_sha=$(git rev-parse HEAD)
+# Get current diff hash
+current_hash=$(npx tsx scripts/qa/qa-cache-cli.ts hash)
+
+# Build AC statuses JSON from QA results
+# Example: {"AC-1":"met","AC-2":"not_met","AC-3":"met"}
+ac_json='{"AC-1":"met","AC-2":"not_met"}'  # Replace with actual results
+
+# Save run context
+echo "{
+  \"lastQACommitSHA\": \"$current_sha\",
+  \"lastQADiffHash\": \"$current_hash\",
+  \"acStatuses\": $ac_json,
+  \"timestamp\": \"$(date -u +%Y-%m-%dT%H:%M:%S.000Z)\"
+}" | npx tsx scripts/qa/qa-cache-cli.ts set-run-context
+```
+
+---
+
 ### Phase 1: CI Status Check — REQUIRED
 
 **Purpose:** Check GitHub CI status before finalizing verdict. CI-dependent AC items (e.g., "Tests pass in CI") should reflect actual CI status, not just local test results.
@@ -666,12 +833,110 @@ CI status affects the final verdict through the standard verdict algorithm:
 
 ---
 
+### Small-Diff Fast Path (Size Gate)
+
+**Purpose:** Skip sub-agent spawning for trivial diffs to save ~30s latency and reduce token cost.
+
+**Evaluate the size gate BEFORE spawning any quality check sub-agents:**
+
+```bash
+# 1. Read threshold from settings (default: 100)
+threshold=$(cat .sequant/settings.json 2>/dev/null | grep -o '"smallDiffThreshold"[[:space:]]*:[[:space:]]*[0-9]*' | grep -o '[0-9]*$' || echo "100")
+if [ -z "$threshold" ]; then threshold=100; fi
+
+# 2. Compute diff size (additions + deletions)
+diff_stats=$(git diff origin/main...HEAD --stat | tail -1 || true)
+additions=$(echo "$diff_stats" | grep -o '[0-9]* insertion' | grep -o '[0-9]*' || echo "0")
+deletions=$(echo "$diff_stats" | grep -o '[0-9]* deletion' | grep -o '[0-9]*' || echo "0")
+total_changes=$((${additions:-0} + ${deletions:-0}))
+
+# 3. Check if package.json changed
+pkg_changed=$(git diff origin/main...HEAD --name-only | grep -c '^package\.json$' || true)
+
+# 4. Check security-sensitive paths (reuses existing heuristic from anti-pattern detection)
+security_paths=$(git diff origin/main...HEAD --name-only | grep -iE 'auth|payment|security|server-action|middleware|admin' || true)
+security_sensitive="false"
+if [ -n "$security_paths" ]; then security_sensitive="true"; fi
+
+echo "Size gate: $total_changes lines changed (threshold: $threshold), pkg_changed=$pkg_changed, security=$security_sensitive"
+```
+
+**Size gate decision:**
+
+| Condition | Result |
+|-----------|--------|
+| `total_changes < threshold` AND `pkg_changed == 0` AND `security_sensitive == false` | `SMALL_DIFF=true` — use inline checks |
+| Any condition fails | `SMALL_DIFF=false` — use sub-agents (standard pipeline) |
+| Size gate evaluation errors (e.g., git fails) | `SMALL_DIFF=false` — fall back to full pipeline (AC-5) |
+
+**Log the decision (AC-6):**
+
+```markdown
+### Size Gate
+
+| Check | Value |
+|-------|-------|
+| Diff size | N lines (threshold: T) |
+| package.json changed | Yes/No |
+| Security-sensitive paths | Yes/No [list if yes] |
+| Decision | **Inline checks** / **Sub-agents** |
+```
+
+#### If `SMALL_DIFF=true`: Inline Quality Checks
+
+Run these checks directly (no sub-agents needed):
+
+```bash
+# Type safety: check for 'any' additions
+any_count=$(git diff origin/main...HEAD | grep '^\+' | grep -v '^\+\+\+' | grep -cw 'any' || true)
+
+# Deleted tests check
+deleted_tests=$(git diff origin/main...HEAD --name-only --diff-filter=D | grep -cE '\.(test|spec)\.' || true)
+
+# Scope: files changed count
+files_changed=$(git diff origin/main...HEAD --name-only | wc -l | tr -d ' ')
+
+# Security scan (lightweight — just check for obvious patterns in added lines)
+security_issues=$(git diff origin/main...HEAD | grep '^\+' | grep -v '^\+\+\+' | grep -ciE 'eval\(|innerHTML|dangerouslySetInnerHTML|exec\(|password.*=.*["']|secret.*=.*["']|api.?key.*=.*["']' || true)
+
+echo "Inline checks: any=$any_count, deleted_tests=$deleted_tests, files=$files_changed, security_issues=$security_issues"
+```
+
+**After inline checks, skip to the output template** (the sub-agent section below is not executed).
+
+#### If `SMALL_DIFF=false`: Use Sub-Agents (Standard Pipeline)
+
+Proceed to the standard Quality Checks section below.
+
+---
+
 ### Quality Checks (Multi-Agent) — REQUIRED
 
-**You MUST spawn sub-agents for quality checks.** Do NOT run these checks inline with bash commands. Sub-agents provide parallel execution, better context isolation, and consistent reporting.
+**When `SMALL_DIFF=false`**, you MUST spawn sub-agents for quality checks. Do NOT run these checks inline with bash commands. Sub-agents provide parallel execution, better context isolation, and consistent reporting.
 
 **Execution mode:** Respect the agent execution mode determined above (see "Agent Execution Mode" section).
 
+#### Documentation Issue Detection
+
+Check if this is a documentation-only issue by reading the `SEQUANT_ISSUE_TYPE` environment variable:
+
+```bash
+issue_type="${SEQUANT_ISSUE_TYPE:-}"
+```
+
+**If `SEQUANT_ISSUE_TYPE=docs`**, use the lighter docs QA pipeline:
+
+- **Skip** type safety sub-agent (no TypeScript changes expected)
+- **Skip** security scan sub-agent (no runtime code changes)
+- **Keep** scope/size check (still useful for docs)
+- **Focus review on:** content accuracy, completeness, formatting, and link validity
+
+**Docs QA sub-agents (1 agent instead of 3):**
+
+1. `Task(subagent_type="general-purpose", model="haiku", mode="bypassPermissions", prompt="Run scope and size checks on the current branch vs main. Check for broken links in changed markdown files. Report: files count, diff size, broken links, size assessment.")`
+
+**If `SEQUANT_ISSUE_TYPE` is not set or is not `docs`**, use the standard pipeline below.
+
 #### If parallel mode enabled:
 
 **Spawn ALL THREE agents in a SINGLE message (one Tool call per agent, all in same response):**
@@ -889,6 +1154,7 @@ changed_files=$(git diff main...HEAD --name-only | grep -E '\.(ts|tsx|js|jsx)$'
 | Error Handling | Empty catch block | ⚠️ Medium |
 | Security | Hardcoded secrets | ❌ High |
 | Security | SQL concatenation | ❌ High |
+| Security | Server binds all interfaces (`0.0.0.0`) | ❌ High |
 | Memory | Uncleared interval/timeout | ⚠️ Medium |
 | A11y | Image without alt | ⚠️ Low |
 
@@ -903,7 +1169,61 @@ changed_files=$(git diff main...HEAD --name-only | grep -E '\.(ts|tsx|js|jsx)$'
 
 See [anti-pattern-detection.md](references/anti-pattern-detection.md) for detection commands and full criteria.
 
-### 2f. Call-Site Review (When New Functions Added)
+### 2f. Product Review (When New User-Facing Features Added)
+
+**When to apply:** New CLI commands, MCP tools, configuration options, or other features that end users interact with directly.
+
+**Detection:**
+```bash
+# Detect user-facing changes
+cli_added=$(git diff main...HEAD -- bin/cli.ts | grep -E '^\+.*\.command\(' | wc -l | xargs || true)
+new_commands=$(git diff main...HEAD --name-only | grep -E '^src/commands/' | wc -l | xargs || true)
+mcp_added=$(git diff main...HEAD --name-only | grep -E '^src/mcp/' | wc -l | xargs || true)
+config_changed=$(git diff main...HEAD --name-only | grep -E 'settings|config' | wc -l | xargs || true)
+
+if [[ $((cli_added + new_commands + mcp_added + config_changed)) -gt 0 ]]; then
+  echo "User-facing changes detected - running product review"
+fi
+```
+
+**If user-facing changes detected, answer these questions:**
+
+| Question | What to check |
+|----------|---------------|
+| **First-time setup:** Can a new user go from zero to working? | List every prerequisite. Try the setup path mentally. |
+| **Per-environment differences:** Does this work the same everywhere? | macOS/Linux/Windows, different clients/tools, CI vs local |
+| **What does the user see?** | Walk through the actual UX — wait times, output format, progress indicators |
+| **What happens after?** | Where's the output? What does the user do next? |
+| **Failure modes the user will hit:** | Not code edge cases — real scenarios (wrong directory, missing auth, timeout) |
+
+**Output Format:**
+
+```markdown
+### Product Review
+
+**User-facing changes:** [list new commands/tools/options]
+
+| Question | Finding |
+|----------|---------|
+| First-time setup | [All prerequisites identified? Setup path clear?] |
+| Per-environment | [Any client/platform differences?] |
+| User sees | [Wait times, output format, progress] |
+| After completion | [Where output goes, next steps] |
+| Likely failure modes | [Real user scenarios] |
+
+**Gaps found:** [list any gaps, or "None"]
+```
+
+**Verdict Impact:**
+
+| Finding | Verdict Impact |
+|---------|----------------|
+| No gaps | No impact |
+| Missing prerequisites in docs | `AC_MET_BUT_NOT_A_PLUS` |
+| Feature silently fails in common environment | `AC_NOT_MET` (e.g., wrong cwd, missing auth) |
+| Poor UX but functional | Note in findings |
+
+### 2g. Call-Site Review (When New Functions Added)
 
 **When to apply:** New exported functions are detected in the diff.
 
@@ -1019,7 +1339,7 @@ If the function accepts configuration or mode options:
 
 See [call-site-review.md](references/call-site-review.md) for detailed methodology and examples.
 
-### 2g. CLI Registration Verification (When Option Interfaces Modified)
+### 2h. CLI Registration Verification (When Option Interfaces Modified)
 
 **When to apply:** `RunOptions` or similar CLI option interfaces are modified in the diff.
 
@@ -1139,6 +1459,23 @@ For each AC item, mark as:
 
 Provide a sentence or two explaining why.
 
+#### AC Literal Verification (REQUIRED)
+
+**Before marking any AC as MET**, verify the implementation matches the AC text literally, not just in spirit:
+
+1. **Extract specific technical claims** from the AC text (commands, flags, function names, config keys, UI elements)
+2. **Search the implementation** for each claim using Grep or Read — do not assume presence
+3. **If the AC mentions a flag** (e.g., `--file <relevant-files>`), verify that flag appears in the code
+4. **If the AC says "works end-to-end"**, trace the full call chain from entry point to execution
+
+**Example:** If AC says *"shells out to `aider --yes --no-auto-commits --message '<prompt>' --file <relevant-files>`"*:
+- Verify `--yes` is in args array ✅
+- Verify `--no-auto-commits` is in args array ✅
+- Verify `--message` is in args array ✅
+- Verify `--file` is in args array — **if missing, AC is NOT MET** ❌
+
+Do NOT mark MET based on "the general intent is satisfied." The AC text is the contract — verify it literally.
+
 ### 3a. AC Status Persistence — REQUIRED
 
 **After evaluating each AC item**, update the status in workflow state using the state CLI:
@@ -1201,6 +1538,7 @@ See [testing-requirements.md](references/testing-requirements.md) for edge case
 2. "Do the tests actually test the feature's primary purpose, or just pass?"
 3. "What's the most likely way this feature could break in production?"
 4. "Am I giving a positive verdict because the code looks clean, or because I verified it works?"
+5. "Are there 'design choices' I'm excusing that are actually bad practices?" (e.g., no version pinning, leaking secrets to unnecessary env vars, non-portable shell in example code, no input validation). Would I accept this in a code review from a junior developer?
 
 **Include this section in your output:**
 
@@ -1819,7 +2157,34 @@ npx tsx scripts/state/update.ts fail <issue-number> qa "AC not met"
 
 **Before responding, verify your output includes ALL of these:**
 
-### Standard QA (Implementation Exists)
+### Simple Fix Mode (`SMALL_DIFF=true`)
+
+When the size gate determined `SMALL_DIFF=true`, use the **simplified output template**. The following sections are **omitted** (not marked N/A — completely absent):
+
+- Quality Plan Verification
+- Incremental QA Summary
+- Call-Site Review
+- Product Review
+- Smoke Test
+- CLI Registration Verification
+- Skill Command Verification
+- Script Verification Override
+- Skill Change Review
+
+**Required sections for simple fix mode:**
+
+- [ ] **Size Gate** - Size gate decision table with threshold, diff size, and decision
+- [ ] **AC Coverage** - Each AC item marked as MET, PARTIALLY_MET, NOT_MET, PENDING, or N/A
+- [ ] **Quality Metrics** - Type issues, deleted tests, files changed, additions/deletions (from inline checks)
+- [ ] **Code Review Findings** - Strengths, issues, suggestions
+- [ ] **Test Coverage Analysis** - Changed files with/without tests, critical paths flagged
+- [ ] **Anti-Pattern Detection** - Code patterns check (lightweight)
+- [ ] **Self-Evaluation Completed** - Adversarial self-evaluation section included
+- [ ] **Verdict** - One of: READY_FOR_MERGE, AC_MET_BUT_NOT_A_PLUS, NEEDS_VERIFICATION, AC_NOT_MET
+- [ ] **Documentation Check** - README/docs updated if feature adds new functionality
+- [ ] **Next Steps** - Clear, actionable recommendations
+
+### Standard QA (Implementation Exists, `SMALL_DIFF=false`)
 
 - [ ] **Self-Evaluation Completed** - Adversarial self-evaluation section included in output
 - [ ] **AC Coverage** - Each AC item marked as MET, PARTIALLY_MET, NOT_MET, PENDING, or N/A
@@ -1856,6 +2221,103 @@ When early exit is triggered (no commits, no uncommitted changes, no PR):
 
 ## Output Template
 
+### Simple Fix Template (`SMALL_DIFF=true`)
+
+When the size gate triggers simple fix mode, use this shorter template:
+
+```markdown
+## QA Review for Issue #<N> (Simple Fix)
+
+### Size Gate
+
+| Check | Value |
+|-------|-------|
+| Diff size | N lines (threshold: T) |
+| package.json changed | No |
+| Security-sensitive paths | No |
+| Decision | **Inline checks** |
+
+### AC Coverage
+
+| AC | Description | Status | Notes |
+|----|-------------|--------|-------|
+| AC-1 | [description] | MET/NOT_MET | [explanation] |
+
+**Coverage:** X/Y AC items fully met
+
+---
+
+### Quality Metrics
+
+| Metric | Value | Status |
+|--------|-------|--------|
+| Type issues (`any`) | X | OK/WARN |
+| Deleted tests | X | OK/WARN |
+| Files changed | X | OK/WARN |
+| Lines added | +X | - |
+| Lines deleted | -X | - |
+| Security patterns | X | OK/WARN |
+
+---
+
+### Code Review
+
+**Strengths:**
+- [Positive findings]
+
+**Issues:**
+- [Problems found]
+
+**Suggestions:**
+- [Improvements recommended]
+
+---
+
+### Test Coverage Analysis
+
+| Changed File | Tier | Has Tests? | Test File |
+|--------------|------|------------|-----------|
+| `[file]` | Critical/Standard/Optional | Yes/No | `[test file or -]` |
+
+**Coverage:** X/Y changed source files have corresponding tests
+
+---
+
+### Anti-Pattern Detection
+
+| File:Line | Category | Pattern | Suggestion |
+|-----------|----------|---------|------------|
+| [location] | [category] | [pattern] | [fix] |
+
+---
+
+### Self-Evaluation
+
+- **Verified working:** [Yes/No]
+- **Test efficacy:** [High/Medium/Low]
+- **Likely failure mode:** [description]
+- **Verdict confidence:** [High/Medium/Low]
+
+---
+
+### Verdict: [READY_FOR_MERGE | AC_MET_BUT_NOT_A_PLUS | NEEDS_VERIFICATION | AC_NOT_MET]
+
+[Explanation of verdict]
+
+### Documentation
+
+- [ ] N/A - Simple fix, no documentation needed
+- [ ] README/docs updated
+
+### Next Steps
+
+1. [Action item]
+```
+
+---
+
+### Standard Template (`SMALL_DIFF=false`)
+
 You MUST include these sections:
 
 ```markdown
@@ -1895,6 +2357,21 @@ You MUST include these sections:
 
 ---
 
+### Incremental QA Summary
+
+[Include if INCREMENTAL_MODE=true from Phase 0c, otherwise: "N/A - First QA run"]
+
+**Last QA:** <timestamp> (commit: <sha-short>)
+**Changes since last QA:** N files
+
+| Check / AC | Status | Re-run? | Reason |
+|------------|--------|---------|--------|
+| [check/AC] | [status] | Cached / Re-run / Re-evaluated | [reason] |
+
+**Summary:** X checks cached, Y re-evaluated, Z always-fresh
+
+---
+
 ### CI Status
 
 [Include if PR exists, otherwise: "No PR exists yet" or "No CI configured"]

package/templates/skills/qa/scripts/quality-checks.sh

@@ -369,7 +369,7 @@ if [[ -n "$shell_scripts" ]]; then
       unused_count=0
       for func in $funcs; do
         # Count calls (excluding the definition line)
-        call_count=$(grep -c "\b${func}\b" "$script" 2>/dev/null || echo "0")
+        call_count=$(grep -c "\b${func}\b" "$script" 2>/dev/null || true)
         if [[ $call_count -lt 2 ]]; then  # Only definition, no calls
           echo "   ⚠️  Function '$func' defined but possibly not called"
           unused_count=$((unused_count + 1))