shipwright-cli 1.9.0 → 2.0.0

package/scripts/sw-pipeline.sh

@@ -6,7 +6,12 @@
 set -euo pipefail
 trap 'echo "ERROR: $BASH_SOURCE:$LINENO exited with status $?" >&2' ERR
 
-VERSION="1.9.0"
+# Allow spawning Claude CLI from within a Claude Code session (daemon, fleet, etc.)
+unset CLAUDECODE 2>/dev/null || true
+# Ignore SIGHUP so tmux attach/detach doesn't kill long-running plan/design/review stages
+trap '' HUP
+
+VERSION="2.0.0"
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 REPO_DIR="$(cd "$SCRIPT_DIR/.." && pwd)"
 
@@ -46,6 +51,10 @@ fi
 if [[ -f "$SCRIPT_DIR/sw-adversarial.sh" ]]; then
     source "$SCRIPT_DIR/sw-adversarial.sh"
 fi
+# shellcheck source=sw-pipeline-vitals.sh
+if [[ -f "$SCRIPT_DIR/sw-pipeline-vitals.sh" ]]; then
+    source "$SCRIPT_DIR/sw-pipeline-vitals.sh"
+fi
 
 # ─── GitHub API Modules (optional) ─────────────────────────────────────────
 # shellcheck source=sw-github-graphql.sh
@@ -99,6 +108,54 @@ format_duration() {
     fi
 }
 
+_pipeline_compact_goal() {
+    local goal="$1"
+    local plan_file="${2:-}"
+    local design_file="${3:-}"
+    local compact="$goal"
+
+    # Include plan summary (first 20 lines only)
+    if [[ -n "$plan_file" && -f "$plan_file" ]]; then
+        compact="${compact}
+
+## Plan Summary
+$(head -20 "$plan_file" 2>/dev/null || true)
+[... full plan in .claude/pipeline-artifacts/plan.md]"
+    fi
+
+    # Include design key decisions only (grep for headers)
+    if [[ -n "$design_file" && -f "$design_file" ]]; then
+        compact="${compact}
+
+## Key Design Decisions
+$(grep -E '^#{1,3} ' "$design_file" 2>/dev/null | head -10 || true)
+[... full design in .claude/pipeline-artifacts/design.md]"
+    fi
+
+    echo "$compact"
+}
+
+load_composed_pipeline() {
+    local spec_file="$1"
+    [[ ! -f "$spec_file" ]] && return 1
+
+    # Read enabled stages from composed spec
+    local composed_stages
+    composed_stages=$(jq -r '.stages // [] | .[] | .id' "$spec_file" 2>/dev/null) || return 1
+    [[ -z "$composed_stages" ]] && return 1
+
+    # Override enabled stages
+    COMPOSED_STAGES="$composed_stages"
+
+    # Override per-stage settings
+    local build_max
+    build_max=$(jq -r '.stages[] | select(.id=="build") | .max_iterations // ""' "$spec_file" 2>/dev/null) || true
+    [[ -n "$build_max" && "$build_max" != "null" ]] && COMPOSED_BUILD_ITERATIONS="$build_max"
+
+    emit_event "pipeline.composed_loaded" "stages=$(echo "$composed_stages" | wc -l | tr -d ' ')"
+    return 0
+}
+
 # ─── Structured Event Log ──────────────────────────────────────────────────
 # Appends JSON events to ~/.shipwright/events.jsonl for metrics/traceability
 
@@ -159,6 +216,8 @@ DRY_RUN=false
 IGNORE_BUDGET=false
 COMPLETED_STAGES=""
 MAX_ITERATIONS_OVERRIDE=""
+MAX_RESTARTS_OVERRIDE=""
+FAST_TEST_CMD_OVERRIDE=""
 PR_NUMBER=""
 AUTO_WORKTREE=false
 WORKTREE_NAME=""
@@ -222,6 +281,8 @@ show_help() {
     echo -e "  ${DIM}--slack-webhook <url>${RESET}     Send notifications to Slack"
     echo -e "  ${DIM}--self-heal <n>${RESET}            Build→test retry cycles on failure (default: 2)"
     echo -e "  ${DIM}--max-iterations <n>${RESET}       Override max build loop iterations"
+    echo -e "  ${DIM}--max-restarts <n>${RESET}         Max session restarts in build loop"
+    echo -e "  ${DIM}--fast-test-cmd <cmd>${RESET}      Fast/subset test for build loop"
     echo -e "  ${DIM}--completed-stages \"a,b\"${RESET}   Skip these stages (CI resume)"
     echo ""
     echo -e "${BOLD}STAGES${RESET}  ${DIM}(configurable per pipeline template)${RESET}"
@@ -304,6 +365,15 @@ parse_args() {
             --dry-run)     DRY_RUN=true; shift ;;
             --slack-webhook) SLACK_WEBHOOK="$2"; shift 2 ;;
             --self-heal)   BUILD_TEST_RETRIES="${2:-3}"; shift 2 ;;
+            --max-restarts)
+                MAX_RESTARTS_OVERRIDE="$2"
+                if ! [[ "$MAX_RESTARTS_OVERRIDE" =~ ^[0-9]+$ ]]; then
+                    error "--max-restarts must be numeric (got: $MAX_RESTARTS_OVERRIDE)"
+                    exit 1
+                fi
+                shift 2 ;;
+
+            --fast-test-cmd) FAST_TEST_CMD_OVERRIDE="$2"; shift 2 ;;
             --help|-h)     show_help; exit 0 ;;
             *)
                 if [[ -z "$PIPELINE_NAME_ARG" ]]; then
@@ -476,6 +546,9 @@ cleanup_on_exit() {
         git stash pop --quiet 2>/dev/null || true
     fi
 
+    # Cancel lingering in_progress GitHub Check Runs
+    pipeline_cancel_check_runs 2>/dev/null || true
+
     # Update GitHub
     if [[ -n "${ISSUE_NUMBER:-}" && "${GH_AVAILABLE:-false}" == "true" ]]; then
         gh_comment_issue "$ISSUE_NUMBER" "⏸️ **Pipeline interrupted** at stage: ${CURRENT_STAGE_ID:-unknown}" 2>/dev/null || true
@@ -1039,6 +1112,7 @@ LOG_ENTRIES=""
 
 save_artifact() {
     local name="$1" content="$2"
+    mkdir -p "$ARTIFACTS_DIR" 2>/dev/null || true
     echo "$content" > "$ARTIFACTS_DIR/$name"
 }
 
@@ -1196,6 +1270,80 @@ mark_stage_complete() {
     if [[ "${NO_GITHUB:-false}" != "true" ]] && type gh_checks_stage_update &>/dev/null 2>&1; then
         gh_checks_stage_update "$stage_id" "completed" "success" "Stage $stage_id: ${timing}" 2>/dev/null || true
     fi
+
+    # Persist artifacts to feature branch after expensive stages
+    case "$stage_id" in
+        plan)   persist_artifacts "plan" "plan.md" "dod.md" "context-bundle.md" ;;
+        design) persist_artifacts "design" "design.md" ;;
+    esac
+}
+
+persist_artifacts() {
+    # Commit and push pipeline artifacts to the feature branch mid-pipeline.
+    # Only runs in CI — local runs skip. Non-fatal: logs failure but never crashes.
+    [[ "${CI_MODE:-false}" != "true" ]] && return 0
+    [[ -z "${ISSUE_NUMBER:-}" ]] && return 0
+    [[ -z "${ARTIFACTS_DIR:-}" ]] && return 0
+
+    local stage="${1:-unknown}"
+    shift
+    local files=("$@")
+
+    # Collect files that actually exist
+    local to_add=()
+    for f in "${files[@]}"; do
+        local path="${ARTIFACTS_DIR}/${f}"
+        if [[ -f "$path" && -s "$path" ]]; then
+            to_add+=("$path")
+        fi
+    done
+
+    if [[ ${#to_add[@]} -eq 0 ]]; then
+        warn "persist_artifacts($stage): no artifact files found — skipping"
+        return 0
+    fi
+
+    info "Persisting ${#to_add[@]} artifact(s) after stage ${stage}..."
+
+    (
+        git add "${to_add[@]}" 2>/dev/null || true
+        if ! git diff --cached --quiet 2>/dev/null; then
+            git commit -m "chore: persist ${stage} artifacts for #${ISSUE_NUMBER} [skip ci]" --no-verify 2>/dev/null || true
+            local branch="shipwright/issue-${ISSUE_NUMBER}"
+            git push origin "HEAD:refs/heads/$branch" --force 2>/dev/null || true
+            emit_event "artifacts.persisted" "issue=${ISSUE_NUMBER}" "stage=$stage" "file_count=${#to_add[@]}"
+        fi
+    ) 2>/dev/null || {
+        warn "persist_artifacts($stage): push failed — non-fatal, continuing"
+        emit_event "artifacts.persist_failed" "issue=${ISSUE_NUMBER}" "stage=$stage"
+    }
+
+    return 0
+}
+
+verify_stage_artifacts() {
+    # Check that required artifacts exist and are non-empty for a given stage.
+    # Returns 0 if all artifacts are present, 1 if any are missing.
+    local stage_id="$1"
+    [[ -z "${ARTIFACTS_DIR:-}" ]] && return 0
+
+    local required=()
+    case "$stage_id" in
+        plan)   required=("plan.md") ;;
+        design) required=("design.md" "plan.md") ;;
+        *)      return 0 ;;  # No artifact check needed
+    esac
+
+    local missing=0
+    for f in "${required[@]}"; do
+        local path="${ARTIFACTS_DIR}/${f}"
+        if [[ ! -f "$path" || ! -s "$path" ]]; then
+            warn "verify_stage_artifacts($stage_id): missing or empty: $f"
+            missing=1
+        fi
+    done
+
+    return "$missing"
 }
 
 mark_stage_failed() {
@@ -1261,6 +1409,7 @@ initialize_state() {
 
 write_state() {
     [[ -z "${STATE_FILE:-}" || -z "${ARTIFACTS_DIR:-}" ]] && return 0
+    mkdir -p "$(dirname "$STATE_FILE")" 2>/dev/null || true
     local stages_yaml=""
     while IFS=: read -r sid sstatus; do
         [[ -z "$sid" ]] && continue
@@ -1283,28 +1432,31 @@ write_state() {
         stage_progress=$(build_stage_progress)
     fi
 
-    cat > "$STATE_FILE" <<EOF
+    cat > "$STATE_FILE" <<'_SW_STATE_END_'
 ---
-pipeline: $PIPELINE_NAME
-goal: "$GOAL"
-status: $PIPELINE_STATUS
-issue: "${GITHUB_ISSUE:-}"
-branch: "${GIT_BRANCH:-}"
-template: "${TASK_TYPE:+$(template_for_type "$TASK_TYPE")}"
-current_stage: $CURRENT_STAGE
-current_stage_description: "${cur_stage_desc}"
-stage_progress: "${stage_progress}"
-started_at: ${STARTED_AT:-$(now_iso)}
-updated_at: $(now_iso)
-elapsed: ${total_dur:-0s}
-pr_number: ${PR_NUMBER:-}
-progress_comment_id: ${PROGRESS_COMMENT_ID:-}
-stages:
-${stages_yaml}---
-
-## Log
-$LOG_ENTRIES
-EOF
+_SW_STATE_END_
+    # Write state with printf to avoid heredoc delimiter injection
+    {
+        printf 'pipeline: %s\n' "$PIPELINE_NAME"
+        printf 'goal: "%s"\n' "$GOAL"
+        printf 'status: %s\n' "$PIPELINE_STATUS"
+        printf 'issue: "%s"\n' "${GITHUB_ISSUE:-}"
+        printf 'branch: "%s"\n' "${GIT_BRANCH:-}"
+        printf 'template: "%s"\n' "${TASK_TYPE:+$(template_for_type "$TASK_TYPE")}"
+        printf 'current_stage: %s\n' "$CURRENT_STAGE"
+        printf 'current_stage_description: "%s"\n' "${cur_stage_desc}"
+        printf 'stage_progress: "%s"\n' "${stage_progress}"
+        printf 'started_at: %s\n' "${STARTED_AT:-$(now_iso)}"
+        printf 'updated_at: %s\n' "$(now_iso)"
+        printf 'elapsed: %s\n' "${total_dur:-0s}"
+        printf 'pr_number: %s\n' "${PR_NUMBER:-}"
+        printf 'progress_comment_id: %s\n' "${PROGRESS_COMMENT_ID:-}"
+        printf 'stages:\n'
+        printf '%s' "${stages_yaml}"
+        printf -- '---\n\n'
+        printf '## Log\n'
+        printf '%s\n' "$LOG_ENTRIES"
+    } >> "$STATE_FILE"
 }
 
 resume_state() {
@@ -1576,6 +1728,12 @@ stage_plan() {
 
     info "Generating implementation plan..."
 
+    # ── Gather context bundle (if context engine available) ──
+    local context_script="${SCRIPT_DIR}/sw-context.sh"
+    if [[ -x "$context_script" ]]; then
+        "$context_script" gather --goal "$GOAL" --stage plan 2>/dev/null || true
+    fi
+
     # Build rich prompt with all available context
     local plan_prompt="You are an autonomous development agent. Analyze this codebase and create a detailed implementation plan.
 
@@ -1591,6 +1749,19 @@ ${ISSUE_BODY}
 "
     fi
 
+    # Inject context bundle from context engine (if available)
+    local _context_bundle="${ARTIFACTS_DIR}/context-bundle.md"
+    if [[ -f "$_context_bundle" ]]; then
+        local _cb_content
+        _cb_content=$(cat "$_context_bundle" 2>/dev/null | head -100 || true)
+        if [[ -n "$_cb_content" ]]; then
+            plan_prompt="${plan_prompt}
+## Pipeline Context
+${_cb_content}
+"
+        fi
+    fi
+
     # Inject intelligence memory context for similar past plans
     if type intelligence_search_memory &>/dev/null 2>&1; then
         local plan_memory
@@ -1693,12 +1864,24 @@ Checklist of completion criteria.
     parse_claude_tokens "$_token_log"
 
     if [[ ! -s "$plan_file" ]]; then
-        error "Plan generation failed"
+        error "Plan generation failed — empty output"
+        return 1
+    fi
+
+    # Validate plan content — detect API/CLI errors masquerading as plans
+    local _plan_fatal="Invalid API key|invalid_api_key|authentication_error|API key expired"
+    _plan_fatal="${_plan_fatal}|rate_limit_error|overloaded_error|Could not resolve host|ANTHROPIC_API_KEY"
+    if grep -qiE "$_plan_fatal" "$plan_file" 2>/dev/null; then
+        error "Plan stage produced API/CLI error instead of a plan: $(head -1 "$plan_file" | cut -c1-100)"
         return 1
     fi
 
     local line_count
     line_count=$(wc -l < "$plan_file" | xargs)
+    if [[ "$line_count" -lt 3 ]]; then
+        error "Plan too short (${line_count} lines) — likely an error, not a real plan"
+        return 1
+    fi
     info "Plan saved: ${DIM}$plan_file${RESET} (${line_count} lines)"
 
     # Extract task checklist for GitHub issue and task tracking
@@ -2071,12 +2254,24 @@ Be concrete and specific. Reference actual file paths in the codebase. Consider
     parse_claude_tokens "$_token_log"
 
     if [[ ! -s "$design_file" ]]; then
-        error "Design generation failed"
+        error "Design generation failed — empty output"
+        return 1
+    fi
+
+    # Validate design content — detect API/CLI errors masquerading as designs
+    local _design_fatal="Invalid API key|invalid_api_key|authentication_error|API key expired"
+    _design_fatal="${_design_fatal}|rate_limit_error|overloaded_error|Could not resolve host|ANTHROPIC_API_KEY"
+    if grep -qiE "$_design_fatal" "$design_file" 2>/dev/null; then
+        error "Design stage produced API/CLI error instead of a design: $(head -1 "$design_file" | cut -c1-100)"
         return 1
     fi
 
     local line_count
     line_count=$(wc -l < "$design_file" | xargs)
+    if [[ "$line_count" -lt 3 ]]; then
+        error "Design too short (${line_count} lines) — likely an error, not a real design"
+        return 1
+    fi
     info "Design saved: ${DIM}$design_file${RESET} (${line_count} lines)"
 
     # Extract file lists for build stage awareness
@@ -2127,22 +2322,9 @@ stage_build() {
         memory_context=$(bash "$SCRIPT_DIR/sw-memory.sh" inject "build" 2>/dev/null) || true
     fi
 
-    # Build enriched goal with full context
-    local enriched_goal="$GOAL"
-    if [[ -s "$plan_file" ]]; then
-        enriched_goal="$GOAL
-
-Implementation plan (follow this exactly):
-$(cat "$plan_file")"
-    fi
-
-    # Inject approved design document
-    if [[ -s "$design_file" ]]; then
-        enriched_goal="${enriched_goal}
-
-Follow the approved design document:
-$(cat "$design_file")"
-    fi
+    # Build enriched goal with compact context (avoids prompt bloat)
+    local enriched_goal
+    enriched_goal=$(_pipeline_compact_goal "$GOAL" "$plan_file" "$design_file")
 
     # Inject memory context
     if [[ -n "$memory_context" ]]; then
@@ -2263,6 +2445,11 @@ Coverage baseline: ${coverage_baseline}% — do not decrease coverage."
         [[ "$quality" == "true" ]] && loop_args+=(--quality-gates)
     fi
 
+    # Session restart capability
+    [[ -n "${MAX_RESTARTS_OVERRIDE:-}" ]] && loop_args+=(--max-restarts "$MAX_RESTARTS_OVERRIDE")
+    # Fast test mode
+    [[ -n "${FAST_TEST_CMD_OVERRIDE:-}" ]] && loop_args+=(--fast-test-cmd "$FAST_TEST_CMD_OVERRIDE")
+
     # Definition of Done: use plan-extracted DoD if available
     [[ -s "$dod_file" ]] && loop_args+=(--definition-of-done "$dod_file")
 
@@ -2279,7 +2466,23 @@ Coverage baseline: ${coverage_baseline}% — do not decrease coverage."
     local _token_log="${ARTIFACTS_DIR}/.claude-tokens-build.log"
     export PIPELINE_JOB_ID="${PIPELINE_NAME:-pipeline-$$}"
     sw loop "${loop_args[@]}" < /dev/null 2>"$_token_log" || {
+        local _loop_exit=$?
         parse_claude_tokens "$_token_log"
+
+        # Detect context exhaustion from progress file
+        local _progress_file="${PWD}/.claude/loop-logs/progress.md"
+        if [[ -f "$_progress_file" ]]; then
+            local _prog_tests
+            _prog_tests=$(grep -oE 'Tests passing: (true|false)' "$_progress_file" 2>/dev/null | awk '{print $NF}' || echo "unknown")
+            if [[ "$_prog_tests" != "true" ]]; then
+                warn "Build loop exhausted with failing tests (context exhaustion)"
+                emit_event "pipeline.context_exhaustion" "issue=${ISSUE_NUMBER:-0}" "stage=build"
+                # Write flag for daemon retry logic
+                mkdir -p "$ARTIFACTS_DIR" 2>/dev/null || true
+                echo "context_exhaustion" > "$ARTIFACTS_DIR/failure-reason.txt" 2>/dev/null || true
+            fi
+        fi
+
         error "Build loop failed"
         return 1
     }
@@ -2392,7 +2595,7 @@ ${log_excerpt}
     # Post test results to GitHub
     if [[ -n "$ISSUE_NUMBER" ]]; then
         local test_summary
-        test_summary=$(tail -10 "$test_log")
+        test_summary=$(tail -10 "$test_log" | sed 's/\x1b\[[0-9;]*m//g')
         local cov_line=""
         [[ -n "$coverage" ]] && cov_line="
 **Coverage:** ${coverage}%"
@@ -2406,6 +2609,16 @@ ${test_summary}
 </details>"
     fi
 
+    # Write coverage summary for pre-deploy gate
+    local _cov_pct=0
+    if [[ -f "$ARTIFACTS_DIR/test-results.log" ]]; then
+        _cov_pct=$(grep -oE '[0-9]+%' "$ARTIFACTS_DIR/test-results.log" 2>/dev/null | head -1 | tr -d '%' || true)
+        _cov_pct="${_cov_pct:-0}"
+    fi
+    local _cov_tmp
+    _cov_tmp=$(mktemp "${ARTIFACTS_DIR}/test-coverage.json.tmp.XXXXXX")
+    printf '{"coverage_pct":%d}' "${_cov_pct:-0}" > "$_cov_tmp" && mv "$_cov_tmp" "$ARTIFACTS_DIR/test-coverage.json" || rm -f "$_cov_tmp"
+
     log_stage "test" "Tests passed${coverage:+ (coverage: ${coverage}%)}"
 }
 
@@ -2788,6 +3001,19 @@ stage_pr() {
         fi
     fi
 
+    # Pre-PR diff gate — verify meaningful code changes exist (not just bookkeeping)
+    local real_changes
+    real_changes=$(git diff --name-only "origin/${BASE_BRANCH:-main}...HEAD" \
+        -- . ':!.claude/loop-state.md' ':!.claude/pipeline-state.md' \
+        ':!.claude/pipeline-artifacts/*' ':!**/progress.md' \
+        ':!**/error-summary.json' 2>/dev/null | wc -l | xargs || echo "0")
+    if [[ "${real_changes:-0}" -eq 0 ]]; then
+        error "No meaningful code changes detected — only bookkeeping files modified"
+        error "Refusing to create PR with zero real changes"
+        return 1
+    fi
+    info "Pre-PR diff check: ${real_changes} real files changed"
+
     # Build PR title — prefer GOAL over plan file first line
     # (plan file first line often contains Claude analysis text, not a clean title)
     local pr_title=""
@@ -2799,6 +3025,12 @@ stage_pr() {
     fi
     [[ -z "$pr_title" ]] && pr_title="Pipeline changes for issue ${ISSUE_NUMBER:-unknown}"
 
+    # Sanitize: reject PR titles that look like error messages
+    if echo "$pr_title" | grep -qiE 'Invalid API|API key|authentication_error|rate_limit|CLI error|no useful output'; then
+        warn "PR title looks like an error message: $pr_title"
+        pr_title="Pipeline changes for issue ${ISSUE_NUMBER:-unknown}"
+    fi
+
     # Build comprehensive PR body
     local plan_summary=""
     if [[ -s "$plan_file" ]]; then
@@ -2807,7 +3039,7 @@ stage_pr() {
 
     local test_summary=""
     if [[ -s "$test_log" ]]; then
-        test_summary=$(tail -10 "$test_log")
+        test_summary=$(tail -10 "$test_log" | sed 's/\x1b\[[0-9;]*m//g')
     fi
 
     local review_summary=""
@@ -3229,41 +3461,157 @@ stage_deploy() {
         fi
     fi
 
-    # Post deploy start to GitHub
-    if [[ -n "$ISSUE_NUMBER" ]]; then
-        gh_comment_issue "$ISSUE_NUMBER" "🚀 **Deploy started**"
+    # ── Pre-deploy gates ──
+    local pre_deploy_ci
+    pre_deploy_ci=$(jq -r --arg id "deploy" '(.stages[] | select(.id == $id) | .config.pre_deploy_ci_status) // "true"' "$PIPELINE_CONFIG" 2>/dev/null) || true
+
+    if [[ "${pre_deploy_ci:-true}" == "true" && "${NO_GITHUB:-false}" != "true" && -n "${REPO_OWNER:-}" && -n "${REPO_NAME:-}" ]]; then
+        info "Pre-deploy gate: checking CI status..."
+        local ci_failures
+        ci_failures=$(gh api "repos/${REPO_OWNER}/${REPO_NAME}/commits/${GIT_BRANCH:-HEAD}/check-runs" \
+            --jq '[.check_runs[] | select(.conclusion != null and .conclusion != "success" and .conclusion != "skipped")] | length' 2>/dev/null || echo "0")
+        if [[ "${ci_failures:-0}" -gt 0 ]]; then
+            error "Pre-deploy gate FAILED: ${ci_failures} CI check(s) not passing"
+            [[ -n "$ISSUE_NUMBER" ]] && gh_comment_issue "$ISSUE_NUMBER" "Pre-deploy gate: ${ci_failures} CI checks failing" 2>/dev/null || true
+            return 1
+        fi
+        success "Pre-deploy gate: all CI checks passing"
     fi
 
-    if [[ -n "$staging_cmd" ]]; then
-        info "Deploying to staging..."
-        bash -c "$staging_cmd" > "$ARTIFACTS_DIR/deploy-staging.log" 2>&1 || {
-            error "Staging deploy failed"
-            [[ -n "$ISSUE_NUMBER" ]] && gh_comment_issue "$ISSUE_NUMBER" "❌ Staging deploy failed"
-            # Mark GitHub deployment as failed
-            if [[ "${NO_GITHUB:-false}" != "true" ]] && type gh_deploy_pipeline_complete &>/dev/null 2>&1; then
-                gh_deploy_pipeline_complete "$REPO_OWNER" "$REPO_NAME" "$gh_deploy_env" false "Staging deploy failed" 2>/dev/null || true
-            fi
+    local pre_deploy_min_cov
+    pre_deploy_min_cov=$(jq -r --arg id "deploy" '(.stages[] | select(.id == $id) | .config.pre_deploy_min_coverage) // ""' "$PIPELINE_CONFIG" 2>/dev/null) || true
+    if [[ -n "${pre_deploy_min_cov:-}" && "${pre_deploy_min_cov}" != "null" && -f "$ARTIFACTS_DIR/test-coverage.json" ]]; then
+        local actual_cov
+        actual_cov=$(jq -r '.coverage_pct // 0' "$ARTIFACTS_DIR/test-coverage.json" 2>/dev/null || echo "0")
+        if [[ "${actual_cov:-0}" -lt "$pre_deploy_min_cov" ]]; then
+            error "Pre-deploy gate FAILED: coverage ${actual_cov}% < required ${pre_deploy_min_cov}%"
+            [[ -n "$ISSUE_NUMBER" ]] && gh_comment_issue "$ISSUE_NUMBER" "Pre-deploy gate: coverage ${actual_cov}% below minimum ${pre_deploy_min_cov}%" 2>/dev/null || true
             return 1
-        }
-        success "Staging deploy complete"
+        fi
+        success "Pre-deploy gate: coverage ${actual_cov}% >= ${pre_deploy_min_cov}%"
     fi
 
-    if [[ -n "$prod_cmd" ]]; then
-        info "Deploying to production..."
-        bash -c "$prod_cmd" > "$ARTIFACTS_DIR/deploy-prod.log" 2>&1 || {
-            error "Production deploy failed"
-            if [[ -n "$rollback_cmd" ]]; then
-                warn "Rolling back..."
-                bash -c "$rollback_cmd" 2>&1 || error "Rollback also failed!"
+    # Post deploy start to GitHub
+    if [[ -n "$ISSUE_NUMBER" ]]; then
+        gh_comment_issue "$ISSUE_NUMBER" "Deploy started"
+    fi
+
+    # ── Deploy strategy ──
+    local deploy_strategy
+    deploy_strategy=$(jq -r --arg id "deploy" '(.stages[] | select(.id == $id) | .config.deploy_strategy) // "direct"' "$PIPELINE_CONFIG" 2>/dev/null) || true
+    [[ "$deploy_strategy" == "null" ]] && deploy_strategy="direct"
+
+    local canary_cmd promote_cmd switch_cmd health_url deploy_log
+    canary_cmd=$(jq -r --arg id "deploy" '(.stages[] | select(.id == $id) | .config.canary_cmd) // ""' "$PIPELINE_CONFIG" 2>/dev/null) || true
+    [[ "$canary_cmd" == "null" ]] && canary_cmd=""
+    promote_cmd=$(jq -r --arg id "deploy" '(.stages[] | select(.id == $id) | .config.promote_cmd) // ""' "$PIPELINE_CONFIG" 2>/dev/null) || true
+    [[ "$promote_cmd" == "null" ]] && promote_cmd=""
+    switch_cmd=$(jq -r --arg id "deploy" '(.stages[] | select(.id == $id) | .config.switch_cmd) // ""' "$PIPELINE_CONFIG" 2>/dev/null) || true
+    [[ "$switch_cmd" == "null" ]] && switch_cmd=""
+    health_url=$(jq -r --arg id "deploy" '(.stages[] | select(.id == $id) | .config.health_url) // ""' "$PIPELINE_CONFIG" 2>/dev/null) || true
+    [[ "$health_url" == "null" ]] && health_url=""
+    deploy_log="$ARTIFACTS_DIR/deploy.log"
+
+    case "$deploy_strategy" in
+        canary)
+            info "Canary deployment strategy..."
+            if [[ -z "$canary_cmd" ]]; then
+                warn "No canary_cmd configured — falling back to direct"
+                deploy_strategy="direct"
+            else
+                info "Deploying canary..."
+                bash -c "$canary_cmd" >> "$deploy_log" 2>&1 || { error "Canary deploy failed"; return 1; }
+
+                if [[ -n "$health_url" ]]; then
+                    local canary_healthy=0
+                    local _chk
+                    for _chk in 1 2 3; do
+                        sleep 10
+                        local _status
+                        _status=$(curl -s -o /dev/null -w "%{http_code}" "$health_url" 2>/dev/null || echo "0")
+                        if [[ "$_status" -ge 200 && "$_status" -lt 400 ]]; then
+                            canary_healthy=$((canary_healthy + 1))
+                        fi
+                    done
+                    if [[ "$canary_healthy" -lt 2 ]]; then
+                        error "Canary health check failed ($canary_healthy/3 passed) — rolling back"
+                        [[ -n "$rollback_cmd" ]] && bash -c "$rollback_cmd" 2>/dev/null || true
+                        return 1
+                    fi
+                    success "Canary healthy ($canary_healthy/3 checks passed)"
+                fi
+
+                info "Promoting canary to full deployment..."
+                if [[ -n "$promote_cmd" ]]; then
+                    bash -c "$promote_cmd" >> "$deploy_log" 2>&1 || { error "Promote failed"; return 1; }
+                fi
+                success "Canary promoted"
             fi
-            [[ -n "$ISSUE_NUMBER" ]] && gh_comment_issue "$ISSUE_NUMBER" "❌ Production deploy failed — rollback ${rollback_cmd:+attempted}"
-            # Mark GitHub deployment as failed
-            if [[ "${NO_GITHUB:-false}" != "true" ]] && type gh_deploy_pipeline_complete &>/dev/null 2>&1; then
-                gh_deploy_pipeline_complete "$REPO_OWNER" "$REPO_NAME" "$gh_deploy_env" false "Production deploy failed" 2>/dev/null || true
+            ;;
+        blue-green)
+            info "Blue-green deployment strategy..."
+            if [[ -z "$staging_cmd" || -z "$switch_cmd" ]]; then
+                warn "Blue-green requires staging_cmd + switch_cmd — falling back to direct"
+                deploy_strategy="direct"
+            else
+                info "Deploying to inactive environment..."
+                bash -c "$staging_cmd" >> "$deploy_log" 2>&1 || { error "Blue-green staging failed"; return 1; }
+
+                if [[ -n "$health_url" ]]; then
+                    local bg_healthy=0
+                    local _chk
+                    for _chk in 1 2 3; do
+                        sleep 5
+                        local _status
+                        _status=$(curl -s -o /dev/null -w "%{http_code}" "$health_url" 2>/dev/null || echo "0")
+                        [[ "$_status" -ge 200 && "$_status" -lt 400 ]] && bg_healthy=$((bg_healthy + 1))
+                    done
+                    if [[ "$bg_healthy" -lt 2 ]]; then
+                        error "Blue-green health check failed — not switching"
+                        return 1
+                    fi
+                fi
+
+                info "Switching traffic..."
+                bash -c "$switch_cmd" >> "$deploy_log" 2>&1 || { error "Traffic switch failed"; return 1; }
+                success "Blue-green switch complete"
             fi
-            return 1
-        }
-        success "Production deploy complete"
+            ;;
+    esac
+
+    # ── Direct deployment (default or fallback) ──
+    if [[ "$deploy_strategy" == "direct" ]]; then
+        if [[ -n "$staging_cmd" ]]; then
+            info "Deploying to staging..."
+            bash -c "$staging_cmd" > "$ARTIFACTS_DIR/deploy-staging.log" 2>&1 || {
+                error "Staging deploy failed"
+                [[ -n "$ISSUE_NUMBER" ]] && gh_comment_issue "$ISSUE_NUMBER" "Staging deploy failed"
+                # Mark GitHub deployment as failed
+                if [[ "${NO_GITHUB:-false}" != "true" ]] && type gh_deploy_pipeline_complete &>/dev/null 2>&1; then
+                    gh_deploy_pipeline_complete "$REPO_OWNER" "$REPO_NAME" "$gh_deploy_env" false "Staging deploy failed" 2>/dev/null || true
+                fi
+                return 1
+            }
+            success "Staging deploy complete"
+        fi
+
+        if [[ -n "$prod_cmd" ]]; then
+            info "Deploying to production..."
+            bash -c "$prod_cmd" > "$ARTIFACTS_DIR/deploy-prod.log" 2>&1 || {
+                error "Production deploy failed"
+                if [[ -n "$rollback_cmd" ]]; then
+                    warn "Rolling back..."
+                    bash -c "$rollback_cmd" 2>&1 || error "Rollback also failed!"
+                fi
+                [[ -n "$ISSUE_NUMBER" ]] && gh_comment_issue "$ISSUE_NUMBER" "Production deploy failed — rollback ${rollback_cmd:+attempted}"
+                # Mark GitHub deployment as failed
+                if [[ "${NO_GITHUB:-false}" != "true" ]] && type gh_deploy_pipeline_complete &>/dev/null 2>&1; then
+                    gh_deploy_pipeline_complete "$REPO_OWNER" "$REPO_NAME" "$gh_deploy_env" false "Production deploy failed" 2>/dev/null || true
+                fi
+                return 1
+            }
+            success "Production deploy complete"
+        fi
     fi
 
     if [[ -n "$ISSUE_NUMBER" ]]; then
@@ -4449,127 +4797,1512 @@ run_dod_audit() {
     return 0
 }
 
-compound_rebuild_with_feedback() {
-    local feedback_file="$ARTIFACTS_DIR/quality-feedback.md"
+# ─── Intelligent Pipeline Orchestration ──────────────────────────────────────
+# AGI-like decision making: skip, classify, adapt, reassess, backtrack
+
+# Global state for intelligence features
+PIPELINE_BACKTRACK_COUNT="${PIPELINE_BACKTRACK_COUNT:-0}"
+PIPELINE_MAX_BACKTRACKS=2
+PIPELINE_ADAPTIVE_COMPLEXITY=""
+
+# ──────────────────────────────────────────────────────────────────────────────
+# 1. Intelligent Stage Skipping
+# Evaluates whether a stage should be skipped based on triage score, complexity,
+# issue labels, and diff size. Called before each stage in run_pipeline().
+# Returns 0 if the stage SHOULD be skipped, 1 if it should run.
+# ──────────────────────────────────────────────────────────────────────────────
+pipeline_should_skip_stage() {
+    local stage_id="$1"
+    local reason=""
 
-    # Collect all findings
-    {
-        echo "# Quality Feedback — Issues to Fix"
-        echo ""
-        if [[ -f "$ARTIFACTS_DIR/adversarial-review.md" ]]; then
-            echo "## Adversarial Review Findings"
-            cat "$ARTIFACTS_DIR/adversarial-review.md"
-            echo ""
-        fi
-        if [[ -f "$ARTIFACTS_DIR/negative-review.md" ]]; then
-            echo "## Negative Prompting Concerns"
-            cat "$ARTIFACTS_DIR/negative-review.md"
-            echo ""
-        fi
-        if [[ -f "$ARTIFACTS_DIR/dod-audit.md" ]]; then
-            echo "## DoD Audit Failures"
-            grep "❌" "$ARTIFACTS_DIR/dod-audit.md" 2>/dev/null || true
-            echo ""
-        fi
-        if [[ -f "$ARTIFACTS_DIR/security-audit.log" ]] && grep -qiE 'critical|high' "$ARTIFACTS_DIR/security-audit.log" 2>/dev/null; then
-            echo "## Security Audit Findings"
-            cat "$ARTIFACTS_DIR/security-audit.log"
-            echo ""
-        fi
-        if [[ -f "$ARTIFACTS_DIR/api-compat.log" ]] && grep -qi 'BREAKING' "$ARTIFACTS_DIR/api-compat.log" 2>/dev/null; then
-            echo "## API Breaking Changes"
-            cat "$ARTIFACTS_DIR/api-compat.log"
-            echo ""
-        fi
-    } > "$feedback_file"
+    # Never skip intake or build — they're always required
+    case "$stage_id" in
+        intake|build|test|pr|merge) return 1 ;;
+    esac
 
-    # Validate feedback file has actual content
-    if [[ ! -s "$feedback_file" ]]; then
-        warn "No quality feedback collected — skipping rebuild"
-        return 1
+    # ── Signal 1: Triage score (from intelligence analysis) ──
+    local triage_score="${INTELLIGENCE_COMPLEXITY:-0}"
+    # Convert: high triage score (simple issue) means skip more stages
+    # INTELLIGENCE_COMPLEXITY is 1-10 (1=simple, 10=complex)
+    # Score >= 70 in daemon means simple → complexity 1-3
+    local complexity="${INTELLIGENCE_COMPLEXITY:-5}"
+
+    # ── Signal 2: Issue labels ──
+    local labels="${ISSUE_LABELS:-}"
+
+    # Documentation issues: skip test, review, compound_quality
+    if echo ",$labels," | grep -qiE ',documentation,|,docs,|,typo,'; then
+        case "$stage_id" in
+            test|review|compound_quality)
+                reason="label:documentation"
+                ;;
+        esac
     fi
 
-    # Reset build/test stages
-    set_stage_status "build" "pending"
-    set_stage_status "test" "pending"
-    set_stage_status "review" "pending"
+    # Hotfix issues: skip plan, design, compound_quality
+    if echo ",$labels," | grep -qiE ',hotfix,|,urgent,|,p0,'; then
+        case "$stage_id" in
+            plan|design|compound_quality)
+                reason="label:hotfix"
+                ;;
+        esac
+    fi
 
-    # Augment GOAL with quality feedback
-    local original_goal="$GOAL"
-    local feedback_content
-    feedback_content=$(cat "$feedback_file")
-    GOAL="$GOAL
+    # ── Signal 3: Intelligence complexity ──
+    if [[ -z "$reason" && "$complexity" -gt 0 ]]; then
+        # Complexity 1-2: very simple → skip design, compound_quality, review
+        if [[ "$complexity" -le 2 ]]; then
+            case "$stage_id" in
+                design|compound_quality|review)
+                    reason="complexity:${complexity}/10"
+                    ;;
+            esac
+        # Complexity 1-3: simple → skip design
+        elif [[ "$complexity" -le 3 ]]; then
+            case "$stage_id" in
+                design)
+                    reason="complexity:${complexity}/10"
+                    ;;
+            esac
+        fi
+    fi
 
-IMPORTANT — Compound quality review found issues. Fix ALL of these:
-$feedback_content
+    # ── Signal 4: Diff size (after build) ──
+    if [[ -z "$reason" && "$stage_id" == "compound_quality" ]]; then
+        local diff_lines=0
+        local _skip_stat
+        _skip_stat=$(git diff "${BASE_BRANCH:-main}...HEAD" --stat 2>/dev/null | tail -1) || true
+        if [[ -n "${_skip_stat:-}" ]]; then
+            local _s_ins _s_del
+            _s_ins=$(echo "$_skip_stat" | grep -oE '[0-9]+ insertion' | grep -oE '[0-9]+') || true
+            _s_del=$(echo "$_skip_stat" | grep -oE '[0-9]+ deletion' | grep -oE '[0-9]+') || true
+            diff_lines=$(( ${_s_ins:-0} + ${_s_del:-0} ))
+        fi
+        diff_lines="${diff_lines:-0}"
+        if [[ "$diff_lines" -gt 0 && "$diff_lines" -lt 20 ]]; then
+            reason="diff_size:${diff_lines}_lines"
+        fi
+    fi
 
-Fix every issue listed above while keeping all existing functionality working."
+    # ── Signal 5: Mid-pipeline reassessment override ──
+    if [[ -z "$reason" && -f "$ARTIFACTS_DIR/reassessment.json" ]]; then
+        local skip_stages
+        skip_stages=$(jq -r '.skip_stages // [] | .[]' "$ARTIFACTS_DIR/reassessment.json" 2>/dev/null || true)
+        if echo "$skip_stages" | grep -qx "$stage_id" 2>/dev/null; then
+            reason="reassessment:simpler_than_expected"
+        fi
+    fi
 
-    # Re-run self-healing build→test
-    info "Rebuilding with quality feedback..."
-    if self_healing_build_test; then
-        GOAL="$original_goal"
+    if [[ -n "$reason" ]]; then
+        emit_event "intelligence.stage_skipped" \
+            "issue=${ISSUE_NUMBER:-0}" \
+            "stage=$stage_id" \
+            "reason=$reason" \
+            "complexity=${complexity}" \
+            "labels=${labels}"
+        echo "$reason"
         return 0
-    else
-        GOAL="$original_goal"
-        return 1
     fi
+
+    return 1
 }
 
-stage_compound_quality() {
-    CURRENT_STAGE_ID="compound_quality"
+# ──────────────────────────────────────────────────────────────────────────────
+# 2. Smart Finding Classification & Routing
+# Parses compound quality findings and classifies each as:
+#   architecture, security, correctness, style
+# Returns JSON with classified findings and routing recommendations.
+# ──────────────────────────────────────────────────────────────────────────────
+classify_quality_findings() {
+    local findings_dir="$ARTIFACTS_DIR"
+    local result_file="$ARTIFACTS_DIR/classified-findings.json"
 
-    # Read config
-    local max_cycles adversarial_enabled negative_enabled e2e_enabled dod_enabled strict_quality
-    max_cycles=$(jq -r --arg id "compound_quality" '(.stages[] | select(.id == $id) | .config.max_cycles) // 3' "$PIPELINE_CONFIG" 2>/dev/null) || true
-    [[ -z "$max_cycles" || "$max_cycles" == "null" ]] && max_cycles=3
-    adversarial_enabled=$(jq -r --arg id "compound_quality" '(.stages[] | select(.id == $id) | .config.adversarial) // true' "$PIPELINE_CONFIG" 2>/dev/null) || true
-    negative_enabled=$(jq -r --arg id "compound_quality" '(.stages[] | select(.id == $id) | .config.negative) // true' "$PIPELINE_CONFIG" 2>/dev/null) || true
-    e2e_enabled=$(jq -r --arg id "compound_quality" '(.stages[] | select(.id == $id) | .config.e2e) // true' "$PIPELINE_CONFIG" 2>/dev/null) || true
-    dod_enabled=$(jq -r --arg id "compound_quality" '(.stages[] | select(.id == $id) | .config.dod_audit) // true' "$PIPELINE_CONFIG" 2>/dev/null) || true
-    strict_quality=$(jq -r --arg id "compound_quality" '(.stages[] | select(.id == $id) | .config.strict_quality) // false' "$PIPELINE_CONFIG" 2>/dev/null) || true
-    [[ -z "$strict_quality" || "$strict_quality" == "null" ]] && strict_quality="false"
+    # Initialize counters
+    local arch_count=0 security_count=0 correctness_count=0 performance_count=0 testing_count=0 style_count=0
 
-    # Convergence tracking
-    local prev_issue_count=-1
+    # Start building JSON array
+    local findings_json="[]"
 
-    local cycle=0
-    while [[ "$cycle" -lt "$max_cycles" ]]; do
-        cycle=$((cycle + 1))
-        local all_passed=true
+    # ── Parse adversarial review ──
+    if [[ -f "$findings_dir/adversarial-review.md" ]]; then
+        local adv_content
+        adv_content=$(cat "$findings_dir/adversarial-review.md" 2>/dev/null || true)
 
-        echo ""
-        echo -e "${PURPLE}${BOLD}━━━ Compound Quality — Cycle ${cycle}/${max_cycles} ━━━${RESET}"
+        # Architecture findings: dependency violations, layer breaches, circular refs
+        local arch_findings
+        arch_findings=$(echo "$adv_content" | grep -ciE 'architect|layer.*violation|circular.*depend|coupling|abstraction|design.*flaw|separation.*concern' 2>/dev/null || true)
+        arch_count=$((arch_count + ${arch_findings:-0}))
 
-        if [[ -n "$ISSUE_NUMBER" ]]; then
-            gh_comment_issue "$ISSUE_NUMBER" "🔬 **Compound quality** — cycle ${cycle}/${max_cycles}" 2>/dev/null || true
+        # Security findings
+        local sec_findings
+        sec_findings=$(echo "$adv_content" | grep -ciE 'security|vulnerab|injection|XSS|CSRF|auth.*bypass|privilege|sanitiz|escap' 2>/dev/null || true)
+        security_count=$((security_count + ${sec_findings:-0}))
+
+        # Correctness findings: bugs, logic errors, edge cases
+        local corr_findings
+        corr_findings=$(echo "$adv_content" | grep -ciE '\*\*\[?(Critical|Bug|Error|critical|high)\]?\*\*|race.*condition|null.*pointer|off.*by.*one|edge.*case|undefined.*behav' 2>/dev/null || true)
+        correctness_count=$((correctness_count + ${corr_findings:-0}))
+
+        # Performance findings
+        local perf_findings
+        perf_findings=$(echo "$adv_content" | grep -ciE 'latency|slow|memory leak|O\(n|N\+1|cache miss|performance|bottleneck|throughput' 2>/dev/null || true)
+        performance_count=$((performance_count + ${perf_findings:-0}))
+
+        # Testing findings
+        local test_findings
+        test_findings=$(echo "$adv_content" | grep -ciE 'untested|missing test|no coverage|flaky|test gap|test missing|coverage gap' 2>/dev/null || true)
+        testing_count=$((testing_count + ${test_findings:-0}))
+
+        # Style findings
+        local style_findings
+        style_findings=$(echo "$adv_content" | grep -ciE 'naming|convention|format|style|readabil|inconsisten|whitespace|comment' 2>/dev/null || true)
+        style_count=$((style_count + ${style_findings:-0}))
+    fi
+
+    # ── Parse architecture validation ──
+    if [[ -f "$findings_dir/compound-architecture-validation.json" ]]; then
+        local arch_json_count
+        arch_json_count=$(jq '[.[] | select(.severity == "critical" or .severity == "high")] | length' "$findings_dir/compound-architecture-validation.json" 2>/dev/null || echo "0")
+        arch_count=$((arch_count + ${arch_json_count:-0}))
+    fi
+
+    # ── Parse security audit ──
+    if [[ -f "$findings_dir/security-audit.log" ]]; then
+        local sec_audit
+        sec_audit=$(grep -ciE 'critical|high' "$findings_dir/security-audit.log" 2>/dev/null || true)
+        security_count=$((security_count + ${sec_audit:-0}))
+    fi
+
+    # ── Parse negative review ──
+    if [[ -f "$findings_dir/negative-review.md" ]]; then
+        local neg_corr
+        neg_corr=$(grep -ciE '\[Critical\]|\[High\]' "$findings_dir/negative-review.md" 2>/dev/null || true)
+        correctness_count=$((correctness_count + ${neg_corr:-0}))
+    fi
+
+    # ── Determine routing ──
+    # Priority order: security > architecture > correctness > performance > testing > style
+    local route="correctness"  # default
+    local needs_backtrack=false
+    local priority_findings=""
+
+    if [[ "$security_count" -gt 0 ]]; then
+        route="security"
+        priority_findings="security:${security_count}"
+    fi
+
+    if [[ "$arch_count" -gt 0 ]]; then
+        if [[ "$route" == "correctness" ]]; then
+            route="architecture"
+            needs_backtrack=true
+        fi
+        priority_findings="${priority_findings:+${priority_findings},}architecture:${arch_count}"
+    fi
+
+    if [[ "$correctness_count" -gt 0 ]]; then
+        priority_findings="${priority_findings:+${priority_findings},}correctness:${correctness_count}"
+    fi
+
+    if [[ "$performance_count" -gt 0 ]]; then
+        if [[ "$route" == "correctness" && "$correctness_count" -eq 0 ]]; then
+            route="performance"
+        fi
+        priority_findings="${priority_findings:+${priority_findings},}performance:${performance_count}"
+    fi
+
+    if [[ "$testing_count" -gt 0 ]]; then
+        if [[ "$route" == "correctness" && "$correctness_count" -eq 0 && "$performance_count" -eq 0 ]]; then
+            route="testing"
         fi
+        priority_findings="${priority_findings:+${priority_findings},}testing:${testing_count}"
+    fi
 
-        # 1. Adversarial Review
-        if [[ "$adversarial_enabled" == "true" ]]; then
-            echo ""
-            info "Running adversarial review..."
-            if ! run_adversarial_review; then
-                all_passed=false
+    # Style findings don't affect routing or count toward failure threshold
+    local total_blocking=$((arch_count + security_count + correctness_count + performance_count + testing_count))
+
+    # Write classified findings
+    local tmp_findings
+    tmp_findings="$(mktemp)"
+    jq -n \
+        --argjson arch "$arch_count" \
+        --argjson security "$security_count" \
+        --argjson correctness "$correctness_count" \
+        --argjson performance "$performance_count" \
+        --argjson testing "$testing_count" \
+        --argjson style "$style_count" \
+        --argjson total_blocking "$total_blocking" \
+        --arg route "$route" \
+        --argjson needs_backtrack "$needs_backtrack" \
+        --arg priority "$priority_findings" \
+        '{
+            architecture: $arch,
+            security: $security,
+            correctness: $correctness,
+            performance: $performance,
+            testing: $testing,
+            style: $style,
+            total_blocking: $total_blocking,
+            route: $route,
+            needs_backtrack: $needs_backtrack,
+            priority_findings: $priority
+        }' > "$tmp_findings" 2>/dev/null && mv "$tmp_findings" "$result_file" || rm -f "$tmp_findings"
+
+    emit_event "intelligence.findings_classified" \
+        "issue=${ISSUE_NUMBER:-0}" \
+        "architecture=$arch_count" \
+        "security=$security_count" \
+        "correctness=$correctness_count" \
+        "performance=$performance_count" \
+        "testing=$testing_count" \
+        "style=$style_count" \
+        "route=$route" \
+        "needs_backtrack=$needs_backtrack"
+
+    echo "$route"
+}
+
+# ──────────────────────────────────────────────────────────────────────────────
+# 3. Adaptive Cycle Limits
+# Replaces hardcoded max_cycles with convergence-driven limits.
+# Takes the base limit, returns an adjusted limit based on:
+#   - Learned iteration model
+#   - Convergence/divergence signals
+#   - Budget constraints
+#   - Hard ceiling (2x template max)
+# ──────────────────────────────────────────────────────────────────────────────
+pipeline_adaptive_cycles() {
+    local base_limit="$1"
+    local context="${2:-compound_quality}"  # compound_quality or build_test
+    local current_issue_count="${3:-0}"
+    local prev_issue_count="${4:--1}"
+
+    local adjusted="$base_limit"
+    local hard_ceiling=$((base_limit * 2))
+
+    # ── Learned iteration model ──
+    local model_file="${HOME}/.shipwright/optimization/iteration-model.json"
+    if [[ -f "$model_file" ]]; then
+        local learned
+        learned=$(jq -r --arg ctx "$context" '.[$ctx].recommended_cycles // 0' "$model_file" 2>/dev/null || echo "0")
+        if [[ "$learned" -gt 0 && "$learned" -le "$hard_ceiling" ]]; then
+            adjusted="$learned"
+        fi
+    fi
+
+    # ── Convergence acceleration ──
+    # If issue count drops >50% per cycle, extend limit by 1 (we're making progress)
+    if [[ "$prev_issue_count" -gt 0 && "$current_issue_count" -ge 0 ]]; then
+        local half_prev=$((prev_issue_count / 2))
+        if [[ "$current_issue_count" -le "$half_prev" && "$current_issue_count" -gt 0 ]]; then
+            # Rapid convergence — extend by 1
+            local new_limit=$((adjusted + 1))
+            if [[ "$new_limit" -le "$hard_ceiling" ]]; then
+                adjusted="$new_limit"
+                emit_event "intelligence.convergence_acceleration" \
+                    "issue=${ISSUE_NUMBER:-0}" \
+                    "context=$context" \
+                    "prev_issues=$prev_issue_count" \
+                    "current_issues=$current_issue_count" \
+                    "new_limit=$adjusted"
             fi
         fi
 
-        # 2. Negative Prompting
-        if [[ "$negative_enabled" == "true" ]]; then
-            echo ""
-            info "Running negative prompting..."
-            if ! run_negative_prompting; then
-                all_passed=false
+        # ── Divergence detection ──
+        # If issue count increases, reduce remaining cycles
+        if [[ "$current_issue_count" -gt "$prev_issue_count" ]]; then
+            local reduced=$((adjusted - 1))
+            if [[ "$reduced" -ge 1 ]]; then
+                adjusted="$reduced"
+                emit_event "intelligence.divergence_detected" \
+                    "issue=${ISSUE_NUMBER:-0}" \
+                    "context=$context" \
+                    "prev_issues=$prev_issue_count" \
+                    "current_issues=$current_issue_count" \
+                    "new_limit=$adjusted"
             fi
         fi
+    fi
 
-        # 3. Developer Simulation (intelligence module)
-        if type simulation_review &>/dev/null 2>&1; then
-            local sim_enabled
-            sim_enabled=$(jq -r '.intelligence.simulation_enabled // false' "$PIPELINE_CONFIG" 2>/dev/null || echo "false")
-            local daemon_cfg="${PROJECT_ROOT}/.claude/daemon-config.json"
-            if [[ "$sim_enabled" != "true" && -f "$daemon_cfg" ]]; then
-                sim_enabled=$(jq -r '.intelligence.simulation_enabled // false' "$daemon_cfg" 2>/dev/null || echo "false")
+    # ── Budget gate ──
+    if [[ "$IGNORE_BUDGET" != "true" ]] && [[ -x "$SCRIPT_DIR/sw-cost.sh" ]]; then
+        local budget_rc=0
+        bash "$SCRIPT_DIR/sw-cost.sh" check-budget 2>/dev/null || budget_rc=$?
+        if [[ "$budget_rc" -eq 2 ]]; then
+            # Budget exhausted — cap at current cycle
+            adjusted=0
+            emit_event "intelligence.budget_cap" \
+                "issue=${ISSUE_NUMBER:-0}" \
+                "context=$context"
+        fi
+    fi
+
+    # ── Enforce hard ceiling ──
+    if [[ "$adjusted" -gt "$hard_ceiling" ]]; then
+        adjusted="$hard_ceiling"
+    fi
+
+    echo "$adjusted"
+}
+
+# ──────────────────────────────────────────────────────────────────────────────
+# 5. Intelligent Audit Selection
+# AI-driven audit selection — all audits enabled, intensity varies.
+# ──────────────────────────────────────────────────────────────────────────────
+pipeline_select_audits() {
+    local audit_intensity
+    audit_intensity=$(jq -r --arg id "compound_quality" \
+        '(.stages[] | select(.id == $id) | .config.audit_intensity) // "auto"' \
+        "$PIPELINE_CONFIG" 2>/dev/null) || true
+    [[ -z "$audit_intensity" || "$audit_intensity" == "null" ]] && audit_intensity="auto"
+
+    # Short-circuit for explicit overrides
+    case "$audit_intensity" in
+        off)
+            echo '{"adversarial":"off","architecture":"off","simulation":"off","security":"off","dod":"off"}'
+            return 0
+            ;;
+        full|lightweight)
+            jq -n --arg i "$audit_intensity" \
+                '{adversarial:$i,architecture:$i,simulation:$i,security:$i,dod:$i}'
+            return 0
+            ;;
+    esac
+
+    # ── Auto mode: data-driven intensity ──
+    local default_intensity="targeted"
+    local security_intensity="targeted"
+
+    # Read last 5 quality scores for this repo
+    local quality_scores_file="${HOME}/.shipwright/optimization/quality-scores.jsonl"
+    local repo_name
+    repo_name=$(basename "${PROJECT_ROOT:-.}") || true
+    if [[ -f "$quality_scores_file" ]]; then
+        local recent_scores
+        recent_scores=$(grep "\"repo\":\"${repo_name}\"" "$quality_scores_file" 2>/dev/null | tail -5) || true
+        if [[ -n "$recent_scores" ]]; then
+            # Check for critical findings in recent history
+            local has_critical
+            has_critical=$(echo "$recent_scores" | jq -s '[.[].findings.critical // 0] | add' 2>/dev/null || echo "0")
+            has_critical="${has_critical:-0}"
+            if [[ "$has_critical" -gt 0 ]]; then
+                security_intensity="full"
+            fi
+
+            # Compute average quality score
+            local avg_score
+            avg_score=$(echo "$recent_scores" | jq -s 'if length > 0 then ([.[].quality_score] | add / length | floor) else 70 end' 2>/dev/null || echo "70")
+            avg_score="${avg_score:-70}"
+
+            if [[ "$avg_score" -lt 60 ]]; then
+                default_intensity="full"
+                security_intensity="full"
+            elif [[ "$avg_score" -gt 80 ]]; then
+                default_intensity="lightweight"
+                [[ "$security_intensity" != "full" ]] && security_intensity="lightweight"
+            fi
+        fi
+    fi
+
+    # Intelligence cache: upgrade targeted→full for complex changes
+    local intel_cache="${PROJECT_ROOT}/.claude/intelligence-cache.json"
+    if [[ -f "$intel_cache" && "$default_intensity" == "targeted" ]]; then
+        local complexity
+        complexity=$(jq -r '.complexity // "medium"' "$intel_cache" 2>/dev/null || echo "medium")
+        if [[ "$complexity" == "high" || "$complexity" == "very_high" ]]; then
+            default_intensity="full"
+            security_intensity="full"
+        fi
+    fi
+
+    emit_event "pipeline.audit_selection" \
+        "issue=${ISSUE_NUMBER:-0}" \
+        "default_intensity=$default_intensity" \
+        "security_intensity=$security_intensity" \
+        "repo=$repo_name"
+
+    jq -n \
+        --arg adv "$default_intensity" \
+        --arg arch "$default_intensity" \
+        --arg sim "$default_intensity" \
+        --arg sec "$security_intensity" \
+        --arg dod "$default_intensity" \
+        '{adversarial:$adv,architecture:$arch,simulation:$sim,security:$sec,dod:$dod}'
+}
+
+# ──────────────────────────────────────────────────────────────────────────────
+# 6. Definition of Done Verification
+# Strict DoD enforcement after compound quality completes.
+# ──────────────────────────────────────────────────────────────────────────────
+pipeline_verify_dod() {
+    local artifacts_dir="${1:-$ARTIFACTS_DIR}"
+    local checks_total=0 checks_passed=0
+    local results=""
+
+    # 1. Test coverage: verify changed source files have test counterparts
+    local changed_files
+    changed_files=$(git diff --name-only "${BASE_BRANCH:-main}...HEAD" 2>/dev/null || true)
+    local missing_tests=""
+    local files_checked=0
+
+    if [[ -n "$changed_files" ]]; then
+        while IFS= read -r src_file; do
+            [[ -z "$src_file" ]] && continue
+            # Only check source code files
+            case "$src_file" in
+                *.ts|*.js|*.tsx|*.jsx|*.py|*.go|*.rs|*.sh)
+                    # Skip test files themselves and config files
+                    case "$src_file" in
+                        *test*|*spec*|*__tests__*|*.config.*|*.d.ts) continue ;;
+                    esac
+                    files_checked=$((files_checked + 1))
+                    checks_total=$((checks_total + 1))
+                    # Check for corresponding test file
+                    local base_name dir_name ext
+                    base_name=$(basename "$src_file")
+                    dir_name=$(dirname "$src_file")
+                    ext="${base_name##*.}"
+                    local stem="${base_name%.*}"
+                    local test_found=false
+                    # Common test file patterns
+                    for pattern in \
+                        "${dir_name}/${stem}.test.${ext}" \
+                        "${dir_name}/${stem}.spec.${ext}" \
+                        "${dir_name}/__tests__/${stem}.test.${ext}" \
+                        "${dir_name}/${stem}-test.${ext}" \
+                        "${dir_name}/test_${stem}.${ext}" \
+                        "${dir_name}/${stem}_test.${ext}"; do
+                        if [[ -f "$pattern" ]]; then
+                            test_found=true
+                            break
+                        fi
+                    done
+                    if $test_found; then
+                        checks_passed=$((checks_passed + 1))
+                    else
+                        missing_tests="${missing_tests}${src_file}\n"
+                    fi
+                    ;;
+            esac
+        done <<EOF
+$changed_files
+EOF
+    fi
+
+    # 2. Test-added verification: if significant logic added, ensure tests were also added
+    local logic_lines=0 test_lines=0
+    if [[ -n "$changed_files" ]]; then
+        local full_diff
+        full_diff=$(git diff "${BASE_BRANCH:-main}...HEAD" 2>/dev/null || true)
+        if [[ -n "$full_diff" ]]; then
+            # Count added lines matching source patterns (rough heuristic)
+            logic_lines=$(echo "$full_diff" | grep -cE '^\+.*(function |class |if |for |while |return |export )' 2>/dev/null || true)
+            logic_lines="${logic_lines:-0}"
+            # Count added lines in test files
+            test_lines=$(echo "$full_diff" | grep -cE '^\+.*(it\(|test\(|describe\(|expect\(|assert|def test_|func Test)' 2>/dev/null || true)
+            test_lines="${test_lines:-0}"
+        fi
+    fi
+    checks_total=$((checks_total + 1))
+    local test_ratio_passed=true
+    if [[ "$logic_lines" -gt 20 && "$test_lines" -eq 0 ]]; then
+        test_ratio_passed=false
+        warn "DoD verification: ${logic_lines} logic lines added but no test lines detected"
+    else
+        checks_passed=$((checks_passed + 1))
+    fi
+
+    # 3. Behavioral verification: check DoD audit artifacts for evidence
+    local dod_audit_file="$artifacts_dir/dod-audit.md"
+    local dod_verified=0 dod_total_items=0
+    if [[ -f "$dod_audit_file" ]]; then
+        # Count items marked as passing
+        dod_total_items=$(grep -cE '^\s*-\s*\[x\]' "$dod_audit_file" 2>/dev/null || true)
+        dod_total_items="${dod_total_items:-0}"
+        local dod_failing
+        dod_failing=$(grep -cE '^\s*-\s*\[\s\]' "$dod_audit_file" 2>/dev/null || true)
+        dod_failing="${dod_failing:-0}"
+        dod_verified=$dod_total_items
+        checks_total=$((checks_total + dod_total_items + ${dod_failing:-0}))
+        checks_passed=$((checks_passed + dod_total_items))
+    fi
+
+    # Compute pass rate
+    local pass_rate=100
+    if [[ "$checks_total" -gt 0 ]]; then
+        pass_rate=$(( (checks_passed * 100) / checks_total ))
+    fi
+
+    # Write results
+    local tmp_result
+    tmp_result=$(mktemp)
+    jq -n \
+        --argjson checks_total "$checks_total" \
+        --argjson checks_passed "$checks_passed" \
+        --argjson pass_rate "$pass_rate" \
+        --argjson files_checked "$files_checked" \
+        --arg missing_tests "$(echo -e "$missing_tests" | head -20)" \
+        --argjson logic_lines "$logic_lines" \
+        --argjson test_lines "$test_lines" \
+        --argjson test_ratio_passed "$test_ratio_passed" \
+        --argjson dod_verified "$dod_verified" \
+        '{
+            checks_total: $checks_total,
+            checks_passed: $checks_passed,
+            pass_rate: $pass_rate,
+            files_checked: $files_checked,
+            missing_tests: ($missing_tests | split("\n") | map(select(. != ""))),
+            logic_lines: $logic_lines,
+            test_lines: $test_lines,
+            test_ratio_passed: $test_ratio_passed,
+            dod_verified: $dod_verified
+        }' > "$tmp_result" 2>/dev/null
+    mv "$tmp_result" "$artifacts_dir/dod-verification.json"
+
+    emit_event "pipeline.dod_verification" \
+        "issue=${ISSUE_NUMBER:-0}" \
+        "checks_total=$checks_total" \
+        "checks_passed=$checks_passed" \
+        "pass_rate=$pass_rate"
+
+    # Fail if pass rate < 70%
+    if [[ "$pass_rate" -lt 70 ]]; then
+        warn "DoD verification: ${pass_rate}% pass rate (${checks_passed}/${checks_total} checks)"
+        return 1
+    fi
+
+    success "DoD verification: ${pass_rate}% pass rate (${checks_passed}/${checks_total} checks)"
+    return 0
+}
+
+# ──────────────────────────────────────────────────────────────────────────────
+# 7. Source Code Security Scan
+# Grep-based vulnerability pattern matching on changed files.
+# ──────────────────────────────────────────────────────────────────────────────
+pipeline_security_source_scan() {
+    local base_branch="${1:-${BASE_BRANCH:-main}}"
+    local findings="[]"
+    local finding_count=0
+
+    local changed_files
+    changed_files=$(git diff --name-only "${base_branch}...HEAD" 2>/dev/null || true)
+    [[ -z "$changed_files" ]] && { echo "[]"; return 0; }
+
+    local tmp_findings
+    tmp_findings=$(mktemp)
+    echo "[]" > "$tmp_findings"
+
+    while IFS= read -r file; do
+        [[ -z "$file" || ! -f "$file" ]] && continue
+        # Only scan code files
+        case "$file" in
+            *.ts|*.js|*.tsx|*.jsx|*.py|*.go|*.rs|*.java|*.rb|*.php|*.sh) ;;
+            *) continue ;;
+        esac
+
+        # SQL injection patterns
+        local sql_matches
+        sql_matches=$(grep -nE '(query|execute|sql)\s*\(?\s*[`"'"'"']\s*.*\$\{|\.query\s*\(\s*[`"'"'"'].*\+' "$file" 2>/dev/null || true)
+        if [[ -n "$sql_matches" ]]; then
+            while IFS= read -r match; do
+                [[ -z "$match" ]] && continue
+                local line_num="${match%%:*}"
+                finding_count=$((finding_count + 1))
+                local current
+                current=$(cat "$tmp_findings")
+                echo "$current" | jq --arg f "$file" --arg l "$line_num" --arg p "sql_injection" \
+                    '. + [{"file":$f,"line":($l|tonumber),"pattern":$p,"severity":"critical","description":"Potential SQL injection via string concatenation"}]' \
+                    > "$tmp_findings" 2>/dev/null || true
+            done <<SQLEOF
+$sql_matches
+SQLEOF
+        fi
+
+        # XSS patterns
+        local xss_matches
+        xss_matches=$(grep -nE 'innerHTML\s*=|document\.write\s*\(|dangerouslySetInnerHTML' "$file" 2>/dev/null || true)
+        if [[ -n "$xss_matches" ]]; then
+            while IFS= read -r match; do
+                [[ -z "$match" ]] && continue
+                local line_num="${match%%:*}"
+                finding_count=$((finding_count + 1))
+                local current
+                current=$(cat "$tmp_findings")
+                echo "$current" | jq --arg f "$file" --arg l "$line_num" --arg p "xss" \
+                    '. + [{"file":$f,"line":($l|tonumber),"pattern":$p,"severity":"critical","description":"Potential XSS via unsafe DOM manipulation"}]' \
+                    > "$tmp_findings" 2>/dev/null || true
+            done <<XSSEOF
+$xss_matches
+XSSEOF
+        fi
+
+        # Command injection patterns
+        local cmd_matches
+        cmd_matches=$(grep -nE 'eval\s*\(|child_process|os\.system\s*\(|subprocess\.(call|run|Popen)\s*\(' "$file" 2>/dev/null || true)
+        if [[ -n "$cmd_matches" ]]; then
+            while IFS= read -r match; do
+                [[ -z "$match" ]] && continue
+                local line_num="${match%%:*}"
+                finding_count=$((finding_count + 1))
+                local current
+                current=$(cat "$tmp_findings")
+                echo "$current" | jq --arg f "$file" --arg l "$line_num" --arg p "command_injection" \
+                    '. + [{"file":$f,"line":($l|tonumber),"pattern":$p,"severity":"critical","description":"Potential command injection via unsafe execution"}]' \
+                    > "$tmp_findings" 2>/dev/null || true
+            done <<CMDEOF
+$cmd_matches
+CMDEOF
+        fi
+
+        # Hardcoded secrets patterns
+        local secret_matches
+        secret_matches=$(grep -nEi '(password|api_key|secret|token)\s*=\s*['"'"'"][A-Za-z0-9+/=]{8,}['"'"'"]' "$file" 2>/dev/null || true)
+        if [[ -n "$secret_matches" ]]; then
+            while IFS= read -r match; do
+                [[ -z "$match" ]] && continue
+                local line_num="${match%%:*}"
+                finding_count=$((finding_count + 1))
+                local current
+                current=$(cat "$tmp_findings")
+                echo "$current" | jq --arg f "$file" --arg l "$line_num" --arg p "hardcoded_secret" \
+                    '. + [{"file":$f,"line":($l|tonumber),"pattern":$p,"severity":"critical","description":"Potential hardcoded secret or credential"}]' \
+                    > "$tmp_findings" 2>/dev/null || true
+            done <<SECEOF
+$secret_matches
+SECEOF
+        fi
+
+        # Insecure crypto patterns
+        local crypto_matches
+        crypto_matches=$(grep -nE '(md5|MD5|sha1|SHA1)\s*\(' "$file" 2>/dev/null || true)
+        if [[ -n "$crypto_matches" ]]; then
+            while IFS= read -r match; do
+                [[ -z "$match" ]] && continue
+                local line_num="${match%%:*}"
+                finding_count=$((finding_count + 1))
+                local current
+                current=$(cat "$tmp_findings")
+                echo "$current" | jq --arg f "$file" --arg l "$line_num" --arg p "insecure_crypto" \
+                    '. + [{"file":$f,"line":($l|tonumber),"pattern":$p,"severity":"major","description":"Weak cryptographic function (consider SHA-256+)"}]' \
+                    > "$tmp_findings" 2>/dev/null || true
+            done <<CRYEOF
+$crypto_matches
+CRYEOF
+        fi
+    done <<FILESEOF
+$changed_files
+FILESEOF
+
+    # Write to artifacts and output
+    findings=$(cat "$tmp_findings")
+    rm -f "$tmp_findings"
+
+    if [[ -n "${ARTIFACTS_DIR:-}" ]]; then
+        local tmp_scan
+        tmp_scan=$(mktemp)
+        echo "$findings" > "$tmp_scan"
+        mv "$tmp_scan" "$ARTIFACTS_DIR/security-source-scan.json"
+    fi
+
+    emit_event "pipeline.security_source_scan" \
+        "issue=${ISSUE_NUMBER:-0}" \
+        "findings=$finding_count"
+
+    echo "$finding_count"
+}
+
+# ──────────────────────────────────────────────────────────────────────────────
+# 8. Quality Score Recording
+# Writes quality scores to JSONL for learning.
+# ──────────────────────────────────────────────────────────────────────────────
+pipeline_record_quality_score() {
+    local quality_score="${1:-0}"
+    local critical="${2:-0}"
+    local major="${3:-0}"
+    local minor="${4:-0}"
+    local dod_pass_rate="${5:-0}"
+    local audits_run="${6:-}"
+
+    local scores_dir="${HOME}/.shipwright/optimization"
+    local scores_file="${scores_dir}/quality-scores.jsonl"
+    mkdir -p "$scores_dir"
+
+    local repo_name
+    repo_name=$(basename "${PROJECT_ROOT:-.}") || true
+
+    local tmp_score
+    tmp_score=$(mktemp)
+    jq -n \
+        --arg repo "$repo_name" \
+        --arg issue "${ISSUE_NUMBER:-0}" \
+        --arg ts "$(now_iso)" \
+        --argjson score "$quality_score" \
+        --argjson critical "$critical" \
+        --argjson major "$major" \
+        --argjson minor "$minor" \
+        --argjson dod "$dod_pass_rate" \
+        --arg template "${PIPELINE_NAME:-standard}" \
+        --arg audits "$audits_run" \
+        '{
+            repo: $repo,
+            issue: ($issue | tonumber),
+            timestamp: $ts,
+            quality_score: $score,
+            findings: {critical: $critical, major: $major, minor: $minor},
+            dod_pass_rate: $dod,
+            template: $template,
+            audits_run: ($audits | split(",") | map(select(. != "")))
+        }' > "$tmp_score" 2>/dev/null
+
+    cat "$tmp_score" >> "$scores_file"
+    rm -f "$tmp_score"
+
+    emit_event "pipeline.quality_score_recorded" \
+        "issue=${ISSUE_NUMBER:-0}" \
+        "quality_score=$quality_score" \
+        "critical=$critical" \
+        "major=$major" \
+        "minor=$minor"
+}
+
+# ──────────────────────────────────────────────────────────────────────────────
+# 4. Mid-Pipeline Complexity Re-evaluation
+# After build+test completes, compares actual effort to initial estimate.
+# Updates skip recommendations and model routing for remaining stages.
+# ──────────────────────────────────────────────────────────────────────────────
+pipeline_reassess_complexity() {
+    local initial_complexity="${INTELLIGENCE_COMPLEXITY:-5}"
+    local reassessment_file="$ARTIFACTS_DIR/reassessment.json"
+
+    # ── Gather actual metrics ──
+    local files_changed=0 lines_changed=0 first_try_pass=false self_heal_cycles=0
+
+    files_changed=$(git diff "${BASE_BRANCH:-main}...HEAD" --name-only 2>/dev/null | wc -l | tr -d ' ') || files_changed=0
+    files_changed="${files_changed:-0}"
+
+    # Count lines changed (insertions + deletions) without pipefail issues
+    lines_changed=0
+    local _diff_stat
+    _diff_stat=$(git diff "${BASE_BRANCH:-main}...HEAD" --stat 2>/dev/null | tail -1) || true
+    if [[ -n "${_diff_stat:-}" ]]; then
+        local _ins _del
+        _ins=$(echo "$_diff_stat" | grep -oE '[0-9]+ insertion' | grep -oE '[0-9]+') || true
+        _del=$(echo "$_diff_stat" | grep -oE '[0-9]+ deletion' | grep -oE '[0-9]+') || true
+        lines_changed=$(( ${_ins:-0} + ${_del:-0} ))
+    fi
+
+    self_heal_cycles="${SELF_HEAL_COUNT:-0}"
+    if [[ "$self_heal_cycles" -eq 0 ]]; then
+        first_try_pass=true
+    fi
+
+    # ── Compare to expectations ──
+    local actual_complexity="$initial_complexity"
+    local assessment="as_expected"
+    local skip_stages="[]"
+
+    # Simpler than expected: small diff, tests passed first try
+    if [[ "$lines_changed" -lt 50 && "$first_try_pass" == "true" && "$files_changed" -lt 5 ]]; then
+        actual_complexity=$((initial_complexity > 2 ? initial_complexity - 2 : 1))
+        assessment="simpler_than_expected"
+        # Mark compound_quality as skippable, simplify review
+        skip_stages='["compound_quality"]'
+    # Much simpler
+    elif [[ "$lines_changed" -lt 20 && "$first_try_pass" == "true" && "$files_changed" -lt 3 ]]; then
+        actual_complexity=1
+        assessment="much_simpler"
+        skip_stages='["compound_quality","review"]'
+    # Harder than expected: large diff, multiple self-heal cycles
+    elif [[ "$lines_changed" -gt 500 || "$self_heal_cycles" -gt 2 ]]; then
+        actual_complexity=$((initial_complexity < 9 ? initial_complexity + 2 : 10))
+        assessment="harder_than_expected"
+        # Ensure compound_quality runs, possibly upgrade model
+        skip_stages='[]'
+    # Much harder
+    elif [[ "$lines_changed" -gt 1000 || "$self_heal_cycles" -gt 4 ]]; then
+        actual_complexity=10
+        assessment="much_harder"
+        skip_stages='[]'
+    fi
+
+    # ── Write reassessment ──
+    local tmp_reassess
+    tmp_reassess="$(mktemp)"
+    jq -n \
+        --argjson initial "$initial_complexity" \
+        --argjson actual "$actual_complexity" \
+        --arg assessment "$assessment" \
+        --argjson files_changed "$files_changed" \
+        --argjson lines_changed "$lines_changed" \
+        --argjson self_heal_cycles "$self_heal_cycles" \
+        --argjson first_try "$first_try_pass" \
+        --argjson skip_stages "$skip_stages" \
+        '{
+            initial_complexity: $initial,
+            actual_complexity: $actual,
+            assessment: $assessment,
+            files_changed: $files_changed,
+            lines_changed: $lines_changed,
+            self_heal_cycles: $self_heal_cycles,
+            first_try_pass: $first_try,
+            skip_stages: $skip_stages
+        }' > "$tmp_reassess" 2>/dev/null && mv "$tmp_reassess" "$reassessment_file" || rm -f "$tmp_reassess"
+
+    # Update global complexity for downstream stages
+    PIPELINE_ADAPTIVE_COMPLEXITY="$actual_complexity"
+
+    emit_event "intelligence.reassessment" \
+        "issue=${ISSUE_NUMBER:-0}" \
+        "initial=$initial_complexity" \
+        "actual=$actual_complexity" \
+        "assessment=$assessment" \
+        "files=$files_changed" \
+        "lines=$lines_changed" \
+        "self_heals=$self_heal_cycles"
+
+    # ── Store for learning ──
+    local learning_file="${HOME}/.shipwright/optimization/complexity-actuals.jsonl"
+    mkdir -p "${HOME}/.shipwright/optimization" 2>/dev/null || true
+    echo "{\"issue\":\"${ISSUE_NUMBER:-0}\",\"initial\":$initial_complexity,\"actual\":$actual_complexity,\"files\":$files_changed,\"lines\":$lines_changed,\"ts\":\"$(now_iso)\"}" \
+        >> "$learning_file" 2>/dev/null || true
+
+    echo "$assessment"
+}
+
+# ──────────────────────────────────────────────────────────────────────────────
+# 5. Backtracking Support
+# When compound_quality detects architecture-level problems, backtracks to
+# the design stage instead of just feeding findings to the build loop.
+# Limited to 1 backtrack per pipeline run to prevent infinite loops.
+# ──────────────────────────────────────────────────────────────────────────────
+pipeline_backtrack_to_stage() {
+    local target_stage="$1"
+    local reason="${2:-architecture_violation}"
+
+    # Prevent infinite backtracking
+    if [[ "$PIPELINE_BACKTRACK_COUNT" -ge "$PIPELINE_MAX_BACKTRACKS" ]]; then
+        warn "Max backtracks ($PIPELINE_MAX_BACKTRACKS) reached — cannot backtrack to $target_stage"
+        emit_event "intelligence.backtrack_blocked" \
+            "issue=${ISSUE_NUMBER:-0}" \
+            "target=$target_stage" \
+            "reason=max_backtracks_reached" \
+            "count=$PIPELINE_BACKTRACK_COUNT"
+        return 1
+    fi
+
+    PIPELINE_BACKTRACK_COUNT=$((PIPELINE_BACKTRACK_COUNT + 1))
+
+    info "Backtracking to ${BOLD}${target_stage}${RESET} stage (reason: ${reason})"
+
+    emit_event "intelligence.backtrack" \
+        "issue=${ISSUE_NUMBER:-0}" \
+        "target=$target_stage" \
+        "reason=$reason"
+
+    # Gather architecture context from findings
+    local arch_context=""
+    if [[ -f "$ARTIFACTS_DIR/compound-architecture-validation.json" ]]; then
+        arch_context=$(jq -r '[.[] | select(.severity == "critical" or .severity == "high") | .message // .description // ""] | join("\n")' \
+            "$ARTIFACTS_DIR/compound-architecture-validation.json" 2>/dev/null || true)
+    fi
+    if [[ -f "$ARTIFACTS_DIR/adversarial-review.md" ]]; then
+        local arch_lines
+        arch_lines=$(grep -iE 'architect|layer.*violation|circular.*depend|coupling|design.*flaw' \
+            "$ARTIFACTS_DIR/adversarial-review.md" 2>/dev/null || true)
+        if [[ -n "$arch_lines" ]]; then
+            arch_context="${arch_context}
+${arch_lines}"
+        fi
+    fi
+
+    # Reset stages from target onward
+    set_stage_status "$target_stage" "pending"
+    set_stage_status "build" "pending"
+    set_stage_status "test" "pending"
+
+    # Augment goal with architecture context for re-run
+    local original_goal="$GOAL"
+    if [[ -n "$arch_context" ]]; then
+        GOAL="$GOAL
+
+IMPORTANT — Architecture violations were detected during quality review. Redesign to fix:
+$arch_context
+
+Update the design to address these violations, then rebuild."
+    fi
+
+    # Re-run design stage
+    info "Re-running ${BOLD}${target_stage}${RESET} with architecture context..."
+    if "stage_${target_stage}" 2>/dev/null; then
+        mark_stage_complete "$target_stage"
+        success "Backtrack: ${target_stage} re-run complete"
+    else
+        GOAL="$original_goal"
+        error "Backtrack: ${target_stage} re-run failed"
+        return 1
+    fi
+
+    # Re-run build+test
+    info "Re-running build→test after backtracked ${target_stage}..."
+    if self_healing_build_test; then
+        success "Backtrack: build→test passed after ${target_stage} redesign"
+        GOAL="$original_goal"
+        return 0
+    else
+        GOAL="$original_goal"
+        error "Backtrack: build→test failed after ${target_stage} redesign"
+        return 1
+    fi
+}
+
+compound_rebuild_with_feedback() {
+    local feedback_file="$ARTIFACTS_DIR/quality-feedback.md"
+
+    # ── Intelligence: classify findings and determine routing ──
+    local route="correctness"
+    route=$(classify_quality_findings 2>/dev/null) || route="correctness"
+
+    # ── Build structured findings JSON alongside markdown ──
+    local structured_findings="[]"
+    local s_total_critical=0 s_total_major=0 s_total_minor=0
+
+    if [[ -f "$ARTIFACTS_DIR/classified-findings.json" ]]; then
+        s_total_critical=$(jq -r '.security // 0' "$ARTIFACTS_DIR/classified-findings.json" 2>/dev/null || echo "0")
+        s_total_major=$(jq -r '.correctness // 0' "$ARTIFACTS_DIR/classified-findings.json" 2>/dev/null || echo "0")
+        s_total_minor=$(jq -r '.style // 0' "$ARTIFACTS_DIR/classified-findings.json" 2>/dev/null || echo "0")
+    fi
+
+    local tmp_qf
+    tmp_qf="$(mktemp)"
+    jq -n \
+        --arg route "$route" \
+        --argjson total_critical "$s_total_critical" \
+        --argjson total_major "$s_total_major" \
+        --argjson total_minor "$s_total_minor" \
+        '{route: $route, total_critical: $total_critical, total_major: $total_major, total_minor: $total_minor}' \
+        > "$tmp_qf" 2>/dev/null && mv "$tmp_qf" "$ARTIFACTS_DIR/quality-findings.json" || rm -f "$tmp_qf"
+
+    # ── Architecture route: backtrack to design instead of rebuild ──
+    if [[ "$route" == "architecture" ]]; then
+        info "Architecture-level findings detected — attempting backtrack to design"
+        if pipeline_backtrack_to_stage "design" "architecture_violation" 2>/dev/null; then
+            return 0
+        fi
+        # Backtrack failed or already used — fall through to standard rebuild
+        warn "Backtrack unavailable — falling through to standard rebuild"
+    fi
+
+    # Collect all findings (prioritized by classification)
+    {
+        echo "# Quality Feedback — Issues to Fix"
+        echo ""
+
+        # Security findings first (highest priority)
+        if [[ "$route" == "security" || -f "$ARTIFACTS_DIR/security-audit.log" ]] && grep -qiE 'critical|high' "$ARTIFACTS_DIR/security-audit.log" 2>/dev/null; then
+            echo "## 🔴 PRIORITY: Security Findings (fix these first)"
+            cat "$ARTIFACTS_DIR/security-audit.log"
+            echo ""
+            echo "Security issues MUST be resolved before any other changes."
+            echo ""
+        fi
+
+        # Correctness findings
+        if [[ -f "$ARTIFACTS_DIR/adversarial-review.md" ]]; then
+            echo "## Adversarial Review Findings"
+            cat "$ARTIFACTS_DIR/adversarial-review.md"
+            echo ""
+        fi
+        if [[ -f "$ARTIFACTS_DIR/negative-review.md" ]]; then
+            echo "## Negative Prompting Concerns"
+            cat "$ARTIFACTS_DIR/negative-review.md"
+            echo ""
+        fi
+        if [[ -f "$ARTIFACTS_DIR/dod-audit.md" ]]; then
+            echo "## DoD Audit Failures"
+            grep "❌" "$ARTIFACTS_DIR/dod-audit.md" 2>/dev/null || true
+            echo ""
+        fi
+        if [[ -f "$ARTIFACTS_DIR/api-compat.log" ]] && grep -qi 'BREAKING' "$ARTIFACTS_DIR/api-compat.log" 2>/dev/null; then
+            echo "## API Breaking Changes"
+            cat "$ARTIFACTS_DIR/api-compat.log"
+            echo ""
+        fi
+
+        # Style findings last (deprioritized, informational)
+        if [[ -f "$ARTIFACTS_DIR/classified-findings.json" ]]; then
+            local style_count
+            style_count=$(jq -r '.style // 0' "$ARTIFACTS_DIR/classified-findings.json" 2>/dev/null || echo "0")
+            if [[ "$style_count" -gt 0 ]]; then
+                echo "## Style Notes (non-blocking, address if time permits)"
+                echo "${style_count} style suggestions found. These do not block the build."
+                echo ""
+            fi
+        fi
+    } > "$feedback_file"
+
+    # Validate feedback file has actual content
+    if [[ ! -s "$feedback_file" ]]; then
+        warn "No quality feedback collected — skipping rebuild"
+        return 1
+    fi
+
+    # Reset build/test stages
+    set_stage_status "build" "pending"
+    set_stage_status "test" "pending"
+    set_stage_status "review" "pending"
+
+    # Augment GOAL with quality feedback (route-specific instructions)
+    local original_goal="$GOAL"
+    local feedback_content
+    feedback_content=$(cat "$feedback_file")
+
+    local route_instruction=""
+    case "$route" in
+        security)
+            route_instruction="SECURITY PRIORITY: Fix all security vulnerabilities FIRST, then address other issues. Security issues are BLOCKING."
+            ;;
+        performance)
+            route_instruction="PERFORMANCE PRIORITY: Address performance regressions and optimizations. Check for N+1 queries, memory leaks, and algorithmic complexity."
+            ;;
+        testing)
+            route_instruction="TESTING PRIORITY: Add missing test coverage and fix flaky tests before addressing other issues."
+            ;;
+        correctness)
+            route_instruction="Fix every issue listed above while keeping all existing functionality working."
+            ;;
+        architecture)
+            route_instruction="ARCHITECTURE: Fix structural issues. Check dependency direction, layer boundaries, and separation of concerns."
+            ;;
+        *)
+            route_instruction="Fix every issue listed above while keeping all existing functionality working."
+            ;;
+    esac
+
+    GOAL="$GOAL
+
+IMPORTANT — Compound quality review found issues (route: ${route}). Fix ALL of these:
+$feedback_content
+
+${route_instruction}"
+
+    # Re-run self-healing build→test
+    info "Rebuilding with quality feedback (route: ${route})..."
+    if self_healing_build_test; then
+        GOAL="$original_goal"
+        return 0
+    else
+        GOAL="$original_goal"
+        return 1
+    fi
+}
+
+# ──────────────────────────────────────────────────────────────────────────────
+# Bash 3.2 Compatibility Check
+# Scans modified .sh files for common bash 3.2 incompatibilities
+# Returns: count of violations found
+# ──────────────────────────────────────────────────────────────────────────────
+run_bash_compat_check() {
+    local violations=0
+    local violation_details=""
+
+    # Get modified .sh files relative to base branch
+    local changed_files
+    changed_files=$(git diff --name-only "origin/${BASE_BRANCH:-main}...HEAD" -- '*.sh' 2>/dev/null || echo "")
+
+    if [[ -z "$changed_files" ]]; then
+        echo "0"
+        return 0
+    fi
+
+    # Check each file for bash 3.2 incompatibilities
+    while IFS= read -r filepath; do
+        [[ -z "$filepath" ]] && continue
+
+        # declare -A (associative arrays)
+        local declare_a_count
+        declare_a_count=$(grep -c 'declare[[:space:]]*-[aA]' "$filepath" 2>/dev/null || true)
+        if [[ "$declare_a_count" -gt 0 ]]; then
+            violations=$((violations + declare_a_count))
+            violation_details="${violation_details}${filepath}: declare -A (${declare_a_count} occurrences)
+"
+        fi
+
+        # readarray or mapfile
+        local readarray_count
+        readarray_count=$(grep -c 'readarray\|mapfile' "$filepath" 2>/dev/null || true)
+        if [[ "$readarray_count" -gt 0 ]]; then
+            violations=$((violations + readarray_count))
+            violation_details="${violation_details}${filepath}: readarray/mapfile (${readarray_count} occurrences)
+"
+        fi
+
+        # ${var,,} or ${var^^} (case conversion)
+        local case_conv_count
+        case_conv_count=$(grep -c '\$\{[a-zA-Z_][a-zA-Z0-9_]*,,' "$filepath" 2>/dev/null || true)
+        case_conv_count=$((case_conv_count + $(grep -c '\$\{[a-zA-Z_][a-zA-Z0-9_]*\^\^' "$filepath" 2>/dev/null || true)))
+        if [[ "$case_conv_count" -gt 0 ]]; then
+            violations=$((violations + case_conv_count))
+            violation_details="${violation_details}${filepath}: case conversion \$\{var,,\} or \$\{var\^\^\} (${case_conv_count} occurrences)
+"
+        fi
+
+        # |& (pipe stderr to stdout in-place)
+        local pipe_ampersand_count
+        pipe_ampersand_count=$(grep -c '|&' "$filepath" 2>/dev/null || true)
+        if [[ "$pipe_ampersand_count" -gt 0 ]]; then
+            violations=$((violations + pipe_ampersand_count))
+            violation_details="${violation_details}${filepath}: |& operator (${pipe_ampersand_count} occurrences)
+"
+        fi
+
+        # ;& or ;;& in case statements (advanced fallthrough)
+        local advanced_case_count
+        advanced_case_count=$(grep -c ';&\|;;&' "$filepath" 2>/dev/null || true)
+        if [[ "$advanced_case_count" -gt 0 ]]; then
+            violations=$((violations + advanced_case_count))
+            violation_details="${violation_details}${filepath}: advanced case ;& or ;;& (${advanced_case_count} occurrences)
+"
+        fi
+
+    done <<< "$changed_files"
+
+    # Log details if violations found
+    if [[ "$violations" -gt 0 ]]; then
+        warn "Bash 3.2 compatibility check: ${violations} violation(s) found:"
+        echo "$violation_details" | sed 's/^/  /'
+    fi
+
+    echo "$violations"
+}
+
+# ──────────────────────────────────────────────────────────────────────────────
+# Test Coverage Check
+# Runs configured test command and extracts coverage percentage
+# Returns: coverage percentage (0-100), or "skip" if no test command configured
+# ──────────────────────────────────────────────────────────────────────────────
+run_test_coverage_check() {
+    local test_cmd="${TEST_CMD:-}"
+    if [[ -z "$test_cmd" ]]; then
+        echo "skip"
+        return 0
+    fi
+
+    info "Running test coverage check..."
+
+    # Run tests and capture output
+    local test_output
+    local test_rc=0
+    test_output=$(eval "$test_cmd" 2>&1) || test_rc=$?
+
+    if [[ "$test_rc" -ne 0 ]]; then
+        warn "Test command failed (exit code: $test_rc) — cannot extract coverage"
+        echo "0"
+        return 0
+    fi
+
+    # Extract coverage percentage from various formats
+    # Patterns: "XX% coverage", "Lines: XX%", "Stmts: XX%", "Coverage: XX%", "coverage XX%"
+    local coverage_pct
+    coverage_pct=$(echo "$test_output" | grep -oE '[0-9]{1,3}%[[:space:]]*(coverage|lines|stmts|statements)' | grep -oE '^[0-9]{1,3}' | head -1 || true)
+
+    if [[ -z "$coverage_pct" ]]; then
+        # Try alternate patterns without units
+        coverage_pct=$(echo "$test_output" | grep -oE 'coverage[:]?[[:space:]]*[0-9]{1,3}' | grep -oE '[0-9]{1,3}' | head -1 || true)
+    fi
+
+    if [[ -z "$coverage_pct" ]]; then
+        warn "Could not extract coverage percentage from test output"
+        echo "0"
+        return 0
+    fi
+
+    # Ensure it's a valid percentage (0-100)
+    if [[ ! "$coverage_pct" =~ ^[0-9]{1,3}$ ]] || [[ "$coverage_pct" -gt 100 ]]; then
+        coverage_pct=0
+    fi
+
+    success "Test coverage: ${coverage_pct}%"
+    echo "$coverage_pct"
+}
+
+# ──────────────────────────────────────────────────────────────────────────────
+# Atomic Write Violations Check
+# Scans modified files for anti-patterns: direct echo > file to state/config files
+# Returns: count of violations found
+# ──────────────────────────────────────────────────────────────────────────────
+run_atomic_write_check() {
+    local violations=0
+    local violation_details=""
+
+    # Get modified files (not just .sh — includes state/config files)
+    local changed_files
+    changed_files=$(git diff --name-only "origin/${BASE_BRANCH:-main}...HEAD" 2>/dev/null || echo "")
+
+    if [[ -z "$changed_files" ]]; then
+        echo "0"
+        return 0
+    fi
+
+    # Check for direct writes to state/config files (patterns that should use tmp+mv)
+    # Look for: echo "..." > state/config files
+    while IFS= read -r filepath; do
+        [[ -z "$filepath" ]] && continue
+
+        # Only check state/config/artifacts files
+        if [[ ! "$filepath" =~ (state|config|artifact|cache|db|json)$ ]]; then
+            continue
+        fi
+
+        # Check for direct redirection writes (> file) in state/config paths
+        local bad_writes
+        bad_writes=$(git show "HEAD:$filepath" 2>/dev/null | grep -c 'echo.*>' "$filepath" 2>/dev/null || true)
+
+        if [[ "$bad_writes" -gt 0 ]]; then
+            violations=$((violations + bad_writes))
+            violation_details="${violation_details}${filepath}: ${bad_writes} direct write(s) (should use tmp+mv)
+"
+        fi
+    done <<< "$changed_files"
+
+    if [[ "$violations" -gt 0 ]]; then
+        warn "Atomic write violations: ${violations} found (should use tmp file + mv pattern):"
+        echo "$violation_details" | sed 's/^/  /'
+    fi
+
+    echo "$violations"
+}
+
+# ──────────────────────────────────────────────────────────────────────────────
+# New Function Test Detection
+# Detects new functions added in the diff but checks if corresponding tests exist
+# Returns: count of untested new functions
+# ──────────────────────────────────────────────────────────────────────────────
+run_new_function_test_check() {
+    local untested_functions=0
+    local details=""
+
+    # Get diff
+    local diff_content
+    diff_content=$(git diff "origin/${BASE_BRANCH:-main}...HEAD" 2>/dev/null || true)
+
+    if [[ -z "$diff_content" ]]; then
+        echo "0"
+        return 0
+    fi
+
+    # Extract newly added function definitions (lines starting with +functionname())
+    local new_functions
+    new_functions=$(echo "$diff_content" | grep -E '^\+[a-zA-Z_][a-zA-Z0-9_]*\(\)' | sed 's/^\+//' | sed 's/()//' || true)
+
+    if [[ -z "$new_functions" ]]; then
+        echo "0"
+        return 0
+    fi
+
+    # For each new function, check if test files were modified
+    local test_files_modified=0
+    test_files_modified=$(echo "$diff_content" | grep -c '\-\-\-.*test\|\.test\.\|_test\.' || true)
+
+    # Simple heuristic: if we have new functions but no test file modifications, warn
+    if [[ "$test_files_modified" -eq 0 ]]; then
+        local func_count
+        func_count=$(echo "$new_functions" | wc -l | xargs)
+        untested_functions="$func_count"
+        details="Added ${func_count} new function(s) but no test file modifications detected"
+    fi
+
+    if [[ "$untested_functions" -gt 0 ]]; then
+        warn "New functions without tests: ${details}"
+    fi
+
+    echo "$untested_functions"
+}
+
+stage_compound_quality() {
+    CURRENT_STAGE_ID="compound_quality"
+
+    # Pre-check: verify meaningful changes exist before running expensive quality checks
+    local _cq_real_changes
+    _cq_real_changes=$(git diff --name-only "origin/${BASE_BRANCH:-main}...HEAD" \
+        -- . ':!.claude/loop-state.md' ':!.claude/pipeline-state.md' \
+        ':!.claude/pipeline-artifacts/*' ':!**/progress.md' \
+        ':!**/error-summary.json' 2>/dev/null | wc -l | xargs || echo "0")
+    if [[ "${_cq_real_changes:-0}" -eq 0 ]]; then
+        error "Compound quality: no meaningful code changes found — failing quality gate"
+        return 1
+    fi
+
+    # Read config
+    local max_cycles adversarial_enabled negative_enabled e2e_enabled dod_enabled strict_quality
+    max_cycles=$(jq -r --arg id "compound_quality" '(.stages[] | select(.id == $id) | .config.max_cycles) // 3' "$PIPELINE_CONFIG" 2>/dev/null) || true
+    [[ -z "$max_cycles" || "$max_cycles" == "null" ]] && max_cycles=3
+    adversarial_enabled=$(jq -r --arg id "compound_quality" '(.stages[] | select(.id == $id) | .config.adversarial) // true' "$PIPELINE_CONFIG" 2>/dev/null) || true
+    negative_enabled=$(jq -r --arg id "compound_quality" '(.stages[] | select(.id == $id) | .config.negative) // true' "$PIPELINE_CONFIG" 2>/dev/null) || true
+    e2e_enabled=$(jq -r --arg id "compound_quality" '(.stages[] | select(.id == $id) | .config.e2e) // true' "$PIPELINE_CONFIG" 2>/dev/null) || true
+    dod_enabled=$(jq -r --arg id "compound_quality" '(.stages[] | select(.id == $id) | .config.dod_audit) // true' "$PIPELINE_CONFIG" 2>/dev/null) || true
+    strict_quality=$(jq -r --arg id "compound_quality" '(.stages[] | select(.id == $id) | .config.strict_quality) // false' "$PIPELINE_CONFIG" 2>/dev/null) || true
+    [[ -z "$strict_quality" || "$strict_quality" == "null" ]] && strict_quality="false"
+
+    # Intelligent audit selection
+    local audit_plan='{"adversarial":"targeted","architecture":"targeted","simulation":"targeted","security":"targeted","dod":"targeted"}'
+    if type pipeline_select_audits &>/dev/null 2>&1; then
+        local _selected
+        _selected=$(pipeline_select_audits 2>/dev/null) || true
+        if [[ -n "$_selected" && "$_selected" != "null" ]]; then
+            audit_plan="$_selected"
+            info "Audit plan: $(echo "$audit_plan" | jq -c '.' 2>/dev/null || echo "$audit_plan")"
+        fi
+    fi
+
+    # Track findings for quality score
+    local total_critical=0 total_major=0 total_minor=0
+    local audits_run_list=""
+
+    # ── HARDENED QUALITY GATES (RUN BEFORE CYCLES) ──
+    # These checks must pass before we even start the audit cycles
+    echo ""
+    info "Running hardened quality gate checks..."
+
+    # 1. Bash 3.2 compatibility check
+    local bash_violations=0
+    bash_violations=$(run_bash_compat_check 2>/dev/null) || bash_violations=0
+    bash_violations="${bash_violations:-0}"
+
+    if [[ "$strict_quality" == "true" && "$bash_violations" -gt 0 ]]; then
+        error "STRICT QUALITY: Bash 3.2 incompatibilities found — blocking"
+        emit_event "quality.bash_compat_failed" \
+            "issue=${ISSUE_NUMBER:-0}" \
+            "violations=$bash_violations"
+        return 1
+    fi
+
+    if [[ "$bash_violations" -gt 0 ]]; then
+        warn "Bash 3.2 incompatibilities detected: ${bash_violations} (will impact quality score)"
+        total_minor=$((total_minor + bash_violations))
+    else
+        success "Bash 3.2 compatibility: clean"
+    fi
+
+    # 2. Test coverage check
+    local coverage_pct=0
+    coverage_pct=$(run_test_coverage_check 2>/dev/null) || coverage_pct=0
+    coverage_pct="${coverage_pct:-0}"
+
+    if [[ "$coverage_pct" != "skip" ]]; then
+        if [[ "$coverage_pct" -lt 60 ]]; then
+            if [[ "$strict_quality" == "true" ]]; then
+                error "STRICT QUALITY: Test coverage below 60% (${coverage_pct}%) — blocking"
+                emit_event "quality.coverage_failed" \
+                    "issue=${ISSUE_NUMBER:-0}" \
+                    "coverage=$coverage_pct"
+                return 1
+            else
+                warn "Test coverage below 60% threshold (${coverage_pct}%) — quality penalty applied"
+                total_major=$((total_major + 2))
+            fi
+        fi
+    fi
+
+    # 3. New functions without tests check
+    local untested_functions=0
+    untested_functions=$(run_new_function_test_check 2>/dev/null) || untested_functions=0
+    untested_functions="${untested_functions:-0}"
+
+    if [[ "$untested_functions" -gt 0 ]]; then
+        if [[ "$strict_quality" == "true" ]]; then
+            error "STRICT QUALITY: ${untested_functions} new function(s) without tests — blocking"
+            emit_event "quality.untested_functions" \
+                "issue=${ISSUE_NUMBER:-0}" \
+                "count=$untested_functions"
+            return 1
+        else
+            warn "New functions without corresponding tests: ${untested_functions}"
+            total_major=$((total_major + untested_functions))
+        fi
+    fi
+
+    # 4. Atomic write violations (optional, informational in most modes)
+    local atomic_violations=0
+    atomic_violations=$(run_atomic_write_check 2>/dev/null) || atomic_violations=0
+    atomic_violations="${atomic_violations:-0}"
+
+    if [[ "$atomic_violations" -gt 0 ]]; then
+        warn "Atomic write violations: ${atomic_violations} (state/config file patterns)"
+        total_minor=$((total_minor + atomic_violations))
+    fi
+
+    # Vitals-driven adaptive cycle limit (preferred)
+    local base_max_cycles="$max_cycles"
+    if type pipeline_adaptive_limit &>/dev/null 2>&1; then
+        local _cq_vitals=""
+        if type pipeline_compute_vitals &>/dev/null 2>&1; then
+            _cq_vitals=$(pipeline_compute_vitals "$STATE_FILE" "$ARTIFACTS_DIR" "${ISSUE_NUMBER:-}" 2>/dev/null) || true
+        fi
+        local vitals_cq_limit
+        vitals_cq_limit=$(pipeline_adaptive_limit "compound_quality" "$_cq_vitals" 2>/dev/null) || true
+        if [[ -n "$vitals_cq_limit" && "$vitals_cq_limit" =~ ^[0-9]+$ && "$vitals_cq_limit" -gt 0 ]]; then
+            max_cycles="$vitals_cq_limit"
+            if [[ "$max_cycles" != "$base_max_cycles" ]]; then
+                info "Vitals-driven cycles: ${base_max_cycles} → ${max_cycles} (compound_quality)"
+            fi
+        fi
+    else
+        # Fallback: adaptive cycle limits from optimization data
+        local _cq_iter_model="${HOME}/.shipwright/optimization/iteration-model.json"
+        if [[ -f "$_cq_iter_model" ]]; then
+            local adaptive_limit
+            adaptive_limit=$(pipeline_adaptive_cycles "$max_cycles" "compound_quality" "0" "-1" 2>/dev/null) || true
+            if [[ -n "$adaptive_limit" && "$adaptive_limit" =~ ^[0-9]+$ && "$adaptive_limit" -gt 0 ]]; then
+                max_cycles="$adaptive_limit"
+                if [[ "$max_cycles" != "$base_max_cycles" ]]; then
+                    info "Adaptive cycles: ${base_max_cycles} → ${max_cycles} (compound_quality)"
+                fi
+            fi
+        fi
+    fi
+
+    # Convergence tracking
+    local prev_issue_count=-1
+
+    local cycle=0
+    while [[ "$cycle" -lt "$max_cycles" ]]; do
+        cycle=$((cycle + 1))
+        local all_passed=true
+
+        echo ""
+        echo -e "${PURPLE}${BOLD}━━━ Compound Quality — Cycle ${cycle}/${max_cycles} ━━━${RESET}"
+
+        if [[ -n "$ISSUE_NUMBER" ]]; then
+            gh_comment_issue "$ISSUE_NUMBER" "🔬 **Compound quality** — cycle ${cycle}/${max_cycles}" 2>/dev/null || true
+        fi
+
+        # 1. Adversarial Review
+        local _adv_intensity
+        _adv_intensity=$(echo "$audit_plan" | jq -r '.adversarial // "targeted"' 2>/dev/null || echo "targeted")
+        if [[ "$adversarial_enabled" == "true" && "$_adv_intensity" != "off" ]]; then
+            echo ""
+            info "Running adversarial review (${_adv_intensity})..."
+            audits_run_list="${audits_run_list:+${audits_run_list},}adversarial"
+            if ! run_adversarial_review; then
+                all_passed=false
+            fi
+        fi
+
+        # 2. Negative Prompting
+        if [[ "$negative_enabled" == "true" ]]; then
+            echo ""
+            info "Running negative prompting..."
+            if ! run_negative_prompting; then
+                all_passed=false
+            fi
+        fi
+
+        # 3. Developer Simulation (intelligence module)
+        if type simulation_review &>/dev/null 2>&1; then
+            local sim_enabled
+            sim_enabled=$(jq -r '.intelligence.simulation_enabled // false' "$PIPELINE_CONFIG" 2>/dev/null || echo "false")
+            local daemon_cfg="${PROJECT_ROOT}/.claude/daemon-config.json"
+            if [[ "$sim_enabled" != "true" && -f "$daemon_cfg" ]]; then
+                sim_enabled=$(jq -r '.intelligence.simulation_enabled // false' "$daemon_cfg" 2>/dev/null || echo "false")
             fi
             if [[ "$sim_enabled" == "true" ]]; then
                 echo ""
@@ -4653,14 +6386,36 @@ stage_compound_quality() {
         fi
 
         # 6. DoD Audit
-        if [[ "$dod_enabled" == "true" ]]; then
+        local _dod_intensity
+        _dod_intensity=$(echo "$audit_plan" | jq -r '.dod // "targeted"' 2>/dev/null || echo "targeted")
+        if [[ "$dod_enabled" == "true" && "$_dod_intensity" != "off" ]]; then
             echo ""
-            info "Running Definition of Done audit..."
+            info "Running Definition of Done audit (${_dod_intensity})..."
+            audits_run_list="${audits_run_list:+${audits_run_list},}dod"
             if ! run_dod_audit; then
                 all_passed=false
             fi
         fi
 
+        # 6b. Security Source Scan
+        local _sec_intensity
+        _sec_intensity=$(echo "$audit_plan" | jq -r '.security // "targeted"' 2>/dev/null || echo "targeted")
+        if [[ "$_sec_intensity" != "off" ]]; then
+            echo ""
+            info "Running security source scan (${_sec_intensity})..."
+            audits_run_list="${audits_run_list:+${audits_run_list},}security"
+            local sec_finding_count=0
+            sec_finding_count=$(pipeline_security_source_scan 2>/dev/null) || true
+            sec_finding_count="${sec_finding_count:-0}"
+            if [[ "$sec_finding_count" -gt 0 ]]; then
+                warn "Security source scan: ${sec_finding_count} finding(s)"
+                total_critical=$((total_critical + sec_finding_count))
+                all_passed=false
+            else
+                success "Security source scan: clean"
+            fi
+        fi
+
         # 7. Multi-dimensional quality checks
         echo ""
         info "Running multi-dimensional quality checks..."
@@ -4743,6 +6498,17 @@ All quality checks clean:
             fi
 
             log_stage "compound_quality" "Passed on cycle ${cycle}/${max_cycles}"
+
+            # DoD verification on successful pass
+            local _dod_pass_rate=100
+            if type pipeline_verify_dod &>/dev/null 2>&1; then
+                pipeline_verify_dod "$ARTIFACTS_DIR" 2>/dev/null || true
+                if [[ -f "$ARTIFACTS_DIR/dod-verification.json" ]]; then
+                    _dod_pass_rate=$(jq -r '.pass_rate // 100' "$ARTIFACTS_DIR/dod-verification.json" 2>/dev/null || echo "100")
+                fi
+            fi
+
+            pipeline_record_quality_score 100 0 0 0 "$_dod_pass_rate" "$audits_run_list" 2>/dev/null || true
             return 0
         fi
 
@@ -4754,6 +6520,17 @@ All quality checks clean:
             fi
 
             log_stage "compound_quality" "Passed on cycle ${cycle}/${max_cycles}"
+
+            # DoD verification on successful pass
+            local _dod_pass_rate=100
+            if type pipeline_verify_dod &>/dev/null 2>&1; then
+                pipeline_verify_dod "$ARTIFACTS_DIR" 2>/dev/null || true
+                if [[ -f "$ARTIFACTS_DIR/dod-verification.json" ]]; then
+                    _dod_pass_rate=$(jq -r '.pass_rate // 100' "$ARTIFACTS_DIR/dod-verification.json" 2>/dev/null || echo "100")
+                fi
+            fi
+
+            pipeline_record_quality_score 95 0 "$total_major" "$total_minor" "$_dod_pass_rate" "$audits_run_list" 2>/dev/null || true
             return 0
         fi
 
@@ -4776,6 +6553,16 @@ All quality checks clean:
 
         info "Convergence: ${current_issue_count} critical/high issues remaining"
 
+        # Intelligence: re-evaluate adaptive cycle limit based on convergence (only after first cycle)
+        if [[ "$prev_issue_count" -ge 0 ]]; then
+            local updated_limit
+            updated_limit=$(pipeline_adaptive_cycles "$max_cycles" "compound_quality" "$current_issue_count" "$prev_issue_count" 2>/dev/null) || true
+            if [[ -n "$updated_limit" && "$updated_limit" =~ ^[0-9]+$ && "$updated_limit" -gt 0 && "$updated_limit" != "$max_cycles" ]]; then
+                info "Adaptive cycles: ${max_cycles} → ${updated_limit} (convergence signal)"
+                max_cycles="$updated_limit"
+            fi
+        fi
+
         # Not all passed — rebuild if we have cycles left
         if [[ "$cycle" -lt "$max_cycles" ]]; then
             warn "Quality checks failed — rebuilding with feedback (cycle $((cycle + 1))/${max_cycles})"
@@ -4792,8 +6579,146 @@ All quality checks clean:
         fi
     done
 
-    # Exhausted all cycles
-    error "Compound quality exhausted after ${max_cycles} cycles"
+    # ── Quality Score Computation ──
+    # Starting score: 100, deductions based on findings
+    local quality_score=100
+
+    # Count findings from artifact files
+    if [[ -f "$ARTIFACTS_DIR/security-source-scan.json" ]]; then
+        local _sec_critical
+        _sec_critical=$(jq '[.[] | select(.severity == "critical")] | length' "$ARTIFACTS_DIR/security-source-scan.json" 2>/dev/null || echo "0")
+        local _sec_major
+        _sec_major=$(jq '[.[] | select(.severity == "major")] | length' "$ARTIFACTS_DIR/security-source-scan.json" 2>/dev/null || echo "0")
+        total_critical=$((total_critical + ${_sec_critical:-0}))
+        total_major=$((total_major + ${_sec_major:-0}))
+    fi
+    if [[ -f "$ARTIFACTS_DIR/adversarial-review.json" ]]; then
+        local _adv_crit
+        _adv_crit=$(jq '[.[] | select(.severity == "critical")] | length' "$ARTIFACTS_DIR/adversarial-review.json" 2>/dev/null || echo "0")
+        local _adv_major
+        _adv_major=$(jq '[.[] | select(.severity == "high" or .severity == "major")] | length' "$ARTIFACTS_DIR/adversarial-review.json" 2>/dev/null || echo "0")
+        local _adv_minor
+        _adv_minor=$(jq '[.[] | select(.severity == "low" or .severity == "minor")] | length' "$ARTIFACTS_DIR/adversarial-review.json" 2>/dev/null || echo "0")
+        total_critical=$((total_critical + ${_adv_crit:-0}))
+        total_major=$((total_major + ${_adv_major:-0}))
+        total_minor=$((total_minor + ${_adv_minor:-0}))
+    fi
+    if [[ -f "$ARTIFACTS_DIR/compound-architecture-validation.json" ]]; then
+        local _arch_crit
+        _arch_crit=$(jq '[.[] | select(.severity == "critical")] | length' "$ARTIFACTS_DIR/compound-architecture-validation.json" 2>/dev/null || echo "0")
+        local _arch_major
+        _arch_major=$(jq '[.[] | select(.severity == "high" or .severity == "major")] | length' "$ARTIFACTS_DIR/compound-architecture-validation.json" 2>/dev/null || echo "0")
+        total_major=$((total_major + ${_arch_crit:-0} + ${_arch_major:-0}))
+    fi
+
+    # Apply deductions
+    quality_score=$((quality_score - (total_critical * 20) - (total_major * 10) - (total_minor * 2)))
+    [[ "$quality_score" -lt 0 ]] && quality_score=0
+
+    # DoD verification
+    local _dod_pass_rate=0
+    if type pipeline_verify_dod &>/dev/null 2>&1; then
+        pipeline_verify_dod "$ARTIFACTS_DIR" 2>/dev/null || true
+        if [[ -f "$ARTIFACTS_DIR/dod-verification.json" ]]; then
+            _dod_pass_rate=$(jq -r '.pass_rate // 0' "$ARTIFACTS_DIR/dod-verification.json" 2>/dev/null || echo "0")
+        fi
+    fi
+
+    # Record quality score
+    pipeline_record_quality_score "$quality_score" "$total_critical" "$total_major" "$total_minor" "$_dod_pass_rate" "$audits_run_list" 2>/dev/null || true
+
+    # ── Quality Gate (HARDENED) ──
+    local compound_quality_blocking
+    compound_quality_blocking=$(jq -r --arg id "compound_quality" \
+        '(.stages[] | select(.id == $id) | .config.compound_quality_blocking) // true' \
+        "$PIPELINE_CONFIG" 2>/dev/null) || true
+    [[ -z "$compound_quality_blocking" || "$compound_quality_blocking" == "null" ]] && compound_quality_blocking="true"
+
+    # HARDENED THRESHOLD: quality_score must be >= 60 to pass
+    # In strict mode, higher requirements apply per the hardened checks above
+    local min_threshold=60
+    if [[ "$strict_quality" == "true" ]]; then
+        # Strict mode: require score >= 70 and ZERO critical issues
+        if [[ "$total_critical" -gt 0 ]]; then
+            error "STRICT QUALITY: ${total_critical} critical issue(s) found — BLOCKING (strict mode)"
+            emit_event "pipeline.quality_gate_failed_strict" \
+                "issue=${ISSUE_NUMBER:-0}" \
+                "reason=critical_issues" \
+                "critical=$total_critical"
+            log_stage "compound_quality" "Quality gate failed (strict mode): critical issues"
+            return 1
+        fi
+        min_threshold=70
+    fi
+
+    # Hard floor: score must be >= 40, regardless of other settings
+    if [[ "$quality_score" -lt 40 ]]; then
+        error "HARDENED GATE: Quality score ${quality_score}/100 below hard floor (40) — BLOCKING"
+        emit_event "quality.hard_floor_failed" \
+            "issue=${ISSUE_NUMBER:-0}" \
+            "quality_score=$quality_score"
+        log_stage "compound_quality" "Quality gate failed: score below hard floor (40)"
+        return 1
+    fi
+
+    if [[ "$quality_score" -lt "$min_threshold" && "$compound_quality_blocking" == "true" ]]; then
+        emit_event "pipeline.quality_gate_failed" \
+            "issue=${ISSUE_NUMBER:-0}" \
+            "quality_score=$quality_score" \
+            "threshold=$min_threshold" \
+            "critical=$total_critical" \
+            "major=$total_major"
+
+        error "Quality gate FAILED: score ${quality_score}/100 (threshold: ${min_threshold}/100, critical: ${total_critical}, major: ${total_major}, minor: ${total_minor})"
+
+        if [[ -n "$ISSUE_NUMBER" ]]; then
+            gh_comment_issue "$ISSUE_NUMBER" "❌ **Quality gate failed** — score ${quality_score}/${min_threshold}
+
+| Finding Type | Count | Deduction |
+|---|---|---|
+| Critical | ${total_critical} | -$((total_critical * 20)) |
+| Major | ${total_major} | -$((total_major * 10)) |
+| Minor | ${total_minor} | -$((total_minor * 2)) |
+
+DoD pass rate: ${_dod_pass_rate}%
+Quality issues remain after ${max_cycles} cycles. Check artifacts for details." 2>/dev/null || true
+        fi
+
+        log_stage "compound_quality" "Quality gate failed: ${quality_score}/${min_threshold} after ${max_cycles} cycles"
+        return 1
+    fi
+
+    # Exhausted all cycles but quality score is at or above threshold
+    if [[ "$quality_score" -ge "$min_threshold" ]]; then
+        if [[ "$quality_score" -eq 100 ]]; then
+            success "Compound quality PERFECT: 100/100"
+        elif [[ "$quality_score" -ge 80 ]]; then
+            success "Compound quality EXCELLENT: ${quality_score}/100"
+        elif [[ "$quality_score" -ge 70 ]]; then
+            success "Compound quality GOOD: ${quality_score}/100"
+        else
+            warn "Compound quality ACCEPTABLE: ${quality_score}/${min_threshold} after ${max_cycles} cycles"
+        fi
+
+        if [[ -n "$ISSUE_NUMBER" ]]; then
+            local quality_emoji="✅"
+            [[ "$quality_score" -lt 70 ]] && quality_emoji="⚠️"
+            gh_comment_issue "$ISSUE_NUMBER" "${quality_emoji} **Compound quality passed** — score ${quality_score}/${min_threshold} after ${max_cycles} cycles
+
+| Finding Type | Count |
+|---|---|
+| Critical | ${total_critical} |
+| Major | ${total_major} |
+| Minor | ${total_minor} |
+
+DoD pass rate: ${_dod_pass_rate}%" 2>/dev/null || true
+        fi
+
+        log_stage "compound_quality" "Passed with score ${quality_score}/${min_threshold} after ${max_cycles} cycles"
+        return 0
+    fi
+
+    error "Compound quality exhausted after ${max_cycles} cycles with insufficient score"
 
     if [[ -n "$ISSUE_NUMBER" ]]; then
         gh_comment_issue "$ISSUE_NUMBER" "❌ **Compound quality failed** after ${max_cycles} cycles
@@ -4982,8 +6907,25 @@ self_healing_build_test() {
     local prev_error_sig="" consecutive_same_error=0
     local prev_fail_count=0 zero_convergence_streak=0
 
-    # Intelligence: adaptive iteration limit
-    if type composer_estimate_iterations &>/dev/null 2>&1; then
+    # Vitals-driven adaptive limit (preferred over static BUILD_TEST_RETRIES)
+    if type pipeline_adaptive_limit &>/dev/null 2>&1; then
+        local _vitals_json=""
+        if type pipeline_compute_vitals &>/dev/null 2>&1; then
+            _vitals_json=$(pipeline_compute_vitals "$STATE_FILE" "$ARTIFACTS_DIR" "${ISSUE_NUMBER:-}" 2>/dev/null) || true
+        fi
+        local vitals_limit
+        vitals_limit=$(pipeline_adaptive_limit "build_test" "$_vitals_json" 2>/dev/null) || true
+        if [[ -n "$vitals_limit" && "$vitals_limit" =~ ^[0-9]+$ && "$vitals_limit" -gt 0 ]]; then
+            info "Vitals-driven build-test limit: ${max_cycles} → ${vitals_limit}"
+            max_cycles="$vitals_limit"
+            emit_event "vitals.adaptive_limit" \
+                "issue=${ISSUE_NUMBER:-0}" \
+                "context=build_test" \
+                "original=$BUILD_TEST_RETRIES" \
+                "vitals_limit=$vitals_limit"
+        fi
+    # Fallback: intelligence-based adaptive limits
+    elif type composer_estimate_iterations &>/dev/null 2>&1; then
         local estimated
         estimated=$(composer_estimate_iterations \
             "${INTELLIGENCE_ANALYSIS:-{}}" \
@@ -4997,6 +6939,19 @@ self_healing_build_test() {
         fi
     fi
 
+    # Fallback: adaptive cycle limits from optimization data
+    if [[ "$max_cycles" == "$BUILD_TEST_RETRIES" ]]; then
+        local _iter_model="${HOME}/.shipwright/optimization/iteration-model.json"
+        if [[ -f "$_iter_model" ]]; then
+            local adaptive_bt_limit
+            adaptive_bt_limit=$(pipeline_adaptive_cycles "$max_cycles" "build_test" "0" "-1" 2>/dev/null) || true
+            if [[ -n "$adaptive_bt_limit" && "$adaptive_bt_limit" =~ ^[0-9]+$ && "$adaptive_bt_limit" -gt 0 && "$adaptive_bt_limit" != "$max_cycles" ]]; then
+                info "Adaptive build-test cycles: ${max_cycles} → ${adaptive_bt_limit}"
+                max_cycles="$adaptive_bt_limit"
+            fi
+        fi
+    fi
+
     while [[ "$cycle" -le "$max_cycles" ]]; do
         cycle=$((cycle + 1))
 
@@ -5022,11 +6977,27 @@ self_healing_build_test() {
 
         # Inject error context on retry cycles
         if [[ "$cycle" -gt 1 && -n "$last_test_error" ]]; then
+            # Query memory for known fixes
+            local _memory_fix=""
+            if type memory_closed_loop_inject &>/dev/null 2>&1; then
+                local _error_sig_short
+                _error_sig_short=$(echo "$last_test_error" | head -3 || echo "")
+                _memory_fix=$(memory_closed_loop_inject "$_error_sig_short" 2>/dev/null) || true
+            fi
+
+            local memory_prefix=""
+            if [[ -n "$_memory_fix" ]]; then
+                info "Memory suggests fix: $(echo "$_memory_fix" | head -1)"
+                memory_prefix="KNOWN FIX (from past success): ${_memory_fix}
+
+"
+            fi
+
             # Temporarily augment the goal with error context
             local original_goal="$GOAL"
             GOAL="$GOAL
 
-IMPORTANT — Previous build attempt failed tests. Fix these errors:
+${memory_prefix}IMPORTANT — Previous build attempt failed tests. Fix these errors:
 $last_test_error
 
 Focus on fixing the failing tests while keeping all passing tests working."
@@ -5039,6 +7010,16 @@ Focus on fixing the failing tests while keeping all passing tests working."
                 local timing
                 timing=$(get_stage_timing "build")
                 success "Stage ${BOLD}build${RESET} complete ${DIM}(${timing})${RESET}"
+                if type pipeline_emit_progress_snapshot &>/dev/null 2>&1 && [[ -n "${ISSUE_NUMBER:-}" ]]; then
+                    local _diff_count
+                    _diff_count=$(git diff --stat HEAD~1 2>/dev/null | tail -1 | grep -oE '[0-9]+' | head -1) || true
+                    local _snap_files _snap_error
+                    _snap_files=$(git diff --stat HEAD~1 2>/dev/null | tail -1 | grep -oE '[0-9]+' | head -1 || true)
+                    _snap_files="${_snap_files:-0}"
+                    _snap_error=$(tail -1 "$ARTIFACTS_DIR/error-log.jsonl" 2>/dev/null | jq -r '.error // ""' 2>/dev/null || true)
+                    _snap_error="${_snap_error:-}"
+                    pipeline_emit_progress_snapshot "${ISSUE_NUMBER}" "${CURRENT_STAGE_ID:-build}" "${cycle:-0}" "${_diff_count:-0}" "${_snap_files}" "${_snap_error}" 2>/dev/null || true
+                fi
             else
                 mark_stage_failed "build"
                 GOAL="$original_goal"
@@ -5054,6 +7035,16 @@ Focus on fixing the failing tests while keeping all passing tests working."
                 local timing
                 timing=$(get_stage_timing "build")
                 success "Stage ${BOLD}build${RESET} complete ${DIM}(${timing})${RESET}"
+                if type pipeline_emit_progress_snapshot &>/dev/null 2>&1 && [[ -n "${ISSUE_NUMBER:-}" ]]; then
+                    local _diff_count
+                    _diff_count=$(git diff --stat HEAD~1 2>/dev/null | tail -1 | grep -oE '[0-9]+' | head -1) || true
+                    local _snap_files _snap_error
+                    _snap_files=$(git diff --stat HEAD~1 2>/dev/null | tail -1 | grep -oE '[0-9]+' | head -1 || true)
+                    _snap_files="${_snap_files:-0}"
+                    _snap_error=$(tail -1 "$ARTIFACTS_DIR/error-log.jsonl" 2>/dev/null | jq -r '.error // ""' 2>/dev/null || true)
+                    _snap_error="${_snap_error:-}"
+                    pipeline_emit_progress_snapshot "${ISSUE_NUMBER}" "${CURRENT_STAGE_ID:-build}" "${cycle:-0}" "${_diff_count:-0}" "${_snap_files}" "${_snap_error}" 2>/dev/null || true
+                fi
             else
                 mark_stage_failed "build"
                 return 1
@@ -5075,6 +7066,16 @@ Focus on fixing the failing tests while keeping all passing tests working."
             emit_event "convergence.tests_passed" \
                 "issue=${ISSUE_NUMBER:-0}" \
                 "cycle=$cycle"
+            if type pipeline_emit_progress_snapshot &>/dev/null 2>&1 && [[ -n "${ISSUE_NUMBER:-}" ]]; then
+                local _diff_count
+                _diff_count=$(git diff --stat HEAD~1 2>/dev/null | tail -1 | grep -oE '[0-9]+' | head -1) || true
+                local _snap_files _snap_error
+                _snap_files=$(git diff --stat HEAD~1 2>/dev/null | tail -1 | grep -oE '[0-9]+' | head -1 || true)
+                _snap_files="${_snap_files:-0}"
+                _snap_error=$(tail -1 "$ARTIFACTS_DIR/error-log.jsonl" 2>/dev/null | jq -r '.error // ""' 2>/dev/null || true)
+                _snap_error="${_snap_error:-}"
+                pipeline_emit_progress_snapshot "${ISSUE_NUMBER}" "${CURRENT_STAGE_ID:-test}" "${cycle:-0}" "${_diff_count:-0}" "${_snap_files}" "${_snap_error}" 2>/dev/null || true
+            fi
             return 0  # Tests passed!
         fi
 
@@ -5243,6 +7244,16 @@ run_pipeline() {
             continue
         fi
 
+        # Intelligence: evaluate whether to skip this stage
+        local skip_reason=""
+        skip_reason=$(pipeline_should_skip_stage "$id" 2>/dev/null) || true
+        if [[ -n "$skip_reason" ]]; then
+            echo -e "  ${DIM}○ ${id} — skipped (intelligence: ${skip_reason})${RESET}"
+            set_stage_status "$id" "complete"
+            completed=$((completed + 1))
+            continue
+        fi
+
         local stage_status
         stage_status=$(get_stage_status "$id")
         if [[ "$stage_status" == "complete" ]]; then
@@ -5253,11 +7264,17 @@ run_pipeline() {
 
         # CI resume: skip stages marked as completed from previous run
         if [[ -n "${COMPLETED_STAGES:-}" ]] && echo "$COMPLETED_STAGES" | tr ',' '\n' | grep -qx "$id"; then
-            echo -e "  ${GREEN}✓ ${id}${RESET} ${DIM}— skipped (CI resume)${RESET}"
-            set_stage_status "$id" "complete"
-            completed=$((completed + 1))
-            emit_event "stage.skipped" "issue=${ISSUE_NUMBER:-0}" "stage=$id" "reason=ci_resume"
-            continue
+            # Verify artifacts survived the merge — regenerate if missing
+            if verify_stage_artifacts "$id"; then
+                echo -e "  ${GREEN}✓ ${id}${RESET} ${DIM}— skipped (CI resume)${RESET}"
+                set_stage_status "$id" "complete"
+                completed=$((completed + 1))
+                emit_event "stage.skipped" "issue=${ISSUE_NUMBER:-0}" "stage=$id" "reason=ci_resume"
+                continue
+            else
+                warn "Stage $id marked complete but artifacts missing — regenerating"
+                emit_event "stage.artifact_miss" "issue=${ISSUE_NUMBER:-0}" "stage=$id"
+            fi
         fi
 
         # Self-healing build→test loop: when we hit build, run both together
@@ -5278,6 +7295,13 @@ run_pipeline() {
 
             if self_healing_build_test; then
                 completed=$((completed + 2))  # Both build and test
+
+                # Intelligence: reassess complexity after build+test
+                local reassessment
+                reassessment=$(pipeline_reassess_complexity 2>/dev/null) || true
+                if [[ -n "$reassessment" && "$reassessment" != "as_expected" ]]; then
+                    info "Complexity reassessment: ${reassessment}"
+                fi
             else
                 update_status "failed" "test"
                 error "Pipeline failed: build→test self-healing exhausted"
@@ -5418,6 +7442,8 @@ run_pipeline() {
             emit_event "stage.failed" "issue=${ISSUE_NUMBER:-0}" "stage=$id" "duration_s=$stage_dur_s"
             # Log model used for prediction feedback
             echo "${id}|${stage_model_used}|false" >> "${ARTIFACTS_DIR}/model-routing.log"
+            # Cancel any remaining in_progress check runs
+            pipeline_cancel_check_runs 2>/dev/null || true
             return 1
         fi
     done 3<<< "$stages"
@@ -5456,6 +7482,81 @@ run_pipeline() {
         body=$(gh_build_progress_body)
         gh_update_progress "$body"
     fi
+
+    # Post-completion cleanup
+    pipeline_post_completion_cleanup
+}
+
+# ─── Post-Completion Cleanup ──────────────────────────────────────────────
+# Cleans up transient artifacts after a successful pipeline run.
+
+pipeline_post_completion_cleanup() {
+    local cleaned=0
+
+    # 1. Clear checkpoints (they only matter for resume; pipeline is done)
+    if [[ -d "${ARTIFACTS_DIR}/checkpoints" ]]; then
+        local cp_count=0
+        local cp_file
+        for cp_file in "${ARTIFACTS_DIR}/checkpoints"/*-checkpoint.json; do
+            [[ -f "$cp_file" ]] || continue
+            rm -f "$cp_file"
+            cp_count=$((cp_count + 1))
+        done
+        if [[ "$cp_count" -gt 0 ]]; then
+            cleaned=$((cleaned + cp_count))
+        fi
+    fi
+
+    # 2. Clear per-run intelligence artifacts (not needed after completion)
+    local intel_files=(
+        "${ARTIFACTS_DIR}/classified-findings.json"
+        "${ARTIFACTS_DIR}/reassessment.json"
+        "${ARTIFACTS_DIR}/skip-stage.txt"
+        "${ARTIFACTS_DIR}/human-message.txt"
+    )
+    local f
+    for f in "${intel_files[@]}"; do
+        if [[ -f "$f" ]]; then
+            rm -f "$f"
+            cleaned=$((cleaned + 1))
+        fi
+    done
+
+    # 3. Clear stale pipeline state (mark as idle so next run starts clean)
+    if [[ -f "$STATE_FILE" ]]; then
+        # Reset status to idle (preserves the file for reference but unblocks new runs)
+        local tmp_state
+        tmp_state=$(mktemp)
+        sed 's/^status: .*/status: idle/' "$STATE_FILE" > "$tmp_state" 2>/dev/null || true
+        mv "$tmp_state" "$STATE_FILE"
+    fi
+
+    if [[ "$cleaned" -gt 0 ]]; then
+        emit_event "pipeline.cleanup" \
+            "issue=${ISSUE_NUMBER:-0}" \
+            "cleaned=$cleaned" \
+            "type=post_completion"
+    fi
+}
+
+# Cancel any lingering in_progress GitHub Check Runs (called on abort/interrupt)
+pipeline_cancel_check_runs() {
+    if [[ "${NO_GITHUB:-false}" == "true" ]]; then
+        return
+    fi
+
+    if ! type gh_checks_stage_update &>/dev/null 2>&1; then
+        return
+    fi
+
+    local ids_file="${ARTIFACTS_DIR:-/dev/null}/check-run-ids.json"
+    [[ -f "$ids_file" ]] || return
+
+    local stage
+    while IFS= read -r stage; do
+        [[ -z "$stage" ]] && continue
+        gh_checks_stage_update "$stage" "completed" "cancelled" "Pipeline interrupted" 2>/dev/null || true
+    done < <(jq -r 'keys[]' "$ids_file" 2>/dev/null || true)
 }
 
 # ─── Worktree Isolation ───────────────────────────────────────────────────
@@ -5517,6 +7618,172 @@ pipeline_cleanup_worktree() {
     fi
 }
 
+# ─── Dry Run Mode ───────────────────────────────────────────────────────────
+# Shows what would happen without executing
+run_dry_run() {
+    echo ""
+    echo -e "${BLUE}${BOLD}━━━ Dry Run: Pipeline Validation ━━━${RESET}"
+    echo ""
+
+    # Validate pipeline config
+    if [[ ! -f "$PIPELINE_CONFIG" ]]; then
+        error "Pipeline config not found: $PIPELINE_CONFIG"
+        return 1
+    fi
+
+    # Validate JSON structure
+    local validate_json
+    validate_json=$(jq . "$PIPELINE_CONFIG" 2>/dev/null) || {
+        error "Pipeline config is not valid JSON: $PIPELINE_CONFIG"
+        return 1
+    }
+
+    # Extract pipeline metadata
+    local pipeline_name stages_count enabled_stages gated_stages
+    pipeline_name=$(jq -r '.name // "unknown"' "$PIPELINE_CONFIG")
+    stages_count=$(jq '.stages | length' "$PIPELINE_CONFIG")
+    enabled_stages=$(jq '[.stages[] | select(.enabled == true)] | length' "$PIPELINE_CONFIG")
+    gated_stages=$(jq '[.stages[] | select(.enabled == true and .gate == "approve")] | length' "$PIPELINE_CONFIG")
+
+    # Build model (per-stage override or default)
+    local default_model stage_model
+    default_model=$(jq -r '.defaults.model // "opus"' "$PIPELINE_CONFIG")
+    stage_model="$MODEL"
+    [[ -z "$stage_model" ]] && stage_model="$default_model"
+
+    echo -e "  ${BOLD}Pipeline:${RESET}       $pipeline_name"
+    echo -e "  ${BOLD}Stages:${RESET}         $enabled_stages enabled of $stages_count total"
+    if [[ "$SKIP_GATES" == "true" ]]; then
+        echo -e "  ${BOLD}Gates:${RESET}         ${YELLOW}all auto (--skip-gates)${RESET}"
+    else
+        echo -e "  ${BOLD}Gates:${RESET}         $gated_stages approval gate(s)"
+    fi
+    echo -e "  ${BOLD}Model:${RESET}         $stage_model"
+    echo ""
+
+    # Table header
+    echo -e "${CYAN}${BOLD}Stage         Enabled  Gate     Model${RESET}"
+    echo -e "${CYAN}────────────────────────────────────────${RESET}"
+
+    # List all stages
+    while IFS= read -r stage_json; do
+        local stage_id stage_enabled stage_gate stage_config_model stage_model_display
+        stage_id=$(echo "$stage_json" | jq -r '.id')
+        stage_enabled=$(echo "$stage_json" | jq -r '.enabled')
+        stage_gate=$(echo "$stage_json" | jq -r '.gate')
+
+        # Determine stage model (config override or default)
+        stage_config_model=$(echo "$stage_json" | jq -r '.config.model // ""')
+        if [[ -n "$stage_config_model" && "$stage_config_model" != "null" ]]; then
+            stage_model_display="$stage_config_model"
+        else
+            stage_model_display="$default_model"
+        fi
+
+        # Format enabled
+        local enabled_str
+        if [[ "$stage_enabled" == "true" ]]; then
+            enabled_str="${GREEN}yes${RESET}"
+        else
+            enabled_str="${DIM}no${RESET}"
+        fi
+
+        # Format gate
+        local gate_str
+        if [[ "$stage_enabled" == "true" ]]; then
+            if [[ "$stage_gate" == "approve" ]]; then
+                gate_str="${YELLOW}approve${RESET}"
+            else
+                gate_str="${GREEN}auto${RESET}"
+            fi
+        else
+            gate_str="${DIM}—${RESET}"
+        fi
+
+        printf "%-15s %s  %s  %s\n" "$stage_id" "$enabled_str" "$gate_str" "$stage_model_display"
+    done < <(jq -c '.stages[]' "$PIPELINE_CONFIG")
+
+    echo ""
+
+    # Validate required tools
+    echo -e "${BLUE}${BOLD}━━━ Tool Validation ━━━${RESET}"
+    echo ""
+
+    local tool_errors=0
+    local required_tools=("git" "jq")
+    local optional_tools=("gh" "claude" "bc")
+
+    for tool in "${required_tools[@]}"; do
+        if command -v "$tool" &>/dev/null; then
+            echo -e "  ${GREEN}✓${RESET} $tool"
+        else
+            echo -e "  ${RED}✗${RESET} $tool ${RED}(required)${RESET}"
+            tool_errors=$((tool_errors + 1))
+        fi
+    done
+
+    for tool in "${optional_tools[@]}"; do
+        if command -v "$tool" &>/dev/null; then
+            echo -e "  ${GREEN}✓${RESET} $tool"
+        else
+            echo -e "  ${DIM}○${RESET} $tool"
+        fi
+    done
+
+    echo ""
+
+    # Cost estimation (rough approximation)
+    echo -e "${BLUE}${BOLD}━━━ Estimated Resource Usage ━━━${RESET}"
+    echo ""
+
+    # Very rough cost estimation: ~2000 input tokens per stage, ~3000 output tokens
+    # Adjust based on pipeline complexity
+    local input_tokens_estimate output_tokens_estimate
+    input_tokens_estimate=$(( enabled_stages * 2000 ))
+    output_tokens_estimate=$(( enabled_stages * 3000 ))
+
+    # Calculate cost based on selected model
+    local input_rate output_rate input_cost output_cost total_cost
+    input_rate=$(echo "$COST_MODEL_RATES" | jq -r ".${stage_model}.input // 3" 2>/dev/null || echo "3")
+    output_rate=$(echo "$COST_MODEL_RATES" | jq -r ".${stage_model}.output // 15" 2>/dev/null || echo "15")
+
+    # Cost calculation: tokens per million * rate
+    input_cost=$(awk -v tokens="$input_tokens_estimate" -v rate="$input_rate" 'BEGIN{printf "%.4f", (tokens / 1000000) * rate}')
+    output_cost=$(awk -v tokens="$output_tokens_estimate" -v rate="$output_rate" 'BEGIN{printf "%.4f", (tokens / 1000000) * rate}')
+    total_cost=$(awk -v i="$input_cost" -v o="$output_cost" 'BEGIN{printf "%.4f", i + o}')
+
+    echo -e "  ${BOLD}Estimated Input Tokens:${RESET}  ~$input_tokens_estimate"
+    echo -e "  ${BOLD}Estimated Output Tokens:${RESET} ~$output_tokens_estimate"
+    echo -e "  ${BOLD}Model Cost Rate:${RESET}        $stage_model"
+    echo -e "  ${BOLD}Estimated Cost:${RESET}         \$$total_cost USD (rough estimate)"
+    echo ""
+
+    # Validate composed pipeline if intelligence is enabled
+    if [[ -f "$ARTIFACTS_DIR/composed-pipeline.json" ]] && type composer_validate_pipeline &>/dev/null; then
+        echo -e "${BLUE}${BOLD}━━━ Intelligence-Composed Pipeline ━━━${RESET}"
+        echo ""
+
+        if composer_validate_pipeline "$(cat "$ARTIFACTS_DIR/composed-pipeline.json" 2>/dev/null || echo "")" 2>/dev/null; then
+            echo -e "  ${GREEN}✓${RESET} Composed pipeline is valid"
+        else
+            echo -e "  ${YELLOW}⚠${RESET} Composed pipeline validation failed (will use template defaults)"
+        fi
+        echo ""
+    fi
+
+    # Final validation result
+    if [[ "$tool_errors" -gt 0 ]]; then
+        error "Dry run validation failed: $tool_errors required tool(s) missing"
+        return 1
+    fi
+
+    success "Dry run validation passed"
+    echo ""
+    echo -e "  To execute this pipeline: ${DIM}remove --dry-run flag${RESET}"
+    echo ""
+    return 0
+}
+
 # ─── Subcommands ────────────────────────────────────────────────────────────
 
 pipeline_start() {
@@ -5634,8 +7901,8 @@ pipeline_start() {
     echo ""
 
     if [[ "$DRY_RUN" == "true" ]]; then
-        info "Dry run — no stages will execute"
-        return 0
+        run_dry_run
+        return $?
     fi
 
     # Start background heartbeat writer
@@ -5744,6 +8011,10 @@ pipeline_start() {
         optimize_analyze_outcome "$STATE_FILE" 2>/dev/null || true
     fi
 
+    if type memory_finalize_pipeline &>/dev/null 2>&1; then
+        memory_finalize_pipeline "$STATE_FILE" "$ARTIFACTS_DIR" 2>/dev/null || true
+    fi
+
     # Emit cost event
     local model_key="${MODEL:-sonnet}"
     local input_cost output_cost total_cost