shipwright-cli 3.2.0 → 3.3.0

package/docs/research/RESEARCH_SUMMARY.txt

@@ -0,0 +1,275 @@
+================================================================================
+AUTONOMOUS CODING SYSTEMS: CUTTING EDGE RESEARCH SUMMARY (APRIL 2026)
+================================================================================
+
+RESEARCH CONDUCTED:
+- 50+ web searches across 8 major research areas
+- 25+ arXiv papers and conference proceedings (NeurIPS 2024, POPL 2026, ICLR 2026)
+- 15+ GitHub repositories (SWE-agent, DeepSeek-R1, Claude, Aider)
+- 10+ industry reports (BCG Platinion, Anthropic, Meta, Google, OpenAI)
+- 5+ competitive benchmarks (SWE-bench, Codeforces, AIME)
+
+RESEARCH AREAS COVERED:
+1. Autonomous Loop Patterns & Convergence Detection
+2. Dark Factory / Lights-Out Delivery
+3. Reinforcement Learning for Code Generation
+4. Long-Context Agent Memory & Episodic Traces
+5. Formal Verification & Specification-Driven Pipeline
+6. Test Generation with Mutation Testing
+7. Cost-Optimized Model Routing & Cascading
+8. Self-Healing CI/CD & AIOps
+9. Multi-Agent Orchestration & Coordination
+10. Reasoning-First Code Generation (Extended/Adaptive Thinking)
+
+================================================================================
+KEY FINDINGS
+================================================================================
+
+DARK FACTORY ERA (SOTA):
+- BCG Platinion: 3-5 engineers running fully autonomous factories
+- Spotify: 650+ AI-generated PRs/month, 90% faster migrations
+- OpenAI: 1M-line product in 5 months with 3 engineers, no manual code
+- Two critical disciplines: (1) Harness Engineering, (2) Intent Thinking
+
+REASONING MODELS (FRONTIERS):
+- OpenAI o1-pro: 200K context, 100K output tokens, $150/$600 pricing
+  • 86% on AIME (vs 78% o1), 89th percentile Codeforces
+- DeepSeek-R1: Pure RL, 2,029 Codeforces Elo (Candidate Master)
+  • 671B capacity @ 37B inference cost via Mixture of Experts
+- Claude Opus 4.6: Adaptive thinking (replaces extended thinking)
+  • Dynamically allocates reasoning budget by task difficulty
+
+MULTI-AGENT STATE (2026):
+- 40% of enterprise apps will have agentic AI (up from <5% in 2025)
+- Standard 3-role pattern: Planner, Worker, Judge
+- Git worktrees → standard isolation mechanism
+- Google DORA 2025: 20-30% faster workflows, but 9% bug rate climb
+
+REINFORCEMENT LEARNING ADVANCES:
+- Meta ACH: 9,095 mutants + 571 tests on 10,795 Android classes
+- FunPRM: Functions as PRM steps → 15-20% better completion
+- SecCoderX: Vulnerability reward model + secure code RL
+- Policy learning converging on PPO + preference data → reward → optimization
+
+MEMORY SYSTEMS (2026):
+- Mem0: Mature hybrid storage (Postgres episodic + semantic)
+- EM-LLM: Bayesian surprise + graph refinement for event segmentation
+- Active compression: Consolidate 10 episodes → semantic facts
+- Multi-layer: Episodic (events), Semantic (facts), Working (context)
+
+COST OPTIMIZATION:
+- Google Speculative Cascades: 30-60% cost reduction via cascade routing
+- Open-source cascading: 92% cost savings on benchmarks
+- Unified routing + cascading: Theoretically optimal framework
+- Haiku-first, escalate to Sonnet → Opus only on failure
+
+SELF-HEALING CI/CD:
+- Agentic SRE: Telemetry → reasoning → controlled automation (closed loop)
+- 60% enterprise adoption of self-healing infrastructure (Gartner 2026)
+- Pipeline Doctor pattern: Repair agent reads logs, commits fixes
+- 67% MTTR drop with AIOps; 40-60% in high-performing orgs
+
+BENCHMARKS & COMPETITIVE POSITION:
+- SWE-bench Verified: DEPRECATED (training contamination discovered)
+- SWE-bench Pro: 1,865 tasks across 41 repos (NEW STANDARD)
+- Claude Code: 80.9% on SWE-bench (highest reported)
+- Aider: 49.2% SWE-Verified, 4.2x fewer tokens than Claude Code
+- Cline: 500K+ downloads; VS Code integration; multi-model support
+
+================================================================================
+SHIPWRIGHT COMPETITIVE ANALYSIS
+================================================================================
+
+SHIPWRIGHT STRENGTHS (DIFFERENTIATED):
+✓ RL Architecture (multi-signal rewards, bandit selection, policy learning)
+✓ 12-Stage Pipeline with quality gates + evidence capture
+✓ Multi-Agent Fleet (5+ specialized agents, worktree isolation)
+✓ Cost Intelligence (budget tracking, model routing, DORA metrics)
+✓ Memory System (cross-session learning, failure patterns)
+✓ CI Integration (GitHub Actions, Checks API, Deployments API)
+✓ Daemon + Auto-Scaling (worker pool, load balancing)
+✓ 121+ Test Suites (80% script coverage)
+
+SHIPWRIGHT GAPS (vs SOTA):
+✗ Loop convergence detection (heuristic, not formal regime analysis)
+✗ Intent Specification Engine (no intent → outcome transformation)
+✗ Vulnerability-aware RL (security signals not in reward model)
+✗ Episodic memory (pattern-based, not execution-trace-based)
+✗ Formal verification (tests only, no Dafny/Lean integration)
+✗ Mutation testing feedback (no mutant generation/killing loops)
+✗ Speculative cascading (fixed model routing, no escalation)
+✗ CI repair agent (no automated flaky test fixes)
+✗ Explicit conflict resolution (no file-level locks, DAG scheduling)
+✗ Active memory compression (unbounded context growth)
+
+POSITIONING:
+- SWE-agent: Single-agent, custom ACI, best repository navigation
+- Claude Code: Highest SWE-bench score (80.9%), but single-threaded
+- Aider: Most cost-efficient (4.2x fewer tokens), git-native
+- GitHub Copilot Agent: Closing dark factory gap via Project Padawan
+- Shipwright: Unique as PLATFORM for multi-agent factories + RL optimization
+
+================================================================================
+20-ITEM BACKLOG: RANKED BY IMPACT/EFFORT RATIO
+================================================================================
+
+TIER 1 (EXCEPTIONAL ROI - IMPLEMENT IMMEDIATELY):
+
+#1  [Medium effort] Semantic trajectory analysis + convergence detection
+    → 25-40% iteration waste reduction; early exit on stuck loops
+    Impact: Foundational for cost optimization
+
+#2  [High effort] Intent Specification Engine (business → outcomes)
+    → 40-60% design time reduction; enables 3-5 person factories
+    Impact: Strategic, SOTA dark factory capability
+
+#3  [Medium effort] Vulnerability Reward Model + online RL hardening
+    → 30-40% security issue reduction; compliance-ready
+    Impact: Security-hardened autonomous pipelines
+
+#5  [Medium effort] Speculative Cascade Model Routing (Haiku → Sonnet → Opus)
+    → 40-60% cost reduction on median tasks; same quality on hard
+    Impact: Immediate cost leverage; proven by Google
+
+TIER 2 (HIGH ROI - NEXT PHASE):
+
+#4  [High effort] Episodic Memory Layer (execution traces + case-based reasoning)
+    → 20-35% faster solutions via episode analogy
+    Impact: Unlocks long-horizon learning; self-improvement loop
+
+#6  [Medium effort] Mutation Testing Feedback Loop (validate test quality)
+    → 30-40% better test effectiveness; catches subtle bugs
+    Impact: Quality improvement via mutation score feedback
+
+#7  [High effort] CI Repair Agent (automatic fix for flaky tests, timeouts)
+    → 50% fewer retries; faster merge times
+    Impact: Self-healing + resilience
+
+#8  [Medium effort] LLM-as-a-Judge validation stage (secondary reviewer)
+    → 10-15% fewer merge regressions
+    Impact: Quality gate beyond rule-based checks
+
+TIER 3 (MEDIUM ROI - LONGER TERM):
+
+#9  [Medium effort] Explicit File Conflict Detection + DAG Scheduling
+    → Prevents merge failures; enables parallelism
+    Impact: Prevents silent errors in multi-agent workflows
+
+#10 [Medium effort] Intelligent Reasoning Budget Allocation
+    → 15-25% harder-task success; cheaper on easy tasks
+    Impact: Quality + cost optimization on reasoning models
+
+#11 [Very high effort] Formal Verification Integration (Dafny/Lean stage)
+    → 99.99% confidence on critical code paths
+    Impact: High stakes (crypto, payments); niche use case
+
+#12 [High effort] Active Context Compression + Semantic Memory Layer
+    → Unbounded context bloat fixed; 30% better compression
+    Impact: Solves long-session scalability
+
+#13 [High effort] Multi-Pass Mutation Generation (LLM-based mutants)
+    → Diversified test coverage; Meta-style compliance
+    Impact: Better mutation diversity than rule-based
+
+#14 [High effort] Anomaly Detection + Predictive Repair (log analysis)
+    → Earlier failure prevention; MTTR ↓ 40%
+    Impact: Proactive vs reactive
+
+#15 [High effort] Cross-Repo Fleet Learning (pattern sharing)
+    → 20% faster on new repo types
+    Impact: Leverages multi-repo data
+
+TIER 4 (LOWER ROI - NICE TO HAVE):
+
+#16-20: Quorum merge decisions, privacy mutations, DAG executor, symbol caching,
+        WebSocket real-time monitoring
+    Impact: Quality, compliance, observability improvements
+
+================================================================================
+IMPLEMENTATION ROADMAP (12 WEEKS)
+================================================================================
+
+PHASE 1: CONVERGENCE & COST (Weeks 1-4)
+  ✓ #1  Semantic trajectory analysis for loop regimes
+  ✓ #5  Speculative cascade routing
+  → #2  Intent Specification Engine (research phase)
+
+PHASE 2: SECURITY & TESTING (Weeks 5-8)
+  ✓ #3  Vulnerability Reward Model
+  ✓ #6  Mutation Testing Loop
+  ✓ #13 Multi-Pass Mutation Generation
+
+PHASE 3: MEMORY & SELF-HEALING (Weeks 9-12)
+  ✓ #4  Episodic Memory Layer
+  ✓ #7  CI Repair Agent
+  ✓ #8  LLM-as-a-Judge
+
+================================================================================
+KEY SOURCES CITED
+================================================================================
+
+BENCHMARKS:
+- SWE-bench: https://www.vals.ai/benchmarks/swebench
+- SWE-bench Pro: https://scale.com/blog/swe-bench-pro
+- Codeforces: https://codeforces.com/
+
+PAPERS (2024-2026):
+- SWE-agent NeurIPS 2024: https://arxiv.org/abs/2405.15793
+- Geometric Dynamics of Agentic Loops: https://arxiv.org/abs/2512.10350
+- DafnyPro POPL 2026: https://popl26.sigplan.org/
+- FunPRM Process Rewards: https://arxiv.org/abs/2601.22249
+- DeepSeek-R1 Architecture: https://arxiv.org/abs/2501.12948
+- Active Context Compression: https://arxiv.org/abs/2601.07190
+- Episodic Memory for LLMs: https://arxiv.org/abs/2407.09450
+
+INDUSTRY REPORTS:
+- BCG Platinion Dark Software Factory:
+  https://www.bcgplatinion.com/insights/the-dark-software-factory
+- Anthropic 2026 Agentic Coding Trends Report:
+  https://resources.anthropic.com/hubfs/2026%20Agentic%20Coding%20Trends%20Report.pdf
+- GitHub Copilot Agent Mode:
+  https://github.com/newsroom/press-releases/agent-mode
+- Meta Engineering Blog (LLM-powered bug catchers):
+  https://engineering.fb.com/2025/02/05/security/
+- Google Speculative Cascades:
+  https://research.google/blog/speculative-cascades-a-hybrid-approach-for-smarter-faster-llm-inference/
+
+MODELS & SYSTEMS:
+- Claude Opus 4.6: https://platform.claude.com
+- OpenAI o1-pro: https://openai.com/index/introducing-openai-o1-preview/
+- DeepSeek-R1: https://github.com/deepseek-ai/DeepSeek-R1
+- SWE-agent: https://github.com/SWE-agent/SWE-agent
+- Aider: https://github.com/paul-gauthier/aider
+- Cline: https://github.com/cline/cline
+
+================================================================================
+CONCLUSION
+================================================================================
+
+Shipwright is positioned as the PLATFORM-GRADE autonomous software factory —
+the right abstraction level between human intent and shipped code. The next wave
+of differentiation comes from:
+
+1. PREDICTIVE INTELLIGENCE (convergence detection, loop regimes)
+   → Cost & time reduction for iteration-heavy tasks
+
+2. LEARNING ACROSS EPISODES (episodic memory)
+   → Faster solutions on similar problems via case-based analogy
+
+3. FORMAL GUARANTEES (verification, formal specs)
+   → Safety/compliance for critical code paths
+
+4. SELF-HEALING (CI repair, automated fixes)
+   → Resilience and reduced human intervention
+
+The 20-item backlog reflects industry momentum and fills Shipwright's remaining
+gaps. Implementation order prioritizes highest ROI (cost, learning, quality).
+
+Expected outcomes over 12 weeks:
+- 40-60% cost reduction via cascading + convergence detection
+- 30-40% security improvement via vulnerability-aware RL
+- 20-35% faster solutions via episodic memory
+- 50% fewer CI retries via repair agent
+- Positioned as SOTA platform for dark factory era
+
+================================================================================

package/docs/superpowers/specs/2026-03-10-pipeline-quality-revolution-design.md

@@ -0,0 +1,341 @@
+# Pipeline Quality Revolution — Design Spec
+
+**Date**: 2026-03-10
+**Status**: Approved
+**Goal**: Close 6 quality gaps + AI-readiness foundation so autonomous agents deliver better than humans
+
+## Problem
+
+Shipwright's pipeline infrastructure works — it polls issues, spawns agents, runs builds, creates PRs. But the _quality_ of output is mediocre because:
+
+1. Plans are optimistic checklists without adversarial thinking
+2. Definition of Done is written by the same agent that implements (fox/henhouse)
+3. Agents don't understand _why_ they're building something
+4. No feedback loop from PR review quality or post-merge outcomes
+5. Code review is advisory, not adversarial — agents rubber-stamp
+6. No scope discipline — PRs balloon to 16K+ lines
+
+And underneath all of this: repos aren't "AI-ready." The daemon has no project-specific quality standards.
+
+## Architecture
+
+```
+PREP (AI-Readiness Foundation) ──────────────────────
+  │  Interactive quality profile dialogue
+  │  → .claude/quality-profile.json
+  │  → enriched CLAUDE.md
+  ▼
+INTAKE ──────────────────────────────────────────────
+  │  Intent analysis: WHO/WHAT/WHY/HOW/NOT
+  │  → .claude/pipeline-artifacts/acceptance-criteria.json
+  ▼
+PLAN ────────────────────────────────────────────────
+  │  Constrained by external acceptance criteria
+  │  Mandatory failure mode analysis section
+  │  → plan.md (with "Files to Modify" for scope tracking)
+  ▼
+BUILD ───────────────────────────────────────────────
+  │  "never_ship" rules injected every iteration
+  │  Scope tracking: planned vs actual files
+  │  Quality rules from learned patterns
+  ▼
+REVIEW ──────────────────────────────────────────────
+  │  Adversarial-by-default, must find 3+ issues
+  │  Bugs block (not just criticals)
+  │  Scope creep flagged from plan diff
+  ▼
+COMPOUND_QUALITY ────────────────────────────────────
+  │  Machine-verifiable DoD scorecard
+  │  Each acceptance criterion: PASS/FAIL with evidence
+  ▼
+PR ──────────────────────────────────────────────────
+  │  PR size gate (configurable, default 500 lines)
+  ▼
+POST-MERGE ──────────────────────────────────────────
+     Review comment capture → memory
+     Merge quality score tracking
+     Auto-generated quality rules from patterns
+```
+
+## Component Designs
+
+### Component 1: Quality Profile (`quality-profile.json`)
+
+The keystone. Every pipeline stage reads this to calibrate behavior to the project.
+
+**Schema:**
+
+```json
+{
+  "version": 1,
+  "project_name": "string",
+  "generated_at": "ISO-8601",
+  "architecture": {
+    "pattern": "monolith|modular_monolith|microservices|serverless|library",
+    "layers": ["string"],
+    "dependency_direction": "inward|none",
+    "rules": ["string — architectural constraints"]
+  },
+  "testing": {
+    "philosophy": "tdd|test_after|coverage_target|manual",
+    "min_coverage_delta": 0,
+    "required_test_types": ["unit", "integration", "e2e"],
+    "test_cmd": "string",
+    "fast_test_cmd": "string"
+  },
+  "quality": {
+    "max_pr_lines": 500,
+    "max_files_per_pr": 15,
+    "never_ship": ["string — absolute rules"],
+    "always_require": ["string — positive requirements"],
+    "learned_rules": [
+      {
+        "rule": "string",
+        "source": "string — how this was learned",
+        "confidence": 0.0-1.0,
+        "created_at": "ISO-8601",
+        "inject_at": ["plan", "build", "review"]
+      }
+    ]
+  },
+  "review": {
+    "focus_areas": ["string"],
+    "blocking_severities": ["critical", "bug", "security"],
+    "min_issues_to_find": 3
+  },
+  "scope": {
+    "unplanned_files_block": false,
+    "decomposition_threshold_lines": 500
+  },
+  "deployment": {
+    "strategy": "direct|preview_then_production|staged_rollout",
+    "rollback_plan": "revert_commit|feature_flag|manual",
+    "monitoring_window_minutes": 30
+  }
+}
+```
+
+**Generation**: `shipwright prep --interactive` runs a guided dialogue analyzing repo structure, configs, tests, CI, and asking 5-7 targeted questions. `shipwright prep --auto` infers from repo analysis with confidence scores.
+
+**Location**: `.claude/quality-profile.json` (checked into repo, grows over time)
+
+### Component 2: Intent Analysis (Intake Stage Enhancement)
+
+**Trigger**: Runs in `stage_intake()` after issue metadata is fetched, before plan stage.
+
+**Prompt template**:
+
+```
+Analyze this issue deeply before any implementation planning.
+
+Issue: {title}
+Body: {body}
+Labels: {labels}
+
+Project architecture: {quality_profile.architecture}
+
+Produce a structured analysis:
+
+1. WHO benefits? (end user / developer / ops / CI)
+2. WHAT changes? (concrete before→after behavior, with examples)
+3. WHY does this matter? (pain solved / capability unlocked)
+4. HOW will we know it worked? (observable signals — specific, testable)
+5. WHAT SHOULD WE NOT DO? (explicit out-of-scope boundaries)
+6. ACCEPTANCE CRITERIA: 3-7 machine-verifiable criteria
+
+Output JSON to acceptance-criteria.json matching this schema:
+{schema}
+```
+
+**Output**: `acceptance-criteria.json` saved to pipeline artifacts. Passed to plan stage as input constraint.
+
+**Key design decision**: Intent analysis runs as a _separate Claude session_ from planning. The analyst defines "what success looks like." The planner figures out "how to get there."
+
+### Component 3: Adversarial Plan Validation (Plan Stage Enhancement)
+
+**Trigger**: After plan is generated, before plan validation gate.
+
+**Injected into plan prompt**:
+
+```
+After your implementation plan, include a MANDATORY section:
+
+## Failure Mode Analysis
+For each major component or decision:
+1. Runtime failures: What happens when dependencies are unavailable?
+2. Concurrency risks: Race conditions, stale state, duplicate processing?
+3. Scale risks: 10x data, slow external deps, memory pressure?
+4. Rollback story: Can we revert safely without data loss?
+
+Project architecture rules to consider:
+{quality_profile.architecture.rules}
+
+You MUST identify at least 3 concrete failure modes.
+Address the most critical one in your implementation plan.
+```
+
+**Validation gate addition**: New rejection reason `missing_failure_analysis` — plan is rejected if the failure mode section is empty, has fewer than 3 items, or contains only generic platitudes (detected by checking for project-specific references).
+
+### Component 4: Scope Enforcement (Build + PR Stage Enhancement)
+
+**A. Planned files tracking (build stage)**:
+Extract "Files to Modify" from `plan.md` at build start. After each iteration, compare `git diff --name-only` against planned files. Log unplanned files to `scope-report.json`.
+
+**B. PR size gate (PR stage)**:
+
+```bash
+total_lines=$(git diff --stat origin/main...HEAD | tail -1 | grep -oE '[0-9]+ insertion' | grep -oE '[0-9]+')
+max_lines=$(jq -r '.quality.max_pr_lines // 500' "$QUALITY_PROFILE")
+if [[ "$total_lines" -gt "$max_lines" ]]; then
+    error "PR is ${total_lines} lines (max: ${max_lines}). Decompose into smaller PRs."
+    exit 1
+fi
+```
+
+**C. Scope report injection into review**:
+The review stage receives `scope-report.json` listing unplanned files. Reviewer must justify or flag each.
+
+### Component 5: Adversarial Review (Review Stage Enhancement)
+
+**New review prompt** (replaces current generic prompt):
+
+```
+You are a SKEPTICAL senior engineer reviewing code for production.
+Your job is to FIND PROBLEMS, not confirm quality.
+
+Project standards (from quality-profile.json):
+- Never ship: {quality_profile.quality.never_ship}
+- Always require: {quality_profile.quality.always_require}
+- Focus areas: {quality_profile.review.focus_areas}
+- Learned rules: {quality_profile.quality.learned_rules}
+
+Definition of Done (from acceptance-criteria.json):
+{acceptance_criteria}
+
+Scope report (planned vs actual files):
+{scope_report}
+
+Rules:
+1. Find at least {min_issues_to_find} issues. If truly zero issues exist,
+   write a paragraph explaining why this code is exceptional.
+2. Rate each: Critical / Bug / Security / Warning / Suggestion
+3. Check EVERY acceptance criterion — mark PASS/FAIL with evidence.
+4. Flag every unplanned file — justify or mark as scope creep.
+5. Check every "never_ship" rule — cite violations with line numbers.
+```
+
+**Blocking change**: Gate condition becomes `critical_count + bug_count + security_count > 0` (bugs now block).
+
+### Component 6: Machine-Verifiable DoD Scorecard (Compound Quality Enhancement)
+
+**Computed checks** (no LLM needed):
+
+```json
+{
+  "scorecard": {
+    "pr_size": { "status": "pass", "value": 247, "limit": 500 },
+    "test_count_delta": { "status": "pass", "value": 12, "baseline": 0 },
+    "coverage_delta": { "status": "pass", "value": 2.1, "min": 0 },
+    "lint_warnings_delta": { "status": "pass", "value": 0, "max": 0 },
+    "planned_files_coverage": {
+      "status": "pass",
+      "planned": 5,
+      "touched": 5,
+      "unplanned": 1
+    },
+    "never_ship_violations": { "status": "pass", "violations": [] },
+    "acceptance_criteria": [
+      {
+        "id": "ac-1",
+        "status": "pass",
+        "evidence": "GET /api/users returns 200 in test output"
+      },
+      {
+        "id": "ac-2",
+        "status": "fail",
+        "evidence": "No test for 401 response on invalid token"
+      }
+    ]
+  },
+  "overall": "fail",
+  "blocking_failures": ["ac-2"]
+}
+```
+
+Machine checks run first. LLM-based checks (adversarial, negative testing) run only if machine checks pass. This is faster and cheaper.
+
+### Component 7: Outcome Feedback Loop (Post-Merge Enhancement)
+
+**A. PR Review Capture** (new function in `sw-feedback.sh`):
+
+```bash
+capture_review_feedback() {
+    local pr_number="$1"
+    local reviews=$(gh api "repos/{owner}/{repo}/pulls/${pr_number}/reviews" --jq '.[].body')
+    local comments=$(gh api "repos/{owner}/{repo}/pulls/${pr_number}/comments" --jq '.[].body')
+    # Store in memory with type "review_feedback"
+    # Extract patterns for quality rule generation
+}
+```
+
+**B. Merge Quality Score** (new function in `sw-feedback.sh`):
+Track per-PR: `clean_merge` (+1), `changes_requested` (-1), `reverted` (-3), `regression` (-2). Rolling average → pipeline quality score in DORA dashboard.
+
+**C. Quality Rule Auto-Generation** (new function in `sw-memory.sh`):
+When same review pattern appears 3+ times, generate a quality rule and add to `quality-profile.json`'s `learned_rules` array. Rules are injected into plan, build, and review stages.
+
+## Data Flow
+
+```
+quality-profile.json ──→ ALL STAGES (standards calibration)
+         │
+         ├──→ intake: intent analysis prompt
+         ├──→ plan: failure mode analysis prompt + acceptance criteria constraints
+         ├──→ build: never_ship rules + learned quality rules
+         ├──→ review: focus areas + blocking rules + scope report
+         ├──→ compound_quality: machine check thresholds
+         └──→ pr: size limits
+
+acceptance-criteria.json ──→ plan (constraints) → review (checklist) → compound_quality (scorecard)
+scope-report.json ──→ review (scope creep detection) → pr (size gate)
+dod-scorecard.json ──→ compound_quality output → pr gate
+merge-quality.jsonl ──→ feedback → quality-profile.json (learned_rules)
+```
+
+## Testing Strategy
+
+Each component has a corresponding test:
+
+- `sw-quality-profile-test.sh` — profile generation, schema validation, merge with learned rules
+- `sw-intent-analysis-test.sh` — acceptance criteria extraction, JSON schema compliance
+- `sw-scope-enforcement-test.sh` — planned vs actual file tracking, PR size gate
+- `sw-adversarial-review-test.sh` — minimum issue finding, blocking behavior, scope creep detection
+- `sw-dod-scorecard-test.sh` — machine check computation, pass/fail logic
+- `sw-outcome-feedback-test.sh` — review capture, quality score, rule auto-generation
+
+Integration: `sw-pipeline-test.sh` gains tests for quality profile flow through all stages.
+
+## Files to Create
+
+| File                               | Purpose                                               |
+| ---------------------------------- | ----------------------------------------------------- |
+| `scripts/lib/quality-profile.sh`   | Profile loading, validation, merge with learned rules |
+| `scripts/lib/intent-analysis.sh`   | Issue intent analysis, acceptance criteria generation |
+| `scripts/lib/scope-enforcement.sh` | Planned vs actual file tracking, PR size gate         |
+| `scripts/lib/dod-scorecard.sh`     | Machine-verifiable DoD computation                    |
+| `scripts/lib/outcome-feedback.sh`  | Review capture, quality score, rule generation        |
+
+## Files to Modify
+
+| File                                                       | Changes                                                     |
+| ---------------------------------------------------------- | ----------------------------------------------------------- |
+| `scripts/lib/pipeline-stages-intake.sh`                    | Add intent analysis step, generate acceptance-criteria.json |
+| `scripts/lib/pipeline-stages-intake.sh` (plan section)     | Inject failure mode analysis, consume acceptance criteria   |
+| `scripts/lib/pipeline-stages-build.sh`                     | Inject never_ship rules, scope tracking                     |
+| `scripts/lib/pipeline-stages-review.sh`                    | New adversarial review prompt, bug-blocking, scope report   |
+| `scripts/lib/pipeline-stages-review.sh` (compound_quality) | Machine DoD scorecard before LLM checks                     |
+| `scripts/lib/pipeline-stages-delivery.sh`                  | PR size gate                                                |
+| `scripts/sw-prep.sh`                                       | Interactive quality profile generation                      |
+| `scripts/sw-feedback.sh`                                   | PR review capture, merge quality score                      |
+| `scripts/sw-memory.sh`                                     | Quality rule auto-generation from patterns                  |
+| `scripts/sw-pipeline-test.sh`                              | Integration tests for quality profile flow                  |

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "shipwright-cli",
-  "version": "3.2.0",
+  "version": "3.3.0",
   "description": "Orchestrate autonomous Claude Code agent teams in tmux",
   "bin": {
     "shipwright": "scripts/sw",
@@ -36,7 +36,7 @@
     "dashboard:test": "vitest run --config dashboard/vitest.config.ts",
     "dashboard:test:watch": "vitest --config dashboard/vitest.config.ts",
     "dashboard:test:coverage": "vitest run --config dashboard/vitest.config.ts --coverage",
-    "test": "bash scripts/sw-agi-roadmap-test.sh && bash scripts/sw-activity-test.sh && bash scripts/sw-adaptive-test.sh && bash scripts/sw-adversarial-test.sh && bash scripts/sw-architecture-enforcer-test.sh && bash scripts/sw-auth-test.sh && bash scripts/sw-autonomous-test.sh && bash scripts/sw-changelog-test.sh && bash scripts/sw-checkpoint-test.sh && bash scripts/sw-ci-test.sh && bash scripts/sw-cleanup-test.sh && bash scripts/sw-code-review-test.sh && bash scripts/sw-connect-test.sh && bash scripts/sw-context-test.sh && bash scripts/sw-cost-test.sh && bash scripts/sw-daemon-test.sh && bash scripts/sw-dashboard-test.sh && bash scripts/sw-db-test.sh && bash scripts/sw-decompose-test.sh && bash scripts/sw-decide-test.sh && bash scripts/sw-deps-test.sh && bash scripts/sw-developer-simulation-test.sh && bash scripts/sw-discovery-test.sh && bash scripts/sw-doc-fleet-test.sh && bash scripts/sw-docs-agent-test.sh && bash scripts/sw-docs-test.sh && bash scripts/sw-doctor-test.sh && bash scripts/sw-dora-test.sh && bash scripts/sw-durable-test.sh && bash scripts/sw-e2e-orchestrator-test.sh && bash scripts/sw-eventbus-test.sh && bash scripts/sw-feedback-test.sh && bash scripts/sw-fix-test.sh && bash scripts/sw-fleet-discover-test.sh && bash scripts/sw-fleet-test.sh && bash scripts/sw-fleet-viz-test.sh && bash scripts/sw-frontier-test.sh && bash scripts/sw-github-app-test.sh && bash scripts/sw-github-checks-test.sh && bash scripts/sw-github-deploy-test.sh && bash scripts/sw-github-graphql-test.sh && bash scripts/sw-guild-test.sh && bash scripts/sw-heartbeat-test.sh && bash scripts/sw-hygiene-test.sh && bash scripts/sw-incident-test.sh && bash scripts/sw-init-test.sh && bash scripts/sw-instrument-test.sh && bash scripts/sw-intelligence-test.sh && bash scripts/sw-jira-test.sh && bash scripts/sw-launchd-test.sh && bash scripts/sw-linear-test.sh && bash scripts/sw-logs-test.sh && bash scripts/sw-loop-test.sh && bash scripts/sw-memory-test.sh && bash scripts/sw-mission-control-test.sh && bash scripts/sw-model-router-test.sh && bash scripts/sw-otel-test.sh && bash scripts/sw-oversight-test.sh && bash scripts/sw-patrol-meta-test.sh && bash scripts/sw-pipeline-composer-test.sh && bash scripts/sw-pipeline-test.sh && bash scripts/sw-pipeline-vitals-test.sh && bash scripts/sw-pm-test.sh && bash scripts/sw-pr-lifecycle-test.sh && bash scripts/sw-predictive-test.sh && bash scripts/sw-prep-test.sh && bash scripts/sw-ps-test.sh && bash scripts/sw-public-dashboard-test.sh && bash scripts/sw-quality-test.sh && bash scripts/sw-reaper-test.sh && bash scripts/sw-recruit-test.sh && bash scripts/sw-regression-test.sh && bash scripts/sw-release-manager-test.sh && bash scripts/sw-release-test.sh && bash scripts/sw-remote-test.sh && bash scripts/sw-replay-test.sh && bash scripts/sw-retro-test.sh && bash scripts/sw-scale-test.sh && bash scripts/sw-security-audit-test.sh && bash scripts/sw-self-optimize-test.sh && bash scripts/sw-session-test.sh && bash scripts/sw-setup-test.sh && bash scripts/sw-standup-test.sh && bash scripts/sw-status-test.sh && bash scripts/sw-strategic-test.sh && bash scripts/sw-stream-test.sh && bash scripts/sw-swarm-test.sh && bash scripts/sw-team-stages-test.sh && bash scripts/sw-templates-test.sh && bash scripts/sw-testgen-test.sh && bash scripts/sw-tmux-pipeline-test.sh && bash scripts/sw-tmux-test.sh && bash scripts/sw-trace-test.sh && bash scripts/sw-tracker-test.sh && bash scripts/sw-triage-test.sh && bash scripts/sw-upgrade-test.sh && bash scripts/sw-ux-test.sh && bash scripts/sw-webhook-test.sh && bash scripts/sw-widgets-test.sh && bash scripts/sw-worktree-test.sh && bash scripts/sw-lib-compat-test.sh && bash scripts/sw-lib-helpers-test.sh && bash scripts/sw-lib-daemon-dispatch-test.sh && bash scripts/sw-lib-daemon-failure-test.sh && bash scripts/sw-lib-daemon-poll-test.sh && bash scripts/sw-lib-daemon-state-test.sh && bash scripts/sw-lib-daemon-triage-test.sh && bash scripts/sw-lib-pipeline-detection-test.sh && bash scripts/sw-lib-pipeline-intelligence-test.sh && bash scripts/sw-lib-pipeline-quality-checks-test.sh && bash scripts/sw-lib-pipeline-stages-test.sh && bash scripts/sw-lib-pipeline-state-test.sh && bash scripts/sw-adapters-test.sh && bash scripts/sw-evidence-test.sh && bash scripts/sw-review-rerun-test.sh && bash scripts/sw-tracker-providers-test.sh && bash scripts/sw-budget-chaos-test.sh && bash scripts/sw-autonomous-e2e-test.sh && bash scripts/sw-memory-discovery-e2e-test.sh && bash scripts/sw-policy-e2e-test.sh && bash scripts/sw-e2e-smoke-test.sh && bash scripts/sw-dashboard-e2e-test.sh",
+    "test": "bash scripts/sw-agi-roadmap-test.sh && bash scripts/sw-activity-test.sh && bash scripts/sw-adaptive-test.sh && bash scripts/sw-adversarial-test.sh && bash scripts/sw-architecture-enforcer-test.sh && bash scripts/sw-auth-test.sh && bash scripts/sw-autonomous-test.sh && bash scripts/sw-changelog-test.sh && bash scripts/sw-checkpoint-test.sh && bash scripts/sw-ci-test.sh && bash scripts/sw-cleanup-test.sh && bash scripts/sw-code-review-test.sh && bash scripts/sw-connect-test.sh && bash scripts/sw-context-budget-test.sh && bash scripts/sw-context-test.sh && bash scripts/sw-cost-test.sh && bash scripts/sw-daemon-test.sh && bash scripts/sw-dashboard-test.sh && bash scripts/sw-db-test.sh && bash scripts/sw-decompose-test.sh && bash scripts/sw-decide-test.sh && bash scripts/sw-deps-test.sh && bash scripts/sw-developer-simulation-test.sh && bash scripts/sw-discovery-test.sh && bash scripts/sw-doc-fleet-test.sh && bash scripts/sw-docs-agent-test.sh && bash scripts/sw-docs-test.sh && bash scripts/sw-doctor-test.sh && bash scripts/sw-dora-test.sh && bash scripts/sw-durable-test.sh && bash scripts/sw-e2e-orchestrator-test.sh && bash scripts/sw-eventbus-test.sh && bash scripts/sw-feedback-test.sh && bash scripts/sw-outcome-feedback-test.sh && bash scripts/sw-fix-test.sh && bash scripts/sw-fleet-discover-test.sh && bash scripts/sw-fleet-test.sh && bash scripts/sw-fleet-viz-test.sh && bash scripts/sw-frontier-test.sh && bash scripts/sw-github-app-test.sh && bash scripts/sw-github-checks-test.sh && bash scripts/sw-github-deploy-test.sh && bash scripts/sw-github-graphql-test.sh && bash scripts/sw-guild-test.sh && bash scripts/sw-heartbeat-test.sh && bash scripts/sw-hello-test.sh && bash scripts/sw-hygiene-test.sh && bash scripts/sw-incident-test.sh && bash scripts/sw-init-test.sh && bash scripts/sw-instrument-test.sh && bash scripts/sw-intelligence-test.sh && bash scripts/sw-jira-test.sh && bash scripts/sw-launchd-test.sh && bash scripts/sw-linear-test.sh && bash scripts/sw-logs-test.sh && bash scripts/sw-loop-test.sh && bash scripts/sw-memory-test.sh && bash scripts/sw-mission-control-test.sh && bash scripts/sw-model-router-test.sh && bash scripts/sw-otel-test.sh && bash scripts/sw-oversight-test.sh && bash scripts/sw-patrol-meta-test.sh && bash scripts/sw-pipeline-composer-test.sh && bash scripts/sw-pipeline-test.sh && bash scripts/sw-pipeline-vitals-test.sh && bash scripts/sw-pm-test.sh && bash scripts/sw-pr-lifecycle-test.sh && bash scripts/sw-predictive-test.sh && bash scripts/sw-prep-test.sh && bash scripts/sw-ps-test.sh && bash scripts/sw-public-dashboard-test.sh && bash scripts/sw-quality-profile-test.sh && bash scripts/sw-quality-test.sh && bash scripts/sw-reaper-test.sh && bash scripts/sw-recruit-test.sh && bash scripts/sw-regression-test.sh && bash scripts/sw-release-manager-test.sh && bash scripts/sw-release-test.sh && bash scripts/sw-root-cause-test.sh && bash scripts/sw-remote-test.sh && bash scripts/sw-replay-test.sh && bash scripts/sw-retro-test.sh && bash scripts/sw-scale-test.sh && bash scripts/sw-stall-detector-test.sh && bash scripts/sw-security-audit-test.sh && bash scripts/sw-self-optimize-test.sh && bash scripts/sw-session-test.sh && bash scripts/sw-setup-test.sh && bash scripts/sw-standup-test.sh && bash scripts/sw-status-test.sh && bash scripts/sw-strategic-test.sh && bash scripts/sw-stream-test.sh && bash scripts/sw-swarm-test.sh && bash scripts/sw-team-stages-test.sh && bash scripts/sw-templates-test.sh && bash scripts/sw-testgen-test.sh && bash scripts/sw-tmux-pipeline-test.sh && bash scripts/sw-tmux-test.sh && bash scripts/sw-trace-test.sh && bash scripts/sw-tracker-test.sh && bash scripts/sw-triage-test.sh && bash scripts/sw-upgrade-test.sh && bash scripts/sw-ux-test.sh && bash scripts/sw-webhook-test.sh && bash scripts/sw-widgets-test.sh && bash scripts/sw-worktree-test.sh && bash scripts/sw-lib-compat-test.sh && bash scripts/sw-lib-helpers-test.sh && bash scripts/sw-lib-error-actionability-test.sh && bash scripts/sw-lib-daemon-dispatch-test.sh && bash scripts/sw-lib-daemon-failure-test.sh && bash scripts/sw-lib-daemon-poll-test.sh && bash scripts/sw-lib-daemon-state-test.sh && bash scripts/sw-lib-daemon-triage-test.sh && bash scripts/sw-lib-daemon-patrol-test.sh && bash scripts/sw-lib-pipeline-detection-test.sh && bash scripts/sw-lib-pipeline-intelligence-test.sh && bash scripts/sw-lib-pipeline-quality-checks-test.sh && bash scripts/sw-lib-pipeline-stages-test.sh && bash scripts/sw-lib-pipeline-state-test.sh && bash scripts/sw-adapters-test.sh && bash scripts/sw-evidence-test.sh && bash scripts/sw-review-rerun-test.sh && bash scripts/sw-tracker-providers-test.sh && bash scripts/sw-budget-chaos-test.sh && bash scripts/sw-chaos-test.sh && bash scripts/sw-autonomous-e2e-test.sh && bash scripts/sw-memory-discovery-e2e-test.sh && bash scripts/sw-policy-e2e-test.sh && bash scripts/sw-e2e-smoke-test.sh && bash scripts/sw-dashboard-e2e-test.sh && bash scripts/sw-reward-aggregator-test.sh && bash scripts/sw-bandit-selector-test.sh && bash scripts/sw-policy-learner-test.sh && bash scripts/sw-autoresearch-e2e-test.sh",
     "test:smoke": "bash scripts/sw-e2e-smoke-test.sh",
     "test:integration": "bash scripts/sw-e2e-integration-test.sh && bash scripts/sw-e2e-system-test.sh && bash scripts/sw-server-api-test.sh && bash scripts/sw-integration-claude-test.sh",
     "harness:evidence:capture": "bash scripts/sw-evidence.sh capture",