sinapse-ai 1.8.0 → 1.9.1

package/bin/utils/staged-sql-guard.js

@@ -0,0 +1,204 @@
+'use strict';
+
+/**
+ * Staged SQL Guard — git pre-commit guard for destructive DDL/DML.
+ *
+ * Ports the DANGEROUS_PATTERNS from `.claude/hooks/sql-governance.py` (which is
+ * IDE-bound: it only fires on Claude Code Bash tool calls) into an IDE-agnostic
+ * Node guard that runs at the git layer. It scans the STAGED blob of every
+ * changed `.sql` / migration-bearing file and BLOCKS the commit (exit 1) if it
+ * finds destructive schema/data operations:
+ *
+ *   - DROP TABLE/VIEW/FUNCTION/TRIGGER/INDEX/SCHEMA/POLICY
+ *   - TRUNCATE
+ *   - DELETE ... (without a WHERE clause)
+ *   - CREATE TABLE ... AS SELECT (disallowed backup pattern)
+ *
+ * Scope decision: this guard targets the genuinely IRREVERSIBLE / data-loss
+ * operations (the same ones a destructive migration would carry). Plain
+ * CREATE/ALTER are intentionally NOT blocked at the git layer — they are the
+ * normal content of forward migrations and blocking them would make every
+ * legitimate schema change require `--no-verify`. The Claude-Code-level
+ * sql-governance.py still gates CREATE/ALTER at authoring time interactively.
+ *
+ * Only `.sql` files and files under a `migrations/` path are scanned, so SQL
+ * embedded in prose/docs or string literals in application code does not trip
+ * the guard. SQL comments (line and block) are stripped before matching.
+ *
+ * fail-CLOSED on scanner error (a broken guard must never silently pass
+ * destructive SQL). fail-OPEN only when there is genuinely nothing to scan.
+ *
+ * @module bin/utils/staged-sql-guard
+ */
+
+const { execFileSync, execSync } = require('child_process');
+
+/**
+ * Destructive patterns. Mirrors the irreversible subset of
+ * sql-governance.py DANGEROUS_PATTERNS. Each entry: [regex, humanLabel].
+ * Regexes are case-insensitive and operate on comment-stripped SQL text.
+ * @constant {Array<[RegExp, string]>}
+ */
+const DANGEROUS_PATTERNS = [
+  // DDL — destructive drops
+  [/\bDROP\s+TABLE\b/i, 'DROP TABLE'],
+  [/\bDROP\s+VIEW\b/i, 'DROP VIEW'],
+  [/\bDROP\s+MATERIALIZED\s+VIEW\b/i, 'DROP MATERIALIZED VIEW'],
+  [/\bDROP\s+FUNCTION\b/i, 'DROP FUNCTION'],
+  [/\bDROP\s+TRIGGER\b/i, 'DROP TRIGGER'],
+  [/\bDROP\s+INDEX\b/i, 'DROP INDEX'],
+  [/\bDROP\s+SCHEMA\b/i, 'DROP SCHEMA'],
+  [/\bDROP\s+POLICY\b/i, 'DROP POLICY'],
+  [/\bDROP\s+DATABASE\b/i, 'DROP DATABASE'],
+  // DML — data loss
+  [/\bTRUNCATE\b/i, 'TRUNCATE'],
+  // DELETE without a WHERE clause (whole-table wipe).
+  [/\bDELETE\s+FROM\s+[^;]*?(?:;|$)(?<!\bWHERE\b[^;]*)/i, 'DELETE without WHERE'],
+  // Disallowed backup pattern (table copy).
+  [/\bCREATE\s+TABLE\b[\s\S]*?\bAS\s+SELECT\b/i, 'CREATE TABLE AS SELECT (backup pattern)'],
+];
+
+const SQL_FILE_PATTERN = /\.sql$/i;
+const MIGRATION_PATH_PATTERN = /(^|\/)migrations?\//i;
+
+/**
+ * Should this path be SQL-scanned?
+ * @param {string} filePath
+ * @returns {boolean}
+ */
+function isSqlScanTarget(filePath) {
+  const norm = String(filePath).replace(/\\/g, '/');
+  return SQL_FILE_PATTERN.test(norm) || MIGRATION_PATH_PATTERN.test(norm);
+}
+
+/**
+ * Strip SQL comments so `-- DROP TABLE foo` (commented out) is ignored.
+ * Removes `--` line comments and `/* ... *\/` block comments.
+ * @param {string} sql
+ * @returns {string}
+ */
+function stripSqlComments(sql) {
+  return String(sql == null ? '' : sql)
+    .replace(/\/\*[\s\S]*?\*\//g, ' ') // block comments
+    .replace(/--[^\n\r]*/g, ' '); // line comments
+}
+
+/**
+ * Detect destructive SQL in a blob. Operates per-statement (split on ';') so a
+ * `DELETE FROM a WHERE x; DELETE FROM b;` correctly flags only the second.
+ * @param {string} content
+ * @returns {string[]} list of human labels for findings (deduped)
+ */
+function detectDangerousSql(content) {
+  const cleaned = stripSqlComments(content);
+  const statements = cleaned.split(';');
+  const found = new Set();
+
+  for (const rawStmt of statements) {
+    const stmt = rawStmt.trim();
+    if (!stmt) continue;
+
+    for (const [pattern, label] of DANGEROUS_PATTERNS) {
+      if (label === 'DELETE without WHERE') {
+        // Per-statement WHERE check: flag a DELETE FROM only when this
+        // statement has no WHERE.
+        if (/\bDELETE\s+FROM\b/i.test(stmt) && !/\bWHERE\b/i.test(stmt)) {
+          found.add(label);
+        }
+        continue;
+      }
+      if (pattern.test(stmt)) {
+        found.add(label);
+      }
+    }
+  }
+
+  return Array.from(found);
+}
+
+function getStagedFiles() {
+  try {
+    const output = execSync('git diff --cached --name-only --diff-filter=ACMR', {
+      encoding: 'utf8',
+      stdio: ['ignore', 'pipe', 'pipe'],
+    }).trim();
+    return output ? output.split('\n').filter(Boolean) : [];
+  } catch {
+    return [];
+  }
+}
+
+function readStagedFile(filePath) {
+  // Throws on failure so the caller can fail-CLOSED instead of scanning "".
+  return execFileSync('git', ['show', `:${filePath}`], {
+    encoding: 'utf8',
+    stdio: ['ignore', 'pipe', 'pipe'],
+    maxBuffer: 5 * 1024 * 1024,
+  });
+}
+
+/**
+ * Scan the given staged files for destructive SQL.
+ * @param {string[]} files
+ * @returns {Array<{ filePath: string, reasons: string[] }>}
+ */
+function scanStagedFiles(files) {
+  const findings = [];
+
+  for (const filePath of files) {
+    if (!isSqlScanTarget(filePath)) continue;
+
+    let content;
+    try {
+      content = readStagedFile(filePath);
+    } catch {
+      // Unreadable blob (binary/deleted-readded race) — skip; SQL files are text.
+      continue;
+    }
+
+    const reasons = detectDangerousSql(content);
+    if (reasons.length > 0) {
+      findings.push({ filePath, reasons });
+    }
+  }
+
+  return findings;
+}
+
+function main() {
+  let findings;
+  try {
+    const files = getStagedFiles();
+    if (files.length === 0) process.exit(0);
+    findings = scanStagedFiles(files);
+  } catch (err) {
+    // fail-CLOSED on unexpected scanner error.
+    process.stderr.write('\nStaged SQL Guard: unexpected error — commit blocked (fail-closed).\n');
+    process.stderr.write(String(err && err.message ? err.message : err) + '\n');
+    process.exit(1);
+  }
+
+  if (findings.length === 0) process.exit(0);
+
+  process.stderr.write('\nStaged SQL Guard: commit blocked (destructive SQL detected).\n\n');
+  for (const f of findings) {
+    process.stderr.write(`- ${f.filePath}: ${f.reasons.join(', ')}\n`);
+  }
+  process.stderr.write('\nDestructive schema/data operations must go through a reviewed migration,\n');
+  process.stderr.write('not a raw commit. If this is an intentional, reviewed migration:\n');
+  process.stderr.write('  git commit --no-verify   (framework contributors / reviewed migrations only)\n\n');
+  process.exit(1);
+}
+
+module.exports = {
+  DANGEROUS_PATTERNS,
+  isSqlScanTarget,
+  stripSqlComments,
+  detectDangerousSql,
+  getStagedFiles,
+  scanStagedFiles,
+};
+
+if (require.main === module) {
+  main();
+}

package/bin/utils/validate-publish.js

@@ -75,6 +75,69 @@ try {
   passed = false;
 }
 
+// Check 5 (E9): Secret scan over the EXACT files that would be published.
+// Reuses the shared scanner core, scoped as a RELEASE gate (not the commit-time
+// diff scan): it skips vendored node_modules (a dependency's strings are not our
+// secret to gate on) and HARD-FAILS only on HIGH-CONFIDENCE key formats
+// (sk-proj / AKIA / ghp_ / private keys / real connection strings). The entropy
+// backstop and the low-confidence keyword heuristics (Hardcoded Password /
+// Bearer Token) are intentionally NOT release-blocking — over a whole package
+// they match documentation examples and minified vendor code, which would block
+// every release on noise. The git pre-commit hook keeps the stricter,
+// diff-scoped scan (entropy + low-confidence) for authored changes.
+console.log('');
+console.log('--- Secret Scan (E9, packaged files) ---\n');
+try {
+  const core = require(
+    path.join(PROJECT_ROOT, '.sinapse-ai', 'git-hooks', 'lib', 'secret-scanner-core.js'),
+  );
+  const { isScanExemptPath } = require(
+    path.join(PROJECT_ROOT, '.sinapse-ai', 'git-hooks', 'lib', 'staged-secret-scan.js'),
+  );
+  const lowConfidence = new Set(
+    (core.NAMED_PATTERNS || []).filter((p) => p.lowConfidence).map((p) => p.name),
+  );
+  const packJson = execSync('npm pack --dry-run --json', {
+    encoding: 'utf8',
+    cwd: PROJECT_ROOT,
+    timeout: 60000,
+    // npm writes notices to stderr and the JSON result to stdout; capture only stdout.
+    stdio: ['ignore', 'pipe', 'ignore'],
+    maxBuffer: 32 * 1024 * 1024,
+  });
+  const files = (JSON.parse(packJson)[0] || {}).files || [];
+  // Binary/asset extensions can't carry plaintext secrets and may blow up the reader.
+  const BINARY = /\.(png|jpe?g|gif|webp|ico|pdf|zip|gz|tgz|woff2?|ttf|eot|mp4|mp3|wasm|node)$/i;
+  const findings = [];
+  let scanned = 0;
+  for (const f of files) {
+    const rel = f.path;
+    if (!rel || BINARY.test(rel) || rel.includes('node_modules/') || isScanExemptPath(rel)) continue;
+    let content;
+    try {
+      content = fs.readFileSync(path.join(PROJECT_ROOT, rel), 'utf8');
+    } catch {
+      continue;
+    }
+    scanned += 1;
+    const hits = core
+      .scanContent(content, { filePath: rel, entropy: false })
+      .filter((h) => !lowConfidence.has(h.name));
+    if (hits.length > 0) findings.push({ file: rel, secrets: [...new Set(hits.map((h) => h.name))] });
+  }
+  if (findings.length > 0) {
+    console.error(`FAIL: ${findings.length} packaged file(s) contain high-confidence secrets — publish blocked:`);
+    for (const fnd of findings) console.error(`  - ${fnd.file}: ${fnd.secrets.join(', ')}`);
+    passed = false;
+  } else {
+    console.log(`PASS: no high-confidence secrets in ${scanned} packaged source files`);
+  }
+} catch (err) {
+  // Fail-closed: a broken secret scan must NOT let a publish through silently.
+  console.error(`FAIL: secret scan over package could not complete: ${err.message}`);
+  passed = false;
+}
+
 // Summary
 console.log('');
 if (passed) {

package/docs/agent-reference-guide.md

@@ -1,6 +1,6 @@
 # Agent Reference Guide — SINAPSE-AI
 
-> Referência rápida dos **200 agentes** organizados em **19 squads** + **12 framework agents**. Total: 1.237 tasks executáveis.
+> Referência rápida dos **172 agentes** organizados em **17 squads** + **12 framework agents**. Total: 1.200 tasks executáveis.
 
 ## Como invocar
 
@@ -33,14 +33,14 @@ Localização: `.sinapse-ai/development/agents/`
 | `@squad-creator` | — | Cria squads customizados |
 | `@snps-orqx` | Imperator | Master orchestrator |
 
-## Squad Orchestrators (19) — Especialistas por Domínio
+## Squad Orchestrators (17) — Especialistas por Domínio
 
 | Squad | Orchestrator | Domínio principal |
 |---|---|---|
 | squad-brand | `@brand-orqx` | Branding, identidade visual, MVV |
 | squad-copy | `@copy-orqx` | Copywriting, persuasão, ads |
 | squad-content | `@content-orqx` | Conteúdo, editorial, SEO |
-| squad-design | `@design-orqx` | Design system, UI, wireframes |
+| squad-design | `@design-orqx` | Design system, UI, wireframes, art direction (LP/site/premium) |
 | squad-animations | `@animations-orqx` | Motion, GSAP, Three.js, shaders |
 | squad-product | `@product-orqx` | Product discovery, roadmap |
 | squad-commercial | `@commercial-orqx` | Vendas, CRM, funil |
@@ -53,9 +53,7 @@ Localização: `.sinapse-ai/development/agents/`
 | squad-courses | `@courses-orqx` | Cursos, mentorias, lançamento |
 | squad-storytelling | `@storytelling-orqx` | Pitch, narrativa |
 | squad-council | `@council-orqx` | Conselho estratégico (mental models) |
-| claude-code-mastery | `@claude-orqx` | Claude Code mastery (hooks, MCP, skills) |
-| squad-artdir | `@artdir-orqx` | Direção de arte |
-| claude-code-mastery | `@claude-mastery-chief` | Setup avançado Claude Code |
+| claude-code-mastery | `@swarm-orqx` | Claude Code mastery (hooks, MCP, skills) |
 
 ## Como descobrir agentes de um squad
 
@@ -105,4 +103,4 @@ squads/{squad-name}/
 
 ---
 
-*200 agentes especializados. 1.237 tasks. 13 hooks ativos. 10 artigos constitucionais. Tudo direto no terminal.*
+*172 agentes especializados. 1.200 tasks. 13 hooks ativos. 10 artigos constitucionais. Tudo direto no terminal.*

package/docs/framework/agent-prefix-convention.md

@@ -0,0 +1,58 @@
+# Agent Prefix Convention (Codex)
+
+> Decision D5 of the Codex-parity program (E8). Defines how an agent signals
+> *which* agent is speaking in environments without a status line.
+
+## Why this exists
+
+In Claude Code, the active agent is shown by the status line — the user always
+knows whether Imperator, the developer, or a squad specialist is responding.
+**Codex CLI has no status line.** Without a convention, every agent's output
+looks identical and the user loses track of who is acting. D5 adopts a cheap,
+text-only marker instead of trying to emulate a status line (which the platform
+does not support).
+
+## The convention
+
+An agent prefixes its **activation greeting** and **handoff/routing lines** with
+its name in brackets:
+
+```
+[Imperator] Diagnosed your briefing — routing to the brand squad.
+[Brand Strategist] Positioning locked. Handing back to [Imperator].
+```
+
+- Plain text, no emoji (survives terminals/log pipes that strip emoji). The
+  master agent's greeting may still carry its `👑 Imperator` banner; the bracket
+  marker is the machine-stable signal.
+- The bracket name matches the agent's display name (e.g. `[Imperator]`,
+  `[Developer]`, `[Brand Strategist]`).
+
+## Scope (conservative by default)
+
+| Where | Prefix required? |
+|-------|------------------|
+| Coordinator activation greeting (Imperator / squad `*-orqx`) | **Yes** |
+| Cross-agent handoff / routing announcements | **Yes** |
+| A specialist's first line when it takes over a turn | **Yes** |
+| Every subsequent line of a long answer | No (would bloat tokens across 172 agents) |
+| One-line confirmations | No |
+
+The goal is *discoverability of who is acting*, not decorating every sentence.
+This keeps the token cost negligible while restoring the "who is speaking"
+signal that Codex otherwise lacks.
+
+## Claude Code vs Codex
+
+- **Codex:** apply the bracket prefix per the table above.
+- **Claude Code:** the status line already shows the active agent — the prefix
+  is optional (the greeting banner is enough).
+
+## Enforcement
+
+This is a **convention**, not a hard gate (an agent's runtime output cannot be
+blocked by a git hook). The golden-journey test
+(`tests/integration/golden-journey.test.js`) checks that this convention is
+documented and that the coordinator greeting carries the `[Imperator]` identity
+marker. Security enforcement (secret / SQL / boundary) is separate and *is*
+gated by the git hooks.

package/docs/framework/architecture-overview.md

@@ -27,13 +27,13 @@
 |  +------------------------------------------------------------+  |
 |  |                    Agent Ecosystem                          |  |
 |  |                                                              |  |
-|  |  Core (12 agentes)          Squads (18 dominios)            |  |
+|  |  Core (12 agentes)          Squads (17 dominios)            |  |
 |  |  +--------+  +--------+    +--------+  +--------+          |  |
 |  |  | Pixel  |  | Litmus |    | Brand  |  | Growth |  ...     |  |
 |  |  | (dev)  |  | (qa)   |    | Squad  |  | Squad  |          |  |
 |  |  +--------+  +--------+    +--------+  +--------+          |  |
-|  |  +--------+  +--------+    163 especialistas               |  |
-|  |  |Stratum |  |Pipeline|    em 18 squads tematicos           |  |
+|  |  +--------+  +--------+    160 especialistas               |  |
+|  |  |Stratum |  |Pipeline|    em 17 squads tematicos           |  |
 |  |  | (arch) |  |(devops)|                                     |  |
 |  |  +--------+  +--------+                                     |  |
 |  +------------------------------------------------------------+  |
@@ -54,7 +54,7 @@
 Agentes sao personas especializadas com expertise, comandos e responsabilidades definidas. Cada agente opera dentro de um escopo de autoridade exclusivo.
 
 - **12 agentes core** cobrem o ciclo completo de desenvolvimento de software
-- **163 agentes em 18 squads** expandem para dominios especializados
+- **160 agentes em 17 squads** expandem para dominios especializados
 - Cada agente tem persona (nome, estilo), comandos (`*help`, `*task`) e dependencias
 
 Ativacao: `@agent-name` ou `/SINAPSE:agents:agent-name`

package/docs/framework/collaboration-activation.md

@@ -0,0 +1,45 @@
+# Collaboration Activation Runbook
+
+> When a second contributor (e.g. Matheus / `Matheus-soier`) starts pushing to
+> this repo, the agent flips the repository from **solo mode** to **collab mode**.
+> The user never runs these steps — the agent runs them on the first sign of a
+> second contributor. Policy source: `.claude/rules/safe-collaboration.md`.
+
+## Solo mode (default, today)
+
+- Maintainer (Caio) branches → PR → self-merges (admin bypass). No required review.
+- Branch protection on `main` may be off or advisory.
+
+## Trigger to switch → collab mode
+
+Any of:
+- A push/PR appears from a non-maintainer account (`Matheus-soier`).
+- The user says "vou trabalhar com o Matheus" (or names a collaborator).
+
+## Collab-mode activation (agent runs, once)
+
+1. **Require PR review on `main`** (1 approval), keep the maintainer's admin bypass so Caio can still merge own work:
+   ```bash
+   gh api -X PUT repos/{owner}/{repo}/branches/main/protection \
+     -f required_pull_request_reviews.required_approving_review_count=1 \
+     -F enforce_admins=false \
+     -F required_status_checks.strict=true \
+     -F restrictions=null
+   ```
+   (`enforce_admins=false` = maintainer admin bypass preserved; collaborator PRs still need the approval.)
+2. **Reviewer assignment** (already in safe-collaboration.md): collaborator PR → auto-assign the maintainer as reviewer; maintainer PR → may self-merge.
+3. **Branch prefixes** stay automatic: `caio/…` for the maintainer, `soier/…` for Matheus, `dev/…` fallback.
+4. Confirm to the user in plain language: "Ativei revisão de mudanças — agora o que o Matheus enviar passa pela sua aprovação antes de entrar no principal."
+
+## Revert to solo mode
+
+If collaboration ends, the agent may relax the required review (set
+`required_approving_review_count=0` or remove the protection rule), keeping the
+secret/SQL/boundary git guards and CI checks active regardless of mode.
+
+## Invariants (both modes)
+
+- The commit-time **security guards** (secret-scan, destructive-SQL, framework
+  boundary) and the **CI status checks** apply to everyone, always — collab mode
+  only adds the human-review gate on top.
+- The user never touches git directly; the agent handles branch/PR/merge.

package/docs/framework/guiding-principles.md

@@ -22,9 +22,9 @@ Essa decisao nao e estetica --- e estrutural. Agentes de IA operam em terminais.
 
 **Por que artigos formais com enforcement automatico?**
 
-O SINAPSE possui 10 artigos constitucionais que governam o comportamento de todos os 186 agentes. Cada artigo tem severidade definida (NON-NEGOTIABLE ou MUST) e gates automaticos que bloqueiam violacoes deterministicamente.
+O SINAPSE possui 10 artigos constitucionais que governam o comportamento de todos os 172 agentes. Cada artigo tem severidade definida (NON-NEGOTIABLE ou MUST) e gates automaticos que bloqueiam violacoes deterministicamente.
 
-A alternativa --- guidelines aspiracionais --- falha em escala. Quando 186 agentes operam em 18 dominios, regras que dependem de "boa vontade" sao violadas silenciosamente. Gates automaticos (hooks pre-commit, pre-push, validacoes de story) garantem que violacoes sao detectadas e bloqueadas antes de causar dano.
+A alternativa --- guidelines aspiracionais --- falha em escala. Quando 172 agentes operam em 17 dominios, regras que dependem de "boa vontade" sao violadas silenciosamente. Gates automaticos (hooks pre-commit, pre-push, validacoes de story) garantem que violacoes sao detectadas e bloqueadas antes de causar dano.
 
 **Exemplo:** o hook `enforce-git-push-authority.sh` bloqueia qualquer agente que nao seja @devops (Pipeline) de executar `git push`. Nao e uma sugestao --- e um bloqueio deterministico.
 
@@ -66,9 +66,9 @@ A razao e separacao de responsabilidades em escala. Um orquestrador que "faz tud
 
 ## 5. Escala do Ecossistema de Agentes
 
-**Por que 186 agentes em 18 dominios?**
+**Por que 172 agentes em 17 dominios?**
 
-O SINAPSE nao e um agente generalista. E um ecossistema de 175 especialistas organizados em 18 squads tematicos. Cada agente tem persona, expertise e comandos especificos para seu dominio.
+O SINAPSE nao e um agente generalista. E um ecossistema de 160 especialistas organizados em 17 squads tematicos. Cada agente tem persona, expertise e comandos especificos para seu dominio.
 
 Essa arquitetura permite:
 
@@ -76,13 +76,13 @@ Essa arquitetura permite:
 - **Contexto otimizado:** cada agente carrega apenas as dependencias necessarias para seu dominio, preservando a janela de contexto para o trabalho real.
 - **Escalabilidade horizontal:** novos dominios sao adicionados como squads independentes, sem impactar o core.
 
-Os 12 agentes core cobrem o ciclo completo de desenvolvimento de software. Os 18 squads expandem para dominios como branding, growth, financeiro, cybersecurity e mais.
+Os 12 agentes core cobrem o ciclo completo de desenvolvimento de software. Os 17 squads expandem para dominios como branding, growth, financeiro, cybersecurity e mais.
 
 | Camada | Agentes | Funcao |
 |--------|---------|--------|
 | Core | 12 agentes | Desenvolvimento de software completo |
-| Squads | 163 agentes em 18 dominios | Especializacao por dominio |
-| Total | 186 agentes | Ecossistema completo |
+| Squads | 160 agentes em 17 dominios | Especializacao por dominio |
+| Total | 172 agentes | Ecossistema completo |
 
 > Constitution Art. VII --- metricas exatas, sempre sincronizadas
 
@@ -178,10 +178,10 @@ Isso garante que o framework mantem coerencia e qualidade mesmo com contribuicoe
 | Principio | Por que existe | Enforcement |
 |-----------|---------------|-------------|
 | CLI First | Agentes operam em terminais | Hook WARN |
-| Governanca Constitucional | 186 agentes precisam de regras deterministicas | 10 artigos + gates |
+| Governanca Constitucional | 172 agentes precisam de regras deterministicas | 10 artigos + gates |
 | Documentation-First | Codigo sem spec gera retrabalho | Hook BLOCK |
 | Delegacao Obrigatoria | Separacao de responsabilidades em escala | Hook BLOCK |
-| Ecossistema 175 Agentes | Especializacao profunda por dominio | Art. VII metricas |
+| Ecossistema 172 Agentes | Especializacao profunda por dominio | Art. VII metricas |
 | Hooks Deterministicos | Guidelines aspiracionais falham em escala | 5+ hooks ativos |
 | Colaboracao Segura | Usuarios nao sao git experts | Auto-branch/sync/PR |
 | Seguranca por Default | Licoes de vazamentos reais | 25 blockers |

package/docs/getting-started.md

@@ -65,4 +65,4 @@ npx sinapse-ai uninstall               # remove tudo
 
 ---
 
-*Próxima leitura sugerida: [Agent Reference Guide](agent-reference-guide.md) pra ver todos os 200 agentes disponíveis.*
+*Próxima leitura sugerida: [Agent Reference Guide](agent-reference-guide.md) pra ver todos os 172 agentes disponíveis.*

package/docs/guides/agent-reference.md

@@ -1,7 +1,7 @@
 # Agent Reference — SINAPSE-AI
 
 > Reference for the **10 framework agents** ship-loaded by SINAPSE-AI.
-> For the wider squad agent universe (200 agents across 19 squads), see
+> For the wider squad agent universe (172 agents across 17 squads), see
 > the squads source-of-truth at `squads/` or run
 > `npx sinapse-ai list` after install.
 

package/docs/guides/codex-config.md

@@ -101,7 +101,7 @@ Resposta esperada ao ativar atalho:
 2. Mostrar 3-6 comandos principais (`*help`, etc.)
 3. Seguir na persona do agente
 
-## Orquestradores (19 orqx: 18 squad + 1 master)
+## Orquestradores (18 orqx: 17 squad + 1 master)
 
 Cada orqx coordena um squad completo de agentes especializados. Ative via `/skills` > `sinapse-<orqx>` ou `@<orqx>`:
 
@@ -124,14 +124,13 @@ Cada orqx coordena um squad completo de agentes especializados. Ative via `/skil
 | `courses-orqx` | Courses | Curriculos, assessments, launch |
 | `cloning-orqx` | Cloning | Clonagem cognitiva, mind synthesis |
 | `council-orqx` | Council | Advisors estrategicos (Munger, Dalio, Thiel) |
-| `claude-orqx` | Claude | Claude Code, MCP, integracao avancada |
-| `swarm-orqx` | Mastery | Dominio avancado do Claude Code |
+| `swarm-orqx` | Mastery | Claude Code, MCP, integracao avancada |
 
 Agents de arquivo: `.codex/agents/<orqx>.md` ou `.claude/agents/<orqx>.md`
 
-## Agentes Especializados (175)
+## Agentes Especializados (160)
 
-Existem 186 agentes especializados organizados por 18 squads (174 em squads + 1 master orchestrator). Eles sao acessiveis via:
+Existem 172 agentes organizados em 17 squads (160 em squads + 12 framework agents, incluindo o master orchestrator). Eles sao acessiveis via:
 - `.codex/agents/<agent-name>.md` - arquivo direto
 - Chamada interna pelo orqx do squad
 

package/docs/pt/architecture/sub-orqx-pattern.md

@@ -1,7 +1,14 @@
 # Sub-Orqx 3-Level Pattern
 
-> **Status:** Documented pattern — intentional architectural choice.
-> **Scope:** Currently only `claude-code-mastery`. Do NOT normalize elsewhere without justification.
+> **Status:** SUPERSEDED (2026-05-15 squad rename). This document describes the
+> historical 3-level topology that existed BEFORE `claude-code-mastery` was
+> flattened. The former parent layer `claude-orqx` was retired (see
+> `squads/claude-code-mastery/_deprecated/`) and `swarm-orqx` (Nexus) was
+> promoted to be the squad orchestrator itself. The current topology for
+> `claude-code-mastery` is the standard 2-level model: `sinapse-orqx` →
+> `swarm-orqx` → specialists. The `tools-orqx` sub-layer and `db-sage` were
+> also deprecated. Retained for historical/architectural context only — do NOT
+> treat the diagrams below as current routing truth.
 > **Related:** Constitution Article XI (Conservative Default)
 
 ## Overview
@@ -21,18 +28,14 @@ sinapse-orqx (Imperator)
 ```
 sinapse-orqx (Imperator)
     |
-    +-- claude-orqx (squad orchestrator)
+    +-- swarm-orqx (squad orchestrator)   # historically: claude-orqx (retired)
             |
-            +-- swarm-orqx (sub-orchestrator for orchestration specialists)
-            |       |
-            |       +-- hooks-architect, mcp-integrator, config-engineer,
-            |           project-integrator, roadmap-sentinel
+            +-- (in the historical 3-level model, sub-orchestrators sat here:
+            |    swarm-orqx for orchestration specialists, tools-orqx for
+            |    tool-crafters — both since collapsed/retired)
             |
-            +-- tools-orqx (sub-orchestrator for tool-crafters)
-            |       |
-            |       +-- skill-craftsman, db-sage
-            |
-            +-- (direct specialists, when domain is narrow enough to skip sub-orqx)
+            +-- hooks-architect, mcp-integrator, config-engineer,
+                project-integrator, roadmap-sentinel, skill-craftsman
 ```
 
 ## Why This Exists
@@ -66,10 +69,9 @@ Only add a sub-orqx layer when ALL of these hold:
 ```
 User: "Configure hooks + MCP servers + settings for this project"
   -> sinapse-orqx
-  -> claude-orqx
-  -> swarm-orqx (detects multi-specialist parallel work)
+  -> swarm-orqx (squad orchestrator; detects multi-specialist parallel work)
   -> hooks-architect | mcp-integrator | config-engineer (parallel)
-  -> results merged back through swarm-orqx -> claude-orqx -> user
+  -> results merged back through swarm-orqx -> user
 ```
 
 ### tools-orqx routing
@@ -77,9 +79,9 @@ User: "Configure hooks + MCP servers + settings for this project"
 ```
 User: "Create a reusable skill for X and document the DB access pattern"
   -> sinapse-orqx
-  -> claude-orqx
-  -> tools-orqx (detects tool-crafting work)
-  -> skill-craftsman | db-sage (parallel or sequential depending on dependency)
+  -> swarm-orqx (squad orchestrator)
+  -> skill-craftsman (skill authoring; the former tools-orqx sub-layer and
+     db-sage are retired — DB work now routes via @data-engineer)
 ```
 
 ## Non-Normalization Rule

package/docs/security/overview.md

@@ -169,7 +169,7 @@ SINAPSE-AI uses 19 Claude Code hooks organized by trigger event:
 
 ### Design Principles
 
-1. **Fail-open** -- If a hook crashes or cannot parse input, it exits with code 0 (allow). This prevents hook bugs from blocking all development.
+1. **Fail-open for advisory hooks, fail-CLOSED for security guards** -- Advisory/observability hooks (validation, naming, capture) exit with code 0 (allow) if they crash or cannot parse input, so a hook bug never blocks all development. The **security guards are the deliberate exception**: the git pre-commit secret-scan, destructive-SQL guard, and framework-boundary guard fail-**closed** — if a guard cannot run, cannot read a staged file, or is uncertain, it **BLOCKS** the commit. A scanner that cannot run must never let a secret or a `DROP TABLE` through.
 2. **Fast** -- Each hook must complete in under 5 seconds.
 3. **Silent on success** -- Hooks only produce output when blocking or warning.
 4. **Deterministic** -- Same input always produces the same output.