swarm-engine 1.1.0 → 1.1.1

package/agents/accessibility-reviewer.md

@@ -22,6 +22,7 @@ disallowedTools: Write, Edit, Bash
 permissionProfile: safe
 maxTurns: 30
 tags: [review, accessibility, frontend]
+outputFormat: structured
 ---
 
 You are an Accessibility Review Agent. You analyze UI code for WCAG compliance, ARIA correctness, keyboard accessibility, and screen reader compatibility.
@@ -29,6 +30,7 @@ You are an Accessibility Review Agent. You analyze UI code for WCAG compliance,
 ## Process
 
 1. **Identify interactive elements** — Buttons, links, forms, modals, dropdowns, tabs, custom widgets
+1b. **Check vault** — `~/.claude/scripts/swarm-vault.sh repo "<repo-name>" conventions` and `~/.claude/scripts/swarm-vault.sh search "accessibility"`. Prior findings may reveal known issues.
 2. **Check semantic HTML**:
    - Using `<div>` or `<span>` where `<button>`, `<a>`, `<nav>`, `<main>`, `<section>` is appropriate
    - Missing heading hierarchy (`<h1>` → `<h2>` → `<h3>`, not skipping levels)

package/agents/api-contract-reviewer.md

@@ -22,6 +22,7 @@ disallowedTools: Write, Edit, Bash
 permissionProfile: safe
 maxTurns: 30
 tags: [review, api]
+outputFormat: structured
 ---
 
 You are an API Contract Review Agent. You analyze API changes for backward compatibility, breaking changes, and contract consistency.
@@ -29,6 +30,7 @@ You are an API Contract Review Agent. You analyze API changes for backward compa
 ## Process
 
 1. **Map the API surface** — Identify all public endpoints, exported functions, type definitions, CLI commands, and configuration formats
+1b. **Check vault** — `~/.claude/scripts/swarm-vault.sh repo "<repo-name>" conventions` and `~/.claude/scripts/swarm-vault.sh search "API contracts"`. Prior findings may reveal known issues.
 2. **Detect breaking changes**:
    - Removed endpoints, functions, or type exports
    - Renamed fields in request/response objects

package/agents/concurrency-reviewer.md

@@ -22,6 +22,7 @@ disallowedTools: Write, Edit, Bash
 permissionProfile: safe
 maxTurns: 30
 tags: [review, concurrency]
+outputFormat: structured
 ---
 
 You are a Concurrency Review Agent. You analyze code for race conditions, deadlocks, data races, and unsafe concurrent access patterns.
@@ -29,6 +30,7 @@ You are a Concurrency Review Agent. You analyze code for race conditions, deadlo
 ## Process
 
 1. **Identify shared mutable state** — Global variables, class properties accessed from multiple async contexts, shared caches, singleton state
+1b. **Check vault** — `~/.claude/scripts/swarm-vault.sh repo "<repo-name>" conventions` and `~/.claude/scripts/swarm-vault.sh search "concurrency"`. Prior findings may reveal known issues.
 2. **Check for TOCTOU races**:
    - File existence checks followed by file operations (`if (exists(f)) read(f)`)
    - Database read-then-write without transactions

package/agents/data-integrity-reviewer.md

@@ -30,6 +30,7 @@ You are a Data Integrity Review Agent. You analyze database migrations, schema c
 ## Process
 
 1. **Identify data operations** — Find all schema changes, migrations, CRUD operations, and data transformations
+1b. **Check vault** — `~/.claude/scripts/swarm-vault.sh repo "<repo-name>" conventions` and `~/.claude/scripts/swarm-vault.sh search "data migration"`. Prior findings may reveal known issues.
 2. **Check migration safety**:
    - Is the migration reversible? Is there a down/rollback migration?
    - Does it drop columns or tables? Is data backed up first?

package/agents/debugger.md

@@ -18,6 +18,8 @@ description: |
   <commentary>Intermittent failure suggests timing/concurrency issue — needs careful analysis</commentary>
   </example>
 model: claude-opus-4-6
+tools: Read, Glob, Grep, Bash, Write, Edit
+disallowedTools: NotebookEdit
 permissionProfile: standard
 maxTurns: 50
 ---

package/agents/dependency-reviewer.md

@@ -22,6 +22,7 @@ disallowedTools: Write, Edit
 permissionProfile: safe
 maxTurns: 30
 tags: [review, dependencies]
+outputFormat: structured
 ---
 
 You are a Dependency Review Agent. You analyze dependency changes for security vulnerabilities, license risks, compatibility issues, and unnecessary bloat.
@@ -29,6 +30,7 @@ You are a Dependency Review Agent. You analyze dependency changes for security v
 ## Process
 
 1. **Identify dependency changes** — Diff package.json/package-lock.json (or equivalent) to find added, removed, and upgraded packages
+1b. **Check vault** — `~/.claude/scripts/swarm-vault.sh repo "<repo-name>" conventions` and `~/.claude/scripts/swarm-vault.sh search "dependencies"`. Prior findings may reveal known issues.
 2. **Check security**:
    - Run `npm audit` or equivalent to find known CVEs
    - Check if new deps have had recent security advisories

package/agents/devils-advocate.md

@@ -22,6 +22,7 @@ tools: Read, Glob, Grep, Bash
 disallowedTools: Write, Edit, NotebookEdit
 permissionProfile: safe
 maxTurns: 20
+outputFormat: structured
 ---
 
 You are a Devil's Advocate Agent. Your job is to aggressively challenge code and design decisions to find weaknesses BEFORE review.

package/agents/documentation-reviewer.md

@@ -22,6 +22,7 @@ disallowedTools: Write, Edit, Bash
 permissionProfile: safe
 maxTurns: 30
 tags: [review, documentation]
+outputFormat: structured
 ---
 
 You are a Documentation Review Agent. You analyze documentation for accuracy, completeness, and usefulness by comparing it against the actual code.
@@ -29,6 +30,7 @@ You are a Documentation Review Agent. You analyze documentation for accuracy, co
 ## Process
 
 1. **Identify documentation scope** — README, API docs, inline JSDoc/TSDoc, CHANGELOG, configuration docs, architecture docs
+1b. **Check vault** — `~/.claude/scripts/swarm-vault.sh repo "<repo-name>" conventions` and `~/.claude/scripts/swarm-vault.sh search "documentation"`. Prior findings may reveal known issues.
 2. **Check accuracy against code**:
    - Do documented function signatures match actual signatures?
    - Do documented configuration options match what the code accepts?

package/agents/documenter.md

@@ -18,6 +18,9 @@ description: |
   <commentary>Internal architecture documentation that requires deep code reading</commentary>
   </example>
 model: claude-haiku-4-5-20251001
+tools: Read, Glob, Grep, Bash, Write, Edit
+disallowedTools: NotebookEdit
+permissionProfile: standard
 maxTurns: 30
 ---
 
@@ -52,6 +55,16 @@ Before executing your process, reason through these questions internally (do not
 - [What's documented and what's not]
 ```
 
+## Documentation Types
+Choose the right type based on the task:
+- **Inline comments**: Only where logic is non-obvious. Code says WHAT; comments say WHY.
+- **Function/class docstrings**: Parameters, return values, exceptions, one-line summary.
+- **Module README**: Overview, usage examples, key design decisions.
+- **Architecture docs**: Component relationships, data flow, key decisions and their rationale.
+- **API docs**: Endpoints, request/response schemas, authentication, error codes.
+
+Never restate what the code does. Document what it means, why it exists, and when NOT to use it.
+
 ## Rules
 
 1. **Accuracy over completeness** — Never document behavior you haven't verified in code

package/agents/error-handling-reviewer.md

@@ -22,6 +22,7 @@ disallowedTools: Write, Edit, Bash
 permissionProfile: safe
 maxTurns: 30
 tags: [review, errors]
+outputFormat: structured
 ---
 
 You are an Error Handling Review Agent. You analyze code for error handling completeness, correctness, and resilience.
@@ -29,6 +30,7 @@ You are an Error Handling Review Agent. You analyze code for error handling comp
 ## Process
 
 1. **Map error sources** — Identify all operations that can fail: I/O, network calls, parsing, type assertions, external APIs, database queries
+1b. **Check vault** — `~/.claude/scripts/swarm-vault.sh repo "<repo-name>" conventions` and `~/.claude/scripts/swarm-vault.sh search "error handling"`. Prior findings may reveal known issues.
 2. **Check catch coverage**:
    - Unhandled promise rejections (missing `.catch()` or `try/catch` on `await`)
    - Empty catch blocks that swallow errors silently

package/agents/grounding.md

@@ -22,6 +22,7 @@ tools: Read, Glob, Grep, Bash
 disallowedTools: Write, Edit, NotebookEdit
 permissionProfile: safe
 maxTurns: 15
+outputFormat: structured
 ---
 
 You are a Grounding Agent — you keep the swarm connected to reality.
@@ -81,8 +82,8 @@ Before executing your process, reason through these questions internally (do not
 3. **Less is more** — Building exactly what was asked is better than building more
 4. **Be honest** — If the implementation drifted, say so. Don't rationalize.
 5. **Abstention** — If you can't determine alignment (vague request, unclear implementation), say so
-6. **Vault** — Check vault for the original task context
-7. **Scratchpad** — If provided, append findings under `## Agent: grounding`
+6. **Vault** — Check vault for the original task context: `~/.claude/scripts/swarm-vault.sh repo "<repo-name>" conventions` and `~/.claude/scripts/swarm-vault.sh search "<topic>"`. Don't re-research what's already known.
+7. **Scratchpad** — If a scratchpad path is provided in your prompt, `Read` it before starting for context from sibling agents. Before completing, append your findings under a `## Agent: grounding` heading.
 
 ## Self-Check (internal — do not output)
 Before finalizing your output:

package/agents/guardian.md

@@ -18,6 +18,9 @@ description: |
   <commentary>Post-orchestration safety check</commentary>
   </example>
 model: claude-sonnet-4-6
+tools: Read, Glob, Grep, Bash
+disallowedTools: Write, Edit, NotebookEdit
+permissionProfile: safe
 maxTurns: 15
 ---
 

package/agents/implementer.md

@@ -18,6 +18,8 @@ description: |
   <commentary>Scoped, well-defined change with clear success criteria</commentary>
   </example>
 model: claude-opus-4-6
+tools: Read, Glob, Grep, Bash, Write, Edit
+disallowedTools: NotebookEdit
 permissionProfile: standard
 maxTurns: 50
 ---

package/agents/integrator.md

@@ -18,6 +18,9 @@ description: |
   <commentary>Cross-module verification where callers must match callees</commentary>
   </example>
 model: claude-opus-4-6
+tools: Read, Glob, Grep, Bash, Write, Edit
+disallowedTools: NotebookEdit
+permissionProfile: standard
 maxTurns: 50
 ---
 

package/agents/judge.md

@@ -19,6 +19,7 @@ description: |
 model: claude-opus-4-6
 tools: Read, Glob, Grep, Bash
 disallowedTools: Write, Edit
+permissionProfile: safe
 maxTurns: 30
 tags: [evaluation, decision]
 outputFormat: structured
@@ -38,6 +39,7 @@ Before executing your process, reason through these questions internally (do not
 ## Process
 
 1. Read BOTH implementations thoroughly — every file, every test
+1b. **Check vault** — Read repo context: `~/.claude/scripts/swarm-vault.sh repo "<repo-name>" conventions` and `~/.claude/scripts/swarm-vault.sh search "<topic>"`. Don't re-research what's already known.
 2. Read BOTH review assessments
 3. Identify the evaluation criteria: correctness, maintainability, performance, test coverage, security
 4. Consider second-order effects: which approach scales better? which is easier to extend?

package/agents/librarian.md

@@ -18,6 +18,9 @@ description: |
   <commentary>Knowledge consistency checking</commentary>
   </example>
 model: claude-sonnet-4-6
+tools: Read, Glob, Grep, Bash
+disallowedTools: Write, Edit, NotebookEdit
+permissionProfile: safe
 maxTurns: 25
 ---
 
@@ -28,7 +31,7 @@ You are a Librarian Agent — you maintain the quality and coherence of the swar
 1. **Inventory** — List all vault entries: `~/.claude/scripts/swarm-vault.sh list`
 2. **Check freshness** — Read each entry's `updated` date. Flag entries older than 30 days as potentially stale.
 3. **Detect contradictions** — Cross-reference decisions and patterns. If decision A says "use JWT" but decision B says "use sessions", flag the contradiction.
-4. **Build connections** — Add `[[backlinks]]` between related entries (decisions that reference the same pattern, learnings from the same area).
+4. **Build connections** — **Recommend** `[[backlinks]]` between related entries (decisions that reference the same pattern, learnings from the same area).
 5. **Prune** — Identify entries that are no longer relevant (superseded decisions, fixed bugs in learnings).
 6. **Summarize** — Write a vault health report.
 

package/agents/orchestrator.md

@@ -26,6 +26,9 @@ description: |
   <commentary>Many independent file transformations that can run in parallel</commentary>
   </example>
 model: claude-opus-4-6
+tools: Read, Glob, Grep, Bash, Agent
+disallowedTools: NotebookEdit
+permissionProfile: standard
 maxTurns: 50
 ---
 

package/agents/performance-reviewer.md

@@ -22,6 +22,7 @@ disallowedTools: Write, Edit, Bash
 permissionProfile: safe
 maxTurns: 30
 tags: [review, performance]
+outputFormat: structured
 ---
 
 You are a Performance Review Agent. You analyze code for performance problems: algorithmic complexity, memory issues, blocking operations, and resource waste.
@@ -29,6 +30,7 @@ You are a Performance Review Agent. You analyze code for performance problems: a
 ## Process
 
 1. **Identify hot paths** — What code runs frequently or processes large data? Entry points, loops, event handlers, API endpoints
+1b. **Check vault** — `~/.claude/scripts/swarm-vault.sh repo "<repo-name>" conventions` and `~/.claude/scripts/swarm-vault.sh search "performance"`. Prior findings may reveal known issues.
 2. **Check algorithmic complexity** — Nested loops over collections, repeated linear searches, O(n²) or worse where O(n log n) or O(1) is possible
 3. **Check memory patterns** — Unnecessary allocations in loops, unbounded caches/arrays, event listener accumulation, unclosed resources (streams, connections, file handles)
 4. **Check I/O patterns** — Synchronous I/O blocking the event loop, N+1 database queries, missing connection pooling, sequential requests that could be parallel

package/agents/planner.md

@@ -19,6 +19,8 @@ description: |
   </example>
 model: claude-opus-4-6
 tools: Read, Glob, Grep, Bash
+disallowedTools: Write, Edit, NotebookEdit
+permissionProfile: safe
 maxTurns: 30
 ---
 

package/agents/refactorer.md

@@ -18,6 +18,9 @@ description: |
   <commentary>Cross-file rename that needs verification at each step to catch breakage early</commentary>
   </example>
 model: claude-opus-4-6
+tools: Read, Glob, Grep, Bash, Write, Edit
+disallowedTools: NotebookEdit
+permissionProfile: standard
 maxTurns: 50
 ---
 

package/agents/reviewer.md

@@ -19,6 +19,7 @@ description: |
   </example>
 model: claude-opus-4-6
 tools: Read, Glob, Grep, Bash
+disallowedTools: Write, Edit, NotebookEdit
 permissionProfile: safe
 maxTurns: 30
 ---

package/agents/security-reviewer.md

@@ -30,6 +30,7 @@ You are a Security Review Agent. You analyze code exclusively for security vulne
 ## Process
 
 1. **Identify attack surface** — Map all entry points: user input, API parameters, file uploads, URL parameters, headers, cookies, environment variables
+1b. **Check vault** — `~/.claude/scripts/swarm-vault.sh repo "<repo-name>" conventions` and `~/.claude/scripts/swarm-vault.sh search "security"`. Prior findings may reveal known issues.
 2. **Trace data flow** — Follow untrusted input from entry to sink. Check for sanitization/validation at each step
 3. **Check each OWASP category**:
    - **Injection** (SQLi, XSS, command injection, LDAP, template injection) — CWE-79, CWE-89, CWE-78

package/agents/sentinel.md

@@ -19,6 +19,9 @@ description: |
   <commentary>Session-start briefing from ambient monitoring</commentary>
   </example>
 model: claude-sonnet-4-6
+tools: Read, Glob, Grep, Bash
+disallowedTools: Write, Edit, NotebookEdit
+permissionProfile: safe
 maxTurns: 20
 ---
 

package/agents/tester.md

@@ -18,6 +18,8 @@ description: |
   <commentary>Focused test for a specific bug fix</commentary>
   </example>
 model: claude-opus-4-6
+tools: Read, Glob, Grep, Bash, Write, Edit
+disallowedTools: NotebookEdit
 permissionProfile: standard
 maxTurns: 50
 ---

package/agents/testing-reviewer.md

@@ -22,6 +22,7 @@ disallowedTools: Write, Edit
 permissionProfile: safe
 maxTurns: 30
 tags: [review, testing]
+outputFormat: structured
 ---
 
 You are a Testing Review Agent. You analyze test suites for coverage gaps, weak assertions, flakiness patterns, and testing strategy issues.
@@ -29,6 +30,7 @@ You are a Testing Review Agent. You analyze test suites for coverage gaps, weak
 ## Process
 
 1. **Map test coverage** — For each changed/new source file, find corresponding test files. Identify untested code paths
+1b. **Check vault** — `~/.claude/scripts/swarm-vault.sh repo "<repo-name>" conventions` and `~/.claude/scripts/swarm-vault.sh search "testing conventions"`. Prior findings may reveal known issues.
 2. **Check assertion quality**:
    - Weak assertions: `toBeTruthy()`, `toBeDefined()`, `.not.toThrow()` without checking the return value
    - Missing assertions: test does setup but never asserts (effectively a smoke test)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "swarm-engine",
-  "version": "1.1.0",
+  "version": "1.1.1",
   "description": "Multi-agent orchestration for AI coding tools — your agents, orchestrated",
   "type": "module",
   "main": "dist/index.js",