tlc-claude-code 2.0.1 → 2.1.0

package/.claude/commands/tlc/init.md

@@ -262,9 +262,21 @@ All implementation follows **Red → Green → Refactor**:
 3. **Refactor**: Clean up while keeping tests green
 ```
 
-### 9b. Create Claude Settings for Bash Permissions (Automatic)
+### 9b. Create Claude Settings with Permissions AND Hooks (Automatic)
 
-**Always create `.claude/settings.json` during init.** This is not optional — TLC requires these permissions to run tests, commit, and build without interruption.
+**Always create `.claude/settings.json` during init.** This is not optional — TLC requires permissions for uninterrupted work AND hooks for the plugin system (enforcement, auto-verification, memory capture).
+
+**Also create `.claude/hooks/` directory** and copy all hook scripts from the TLC package. The hooks power the plugin system — without them, TLC is commands-only with no automation.
+
+Create `.claude/hooks/` with these scripts (copy from the installed TLC package at `~/.claude/hooks/` or from the npm package):
+- `tlc-block-tools.sh` — Blocks non-TLC planning tools (EnterPlanMode, TaskCreate, etc.)
+- `tlc-prompt-guard.sh` — Smart intent detection: parses user message for plan/build/fix/deploy intent and routes to the correct TLC command
+- `tlc-session-init.sh` — Initializes TLC state and ensures server is running
+- `tlc-post-push.sh` — Auto-triggers CI monitoring after `git push`
+- `tlc-post-build.sh` — Auto-triggers guard + e2e verification after build/plan
+- `tlc-capture-exchange.sh` — Captures conversations to team memory
+
+Make all hook scripts executable: `chmod +x .claude/hooks/*.sh`
 
 Create `.claude/settings.json`:
 
@@ -272,46 +284,70 @@ Create `.claude/settings.json`:
 {
   "permissions": {
     "allow": [
-      "Bash(npm *)",
-      "Bash(npx *)",
-      "Bash(node *)",
-      "Bash(git *)",
-      "Bash(gh *)",
-      "Bash(ssh *)",
-      "Bash(scp *)",
-      "Bash(rsync *)",
-      "Bash(curl *)",
-      "Bash(wget *)",
-      "Bash(docker *)",
-      "Bash(docker-compose *)",
-      "Bash(pytest*)",
-      "Bash(python *)",
-      "Bash(pip *)",
-      "Bash(go *)",
-      "Bash(cargo *)",
-      "Bash(make *)",
-      "Bash(cat *)",
-      "Bash(ls *)",
-      "Bash(pwd*)",
-      "Bash(cd *)",
-      "Bash(mkdir *)",
-      "Bash(cp *)",
-      "Bash(mv *)",
-      "Bash(which *)",
-      "Bash(echo *)",
-      "Bash(jq *)",
-      "Bash(wc *)",
-      "Bash(head *)",
-      "Bash(tail *)",
-      "Bash(sort *)",
-      "Bash(uniq *)",
-      "Bash(xargs *)"
+      "Bash(npm *)", "Bash(npx *)", "Bash(node *)", "Bash(git *)",
+      "Bash(gh *)", "Bash(ssh *)", "Bash(scp *)", "Bash(rsync *)",
+      "Bash(curl *)", "Bash(wget *)", "Bash(docker *)", "Bash(docker-compose *)",
+      "Bash(pytest*)", "Bash(python *)", "Bash(pip *)", "Bash(go *)",
+      "Bash(cargo *)", "Bash(make *)", "Bash(cat *)", "Bash(ls *)",
+      "Bash(pwd*)", "Bash(cd *)", "Bash(mkdir *)", "Bash(cp *)",
+      "Bash(mv *)", "Bash(which *)", "Bash(echo *)", "Bash(jq *)",
+      "Bash(wc *)", "Bash(head *)", "Bash(tail *)", "Bash(sort *)",
+      "Bash(uniq *)", "Bash(xargs *)"
     ]
+  },
+  "hooks": {
+    "PreToolUse": [{
+      "matcher": "EnterPlanMode|TaskCreate|TaskUpdate|TaskList|TaskGet|ExitPlanMode",
+      "hooks": [{
+        "type": "command",
+        "command": "bash $CLAUDE_PROJECT_DIR/.claude/hooks/tlc-block-tools.sh",
+        "timeout": 5
+      }]
+    }],
+    "UserPromptSubmit": [{
+      "hooks": [{
+        "type": "command",
+        "command": "bash $CLAUDE_PROJECT_DIR/.claude/hooks/tlc-prompt-guard.sh",
+        "timeout": 5
+      }]
+    }],
+    "SessionStart": [{
+      "hooks": [{
+        "type": "command",
+        "command": "bash $CLAUDE_PROJECT_DIR/.claude/hooks/tlc-session-init.sh",
+        "timeout": 5
+      }]
+    }],
+    "PostToolUse": [
+      {
+        "matcher": "Bash",
+        "hooks": [{
+          "type": "command",
+          "command": "bash $CLAUDE_PROJECT_DIR/.claude/hooks/tlc-post-push.sh",
+          "timeout": 5
+        }]
+      },
+      {
+        "matcher": "Skill",
+        "hooks": [{
+          "type": "command",
+          "command": "bash $CLAUDE_PROJECT_DIR/.claude/hooks/tlc-post-build.sh",
+          "timeout": 5
+        }]
+      }
+    ],
+    "Stop": [{
+      "hooks": [{
+        "type": "command",
+        "command": "bash \"$CLAUDE_PROJECT_DIR\"/.claude/hooks/tlc-capture-exchange.sh",
+        "timeout": 30
+      }]
+    }]
   }
 }
 ```
 
-If `.claude/settings.json` already exists, merge the permissions (don't overwrite user's existing config).
+If `.claude/settings.json` already exists, merge: preserve existing permissions (union), add hooks section if missing (don't overwrite existing hooks).
 
 ### 10. Create or Update PROJECT.md
 

package/.claude/commands/tlc/llm.md

@@ -28,20 +28,35 @@ Interactive setup to configure providers in `.tlc.json`:
 
 ### /tlc:llm status
 
-Show current configuration:
+Read from **`.tlc/.router-state.json`** (persistent state) and `.tlc.json` (config):
 
 ```
+LLM Router Status
+══════════════════════════════════════════════
+
+State: .tlc/.router-state.json
+  Probed: 2026-03-20T02:15:00Z (12 min ago)
+  TTL: 3600s (fresh)
+
 Providers:
   claude   ✓ /usr/local/bin/claude    [review, code-gen, refactor]
   codex    ✓ /usr/local/bin/codex     [review, code-gen]
   gemini   ✗ not found                [design, vision]
 
 Capabilities:
-  review    → claude, codex (fallback: claude)
-  code-gen  → claude
-  vision    → gemini (unavailable)
+  review    → claude, codex (fallback: claude)     2/2 available
+  code-gen  → claude                               1/1 available
+  vision    → gemini (unavailable)                  0/1 available
+
+Pipeline Integration:
+  Post-build review: claude + codex (consensus required)
+  Post-push e2e: claude (in-session)
 ```
 
+The state file is written by the `SessionStart` hook and re-probed every hour. All skills read from this file — no ad-hoc `which` calls.
+
+**Force re-probe:** `/tlc:llm probe` (deletes state file, next skill invocation re-probes)
+
 ### /tlc:llm models
 
 List models available from each provider.

package/.claude/commands/tlc/preflight.md

@@ -0,0 +1,134 @@
+# /tlc:preflight - Completeness Check Before Done
+
+Never declare a task complete without running this. Catches gaps, loose ends, and half-solutions before they ship.
+
+## Philosophy
+
+**Assume nothing is complete.** Every task has edges you didn't think about. This skill forces you to actively look for what's missing rather than confirming what's present.
+
+## When This Runs
+
+This is a **plugin** — it fires automatically via PostToolUse hook whenever Claude is about to declare work "done." You don't invoke it manually.
+
+It also runs:
+- After `/tlc:build` (via guard + preflight chain)
+- After any multi-file change
+- Before recommending a commit or push
+
+## Process
+
+### Step 1: Inventory What Was Changed
+
+List every file that was created, modified, or deleted in this session. For each one:
+- What was the intent?
+- Was the change completed or left partial?
+
+### Step 2: Trace All References
+
+For every file changed, check:
+- **Is it registered/imported where needed?** (e.g., new module added to an index, new command added to a commands array, new route added to a router)
+- **Does anything else reference it?** (e.g., config files, package.json, install scripts, documentation)
+- **Are there parallel systems that need the same update?** (e.g., install.js AND postinstall.js, package.json `files` AND `bin`, CLAUDE.md AND help.md)
+
+This is the #1 source of half-solutions: changing the thing but not updating everything that points to the thing.
+
+### Step 3: Check Consistency Across Layers
+
+For each change, verify consistency across ALL layers:
+
+| Layer | Check |
+|-------|-------|
+| **Source files** | Does the code do what was intended? |
+| **Tests** | Do tests exist and pass? |
+| **Config** | Are config files updated (package.json, .tlc.json, settings.json)? |
+| **Distribution** | Will this ship to end users? (files array, install scripts, postinstall) |
+| **Documentation** | Is the change reflected in docs, help text, command tables? |
+| **Integration** | Do other systems that depend on this still work? |
+
+### Step 4: Ask the Hard Questions
+
+Before declaring done, explicitly answer each:
+
+1. **"If someone installs this fresh right now, will it work?"**
+   - Not "does it work on my machine" — does it work from a clean install?
+
+2. **"What did I assume exists that might not?"**
+   - Files, directories, env vars, running services, permissions
+
+3. **"What's the blast radius?"**
+   - What else touches the same files/systems I changed?
+   - Did I update ALL of those touchpoints?
+
+4. **"Is there a parallel path I forgot?"**
+   - Two install scripts? Two config files? Multiple places the same list appears?
+
+5. **"What would a user try that I didn't test?"**
+   - Edge cases in usage, not just happy path
+
+### Step 5: Report
+
+**If gaps found:**
+```
+PREFLIGHT CHECK — GAPS FOUND
+
+Changes made: 3 files created, 2 files modified
+
+Gaps:
+1. Created new-feature.md but not added to COMMANDS array in install.js
+2. Modified settings.json but init.md template not updated to match
+3. No test file for new utility function
+
+Fix these before declaring done.
+```
+
+**If clean:**
+```
+PREFLIGHT CHECK — CLEAR
+
+Changes made: 3 files created, 2 files modified
+All references updated: ✅
+Distribution verified: ✅
+Tests exist: ✅
+Config consistent: ✅
+
+Task is complete.
+```
+
+## Common Gap Patterns
+
+These are the most frequent gaps this skill catches:
+
+| Pattern | Example |
+|---------|---------|
+| **Registry miss** | New file created but not added to install array, export list, or index |
+| **Parallel system miss** | Updated install.js but not postinstall.js |
+| **Config drift** | Changed settings.json but init.md still generates the old version |
+| **Distribution miss** | File exists in repo but won't ship (not in package.json files) |
+| **Doc drift** | New command added but not in CLAUDE.md dispatch table or help.md |
+| **Test miss** | New code without corresponding test |
+| **Cross-reference miss** | Renamed something but didn't grep for all references |
+
+## Example
+
+```
+PREFLIGHT CHECK — GAPS FOUND
+
+Session changes:
+  + .claude/commands/tlc/watchci.md (new skill)
+  + .claude/commands/tlc/e2e-verify.md (new skill)
+  + .claude/commands/tlc/guard.md (new skill)
+  + .claude/hooks/tlc-post-push.sh (new hook)
+  + .claude/hooks/tlc-post-build.sh (new hook)
+  ~ .claude/settings.json (added PostToolUse hooks)
+  ~ CLAUDE.md (added dispatch entries)
+
+Gaps:
+  ❌ watchci.md, e2e-verify.md, guard.md not in COMMANDS array (bin/install.js)
+  ❌ .claude/hooks/ not in package.json files array — won't ship
+  ❌ postinstall.js doesn't copy hooks — fresh install broken
+  ❌ init.md settings template doesn't include new hooks
+  ❌ help.md doesn't list new commands
+  ❌ bootstrap.md was already missing from COMMANDS array (pre-existing gap)
+
+6 gaps found. Fix before declaring done.
+```

package/.claude/commands/tlc/review.md

@@ -41,19 +41,32 @@ TLC automatically uses ALL providers configured for the `review` capability in `
 
 ## Process
 
-### Step 1: Load Router Configuration
+### Step 1: Load Router State (Persistent)
 
-Read `.tlc.json` to get configured review providers:
+**Always read from the router state file first**, then fall back to config:
 
 ```javascript
+// 1. Read persistent router state (written by session-init hook)
+const routerState = JSON.parse(fs.readFileSync('.tlc/.router-state.json', 'utf-8'));
+
+// 2. Read config for capability mappings
 const config = JSON.parse(fs.readFileSync('.tlc.json', 'utf-8'));
 const reviewProviders = config.router?.capabilities?.review?.providers || ['claude'];
 const providers = config.router?.providers || {};
+
+// 3. Filter to only AVAILABLE providers (from state file)
+const availableReviewers = reviewProviders.filter(p =>
+  routerState.providers[p]?.available === true
+);
 ```
 
-**Default providers for review:** `['claude', 'codex']`
+**The state file (`.tlc/.router-state.json`) is authoritative for availability.** It's written by the `SessionStart` hook, re-probed every hour, and persists across skill invocations. Never run `which codex` yourself — read the state file.
+
+If the state file is missing or stale (>1 hour), probe manually and write a fresh one.
+
+**Default providers for review:** `['claude', 'codex']` — but only invoked if the state file confirms they're available.
 
-If Codex is configured and available, it WILL be invoked automatically.
+If Codex is configured AND available in state, it WILL be invoked automatically.
 
 ### Step 2: Identify Changes
 

package/.claude/commands/tlc/watchci.md

@@ -0,0 +1,159 @@
+# /tlc:watchci - Watch CI and Fix Until Green
+
+After pushing code, monitor the GitHub Actions run and fix failures in a loop until CI passes.
+
+## What This Does
+
+1. **Identifies the GH Actions run** triggered by the latest push
+2. **Polls until complete** (or fails)
+3. **On failure**: reads the logs, identifies the issue, fixes it, commits, pushes again
+4. **Repeats** until green or max attempts reached
+5. **Reports** final status
+
+This is the "I pushed, now babysit CI for me" command.
+
+## Usage
+
+```
+/tlc:watchci
+/tlc:watchci 3          # max 3 fix attempts (default: 5)
+```
+
+## Process
+
+### Step 1: Find the Active Run
+
+```bash
+gh run list --limit 5 --json databaseId,status,conclusion,headBranch,event,name,createdAt
+```
+
+- Find the most recent run on the current branch
+- If no run is in progress or recently completed, tell the user and exit
+- Show: workflow name, run ID, status
+
+### Step 2: Wait for Completion
+
+Poll the run status every 30 seconds:
+
+```bash
+gh run view <run_id> --json status,conclusion
+```
+
+While status is `in_progress` or `queued`:
+- Print a brief status update every 60 seconds (not every poll)
+- Continue waiting
+
+### Step 3: Check Result
+
+If `conclusion` is `success`:
+- Report green and exit
+
+If `conclusion` is `failure`:
+- Move to Step 4
+
+### Step 4: Read Failure Logs
+
+```bash
+gh run view <run_id> --log-failed
+```
+
+- Parse the failed step(s) and their log output
+- Identify the root cause:
+  - **Test failure**: Which test, what assertion, what file
+  - **Build failure**: Which compilation error, what file/line
+  - **Lint failure**: Which rule, what file/line
+  - **Dependency issue**: Which package, what version conflict
+  - **Other**: Extract the relevant error message
+
+### Step 5: Fix the Issue
+
+Based on the failure type:
+
+**Test failure:**
+- Read the failing test file and the source file it tests
+- Understand what broke
+- Fix the source code (not the test, unless the test itself is wrong)
+- Run the test locally first to verify: `npm test` or `npx vitest run <file>`
+
+**Build failure:**
+- Read the file with the compilation error
+- Fix the type error, missing import, etc.
+- Verify locally: `npm run build` or `npx tsc --noEmit`
+
+**Lint failure:**
+- Read the file and fix the lint issue
+- Verify locally: `npm run lint`
+
+**Dependency issue:**
+- Fix package.json or lock file as needed
+- Verify locally: `npm ci`
+
+### Step 6: Commit and Push
+
+- Stage only the files you changed
+- Commit with message: `fix: resolve CI failure - <brief description>`
+- Push to the same branch
+- **Ask user before pushing** (per TLC rules)
+
+### Step 7: Loop Back
+
+- Return to Step 1 to watch the new run
+- Track attempt count
+- If max attempts (default 5) reached without green, stop and report:
+  - What was tried
+  - What's still failing
+  - Suggestion for manual investigation
+
+## Guard Rails
+
+- **Never push without asking.** Even in a fix loop, confirm before each push.
+- **Never modify tests to make CI pass** unless the test itself has a genuine bug (not a "make the assertion match the wrong output" fix).
+- **Local verification first.** Always run the fix locally before pushing.
+- **Max attempts.** Default 5. Don't loop forever.
+- **Don't mask failures.** If a test is legitimately catching a bug, fix the bug. Don't skip the test.
+
+## Example
+
+```
+> /tlc:watchci
+
+Watching CI for branch: feature/auth-module
+Run #4521 (CI) — in progress...
+
+⏳ Waiting... (2m elapsed)
+⏳ Waiting... (3m elapsed)
+
+❌ Run #4521 failed
+
+Failed step: "Run tests"
+Error: FAIL server/lib/auth/auth.test.js
+  ● validateToken › should reject expired tokens
+    Expected: "TOKEN_EXPIRED"
+    Received: "INVALID_TOKEN"
+
+Reading auth.test.js and auth.service.js...
+
+Found: validateToken returns generic "INVALID_TOKEN" for expired tokens
+instead of the specific "TOKEN_EXPIRED" error code.
+
+Fix: Update the expiry check in auth.service.js to return "TOKEN_EXPIRED"
+
+Running locally... ✅ Test passes
+
+Ready to commit and push fix? (Y/n)
+> y
+
+Pushed. Watching new run...
+
+Run #4522 (CI) — in progress...
+⏳ Waiting... (2m elapsed)
+
+✅ Run #4522 passed! CI is green.
+```
+
+## When to Use
+
+- After pushing and you want CI monitored automatically
+- After `/tlc:build` when you've pushed your work
+- When CI keeps failing and you want the fix loop automated
+- Pair with `/tlc:e2e-verify` for full verification after CI is green

package/.claude/hooks/tlc-block-tools.sh

@@ -0,0 +1,41 @@
+#!/bin/bash
+# TLC Enforcement Layer 1: Hard-block non-TLC planning tools
+# Fires on PreToolUse for banned tools and DENIES them.
+# Claude cannot bypass this - the tool call never executes.
+
+INPUT=$(cat)
+TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty')
+
+case "$TOOL" in
+  EnterPlanMode)
+    REASON="BLOCKED by TLC. Use /tlc:plan instead. Plans go in .planning/phases/ files."
+    ;;
+  TaskCreate)
+    REASON="BLOCKED by TLC. Tasks live in .planning/phases/{N}-PLAN.md with [ ] markers."
+    ;;
+  TaskUpdate)
+    REASON="BLOCKED by TLC. Update task markers in .planning/phases/{N}-PLAN.md files."
+    ;;
+  TaskGet)
+    REASON="BLOCKED by TLC. Read tasks from .planning/phases/{N}-PLAN.md files."
+    ;;
+  TaskList)
+    REASON="BLOCKED by TLC. Use /tlc:progress to check task status."
+    ;;
+  ExitPlanMode)
+    REASON="BLOCKED by TLC. Plans are approved via /tlc:build, not ExitPlanMode."
+    ;;
+  *)
+    exit 0
+    ;;
+esac
+
+cat <<EOF
+{
+  "hookSpecificOutput": {
+    "hookEventName": "PreToolUse",
+    "permissionDecision": "deny",
+    "permissionDecisionReason": "${REASON}"
+  }
+}
+EOF

package/.claude/hooks/tlc-capture-exchange.sh

@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+# TLC Memory Capture - Claude Code Stop Hook
+#
+# Reads Stop hook JSON from stdin, extracts the assistant response,
+# and sends it to the TLC server for memory processing.
+# Falls back to local spool when server is unreachable.
+#
+# This script MUST exit 0 always - capture failures never block Claude.
+
+set -o pipefail
+
+# Read stdin (Stop hook provides JSON)
+INPUT=$(cat)
+
+# Quick exit if no input
+[ -z "$INPUT" ] && exit 0
+
+# Use the capture-bridge Node.js module for reliable processing
+PROJECT_DIR="${CLAUDE_PROJECT_DIR:-$(pwd)}"
+BRIDGE_SCRIPT="$PROJECT_DIR/server/lib/capture-bridge.js"
+
+if [ -f "$BRIDGE_SCRIPT" ]; then
+  echo "$INPUT" | node -e "
+    const bridge = require('$BRIDGE_SCRIPT');
+    let input = '';
+    process.stdin.on('data', d => input += d);
+    process.stdin.on('end', async () => {
+      const parsed = bridge.parseStopHookInput(input);
+      if (!parsed || !parsed.assistantMessage) process.exit(0);
+
+      const userMessage = parsed.transcriptPath
+        ? bridge.extractLastUserMessage(parsed.transcriptPath)
+        : null;
+
+      await bridge.captureExchange({
+        cwd: parsed.cwd || '$PROJECT_DIR',
+        assistantMessage: parsed.assistantMessage,
+        userMessage,
+        sessionId: parsed.sessionId,
+      });
+
+      const path = require('path');
+      const spoolDir = path.join(parsed.cwd || '$PROJECT_DIR', '.tlc', 'memory');
+      await bridge.drainSpool(spoolDir);
+    });
+  " 2>/dev/null
+fi
+
+# Always exit 0 - never block Claude
+exit 0

package/.claude/hooks/tlc-post-build.sh

@@ -0,0 +1,38 @@
+#!/bin/bash
+# TLC Plugin: Post-build and post-plan automation chain
+# Fires on PostToolUse for Skill.
+#
+# After /tlc:build (code written):
+#   guard → preflight → review (Claude + Codex) → if APPROVED → offer push + PR
+#
+# After /tlc:plan:
+#   guard plan → validate structure
+#
+# After /tlc:quick:
+#   preflight → review → offer push
+
+INPUT=$(cat)
+TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty')
+
+# Only care about Skill tool
+[ "$TOOL" != "Skill" ] && exit 0
+
+SKILL=$(echo "$INPUT" | jq -r '.tool_input.skill // empty')
+
+case "$SKILL" in
+  tlc:build)
+    echo "[TLC-PLUGIN] Build phase complete. Mandatory post-build chain:
+(1) Run /tlc:guard to validate TLC process compliance (test-first, coverage, no skipped tests).
+(2) Run /tlc:preflight to check for gaps (references, registries, configs, distribution).
+(3) Run /tlc:review to invoke multi-LLM review — Claude reviews in-session, THEN invoke Codex CLI for second opinion. BOTH must APPROVE.
+(4) If review APPROVED: ask user for permission to push to remote and create a PR for main.
+(5) If review CHANGES_REQUESTED: fix the issues and re-run the review. Do NOT push.
+Do NOT skip any step. Do NOT push without review approval."
+    ;;
+  tlc:plan)
+    echo "[TLC-PLUGIN] Plan created. Now automatically run /tlc:guard plan to validate the plan has proper task breakdown, acceptance criteria, and dependency ordering. Do NOT skip."
+    ;;
+  tlc:quick)
+    echo "[TLC-PLUGIN] Quick task complete. Run /tlc:preflight then /tlc:review (Claude + Codex). If APPROVED, ask user for permission to push and create PR."
+    ;;
+esac

package/.claude/hooks/tlc-post-push.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+# TLC Plugin: Post-push automation chain
+# Fires on PostToolUse for Bash. Detects git push.
+#
+# After git push:
+#   watchci (monitor GH Actions) → if green → e2e-verify (screenshots + logs)
+
+INPUT=$(cat)
+TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty')
+
+# Only care about Bash tool
+[ "$TOOL" != "Bash" ] && exit 0
+
+# Check if the command was a git push
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty')
+if echo "$COMMAND" | grep -qE '^git push'; then
+  echo "[TLC-PLUGIN] git push detected. Mandatory post-push chain:
+(1) Run /tlc:watchci — monitor the GitHub Actions run, read failure logs, fix issues, and push again until CI is green.
+(2) Once CI is green, run /tlc:e2e-verify — start the app, take screenshots, read them visually, check server and console logs for errors.
+(3) If e2e-verify finds issues, fix them and push again (which restarts this chain).
+Do NOT skip any step."
+fi