tlc-claude-code 2.0.1 → 2.2.0

package/.claude/commands/tlc/review.md

@@ -1,6 +1,6 @@
 # /tlc:review - Review Current Branch
 
-Review changes on current branch before pushing.
+Review changes on current branch before pushing. **Runs in a loop until clean.**
 
 ## What This Does
 
@@ -9,7 +9,10 @@ Review changes on current branch before pushing.
 3. Checks test coverage for all changed files
 4. Analyzes commit order for TDD compliance
 5. Scans for security issues
-6. Generates verdict: APPROVED or CHANGES_REQUESTED
+6. If issues found → **fix them automatically, then re-review**
+7. **Repeats until both Claude and Codex approve** — no arbitrary limit, runs until clean
+
+**This is an iterative review loop, not a single pass.** Think of it as RL-mode: keep fixing and re-checking until the code is foolproof.
 
 **This runs automatically at the end of `/tlc:build`.**
 
@@ -41,19 +44,32 @@ TLC automatically uses ALL providers configured for the `review` capability in `
 
 ## Process
 
-### Step 1: Load Router Configuration
+### Step 1: Load Router State (Persistent)
 
-Read `.tlc.json` to get configured review providers:
+**Always read from the router state file first**, then fall back to config:
 
 ```javascript
+// 1. Read persistent router state (written by session-init hook)
+const routerState = JSON.parse(fs.readFileSync('.tlc/.router-state.json', 'utf-8'));
+
+// 2. Read config for capability mappings
 const config = JSON.parse(fs.readFileSync('.tlc.json', 'utf-8'));
 const reviewProviders = config.router?.capabilities?.review?.providers || ['claude'];
 const providers = config.router?.providers || {};
+
+// 3. Filter to only AVAILABLE providers (from state file)
+const availableReviewers = reviewProviders.filter(p =>
+  routerState.providers[p]?.available === true
+);
 ```
 
-**Default providers for review:** `['claude', 'codex']`
+**The state file (`.tlc/.router-state.json`) is authoritative for availability.** It's written by the `SessionStart` hook, re-probed every hour, and persists across skill invocations. Never run `which codex` yourself — read the state file.
+
+If the state file is missing or stale (>1 hour), probe manually and write a fresh one.
 
-If Codex is configured and available, it WILL be invoked automatically.
+**Default providers for review:** `['claude', 'codex']` — but only invoked if the state file confirms they're available.
+
+If Codex is configured AND available in state, it WILL be invoked automatically.
 
 ### Step 2: Identify Changes
 
@@ -179,52 +195,38 @@ For each provider in `reviewProviders` (except `claude` which is the current ses
 
 **How to invoke:**
 
-1. **Save diff to temporary file with size limit** (max 500 lines per chunk):
+**Codex** — use its built-in `review` subcommand. It reads the git diff natively, no need to pipe files:
+
 ```bash
-# Get diff and check size
-git diff main...HEAD > /tmp/review-diff-full.patch
-line_count=$(wc -l < /tmp/review-diff-full.patch)
+# Review current branch against main (default)
+codex review --base main "Focus on: bugs, security issues, missing edge cases, test coverage gaps. End with APPROVED or CHANGES_REQUESTED."
 
-if [ "$line_count" -gt 500 ]; then
-  echo "⚠️ Large diff ($line_count lines) - chunking for review..."
-
-  # Split by file for targeted review
-  git diff --name-only main...HEAD | while read file; do
-    git diff main...HEAD -- "$file" > "/tmp/review-chunk-${file//\//_}.patch"
-  done
-
-  # Or truncate with warning
-  head -500 /tmp/review-diff-full.patch > /tmp/review-diff.patch
-  echo "... truncated (showing first 500 of $line_count lines)" >> /tmp/review-diff.patch
-else
-  cp /tmp/review-diff-full.patch /tmp/review-diff.patch
-fi
-```
+# Review uncommitted changes only
+codex review --uncommitted
 
-2. **Invoke each configured provider** (one chunk at a time if split):
+# Review a specific commit
+codex review --commit <sha>
 
-```bash
-# For Codex (GPT-5.2) - detailed review prompt
-codex --print "You are a senior code reviewer. Analyze this diff thoroughly:
+# Custom instructions via prompt
+codex review --base main "Check for TDD compliance: were tests written before implementation? Flag any implementation without corresponding test files."
+```
 
-1. **Line-by-line Analysis**: Comment on specific lines with issues
-2. **Bugs**: Identify potential bugs, edge cases, null checks
-3. **Security**: SQL injection, XSS, command injection, auth issues
-4. **Performance**: N+1 queries, unnecessary loops, memory leaks
-5. **Code Quality**: Naming, duplication, complexity, SOLID principles
-6. **Test Coverage**: Are the changes properly tested?
+`codex review` outputs a structured review to stdout. No `--print` flag needed — it's already non-interactive.
 
-For each issue found:
-- File and line number
-- Severity (critical/high/medium/low)
-- What's wrong
-- How to fix it
+**Gemini** — no built-in review command, so save diff and invoke:
 
-End with: APPROVED (no critical/high issues) or CHANGES_REQUESTED (has critical/high issues)
+```bash
+# Save diff for Gemini
+git diff main...HEAD > /tmp/review-diff.patch
+line_count=$(wc -l < /tmp/review-diff.patch)
 
-File: /tmp/review-diff.patch"
+# Truncate if too large
+if [ "$line_count" -gt 500 ]; then
+  head -500 /tmp/review-diff.patch > /tmp/review-diff-truncated.patch
+  echo "... truncated (showing first 500 of $line_count lines)" >> /tmp/review-diff-truncated.patch
+  mv /tmp/review-diff-truncated.patch /tmp/review-diff.patch
+fi
 
-# For Gemini - detailed review prompt
 gemini --print "Review this code diff as a senior engineer. Provide:
 - Specific line-by-line feedback
 - Security vulnerabilities with file:line references
@@ -232,14 +234,10 @@ gemini --print "Review this code diff as a senior engineer. Provide:
 - Code quality issues
 - Missing test coverage
 
-Be thorough and specific. File: /tmp/review-diff.patch"
-```
+Be thorough and specific. End with APPROVED or CHANGES_REQUESTED.
 
-**Large Diff Handling:**
-- Diffs over 500 lines are automatically chunked by file
-- Each file's changes reviewed separately
-- Results aggregated across all chunks
-- Alternative: truncate with warning (shows first 500 lines)
+$(cat /tmp/review-diff.patch)"
+```
 
 **Note:** Each CLI has its own syntax. Check `codex --help` and `gemini --help` for exact flags. The `--print` flag outputs the response without interactive mode.
 
@@ -264,7 +262,124 @@ Invoking Codex (GPT-5.2) for review...
 - Any CHANGES_REQUESTED = overall CHANGES_REQUESTED
 - Issues from all providers are combined in the report
 
-### Step 7: Generate Report
+### Step 7: Fix-and-Recheck Loop (RL Mode)
+
+**This is the core innovation. Reviews are not one-shot — they loop until clean.**
+
+After Steps 2-6 complete, if ANY issues were found:
+
+```
+┌─────────────────────────────────────────────┐
+│  REVIEW LOOP (runs until clean)             │
+│                                             │
+│  1. Collect all issues from Claude + Codex  │
+│  2. Fix each issue:                         │
+│     - Missing tests → write them            │
+│     - Security issues → patch the code      │
+│     - Coding standards → refactor           │
+│     - Codex feedback → apply fixes          │
+│  3. Run tests to verify fixes don't break   │
+│  4. Commit fixes                            │
+│  5. Re-run Steps 2-6 (full review again)    │
+│  6. If new issues → loop back to 1          │
+│  7. If clean → exit loop, generate report   │
+└─────────────────────────────────────────────┘
+```
+
+**Iteration rules:**
+
+1. **No arbitrary limit** — keep looping until BOTH providers return APPROVED. The code isn't done until it's clean.
+2. **Each iteration runs the FULL check** — don't skip steps. Fresh eyes each time.
+3. **Re-invoke Codex each iteration** — `codex review --base main` sees the latest fixes
+4. **Commit after each fix round** — `git commit -m "fix: address review feedback (round N)"`
+5. **Track what was fixed** — maintain a running list for the final report
+6. **Stuck detection** — if the SAME issue appears 3 times after being "fixed", stop and escalate to the user with context on what was tried. This is the only exit condition besides clean.
+
+**Fix priority order:**
+1. Security issues (HIGH severity) — fix these first, they block everything
+2. Missing tests — write them before touching implementation
+3. Implementation bugs flagged by Codex — apply fixes
+4. Coding standards (file size, `any` types, return types) — refactor
+5. Style/naming/docs — lowest priority, fix if time permits
+
+**What gets auto-fixed vs flagged for human:**
+
+| Issue Type | Auto-Fix | Human Review |
+|-----------|----------|--------------|
+| Missing test file | Write it | - |
+| Hardcoded secret | Replace with env var | If unclear what var to use |
+| `any` type | Replace with proper interface | If domain type unclear |
+| File >1000 lines | Split into sub-modules | If split strategy unclear |
+| Security vulnerability | Patch it | If fix might break behavior |
+| Codex-flagged bug | Apply suggestion | If suggestion conflicts with Claude |
+| Merge conflict | - | Always human |
+
+**Example iteration:**
+
+```
+───────────────────────────────────────
+Review Round 1/5
+───────────────────────────────────────
+Claude: CHANGES_REQUESTED
+  - Missing test for src/utils.js
+  - Hardcoded API key in src/config.js
+Codex:  CHANGES_REQUESTED
+  - Missing null check in src/parser.js:42
+  - No error handling in src/api.js:88
+
+Fixing 4 issues...
+  ✅ Created src/utils.test.js (3 tests)
+  ✅ Replaced hardcoded key with process.env.API_KEY
+  ✅ Added null check in parser.js:42
+  ✅ Added try/catch in api.js:88
+  ✅ All tests pass
+  ✅ Committed: fix: address review feedback (round 1)
+
+───────────────────────────────────────
+Review Round 2/5
+───────────────────────────────────────
+Claude: CHANGES_REQUESTED
+  - src/utils.test.js missing edge case for empty input
+Codex:  APPROVED
+
+Fixing 1 issue...
+  ✅ Added empty input edge case test
+  ✅ All tests pass
+  ✅ Committed: fix: address review feedback (round 2)
+
+───────────────────────────────────────
+Review Round 3/5
+───────────────────────────────────────
+Claude: APPROVED
+Codex:  APPROVED
+
+✅ All providers agree — exiting loop.
+───────────────────────────────────────
+```
+
+**Stuck detection (only exit besides clean):**
+
+```
+───────────────────────────────────────
+Review Round 7
+───────────────────────────────────────
+Claude: APPROVED
+Codex:  CHANGES_REQUESTED
+  - Complex refactor needed in src/legacy.js  ← appeared 3 times
+
+⚠️ STUCK: This issue has reappeared 3 times after being fixed.
+Escalating to human review.
+
+Attempts made:
+  Round 3: Extracted helper function → Codex still flagged
+  Round 5: Split into two modules → Codex still flagged
+  Round 7: Added interface layer → Codex still flagged
+
+This needs human judgment. Run /tlc:review again after manual fix.
+───────────────────────────────────────
+```
+
+### Step 8: Generate Report
 
 ```markdown
 # Code Review Report
@@ -292,14 +407,11 @@ Invoking Codex (GPT-5.2) for review...
 - TDD Score: 75%
 ```
 
-### Step 8: Return Verdict
+### Step 9: Return Verdict
 
-**APPROVED** - All checks pass. Ready to push/merge.
+**APPROVED** - All providers agree after N iterations. Ready to push/merge.
 
-**CHANGES_REQUESTED** - Issues found:
-- Missing tests → Add tests for flagged files
-- Low TDD score → Consider reordering commits or adding test commits
-- Security issues → Fix flagged patterns
+**CHANGES_REQUESTED** - Max iterations reached with remaining issues. Needs human review.
 
 ## Example Output
 
@@ -420,6 +532,9 @@ Action required:
 | `--providers <list>` | Override providers (e.g., `--providers codex,gemini`) |
 | `--codex-only` | Use only Codex for review |
 | `--no-external` | Skip external providers, use Claude only |
+| `--stuck-threshold <N>` | How many times the same issue reappears before escalating to human (default: 3) |
+| `--no-fix` | Single-pass review only — report issues but don't auto-fix |
+| `--fix-all` | Fix even low-priority style issues (default: skip style) |
 
 ## Integration
 

package/.claude/commands/tlc/watchci.md

@@ -0,0 +1,159 @@
+# /tlc:watchci - Watch CI and Fix Until Green
+
+After pushing code, monitor the GitHub Actions run and fix failures in a loop until CI passes.
+
+## What This Does
+
+1. **Identifies the GH Actions run** triggered by the latest push
+2. **Polls until complete** (or fails)
+3. **On failure**: reads the logs, identifies the issue, fixes it, commits, pushes again
+4. **Repeats** until green or max attempts reached
+5. **Reports** final status
+
+This is the "I pushed, now babysit CI for me" command.
+
+## Usage
+
+```
+/tlc:watchci
+/tlc:watchci 3          # max 3 fix attempts (default: 5)
+```
+
+## Process
+
+### Step 1: Find the Active Run
+
+```bash
+gh run list --limit 5 --json databaseId,status,conclusion,headBranch,event,name,createdAt
+```
+
+- Find the most recent run on the current branch
+- If no run is in progress or recently completed, tell the user and exit
+- Show: workflow name, run ID, status
+
+### Step 2: Wait for Completion
+
+Poll the run status every 30 seconds:
+
+```bash
+gh run view <run_id> --json status,conclusion
+```
+
+While status is `in_progress` or `queued`:
+- Print a brief status update every 60 seconds (not every poll)
+- Continue waiting
+
+### Step 3: Check Result
+
+If `conclusion` is `success`:
+- Report green and exit
+
+If `conclusion` is `failure`:
+- Move to Step 4
+
+### Step 4: Read Failure Logs
+
+```bash
+gh run view <run_id> --log-failed
+```
+
+- Parse the failed step(s) and their log output
+- Identify the root cause:
+  - **Test failure**: Which test, what assertion, what file
+  - **Build failure**: Which compilation error, what file/line
+  - **Lint failure**: Which rule, what file/line
+  - **Dependency issue**: Which package, what version conflict
+  - **Other**: Extract the relevant error message
+
+### Step 5: Fix the Issue
+
+Based on the failure type:
+
+**Test failure:**
+- Read the failing test file and the source file it tests
+- Understand what broke
+- Fix the source code (not the test, unless the test itself is wrong)
+- Run the test locally first to verify: `npm test` or `npx vitest run <file>`
+
+**Build failure:**
+- Read the file with the compilation error
+- Fix the type error, missing import, etc.
+- Verify locally: `npm run build` or `npx tsc --noEmit`
+
+**Lint failure:**
+- Read the file and fix the lint issue
+- Verify locally: `npm run lint`
+
+**Dependency issue:**
+- Fix package.json or lock file as needed
+- Verify locally: `npm ci`
+
+### Step 6: Commit and Push
+
+- Stage only the files you changed
+- Commit with message: `fix: resolve CI failure - <brief description>`
+- Push to the same branch
+- **Ask user before pushing** (per TLC rules)
+
+### Step 7: Loop Back
+
+- Return to Step 1 to watch the new run
+- Track attempt count
+- If max attempts (default 5) reached without green, stop and report:
+  - What was tried
+  - What's still failing
+  - Suggestion for manual investigation
+
+## Guard Rails
+
+- **Never push without asking.** Even in a fix loop, confirm before each push.
+- **Never modify tests to make CI pass** unless the test itself has a genuine bug (not a "make the assertion match the wrong output" fix).
+- **Local verification first.** Always run the fix locally before pushing.
+- **Max attempts.** Default 5. Don't loop forever.
+- **Don't mask failures.** If a test is legitimately catching a bug, fix the bug. Don't skip the test.
+
+## Example
+
+```
+> /tlc:watchci
+
+Watching CI for branch: feature/auth-module
+Run #4521 (CI) — in progress...
+
+⏳ Waiting... (2m elapsed)
+⏳ Waiting... (3m elapsed)
+
+❌ Run #4521 failed
+
+Failed step: "Run tests"
+Error: FAIL server/lib/auth/auth.test.js
+  ● validateToken › should reject expired tokens
+    Expected: "TOKEN_EXPIRED"
+    Received: "INVALID_TOKEN"
+
+Reading auth.test.js and auth.service.js...
+
+Found: validateToken returns generic "INVALID_TOKEN" for expired tokens
+instead of the specific "TOKEN_EXPIRED" error code.
+
+Fix: Update the expiry check in auth.service.js to return "TOKEN_EXPIRED"
+
+Running locally... ✅ Test passes
+
+Ready to commit and push fix? (Y/n)
+> y
+
+Pushed. Watching new run...
+
+Run #4522 (CI) — in progress...
+⏳ Waiting... (2m elapsed)
+
+✅ Run #4522 passed! CI is green.
+```
+
+## When to Use
+
+- After pushing and you want CI monitored automatically
+- After `/tlc:build` when you've pushed your work
+- When CI keeps failing and you want the fix loop automated
+- Pair with `/tlc:e2e-verify` for full verification after CI is green

package/.claude/hooks/tlc-block-tools.sh

@@ -0,0 +1,41 @@
+#!/bin/bash
+# TLC Enforcement Layer 1: Hard-block non-TLC planning tools
+# Fires on PreToolUse for banned tools and DENIES them.
+# Claude cannot bypass this - the tool call never executes.
+
+INPUT=$(cat)
+TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty')
+
+case "$TOOL" in
+  EnterPlanMode)
+    REASON="BLOCKED by TLC. Use /tlc:plan instead. Plans go in .planning/phases/ files."
+    ;;
+  TaskCreate)
+    REASON="BLOCKED by TLC. Tasks live in .planning/phases/{N}-PLAN.md with [ ] markers."
+    ;;
+  TaskUpdate)
+    REASON="BLOCKED by TLC. Update task markers in .planning/phases/{N}-PLAN.md files."
+    ;;
+  TaskGet)
+    REASON="BLOCKED by TLC. Read tasks from .planning/phases/{N}-PLAN.md files."
+    ;;
+  TaskList)
+    REASON="BLOCKED by TLC. Use /tlc:progress to check task status."
+    ;;
+  ExitPlanMode)
+    REASON="BLOCKED by TLC. Plans are approved via /tlc:build, not ExitPlanMode."
+    ;;
+  *)
+    exit 0
+    ;;
+esac
+
+cat <<EOF
+{
+  "hookSpecificOutput": {
+    "hookEventName": "PreToolUse",
+    "permissionDecision": "deny",
+    "permissionDecisionReason": "${REASON}"
+  }
+}
+EOF

package/.claude/hooks/tlc-capture-exchange.sh

@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+# TLC Memory Capture - Claude Code Stop Hook
+#
+# Reads Stop hook JSON from stdin, extracts the assistant response,
+# and sends it to the TLC server for memory processing.
+# Falls back to local spool when server is unreachable.
+#
+# This script MUST exit 0 always - capture failures never block Claude.
+
+set -o pipefail
+
+# Read stdin (Stop hook provides JSON)
+INPUT=$(cat)
+
+# Quick exit if no input
+[ -z "$INPUT" ] && exit 0
+
+# Use the capture-bridge Node.js module for reliable processing
+PROJECT_DIR="${CLAUDE_PROJECT_DIR:-$(pwd)}"
+BRIDGE_SCRIPT="$PROJECT_DIR/server/lib/capture-bridge.js"
+
+if [ -f "$BRIDGE_SCRIPT" ]; then
+  echo "$INPUT" | node -e "
+    const bridge = require('$BRIDGE_SCRIPT');
+    let input = '';
+    process.stdin.on('data', d => input += d);
+    process.stdin.on('end', async () => {
+      const parsed = bridge.parseStopHookInput(input);
+      if (!parsed || !parsed.assistantMessage) process.exit(0);
+
+      const userMessage = parsed.transcriptPath
+        ? bridge.extractLastUserMessage(parsed.transcriptPath)
+        : null;
+
+      await bridge.captureExchange({
+        cwd: parsed.cwd || '$PROJECT_DIR',
+        assistantMessage: parsed.assistantMessage,
+        userMessage,
+        sessionId: parsed.sessionId,
+      });
+
+      const path = require('path');
+      const spoolDir = path.join(parsed.cwd || '$PROJECT_DIR', '.tlc', 'memory');
+      await bridge.drainSpool(spoolDir);
+    });
+  " 2>/dev/null
+fi
+
+# Always exit 0 - never block Claude
+exit 0

package/.claude/hooks/tlc-post-build.sh

@@ -0,0 +1,38 @@
+#!/bin/bash
+# TLC Plugin: Post-build and post-plan automation chain
+# Fires on PostToolUse for Skill.
+#
+# After /tlc:build (code written):
+#   guard → preflight → review (Claude + Codex) → if APPROVED → offer push + PR
+#
+# After /tlc:plan:
+#   guard plan → validate structure
+#
+# After /tlc:quick:
+#   preflight → review → offer push
+
+INPUT=$(cat)
+TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty')
+
+# Only care about Skill tool
+[ "$TOOL" != "Skill" ] && exit 0
+
+SKILL=$(echo "$INPUT" | jq -r '.tool_input.skill // empty')
+
+case "$SKILL" in
+  tlc:build)
+    echo "[TLC-PLUGIN] Build phase complete. Mandatory post-build chain:
+(1) Run /tlc:guard to validate TLC process compliance (test-first, coverage, no skipped tests).
+(2) Run /tlc:preflight to check for gaps (references, registries, configs, distribution).
+(3) Run /tlc:review to invoke multi-LLM review — Claude reviews in-session, THEN invoke Codex CLI for second opinion. BOTH must APPROVE.
+(4) If review APPROVED: ask user for permission to push to remote and create a PR for main.
+(5) If review CHANGES_REQUESTED: fix the issues and re-run the review. Do NOT push.
+Do NOT skip any step. Do NOT push without review approval."
+    ;;
+  tlc:plan)
+    echo "[TLC-PLUGIN] Plan created. Now automatically run /tlc:guard plan to validate the plan has proper task breakdown, acceptance criteria, and dependency ordering. Do NOT skip."
+    ;;
+  tlc:quick)
+    echo "[TLC-PLUGIN] Quick task complete. Run /tlc:preflight then /tlc:review (Claude + Codex). If APPROVED, ask user for permission to push and create PR."
+    ;;
+esac

package/.claude/hooks/tlc-post-push.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+# TLC Plugin: Post-push automation chain
+# Fires on PostToolUse for Bash. Detects git push.
+#
+# After git push:
+#   watchci (monitor GH Actions) → if green → e2e-verify (screenshots + logs)
+
+INPUT=$(cat)
+TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty')
+
+# Only care about Bash tool
+[ "$TOOL" != "Bash" ] && exit 0
+
+# Check if the command was a git push
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty')
+if echo "$COMMAND" | grep -qE '^git push'; then
+  echo "[TLC-PLUGIN] git push detected. Mandatory post-push chain:
+(1) Run /tlc:watchci — monitor the GitHub Actions run, read failure logs, fix issues, and push again until CI is green.
+(2) Once CI is green, run /tlc:e2e-verify — start the app, take screenshots, read them visually, check server and console logs for errors.
+(3) If e2e-verify finds issues, fix them and push again (which restarts this chain).
+Do NOT skip any step."
+fi

package/.claude/hooks/tlc-prompt-guard.sh

@@ -0,0 +1,69 @@
+#!/bin/bash
+# TLC Enforcement Layer 2: Smart intent detection + routing
+# Fires on every UserPromptSubmit. Parses user message for intent and
+# injects specific TLC command routing — not a generic reminder.
+#
+# Output appears as <user-prompt-submit-hook> and Claude treats it as user instruction.
+# Survives context compaction because it is re-injected every turn.
+
+# Only active in TLC projects
+[ ! -f ".tlc.json" ] && exit 0
+
+# Read user's message from stdin
+INPUT=$(cat)
+MSG=$(echo "$INPUT" | jq -r '.user_prompt // empty' 2>/dev/null)
+
+# If we can't parse the message, fall back to generic reminder
+if [ -z "$MSG" ]; then
+  echo "[TLC PROJECT] All work uses /tlc commands. Never write code without tests. Run /tlc if unsure."
+  exit 0
+fi
+
+# Lowercase for matching
+MSG_LOWER=$(echo "$MSG" | tr '[:upper:]' '[:lower:]')
+
+# Detect intent and inject specific routing
+# Priority order: most specific first
+
+# Plan intent
+if echo "$MSG_LOWER" | grep -qE '\b(plan|break.*(down|into)|design|architect|roadmap)\b'; then
+  if ! echo "$MSG_LOWER" | grep -qE '/tlc'; then
+    echo "[TLC-ENFORCE] Planning detected. You MUST use /tlc:plan for this. Plans go in .planning/phases/ files, not in chat. Invoke Skill(skill=\"tlc:plan\") now."
+    exit 0
+  fi
+fi
+
+# Build/implement intent
+if echo "$MSG_LOWER" | grep -qE '\b(build|implement|create|add|code|write|develop|make)\b.*(feature|function|module|component|endpoint|api|page|service|handler|route|model)'; then
+  if ! echo "$MSG_LOWER" | grep -qE '/tlc'; then
+    echo "[TLC-ENFORCE] Implementation detected. You MUST use /tlc:build for this. Tests before code — Red, Green, Refactor. Run /tlc:progress first, then invoke Skill(skill=\"tlc:build\"). Do NOT write code directly."
+    exit 0
+  fi
+fi
+
+# Fix/bug intent
+if echo "$MSG_LOWER" | grep -qE '\b(fix|bug|broken|not working|failing|crash|error)\b'; then
+  if ! echo "$MSG_LOWER" | grep -qE '/tlc'; then
+    echo "[TLC-ENFORCE] Bug/fix detected. Use /tlc:quick for small fixes (still test-first) or /tlc:autofix if tests are failing. Do NOT write code directly without tests."
+    exit 0
+  fi
+fi
+
+# Refactor intent
+if echo "$MSG_LOWER" | grep -qE '\b(refactor|clean.?up|restructure|reorganize|simplify)\b'; then
+  if ! echo "$MSG_LOWER" | grep -qE '/tlc'; then
+    echo "[TLC-ENFORCE] Refactoring detected. Use /tlc:refactor for step-by-step standards refactoring with tests. Invoke Skill(skill=\"tlc:refactor\")."
+    exit 0
+  fi
+fi
+
+# Deploy intent
+if echo "$MSG_LOWER" | grep -qE '\b(deploy|ship|release|publish|push to prod|staging)\b'; then
+  if ! echo "$MSG_LOWER" | grep -qE '/tlc'; then
+    echo "[TLC-ENFORCE] Deployment detected. Use /tlc:deploy for deployment. Secrets must come from HashiCorp Vault or environment — never hardcode. Invoke Skill(skill=\"tlc:deploy\")."
+    exit 0
+  fi
+fi
+
+# Generic fallback for TLC projects
+echo "[TLC PROJECT] All work uses /tlc commands. Never write code without tests. Run /tlc if unsure."