tribunal-kit 1.0.0 → 2.4.2

package/.agent/workflows/test.md

@@ -8,7 +8,18 @@ $ARGUMENTS
 
 ---
 
-This command either generates tests that actually test things, or audits existing tests to find ones that don't. A test that always passes isn't protecting anything.
+This command either **generates tests that actually test things**, or **audits existing tests** to find ones that don't. A test that always passes isn't protecting anything.
+
+---
+
+## When to Use /test vs Other Commands
+
+| Use `/test` when... | Use something else when... |
+|---|---|
+| No tests exist for working code | Code is broken → `/debug` first, then `/test` |
+| Tests exist but coverage is thin | Quality of test assertions → use `audit` mode |
+| You changed behavior and need regression tests | Full project test health → `/audit` |
+| You want edge case coverage only | Integration tests → specify in the test plan |
 
 ---
 
@@ -19,31 +30,40 @@ This command either generates tests that actually test things, or audits existin
 /test audit                  → Check existing tests for quality issues
 /test coverage               → Identify code paths with no test coverage
 /test edge [function]        → Generate edge-case tests only (null, empty, boundary)
+/test run                    → Run the existing test suite and analyze failures
 ```
 
 ---
 
-## When Generating Tests
+## Mode: Generate Tests
 
-**First, the code is read:**
-- Every execution path is mapped (normal path, error path, edge cases)
-- Direct external dependencies are identified (to mock)
-- Expected inputs and outputs are derived from the function signature and behavior
+### First — Read the Code
 
-**Then a test plan is written before code:**
+Before writing a single test, map:
+
+- Every **execution path** (normal path, error path, edge cases)
+- All **direct external dependencies** (to identify what needs mocking)
+- **Expected inputs and outputs** — derived from the function signature and actual behavior, not assumed
+
+### Then — Write the Test Plan
+
+A plan must be written **before** test code:
 
 ```
-Target: [function or module]
+Target: [function or module name]
+Framework: [Jest | Vitest | pytest | Go test]
 
 Path inventory:
-  › Normal path with valid input
-  › Null / undefined input
-  › Empty string / empty array
-  › Boundary value (0, -1, MAX)
-  › Async rejection / network failure
-  › Invalid type input
-
-Dependencies to mock: [list — minimal, only direct deps]
+  › Normal path — valid input, expected output
+  › Null / undefined / None input
+  › Empty string / empty array / empty object
+  › Boundary values (0, -1, MAX_INT, max string length)
+  › Async rejection / network failure / timeout
+  › Invalid type input (string where number expected, etc.)
+  › Auth / permission fail path
+  › Concurrent access (if applicable)
+
+Dependencies to mock: [list — minimal, only direct external deps]
 ```
 
 **Then tests are written and passed through `test-coverage-reviewer`.**
@@ -58,7 +78,7 @@ Every generated test file follows this format:
 describe('[Unit under test]', () => {
 
   describe('[scenario group]', () => {
-    it('[specific behavior]', () => {
+    it('[specific behavior being tested]', () => {
       // Arrange
       const input = [setup value];
 
@@ -72,11 +92,11 @@ describe('[Unit under test]', () => {
 
   describe('edge cases', () => {
     it('throws when input is null', () => {
-      expect(() => functionUnderTest(null)).toThrow('[exact message]');
+      expect(() => functionUnderTest(null)).toThrow('[exact error message]');
     });
 
-    it('handles empty string', () => {
-      expect(() => functionUnderTest('')).toThrow('[exact message]');
+    it('handles empty string without crashing', () => {
+      expect(functionUnderTest('')).toBe([expected fallback value]);
     });
   });
 
@@ -85,25 +105,52 @@ describe('[Unit under test]', () => {
 
 ---
 
-## When Auditing Existing Tests
+## Mode: Audit Existing Tests
 
 The `test-coverage-reviewer` flags:
 
-| Problem | What It Looks Like |
-|---|---|
-| Tautology test | `expect(fn(x)).toBe(fn(x))` — always passes |
-| No assertion | `it('works', () => { fn(); })` — nothing checked |
-| Missing edge cases | Suite has happy path only |
-| Over-mocking | Every dependency mocked — nothing real tested |
+| Problem | What It Looks Like | Why It's Bad |
+|---|---|---|
+| Tautology test | `expect(fn(x)).toBe(fn(x))` | Always passes regardless of fn's behavior |
+| No assertion | `it('works', () => { fn(); })` | Passes even if fn throws wrong output |
+| Missing edge cases | Suite has happy path only | Misses real-world failure modes |
+| Over-mocking | Every dep mocked, nothing real tested | Tests the mocking framework, not the code |
+| Vacuous truthy | `expect(result).toBeTruthy()` | Passes for `1`, `"a"`, `{}`, `[]` |
+
+---
+
+## Mode: Run Tests
+
+```bash
+// turbo
+python .agent/scripts/test_runner.py . --coverage
+```
+
+After running, the `test-result-analyzer` identifies:
+- Root causes across multiple failing test files
+- Whether failures are from flaky setup or actual code breakage
+- Actionable fix recommendations
 
 ---
 
 ## Hallucination Guard
 
-- Only documented Vitest/Jest methods are used — never `test.eventually()`, `expect.when()`, or invented matchers
-- Assertions test specific values — `toBe('exact')`, not `toBeDefined()` or `toBeTruthy()`
-- Mocks are **minimal** — only the direct external dependency of the unit, not the whole world
-- After auditing existing tests: all conclusions are backed by reading the actual test code
+- Only **documented** Vitest/Jest/pytest methods are used — never `test.eventually()`, `expect.when()`, or inventions
+- Assertions test **specific values** — `toBe('exact')`, not `toBeDefined()` or `toBeTruthy()`
+- Mocks are **minimal** — only the direct external dependency, not the whole world
+- All conclusions about existing test quality are backed by **reading the actual test code**
+- `// VERIFY: check this matcher exists` on any assertion method not commonly used
+
+---
+
+## Cross-Workflow Navigation
+
+| After /test shows... | Go to |
+|---|---|
+| Failures in existing tests after a change | `/debug` to find root cause |
+| Code has no tests and is untested in prod | `/review` first for quality check |
+| Tests pass but logic seems wrong | `/review [file]` for deeper audit |
+| Coverage gaps found in security-sensitive paths | `/audit` for full project security + test sweep |
 
 ---
 
@@ -114,4 +161,6 @@ The `test-coverage-reviewer` flags:
 /test the validateEmail function
 /test audit — check whether my existing tests actually assert anything
 /test coverage — show branches with no test
+/test edge validateInput — generate null, empty, boundary tests only
+/test run — execute the suite and analyze failures
 ```

package/.agent/workflows/tribunal-backend.md

@@ -12,25 +12,43 @@ Focused audit for backend and API code. Paste server-side code and these four re
 
 ---
 
+## When to Use This vs Other Tribunals
+
+| Code type | Right tribunal |
+|---|---|
+| API routes, auth, middleware | `/tribunal-backend` ← you are here |
+| React components, hooks | `/tribunal-frontend` |
+| SQL queries, ORM, migrations | `/tribunal-database` |
+| Mobile-specific code | `/tribunal-mobile` |
+| Unknown domain or cross-domain | `/tribunal-full` |
+
+---
+
 ## Active Reviewers
 
 ```
-logic-reviewer          → Invented stdlib methods, impossible conditional branches
-security-auditor        → Auth bypass, SQL injection, secrets in code, rate limiting gaps
+logic-reviewer          → Invented stdlib methods, impossible conditional branches,
+                          calling .user on a req that wasn't authenticated
+security-auditor        → Auth bypass, SQL injection, secrets in code, rate limiting gaps,
+                          JWT algorithm enforcement, CORS misconfiguration
 dependency-reviewer     → Any import not found in your package.json
-type-safety-reviewer    → Implicit any, unguarded optional access, missing return types
+type-safety-reviewer    → Implicit any, unguarded optional access, missing return types,
+                          unsafe casts
 ```
 
 ---
 
-## What Gets Flagged
+## What Gets Flagged — Real Examples
 
-| Reviewer | Common Backend Catches |
+| Reviewer | Example Finding |
 |---|---|
-| logic | Calling `req.user` after a check that could pass with null |
-| security | `jwt.verify()` without `algorithms` option — allows `alg:none` attack |
-| dependency | `import { z } from 'zod'` but zod not in package.json |
-| type-safety | `async function handler(req, res)` — no types on req or res |
+| logic | `req.user.id` used after a guard that can pass with null user |
+| security | `jwt.verify(token, secret)` — no `algorithms` option → allows `alg:none` attack |
+| security | `app.use(cors())` with no origin restriction in production |
+| security | `rate-limiter` missing on auth endpoints |
+| dependency | `import { z } from 'zod'` but `zod` not in `package.json` |
+| type-safety | `async function handler(req, res)` — untyped `req` and `res` |
+| type-safety | `const user = await db.findUser(id)` — result typed as `any` |
 
 ---
 
@@ -47,23 +65,47 @@ type-safety-reviewer    → Implicit any, unguarded optional access, missing ret
 ━━━ Issues ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 
 security-auditor:
-  ❌ Critical — Line 44
+  ❌ CRITICAL — Line 44
      JWT algorithm not enforced: jwt.verify(token, secret)
      Fix: jwt.verify(token, secret, { algorithms: ['HS256'] })
 
+  ❌ HIGH — Line 12
+     CORS open: app.use(cors()) — allows any origin
+     Fix: app.use(cors({ origin: process.env.ALLOWED_ORIGIN }))
+
 type-safety-reviewer:
-  ⚠️ Medium — Line 10
-     Request body typed as any — add Zod schema parse at boundary
+  ⚠️ MEDIUM — Line 10
+     Request body typed as any — use Zod schema parse at the API boundary
+     Fix: const body = schema.parse(req.body)
 
-━━━ Verdict: NEEDS FIXES ━━━━━━━━━━━━━━━━
+━━━ Verdict: REJECTED — fix before merging ━━━━━━
 ```
 
 ---
 
+## Hallucination Guard
+
+- Logic findings must cite the **exact line and condition** that creates the problem
+- Security findings must name the **attack class** (not just "this is unsafe")
+- No invented framework methods — only documented Express/Fastify/Hono/etc. APIs
+
+---
+
+## Cross-Workflow Navigation
+
+| Finding type | Next step |
+|---|---|
+| Security CRITICAL | `/audit` to scan the whole project |
+| All approved | Human Gate to write to disk |
+| SQL queries also present | Add `/tribunal-database` for those specifically |
+
+---
+
 ## Usage
 
 ```
 /tribunal-backend [paste API route code]
 /tribunal-backend [paste auth middleware]
 /tribunal-backend src/routes/user.ts
+/tribunal-backend the JWT verification middleware
 ```

package/.agent/workflows/tribunal-database.md

@@ -8,17 +8,31 @@ $ARGUMENTS
 
 ---
 
-Focused audit for SQL queries, ORM code, schema changes, and migrations. Provide your schema alongside the code for the most accurate analysis.
+Focused audit for SQL queries, ORM code, schema changes, and migrations. **Provide your schema alongside the code** for the most accurate analysis.
+
+---
+
+## When to Use This vs Other Tribunals
+
+| Code type | Right tribunal |
+|---|---|
+| SQL queries, ORM, migrations | `/tribunal-database` ← you are here |
+| API routes, auth, middleware | `/tribunal-backend` |
+| React components, hooks | `/tribunal-frontend` |
+| Unknown domain or cross-domain | `/tribunal-full` |
 
 ---
 
 ## Active Reviewers
 
 ```
-logic-reviewer      → ORM methods that don't exist, impossible WHERE conditions
-security-auditor    → Injection surfaces, sensitive data exposed without masking
+logic-reviewer      → ORM methods that don't exist, impossible WHERE conditions,
+                      chained queries on results that could be null
+security-auditor    → SQL injection surfaces, sensitive data exposed without masking,
+                      missing authorization checks before DB access
 sql-reviewer        → String interpolation in queries, N+1 patterns,
-                      references to tables/columns not in the schema
+                      references to tables/columns not in the schema,
+                      unbounded SELECT *, missing WHERE clauses on DELETE/UPDATE
 ```
 
 ---
@@ -38,18 +52,22 @@ Code to audit:
   [paste query or ORM code here]
 ```
 
-Without the schema, the reviewer flags all table/column references as `[VERIFY — schema not provided]`.
+**Without the schema**, the reviewer flags all table/column references as `[VERIFY — schema not provided]`.
 
 ---
 
-## What Gets Flagged
+## What Gets Flagged — Real Examples
 
-| Reviewer | Common Database Catches |
-|---|---|
-| logic | `prisma.user.findFirstOrCreate()` — not a real Prisma method |
-| security | `db.query(\`SELECT * WHERE id = ${req.params.id}\`)` — injection |
-| sql | `SELECT * FROM payments` when `payments` table not in schema |
-| sql | A loop with a `SELECT` inside — N+1 query pattern |
+| Reviewer | Example Finding | Severity |
+|---|---|---|
+| logic | `prisma.user.findFirstOrCreate()` — not a real Prisma method | ❌ HIGH |
+| security | `` db.query(`SELECT * WHERE id = ${req.params.id}`) `` — injection | ❌ CRITICAL |
+| security | `SELECT password FROM users` returned to API without masking | ❌ HIGH |
+| sql | `SELECT * FROM payments` when `payments` not in schema | ❌ HIGH |
+| sql | `SELECT` query inside a `for` loop — N+1 pattern | ❌ HIGH |
+| sql | `DELETE FROM sessions` with no `WHERE` clause | ❌ CRITICAL |
+| sql | `SELECT * FROM users` with no pagination — unbounded result | ⚠️ MEDIUM |
+| security | No `LIMIT` on a user-controlled query parameter | ⚠️ MEDIUM |
 
 ---
 
@@ -65,24 +83,50 @@ Without the schema, the reviewer flags all table/column references as `[VERIFY
 ━━━ Issues ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 
 security-auditor:
-  ❌ Critical — Line 6
+  ❌ CRITICAL — Line 6
      SQL injection: string interpolation in query
-     Fix: Use $1 parameterized placeholder
+     Code: db.query(`SELECT * WHERE id = ${req.params.id}`)
+     Fix:  db.query('SELECT * WHERE id = $1', [req.params.id])
 
 sql-reviewer:
-  ❌ High — Line 19
-     N+1 detected: SELECT inside for-loop
-     Fix: Batch with WHERE id = ANY($1) or use JOIN
+  ❌ HIGH — Line 19
+     N+1 detected: SELECT inside for-loop (10 users = 10 queries)
+     Fix:  Batch with WHERE id = ANY($1::uuid[]) or use a JOIN
 
-━━━ Verdict: NEEDS FIXES ━━━━━━━━━━━━━━━━
+  ⚠️ MEDIUM — Line 32
+     Unbounded result: SELECT * FROM audit_logs — no LIMIT
+     Fix:  Add LIMIT + OFFSET or use cursor-based pagination
+
+━━━ Verdict: REJECTED — fix CRITICAL and HIGH before merging ━━━
 ```
 
 ---
 
+## Hallucination Guard
+
+- `sql-reviewer` only references tables and columns **from the provided schema** — no invented schema
+- ORM method names are verified against **the installed ORM version's documented API**
+- Parameterized query fixes show the **exact parameterized form** for the target database driver
+- N+1 fixes must show the **actual batched query**, not just say "use a JOIN"
+
+---
+
+## Cross-Workflow Navigation
+
+| Finding type | Next step |
+|---|---|
+| SQL injection CRITICAL | Rotate credentials, then fix with `/generate` using parameterization |
+| N+1 pattern in ORM | `/enhance` the repository method with proper eager loading |
+| Schema references invalid columns | Fix schema first with `/migrate` |
+| All approved | Human Gate to write to disk |
+
+---
+
 ## Usage
 
 ```
 /tribunal-database [paste query with schema]
 /tribunal-database src/repositories/userRepo.ts
 /tribunal-database [paste Prisma query]
+/tribunal-database the payment queries in services/billing.ts
 ```

package/.agent/workflows/tribunal-frontend.md

@@ -8,29 +8,50 @@ $ARGUMENTS
 
 ---
 
-Focused audit for React, Next.js, and frontend code. Four reviewers analyze it simultaneously for framework-specific issues that generic reviews miss.
+Focused audit for React, Next.js, Vue, and frontend code. Four reviewers analyze it simultaneously for framework-specific issues that generic reviews miss.
+
+---
+
+## When to Use This vs Other Tribunals
+
+| Code type | Right tribunal |
+|---|---|
+| React components, hooks, JSX | `/tribunal-frontend` ← you are here |
+| API routes, auth, middleware | `/tribunal-backend` |
+| SQL queries, ORM | `/tribunal-database` |
+| React Native / mobile UI | `/tribunal-mobile` |
+| Unknown domain or cross-domain | `/tribunal-full` |
 
 ---
 
 ## Active Reviewers
 
 ```
-logic-reviewer          → Non-existent React APIs, impossible render conditions
-security-auditor        → XSS via dangerouslySetInnerHTML, exposed tokens in state
-frontend-reviewer       → Hooks violations, missing dep arrays, direct state mutation
-type-safety-reviewer    → Untyped props, any in hooks, unsafe DOM ref usage
+logic-reviewer          → Non-existent React APIs, impossible render conditions,
+                          stale closure patterns, state set during unmounted component
+security-auditor        → XSS via dangerouslySetInnerHTML, exposed tokens or secrets
+                          in component state, unsanitized URL params
+frontend-reviewer       → Hooks violations (rules of hooks), missing dep arrays,
+                          direct state mutation, infinite render loops
+type-safety-reviewer    → Untyped props, any in hooks, unsafe DOM ref usage,
+                          missing generic type parameters
 ```
 
 ---
 
-## What Gets Flagged
+## What Gets Flagged — Real Examples
 
-| Reviewer | Common Frontend Catches |
+| Reviewer | Example Finding |
 |---|---|
 | logic | `useState.useAsync()` — not a real React API |
+| logic | Setting state during render without a guard → infinite loop |
 | security | `dangerouslySetInnerHTML={{ __html: userInput }}` — XSS |
+| security | `localStorage.setItem('token', jwt)` — accessible to XSS |
 | frontend | `useEffect(() => {...}, [])` with a prop used inside — stale closure |
+| frontend | `setCount(count + 1)` inside a stale closure — use functional updater |
+| frontend | Hook called inside a conditional `if (loggedIn) { useData() }` |
 | type-safety | `function Card(props: any)` — no defined prop interface |
+| type-safety | `ref.current.focus()` without null check |
 
 ---
 
@@ -47,23 +68,48 @@ type-safety-reviewer    → Untyped props, any in hooks, unsafe DOM ref usage
 ━━━ Issues ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 
 frontend-reviewer:
-  ❌ High — Line 18
-     Missing dep: userId used in useEffect but not in dep array
-     Fix: }, [userId])
+  ❌ HIGH — Line 18
+     Missing dep: userId used inside useEffect but not in dep array
+     Code: useEffect(() => fetchUser(userId), [])
+     Fix:  useEffect(() => fetchUser(userId), [userId])
+
+  ❌ HIGH — Line 34
+     Hook called conditionally: if (isAuth) { useDashboardData() }
+     Fix: Move hook to top level, use enabled flag inside hook
 
 type-safety-reviewer:
-  ⚠️ Medium — Line 3
+  ⚠️ MEDIUM — Line 3
      props: any — define a typed interface for this component
+     Fix: interface CardProps { title: string; content: React.ReactNode }
 
-━━━ Verdict: NEEDS FIXES ━━━━━━━━━━━━━━━━
+━━━ Verdict: REJECTED — fix before merging ━━━━━━
 ```
 
 ---
 
+## Hallucination Guard
+
+- Only real React/Vue/Next.js APIs are accepted — invented hooks get REJECTED
+- Hook violation findings cite the **specific hooks rule being broken**
+- XSS findings include the **specific input path** that creates the injection
+
+---
+
+## Cross-Workflow Navigation
+
+| Finding type | Next step |
+|---|---|
+| XSS finding | Contact security team + `/audit` for project-wide XSS scan |
+| Hooks violations everywhere | `/refactor` to extract to properly structured custom hooks |
+| All approved | Human Gate to write code to disk |
+
+---
+
 ## Usage
 
 ```
 /tribunal-frontend [paste component code]
 /tribunal-frontend [paste custom hook]
 /tribunal-frontend src/components/UserCard.tsx
+/tribunal-frontend the usePagination hook
 ```

package/.agent/workflows/tribunal-full.md

@@ -1,5 +1,5 @@
 ---
-description: Run ALL 8 Tribunal reviewer agents simultaneously. Maximum hallucination coverage. Use before merging any AI-generated code.
+description: Run ALL 11 Tribunal reviewer agents simultaneously. Maximum hallucination coverage. Use before merging any AI-generated code.
 ---
 
 # /tribunal-full — Full Panel Review
@@ -8,9 +8,21 @@ $ARGUMENTS
 
 ---
 
-Paste code. All 8 reviewers analyze it simultaneously. Maximum coverage, no domain gaps.
+Paste code. All 11 reviewers analyze it simultaneously. Maximum coverage, no domain gaps.
 
-Use this before merging any AI-generated code, or when you're not sure which domain a piece of code sits in.
+Use this **before merging any AI-generated code**, or when you're not sure which domain a piece of code sits in.
+
+---
+
+## When to Use /tribunal-full vs Targeted Tribunals
+
+| Use `/tribunal-full` when... | Use a targeted tribunal when... |
+|---|---|
+| Not sure which domain applies | You know it's backend-only → `/tribunal-backend` |
+| Cross-domain code (API + DB + UI) | Pure frontend → `/tribunal-frontend` |
+| AI-generated code, pre-merge | Pure database queries → `/tribunal-database` |
+| Security-critical code path | Mobile-specific → `/tribunal-mobile` |
+| "Final check" before shipping | Performance concern only → `/tribunal-performance` |
 
 ---
 
@@ -25,9 +37,25 @@ sql-reviewer            → Injection via interpolation, N+1, invented schema
 frontend-reviewer       → Hooks violations, missing dep arrays, state mutation
 performance-reviewer    → O(n²), blocking I/O, memory allocation anti-patterns
 test-coverage-reviewer  → Tautology tests, no-assertion specs, over-mocking
+mobile-reviewer         → Touch targets, safe areas, keyboard avoidance, image memory
+ai-code-reviewer        → Hallucinated model names, fake params, prompt injection, rate limits
+accessibility-reviewer  → WCAG violations, missing ARIA, contrast, keyboard navigation
 ```
 
-All 8 run in parallel. You wait for all verdicts before seeing the result.
+All 11 run in parallel. You wait for all verdicts before seeing the result.
+
+---
+
+## Severity Levels
+
+| Symbol | Severity | Meaning |
+|---|---|---|
+| `❌ CRITICAL` | Blocking | Must be fixed before code reaches the codebase |
+| `❌ HIGH` | Blocking | Likely to cause bugs or security issues in production |
+| `⚠️ MEDIUM` | Non-blocking | Should be addressed; review before approving |
+| `💬 LOW` | Advisory | Consider fixing; does not block merge |
+
+**Policy:** Any `CRITICAL` or `HIGH` finding means the verdict is `REJECTED`. Code must be revised.
 
 ---
 
@@ -44,34 +72,65 @@ All 8 run in parallel. You wait for all verdicts before seeing the result.
   frontend-reviewer:       ✅ APPROVED
   performance-reviewer:    ✅ APPROVED
   test-coverage-reviewer:  ❌ REJECTED
+  mobile-reviewer:         ✅ APPROVED (N/A — no mobile code)
+  ai-code-reviewer:        ✅ APPROVED (N/A — no LLM calls)
+  accessibility-reviewer:  ✅ APPROVED
 
 ━━━ Issues ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 
 security-auditor:
-  ❌ Critical — Line 12
+  ❌ CRITICAL — Line 12
      SQL injection: db.query(`WHERE id = ${id}`)
      Fix: db.query('WHERE id = $1', [id])
 
 test-coverage-reviewer:
-  ❌ High — Line 45-60
-     Tautology test: expect(fn(x)).toBe(fn(x)) — always passes
+  ❌ HIGH — Line 45-60
+     Tautology test: expect(fn(x)).toBe(fn(x)) — always passes regardless of fn's behavior
 
 type-safety-reviewer:
-  ⚠️ Medium — Line 7
-     Implicit any in parameter: function (data) — add explicit type
+  ⚠️ MEDIUM — Line 7
+     Implicit any in parameter: function (data) — add explicit type annotation
 
 ━━━ Verdict ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 
-  2 REJECTED. Fix all issues before this code reaches your codebase.
+  2 REJECTED. Fix all CRITICAL and HIGH issues before this code reaches your codebase.
   1 WARNING — review before approving.
+  8 APPROVED.
 ```
 
 ---
 
-## When to Use This
+## Retry Protocol
+
+If code is rejected:
+
+```
+Attempt 1 → Fix issues from verdicts and resubmit
+Attempt 2 → Stricter constraints + specific reviewer feedback
+Attempt 3 → Maximum constraints + full context dump
+Attempt 4 → HALT. Escalate to human with full failure history.
+```
+
+Hard limit: **3 revisions**. After 3 rejections, the agent stops and reports.
+
+---
+
+## Cross-Workflow Navigation
+
+| After seeing findings... | Go to |
+|---|---|
+| Security findings need a targeted scan | `/audit` for full project-wide security sweep |
+| Performance issues found | `/tribunal-performance` for deeper profiling |
+| SQL injection pattern found | Check with `/tribunal-database` across all queries |
+| Stale or phantom deps found | `/audit` → dependency scan |
+
+---
+
+## Usage
 
 ```
 /tribunal-full [paste any code]
 /tribunal-full before merging
 /tribunal-full when you're unsure which domain applies
+/tribunal-full the entire auth service
 ```