universal-dev-standards 5.3.2 → 5.5.0

package/src/commands/flow.js

@@ -2,6 +2,14 @@
  * UDS Flow Command — SPEC-FLOW-001
  *
  * CLI 命令：管理自訂 SDLC 流程（create/list/validate/diff/export/import）。
+ *
+ * @deprecated XSPEC-095 (2026-04-28): This command is superseded by `devap flow`.
+ *   The list/validate/diff operations have been extracted to DevAP:
+ *   - CLI command: dev-autopilot/packages/cli/src/commands/flow-mgmt.ts
+ *
+ *   棄用理由：UDS 專注於活動定義，DevAP 承擔流程編排（XSPEC-086 / DEC-049）。
+ *   UDS 5.x 仍維持本命令可用（向後相容），UDS 6.0.0 將移除。
+ *   建議遷移：`uds flow list/validate/diff` → `devap flow list/validate/diff`
  */
 
 import { existsSync, readdirSync, readFileSync, writeFileSync, mkdirSync } from 'fs';

package/src/commands/start.js

@@ -1,3 +1,17 @@
+/**
+ * UDS Start Command — Mission 任務啟動
+ *
+ * 啟動一個具名任務（Mission）並設定任務意圖。
+ *
+ * @deprecated XSPEC-095 (2026-04-28): This command is superseded by `devap mission`.
+ *   The orchestration logic has been extracted to DevAP:
+ *   - Core module: dev-autopilot/packages/core/src/mission/
+ *   - CLI command: dev-autopilot/packages/cli/src/commands/mission.ts
+ *
+ *   棄用理由：UDS 專注於活動定義，DevAP 承擔流程編排（XSPEC-086 / DEC-049）。
+ *   UDS 5.x 仍維持本命令可用（向後相容），UDS 6.0.0 將移除。
+ *   建議遷移：`uds start ...` → `devap mission start <type> "<intent>"`
+ */
 import chalk from 'chalk';
 import { select, input, confirm as inquirerConfirm } from '@inquirer/prompts';
 import { MissionManager, MissionType, MissionState } from '../missions/MissionManager.js';

package/src/commands/sweep.js

@@ -6,6 +6,14 @@
  *
  * @module commands/sweep
  * @see docs/specs/system/vibe-coding-integration.md (AC-2)
+ * @deprecated XSPEC-095 (2026-04-28): This command is superseded by `devap sweep`.
+ *   The orchestration logic has been extracted to DevAP:
+ *   - Core module: dev-autopilot/packages/core/src/sweep/
+ *   - CLI command: dev-autopilot/packages/cli/src/commands/sweep.ts
+ *
+ *   棄用理由：UDS 專注於活動定義，DevAP 承擔流程編排（XSPEC-086 / DEC-049）。
+ *   UDS 5.x 仍維持本命令可用（向後相容），UDS 6.0.0 將移除。
+ *   建議遷移：`uds sweep ...` → `devap sweep [--fix] [--report]`
  */
 
 import chalk from 'chalk';

package/src/commands/workflow.js

@@ -4,6 +4,14 @@
  * CLI commands for listing and installing UDS workflows.
  *
  * @version 1.0.0
+ * @deprecated XSPEC-095 (2026-04-28): This command is superseded by `devap workflow`.
+ *   The orchestration logic has been extracted to DevAP:
+ *   - Core module: dev-autopilot/packages/core/src/workflow-state/ + core/src/flow/
+ *   - CLI command: dev-autopilot/packages/cli/src/commands/workflow.ts
+ *
+ *   棄用理由：UDS 專注於活動定義，DevAP 承擔流程編排（XSPEC-086 / DEC-049）。
+ *   UDS 5.x 仍維持本命令可用（向後相容），UDS 6.0.0 將移除。
+ *   建議遷移：`uds workflow ...` → `devap workflow list/execute/status`
  */
 
 import chalk from 'chalk';

package/standards-registry.json

@@ -1,6 +1,6 @@
 {
   "$schema": "https://json-schema.org/draft/2020-12/schema",
-  "version": "5.3.2",
+  "version": "5.5.0",
   "lastUpdated": "2026-04-16",
   "description": "Standards registry for universal-dev-standards with integrated skills and AI-optimized formats",
   "formats": {
@@ -58,14 +58,14 @@
     "standards": {
       "name": "universal-dev-standards",
       "url": "https://github.com/AsiaOstrich/universal-dev-standards",
-      "version": "5.3.2"
+      "version": "5.5.0"
     },
     "skills": {
       "name": "universal-dev-standards",
       "url": "https://github.com/AsiaOstrich/universal-dev-standards",
       "localPath": "skills",
       "rawUrl": "https://raw.githubusercontent.com/AsiaOstrich/universal-dev-standards/main/skills",
-      "version": "5.3.2",
+      "version": "5.5.0",
       "note": "Skills are now included in the main repository under skills/"
     }
   },
@@ -1007,7 +1007,12 @@
       },
       "category": "reference",
       "skillName": null,
-      "description": "Protocol for persisting and restoring workflow state across AI sessions"
+      "deprecated": true,
+      "deprecatedSince": "5.4.0",
+      "removalVersion": "6.0.0",
+      "canonicalOwner": "devap",
+      "canonicalPath": "dev-autopilot/standards/flow/workflow-state-protocol.ai.yaml",
+      "description": "DEPRECATED: Migrated to DevAP per DEC-049. Workflow state persistence protocol — see dev-autopilot/standards/flow/workflow-state-protocol.ai.yaml"
     },
     {
       "id": "workflow-enforcement",
@@ -1019,7 +1024,12 @@
       },
       "category": "reference",
       "skillName": null,
-      "description": "Machine-enforceable workflow gates that prevent phase skipping in SDD/TDD/BDD methodologies"
+      "deprecated": true,
+      "deprecatedSince": "5.4.0",
+      "removalVersion": "6.0.0",
+      "canonicalOwner": "devap",
+      "canonicalPath": "dev-autopilot/standards/flow/workflow-enforcement.ai.yaml",
+      "description": "DEPRECATED: Migrated to DevAP per DEC-049. Machine-enforceable workflow gates — see dev-autopilot/standards/flow/workflow-enforcement.ai.yaml"
     },
     {
       "id": "testing",
@@ -1172,7 +1182,66 @@
       },
       "category": "skill",
       "skillName": "test-coverage-assistant",
-      "description": "Framework for evaluating test coverage completeness"
+      "description": "Framework for evaluating test coverage completeness across 10 dimensions"
+    },
+    {
+      "id": "flow-based-testing",
+      "name": "Flow-Based Testing",
+      "nameZh": "流程解構測試",
+      "source": {
+        "human": "core/flow-based-testing.md",
+        "ai": "ai/standards/flow-based-testing.ai.yaml"
+      },
+      "category": "skill",
+      "skillName": "e2e-assistant",
+      "description": "Flow decomposition methodology for testing multi-step processes with branch coverage"
+    },
+    {
+      "id": "mock-boundary",
+      "name": "Mock Boundary Standards",
+      "nameZh": "Mock 邊界規則",
+      "source": {
+        "human": "core/mock-boundary.md",
+        "ai": "ai/standards/mock-boundary.ai.yaml"
+      },
+      "category": "skill",
+      "skillName": "testing-guide",
+      "description": "Rules defining what can and cannot be mocked to prevent hollow tests"
+    },
+    {
+      "id": "security-testing",
+      "name": "Security Testing Standards",
+      "nameZh": "安全測試標準",
+      "source": {
+        "human": "core/security-testing.md",
+        "ai": "ai/standards/security-testing.ai.yaml"
+      },
+      "category": "skill",
+      "skillName": "security-scan-assistant",
+      "description": "SAST, dependency auditing, DAST, and secret scanning methodology"
+    },
+    {
+      "id": "llm-output-validation",
+      "name": "LLM Output Validation Standards",
+      "nameZh": "LLM 輸出驗證標準",
+      "source": {
+        "human": "core/llm-output-validation.md",
+        "ai": "ai/standards/llm-output-validation.ai.yaml"
+      },
+      "category": "testing",
+      "description": "Standards for validating LLM and AI agent outputs: schema conformance, hallucination detection, prompt regression"
+    },
+    {
+      "id": "mutation-testing",
+      "name": "Mutation Testing Standards",
+      "nameZh": "突變測試標準",
+      "source": {
+        "human": "core/mutation-testing.md",
+        "ai": "ai/standards/mutation-testing.ai.yaml"
+      },
+      "category": "skill",
+      "skillName": "test-coverage-assistant",
+      "description": "Mutation testing methodology to evaluate test suite effectiveness"
     },
     {
       "id": "test-driven-development",
@@ -1367,7 +1436,12 @@
       },
       "category": "reference",
       "skillName": null,
-      "description": "Structured system for persisting agent execution artifacts with L1/L2/L3 tiered access model"
+      "deprecated": true,
+      "deprecatedSince": "5.4.0",
+      "removalVersion": "6.0.0",
+      "canonicalOwner": "devap",
+      "canonicalPath": "dev-autopilot/standards/orchestration/execution-history.ai.yaml",
+      "description": "DEPRECATED: Migrated to DevAP per DEC-049. Execution history L1/L2/L3 protocol — see dev-autopilot/standards/orchestration/execution-history.ai.yaml"
     },
     {
       "id": "project-context-memory",
@@ -1554,7 +1628,12 @@
       },
       "category": "reference",
       "skillName": null,
-      "description": "Configuration contract, stage model, and context classification for automated development pipelines"
+      "deprecated": true,
+      "deprecatedSince": "5.4.0",
+      "removalVersion": "6.0.0",
+      "canonicalOwner": "devap",
+      "canonicalPath": "dev-autopilot/standards/flow/pipeline-integration-standards.ai.yaml",
+      "description": "DEPRECATED: Migrated to DevAP per DEC-049. Pipeline 6-stage model — see dev-autopilot/standards/flow/pipeline-integration-standards.ai.yaml"
     },
     {
       "id": "acceptance-criteria-traceability",
@@ -1578,7 +1657,12 @@
       },
       "category": "reference",
       "skillName": null,
-      "description": "Pending changes state machine, threshold strategies, and atomicity guarantees for batch commits"
+      "deprecated": true,
+      "deprecatedSince": "5.4.0",
+      "removalVersion": "6.0.0",
+      "canonicalOwner": "devap",
+      "canonicalPath": "dev-autopilot/standards/flow/change-batching-standards.ai.yaml",
+      "description": "DEPRECATED: Migrated to DevAP per DEC-049. Change batching state machine — see dev-autopilot/standards/flow/change-batching-standards.ai.yaml"
     },
     {
       "id": "migration-template",
@@ -1612,7 +1696,12 @@
       },
       "category": "skill",
       "skillName": null,
-      "description": "Sub-agent dispatch, parallel coordination, and status protocol (DONE/DONE_WITH_CONCERNS/NEEDS_CONTEXT/BLOCKED)"
+      "deprecated": true,
+      "deprecatedSince": "5.4.0",
+      "removalVersion": "6.0.0",
+      "canonicalOwner": "devap",
+      "canonicalPath": "dev-autopilot/standards/orchestration/agent-dispatch.ai.yaml",
+      "description": "DEPRECATED: Migrated to DevAP per DEC-049. Agent dispatch protocol — see dev-autopilot/standards/orchestration/agent-dispatch.ai.yaml"
     },
     {
       "id": "agent-communication-protocol",
@@ -1624,7 +1713,12 @@
       },
       "category": "skill",
       "skillName": null,
-      "description": "Unified status codes, envelope protocol, structured handoff, and versioning for cross-project agent communication"
+      "deprecated": true,
+      "deprecatedSince": "5.4.0",
+      "removalVersion": "6.0.0",
+      "canonicalOwner": "devap",
+      "canonicalPath": "dev-autopilot/standards/orchestration/agent-communication-protocol.ai.yaml",
+      "description": "DEPRECATED: Migrated to DevAP per DEC-049. Agent envelope/handoff protocol — see dev-autopilot/standards/orchestration/agent-communication-protocol.ai.yaml"
     },
     {
       "id": "model-selection",
@@ -1660,7 +1754,12 @@
       },
       "category": "reference",
       "skillName": null,
-      "description": "Branch completion workflow with 4 options (merge/PR/keep/discard) and prerequisite checks"
+      "deprecated": true,
+      "deprecatedSince": "5.4.0",
+      "removalVersion": "6.0.0",
+      "canonicalOwner": "devap",
+      "canonicalPath": "dev-autopilot/standards/flow/branch-completion.ai.yaml",
+      "description": "DEPRECATED: Migrated to DevAP per DEC-049. Branch completion workflow — see dev-autopilot/standards/flow/branch-completion.ai.yaml"
     },
     {
       "id": "verification-evidence",
@@ -2118,6 +2217,369 @@
       },
       "category": "core",
       "description": "Security checkpoints embedded in CI pipeline — SAST, DAST, SCA, secrets scan with block/warn/log behavior"
+    },
+    {
+      "id": "slo-sli",
+      "name": "SLO/SLI Definition Standards",
+      "nameZh": "SLO/SLI 定義標準",
+      "source": {
+        "human": "core/slo-sli.md",
+        "ai": "ai/standards/slo-sli.ai.yaml"
+      },
+      "category": "core",
+      "description": "SLI selection per service type, SLO target-setting methodology, error budget policies, and multi-window burn-rate alerting"
+    },
+    {
+      "id": "runbook",
+      "name": "Runbook Writing Standards",
+      "nameZh": "Runbook 撰寫標準",
+      "source": {
+        "human": "core/runbook.md",
+        "ai": "ai/standards/runbook.ai.yaml"
+      },
+      "category": "core",
+      "description": "Required sections, reproducible steps, naming conventions, review cadence, and drill frequency for operational runbooks"
+    },
+    {
+      "id": "incident-response",
+      "name": "Incident Response Standards",
+      "nameZh": "事件回應標準",
+      "source": {
+        "human": "core/incident-response.md",
+        "ai": "ai/standards/incident-response.ai.yaml"
+      },
+      "category": "core",
+      "description": "Severity classification, IC role, stakeholder communication, blameless postmortem, on-call rotation, and incident metrics"
+    },
+    {
+      "id": "license-compliance",
+      "name": "License Compliance Standards",
+      "nameZh": "授權合規標準",
+      "source": {
+        "human": "core/license-compliance.md",
+        "ai": "ai/standards/license-compliance.ai.yaml"
+      },
+      "category": "core",
+      "description": "License tier classification, automated scanning in CI, SBOM generation, attribution notices, and violation remediation"
+    },
+    {
+      "id": "pii-classification",
+      "name": "PII Classification and Handling Standards",
+      "nameZh": "PII 分類與處理標準",
+      "source": {
+        "human": "core/pii-classification.md",
+        "ai": "ai/standards/pii-classification.ai.yaml"
+      },
+      "category": "core",
+      "description": "Three-tier PII sensitivity classification, data minimization, masking in non-production, retention schedules, and cross-border transfer controls"
+    },
+    {
+      "id": "audit-trail",
+      "name": "Audit Trail Standards",
+      "nameZh": "稽核追蹤標準",
+      "source": {
+        "human": "core/audit-trail.md",
+        "ai": "ai/standards/audit-trail.ai.yaml"
+      },
+      "category": "core",
+      "description": "Mandatory auditable events, record schema, immutability, retention periods, query/export, and SIEM integration"
+    },
+    {
+      "id": "schema-evolution",
+      "name": "Schema Evolution Standards",
+      "nameZh": "Schema 演進標準",
+      "source": {
+        "human": "core/schema-evolution.md",
+        "ai": "ai/standards/schema-evolution.ai.yaml"
+      },
+      "category": "core",
+      "description": "Backward-compatible change patterns, prohibited breaking changes, expand-contract migration, schema versioning, and CI compatibility checks"
+    },
+    {
+      "id": "data-contract",
+      "name": "Data Contract Standards",
+      "nameZh": "資料契約標準",
+      "source": {
+        "human": "core/data-contract.md",
+        "ai": "ai/standards/data-contract.ai.yaml"
+      },
+      "category": "core",
+      "description": "Data contract specification format, quality SLOs, breaking-change governance, automated contract testing, and consumer registration"
+    },
+    {
+      "id": "data-pipeline",
+      "name": "Data Pipeline Standards",
+      "nameZh": "資料管線標準",
+      "source": {
+        "human": "core/data-pipeline.md",
+        "ai": "ai/standards/data-pipeline.ai.yaml"
+      },
+      "category": "core",
+      "description": "Idempotency, error handling with DLQs, checkpointing, data lineage, pipeline observability SLOs, and testing requirements"
+    },
+    {
+      "id": "iac-design-principles",
+      "name": "Infrastructure as Code Design Principles",
+      "nameZh": "基礎設施即程式碼設計原則",
+      "source": {
+        "human": "core/iac-design-principles.md",
+        "ai": "ai/standards/iac-design-principles.ai.yaml"
+      },
+      "category": "core",
+      "description": "Four IaC principles (reproducible, immutable, idempotent, versioned), remote state with locking, and drift detection with three-category classification"
+    },
+    {
+      "id": "container-image-standards",
+      "name": "Container Image Build and Security Standards",
+      "nameZh": "容器映像建構與安全標準",
+      "source": {
+        "human": "core/container-image-standards.md",
+        "ai": "ai/standards/container-image-standards.ai.yaml"
+      },
+      "category": "core",
+      "description": "Dockerfile five principles (multi-stage, non-root, distroless, no secrets, SBOM labels), SBOM embedding via syft/trivy, and CVE scanning block policy"
+    },
+    {
+      "id": "secret-management-standards",
+      "name": "Secret Management and Credential Hygiene Standards",
+      "nameZh": "機密管理與憑證衛生標準",
+      "source": {
+        "human": "core/secret-management-standards.md",
+        "ai": "ai/standards/secret-management-standards.ai.yaml"
+      },
+      "category": "core",
+      "description": "Three secret source tiers (Vault, Cloud KMS, SOPS), rotation policies by credential type, hardcoded secret prevention, and safe injection patterns"
+    },
+    {
+      "id": "prd-standards",
+      "name": "Product Requirements Document Standards",
+      "nameZh": "產品需求文件標準",
+      "source": {
+        "human": "core/prd-standards.md",
+        "ai": "ai/standards/prd-standards.ai.yaml"
+      },
+      "category": "core",
+      "description": "PRD five sections (Problem, Persona, Metrics, Scope, Constraints), PRD-to-user-story bridge with metric traceability, and post-kickoff revision policy"
+    },
+    {
+      "id": "product-metrics-standards",
+      "name": "Product Metrics Framework Standards",
+      "nameZh": "產品指標框架標準",
+      "source": {
+        "human": "core/product-metrics-standards.md",
+        "ai": "ai/standards/product-metrics-standards.ai.yaml"
+      },
+      "category": "core",
+      "description": "Framework selection matrix (AARRR/HEART/North Star), North Star four criteria, three-level metric hierarchy, and anti-vanity metric rule"
+    },
+    {
+      "id": "user-story-mapping",
+      "name": "User Story Mapping Standards",
+      "nameZh": "使用者故事地圖標準",
+      "source": {
+        "human": "core/user-story-mapping.md",
+        "ai": "ai/standards/user-story-mapping.ai.yaml"
+      },
+      "category": "core",
+      "description": "Three-layer story map (Backbone, Walking Skeleton, Detail Stories), MVP horizontal slice rule, INVEST compliance per story, and GWT acceptance criteria"
+    },
+    {
+      "id": "secure-op",
+      "name": "Secure-Op Standard",
+      "nameZh": "AI Agent 安全操作標準",
+      "source": {
+        "human": "core/secure-op.md",
+        "ai": "ai/standards/secure-op.ai.yaml"
+      },
+      "category": "security",
+      "description": "AI Agent secure operation methodology: Veto-based decision, SOBR risk scoring, Fail-Closed principle, tamper-evident audit chain, HITL escalation, and prompt injection defense"
+    },
+    {
+      "id": "server-ops-security",
+      "name": "Server Operations Security",
+      "nameZh": "伺服器操作安全標準",
+      "source": {
+        "human": "core/server-ops-security.md",
+        "ai": "ai/standards/server-ops-security.ai.yaml"
+      },
+      "category": "security",
+      "description": "SSH hardening, host configuration, privilege management, bastion patterns, patch management SLA, and network isolation for AI Agent production environments"
+    },
+    {
+      "id": "container-security",
+      "name": "Container Security",
+      "nameZh": "容器安全標準",
+      "source": {
+        "human": "core/container-security.md",
+        "ai": "ai/standards/container-security.ai.yaml"
+      },
+      "category": "security",
+      "description": "Container image hardening, registry security, runtime protection, secrets management, Kubernetes network policy, and supply chain integrity for AI Agent production environments"
+    },
+    {
+      "id": "adversarial-test",
+      "name": "Adversarial Test Standards",
+      "nameZh": "對抗性測試標準",
+      "source": {
+        "human": "core/adversarial-test.md",
+        "ai": "ai/standards/adversarial-test.ai.yaml"
+      },
+      "category": "testing",
+      "description": "Red-team corpus design for AI agents: OWASP LLM Top 10 adversarial probes (prompt injection LLM01, PII exfiltration LLM06, privilege escalation LLM08, source-agent spoofing)"
+    },
+    {
+      "id": "policy-as-code-testing",
+      "name": "Policy as Code Testing Standards",
+      "nameZh": "Policy as Code 測試標準",
+      "source": {
+        "human": "core/policy-as-code-testing.md",
+        "ai": "ai/standards/policy-as-code-testing.ai.yaml"
+      },
+      "category": "testing",
+      "description": "OPA Rego unit test standards: _test.rego file conventions, ALLOW/DENY/boundary cases, Fail-Closed default, CI opa test integration, anti-patterns (array.concat on sets)"
+    },
+    {
+      "id": "sast-advanced",
+      "name": "Advanced SAST Standards",
+      "nameZh": "進階 SAST 標準",
+      "source": {
+        "human": "core/sast-advanced.md",
+        "ai": "ai/standards/sast-advanced.ai.yaml"
+      },
+      "category": "security",
+      "description": "CodeQL semantic code analysis + secret scanning + Biome security rules. Complements dependency auditing with deep static analysis detecting injection vulnerabilities."
+    }
+    ,
+    {
+      "id": "prompt-regression",
+      "name": "Prompt Regression Standards",
+      "nameZh": "Prompt 回歸測試標準",
+      "source": {
+        "human": "core/prompt-regression.md",
+        "ai": "ai/standards/prompt-regression.ai.yaml"
+      },
+      "category": "testing",
+      "description": "Golden SHA-256 checksum tests for AI agent prompt files. Detects unintended prompt changes in CI; requires documented acknowledgment when checksums are updated."
+    }
+    ,
+    {
+      "id": "supply-chain-attestation",
+      "name": "Supply Chain Attestation Standards",
+      "nameZh": "供應鏈溯源標準",
+      "source": {
+        "human": "core/supply-chain-attestation.md",
+        "ai": "ai/standards/supply-chain-attestation.ai.yaml"
+      },
+      "category": "security",
+      "description": "CycloneDX SBOM generation, SLSA provenance (L1/L2), and cosign signing for verifiable software supply chain integrity from source to deployed artefact."
+    }
+    ,
+    {
+      "id": "cost-budget-test",
+      "name": "Cost Budget Test Standards",
+      "nameZh": "成本預算測試標準",
+      "source": {
+        "human": "core/cost-budget-test.md",
+        "ai": "ai/standards/cost-budget-test.ai.yaml"
+      },
+      "category": "testing",
+      "description": "Unit tests for AI agent token budget zone classification boundaries (safe/warning/danger/blocking), pipeline cost thresholds, and runaway-loop prevention guards."
+    }
+    ,
+    {
+      "id": "replay-test",
+      "name": "Replay Test Standards",
+      "nameZh": "回放測試標準",
+      "source": {
+        "human": "core/replay-test.md",
+        "ai": "ai/standards/replay-test.ai.yaml"
+      },
+      "category": "testing",
+      "description": "Golden fixture recording and deterministic replay for AI agent pipelines. Enables customer bug reproduction, verdict regression detection, and incident investigation without a live LLM."
+    }
+    ,
+    {
+      "id": "smoke-test",
+      "name": "Smoke Test Standards",
+      "nameZh": "煙霧測試標準",
+      "source": {
+        "human": "core/smoke-test.md",
+        "ai": "ai/standards/smoke-test.ai.yaml"
+      },
+      "category": "testing",
+      "description": "Post-deployment sanity checks verifying critical paths (health endpoint, core API) complete in under 30 seconds with zero external dependencies."
+    }
+    ,
+    {
+      "id": "property-based-testing",
+      "name": "Property-Based Testing Standards",
+      "nameZh": "屬性基礎測試標準",
+      "source": {
+        "human": "core/property-based-testing.md",
+        "ai": "ai/standards/property-based-testing.ai.yaml"
+      },
+      "category": "testing",
+      "description": "fast-check / Hypothesis property tests for pure functions: range clamping, determinism, monotonicity, round-trip. Complements example-based unit tests by generating hundreds of random inputs."
+    }
+    ,
+    {
+      "id": "disaster-recovery-drill",
+      "name": "Disaster Recovery Drill Standards",
+      "nameZh": "災難恢復演練標準",
+      "source": {
+        "human": "core/disaster-recovery-drill.md",
+        "ai": "ai/standards/disaster-recovery-drill.ai.yaml"
+      },
+      "category": "operations",
+      "description": "Quarterly DR drill protocol: RTO/RPO targets, backup restore verification, Game Day exercises, drill records retained 12 months."
+    }
+    ,
+    {
+      "id": "flaky-test-management",
+      "name": "Flaky Test Management Standards",
+      "nameZh": "不穩定測試管理標準",
+      "source": {
+        "human": "core/flaky-test-management.md",
+        "ai": "ai/standards/flaky-test-management.ai.yaml"
+      },
+      "category": "testing",
+      "description": "Policies for detecting, quarantining (< 48h), and eliminating (< 30 days) flaky tests. Retry policy, root cause documentation, and quarantine annotation conventions."
+    }
+    ,
+    {
+      "id": "data-migration-testing",
+      "name": "Data Migration Testing Standards",
+      "nameZh": "資料遷移測試標準",
+      "source": {
+        "human": "core/data-migration-testing.md",
+        "ai": "ai/standards/data-migration-testing.ai.yaml"
+      },
+      "category": "testing",
+      "description": "Standards for database schema migration tests: up/down/idempotency/data-preservation coverage. Requires isolated in-memory DB per test, verifiable rollback path, and data integrity after ALTER/DROP."
+    }
+    ,
+    {
+      "id": "chaos-injection-tests",
+      "name": "Chaos Injection Test Standards",
+      "nameZh": "混沌注入測試標準",
+      "source": {
+        "human": "core/chaos-injection-tests.md",
+        "ai": "ai/standards/chaos-injection-tests.ai.yaml"
+      },
+      "category": "testing",
+      "description": "Executable chaos injection tests for AI agent systems: LLM timeout/rate-limit, DB disconnect rollback, policy-engine fail-closed, and inter-agent blast-radius containment tests."
+    }
+    ,
+    {
+      "id": "release-quality-manifest",
+      "name": "Release Quality Manifest Standards",
+      "nameZh": "發布品質宣言標準",
+      "source": {
+        "human": "core/release-quality-manifest.md",
+        "ai": "ai/standards/release-quality-manifest.ai.yaml"
+      },
+      "category": "deployment",
+      "description": "Machine-readable per-release Quality Manifest aggregating all gate results (coverage, mutation, CVE, SAST, E2E, container scan, SBOM, LLM hallucination). Auto-generated by CI; customer-shareable."
     }
   ]
 }