vibe-forge 0.4.0 → 0.8.1

package/bin/lib/daemon/dependencies.sh

@@ -0,0 +1,146 @@
+#!/usr/bin/env bash
+#
+# bin/lib/daemon/dependencies.sh
+#
+# Task dependency resolution (T2-H2)
+#
+# Checks blocked_by fields in pending task frontmatter. Tasks whose
+# blockers are all resolved (in completed/ or merged/) are eligible
+# for dispatch. Tasks with unresolved blockers are surfaced in the
+# state file so Planning Hub and the dashboard can show them.
+#
+# Dependencies: frontmatter.js, constants.sh
+# Globals required: FORGE_ROOT, TASKS_PENDING, TASKS_COMPLETED,
+#                   TASKS_MERGED, LOG_FILE
+
+# Prevent double-sourcing
+[[ -n "${_DAEMON_DEPENDENCIES_LOADED:-}" ]] && return 0
+_DAEMON_DEPENDENCIES_LOADED=1
+
+# Node.js frontmatter helper
+FRONTMATTER_JS="${FRONTMATTER_JS:-$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)/frontmatter.js}"
+
+# Count of currently blocked tasks (used by state.sh)
+BLOCKED_TASK_COUNT=0
+
+# Check if a task ID exists in completed or merged directories
+_is_task_resolved() {
+    local task_id="$1"
+    local completed_dir="$FORGE_ROOT/$TASKS_COMPLETED"
+    local merged_dir="$FORGE_ROOT/$TASKS_MERGED"
+
+    # Check completed/
+    for f in "$completed_dir"/*.md; do
+        [[ -f "$f" ]] || continue
+        if grep -q "^id: *${task_id}$" "$f" 2>/dev/null; then
+            return 0
+        fi
+    done
+
+    # Check merged/
+    for f in "$merged_dir"/*.md; do
+        [[ -f "$f" ]] || continue
+        if grep -q "^id: *${task_id}$" "$f" 2>/dev/null; then
+            return 0
+        fi
+    done
+
+    return 1
+}
+
+# Check all pending tasks for unresolved blockers.
+# Sets BLOCKED_TASK_COUNT and outputs YAML for blocked tasks.
+check_task_dependencies() {
+    BLOCKED_TASK_COUNT=0
+    local pending_dir="$FORGE_ROOT/$TASKS_PENDING"
+
+    [[ -d "$pending_dir" ]] || return 0
+
+    for task_file in "$pending_dir"/*.md; do
+        [[ -f "$task_file" && ! -L "$task_file" ]] || continue
+
+        # Extract blocked_by field (comma or space separated list of task IDs)
+        local blocked_by
+        blocked_by=$(node "$FRONTMATTER_JS" "$task_file" "blocked_by" 2>/dev/null | sed -n 's/^blocked_by=//p')
+
+        [[ -z "$blocked_by" ]] && continue
+
+        # Parse the list (handle comma-separated, space-separated, or YAML array)
+        local blockers
+        blockers=$(echo "$blocked_by" | tr ',[]' '   ' | tr -s ' ')
+
+        local unresolved=""
+        local all_resolved=true
+
+        for blocker_id in $blockers; do
+            # Skip empty tokens
+            [[ -z "$blocker_id" ]] && continue
+
+            if ! _is_task_resolved "$blocker_id"; then
+                all_resolved=false
+                if [[ -n "$unresolved" ]]; then
+                    unresolved="$unresolved, $blocker_id"
+                else
+                    unresolved="$blocker_id"
+                fi
+            fi
+        done
+
+        if [[ "$all_resolved" == "false" ]]; then
+            ((BLOCKED_TASK_COUNT++)) || true
+            local task_id
+            task_id=$(node "$FRONTMATTER_JS" "$task_file" "id" 2>/dev/null | sed -n 's/^id=//p')
+            task_id="${task_id:-$(basename "$task_file" .md)}"
+            echo "[$(date -Iseconds)] BLOCKED: $task_id waiting on: $unresolved" >> "$LOG_FILE"
+        fi
+    done
+}
+
+# Build YAML section for blocked tasks (called by state.sh update_state)
+build_blocked_tasks() {
+    local pending_dir="$FORGE_ROOT/$TASKS_PENDING"
+
+    [[ -d "$pending_dir" ]] || return 0
+
+    local has_blocked=false
+
+    for task_file in "$pending_dir"/*.md; do
+        [[ -f "$task_file" && ! -L "$task_file" ]] || continue
+
+        local blocked_by
+        blocked_by=$(node "$FRONTMATTER_JS" "$task_file" "blocked_by" 2>/dev/null | sed -n 's/^blocked_by=//p')
+
+        [[ -z "$blocked_by" ]] && continue
+
+        local blockers unresolved_list=""
+        blockers=$(echo "$blocked_by" | tr ',[]' '   ' | tr -s ' ')
+
+        for blocker_id in $blockers; do
+            [[ -z "$blocker_id" ]] && continue
+            if ! _is_task_resolved "$blocker_id"; then
+                if [[ -n "$unresolved_list" ]]; then
+                    unresolved_list="$unresolved_list, $blocker_id"
+                else
+                    unresolved_list="$blocker_id"
+                fi
+            fi
+        done
+
+        if [[ -n "$unresolved_list" ]]; then
+            if [[ "$has_blocked" == "false" ]]; then
+                echo "blocked_tasks:"
+                has_blocked=true
+            fi
+
+            local task_id title
+            task_id=$(node "$FRONTMATTER_JS" "$task_file" "id" 2>/dev/null | sed -n 's/^id=//p')
+            title=$(node "$FRONTMATTER_JS" "$task_file" "title" 2>/dev/null | sed -n 's/^title=//p')
+            task_id="${task_id:-$(basename "$task_file" .md)}"
+            title="${title:-Untitled}"
+
+            printf '  - id: %s\n' "$task_id"
+            printf '    title: "%s"\n' "$title"
+            printf '    waiting_on: "%s"\n' "$unresolved_list"
+        fi
+    done
+}

package/bin/lib/daemon/display.sh

@@ -0,0 +1,128 @@
+#!/usr/bin/env bash
+#
+# bin/lib/daemon/display.sh
+#
+# Status display functions for the daemon status command
+#
+# Dependencies: colors.sh, constants.sh, json.sh
+# Globals required: FORGE_ROOT, PID_FILE, STATE_FILE, NOTIFY_FILE,
+#                   AGENT_STATUS_DIR, TASKS_ATTENTION, STALE_STATUS_THRESHOLD
+
+# Prevent double-sourcing
+[[ -n "${_DAEMON_DISPLAY_LOADED:-}" ]] && return 0
+_DAEMON_DISPLAY_LOADED=1
+
+# Display daemon running status (PID check)
+display_daemon_status() {
+    if [[ -f "$PID_FILE" ]]; then
+        local pid
+        pid=$(cat "$PID_FILE")
+        if kill -0 "$pid" 2>/dev/null; then
+            log_success "Running (PID: $pid)"
+        else
+            log_warn "Stopped (stale PID file)"
+        fi
+    else
+        echo "Status: Stopped"
+    fi
+}
+
+# Display task counts from state file
+display_task_counts() {
+    if [[ -f "$STATE_FILE" ]]; then
+        echo "Task Counts:"
+        grep -E "pending:|in_progress:|completed:|in_review:|approved:|needs_changes:|merged:|attention_needed:" "$STATE_FILE" | sed 's/^/  /'
+    fi
+}
+
+# Display workers needing attention (urgent alerts)
+display_attention_needed() {
+    local attention_count
+    attention_count=$(find "$FORGE_ROOT/$TASKS_ATTENTION" -maxdepth 1 -name "*.md" -type f 2>/dev/null | wc -l)
+    if [[ "$attention_count" -gt 0 ]]; then
+        echo -e "${RED}🔔 ATTENTION NEEDED:${NC}"
+        for attention_file in "$FORGE_ROOT/$TASKS_ATTENTION"/*.md; do
+            if [[ -f "$attention_file" && ! -L "$attention_file" ]]; then
+                local agent issue
+                agent=$(grep -m1 "^agent:" "$attention_file" 2>/dev/null | cut -d':' -f2 | tr -d ' "' | head -c 50)
+                issue=$(sed -n '/^## Issue/,/^##/p' "$attention_file" 2>/dev/null | grep -v "^##" | head -1 | head -c 80)
+                echo -e "  ${YELLOW}$agent${NC}: $issue"
+            fi
+        done
+        echo ""
+    fi
+}
+
+# Get status icon for worker status
+get_status_icon() {
+    local status="$1"
+    case "$status" in
+        "working") echo "🔨" ;;
+        "idle") echo "💤" ;;
+        "blocked") echo "🚫" ;;
+        "testing") echo "🧪" ;;
+        "reviewing") echo "👁️" ;;
+        *) echo "❓" ;;
+    esac
+}
+
+# Display active worker statuses with staleness indicators
+display_worker_status() {
+    if [[ ! -d "$FORGE_ROOT/$AGENT_STATUS_DIR" ]]; then
+        return
+    fi
+
+    local status_count
+    status_count=$(find "$FORGE_ROOT/$AGENT_STATUS_DIR" -maxdepth 1 -name "*.json" -type f 2>/dev/null | wc -l)
+    if [[ "$status_count" -eq 0 ]]; then
+        return
+    fi
+
+    echo "Active Workers:"
+    local now_epoch stale_threshold
+    now_epoch=$(date +%s)
+    stale_threshold=$STALE_STATUS_THRESHOLD
+
+    for status_file in "$FORGE_ROOT/$AGENT_STATUS_DIR"/*.json; do
+        if [[ -f "$status_file" && ! -L "$status_file" ]]; then
+            local agent status task updated stale_marker icon
+            agent=$(json_read "$status_file" "agent" "unknown")
+            status=$(json_read "$status_file" "status" "unknown")
+            task=$(json_read "$status_file" "task" "")
+            updated=$(json_read "$status_file" "updated" "")
+
+            # Check staleness
+            stale_marker=""
+            if [[ -n "$updated" ]]; then
+                local updated_epoch age
+                updated_epoch=$(date -d "$updated" +%s 2>/dev/null || date -j -f "%Y-%m-%dT%H:%M:%S" "${updated%Z}" +%s 2>/dev/null || echo "0")
+                age=$((now_epoch - updated_epoch))
+                if [[ "$age" -gt "$stale_threshold" ]]; then
+                    stale_marker=" ${YELLOW}(stale)${NC}"
+                fi
+            fi
+
+            icon=$(get_status_icon "$status")
+
+            if [[ -n "$task" ]]; then
+                echo -e "  $icon ${CYAN}$agent${NC}: $status ($task)$stale_marker"
+            else
+                echo -e "  $icon ${CYAN}$agent${NC}: $status$stale_marker"
+            fi
+        fi
+    done
+    echo ""
+}
+
+# Display recent notifications from log
+display_recent_notifications() {
+    if [[ -f "$NOTIFY_FILE" ]]; then
+        local notify_count
+        notify_count=$(wc -l < "$NOTIFY_FILE" 2>/dev/null || echo "0")
+        if [[ "$notify_count" -gt 0 ]]; then
+            echo "Recent Notifications (last 5):"
+            tail -5 "$NOTIFY_FILE" | sed 's/^/  /'
+            echo ""
+        fi
+    fi
+}

package/bin/lib/daemon/notifications.sh

@@ -0,0 +1,273 @@
+#!/usr/bin/env bash
+#
+# bin/lib/daemon/notifications.sh
+#
+# Daemon notification functions - pending task alerts, attention signals,
+# system toasts, and Heimdall escalation handling
+#
+# Dependencies: colors.sh, constants.sh
+# Globals required: FORGE_ROOT, NOTIFY_FILE, NOTIFIED_FILE, LOG_FILE,
+#                   TASKS_PENDING, TASKS_NEEDS_CHANGES, TASKS_ATTENTION
+
+# Prevent double-sourcing
+[[ -n "${_DAEMON_NOTIFICATIONS_LOADED:-}" ]] && return 0
+_DAEMON_NOTIFICATIONS_LOADED=1
+
+# Node.js frontmatter helper (RT-20260405-001 MEDIUM-5: replaces grep/cut YAML parsing)
+FRONTMATTER_JS="${FRONTMATTER_JS:-$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)/frontmatter.js}"
+
+# Parse a single frontmatter field from a markdown file.
+_notif_fm_field() {
+    node "$FRONTMATTER_JS" "$1" "$2" 2>/dev/null | sed -n "s/^${2}=//p"
+}
+
+# SECURITY: Sanitize message for safe use in shell commands
+# Removes/escapes characters that could cause command injection
+sanitize_notification_message() {
+    local msg="$1"
+    # Remove null bytes
+    msg="${msg//$'\0'/}"
+    # Remove characters that could escape out of string contexts
+    # PowerShell: $, `, ', ", (), {}
+    # osascript: ', ", \, $
+    # We allow: alphanumeric, spaces, periods, commas, colons, hyphens, underscores
+    msg=$(echo "$msg" | tr -cd 'a-zA-Z0-9 .,;:!?_-')
+    # Limit length to prevent buffer issues
+    msg="${msg:0:200}"
+    echo "$msg"
+}
+
+notify() {
+    local message="$1"
+    local urgency="${2:-normal}"  # normal or urgent
+    local timestamp
+    timestamp=$(date -Iseconds)
+
+    # SECURITY: Sanitize before logging to prevent ANSI escape injection and
+    # control-character log poisoning. sanitize_notification_message() strips
+    # everything except alphanumeric, spaces, and safe punctuation.
+    local safe_message
+    safe_message=$(sanitize_notification_message "$message")
+
+    # Log to notifications file
+    echo "[$timestamp] $safe_message" >> "$NOTIFY_FILE"
+
+    # Log to main log
+    echo "[$timestamp] NOTIFY: $safe_message" >> "$LOG_FILE"
+
+    # Terminal bell (works in most terminals)
+    printf '\a'
+
+    # System toast notification for urgent messages
+    if [[ "$urgency" == "urgent" ]]; then
+        send_system_notification "$safe_message"
+    fi
+}
+
+# Send system-level notification (platform-specific)
+send_system_notification() {
+    local message="$1"
+    local title="Vibe Forge"
+
+    # SECURITY: Sanitize message to prevent command injection
+    message=$(sanitize_notification_message "$message")
+
+    case "$(uname -s)" in
+        MINGW*|MSYS*|CYGWIN*)
+            # Windows: Use PowerShell toast notification
+            # SECURITY: Message is sanitized above, title is hardcoded
+            powershell.exe -NoProfile -Command "
+                \$null = [Windows.UI.Notifications.ToastNotificationManager, Windows.UI.Notifications, ContentType = WindowsRuntime]
+                \$template = [Windows.UI.Notifications.ToastNotificationManager]::GetTemplateContent([Windows.UI.Notifications.ToastTemplateType]::ToastText02)
+                \$textNodes = \$template.GetElementsByTagName('text')
+                \$textNodes.Item(0).AppendChild(\$template.CreateTextNode('$title')) | Out-Null
+                \$textNodes.Item(1).AppendChild(\$template.CreateTextNode('$message')) | Out-Null
+                \$toast = [Windows.UI.Notifications.ToastNotification]::new(\$template)
+                [Windows.UI.Notifications.ToastNotificationManager]::CreateToastNotifier('Vibe Forge').Show(\$toast)
+            " 2>/dev/null &
+            ;;
+        Darwin)
+            # macOS: Use osascript
+            # SECURITY: Message is sanitized above
+            osascript -e "display notification \"$message\" with title \"$title\"" 2>/dev/null &
+            ;;
+        Linux)
+            # Linux: Use notify-send if available
+            # SECURITY: notify-send handles escaping, but message is sanitized anyway
+            if command -v notify-send &>/dev/null; then
+                notify-send "$title" "$message" 2>/dev/null &
+            fi
+            ;;
+    esac
+}
+
+check_new_pending_tasks() {
+    # Create notified file if it doesn't exist
+    touch "$NOTIFIED_FILE"
+
+    # Check for new pending tasks
+    for task in "$FORGE_ROOT/$TASKS_PENDING"/*.md; do
+        if [[ -f "$task" && ! -L "$task" ]]; then
+            local filename
+            filename=$(basename "$task")
+
+            # Check if we've already notified about this task
+            if ! grep -qF "$filename" "$NOTIFIED_FILE" 2>/dev/null; then
+                # Extract task info from frontmatter safely
+                local task_id task_title assigned_to
+
+                task_id=$(_notif_fm_field "$task" "id")
+                task_title=$(_notif_fm_field "$task" "title")
+                assigned_to=$(_notif_fm_field "$task" "assigned_to")
+
+                # Use filename as fallback
+                task_id="${task_id:-$filename}"
+                task_title="${task_title:-New task}"
+
+                # Notify
+                if [[ -n "$assigned_to" ]]; then
+                    notify "New task for $assigned_to: $task_title ($task_id)"
+                else
+                    notify "New pending task: $task_title ($task_id)"
+                fi
+
+                # Mark as notified (atomic append)
+                echo "$filename" >> "$NOTIFIED_FILE"
+            fi
+        fi
+    done
+
+    # Also check needs-changes for tasks that need rework
+    for task in "$FORGE_ROOT/$TASKS_NEEDS_CHANGES"/*.md; do
+        if [[ -f "$task" && ! -L "$task" ]]; then
+            local filename
+            filename=$(basename "$task")
+            local notified_key="needs-changes:$filename"
+
+            if ! grep -qF "$notified_key" "$NOTIFIED_FILE" 2>/dev/null; then
+                local task_id assigned_to
+                task_id=$(_notif_fm_field "$task" "id")
+                assigned_to=$(_notif_fm_field "$task" "assigned_to")
+
+                task_id="${task_id:-$filename}"
+
+                if [[ -n "$assigned_to" ]]; then
+                    notify "Task needs changes ($assigned_to): $task_id"
+                else
+                    notify "Task needs changes: $task_id"
+                fi
+
+                echo "$notified_key" >> "$NOTIFIED_FILE"
+            fi
+        fi
+    done
+}
+
+check_attention_needed() {
+    # Check for workers needing attention (urgent notifications)
+    if [[ ! -d "$FORGE_ROOT/$TASKS_ATTENTION" ]]; then
+        return 0
+    fi
+
+    for attention_file in "$FORGE_ROOT/$TASKS_ATTENTION"/*.md; do
+        if [[ -f "$attention_file" && ! -L "$attention_file" ]]; then
+            local filename
+            filename=$(basename "$attention_file")
+            local notified_key="attention:$filename"
+
+            if ! grep -qF "$notified_key" "$NOTIFIED_FILE" 2>/dev/null; then
+                # Extract attention info
+                local agent issue
+                agent=$(_notif_fm_field "$attention_file" "agent")
+                issue=$(node "$FRONTMATTER_JS" --section "$attention_file" "Issue" 2>/dev/null)
+                [[ -z "$issue" ]] && issue=$(grep -m1 "^##" "$attention_file" 2>/dev/null | sed 's/^## *//' | head -c 200)
+
+                agent="${agent:-Unknown}"
+                issue="${issue:-Needs attention}"
+
+                # Ring bell multiple times for attention
+                printf '\a\a\a'
+
+                # Send urgent notification with toast
+                notify "🔔 $agent needs help: $issue" "urgent"
+
+                echo "$notified_key" >> "$NOTIFIED_FILE"
+            fi
+        fi
+    done
+}
+
+# check_heimdall_escalations INBOX_DIR
+# Scans the lab worker inbox for .escalation signal files written by Heimdall
+# when a worker accumulates too many policy violations (Gjallarhorn sounded).
+# Writes an escalation handoff for lab sentinel to route to human review.
+check_heimdall_escalations() {
+    local inbox_dir="$1"
+
+    [[ -d "$inbox_dir" ]] || return 0
+
+    # shopt -s globstar needed for **; fall back to find for compatibility
+    local escalation_files
+    mapfile -t escalation_files < <(find "$inbox_dir" -name "*.escalation" -type f 2>/dev/null)
+
+    for escalation_file in "${escalation_files[@]}"; do
+        [[ -f "$escalation_file" ]] || continue
+
+        local story_id agent_dir agent handoff_dir
+        story_id=$(basename "$escalation_file" .escalation)
+        agent_dir=$(dirname "$escalation_file")
+        agent=$(basename "$agent_dir")
+
+        # Read escalation JSON for violation details
+        local violations last_reason
+        # SECURITY: Pass file path as argv, not string interpolation, to prevent
+        # code injection via crafted filenames (RT-20260405-001 HIGH-1)
+        violations=$(node -e "try{const d=JSON.parse(require('fs').readFileSync(process.argv[1],'utf8'));console.log(d.violations||'?')}catch(e){console.log('?')}" -- "$escalation_file" 2>/dev/null)
+        last_reason=$(node -e "try{const d=JSON.parse(require('fs').readFileSync(process.argv[1],'utf8'));console.log(d.last_reason||'')}catch(e){console.log('')}" -- "$escalation_file" 2>/dev/null)
+
+        echo "[$(date -Iseconds)] HEIMDALL SOUNDED: $agent/$story_id ($violations violations) -- writing escalation handoff" >> "$LOG_FILE"
+
+        # Write escalation handoff for lab sentinel
+        # Lab sentinel routes escalations to human review on next cycle
+        local handoff_dir="$FORGE_ROOT/_vibe-chain-output/handoffs"
+        if [[ -d "$handoff_dir" ]]; then
+            local handoff_file="$handoff_dir/${story_id}-worker-escalation.md"
+            cat > "$handoff_file" << HANDOFF
+---
+type: worker-escalation
+story: "$story_id"
+from: forge-daemon
+to: human
+created: $(date -Iseconds)
+status: pending
+agent: "$agent"
+violations: $violations
+---
+
+## Heimdall Escalation
+
+Worker \`$agent\` accumulated $violations policy violations on story \`$story_id\`.
+The worker has been halted for this story. Human review required before resubmitting.
+
+## Last Violation
+
+$last_reason
+
+## Audit Log
+
+Full violation history: \`_vibe-chain-output/heimdall-audit.log\`
+
+## Action Required
+
+Review the audit log and decide:
+- Fix the story spec and resubmit
+- Manually complete the work
+- Cancel the story
+HANDOFF
+            echo "[$(date -Iseconds)] Escalation handoff written: $handoff_file" >> "$LOG_FILE"
+        fi
+
+        # Mark escalation as processed so it is not re-processed next cycle
+        mv "$escalation_file" "${escalation_file}.processed" 2>/dev/null || true
+    done
+}

package/bin/lib/daemon/routing.sh

@@ -0,0 +1,93 @@
+#!/usr/bin/env bash
+#
+# bin/lib/daemon/routing.sh
+#
+# Task routing functions - moves tasks between state folders
+#
+# Dependencies: constants.sh, util.sh (log_*), database.sh (db_record_status_history)
+# Globals required: FORGE_ROOT, LOG_FILE, FORGE_DB,
+#                   TASKS_COMPLETED, TASKS_REVIEW, TASKS_APPROVED, TASKS_MERGED
+
+# Prevent double-sourcing
+[[ -n "${_DAEMON_ROUTING_LOADED:-}" ]] && return 0
+_DAEMON_ROUTING_LOADED=1
+
+# Safe file move with symlink protection
+safe_move_task() {
+    local src="$1"
+    local dest_dir="$2"
+
+    # SECURITY: Skip symlinks to prevent symlink attacks
+    if [[ -L "$src" ]]; then
+        echo "[$(date -Iseconds)] WARNING: Skipping symlink: $src" >> "$LOG_FILE"
+        return 1
+    fi
+
+    # SECURITY: Verify source is a regular file
+    if [[ ! -f "$src" ]]; then
+        return 1
+    fi
+
+    # SECURITY: Verify destination is within FORGE_ROOT
+    local real_dest
+    real_dest=$(cd "$dest_dir" 2>/dev/null && pwd)
+    local forge_root_real
+    forge_root_real=$(cd "$FORGE_ROOT" 2>/dev/null && pwd)
+
+    if [[ "$real_dest" != "$forge_root_real"/* ]]; then
+        echo "[$(date -Iseconds)] ERROR: Destination outside FORGE_ROOT: $dest_dir" >> "$LOG_FILE"
+        return 1
+    fi
+
+    local filename
+    filename=$(basename "$src")
+
+    # SECURITY: TOCTOU note - there is a theoretical race between the symlink
+    # check above and this mv. A local attacker with precise timing could swap
+    # the file for a symlink in that window. This risk is accepted because:
+    #   1. Exploiting it requires local filesystem write access (already privileged)
+    #   2. The destination boundary check above limits the blast radius
+    #   3. A fully atomic check+move in bash would require platform-specific tools
+    # Mitigation: the destination is always within FORGE_ROOT (verified above).
+    mv "$src" "$dest_dir/$filename"
+}
+
+route_completed_to_review() {
+    # Move completed tasks to review queue — but ONLY if they have
+    # ready_for_review: true in frontmatter. Tasks that were moved
+    # to completed/ manually (e.g., already reviewed, historical)
+    # should not be re-routed.
+    for task in "$FORGE_ROOT/$TASKS_COMPLETED"/*.md; do
+        if [[ -f "$task" && ! -L "$task" ]]; then
+            # Only route tasks explicitly marked for review
+            local ready_for_review
+            ready_for_review=$(grep -m1 "^ready_for_review:" "$task" 2>/dev/null | cut -d':' -f2 | tr -d " \"'" | head -c 10)
+            [[ "$ready_for_review" == "true" ]] || continue
+
+            local filename task_id assigned_to
+            filename=$(basename "$task")
+            task_id=$(grep -m1 "^id:" "$task" 2>/dev/null | cut -d':' -f2 | tr -d " \"'" | head -c 50)
+            assigned_to=$(grep -m1 "^assigned_to:" "$task" 2>/dev/null | cut -d':' -f2 | tr -d " \"'" | head -c 50)
+            echo "[$(date -Iseconds)] Routing $filename to review" >> "$LOG_FILE"
+            if safe_move_task "$task" "$FORGE_ROOT/$TASKS_REVIEW"; then
+                db_record_status_history "${assigned_to:-unknown}" "review" "${task_id:-$filename}" 2>/dev/null || true
+            fi
+        fi
+    done
+}
+
+route_approved_to_merged() {
+    # Move approved tasks to merged archive
+    for task in "$FORGE_ROOT/$TASKS_APPROVED"/*.md; do
+        if [[ -f "$task" && ! -L "$task" ]]; then
+            local filename task_id assigned_to
+            filename=$(basename "$task")
+            task_id=$(grep -m1 "^id:" "$task" 2>/dev/null | cut -d':' -f2 | tr -d " \"'" | head -c 50)
+            assigned_to=$(grep -m1 "^assigned_to:" "$task" 2>/dev/null | cut -d':' -f2 | tr -d " \"'" | head -c 50)
+            echo "[$(date -Iseconds)] Archiving $filename to merged" >> "$LOG_FILE"
+            if safe_move_task "$task" "$FORGE_ROOT/$TASKS_MERGED"; then
+                db_record_status_history "${assigned_to:-unknown}" "merged" "${task_id:-$filename}" 2>/dev/null || true
+            fi
+        fi
+    done
+}