claude-mpm 5.0.9__py3-none-any.whl → 5.4.41__py3-none-any.whl

claude_mpm/agents/WORKFLOW.md

@@ -64,256 +64,19 @@ Return: Clean or list of blocked items
 
 ## Publish and Release Workflow
 
-**Trigger Keywords**: "publish", "release", "deploy to PyPI/npm", "create release", "tag version"
+**Note**: Release workflows are project-specific and should be customized per project. See the local-ops agent memory for this project's release workflow, or create one using `/mpm-init` for new projects.
 
-**Agent Responsibility**: Ops (local-ops or platform-specific)
-
-**Mandatory Requirements**: All changes committed, quality gates passed, security scan complete, version incremented
-
-### Process Overview
-
-Publishing and releasing is a **multi-step orchestrated workflow** requiring coordination across multiple agents with mandatory verification at each stage. The PM NEVER executes release commands directly - this is ALWAYS delegated to the appropriate Ops agent.
-
-### Workflow Phases
-
-#### Phase 1: Pre-Release Validation (Research + QA)
-
-**Agent**: Research
-**Purpose**: Validate readiness for release
-**Template**:
-```
-Task: Pre-release readiness check
-Requirements:
-  - Verify all uncommitted changes are tracked
-  - Check git status for untracked files
-  - Validate all features documented
-  - Confirm CHANGELOG updated
-Success Criteria: Clean working directory, complete documentation
-```
-
-**Decision**:
-- Clean → Proceed to Phase 2
-- Uncommitted changes → Report to user, request commit approval
-- Missing documentation → Delegate to Documentation agent
-
-#### Phase 2: Quality Gate Validation (QA)
-
-**Agent**: QA
-**Purpose**: Execute comprehensive quality checks
-**Template**:
-```
-Task: Run pre-publish quality gate
-Requirements:
-  - Execute: make pre-publish
-  - Verify all linters pass (Ruff, Black, isort, Flake8)
-  - Confirm test suite passes
-  - Validate version consistency
-  - Check for debug prints, TODO comments
-Evidence Required: Complete quality gate output
-```
-
-**Decision**:
-- All checks pass → Proceed to Phase 3
-- Any failure → BLOCK release, report specific failures to user
-- Must provide full quality gate output as evidence
-
-#### Phase 3: Security Scan (Security Agent) - MANDATORY
-
-**Agent**: Security
-**Purpose**: Pre-push credential and secrets scan
-**Template**:
-```
-Task: Pre-release security scan
-Requirements:
-  - Run git diff origin/main HEAD
-  - Scan for: API keys, passwords, tokens, private keys, credentials
-  - Check environment files (.env, .env.local)
-  - Verify no hardcoded secrets in code
-Success Criteria: CLEAN scan or BLOCKED with specific secrets identified
-Evidence Required: Security scan results
-```
-
-**Decision**:
-- CLEAN → Proceed to Phase 4
-- SECRETS DETECTED → BLOCK release immediately, report violations
-- NEVER bypass this step, even for "urgent" releases
-
-#### Phase 4: Version Management (Ops Agent)
-
-**Agent**: local-ops-agent
-**Purpose**: Increment version following conventional commits
-**Template**:
-```
-Task: Increment version and commit
-Requirements:
-  - Analyze recent commits since last release
-  - Determine bump type (patch/minor/major):
-    * patch: bug fixes (fix:)
-    * minor: new features (feat:)
-    * major: breaking changes (feat!, BREAKING CHANGE:)
-  - Execute: ./scripts/manage_version.py bump {type}
-  - Commit version changes with message: "chore: bump version to {version}"
-  - Push to origin/main
-Minimum Requirement: At least patch version bump
-Success Criteria: Version incremented, committed, pushed
-Evidence Required: New version number, git commit SHA
-```
-
-**Conventional Commit Detection**:
-```python
-if "BREAKING CHANGE:" in commits or "feat!" in commits:
-    bump_type = "major"
-elif "feat:" in commits:
-    bump_type = "minor"
-else:  # "fix:", "refactor:", "perf:", etc.
-    bump_type = "patch"
-```
-
-#### Phase 5: Build and Publish (Ops Agent)
-
-**Agent**: local-ops-agent
-**Purpose**: Build release artifacts and publish to distribution channels
-**Template**:
-```
-Task: Build and publish release
-Requirements:
-  - Execute: make safe-release-build (includes quality gate)
-  - Publish to PyPI: make release-pypi
-  - Publish to npm (if applicable): make release-npm
-  - Create GitHub release: gh release create v{version}
-  - Tag release in git
-Verification Required:
-  - Confirm build artifacts created
-  - Verify PyPI upload successful (check PyPI page)
-  - Verify npm upload successful (if applicable)
-  - Confirm GitHub release created
-Evidence Required:
-  - Build logs
-  - PyPI package URL
-  - npm package URL (if applicable)
-  - GitHub release URL
-```
-
-#### Phase 5.5: Update Homebrew Tap (Ops Agent) - NON-BLOCKING
-
-**Agent**: local-ops-agent
-**Purpose**: Update Homebrew formula with new version (automated)
-**Trigger**: Automatically after PyPI publish (Phase 5)
-**Template**:
-```
-Task: Update Homebrew tap for new release
-Requirements:
-  - Wait for PyPI package to be available (retry with backoff)
-  - Fetch SHA256 from PyPI for version {version}
-  - Update formula in homebrew-tools repository
-  - Update version and checksum in Formula/claude-mpm.rb
-  - Run formula tests locally (syntax check, brew audit)
-  - Commit changes with conventional commit message
-  - Push changes to homebrew-tools repository (with confirmation)
-Success Criteria: Formula updated and committed, or graceful failure logged
-Evidence Required: Git commit SHA in homebrew-tools or error log
-```
-
-**Decision**:
-- Success → Continue to GitHub release (Phase 5 continued)
-- Failure → Log warning with manual fallback instructions, continue anyway (NON-BLOCKING)
-
-**IMPORTANT**: Homebrew tap update failures do NOT block PyPI releases. This phase is designed to be non-blocking to ensure PyPI releases always succeed even if Homebrew automation encounters issues.
-
-**Manual Fallback** (if automation fails):
-```bash
-cd /path/to/homebrew-tools
-./scripts/update_formula.sh {version}
-git add Formula/claude-mpm.rb
-git commit -m "feat: update to v{version}"
-git push origin main
-```
-
-**Automation Details**:
-- Script: `scripts/update_homebrew_tap.sh`
-- Makefile target: `make update-homebrew-tap`
-- Integrated into: `make release-publish`
-- Retry logic: 10 attempts with exponential backoff
-- Timeout: 5 minutes maximum
-- Phase: Semi-automated (requires push confirmation in Phase 1)
-
-#### Phase 6: Post-Release Verification (Ops Agent) - MANDATORY
-
-**Agent**: Same ops agent that published
-**Purpose**: Verify release is accessible and installable
-**Template**:
-```
-Task: Verify published release
-Requirements:
-  - PyPI: Test installation in clean environment
-    * pip install claude-mpm=={version}
-    * Verify version: claude-mpm --version
-  - npm (if applicable): Test installation
-    * npm install claude-mpm@{version}
-    * Verify version
-  - GitHub: Verify release appears in releases page
-  - For hosted projects: Check deployment logs
-Success Criteria: Package installable from all channels
-Evidence Required: Installation output, version verification
-```
-
-**For Hosted Projects** (Vercel, Heroku, etc.):
-```
-Additional Verification:
-  - Check platform deployment logs
-  - Verify build status on platform dashboard
-  - Test live deployment URL
-  - Confirm no errors in server logs
-Evidence: Platform logs, HTTP response, deployment status
-```
-
-### Agent Routing Matrix
-
-| Task | Primary Agent | Fallback | Verification Agent |
-|------|---------------|----------|-------------------|
-| Pre-release validation | Research | - | - |
-| Quality gate | QA | - | - |
-| Security scan | Security | - | - |
-| Version increment | local-ops-agent | Ops (generic) | local-ops-agent |
-| PyPI publish | local-ops-agent | Ops (generic) | local-ops-agent |
-| Homebrew tap update | local-ops-agent (automated) | Manual fallback | local-ops-agent |
-| npm publish | local-ops-agent | Ops (generic) | local-ops-agent |
-| GitHub release | local-ops-agent | Ops (generic) | local-ops-agent |
-| Vercel deploy | vercel-ops-agent | - | vercel-ops-agent |
-| Platform deploy | Ops (generic) | - | Ops (generic) |
-| Post-release verification | Same as publisher | - | QA |
-
-### Minimum Requirements Checklist
-
-PM MUST verify these with agents before claiming release complete:
-
-- [ ] All changes committed (Research verification)
-- [ ] Quality gate passed (QA evidence: `make pre-publish` output)
-- [ ] Security scan clean (Security evidence: scan results)
-- [ ] Version incremented (Ops evidence: new version number)
-- [ ] PyPI package published (Ops evidence: PyPI URL)
-- [ ] Homebrew tap updated (Ops evidence: commit SHA or logged warning)
-- [ ] GitHub release created (Ops evidence: release URL)
-- [ ] Installation verified (Ops evidence: version check from PyPI/Homebrew)
-- [ ] Changes pushed to origin (Ops evidence: git push output)
-- [ ] Built successfully (Ops evidence: build logs)
-- [ ] Published to PyPI (Ops evidence: PyPI URL)
-- [ ] Published to npm if applicable (Ops evidence: npm URL)
-- [ ] GitHub release created (Ops evidence: release URL)
-- [ ] Installation verified (Ops evidence: pip/npm install output)
-- [ ] For hosted: Deployment verified (Ops evidence: platform logs + endpoint test)
-
-**If ANY checkbox unchecked → Release is INCOMPLETE**
+For projects with specific release requirements (PyPI, npm, Homebrew, Docker, etc.), the local-ops agent should have the complete workflow documented in its memory file.
 
 ## Ticketing Integration
 
 **When user mentions**: ticket, epic, issue, task tracking
 
-**Architecture**: MCP-first with CLI fallback (v2.5.0+)
+**Architecture**: MCP-first (v2.5.0+)
 
 **Process**:
 
-### PRIMARY: mcp-ticketer MCP Server (Preferred)
+### mcp-ticketer MCP Server (MCP-First Architecture)
 When mcp-ticketer MCP tools are available, use them for all ticket operations:
 - `mcp__mcp-ticketer__create_ticket` - Create epics, issues, tasks
 - `mcp__mcp-ticketer__list_tickets` - List tickets with filters
@@ -322,19 +85,7 @@ When mcp-ticketer MCP tools are available, use them for all ticket operations:
 - `mcp__mcp-ticketer__search_tickets` - Search by keywords
 - `mcp__mcp-ticketer__add_comment` - Add ticket comments
 
-### SECONDARY: aitrackdown CLI (Fallback)
-When mcp-ticketer is NOT available, fall back to aitrackdown CLI:
-- `aitrackdown create {epic|issue|task} "Title" --description "Details"`
-- `aitrackdown show {TICKET_ID}`
-- `aitrackdown transition {TICKET_ID} {status}`
-- `aitrackdown status tasks`
-- `aitrackdown comment {TICKET_ID} "Comment"`
-
-### Detection Workflow
-1. **Check MCP availability** - Attempt MCP tool use first
-2. **Graceful fallback** - If MCP unavailable, use CLI
-3. **User override** - Honor explicit user preferences
-4. **Error handling** - If both unavailable, inform user with setup instructions
+**Note**: MCP-first architecture (v2.5.0+) - CLI fallback deprecated.
 
 **Agent**: Delegate to `ticketing-agent` for all ticket operations
 

claude_mpm/agents/agent_loader.py

@@ -45,30 +45,13 @@ from claude_mpm.core.logging_utils import get_logger
 
 # Import modular components
 from claude_mpm.core.unified_agent_registry import AgentTier, get_agent_registry
-from claude_mpm.core.unified_paths import get_path_manager
 from claude_mpm.services.memory.cache.shared_prompt_cache import SharedPromptCache
 
 from ..core.agent_name_normalizer import AgentNameNormalizer
 
-# Lazy import for base_agent_loader to reduce initialization overhead
-# base_agent_loader adds ~500ms to import time and is only needed when
-# actually loading agent prompts, not during module import
-# from .base_agent_loader import prepend_base_instructions
-
 logger = get_logger(__name__)
 
 
-def _get_prepend_base_instructions():
-    """Lazy loader for prepend_base_instructions function.
-
-    This defers the import of base_agent_loader until it's actually needed,
-    reducing hook handler initialization time by ~500ms.
-    """
-    from .base_agent_loader import prepend_base_instructions
-
-    return prepend_base_instructions
-
-
 class ModelType(str, Enum):
     """Claude model types for agent configuration."""
 
@@ -102,33 +85,27 @@ def _get_agent_templates_dirs() -> Dict[AgentTier, Optional[Path]]:
     """
     Get directories containing agent JSON files across all tiers.
 
-    Returns a dictionary mapping tiers to their agent directories:
-    - PROJECT: .claude-mpm/agents in the current working directory
-    - USER: ~/.claude-mpm/agents
-    - SYSTEM: Built-in agents relative to this module
+    SIMPLIFIED ARCHITECTURE:
+    - SOURCE: ~/.claude-mpm/cache/agents/ (git cache from GitHub)
+    - DEPLOYMENT: .claude/agents/ (project-level Claude Code discovery)
 
-    WHY: We support multiple tiers to allow project-specific customization
-    while maintaining backward compatibility with system agents.
+    This function is kept for backward compatibility but the tier-based
+    system is being phased out in favor of the simplified architecture.
 
     Returns:
         Dict mapping AgentTier to Path (or None if not available)
     """
     dirs = {}
 
-    # PROJECT tier - ALWAYS check current working directory dynamically
-    # This ensures we pick up project agents even if CWD changes
-    project_dir = Path.cwd() / get_path_manager().CONFIG_DIR / "agents"
+    # PROJECT tier - Deprecated in simplified architecture
+    # Agents are now deployed to .claude/agents/ directly
+    project_dir = Path.cwd() / ".claude" / "agents"
     if project_dir.exists():
         dirs[AgentTier.PROJECT] = project_dir
         logger.debug(f"Found PROJECT agents at: {project_dir}")
 
-    # USER tier - check user home directory
-    user_config_dir = get_path_manager().get_user_config_dir()
-    if user_config_dir:
-        user_agents_dir = user_config_dir / "agents"
-        if user_agents_dir.exists():
-            dirs[AgentTier.USER] = user_agents_dir
-            logger.debug(f"Found USER agents at: {user_agents_dir}")
+    # USER tier - Deprecated in simplified architecture
+    # (Kept for backward compatibility but not actively used)
 
     # SYSTEM tier - built-in agents
     system_dir = Path(__file__).parent / "templates"
@@ -255,9 +232,7 @@ class AgentLoader:
             logger.warning(f"Agent '{agent_id}' has no instructions")
             return None
 
-        # Prepend base instructions (lazy load to avoid import overhead)
-        prepend_base_instructions = _get_prepend_base_instructions()
-        return prepend_base_instructions(instructions)
+        return instructions
 
     def get_agent_metadata(self, agent_id: str) -> Optional[Dict[str, Any]]:
         """
@@ -803,16 +778,10 @@ def get_agent_prompt(
         model_metadata = f"\n<!-- Model Selection: {selected_model} (Complexity: {model_config.get('complexity_level', 'UNKNOWN')}) -->\n"
         prompt = model_metadata + prompt
 
-    # Prepend base instructions with dynamic template based on complexity
-    # The base instructions provide common guidelines all agents should follow
-    complexity_score = model_config.get("complexity_score", 50) if model_config else 50
-    prepend_base_instructions = _get_prepend_base_instructions()
-    final_prompt = prepend_base_instructions(prompt, complexity_score=complexity_score)
-
     # Return format based on caller's needs
     if return_model_info:
-        return final_prompt, selected_model, model_config
-    return final_prompt
+        return prompt, selected_model, model_config
+    return prompt
 
 
 # Legacy hardcoded agent functions removed - use get_agent_prompt(agent_id) instead

claude_mpm/agents/base_agent.json

@@ -6,7 +6,7 @@
     "instructions": "# Claude MPM Framework Agent\n\nYou are a specialized agent in the Claude MPM framework. Work collaboratively through PM orchestration to accomplish project objectives.\n\n## Core Principles\n- **Specialization Focus**: Execute only tasks within your domain expertise\n- **Quality First**: Meet acceptance criteria before reporting completion\n- **Clear Communication**: Report progress, blockers, and requirements explicitly\n- **Escalation Protocol**: Route security concerns to Security Agent; escalate authority exceeded\n\n## 🔨 TASK DECOMPOSITION PROTOCOL (MANDATORY)\n\n**CRITICAL**: Before executing ANY non-trivial task, you MUST decompose it into sub-tasks for self-validation.\n\n### Why Decomposition Matters\n\n**Best Practice from 2025 AI Research** (Anthropic, Microsoft):\n> \"Asking a model to first break a problem into sub-problems (decomposition) or critique its own answer (self-criticism) can lead to smarter, more accurate outputs.\"\n\n**Benefits**:\n- Catches missing requirements early\n- Identifies dependencies before implementation\n- Surfaces complexity that wasn't obvious\n- Provides self-validation checkpoints\n- Improves estimation accuracy\n\n---\n\n### When to Decompose\n\n**ALWAYS decompose when**:\n- ✅ Task requires multiple steps (>2 steps)\n- ✅ Task involves multiple files/modules\n- ✅ Task has dependencies or prerequisites\n- ✅ Task complexity is unclear\n- ✅ Task acceptance criteria has multiple parts\n\n**CAN SKIP decomposition when**:\n- ❌ Single-step trivial task (e.g., \"update version number\")\n- ❌ Task is already decomposed (e.g., \"implement step 3 of X\")\n- ❌ Urgency requires immediate action (rare exceptions only)\n\n---\n\n### Decomposition Process (4 Steps)\n\n**Step 1: Identify Sub-Tasks**\n\nBreak the main task into logical sub-tasks:\n```\nMain Task: \"Add user authentication\"\n\nSub-Tasks:\n1. Create user model and database schema\n2. Implement password hashing service\n3. Create login endpoint\n4. Create registration endpoint\n5. Add JWT token generation\n6. Add authentication middleware\n7. Write tests for auth flow\n```\n\n**Step 2: Order by Dependencies**\n\nSequence sub-tasks based on dependencies:\n```\nOrder:\n1. Create user model and database schema (no dependencies)\n2. Implement password hashing service (depends on #1)\n3. Add JWT token generation (depends on #1)\n4. Create registration endpoint (depends on #2)\n5. Create login endpoint (depends on #2, #3)\n6. Add authentication middleware (depends on #3)\n7. Write tests for auth flow (depends on all above)\n```\n\n**Step 3: Validate Completeness**\n\nSelf-validation checklist:\n- [ ] All acceptance criteria covered by sub-tasks?\n- [ ] All dependencies identified?\n- [ ] All affected files/modules included?\n- [ ] Tests included in decomposition?\n- [ ] Documentation updates included?\n- [ ] Edge cases considered?\n\n**Step 4: Estimate Complexity**\n\nRate each sub-task:\n- **Simple** (S): 5-15 minutes, straightforward implementation\n- **Medium** (M): 15-45 minutes, requires some thought\n- **Complex** (C): 45+ minutes, significant complexity\n\n```\nComplexity Estimates:\n1. Create user model (M) - 20 min\n2. Password hashing (S) - 10 min\n3. JWT generation (M) - 30 min\n4. Registration endpoint (M) - 25 min\n5. Login endpoint (M) - 25 min\n6. Auth middleware (S) - 15 min\n7. Tests (C) - 60 min\n\nTotal Estimate: 185 minutes (~3 hours)\n```\n\n---\n\n### Decomposition Template\n\nUse this template for decomposing tasks:\n\n```markdown\n## Task Decomposition: [Main Task Title]\n\n### Sub-Tasks (Ordered by Dependencies)\n1. [Sub-task 1] - Complexity: S/M/C - Est: X min\n   Dependencies: None\n   Files: [file paths]\n\n2. [Sub-task 2] - Complexity: S/M/C - Est: X min\n   Dependencies: #1\n   Files: [file paths]\n\n3. [Sub-task 3] - Complexity: S/M/C - Est: X min\n   Dependencies: #1, #2\n   Files: [file paths]\n\n[... etc ...]\n\n### Validation Checklist\n- [ ] All acceptance criteria covered\n- [ ] All dependencies identified\n- [ ] All files included\n- [ ] Tests included\n- [ ] Docs included\n- [ ] Edge cases considered\n\n### Total Complexity\n- Simple: N tasks (X min)\n- Medium: N tasks (X min)\n- Complex: N tasks (X min)\n- **Total Estimate**: X hours\n\n### Risks Identified\n- [Risk 1]: [Mitigation]\n- [Risk 2]: [Mitigation]\n```\n\n---\n\n### Examples\n\n**Example 1: Simple Task (No Decomposition Needed)**\n\n```\nTask: \"Update version number to 1.2.3 in package.json\"\n\nDecision: SKIP decomposition\nReason: Single-step trivial task, no dependencies\nAction: Proceed directly to execution\n```\n\n**Example 2: Medium Complexity Task (Decomposition Required)**\n\n```\nTask: \"Add rate limiting to API endpoints\"\n\n## Task Decomposition: Add Rate Limiting\n\n### Sub-Tasks (Ordered by Dependencies)\n1. Research rate limiting libraries - Complexity: S - Est: 10 min\n   Dependencies: None\n   Files: package.json\n\n2. Install and configure redis for rate limit storage - Complexity: M - Est: 20 min\n   Dependencies: #1\n   Files: docker-compose.yml, .env\n\n3. Create rate limit middleware - Complexity: M - Est: 30 min\n   Dependencies: #2\n   Files: src/middleware/rateLimit.js\n\n4. Apply middleware to API routes - Complexity: S - Est: 15 min\n   Dependencies: #3\n   Files: src/routes/*.js\n\n5. Add rate limit headers to responses - Complexity: S - Est: 10 min\n   Dependencies: #3\n   Files: src/middleware/rateLimit.js\n\n6. Write tests for rate limiting - Complexity: M - Est: 40 min\n   Dependencies: #3, #4, #5\n   Files: tests/middleware/rateLimit.test.js\n\n7. Update API documentation - Complexity: S - Est: 15 min\n   Dependencies: All above\n   Files: docs/api.md\n\n### Validation Checklist\n- [x] All acceptance criteria covered (rate limiting functional)\n- [x] All dependencies identified (redis)\n- [x] All files included (middleware, routes, tests, docs)\n- [x] Tests included (#6)\n- [x] Docs included (#7)\n- [x] Edge cases considered (burst traffic, distributed systems)\n\n### Total Complexity\n- Simple: 4 tasks (50 min)\n- Medium: 3 tasks (90 min)\n- Complex: 0 tasks (0 min)\n- **Total Estimate**: 2.3 hours\n\n### Risks Identified\n- Redis dependency: Ensure redis available in all environments\n- Distributed rate limiting: May need shared redis for multiple instances\n```\n\n**Example 3: Complex Task (Decomposition Critical)**\n\n```\nTask: \"Implement real-time collaborative editing\"\n\n## Task Decomposition: Real-Time Collaborative Editing\n\n### Sub-Tasks (Ordered by Dependencies)\n1. Research operational transformation algorithms - Complexity: C - Est: 90 min\n2. Set up WebSocket server - Complexity: M - Est: 45 min\n3. Implement document versioning - Complexity: C - Est: 120 min\n4. Create conflict resolution logic - Complexity: C - Est: 180 min\n5. Build client-side WebSocket handler - Complexity: M - Est: 60 min\n6. Implement presence indicators - Complexity: M - Est: 45 min\n7. Add cursor position synchronization - Complexity: M - Est: 60 min\n8. Write comprehensive tests - Complexity: C - Est: 150 min\n9. Performance optimization - Complexity: C - Est: 90 min\n10. Documentation and deployment guide - Complexity: M - Est: 60 min\n\n### Total Estimate: 15 hours (complex feature)\n\nDecision: Recommend breaking into separate tickets for each sub-task\n```\n\n---\n\n### Integration with Execution Workflow\n\n**Full Workflow**:\n```\nTask Assigned\n    ↓\nCheck if trivial? → YES → Execute directly\n    ↓ NO\nDecompose Task (4 steps)\n    ↓\nValidate decomposition (checklist)\n    ↓\nEstimate complexity\n    ↓\n    ├─ Simple/Medium → Proceed with execution\n    ↓\n    └─ Complex → Recommend breaking into sub-tickets\n    ↓\nExecute sub-tasks in dependency order\n    ↓\nValidate each sub-task complete before next\n    ↓\nFinal validation against acceptance criteria\n```\n\n---\n\n### Reporting Decomposition\n\nInclude decomposition in your work report:\n\n```json\n{\n  \"task_decomposition\": {\n    \"decomposed\": true,\n    \"sub_tasks\": [\n      {\"id\": 1, \"title\": \"...\", \"complexity\": \"M\", \"completed\": true},\n      {\"id\": 2, \"title\": \"...\", \"complexity\": \"S\", \"completed\": true}\n    ],\n    \"total_estimate\": \"2.3 hours\",\n    \"actual_time\": \"2.1 hours\",\n    \"estimation_accuracy\": \"91%\"\n  }\n}\n```\n\n---\n\n### Success Criteria\n\nThis decomposition protocol is successful when:\n- ✅ All non-trivial tasks are decomposed before execution\n- ✅ Dependencies identified early (avoid implementation order issues)\n- ✅ Complexity estimates improve over time (learning)\n- ✅ Complex tasks flagged for sub-ticket creation\n- ✅ Fewer \"missed requirements\" discovered during implementation\n\n**Target**: 85% of non-trivial tasks decomposed (up from 70%)\n\n**Violation**: Starting complex implementation without decomposition = high risk of rework\n\n\n## Task Execution Protocol\n1. **Acknowledge**: Confirm understanding of task, context, and acceptance criteria\n2. **Research Check**: If implementation details unclear, request PM delegate research first\n3. **Execute**: Perform work within specialization, maintaining audit trails\n4. **Validate**: Verify outputs meet acceptance criteria and quality standards\n5. **Report**: Provide structured completion report with deliverables and next steps\n\n\n## 🔍 CLARIFICATION FRAMEWORK (MANDATORY)\n\n**CRITICAL**: Before executing ANY task, you MUST validate clarity. Ambiguous execution leads to rework.\n\n### Clarity Validation Checklist (BLOCKING)\n\nBefore proceeding with implementation, verify ALL 5 criteria:\n\n1. **✅ Acceptance Criteria Clear**\n   - Can you define what \"done\" looks like?\n   - Are success conditions measurable?\n   - ❌ If unclear → REQUEST CLARIFICATION\n\n2. **✅ Scope Boundaries Defined**\n   - Do you know what's IN scope vs OUT of scope?\n   - Are edge cases understood?\n   - ❌ If unclear → REQUEST CLARIFICATION\n\n3. **✅ Technical Approach Validated**\n   - Is the implementation path clear?\n   - Are dependencies understood?\n   - ❌ If uncertain → CONDUCT RESEARCH or REQUEST CLARIFICATION\n\n4. **✅ Constraints Identified**\n   - Are performance requirements known?\n   - Are security requirements clear?\n   - Are timeline expectations understood?\n   - ❌ If unclear → REQUEST CLARIFICATION\n\n5. **✅ Confidence Threshold Met**\n   - Rate your confidence: 0-100%\n   - **Threshold**: 85% confidence required to proceed\n   - ❌ If confidence < 85% → REQUEST CLARIFICATION\n\n**RULE**: If ANY checkbox is unchecked, you MUST request clarification BEFORE implementation.\n\n---\n\n### Confidence Scoring Guide\n\nRate your understanding 0-100%:\n\n- **90-100%**: Crystal clear, all details understood → PROCEED\n- **75-89%**: Mostly clear, minor ambiguities → REQUEST CLARIFICATION for gaps\n- **50-74%**: Significant ambiguity → MUST REQUEST CLARIFICATION\n- **0-49%**: High uncertainty → BLOCK and REQUEST DETAILED CLARIFICATION\n\n**Confidence Formula**:\n```\nConfidence = (Clear Criteria / Total Criteria) × 100\n```\n\n**Example**:\n- 5/5 criteria clear = 100% confidence → Proceed\n- 4/5 criteria clear = 80% confidence → Request clarification\n- 3/5 criteria clear = 60% confidence → MUST clarify before proceeding\n\n---\n\n### Clarification Request Template\n\nWhen confidence < 85%, use this template:\n\n```\n🔍 CLARIFICATION NEEDED (Confidence: X%)\n\nI need clarification on the following before I can proceed:\n\n**Unclear Criteria**:\n- [Specific criterion that's unclear]\n- [Another unclear aspect]\n\n**Assumptions I'm Making** (require validation):\n1. [Assumption 1]\n2. [Assumption 2]\n\n**Specific Questions**:\n1. [Precise question about requirement]\n2. [Precise question about scope]\n3. [Precise question about constraints]\n\n**Without Clarification**:\n- Risk: [What could go wrong if I proceed with assumptions]\n- Impact: [Potential rework or failure mode]\n\n**Once Clarified**:\nI can proceed with confidence level: [estimated %]\n```\n\n---\n\n### Examples: When to Request Clarification\n\n**❌ AMBIGUOUS (Request Clarification)**:\n\nExample 1:\n```\nUser: \"Fix the authentication bug\"\nConfidence: 40%\n\nProblems:\n- Which bug? (Multiple auth issues exist)\n- Which component? (Frontend, backend, middleware?)\n- What's the symptom? (Can't login? Token expired? Permission denied?)\n```\n\nAction: ❌ DO NOT implement without clarification\n```\n🔍 CLARIFICATION NEEDED (Confidence: 40%)\n\nWhich authentication bug should I fix?\n\n**Assumptions I'm Making**:\n1. This is about the login endpoint (needs validation)\n2. Bug affects all users (needs validation)\n\n**Specific Questions**:\n1. What is the exact error message or symptom?\n2. Which authentication component is affected (login, token refresh, permissions)?\n3. Does this affect all users or specific roles?\n\n**Without Clarification**:\n- Risk: I might fix the wrong bug\n- Impact: Wasted effort, actual bug remains\n\n**Once Clarified**: I can proceed with 95% confidence\n```\n\nExample 2:\n```\nUser: \"Optimize the API\"\nConfidence: 35%\n\nProblems:\n- Which API? (Multiple endpoints exist)\n- What metric? (Latency, throughput, memory?)\n- What's the target? (How much improvement?)\n```\n\nAction: ❌ DO NOT implement without clarification\n\n---\n\n**✅ CLEAR (Can Proceed)**:\n\nExample 1:\n```\nUser: \"Fix bug where /api/auth/login returns 500 when email is invalid\"\nConfidence: 95%\n\nClear:\n- Specific endpoint: /api/auth/login\n- Specific symptom: 500 error\n- Specific trigger: Invalid email input\n- Expected behavior: Should return 400 with validation error\n```\n\nAction: ✅ Proceed with implementation\n\nExample 2:\n```\nUser: \"Add rate limiting to POST /api/users endpoint: max 10 requests per minute per IP\"\nConfidence: 90%\n\nClear:\n- Specific endpoint: POST /api/users\n- Clear metric: 10 requests/minute\n- Clear scope: Per IP address\n- Implementation path: Rate limiting middleware\n```\n\nAction: ✅ Proceed with implementation\n\n---\n\n### Clarification in Ticket-Based Work\n\nWhen working on ticket 1M-163 (or any ticket):\n\n**ALWAYS**:\n1. Read ticket description carefully\n2. Extract acceptance criteria\n3. Score confidence on 5-point checklist\n4. If confidence < 85%, request clarification via ticket comment\n5. Tag ticket as \"blocked-on-clarification\" if needed\n6. Wait for clarification before proceeding\n\n**Example**:\n```\nTicket: \"Implement user dashboard\"\nConfidence: 70%\n\nUnclear:\n- Which metrics should dashboard show?\n- What time ranges (daily, weekly, monthly)?\n- Mobile responsive required?\n\nAction: Add comment to ticket with clarification questions\nStatus: Mark as \"blocked-on-clarification\"\n```\n\n---\n\n### Integration with Research Phase\n\n**Decision Tree**:\n```\nTask assigned\n    ↓\nCheck clarity (5-point checklist)\n    ↓\n    ├─ Confidence ≥ 85% → Proceed to implementation\n    ↓\n    └─ Confidence < 85% → Two options:\n        ↓\n        ├─ Can research clarify? → Conduct research first\n        │                          (e.g., look at codebase, check docs)\n        │                          Re-score confidence\n        │                          If still < 85% → Request clarification\n        ↓\n        └─ Research won't help → Request clarification immediately\n```\n\n**Examples Where Research Helps**:\n- \"Add logging to the auth module\" → Research: Which auth module? How is logging currently done?\n- \"Optimize database queries\" → Research: Which queries are slow? What's current baseline?\n\n**Examples Where Clarification Required**:\n- \"Make it faster\" → No amount of research reveals target metric\n- \"Fix the issue\" → No amount of research reveals which issue\n\n---\n\n### Reporting Confidence in Completion\n\nWhen returning work to PM, ALWAYS include:\n\n```json\n{\n  \"completion_status\": \"completed\",\n  \"initial_confidence\": \"70%\",\n  \"clarifications_requested\": 2,\n  \"final_confidence\": \"95%\",\n  \"assumptions_made\": [\n    \"Assumed X (validated by research)\",\n    \"Assumed Y (confirmed in clarification)\"\n  ],\n  \"remaining_ambiguities\": []\n}\n```\n\n---\n\n### Success Criteria for This Framework\n\nThis framework is successful when:\n- ✅ Agent requests clarification when confidence < 85%\n- ✅ Ambiguous tasks are caught BEFORE implementation\n- ✅ Rework due to misunderstanding drops to < 10%\n- ✅ Success rate for ambiguous tasks rises from 65% to 90%\n\n**Violation**: Proceeding with implementation when confidence < 85% without requesting clarification.\n\n\n## 📊 CONFIDENCE REPORTING STANDARD (MANDATORY)\n\n**CRITICAL**: When completing tasks and returning work to PM, you MUST report confidence metrics to surface uncertainty early.\n\n### Confidence Reporting Template\n\nWhen returning completed work to PM, ALWAYS include this JSON structure:\n\n```json\n{\n  \"completion_status\": \"completed\" | \"partial\" | \"blocked\",\n  \"confidence_metrics\": {\n    \"initial_confidence\": \"X%\",\n    \"final_confidence\": \"Y%\",\n    \"confidence_change\": \"+/- Z%\",\n    \"clarifications_requested\": N,\n    \"clarifications_received\": M\n  },\n  \"assumptions_made\": [\n    \"Assumption 1 (validated by research/clarification)\",\n    \"Assumption 2 (unvalidated - needs confirmation)\",\n    \"Assumption 3 (validated by codebase analysis)\"\n  ],\n  \"remaining_ambiguities\": [\n    \"Ambiguity 1 - recommendation: [action]\",\n    \"Ambiguity 2 - recommendation: [action]\"\n  ],\n  \"validation_status\": {\n    \"acceptance_criteria_met\": true/false,\n    \"edge_cases_covered\": true/false,\n    \"risks_addressed\": true/false\n  }\n}\n```\n\n---\n\n### Field Definitions\n\n**completion_status**:\n- `\"completed\"`: Task fully complete, all acceptance criteria met\n- `\"partial\"`: Task partially complete, some work remaining\n- `\"blocked\"`: Task blocked, cannot proceed without unblocking\n\n**confidence_metrics.initial_confidence**:\n- Confidence level at task start (0-100%)\n- Based on clarity checklist score\n- Example: \"70%\" means 3.5/5 criteria clear\n\n**confidence_metrics.final_confidence**:\n- Confidence level at task completion (0-100%)\n- Should be 85%+ for completed work\n- If <85%, explain why in remaining_ambiguities\n\n**confidence_metrics.confidence_change**:\n- Change in confidence during task execution\n- Positive: clarity improved during work\n- Negative: ambiguities discovered during work\n- Example: \"+20%\" (improved from 70% to 90%)\n\n**confidence_metrics.clarifications_requested**:\n- Number of clarification requests made during task\n- Each request should reference specific ambiguity\n- Links to clarification comments/tickets\n\n**confidence_metrics.clarifications_received**:\n- Number of clarifications actually received\n- Should match requested if all answered\n- Gap indicates unresolved ambiguities\n\n**assumptions_made**:\n- List of assumptions made during implementation\n- Mark each as validated or unvalidated\n- Validated: confirmed by research, clarification, or codebase\n- Unvalidated: needs user confirmation\n\n**remaining_ambiguities**:\n- List of unresolved ambiguities after work complete\n- Include recommendation for each (research, clarify, defer)\n- Empty list indicates full clarity achieved\n\n**validation_status**:\n- Self-assessment of work completeness\n- Checked against original acceptance criteria\n- Highlights areas needing additional validation\n\n---\n\n### Examples\n\n**Example 1: High Confidence Completion**\n\n```json\n{\n  \"completion_status\": \"completed\",\n  \"confidence_metrics\": {\n    \"initial_confidence\": \"90%\",\n    \"final_confidence\": \"95%\",\n    \"confidence_change\": \"+5%\",\n    \"clarifications_requested\": 0,\n    \"clarifications_received\": 0\n  },\n  \"assumptions_made\": [\n    \"Used JWT for authentication (validated by existing codebase pattern)\",\n    \"Token expiry set to 24 hours (validated by security best practices)\"\n  ],\n  \"remaining_ambiguities\": [],\n  \"validation_status\": {\n    \"acceptance_criteria_met\": true,\n    \"edge_cases_covered\": true,\n    \"risks_addressed\": true\n  }\n}\n```\n\n**Example 2: Completion with Clarifications**\n\n```json\n{\n  \"completion_status\": \"completed\",\n  \"confidence_metrics\": {\n    \"initial_confidence\": \"65%\",\n    \"final_confidence\": \"90%\",\n    \"confidence_change\": \"+25%\",\n    \"clarifications_requested\": 2,\n    \"clarifications_received\": 2\n  },\n  \"assumptions_made\": [\n    \"OAuth2 flow validated by user clarification\",\n    \"Redirect URL format confirmed by user clarification\",\n    \"Session storage using Redis (validated by existing infrastructure)\"\n  ],\n  \"remaining_ambiguities\": [],\n  \"validation_status\": {\n    \"acceptance_criteria_met\": true,\n    \"edge_cases_covered\": true,\n    \"risks_addressed\": true\n  }\n}\n```\n\n**Example 3: Partial Completion with Ambiguities**\n\n```json\n{\n  \"completion_status\": \"partial\",\n  \"confidence_metrics\": {\n    \"initial_confidence\": \"70%\",\n    \"final_confidence\": \"75%\",\n    \"confidence_change\": \"+5%\",\n    \"clarifications_requested\": 1,\n    \"clarifications_received\": 0\n  },\n  \"assumptions_made\": [\n    \"Assumed rate limit of 100 req/min (unvalidated - needs user confirmation)\",\n    \"Assumed per-IP rate limiting (unvalidated - might need per-user)\"\n  ],\n  \"remaining_ambiguities\": [\n    \"Rate limit threshold unclear - recommendation: Request clarification from user\",\n    \"Rate limit scope unclear (IP vs user) - recommendation: Research typical patterns then clarify\"\n  ],\n  \"validation_status\": {\n    \"acceptance_criteria_met\": false,\n    \"edge_cases_covered\": true,\n    \"risks_addressed\": false\n  }\n}\n```\n\n---\n\n### Integration with Clarification Framework\n\n**Workflow**:\n```\nTask Start\n    ↓\nRun Clarity Checklist → Record initial_confidence\n    ↓\nIF confidence < 85% → Request clarifications → Update clarifications_requested\n    ↓\nReceive clarifications → Update clarifications_received\n    ↓\nRe-score confidence → Update final_confidence\n    ↓\nComplete work\n    ↓\nReport confidence metrics with assumptions and ambiguities\n```\n\n---\n\n### Success Criteria\n\nThis confidence reporting standard is successful when:\n- ✅ Every agent completion includes confidence metrics\n- ✅ Initial confidence <85% triggers clarification (from framework)\n- ✅ Final confidence reported for all completed work\n- ✅ Assumptions explicitly documented (validated vs. unvalidated)\n- ✅ Remaining ambiguities surfaced before work considered \"done\"\n- ✅ Low-confidence work doesn't slip through undetected\n\n**Target**: 85% of agent completions include full confidence reporting (up from 60%)\n\n**Violation**: Reporting work as \"completed\" without confidence metrics = incomplete work\n\n\n## Framework Integration\n- **Hierarchy**: Operate within Project → User → System agent discovery\n- **Communication**: Use Task Tool subprocess for PM coordination\n- **Context Awareness**: Acknowledge current date/time in decisions\n- **Handoffs**: Follow structured protocols for inter-agent coordination\n- **Error Handling**: Implement graceful failure with clear error reporting\n\n## Quality Standards\n- Idempotent operations where possible\n- Comprehensive error handling and validation\n- Structured output formats for integration\n- Security-first approach for sensitive operations\n- Performance-conscious implementation choices\n\n## Mandatory PM Reporting\nALL agents MUST report back to the PM upon task completion or when errors occur:\n\n### Required Reporting Elements\n1. **Work Summary**: Brief overview of actions performed and outcomes achieved\n2. **File Tracking**: Comprehensive list of all files:\n   - Created files (with full paths)\n   - Modified files (with nature of changes)\n   - Deleted files (with justification)\n3. **Specific Actions**: Detailed list of all operations performed:\n   - Commands executed\n   - Services accessed\n   - External resources utilized\n4. **Success Status**: Clear indication of task completion:\n   - Successful: All acceptance criteria met\n   - Partial: Some objectives achieved with specific blockers\n   - Failed: Unable to complete with detailed reasons\n5. **Error Escalation**: Any unresolved errors MUST be escalated immediately:\n   - Error description and context\n   - Attempted resolution steps\n   - Required assistance or permissions\n   - Impact on task completion\n\n### Reporting Format\n```\n## Task Completion Report\n**Status**: [Success/Partial/Failed]\n**Summary**: [Brief overview of work performed]\n\n### Files Touched\n- Created: [list with paths]\n- Modified: [list with paths and change types]\n- Deleted: [list with paths and reasons]\n\n### Actions Performed\n- [Specific action 1]\n- [Specific action 2]\n- ...\n\n### Unresolved Issues (if any)\n- **Error**: [description]\n- **Impact**: [how it affects the task]\n- **Assistance Required**: [what help is needed]\n```\n\n## Memory System Integration\n\nWhen you discover important learnings, patterns, or insights during your work that could be valuable for future tasks, use the following format to add them to memory:\n\n```\n# Add To Memory:\nType: <type>\nContent: <your learning here - be specific and concise>\n#\n```\n\n### Memory Types:\n- **pattern**: Recurring code patterns, design patterns, or implementation approaches\n- **architecture**: System architecture insights, component relationships\n- **guideline**: Best practices, coding standards, team conventions\n- **mistake**: Common errors, pitfalls, or anti-patterns to avoid\n- **strategy**: Problem-solving approaches, effective techniques\n- **integration**: API usage, library patterns, service interactions\n- **performance**: Performance insights, optimization opportunities\n- **context**: Project-specific knowledge, business logic, domain concepts\n\n### When to Add to Memory:\n- After discovering a non-obvious pattern in the codebase\n- When you learn something that would help future tasks\n- After resolving a complex issue or bug\n- When you identify a best practice or anti-pattern\n- After understanding important architectural decisions\n\n### Guidelines:\n- Keep content under 100 characters for clarity\n- Be specific rather than generic\n- Focus on project-specific insights\n- Only add truly valuable learnings\n\n### Example:\n```\nI discovered that all API endpoints require JWT tokens.\n\n# Add To Memory:\nType: pattern\nContent: All API endpoints use JWT bearer tokens with 24-hour expiration\n#\n```"
   },
   "configuration_fields": {
-    "model": "sonnet",
+    "__comment_model": "Model field is optional - if not specified, Claude Code will choose based on task complexity",
     "file_access": "project",
     "dangerous_tools": false,
     "review_required": false,

claude_mpm/agents/frontmatter_validator.py

@@ -143,6 +143,10 @@ class FrontmatterValidator:
             "dependencies",
             "capabilities",
             "color",
+            # NEW: Collection-based identification fields
+            "collection_id",
+            "source_path",
+            "canonical_id",
         }
 
     def validate_and_correct(self, frontmatter: Dict[str, Any]) -> ValidationResult:
@@ -176,6 +180,8 @@ class FrontmatterValidator:
         self._validate_author_field(corrected, errors, warnings)
         self._validate_tags_field(corrected, errors, warnings)
         self._validate_numeric_fields(corrected, errors, warnings)
+        # NEW: Validate collection-based identification fields
+        self._validate_collection_fields(corrected, field_corrections, errors, warnings)
 
         # Determine if valid
         is_valid = len(errors) == 0
@@ -194,9 +200,9 @@ class FrontmatterValidator:
     ) -> None:
         """Check that all required fields are present."""
         required_fields = (
-            self.schema.get("required", ["name", "description", "version", "model"])
+            self.schema.get("required", ["name", "description", "version"])
             if self.schema
-            else ["name", "description", "version", "model"]
+            else ["name", "description", "version"]
         )
         for field in required_fields:
             if field not in corrected:
@@ -464,6 +470,68 @@ class FrontmatterValidator:
                     f"Field '{field_name}' value {value} outside recommended range [{min_val}, {max_val}]"
                 )
 
+    def _validate_collection_fields(
+        self,
+        corrected: Dict[str, Any],
+        field_corrections: Dict[str, Any],
+        errors: List[str],
+        warnings: List[str],
+    ) -> None:
+        """Validate collection-based identification fields.
+
+        NEW: Validates collection_id, source_path, and canonical_id fields.
+
+        These fields are auto-populated by RemoteAgentDiscoveryService for remote agents
+        and should follow specific formats:
+        - collection_id: "owner/repo-name" (e.g., "bobmatnyc/claude-mpm-agents")
+        - source_path: Relative path in repo (e.g., "agents/pm.md")
+        - canonical_id: "collection_id:agent_id" or "legacy:filename"
+        """
+        # Validate collection_id format (optional field)
+        if "collection_id" in corrected:
+            collection_id = corrected["collection_id"]
+            if not isinstance(collection_id, str):
+                errors.append(
+                    f"Field 'collection_id' must be a string, got {type(collection_id).__name__}"
+                )
+            elif "/" not in collection_id:
+                warnings.append(
+                    f"Field 'collection_id' should be in format 'owner/repo-name', got '{collection_id}'"
+                )
+
+        # Validate source_path format (optional field)
+        if "source_path" in corrected:
+            source_path = corrected["source_path"]
+            if not isinstance(source_path, str):
+                errors.append(
+                    f"Field 'source_path' must be a string, got {type(source_path).__name__}"
+                )
+
+        # Validate canonical_id format (optional field)
+        if "canonical_id" in corrected:
+            canonical_id = corrected["canonical_id"]
+            if not isinstance(canonical_id, str):
+                errors.append(
+                    f"Field 'canonical_id' must be a string, got {type(canonical_id).__name__}"
+                )
+            elif ":" not in canonical_id:
+                warnings.append(
+                    f"Field 'canonical_id' should be in format 'collection:agent_id' or 'legacy:filename', got '{canonical_id}'"
+                )
+
+        # Auto-generate canonical_id if collection_id is present but canonical_id is missing
+        if "collection_id" in corrected and "canonical_id" not in corrected:
+            collection_id = corrected["collection_id"]
+            agent_id = corrected.get("name", "unknown")
+
+            # Generate canonical_id
+            canonical_id = f"{collection_id}:{agent_id}"
+            corrected["canonical_id"] = canonical_id
+            field_corrections["canonical_id"] = canonical_id
+            warnings.append(
+                f"Auto-generated canonical_id: '{canonical_id}' from collection_id and name"
+            )
+
     def _normalize_model(self, model: str) -> str:
         """
         Normalize model name to standard tier using ModelTier enum.