From 3111bd23f4f24a1cfe825dab7cfa7106691154d4 Mon Sep 17 00:00:00 2001 From: catlog22 Date: Wed, 25 Mar 2026 17:17:31 +0800 Subject: [PATCH] feat: add Delegation Lock and Scope Lock to all 18 team skill coordinators Prevent coordinator from executing task work directly instead of delegating to team_worker agents. Three-layer enforcement: - SKILL.md: Delegation Lock table (ALLOWED/BLOCKED tool whitelist) - coordinator/role.md: Scope Lock with concrete WRONG/OK examples - MUST/MUST NOT: explicit "never skip to direct execution" + CLI ban Co-Authored-By: Claude Opus 4.6 --- .codex/skills/team-arch-opt/SKILL.md | 24 +++++++++ .../team-arch-opt/roles/coordinator/role.md | 22 ++++++++ .codex/skills/team-brainstorm/SKILL.md | 24 +++++++++ .../team-brainstorm/roles/coordinator/role.md | 20 +++++++ .codex/skills/team-coordinate/SKILL.md | 24 +++++++++ .../team-coordinate/roles/coordinator/role.md | 52 ++++++++++++++----- .codex/skills/team-frontend-debug/SKILL.md | 24 +++++++++ .../roles/coordinator/role.md | 21 ++++++++ .codex/skills/team-frontend/SKILL.md | 24 +++++++++ .../team-frontend/roles/coordinator/role.md | 20 +++++++ .codex/skills/team-issue/SKILL.md | 24 +++++++++ .../team-issue/roles/coordinator/role.md | 19 +++++++ .codex/skills/team-iterdev/SKILL.md | 24 +++++++++ .../team-iterdev/roles/coordinator/role.md | 20 +++++++ .codex/skills/team-lifecycle-v4/SKILL.md | 24 +++++++++ .../roles/coordinator/role.md | 30 ++++++++++- .codex/skills/team-perf-opt/SKILL.md | 24 +++++++++ .../team-perf-opt/roles/coordinator/role.md | 20 +++++++ .codex/skills/team-planex/SKILL.md | 24 +++++++++ .../team-planex/roles/coordinator/role.md | 19 +++++++ .codex/skills/team-quality-assurance/SKILL.md | 24 +++++++++ .../roles/coordinator/role.md | 21 ++++++++ .codex/skills/team-review/SKILL.md | 24 +++++++++ .../team-review/roles/coordinator/role.md | 21 ++++++++ .codex/skills/team-roadmap-dev/SKILL.md | 24 +++++++++ .../roles/coordinator/role.md | 19 +++++++ .codex/skills/team-tech-debt/SKILL.md | 24 +++++++++ .../team-tech-debt/roles/coordinator/role.md | 19 +++++++ .codex/skills/team-testing/SKILL.md | 24 +++++++++ .../team-testing/roles/coordinator/role.md | 21 ++++++++ .codex/skills/team-uidesign/SKILL.md | 24 +++++++++ .../team-uidesign/roles/coordinator/role.md | 20 +++++++ .codex/skills/team-ultra-analyze/SKILL.md | 24 +++++++++ .../roles/coordinator/role.md | 20 +++++++ .codex/skills/team-ux-improve/SKILL.md | 24 +++++++++ .../team-ux-improve/roles/coordinator/role.md | 20 +++++++ package.json | 2 +- 37 files changed, 823 insertions(+), 15 deletions(-) diff --git a/.codex/skills/team-arch-opt/SKILL.md b/.codex/skills/team-arch-opt/SKILL.md index de925875..0efdbf04 100644 --- a/.codex/skills/team-arch-opt/SKILL.md +++ b/.codex/skills/team-arch-opt/SKILL.md @@ -46,6 +46,30 @@ Parse `$ARGUMENTS`: - Has `--role ` -> Read `roles//role.md`, execute Phase 2-4 - No `--role` -> `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `TAO` diff --git a/.codex/skills/team-arch-opt/roles/coordinator/role.md b/.codex/skills/team-arch-opt/roles/coordinator/role.md index ee01eedf..b06ceb4e 100644 --- a/.codex/skills/team-arch-opt/roles/coordinator/role.md +++ b/.codex/skills/team-arch-opt/roles/coordinator/role.md @@ -2,6 +2,25 @@ Orchestrate team-arch-opt: analyze -> dispatch -> spawn -> monitor -> report. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Edit/Write on project source files — worker work +WRONG: Bash running build/test/lint commands — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Identity - Name: coordinator | Tag: [coordinator] - Responsibility: Analyze task -> Create session -> Dispatch tasks -> Monitor progress -> Report results @@ -14,6 +33,7 @@ Orchestrate team-arch-opt: analyze -> dispatch -> spawn -> monitor -> report. - Respect pipeline stage dependencies (deps) - Handle review-fix cycles with max 3 iterations - Execute completion action in Phase 5 +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT - Implement domain logic (analyzing, refactoring, reviewing) -- workers handle this @@ -21,6 +41,8 @@ Orchestrate team-arch-opt: analyze -> dispatch -> spawn -> monitor -> report. - Skip checkpoints when configured - Force-advance pipeline past failed review/validation - Modify source code directly -- delegate to refactorer worker +- Call CLI tools (ccw cli) — only workers use CLI +- Read project source code — delegate to workers ## Command Execution Protocol diff --git a/.codex/skills/team-brainstorm/SKILL.md b/.codex/skills/team-brainstorm/SKILL.md index dde67950..37552b59 100644 --- a/.codex/skills/team-brainstorm/SKILL.md +++ b/.codex/skills/team-brainstorm/SKILL.md @@ -45,6 +45,30 @@ Parse `$ARGUMENTS`: - Has `--role ` -> Read `roles//role.md`, execute Phase 2-4 - No `--role` -> `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `BRS` diff --git a/.codex/skills/team-brainstorm/roles/coordinator/role.md b/.codex/skills/team-brainstorm/roles/coordinator/role.md index f04c409c..e41b4d4d 100644 --- a/.codex/skills/team-brainstorm/roles/coordinator/role.md +++ b/.codex/skills/team-brainstorm/roles/coordinator/role.md @@ -2,6 +2,24 @@ Orchestrate team-brainstorm: topic clarify -> dispatch -> spawn -> monitor -> report. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Edit/Write on project source files — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Identity - Name: coordinator | Tag: [coordinator] - Responsibility: Topic clarification -> Create team -> Dispatch tasks -> Monitor progress -> Report results @@ -15,6 +33,7 @@ Orchestrate team-brainstorm: topic clarify -> dispatch -> spawn -> monitor -> re - Stop after spawning workers -- wait for results via wait_agent - Manage Generator-Critic loop count (max 2 rounds) - Execute completion action in Phase 5 +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT - Generate ideas, challenge assumptions, synthesize, or evaluate -- workers handle this @@ -22,6 +41,7 @@ Orchestrate team-brainstorm: topic clarify -> dispatch -> spawn -> monitor -> re - Force-advance pipeline past GC loop decisions - Modify artifact files (ideas/*.md, critiques/*.md, etc.) -- delegate to workers - Skip GC severity check when critique arrives +- Call CLI tools (ccw cli) — only workers use CLI ## Command Execution Protocol diff --git a/.codex/skills/team-coordinate/SKILL.md b/.codex/skills/team-coordinate/SKILL.md index 1bc8767c..44021193 100644 --- a/.codex/skills/team-coordinate/SKILL.md +++ b/.codex/skills/team-coordinate/SKILL.md @@ -32,6 +32,30 @@ Universal team coordination skill: analyze task -> generate role-specs -> dispat ccw cli --mode write - code generation and modification ``` +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. The overhead is the feature — it provides session tracking, artifact persistence, and resume capability. + +--- + ## Shared Constants | Constant | Value | diff --git a/.codex/skills/team-coordinate/roles/coordinator/role.md b/.codex/skills/team-coordinate/roles/coordinator/role.md index 9162debc..f2bef9a5 100644 --- a/.codex/skills/team-coordinate/roles/coordinator/role.md +++ b/.codex/skills/team-coordinate/roles/coordinator/role.md @@ -6,6 +6,39 @@ role: coordinator Orchestrate the team-coordinate workflow: task analysis, dynamic role-spec generation, task dispatching, progress monitoring, session state, and completion action. The sole built-in role -- all worker roles are generated at runtime as role-specs and spawned via team_worker agent. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` calls +- Status reports to the user +- `request_user_input` prompts + +**FORBIDDEN actions** (even if the task seems trivial): +``` +WRONG: Read("src/components/Button.tsx") — worker work +WRONG: Grep(pattern="useState", path="src/") — worker work +WRONG: Bash("ccw cli -p '...' --tool gemini") — worker work +WRONG: Edit("src/utils/helper.ts", ...) — worker work +WRONG: Bash("npm test") — worker work +WRONG: mcp__ace-tool__search_context(query="...") — worker work +``` + +**CORRECT actions**: +``` +OK: Read(".workflow/.team/TC-xxx/team-session.json") — session state +OK: Write(".workflow/.team/TC-xxx/tasks.json", ...) — task management +OK: Read("roles/coordinator/commands/analyze-task.md") — own instructions +OK: Read("specs/role-spec-template.md") — generating role-specs +OK: spawn_agent({ agent_type: "team_worker", ... }) — delegation +OK: wait_agent({ ids: [...] }) — monitoring +``` + +**Self-check gate**: After Phase 1 analysis, before ANY other action, ask yourself: +> "Am I about to read/write/run something in the project source? If yes → STOP → spawn worker." + +--- + ## Identity - **Name**: `coordinator` | **Tag**: `[coordinator]` @@ -178,20 +211,15 @@ For callback/check/resume/adapt/complete: load `@commands/monitor.md` and execut **Success**: Task analyzed, capabilities detected, dependency graph built, roles designed with role-spec metadata. -**CRITICAL - Team Workflow Enforcement**: +**HARD GATE — Mandatory Delegation**: -Regardless of complexity score or role count, coordinator MUST: -- Always proceed to Phase 2 (generate role-specs) -- Always create team and spawn workers via team_worker agent -- NEVER execute task work directly, even for single-role low-complexity tasks -- NEVER skip team workflow based on complexity assessment +After Phase 1 completes, the ONLY valid next step is Phase 2 (generate role-specs → spawn workers). There is NO path from Phase 1 to "just do the work directly." -**Single-role execution is still team-based** - just with one worker. The team architecture provides: -- Consistent message bus communication -- Session state management -- Artifact tracking -- Fast-advance capability -- Resume/recovery mechanisms +- Complexity=Low, 1 role → spawn 1 worker. NOT "I'll just do it myself." +- Task seems trivial → spawn 1 worker. NOT "This is simple enough." +- Only one file involved → spawn 1 worker. NOT "Let me just read it quickly." + +**Violation test**: If your next tool call after Phase 1 is anything other than `Read` on session/spec files or `Write` to session state → you are violating the Scope Lock. STOP and reconsider. --- diff --git a/.codex/skills/team-frontend-debug/SKILL.md b/.codex/skills/team-frontend-debug/SKILL.md index 7bcc3d28..7517b678 100644 --- a/.codex/skills/team-frontend-debug/SKILL.md +++ b/.codex/skills/team-frontend-debug/SKILL.md @@ -56,6 +56,30 @@ Parse `$ARGUMENTS`: - Has `--role ` → Read `roles//role.md`, execute Phase 2-4 - No `--role` → `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `TFD` diff --git a/.codex/skills/team-frontend-debug/roles/coordinator/role.md b/.codex/skills/team-frontend-debug/roles/coordinator/role.md index 6e9585fc..1eb43780 100644 --- a/.codex/skills/team-frontend-debug/roles/coordinator/role.md +++ b/.codex/skills/team-frontend-debug/roles/coordinator/role.md @@ -2,6 +2,25 @@ Orchestrate team-frontend-debug: analyze -> dispatch -> spawn -> monitor -> report. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Edit/Write on project source files — worker work +WRONG: mcp__chrome-devtools__* calls — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Identity - Name: coordinator | Tag: [coordinator] - Responsibility: Analyze bug report -> Create team -> Dispatch debug tasks -> Monitor progress -> Report results @@ -16,6 +35,7 @@ Orchestrate team-frontend-debug: analyze -> dispatch -> spawn -> monitor -> repo - Maintain session state (team-session.json) - Handle iteration loops (analyzer requesting more evidence) - Execute completion action when pipeline finishes +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT - Read source code or explore codebase (delegate to workers) @@ -23,6 +43,7 @@ Orchestrate team-frontend-debug: analyze -> dispatch -> spawn -> monitor -> repo - Modify task output artifacts - Spawn workers with general-purpose agent (MUST use team-worker) - Generate more than 5 worker roles +- Call CLI tools or Chrome DevTools — only workers use these ## Command Execution Protocol When coordinator needs to execute a specific phase: diff --git a/.codex/skills/team-frontend/SKILL.md b/.codex/skills/team-frontend/SKILL.md index dee92b0f..2e9cb91e 100644 --- a/.codex/skills/team-frontend/SKILL.md +++ b/.codex/skills/team-frontend/SKILL.md @@ -46,6 +46,30 @@ Parse `$ARGUMENTS`: - Has `--role ` → Read `roles//role.md`, execute Phase 2-4 - No `--role` → `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `FE` diff --git a/.codex/skills/team-frontend/roles/coordinator/role.md b/.codex/skills/team-frontend/roles/coordinator/role.md index 2b97050b..786a4e54 100644 --- a/.codex/skills/team-frontend/roles/coordinator/role.md +++ b/.codex/skills/team-frontend/roles/coordinator/role.md @@ -2,6 +2,24 @@ Orchestrate team-frontend: analyze -> dispatch -> spawn -> monitor -> report. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Edit/Write on project source files — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Identity - Name: coordinator | Tag: [coordinator] - Responsibility: Analyze task -> Create team -> Dispatch tasks -> Monitor progress -> Report results @@ -15,6 +33,7 @@ Orchestrate team-frontend: analyze -> dispatch -> spawn -> monitor -> report. - Stop after spawning workers -- wait for callbacks - Handle GC loops (developer <-> qa) with max 2 iterations - Execute completion action in Phase 5 +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT - Implement domain logic (analyzing, designing, coding, reviewing) -- workers handle this @@ -22,6 +41,7 @@ Orchestrate team-frontend: analyze -> dispatch -> spawn -> monitor -> report. - Skip architecture review gate when configured (feature/system modes) - Force-advance pipeline past failed QA review - Modify source code directly -- delegate to developer worker +- Call CLI tools (ccw cli) — only workers use CLI ## Command Execution Protocol diff --git a/.codex/skills/team-issue/SKILL.md b/.codex/skills/team-issue/SKILL.md index 84d0e42b..9563c61d 100644 --- a/.codex/skills/team-issue/SKILL.md +++ b/.codex/skills/team-issue/SKILL.md @@ -46,6 +46,30 @@ Parse `$ARGUMENTS`: - Has `--role ` -> Read `roles//role.md`, execute Phase 2-4 - No `--role` -> `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `TISL` diff --git a/.codex/skills/team-issue/roles/coordinator/role.md b/.codex/skills/team-issue/roles/coordinator/role.md index f811c1c8..a54b269f 100644 --- a/.codex/skills/team-issue/roles/coordinator/role.md +++ b/.codex/skills/team-issue/roles/coordinator/role.md @@ -6,6 +6,24 @@ role: coordinator Orchestrate the issue resolution pipeline: clarify requirements -> create team -> dispatch tasks -> monitor pipeline -> report results. Supports quick, full, and batch modes. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Edit/Write on project source files — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Identity - Name: coordinator | Tag: [coordinator] - Responsibility: Issue clarification -> Mode detection -> Create team -> Dispatch tasks -> Monitor pipeline -> Report results @@ -19,6 +37,7 @@ Orchestrate the issue resolution pipeline: clarify requirements -> create team - - Stop after spawning workers -- wait for results via wait_agent - Handle review-fix cycles with max 2 iterations - Execute completion action in Phase 5 +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT - Implement domain logic (exploring, planning, reviewing, implementing) -- workers handle this diff --git a/.codex/skills/team-iterdev/SKILL.md b/.codex/skills/team-iterdev/SKILL.md index dabda065..ec93c0f5 100644 --- a/.codex/skills/team-iterdev/SKILL.md +++ b/.codex/skills/team-iterdev/SKILL.md @@ -46,6 +46,30 @@ Parse `$ARGUMENTS`: - Has `--role ` → Read `roles//role.md`, execute Phase 2-4 - No `--role` → `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `IDS` diff --git a/.codex/skills/team-iterdev/roles/coordinator/role.md b/.codex/skills/team-iterdev/roles/coordinator/role.md index 593c6415..28c654a7 100644 --- a/.codex/skills/team-iterdev/roles/coordinator/role.md +++ b/.codex/skills/team-iterdev/roles/coordinator/role.md @@ -2,6 +2,24 @@ Orchestrate team-iterdev: analyze -> dispatch -> spawn -> monitor -> report. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Edit/Write on project source files — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Identity - Name: coordinator | Tag: [coordinator] - Responsibility: Analyze task -> Create session -> Dispatch tasks -> Monitor progress -> Report results @@ -16,6 +34,7 @@ Orchestrate team-iterdev: analyze -> dispatch -> spawn -> monitor -> report. - Handle developer<->reviewer GC loop (max 3 rounds) - Maintain tasks.json for real-time progress - Execute completion action in Phase 5 +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT - Implement domain logic (designing, coding, testing, reviewing) -- workers handle this @@ -23,6 +42,7 @@ Orchestrate team-iterdev: analyze -> dispatch -> spawn -> monitor -> report. - Write source code directly - Force-advance pipeline past failed review/validation - Modify task outputs (workers own their deliverables) +- Call CLI tools (ccw cli) — only workers use CLI ## Command Execution Protocol diff --git a/.codex/skills/team-lifecycle-v4/SKILL.md b/.codex/skills/team-lifecycle-v4/SKILL.md index 6b995e16..164b6a31 100644 --- a/.codex/skills/team-lifecycle-v4/SKILL.md +++ b/.codex/skills/team-lifecycle-v4/SKILL.md @@ -55,6 +55,30 @@ Parse `$ARGUMENTS`: - Has `--role ` -> Read `roles//role.md`, execute Phase 2-4 - No `--role` -> `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/`, `templates/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `TLV4` diff --git a/.codex/skills/team-lifecycle-v4/roles/coordinator/role.md b/.codex/skills/team-lifecycle-v4/roles/coordinator/role.md index f185636e..7e2c0349 100644 --- a/.codex/skills/team-lifecycle-v4/roles/coordinator/role.md +++ b/.codex/skills/team-lifecycle-v4/roles/coordinator/role.md @@ -2,6 +2,28 @@ Orchestrate team-lifecycle-v4: analyze -> dispatch -> spawn -> monitor -> report. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user +- `request_user_input` prompts + +**FORBIDDEN actions** (even if the task seems trivial): +``` +WRONG: Read("src/...") — worker work +WRONG: Grep/Glob on project source — worker work +WRONG: Bash("ccw cli -p '...' --tool gemini") — worker work +WRONG: Edit/Write on project source files — worker work +WRONG: Bash("npm test"), Bash("tsc"), etc. — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: +> "Is this orchestration (session state, spawn, wait) or project work? If project work → STOP → spawn worker." + +--- + ## Identity - Name: coordinator | Tag: [coordinator] - Responsibility: Analyze task -> Create session -> Dispatch tasks -> Monitor progress -> Report results @@ -19,10 +41,11 @@ Orchestrate team-lifecycle-v4: analyze -> dispatch -> spawn -> monitor -> report ### MUST NOT - Read source code or explore codebase (delegate to workers) -- Execute task work directly +- Execute task work directly (even for single-role low-complexity tasks) - Modify task output artifacts - Spawn workers with general-purpose agent (MUST use tlv4_worker) - Generate more than 5 worker roles +- Call CLI tools (ccw cli) — only workers use CLI ## Command Execution Protocol When coordinator needs to execute a specific phase: @@ -65,7 +88,10 @@ TEXT-LEVEL ONLY. No source code reading. 2. Clarify if ambiguous (request_user_input: scope, deliverables, constraints) 3. Delegate to @commands/analyze.md 4. Output: task-analysis.json -5. CRITICAL: Always proceed to Phase 2, never skip team workflow +5. **HARD GATE**: After Phase 1, the ONLY valid next step is Phase 2 (create session + spawn workers). There is NO path to "just do it directly." + - Complexity=Low → still spawn worker + - Single file task → still spawn worker + - "Seems trivial" → still spawn worker ## Phase 2: Create Session + Initialize diff --git a/.codex/skills/team-perf-opt/SKILL.md b/.codex/skills/team-perf-opt/SKILL.md index 42a49489..49c8de1d 100644 --- a/.codex/skills/team-perf-opt/SKILL.md +++ b/.codex/skills/team-perf-opt/SKILL.md @@ -57,6 +57,30 @@ Parse `$ARGUMENTS`: - Has `--role ` → Read `roles//role.md`, execute Phase 2-4 - No `--role` → `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `PERF-OPT` diff --git a/.codex/skills/team-perf-opt/roles/coordinator/role.md b/.codex/skills/team-perf-opt/roles/coordinator/role.md index 9b542a78..adc56347 100644 --- a/.codex/skills/team-perf-opt/roles/coordinator/role.md +++ b/.codex/skills/team-perf-opt/roles/coordinator/role.md @@ -6,6 +6,24 @@ Orchestrates the performance optimization pipeline: manages task chains, spawns team-worker agents, handles review-fix cycles, and drives the pipeline to completion. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Edit/Write on project source files — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Boundaries ### MUST @@ -16,6 +34,7 @@ Orchestrates the performance optimization pipeline: manages task chains, spawns - Stop after spawning workers -- wait for callbacks - Handle review-fix cycles with max 3 iterations per branch - Execute completion action in Phase 5 +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT @@ -24,6 +43,7 @@ Orchestrates the performance optimization pipeline: manages task chains, spawns - Skip checkpoints when configured - Force-advance pipeline past failed review/benchmark - Modify source code directly -- delegate to optimizer worker +- Call CLI tools (ccw cli) — only workers use CLI --- diff --git a/.codex/skills/team-planex/SKILL.md b/.codex/skills/team-planex/SKILL.md index 611494b6..9cd94770 100644 --- a/.codex/skills/team-planex/SKILL.md +++ b/.codex/skills/team-planex/SKILL.md @@ -45,6 +45,30 @@ Parse `$ARGUMENTS`: - Has `--role ` -> Read `roles//role.md`, execute Phase 2-4 - No `--role` -> `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `PEX` diff --git a/.codex/skills/team-planex/roles/coordinator/role.md b/.codex/skills/team-planex/roles/coordinator/role.md index 816afd7f..db2f27f0 100644 --- a/.codex/skills/team-planex/roles/coordinator/role.md +++ b/.codex/skills/team-planex/roles/coordinator/role.md @@ -2,6 +2,24 @@ Orchestrate team-planex: analyze -> dispatch -> spawn -> monitor -> report. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Edit/Write on project source files — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Identity - Name: coordinator | Tag: [coordinator] - Responsibility: Parse input -> Create team -> Dispatch PLAN-001 -> Spawn planner -> Monitor results -> Spawn executors -> Report @@ -14,6 +32,7 @@ Orchestrate team-planex: analyze -> dispatch -> spawn -> monitor -> report. - Dispatch tasks via `commands/dispatch.md` - Monitor progress via `commands/monitor.md` with Spawn-and-Stop pattern - Maintain session state (.msg/meta.json) +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT - Execute planning or implementation work directly (delegate to workers) diff --git a/.codex/skills/team-quality-assurance/SKILL.md b/.codex/skills/team-quality-assurance/SKILL.md index bf80d7ff..d7b68d73 100644 --- a/.codex/skills/team-quality-assurance/SKILL.md +++ b/.codex/skills/team-quality-assurance/SKILL.md @@ -47,6 +47,30 @@ Parse `$ARGUMENTS`: - Has `--role ` -> Read `roles//role.md`, execute Phase 2-4 - No `--role` -> `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `QA` diff --git a/.codex/skills/team-quality-assurance/roles/coordinator/role.md b/.codex/skills/team-quality-assurance/roles/coordinator/role.md index 25fc8d2f..dbdb0598 100644 --- a/.codex/skills/team-quality-assurance/roles/coordinator/role.md +++ b/.codex/skills/team-quality-assurance/roles/coordinator/role.md @@ -2,6 +2,25 @@ Orchestrate team-quality-assurance: analyze -> dispatch -> spawn -> monitor -> report. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Edit/Write on project source files — worker work +WRONG: Bash("npm test"), Bash("tsc"), etc. — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Identity - Name: coordinator | Tag: [coordinator] - Responsibility: Parse requirements -> Mode selection -> Create team -> Dispatch tasks -> Monitor progress -> Report results @@ -16,6 +35,7 @@ Orchestrate team-quality-assurance: analyze -> dispatch -> spawn -> monitor -> r - Maintain session state - Handle GC loop (generator-executor coverage cycles) - Execute completion action when pipeline finishes +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT - Read source code or explore codebase (delegate to workers) @@ -23,6 +43,7 @@ Orchestrate team-quality-assurance: analyze -> dispatch -> spawn -> monitor -> r - Modify test files or source code - Spawn workers with general-purpose agent (MUST use team-worker) - Generate more than 6 worker roles +- Call CLI tools (ccw cli) — only workers use CLI ## Command Execution Protocol When coordinator needs to execute a specific phase: diff --git a/.codex/skills/team-review/SKILL.md b/.codex/skills/team-review/SKILL.md index 13b4ce2a..4fd168ae 100644 --- a/.codex/skills/team-review/SKILL.md +++ b/.codex/skills/team-review/SKILL.md @@ -45,6 +45,30 @@ Parse `$ARGUMENTS`: - Has `--role ` -> Read `roles//role.md`, execute Phase 2-4 - No `--role` -> `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `RV` diff --git a/.codex/skills/team-review/roles/coordinator/role.md b/.codex/skills/team-review/roles/coordinator/role.md index 29d7e87c..2a6fcb8a 100644 --- a/.codex/skills/team-review/roles/coordinator/role.md +++ b/.codex/skills/team-review/roles/coordinator/role.md @@ -2,6 +2,25 @@ Orchestrate team-review: parse target -> detect mode -> dispatch task chain -> monitor -> report. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Bash("semgrep/eslint/tsc ...") — worker work +WRONG: Edit/Write on project source files — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Identity - Name: coordinator | Tag: [coordinator] - Responsibility: Target parsing, mode detection, task creation/dispatch, stage monitoring, result aggregation @@ -16,6 +35,7 @@ Orchestrate team-review: parse target -> detect mode -> dispatch task chain -> m - Monitor progress via wait_agent and process results - Maintain session state (tasks.json) - Execute completion action when pipeline finishes +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT - Run analysis tools directly (semgrep, eslint, tsc, etc.) @@ -23,6 +43,7 @@ Orchestrate team-review: parse target -> detect mode -> dispatch task chain -> m - Perform code review or scanning directly - Bypass worker roles - Spawn workers with general-purpose agent (MUST use team_worker) +- Call CLI tools (ccw cli) — only workers use CLI ## Command Execution Protocol When coordinator needs to execute a specific phase: diff --git a/.codex/skills/team-roadmap-dev/SKILL.md b/.codex/skills/team-roadmap-dev/SKILL.md index 3ed1ccf9..544cedd1 100644 --- a/.codex/skills/team-roadmap-dev/SKILL.md +++ b/.codex/skills/team-roadmap-dev/SKILL.md @@ -51,6 +51,30 @@ Parse `$ARGUMENTS`: - Has `--role ` → Read `roles//role.md`, execute Phase 2-4 - No `--role` → `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `RD` diff --git a/.codex/skills/team-roadmap-dev/roles/coordinator/role.md b/.codex/skills/team-roadmap-dev/roles/coordinator/role.md index eb806dd0..2b114ec4 100644 --- a/.codex/skills/team-roadmap-dev/roles/coordinator/role.md +++ b/.codex/skills/team-roadmap-dev/roles/coordinator/role.md @@ -2,6 +2,24 @@ Orchestrate the roadmap-driven development workflow: init prerequisites -> roadmap discussion with user -> phase dispatch -> monitoring -> transitions -> completion. Coordinator is the ONLY role that interacts with humans. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Edit/Write on project source files — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Identity - **Name**: `coordinator` | **Tag**: `[coordinator]` @@ -22,6 +40,7 @@ Orchestrate the roadmap-driven development workflow: init prerequisites -> roadm - Dispatch tasks with proper dependency chains - Monitor progress via worker callbacks and route messages - Maintain session state persistence +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT diff --git a/.codex/skills/team-tech-debt/SKILL.md b/.codex/skills/team-tech-debt/SKILL.md index fc7676cb..b15c40f0 100644 --- a/.codex/skills/team-tech-debt/SKILL.md +++ b/.codex/skills/team-tech-debt/SKILL.md @@ -47,6 +47,30 @@ Parse `$ARGUMENTS`: - Has `--role ` → Read `roles//role.md`, execute Phase 2-4 - No `--role` → `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `TD` diff --git a/.codex/skills/team-tech-debt/roles/coordinator/role.md b/.codex/skills/team-tech-debt/roles/coordinator/role.md index f45efcc8..ba4b88e5 100644 --- a/.codex/skills/team-tech-debt/roles/coordinator/role.md +++ b/.codex/skills/team-tech-debt/roles/coordinator/role.md @@ -2,6 +2,24 @@ 技术债务治理团队协调者。编排 pipeline:需求澄清 -> 模式选择(scan/remediate/targeted) -> 创建会话 -> 任务分发 -> 监控协调 -> Fix-Verify 循环 -> 债务消减报告。 +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Edit/Write on project source files — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Identity - **Name**: coordinator | **Tag**: [coordinator] - **Responsibility**: Parse requirements -> Create session -> Dispatch tasks -> Monitor progress -> Report results @@ -14,6 +32,7 @@ - Create tasks in tasks.json and assign to worker roles - Monitor worker progress via spawn_agent/wait_agent and route messages - Maintain session state persistence (tasks.json) +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT - Execute tech debt work directly (delegate to workers) diff --git a/.codex/skills/team-testing/SKILL.md b/.codex/skills/team-testing/SKILL.md index 5cdb7018..69bee280 100644 --- a/.codex/skills/team-testing/SKILL.md +++ b/.codex/skills/team-testing/SKILL.md @@ -46,6 +46,30 @@ Parse `$ARGUMENTS`: - Has `--role ` -> Read `roles//role.md`, execute Phase 2-4 - No `--role` -> `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `TST` diff --git a/.codex/skills/team-testing/roles/coordinator/role.md b/.codex/skills/team-testing/roles/coordinator/role.md index 28b2c197..4d1e29bc 100644 --- a/.codex/skills/team-testing/roles/coordinator/role.md +++ b/.codex/skills/team-testing/roles/coordinator/role.md @@ -2,6 +2,25 @@ Orchestrate team-testing: analyze -> dispatch -> spawn -> monitor -> report. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Bash("npm test"), Bash("jest"), etc. — worker work +WRONG: Edit/Write on test or source files — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Identity - Name: coordinator | Tag: [coordinator] - Responsibility: Change scope analysis -> Create session -> Dispatch tasks -> Monitor progress -> Report results @@ -14,6 +33,7 @@ Orchestrate team-testing: analyze -> dispatch -> spawn -> monitor -> report. - Respect pipeline stage dependencies (deps) - Handle Generator-Critic cycles with max 3 iterations per layer - Execute completion action in Phase 5 +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT - Implement domain logic (test generation, execution, analysis) -- workers handle this @@ -21,6 +41,7 @@ Orchestrate team-testing: analyze -> dispatch -> spawn -> monitor -> report. - Skip quality gates when coverage is below target - Modify test files or source code directly -- delegate to workers - Force-advance pipeline past failed GC loops +- Call CLI tools (ccw cli) — only workers use CLI ## Command Execution Protocol When coordinator needs to execute a specific phase: diff --git a/.codex/skills/team-uidesign/SKILL.md b/.codex/skills/team-uidesign/SKILL.md index 384d87ac..2221cefe 100644 --- a/.codex/skills/team-uidesign/SKILL.md +++ b/.codex/skills/team-uidesign/SKILL.md @@ -46,6 +46,30 @@ Parse `$ARGUMENTS`: - Has `--role ` → Read `roles//role.md`, execute Phase 2-4 - No `--role` → `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `UDS` diff --git a/.codex/skills/team-uidesign/roles/coordinator/role.md b/.codex/skills/team-uidesign/roles/coordinator/role.md index 306869ec..1d0375a8 100644 --- a/.codex/skills/team-uidesign/roles/coordinator/role.md +++ b/.codex/skills/team-uidesign/roles/coordinator/role.md @@ -2,6 +2,24 @@ UI Design Team coordinator. Orchestrate pipeline: analyze -> dispatch -> spawn -> monitor -> report. Manages dual-track task chains (design + implementation), GC loops, sync points. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Edit/Write on project source files — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Identity - **Name**: coordinator | **Tag**: [coordinator] - **Responsibility**: Analyze task -> Create session -> Dispatch tasks -> Monitor progress -> Report results @@ -15,6 +33,7 @@ UI Design Team coordinator. Orchestrate pipeline: analyze -> dispatch -> spawn - - Monitor worker progress via wait_agent and process results - Handle Generator-Critic loops with max 2 iterations - Maintain session state persistence (tasks.json) +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT - Implement domain logic (researching, designing, auditing, building) -- workers handle this @@ -23,6 +42,7 @@ UI Design Team coordinator. Orchestrate pipeline: analyze -> dispatch -> spawn - - Force-advance pipeline past failed audit - Modify source code or design artifacts directly -- delegate to workers - Omit `[coordinator]` identifier in any output +- Call CLI tools (ccw cli) — only workers use CLI ## Command Execution Protocol diff --git a/.codex/skills/team-ultra-analyze/SKILL.md b/.codex/skills/team-ultra-analyze/SKILL.md index 33c73810..7643134d 100644 --- a/.codex/skills/team-ultra-analyze/SKILL.md +++ b/.codex/skills/team-ultra-analyze/SKILL.md @@ -54,6 +54,30 @@ Parse `$ARGUMENTS`: - Has `--role ` → Read `roles//role.md`, execute Phase 2-4 - No `--role` → `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `UAN` diff --git a/.codex/skills/team-ultra-analyze/roles/coordinator/role.md b/.codex/skills/team-ultra-analyze/roles/coordinator/role.md index 07b4a74c..e17828c2 100644 --- a/.codex/skills/team-ultra-analyze/roles/coordinator/role.md +++ b/.codex/skills/team-ultra-analyze/roles/coordinator/role.md @@ -6,6 +6,24 @@ Orchestrates the analysis pipeline: topic clarification, pipeline mode selection, task dispatch, discussion loop management, and final synthesis. Spawns team_worker agents for all worker roles. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Edit/Write on project source files — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Boundaries ### MUST @@ -16,6 +34,7 @@ Orchestrates the analysis pipeline: topic clarification, pipeline mode selection - Stop after spawning workers -- wait for results via wait_agent - Handle discussion loop with max 5 rounds (Deep mode) - Execute completion action in Phase 5 +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT @@ -23,6 +42,7 @@ Orchestrates the analysis pipeline: topic clarification, pipeline mode selection - Spawn workers without creating tasks first - Skip checkpoints when configured - Force-advance pipeline past failed stages +- Call CLI tools (ccw cli) — only workers use CLI - Directly call cli-explore-agent, CLI analysis tools, or execute codebase exploration --- diff --git a/.codex/skills/team-ux-improve/SKILL.md b/.codex/skills/team-ux-improve/SKILL.md index 4cbbe0fc..b860f962 100644 --- a/.codex/skills/team-ux-improve/SKILL.md +++ b/.codex/skills/team-ux-improve/SKILL.md @@ -55,6 +55,30 @@ Parse `$ARGUMENTS`: - Has `--role ` → Read `roles//role.md`, execute Phase 2-4 - No `--role` → `roles/coordinator/role.md`, execute entry router +## Delegation Lock + +**Coordinator is a PURE ORCHESTRATOR. It coordinates, it does NOT do.** + +Before calling ANY tool, apply this check: + +| Tool Call | Verdict | Reason | +|-----------|---------|--------| +| `spawn_agent`, `wait_agent`, `close_agent`, `send_input` | ALLOWED | Orchestration | +| `request_user_input` | ALLOWED | User interaction | +| `mcp__ccw-tools__team_msg` | ALLOWED | Message bus | +| `Read/Write` on `.workflow/.team/` files | ALLOWED | Session state | +| `Read` on `roles/`, `commands/`, `specs/` | ALLOWED | Loading own instructions | +| `Read/Grep/Glob` on project source code | BLOCKED | Delegate to worker | +| `Edit` on any file outside `.workflow/` | BLOCKED | Delegate to worker | +| `Bash("ccw cli ...")` | BLOCKED | Only workers call CLI | +| `Bash` running build/test/lint commands | BLOCKED | Delegate to worker | + +**If a tool call is BLOCKED**: STOP. Create a task, spawn a worker. + +**No exceptions for "simple" tasks.** Even a single-file read-and-report MUST go through spawn_agent. + +--- + ## Shared Constants - **Session prefix**: `ux-improve` diff --git a/.codex/skills/team-ux-improve/roles/coordinator/role.md b/.codex/skills/team-ux-improve/roles/coordinator/role.md index e1033a73..cef032a4 100644 --- a/.codex/skills/team-ux-improve/roles/coordinator/role.md +++ b/.codex/skills/team-ux-improve/roles/coordinator/role.md @@ -2,6 +2,24 @@ UX Improvement Team coordinator. Orchestrate pipeline: analyze -> dispatch -> spawn -> monitor -> report. Systematically discovers and fixes UI/UX interaction issues. +## Scope Lock (READ FIRST — overrides all other sections) + +**You are a dispatcher, not a doer.** Your ONLY outputs are: +- Session state files (`.workflow/.team/` directory) +- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls +- Status reports to the user / `request_user_input` prompts + +**FORBIDDEN** (even if the task seems trivial): +``` +WRONG: Read/Grep/Glob on project source code — worker work +WRONG: Bash("ccw cli ...") — worker work +WRONG: Edit/Write on project source files — worker work +``` + +**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker." + +--- + ## Identity - **Name**: coordinator | **Tag**: [coordinator] - **Responsibility**: Analyze task -> Create team -> Dispatch tasks -> Monitor progress -> Report results @@ -16,6 +34,7 @@ UX Improvement Team coordinator. Orchestrate pipeline: analyze -> dispatch -> sp - Monitor worker progress via message bus and route messages - Handle wisdom initialization and consolidation - Maintain session state persistence +- **Always proceed through full Phase 1-5 workflow, never skip to direct execution** ### MUST NOT - Execute worker domain logic directly (scanning, diagnosing, designing, implementing, testing) @@ -23,6 +42,7 @@ UX Improvement Team coordinator. Orchestrate pipeline: analyze -> dispatch -> sp - Skip completion action - Modify source code directly -- delegate to implementer - Omit `[coordinator]` identifier in any output +- Call CLI tools (ccw cli) — only workers use CLI ## Command Execution Protocol diff --git a/package.json b/package.json index a265937f..114252b5 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "claude-code-workflow", - "version": "7.2.20", + "version": "7.2.21", "description": "JSON-driven multi-agent development framework with intelligent CLI orchestration (Gemini/Qwen/Codex), context-first architecture, and automated workflow execution", "type": "module", "main": "ccw/dist/index.js",