From 54acfec834bbd579f5fdf04ee0ca1d767ac94f9d Mon Sep 17 00:00:00 2001 From: Bryan Ramos Date: Fri, 3 Apr 2026 12:48:23 -0400 Subject: [PATCH] fix(protocol): tighten workflow contract --- agents/auditor.md | 2 +- agents/reviewer.md | 6 +++++- skills/message-schema/SKILL.md | 15 ++++++++------- skills/worker-protocol/SKILL.md | 4 ++-- 4 files changed, 16 insertions(+), 11 deletions(-) diff --git a/agents/auditor.md b/agents/auditor.md index 69d1c88..163a987 100644 --- a/agents/auditor.md +++ b/agents/auditor.md @@ -80,7 +80,7 @@ typecheck_status: pass | fail | skipped --- ``` -**Hard rule:** `security_findings.critical > 0` or `build_status: fail` or `test_status: fail` requires `signal: fail`. +**Hard rule:** `security_findings.critical > 0` or `security_findings.high > 0` or `build_status: fail` or `test_status: fail` requires `signal: fail`. Then the markdown body: diff --git a/agents/reviewer.md b/agents/reviewer.md index 9afb8a6..508b83f 100644 --- a/agents/reviewer.md +++ b/agents/reviewer.md @@ -28,7 +28,7 @@ Shell access is intentionally unavailable in this role to enforce read-only beha ## Claim verification -- **Acceptance criteria** — walk each criterion explicitly by number. Clean code that doesn't do what was asked is a FAIL. +- **Acceptance criteria** — when acceptance criteria are provided, walk each criterion explicitly by number. Clean code that doesn't do what was asked is a FAIL. - **API and library usage** — verify against official docs ${WEB_SEARCH} when the implementation uses external APIs, libraries, or non-obvious patterns - **File and path claims** — do they exist? - **Logic correctness** — does the implementation actually solve the problem? @@ -57,6 +57,8 @@ ac_coverage: **Hard rule:** `critical_count > 0` requires `signal: fail`. +Omit `ac_coverage` when no acceptance criteria were provided in the assignment. + Then the markdown body: ### Review: [scope] @@ -75,6 +77,8 @@ Then the markdown body: - AC2: PASS / FAIL — [one line] - ... +Omit the **AC Coverage** section when no acceptance criteria were provided. + One line summary. --- diff --git a/skills/message-schema/SKILL.md b/skills/message-schema/SKILL.md index 8f11d2d..8dda620 100644 --- a/skills/message-schema/SKILL.md +++ b/skills/message-schema/SKILL.md @@ -52,7 +52,7 @@ The `signal` field is the orchestrator's primary routing key. It determines the ### worker_submission -Emitted by: worker, debugger, documenter +Emitted by: grunt, worker, senior, debugger, documenter ```yaml --- @@ -103,11 +103,12 @@ ac_coverage: --- ``` -Required: `type`, `signal`, `critical_count`, `moderate_count`, `minor_count`, `ac_coverage` +Required: `type`, `signal`, `critical_count`, `moderate_count`, `minor_count` +Optional: `ac_coverage` (omit when no acceptance criteria were provided in the assignment) **Hard rule:** `critical_count > 0` requires `signal: fail`. -Body: Findings by severity (CRITICAL / MODERATE / MINOR), then AC Coverage details, then one-line summary. +Body: Findings by severity (CRITICAL / MODERATE / MINOR), then AC Coverage details when applicable, then one-line summary. ### audit_verdict @@ -131,7 +132,7 @@ typecheck_status: pass | fail | skipped Required: `type`, `signal`, `security_findings`, `build_status`, `test_status` Optional: `typecheck_status` -**Hard rule:** `security_findings.critical > 0` or `build_status: fail` or `test_status: fail` requires `signal: fail`. High-severity findings (`security_findings.high > 0`) do not require `fail` — use `pass_with_notes`. +**Hard rule:** `security_findings.critical > 0` or `security_findings.high > 0` or `build_status: fail` or `test_status: fail` requires `signal: fail`. Body: Security findings by severity (or CLEAN), then Runtime section with tested/passed/failed. @@ -208,7 +209,7 @@ Body: Answer, Verified Facts with sources, Version Constraints, Gotchas, Unverif ### task_assignment -Sent to: worker, debugger, documenter +Sent to: grunt, worker, senior, debugger, documenter ```yaml --- @@ -228,7 +229,7 @@ Body: Task spec, Acceptance Criteria, Context (interface contracts, constraints, ### revision_request -Sent to: worker, debugger, documenter +Sent to: grunt, worker, senior, debugger, documenter ```yaml --- @@ -249,7 +250,7 @@ Body: Issues to fix (from reviewer and/or auditor), grouped by source, with guid ### approval -Sent to: worker, debugger, documenter +Sent to: grunt, worker, senior, debugger, documenter ```yaml --- diff --git a/skills/worker-protocol/SKILL.md b/skills/worker-protocol/SKILL.md index 25d8b8d..1c616f7 100644 --- a/skills/worker-protocol/SKILL.md +++ b/skills/worker-protocol/SKILL.md @@ -1,7 +1,7 @@ --- name: worker-protocol description: Standard output format, feedback handling, and operational procedures for all worker agents. -when_to_use: Loaded by worker, debugger, and documenter agents. Defines the worker_submission envelope format and commit workflow. +when_to_use: Loaded by grunt, worker, senior, debugger, and documenter agents. Defines the worker_submission envelope format and commit workflow. --- ## Output format @@ -29,7 +29,7 @@ Then the markdown body: [Your deliverable here] ## Self-Assessment -- Acceptance criteria met: [yes/no per criterion, one line each] +- Acceptance criteria met: [yes/no per criterion, one line each, or "No acceptance criteria were provided"] - Known limitations: [any, or "none"] ```