Propagates the 10-reviewer peer list across agent frontmatter, Position/Critical prose, shared-patterns, skill dispatchers, gate validators, and docs — resolving drift left behind when multi-tenant-reviewer and lib-commons-reviewer were added to the pool. Also fixes broken shared-pattern paths in lib-commons-reviewer and adds substantive blocker criteria to multi-tenant-reviewer plus codebase-context severity heuristic (Lerian third-rail vs external recommendation) to lib-commons-reviewer.
X-Lerian-Ref: 0x1
docs: align all documentation with the new 10-reviewer workflow
docs(lib-commons): update skill to reflect major v5.0.2 release
chore(hooks): tune context reminder hook to reduce token consumption
The cache-first feature injected <standards> blocks into 5 reviewer dispatch prompts, but only performance-reviewer parsed them — code, business-logic, security, and test reviewers ignored the injection and re-fetched standards on every run. The orchestrator-side half shipped without the consumer-side half.
Each of the 4 default reviewer agents now has a Standards Loading (Cache-First) section implementing the canonical three-tier resolution: cache hit from state.cached_standards, cache miss via WebFetch with warning, standalone fallback to hardcoded URLs. The per-reviewer fallback URL lists are unique and derived from each reviewer's standards_slice.
The 5-way verbatim duplication of the dispatch block in codereview/SKILL.md is collapsed to per-reviewer URL-slice markers that reference shared-patterns/standards-cache-protocol.md as the single source of truth. The shared pattern now carries the canonical <standards> template, orchestrator pseudocode, three-tier protocol, rolling-standards policy, and an anti-rationalization table defending cache-first behavior. Net 117-line reduction in codereview/SKILL.md.
X-Lerian-Ref: 0x1
Orchestrator resolves standards content from state.cached_standards at dispatch time and injects <standards> block with per-reviewer URL slices into code-reviewer, business-logic-reviewer, security-reviewer, test-reviewer, performance-reviewer. Each <standard> carries its URL + <content>; reviewer reads content if present, WebFetches URL if content empty. Preserves rolling-standards architecture — URLs still point to main branch, WebFetch remains the source of truth for standalone dispatch and cache misses.
Expands standards coverage to business-logic-reviewer (domain + domain-modeling + api-patterns) and test-reviewer (quality + testing-*.md) which previously received none — explicit rules beat implicit. performance-reviewer agent neutralizes its hardcoded <fetch_required> block in favor of three-tier resolution (injected block → per-standard WebFetch → standalone fallback URL list). dev-cycle Step 1.5 pre-cache extended with golang/architecture.md and golang/domain-modeling.md so all reviewer slice URLs are cacheable.
X-Lerian-Ref: 0x1
Upgrade claude-md-reminder.sh with four related improvements:
- Hybrid trigger cascade: temporal floor (every 3 prompts) OR
context-window saturation (>= 15% via harness JSON) OR transcript
byte delta (fallback). Cooldown of 2 prompts on non-temporal
triggers prevents re-injection loops as context fills up.
- PROJECT_RULES.md replaces RULES.md per Lerian 2026-04 standard.
- Symlink-aware dedup via canonicalize_path (realpath -> python3
fallback) — avoids double-injecting when AGENTS.md is a symlink
to CLAUDE.md.
- RFC 8259-compliant JSON escape via jq -Rs cascade (jq -> python3
json.dumps -> awk fallback). Old awk escape missed control chars
outside the tab/CR/FF set, which produced invalid JSON on files
with VT/ESC/NUL bytes.
X-Lerian-Ref: 0x1
Step 9 (Escalate - Max Iterations Reached) was listing only 3 of 8 reviewers in the Reviewer Verdicts table, while the Step 8 success path and the final execution report template already listed all 8. Users hitting max-iteration escalation now see the complete verdict report including test, nil-safety, consequences, dead-code, and performance-reviewer.
X-Lerian-Ref: 0x1
Generated-by: Claude
AI-Model: claude-opus-4-7
Update all skills, agents, shared patterns, docs, and platform configs that still referenced 7 code review agents to reflect the 8th reviewer (ring:performance-reviewer). Includes agent self-descriptions, dispatch instructions, anti-rationalization tables, slicing math, gate tables, and opencode schema definitions.
X-Lerian-Ref: 0x1
- Phase 0 (Step 0.3): Add comment_id and node_id as required extraction
fields so Phase 9 thread resolution can match REST comments to GraphQL
thread IDs
- Phase 9 (Step 9.2): Replace single-page GraphQL query (first:100) with
cursor-based pagination loop on reviewThreads to handle PRs with >100
threads
Generated-by: Claude
AI-Model: claude-opus-4-6
- Move item 5 (non-canonical files) from HARD GATES block into a
separate WARNINGS section to keep gate semantics unambiguous
- Make MULTI_TENANT_* env vars conditional on MULTI_TENANT_ENABLED=true;
APPLICATION_NAME is always required; single-tenant mode must work
without any MULTI_TENANT_* vars set
- Update output format to reflect conditional env var reporting
Generated-by: Claude
AI-Model: claude-opus-4-6
The header claimed "14 MANDATORY — APPLICATION_NAME + 13 MULTI_TENANT_*"
but the enumerated list has 14 MULTI_TENANT_* vars + APPLICATION_NAME = 15.
Updated all 3 occurrences (GOOD reference comment, check #6, output format).
Generated-by: Claude
AI-Model: claude-opus-4-6
The skip condition said "if neither condition is met" which incorrectly
activates M2M checks when only one condition is present. Changed to
"if either condition is missing" to correctly require BOTH targetServices
AND outbound credential provider usage before activating M2M checks.
Generated-by: Claude
AI-Model: claude-opus-4-6
Agent 33 (Multi-Tenant Patterns Auditor) was only covering ~60% of the
canonical multi-tenant model defined in multi-tenant.md. This expands
coverage from 9 checks to 34 checks, aligned with every requirement
in the standard.
New HARD GATES: non-canonical file detection, lib-commons v4 version
verification. New CRITICAL checks: auth-before-tenant route ordering,
global middleware detection. New HIGH checks: canonical env var names,
circuit breaker, service API key, backward compatibility test,
RabbitMQ vhost isolation, M2M credential security. New conditional
M2M section (checks 30-34) for services with targetServices.
Generated-by: Claude
AI-Model: claude-opus-4-6
- Add --paginate flag to gh api REST calls for reviews and comments to
avoid truncation at 30 items per page on larger PRs
- Replace deprecated databaseId with global node_id for thread matching
- Fetch all comments per thread (first: 100) instead of only the first
to handle multi-comment threads reliably
Addresses CodeRabbit review comments on PR #331.
Skills are now the sole invocation mechanism — commands have been eliminated
as an architectural layer. All 33 commands removed, 22 skills renamed to
match the command names teams already knew, and 1 new skill (portfolio-review)
created to replace the last orchestrator command.
Renames: brainstorming→brainstorm, requesting-code-review→codereview,
git-commit→commit, session-handoff→create-handoff, drawing-diagrams→diagram,
executing-plans→execute-plan, exploring-codebase→explore-codebase,
interviewing-user→interview-me, linting-codebase→lint,
release-guide-info→release-guide, visual-explainer→visualize,
using-git-worktrees→worktree, writing-plans→write-plan,
dev-feedback-loop→dev-report, delivery-status-tracking→delivery-status,
delivery-reporting→delivery-report, executive-reporting→executive-summary,
dependency-mapping→dependency-analysis, documentation-review→review-docs,
writing-functional-docs→write-guide, writing-api-docs→write-api
Generated-by: Claude
AI-Model: claude-opus-4-6
feat(hooks): add schema validator and enhance skill generation
refactor(*): align all components with the new frontmatter schema
refactor(commands): replace arguments object with simple argument-hint
refactor(agents): remove invalid version field from agent frontmatter
test(hooks): add unit tests for frontmatter validation and generation
