claude --no-input was removed in Claude Code >= v2.1.81 and causes an
immediate crash ("error: unknown option '--no-input'"). The -p/--print
flag already handles non-interactive output, so --no-input is redundant.
Adds a regression test in tests/workflow-compat.test.cjs that scans all
workflow, command, and agent .md files to ensure --no-input never returns.
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(tests): allowlist execute-phase.md in prompt-injection scan
execute-phase.md grew to ~51K chars after the code-review gate step
was added in #1630, tripping the 50K size heuristic in the injection
scanner. The limit is calibrated for user-supplied input — trusted
workflow source files that legitimately exceed it are allowlisted
individually, following the same pattern as discuss-phase.md.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat(security): improve prompt injection scanner with 4 detection layers (#1838)
- Layer 1: Unicode tag block U+E0000–U+E007F detection in strict mode (2025 supply-chain attack vector)
- Layer 2: Character-spacing obfuscation, delimiter injection (<system>/<assistant>/<user>/<human>), and long hex sequence patterns
- Layer 3: validatePromptStructure() — validates XML tag structure of agent/workflow files against known-valid tag set
- Layer 4: scanEntropyAnomalies() — Shannon entropy analysis flagging high-entropy paragraphs (>5.5 bits/char)
All layers implemented TDD (RED→GREEN): 31 new tests written first, verified failing, then implemented.
Full suite: 2559 tests, 0 failures. security.cjs: 99.6% stmt coverage.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
execute-phase.md grew to ~51K chars after the code-review gate step
was added in #1630, tripping the 50K size heuristic in the injection
scanner. The limit is calibrated for user-supplied input — trusted
workflow source files that legitimately exceed it are allowlisted
individually, following the same pattern as discuss-phase.md.
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat(config): add execution context profiles for mode-specific agent output
* fix(config): add enum validation for context config key
Validate context values against allowed enum (dev, research, review)
in cmdConfigSet before writing to config.json, matching the pattern
used for model_profile validation. Add rejection test for invalid
context values.
* feat(tools): add global learnings store with CRUD library and CLI support
* fix(tools): address review feedback for global learnings store
- Validate learning IDs against path traversal in learningsRead, learningsDelete, and cmdLearningsDelete
- Fix total invariant in learningsCopyFromProject (total = created + skipped)
- Wrap cmdLearningsPrune in try/catch to handle invalid duration format
- Rename raw -> content in readLearningFile to avoid variable shadowing
- Add CLI integration tests for list, query, prune error, and unknown subcommand
* feat(commands): add /gsd-explore for Socratic ideation and idea routing
Open-ended exploration command that guides developers through ideas via
Socratic questioning, optionally spawns research when factual questions
surface, then routes crystallized outputs to appropriate GSD artifacts
(notes, todos, seeds, research questions, requirements, or new phases).
Conversation follows questioning.md principles — one question at a time,
contextual domain probes, natural flow. Outputs require explicit user
selection before writing.
Closes#1729
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(commands): address review feedback on explore command (#1729)
- Change allowed-tools from Agent to Task to match subagent spawn pattern
- Remove unresolved {resolved_model} placeholder from Task spawn
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat(commands): add external plan import command /gsd-import
Adds a new /gsd-import command for importing external plan files into
the GSD planning system with conflict detection against PROJECT.md
decisions and CONTEXT.md locked decisions.
Scoped to --from mode only (plan file import). Uses validatePath()
from security.cjs for file path validation. Surfaces all conflicts
before writing and never auto-resolves. Handles missing PROJECT.md
gracefully by skipping constraint checks.
--prd mode (PRD extraction) is noted as future work.
Closes#1731
* fix(commands): address review feedback for /gsd-import
- Add structural tests for command/workflow files (13 assertions)
- Add REQUIREMENTS.md to conflict detection context loading
- Replace security.cjs CLI invocation with inline path validation
- Move PBR naming check from blocker list to conversion step
- Add Edit to allowed-tools for ROADMAP.md/STATE.md patching
- Remove emoji from completion banner and validation message
* feat(commands): add safe git revert command /gsd-undo
Adds a new /gsd-undo command for safely reverting GSD phase or plan
commits. Uses phase manifest lookup with git log fallback, atomic
single-commit reverts via git revert --no-commit, dependency checking
with user confirmation, and structured revert commit messages including
a user-provided reason.
Three modes: --last N (interactive selection), --phase NN (full phase
revert), --plan NN-MM (single plan revert).
Closes#1730
* fix(commands): address review feedback for /gsd-undo
- Add dirty-tree guard before revert operations (security)
- Fix manifest schema to use manifest.phases[N].commits (critical)
- Extend dependency check to MODE=plan for intra-phase deps
- Handle mid-sequence conflict cleanup with reset HEAD + restore
- Fix unbalanced grep alternation pattern for phase scope matching
- Remove Write from allowed-tools (never needed)
* feat(workflows): add stall detection to plan-phase revision loop
Adds issue count tracking and stall detection to the plan-phase
revision loop (step 12). When issue count stops decreasing across
iterations, the loop escalates to the user instead of burning
remaining iterations. The existing 3-iteration cap remains as a
backstop. Uses normalized issue counting from checker YAML output.
Closes#1716
* fix(workflows): add parsing fallback and re-entry guard to stall detection
* docs(agents): add few-shot calibration examples for plan-checker and verifier
Closes#1723
* test(agents): add structural tests for few-shot calibration examples
Validates reference file existence, frontmatter metadata, example counts,
WHY annotations on every example, agent @reference lines, and content
structure (input/output pairs, calibration gap patterns table).
When model_profile is set to "inherit" in config.json, resolveModelInternal()
now returns "inherit" immediately instead of looking it up in MODEL_PROFILES
(where it has no entry) and silently falling back to balanced.
Also adds "inherit" to the valid profile list in verify.cjs so setting it
doesn't trigger a false validation error.
Closes#1829
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
phases clear now checks for phase dirs before deleting. If any exist and
--confirm is absent, the command exits non-zero with a message showing the
count and how to proceed. Empty phases dir (nothing to delete) succeeds
without --confirm unchanged.
Updates new-milestone.md workflow to pass --confirm (intentional programmatic
caller). Updates existing new-milestone-clear-phases tests to match new API.
Closes#1826
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Before registering each .sh hook (validate-commit, session-state, phase-boundary),
check that the target file was actually copied. If the .sh file is missing (e.g.
omitted from the npm package as in v1.32.0), skip registration and emit a warning
instead of writing a broken hook entry that errors on every tool invocation.
Closes#1817
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(cli): reject help/version flags instead of silently ignoring them (#1818)
AI agents can hallucinate --help or --version on gsd-tools invocations.
Without a guard, unknown flags were silently ignored and the command
proceeded — including destructive ones like `phases clear`. Add a
pre-dispatch check in main() that errors immediately if any never-valid
flag (-h, --help, -?, --version, -v, --usage) is present in args after
global flags are stripped. Regression test covers phases clear, generate-
slug, state load, and current-timestamp with both --help and -h variants.
Closes#1818
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(agents): convert gsd-verifier required_reading to inline wiring
The thinking-model-guidance test requires inline @-reference wiring at
decision points rather than a <required_reading> block. Convert
verification-overrides.md reference from the <required_reading> block
to an inline reference inside <verification_process> alongside the
existing thinking-models-verification.md reference.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(tests): resolve conflict between thinking-model and verification-overrides tests
thinking-model-guidance.test prohibited <required_reading> entirely, but
verification-overrides.test requires gsd-verifier.md to have a
<required_reading> block for verification-overrides.md between </role>
and <project_context>. The tests were mutually exclusive.
Fix: narrow the thinking-model assertion to check that the thinking-models
reference is not *inside* a <required_reading> block (using regex extraction),
rather than asserting no <required_reading> block exists at all. Restore the
<required_reading> block in gsd-verifier.md. Both suites now pass (2345/2345).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Add three hard-stop checks to /gsd-next that prevent blind advancement:
1. Unresolved .continue-here.md checkpoint from a previous session
2. Error/failed state in STATE.md
3. Unresolved FAIL items in VERIFICATION.md
Also add a consecutive-call budget guard that prompts after 6
consecutive /gsd-next calls, preventing runaway automation loops.
All gates are bypassed with --force (prints a one-line warning).
Gates run in order and exit on the first hit to give clear,
actionable diagnostics.
Closes#1732
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Lightweight alternative to /gsd-map-codebase that spawns a single
mapper agent for one focus area instead of four parallel agents.
Supports --focus flag with 5 options: tech, arch, quality, concerns,
and tech+arch (default). Checks for existing documents and prompts
before overwriting.
Closes#1733
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Integrate lightweight thinking partner analysis at two workflow decision
points, controlled by features.thinking_partner config (default: false):
1. discuss-phase: when developer answers reveal competing priorities
(detected via keyword/structural signals), offers brief tradeoff
analysis before locking decisions
2. plan-phase: when plan-checker flags architectural tradeoffs, analyzes
options and recommends an approach aligned with phase goals before
entering the revision loop
The thinking partner is opt-in, skippable (No, I have decided),
and brief (3-5 bullets). A third integration point for /gsd-explore
will be added when #1729 lands.
Closes#1726
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Add a fourth model profile preset that assigns models by agent role:
opus for planning and debugging (reasoning-critical), sonnet for
execution and research (follows instructions), haiku for mapping and
checking (high volume, structured output).
This gives solo developers on paid API tiers a cost-effective middle
ground — quality where it matters most (planning) without overspending
on mechanical tasks (mapping, checking).
Per-agent overrides via model_overrides continue to take precedence
over any profile preset, including adaptive.
Closes#1713
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Three locations in execute-phase.md and quick.md used raw `git add
.planning/` commands that bypassed the commit_docs config check. When
users set commit_docs: false during project setup, these raw git
commands still staged and committed .planning/ files.
Add commit_docs guards (via gsd-tools.cjs config-get) around all raw
git add .planning/ invocations. The gsd-tools.cjs commit wrapper
already respects this flag — these were the only paths that bypassed it.
Fixes#1783
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Combines implementation by @davesienkowski (inline @-reference wiring at
decision-point steps, named reasoning models with anti-patterns, sequencing
rules, Gap Closure Mode) and @Tibsfox (test suite covering file existence,
section structure, and agent wiring).
- 5 reference files in get-shit-done/references/ — each with named reasoning
models, Counters annotations, Conflict Resolution sequencing, and When NOT
to Think guidance
- Inline @-reference wiring placed inside the specific step/section blocks
where thinking decisions occur (not at top-of-agent)
- Planning cluster includes Gap Closure Mode root-cause check section
- Test suite: 63 tests covering file existence, named models, Conflict
Resolution sections, Gap Closure Mode, and inline wiring placement
Closes#1722
Co-authored-by: Tibsfox <tibsfox@users.noreply.github.com>
Co-authored-by: Rezolv <davesienkowski@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Combines implementation by @Tibsfox (test suite, 80% fuzzy threshold)
and @davesienkowski (must_have schema, mandatory audit fields, full
lifecycle with re-verification carryforward and overrides_applied counter,
embedded verifier step 3b, When-NOT-to-use guardrails).
- New reference: get-shit-done/references/verification-overrides.md
with must_have/accepted_by/accepted_at schema, 80% fuzzy match
threshold, When to Use / When NOT to Use guardrails, full override
lifecycle (re-verification carryforward, milestone audit surfacing)
- gsd-verifier.md updated with required_reading block, embedded Step 3b
override check before FAIL marking, and overrides_applied frontmatter
- 27-assertion test suite covering reference structure, field names,
threshold value, lifecycle fields, and agent cross-reference
Closes#1747
Co-authored-by: Tibsfox <tibsfox@users.noreply.github.com>
Co-authored-by: Rezolv <davesienkowski@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Community PRs repeatedly add marketing commentary in parentheses next to
product names (licensing model, parent company, architecture). Product
listings should contain only the product name.
Cleaned across 8 files in 5 languages (EN, KO, JA, ZH, PT) plus
install.js code comments and CHANGELOG. Added static analysis guard
test that prevents this pattern from recurring.
Fixes#1777
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
The hook was built, copied to hooks/dist/, and installed to disk — but
never registered as a PreToolUse entry in settings.json, making the
hooks.workflow_guard config flag permanently inert.
Adds the registration block following the same pattern as the other
community hooks (prompt-guard, read-guard, validate-commit, etc.).
Includes regression test that verifies every JS hook in gsdHooks has a
corresponding command construction and registration block.
Fixes#1767
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Addresses three findings from Codex adversarial review of #1768:
- Uninstall settings cleanup now filters at per-hook granularity instead of
per-entry. User hooks that share an entry with a GSD hook are preserved
instead of being removed as collateral damage.
- Add gsd-workflow-guard to PreToolUse/BeforeTool uninstall settings filter
so opt-in users don't get dangling references after uninstall.
- Codex install now strips legacy gsd-update-check.js hook entries before
appending the corrected gsd-check-update.js, preventing duplicate hooks
on upgrade from affected versions.
- 8 new regression tests covering per-hook filtering, legacy migration regex.
Fixes#1755
workstreams.md referenced $GSD_TOOLS (6 occurrences) which is never
defined anywhere in the system. All other 60+ command files use the
standard $HOME/.claude/get-shit-done/bin/gsd-tools.cjs path. The
undefined variable resolves to empty string, causing all workstream
commands to fail with module not found.
Fixes#1766
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
When a worktree branch outlives a milestone transition, git merge
silently overwrites STATE.md and ROADMAP.md with stale content and
resurrects archived phase directories. Fix by backing up orchestrator
files before merge, restoring after, and detecting resurrected files.
Fixes#1761
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
- Add close-draft-prs.yml workflow that auto-closes draft PRs with
explanatory comment directing contributors to submit completed PRs
- Update CONTRIBUTING.md with "No draft PRs" policy
- Update default PR template with draft PR warning
Closes#1762
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* test: add stale /gsd: colon reference regression guard
Fixes#1748
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: replace 39 stale /gsd: colon references with /gsd- hyphen format
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat(config): apply ~/.gsd/defaults.json as fallback for pre-project commands (#1683)
When .planning/config.json is missing (e.g., running GSD commands outside
a project), loadConfig() now checks ~/.gsd/defaults.json before returning
hardcoded defaults. This lets users set preferred model_profile,
context_window, subagent_timeout, and other settings globally.
Only whitelisted keys are merged — unknown keys in defaults.json are
silently ignored. If defaults.json is missing or contains invalid JSON,
the hardcoded defaults are returned as before.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(config): scope defaults.json fallback to pre-project context only
Only consult ~/.gsd/defaults.json when .planning/ does not exist (truly
pre-project). When .planning/ exists but config.json is missing, return
hardcoded defaults — avoids interference with tests and initialized
projects. Use GSD_HOME env var for test isolation.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The stale hooks detector in gsd-check-update.js used a broad
`startsWith('gsd-') && endsWith('.js')` filter that matched every
gsd-*.js file in the hooks directory. Orphaned hooks from removed
features (e.g., gsd-intel-*.js) lacked version headers and were
permanently flagged as stale, with no way to clear the warning.
Replace the broad wildcard with a MANAGED_HOOKS allowlist of the 6
JS hooks GSD currently ships. Orphaned files are now ignored.
Regression test verifies: (1) no broad wildcard filter, (2) managed
list matches build-hooks.js HOOKS_TO_COPY, (3) orphaned filenames
are excluded.
Fixes#1750
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Fixes#1709
copyFlattenedCommands replaced ~/.opencode/ paths but had no
equivalent ~/.kilo/ replacement. Adds kiloDirRegex for symmetric
path handling between the OpenCode and Kilo install pipelines.
Fixes#1707
Extracts config defaults from loadConfig() into an exported
CONFIG_DEFAULTS constant in core.cjs. config.cjs and verify.cjs
now reference CONFIG_DEFAULTS instead of duplicating values,
preventing future divergence.
Ensures opus, sonnet, and haiku aliases map to current Claude model
IDs (4-6, 4-6, 4-5). Prevents future regressions where aliases
silently resolve to outdated model versions.
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Fixes#1696
The gsd-prompt-guard.js hook was missing the 'act as a/an/the' prompt
injection pattern that security.cjs includes. Adds the pattern with
the same (?!plan|phase|wave) negative lookahead exception to allow
legitimate GSD workflow references.
Fixes#1694
The inline array parser used .split(',') which ignored quote boundaries,
splitting "a, b" into two items. Replaced with a quote-aware splitter
that tracks single/double quote state.
Updated REG-04 test to assert correct behavior and added coverage for
single-quoted and mixed-quote inline arrays.
Fixes#1692
spawnSync('sleep', ['0.1']) fails silently on Windows (ENOENT),
causing a tight busy-loop during lock contention. Atomics.wait()
provides a cross-platform 100ms blocking wait available in Node 22+.
