docs: Reconcile docs with actual inventory (80 skills, 9 hooks, 7 rules)

- README: add 24 missing skills (python family, diagnostics, security,
  git/github/push-gate, claude-code internals, summon, fleet-ops, etc.)
- README: add unicode-scan hooks + prompt-injection/worktree-boundaries
  rules to tables; remove ghost rules/thinking.md reference
- AGENTS.md: fix counts, remove thinking.md + DASH.md ghosts
- PLAN.md: rewrite as living roadmap (was 3 months stale)
- tests: rename git-workflow.* -> git-cli-tools.* (skill was replaced
  by git-ops in v2.3.0; tests cover gh/delta/lazygit CLI tools)

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

AGENTS.md

@@ -5,9 +5,9 @@
 This is **claude-mods** - a collection of custom extensions for Claude Code:
 - **23 expert agents** for specialized domains (React, Python, Go, Rust, AWS, git, etc.)
 - **2 commands** for session management (/sync, /save)
-- **79 skills** for CLI tools, patterns, workflows, and development tasks (incl. `supply-chain-defense` for behavioural-first dependency security, `net-ops` for network troubleshooting, `windows-ops` / `mac-ops` for workstation diagnostics)
+- **80 skills** for CLI tools, patterns, workflows, and development tasks (incl. `supply-chain-defense` for behavioural-first dependency security, `prompt-injection-defense` for instruction-integrity scanning, `net-ops` for network troubleshooting, `windows-ops` / `mac-ops` for workstation diagnostics)
 - **13 output styles** for response personality (Vesper, Spartan, Mentor, Executive, Pair, Atlas, Coach, Harbour, Meridian, Noir, Roast, Sage, Scout)
-- **7 hooks** for pre-commit linting, post-edit formatting, dangerous command warnings, uv enforcement, dependency-install + manifest-edit supply-chain advisories, and pmail notifications
+- **9 hooks** for pre-commit linting, post-edit formatting, dangerous command warnings, uv enforcement, dependency-install + manifest-edit supply-chain advisories, hidden-Unicode scanning (session-start + pre-commit), and pmail notifications
 - **Pigeon** inter-session messaging (`pigeon send/read/reply`) - SQLite-backed pmail at `~/.claude/pmail.db`
 
 ## Installation
@@ -34,11 +34,11 @@ cd claude-mods && ./scripts/install.sh  # or .\scripts\install.ps1 on Windows
 | `skills/` | Skill definitions with SKILL.md |
 | `output-styles/` | Response personalities (13 styles incl. vesper, atlas, noir, roast, scout) |
 | `hooks/` | Working hook scripts (lint, format, safety, pmail) |
-| `rules/` | Claude Code rules (7 files: cli-tools, thinking, commit-style, naming-conventions, skill-agent-updates, supply-chain, worktree-boundaries) |
+| `rules/` | Claude Code rules (7 files: cli-tools, commit-style, naming-conventions, prompt-injection, skill-agent-updates, supply-chain, worktree-boundaries) |
 | `tools/` | Modern CLI toolkit documentation |
 | `tests/` | Validation scripts + justfile |
 | `scripts/` | Install scripts |
-| `docs/` | PLAN.md, DASH.md, WORKFLOWS.md, SKILL-SUBAGENT-REFERENCE.md, AGENT-SKILLS-COMPLIANCE-BRIEF.md |
+| `docs/` | ARCHITECTURE.md, WORKFLOWS.md, PLAN.md, SKILL-SUBAGENT-REFERENCE.md, TERMINAL-DESIGN.md |
 
 ## Session Init
 
@@ -51,7 +51,7 @@ On "INIT:" message at session start:
 | Resource | Description |
 |----------|-------------|
 | `rules/cli-tools.md` | Modern CLI tool preferences (rg, fd, eza, bat) |
-| `rules/thinking.md` | Extended thinking triggers (think → ultrathink) |
+| `rules/prompt-injection.md` | Instruction-integrity defense - scan-on-entry, sanitize-on-ingest |
 | `skills/cli-ops/` | Production CLI patterns - agentic workflows, OS keyring auth, stream separation |
 | `docs/WORKFLOWS.md` | 10 workflow patterns from Anthropic best practices |
 | `skills/tool-discovery/` | Find the right library for any task |

README.md

@@ -12,13 +12,13 @@
 
 > *A comprehensive extension toolkit that transforms Claude Code into a specialized development powerhouse.*
 
-**claude-mods** is a production-ready plugin that extends Claude Code with 23 expert agents, 79 specialized skills, 13 output styles, 7 hooks, and modern CLI tools designed for real-world development workflows. Whether you're debugging React hooks, optimizing PostgreSQL queries, or building production CLI applications, this toolkit equips Claude with the domain expertise and procedural knowledge to work at expert level across multiple technology stacks.
+**claude-mods** is a production-ready plugin that extends Claude Code with 23 expert agents, 80 specialized skills, 13 output styles, 9 hooks, and modern CLI tools designed for real-world development workflows. Whether you're debugging React hooks, optimizing PostgreSQL queries, or building production CLI applications, this toolkit equips Claude with the domain expertise and procedural knowledge to work at expert level across multiple technology stacks.
 
 Built on the [Agent Skills specification](https://agentskills.io/specification) (an open standard backed by Anthropic, Vercel, Google, Microsoft, and 40+ agent platforms), claude-mods fills critical gaps in Claude Code's capabilities: persistent session state that survives across machines, on-demand expert knowledge for specialized domains, token-efficient modern CLI tools (10-100x faster than traditional alternatives), and proven workflow patterns for TDD, code review, and feature development. The toolkit implements Anthropic's [recommended patterns for long-running agents](https://www.anthropic.com/engineering/effective-harnesses-for-long-running-agents), ensuring your development context never vanishes when sessions end.
 
 From Python async patterns to Rust ownership models, from AWS Fargate deployments to Craft CMS development - claude-mods provides the specialized knowledge and tools that transform Claude from a general-purpose assistant into a domain expert who understands your stack, remembers your workflow, and ships production code.
 
-**23 agents. 79 skills. 13 styles. 7 hooks. 7 rules. One install.**
+**23 agents. 80 skills. 13 styles. 9 hooks. 7 rules. One install.**
 
 ## Recent Updates
 
@@ -136,7 +136,7 @@ Claude Code is powerful out of the box, but it has gaps. This toolkit fills them
 
 - **Session continuity** — Tasks vanish when sessions end. We fix that with `/save` and `/sync`, implementing Anthropic's [recommended pattern](https://www.anthropic.com/engineering/effective-harnesses-for-long-running-agents) for long-running agents.
 
-- **Expert-level knowledge on demand** — 22 specialized agents covering React, TypeScript, Python, Go, Rust, AWS, PostgreSQL, and more. Each agent is deeply researched with real-world patterns, not generic advice.
+- **Expert-level knowledge on demand** — 23 specialized agents covering React, TypeScript, Python, Go, Rust, AWS, PostgreSQL, and more. Each agent is deeply researched with real-world patterns, not generic advice.
 
 - **Modern CLI tools** — Stop using `grep`, `find`, and `cat`. Our rules automatically prefer `ripgrep`, `fd`, `eza`, and `bat` — 10-100x faster and token-efficient.
 
@@ -159,9 +159,9 @@ Claude Code is powerful out of the box, but it has gaps. This toolkit fills them
 ```
 claude-mods/
 ├── .claude-plugin/     # Plugin metadata
-├── agents/             # Expert subagents (22)
-├── commands/           # Slash commands (3)
-├── skills/             # Custom skills (67)
+├── agents/             # Expert subagents (23)
+├── commands/           # Slash commands (2)
+├── skills/             # Custom skills (80)
 ├── output-styles/      # Response personalities
 ├── hooks/              # Hook examples & docs
 ├── rules/              # Claude Code rules
@@ -262,6 +262,18 @@ See [skill-creator](skills/skill-creator/) for the complete guide.
 | [tailwind-ops](skills/tailwind-ops/) | Tailwind CSS patterns, v4 migration, components, configuration |
 | [color-ops](skills/color-ops/) | Color spaces, WCAG/APCA contrast checker, palette + harmony generators, CSS color functions, design tokens, color converter |
 | [genart-ops](skills/genart-ops/) | Generative art - three.js scenes, p5.js sketches, SVG generation, GLSL shaders, procedural algorithms, colour theory |
+| [unfold-admin](skills/unfold-admin/) | Django Unfold admin theme - ModelAdmin, dashboards, filters, widgets, theming |
+
+#### Python Skills
+| Skill | Description |
+|-------|-------------|
+| [python-async-ops](skills/python-async-ops/) | asyncio concurrency, aiohttp, error handling, sync/async mixing, production patterns |
+| [python-cli-ops](skills/python-cli-ops/) | Click/Typer/argparse CLIs, stream handling, packaging |
+| [python-database-ops](skills/python-database-ops/) | SQLAlchemy async, connection pooling, transactions |
+| [python-fastapi-ops](skills/python-fastapi-ops/) | FastAPI dependency injection, background tasks, Pydantic |
+| [python-observability-ops](skills/python-observability-ops/) | Structured logging, tracing, metrics for Python services |
+| [python-pytest-ops](skills/python-pytest-ops/) | pytest fixtures, parametrization, property-based testing |
+| [python-typing-ops](skills/python-typing-ops/) | Advanced generics, type narrowing, runtime validation |
 
 #### Data & API Skills
 | Skill | Description |
@@ -285,6 +297,17 @@ See [skill-creator](skills/skill-creator/) for the complete guide.
 | [debug-ops](skills/debug-ops/) | Systematic debugging, language-specific debuggers, common scenarios |
 | [perf-ops](skills/perf-ops/) | Performance profiling - CPU, memory, bundle analysis, load testing, flamegraphs |
 | [supply-chain-defense](skills/supply-chain-defense/) | Behavioural-first dependency security - Socket.dev (free CLI + depscore MCP), exposure-check (IOC match across npm/pnpm/yarn/bun/PyPI/Composer/Cargo/Go/RubyGems + extensions), integrity-audit (worm persistence), scan-extensions, install/manifest hooks |
+| [prompt-injection-defense](skills/prompt-injection-defense/) | Instruction-integrity defense - hidden Unicode scanning (bidi/Trojan Source, tag-block smuggling, zero-width), content sanitization, trust-boundary doctrine |
+| [security-ops](skills/security-ops/) | Reactive security auditing - 3 parallel agents (dependency CVEs, SAST patterns, auth/config review) consolidated into OWASP-mapped report |
+| [portless-ops](skills/portless-ops/) | Local-dev HTTPS proxy operations for Vercel Labs' portless - TLD selection, supervisor pairing, Windows gotchas |
+| [process-compose-ops](skills/process-compose-ops/) | Process Compose supervisor operations - YAML schema, readiness probes, dependency patterns, boot persistence |
+
+#### Workstation & Network Diagnostics
+| Skill | Description |
+|-------|-------------|
+| [windows-ops](skills/windows-ops/) | Windows workstation diagnostics - health audit, crash triage, drive mapping, dying-drive recovery |
+| [mac-ops](skills/mac-ops/) | macOS workstation diagnostics - TCC privacy permissions, wake reasons, Spotlight, APFS storage pressure |
+| [net-ops](skills/net-ops/) | Cross-platform network troubleshooting - layered ladder from link to app, IPv6 classifier, DoH detection, MTU/PMTU |
 
 #### CLI Tool Skills
 | Skill | Description |
@@ -296,12 +319,17 @@ See [skill-creator](skills/skill-creator/) for the complete guide.
 | [markitdown](skills/markitdown/) | Convert PDF, Word, Excel, PowerPoint, images to markdown |
 | [structural-search](skills/structural-search/) | Search code by AST structure with ast-grep |
 | [log-ops](skills/log-ops/) | Log analysis, JSONL processing, cross-log correlation, timeline reconstruction |
+| [leveldb-ops](skills/leveldb-ops/) | Read Chromium/Electron LevelDB stores (Local Storage, IndexedDB) - app-state forensics |
 
 #### Workflow Skills
 | Skill | Description |
 |-------|-------------|
 | [tool-discovery](skills/tool-discovery/) | Recommend agents and skills for any task |
 | [git-ops](skills/git-ops/) | Git orchestrator - commits, PRs, releases, changelog. Routes to background Sonnet agent. |
+| [github-ops](skills/github-ops/) | GitHub remote operations - repo creation, releases, metadata, README Recent Updates convention |
+| [push-gate](skills/push-gate/) | Pre-push safety gate - gitleaks + regex secret scan, forbidden-file check, no bypass |
+| [fleet-ops](skills/fleet-ops/) | Manage a fleet of concurrent Claude sessions - landing queue with test gate, pre-land scrub (experimental) |
+| [summon](skills/summon/) | Transfer Claude Desktop Code-tab sessions between accounts - push/pull with picker |
 | [doc-scanner](skills/doc-scanner/) | Scan and synthesize project documentation |
 | [project-planner](skills/project-planner/) | Track stale plans, suggest session commands |
 | [python-env](skills/python-env/) | Fast Python environment management with uv |
@@ -326,6 +354,10 @@ See [skill-creator](skills/skill-creator/) for the complete guide.
 | [refactor-ops](skills/refactor-ops/) | Safe refactoring patterns, code smell detection, test-driven methodology |
 | [scaffold](skills/scaffold/) | Project scaffolding - generate boilerplate for APIs, web apps, CLIs, monorepos |
 | [iterate](skills/iterate/) | Autonomous improvement loop - modify, measure, keep or discard, repeat. Inspired by Karpathy's autoresearch. |
+| [testing-ops](skills/testing-ops/) | Test strategy patterns - mocking, CI testing, test data design |
+| [claude-code-debug](skills/claude-code-debug/) | Troubleshoot Claude Code extensions - skills not loading, hooks not firing |
+| [claude-code-headless](skills/claude-code-headless/) | Run Claude Code programmatically - headless mode, output formats, CI/CD scripting |
+| [claude-code-hooks](skills/claude-code-hooks/) | Claude Code hook system - events, configuration, security patterns |
 
 ### Hooks
 
@@ -338,6 +370,8 @@ See [skill-creator](skills/skill-creator/) for the complete guide.
 | [pre-install-scan.sh](hooks/pre-install-scan.sh) | PreToolUse | Advisory on dependency installs (npm/pnpm/yarn/bun/pip/uv/poetry/composer/gem/cargo, incl. `composer update`) - route through Socket, respect cooldown; `SUPPLY_CHAIN_BLOCK=1` for a hard gate |
 | [manifest-dep-scan.sh](hooks/manifest-dep-scan.sh) | PostToolUse | Advisory when the agent edits a dependency manifest (package.json/requirements/composer.json/Cargo.toml/go.mod/Gemfile) - depscore + cooldown the added package; silent on version bumps |
 | [check-mail.sh](hooks/check-mail.sh) | PreToolUse | Check for unread pmail via signal file (no cooldown, zero-cost when empty) |
+| [session-start-unicode-scan.sh](hooks/session-start-unicode-scan.sh) | SessionStart | One-shot hidden-Unicode scan of project instruction files at boot (silent on clean) |
+| [pre-commit-unicode-scan.sh](hooks/pre-commit-unicode-scan.sh) | Git pre-commit | Block commits that add critical hidden Unicode (bidi, tag-block) to instruction files |
 
 ### Output Styles
 
@@ -390,11 +424,12 @@ See [skill-creator](skills/skill-creator/) for the complete guide.
 | Rule | Description |
 |------|-------------|
 | [cli-tools.md](rules/cli-tools.md) | Modern CLI tool preferences (fd, rg, eza, bat, etc.) |
-| [thinking.md](rules/thinking.md) | Extended thinking triggers (think → ultrathink) |
 | [commit-style.md](rules/commit-style.md) | Conventional commits format and examples |
 | [naming-conventions.md](rules/naming-conventions.md) | Component naming patterns for agents, skills, commands |
+| [prompt-injection.md](rules/prompt-injection.md) | Instruction-integrity defense - scan-on-entry, sanitize-on-ingest, hidden-Unicode hygiene |
 | [skill-agent-updates.md](rules/skill-agent-updates.md) | Mandatory docs check before creating/updating skills or agents |
 | [supply-chain.md](rules/supply-chain.md) | Behavioural-first dependency hygiene - scan before adding, day-zero cooldown, OIDC audit, persistence-hook awareness |
+| [worktree-boundaries.md](rules/worktree-boundaries.md) | Never touch other sessions' worktrees - no rm -rf, no git add -A sweeping gitlinks |
 
 ### Tools & Hooks
 

docs/PLAN.md

@@ -3,198 +3,73 @@
 **Goal**: A centralized repository of custom Claude Code commands, agents, and skills that enhance Claude Code's native capabilities with persistent session state, specialized expert agents, and streamlined workflows.
 
 **Created**: 2025-11-27
-**Last Updated**: 2026-03-09
+**Last Updated**: 2026-06-10
 **Status**: Active Development
 
+> Historical record of what shipped lives in [CHANGELOG.md](../CHANGELOG.md) and the
+> README "Recent Updates" section. This file only tracks what's *next*.
+
 ---
 
 ## Current Inventory
 
 | Component | Count | Notes |
 |-----------|-------|-------|
-| Agents | 23 | Domain experts + git-agent background worker |
-| Skills | 64 | Operational skills, CLI tools, workflows, dev tasks |
+| Agents | 23 | Domain experts + git-agent background worker (cull in progress — see below) |
+| Skills | 80 | Operational skills, CLI tools, workflows, diagnostics, security |
 | Commands | 2 | Session management (sync, save) |
-| Rules | 5 | CLI tools, thinking, commit style, naming, skill-agent-updates |
-| Output Styles | 4 | Vesper, Spartan, Mentor, Executive |
-| Hooks | 3 | pre-commit-lint, post-edit-format, dangerous-cmd-warn |
-
----
+| Rules | 7 | cli-tools, commit-style, naming-conventions, prompt-injection, skill-agent-updates, supply-chain, worktree-boundaries |
+| Output Styles | 13 | Vesper, Spartan, Mentor, Executive, Pair, Atlas, Coach, Harbour, Meridian, Noir, Roast, Sage, Scout |
+| Hooks | 9 | lint, format, safety, uv, install-scan, manifest-scan, pmail, unicode-scan ×2 |
 
-## Completed Milestones
-
-### Core Infrastructure
-- [x] Session continuity (`/save`, `/sync`)
-- [x] Plan persistence to `docs/PLAN.md`
-- [x] Agent genesis system (`/spawn`)
-- [x] Installation scripts (Unix + Windows)
-
-### Expert Agents (22)
-- [x] Languages: Python, TypeScript, JavaScript, Go, Rust, SQL, Bash
-- [x] Frontend: React, Vue, Astro
-- [x] Backend: Laravel, PayloadCMS, CraftCMS
-- [x] Infrastructure: AWS Fargate, Cloudflare, Wrangler
-- [x] Testing: Cypress
-- [x] Databases: PostgreSQL, SQL patterns
-- [x] Specialized: Claude-architect, Project-organizer
-
-### Skills (38)
-- [x] Python patterns (8): async, cli, database, env, fastapi, observability, pytest, typing
-- [x] Claude Code internals: debug, headless, hooks, templates
-- [x] Workflows: git, data-processing, structural-search, task-runner
-- [x] Patterns: REST, SQL, security, testing, tailwind
-- [x] Development: explain, spawn, atomise, setperms, introspect, review, testgen
-
-### Commands (2)
-- [x] Session: `/save`, `/sync`
-
-### Documentation
-- [x] ARCHITECTURE.md - Extension system guide with authority levels
-- [x] README.md - Project overview and usage
-- [x] AGENTS.md - Quick reference
+Counts are enforced by the CI doc-drift gate (see roadmap) — if this table rots, CI fails.
 
 ---
 
-## Enhancement Roadmap
-
-### Tier 1: High Impact, Low Effort
-
-#### Output Style Variations
-
-| Style | Personality | Best For |
-|-------|-------------|----------|
-| **Vesper** | Sophisticated British wit | General work (exists) |
-| **Spartan** | Minimal, bullet-points only | Quick tasks |
-| **Mentor** | Patient, educational | Learning, onboarding |
-| **Executive** | High-level summaries | Non-technical stakeholders |
-
-#### Rules Expansion
-
-| Rule | Purpose | Status |
-|------|---------|--------|
-| `cli-tools.md` | Modern CLI preferences | Done |
-| `thinking.md` | Extended thinking triggers | Done |
-| `commit-style.md` | Conventional commits format | Done |
-| `naming-conventions.md` | Component naming patterns | Done |
-| `code-review.md` | Review checklist | Future |
-| `testing-philosophy.md` | Coverage expectations | Future |
+## Active Roadmap (June 2026 strategic review)
 
-#### Hook Implementations
+### Phase 1 — Hygiene & truth (v2.11)
 
-| Hook | Purpose |
-|------|---------|
-| `pre-commit-lint.sh` | Run linter before committing |
-| `post-edit-format.sh` | Auto-format after edits |
-| `dangerous-cmd-warn.sh` | Confirm destructive commands |
+- [x] README skill/hook/rule tables match disk (24 missing skills added)
+- [x] Remove ghost references (`rules/thinking.md`, `docs/DASH.md`)
+- [x] Rename `tests/skills/functional/git-workflow.*` → `git-cli-tools.*`
+- [ ] `CHANGELOG.md` (keep-a-changelog format, seeded from Recent Updates)
+- [ ] CI: doc-drift gate (counts on disk vs README claims, ghost-link check)
+- [ ] CI: run every `skills/*/tests/run.sh` behavioural suite
 
-### Tier 2: High Impact, Medium Effort
+### Phase 2 — Skills-first restructure (v3.0)
 
-#### Agent Gaps
+- [ ] **Agent cull**: deprecate language/framework experts with `-ops` skill twins
+      (python, typescript, javascript, go, rust, react, vue, astro, laravel).
+      Fold unique agent content into the twin skill first. Keep: git-agent,
+      claude-architect, firecrawl-expert, niche experts without skill twins.
+- [ ] **claude-code-internals**: merge + refresh claude-code-debug /
+      claude-code-headless / claude-code-hooks against current official docs
+      (new hook events, skill frontmatter fields, CLI flags).
+- [ ] **New skills**: claude-api-ops (Messages API, tool use, caching, Agent SDK),
+      playwright-ops, terraform-ops.
 
-| Agent | Why It Matters |
-|-------|----------------|
-| `docker-expert` | Containerisation is ubiquitous |
-| `github-actions-expert` | CI/CD complexity |
-| `nextjs-expert` | App Router specifics |
-| `testing-architect` | Strategy decisions |
-| `api-design-expert` | OpenAPI, versioning |
+### Phase 3 — Distribution & native-feature adoption
 
-#### Skill Gaps
-
-| Skill | Purpose |
-|-------|---------|
-| `debug` | Systematic debugging workflow |
-| `migrate` | Framework/version upgrades |
-| `refactor` | Safe refactoring |
-| `secure` | Security audit checklist |
-
-#### Skill Parity
-
-Languages needing Python-level depth:
-- `typescript-patterns/`
-- `go-patterns/`
-- `rust-patterns/`
-
-### Tier 3: Strategic Expansions
-
-- **Template System**: Project scaffolding via `/scaffold`
-- **MCP Server Catalog**: Curated high-value servers
-- **Feedback System**: Track tool effectiveness
-
----
-
-## Priority Matrix
-
-```
-                    IMPACT
-                    High         Low
-            +-----------+-----------+
-       Low  | Output    | Templates |
-            | Styles    |           |
-    EFFORT  | Rules     | MCP       |
-            | Hooks     | Catalog   |
-            +-----------+-----------+
-       High | Agent     | Analytics |
-            | Gaps      |           |
-            | Skills    | Lang      |
-            |           | Parity    |
-            +-----------+-----------+
-```
-
----
-
-## Immediate Next Steps
-
-### Command-to-Skill Consolidation (Complete)
-
-Most commands have been converted to skills for better discovery and on-demand loading. See `docs/COMMAND-SKILL-PATTERN.md`.
-
-**Completed conversions:**
-- [x] `/testgen` → `skills/testgen/`
-- [x] `/review` → `skills/review/`
-- [x] `/explain` → `skills/explain/`
-- [x] `/spawn` → `skills/spawn/`
-- [x] `/atomise` → `skills/atomise/`
-- [x] `/setperms` → `skills/setperms/`
-- [x] `/introspect` → `skills/introspect/`
-
-**Remaining as commands:**
-- `/sync` - Session bootstrap (paired with /save)
-- `/save` - Session persistence (paired with /sync)
-
----
-
-### Planned Work
-
-- [x] Create `rules/commit-style.md`
-- [x] Create `rules/naming-conventions.md`
-- [x] Create Spartan output style
-- [x] Create Mentor output style
-- [x] Create Executive output style
-- [x] Add `debug-ops` skill (systematic debugging workflow)
-- [x] Add 3 hook implementations (lint, format, safety)
-- [x] Add `migrate-ops` skill (framework/language upgrades)
-- [x] Add `refactor-ops` skill (safe refactoring patterns)
-- [x] Add `scaffold` skill (project scaffolding)
-- [x] Add `perf-ops` skill (performance profiling)
-- [x] Add `log-ops` skill (JSONL/log analysis)
-- [ ] Add docker-expert agent
-- [ ] Install lnav on Windows for log analysis
+- [ ] Submit to community marketplace (claude.ai/settings/plugins/submit)
+- [ ] Reposition /save + /sync as session introspection + team-shareable state
+      (native auto-memory now covers solo persistence)
+- [ ] Adopt new hook events (ConfigChange guard for supply-chain-defense,
+      WorktreeCreate/Remove for worktree-boundaries, InstructionsLoaded for
+      unicode scanning)
+- [ ] Skill-scoped hooks: move manifest-dep-scan inside supply-chain-defense
+- [ ] Evaluate agent teams as fleet-ops v2 substrate
 
 ---
 
 ## Open Questions
 
-- Should agents auto-update from a central registry?
-- How to handle agent versioning?
-- Should there be a "recommended agents" list per project type?
+- Should output styles be repositioned as "persona kits"? (still natively supported,
+  but de-emphasized)
+- Skill description budget at 80+ skills — document `skillOverrides` guidance?
 
 ---
 
 ## Guiding Principle
 
 > The best enhancements solve problems you've already felt. Follow the pain.
-
----
-
-*Plan managed by `/save` command. Last updated: 2026-03-09*

tests/skills/README.md

@@ -38,7 +38,7 @@ tests/skills/
 └── functional/
     ├── data-processing.sh    # jq, yq tests
     ├── code-stats.sh         # tokei, difft tests
-    ├── git-workflow.sh       # gh, delta, lazygit tests
+    ├── git-cli-tools.sh      # gh, delta, lazygit tests
     └── structural-search.sh  # ast-grep tests
 ```
 
@@ -130,7 +130,7 @@ Each functional test:
 - 3 tokei tests (line counts, JSON output)
 - 3 difft tests (file comparison, syntax-aware)
 
-#### git-workflow.sh
+#### git-cli-tools.sh
 - 4 gh tests (auth, repo, API)
 - 3 delta tests (diff formatting)
 - 1 lazygit test (version check)

tests/skills/functional/git-workflow.md → tests/skills/functional/git-cli-tools.md

@@ -1,4 +1,4 @@
-# git-workflow Functional Tests
+# Git CLI Tools Functional Tests
 
 Verify git workflow tools work correctly.
 

tests/skills/functional/git-workflow.sh → tests/skills/functional/git-cli-tools.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Functional tests for git-workflow skill
+# Functional tests for git CLI tools (gh, delta, lazygit) used by git-ops
 # Tests gh (GitHub CLI) and delta
 
 set -euo pipefail
@@ -190,7 +190,7 @@ test_lazygit_version() {
 # === Run Tests ===
 
 main() {
-    echo "=== git-workflow functional tests ==="
+    echo "=== git-cli-tools functional tests ==="
     echo ""
 
     check_prereqs

tests/skills/manual-trigger-test.md

@@ -22,8 +22,8 @@ Run these tests in a **fresh Claude Code session** to verify skills are invoked
 | 8 | "Find all TypeScript files" | file-search | fd | |
 | 9 | "Fuzzy find the config file" | file-search | fzf | |
 | 10 | "Batch replace newName with newName across all files" | find-replace | sd | |
-| 11 | "Create a PR for this branch" | git-workflow | gh | |
-| 12 | "Show git diff with syntax highlighting" | git-workflow | delta | |
+| 11 | "Create a PR for this branch" | git-ops | gh | |
+| 12 | "Show git diff with syntax highlighting" | git-ops | delta | |
 | 13 | "Set up a Python environment with uv" | python-env | uv | |
 | 14 | "Install these Python dependencies" | python-env | uv pip | |
 | 15 | "Run the project tests" | task-runner | just | |

tests/skills/run-tests.sh

@@ -38,7 +38,7 @@ Tests:
     triggers        Trigger keyword validation
     data-processing Functional tests for data-processing skill
     code-stats      Functional tests for code-stats skill
-    git-workflow    Functional tests for git-workflow skill
+    git-cli-tools   Functional tests for git CLI tools (gh, delta, lazygit)
     structural-search Functional tests for structural-search skill
 
 Examples:
@@ -80,7 +80,7 @@ run_functional() {
     local tests=("$@")
 
     if [[ ${#tests[@]} -eq 0 ]]; then
-        tests=(data-processing code-stats git-workflow structural-search)
+        tests=(data-processing code-stats git-cli-tools structural-search)
     fi
 
     for test in "${tests[@]}"; do

tests/skills/trigger-tests.md

@@ -89,7 +89,7 @@ Test cases to verify skills activate on expected keywords.
 
 ---
 
-## git-workflow
+## git-ops (formerly git-workflow)
 
 **Triggers:** stage changes, create PR, review PR, check issues, git diff, commit interactively, GitHub operations, rebase, stash, bisect