feat(workflow): H1->SpecDD auto-advance — sentinel hook + dispatch script + M3 imperatives (Phase 1)

[sgwannabe]

Summary

Phase 1 of 2 — addresses user-reported gap: /pf:new did not auto-advance into SpecDD after H1 freeze (design-approved.json lock written but no Task dispatch). Phase 2 (preview server after H2) follows in a separate PR.

Three-layer fix:

• NEW scripts/dispatch-spec-cycle.sh — machine-verifiable lock validator. Mirrors scripts/h1-modal-helper.sh style (single-line JSON via python3 for fail-closed encoding).
• NEW plugins/preview-forge/hooks/post-h1-signal.py — PostToolUse hook on Write. When runs/<id>/design-approved.json is written and chosen_preview.json.lock is already present, drops runs/<id>/.h1-frozen-signal + appends a Blackboard h1.frozen row. Bounded stdin (4 MiB cap, MemoryError catch — W1.3 hardening). Always exits 0.
• MODIFIED hooks.json (added new PostToolUse Write matcher; existing entries preserved), chief-engineer-pm.md §3.9 (imperative Task block), run-supervisor.md §1 (sentinel polling rule), commands/new.md L11 (zero-input dispatch contract).

Side-effect / breaking-change table

Risk	Status
Existing valid /pf:new runs that auto-advanced via M3 markdown	No regression — markdown is additive (§3.9 sits after existing §3 H1 / A-5 sections; old text untouched).
hooks.json existing PostToolUse entries (askuser-enforcement, auto-retro-trigger)	Unchanged. New matcher appended as a sibling object; JSON validates.
PostToolUse hook fires on EVERY Write — perf impact?	Negligible. Hook short-circuits at the regex match in <1 ms; only does fs work if path matches runs/*/design-approved.json AND chosen_preview.json.lock exists.
Markdown imperatives affecting tests/test-advocate-boilerplate.sh	No — boilerplate hash test scopes to advocate files only; M3 / run-supervisor / new.md are out of scope. Verified green post-edit.
run-supervisor.md polling rule executable in M1's mental model?	Yes — same find polling pattern already used elsewhere in this file (Blackboard polling §3). The runs/.last-spec-dispatch watermark is now seeded with an epoch-0 touch on first poll (codex P1 fix below).
All 13+ regression suites green	Yes (verified).

Verification

Unit:

• bash scripts/dispatch-spec-cycle.sh <empty_dir> → exit 2 + stderr (correct).
• bash scripts/dispatch-spec-cycle.sh <dir_with_3_files> → exit 0 + JSON byte-shape {"action":"dispatch","agent":"SPEC_LEAD","input_dir":"...","run_id":"..."} (correct).
• python3 -c 'import json; json.load(open("plugins/preview-forge/hooks/hooks.json"))' — passes.
• post-h1-signal.py integration: with both lock files present + CLAUDE_PLUGIN_ROOT pointed at the plugin, sentinel + Blackboard row both written. Without chosen_preview.json.lock, no sentinel written (correctly silent).

Regression (all green):

• scripts/verify-plugin.sh — Pass 57 / Fail 0
• tests/fixtures/security/verify-security.sh
• tests/test-advocate-boilerplate.sh
• for p in standard pro max; do tests/e2e/mock-bootstrap.sh "$p"; done — all PASS
• tests/fixtures/lesson07-regression/verify-lesson07.sh
• tests/fixtures/cache-concurrency/test-{race-window,self-heal,5way}.sh
• tests/fixtures/filled-ratio-gating/verify.sh
• tests/fixtures/h1-modal-swap/verify.sh
• tests/fixtures/spec-anchor-convergence/verify.sh

Codex review

One pass. P1: 1 (applied), P2: 2 (deferred), P3: 0.

P1 (applied)

• Initialize .last-spec-dispatch before polling H1 signals (run-supervisor.md). Fresh install had no watermark → find -newer returned 0 + exit 1, making the first H1 signal invisible. Fix: documented [ -f runs/.last-spec-dispatch ] || touch -t 197001010000 runs/.last-spec-dispatch guard before the polling find so the baseline is always discoverable.

P2 (deferred to follow-up PR)

• Per-run dispatch tracking instead of one shared watermark. Single runs/.last-spec-dispatch can lose events if multiple runs reach H1 between polls. Mitigation suggestion: switch idempotency marker to runs/<id>/.spec-dispatched per-run flag. Defer because (a) Preview Forge's standard usage is one run at a time and (b) Phase 2 will revisit the standup loop anyway.
• Require mitigations.json in dispatch-spec-cycle.sh. spec-lead.md treats it as required input and /pf:design can regenerate it after override; current validator passes without it. Defer because (a) the current 3-file gate matches what the plan explicitly enumerated and (b) tightening to 4 files is a separable spec/policy change worth its own review.

Refs

• User-reported gap (Phase 1 of plan noble-enchanting-floyd): /pf:new did not auto-advance into SpecDD after H1 freeze.
• Phase 2 (preview server after H2) — separate PR.

🤖 Generated with Claude Code

[gemini-code-assist]

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

[coderabbitai]

Warning

Rate limit exceeded

@sgwannabe has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 21 minutes and 14 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 21 minutes and 14 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: db240dbc-2bb9-4e9d-b474-1b5311b38941

📥 Commits

Reviewing files that changed from the base of the PR and between 86053b0 and 3d2c75b.

📒 Files selected for processing (6)

• plugins/preview-forge/agents/meta/chief-engineer-pm.md
• plugins/preview-forge/agents/meta/run-supervisor.md
• plugins/preview-forge/commands/new.md
• plugins/preview-forge/hooks/hooks.json
• plugins/preview-forge/hooks/post-h1-signal.py
• scripts/dispatch-spec-cycle.sh

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/h1-specdd-auto-advance

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 06eedbdfff

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Call dispatch validator via plugin-root absolute path

The new imperative uses bash scripts/dispatch-spec-cycle.sh runs/<id>/, but Preview Forge sessions run from user workspaces (created by pf init) where scripts/ is not present, and M1 pre-flight explicitly avoids operating inside the plugin repo. In that normal runtime context this command becomes No such file or directory, so H1→SpecDD auto-advance cannot produce the dispatch JSON. Use the same ${CLAUDE_PLUGIN_ROOT}/../../scripts/... form already used in this file for other scripts.

Useful? React with 👍 / 👎.

[sgwannabe]

지적 정확합니다. 사용자 workspace(pf init로 생성된 환경)에는 plugin repo의 scripts/ 디렉터리가 없으므로 bare scripts/dispatch-spec-cycle.sh 호출은 No such file or directory로 실패합니다.

§3.9 검증 스크립트 호출을 같은 파일의 다른 §3 helper들(generate-gallery.sh, open-browser.sh, h1-modal-helper.sh, generate-spec-anchor-audit.py)과 동일한 ${CLAUDE_PLUGIN_ROOT}/../../scripts/... 절대 경로 형태로 통일했습니다 (commit 3d2c75b).

전체 회귀 suite (verify-plugin / security / e2e standard·pro·max / advocate-boilerplate / lesson07 / cache-concurrency 3종 / filled-ratio-gating / h1-modal-swap / spec-anchor-convergence) 모두 그린 확인했습니다.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 3d2c75bfe1

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Whitelist dispatch validator in M3 Bash scope

§3.9 now requires M3 to run dispatch-spec-cycle.sh, but this agent’s own allowed_scope still limits Bash to generate-gallery.sh and open-browser.sh; that contradiction means the model can legitimately refuse the new command and stall H1→SpecDD auto-advance even when the hook signal exists. Please add this script to the Bash allowlist (or move execution to an agent that already allows it) so the new imperative is actually executable.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Detect H1 completion on Edit writes too

The new hook only handles Write, so if design-approved.json is updated through Edit (e.g., rerunning or correcting Gate H1 on an existing run file), no .h1-frozen-signal is emitted and the SpecDD auto-dispatch path is skipped. This should mirror the existing post-write hooks that handle multiple edit tools to avoid missing valid freeze events.

Useful? React with 👍 / 👎.