v0.30.0 — terminal-agent mutator/spotter loop + Anthropic standard pipeline

Two architectural fixes verified via live multi-agent E2E test (terminal
Claude CLI agents on Pro-plan auth, $0 cost, no API key):

1. β LLM filer (spotter) refactored from `spawn claude` subprocess to the
   queue-based terminal-agent pattern that CliClaudeMutator already uses:

     sc-api enqueues task_queue_pg row (role='mutator-general')
         → terminal Claude CLI agent claims via zc_claim_task
         → reasons over signals with Sonnet 4.6
         → persists to mutation_results_pg side-channel (hash-verified)
         → broadcasts STATUS state='spotter-filer-result' with pointer
         → β filer polls PG broadcasts, fetches + decodes decisions

   Bug found + fixed during E2E: agent emitted `signal_id` as string,
   validator required number. Now coerces numeric strings.

2. v0.29.0 Anthropic skill-design standard (four invariants, script rules,
   scope matrix, composition principles) consolidated into a single source
   of truth at src/skills/anthropic_standard.ts and injected into
   buildProposerPrompt so candidates respect the standard at generation
   time, not just at admission time.

   The standard is exposed via GET /api/v1/skills/standard so the dispatcher
   (A2A_dispatcher) can sync it into mutator-* deepPrompts without a repo
   checkout. With the dispatcher-side change, the standard reaches the
   agent at spawn time — the per-task `payload.proposer_prompt` bridge in
   cli_claude.ts is no longer needed and has been removed.

Live verification:
- spotter run 50126b81: 12 signals → 12 decoded → all 12 rejected
  (6 dup, 3 variable-instance, 2 low-signal, 1 fits-in-prompt) — agent
  applied conservative judgment per standard
- mutation task mut-v030-test-mpe2ruag: 5 candidates generated in ~3.5min,
  best self-rated 0.85. Candidate 5 explicitly cites the Anthropic
  composition principle by name and proposes a decomposition into a
  composable `ci-gate` sub-skill — proves the standard reached the
  agent's reasoning context.

Files:
- src/skills/anthropic_standard.ts (new) — single source of truth
- src/skills/mutator.ts — buildProposerPrompt now embeds the standard
- src/skills/mutators/cli_claude.ts — removed payload.proposer_prompt bridge
- src/skills/spotter/llm_filer.ts — queue+poll refactor, type coercion
- src/api-server.ts — /api/v1/skills/standard endpoint + project_path on llm-file
- examples/skills/writing-skills/scripts/preview-admission.py — UTF-8 stdout
  fix for Windows cp1252 terminals
- scripts/_reprocess_spotter_filer.mjs — replay tool for re-decoding existing
  side-channel rows after validator bug fixes

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: sw-architect

.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "zc-ctx",
-  "version": "0.29.0",
+  "version": "0.30.0",
   "description": "Secure memory + persistent context + skill-admission gate for Claude Code. HMAC-chained tool_calls + outcomes, per-agent HKDF subkey isolation, Postgres RLS, work-stealing task queue, MemGPT-style persistent memory, Agent Notebook Model (Read→Summary redirect), and v0.26.0+ Anthropic-style filesystem skills with AST-based admission scanning, HMAC tamper detection, chained audit log, and marketplace bundled-script support. 30+ MCP tools. MIT license.",
   "type": "mcp",
   "mcp": {

examples/skills/writing-skills/scripts/preview-admission.py

@@ -20,6 +20,7 @@
 checks plus a local AST scan via the bundled py_ast_walker (if findable).
 """
 import argparse
+import io
 import json
 import os
 import subprocess
@@ -28,6 +29,13 @@
 import urllib.request
 from pathlib import Path
 
+# Force UTF-8 stdout on Windows so unicode marker chars don't crash cp1252.
+if sys.stdout.encoding and sys.stdout.encoding.lower() not in ("utf-8", "utf8"):
+    try:
+        sys.stdout.reconfigure(encoding="utf-8")  # type: ignore[attr-defined]
+    except AttributeError:
+        sys.stdout = io.TextIOWrapper(sys.stdout.buffer, encoding="utf-8")
+
 
 def find_py_ast_walker() -> Path | None:
     """Locate scripts/py_ast_walker.py from the SecureContext repo if available."""

package.json

@@ -1,6 +1,6 @@
 {
   "name": "zc-ctx",
-  "version": "0.29.0",
+  "version": "0.30.0",
   "description": "Secure memory & context optimization MCP plugin for Claude Code — drop-in replacement for context-mode with credential isolation, SSRF protection, MemGPT-style persistent memory, and A2A multi-agent broadcast channel",
   "keywords": [
     "claude-code",

scripts/_reprocess_spotter_filer.mjs

@@ -0,0 +1,128 @@
+// One-shot reprocess: re-run the β filer's persistence step against an
+// already-existing mutation_results_pg row. Used to validate the type-coercion
+// bug fix without burning another Sonnet call.
+//
+// Usage: node scripts/_reprocess_spotter_filer.mjs <run_id>
+
+import { withClient } from "/app/dist/pg_pool.js";
+import { randomUUID } from "node:crypto";
+
+const runId = process.argv[2];
+if (!runId) {
+  console.error("usage: node _reprocess_spotter_filer.mjs <run_id>");
+  process.exit(1);
+}
+
+// 1. Fetch the existing mutation_results row.
+const row = await withClient(async (c) => {
+  const r = await c.query(
+    `SELECT result_id, bodies, bodies_hash, candidate_count
+       FROM mutation_results_pg
+      WHERE mutation_id = $1
+      ORDER BY created_at DESC LIMIT 1`,
+    [runId],
+  );
+  return r.rows[0] ?? null;
+});
+if (!row) {
+  console.error(`No mutation_results row for run_id=${runId}`);
+  process.exit(1);
+}
+
+console.log(`Found result_id=${row.result_id} with ${row.candidate_count} bodies`);
+
+// 2. Decode bodies as decisions, applying the new lenient validation.
+const bodies = JSON.parse(row.bodies);
+const VALID_OUTCOMES = new Set([
+  "filed_candidate", "rejected_low_signal", "rejected_not_procedural",
+  "rejected_fits_in_prompt", "rejected_duplicate", "rejected_variable_instances",
+]);
+
+const decisions = [];
+for (const body of bodies) {
+  let parsed;
+  try { parsed = JSON.parse(body.candidate_body); }
+  catch (e) { console.warn("malformed body, skip:", e.message); continue; }
+  const coercedId = typeof parsed.signal_id === "number"
+    ? parsed.signal_id
+    : (typeof parsed.signal_id === "string" && /^-?\d+$/.test(parsed.signal_id)
+        ? parseInt(parsed.signal_id, 10)
+        : NaN);
+  if (!Number.isFinite(coercedId)) {
+    console.warn(`skip: bad signal_id=${JSON.stringify(parsed.signal_id)}`);
+    continue;
+  }
+  if (!VALID_OUTCOMES.has(parsed.outcome)) {
+    console.warn(`skip: bad outcome=${parsed.outcome}`);
+    continue;
+  }
+  decisions.push({ ...parsed, signal_id: coercedId });
+}
+
+console.log(`Decoded ${decisions.length} valid decisions`);
+
+// 3. Apply decisions to skill_spotter_signals_pg + skill_candidates_pg.
+const byOutcome = {
+  filed_candidate: 0, rejected_low_signal: 0, rejected_not_procedural: 0,
+  rejected_fits_in_prompt: 0, rejected_duplicate: 0, rejected_variable_instances: 0,
+};
+let candidatesFiled = 0;
+
+for (const d of decisions) {
+  byOutcome[d.outcome]++;
+  if (d.outcome === "filed_candidate" && d.candidate) {
+    const candidateId = randomUUID();
+    const cand = d.candidate;
+    await withClient(async (c) => {
+      await c.query(
+        `INSERT INTO skill_candidates_pg (
+           candidate_id, project_hash, target_role, rejection_count,
+           first_rejection_at, last_rejection_at, rejection_outcomes,
+           headline, proposed_skill_body, proposed_at, status
+         ) VALUES ($1, $2, $3, $4, now(), now(), $5::jsonb,
+                   $6, $7, now(), 'ready')`,
+        [
+          candidateId, "spotter-global", "developer", 0,
+          JSON.stringify({ source: "skill-spotter", signal_id: d.signal_id, scope: cand.scope, result_id: row.result_id, bodies_hash: row.bodies_hash }),
+          `[spotter] ${cand.skill_name}: ${(cand.description ?? "").slice(0, 140)}`,
+          `---\nname: ${cand.skill_name}\ndescription: |\n  ${cand.description}\nscope: ${cand.scope}\n---\n\n${cand.proposed_skill_body}`,
+        ],
+      );
+      await c.query(
+        `UPDATE skill_spotter_signals_pg
+            SET outcome = 'filed_candidate', outcome_reason = $2, candidate_id = $3::uuid
+          WHERE signal_id = $1`,
+        [d.signal_id, d.outcome_reason ?? "", candidateId],
+      );
+    });
+    candidatesFiled++;
+    console.log(`  filed: signal_id=${d.signal_id} as ${cand.skill_name}`);
+  } else {
+    await withClient(async (c) => {
+      await c.query(
+        `UPDATE skill_spotter_signals_pg
+            SET outcome = $2, outcome_reason = $3
+          WHERE signal_id = $1`,
+        [d.signal_id, d.outcome, d.outcome_reason ?? ""],
+      );
+    });
+    console.log(`  signal_id=${d.signal_id}: ${d.outcome}`);
+  }
+}
+
+// 4. Update the spotter run row.
+await withClient(async (c) => {
+  await c.query(
+    `UPDATE skill_spotter_runs_pg
+        SET mode = 'llm-proposed', candidates_filed = $2
+      WHERE run_id = $1`,
+    [runId, candidatesFiled],
+  );
+});
+
+console.log("");
+console.log("=== REPROCESS COMPLETE ===");
+console.log(`signals_processed: ${decisions.length}`);
+console.log(`candidates_filed:  ${candidatesFiled}`);
+console.log("by_outcome:        ", JSON.stringify(byOutcome));
+process.exit(0);

src/api-server.ts

@@ -1299,6 +1299,22 @@ export async function createApiServer(storeOverride?: Store) {
     }
   });
 
+  // v0.30.0 — expose the v0.29.0 Anthropic skill-design standard so external
+  // consumers (e.g. A2A_dispatcher's sync-standard-from-securecontext.mjs)
+  // can pull it without needing a checkout of this repo.
+  app.get("/api/v1/skills/standard", async (_request, reply) => {
+    try {
+      const { ANTHROPIC_SKILL_STANDARD } = await import("./skills/anthropic_standard.js");
+      reply.type("application/json").send({
+        version:  "v0.29.0",
+        length:   ANTHROPIC_SKILL_STANDARD.length,
+        standard: ANTHROPIC_SKILL_STANDARD,
+      });
+    } catch (e) {
+      reply.status(500).type("application/json").send({ error: (e as Error).message });
+    }
+  });
+
   // v0.28.0-α — Signals from one run.
   app.get("/api/v1/skills/spotter/runs/:run_id", async (request, reply) => {
     try {
@@ -1311,25 +1327,38 @@ export async function createApiServer(storeOverride?: Store) {
     }
   });
 
-  // v0.28.0-β — Run the LLM filer on a specific spotter run. Spawns the
-  // claude CLI subprocess with sonnet-4-6, applies the four Anthropic
-  // skill-quality gates to each observed signal, files matching ones as
-  // skill_candidates_pg rows with status='ready' (operator approves to
-  // trigger the existing mutator-generated body → admission flow).
+  // v0.28.0-β — Run the LLM filer on a specific spotter run.
+  // v0.30.0 — REFACTORED: enqueues a skill-spotter-filer task into the
+  // mutator pool. A terminal Claude CLI agent (Pro-plan auth) claims it,
+  // applies the four Anthropic skill-quality gates to each observed signal,
+  // stores decisions in the mutation_results side-channel, and broadcasts
+  // a STATUS pointer. The β filer then writes filed_candidate decisions to
+  // skill_candidates_pg with status='ready'.
   //
-  // Cost: ~$0.15 per run with the operator's Pro plan. Time: ~30-90s.
+  // Cost: $0 (Pro plan). Time: ≤ timeout_ms (default 10 min).
   //
   // POST /api/v1/skills/spotter/runs/:run_id/llm-file
-  //   [?model=claude-sonnet-4-6] [?timeout_ms=300000]
+  //   [?project_path=...] [?agent_role=mutator] [?timeout_ms=600000]
+  // project_path falls back to ZC_SPOTTER_DEFAULT_PROJECT_PATH if unset.
   app.post("/api/v1/skills/spotter/runs/:run_id/llm-file", async (request, reply) => {
     try {
       const { run_id } = request.params as { run_id: string };
-      const { model, timeout_ms } = request.query as Record<string, unknown>;
+      const q = request.query as Record<string, unknown>;
+      const projectPath = (typeof q.project_path === "string" && q.project_path.trim())
+        ? q.project_path
+        : process.env.ZC_SPOTTER_DEFAULT_PROJECT_PATH;
+      if (!projectPath) {
+        reply.status(400).type("application/json").send({
+          error: "project_path is required (query param or ZC_SPOTTER_DEFAULT_PROJECT_PATH env var) — used to route the queue task to a terminal mutator agent",
+        });
+        return;
+      }
       const { runSpotterLlmFiler } = await import("./skills/spotter/llm_filer.js");
       const result = await runSpotterLlmFiler({
         run_id,
-        model:      typeof model === "string" && model.trim() ? model : undefined,
-        timeout_ms: timeout_ms ? Math.max(60_000, Math.min(900_000, parseInt(String(timeout_ms), 10) || 300_000)) : undefined,
+        project_path: projectPath,
+        agent_role:   typeof q.agent_role === "string" && q.agent_role.trim() ? q.agent_role : undefined,
+        timeout_ms:   q.timeout_ms ? Math.max(60_000, Math.min(1_800_000, parseInt(String(q.timeout_ms), 10) || 600_000)) : undefined,
       });
       reply.type("application/json").send(result);
     } catch (e) {
@@ -1437,11 +1466,21 @@ export async function createApiServer(storeOverride?: Store) {
   });
 
   // v0.28.0-β — POST handler: triggers LLM filer + returns inline summary fragment.
+  // v0.30.0 — uses terminal-agent queue pattern. project_path comes from
+  // ZC_SPOTTER_DEFAULT_PROJECT_PATH or the ?project_path query parameter.
   app.post("/dashboard/spotter/runs/:run_id/llm-file", async (request, reply) => {
     try {
       const { run_id } = request.params as { run_id: string };
+      const q = request.query as Record<string, unknown>;
+      const projectPath = (typeof q.project_path === "string" && q.project_path.trim())
+        ? q.project_path
+        : process.env.ZC_SPOTTER_DEFAULT_PROJECT_PATH;
+      if (!projectPath) {
+        reply.type("text/html").send(`<div class="error">LLM filer failed: project_path is required. Set ZC_SPOTTER_DEFAULT_PROJECT_PATH on sc-api or pass <code>?project_path=...</code>.</div>`);
+        return;
+      }
       const { runSpotterLlmFiler } = await import("./skills/spotter/llm_filer.js");
-      const result = await runSpotterLlmFiler({ run_id });
+      const result = await runSpotterLlmFiler({ run_id, project_path: projectPath });
       const errorsHtml = result.errors.length > 0
         ? `<div style="color:#fca5a5; margin-top:6px">Errors: ${result.errors.map(e => escapeHtml(e)).join("; ")}</div>`
         : "";

src/config.ts

@@ -37,7 +37,7 @@ const env = process.env;
 
 export const Config = {
   // ── Version ──────────────────────────────────────────────────────────────
-  VERSION: "0.29.0",
+  VERSION: "0.30.0",
 
   // ── Storage paths ────────────────────────────────────────────────────────
   DB_DIR:      join(homedir(), ".claude", "zc-ctx", "sessions"),