v6.6.0

v6.6.0 (2026-04-15)

Full-stack audit: 3 new skills, smarter cross-session memory, scope gates across 6 skills, and expanded hook coverage.

New Features

Refactoring skill — Enforces behavior-locking tests before any structural change and incremental verification after each move. Four phases: lock current behavior with characterization tests, define the refactoring boundary, make one structural change at a time with tests green after each, then audit for stale references. Includes guidance on writing characterization tests for side-effectful code and detecting test runners automatically.

Performance Investigation skill — Measure-first methodology for performance work. Requires a quantitative baseline before any optimization, profiling to identify the actual bottleneck (not the guessed one), a hypothesis with predicted improvement, and re-measurement after every change. Profiling tool recommendations are CLI-friendly so the AI can read output directly; GUI-only tools prompt the user to share results.

Dependency Management skill — Structured incremental updates with verification at each step. Covers the full lifecycle: audit outdated packages, assess impact from changelogs, update one dependency at a time with test/build/smoke verification, and handle security vulnerabilities as a special case. Includes lockfile merge conflict resolution, version pinning strategy, and monorepo coordination guidance.

Weighted memory scoring — The skill-activator hook now ranks session-log and known-issues matches using a weighted score (70% keyword density + 30% recency) instead of flat boolean matching. More relevant entries surface first.

Per-project watermark — The context-engine hook now creates a per-project watermark file (md5 hash of cwd) so multiple projects sharing the same machine don't overwrite each other's session-start state.

Cross-session diff base — When a valid watermark exists from a previous session, the context-engine uses it as the git diff base instead of HEAD~1. This means the "what changed" snapshot reflects changes since your last session, not just the last commit.

Blast radius import filtering — The context-engine's blast radius analysis now applies a secondary filter checking for actual import/require/from references, reducing false positives from files that happen to contain the same basename but don't actually depend on the changed file.

Changes

6 scope gates added to existing skills — frontend-design checks for an existing design system before generating a new one; TDD bootstraps test infrastructure before writing the first test; finishing-branch pulls decisions from session-log into PR descriptions; using-superpowers has a soft gate for existing projects without memory files; deliberation has a loop guard preventing infinite deliberation-premise-check cycles; context-management clarifies state.md vs plan.md roles.

Subagent guard expanded — The action verb pattern now catches activate/trigger/execute/launch/spawn/start in addition to the original invoke/use/run/call verbs. Also detects Skill tool invocation patterns (Skill("superpowers...", skill: "brainstorming").

Stop-reminders pattern coverage widened — The isSignificantSession check now detects edits to specs/.md, plans/.md, and plugin.universal.yaml in addition to SKILL.md, hooks/*.js, and CLAUDE.md.

Session-log hard cap raised — The per-entry hard cap was raised from 1000 to 1500 characters (~375 tokens) to accommodate multi-subsystem sessions that legitimately need more space.

Session-start awk parser fix — The parser that extracts recent [saved] entries now correctly flushes the previous block when encountering consecutive [saved] entries. Previously, consecutive entries without non-[saved] content between them would silently drop the earlier entry.

Fixes

Systematic-debugging post-fix improvement — After resolving a bug, the skill now suggests promoting permanent discoveries to project-map.md Critical Constraints, ensuring hard-won architectural knowledge persists beyond the session-log.

3 new test suites — Added dedicated test files for context-engine.js (16 tests), stop-reminders.js (14 tests), and subagent-guard.js (25 tests). Combined with the existing skill-activator tests (41), the plugin now has 96 unit tests covering all major hooks.

v6.5.2

v6.5.2 (2026-04-11) - minor patch update to fix #15, thank you @lovingcarevet and others for your patience and help! Hopefully it is all fixed now.

Stop hook reliability, session isolation, and subagent plan tracking improvements.

Fixes

Stats-only sessions no longer trigger stop-hook blocking — In v6.5.1, the stop hook would emit decision: "block" even when the only available reminder was the informational session-stats summary (e.g., "6 min, 1 skill invocation"). Users saw "Stop hook error: Session summary: ..." after every turn in light sessions. The hook now checks for actionable reminders before blocking; stats-only sessions return {} silently.

Edit log is now session-aware — no cross-session contamination — The shared ~/.claude/hooks-logs/edit-log.txt used a 3-field format (timestamp | tool | path) with no session identifier. Test sessions running via claude -p saw edits from the interactive session, triggering false-positive TDD and decision-log reminders inside headless test runs. The log format is now 4-field (timestamp | session_id | tool | path) and stop-reminders.js filters entries by the current session id, so each session only sees its own edits.

Plan checkboxes now enforced after subagent-driven development — The subagent-driven-development skill previously marked tasks complete without updating the - [ ] checkboxes in plan.md. The task-complete instruction now explicitly requires changing - [ ] to - [x] in plan.md and syncing state.md if present, matching the intent of the plan-tracking system.

State.md staleness detection added to stop hook — The stop hook now detects when state.md exists and contains plan status that appears out of date relative to recent edits (modified source files with no corresponding state update). Users see a targeted reminder to update state.md rather than silently leaving it stale across sessions.

Context-management resets the decision-log reminder marker — After saving context, the skill now writes a timestamp to ~/.claude/hooks-logs/last-saved-entry.txt. The stop hook uses this marker to suppress the "update your decision log" reminder immediately after a context-management save, preventing redundant reminders in the same turn.

v6.5.1

v6.5.1 (2026-04-10)

Patch release focused on Stop-hook correctness and reminder signal quality. Thank you to @lovingcarevet for pointing it out!

Fixes

Claude Code Stop hook output contract corrected — hooks/stop-reminders.js previously emitted hookSpecificOutput with hookEventName: "Stop", which Claude rejects on Stop events with JSON validation errors. The Stop reminder path now emits a schema-valid continuation payload (decision: "block" + reason) and keeps {} for no-op cases. A regression suite (tests/codex/test-stop-reminders.js) now enforces this output shape.

v6.5.0

v6.5.0 (2026-04-09)

Codex parity hardening: the plugin now follows the current Codex hook contract more closely, adds reactive Bash smart-compress on Codex, and tightens install/update guidance so complete Codex installs are easier to get right.

New Features

Codex PostToolUse(Bash) smart-compress — Codex sessions can now replace noisy Bash output after execution with a compressed summary using the same compression rules already used by the Claude-side Bash compressor. Large find/ls output and long passing test runs can be collapsed to concise summaries with explicit [smart-compress] and [compressed: X->Y lines | type] markers, reducing context waste without hiding failures.

Changes

Codex hook set expanded to five native hooks — The Codex build now wires SessionStart, UserPromptSubmit, PreToolUse(Bash), PostToolUse(Bash), and Stop through dedicated Codex adapters. This keeps the Codex path aligned with the current official hook model while still acknowledging the remaining platform limits versus Claude Code.

Codex install/update docs now define a complete install — The Codex docs now treat skills, custom agents, and macOS/Linux lifecycle hooks as the standard install on supported platforms, include a clean reinstall fallback for stale or inconsistent local installs, and call out codex-cli 0.118.0+ as the minimum tested version for live hook behavior.

Compiler/reporting language is now precise about Codex parity — Generated loss reports and the Codex-facing docs now say only what they actually prove: native compilation for hooks targeted to Codex, not full Claude parity. This removes misleading wording that could imply unsupported Claude-only hook surfaces also existed on Codex.

Fixes

Codex hook output/registry compatibility hardened — The Codex-generated hook registry now uses the current top-level hooks shape, the plugin manifest no longer carries the stale Codex hooks field, and the Codex-specific adapters now emit the output shapes expected by the current Codex docs. This addresses the class of failures where Codex would silently ignore hooks or reject invalid hook output.

Codex Bash safety checks close more real shell read paths — The Codex Bash safety path now catches additional .env read patterns such as sed and awk, reducing the chance that a secret file read slips past Codex's Bash-only interception surface.

v6.4.0 - Native Codex hooks, OpenCode safety parity, hookbridge migration, and memory system improvements.

Native Codex hooks, OpenCode safety parity, hookbridge migration, and memory system improvements.

New Features

Native Codex hook adapters — Three new adapter scripts in hooks/codex/ bring full lifecycle hook support to Codex (macOS/Linux with hooks enabled):

• session-start-adapter.js — injects project context (project-map, session-log, state, known-issues) at session start, matching the Claude Code session-start hook behavior
• stop-adapter.js — generates discipline reminders at turn end using git uncommitted changes instead of edit-log.txt (which Codex cannot write)
• pretool-bash-adapter.js — single dispatcher for PreToolUse(Bash): runs dangerous-command and secret-protection checks in one process (required because Codex fires multiple matching hooks concurrently)

The codex-hooks.json now registers all four Codex hook events: SessionStart, UserPromptSubmit (skill activator), Stop, and PreToolUse(Bash).

Codex agent configs — codex-agents/code-reviewer.toml and codex-agents/red-team.toml enable native Codex agent support for the code-reviewer and red-team workflows without manual setup.

OpenCode tool.execute.before safety hook — The OpenCode plugin now intercepts all bash, read, edit, and write tool calls before execution, applying the same safety checks as the Claude Code hooks: 19 dangerous command patterns, 25 sensitive file path patterns, 14 secret-leaking bash patterns, and hardcoded secret detection for write operations. Blocking is via thrown errors, matching OpenCode's native hook contract. Previously the OpenCode plugin only injected the system prompt; it had no pre-execution safety layer.

plugin.universal.yaml as single source of truth — All hook files and platform manifests (hooks/hooks.json, hooks/codex-hooks.json, .claude-plugin/plugin.json, .codex-plugin/plugin.json) are now generated from plugin.universal.yaml in the repo root via hookbridge compile. Do not hand-edit the generated files — they will be overwritten. This eliminates the previous duplication where hooks were maintained in three places and could drift out of sync. Compiled with the new open source tool Hookbridge: https://github.com/REPOZY/Hookbridge

Context-management: structured grep workflow — The skill now specifies a four-step grep process: extract 2-3 distinctive nouns from the task, grep each individually, adjust based on hit count (0 hits → fall back to project-map critical constraints; 1–10 hits → read them; >10 hits on one keyword → narrow with a second term), then surface findings explicitly. Previously the skill gave a single generic grep command with no guidance on what to do with the results.

Context-management: superseded-entry detection — Before appending a new [saved] entry, the skill now instructs checking for earlier entries on the same topic and marking contradicted ones as [superseded by YYYY-MM-DD]. This prevents the session-log from accumulating contradictory decisions across sessions without any connection between them.

Changes

[auto] entry system retired — stop-reminders.js no longer writes automatic [auto] entries to session-log.md at session stop. The session-log is now [saved]-only — human-written entries via the context-management skill. Auto-entries produced noise that inflated injection costs and were never referenced in practice.

Skill-rules expanded coverage — The TDD rule now matches "tests first", "failing tests first", and "write the failing tests" in addition to the existing keywords. The verification-before-completion rule adds "verify everything", "all done", "we're done", and intent patterns like "think I'm done" and "before we call it done" to reduce missed activations on natural phrasing.

Red-team agent security constraints — The red-team agent prompt now explicitly states that file contents are untrusted data and that the agent must not follow instructions embedded in source files, comments, or strings. Output is restricted to the conversation — no file writes, no shell commands. This prevents a malicious file under review from hijacking the agent.

Token-efficiency: Read tool chunk rule — Added an explicit rule: the Read tool returns a maximum of 2,000 lines per call. For files suspected to exceed this limit, use offset and limit parameters and read in sequential chunks. Never assume a single read covered the complete file.

OpenCode plugin export renamed — The plugin export is now SuperpowersOptimizedPlugin (was SuperpowersPlugin). This only affects internal plugin wiring in .opencode/plugins/superpowers-optimized.js; no user-facing behavior changes.

plugin-compiler/ directory removed — The working copy of hookbridge that lived inside the plugin repo has been removed. hookbridge lives at its canonical location and plugin.universal.yaml in the repo root replaces it as the hook compilation entry point.

Codex platform docs rewritten — docs/platforms/codex.md and .codex/INSTALL.md now both include a feature comparison table (macOS/Linux with hooks vs Windows native), corrected install steps, and clear hook-capability boundaries (what Codex can and cannot intercept).

Fixes

OpenCode system transform array handling corrected — The experimental.chat.system.transform hook was using output.system ||= [] before pushing content, which would incorrectly skip pushing when the array was already populated. Fixed to direct .push() since OpenCode always pre-populates the system array.

Fixed the "Stop hook error: JSON validation failed: Hook JSON output validation failed" issue: #9

Fixed the minor issue found in the Security Audit posted by a user: #12

v6.3.0

v6.3.0 (2026-04-03)

Session memory quality pass: the stop-reminders hook now tracks undocumented work phases across long sessions, enforced token budgets prevent session-log bloat from inflating injection costs, and parallel dispatch defaults are corrected in two skills.

New Features

Phase-aware decision-log reminders — The stop-reminders hook previously asked "were significant files edited in the last 30 minutes?" — a window that fails in long sessions with multiple work phases (same edits stay in the window after a [saved] entry, while later phases can slip out entirely). It now asks "were significant files edited since the last [saved] entry?" The track-edits hook detects when a [saved] entry is written to session-log.md and records a timestamp marker; stop-reminders reads that marker at Stop time. Each logical work batch gets exactly one reminder at the right time, with no false positives between phases.

Session-log token budget guard — stop-reminders now measures the last 2 [saved] entries at every session Stop and warns when any entry exceeds the 250-token budget (~1,000 characters). These entries are injected into every future session; a bloated entry costs tokens forever. The warning identifies the specific over-budget entry and instructs what to trim.

Strict [saved] entry template in context-management — The context-management skill's [saved] entry template now has an explicit structure (Goal / Decisions / Rejected / Open only), a "Never include" list (test results, task checklists → state.md, how-it-works walkthroughs, speculative analysis → design docs, one-time confirmations), and a hard token budget. Without this enforcement, the AI defaulted to "more is safer" and wrote entries that were 5–10× over the optimal size.

dispatching-parallel-agents skill hint added — skill-rules.json now includes a rule for dispatching-parallel-agents — it was the only skill with no hint coverage, meaning prompts like "dispatch these tasks simultaneously" received no routing suggestion.

Changes

Parallel Waves is now the default in subagent-driven-development — "Parallel Waves" was previously labeled "Optional Speed Mode". It is now the stated default for independent tasks; sequential execution is the explicit fallback for tasks with shared-file or state dependencies. The single-message dispatch requirement is now explicit in both subagent-driven-development and dispatching-parallel-agents, with a rationale: all subagents share the same cached system prompt prefix, and dispatching them in one message ensures every agent gets a cache hit on the heavy shared prefix.

Anti-sycophancy rules added to global CLAUDE.md — Four rules now govern position stability: don't revise a stated position under pushback without new evidence; proactively state the strongest objection to any non-trivial proposal; agreement must cite a specific reason, not just affirm; state confidence level explicitly when uncertain.

v6.2.0

Cross-session memory overhaul: the full memory stack is now injected automatically at session start, stop-reminders actually writes to session-log.md, and agents can no longer waste tokens as content relays.

New Features

Full memory stack injected at session start — session-log.md (last 2 [saved] decisions), state.md (active task snapshot), known-issues.md (error map), and context-snapshot.json (changed files + recent commits) are now all injected into session context by the session-start hook — unconditionally, without requiring the AI to remember to read them. Previously only project-map.md was injected; the rest depended entirely on AI compliance with the entry sequence.

Decision-log reminder in stop-reminders — When the session modified SKILL.md files, hooks, or plugin config, the Stop hook now surfaces an explicit prompt to invoke context-management before ending the session. These are the sessions where the "why" matters most and is most likely to be lost.

Changes

Agent & External Content Rules added to token-efficiency — Five new rules cover the behavioral characteristics of the Agent tool and WebFetch that the AI previously had to discover by failure: agent results are always compressed on return (never use agents as content relays), WebFetch returns AI summaries not raw text (use curl -sf for verbatim URL content), and local files should always be Read directly. These rules are always-on from session start.

"When the User Names a Specific Skill" section added to using-superpowers — Clarifies that phrases like "use brainstorming" or "use context management" are Skill tool invocations, not conceptual goals to achieve ad-hoc. This was the root cause of entry sequence bypass in analyzed session transcripts: the AI improvised with agents instead of calling the Skill tool.

Mandatory first actions surfaced at injection point — The session-start hook now prepends three concrete steps before the full using-superpowers body: activate token-efficiency, classify complexity, and invoke named skills via the Skill tool. Previously these were buried in the skill text where they competed with everything else for attention.

Content-relay anti-pattern added to dispatching-parallel-agents — "The task is content relay" is now an explicit entry in the "Do not use when" list, with a one-line explanation: agent results are compressed, raw content will be lost.

using-superpowers step 4 extended — Now requires a [saved] entry at the end of any session where significant decisions were made, not just sessions with ongoing incomplete work.

known-issues.md added to auto-gitignore list — track-edits.js now includes known-issues.md in the AI_ARTIFACTS list so it is automatically added to .gitignore on first write.

Fixes

stop-reminders.js never wrote to session-log.md — The hook was documented as "auto-writes session-log.md [auto] entry" but only wrote to a private temp file at ~/.claude/hooks-logs/edit-log.txt. The [auto] entries visible in prior session logs were written manually by the AI. Fixed: the hook now writes a proper [auto] entry to session-log.md in the project root on session stop, gated by the existing 2-minute guard to prevent duplicates.

MANDATORY FIRST ACTIONS had invalid JSON — The preamble added in the previous session contained literal unescaped double-quotes ("use brainstorming") inside the bash string that produced the hook's JSON output. This caused JSON.parse failures on every session start for any platform that validated the JSON. Fixed by removing the quotes from the example text.

v6.1.0

v6.1.0 (2026-03-28)

Skill quality pass: two new automated review gates, richer subagent prompts, sharper stop conditions, and a fix to the project-map staleness loop.

New Features

Spec reviewer gate in brainstorming — After a design is approved and saved, brainstorming now dispatches a spec-reviewer subagent using a calibrated prompt template (spec-document-reviewer-prompt.md) before handing off to writing-plans. The reviewer checks for placeholders, internal contradictions, ambiguous requirements, and scope creep. Critical issues block the handoff; minor issues become advisory recommendations. This catches design gaps before they propagate into the plan.

Plan reviewer gate in writing-plans — writing-plans now dispatches a plan-reviewer subagent using plan-document-reviewer-prompt.md after the plan is saved. The reviewer cross-checks the plan against the original spec — not just the plan in isolation — catching scope drift, vague steps, missing file paths, and incorrect TDD ordering. Both reviewer prompts include skill leakage prevention to keep subagents focused.

Changes

dispatching-parallel-agents strengthened — Added a "Do not use when" block covering exploratory debugging, related failures, and shared-state scenarios. Added an assembled example prompt showing all required fields (scope, goal, constraints, output format, leakage prevention) wired together. Added a ❌/✅ common mistakes section. Updated the description to "2+" (more precise than "multiple") and added "sequential dependencies" as an explicit disqualifier alongside file and state conflicts.

executing-plans stop conditions expanded — The single "stop on repeated verification failures" bullet is replaced with a named list: missing dependency, plan gap preventing start, unclear/contradictory instruction, repeated verification failure. Added "never guess — ask for clarification" as an explicit directive. Added the main/master branch prohibition with a reference to the worktree step.

claude-md-creator self-assesses redundancy — The skill no longer asks the user "anything you'd cut?" It now applies the redundancy filter itself before presenting the draft: every line must pass "would the agent produce incorrect output without this?" Lines that don't survive the filter are cut before the user sees them.

PR description required in finishing-a-development-branch — Option 2 (push + open PR) now requires a structured description: what changed, why, how to verify, and notable decisions. Previously the skill just said "Create PR" with no guidance on content.

Worktree path persistence clarified — using-git-worktrees now explicitly states that the cd in the creation step does not persist across separate shell calls, and that all subsequent commands must use the full worktree path or cd && inline.

find-polluter.sh surfaced for test pollution — systematic-debugging Phase 1 now references the find-polluter.sh script for tests that fail only in certain orderings. Previously the script existed in the skill folder but was never mentioned in the skill itself.

Fixes

project-map.md staleness loop fixed — The staleness check in using-superpowers entry sequence step 6 detected stale map entries and re-read changed files — but never wrote the updates back. Every session with a stale map would re-read the same files and leave the map unchanged for next time, repeating the cycle forever. The check now explicitly updates the changed Key Files entries and refreshes the git hash in the header after re-reading, breaking the loop.

project-map.md version sync constraint was incomplete — The constraint listed three manifest files that must stay version-synced, but omitted .codex-plugin/plugin.json and VERSION (both required per CLAUDE.md). A version bump following the map's constraint would silently miss two files. Updated to list all five.

context-snapshot.json creation expectation clarified — When git init runs mid-session via the fresh-project gate, context-snapshot.json is not created in that session (the context-engine hook already fired at session start before git existed). The confirm path in using-superpowers now states this explicitly and notes that the file will appear on the next session start from the project root.

v6.0.0

Comprehensive codebase audit and hardening. Twelve bugs, routing gaps, and safety issues found and fixed across hooks, skill routing, and the subagent guard.

Fixes

Gitignore corruption when section already exists — When track-edits.js appended an AI artifact to an existing # AI assistant artifacts section in .gitignore, it omitted the newline prefix, causing the new entry to be concatenated onto the last line of the file if it lacked a trailing newline. The entry would be silently malformed and git would not recognize it. Fixed by applying the prefix variable in both branches.

Dead export appendAutoSessionEntry in stop-reminders — stop-reminders.js exported appendAutoSessionEntry in its module.exports, but the function was never defined anywhere in the file. Any consumer calling it would get a TypeError. Removed from exports.

Cross-platform cache age check in session-start — The update check used date -r FILE +%s to read a file's modification time, which behaves inconsistently on some Linux distributions. On failure the cache age defaulted to 0, causing a GitHub fetch on every session start. Replaced with stat -c %Y (GNU/Linux) falling back to stat -f %m (BSD/macOS) falling back to 0.

Awk stderr leaked into session context — The session-start hook used 2>&1 when capturing the using-superpowers skill body via awk. Any awk error (permission denied, missing file) would be injected into the AI's session context as part of the skill text. Changed to 2>/dev/null.

premise-check was unreachable via skill-activator hook — Despite being the most important safety-net skill (validates whether work should exist before building it), premise-check had no entry in skill-rules.json. The skill-activator hook could never suggest it based on user input — it only fired if the model proactively read the Routing Guide text. Added a high-priority rule covering "design a system", "should we build this", "validate the premise", and related phrases.

receiving-code-review was unreachable via skill-activator hook — Same gap: no skill-rules.json entry. Phrases like "address review feedback" and "respond to review" never triggered it. Added a medium-priority rule.

error-recovery missing from Routing Guide — The skill existed and was in skill-rules.json, but was absent from the Routing Guide in using-superpowers. A model doing full-complexity routing would never find it as a destination. Added to the guide.

deliberation missing from subagent-guard — The subagent guard's violation patterns covered 20 skills but omitted deliberation. A subagent invoking deliberation by plain name (without the superpowers-optimized: prefix) would slip through. Added to the patterns. The guard was also refactored to use a verb-prefix pattern (invoking/using/running + skill name) that eliminates false positives from prose mentions of skill names.

ReDoS vulnerability in block-dangerous-commands — Six regex patterns used (-.+\s+)* which is a nested quantifier enabling catastrophic backtracking on adversarial input. Replaced with (-\S+\s+)* which eliminates the backtracking risk while preserving the same match semantics.

Changes

Routing Guide clarifies parallel execution paths — The distinction between dispatching-parallel-agents (ad-hoc parallel work outside plan execution) and subagent-driven-development (plan execution with optional parallel waves) is now explicit in the Routing Guide. Previously the two entries looked equivalent, causing model confusion on which to pick.

Internal skills documented in Routing Guide — self-consistency-reasoner (invoked internally by systematic-debugging and verification-before-completion) and token-efficiency (always-on, invoked at Entry Sequence step 1) are now noted as intentional non-entries in the Routing Guide. Previously their absence was undocumented, which could be misread as orphaned skills.

CMD arg limit documented in run-hook.cmd — A comment now notes the 8-argument limit of the %2-%9 forwarding pattern in the Windows batch wrapper, flagging it for future callers who need more.

v5.6.0

v5.6.0 (2026-03-21)

Session memory enhanced, auto-gitignore for AI artifacts, and routing guide completeness. project-map.md is now injected directly into every session start by the hook — no instruction-following required. AI workspace files are automatically added to .gitignore the moment they're created. The routing guide now covers every user-invocable skill in the plugin.

New Features

project-map.md auto-injected at session start — The session-start hook now reads project-map.md from the working directory and injects its content directly into context, unconditionally, before the first turn. Previously, reading the project map relied on Claude following the entry sequence — if the task was classified as micro, or if the first message was conversational, the file might never be read. Now it's always in context. For maps ≤200 lines the full content is injected; for larger maps only the ## Critical Constraints and ## Hot Files sections are injected, with a note pointing to the full file.

Auto-gitignore for AI workspace artifacts — When Claude creates project-map.md, session-log.md, or state.md in a project, they are now automatically added to .gitignore under a # AI assistant artifacts section header. These are tooling artifacts — generated by the AI, not part of the project — and should never appear in git status as untracked files. The gitignore check runs in the PostToolUse hook for files Claude writes directly, and in the stop hook for session-log.md entries written by the hook itself. Idempotent: if the entry already exists, nothing is changed.

Changes

Routing guide now covers all user-invocable skills — premise-check and using-git-worktrees were missing from the routing guide in using-superpowers and had no coverage anywhere in the entry sequence. Both are now listed: premise-check at the top of the guide (run before brainstorming or planning when it's unclear whether work should exist at all), and using-git-worktrees before the implementation entries (run before implementation when the work needs branch isolation).

claude-md-creator added to routing guide with explicit bypass protection — CLAUDE.md creation was being classified as lightweight and implemented directly, bypassing the claude-md-creator skill that exists specifically for this task. The routing guide now includes an explicit entry for CLAUDE.md / AGENTS.md creation pointing to claude-md-creator, with a note that it applies at any complexity level. The lightweight action text now includes an exception: if a dedicated implementation skill exists for the task, invoke it — lightweight only skips workflow overhead, not implementation skills.