R76.H2 Packet — colibri-verification SKILL.md execution plan
Task: R76.H2. Gate: This packet must be approved before Step 4 (Implement). It is self-approved here because R76.H2 is a documentation-only hygiene task dispatched under a fixed contract by the round manifest in PR #152.
Change shape
Two files, both rewritten in place:
.agents/skills/colibri-verification/SKILL.md— canon..claude/skills/colibri-verification/SKILL.md— mirror, overwritten from canon after step 1.
Four new chain docs under docs/:
docs/audits/r76-h2-verification-rewrite-audit.md— already written.docs/contracts/r76-h2-verification-rewrite-contract.md— already written.docs/packets/r76-h2-verification-rewrite-packet.md— this file.docs/verification/r76-h2-verification-rewrite-verification.md— Step 5 output.
No src/ touch. No test files. No other skill files.
Section-by-section rewrite plan
Line numbers below are the rewritten (target) lines — not the source lines.
Frontmatter (lines 1-4)
Keep name. Rewrite description to:
description: "Colibri verification checklists for pre-execution, execution, and post-execution phases. Greek: η (eta) — Proof Store, π (pi) — Verifier. Use when verifying task readiness, execution safety, and completion proof. Provides acceptance criteria for all Phase 0 executor chain phases on the 14-tool surface."
Double-quoted for YAML safety (contains colons in Greek: η (eta) — Proof Store, π (pi) — Verifier).
Reality stamp (line 8-9)
Replace the Wave H stamp with the R76 stamp defined in the contract.
Quick Reference table (lines 13-25)
Unchanged — no tool names appear in the table; rows are phase-name prose only.
Pre-Execution Readiness Checklist (lines 29-59)
1. Task Context (was “Roadmap Validation”)
Renamed. New bullets:
- [ ] **Target task identified**: listed in `docs/guides/implementation/task-breakdown.md`
- [ ] **Task readable**: `task_get { id }` returns the task
- [ ] **Task status is `todo`**: `task_get` shows `status: "todo"` (not `backlog`, not `done`)
- [ ] **Docs integrity clean**: `colibri-docs-check` skill (if doc touches are part of the task)
2. Task Validation
New bullets:
- [ ] **Task exists**: `task_list { status: "todo" }` returns the target
- [ ] **Task not started**: `task_get` shows status `"todo"` (not `"done"` or `"in_progress"`)
- [ ] **Dependencies noted in description**: check `task_get` `description` field for blockers (no MCP dep tool in Phase 0)
unified_set_project bullet dropped (single-project Phase 0). task_deps bullet rewritten per above.
3. Environment Validation
New bullets:
- [ ] **Worktree ready**: Worktree exists at `.worktrees/claude/<task-slug>`
- [ ] **Branch isolated**: On `feature/<task-slug>` branch, not `main`
- [ ] **Base is main**: Branch tracks `origin/main`
- [ ] **Server reachable**: `server_ping` succeeds
- [ ] **System healthy**: `server_health` returns status `"ok"`
unified_init dropped. unified_vitals → server_health.
4. Audit Session
New bullets:
- [ ] **Session started**: `audit_session_start` completed (pass context inline via the start call)
- [ ] **Session ID recorded**: Session ID documented for writeback
audit_session_set_context reworded into “pass context inline via the start call”.
Execution Safety Checklist (lines 63-91)
1. Dry-Run First — kept unchanged.
2. Worktree Isolation — kept unchanged (git-only).
3. Incremental Progress
New bullets:
- [ ] **Progress updates**: `task_update { id, patch: { progress: N } }` at 25%, 50%, 75%
- [ ] **Thought recording**: `thought_record` for every key decision, plan, or observation
- [ ] **Thought type set**: `thought_type` is one of `"plan"`, `"decision"`, `"observation"`, `"reflection"`
- [ ] **Error handling**: document failures and recovery steps via `thought_record` `thought_type: "observation"`
context_create bullet dropped.
4. Rollback Preparation
New bullets:
- [ ] **Pre-destructive snapshot**: `thought_record` with current state described before any destructive git op
- [ ] **Rollback plan**: `git reset` + worktree discard; plan documented as a `thought_record` before executing
- [ ] **Checkpoint committed**: git checkpoint with descriptive message at each milestone
unified_backup / context_create bullets dropped.
Post-Execution Completion Checklist (lines 95-135)
1. Colibri Writeback — kept; uses task_update.
2. Thought Record — kept; uses thought_record.
3. Memory Pack — entire subsection deleted. Post-checklist renumbering: original §4 Merkle Proof becomes §3, original §5 Git Checkpoint becomes §4.
3. Merkle Proof (was §4)
New bullets:
- [ ] **Ordering rule**: final `thought_record` (reflection) recorded BEFORE `merkle_finalize`
- [ ] **Session finalized**: `merkle_finalize` succeeds
- [ ] **Root retrieved**: `merkle_root` returns the root hash (Phase 0 attestation primitive)
- [ ] **Chain verified**: `audit_verify_chain` returns `valid: true`
merkle_attest bullet replaced by merkle_root + audit_verify_chain.
4. Git Checkpoint — kept unchanged.
Phase Acceptance Criteria (lines 139-230)
Each table rewritten. Cells marked <drop row> are removed; cells marked <replace> are substituted.
GATHER table
| Criterion | Verification | Tool |
|-----------|--------------|------|
| Task discovered | Task ID confirmed | `task_get` |
| Tasks identified | Candidate tasks listed | `task_list` / `task_next_actions` |
| Session started | Audit session active | `audit_session_start` |
| Findings recorded | Analysis thought recorded | `thought_record` (thought_type: `"observation"`) |
Dropped: roadmap_list, roadmap_nodes, context_create rows.
ANALYZE table
| Criterion | Verification | Tool |
|-----------|--------------|------|
| Priorities set | Priority field on each task | `task_create` / `task_update` (priority field) |
| Dependencies mapped | Blockers noted in description | `task_get` description field |
| Plan documented | Plan thought recorded | `thought_record` (thought_type: `"plan"`) |
| Decisions logged | Decision rationale documented | `thought_record` (thought_type: `"decision"`) |
Dropped: task_eisenhower, task_deps, roadmap_prerequisites_check, analysis_recommend, gsd_plan, thought_plan, thought_decide rows. Collapsed plan + decide into two thought_record rows differentiated only by thought_type.
PLAN table
| Criterion | Verification | Tool |
|-----------|--------------|------|
| Tasks created | All work items in Colibri | `task_create` |
| Tasks linked | Relationships noted in task `description` | `task_create` / `task_update` (description field) |
| Dependencies set | Blocker narrative in task `description` | `task_update` (description field) |
| Packet written | Execution packet at `docs/packets/<task>-packet.md` | file write |
| Verification plan | Acceptance criteria documented in packet | file write |
Dropped: task_create_batch, task_link_roadmap, task_deps, task_depends_on, gsd_workflow_create, gsd_agent_pool_create. No Phase 0 MCP surface for dependency graphs.
EXECUTE table
| Criterion | Verification | Tool |
|-----------|--------------|------|
| Worktree isolated | Changes in worktree only | `git rev-parse` |
| Progress tracked | Regular progress updates | `task_update` |
| Incremental commits | Git commits at milestones | `git commit` |
| Thoughts recorded | Key decisions documented | `thought_record` |
| Dry-run first | Mutations previewed first | `dry_run: true` pattern |
context_create row dropped.
VERIFY table
| Criterion | Verification | Tool |
|-----------|--------------|------|
| Build green | `npm run build` succeeds | npm |
| Lint green | `npm run lint` succeeds | npm (CLAUDE.md §5 gate) |
| Tests green | `npm test` succeeds (full suite) | jest |
| Audit chain intact | Hash chain verified | `audit_verify_chain` |
| Documentation complete | All 5-chain docs written | file check |
Dropped: roadmap_validate, gsd_verify_comprehensive, context_verify rows. Lint row added to match CLAUDE.md §5 gate.
CLOSE table
| Criterion | Verification | Tool |
|-----------|--------------|------|
| Tasks marked done | All tasks 100% complete | `task_update { id, patch: { status: "done", progress: 100 } }` (requires prior reflection `thought_record`; routes via β state machine) |
| Reflection recorded | Completion summary logged | `thought_record` (thought_type: `"reflection"`, MUST precede `merkle_finalize`) |
| Merkle finalized | Proof tree built; session sealed | `merkle_finalize` |
| Root exported | Attestation hash retrieved | `merkle_root` |
| Changes pushed | Git push to remote | `git push` |
Dropped: memory_pack, separate audit_session_end rows. merkle_finalize noted as the session-sealing primitive.
Verification Tools Quick Reference (JS example block)
Rewrite to the CLAUDE.md §7 proof-grade chain:
// Full Phase 0 verification sequence.
// Ordering rule: the final thought_record (reflection) MUST be recorded
// BEFORE merkle_finalize — otherwise the reflection is not anchored in
// the Merkle root. See CLAUDE.md §7.
async function verifyCompletion(sessionId, taskId, commitSha) {
// 1. Verify the audit hash chain is intact.
await audit_verify_chain({ session_id: sessionId });
// 2. Record the final reflection (BEFORE merkle_finalize).
await thought_record({
session_id: sessionId,
thought_type: "reflection",
content: `task_id: ${taskId}\ncommit: ${commitSha}\nsummary: …\nblockers: …`,
});
// 3. Finalize the Merkle tree; this also seals the session.
await merkle_finalize({ session_id: sessionId });
// 4. Retrieve the root hash (Phase 0 attestation primitive).
const { root } = await merkle_root({ session_id: sessionId });
// 5. Mark the task done (routes through β state machine).
await task_update({
id: taskId,
patch: { status: "done", progress: 100 },
});
return { verified: true, root };
}
Common Verification Failures table
Rewritten:
| Failure | Cause | Resolution |
|---------|-------|------------|
| Task not found | Wrong `id` | Check `task_list` without filters |
| Audit chain broken | Session not started | Run `audit_session_start` before work |
| `merkle_finalize` fails | No reflection recorded OR session empty | Ensure `thought_record` runs before `merkle_finalize` and tools were called during session |
| Merkle root missing | `merkle_finalize` did not complete | Re-run `merkle_finalize`; check server logs |
| `task_update status` rejected | Missing prior reflection `thought_record` | Record reflection before marking done (CLAUDE.md §7) |
| Reflection not anchored | `thought_record` ran AFTER `merkle_finalize` | Re-run session; ordering is a hard rule |
Dropped: Roadmap validation fails, Context verify fails, Memory pack empty. Added: Merkle root missing, task_update status rejected, Reflection not anchored.
Integration with Tier-1 Chains — kept unchanged.
See Also section
- `colibri-tier1-chains` — canonical Phase 0 tool sequences
- `colibri-pm` — PM verification patterns
- `colibri-audit-proof` — detailed proof generation chain
- `docs/reference/mcp-tools-phase-0.md` — Phase 0 tool contract reference
data/tool-contracts/ replaced by docs/reference/mcp-tools-phase-0.md.
Heritage block policy
The rewritten file will contain zero > HERITAGE: blockquotes — every donor reference is dropped or substituted outright. The R76.H2 reality stamp at line 8 is a reality stamp, not a heritage block (the rest of the file is clean live guidance).
The acceptance-gate grep should therefore return zero hits in total.
Mirror resync
Step 4b (after canon edit):
cp .agents/skills/colibri-verification/SKILL.md .claude/skills/colibri-verification/SKILL.md
Then diff must be empty.
Verification plan (Step 5)
- Run the acceptance-gate grep; paste result.
- Run
diffcanon vs mirror; confirm empty. - Run
npm run build && npm run lint && npm test; paste summary. - Confirm all 4 chain docs exist.
Risk notes
- YAML hazard (memory §feedback_yaml_frontmatter_hazard):
descriptioncontains colons → must remain double-quoted. - No ripple risk: skill is docs-only; no runtime code consumes the checklist semantics programmatically.
- Mirror drift outside scope: R76.H2 only resyncs this one skill’s mirror. Other mirror-drift items carry over to a later round as flagged in memory.