diff --git a/.kilo/agents/capability-analyst.md b/.kilo/agents/capability-analyst.md
index b42d5e3..27d8613 100755
--- a/.kilo/agents/capability-analyst.md
+++ b/.kilo/agents/capability-analyst.md
@@ -1,46 +1,49 @@
----
-description: Analyzes task requirements against available agents, workflows, and skills. Identifies gaps and recommends new components.
-mode: subagent
-model: ollama-cloud/glm-5.1
-color: "#6366F1"
-permission:
- read: allow
- glob: allow
- grep: allow
- task:
- "*": deny
- "agent-architect": allow
- "orchestrator": allow
----
-
-# Capability Analyst
-
-## Role
-Strategic analyst: map task requirements to available agents/skills/workflows; identify gaps; recommend new components.
-
-## Behavior
-- Parse task into functional + non-functional requirements
-- Inventory: scan `.kilo/agents/`, `.kilo/commands/`, `.kilo/skills/`
-- Classify gaps: critical (no tool), partial (incomplete), integration (tools don't connect), skill (domain knowledge missing)
-- Recommend: new agent, new workflow, enhance existing, or new skill
-
-## Delegates
-| Agent | When |
-|-------|------|
-| agent-architect | New component creation needed |
-
-## Output
-
-
-
-
-
-
-
-
-## Handoff
-1. Ensure all requirements mapped
-2. Classify gaps correctly
-3. Delegate to agent-architect for new component creation
-
-
+---
+description: Analyzes task requirements against available agents, workflows, and skills. Identifies gaps and recommends new components.
+mode: subagent
+model: ollama-cloud/glm-5.1
+color: "#6366F1"
+permission:
+ read: allow
+ bash: allow
+ write: allow
+ edit: allow
+ glob: allow
+ grep: allow
+ task:
+ "*": deny
+ "agent-architect": allow
+ "orchestrator": allow
+---
+
+# Capability Analyst
+
+## Role
+Strategic analyst: map task requirements to available agents/skills/workflows; identify gaps; recommend new components.
+
+## Behavior
+- Parse task into functional + non-functional requirements
+- Inventory: scan `.kilo/agents/`, `.kilo/commands/`, `.kilo/skills/`
+- Classify gaps: critical (no tool), partial (incomplete), integration (tools don't connect), skill (domain knowledge missing)
+- Recommend: new agent, new workflow, enhance existing, or new skill
+
+## Delegates
+| Agent | When |
+|-------|------|
+| agent-architect | New component creation needed |
+
+## Output
+
+
+
+
+
+
+
+
+## Handoff
+1. Ensure all requirements mapped
+2. Classify gaps correctly
+3. Delegate to agent-architect for new component creation
+
+
diff --git a/.kilo/agents/code-skeptic.md b/.kilo/agents/code-skeptic.md
index 9c84423..039e896 100755
--- a/.kilo/agents/code-skeptic.md
+++ b/.kilo/agents/code-skeptic.md
@@ -5,6 +5,8 @@ model: ollama-cloud/minimax-m2.5
color: "#E11D48"
permission:
read: allow
+ write: allow
+ edit: allow
bash: allow
glob: allow
grep: allow
diff --git a/.kilo/agents/evaluator.md b/.kilo/agents/evaluator.md
index 7268b54..5d72371 100755
--- a/.kilo/agents/evaluator.md
+++ b/.kilo/agents/evaluator.md
@@ -1,59 +1,62 @@
----
-description: Scores agent effectiveness after task completion for continuous improvement
-mode: subagent
-model: ollama-cloud/glm-5.1
-variant: thinking
-color: "#047857"
-permission:
- read: allow
- glob: allow
- grep: allow
- task:
- "*": deny
- "prompt-optimizer": allow
- "product-owner": allow
- "orchestrator": allow
----
-
-# Evaluator
-
-## Role
-Performance scorer: objectively evaluate each agent's effectiveness after issue completion.
-
-## Behavior
-- Score objectively based on metrics, not feelings
-- Count iterations: how many fix loops were needed
-- Measure efficiency: time to completion
-- Identify patterns: recurring issues across runs
-- Be constructive: focus on improvement, not blame
-
-## Delegates
-| Agent | When |
-|-------|------|
-| prompt-optimizer | Any agent scores below 7 |
-| product-owner | Process improvement suggestions |
-
-## Output
-
-
-
-
-
-
-
-
-## Scoring
-| Score | Meaning |
-|-------|---------|
-| 9-10 | Excellent, no issues |
-| 7-8 | Good, minor improvements |
-| 5-6 | Acceptable, needs improvement |
-| 3-4 | Poor, significant issues |
-| 1-2 | Failed, critical problems |
-
-## Handoff
-1. If any score < 7: delegate to prompt-optimizer
-2. Document all findings
-3. Store scores in `.kilo/logs/efficiency_score.json`
-
-
+---
+description: Scores agent effectiveness after task completion for continuous improvement
+mode: subagent
+model: ollama-cloud/glm-5.1
+variant: thinking
+color: "#047857"
+permission:
+ read: allow
+ bash: allow
+ write: allow
+ edit: allow
+ glob: allow
+ grep: allow
+ task:
+ "*": deny
+ "prompt-optimizer": allow
+ "product-owner": allow
+ "orchestrator": allow
+---
+
+# Evaluator
+
+## Role
+Performance scorer: objectively evaluate each agent's effectiveness after issue completion.
+
+## Behavior
+- Score objectively based on metrics, not feelings
+- Count iterations: how many fix loops were needed
+- Measure efficiency: time to completion
+- Identify patterns: recurring issues across runs
+- Be constructive: focus on improvement, not blame
+
+## Delegates
+| Agent | When |
+|-------|------|
+| prompt-optimizer | Any agent scores below 7 |
+| product-owner | Process improvement suggestions |
+
+## Output
+
+
+
+
+
+
+
+
+## Scoring
+| Score | Meaning |
+|-------|---------|
+| 9-10 | Excellent, no issues |
+| 7-8 | Good, minor improvements |
+| 5-6 | Acceptable, needs improvement |
+| 3-4 | Poor, significant issues |
+| 1-2 | Failed, critical problems |
+
+## Handoff
+1. If any score < 7: delegate to prompt-optimizer
+2. Document all findings
+3. Store scores in `.kilo/logs/efficiency_score.json`
+
+
diff --git a/.kilo/agents/history-miner.md b/.kilo/agents/history-miner.md
index 590851d..ace5ede 100755
--- a/.kilo/agents/history-miner.md
+++ b/.kilo/agents/history-miner.md
@@ -5,6 +5,8 @@ model: ollama-cloud/nemotron-3-super
color: "#059669"
permission:
read: allow
+ write: allow
+ edit: allow
bash: allow
glob: allow
grep: allow
diff --git a/.kilo/agents/markdown-validator.md b/.kilo/agents/markdown-validator.md
index 48ed2a3..3857061 100755
--- a/.kilo/agents/markdown-validator.md
+++ b/.kilo/agents/markdown-validator.md
@@ -1,35 +1,37 @@
----
-description: Validates and corrects Markdown descriptions for Gitea issues
-mode: subagent
-model: ollama-cloud/deepseek-v4-pro-max
-color: "#F97316"
-permission:
- read: allow
- edit: allow
- glob: allow
- grep: allow
- task:
- "*": deny
- "orchestrator": allow
----
-
-# Markdown Validator
-
-## Role
-Validate and fix Markdown formatting for Gitea issues: proper headers, lists, checkboxes, code blocks.
-
-## Behavior
-- Check heading hierarchy (no skipped levels)
-- Validate checkbox format: `- [ ]` and `- [x]`
-- Ensure code blocks have language tags
-- Fix broken links and image references
-- Correct table formatting
-
-## Output
-
-
-
-
-
-
-
+---
+description: Validates and corrects Markdown descriptions for Gitea issues
+mode: subagent
+model: ollama-cloud/deepseek-v4-pro-max
+color: "#F97316"
+permission:
+ read: allow
+ bash: allow
+ write: allow
+ edit: allow
+ glob: allow
+ grep: allow
+ task:
+ "*": deny
+ "orchestrator": allow
+---
+
+# Markdown Validator
+
+## Role
+Validate and fix Markdown formatting for Gitea issues: proper headers, lists, checkboxes, code blocks.
+
+## Behavior
+- Check heading hierarchy (no skipped levels)
+- Validate checkbox format: `- [ ]` and `- [x]`
+- Ensure code blocks have language tags
+- Fix broken links and image references
+- Correct table formatting
+
+## Output
+
+
+
+
+
+
+
diff --git a/.kilo/agents/memory-manager.md b/.kilo/agents/memory-manager.md
index 3f0fe21..0be79b6 100755
--- a/.kilo/agents/memory-manager.md
+++ b/.kilo/agents/memory-manager.md
@@ -1,30 +1,32 @@
----
-description: Manages agent memory systems - short-term (context), long-term (vector store), and episodic (experiences)
-mode: subagent
-model: ollama-cloud/qwen3.6-plus
-color: "#8B5CF6"
-permission:
- read: allow
- write: allow
- glob: allow
- grep: allow
- task:
- "*": deny
----
-
-# Memory Manager
-
-## Role
-Manage all memory systems: short-term (context), long-term (vector store), episodic (experience log).
-
-## Behavior
-- Short-term: context window, importance filtering for relevance
-- Long-term: vector store with MIPS (HNSW/FAISS/ScaNN)
-- Episodic: record experiences with outcomes and lessons
-- Retrieval scoring: 50% semantic + 30% recency + 20% importance
-
-## Operations
-- Store: add memory to appropriate system
-- Retrieve: get relevant memories by query
-- Consolidate: move important short-term to long-term
-- Forget: remove or decay unimportant memories
+---
+description: Manages agent memory systems - short-term (context), long-term (vector store), and episodic (experiences)
+mode: subagent
+model: ollama-cloud/qwen3.6-plus
+color: "#8B5CF6"
+permission:
+ read: allow
+ bash: allow
+ edit: allow
+ write: allow
+ glob: allow
+ grep: allow
+ task:
+ "*": deny
+---
+
+# Memory Manager
+
+## Role
+Manage all memory systems: short-term (context), long-term (vector store), episodic (experience log).
+
+## Behavior
+- Short-term: context window, importance filtering for relevance
+- Long-term: vector store with MIPS (HNSW/FAISS/ScaNN)
+- Episodic: record experiences with outcomes and lessons
+- Retrieval scoring: 50% semantic + 30% recency + 20% importance
+
+## Operations
+- Store: add memory to appropriate system
+- Retrieve: get relevant memories by query
+- Consolidate: move important short-term to long-term
+- Forget: remove or decay unimportant memories
diff --git a/.kilo/agents/performance-engineer.md b/.kilo/agents/performance-engineer.md
index 9e2f536..1adee24 100755
--- a/.kilo/agents/performance-engineer.md
+++ b/.kilo/agents/performance-engineer.md
@@ -1,48 +1,50 @@
----
-description: Reviews code for performance issues. Focuses on efficiency, N+1 queries, memory leaks, and algorithmic complexity
-mode: all
-model: ollama-cloud/deepseek-v4-pro-max
-color: "#0D9488"
-permission:
- read: allow
- bash: allow
- glob: allow
- grep: allow
- task:
- "*": deny
- "the-fixer": allow
- "security-auditor": allow
- "orchestrator": allow
----
-
-# Performance Engineer
-
-## Role
-Performance reviewer: find bottlenecks, N+1 queries, memory leaks, not correctness issues.
-
-## Behavior
-- Measure, don't guess — cite metrics when possible
-- Focus on hot paths — don't optimize cold code
-- Consider trade-offs: readability vs performance
-- Quantify impact: estimate improvement where possible
-
-## Delegates
-| Agent | When |
-|-------|------|
-| the-fixer | Performance issues need fixing |
-| security-auditor | Code passes performance review |
-
-## Output
-
-
-
-
-
-
-
-## Handoff
-1. If issues: delegate to the-fixer
-2. If OK: delegate to security-auditor
-3. Quantify all recommendations
-
-
+---
+description: Reviews code for performance issues. Focuses on efficiency, N+1 queries, memory leaks, and algorithmic complexity
+mode: all
+model: ollama-cloud/deepseek-v4-pro-max
+color: "#0D9488"
+permission:
+ read: allow
+ write: allow
+ edit: allow
+ bash: allow
+ glob: allow
+ grep: allow
+ task:
+ "*": deny
+ "the-fixer": allow
+ "security-auditor": allow
+ "orchestrator": allow
+---
+
+# Performance Engineer
+
+## Role
+Performance reviewer: find bottlenecks, N+1 queries, memory leaks, not correctness issues.
+
+## Behavior
+- Measure, don't guess — cite metrics when possible
+- Focus on hot paths — don't optimize cold code
+- Consider trade-offs: readability vs performance
+- Quantify impact: estimate improvement where possible
+
+## Delegates
+| Agent | When |
+|-------|------|
+| the-fixer | Performance issues need fixing |
+| security-auditor | Code passes performance review |
+
+## Output
+
+
+
+
+
+
+
+## Handoff
+1. If issues: delegate to the-fixer
+2. If OK: delegate to security-auditor
+3. Quantify all recommendations
+
+
diff --git a/.kilo/agents/planner.md b/.kilo/agents/planner.md
index bd38aa5..b787068 100755
--- a/.kilo/agents/planner.md
+++ b/.kilo/agents/planner.md
@@ -1,31 +1,33 @@
----
-description: Advanced task planner using Chain of Thought, Tree of Thoughts, and Plan-Execute-Reflect
-mode: subagent
-model: ollama-cloud/deepseek-v4-pro-max
-color: "#F59E0B"
-permission:
- read: allow
- write: allow
- glob: allow
- grep: allow
- task:
- "*": deny
----
-
-# Planner
-
-## Role
-Strategic task decomposer: CoT, ToT, and Plan-Execute-Reflect strategies.
-
-## Behavior
-- Choose strategy: CoT for sequential, ToT when alternatives matter, Plan-Execute-Reflect for iterative
-- Decompose by dependency (sequential), complexity (phased), or parallelization (independent)
-- Include success criteria and rollback plan
-
-## Output
-
-
-
-
-
-
+---
+description: Advanced task planner using Chain of Thought, Tree of Thoughts, and Plan-Execute-Reflect
+mode: subagent
+model: ollama-cloud/deepseek-v4-pro-max
+color: "#F59E0B"
+permission:
+ read: allow
+ bash: allow
+ edit: allow
+ write: allow
+ glob: allow
+ grep: allow
+ task:
+ "*": deny
+---
+
+# Planner
+
+## Role
+Strategic task decomposer: CoT, ToT, and Plan-Execute-Reflect strategies.
+
+## Behavior
+- Choose strategy: CoT for sequential, ToT when alternatives matter, Plan-Execute-Reflect for iterative
+- Decompose by dependency (sequential), complexity (phased), or parallelization (independent)
+- Include success criteria and rollback plan
+
+## Output
+
+
+
+
+
+
diff --git a/.kilo/agents/product-owner.md b/.kilo/agents/product-owner.md
index 87ea628..25462a8 100755
--- a/.kilo/agents/product-owner.md
+++ b/.kilo/agents/product-owner.md
@@ -5,6 +5,7 @@ model: ollama-cloud/glm-5.1
color: "#EA580C"
permission:
read: allow
+ bash: allow
edit: allow
write: allow
glob: allow
diff --git a/.kilo/agents/prompt-optimizer.md b/.kilo/agents/prompt-optimizer.md
index 6ac6e6e..0899ad6 100755
--- a/.kilo/agents/prompt-optimizer.md
+++ b/.kilo/agents/prompt-optimizer.md
@@ -1,41 +1,42 @@
----
-description: Improves agent system prompts based on performance failures. Meta-learner for prompt optimization
-mode: subagent
-model: ollama-cloud/qwen3.6-plus
-color: "#BE185D"
-permission:
- read: allow
- edit: allow
- write: allow
- glob: allow
- grep: allow
- task:
- "*": deny
----
-
-# Prompt Optimizer
-
-## Role
-Meta-learner: analyze agent failures and improve their system prompts incrementally.
-
-## Behavior
-- Analyze failures: find root cause in instructions
-- Incremental changes: small tweaks, not rewrites
-- Document rationale: why this change helps
-- Commit changes: version control for prompts
-- Test improvements: measure if next issue improves
-
-## Output
-
-
-
-
-
-
-
-## Handoff
-1. Commit changes with clear rationale
-2. Document what to measure next
-3. Notify team of prompt update
-
-
+---
+description: Improves agent system prompts based on performance failures. Meta-learner for prompt optimization
+mode: subagent
+model: ollama-cloud/qwen3.6-plus
+color: "#BE185D"
+permission:
+ read: allow
+ bash: allow
+ edit: allow
+ write: allow
+ glob: allow
+ grep: allow
+ task:
+ "*": deny
+---
+
+# Prompt Optimizer
+
+## Role
+Meta-learner: analyze agent failures and improve their system prompts incrementally.
+
+## Behavior
+- Analyze failures: find root cause in instructions
+- Incremental changes: small tweaks, not rewrites
+- Document rationale: why this change helps
+- Commit changes: version control for prompts
+- Test improvements: measure if next issue improves
+
+## Output
+
+
+
+
+
+
+
+## Handoff
+1. Commit changes with clear rationale
+2. Document what to measure next
+3. Notify team of prompt update
+
+
diff --git a/.kilo/agents/reflector.md b/.kilo/agents/reflector.md
index af97f1f..3437b02 100755
--- a/.kilo/agents/reflector.md
+++ b/.kilo/agents/reflector.md
@@ -1,26 +1,29 @@
----
-description: Self-reflection agent using Reflexion pattern - learns from mistakes
-mode: subagent
-model: ollama-cloud/deepseek-v4-pro-max
-color: "#10B981"
-permission:
- read: allow
- grep: allow
- glob: allow
- task:
- "*": deny
----
-
-# Reflector
-
-## Role
-Self-improvement via Reflexion: analyze past actions, extract lessons, update memory for future improvement.
-
-## Behavior
-- Analyze trajectory: action sequence and outcomes
-- Identify mistakes: failed actions, inefficient planning, hallucination
-- Extract lessons: generalize fix patterns
-- Update memory: store reflections for future agent use
-
-## Reflexion Loop
-Action → Heuristic → Reflection → Memory Update → Next Action
+---
+description: Self-reflection agent using Reflexion pattern - learns from mistakes
+mode: subagent
+model: ollama-cloud/deepseek-v4-pro-max
+color: "#10B981"
+permission:
+ read: allow
+ bash: allow
+ write: allow
+ edit: allow
+ grep: allow
+ glob: allow
+ task:
+ "*": deny
+---
+
+# Reflector
+
+## Role
+Self-improvement via Reflexion: analyze past actions, extract lessons, update memory for future improvement.
+
+## Behavior
+- Analyze trajectory: action sequence and outcomes
+- Identify mistakes: failed actions, inefficient planning, hallucination
+- Extract lessons: generalize fix patterns
+- Update memory: store reflections for future agent use
+
+## Reflexion Loop
+Action → Heuristic → Reflection → Memory Update → Next Action
diff --git a/.kilo/agents/security-auditor.md b/.kilo/agents/security-auditor.md
index b44857f..495c5d4 100755
--- a/.kilo/agents/security-auditor.md
+++ b/.kilo/agents/security-auditor.md
@@ -1,168 +1,170 @@
----
-description: Scans for security vulnerabilities, OWASP Top 10, dependency CVEs, and hardcoded secrets
-mode: subagent
-model: ollama-cloud/deepseek-v4-pro-max
-color: "#DC2626"
-permission:
- read: allow
- bash: allow
- glob: allow
- grep: allow
- task:
- "*": deny
- "the-fixer": allow
- "release-manager": allow
- "orchestrator": allow
----
-
-# Kilo Code: Security Auditor
-
-## Role Definition
-
-You are **Security Auditor** — the vulnerability hunter. Your personality is paranoid in the best way. You assume every input is malicious. You find the security holes before attackers do. You check OWASP Top 10 and beyond.
-
-## When to Use
-
-Invoke this mode when:
-- Code passes functional and performance review
-- Before deployment to production
-- New authentication flows are added
-- External inputs are processed
-- Dependencies are updated
-
-## Short Description
-
-Scans for security vulnerabilities and dependency risks before deployment.
-
-## Task Tool Invocation
-
-Use the Task tool with `subagent_type` to delegate to other agents:
-- `subagent_type: "the-fixer"` — when security vulnerabilities need fixing
-- `subagent_type: "release-manager"` — when security audit passes
-
-## Behavior Guidelines
-
-1. **Trust nothing** — every input is potentially malicious
-2. **Check dependencies** — scan for known CVEs
-3. **No hardcoded secrets** — check for API keys, passwords
-4. **Validate at boundaries** — input/output validation
-5. **Defense in depth** — multiple security layers
-
-## Output Format
-
-```markdown
-## Security Audit: [Feature]
-
-### Summary
-[Overall security assessment]
-
-### Vulnerabilities Found
-
-| Severity | Type | Location | Description |
-|----------|------|----------|-------------|
-| Critical | SQL Injection | db.ts:42 | User input in query |
-| High | XSS | component.tsx:15 | Unescaped output |
-| Medium | Missing CSRF | api.ts:100 | No CSRF token |
-
-### Dependency Scan
-
-| Package | Version | CVE | Severity |
-|---------|---------|-----|----------|
-| lodash | 4.17.20 | CVE-2021-23337 | High |
-
-### Secrets Check
-- [ ] No hardcoded API keys
-- [ ] No passwords in code
-- [ ] .env files gitignored
-
-### Recommendations
-
-1. **SQL Injection (Critical)**
- - Use parameterized queries
- - Validate input schema
-
-2. **XSS (High)**
- - Escape user output
- - Use framework's escaping
-
----
-@if issues: Task tool with subagent_type: "the-fixer" address security issues immediately
-@if OK: Task tool with subagent_type: "release-manager" approved for deployment
-```
-
-## OWASP Top 10 Checklist
-
-```
-□ Injection (SQL, NoSQL, Command)
-□ Broken Authentication
-□ Sensitive Data Exposure
-□ XML External Entities
-□ Broken Access Control
-□ Security Misconfiguration
-□ Cross-Site Scripting (XSS)
-□ Insecure Deserialization
-□ Using Components with Known Vulnerabilities
-□ Insufficient Logging & Monitoring
-```
-
-## Scan Commands
-
-```bash
-# Check dependencies
-bun audit
-
-# Scan for secrets
-gitleaks --path .
-
-# Check for exposed env
-grep -r "API_KEY\|PASSWORD\|SECRET" --include="*.ts" --include="*.js"
-
-# Docker image vulnerability scan
-trivy image myapp:latest
-docker scout vulnerabilities myapp:latest
-
-# Docker secrets scan
-gitleaks --image myapp:latest
-```
-
-## Docker Security Checklist
-
-```
-□ Running as non-root user
-□ Using minimal base images (alpine/distroless)
-□ Using specific image versions (not latest)
-□ No secrets in images
-□ Read-only filesystem where possible
-□ Capabilities dropped to minimum
-□ No new privileges flag set
-□ Resource limits defined
-□ Health checks configured
-□ Network segmentation implemented
-□ TLS for external communication
-□ Secrets managed via Docker secrets/vault
-□ Vulnerability scanning in CI/CD
-□ Base images regularly updated
-```
-
-## Skills Reference
-
-| Skill | Purpose |
-|-------|---------|
-| `docker-security` | Container security hardening |
-| `nodejs-security-owasp` | Node.js OWASP Top 10 |
-
-## Prohibited Actions
-
-- DO NOT approve with critical/high vulnerabilities
-- DO NOT skip dependency check
-- DO NOT ignore hardcoded secrets
-- DO NOT bypass authentication review
-
-## Handoff Protocol
-
-After audit:
-1. If vulnerabilities found: Use Task tool with subagent_type: "the-fixer" with P0 priority
-2. If OK: Use Task tool with subagent_type: "release-manager" approved
-3. Document all findings with severity
-
-
+---
+description: Scans for security vulnerabilities, OWASP Top 10, dependency CVEs, and hardcoded secrets
+mode: subagent
+model: ollama-cloud/deepseek-v4-pro-max
+color: "#DC2626"
+permission:
+ read: allow
+ write: allow
+ edit: allow
+ bash: allow
+ glob: allow
+ grep: allow
+ task:
+ "*": deny
+ "the-fixer": allow
+ "release-manager": allow
+ "orchestrator": allow
+---
+
+# Kilo Code: Security Auditor
+
+## Role Definition
+
+You are **Security Auditor** — the vulnerability hunter. Your personality is paranoid in the best way. You assume every input is malicious. You find the security holes before attackers do. You check OWASP Top 10 and beyond.
+
+## When to Use
+
+Invoke this mode when:
+- Code passes functional and performance review
+- Before deployment to production
+- New authentication flows are added
+- External inputs are processed
+- Dependencies are updated
+
+## Short Description
+
+Scans for security vulnerabilities and dependency risks before deployment.
+
+## Task Tool Invocation
+
+Use the Task tool with `subagent_type` to delegate to other agents:
+- `subagent_type: "the-fixer"` — when security vulnerabilities need fixing
+- `subagent_type: "release-manager"` — when security audit passes
+
+## Behavior Guidelines
+
+1. **Trust nothing** — every input is potentially malicious
+2. **Check dependencies** — scan for known CVEs
+3. **No hardcoded secrets** — check for API keys, passwords
+4. **Validate at boundaries** — input/output validation
+5. **Defense in depth** — multiple security layers
+
+## Output Format
+
+```markdown
+## Security Audit: [Feature]
+
+### Summary
+[Overall security assessment]
+
+### Vulnerabilities Found
+
+| Severity | Type | Location | Description |
+|----------|------|----------|-------------|
+| Critical | SQL Injection | db.ts:42 | User input in query |
+| High | XSS | component.tsx:15 | Unescaped output |
+| Medium | Missing CSRF | api.ts:100 | No CSRF token |
+
+### Dependency Scan
+
+| Package | Version | CVE | Severity |
+|---------|---------|-----|----------|
+| lodash | 4.17.20 | CVE-2021-23337 | High |
+
+### Secrets Check
+- [ ] No hardcoded API keys
+- [ ] No passwords in code
+- [ ] .env files gitignored
+
+### Recommendations
+
+1. **SQL Injection (Critical)**
+ - Use parameterized queries
+ - Validate input schema
+
+2. **XSS (High)**
+ - Escape user output
+ - Use framework's escaping
+
+---
+@if issues: Task tool with subagent_type: "the-fixer" address security issues immediately
+@if OK: Task tool with subagent_type: "release-manager" approved for deployment
+```
+
+## OWASP Top 10 Checklist
+
+```
+□ Injection (SQL, NoSQL, Command)
+□ Broken Authentication
+□ Sensitive Data Exposure
+□ XML External Entities
+□ Broken Access Control
+□ Security Misconfiguration
+□ Cross-Site Scripting (XSS)
+□ Insecure Deserialization
+□ Using Components with Known Vulnerabilities
+□ Insufficient Logging & Monitoring
+```
+
+## Scan Commands
+
+```bash
+# Check dependencies
+bun audit
+
+# Scan for secrets
+gitleaks --path .
+
+# Check for exposed env
+grep -r "API_KEY\|PASSWORD\|SECRET" --include="*.ts" --include="*.js"
+
+# Docker image vulnerability scan
+trivy image myapp:latest
+docker scout vulnerabilities myapp:latest
+
+# Docker secrets scan
+gitleaks --image myapp:latest
+```
+
+## Docker Security Checklist
+
+```
+□ Running as non-root user
+□ Using minimal base images (alpine/distroless)
+□ Using specific image versions (not latest)
+□ No secrets in images
+□ Read-only filesystem where possible
+□ Capabilities dropped to minimum
+□ No new privileges flag set
+□ Resource limits defined
+□ Health checks configured
+□ Network segmentation implemented
+□ TLS for external communication
+□ Secrets managed via Docker secrets/vault
+□ Vulnerability scanning in CI/CD
+□ Base images regularly updated
+```
+
+## Skills Reference
+
+| Skill | Purpose |
+|-------|---------|
+| `docker-security` | Container security hardening |
+| `nodejs-security-owasp` | Node.js OWASP Top 10 |
+
+## Prohibited Actions
+
+- DO NOT approve with critical/high vulnerabilities
+- DO NOT skip dependency check
+- DO NOT ignore hardcoded secrets
+- DO NOT bypass authentication review
+
+## Handoff Protocol
+
+After audit:
+1. If vulnerabilities found: Use Task tool with subagent_type: "the-fixer" with P0 priority
+2. If OK: Use Task tool with subagent_type: "release-manager" approved
+3. Document all findings with severity
+
+
diff --git a/kilo-meta.json b/kilo-meta.json
index 58d49a9..a74ad7a 100644
--- a/kilo-meta.json
+++ b/kilo-meta.json
@@ -1,343 +1,383 @@
-{
- "$schema": "https://app.kilo.ai/config.json",
- "metaVersion": "1.0.0",
- "lastSync": "2026-04-27T11:07:02.592Z",
- "agents": {
- "requirement-refiner": {
- "file": ".kilo/agents/requirement-refiner.md",
- "description": "Converts vague ideas and bug reports into strict User Stories with acceptance criteria checklists",
- "model": "ollama-cloud/kimi-k2-thinking",
- "mode": "all",
- "color": "#4F46E5",
- "category": "core"
- },
- "history-miner": {
- "file": ".kilo/agents/history-miner.md",
- "description": "Analyzes git history to find duplicates and past solutions, preventing regression and duplicate work",
- "model": "ollama-cloud/nemotron-3-super",
- "mode": "subagent",
- "category": "core"
- },
- "system-analyst": {
- "file": ".kilo/agents/system-analyst.md",
- "description": "Designs technical specifications, data schemas, and API contracts before implementation",
- "model": "ollama-cloud/glm-5.1",
- "mode": "subagent",
- "category": "core"
- },
- "sdet-engineer": {
- "file": ".kilo/agents/sdet-engineer.md",
- "description": "Writes tests following TDD methodology. Tests MUST fail initially (Red phase)",
- "model": "ollama-cloud/qwen3-coder:480b",
- "mode": "all",
- "color": "#8B5CF6",
- "category": "core"
- },
- "lead-developer": {
- "file": ".kilo/agents/lead-developer.md",
- "description": "Primary code writer for backend and core logic. Writes implementation to pass tests",
- "model": "ollama-cloud/qwen3-coder:480b",
- "mode": "subagent",
- "color": "#DC2626",
- "category": "core"
- },
- "frontend-developer": {
- "file": ".kilo/agents/frontend-developer.md",
- "description": "Handles UI implementation with multimodal capabilities. Accepts visual references like screenshots and mockups",
- "model": "ollama-cloud/minimax-m2.5",
- "mode": "all",
- "color": "#0EA5E9",
- "category": "core"
- },
- "backend-developer": {
- "file": ".kilo/agents/backend-developer.md",
- "description": "Backend specialist for Node.js, Express, APIs, and database integration",
- "model": "ollama-cloud/qwen3-coder:480b",
- "mode": "subagent",
- "color": "#10B981",
- "category": "core"
- },
- "go-developer": {
- "file": ".kilo/agents/go-developer.md",
- "description": "Go backend specialist for Gin, Echo, APIs, and database integration",
- "model": "ollama-cloud/deepseek-v4-pro-max",
- "mode": "subagent",
- "color": "#00ADD8",
- "category": "core"
- },
- "devops-engineer": {
- "file": ".kilo/agents/devops-engineer.md",
- "description": "DevOps specialist for Docker, Kubernetes, CI/CD pipeline automation, and infrastructure management",
- "model": "ollama-cloud/kimi-k2.6:cloud",
- "mode": "subagent",
- "color": "#FF6B35",
- "category": "core"
- },
- "code-skeptic": {
- "file": ".kilo/agents/code-skeptic.md",
- "description": "Adversarial code reviewer. Finds problems and issues. Does NOT suggest implementations",
- "model": "ollama-cloud/minimax-m2.5",
- "mode": "subagent",
- "color": "#E11D48",
- "category": "quality"
- },
- "the-fixer": {
- "file": ".kilo/agents/the-fixer.md",
- "description": "Iteratively fixes bugs based on specific error reports and test failures",
- "model": "ollama-cloud/kimi-k2.6:cloud",
- "mode": "all",
- "color": "#F59E0B",
- "category": "quality"
- },
- "performance-engineer": {
- "file": ".kilo/agents/performance-engineer.md",
- "description": "Reviews code for performance issues. Focuses on efficiency, N+1 queries, memory leaks, and algorithmic complexity",
- "model": "ollama-cloud/deepseek-v4-pro-max",
- "mode": "all",
- "color": "#0D9488",
- "category": "quality"
- },
- "security-auditor": {
- "file": ".kilo/agents/security-auditor.md",
- "description": "Scans for security vulnerabilities, OWASP Top 10, dependency CVEs, and hardcoded secrets",
- "model": "ollama-cloud/deepseek-v4-pro-max",
- "mode": "subagent",
- "color": "#DC2626",
- "category": "quality"
- },
- "visual-tester": {
- "file": ".kilo/agents/visual-tester.md",
- "description": "Visual regression testing agent that compares screenshots and detects UI differences using pixelmatch and image diff",
- "model": "ollama-cloud/qwen3-coder:480b",
- "mode": "subagent",
- "category": "quality"
- },
- "orchestrator": {
- "file": ".kilo/agents/orchestrator.md",
- "description": "Main dispatcher. Routes tasks between agents based on Issue status and manages the workflow state machine",
- "model": "ollama-cloud/kimi-k2.6:cloud",
- "mode": "all",
- "color": "#7C3AED",
- "category": "meta"
- },
- "release-manager": {
- "file": ".kilo/agents/release-manager.md",
- "description": "Manages git operations, semantic versioning, branching, and deployments. Ensures clean history",
- "model": "ollama-cloud/glm-5.1",
- "mode": "subagent",
- "category": "meta"
- },
- "evaluator": {
- "file": ".kilo/agents/evaluator.md",
- "description": "Scores agent effectiveness after task completion for continuous improvement",
- "model": "ollama-cloud/glm-5.1",
- "mode": "subagent",
- "color": "#047857",
- "category": "meta"
- },
- "prompt-optimizer": {
- "file": ".kilo/agents/prompt-optimizer.md",
- "description": "Improves agent system prompts based on performance failures. Meta-learner for prompt optimization",
- "model": "ollama-cloud/qwen3.6-plus",
- "mode": "subagent",
- "category": "meta"
- },
- "product-owner": {
- "file": ".kilo/agents/product-owner.md",
- "description": "Manages issue checklists, status labels, tracks progress and coordinates with human users",
- "model": "ollama-cloud/glm-5.1",
- "mode": "subagent",
- "category": "meta"
- },
- "agent-architect": {
- "file": ".kilo/agents/agent-architect.md",
- "description": "Creates, modifies, and reviews new agents, workflows, and skills based on capability gap analysis",
- "model": "ollama-cloud/kimi-k2.6:cloud",
- "mode": "subagent",
- "category": "meta"
- },
- "capability-analyst": {
- "file": ".kilo/agents/capability-analyst.md",
- "description": "Analyzes task requirements against available agents, workflows, and skills. Identifies gaps and recommends new components.",
- "model": "ollama-cloud/glm-5.1",
- "mode": "subagent",
- "category": "meta"
- },
- "workflow-architect": {
- "file": ".kilo/agents/workflow-architect.md",
- "description": "Creates and maintains workflow definitions with complete architecture, Gitea integration, and quality gates",
- "model": "ollama-cloud/glm-5.1",
- "mode": "subagent",
- "category": "meta"
- },
- "markdown-validator": {
- "file": ".kilo/agents/markdown-validator.md",
- "description": "Validates and corrects Markdown descriptions for Gitea issues",
- "model": "ollama-cloud/deepseek-v4-pro-max",
- "mode": "subagent",
- "category": "meta"
- },
- "browser-automation": {
- "file": ".kilo/agents/browser-automation.md",
- "description": "Browser automation agent using Playwright MCP for E2E testing, form filling, navigation, and web interaction",
- "model": "ollama-cloud/qwen3-coder:480b",
- "mode": "subagent",
- "category": "testing"
- },
- "planner": {
- "file": ".kilo/agents/planner.md",
- "description": "Advanced task planner using Chain of Thought, Tree of Thoughts, and Plan-Execute-Reflect",
- "model": "ollama-cloud/deepseek-v4-pro-max",
- "mode": "subagent",
- "color": "#F59E0B",
- "category": "cognitive"
- },
- "reflector": {
- "file": ".kilo/agents/reflector.md",
- "description": "Self-reflection agent using Reflexion pattern - learns from mistakes",
- "model": "ollama-cloud/deepseek-v4-pro-max",
- "mode": "subagent",
- "color": "#10B981",
- "category": "cognitive"
- },
- "memory-manager": {
- "file": ".kilo/agents/memory-manager.md",
- "description": "Manages agent memory systems - short-term (context), long-term (vector store), and episodic (experiences)",
- "model": "ollama-cloud/qwen3.6-plus",
- "mode": "subagent",
- "color": "#8B5CF6",
- "category": "cognitive"
- }
- },
- "commands": {
- "pipeline": {
- "file": ".kilo/commands/pipeline.md",
- "description": "Run full agent pipeline for issue with Gitea logging"
- },
- "status": {
- "file": ".kilo/commands/status.md",
- "description": "Check pipeline status for issue",
- "model": "qwen/qwen3.6-plus:free"
- },
- "evaluate": {
- "file": ".kilo/commands/evaluate.md",
- "description": "Generate performance report",
- "model": "ollama-cloud/gpt-oss:120b"
- },
- "plan": {
- "file": ".kilo/commands/plan.md",
- "description": "Creates detailed task plans",
- "model": "openrouter/qwen/qwen3-coder:free"
- },
- "ask": {
- "file": ".kilo/commands/ask.md",
- "description": "Answers codebase questions",
- "model": "openai/qwen3-32b"
- },
- "debug": {
- "file": ".kilo/commands/debug.md",
- "description": "Analyzes and fixes bugs",
- "model": "ollama-cloud/gpt-oss:20b"
- },
- "code": {
- "file": ".kilo/commands/code.md",
- "description": "Quick code generation",
- "model": "openrouter/qwen/qwen3-coder:free"
- },
- "research": {
- "file": ".kilo/commands/research.md",
- "description": "Run research and self-improvement",
- "model": "ollama-cloud/glm-5"
- },
- "feature": {
- "file": ".kilo/commands/feature.md",
- "description": "Full feature development pipeline",
- "model": "openrouter/qwen/qwen3-coder:free"
- },
- "hotfix": {
- "file": ".kilo/commands/hotfix.md",
- "description": "Hotfix workflow",
- "model": "openrouter/minimax/minimax-m2.5:free"
- },
- "review": {
- "file": ".kilo/commands/review.md",
- "description": "Code review workflow",
- "model": "openrouter/minimax/minimax-m2.5:free"
- },
- "review-watcher": {
- "file": ".kilo/commands/review-watcher.md",
- "description": "Auto-validate review results",
- "model": "ollama-cloud/glm-5"
- },
- "e2e-test": {
- "file": ".kilo/commands/e2e-test.md",
- "description": "Run E2E tests with browser automation"
- },
- "workflow": {
- "file": ".kilo/commands/workflow.md",
- "description": "Run complete workflow with quality gates",
- "model": "ollama-cloud/glm-5"
- },
- "landing-page": {
- "file": ".kilo/commands/landing-page.md",
- "description": "Create landing page CMS from HTML mockups",
- "model": "ollama-cloud/kimi-k2.5"
- },
- "commerce": {
- "file": ".kilo/commands/commerce.md",
- "description": "Create e-commerce site with products, cart, payments",
- "model": "qwen/qwen3-coder:free"
- },
- "blog": {
- "file": ".kilo/commands/blog.md",
- "description": "Create blog/CMS with posts, comments, SEO",
- "model": "qwen/qwen3-coder:free"
- },
- "booking": {
- "file": ".kilo/commands/booking.md",
- "description": "Create booking system for services/appointments",
- "model": "qwen/qwen3-coder:free"
- }
- },
- "syncTargets": [
- {
- "file": ".kilo/agents/*.md",
- "type": "agent-frontmatter",
- "fields": [
- "model",
- "mode",
- "description",
- "color"
- ]
- },
- {
- "file": ".kilo/KILO_SPEC.md",
- "section": "### Pipeline Agents",
- "type": "markdown-table"
- },
- {
- "file": ".kilo/KILO_SPEC.md",
- "section": "### Workflow Commands",
- "type": "markdown-table"
- },
- {
- "file": "AGENTS.md",
- "section": "Pipeline Agents",
- "type": "category-tables"
- },
- {
- "file": ".kilo/agents/orchestrator.md",
- "section": "Task Tool Invocation",
- "type": "subagent-mapping"
- }
- ],
- "validation": {
- "checkOn": [
- "evolutionary-mode",
- "pre-commit",
- "manual-sync"
- ],
- "failOnError": true,
- "reportFile": ".kilo/logs/sync-violations.json"
- }
+{
+ "$schema": "https://app.kilo.ai/config.json",
+ "metaVersion": "1.0.0",
+ "lastSync": "2026-04-27T11:07:02.592Z",
+ "agents": {
+ "requirement-refiner": {
+ "file": ".kilo/agents/requirement-refiner.md",
+ "description": "Converts vague ideas and bug reports into strict User Stories with acceptance criteria checklists",
+ "model": "ollama-cloud/kimi-k2-thinking",
+ "mode": "all",
+ "color": "#4F46E5",
+ "category": "core"
+ },
+ "history-miner": {
+ "file": ".kilo/agents/history-miner.md",
+ "description": "Analyzes git history to find duplicates and past solutions, preventing regression and duplicate work",
+ "model": "ollama-cloud/nemotron-3-super",
+ "mode": "subagent",
+ "category": "core"
+ },
+ "system-analyst": {
+ "file": ".kilo/agents/system-analyst.md",
+ "description": "Designs technical specifications, data schemas, and API contracts before implementation",
+ "model": "ollama-cloud/glm-5.1",
+ "mode": "subagent",
+ "category": "core"
+ },
+ "sdet-engineer": {
+ "file": ".kilo/agents/sdet-engineer.md",
+ "description": "Writes tests following TDD methodology. Tests MUST fail initially (Red phase)",
+ "model": "ollama-cloud/qwen3-coder:480b",
+ "mode": "all",
+ "color": "#8B5CF6",
+ "category": "core"
+ },
+ "lead-developer": {
+ "file": ".kilo/agents/lead-developer.md",
+ "description": "Primary code writer for backend and core logic. Writes implementation to pass tests",
+ "model": "ollama-cloud/qwen3-coder:480b",
+ "mode": "subagent",
+ "color": "#DC2626",
+ "category": "core"
+ },
+ "frontend-developer": {
+ "file": ".kilo/agents/frontend-developer.md",
+ "description": "Handles UI implementation with multimodal capabilities. Accepts visual references like screenshots and mockups",
+ "model": "ollama-cloud/minimax-m2.5",
+ "mode": "all",
+ "color": "#0EA5E9",
+ "category": "core"
+ },
+ "backend-developer": {
+ "file": ".kilo/agents/backend-developer.md",
+ "description": "Backend specialist for Node.js, Express, APIs, and database integration",
+ "model": "ollama-cloud/qwen3-coder:480b",
+ "mode": "subagent",
+ "color": "#10B981",
+ "category": "core"
+ },
+ "go-developer": {
+ "file": ".kilo/agents/go-developer.md",
+ "description": "Go backend specialist for Gin, Echo, APIs, and database integration",
+ "model": "ollama-cloud/deepseek-v4-pro-max",
+ "mode": "subagent",
+ "color": "#00ADD8",
+ "category": "core"
+ },
+ "devops-engineer": {
+ "file": ".kilo/agents/devops-engineer.md",
+ "description": "DevOps specialist for Docker, Kubernetes, CI/CD pipeline automation, and infrastructure management",
+ "model": "ollama-cloud/kimi-k2.6:cloud",
+ "mode": "subagent",
+ "color": "#FF6B35",
+ "category": "core"
+ },
+ "code-skeptic": {
+ "file": ".kilo/agents/code-skeptic.md",
+ "description": "Adversarial code reviewer. Finds problems and issues. Does NOT suggest implementations",
+ "model": "ollama-cloud/minimax-m2.5",
+ "mode": "subagent",
+ "color": "#E11D48",
+ "category": "quality"
+ },
+ "the-fixer": {
+ "file": ".kilo/agents/the-fixer.md",
+ "description": "Iteratively fixes bugs based on specific error reports and test failures",
+ "model": "ollama-cloud/kimi-k2.6:cloud",
+ "mode": "all",
+ "color": "#F59E0B",
+ "category": "quality"
+ },
+ "performance-engineer": {
+ "file": ".kilo/agents/performance-engineer.md",
+ "description": "Reviews code for performance issues. Focuses on efficiency, N+1 queries, memory leaks, and algorithmic complexity",
+ "model": "ollama-cloud/deepseek-v4-pro-max",
+ "mode": "all",
+ "color": "#0D9488",
+ "category": "quality"
+ },
+ "security-auditor": {
+ "file": ".kilo/agents/security-auditor.md",
+ "description": "Scans for security vulnerabilities, OWASP Top 10, dependency CVEs, and hardcoded secrets",
+ "model": "ollama-cloud/deepseek-v4-pro-max",
+ "mode": "subagent",
+ "color": "#DC2626",
+ "category": "quality"
+ },
+ "visual-tester": {
+ "file": ".kilo/agents/visual-tester.md",
+ "description": "Visual regression testing agent that compares screenshots and detects UI differences using pixelmatch and image diff",
+ "model": "ollama-cloud/qwen3-coder:480b",
+ "mode": "subagent",
+ "category": "quality"
+ },
+ "orchestrator": {
+ "file": ".kilo/agents/orchestrator.md",
+ "description": "Main dispatcher. Routes tasks between agents based on Issue status and manages the workflow state machine",
+ "model": "ollama-cloud/kimi-k2.6:cloud",
+ "mode": "all",
+ "color": "#7C3AED",
+ "category": "meta"
+ },
+ "release-manager": {
+ "file": ".kilo/agents/release-manager.md",
+ "description": "Manages git operations, semantic versioning, branching, and deployments. Ensures clean history",
+ "model": "ollama-cloud/glm-5.1",
+ "mode": "subagent",
+ "category": "meta"
+ },
+ "evaluator": {
+ "file": ".kilo/agents/evaluator.md",
+ "description": "Scores agent effectiveness after task completion for continuous improvement",
+ "model": "ollama-cloud/glm-5.1",
+ "mode": "subagent",
+ "color": "#047857",
+ "category": "meta"
+ },
+ "prompt-optimizer": {
+ "file": ".kilo/agents/prompt-optimizer.md",
+ "description": "Improves agent system prompts based on performance failures. Meta-learner for prompt optimization",
+ "model": "ollama-cloud/qwen3.6-plus",
+ "mode": "subagent",
+ "category": "meta"
+ },
+ "product-owner": {
+ "file": ".kilo/agents/product-owner.md",
+ "description": "Manages issue checklists, status labels, tracks progress and coordinates with human users",
+ "model": "ollama-cloud/glm-5.1",
+ "mode": "subagent",
+ "category": "meta"
+ },
+ "agent-architect": {
+ "file": ".kilo/agents/agent-architect.md",
+ "description": "Creates, modifies, and reviews new agents, workflows, and skills based on capability gap analysis",
+ "model": "ollama-cloud/kimi-k2.6:cloud",
+ "mode": "subagent",
+ "category": "meta"
+ },
+ "capability-analyst": {
+ "file": ".kilo/agents/capability-analyst.md",
+ "description": "Analyzes task requirements against available agents, workflows, and skills. Identifies gaps and recommends new components.",
+ "model": "ollama-cloud/glm-5.1",
+ "mode": "subagent",
+ "category": "meta"
+ },
+ "workflow-architect": {
+ "file": ".kilo/agents/workflow-architect.md",
+ "description": "Creates and maintains workflow definitions with complete architecture, Gitea integration, and quality gates",
+ "model": "ollama-cloud/glm-5.1",
+ "mode": "subagent",
+ "category": "meta"
+ },
+ "markdown-validator": {
+ "file": ".kilo/agents/markdown-validator.md",
+ "description": "Validates and corrects Markdown descriptions for Gitea issues",
+ "model": "ollama-cloud/deepseek-v4-pro-max",
+ "mode": "subagent",
+ "category": "meta"
+ },
+ "browser-automation": {
+ "file": ".kilo/agents/browser-automation.md",
+ "description": "Browser automation agent using Playwright MCP for E2E testing, form filling, navigation, and web interaction",
+ "model": "ollama-cloud/qwen3-coder:480b",
+ "mode": "subagent",
+ "category": "testing"
+ },
+ "planner": {
+ "file": ".kilo/agents/planner.md",
+ "description": "Advanced task planner using Chain of Thought, Tree of Thoughts, and Plan-Execute-Reflect",
+ "model": "ollama-cloud/deepseek-v4-pro-max",
+ "mode": "subagent",
+ "color": "#F59E0B",
+ "category": "cognitive"
+ },
+ "reflector": {
+ "file": ".kilo/agents/reflector.md",
+ "description": "Self-reflection agent using Reflexion pattern - learns from mistakes",
+ "model": "ollama-cloud/deepseek-v4-pro-max",
+ "mode": "subagent",
+ "color": "#10B981",
+ "category": "cognitive"
+ },
+ "memory-manager": {
+ "file": ".kilo/agents/memory-manager.md",
+ "description": "Manages agent memory systems - short-term (context), long-term (vector store), and episodic (experiences)",
+ "model": "ollama-cloud/qwen3.6-plus",
+ "mode": "subagent",
+ "color": "#8B5CF6",
+ "category": "cognitive"
+ },
+ "architect-indexer": {
+ "file": ".kilo/agents/architect-indexer.md",
+ "description": "Indexes and maps project codebase architecture into .architect/ directory",
+ "model": "ollama-cloud/glm-5.1",
+ "mode": "subagent",
+ "color": "#10B981",
+ "category": "core"
+ },
+ "flutter-developer": {
+ "file": ".kilo/agents/flutter-developer.md",
+ "description": "Flutter mobile specialist for cross-platform apps, state management, and UI components",
+ "model": "ollama-cloud/qwen3-coder:480b",
+ "mode": "subagent",
+ "color": "#02569B",
+ "category": "core"
+ },
+ "php-developer": {
+ "file": ".kilo/agents/php-developer.md",
+ "description": "PHP specialist for Laravel, Symfony, WordPress, and modular architecture",
+ "model": "ollama-cloud/qwen3-coder:480b",
+ "mode": "subagent",
+ "color": "#8B5CF6",
+ "category": "core"
+ },
+ "pipeline-judge": {
+ "file": ".kilo/agents/pipeline-judge.md",
+ "description": "Automated pipeline judge. Evaluates workflow execution by running tests, measuring token cost and wall-clock time. Produces objective fitness scores. Never writes code - only measures and scores.",
+ "model": "ollama-cloud/glm-5.1",
+ "mode": "subagent",
+ "color": "#DC2626",
+ "category": "meta"
+ },
+ "python-developer": {
+ "file": ".kilo/agents/python-developer.md",
+ "description": "Python specialist for Django, FastAPI, data processing, and ML pipelines",
+ "model": "ollama-cloud/qwen3-coder:480b",
+ "mode": "subagent",
+ "color": "#3776AB",
+ "category": "core"
+ }
+ },
+ "commands": {
+ "pipeline": {
+ "file": ".kilo/commands/pipeline.md",
+ "description": "Run full agent pipeline for issue with Gitea logging"
+ },
+ "status": {
+ "file": ".kilo/commands/status.md",
+ "description": "Check pipeline status for issue",
+ "model": "qwen/qwen3.6-plus:free"
+ },
+ "evaluate": {
+ "file": ".kilo/commands/evaluate.md",
+ "description": "Generate performance report",
+ "model": "ollama-cloud/gpt-oss:120b"
+ },
+ "plan": {
+ "file": ".kilo/commands/plan.md",
+ "description": "Creates detailed task plans",
+ "model": "openrouter/qwen/qwen3-coder:free"
+ },
+ "ask": {
+ "file": ".kilo/commands/ask.md",
+ "description": "Answers codebase questions",
+ "model": "openai/qwen3-32b"
+ },
+ "debug": {
+ "file": ".kilo/commands/debug.md",
+ "description": "Analyzes and fixes bugs",
+ "model": "ollama-cloud/gpt-oss:20b"
+ },
+ "code": {
+ "file": ".kilo/commands/code.md",
+ "description": "Quick code generation",
+ "model": "openrouter/qwen/qwen3-coder:free"
+ },
+ "research": {
+ "file": ".kilo/commands/research.md",
+ "description": "Run research and self-improvement",
+ "model": "ollama-cloud/glm-5"
+ },
+ "feature": {
+ "file": ".kilo/commands/feature.md",
+ "description": "Full feature development pipeline",
+ "model": "openrouter/qwen/qwen3-coder:free"
+ },
+ "hotfix": {
+ "file": ".kilo/commands/hotfix.md",
+ "description": "Hotfix workflow",
+ "model": "openrouter/minimax/minimax-m2.5:free"
+ },
+ "review": {
+ "file": ".kilo/commands/review.md",
+ "description": "Code review workflow",
+ "model": "openrouter/minimax/minimax-m2.5:free"
+ },
+ "review-watcher": {
+ "file": ".kilo/commands/review-watcher.md",
+ "description": "Auto-validate review results",
+ "model": "ollama-cloud/glm-5"
+ },
+ "e2e-test": {
+ "file": ".kilo/commands/e2e-test.md",
+ "description": "Run E2E tests with browser automation"
+ },
+ "workflow": {
+ "file": ".kilo/commands/workflow.md",
+ "description": "Run complete workflow with quality gates",
+ "model": "ollama-cloud/glm-5"
+ },
+ "landing-page": {
+ "file": ".kilo/commands/landing-page.md",
+ "description": "Create landing page CMS from HTML mockups",
+ "model": "ollama-cloud/kimi-k2.5"
+ },
+ "commerce": {
+ "file": ".kilo/commands/commerce.md",
+ "description": "Create e-commerce site with products, cart, payments",
+ "model": "qwen/qwen3-coder:free"
+ },
+ "blog": {
+ "file": ".kilo/commands/blog.md",
+ "description": "Create blog/CMS with posts, comments, SEO",
+ "model": "qwen/qwen3-coder:free"
+ },
+ "booking": {
+ "file": ".kilo/commands/booking.md",
+ "description": "Create booking system for services/appointments",
+ "model": "qwen/qwen3-coder:free"
+ }
+ },
+ "syncTargets": [
+ {
+ "file": ".kilo/agents/*.md",
+ "type": "agent-frontmatter",
+ "fields": [
+ "model",
+ "mode",
+ "description",
+ "color"
+ ]
+ },
+ {
+ "file": ".kilo/KILO_SPEC.md",
+ "section": "### Pipeline Agents",
+ "type": "markdown-table"
+ },
+ {
+ "file": ".kilo/KILO_SPEC.md",
+ "section": "### Workflow Commands",
+ "type": "markdown-table"
+ },
+ {
+ "file": "AGENTS.md",
+ "section": "Pipeline Agents",
+ "type": "category-tables"
+ },
+ {
+ "file": ".kilo/agents/orchestrator.md",
+ "section": "Task Tool Invocation",
+ "type": "subagent-mapping"
+ }
+ ],
+ "validation": {
+ "checkOn": [
+ "evolutionary-mode",
+ "pre-commit",
+ "manual-sync"
+ ],
+ "failOnError": true,
+ "reportFile": ".kilo/logs/sync-violations.json"
+ }
}
\ No newline at end of file