π fix(workflow): v0.6.0 pr-reviewer stack β push gate, skill text, project-local template
Summary
Closes !2899 (bro skipped pr-reviewer push gate on 9 audit-fix MRs) + bulk of !2900 (pr-reviewer quality, 5 root causes from 12 reviewer dispatches).
Five fixes
scripts/hooks/git-push-guard.shβ first-push fallback when@{u}doesn't exist (universal-u origin <new-branch>case). Closes the bypass that let all 9 of bro's pushes through.skills/tmb_planning/SKILL.mdβ new Step 5.5 mandating pr-reviewer spawn between atomic_close and push.skills/tmb_review/SKILL.mdβ Β§A per-SHA worktree mandate (D1 from !2900); Β§B self-write mandate (no bro delegation, with explicit sqlite3 INSERT template); new Β§C bro spawn-prompt discipline (no prior verdict, no shortcuts).templates/project-seed/.claude/agents/pr-reviewer.md(NEW) β project-local template withmcpServers: [trajectory-server](E1; plugin subagents can't have MCP frontmatter per CC docs).- 2 new regression tests β 6-case first-push gate test + 7-case bro-skip detection test reproducing the !2899 scenario.
Bonus byte-identity fixes
SWE found pre-existing lint failures: agents/pr-reviewer.md, agents/swe.md, templates/agents/pr-reviewer.md were missing tmb_owner: bro. Added.
Verification (all green)
- β 13/13 new hook tests pass (6 first-push + 7 bro-skip)
- β L2: 421/421 (no regressions)
- β L4: 55/55
- β All 7 spec grep checks pass
- β pr-reviewer score: PASS (
validation_attemptsrow 14 β written by reviewer themselves via Β§B path 2 honor-system, validated by reviewer using per-sha worktree per Β§A)
Deferred (separate MRs)
- B1 schema-level
validation_attempts.subagent_session_idprovenance check β needs v2βv3 migration with backfill; separate MR. - Bug-capture lints for the 9 merged MRs' bug patterns β next branch (
test/v0-6-0-bug-capture-lints). - LOAD-BEARING-SAFETY markers on 4 new negative-directives in Step 5.5 (non-blocking; warn-only lint passes).
Closes !2899 Closes !2900 (partial β B1 deferred)