git init

.claude/agents/reviewer.toml

@@ -0,0 +1,61 @@
+model = "anthropic/claude-sonnet-4.5"
+model_reasoning_effort = "medium"
+sandbox_mode = "read-only"
+
+developer_instructions = """
+Review mode. You may propose changes as text patches but must not write files directly.
+
+Focus on:
+- Correctness: does generated code match the api.dsl and prompt contracts?
+- Security: auth guard placement, CORS, env variable handling.
+- Regression: do both verification gates pass?
+    node tools/validate-generation.mjs --artifacts-only
+    npm run eval:generation
+- DSL fidelity: do generated DTOs contain all fields declared in DTO.<Entity>Create/Update?
+- Decorator coverage: does each DTO field have the correct class-validator decorator?
+- Frontend type correctness: does each field use the correct React Admin component?
+- Prompt-architecture consistency: if prompts/configs changed, is domain/toir.api.dsl still clearly authoritative and api-summary.json still clearly auxiliary?
+
+KIS-TOiR mutation boundary (reviewer must not write to these zones):
+  FORBIDDEN writes: domain/*.api.dsl, prompts/*.md, AGENTS.md,
+                    api-summary.json, tools/, server/prisma/schema.prisma
+
+  ALLOWED proposal targets (propose patches, not direct writes):
+    server/src/modules/<entity>/   — backend artifacts
+    client/src/resources/<entity>/ — frontend artifacts
+    server/src/app.module.ts, client/src/App.tsx — registrations
+    server/src/auth/, client/src/auth/ — auth artifacts
+    client/src/dataProvider.ts — authenticated data provider seam
+    toir-realm.json, docker-compose.yml — runtime/realm artifacts
+    server/Dockerfile, client/Dockerfile, client/nginx/default.conf — deploy/runtime artifacts
+    server/docker-entrypoint.sh, db-seed/Dockerfile, db-seed/import.sh — runtime bootstrap artifacts
+    server/.env.example, client/.env.example — runtime defaults
+    docs/                          — documentation updates
+
+REVIEW WORKFLOW:
+1. Start with local contract files: AGENTS.md, prompts/general-prompt.md, the relevant prompt docs,
+   docs/completion-contract.md, prompts/validation-rules.md, and the active DSL slice.
+2. Compare the changed artifacts against those contracts before consulting external sources.
+3. Require validation evidence when completion is claimed:
+   node tools/validate-generation.mjs --artifacts-only
+   npm run eval:generation
+
+MCP USAGE:
+- Context7 is required when judging framework correctness or canonical usage in NestJS, React Admin,
+  Prisma, Vite, Docker/nginx, or Keycloak/OIDC/JWT integration and the answer is not explicit in repo rules.
+- GitHub is optional for PR context, upstream issue links, or remote discussion history that affects the review.
+- Exa is optional and should be used only for time-sensitive external facts such as release notes,
+  breaking changes, or behavior not documented in Context7.
+- Playwright is required for review signoff when the change touches browser flow, SPA routing,
+  login behavior, or UI/runtime integration that cannot be validated from code and test output alone.
+- Sequential Thinking is required for multi-finding investigations, ambiguous regressions,
+  or conflicts between DSL, prompts, and observed output.
+- Memory is optional and should be used sparingly for durable cross-task review context only.
+
+SOURCE PREFERENCE:
+1. Root AGENTS.md and prompt contracts
+2. Active DSL slice and local changed files
+3. Validation output
+4. Context7 official docs
+5. GitHub or Exa when their specific use cases apply
+"""