Compute risk level (Low/Medium/High) from boolean signals. Pure function. 0-1=Low, 2-3=Medium, 4+=High.

Select agents for a work type given changed files. Combines core matrix with content sniff and path hints. Reads up to 16384 bytes per file when workspace_root is set; signals can be ext-gated to avoid cross-stack false positives.

Filter a file list to those owned by a specific agent. Uses path hints + content sniff. Reads up to 16384 bytes per file when workspace_root is set.

List all configured agents with their roles, ownership, and naming conventions.

Return the full markdown system prompt for a given agent. Resolves from local override → embedded default.

Copy embedded agent defaults to the local override directory ($SQUAD_AGENTS_DIR or %APPDATA%/squad-mcp/agents). Files locally edited override the bundled versions.

Aggregate advisory reports and emit a verdict per the rules in shared/_Severity-and-Ownership.md. Blocker -> REJECTED. Unjustified Major -> REJECTED. Otherwise CHANGES_REQUIRED or APPROVED. When reports carry per-dimension scores (0-100), also returns a weighted rubric scorecard (see score_rubric). Optional min_score downgrades APPROVED to CHANGES_REQUIRED if the weighted score is below the floor — useful for projects that want a quality bar beyond absence of blockers. Includes severity_counts and agents_involved for downstream summarization. Also returns arbitration_needed (true iff any blocker, unjustified major, or cross-agent forwarded finding) so callers can skip the consolidator persona when there is nothing to arbitrate; the verdict + rubric scorecard are produced regardless.

Compute a weighted multi-dimensional rubric scorecard from per-agent advisory scores (0-100). Each agent represents one dimension (Architecture, Security, Testing, etc.) with a default weight; weights can be overridden per-repo via .squad.yaml. Returns weighted_score, per-dimension breakdown, pass/fail vs threshold (default 75), and a pre-formatted ASCII scorecard. Renormalises across agents that actually scored, so a partial advisory pass produces a meaningful score.

Read and resolve .squad.yaml (or .squad.yml) at the given workspace_root. Returns effective weights (defaults merged), threshold, min_score, skip_paths, disable_agents, and the source path (or null if no file present). Composers (compose_squad_workflow, compose_advisory_bundle) read this automatically when they receive workspace_root; this tool is for explicit introspection and for clients that build their own bundle.

Read recent team decisions from .squad/learnings.jsonl (path overridable via .squad.yaml.learnings.path). Returns the filtered entries plus a pre-rendered markdown block ready to inject into agent / consolidator prompts. Filters: agent, decision (accept|reject), changed_files (matches scoped entries against these paths). Used by the /squad:review skill in Phase 5 (advisory) and Phase 10 (consolidation) to make the squad less repetitive over time.

Append a team decision (accept | reject) on a finding to .squad/learnings.jsonl. Future runs of the squad will inject the most recent entries into agent / consolidator prompts so the squad stops re-suggesting things the team has already declined (with reason). Side-effecting — writes to disk. Caller (skill or CLI) is responsible for user confirmation.

Lifecycle maintenance for .squad/learnings.jsonl (v0.11.0+). Two passes: (1) entries older than max_age_days are marked archived: true and hidden from default read_learnings; (2) entries with ≥ min_recurrence accept decisions on the same normalised finding title get promoted: true on the most-recent matching entry — promoted entries surface first in advisory prompts regardless of scope match. Atomic rewrite under file lock. Never auto-runs (max_age_days defaults to 0). Use dry_run: true to inspect counts without mutating.

List tasks from .squad/tasks.json with optional filters (status, agent, changed_files glob match against task.scope). Returns the filtered tasks plus the total count in the store.

Pick the next ready task: candidate status (default pending), all dependencies done, optional agent / changed_files filter. Tiebreaker priority then id. Returns null with reason when none ready, plus the blocked list so callers can show 'X is next when Y completes'.

Bulk-create tasks in .squad/tasks.json. Each task: id (optional, auto-allocated), title, description, dependencies, priority, details, test_strategy, scope (glob), agent_hints. Side-effecting — atomic write (tmp + rename). Validates: unique ids, all dependencies resolve, no self-deps. The host LLM is responsible for confirming with the user before bulk-recording from a parsed PRD.

Flip a task (or subtask) status: pending / in-progress / review / done / blocked / cancelled. Stamps updated_at. Atomic write. Throws when the task / subtask id is unknown.

Append subtasks to an existing task. Mechanical only — the caller (skill or LLM) supplies the subtask inputs. Subtask ids allocated sequentially starting from max(existing.subtasks.id) + 1. Side-effecting, atomic write.

Filter a file list to those matching a task's scope glob. Without a scope, the task is repo-wide and all files match. Same glob primitive as skip_paths and learnings scope.

Build a prompt + JSON schema for the host LLM to decompose a PRD into atomic tasks. Pure-MCP: does NOT call any LLM. Caller (skill/host) feeds the prompt to its LLM, receives JSON, then calls record_tasks with user confirmation. Includes existing tasks in the prompt to prevent duplication.

Heuristic classification of WorkType from user prompt and changed file paths. Returns top type with Low/Medium/High confidence. Treat as suggestion; allow override.

Detect changed files in a git workspace via "git diff --name-status". Defaults to HEAD~1..HEAD; use base_ref to override or staged_only=true for index-staged changes. Allowlisted refs only (no leading "-", no ".." substring, no "@{", max 200 chars). 10s timeout, 1MB output cap.

Heuristic check for inviolable rule violations in a plan text: git commit/push fences, emojis in code blocks, non-English identifiers in code blocks, implementation-before-approval markers. Advisory only — never blocking.

End-to-end deterministic pipeline: detect_changed_files -> read_squad_config -> classify_work_type -> score_risk -> select_squad. Returns the union output, the resolved .squad.yaml config (defaults if absent), and skipped_paths / disabled_agents when config.skip_paths or config.disable_agents narrowed things. Caller can override work_type, force agents, or supply explicit risk signals (force_agents wins over config.disable_agents — config is policy, not veto).

End-to-end advisory dispatch bundle. Runs compose_squad_workflow, then slice_files_for_agent for each selected agent, then validate_plan_text on the supplied plan. Returns the union output ready for the host to dispatch parallel advisory reviews.

Append one RunRecord to .squad/runs.jsonl. Single-writer contract: only the lifecycle-owning skills should call this — squad (Phase 1 + Phase 10), debug (Phase A + Phase C), question (Phase 1.5 + Phase 3.5), brainstorm (Step 1.5 + Step 5.5). Validates against the RunRecord schema_version:2 and enforces MAX_RECORD_BYTES (4000) via RECORD_TOO_LARGE on overflow. Caller is responsible for matching in_flight↔terminal rows by id. File mode is 0o600 (user-only) on first create. mode_warning.message is stripped of control chars at write time.

Read tool for .squad/runs.jsonl. Folds the two-phase (in_flight, terminal) row pair by id, applies filters (since / limit / agent / verdict / mode / invocation / work_type), and returns either the folded list (aggregate=false, default) or a precomputed aggregate bundle (outcomes + health + trend sparkline buckets) when aggregate=true. Missing-journal returns an empty result, not an error. Read-only — never writes.

Drain the auto-journaling staging buffer (.squad/pending-journal.jsonl) and return the de-duplicated set of file paths touched during the run, plus the raw breadcrumb count. No-op (returns empty) when .squad.yaml journaling is not opt-in. Side-effecting — atomically claims and clears the staging file. The squad skill calls this once in Phase 10 before the terminal record_run, folding touched_paths into the RunRecord.