demaconsulting · Malcolmnixon · Mar 30, 2026 · Mar 24, 2026 · Mar 30, 2026 · Mar 30, 2026
diff --git a/.cspell.json b/.cspell.json
@@ -46,6 +46,8 @@
     "Pylint",
     "Qube",
     "reqstream",
+    "reviewmark",
+    "ReviewMark",
     "SarifMark",
     "SBOM",
     "sbom",
@@ -83,6 +85,7 @@
     "*.spdx.json",
     "package-lock.json",
     "yarn.lock",
-    "AGENT_REPORT_*.md"
+    "AGENT_REPORT_*.md",
+    "**/.agent-logs/**"
   ]
 }
diff --git a/.gitattributes b/.gitattributes
@@ -0,0 +1,7 @@
+# Set default behavior: normalize line endings to LF on checkout for all text files.
+# This ensures consistent SHA256 fingerprints for reviewmark across all platforms.
+* text=auto eol=lf
+
+# Windows batch files require CRLF line endings to function correctly.
+*.bat text eol=crlf
+*.cmd text eol=crlf
diff --git a/.github/agents/code-quality-agent.md b/.github/agents/code-quality-agent.md
diff --git a/.github/agents/code-review.agent.md b/.github/agents/code-review.agent.md
@@ -0,0 +1,73 @@
+---
+name: code-review
+description: Agent for performing formal reviews
+user-invocable: true
+---
+
+# Code Review Agent
+
+This agent runs the formal review based on the review-set it's told to perform.
+
+# Formal Review Steps
+
+Formal reviews are a quality enforcement mechanism, and as such MUST be performed using the following four steps:
+
+1. Download the
+   <https://github.com/demaconsulting/ContinuousCompliance/raw/refs/heads/main/docs/review-template/review-template.md>
+   to get the checklist to fill in
+2. Use `dotnet reviewmark --elaborate [review-set]` to get the files to review
+3. Review the files all together
+4. Populate the checklist with the findings to `.agent-logs/reviews/review-report-[review-set].md` of the project.
+
+# Don't Do These Things
+
+- **Never modify code during review** (document findings only)
+- **Never skip applicable checklist items** (comprehensive review required)
+- **Never approve reviews with unresolved critical findings**
+- **Never bypass review status requirements** for compliance
+- **Never conduct reviews without proper documentation**
+- **Never ignore security or compliance findings**
+- **Never approve without verifying all quality gates**
+
+# Reporting
+
+Upon completion create a summary in `.agent-logs/[agent-name]-[subject]-[unique-id].md`
+of the project consisting of:
+
+```markdown
+# Code Review Report
+
+**Result**: <SUCCEEDED/FAILED>
+
+## Review Summary
+
+- **Review Set**: [Review set name/identifier]
+- **Review Report File**: [Name of detailed review report generated]
+- **Files Reviewed**: [Count and list of files reviewed]
+- **Review Template Used**: [Template source and version]
+
+## Review Results
+
+- **Overall Conclusion**: [Summary of review results]
+- **Critical Issues**: [Count of critical findings]
+- **High Issues**: [Count of high severity findings]
+- **Medium Issues**: [Count of medium severity findings]
+- **Low Issues**: [Count of low severity findings]
+
+## Issue Details
+
+[For each issue found, include:]
+- **File**: [File name and line number where applicable]
+- **Issue Type**: [Security, logic error, compliance violation, etc.]
+- **Severity**: [Critical/High/Medium/Low]
+- **Description**: [Issue description]
+- **Recommendation**: [Specific remediation recommendation]
+
+## Compliance Status
+
+- **Review Status**: [Complete/Incomplete with reasoning]
+- **Quality Gates**: [Status of review checklist items]
+- **Approval Status**: [Approved/Rejected with justification]
+```
+
+Return summary to caller.
diff --git a/.github/agents/developer.agent.md b/.github/agents/developer.agent.md
@@ -0,0 +1,49 @@
+---
+name: developer
+description: >
+  General-purpose software development agent that applies appropriate standards
+  based on the work being performed.
+user-invocable: true
+---
+
+# Developer Agent
+
+Perform software development tasks by determining and applying appropriate DEMA Consulting standards from `.github/standards/`.
+
+# Standards-Based Workflow
+
+1. **Analyze the request** to identify scope: languages, file types, requirements, testing, reviews
+2. **Read relevant standards** from `.github/standards/` as defined in AGENTS.md based on work performed
+3. **Apply loaded standards** throughout development process
+4. **Execute work** following standards requirements and quality checks
+5. **Generate completion report** with results and compliance status
+
+# Reporting
+
+Upon completion create a summary in `.agent-logs/[agent-name]-[subject]-[unique-id].md`
+of the project consisting of:
+
+```markdown
+# Developer Agent Report
+
+**Result**: <SUCCEEDED/FAILED>
+
+## Work Summary
+
+- **Files Modified**: [List of files created/modified/deleted]
+- **Languages Detected**: [Languages identified]
+- **Standards Applied**: [Standards files consulted]
+
+## Tooling Executed
+
+- **Language Tools**: [Compilers, linters, formatters used]
+- **Compliance Tools**: [ReqStream, ReviewMark tools used]
+- **Validation Results**: [Tool execution results]
+
+## Compliance Status
+
+- **Quality Checks**: [Standards quality checks status]
+- **Issues Resolved**: [Any problems encountered and resolved]
+```
+
+Return this summary to the caller.
diff --git a/.github/agents/implementation.agent.md b/.github/agents/implementation.agent.md
@@ -0,0 +1,93 @@
+---
+name: implementation
+description: Orchestrator agent that manages quality implementations through a formal state machine workflow.
+user-invocable: true
+---
+
+# Implementation Agent
+
+Orchestrate quality implementations through a formal state machine workflow
+that ensures research, development, and quality validation are performed
+systematically.
+
+# State Machine Workflow
+
+**MANDATORY**: This agent MUST follow the orchestration process below to ensure
+the quality of the implementation. The process consists of the following
+states:
+
+- **RESEARCH** - performs initial analysis
+- **DEVELOPMENT** - develops the implementation changes
+- **QUALITY** - performs quality validation
+- **REPORT** - generates final implementation report
+
+The state-transitions include retrying a limited number of times, using a 'retry-count'
+counting how many retries have occurred.
+
+## RESEARCH State (start)
+
+Call the built-in @explore sub-agent with:
+
+- **context**: the user's request and any current quality findings
+- **goal**: analyze the implementation state and develop a plan to implement the request
+
+Once the explore sub-agent finishes, transition to the DEVELOPMENT state.
+
+## DEVELOPMENT State
+
+Call the @developer sub-agent with:
+
+- **context** the user's request and the current implementation plan
+- **goal** implement the user's request and any identified quality fixes
+
+Once the developer sub-agent finishes:
+
+- IF developer SUCCEEDED: Transition to QUALITY state to check the quality of the work
+- IF developer FAILED: Transition to REPORT state to report the failure
+
+## QUALITY State
+
+Call the @quality sub-agent with:
+
+- **context** the user's request and the current implementation report
+- **goal** check the quality of the work performed for any issues
+
+Once the quality sub-agent finishes:
+
+- IF quality SUCCEEDED: Transition to REPORT state to report completion
+- IF quality FAILED and retry-count < 3: Transition to RESEARCH state to plan quality fixes
+- IF quality FAILED and retry-count >= 3: Transition to REPORT state to report failure
+
+### REPORT State (end)
+
+Upon completion create a summary in `.agent-logs/[agent-name]-[subject]-[unique-id].md`
+of the project consisting of:
+
+```markdown
+# Implementation Orchestration Report
+
+**Result**: <SUCCEEDED/FAILED>
+**Final State**: <RESEARCH/DEVELOPMENT/QUALITY/REPORT>
+**Retry Count**: <Number of quality retry cycles>
+
+## State Machine Execution
+
+- **Research Results**: [Summary of explore agent findings]
+- **Development Results**: [Summary of developer agent results]
+- **Quality Results**: [Summary of quality agent results]
+- **State Transitions**: [Log of state changes and decisions]
+
+## Sub-Agent Coordination
+
+- **Explore Agent**: [Research findings and context]
+- **Developer Agent**: [Development status and files modified]
+- **Quality Agent**: [Validation results and compliance status]
+
+## Final Status
+
+- **Implementation Success**: [Overall completion status]
+- **Quality Compliance**: [Final quality validation status]
+- **Issues Resolved**: [Problems encountered and resolution attempts]
+```
+
+Return this summary to the caller.