feat: add 4 template bundles (writing, backend, security, quick-fix)

Ready-to-use project templates with team, workflow, domain, and config:
- writing-short-story: fiction 5-15k words, custom archetypes, sonnet for prose
- backend-feature: standard PDCA, full team, haiku for reviews
- security-review: thorough 3-cycle, all reviewers incl. trickster
- quick-fix: minimal 1-cycle, creator+maker+guardian only

templates/bundles/security-review/config.yaml

@@ -0,0 +1,22 @@
+# Config: security-review defaults
+# Higher budget for thorough security analysis. Guardian gets sonnet for deeper
+# vulnerability detection. Other reviewers use haiku to stay within budget.
+
+budget:
+  max_usd: 15             # 3 cycles with full team needs more budget
+  warn_at_pct: 70         # Warn earlier — security reviews should not be cut short
+
+models:
+  default: haiku           # Most analysis is pattern-matching
+  explorer: haiku          # Attack surface mapping is analytical
+  creator: haiku           # Checklist creation is structural
+  maker: haiku             # Fixes are targeted edits
+  guardian: sonnet          # Primary security gate — needs depth
+  sage: haiku              # Quality review is checklist-driven
+  skeptic: haiku           # Design review is analytical
+  trickster: haiku         # Adversarial testing is creative but bounded
+
+variables:
+  max_cycles: 3
+  target_paths: ""
+  threat_model: ""

templates/bundles/security-review/domain.yaml

@@ -0,0 +1,84 @@
+# Domain: Code (Security Focus)
+# Standard code domain with security-weighted review focus.
+# Extends the default code domain with stronger security emphasis.
+
+name: code
+description: "Software development — security-focused review configuration"
+
+concepts:
+  implementation: "code changes"
+  tests: "automated tests"
+  files_changed: "files changed"
+  test_coverage: "test coverage %"
+  code_review: "security review"
+  build: "build/compile"
+  deploy: "deploy"
+  refactor: "security hardening"
+  bug: "vulnerability"
+  feature: "feature"
+  PR: "pull request"
+
+metrics:
+  - files_changed
+  - lines_added
+  - lines_removed
+  - tests_added
+  - tests_passing
+  - coverage_delta
+  - critical_findings      # Security-specific metrics
+  - warning_findings
+  - trickster_exploits     # Adversarial findings
+
+# Security-weighted review focus — guardian and trickster have expanded checklists
+review_focus:
+  guardian:
+    - injection_vulnerabilities    # SQL, NoSQL, command, LDAP
+    - authentication_bypass
+    - authorization_flaws          # IDOR, privilege escalation
+    - sensitive_data_exposure      # PII in logs, error messages
+    - security_misconfiguration
+    - dependency_vulnerabilities   # Known CVEs
+    - breaking_changes
+    - error_handling               # Information leakage on errors
+    - input_validation
+    - output_encoding
+  sage:
+    - code_quality
+    - test_coverage
+    - error_handling_completeness
+    - logging_hygiene              # No sensitive data in logs
+    - pattern_consistency
+    - documentation
+  skeptic:
+    - design_assumptions
+    - trust_boundaries             # Are they in the right place?
+    - alternative_approaches       # Simpler = less attack surface
+    - edge_cases
+    - scalability_under_attack     # DoS resilience
+  trickster:
+    - malformed_input              # Fuzzing mindset
+    - concurrency_races            # TOCTOU, double-spend
+    - error_path_exploitation      # What leaks on failure?
+    - dependency_failures          # What happens when deps are down?
+    - abuse_scenarios              # Malicious authenticated user
+    - supply_chain_vectors         # Dependency confusion, typosquatting
+
+context:
+  always:
+    - "README.md"
+    - ".archeflow/config.yaml"
+  plan_phase:
+    - "architecture docs"
+    - "threat model if available"
+    - "relevant source files (Explorer identifies)"
+  do_phase:
+    - "review findings to fix"
+    - "security checklist from Creator"
+  check_phase:
+    - "git diff (or full files for initial review)"
+    - "attack surface map from Explorer"
+    - "security checklist from Creator"
+
+# Guardian gets sonnet for deeper security analysis
+model_overrides:
+  guardian: sonnet

templates/bundles/security-review/manifest.yaml

@@ -0,0 +1,19 @@
+# Bundle: security-review
+# Thorough security-focused code review with all reviewers including Trickster.
+# 3 PDCA cycles for maximum coverage. Higher budget to account for deeper analysis.
+
+name: security-review
+description: "Security-focused code review — full team with Trickster, 3 thorough cycles"
+version: "1.0.0"
+domain: code
+includes:
+  team: team.yaml
+  workflow: workflow.yaml
+  domain: domain.yaml
+  config: config.yaml
+  archetypes: []
+requires: []
+variables:
+  max_cycles: 3            # Thorough: 3 cycles for deep security coverage
+  target_paths: ""         # Specific paths to review (empty = entire diff)
+  threat_model: ""         # Path to threat model doc if available

templates/bundles/security-review/team.yaml

@@ -0,0 +1,32 @@
+# Team: Security Review
+# Full team with Trickster for adversarial testing. All five reviewer archetypes
+# participate in Check phase for maximum security coverage.
+# Use for: auth changes, public API, payment flows, data handling, dependencies.
+
+name: security-review
+description: "Security-focused review: full team with adversarial Trickster"
+domain: code
+
+# Plan: explorer maps attack surface and data flows,
+#        creator identifies security requirements and risk areas.
+plan: [explorer, creator]
+
+# Do: maker is not used — this is a review workflow, not implementation.
+#     If fixes are needed, maker applies them in cycle 2+.
+do: [maker]
+
+# Check: all five reviewers for thorough coverage.
+#   guardian — security vulnerabilities, auth, injection, breaking changes
+#   sage — code quality, pattern consistency, error handling completeness
+#   skeptic — design assumptions, alternative approaches, edge cases
+#   trickster — adversarial testing: malformed input, race conditions, abuse paths
+check: [guardian, sage, skeptic, trickster]
+
+exit: all_approved
+max_cycles: ${max_cycles}
+
+# Notes:
+# - Trickster is the key differentiator: actively tries to break the code
+# - Guardian fast-path (A2) is disabled for thorough workflows on first cycle
+# - Trickster is mandatory on first pass per orchestration rules
+# - If reviewing existing code (not new changes), Explorer scopes the review area

templates/bundles/security-review/workflow.yaml

@@ -0,0 +1,81 @@
+# Workflow: Security Review
+# Thorough PDCA for security-focused code review. 3 cycles with full reviewer roster.
+# Cycle 1: initial review with all reviewers. Cycle 2-3: fix and re-review.
+
+name: security-review
+description: "Security-focused review — 3 cycles, full reviewer team with Trickster"
+team: security-review
+
+phases:
+  plan:
+    archetypes: [explorer, creator]
+    parallel: false
+    description: |
+      1. explorer: Map the attack surface. Identify:
+         - Data flows (user input -> processing -> storage -> output)
+         - Authentication and authorization boundaries
+         - External dependencies and their trust levels
+         - Sensitive data handling (PII, credentials, tokens)
+         - Public-facing entry points
+         Target paths: ${target_paths} (empty = analyze full diff/codebase)
+      2. creator: Based on Explorer's map, create a security review checklist:
+         - OWASP Top 10 applicability
+         - Threat model alignment (${threat_model} if available)
+         - Priority areas for each reviewer
+         - Known risk areas flagged for Trickster
+    inputs:
+      - "Code diff or target paths for review"
+      - "Threat model (${threat_model}) if available"
+      - "Architecture docs / README"
+
+  do:
+    archetypes: [maker]
+    parallel: false
+    description: |
+      Cycle 1: No implementation — this phase passes through to Check.
+      Cycle 2+: Apply security fixes identified in Check phase.
+      Each fix must:
+        - Address one specific finding
+        - Include a test that proves the vulnerability is fixed
+        - Not introduce new attack surface
+    inputs:
+      - "Review findings from Check phase"
+      - "Creator's security checklist"
+
+  check:
+    archetypes: [guardian, sage, skeptic, trickster]
+    parallel: false  # Guardian first, then others (but A2 fast-path disabled for thorough)
+    description: |
+      guardian (first): Security vulnerabilities, injection, auth bypass, SSRF, path traversal,
+        dependency vulnerabilities, breaking changes. This is the primary security gate.
+
+      sage: Code quality issues that create security risk — error handling gaps, logging
+        of sensitive data, inconsistent validation, missing type checks.
+
+      skeptic: Design-level concerns — are the security assumptions valid? Are there
+        simpler/safer approaches? What edge cases does the design miss?
+
+      trickster (adversarial): Actively tries to break the code:
+        - Malformed/oversized/unicode input
+        - Race conditions and TOCTOU
+        - Error path exploitation (what leaks on failure?)
+        - Dependency confusion / supply chain vectors
+        - Abuse scenarios (what can a malicious authenticated user do?)
+    inputs:
+      - "Code under review (diff or full files)"
+      - "Explorer's attack surface map"
+      - "Creator's security checklist"
+
+  act:
+    exit_when: all_approved
+    max_cycles: ${max_cycles}
+    on_reject: |
+      CRITICAL findings from any reviewer: must be fixed before next cycle.
+      WARNING findings: should be fixed, can be deferred with justification.
+      INFO findings: document and track, fix if time allows.
+      Trickster findings get priority — they represent actual exploit paths.
+
+hooks:
+  pre_plan: []
+  post_check: []
+  post_act: []