claude-archeflow-plugin/skills/shadow-detection/SKILL.md

name, description

name	description
shadow-detection	Use when monitoring agent behavior for dysfunction, when an agent seems stuck, or when orchestration quality is degrading. Detects and corrects Jungian shadow activation in archetypes.

Shadow Detection

Every archetype has a virtue (its unique contribution) and a shadow (the destructive inversion of that virtue). A shadow activates when the virtue is pushed too far.

Virtue (healthy)              → pushed too far →  Shadow (dysfunction)

Contextual Clarity            → can't stop      → Rabbit Hole
Decisive Framing              → over-builds      → Over-Architect
Execution Discipline          → no guardrails    → Rogue
Threat Intuition              → sees threats only → Paranoid
Assumption Surfacing          → questions only    → Paralytic
Adversarial Creativity        → noise over signal → False Alarm
Maintainability Judgment      → reviews only      → Bureaucrat

---

Explorer → Rabbit Hole

Virtue inverted: Contextual Clarity becomes compulsive investigation — or output that dumps without analyzing.

Symptoms:

• Research output keeps growing but never synthesizes
• "I found one more thing to check" repeated 3+ times
• Reading more than 15 files without producing findings
• Output is a raw inventory of files with no analysis or recommendation

Detection Checklist (trigger on ANY):

• Output >2000 words without a ### Recommendation section
• >3 tangent topics not directly related to the original task
• >15 files read with no ### Patterns identified
• No synthesis language (recommend, suggest, conclusion, finding, summary) in final 25% of output

Correction: "Summarize your top 3 findings and one recommendation in under 300 words. If your output has no Recommendation section, add one. A dump is not research."

---

Creator → Over-Architect

Virtue inverted: Decisive Framing becomes designing at the wrong scale.

Symptoms:

• Abstraction layers for one-time operations
• Future-proofing for requirements that don't exist
• Configuration systems for things that could be constants
• Proposal has more infrastructure than business logic

Detection Checklist (trigger on ANY):

• >2 new abstractions (interfaces, base classes, factories, registries) for a single feature
• "In the future we might need..." or "future-proof" appears in rationale
• Proposal scope (files changed) exceeds original task scope by >50%
• More than 1 new package/module introduced for a single feature

Correction: "Design for the current order of magnitude. If the app has 1000 users, design for 10,000 — not 10 million. Remove abstractions that serve hypothetical requirements."

---

Maker → Rogue

Virtue inverted: Execution Discipline becomes reckless shipping — or expanding beyond the plan.

Symptoms:

• Writing code before reading the proposal fully
• No tests, or tests written after implementation
• Large uncommitted working tree
• Files changed that aren't mentioned in the proposal

Detection Checklist (trigger on ANY):

• Zero test files (.test., .spec., _test.) in the changeset with >=3 files changed
• Single monolithic commit instead of incremental commits
• Diff contains files not listed in the Creator's proposal ### Changes section
• No evidence of running existing test suite before finishing

Correction: "Read the proposal. Write a test. Commit what you have. Revert changes to files not in the proposal. Then continue."

---

Guardian → Paranoid

Virtue inverted: Threat Intuition becomes blocking everything — without offering a path forward.

Symptoms:

• Every finding marked CRITICAL
• Blocking on theoretical risks with < 1% probability
• Rejecting without suggesting how to fix
• Security concerns for internal-only code at external-API severity

Detection Checklist (trigger on ANY):

• CRITICAL:WARNING ratio >2:1 (with minimum 3 total findings)
• Zero APPROVED verdicts in 3+ consecutive reviews
• <50% of findings include a suggested fix in the Fix column
• Findings reference attack scenarios that require already-compromised internal systems

Correction: "For each CRITICAL finding, answer: Would a senior engineer block a PR for this? If not, downgrade. Every rejection must include a specific, implementable fix."

---

Skeptic → Paralytic

Virtue inverted: Assumption Surfacing becomes inability to approve anything — drowning signal in tangential concerns.

Symptoms:

• More than 7 challenges raised
• Challenges without suggested alternatives
• "What about X?" chains that drift from the task
• Restating the same concern in different words

Detection Checklist (trigger on ANY):

• >7 findings/challenges raised in a single review
• <50% of findings include an alternative in the Fix column
• Same conceptual concern appears 2+ times with different wording
• >3 findings reference code or scenarios outside the task scope

Correction: "Rank your challenges by impact. Keep the top 3. Each must include a specific alternative. Delete the rest."

---

Trickster → False Alarm

Virtue inverted: Adversarial Creativity becomes noise — too many low-signal findings drowning the real issues.

Symptoms:

• Testing code that wasn't changed
• Reporting non-bugs as bugs (unrealistic test scenarios)
• 20 findings when 3 good ones would cover the real risks
• Edge cases for edge cases (diminishing returns)

Detection Checklist (trigger on ANY):

• Any finding references code untouched by the Maker's diff
• >10 findings for a change touching <5 files
• Findings describe scenarios requiring conditions that can't occur in the deployment context
• >3 findings without reproduction steps

Correction: "Quality over quantity. Delete findings outside the Maker's diff. Rank remaining by likelihood x impact. Keep top 3-5. Three real findings beat twenty noise."

---

Sage → Bureaucrat

Virtue inverted: Maintainability Judgment becomes bloat — reviews longer than the code, or insight without action.

Symptoms:

• Review longer than the code change itself
• Requesting documentation for self-evident code
• Suggesting refactors unrelated to the current task
• Deep-sounding analysis that doesn't end with a specific action

Detection Checklist (trigger on ANY):

• Review word count >2x the code change's line count (rough: review words > diff lines x 2)
• Any finding references files not in the Maker's changeset
• >2 findings use "consider" or "think about" without a concrete action in the Fix column
• Suggesting documentation for functions with <5 lines or self-descriptive names

Correction: "Limit your review to issues that affect maintainability in the next 6 months. Every finding must end with a specific action. If you can't state the consequence of NOT fixing it, don't raise it."

---

Shadow Escalation Protocol

1. First detection: Log the shadow, apply the correction prompt, let the agent continue
2. Second detection (same agent, same shadow): Replace the agent with a fresh one. The shadow is entrenched.
3. Shadow detected in 3+ agents in the same cycle: The task itself may be poorly scoped. Escalate to the user: "Multiple agents are struggling — the task may need to be broken down."

Shadow Immunity

Some behaviors LOOK like shadows but aren't:

• Explorer reading 20 files in a monorepo with scattered dependencies → not a rabbit hole if each file is genuinely relevant
• Creator adding an abstraction → not over-architect if the abstraction is genuinely needed by the current task
• Guardian blocking with 2 CRITICAL findings → not paranoid if both are genuine security vulnerabilities
• Trickster finding 5 edge cases → not false alarm if all are in the changed code with reproduction steps
• Sage writing a long review → not bureaucrat if the change is large and every finding is actionable

Rule of thumb: Shadow = behavior disconnected from the goal. Intensity alone is not a shadow.