diff --git a/.awf.yaml b/.awf.yaml
new file mode 100644
index 0000000..5aca13a
--- /dev/null
+++ b/.awf.yaml
@@ -0,0 +1,10 @@
+# AWF Configuration
+# https://github.com/awf-project/cli
+
+version: "1"
+
+# Default log level: debug, info, warn, error
+log_level: info
+
+# Output format: text, json, table, quiet
+output_format: text
diff --git a/.awf/config.yaml b/.awf/config.yaml
new file mode 100644
index 0000000..1982799
--- /dev/null
+++ b/.awf/config.yaml
@@ -0,0 +1,14 @@
+# AWF Project Configuration
+# https://github.com/awf-project/cli
+#
+# This file provides default values for workflow inputs.
+# CLI --input flags override these values.
+#
+# IMPORTANT: Do not store secrets here - use environment variables instead.
+
+# Workflow inputs - pre-populate values for awf run
+# Uncomment and modify the examples below:
+inputs:
+  # project: my-project
+  # environment: staging
+  # debug: false
diff --git a/.awf/scripts/create-feature/validate-name.sh b/.awf/scripts/create-feature/validate-name.sh
new file mode 100755
index 0000000..d8cbf6c
--- /dev/null
+++ b/.awf/scripts/create-feature/validate-name.sh
@@ -0,0 +1,46 @@
+#!/bin/bash
+set -e
+
+# validate-name.sh — Derive or validate a devcontainer feature name
+#
+# Inputs (AWF interpolation):
+#   {{.inputs.description}} - Feature description (required)
+#   {{.inputs.name}}        - Feature name override (optional, kebab-case)
+#
+# Output (stdout): plain feature ID (kebab-case, e.g. "zellij")
+
+DESCRIPTION="{{.inputs.description}}"
+NAME="{{.inputs.name}}"
+
+if [ -z "$DESCRIPTION" ]; then
+    echo "ERROR: DESCRIPTION is required"
+    exit 1
+fi
+
+# Derive name from description if not provided
+if [ -z "$NAME" ]; then
+    # Extract the tool/project name: take the word after "Installs" or first capitalized word
+    NAME=$(echo "$DESCRIPTION" \
+        | sed -E 's/^[Ii]nstalls?\s+//' \
+        | sed -E 's/^(the\s+|a\s+|an\s+)//i' \
+        | awk '{print $1}' \
+        | tr '[:upper:]' '[:lower:]' \
+        | sed -E 's/[^a-z0-9-]//g')
+fi
+
+# Validate: must be non-empty kebab-case
+if [ -z "$NAME" ]; then
+    echo "ERROR: could not derive feature name from description: ${DESCRIPTION}"
+    exit 1
+fi
+
+if ! echo "$NAME" | grep -qE '^[a-z][a-z0-9-]*[a-z0-9]$'; then
+    # Single char names are also valid
+    if ! echo "$NAME" | grep -qE '^[a-z]$'; then
+        echo "ERROR: invalid feature name '${NAME}' — must be kebab-case (lowercase, hyphens, start with letter)"
+        exit 1
+    fi
+fi
+
+# Output just the ID (no JSON — output_format: json is only supported on agent steps)
+printf '%s' "$NAME"
diff --git a/.awf/workflows/create-feature.yaml b/.awf/workflows/create-feature.yaml
new file mode 100644
index 0000000..53a96ca
--- /dev/null
+++ b/.awf/workflows/create-feature.yaml
@@ -0,0 +1,368 @@
+name: create-feature
+version: "1.0.0"
+description: Scaffold a new devcontainer feature with all required files, tests, and documentation
+
+inputs:
+  - name: description
+    type: string
+    required: true
+    description: "What the feature installs/does (e.g. 'Installs Zellij terminal multiplexer')"
+  - name: name
+    type: string
+    required: false
+    description: "Feature name in kebab-case (auto-derived from description if empty)"
+  - name: force
+    type: boolean
+    required: false
+    default: false
+    description: "Bypass idempotency guards (overwrite existing feature)"
+
+# ---------------------------------------------------------------------------
+# PHASE 0: NAME & BRANCH
+# ---------------------------------------------------------------------------
+states:
+  initial: validate_name
+
+  validate_name:
+    type: step
+    description: Derive and validate feature name from description
+    script_file: "{{.awf.scripts_dir}}/create-feature/validate-name.sh"
+    on_success: check_existing
+    on_failure: {message: "Name validation failed", status: 1}
+
+  check_existing:
+    type: step
+    description: Check if feature directory already exists
+    command: |
+      if [ -d "src/{{trimSpace .states.validate_name.Output}}" ] && [ "{{.inputs.force}}" != "true" ]; then
+        echo "Feature src/{{trimSpace .states.validate_name.Output}}/ already exists. Use force=true to overwrite."
+        exit 1
+      fi
+      echo "OK"
+    on_success: create_branch
+    on_failure: check_branch
+
+  check_branch:
+    type: step
+    description: Check if feature branch already exists (resume case)
+    command: |
+      BRANCH="feat/{{trimSpace .states.validate_name.Output}}"
+      CURRENT=$(git branch --show-current)
+      if [ "$CURRENT" = "$BRANCH" ]; then
+        echo "Already on branch ${BRANCH}"
+      else
+        echo "ERROR: feature exists but not on expected branch. Current: ${CURRENT}"
+        exit 1
+      fi
+    on_success: check_metadata
+    on_failure: {message: "Branch check failed — feature exists and force not set", status: 1}
+
+  create_branch:
+    type: step
+    description: Create and checkout feature branch
+    command: |
+      BRANCH="feat/{{trimSpace .states.validate_name.Output}}"
+      CURRENT=$(git branch --show-current)
+      if [ "$CURRENT" = "$BRANCH" ]; then
+        echo "Already on branch ${BRANCH}"
+      else
+        git checkout -b "$BRANCH"
+        echo "Created branch ${BRANCH}"
+      fi
+    on_success: check_metadata
+    on_failure: {message: "Failed to create feature branch", status: 1}
+
+  # ---------------------------------------------------------------------------
+  # PHASE 1: SRC GENERATION
+  # ---------------------------------------------------------------------------
+
+  check_metadata:
+    type: step
+    description: Check if devcontainer-feature.json already exists
+    command: |
+      if [ -f "src/{{trimSpace .states.validate_name.Output}}/devcontainer-feature.json" ] && [ "{{.inputs.force}}" != "true" ]; then
+        echo "EXISTS"
+      else
+        echo "MISSING"
+      fi
+    transitions:
+      - when: "states.check_metadata.Output contains 'EXISTS'"
+        goto: check_install
+      - goto: generate_metadata
+
+  generate_metadata:
+    type: agent
+    description: Generate devcontainer-feature.json
+    provider: claude
+    prompt_file: prompts/create-feature/metadata.md
+    options:
+      model: opus
+      max_tokens: 4096
+      allowedTools: "Read,Grep,Glob,Edit,Write"
+      dangerouslySkipPermissions: true
+    timeout: 120
+    on_success: validate_feature_json
+    on_failure: error_generate
+
+  validate_feature_json:
+    type: step
+    description: Validate devcontainer-feature.json syntax and required fields
+    command: |
+      FEATURE_JSON="src/{{trimSpace .states.validate_name.Output}}/devcontainer-feature.json"
+      if [ ! -f "$FEATURE_JSON" ]; then
+        echo "ERROR: $FEATURE_JSON not found"
+        exit 1
+      fi
+      # Validate JSON syntax
+      if command -v python3 &>/dev/null; then
+        python3 -m json.tool "$FEATURE_JSON" > /dev/null
+      elif command -v jq &>/dev/null; then
+        jq empty "$FEATURE_JSON"
+      else
+        echo "SKIP: no JSON validator available"
+      fi
+      # Check required fields
+      for field in id version name description; do
+        if ! grep -q "\"${field}\"" "$FEATURE_JSON"; then
+          echo "ERROR: missing required field '${field}'"
+          exit 1
+        fi
+      done
+      echo "OK: $FEATURE_JSON is valid"
+    on_success: check_install
+    on_failure: error_generate
+
+  check_install:
+    type: step
+    description: Check if install.sh already exists
+    command: |
+      if [ -f "src/{{trimSpace .states.validate_name.Output}}/install.sh" ] && [ "{{.inputs.force}}" != "true" ]; then
+        echo "EXISTS"
+      else
+        echo "MISSING"
+      fi
+    transitions:
+      - when: "states.check_install.Output contains 'EXISTS'"
+        goto: check_test
+      - goto: generate_install
+
+  generate_install:
+    type: agent
+    description: Generate install.sh and optional helper scripts
+    provider: claude
+    prompt_file: prompts/create-feature/install.md
+    options:
+      model: opus
+      max_tokens: 8192
+      allowedTools: "Read,Grep,Glob,Edit,Write"
+      dangerouslySkipPermissions: true
+    timeout: 180
+    on_success: check_test
+    on_failure: error_generate
+
+  # ---------------------------------------------------------------------------
+  # PHASE 2: TEST GENERATION
+  # ---------------------------------------------------------------------------
+
+  check_test:
+    type: step
+    description: Check if test files already exist
+    command: |
+      if [ -f "test/{{trimSpace .states.validate_name.Output}}/test.sh" ] && [ "{{.inputs.force}}" != "true" ]; then
+        echo "EXISTS"
+      else
+        echo "MISSING"
+      fi
+    transitions:
+      - when: "states.check_test.Output contains 'EXISTS'"
+        goto: shellcheck
+      - goto: generate_tests
+
+  generate_tests:
+    type: agent
+    description: Generate test.sh, scenarios.json, and scenario scripts
+    provider: claude
+    prompt_file: prompts/create-feature/tests.md
+    options:
+      model: opus
+      max_tokens: 8192
+      allowedTools: "Read,Grep,Glob,Edit,Write"
+      dangerouslySkipPermissions: true
+    timeout: 180
+    on_success: shellcheck
+    on_failure: error_generate
+
+  # ---------------------------------------------------------------------------
+  # PHASE 3: VALIDATION
+  # ---------------------------------------------------------------------------
+
+  shellcheck:
+    type: step
+    description: Run ShellCheck on all generated scripts
+    command: |
+      FEATURE_ID="{{trimSpace .states.validate_name.Output}}"
+      find "src/${FEATURE_ID}" "test/${FEATURE_ID}" -name '*.sh' -type f | xargs -r shellcheck -S error 2>&1
+    on_success: run_tests
+    on_failure: fix_shellcheck
+
+  fix_shellcheck:
+    type: agent
+    description: Fix ShellCheck errors in generated scripts
+    provider: claude
+    prompt: |
+      ShellCheck found errors in the scripts for feature "{{trimSpace .states.validate_name.Output}}".
+
+      ShellCheck output:
+      {{.states.shellcheck.Output}}
+
+      Fix ALL ShellCheck errors (severity: error) in the following files:
+      - src/{{trimSpace .states.validate_name.Output}}/*.sh
+      - test/{{trimSpace .states.validate_name.Output}}/*.sh
+
+      Read each file, fix the errors, and write the corrected version.
+      Do not change the logic — only fix ShellCheck compliance issues.
+    options:
+      model: opus
+      max_tokens: 8192
+      allowedTools: "Read,Grep,Glob,Edit,Write"
+      dangerouslySkipPermissions: true
+    timeout: 180
+    on_success: shellcheck_retry
+    on_failure: error_shellcheck
+
+  shellcheck_retry:
+    type: step
+    description: Re-run ShellCheck after fix attempt
+    command: |
+      FEATURE_ID="{{trimSpace .states.validate_name.Output}}"
+      find "src/${FEATURE_ID}" "test/${FEATURE_ID}" -name '*.sh' -type f | xargs -r shellcheck -S error 2>&1
+    on_success: run_tests
+    on_failure: error_shellcheck
+
+  run_tests:
+    type: step
+    description: Run local feature tests via test-local.sh
+    command: |
+      if command -v devcontainer &>/dev/null; then
+        ./test-local.sh {{trimSpace .states.validate_name.Output}}
+      else
+        echo "SKIP: devcontainer CLI not installed — skipping local tests"
+        echo "Run manually: ./test-local.sh {{trimSpace .states.validate_name.Output}}"
+      fi
+    timeout: 300
+    on_success: check_readme
+    on_failure: error_tests
+
+  # ---------------------------------------------------------------------------
+  # PHASE 4: DOCUMENTATION
+  # ---------------------------------------------------------------------------
+
+  check_readme:
+    type: step
+    description: Check if README already mentions this feature
+    command: |
+      FEATURE_ID="{{trimSpace .states.validate_name.Output}}"
+      NAME_HUMAN=$(echo "$FEATURE_ID" | awk -F'-' '{for(i=1;i<=NF;i++) $i=toupper(substr($i,1,1)) substr($i,2)} 1')
+      if grep -q "### ${NAME_HUMAN}" README.md && [ "{{.inputs.force}}" != "true" ]; then
+        echo "EXISTS"
+      else
+        echo "MISSING"
+      fi
+    transitions:
+      - when: "states.check_readme.Output contains 'EXISTS'"
+        goto: write_tracking
+      - goto: update_readme
+
+  update_readme:
+    type: agent
+    description: Add feature documentation to README.md
+    provider: claude
+    prompt_file: prompts/create-feature/readme.md
+    options:
+      model: sonnet
+      max_tokens: 4096
+      allowedTools: "Read,Grep,Glob,Edit"
+      dangerouslySkipPermissions: true
+    timeout: 120
+    on_success: write_tracking
+    on_failure: error_generate
+
+  # ---------------------------------------------------------------------------
+  # PHASE 5: TRACKING & SUMMARY
+  # ---------------------------------------------------------------------------
+
+  write_tracking:
+    type: step
+    description: Write execution tracking file
+    command: |
+      FEATURE_ID="{{trimSpace .states.validate_name.Output}}"
+      TRACKING_DIR=".awf/state/create-feature/${FEATURE_ID}"
+      mkdir -p "$TRACKING_DIR"
+      CREATED_AT=$(date -Iseconds)
+      cat > "${TRACKING_DIR}/status.md" <<TRACKING
+      # Feature: ${FEATURE_ID}
+
+      **Description**: {{.inputs.description}}
+      **Created**: ${CREATED_AT}
+      **Branch**: feat/${FEATURE_ID}
+
+      ## Files Generated
+
+      - [x] src/${FEATURE_ID}/devcontainer-feature.json
+      - [x] src/${FEATURE_ID}/install.sh
+      - [x] test/${FEATURE_ID}/test.sh
+      - [x] test/${FEATURE_ID}/scenarios.json
+      - [x] README.md (updated)
+
+      ## Status: COMPLETE
+      TRACKING
+    on_success: summary
+    on_failure: summary
+
+  summary:
+    type: step
+    description: Display creation summary
+    command: |
+      FEATURE_ID="{{trimSpace .states.validate_name.Output}}"
+      echo ""
+      echo "========================================="
+      echo "  Feature created: ${FEATURE_ID}"
+      echo "========================================="
+      echo ""
+      echo "  Branch: feat/${FEATURE_ID}"
+      echo ""
+      echo "  Files:"
+      ls -la "src/${FEATURE_ID}/" 2>/dev/null || true
+      ls -la "test/${FEATURE_ID}/" 2>/dev/null || true
+      echo ""
+      echo "  Next steps:"
+      echo "    1. Review generated files"
+      echo "    2. ./test-local.sh ${FEATURE_ID}"
+      echo "    3. git add && git commit"
+      echo "    4. Push PR"
+      echo ""
+    on_success: done
+
+  # ---------------------------------------------------------------------------
+  # TERMINAL STATES
+  # ---------------------------------------------------------------------------
+
+  done:
+    type: terminal
+    status: success
+    message: "Feature {{trimSpace .states.validate_name.Output}} created successfully"
+
+  error_generate:
+    type: terminal
+    status: failure
+    message: "Agent failed to generate files for feature {{trimSpace .states.validate_name.Output}}"
+
+  error_shellcheck:
+    type: terminal
+    status: failure
+    message: "ShellCheck errors could not be fixed automatically"
+
+  error_tests:
+    type: terminal
+    status: failure
+    message: "Feature tests failed — review test output and fix manually"
diff --git a/.awf/workflows/prompts/create-feature/install.md b/.awf/workflows/prompts/create-feature/install.md
new file mode 100644
index 0000000..46da4de
--- /dev/null
+++ b/.awf/workflows/prompts/create-feature/install.md
@@ -0,0 +1,39 @@
+# Generate install.sh
+
+Create the installation script for: **{{.inputs.description}}**
+
+## Instructions
+
+1. Read `CLAUDE.md` section "install.sh Template" for the base template.
+2. Read `src/{{trimSpace .states.validate_name.Output}}/devcontainer-feature.json` (already generated).
+3. Read the closest reference script and follow its pattern:
+   - `src/rtk/install.sh` — multi-target binary (try multiple target triples)
+   - `src/claude-code/install.sh` — config persistence (volume mount + symlink helper)
+   - `src/tree-sitter/install.sh` — post-install compilation from source
+   - Use the CLAUDE.md template directly for a standard single-binary install
+4. Create `src/{{trimSpace .states.validate_name.Output}}/install.sh` (and any helper scripts the metadata requires).
+
+## Script Structure Order
+
+1. Options from env vars (`VERSION="${VERSION:-latest}"`)
+2. Dependency check (`apt-get update && install && clean`)
+3. Version resolution (GitHub API if "latest")
+4. Architecture detection (`x86_64`/`amd64`, `aarch64`/`arm64`, reject others)
+5. Download and install to `/usr/local/bin/`
+6. Helper scripts / post-install config (if any)
+7. Verification and `==> <Feature> feature install complete` message
+
+## ShellCheck Requirements
+
+- Quote all variable expansions: `"${VAR}"` not `$VAR`
+- Use `|| true` on non-critical commands that may return non-zero
+- Use `[ ]` not `[[ ]]`
+- After `apt-get install`, always add: `apt-get clean && rm -rf /var/lib/apt/lists/*`
+- Temp cleanup: `trap 'rm -rf "$TMP_DIR"' EXIT`
+
+## Constraints
+
+- Write only files under `src/{{trimSpace .states.validate_name.Output}}/`
+- Do not modify any other existing files
+- Do not use Bash to test the script — ShellCheck runs as a separate pipeline step
+- All scripts must pass ShellCheck severity `error`
diff --git a/.awf/workflows/prompts/create-feature/metadata.md b/.awf/workflows/prompts/create-feature/metadata.md
new file mode 100644
index 0000000..93c77cb
--- /dev/null
+++ b/.awf/workflows/prompts/create-feature/metadata.md
@@ -0,0 +1,54 @@
+# Generate devcontainer-feature.json
+
+Create the metadata file for a new devcontainer feature: **{{.inputs.description}}**
+
+## Instructions
+
+1. Read `src/rtk/devcontainer-feature.json` and `src/claude-code/devcontainer-feature.json` as reference patterns.
+2. Create `src/{{trimSpace .states.validate_name.Output}}/devcontainer-feature.json` using the requirements below.
+
+## Required Fields
+
+| Field | Value |
+|-------|-------|
+| `id` | `{{trimSpace .states.validate_name.Output}}` |
+| `version` | `1.0.0` |
+| `name` | Capitalize each hyphen-separated word of the id (e.g. "mistral-vibe" → "Mistral Vibe") |
+| `description` | One-line description derived from "{{.inputs.description}}" |
+| `options.version` | `{ "type": "string", "default": "latest", "description": "Version to install: 'latest' or a specific version (e.g. '1.2.3')" }` |
+| `installsAfter` | `["ghcr.io/devcontainers/features/common-utils"]` — use `dependsOn` instead if the feature cannot function without another feature |
+
+## Optional Fields (add only when justified by the description)
+
+- `documentationURL` / `licenseURL` — if inferable from the tool name
+- `containerEnv` — if the tool requires PATH additions or environment variables
+- `customizations.vscode.extensions` / `customizations.jetbrains.plugins` — if the tool has IDE integrations
+- `mounts` + `postStartCommand` — if the tool needs persistent configuration (see `claude-code` for the pattern)
+- Boolean `options` entries — only if the description implies optional sub-components
+
+## Minimal Valid Output
+
+```json
+{
+  "id": "{{trimSpace .states.validate_name.Output}}",
+  "version": "1.0.0",
+  "name": "<Capitalized Feature Name>",
+  "description": "<concise one-liner>",
+  "options": {
+    "version": {
+      "type": "string",
+      "default": "latest",
+      "description": "Version to install: 'latest' or a specific version (e.g. '1.2.3')"
+    }
+  },
+  "installsAfter": ["ghcr.io/devcontainers/features/common-utils"]
+}
+```
+
+Extend with optional fields as needed. JSON must be valid, 2-space indented.
+
+## Constraints
+
+- Write ONLY `src/{{trimSpace .states.validate_name.Output}}/devcontainer-feature.json`
+- Do not create any other files
+- Do not use Bash
diff --git a/.awf/workflows/prompts/create-feature/readme.md b/.awf/workflows/prompts/create-feature/readme.md
new file mode 100644
index 0000000..81ea087
--- /dev/null
+++ b/.awf/workflows/prompts/create-feature/readme.md
@@ -0,0 +1,65 @@
+# Update README.md
+
+Add documentation for a new devcontainer feature: **{{.inputs.description}}**
+
+Feature ID: `{{trimSpace .states.validate_name.Output}}`
+
+## Steps
+
+1. Read `README.md` to understand the documentation pattern
+2. Read `src/{{trimSpace .states.validate_name.Output}}/devcontainer-feature.json`
+3. Read `src/{{trimSpace .states.validate_name.Output}}/install.sh`
+
+## Changes
+
+### 1. Table of Contents
+
+Insert in `Available Features`, alphabetical by feature name:
+```markdown
+- [<Feature Name>](#{{trimSpace .states.validate_name.Output}})
+```
+(Derive the human-readable feature name by capitalizing each hyphen-separated word of the ID)
+
+### 2. Feature Section
+
+Insert a `### <Feature Name>` section in alphabetical order. Structure:
+
+1. One-line description from `devcontainer-feature.json`
+2. Default `devcontainer.json` usage snippet
+3. `#### Options` table — **omit if no options defined**
+4. `#### Examples` — always include a version-pinning example; add more for non-trivial option combinations
+5. `#### Environment` — add only if the feature sets env vars or modifies `PATH`
+6. Feature-specific subsections — add only for notable behaviors (e.g., persistent config, API key setup)
+
+Template for steps 1-3:
+
+```markdown
+### <Feature Name>
+
+<one-line description>
+
+\`\`\`jsonc
+// devcontainer.json
+{
+  "features": {
+    "ghcr.io/awf-project/devcontainer-features/{{trimSpace .states.validate_name.Output}}:1": {}
+  }
+}
+\`\`\`
+
+#### Options
+
+| Option | Type | Default | Description |
+|--------|------|---------|-------------|
+| ... |
+```
+
+## Rules
+
+- Use `Edit`, not `Write` — this is an existing file
+- Use `Read` to inspect the file before editing
+- Do not use `Bash`
+- Do not modify existing content
+- Both TOC entry and section go in alphabetical order by feature name
+- Omit `#### Options` if `devcontainer-feature.json` has no options
+- Omit `#### Examples` if the feature has only a `version` option and the pattern is self-evident from the options table
diff --git a/.awf/workflows/prompts/create-feature/tests.md b/.awf/workflows/prompts/create-feature/tests.md
new file mode 100644
index 0000000..6f3017a
--- /dev/null
+++ b/.awf/workflows/prompts/create-feature/tests.md
@@ -0,0 +1,72 @@
+# Generate Test Files
+
+Create test files for a devcontainer feature: **{{.inputs.description}}**
+
+Feature ID: `{{trimSpace .states.validate_name.Output}}`
+
+## Inputs to Read First
+
+1. `src/{{trimSpace .states.validate_name.Output}}/devcontainer-feature.json` — options, containerEnv
+2. `src/{{trimSpace .states.validate_name.Output}}/install.sh` — binary name, default version
+3. Reference tests:
+   - `test/rtk/test.sh` — minimal PATH + version assertions
+   - `test/rtk/scenarios.json` — version-pinned scenario
+   - `test/rtk/install_rtk_specific_version.sh` — exact version string check pattern
+   - `test/claude-code/test.sh` — extended assertions (binary location, env vars)
+   - `test/claude-code/scenarios.json` — two-scenario structure (latest + pinned)
+
+## Files to Create
+
+### `test/{{trimSpace .states.validate_name.Output}}/test.sh`
+
+Assertions (in order):
+1. Binary on PATH: `command -v <binary>`
+2. Version output non-empty: `<BINARY>_VERSION=$(<binary> --version 2>&1)`
+3. For each entry in `containerEnv`: assert variable is set and non-empty
+4. Any feature-specific file or path checks (derive from install.sh)
+
+Output format: `PASS: <description>` or `FAIL: <description>` then `exit 1`
+Final line: `echo "==> All <Feature Name> feature tests passed"` (capitalize each word of the feature ID for the human-readable name)
+
+### `test/{{trimSpace .states.validate_name.Output}}/scenarios.json`
+
+Minimum scenarios (use the feature ID with hyphens replaced by underscores for scenario keys):
+
+```json
+{
+  "install_<feature_id_underscored>_latest": {
+    "image": "mcr.microsoft.com/devcontainers/base:ubuntu",
+    "features": { "<feature_id>": {} }
+  },
+  "install_<feature_id_underscored>_specific_version": {
+    "image": "mcr.microsoft.com/devcontainers/base:ubuntu",
+    "features": { "<feature_id>": { "version": "<real_semver_from_install.sh>" } }
+  }
+}
+```
+
+For each boolean option in `devcontainer-feature.json`, add:
+```json
+"install_<feature_id_underscored>_with_<option>": {
+  "image": "mcr.microsoft.com/devcontainers/base:ubuntu",
+  "features": { "<feature_id>": { "<option>": true } }
+}
+```
+
+For the `version` field: use a real semver found in `install.sh` (default value or recent stable), never a placeholder.
+
+### Scenario Scripts (one `.sh` per scenario key)
+
+- `_latest`: source `"$(dirname "$0")/test.sh"` — no extra assertions
+- `_specific_version`: source `test.sh`, then verify exact version string matches the pinned value
+- `_with_<option>`: source `test.sh`, then assert the optional component is installed
+
+## Constraints
+
+- Scripts: `#!/bin/bash`, `set -e`
+- Tests must be idempotent — no container state modification
+- Image: always `mcr.microsoft.com/devcontainers/base:ubuntu`
+- File names must match scenario keys in `scenarios.json` exactly
+- Write only to `test/{{trimSpace .states.validate_name.Output}}/`
+- Do not modify existing files
+- Do not run shell commands — ShellCheck runs as a separate pipeline step
diff --git a/.github/workflows/test-pr.yml b/.github/workflows/test-pr.yml
index de2f0a7..45dd44c 100644
--- a/.github/workflows/test-pr.yml
+++ b/.github/workflows/test-pr.yml
@@ -7,14 +7,24 @@ jobs:
   detect-changes:
     runs-on: ubuntu-latest
     outputs:
-      features: ${{ steps.filter.outputs.changes }}
+      features: ${{ steps.detect.outputs.features }}
     steps:
-      - uses: dorny/paths-filter@v3
-        id: filter
+      - uses: actions/checkout@v4
         with:
-          filters: |
-            flutter: ./**/flutter/**
-            claude-code: ./**/claude-code/**
+          fetch-depth: 0
+
+      - name: Detect changed features
+        id: detect
+        run: |
+          BASE_SHA="${{ github.event.pull_request.base.sha }}"
+          FEATURES="[]"
+          for dir in src/*/; do
+            feature=$(basename "$dir")
+            if git diff --name-only "$BASE_SHA"...HEAD | grep -qE "(src|test)/${feature}/"; then
+              FEATURES=$(echo "$FEATURES" | jq -c ". + [\"$feature\"]")
+            fi
+          done
+          echo "features=$FEATURES" >> "$GITHUB_OUTPUT"
 
   test:
     needs: detect-changes
@@ -27,8 +37,17 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
+      - name: "Isolate feature: ${{ matrix.feature }}"
+        run: |
+          # Keep only the changed feature so the action tests just that one
+          for dir in src/*/; do
+            feature=$(basename "$dir")
+            if [ "$feature" != "${{ matrix.feature }}" ]; then
+              rm -rf "src/${feature}" "test/${feature}"
+            fi
+          done
+
       - name: "Test feature: ${{ matrix.feature }}"
         uses: devcontainers/action@v1
         with:
           base-path-to-features: "./src"
-          features: ${{ matrix.feature }}
diff --git a/CLAUDE.md b/CLAUDE.md
new file mode 100644
index 0000000..ee1e164
--- /dev/null
+++ b/CLAUDE.md
@@ -0,0 +1,386 @@
+# Devcontainer Features
+
+Custom devcontainer features published to GHCR (`ghcr.io/awf-project/devcontainer-features`).
+
+## Repository Structure
+
+```
+src/<feature>/
+  devcontainer-feature.json   # Feature metadata (required)
+  install.sh                  # Installation script (required)
+  *.sh                        # Helper scripts (optional, e.g. link-claude-config.sh)
+test/<feature>/
+  test.sh                     # Main test assertions (required)
+  scenarios.json              # Test scenario definitions (required)
+  <scenario-name>.sh          # Per-scenario test scripts (required per scenario)
+.github/workflows/
+  linter.yml                  # ShellCheck on src/**/*.sh (severity: error)
+  validate-metadata.yml       # Validates devcontainer-feature.json schema
+  test-pr.yml                 # Auto-detects and tests only changed features
+  release.yml                 # Publishes to GHCR on v* tags
+test-local.sh                 # Local test runner (devcontainer CLI)
+test-integration.sh           # Full integration test with container lifecycle
+renovate.json                 # Automerge patch updates, group by manager
+```
+
+## Creating a New Feature
+
+### Checklist
+
+1. `src/<feature>/devcontainer-feature.json`
+2. `src/<feature>/install.sh`
+3. Optional helper scripts in `src/<feature>/`
+4. `test/<feature>/test.sh`
+5. `test/<feature>/scenarios.json`
+6. `test/<feature>/<scenario-name>.sh` for each scenario
+7. Run `./test-local.sh <feature>` locally
+8. Update `README.md` with feature documentation
+9. Submit PR (CI auto-detects new feature and runs tests)
+
+### Updating an Existing Feature
+
+1. Bump `version` in `devcontainer-feature.json`
+2. Update `install.sh`
+3. Update/add test scenarios if behavior changed
+4. Run `./test-local.sh <feature>` locally
+5. Submit PR (CI tests only the changed feature)
+6. After merge, push `v*` tag to publish to GHCR
+
+---
+
+## devcontainer-feature.json
+
+### Required Fields
+
+```json
+{
+  "id": "<feature-name>",
+  "version": "1.0.0",
+  "name": "Human Readable Name",
+  "description": "One-line description of what this feature installs."
+}
+```
+
+### Optional Fields
+
+| Field | Usage | Example |
+|-------|-------|---------|
+| `options` | User-configurable inputs | `"version": { "type": "string", "default": "latest" }` |
+| `documentationURL` | Link to upstream docs | `"https://docs.example.com"` |
+| `licenseURL` | Link to upstream license | `"https://github.com/org/repo/blob/main/LICENSE"` |
+| `customizations` | IDE extensions/plugins | `{ "vscode": { "extensions": [...] }, "jetbrains": { "plugins": [...] } }` |
+| `containerEnv` | Env vars set in container | `{ "TOOL_HOME": "/opt/tool", "PATH": "/opt/tool/bin:${PATH}" }` |
+| `mounts` | Docker volumes/binds | `[{ "source": "vol-${devcontainerId}", "target": "/data", "type": "volume" }]` |
+| `postStartCommand` | Run after container starts | `"/usr/local/bin/setup-script"` |
+| `installsAfter` | Feature ordering | `["ghcr.io/devcontainers/features/common-utils"]` |
+
+### Options Convention
+
+- `version`: `{ "type": "string", "default": "latest" }` — always include if tool is versionable
+- Boolean sub-features: `{ "type": "boolean", "default": false }` — for optional components
+- Option names use camelCase in JSON, engine injects them as UPPERCASED env vars:
+  - `version` -> `$VERSION`
+  - `precacheWeb` -> `$PRECACHEWEB`
+  - `grammarPhp` -> `$GRAMMARPHP`
+
+---
+
+## install.sh
+
+### Template
+
+```bash
+#!/bin/bash
+set -e
+
+# --- Options injected by devcontainer feature engine ---
+VERSION="${VERSION:-latest}"
+
+echo "==> <Feature> feature: version=${VERSION}"
+
+# 1. Ensure dependencies
+if ! command -v curl &>/dev/null; then
+    apt-get update -y
+    apt-get install -y --no-install-recommends curl ca-certificates
+    apt-get clean && rm -rf /var/lib/apt/lists/*
+fi
+
+# 2. Resolve version (if "latest")
+if [ "$VERSION" = "latest" ]; then
+    VERSION=$(curl -fsSL "https://api.github.com/repos/<org>/<repo>/releases/latest" \
+        | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/')
+    echo "==> Resolved latest version: ${VERSION}"
+fi
+
+# 3. Detect architecture
+ARCH=$(uname -m)
+case "$ARCH" in
+    x86_64|amd64)  ARCH_SUFFIX="amd64" ;;
+    aarch64|arm64)  ARCH_SUFFIX="arm64" ;;
+    *)
+        echo "ERROR: unsupported architecture: $ARCH"
+        exit 1
+        ;;
+esac
+
+# 4. Download and install
+TMP_DIR=$(mktemp -d)
+trap 'rm -rf "$TMP_DIR"' EXIT
+
+DOWNLOAD_URL="https://github.com/<org>/<repo>/releases/download/${VERSION}/<binary>-${ARCH_SUFFIX}.tar.gz"
+echo "==> Downloading ${DOWNLOAD_URL}..."
+curl -fsSL "$DOWNLOAD_URL" -o "${TMP_DIR}/archive.tar.gz"
+tar -xzf "${TMP_DIR}/archive.tar.gz" -C "$TMP_DIR"
+
+install -m 0755 "${TMP_DIR}/<binary>" /usr/local/bin/<binary>
+
+echo "==> <Feature> $(<binary> --version) installed at $(command -v <binary>)"
+
+# 5. Install helper scripts (if any)
+# install -m 0755 ./helper-script.sh /usr/local/bin/helper-script
+
+# 6. Set ownership for remote user (if needed)
+# if [ -n "${_REMOTE_USER:-}" ] && [ "$_REMOTE_USER" != "root" ]; then
+#     chown -R "$_REMOTE_USER:$_REMOTE_USER" /some/path
+# fi
+
+echo "==> <Feature> feature install complete"
+```
+
+### Conventions
+
+- **Shebang**: `#!/bin/bash` + `set -e` (fail on error)
+- **Progress output**: prefix with `==>` (e.g. `echo "==> Installing..."`)
+- **Error output**: prefix with `ERROR:` and `exit 1`
+- **Dependencies**: `apt-get update -y && apt-get install -y --no-install-recommends <pkg>`
+- **Apt cleanup**: `apt-get clean && rm -rf /var/lib/apt/lists/*` after dependency installs (reduces layer size)
+- **Architecture**: support `x86_64`/`amd64` and `aarch64`/`arm64`, reject others
+- **Binary placement**: always `/usr/local/bin/` for global PATH access
+- **Temp cleanup**: `trap 'rm -rf "$TMP_DIR"' EXIT`
+- **Remote user**: use `${_REMOTE_USER:-}` (injected by devcontainer engine)
+- **Helper scripts**: ship as `./script.sh` in feature dir, install to `/usr/local/bin/`
+- **GitHub API rate limit**: anonymous limit is 60 req/hour — document fallback to pinned version
+
+### Patterns in Existing Features
+
+| Pattern | Used by | Description |
+|---------|---------|-------------|
+| Deferred install | awf-cli | Install a helper script, actual binary downloaded at runtime via `postCreateCommand` |
+| Config persistence | claude-code | Docker volume mount + symlink script in `postStartCommand` |
+| Post-start guidance | grepai | Quickstart banner displayed at container start |
+| Grammar compilation | tree-sitter | Build optional sub-components from source |
+| Multi-target download | rtk | Try multiple target triples until one succeeds |
+| Channel resolution | flutter | Map channel names (stable/beta) to download URLs |
+
+---
+
+## test.sh
+
+### Template
+
+```bash
+#!/bin/bash
+set -e
+
+# Devcontainer feature test — run by devcontainers/action in CI
+# Verifies <Feature> is correctly installed and on PATH.
+
+echo "==> Testing <Feature> feature..."
+
+# Binary must be on PATH
+if ! command -v <binary> &>/dev/null; then
+    echo "FAIL: <binary> not found on PATH"
+    exit 1
+fi
+echo "PASS: <binary> on PATH ($(command -v <binary>))"
+
+# Version check must succeed
+<BINARY>_VERSION=$(<binary> --version 2>&1)
+if [ -z "$<BINARY>_VERSION" ]; then
+    echo "FAIL: <binary> --version returned empty output"
+    exit 1
+fi
+echo "PASS: <binary> --version => ${<BINARY>_VERSION}"
+
+# Check environment variables (if feature sets any)
+# if [ -z "$TOOL_HOME" ]; then
+#     echo "FAIL: TOOL_HOME not set"
+#     exit 1
+# fi
+# echo "PASS: TOOL_HOME=${TOOL_HOME}"
+
+echo "==> All <Feature> feature tests passed"
+```
+
+### Conventions
+
+- **Output**: `PASS: <description>` or `FAIL: <description>` then `exit 1`
+- **Final line**: `echo "==> All <Feature> feature tests passed"`
+- **Assertions**: binary on PATH, version output, env vars, feature-specific files
+- **Idempotent**: tests must not modify the container state
+
+---
+
+## scenarios.json
+
+### Template
+
+```json
+{
+  "install_<feature>_latest": {
+    "image": "mcr.microsoft.com/devcontainers/base:ubuntu",
+    "features": {
+      "<feature>": {}
+    }
+  },
+  "install_<feature>_specific_version": {
+    "image": "mcr.microsoft.com/devcontainers/base:ubuntu",
+    "features": {
+      "<feature>": {
+        "version": "x.y.z"
+      }
+    }
+  }
+}
+```
+
+### Conventions
+
+- **Image**: always `mcr.microsoft.com/devcontainers/base:ubuntu`
+- **Scenario naming**: `install_<feature>_<variant>` (snake_case)
+- **Minimum scenarios**: default install + version-pinned install
+- **Additional scenarios**: one per boolean option or notable configuration
+- **Features key**: use the feature `id` (not the full GHCR path)
+- **External dependencies**: add them in the `features` object (e.g. `"ghcr.io/devcontainers/features/github-cli:1": {}`)
+
+---
+
+## Scenario Test Scripts
+
+### Template
+
+```bash
+#!/bin/bash
+set -e
+
+# Scenario: <scenario_name>
+# <Description of what this scenario validates>
+
+source "$(dirname "$0")/test.sh"
+
+# Additional scenario-specific assertions
+# INSTALLED=$(<binary> --version 2>&1 | grep -oP '\d+\.\d+\.\d+')
+# EXPECTED="x.y.z"
+# if [ "$INSTALLED" != "$EXPECTED" ]; then
+#     echo "FAIL: Expected version ${EXPECTED}, got ${INSTALLED}"
+#     exit 1
+# fi
+# echo "PASS: Correct version ${EXPECTED} installed"
+```
+
+### Conventions
+
+- File name must match the scenario key in `scenarios.json`
+- Source `test.sh` first to run base assertions
+- Add only scenario-specific checks after sourcing
+- For minimal scenarios (no extra checks), the file can just source `test.sh`
+
+---
+
+## CI/CD Pipeline
+
+### On Pull Request
+
+1. **ShellCheck** (`linter.yml`): lints all `src/**/*.sh`, severity `error`
+2. **Metadata validation** (`validate-metadata.yml`): validates `devcontainer-feature.json` against spec
+3. **Feature tests** (`test-pr.yml`): detects changed features by diffing `src/<feature>/` and `test/<feature>/` against PR base, tests only those
+
+### On Release
+
+1. Push a `v*` tag (e.g. `v1.2.0`)
+2. `release.yml` publishes all features to GHCR via `devcontainers/action@v1`
+3. Documentation is auto-generated
+
+### Renovate
+
+- Automerges patch updates for `github-actions` and `devcontainers` managers
+- Groups updates by manager type
+- Major `github-actions` updates require dashboard approval
+- Schedule: weekday evenings + weekend mornings (Europe/Paris)
+
+---
+
+## Local Testing
+
+```bash
+# Test a feature with all scenarios
+./test-local.sh <feature>
+
+# Test a specific scenario
+./test-local.sh <feature> <scenario-name>
+
+# Test without Docker cache
+./test-local.sh --no-cache <feature>
+
+# Test with a different base image
+./test-local.sh --base-image mcr.microsoft.com/devcontainers/base:debian <feature>
+
+# Full integration test (builds container, runs test.sh inside)
+./test-integration.sh <feature>
+
+# Keep container alive for debugging
+./test-integration.sh <feature> --keep
+```
+
+**Prerequisites**: `npm install -g @devcontainers/cli` + Docker running
+
+---
+
+## Generation Constraints
+
+BEFORE writing any file, determine:
+1. Install method: `github-release` | `curl-installer` | `package-manager` | `uv-tool` | `pipx` | `cargo` | `npm-global` | `go-install`
+2. Version pinning: supported? (verify upstream docs — do not assume)
+3. Version check command: `--version` | `-V` | `version` | `--help` (verify upstream — do not assume)
+4. User-scoped install? → if YES, identify redirect env vars from table below
+
+### Rules
+
+```
+MUST   Identify install method BEFORE writing devcontainer-feature.json
+MUST   Every option in feature.json → corresponding $VAR usage in install.sh
+MUST   Every scenario in scenarios.json → achievable by install.sh
+MUST   Each scenario key in scenarios.json → matching .sh file in test/<feature>/
+MUST   Test /usr/local/bin/<binary>, not ~/.local/bin/
+MUST   Verify version check command works upstream before using in test.sh
+NEVER  Declare `version` option if tool cannot pin versions
+NEVER  `install -m 0755` a managed wrapper (uv/pipx/cargo wrappers depend on venv)
+NEVER  Write under $HOME (/root/) — /root/ is mode 700, inaccessible to _REMOTE_USER
+NEVER  Symlink from /root/ to /usr/local/bin/ — shebang still resolves through /root/
+IF     install method is user-scoped → export redirect env vars BEFORE install command
+IF     version pinning impossible → only create install_<feature>_latest scenario
+IF     --version unsupported → use verified alternative in test.sh
+AFTER  redirect install → chmod -R a+rX /usr/local/share/<tool>/
+IGNORE InvalidDefaultArgInFrom: ARG $BASE_IMAGE (harmless Docker warning)
+```
+
+### Permission Redirect Table
+
+When install method writes under `$HOME`, redirect ALL paths to `/usr/local/`:
+
+| Tool | Redirect env vars |
+|------|-------------------|
+| `uv tool install` | `UV_TOOL_BIN_DIR=/usr/local/bin` `UV_TOOL_DIR=/usr/local/share/uv/tools` `UV_PYTHON_INSTALL_DIR=/usr/local/share/uv/python` |
+| `pipx install` | `PIPX_HOME=/usr/local/share/pipx` `PIPX_BIN_DIR=/usr/local/bin` |
+| `cargo install` | `CARGO_HOME=/usr/local/share/cargo` |
+| `npm install -g` | `npm config set prefix /usr/local` |
+| `go install` | `GOPATH=/usr/local/share/go` `GOBIN=/usr/local/bin` |
+| `curl \| sh` | varies — check tool docs for redirect options |
+
+---
+
+## Language and Style
+
+- All code, comments, commit messages, and documentation in **English**
+- Shell scripts follow ShellCheck rules (no SC errors)
+- Commit convention: `feat(<feature>): <description>` / `fix(<feature>): <description>`
diff --git a/README.md b/README.md
index 7324fb1..63d6d5f 100644
--- a/README.md
+++ b/README.md
@@ -7,6 +7,7 @@ A collection of [Dev Container Features](https://containers.dev/implementors/fea
 - [Available Features](#available-features)
   - [Flutter SDK](#flutter-sdk)
   - [Claude Code](#claude-code)
+  - [Mistral Vibe](#mistral-vibe)
   - [Tree-sitter](#tree-sitter)
   - [RTK](#rtk)
   - [AWF CLI](#awf-cli)
@@ -131,6 +132,39 @@ Configuration persists automatically via a Docker named volume mounted at `/clau
 
 No additional features required — Claude Code is installed as a standalone binary.
 
+### Mistral Vibe
+
+Installs [Mistral Vibe](https://docs.mistral.ai/mistral-vibe/introduction), a command-line coding assistant powered by Mistral's models for conversational access to your codebase.
+
+```jsonc
+// devcontainer.json
+{
+  "features": {
+    "ghcr.io/awf-project/devcontainer-features/mistral-vibe:1": {}
+  }
+}
+```
+
+#### Options
+
+| Option | Type | Default | Description |
+|--------|------|---------|-------------|
+| `version` | string | `latest` | Version to install: `latest` or a specific version (e.g. `1.2.3`) |
+
+#### API Key
+
+The feature does not set `MISTRAL_API_KEY` automatically. Pass it from your host via `remoteEnv` in your `devcontainer.json`:
+
+```jsonc
+{
+  "remoteEnv": {
+    "MISTRAL_API_KEY": "${localEnv:MISTRAL_API_KEY}"
+  }
+}
+```
+
+This injects the key at runtime without baking it into the Docker image layer.
+
 ### Tree-sitter
 
 Installs the [Tree-sitter](https://tree-sitter.github.io/tree-sitter/) CLI for incremental parsing. Optionally compiles grammars (PHP, TypeScript, JavaScript, Go, Dart, Python, YAML) from official repos.
diff --git a/src/mistral-vibe/devcontainer-feature.json b/src/mistral-vibe/devcontainer-feature.json
new file mode 100644
index 0000000..1abe577
--- /dev/null
+++ b/src/mistral-vibe/devcontainer-feature.json
@@ -0,0 +1,19 @@
+{
+  "id": "mistral-vibe",
+  "version": "1.0.0",
+  "name": "Mistral Vibe",
+  "description": "Installs Mistral Vibe, a command-line coding assistant powered by Mistral's models for conversational access to your codebase.",
+  "documentationURL": "https://docs.mistral.ai/mistral-vibe/introduction",
+  "licenseURL": "https://github.com/mistralai/mistral-vibe/blob/main/LICENSE",
+  "options": {
+    "version": {
+      "type": "string",
+      "default": "latest",
+      "description": "Version to install: 'latest' or a specific version (e.g. '1.2.3')"
+    }
+  },
+  "installsAfter": [
+    "ghcr.io/devcontainers/features/common-utils",
+    "ghcr.io/devcontainers-extra/features/uv:1"
+  ]
+}
diff --git a/src/mistral-vibe/install.sh b/src/mistral-vibe/install.sh
new file mode 100644
index 0000000..033717f
--- /dev/null
+++ b/src/mistral-vibe/install.sh
@@ -0,0 +1,68 @@
+#!/bin/bash
+set -e
+
+# --- Options injected by devcontainer feature engine ---
+VERSION="${VERSION:-latest}"
+
+echo "==> Mistral Vibe feature: version=${VERSION}"
+
+# 1. Ensure curl is available
+if ! command -v curl &>/dev/null; then
+    echo "==> Installing missing dependencies..."
+    apt-get update -y
+    apt-get install -y --no-install-recommends curl ca-certificates
+    apt-get clean && rm -rf /var/lib/apt/lists/*
+fi
+
+# 2. Install uv if not present (Python package installer from Astral)
+if ! command -v uv &>/dev/null; then
+    echo "==> Installing uv..."
+    curl -LsSf https://astral.sh/uv/install.sh | sh
+    # uv installer puts binary in ~/.local/bin — make it available system-wide
+    if [ -f "${HOME}/.local/bin/uv" ]; then
+        ln -sf "${HOME}/.local/bin/uv" /usr/local/bin/uv
+    fi
+fi
+
+if ! command -v uv &>/dev/null; then
+    echo "ERROR: uv installation failed — cannot proceed"
+    exit 1
+fi
+echo "==> uv $(uv --version) available"
+
+# 3. Install mistral-vibe via uv tool to shared paths
+#    Default uv tool install goes to ~/.local which is root-only (700).
+#    Redirect everything to /usr/local so all users can access:
+#    - UV_TOOL_DIR: virtualenvs for uv tools
+#    - UV_TOOL_BIN_DIR: wrapper scripts (entry points)
+#    - UV_PYTHON_INSTALL_DIR: uv-managed Python interpreters
+#      (without this, the virtualenv python symlinks resolve to /root/.local/share/uv/python/)
+export UV_TOOL_DIR=/usr/local/share/uv/tools
+export UV_TOOL_BIN_DIR=/usr/local/bin
+export UV_PYTHON_INSTALL_DIR=/usr/local/share/uv/python
+
+if [ "${VERSION}" = "latest" ]; then
+    echo "==> Installing mistral-vibe (latest)..."
+    uv tool install mistral-vibe
+else
+    echo "==> Installing mistral-vibe version ${VERSION}..."
+    uv tool install "mistral-vibe==${VERSION}"
+fi
+
+# 4. Ensure all uv-managed paths are accessible by all users
+chmod -R a+rX "${UV_TOOL_DIR}" "${UV_PYTHON_INSTALL_DIR}"
+
+# 5. Verify installation
+if ! command -v vibe &>/dev/null; then
+    echo "ERROR: vibe not found on PATH after installation"
+    exit 1
+fi
+
+VIBE_VERSION=$(vibe --version 2>&1) || true
+if [ -z "${VIBE_VERSION}" ]; then
+    echo "ERROR: vibe --version returned empty output"
+    exit 1
+fi
+echo "==> Mistral Vibe ${VIBE_VERSION} installed at $(command -v vibe)"
+
+echo "==> Mistral Vibe feature install complete"
diff --git a/test-integration.sh b/test-integration.sh
new file mode 100755
index 0000000..b730d8c
--- /dev/null
+++ b/test-integration.sh
@@ -0,0 +1,88 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# -------------------------------------------------------------------
+# Local integration test for devcontainer features
+#
+# Builds a temporary project with a devcontainer.json referencing a
+# local feature, spins up the container, runs test assertions, and
+# cleans up.
+#
+# Usage: ./test-integration.sh <feature> [--keep]
+#   --keep : keep container alive after tests (for debugging)
+#
+# Requires: devcontainer CLI (npm install -g @devcontainers/cli)
+# -------------------------------------------------------------------
+
+FEATURE="${1:?Usage: $0 <feature> [--keep]}"
+KEEP=false
+[[ "${2:-}" == "--keep" ]] && KEEP=true
+
+REPO_ROOT="$(cd "$(dirname "$0")" && pwd)"
+FEATURE_SRC="${REPO_ROOT}/src/${FEATURE}"
+TEST_SCRIPT="${REPO_ROOT}/test/${FEATURE}/test.sh"
+
+# Validate inputs
+if [[ ! -d "$FEATURE_SRC" ]]; then
+  echo "ERROR: Feature '${FEATURE}' not found in src/" >&2
+  exit 1
+fi
+
+if [[ ! -f "$TEST_SCRIPT" ]]; then
+  echo "ERROR: No test script at test/${FEATURE}/test.sh" >&2
+  exit 1
+fi
+
+# Check devcontainer CLI
+if ! command -v devcontainer &>/dev/null; then
+  echo "ERROR: devcontainer CLI not found. Install with: npm install -g @devcontainers/cli" >&2
+  exit 1
+fi
+
+# Create temp project with copied feature source
+TMPDIR="$(mktemp -d)"
+WORKSPACE="${TMPDIR}/project"
+mkdir -p "${WORKSPACE}/.devcontainer"
+cp -r "${FEATURE_SRC}" "${WORKSPACE}/.devcontainer/${FEATURE}"
+
+cat > "${WORKSPACE}/.devcontainer/devcontainer.json" <<EOF
+{
+  "image": "mcr.microsoft.com/devcontainers/base:ubuntu",
+  "features": {
+    "./${FEATURE}": {}
+  }
+}
+EOF
+
+echo "==> Testing feature '${FEATURE}'"
+echo "    Workspace: ${WORKSPACE}"
+echo "    Feature source: ${FEATURE_SRC}"
+
+# Build and start the container
+echo "==> Building devcontainer..."
+devcontainer up --log-level debug --workspace-folder "${WORKSPACE}"
+
+# Run test assertions inside the container
+echo "==> Running test/${FEATURE}/test.sh..."
+devcontainer exec --workspace-folder "${WORKSPACE}" bash -c "$(cat "$TEST_SCRIPT")"
+
+TEST_EXIT=$?
+
+# Cleanup
+if [[ "$KEEP" == true ]]; then
+  echo "==> Container kept alive (--keep). Workspace: ${WORKSPACE}"
+  echo "    To clean up manually:"
+  echo "      devcontainer down --workspace-folder ${WORKSPACE}"
+  echo "      rm -rf ${TMPDIR}"
+else
+  echo "==> Cleaning up..."
+  devcontainer down --workspace-folder "${WORKSPACE}" 2>/dev/null || true
+  rm -rf "${TMPDIR}"
+fi
+
+if [[ $TEST_EXIT -eq 0 ]]; then
+  echo "==> PASSED: ${FEATURE}"
+else
+  echo "==> FAILED: ${FEATURE}" >&2
+  exit $TEST_EXIT
+fi
diff --git a/test/claude-code/test.sh b/test/claude-code/test.sh
index 7cc7a8d..a9edbbf 100644
--- a/test/claude-code/test.sh
+++ b/test/claude-code/test.sh
@@ -21,4 +21,18 @@ if [ -z "$CLAUDE_VERSION" ]; then
 fi
 echo "PASS: claude --version => ${CLAUDE_VERSION}"
 
+# claude binary must exist in ~/.local/bin
+if [ ! -x "$HOME/.local/bin/claude" ]; then
+    echo "FAIL: claude binary not found in \$HOME/.local/bin"
+    exit 1
+fi
+echo "PASS: claude binary in \$HOME/.local/bin"
+
+# ~/.local/bin must be in PATH (set by link-claude-config)
+if ! echo "$PATH" | grep -q "$HOME/.local/bin"; then
+    echo "FAIL: \$HOME/.local/bin not in PATH"
+    exit 1
+fi
+echo "PASS: \$HOME/.local/bin in PATH"
+
 echo "==> All Claude Code feature tests passed"
diff --git a/test/mistral-vibe/install_mistral_vibe_latest.sh b/test/mistral-vibe/install_mistral_vibe_latest.sh
new file mode 100644
index 0000000..6404087
--- /dev/null
+++ b/test/mistral-vibe/install_mistral_vibe_latest.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+set -e
+
+# Scenario: install_mistral_vibe_latest
+# Validates default installation with latest version.
+
+source "$(dirname "$0")/test.sh"
diff --git a/test/mistral-vibe/install_mistral_vibe_specific_version.sh b/test/mistral-vibe/install_mistral_vibe_specific_version.sh
new file mode 100644
index 0000000..fe5cefd
--- /dev/null
+++ b/test/mistral-vibe/install_mistral_vibe_specific_version.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+set -e
+
+# Scenario: install_mistral_vibe_specific_version
+# Validates installation of a pinned version (2.2.1).
+
+source "$(dirname "$0")/test.sh"
+
+# Verify the exact version matches
+VIBE_VERSION=$(vibe --version 2>&1)
+if [[ "$VIBE_VERSION" != *"2.2.1"* ]]; then
+    echo "FAIL: expected version 2.2.1, got: ${VIBE_VERSION}"
+    exit 1
+fi
+echo "PASS: vibe version matches 2.2.1 => ${VIBE_VERSION}"
+
+echo "==> Mistral Vibe specific version tests passed"
diff --git a/test/mistral-vibe/scenarios.json b/test/mistral-vibe/scenarios.json
new file mode 100644
index 0000000..1eaaa13
--- /dev/null
+++ b/test/mistral-vibe/scenarios.json
@@ -0,0 +1,16 @@
+{
+  "install_mistral_vibe_latest": {
+    "image": "mcr.microsoft.com/devcontainers/base:ubuntu",
+    "features": {
+      "mistral-vibe": {}
+    }
+  },
+  "install_mistral_vibe_specific_version": {
+    "image": "mcr.microsoft.com/devcontainers/base:ubuntu",
+    "features": {
+      "mistral-vibe": {
+        "version": "2.2.1"
+      }
+    }
+  }
+}
diff --git a/test/mistral-vibe/test.sh b/test/mistral-vibe/test.sh
new file mode 100644
index 0000000..224fdd9
--- /dev/null
+++ b/test/mistral-vibe/test.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+set -e
+
+# Devcontainer feature test — run by devcontainers/action in CI
+# Verifies Mistral Vibe is correctly installed and on PATH.
+
+echo "==> Testing Mistral Vibe feature..."
+
+# vibe binary must be on PATH
+if ! command -v vibe &>/dev/null; then
+    echo "FAIL: vibe not found on PATH"
+    exit 1
+fi
+echo "PASS: vibe on PATH ($(command -v vibe))"
+
+# vibe --version must succeed and return a version string
+VIBE_VERSION=$(vibe --version 2>&1)
+if [ -z "$VIBE_VERSION" ]; then
+    echo "FAIL: vibe --version returned empty output"
+    exit 1
+fi
+echo "PASS: vibe --version => ${VIBE_VERSION}"
+
+# vibe must exist in /usr/local/bin
+if [ ! -f /usr/local/bin/vibe ]; then
+    echo "FAIL: /usr/local/bin/vibe does not exist"
+    exit 1
+fi
+echo "PASS: /usr/local/bin/vibe exists"
+
+echo "==> All Mistral Vibe feature tests passed"