docs: fix agent-team uninstall label and update testing section

CONTRIBUTING.md

@@ -74,12 +74,28 @@ Edit the relevant `SKILL.md` or data file. Test by running the skill locally wit
 
 ## Testing
 
-There is no automated test harness for skills — they are instruction sets interpreted by Claude Code, not code with unit tests. The validation steps are:
+Run the test suite before opening a PR:
 
-1. **Load the plugin**: `claude --plugin-dir .` — confirm no startup errors.
-2. **Run the skill manually**: invoke `/discover-workflows` or `/install-workflow` and walk through the flow.
-3. **Validate lock files** (if you changed `.lock.yml` files): `gh aw validate` — safe, does not recompile.
-4. **Check grep counts** (if you applied the OAuth tweak): see [skills/install-workflow/auth.md](skills/install-workflow/auth.md#step-4--verify-the-tweak-shape).
+```bash
+./tests/run-tests.sh           # all fast tests (Tier 2 + Tier 1)
+./tests/run-tests.sh --verbose # show per-assertion output
+```
+
+**Tier structure** (see [`tests/README.md`](tests/README.md) for full details):
+
+| Tier | Files | What it covers | Speed |
+|------|-------|----------------|-------|
+| 2 | `test-invariants.sh` | Grep / filesystem invariants tied to specific past bugs — no Claude invocation | <1 s |
+| 1 | `test-discover-workflows.sh`, `test-install-workflow.sh`, `test-install-agent-team.sh` | Skill behavior via headless `claude -p`: verifies key instructions, hard rules, and expected output patterns | ~4–5 min |
+| 3 | `test-e2e*.sh` (opt-in) | Full pipeline and install runs on a playground repo; destructive, not run by default | 5–35 min |
+
+CI ([`ci-tests.yml`](.github/workflows/ci-tests.yml)) runs Tier 2 + Tier 1 on every PR and push to `main`. Fork PRs fail Tier 1 because `CLAUDE_CODE_OAUTH_TOKEN` is not leaked to fork-originated runs — maintainers cherry-pick fork branches into this repo to get a clean CI pass.
+
+Additional manual checks when applicable:
+
+- **Load the plugin**: `claude --plugin-dir .` — confirm no startup errors.
+- **Validate lock files** (if you changed `.lock.yml` files): `gh aw validate` — safe, does not recompile.
+- **Check grep counts** (if you applied the OAuth tweak): see [skills/install-workflow/auth.md](skills/install-workflow/auth.md#step-4--verify-the-tweak-shape).
 
 Never test by committing untested changes to `main`. The installed workflows run on push to `main`, so a broken install skill or a bad `.lock.yml` will trigger a live workflow run.
 

README.md

@@ -80,7 +80,7 @@ To remove workflows this plugin installed into your target repo:
 
 - `gh aw remove <workflow>` for each installed workflow (deletes both the `.md` source and the compiled `.lock.yml`), then commit the deletion.
 - `gh secret delete CLAUDE_CODE_OAUTH_TOKEN` — or `ANTHROPIC_API_KEY`, whichever path you used — to unset the auth secret.
-- For `agent-team` specifically, also delete the seven labels: `gh label delete agent-team` plus `gh label delete state:<name>` for each of `plan-needed`, `impl-needed`, `review-needed`, `done`, `blocked`, and `in-progress`.
+- For `agent-team` specifically, also delete the seven labels: `gh label delete agent-team` plus `gh label delete state:<name>` for each of `plan-needed`, `impl-needed`, `review-needed`, `done`, and `blocked`, plus `gh label delete agent-team:reviewed`.
 
 Nothing else is persisted — the plugin writes only to your target repo (under user approval) and holds no local state outside Claude Code's own plugin directory.