npm - @amistio/cli - Versions diffs - 0.1.11 → 0.1.12 - Mend

@amistio/cli 0.1.11 → 0.1.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -39,7 +39,7 @@ When `--tool copilot` uses the GitHub Copilot SDK, Amistio approves read-only pe
 `amistio runner status` reports local background runner state, latest heartbeat, and bounded resource usage when available. Resource usage is latest-sample runner process memory/CPU plus safe aggregate system memory/load signals; it does not include source files, environment variables, command lines, process lists, credentials, or arbitrary local paths.
-The runner advertises its supported work kinds in heartbeats. Current runners can claim read-only issue diagnosis jobs from the web Issues panel, generate root-cause analysis and a proposed fix, and submit that result without modifying source. Implementation is queued separately only after the user approves the analysis in the app.
+The runner advertises its supported work kinds in heartbeats. Current runners can claim read-only issue diagnosis jobs from the web Issues panel, generate root-cause analysis and a proposed fix, and submit that result without modifying source. They can also claim read-only `securityPostureScan` jobs from the workspace Security panel or the hosted nightly cron scheduler. Security scan results contain bounded summaries, standard references, safe evidence, and repo-relative paths only; source, secrets, environment variables, command lines, process lists, credentials, and arbitrary local paths stay local. Implementation is queued separately only after the user approves an issue analysis or security remediation plan in the app.
 Runner setup and local-tool execution use bounded failure controls. `amistio run --watch` retries Git worktree preflight failures by releasing the claim for another attempt, then fails the work item after `--max-preflight-attempts` attempts, defaulting to 3. Active local-tool runs renew the work lease, and `--tool-timeout-seconds` caps tool execution, defaulting to 1800 seconds.

package/dist/index.js CHANGED Viewed

@@ -21,6 +21,9 @@ var itemTypeSchema = z.enum([
   "brainDocument",
   "generatedDraft",
   "issue",
+  "securityScan",
+  "securityFinding",
+  "securityPostureSnapshot",
   "syncCursor",
   "syncConflict",
   "workItem",
@@ -67,7 +70,7 @@ var workStatusSchema = z.enum([
 ]);
 var sourceSchema = z.enum(["web", "repo", "generated", "runner"]);
 var executionModeSchema = z.enum(["localRunner", "cloudSandbox"]);
-var workKindSchema = z.enum(["brainGeneration", "implementation", "planRevision", "assistantQuestion", "impactPreview", "issueDiagnosis"]);
+var workKindSchema = z.enum(["brainGeneration", "implementation", "planRevision", "assistantQuestion", "impactPreview", "issueDiagnosis", "securityPostureScan"]);
 var generatedDraftStatusSchema = z.enum(["queued", "generating", "reviewing", "approved", "rejected", "changesRequested", "failed"]);
 var assistantQuestionModeSchema = z.enum(["brainOnly", "sourceAware"]);
 var impactRiskLevelSchema = z.enum(["low", "medium", "high", "critical"]);
@@ -76,6 +79,13 @@ var issueCategorySchema = z.enum(["bug", "regression", "brokenWorkflow", "securi
 var issueSeveritySchema = z.enum(["low", "medium", "high", "critical"]);
 var issueStatusSchema = z.enum(["queued", "diagnosing", "analysisReady", "approved", "changesRequested", "rejected", "implementationQueued", "implemented", "failed"]);
 var issueApprovalStateSchema = z.enum(["proposed", "approved", "changesRequested", "rejected", "implemented", "blocked"]);
+var securityScanStatusSchema = z.enum(["queued", "running", "completed", "failed", "stale", "skipped"]);
+var securityScanSourceSchema = z.enum(["nightly", "manual"]);
+var securityFindingCategorySchema = z.enum(["owasp", "dependency", "supplyChain", "secretHygiene", "authentication", "authorization", "tenantIsolation", "headers", "redirects", "csrf", "cors", "ciCd", "logging", "runnerBoundary", "other"]);
+var securityFindingSeveritySchema = z.enum(["info", "low", "medium", "high", "critical"]);
+var securityFindingConfidenceSchema = z.enum(["low", "medium", "high"]);
+var securityFindingStatusSchema = z.enum(["open", "planReady", "approved", "changesRequested", "dismissed", "acceptedRisk", "remediationQueued", "resolved", "failed"]);
+var securityApprovalStateSchema = z.enum(["proposed", "approved", "changesRequested", "dismissed", "acceptedRisk", "implemented", "blocked"]);
 var activityEventTypeSchema = z.enum([
   "commandSubmitted",
   "generationQueued",
@@ -99,6 +109,14 @@ var activityEventTypeSchema = z.enum([
   "issueDiagnosisFailed",
   "issueReview",
   "issueImplementationQueued",
+  "securityScanQueued",
+  "securityScanStarted",
+  "securityScanCompleted",
+  "securityScanFailed",
+  "securityFindingOpened",
+  "securityFindingReviewed",
+  "securityRemediationPlanCreated",
+  "securityRemediationQueued",
   "handoffExported"
 ]);
 var activityEventActorSchema = z.enum(["webUser", "runner", "cli", "system"]);
@@ -349,6 +367,8 @@ var workItemSchema = baseItemSchema.extend({
   sourceWish: z.string().min(1).optional(),
   generatedDraftId: z.string().min(1).optional(),
   issueId: z.string().min(1).optional(),
+  securityScanId: z.string().min(1).optional(),
+  securityFindingId: z.string().min(1).optional(),
   repositoryLinkId: z.string().min(1).optional(),
   reviewThreadId: z.string().min(1).optional(),
   reviewDocumentId: z.string().min(1).optional(),
@@ -773,6 +793,107 @@ var issueItemSchema = baseItemSchema.extend({
   runnerId: z.string().min(1).optional(),
   lastDiagnosisError: z.string().optional()
 });
+var securityStandardReferenceSchema = z.object({
+  standard: z.string().trim().min(1).max(120),
+  control: z.string().trim().min(1).max(160),
+  url: z.string().url().optional()
+});
+var securitySeverityCountsSchema = z.object({
+  info: z.number().int().nonnegative().default(0),
+  low: z.number().int().nonnegative().default(0),
+  medium: z.number().int().nonnegative().default(0),
+  high: z.number().int().nonnegative().default(0),
+  critical: z.number().int().nonnegative().default(0)
+});
+var defaultSecuritySeverityCounts = { info: 0, low: 0, medium: 0, high: 0, critical: 0 };
+var securityCategorySummarySchema = z.object({
+  category: securityFindingCategorySchema,
+  status: z.enum(["pass", "warning", "fail", "unknown"]),
+  summary: z.string().trim().min(1).max(600)
+});
+var securityFindingResultSchema = z.object({
+  title: z.string().trim().min(1).max(200),
+  category: securityFindingCategorySchema,
+  severity: securityFindingSeveritySchema,
+  confidence: securityFindingConfidenceSchema.default("medium"),
+  summary: z.string().trim().min(1).max(2e3),
+  standardReferences: z.array(securityStandardReferenceSchema).default([]),
+  affectedSurfaces: z.array(z.string().trim().min(1).max(300)).default([]),
+  evidence: z.array(z.string().trim().min(1).max(600)).default([]),
+  recommendedRemediation: z.string().trim().min(1).max(4e3),
+  verificationPlan: z.array(z.string().trim().min(1).max(300)).min(1),
+  safePaths: z.array(z.string().trim().min(1).max(300)).default([]),
+  status: securityFindingStatusSchema.default("open")
+});
+var securityPostureScanResultSchema = z.object({
+  summary: z.string().trim().min(1).max(2e3),
+  baselineVersion: z.string().trim().min(1).max(80),
+  postureScore: z.number().min(0).max(100).optional(),
+  postureGrade: z.enum(["A", "B", "C", "D", "F", "Unknown"]).default("Unknown"),
+  categorySummaries: z.array(securityCategorySummarySchema).default([]),
+  findings: z.array(securityFindingResultSchema).default([]),
+  verificationPlan: z.array(z.string().trim().min(1).max(300)).min(1)
+});
+var securityScanItemSchema = baseItemSchema.extend({
+  type: z.literal("securityScan"),
+  projectId: z.string().min(1),
+  securityScanId: z.string().min(1),
+  scheduledDate: z.string().regex(/^\d{4}-\d{2}-\d{2}$/),
+  source: securityScanSourceSchema,
+  status: securityScanStatusSchema,
+  baselineVersion: z.string().trim().min(1).max(80).default("amistio-security-baseline-v1"),
+  workItemId: z.string().min(1).optional(),
+  runnerId: z.string().min(1).optional(),
+  findingIds: z.array(z.string().min(1)).default([]),
+  summary: z.string().trim().min(1).max(2e3).optional(),
+  severityCounts: securitySeverityCountsSchema.default(defaultSecuritySeverityCounts),
+  startedAt: isoDateTimeSchema.optional(),
+  completedAt: isoDateTimeSchema.optional(),
+  failedAt: isoDateTimeSchema.optional(),
+  error: z.string().max(1e3).optional()
+});
+var securityFindingItemSchema = baseItemSchema.extend({
+  type: z.literal("securityFinding"),
+  projectId: z.string().min(1),
+  securityFindingId: z.string().min(1),
+  securityScanId: z.string().min(1),
+  title: z.string().trim().min(1).max(200),
+  category: securityFindingCategorySchema,
+  severity: securityFindingSeveritySchema,
+  confidence: securityFindingConfidenceSchema.default("medium"),
+  status: securityFindingStatusSchema,
+  approvalState: securityApprovalStateSchema.default("proposed"),
+  summary: z.string().trim().min(1).max(2e3),
+  standardReferences: z.array(securityStandardReferenceSchema).default([]),
+  affectedSurfaces: z.array(z.string().trim().min(1).max(300)).default([]),
+  evidence: z.array(z.string().trim().min(1).max(600)).default([]),
+  safePaths: z.array(z.string().trim().min(1).max(300)).default([]),
+  recommendedRemediation: z.string().trim().min(1).max(4e3),
+  verificationPlan: z.array(z.string().trim().min(1).max(300)).min(1),
+  remediationPlanDocumentId: z.string().min(1).optional(),
+  remediationPromptDocumentId: z.string().min(1).optional(),
+  implementationWorkItemId: z.string().min(1).optional(),
+  reviewNotes: z.string().trim().min(1).optional(),
+  reviewedByUserId: z.string().min(1).optional(),
+  reviewedAt: isoDateTimeSchema.optional(),
+  resolvedAt: isoDateTimeSchema.optional(),
+  lastReviewAction: z.enum(["approve", "requestChanges", "dismiss", "acceptRisk", "reopen"]).optional()
+});
+var securityPostureSnapshotItemSchema = baseItemSchema.extend({
+  type: z.literal("securityPostureSnapshot"),
+  projectId: z.string().min(1),
+  securityPostureSnapshotId: z.string().min(1),
+  latestScanId: z.string().min(1).optional(),
+  status: z.enum(["unknown", "fresh", "stale", "running", "failed"]),
+  baselineVersion: z.string().trim().min(1).max(80).default("amistio-security-baseline-v1"),
+  postureScore: z.number().min(0).max(100).optional(),
+  postureGrade: z.enum(["A", "B", "C", "D", "F", "Unknown"]).default("Unknown"),
+  severityCounts: securitySeverityCountsSchema.default(defaultSecuritySeverityCounts),
+  categorySummaries: z.array(securityCategorySummarySchema).default([]),
+  lastScannedAt: isoDateTimeSchema.optional(),
+  nextScheduledAt: isoDateTimeSchema.optional(),
+  summary: z.string().trim().min(1).max(2e3).optional()
+});
 var activityEventItemSchema = baseItemSchema.extend({
   type: z.literal("activityEvent"),
   projectId: z.string().min(1),
@@ -788,6 +909,8 @@ var activityEventItemSchema = baseItemSchema.extend({
   relatedWorkItemId: z.string().min(1).optional(),
   relatedDocumentId: z.string().min(1).optional(),
   relatedIssueId: z.string().min(1).optional(),
+  relatedSecurityScanId: z.string().min(1).optional(),
+  relatedSecurityFindingId: z.string().min(1).optional(),
   generatedDraftId: z.string().min(1).optional(),
   runnerId: z.string().min(1).optional(),
   repositoryLinkId: z.string().min(1).optional(),
@@ -845,6 +968,9 @@ var projectItemUnionSchema = z.discriminatedUnion("type", [
   brainDocumentItemSchema,
   generatedDraftItemSchema,
   issueItemSchema,
+  securityScanItemSchema,
+  securityFindingItemSchema,
+  securityPostureSnapshotItemSchema,
   syncCursorItemSchema,
   syncConflictItemSchema,
   workItemSchema,
@@ -1756,6 +1882,16 @@ var ApiClient = class {
       }
     );
   }
+  async submitSecurityPostureScanResult(projectId, workItemId, result) {
+    return this.request(
+      `/projects/${projectId}/work-items/${workItemId}/security-result`,
+      z3.object({ scan: securityScanItemSchema, findings: z3.array(securityFindingItemSchema), snapshot: securityPostureSnapshotItemSchema, workItem: workItemSchema }),
+      {
+        method: "POST",
+        body: JSON.stringify(result)
+      }
+    );
+  }
   async request(urlPath, schema, init) {
     const response = await fetch(resolveApiUrl(this.options.apiUrl, urlPath), {
       ...init,
@@ -3726,6 +3862,8 @@ var impactPreviewStart = "AMISTIO_IMPACT_PREVIEW_START";
 var impactPreviewEnd = "AMISTIO_IMPACT_PREVIEW_END";
 var issueDiagnosisStart = "AMISTIO_ISSUE_DIAGNOSIS_START";
 var issueDiagnosisEnd = "AMISTIO_ISSUE_DIAGNOSIS_END";
+var securityPostureStart = "AMISTIO_SECURITY_POSTURE_START";
+var securityPostureEnd = "AMISTIO_SECURITY_POSTURE_END";
 function createWorkExecutionPrompt(workItem, context) {
   if (workItem.workKind === "brainGeneration") {
     return createBrainGenerationPrompt(workItem);
@@ -3742,6 +3880,9 @@ function createWorkExecutionPrompt(workItem, context) {
   if (workItem.workKind === "issueDiagnosis") {
     return createIssueDiagnosisPrompt(workItem, context?.issueDiagnosis);
   }
+  if (workItem.workKind === "securityPostureScan") {
+    return createSecurityPostureScanPrompt(workItem, context?.securityPostureScan);
+  }
   return [
     "# Amistio Work Execution",
     "",
@@ -3770,6 +3911,63 @@ function createWorkExecutionPrompt(workItem, context) {
     "- Run relevant verification commands when feasible and summarize results."
   ].join("\n");
 }
+function createSecurityPostureScanPrompt(workItem, context) {
+  const approvedContext = (context?.documents ?? []).filter((document) => document.status === "approved" || document.syncState === "approved" || document.syncState === "synced").slice(0, 20).map((document) => [
+    `### ${document.title}`,
+    `documentId: ${document.documentId}`,
+    `documentType: ${document.documentType}`,
+    `repoPath: ${document.repoPath}`,
+    `revision: ${document.revision}`,
+    document.content.slice(0, 3e3)
+  ].join("\n")).join("\n\n");
+  return [
+    "# Amistio Security Posture Scan",
+    "",
+    "You are running locally through the Amistio CLI inside the user's repository.",
+    "Run a read-only security posture scan and produce approval-gated remediation findings.",
+    "Do not modify files, create branches, commit, run implementation prompts, install packages, perform exploit attempts, call external services, or make unaudited network calls.",
+    "Use only safe local inspection and focused diagnostic commands that do not expose secrets.",
+    "",
+    "## Work Item",
+    "",
+    `Title: ${workItem.title}`,
+    `Work item ID: ${workItem.workItemId}`,
+    `Project ID: ${workItem.projectId}`,
+    `Security scan ID: ${workItem.securityScanId ?? "unknown"}`,
+    "",
+    "## Scan Request",
+    "",
+    workItem.sourceWish ?? "Run the Amistio security baseline.",
+    "",
+    "## Approved Project Brain Context",
+    "",
+    approvedContext || "No approved project-brain records were loaded. Inspect local repository files as needed and explain the gap in the summary.",
+    "",
+    "## Baseline Requirements",
+    "",
+    "- Cover OWASP Top 10 and OWASP ASVS Level 1 style controls.",
+    "- Check dependency and supply-chain posture: audit advisories, lockfiles, CI verification, release provenance, and trusted publishing where applicable.",
+    "- Check secret and credential hygiene using redacted evidence only.",
+    "- Check authentication, authorization, tenant isolation, redirects/callbacks, CSRF, CORS, security headers, logging redaction, and rate limiting.",
+    "- Check Amistio controls: local-runner-only execution, supported work-kind gates, approval gates, worktree isolation, runner credential binding, and redacted telemetry.",
+    "",
+    "## Data Safety",
+    "",
+    "- Persist summaries, controls, repository-relative paths, and redacted evidence only.",
+    "- Do not include raw source, secrets, env vars, command lines, process lists, absolute local paths, credential values, tokens, provider sessions, or exploit payloads.",
+    "- Use safePaths for repo-relative paths only; never include /absolute paths or ../ traversal.",
+    "",
+    "## Output Contract",
+    "",
+    "Print exactly one JSON object between the markers below. The CLI will submit only this structured scan result back to Amistio.",
+    "",
+    securityPostureStart,
+    '{"summary":"Security posture is mostly healthy, but dependency advisory review is not automated.","baselineVersion":"amistio-security-baseline-v1","postureScore":82,"postureGrade":"B","categorySummaries":[{"category":"dependency","status":"warning","summary":"Dependency audit automation is incomplete."}],"findings":[{"title":"Dependency audit is not enforced in CI","category":"dependency","severity":"medium","confidence":"high","summary":"The repository has a lockfile, but CI does not appear to fail on known vulnerable dependencies.","standardReferences":[{"standard":"OWASP ASVS","control":"V14.2 Dependency"}],"affectedSurfaces":["CI verification"],"evidence":["No dependency audit step was found in the CI verification summary."],"recommendedRemediation":"Add a dependency advisory check to the existing verification pipeline and document how failures are handled.","verificationPlan":["Run the updated CI verification command locally","Confirm a known advisory fails the check in a controlled test"],"safePaths":["package.json","pnpm-lock.yaml"]}],"verificationPlan":["Run focused dependency and CI checks","Review Security panel findings for approval"]}',
+    securityPostureEnd,
+    "",
+    "Do not put Markdown fences around the markers. Do not implement remediation."
+  ].join("\n");
+}
 function createIssueDiagnosisPrompt(workItem, context) {
   const issue = context?.issue;
   const approvedContext = (context?.documents ?? []).filter((document) => document.status === "approved" || document.syncState === "approved" || document.syncState === "synced").slice(0, 16).map((document) => [
@@ -4006,6 +4204,16 @@ function parseIssueDiagnosisResult(output) {
   const parsed = JSON.parse(stripJsonFence(payload));
   return issueDiagnosisResultSchema.parse(parsed);
 }
+function parseSecurityPostureScanResult(output) {
+  const start = output.indexOf(securityPostureStart);
+  const end = output.indexOf(securityPostureEnd, start + securityPostureStart.length);
+  if (start === -1 || end === -1 || end <= start) {
+    throw new Error("Local AI scan did not return an Amistio security posture block.");
+  }
+  const payload = output.slice(start + securityPostureStart.length, end).trim();
+  const parsed = JSON.parse(stripJsonFence(payload));
+  return securityPostureScanResultSchema.parse(parsed);
+}
 function createBrainGenerationPrompt(workItem) {
   const wish = workItem.sourceWish ?? workItem.title;
   return [
@@ -4718,7 +4926,7 @@ var DEFAULT_MAX_PREFLIGHT_ATTEMPTS = 3;
 var DEFAULT_TOOL_TIMEOUT_SECONDS = 30 * 60;
 var RUNNER_WORK_LEASE_SECONDS = 300;
 var RUNNER_WORK_LEASE_RENEWAL_MS = 12e4;
-var runnerSupportedWorkKinds = ["brainGeneration", "implementation", "planRevision", "assistantQuestion", "impactPreview", "issueDiagnosis"];
+var runnerSupportedWorkKinds = ["brainGeneration", "implementation", "planRevision", "assistantQuestion", "impactPreview", "issueDiagnosis", "securityPostureScan"];
 program.name("amistio").description("Amistio project brain CLI").version(CLI_VERSION);
 program.command("init").description("Create Amistio control-plane folders for a new project").option("--root <path>", "Repository root", defaultRoot).action(async (options) => {
   const created = await initControlPlane(options.root);
@@ -5699,6 +5907,24 @@ async function runNextWorkItem({
       return recordFinalizationFailure({ apiClient, error, isolationTelemetry, projectId, repositoryLinkId, runnerId, sessionContext, toolConfig, toolName: preview.toolName, workItem: result.workItem, durationMs: Date.now() - startedAt });
     }
   }
+  if (result.workItem.workKind === "securityPostureScan") {
+    try {
+      return await finalizeSecurityPostureScanWork({
+        apiClient,
+        durationMs: Date.now() - startedAt,
+        projectId,
+        repositoryLinkId,
+        runnerId,
+        sessionContext,
+        toolConfig,
+        toolName: preview.toolName,
+        toolResult,
+        workItem: result.workItem
+      });
+    } catch (error) {
+      return recordFinalizationFailure({ apiClient, error, isolationTelemetry, projectId, repositoryLinkId, runnerId, sessionContext, toolConfig, toolName: preview.toolName, workItem: result.workItem, durationMs: Date.now() - startedAt });
+    }
+  }
   const finalStatus = toolResult.exitCode === 0 ? "completed" : "failed";
   const durationMs = Date.now() - startedAt;
   const failureExcerpt = toolResult.exitCode === 0 ? void 0 : truncateLogExcerpt(toolResult.stderr || toolResult.stdout);
@@ -6326,6 +6552,92 @@ ${toolResult.stderr}`);
   console.error(diagnosisError ?? "Local runner issue diagnosis failed.");
   return { status: "failed", exitCode: toolResult.exitCode || 1 };
 }
+async function finalizeSecurityPostureScanWork({
+  apiClient,
+  durationMs,
+  projectId,
+  repositoryLinkId,
+  runnerId,
+  sessionContext,
+  toolConfig,
+  toolName,
+  toolResult,
+  workItem
+}) {
+  let scanResult = void 0;
+  let scanError;
+  if (toolResult.exitCode === 0) {
+    try {
+      scanResult = parseSecurityPostureScanResult(`${toolResult.stdout}
+${toolResult.stderr}`);
+    } catch (error) {
+      scanError = errorMessage3(error);
+    }
+  } else {
+    scanError = truncateLogExcerpt(toolResult.stderr || toolResult.stdout) || `${toolName} exited with code ${toolResult.exitCode}.`;
+  }
+  const finalStatus = scanResult ? "completed" : "failed";
+  const updatedToolSession = await finalizeToolSession({
+    apiClient,
+    projectId,
+    status: finalStatus,
+    runnerId,
+    workItemId: workItem.workItemId,
+    stdout: toolResult.stdout,
+    ...sessionContext.toolSession ? { session: sessionContext.toolSession } : {},
+    ...toolResult.messageCount !== void 0 ? { messageCount: toolResult.messageCount } : {},
+    ...toolResult.tokensIn !== void 0 ? { tokensIn: toolResult.tokensIn } : {},
+    ...toolResult.tokensOut !== void 0 ? { tokensOut: toolResult.tokensOut } : {},
+    ...toolResult.costUsd !== void 0 ? { costUsd: toolResult.costUsd } : {}
+  });
+  const sessionTelemetry = {
+    sessionPolicy: sessionContext.policy,
+    sessionDecision: sessionContext.decision,
+    sessionDecisionReason: sessionContext.reason,
+    ...updatedToolSession ? { toolSessionId: updatedToolSession.toolSessionId } : {},
+    ...updatedToolSession?.sessionGroupKey ? { sessionGroupKey: updatedToolSession.sessionGroupKey } : {}
+  };
+  if (scanResult) {
+    const result = await apiClient.submitSecurityPostureScanResult(projectId, workItem.workItemId, {
+      status: "completed",
+      runnerId,
+      idempotencyKey: `security_${workItem.workItemId}_${randomUUID()}`,
+      result: scanResult,
+      tool: toolName,
+      durationMs,
+      ...sessionTelemetry,
+      message: `${toolName} returned a security posture scan.`
+    });
+    await recordRunnerMilestone(apiClient, projectId, workItem, runnerId, repositoryLinkId, {
+      status: "completed",
+      summary: `${toolName} returned a security posture scan.`,
+      idempotencyKey: `runner_milestone_security_completed_${workItem.workItemId}_${result.workItem.idempotencyKey}`,
+      metadata: { tool: toolName, durationMs, findingCount: scanResult.findings.length, critical: result.scan.severityCounts.critical, high: result.scan.severityCounts.high, verificationSummary: scanResult.verificationPlan.join(" | ") }
+    });
+    await apiClient.sendRunnerHeartbeat(projectId, runnerId, repositoryLinkId, "online", runnerHeartbeatMetadata(toolConfig));
+    console.log("Security posture scan returned for review.");
+    return { status: "completed", exitCode: 0 };
+  }
+  const failedResult = await apiClient.submitSecurityPostureScanResult(projectId, workItem.workItemId, {
+    status: "failed",
+    runnerId,
+    idempotencyKey: `security_${workItem.workItemId}_${randomUUID()}`,
+    tool: toolName,
+    durationMs,
+    ...sessionTelemetry,
+    message: `${toolName} did not produce a valid security posture scan.`,
+    ...scanError ? { error: scanError } : {}
+  });
+  await recordRunnerMilestone(apiClient, projectId, workItem, runnerId, repositoryLinkId, {
+    status: "failed",
+    summary: scanError ?? `${toolName} did not produce a valid security posture scan.`,
+    idempotencyKey: `runner_milestone_security_failed_${workItem.workItemId}_${failedResult.workItem.idempotencyKey}`,
+    metadata: { tool: toolName, durationMs, verificationSummary: "Security posture output did not include valid structured JSON." }
+  });
+  await apiClient.sendRunnerHeartbeat(projectId, runnerId, repositoryLinkId, "online", runnerHeartbeatMetadata(toolConfig));
+  console.error(scanError ?? "Local runner security posture scan failed.");
+  return { status: "failed", exitCode: toolResult.exitCode || 1 };
+}
 async function createRunnerWorkPrompt(apiClient, projectId, workItem) {
   if (workItem.workKind === "assistantQuestion") {
     const [{ documents: documents2 }, { messages: messages2 }] = await Promise.all([
@@ -6360,6 +6672,12 @@ async function createRunnerWorkPrompt(apiClient, projectId, workItem) {
       }
     });
   }
+  if (workItem.workKind === "securityPostureScan") {
+    const { documents: documents2 } = await apiClient.listBrainDocuments(projectId);
+    return createWorkExecutionPrompt(workItem, {
+      securityPostureScan: { documents: documents2 }
+    });
+  }
   if (workItem.workKind !== "planRevision" || !workItem.reviewDocumentId) {
     return createWorkExecutionPrompt(workItem);
   }