@bookedsolid/rea 0.28.1 → 0.29.0

package/agents/rea-orchestrator.md

@@ -114,6 +114,24 @@ Consumer projects may extend the roster via `.rea/agents/` and profile YAMLs, bu
 4. Delegate with full context — include file paths, constraints from policy.yaml, acceptance criteria, and the commit-discipline note above
 5. Verify outputs before reporting completion — do not trust agent summaries at face value. Read the files, check git status, confirm the build.
 
+## Self-review when the orchestrator implements directly (0.29.0+)
+
+There are sessions where the orchestrator must implement work itself instead of dispatching:
+
+- Subagent dispatch is unavailable (no Task tool in the current harness, exempt-subagent scenario).
+- The task is narrowly scoped to a single small surface where the dispatch overhead exceeds the implementation cost.
+- A codex round between specialist hand-offs is being used as the de facto specialist tier (the "Option C" iteration pattern from the 0.29.0 marathon).
+
+In every such case, you MUST still apply the specialist discipline that delegation would have enforced. This is not optional — the structural risk of "one Opus turn implements five surfaces" is exactly the failure mode that principal-engineer review caught in the 0.28.0 cycle (manifest glob-injection P1 + cache-staleness P2, both pre-commit). Reach the same closure shape by:
+
+1. **Name the specialists you are channeling.** Before each surface, state which specialist's discipline applies (e.g. "shell-scripting-specialist + adversarial-test-specialist for the bash gate corpus; typescript-specialist for the CLI; platform-architect for the workflow"). State it out loud so the user can spot a mis-cast role.
+2. **Codex round between surfaces, not just at the end.** A single end-of-build codex round across 5 surfaces buries P1s in noise. One round per surface keeps the signal sharp. The 0.27.0 direct-Bash codex CLI is cheap enough at one Opus turn per round to make this routine.
+3. **Explicit threat-model framing for security-tier changes.** When patching a hook, name the bypass class, the conservative-vs-narrow reading, and the sibling shapes the class implies. Refuse to commit until the corpus enumerates every shape the class includes.
+4. **Single-commit-per-PR discipline still applies.** Squash local work before push. The pre-push gate's stateless codex review runs once against the squashed diff; granular commits multiply the review burden without surfacing new findings.
+5. **Defer ruthlessly.** Trimmed-scope greenlights from the user are a maximum, not a minimum. The marathon's 0.28.0 lesson was "principal-engineer trimmed the 11-item plate to 6 with crisp deferral reasons." Apply the same lens during direct-implementation: if surface 6 needs structural rework, defer it to the next minor with the reason in the changeset rather than ship a half-baked closure.
+
+A self-review checkpoint after each surface (read the diff back, run the targeted tests, fire codex against the working tree) IS the specialist tier when no subagent is in the path. Skip the checkpoint and the structural lesson resets.
+
 ## The Plan / Build / Review Loop (default workflow)
 
 REA's default engineering workflow is three-legged, with Review performed by a different model than Build:

package/dist/audit/append.d.ts

@@ -83,3 +83,4 @@ export type { AuditRecord, EmissionSource } from '../gateway/middleware/audit-ty
 export { Tier, InvocationStatus } from '../policy/types.js';
 export { CODEX_REVIEW_TOOL_NAME, CODEX_REVIEW_SERVER_NAME, type CodexVerdict, type CodexReviewMetadata, } from './codex-event.js';
 export { LOCAL_REVIEW_TOOL_NAME, LOCAL_REVIEW_SKIPPED_OVERRIDE_TOOL_NAME, LOCAL_REVIEW_SKIPPED_UNAVAILABLE_TOOL_NAME, LOCAL_REVIEW_PREFLIGHT_SKIPPED_TOOL_NAME, LOCAL_REVIEW_SERVER_NAME, type LocalReviewVerdict, type LocalReviewMetadata, type LocalReviewSkippedOverrideMetadata, type LocalReviewSkippedUnavailableMetadata, } from './local-review-event.js';
+export { DELEGATION_SIGNAL_TOOL_NAME, DELEGATION_SIGNAL_SERVER_NAME, DELEGATION_SIGNAL_SCHEMA_VERSION, DelegationSignalMetadataSchema, type DelegationTool, type DelegationSignalMetadata, type DelegationSignalMetadataParsed, } from './delegation-event.js';

package/dist/audit/append.js

@@ -204,3 +204,4 @@ export async function appendAuditRecord(baseDir, input) {
 export { Tier, InvocationStatus } from '../policy/types.js';
 export { CODEX_REVIEW_TOOL_NAME, CODEX_REVIEW_SERVER_NAME, } from './codex-event.js';
 export { LOCAL_REVIEW_TOOL_NAME, LOCAL_REVIEW_SKIPPED_OVERRIDE_TOOL_NAME, LOCAL_REVIEW_SKIPPED_UNAVAILABLE_TOOL_NAME, LOCAL_REVIEW_PREFLIGHT_SKIPPED_TOOL_NAME, LOCAL_REVIEW_SERVER_NAME, } from './local-review-event.js';
+export { DELEGATION_SIGNAL_TOOL_NAME, DELEGATION_SIGNAL_SERVER_NAME, DELEGATION_SIGNAL_SCHEMA_VERSION, DelegationSignalMetadataSchema, } from './delegation-event.js';

package/dist/audit/delegation-event.d.ts

@@ -0,0 +1,215 @@
+/**
+ * Single source of truth for the `rea.delegation_signal` audit event shape
+ * (0.29.0+).
+ *
+ * 0.29.0 — delegation-telemetry MVP. Claude Code's PreToolUse hook tree
+ * gains a new matcher (`Agent|Skill`) that pipes a redacted, hashed
+ * record of every subagent dispatch and skill invocation into
+ * `.rea/audit.jsonl`. The signal is observational, not gating — it
+ * answers "which specialists is this session actually delegating to,
+ * and how often" without altering the autonomy tree.
+ *
+ * # The two delegation tools
+ *
+ * Current Claude Code exposes exactly two delegation surfaces:
+ *
+ *   - `Agent` — dispatches a curated subagent (rea-orchestrator,
+ *     code-reviewer, …). The agent name is at
+ *     `tool_input.subagent_type`.
+ *   - `Skill` — invokes a named skill (deep-dive, /loop, …). The skill
+ *     name is at `tool_input.skill`.
+ *
+ * mcp-protocol-specialist verified BOTH payload paths against current
+ * Claude Code. A Skill that internally forks an Agent fires PreToolUse
+ * TWICE (Skill then Agent) for the same logical action; v1 records
+ * both — deduplication lives in the reader, not the writer.
+ *
+ * # Not `Task`
+ *
+ * In current Claude Code the tools are `Agent` and `Skill`. The names
+ * `TaskCreate`/`TaskList`/`TaskUpdate` belong to the unrelated todo-list
+ * tool surface and MUST NOT match. The settings.json matcher is
+ * `Agent|Skill` everywhere — anchored on a `^…$` boundary by the hook
+ * runtime, so `Agent` doesn't accidentally collide with hypothetical
+ * future tools named `Agentic…`.
+ *
+ * # Privacy invariant
+ *
+ * The raw `description` / `prompt` payload NEVER touches `.rea/audit.jsonl`
+ * — only its SHA-256 hash. The hash is collision-resistant identification
+ * (two identical prompts produce identical hashes, enabling
+ * delegation-pattern discovery) without persisting prompt content.
+ *
+ * The agent / skill name field DOES land in the audit log, but is run
+ * through `redactSecrets` first. A subagent_type that contains a
+ * planted credential string (synthetic AWS key, GitHub token, …) is
+ * replaced with `[REDACTED]` and the matching pattern names are
+ * appended to the record's `redacted_fields` envelope.
+ *
+ * # Provider seam (kept tiny)
+ *
+ * Unlike `rea.local_review`, this event does NOT have a `provider`
+ * field. The producer is always Claude Code's hook runtime and the
+ * `emission_source: 'rea-cli'` envelope is sufficient. If a future
+ * runtime (e.g. another agent host) wants to emit signals through the
+ * same channel, it writes the same shape with the same tool_name and
+ * relies on `session_id_observed` / `delegation_tool` for
+ * disambiguation.
+ *
+ * # Schema version
+ *
+ * The literal `schema_version: 1` is part of the metadata payload. Zod
+ * strict-mode rejects unknown fields, so a future v2 producer writing
+ * v2-only fields against a v1 consumer fails-loud rather than silently
+ * dropping data. Readers filter by `tool_name === 'rea.delegation_signal'`
+ * AND `metadata.schema_version === 1`.
+ */
+import { z } from 'zod';
+/**
+ * Canonical `tool_name` on the audit record envelope. Readers filter on
+ * this exact literal — anything else is a different event class.
+ */
+export declare const DELEGATION_SIGNAL_TOOL_NAME: "rea.delegation_signal";
+/**
+ * `server_name` envelope value. The signal originates from Claude Code's
+ * hook runtime, captured by `rea hook delegation-signal` and appended
+ * via the public audit-record API. Naming it `claude-code-hooks` makes
+ * the producer surface unambiguous in forensic queries (vs.
+ * `'rea'` which is used for first-party rea CLI events like
+ * `rea.local_review`).
+ */
+export declare const DELEGATION_SIGNAL_SERVER_NAME: "claude-code-hooks";
+/**
+ * Schema version literal. Bumped only when the metadata shape gains a
+ * non-backwards-compatible change. Adding optional fields does NOT bump
+ * the version — zod's strict mode rejects them, so any new field MUST
+ * either ship with a major-version bump OR have its zod parser updated
+ * in lockstep.
+ */
+export declare const DELEGATION_SIGNAL_SCHEMA_VERSION: 1;
+/**
+ * The two valid delegation-tool values. `Agent` and `Skill` are the
+ * exact tool names emitted by Claude Code's PreToolUse hook payload —
+ * anything else is a misclassification at the hook layer.
+ */
+export type DelegationTool = 'Agent' | 'Skill';
+/**
+ * Canonical metadata payload for `rea.delegation_signal`. Embedded
+ * under `metadata` on the audit record. The audit-record envelope
+ * itself supplies `tool_name`, `server_name`, `session_id`, `timestamp`,
+ * `prev_hash`, `hash`, `redacted_fields`, etc. — keep those out of
+ * metadata.
+ */
+export interface DelegationSignalMetadata {
+    /**
+     * Always `1` for the 0.29.0 shape. Carried as a literal so future
+     * v2-aware readers can distinguish records they understand from
+     * records they don't.
+     */
+    schema_version: typeof DELEGATION_SIGNAL_SCHEMA_VERSION;
+    /**
+     * Which Claude Code surface fired the hook — `'Agent'` for the
+     * subagent dispatch tool, `'Skill'` for the skill invocation tool.
+     * The reader CLI groups records on `subagent_type` regardless of
+     * `delegation_tool` (a `deep-dive` skill and a `deep-dive` agent
+     * roll into the same bucket), but the field is retained for forensic
+     * queries that want to distinguish the two.
+     */
+    delegation_tool: DelegationTool;
+    /**
+     * For `Agent`: the value of `tool_input.subagent_type` at the hook
+     * (e.g. `'rea-orchestrator'`).
+     *
+     * For `Skill`: the value of `tool_input.skill` (e.g. `'deep-dive'`).
+     *
+     * Always passed through `redactSecrets` before landing here. If a
+     * planted secret pattern fires, this field is `'[REDACTED]'` and
+     * the matching pattern name appears in the record's
+     * `redacted_fields` envelope.
+     *
+     * Reader CLI groups records on this field.
+     */
+    subagent_type: string;
+    /**
+     * The session id Claude Code attached to the hook payload — the same
+     * value the harness uses for its own correlation. Captured verbatim
+     * so a future per-session breakdown (deferred to 0.29.1) can group
+     * records without scanning the entire chain.
+     *
+     * Distinct from the audit envelope's `session_id`, which uses the
+     * caller's session ("external" for the CLI subcommand). The
+     * envelope's `session_id` says WHO wrote the record; this field says
+     * WHO Claude Code thinks is delegating.
+     */
+    session_id_observed: string;
+    /**
+     * When the dispatching agent is itself a subagent, this is the
+     * parent's subagent_type at hook-fire time. Drawn from
+     * `CLAUDE_PARENT_SUBAGENT` / `tool_input.parent_subagent_type` when
+     * present; `null` for top-level dispatches.
+     *
+     * Like `subagent_type`, redacted before landing here.
+     */
+    parent_subagent_type: string | null;
+    /**
+     * SHA-256 hex digest of `tool_input.description` (Agent) or
+     * `tool_input.prompt` (Skill). When neither is present an empty
+     * string is hashed — the resulting digest is the well-known
+     * `e3b0c4...` constant, which readers can recognize as "no prompt".
+     *
+     * # Why hash, not redact
+     *
+     * The prompt is the actionable content of the delegation — it
+     * routinely names files, customers, internal URLs, half-finished
+     * thoughts. Redacting it via pattern-matching is best-effort; hashing
+     * it is total. The collision-resistance of SHA-256 still lets two
+     * identical prompts produce identical hashes, which is enough for
+     * the delegation-pattern queries this telemetry exists to support.
+     */
+    invocation_description_sha256: string;
+    /**
+     * ISO-8601 timestamp Claude Code attached to the hook event, when
+     * present. Distinct from the audit-record envelope's `timestamp`
+     * (which is the moment the CLI subcommand wrote the line). Both
+     * fields are useful: the envelope timestamp orders the chain,
+     * `hook_event_timestamp` orders the underlying events.
+     */
+    hook_event_timestamp?: string;
+}
+/**
+ * Strict-mode zod schema for the metadata payload. Unknown fields are
+ * rejected — a future v2 producer must bump `DELEGATION_SIGNAL_SCHEMA_VERSION`
+ * AND update this schema in the same commit, otherwise v1 readers fail
+ * loud rather than silently dropping new fields.
+ *
+ * The schema is exported so the CLI subcommand validates its OWN
+ * emitted metadata before passing it to `appendAuditRecord` — defense
+ * in depth against a future refactor that wires the field set
+ * incorrectly. (Same posture as `loadPolicy` self-validation.)
+ */
+export declare const DelegationSignalMetadataSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<1>;
+    delegation_tool: z.ZodUnion<[z.ZodLiteral<"Agent">, z.ZodLiteral<"Skill">]>;
+    subagent_type: z.ZodString;
+    session_id_observed: z.ZodString;
+    parent_subagent_type: z.ZodUnion<[z.ZodString, z.ZodNull]>;
+    invocation_description_sha256: z.ZodString;
+    hook_event_timestamp: z.ZodOptional<z.ZodString>;
+}, "strict", z.ZodTypeAny, {
+    schema_version: 1;
+    delegation_tool: "Agent" | "Skill";
+    subagent_type: string;
+    session_id_observed: string;
+    parent_subagent_type: string | null;
+    invocation_description_sha256: string;
+    hook_event_timestamp?: string | undefined;
+}, {
+    schema_version: 1;
+    delegation_tool: "Agent" | "Skill";
+    subagent_type: string;
+    session_id_observed: string;
+    parent_subagent_type: string | null;
+    invocation_description_sha256: string;
+    hook_event_timestamp?: string | undefined;
+}>;
+export type DelegationSignalMetadataParsed = z.infer<typeof DelegationSignalMetadataSchema>;

package/dist/audit/delegation-event.js

@@ -0,0 +1,113 @@
+/**
+ * Single source of truth for the `rea.delegation_signal` audit event shape
+ * (0.29.0+).
+ *
+ * 0.29.0 — delegation-telemetry MVP. Claude Code's PreToolUse hook tree
+ * gains a new matcher (`Agent|Skill`) that pipes a redacted, hashed
+ * record of every subagent dispatch and skill invocation into
+ * `.rea/audit.jsonl`. The signal is observational, not gating — it
+ * answers "which specialists is this session actually delegating to,
+ * and how often" without altering the autonomy tree.
+ *
+ * # The two delegation tools
+ *
+ * Current Claude Code exposes exactly two delegation surfaces:
+ *
+ *   - `Agent` — dispatches a curated subagent (rea-orchestrator,
+ *     code-reviewer, …). The agent name is at
+ *     `tool_input.subagent_type`.
+ *   - `Skill` — invokes a named skill (deep-dive, /loop, …). The skill
+ *     name is at `tool_input.skill`.
+ *
+ * mcp-protocol-specialist verified BOTH payload paths against current
+ * Claude Code. A Skill that internally forks an Agent fires PreToolUse
+ * TWICE (Skill then Agent) for the same logical action; v1 records
+ * both — deduplication lives in the reader, not the writer.
+ *
+ * # Not `Task`
+ *
+ * In current Claude Code the tools are `Agent` and `Skill`. The names
+ * `TaskCreate`/`TaskList`/`TaskUpdate` belong to the unrelated todo-list
+ * tool surface and MUST NOT match. The settings.json matcher is
+ * `Agent|Skill` everywhere — anchored on a `^…$` boundary by the hook
+ * runtime, so `Agent` doesn't accidentally collide with hypothetical
+ * future tools named `Agentic…`.
+ *
+ * # Privacy invariant
+ *
+ * The raw `description` / `prompt` payload NEVER touches `.rea/audit.jsonl`
+ * — only its SHA-256 hash. The hash is collision-resistant identification
+ * (two identical prompts produce identical hashes, enabling
+ * delegation-pattern discovery) without persisting prompt content.
+ *
+ * The agent / skill name field DOES land in the audit log, but is run
+ * through `redactSecrets` first. A subagent_type that contains a
+ * planted credential string (synthetic AWS key, GitHub token, …) is
+ * replaced with `[REDACTED]` and the matching pattern names are
+ * appended to the record's `redacted_fields` envelope.
+ *
+ * # Provider seam (kept tiny)
+ *
+ * Unlike `rea.local_review`, this event does NOT have a `provider`
+ * field. The producer is always Claude Code's hook runtime and the
+ * `emission_source: 'rea-cli'` envelope is sufficient. If a future
+ * runtime (e.g. another agent host) wants to emit signals through the
+ * same channel, it writes the same shape with the same tool_name and
+ * relies on `session_id_observed` / `delegation_tool` for
+ * disambiguation.
+ *
+ * # Schema version
+ *
+ * The literal `schema_version: 1` is part of the metadata payload. Zod
+ * strict-mode rejects unknown fields, so a future v2 producer writing
+ * v2-only fields against a v1 consumer fails-loud rather than silently
+ * dropping data. Readers filter by `tool_name === 'rea.delegation_signal'`
+ * AND `metadata.schema_version === 1`.
+ */
+import { z } from 'zod';
+/**
+ * Canonical `tool_name` on the audit record envelope. Readers filter on
+ * this exact literal — anything else is a different event class.
+ */
+export const DELEGATION_SIGNAL_TOOL_NAME = 'rea.delegation_signal';
+/**
+ * `server_name` envelope value. The signal originates from Claude Code's
+ * hook runtime, captured by `rea hook delegation-signal` and appended
+ * via the public audit-record API. Naming it `claude-code-hooks` makes
+ * the producer surface unambiguous in forensic queries (vs.
+ * `'rea'` which is used for first-party rea CLI events like
+ * `rea.local_review`).
+ */
+export const DELEGATION_SIGNAL_SERVER_NAME = 'claude-code-hooks';
+/**
+ * Schema version literal. Bumped only when the metadata shape gains a
+ * non-backwards-compatible change. Adding optional fields does NOT bump
+ * the version — zod's strict mode rejects them, so any new field MUST
+ * either ship with a major-version bump OR have its zod parser updated
+ * in lockstep.
+ */
+export const DELEGATION_SIGNAL_SCHEMA_VERSION = 1;
+/**
+ * Strict-mode zod schema for the metadata payload. Unknown fields are
+ * rejected — a future v2 producer must bump `DELEGATION_SIGNAL_SCHEMA_VERSION`
+ * AND update this schema in the same commit, otherwise v1 readers fail
+ * loud rather than silently dropping new fields.
+ *
+ * The schema is exported so the CLI subcommand validates its OWN
+ * emitted metadata before passing it to `appendAuditRecord` — defense
+ * in depth against a future refactor that wires the field set
+ * incorrectly. (Same posture as `loadPolicy` self-validation.)
+ */
+export const DelegationSignalMetadataSchema = z
+    .object({
+    schema_version: z.literal(DELEGATION_SIGNAL_SCHEMA_VERSION),
+    delegation_tool: z.union([z.literal('Agent'), z.literal('Skill')]),
+    subagent_type: z.string(),
+    session_id_observed: z.string(),
+    parent_subagent_type: z.union([z.string(), z.null()]),
+    invocation_description_sha256: z
+        .string()
+        .regex(/^[0-9a-f]{64}$/, 'invocation_description_sha256 must be a lowercase 64-char hex SHA-256 digest'),
+    hook_event_timestamp: z.string().optional(),
+})
+    .strict();

package/dist/cli/audit-specialists.d.ts

@@ -0,0 +1,113 @@
+/**
+ * `rea audit specialists` — 0.29.0 reader CLI for delegation-telemetry.
+ *
+ * Walks `.rea/audit.jsonl`, filters records by
+ * `tool_name === 'rea.delegation_signal'`, groups by
+ * `metadata.subagent_type`, and prints a table (default) or JSON
+ * document (`--json`).
+ *
+ * # Current-session-only in v1
+ *
+ * v1 has NO `--since` flag and NO `--session=ID` flag. The principal-
+ * engineer scope-cut deferred both to 0.29.1. The filter is:
+ *
+ *   - If `CLAUDE_SESSION_ID` is set, include only records whose
+ *     `metadata.session_id_observed` matches.
+ *   - Otherwise, include all records in the chain and print a note so
+ *     the operator knows what they're seeing.
+ *
+ * # Output shape
+ *
+ *   subagent_type            count   last_seen (UTC)
+ *   rea-orchestrator         12      2026-05-12T21:30:00Z
+ *   code-reviewer             5      2026-05-12T21:28:00Z
+ *   deep-dive                 2      2026-05-12T21:14:00Z
+ *
+ * JSON mode prints `{ session_filter, records, groups }` where
+ * `records` is the raw filtered subset (for piping into jq) and
+ * `groups` is the per-subagent rollup.
+ */
+import type { Command } from 'commander';
+import { type DelegationTool } from '../audit/delegation-event.js';
+export interface AuditSpecialistsOptions {
+    /** Emit a single JSON document on stdout instead of the table. */
+    json?: boolean;
+    /**
+     * Override session filtering. Production callers omit (the CLI reads
+     * `CLAUDE_SESSION_ID` from the env). Tests set this so they don't
+     * mutate `process.env`.
+     *
+     * - `string` → filter to records whose `session_id_observed` matches.
+     * - `null`   → no filter (show all records).
+     * - `undefined` → derive from env.
+     */
+    sessionFilter?: string | null;
+    /** Override CWD. Tests set this; production uses `process.cwd()`. */
+    baseDir?: string;
+}
+interface DelegationGroup {
+    subagent_type: string;
+    count: number;
+    /** Latest envelope timestamp seen in the group. */
+    last_seen: string;
+    /** Breakdown of which delegation_tool fired (Agent vs. Skill). */
+    by_tool: Record<DelegationTool, number>;
+}
+interface DelegationRecord {
+    timestamp: string;
+    session_id_observed: string;
+    delegation_tool: DelegationTool;
+    subagent_type: string;
+    parent_subagent_type: string | null;
+    invocation_description_sha256: string;
+    hook_event_timestamp?: string;
+}
+interface AuditSpecialistsResult {
+    /** Which session filter was applied. `null` means "no filter". */
+    session_filter: string | null;
+    /** Was the filter derived from `CLAUDE_SESSION_ID` env? Informational. */
+    session_filter_source: 'env' | 'option' | 'none';
+    /** Raw matched records, in chain order. */
+    records: DelegationRecord[];
+    /** Per-subagent rollups, sorted by descending count then by name. */
+    groups: DelegationGroup[];
+    /**
+     * Files actually walked. v1 only walks `.rea/audit.jsonl`; future
+     * `--since` rotated-file support extends this.
+     */
+    files_scanned: string[];
+}
+/**
+ * Read the audit file and return delegation records (filtered + parsed
+ * into a reader-friendly shape). Malformed lines are skipped silently
+ * — `rea audit verify` is the right tool for chain integrity.
+ */
+export declare function loadDelegationRecords(baseDir: string, sessionFilter: string | null): Promise<{
+    records: DelegationRecord[];
+    filesScanned: string[];
+}>;
+/**
+ * Group records by `subagent_type`. Sorts by descending count, then
+ * alphabetical on tie. `last_seen` is the latest envelope timestamp in
+ * the group.
+ */
+export declare function groupBySubagent(records: DelegationRecord[]): DelegationGroup[];
+/**
+ * Computation-only entrypoint. Returns the full result so callers
+ * (CLI, tests) can render or assert. `runAuditSpecialists` is the thin
+ * commander wrapper that prints + exits.
+ */
+export declare function computeAuditSpecialists(options?: AuditSpecialistsOptions): Promise<AuditSpecialistsResult>;
+/**
+ * Commander entrypoint. Reads, renders, exits 0. The CLI is read-only
+ * — no audit-chain writes, no exit-code-as-verdict semantics.
+ */
+export declare function runAuditSpecialists(options: AuditSpecialistsOptions): Promise<void>;
+/**
+ * Attach the `specialists` subcommand to the `rea audit` command group.
+ * Exported as a registrar so `src/cli/index.ts` can wire it next to the
+ * existing `rotate` and `verify` subcommands without leaking commander
+ * knowledge into this module.
+ */
+export declare function registerAuditSpecialistsSubcommand(auditCommand: Command): void;
+export {};