@bookedsolid/rea 0.28.2 → 0.30.0

package/dist/audit/delegation-event.js

@@ -0,0 +1,113 @@
+/**
+ * Single source of truth for the `rea.delegation_signal` audit event shape
+ * (0.29.0+).
+ *
+ * 0.29.0 — delegation-telemetry MVP. Claude Code's PreToolUse hook tree
+ * gains a new matcher (`Agent|Skill`) that pipes a redacted, hashed
+ * record of every subagent dispatch and skill invocation into
+ * `.rea/audit.jsonl`. The signal is observational, not gating — it
+ * answers "which specialists is this session actually delegating to,
+ * and how often" without altering the autonomy tree.
+ *
+ * # The two delegation tools
+ *
+ * Current Claude Code exposes exactly two delegation surfaces:
+ *
+ *   - `Agent` — dispatches a curated subagent (rea-orchestrator,
+ *     code-reviewer, …). The agent name is at
+ *     `tool_input.subagent_type`.
+ *   - `Skill` — invokes a named skill (deep-dive, /loop, …). The skill
+ *     name is at `tool_input.skill`.
+ *
+ * mcp-protocol-specialist verified BOTH payload paths against current
+ * Claude Code. A Skill that internally forks an Agent fires PreToolUse
+ * TWICE (Skill then Agent) for the same logical action; v1 records
+ * both — deduplication lives in the reader, not the writer.
+ *
+ * # Not `Task`
+ *
+ * In current Claude Code the tools are `Agent` and `Skill`. The names
+ * `TaskCreate`/`TaskList`/`TaskUpdate` belong to the unrelated todo-list
+ * tool surface and MUST NOT match. The settings.json matcher is
+ * `Agent|Skill` everywhere — anchored on a `^…$` boundary by the hook
+ * runtime, so `Agent` doesn't accidentally collide with hypothetical
+ * future tools named `Agentic…`.
+ *
+ * # Privacy invariant
+ *
+ * The raw `description` / `prompt` payload NEVER touches `.rea/audit.jsonl`
+ * — only its SHA-256 hash. The hash is collision-resistant identification
+ * (two identical prompts produce identical hashes, enabling
+ * delegation-pattern discovery) without persisting prompt content.
+ *
+ * The agent / skill name field DOES land in the audit log, but is run
+ * through `redactSecrets` first. A subagent_type that contains a
+ * planted credential string (synthetic AWS key, GitHub token, …) is
+ * replaced with `[REDACTED]` and the matching pattern names are
+ * appended to the record's `redacted_fields` envelope.
+ *
+ * # Provider seam (kept tiny)
+ *
+ * Unlike `rea.local_review`, this event does NOT have a `provider`
+ * field. The producer is always Claude Code's hook runtime and the
+ * `emission_source: 'rea-cli'` envelope is sufficient. If a future
+ * runtime (e.g. another agent host) wants to emit signals through the
+ * same channel, it writes the same shape with the same tool_name and
+ * relies on `session_id_observed` / `delegation_tool` for
+ * disambiguation.
+ *
+ * # Schema version
+ *
+ * The literal `schema_version: 1` is part of the metadata payload. Zod
+ * strict-mode rejects unknown fields, so a future v2 producer writing
+ * v2-only fields against a v1 consumer fails-loud rather than silently
+ * dropping data. Readers filter by `tool_name === 'rea.delegation_signal'`
+ * AND `metadata.schema_version === 1`.
+ */
+import { z } from 'zod';
+/**
+ * Canonical `tool_name` on the audit record envelope. Readers filter on
+ * this exact literal — anything else is a different event class.
+ */
+export const DELEGATION_SIGNAL_TOOL_NAME = 'rea.delegation_signal';
+/**
+ * `server_name` envelope value. The signal originates from Claude Code's
+ * hook runtime, captured by `rea hook delegation-signal` and appended
+ * via the public audit-record API. Naming it `claude-code-hooks` makes
+ * the producer surface unambiguous in forensic queries (vs.
+ * `'rea'` which is used for first-party rea CLI events like
+ * `rea.local_review`).
+ */
+export const DELEGATION_SIGNAL_SERVER_NAME = 'claude-code-hooks';
+/**
+ * Schema version literal. Bumped only when the metadata shape gains a
+ * non-backwards-compatible change. Adding optional fields does NOT bump
+ * the version — zod's strict mode rejects them, so any new field MUST
+ * either ship with a major-version bump OR have its zod parser updated
+ * in lockstep.
+ */
+export const DELEGATION_SIGNAL_SCHEMA_VERSION = 1;
+/**
+ * Strict-mode zod schema for the metadata payload. Unknown fields are
+ * rejected — a future v2 producer must bump `DELEGATION_SIGNAL_SCHEMA_VERSION`
+ * AND update this schema in the same commit, otherwise v1 readers fail
+ * loud rather than silently dropping new fields.
+ *
+ * The schema is exported so the CLI subcommand validates its OWN
+ * emitted metadata before passing it to `appendAuditRecord` — defense
+ * in depth against a future refactor that wires the field set
+ * incorrectly. (Same posture as `loadPolicy` self-validation.)
+ */
+export const DelegationSignalMetadataSchema = z
+    .object({
+    schema_version: z.literal(DELEGATION_SIGNAL_SCHEMA_VERSION),
+    delegation_tool: z.union([z.literal('Agent'), z.literal('Skill')]),
+    subagent_type: z.string(),
+    session_id_observed: z.string(),
+    parent_subagent_type: z.union([z.string(), z.null()]),
+    invocation_description_sha256: z
+        .string()
+        .regex(/^[0-9a-f]{64}$/, 'invocation_description_sha256 must be a lowercase 64-char hex SHA-256 digest'),
+    hook_event_timestamp: z.string().optional(),
+})
+    .strict();

package/dist/cli/audit-specialists.d.ts

@@ -0,0 +1,113 @@
+/**
+ * `rea audit specialists` — 0.29.0 reader CLI for delegation-telemetry.
+ *
+ * Walks `.rea/audit.jsonl`, filters records by
+ * `tool_name === 'rea.delegation_signal'`, groups by
+ * `metadata.subagent_type`, and prints a table (default) or JSON
+ * document (`--json`).
+ *
+ * # Current-session-only in v1
+ *
+ * v1 has NO `--since` flag and NO `--session=ID` flag. The principal-
+ * engineer scope-cut deferred both to 0.29.1. The filter is:
+ *
+ *   - If `CLAUDE_SESSION_ID` is set, include only records whose
+ *     `metadata.session_id_observed` matches.
+ *   - Otherwise, include all records in the chain and print a note so
+ *     the operator knows what they're seeing.
+ *
+ * # Output shape
+ *
+ *   subagent_type            count   last_seen (UTC)
+ *   rea-orchestrator         12      2026-05-12T21:30:00Z
+ *   code-reviewer             5      2026-05-12T21:28:00Z
+ *   deep-dive                 2      2026-05-12T21:14:00Z
+ *
+ * JSON mode prints `{ session_filter, records, groups }` where
+ * `records` is the raw filtered subset (for piping into jq) and
+ * `groups` is the per-subagent rollup.
+ */
+import type { Command } from 'commander';
+import { type DelegationTool } from '../audit/delegation-event.js';
+export interface AuditSpecialistsOptions {
+    /** Emit a single JSON document on stdout instead of the table. */
+    json?: boolean;
+    /**
+     * Override session filtering. Production callers omit (the CLI reads
+     * `CLAUDE_SESSION_ID` from the env). Tests set this so they don't
+     * mutate `process.env`.
+     *
+     * - `string` → filter to records whose `session_id_observed` matches.
+     * - `null`   → no filter (show all records).
+     * - `undefined` → derive from env.
+     */
+    sessionFilter?: string | null;
+    /** Override CWD. Tests set this; production uses `process.cwd()`. */
+    baseDir?: string;
+}
+interface DelegationGroup {
+    subagent_type: string;
+    count: number;
+    /** Latest envelope timestamp seen in the group. */
+    last_seen: string;
+    /** Breakdown of which delegation_tool fired (Agent vs. Skill). */
+    by_tool: Record<DelegationTool, number>;
+}
+interface DelegationRecord {
+    timestamp: string;
+    session_id_observed: string;
+    delegation_tool: DelegationTool;
+    subagent_type: string;
+    parent_subagent_type: string | null;
+    invocation_description_sha256: string;
+    hook_event_timestamp?: string;
+}
+interface AuditSpecialistsResult {
+    /** Which session filter was applied. `null` means "no filter". */
+    session_filter: string | null;
+    /** Was the filter derived from `CLAUDE_SESSION_ID` env? Informational. */
+    session_filter_source: 'env' | 'option' | 'none';
+    /** Raw matched records, in chain order. */
+    records: DelegationRecord[];
+    /** Per-subagent rollups, sorted by descending count then by name. */
+    groups: DelegationGroup[];
+    /**
+     * Files actually walked. v1 only walks `.rea/audit.jsonl`; future
+     * `--since` rotated-file support extends this.
+     */
+    files_scanned: string[];
+}
+/**
+ * Read the audit file and return delegation records (filtered + parsed
+ * into a reader-friendly shape). Malformed lines are skipped silently
+ * — `rea audit verify` is the right tool for chain integrity.
+ */
+export declare function loadDelegationRecords(baseDir: string, sessionFilter: string | null): Promise<{
+    records: DelegationRecord[];
+    filesScanned: string[];
+}>;
+/**
+ * Group records by `subagent_type`. Sorts by descending count, then
+ * alphabetical on tie. `last_seen` is the latest envelope timestamp in
+ * the group.
+ */
+export declare function groupBySubagent(records: DelegationRecord[]): DelegationGroup[];
+/**
+ * Computation-only entrypoint. Returns the full result so callers
+ * (CLI, tests) can render or assert. `runAuditSpecialists` is the thin
+ * commander wrapper that prints + exits.
+ */
+export declare function computeAuditSpecialists(options?: AuditSpecialistsOptions): Promise<AuditSpecialistsResult>;
+/**
+ * Commander entrypoint. Reads, renders, exits 0. The CLI is read-only
+ * — no audit-chain writes, no exit-code-as-verdict semantics.
+ */
+export declare function runAuditSpecialists(options: AuditSpecialistsOptions): Promise<void>;
+/**
+ * Attach the `specialists` subcommand to the `rea audit` command group.
+ * Exported as a registrar so `src/cli/index.ts` can wire it next to the
+ * existing `rotate` and `verify` subcommands without leaking commander
+ * knowledge into this module.
+ */
+export declare function registerAuditSpecialistsSubcommand(auditCommand: Command): void;
+export {};

package/dist/cli/audit-specialists.js

@@ -0,0 +1,220 @@
+/**
+ * `rea audit specialists` — 0.29.0 reader CLI for delegation-telemetry.
+ *
+ * Walks `.rea/audit.jsonl`, filters records by
+ * `tool_name === 'rea.delegation_signal'`, groups by
+ * `metadata.subagent_type`, and prints a table (default) or JSON
+ * document (`--json`).
+ *
+ * # Current-session-only in v1
+ *
+ * v1 has NO `--since` flag and NO `--session=ID` flag. The principal-
+ * engineer scope-cut deferred both to 0.29.1. The filter is:
+ *
+ *   - If `CLAUDE_SESSION_ID` is set, include only records whose
+ *     `metadata.session_id_observed` matches.
+ *   - Otherwise, include all records in the chain and print a note so
+ *     the operator knows what they're seeing.
+ *
+ * # Output shape
+ *
+ *   subagent_type            count   last_seen (UTC)
+ *   rea-orchestrator         12      2026-05-12T21:30:00Z
+ *   code-reviewer             5      2026-05-12T21:28:00Z
+ *   deep-dive                 2      2026-05-12T21:14:00Z
+ *
+ * JSON mode prints `{ session_filter, records, groups }` where
+ * `records` is the raw filtered subset (for piping into jq) and
+ * `groups` is the per-subagent rollup.
+ */
+import fs from 'node:fs/promises';
+import path from 'node:path';
+import { DELEGATION_SIGNAL_TOOL_NAME, DELEGATION_SIGNAL_SCHEMA_VERSION, } from '../audit/delegation-event.js';
+import { AUDIT_FILE, REA_DIR, log } from './utils.js';
+/**
+ * Type guard for a record that has the delegation-signal shape. Skips
+ * envelope shape validation (zod runs at write time); checks only the
+ * fields the reader actually uses.
+ */
+function isDelegationRecord(r) {
+    if (r.tool_name !== DELEGATION_SIGNAL_TOOL_NAME)
+        return false;
+    const m = r.metadata;
+    if (m === undefined)
+        return false;
+    if (m.schema_version !== DELEGATION_SIGNAL_SCHEMA_VERSION)
+        return false;
+    if (m.delegation_tool !== 'Agent' && m.delegation_tool !== 'Skill')
+        return false;
+    if (typeof m.subagent_type !== 'string')
+        return false;
+    return true;
+}
+/**
+ * Read the audit file and return delegation records (filtered + parsed
+ * into a reader-friendly shape). Malformed lines are skipped silently
+ * — `rea audit verify` is the right tool for chain integrity.
+ */
+export async function loadDelegationRecords(baseDir, sessionFilter) {
+    const auditFile = path.join(baseDir, REA_DIR, AUDIT_FILE);
+    let raw;
+    try {
+        raw = await fs.readFile(auditFile, 'utf8');
+    }
+    catch (e) {
+        if (e.code === 'ENOENT') {
+            return { records: [], filesScanned: [] };
+        }
+        throw e;
+    }
+    const records = [];
+    for (const line of raw.split('\n')) {
+        if (line.length === 0)
+            continue;
+        let parsed;
+        try {
+            parsed = JSON.parse(line);
+        }
+        catch {
+            continue;
+        }
+        if (!isDelegationRecord(parsed))
+            continue;
+        const m = parsed.metadata;
+        if (sessionFilter !== null && m.session_id_observed !== sessionFilter)
+            continue;
+        const rec = {
+            timestamp: parsed.timestamp,
+            session_id_observed: m.session_id_observed,
+            delegation_tool: m.delegation_tool,
+            subagent_type: m.subagent_type,
+            parent_subagent_type: m.parent_subagent_type,
+            invocation_description_sha256: m.invocation_description_sha256,
+            ...(m.hook_event_timestamp !== undefined
+                ? { hook_event_timestamp: m.hook_event_timestamp }
+                : {}),
+        };
+        records.push(rec);
+    }
+    return { records, filesScanned: [auditFile] };
+}
+/**
+ * Group records by `subagent_type`. Sorts by descending count, then
+ * alphabetical on tie. `last_seen` is the latest envelope timestamp in
+ * the group.
+ */
+export function groupBySubagent(records) {
+    const byName = new Map();
+    for (const r of records) {
+        let g = byName.get(r.subagent_type);
+        if (g === undefined) {
+            g = {
+                subagent_type: r.subagent_type,
+                count: 0,
+                last_seen: r.timestamp,
+                by_tool: { Agent: 0, Skill: 0 },
+            };
+            byName.set(r.subagent_type, g);
+        }
+        g.count += 1;
+        g.by_tool[r.delegation_tool] += 1;
+        if (r.timestamp > g.last_seen)
+            g.last_seen = r.timestamp;
+    }
+    return Array.from(byName.values()).sort((a, b) => {
+        if (b.count !== a.count)
+            return b.count - a.count;
+        return a.subagent_type.localeCompare(b.subagent_type);
+    });
+}
+/**
+ * Computation-only entrypoint. Returns the full result so callers
+ * (CLI, tests) can render or assert. `runAuditSpecialists` is the thin
+ * commander wrapper that prints + exits.
+ */
+export async function computeAuditSpecialists(options = {}) {
+    const baseDir = options.baseDir ?? process.cwd();
+    let sessionFilter;
+    let source;
+    if (options.sessionFilter === undefined) {
+        const envId = process.env['CLAUDE_SESSION_ID'];
+        if (typeof envId === 'string' && envId.length > 0) {
+            sessionFilter = envId;
+            source = 'env';
+        }
+        else {
+            sessionFilter = null;
+            source = 'none';
+        }
+    }
+    else {
+        sessionFilter = options.sessionFilter;
+        source = options.sessionFilter === null ? 'none' : 'option';
+    }
+    const { records, filesScanned } = await loadDelegationRecords(baseDir, sessionFilter);
+    const groups = groupBySubagent(records);
+    return {
+        session_filter: sessionFilter,
+        session_filter_source: source,
+        records,
+        groups,
+        files_scanned: filesScanned,
+    };
+}
+function renderTable(result) {
+    if (result.groups.length === 0) {
+        const note = result.session_filter !== null
+            ? `No delegation signals recorded for session ${result.session_filter}.`
+            : 'No delegation signals recorded.';
+        return `${note}\n  (Records are written by the .claude/hooks/delegation-capture.sh PreToolUse hook on every Agent/Skill dispatch.)\n`;
+    }
+    const headers = ['subagent_type', 'count', 'agent', 'skill', 'last_seen (UTC)'];
+    const rows = result.groups.map((g) => [
+        g.subagent_type,
+        String(g.count),
+        String(g.by_tool.Agent),
+        String(g.by_tool.Skill),
+        g.last_seen,
+    ]);
+    const widths = headers.map((h, i) => Math.max(h.length, ...rows.map((r) => (r[i] ?? '').length)));
+    const lines = [];
+    lines.push(headers.map((h, i) => h.padEnd(widths[i])).join('  '));
+    lines.push(widths.map((w) => '-'.repeat(w)).join('  '));
+    for (const row of rows) {
+        lines.push(row.map((c, i) => c.padEnd(widths[i])).join('  '));
+    }
+    return lines.join('\n') + '\n';
+}
+/**
+ * Commander entrypoint. Reads, renders, exits 0. The CLI is read-only
+ * — no audit-chain writes, no exit-code-as-verdict semantics.
+ */
+export async function runAuditSpecialists(options) {
+    const result = await computeAuditSpecialists(options);
+    if (options.json === true) {
+        process.stdout.write(JSON.stringify(result, null, 2) + '\n');
+        return;
+    }
+    if (result.session_filter !== null) {
+        log(`Delegation signals (session=${result.session_filter}, source=${result.session_filter_source}):`);
+    }
+    else {
+        log('Delegation signals (no session filter — set $CLAUDE_SESSION_ID to scope; v1 omits --since / --session by design):');
+    }
+    process.stdout.write(renderTable(result));
+}
+/**
+ * Attach the `specialists` subcommand to the `rea audit` command group.
+ * Exported as a registrar so `src/cli/index.ts` can wire it next to the
+ * existing `rotate` and `verify` subcommands without leaking commander
+ * knowledge into this module.
+ */
+export function registerAuditSpecialistsSubcommand(auditCommand) {
+    auditCommand
+        .command('specialists')
+        .description('Summarize `rea.delegation_signal` audit records — counts per subagent / skill, last-seen timestamps, agent-vs-skill breakdown. Reads only the current `.rea/audit.jsonl`. Honors $CLAUDE_SESSION_ID for current-session filtering. v1 omits --since / --session by design (deferred to 0.29.1).')
+        .option('--json', 'emit JSON (records + groups) instead of the human-readable table. Composes with jq.')
+        .action(async (opts) => {
+        await runAuditSpecialists({ ...(opts.json === true ? { json: true } : {}) });
+    });
+}

package/dist/cli/doctor.d.ts

@@ -19,6 +19,44 @@ export interface CheckResult {
  * Exported so tests can drive this without spinning up the full `runDoctor`.
  */
 export declare function checkFingerprintStore(baseDir: string): Promise<CheckResult>;
+/**
+ * 0.30.0 (Class M settings.json schema) — `EXPECTED_HOOKS` is exported
+ * so the schema validator at `src/config/settings-schema.ts` can
+ * cross-check rea-shipped hook filenames against entries it sees in
+ * a consumer's `.claude/settings.json`. The validator's `--strict`
+ * mode FAILS when a known rea-managed hook is missing from the
+ * consumer's registration; default mode logs a warn.
+ */
+export declare const EXPECTED_AGENTS: string[];
+export declare const EXPECTED_HOOKS: string[];
+/**
+ * 0.30.0 Class M — validate `.claude/settings.json` against the zod
+ * schema in `src/config/settings-schema.ts`.
+ *
+ * Status posture:
+ *
+ *   - `strict: false` (default `rea doctor`) — emit a warn when:
+ *       - zod parse fails (unknown top-level key, missing matcher,
+ *         malformed hook entry, etc.),
+ *       - any `command` contains a `..` traversal after stripping
+ *         `$CLAUDE_PROJECT_DIR`,
+ *       - any rea-shipped hook from `EXPECTED_HOOKS` is missing from
+ *         the consumer's registrations.
+ *     The harness keeps working — the schema only refuses to call
+ *     malformed hook entries; we surface the issue without breaking
+ *     the install.
+ *
+ *   - `strict: true` (`rea doctor --strict`) — fail (hard) on the
+ *     same conditions. Used by CI gates that want a hard floor on
+ *     consumer settings.
+ *
+ * Returns `pass` when everything cleared. Returns one `CheckResult`
+ * per concern; called once and emits one result. Combined with the
+ * existing `checkSettingsJson` (which checks for the historical Bash
+ * + Write|Edit|MultiEdit|NotebookEdit matchers), gives consumers a
+ * complete picture.
+ */
+export declare function checkSettingsSchema(baseDir: string, strict: boolean): CheckResult;
 /**
  * Detect whether `baseDir` is a git repository. Returns true for the three
  * shapes git itself accepts:
@@ -46,6 +84,7 @@ export declare function checkFingerprintStore(baseDir: string): Promise<CheckRes
  * NOT a trust boundary. Do not key security decisions on the return value.
  */
 export declare function isGitRepo(baseDir: string): boolean;
+export declare function checkPrepareCommitMsgHook(baseDir: string): CheckResult;
 /**
  * Hard-fail when `policy.review.codex_required: true` but the `codex`
  * binary is not on PATH. Pre-0.12.0 this prereq surfaced only at first
@@ -65,6 +104,63 @@ export declare function checkCodexBinaryOnPath(): CheckResult;
  * the real probe.
  */
 export declare function checksFromProbeState(state: CodexProbeState): CheckResult[];
+/**
+ * 0.29.0 — verify the delegation-capture hook is registered in
+ * `.claude/settings.json` under PreToolUse with matcher `Agent|Skill`
+ * AND that the hook file exists at the expected dogfood path.
+ *
+ * Status posture for 0.29.0:
+ *
+ * The 0.29.0 release introduces a new desired-hook entry in
+ * `defaultDesiredHooks()` that `rea init` and `rea upgrade` will merge
+ * into consumer `.claude/settings.json` files. Existing consumer
+ * installs (and this repo's own dogfood, which is locked from
+ * agent-driven edits by `settings-protection.sh`) won't have the
+ * matcher registered until the operator runs `rea upgrade`.
+ *
+ * To keep the upgrade-lag period from breaking `rea doctor`, the
+ * check is `warn` (not `fail`) for 0.29.0. The detail message names
+ * the exact command to fix and points at the canonical
+ * `delegation-capture.sh` install. After 0.29.0+1 consumer-install
+ * cycles have propagated, this should be promoted to `fail` so a
+ * skipped upgrade is loud rather than silent. Codex round 2 P2
+ * (2026-05-12).
+ *
+ * Hook-file presence is verified separately by `checkHooksInstalled`
+ * via `EXPECTED_HOOKS` — that path stays at the hard-`fail` posture
+ * because file presence is part of the install manifest and doesn't
+ * suffer the same template-propagation lag.
+ */
+export declare function checkDelegationHookRegistered(baseDir: string): CheckResult;
+/**
+ * 0.29.0 — synthetic round-trip of the delegation-signal audit path.
+ * Drives a synthetic Claude Code PreToolUse hook payload through the
+ * REAL `rea hook delegation-signal` CLI by spawning a child process
+ * (same path the shell hook hits) and asserts:
+ *
+ *   - The CLI exited 0.
+ *   - A new `rea.delegation_signal` record landed on disk.
+ *   - The record's metadata contains the probe tag (so we don't
+ *     mistakenly attribute an existing record to our run).
+ *   - Chain integrity holds (recomputed hash == stored hash).
+ *
+ * Codex round 1 P2 (2026-05-12): the previous implementation called
+ * `appendAuditRecord()` directly — short-circuiting stdin parsing,
+ * SHA-256 hashing, redact-secrets timing, and the `process.exit`
+ * ordering that round 1's P1 exposed. That made the smoke check
+ * report success even when the real production path was broken.
+ *
+ * This rewrite exercises the same surface the `Agent|Skill`
+ * PreToolUse hook does in production, so future regressions in
+ * stdin parsing, hashing, redaction, or process-lifecycle behavior
+ * fail the smoke check loudly.
+ *
+ * Gated behind `--smoke` so a casual `rea doctor` doesn't write
+ * probe records on every invocation. Operators run
+ * `rea doctor --smoke` after install / upgrade to confirm the
+ * pipeline is wired end-to-end.
+ */
+export declare function checkDelegationRoundTrip(baseDir: string): Promise<CheckResult>;
 /**
  * Assemble the full checklist for a given baseDir. Exported so tests can
  * exercise the conditional branching without capturing stdout from
@@ -80,7 +176,9 @@ export declare function checksFromProbeState(state: CodexProbeState): CheckResul
  *
  * `activeForeign` always yields `fail` — a foreign hook bypassing the gate is a hard governance gap.
  */
-export declare function collectChecks(baseDir: string, codexProbeState?: CodexProbeState, prePushState?: PrePushDoctorState): CheckResult[];
+export declare function collectChecks(baseDir: string, codexProbeState?: CodexProbeState, prePushState?: PrePushDoctorState, options?: {
+    strict?: boolean;
+}): CheckResult[];
 export interface RunDoctorOptions {
     /** When true, print a 7-day telemetry summary after the checks (G11.5). */
     metrics?: boolean;
@@ -91,6 +189,21 @@ export interface RunDoctorOptions {
      * `rea upgrade` to reconcile).
      */
     drift?: boolean;
+    /**
+     * 0.29.0 — when true, run the synthetic delegation-signal round-trip
+     * check. Writes a probe `rea.delegation_signal` audit record (with
+     * the doctor-smoke session id) and verifies chain integrity. Gated
+     * behind a flag so casual `rea doctor` invocations don't pollute the
+     * audit log with probe records.
+     */
+    smoke?: boolean;
+    /**
+     * 0.30.0 — when true, every advisory check (settings.json schema
+     * cross-check, prepare-commit-msg foreign-hook warn, etc.) is
+     * promoted to hard fail. Used by CI gates that want a strict floor
+     * on consumer installs. Default `false`.
+     */
+    strict?: boolean;
 }
 export interface DriftRow {
     path: string;