@checkstack/incident-backend 1.5.0 → 1.6.1

package/src/ai/incident-add-update.test.ts

@@ -0,0 +1,56 @@
+import { describe, expect, test, mock } from "bun:test";
+import type { AuthUser, RpcClient } from "@checkstack/backend-api";
+import type { AddIncidentUpdateInput } from "@checkstack/incident-common";
+import { createIncidentAddUpdateTool } from "./incident-add-update";
+
+const principal: AuthUser = {
+  type: "user",
+  id: "u1",
+  accessRules: ["incident.incident.manage"],
+};
+
+const input: AddIncidentUpdateInput = {
+  incidentId: "inc1",
+  message: "We identified the root cause",
+  statusChange: "identified",
+};
+
+function fakeRpcClient({
+  addUpdate,
+}: {
+  addUpdate: ReturnType<typeof mock>;
+}): RpcClient {
+  return {
+    forPlugin: () => ({ addUpdate }),
+  } as unknown as RpcClient;
+}
+
+describe("incident.addUpdate tool", () => {
+  test("declares mutate effect + the manage rule", () => {
+    const tool = createIncidentAddUpdateTool();
+    expect(tool.name).toBe("incident.addUpdate");
+    expect(tool.effect).toBe("mutate");
+    expect(tool.requiredAccessRules).toEqual(["incident.incident.manage"]);
+    expect(typeof tool.dryRun).toBe("function");
+  });
+
+  test("dryRun returns a payload and NEVER posts the update", async () => {
+    const addUpdate = mock(() => Promise.resolve({}));
+    const rpcClient = fakeRpcClient({ addUpdate });
+    const tool = createIncidentAddUpdateTool();
+    const preview = await tool.dryRun!({ input, principal, rpcClient });
+    expect(addUpdate).not.toHaveBeenCalled();
+    expect(preview.summary).toContain("identified");
+    expect(preview.payload).toEqual(input);
+  });
+
+  test("execute (apply) posts via addUpdate", async () => {
+    const created = { id: "upd1", ...input, createdAt: new Date() };
+    const addUpdate = mock(() => Promise.resolve(created));
+    const rpcClient = fakeRpcClient({ addUpdate });
+    const tool = createIncidentAddUpdateTool();
+    const result = await tool.execute({ input, principal, rpcClient });
+    expect(addUpdate).toHaveBeenCalledWith(input);
+    expect(result.update).toEqual(created);
+  });
+});

package/src/ai/incident-add-update.ts

@@ -0,0 +1,66 @@
+import { qualifyAccessRuleId } from "@checkstack/common";
+import type { RpcClient, AuthUser } from "@checkstack/backend-api";
+import {
+  IncidentApi,
+  incidentAccess,
+  pluginMetadata,
+  AddIncidentUpdateInputSchema,
+  type AddIncidentUpdateInput,
+  type IncidentUpdate,
+} from "@checkstack/incident-common";
+import type { AiProposalPreview } from "@checkstack/ai-common";
+import type { RegisteredAiTool } from "@checkstack/ai-backend";
+
+/** Output returned once a human applies the update post (the new update). */
+export interface IncidentAddUpdateApplyResult {
+  update: IncidentUpdate;
+}
+
+/**
+ * `incident.addUpdate` - post a status update (timeline entry) to an incident,
+ * optionally changing its status.
+ *
+ * `effect: "mutate"` - appending an update is a non-destructive change, so it
+ * auto-applies in AUTO mode and is confirm-gated in APPROVE mode. `dryRun`
+ * returns the captured payload for human review WITHOUT mutating; `execute`
+ * (reached only via `apply`) posts the update. The underlying RPC uses the
+ * USER-SCOPED client passed at call time, so handler-side authorization is
+ * enforced exactly as a direct UI/RPC call.
+ */
+export function createIncidentAddUpdateTool(): RegisteredAiTool<
+  AddIncidentUpdateInput,
+  IncidentAddUpdateApplyResult
+> {
+  const dryRun = async ({
+    input,
+  }: {
+    input: AddIncidentUpdateInput;
+    principal: AuthUser;
+    rpcClient: RpcClient;
+  }): Promise<AiProposalPreview<AddIncidentUpdateInput>> => {
+    const statusNote = input.statusChange
+      ? ` and set status to "${input.statusChange}"`
+      : "";
+    return {
+      summary: `Post an update to incident ${input.incidentId}${statusNote}.`,
+      payload: input,
+    };
+  };
+
+  return {
+    name: "incident.addUpdate",
+    description:
+      "Post a status update (timeline entry) to an incident, optionally changing its status (investigating/identified/fixing/monitoring/resolved). Never posts directly; a person must approve unless the conversation is in auto mode. Find the incidentId with the incident read tools first.",
+    effect: "mutate",
+    input: AddIncidentUpdateInputSchema,
+    requiredAccessRules: [
+      qualifyAccessRuleId(pluginMetadata, incidentAccess.incident.manage),
+    ],
+    dryRun,
+    async execute({ input, rpcClient }) {
+      const incidentClient = rpcClient.forPlugin(IncidentApi);
+      const update = await incidentClient.addUpdate(input);
+      return { update };
+    },
+  };
+}

package/src/ai/incident-create.test.ts

@@ -0,0 +1,70 @@
+import { describe, expect, test, mock } from "bun:test";
+import type { AuthUser, RpcClient } from "@checkstack/backend-api";
+import type {
+  CreateIncidentInput,
+  IncidentWithSystems,
+} from "@checkstack/incident-common";
+import { createIncidentCreateTool } from "./incident-create";
+
+const principal: AuthUser = {
+  type: "user",
+  id: "u1",
+  accessRules: ["incident.incident.manage"],
+};
+
+const input: CreateIncidentInput = {
+  title: "Checkout is down",
+  severity: "critical",
+  suppressNotifications: false,
+  systemIds: ["sys1", "sys2"],
+};
+
+function fakeRpcClient({
+  createIncident,
+}: {
+  createIncident: ReturnType<typeof mock>;
+}): RpcClient {
+  return {
+    forPlugin: () => ({ createIncident }),
+  } as unknown as RpcClient;
+}
+
+describe("incident.create tool", () => {
+  test("declares mutate effect + the manage rule", () => {
+    const tool = createIncidentCreateTool();
+    expect(tool.name).toBe("incident.create");
+    expect(tool.effect).toBe("mutate");
+    expect(tool.requiredAccessRules).toEqual(["incident.incident.manage"]);
+    expect(typeof tool.dryRun).toBe("function");
+  });
+
+  test("dryRun returns a payload and NEVER creates", async () => {
+    const createIncident = mock(() => Promise.resolve({}));
+    const rpcClient = fakeRpcClient({ createIncident });
+    const tool = createIncidentCreateTool();
+    const preview = await tool.dryRun!({ input, principal, rpcClient });
+    expect(createIncident).not.toHaveBeenCalled();
+    expect(preview.summary).toContain("Checkout is down");
+    expect(preview.payload).toEqual(input);
+  });
+
+  test("execute (apply) creates via createIncident", async () => {
+    const created: IncidentWithSystems = {
+      id: "inc1",
+      title: input.title,
+      description: input.description,
+      status: "investigating",
+      severity: input.severity,
+      suppressNotifications: input.suppressNotifications,
+      systemIds: input.systemIds,
+      createdAt: new Date(),
+      updatedAt: new Date(),
+    };
+    const createIncident = mock(() => Promise.resolve(created));
+    const rpcClient = fakeRpcClient({ createIncident });
+    const tool = createIncidentCreateTool();
+    const result = await tool.execute({ input, principal, rpcClient });
+    expect(createIncident).toHaveBeenCalledWith(input);
+    expect(result.incident).toEqual(created);
+  });
+});

package/src/ai/incident-create.ts

@@ -0,0 +1,65 @@
+import { qualifyAccessRuleId } from "@checkstack/common";
+import type { RpcClient, AuthUser } from "@checkstack/backend-api";
+import {
+  IncidentApi,
+  incidentAccess,
+  pluginMetadata,
+  CreateIncidentInputSchema,
+  type CreateIncidentInput,
+  type IncidentWithSystems,
+} from "@checkstack/incident-common";
+import type { AiProposalPreview } from "@checkstack/ai-common";
+import type { RegisteredAiTool } from "@checkstack/ai-backend";
+
+/** Output returned once a human applies the create (the created incident). */
+export interface IncidentCreateApplyResult {
+  incident: IncidentWithSystems;
+}
+
+/**
+ * `incident.create` - open a new incident affecting one or more systems.
+ *
+ * `effect: "mutate"` - creating an incident is a non-destructive create, so it
+ * auto-applies in AUTO mode and is confirm-gated in APPROVE mode. `dryRun`
+ * returns the captured payload for human review WITHOUT mutating; `execute`
+ * (reached only via `apply`) performs the create. Authorization is the same
+ * `incident.manage` rule the UI create form requires; the underlying RPC uses
+ * the USER-SCOPED client passed at call time, so handler-side authorization
+ * (access rules AND per-resource/team scoping) is enforced exactly as a direct
+ * UI/RPC call.
+ */
+export function createIncidentCreateTool(): RegisteredAiTool<
+  CreateIncidentInput,
+  IncidentCreateApplyResult
+> {
+  const dryRun = async ({
+    input,
+  }: {
+    input: CreateIncidentInput;
+    principal: AuthUser;
+    rpcClient: RpcClient;
+  }): Promise<AiProposalPreview<CreateIncidentInput>> => {
+    const systemCount = input.systemIds.length;
+    return {
+      summary: `Create ${input.severity} incident "${input.title}" affecting ${systemCount} system(s)${input.suppressNotifications ? " (notifications suppressed)" : ""}.`,
+      payload: input,
+    };
+  };
+
+  return {
+    name: "incident.create",
+    description:
+      "Open a new incident affecting one or more systems. Provide a title, severity (minor/major/critical), and the affected systemIds. Never creates directly; a person must approve unless the conversation is in auto mode. Find systemIds with the catalog read tools first.",
+    effect: "mutate",
+    input: CreateIncidentInputSchema,
+    requiredAccessRules: [
+      qualifyAccessRuleId(pluginMetadata, incidentAccess.incident.manage),
+    ],
+    dryRun,
+    async execute({ input, rpcClient }) {
+      const incidentClient = rpcClient.forPlugin(IncidentApi);
+      const incident = await incidentClient.createIncident(input);
+      return { incident };
+    },
+  };
+}

package/src/ai/incident-delete.test.ts

@@ -0,0 +1,88 @@
+import { describe, expect, test, mock } from "bun:test";
+import type { AuthUser, RpcClient } from "@checkstack/backend-api";
+import { createIncidentDeleteTool } from "./incident-delete";
+
+const principal: AuthUser = {
+  type: "user",
+  id: "u1",
+  accessRules: ["incident.incident.manage"],
+};
+
+const incident = {
+  id: "inc1",
+  title: "Checkout is down",
+  description: undefined,
+  status: "investigating",
+  severity: "critical",
+  suppressNotifications: false,
+  systemIds: ["sys1"],
+  createdAt: new Date(),
+  updatedAt: new Date(),
+  updates: [],
+  links: [],
+};
+
+function fakeRpcClient({
+  getIncident,
+  deleteIncident,
+}: {
+  getIncident: ReturnType<typeof mock>;
+  deleteIncident: ReturnType<typeof mock>;
+}): RpcClient {
+  return {
+    forPlugin: () => ({ getIncident, deleteIncident }),
+  } as unknown as RpcClient;
+}
+
+describe("incident.delete tool", () => {
+  test("declares destructive effect + the manage rule", () => {
+    const tool = createIncidentDeleteTool();
+    expect(tool.name).toBe("incident.delete");
+    expect(tool.effect).toBe("destructive");
+    expect(tool.requiredAccessRules).toEqual(["incident.incident.manage"]);
+    expect(typeof tool.dryRun).toBe("function");
+  });
+
+  test("dryRun resolves the target and NEVER deletes", async () => {
+    const getIncident = mock(() => Promise.resolve(incident));
+    const deleteIncident = mock(() => Promise.resolve({ success: true }));
+    const rpcClient = fakeRpcClient({ getIncident, deleteIncident });
+    const tool = createIncidentDeleteTool();
+    const preview = await tool.dryRun!({
+      input: { id: "inc1" },
+      principal,
+      rpcClient,
+    });
+    expect(deleteIncident).not.toHaveBeenCalled();
+    expect(preview.summary).toContain("Checkout is down");
+    expect(preview.summary).toContain("permanent");
+    expect(preview.payload).toEqual({ id: "inc1" });
+  });
+
+  test("dryRun throws a clear error when the id is unknown", async () => {
+    const rpcClient = fakeRpcClient({
+      getIncident: mock(() => Promise.resolve(null)),
+      deleteIncident: mock(),
+    });
+    const tool = createIncidentDeleteTool();
+    await expect(
+      tool.dryRun!({ input: { id: "nope" }, principal, rpcClient }),
+    ).rejects.toThrow(/No incident found/);
+  });
+
+  test("execute (apply) deletes via deleteIncident with {id}", async () => {
+    const deleteIncident = mock(() => Promise.resolve({ success: true }));
+    const rpcClient = fakeRpcClient({
+      getIncident: mock(() => Promise.resolve(incident)),
+      deleteIncident,
+    });
+    const tool = createIncidentDeleteTool();
+    const result = await tool.execute({
+      input: { id: "inc1" },
+      principal,
+      rpcClient,
+    });
+    expect(deleteIncident).toHaveBeenCalledWith({ id: "inc1" });
+    expect(result).toEqual({ id: "inc1", deleted: true });
+  });
+});

package/src/ai/incident-delete.ts

@@ -0,0 +1,76 @@
+import { z } from "zod";
+import { qualifyAccessRuleId } from "@checkstack/common";
+import type { RpcClient, AuthUser } from "@checkstack/backend-api";
+import {
+  IncidentApi,
+  incidentAccess,
+  pluginMetadata,
+} from "@checkstack/incident-common";
+import type { AiProposalPreview } from "@checkstack/ai-common";
+import type { RegisteredAiTool } from "@checkstack/ai-backend";
+
+/** Input for `incident.delete`: the incident id to remove. */
+export const IncidentDeleteInputSchema = z.object({
+  id: z.string(),
+});
+export type IncidentDeleteInput = z.infer<typeof IncidentDeleteInputSchema>;
+
+/** Output returned once a human applies the deletion. */
+export interface IncidentDeleteApplyResult {
+  id: string;
+  deleted: true;
+}
+
+/**
+ * `incident.delete` - permanently delete an incident by id.
+ *
+ * `effect: "destructive"` - deletion is irreversible, so it ALWAYS routes
+ * through the propose/apply confirm card in BOTH permission modes (it can never
+ * auto-apply). `dryRun` resolves the target so the confirm card names exactly
+ * what will be removed and rejects an unknown id; `execute` (reached only via
+ * `apply`) performs the delete. The underlying RPC uses the USER-SCOPED client
+ * passed at call time, so handler-side authorization is enforced exactly as a
+ * direct UI/RPC call.
+ */
+export function createIncidentDeleteTool(): RegisteredAiTool<
+  IncidentDeleteInput,
+  IncidentDeleteApplyResult
+> {
+  const dryRun = async ({
+    input,
+    rpcClient,
+  }: {
+    input: IncidentDeleteInput;
+    principal: AuthUser;
+    rpcClient: RpcClient;
+  }): Promise<AiProposalPreview<IncidentDeleteInput>> => {
+    const incidentClient = rpcClient.forPlugin(IncidentApi);
+    const incident = await incidentClient.getIncident({ id: input.id });
+    if (!incident) {
+      throw new Error(
+        `No incident found with id "${input.id}". List incidents first to get a valid id.`,
+      );
+    }
+    return {
+      summary: `Delete incident "${incident.title}" (severity ${incident.severity}). This is permanent and also removes its updates, links, and system associations.`,
+      payload: { id: input.id },
+    };
+  };
+
+  return {
+    name: "incident.delete",
+    description:
+      "Delete an incident by id. DESTRUCTIVE and irreversible - it also removes the incident's updates, links, and system associations. Never deletes directly; a person must approve the confirmation. Find the id with the incident read tools first.",
+    effect: "destructive",
+    input: IncidentDeleteInputSchema,
+    requiredAccessRules: [
+      qualifyAccessRuleId(pluginMetadata, incidentAccess.incident.manage),
+    ],
+    dryRun,
+    async execute({ input, rpcClient }) {
+      const incidentClient = rpcClient.forPlugin(IncidentApi);
+      await incidentClient.deleteIncident({ id: input.id });
+      return { id: input.id, deleted: true };
+    },
+  };
+}

package/src/ai/incident-get.projection.test.ts

@@ -0,0 +1,43 @@
+import { describe, expect, test } from "bun:test";
+import {
+  buildProjectedTool,
+  deferredProjectionExecute,
+} from "@checkstack/ai-backend";
+import { qualifyAccessRuleId } from "@checkstack/common";
+import {
+  incidentContract,
+  incidentAccess,
+  pluginMetadata,
+} from "@checkstack/incident-common";
+
+// Build the projected tool with the SAME inputs the plugin exposes via
+// aiToolProjectionExtensionPoint in `index.ts`, and assert the resulting tool
+// carries the source procedure's contract access rules - NOT the chat
+// transport's `ai.chat.read` gate.
+describe("incident.get projection", () => {
+  const tool = buildProjectedTool({
+    procedure: incidentContract.getIncident,
+    sourcePluginMetadata: pluginMetadata,
+    procedureKey: "getIncident",
+    name: "incident.get",
+    description:
+      "Get one incident with its full timeline (updates) and links. Read-only.",
+    effect: "read",
+    execute: deferredProjectionExecute,
+  });
+
+  test("uses the overridden tool name", () => {
+    expect(tool.name).toBe("incident.get");
+  });
+
+  test("is classified as a read-only effect", () => {
+    expect(tool.effect).toBe("read");
+  });
+
+  test("inherits the source procedure's read rule, not the chat gate", () => {
+    expect(tool.requiredAccessRules).toEqual([
+      qualifyAccessRuleId(pluginMetadata, incidentAccess.incident.read),
+    ]);
+    expect(tool.requiredAccessRules).not.toEqual(["ai.chat.read"]);
+  });
+});

package/src/ai/incident-remove-link.test.ts

@@ -0,0 +1,56 @@
+import { describe, expect, test, mock } from "bun:test";
+import type { AuthUser, RpcClient } from "@checkstack/backend-api";
+import { createIncidentRemoveLinkTool } from "./incident-remove-link";
+
+const principal: AuthUser = {
+  type: "user",
+  id: "u1",
+  accessRules: ["incident.incident.manage"],
+};
+
+function fakeRpcClient({
+  removeLink,
+}: {
+  removeLink: ReturnType<typeof mock>;
+}): RpcClient {
+  return {
+    forPlugin: () => ({ removeLink }),
+  } as unknown as RpcClient;
+}
+
+describe("incident.removeLink tool", () => {
+  test("declares destructive effect + the manage rule", () => {
+    const tool = createIncidentRemoveLinkTool();
+    expect(tool.name).toBe("incident.removeLink");
+    expect(tool.effect).toBe("destructive");
+    expect(tool.requiredAccessRules).toEqual(["incident.incident.manage"]);
+    expect(typeof tool.dryRun).toBe("function");
+  });
+
+  test("dryRun returns a payload and NEVER removes the link", async () => {
+    const removeLink = mock(() => Promise.resolve({ success: true }));
+    const rpcClient = fakeRpcClient({ removeLink });
+    const tool = createIncidentRemoveLinkTool();
+    const preview = await tool.dryRun!({
+      input: { id: "lnk1" },
+      principal,
+      rpcClient,
+    });
+    expect(removeLink).not.toHaveBeenCalled();
+    expect(preview.summary).toContain("permanent");
+    expect(preview.payload).toEqual({ id: "lnk1" });
+  });
+
+  test("execute (apply) removes via removeLink with {id}", async () => {
+    const removeLink = mock(() => Promise.resolve({ success: true }));
+    const rpcClient = fakeRpcClient({ removeLink });
+    const tool = createIncidentRemoveLinkTool();
+    const result = await tool.execute({
+      input: { id: "lnk1" },
+      principal,
+      rpcClient,
+    });
+    expect(removeLink).toHaveBeenCalledWith({ id: "lnk1" });
+    expect(result).toEqual({ id: "lnk1", removed: true });
+  });
+});

package/src/ai/incident-remove-link.ts

@@ -0,0 +1,69 @@
+import { z } from "zod";
+import { qualifyAccessRuleId } from "@checkstack/common";
+import type { RpcClient, AuthUser } from "@checkstack/backend-api";
+import {
+  IncidentApi,
+  incidentAccess,
+  pluginMetadata,
+} from "@checkstack/incident-common";
+import type { AiProposalPreview } from "@checkstack/ai-common";
+import type { RegisteredAiTool } from "@checkstack/ai-backend";
+
+/** Input for `incident.removeLink`: the link id to remove. */
+export const IncidentRemoveLinkInputSchema = z.object({
+  id: z.string(),
+});
+export type IncidentRemoveLinkInput = z.infer<
+  typeof IncidentRemoveLinkInputSchema
+>;
+
+/** Output returned once a human applies the link removal. */
+export interface IncidentRemoveLinkApplyResult {
+  id: string;
+  removed: true;
+}
+
+/**
+ * `incident.removeLink` - detach a hotlink from an incident by link id.
+ *
+ * `effect: "destructive"` - removing a link is irreversible, so it ALWAYS routes
+ * through the propose/apply confirm card in BOTH permission modes (it can never
+ * auto-apply). `dryRun` returns the captured payload for human review WITHOUT
+ * mutating; `execute` (reached only via `apply`) removes the link. The
+ * underlying RPC uses the USER-SCOPED client passed at call time, so
+ * handler-side authorization is enforced exactly as a direct UI/RPC call.
+ */
+export function createIncidentRemoveLinkTool(): RegisteredAiTool<
+  IncidentRemoveLinkInput,
+  IncidentRemoveLinkApplyResult
+> {
+  const dryRun = async ({
+    input,
+  }: {
+    input: IncidentRemoveLinkInput;
+    principal: AuthUser;
+    rpcClient: RpcClient;
+  }): Promise<AiProposalPreview<IncidentRemoveLinkInput>> => {
+    return {
+      summary: `Remove link ${input.id} from its incident. This is permanent.`,
+      payload: { id: input.id },
+    };
+  };
+
+  return {
+    name: "incident.removeLink",
+    description:
+      "Remove a hotlink from an incident by link id. DESTRUCTIVE and irreversible. Never removes directly; a person must approve the confirmation. Find the link id by reading the incident's details first.",
+    effect: "destructive",
+    input: IncidentRemoveLinkInputSchema,
+    requiredAccessRules: [
+      qualifyAccessRuleId(pluginMetadata, incidentAccess.incident.manage),
+    ],
+    dryRun,
+    async execute({ input, rpcClient }) {
+      const incidentClient = rpcClient.forPlugin(IncidentApi);
+      await incidentClient.removeLink({ id: input.id });
+      return { id: input.id, removed: true };
+    },
+  };
+}

package/src/ai/incident-resolve.test.ts

@@ -0,0 +1,61 @@
+import { describe, expect, test, mock } from "bun:test";
+import type { AuthUser, RpcClient } from "@checkstack/backend-api";
+import type { IncidentWithSystems } from "@checkstack/incident-common";
+import { createIncidentResolveTool } from "./incident-resolve";
+
+const principal: AuthUser = {
+  type: "user",
+  id: "u1",
+  accessRules: ["incident.incident.manage"],
+};
+
+const input = { id: "inc1", message: "All clear" };
+
+function fakeRpcClient({
+  resolveIncident,
+}: {
+  resolveIncident: ReturnType<typeof mock>;
+}): RpcClient {
+  return {
+    forPlugin: () => ({ resolveIncident }),
+  } as unknown as RpcClient;
+}
+
+describe("incident.resolve tool", () => {
+  test("declares mutate effect + the manage rule", () => {
+    const tool = createIncidentResolveTool();
+    expect(tool.name).toBe("incident.resolve");
+    expect(tool.effect).toBe("mutate");
+    expect(tool.requiredAccessRules).toEqual(["incident.incident.manage"]);
+    expect(typeof tool.dryRun).toBe("function");
+  });
+
+  test("dryRun returns a payload and NEVER resolves", async () => {
+    const resolveIncident = mock(() => Promise.resolve({}));
+    const rpcClient = fakeRpcClient({ resolveIncident });
+    const tool = createIncidentResolveTool();
+    const preview = await tool.dryRun!({ input, principal, rpcClient });
+    expect(resolveIncident).not.toHaveBeenCalled();
+    expect(preview.summary).toContain("inc1");
+    expect(preview.payload).toEqual(input);
+  });
+
+  test("execute (apply) resolves via resolveIncident", async () => {
+    const resolved: IncidentWithSystems = {
+      id: "inc1",
+      title: "Checkout is down",
+      status: "resolved",
+      severity: "critical",
+      suppressNotifications: false,
+      systemIds: ["sys1"],
+      createdAt: new Date(),
+      updatedAt: new Date(),
+    };
+    const resolveIncident = mock(() => Promise.resolve(resolved));
+    const rpcClient = fakeRpcClient({ resolveIncident });
+    const tool = createIncidentResolveTool();
+    const result = await tool.execute({ input, principal, rpcClient });
+    expect(resolveIncident).toHaveBeenCalledWith(input);
+    expect(result.incident).toEqual(resolved);
+  });
+});