@covibes/zeroshot 5.2.1 → 5.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (98) hide show
  1. package/CHANGELOG.md +174 -189
  2. package/README.md +226 -195
  3. package/cli/commands/providers.js +149 -0
  4. package/cli/index.js +3145 -2366
  5. package/cli/lib/first-run.js +40 -3
  6. package/cli/message-formatters-normal.js +28 -6
  7. package/cluster-templates/base-templates/debug-workflow.json +24 -78
  8. package/cluster-templates/base-templates/full-workflow.json +99 -316
  9. package/cluster-templates/base-templates/single-worker.json +23 -15
  10. package/cluster-templates/base-templates/worker-validator.json +105 -36
  11. package/cluster-templates/conductor-bootstrap.json +9 -7
  12. package/lib/docker-config.js +14 -1
  13. package/lib/git-remote-utils.js +165 -0
  14. package/lib/id-detector.js +10 -7
  15. package/lib/provider-defaults.js +62 -0
  16. package/lib/provider-detection.js +59 -0
  17. package/lib/provider-names.js +57 -0
  18. package/lib/settings/claude-auth.js +78 -0
  19. package/lib/settings.js +298 -15
  20. package/lib/stream-json-parser.js +4 -238
  21. package/package.json +27 -6
  22. package/scripts/setup-merge-queue.sh +170 -0
  23. package/scripts/validate-templates.js +100 -0
  24. package/src/agent/agent-config.js +140 -63
  25. package/src/agent/agent-context-builder.js +336 -165
  26. package/src/agent/agent-hook-executor.js +337 -67
  27. package/src/agent/agent-lifecycle.js +386 -287
  28. package/src/agent/agent-stuck-detector.js +7 -7
  29. package/src/agent/agent-task-executor.js +944 -683
  30. package/src/agent/output-extraction.js +217 -0
  31. package/src/agent/output-reformatter.js +175 -0
  32. package/src/agent/schema-utils.js +146 -0
  33. package/src/agent-wrapper.js +112 -31
  34. package/src/agents/git-pusher-template.js +285 -0
  35. package/src/claude-task-runner.js +145 -44
  36. package/src/config-router.js +13 -13
  37. package/src/config-validator.js +1049 -563
  38. package/src/input-helpers.js +65 -0
  39. package/src/isolation-manager.js +499 -320
  40. package/src/issue-providers/README.md +305 -0
  41. package/src/issue-providers/azure-devops-provider.js +273 -0
  42. package/src/issue-providers/base-provider.js +232 -0
  43. package/src/issue-providers/github-provider.js +179 -0
  44. package/src/issue-providers/gitlab-provider.js +241 -0
  45. package/src/issue-providers/index.js +196 -0
  46. package/src/issue-providers/jira-provider.js +239 -0
  47. package/src/ledger.js +50 -11
  48. package/src/lib/safe-exec.js +88 -0
  49. package/src/orchestrator.js +1348 -757
  50. package/src/preflight.js +306 -149
  51. package/src/process-metrics.js +98 -56
  52. package/src/providers/anthropic/cli-builder.js +73 -0
  53. package/src/providers/anthropic/index.js +204 -0
  54. package/src/providers/anthropic/models.js +23 -0
  55. package/src/providers/anthropic/output-parser.js +177 -0
  56. package/src/providers/base-provider.js +251 -0
  57. package/src/providers/capabilities.js +60 -0
  58. package/src/providers/google/cli-builder.js +55 -0
  59. package/src/providers/google/index.js +116 -0
  60. package/src/providers/google/models.js +24 -0
  61. package/src/providers/google/output-parser.js +101 -0
  62. package/src/providers/index.js +91 -0
  63. package/src/providers/openai/cli-builder.js +133 -0
  64. package/src/providers/openai/index.js +136 -0
  65. package/src/providers/openai/models.js +21 -0
  66. package/src/providers/openai/output-parser.js +143 -0
  67. package/src/providers/opencode/cli-builder.js +42 -0
  68. package/src/providers/opencode/index.js +103 -0
  69. package/src/providers/opencode/models.js +55 -0
  70. package/src/providers/opencode/output-parser.js +122 -0
  71. package/src/schemas/sub-cluster.js +68 -39
  72. package/src/status-footer.js +94 -48
  73. package/src/sub-cluster-wrapper.js +92 -36
  74. package/src/task-runner.js +8 -6
  75. package/src/template-resolver.js +12 -9
  76. package/src/tui/data-poller.js +123 -99
  77. package/src/tui/formatters.js +4 -3
  78. package/src/tui/keybindings.js +259 -318
  79. package/src/tui/layout.js +20 -3
  80. package/src/tui/renderer.js +11 -21
  81. package/task-lib/attachable-watcher.js +150 -111
  82. package/task-lib/claude-recovery.js +156 -0
  83. package/task-lib/commands/episodes.js +105 -0
  84. package/task-lib/commands/list.js +3 -3
  85. package/task-lib/commands/logs.js +231 -189
  86. package/task-lib/commands/resume.js +3 -2
  87. package/task-lib/commands/run.js +12 -3
  88. package/task-lib/commands/schedules.js +111 -61
  89. package/task-lib/config.js +0 -2
  90. package/task-lib/runner.js +128 -50
  91. package/task-lib/scheduler.js +3 -3
  92. package/task-lib/store.js +464 -152
  93. package/task-lib/tui/formatters.js +94 -45
  94. package/task-lib/tui/renderer.js +13 -3
  95. package/task-lib/tui.js +73 -32
  96. package/task-lib/watcher.js +157 -100
  97. package/src/agents/git-pusher-agent.json +0 -20
  98. package/src/github.js +0 -103
@@ -2,12 +2,15 @@
2
2
  "name": "Single Worker",
3
3
  "description": "One agent executes and completes. For TRIVIAL tasks and simple INQUIRY.",
4
4
  "params": {
5
- "worker_model": {
5
+ "worker_level": {
6
6
  "type": "string",
7
- "enum": ["haiku", "sonnet", "opus"],
8
- "default": "haiku"
7
+ "enum": ["level1", "level2", "level3"],
8
+ "default": "level1"
9
+ },
10
+ "max_tokens": {
11
+ "type": "number",
12
+ "default": 50000
9
13
  },
10
- "max_tokens": { "type": "number", "default": 50000 },
11
14
  "timeout": {
12
15
  "type": "number",
13
16
  "default": 0,
@@ -23,33 +26,38 @@
23
26
  {
24
27
  "id": "worker",
25
28
  "role": "implementation",
26
- "model": "{{worker_model}}",
29
+ "modelLevel": "{{worker_level}}",
27
30
  "timeout": "{{timeout}}",
28
31
  "prompt": {
29
32
  "system": "## 🚫 YOU CANNOT ASK QUESTIONS\n\nYou are running non-interactively. There is NO USER to answer.\n- NEVER use AskUserQuestion tool\n- NEVER say \"Should I...\" or \"Would you like...\"\n- When unsure: Make the SAFER choice and proceed.\n\nYou are an agent handling a {{task_type}} task.\n\n## TASK TYPE: {{task_type}}\n\n{{#if task_type == 'INQUIRY'}}\nThis is an INQUIRY - exploration and understanding only.\n- Answer questions about the codebase\n- Explore files and explain how things work\n- DO NOT make any changes\n- Provide clear, accurate information\n{{/if}}\n\n{{#if task_type == 'TASK'}}\nThis is a TRIVIAL TASK - quick execution.\n- Straightforward, well-defined action\n- Quick to complete (< 15 minutes)\n- Low risk of breaking existing functionality\n- Execute efficiently, verify it works, done\n{{/if}}\n\n{{#if task_type == 'DEBUG'}}\nThis is a TRIVIAL DEBUG - simple fix.\n- Obvious issue with clear solution\n- Fix the root cause, not symptoms\n- Verify the fix works\n{{/if}}"
30
33
  },
31
34
  "contextStrategy": {
32
- "sources": [{ "topic": "ISSUE_OPENED", "limit": 1 }],
35
+ "sources": [
36
+ {
37
+ "topic": "ISSUE_OPENED",
38
+ "limit": 1
39
+ }
40
+ ],
33
41
  "format": "chronological",
34
42
  "maxTokens": "{{max_tokens}}"
35
43
  },
36
- "triggers": [{ "topic": "ISSUE_OPENED", "action": "execute_task" }],
44
+ "triggers": [
45
+ {
46
+ "topic": "ISSUE_OPENED",
47
+ "action": "execute_task"
48
+ }
49
+ ],
37
50
  "hooks": {
38
51
  "onComplete": {
39
52
  "action": "publish_message",
40
53
  "config": {
41
54
  "topic": "CLUSTER_COMPLETE",
42
- "content": { "text": "Task completed." }
55
+ "content": {
56
+ "text": "Task completed."
57
+ }
43
58
  }
44
59
  }
45
60
  }
46
- },
47
- {
48
- "id": "completion-detector",
49
- "role": "orchestrator",
50
- "model": "haiku",
51
- "timeout": 0,
52
- "triggers": [{ "topic": "CLUSTER_COMPLETE", "action": "stop_cluster" }]
53
61
  }
54
62
  ]
55
63
  }
@@ -2,18 +2,24 @@
2
2
  "name": "Worker + Validator",
3
3
  "description": "Worker implements, validator checks, rejection loop. For SIMPLE tasks.",
4
4
  "params": {
5
- "worker_model": {
5
+ "worker_level": {
6
6
  "type": "string",
7
- "enum": ["haiku", "sonnet", "opus"],
8
- "default": "sonnet"
7
+ "enum": ["level1", "level2", "level3"],
8
+ "default": "level2"
9
9
  },
10
- "validator_model": {
10
+ "validator_level": {
11
11
  "type": "string",
12
- "enum": ["haiku", "sonnet", "opus"],
13
- "default": "sonnet"
12
+ "enum": ["level1", "level2", "level3"],
13
+ "default": "level2"
14
+ },
15
+ "max_iterations": {
16
+ "type": "number",
17
+ "default": 3
18
+ },
19
+ "max_tokens": {
20
+ "type": "number",
21
+ "default": 100000
14
22
  },
15
- "max_iterations": { "type": "number", "default": 3 },
16
- "max_tokens": { "type": "number", "default": 100000 },
17
23
  "timeout": {
18
24
  "type": "number",
19
25
  "default": 0,
@@ -29,21 +35,80 @@
29
35
  {
30
36
  "id": "worker",
31
37
  "role": "implementation",
32
- "model": "{{worker_model}}",
38
+ "modelLevel": "{{worker_level}}",
33
39
  "timeout": "{{timeout}}",
40
+ "outputFormat": "json",
41
+ "jsonSchema": {
42
+ "type": "object",
43
+ "properties": {
44
+ "summary": {
45
+ "type": "string",
46
+ "description": "Brief description of work done this iteration"
47
+ },
48
+ "completionStatus": {
49
+ "type": "object",
50
+ "description": "Self-assessment of completion state",
51
+ "properties": {
52
+ "canValidate": {
53
+ "type": "boolean",
54
+ "description": "true if work is ready for validator review, false if more work needed"
55
+ },
56
+ "percentComplete": {
57
+ "type": "number",
58
+ "description": "Estimated completion percentage (0-100)"
59
+ },
60
+ "blockers": {
61
+ "type": "array",
62
+ "items": { "type": "string" },
63
+ "description": "Issues preventing completion (empty if canValidate=true)"
64
+ },
65
+ "nextSteps": {
66
+ "type": "array",
67
+ "items": { "type": "string" },
68
+ "description": "Remaining work items (empty if canValidate=true)"
69
+ }
70
+ },
71
+ "required": ["canValidate", "percentComplete"]
72
+ }
73
+ },
74
+ "required": ["summary", "completionStatus"]
75
+ },
34
76
  "prompt": {
35
- "system": "## 🚫 YOU CANNOT ASK QUESTIONS\n\nYou are running non-interactively. There is NO USER to answer.\n- NEVER use AskUserQuestion tool\n- NEVER say \"Should I...\" or \"Would you like...\"\n- When unsure: Make the SAFER choice and proceed.\n\nYou are an implementation agent for a SIMPLE {{task_type}} task.\n\n## FIRST ITERATION\n\n{{#if task_type == 'TASK'}}\nImplement the requested feature/change:\n- Well-defined scope (one feature, one fix)\n- Standard patterns apply\n- Complete the implementation fully\n{{/if}}\n\n{{#if task_type == 'DEBUG'}}\nInvestigate and fix the issue:\n- Reproduce the problem\n- Find the root cause (not just symptoms)\n- Apply the fix\n- Verify it works\n{{/if}}\n\n{{#if task_type == 'INQUIRY'}}\nResearch and provide detailed answers:\n- Explore relevant code and documentation\n- Explain how things work\n- Provide accurate, complete information\n{{/if}}\n\n## SUBSEQUENT ITERATIONS (after rejection)\n\nYou are being called back because validators REJECTED your implementation. This is NOT a minor issue.\n\n### FIX LIKE A SENIOR ENGINEER\n\n1. **STOP AND UNDERSTAND FIRST**\n - Read ALL VALIDATION_RESULT messages completely\n - Understand WHY each issue exists, not just WHAT it is\n - Trace the root cause - don't patch symptoms\n\n2. **FIX PROPERLY - NO SHORTCUTS**\n - Fix the ACTUAL problem, not the error message\n - If your approach was wrong, redesign it - don't add band-aids\n - Consider architectural implications of your fix\n - A senior dev would be embarrassed to submit a half-fix\n\n3. **VERIFY YOUR FIX**\n - Test your changes actually work\n - Check you didn't break anything else\n - If unsure, investigate before committing\n\n### MINDSET\n- Validators are senior engineers reviewing your code\n- They found REAL problems - take them seriously\n- Shortcuts will be caught and rejected again"
77
+ "system": "## 🚫 YOU CANNOT ASK QUESTIONS\n\nYou are running non-interactively. There is NO USER to answer.\n- NEVER use AskUserQuestion tool\n- NEVER say \"Should I...\" or \"Would you like...\"\n- When unsure: Make the SAFER choice and proceed.\n\nYou are an implementation agent for a SIMPLE {{task_type}} task.\n\n## FIRST ITERATION\n\n{{#if task_type == 'TASK'}}\nImplement the requested feature/change:\n- Well-defined scope (one feature, one fix)\n- Standard patterns apply\n- Complete the implementation fully\n{{/if}}\n\n{{#if task_type == 'DEBUG'}}\nInvestigate and fix the issue:\n- Reproduce the problem\n- Find the root cause (not just symptoms)\n- Apply the fix\n- Verify it works\n{{/if}}\n\n{{#if task_type == 'INQUIRY'}}\nResearch and provide detailed answers:\n- Explore relevant code and documentation\n- Explain how things work\n- Provide accurate, complete information\n{{/if}}\n\n## SUBSEQUENT ITERATIONS (after rejection)\n\nYou are being called back because validators REJECTED your implementation. This is NOT a minor issue.\n\n### FIX LIKE A SENIOR ENGINEER\n\n1. **STOP AND UNDERSTAND FIRST**\n - Read ALL VALIDATION_RESULT messages completely\n - Understand WHY each issue exists, not just WHAT it is\n - Trace the root cause - don't patch symptoms\n\n2. **FIX PROPERLY - NO SHORTCUTS**\n - Fix the ACTUAL problem, not the error message\n - If your approach was wrong, redesign it - don't add band-aids\n - Consider architectural implications of your fix\n - A senior dev would be embarrassed to submit a half-fix\n\n3. **VERIFY YOUR FIX**\n - Test your changes actually work\n - Check you didn't break anything else\n - If unsure, investigate before committing\n\n### MINDSET\n- Validators are senior engineers reviewing your code\n- They found REAL problems - take them seriously\n- Shortcuts will be caught and rejected again\n\n## 🔴 COMPLETION SELF-ASSESSMENT (REQUIRED)\n\nYour output MUST include a `completionStatus` object with honest self-assessment:\n\n**Set canValidate: true** when:\n- All work for this iteration is complete\n- Code compiles/runs without errors\n- You would be confident submitting for review\n\n**Set canValidate: false** when:\n- Work is partially complete\n- Blocked by an issue you're working around\n- Code doesn't compile or has obvious bugs\n\nValidators cost money. If you're not done, say so - your WORKER_PROGRESS message will let you continue."
36
78
  },
37
79
  "contextStrategy": {
38
80
  "sources": [
39
- { "topic": "ISSUE_OPENED", "limit": 1 },
40
- { "topic": "VALIDATION_RESULT", "since": "last_task_end", "limit": 3 }
81
+ {
82
+ "topic": "ISSUE_OPENED",
83
+ "limit": 1
84
+ },
85
+ {
86
+ "topic": "WORKER_PROGRESS",
87
+ "since": "last_task_end",
88
+ "limit": 3
89
+ },
90
+ {
91
+ "topic": "VALIDATION_RESULT",
92
+ "since": "last_task_end",
93
+ "limit": 3
94
+ }
41
95
  ],
42
96
  "format": "chronological",
43
97
  "maxTokens": "{{max_tokens}}"
44
98
  },
45
99
  "triggers": [
46
- { "topic": "ISSUE_OPENED", "action": "execute_task" },
100
+ {
101
+ "topic": "ISSUE_OPENED",
102
+ "action": "execute_task"
103
+ },
104
+ {
105
+ "topic": "WORKER_PROGRESS",
106
+ "logic": {
107
+ "engine": "javascript",
108
+ "script": "return message.sender === 'worker';"
109
+ },
110
+ "action": "execute_task"
111
+ },
47
112
  {
48
113
  "topic": "VALIDATION_RESULT",
49
114
  "logic": {
@@ -59,8 +124,15 @@
59
124
  "config": {
60
125
  "topic": "IMPLEMENTATION_READY",
61
126
  "content": {
62
- "text": "Implementation complete. Ready for validation."
127
+ "text": "{{result.summary}}",
128
+ "data": {
129
+ "completionStatus": "{{result.completionStatus}}"
130
+ }
63
131
  }
132
+ },
133
+ "logic": {
134
+ "engine": "javascript",
135
+ "script": "if (!result.completionStatus?.canValidate) return { topic: 'WORKER_PROGRESS' };"
64
136
  }
65
137
  }
66
138
  },
@@ -69,7 +141,7 @@
69
141
  {
70
142
  "id": "validator",
71
143
  "role": "validator",
72
- "model": "{{validator_model}}",
144
+ "modelLevel": "{{validator_level}}",
73
145
  "timeout": "{{timeout}}",
74
146
  "outputFormat": "json",
75
147
  "jsonSchema": {
@@ -85,24 +157,37 @@
85
157
  },
86
158
  "errors": {
87
159
  "type": "array",
88
- "items": { "type": "string" },
160
+ "items": {
161
+ "type": "string"
162
+ },
89
163
  "description": "Issues found (empty if approved)"
90
164
  }
91
165
  },
92
166
  "required": ["approved", "summary", "errors"]
93
167
  },
94
168
  "prompt": {
95
- "system": "## 🚫 YOU CANNOT ASK QUESTIONS\n\nYou are running non-interactively. There is NO USER to answer.\n- NEVER use AskUserQuestion tool\n- NEVER say \"Should I...\" or \"Would you like...\"\n- When unsure: Make the SAFER choice and proceed.\n\nYou are a validator for a SIMPLE {{task_type}} task.\n\n## 🔴 VERIFICATION PROTOCOL (REQUIRED - PREVENTS FALSE CLAIMS)\n\nBefore making ANY claim about missing functionality or code issues:\n\n1. **SEARCH FIRST** - Use Glob to find ALL relevant files\n2. **READ THE CODE** - Use Read to inspect actual implementation\n3. **GREP FOR PATTERNS** - Use Grep to search for specific code (function names, endpoints, etc.)\n\n**NEVER claim something doesn't exist without FIRST searching for it.**\n\nThe worker may have implemented features in different files than originally planned. If you claim '/api/metrics endpoint is missing' without searching, you may miss that it exists in 'server/routes/health.ts' instead of 'server/routes/api.ts'.\n\n### Example Verification Flow:\n```\n1. Claim: 'Missing error handling for network failures'\n2. BEFORE claiming → Grep for 'catch', 'error', 'try' in relevant files\n3. BEFORE claiming → Read the actual implementation\n4. ONLY IF NOT FOUND → Add to errors array\n```\n\n## VALIDATION CRITERIA\n\n**APPROVE** if:\n- Core functionality works as requested\n- Implementation is correct and complete\n- No obvious bugs or critical issues\n\n**REJECT** if:\n- Major functionality is missing or broken (VERIFIED by searching)\n- Implementation doesn't match requirements (VERIFIED by reading code)\n- Critical bugs present (VERIFIED by inspection)\n\n## TASK TYPE: {{task_type}}\n\n{{#if task_type == 'TASK'}}\nVerify the feature/change works correctly.\n{{/if}}\n\n{{#if task_type == 'DEBUG'}}\nVerify the bug is actually fixed at root cause.\n{{/if}}\n\n{{#if task_type == 'INQUIRY'}}\nVerify the information is accurate and complete.\n{{/if}}\n\nFor SIMPLE tasks, don't nitpick. Focus on: Does it work and meet requirements?"
169
+ "system": "## 🔴 OUTPUT FORMAT (CRITICAL - READ FIRST)\n\nYour output MUST be MINIMAL and STRUCTURED:\n- Output ONLY the required JSON schema fields\n- NO preambles (\"Here is my analysis...\", \"Let me explain...\")\n- NO verbose summaries - be CONCISE (max 100 chars per string field)\n- NO redundant information\n- NO explanations before or after the JSON\n\n## 🚫 YOU CANNOT ASK QUESTIONS\n\nYou are running non-interactively. There is NO USER to answer.\n- NEVER use AskUserQuestion tool\n- NEVER say \"Should I...\" or \"Would you like...\"\n- When unsure: Make the SAFER choice and proceed.\n\nYou are a validator for a SIMPLE {{task_type}} task.\n\n## 🔴 VERIFICATION PROTOCOL (REQUIRED - PREVENTS FALSE CLAIMS)\n\nBefore making ANY claim about missing functionality or code issues:\n\n1. **SEARCH FIRST** - Use Glob to find ALL relevant files\n2. **READ THE CODE** - Use Read to inspect actual implementation\n3. **GREP FOR PATTERNS** - Use Grep to search for specific code (function names, endpoints, etc.)\n\n**NEVER claim something doesn't exist without FIRST searching for it.**\n\nThe worker may have implemented features in different files than originally planned. If you claim '/api/metrics endpoint is missing' without searching, you may miss that it exists in 'server/routes/health.ts' instead of 'server/routes/api.ts'.\n\n### Example Verification Flow:\n```\n1. Claim: 'Missing error handling for network failures'\n2. BEFORE claiming → Grep for 'catch', 'error', 'try' in relevant files\n3. BEFORE claiming → Read the actual implementation\n4. ONLY IF NOT FOUND → Add to errors array\n```\n\n## VALIDATION CRITERIA\n\n**APPROVE** if:\n- Core functionality works as requested\n- Implementation is correct and complete\n- No obvious bugs or critical issues\n\n**REJECT** if:\n- Major functionality is missing or broken (VERIFIED by searching)\n- Implementation doesn't match requirements (VERIFIED by reading code)\n- Critical bugs present (VERIFIED by inspection)\n\n## TASK TYPE: {{task_type}}\n\n{{#if task_type == 'TASK'}}\nVerify the feature/change works correctly.\n{{/if}}\n\n{{#if task_type == 'DEBUG'}}\nVerify the bug is actually fixed at root cause.\n{{/if}}\n\n{{#if task_type == 'INQUIRY'}}\nVerify the information is accurate and complete.\n{{/if}}\n\nFor SIMPLE tasks, don't nitpick. Focus on: Does it work and meet requirements?\n\n## 🔴 DEBUGGING METHODOLOGY CHECK\n\nBefore approving, verify the worker didn't take shortcuts:\n\n### Ad Hoc Fix Detection\n- Did worker fix ONE instance? → Grep for similar patterns. If N > 1 exists, REJECT.\n- Example: Fixed null check in `auth.ts:42`? → `grep -r \"similar pattern\" .` - are there others?\n\n### Root Cause vs Symptom\n- Did worker add a workaround? → Find the ACTUAL bug. If workaround hides real issue, REJECT.\n- Example: Added `|| []` fallback? → WHY is it undefined? Fix THAT.\n\n### Lazy Debugging Red Flags (INSTANT REJECT)\n- Worker suggests \"restart the service\" → REJECT (hides the bug)\n- Worker suggests \"clear the cache\" → REJECT (hides the bug)\n- Worker says \"works on my machine\" → REJECT (not a fix)\n- Worker blames the test → REJECT unless they PROVE test is wrong with evidence"
96
170
  },
97
171
  "contextStrategy": {
98
172
  "sources": [
99
- { "topic": "ISSUE_OPENED", "limit": 1 },
100
- { "topic": "IMPLEMENTATION_READY", "limit": 1 }
173
+ {
174
+ "topic": "ISSUE_OPENED",
175
+ "limit": 1
176
+ },
177
+ {
178
+ "topic": "IMPLEMENTATION_READY",
179
+ "limit": 1
180
+ }
101
181
  ],
102
182
  "format": "chronological",
103
183
  "maxTokens": "{{max_tokens}}"
104
184
  },
105
- "triggers": [{ "topic": "IMPLEMENTATION_READY", "action": "execute_task" }],
185
+ "triggers": [
186
+ {
187
+ "topic": "IMPLEMENTATION_READY",
188
+ "action": "execute_task"
189
+ }
190
+ ],
106
191
  "hooks": {
107
192
  "onComplete": {
108
193
  "action": "publish_message",
@@ -118,22 +203,6 @@
118
203
  }
119
204
  }
120
205
  }
121
- },
122
- {
123
- "id": "completion-detector",
124
- "role": "orchestrator",
125
- "model": "haiku",
126
- "timeout": 0,
127
- "triggers": [
128
- {
129
- "topic": "VALIDATION_RESULT",
130
- "logic": {
131
- "engine": "javascript",
132
- "script": "const lastPush = ledger.findLast({ topic: 'IMPLEMENTATION_READY' });\nif (!lastPush) return false;\nconst result = ledger.findLast({ topic: 'VALIDATION_RESULT', since: lastPush.timestamp });\nreturn result?.content?.data?.approved === true || result?.content?.data?.approved === 'true';"
133
- },
134
- "action": "stop_cluster"
135
- }
136
- ]
137
206
  }
138
207
  ]
139
208
  }
@@ -1,11 +1,12 @@
1
1
  {
2
2
  "name": "Two-Tier Conductor (Complexity × TaskType)",
3
- "description": "Cost-optimized conductor: Haiku junior for 2D classification (complexity + taskType), Sonnet senior for UNCERTAIN tasks. Routes to appropriate cluster config via helpers.getConfig().",
3
+ "description": "Cost-optimized conductor: level1 junior for 2D classification (complexity + taskType), level2 senior for UNCERTAIN tasks. Routes to appropriate cluster config via helpers.getConfig().",
4
4
  "agents": [
5
5
  {
6
6
  "id": "junior-conductor",
7
7
  "role": "conductor",
8
- "model": "haiku",
8
+ "modelLevel": "level1",
9
+ "useDirectApi": true,
9
10
  "outputFormat": "json",
10
11
  "jsonSchema": {
11
12
  "type": "object",
@@ -18,7 +19,7 @@
18
19
  "taskType": {
19
20
  "type": "string",
20
21
  "enum": ["INQUIRY", "TASK", "DEBUG"],
21
- "description": "Type of work: INQUIRY (questions/exploration), TASK (implement new), DEBUG (fix broken)"
22
+ "description": "Type of work: INQUIRY (read-only), TASK (implement / known fix), DEBUG (investigate unknown root cause)"
22
23
  },
23
24
  "reasoning": {
24
25
  "type": "string",
@@ -28,7 +29,7 @@
28
29
  "required": ["complexity", "taskType", "reasoning"]
29
30
  },
30
31
  "prompt": {
31
- "system": "You are the JUNIOR CONDUCTOR (Haiku) - fast, cost-efficient task classification.\n\n## Your Job\nClassify tasks on TWO dimensions: COMPLEXITY and TASK TYPE.\n\n## COMPLEXITY (how hard/risky)\n\n**TRIVIAL** - One command, one file, mechanical\n**SIMPLE** - One concern, straightforward\n**STANDARD** - Multi-file, needs planning\n**CRITICAL** - High risk (auth, payments, security, production)\n**UNCERTAIN** - Escalate to senior conductor\n\n## TASK TYPE (what kind of action)\n\n**INQUIRY** - Questions, exploration, understanding\n- \"How does X work?\", \"What files handle Y?\", \"Explain Z\"\n- NO changes made, just gathering information\n\n**TASK** - Implement something new\n- \"Add feature X\", \"Create Y\", \"Implement Z\"\n- Building new functionality\n\n**DEBUG** - Fix something broken\n- \"Why is X failing?\", \"Fix bug in Y\", \"Debug Z\"\n- Investigating and fixing existing issues\n\n## Output Format\n\n```json\n{\n \"complexity\": \"TRIVIAL|SIMPLE|STANDARD|CRITICAL|UNCERTAIN\",\n \"taskType\": \"INQUIRY|TASK|DEBUG\",\n \"reasoning\": \"Brief explanation\"\n}\n```\n\n## Examples\n\n\"How does auth work?\" → SIMPLE, INQUIRY\n\"Add rate limiting\" STANDARD, TASK\n\"Fix null pointer bug\" SIMPLE, DEBUG\n\"Why is the API slow?\" STANDARD, DEBUG\n\"Deploy to AWS\"CRITICAL, TASK\n\"terraform plan\" → SIMPLE, TASK\n\"What files handle routing?\" TRIVIAL, INQUIRY\n\n## Critical Rules\n\n1. ALWAYS output both dimensions\n2. INQUIRY = read-only, TASK = create new, DEBUG = fix broken\n3. complexity=UNCERTAIN only when truly ambiguous\n\nTask: {{ISSUE_OPENED.content.text}}"
32
+ "system": "You are the JUNIOR CONDUCTOR - fast task classification.\n\n## Your Job\nClassify the task on TWO dimensions.\n\n## 🔴 COST REMINDER\n- CRITICAL uses Opus ($15/M tokens) + 4 validators = EXPENSIVE\n- STANDARD uses Sonnet ($3/M tokens) + 2 validators = NORMAL\n- Don't waste money on false positives. CRITICAL is rare.\n\n## COMPLEXITY (pick ONE)\n- TRIVIAL - One file, mechanical change; no behavior change.\n- SIMPLE - Small change, 1-2 files, low risk.\n- STANDARD - Multi-file work or user-visible behavior. **DEFAULT CHOICE.**\n- CRITICAL - ONLY when code DIRECTLY modifies: (1) authentication/authorization LOGIC, (2) payment processing/billing calculations, (3) secrets/credentials handling, (4) destructive database operations (DROP, DELETE), (5) production deployment or live infrastructure, (6) PII processing (not just displaying it).\n- UNCERTAIN - Escalate to senior conductor.\n\n**🔴 BIAS: If unsure between STANDARD and CRITICAL, choose STANDARD.** CRITICAL is expensive. Reserve it for actual risk.\n\n## NOT CRITICAL (Common False Positives)\n\nThese are STANDARD, not CRITICAL:\n- Refactoring code that MENTIONS auth/billing/security (not MODIFYING the logic)\n- Adding TypeScript types for existing structures\n- Code cleanup in infra-related files\n- Read-only queries to production data\n- Tests for auth/billing code (tests don't touch prod)\n- Extracting modules or services (code organization)\n- Factory patterns, dependency injection (architecture)\n- Config file reorganization (not production config values)\n\n## TASK TYPE (pick ONE)\n- INQUIRY - Questions, exploration, read-only\n- TASK - Implement something new\n- DEBUG - Fix something broken\n\n## Examples\n\nTask: \"Explain current auth flow (read-only)\"\n```json\n{\"complexity\": \"SIMPLE\", \"taskType\": \"INQUIRY\", \"reasoning\": \"Read-only explanation\"}\n```\n\nTask: \"Refactor auth service into smaller modules\"\n```json\n{\"complexity\": \"STANDARD\", \"taskType\": \"TASK\", \"reasoning\": \"Refactoring code organization, not modifying auth logic\"}\n```\n\nTask: \"Add TypeScript types to payment types\"\n```json\n{\"complexity\": \"STANDARD\", \"taskType\": \"TASK\", \"reasoning\": \"Adding types, not modifying billing logic\"}\n```\n\nTask: \"Fix bug in password validation logic\"\n```json\n{\"complexity\": \"CRITICAL\", \"taskType\": \"DEBUG\", \"reasoning\": \"Directly modifying authentication logic\"}\n```\n\nTask: \"Add new payment method integration\"\n```json\n{\"complexity\": \"CRITICAL\", \"taskType\": \"TASK\", \"reasoning\": \"New billing/payment processing code\"}\n```\n\nTask: \"Rotate production API keys\"\n```json\n{\"complexity\": \"CRITICAL\", \"taskType\": \"TASK\", \"reasoning\": \"Modifying production secrets\"}\n```\n\nTask: \"DROP TABLE users migration\"\n```json\n{\"complexity\": \"CRITICAL\", \"taskType\": \"TASK\", \"reasoning\": \"Destructive database operation\"}\n```\n\n## Critical Rules\n1. Output ONLY valid JSON - no other text\n2. complexity must be EXACTLY one of: TRIVIAL, SIMPLE, STANDARD, CRITICAL, UNCERTAIN\n3. taskType must be EXACTLY one of: INQUIRY, TASK, DEBUG\n\nTask: {{ISSUE_OPENED.content.text}}"
32
33
  },
33
34
  "contextStrategy": {
34
35
  "sources": [{ "topic": "ISSUE_OPENED", "limit": 1 }],
@@ -58,7 +59,8 @@
58
59
  {
59
60
  "id": "senior-conductor",
60
61
  "role": "conductor",
61
- "model": "sonnet",
62
+ "modelLevel": "level2",
63
+ "useDirectApi": true,
62
64
  "outputFormat": "json",
63
65
  "jsonSchema": {
64
66
  "type": "object",
@@ -71,7 +73,7 @@
71
73
  "taskType": {
72
74
  "type": "string",
73
75
  "enum": ["INQUIRY", "TASK", "DEBUG"],
74
- "description": "Type of work after analysis"
76
+ "description": "Type of work after analysis (INQUIRY/TASK/DEBUG)"
75
77
  },
76
78
  "reasoning": {
77
79
  "type": "string",
@@ -81,7 +83,7 @@
81
83
  "required": ["complexity", "taskType", "reasoning"]
82
84
  },
83
85
  "prompt": {
84
- "system": "You are the SENIOR CONDUCTOR - expert task analyzer for ambiguous tasks.\n\nThe junior conductor was uncertain. Analyze deeply and make a definitive classification.\n\n## COMPLEXITY\n\n**TRIVIAL** - One command/file, mechanical, no risk\n**SIMPLE** - One concern, straightforward\n**STANDARD** - Multi-file, needs planning\n**CRITICAL** - High risk (auth/payments/security/production)\n\n## TASK TYPE\n\n**INQUIRY** - Questions, exploration (read-only)\n**TASK** - Implement something new (create)\n**DEBUG** - Fix something broken (investigate + fix)\n\n## Decision Rules\n\n1. YOU MUST DECIDE - no UNCERTAIN output\n2. When in doubt about complexity, go ONE LEVEL HIGHER\n3. INQUIRY vs TASK vs DEBUG based on intent, not keywords\n4. Consider: Is user asking a question? Building new? Fixing broken?\n\nJunior classified as UNCERTAIN. Original task and reasoning follow."
86
+ "system": "You are the SENIOR CONDUCTOR - expert task analyzer.\n\nThe junior conductor was uncertain. Make a definitive classification.\n\n## 🔴 COST REMINDER\n- CRITICAL uses Opus ($15/M tokens) + 4 validators = EXPENSIVE\n- STANDARD uses Sonnet ($3/M tokens) + 2 validators = NORMAL\n- Don't waste money on false positives.\n\n## COMPLEXITY (pick ONE - no UNCERTAIN allowed)\n- TRIVIAL - One file, mechanical change; no behavior change.\n- SIMPLE - Small change, 1-2 files, low risk.\n- STANDARD - Multi-file work or user-visible behavior. **DEFAULT CHOICE.**\n- CRITICAL - ONLY when code DIRECTLY modifies: (1) authentication/authorization LOGIC, (2) payment processing/billing calculations, (3) secrets/credentials handling, (4) destructive database operations (DROP, DELETE), (5) production deployment or live infrastructure, (6) PII processing.\n\n**🔴 BIAS: If unsure between STANDARD and CRITICAL, choose STANDARD.** CRITICAL is expensive.\n\n## NOT CRITICAL (Common False Positives)\n- Refactoring code that MENTIONS auth/billing/security (not MODIFYING the logic)\n- Adding TypeScript types, tests, code organization\n- Read-only queries, config reorganization\n- Factory patterns, dependency injection\n\n## TASK TYPE (pick ONE)\n- INQUIRY - Questions, exploration (read-only)\n- TASK - Implement something new\n- DEBUG - Fix something broken\n\n## Examples\n\nTask: \"Refactor auth service into smaller modules\"\n```json\n{\"complexity\": \"STANDARD\", \"taskType\": \"TASK\", \"reasoning\": \"Code refactor, not modifying auth logic\"}\n```\n\nTask: \"Fix bug in password validation\"\n```json\n{\"complexity\": \"CRITICAL\", \"taskType\": \"DEBUG\", \"reasoning\": \"Directly modifying auth logic\"}\n```\n\nTask: \"Add payment method\"\n```json\n{\"complexity\": \"CRITICAL\", \"taskType\": \"TASK\", \"reasoning\": \"New billing code\"}\n```\n\n## Rules\n1. Output ONLY valid JSON - no other text\n2. YOU MUST DECIDE - pick exactly one value for each field\n3. When unsure between STANDARD and CRITICAL → STANDARD\n\nJunior was uncertain. Original task follows."
85
87
  },
86
88
  "contextStrategy": {
87
89
  "sources": [
@@ -18,6 +18,14 @@ const MOUNT_PRESETS = {
18
18
  kube: { host: '~/.kube', container: '$HOME/.kube', readonly: true },
19
19
  terraform: { host: '~/.terraform.d', container: '$HOME/.terraform.d', readonly: false },
20
20
  gcloud: { host: '~/.config/gcloud', container: '$HOME/.config/gcloud', readonly: true },
21
+ claude: { host: '~/.claude', container: '$HOME/.claude', readonly: true },
22
+ codex: { host: '~/.config/codex', container: '$HOME/.config/codex', readonly: true },
23
+ gemini: { host: '~/.config/gemini', container: '$HOME/.config/gemini', readonly: true },
24
+ opencode: {
25
+ host: '~/.local/share/opencode',
26
+ container: '$HOME/.local/share/opencode',
27
+ readonly: true,
28
+ },
21
29
  };
22
30
 
23
31
  /**
@@ -28,12 +36,15 @@ const MOUNT_PRESETS = {
28
36
  * - Forced: 'VAR=value' (always set to value)
29
37
  * - Empty: 'VAR=' (always set to empty string)
30
38
  */
39
+ const { CLAUDE_AUTH_ENV_VARS } = require('./settings/claude-auth');
40
+
31
41
  const ENV_PRESETS = {
32
42
  aws: ['AWS_REGION', 'AWS_DEFAULT_REGION', 'AWS_PROFILE', 'AWS_PAGER='],
33
43
  azure: ['AZURE_SUBSCRIPTION_ID', 'AZURE_TENANT_ID', 'AZURE_CLIENT_ID'],
34
44
  gcloud: ['CLOUDSDK_CORE_PROJECT', 'GOOGLE_CLOUD_PROJECT'],
35
45
  kube: ['KUBECONFIG'],
36
46
  terraform: ['TF_VAR_*'],
47
+ claude: CLAUDE_AUTH_ENV_VARS,
37
48
  };
38
49
 
39
50
  /**
@@ -76,7 +87,9 @@ function resolveMounts(config, options = {}) {
76
87
  };
77
88
  }
78
89
 
79
- throw new Error(`Invalid mount config: ${JSON.stringify(item)}. Use preset name or {host, container, readonly?}`);
90
+ throw new Error(
91
+ `Invalid mount config: ${JSON.stringify(item)}. Use preset name or {host, container, readonly?}`
92
+ );
80
93
  });
81
94
  }
82
95
 
@@ -0,0 +1,165 @@
1
+ /**
2
+ * Git remote URL parsing and provider detection.
3
+ * Automatically detects issue provider from git remote URL.
4
+ */
5
+
6
+ const { execSync } = require('../src/lib/safe-exec');
7
+
8
+ /**
9
+ * Parse git remote URL into structured provider context.
10
+ * Supports GitHub, GitLab, and Azure DevOps (cloud + self-hosted).
11
+ * Handles both HTTPS and SSH URL formats.
12
+ *
13
+ * @param {string} remoteUrl - Git remote URL
14
+ * @returns {Object|null} Provider context or null if unparseable
15
+ *
16
+ * @example
17
+ * parseGitRemoteUrl('https://github.com/org/repo.git')
18
+ * // → { provider: 'github', host: 'github.com', org: 'org', repo: 'repo', fullRepo: 'org/repo' }
19
+ *
20
+ * @example
21
+ * parseGitRemoteUrl('git@gitlab.com:org/repo.git')
22
+ * // → { provider: 'gitlab', host: 'gitlab.com', org: 'org', repo: 'repo', fullRepo: 'org/repo' }
23
+ *
24
+ * @example
25
+ * parseGitRemoteUrl('https://dev.azure.com/myorg/myproject/_git/myrepo')
26
+ * // → { provider: 'azure-devops', host: 'dev.azure.com', azureOrg: 'https://dev.azure.com/myorg', azureProject: 'myproject', repo: 'myrepo' }
27
+ */
28
+ function parseGitRemoteUrl(remoteUrl) {
29
+ if (!remoteUrl || typeof remoteUrl !== 'string') {
30
+ return null;
31
+ }
32
+
33
+ const url = remoteUrl.trim();
34
+
35
+ // Normalize SSH URLs to HTTPS format for easier parsing
36
+ // git@host:path → https://host/path
37
+ let normalizedUrl = url;
38
+ const sshMatch = url.match(/^git@([^:]+):(.+)$/);
39
+ if (sshMatch) {
40
+ const [, host, path] = sshMatch;
41
+ normalizedUrl = `https://${host}/${path}`;
42
+ }
43
+
44
+ // Remove .git suffix if present
45
+ normalizedUrl = normalizedUrl.replace(/\.git$/, '');
46
+
47
+ // Azure DevOps: https://dev.azure.com/org/project/_git/repo
48
+ // Azure Legacy: https://org.visualstudio.com/project/_git/repo
49
+ // Azure SSH: git@ssh.dev.azure.com:v3/org/project/repo
50
+ const azureMatch =
51
+ normalizedUrl.match(/https:\/\/dev\.azure\.com\/([^/]+)\/([^/]+)\/_git\/([^/]+)/) ||
52
+ normalizedUrl.match(/https:\/\/([^.]+)\.visualstudio\.com\/([^/]+)\/_git\/([^/]+)/) ||
53
+ // After normalization, `git@ssh.dev.azure.com:v3/org/project/repo` becomes
54
+ // `https://ssh.dev.azure.com/v3/org/project/repo`
55
+ normalizedUrl.match(/https:\/\/ssh\.dev\.azure\.com\/v3\/([^/]+)\/([^/]+)\/([^/]+)/);
56
+
57
+ if (azureMatch) {
58
+ const [, orgPart, project, repo] = azureMatch;
59
+ // For dev.azure.com, org is the first path segment
60
+ // For visualstudio.com, org is the subdomain
61
+ const isLegacy = normalizedUrl.includes('visualstudio.com');
62
+ const azureOrg = isLegacy
63
+ ? `https://${orgPart}.visualstudio.com`
64
+ : `https://dev.azure.com/${orgPart}`;
65
+
66
+ return {
67
+ provider: 'azure-devops',
68
+ host: isLegacy ? `${orgPart}.visualstudio.com` : 'dev.azure.com',
69
+ azureOrg,
70
+ azureProject: project,
71
+ repo,
72
+ };
73
+ }
74
+
75
+ // GitHub: https://github.com/org/repo
76
+ // GitLab: https://gitlab.com/org/repo (or self-hosted)
77
+ // Generic: https://host/org/repo
78
+ const httpsMatch = normalizedUrl.match(/https?:\/\/([^/]+)\/([^/]+)\/([^/]+)/);
79
+ if (httpsMatch) {
80
+ const [, host, org, repo] = httpsMatch;
81
+
82
+ let provider = null;
83
+ if (host === 'github.com') {
84
+ provider = 'github';
85
+ } else if (host.includes('gitlab')) {
86
+ // Matches gitlab.com or any gitlab.* subdomain or *gitlab* in hostname
87
+ provider = 'gitlab';
88
+ } else {
89
+ // Unknown provider - could be self-hosted GitLab or other
90
+ // Return null to fall back to settings
91
+ return null;
92
+ }
93
+
94
+ return {
95
+ provider,
96
+ host,
97
+ org,
98
+ repo,
99
+ fullRepo: `${org}/${repo}`,
100
+ };
101
+ }
102
+
103
+ return null;
104
+ }
105
+
106
+ /**
107
+ * Detect git repository context from current working directory.
108
+ * Returns provider context extracted from git remote URL.
109
+ *
110
+ * @param {string} [cwd=process.cwd()] - Directory to check
111
+ * @returns {Object|null} Git context or null
112
+ *
113
+ * Gracefully returns null for:
114
+ * - Not in git repository
115
+ * - No remote configured
116
+ * - Remote URL unparseable
117
+ * - Git command fails
118
+ *
119
+ * @example
120
+ * // In a GitHub repo with remote
121
+ * detectGitContext()
122
+ * // → { provider: 'github', host: 'github.com', org: 'myorg', repo: 'myrepo', fullRepo: 'myorg/myrepo' }
123
+ *
124
+ * @example
125
+ * // Not in git repo or no remote
126
+ * detectGitContext()
127
+ * // → null
128
+ */
129
+ function detectGitContext(cwd = process.cwd()) {
130
+ try {
131
+ // Check if we're in a git repository
132
+ execSync('git rev-parse --git-dir', {
133
+ cwd,
134
+ stdio: 'pipe',
135
+ encoding: 'utf8',
136
+ });
137
+ } catch {
138
+ // Not a git repository
139
+ return null;
140
+ }
141
+
142
+ try {
143
+ // Try to get remote URL (origin by default)
144
+ const remoteUrl = execSync('git remote get-url origin', {
145
+ cwd,
146
+ stdio: 'pipe',
147
+ encoding: 'utf8',
148
+ }).trim();
149
+
150
+ if (!remoteUrl) {
151
+ return null;
152
+ }
153
+
154
+ // Parse the remote URL to extract provider context
155
+ return parseGitRemoteUrl(remoteUrl);
156
+ } catch {
157
+ // No remote configured or command failed
158
+ return null;
159
+ }
160
+ }
161
+
162
+ module.exports = {
163
+ parseGitRemoteUrl,
164
+ detectGitContext,
165
+ };
@@ -3,17 +3,19 @@
3
3
  *
4
4
  * Strategy:
5
5
  * 1. Check if ID exists in cluster storage
6
- * 2. If not, check if ID exists in task storage
6
+ * 2. If not, check if ID exists in task storage (SQLite)
7
7
  * 3. Return type: 'cluster', 'task', or null
8
8
  */
9
9
 
10
10
  const path = require('path');
11
11
  const fs = require('fs');
12
12
  const os = require('os');
13
+ const Database = require('better-sqlite3');
13
14
 
14
15
  // Storage paths
15
16
  const CLUSTER_DIR = path.join(os.homedir(), '.zeroshot');
16
17
  const TASK_DIR = path.join(os.homedir(), '.claude-zeroshot');
18
+ const TASK_DB_FILE = path.join(TASK_DIR, 'store.db');
17
19
 
18
20
  /**
19
21
  * Detect if ID is a cluster or task
@@ -34,16 +36,17 @@ function detectIdType(id) {
34
36
  }
35
37
  }
36
38
 
37
- // Check tasks
38
- const taskFile = path.join(TASK_DIR, 'tasks.json');
39
- if (fs.existsSync(taskFile)) {
39
+ // Check tasks in SQLite
40
+ if (fs.existsSync(TASK_DB_FILE)) {
40
41
  try {
41
- const tasks = JSON.parse(fs.readFileSync(taskFile, 'utf8'));
42
- if (tasks[id]) {
42
+ const db = new Database(TASK_DB_FILE, { readonly: true, timeout: 5000 });
43
+ const row = db.prepare('SELECT id FROM tasks WHERE id = ?').get(id);
44
+ db.close();
45
+ if (row) {
43
46
  return 'task';
44
47
  }
45
48
  } catch {
46
- // Ignore parse errors
49
+ // Ignore DB errors
47
50
  }
48
51
  }
49
52