@delegance/claude-autopilot 1.4.0 → 1.6.0

package/CHANGELOG.md

@@ -1,5 +1,38 @@
 # Changelog
 
+## [1.6.0] — 2026-04-22
+
+### Added
+- **Provider usage scanner** (`src/core/detect/provider-usage.ts`) — walks project source files, counts per-provider API key and SDK references (capped at 1 per file to avoid skew), returns `ProviderCounts`
+- **`dominantProvider()`** — returns the provider with the highest file-reference count
+- **Smart `auto` tiebreaker** — when multiple API keys are present, `auto` scans the codebase and prefers the provider already used there; falls back to env-key priority order if counts are all zero
+- `ReviewInput.context.cwd` — threads working directory through to the review engine so `auto` knows where to scan; `review-phase.ts` now passes `cwd` in context
+- 12 new tests for `detectProviderUsage` and `dominantProvider` — **181 total**
+
+## [1.5.0] — 2026-04-22
+
+### Added
+- **Gemini adapter** (`gemini`) — Google Gemini 2.5 Pro via `@google/generative-ai`; accepts `GEMINI_API_KEY` or `GOOGLE_API_KEY`; 1M token context window
+- **OpenAI-compatible adapter** (`openai-compatible`) — works with any OpenAI-API-compatible endpoint (Groq, Ollama, Together AI, etc.); requires `options.model`; auto-selects API key via `options.apiKeyEnv` → `OPENAI_API_KEY` → `'ollama'`
+- **Updated auto adapter** — full priority chain: `ANTHROPIC_API_KEY` → `GEMINI_API_KEY`/`GOOGLE_API_KEY` → `OPENAI_API_KEY` → `GROQ_API_KEY` (wraps openai-compatible with Groq config)
+- `run.ts` no-key warning now lists all four key options
+
+### Changed
+- 169 tests total (up from 136)
+
+## [1.4.0] — 2026-04-21
+
+### Added
+- **Static rules registry** (`src/core/static-rules/registry.ts`) — lazy-loads built-in rules by name; fixes critical bug where config `staticRules` was always silently ignored
+- **7 built-in rules**: `hardcoded-secrets`, `npm-audit`, `package-lock-sync`, `console-log`, `todo-fixme`, `large-file`, `missing-tests`
+- **Claude adapter** (`claude`) — Anthropic Claude Opus 4.7 via `@anthropic-ai/sdk`; configurable model via `context.model`
+- **Auto adapter** (`auto`) — detects best available key at runtime; checked in priority order
+- `doctor` now checks `ANTHROPIC_API_KEY` in addition to `OPENAI_API_KEY`
+- 136 tests total
+
+### Fixed
+- **Critical**: `staticRules` in `RunInput` was never populated — config-listed rules were silently ignored. `loadRulesFromConfig()` now wired into `run.ts`
+
 ## [1.2.8] — 2026-04-21
 
 ### Added

package/README.md

@@ -118,7 +118,7 @@ Presets: `nextjs-supabase`, `t3`, `python-fastapi`, `rails-postgres`, `go`.
 ```yaml
 configVersion: 1
 reviewEngine:
-  adapter: codex
+  adapter: auto        # auto-detects best available key at runtime
 testCommand: npm test
 protectedPaths:
   - src/core/**
@@ -130,6 +130,37 @@ staticRules:
 
 Full schema and preset defaults: `presets/<name>/autopilot.config.yaml`.
 
+### Review Engine Adapters
+
+| Adapter | Key required | Notes |
+|---|---|---|
+| `auto` | any below | Auto-selects best available (recommended) |
+| `claude` | `ANTHROPIC_API_KEY` | Opus 4.7 default |
+| `gemini` | `GEMINI_API_KEY` or `GOOGLE_API_KEY` | Gemini 2.5 Pro, 1M context |
+| `codex` | `OPENAI_API_KEY` | GPT-5 Codex |
+| `openai-compatible` | configurable | Groq, Ollama, Together AI, etc. |
+
+`auto` priority: Anthropic → Gemini → OpenAI → Groq.
+
+**Groq example:**
+```yaml
+reviewEngine:
+  adapter: openai-compatible
+  options:
+    model: llama-3.3-70b-versatile
+    baseUrl: https://api.groq.com/openai/v1
+    apiKeyEnv: GROQ_API_KEY
+```
+
+**Ollama (local, no key):**
+```yaml
+reviewEngine:
+  adapter: openai-compatible
+  options:
+    model: llama3.2
+    baseUrl: http://localhost:11434/v1
+```
+
 ## GitHub Actions
 
 ```yaml
@@ -175,7 +206,7 @@ Four pluggable adapter points:
 
 | Point | Built-in | Purpose |
 |---|---|---|
-| `review-engine` | `codex` | LLM code review (OpenAI) |
+| `review-engine` | `auto`, `claude`, `gemini`, `codex`, `openai-compatible` | LLM code review |
 | `vcs-host` | `github` | PR comments + SARIF upload |
 | `migration-runner` | `supabase` | DB migration execution |
 | `review-bot-parser` | `cursor` | Parse review bot comments |

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@delegance/claude-autopilot",
-  "version": "1.4.0",
+  "version": "1.6.0",
   "type": "module",
   "description": "Claude Code automation pipeline: spec → plan → implement → validate → PR",
   "keywords": [
@@ -46,6 +46,7 @@
   },
   "dependencies": {
     "@anthropic-ai/sdk": "^0.90.0",
+    "@google/generative-ai": "^0.24.1",
     "ajv": "^8",
     "dotenv": ">=16",
     "js-yaml": "^4",

package/src/adapters/loader.ts

@@ -16,6 +16,8 @@ const BUILTIN_PATHS: Record<IntegrationPoint, Record<string, string>> = {
   'review-engine': {
     codex: './review-engine/codex.ts',
     claude: './review-engine/claude.ts',
+    gemini: './review-engine/gemini.ts',
+    'openai-compatible': './review-engine/openai-compatible.ts',
     auto: './review-engine/auto.ts',
   },
   'vcs-host': { github: './vcs-host/github.ts' },

package/src/adapters/review-engine/auto.ts

@@ -1,21 +1,74 @@
 import type { Capabilities } from '../base.ts';
 import type { ReviewEngine, ReviewInput, ReviewOutput } from './types.ts';
 import { AutopilotError } from '../../core/errors.ts';
+import { detectProviderUsage, dominantProvider, type Provider } from '../../core/detect/provider-usage.ts';
 
-// Priority order: ANTHROPIC_API_KEY → claude, OPENAI_API_KEY → codex
-async function resolveAdapter(): Promise<ReviewEngine> {
+interface AvailableProvider {
+  provider: Provider;
+  load: () => Promise<ReviewEngine>;
+}
+
+function buildGroqAdapter(base: ReviewEngine): ReviewEngine {
+  return {
+    ...base,
+    name: 'auto',
+    review(input: ReviewInput) {
+      return base.review({
+        ...input,
+        context: {
+          ...input.context,
+          model: 'llama-3.3-70b-versatile',
+          baseUrl: 'https://api.groq.com/openai/v1',
+          apiKeyEnv: 'GROQ_API_KEY',
+        } as typeof input.context,
+      });
+    },
+  };
+}
+
+function getAvailableProviders(): AvailableProvider[] {
+  const available: AvailableProvider[] = [];
   if (process.env.ANTHROPIC_API_KEY) {
-    const { claudeAdapter } = await import('./claude.ts');
-    return claudeAdapter;
+    available.push({ provider: 'anthropic', load: async () => (await import('./claude.ts')).claudeAdapter });
+  }
+  if (process.env.GEMINI_API_KEY || process.env.GOOGLE_API_KEY) {
+    available.push({ provider: 'gemini', load: async () => (await import('./gemini.ts')).geminiAdapter });
   }
   if (process.env.OPENAI_API_KEY) {
-    const { codexAdapter } = await import('./codex.ts');
-    return codexAdapter;
+    available.push({ provider: 'openai', load: async () => (await import('./codex.ts')).codexAdapter });
+  }
+  if (process.env.GROQ_API_KEY) {
+    available.push({
+      provider: 'groq',
+      load: async () => buildGroqAdapter((await import('./openai-compatible.ts')).openaiCompatibleAdapter),
+    });
+  }
+  return available;
+}
+
+async function resolveAdapter(cwd: string): Promise<ReviewEngine> {
+  const available = getAvailableProviders();
+
+  if (available.length === 0) {
+    throw new AutopilotError(
+      'No LLM API key found. Set one of: ANTHROPIC_API_KEY, GEMINI_API_KEY, OPENAI_API_KEY, GROQ_API_KEY',
+      { code: 'auth', provider: 'auto' },
+    );
   }
-  throw new AutopilotError(
-    'No LLM API key found — set ANTHROPIC_API_KEY (recommended) or OPENAI_API_KEY to enable review',
-    { code: 'auth', provider: 'auto' }
-  );
+
+  // Single provider — no need to scan
+  if (available.length === 1) return available[0]!.load();
+
+  // Multiple keys present — prefer the provider most referenced in source code
+  const counts = detectProviderUsage(cwd);
+  const dominant = dominantProvider(counts);
+  if (dominant) {
+    const match = available.find(p => p.provider === dominant);
+    if (match) return match.load();
+  }
+
+  // Fallback to first available (env-key priority order)
+  return available[0]!.load();
 }
 
 export const autoAdapter: ReviewEngine = {
@@ -31,7 +84,9 @@ export const autoAdapter: ReviewEngine = {
   },
 
   async review(input: ReviewInput): Promise<ReviewOutput> {
-    const adapter = await resolveAdapter();
+    const cwd = (input.context as Record<string, unknown> | undefined)?.['cwd'] as string | undefined
+      ?? process.cwd();
+    const adapter = await resolveAdapter(cwd);
     return adapter.review(input);
   },
 };

package/src/adapters/review-engine/gemini.ts

@@ -0,0 +1,131 @@
+import { GoogleGenerativeAI } from '@google/generative-ai';
+import type { Finding } from '../../core/findings/types.ts';
+import { AutopilotError } from '../../core/errors.ts';
+import type { Capabilities } from '../base.ts';
+import type { ReviewEngine, ReviewInput, ReviewOutput } from './types.ts';
+
+const DEFAULT_MODEL = 'gemini-2.5-pro-preview-05-06';
+const MAX_OUTPUT_TOKENS = 4096;
+
+// Cost per million tokens (USD) — gemini-2.5-pro pricing (<200k context)
+const COST_PER_M_INPUT = 1.25;
+const COST_PER_M_OUTPUT = 10.0;
+
+const PROMPT_TEMPLATE = `You are a senior software architect reviewing code changes for quality, security, and correctness.
+
+The codebase context:
+{STACK}
+
+Please review the following:
+
+---
+
+{CONTENT}
+
+---
+
+Provide structured feedback in exactly this format:
+
+## Review Summary
+One paragraph overall assessment.
+
+## Findings
+
+For each finding, use this format:
+### [CRITICAL|WARNING|NOTE] <short title>
+<explanation>
+**Suggestion:** <actionable fix>
+
+Rules:
+- CRITICAL: Blocks merge (security issues, data loss risks, broken contracts)
+- WARNING: Should address before merging (logic errors, missing error handling, test gaps)
+- NOTE: Improvement suggestion (style, performance, clarity)
+- Maximum 10 findings, ranked by severity
+- Be specific and constructive
+- Reference the file and line when possible`;
+
+export const geminiAdapter: ReviewEngine = {
+  name: 'gemini',
+  apiVersion: '1.0.0',
+
+  getCapabilities(): Capabilities {
+    return { structuredOutput: false, streaming: false, maxContextTokens: 1000000, inlineComments: false };
+  },
+
+  estimateTokens(content: string): number {
+    return Math.ceil(content.length / 4);
+  },
+
+  async review(input: ReviewInput): Promise<ReviewOutput> {
+    const apiKey = process.env.GEMINI_API_KEY ?? process.env.GOOGLE_API_KEY;
+    if (!apiKey) {
+      throw new AutopilotError('GEMINI_API_KEY (or GOOGLE_API_KEY) not set', { code: 'auth', provider: 'gemini' });
+    }
+
+    const model = (input.context as Record<string, unknown> | undefined)?.['model'] as string | undefined ?? DEFAULT_MODEL;
+    const stack = input.context?.stack ?? 'A web application — stack details unspecified.';
+    const prompt = PROMPT_TEMPLATE.replace('{STACK}', stack).replace('{CONTENT}', input.content);
+
+    const genAI = new GoogleGenerativeAI(apiKey);
+    const genModel = genAI.getGenerativeModel({
+      model,
+      generationConfig: { maxOutputTokens: MAX_OUTPUT_TOKENS },
+    });
+
+    let result: Awaited<ReturnType<typeof genModel.generateContent>>;
+    try {
+      result = await genModel.generateContent(prompt);
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      const isRateLimit = /rate.limit|429|quota/i.test(message);
+      const isAuth = /api.key|unauthorized|403/i.test(message);
+      throw new AutopilotError(`Gemini review call failed: ${message}`, {
+        code: isAuth ? 'auth' : isRateLimit ? 'rate_limit' : 'transient_network',
+        provider: 'gemini',
+        retryable: isRateLimit,
+      });
+    }
+
+    const rawOutput = result.response.text();
+    const usage = result.response.usageMetadata;
+    const costUSD = usage
+      ? (usage.promptTokenCount / 1_000_000) * COST_PER_M_INPUT +
+        (usage.candidatesTokenCount / 1_000_000) * COST_PER_M_OUTPUT
+      : undefined;
+
+    return {
+      findings: parseGeminiOutput(rawOutput),
+      rawOutput,
+      usage: usage
+        ? { input: usage.promptTokenCount, output: usage.candidatesTokenCount, costUSD }
+        : undefined,
+    };
+  },
+};
+
+export default geminiAdapter;
+
+function parseGeminiOutput(output: string): Finding[] {
+  const findings: Finding[] = [];
+  const regex = /### \[(CRITICAL|WARNING|NOTE)\]\s*(.+?)(?=\n### \[|## Review Summary|$)/gs;
+  let match: RegExpExecArray | null;
+  while ((match = regex.exec(output)) !== null) {
+    const severity = match[1]!.toLowerCase() as Finding['severity'];
+    const body = match[2]!.trim();
+    const titleEnd = body.indexOf('\n');
+    const title = (titleEnd > 0 ? body.slice(0, titleEnd) : body).trim();
+    const suggestion = body.match(/\*\*Suggestion:\*\*\s*(.+)/s)?.[1]?.trim();
+    findings.push({
+      id: `gemini-${findings.length}`,
+      source: 'review-engine',
+      severity,
+      category: 'gemini-review',
+      file: '<unspecified>',
+      message: title,
+      suggestion,
+      protectedPath: false,
+      createdAt: new Date().toISOString(),
+    });
+  }
+  return findings;
+}

package/src/adapters/review-engine/openai-compatible.ts

@@ -0,0 +1,126 @@
+import OpenAI from 'openai';
+import type { Finding } from '../../core/findings/types.ts';
+import { AutopilotError } from '../../core/errors.ts';
+import type { Capabilities } from '../base.ts';
+import type { ReviewEngine, ReviewInput, ReviewOutput } from './types.ts';
+
+const MAX_OUTPUT_TOKENS = 4096;
+
+const SYSTEM_PROMPT_TEMPLATE = `You are a senior software architect reviewing code changes for quality, security, and correctness.
+
+The codebase context:
+{STACK}
+
+Provide structured feedback in exactly this format:
+
+## Review Summary
+One paragraph overall assessment.
+
+## Findings
+
+For each finding, use this format:
+### [CRITICAL|WARNING|NOTE] <short title>
+<explanation>
+**Suggestion:** <actionable fix>
+
+Rules:
+- CRITICAL: Blocks merge (security issues, data loss risks, broken contracts)
+- WARNING: Should address before merging (logic errors, missing error handling, test gaps)
+- NOTE: Improvement suggestion (style, performance, clarity)
+- Maximum 10 findings, ranked by severity
+- Be specific and constructive
+- Reference the file and line when possible`;
+
+export const openaiCompatibleAdapter: ReviewEngine = {
+  name: 'openai-compatible',
+  apiVersion: '1.0.0',
+
+  getCapabilities(): Capabilities {
+    return { structuredOutput: false, streaming: false, maxContextTokens: 128000, inlineComments: false };
+  },
+
+  estimateTokens(content: string): number {
+    return Math.ceil(content.length / 4);
+  },
+
+  async review(input: ReviewInput): Promise<ReviewOutput> {
+    const opts = (input.context as Record<string, unknown> | undefined) ?? {};
+
+    // API key: options.apiKey → named env var → OPENAI_API_KEY
+    const apiKeyEnv = (opts['apiKeyEnv'] as string | undefined) ?? 'OPENAI_API_KEY';
+    const apiKey = (opts['apiKey'] as string | undefined) ?? process.env[apiKeyEnv] ?? 'ollama';
+
+    const baseURL = (opts['baseUrl'] as string | undefined) ??
+      process.env.OPENAI_BASE_URL ??
+      undefined;
+
+    const model = opts['model'] as string | undefined;
+    if (!model) {
+      throw new AutopilotError(
+        'openai-compatible adapter requires options.model to be set in autopilot.config.yaml',
+        { code: 'invalid_config', provider: 'openai-compatible' },
+      );
+    }
+
+    const stack = input.context?.stack ?? 'A web application — stack details unspecified.';
+    const systemPrompt = SYSTEM_PROMPT_TEMPLATE.replace('{STACK}', stack);
+    const client = new OpenAI({ apiKey, ...(baseURL ? { baseURL } : {}) });
+
+    let response: OpenAI.Chat.ChatCompletion;
+    try {
+      response = await client.chat.completions.create({
+        model,
+        max_tokens: MAX_OUTPUT_TOKENS,
+        messages: [
+          { role: 'system', content: systemPrompt },
+          { role: 'user', content: `Please review the following:\n\n---\n\n${input.content}` },
+        ],
+      });
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      const isRateLimit = /rate.limit|429/i.test(message);
+      const isAuth = /unauthorized|401|invalid.api.key/i.test(message);
+      throw new AutopilotError(`openai-compatible review call failed: ${message}`, {
+        code: isAuth ? 'auth' : isRateLimit ? 'rate_limit' : 'transient_network',
+        provider: 'openai-compatible',
+        retryable: isRateLimit,
+      });
+    }
+
+    const rawOutput = response.choices[0]?.message.content ?? '';
+    return {
+      findings: parseOutput(rawOutput),
+      rawOutput,
+      usage: response.usage
+        ? { input: response.usage.prompt_tokens, output: response.usage.completion_tokens }
+        : undefined,
+    };
+  },
+};
+
+export default openaiCompatibleAdapter;
+
+function parseOutput(output: string): Finding[] {
+  const findings: Finding[] = [];
+  const regex = /### \[(CRITICAL|WARNING|NOTE)\]\s*(.+?)(?=\n### \[|## Review Summary|$)/gs;
+  let match: RegExpExecArray | null;
+  while ((match = regex.exec(output)) !== null) {
+    const severity = match[1]!.toLowerCase() as Finding['severity'];
+    const body = match[2]!.trim();
+    const titleEnd = body.indexOf('\n');
+    const title = (titleEnd > 0 ? body.slice(0, titleEnd) : body).trim();
+    const suggestion = body.match(/\*\*Suggestion:\*\*\s*(.+)/s)?.[1]?.trim();
+    findings.push({
+      id: `openai-compatible-${findings.length}`,
+      source: 'review-engine',
+      severity,
+      category: 'openai-compatible-review',
+      file: '<unspecified>',
+      message: title,
+      suggestion,
+      protectedPath: false,
+      createdAt: new Date().toISOString(),
+    });
+  }
+  return findings;
+}

package/src/adapters/review-engine/types.ts

@@ -4,7 +4,7 @@ import type { Finding } from '../../core/findings/types.ts';
 export interface ReviewInput {
   content: string;
   kind: 'spec' | 'pr-diff' | 'file-batch';
-  context?: { spec?: string; plan?: string; stack?: string };
+  context?: { spec?: string; plan?: string; stack?: string; cwd?: string };
 }
 
 export interface ReviewOutput {

package/src/cli/run.ts

@@ -112,9 +112,10 @@ export async function runCommand(options: RunCommandOptions = {}): Promise<numbe
   let reviewEngine: ReviewEngine | undefined;
   if (config.reviewEngine) {
     const ref = typeof config.reviewEngine === 'string' ? config.reviewEngine : config.reviewEngine.adapter;
-    const hasAnyKey = !!(process.env.ANTHROPIC_API_KEY || process.env.OPENAI_API_KEY);
-    if (!hasAnyKey && (ref === 'auto' || ref === 'claude' || ref === 'codex')) {
-      console.log(fmt('yellow', '\n  [run] No LLM API key found — set ANTHROPIC_API_KEY or OPENAI_API_KEY to enable review'));
+    const hasAnyKey = !!(process.env.ANTHROPIC_API_KEY || process.env.GEMINI_API_KEY ||
+      process.env.GOOGLE_API_KEY || process.env.OPENAI_API_KEY || process.env.GROQ_API_KEY);
+    if (!hasAnyKey && ['auto', 'claude', 'gemini', 'codex', 'openai-compatible'].includes(ref)) {
+      console.log(fmt('yellow', '\n  [run] No LLM API key found — set ANTHROPIC_API_KEY, GEMINI_API_KEY, OPENAI_API_KEY, or GROQ_API_KEY to enable review'));
     } else {
       try {
         reviewEngine = await loadAdapter<ReviewEngine>({

package/src/core/detect/provider-usage.ts

@@ -0,0 +1,74 @@
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+
+export type Provider = 'anthropic' | 'gemini' | 'openai' | 'groq';
+
+const PROVIDER_PATTERNS: Record<Provider, RegExp> = {
+  anthropic: /ANTHROPIC_API_KEY|@anthropic-ai\/sdk|anthropic\.com|claude-[a-z0-9]/gi,
+  gemini:    /GEMINI_API_KEY|GOOGLE_API_KEY|@google\/generative-ai|generativelanguage\.googleapis/gi,
+  openai:    /OPENAI_API_KEY|openai\.com|gpt-[0-9]/gi,
+  groq:      /GROQ_API_KEY|api\.groq\.com/gi,
+};
+
+const SOURCE_EXTENSIONS = new Set(['.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs', '.py', '.go', '.rb']);
+
+const SKIP_DIRS = new Set(['node_modules', '.git', 'dist', 'build', '.next', '.nuxt', 'out',
+  'coverage', '__pycache__', '.venv', 'venv', 'target', '.gradle', '.cache', '.turbo']);
+
+function walkSync(dir: string, files: string[] = []): string[] {
+  let entries: fs.Dirent[];
+  try {
+    entries = fs.readdirSync(dir, { withFileTypes: true });
+  } catch {
+    return files;
+  }
+  for (const entry of entries) {
+    if (SKIP_DIRS.has(entry.name)) continue;
+    const full = path.join(dir, entry.name);
+    if (entry.isDirectory()) {
+      walkSync(full, files);
+    } else if (entry.isFile() && SOURCE_EXTENSIONS.has(path.extname(entry.name))) {
+      files.push(full);
+    }
+  }
+  return files;
+}
+
+export interface ProviderCounts {
+  anthropic: number;
+  gemini: number;
+  openai: number;
+  groq: number;
+}
+
+/**
+ * Scans source files under `cwd` and returns per-provider match counts.
+ * Counts are capped at 1 per file to avoid skewing on generated lock files.
+ */
+export function detectProviderUsage(cwd: string): ProviderCounts {
+  const counts: ProviderCounts = { anthropic: 0, gemini: 0, openai: 0, groq: 0 };
+  const files = walkSync(cwd);
+  for (const file of files) {
+    let content: string;
+    try {
+      content = fs.readFileSync(file, 'utf8');
+    } catch {
+      continue;
+    }
+    for (const [provider, pattern] of Object.entries(PROVIDER_PATTERNS) as [Provider, RegExp][]) {
+      pattern.lastIndex = 0;
+      if (pattern.test(content)) counts[provider]++;
+    }
+  }
+  return counts;
+}
+
+/**
+ * Returns the provider with the highest usage count, or null if all zero.
+ */
+export function dominantProvider(counts: ProviderCounts): Provider | null {
+  const entries = Object.entries(counts) as [Provider, number][];
+  const max = Math.max(...entries.map(([, v]) => v));
+  if (max === 0) return null;
+  return entries.find(([, v]) => v === max)![0];
+}

package/src/core/pipeline/review-phase.ts

@@ -49,7 +49,7 @@ export async function runReviewPhase(input: ReviewPhaseInput): Promise<ReviewPha
     const output = await input.engine.review({
       content: chunk.content,
       kind: chunk.kind,
-      context: { stack: input.config.stack },
+      context: { stack: input.config.stack, cwd: input.cwd },
     });
     allFindings.push(...output.findings);
     if (output.usage) {