@h9-foundry/agentforge-cli 0.7.0 → 0.8.0

package/dist/internal/builtin-agents.js

@@ -1,6 +1,6 @@
-import { existsSync, readFileSync } from "node:fs";
+import { existsSync, readFileSync, readdirSync, statSync } from "node:fs";
 import { join } from "node:path";
-import { agentManifestSchema, agentOutputSchema, designArtifactSchema, implementationArtifactSchema, implementationInventorySchema, qaArtifactSchema, qaEvidenceNormalizationSchema, qaRequestSchema, securityArtifactSchema, securityEvidenceNormalizationSchema, securityRequestSchema, planningArtifactSchema } from "@h9-foundry/agentforge-schemas";
+import { agentManifestSchema, agentOutputSchema, designArtifactSchema, githubActionsEvidenceSchema, implementationArtifactSchema, implementationInventorySchema, incidentArtifactSchema, incidentEvidenceNormalizationSchema, incidentRequestSchema, maintenanceArtifactSchema, maintenanceEvidenceNormalizationSchema, maintenanceRequestSchema, qaArtifactSchema, qaEvidenceNormalizationSchema, qaRequestSchema, releaseApprovalRecommendationSchema, releaseArtifactSchema, releaseEvidenceNormalizationSchema, releaseRequestSchema, securityArtifactSchema, securityEvidenceNormalizationSchema, securityRequestSchema, planningArtifactSchema } from "@h9-foundry/agentforge-schemas";
 const contextCollectorAgent = {
     manifest: agentManifestSchema.parse({
         version: 1,
@@ -73,6 +73,32 @@ function parsePackageScripts(packageJsonPath) {
     }
     return Object.fromEntries(Object.entries(parsed.scripts).filter((entry) => typeof entry[1] === "string"));
 }
+function resolveWorkspacePackage(root, packageName) {
+    if (!root) {
+        return {};
+    }
+    for (const topLevel of ["packages", "agents", "adapters"]) {
+        const scopeRoot = join(root, topLevel);
+        if (!existsSync(scopeRoot)) {
+            continue;
+        }
+        for (const entry of readdirSync(scopeRoot)) {
+            const manifestPath = join(scopeRoot, entry, "package.json");
+            if (!existsSync(manifestPath)) {
+                continue;
+            }
+            const parsed = JSON.parse(readFileSync(manifestPath, "utf8"));
+            if (!isRecord(parsed) || parsed.name !== packageName || typeof parsed.version !== "string") {
+                continue;
+            }
+            return {
+                currentVersion: parsed.version,
+                manifestPath
+            };
+        }
+    }
+    return {};
+}
 const allowedValidationScriptNames = new Set(["test", "lint", "typecheck", "build", "build:packages", "release:verify"]);
 function normalizeRequestedCommand(command) {
     return command.trim().replace(/\s+/g, " ");
@@ -148,6 +174,79 @@ function loadBundleArtifactPayloadPaths(bundlePath) {
         return [];
     });
 }
+function loadBundleFinishedAt(bundlePath) {
+    if (!existsSync(bundlePath)) {
+        return undefined;
+    }
+    const parsed = JSON.parse(readFileSync(bundlePath, "utf8"));
+    return isRecord(parsed) && typeof parsed.finishedAt === "string" ? parsed.finishedAt : undefined;
+}
+function describeEvidenceObservation(repoRoot, pathValue) {
+    if (!repoRoot) {
+        return `Observed source ${pathValue} during deterministic intake.`;
+    }
+    const absolutePath = join(repoRoot, pathValue);
+    if (!existsSync(absolutePath)) {
+        return `Observed source ${pathValue} during deterministic intake.`;
+    }
+    const observedAt = pathValue.endsWith(".json") && pathValue.includes(".agentops/runs/")
+        ? loadBundleFinishedAt(absolutePath)
+        : undefined;
+    const fallbackObservedAt = observedAt ?? statSync(absolutePath).mtime.toISOString();
+    return `Observed source ${pathValue} at ${fallbackObservedAt}.`;
+}
+function loadGitHubActionsEvidence(bundlePath) {
+    if (!existsSync(bundlePath) || !bundlePath.endsWith(".json")) {
+        return undefined;
+    }
+    const parsed = JSON.parse(readFileSync(bundlePath, "utf8"));
+    const candidate = isRecord(parsed) ? { ...parsed, sourcePath: parsed.sourcePath ?? bundlePath } : parsed;
+    const result = githubActionsEvidenceSchema.safeParse(candidate);
+    return result.success ? result.data : undefined;
+}
+function isFailingGitHubActionsConclusion(conclusion) {
+    return Boolean(conclusion && !["success", "neutral", "skipped"].includes(conclusion));
+}
+function summarizeGitHubActionsFailures(evidence) {
+    const failedJobs = evidence.jobs
+        .filter((job) => job.status === "completed" && isFailingGitHubActionsConclusion(job.conclusion))
+        .map((job) => `${evidence.workflowName} / ${job.name}`);
+    const failedCheckRuns = evidence.checkRuns
+        .filter((checkRun) => checkRun.status === "completed" && isFailingGitHubActionsConclusion(checkRun.conclusion))
+        .map((checkRun) => `${evidence.workflowName} / ${checkRun.name}`);
+    const runLevelFailure = failedJobs.length === 0 &&
+        failedCheckRuns.length === 0 &&
+        evidence.status === "completed" &&
+        isFailingGitHubActionsConclusion(evidence.conclusion)
+        ? [`${evidence.workflowName} / workflow-run`]
+        : [];
+    return [...failedJobs, ...failedCheckRuns, ...runLevelFailure];
+}
+function normalizeGitHubActionsEvidence(repoRoot, evidenceSources) {
+    const evidence = evidenceSources.flatMap((pathValue) => {
+        if (!repoRoot) {
+            return [];
+        }
+        const normalized = loadGitHubActionsEvidence(join(repoRoot, pathValue));
+        return normalized ? [normalized] : [];
+    });
+    const workflowNames = [...new Set(evidence.map((entry) => entry.workflowName))];
+    const failingChecks = [...new Set(evidence.flatMap((entry) => summarizeGitHubActionsFailures(entry)))];
+    const provenanceRefs = [
+        ...new Set(evidence.flatMap((entry) => [
+            entry.sourcePath,
+            entry.htmlUrl,
+            ...entry.jobs.map((job) => job.htmlUrl),
+            ...entry.checkRuns.map((checkRun) => checkRun.detailsUrl)
+        ].filter((value) => Boolean(value))))
+    ];
+    return {
+        evidence,
+        workflowNames,
+        failingChecks,
+        provenanceRefs
+    };
+}
 function derivePackageScope(pathValue) {
     const segments = pathValue.split("/").filter(Boolean);
     if (segments.length < 2) {
@@ -159,13 +258,17 @@ function derivePackageScope(pathValue) {
     }
     return undefined;
 }
+function includesAnyKeyword(values, keywords) {
+    const haystack = values.join(" ").toLowerCase();
+    return keywords.some((keyword) => haystack.includes(keyword));
+}
 function getWorkflowInput(stateSlice, key) {
     if (!isRecord(stateSlice.workflowInputs)) {
         return undefined;
     }
     return stateSlice.workflowInputs[key];
 }
-function buildLifecycleArtifactEnvelopeBase(state, displayName, summary, inputRefs, issueRefs = []) {
+function buildLifecycleArtifactEnvelopeBase(state, displayName, summary, inputRefs, issueRefs = [], githubRefs = []) {
     return {
         schemaVersion: state.version,
         workflow: {
@@ -176,7 +279,8 @@ function buildLifecycleArtifactEnvelopeBase(state, displayName, summary, inputRe
             sourceType: "workflow-run",
             runId: state.runId,
             inputRefs: [...inputRefs],
-            issueRefs: [...issueRefs]
+            issueRefs: [...issueRefs],
+            githubRefs: [...githubRefs]
         },
         status: "complete",
         generatedAt: new Date().toISOString(),
@@ -204,7 +308,7 @@ function buildLifecycleArtifactEnvelopeBase(state, displayName, summary, inputRe
         summary
     };
 }
-function buildArtifactEnvelopeBase(state, summary, inputRefs, issueRefs) {
+function buildArtifactEnvelopeBase(state, summary, inputRefs, issueRefs, githubRefs = []) {
     return {
         schemaVersion: state.version,
         workflow: {
@@ -214,7 +318,8 @@ function buildArtifactEnvelopeBase(state, summary, inputRefs, issueRefs) {
             sourceType: "workflow-run",
             runId: state.runId,
             inputRefs: [...inputRefs],
-            issueRefs: [...issueRefs]
+            issueRefs: [...issueRefs],
+            githubRefs: [...githubRefs]
         },
         status: "complete",
         generatedAt: new Date().toISOString(),
@@ -340,6 +445,7 @@ const planningAnalystAgent = {
     outputSchema: agentOutputSchema,
     async execute({ state, stateSlice }) {
         const planningRequest = getWorkflowInput(stateSlice, "planningRequest");
+        const planningGithubRefs = getWorkflowInput(stateSlice, "planningGithubRefs") ?? [];
         const requestFile = getWorkflowInput(stateSlice, "requestFile");
         if (!planningRequest) {
             throw new Error("planning-discovery requires a validated planning request before planning analysis.");
@@ -363,7 +469,7 @@ const planningAnalystAgent = {
         ];
         const summary = `Planning brief scoped ${objectives.length} objective(s) for ${state.repo.name}.`;
         const planningBrief = planningArtifactSchema.parse({
-            ...buildArtifactEnvelopeBase(state, summary, [requestFile ?? ".agentops/requests/planning.yaml"], planningRequest.issueRefs),
+            ...buildArtifactEnvelopeBase(state, summary, [requestFile ?? ".agentops/requests/planning.yaml"], planningRequest.issueRefs, planningGithubRefs),
             artifactKind: "planning-brief",
             lifecycleDomain: "plan",
             workflow: {
@@ -759,12 +865,12 @@ const securityIntakeAgent = {
         });
     }
 };
-const securityEvidenceNormalizationAgent = {
+const incidentIntakeAgent = {
     manifest: agentManifestSchema.parse({
         version: 1,
-        name: "security-evidence-normalizer",
-        displayName: "Security Evidence Normalizer",
-        category: "security",
+        name: "incident-intake",
+        displayName: "Incident Intake",
+        category: "operate",
         runtime: {
             minVersion: "0.1.0",
             kind: "deterministic"
@@ -773,7 +879,66 @@ const securityEvidenceNormalizationAgent = {
             model: false,
             network: false,
             tools: [],
-            readPaths: [".agentops/requests/**", ".agentops/runs/**", "**/*.json", "**/*.md", "**/package.json"],
+            readPaths: [".agentops/requests/**", ".agentops/runs/**", "**/*.json", "**/*.log", "**/*.md"],
+            writePaths: []
+        },
+        inputs: ["workflowInputs", "repo"],
+        outputs: ["summary", "metadata"],
+        contextPolicy: {
+            sections: ["workflowInputs", "repo", "context"],
+            minimalContext: true
+        },
+        catalog: {
+            domain: "operate",
+            supportLevel: "internal",
+            maturity: "mvp",
+            trustScope: "official-core-only"
+        },
+        trust: {
+            tier: "core",
+            source: "official",
+            reviewed: true
+        }
+    }),
+    outputSchema: agentOutputSchema,
+    async execute({ stateSlice }) {
+        const incidentRequest = getWorkflowInput(stateSlice, "incidentRequest");
+        const requestFile = getWorkflowInput(stateSlice, "requestFile");
+        if (!incidentRequest) {
+            throw new Error("incident-handoff requires a validated incident request before runtime execution.");
+        }
+        return agentOutputSchema.parse({
+            summary: `Loaded incident request from ${requestFile ?? ".agentops/requests/incident.yaml"} for ${incidentRequest.incidentSummary}.`,
+            findings: [],
+            proposedActions: [],
+            lifecycleArtifacts: [],
+            requestedTools: [],
+            blockedActionFlags: [],
+            metadata: {
+                ...incidentRequestSchema.parse({
+                    ...incidentRequest,
+                    evidenceSources: [...new Set(incidentRequest.evidenceSources)]
+                }),
+                evidenceSourceCount: incidentRequest.evidenceSources.length + incidentRequest.releaseReportRefs.length
+            }
+        });
+    }
+};
+const incidentEvidenceNormalizationAgent = {
+    manifest: agentManifestSchema.parse({
+        version: 1,
+        name: "incident-evidence-normalizer",
+        displayName: "Incident Evidence Normalizer",
+        category: "operate",
+        runtime: {
+            minVersion: "0.1.0",
+            kind: "deterministic"
+        },
+        permissions: {
+            model: false,
+            network: false,
+            tools: [],
+            readPaths: [".agentops/requests/**", ".agentops/runs/**", "**/*.json", "**/*.log", "**/*.md", "**/*.txt"],
             writePaths: []
         },
         inputs: ["workflowInputs", "repo", "agentResults"],
@@ -783,7 +948,7 @@ const securityEvidenceNormalizationAgent = {
             minimalContext: true
         },
         catalog: {
-            domain: "security",
+            domain: "operate",
             supportLevel: "internal",
             maturity: "mvp",
             trustScope: "official-core-only"
@@ -796,53 +961,60 @@ const securityEvidenceNormalizationAgent = {
     }),
     outputSchema: agentOutputSchema,
     async execute({ stateSlice }) {
-        const securityRequest = getWorkflowInput(stateSlice, "securityRequest");
-        if (!securityRequest) {
-            throw new Error("security-review requires validated security request inputs before evidence normalization.");
+        const incidentRequest = getWorkflowInput(stateSlice, "incidentRequest");
+        if (!incidentRequest) {
+            throw new Error("incident-handoff requires validated incident request inputs before evidence normalization.");
         }
         const repoRoot = stateSlice.repo?.root;
         const intakeMetadata = isRecord(stateSlice.agentResults?.intake?.metadata) ? stateSlice.agentResults.intake.metadata : {};
-        const targetType = typeof intakeMetadata.targetType === "string" && intakeMetadata.targetType === "artifact-bundle"
-            ? "artifact-bundle"
-            : "local-reference";
-        const targetPath = repoRoot ? join(repoRoot, securityRequest.targetRef) : securityRequest.targetRef;
-        if (repoRoot && !existsSync(targetPath)) {
-            throw new Error(`Security target reference not found: ${securityRequest.targetRef}`);
-        }
-        const referencedArtifactKinds = targetType === "artifact-bundle" ? loadBundleArtifactKinds(targetPath) : [];
-        const normalizedEvidenceSources = [...new Set([securityRequest.targetRef, ...securityRequest.evidenceSources])];
+        const releaseReportRefs = asStringArray(intakeMetadata.releaseReportRefs).length > 0
+            ? asStringArray(intakeMetadata.releaseReportRefs)
+            : incidentRequest.releaseReportRefs;
+        const evidenceSources = asStringArray(intakeMetadata.evidenceSources).length > 0
+            ? asStringArray(intakeMetadata.evidenceSources)
+            : incidentRequest.evidenceSources;
+        const severityHint = typeof intakeMetadata.severityHint === "string" ? intakeMetadata.severityHint : incidentRequest.severityHint;
+        const normalizedEvidenceSources = [...new Set([...evidenceSources, ...releaseReportRefs])];
         const missingEvidenceSources = normalizedEvidenceSources.filter((pathValue) => repoRoot && !existsSync(join(repoRoot, pathValue)));
         if (missingEvidenceSources.length > 0) {
-            throw new Error(`Security evidence source not found: ${missingEvidenceSources[0]}`);
+            throw new Error(`Incident evidence source not found: ${missingEvidenceSources[0]}`);
         }
-        const normalizedFocusAreas = securityRequest.focusAreas.length > 0 ? [...new Set(securityRequest.focusAreas)] : ["general-review"];
-        const affectedPackages = targetType === "artifact-bundle"
-            ? [...new Set(loadBundleArtifactPayloadPaths(targetPath).map(derivePackageScope).filter((value) => Boolean(value)))]
-            : [];
-        const securitySignals = [
-            ...(referencedArtifactKinds.length > 0 ? [`Referenced artifact kinds: ${referencedArtifactKinds.join(", ")}`] : []),
-            ...(affectedPackages.length > 0 ? [`Affected packages inferred from bounded artifact payloads: ${affectedPackages.join(", ")}`] : []),
-            ...(normalizedFocusAreas.length > 0 ? [`Requested focus areas: ${normalizedFocusAreas.join(", ")}`] : []),
-            "Security evidence collection remains local, read-only, and bounded to validated references."
+        const referencedArtifactKinds = [...new Set(releaseReportRefs.flatMap((pathValue) => (repoRoot ? loadBundleArtifactKinds(join(repoRoot, pathValue)) : [])))];
+        const timelineSummary = [
+            `Severity hint: ${severityHint}.`,
+            "Normalized staged incident evidence and release-report references before reasoning.",
+            ...normalizedEvidenceSources.map((pathValue) => describeEvidenceObservation(repoRoot, pathValue))
         ];
-        const provenanceRefs = [
-            securityRequest.targetRef,
-            ...securityRequest.evidenceSources,
-            ...referencedArtifactKinds.map((artifactKind) => `${securityRequest.targetRef}#${artifactKind}`)
+        const likelyImpactedAreas = [
+            ...(releaseReportRefs.length > 0 ? ["release-readiness"] : []),
+            ...(evidenceSources.length > 0 ? ["staged-operational-evidence"] : []),
+            ...(severityHint === "high" || severityHint === "critical" ? ["security-follow-up"] : [])
         ];
-        const normalization = securityEvidenceNormalizationSchema.parse({
-            targetRef: securityRequest.targetRef,
-            targetType,
-            referencedArtifactKinds,
+        const followUpWorkflowRefs = [
+            "maintenance-triage",
+            ...(releaseReportRefs.length > 0 ? ["release-readiness"] : []),
+            ...(severityHint === "high" || severityHint === "critical" ? ["security-review"] : [])
+        ];
+        const normalization = incidentEvidenceNormalizationSchema.parse({
+            incidentSummary: incidentRequest.incidentSummary,
+            severityHint,
             normalizedEvidenceSources,
             missingEvidenceSources: [],
-            normalizedFocusAreas,
-            securitySignals,
-            provenanceRefs: [...new Set(provenanceRefs)],
-            affectedPackages
+            releaseReportRefs,
+            timelineSummary,
+            likelyImpactedAreas: [...new Set(likelyImpactedAreas)],
+            followUpWorkflowRefs: [...new Set(followUpWorkflowRefs)],
+            provenanceRefs: [
+                ...new Set([
+                    ...evidenceSources,
+                    ...releaseReportRefs.map((pathValue) => `${pathValue}#release-report`)
+                ])
+            ],
+            redactionCategories: ["github-token", "api-key", "aws-key", "bearer-token", "password", "private-key", "operational-sensitive"],
+            referencedArtifactKinds
         });
         return agentOutputSchema.parse({
-            summary: `Normalized security evidence for ${securityRequest.targetRef}.`,
+            summary: `Normalized incident evidence across ${normalization.normalizedEvidenceSources.length} staged source(s).`,
             findings: [],
             proposedActions: [],
             lifecycleArtifacts: [],
@@ -852,31 +1024,31 @@ const securityEvidenceNormalizationAgent = {
         });
     }
 };
-const securityAnalystAgent = {
+const maintenanceIntakeAgent = {
     manifest: agentManifestSchema.parse({
         version: 1,
-        name: "security-analyst",
-        displayName: "Security Analyst",
-        category: "security",
+        name: "maintenance-intake",
+        displayName: "Maintenance Intake",
+        category: "maintain",
         runtime: {
             minVersion: "0.1.0",
-            kind: "reasoning"
+            kind: "deterministic"
         },
         permissions: {
-            model: true,
+            model: false,
             network: false,
             tools: [],
-            readPaths: ["**/*"],
+            readPaths: [".agentops/requests/**", ".agentops/runs/**", "**/*.json", "**/*.md", "**/*.txt"],
             writePaths: []
         },
-        inputs: ["workflowInputs", "repo", "changes", "agentResults"],
-        outputs: ["lifecycleArtifacts"],
+        inputs: ["workflowInputs", "repo"],
+        outputs: ["summary", "metadata"],
         contextPolicy: {
-            sections: ["workflowInputs", "repo", "changes", "agentResults"],
+            sections: ["workflowInputs", "repo", "context"],
             minimalContext: true
         },
         catalog: {
-            domain: "security",
+            domain: "maintain",
             supportLevel: "internal",
             maturity: "mvp",
             trustScope: "official-core-only"
@@ -888,120 +1060,44 @@ const securityAnalystAgent = {
         }
     }),
     outputSchema: agentOutputSchema,
-    async execute({ state, stateSlice }) {
-        const securityRequest = getWorkflowInput(stateSlice, "securityRequest");
+    async execute({ stateSlice }) {
+        const maintenanceRequest = getWorkflowInput(stateSlice, "maintenanceRequest");
         const requestFile = getWorkflowInput(stateSlice, "requestFile");
-        if (!securityRequest) {
-            throw new Error("security-review requires validated security inputs before security analysis.");
+        const maintenanceIssueRefs = getWorkflowInput(stateSlice, "maintenanceIssueRefs") ?? [];
+        const maintenanceGithubRefs = getWorkflowInput(stateSlice, "maintenanceGithubRefs") ?? [];
+        if (!maintenanceRequest) {
+            throw new Error("maintenance-triage requires a validated maintenance request before runtime execution.");
         }
-        const intakeMetadata = isRecord(stateSlice.agentResults?.intake?.metadata) ? stateSlice.agentResults.intake.metadata : {};
-        const evidenceMetadata = securityEvidenceNormalizationSchema.safeParse(stateSlice.agentResults?.evidence?.metadata);
-        const normalizedEvidence = evidenceMetadata.success ? evidenceMetadata.data : undefined;
-        const referencedArtifactKinds = normalizedEvidence?.referencedArtifactKinds ?? asStringArray(intakeMetadata.referencedArtifactKinds);
-        const normalizedFocusAreas = normalizedEvidence?.normalizedFocusAreas ?? asStringArray(intakeMetadata.focusAreas);
-        const normalizedConstraints = asStringArray(intakeMetadata.constraints);
-        const evidenceSources = normalizedEvidence?.normalizedEvidenceSources && normalizedEvidence.normalizedEvidenceSources.length > 0
-            ? normalizedEvidence.normalizedEvidenceSources
-            : asStringArray(intakeMetadata.evidenceSources).length > 0
-                ? asStringArray(intakeMetadata.evidenceSources)
-                : [...new Set([securityRequest.targetRef, ...securityRequest.evidenceSources])];
-        const focusAreas = normalizedFocusAreas.length > 0 ? normalizedFocusAreas : securityRequest.focusAreas;
-        const inferredSeverity = securityRequest.releaseContext === "blocking" ? "high" : securityRequest.releaseContext === "candidate" ? "medium" : "low";
-        const findings = focusAreas.length > 0
-            ? focusAreas.map((focusArea, index) => ({
-                id: `security-finding-${index + 1}`,
-                title: `Inspect ${focusArea} evidence before promotion`,
-                summary: `Security review flagged ${focusArea} for bounded follow-up on ${securityRequest.targetRef}.`,
-                severity: inferredSeverity,
-                rationale: "The MVP security workflow synthesizes a structured report from validated references before deterministic evidence normalization lands.",
-                confidence: 0.76,
-                location: securityRequest.targetRef,
-                tags: ["security", focusArea]
-            }))
-            : [
-                {
-                    id: "security-finding-1",
-                    title: "Inspect referenced security evidence before promotion",
-                    summary: `Security review requires bounded interpretation of the referenced evidence for ${securityRequest.targetRef}.`,
-                    severity: inferredSeverity,
-                    rationale: "The current security workflow is read-only and request-driven, so findings remain tied to validated local references rather than automatic scanning.",
-                    confidence: 0.72,
-                    location: securityRequest.targetRef,
-                    tags: ["security", "evidence"]
-                }
-            ];
-        const mitigations = [
-            ...focusAreas.map((focusArea) => `Review ${focusArea} evidence and document the release impact before promotion.`),
-            ...(normalizedConstraints.length > 0 ? [`Keep security follow-up bounded by: ${normalizedConstraints.join("; ")}.`] : [])
-        ];
-        const followUpWork = [
-            ...(normalizedEvidence?.securitySignals ?? []),
-            ...(referencedArtifactKinds.length > 0
-                ? [`Confirm the security posture for referenced artifacts: ${referencedArtifactKinds.join(", ")}.`]
-                : []),
-            "Use deterministic security evidence normalization outputs before broadening the workflow surface."
-        ];
-        const summary = `Security report prepared for ${securityRequest.targetRef}.`;
-        const securityReport = securityArtifactSchema.parse({
-            ...buildLifecycleArtifactEnvelopeBase(state, "Security Review", summary, [
-                requestFile ?? ".agentops/requests/security.yaml",
-                ...(normalizedEvidence?.provenanceRefs ?? [securityRequest.targetRef, ...securityRequest.evidenceSources])
-            ]),
-            artifactKind: "security-report",
-            lifecycleDomain: "security",
-            redaction: {
-                applied: true,
-                strategyVersion: "1.0.0",
-                categories: ["github-token", "api-key", "aws-key", "bearer-token", "password", "private-key", "security-sensitive"]
-            },
-            payload: {
-                targetRef: securityRequest.targetRef,
-                evidenceSources,
-                findings,
-                severitySummary: `highest severity: ${inferredSeverity}; ${findings.length} synthesized security finding(s).`,
-                mitigations: mitigations.length > 0
-                    ? mitigations
-                    : ["Review the referenced security evidence before promoting this workflow output."],
-                releaseImpact: securityRequest.releaseContext === "blocking"
-                    ? "release-blocking security findings require resolution before promotion."
-                    : securityRequest.releaseContext === "candidate"
-                        ? "candidate release requires explicit security review before promotion."
-                        : "no release context was supplied; security output remains advisory.",
-                followUpWork
-            }
-        });
         return agentOutputSchema.parse({
-            summary,
+            summary: `Loaded maintenance request from ${requestFile ?? ".agentops/requests/maintenance.yaml"} for ${maintenanceRequest.maintenanceGoal}.`,
             findings: [],
             proposedActions: [],
-            lifecycleArtifacts: [securityReport],
+            lifecycleArtifacts: [],
             requestedTools: [],
             blockedActionFlags: [],
-            confidence: 0.76,
             metadata: {
-                deterministicInputs: {
-                    targetRef: securityRequest.targetRef,
-                    evidenceSources,
-                    focusAreas,
-                    constraints: normalizedConstraints,
-                    referencedArtifactKinds,
-                    normalizedEvidence: normalizedEvidence ?? null
-                },
-                synthesizedAssessment: {
-                    severitySummary: securityReport.payload.severitySummary,
-                    mitigations: securityReport.payload.mitigations,
-                    followUpWork: securityReport.payload.followUpWork
-                }
+                ...maintenanceRequestSchema.parse({
+                    ...maintenanceRequest,
+                    dependencyAlertRefs: [...new Set(maintenanceRequest.dependencyAlertRefs)],
+                    docsTaskRefs: [...new Set(maintenanceRequest.docsTaskRefs)],
+                    releaseReportRefs: [...new Set(maintenanceRequest.releaseReportRefs)],
+                    issueRefs: [...new Set(maintenanceRequest.issueRefs)]
+                }),
+                maintenanceIssueRefs,
+                maintenanceGithubRefs,
+                evidenceSourceCount: maintenanceRequest.dependencyAlertRefs.length +
+                    maintenanceRequest.docsTaskRefs.length +
+                    maintenanceRequest.releaseReportRefs.length
             }
         });
     }
 };
-const qaEvidenceNormalizationAgent = {
+const maintenanceEvidenceNormalizerAgent = {
     manifest: agentManifestSchema.parse({
         version: 1,
-        name: "qa-evidence-normalizer",
-        displayName: "QA Evidence Normalizer",
-        category: "qa",
+        name: "maintenance-evidence-normalizer",
+        displayName: "Maintenance Evidence Normalizer",
+        category: "maintain",
         runtime: {
             minVersion: "0.1.0",
             kind: "deterministic"
@@ -1010,7 +1106,7 @@ const qaEvidenceNormalizationAgent = {
             model: false,
             network: false,
             tools: [],
-            readPaths: [".agentops/requests/**", ".agentops/runs/**", "**/package.json", "**/*.json", "**/*.xml", "**/*.log", "**/*.md"],
+            readPaths: [".agentops/requests/**", ".agentops/runs/**", "**/*.json", "**/*.md", "**/*.txt", "**/package.json"],
             writePaths: []
         },
         inputs: ["workflowInputs", "repo", "agentResults"],
@@ -1020,7 +1116,7 @@ const qaEvidenceNormalizationAgent = {
             minimalContext: true
         },
         catalog: {
-            domain: "test",
+            domain: "maintain",
             supportLevel: "internal",
             maturity: "mvp",
             trustScope: "official-core-only"
@@ -1033,28 +1129,1080 @@ const qaEvidenceNormalizationAgent = {
     }),
     outputSchema: agentOutputSchema,
     async execute({ stateSlice }) {
-        const qaRequest = getWorkflowInput(stateSlice, "qaRequest");
-        if (!qaRequest) {
-            throw new Error("qa-review requires validated QA request inputs before evidence normalization.");
+        const maintenanceRequest = getWorkflowInput(stateSlice, "maintenanceRequest");
+        if (!maintenanceRequest) {
+            throw new Error("maintenance-triage requires validated maintenance inputs before evidence normalization.");
         }
         const repoRoot = stateSlice.repo?.root;
-        const packageManager = stateSlice.repo?.packageManager || "pnpm";
         const intakeMetadata = isRecord(stateSlice.agentResults?.intake?.metadata) ? stateSlice.agentResults.intake.metadata : {};
-        const targetType = typeof intakeMetadata.targetType === "string" ? intakeMetadata.targetType : "local-reference";
-        const targetPath = repoRoot ? join(repoRoot, qaRequest.targetRef) : qaRequest.targetRef;
-        if (repoRoot && !existsSync(targetPath)) {
-            throw new Error(`QA target reference not found: ${qaRequest.targetRef}`);
-        }
-        const referencedArtifactKinds = targetType === "artifact-bundle" ? loadBundleArtifactKinds(targetPath) : [];
-        const normalizedEvidenceSources = [...new Set([qaRequest.targetRef, ...qaRequest.evidenceSources])];
+        const dependencyAlertRefs = asStringArray(intakeMetadata.dependencyAlertRefs).length > 0
+            ? asStringArray(intakeMetadata.dependencyAlertRefs)
+            : maintenanceRequest.dependencyAlertRefs;
+        const docsTaskRefs = asStringArray(intakeMetadata.docsTaskRefs).length > 0
+            ? asStringArray(intakeMetadata.docsTaskRefs)
+            : maintenanceRequest.docsTaskRefs;
+        const releaseReportRefs = asStringArray(intakeMetadata.releaseReportRefs).length > 0
+            ? asStringArray(intakeMetadata.releaseReportRefs)
+            : maintenanceRequest.releaseReportRefs;
+        const normalizedEvidenceSources = [...new Set([...dependencyAlertRefs, ...docsTaskRefs, ...releaseReportRefs])];
         const missingEvidenceSources = normalizedEvidenceSources.filter((pathValue) => repoRoot && !existsSync(join(repoRoot, pathValue)));
         if (missingEvidenceSources.length > 0) {
-            throw new Error(`QA evidence source not found: ${missingEvidenceSources[0]}`);
+            throw new Error(`Maintenance evidence source not found: ${missingEvidenceSources[0]}`);
         }
-        const bundleAffectedPaths = targetType === "artifact-bundle" && referencedArtifactKinds.includes("implementation-proposal") && existsSync(targetPath)
-            ? asStringArray((() => {
-                const parsed = JSON.parse(readFileSync(targetPath, "utf8"));
-                if (!isRecord(parsed) || !Array.isArray(parsed.lifecycleArtifacts)) {
+        const referencedArtifactKinds = [
+            ...new Set(releaseReportRefs.flatMap((pathValue) => (repoRoot ? loadBundleArtifactKinds(join(repoRoot, pathValue)) : [])))
+        ];
+        const releasePayloadPaths = releaseReportRefs.flatMap((pathValue) => (repoRoot ? loadBundleArtifactPayloadPaths(join(repoRoot, pathValue)) : []));
+        const affectedPackagesOrDocs = [
+            ...new Set([...docsTaskRefs, ...releasePayloadPaths]
+                .map((pathValue) => derivePackageScope(pathValue) ?? pathValue)
+                .filter((value) => Boolean(value)))
+        ];
+        const maintenanceSignals = [
+            ...normalizedEvidenceSources.map((pathValue) => describeEvidenceObservation(repoRoot, pathValue)),
+            ...(dependencyAlertRefs.length > 0 ? ["Dependency alert references contribute bounded maintenance follow-up context."] : []),
+            ...(docsTaskRefs.length > 0 ? ["Documentation task references contribute bounded maintenance follow-up context."] : []),
+            ...(releaseReportRefs.length > 0 ? ["Release report references contribute bounded maintenance follow-up context."] : []),
+            ...(referencedArtifactKinds.length > 0 ? [`Referenced artifact kinds: ${referencedArtifactKinds.join(", ")}`] : [])
+        ];
+        const routingInputs = [
+            maintenanceRequest.maintenanceGoal,
+            ...dependencyAlertRefs,
+            ...docsTaskRefs,
+            ...releaseReportRefs,
+            ...maintenanceSignals
+        ];
+        const securitySignal = referencedArtifactKinds.includes("security-report") ||
+            includesAnyKeyword(routingInputs, ["security", "vulnerability", "vuln", "cve", "advisory"]);
+        const qaSignal = referencedArtifactKinds.includes("qa-report") ||
+            includesAnyKeyword(routingInputs, ["qa", "test", "coverage", "flaky"]);
+        const followUpWorkflowRefs = [
+            ...new Set([
+                ...(securitySignal ? ["security-review"] : []),
+                ...(dependencyAlertRefs.length > 0 || docsTaskRefs.length > 0 ? ["implementation-proposal"] : []),
+                ...(releaseReportRefs.length > 0 ? ["release-readiness"] : []),
+                ...(qaSignal ? ["qa-review"] : [])
+            ])
+        ];
+        const routingRecommendation = followUpWorkflowRefs[0] ?? "implementation-proposal";
+        const provenanceRefs = [
+            ...new Set([
+                ...dependencyAlertRefs,
+                ...docsTaskRefs,
+                ...releaseReportRefs.map((pathValue) => `${pathValue}#release-report`)
+            ])
+        ];
+        const normalization = maintenanceEvidenceNormalizationSchema.parse({
+            maintenanceGoal: maintenanceRequest.maintenanceGoal,
+            dependencyAlertRefs,
+            docsTaskRefs,
+            releaseReportRefs,
+            normalizedEvidenceSources,
+            missingEvidenceSources: [],
+            referencedArtifactKinds,
+            affectedPackagesOrDocs,
+            maintenanceSignals,
+            followUpWorkflowRefs,
+            routingRecommendation,
+            provenanceRefs
+        });
+        return agentOutputSchema.parse({
+            summary: `Normalized maintenance evidence across ${normalization.normalizedEvidenceSources.length} source(s) for ${maintenanceRequest.maintenanceGoal}.`,
+            findings: [],
+            proposedActions: [],
+            lifecycleArtifacts: [],
+            requestedTools: [],
+            blockedActionFlags: [],
+            metadata: normalization
+        });
+    }
+};
+const maintenanceAnalystAgent = {
+    manifest: agentManifestSchema.parse({
+        version: 1,
+        name: "maintenance-analyst",
+        displayName: "Maintenance Analyst",
+        category: "maintain",
+        runtime: {
+            minVersion: "0.1.0",
+            kind: "reasoning"
+        },
+        permissions: {
+            model: true,
+            network: false,
+            tools: [],
+            readPaths: ["**/*"],
+            writePaths: []
+        },
+        inputs: ["workflowInputs", "repo", "changes", "agentResults"],
+        outputs: ["lifecycleArtifacts"],
+        contextPolicy: {
+            sections: ["workflowInputs", "repo", "changes", "agentResults"],
+            minimalContext: true
+        },
+        catalog: {
+            domain: "maintain",
+            supportLevel: "internal",
+            maturity: "mvp",
+            trustScope: "official-core-only"
+        },
+        trust: {
+            tier: "core",
+            source: "official",
+            reviewed: true
+        }
+    }),
+    outputSchema: agentOutputSchema,
+    async execute({ state, stateSlice }) {
+        const maintenanceRequest = getWorkflowInput(stateSlice, "maintenanceRequest");
+        const maintenanceIssueRefs = getWorkflowInput(stateSlice, "maintenanceIssueRefs") ?? [];
+        const maintenanceGithubRefs = getWorkflowInput(stateSlice, "maintenanceGithubRefs") ?? [];
+        const requestFile = getWorkflowInput(stateSlice, "requestFile");
+        if (!maintenanceRequest) {
+            throw new Error("maintenance-triage requires validated maintenance inputs before maintenance analysis.");
+        }
+        const intakeMetadata = isRecord(stateSlice.agentResults?.intake?.metadata) ? stateSlice.agentResults.intake.metadata : {};
+        const evidenceMetadata = maintenanceEvidenceNormalizationSchema.safeParse(stateSlice.agentResults?.evidence?.metadata);
+        const normalizedEvidence = evidenceMetadata.success ? evidenceMetadata.data : undefined;
+        const dependencyAlertRefs = normalizedEvidence?.dependencyAlertRefs ??
+            (asStringArray(intakeMetadata.dependencyAlertRefs).length > 0
+                ? asStringArray(intakeMetadata.dependencyAlertRefs)
+                : maintenanceRequest.dependencyAlertRefs);
+        const docsTaskRefs = normalizedEvidence?.docsTaskRefs ??
+            (asStringArray(intakeMetadata.docsTaskRefs).length > 0
+                ? asStringArray(intakeMetadata.docsTaskRefs)
+                : maintenanceRequest.docsTaskRefs);
+        const releaseReportRefs = normalizedEvidence?.releaseReportRefs ??
+            (asStringArray(intakeMetadata.releaseReportRefs).length > 0
+                ? asStringArray(intakeMetadata.releaseReportRefs)
+                : maintenanceRequest.releaseReportRefs);
+        const normalizedConstraints = asStringArray(intakeMetadata.constraints);
+        const evidenceSources = normalizedEvidence?.normalizedEvidenceSources ?? [...new Set([...dependencyAlertRefs, ...docsTaskRefs, ...releaseReportRefs])];
+        const affectedPackagesOrDocs = normalizedEvidence?.affectedPackagesOrDocs ?? [];
+        const followUpWorkflowRefs = normalizedEvidence?.followUpWorkflowRefs ?? [];
+        const routingRecommendation = normalizedEvidence?.routingRecommendation ?? "implementation-proposal";
+        const maintenanceSignals = normalizedEvidence?.maintenanceSignals ?? [];
+        const referencedArtifactKinds = normalizedEvidence?.referencedArtifactKinds ?? [];
+        const currentFindings = [
+            ...(maintenanceSignals.length > 0
+                ? maintenanceSignals
+                : [
+                    ...(dependencyAlertRefs.length > 0 ? [`${dependencyAlertRefs.length} dependency alert reference(s) require maintenance triage.`] : []),
+                    ...(docsTaskRefs.length > 0 ? [`${docsTaskRefs.length} docs task reference(s) require maintenance triage.`] : []),
+                    ...(releaseReportRefs.length > 0 ? [`${releaseReportRefs.length} release-report reference(s) contribute maintenance follow-up context.`] : [])
+                ])
+        ];
+        const recommendedActions = [
+            ...dependencyAlertRefs.map((pathValue) => `Review dependency alert reference \`${pathValue}\` before choosing a follow-up workflow.`),
+            ...docsTaskRefs.map((pathValue) => `Review docs task reference \`${pathValue}\` before choosing a follow-up workflow.`),
+            ...releaseReportRefs.map((pathValue) => `Review release report reference \`${pathValue}\` for maintenance-linked follow-up work.`),
+            ...(affectedPackagesOrDocs.length > 0 ? [`Review the affected maintenance surfaces: ${affectedPackagesOrDocs.join(", ")}.`] : []),
+            ...(followUpWorkflowRefs.length > 0
+                ? [`Route the next bounded follow-up through ${routingRecommendation} (${followUpWorkflowRefs.join(", ")} considered).`]
+                : []),
+            ...(normalizedConstraints.length > 0 ? [`Keep maintenance follow-up bounded by: ${normalizedConstraints.join("; ")}.`] : [])
+        ];
+        const priorityAssessment = releaseReportRefs.length > 0 || dependencyAlertRefs.length > 1
+            ? "Elevated maintenance triage: release-linked or multi-alert follow-up should be prioritized before broader maintenance work."
+            : "Routine maintenance triage: review bounded references and route follow-up deliberately.";
+        const risks = [
+            ...(releaseReportRefs.length > 0 ? ["Release-linked maintenance follow-up can drift if release-readiness is deferred."] : []),
+            ...(dependencyAlertRefs.length > 0 ? ["Dependency alert follow-up can widen change scope once implementation work begins."] : []),
+            ...(docsTaskRefs.length > 0 ? ["Documentation debt can diverge from implemented behavior if maintenance triage is deferred."] : []),
+            ...(referencedArtifactKinds.includes("security-report")
+                ? ["Security-linked maintenance follow-up should remain prioritized until the linked evidence is resolved."]
+                : [])
+        ];
+        const stalenessSignals = [
+            ...(dependencyAlertRefs.length > 0 ? ["Dependency alert follow-up remains pending review."] : []),
+            ...(docsTaskRefs.length > 0 ? ["Documentation maintenance follow-up remains pending review."] : []),
+            ...(releaseReportRefs.length > 0 ? ["Release-linked maintenance follow-up remains pending review."] : [])
+        ];
+        const summary = `Maintenance report prepared for ${maintenanceRequest.maintenanceGoal}.`;
+        const maintenanceReport = maintenanceArtifactSchema.parse({
+            ...buildLifecycleArtifactEnvelopeBase(state, "Maintenance Triage", summary, [requestFile ?? ".agentops/requests/maintenance.yaml", ...evidenceSources], maintenanceIssueRefs, maintenanceGithubRefs),
+            artifactKind: "maintenance-report",
+            lifecycleDomain: "maintain",
+            payload: {
+                maintenanceScope: maintenanceRequest.maintenanceGoal,
+                evidenceSources,
+                affectedPackagesOrDocs,
+                currentFindings: currentFindings.length > 0
+                    ? currentFindings
+                    : ["Maintenance triage remained bounded to validated references; no additional findings were synthesized."],
+                recommendedActions: recommendedActions.length > 0
+                    ? recommendedActions
+                    : ["Add at least one bounded maintenance reference before broadening the workflow surface."],
+                routingRecommendation,
+                followUpWorkflowRefs,
+                risks,
+                priorityAssessment,
+                dependencyUpdates: dependencyAlertRefs,
+                docsUpdates: docsTaskRefs,
+                stalenessSignals,
+                followUpIssues: maintenanceIssueRefs
+            }
+        });
+        return agentOutputSchema.parse({
+            summary,
+            findings: [],
+            proposedActions: [],
+            lifecycleArtifacts: [maintenanceReport],
+            requestedTools: [],
+            blockedActionFlags: [],
+            confidence: 0.73,
+            metadata: {
+                deterministicInputs: {
+                    evidenceSources,
+                    dependencyAlertRefs,
+                    docsTaskRefs,
+                    releaseReportRefs,
+                    affectedPackagesOrDocs,
+                    maintenanceSignals,
+                    referencedArtifactKinds,
+                    issueRefs: maintenanceIssueRefs,
+                    constraints: normalizedConstraints
+                },
+                synthesizedAssessment: {
+                    priorityAssessment: maintenanceReport.payload.priorityAssessment,
+                    recommendedActions: maintenanceReport.payload.recommendedActions,
+                    routingRecommendation: maintenanceReport.payload.routingRecommendation,
+                    followUpWorkflowRefs: maintenanceReport.payload.followUpWorkflowRefs,
+                    risks: maintenanceReport.payload.risks,
+                    followUpIssues: maintenanceReport.payload.followUpIssues
+                }
+            }
+        });
+    }
+};
+const incidentAnalystAgent = {
+    manifest: agentManifestSchema.parse({
+        version: 1,
+        name: "incident-analyst",
+        displayName: "Incident Analyst",
+        category: "operate",
+        runtime: {
+            minVersion: "0.1.0",
+            kind: "reasoning"
+        },
+        permissions: {
+            model: true,
+            network: false,
+            tools: [],
+            readPaths: ["**/*"],
+            writePaths: []
+        },
+        inputs: ["workflowInputs", "repo", "changes", "agentResults"],
+        outputs: ["lifecycleArtifacts"],
+        contextPolicy: {
+            sections: ["workflowInputs", "repo", "changes", "agentResults"],
+            minimalContext: true
+        },
+        catalog: {
+            domain: "operate",
+            supportLevel: "internal",
+            maturity: "mvp",
+            trustScope: "official-core-only"
+        },
+        trust: {
+            tier: "core",
+            source: "official",
+            reviewed: true
+        }
+    }),
+    outputSchema: agentOutputSchema,
+    async execute({ state, stateSlice }) {
+        const incidentRequest = getWorkflowInput(stateSlice, "incidentRequest");
+        const requestFile = getWorkflowInput(stateSlice, "requestFile");
+        const incidentIssueRefs = getWorkflowInput(stateSlice, "incidentIssueRefs") ?? [];
+        const incidentGithubRefs = getWorkflowInput(stateSlice, "incidentGithubRefs") ?? [];
+        if (!incidentRequest) {
+            throw new Error("incident-handoff requires validated incident inputs before incident analysis.");
+        }
+        const intakeMetadata = isRecord(stateSlice.agentResults?.intake?.metadata) ? stateSlice.agentResults.intake.metadata : {};
+        const evidenceMetadata = incidentEvidenceNormalizationSchema.safeParse(stateSlice.agentResults?.evidence?.metadata);
+        const normalizedEvidence = evidenceMetadata.success ? evidenceMetadata.data : undefined;
+        const evidenceSources = normalizedEvidence?.normalizedEvidenceSources && normalizedEvidence.normalizedEvidenceSources.length > 0
+            ? normalizedEvidence.normalizedEvidenceSources
+            : asStringArray(intakeMetadata.evidenceSources).length > 0
+                ? [
+                    ...new Set([
+                        ...asStringArray(intakeMetadata.evidenceSources),
+                        ...asStringArray(intakeMetadata.releaseReportRefs)
+                    ])
+                ]
+                : [...new Set([...incidentRequest.evidenceSources, ...incidentRequest.releaseReportRefs])];
+        const severityHint = normalizedEvidence?.severityHint ??
+            (typeof intakeMetadata.severityHint === "string" ? intakeMetadata.severityHint : incidentRequest.severityHint);
+        const constraints = asStringArray(intakeMetadata.constraints);
+        const followUpWorkflowRefs = normalizedEvidence?.followUpWorkflowRefs && normalizedEvidence.followUpWorkflowRefs.length > 0
+            ? normalizedEvidence.followUpWorkflowRefs
+            : [
+                "maintenance-triage",
+                ...(incidentRequest.releaseReportRefs.length > 0 ? ["release-readiness"] : []),
+                ...(severityHint === "high" || severityHint === "critical" ? ["security-review"] : [])
+            ];
+        const likelyImpactedAreas = normalizedEvidence?.likelyImpactedAreas && normalizedEvidence.likelyImpactedAreas.length > 0
+            ? normalizedEvidence.likelyImpactedAreas
+            : [
+                ...(incidentRequest.releaseReportRefs.length > 0 ? ["release-readiness"] : []),
+                ...(incidentRequest.evidenceSources.length > 0 ? ["staged-operational-evidence"] : []),
+                ...(severityHint === "high" || severityHint === "critical" ? ["security-follow-up"] : [])
+            ];
+        const openQuestions = [
+            ...(incidentRequest.issueRefs.length === 0 ? ["Should this incident be linked to a tracked issue before escalation?"] : []),
+            ...(incidentRequest.releaseReportRefs.length === 0
+                ? ["Is there a release-report bundle that should be attached for additional provenance?"]
+                : [])
+        ];
+        const summary = `Incident brief prepared for ${incidentRequest.incidentSummary}.`;
+        const incidentBrief = incidentArtifactSchema.parse({
+            ...buildLifecycleArtifactEnvelopeBase(state, "Incident Handoff", summary, [requestFile ?? ".agentops/requests/incident.yaml", ...evidenceSources], incidentIssueRefs, incidentGithubRefs),
+            artifactKind: "incident-brief",
+            lifecycleDomain: "operate",
+            redaction: {
+                applied: true,
+                strategyVersion: "1.0.0",
+                categories: normalizedEvidence?.redactionCategories ?? [
+                    "github-token",
+                    "api-key",
+                    "aws-key",
+                    "bearer-token",
+                    "password",
+                    "private-key",
+                    "operational-sensitive"
+                ]
+            },
+            payload: {
+                incidentSummary: incidentRequest.incidentSummary,
+                evidenceSources,
+                timelineSummary: normalizedEvidence?.timelineSummary ?? [
+                    `Severity hint: ${severityHint}.`,
+                    `Validated ${incidentRequest.evidenceSources.length} staged evidence source(s) and ${incidentRequest.releaseReportRefs.length} release-report reference(s) before reasoning.`
+                ],
+                likelyImpactedAreas: likelyImpactedAreas.length > 0
+                    ? likelyImpactedAreas
+                    : ["manual incident triage is still required to identify impacted repository areas."],
+                followUpWorkflowRefs: [...new Set(followUpWorkflowRefs)],
+                openQuestions
+            }
+        });
+        return agentOutputSchema.parse({
+            summary,
+            findings: [],
+            proposedActions: [],
+            lifecycleArtifacts: [incidentBrief],
+            requestedTools: [],
+            blockedActionFlags: [],
+            confidence: severityHint === "critical" ? 0.7 : 0.74,
+            metadata: {
+                deterministicInputs: {
+                    severityHint,
+                    evidenceSources,
+                    issueRefs: incidentIssueRefs,
+                    constraints,
+                    normalizedEvidence: normalizedEvidence ?? null
+                },
+                synthesizedAssessment: {
+                    likelyImpactedAreas: incidentBrief.payload.likelyImpactedAreas,
+                    followUpWorkflowRefs: incidentBrief.payload.followUpWorkflowRefs,
+                    openQuestions: incidentBrief.payload.openQuestions
+                }
+            }
+        });
+    }
+};
+const releaseIntakeAgent = {
+    manifest: agentManifestSchema.parse({
+        version: 1,
+        name: "release-intake",
+        displayName: "Release Intake",
+        category: "release",
+        runtime: {
+            minVersion: "0.1.0",
+            kind: "deterministic"
+        },
+        permissions: {
+            model: false,
+            network: false,
+            tools: [],
+            readPaths: [".agentops/requests/**", ".agentops/runs/**"],
+            writePaths: []
+        },
+        inputs: ["workflowInputs", "repo"],
+        outputs: ["summary", "metadata"],
+        contextPolicy: {
+            sections: ["workflowInputs", "repo", "context"],
+            minimalContext: true
+        },
+        catalog: {
+            domain: "release",
+            supportLevel: "internal",
+            maturity: "mvp",
+            trustScope: "official-core-only"
+        },
+        trust: {
+            tier: "core",
+            source: "official",
+            reviewed: true
+        }
+    }),
+    outputSchema: agentOutputSchema,
+    async execute({ stateSlice }) {
+        const releaseRequest = getWorkflowInput(stateSlice, "releaseRequest");
+        const releaseIssueRefs = getWorkflowInput(stateSlice, "releaseIssueRefs") ?? [];
+        const releaseGithubRefs = getWorkflowInput(stateSlice, "releaseGithubRefs") ?? [];
+        const requestFile = getWorkflowInput(stateSlice, "requestFile");
+        if (!releaseRequest) {
+            throw new Error("release-readiness requires a validated release request before runtime execution.");
+        }
+        return agentOutputSchema.parse({
+            summary: `Loaded release request from ${requestFile ?? ".agentops/requests/release.yaml"} for ${releaseRequest.releaseScope}.`,
+            findings: [],
+            proposedActions: [],
+            lifecycleArtifacts: [],
+            requestedTools: [],
+            blockedActionFlags: [],
+            metadata: {
+                ...releaseRequestSchema.parse(releaseRequest),
+                releaseIssueRefs,
+                releaseGithubRefs,
+                evidenceSourceCount: releaseRequest.qaReportRefs.length + releaseRequest.securityReportRefs.length + releaseRequest.evidenceSources.length
+            }
+        });
+    }
+};
+const releaseEvidenceNormalizationAgent = {
+    manifest: agentManifestSchema.parse({
+        version: 1,
+        name: "release-evidence-normalizer",
+        displayName: "Release Evidence Normalizer",
+        category: "release",
+        runtime: {
+            minVersion: "0.1.0",
+            kind: "deterministic"
+        },
+        permissions: {
+            model: false,
+            network: false,
+            tools: [],
+            readPaths: [".agentops/requests/**", ".agentops/runs/**", "**/*.json", "**/*.md", "**/package.json"],
+            writePaths: []
+        },
+        inputs: ["workflowInputs", "repo", "agentResults"],
+        outputs: ["summary", "metadata"],
+        contextPolicy: {
+            sections: ["workflowInputs", "repo", "agentResults"],
+            minimalContext: true
+        },
+        catalog: {
+            domain: "release",
+            supportLevel: "internal",
+            maturity: "mvp",
+            trustScope: "official-core-only"
+        },
+        trust: {
+            tier: "core",
+            source: "official",
+            reviewed: true
+        }
+    }),
+    outputSchema: agentOutputSchema,
+    async execute({ stateSlice }) {
+        const releaseRequest = getWorkflowInput(stateSlice, "releaseRequest");
+        if (!releaseRequest) {
+            throw new Error("release-readiness requires validated release request inputs before evidence normalization.");
+        }
+        const repoRoot = stateSlice.repo?.root;
+        const intakeMetadata = isRecord(stateSlice.agentResults?.intake?.metadata) ? stateSlice.agentResults.intake.metadata : {};
+        const qaReportRefs = asStringArray(intakeMetadata.qaReportRefs).length > 0
+            ? asStringArray(intakeMetadata.qaReportRefs)
+            : releaseRequest.qaReportRefs;
+        const securityReportRefs = asStringArray(intakeMetadata.securityReportRefs).length > 0
+            ? asStringArray(intakeMetadata.securityReportRefs)
+            : releaseRequest.securityReportRefs;
+        const evidenceSources = asStringArray(intakeMetadata.evidenceSources).length > 0
+            ? asStringArray(intakeMetadata.evidenceSources)
+            : releaseRequest.evidenceSources;
+        const normalizedEvidenceSources = [...new Set([...qaReportRefs, ...securityReportRefs, ...evidenceSources])];
+        const missingEvidenceSources = normalizedEvidenceSources.filter((pathValue) => repoRoot && !existsSync(join(repoRoot, pathValue)));
+        if (missingEvidenceSources.length > 0) {
+            throw new Error(`Release evidence source not found: ${missingEvidenceSources[0]}`);
+        }
+        const versionResolutions = releaseRequest.versionTargets.map((target) => {
+            const resolved = resolveWorkspacePackage(repoRoot, target.name);
+            return {
+                name: target.name,
+                targetVersion: target.version,
+                currentVersion: resolved.currentVersion,
+                status: !resolved.currentVersion
+                    ? "package-missing"
+                    : resolved.currentVersion === target.version
+                        ? "matches-target"
+                        : "pending-version-bump",
+                manifestPath: resolved.manifestPath
+            };
+        });
+        const missingPackages = versionResolutions.filter((entry) => entry.status === "package-missing").map((entry) => entry.name);
+        const versionCheckStatus = missingPackages.length === 0 ? "passed" : "failed";
+        const baseReadinessStatus = qaReportRefs.length > 0 && securityReportRefs.length > 0
+            ? "ready"
+            : qaReportRefs.length > 0 || securityReportRefs.length > 0
+                ? "partial"
+                : "blocked";
+        const readinessStatus = missingPackages.length > 0 ? "blocked" : baseReadinessStatus;
+        const localReadinessChecks = [
+            {
+                name: "qa-report-refs",
+                status: qaReportRefs.length > 0 ? "passed" : "skipped",
+                detail: qaReportRefs.length > 0
+                    ? `Using ${qaReportRefs.length} validated QA report reference(s).`
+                    : "No QA report references were supplied."
+            },
+            {
+                name: "security-report-refs",
+                status: securityReportRefs.length > 0 ? "passed" : "skipped",
+                detail: securityReportRefs.length > 0
+                    ? `Using ${securityReportRefs.length} validated security report reference(s).`
+                    : "No security report references were supplied."
+            },
+            {
+                name: "local-release-evidence",
+                status: evidenceSources.length > 0 ? "passed" : "skipped",
+                detail: evidenceSources.length > 0
+                    ? `Using ${evidenceSources.length} bounded local release evidence source(s).`
+                    : "No additional local release evidence sources were supplied."
+            },
+            {
+                name: "workspace-version-targets",
+                status: versionCheckStatus,
+                detail: missingPackages.length === 0
+                    ? `Resolved ${versionResolutions.length} workspace version target(s).`
+                    : `Missing workspace package metadata for: ${missingPackages.join(", ")}.`
+            }
+        ];
+        const approvalRecommendations = [
+            {
+                action: "publish-packages",
+                classification: readinessStatus === "ready" ? "approval_required" : "deny",
+                reason: readinessStatus === "ready"
+                    ? "Package publication remains outside the default read-only workflow path and needs explicit release approval."
+                    : "Keep package publication blocked until bounded release evidence is complete and normalized."
+            },
+            {
+                action: "create-release-tag",
+                classification: readinessStatus === "ready" ? "approval_required" : "deny",
+                reason: readinessStatus === "ready"
+                    ? "Tag creation is a release-significant side effect and remains approval-gated."
+                    : "Do not create release tags while readiness remains partial or blocked."
+            },
+            {
+                action: "promote-release",
+                classification: readinessStatus === "ready" ? "approval_required" : "deny",
+                reason: readinessStatus === "ready"
+                    ? "Promotion remains a release-significant side effect and requires explicit maintainer approval."
+                    : "Keep release promotion blocked until bounded QA and security evidence is complete."
+            }
+        ];
+        const provenanceRefs = [
+            ...normalizedEvidenceSources,
+            ...versionResolutions
+                .map((entry) => entry.manifestPath)
+                .filter((value) => Boolean(value))
+        ];
+        const normalization = releaseEvidenceNormalizationSchema.parse({
+            qaReportRefs,
+            securityReportRefs,
+            normalizedEvidenceSources,
+            missingEvidenceSources: [],
+            versionResolutions: versionResolutions.map((entry) => ({
+                name: entry.name,
+                targetVersion: entry.targetVersion,
+                currentVersion: entry.currentVersion,
+                status: entry.status
+            })),
+            localReadinessChecks,
+            readinessStatus,
+            approvalRecommendations,
+            provenanceRefs: [...new Set(provenanceRefs)]
+        });
+        return agentOutputSchema.parse({
+            summary: `Normalized release evidence across ${normalization.normalizedEvidenceSources.length} source(s) and ${normalization.versionResolutions.length} version target(s).`,
+            findings: [],
+            proposedActions: [],
+            lifecycleArtifacts: [],
+            requestedTools: [],
+            blockedActionFlags: [],
+            metadata: normalization
+        });
+    }
+};
+const releaseAnalystAgent = {
+    manifest: agentManifestSchema.parse({
+        version: 1,
+        name: "release-analyst",
+        displayName: "Release Analyst",
+        category: "release",
+        runtime: {
+            minVersion: "0.1.0",
+            kind: "reasoning"
+        },
+        permissions: {
+            model: true,
+            network: false,
+            tools: [],
+            readPaths: ["**/*"],
+            writePaths: []
+        },
+        inputs: ["workflowInputs", "repo", "agentResults"],
+        outputs: ["lifecycleArtifacts"],
+        contextPolicy: {
+            sections: ["workflowInputs", "repo", "agentResults"],
+            minimalContext: true
+        },
+        catalog: {
+            domain: "release",
+            supportLevel: "internal",
+            maturity: "mvp",
+            trustScope: "official-core-only"
+        },
+        trust: {
+            tier: "core",
+            source: "official",
+            reviewed: true
+        }
+    }),
+    outputSchema: agentOutputSchema,
+    async execute({ state, stateSlice }) {
+        const releaseRequest = getWorkflowInput(stateSlice, "releaseRequest");
+        const releaseIssueRefs = getWorkflowInput(stateSlice, "releaseIssueRefs") ?? [];
+        const releaseGithubRefs = getWorkflowInput(stateSlice, "releaseGithubRefs") ?? [];
+        const requestFile = getWorkflowInput(stateSlice, "requestFile");
+        if (!releaseRequest) {
+            throw new Error("release-readiness requires validated release inputs before release analysis.");
+        }
+        const intakeMetadata = isRecord(stateSlice.agentResults?.intake?.metadata) ? stateSlice.agentResults.intake.metadata : {};
+        const evidenceMetadata = releaseEvidenceNormalizationSchema.safeParse(stateSlice.agentResults?.evidence?.metadata);
+        const normalizedEvidence = evidenceMetadata.success ? evidenceMetadata.data : undefined;
+        const qaReportRefs = normalizedEvidence?.qaReportRefs && normalizedEvidence.qaReportRefs.length > 0
+            ? normalizedEvidence.qaReportRefs
+            : asStringArray(intakeMetadata.qaReportRefs).length > 0
+                ? asStringArray(intakeMetadata.qaReportRefs)
+                : releaseRequest.qaReportRefs;
+        const securityReportRefs = normalizedEvidence?.securityReportRefs && normalizedEvidence.securityReportRefs.length > 0
+            ? normalizedEvidence.securityReportRefs
+            : asStringArray(intakeMetadata.securityReportRefs).length > 0
+                ? asStringArray(intakeMetadata.securityReportRefs)
+                : releaseRequest.securityReportRefs;
+        const evidenceSources = normalizedEvidence?.normalizedEvidenceSources && normalizedEvidence.normalizedEvidenceSources.length > 0
+            ? normalizedEvidence.normalizedEvidenceSources
+            : asStringArray(intakeMetadata.evidenceSources).length > 0
+                ? asStringArray(intakeMetadata.evidenceSources)
+                : releaseRequest.evidenceSources;
+        const constraints = asStringArray(intakeMetadata.constraints);
+        const allEvidenceRefs = [...new Set([...qaReportRefs, ...securityReportRefs, ...evidenceSources])];
+        const versionResolutions = normalizedEvidence?.versionResolutions ?? [];
+        const verificationChecks = normalizedEvidence?.localReadinessChecks ?? [
+            {
+                name: "qa-report-refs",
+                status: qaReportRefs.length > 0 ? "passed" : "skipped",
+                detail: qaReportRefs.length > 0
+                    ? `Using ${qaReportRefs.length} validated QA report reference(s).`
+                    : "No QA report references were supplied."
+            },
+            {
+                name: "security-report-refs",
+                status: securityReportRefs.length > 0 ? "passed" : "skipped",
+                detail: securityReportRefs.length > 0
+                    ? `Using ${securityReportRefs.length} validated security report reference(s).`
+                    : "No security report references were supplied."
+            },
+            {
+                name: "local-release-evidence",
+                status: evidenceSources.length > 0 ? "passed" : "skipped",
+                detail: evidenceSources.length > 0
+                    ? `Using ${evidenceSources.length} bounded local release evidence source(s).`
+                    : "No additional local release evidence sources were supplied."
+            }
+        ];
+        const readinessStatus = normalizedEvidence?.readinessStatus ??
+            (qaReportRefs.length > 0 && securityReportRefs.length > 0
+                ? "ready"
+                : qaReportRefs.length > 0 || securityReportRefs.length > 0
+                    ? "partial"
+                    : "blocked");
+        const approvalRecommendations = normalizedEvidence?.approvalRecommendations ?? [
+            {
+                action: "publish-packages",
+                classification: readinessStatus === "ready" ? "approval_required" : "deny",
+                reason: readinessStatus === "ready"
+                    ? "Package publication remains outside the default read-only workflow path and needs explicit release approval."
+                    : "Keep package publication blocked until bounded release evidence is complete and normalized."
+            }
+        ];
+        const summary = `Release report prepared for ${releaseRequest.releaseScope}.`;
+        const publishingPlan = [
+            ...(versionResolutions.length > 0
+                ? [`Resolved ${versionResolutions.length} workspace version target(s) before any publish or promotion step.`]
+                : []),
+            "Review the bounded QA and security evidence before invoking any publish or promotion step.",
+            "Run `agentforge release check --json` and `agentforge release verify --json` before any release cut.",
+            ...approvalRecommendations.map((recommendation) => `${recommendation.action}: ${recommendation.classification.replaceAll("_", " ")} (${recommendation.reason})`),
+            "Keep trusted publishing and tag or publish actions outside this default read-only workflow path."
+        ];
+        const rollbackNotes = [
+            "Use the release report to decide whether to pause or defer promotion before any publish step.",
+            "If readiness remains partial or blocked, keep the current version set unchanged and resolve evidence gaps first."
+        ];
+        const externalDependencies = [
+            ...(qaReportRefs.length > 0 ? ["Validated QA report inputs remain available for reviewer inspection."] : []),
+            ...(securityReportRefs.length > 0 ? ["Validated security report inputs remain available for reviewer inspection."] : [])
+        ];
+        const releaseReport = releaseArtifactSchema.parse({
+            ...buildLifecycleArtifactEnvelopeBase(state, "Release Readiness", summary, [requestFile ?? ".agentops/requests/release.yaml", ...allEvidenceRefs], releaseIssueRefs, releaseGithubRefs),
+            artifactKind: "release-report",
+            lifecycleDomain: "release",
+            payload: {
+                releaseScope: releaseRequest.releaseScope,
+                versionTargets: releaseRequest.versionTargets,
+                readinessStatus,
+                verificationChecks: verificationChecks.map((check) => ({ ...check })),
+                versionResolutions,
+                approvalRecommendations: approvalRecommendations.map((recommendation) => releaseApprovalRecommendationSchema.parse(recommendation)),
+                publishingPlan,
+                trustStatus: "trusted-publishing-reviewed-separately",
+                publishedPackages: [],
+                tagRefs: [],
+                provenanceRefs: allEvidenceRefs,
+                rollbackNotes,
+                externalDependencies
+            }
+        });
+        return agentOutputSchema.parse({
+            summary,
+            findings: [],
+            proposedActions: [],
+            lifecycleArtifacts: [releaseReport],
+            requestedTools: [],
+            blockedActionFlags: [],
+            confidence: 0.77,
+            metadata: {
+                deterministicInputs: {
+                    versionTargets: releaseRequest.versionTargets,
+                    qaReportRefs,
+                    securityReportRefs,
+                    evidenceSources,
+                    constraints,
+                    normalizedEvidence: normalizedEvidence ?? null
+                },
+                synthesizedAssessment: {
+                    readinessStatus,
+                    approvalRecommendations,
+                    publishingPlan,
+                    rollbackNotes
+                }
+            }
+        });
+    }
+};
+const securityEvidenceNormalizationAgent = {
+    manifest: agentManifestSchema.parse({
+        version: 1,
+        name: "security-evidence-normalizer",
+        displayName: "Security Evidence Normalizer",
+        category: "security",
+        runtime: {
+            minVersion: "0.1.0",
+            kind: "deterministic"
+        },
+        permissions: {
+            model: false,
+            network: false,
+            tools: [],
+            readPaths: [".agentops/requests/**", ".agentops/runs/**", "**/*.json", "**/*.md", "**/package.json"],
+            writePaths: []
+        },
+        inputs: ["workflowInputs", "repo", "agentResults"],
+        outputs: ["summary", "metadata"],
+        contextPolicy: {
+            sections: ["workflowInputs", "repo", "agentResults"],
+            minimalContext: true
+        },
+        catalog: {
+            domain: "security",
+            supportLevel: "internal",
+            maturity: "mvp",
+            trustScope: "official-core-only"
+        },
+        trust: {
+            tier: "core",
+            source: "official",
+            reviewed: true
+        }
+    }),
+    outputSchema: agentOutputSchema,
+    async execute({ stateSlice }) {
+        const securityRequest = getWorkflowInput(stateSlice, "securityRequest");
+        if (!securityRequest) {
+            throw new Error("security-review requires validated security request inputs before evidence normalization.");
+        }
+        const repoRoot = stateSlice.repo?.root;
+        const intakeMetadata = isRecord(stateSlice.agentResults?.intake?.metadata) ? stateSlice.agentResults.intake.metadata : {};
+        const targetType = typeof intakeMetadata.targetType === "string" && intakeMetadata.targetType === "artifact-bundle"
+            ? "artifact-bundle"
+            : "local-reference";
+        const targetPath = repoRoot ? join(repoRoot, securityRequest.targetRef) : securityRequest.targetRef;
+        if (repoRoot && !existsSync(targetPath)) {
+            throw new Error(`Security target reference not found: ${securityRequest.targetRef}`);
+        }
+        const referencedArtifactKinds = targetType === "artifact-bundle" ? loadBundleArtifactKinds(targetPath) : [];
+        const normalizedEvidenceSources = [...new Set([securityRequest.targetRef, ...securityRequest.evidenceSources])];
+        const missingEvidenceSources = normalizedEvidenceSources.filter((pathValue) => repoRoot && !existsSync(join(repoRoot, pathValue)));
+        if (missingEvidenceSources.length > 0) {
+            throw new Error(`Security evidence source not found: ${missingEvidenceSources[0]}`);
+        }
+        const normalizedFocusAreas = securityRequest.focusAreas.length > 0 ? [...new Set(securityRequest.focusAreas)] : ["general-review"];
+        const affectedPackages = targetType === "artifact-bundle"
+            ? [...new Set(loadBundleArtifactPayloadPaths(targetPath).map(derivePackageScope).filter((value) => Boolean(value)))]
+            : [];
+        const securitySignals = [
+            ...(referencedArtifactKinds.length > 0 ? [`Referenced artifact kinds: ${referencedArtifactKinds.join(", ")}`] : []),
+            ...(affectedPackages.length > 0 ? [`Affected packages inferred from bounded artifact payloads: ${affectedPackages.join(", ")}`] : []),
+            ...(normalizedFocusAreas.length > 0 ? [`Requested focus areas: ${normalizedFocusAreas.join(", ")}`] : []),
+            "Security evidence collection remains local, read-only, and bounded to validated references."
+        ];
+        const provenanceRefs = [
+            securityRequest.targetRef,
+            ...securityRequest.evidenceSources,
+            ...referencedArtifactKinds.map((artifactKind) => `${securityRequest.targetRef}#${artifactKind}`)
+        ];
+        const normalization = securityEvidenceNormalizationSchema.parse({
+            targetRef: securityRequest.targetRef,
+            targetType,
+            referencedArtifactKinds,
+            normalizedEvidenceSources,
+            missingEvidenceSources: [],
+            normalizedFocusAreas,
+            securitySignals,
+            provenanceRefs: [...new Set(provenanceRefs)],
+            affectedPackages
+        });
+        return agentOutputSchema.parse({
+            summary: `Normalized security evidence for ${securityRequest.targetRef}.`,
+            findings: [],
+            proposedActions: [],
+            lifecycleArtifacts: [],
+            requestedTools: [],
+            blockedActionFlags: [],
+            metadata: normalization
+        });
+    }
+};
+const securityAnalystAgent = {
+    manifest: agentManifestSchema.parse({
+        version: 1,
+        name: "security-analyst",
+        displayName: "Security Analyst",
+        category: "security",
+        runtime: {
+            minVersion: "0.1.0",
+            kind: "reasoning"
+        },
+        permissions: {
+            model: true,
+            network: false,
+            tools: [],
+            readPaths: ["**/*"],
+            writePaths: []
+        },
+        inputs: ["workflowInputs", "repo", "changes", "agentResults"],
+        outputs: ["lifecycleArtifacts"],
+        contextPolicy: {
+            sections: ["workflowInputs", "repo", "changes", "agentResults"],
+            minimalContext: true
+        },
+        catalog: {
+            domain: "security",
+            supportLevel: "internal",
+            maturity: "mvp",
+            trustScope: "official-core-only"
+        },
+        trust: {
+            tier: "core",
+            source: "official",
+            reviewed: true
+        }
+    }),
+    outputSchema: agentOutputSchema,
+    async execute({ state, stateSlice }) {
+        const securityRequest = getWorkflowInput(stateSlice, "securityRequest");
+        const securityIssueRefs = getWorkflowInput(stateSlice, "securityIssueRefs") ?? [];
+        const securityGithubRefs = getWorkflowInput(stateSlice, "securityGithubRefs") ?? [];
+        const requestFile = getWorkflowInput(stateSlice, "requestFile");
+        if (!securityRequest) {
+            throw new Error("security-review requires validated security inputs before security analysis.");
+        }
+        const intakeMetadata = isRecord(stateSlice.agentResults?.intake?.metadata) ? stateSlice.agentResults.intake.metadata : {};
+        const evidenceMetadata = securityEvidenceNormalizationSchema.safeParse(stateSlice.agentResults?.evidence?.metadata);
+        const normalizedEvidence = evidenceMetadata.success ? evidenceMetadata.data : undefined;
+        const referencedArtifactKinds = normalizedEvidence?.referencedArtifactKinds ?? asStringArray(intakeMetadata.referencedArtifactKinds);
+        const normalizedFocusAreas = normalizedEvidence?.normalizedFocusAreas ?? asStringArray(intakeMetadata.focusAreas);
+        const normalizedConstraints = asStringArray(intakeMetadata.constraints);
+        const evidenceSources = normalizedEvidence?.normalizedEvidenceSources && normalizedEvidence.normalizedEvidenceSources.length > 0
+            ? normalizedEvidence.normalizedEvidenceSources
+            : asStringArray(intakeMetadata.evidenceSources).length > 0
+                ? asStringArray(intakeMetadata.evidenceSources)
+                : [...new Set([securityRequest.targetRef, ...securityRequest.evidenceSources])];
+        const focusAreas = normalizedFocusAreas.length > 0 ? normalizedFocusAreas : securityRequest.focusAreas;
+        const inferredSeverity = securityRequest.releaseContext === "blocking" ? "high" : securityRequest.releaseContext === "candidate" ? "medium" : "low";
+        const findings = focusAreas.length > 0
+            ? focusAreas.map((focusArea, index) => ({
+                id: `security-finding-${index + 1}`,
+                title: `Inspect ${focusArea} evidence before promotion`,
+                summary: `Security review flagged ${focusArea} for bounded follow-up on ${securityRequest.targetRef}.`,
+                severity: inferredSeverity,
+                rationale: "The MVP security workflow synthesizes a structured report from validated references before deterministic evidence normalization lands.",
+                confidence: 0.76,
+                location: securityRequest.targetRef,
+                tags: ["security", focusArea]
+            }))
+            : [
+                {
+                    id: "security-finding-1",
+                    title: "Inspect referenced security evidence before promotion",
+                    summary: `Security review requires bounded interpretation of the referenced evidence for ${securityRequest.targetRef}.`,
+                    severity: inferredSeverity,
+                    rationale: "The current security workflow is read-only and request-driven, so findings remain tied to validated local references rather than automatic scanning.",
+                    confidence: 0.72,
+                    location: securityRequest.targetRef,
+                    tags: ["security", "evidence"]
+                }
+            ];
+        const mitigations = [
+            ...focusAreas.map((focusArea) => `Review ${focusArea} evidence and document the release impact before promotion.`),
+            ...(normalizedConstraints.length > 0 ? [`Keep security follow-up bounded by: ${normalizedConstraints.join("; ")}.`] : [])
+        ];
+        const followUpWork = [
+            ...(normalizedEvidence?.securitySignals ?? []),
+            ...(referencedArtifactKinds.length > 0
+                ? [`Confirm the security posture for referenced artifacts: ${referencedArtifactKinds.join(", ")}.`]
+                : []),
+            "Use deterministic security evidence normalization outputs before broadening the workflow surface."
+        ];
+        const summary = `Security report prepared for ${securityRequest.targetRef}.`;
+        const securityReport = securityArtifactSchema.parse({
+            ...buildLifecycleArtifactEnvelopeBase(state, "Security Review", summary, [
+                requestFile ?? ".agentops/requests/security.yaml",
+                ...(normalizedEvidence?.provenanceRefs ?? [securityRequest.targetRef, ...securityRequest.evidenceSources])
+            ], securityIssueRefs, securityGithubRefs),
+            artifactKind: "security-report",
+            lifecycleDomain: "security",
+            redaction: {
+                applied: true,
+                strategyVersion: "1.0.0",
+                categories: ["github-token", "api-key", "aws-key", "bearer-token", "password", "private-key", "security-sensitive"]
+            },
+            payload: {
+                targetRef: securityRequest.targetRef,
+                evidenceSources,
+                findings,
+                severitySummary: `highest severity: ${inferredSeverity}; ${findings.length} synthesized security finding(s).`,
+                mitigations: mitigations.length > 0
+                    ? mitigations
+                    : ["Review the referenced security evidence before promoting this workflow output."],
+                releaseImpact: securityRequest.releaseContext === "blocking"
+                    ? "release-blocking security findings require resolution before promotion."
+                    : securityRequest.releaseContext === "candidate"
+                        ? "candidate release requires explicit security review before promotion."
+                        : "no release context was supplied; security output remains advisory.",
+                followUpWork
+            }
+        });
+        return agentOutputSchema.parse({
+            summary,
+            findings: [],
+            proposedActions: [],
+            lifecycleArtifacts: [securityReport],
+            requestedTools: [],
+            blockedActionFlags: [],
+            confidence: 0.76,
+            metadata: {
+                deterministicInputs: {
+                    targetRef: securityRequest.targetRef,
+                    evidenceSources,
+                    focusAreas,
+                    constraints: normalizedConstraints,
+                    referencedArtifactKinds,
+                    normalizedEvidence: normalizedEvidence ?? null
+                },
+                synthesizedAssessment: {
+                    severitySummary: securityReport.payload.severitySummary,
+                    mitigations: securityReport.payload.mitigations,
+                    followUpWork: securityReport.payload.followUpWork
+                }
+            }
+        });
+    }
+};
+const qaEvidenceNormalizationAgent = {
+    manifest: agentManifestSchema.parse({
+        version: 1,
+        name: "qa-evidence-normalizer",
+        displayName: "QA Evidence Normalizer",
+        category: "qa",
+        runtime: {
+            minVersion: "0.1.0",
+            kind: "deterministic"
+        },
+        permissions: {
+            model: false,
+            network: false,
+            tools: [],
+            readPaths: [".agentops/requests/**", ".agentops/runs/**", "**/package.json", "**/*.json", "**/*.xml", "**/*.log", "**/*.md"],
+            writePaths: []
+        },
+        inputs: ["workflowInputs", "repo", "agentResults"],
+        outputs: ["summary", "metadata"],
+        contextPolicy: {
+            sections: ["workflowInputs", "repo", "agentResults"],
+            minimalContext: true
+        },
+        catalog: {
+            domain: "test",
+            supportLevel: "internal",
+            maturity: "mvp",
+            trustScope: "official-core-only"
+        },
+        trust: {
+            tier: "core",
+            source: "official",
+            reviewed: true
+        }
+    }),
+    outputSchema: agentOutputSchema,
+    async execute({ stateSlice }) {
+        const qaRequest = getWorkflowInput(stateSlice, "qaRequest");
+        if (!qaRequest) {
+            throw new Error("qa-review requires validated QA request inputs before evidence normalization.");
+        }
+        const repoRoot = stateSlice.repo?.root;
+        const packageManager = stateSlice.repo?.packageManager || "pnpm";
+        const intakeMetadata = isRecord(stateSlice.agentResults?.intake?.metadata) ? stateSlice.agentResults.intake.metadata : {};
+        const targetType = typeof intakeMetadata.targetType === "string" ? intakeMetadata.targetType : "local-reference";
+        const targetPath = repoRoot ? join(repoRoot, qaRequest.targetRef) : qaRequest.targetRef;
+        if (repoRoot && !existsSync(targetPath)) {
+            throw new Error(`QA target reference not found: ${qaRequest.targetRef}`);
+        }
+        const referencedArtifactKinds = targetType === "artifact-bundle" ? loadBundleArtifactKinds(targetPath) : [];
+        const normalizedEvidenceSources = [...new Set([qaRequest.targetRef, ...qaRequest.evidenceSources])];
+        const missingEvidenceSources = normalizedEvidenceSources.filter((pathValue) => repoRoot && !existsSync(join(repoRoot, pathValue)));
+        if (missingEvidenceSources.length > 0) {
+            throw new Error(`QA evidence source not found: ${missingEvidenceSources[0]}`);
+        }
+        const bundleAffectedPaths = targetType === "artifact-bundle" && referencedArtifactKinds.includes("implementation-proposal") && existsSync(targetPath)
+            ? asStringArray((() => {
+                const parsed = JSON.parse(readFileSync(targetPath, "utf8"));
+                if (!isRecord(parsed) || !Array.isArray(parsed.lifecycleArtifacts)) {
                     return [];
                 }
                 const implementationArtifact = parsed.lifecycleArtifacts.find((artifact) => isRecord(artifact) &&
@@ -1069,6 +2217,7 @@ const qaEvidenceNormalizationAgent = {
         const allowlistedCommands = new Set(allowedValidationCommands.map((entry) => entry.command));
         const normalizedExecutedChecks = qaRequest.executedChecks.map(normalizeRequestedCommand);
         const unrecognizedExecutedChecks = normalizedExecutedChecks.filter((command) => !allowlistedCommands.has(command));
+        const githubActions = normalizeGitHubActionsEvidence(repoRoot, normalizedEvidenceSources);
         const normalization = qaEvidenceNormalizationSchema.parse({
             targetRef: qaRequest.targetRef,
             targetType,
@@ -1078,10 +2227,11 @@ const qaEvidenceNormalizationAgent = {
             normalizedExecutedChecks,
             unrecognizedExecutedChecks,
             affectedPackages,
-            allowedValidationCommands
+            allowedValidationCommands,
+            githubActions
         });
         return agentOutputSchema.parse({
-            summary: `Normalized QA evidence across ${normalization.normalizedEvidenceSources.length} source(s) and ${normalization.allowedValidationCommands.length} allowlisted validation command(s).`,
+            summary: `Normalized QA evidence across ${normalization.normalizedEvidenceSources.length} source(s), ${normalization.allowedValidationCommands.length} allowlisted validation command(s), and ${normalization.githubActions.evidence.length} GitHub Actions evidence export(s).`,
             findings: [],
             proposedActions: [],
             lifecycleArtifacts: [],
@@ -1129,20 +2279,31 @@ const qaAnalystAgent = {
     outputSchema: agentOutputSchema,
     async execute({ state, stateSlice }) {
         const qaRequest = getWorkflowInput(stateSlice, "qaRequest");
+        const qaIssueRefs = getWorkflowInput(stateSlice, "qaIssueRefs") ?? [];
+        const qaGithubRefs = getWorkflowInput(stateSlice, "qaGithubRefs") ?? [];
         const requestFile = getWorkflowInput(stateSlice, "requestFile");
         if (!qaRequest) {
             throw new Error("qa-review requires validated QA inputs before QA analysis.");
         }
         const intakeMetadata = isRecord(stateSlice.agentResults?.intake?.metadata) ? stateSlice.agentResults.intake.metadata : {};
-        const evidenceMetadata = isRecord(stateSlice.agentResults?.evidence?.metadata) ? stateSlice.agentResults.evidence.metadata : {};
-        const normalizedEvidenceSources = asStringArray(evidenceMetadata.normalizedEvidenceSources);
-        const normalizedExecutedChecks = asStringArray(evidenceMetadata.normalizedExecutedChecks);
+        const evidenceMetadata = qaEvidenceNormalizationSchema.safeParse(stateSlice.agentResults?.evidence?.metadata);
+        const normalizedEvidence = evidenceMetadata.success ? evidenceMetadata.data : undefined;
+        const normalizedEvidenceSources = normalizedEvidence?.normalizedEvidenceSources ?? [];
+        const normalizedExecutedChecks = normalizedEvidence?.normalizedExecutedChecks ?? [];
         const normalizedFocusAreas = asStringArray(intakeMetadata.focusAreas);
         const normalizedConstraints = asStringArray(intakeMetadata.constraints);
-        const missingEvidenceSources = asStringArray(evidenceMetadata.missingEvidenceSources);
-        const unrecognizedExecutedChecks = asStringArray(evidenceMetadata.unrecognizedExecutedChecks);
-        const targetType = typeof evidenceMetadata.targetType === "string"
-            ? evidenceMetadata.targetType
+        const missingEvidenceSources = normalizedEvidence?.missingEvidenceSources ?? [];
+        const unrecognizedExecutedChecks = normalizedEvidence?.unrecognizedExecutedChecks ?? [];
+        const normalizedGithubActions = normalizedEvidence
+            ? normalizedEvidence.githubActions
+            : {
+                evidence: [],
+                workflowNames: [],
+                failingChecks: [],
+                provenanceRefs: []
+            };
+        const targetType = normalizedEvidence?.targetType
+            ? normalizedEvidence.targetType
             : typeof intakeMetadata.targetType === "string"
                 ? intakeMetadata.targetType
                 : "local-reference";
@@ -1179,16 +2340,23 @@ const qaAnalystAgent = {
             ...missingEvidenceSources.map((pathValue) => `Referenced QA evidence is missing: ${pathValue}`),
             ...(focusAreas.includes("coverage") ? ["Coverage evidence still needs deterministic normalization before it can be promoted to an official QA signal."] : []),
             ...(executedChecks.length === 0 ? ["No executed validation checks were recorded in the request."] : []),
-            ...unrecognizedExecutedChecks.map((command) => `Executed check is outside the bounded allowlist and still needs manual interpretation: ${command}`)
+            ...unrecognizedExecutedChecks.map((command) => `Executed check is outside the bounded allowlist and still needs manual interpretation: ${command}`),
+            ...normalizedGithubActions.failingChecks.map((checkName) => `GitHub Actions evidence still reports a failing check that needs manual review: ${checkName}`)
         ];
         const recommendedNextChecks = [
             ...executedChecks.map((command) => `Review the recorded output for \`${command}\` before promotion.`),
             ...focusAreas.map((focusArea) => `Confirm whether ${focusArea} needs additional deterministic QA evidence.`),
+            ...normalizedGithubActions.workflowNames.map((workflowName) => `Review the exported GitHub Actions evidence for workflow \`${workflowName}\` before promotion.`),
             ...(normalizedConstraints.length > 0 ? [`Keep QA follow-up bounded by: ${normalizedConstraints.join("; ")}.`] : [])
         ];
         const summary = `QA report prepared for ${qaRequest.targetRef}.`;
+        const releaseImpactBase = qaRequest.releaseContext === "blocking"
+            ? "release-blocking QA findings require resolution before promotion."
+            : qaRequest.releaseContext === "candidate"
+                ? "candidate release still requires explicit QA review before promotion."
+                : "no release context was supplied; QA output remains advisory.";
         const qaReport = qaArtifactSchema.parse({
-            ...buildArtifactEnvelopeBase(state, summary, [requestFile ?? ".agentops/requests/qa.yaml", qaRequest.targetRef, ...qaRequest.evidenceSources], []),
+            ...buildArtifactEnvelopeBase(state, summary, [requestFile ?? ".agentops/requests/qa.yaml", qaRequest.targetRef, ...qaRequest.evidenceSources], qaIssueRefs, qaGithubRefs),
             artifactKind: "qa-report",
             lifecycleDomain: "test",
             workflow: {
@@ -1204,11 +2372,9 @@ const qaAnalystAgent = {
                 recommendedNextChecks: recommendedNextChecks.length > 0
                     ? recommendedNextChecks
                     : ["Capture additional bounded QA evidence before promotion."],
-                releaseImpact: qaRequest.releaseContext === "blocking"
-                    ? "release-blocking QA findings require resolution before promotion."
-                    : qaRequest.releaseContext === "candidate"
-                        ? "candidate release still requires explicit QA review before promotion."
-                        : "no release context was supplied; QA output remains advisory."
+                releaseImpact: normalizedGithubActions.failingChecks.length > 0
+                    ? `${releaseImpactBase} GitHub Actions evidence still shows failing checks: ${normalizedGithubActions.failingChecks.join(", ")}.`
+                    : releaseImpactBase
             }
         });
         return agentOutputSchema.parse({
@@ -1226,7 +2392,8 @@ const qaAnalystAgent = {
                     evidenceSources,
                     executedChecks,
                     focusAreas,
-                    constraints: normalizedConstraints
+                    constraints: normalizedConstraints,
+                    githubActions: normalizedGithubActions
                 },
                 synthesizedAssessment: {
                     releaseContext: qaRequest.releaseContext,
@@ -1435,7 +2602,7 @@ const implementationPlannerAgent = {
         ];
         const summary = `Implementation proposal prepared for ${implementationRequest.implementationGoal}.`;
         const implementationProposal = implementationArtifactSchema.parse({
-            ...buildArtifactEnvelopeBase(state, summary, [requestFile ?? ".agentops/requests/implementation.yaml", implementationRequest.designRecordRef], designRecord.source.issueRefs),
+            ...buildArtifactEnvelopeBase(state, summary, [requestFile ?? ".agentops/requests/implementation.yaml", implementationRequest.designRecordRef], designRecord.source.issueRefs, designRecord.source.githubRefs),
             artifactKind: "implementation-proposal",
             lifecycleDomain: "build",
             workflow: {
@@ -1548,7 +2715,7 @@ const designAnalystAgent = {
         ];
         const summary = `Design record prepared for ${designRequest.decisionTarget}.`;
         const designRecord = designArtifactSchema.parse({
-            ...buildArtifactEnvelopeBase(state, summary, [requestFile ?? ".agentops/requests/design.yaml", designRequest.planningBriefRef], planningBrief.source.issueRefs),
+            ...buildArtifactEnvelopeBase(state, summary, [requestFile ?? ".agentops/requests/design.yaml", designRequest.planningBriefRef], planningBrief.source.issueRefs, planningBrief.source.githubRefs),
             artifactKind: "design-record",
             lifecycleDomain: "design",
             workflow: {
@@ -1837,6 +3004,15 @@ export function createBuiltinAgentRegistry() {
         ["implementation-intake", implementationIntakeAgent],
         ["qa-intake", qaIntakeAgent],
         ["security-intake", securityIntakeAgent],
+        ["incident-intake", incidentIntakeAgent],
+        ["incident-evidence-normalizer", incidentEvidenceNormalizationAgent],
+        ["maintenance-intake", maintenanceIntakeAgent],
+        ["maintenance-evidence-normalizer", maintenanceEvidenceNormalizerAgent],
+        ["maintenance-analyst", maintenanceAnalystAgent],
+        ["incident-analyst", incidentAnalystAgent],
+        ["release-intake", releaseIntakeAgent],
+        ["release-evidence-normalizer", releaseEvidenceNormalizationAgent],
+        ["release-analyst", releaseAnalystAgent],
         ["security-evidence-normalizer", securityEvidenceNormalizationAgent],
         ["security-analyst", securityAnalystAgent],
         ["qa-evidence-normalizer", qaEvidenceNormalizationAgent],