@jigyasudham/veto 0.8.0

package/dist/skills/quality/skill-security-scan.js

@@ -0,0 +1,67 @@
+// Skill: security-scan — OWASP Top 10 scan process with tool commands
+export function run(input) {
+    return {
+        skill: 'security-scan',
+        template: undefined,
+        checklist: [
+            // Dependency scanning
+            '1. Run npm audit: npx npm audit --audit-level=high (fail CI if high/critical found)',
+            '2. Run Snyk for deeper CVE analysis: npx snyk test --severity-threshold=high',
+            '3. Check for outdated packages: npx npm-check-updates (review before upgrading)',
+            '4. Verify lockfile integrity: npm ci (uses lockfile exactly; fails if lockfile is dirty)',
+            // Secrets scanning
+            '5. Scan for hardcoded secrets: npx gitleaks detect --source . --verbose',
+            '6. Run trufflehog on git history: trufflehog git file://. --since-commit HEAD~20',
+            '7. Verify .gitignore covers .env, *.key, *.pem, secrets.json, credentials.json',
+            // Static analysis
+            '8. Run ESLint security plugin: eslint --plugin security --rule "security/detect-eval-with-expression: error"',
+            '9. Run Semgrep OWASP ruleset: semgrep --config=p/owasp-top-ten --error .',
+            '10. Run CodeQL (GitHub Actions): use codeql-action/analyze with javascript/typescript queries',
+            // A01 – Broken Access Control
+            '11. A01 – Review every route handler: confirm auth middleware precedes data access',
+            '12. A01 – Search for direct object references: grep -r "req.params.id" src/ — verify ownership check in each',
+            // A02 – Cryptographic Failures
+            '13. A02 – Search for weak hashes: grep -r "md5\\|sha1\\|DES\\|RC4" src/ (flag any match)',
+            '14. A02 – Verify HTTPS enforcement: check for HSTS header and HTTP→HTTPS redirect in server config',
+            // A03 – Injection
+            '15. A03 – Search for SQL concatenation: grep -r "SELECT.*+" src/ — all DB calls should use parameterised queries',
+            '16. A03 – Search for eval: grep -rn "eval(" src/ — no eval() in production code',
+            // A05 – Misconfiguration
+            '17. A05 – Run security headers check: curl -I https://your-domain.com | grep -E "Content-Security|X-Frame|Strict-Transport|X-Content"',
+            '18. A05 – Verify no debug routes in production: grep -r "/debug\\|/__admin" src/routes/',
+            // A07 – Auth failures
+            '19. A07 – Confirm rate limiting on auth endpoints: grep -r "rateLimit" src/routes/auth',
+            '20. A07 – Verify account lockout logic exists: grep -r "lockedUntil\\|failedAttempts" src/services/auth',
+            // DAST
+            '21. Run OWASP ZAP baseline scan: docker run -t owasp/zap2docker-stable zap-baseline.py -t https://staging.example.com',
+            '22. Check Content-Security-Policy with observatory: npx observatory-cli your-domain.com --format report',
+            // Final gate
+            '23. Review all HIGH/CRITICAL findings; create tickets for each; do not ship with open criticals',
+            '24. Add security scan steps to CI pipeline so every PR is checked automatically',
+        ],
+        patterns: [
+            'Shift-left security: scan in CI on every PR, not only before release',
+            'Defence in depth: layered scanning (dependency + static + dynamic)',
+            'Fail-fast: non-zero CI exit code on any high/critical finding',
+            'Security-as-code: Semgrep rules and ZAP configs version-controlled alongside application',
+        ],
+        gotchas: [
+            'npm audit reports transitive dependency vulnerabilities — check if exploitable in your code path before panicking',
+            'Semgrep false positives on test files — add --exclude "tests/" to production scans',
+            'ZAP baseline scan covers only unauthenticated paths — run a full scan with an auth script for coverage',
+            'Gitleaks detects secrets committed at any point in history, not just HEAD — clean git history with git-filter-repo if needed',
+            'Snyk requires authentication for full CVE database access — set SNYK_TOKEN in CI secrets',
+        ],
+        resources: [
+            'https://owasp.org/www-project-top-ten/',
+            'https://owasp.org/www-project-zap/',
+            'https://semgrep.dev/p/owasp-top-ten',
+            'https://github.com/gitleaks/gitleaks',
+            'https://snyk.io/docs/snyk-cli/',
+            'https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html',
+            'https://docs.npmjs.com/cli/v10/commands/npm-audit',
+            'https://observatory.mozilla.org/',
+        ],
+    };
+}
+//# sourceMappingURL=skill-security-scan.js.map

package/dist/skills/quality/skill-test-suite.js

@@ -0,0 +1,274 @@
+// Skill: test-suite — complete test suite structure guide
+const TEMPLATE = `
+// ── Unit test: ItemService (tests/unit/item.service.test.ts) ──────────────
+import { describe, it, expect, beforeEach, vi } from 'vitest';
+import { ItemService } from '../../src/services/item.service';
+import type { ItemRepository } from '../../src/repositories/item.repository';
+
+// Test fixture factory — create minimal valid objects
+function makeItem(overrides: Partial<Item> = {}): Item {
+  return {
+    id: 'item-1',
+    name: 'Test Item',
+    userId: 'user-1',
+    createdAt: new Date('2024-01-01'),
+    updatedAt: new Date('2024-01-01'),
+    ...overrides,
+  };
+}
+
+describe('ItemService', () => {
+  let service: ItemService;
+  let repo: ItemRepository;
+
+  beforeEach(() => {
+    repo = {
+      findById: vi.fn(),
+      findAllByUser: vi.fn(),
+      create: vi.fn(),
+      update: vi.fn(),
+      delete: vi.fn(),
+    };
+    service = new ItemService(repo);
+  });
+
+  // ── Happy path ──────────────────────────────────────────────────────────
+  describe('getItem', () => {
+    it('returns the item when found and owned by the requesting user', async () => {
+      const item = makeItem({ userId: 'user-1' });
+      vi.mocked(repo.findById).mockResolvedValue(item);
+
+      const result = await service.getItem('item-1', 'user-1');
+      expect(result).toEqual(item);
+    });
+
+    // ── Error cases ───────────────────────────────────────────────────────
+    it('throws NotFoundError when item does not exist', async () => {
+      vi.mocked(repo.findById).mockResolvedValue(null);
+      await expect(service.getItem('missing', 'user-1')).rejects.toThrow(NotFoundError);
+    });
+
+    it('throws ForbiddenError when item belongs to a different user', async () => {
+      const item = makeItem({ userId: 'user-2' });
+      vi.mocked(repo.findById).mockResolvedValue(item);
+      await expect(service.getItem('item-1', 'user-1')).rejects.toThrow(ForbiddenError);
+    });
+  });
+
+  // ── Edge cases ─────────────────────────────────────────────────────────
+  describe('createItem', () => {
+    it('trims whitespace from name before storing', async () => {
+      const item = makeItem({ name: 'Trimmed' });
+      vi.mocked(repo.create).mockResolvedValue(item);
+
+      await service.createItem('user-1', { name: '  Trimmed  ' });
+      expect(repo.create).toHaveBeenCalledWith('user-1', { name: 'Trimmed' });
+    });
+
+    it('propagates repository errors', async () => {
+      vi.mocked(repo.create).mockRejectedValue(new Error('DB connection failed'));
+      await expect(service.createItem('user-1', { name: 'x' })).rejects.toThrow('DB connection failed');
+    });
+  });
+});
+
+// ── Integration test: Items API (tests/integration/items.test.ts) ─────────
+import request from 'supertest';
+import { createApp } from '../../src/app';
+import { signAccessToken } from '../../src/utils/tokens';
+
+describe('Items API', () => {
+  let app: Express.Application;
+  let authToken: string;
+
+  beforeAll(async () => {
+    app = await createApp({ db: testDb });
+    authToken = signAccessToken('user-1', 'user');
+    await testDb.user.create({ data: { id: 'user-1', email: 'test@example.com', passwordHash: 'x' } });
+  });
+
+  afterEach(async () => {
+    await testDb.item.deleteMany();
+  });
+
+  describe('GET /v1/items', () => {
+    it('returns empty list when no items exist', async () => {
+      const res = await request(app)
+        .get('/v1/items')
+        .set('Authorization', \`Bearer \${authToken}\`);
+
+      expect(res.status).toBe(200);
+      expect(res.body.data).toEqual([]);
+    });
+
+    it('returns only items belonging to the authenticated user', async () => {
+      await testDb.item.createMany({
+        data: [
+          { name: 'My Item', userId: 'user-1' },
+          { name: 'Other Item', userId: 'user-2' },
+        ],
+      });
+
+      const res = await request(app)
+        .get('/v1/items')
+        .set('Authorization', \`Bearer \${authToken}\`);
+
+      expect(res.status).toBe(200);
+      expect(res.body.data).toHaveLength(1);
+      expect(res.body.data[0].name).toBe('My Item');
+    });
+
+    it('returns 401 when no token provided', async () => {
+      const res = await request(app).get('/v1/items');
+      expect(res.status).toBe(401);
+    });
+  });
+
+  describe('POST /v1/items', () => {
+    it('creates an item and returns 201 with Location header', async () => {
+      const res = await request(app)
+        .post('/v1/items')
+        .set('Authorization', \`Bearer \${authToken}\`)
+        .send({ name: 'New Item', description: 'A test item' });
+
+      expect(res.status).toBe(201);
+      expect(res.headers['location']).toMatch(/\\/v1\\/items\\//);
+      expect(res.body.data.name).toBe('New Item');
+    });
+
+    it('returns 422 when name is missing', async () => {
+      const res = await request(app)
+        .post('/v1/items')
+        .set('Authorization', \`Bearer \${authToken}\`)
+        .send({ description: 'No name' });
+
+      expect(res.status).toBe(422);
+      expect(res.body.error.code).toBe('VALIDATION_ERROR');
+    });
+  });
+
+  describe('GET /v1/items/:id', () => {
+    it('returns 403 when requesting another user\\'s item', async () => {
+      const item = await testDb.item.create({ data: { name: 'Other', userId: 'user-2' } });
+
+      const res = await request(app)
+        .get(\`/v1/items/\${item.id}\`)
+        .set('Authorization', \`Bearer \${authToken}\`);
+
+      expect(res.status).toBe(403);
+    });
+
+    it('returns 404 when item does not exist', async () => {
+      const res = await request(app)
+        .get('/v1/items/00000000-0000-0000-0000-000000000000')
+        .set('Authorization', \`Bearer \${authToken}\`);
+
+      expect(res.status).toBe(404);
+    });
+  });
+});
+
+// ── E2E test: full user journey (tests/e2e/user-journey.test.ts) ──────────
+describe('User journey: register → create item → retrieve → delete', () => {
+  let accessToken: string;
+  let itemId: string;
+
+  it('registers a new user', async () => {
+    const res = await request(app)
+      .post('/v1/auth/register')
+      .send({ email: 'journey@example.com', password: 'SecurePass123!' });
+    expect(res.status).toBe(201);
+  });
+
+  it('logs in and receives an access token', async () => {
+    const res = await request(app)
+      .post('/v1/auth/login')
+      .send({ email: 'journey@example.com', password: 'SecurePass123!' });
+    expect(res.status).toBe(200);
+    accessToken = res.body.data.accessToken;
+  });
+
+  it('creates an item', async () => {
+    const res = await request(app)
+      .post('/v1/items')
+      .set('Authorization', \`Bearer \${accessToken}\`)
+      .send({ name: 'Journey Item' });
+    expect(res.status).toBe(201);
+    itemId = res.body.data.id;
+  });
+
+  it('retrieves the created item', async () => {
+    const res = await request(app)
+      .get(\`/v1/items/\${itemId}\`)
+      .set('Authorization', \`Bearer \${accessToken}\`);
+    expect(res.status).toBe(200);
+    expect(res.body.data.name).toBe('Journey Item');
+  });
+
+  it('deletes the item', async () => {
+    const res = await request(app)
+      .delete(\`/v1/items/\${itemId}\`)
+      .set('Authorization', \`Bearer \${accessToken}\`);
+    expect(res.status).toBe(204);
+  });
+
+  it('confirms item is gone after deletion', async () => {
+    const res = await request(app)
+      .get(\`/v1/items/\${itemId}\`)
+      .set('Authorization', \`Bearer \${accessToken}\`);
+    expect(res.status).toBe(404);
+  });
+});
+`.trim();
+export function run(input) {
+    return {
+        skill: 'test-suite',
+        template: TEMPLATE,
+        checklist: [
+            'Install vitest (or jest) and supertest: npm install -D vitest supertest @types/supertest',
+            'Configure vitest.config.ts: coverage provider v8, include src/**/*.ts, threshold 80%',
+            'Create tests/ directory with unit/, integration/, and e2e/ subdirectories',
+            'Write test fixture factories that create minimal valid objects with optional overrides',
+            'Unit tests: test each service method in isolation — mock all dependencies with vi.fn()',
+            'Unit test happy path: expected input produces expected output',
+            'Unit test error cases: not found, forbidden, validation errors, repository failures',
+            'Unit test edge cases: empty strings, boundary values, null/undefined, concurrent calls',
+            'Integration tests: use supertest to send HTTP requests to the real Express app',
+            'Integration test auth: verify 401 without token, 401 with expired token, 200 with valid token',
+            'Integration test authorisation: verify 403 when accessing another user\'s resource',
+            'Integration test validation: verify 422 with missing required fields, invalid types, out-of-range values',
+            'Integration test pagination: verify page=1&pageSize=2 returns 2 items, meta.total is correct',
+            'E2E tests: simulate a complete user journey from registration through full workflow to deletion',
+            'Run coverage report: npx vitest run --coverage; verify no critical paths are uncovered',
+            'Add CI step: vitest run --coverage --reporter=verbose fails the build if coverage < 80%',
+            'Use afterEach to clean up test data; never rely on test execution order',
+            'Separate test database or use transactions that are rolled back after each test',
+            'Snapshot tests for complex output shapes (e.g., generated reports, API response structure)',
+            'Add test for rate-limiting endpoint: 11th request in window should return 429',
+        ],
+        patterns: [
+            'AAA pattern: Arrange → Act → Assert in every test case',
+            'Test fixture factory: makeUser(), makeItem() functions with optional overrides',
+            'Mock at the boundary: mock repositories in unit tests, use real DB in integration tests',
+            'Test pyramid: many unit tests, fewer integration tests, few E2E tests',
+            'Describe → nested describe → it hierarchy mirrors the module structure',
+        ],
+        gotchas: [
+            'Testing implementation details instead of behaviour — tests break on every refactor',
+            'Sharing mutable state between tests without cleanup — flaky test ordering dependency',
+            'Mocking too deep: mocking the DB client instead of the repository causes brittle tests',
+            'Not testing error paths — happy-path-only coverage misses the most bug-prone code',
+            'Writing assertions on the wrong field — test passes but is not actually verifying the behaviour',
+            'Not testing auth in integration tests — security bugs not caught until production',
+            'Using setTimeout in tests without fake timers — slow and non-deterministic',
+        ],
+        resources: [
+            'https://vitest.dev/guide/',
+            'https://github.com/ladjs/supertest',
+            'https://martinfowler.com/articles/practical-test-pyramid.html',
+            'https://testing-library.com/docs/ (for React component tests)',
+            'https://jestjs.io/docs/expect (matcher reference, compatible with vitest)',
+        ],
+    };
+}
+//# sourceMappingURL=skill-test-suite.js.map

package/dist/skills/workflow/skill-deploy.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=skill-deploy.js.map

package/dist/skills/workflow/skill-git-workflow.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=skill-git-workflow.js.map

package/dist/skills/workflow/skill-rollback.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=skill-rollback.js.map

package/dist/skills/workflow/skill-task-breakdown.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=skill-task-breakdown.js.map

package/package.json

@@ -0,0 +1,30 @@
+{
+  "name": "@jigyasudham/veto",
+  "version": "0.8.0",
+  "description": "50 agents. 28 skills. 3 AIs. Self-learning. Zero extra cost.",
+  "keywords": ["mcp", "ai", "claude", "agents", "memory", "council"],
+  "author": "Jigyasu Dham <jigyasudham18@gmail.com>",
+  "license": "MIT",
+  "type": "module",
+  "engines": {
+    "node": ">=22.5.0"
+  },
+  "bin": {
+    "veto": "./dist/cli.js"
+  },
+  "main": "./dist/server.js",
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsx src/cli.ts",
+    "start": "node dist/server.js",
+    "init": "tsx src/cli.ts init"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.0.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "tsx": "^4.7.0",
+    "typescript": "^5.3.0"
+  }
+}

package/src/adapters/claude.ts

@@ -0,0 +1,70 @@
+// Claude Code adapter — connection config, rate signal detection, handoff format
+
+export const PLATFORM = 'claude' as const;
+
+export type AdapterSetup = {
+  platform: string;
+  mcp_config: object;
+  setup_steps: string[];
+  rate_limit_signals: string[];
+  continue_command: string;
+  notes: string[];
+};
+
+export function getSetup(vetoServerPath: string): AdapterSetup {
+  return {
+    platform: 'claude',
+    mcp_config: {
+      mcpServers: {
+        veto: {
+          command: 'node',
+          args: [vetoServerPath],
+        },
+      },
+    },
+    setup_steps: [
+      `1. Build veto: npm run build`,
+      `2. Add to ~/.claude/mcp_servers.json:\n${JSON.stringify({ mcpServers: { veto: { command: 'node', args: [vetoServerPath] } } }, null, 2)}`,
+      `3. Restart Claude Code`,
+      `4. Verify: call veto_status — should return { "status": "running", "version": "0.7.0" }`,
+    ],
+    rate_limit_signals: [
+      'rate limit exceeded',
+      'too many requests',
+      '429',
+      'overloaded',
+      'capacity',
+      'quota exceeded',
+    ],
+    continue_command: 'veto_continue',
+    notes: [
+      'Claude Code connects to Veto via stdio MCP — the server runs as a child process',
+      'All veto_* tools are available natively in Claude Code once connected',
+      'Rate limits are tracked by Veto per day — call veto_rate_status to check headroom',
+      'Before hitting the limit: call veto_handoff to get a session ID and switch instructions',
+    ],
+  };
+}
+
+export function detectRateLimit(errorText: string): boolean {
+  const signals = ['rate limit', 'too many requests', '429', 'overloaded', 'quota'];
+  return signals.some(s => errorText.toLowerCase().includes(s));
+}
+
+export function formatHandoffMessage(sessionId: string, targetPlatform: 'gemini' | 'codex'): string {
+  const target = targetPlatform === 'gemini' ? 'Gemini CLI' : 'Codex CLI';
+  return [
+    `Claude is approaching its rate limit. Switching to ${target}.`,
+    ``,
+    `Session saved. ID: ${sessionId}`,
+    ``,
+    `On ${target}, run:`,
+    `  veto_continue`,
+    ``,
+    `Veto will restore full context automatically. Nothing needs to be re-explained.`,
+  ].join('\n');
+}
+
+export function formatSwitchPrompt(sessionId: string): string {
+  return `Rate limit approaching. Session saved (ID: ${sessionId}). Call veto_continue on the next platform to resume instantly.`;
+}

package/src/adapters/codex.ts

@@ -0,0 +1,71 @@
+// Codex CLI adapter — connection config, rate signal detection, handoff format
+// Codex CLI: https://github.com/openai/codex
+
+export const PLATFORM = 'codex' as const;
+
+export type AdapterSetup = {
+  platform: string;
+  mcp_config: object;
+  setup_steps: string[];
+  rate_limit_signals: string[];
+  continue_command: string;
+  notes: string[];
+};
+
+export function getSetup(vetoServerPath: string): AdapterSetup {
+  return {
+    platform: 'codex',
+    mcp_config: {
+      mcpServers: {
+        veto: {
+          command: 'node',
+          args: [vetoServerPath],
+        },
+      },
+    },
+    setup_steps: [
+      `1. Install Codex CLI: npm install -g @openai/codex`,
+      `2. Set API key: export OPENAI_API_KEY=your-key`,
+      `3. Add to ~/.codex/config.json:\n${JSON.stringify({ mcpServers: { veto: { command: 'node', args: [vetoServerPath] } } }, null, 2)}`,
+      `4. Restart Codex CLI`,
+      `5. Verify: call veto_status — should return { "status": "running", "version": "0.7.0" }`,
+    ],
+    rate_limit_signals: [
+      'rate limit reached',
+      'too many requests',
+      '429',
+      'insufficient quota',
+      'rate_limit_exceeded',
+      'quota_exceeded',
+    ],
+    continue_command: 'veto_continue',
+    notes: [
+      'Codex CLI connects to Veto via stdio MCP — same server instance as Claude and Gemini',
+      'Config path: ~/.codex/config.json (created automatically on first run)',
+      'All veto_* tools work identically on Codex as on Claude and Gemini',
+      'Codex is the Tier 1/2 overflow when both Claude and Gemini are rate-limited',
+      'Uses GPT-4o / o4-mini depending on the tier assigned by the Veto router',
+      'ChatGPT web app does NOT support MCP — Codex CLI is the only OpenAI option',
+    ],
+  };
+}
+
+export function detectRateLimit(errorText: string): boolean {
+  const signals = ['rate limit', 'too many requests', '429', 'insufficient quota', 'rate_limit_exceeded'];
+  return signals.some(s => errorText.toLowerCase().includes(s.toLowerCase()));
+}
+
+export function formatHandoffMessage(sessionId: string, fromPlatform: 'claude' | 'gemini'): string {
+  const from = fromPlatform === 'claude' ? 'Claude' : 'Gemini';
+  return [
+    `${from} handed off to Codex. Session restored.`,
+    ``,
+    `Session ID: ${sessionId}`,
+    ``,
+    `Codex has full context. Continue the task as if nothing interrupted.`,
+  ].join('\n');
+}
+
+export function formatContinueInstructions(): string {
+  return 'Run: veto_continue\nVeto will restore the most recent session automatically.';
+}

package/src/adapters/gemini.ts

@@ -0,0 +1,71 @@
+// Gemini CLI adapter — connection config, rate signal detection, handoff format
+// Gemini CLI MCP support: https://github.com/google-gemini/gemini-cli
+
+export const PLATFORM = 'gemini' as const;
+
+export type AdapterSetup = {
+  platform: string;
+  mcp_config: object;
+  setup_steps: string[];
+  rate_limit_signals: string[];
+  continue_command: string;
+  notes: string[];
+};
+
+export function getSetup(vetoServerPath: string): AdapterSetup {
+  return {
+    platform: 'gemini',
+    mcp_config: {
+      mcpServers: {
+        veto: {
+          command: 'node',
+          args: [vetoServerPath],
+        },
+      },
+    },
+    setup_steps: [
+      `1. Install Gemini CLI: npm install -g @google/gemini-cli`,
+      `2. Authenticate: gemini auth`,
+      `3. Add to ~/.gemini/settings.json:\n${JSON.stringify({ mcpServers: { veto: { command: 'node', args: [vetoServerPath] } } }, null, 2)}`,
+      `4. Restart Gemini CLI`,
+      `5. Verify: call veto_status — should return { "status": "running", "version": "0.7.0" }`,
+    ],
+    rate_limit_signals: [
+      'quota exceeded',
+      'resource exhausted',
+      '429',
+      'rate limit',
+      'too many requests',
+      'RESOURCE_EXHAUSTED',
+    ],
+    continue_command: 'veto_continue',
+    notes: [
+      'Gemini CLI connects to Veto via stdio MCP — same server instance as Claude',
+      'Gemini CLI uses the same ~/.gemini/settings.json for MCP server config',
+      'All veto_* tools work identically on Gemini as on Claude',
+      'Gemini Flash is the default Tier 1/2 overflow platform when Claude is rate-limited',
+      'Free tier: 1,500 requests/day (15 RPM) — Veto tracks this in rate_usage table',
+    ],
+  };
+}
+
+export function detectRateLimit(errorText: string): boolean {
+  const signals = ['quota exceeded', 'resource exhausted', '429', 'rate limit', 'RESOURCE_EXHAUSTED'];
+  return signals.some(s => errorText.toLowerCase().includes(s.toLowerCase()));
+}
+
+export function formatHandoffMessage(sessionId: string, fromPlatform: 'claude' | 'codex'): string {
+  const from = fromPlatform === 'claude' ? 'Claude' : 'Codex';
+  return [
+    `${from} handed off to Gemini. Session restored.`,
+    ``,
+    `Session ID: ${sessionId}`,
+    ``,
+    `Gemini has full context. Continue the task as if nothing interrupted.`,
+    `Call veto_session_restore { "session_id": "${sessionId}" } if context needs refreshing.`,
+  ].join('\n');
+}
+
+export function formatContinueInstructions(): string {
+  return 'Run: veto_continue\nVeto will restore the most recent session automatically.';
+}