@jigyasudham/veto 0.8.3 → 1.1.0

package/README.md

@@ -1,8 +1,8 @@
 # veto
 
-> **50 agents. 28 skills. 3 AIs. Self-learning. Zero extra cost.**
+> **50 agents. 34 tools. 3 AIs. Self-learning. Zero extra cost.**
 
-An MCP server that runs locally on your machine, plugs into Claude Code, Codex CLI, and Gemini CLI using your existing subscriptions — giving every AI a council of specialist agents, persistent cross-platform memory, a self-learning router, and the ability to say no to bad decisions.
+An MCP server that runs locally on your machine, plugs into Claude Code, Codex CLI, and Gemini CLI using your existing subscriptions — giving every AI a council of specialist agents, persistent cross-platform memory, a self-learning router, reactive file watching, sequential agent pipelines, and the ability to say no to bad decisions.
 
 ---
 
@@ -11,25 +11,12 @@ An MCP server that runs locally on your machine, plugs into Claude Code, Codex C
 | Requirement | Version | Notes |
 |---|---|---|
 | **Node.js** | 22.5.0 or higher | Required — uses the built-in `node:sqlite` module (no native compilation). Download at [nodejs.org](https://nodejs.org). |
-| **At least one AI CLI** | Latest | Claude Code, Gemini CLI, or Codex CLI — whichever you use. Veto works with all three. See below. |
+| **At least one AI CLI** | Latest | Claude Code, Gemini CLI, or Codex CLI — whichever you use. Veto works with all three. |
 
-**Check your Node version:**
 ```bash
 node --version   # must be v22.5.0 or higher
 ```
 
-If you're on an older version, update Node before continuing — Veto will fail silently on Node 18 or 20 because `node:sqlite` does not exist in those versions.
-
-**Install whichever AI CLI(s) you use — Veto works with all of them:**
-
-| Platform | Install | Auth |
-|---|---|---|
-| **Claude Code** | [claude.ai/code](https://claude.ai/code) | Sign in via browser |
-| **Gemini CLI** | `npm install -g @google/gemini-cli` | `gemini auth` |
-| **Codex CLI** | `npm install -g @openai/codex` | `export OPENAI_API_KEY=your-key` |
-
-You only need one to get started. Install more to enable cross-platform handoff.
-
 ---
 
 ## Quick Start
@@ -38,7 +25,7 @@ You only need one to get started. Install more to enable cross-platform handoff.
 npx @jigyasudham/veto@latest init
 ```
 
-The `init` command prints the exact config snippet for your platform. Paste it into your MCP config file:
+`init` auto-detects every AI tool installed on your machine, configures them all, and builds a project map from your current directory — no manual steps.
 
 | Platform | Config file |
 |---|---|
@@ -49,8 +36,6 @@ The `init` command prints the exact config snippet for your platform. Paste it i
 | **Windsurf** | `~/.codeium/windsurf/mcp_config.json` |
 | **VS Code** | `.vscode/mcp.json` |
 
-Claude Code, Gemini, Codex, Cursor, and Windsurf all use `"mcpServers"`:
-
 ```json
 {
   "mcpServers": {
@@ -80,13 +65,29 @@ VS Code uses `"servers"` with `"type": "stdio"`:
 
 **Council** — Before any significant task, 7 specialist agents debate it in parallel and return a GREEN / YELLOW / RED / DEADLOCK verdict. Bad decisions get blocked before any code is written.
 
-**Router** — Every task is scored locally (zero tokens) and sent to the right model tier. Rate limits are tracked across all 3 platforms. The router self-adjusts over time from recorded outcomes.
+**Codebase-aware agents** — Pass `project_dir` to any tool and Veto auto-reads `package.json`, detects your tech stack, and injects recent `git diff` context. Every agent responds to your actual project, not generic templates.
+
+**Structured output** — Every agent result carries `confidence`, `severity`, `recommendation`, `affected_files`, and `line_refs` — composable and actionable.
+
+**Router** — Every task is scored locally (zero tokens) and sent to the right model tier. Rate limits are tracked across all 3 platforms. The router self-adjusts from recorded outcomes and learns which agents perform best per file type.
+
+**50 Agents** — Domain experts for every task type. Each agent knows when it is the right tool and when to defer.
+
+**Memory** — Sessions, decisions, knowledge, and coding patterns persist across every conversation and every platform. Memory is automatically scoped to the active session's project directory — two instances working on different projects stay isolated without any extra configuration.
+
+**Diff review** — `veto_diff_review` runs code review, security scan, and secrets scan in parallel across a git diff. Returns a pass/warn/fail verdict with per-file findings — ready for CI and pre-commit hooks.
 
-**50 Agents** — Domain experts for every task type. Each agent knows when it is the right tool and when to defer to another.
+**File watching** — `veto_watch` monitors your project and tells you which agent to call when files change.
 
-**Memory** — Sessions, decisions, knowledge, and coding patterns persist across every conversation and every platform.
+**Sequential pipelines** — `veto_workflow` runs a chain of agents with pass/fail gates end to end.
 
-**Cross-platform handoff** — Claude hitting its rate limit? Call `veto_handoff`, open Gemini or Codex, call `veto_continue`. Full context restored in seconds. Nothing re-explained.
+**File explanation** — `veto_explain` reads any file and routes it to the best-fit expert agent automatically.
+
+**Plugin system** — Drop a `.js` file in `~/.veto/agents/` and it registers as a custom agent available in every tool.
+
+**MCP Resources + Prompts** — Read Veto's memory as MCP Resources. Use built-in Prompts as reusable task templates.
+
+**Cross-platform handoff** — Claude hitting its rate limit? `veto_handoff` → open Gemini → `veto_continue`. Full context restored in seconds.
 
 ---
 
@@ -115,42 +116,210 @@ VS Code uses `"servers"` with `"type": "stdio"`:
 
 ---
 
-## MCP Tools (29)
+## MCP Tools (34)
 
 | Category | Tools |
 |---|---|
-| Session | `veto_status` · `veto_session_save` · `veto_session_restore` · `veto_sessions_list` |
-| Router | `veto_route_task` · `veto_rate_status` |
-| Council | `veto_council_debate` |
-| Agents | `veto_agent_plan` · `veto_code_review` · `veto_security_scan` · `veto_secrets_scan` · `veto_execute_parallel` |
-| Memory | `veto_memory_store` · `veto_memory_search` · `veto_memory_delete` · `veto_project_map_update` · `veto_project_map_get` · `veto_pattern_store` · `veto_patterns_list` · `veto_memory_export` · `veto_memory_import` |
-| Learning | `veto_record_outcome` · `veto_learning_stats` · `veto_learning_apply` |
-| Handoff | `veto_handoff` · `veto_continue` · `veto_platform_setup` |
+| **Session** | `veto_status` · `veto_session_save` · `veto_session_restore` · `veto_sessions_list` |
+| **Router** | `veto_route_task` · `veto_rate_status` |
+| **Council** | `veto_council_debate` |
+| **Agents** | `veto_agent_plan` · `veto_execute_parallel` · `veto_explain` |
+| **Review** | `veto_code_review` · `veto_security_scan` · `veto_secrets_scan` · `veto_diff_review` |
+| **Pipelines** | `veto_workflow` |
+| **Watching** | `veto_watch` · `veto_watch_poll` · `veto_watch_stop` |
+| **Memory** | `veto_memory_store` · `veto_memory_search` · `veto_memory_delete` · `veto_project_map_update` · `veto_project_map_get` · `veto_pattern_store` · `veto_patterns_list` · `veto_memory_export` · `veto_memory_import` |
+| **Learning** | `veto_record_outcome` · `veto_learning_stats` · `veto_learning_apply` |
+| **Handoff** | `veto_handoff` · `veto_continue` · `veto_platform_setup` |
+| **Plugins** | `veto_plugins` |
+
+## MCP Resources
+
+| URI | What it returns |
+|---|---|
+| `veto://sessions` | All saved sessions across platforms |
+| `veto://project-map?dir=<path>` | Stored project structure map |
+| `veto://memory?q=<query>` | Knowledge base search results |
+| `veto://patterns` | Learned coding patterns |
+
+## MCP Prompts
+
+| Prompt | What it does |
+|---|---|
+| `code-review` | Full code review — paste code, get scored findings |
+| `security-audit` | OWASP Top 10 scan with CWE references |
+| `deploy-checklist` | Council reviews your deployment plan before you ship |
+| `explain-file` | Expert explanation of any file, auto-routed by type |
 
 ---
 
-## Cross-Platform Handoff
+## CLI Commands
+
+Use these from any terminal to inspect Veto's brain without opening an AI session.
+
+After installing globally (`npm i -g @jigyasudham/veto`) or via npx:
+
+```bash
+veto init                        # Configure all AI tools + scan project
+veto status                      # Version, DB path, session/memory/outcome counts
+veto sessions                    # List last 20 saved sessions
+veto memory [query]              # Search knowledge base (blank = all entries)
+veto patterns [prefix]           # List learned agent/routing patterns
+veto help                        # Full command + MCP tools reference
+
+# Without installing:
+npx @jigyasudham/veto help       # Same help output, no install needed
+npx @jigyasudham/veto status     # Check status from any machine
+```
+
+`veto help` shows all CLI commands, all 34 MCP tool names, MCP Resources, and MCP Prompts — the full reference in one place.
+
+---
+
+## Codebase-Aware Agents
+
+Pass `project_dir` to any agent tool — Veto auto-injects:
+- Project name, version, dependency list
+- Detected tech stack (React, Next.js, Prisma, Express, MCP, etc.)
+- Recent `git diff --stat` and last 5 commits
+- Config files present (tsconfig, vite.config, tailwind, etc.)
+
+```
+veto_council_debate {
+  task: "migrate auth from sessions to JWTs",
+  project_dir: "/your/project"   ← agents now know your actual stack
+}
+```
+
+---
+
+## Diff Review
+
+Auto-reads `git diff HEAD` from `project_dir`, or pass a diff string directly:
+
+```
+veto_diff_review { project_dir: "/your/project" }
+→ {
+    verdict: "warn",
+    files_changed: 4,
+    code_review:   { score: 78, critical: 0, high: 2, findings: [...] },
+    security:      { score: 91, critical: 0, high: 0, findings: [...] },
+    secrets:       { findings: [] },
+    summary: "⚠️  WARN — 4 file(s) changed\nCode: approved_with_warnings (78/100)\n..."
+  }
+```
+
+Works as a pre-commit hook or CI step. The `summary` field is a single string ready to post as a PR comment.
+
+---
 
-No accounts. No cloud services. Works on the same machine or across machines.
+## Sequential Pipelines
+
+```
+veto_workflow {
+  steps: [
+    { id: "code",     agent: "coder",    task: "implement auth middleware", gate: 70 },
+    { id: "review",   agent: "reviewer", task: "review the implementation", gate: 75 },
+    { id: "security", agent: "security-scanner", task: "scan for vulnerabilities", gate: 80 },
+    { id: "test",     agent: "tester",   task: "write test cases" }
+  ],
+  project_dir: "/your/project"
+}
+→ { verdict: "passed", steps_passed: 4, steps_failed: 0, results: [...] }
+```
+
+If any step's confidence falls below its gate, the pipeline halts and returns `partial` with the exact failure point.
+
+---
+
+## Reactive File Watching
+
+```bash
+veto_watch { project_dir: "/your/project" }
+→ { watch_id: "a3f2b1c0" }
+
+# make some changes, then:
+veto_watch_poll { watch_id: "a3f2b1c0" }
+→ [
+    { file: "src/auth.ts",  recommended_agent: "code-quality", suggested_tool: "veto_code_review" },
+    { file: "package.json", recommended_agent: "dependency-audit", suggested_tool: "veto_agent_plan" },
+    { file: ".env",         recommended_agent: "secrets", suggested_tool: "veto_secrets_scan" }
+  ]
+```
+
+---
+
+## Self-Learning Router
+
+The router gets smarter as you use it:
+
+```bash
+# After completing a task:
+veto_record_outcome {
+  task_type: "fix-auth-bug",
+  complexity: 45,
+  model_tier: 2,
+  output_quality: 88,
+  agent: "debugger",
+  file_ext: ".ts"         # ← teaches the router which agent works best for .ts files
+}
+
+# After 20+ outcomes:
+veto_learning_apply       # adjusts tier thresholds from your actual data
+
+# Next route_task call:
+veto_route_task { task: "debug auth issue", file_ext: ".ts" }
+→ { ..., recommended_agent: "debugger" }   # ← predicted from history
+```
+
+---
+
+## Plugin System
+
+Register custom agents without forking:
+
+```js
+// ~/.veto/agents/my-agent.js
+export function plan(task, context) {
+  return {
+    agent: 'my-agent',
+    task,
+    tier: 2,
+    approach: 'Your custom approach...',
+    steps: ['Step 1', 'Step 2'],
+    checklist: ['[ ] Check 1'],
+    pitfalls: ['Pitfall 1'],
+    patterns: ['Pattern 1'],
+    duration_estimate: '1-2 hours',
+  };
+}
+```
+
+Veto loads it on start. Use it in `veto_agent_plan { agent: "my-agent" }` or `veto_execute_parallel`.
+
+---
+
+## Cross-Platform Handoff
 
 **Rate limit mid-task:**
 ```
 Claude at 90%  →  veto_handoff { summary, context }
-Open Gemini    →  veto_continue
+Open Gemini    →  veto_continue { resuming_as: "gemini" }
 Full context restored. Continue exactly where you stopped.
 ```
 
+Every session tracks two fields:
+- `created_by` — which AI originally saved the session
+- `active_client` — which AI last resumed it (updated on every `veto_continue` or `veto_session_restore`)
+
+**Multiple AIs on different projects simultaneously:** Each MCP server process is independent. Sessions are always separate. Memory is automatically scoped to each process's active project — no cross-contamination.
+
 **Switch machines:**
 ```
 Machine A  →  veto_memory_export  →  veto-export.json
-               copy file any way (Dropbox, USB, scp)
-Machine B  →  veto_memory_import
-               veto_session_restore  →  resume instantly
+Machine B  →  veto_memory_import  →  veto_session_restore
 ```
 
-**Platform support:**
-
-| Platform | Works with Veto |
+| Platform | Support |
 |---|---|
 | Claude Code | ✅ Native MCP |
 | Gemini CLI | ✅ MCP support |
@@ -161,16 +330,6 @@ Machine B  →  veto_memory_import
 
 ---
 
-## Self-Learning Router
-
-The router gets smarter as you use it:
-
-1. Complete a task → `veto_record_outcome` with quality score (0–100)
-2. After 20+ outcomes → `veto_learning_apply`
-3. Tier thresholds adjust — over-routed tasks self-correct over time
-
----
-
 ## Roadmap
 
 | Phase | Status | Version |
@@ -183,16 +342,20 @@ The router gets smarter as you use it:
 | 6 — Self-Learning | ✅ Complete | v0.6.0 |
 | 7 — Cross-Platform | ✅ Complete | v0.7.0 |
 | 8 — All 50 Agents | ✅ Complete | v0.8.0 |
+| 9 — Codebase Context + Structured Output + MCP Resources/Prompts | ✅ Complete | v0.9.0 |
+| 10 — Watch, Workflow, Explain, Plugins | ✅ Complete | v0.10.0 |
+| 11 — Smarter Council + Predictive Routing + Auto Project Map | ✅ Complete | v0.11.0 |
+| 12 — CLI Subcommands + Diff Review | ✅ Complete | v1.0.0 |
 
 ---
 
 ## Tech Stack
 
 - **Language:** TypeScript (strict mode)
-- **Runtime:** Node.js 22.5+ (required — uses built-in `node:sqlite`)
-- **Dependencies:** `@modelcontextprotocol/sdk` only — one package, no native addons
-- **Memory:** SQLite via `node:sqlite` — zero native compilation, zero configuration, works offline
-- **Cross-machine:** File-based JSON export/import — no external services, no accounts
+- **Runtime:** Node.js 22.5+ (built-in `node:sqlite` — no native compilation)
+- **Dependencies:** `@modelcontextprotocol/sdk` only — one package, zero native addons
+- **Memory:** Local SQLite — zero config, works offline, portable via JSON export
+- **Platforms:** Claude Code · Gemini CLI · Codex CLI · Cursor · Windsurf · VS Code
 
 ---
 

package/dist/adapters/index.js

@@ -37,10 +37,10 @@ export function handoff(options) {
     };
 }
 // ─── Continue ─────────────────────────────────────────────────────────────────
-export function continueSession(sessionId) {
+export function continueSession(sessionId, active_client) {
     const now = new Date().toISOString();
     if (sessionId) {
-        const result = restoreSession(sessionId);
+        const result = restoreSession(sessionId, active_client);
         if (!result.found || !result.session) {
             return { found: false, message: `No session found with ID: ${sessionId}`, restored_at: now };
         }
@@ -55,7 +55,7 @@ export function continueSession(sessionId) {
             restored_at: now,
         };
     }
-    const result = restoreSession(sessions[0].id);
+    const result = restoreSession(sessions[0].id, active_client);
     if (!result.found || !result.session) {
         return { found: false, message: 'Could not restore the most recent session.', restored_at: now };
     }
@@ -98,6 +98,7 @@ function buildContinueResult(session, now) {
         found: true,
         session_id: session.id,
         platform: session.platform,
+        active_client: session.active_client ?? undefined,
         summary: session.summary ?? undefined,
         context,
         task_state,

package/dist/agents/executor.js

@@ -1,3 +1,5 @@
+import { buildContextString } from '../context/reader.js';
+import { getPlugin } from '../plugins/loader.js';
 // Development agents
 import * as coder from './development/coder.js';
 import * as reviewer from './development/reviewer.js';
@@ -101,30 +103,60 @@ function resolveAgent(agentType) {
         case 'search-agent': return searchAgent;
         case 'reporter': return reporter;
         case 'automation': return automation;
-        default:
+        default: {
+            const plugin = getPlugin(agentType);
+            if (plugin)
+                return plugin;
             throw new Error(`Unknown agent type: ${agentType}`);
+        }
+    }
+}
+function deriveOutput(plan, analysis) {
+    if (analysis) {
+        return {
+            confidence: Math.min(1, Math.max(0, analysis.score / 100)),
+            severity: analysis.critical_count > 0 ? 'critical' : analysis.high_count > 0 ? 'high' : 'medium',
+            recommendation: analysis.summary,
+            affected_files: [],
+            line_refs: analysis.findings
+                .filter(f => f.location)
+                .map(f => ({ file: f.location, line: 0, description: f.description })),
+        };
+    }
+    if (plan) {
+        return {
+            confidence: 0.8,
+            severity: 'info',
+            recommendation: plan.approach,
+            affected_files: [],
+            line_refs: [],
+        };
     }
+    return { confidence: 0, severity: 'info', recommendation: '', affected_files: [], line_refs: [] };
 }
 export async function executeOne(task) {
     const start = Date.now();
     try {
         const agent = resolveAgent(task.agent);
         const useAnalyze = task.code !== undefined && ANALYZE_CAPABLE.has(task.agent);
+        const enrichedContext = buildContextString(task.project_dir, task.context);
         if (useAnalyze && agent.analyze) {
-            const analysis = agent.analyze(task.code, task.context);
+            const analysis = agent.analyze(task.code, enrichedContext || task.context);
             return {
                 id: task.id,
                 agent: task.agent,
                 analysis,
+                output: deriveOutput(undefined, analysis),
                 duration_ms: Date.now() - start,
             };
         }
         else {
-            const plan = agent.plan(task.task, task.context);
+            const plan = agent.plan(task.task, enrichedContext || task.context);
             return {
                 id: task.id,
                 agent: task.agent,
                 plan,
+                output: deriveOutput(plan, undefined),
                 duration_ms: Date.now() - start,
             };
         }
@@ -133,6 +165,7 @@ export async function executeOne(task) {
         return {
             id: task.id,
             agent: task.agent,
+            output: { confidence: 0, severity: 'info', recommendation: '', affected_files: [], line_refs: [] },
             duration_ms: Date.now() - start,
             error: err instanceof Error ? err.message : String(err),
         };