@kevinrabun/judges 3.117.8 → 3.119.0

package/dist/import-resolver.d.ts

@@ -0,0 +1,51 @@
+/**
+ * Cross-File Import Resolution
+ *
+ * Automatically resolves imports from a file's AST and builds
+ * related-file context for deeper cross-file analysis. This bridges
+ * the gap between single-file deterministic analysis and project-wide
+ * vulnerability detection.
+ *
+ * Provides:
+ * - `resolveImports()` — resolves import paths to file content
+ * - `buildRelatedFilesContext()` — builds RelatedFileSnippet[] from imports
+ */
+import type { RelatedFileSnippet } from "./tools/deep-review.js";
+export interface ResolvedImport {
+    /** The import specifier as written in code (e.g., "./utils", "express") */
+    specifier: string;
+    /** Resolved absolute file path (undefined if external/unresolvable) */
+    resolvedPath?: string;
+    /** Whether this is a local (relative) import */
+    isLocal: boolean;
+    /** File content (truncated) if resolved */
+    content?: string;
+}
+export interface ImportResolutionResult {
+    /** Successfully resolved local imports */
+    resolved: ResolvedImport[];
+    /** External/unresolvable imports */
+    external: string[];
+    /** Related file snippets ready for deep-review context */
+    relatedFiles: RelatedFileSnippet[];
+}
+/**
+ * Resolve imports from a source file and return related file context.
+ *
+ * Uses the AST parser to extract import specifiers, resolves local imports
+ * to actual files, reads their content, and returns structured context
+ * suitable for deep-review cross-file analysis.
+ *
+ * @param code       - Source code of the file being analyzed
+ * @param language   - Programming language
+ * @param filePath   - Absolute path to the source file (needed for relative import resolution)
+ * @param maxImports - Maximum number of imports to resolve (default: 20)
+ */
+export declare function resolveImports(code: string, language: string, filePath: string, maxImports?: number): ImportResolutionResult;
+/**
+ * Build related files context from a file's imports.
+ *
+ * Convenience wrapper that returns just the RelatedFileSnippet[] array,
+ * ready to be passed to deep-review or MCP tool context.
+ */
+export declare function buildRelatedFilesContext(code: string, language: string, filePath: string, maxImports?: number): RelatedFileSnippet[];

package/dist/import-resolver.js

@@ -0,0 +1,213 @@
+/**
+ * Cross-File Import Resolution
+ *
+ * Automatically resolves imports from a file's AST and builds
+ * related-file context for deeper cross-file analysis. This bridges
+ * the gap between single-file deterministic analysis and project-wide
+ * vulnerability detection.
+ *
+ * Provides:
+ * - `resolveImports()` — resolves import paths to file content
+ * - `buildRelatedFilesContext()` — builds RelatedFileSnippet[] from imports
+ */
+import { readFileSync, existsSync } from "fs";
+import { resolve, dirname, join } from "path";
+import { analyzeStructure } from "./ast/index.js";
+// ─── Constants ──────────────────────────────────────────────────────────────
+/** Maximum file size to include as related context (bytes) */
+const MAX_RELATED_FILE_SIZE = 50_000;
+/** Maximum snippet length per related file */
+const MAX_SNIPPET_LENGTH = 3_000;
+/** Maximum number of imports to resolve */
+const MAX_IMPORTS_TO_RESOLVE = 20;
+/** Extensions to try when resolving imports without extensions */
+const RESOLVE_EXTENSIONS = [".ts", ".tsx", ".js", ".jsx", ".mjs", ".py", ".rs", ".go", ".java", ".cs"];
+/** Extensions to try for index files */
+const INDEX_FILES = ["index.ts", "index.tsx", "index.js", "index.jsx", "index.mjs"];
+// ─── Import Resolution ─────────────────────────────────────────────────────
+/**
+ * Check if an import specifier is a local/relative import.
+ */
+function isLocalImport(specifier) {
+    return specifier.startsWith("./") || specifier.startsWith("../") || specifier.startsWith("/");
+}
+/**
+ * Try to resolve a local import specifier to an actual file path.
+ */
+function resolveLocalImport(specifier, fromDir) {
+    // Remove .js extension if present (common in ESM TypeScript)
+    const cleanSpecifier = specifier.replace(/\.js$/, "");
+    const basePath = resolve(fromDir, cleanSpecifier);
+    // Try exact path first
+    if (existsSync(basePath) && !isDirectory(basePath)) {
+        return basePath;
+    }
+    // Try with various extensions
+    for (const ext of RESOLVE_EXTENSIONS) {
+        const withExt = basePath + ext;
+        if (existsSync(withExt)) {
+            return withExt;
+        }
+    }
+    // Try as directory with index file
+    for (const indexFile of INDEX_FILES) {
+        const indexPath = join(basePath, indexFile);
+        if (existsSync(indexPath)) {
+            return indexPath;
+        }
+    }
+    // Try the original specifier with extensions (before .js stripping)
+    const origBase = resolve(fromDir, specifier);
+    if (origBase !== basePath && existsSync(origBase) && !isDirectory(origBase)) {
+        return origBase;
+    }
+    return undefined;
+}
+function isDirectory(filePath) {
+    try {
+        const statSync = require("fs").statSync;
+        return statSync(filePath).isDirectory();
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Read a file and return a truncated snippet suitable for cross-file context.
+ */
+function readSnippet(filePath) {
+    try {
+        const content = readFileSync(filePath, "utf-8");
+        if (content.length > MAX_RELATED_FILE_SIZE) {
+            return undefined; // Too large
+        }
+        if (content.length <= MAX_SNIPPET_LENGTH) {
+            return content;
+        }
+        return content.slice(0, MAX_SNIPPET_LENGTH) + "\n// ... truncated";
+    }
+    catch {
+        return undefined;
+    }
+}
+/**
+ * Resolve imports from a source file and return related file context.
+ *
+ * Uses the AST parser to extract import specifiers, resolves local imports
+ * to actual files, reads their content, and returns structured context
+ * suitable for deep-review cross-file analysis.
+ *
+ * @param code       - Source code of the file being analyzed
+ * @param language   - Programming language
+ * @param filePath   - Absolute path to the source file (needed for relative import resolution)
+ * @param maxImports - Maximum number of imports to resolve (default: 20)
+ */
+export function resolveImports(code, language, filePath, maxImports = MAX_IMPORTS_TO_RESOLVE) {
+    const resolved = [];
+    const external = [];
+    const relatedFiles = [];
+    const fromDir = dirname(filePath);
+    // Use AST to extract imports
+    const structure = analyzeStructure(code, language);
+    const imports = structure.imports ?? [];
+    // Also extract imports via regex for languages where AST might not capture all
+    const regexImports = extractImportsViaRegex(code, language);
+    const allImports = [...new Set([...imports, ...regexImports])];
+    let resolvedCount = 0;
+    for (const specifier of allImports) {
+        if (resolvedCount >= maxImports)
+            break;
+        if (!isLocalImport(specifier)) {
+            external.push(specifier);
+            continue;
+        }
+        const resolvedPath = resolveLocalImport(specifier, fromDir);
+        if (!resolvedPath) {
+            resolved.push({ specifier, isLocal: true });
+            continue;
+        }
+        const snippet = readSnippet(resolvedPath);
+        if (!snippet) {
+            resolved.push({ specifier, resolvedPath, isLocal: true });
+            continue;
+        }
+        resolved.push({
+            specifier,
+            resolvedPath,
+            isLocal: true,
+            content: snippet,
+        });
+        relatedFiles.push({
+            path: specifier,
+            snippet,
+            relationship: "imported by target",
+        });
+        resolvedCount++;
+    }
+    return { resolved, external, relatedFiles };
+}
+/**
+ * Build related files context from a file's imports.
+ *
+ * Convenience wrapper that returns just the RelatedFileSnippet[] array,
+ * ready to be passed to deep-review or MCP tool context.
+ */
+export function buildRelatedFilesContext(code, language, filePath, maxImports = MAX_IMPORTS_TO_RESOLVE) {
+    return resolveImports(code, language, filePath, maxImports).relatedFiles;
+}
+// ─── Regex-based Import Extraction (fallback) ───────────────────────────────
+/**
+ * Extract import specifiers using regex patterns for common languages.
+ * This supplements the AST parser for cases where the grammar doesn't
+ * capture all import forms.
+ */
+function extractImportsViaRegex(code, language) {
+    const imports = [];
+    const lines = code.split("\n");
+    for (const line of lines) {
+        const trimmed = line.trim();
+        // TypeScript/JavaScript: import ... from "specifier"
+        // Also: import "specifier" (side-effect)
+        // Also: require("specifier")
+        if (["typescript", "javascript"].includes(language)) {
+            const fromMatch = /from\s+["']([^"']+)["']/.exec(trimmed);
+            if (fromMatch) {
+                imports.push(fromMatch[1]);
+                continue;
+            }
+            const importMatch = /^import\s+["']([^"']+)["']/.exec(trimmed);
+            if (importMatch) {
+                imports.push(importMatch[1]);
+                continue;
+            }
+            const requireMatch = /require\s*\(\s*["']([^"']+)["']\s*\)/.exec(trimmed);
+            if (requireMatch) {
+                imports.push(requireMatch[1]);
+                continue;
+            }
+        }
+        // Python: from module import ... / import module
+        if (language === "python") {
+            const fromImport = /^from\s+(\.[\w.]*)\s+import/.exec(trimmed);
+            if (fromImport) {
+                imports.push(fromImport[1]);
+                continue;
+            }
+        }
+        // Go: import "path" / import ( "path" )
+        if (language === "go") {
+            const goImport = /^\s*"([^"]+)"/.exec(trimmed);
+            if (goImport && goImport[1].includes("/")) {
+                imports.push(goImport[1]);
+            }
+        }
+        // Rust: use crate::module / mod module
+        if (language === "rust") {
+            const useMatch = /^use\s+crate::(\w+)/.exec(trimmed);
+            if (useMatch) {
+                imports.push(`./${useMatch[1]}`);
+            }
+        }
+    }
+    return imports;
+}

package/dist/tools/deep-review.d.ts

@@ -9,6 +9,8 @@ export declare function isContentPolicyRefusal(responseText: string): boolean;
 export declare const DEEP_REVIEW_PROMPT_INTRO: string;
 /** Content-policy-safe Assistant identity message. */
 export declare const DEEP_REVIEW_IDENTITY: string;
+/** Default max chars for LLM-facing prompt content (~25K tokens). */
+export declare const DEFAULT_MAX_PROMPT_CHARS = 100000;
 export interface RelatedFileSnippet {
     /** Relative file path */
     path: string;
@@ -17,11 +19,20 @@ export interface RelatedFileSnippet {
     /** Why this file is relevant (e.g. "imported by target", "shared type") */
     relationship?: string;
 }
+/**
+ * Format related files into a prompt section that gives the LLM cross-file
+ * visibility for deeper analysis.
+ *
+ * @param relatedFiles — array of related file snippets
+ * @param maxFiles — max files to include (default: 10). Set to 0 for unlimited.
+ * @param snippetBudget — per-snippet char cap (default: 3000). Set to 0 for unlimited.
+ */
+export declare function formatRelatedFilesSection(relatedFiles: RelatedFileSnippet[], maxFiles?: number, snippetBudget?: number): string;
 /**
  * Format detected project context into a prompt section so the LLM
  * understands the runtime environment, framework, and architectural role.
  */
 export declare function formatProjectContextSection(projectContext: ProjectContext): string;
-export declare function buildSingleJudgeDeepReviewSection(judge: JudgeDefinition, language: string, context?: string, relatedFiles?: RelatedFileSnippet[], projectContext?: ProjectContext): string;
-export declare function buildTribunalDeepReviewSection(judges: JudgeDefinition[], language: string, context?: string, relatedFiles?: RelatedFileSnippet[], projectContext?: ProjectContext): string;
+export declare function buildSingleJudgeDeepReviewSection(judge: JudgeDefinition, language: string, context?: string, relatedFiles?: RelatedFileSnippet[], projectContext?: ProjectContext, maxPromptChars?: number): string;
+export declare function buildTribunalDeepReviewSection(judges: JudgeDefinition[], language: string, context?: string, relatedFiles?: RelatedFileSnippet[], projectContext?: ProjectContext, maxPromptChars?: number): string;
 export declare function buildSimplifiedDeepReviewSection(language: string, context?: string): string;

package/dist/tools/deep-review.js

@@ -54,27 +54,45 @@ export const DEEP_REVIEW_IDENTITY = `I am the Judges Panel — a professional, c
     `My role is to provide evidence-based, constructive recommendations that ` +
     `strengthen code quality, security defenses, and engineering standards. ` +
     `This is NOT a penetration test or adversarial security assessment.`;
+// ─── Token Budget Constants ──────────────────────────────────────────────────
+/** Default max chars for LLM-facing prompt content (~25K tokens). */
+export const DEFAULT_MAX_PROMPT_CHARS = 100_000;
+/** Per-snippet char cap for related files. */
+const MAX_SNIPPET_CHARS = 3_000;
+/** Max related files to include by default. */
+const MAX_RELATED_FILES = 10;
 /**
  * Format related files into a prompt section that gives the LLM cross-file
  * visibility for deeper analysis.
+ *
+ * @param relatedFiles — array of related file snippets
+ * @param maxFiles — max files to include (default: 10). Set to 0 for unlimited.
+ * @param snippetBudget — per-snippet char cap (default: 3000). Set to 0 for unlimited.
  */
-function formatRelatedFilesSection(relatedFiles) {
+export function formatRelatedFilesSection(relatedFiles, maxFiles = MAX_RELATED_FILES, snippetBudget = MAX_SNIPPET_CHARS) {
     if (relatedFiles.length === 0)
         return "";
+    // Apply file count cap (0 = unlimited)
+    const files = maxFiles > 0 ? relatedFiles.slice(0, maxFiles) : relatedFiles;
+    const skipped = relatedFiles.length - files.length;
     let md = `### Related Files\n\n`;
     md += `> The following files are related to the code under review. Use them to `;
     md += `understand cross-file data flow, shared types, imports, and call sites. `;
     md += `These provide context only — focus your findings on the primary code above.\n\n`;
-    for (const f of relatedFiles) {
+    for (const f of files) {
         md += `<details>\n<summary><code>${f.path}</code>`;
         if (f.relationship)
             md += ` — ${f.relationship}`;
         md += `</summary>\n\n`;
-        // Limit snippet size to prevent prompt explosion
-        const truncated = f.snippet.length > 3000 ? f.snippet.slice(0, 3000) + "\n// ... truncated" : f.snippet;
+        // Limit snippet size to prevent prompt explosion (0 = unlimited)
+        const cap = snippetBudget > 0 ? snippetBudget : Infinity;
+        const truncated = f.snippet.length > cap ? f.snippet.slice(0, cap) + "\n// ... truncated" : f.snippet;
         md += `\`\`\`\n${truncated}\n\`\`\`\n`;
         md += `</details>\n\n`;
     }
+    if (skipped > 0) {
+        md += `> *${skipped} additional related file(s) omitted to stay within token budget.*\n\n`;
+    }
     return md;
 }
 // ─── Project Context Section ─────────────────────────────────────────────────
@@ -111,7 +129,13 @@ export function formatProjectContextSection(projectContext) {
     return md;
 }
 // ─── Single-Judge Deep Review ────────────────────────────────────────────────
-export function buildSingleJudgeDeepReviewSection(judge, language, context, relatedFiles, projectContext) {
+export function buildSingleJudgeDeepReviewSection(judge, language, context, relatedFiles, projectContext, maxPromptChars) {
+    const budget = maxPromptChars ?? DEFAULT_MAX_PROMPT_CHARS;
+    const unlimited = budget === 0;
+    const maxRelatedFiles = unlimited ? 0 : MAX_RELATED_FILES;
+    const snippetCap = unlimited ? 0 : MAX_SNIPPET_CHARS;
+    const contextCap = unlimited ? Infinity : Math.max(2000, Math.floor(budget * 0.1));
+    const truncatedContext = context && context.length > contextCap ? context.slice(0, contextCap) + "\n… (context truncated)" : context;
     let md = `\n\n---\n\n`;
     md += `## 🔍 Deep Contextual Review Required\n\n`;
     md += DEFENSIVE_PREAMBLE;
@@ -120,14 +144,14 @@ export function buildSingleJudgeDeepReviewSection(judge, language, context, rela
     md += `business logic validity, cross-module data flow, or context-dependent implications.\n>\n`;
     md += `> **You MUST now perform a thorough contextual review** of the ${language} code using the expert criteria below. `;
     md += `Identify issues that pattern matching cannot catch. Incorporate both the pattern findings above AND your own deep analysis into a final, unified evaluation.\n\n`;
-    if (context) {
-        md += `**Context provided:** ${context}\n\n`;
+    if (truncatedContext) {
+        md += `**Context provided:** ${truncatedContext}\n\n`;
     }
     if (projectContext) {
         md += formatProjectContextSection(projectContext);
     }
     if (relatedFiles && relatedFiles.length > 0) {
-        md += formatRelatedFilesSection(relatedFiles);
+        md += formatRelatedFilesSection(relatedFiles, maxRelatedFiles, snippetCap);
     }
     md += `### ${judge.name} — ${judge.domain}\n\n`;
     md += `${judge.description}\n\n`;
@@ -160,7 +184,23 @@ export function buildSingleJudgeDeepReviewSection(judge, language, context, rela
     return md;
 }
 // ─── Tribunal Deep Review (full) ─────────────────────────────────────────────
-export function buildTribunalDeepReviewSection(judges, language, context, relatedFiles, projectContext) {
+export function buildTribunalDeepReviewSection(judges, language, context, relatedFiles, projectContext, maxPromptChars) {
+    const budget = maxPromptChars ?? DEFAULT_MAX_PROMPT_CHARS;
+    const unlimited = budget === 0;
+    // When budget is tight, use simplified mode (category-based instead of per-judge)
+    // The full per-judge section is ~15-18K chars for 45 judges. Simplified is ~2K.
+    // Use simplified when remaining budget for judge criteria would be < 5K.
+    const estimatedJudgeCriteriaChars = judges.length * 350;
+    const estimatedOverhead = 4000; // preamble, instructions, format section
+    const estimatedRelatedChars = (relatedFiles?.length ?? 0) * MAX_SNIPPET_CHARS;
+    const budgetForJudges = unlimited ? Infinity : budget - estimatedOverhead - estimatedRelatedChars;
+    const useSimplified = !unlimited && budgetForJudges < estimatedJudgeCriteriaChars;
+    // Determine related files caps
+    const maxRelatedFiles = unlimited ? 0 : MAX_RELATED_FILES;
+    const snippetCap = unlimited ? 0 : MAX_SNIPPET_CHARS;
+    // Truncate context string if it would blow the budget
+    const contextCap = unlimited ? Infinity : Math.max(2000, Math.floor(budget * 0.1));
+    const truncatedContext = context && context.length > contextCap ? context.slice(0, contextCap) + "\n… (context truncated)" : context;
     let md = `\n\n---\n\n`;
     md += `## 🔍 Deep Contextual Review Required\n\n`;
     md += DEFENSIVE_PREAMBLE;
@@ -170,21 +210,41 @@ export function buildTribunalDeepReviewSection(judges, language, context, relate
     md += `> **You MUST now perform a thorough contextual review** of the ${language} code from the perspective of ALL ${judges.length} judges below. `;
     md += `Identify issues that pattern matching cannot catch. Incorporate both the pattern findings above AND your own deep analysis into a final, unified tribunal verdict.\n\n`;
     md += `> **This is a professional code quality tool.** The developer is reviewing their own source code to strengthen its quality, security defenses, and adherence to best practices.\n\n`;
-    if (context) {
-        md += `**Context provided:** ${context}\n\n`;
+    if (truncatedContext) {
+        md += `**Context provided:** ${truncatedContext}\n\n`;
     }
     if (projectContext) {
         md += formatProjectContextSection(projectContext);
     }
     if (relatedFiles && relatedFiles.length > 0) {
-        md += formatRelatedFilesSection(relatedFiles);
+        md += formatRelatedFilesSection(relatedFiles, maxRelatedFiles, snippetCap);
     }
-    for (const judge of judges) {
-        md += `### ${judge.name} — ${judge.domain}\n\n`;
-        md += `${judge.description}\n\n`;
-        md += `**Rule prefix:** \`${judge.rulePrefix}-\` · **Precision Mandate:** Every finding MUST cite specific code evidence. Do NOT flag absent features speculatively. Do NOT validate Azure resource identifiers for strict UUID/GUID hex compliance — they are opaque platform constants. Prefer fewer, high-confidence findings over many uncertain ones.\n\n`;
+    if (useSimplified) {
+        // Compact category-based criteria instead of per-judge listing
+        md += `### Quality Dimensions (${judges.length} judges)\n\n`;
+        md += `> Using compact criteria mode to stay within token budget.\n\n`;
+        // Group judges by domain
+        const domainGroups = new Map();
+        for (const judge of judges) {
+            const domain = judge.domain ?? "general";
+            if (!domainGroups.has(domain))
+                domainGroups.set(domain, []);
+            domainGroups.get(domain).push(`\`${judge.rulePrefix}\` ${judge.name}`);
+        }
+        for (const [domain, names] of domainGroups) {
+            md += `**${domain}:** ${names.join(", ")}\n\n`;
+        }
+        md += `**Precision Mandate:** Every finding MUST cite specific code evidence. Do NOT flag absent features speculatively. Do NOT validate Azure resource identifiers for strict UUID/GUID hex compliance. Prefer fewer, high-confidence findings over many uncertain ones.\n\n`;
         md += `---\n\n`;
     }
+    else {
+        for (const judge of judges) {
+            md += `### ${judge.name} — ${judge.domain}\n\n`;
+            md += `${judge.description}\n\n`;
+            md += `**Rule prefix:** \`${judge.rulePrefix}-\` · **Precision Mandate:** Every finding MUST cite specific code evidence. Do NOT flag absent features speculatively. Do NOT validate Azure resource identifiers for strict UUID/GUID hex compliance — they are opaque platform constants. Prefer fewer, high-confidence findings over many uncertain ones.\n\n`;
+            md += `---\n\n`;
+        }
+    }
     md += `### False Positive Review\n\n`;
     md += `Before adding new findings, **review each pattern-based finding above for false positives.** `;
     md += `Static pattern matching can flag code that is actually correct — for example:\n`;

package/dist/tools/register-review.js

@@ -4,6 +4,7 @@
 // ──────────────────────────────────────────────────────────────────────────────
 import { z } from "zod";
 import { loadFindingStore, triageFinding, getTriagedFindings, formatTriageSummary, getFindingStats, getSuppressionAnalytics, formatSuppressionAnalytics, } from "../finding-lifecycle.js";
+import { evaluateWithTribunal } from "../evaluators/index.js";
 // ─── Rule-prefix learning context (shared with CLI --explain) ────────────────
 const RULE_PREFIX_CONTEXT = {
     SEC: {
@@ -78,6 +79,7 @@ export function registerReviewTools(server) {
     registerGetFindingStats(server);
     registerGetSuppressionAnalytics(server);
     registerListTriagedFindings(server);
+    registerReEvaluateWithContext(server);
 }
 // ─── explain_finding ─────────────────────────────────────────────────────────
 function registerExplainFinding(server) {
@@ -394,3 +396,169 @@ function registerListTriagedFindings(server) {
         }
     });
 }
+// ─── re_evaluate_with_context ────────────────────────────────────────────────
+function registerReEvaluateWithContext(server) {
+    server.tool("re_evaluate_with_context", "Re-evaluate code with developer-provided context from a multi-turn conversation. Accepts disputed findings, accepted findings, and additional context to adjust the evaluation. This is the agentic feedback loop — the developer explains their intent and the tribunal re-evaluates with that context, applying auto-tune and confidence filtering.", {
+        code: z.string().describe("The source code to re-evaluate"),
+        language: z.string().describe("Programming language (e.g., typescript, python, go)"),
+        disputedRuleIds: z
+            .array(z.string())
+            .optional()
+            .describe("Rule IDs the developer disputes as false positives (e.g., ['SEC-001', 'PERF-003'])"),
+        acceptedRuleIds: z
+            .array(z.string())
+            .optional()
+            .describe("Rule IDs the developer accepts (these will not be filtered)"),
+        developerContext: z
+            .string()
+            .optional()
+            .describe("Free-form explanation from the developer about their intent, design decisions, or why certain findings are incorrect"),
+        focusAreas: z
+            .array(z.string())
+            .optional()
+            .describe("Specific areas to focus the re-evaluation on (e.g., ['security', 'performance'])"),
+        confidenceFilter: z
+            .number()
+            .min(0)
+            .max(1)
+            .optional()
+            .describe("Minimum confidence threshold — findings below this are dropped (default: 0.5)"),
+        filePath: z.string().optional().describe("File path for context-aware evaluation"),
+        deepReview: z
+            .boolean()
+            .optional()
+            .describe("Whether to include the LLM deep-review prompt section in the result"),
+        relatedFiles: z
+            .array(z.object({
+            path: z.string().describe("Path of the related file"),
+            snippet: z.string().describe("Relevant code snippet from the related file"),
+            relationship: z.string().optional().describe("Relationship to the main file (e.g., 'imports', 'tests')"),
+        }))
+            .optional()
+            .describe("Cross-file context for more accurate evaluation"),
+        maxPromptChars: z
+            .number()
+            .min(0)
+            .optional()
+            .describe("Maximum character budget for LLM prompts. Controls truncation of source code, related files, and context strings in deep-review prompts. Set to 0 to disable all truncation. Default: 100000."),
+    }, async ({ code, language, disputedRuleIds, acceptedRuleIds, developerContext, focusAreas, confidenceFilter, filePath, deepReview, relatedFiles, maxPromptChars, }) => {
+        try {
+            // Build context string from developer inputs
+            const contextParts = [];
+            if (developerContext) {
+                contextParts.push(`Developer context: ${developerContext}`);
+            }
+            if (disputedRuleIds && disputedRuleIds.length > 0) {
+                contextParts.push(`Disputed findings: ${disputedRuleIds.join(", ")}`);
+            }
+            if (acceptedRuleIds && acceptedRuleIds.length > 0) {
+                contextParts.push(`Accepted findings: ${acceptedRuleIds.join(", ")}`);
+            }
+            if (focusAreas && focusAreas.length > 0) {
+                contextParts.push(`Focus areas: ${focusAreas.join(", ")}`);
+            }
+            const fullContext = contextParts.join("\n");
+            // Apply token budget caps to inputs
+            const budget = maxPromptChars ?? 100_000;
+            const unlimited = budget === 0;
+            const codeCap = unlimited ? Infinity : budget;
+            const contextCap = unlimited ? Infinity : Math.max(2000, Math.floor(budget * 0.1));
+            const cappedCode = code.length > codeCap ? code.slice(0, codeCap) : code;
+            const cappedContext = fullContext.length > contextCap ? fullContext.slice(0, contextCap) + "\n… (context truncated)" : fullContext;
+            const cappedRelatedFiles = !unlimited && relatedFiles && relatedFiles.length > 10 ? relatedFiles.slice(0, 10) : relatedFiles;
+            const evalOptions = {
+                autoTune: true,
+                deepReview: deepReview ?? false,
+                confidenceFilter: confidenceFilter ?? 0.5,
+                filePath,
+                relatedFiles: cappedRelatedFiles,
+                calibrate: true,
+                maxPromptChars: maxPromptChars,
+            };
+            const verdict = evaluateWithTribunal(cappedCode, language, cappedContext || undefined, evalOptions);
+            // Post-process: mark disputed findings
+            let findings = verdict.findings;
+            if (disputedRuleIds && disputedRuleIds.length > 0) {
+                const disputedSet = new Set(disputedRuleIds);
+                findings = findings.map((f) => {
+                    if (disputedSet.has(f.ruleId)) {
+                        return {
+                            ...f,
+                            confidence: Math.max(0.1, (f.confidence ?? 0.5) * 0.5),
+                            confidenceTier: "supplementary",
+                        };
+                    }
+                    return f;
+                });
+                // Re-filter after confidence adjustment
+                if (confidenceFilter) {
+                    findings = findings.filter((f) => (f.confidence ?? 0.5) >= confidenceFilter);
+                }
+            }
+            const sections = [];
+            sections.push(`# Re-Evaluation Results\n`);
+            sections.push(`**Verdict:** ${verdict.overallVerdict} · **Score:** ${verdict.overallScore}/100`);
+            sections.push(`**Findings:** ${findings.length} (after context adjustment)`);
+            if (verdict.autoTuneApplied) {
+                sections.push(`**Auto-tune:** ${verdict.autoTuneApplied.suppressed} suppressed, ${verdict.autoTuneApplied.downgraded} downgraded`);
+            }
+            if (verdict.confidenceFilterApplied) {
+                sections.push(`**Confidence filter:** ${verdict.confidenceFilterApplied.filteredOut} findings below ${Math.round(verdict.confidenceFilterApplied.threshold * 100)}% filtered out`);
+            }
+            if (findings.length > 0) {
+                sections.push(`\n## Findings\n`);
+                for (const f of findings) {
+                    const conf = f.confidence !== undefined && f.confidence !== null ? ` (${Math.round(f.confidence * 100)}%)` : "";
+                    const tier = f.confidenceTier ? ` [${f.confidenceTier}]` : "";
+                    sections.push(`- **${f.ruleId}** ${f.severity}${conf}${tier}: ${f.title}`);
+                }
+            }
+            if (disputedRuleIds && disputedRuleIds.length > 0) {
+                const stillPresent = findings.filter((f) => disputedRuleIds.includes(f.ruleId));
+                const resolved = disputedRuleIds.filter((id) => !findings.some((f) => f.ruleId === id));
+                if (resolved.length > 0) {
+                    sections.push(`\n## Disputed findings resolved\n`);
+                    sections.push(`The following disputed findings were dropped: ${resolved.join(", ")}`);
+                }
+                if (stillPresent.length > 0) {
+                    sections.push(`\n## Disputed findings retained\n`);
+                    sections.push(`The following remain with reduced confidence: ${stillPresent.map((f) => `${f.ruleId} (${Math.round((f.confidence ?? 0) * 100)}%)`).join(", ")}`);
+                }
+            }
+            const structured = {
+                overallVerdict: verdict.overallVerdict,
+                overallScore: verdict.overallScore,
+                findingCount: findings.length,
+                autoTuneApplied: verdict.autoTuneApplied ?? null,
+                confidenceFilterApplied: verdict.confidenceFilterApplied ?? null,
+                disputedResolved: disputedRuleIds?.filter((id) => !findings.some((f) => f.ruleId === id)) ?? [],
+                findings: findings.map((f) => ({
+                    ruleId: f.ruleId,
+                    severity: f.severity,
+                    confidence: f.confidence,
+                    confidenceTier: f.confidenceTier,
+                    title: f.title,
+                })),
+            };
+            const contentBlocks = [
+                { type: "text", text: sections.join("\n") },
+                { type: "text", text: "```json\n" + JSON.stringify(structured, null, 2) + "\n```" },
+            ];
+            if (verdict.deepReviewPrompt) {
+                contentBlocks.push({ type: "text", text: verdict.deepReviewPrompt });
+            }
+            return { content: contentBlocks };
+        }
+        catch (error) {
+            return {
+                content: [
+                    {
+                        type: "text",
+                        text: error instanceof Error ? `Error: ${error.message}` : "Error: Re-evaluation failed",
+                    },
+                ],
+                isError: true,
+            };
+        }
+    });
+}