@kody-ade/kody-engine-lite 0.1.56 → 0.1.57

package/dist/bin/cli.js

@@ -300,7 +300,7 @@ var init_config = __esm({
         repo: ""
       },
       paths: {
-        taskDir: ".tasks"
+        taskDir: ".kody/tasks"
       },
       agent: {
         runner: "claude-code",
@@ -1101,7 +1101,6 @@ var init_agent = __esm({
       taskify: "explore",
       plan: "explore",
       build: "build",
-      autofix: "build",
       "review-fix": "build",
       review: "review"
     };
@@ -1601,6 +1600,20 @@ function executeShipStage(ctx, _def) {
   try {
     const head = getCurrentBranch(ctx.projectDir);
     const base = getDefaultBranch(ctx.projectDir);
+    try {
+      execFileSync7("git", ["add", ctx.taskDir], {
+        cwd: ctx.projectDir,
+        env: { ...process.env, HUSKY: "0", SKIP_HOOKS: "1" },
+        stdio: "pipe"
+      });
+      execFileSync7("git", ["commit", "--no-gpg-sign", "-m", `chore: add kody task artifacts [skip ci]`], {
+        cwd: ctx.projectDir,
+        env: { ...process.env, HUSKY: "0", SKIP_HOOKS: "1" },
+        stdio: "pipe"
+      });
+      logger.info("  Committed task artifacts");
+    } catch {
+    }
     pushBranch(ctx.projectDir);
     const config = getProjectConfig();
     let owner = config.github?.owner;
@@ -1698,6 +1711,7 @@ Failed: ${msg}
 var init_ship = __esm({
   "src/stages/ship.ts"() {
     "use strict";
+    init_logger();
     init_git_utils();
     init_github_api();
     init_config();
@@ -2526,7 +2540,7 @@ import * as fs16 from "fs";
 import * as path15 from "path";
 import { execFileSync as execFileSync9 } from "child_process";
 function findLatestTaskForIssue(issueNumber, projectDir) {
-  const tasksDir = path15.join(projectDir, ".tasks");
+  const tasksDir = path15.join(projectDir, ".kody", "tasks");
   if (!fs16.existsSync(tasksDir)) return null;
   const allDirs = fs16.readdirSync(tasksDir, { withFileTypes: true }).filter((d) => d.isDirectory()).map((d) => d.name).sort().reverse();
   const prefix = `${issueNumber}-`;
@@ -2587,7 +2601,7 @@ Or comment on the specific PR: \`@kody review\``
 }
 async function runStandaloneReview(input) {
   const taskId = input.taskId ?? `review-${generateTaskId()}`;
-  const taskDir = path16.join(input.projectDir, ".tasks", taskId);
+  const taskDir = path16.join(input.projectDir, ".kody", "tasks", taskId);
   fs17.mkdirSync(taskDir, { recursive: true });
   const taskContent = `# ${input.prTitle}
 
@@ -2830,7 +2844,7 @@ function resolveTaskAction(issueNumber, existingTaskId, existingState) {
 function resolveForIssue(issueNumber, projectDir) {
   const existingTaskId = findLatestTaskForIssue(issueNumber, projectDir);
   if (existingTaskId) {
-    const statusPath = path18.join(projectDir, ".tasks", existingTaskId, "status.json");
+    const statusPath = path18.join(projectDir, ".kody", "tasks", existingTaskId, "status.json");
     let existingState = null;
     if (fs19.existsSync(statusPath)) {
       try {
@@ -2924,7 +2938,7 @@ async function main() {
       process.exit(1);
     }
   }
-  const taskDir = path19.join(projectDir, ".tasks", taskId);
+  const taskDir = path19.join(projectDir, ".kody", "tasks", taskId);
   fs20.mkdirSync(taskDir, { recursive: true });
   if (input.command === "status") {
     printStatus(taskId, taskDir);
@@ -2963,10 +2977,12 @@ async function main() {
       const proxyRunning = await checkLitellmHealth(config2.agent.litellmUrl);
       if (!proxyRunning) {
         litellmProcess2 = await tryStartLitellm(config2.agent.litellmUrl, projectDir);
+        if (!litellmProcess2) {
+          logger.error("LiteLLM is configured (litellmUrl) but could not be started. Install it with: pip install 'litellm[proxy]'");
+          process.exit(1);
+        }
       }
-      if (config2.agent.litellmUrl) {
-        process.env.ANTHROPIC_BASE_URL = config2.agent.litellmUrl;
-      }
+      process.env.ANTHROPIC_BASE_URL = config2.agent.litellmUrl;
     }
     const runners2 = createRunners(config2);
     const defaultRunnerName2 = config2.agent.defaultRunner ?? Object.keys(runners2)[0] ?? "claude";
@@ -3036,7 +3052,7 @@ ${issue.body ?? ""}`;
     }
   }
   if (!fs20.existsSync(taskMdPath)) {
-    console.error("No task.md found. Provide --task, --issue-number, or ensure .tasks/<id>/task.md exists.");
+    console.error("No task.md found. Provide --task, --issue-number, or ensure .kody/tasks/<id>/task.md exists.");
     process.exit(1);
   }
   if (input.command === "fix" && !input.fromStage) {
@@ -3078,16 +3094,14 @@ ${input.feedback}` : reviewContext;
     if (!proxyRunning) {
       litellmProcess = await tryStartLitellm(config.agent.litellmUrl, projectDir);
       if (!litellmProcess) {
-        logger.warn("LiteLLM not available \u2014 falling back to Anthropic models");
-        config.agent.litellmUrl = void 0;
+        logger.error("LiteLLM is configured (litellmUrl) but could not be started. Install it with: pip install 'litellm[proxy]'");
+        process.exit(1);
       }
     } else {
       logger.info(`LiteLLM proxy already running at ${config.agent.litellmUrl}`);
     }
-    if (config.agent.litellmUrl) {
-      process.env.ANTHROPIC_BASE_URL = config.agent.litellmUrl;
-      logger.info(`ANTHROPIC_BASE_URL set to ${config.agent.litellmUrl}`);
-    }
+    process.env.ANTHROPIC_BASE_URL = config.agent.litellmUrl;
+    logger.info(`ANTHROPIC_BASE_URL set to ${config.agent.litellmUrl}`);
   }
   const runners = createRunners(config);
   const defaultRunnerName = config.agent.defaultRunner ?? Object.keys(runners)[0] ?? "claude";
@@ -3362,7 +3376,7 @@ function buildConfig(cwd, basic) {
     },
     git: { defaultBranch: basic.defaultBranch },
     github: { owner: basic.owner, repo: basic.repo },
-    paths: { taskDir: ".tasks" },
+    paths: { taskDir: ".kody/tasks" },
     agent: {
       runner: "claude-code",
       defaultRunner: "claude",
@@ -3404,11 +3418,12 @@ function initCommand(opts) {
   const gitignorePath = path20.join(cwd, ".gitignore");
   if (fs21.existsSync(gitignorePath)) {
     const content = fs21.readFileSync(gitignorePath, "utf-8");
-    if (!content.includes(".tasks/")) {
-      fs21.appendFileSync(gitignorePath, "\n.tasks/\n");
-      console.log("  \u2713 .gitignore (added .tasks/)");
+    if (content.includes(".tasks/")) {
+      const updated = content.replace(/\n?\.tasks\/\n?/g, "\n");
+      fs21.writeFileSync(gitignorePath, updated);
+      console.log("  \u2713 .gitignore (removed legacy .tasks/ \u2014 tasks now committed in .kody/tasks/)");
     } else {
-      console.log("  \u25CB .gitignore (.tasks/ already present)");
+      console.log("  \u25CB .gitignore (ok)");
     }
   }
   console.log("\n\u2500\u2500 Prerequisites \u2500\u2500");
@@ -3589,7 +3604,7 @@ function initCommand(opts) {
     console.log("");
   }
 }
-var STEP_STAGES = ["taskify", "plan", "build", "autofix", "review", "review-fix"];
+var STEP_STAGES = ["taskify", "plan", "build", "review", "review-fix"];
 function gatherSampleSourceFiles(cwd, maxFiles = 3, maxCharsEach = 2e3) {
   const srcDir = path20.join(cwd, "src");
   const baseDir = fs21.existsSync(srcDir) ? srcDir : cwd;
@@ -3627,11 +3642,46 @@ ${content}
   }
   return results.join("\n\n");
 }
+function ghComment(issueNumber, body, cwd) {
+  try {
+    let repoSlug = "";
+    try {
+      const configPath = path20.join(cwd, "kody.config.json");
+      if (fs21.existsSync(configPath)) {
+        const config = JSON.parse(fs21.readFileSync(configPath, "utf-8"));
+        if (config.github?.owner && config.github?.repo) {
+          repoSlug = `${config.github.owner}/${config.github.repo}`;
+        }
+      }
+    } catch {
+    }
+    if (!repoSlug) return;
+    execFileSync11("gh", [
+      "issue",
+      "comment",
+      String(issueNumber),
+      "--repo",
+      repoSlug,
+      "--body",
+      body
+    ], {
+      cwd,
+      encoding: "utf-8",
+      timeout: 15e3,
+      stdio: ["pipe", "pipe", "pipe"]
+    });
+  } catch {
+  }
+}
 function bootstrapCommand() {
   const cwd = process.cwd();
+  const issueNumber = parseInt(process.env.ISSUE_NUMBER ?? "", 10) || 0;
   console.log(`
 \u{1F527} Kody Bootstrap \u2014 Generating project memory + step files
 `);
+  if (issueNumber) {
+    ghComment(issueNumber, "\u{1F527} **Bootstrap started** \u2014 analyzing project and generating configuration...", cwd);
+  }
   const readIfExists = (rel, maxChars = 3e3) => {
     const p = path20.join(cwd, rel);
     if (fs21.existsSync(p)) return fs21.readFileSync(p, "utf-8").slice(0, maxChars);
@@ -3911,8 +3961,16 @@ REMINDER: Output the full prompt template first (unchanged), then your three app
               stdio: ["pipe", "pipe", "pipe"]
             }).trim();
             console.log(`  \u2713 Created PR: ${prUrl}`);
+            if (issueNumber) {
+              ghComment(issueNumber, `\u2705 **Bootstrap complete** \u2014 PR created: ${prUrl}
+
+Review and merge to activate project-specific pipeline configuration.`, cwd);
+            }
           } catch (prErr) {
             console.log(`  \u25CB PR creation failed: ${prErr instanceof Error ? prErr.message : prErr}`);
+            if (issueNumber) {
+              ghComment(issueNumber, `\u26A0\uFE0F **Bootstrap complete** \u2014 files generated and pushed to branch \`${branchName}\`, but PR creation failed. Create it manually.`, cwd);
+            }
           }
         } else {
           console.log("  \u25CB No new changes to commit");
@@ -3935,6 +3993,9 @@ REMINDER: Output the full prompt template first (unchanged), then your three app
       }
     } catch (err) {
       console.log(`  \u25CB Git commit skipped: ${err instanceof Error ? err.message : err}`);
+      if (issueNumber) {
+        ghComment(issueNumber, `\u274C **Bootstrap failed** \u2014 git operation error: ${err instanceof Error ? err.message : err}`, cwd);
+      }
     }
   }
   console.log("\n\u2500\u2500 Done \u2500\u2500");
@@ -3982,3 +4043,13 @@ if (command === "init") {
 } else {
   Promise.resolve().then(() => init_entry());
 }
+export {
+  buildConfig,
+  checkCommand2 as checkCommand,
+  checkFile,
+  checkGhAuth,
+  checkGhRepoAccess,
+  checkGhSecret,
+  detectArchitectureBasic,
+  detectBasicConfig
+};

package/kody.config.schema.json

@@ -82,8 +82,8 @@
       "properties": {
         "taskDir": {
           "type": "string",
-          "description": "Directory for pipeline artifacts and state (gitignored)",
-          "default": ".tasks"
+          "description": "Directory for pipeline artifacts and state (committed to branch)",
+          "default": ".kody/tasks"
         }
       },
       "additionalProperties": false

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kody-ade/kody-engine-lite",
-  "version": "0.1.56",
+  "version": "0.1.57",
   "description": "Autonomous SDLC pipeline: Kody orchestration + Claude Code + LiteLLM",
   "license": "MIT",
   "type": "module",

package/prompts/autofix.md

@@ -1,21 +1,39 @@
 ---
 name: autofix
-description: Fix verification errors (typecheck, lint, test failures)
+description: Investigate root cause then fix verification errors (typecheck, lint, test failures)
 mode: primary
 tools: [read, write, edit, bash, glob, grep]
 ---
 
 You are an autofix agent. The verification stage failed. Fix the errors below.
 
-STRATEGY (in order):
-1. Try quick wins first: run `pnpm lint:fix` and `pnpm format:fix` via Bash
-2. Read the error output carefully — understand WHAT failed and WHY
-3. For type errors: Read the affected file, fix the type mismatch
-4. For test failures: Read both the test and the implementation, fix the root cause
-5. For lint errors: Apply the specific fix the linter suggests
+IRON LAW: NO FIXES WITHOUT INVESTIGATION FIRST. Do not jump to changing code. Understand the failure first.
+
+## Phase 1 — Investigate (do this BEFORE any edits)
+1. Read the full error output — what exactly failed?
+2. Identify the affected files — Read them to understand context
+3. Check recent changes: run `git diff HEAD~1` to see what changed
+4. Classify the failure pattern:
+   - **Type error**: mismatched types, missing properties, wrong generics
+   - **Test failure**: assertion mismatch, missing mock, changed behavior
+   - **Lint error**: style violation, unused import, naming convention
+   - **Runtime error**: null reference, missing dependency, config issue
+   - **Integration failure**: API contract mismatch, schema drift
+5. Identify root cause — is this a direct error in new code, or a side effect of a change elsewhere?
+
+## Phase 2 — Fix (only after root cause is clear)
+1. Try quick wins first: run configured lintFix and formatFix commands via Bash
+2. For type errors: fix the type mismatch at its source, not by adding type assertions
+3. For test failures: fix the root cause (implementation or test), not both — determine which is correct
+4. For lint errors: apply the specific fix the linter suggests
+5. For integration failures: trace the contract back to its definition, fix the mismatch at source
 6. After EACH fix, re-run the failing command to verify it passes
-7. Do NOT commit or push — the orchestrator handles git
+7. If a fix introduces new failures, REVERT and try a different approach
+8. Do NOT commit or push — the orchestrator handles git
 
-Do NOT make unrelated changes. Fix ONLY the reported errors.
+## Rules
+- Fix ONLY the reported errors. Do NOT make unrelated changes.
+- Minimal diff — use Edit for surgical changes, not Write for rewrites
+- If the failure is pre-existing (not caused by this PR's changes), document it and move on
 
 {{TASK_CONTEXT}}

package/prompts/review.md

@@ -5,9 +5,10 @@ mode: primary
 tools: [read, glob, grep, bash]
 ---
 
-You are a code review agent. Review all changes made for the task described below.
+You are a code review agent following the Superpowers Structured Review methodology.
 
 Use Bash to run `git diff` to see what changed. Use Read to examine modified files in full context.
+When the diff introduces new enum values, status strings, or type constants — use Grep to trace ALL consumers outside the diff.
 
 CRITICAL: You MUST output a structured review in the EXACT format below. Do NOT output conversational text, status updates, or summaries. Your entire output must be the structured review markdown.
 
@@ -21,28 +22,94 @@ Output markdown with this EXACT structure:
 ## Findings
 
 ### Critical
-<Security vulnerabilities, data loss risks, crashes, broken authentication>
 <If none: "None.">
 
 ### Major
-<Logic errors, missing edge cases, broken tests, significant performance issues, missing error handling>
 <If none: "None.">
 
 ### Minor
-<Style issues, naming improvements, readability, trivial performance, minor refactoring opportunities>
 <If none: "None.">
 
-Severity definitions:
-- **Critical**: Security vulnerability, data loss, application crash, broken authentication, injection risk. MUST fix before merge.
-- **Major**: Logic error, missing edge case, broken test, significant performance issue, missing input validation. SHOULD fix before merge.
-- **Minor**: Style issue, naming improvement, readability, micro-optimization. NICE to fix, not blocking.
-
-Review checklist:
-- [ ] Does the code match the plan?
-- [ ] Are edge cases handled?
-- [ ] Are there security concerns?
-- [ ] Are tests adequate?
-- [ ] Is error handling proper?
-- [ ] Are there any hardcoded values that should be configurable?
+For each finding use: `file:line` — problem description. Suggested fix.
+
+---
+
+## Two-Pass Review
+
+**Pass 1 — CRITICAL (must fix before merge):**
+
+### SQL & Data Safety
+- String interpolation in SQL — use parameterized queries even for `.to_i`/`.to_f` values
+- TOCTOU races: check-then-set patterns that should be atomic `WHERE` + update
+- Bypassing model validations via direct DB writes (e.g., `update_column`, raw queries)
+- N+1 queries: missing eager loading for associations used in loops/views
+
+### Race Conditions & Concurrency
+- Read-check-write without uniqueness constraint or duplicate key handling
+- find-or-create without unique DB index — concurrent calls create duplicates
+- Status transitions without atomic `WHERE old_status = ? UPDATE SET new_status`
+- Unsafe HTML rendering (`dangerouslySetInnerHTML`, `v-html`, `.html_safe`) on user-controlled data (XSS)
+
+### LLM Output Trust Boundary
+- LLM-generated values (emails, URLs, names) written to DB without format validation
+- Structured tool output accepted without type/shape checks before DB writes
+- LLM-generated URLs fetched without allowlist — SSRF risk
+- LLM output stored in vector DBs without sanitization — stored prompt injection risk
+
+### Shell Injection
+- `subprocess.run()` / `os.system()` with `shell=True` AND string interpolation — use argument arrays
+- `eval()` / `exec()` on LLM-generated code without sandboxing
+
+### Enum & Value Completeness
+When the diff introduces a new enum value, status string, tier name, or type constant:
+- Trace it through every consumer (READ each file that switches/filters on that value)
+- Check allowlists/filter arrays containing sibling values
+- Check `case`/`if-elsif` chains — does the new value fall through to a wrong default?
+
+**Pass 2 — INFORMATIONAL (should review, may auto-fix):**
+
+### Conditional Side Effects
+- Code paths that branch but forget a side effect on one branch (e.g., promoted but URL only attached conditionally)
+- Log messages claiming an action happened when it was conditionally skipped
+
+### Test Gaps
+- Negative-path tests asserting type/status but not side effects
+- Security enforcement features (blocking, rate limiting, auth) without integration tests
+- Missing `.expects(:something).never` when a path should NOT call an external service
+
+### Dead Code & Consistency
+- Variables assigned but never read
+- Comments/docstrings describing old behavior after code changed
+- Version mismatch between PR title and VERSION/CHANGELOG
+
+### Crypto & Entropy
+- Truncation instead of hashing — less entropy, easier collisions
+- `rand()` / `Math.random()` for security-sensitive values — use crypto-secure alternatives
+- Non-constant-time comparisons (`==`) on secrets or tokens — timing attack risk
+
+### Performance & Bundle Impact
+- Known-heavy dependencies added: moment.js (→ date-fns), full lodash (→ lodash-es), jquery
+- Images without `loading="lazy"` or explicit dimensions (CLS)
+- `useEffect` fetch waterfalls — combine or parallelize
+- Synchronous `<script>` without async/defer
+
+### Type Coercion at Boundaries
+- Values crossing language/serialization boundaries where type could change (numeric vs string)
+- Hash/digest inputs without `.toString()` normalization before serialization
+
+---
+
+## Severity Definitions
+
+- **Critical**: Security vulnerability, data loss, application crash, broken authentication, injection risk, race condition. MUST fix before merge.
+- **Major**: Logic error, missing edge case, broken test, significant performance issue, missing input validation, enum completeness gap. SHOULD fix before merge.
+- **Minor**: Style issue, naming improvement, readability, micro-optimization, stale comments. NICE to fix, not blocking.
+
+## Suppressions — do NOT flag these:
+- Redundancy that aids readability
+- "Add a comment explaining this threshold" — thresholds change, comments rot
+- Consistency-only changes with no behavioral impact
+- Issues already addressed in the diff you are reviewing — read the FULL diff first
+- devDependencies additions (no production impact)
 
 {{TASK_CONTEXT}}

package/templates/kody.yml

@@ -254,7 +254,7 @@ jobs:
             [ -n "$TASK_ID" ] && ARGS="$ARGS --task-id $TASK_ID"
             [ -n "$PR_NUMBER" ] && ARGS="$ARGS --pr-number $PR_NUMBER"
             [ -n "$FROM_STAGE" ] && ARGS="$ARGS --from $FROM_STAGE"
-            [ -n "$FEEDBACK" ] && ARGS="$ARGS --feedback \"$FEEDBACK\""
+            # FEEDBACK is passed via env var, not CLI arg (avoids shell escaping issues)
             [ "$DRY_RUN" = "true" ] && ARGS="$ARGS --dry-run"
             kody-engine-lite $CMD $ARGS
           fi
@@ -263,7 +263,7 @@ jobs:
         if: always()
         run: |
           TASK_ID="${{ github.event.inputs.task_id || needs.parse.outputs.task_id }}"
-          STATUS_FILE=".tasks/${TASK_ID}/status.json"
+          STATUS_FILE=".kody/tasks/${TASK_ID}/status.json"
           if [ -f "$STATUS_FILE" ]; then
             STATE=$(jq -r '.state' "$STATUS_FILE")
             ICON="❌"
@@ -292,7 +292,7 @@ jobs:
         uses: actions/upload-artifact@v4
         with:
           name: kody-tasks-${{ github.event.inputs.task_id || needs.parse.outputs.task_id }}
-          path: .tasks/
+          path: .kody/tasks/
           retention-days: 7
 
   # ─── Error Notifications ─────────────────────────────────────────────────────
@@ -355,11 +355,11 @@ jobs:
         run: kody-engine-lite --help
       - name: Dry run
         run: |
-          mkdir -p .tasks/smoke-test
-          echo "Smoke test task" > .tasks/smoke-test/task.md
+          mkdir -p .kody/tasks/smoke-test
+          echo "Smoke test task" > .kody/tasks/smoke-test/task.md
           kody-engine-lite run --task-id smoke-test --dry-run || true
-          if [ -f ".tasks/smoke-test/status.json" ]; then
+          if [ -f ".kody/tasks/smoke-test/status.json" ]; then
             echo "✓ status.json created"
-            cat .tasks/smoke-test/status.json
+            cat .kody/tasks/smoke-test/status.json
           fi
-          rm -rf .tasks/smoke-test
+          rm -rf .kody/tasks/smoke-test

package/dist/agent-runner.d.ts

@@ -1,4 +0,0 @@
-import type { AgentRunner } from "./types.js";
-import type { KodyConfig } from "./config.js";
-export declare function createClaudeCodeRunner(): AgentRunner;
-export declare function createRunners(config: KodyConfig): Record<string, AgentRunner>;

package/dist/agent-runner.js

@@ -1,122 +0,0 @@
-import { spawn, execFileSync } from "child_process";
-const SIGKILL_GRACE_MS = 5000;
-const STDERR_TAIL_CHARS = 500;
-function writeStdin(child, prompt) {
-    return new Promise((resolve, reject) => {
-        if (!child.stdin) {
-            resolve();
-            return;
-        }
-        child.stdin.write(prompt, (err) => {
-            if (err)
-                reject(err);
-            else {
-                child.stdin.end();
-                resolve();
-            }
-        });
-    });
-}
-function waitForProcess(child, timeout) {
-    return new Promise((resolve) => {
-        const stdoutChunks = [];
-        const stderrChunks = [];
-        child.stdout?.on("data", (chunk) => stdoutChunks.push(chunk));
-        child.stderr?.on("data", (chunk) => stderrChunks.push(chunk));
-        const timer = setTimeout(() => {
-            child.kill("SIGTERM");
-            setTimeout(() => {
-                if (!child.killed)
-                    child.kill("SIGKILL");
-            }, SIGKILL_GRACE_MS);
-        }, timeout);
-        child.on("exit", (code) => {
-            clearTimeout(timer);
-            resolve({
-                code,
-                stdout: Buffer.concat(stdoutChunks).toString(),
-                stderr: Buffer.concat(stderrChunks).toString(),
-            });
-        });
-        child.on("error", (err) => {
-            clearTimeout(timer);
-            resolve({ code: -1, stdout: "", stderr: err.message });
-        });
-    });
-}
-async function runSubprocess(command, args, prompt, timeout, options) {
-    const child = spawn(command, args, {
-        cwd: options?.cwd ?? process.cwd(),
-        env: {
-            ...process.env,
-            SKIP_BUILD: "1",
-            SKIP_HOOKS: "1",
-            ...options?.env,
-        },
-        stdio: ["pipe", "pipe", "pipe"],
-    });
-    try {
-        await writeStdin(child, prompt);
-    }
-    catch (err) {
-        return {
-            outcome: "failed",
-            error: `Failed to send prompt: ${err instanceof Error ? err.message : String(err)}`,
-        };
-    }
-    const { code, stdout, stderr } = await waitForProcess(child, timeout);
-    if (code === 0) {
-        return { outcome: "completed", output: stdout };
-    }
-    return {
-        outcome: code === null ? "timed_out" : "failed",
-        error: `Exit code ${code}\n${stderr.slice(-STDERR_TAIL_CHARS)}`,
-    };
-}
-function checkCommand(command, args) {
-    try {
-        execFileSync(command, args, { timeout: 10_000, stdio: "pipe" });
-        return true;
-    }
-    catch {
-        return false;
-    }
-}
-// ─── Claude Code Runner ──────────────────────────────────────────────────────
-export function createClaudeCodeRunner() {
-    return {
-        async run(_stageName, prompt, model, timeout, _taskDir, options) {
-            return runSubprocess("claude", [
-                "--print",
-                "--model", model,
-                "--dangerously-skip-permissions",
-                "--allowedTools", "Bash,Edit,Read,Write,Glob,Grep",
-            ], prompt, timeout, options);
-        },
-        async healthCheck() {
-            return checkCommand("claude", ["--version"]);
-        },
-    };
-}
-// ─── Runner Factory ──────────────────────────────────────────────────────────
-const RUNNER_FACTORIES = {
-    "claude-code": createClaudeCodeRunner,
-};
-export function createRunners(config) {
-    // New multi-runner config
-    if (config.agent.runners && Object.keys(config.agent.runners).length > 0) {
-        const runners = {};
-        for (const [name, runnerConfig] of Object.entries(config.agent.runners)) {
-            const factory = RUNNER_FACTORIES[runnerConfig.type];
-            if (factory) {
-                runners[name] = factory();
-            }
-        }
-        return runners;
-    }
-    // Legacy single-runner fallback
-    const runnerType = config.agent.runner ?? "claude-code";
-    const factory = RUNNER_FACTORIES[runnerType];
-    const defaultName = config.agent.defaultRunner ?? "claude";
-    return { [defaultName]: factory ? factory() : createClaudeCodeRunner() };
-}

package/dist/ci/parse-inputs.d.ts

@@ -1,6 +0,0 @@
-/**
- * Parses @kody / /kody comment body into structured inputs.
- * Run by the parse job in GitHub Actions.
- * Reads from env, writes to $GITHUB_OUTPUT.
- */
-export {};