@kody-ade/kody-engine 0.4.108 → 0.4.110

package/dist/executables/pool-serve/profile.json

@@ -0,0 +1,28 @@
+{
+  "name": "pool-serve",
+  "role": "utility",
+  "describe": "Always-on warm-pool owner, co-located on the kody-litellm machine. Supervises the LiteLLM proxy and serves the pool API the dashboard calls to claim a pre-booted, frozen runner. Listens on $POOL_API_PORT (default 4100); auth via $POOL_API_KEY (derived from $KODY_MASTER_KEY). Usage: `kody pool-serve`.",
+  "inputs": [],
+  "claudeCode": {
+    "model": "inherit",
+    "permissionMode": "acceptEdits",
+    "maxTurns": null,
+    "systemPromptAppend": null,
+    "tools": [],
+    "hooks": [],
+    "skills": [],
+    "commands": [],
+    "subagents": [],
+    "plugins": [],
+    "mcpServers": []
+  },
+  "cliTools": [],
+  "scripts": {
+    "preflight": [
+      {
+        "script": "poolServe"
+      }
+    ],
+    "postflight": []
+  }
+}

package/dist/executables/review/agents/review-architecture.md

@@ -0,0 +1,33 @@
+---
+name: review-architecture
+description: Architecture/structure reviewer for structural PRs. Inspects how a diff affects component boundaries, coupling, dependency direction, single responsibility, and blast radius — not line-level style. Returns findings only; never edits files.
+tools: Read, Grep, Glob, Bash
+---
+
+You are an architecture reviewer examining one pull request. Read-only: never edit files, never run `git`/`gh` write commands. Use Read / Grep / Glob and read-only `git diff` / `git show` to inspect.
+
+You are dispatched only when a diff is **structural** — it adds/moves/deletes modules, changes a public interface/export, or wires a new dependency between areas. Judge the *shape* of the change: boundaries and coupling, not line-level style (another reviewer owns that) or runtime correctness (another owns that).
+
+Method:
+- Map what moved: which modules/layers the diff touches and the new dependency edges it introduces. Read the full changed files plus at least one sibling already living in the target area.
+- Then check:
+  - **Single responsibility** — does each new/changed module do one clear job, or has it become a god-module / god-route?
+  - **Dependency direction** — does the new edge point the right way (a shared/core util must not import a feature/app layer; nothing should import "upward")? Flag layering violations and any new import cycle.
+  - **Reuse before rewrite** — does this add a new abstraction where an existing sibling already solves the problem? Name the sibling it should have reused.
+  - **Blast radius** — for a changed public interface, grep its call sites: how many are affected, and were they all updated? A signature/contract change with un-updated callers is a real risk.
+  - **Premature abstraction** — a new layer/interface with a single implementation and no second caller is a smell; say so rather than bless it.
+- Cite real `file:line` from files you actually read. Never invent citations.
+
+Return ONLY this block — no preamble:
+
+```
+ARCHITECTURE
+- status: DONE | NEEDS_CONTEXT | BLOCKED
+- severity: BLOCK | WARN | NONE
+- findings:
+  - <file:line — the boundary/coupling/responsibility issue, the existing pattern it should follow, and the concrete risk it creates, or "None">
+```
+
+Use `BLOCK` only for a structural change with a real, demonstrable risk — a new dependency cycle, a layering violation that breaks a stated invariant, or a public-interface change with un-updated callers. Design preferences with no concrete failure mode are `WARN`. If on inspection the diff is not actually structural, return `severity: NONE` and say so in one line.
+
+`status`: `DONE` = you reviewed the structural change. `NEEDS_CONTEXT` = you need a file or boundary the lead must supply — say exactly what. `BLOCKED` = you could not read the diff/files at all — say why. Never emit `severity: NONE` to fake a clean review when you were actually blocked; report the block.

package/dist/executables/review/agents/review-security.md

@@ -11,8 +11,11 @@ Scope yourself strictly to security. Ignore style, naming, and general correctne
 Method:
 - Read the FULL changed files, not just the hunks — a vulnerability often lives outside the diff window.
 - For every request handler, query, or external call in the diff, check: is user input validated? Is it parameterized? Is authorization checked before the sensitive action? Are secrets read from env, not hardcoded?
+- **STRIDE per touched component.** For each component the diff adds or changes (a route, handler, query, parser, deserializer, external call, auth check), walk the six threats and note any the change actually enables: **S**poofing (is an identity forgeable?), **T**ampering (can input/state be mutated in transit or at rest?), **R**epudiation (is a security-relevant action left unlogged?), **I**nformation disclosure (is data leaked via response/log/error?), **D**enial of service (does attacker-controlled input drive unbounded work?), **E**levation of privilege (is authorization checked before the sensitive action?).
 - Cite real `file:line` from files you actually read. Never invent citations.
 
+Confidence filter — before reporting, suppress false positives. Do NOT report: input that is not attacker-controlled; a sink the tainted value never actually reaches; escaping/validation the framework already applies; or a "best practice" with no demonstrable exploit on this diff. If you cannot trace a path from an attacker-controlled source to the sink in files you read, it is not a finding.
+
 Return ONLY this block — no preamble:
 
 ```
@@ -20,9 +23,9 @@ SECURITY
 - status: DONE | NEEDS_CONTEXT | BLOCKED
 - severity: BLOCK | WARN | NONE
 - findings:
-  - <file:line — concrete issue and the exploit it enables, or "None">
+  - <file:line — the issue, the STRIDE category, and a concrete step-by-step exploit path (attacker sends X → reaches Y unchecked → gains Z), or "None">
 ```
 
-Use `BLOCK` only for a real, exploitable vulnerability introduced by this diff. Pre-existing issues the diff didn't touch are out of scope.
+Every `BLOCK`/`WARN` finding MUST include a concrete exploit path. If you cannot write the step-by-step path, the finding isn't real — drop it. Use `BLOCK` only for a real, exploitable vulnerability introduced by this diff. Pre-existing issues the diff didn't touch are out of scope.
 
 `status`: `DONE` = you reviewed the full diff. `NEEDS_CONTEXT` = you need a file or context the lead must supply to finish — say exactly what. `BLOCKED` = you could not read the diff/files at all — say why. Never emit `severity: NONE` to fake a clean review when you were actually blocked; report the block.

package/dist/executables/review/profile.json

@@ -29,7 +29,7 @@
     "hooks": ["block-write"],
     "skills": [],
     "commands": [],
-    "subagents": ["review-security", "review-correctness", "review-style"],
+    "subagents": ["review-security", "review-correctness", "review-style", "review-architecture"],
     "plugins": [],
     "mcpServers": []
   },

package/dist/executables/review/prompt.md

@@ -16,17 +16,18 @@ Base: {{pr.baseRefName}} ← Head: {{pr.headRefName}}
 
 # How to run this review
 
-1. **Fan out in parallel.** In a SINGLE message, issue three `Agent` calls — one to each subagent — so they run concurrently:
-   - `review-security` — security vulnerabilities.
-   - `review-correctness` — logic bugs, regressions, test gaps.
-   - `review-style` — structure, conventions, duplication, docs.
+1. **Fan out in parallel.** In a SINGLE message, issue the `Agent` calls — one per subagent — so they run concurrently:
+   - `review-security` — security vulnerabilities. **Always.**
+   - `review-correctness` — logic bugs, regressions, test gaps. **Always.**
+   - `review-style` — structure, conventions, duplication, docs. **Always.**
+   - `review-architecture` — component boundaries, coupling, dependency direction, blast radius. **Only when the diff is structural**: it adds/moves/deletes modules, changes a public interface/export, or wires a new dependency between areas. Skip it for a localized change (a single function body, a copy tweak, a test-only or config-only diff) — a fourth reviewer with nothing to say only costs time.
 
    Give each subagent the same context: PR #{{pr.number}}, the base/head refs above, and the diff. Instruct each to read the full changed files (not just hunks) before reporting, and to return only its structured block.
 
 2. **Check each reviewer's `status` before trusting its verdict.** A reviewer that returns `NEEDS_CONTEXT` or `BLOCKED` did not actually complete its review — do NOT treat its `severity: NONE` as a clean pass. Do NOT re-dispatch the same reviewer with the same instructions; change something: give it the context it asked for, or note in the comment that this dimension could not be reviewed. A review missing a whole dimension cannot be **PASS**.
 
-3. **Synthesize.** Once all three have genuinely completed, merge their findings into the single comment below. Resolve the verdict from the worst severity reported:
-   - any `BLOCK` (security or correctness) → **FAIL**
+3. **Synthesize.** Once all dispatched subagents have genuinely completed, merge their findings into the single comment below. Resolve the verdict from the worst severity reported:
+   - any `BLOCK` (security, correctness, or architecture) → **FAIL**
    - no BLOCK but any `WARN` → **CONCERNS**
    - all `NONE` → **PASS**
 
@@ -61,7 +62,7 @@ Your FINAL message must be exactly this markdown — no preamble, no DONE/COMMIT
 ```
 ## Verdict: PASS | CONCERNS | FAIL
 
-> Reviewed in parallel by 3 subagents (security · correctness · structure).
+> Reviewed in parallel by specialist subagents (security · correctness · structure · architecture when the diff is structural).
 
 ### Summary
 <2-3 sentences: what this PR does, is the approach sound>

package/dist/executables/runner-serve/profile.json

@@ -0,0 +1,28 @@
+{
+  "name": "runner-serve",
+  "role": "utility",
+  "describe": "Idle HTTP server for a warm-pool one-shot runner. Boots with no issue, listens on $PORT (default 8080), and on an authed POST /run (X-Api-Key/Bearer $RUNNER_API_KEY) clones the repo and runs `kody run --issue N`, then exits so Fly auto_destroy reclaims the machine. Usage: `kody runner-serve`.",
+  "inputs": [],
+  "claudeCode": {
+    "model": "inherit",
+    "permissionMode": "acceptEdits",
+    "maxTurns": null,
+    "systemPromptAppend": null,
+    "tools": [],
+    "hooks": [],
+    "skills": [],
+    "commands": [],
+    "subagents": [],
+    "plugins": [],
+    "mcpServers": []
+  },
+  "cliTools": [],
+  "scripts": {
+    "preflight": [
+      {
+        "script": "runnerServe"
+      }
+    ],
+    "postflight": []
+  }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kody-ade/kody-engine",
-  "version": "0.4.108",
+  "version": "0.4.110",
   "description": "kody — autonomous development engine. Single-session Claude Code agent behind a generic executor + declarative executable profiles.",
   "license": "MIT",
   "type": "module",
@@ -12,6 +12,23 @@
     "templates",
     "kody.config.schema.json"
   ],
+  "scripts": {
+    "kody:run": "tsx bin/kody.ts",
+    "serve": "tsx bin/kody.ts serve",
+    "serve:vscode": "tsx bin/kody.ts serve vscode",
+    "serve:claude": "tsx bin/kody.ts serve claude",
+    "build": "tsup && node scripts/copy-assets.cjs",
+    "check:modularity": "tsx scripts/check-script-modularity.ts",
+    "pretest": "pnpm check:modularity",
+    "test": "vitest run tests/unit tests/int --no-coverage",
+    "test:e2e": "vitest run tests/e2e --no-coverage",
+    "test:all": "vitest run tests --no-coverage",
+    "typecheck": "tsc --noEmit",
+    "lint": "biome check",
+    "lint:fix": "biome check --write",
+    "format": "biome format --write",
+    "prepublishOnly": "pnpm build"
+  },
   "dependencies": {
     "@actions/cache": "^6.0.0",
     "@anthropic-ai/claude-agent-sdk": "0.2.119",
@@ -33,21 +50,5 @@
     "url": "git+https://github.com/aharonyaircohen/kody-engine.git"
   },
   "homepage": "https://github.com/aharonyaircohen/kody-engine",
-  "bugs": "https://github.com/aharonyaircohen/kody-engine/issues",
-  "scripts": {
-    "kody:run": "tsx bin/kody.ts",
-    "serve": "tsx bin/kody.ts serve",
-    "serve:vscode": "tsx bin/kody.ts serve vscode",
-    "serve:claude": "tsx bin/kody.ts serve claude",
-    "build": "tsup && node scripts/copy-assets.cjs",
-    "check:modularity": "tsx scripts/check-script-modularity.ts",
-    "pretest": "pnpm check:modularity",
-    "test": "vitest run tests/unit tests/int --no-coverage",
-    "test:e2e": "vitest run tests/e2e --no-coverage",
-    "test:all": "vitest run tests --no-coverage",
-    "typecheck": "tsc --noEmit",
-    "lint": "biome check",
-    "lint:fix": "biome check --write",
-    "format": "biome format --write"
-  }
-}
+  "bugs": "https://github.com/aharonyaircohen/kody-engine/issues"
+}

package/templates/kody.yml

@@ -90,4 +90,4 @@ jobs:
           INIT_MESSAGE:  ${{ inputs.message }}
           MODEL:         ${{ inputs.model }}
           DASHBOARD_URL: ${{ inputs.dashboardUrl }}
-        run: npx -y -p @kody-ade/kody-engine@0.4.108 kody-engine
+        run: npx -y -p @kody-ade/kody-engine@0.4.109 kody-engine