@kognai/orchestrator-core 0.1.1 → 0.1.3

package/dist/lib/engine-primitives.js

@@ -0,0 +1,748 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.c = exports.SOVEREIGN_MODE = exports.getDailyCostDigest = exports.routeCall = exports._globalTokensThisRun = void 0;
+exports.recordModelCall = recordModelCall;
+exports.getModelsUsedReport = getModelsUsedReport;
+exports.getTotalCostUsd = getTotalCostUsd;
+exports.recordScoreForCitizen = recordScoreForCitizen;
+exports.normalizeReview = normalizeReview;
+exports.log = log;
+exports.safeResetLastCommit = safeResetLastCommit;
+exports.callLLM = callLLM;
+exports.callAnthropicCached = callAnthropicCached;
+exports.compressContext = compressContext;
+exports.localQAGate = localQAGate;
+exports.httpPost = httpPost;
+const child_process_1 = require("child_process");
+const https = __importStar(require("https"));
+const http = __importStar(require("http"));
+// ===== Module-level token accumulator =====
+// Captures ALL LLM tokens across every agent, supervisor, CEO, CTO call this run.
+exports._globalTokensThisRun = 0;
+function _accumulateTokens(n) { exports._globalTokensThisRun += n; }
+const _modelsUsedThisRun = new Map();
+let _totalCostThisRun = 0;
+function recordModelCall(provider, model, input_tokens, output_tokens, cost_usd) {
+    const key = model || 'unknown';
+    const existing = _modelsUsedThisRun.get(key);
+    if (existing) {
+        existing.calls += 1;
+        existing.input_tokens += input_tokens || 0;
+        existing.output_tokens += output_tokens || 0;
+        existing.cost_usd += cost_usd || 0;
+    }
+    else {
+        _modelsUsedThisRun.set(key, { calls: 1, input_tokens: input_tokens || 0, output_tokens: output_tokens || 0, cost_usd: cost_usd || 0, provider: provider || 'unknown' });
+    }
+    _totalCostThisRun += cost_usd || 0;
+}
+function getModelsUsedReport() {
+    const out = {};
+    for (const [model, e] of _modelsUsedThisRun.entries()) {
+        out[model] = { provider: e.provider, calls: e.calls, input_tokens: e.input_tokens, output_tokens: e.output_tokens, tokens: e.input_tokens + e.output_tokens, cost_usd: +e.cost_usd.toFixed(6) };
+    }
+    return out;
+}
+function getTotalCostUsd() { return _totalCostThisRun; }
+// ClawRouter v2.0 — MANDATORY SINGLE GATEWAY (Exec Protocol §17)
+// TICKET-215 Wave C: every LLM call routes through the core ModelRouter SEAM.
+// The viem-backed router now lives in its OWN package (@kognai/clawrouter-x402);
+// Kognai injects it into the zero-dep core slot at boot, so core never carries
+// viem and a product that doesn't route on-chain simply doesn't inject it.
+// TICKET-215 Wave D (split step 1): Kognai-local injection of the viem router +
+// SCORE scorer into the core seams lives in one bootstrap module (side-effect import).
+const model_router_registry_1 = require("./model-router-registry");
+// Seam-backed bindings — existing call sites resolve through the injected router.
+const routeCall = (req) => (0, model_router_registry_1.getModelRouter)().routeCall(req);
+exports.routeCall = routeCall;
+const getDailyCostDigest = () => (0, model_router_registry_1.getModelRouter)().getDailyCostDigest();
+exports.getDailyCostDigest = getDailyCostDigest;
+const citizenship_1 = require("./citizenship");
+// TICKET-215 Wave D: citizen scoring via the core seam. The SCORE-backed scorer
+// stays Kognai-local (out of zero-dep core) and is injected here; scoring goes
+// through recordTaskScoreMonitored so every score emits a data.citizen_score event
+// to the event-bus (kognai_events) — flowing back to Kognai monitoring + the Plumber.
+const citizen_score_registry_1 = require("./citizen-score-registry");
+/**
+ * Wire a supervisor's review into the SCORE protocol for the citizen that
+ * authored the task. No-op for agents not in the citizens registry yet
+ * (founding agents — CEO/sup/sherlock — aren't backfilled). Caller passes
+ * the agent slug; we look up the citizen record + DID.
+ */
+function recordScoreForCitizen(agent_name, sprint_id, task_id, grade, path) {
+    if (!grade || !['A', 'B', 'C', 'D', 'F'].includes(grade))
+        return; // legacy reviews w/o grade
+    const reg = (0, citizenship_1.readRegistry)();
+    const citizen = reg.citizens.find((c) => c.agent_name === agent_name);
+    if (!citizen)
+        return; // founding agent or unminted — skip silently
+    // Supervisor DID — single supervisor identity for now; can split per-pass later.
+    const supervisorDID = 'did:kognai:supervisor';
+    const result = (0, citizen_score_registry_1.recordTaskScoreMonitored)({
+        citizen_id: citizen.citizen_id,
+        agent_did: citizen.agent_did,
+        sprint_id,
+        task_id,
+        grade,
+        supervisor_did: supervisorDID,
+    });
+    log(exports.c.gray, `  [SCORE] ${citizen.citizen_id} (${agent_name}): grade ${grade} → final ${result.final_score.toFixed(1)} (perf ${result.task_performance_score.toFixed(0)} × ${result.constitutional_multiplier})`);
+}
+const model_router_1 = require("./model-router");
+// sprint-1566 F3+F0e: per-model cost computation + wallet ledger writes
+const llm_cost_table_1 = require("./llm-cost-table");
+const ceo_wallet_1 = require("./ceo-wallet");
+// V17: Sovereign mode — force all inference to local Ollama ($0 cost floor)
+exports.SOVEREIGN_MODE = process.argv.includes('--sovereign') || process.env.SOVEREIGN_MODE === '1';
+// TICKET-085: map letter grade → numeric score so legacy code (LoRA cron,
+// trust updater, AAR middleware, etc.) keeps working unchanged. A discrete
+// scale prevents the LLM-anchored 88 cluster; the derived score preserves
+// downstream contracts.
+const GRADE_TO_SCORE = {
+    A: 95, B: 85, C: 70, D: 50, F: 20,
+};
+function normalizeReview(raw) {
+    const r = raw;
+    // If LLM returned a letter grade, derive score from it (authoritative).
+    // If only numeric score returned (legacy / parse failure), keep as-is.
+    if (r.grade && GRADE_TO_SCORE[r.grade] !== undefined) {
+        r.score = GRADE_TO_SCORE[r.grade];
+    }
+    return r;
+}
+// ===== Colors =====
+exports.c = {
+    reset: '\x1b[0m', bold: '\x1b[1m',
+    red: '\x1b[31m', green: '\x1b[32m', yellow: '\x1b[33m',
+    blue: '\x1b[34m', magenta: '\x1b[35m', cyan: '\x1b[36m', gray: '\x1b[90m',
+};
+function log(color, msg) {
+    console.log(`${color}${msg}${exports.c.reset}`);
+}
+// ===== Safe reset helper =====
+// Replaces bare `git reset --hard HEAD~1`. Verifies the last commit is the
+// orchestrator's own (matches the expected `feat(<agent>): <id> - <type>`
+// pattern) before reverting. Skips the reset if HEAD has moved on to someone
+// else's commit — protects against wiping work from concurrent Claude sessions
+// or human commits made while the orchestrator was running.
+function safeResetLastCommit(taskId, agentName, taskType, indent = '  ') {
+    const expectedMsg = `feat(${agentName ?? 'coder'}): ${taskId} - ${taskType ?? 'feature'}`;
+    try {
+        const lastMsg = (0, child_process_1.execSync)('git log -1 --format=%s', { timeout: 5000 }).toString().trim();
+        if (lastMsg !== expectedMsg) {
+            log(exports.c.yellow, `${indent}! Reset skipped — HEAD is "${lastMsg.substring(0, 60)}", not our commit. Working tree left as-is to protect concurrent work.`);
+            return false;
+        }
+        (0, child_process_1.execSync)('git reset --hard HEAD~1', { timeout: 10000 });
+        log(exports.c.gray, `${indent}Reset to previous commit (dropped rejected code)`);
+        return true;
+    }
+    catch (err) {
+        log(exports.c.gray, `${indent}Reset skipped: ${(err.message || '').substring(0, 80)}`);
+        return false;
+    }
+}
+// ===== ClawRouter v2.0 — MANDATORY SINGLE GATEWAY (Exec Protocol §17) =====
+// ALL LLM calls route through routeCall() from clawrouter-v2.ts.
+// Direct API calls to Anthropic, OpenAI, MiniMax, or Ollama are Sev-1 violations.
+// The old provider-based callLLM() is replaced with a unified gateway that maps
+// legacy provider+model pairs to ClawRouter v2.0 tier_class+complexity.
+// Track direct_api_violations for sprint JSON (§17.6)
+let _directApiViolations = 0;
+let _llmCallsRouted = 0;
+let _apexCalls = 0;
+let _apexJudgePatternCompliant = true;
+/**
+ * Unified LLM gateway — routes ALL calls through ClawRouter v2.0.
+ * Legacy provider parameter is mapped to ClawRouter tier/complexity:
+ *   - 'ollama' / 'local'   → T0-T2 (local Ollama, $0)
+ *   - 'clawrouter'          → T2.5 EXEC (cloud gateway)
+ *   - 'anthropic' (Sonnet)  → T3 APEX (constitutional decisions only)
+ *   - 'anthropic' (Haiku)   → T2.5 EXEC
+ *   - 'openai'              → T2.5 EXEC
+ *   - 'minimax'             → T2.5 EXEC (via ClawRouter)
+ *
+ * NOTE: The provider parameter is retained for backward compatibility but
+ * ALL routing decisions are made by ClawRouter v2.0. No direct API calls.
+ */
+async function callLLM(provider, model, systemPrompt, userPrompt, timeoutMs = 300000, agentId = 'orchestrator', taskType = 'orchestrator_call') {
+    _llmCallsRouted++;
+    // Map legacy provider+model to ClawRouter v2.0 request
+    const req = {
+        task_type: taskType,
+        tier_class: 'text',
+        complexity: mapLegacyToComplexity(provider, model),
+        context_tokens: Math.ceil((systemPrompt.length + userPrompt.length) / 4),
+        constitutional_flag: isConstitutionalCall(provider, model),
+        agent_id: agentId,
+        payload: {
+            system: systemPrompt,
+            prompt: userPrompt,
+            max_tokens: 16000,
+        },
+    };
+    // Track APEX calls for §17.6
+    if (req.constitutional_flag || req.complexity === 'apex') {
+        _apexCalls++;
+    }
+    // Proactive provider-budget check (PR #18 reactive fallback's preventive twin).
+    // If <PROVIDER>_MONTHLY_BUDGET_USD env is set, check month-to-date spend
+    // against the cap BEFORE attempting the call. Status 'frozen' (>=95%) skips
+    // the call entirely and goes straight to the fallback path — avoids burning
+    // a credit-exhaustion error to learn the same thing. 'warning' (>=80%)
+    // alerts once per process lifetime but still attempts the call.
+    // No env set → status 'unmonitored' → no proactive check (today's behavior).
+    if (provider !== 'clawrouter' && provider !== 'ollama') {
+        const budget = (0, ceo_wallet_1.getProviderBudgetStatus)(provider);
+        if (budget.status === 'frozen') {
+            log(exports.c.yellow, `  [budget-guard] ${provider} ${budget.pct.toFixed(0)}% of $${budget.budget_usd} cap → skipping to fallback (CEO-wallet-funded) without trying upstream`);
+            _maybeAlertBudget(provider, 'frozen', budget);
+            try {
+                const fallbackResp = await callLLM('clawrouter', 'deepseek/deepseek-chat', systemPrompt, userPrompt, timeoutMs, agentId, `${taskType}_budget_proactive_fallback_from_${provider}`);
+                fallbackResp.fallback_used = true;
+                fallbackResp.fallback_from_provider = provider;
+                fallbackResp.fallback_reason = 'budget_frozen';
+                return fallbackResp;
+            }
+            catch (fallbackErr) {
+                log(exports.c.red, `  [budget-guard] fallback also failed: ${fallbackErr.message} — proceeding to attempt original provider as last resort`);
+                // Fall through to the normal try — better to attempt + handle the error reactively
+                // than to leave the caller with nothing
+            }
+        }
+        else if (budget.status === 'warning') {
+            _maybeAlertBudget(provider, 'warning', budget);
+        }
+    }
+    try {
+        const result = await (0, exports.routeCall)(req);
+        // sprint-1566 F3+F0e: clawrouter's wallet billing only fires on the
+        // x402-retry path (cost_usd != 0). The common direct path returns
+        // cost_usd=0 and the ledger stays empty. Compute cost from real tokens
+        // here using the per-model rate table + call deductCost so the ledger
+        // becomes the source of truth.
+        // Codex P2 (PR #9): record actual provider derived from result.model,
+        // not the caller's intent (provider param). The real routed-model name
+        // comes back in result.model and we infer the provider from it.
+        const callerModel = result.model || model;
+        // Codex P2 on PR #15: inferProvider returns the literal 'unknown' for
+        // unclassified models; treat that as a miss and fall back to the
+        // caller-intent provider so the ledger never records the string 'unknown'.
+        const inferred = inferProvider(callerModel);
+        const realProvider = (inferred && inferred !== 'unknown') ? inferred : provider;
+        const inputTokens = result.input_tokens || 0;
+        const outputTokens = result.output_tokens || 0;
+        const computed = (0, llm_cost_table_1.computeCost)(callerModel, inputTokens, outputTokens);
+        // Prefer real billed cost (x402 path) over our estimate
+        const costUsd = (result.cost_usd && result.cost_usd > 0) ? result.cost_usd : computed;
+        try {
+            if (costUsd > 0)
+                (0, ceo_wallet_1.deductCost)(costUsd, agentId, taskType, realProvider, callerModel);
+            recordModelCall(realProvider, callerModel, inputTokens, outputTokens, costUsd);
+        }
+        catch { /* recording failure must never break the LLM call */ }
+        const response = {
+            choices: [{ message: { content: result.content } }],
+            usage: { total_tokens: inputTokens + outputTokens, input_tokens: inputTokens, output_tokens: outputTokens },
+            provider: realProvider,
+            model: callerModel,
+            cost_usd: costUsd,
+        };
+        _accumulateTokens(response.usage?.total_tokens || 0);
+        return response;
+    }
+    catch (err) {
+        const msg = String(err?.message || err);
+        // Provider-credit-exhaustion fallback: the CEO wallet is supposed to keep
+        // the swarm alive via x402, but Anthropic (and other direct-API providers)
+        // bypass that — they bill against a separate account balance the CEO wallet
+        // can't see. When that external balance hits zero we used to crash with
+        // exit-null mid-task (incident 2026-05-21). Now we downgrade to a
+        // CEO-wallet-funded provider (DeepSeek via ClawRouter, x402-enabled) and
+        // continue. The sprint completes at lower quality instead of crashing.
+        if (isCreditExhaustion(msg) && provider !== 'clawrouter') {
+            log(exports.c.yellow, `  [fallback] ${provider} credit exhausted → downgrading to clawrouter/deepseek (alerting founder)`);
+            try {
+                alertCreditExhaustion(provider, msg, agentId, taskType);
+            }
+            catch { /* alert failure must never block */ }
+            try {
+                const fallbackResp = await callLLM('clawrouter', 'deepseek/deepseek-chat', systemPrompt, userPrompt, timeoutMs, agentId, `${taskType}_fallback_from_${provider}`);
+                fallbackResp.fallback_used = true;
+                fallbackResp.fallback_from_provider = provider;
+                return fallbackResp;
+            }
+            catch (fallbackErr) {
+                log(exports.c.red, `  [fallback] downgrade also failed: ${fallbackErr.message} — re-throwing original`);
+                throw err;
+            }
+        }
+        log(exports.c.red, `  [ClawRouter] Call failed: ${err.message}`);
+        throw err;
+    }
+}
+/**
+ * Heuristic check for provider-credit / quota / billing exhaustion in an error
+ * message. Conservative — matches only specific upstream-provider markers that
+ * consistently indicate "stop trying this provider, switch to a CEO-wallet-
+ * funded one." Does NOT match:
+ *   - generic 429 rate limits (transient, should retry same provider)
+ *   - bare 'payment required' / '402' strings (codex P2 on PR #17: would
+ *     mis-classify ClawRouter's own missing-X402_WALLET_KEY error, which
+ *     throws "...402 (payment required)..." per scripts/lib/clawrouter-v2.ts,
+ *     and trigger a misleading "top up <provider>" alert when the real cause
+ *     is local config, not external provider credits)
+ *
+ * Specific markers below all come from Anthropic / OpenAI / MiniMax error
+ * payloads when their account balance hits zero.
+ */
+function isCreditExhaustion(msg) {
+    const m = (msg || '').toLowerCase();
+    // Exclude local-config errors first — these throw 402 strings but aren't
+    // upstream-provider credit exhaustion.
+    if (m.includes('x402_wallet_key') || m.includes('wallet key') || m.includes('missing wallet'))
+        return false;
+    return (m.includes('insufficient credit') ||
+        m.includes('insufficient balance') ||
+        m.includes('credit balance is too low') ||
+        m.includes('credit_balance') ||
+        m.includes('quota exceeded') ||
+        m.includes('quota_exceeded') ||
+        m.includes('billing_hard_limit') ||
+        m.includes('insufficient_quota') ||
+        (m.includes('401') && (m.includes('credit') || m.includes('billing'))));
+}
+/** Fire-and-forget Telegram alert when a fallback fires. Best-effort; never blocks. */
+function alertCreditExhaustion(failedProvider, errMsg, agentId, taskType) {
+    const botToken = process.env.SENIOR_CODER_BOT_TOKEN || process.env.TELEGRAM_BOT_TOKEN || '';
+    const groupIds = (process.env.SENIOR_CODER_TG_GROUP_ID || '').split(',').map(s => s.trim()).filter(Boolean);
+    if (!botToken || groupIds.length === 0)
+        return;
+    const text = `⚠️ ${failedProvider} credit exhausted — fallback to DeepSeek via ClawRouter for this call\n\n` +
+        `agent: ${agentId}\n` +
+        `task_type: ${taskType}\n` +
+        `error: ${errMsg.slice(0, 200)}\n\n` +
+        `Top up the ${failedProvider} account to restore full quality. The swarm continues at degraded quality on CEO-wallet-funded providers in the meantime.`;
+    _sendTelegramAlert(botToken, groupIds, text);
+}
+// Throttle proactive budget alerts: once per (provider, status) per process lifetime.
+// Avoids spamming the chat when every Anthropic call in a row trips the same threshold.
+const _budgetAlertsSent = new Set();
+function _maybeAlertBudget(provider, status, report) {
+    const key = `${provider.toLowerCase()}:${status}`;
+    if (_budgetAlertsSent.has(key))
+        return;
+    _budgetAlertsSent.add(key);
+    const botToken = process.env.SENIOR_CODER_BOT_TOKEN || process.env.TELEGRAM_BOT_TOKEN || '';
+    const groupIds = (process.env.SENIOR_CODER_TG_GROUP_ID || '').split(',').map(s => s.trim()).filter(Boolean);
+    if (!botToken || groupIds.length === 0)
+        return;
+    const emoji = status === 'frozen' ? '🔴' : '🟡';
+    const verb = status === 'frozen' ? 'FROZEN — routing to fallback' : 'WARNING — still attempting';
+    const text = `${emoji} ${provider} monthly budget ${verb}\n\n` +
+        `spent: $${report.spent_month_usd.toFixed(4)} / $${report.budget_usd?.toFixed(2)} (${report.pct.toFixed(0)}%)\n` +
+        `threshold: ${status === 'frozen' ? '95%' : '80%'}\n\n` +
+        `${status === 'frozen'
+            ? 'New ' + provider + ' calls go straight to DeepSeek (CEO-wallet-funded) until budget reset on month rollover OR ' + provider.toUpperCase() + '_MONTHLY_BUDGET_USD raised.'
+            : 'Top up ' + provider + ' account or raise ' + provider.toUpperCase() + '_MONTHLY_BUDGET_USD to avoid hitting 95% freeze.'}`;
+    _sendTelegramAlert(botToken, groupIds, text);
+}
+// Shared Telegram send helper — fire-and-forget, native https, never blocks.
+function _sendTelegramAlert(botToken, groupIds, text) {
+    for (const chatId of groupIds) {
+        const body = JSON.stringify({ chat_id: parseInt(chatId, 10), text });
+        const req = require('https').request({
+            hostname: 'api.telegram.org',
+            path: `/bot${botToken}/sendMessage`,
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(body) },
+            timeout: 5000,
+        });
+        req.on('error', () => { });
+        req.write(body);
+        req.end();
+    }
+}
+/**
+ * Derive the real LLM provider from the model name returned by ClawRouter.
+ * The orchestrator's caller passes a `provider` hint, but ClawRouter may
+ * route to a different actual model. This function gives us truth for the
+ * wallet ledger so Bloomberg can produce honest per-provider reports.
+ *
+ * Returns 'unknown' if the model can't be classified; callers fall back to
+ * the caller-intent provider in that case.
+ */
+function inferProvider(model) {
+    const m = (model || '').toLowerCase();
+    if (!m)
+        return 'unknown';
+    if (m.includes('sonnet') || m.includes('haiku') || m.includes('opus') || m.startsWith('claude-'))
+        return 'anthropic';
+    if (m.includes('minimax'))
+        return 'minimax';
+    if (m.includes('deepseek'))
+        return 'deepseek';
+    if (m.includes('qwen'))
+        return 'qwen';
+    if (m.includes('gpt-') || m.startsWith('o1-') || m.startsWith('o3-') || m.includes('codex'))
+        return 'openai';
+    if (m.includes('grok'))
+        return 'xai';
+    if (m.includes('gemini') || m.includes('flash'))
+        return 'google';
+    return 'unknown';
+}
+/**
+ * Map legacy provider+model pairs to ClawRouter v2.0 complexity levels.
+ * This preserves the existing routing intelligence while funneling through the gateway.
+ */
+function mapLegacyToComplexity(provider, model) {
+    // Local models → stay local
+    if (provider === 'ollama') {
+        if (model.includes('0.6b'))
+            return 'nano';
+        if (model.includes('4b'))
+            return 'local';
+        return 'power'; // qwen3:14b, deepseek-r1:14b
+    }
+    // Anthropic Sonnet → APEX (constitutional)
+    if (provider === 'anthropic' && model.includes('sonnet'))
+        return 'apex';
+    // Anthropic Haiku → EXEC (cloud, not constitutional)
+    if (provider === 'anthropic' && model.includes('haiku'))
+        return 'exec';
+    // ClawRouter DeepSeek → EXEC
+    if (provider === 'clawrouter')
+        return 'exec';
+    // MiniMax → EXEC (cloud)
+    if (provider === 'minimax')
+        return 'exec';
+    // OpenAI → EXEC
+    if (provider === 'openai')
+        return 'exec';
+    // Default → POWER (local)
+    return 'power';
+}
+/** Detect if a call is constitutional (requires T3 APEX / Claude Sonnet) */
+function isConstitutionalCall(provider, model) {
+    return provider === 'anthropic' && model.includes('sonnet');
+}
+// Legacy aliases — these are now thin wrappers that route through callLLM()
+// They exist so that call sites like callAnthropicCached() don't need immediate rewriting.
+// All direct API calls are eliminated — every call goes through ClawRouter v2.0.
+async function callAnthropicCached(model, systemPrompt, userPrompt, timeoutMs) {
+    // Prompt caching is now handled by ClawRouter v2.0 (QCG layer)
+    return callLLM('anthropic', model, systemPrompt, userPrompt, timeoutMs);
+}
+/** Get sprint-level ClawRouter metrics for §17.6 sprint JSON fields */
+function getClawRouterSprintMetrics() {
+    return {
+        llm_calls_routed: _llmCallsRouted,
+        direct_api_violations: _directApiViolations,
+        apex_calls: _apexCalls,
+        apex_judge_pattern_compliant: _apexJudgePatternCompliant,
+    };
+}
+// B.9: Nano classifier — uses T0 NANO (qwen3:0.6b) via ClawRouter v2.0
+async function classifyTaskSmart(prompt) {
+    const regexType = (0, model_router_1.classifyTask)(prompt);
+    if (regexType !== 'util')
+        return regexType; // regex was confident
+    try {
+        const classifyPrompt = `Classify this task into exactly one category. Reply with ONLY the category name, nothing else.
+Categories: code, reason, lang, util, audit, content, data, refactor-complex, agent-framework, codebase-scan
+
+Task: ${prompt.substring(0, 300)}`;
+        const result = await (0, exports.routeCall)({
+            task_type: 'nano_classify', tier_class: 'text', complexity: 'nano',
+            context_tokens: Math.ceil(classifyPrompt.length / 4), constitutional_flag: false,
+            agent_id: 'nano-classifier',
+            payload: { prompt: classifyPrompt, max_tokens: 20 },
+        });
+        const nano = result.content.trim().toLowerCase().split(/\s/)[0];
+        const valid = ['code', 'reason', 'lang', 'util', 'audit', 'content', 'data', 'refactor-complex', 'agent-framework', 'codebase-scan'];
+        return valid.includes(nano) ? nano : regexType;
+    }
+    catch {
+        return regexType;
+    }
+}
+// B.12: Context compression using T1 LOCAL (qwen3:4b) via ClawRouter v2.0 — reduces cloud token spend 70-80%
+async function compressContext(context) {
+    if (context.length < 1200)
+        return context; // not worth compressing
+    try {
+        const compressPrompt = `Compress the following task context to under 600 words. Preserve all file paths, function names, technical requirements, and acceptance criteria. Remove prose filler and redundant explanations.\n\n${context.substring(0, 4000)}`;
+        const result = await (0, exports.routeCall)({
+            task_type: 'qcg_compress', tier_class: 'text', complexity: 'local',
+            context_tokens: Math.ceil(compressPrompt.length / 4), constitutional_flag: false,
+            agent_id: 'context-compressor',
+            payload: { prompt: compressPrompt, max_tokens: 800 },
+        });
+        const compressed = result.content.trim();
+        if (compressed.length > 100 && compressed.length < context.length * 0.9) {
+            log(exports.c.gray, `  [compress] ${context.length} → ${compressed.length} chars (${Math.round(compressed.length / context.length * 100)}%)`);
+            return compressed;
+        }
+    }
+    catch { /* non-fatal */ }
+    return context;
+}
+// B.10: Local QA gate — structural checks only (no LLM — qwen3 think-mode unreliable for PASS/FAIL)
+// LLM-based QA deferred to Claude supervisor review which gives structured feedback.
+// Markers that, when repeated, indicate the agent's chain-of-thought was
+// captured as the file body (the "rumination" failure mode — sprint smoke
+// 2026-05-07). These are phrases a coder agent says to itself while deciding
+// what to output; they should never appear in a deliverable file.
+const RUMINATION_MARKERS = [
+    'let me think', 'the problem says', 'but the problem says', 'however, the problem',
+    'so we output', 'therefore the answer is', 'we output nothing', 'we output the empty',
+    'so the answer is', 'but to be safe', 'but note:', 'but to be precise',
+    'so i will output', 'let me decide', 'but to be precise', 'final answer:',
+    'final decision:', 'i will output', 'should i output', 'let me re-read',
+];
+function detectRumination(content) {
+    const lower = content.toLowerCase();
+    let hits = 0;
+    for (const marker of RUMINATION_MARKERS) {
+        // Count overlapping occurrences with a simple split — cheap, good enough.
+        hits += lower.split(marker).length - 1;
+    }
+    const wordCount = Math.max(1, content.split(/\s+/).filter(Boolean).length);
+    return { hits, ratio: hits / wordCount };
+}
+async function localQAGate(_task, fileContents) {
+    // Fail only on structurally empty files (< 50 chars indicates the model returned nothing useful)
+    const emptyFiles = fileContents.filter(f => (f.content || '').trim().length < 50);
+    if (emptyFiles.length > 0) {
+        return { pass: false, reason: `Files too short/empty: ${emptyFiles.map(f => f.path).join(', ')}` };
+    }
+    // Fail if all files are missing from disk (write step silently failed)
+    const { existsSync: _exists } = await Promise.resolve().then(() => __importStar(require('fs')));
+    const missingFiles = fileContents.filter(f => !_exists(f.path));
+    if (missingFiles.length > 0) {
+        return { pass: false, reason: `Files not written to disk: ${missingFiles.map(f => f.path).join(', ')}` };
+    }
+    // Rumination guard — catch the chain-of-thought-leaked-into-file failure
+    // mode. Threshold: ≥3 distinct rumination phrases AND ≥0.5% of words are
+    // rumination markers (catches both small and large dumps; a doc that
+    // legitimately uses one such phrase once is fine).
+    for (const f of fileContents) {
+        const { hits, ratio } = detectRumination(f.content || '');
+        if (hits >= 3 && ratio >= 0.005) {
+            return {
+                pass: false,
+                reason: `Rumination detected in ${f.path}: ${hits} chain-of-thought markers (${(ratio * 100).toFixed(2)}% of words). The agent dumped its reasoning into the file body instead of outputting just the file content.`,
+            };
+        }
+    }
+    // TICKET-085: deterministic syntactic typecheck for .ts/.tsx changes
+    // before LLM review. Catches broken syntax / unresolvable imports cheaply
+    // so we don't burn supervisor tokens on uncompileable code. Project-wide
+    // type errors are NOT caught (that's the Vercel build's job) — this is
+    // just the fast gate: does the file parse + can its imports be resolved.
+    const tsFiles = fileContents.filter(f => /\.(ts|tsx)$/.test(f.path));
+    if (tsFiles.length > 0) {
+        const tcResult = await typecheckChangedFiles(tsFiles.map(f => f.path));
+        if (!tcResult.pass) {
+            return {
+                pass: false,
+                reason: `Typecheck failed (${tcResult.errorCount} error(s)): ${tcResult.firstError}`,
+            };
+        }
+    }
+    return { pass: true, reason: `${fileContents.length} file(s) non-empty + no rumination + typecheck PASS — proceeding to supervisor review` };
+}
+// TICKET-085 (v2 — TICKET-088 fix): project-aware typecheck. v1 used
+// loose-file mode + `npx -y typescript@5 tsc` and silently passed
+// EVERYTHING because the npx invocation produced no tsc output and exit 0
+// (npm "could not determine executable") — gate was a no-op for ~24h.
+//
+// v2: find the nearest tsconfig.json walking UP from each changed file,
+// run `tsc -p <tsconfig> --noEmit --incremental` per project. Incremental
+// build cache (.tsbuildinfo) makes subsequent runs fast (~2-5s typical).
+// Catches both syntactic errors AND cross-file type/import errors —
+// including the "imports from a non-existent file" class that bit us
+// when sprint-1581 + sprint-1582 shipped hallucinated component graphs.
+async function typecheckChangedFiles(filePaths) {
+    const { execSync } = await Promise.resolve().then(() => __importStar(require('child_process')));
+    const { existsSync } = await Promise.resolve().then(() => __importStar(require('fs')));
+    const { join, dirname, resolve } = await Promise.resolve().then(() => __importStar(require('path')));
+    // Find nearest tsconfig.json walking up from a file path.
+    // Returns null if walked all the way to / without finding one.
+    function findTsconfig(filePath) {
+        let dir = dirname(resolve(filePath));
+        for (let i = 0; i < 12; i++) {
+            const candidate = join(dir, 'tsconfig.json');
+            if (existsSync(candidate))
+                return candidate;
+            const parent = dirname(dir);
+            if (parent === dir)
+                break;
+            dir = parent;
+        }
+        return null;
+    }
+    // Group changed files by which tsconfig governs them.
+    const projects = new Set();
+    let filesWithoutProject = 0;
+    for (const f of filePaths) {
+        const tc = findTsconfig(f);
+        if (tc)
+            projects.add(tc);
+        else
+            filesWithoutProject++;
+    }
+    if (projects.size === 0) {
+        return { pass: true, errorCount: 0, firstError: `no tsconfig found for ${filesWithoutProject} file(s) — skipping` };
+    }
+    // Pick a local tsc binary. Prefer the repo's installed copy (fast, no
+    // network). Fall back to npx-with-explicit-package only if not present.
+    const localTsc = join(process.cwd(), 'node_modules', '.bin', 'tsc');
+    const tscCmd = existsSync(localTsc)
+        ? `"${localTsc}"`
+        : `npx -y --package=typescript@5 tsc`;
+    for (const tsconfig of projects) {
+        try {
+            execSync(`${tscCmd} -p "${tsconfig}" --noEmit --incremental`, {
+                encoding: 'utf-8', timeout: 120_000, stdio: 'pipe', cwd: process.cwd(),
+            });
+        }
+        catch (e) {
+            const out = (e.stdout || '') + (e.stderr || '');
+            const lines = out.split('\n').filter((l) => /error TS\d+/i.test(l));
+            if (lines.length === 0) {
+                // Tooling failure (timeout, tsc not found, OOM). Don't block pipeline
+                // on infra; supervisor still has a shot at catching substantive bugs.
+                console.warn(`[typecheck-gate] tooling failure on ${tsconfig}: ${(e.message || '').slice(0, 120)}`);
+                continue; // try next project
+            }
+            // Filter errors to JUST the files this task changed. Other errors
+            // (pre-existing in unrelated files) shouldn't block this task — they
+            // belong to whoever introduced them, not the current coder.
+            const changedAbs = new Set(filePaths.map(f => resolve(f)));
+            const ourErrors = lines.filter((l) => {
+                const m = l.match(/^([^(]+)\(/);
+                return m && changedAbs.has(resolve(m[1].trim()));
+            });
+            if (ourErrors.length > 0) {
+                return {
+                    pass: false,
+                    errorCount: ourErrors.length,
+                    firstError: ourErrors[0].trim().slice(0, 200),
+                };
+            }
+            // tsc errored but all errors are in files we didn't touch — let it through.
+            console.warn(`[typecheck-gate] ${lines.length} pre-existing error(s) in ${tsconfig} unrelated to this task — passing`);
+        }
+    }
+    return { pass: true, errorCount: 0, firstError: `${projects.size} project(s) typechecked clean` };
+}
+// B.11: Tiered debugger — routes debug effort by issue severity via ClawRouter v2.0
+async function tieredDebug(task, review, _systemPrompt) {
+    const issueText = (review.issues || []).map(i => `[${i.severity}] ${i.file}: ${i.description}`).join('\n');
+    const hasArchitecture = (review.issues || []).some(i => i.severity === 'critical' || i.description.toLowerCase().includes('architect'));
+    const hasSystemic = (review.issues || []).some(i => i.severity === 'high' || i.description.toLowerCase().includes('logic'));
+    try {
+        if (hasArchitecture) {
+            // Tier 3: T2.5 EXEC — deep architectural issues (via ClawRouter)
+            const result = await (0, exports.routeCall)({
+                task_type: 'debug_architectural', tier_class: 'text', complexity: 'exec',
+                context_tokens: Math.ceil((issueText.length + 800) / 4), constitutional_flag: false,
+                agent_id: 'tiered-debugger',
+                payload: { prompt: `Fix this code. Issues:\n${issueText}\n\nTask: ${task.context.substring(0, 800)}`, max_tokens: 4096 },
+            });
+            return result.content || null;
+        }
+        else if (hasSystemic) {
+            // Tier 2: T2 POWER (deepseek-r1:14b equivalent) — logical/systemic issues
+            const result = await (0, exports.routeCall)({
+                task_type: 'debug_systemic', tier_class: 'text', complexity: 'power',
+                context_tokens: Math.ceil((issueText.length + 600) / 4), constitutional_flag: false,
+                agent_id: 'tiered-debugger',
+                payload: { prompt: `Fix these code issues:\n${issueText}\n\nTask: ${task.context.substring(0, 600)}`, max_tokens: 2048 },
+            });
+            return result.content;
+        }
+        else {
+            // Tier 1: T2 POWER (qwen3:14b) — minor issues
+            const result = await (0, exports.routeCall)({
+                task_type: 'debug_minor', tier_class: 'text', complexity: 'power',
+                context_tokens: Math.ceil((issueText.length + 500) / 4), constitutional_flag: false,
+                agent_id: 'tiered-debugger',
+                payload: { prompt: `Fix these minor code issues:\n${issueText}\n\nTask: ${task.context.substring(0, 500)}`, max_tokens: 1024 },
+            });
+            return result.content;
+        }
+    }
+    catch (e) {
+        log(exports.c.yellow, `  [tiered-debug] ${e.message}`);
+    }
+    return null;
+}
+function httpPost(url, headers, body, timeoutMs) {
+    const parsed = new URL(url);
+    const isHttps = parsed.protocol === 'https:';
+    const lib = isHttps ? https : http;
+    return new Promise((resolve, reject) => {
+        const req = lib.request({
+            hostname: parsed.hostname, port: parsed.port || (isHttps ? 443 : undefined),
+            path: parsed.pathname, method: 'POST',
+            headers: { ...headers, 'Content-Length': Buffer.byteLength(body).toString() },
+        }, (res) => {
+            let data = '';
+            res.on('data', (chunk) => (data += chunk));
+            res.on('end', () => {
+                try {
+                    const result = JSON.parse(data);
+                    if (result.error) {
+                        reject(new Error(`API error: ${result.error.message || JSON.stringify(result.error)}`));
+                        return;
+                    }
+                    resolve(result);
+                }
+                catch {
+                    reject(new Error(`Failed to parse response: ${data.substring(0, 500)}`));
+                }
+            });
+        });
+        req.on('error', reject);
+        req.setTimeout(timeoutMs, () => { req.destroy(); reject(new Error(`API timeout (${timeoutMs / 1000}s)`)); });
+        req.write(body);
+        req.end();
+    });
+}
+// <<<EXTRACT-END-primitives