npm - @probelabs/visor - Versions diffs - 0.1.106 → 0.1.111 - Mend

@probelabs/visor 0.1.106 → 0.1.111

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (530) hide show

package/README.md +71 -2
package/action.yml +1 -1
package/defaults/code-refiner.yaml +114 -0
package/defaults/{.visor.yaml → code-review.yaml} +35 -226
package/defaults/override.yaml +52 -0
package/defaults/task-refinement.yaml +624 -0
package/defaults/visor.tests.yaml +685 -0
package/defaults/visor.yaml +483 -0
package/dist/action-cli-bridge.d.ts +11 -82
package/dist/action-cli-bridge.d.ts.map +1 -1
package/dist/ai-review-service.d.ts +28 -9
package/dist/ai-review-service.d.ts.map +1 -1
package/dist/check-execution-engine.d.ts +19 -331
package/dist/check-execution-engine.d.ts.map +1 -1
package/dist/cli-main.d.ts.map +1 -1
package/dist/cli.d.ts +0 -1
package/dist/cli.d.ts.map +1 -1
package/dist/config.d.ts +16 -0
package/dist/config.d.ts.map +1 -1
package/dist/cron-scheduler.d.ts +3 -3
package/dist/cron-scheduler.d.ts.map +1 -1
package/dist/debug-visualizer/ws-server.d.ts +7 -1
package/dist/debug-visualizer/ws-server.d.ts.map +1 -1
package/dist/defaults/code-refiner.yaml +114 -0
package/dist/defaults/{.visor.yaml → code-review.yaml} +35 -226
package/dist/defaults/override.yaml +52 -0
package/dist/defaults/task-refinement.yaml +624 -0
package/dist/defaults/visor.tests.yaml +685 -0
package/dist/defaults/visor.yaml +483 -0
package/dist/docs/DEPLOYMENT.md +118 -0
package/dist/docs/GITHUB_CHECKS.md +280 -0
package/dist/docs/NPM_USAGE.md +208 -0
package/dist/docs/action-reference.md +19 -0
package/dist/docs/advanced-ai.md +237 -0
package/dist/docs/ai-configuration.md +535 -0
package/dist/docs/ai-custom-tools-usage.md +261 -0
package/dist/docs/ai-custom-tools.md +392 -0
package/dist/docs/author-permissions.md +610 -0
package/dist/docs/bot-transports-rfc.md +23 -0
package/dist/docs/ci-cli-mode.md +34 -0
package/dist/docs/claude-code.md +74 -0
package/dist/docs/command-provider.md +559 -0
package/dist/docs/commands.md +8 -0
package/dist/docs/configuration.md +324 -0
package/dist/docs/custom-tools.md +424 -0
package/dist/docs/dashboards/README.md +23 -0
package/dist/docs/dashboards/grafana-visor-diagrams.json +20 -0
package/dist/docs/dashboards/grafana-visor-overview.json +33 -0
package/dist/docs/debug-visualizer-progress.md +572 -0
package/dist/docs/debug-visualizer-rfc.md +691 -0
package/dist/docs/debug-visualizer.md +114 -0
package/dist/docs/debugging.md +636 -0
package/dist/docs/default-output-schema.md +28 -0
package/dist/docs/dependencies.md +369 -0
package/dist/docs/dev-playbook.md +9 -0
package/dist/docs/engine-pause-resume-rfc.md +192 -0
package/dist/docs/engine-state-machine-plan.md +333 -0
package/dist/docs/event-driven-github-integration-rfc.md +743 -0
package/dist/docs/event-triggers.md +292 -0
package/dist/docs/execution-statistics-rfc.md +290 -0
package/dist/docs/fact-validator-gap-analysis.md +178 -0
package/dist/docs/fact-validator-implementation-plan.md +1235 -0
package/dist/docs/fail-if.md +95 -0
package/dist/docs/failure-conditions-implementation.md +271 -0
package/dist/docs/failure-conditions-schema.md +173 -0
package/dist/docs/failure-routing-rfc.md +193 -0
package/dist/docs/failure-routing.md +507 -0
package/dist/docs/foreach-dependency-propagation.md +473 -0
package/dist/docs/github-ops.md +89 -0
package/dist/docs/goto-forward-run-plan.md +113 -0
package/dist/docs/guides/criticality-modes.md +332 -0
package/dist/docs/guides/fault-management-and-contracts.md +738 -0
package/dist/docs/guides/workflow-style-guide.md +224 -0
package/dist/docs/http.md +299 -0
package/dist/docs/human-input-provider.md +372 -0
package/dist/docs/lifecycle-hooks.md +253 -0
package/dist/docs/limits.md +64 -0
package/dist/docs/liquid-templates.md +490 -0
package/dist/docs/loop-routing-refactor.md +89 -0
package/dist/docs/mcp-provider.md +557 -0
package/dist/docs/mcp.md +124 -0
package/dist/docs/memory.md +903 -0
package/dist/docs/observability.md +12 -0
package/dist/docs/output-formats.md +20 -0
package/dist/docs/output-formatting.md +29 -0
package/dist/docs/output-history.md +383 -0
package/dist/docs/performance.md +6 -0
package/dist/docs/pluggable.md +124 -0
package/dist/docs/proposals/snapshot-scope-execution.md +236 -0
package/dist/docs/providers/git-checkout.md +589 -0
package/dist/docs/recipes.md +474 -0
package/dist/docs/rfc/git-checkout-step.md +601 -0
package/dist/docs/rfc/on_init-hook.md +1294 -0
package/dist/docs/rfc/workspace-isolation.md +216 -0
package/dist/docs/roadmap/criticality-implementation-tasks.md +92 -0
package/dist/docs/router-patterns.md +339 -0
package/dist/docs/schema-next-pr.md +10 -0
package/dist/docs/schema-templates.md +68 -0
package/dist/docs/script.md +34 -0
package/dist/docs/sdk.md +222 -0
package/dist/docs/security.md +7 -0
package/dist/docs/suppressions.md +89 -0
package/dist/docs/tag-filtering.md +258 -0
package/dist/docs/telemetry-setup.md +119 -0
package/dist/docs/telemetry-tracing-rfc.md +275 -0
package/dist/docs/test-framework-rfc.md +680 -0
package/dist/docs/testing/assertions.md +85 -0
package/dist/docs/testing/ci.md +44 -0
package/dist/docs/testing/cli.md +41 -0
package/dist/docs/testing/cookbook.md +172 -0
package/dist/docs/testing/dsl-reference.md +199 -0
package/dist/docs/testing/fixtures-and-mocks.md +91 -0
package/dist/docs/testing/flows.md +92 -0
package/dist/docs/testing/getting-started.md +93 -0
package/dist/docs/testing/troubleshooting.md +55 -0
package/dist/docs/timeouts.md +50 -0
package/dist/docs/troubleshooting.md +7 -0
package/dist/docs/visor-sdk-rfc.md +186 -0
package/dist/docs/workflows.md +569 -0
package/dist/engine/on-finish/orchestrator.d.ts +19 -0
package/dist/engine/on-finish/orchestrator.d.ts.map +1 -0
package/dist/engine/on-finish/utils.d.ts +44 -0
package/dist/engine/on-finish/utils.d.ts.map +1 -0
package/dist/event-bus/event-bus.d.ts +13 -0
package/dist/event-bus/event-bus.d.ts.map +1 -0
package/dist/event-bus/types.d.ts +71 -0
package/dist/event-bus/types.d.ts.map +1 -0
package/dist/examples/.claude/agents/code-reviewer.md +69 -0
package/dist/examples/.mcp.json +34 -0
package/dist/examples/CALCULATOR-SDK.md +364 -0
package/dist/examples/README.md +384 -0
package/dist/examples/ai-custom-tools-example.yaml +206 -0
package/dist/examples/ai-custom-tools-simple.yaml +76 -0
package/dist/examples/ai-retry-fallback-config.yaml +180 -0
package/dist/examples/ai-with-bash.yaml +126 -0
package/dist/examples/ai-with-mcp.yaml +82 -0
package/dist/examples/basic-human-input.yaml +15 -0
package/dist/examples/bedrock-config.yaml +77 -0
package/dist/examples/calculator-config.yaml +133 -0
package/dist/examples/calculator-json-output-guide.md +311 -0
package/dist/examples/calculator-sdk-automated.ts +340 -0
package/dist/examples/calculator-sdk-example.ts +275 -0
package/dist/examples/calculator-sdk-json.ts +331 -0
package/dist/examples/calculator-sdk-real.ts +374 -0
package/dist/examples/calculator-sdk-test.ts +148 -0
package/dist/examples/claude-code-config.yaml +191 -0
package/dist/examples/cron-webhook-config.yaml +215 -0
package/dist/examples/custom-template.liquid +57 -0
package/dist/examples/custom-tools-example.yaml +281 -0
package/dist/examples/enhanced-config.yaml +165 -0
package/dist/examples/environments/visor.base.yaml +92 -0
package/dist/examples/environments/visor.dev.yaml +33 -0
package/dist/examples/environments/visor.prod.yaml +95 -0
package/dist/examples/environments/visor.staging.yaml +46 -0
package/dist/examples/fact-validator.yaml +361 -0
package/dist/examples/fail-if-simple.yaml +90 -0
package/dist/examples/failure-conditions-advanced.yaml +136 -0
package/dist/examples/failure-conditions-basic.yaml +48 -0
package/dist/examples/failure-conditions-github-style.yaml +119 -0
package/dist/examples/failure-conditions-migration.yaml +74 -0
package/dist/examples/for-loop-example.yaml +176 -0
package/dist/examples/forEach-example.yaml +120 -0
package/dist/examples/git-checkout-basic.yaml +32 -0
package/dist/examples/git-checkout-compare.yaml +59 -0
package/dist/examples/git-checkout-cross-repo.yaml +76 -0
package/dist/examples/github-workflow-with-tags.yml +163 -0
package/dist/examples/http-integration-config.yaml +240 -0
package/dist/examples/https-server-config.yaml +209 -0
package/dist/examples/human-input-example.yaml +63 -0
package/dist/examples/if-conditions.yaml +173 -0
package/dist/examples/jira-simple-example.yaml +56 -0
package/dist/examples/jira-single-issue-workflow.yaml +166 -0
package/dist/examples/jira-workflow-mcp.yaml +182 -0
package/dist/examples/mcp/analyzer.py +119 -0
package/dist/examples/mcp-provider-example.yaml +301 -0
package/dist/examples/memory-counter.yaml +99 -0
package/dist/examples/memory-error-collection.yaml +104 -0
package/dist/examples/memory-exec-js.yaml +247 -0
package/dist/examples/memory-namespace-isolation.yaml +184 -0
package/dist/examples/memory-retry-counter.yaml +65 -0
package/dist/examples/memory-state-machine.yaml +170 -0
package/dist/examples/on-init-import-demo.yaml +179 -0
package/dist/examples/outputs-raw-basic.yaml +26 -0
package/dist/examples/project-with-tools.yaml +174 -0
package/dist/examples/prompts/architecture-analysis.liquid +116 -0
package/dist/examples/prompts/security-comprehensive.liquid +107 -0
package/dist/examples/quick-start-tags.yaml +53 -0
package/dist/examples/reusable-tools.yaml +92 -0
package/dist/examples/reusable-workflows.yaml +88 -0
package/dist/examples/routing-basic.yaml +35 -0
package/dist/examples/routing-dynamic-js.yaml +46 -0
package/dist/examples/routing-foreach.yaml +34 -0
package/dist/examples/routing-goto-event.yaml +34 -0
package/dist/examples/routing-on-success.yaml +25 -0
package/dist/examples/run-calculator-demo.sh +71 -0
package/dist/examples/sdk-basic.mjs +10 -0
package/dist/examples/sdk-cjs.cjs +10 -0
package/dist/examples/sdk-comprehensive.mjs +175 -0
package/dist/examples/sdk-manual-config.mjs +65 -0
package/dist/examples/sdk-typescript.js +81 -0
package/dist/examples/sdk-typescript.ts +92 -0
package/dist/examples/session-reuse-config.yaml +151 -0
package/dist/examples/session-reuse-self.yaml +81 -0
package/dist/examples/slack-simple-chat.yaml +775 -0
package/dist/examples/templates/security-report.liquid +137 -0
package/dist/examples/tools-library.yaml +281 -0
package/dist/examples/transform-example.yaml +199 -0
package/dist/examples/visor-with-tags.yaml +198 -0
package/dist/examples/webhook-pipeline-config.yaml +218 -0
package/dist/examples/workflows/calculator-workflow.yaml +163 -0
package/dist/examples/workflows/code-quality.yaml +222 -0
package/dist/examples/workflows/quick-pr-check.yaml +90 -0
package/dist/examples/workflows/workflow-composition-example.yaml +130 -0
package/dist/failure-condition-evaluator.d.ts +3 -0
package/dist/failure-condition-evaluator.d.ts.map +1 -1
package/dist/frontends/github-frontend.d.ts +58 -0
package/dist/frontends/github-frontend.d.ts.map +1 -0
package/dist/frontends/host.d.ts +47 -0
package/dist/frontends/host.d.ts.map +1 -0
package/dist/frontends/ndjson-sink.d.ts +12 -0
package/dist/frontends/ndjson-sink.d.ts.map +1 -0
package/dist/frontends/slack-frontend.d.ts +58 -0
package/dist/frontends/slack-frontend.d.ts.map +1 -0
package/dist/generated/config-schema.d.ts +967 -57
package/dist/generated/config-schema.d.ts.map +1 -1
package/dist/generated/config-schema.json +1033 -56
package/dist/github-check-service.d.ts +4 -6
package/dist/github-check-service.d.ts.map +1 -1
package/dist/github-comments.d.ts +2 -4
package/dist/github-comments.d.ts.map +1 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +134327 -99004
package/dist/liquid-extensions.d.ts.map +1 -1
package/dist/logger.d.ts +2 -0
package/dist/logger.d.ts.map +1 -1
package/dist/memory-store.d.ts +6 -0
package/dist/memory-store.d.ts.map +1 -1
package/dist/output/assistant-json/template.liquid +0 -0
package/dist/output/traces/run-2026-01-20T19-22-58-043Z.ndjson +138 -0
package/dist/output/traces/run-2026-01-20T19-23-52-175Z.ndjson +1067 -0
package/dist/output-formatters.d.ts +1 -1
package/dist/output-formatters.d.ts.map +1 -1
package/dist/providers/ai-check-provider.d.ts +12 -0
package/dist/providers/ai-check-provider.d.ts.map +1 -1
package/dist/providers/check-provider-registry.d.ts +6 -0
package/dist/providers/check-provider-registry.d.ts.map +1 -1
package/dist/providers/check-provider.interface.d.ts +43 -1
package/dist/providers/check-provider.interface.d.ts.map +1 -1
package/dist/providers/claude-code-check-provider.d.ts.map +1 -1
package/dist/providers/command-check-provider.d.ts +1 -1
package/dist/providers/command-check-provider.d.ts.map +1 -1
package/dist/providers/custom-tool-executor.d.ts +61 -0
package/dist/providers/custom-tool-executor.d.ts.map +1 -0
package/dist/providers/git-checkout-provider.d.ts +25 -0
package/dist/providers/git-checkout-provider.d.ts.map +1 -0
package/dist/providers/github-ops-provider.d.ts.map +1 -1
package/dist/providers/http-client-provider.d.ts +4 -4
package/dist/providers/http-client-provider.d.ts.map +1 -1
package/dist/providers/human-input-check-provider.d.ts +5 -0
package/dist/providers/human-input-check-provider.d.ts.map +1 -1
package/dist/providers/index.d.ts +1 -0
package/dist/providers/index.d.ts.map +1 -1
package/dist/providers/log-check-provider.d.ts +2 -5
package/dist/providers/log-check-provider.d.ts.map +1 -1
package/dist/providers/mcp-check-provider.d.ts +10 -4
package/dist/providers/mcp-check-provider.d.ts.map +1 -1
package/dist/providers/mcp-custom-sse-server.d.ts +66 -0
package/dist/providers/mcp-custom-sse-server.d.ts.map +1 -0
package/dist/providers/memory-check-provider.d.ts +2 -8
package/dist/providers/memory-check-provider.d.ts.map +1 -1
package/dist/providers/script-check-provider.d.ts +25 -0
package/dist/providers/script-check-provider.d.ts.map +1 -0
package/dist/providers/workflow-check-provider.d.ts +56 -0
package/dist/providers/workflow-check-provider.d.ts.map +1 -0
package/dist/reviewer.d.ts +2 -1
package/dist/reviewer.d.ts.map +1 -1
package/dist/sdk/check-provider-registry-534KL5HT.mjs +27 -0
package/dist/sdk/chunk-23L3QRYX.mjs +16872 -0
package/dist/sdk/chunk-23L3QRYX.mjs.map +1 -0
package/dist/sdk/{chunk-TUTOLSFV.mjs → chunk-3OMWVM6J.mjs} +11 -1
package/dist/sdk/chunk-3OMWVM6J.mjs.map +1 -0
package/dist/sdk/chunk-7UK3NIIT.mjs +482 -0
package/dist/sdk/chunk-7UK3NIIT.mjs.map +1 -0
package/dist/sdk/chunk-AGIZJ4UZ.mjs +173 -0
package/dist/sdk/chunk-AGIZJ4UZ.mjs.map +1 -0
package/dist/sdk/chunk-AIVFBIS4.mjs +1371 -0
package/dist/sdk/chunk-AIVFBIS4.mjs.map +1 -0
package/dist/sdk/chunk-AK6BVWIT.mjs +426 -0
package/dist/sdk/chunk-AK6BVWIT.mjs.map +1 -0
package/dist/sdk/chunk-AUT26LHW.mjs +139 -0
package/dist/sdk/chunk-AUT26LHW.mjs.map +1 -0
package/dist/sdk/chunk-BOVFH3LI.mjs +232 -0
package/dist/sdk/chunk-BOVFH3LI.mjs.map +1 -0
package/dist/sdk/chunk-CNX7V5JK.mjs +89 -0
package/dist/sdk/chunk-CNX7V5JK.mjs.map +1 -0
package/dist/sdk/chunk-HTOKWMPO.mjs +157 -0
package/dist/sdk/chunk-HTOKWMPO.mjs.map +1 -0
package/dist/sdk/chunk-NAW3DB3I.mjs +197 -0
package/dist/sdk/chunk-NAW3DB3I.mjs.map +1 -0
package/dist/sdk/chunk-O5EZDNYL.mjs +274 -0
package/dist/sdk/chunk-O5EZDNYL.mjs.map +1 -0
package/dist/sdk/chunk-QR7MOMJH.mjs +558 -0
package/dist/sdk/chunk-QR7MOMJH.mjs.map +1 -0
package/dist/sdk/chunk-QY2XYPEV.mjs +3556 -0
package/dist/sdk/chunk-QY2XYPEV.mjs.map +1 -0
package/dist/sdk/chunk-S2RUE2RG.mjs +145 -0
package/dist/sdk/chunk-S2RUE2RG.mjs.map +1 -0
package/dist/sdk/chunk-SIWNBRTK.mjs +800 -0
package/dist/sdk/chunk-SIWNBRTK.mjs.map +1 -0
package/dist/sdk/chunk-YSN4G6CI.mjs +146 -0
package/dist/sdk/chunk-YSN4G6CI.mjs.map +1 -0
package/dist/sdk/chunk-ZYAUYXSW.mjs +206 -0
package/dist/sdk/chunk-ZYAUYXSW.mjs.map +1 -0
package/dist/sdk/command-executor-TYUV6HUS.mjs +14 -0
package/dist/sdk/config-YNC2EOOT.mjs +16 -0
package/dist/sdk/config-merger-PX3WIT57.mjs +10 -0
package/dist/sdk/event-bus-5BEVPQ6T.mjs +35 -0
package/dist/sdk/event-bus-5BEVPQ6T.mjs.map +1 -0
package/dist/sdk/failure-condition-evaluator-YGTF2GHG.mjs +17 -0
package/dist/sdk/git-repository-analyzer-HJC4MYW4.mjs +458 -0
package/dist/sdk/git-repository-analyzer-HJC4MYW4.mjs.map +1 -0
package/dist/sdk/github-frontend-SIAEOCON.mjs +1420 -0
package/dist/sdk/github-frontend-SIAEOCON.mjs.map +1 -0
package/dist/sdk/host-DXUYTNMU.mjs +52 -0
package/dist/sdk/host-DXUYTNMU.mjs.map +1 -0
package/dist/sdk/{liquid-extensions-KVL4MKRH.mjs → liquid-extensions-PKWCKK7E.mjs} +8 -2
package/dist/sdk/memory-store-XGBB7LX7.mjs +12 -0
package/dist/sdk/memory-store-XGBB7LX7.mjs.map +1 -0
package/dist/sdk/metrics-7PP3EJUH.mjs +29 -0
package/dist/sdk/metrics-7PP3EJUH.mjs.map +1 -0
package/dist/sdk/ndjson-sink-B4V4NTAQ.mjs +44 -0
package/dist/sdk/ndjson-sink-B4V4NTAQ.mjs.map +1 -0
package/dist/sdk/prompt-state-YRJY6QAL.mjs +16 -0
package/dist/sdk/prompt-state-YRJY6QAL.mjs.map +1 -0
package/dist/sdk/renderer-schema-LPKN5UJS.mjs +51 -0
package/dist/sdk/renderer-schema-LPKN5UJS.mjs.map +1 -0
package/dist/sdk/routing-6N45MJ4F.mjs +24 -0
package/dist/sdk/routing-6N45MJ4F.mjs.map +1 -0
package/dist/sdk/sdk.d.mts +541 -22
package/dist/sdk/sdk.d.ts +541 -22
package/dist/sdk/sdk.js +27963 -16505
package/dist/sdk/sdk.js.map +1 -1
package/dist/sdk/sdk.mjs +1116 -2169
package/dist/sdk/sdk.mjs.map +1 -1
package/dist/sdk/session-registry-4E6YRQ77.mjs +10 -0
package/dist/sdk/session-registry-4E6YRQ77.mjs.map +1 -0
package/dist/sdk/slack-frontend-BVKW3GD5.mjs +735 -0
package/dist/sdk/slack-frontend-BVKW3GD5.mjs.map +1 -0
package/dist/sdk/trace-helpers-VP6QYVBX.mjs +23 -0
package/dist/sdk/trace-helpers-VP6QYVBX.mjs.map +1 -0
package/dist/sdk/{tracer-init-WC75N5NW.mjs → tracer-init-GSLPPLCD.mjs} +2 -2
package/dist/sdk/tracer-init-GSLPPLCD.mjs.map +1 -0
package/dist/sdk/workflow-registry-R6KSACFR.mjs +12 -0
package/dist/sdk/workflow-registry-R6KSACFR.mjs.map +1 -0
package/dist/sdk.d.ts.map +1 -1
package/dist/slack/adapter.d.ts +36 -0
package/dist/slack/adapter.d.ts.map +1 -0
package/dist/slack/cache-prewarmer.d.ts +31 -0
package/dist/slack/cache-prewarmer.d.ts.map +1 -0
package/dist/slack/client.d.ts +77 -0
package/dist/slack/client.d.ts.map +1 -0
package/dist/slack/markdown.d.ts +45 -0
package/dist/slack/markdown.d.ts.map +1 -0
package/dist/slack/prompt-state.d.ts +33 -0
package/dist/slack/prompt-state.d.ts.map +1 -0
package/dist/slack/rate-limiter.d.ts +56 -0
package/dist/slack/rate-limiter.d.ts.map +1 -0
package/dist/slack/signature.d.ts +2 -0
package/dist/slack/signature.d.ts.map +1 -0
package/dist/slack/socket-runner.d.ts +42 -0
package/dist/slack/socket-runner.d.ts.map +1 -0
package/dist/slack/thread-cache.d.ts +51 -0
package/dist/slack/thread-cache.d.ts.map +1 -0
package/dist/snapshot-store.d.ts +59 -0
package/dist/snapshot-store.d.ts.map +1 -0
package/dist/state-machine/context/build-engine-context.d.ts +17 -0
package/dist/state-machine/context/build-engine-context.d.ts.map +1 -0
package/dist/state-machine/dispatch/dependency-gating.d.ts +12 -0
package/dist/state-machine/dispatch/dependency-gating.d.ts.map +1 -0
package/dist/state-machine/dispatch/execution-invoker.d.ts +14 -0
package/dist/state-machine/dispatch/execution-invoker.d.ts.map +1 -0
package/dist/state-machine/dispatch/foreach-processor.d.ts +8 -0
package/dist/state-machine/dispatch/foreach-processor.d.ts.map +1 -0
package/dist/state-machine/dispatch/history-snapshot.d.ts +8 -0
package/dist/state-machine/dispatch/history-snapshot.d.ts.map +1 -0
package/dist/state-machine/dispatch/on-init-handlers.d.ts +43 -0
package/dist/state-machine/dispatch/on-init-handlers.d.ts.map +1 -0
package/dist/state-machine/dispatch/renderer-schema.d.ts +8 -0
package/dist/state-machine/dispatch/renderer-schema.d.ts.map +1 -0
package/dist/state-machine/dispatch/stats-manager.d.ts +15 -0
package/dist/state-machine/dispatch/stats-manager.d.ts.map +1 -0
package/dist/state-machine/dispatch/template-renderer.d.ts +7 -0
package/dist/state-machine/dispatch/template-renderer.d.ts.map +1 -0
package/dist/state-machine/execution/summary.d.ts +8 -0
package/dist/state-machine/execution/summary.d.ts.map +1 -0
package/dist/state-machine/runner.d.ts +79 -0
package/dist/state-machine/runner.d.ts.map +1 -0
package/dist/state-machine/states/check-running.d.ts +14 -0
package/dist/state-machine/states/check-running.d.ts.map +1 -0
package/dist/state-machine/states/completed.d.ts +12 -0
package/dist/state-machine/states/completed.d.ts.map +1 -0
package/dist/state-machine/states/error.d.ts +11 -0
package/dist/state-machine/states/error.d.ts.map +1 -0
package/dist/state-machine/states/init.d.ts +11 -0
package/dist/state-machine/states/init.d.ts.map +1 -0
package/dist/state-machine/states/level-dispatch.d.ts +17 -0
package/dist/state-machine/states/level-dispatch.d.ts.map +1 -0
package/dist/state-machine/states/plan-ready.d.ts +12 -0
package/dist/state-machine/states/plan-ready.d.ts.map +1 -0
package/dist/state-machine/states/routing.d.ts +52 -0
package/dist/state-machine/states/routing.d.ts.map +1 -0
package/dist/state-machine/states/wave-planning.d.ts +14 -0
package/dist/state-machine/states/wave-planning.d.ts.map +1 -0
package/dist/state-machine/workflow-projection.d.ts +47 -0
package/dist/state-machine/workflow-projection.d.ts.map +1 -0
package/dist/state-machine-execution-engine.d.ts +159 -0
package/dist/state-machine-execution-engine.d.ts.map +1 -0
package/dist/telemetry/opentelemetry.d.ts.map +1 -1
package/dist/telemetry/state-capture.d.ts +5 -0
package/dist/telemetry/state-capture.d.ts.map +1 -1
package/dist/test-runner/assertions.d.ts +59 -0
package/dist/test-runner/assertions.d.ts.map +1 -0
package/dist/test-runner/core/environment.d.ts +8 -0
package/dist/test-runner/core/environment.d.ts.map +1 -0
package/dist/test-runner/core/fixture.d.ts +3 -0
package/dist/test-runner/core/fixture.d.ts.map +1 -0
package/dist/test-runner/core/flow-stage.d.ts +32 -0
package/dist/test-runner/core/flow-stage.d.ts.map +1 -0
package/dist/test-runner/core/mocks.d.ts +8 -0
package/dist/test-runner/core/mocks.d.ts.map +1 -0
package/dist/test-runner/core/test-execution-wrapper.d.ts +18 -0
package/dist/test-runner/core/test-execution-wrapper.d.ts.map +1 -0
package/dist/test-runner/evaluators.d.ts +45 -0
package/dist/test-runner/evaluators.d.ts.map +1 -0
package/dist/test-runner/fixture-loader.d.ts +30 -0
package/dist/test-runner/fixture-loader.d.ts.map +1 -0
package/dist/test-runner/index.d.ts +127 -0
package/dist/test-runner/index.d.ts.map +1 -0
package/dist/test-runner/recorders/github-recorder.d.ts +23 -0
package/dist/test-runner/recorders/github-recorder.d.ts.map +1 -0
package/dist/test-runner/recorders/global-recorder.d.ts +4 -0
package/dist/test-runner/recorders/global-recorder.d.ts.map +1 -0
package/dist/test-runner/recorders/slack-recorder.d.ts +17 -0
package/dist/test-runner/recorders/slack-recorder.d.ts.map +1 -0
package/dist/test-runner/utils/selectors.d.ts +2 -0
package/dist/test-runner/utils/selectors.d.ts.map +1 -0
package/dist/test-runner/validator.d.ts +8 -0
package/dist/test-runner/validator.d.ts.map +1 -0
package/dist/traces/run-2026-01-20T19-22-58-043Z.ndjson +138 -0
package/dist/traces/run-2026-01-20T19-23-52-175Z.ndjson +1067 -0
package/dist/types/bot.d.ts +109 -0
package/dist/types/bot.d.ts.map +1 -0
package/dist/types/cli.d.ts +8 -1
package/dist/types/cli.d.ts.map +1 -1
package/dist/types/config.d.ts +459 -9
package/dist/types/config.d.ts.map +1 -1
package/dist/types/engine.d.ts +177 -0
package/dist/types/engine.d.ts.map +1 -0
package/dist/types/execution.d.ts +73 -0
package/dist/types/execution.d.ts.map +1 -0
package/dist/types/git-checkout.d.ts +76 -0
package/dist/types/git-checkout.d.ts.map +1 -0
package/dist/types/github.d.ts +51 -0
package/dist/types/github.d.ts.map +1 -0
package/dist/types/workflow.d.ts +237 -0
package/dist/types/workflow.d.ts.map +1 -0
package/dist/utils/command-executor.d.ts +43 -0
package/dist/utils/command-executor.d.ts.map +1 -0
package/dist/utils/comment-metadata.d.ts +21 -0
package/dist/utils/comment-metadata.d.ts.map +1 -0
package/dist/utils/config-loader.d.ts.map +1 -1
package/dist/utils/config-merger.d.ts.map +1 -1
package/dist/utils/env-exposure.d.ts +3 -0
package/dist/utils/env-exposure.d.ts.map +1 -0
package/dist/utils/file-exclusion.d.ts.map +1 -1
package/dist/utils/interactive-prompt.d.ts +1 -1
package/dist/utils/interactive-prompt.d.ts.map +1 -1
package/dist/utils/json-text-extractor.d.ts +17 -0
package/dist/utils/json-text-extractor.d.ts.map +1 -0
package/dist/utils/sandbox.d.ts +10 -0
package/dist/utils/sandbox.d.ts.map +1 -1
package/dist/utils/script-memory-ops.d.ts +21 -0
package/dist/utils/script-memory-ops.d.ts.map +1 -0
package/dist/utils/template-context.d.ts +8 -0
package/dist/utils/template-context.d.ts.map +1 -0
package/dist/utils/tracer-init.d.ts.map +1 -1
package/dist/utils/workspace-manager.d.ts +118 -0
package/dist/utils/workspace-manager.d.ts.map +1 -0
package/dist/utils/worktree-cleanup.d.ts +33 -0
package/dist/utils/worktree-cleanup.d.ts.map +1 -0
package/dist/utils/worktree-manager.d.ts +153 -0
package/dist/utils/worktree-manager.d.ts.map +1 -0
package/dist/webhook-server.d.ts +3 -3
package/dist/webhook-server.d.ts.map +1 -1
package/dist/workflow-executor.d.ts +81 -0
package/dist/workflow-executor.d.ts.map +1 -0
package/dist/workflow-registry.d.ts +79 -0
package/dist/workflow-registry.d.ts.map +1 -0
package/package.json +12 -5
package/dist/output/traces/run-2025-10-22T18-22-56-873Z.ndjson +0 -218
package/dist/sdk/check-execution-engine-2YYKUUSH.mjs +0 -11
package/dist/sdk/check-execution-engine-6QJXYYON.mjs +0 -11
package/dist/sdk/check-execution-engine-PJZ4ZOKG.mjs +0 -11
package/dist/sdk/chunk-33QVZ2D4.mjs +0 -316
package/dist/sdk/chunk-33QVZ2D4.mjs.map +0 -1
package/dist/sdk/chunk-B5QBV2QJ.mjs +0 -752
package/dist/sdk/chunk-B5QBV2QJ.mjs.map +0 -1
package/dist/sdk/chunk-BVFNRCHT.mjs +0 -14129
package/dist/sdk/chunk-BVFNRCHT.mjs.map +0 -1
package/dist/sdk/chunk-KWZW23FG.mjs +0 -14129
package/dist/sdk/chunk-KWZW23FG.mjs.map +0 -1
package/dist/sdk/chunk-O4RP4BRH.mjs +0 -14092
package/dist/sdk/chunk-O4RP4BRH.mjs.map +0 -1
package/dist/sdk/chunk-TUTOLSFV.mjs.map +0 -1
package/dist/sdk/chunk-U5D2LY66.mjs +0 -245
package/dist/sdk/chunk-U5D2LY66.mjs.map +0 -1
package/dist/sdk/chunk-U7X54EMV.mjs +0 -331
package/dist/sdk/chunk-U7X54EMV.mjs.map +0 -1
package/dist/sdk/config-merger-TWUBWFC2.mjs +0 -8
package/dist/sdk/mermaid-telemetry-SN6A2TKW.mjs +0 -61
package/dist/sdk/mermaid-telemetry-SN6A2TKW.mjs.map +0 -1
package/dist/sdk/mermaid-telemetry-YCTIG76M.mjs +0 -61
package/dist/sdk/mermaid-telemetry-YCTIG76M.mjs.map +0 -1
package/dist/traces/run-2025-10-22T18-22-56-873Z.ndjson +0 -218
/package/dist/sdk/{check-execution-engine-2YYKUUSH.mjs.map → check-provider-registry-534KL5HT.mjs.map} +0 -0
/package/dist/sdk/{check-execution-engine-6QJXYYON.mjs.map → command-executor-TYUV6HUS.mjs.map} +0 -0
/package/dist/sdk/{check-execution-engine-PJZ4ZOKG.mjs.map → config-YNC2EOOT.mjs.map} +0 -0
/package/dist/sdk/{config-merger-TWUBWFC2.mjs.map → config-merger-PX3WIT57.mjs.map} +0 -0
/package/dist/sdk/{liquid-extensions-KVL4MKRH.mjs.map → failure-condition-evaluator-YGTF2GHG.mjs.map} +0 -0
/package/dist/sdk/{tracer-init-WC75N5NW.mjs.map → liquid-extensions-PKWCKK7E.mjs.map} +0 -0

package/dist/docs/ai-configuration.md ADDED Viewed

@@ -0,0 +1,535 @@
+## 🤖 AI Configuration
+Visor supports multiple AI providers. Configure one via environment variables.
+### Supported Providers
+| Provider | Env Var | Example Models |
+|----------|---------|----------------|
+| Google Gemini | `GOOGLE_API_KEY` | `gemini-2.0-flash-exp`, `gemini-1.5-pro` |
+| Anthropic Claude | `ANTHROPIC_API_KEY` | `claude-3-opus`, `claude-3-sonnet` |
+| OpenAI GPT | `OPENAI_API_KEY` | `gpt-4`, `gpt-4-turbo`, `gpt-3.5-turbo` |
+| AWS Bedrock | AWS credentials (see below) | `anthropic.claude-sonnet-4-20250514-v1:0` (default) |
+### GitHub Actions Setup
+Add the provider key as a secret (Settings → Secrets → Actions), then expose it:
+```yaml
+steps:
+  - uses: actions/checkout@v4
+  - uses: probelabs/visor@v1
+    env:
+      GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}
+      # or ANTHROPIC_API_KEY / OPENAI_API_KEY
+      # For AWS Bedrock:
+      # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      # AWS_REGION: us-east-1
+```
+### Local Development
+```bash
+# Google Gemini
+export GOOGLE_API_KEY="your-api-key"
+export MODEL_NAME="gemini-2.0-flash-exp"
+# AWS Bedrock
+export AWS_ACCESS_KEY_ID="your-access-key"
+export AWS_SECRET_ACCESS_KEY="your-secret-key"
+export AWS_REGION="us-east-1"
+# Optional: Use specific model
+export MODEL_NAME="anthropic.claude-sonnet-4-20250514-v1:0"
+```
+### AWS Bedrock Configuration
+Bedrock supports multiple authentication methods:
+1. **IAM Credentials** (recommended):
+   ```bash
+   export AWS_ACCESS_KEY_ID="your-access-key"
+   export AWS_SECRET_ACCESS_KEY="your-secret-key"
+   export AWS_REGION="us-east-1"
+   ```
+2. **Temporary Session Credentials**:
+   ```bash
+   export AWS_ACCESS_KEY_ID="your-access-key"
+   export AWS_SECRET_ACCESS_KEY="your-secret-key"
+   export AWS_SESSION_TOKEN="your-session-token"
+   export AWS_REGION="us-east-1"
+   ```
+3. **API Key Authentication** (if configured):
+   ```bash
+   export AWS_BEDROCK_API_KEY="your-api-key"
+   export AWS_BEDROCK_BASE_URL="https://your-custom-endpoint.com"  # Optional
+   ```
+To force Bedrock provider:
+```bash
+export FORCE_PROVIDER=bedrock
+```
+### YAML Configuration
+#### Global Provider Settings
+Configure a default AI provider in `.visor.yaml`:
+```yaml
+# Global configuration for all checks
+ai_provider: bedrock  # or google, anthropic, openai
+ai_model: anthropic.claude-sonnet-4-20250514-v1:0  # Optional, uses default if not specified
+steps:
+  security-review:
+    type: ai
+    prompt: "Analyze code for security vulnerabilities"
+```
+#### Per-Check Provider Configuration
+Override the provider for specific checks:
+```yaml
+# Use different providers for different checks
+steps:
+  security-review:
+    type: ai
+    ai_provider: bedrock
+    ai_model: anthropic.claude-sonnet-4-20250514-v1:0
+    prompt: "Analyze code for security vulnerabilities using AWS Bedrock"
+  performance-review:
+    type: ai
+    ai_provider: google
+    ai_model: gemini-2.0-flash-exp
+    prompt: "Analyze code for performance issues using Gemini"
+  style-review:
+    type: ai
+    ai:
+      provider: openai
+      model: gpt-4-turbo
+    prompt: "Review code style and best practices"
+#### Prompt Controls (Probe promptType, customPrompt, and persona)
+Visor exposes Probe’s prompt controls to adjust the agent’s behavior for a given step. Use underscore names only.
+Accepted keys
+- Under `ai:`
+  - `prompt_type`: string — Probe persona/family, e.g., `engineer`, `code-review`, `architect`.
+  - `custom_prompt`: string — Baseline/system prompt prepended by the SDK.
+- At the check level (aliases if you prefer not to nest):
+  - `ai_prompt_type`: string
+  - `ai_custom_prompt`: string
+  - `ai_persona`: string — optional hint we prepend as a first line: `Persona: <value>`.
+Examples
+```yaml
+steps:
+  engineer-review:
+    type: ai
+    ai:
+      provider: anthropic
+      model: claude-3-5-sonnet-latest
+      prompt_type: engineer
+      custom_prompt: |
+        You are a specialist in analyzing security vulnerabilities.
+        Focus on injection, authn/z, crypto, and data exposure.
+    schema: code-review
+    prompt: |
+      Review the following changes.
+  quick-architect-check:
+    type: ai
+    ai_prompt_type: architect     # check-level alias
+    ai_custom_prompt: "Favor modular boundaries and low coupling."
+    prompt: "Assess high-level design risks in the diff"
+```
+Notes
+- If `prompt_type` is omitted and a `schema` is provided, Visor defaults to `code-review`.
+- `ai_persona` is a lightweight hint added as a first line; prefer `prompt_type` when integrating with Probe personas.
+```
+#### AWS Bedrock Specific Configuration
+Complete example for Bedrock with all options:
+```yaml
+version: "1.0"
+# Global Bedrock settings
+ai_provider: bedrock
+ai_model: anthropic.claude-sonnet-4-20250514-v1:0
+# Environment variables can be referenced
+env:
+  AWS_REGION: us-east-1
+  # AWS credentials should be set as environment variables, not in config
+steps:
+  comprehensive-review:
+    type: ai
+    ai_provider: bedrock
+    prompt: |
+      Perform a comprehensive code review including:
+      - Security vulnerabilities
+      - Performance optimizations
+      - Code quality and best practices
+      - Architectural concerns
+    schema: code-review  # Use structured output format
+  custom-bedrock-model:
+    type: ai
+    ai:
+      provider: bedrock
+      model: anthropic.claude-3-opus-20240229  # Use a different Bedrock model
+      timeout: 120000  # 2 minute timeout for complex analysis
+    prompt: "Perform deep architectural analysis"
+output:
+  pr_comment:
+    format: markdown
+    group_by: check
+    collapse: true
+```
+### Advanced AI Configuration
+#### Transport Context Controls (GitHub, Slack, etc.)
+By default, Visor automatically adds transport‑specific context to AI prompts:
+- **GitHub**: PR / issue metadata + diffs (as XML `<context>...</context>`).
+- **Slack**: Slack conversation context (as XML `<slack_context>...</slack_context>`).
+You can control this per step with three flags under `ai:`:
+```yaml
+steps:
+  slack-chat:
+    type: ai
+    prompt: "Chat with the user"
+    ai:
+      # Turn off ALL automatic transport context (GitHub + Slack)
+      skip_transport_context: true
+  github-only:
+    type: ai
+    prompt: "Review PR using GitHub context only"
+    ai:
+      skip_slack_context: true        # never add Slack context
+      # keep code context on (default)
+  slack-only:
+    type: ai
+    prompt: "Answer based on this Slack thread"
+    ai:
+      skip_code_context: true         # no PR/issue XML
+      # keep Slack context on (default)
+```
+Semantics:
+- `skip_code_context: true`
+  - Skip GitHub PR/issue XML context (diffs, metadata).
+- `skip_slack_context: true`
+  - Skip Slack `<slack_context>` XML.
+- `skip_transport_context: true`
+  - High‑level switch:
+    - Behaves like setting both `skip_code_context` and `skip_slack_context` to `true`,
+      **unless** those are explicitly overridden on the same step.
+Even when transport XML is disabled, the **structured conversation object** is still available
+in Liquid templates:
+```liquid
+{% if conversation %}
+  Transport: {{ conversation.transport }}  {# 'slack', 'github', ... #}
+  Thread: {{ conversation.thread.id }}
+  {% for m in conversation.messages %}
+    {{ m.user }} ({{ m.role }}): {{ m.text }}
+  {% endfor %}
+{% endif %}
+```
+- For Slack:
+  - `conversation.transport == 'slack'`
+  - Also available via `slack.conversation`.
+- For GitHub (PR/issue + comments):
+  - `conversation.transport == 'github'`
+  - Exposed via a normalized GitHub conversation builder.
+Use these flags when you want full manual control over context, or to keep prompts lean in
+chat‑style flows.
+#### File Editing (`allowEdit`)
+Enable Edit and Create tools to allow AI agents to modify files directly. This feature is disabled by default for security and requires explicit opt-in.
+```yaml
+steps:
+  auto-fix-security:
+    type: ai
+    prompt: "Fix the security vulnerabilities found in the code"
+    ai:
+      provider: anthropic
+      model: claude-3-opus
+      allowEdit: true  # Enable Edit and Create tools
+  read-only-review:
+    type: ai
+    prompt: "Review code for security issues"
+    ai:
+      provider: google
+      allowEdit: false  # Disable editing (default)
+```
+**When to enable editing:**
+- Automated fix workflows where the AI should apply changes
+- Code refactoring tasks
+- Auto-formatting or style correction
+- When working in a sandboxed or test environment
+**When to disable editing:**
+- Review-only workflows (default behavior)
+- Production environments without proper safeguards
+- When you want to review suggested changes before applying them
+**Security Note:** Edit tools respect existing `allowedFolders` configuration and perform exact string matching to prevent unintended modifications. Always review changes before merging.
+#### Tool Filtering (`allowedTools`, `disableTools`)
+Control which tools the AI agent can access during execution. This feature supports three filtering modes for fine-grained control over agent capabilities.
+**Filtering Modes:**
+1. **Allow All Tools (default)**: No filtering applied, agent has access to all available tools
+2. **Whitelist Mode**: Specify exact tools the agent can use (e.g., `['Read', 'Grep']`)
+3. **Exclusion Mode**: Block specific tools using `!` prefix (e.g., `['!Edit', '!Write']`)
+4. **Raw AI Mode**: Disable all tools for pure conversational interactions
+```yaml
+steps:
+  # Whitelist specific tools only
+  restricted-analysis:
+    type: ai
+    prompt: "Analyze the codebase structure"
+    ai:
+      provider: anthropic
+      allowedTools: ['Read', 'Grep', 'Glob']  # Only these tools allowed
+  # Exclude specific tools
+  safe-review:
+    type: ai
+    prompt: "Review code without making changes"
+    ai:
+      provider: google
+      allowedTools: ['!Edit', '!Write', '!Delete']  # Block modification tools
+  # Raw AI mode - no tools
+  conversational:
+    type: ai
+    prompt: "Explain the architecture"
+    ai:
+      provider: openai
+      disableTools: true  # Pure conversation, no tool access
+  # Alternative raw AI mode
+  conversational-alt:
+    type: ai
+    prompt: "Explain the architecture"
+    ai:
+      provider: anthropic
+      allowedTools: []  # Empty array also disables all tools
+```
+**MCP Tool Filtering:**
+Filter external Model Context Protocol tools using the `mcp__` prefix pattern:
+```yaml
+steps:
+  mcp-filtered:
+    type: ai
+    prompt: "Search the codebase"
+    ai:
+      provider: anthropic
+      allowedTools: ['mcp__code-search__*']  # Allow all code-search MCP tools
+      mcpServers:
+        code-search:
+          command: "npx"
+          args: ["-y", "@modelcontextprotocol/server-code-search"]
+```
+**When to use tool filtering:**
+- Restrict agent capabilities for security-sensitive tasks
+- Prevent unintended file modifications
+- Create specialized agents with limited toolsets
+- Testing and debugging specific tool interactions
+- Compliance requirements that limit agent autonomy
+**Security Note:** Tool filtering is enforced at runtime through system message filtering. Always combine with other security measures like `allowedFolders` for defense in depth.
+#### Task Delegation (`enableDelegate`)
+Enable the delegate tool to allow AI agents to break down complex tasks and distribute them to specialized subagents for parallel processing. This feature is available when using Probe as the AI provider (Google Gemini, Anthropic Claude, OpenAI GPT, AWS Bedrock).
+```yaml
+steps:
+  comprehensive-security-audit:
+    type: ai
+    prompt: |
+      Perform a comprehensive security audit including:
+      - SQL injection vulnerabilities
+      - XSS attack vectors
+      - Authentication bypass risks
+      - Authorization flaws
+      - Cryptographic weaknesses
+    ai:
+      provider: anthropic
+      model: claude-3-opus
+      enableDelegate: true  # Enable task delegation to subagents
+  focused-sql-injection-check:
+    type: ai
+    prompt: "Check for SQL injection vulnerabilities"
+    ai:
+      provider: google
+      enableDelegate: false  # Disable delegation for focused check
+```
+**When to enable delegation:**
+- Complex multi-step analysis requiring different expertise areas (e.g., security + performance + architecture)
+- Large codebases where parallel processing speeds up review
+- Comprehensive audits that benefit from specialized subagents
+**When to disable delegation:**
+- Simple, focused checks (e.g., "check for SQL injection")
+- Time-sensitive reviews where speed is critical
+- Resource-constrained environments
+- Default behavior (delegation is disabled by default)
+**Note:** Task delegation increases execution time and token usage, but can provide more thorough analysis for complex tasks.
+#### Bash Command Execution (`allowBash` / `bashConfig`)
+Enable secure bash command execution for AI agents to run read-only commands and analyze system state. This feature is disabled by default for security and requires explicit opt-in.
+**Simple Configuration:**
+Use `allowBash: true` for basic bash command execution with default safe commands:
+```yaml
+steps:
+  # Simple: Enable bash with default safe commands
+  git-status-analysis:
+    type: ai
+    prompt: "Analyze the project structure and git status"
+    ai:
+      provider: anthropic
+      model: claude-3-opus
+      allowBash: true  # Simple one-line enable
+```
+**Advanced Configuration:**
+Use `bashConfig` for fine-grained control over bash command execution:
+```yaml
+steps:
+  # Advanced: Custom allow/deny lists
+  custom-bash-config:
+    type: ai
+    prompt: "Run custom analysis commands"
+    ai:
+      provider: google
+      allowBash: true  # Enable bash execution
+      bashConfig:
+        allow: ['npm test', 'npm run lint']  # Additional allowed commands
+        deny: ['npm install']  # Additional blocked commands
+        timeout: 30000  # 30 second timeout per command
+        workingDirectory: './src'  # Default working directory
+  # Advanced: Disable default filters (expert mode)
+  advanced-bash:
+    type: ai
+    prompt: "Run advanced system commands"
+    ai:
+      provider: anthropic
+      allowBash: true
+      bashConfig:
+        noDefaultAllow: true  # Disable default safe command list
+        noDefaultDeny: false  # Keep default dangerous command blocklist
+        allow: ['specific-command-1', 'specific-command-2']
+```
+**Configuration Options:**
+- **`allowBash`** (boolean): Simple toggle to enable bash command execution. Default: `false`
+- **`allow`** (string[]): Additional permitted command patterns (e.g., `['ls', 'git status']`)
+- **`deny`** (string[]): Additional blocked command patterns (e.g., `['rm -rf', 'sudo']`)
+- **`noDefaultAllow`** (boolean): Disable default safe command list (~235 commands). Default: `false`
+- **`noDefaultDeny`** (boolean): Disable default dangerous command blocklist (~191 patterns). Default: `false`
+- **`timeout`** (number): Execution timeout in milliseconds. Default: varies by ProbeAgent
+- **`workingDirectory`** (string): Base directory for command execution
+**Default Security:**
+ProbeAgent includes comprehensive security by default:
+- **Safe Commands** (~235): Read-only operations like `ls`, `cat`, `git status`, `npm list`, `grep`
+- **Blocked Commands** (~191): Dangerous operations like `rm -rf`, `sudo`, `npm install`, `curl`, system modifications
+**When to enable bash commands:**
+- System state analysis (git status, file listings, environment info)
+- Running read-only diagnostic commands
+- Executing test suites or linters
+- Analyzing build outputs or logs
+**When to keep bash disabled (default):**
+- Security-sensitive environments
+- Untrusted AI prompts or inputs
+- Code review without system access needs
+- Compliance requirements that prohibit command execution
+**Security Best Practices:**
+1. Always use the default allow/deny lists unless you have specific requirements
+2. Set reasonable timeouts to prevent long-running commands
+3. Use `workingDirectory` to restrict command execution scope
+4. Audit command patterns in your allow list regularly
+5. Test configuration in a safe environment first
+6. Review AI-generated commands before enabling in production
+**Example: Git Status Analysis**
+```yaml
+steps:
+  git-status-review:
+    type: ai
+    prompt: |
+      Analyze the current git status and provide insights:
+      - Check for uncommitted changes
+      - Review branch state
+      - Identify any potential issues
+    ai:
+      provider: anthropic
+      allowBash: true  # Simple enable
+      bashConfig:
+        allow: ['git log --oneline']  # Add custom git command
+        workingDirectory: '.'
+```
+**Security Note:** Bash command execution respects existing security boundaries and permissions. Commands run with the same privileges as the Visor process. Always review and test bash configurations before deploying to production environments.
+### Fallback Behavior
+If no key is configured, Visor falls back to fast, heuristic checks (simple patterns, basic style/perf). For best results, set a provider.
+### MCP (Tools) Support
+See docs/mcp.md for adding MCP servers (Probe, Jira, Filesystem, etc.).