@simonren/quorum 0.7.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 SimonRen
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,144 @@
+# Quorum - Multi-Model AI Review & Consultation for Claude Code
+
+Convene a quorum of AI models (OpenAI Codex, Google Gemini, Claude) to review Claude Code's work or answer questions — Claude Code synthesizes one verdict.
+
+## Quick Install
+
+**Step 1: Add the MCP server**
+```bash
+claude mcp add -s user quorum -- npx -y @simonren/quorum
+```
+
+**Step 2: Restart Claude Code**
+
+The MCP tools and slash commands (`/multi-review`, `/multi-consult`) are automatically installed.
+
+**Manual command install** (if needed):
+```bash
+npx -y @simonren/quorum update
+```
+
+Verify with:
+```bash
+claude mcp list
+# quorum: npx -y @simonren/quorum - ✓ Connected
+```
+
+### Alternative: Manual Install
+
+```bash
+git clone https://github.com/SimonRen/quorum.git
+cd quorum/mcp-server
+npm install && npm run build
+claude mcp add -s user quorum -- node /path/to/quorum/mcp-server/dist/index.js
+```
+
+## Prerequisites
+
+Install at least one AI CLI:
+
+```bash
+# OpenAI Codex CLI
+npm install -g @openai/codex-cli
+codex login
+
+# Google Gemini CLI
+npm install -g @google/gemini-cli
+gemini  # follow auth prompts
+```
+
+## Usage
+
+These tools provide **external second-opinion reviews** from Codex and Gemini CLIs. They are designed to complement Claude Code's native review capabilities, not replace them.
+
+**Slash commands:**
+- `/multi-review` - Parallel standard + adversarial reviews from all available CLIs (Codex, Gemini, Claude). For reviewing CC-produced work (plan, findings, code).
+- `/multi-consult` - Ask all CLIs the same question and synthesize their answers. For consultation/Q&A — what's the best approach, how to solve X.
+
+**For regular reviews:** Just say "review" and Claude Code will use its native capabilities. These external tools are only invoked when explicitly requested.
+
+## Slash Commands
+
+These commands are available after restart:
+
+```bash
+/multi-review                          # Parallel standard + adversarial reviews from all CLIs
+/multi-review focus on race conditions # Steer the adversarial focus
+/multi-consult <question>              # Ask all CLIs and synthesize
+/multi-consult <question> [flex]       # Use Codex flex tier (cheaper/slower)
+```
+
+## How It Works
+
+```
+CC does work → User: /multi-review → External CLIs review → CC synthesizes → Final output
+User has a question → User: /multi-consult → External CLIs answer → CC synthesizes → Consolidated answer
+```
+
+**Key Principles:**
+- **CC is primary**: Claude Code does all the work; external models only review
+- **Working directory strategy**: Pass `cwd` + small CC output; external CLIs read files directly
+- **Synthesis, not passthrough**: CC always judges external feedback before incorporating
+
+## Focus Areas
+
+| Area | Description |
+|------|-------------|
+| `security` | Vulnerabilities, auth, input validation |
+| `performance` | Speed, memory, efficiency |
+| `architecture` | Design patterns, structure, coupling |
+| `correctness` | Logic errors, edge cases, bugs |
+| `maintainability` | Code clarity, documentation, complexity |
+| `scalability` | Load handling, bottlenecks |
+| `testing` | Test coverage, test quality |
+| `documentation` | Comments, docs, API docs |
+
+## MCP Tools
+
+The plugin exposes two MCP tools:
+
+| Tool | Description |
+|------|-------------|
+| `multi_review` | Parallel standard + adversarial review from all available CLIs (Codex, Gemini, Claude). Requires `ccOutput`. |
+| `multi_consult` | Ask all available CLIs the same question and receive a 5-section structured response per model. For consultation/Q&A. |
+
+## Output Format
+
+**Review tools** return structured feedback from the external CLIs. Claude Code parses this feedback to identify:
+- **Findings**: Issues with severity, confidence, location, and suggestions
+- **Agreements**: Validations of CC's correct assessments
+- **Disagreements**: Challenges to CC's claims with corrections
+- **Alternatives**: Different approaches with tradeoffs
+- **Risk Assessment**: Overall risk level with top concerns
+
+## Development
+
+```bash
+cd mcp-server
+npm install
+npm run build       # Build once
+npm run dev         # Watch mode
+npm test            # Run tests
+npm run test:watch  # Watch mode tests
+npm start           # Run server
+```
+
+## Publishing
+
+Release-based publish via npm Trusted Publishing (OIDC, no tokens needed).
+CI triggers on GitHub Release, validates the tag matches `package.json`.
+
+```bash
+# 1. Bump version in package.json
+# 2. Rebuild and test
+npm run build && npm test
+# 3. Commit, tag, push, release
+git add -A && git commit -m "v1.x.x"
+git tag v1.x.x
+git push && git push --tags
+gh release create v1.x.x --title "v1.x.x" --generate-notes
+```
+
+## License
+
+MIT

package/commands/multi-consult.md

@@ -0,0 +1,109 @@
+# Multi Consult
+
+Ask Codex, Gemini, and Claude (Opus, fresh context) the same question in parallel and synthesize their answers. Use this for **consultation** — finding the best approach, weighing alternatives, getting a panel's take. NOT for reviewing work CC has already done (use `/multi-review` for that).
+
+## Arguments
+- `$ARGUMENTS` — the question itself, optional steering, or both
+
+## When to Use
+
+Use `/multi-consult` when you have a question or problem and want a synthesized panel opinion. The panel responds in a fixed 5-section structure (Recommendation / Reasoning / Tradeoffs / Risks / Open questions). CC reads all three responses and presents one consolidated answer with a "Models said:" provenance footer.
+
+## Examples
+
+```
+/multi-consult Should we use Postgres or DynamoDB for a write-heavy timeseries workload?
+/multi-consult How should I refactor the auth middleware? Focus on rollback safety.
+/multi-consult What's the cleanest way to memoize this expensive selector? [flex]
+```
+
+## Before Calling - PREPARE THE HANDOFF
+
+### 1. Pre-compose the question
+
+**`$ARGUMENTS` parsing rule (pinned):**
+
+- **If conversation context already contains the question CC has been working on:** compose `question` from that context. `$ARGUMENTS` is treated as pure steering — extract reserved tokens (see below) into schema fields; remainder goes into `customPrompt`.
+- **Otherwise — `$ARGUMENTS` IS the literal question.** Set `customPrompt` to empty. Reserved tokens are extracted *only* when they appear at the *end* of `$ARGUMENTS` inside brackets or parens — e.g., `... [flex]`, `... (high reasoning)`. A bare occurrence of `flex` / `cheap` / `default tier` inside the prose is treated as part of the question, NOT a flag, to avoid corrupting questions like *"Should we offer a flex tier or default tier for customers?"*.
+
+### 2. Triage code-grounded questions
+
+If the question references the codebase, populate `relevantFiles` with the minimal subset (3-10 files typically) the panel needs. For purely general questions ("Postgres vs Mongo for X workload?"), omit `relevantFiles` — the panel will answer from expertise without trawling the filesystem.
+
+### 3. Refuse sensitive working directories
+
+If the current working directory is `/etc`, `~`, `~/.ssh`, or any other clearly sensitive system path, **refuse**. Tell the user: "Please invoke `/multi-consult` from a project root — `<cwd>` looks sensitive." Do not call the tool.
+
+### 4. Extract criteria; clarify load-bearing assumptions BEFORE calling
+
+Pin what the question is being judged against. Once criteria are explicit, the panel's recommendation is anchored to them instead of floating — this is the fix for "ask twice, get a different answer." Stochastic re-runs converge much better against fixed criteria than against an under-specified question.
+
+**4a. Append a CRITERIA block to the end of `question`**, priority-ordered, each tagged `[stated]` or `[assumed]`:
+
+```
+CRITERIA (priority order):
+1. [stated] cost-per-request under $X / 1M ops
+2. [stated] team writes Go; minimize ops complexity
+3. [assumed] sustained ~10k QPS write rate
+4. [assumed] eventual consistency acceptable for analytics
+```
+
+- `[stated]` = explicit in the user's message or earlier conversation.
+- `[assumed]` = you needed to fix it to recommend; the user did NOT say.
+- Cap `[assumed]` at 3. If the top 3 don't fit, the question is too vague — bounce back to the user before calling.
+
+**4b. Pre-call clarification gate.** Scan your `[assumed]` criteria. If any is **load-bearing** (the recommendation would flip if the assumption is wrong), STOP and ask the user before invoking the tool:
+
+> "Before I consult the panel, I need to confirm: <restate assumption>. Is that right, or should I adjust to <plausible alternative>?"
+
+A burned panel call on a wrong assumed criterion costs more than the round-trip.
+
+**Skip the gate when:**
+- `[stated]` criteria fully pin the answer space (no assumptions needed).
+- The user told you to proceed without clarification.
+- Remaining assumptions are clearly incidental (would not flip the rec).
+
+## Tool Invocation
+
+Call `multi_consult` with:
+
+```json
+{
+  "workingDir": "<current directory>",
+  "question": "<CC-composed question OR literal $ARGUMENTS minus end-bracket reserved tokens>",
+  "relevantFiles": ["<file1>", "<file2>"],
+  "customPrompt": "<steering text or empty>"
+}
+```
+
+### Reserved-token mappings (only when bracketed at end of $ARGUMENTS)
+
+- `[flex]` / `[cheap]` / `[budget]` → `serviceTier: "flex"`
+- `[default tier]` / `[standard tier]` → `serviceTier: "default"`
+- `[high reasoning]` → `reasoningEffort: "high"` (overrides default `xhigh`)
+
+If the user types one of these mid-question (not in brackets), leave it in the question.
+
+## After Receiving the Panel
+
+You will receive each model's structured 5-section response. Some may carry a `⚠️ Format drift: missing sections [...]` marker — degrade synthesis confidence accordingly for that model.
+
+### Synthesize
+
+1. **Cross-compare Recommendations.** Agreement across all three → high confidence. 2-vs-1 split → take a side and *surface the dissent explicitly* in your answer (don't flatten it). All three disagree → present the tradeoff space honestly and pick.
+2. **Mine Tradeoffs and Risks.** Even when models agree on the recommendation, the *reasons* and *risks* often diverge — surface the union, not just the intersection. If a single model raised a Risk the others missed, surface it as "1 model raised: …" — *do not silently drop it.*
+3. **Forward Open questions** to the user only if material — do not dump every "what's your scale?" clarifier.
+4. **Apply your own judgment.** You have full conversation context the panel does not; you may dismiss panel suggestions that miss the user's actual constraint, but say so explicitly when overriding.
+5. **Respond with one consolidated answer**, structured as: **Recommendation** (what to do) → **Why** (synthesis of reasoning) → **Watch out for** (consolidated risks, including any single-model-only risks) → optional **Open question for you** if a real ambiguity blocks the answer.
+6. **Append a "Models said:" provenance footer** — a single line per model with the recommendation in <80 chars. Example:
+
+   ```
+   ---
+   **Models said:**  Codex → Postgres + read replicas.  Gemini → Postgres + Citus.  Claude → DynamoDB w/ caveat on cost at scale.
+   ```
+
+   This is **non-negotiable**. The footer is the audit trail; without it, synthesis-only is opaque.
+7. **Do NOT paste full raw model outputs to the user** unless they explicitly ask ("show me what each model said", "raw").
+8. **All-failed special case:** if the header is `❌ All Failed`, surface the failure types and **ASK** the user *"Panel unavailable — want my solo answer instead?"*. **Do NOT silently substitute** your own answer for the panel's.
+
+$ARGUMENTS

package/commands/multi-review.md

@@ -0,0 +1,139 @@
+# Multi Review
+
+Get parallel standard AND adversarial reviews from all available models (Codex, Gemini, Claude Opus).
+
+Each model runs twice: once as a standard reviewer (finding bugs, issues, improvements) and once as an adversarial challenger (breaking confidence in the change, questioning assumptions, targeting hidden failure paths). Results are presented in two sections.
+
+Use `$ARGUMENTS` to steer the adversarial focus (e.g., "focus the challenge on race conditions and rollback safety").
+
+## Arguments
+- `$ARGUMENTS` - Optional: focus area, custom instructions, or adversarial steering
+
+## When to Use
+
+Use `/multi-review` when you want thorough parallel reviews from all available models. Every invocation includes both standard and adversarial passes.
+
+## Examples
+
+```
+/multi-review
+/multi-review focus the challenge on race conditions and rollback safety
+/multi-review challenge whether this was the right caching and retry design
+```
+
+## Before Calling - PREPARE THE HANDOFF
+
+### 1. Summarize What You Did + State the Acceptance Bar
+
+Don't just say what you did — also state the bar the work needs to clear. The bar is what lets reviewers calibrate "material" vs "nice to have." Without it, reviewers default to general code-quality vibes, which produces drift across runs.
+
+```
+"Implemented caching layer for the product catalog API using Redis with cache invalidation on product updates.
+Bar: safe under concurrent updates (no stale reads on the next request) AND p95 read latency under 50ms."
+```
+
+### 2. List Your Uncertainties — Tag Load-Bearing vs Incidental
+
+Tag each uncertainty:
+- `[load-bearing]` = if your assumption here is wrong, the work is NOT shipping-ready
+- `[incidental]` = nice to verify but won't block ship
+
+Reviewers prioritize accordingly, and your synthesis can elevate `[load-bearing]` items above stylistic findings.
+
+```
+UNCERTAINTIES:
+- [load-bearing] "Is the cache invalidation race-free under concurrent updates?"
+- [incidental] "Is the TTL value optimal — could it be 60s instead of 30s?"
+```
+
+### 3. Ask Specific Questions
+```
+QUESTIONS:
+- "Should I use write-through or write-behind caching?"
+- "Is there a race condition in the invalidation logic?"
+```
+
+### 4. Identify Decisions You Made
+
+If you chose between alternatives — caching strategy, retry policy, error-handling shape, schema design, etc. — list them with rationale. The handoff schema's `decisions[]` field gives the adversarial reviewer a concrete hook to attack the design choice rather than just hunt for bugs. Skip if the change is a straightforward bug fix with no design choice involved.
+
+```
+DECISIONS:
+1. Chose write-through cache over write-behind. Rationale: stronger read-after-write consistency at the cost of slightly slower writes; we prioritize correctness for catalog data.
+2. Chose 30s TTL with explicit invalidation on update. Rationale: TTL bounds staleness if invalidation misses; explicit invalidation catches the common path immediately.
+```
+
+## Tool Invocation
+
+Call `multi_review` with:
+
+```json
+{
+  "workingDir": "<current directory>",
+  "ccOutput": "<structured handoff>",
+  "outputType": "analysis",
+  "focusAreas": ["<from $ARGUMENTS>"],
+  "customPrompt": "<steering text from $ARGUMENTS for adversarial focus>"
+}
+```
+
+### Service Tier (from $ARGUMENTS, applies to Codex only)
+- If user says "flex", "cheap", or "budget" → set `serviceTier: "flex"`
+- If user says "default tier" or "standard tier" → set `serviceTier: "default"`
+- Otherwise → omit `serviceTier` (defaults to `"fast"` — priority processing, ~2x cost)
+
+### Structure your ccOutput:
+
+```
+SUMMARY:
+<what you did, 1-3 sentences>
+Bar: <what counts as shipping-ready — concrete acceptance criteria>
+
+UNCERTAINTIES (verify these):
+1. [load-bearing|incidental] <uncertainty>
+2. [load-bearing|incidental] <uncertainty>
+
+QUESTIONS:
+1. <question>
+
+DECISIONS:
+1. <choice>. Rationale: <why this over alternatives>
+2. <choice>. Rationale: <why this over alternatives>
+
+PRIORITY FILES:
+- <file>
+```
+
+## After Receiving Review
+
+You will receive two sections: **Standard Review Findings** and **Challenge Review Findings**.
+
+### Synthesize
+
+1. **Standard findings** — bugs, issues, improvements from each model
+   - Find agreements across models (higher confidence)
+   - Identify conflicts (YOU decide who's right)
+
+2. **Challenge findings** — adversarial challenges from each model
+   - These target assumptions and design decisions, not just bugs
+   - Evaluate on merit — some challenges are speculative by design
+   - Strong challenges with evidence deserve serious consideration
+
+3. **Cross-reference** standard vs challenge findings
+   - Standard + challenge agreement = high confidence issue
+   - Challenge-only finding = investigate further before acting
+
+4. **Verify all findings**
+   - Check file/line references exist
+   - Read actual code
+   - Mark your confidence:
+     - ✓✓ Verified
+     - ✓ Plausible
+     - ? Investigate
+     - ✗ Rejected
+
+5. **Make YOUR recommendation**
+   - Don't just relay findings
+   - Apply your judgment
+
+$ARGUMENTS

package/dist/adapters/base.d.ts

@@ -0,0 +1,120 @@
+/**
+ * Base Adapter Interface for AI Reviewers
+ *
+ * This provides a generic interface that any AI CLI can implement.
+ * Makes it easy to add new models (Ollama, Azure, etc.) without
+ * changing the core orchestration logic.
+ */
+import { FocusArea, OutputType, ReasoningEffort, ServiceTier } from '../types.js';
+export interface ReviewerCapabilities {
+    /** Display name for this reviewer */
+    name: string;
+    /** Short description of the reviewer's strengths */
+    description: string;
+    /** Focus areas this reviewer excels at */
+    strengths: FocusArea[];
+    /** Focus areas this reviewer is weaker at */
+    weaknesses: FocusArea[];
+    /** Whether the reviewer can read files from the filesystem */
+    hasFilesystemAccess: boolean;
+    /** Whether the reviewer supports JSON structured output */
+    supportsStructuredOutput: boolean;
+    /** Maximum context window size (tokens) */
+    maxContextTokens: number;
+    /** Supported reasoning effort levels (if applicable) */
+    reasoningLevels?: ReasoningEffort[];
+}
+export interface ReviewRequest {
+    /** Working directory containing the code */
+    workingDir: string;
+    /** Claude Code's output to review */
+    ccOutput: string;
+    /** Type of output being reviewed */
+    outputType: OutputType;
+    /** Specific files that CC analyzed */
+    analyzedFiles?: string[];
+    /** Areas to focus the review on */
+    focusAreas?: FocusArea[];
+    /** Custom instructions from the user */
+    customPrompt?: string;
+    /** Reasoning effort level (for models that support it) */
+    reasoningEffort?: ReasoningEffort;
+    /** Service tier (Codex). Omit for the review chain's default 'fast' (priority). Pass 'flex' for cheap/slow or 'default' for the Codex API default tier. */
+    serviceTier?: ServiceTier;
+    /** Review mode: standard finds bugs, adversarial challenges assumptions */
+    reviewMode?: 'standard' | 'adversarial';
+}
+export interface ConsultRequest {
+    /** Working directory containing the code (always passed) */
+    workingDir: string;
+    /** CC-composed, self-contained question for the panel */
+    question: string;
+    /** CC-triaged file subset for code-grounded questions; omitted on general questions */
+    relevantFiles?: string[];
+    /** Free-form steering from $ARGUMENTS */
+    customPrompt?: string;
+    /** Reasoning effort (Codex). Default 'xhigh' for consult (deeper questions). */
+    reasoningEffort?: ReasoningEffort;
+    /** Service tier (Codex). Same defaulting rules as ReviewRequest. */
+    serviceTier?: ServiceTier;
+}
+export type ConsultResult = ReviewResult;
+/** @deprecated Use handoff.ts roles instead */
+export interface ExpertRole {
+    name: string;
+    description: string;
+    systemPrompt: string;
+    focusAreas: FocusArea[];
+    evaluationCriteria: string[];
+}
+/** @deprecated Use handoff.ts selectRole() instead */
+export declare const EXPERT_ROLES: Record<string, ExpertRole>;
+/** @deprecated Use handoff.ts selectRole() instead */
+export declare function selectExpertRole(focusAreas?: FocusArea[]): ExpertRole;
+export interface ReviewSuccess {
+    success: true;
+    output: string;
+    executionTimeMs: number;
+}
+export interface ReviewFailure {
+    success: false;
+    error: ReviewError;
+    suggestion?: string;
+    rawOutput?: string;
+    executionTimeMs: number;
+}
+export type ReviewResult = ReviewSuccess | ReviewFailure;
+export interface ReviewError {
+    type: 'cli_not_found' | 'timeout' | 'rate_limit' | 'auth_error' | 'invalid_response' | 'cli_error' | 'parse_error';
+    message: string;
+    details?: Record<string, unknown>;
+}
+/**
+ * Base interface that all reviewer adapters must implement.
+ * This allows easy addition of new AI CLIs without changing orchestration logic.
+ */
+export interface ReviewerAdapter {
+    /** Unique identifier for this adapter */
+    readonly id: string;
+    /** Get capabilities and metadata for this reviewer */
+    getCapabilities(): ReviewerCapabilities;
+    /** Check if the CLI is available and properly configured */
+    isAvailable(): Promise<boolean>;
+    /** Run a review and return structured output */
+    runReview(request: ReviewRequest): Promise<ReviewResult>;
+    /** Run a consultation (Q&A) — required on every adapter. */
+    runConsult(request: ConsultRequest): Promise<ConsultResult>;
+    /**
+     * Optional: Run peer review of another model's output
+     * Future capability - not currently implemented by any adapter
+     */
+    runPeerReview?(originalRequest: ReviewRequest, reviewToScore: string): Promise<ReviewResult>;
+}
+export declare function registerAdapter(adapter: ReviewerAdapter): void;
+export declare function getAdapter(id: string): ReviewerAdapter | undefined;
+export declare function getAllAdapters(): ReviewerAdapter[];
+export declare function getAvailableAdapters(): Promise<ReviewerAdapter[]>;
+/**
+ * Select the best available adapter for given focus areas
+ */
+export declare function selectBestAdapter(focusAreas?: FocusArea[]): Promise<ReviewerAdapter | null>;

package/dist/adapters/base.js

@@ -0,0 +1,98 @@
+/**
+ * Base Adapter Interface for AI Reviewers
+ *
+ * This provides a generic interface that any AI CLI can implement.
+ * Makes it easy to add new models (Ollama, Azure, etc.) without
+ * changing the core orchestration logic.
+ */
+/** @deprecated Use handoff.ts selectRole() instead */
+export const EXPERT_ROLES = {
+    security_auditor: {
+        name: 'Security Auditor', description: 'Security vulnerabilities',
+        systemPrompt: 'Security auditor. Focus on injection, auth bypass, data exposure, input validation.',
+        focusAreas: ['security'], evaluationCriteria: ['Injection', 'Auth', 'Data exposure'],
+    },
+    performance_engineer: {
+        name: 'Performance Engineer', description: 'Performance optimization',
+        systemPrompt: 'Performance engineer. Focus on complexity, N+1 queries, memory leaks.',
+        focusAreas: ['performance', 'scalability'], evaluationCriteria: ['Complexity', 'Memory', 'I/O'],
+    },
+    architect: {
+        name: 'Software Architect', description: 'Architecture and design',
+        systemPrompt: 'Software architect. Focus on SOLID, coupling, abstractions.',
+        focusAreas: ['architecture', 'maintainability'], evaluationCriteria: ['SOLID', 'Coupling', 'Patterns'],
+    },
+    correctness_analyst: {
+        name: 'Correctness Analyst', description: 'Logic errors and bugs',
+        systemPrompt: 'Correctness analyst. Focus on logic errors, edge cases, race conditions.',
+        focusAreas: ['correctness', 'testing'], evaluationCriteria: ['Logic', 'Edge cases', 'Concurrency'],
+    },
+    general_reviewer: {
+        name: 'General Reviewer', description: 'Balanced review',
+        systemPrompt: 'Senior engineer. Review correctness, security, performance, maintainability.',
+        focusAreas: ['security', 'performance', 'architecture', 'correctness', 'maintainability'],
+        evaluationCriteria: ['Correctness', 'Security', 'Performance', 'Quality'],
+    },
+};
+/** @deprecated Use handoff.ts selectRole() instead */
+export function selectExpertRole(focusAreas) {
+    if (!focusAreas || focusAreas.length === 0)
+        return EXPERT_ROLES.general_reviewer;
+    if (focusAreas.includes('security'))
+        return EXPERT_ROLES.security_auditor;
+    if (focusAreas.includes('performance') || focusAreas.includes('scalability'))
+        return EXPERT_ROLES.performance_engineer;
+    if (focusAreas.includes('architecture') || focusAreas.includes('maintainability'))
+        return EXPERT_ROLES.architect;
+    if (focusAreas.includes('correctness') || focusAreas.includes('testing'))
+        return EXPERT_ROLES.correctness_analyst;
+    return EXPERT_ROLES.general_reviewer;
+}
+// =============================================================================
+// ADAPTER REGISTRY
+// =============================================================================
+const adapterRegistry = new Map();
+export function registerAdapter(adapter) {
+    adapterRegistry.set(adapter.id, adapter);
+}
+export function getAdapter(id) {
+    return adapterRegistry.get(id);
+}
+export function getAllAdapters() {
+    return Array.from(adapterRegistry.values());
+}
+export async function getAvailableAdapters() {
+    const adapters = getAllAdapters();
+    const availability = await Promise.all(adapters.map(async (adapter) => ({
+        adapter,
+        available: await adapter.isAvailable(),
+    })));
+    return availability.filter((a) => a.available).map((a) => a.adapter);
+}
+/**
+ * Select the best available adapter for given focus areas
+ */
+export async function selectBestAdapter(focusAreas) {
+    const available = await getAvailableAdapters();
+    if (available.length === 0)
+        return null;
+    if (!focusAreas || focusAreas.length === 0) {
+        return available[0]; // Return first available
+    }
+    // Score each adapter by how well it matches the focus areas
+    const scored = available.map((adapter) => {
+        const caps = adapter.getCapabilities();
+        let score = 0;
+        for (const focus of focusAreas) {
+            if (caps.strengths.includes(focus))
+                score += 2;
+            else if (!caps.weaknesses.includes(focus))
+                score += 1;
+            else
+                score -= 1;
+        }
+        return { adapter, score };
+    });
+    scored.sort((a, b) => b.score - a.score);
+    return scored[0].adapter;
+}

package/dist/adapters/claude.d.ts

@@ -0,0 +1,25 @@
+/**
+ * Claude CLI Adapter
+ *
+ * Implements the ReviewerAdapter interface for Anthropic's Claude CLI.
+ * Spawns a FRESH Claude Code instance with zero session context.
+ * Returns raw text — CC handles interpretation.
+ *
+ * Read-only enforcement (defense-in-depth):
+ *   1. --permission-mode plan     (CLI-level read-only)
+ *   2. --disallowed-tools         (write tools explicitly blocked)
+ *   3. Handoff prompt             (explicit READ-ONLY instruction)
+ */
+import { ReviewerAdapter, ReviewerCapabilities, ReviewRequest, ReviewResult, ConsultRequest, ConsultResult } from './base.js';
+export declare class ClaudeAdapter implements ReviewerAdapter {
+    readonly id = "claude";
+    getCapabilities(): ReviewerCapabilities;
+    isAvailable(): Promise<boolean>;
+    runReview(request: ReviewRequest): Promise<ReviewResult>;
+    private runCli;
+    private handleException;
+    private categorizeError;
+    private getSuggestion;
+    runConsult(request: ConsultRequest): Promise<ConsultResult>;
+}
+export declare const claudeAdapter: ClaudeAdapter;