@sweny-ai/core 0.1.5 → 0.1.7

package/dist/claude.d.ts

@@ -31,6 +31,12 @@ export declare class ClaudeClient implements Claude {
     private defaultContext;
     private mcpServers;
     constructor(opts?: ClaudeClientOptions);
+    /**
+     * Build env for the Claude Code subprocess.
+     * OAuth token takes priority over API key to prevent .env files from
+     * overriding the user's subscription-based auth.
+     */
+    private buildEnv;
     run(opts: {
         instruction: string;
         context: Record<string, unknown>;

package/dist/claude.js

@@ -27,6 +27,18 @@ export class ClaudeClient {
         this.defaultContext = opts.defaultContext ?? { config: {}, logger: this.logger };
         this.mcpServers = opts.mcpServers ?? {};
     }
+    /**
+     * Build env for the Claude Code subprocess.
+     * OAuth token takes priority over API key to prevent .env files from
+     * overriding the user's subscription-based auth.
+     */
+    buildEnv() {
+        const env = Object.fromEntries(Object.entries(process.env).filter((e) => e[1] != null));
+        if (env.CLAUDE_CODE_OAUTH_TOKEN) {
+            delete env.ANTHROPIC_API_KEY;
+        }
+        return env;
+    }
     async run(opts) {
         const { instruction, context, tools, outputSchema, onProgress } = opts;
         const toolCalls = [];
@@ -47,8 +59,7 @@ export class ClaudeClient {
         ]
             .filter(Boolean)
             .join("\n\n");
-        // Spread process.env so Claude Code inherits PATH, HOME, auth tokens, etc.
-        const env = Object.fromEntries(Object.entries(process.env).filter((e) => e[1] != null));
+        const env = this.buildEnv();
         let response = "";
         try {
             const allMcpServers = { ...this.mcpServers };
@@ -62,6 +73,8 @@ export class ClaudeClient {
                     cwd: this.cwd,
                     env,
                     permissionMode: "bypassPermissions",
+                    allowDangerouslySkipPermissions: true,
+                    stderr: (data) => this.logger.debug(`[claude-code] ${data}`),
                     ...(this.model ? { model: this.model } : {}),
                     ...(Object.keys(allMcpServers).length > 0 ? { mcpServers: allMcpServers } : {}),
                 },
@@ -82,6 +95,20 @@ export class ClaudeClient {
                         onProgress?.(clean.length > 80 ? clean.slice(0, 79) + "\u2026" : clean);
                     }
                 }
+                else if (message.type === "assistant") {
+                    // Extract tool_use blocks from assistant messages (MCP tool calls)
+                    const am = message;
+                    if (am.message?.content && Array.isArray(am.message.content)) {
+                        for (const block of am.message.content) {
+                            if (block.type === "tool_use") {
+                                toolCalls.push({
+                                    tool: stripMcpPrefix(block.name ?? ""),
+                                    input: block.input,
+                                });
+                            }
+                        }
+                    }
+                }
                 else if (message.type === "result") {
                     const resultMsg = message;
                     if (resultMsg.subtype === "success" && "result" in resultMsg) {
@@ -121,7 +148,7 @@ export class ClaudeClient {
             `\nChoices:\n${choiceList}`,
             `\nRespond with ONLY the choice ID, nothing else.`,
         ].join("\n");
-        const env = Object.fromEntries(Object.entries(process.env).filter((e) => e[1] != null));
+        const env = this.buildEnv();
         let response = "";
         try {
             const stream = query({
@@ -131,6 +158,8 @@ export class ClaudeClient {
                     cwd: this.cwd,
                     env,
                     permissionMode: "bypassPermissions",
+                    allowDangerouslySkipPermissions: true,
+                    stderr: (data) => this.logger.debug(`[claude-code] ${data}`),
                     ...(this.model ? { model: this.model } : {}),
                 },
             });

package/dist/cli/config-file.d.ts

@@ -3,10 +3,13 @@
  * Sets `process.env[KEY]` only if not already defined (real env vars win).
  */
 export declare function loadDotenv(cwd?: string): void;
+/** Parsed config file — flat strings for scalar fields, arrays for list fields. */
+export type FileConfig = Record<string, string | string[]>;
 /**
- * Search upward from `cwd` for `.sweny.yml` and parse it into flat key-value pairs.
+ * Search upward from `cwd` for `.sweny.yml` and parse it.
+ * Scalar values are strings, list values (rules, context) are string arrays.
  * Returns empty object if no config file is found.
  */
-export declare function loadConfigFile(cwd?: string): Record<string, string>;
+export declare function loadConfigFile(cwd?: string): FileConfig;
 /** Starter config written by `sweny init`. */
 export declare const STARTER_CONFIG = "# .sweny.yml \u2014 SWEny project configuration\n# Commit this file. Secrets (API keys, tokens) go in .env (gitignored).\n#\n# Every key matches a CLI flag: \"time-range: 4h\" is the same as \"--time-range 4h\".\n# CLI flags override this file; env vars override this file; this file overrides defaults.\n\n# \u2500\u2500 Providers \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n# observability-provider: datadog        # datadog | sentry | cloudwatch | splunk | elastic | newrelic | loki | prometheus | pagerduty | heroku | opsgenie | vercel | supabase | netlify | fly | render | file\n# issue-tracker-provider: github-issues  # github-issues | linear | jira\n# source-control-provider: github        # github | gitlab\n# coding-agent-provider: claude          # claude | codex | gemini\n# notification-provider: console         # console | slack | teams | discord | email | webhook\n\n# \u2500\u2500 Investigation \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n# time-range: 24h\n# severity-focus: errors\n# service-filter: \"*\"\n# investigation-depth: standard          # quick | standard | thorough\n\n# \u2500\u2500 PR / branch \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n# base-branch: main\n# pr-labels: agent,triage,needs-review\n\n# \u2500\u2500 Paths \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n# service-map-path: .github/service-map.yml\n# log-file: ./logs/errors.json           # required when observability-provider is \"file\"\n\n# \u2500\u2500 Cache \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n# cache-dir: .sweny/cache\n# cache-ttl: 86400\n\n# \u2500\u2500 MCP servers \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n# Extend the coding agent with additional tools via MCP.\n# Value is a JSON object \u2014 each key is a server name you choose.\n# See docs/mcp-servers.md for a full catalog with copy-paste configs.\n#\n# Example: GitHub MCP server (query PRs, issues, CI run logs)\n# mcp-servers-json: '{\"github\":{\"type\":\"stdio\",\"command\":\"npx\",\"args\":[\"-y\",\"@modelcontextprotocol/server-github@latest\"],\"env\":{\"GITHUB_PERSONAL_ACCESS_TOKEN\":\"ghp_...\"}}}'\n\n# \u2500\u2500 Local-only quick start \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n# Uncomment to run without any external services (just an LLM API key):\n# observability-provider: file\n# log-file: ./sample-errors.json\n# issue-tracker-provider: file\n# source-control-provider: file\n# notification-provider: file\n# output-dir: .sweny/output\n\n# \u2500\u2500 Credentials (.env) \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n# Copy the relevant block into your .env file and fill in the values.\n#\n# Claude (coding agent) \u2014 https://console.anthropic.com/settings/api-keys\n#   ANTHROPIC_API_KEY=sk-ant-...\n#\n# GitHub (source control + issue tracker)\n#   GITHUB_TOKEN=ghp_...        # https://github.com/settings/tokens (repo + issues scopes)\n#\n# Datadog (observability) \u2014 https://app.datadoghq.com/organization-settings\n#   DD_API_KEY=...              # Organization Settings > API Keys\n#   DD_APP_KEY=...              # Organization Settings > Application Keys\n#   DD_SITE=datadoghq.com       # or datadoghq.eu, us3.datadoghq.com, etc.\n#\n# Sentry (observability) \u2014 https://sentry.io/settings/auth-tokens/\n#   SENTRY_AUTH_TOKEN=sntrys_...\n#   SENTRY_ORG=your-org-slug    # from sentry.io/organizations/<slug>/\n#   SENTRY_PROJECT=your-project # Project Settings > General > Project Slug\n#\n# Linear (issue tracker) \u2014 https://linear.app/settings/api\n#   LINEAR_API_KEY=lin_api_...\n#   LINEAR_TEAM_ID=...          # Settings > Workspace > Teams > [team] > copy ID from URL\n#   LINEAR_BUG_LABEL_ID=...     # Settings > Labels > [label] > copy ID from URL\n#\n# Jira (issue tracker) \u2014 https://your-org.atlassian.net\n#   JIRA_BASE_URL=https://your-org.atlassian.net\n#   JIRA_EMAIL=you@company.com  # your Atlassian account email\n#   JIRA_API_TOKEN=...          # https://id.atlassian.com/manage-profile/security/api-tokens\n#\n# Vercel (observability) \u2014 https://vercel.com/account/tokens\n#   VERCEL_TOKEN=...\n#   VERCEL_PROJECT_ID=prj_...      # Project Settings > General > Project ID\n#   VERCEL_TEAM_ID=team_...        # optional, for team-owned projects\n#\n# Supabase (observability) \u2014 https://supabase.com/dashboard/account/tokens\n#   SUPABASE_MANAGEMENT_KEY=...\n#   SUPABASE_PROJECT_REF=...       # Project Settings > General > Reference ID\n#\n# Netlify (observability) \u2014 https://app.netlify.com/user/applications#personal-access-tokens\n#   NETLIFY_TOKEN=...\n#   NETLIFY_SITE_ID=...         # Site Settings > General > Site ID\n#\n# Fly.io (observability) \u2014 https://fly.io/user/personal_access_tokens\n#   FLY_TOKEN=...\n#   FLY_APP_NAME=...             # the name of your Fly.io application\n#\n# Render (observability) \u2014 https://dashboard.render.com/u/settings\n#   RENDER_API_KEY=...\n#   RENDER_SERVICE_ID=srv-...    # from your service's Settings page\n#\n# Prometheus (observability) \u2014 self-hosted or Grafana Cloud\n#   PROMETHEUS_URL=http://prometheus.internal:9090\n#   PROMETHEUS_TOKEN=...         # optional, for secured instances\n#\n# PagerDuty (observability) \u2014 https://your-account.pagerduty.com/api_keys\n#   PAGERDUTY_API_KEY=...\n#\n# Honeycomb (observability) \u2014 https://docs.honeycomb.io/api/\n#   HONEYCOMB_API_KEY=...\n#   HONEYCOMB_DATASET=...        # dataset name (e.g. production)\n#\n# Heroku (observability) \u2014 https://devcenter.heroku.com/articles/platform-api-reference\n#   HEROKU_API_KEY=...           # https://dashboard.heroku.com/account\n#   HEROKU_APP_NAME=...          # the name of your Heroku application\n#\n# OpsGenie (observability) \u2014 https://support.atlassian.com/opsgenie/docs/api-key-management/\n#   OPSGENIE_API_KEY=...\n#   OPSGENIE_REGION=us           # or eu for EU-hosted accounts\n#\n# Slack (notifications) \u2014 https://api.slack.com/apps\n#   NOTIFICATION_WEBHOOK_URL=https://hooks.slack.com/services/...\n#   # or use a bot token: SLACK_BOT_TOKEN=xoxb-...\n";

package/dist/cli/config-file.js

@@ -1,5 +1,6 @@
 import * as fs from "node:fs";
 import * as path from "node:path";
+import { parse as parseYaml } from "yaml";
 /**
  * Auto-load a `.env` file from the given directory.
  * Sets `process.env[KEY]` only if not already defined (real env vars win).
@@ -32,7 +33,8 @@ export function loadDotenv(cwd = process.cwd()) {
     }
 }
 /**
- * Search upward from `cwd` for `.sweny.yml` and parse it into flat key-value pairs.
+ * Search upward from `cwd` for `.sweny.yml` and parse it.
+ * Scalar values are strings, list values (rules, context) are string arrays.
  * Returns empty object if no config file is found.
  */
 export function loadConfigFile(cwd = process.cwd()) {
@@ -46,22 +48,22 @@ export function loadConfigFile(cwd = process.cwd()) {
     catch {
         return {};
     }
+    let raw;
+    try {
+        raw = parseYaml(content);
+    }
+    catch {
+        return {};
+    }
+    if (!raw || typeof raw !== "object")
+        return {};
     const config = {};
-    for (const line of content.split("\n")) {
-        const trimmed = line.trim();
-        if (!trimmed || trimmed.startsWith("#"))
-            continue;
-        const colonIndex = trimmed.indexOf(":");
-        if (colonIndex === -1)
-            continue;
-        const key = trimmed.slice(0, colonIndex).trim();
-        let value = trimmed.slice(colonIndex + 1).trim();
-        // Strip surrounding quotes
-        if ((value.startsWith('"') && value.endsWith('"')) || (value.startsWith("'") && value.endsWith("'"))) {
-            value = value.slice(1, -1);
+    for (const [key, value] of Object.entries(raw)) {
+        if (Array.isArray(value)) {
+            config[key] = value.map(String);
         }
-        if (key && value !== "") {
-            config[key] = value;
+        else if (value != null && value !== "") {
+            config[key] = String(value);
         }
     }
     return config;

package/dist/cli/config.d.ts

@@ -1,5 +1,6 @@
 import type { Command } from "commander";
 import type { McpServerConfig } from "../types.js";
+import type { FileConfig } from "./config-file.js";
 export interface CliConfig {
     codingAgentProvider: string;
     anthropicApiKey: string;
@@ -57,9 +58,11 @@ export interface CliConfig {
     outputDir: string;
     mcpServers: Record<string, McpServerConfig>;
     workspaceTools: string[];
+    rules: string[];
+    context: string[];
 }
 export declare function registerTriageCommand(program: Command): Command;
-export declare function parseCliInputs(options: Record<string, unknown>, fileConfig?: Record<string, string>): CliConfig;
+export declare function parseCliInputs(options: Record<string, unknown>, fileConfig?: FileConfig): CliConfig;
 /**
  * All recognized workspace tool names. Update here when adding a new Category B MCP server.
  *

package/dist/cli/config.js

@@ -65,8 +65,26 @@ export function registerTriageCommand(program) {
 }
 export function parseCliInputs(options, fileConfig = {}) {
     const env = process.env;
-    // Config file lookup helper: CLI flag > env var > file > default
-    const f = (key) => fileConfig[key] || undefined;
+    // Config file lookup helper: CLI flag > env var > file > default (scalar only)
+    const f = (key) => {
+        const v = fileConfig[key];
+        return typeof v === "string" && v ? v : undefined;
+    };
+    // Array helper: CLI flag (comma-separated) > file > default
+    const fa = (key, cliKey) => {
+        const cliVal = options[cliKey ?? key];
+        if (cliVal)
+            return cliVal
+                .split(",")
+                .map((s) => s.trim())
+                .filter(Boolean);
+        const fileVal = fileConfig[key];
+        if (Array.isArray(fileVal))
+            return fileVal;
+        if (typeof fileVal === "string" && fileVal)
+            return [fileVal];
+        return [];
+    };
     const obsProvider = options.observabilityProvider || f("observability-provider") || "datadog";
     return {
         codingAgentProvider: options.agent || options.codingAgentProvider || f("coding-agent-provider") || "claude",
@@ -138,6 +156,8 @@ export function parseCliInputs(options, fileConfig = {}) {
             .split(",")
             .map((s) => s.trim())
             .filter(Boolean),
+        rules: fa("rules"),
+        context: fa("context"),
     };
 }
 /**
@@ -395,7 +415,10 @@ export function validateWarnings(config) {
 }
 function parseObservabilityCredentials(provider, options, fileConfig = {}) {
     const env = process.env;
-    const f = (key) => fileConfig[key] || undefined;
+    const f = (key) => {
+        const v = fileConfig[key];
+        return typeof v === "string" && v ? v : undefined;
+    };
     switch (provider) {
         case "datadog":
             return {

package/dist/cli/main.js

@@ -12,6 +12,8 @@ import { implementWorkflow } from "../workflows/implement.js";
 import { consoleLogger } from "../types.js";
 import { ClaudeClient } from "../claude.js";
 import { createSkillMap, configuredSkills } from "../skills/index.js";
+import { buildAutoMcpServers, buildProviderContext } from "../mcp.js";
+import { loadAdditionalContext } from "../templates.js";
 import { validateWorkflow as validateWorkflowSchema } from "../schema.js";
 import { parse as parseYaml, stringify as stringifyYaml } from "yaml";
 import { buildWorkflow, refineWorkflow } from "../workflow-builder.js";
@@ -106,6 +108,8 @@ function buildCredentialMap() {
         "NR_API_KEY",
         "NR_REGION",
         "BETTERSTACK_API_TOKEN",
+        "BETTERSTACK_SOURCE_ID",
+        "BETTERSTACK_TABLE_NAME",
         "SLACK_BOT_TOKEN",
         "SLACK_TEAM_ID",
         "NOTION_TOKEN",
@@ -132,6 +136,41 @@ function buildMcpAutoConfig(config) {
         userMcpServers: Object.keys(config.mcpServers).length > 0 ? config.mcpServers : undefined,
     };
 }
+/**
+ * Build provider context string (available tools/providers).
+ */
+function buildProviderCtx(config, mcpServers) {
+    const extras = {};
+    if (config.observabilityCredentials.sourceId) {
+        extras["BetterStack source ID"] = config.observabilityCredentials.sourceId;
+    }
+    if (config.observabilityCredentials.tableName) {
+        extras["BetterStack table name"] = config.observabilityCredentials.tableName;
+    }
+    return buildProviderContext({
+        observabilityProvider: config.observabilityProvider,
+        issueTrackerProvider: config.issueTrackerProvider,
+        sourceControlProvider: config.sourceControlProvider,
+        mcpServers: Object.keys(mcpServers),
+        extras: Object.keys(extras).length > 0 ? extras : undefined,
+    });
+}
+/**
+ * Resolve rules and context from config into structured workflow input fields.
+ * Local files + inline text are resolved now; URLs are passed to the prepare node.
+ */
+async function resolveRulesAndContext(config) {
+    const [rulesResult, contextResult] = await Promise.all([
+        loadAdditionalContext(config.rules),
+        loadAdditionalContext(config.context),
+    ]);
+    return {
+        rules: rulesResult.resolved,
+        context: contextResult.resolved,
+        rulesUrls: rulesResult.urls,
+        contextUrls: contextResult.urls,
+    };
+}
 // ── sweny triage ──────────────────────────────────────────────────────
 const triageCmd = registerTriageCommand(program);
 triageCmd.action(async (options) => {
@@ -152,12 +191,15 @@ triageCmd.action(async (options) => {
     if (!config.json) {
         console.log(formatBanner(config, version));
     }
-    // ── Build skill map + Claude client ──────────────────────
+    // ── Build skill map + MCP servers + Claude client ──────────
     const skills = createSkillMap(configuredSkills());
+    const mcpAutoConfig = buildMcpAutoConfig(config);
+    const mcpServers = buildAutoMcpServers(mcpAutoConfig);
     const claude = new ClaudeClient({
         maxTurns: config.maxInvestigateTurns || 50,
         cwd: process.cwd(),
         logger: consoleLogger,
+        mcpServers,
     });
     // ── Progress display state ─────────────────────────────────
     const FRAMES = ["\u280B", "\u2819", "\u2839", "\u2838", "\u283C", "\u2834", "\u2826", "\u2827", "\u2807", "\u280F"];
@@ -278,9 +320,13 @@ triageCmd.action(async (options) => {
         };
     const observer = composeObservers(progressObserver, config.stream ? createStreamObserver() : undefined);
     // ── Build workflow input from config ──────────────────────
-    // TODO: The triage workflow input structure may need further refinement
-    // once the workflow nodes have stabilized. For now, pass config fields
-    // that the workflow instructions can reference via the `input` context.
+    const providerCtx = buildProviderCtx(config, mcpServers);
+    const { rules, context, rulesUrls, contextUrls } = await resolveRulesAndContext(config);
+    // Combine provider context + additional instructions into the context field
+    const contextParts = [providerCtx];
+    if (config.additionalInstructions)
+        contextParts.push(config.additionalInstructions);
+    const fullContext = [contextParts.join("\n\n"), context].filter(Boolean).join("\n\n---\n\n");
     const workflowInput = {
         timeRange: config.timeRange,
         severityFocus: config.severityFocus,
@@ -295,6 +341,19 @@ triageCmd.action(async (options) => {
         issueOverride: config.issueOverride,
         noveltyMode: config.noveltyMode,
         reviewMode: config.reviewMode,
+        observabilityProvider: config.observabilityProvider,
+        ...(config.observabilityCredentials.sourceId && {
+            betterstackSourceId: config.observabilityCredentials.sourceId,
+        }),
+        ...(config.observabilityCredentials.tableName && {
+            betterstackTableName: config.observabilityCredentials.tableName,
+        }),
+        // Structured rules/context for executor
+        rules,
+        context: fullContext,
+        // URLs for the prepare node to fetch at runtime
+        rulesUrls,
+        contextUrls,
     };
     try {
         const results = await execute(triageWorkflow, workflowInput, {
@@ -346,13 +405,19 @@ implementCmd.action(async (issueId, options) => {
         maxImplementTurns: parseInt(String(options.maxImplementTurns || fileConfig["max-implement-turns"] || "40"), 10),
         baseBranch: options.baseBranch || fileConfig["base-branch"] || "main",
         repository: options.repository || process.env.GITHUB_REPOSITORY || "",
-        outputDir: options.outputDir || process.env.SWENY_OUTPUT_DIR || fileConfig["output-dir"] || ".sweny/output",
+        outputDir: options.outputDir ||
+            process.env.SWENY_OUTPUT_DIR ||
+            fileConfig["output-dir"] ||
+            ".sweny/output",
     };
     const skills = createSkillMap(configuredSkills());
+    const mcpAutoConfig = buildMcpAutoConfig(config);
+    const mcpServers = buildAutoMcpServers(mcpAutoConfig);
     const claude = new ClaudeClient({
         maxTurns: config.maxImplementTurns || 40,
         cwd: process.cwd(),
         logger: consoleLogger,
+        mcpServers,
     });
     console.log(chalk.cyan(`\n  sweny implement ${issueId}\n`));
     const isTTY = process.stderr.isTTY ?? false;
@@ -468,10 +533,13 @@ export async function workflowRunAction(file, options) {
     const isJson = Boolean(options.json);
     const isTTY = !isJson && (process.stderr.isTTY ?? false);
     const skills = createSkillMap(configuredSkills());
+    const mcpAutoConfig = buildMcpAutoConfig(config);
+    const mcpServers = buildAutoMcpServers(mcpAutoConfig);
     const claude = new ClaudeClient({
         maxTurns: config.maxInvestigateTurns || 50,
         cwd: process.cwd(),
         logger: consoleLogger,
+        mcpServers,
     });
     // Track per-node entry time to compute elapsed on exit
     const nodeEnterTimes = new Map();
@@ -519,6 +587,14 @@ export async function workflowRunAction(file, options) {
         baseBranch: config.baseBranch,
         prLabels: config.prLabels,
         additionalInstructions: config.additionalInstructions,
+        observabilityProvider: config.observabilityProvider,
+        ...(config.observabilityCredentials.sourceId && {
+            betterstackSourceId: config.observabilityCredentials.sourceId,
+        }),
+        ...(config.observabilityCredentials.tableName && {
+            betterstackTableName: config.observabilityCredentials.tableName,
+        }),
+        context: buildProviderCtx(config, mcpServers),
     };
     try {
         const results = await execute(workflow, workflowInput, {

package/dist/executor.js

@@ -46,11 +46,8 @@ export async function execute(workflow, input, options) {
                 return output;
             },
         }));
-        // Prepend additional context to instruction if provided
-        const additionalContext = typeof input?.additionalContext === "string" ? input.additionalContext : "";
-        const instruction = additionalContext
-            ? `## Additional Context & Rules\n\n${additionalContext}\n\n---\n\n${node.instruction}`
-            : node.instruction;
+        // Prepend rules and context to instruction if provided
+        const instruction = buildNodeInstruction(node.instruction, input);
         // Run Claude on this node
         const result = await claude.run({
             instruction,
@@ -74,6 +71,36 @@ export async function execute(workflow, input, options) {
     return results;
 }
 // ─── Internals ───────────────────────────────────────────────────
+/**
+ * Build the full instruction for a node by prepending rules and context.
+ * Rules get "You MUST follow" framing; context gets "Background" framing.
+ * Falls back to legacy `additionalContext` if rules/context aren't set.
+ */
+function buildNodeInstruction(baseInstruction, input) {
+    const inp = input;
+    if (!inp)
+        return baseInstruction;
+    const sections = [];
+    // New structured format
+    const rules = typeof inp.rules === "string" && inp.rules ? inp.rules : "";
+    const context = typeof inp.context === "string" && inp.context ? inp.context : "";
+    if (rules) {
+        sections.push(`## Rules — You MUST Follow These\n\n${rules}`);
+    }
+    if (context) {
+        sections.push(`## Background Context\n\n${context}`);
+    }
+    // Legacy fallback
+    if (sections.length === 0) {
+        const legacy = typeof inp.additionalContext === "string" ? inp.additionalContext : "";
+        if (legacy) {
+            sections.push(`## Additional Context & Rules\n\n${legacy}`);
+        }
+    }
+    if (sections.length === 0)
+        return baseInstruction;
+    return `${sections.join("\n\n")}\n\n---\n\n${baseInstruction}`;
+}
 /** Call observer without letting exceptions crash the workflow */
 function safeObserve(observer, event, logger) {
     if (!observer)

package/dist/index.d.ts

@@ -31,7 +31,8 @@ export { github, linear, slack, sentry, datadog, notification, builtinSkills, cr
 export type { SkillValidationResult } from "./skills/index.js";
 export { workflowZ, nodeZ, edgeZ, skillZ, parseWorkflow, validateWorkflow, workflowJsonSchema } from "./schema.js";
 export type { WorkflowError } from "./schema.js";
-export { buildAutoMcpServers } from "./mcp.js";
+export { buildAutoMcpServers, buildProviderContext } from "./mcp.js";
+export type { ProviderContextOptions } from "./mcp.js";
 export type { McpServerConfig, McpAutoConfig } from "./types.js";
 export { buildWorkflow, refineWorkflow } from "./workflow-builder.js";
 export type { BuildWorkflowOptions } from "./workflow-builder.js";

package/dist/index.js

@@ -31,7 +31,7 @@ export { github, linear, slack, sentry, datadog, notification, builtinSkills, cr
 // Schema & validation
 export { workflowZ, nodeZ, edgeZ, skillZ, parseWorkflow, validateWorkflow, workflowJsonSchema } from "./schema.js";
 // MCP auto-injection
-export { buildAutoMcpServers } from "./mcp.js";
+export { buildAutoMcpServers, buildProviderContext } from "./mcp.js";
 // Workflow builder
 export { buildWorkflow, refineWorkflow } from "./workflow-builder.js";
 // Templates

package/dist/mcp.d.ts

@@ -9,3 +9,18 @@ import type { McpAutoConfig, McpServerConfig } from "./types.js";
  * User-supplied servers (userMcpServers) always win on key conflicts.
  */
 export declare function buildAutoMcpServers(config: McpAutoConfig): Record<string, McpServerConfig>;
+export interface ProviderContextOptions {
+    observabilityProvider?: string;
+    issueTrackerProvider?: string;
+    sourceControlProvider?: string;
+    /** Which MCP servers were actually injected (keys from buildAutoMcpServers) */
+    mcpServers: string[];
+    /** Extra details to include (e.g. betterstack source ID) */
+    extras?: Record<string, string>;
+}
+/**
+ * Build a human-readable summary of configured providers and MCP tools.
+ * Prepended to every node instruction via additionalContext so the agent
+ * knows exactly what tools are available and how to use them.
+ */
+export declare function buildProviderContext(opts: ProviderContextOptions): string;

package/dist/mcp.js

@@ -183,3 +183,44 @@ export function buildAutoMcpServers(config) {
     // User-supplied servers always win on key conflict.
     return { ...auto, ...(config.userMcpServers ?? {}) };
 }
+/**
+ * Build a human-readable summary of configured providers and MCP tools.
+ * Prepended to every node instruction via additionalContext so the agent
+ * knows exactly what tools are available and how to use them.
+ */
+export function buildProviderContext(opts) {
+    const lines = ["## Available Providers & Tools", ""];
+    // Observability
+    if (opts.observabilityProvider) {
+        const mcpNote = opts.mcpServers.includes(opts.observabilityProvider)
+            ? ` (available via MCP — use its tools to query logs, errors, and metrics)`
+            : "";
+        lines.push(`- **Observability**: ${opts.observabilityProvider}${mcpNote}`);
+    }
+    // BetterStack as secondary (token present but not primary provider)
+    if (opts.observabilityProvider !== "betterstack" && opts.mcpServers.includes("betterstack")) {
+        lines.push(`- **Logs**: betterstack (available via MCP — use its tools to query logs)`);
+    }
+    // Issue tracker
+    if (opts.issueTrackerProvider) {
+        const mcpNote = opts.mcpServers.includes(opts.issueTrackerProvider === "github-issues" ? "github" : opts.issueTrackerProvider)
+            ? ` (available via MCP)`
+            : "";
+        lines.push(`- **Issue tracker**: ${opts.issueTrackerProvider}${mcpNote}`);
+    }
+    // Source control
+    if (opts.sourceControlProvider) {
+        const mcpNote = opts.mcpServers.includes(opts.sourceControlProvider) ? ` (available via MCP)` : "";
+        lines.push(`- **Source control**: ${opts.sourceControlProvider}${mcpNote}`);
+    }
+    // Extras (source IDs, table names, etc.)
+    if (opts.extras && Object.keys(opts.extras).length > 0) {
+        lines.push("");
+        for (const [key, value] of Object.entries(opts.extras)) {
+            lines.push(`- **${key}**: ${value}`);
+        }
+    }
+    lines.push("");
+    lines.push("Use all available MCP tools to gather data. " + "MCP tools are already connected — just call them directly.");
+    return lines.join("\n");
+}

package/dist/templates.d.ts

@@ -25,7 +25,11 @@ export declare function resolveTemplates(config: {
     prTemplate?: string;
 }, cwd?: string): Promise<Templates>;
 /**
- * Load additional context documents (local files or URLs).
+ * Load additional context documents (local files, URLs, or inline text).
  * Each source is loaded and wrapped with a header.
+ * Returns { resolved, urls } — resolved text for files/inline, urls for agent to fetch.
  */
-export declare function loadAdditionalContext(sources: string[], cwd?: string): Promise<string>;
+export declare function loadAdditionalContext(sources: string[], cwd?: string): Promise<{
+    resolved: string;
+    urls: string[];
+}>;

package/dist/templates.js

@@ -89,22 +89,46 @@ export async function resolveTemplates(config, cwd) {
     return { issueTemplate, prTemplate };
 }
 /**
- * Load additional context documents (local files or URLs).
+ * Classify a source entry as URL, file path, or inline text.
+ */
+function classifySource(source) {
+    if (source.startsWith("http://") || source.startsWith("https://"))
+        return "url";
+    if (source.startsWith("./") || source.startsWith("../") || source.startsWith("/"))
+        return "file";
+    return "inline";
+}
+/**
+ * Load additional context documents (local files, URLs, or inline text).
  * Each source is loaded and wrapped with a header.
+ * Returns { resolved, urls } — resolved text for files/inline, urls for agent to fetch.
  */
 export async function loadAdditionalContext(sources, cwd = process.cwd()) {
     if (sources.length === 0)
-        return "";
+        return { resolved: "", urls: [] };
     const parts = [];
+    const urls = [];
     for (const source of sources) {
         const trimmed = source.trim();
         if (!trimmed)
             continue;
-        const label = trimmed.startsWith("http") ? trimmed : path.basename(trimmed);
-        const content = await loadTemplate(trimmed, "", cwd);
-        if (content) {
-            parts.push(`### ${label}\n\n${content}`);
+        const kind = classifySource(trimmed);
+        if (kind === "url") {
+            urls.push(trimmed);
+        }
+        else if (kind === "file") {
+            const content = await loadTemplate(trimmed, "", cwd);
+            if (content) {
+                parts.push(`### ${path.basename(trimmed)}\n\n${content}`);
+            }
+        }
+        else {
+            // Inline text — use as-is
+            parts.push(trimmed);
         }
     }
-    return parts.length > 0 ? parts.join("\n\n---\n\n") : "";
+    return {
+        resolved: parts.length > 0 ? parts.join("\n\n---\n\n") : "",
+        urls,
+    };
 }

package/dist/types.d.ts

@@ -68,7 +68,7 @@ export interface NodeResult {
 export interface ToolCall {
     tool: string;
     input: unknown;
-    output: unknown;
+    output?: unknown;
 }
 export type ExecutionEvent = {
     type: "workflow:start";

package/dist/workflows/triage.d.ts

@@ -1,8 +1,8 @@
 /**
  * Triage Workflow
  *
- * Investigate a production alert → gather context from available
- * providers → determine root cause → create issue → notify team.
+ * Investigate a production alert → gather context → determine root cause →
+ * create/update issue → implement fix → open PR → notify team.
  *
  * Provider-agnostic: nodes list all compatible skills per category.
  * The executor uses whichever skills are configured. Pre-execution

package/dist/workflows/triage.js

@@ -1,8 +1,8 @@
 /**
  * Triage Workflow
  *
- * Investigate a production alert → gather context from available
- * providers → determine root cause → create issue → notify team.
+ * Investigate a production alert → gather context → determine root cause →
+ * create/update issue → implement fix → open PR → notify team.
  *
  * Provider-agnostic: nodes list all compatible skills per category.
  * The executor uses whichever skills are configured. Pre-execution
@@ -17,9 +17,23 @@
 export const triageWorkflow = {
     id: "triage",
     name: "Alert Triage",
-    description: "Investigate a production alert, determine root cause, create an issue, and notify the team",
-    entry: "gather",
+    description: "Investigate a production alert, determine root cause, create an issue, implement a fix, and notify the team",
+    entry: "prepare",
     nodes: {
+        prepare: {
+            name: "Load Rules & Context",
+            instruction: `You are preparing for a triage workflow. Your job is to fetch and review any knowledge documents listed in the input.
+
+1. Check input for \`rules_urls\` and \`context_urls\` arrays.
+2. For each URL, fetch its content:
+   - Linear document URLs → use the Linear MCP tools (get_document or search_documentation)
+   - Other HTTP URLs → fetch directly
+3. Summarize the key rules and context that downstream workflow nodes should follow.
+4. Output the consolidated information so it's available to all subsequent steps.
+
+If there are no URLs to fetch, just pass through — this step is a no-op.`,
+            skills: ["linear"],
+        },
         gather: {
             name: "Gather Context",
             instruction: `You are investigating a production alert. Gather all relevant context using the available tools:
@@ -40,6 +54,7 @@ Be thorough — the investigation step depends on complete context. Use every to
 3. Assess severity: critical (service down), high (major feature broken), medium (degraded), low (cosmetic/minor).
 4. Determine affected services and users.
 5. Recommend a fix approach.
+6. Assess fix complexity: "simple" (a few lines, clear change), "moderate" (multiple files but well-understood), or "complex" (architectural, risky, or unclear).
 
 **Novelty check (REQUIRED — you MUST do this before finishing):**
 Search the issue tracker for existing issues (BOTH open AND closed) that cover the same root cause, error pattern, or affected service. Use github_search_issues and/or linear_search_issues with multiple keyword variations.
@@ -61,6 +76,7 @@ Set is_duplicate=true if ANY match is found. Set is_duplicate=false ONLY if you
                     duplicate_of: { type: "string", description: "Issue ID/URL if duplicate" },
                     recommendation: { type: "string" },
                     fix_approach: { type: "string" },
+                    fix_complexity: { type: "string", enum: ["simple", "moderate", "complex"] },
                 },
                 required: ["root_cause", "severity", "is_duplicate", "recommendation"],
             },
@@ -81,25 +97,62 @@ If context.issueTemplate is provided, use it as the format for the issue body. O
 Create the issue in whichever tracker is available to you.`,
             skills: ["linear", "github"],
         },
+        skip: {
+            name: "Skip — Duplicate or Low Priority",
+            instruction: `This alert was determined to be a duplicate or low-priority.
+
+If this is a **duplicate** of an existing issue (check context for duplicate_of):
+1. Find the existing issue using the issue tracker tools.
+2. Add a comment: "+1 — SWEny triage confirmed this issue is still active (seen again at {current UTC timestamp}). Latest context: {1-2 sentence summary of what was found this run}."
+3. If the issue is closed/done, reopen it or note in the comment that the bug has recurred.
+
+If this is just **low priority**, log a brief note about why it was skipped.`,
+            skills: ["linear", "github"],
+        },
+        implement: {
+            name: "Implement Fix",
+            instruction: `Implement the fix identified during investigation:
+
+1. Create a feature branch from the base branch (check context for baseBranch, default "main").
+2. Read the relevant source files to understand the current code.
+3. Make the necessary code changes — fix the bug, nothing more.
+4. Run any existing tests if available to verify the fix doesn't break anything.
+5. Stage and commit with a clear commit message referencing the issue.
+
+Keep changes minimal and focused. Do not refactor surrounding code or add unrelated improvements.
+
+If the fix turns out to be more complex than expected, stop and explain why — do not force a bad fix.`,
+            skills: ["github"],
+        },
+        create_pr: {
+            name: "Open Pull Request",
+            instruction: `Open a pull request for the fix:
+
+1. Push the branch to the remote.
+2. Create a PR with a clear title referencing the issue (e.g. "[OFF-1020] fix: guard empty pdf_texts before access").
+3. In the PR body, include: summary of the bug, what the fix does, and a link to the issue.
+4. Add appropriate labels if available.
+
+If context.prTemplate is provided, use it as the format for the PR body. Otherwise use a clear structure with: Summary, Changes, Testing, and Related Issues.
+
+Return the PR URL and number.`,
+            skills: ["github"],
+        },
         notify: {
             name: "Notify Team",
             instruction: `Send a notification summarizing the triage result:
 
-1. Include: alert summary, severity, root cause (1-2 sentences), and a link to the created issue.
+1. Include: alert summary, severity, root cause (1-2 sentences), and links to any created issues or PRs.
 2. For critical/high severity, make the notification urgent.
 3. For medium/low, a standard notification is fine.
 
 Use whichever notification channel is available to you.`,
             skills: ["slack", "notification"],
         },
-        skip: {
-            name: "Skip — Duplicate or Low Priority",
-            instruction: `This alert was determined to be a duplicate or low-priority.
-Log a brief note about why it was skipped. No further action needed.`,
-            skills: [],
-        },
     },
     edges: [
+        // prepare → gather (always)
+        { from: "prepare", to: "gather" },
         // gather → investigate (always)
         { from: "gather", to: "investigate" },
         // investigate → create_issue (if novel and actionable)
@@ -114,7 +167,33 @@ Log a brief note about why it was skipped. No further action needed.`,
             to: "skip",
             when: "is_duplicate is true, OR severity is low",
         },
-        // create_issue → notify (always)
-        { from: "create_issue", to: "notify" },
+        // create_issue → implement (if fix is clear and not too complex)
+        {
+            from: "create_issue",
+            to: "implement",
+            when: "fix_complexity is simple or moderate AND fix_approach is provided AND dryRun is not true",
+        },
+        // create_issue → notify (if fix is too complex or risky, or dry run)
+        {
+            from: "create_issue",
+            to: "notify",
+            when: "fix_complexity is complex, OR no clear fix_approach, OR dryRun is true",
+        },
+        // skip → implement (duplicate exists but has a clear unfixed bug with a simple fix)
+        {
+            from: "skip",
+            to: "implement",
+            when: "is_duplicate is true AND the duplicate issue is still open/unfixed AND fix_complexity is simple or moderate AND fix_approach is provided AND dryRun is not true",
+        },
+        // skip → notify (duplicate was +1'd, no implementation needed or too complex)
+        {
+            from: "skip",
+            to: "notify",
+            when: "is_duplicate is true AND (fix_complexity is complex OR no fix_approach OR the issue already has a PR in progress OR dryRun is true), OR severity is low",
+        },
+        // implement → create_pr (always after successful implementation)
+        { from: "implement", to: "create_pr" },
+        // create_pr → notify (always)
+        { from: "create_pr", to: "notify" },
     ],
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sweny-ai/core",
-  "version": "0.1.5",
+  "version": "0.1.7",
   "type": "module",
   "bin": {
     "sweny": "./dist/cli/main.js"