@wrongstack/core 0.148.0 → 0.236.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (82) hide show
  1. package/dist/{agent-bridge-r9y6gdn4.d.ts → agent-bridge-Cimv7bK7.d.ts} +1 -1
  2. package/dist/{agent-subagent-runner-1GeQE_L0.d.ts → agent-subagent-runner-C658wj_c.d.ts} +9 -8
  3. package/dist/{brain-Cp_3GIS2.d.ts → brain-sCZ3lCjq.d.ts} +28 -2
  4. package/dist/{compactor-BueGt7LG.d.ts → compactor-BRfg3QPd.d.ts} +1 -1
  5. package/dist/{config-BaVThgnT.d.ts → config-Koq6f3fs.d.ts} +2 -2
  6. package/dist/{context-C7G_MtLV.d.ts → context-CLz3z_E8.d.ts} +126 -2
  7. package/dist/coordination/index.d.ts +70 -13
  8. package/dist/coordination/index.js +2126 -151
  9. package/dist/coordination/index.js.map +1 -1
  10. package/dist/defaults/index.d.ts +27 -27
  11. package/dist/defaults/index.js +1328 -354
  12. package/dist/defaults/index.js.map +1 -1
  13. package/dist/execution/index.d.ts +45 -16
  14. package/dist/execution/index.js +367 -59
  15. package/dist/execution/index.js.map +1 -1
  16. package/dist/execution/prompt-enhancer.d.ts +86 -0
  17. package/dist/execution/prompt-enhancer.js +125 -0
  18. package/dist/execution/prompt-enhancer.js.map +1 -0
  19. package/dist/extension/index.d.ts +6 -6
  20. package/dist/extension/index.js +3 -1
  21. package/dist/extension/index.js.map +1 -1
  22. package/dist/{goal-preamble-CYJLg0wk.d.ts → goal-preamble-CnbzyVvl.d.ts} +19 -10
  23. package/dist/{index-BZdezm3g.d.ts → index-BlMqh5GO.d.ts} +8 -8
  24. package/dist/{index-CPweVoFM.d.ts → index-C2eSNPsB.d.ts} +7 -5
  25. package/dist/index.d.ts +439 -129
  26. package/dist/index.js +5206 -905
  27. package/dist/index.js.map +1 -1
  28. package/dist/infrastructure/index.d.ts +7 -7
  29. package/dist/infrastructure/index.js +72 -15
  30. package/dist/infrastructure/index.js.map +1 -1
  31. package/dist/kernel/index.d.ts +9 -9
  32. package/dist/kernel/index.js +7 -1
  33. package/dist/kernel/index.js.map +1 -1
  34. package/dist/{llm-selector-CP72f1lC.d.ts → llm-selector-D22R4AFz.d.ts} +2 -2
  35. package/dist/logger-DmmQhf4P.d.ts +65 -0
  36. package/dist/{mcp-servers-Bl5LTvQg.d.ts → mcp-servers-DFbirBv6.d.ts} +11 -4
  37. package/dist/models/index.d.ts +5 -5
  38. package/dist/models/index.js +89 -9
  39. package/dist/models/index.js.map +1 -1
  40. package/dist/{models-registry-D90K9UnM.d.ts → models-registry-CnJRjTXc.d.ts} +1 -1
  41. package/dist/{multi-agent-coordinator-QWEzJDlm.d.ts → multi-agent-coordinator-60weDZoA.d.ts} +8 -8
  42. package/dist/{null-fleet-bus-BUyfqh23.d.ts → null-fleet-bus-1068dEnr.d.ts} +7 -7
  43. package/dist/observability/index.d.ts +2 -2
  44. package/dist/package-outdated-watcher-pzJ5w7y8.d.ts +560 -0
  45. package/dist/{parallel-eternal-engine-C75QuhAI.d.ts → parallel-eternal-engine-DtG1fjc9.d.ts} +13 -9
  46. package/dist/{path-resolver-DRjQBkoO.d.ts → path-resolver-CA1ULU0J.d.ts} +3 -3
  47. package/dist/{permission-B7nKnEvQ.d.ts → permission-DbWPbuoA.d.ts} +1 -1
  48. package/dist/{permission-policy-8-6zBmfA.d.ts → permission-policy-AOk0LVsV.d.ts} +2 -2
  49. package/dist/pipeline-DsmlwTXu.d.ts +493 -0
  50. package/dist/{plan-templates-CkKNPU3I.d.ts → plan-templates-DPABrDvy.d.ts} +19 -8
  51. package/dist/{provider-runner-BNpuIyOL.d.ts → provider-runner-D0HgUqwV.d.ts} +3 -3
  52. package/dist/{retry-policy-rutAfVeR.d.ts → retry-policy-BVnkbMET.d.ts} +1 -1
  53. package/dist/sdd/index.d.ts +8 -8
  54. package/dist/sdd/index.js +358 -85
  55. package/dist/sdd/index.js.map +1 -1
  56. package/dist/{secret-vault-DoISxaKO.d.ts → secret-vault-BJDY28ev.d.ts} +7 -1
  57. package/dist/{secret-vault-BTcC_T5v.d.ts → secret-vault-CeVNiy_f.d.ts} +4 -3
  58. package/dist/security/index.d.ts +6 -5
  59. package/dist/security/index.js +214 -35
  60. package/dist/security/index.js.map +1 -1
  61. package/dist/{selector-4vDFZKt3.d.ts → selector-Cb4_9-hf.d.ts} +1 -1
  62. package/dist/{session-event-bridge-DWlvglC2.d.ts → session-event-bridge-BhtkkFFy.d.ts} +4 -2
  63. package/dist/{session-reader-BAtCxdaw.d.ts → session-reader-CCOssnBS.d.ts} +1 -1
  64. package/dist/skills/index.js +171 -21
  65. package/dist/skills/index.js.map +1 -1
  66. package/dist/storage/index.d.ts +151 -13
  67. package/dist/storage/index.js +1117 -256
  68. package/dist/storage/index.js.map +1 -1
  69. package/dist/types/index.d.ts +68 -21
  70. package/dist/types/index.js +616 -74
  71. package/dist/types/index.js.map +1 -1
  72. package/dist/utils/expect-defined.js +3 -1
  73. package/dist/utils/expect-defined.js.map +1 -1
  74. package/dist/utils/index.d.ts +80 -4
  75. package/dist/utils/index.js +100 -15
  76. package/dist/utils/index.js.map +1 -1
  77. package/dist/{wstack-paths-DD50Omgn.d.ts → wstack-paths-CJjEwPXn.d.ts} +14 -1
  78. package/package.json +7 -3
  79. package/skills/chimera/SKILL.md +105 -0
  80. package/skills/research-web/SKILL.md +342 -0
  81. package/dist/logger-B9J5puGM.d.ts +0 -32
  82. package/dist/pipeline-BG7UgbDc.d.ts +0 -239
@@ -94,6 +94,19 @@ interface WstackPathOptions {
94
94
  /** Override the global root (e.g. for tests). Default: `${userHome}/.wrongstack`. */
95
95
  globalRoot?: string | undefined;
96
96
  }
97
+ /**
98
+ * The global `~/.wrongstack` root, honoring the `WRONGSTACK_HOME` env
99
+ * override. The override exists so tests (and sandboxed runs) can redirect
100
+ * ALL global state — config, secrets, logs, projects/, mailboxes — away from
101
+ * the real user home. Before it existed, `pnpm test` booted runtimes against
102
+ * the real `~/.wrongstack`: it read the user's real config.json (starting a
103
+ * second live Telegram poller), appended to the real wrongstack.log, and left
104
+ * ~20k orphaned fixture dirs under projects/.
105
+ *
106
+ * Every code path that wants the global dir must come through here (or
107
+ * through `resolveWstackPaths`) instead of `path.join(os.homedir(), '.wrongstack')`.
108
+ */
109
+ declare function wstackGlobalRoot(): string;
97
110
  declare function resolveWstackPaths(opts: WstackPathOptions): WstackPaths;
98
111
 
99
- export { type WstackPaths as W, type WstackPathOptions as a, projectSlug as b, projectHash as p, resolveWstackPaths as r };
112
+ export { type WstackPaths as W, type WstackPathOptions as a, projectSlug as b, projectHash as p, resolveWstackPaths as r, wstackGlobalRoot as w };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@wrongstack/core",
3
- "version": "0.148.0",
3
+ "version": "0.236.0",
4
4
  "license": "MIT",
5
5
  "description": "WrongStack core: kernel, types, defaults, and shared utilities for the WrongStack CLI agent.",
6
6
  "repository": {
@@ -44,6 +44,10 @@
44
44
  "types": "./dist/execution/index.d.ts",
45
45
  "import": "./dist/execution/index.js"
46
46
  },
47
+ "./execution/prompt-enhancer": {
48
+ "types": "./dist/execution/prompt-enhancer.d.ts",
49
+ "import": "./dist/execution/prompt-enhancer.js"
50
+ },
47
51
  "./coordination": {
48
52
  "types": "./dist/coordination/index.d.ts",
49
53
  "import": "./dist/coordination/index.js"
@@ -93,9 +97,9 @@
93
97
  ],
94
98
  "wrongstackApiVersion": "0.1.10",
95
99
  "devDependencies": {
96
- "@types/node": "^22.19.19",
100
+ "@types/node": "^25.9.2",
97
101
  "tsup": "^8.5.1",
98
- "typescript": "^6.0.0"
102
+ "typescript": "^6.0.3"
99
103
  },
100
104
  "publishConfig": {
101
105
  "access": "public"
@@ -0,0 +1,105 @@
1
+ ---
2
+ name: chimera
3
+ description: |
4
+ Use this skill when performing a post-session code quality review of files
5
+ changed during an AI coding session. Activated automatically by the chimera
6
+ plugin after each session completes.
7
+ Triggers: post-session review, chimera agent, session-end code check.
8
+ version: 1.0.0
9
+ ---
10
+
11
+ # Chimera — Post-Session Code Guardian
12
+
13
+ ## Overview
14
+
15
+ You are Chimera, a post-session code quality agent. You run automatically after
16
+ each WrongStack session ends. Your job: review files that were **added or
17
+ modified** during the session and produce a concise, actionable quality report.
18
+
19
+ You do NOT re-litigate decisions the session already discussed. You surface NEW
20
+ issues the session agent may have missed.
21
+
22
+ ## Rules
23
+
24
+ 1. **Only review changed files.** The list of files is provided to you — do not
25
+ expand scope.
26
+ 2. **Read before judging.** Always read the file before flagging an issue.
27
+ 3. **Be surgical.** Flag real bugs, not style preferences. If it compiles and
28
+ the logic is sound, it's fine.
29
+ 4. **No re-litigation.** Do not re-raise issues already discussed in the session
30
+ chat history.
31
+ 5. **Severity-ranked.** Critical > High > Medium > Low. Only report Medium+
32
+ unless a Low is egregious.
33
+ 6. **One finding per line.** Each finding must have: severity, file:line, and a
34
+ one-sentence fix.
35
+
36
+ ## What to look for
37
+
38
+ | Category | Examples | Severity |
39
+ |----------|----------|----------|
40
+ | **Logic bugs** | Off-by-one, inverted condition, null deref without guard | Critical / High |
41
+ | **Type safety** | `as any`, missing return type on export, `!` assertion | Medium |
42
+ | **Error handling** | Missing try/catch on async, swallowed errors | High |
43
+ | **Security** | Hardcoded secret, shell injection, innerHTML XSS | Critical |
44
+ | **Resource leaks** | Event listener not removed, file handle not closed | Medium |
45
+ | **Test gaps** | New logic without corresponding test | Medium |
46
+ | **API design** | Wrong status code, missing validation, secrets in URL | High |
47
+
48
+ ## Report format
49
+
50
+ Write your report as a single message appended to the chat. Use this structure:
51
+
52
+ ```
53
+ ## 🦂 Chimera Review — <session title or date>
54
+
55
+ ### Critical (N)
56
+ 1. [BUG] `path/file.ts:42` — null deref on `user.name` when `user` is undefined
57
+ → Add guard: `if (!user) throw new NotFoundError()`
58
+
59
+ ### High (N)
60
+ 2. [SEC] `path/config.ts:8` — plaintext API key in source
61
+ → Move to env var via `process.env.MY_API_KEY`
62
+
63
+ ### Medium (N)
64
+ 3. [TYPE] `path/helper.ts:15` — `as any` cast silences type error
65
+ → Use `as unknown as T` with a comment explaining the trust boundary
66
+
67
+ ### Summary
68
+ - Files reviewed: N
69
+ - Findings: C critical, H high, M medium
70
+ - Clean files: N
71
+ ```
72
+
73
+ If you find **nothing** worth flagging: write a single line.
74
+
75
+ ```
76
+ ## 🦂 Chimera Review — all clear ✅
77
+ No issues found in N changed files across M packages.
78
+ ```
79
+
80
+ ## Anti-patterns
81
+
82
+ - **Don't flag TODOs or FIXMEs** — those are intentional markers.
83
+ - **Don't flag test fixtures or mock data** for secrets — those are expected.
84
+ - **Don't suggest full rewrites** — be surgical, offer the minimal fix.
85
+ - **Don't review unchanged files** — stick to the provided file list.
86
+ - **Don't produce walls of text** — one finding = one line + one fix line.
87
+
88
+ ## Context you receive
89
+
90
+ The chimera plugin provides:
91
+ - A list of changed file paths (relative to project root)
92
+ - The full content of each changed file
93
+ - A summary of the session (what was worked on, key decisions)
94
+ - The chat history from the session
95
+
96
+ Use the chat history to understand intent — flag only issues the session agent
97
+ likely missed, not decisions it explicitly made.
98
+
99
+ ## Skills in scope
100
+
101
+ - `bug-hunter` — for systematic bug detection patterns
102
+ - `security-scanner` — for security vulnerability patterns
103
+ - `typescript-strict` — for TypeScript type safety rules
104
+ - `api-design` — for API design review patterns
105
+ - `testing` — for test coverage assessment
@@ -0,0 +1,342 @@
1
+ ---
2
+ name: research-web
3
+ description: |
4
+ Use this skill when searching the web for current, up-to-date data during
5
+ a research phase — version checks, ecosystem changes, API deprecations,
6
+ tool comparisons, or any claim that needs live verification against sources
7
+ newer than the model's training cutoff.
8
+ Triggers: user says "research", "current version", "is this still true",
9
+ "latest", "what's new in", "breaking changes", "find current",
10
+ "web research", "search the web", "look up".
11
+ version: 1.0.0
12
+ ---
13
+
14
+ # Research Web — WrongStack
15
+
16
+ ## Overview
17
+
18
+ Teaches the agent how to conduct current-data web research with discipline:
19
+ when to search, how to cross-validate, how to inject findings for reuse, and
20
+ how to delegate research to subagents. Complements the `research-web` mode
21
+ (which provides tool prioritization and behavioral gating); this skill
22
+ provides the deep methodology and patterns the mode prompt can't fit.
23
+
24
+ ## Rules
25
+
26
+ 1. Verify before claiming. Never state a version number, deprecation status,
27
+ or API surface from training data without a live check.
28
+ 2. Two-source minimum. Single-source claims are tentative; two agreeing
29
+ sources is a signal; three is confirmation.
30
+ 3. Inject, don't repeat. After research, use `context_manager` with `add_note`
31
+ to inject a structured summary. Never re-research the same topic.
32
+ 4. Respect the stop rule. 2-3 searches + 1-2 fetches per topic. If no clear
33
+ answer after that, surface the ambiguity rather than research-looping.
34
+ 5. Cite every claim. Domain name minimum; date if visible on the page.
35
+ 6. Match tool to task. `web_search` for discovery, `web_fetch` for detail,
36
+ `fetch` for raw API responses, `search` for source-code-specific queries.
37
+
38
+ ## Research Workflow Taxonomy
39
+
40
+ Not every research task needs the same approach. Match the workflow to the need:
41
+
42
+ ### Quick Lookup (1-2 turns)
43
+ **When**: "What's the latest version of React?" "Is package X still maintained?"
44
+ **Pattern**:
45
+ ```
46
+ web_search("React latest stable version 2025") → discover version
47
+ web_fetch("https://react.dev/versions") → confirm from authoritative source
48
+ context_manager add_note("## Research: React version\n- 19.2.0 (March 2025)\n- Source: react.dev")
49
+ ```
50
+ **Budget**: 1 search + 1 fetch = ~2000 tokens. Done in one turn.
51
+
52
+ ### Deep Investigation (3-4 turns)
53
+ **When**: "How has Next.js middleware changed across 14.x → 15.x?"
54
+ **Pattern**:
55
+ ```
56
+ Turn 1: web_search("Next.js middleware changes 14 to 15") → collect URLs
57
+ Turn 2: web_fetch(upgrade guide), web_fetch(changelog) → parallel fetches
58
+ Turn 3: cross-reference, inject structured findings
59
+ ```
60
+ **Budget**: 2 searches + 2-3 fetches = ~5000 tokens. Use parallel fetches.
61
+
62
+ ### Landscape Survey (fan-out)
63
+ **When**: "Compare the top 5 React state management libraries in 2025"
64
+ **Pattern**: Delegate to subagents. Each researches one library, leader aggregates.
65
+ See "Subagent Delegation" section below.
66
+
67
+ ## Tool Selection Guide
68
+
69
+ | Tool | Best for | Avoid for |
70
+ |------|----------|-----------|
71
+ | `web_search` | Broad discovery, finding current URLs, getting an overview | Deep detail (use `web_fetch` after) |
72
+ | `web_fetch` | Reading a specific page for detail, authoritative confirmation | Broad queries (use `web_search` first) |
73
+ | `search` | Technical docs, source code, API references (DuckDuckGo) | General web queries (use `web_search`) |
74
+ | `fetch` | Raw API responses (JSON), registry endpoints, structured data | HTML pages (use `web_fetch` for markdown conversion) |
75
+ | `context_manager` | Injecting research findings into conversation for future turns | Research itself (this is the *output* tool) |
76
+
77
+ ### Decision heuristic
78
+ ```
79
+ ┌─────────────────┐
80
+ │ What do I need? │
81
+ └────────┬────────┘
82
+ ┌────────────────┼────────────────┐
83
+ ▼ ▼ ▼
84
+ "Discover URLs" "Read a page" "Raw API data"
85
+ │ │ │
86
+ web_search web_fetch fetch
87
+ │ │
88
+ └────────┬───────┘
89
+
90
+ context_manager
91
+ add_note
92
+ ```
93
+
94
+ ## Source Quality Evaluation
95
+
96
+ Rate every source before citing it:
97
+
98
+ | Tier | Examples | Trust |
99
+ |------|----------|-------|
100
+ | **Primary** | Official docs, GitHub releases, registry APIs, RFCs | Cite as fact |
101
+ | **Secondary** | Well-known tech blogs, conference talks by maintainers | Cite with "according to" |
102
+ | **Tertiary** | Stack Overflow, Reddit, personal blogs, LLM-generated content | Corroborate before citing |
103
+
104
+ **Recency check**:
105
+ - Package version: must be ≤ 6 months old to claim "current"
106
+ - API change: must reference the specific version that introduced it
107
+ - Deprecation claim: must cite the deprecation notice (not just "I heard")
108
+ - Ecosystem trend: multiple sources from the current year
109
+
110
+ ## Injection Format Templates
111
+
112
+ Structured `add_note` formats for different research outcomes. The format matters —
113
+ future turns need to parse these quickly without re-reading raw search results.
114
+
115
+ ### Version check
116
+
117
+ ```
118
+ ## Research: [package] version
119
+ - Current latest: [version] ([date])
120
+ - Previous: [version] (for context)
121
+ - Registry source: [npm/pypi/crates.io URL]
122
+ - Confirmed via: [source URL]
123
+ ```
124
+
125
+ ### API / breaking change
126
+
127
+ ```
128
+ ## Research: [package] [feature] changes
129
+ - [Version]: [what changed]
130
+ - [Version]: [what changed]
131
+ - Breaking: [list of breaks]
132
+ - Migration path: [if documented]
133
+ - Source: [upgrade guide URL]
134
+ ```
135
+
136
+ ### Ecosystem comparison
137
+
138
+ ```
139
+ ## Research: [topic] comparison
140
+ - [Tool A]: [key points, version, status]
141
+ - [Tool B]: [key points, version, status]
142
+ - Recommendation: [with rationale]
143
+ - Sources: [URL, URL]
144
+ ```
145
+
146
+ ### Null result (important — prevents re-search)
147
+
148
+ ```
149
+ ## Research: [topic] — no current changes found
150
+ - Searched: [query, query]
151
+ - Result: No breaking changes / deprecations / version bumps found
152
+ - Checked on: [date]
153
+ ```
154
+
155
+ **Always include a null-result note.** Without it, future turns may re-research
156
+ the same topic thinking the data was never gathered.
157
+
158
+ ## Subagent Delegation
159
+
160
+ For landscape surveys and parallel research, delegate to subagents carrying
161
+ this skill. The `research` and `search` roster roles are tuned for this.
162
+
163
+ ### Fan-out pattern (parallel)
164
+
165
+ ```typescript
166
+ // Leader: fan out one topic per subagent
167
+ batch_tool_use([
168
+ {
169
+ tool: "delegate",
170
+ input: {
171
+ task: "Research current state of Zustand: latest version, breaking changes in 5.x, ecosystem position. Inject findings via context_manager.",
172
+ role: "research"
173
+ }
174
+ },
175
+ {
176
+ tool: "delegate",
177
+ input: {
178
+ task: "Research current state of Jotai: latest version, breaking changes, ecosystem position. Inject findings via context_manager.",
179
+ role: "research"
180
+ }
181
+ },
182
+ {
183
+ tool: "delegate",
184
+ input: {
185
+ task: "Research current state of Valtio: latest version, breaking changes, ecosystem position. Inject findings via context_manager.",
186
+ role: "research"
187
+ }
188
+ },
189
+ ])
190
+ ```
191
+
192
+ ### Sequential deep-dive
193
+
194
+ ```typescript
195
+ // Leader: one topic, phased research
196
+ delegate({
197
+ task: "Research React 19 Server Components: what changed from 18→19, current best practices for 'use client' boundaries, known pitfalls. Cross-reference react.dev docs and the GitHub release notes. Inject structured findings.",
198
+ role: "research"
199
+ })
200
+ ```
201
+
202
+ ### Subagent budget guidance
203
+
204
+ | Research type | `maxIterations` | `maxToolCalls` | Notes |
205
+ |---|---|---|---|
206
+ | Quick lookup | 3 | 6 | 1 search + 1 fetch + inject |
207
+ | Deep investigation | 8 | 20 | Multiple searches + cross-ref |
208
+ | Landscape survey | 12 | 30 | Multiple searches + fetches per topic |
209
+
210
+ ## Cross-Validation Patterns
211
+
212
+ ### When sources agree
213
+ ```
214
+ Source A (official docs): React 19.2.0
215
+ Source B (npm registry): 19.2.0
216
+ Source C (GitHub releases): 19.2.0
217
+ → Cite as confirmed. No need to fetch a 4th source.
218
+ ```
219
+
220
+ ### When sources disagree
221
+ ```
222
+ Source A (blog post): Next.js 15.2 deprecated middleware edge runtime
223
+ Source B (official docs): Middleware now defaults to Node.js, edge still available
224
+ → Dig deeper. The blog conflated "default change" with "deprecation".
225
+ → Fetch the actual upgrade guide for the precise language.
226
+ → Flag the disagreement in your findings.
227
+ ```
228
+
229
+ ### When only one source exists
230
+ ```
231
+ Source A (GitHub issue comment): "This API is being removed in v4"
232
+ → Mark as TENTATIVE. State: "One source claims... cannot confirm."
233
+ → If the claim is critical, search specifically for confirmation.
234
+ → Otherwise, move on — don't spend budget chasing unconfirmed rumors.
235
+ ```
236
+
237
+ ## Cost Awareness
238
+
239
+ | Action | Approximate cost | When to use |
240
+ |--------|-----------------|-------------|
241
+ | `web_search` (5 results) | ~500 tokens | Always first — cheap discovery |
242
+ | `web_fetch` (single page) | ~1000-2000 tokens | Only for authoritative sources |
243
+ | `context_manager add_note` | ~0 tokens (metadata op) | After every research cycle |
244
+ | `delegate` (quick lookup subagent) | ~$0.05-0.15 | When research would bloat your context |
245
+ | `delegate` (deep investigation) | ~$0.20-0.50 | Landscape surveys only |
246
+
247
+ **Rule of thumb**: Don't spend more on research than the answer is worth.
248
+ A version check shouldn't cost $0.50. A landscape survey justifying an
249
+ architecture decision might be worth $2.00.
250
+
251
+ ## Anti-Patterns
252
+
253
+ ### Re-researching known data
254
+
255
+ ```typescript
256
+ // ❌ Turn 5: Agent forgets it already researched React version
257
+ web_search("React latest version")
258
+
259
+ // ✅ Turn 2: Agent injected findings via add_note
260
+ // Turn 3-5: Agent sees the note in conversation — skips re-search
261
+ ```
262
+
263
+ ### Fetching without searching first
264
+
265
+ ```typescript
266
+ // ❌ Guessing URLs wastes fetches
267
+ web_fetch("https://react.dev/blog/2025/03/15/react-19-2") // 404
268
+
269
+ // ✅ Search discovers the real URL first
270
+ web_search("React 19.2 release blog post")
271
+ web_fetch(<result from search>)
272
+ ```
273
+
274
+ ### Injecting raw dumps
275
+
276
+ ```typescript
277
+ // ❌ Bloating context with raw JSON
278
+ context_manager add_note(JSON.stringify(searchResults))
279
+
280
+ // ✅ Structured summary
281
+ context_manager add_note("## Research: React version\n- 19.2.0\n- Source: react.dev")
282
+ ```
283
+
284
+ ### Single-source claims
285
+
286
+ ```typescript
287
+ // ❌ One blog post becomes "truth"
288
+ "The React team recommends X" — based on one Medium article from 2023
289
+
290
+ // ✅ Cross-referenced
291
+ "The React docs recommend Y (react.dev). A 2024 blog post also suggests Y.
292
+ One 2023 article suggests X, but this appears outdated."
293
+ ```
294
+
295
+ ### Research-looping
296
+
297
+ ```typescript
298
+ // ❌ 7 searches on the same topic, each slightly rephrased
299
+ web_search("React 19 new features")
300
+ web_search("React 19 what changed")
301
+ web_search("React 19 release notes changes")
302
+ web_search("React 19 difference from 18")
303
+ // ...
304
+
305
+ // ✅ 1-2 broad searches, then targeted fetches
306
+ web_search("React 19 release notes breaking changes")
307
+ web_fetch(<react.dev blog>)
308
+ web_fetch(<GitHub releases>)
309
+ // Done. Inject findings.
310
+ ```
311
+
312
+ ### Researching during tactical work
313
+
314
+ ```typescript
315
+ // ❌ User asks for a quick null-check fix, agent starts web searching
316
+ User: "fix the null deref in auth.ts line 42"
317
+ Agent: web_search("TypeScript null check best practices") // NO
318
+
319
+ // ✅ Research mode is for analysis/discussion phases, not tactical edits
320
+ // The agent already knows how to fix a null deref — just fix it.
321
+ ```
322
+
323
+ ## Workflow
324
+
325
+ ```
326
+ 1. TRIGGER — User asks for current data OR agent realizes knowledge is stale
327
+ 2. CLASSIFY — Quick lookup? Deep investigation? Landscape survey?
328
+ 3. SEARCH — web_search with 5-8 results for broad discovery
329
+ 4. FETCH — web_fetch 1-2 authoritative results for detail (parallelize if >1)
330
+ 5. VALIDATE — Cross-reference: 2+ sources agree? Flag single-source claims
331
+ 6. INJECT — context_manager add_note with structured findings
332
+ 7. CITE — In your response, cite sources for every factual claim
333
+ ```
334
+
335
+ ## Skills in scope
336
+
337
+ - `tech-stack` — for package version verification and ecosystem validation
338
+ - `node-modern` — for Node.js-specific version and API checks
339
+ - `react-modern` — for React-specific version and API checks
340
+ - `security-scanner` — for CVE and vulnerability research
341
+ - `prompt-engineering` — for crafting effective search queries
342
+ - `multi-agent` — for fanning out research to subagents
@@ -1,32 +0,0 @@
1
- import { L as Logger, a as LogLevel } from './logger-B63L5bTg.js';
2
-
3
- interface DefaultLoggerOptions {
4
- level?: LogLevel | undefined;
5
- file?: string | undefined;
6
- pretty?: boolean | undefined;
7
- bindings?: Record<string, unknown>;
8
- /**
9
- * When false, suppress stderr output entirely — only write to the log
10
- * file (if configured). Use this in TUI mode so plugin/library log
11
- * messages don't interleave with Ink's terminal rendering.
12
- * Default: true (stderr output is enabled).
13
- */
14
- stderr?: boolean | undefined;
15
- }
16
- declare class DefaultLogger implements Logger {
17
- level: LogLevel;
18
- private readonly file?;
19
- private readonly bindings;
20
- private readonly pretty;
21
- private readonly stderr;
22
- constructor(opts?: DefaultLoggerOptions);
23
- error(msg: string, ctx?: unknown): void;
24
- warn(msg: string, ctx?: unknown): void;
25
- info(msg: string, ctx?: unknown): void;
26
- debug(msg: string, ctx?: unknown): void;
27
- trace(msg: string, ctx?: unknown): void;
28
- child(bindings: Record<string, unknown>): Logger;
29
- private log;
30
- }
31
-
32
- export { DefaultLogger as D, type DefaultLoggerOptions as a };