auditor-lambda 0.10.7 → 0.11.0

package/schemas/dispatch_quota.schema.json

@@ -56,7 +56,7 @@
     },
     "source": {
       "type": "string",
-      "enum": ["explicit_config", "cli_flags", "known_metadata", "learned", "default"],
+      "enum": ["explicit_config", "cli_flags", "known_metadata", "provider_default", "learned", "default"],
       "description": "Where the resolved limits came from."
     },
     "host_concurrency_limit": {
@@ -75,7 +75,7 @@
         },
         "source": {
           "type": "string",
-          "enum": ["cli_flags", "session_config", "environment"]
+          "enum": ["cli_flags", "host_reported", "session_config", "environment"]
         },
         "description": {
           "type": "string",
@@ -98,6 +98,90 @@
       "format": "date-time",
       "description": "If non-null, the host should wait until this timestamp before launching the next wave."
     },
+    "binding_cap": {
+      "type": "string",
+      "enum": ["rpm", "tpm", "learned", "fallback", "first_contact", "cooldown", "host_concurrency", "none"],
+      "description": "The most constraining cap across capacity pools."
+    },
+    "capacity_pools": {
+      "type": "array",
+      "description": "Per-pool allocation summaries when dispatch capacity was computed across one or more pools.",
+      "items": {
+        "type": "object",
+        "required": [
+          "pool_id",
+          "slots",
+          "model",
+          "confidence",
+          "source",
+          "resolved_limits",
+          "host_concurrency_limit",
+          "cooldown_until",
+          "estimated_wave_tokens",
+          "binding_cap"
+        ],
+        "additionalProperties": false,
+        "properties": {
+          "pool_id": { "type": "string", "minLength": 1 },
+          "slots": { "type": "integer", "minimum": 1 },
+          "model": { "type": ["string", "null"] },
+          "confidence": { "type": "string", "enum": ["high", "medium", "low"] },
+          "source": {
+            "type": "string",
+            "enum": ["explicit_config", "cli_flags", "known_metadata", "provider_default", "learned", "default"]
+          },
+          "resolved_limits": {
+            "type": "object",
+            "required": [
+              "context_tokens",
+              "output_tokens",
+              "requests_per_minute",
+              "input_tokens_per_minute",
+              "output_tokens_per_minute"
+            ],
+            "additionalProperties": false,
+            "properties": {
+              "context_tokens": { "type": "integer", "minimum": 1 },
+              "output_tokens": { "type": "integer", "minimum": 1 },
+              "requests_per_minute": { "type": ["integer", "null"], "minimum": 1 },
+              "input_tokens_per_minute": { "type": ["integer", "null"], "minimum": 1 },
+              "output_tokens_per_minute": { "type": ["integer", "null"], "minimum": 1 }
+            }
+          },
+          "host_concurrency_limit": {
+            "type": ["object", "null"],
+            "required": ["active_subagents", "source", "description"],
+            "additionalProperties": false,
+            "properties": {
+              "active_subagents": { "type": "integer", "minimum": 1 },
+              "source": {
+                "type": "string",
+                "enum": ["cli_flags", "host_reported", "session_config", "environment"]
+              },
+              "description": { "type": "string", "minLength": 1 }
+            }
+          },
+          "cooldown_until": { "type": ["string", "null"], "format": "date-time" },
+          "estimated_wave_tokens": { "type": "integer", "minimum": 0 },
+          "binding_cap": {
+            "type": "string",
+            "enum": ["rpm", "tpm", "learned", "fallback", "first_contact", "cooldown", "host_concurrency", "none"]
+          },
+          "quota_source_snapshot": {
+            "type": ["object", "null"],
+            "additionalProperties": false,
+            "properties": {
+              "remaining_pct": { "type": ["number", "null"] },
+              "reset_at": { "type": ["string", "null"], "format": "date-time" },
+              "requests_remaining": { "type": ["integer", "null"] },
+              "tokens_remaining": { "type": ["integer", "null"] },
+              "captured_at": { "type": "string", "format": "date-time" },
+              "source": { "type": "string" }
+            }
+          }
+        }
+      }
+    },
     "quota_source_snapshot": {
       "type": ["object", "null"],
       "description": "Real-time usage snapshot from a QuotaSource, if available.",

package/schemas/finding.schema.json

@@ -59,7 +59,20 @@
       "minItems": 1,
       "items": { "type": "string" }
     },
-    "theme_id": { "type": "string" }
+    "theme_id": { "type": "string" },
+    "contract_goal_id": { "type": "string" },
+    "contract_obligation_ids": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "verification_obligation_ids": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "targeted_commands": {
+      "type": "array",
+      "items": { "type": "string" }
+    }
   },
   "additionalProperties": false
 }

package/scripts/postinstall.mjs

@@ -41,8 +41,7 @@ const OPENCODE_AUDIT_EXTERNAL_DIRECTORY_PERMISSION = { '*': 'allow' };
 const OPENCODE_AUDIT_EDIT_PERMISSION = {
   '*': 'ask',
   '.audit-code/**': 'allow',
-  '.audit-artifacts/**': 'allow',
-  'audit-report.md': 'allow',
+  '.audit-tools/**': 'allow',
 };
 
 const OPENCODE_AUDIT_BASH_PERMISSION = {

package/skills/audit-code/audit-code.prompt.md

@@ -58,7 +58,7 @@ If the returned step is a dispatch step, before launching subagents check
   immediately.
 
 After the **first** `next-step` (the intake step) completes, confirm the audit
-scope before proceeding. Read `scope_summary.json` from the `.audit-artifacts/`
+scope before proceeding. Read `scope_summary.json` from the `.audit-tools/audit/`
 directory. It contains `repo_root`, `auditable_file_count`, `git_available`, and
 `mis_scope_smells`. Then: