auditor-lambda 0.2.11 → 0.2.12

package/dist/cli.js

@@ -24,7 +24,7 @@ import { createFreshSessionProvider, resolveFreshSessionProviderName, } from "./
 import { appendRunLedgerEntry } from "./supervisor/runLedger.js";
 import { buildAuditCodeHandoff, writeAuditCodeHandoffArtifacts, } from "./supervisor/operatorHandoff.js";
 import { getSessionConfigPath, loadSessionConfig, readSessionConfigFile, } from "./supervisor/sessionConfig.js";
-import { clearDispatchFiles, buildRunId, ensureSupervisorDirs, getRunPaths, writeWorkerTaskFiles, } from "./io/runArtifacts.js";
+import { clearDispatchFiles, buildRunId, ensureSupervisorDirs, getRunPaths, writeDispatchBatchFiles, writeWorkerTaskFiles, } from "./io/runArtifacts.js";
 import { renderWorkerPrompt } from "./prompts/renderWorkerPrompt.js";
 import { LOCAL_SUBPROCESS_PROVIDER_NAME } from "./providers/constants.js";
 import { runAuditCodeMcpServer } from "./mcp/server.js";
@@ -154,6 +154,7 @@ async function emitEnvelope(params) {
         providerName: params.providerName,
         progressSummary: params.progress_summary,
         isConfigError: params.isConfigError,
+        activeReviewRun: params.activeReviewRun,
     });
     await writeAuditCodeHandoffArtifacts(handoff);
     console.log(JSON.stringify(buildEnvelope({
@@ -169,7 +170,7 @@ async function emitEnvelope(params) {
 }
 function buildManualReviewBlocker(providerName) {
     return providerName === LOCAL_SUBPROCESS_PROVIDER_NAME
-        ? "Automatic backend steps are exhausted. Remaining semantic review now belongs to the active conversation agent. Review the dispatched files, write structured audit results, and ingest them with audit-code --results <file> or audit-code --batch-results <dir>. If you intentionally want a backend bridge instead, re-run audit-code with --provider auto, --provider claude-code, --provider opencode, --provider subprocess-template, or --provider vscode-task."
+        ? "Automatic backend steps are exhausted. Remaining semantic review now belongs to the active conversation agent. Review the dispatched files, write structured audit results to the run-scoped audit_results_path, and execute the worker_command from current-task.json exactly as written. If you intentionally want a backend bridge instead, re-run audit-code with --provider auto, --provider claude-code, --provider opencode, --provider subprocess-template, or --provider vscode-task."
         : "Automatic work is exhausted. Remaining audit tasks require explicit audit results or an interactive provider.";
 }
 function shouldRunInlineExecutor(selectedExecutor) {
@@ -416,6 +417,51 @@ async function ingestBatchAuditResults(options) {
         next_likely_step: state.status === "complete" ? null : decision.selected_obligation,
     };
 }
+function buildWorkerResult(params) {
+    return {
+        contract_version: WORKER_RESULT_CONTRACT_VERSION,
+        run_id: params.runId,
+        obligation_id: params.obligationId,
+        status: params.status,
+        progress_made: params.progressMade,
+        selected_executor: params.selectedExecutor,
+        artifacts_written: params.artifactsWritten,
+        summary: params.summary,
+        next_likely_step: params.nextLikelyStep,
+        errors: params.errors,
+    };
+}
+async function persistWorkerRunArtifacts(paths, workerResult, executionMode) {
+    await writeJsonFile(paths.resultPath, workerResult);
+    await writeJsonFile(paths.statusPath, {
+        run_id: workerResult.run_id,
+        status: workerResult.status,
+        execution_mode: executionMode,
+        result_path: paths.resultPath,
+    });
+}
+async function persistConfigErrorHandoff(params) {
+    const bundle = await loadArtifactBundle(params.artifactsDir);
+    const blockedState = buildBlockedAuditState({
+        state: bundle.audit_state ?? deriveAuditState(bundle),
+        obligationId: null,
+        executor: null,
+        blocker: params.progressSummary,
+    });
+    await writeCoreArtifacts(params.artifactsDir, {
+        ...bundle,
+        audit_state: blockedState,
+    });
+    const handoff = buildAuditCodeHandoff({
+        root: params.root,
+        artifactsDir: params.artifactsDir,
+        state: blockedState,
+        bundle: { ...bundle, audit_state: blockedState },
+        progressSummary: params.progressSummary,
+        isConfigError: true,
+    });
+    await writeAuditCodeHandoffArtifacts(handoff);
+}
 function isWorkerResult(value) {
     return (typeof value === "object" &&
         value !== null &&
@@ -499,7 +545,20 @@ export async function runSample(argv = process.argv) {
 async function cmdAdvanceAudit(argv) {
     const root = getRootDir(argv);
     const artifactsDir = getArtifactsDir(argv);
-    const sessionConfig = await loadSessionConfig(artifactsDir);
+    await mkdir(artifactsDir, { recursive: true });
+    await ensureSupervisorDirs(artifactsDir);
+    let sessionConfig;
+    try {
+        sessionConfig = await loadSessionConfig(artifactsDir);
+    }
+    catch (error) {
+        await persistConfigErrorHandoff({
+            root,
+            artifactsDir,
+            progressSummary: error instanceof Error ? error.message : String(error),
+        });
+        throw error;
+    }
     const providerName = resolveRunProviderName(argv, sessionConfig);
     const batchResultsDir = getBatchResultsDir(argv);
     if (batchResultsDir && getFlag(argv, "--results")) {
@@ -565,7 +624,20 @@ async function cmdAdvanceAudit(argv) {
 async function cmdRunToCompletion(argv) {
     const root = getRootDir(argv);
     const artifactsDir = getArtifactsDir(argv);
-    const sessionConfig = await loadSessionConfig(artifactsDir);
+    await mkdir(artifactsDir, { recursive: true });
+    await ensureSupervisorDirs(artifactsDir);
+    let sessionConfig;
+    try {
+        sessionConfig = await loadSessionConfig(artifactsDir);
+    }
+    catch (error) {
+        await persistConfigErrorHandoff({
+            root,
+            artifactsDir,
+            progressSummary: error instanceof Error ? error.message : String(error),
+        });
+        throw error;
+    }
     const explicitProvider = getExplicitProvider(argv);
     const provider = createFreshSessionProvider(explicitProvider ?? LOCAL_SUBPROCESS_PROVIDER_NAME, sessionConfig);
     const uiMode = getUiMode(argv, sessionConfig.ui_mode ?? "headless");
@@ -574,8 +646,6 @@ async function cmdRunToCompletion(argv) {
     const parallelWorkers = getParallelWorkers(argv, sessionConfig);
     const timeoutMs = getTimeoutMs(argv, sessionConfig);
     const selfCliPath = resolve(argv[1] ?? process.argv[1] ?? "");
-    await mkdir(artifactsDir, { recursive: true });
-    await ensureSupervisorDirs(artifactsDir);
     const batchResultsDir = getBatchResultsDir(argv);
     if (batchResultsDir && getFlag(argv, "--results")) {
         throw new Error("Use either --results <file> or --batch-results <dir>, not both.");
@@ -702,6 +772,14 @@ async function cmdRunToCompletion(argv) {
                 progress_summary: blocker,
                 next_likely_step: null,
                 providerName: provider.name,
+                activeReviewRun: {
+                    run_id: blockRunId,
+                    task_path: blockPaths.taskPath,
+                    prompt_path: blockPaths.promptPath,
+                    pending_audit_tasks_path: blockPendingTasksPath,
+                    audit_results_path: blockAuditResultsPath,
+                    worker_command: blockTask.worker_command,
+                },
             });
             return;
         }
@@ -758,10 +836,19 @@ async function cmdRunToCompletion(argv) {
                     max_retries: 0,
                 };
                 const slotPrompt = renderWorkerPrompt(slotTask);
-                await writeWorkerTaskFiles(slotTask, slotPrompt, slotPaths, artifactsDir, group);
+                await writeWorkerTaskFiles(slotTask, slotPrompt, slotPaths, artifactsDir, group, { updateDispatch: false });
                 await writeJsonFile(slotPendingTasksPath, group);
                 workerSlots.push({ runId: slotRunId, paths: slotPaths, auditResultsPath: slotAuditResultsPath, pendingTasksPath: slotPendingTasksPath, group });
             }
+            await writeDispatchBatchFiles(artifactsDir, workerSlots.map((slot) => ({
+                run_id: slot.runId,
+                task_path: slot.paths.taskPath,
+                prompt_path: slot.paths.promptPath,
+                result_path: slot.paths.resultPath,
+                status_path: slot.paths.statusPath,
+                audit_results_path: slot.auditResultsPath,
+                pending_audit_tasks_path: slot.pendingTasksPath,
+            })), workerSlots.flatMap((slot) => slot.group));
             const parallelStartedAt = new Date().toISOString();
             const launchResults = await Promise.allSettled(workerSlots.map((slot) => provider.launch({
                 repoRoot: root,
@@ -791,7 +878,17 @@ async function cmdRunToCompletion(argv) {
             const batchErrors = [];
             for (const slot of workerSlots) {
                 const parallelEndedAt = new Date().toISOString();
-                let slotStatus = "no_progress";
+                let workerResult = buildWorkerResult({
+                    runId: slot.runId,
+                    obligationId,
+                    status: "no_progress",
+                    progressMade: false,
+                    selectedExecutor: "agent",
+                    artifactsWritten: [],
+                    summary: "Parallel worker batch made no progress.",
+                    nextLikelyStep: obligationId,
+                    errors: [],
+                });
                 try {
                     const launchError = launchErrorsByRunId.get(slot.runId);
                     if (launchError) {
@@ -822,7 +919,17 @@ async function cmdRunToCompletion(argv) {
                         preferredExecutor: "result_ingestion_executor",
                         auditResultsPath: slot.auditResultsPath,
                     });
-                    slotStatus = stepResult.progress_made ? "completed" : "no_progress";
+                    workerResult = buildWorkerResult({
+                        runId: slot.runId,
+                        obligationId,
+                        status: stepResult.progress_made ? "completed" : "no_progress",
+                        progressMade: stepResult.progress_made,
+                        selectedExecutor: stepResult.selected_executor,
+                        artifactsWritten: stepResult.artifacts_written,
+                        summary: stepResult.progress_summary,
+                        nextLikelyStep: stepResult.next_likely_step,
+                        errors: [],
+                    });
                     batchProgress ||= stepResult.progress_made;
                     if (stepResult.progress_made)
                         anyProgress = true;
@@ -830,17 +937,28 @@ async function cmdRunToCompletion(argv) {
                         artifactsWritten.add(a);
                 }
                 catch (error) {
-                    slotStatus = "failed";
                     const message = error instanceof Error ? error.message : String(error);
                     batchErrors.push(`${slot.runId}: ${message}`);
+                    workerResult = buildWorkerResult({
+                        runId: slot.runId,
+                        obligationId,
+                        status: "failed",
+                        progressMade: false,
+                        selectedExecutor: "agent",
+                        artifactsWritten: [],
+                        summary: `Worker failed for executor agent: ${message}`,
+                        nextLikelyStep: obligationId,
+                        errors: [message],
+                    });
                     process.stderr.write(`[agent-batch] ${slot.runId} failed: ${message}\n`);
                 }
+                await persistWorkerRunArtifacts(slot.paths, workerResult, "parallel-deferred-agent");
                 await appendRunLedgerEntry(artifactsDir, {
                     run_id: slot.runId,
                     provider: provider.name,
                     obligation_id: obligationId,
-                    selected_executor: "agent",
-                    status: slotStatus,
+                    selected_executor: workerResult.selected_executor,
+                    status: workerResult.status,
                     started_at: parallelStartedAt,
                     ended_at: parallelEndedAt,
                     result_path: slot.paths.resultPath,
@@ -940,12 +1058,7 @@ async function cmdRunToCompletion(argv) {
                     errors: [message],
                 };
             }
-            await writeJsonFile(paths.resultPath, workerResult);
-            await writeJsonFile(paths.statusPath, {
-                run_id: runId,
-                status: workerResult.status,
-                execution_mode: "inline",
-            });
+            await persistWorkerRunArtifacts(paths, workerResult, "inline");
             await appendRunLedgerEntry(artifactsDir, {
                 run_id: runId,
                 provider: provider.name,
@@ -1098,7 +1211,7 @@ async function cmdRunToCompletion(argv) {
                 next_likely_step: decision.selected_obligation,
                 errors: [message],
             };
-            await writeJsonFile(paths.resultPath, workerResult);
+            await persistWorkerRunArtifacts(paths, workerResult, "provider-launch");
         }
         await appendRunLedgerEntry(artifactsDir, {
             run_id: runId,

package/dist/extractors/disposition.js

@@ -1,4 +1,4 @@
-import { isNodeModulesOrGit, isBuildOutput, isVendorPath, isBinaryArtifact, isLicensePath, isLockfilePath, isLogPath, isDocPath, normalizeExtractorPath, } from "./pathPatterns.js";
+import { isNodeModulesOrGit, isBuildOutput, isVendorPath, isBinaryArtifact, isLicensePath, isLockfilePath, isLogPath, isDocPath, isGeneratedInstallArtifactPath, normalizeExtractorPath, } from "./pathPatterns.js";
 function inferDisposition(path) {
     const normalized = normalizeExtractorPath(path);
     if (isNodeModulesOrGit(normalized)) {
@@ -29,6 +29,13 @@ function inferDisposition(path) {
     if (isDocPath(normalized)) {
         return { path, status: "doc_only", reason: "Documentation artifact." };
     }
+    if (isGeneratedInstallArtifactPath(normalized)) {
+        return {
+            path,
+            status: "generated",
+            reason: "Generated install/bootstrap artifact.",
+        };
+    }
     return {
         path,
         status: "included",

package/dist/extractors/pathPatterns.d.ts

@@ -13,6 +13,7 @@ export declare function isLogPath(normalized: string): boolean;
 export declare function isLicensePath(normalized: string): boolean;
 export declare function isLockfilePath(normalized: string): boolean;
 export declare function isDocPath(normalized: string): boolean;
+export declare function isGeneratedInstallArtifactPath(normalized: string): boolean;
 export declare function isTestPath(normalized: string): boolean;
 export declare function isInterfacePath(normalized: string): boolean;
 export declare function isDataLayerPath(normalized: string): boolean;

package/dist/extractors/pathPatterns.js

@@ -100,6 +100,9 @@ export function isLockfilePath(normalized) {
 export function isDocPath(normalized) {
     return normalized.endsWith(".md") || hasSegment(normalized, "docs");
 }
+export function isGeneratedInstallArtifactPath(normalized) {
+    return normalized.startsWith(".audit-code/install/");
+}
 export function isTestPath(normalized) {
     return includesAny(normalized, TEST_KEYWORDS);
 }

package/dist/io/runArtifacts.d.ts

@@ -9,8 +9,20 @@ export interface RunPaths {
     stderrPath: string;
     statusPath: string;
 }
+export interface DispatchBatchRun {
+    run_id: string;
+    task_path: string;
+    prompt_path: string;
+    result_path: string;
+    status_path: string;
+    audit_results_path?: string;
+    pending_audit_tasks_path?: string;
+}
 export declare function buildRunId(obligationId: string | null, index: number, now?: Date): string;
 export declare function getRunPaths(artifactsDir: string, runId: string): RunPaths;
 export declare function ensureSupervisorDirs(artifactsDir: string): Promise<void>;
-export declare function writeWorkerTaskFiles(task: WorkerTask, prompt: string, paths: RunPaths, artifactsDir: string, currentTasks?: AuditTask[]): Promise<void>;
+export declare function writeWorkerTaskFiles(task: WorkerTask, prompt: string, paths: RunPaths, artifactsDir: string, currentTasks?: AuditTask[], options?: {
+    updateDispatch?: boolean;
+}): Promise<void>;
+export declare function writeDispatchBatchFiles(artifactsDir: string, runs: DispatchBatchRun[], currentTasks: AuditTask[]): Promise<void>;
 export declare function clearDispatchFiles(artifactsDir: string): Promise<void>;

package/dist/io/runArtifacts.js

@@ -5,6 +5,10 @@ import { writeJsonFile } from "./json.js";
 const moduleDir = dirname(fileURLToPath(import.meta.url));
 const packageRoot = resolve(moduleDir, "..", "..");
 const auditResultSchemaPath = join(packageRoot, "schemas", "audit_result.schema.json");
+const CURRENT_TASK_FILENAME = "current-task.json";
+const CURRENT_PROMPT_FILENAME = "current-prompt.md";
+const CURRENT_TASKS_FILENAME = "current-tasks.json";
+const CURRENT_SCHEMA_FILENAME = "audit-result.schema.json";
 function pad(value, size = 2) {
     return String(value).padStart(size, "0");
 }
@@ -49,7 +53,7 @@ export async function ensureSupervisorDirs(artifactsDir) {
     await mkdir(join(artifactsDir, "dispatch"), { recursive: true });
     await mkdir(join(artifactsDir, "runs"), { recursive: true });
 }
-export async function writeWorkerTaskFiles(task, prompt, paths, artifactsDir, currentTasks) {
+export async function writeWorkerTaskFiles(task, prompt, paths, artifactsDir, currentTasks, options = {}) {
     await mkdir(paths.runDir, { recursive: true });
     await writeJsonFile(paths.taskPath, task);
     await writeFile(paths.promptPath, prompt, "utf8");
@@ -57,17 +61,57 @@ export async function writeWorkerTaskFiles(task, prompt, paths, artifactsDir, cu
         run_id: task.run_id,
         status: "dispatched",
     });
-    await writeJsonFile(join(artifactsDir, "dispatch", "current-task.json"), task);
-    await writeFile(join(artifactsDir, "dispatch", "current-prompt.md"), prompt, "utf8");
-    await writeJsonFile(join(artifactsDir, "dispatch", "current-tasks.json"), currentTasks ?? []);
-    await writeFile(join(artifactsDir, "dispatch", "audit-result.schema.json"), await readFile(auditResultSchemaPath, "utf8"), "utf8");
+    if (options.updateDispatch === false) {
+        await writeFile(join(artifactsDir, "dispatch", CURRENT_SCHEMA_FILENAME), await readFile(auditResultSchemaPath, "utf8"), "utf8");
+        return;
+    }
+    await writeJsonFile(join(artifactsDir, "dispatch", CURRENT_TASK_FILENAME), task);
+    await writeFile(join(artifactsDir, "dispatch", CURRENT_PROMPT_FILENAME), prompt, "utf8");
+    await writeJsonFile(join(artifactsDir, "dispatch", CURRENT_TASKS_FILENAME), currentTasks ?? []);
+    await writeFile(join(artifactsDir, "dispatch", CURRENT_SCHEMA_FILENAME), await readFile(auditResultSchemaPath, "utf8"), "utf8");
+}
+export async function writeDispatchBatchFiles(artifactsDir, runs, currentTasks) {
+    const summary = {
+        contract_version: "audit-code-dispatch/v1alpha1",
+        mode: "parallel-batch",
+        run_count: runs.length,
+        current_tasks_path: join(artifactsDir, "dispatch", CURRENT_TASKS_FILENAME),
+        runs,
+    };
+    const promptLines = [
+        "# audit-code parallel dispatch",
+        "",
+        `This batch launched ${runs.length} deferred review run(s).`,
+        "Each run keeps its own task.json, prompt.md, result.json, and status.json under .audit-artifacts/runs/<run_id>/.",
+        "Use current-tasks.json for the combined task list, then inspect the per-run files below when you need exact prompts or result paths.",
+        "",
+        "Runs:",
+        ...runs.flatMap((run) => [
+            `- ${run.run_id}`,
+            `  task: ${run.task_path}`,
+            `  prompt: ${run.prompt_path}`,
+            `  result: ${run.result_path}`,
+            `  status: ${run.status_path}`,
+            ...(run.audit_results_path
+                ? [`  audit results: ${run.audit_results_path}`]
+                : []),
+            ...(run.pending_audit_tasks_path
+                ? [`  pending tasks: ${run.pending_audit_tasks_path}`]
+                : []),
+        ]),
+        "",
+    ];
+    await writeJsonFile(join(artifactsDir, "dispatch", CURRENT_TASK_FILENAME), summary);
+    await writeFile(join(artifactsDir, "dispatch", CURRENT_PROMPT_FILENAME), promptLines.join("\n"), "utf8");
+    await writeJsonFile(join(artifactsDir, "dispatch", CURRENT_TASKS_FILENAME), currentTasks);
+    await writeFile(join(artifactsDir, "dispatch", CURRENT_SCHEMA_FILENAME), await readFile(auditResultSchemaPath, "utf8"), "utf8");
 }
 export async function clearDispatchFiles(artifactsDir) {
     const targets = [
-        "current-task.json",
-        "current-prompt.md",
-        "current-tasks.json",
-        "audit-result.schema.json",
+        CURRENT_TASK_FILENAME,
+        CURRENT_PROMPT_FILENAME,
+        CURRENT_TASKS_FILENAME,
+        CURRENT_SCHEMA_FILENAME,
     ];
     for (const name of targets) {
         await rm(join(artifactsDir, "dispatch", name), { force: true });

package/dist/supervisor/operatorHandoff.d.ts

@@ -11,9 +11,20 @@ export interface AuditCodeHandoffArtifactPaths {
     operator_handoff_markdown: string;
     session_config: string;
     run_ledger: string;
+    current_task: string | null;
+    current_prompt: string | null;
+    current_tasks: string | null;
     audit_tasks: string | null;
     runtime_validation_tasks: string | null;
 }
+export interface ActiveReviewRun {
+    run_id: string;
+    task_path: string;
+    prompt_path: string;
+    pending_audit_tasks_path?: string;
+    audit_results_path: string;
+    worker_command: string[];
+}
 export declare const CONFIG_ERROR_BLOCKER_PREFIX = "config-error:";
 export interface AuditCodeHandoff {
     status: AuditTopLevelStatus;
@@ -26,6 +37,7 @@ export interface AuditCodeHandoff {
     suggested_commands: string[];
     interactive_provider_hint: string | null;
     artifact_paths: AuditCodeHandoffArtifactPaths;
+    active_review_run?: ActiveReviewRun;
 }
 export declare function buildAuditCodeHandoff(params: {
     root: string;
@@ -35,5 +47,6 @@ export declare function buildAuditCodeHandoff(params: {
     providerName?: string | null;
     progressSummary: string;
     isConfigError?: boolean;
+    activeReviewRun?: ActiveReviewRun;
 }): AuditCodeHandoff;
 export declare function writeAuditCodeHandoffArtifacts(handoff: AuditCodeHandoff): Promise<void>;

package/dist/supervisor/operatorHandoff.js

@@ -8,6 +8,9 @@ const OPERATOR_HANDOFF_JSON_FILENAME = "operator-handoff.json";
 const OPERATOR_HANDOFF_MARKDOWN_FILENAME = "operator-handoff.md";
 const SESSION_CONFIG_FILENAME = "session-config.json";
 const RUN_LEDGER_FILENAME = "run-ledger.json";
+const CURRENT_TASK_FILENAME = "current-task.json";
+const CURRENT_PROMPT_FILENAME = "current-prompt.md";
+const CURRENT_TASKS_FILENAME = "current-tasks.json";
 const AUDIT_TASKS_FILENAME = "audit_tasks.json";
 const RUNTIME_VALIDATION_TASKS_FILENAME = "runtime_validation_tasks.json";
 const BLOCKED_STATUS = "blocked";
@@ -29,6 +32,12 @@ function quoteShellPath(filePath) {
     // double-quote wrapping plus escaping embedded double quotes.
     return `"${filePath.replace(/"/g, '\\"')}"`;
 }
+function quoteShellArg(value) {
+    return quoteShellPath(value);
+}
+function renderShellCommand(argv) {
+    return argv.map((item) => quoteShellArg(item)).join(" ");
+}
 function buildPendingObligations(state) {
     return state.obligations
         .filter((item) => !NON_PENDING_OBLIGATION_STATES.has(item.state))
@@ -55,10 +64,19 @@ function buildSummary(status, providerName, fallbackSummary) {
         ? `Automatic work can continue under ${providerName}. Re-run the same wrapper or inspect the listed artifacts if you need operator context.`
         : "Automatic work can continue. Re-run the same wrapper or inspect the listed artifacts if you need operator context.";
 }
-function buildSuggestedInputs(artifactsDir, status, isConfigError) {
+function buildSuggestedInputs(artifactsDir, status, isConfigError, activeReviewRun) {
     if (status !== BLOCKED_STATUS || isConfigError) {
         return [];
     }
+    if (activeReviewRun) {
+        return [
+            {
+                flag: "--results",
+                suggested_path: activeReviewRun.audit_results_path,
+                description: "Write structured audit-review results for the currently dispatched run, then execute the exact worker command below to ingest them.",
+            },
+        ];
+    }
     const incomingDir = join(artifactsDir, INCOMING_DIRNAME);
     return [
         {
@@ -83,10 +101,13 @@ function buildSuggestedInputs(artifactsDir, status, isConfigError) {
         },
     ];
 }
-function buildSuggestedCommands(suggestedInputs, status) {
+function buildSuggestedCommands(suggestedInputs, status, activeReviewRun) {
     if (status !== BLOCKED_STATUS) {
         return [];
     }
+    if (activeReviewRun) {
+        return [renderShellCommand(activeReviewRun.worker_command)];
+    }
     return suggestedInputs.map((item) => `audit-code ${item.flag} ${quoteShellPath(item.suggested_path)}`);
 }
 function buildInteractiveProviderHint(status, providerName, sessionConfigPath, isConfigError) {
@@ -126,6 +147,9 @@ function renderMarkdown(handoff) {
     lines.push(`- incoming dir: ${handoff.artifact_paths.incoming_dir}`);
     lines.push(`- session config: ${handoff.artifact_paths.session_config}`);
     lines.push(`- run ledger: ${handoff.artifact_paths.run_ledger}`);
+    lines.push(`- current task: ${handoff.artifact_paths.current_task ?? "not available"}`);
+    lines.push(`- current prompt: ${handoff.artifact_paths.current_prompt ?? "not available"}`);
+    lines.push(`- current tasks: ${handoff.artifact_paths.current_tasks ?? "not available"}`);
     lines.push(`- audit tasks: ${handoff.artifact_paths.audit_tasks ?? "not available yet"}`);
     lines.push(`- runtime validation tasks: ${handoff.artifact_paths.runtime_validation_tasks ?? "not available yet"}`);
     if (handoff.suggested_inputs.length > 0) {
@@ -141,6 +165,16 @@ function renderMarkdown(handoff) {
             lines.push(`- ${command}`);
         }
     }
+    if (handoff.active_review_run) {
+        lines.push("", "Active review run:");
+        lines.push(`- run id: ${handoff.active_review_run.run_id}`);
+        lines.push(`- task file: ${handoff.active_review_run.task_path}`);
+        lines.push(`- prompt file: ${handoff.active_review_run.prompt_path}`);
+        if (handoff.active_review_run.pending_audit_tasks_path) {
+            lines.push(`- pending tasks: ${handoff.active_review_run.pending_audit_tasks_path}`);
+        }
+        lines.push(`- audit results: ${handoff.active_review_run.audit_results_path}`);
+    }
     if (handoff.interactive_provider_hint) {
         lines.push("", "Interactive provider hint:");
         lines.push(`- ${handoff.interactive_provider_hint}`);
@@ -157,6 +191,15 @@ export function buildAuditCodeHandoff(params) {
         operator_handoff_markdown: join(params.artifactsDir, OPERATOR_HANDOFF_MARKDOWN_FILENAME),
         session_config: join(params.artifactsDir, SESSION_CONFIG_FILENAME),
         run_ledger: join(params.artifactsDir, RUN_LEDGER_FILENAME),
+        current_task: params.state.status === BLOCKED_STATUS
+            ? join(params.artifactsDir, "dispatch", CURRENT_TASK_FILENAME)
+            : null,
+        current_prompt: params.state.status === BLOCKED_STATUS
+            ? join(params.artifactsDir, "dispatch", CURRENT_PROMPT_FILENAME)
+            : null,
+        current_tasks: params.state.status === BLOCKED_STATUS
+            ? join(params.artifactsDir, "dispatch", CURRENT_TASKS_FILENAME)
+            : null,
         audit_tasks: params.bundle.audit_tasks
             ? join(params.artifactsDir, AUDIT_TASKS_FILENAME)
             : null,
@@ -164,7 +207,7 @@ export function buildAuditCodeHandoff(params) {
             ? join(params.artifactsDir, RUNTIME_VALIDATION_TASKS_FILENAME)
             : null,
     };
-    const suggestedInputs = buildSuggestedInputs(params.artifactsDir, params.state.status, isConfigError);
+    const suggestedInputs = buildSuggestedInputs(params.artifactsDir, params.state.status, isConfigError, params.activeReviewRun);
     return {
         status: params.state.status,
         repo_root: params.root,
@@ -173,9 +216,10 @@ export function buildAuditCodeHandoff(params) {
         summary: buildSummary(params.state.status, params.providerName ?? null, params.progressSummary),
         pending_obligations: buildPendingObligations(params.state),
         suggested_inputs: suggestedInputs,
-        suggested_commands: buildSuggestedCommands(suggestedInputs, params.state.status),
+        suggested_commands: buildSuggestedCommands(suggestedInputs, params.state.status, params.activeReviewRun),
         interactive_provider_hint: buildInteractiveProviderHint(params.state.status, params.providerName ?? null, artifactPaths.session_config, isConfigError),
         artifact_paths: artifactPaths,
+        active_review_run: params.activeReviewRun,
     };
 }
 export async function writeAuditCodeHandoffArtifacts(handoff) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "auditor-lambda",
-  "version": "0.2.11",
+  "version": "0.2.12",
   "private": false,
   "description": "Portable hybrid code-auditing framework for arbitrary repositories.",
   "type": "module",

package/schemas/audit-code-v1alpha1.schema.json

@@ -154,6 +154,41 @@
         "interactive_provider_hint": {
           "type": ["string", "null"]
         },
+        "active_review_run": {
+          "type": "object",
+          "additionalProperties": false,
+          "required": [
+            "run_id",
+            "task_path",
+            "prompt_path",
+            "audit_results_path",
+            "worker_command"
+          ],
+          "properties": {
+            "run_id": {
+              "type": "string"
+            },
+            "task_path": {
+              "type": "string"
+            },
+            "prompt_path": {
+              "type": "string"
+            },
+            "pending_audit_tasks_path": {
+              "type": "string"
+            },
+            "audit_results_path": {
+              "type": "string"
+            },
+            "worker_command": {
+              "type": "array",
+              "minItems": 1,
+              "items": {
+                "type": "string"
+              }
+            }
+          }
+        },
         "artifact_paths": {
           "type": "object",
           "additionalProperties": false,
@@ -163,6 +198,9 @@
             "operator_handoff_markdown",
             "session_config",
             "run_ledger",
+            "current_task",
+            "current_prompt",
+            "current_tasks",
             "audit_tasks",
             "runtime_validation_tasks"
           ],
@@ -182,6 +220,15 @@
             "run_ledger": {
               "type": "string"
             },
+            "current_task": {
+              "type": ["string", "null"]
+            },
+            "current_prompt": {
+              "type": ["string", "null"]
+            },
+            "current_tasks": {
+              "type": ["string", "null"]
+            },
             "audit_tasks": {
               "type": ["string", "null"]
             },