auditor-lambda 0.3.2 → 0.3.4

package/dist/prompts/renderWorkerPrompt.js

@@ -7,11 +7,18 @@ export function renderWorkerPrompt(task) {
     if (task.preferred_executor === "agent" && task.audit_results_path) {
         const tasksPath = task.pending_audit_tasks_path ??
             `${task.artifacts_dir}/audit_tasks.json`;
+        const resultsSchemaPath = `${task.artifacts_dir}/dispatch/audit-results.schema.json`;
+        const singleResultSchemaPath = `${task.artifacts_dir}/dispatch/audit-result.schema.json`;
         const lines = [
             `Audit run: ${task.run_id}`,
             `Read: ${tasksPath}`,
-            "For each task: read all file_paths in full, review under the specified lens,",
-            "and emit one AuditResult with:",
+            `Array schema: ${resultsSchemaPath}`,
+            `Single-result schema: ${singleResultSchemaPath}`,
+            "Scope: review only the tasks listed in the Read file. Do not add tasks,",
+            "edit source files, remediate findings, run unrelated audits, or write result_path.",
+            "For each listed task: read the assigned file_paths under the specified lens,",
+            "using targeted reads/searches where they give complete enough evidence without loading unrelated context,",
+            "and emit exactly one AuditResult object with:",
             "  task_id, unit_id, pass_id, lens (copy from task),",
             "  file_coverage: [{path, total_lines}] — use file_line_counts[path] from the task for each file,",
             "  findings: [] or array of finding objects.",
@@ -19,13 +26,13 @@ export function renderWorkerPrompt(task) {
             "  affected_files [{path, line_start, line_end, symbol}] (objects, not strings; min 1 entry),",
             "  evidence [strings] (min 1 entry).",
             "Constraint: line_end must not exceed total_lines for that file.",
-            `Write all results as a JSON array to: ${task.audit_results_path}`,
+            `Write only the JSON array of AuditResult objects to: ${task.audit_results_path}`,
         ];
         if (usesDeferredWorkerCommand(task)) {
             lines.push("Deferred mode: write results, do not execute worker_command.");
         }
         else {
-            lines.push("Then execute worker_command from task.json exactly.", `Command: ${commandArgv}`);
+            lines.push("After writing audit_results_path, execute worker_command from task.json exactly.", "The worker command ingests audit_results_path and writes result_path.", `Command: ${commandArgv}`);
         }
         return lines.join("\n");
     }

package/dist/providers/index.js

@@ -21,7 +21,7 @@ function commandExists(command) {
     return result.status === 0;
 }
 export function resolveFreshSessionProviderName(name, sessionConfig = {}, options = {}) {
-    const requestedProvider = name ?? sessionConfig.provider ?? "auto";
+    const requestedProvider = name ?? sessionConfig.provider ?? "local-subprocess";
     if (requestedProvider !== "auto") {
         return requestedProvider;
     }

package/dist/supervisor/sessionConfig.js

@@ -4,7 +4,7 @@ import { formatValidationIssues, } from "../validation/basic.js";
 import { validateSessionConfig } from "../validation/sessionConfig.js";
 import { writeJsonFile } from "../io/json.js";
 const SESSION_CONFIG_FILENAME = "session-config.json";
-const DEFAULT_SESSION_CONFIG = { provider: "auto" };
+const DEFAULT_SESSION_CONFIG = { provider: "local-subprocess" };
 export function getSessionConfigPath(artifactsDir) {
     return join(artifactsDir, SESSION_CONFIG_FILENAME);
 }

package/dist/types/graph.d.ts

@@ -12,6 +12,7 @@ export interface GraphBundle {
     graphs: {
         imports?: GraphEdge[];
         calls?: GraphEdge[];
+        references?: GraphEdge[];
         routes?: RouteEdge[];
         [key: string]: unknown;
     };

package/dist/types/reviewPlanning.d.ts

@@ -0,0 +1,41 @@
+import type { AuditTask, Lens } from "../types.js";
+export interface ReviewPacket {
+    packet_id: string;
+    task_ids: string[];
+    unit_ids: string[];
+    pass_ids: string[];
+    lenses: Lens[];
+    file_paths: string[];
+    file_line_counts: Record<string, number>;
+    total_lines: number;
+    priority: NonNullable<AuditTask["priority"]>;
+    tags?: string[];
+    rationale: string;
+    estimated_tokens: number;
+}
+export interface AuditPlanMetrics {
+    generated_at: string;
+    task_count: number;
+    packet_count: number;
+    estimated_agent_reduction: number;
+    estimated_agent_reduction_ratio: number;
+    unique_file_count: number;
+    task_file_reference_count: number;
+    repeated_file_reference_count: number;
+    total_task_lines: number;
+    total_packet_lines: number;
+    repeated_line_reference_count: number;
+    min_task_lines: number;
+    max_task_lines: number;
+    average_task_lines: number;
+    largest_task_id?: string;
+    largest_packet_id?: string;
+    lens_task_counts: Partial<Record<Lens, number>>;
+    priority_task_counts: Record<NonNullable<AuditTask["priority"]>, number>;
+    packet_size: {
+        single_task_packets: number;
+        multi_task_packets: number;
+        max_tasks_per_packet: number;
+        max_files_per_packet: number;
+    };
+}

package/dist/types/reviewPlanning.js

@@ -0,0 +1 @@
+export {};

package/dist/validation/artifacts.js

@@ -40,6 +40,19 @@ export function validateArtifactBundle(bundle) {
     if (bundle.external_analyzer_results) {
         issues.push(...requireKeys(bundle.external_analyzer_results, "external_analyzer_results", ["tool", "results"]));
     }
+    if (bundle.audit_plan_metrics) {
+        issues.push(...requireKeys(bundle.audit_plan_metrics, "audit_plan_metrics", ["generated_at", "task_count", "packet_count"]));
+    }
+    if (bundle.review_packets) {
+        for (const [index, packet] of bundle.review_packets.entries()) {
+            issues.push(...requireKeys(packet, `review_packets:${index}`, [
+                "packet_id",
+                "task_ids",
+                "lenses",
+                "file_paths",
+            ]));
+        }
+    }
     if (bundle.tooling_manifest) {
         issues.push(...requireKeys(bundle.tooling_manifest, "tooling_manifest", ["generated_at", "package_root", "implementation_hash", "inputs"]));
     }

package/dist/validation/sessionConfig.js

@@ -156,7 +156,7 @@ export function validateConfiguredProviderEnvironment(sessionConfig, options = {
     const issues = [];
     const lookupCommand = options.commandExists ?? commandExists;
     const lookupPath = options.pathExists ?? configuredPathExists;
-    const provider = sessionConfig.provider ?? "auto";
+    const provider = sessionConfig.provider ?? "local-subprocess";
     if (provider === "claude-code") {
         const command = sessionConfig.claude_code?.command ?? "claude";
         if (isBareExecutableName(command) && !lookupCommand(command)) {

package/docs/agent-integrations.md

@@ -120,13 +120,13 @@ Use the backend wrapper only when you intentionally need the repo-local fallback
 
 ## What the wrapper actually does
 
-`audit-code` is the stable backend entrypoint.
+`audit-code` is the stable backend entrypoint behind the slash command.
 
 It:
 
 - defaults artifacts to `<repo-root>/.audit-artifacts`
 - persists audit continuity there
-- calls `run-to-completion` by default
+- calls `run-to-completion` by default for deterministic work
 - creates fresh worker runs behind the scenes
 - returns a stable top-level JSON contract with `contract_version: "audit-code/v1alpha1"`
 
@@ -145,13 +145,15 @@ Inspect the returned JSON and continue invoking the same entrypoint until either
 Terminal interpretation:
 
 - `audit_state.status === "complete"` means the audit finished end to end.
-- `audit_state.status === "blocked"` means the wrapper exhausted automatic work and the remaining review still needs imported results or a provider-capable continuation path.
+- `audit_state.status === "blocked"` means the wrapper exhausted deterministic
+  work and exposed scoped semantic-review task artifacts for the slash-command
+  orchestrator.
 
 Current implementation note:
 
 - the backend fallback still supports explicit provider bridges such as `claude-code`, `opencode`, `subprocess-template`, and `vscode-task`
 - those bridges are compatibility modes, not the intended default review owner
-- the intended long-term workflow is documented in [docs/workflow-refactor-brief.md](/C:/Code/auditor-lambda/docs/workflow-refactor-brief.md)
+- the intended workflow is documented in [docs/workflow-refactor-brief.md](/C:/Code/auditor-lambda/docs/workflow-refactor-brief.md)
 
 When additional evidence exists, pass it into the same wrapper:
 
@@ -172,9 +174,15 @@ Use it when the current host cannot keep review inside the active conversation,
 
 Use when you want the supervisor to stay entirely local.
 
-This requires no external agent CLI. Deterministic executors run in-process during normal wrapper runs, and the supervisor only stops once the remaining work is genuinely semantic review.
+This requires no external agent CLI. Deterministic executors run in-process
+during normal wrapper runs, and the supervisor only stops once the remaining
+work is genuinely semantic review.
 
-When that review boundary is reached, `local-subprocess` stops in a terminal blocked handoff instead of pretending more automatic progress is available. Use `--results <file>` for a single batch or `--batch-results <dir>` when the active conversation agent reviewed multiple task batches before ingestion.
+When that review boundary is reached, `local-subprocess` stops in a terminal
+blocked handoff instead of pretending more automatic progress is available.
+The slash-command orchestrator should dispatch subagents from the handoff when
+available; otherwise it should review exactly one task, write results, run the
+provided worker command, and stop.
 
 This is the safest default backend when the repository is already available locally.
 
@@ -255,7 +263,8 @@ Highest-value follow-through:
 
 The product direction remains skill-first:
 
-- in conversation, use the active conversation model by default
+- in conversation, keep orchestration in the active model and delegate semantic
+  review to bounded subagents when the host supports them
 - for backend CLI delegation, let the chosen provider own its own model-selection behavior unless explicitly configured otherwise
 
 ## Practical recommendation
@@ -265,7 +274,7 @@ For a polished operator experience today:
 1. treat `/audit-code` as the canonical user-facing contract
 2. use `audit-code install` first, and fall back to `audit-code prompt-path` only for hosts that still require manual prompt import
 3. use `audit-code` as the repo-local backend fallback
-4. prefer `local-subprocess` unless you want interactive review to continue automatically through agent tasks
+4. prefer `local-subprocess` unless you explicitly want a backend provider bridge
 5. use `subprocess-template` only when integrating a non-native editor or launcher surface
 
 If you intentionally want the backend fallback to bridge semantic review into another process, re-run with an explicit `--provider` flag after configuring the matching section in `.audit-artifacts/session-config.json`.

package/docs/bootstrap-install.md

@@ -7,6 +7,9 @@ audit-code install
 ```
 
 That command installs the repo-local `/audit-code` surfaces we can automate today.
+It is also the single refresh path: rerun `audit-code install` after prompt or
+skill updates to rewrite the shared install assets and every generated
+host-specific surface from the same source files.
 
 After bootstrap, run: