auditor-lambda 0.3.3 → 0.3.5

package/dist/orchestrator/selectiveDeepening.js

@@ -0,0 +1,392 @@
+import { createHash } from "node:crypto";
+const DEFAULT_MAX_DEEPENING_TASKS = 6;
+const DEEPENING_TAG = "selective_deepening";
+const SEVERITY_RANK = {
+    critical: 5,
+    high: 4,
+    medium: 3,
+    low: 2,
+    info: 1,
+};
+const CONFIDENCE_RANK = {
+    high: 3,
+    medium: 2,
+    low: 1,
+};
+function priorityRank(priority) {
+    switch (priority) {
+        case "high":
+            return 3;
+        case "medium":
+            return 2;
+        case "low":
+        default:
+            return 1;
+    }
+}
+function isDeepeningTask(task) {
+    return task?.tags?.includes(DEEPENING_TAG) ?? false;
+}
+function sanitizeSegment(value) {
+    const sanitized = value
+        .replace(/[^a-zA-Z0-9_-]+/g, "-")
+        .replace(/^-+|-+$/g, "");
+    return sanitized.length > 0 ? sanitized : "followup";
+}
+function shortHash(value) {
+    return createHash("sha1").update(value).digest("hex").slice(0, 10);
+}
+function resultLineIndex(result) {
+    return Object.fromEntries(result.file_coverage.map((coverage) => [
+        coverage.path,
+        coverage.total_lines,
+    ]));
+}
+function lineCountForPath(path, task, result, lineIndex) {
+    return (task?.file_line_counts?.[path] ??
+        resultLineIndex(result)[path] ??
+        lineIndex?.[path] ??
+        0);
+}
+function uniqueSorted(values) {
+    return [...new Set(values)].sort((a, b) => a.localeCompare(b));
+}
+function intersects(left, right) {
+    const rightSet = new Set(right);
+    return left.some((value) => rightSet.has(value));
+}
+function pathsForFinding(finding, result, task) {
+    const assignedPaths = new Set([
+        ...(task?.file_paths ?? []),
+        ...result.file_coverage.map((coverage) => coverage.path),
+    ]);
+    const affected = finding.affected_files
+        .map((file) => file.path)
+        .filter((path) => assignedPaths.size === 0 || assignedPaths.has(path));
+    return uniqueSorted(affected.length > 0
+        ? affected
+        : result.file_coverage.map((coverage) => coverage.path));
+}
+function taskIdFor(prefix, values) {
+    return `deepening:${prefix}:${shortHash(values.join("\0"))}`;
+}
+function lineCountFromSources(path, tasks, results, lineIndex) {
+    for (const task of tasks) {
+        const count = task.file_line_counts?.[path];
+        if (count !== undefined) {
+            return count;
+        }
+    }
+    for (const result of results) {
+        const coverage = result.file_coverage.find((item) => item.path === path);
+        if (coverage) {
+            return coverage.total_lines;
+        }
+    }
+    return lineIndex?.[path] ?? 0;
+}
+function buildFindingFollowupTask(params) {
+    const paths = pathsForFinding(params.finding, params.result, params.task);
+    const triggerLabel = params.triggers.join("+");
+    const taskId = taskIdFor("finding", [
+        params.result.task_id,
+        params.finding.id,
+        triggerLabel,
+    ]);
+    const priority = SEVERITY_RANK[params.finding.severity] >= SEVERITY_RANK.high
+        ? "high"
+        : "medium";
+    return {
+        task_id: taskId,
+        unit_id: params.result.unit_id,
+        pass_id: `deepening:${params.result.pass_id}`,
+        lens: params.result.lens,
+        file_paths: paths,
+        file_line_counts: Object.fromEntries(paths.map((path) => [
+            path,
+            lineCountForPath(path, params.task, params.result, params.lineIndex),
+        ])),
+        rationale: `Follow up on ${params.finding.id} (${params.finding.severity}/${params.finding.confidence}) from ${params.result.task_id}. ` +
+            "Verify impact, evidence quality, affected scope, and whether the finding should stand, narrow, or be downgraded.",
+        priority,
+        tags: [
+            DEEPENING_TAG,
+            ...params.triggers.map((trigger) => `trigger:${trigger}`),
+            `source_task:${sanitizeSegment(params.result.task_id)}`,
+            `finding:${sanitizeSegment(params.finding.id)}`,
+        ],
+        status: "pending",
+    };
+}
+function buildConflictFollowupTask(params) {
+    const [first] = params.contexts;
+    const paths = uniqueSorted(params.contexts.flatMap((context) => context.paths));
+    const maxSeverity = Math.max(...params.contexts.map((context) => SEVERITY_RANK[context.finding.severity]));
+    const lineSources = new Map();
+    for (const context of params.contexts) {
+        for (const path of context.paths) {
+            if (!lineSources.has(path)) {
+                lineSources.set(path, { task: context.task, result: context.result });
+            }
+        }
+    }
+    const sourceTaskIds = uniqueSorted(params.contexts.map((context) => context.result.task_id));
+    const findingIds = uniqueSorted(params.contexts.map((context) => context.finding.id));
+    return {
+        task_id: taskIdFor("conflict", [
+            params.conflictKey,
+            ...sourceTaskIds,
+            ...findingIds,
+        ]),
+        unit_id: first?.result.unit_id ?? "selective-deepening",
+        pass_id: `deepening:${first?.result.pass_id ?? "conflict"}`,
+        lens: (first?.result.lens ?? "correctness"),
+        file_paths: paths,
+        file_line_counts: Object.fromEntries(paths.map((path) => {
+            const source = lineSources.get(path);
+            return [
+                path,
+                source
+                    ? lineCountForPath(path, source.task, source.result, params.lineIndex)
+                    : (params.lineIndex?.[path] ?? 0),
+            ];
+        })),
+        rationale: `Reconcile conflicting audit output for ${params.conflictKey}. ` +
+            `Compare source tasks ${sourceTaskIds.join(", ")} and decide the correct severity, confidence, and evidence-backed conclusion.`,
+        priority: maxSeverity >= SEVERITY_RANK.high ? "high" : "medium",
+        tags: [
+            DEEPENING_TAG,
+            "trigger:conflicting_output",
+            ...sourceTaskIds.slice(0, 3).map((id) => `source_task:${sanitizeSegment(id)}`),
+        ],
+        status: "pending",
+    };
+}
+function isHighRiskCleanResult(result, task) {
+    if (result.findings.length > 0 ||
+        result.requires_followup === false ||
+        isDeepeningTask(task)) {
+        return false;
+    }
+    if (!task) {
+        return (result.requires_followup === true &&
+            (result.lens === "security" || result.lens === "data_integrity"));
+    }
+    if (task.priority === "high") {
+        return true;
+    }
+    if (task.tags?.some((tag) => ["critical_flow", "external_analyzer_signal"].includes(tag))) {
+        return true;
+    }
+    return result.requires_followup === true && task.priority === "medium";
+}
+function buildHighRiskCleanFollowupTask(params) {
+    const paths = uniqueSorted((params.task?.file_paths.length ?? 0) > 0
+        ? (params.task?.file_paths ?? [])
+        : params.result.file_coverage.map((coverage) => coverage.path));
+    return {
+        task_id: taskIdFor("clean", [params.result.task_id, params.result.lens]),
+        unit_id: params.result.unit_id,
+        pass_id: `deepening:${params.result.pass_id}`,
+        lens: params.result.lens,
+        file_paths: paths,
+        file_line_counts: Object.fromEntries(paths.map((path) => [
+            path,
+            lineCountForPath(path, params.task, params.result, params.lineIndex),
+        ])),
+        rationale: `Sample high-risk no-finding result from ${params.result.task_id}. ` +
+            "Re-review the assigned files for missed edge cases, hidden runtime failures, and whether the clean conclusion should stand.",
+        priority: params.task?.priority === "high" ? "high" : "medium",
+        tags: [
+            DEEPENING_TAG,
+            "trigger:high_risk_no_finding",
+            `source_task:${sanitizeSegment(params.result.task_id)}`,
+        ],
+        status: "pending",
+    };
+}
+function runtimeResultNeedsFollowup(status) {
+    return status === "not_confirmed" || status === "inconclusive";
+}
+function pickRuntimeFollowupLens(relatedTasks) {
+    const preference = [
+        "security",
+        "data_integrity",
+        "reliability",
+        "correctness",
+        "tests",
+        "operability",
+        "config_deployment",
+        "performance",
+        "architecture",
+        "maintainability",
+    ];
+    for (const lens of preference) {
+        if (relatedTasks.some((task) => task.lens === lens)) {
+            return lens;
+        }
+    }
+    return "correctness";
+}
+function runtimeValidationHasStrongStaticFinding(runtimeTask, contexts) {
+    return contexts.some((context) => intersects(context.paths, runtimeTask.target_paths) &&
+        SEVERITY_RANK[context.finding.severity] >= SEVERITY_RANK.high);
+}
+function buildRuntimeValidationFollowupTask(params) {
+    const paths = uniqueSorted(params.runtimeTask.target_paths);
+    const lens = pickRuntimeFollowupLens(params.relatedTasks);
+    const firstRelated = params.relatedTasks[0];
+    return {
+        task_id: taskIdFor("runtime", [params.runtimeTask.id]),
+        unit_id: firstRelated?.unit_id ?? `runtime:${sanitizeSegment(params.runtimeTask.id)}`,
+        pass_id: `deepening:runtime:${sanitizeSegment(params.runtimeTask.id)}`,
+        lens,
+        file_paths: paths,
+        file_line_counts: Object.fromEntries(paths.map((path) => [
+            path,
+            lineCountFromSources(path, params.relatedTasks, params.results, params.lineIndex),
+        ])),
+        rationale: `Reconcile runtime validation ${params.runtimeTask.id} (${params.runtimeResultStatus}) with semantic audit output. ` +
+            "Verify the failing or inconclusive runtime evidence, map it to source behavior, and decide whether a finding should be added or escalated.",
+        priority: params.runtimeTask.priority === "high" ||
+            params.runtimeResultStatus === "not_confirmed"
+            ? "high"
+            : "medium",
+        tags: [
+            DEEPENING_TAG,
+            "trigger:runtime_validation_disagreement",
+            `runtime_task:${sanitizeSegment(params.runtimeTask.id)}`,
+            `runtime_status:${params.runtimeResultStatus}`,
+        ],
+        status: "pending",
+    };
+}
+function findingContexts(results, taskById) {
+    const contexts = [];
+    for (const result of results) {
+        const task = taskById.get(result.task_id);
+        if (isDeepeningTask(task)) {
+            continue;
+        }
+        for (const finding of result.findings) {
+            contexts.push({
+                result,
+                task,
+                finding,
+                paths: pathsForFinding(finding, result, task),
+            });
+        }
+    }
+    return contexts;
+}
+function conflictGroups(contexts) {
+    const groups = new Map();
+    for (const context of contexts) {
+        for (const path of context.paths) {
+            const key = [
+                context.result.lens,
+                context.finding.category,
+                path.toLowerCase(),
+            ].join(":");
+            const group = groups.get(key) ?? [];
+            group.push(context);
+            groups.set(key, group);
+        }
+    }
+    for (const [key, group] of groups) {
+        const uniqueTasks = new Set(group.map((context) => context.result.task_id));
+        const severities = group.map((context) => SEVERITY_RANK[context.finding.severity]);
+        const confidences = group.map((context) => CONFIDENCE_RANK[context.finding.confidence]);
+        const severitySpread = Math.max(...severities) - Math.min(...severities);
+        const confidenceSpread = Math.max(...confidences) - Math.min(...confidences);
+        if (uniqueTasks.size < 2 || (severitySpread < 2 && confidenceSpread < 2)) {
+            groups.delete(key);
+        }
+    }
+    return groups;
+}
+export function buildSelectiveDeepeningTasks(options) {
+    const taskById = new Map((options.existingTasks ?? []).map((task) => [task.task_id, task]));
+    const existingTasks = options.existingTasks ?? [];
+    const existingIds = new Set(taskById.keys());
+    const maxTasks = options.maxTasks ?? DEFAULT_MAX_DEEPENING_TASKS;
+    const created = [];
+    function pushIfNew(task) {
+        if (created.length >= maxTasks || existingIds.has(task.task_id)) {
+            return;
+        }
+        existingIds.add(task.task_id);
+        created.push(task);
+    }
+    const contexts = findingContexts(options.results, taskById);
+    for (const context of contexts) {
+        const triggers = [];
+        if (SEVERITY_RANK[context.finding.severity] >= SEVERITY_RANK.high) {
+            triggers.push("high_severity");
+        }
+        if (context.finding.confidence === "low") {
+            triggers.push("low_confidence");
+        }
+        if (triggers.length === 0) {
+            continue;
+        }
+        pushIfNew(buildFindingFollowupTask({
+            result: context.result,
+            task: context.task,
+            finding: context.finding,
+            triggers,
+            lineIndex: options.lineIndex,
+        }));
+    }
+    for (const [key, group] of [...conflictGroups(contexts).entries()].sort(([a], [b]) => a.localeCompare(b))) {
+        pushIfNew(buildConflictFollowupTask({
+            contexts: group,
+            conflictKey: key,
+            lineIndex: options.lineIndex,
+        }));
+    }
+    const runtimeTaskById = new Map((options.runtimeValidationTasks?.tasks ?? []).map((task) => [
+        task.id,
+        task,
+    ]));
+    for (const result of [...(options.runtimeValidationReport?.results ?? [])].sort((a, b) => a.task_id.localeCompare(b.task_id))) {
+        if (!runtimeResultNeedsFollowup(result.status)) {
+            continue;
+        }
+        const runtimeTask = runtimeTaskById.get(result.task_id);
+        if (!runtimeTask || runtimeTask.target_paths.length === 0) {
+            continue;
+        }
+        if (runtimeValidationHasStrongStaticFinding(runtimeTask, contexts)) {
+            continue;
+        }
+        const relatedTasks = existingTasks.filter((task) => !isDeepeningTask(task) && intersects(task.file_paths, runtimeTask.target_paths));
+        pushIfNew(buildRuntimeValidationFollowupTask({
+            runtimeTask,
+            runtimeResultStatus: result.status,
+            relatedTasks,
+            results: options.results,
+            lineIndex: options.lineIndex,
+        }));
+    }
+    const cleanResults = options.results
+        .map((result) => ({ result, task: taskById.get(result.task_id) }))
+        .filter(({ result, task }) => isHighRiskCleanResult(result, task))
+        .sort((a, b) => {
+        const priorityDelta = priorityRank(b.task?.priority) - priorityRank(a.task?.priority);
+        if (priorityDelta !== 0)
+            return priorityDelta;
+        return a.result.task_id.localeCompare(b.result.task_id);
+    });
+    for (const { result, task } of cleanResults) {
+        pushIfNew(buildHighRiskCleanFollowupTask({
+            result,
+            task,
+            lineIndex: options.lineIndex,
+        }));
+    }
+    return created;
+}
+export const selectiveDeepeningTestUtils = {
+    DEEPENING_TAG,
+};

package/dist/orchestrator/state.js

@@ -43,13 +43,18 @@ export function deriveAuditState(bundle) {
         "requeue_tasks.json",
     ], planningReady)));
     const hasRequiredCoverage = bundle.coverage_matrix?.files.every((f) => f.required_lenses.every((req) => f.completed_lenses.includes(req))) ?? true;
+    const completedTaskIds = new Set((bundle.audit_results ?? []).map((result) => result.task_id));
+    const hasPendingAuditTasks = bundle.audit_tasks?.some((task) => task.status !== "complete" && !completedTaskIds.has(task.task_id)) ?? false;
     const hasCompletedTaskStatuses = bundle.audit_tasks?.length
         ? bundle.audit_tasks.every((task) => task.status === "complete")
         : false;
     const hasResultForEveryTask = bundle.audit_tasks?.length && bundle.audit_results
         ? bundle.audit_tasks.every((task) => bundle.audit_results?.some((result) => result.task_id === task.task_id))
         : false;
-    if (!hasRequiredCoverage &&
+    if (hasPendingAuditTasks) {
+        obligations.push(obligation("audit_tasks_completed", "missing"));
+    }
+    else if (!hasRequiredCoverage &&
         !hasCompletedTaskStatuses &&
         !hasResultForEveryTask &&
         has(bundle.audit_tasks) &&

package/dist/orchestrator/taskBuilder.d.ts

@@ -11,6 +11,22 @@ export interface BuildChunkedTaskOptions {
      * splitting entirely.
      */
     file_split_threshold?: number;
+    /**
+     * Approximate total line budget for a review task. Multi-file blocks above
+     * this budget are split into multiple bounded review tasks. Default: 1500.
+     * Set to 0 to disable aggregate line-budget splitting.
+     */
+    max_task_lines?: number;
+    /**
+     * Maximum number of files in one review task. Default: 8. Set to 0 to
+     * disable aggregate file-count splitting.
+     */
+    max_task_files?: number;
+    /**
+     * Test files at or below this size can be batched across unit boundaries.
+     * Default: 250. Set to 0 to disable tiny-test batching.
+     */
+    tiny_test_file_lines?: number;
     limit_lenses?: Lens[];
     external_analyzer_results?: ExternalAnalyzerResults;
     critical_flows?: CriticalFlowManifest;

package/dist/orchestrator/taskBuilder.js

@@ -1,6 +1,7 @@
 import { claimFlowReviewBlocks } from "./flowPlanning.js";
 import { isTrivialAuditPath } from "./trivialAudit.js";
 import { LENS_ORDER } from "./unitBuilder.js";
+import { isTestPath, normalizeExtractorPath, } from "../extractors/pathPatterns.js";
 function taskPriority(hasExternalSignal, lens, isCriticalFlow = false) {
     if (isCriticalFlow) {
         return lens === "security" || lens === "reliability" || lens === "correctness"
@@ -46,6 +47,10 @@ function pickAnalyzerLens(category) {
     return "correctness";
 }
 const DEFAULT_FILE_SPLIT_THRESHOLD = 3000;
+const DEFAULT_MAX_TASK_LINES = 1500;
+const DEFAULT_MAX_TASK_FILES = 8;
+const DEFAULT_TINY_TEST_FILE_LINES = 250;
+const TINY_TEST_UNIT_ID = "tests-tiny-files";
 function buildCoverageIndex(coverageMatrix) {
     return new Map(coverageMatrix.files.map((file) => [file.path, file]));
 }
@@ -71,6 +76,9 @@ function getExternalSignalResults(externalAnalyzerResults) {
 }
 export function buildChunkedAuditTasks(coverageMatrix, unitLineIndex, options = {}) {
     const fileSplitThreshold = options.file_split_threshold ?? DEFAULT_FILE_SPLIT_THRESHOLD;
+    const maxTaskLines = options.max_task_lines ?? DEFAULT_MAX_TASK_LINES;
+    const maxTaskFiles = options.max_task_files ?? DEFAULT_MAX_TASK_FILES;
+    const tinyTestFileLines = options.tiny_test_file_lines ?? DEFAULT_TINY_TEST_FILE_LINES;
     const allowed = new Set(options.limit_lenses ?? []);
     const enforceLensFilter = allowed.size > 0;
     const tasks = [];
@@ -97,14 +105,48 @@ export function buildChunkedAuditTasks(coverageMatrix, unitLineIndex, options =
             pendingByLens.set(lens, pending);
         }
     }
+    function chunkByTaskBudget(filePaths) {
+        if (filePaths.length === 0) {
+            return [];
+        }
+        if (maxTaskLines <= 0 && maxTaskFiles <= 0) {
+            return [filePaths];
+        }
+        const chunks = [];
+        let current = [];
+        let currentLines = 0;
+        for (const path of filePaths) {
+            const lineCount = unitLineIndex[path] ?? 0;
+            const wouldExceedFiles = maxTaskFiles > 0 && current.length >= maxTaskFiles;
+            const wouldExceedLines = maxTaskLines > 0 &&
+                current.length > 0 &&
+                currentLines + lineCount > maxTaskLines;
+            if (wouldExceedFiles || wouldExceedLines) {
+                chunks.push(current);
+                current = [];
+                currentLines = 0;
+            }
+            current.push(path);
+            currentLines += lineCount;
+        }
+        if (current.length > 0) {
+            chunks.push(current);
+        }
+        return chunks;
+    }
     function addTaskBlock(params) {
         const oversizedFiles = fileSplitThreshold > 0
             ? params.filePaths.filter((path) => (unitLineIndex[path] ?? 0) > fileSplitThreshold)
             : [];
         const oversizedSet = new Set(oversizedFiles);
         const normalFiles = params.filePaths.filter((path) => !oversizedSet.has(path));
-        if (normalFiles.length > 0) {
-            const taskId = `${params.scopeId}:${params.lens}`;
+        const normalChunks = chunkByTaskBudget(normalFiles);
+        for (let index = 0; index < normalChunks.length; index++) {
+            const chunk = normalChunks[index];
+            const splitKind = normalChunks.length > 1 ? "budget" : "none";
+            const taskId = splitKind === "budget"
+                ? `${params.scopeId}:${params.lens}:part-${index + 1}`
+                : `${params.scopeId}:${params.lens}`;
             if (!seen.has(taskId)) {
                 seen.add(taskId);
                 tasks.push({
@@ -112,10 +154,14 @@ export function buildChunkedAuditTasks(coverageMatrix, unitLineIndex, options =
                     unit_id: params.unitId,
                     pass_id: params.passId,
                     lens: params.lens,
-                    file_paths: normalFiles,
-                    rationale: params.rationale(normalFiles, false),
+                    file_paths: chunk,
+                    rationale: params.rationale(chunk, splitKind),
                     priority: params.priority,
-                    tags: params.tags.length > 0 ? params.tags : undefined,
+                    tags: splitKind === "budget"
+                        ? [...new Set([...params.tags, "line_budget_split"])]
+                        : params.tags.length > 0
+                            ? params.tags
+                            : undefined,
                 });
             }
         }
@@ -131,7 +177,7 @@ export function buildChunkedAuditTasks(coverageMatrix, unitLineIndex, options =
                 pass_id: params.passId,
                 lens: params.lens,
                 file_paths: [filePath],
-                rationale: params.rationale([filePath], true),
+                rationale: params.rationale([filePath], "large_file"),
                 priority: params.priority,
                 tags: params.tags.length > 0
                     ? [...new Set([...params.tags, "large_file"])]
@@ -155,9 +201,11 @@ export function buildChunkedAuditTasks(coverageMatrix, unitLineIndex, options =
             tags: hasExternalSignal
                 ? ["critical_flow", `critical_flow:${block.flow_id}`, "external_analyzer_signal"]
                 : ["critical_flow", `critical_flow:${block.flow_id}`],
-            rationale: (filePaths, splitFromBlock) => splitFromBlock
+            rationale: (filePaths, splitKind) => splitKind === "large_file"
                 ? `Audit ${filePaths[0]} (large file from critical flow ${block.flow_id}) under the ${block.lens} lens.${hasExternalSignal ? " External analyzer signals raise priority." : ""}`
-                : `Audit critical flow ${block.flow_id} (${filePaths.length} file${filePaths.length === 1 ? "" : "s"}) under the ${block.lens} lens.${hasExternalSignal ? " External analyzer signals raise priority." : ""}`,
+                : splitKind === "budget"
+                    ? `Audit part of critical flow ${block.flow_id} (${filePaths.length} file${filePaths.length === 1 ? "" : "s"}) under the ${block.lens} lens.${hasExternalSignal ? " External analyzer signals raise priority." : ""}`
+                    : `Audit critical flow ${block.flow_id} (${filePaths.length} file${filePaths.length === 1 ? "" : "s"}) under the ${block.lens} lens.${hasExternalSignal ? " External analyzer signals raise priority." : ""}`,
         });
     }
     const groupedRemainders = new Map();
@@ -170,8 +218,15 @@ export function buildChunkedAuditTasks(coverageMatrix, unitLineIndex, options =
             if (assigned.has(`${lens}:${path}`)) {
                 continue;
             }
+            const lineCount = unitLineIndex[path] ?? 0;
+            const isTinyTestReview = tinyTestFileLines > 0 &&
+                lineCount <= tinyTestFileLines &&
+                isTestPath(normalizeExtractorPath(path)) &&
+                !externalPaths.has(path);
             const record = coverageByPath.get(path);
-            const unitId = record?.unit_ids[0] ?? `review:${path.replace(/[^a-zA-Z0-9_-]/g, "-")}`;
+            const unitId = isTinyTestReview
+                ? TINY_TEST_UNIT_ID
+                : record?.unit_ids[0] ?? `review:${path.replace(/[^a-zA-Z0-9_-]/g, "-")}`;
             const key = `${lens}|${unitId}`;
             const current = groupedRemainders.get(key) ?? {
                 lens,
@@ -197,9 +252,11 @@ export function buildChunkedAuditTasks(coverageMatrix, unitLineIndex, options =
             filePaths: block.filePaths,
             priority: taskPriority(hasExternalSignal, block.lens),
             tags: hasExternalSignal ? ["external_analyzer_signal"] : [],
-            rationale: (filePaths, splitFromBlock) => splitFromBlock
+            rationale: (filePaths, splitKind) => splitKind === "large_file"
                 ? `Audit ${filePaths[0]} (large file split from ${block.unitId}) under the ${block.lens} lens.${hasExternalSignal ? " External analyzer signals raise priority." : ""}`
-                : `Audit ${block.unitId} (${filePaths.length} file${filePaths.length === 1 ? "" : "s"}) under the ${block.lens} lens.${hasExternalSignal ? " External analyzer signals raise priority." : ""}`,
+                : splitKind === "budget"
+                    ? `Audit part of ${block.unitId} (${filePaths.length} file${filePaths.length === 1 ? "" : "s"}) under the ${block.lens} lens.${hasExternalSignal ? " External analyzer signals raise priority." : ""}`
+                    : `Audit ${block.unitId} (${filePaths.length} file${filePaths.length === 1 ? "" : "s"}) under the ${block.lens} lens.${hasExternalSignal ? " External analyzer signals raise priority." : ""}`,
         });
     }
     return tasks.sort((a, b) => {

package/dist/prompts/renderWorkerPrompt.js

@@ -16,7 +16,8 @@ export function renderWorkerPrompt(task) {
             `Single-result schema: ${singleResultSchemaPath}`,
             "Scope: review only the tasks listed in the Read file. Do not add tasks,",
             "edit source files, remediate findings, run unrelated audits, or write result_path.",
-            "For each listed task: read all file_paths in full, review under the specified lens,",
+            "For each listed task: read the assigned file_paths under the specified lens,",
+            "using targeted reads/searches where they give complete enough evidence without loading unrelated context,",
             "and emit exactly one AuditResult object with:",
             "  task_id, unit_id, pass_id, lens (copy from task),",
             "  file_coverage: [{path, total_lines}] — use file_line_counts[path] from the task for each file,",

package/dist/providers/claudeCodeProvider.js

@@ -21,7 +21,9 @@ export class ClaudeCodeProvider {
             "-p",
             prompt,
             ...(this.config.extra_args ?? []),
-            "--dangerously-skip-permissions",
+            ...(this.config.dangerously_skip_permissions
+                ? ["--dangerously-skip-permissions"]
+                : []),
         ];
         return await this.launchCommand(command, args, input);
     }

package/dist/providers/index.js

@@ -9,7 +9,8 @@ function hasEntries(values) {
 }
 function hasConfiguredClaudeCode(sessionConfig) {
     return (Boolean(sessionConfig.claude_code?.command?.trim()) ||
-        hasEntries(sessionConfig.claude_code?.extra_args));
+        hasEntries(sessionConfig.claude_code?.extra_args) ||
+        sessionConfig.claude_code?.dangerously_skip_permissions === true);
 }
 function hasConfiguredOpenCode(sessionConfig) {
     return (Boolean(sessionConfig.opencode?.command?.trim()) ||