auditor-lambda 0.3.30 → 0.3.33

package/README.md

@@ -138,7 +138,8 @@ audit-code next-step
 
 This writes `.audit-artifacts/steps/current-step.json` and
 `.audit-artifacts/steps/current-prompt.md`; hosts should follow only the
-returned step prompt.
+returned step prompt. MCP tools are compatibility adapters over this same
+`next-step` contract rather than a separate orchestration path.
 
 For an operator-side artifact consistency check:
 

package/audit-code-wrapper-lib.mjs

@@ -580,16 +580,17 @@ function replaceBackslashes(value) {
 function renderVSCodeAgentFile() {
   return [
     '---',
-    'description: Plan and orchestrate /audit-code with the installed auditor MCP server before making code changes.',
+    'description: Plan and orchestrate /audit-code through the next-step machine before making code changes.',
     '---',
     '',
     '# Auditor Agent',
     '',
-    'Use the installed auditor MCP server as the primary integration surface for the audit workflow.',
+    'Use `audit-code next-step` as the primary integration surface for the audit workflow. The installed auditor MCP server is a compatibility adapter over the same step contract.',
     '',
     'When the user asks to run or continue `/audit-code`:',
     '',
-    '- call the `start_audit`, `get_status`, and `continue_audit` MCP tools instead of reconstructing backend state manually',
+    '- run `audit-code next-step` directly when shell access is available',
+    '- if MCP is the only available integration, call `start_audit`, `get_status`, and `continue_audit`; those tools return the same one-step contract',
     '- read `audit-code://handoff/current` and `audit-code://artifacts/current` when the audit blocks or you need current context',
     '- prefer imported audit results and runtime updates over ad hoc manual state edits',
     '- treat the deterministic audit report as the final source of truth once the audit completes',
@@ -615,7 +616,7 @@ function renderCodexMcpSetupGuide(root) {
     `args = ["${replaceBackslashes(toRepoRelativePath(root, join(root, '.audit-code', 'install', MCP_LAUNCHER_FILENAME)))}"]`,
     '```',
     '',
-    'Once the server is registered, ask Codex to use the `auditor` MCP tools to start or continue the audit.',
+    'Prefer `audit-code next-step` directly. Use the registered `auditor` MCP tools only when shell access is unavailable; they return the same one-step contract.',
     '',
   ].join('\n');
 }
@@ -626,9 +627,9 @@ function renderCodexAutomationRecipe() {
     '',
     'Suggested recurring task:',
     '',
-    '- Prompt: Re-run the autonomous audit workflow for this repository. Use the installed auditor MCP tools, summarize only new or regressed findings, and stop once the deterministic report is current.',
+    '- Prompt: Re-run the autonomous audit workflow for this repository with `audit-code next-step`, summarize only new or regressed findings, and stop once the deterministic report is current.',
     '- Cadence: daily on active branches or before release cut-offs',
-    '- Inputs: repository root plus the installed `auditor` MCP server',
+    '- Inputs: repository root; the installed `auditor` MCP server is optional compatibility plumbing',
     '',
     'Use this recipe as a starting point for a Codex automation once the local workflow is stable in your environment.',
     '',
@@ -706,16 +707,17 @@ function renderOpenCodePermissionConfig() {
 const OPENCODE_MCP_COMMAND_TEMPLATE = [
   '# audit-code',
   '',
-  'Use the auditor MCP tools as the primary interface to the audit workflow.',
+  'Use `audit-code next-step` as the primary interface to the audit workflow.',
   '',
-  '1. Call `auditor_start_audit` to initialize and receive the first step.',
-  '2. Read `prompt_content` in the response and follow it.',
-  '3. When a step completes (not blocked), call `auditor_continue_audit` to advance.',
-  '4. Stop when the step instructions say to stop.',
+  '1. Run `audit-code next-step` directly when shell access is available.',
+  '2. If MCP is your only available interface, call `auditor_start_audit` or `auditor_continue_audit`; both return the same one-step contract.',
+  '3. Read `prompt_content` in the response and follow it.',
+  '4. When a step completes (not blocked), run `audit-code next-step` again or call `auditor_continue_audit` as the compatibility adapter.',
+  '5. Stop when the step instructions say to stop.',
   '',
-  'Do not run shell commands. Use only `auditor_*` MCP tools and the `task` tool for subagent dispatch.',
+  'Use the `task` tool or equivalent for subagent dispatch when the step tells you to fan out review work.',
   '',
-  'If `auditor_start_audit` is not listed in your available tools, stop immediately and tell the user the auditor MCP server is not connected. Do not read local files as a fallback.',
+  'If neither shell access nor `auditor_start_audit` is available, stop and report that no next-step interface is connected.',
 ].join('\n');
 
 function renderOpenCodeProjectConfig(_root) {
@@ -939,7 +941,7 @@ function renderClaudeDesktopProjectTemplate() {
     'Suggested project instructions:',
     '',
     '- Treat `/audit-code` as the canonical autonomous audit workflow for this repository.',
-    '- Prefer the installed auditor MCP tools over recreating state manually.',
+    '- Prefer `audit-code next-step`; use the installed auditor MCP tools only as a compatibility adapter over the same step contract.',
     '- Read the operator handoff and artifact resources before asking for more context.',
     '- Present the final deterministic audit report as work blocks first.',
     '',
@@ -951,7 +953,7 @@ function renderClaudeDesktopProjectTemplate() {
     '',
     'Starter prompt:',
     '',
-    '> Start `/audit-code` for this repository using the installed auditor MCP tools. Continue until the audit is complete or blocked for operator input, and summarize the current handoff status before you stop.',
+    '> Start `/audit-code` for this repository using `audit-code next-step`. Continue until the audit is complete or blocked for operator input, and summarize the current handoff status before you stop.',
     '',
   ].join('\n');
 }
@@ -981,7 +983,7 @@ function renderAntigravityPlanningGuide(root) {
     '',
     '1. Open Antigravity in Planning mode.',
     '2. Load the repo-local prompt asset or the AGENTS instructions before starting the audit conversation.',
-    '3. Ask Antigravity to use the installed auditor MCP server for structured state inspection and continuation.',
+    '3. Ask Antigravity to use `audit-code next-step` directly. The installed auditor MCP server is available only as compatibility plumbing when direct shell access is unavailable.',
     '4. Review Antigravity artifacts before accepting major code changes or imported evidence.',
     '',
     'Recommended repo-local paths:',
@@ -1266,9 +1268,9 @@ async function buildClaudeDesktopBundle(root, results) {
     name: 'auditor-lambda',
     display_name: 'Auditor Lambda',
     version: packageVersion,
-    description: 'Local MCP bundle for the /audit-code autonomous audit workflow.',
+    description: 'Compatibility MCP bundle for the /audit-code autonomous audit workflow.',
     long_description:
-      'Runs the auditor-lambda MCP server locally so Claude Desktop can start, inspect, and continue repository audits with structured tools, resources, and prompts.',
+      'Runs a local compatibility MCP adapter whose start and continue tools return the same audit-code next-step contract as the direct CLI loop.',
     author: {
       name: 'auditor-lambda',
       url: 'https://github.com/OhOkThisIsFine/auditor-lambda',
@@ -1371,6 +1373,18 @@ const INSTALL_HOST_DEFINITIONS = {
     profile: {
       writeAgents: true,
     },
+    async verify({ checks, assetPaths, collectVerifyCheck: collect }) {
+      await collect(checks, 'codex_global_surface', async () => {
+        const content = await readFile(assetPaths.agentsInstructionsPath, 'utf8');
+        if (!content.includes('/audit-code')) {
+          throw new Error(`AGENTS instructions do not reference /audit-code: ${assetPaths.agentsInstructionsPath}`);
+        }
+        return {
+          summary: 'Codex uses the global skill surface with AGENTS fallback instructions.',
+          path: assetPaths.agentsInstructionsPath,
+        };
+      });
+    },
   },
   'claude-desktop': {
     host: 'claude-desktop',
@@ -1378,7 +1392,7 @@ const INSTALL_HOST_DEFINITIONS = {
     support_level: 'supported',
     setup_kind: 'local-mcp-bundle',
     summary:
-      'Install the generated local MCP bundle in Claude Desktop, then use the project template and prompt asset as supporting context.',
+      'Install the generated local MCP compatibility bundle in Claude Desktop, then use the project template and prompt asset as supporting context.',
     primary_path_key: 'claudeDesktopDxtPath',
     supporting_path_keys: [
       'claudeDesktopMcpbPath',
@@ -1388,12 +1402,91 @@ const INSTALL_HOST_DEFINITIONS = {
     ],
     steps: [
       'Open Claude Desktop Settings and install the generated `.dxt` bundle.',
-      'Configure the repository root when prompted so the bundle can launch the local auditor MCP server.',
+      'Configure the repository root when prompted so the bundle can launch the local auditor MCP adapter.',
       'Use the project template and prompt asset to kick off `/audit-code` in conversation.',
     ],
     profile: {
       writeClaudeDesktop: true,
     },
+    async verify({ checks, root, assetPaths, collectVerifyCheck: collect }) {
+      const bundleManifestPath = join(
+        root,
+        '.audit-code',
+        'install',
+        'claude-desktop',
+        'bundle',
+        'manifest.json',
+      );
+      const bundleServerPath = join(
+        root,
+        '.audit-code',
+        'install',
+        'claude-desktop',
+        'bundle',
+        'server',
+        'index.js',
+      );
+
+      await collect(checks, 'claude_bundle_manifest', async () => {
+        const manifest = await readJson(bundleManifestPath, 'Claude Desktop bundle manifest');
+        if (manifest?.server?.entry_point !== 'server/index.js') {
+          throw new Error(`Claude Desktop bundle manifest has an unexpected entry_point: ${manifest?.server?.entry_point ?? 'missing'}.`);
+        }
+        return {
+          summary: 'Claude Desktop bundle manifest parsed successfully.',
+          path: bundleManifestPath,
+        };
+      });
+      await collect(checks, 'claude_connector_template', async () => {
+        const connector = await readJson(
+          assetPaths.claudeDesktopRemoteConnectorPath,
+          'Claude Desktop remote connector template',
+        );
+        if (connector?.transport !== 'remote-mcp') {
+          throw new Error(`Claude Desktop remote connector transport must be "remote-mcp", got ${connector?.transport ?? 'missing'}.`);
+        }
+        return {
+          summary: 'Claude Desktop remote connector template parsed successfully.',
+          path: assetPaths.claudeDesktopRemoteConnectorPath,
+        };
+      });
+      await collect(checks, 'claude_dxt_archive', async () => ({
+        summary: 'Claude Desktop .dxt bundle is present.',
+        path: assetPaths.claudeDesktopDxtPath,
+        size_bytes: await verifyZipFile(
+          assetPaths.claudeDesktopDxtPath,
+          'Claude Desktop .dxt bundle',
+        ),
+      }));
+      await collect(checks, 'claude_mcpb_archive', async () => ({
+        summary: 'Claude Desktop .mcpb bundle is present.',
+        path: assetPaths.claudeDesktopMcpbPath,
+        size_bytes: await verifyZipFile(
+          assetPaths.claudeDesktopMcpbPath,
+          'Claude Desktop .mcpb bundle',
+        ),
+      }));
+      await collect(checks, 'claude_bundle_mcp', async () => {
+        const probe = await probeMcpServer({
+          label: 'Claude Desktop bundle server',
+          command: process.execPath,
+          args: [bundleServerPath],
+          cwd: root,
+          env: {
+            AUDIT_CODE_REPO_ROOT: root,
+            AUDIT_CODE_ARTIFACTS_DIR: join(root, '.audit-artifacts'),
+          },
+        });
+        const toolNames = (probe.tools?.tools ?? []).map((tool) => tool.name);
+        if (!toolNames.includes('start_audit')) {
+          throw new Error('Claude Desktop bundle server did not expose the start_audit tool.');
+        }
+        return {
+          summary: 'Claude Desktop bundle completed an MCP handshake.',
+          tool_count: toolNames.length,
+        };
+      });
+    },
   },
   opencode: {
     host: 'opencode',
@@ -1401,7 +1494,7 @@ const INSTALL_HOST_DEFINITIONS = {
     support_level: 'supported',
     setup_kind: 'global-command+project-mcp',
     summary:
-      'Use the global OpenCode `/audit-code` command installed by npm plus generated project MCP and permission wiring.',
+      'Use the global OpenCode `/audit-code` command installed by npm plus generated project permissions; MCP is compatibility-only.',
     primary_path_key: 'opencodeConfigPath',
     supporting_path_keys: [
       'agentsInstructionsPath',
@@ -1410,12 +1503,29 @@ const INSTALL_HOST_DEFINITIONS = {
     steps: [
       'Open this repository in OpenCode.',
       'Use the global `/audit-code` command installed by `npm install -g auditor-lambda`.',
-      'Let OpenCode load the generated `opencode.json` for the auditor MCP server and project permissions only.',
+      'Let OpenCode load the generated `opencode.json` for project permissions; the global command drives `audit-code next-step` directly.',
     ],
     profile: {
       writeOpenCode: true,
       writeAgents: true,
     },
+    async verify({ checks, assetPaths, collectVerifyCheck: collect }) {
+      await collect(checks, 'opencode_config', async () => {
+        const config = await readJson(assetPaths.opencodeConfigPath, 'OpenCode project config');
+        if (config?.command?.['audit-code']) {
+          throw new Error('OpenCode project config must not define command["audit-code"]; the slash command is global npm-installed state. Run "audit-code install --host opencode" to remove the stale local command.');
+        }
+        if (config?.mcp?.auditor) {
+          throw new Error('OpenCode project config must not define mcp.auditor; the MCP server is supplied by the global npm-installed config. Run "audit-code install --host opencode" to remove the stale project-level MCP entry.');
+        }
+        assertOpenCodeAuditPermissionConfig(config?.permission, 'permission');
+        assertOpenCodeAuditPermissionConfig(config?.agent?.auditor?.permission, 'agent.auditor.permission');
+        return {
+          summary: 'OpenCode project config has audit permissions; /audit-code is supplied by the global npm-installed config.',
+          path: assetPaths.opencodeConfigPath,
+        };
+      });
+    },
   },
   vscode: {
     host: 'vscode',
@@ -1423,7 +1533,7 @@ const INSTALL_HOST_DEFINITIONS = {
     support_level: 'supported',
     setup_kind: 'prompt+agent+mcp',
     summary:
-      'Use the generated prompt file, custom agent, and workspace MCP configuration for the cleanest VS Code integration.',
+      'Use the generated prompt file and custom agent for next-step-first VS Code integration; workspace MCP is compatibility-only.',
     primary_path_key: 'vscodePromptPath',
     supporting_path_keys: [
       'vscodeAgentPath',
@@ -1432,13 +1542,46 @@ const INSTALL_HOST_DEFINITIONS = {
     ],
     steps: [
       'Open this repository in VS Code with Copilot.',
-      'Allow VS Code to discover the workspace MCP server from `.vscode/mcp.json`.',
-      'Invoke `/audit-code` in chat and use the custom auditor agent when you want the dedicated orchestration persona.',
+      'Invoke `/audit-code` from the generated prompt or chat so the workflow calls `audit-code next-step` directly.',
+      'Use the workspace MCP adapter only when direct shell access is unavailable.',
     ],
     profile: {
       writeVSCode: true,
       writeCopilotInstructions: true,
     },
+    async verify({ checks, assetPaths, collectVerifyCheck: collect }) {
+      await collect(checks, 'vscode_prompt', async () => {
+        const content = await readFile(assetPaths.vscodePromptPath, 'utf8');
+        if (!content.includes('name: audit-code')) {
+          throw new Error(`VS Code prompt file is missing the expected frontmatter name: ${assetPaths.vscodePromptPath}`);
+        }
+        const { body: promptBody } = splitFrontmatter(content);
+        const { body: sourceBody } = splitFrontmatter(await readFile(promptAssetPath, 'utf8'));
+        if (promptBody !== sourceBody.trimStart()) {
+          throw new Error(
+            `VS Code prompt body is out of sync with the source prompt. Run "audit-code install --host vscode" or "audit-code install".`,
+          );
+        }
+        return {
+          summary: 'VS Code prompt file is present and uses the source prompt body.',
+          path: assetPaths.vscodePromptPath,
+        };
+      });
+      await collect(checks, 'vscode_mcp_config', async () => {
+        const config = await readJson(assetPaths.vscodeMcpConfigPath, 'VS Code MCP config');
+        const args = config?.servers?.auditor?.args;
+        if (config?.servers?.auditor?.command !== 'node') {
+          throw new Error(`VS Code MCP config must use node as the command, got ${config?.servers?.auditor?.command ?? 'missing'}.`);
+        }
+        if (!Array.isArray(args) || args[0] !== '${workspaceFolder}/.audit-code/install/run-mcp-server.mjs') {
+          throw new Error(`VS Code MCP config must point at \${workspaceFolder}/.audit-code/install/${MCP_LAUNCHER_FILENAME}.`);
+        }
+        return {
+          summary: 'VS Code MCP config parsed successfully.',
+          path: assetPaths.vscodeMcpConfigPath,
+        };
+      });
+    },
   },
   antigravity: {
     host: 'antigravity',
@@ -1446,7 +1589,7 @@ const INSTALL_HOST_DEFINITIONS = {
     support_level: 'supported',
     setup_kind: 'agent-skill+gemini-command+planning-guide+mcp-ready',
     summary:
-      'Uses the project-scoped .agent/skills/audit-code/SKILL.md skill, the .gemini/commands/audit-code.toml slash command, the planning guide, and AGENTS instructions. The shared MCP launcher is available for structured tool calls.',
+      'Uses the project-scoped .agent/skills/audit-code/SKILL.md skill, the .gemini/commands/audit-code.toml slash command, the planning guide, and AGENTS instructions. The shared MCP launcher is compatibility-only.',
     primary_path_key: 'antigravitySkillPath',
     supporting_path_keys: [
       'geminiCommandPath',
@@ -1459,12 +1602,34 @@ const INSTALL_HOST_DEFINITIONS = {
       'Open this repository in Antigravity.',
       'The audit-code skill is automatically discovered from .agent/skills/audit-code/SKILL.md.',
       'The /audit-code slash command is also available from .gemini/commands/audit-code.toml.',
-      'Use the shared auditor MCP server when Antigravity needs structured audit state instead of free-form shell guesses.',
+      'Use `audit-code next-step` directly; use the shared auditor MCP launcher only when direct shell access is unavailable.',
     ],
     profile: {
       writeAntigravity: true,
       writeAgents: true,
     },
+    async verify({ checks, assetPaths, collectVerifyCheck: collect }) {
+      await collect(checks, 'antigravity_skill', async () => {
+        const content = await readFile(assetPaths.antigravitySkillPath, 'utf8');
+        if (!content.includes('name: audit-code')) {
+          throw new Error('Antigravity skill SKILL.md must contain "name: audit-code" in frontmatter.');
+        }
+        return {
+          summary: 'Antigravity .agent/skills/audit-code/SKILL.md is present and valid.',
+          path: assetPaths.antigravitySkillPath,
+        };
+      });
+      await collect(checks, 'antigravity_guide', async () => {
+        const content = await readFile(assetPaths.antigravityPlanningGuidePath, 'utf8');
+        if (!content.includes(MCP_LAUNCHER_FILENAME) || !content.includes(INSTALLED_PROMPT_FILENAME)) {
+          throw new Error(`Antigravity guide must reference both ${MCP_LAUNCHER_FILENAME} and ${INSTALLED_PROMPT_FILENAME}.`);
+        }
+        return {
+          summary: 'Antigravity planning guide references the repo-local prompt asset and MCP launcher.',
+          path: assetPaths.antigravityPlanningGuidePath,
+        };
+      });
+    },
   },
 };
 
@@ -1505,6 +1670,13 @@ function getInstallProfile(host) {
   return profile;
 }
 
+export {
+  INSTALL_HOST_ORDER as _INSTALL_HOST_ORDER,
+  INSTALL_HOST_DEFINITIONS as _INSTALL_HOST_DEFINITIONS,
+  getInstallHostKeys as _getInstallHostKeys,
+  getInstallProfile as _getInstallProfile,
+};
+
 function buildHostCatalog({ root, host, assets }) {
   return getInstallHostKeys(host)
     .map((hostKey) => {
@@ -2028,177 +2200,15 @@ async function verifyInstalledBootstrap(argv) {
       primary_path: hostEntry.primary_path,
     }));
 
-    switch (hostKey) {
-      case 'codex':
-        await collectVerifyCheck(checks, 'codex_global_surface', async () => {
-          const content = await readFile(assetPaths.agentsInstructionsPath, 'utf8');
-          if (!content.includes('/audit-code')) {
-            throw new Error(`AGENTS instructions do not reference /audit-code: ${assetPaths.agentsInstructionsPath}`);
-          }
-          return {
-            summary: 'Codex uses the global skill surface with AGENTS fallback instructions.',
-            path: assetPaths.agentsInstructionsPath,
-          };
-        });
-        break;
-      case 'claude-desktop': {
-        const bundleManifestPath = join(
-          root,
-          '.audit-code',
-          'install',
-          'claude-desktop',
-          'bundle',
-          'manifest.json',
-        );
-        const bundleServerPath = join(
-          root,
-          '.audit-code',
-          'install',
-          'claude-desktop',
-          'bundle',
-          'server',
-          'index.js',
-        );
-
-        await collectVerifyCheck(checks, 'claude_bundle_manifest', async () => {
-          const manifest = await readJson(bundleManifestPath, 'Claude Desktop bundle manifest');
-          if (manifest?.server?.entry_point !== 'server/index.js') {
-            throw new Error(`Claude Desktop bundle manifest has an unexpected entry_point: ${manifest?.server?.entry_point ?? 'missing'}.`);
-          }
-          return {
-            summary: 'Claude Desktop bundle manifest parsed successfully.',
-            path: bundleManifestPath,
-          };
-        });
-        await collectVerifyCheck(checks, 'claude_connector_template', async () => {
-          const connector = await readJson(
-            assetPaths.claudeDesktopRemoteConnectorPath,
-            'Claude Desktop remote connector template',
-          );
-          if (connector?.transport !== 'remote-mcp') {
-            throw new Error(`Claude Desktop remote connector transport must be "remote-mcp", got ${connector?.transport ?? 'missing'}.`);
-          }
-          return {
-            summary: 'Claude Desktop remote connector template parsed successfully.',
-            path: assetPaths.claudeDesktopRemoteConnectorPath,
-          };
-        });
-        await collectVerifyCheck(checks, 'claude_dxt_archive', async () => ({
-          summary: 'Claude Desktop .dxt bundle is present.',
-          path: assetPaths.claudeDesktopDxtPath,
-          size_bytes: await verifyZipFile(
-            assetPaths.claudeDesktopDxtPath,
-            'Claude Desktop .dxt bundle',
-          ),
-        }));
-        await collectVerifyCheck(checks, 'claude_mcpb_archive', async () => ({
-          summary: 'Claude Desktop .mcpb bundle is present.',
-          path: assetPaths.claudeDesktopMcpbPath,
-          size_bytes: await verifyZipFile(
-            assetPaths.claudeDesktopMcpbPath,
-            'Claude Desktop .mcpb bundle',
-          ),
-        }));
-        await collectVerifyCheck(checks, 'claude_bundle_mcp', async () => {
-          const probe = await probeMcpServer({
-            label: 'Claude Desktop bundle server',
-            command: process.execPath,
-            args: [bundleServerPath],
-            cwd: root,
-            env: {
-              AUDIT_CODE_REPO_ROOT: root,
-              AUDIT_CODE_ARTIFACTS_DIR: join(root, '.audit-artifacts'),
-            },
-          });
-          const toolNames = (probe.tools?.tools ?? []).map((tool) => tool.name);
-          if (!toolNames.includes('start_audit')) {
-            throw new Error('Claude Desktop bundle server did not expose the start_audit tool.');
-          }
-          return {
-            summary: 'Claude Desktop bundle completed an MCP handshake.',
-            tool_count: toolNames.length,
-          };
-        });
-        break;
-      }
-      case 'opencode':
-        await collectVerifyCheck(checks, 'opencode_config', async () => {
-          const config = await readJson(assetPaths.opencodeConfigPath, 'OpenCode project config');
-          if (config?.command?.['audit-code']) {
-            throw new Error('OpenCode project config must not define command["audit-code"]; the slash command is global npm-installed state. Run "audit-code install --host opencode" to remove the stale local command.');
-          }
-          if (config?.mcp?.auditor) {
-            throw new Error('OpenCode project config must not define mcp.auditor; the MCP server is supplied by the global npm-installed config. Run "audit-code install --host opencode" to remove the stale project-level MCP entry.');
-          }
-          assertOpenCodeAuditPermissionConfig(config?.permission, 'permission');
-          assertOpenCodeAuditPermissionConfig(config?.agent?.auditor?.permission, 'agent.auditor.permission');
-          return {
-            summary: 'OpenCode project config has audit permissions; MCP server and /audit-code command are supplied by the global npm-installed config.',
-            path: assetPaths.opencodeConfigPath,
-          };
-        });
-        break;
-      case 'vscode':
-        await collectVerifyCheck(checks, 'vscode_prompt', async () => {
-          const content = await readFile(assetPaths.vscodePromptPath, 'utf8');
-          if (!content.includes('name: audit-code')) {
-            throw new Error(`VS Code prompt file is missing the expected frontmatter name: ${assetPaths.vscodePromptPath}`);
-          }
-          const { body: promptBody } = splitFrontmatter(content);
-          const { body: sourceBody } = splitFrontmatter(await readFile(promptAssetPath, 'utf8'));
-          if (promptBody !== sourceBody.trimStart()) {
-            throw new Error(
-              `VS Code prompt body is out of sync with the source prompt. Run "audit-code install --host vscode" or "audit-code install".`,
-            );
-          }
-          return {
-            summary: 'VS Code prompt file is present and uses the source prompt body.',
-            path: assetPaths.vscodePromptPath,
-          };
-        });
-        await collectVerifyCheck(checks, 'vscode_mcp_config', async () => {
-          const config = await readJson(assetPaths.vscodeMcpConfigPath, 'VS Code MCP config');
-          const args = config?.servers?.auditor?.args;
-          if (config?.servers?.auditor?.command !== 'node') {
-            throw new Error(`VS Code MCP config must use node as the command, got ${config?.servers?.auditor?.command ?? 'missing'}.`);
-          }
-          if (!Array.isArray(args) || args[0] !== '${workspaceFolder}/.audit-code/install/run-mcp-server.mjs') {
-            throw new Error(`VS Code MCP config must point at \${workspaceFolder}/.audit-code/install/${MCP_LAUNCHER_FILENAME}.`);
-          }
-          return {
-            summary: 'VS Code MCP config parsed successfully.',
-            path: assetPaths.vscodeMcpConfigPath,
-          };
-        });
-        break;
-      case 'antigravity':
-        await collectVerifyCheck(checks, 'antigravity_skill', async () => {
-          const content = await readFile(assetPaths.antigravitySkillPath, 'utf8');
-          if (!content.includes('name: audit-code')) {
-            throw new Error('Antigravity skill SKILL.md must contain "name: audit-code" in frontmatter.');
-          }
-          return {
-            summary: 'Antigravity .agent/skills/audit-code/SKILL.md is present and valid.',
-            path: assetPaths.antigravitySkillPath,
-          };
-        });
-        await collectVerifyCheck(checks, 'antigravity_guide', async () => {
-          const content = await readFile(assetPaths.antigravityPlanningGuidePath, 'utf8');
-          if (!content.includes(MCP_LAUNCHER_FILENAME) || !content.includes(INSTALLED_PROMPT_FILENAME)) {
-            throw new Error(`Antigravity guide must reference both ${MCP_LAUNCHER_FILENAME} and ${INSTALLED_PROMPT_FILENAME}.`);
-          }
-          return {
-            summary: 'Antigravity planning guide references the repo-local prompt asset and MCP launcher.',
-            path: assetPaths.antigravityPlanningGuidePath,
-          };
-        });
-        break;
-      default:
-        checks.push({
-          id: 'host_handler',
-          status: 'error',
-          summary: `No verification handler is implemented for host "${hostKey}".`,
-        });
+    const hostDefinition = INSTALL_HOST_DEFINITIONS[hostKey];
+    if (hostDefinition?.verify) {
+      await hostDefinition.verify({ checks, root, assetPaths, collectVerifyCheck });
+    } else {
+      checks.push({
+        id: 'host_handler',
+        status: 'error',
+        summary: `No verification handler is implemented for host "${hostKey}".`,
+      });
     }
 
     hostResults.push({

package/dist/cli.d.ts

@@ -2,6 +2,11 @@ import type { SessionConfig } from "./types/sessionConfig.js";
 type UiMode = "visible" | "headless";
 declare function getFlag(argv: string[], name: string, fallback?: string): string | undefined;
 declare function hasFlag(argv: string[], name: string): boolean;
+export declare function resolveHostDispatchCapability(options: {
+    explicit?: boolean;
+    sessionConfig: SessionConfig;
+    env?: NodeJS.ProcessEnv;
+}): boolean;
 declare function getArtifactsDir(argv: string[]): string;
 declare function getRootDir(argv: string[]): string;
 declare function warnIfNotGitRepo(root: string): void;