auditor-lambda 0.3.40 → 0.5.0

package/dist/orchestrator/scope.js

@@ -0,0 +1,227 @@
+import { changedFiles, gitRefExists, isGitRepo } from "@audit-tools/shared";
+import { buildDispositionMap } from "../extractors/disposition.js";
+import { buildPathLookup } from "../extractors/graph.js";
+import { HIGH_FAN_DEGREE_THRESHOLD, buildGraphDegreeIndex, collectGraphEdges, graphEdgeConfidence, normalizeGraphPath, } from "./reviewPackets.js";
+/** Default cap on in-scope files (seeds + expanded) before expansion stops. */
+export const DEFAULT_SCOPE_MAX_FILES = 200;
+/** Graph edges below this confidence are never traversed during expansion. */
+export const SCOPE_EDGE_CONFIDENCE_FLOOR = 0.5;
+/**
+ * Expansion stops along a path once the accumulated path-confidence (the product
+ * of the traversed edge confidences) drops below this floor. With no fixed hop
+ * count, this — together with hub-skipping and the file budget — bounds the
+ * frontier deterministically.
+ */
+export const SCOPE_MIN_FRONTIER_CONFIDENCE = 0.5;
+/**
+ * Deterministic priority-frontier expansion (Phase 3). Starting from the changed
+ * files (seeds), walk the dependency graph outward, always visiting the neighbour
+ * with the highest accumulated path-confidence first (tie-broken by path). High
+ * fan-in/out hubs are skipped so a single change near a hub does not drag the
+ * whole repo into scope, low-confidence edges are dropped, and expansion halts at
+ * the file budget or when the best remaining frontier confidence falls below the
+ * floor. Same inputs → identical scope.
+ */
+export function computeAuditScope(input) {
+    const maxFiles = input.budget?.max_files ?? DEFAULT_SCOPE_MAX_FILES;
+    // normalized graph key -> canonical (repo-manifest) path for auditable files.
+    const canonicalByNorm = new Map();
+    for (const file of input.includedFiles) {
+        const key = normalizeGraphPath(file);
+        if (!canonicalByNorm.has(key)) {
+            canonicalByNorm.set(key, file);
+        }
+    }
+    // Seeds = changed files that are auditable (present in the manifest). Changed
+    // files that are excluded, deleted, or otherwise absent simply drop out.
+    const seedKeys = [];
+    const seedSeen = new Set();
+    for (const path of input.changed) {
+        const key = normalizeGraphPath(path);
+        if (canonicalByNorm.has(key) && !seedSeen.has(key)) {
+            seedSeen.add(key);
+            seedKeys.push(key);
+        }
+    }
+    const edges = collectGraphEdges(input.graphBundle);
+    const degree = buildGraphDegreeIndex(edges);
+    const isHub = (key) => (degree.fanIn.get(key) ?? 0) > HIGH_FAN_DEGREE_THRESHOLD ||
+        (degree.fanOut.get(key) ?? 0) > HIGH_FAN_DEGREE_THRESHOLD;
+    // Bidirectional adjacency: a change to a file is relevant to what it depends
+    // on AND to what depends on it. Edges below the confidence floor are dropped.
+    const adjacency = new Map();
+    const addEdge = (from, to, confidence) => {
+        const list = adjacency.get(from) ?? [];
+        list.push({ to, confidence });
+        adjacency.set(from, list);
+    };
+    for (const edge of edges) {
+        const confidence = graphEdgeConfidence(edge);
+        if (confidence < SCOPE_EDGE_CONFIDENCE_FLOOR) {
+            continue;
+        }
+        const from = normalizeGraphPath(edge.from);
+        const to = normalizeGraphPath(edge.to);
+        addEdge(from, to, confidence);
+        addEdge(to, from, confidence);
+    }
+    // Max-product shortest-path frontier. `best` holds the highest accumulated
+    // confidence discovered for each node; seeds start at 1.
+    const best = new Map();
+    for (const key of seedKeys) {
+        best.set(key, 1);
+    }
+    const visited = new Set();
+    const inScope = new Set(seedKeys);
+    const expandedKeys = [];
+    let budgetHit = false;
+    for (;;) {
+        let pick;
+        let pickConfidence = -1;
+        for (const [key, confidence] of best) {
+            if (visited.has(key))
+                continue;
+            if (confidence > pickConfidence ||
+                (confidence === pickConfidence && (pick === undefined || key < pick))) {
+                pick = key;
+                pickConfidence = confidence;
+            }
+        }
+        if (pick === undefined || pickConfidence < SCOPE_MIN_FRONTIER_CONFIDENCE) {
+            break;
+        }
+        visited.add(pick);
+        // Record newly-reached auditable files (seeds are already in scope).
+        if (canonicalByNorm.has(pick) && !inScope.has(pick)) {
+            if (inScope.size >= maxFiles) {
+                budgetHit = true;
+                break;
+            }
+            inScope.add(pick);
+            expandedKeys.push(pick);
+        }
+        // Relax neighbours, skipping hubs (never traverse through or into a hub) and
+        // non-auditable nodes.
+        for (const neighbour of adjacency.get(pick) ?? []) {
+            if (isHub(neighbour.to) || !canonicalByNorm.has(neighbour.to)) {
+                continue;
+            }
+            const candidate = pickConfidence * neighbour.confidence;
+            if (candidate < SCOPE_MIN_FRONTIER_CONFIDENCE) {
+                continue;
+            }
+            if (candidate > (best.get(neighbour.to) ?? 0)) {
+                best.set(neighbour.to, candidate);
+            }
+        }
+    }
+    const seedFiles = seedKeys
+        .map((key) => canonicalByNorm.get(key))
+        .sort((a, b) => a.localeCompare(b));
+    const expandedFiles = expandedKeys
+        .map((key) => canonicalByNorm.get(key))
+        .sort((a, b) => a.localeCompare(b));
+    const notes = [];
+    if (seedFiles.length === 0) {
+        notes.push(`No auditable files changed since ${input.since}.`);
+    }
+    if (budgetHit) {
+        notes.push(`Expansion stopped at the ${maxFiles}-file budget; some graph neighbours were left out of scope.`);
+    }
+    return {
+        mode: "delta",
+        since: input.since,
+        seed_files: seedFiles,
+        expanded_files: expandedFiles,
+        budget: { max_files: maxFiles },
+        ...(notes.length > 0 ? { dropped_note: notes.join(" ") } : {}),
+    };
+}
+/** A full-audit scope (the default, and every fallback). */
+export function fullAuditScope(budget, droppedNote) {
+    return {
+        mode: "full",
+        since: null,
+        seed_files: [],
+        expanded_files: [],
+        budget: { max_files: budget?.max_files ?? DEFAULT_SCOPE_MAX_FILES },
+        ...(droppedNote ? { dropped_note: droppedNote } : {}),
+    };
+}
+/**
+ * Resolve the scope for a planning run. Returns a full-audit scope unless a
+ * `--since` ref was supplied against a real git repository; an unusable ref or
+ * missing root degrades to a full audit with an honest note. Reads the auditable
+ * file set from the repo manifest + disposition (the same lookup the graph
+ * extractor uses) and the dependency graph from the bundle.
+ */
+export function resolveAuditScope(input) {
+    const since = input.since?.trim();
+    if (!since) {
+        return fullAuditScope(input.budget);
+    }
+    if (!input.root) {
+        return fullAuditScope(input.budget, `--since '${since}' was ignored: no repository root was available, so a full audit ran.`);
+    }
+    if (!isGitRepo(input.root)) {
+        return fullAuditScope(input.budget, `--since '${since}' was ignored: '${input.root}' is not a git repository, so a full audit ran.`);
+    }
+    if (!gitRefExists(input.root, since)) {
+        return fullAuditScope(input.budget, `--since '${since}' could not be resolved to a commit, so a full audit ran.`);
+    }
+    const dispositionMap = buildDispositionMap(input.bundle.file_disposition);
+    const includedFiles = input.bundle.repo_manifest
+        ? [
+            ...new Set(buildPathLookup(input.bundle.repo_manifest, dispositionMap).values()),
+        ].sort((a, b) => a.localeCompare(b))
+        : [];
+    return computeAuditScope({
+        since,
+        changed: changedFiles(input.root, since),
+        includedFiles,
+        graphBundle: input.bundle.graph_bundle,
+        budget: input.budget,
+    });
+}
+/**
+ * Apply a delta scope to a freshly-built coverage matrix. In-scope files (seeds
+ * + expanded neighbours) keep their fresh `pending` status to be re-audited.
+ * Out-of-scope files inherit a prior `complete` record verbatim when present (so
+ * previously-finished work is preserved, not re-run), and are otherwise excluded
+ * from this run with `classification_status: "out_of_scope_delta"`. Deterministic
+ * exclusions (non-auditable/trivial) are left untouched. A full scope is a no-op.
+ */
+export function applyScopeToCoverage(coverage, scope, priorCoverage) {
+    if (scope.mode !== "delta") {
+        return coverage;
+    }
+    const inScope = new Set([
+        ...scope.seed_files,
+        ...scope.expanded_files,
+    ]);
+    const priorByPath = new Map((priorCoverage?.files ?? []).map((file) => [file.path, file]));
+    for (const file of coverage.files) {
+        if (file.audit_status === "excluded") {
+            continue;
+        }
+        if (inScope.has(file.path)) {
+            continue;
+        }
+        const prior = priorByPath.get(file.path);
+        if (prior && prior.audit_status === "complete") {
+            file.required_lenses = [...prior.required_lenses];
+            file.completed_lenses = [...prior.completed_lenses];
+            file.unit_ids = [...prior.unit_ids];
+            file.audit_status = "complete";
+            file.classification_status = prior.classification_status;
+        }
+        else {
+            file.required_lenses = [];
+            file.completed_lenses = [];
+            file.unit_ids = [];
+            file.audit_status = "excluded";
+            file.classification_status = "out_of_scope_delta";
+        }
+    }
+    return coverage;
+}

package/dist/orchestrator/state.js

@@ -29,6 +29,7 @@ export function deriveAuditState(bundle) {
         "critical_flows.json",
         "risk_register.json",
     ], structureReady)));
+    obligations.push(obligation("graph_enrichment_current", staleOrSatisfied(staleArtifacts, ["analyzer_capability.json"], has(bundle.analyzer_capability))));
     obligations.push(obligation("design_assessment_current", staleOrSatisfied(staleArtifacts, ["design_assessment.json"], has(bundle.design_assessment))));
     obligations.push(obligation("design_review_completed", bundle.design_assessment?.reviewed ? "satisfied" : "missing"));
     const planningReady = has(bundle.coverage_matrix) &&
@@ -69,6 +70,7 @@ export function deriveAuditState(bundle) {
         ? "No deterministic runtime validation tasks were planned."
         : undefined));
     obligations.push(obligation("synthesis_current", staleOrSatisfied(staleArtifacts, ["audit-report.md"], has(bundle.audit_report))));
+    obligations.push(obligation("synthesis_narrative_current", staleOrSatisfied(staleArtifacts, ["synthesis-narrative.json"], has(bundle.synthesis_narrative))));
     let status = "not_started";
     if (!has(bundle.repo_manifest)) {
         status = "not_started";

package/dist/orchestrator/taskBuilder.d.ts

@@ -1,6 +1,6 @@
 import type { ExternalAnalyzerResults } from "../types/externalAnalyzer.js";
 import type { AuditTask, CoverageMatrix, Lens } from "../types.js";
-import type { CriticalFlowManifest } from "../types/flows.js";
+import type { CriticalFlowManifest } from "@audit-tools/shared";
 export interface UnitLineIndex {
     [path: string]: number;
 }

package/dist/orchestrator/taskBuilder.js

@@ -1,6 +1,6 @@
 import { claimFlowReviewBlocks } from "./flowPlanning.js";
 import { isTrivialAuditPath } from "./trivialAudit.js";
-import { LENS_ORDER } from "./unitBuilder.js";
+import { LENS_ORDER, priorityRank } from "./auditTaskUtils.js";
 import { isTestPath, normalizeExtractorPath, } from "../extractors/pathPatterns.js";
 function taskPriority(hasExternalSignal, lens, isCriticalFlow = false) {
     if (isCriticalFlow) {
@@ -17,17 +17,6 @@ function taskPriority(hasExternalSignal, lens, isCriticalFlow = false) {
     }
     return lens === "security" || lens === "data_integrity" ? "medium" : "low";
 }
-function priorityRank(priority) {
-    switch (priority) {
-        case "high":
-            return 3;
-        case "medium":
-            return 2;
-        case "low":
-        default:
-            return 1;
-    }
-}
 function pickAnalyzerLens(category) {
     const normalized = category.toLowerCase();
     if (normalized.includes("security") ||

package/dist/orchestrator/unionFind.d.ts

@@ -0,0 +1,7 @@
+export declare class UnionFind {
+    private readonly parent;
+    constructor(keys: Iterable<string>);
+    find(key: string): string;
+    union(a: string, b: string): void;
+    groups(): Map<string, string[]>;
+}

package/dist/orchestrator/unionFind.js

@@ -0,0 +1,32 @@
+export class UnionFind {
+    parent;
+    constructor(keys) {
+        this.parent = new Map([...keys].map((key) => [key, key]));
+    }
+    find(key) {
+        const current = this.parent.get(key) ?? key;
+        if (current === key)
+            return key;
+        const root = this.find(current);
+        this.parent.set(key, root);
+        return root;
+    }
+    union(a, b) {
+        const rootA = this.find(a);
+        const rootB = this.find(b);
+        if (rootA === rootB)
+            return;
+        const [keep, move] = rootA.localeCompare(rootB) <= 0 ? [rootA, rootB] : [rootB, rootA];
+        this.parent.set(move, keep);
+    }
+    groups() {
+        const result = new Map();
+        for (const key of this.parent.keys()) {
+            const root = this.find(key);
+            const group = result.get(root) ?? [];
+            group.push(key);
+            result.set(root, group);
+        }
+        return result;
+    }
+}

package/dist/orchestrator/unitBuilder.d.ts

@@ -1,6 +1,6 @@
 import type { Lens, RepoManifest, UnitManifest } from "../types.js";
-import type { FileDisposition } from "../types/disposition.js";
-export declare const LENS_ORDER: Lens[];
+import type { FileDisposition } from "@audit-tools/shared";
+export { LENS_ORDER, sortLenses } from "./auditTaskUtils.js";
 export declare function deriveRequiredLensesForPath(path: string, options?: {
     isBrowserExtensionProject?: boolean;
 }): Lens[];

package/dist/orchestrator/unitBuilder.js

@@ -1,7 +1,8 @@
 import { deriveBrowserExtensionLensesForPath, hasBrowserExtensionManifestFile, inferBrowserExtensionUnitKind, } from "../extractors/browserExtension.js";
 import { bucketFile } from "../extractors/bucketing.js";
-import { isAuditExcludedStatus } from "../extractors/disposition.js";
+import { buildDispositionMap, isAuditExcludedStatus } from "../extractors/disposition.js";
 import { pathTokens, normalizeExtractorPath } from "../extractors/pathPatterns.js";
+import { sortLenses } from "./auditTaskUtils.js";
 const LENS_MAP = {
     runtime: ["correctness", "maintainability", "tests", "observability"],
     interface: ["correctness", "security", "reliability", "tests", "observability"],
@@ -76,22 +77,7 @@ function inferUnitId(path, kind) {
     }
     return `${kind}-${path.replace(/[^a-zA-Z0-9_-]/g, "-")}`;
 }
-export const LENS_ORDER = [
-    "security",
-    "correctness",
-    "reliability",
-    "data_integrity",
-    "performance",
-    "operability",
-    "config_deployment",
-    "observability",
-    "maintainability",
-    "tests",
-];
-function sortLenses(lenses) {
-    const set = new Set(lenses);
-    return LENS_ORDER.filter((lens) => set.has(lens));
-}
+export { LENS_ORDER, sortLenses } from "./auditTaskUtils.js";
 function applyExtensionLensGuards(path, lenses) {
     const n = path.toLowerCase();
     if (n.endsWith(".schema.json") || n.endsWith(".schema.ts")) {
@@ -142,7 +128,7 @@ function inferCriticalFlows(files, requiredLenses) {
 export function buildUnitManifest(repoManifest, disposition) {
     const units = new Map();
     const isBrowserExtensionProject = hasBrowserExtensionManifestFile(repoManifest);
-    const dispositionMap = new Map(disposition?.files.map((item) => [item.path, item.status]) ?? []);
+    const dispositionMap = buildDispositionMap(disposition);
     for (const file of repoManifest.files) {
         const status = dispositionMap.get(file.path);
         if (file.excluded || (status && isAuditExcludedStatus(status))) {

package/dist/prompts/renderWorkerPrompt.js

@@ -2,6 +2,20 @@ import { usesDeferredWorkerCommand, } from "../types/workerSession.js";
 function renderArgv(task) {
     return JSON.stringify(task.worker_command);
 }
+function renderAccessSection(access) {
+    const lines = ["", "## File access"];
+    if (access.read_paths.length > 0) {
+        lines.push(`Read: ${access.read_paths.join(", ")}`);
+    }
+    if (access.write_paths.length > 0) {
+        lines.push(`Write: ${access.write_paths.join(", ")}`);
+    }
+    if (access.forbidden_patterns && access.forbidden_patterns.length > 0) {
+        lines.push(`Forbidden: ${access.forbidden_patterns.join(", ")}`);
+    }
+    lines.push("Do not read or write files outside these paths.");
+    return lines;
+}
 export function renderWorkerPrompt(task) {
     const commandArgv = renderArgv(task);
     if (task.preferred_executor === "agent" && task.audit_results_path) {
@@ -12,7 +26,7 @@ export function renderWorkerPrompt(task) {
             `Read: ${tasksPath}`,
             "Scope: review only the tasks listed in the Read file. Do not add tasks,",
             "edit source files, remediate findings, run unrelated audits, or write result_path.",
-            "Prefer host Read and Grep tools for source inspection. On native Windows, do not use Unix pipelines like `grep ... | head`; if shell search is unavoidable, use `Select-String` as a fallback.",
+            "Use host Read and Grep tools for source inspection. Do not use shell search commands.",
             "For each listed task: read the assigned file_paths under the specified lens,",
             "using targeted reads/searches where they give complete enough evidence without loading unrelated context,",
             "and emit exactly one AuditResult object with:",
@@ -34,6 +48,9 @@ export function renderWorkerPrompt(task) {
         else {
             lines.push("After writing audit_results_path, execute worker_command from task.json exactly.", "The worker command ingests audit_results_path and writes result_path.", `Command: ${commandArgv}`);
         }
+        if (task.access) {
+            lines.push(...renderAccessSection(task.access));
+        }
         return lines.join("\n");
     }
     return [

package/dist/providers/claudeCodeProvider.d.ts

@@ -1,11 +1,11 @@
-import type { FreshSessionProvider, LaunchFreshSessionInput } from "./types.js";
-import type { ClaudeCodeConfig } from "../types/sessionConfig.js";
+import type { FreshSessionProvider, LaunchFreshSessionInput, ClaudeCodeConfig, OpenTokenConfig } from "@audit-tools/shared";
 import { spawnLoggedCommand } from "./spawnLoggedCommand.js";
 export declare const ACTIVE_CLAUDE_CODE_SESSION_MESSAGE: string;
 export declare class ClaudeCodeProvider implements FreshSessionProvider {
     name: string;
     private readonly config;
+    private readonly opentoken;
     private readonly launchCommand;
-    constructor(config?: ClaudeCodeConfig, launchCommand?: typeof spawnLoggedCommand);
-    launch(input: LaunchFreshSessionInput): Promise<import("./types.js").LaunchFreshSessionResult>;
+    constructor(config?: ClaudeCodeConfig, launchCommand?: typeof spawnLoggedCommand, opentoken?: OpenTokenConfig);
+    launch(input: LaunchFreshSessionInput): Promise<import("@audit-tools/shared").LaunchFreshSessionResult>;
 }

package/dist/providers/claudeCodeProvider.js

@@ -6,10 +6,12 @@ export const ACTIVE_CLAUDE_CODE_SESSION_MESSAGE = "claude-code provider cannot b
 export class ClaudeCodeProvider {
     name = "claude-code";
     config;
+    opentoken;
     launchCommand;
-    constructor(config = {}, launchCommand = spawnLoggedCommand) {
+    constructor(config = {}, launchCommand = spawnLoggedCommand, opentoken = {}) {
         this.config = config;
         this.launchCommand = launchCommand;
+        this.opentoken = opentoken;
     }
     async launch(input) {
         if (process.env.CLAUDECODE) {
@@ -17,14 +19,18 @@ export class ClaudeCodeProvider {
         }
         const prompt = await readFile(input.promptPath, "utf8");
         const command = this.config.command ?? "claude";
+        const promptFlag = this.config.prompt_flag ?? "-p";
         const args = [
-            "-p",
+            promptFlag,
             prompt,
             ...(this.config.extra_args ?? []),
             ...(this.config.dangerously_skip_permissions
                 ? ["--dangerously-skip-permissions"]
                 : []),
         ];
-        return await this.launchCommand(command, args, input);
+        return await this.launchCommand(command, args, input, undefined, {
+            opentoken: this.opentoken.enabled,
+            opentokenCommand: this.opentoken.command,
+        });
     }
 }

package/dist/providers/constants.d.ts

@@ -1 +1 @@
-export declare const LOCAL_SUBPROCESS_PROVIDER_NAME: "local-subprocess";
+export { LOCAL_SUBPROCESS_PROVIDER_NAME } from "@audit-tools/shared";

package/dist/providers/constants.js

@@ -1 +1 @@
-export const LOCAL_SUBPROCESS_PROVIDER_NAME = "local-subprocess";
+export { LOCAL_SUBPROCESS_PROVIDER_NAME } from "@audit-tools/shared";

package/dist/providers/index.d.ts

@@ -1,5 +1,4 @@
-import type { FreshSessionProvider } from "./types.js";
-import type { ResolvedProviderName, SessionConfig } from "../types/sessionConfig.js";
+import type { FreshSessionProvider, ResolvedProviderName, SessionConfig } from "@audit-tools/shared";
 export declare function resolveFreshSessionProviderName(name: string | undefined, sessionConfig?: SessionConfig, options?: {
     env?: NodeJS.ProcessEnv;
     commandExists?: (command: string) => boolean;

package/dist/providers/index.js

@@ -64,6 +64,7 @@ export function resolveFreshSessionProviderName(name, sessionConfig = {}, option
 }
 export function createFreshSessionProvider(name, sessionConfig = {}) {
     const providerName = resolveFreshSessionProviderName(name, sessionConfig);
+    const opentoken = sessionConfig.opentoken ?? {};
     if (providerName === "local-subprocess" &&
         (name ?? sessionConfig.provider) === "auto") {
         process.stderr.write("audit-code: auto provider resolved to local-subprocess — no capable agent provider detected. " +
@@ -77,16 +78,16 @@ export function createFreshSessionProvider(name, sessionConfig = {}) {
             if (!sessionConfig.subprocess_template?.command_template?.length) {
                 throw new Error("subprocess-template provider requires session-config.json with subprocess_template.command_template.");
             }
-            return new SubprocessTemplateProvider(sessionConfig.subprocess_template);
+            return new SubprocessTemplateProvider(sessionConfig.subprocess_template, undefined, opentoken);
         case "claude-code":
-            return new ClaudeCodeProvider(sessionConfig.claude_code);
+            return new ClaudeCodeProvider(sessionConfig.claude_code, undefined, opentoken);
         case "opencode":
-            return new OpenCodeProvider(sessionConfig.opencode);
+            return new OpenCodeProvider(sessionConfig.opencode, opentoken);
         case "vscode-task":
             if (!sessionConfig.vscode_task?.command_template?.length) {
                 throw new Error("vscode-task provider requires session-config.json with vscode_task.command_template.");
             }
-            return new VSCodeTaskProvider(sessionConfig.vscode_task);
+            return new VSCodeTaskProvider(sessionConfig.vscode_task, opentoken);
         default:
             throw new Error(`Unknown provider: ${providerName}`);
     }

package/dist/providers/localSubprocessProvider.d.ts

@@ -1,9 +1,9 @@
-import type { FreshSessionProvider, LaunchFreshSessionInput } from "./types.js";
+import type { FreshSessionProvider, LaunchFreshSessionInput } from "@audit-tools/shared";
 import { spawnLoggedCommand } from "./spawnLoggedCommand.js";
 export declare const MISSING_WORKER_COMMAND_MESSAGE = "local-subprocess provider requires task.worker_command.";
 export declare class LocalSubprocessProvider implements FreshSessionProvider {
     name: string;
     private readonly launchCommand;
     constructor(launchCommand?: typeof spawnLoggedCommand);
-    launch(input: LaunchFreshSessionInput): Promise<import("./types.js").LaunchFreshSessionResult>;
+    launch(input: LaunchFreshSessionInput): Promise<import("@audit-tools/shared").LaunchFreshSessionResult>;
 }

package/dist/providers/localSubprocessProvider.js

@@ -1,4 +1,4 @@
-import { readJsonFile } from "../io/json.js";
+import { readJsonFile } from "@audit-tools/shared";
 import { spawnLoggedCommand } from "./spawnLoggedCommand.js";
 export const MISSING_WORKER_COMMAND_MESSAGE = "local-subprocess provider requires task.worker_command.";
 export class LocalSubprocessProvider {

package/dist/providers/opencodeProvider.d.ts

@@ -1,8 +1,8 @@
-import type { FreshSessionProvider, LaunchFreshSessionInput } from "./types.js";
-import type { OpenCodeConfig } from "../types/sessionConfig.js";
+import type { FreshSessionProvider, LaunchFreshSessionInput, OpenCodeConfig, OpenTokenConfig } from "@audit-tools/shared";
 export declare class OpenCodeProvider implements FreshSessionProvider {
     name: string;
     private readonly config;
-    constructor(config?: OpenCodeConfig);
-    launch(input: LaunchFreshSessionInput): Promise<import("./types.js").LaunchFreshSessionResult>;
+    private readonly opentoken;
+    constructor(config?: OpenCodeConfig, opentoken?: OpenTokenConfig);
+    launch(input: LaunchFreshSessionInput): Promise<import("@audit-tools/shared").LaunchFreshSessionResult>;
 }

package/dist/providers/opencodeProvider.js

@@ -22,14 +22,19 @@ function quoteCmdArg(value) {
 export class OpenCodeProvider {
     name = "opencode";
     config;
-    constructor(config = {}) {
+    opentoken;
+    constructor(config = {}, opentoken = {}) {
         this.config = config;
+        this.opentoken = opentoken;
     }
     async launch(input) {
         const prompt = await readFile(input.promptPath, "utf8");
         const baseCommand = this.config.command ?? "opencode";
         const baseArgs = ["run", prompt, ...(this.config.extra_args ?? [])];
         const resolved = resolveOpenCodeSpawnCommand(baseCommand, baseArgs);
-        return await spawnLoggedCommand(resolved.command, resolved.args, input);
+        return await spawnLoggedCommand(resolved.command, resolved.args, input, undefined, {
+            opentoken: this.opentoken.enabled,
+            opentokenCommand: this.opentoken.command,
+        });
     }
 }

package/dist/providers/spawnLoggedCommand.d.ts

@@ -1,10 +1,12 @@
 import { createWriteStream } from "node:fs";
 import { spawn } from "node:child_process";
-import type { LaunchFreshSessionInput, LaunchFreshSessionResult } from "./types.js";
+import type { LaunchFreshSessionInput, LaunchFreshSessionResult } from "@audit-tools/shared";
 interface SpawnLoggedCommandOptions {
     createWriteStream?: typeof createWriteStream;
     spawn?: typeof spawn;
     killGraceMs?: number;
+    opentoken?: boolean;
+    opentokenCommand?: string;
 }
 export declare function spawnLoggedCommand(command: string, args: string[], input: LaunchFreshSessionInput, env?: Record<string, string>, options?: SpawnLoggedCommandOptions): Promise<LaunchFreshSessionResult>;
 export {};

package/dist/providers/spawnLoggedCommand.js

@@ -6,6 +6,22 @@ const FORCE_KILL_GRACE_MS = 1_000;
 function formatCommand(command, args) {
     return [command, ...args].join(" ");
 }
+function quoteCmdArg(value) {
+    if (/^[A-Za-z0-9_./:=@+-]+$/.test(value))
+        return value;
+    return `"${value.replace(/(["^&|<>%])/g, "^$1")}"`;
+}
+function applyOpenTokenWrap(command, args, opentokenCommand, platform = process.platform) {
+    if (platform === "win32") {
+        const shell = process.env.ComSpec ?? "cmd.exe";
+        const inner = [command, ...args].map(quoteCmdArg).join(" ");
+        return {
+            command: shell,
+            args: ["/d", "/s", "/c", `${opentokenCommand} wrap ${inner}`],
+        };
+    }
+    return { command: opentokenCommand, args: ["wrap", command, ...args] };
+}
 // On Windows `command` must be the resolved .cmd / .exe path because `spawn`
 // does not consult PATH for executables without a shell. Callers should use
 // `platformCommand()` (scripts/smoke-packaged-audit-code.mjs) or similar to
@@ -14,6 +30,11 @@ export async function spawnLoggedCommand(command, args, input, env, options = {}
     const openWriteStream = options.createWriteStream ?? createWriteStream;
     const spawnProcess = options.spawn ?? spawn;
     const killGraceMs = options.killGraceMs ?? FORCE_KILL_GRACE_MS;
+    if (options.opentoken) {
+        const wrapped = applyOpenTokenWrap(command, args, options.opentokenCommand ?? "opentoken");
+        command = wrapped.command;
+        args = wrapped.args;
+    }
     return await new Promise((resolve, reject) => {
         const stdoutLog = openWriteStream(input.stdoutPath, { flags: "a" });
         const stderrLog = openWriteStream(input.stderrPath, { flags: "a" });

package/dist/providers/subprocessTemplateProvider.d.ts

@@ -1,8 +1,8 @@
-import type { FreshSessionProvider, LaunchFreshSessionInput } from "./types.js";
-import type { SubprocessTemplateConfig } from "../types/sessionConfig.js";
+import type { FreshSessionProvider, LaunchFreshSessionInput, SubprocessTemplateConfig, OpenTokenConfig } from "@audit-tools/shared";
 export declare class SubprocessTemplateProvider implements FreshSessionProvider {
     name: string;
     private readonly config;
-    constructor(config: SubprocessTemplateConfig, name?: string);
-    launch(input: LaunchFreshSessionInput): Promise<import("./types.js").LaunchFreshSessionResult>;
+    private readonly opentoken;
+    constructor(config: SubprocessTemplateConfig, name?: string, opentoken?: OpenTokenConfig);
+    launch(input: LaunchFreshSessionInput): Promise<import("@audit-tools/shared").LaunchFreshSessionResult>;
 }