auditor-lambda 0.9.1 → 0.10.0

package/dist/cli/semanticReviewStep.js

@@ -64,7 +64,10 @@ export async function renderSemanticReviewStep(params) {
         allowedCommands: [mergeCommand, continueCommand],
         allowedMcpTools: ["auditor_merge_and_ingest", "auditor_continue_audit"],
         progress: {
-            summary: `Dispatching ${dispatch.packet_count} review packet(s) covering ` +
+            summary: (dispatch.phase === "canary"
+                ? `Canary: dispatching only the top-priority packet (${dispatch.canary_packet_id}) before fan-out. `
+                : "") +
+                `Dispatching ${dispatch.packet_count} review packet(s) covering ` +
                 `${dispatch.task_count} task(s) in waves of ${dispatch.wave_size}` +
                 (dispatch.skipped_task_count > 0
                     ? `; ${dispatch.skipped_task_count} task(s) already completed.`
@@ -73,6 +76,12 @@ export async function renderSemanticReviewStep(params) {
             pending_tasks: dispatch.task_count,
             completed_tasks: dispatch.skipped_task_count,
             wave_size: dispatch.wave_size,
+            phase: dispatch.phase,
+            canary_packet_id: dispatch.canary_packet_id,
+            agent_count: dispatch.agent_count,
+            wave_count: dispatch.wave_count,
+            confirmation_recommended: dispatch.confirmation_recommended,
+            dispatch_summary: dispatch.dispatch_summary,
         },
         stopCondition: "Dispatch every packet, run merge-and-ingest once, then run next-step.",
         repoRoot: root,
@@ -91,6 +100,8 @@ export async function renderSemanticReviewStep(params) {
             dispatchQuotaPath: dispatch.dispatch_quota_path,
             hostCanRestrictSubagentTools: params.hostCanRestrictSubagentTools,
             hostCanSelectSubagentModel: params.hostCanSelectSubagentModel,
+            phase: dispatch.phase,
+            canaryPacketId: dispatch.canary_packet_id,
         }),
         access: {
             read_paths: [

package/dist/cli/steps.d.ts

@@ -17,6 +17,21 @@ export interface StepProgress {
     completed_tasks?: number;
     /** Subagent parallelism resolved for this dispatch run. */
     wave_size?: number;
+    /** "canary" when only the top packet was emitted this round; "fan_out" otherwise. */
+    phase?: "canary" | "fan_out";
+    /** packet_id of the emitted canary packet when `phase === "canary"`. */
+    canary_packet_id?: string | null;
+    /** Total agents (packets) that will be launched this run. */
+    agent_count?: number;
+    /** Number of dispatch waves for this run (`ceil(agent_count / wave_size)`). */
+    wave_count?: number;
+    /**
+     * True when `agent_count` exceeds the configured confirm threshold and the
+     * loader should pause for user confirmation before fan-out (FINDING-012).
+     */
+    confirmation_recommended?: boolean;
+    /** Human-readable fan-out summary, e.g. "12 agents across 3 waves (wave_size=4)". */
+    dispatch_summary?: string;
 }
 export interface StepArtifact {
     contract_version: typeof STEP_CONTRACT_VERSION;

package/dist/cli.js

@@ -21,7 +21,6 @@ import { deriveAuditState } from "./orchestrator/state.js";
 import { createFreshSessionProvider, resolveFreshSessionProviderName, } from "./providers/index.js";
 import { getSessionConfigPath, loadSessionConfig, readSessionConfigFile, } from "./supervisor/sessionConfig.js";
 import { clearDispatchFiles, ensureSupervisorDirs, } from "./io/runArtifacts.js";
-import { runAuditCodeMcpServer } from "./mcp/server.js";
 import { scheduleWave, buildProviderModelKey, readQuotaState, resolveLimits, resolveHostActiveSubagentLimit, computeMaxSafeConcurrency, getQuotaStatePath, lookupDiscoveredLimits, setQuotaStateDir, } from "./quota/index.js";
 import { DIRECT_CLI_DEFAULTS, getFlag, hasFlag, fromBase64Url, taskResultPath, getArtifactsDir, getRootDir, warnIfNotGitRepo, getBatchResultsDir, getMaxRuns, getAgentBatchSize, getParallelWorkers, getTimeoutMs, getExplicitProvider, getHostModel, getHostMaxActiveSubagents, resolveRunProviderName, chunkArray, getUiMode, looksLikeCliFlag, countLines, } from "./cli/args.js";
 import { ACTIVE_DISPATCH_FILENAME, loadDispatchResultMap, prepareDispatchArtifacts, } from "./cli/dispatch.js";
@@ -539,9 +538,6 @@ async function cmdCleanup(argv) {
         dry_run: dryRun,
     }, null, 2));
 }
-async function cmdMcp(argv) {
-    await runAuditCodeMcpServer(argv.slice(3));
-}
 async function cmdQuota(argv) {
     const artifactsDir = getArtifactsDir(argv);
     const sessionConfig = await loadSessionConfig(artifactsDir).catch(() => ({}));
@@ -707,9 +703,6 @@ async function main(argv) {
         case "cleanup":
             await cmdCleanup(argv);
             return;
-        case "mcp":
-            await cmdMcp(argv);
-            return;
         case "prepare-dispatch":
             await cmdPrepareDispatch(argv);
             return;
@@ -733,7 +726,7 @@ async function main(argv) {
             return;
         default:
             console.error(`Unknown command: ${command}`);
-            console.error("Available commands: sample-run, advance-audit, next-step, run-to-completion, worker-run, import-external-analyzer, intake, plan, ingest-results, explain-task, update-runtime-validation, validate, validate-results, requeue, synthesize, cleanup, mcp, prepare-dispatch, merge-and-ingest, submit-packet, validate-result, quota, status, dispatch-status");
+            console.error("Available commands: sample-run, advance-audit, next-step, run-to-completion, worker-run, import-external-analyzer, intake, plan, ingest-results, explain-task, update-runtime-validation, validate, validate-results, requeue, synthesize, cleanup, prepare-dispatch, merge-and-ingest, submit-packet, validate-result, quota, status, dispatch-status");
             process.exitCode = 1;
     }
 }

package/dist/io/artifacts.d.ts

@@ -12,6 +12,7 @@ import type { DesignAssessment } from "../types/designAssessment.js";
 import type { AnalyzerCapabilityRecord } from "../types/analyzerCapability.js";
 import type { AuditScopeManifest } from "../types/auditScope.js";
 import type { ToolingManifest } from "../types/toolingManifest.js";
+import type { ActiveDispatchState } from "../cli/dispatch.js";
 type ArtifactPayloadMap = {
     repo_manifest: RepoManifest;
     file_disposition: FileDisposition;
@@ -45,8 +46,15 @@ type ArtifactPayloadMap = {
 /**
  * Audit artifacts accumulate phase-by-phase as the orchestrator advances.
  * Missing keys mean the corresponding artifact has not been produced yet.
+ *
+ * `active_dispatch` is loaded specially (like `tooling_manifest`): it lives at
+ * the artifacts root rather than as a standard pruned artifact, and carries the
+ * in-flight dispatch phase plus any budget-deferred task ids the completion
+ * obligation must exclude.
  */
-export type ArtifactBundle = Partial<ArtifactPayloadMap>;
+export type ArtifactBundle = Partial<ArtifactPayloadMap> & {
+    active_dispatch?: ActiveDispatchState;
+};
 export type ArtifactBundleKey = keyof ArtifactPayloadMap;
 type ArtifactPhase = "intake" | "analysis" | "execution" | "reporting" | "supervisor";
 interface ArtifactDefinition<K extends ArtifactBundleKey = ArtifactBundleKey> {

package/dist/io/artifacts.js

@@ -77,6 +77,13 @@ export async function loadArtifactBundle(root) {
         }
     }
     bundle.tooling_manifest = await buildToolingManifest();
+    // active-dispatch.json is written by prepare-dispatch at the artifacts root
+    // (not a standard ARTIFACT_DEFINITIONS entry). Load it so the completion
+    // obligation can exclude budget-deferred tasks. Absent on a fresh run.
+    const activeDispatch = await readOptionalJsonFile(join(root, "active-dispatch.json"));
+    if (activeDispatch !== undefined) {
+        bundle.active_dispatch = activeDispatch;
+    }
     return bundle;
 }
 export async function writeCoreArtifacts(root, bundle, options = {}) {

package/dist/io/runArtifacts.d.ts

@@ -2,6 +2,20 @@ import type { AuditTask } from "../types.js";
 import type { WorkerTask } from "../types/workerSession.js";
 import type { RunPaths, DispatchBatchRun } from "./runArtifactTypes.js";
 export type { RunPaths, DispatchBatchRun } from "./runArtifactTypes.js";
+/**
+ * Schema files copied into a dispatch run's `task-results/` directory so packet
+ * workers can optionally self-validate before submit. `audit_result.schema.json`
+ * `$ref`s the other two by relative filename, so all three must sit side-by-side
+ * for a validator to resolve them. Exported so merge-and-ingest can recognize
+ * them as legitimate (not stray) files in `task-results/`.
+ */
+export declare const PACKET_SCHEMA_FILENAMES: readonly ["audit_result.schema.json", "finding.schema.json", "audit_task.schema.json"];
+/**
+ * Copy {@link PACKET_SCHEMA_FILENAMES} into `targetDir` under their canonical
+ * filenames, making the AuditResult schema reachable from a dispatch run's
+ * `task-results/` directory.
+ */
+export declare function writePacketSchemaFiles(targetDir: string, pkgRoot: string): Promise<void>;
 export declare function buildRunId(obligationId: string | null, index: number, now?: Date): string;
 export declare function getRunPaths(artifactsDir: string, runId: string): RunPaths;
 export declare function ensureSupervisorDirs(artifactsDir: string): Promise<void>;

package/dist/io/runArtifacts.js

@@ -7,6 +7,29 @@ const packageRoot = resolve(moduleDir, "..", "..");
 const auditResultSchemaPath = join(packageRoot, "schemas", "audit_result.schema.json");
 const auditResultsSchemaPath = join(packageRoot, "schemas", "audit_results.schema.json");
 const findingSchemaPath = join(packageRoot, "schemas", "finding.schema.json");
+/**
+ * Schema files copied into a dispatch run's `task-results/` directory so packet
+ * workers can optionally self-validate before submit. `audit_result.schema.json`
+ * `$ref`s the other two by relative filename, so all three must sit side-by-side
+ * for a validator to resolve them. Exported so merge-and-ingest can recognize
+ * them as legitimate (not stray) files in `task-results/`.
+ */
+export const PACKET_SCHEMA_FILENAMES = [
+    "audit_result.schema.json",
+    "finding.schema.json",
+    "audit_task.schema.json",
+];
+/**
+ * Copy {@link PACKET_SCHEMA_FILENAMES} into `targetDir` under their canonical
+ * filenames, making the AuditResult schema reachable from a dispatch run's
+ * `task-results/` directory.
+ */
+export async function writePacketSchemaFiles(targetDir, pkgRoot) {
+    await mkdir(targetDir, { recursive: true });
+    for (const name of PACKET_SCHEMA_FILENAMES) {
+        await writeFile(join(targetDir, name), await readFile(join(pkgRoot, "schemas", name), "utf8"), "utf8");
+    }
+}
 const CURRENT_TASK_FILENAME = "current-task.json";
 const CURRENT_PROMPT_FILENAME = "current-prompt.md";
 const CURRENT_TASKS_FILENAME = "current-tasks.json";

package/dist/orchestrator/designReviewPrompt.d.ts

@@ -1,2 +1,5 @@
 import type { ArtifactBundle } from "../io/artifacts.js";
-export declare function renderDesignReviewPrompt(bundle: ArtifactBundle): string;
+export interface DesignReviewOptions {
+    max_units?: number;
+}
+export declare function renderDesignReviewPrompt(bundle: ArtifactBundle, options?: DesignReviewOptions): string;

package/dist/orchestrator/designReviewPrompt.js

@@ -45,6 +45,39 @@ function summarizeRisk(bundle) {
         ...lines,
     ].join("\n");
 }
+function buildPrioritizedReadingList(bundle, maxUnits) {
+    const items = bundle.risk_register?.items ?? [];
+    const units = bundle.unit_manifest?.units ?? [];
+    if (items.length === 0 && units.length === 0) {
+        return "No risk or unit data available; read the repository root files to orient yourself.";
+    }
+    // Build a map from unit_id → file list for fast lookup
+    const unitFiles = new Map();
+    for (const unit of units) {
+        unitFiles.set(unit.unit_id, unit.files);
+    }
+    // Sort risk items by score descending, then take the top-N
+    const sorted = [...items].sort((a, b) => b.risk_score - a.risk_score);
+    const top = sorted.slice(0, maxUnits);
+    if (top.length === 0) {
+        // Fall back to listing all units if no risk data
+        const allUnits = units.slice(0, maxUnits);
+        const lines = allUnits.map((u) => `- **${u.unit_id}** — ${u.files.join(", ")}`);
+        return [
+            `Top ${allUnits.length} unit(s) (no risk scores available):`,
+            ...lines,
+        ].join("\n");
+    }
+    const lines = top.map((item) => {
+        const files = unitFiles.get(item.unit_id);
+        const fileList = files && files.length > 0 ? files.join(", ") : "(files unknown)";
+        return `- **${item.unit_id}** (risk score: ${item.risk_score}) — ${fileList}`;
+    });
+    return [
+        `Top ${top.length} highest-risk unit(s) by risk score (out of ${items.length} total):`,
+        ...lines,
+    ].join("\n");
+}
 function summarizeSurfaces(bundle) {
     const surfaces = bundle.surface_manifest?.surfaces ?? [];
     if (surfaces.length === 0)
@@ -76,8 +109,12 @@ function formatDeterministicFindings(findings) {
         ...lines,
     ].join("\n");
 }
-export function renderDesignReviewPrompt(bundle) {
+export function renderDesignReviewPrompt(bundle, options = {}) {
     const deterministicFindings = bundle.design_assessment?.findings ?? [];
+    const unitCount = bundle.unit_manifest?.units.length ?? 0;
+    const defaultMaxUnits = Math.max(5, Math.min(20, Math.ceil(unitCount / 5)));
+    const maxUnits = options.max_units ?? defaultMaxUnits;
+    const prioritizedReadingList = buildPrioritizedReadingList(bundle, maxUnits);
     return [
         "# Project design review",
         "",
@@ -117,7 +154,11 @@ export function renderDesignReviewPrompt(bundle) {
         "",
         "## What to assess",
         "",
-        "Read the project source to understand what it does and how it works, then produce findings about:",
+        `Focus on the ${maxUnits} highest-risk units listed below; you need not read the entire repository, though you may follow any thread that demands more context. Produce findings about:`,
+        "",
+        "### Prioritised reading list",
+        "",
+        prioritizedReadingList,
         "",
         "- **Tool and library opportunities**: third-party tools, libraries, or frameworks that would improve the project. Concrete suggestions with rationale, not generic advice.",
         "- **Architecture pattern improvements**: structural changes that would improve extensibility, testability, or maintainability. Consider whether the current abstractions match the problem domain.",

package/dist/orchestrator/executorResult.d.ts

@@ -1,4 +1,23 @@
 import type { ArtifactBundle } from "../io/artifacts.js";
+/**
+ * Resolved audit scope, emitted by the intake executor so the conversation-first
+ * loader can echo what is about to be audited (and gate on confirmation when a
+ * mis-scope smell suggests the user targeted the wrong directory).
+ */
+export interface ScopeSummary {
+    /** Absolute path of the resolved repository root being audited. */
+    repo_root: string;
+    /** Count of files that will actually be audited (after disposition filtering). */
+    auditable_file_count: number;
+    /** Whether `repo_root` sits inside a git working tree. */
+    git_available: boolean;
+    /**
+     * Zero or more human-readable warnings that the resolved root may be the wrong
+     * target (e.g. a non-git subdirectory whose ancestor is a repo, or a workspace
+     * member of a parent monorepo). Empty when the scope looks correct.
+     */
+    mis_scope_smells: string[];
+}
 /**
  * Uniform result of running one audit executor: the updated artifact bundle, the
  * artifact filenames it wrote (which drive metadata/staleness bookkeeping in
@@ -9,4 +28,10 @@ export interface ExecutorRunResult {
     updated: ArtifactBundle;
     artifacts_written: string[];
     progress_summary: string;
+    /**
+     * Optional resolved-scope summary. Only the intake executor sets this; it lets
+     * the loader echo the audit target and gate on confirmation when
+     * `mis_scope_smells` is non-empty.
+     */
+    scope_summary?: ScopeSummary;
 }

package/dist/orchestrator/intakeExecutors.d.ts

@@ -1,3 +1,21 @@
 import type { ArtifactBundle } from "../io/artifacts.js";
 import type { ExecutorRunResult } from "./executorResult.js";
-export declare function runIntakeExecutor(bundle: ArtifactBundle, root: string): Promise<ExecutorRunResult>;
+/** Prefix used to carry the scope summary inside `progress_summary` for hosts
+ *  that read the step's progress text rather than the `scope_summary.json`
+ *  artifact. The loader extracts everything after this marker as JSON. */
+export declare const SCOPE_SUMMARY_PREFIX = "SCOPE_SUMMARY:";
+/**
+ * Detect signals that the resolved audit root may be the *wrong* directory.
+ * Two heuristics, returned as zero or more human-readable warnings:
+ *
+ *  a. No-git-but-ancestor-is-repo — `root` is not a git repo but some ancestor
+ *     directory is (you probably targeted a subdirectory instead of the repo
+ *     root).
+ *  b. Workspace-member — `root` has a `package.json` with a `name`, and its
+ *     parent has a `package.json` declaring `workspaces` (you probably want to
+ *     audit from the monorepo root).
+ *
+ * Returns an empty array when the scope looks correct. Never throws.
+ */
+export declare function detectMisScopeSmells(root: string): string[];
+export declare function runIntakeExecutor(bundle: ArtifactBundle, root: string, artifactsDir?: string): Promise<ExecutorRunResult>;

package/dist/orchestrator/intakeExecutors.js

@@ -1,7 +1,70 @@
+import { existsSync, readFileSync } from "node:fs";
+import { dirname, join } from "node:path";
+import { isGitRepo, writeJsonFile } from "@audit-tools/shared";
 import { buildFileDisposition, isAuditExcludedStatus, } from "../extractors/disposition.js";
 import { buildRepoManifestFromFs } from "../extractors/fsIntake.js";
 import { loadIgnoreFile } from "../extractors/ignore.js";
-export async function runIntakeExecutor(bundle, root) {
+/** Prefix used to carry the scope summary inside `progress_summary` for hosts
+ *  that read the step's progress text rather than the `scope_summary.json`
+ *  artifact. The loader extracts everything after this marker as JSON. */
+export const SCOPE_SUMMARY_PREFIX = "SCOPE_SUMMARY:";
+/**
+ * Detect signals that the resolved audit root may be the *wrong* directory.
+ * Two heuristics, returned as zero or more human-readable warnings:
+ *
+ *  a. No-git-but-ancestor-is-repo — `root` is not a git repo but some ancestor
+ *     directory is (you probably targeted a subdirectory instead of the repo
+ *     root).
+ *  b. Workspace-member — `root` has a `package.json` with a `name`, and its
+ *     parent has a `package.json` declaring `workspaces` (you probably want to
+ *     audit from the monorepo root).
+ *
+ * Returns an empty array when the scope looks correct. Never throws.
+ */
+export function detectMisScopeSmells(root) {
+    const smells = [];
+    // (a) No .git here, but an ancestor is a git repository.
+    if (!isGitRepo(root)) {
+        let current = dirname(root);
+        let previous = root;
+        while (current && current !== previous) {
+            if (existsSync(join(current, ".git"))) {
+                smells.push(`root has no .git but ancestor '${current}' is a git repository — you may have targeted a subdirectory instead of the repo root`);
+                break;
+            }
+            previous = current;
+            current = dirname(current);
+        }
+    }
+    // (b) Workspace member of a parent monorepo.
+    const rootPkg = readPackageJson(root);
+    if (rootPkg && rootPkg.name !== undefined) {
+        const parent = dirname(root);
+        if (parent && parent !== root) {
+            const parentPkg = readPackageJson(parent);
+            if (parentPkg && parentPkg.workspaces !== undefined) {
+                smells.push(`root appears to be a workspace member of a parent monorepo at '${parent}' — consider auditing from the monorepo root instead`);
+            }
+        }
+    }
+    return smells;
+}
+function readPackageJson(dir) {
+    const path = join(dir, "package.json");
+    if (!existsSync(path))
+        return undefined;
+    try {
+        const parsed = JSON.parse(readFileSync(path, "utf8"));
+        return parsed && typeof parsed === "object"
+            ? parsed
+            : undefined;
+    }
+    catch {
+        // Missing or malformed package.json — treat as absent for smell purposes.
+        return undefined;
+    }
+}
+export async function runIntakeExecutor(bundle, root, artifactsDir) {
     const ignore = await loadIgnoreFile(root);
     const repoManifest = await buildRepoManifestFromFs({
         root,
@@ -13,13 +76,36 @@ export async function runIntakeExecutor(bundle, root) {
     if (auditableCount === 0) {
         throw new Error(`No auditable files found in ${root}. The repository may be empty, generated-only, documentation-only, or filtered by .auditorignore.`);
     }
+    const scopeSummary = {
+        repo_root: root,
+        auditable_file_count: auditableCount,
+        git_available: isGitRepo(root),
+        mis_scope_smells: detectMisScopeSmells(root),
+    };
+    const artifactsWritten = ["repo_manifest.json", "file_disposition.json"];
+    // Persist the scope summary alongside the other intake artifacts when we know
+    // where the artifacts directory is. The typed `scope_summary` field and the
+    // progress_summary marker below carry the same data for hosts that don't read
+    // the file directly.
+    if (artifactsDir) {
+        await writeJsonFile(join(artifactsDir, "scope_summary.json"), scopeSummary);
+        artifactsWritten.push("scope_summary.json");
+    }
+    const progressSummary = `${SCOPE_SUMMARY_PREFIX}${JSON.stringify(scopeSummary)}\n` +
+        `Created intake artifacts for ${repoManifest.files.length} files ` +
+        `(${auditableCount} auditable). Scope: ${root}, git: ${scopeSummary.git_available ? "yes" : "no"}` +
+        (scopeSummary.mis_scope_smells.length > 0
+            ? `; ${scopeSummary.mis_scope_smells.length} mis-scope warning(s)`
+            : "") +
+        ".";
     return {
         updated: {
             ...bundle,
             repo_manifest: repoManifest,
             file_disposition: disposition,
         },
-        artifacts_written: ["repo_manifest.json", "file_disposition.json"],
-        progress_summary: `Created intake artifacts for ${repoManifest.files.length} files.`,
+        artifacts_written: artifactsWritten,
+        progress_summary: progressSummary,
+        scope_summary: scopeSummary,
     };
 }

package/dist/orchestrator/nextStep.d.ts

@@ -6,5 +6,6 @@ export interface NextStepDecision {
     selected_executor: string | null;
     reason: string;
 }
+export declare const PRIORITY: string[];
 export declare function findObligation(obligations: AuditObligation[]): AuditObligation | undefined;
 export declare function decideNextStep(bundle: ArtifactBundle): NextStepDecision;

package/dist/orchestrator/nextStep.js

@@ -1,6 +1,6 @@
 import { EXECUTOR_REGISTRY } from "./executors.js";
 import { deriveAuditState } from "./state.js";
-const PRIORITY = [
+export const PRIORITY = [
     "repo_manifest",
     "file_disposition",
     "auto_fixes_applied",

package/dist/orchestrator/state.js

@@ -46,7 +46,14 @@ export function deriveAuditState(bundle) {
         "requeue_tasks.json",
     ], planningReady)));
     const completedTaskIds = new Set((bundle.audit_results ?? []).map((result) => result.task_id));
-    const hasPendingAuditTasks = bundle.audit_tasks?.some((task) => task.status !== "complete" && !completedTaskIds.has(task.task_id)) ?? false;
+    // Tasks deferred by a budget cap (FINDING-013) will never have results, so
+    // they must be excluded from the completion check — otherwise the obligation
+    // loops forever under a budget. Absent active_dispatch => empty set => the
+    // logic is unchanged (all tasks must be complete).
+    const deferredTaskIds = new Set(bundle.active_dispatch?.deferred_task_ids ?? []);
+    const hasPendingAuditTasks = bundle.audit_tasks?.some((task) => task.status !== "complete" &&
+        !completedTaskIds.has(task.task_id) &&
+        !deferredTaskIds.has(task.task_id)) ?? false;
     if (hasPendingAuditTasks) {
         obligations.push(obligation("audit_tasks_completed", "missing"));
     }

package/dist/providers/constants.d.ts

@@ -1 +1 @@
-export { LOCAL_SUBPROCESS_PROVIDER_NAME } from "@audit-tools/shared";
+export { LOCAL_SUBPROCESS_PROVIDER_NAME, CODEX_PROVIDER_NAME, ANTIGRAVITY_PROVIDER_NAME, } from "@audit-tools/shared";

package/dist/providers/constants.js

@@ -1 +1 @@
-export { LOCAL_SUBPROCESS_PROVIDER_NAME } from "@audit-tools/shared";
+export { LOCAL_SUBPROCESS_PROVIDER_NAME, CODEX_PROVIDER_NAME, ANTIGRAVITY_PROVIDER_NAME, } from "@audit-tools/shared";

package/dist/reporting/synthesis.d.ts

@@ -28,6 +28,14 @@ export interface AuditReportSummary {
     audited_file_count: number;
     excluded_file_count: number;
     runtime_validation_status_breakdown: Record<string, number>;
+    /**
+     * Distinct count of tasks/files NOT audited because a packet budget cap
+     * (FINDING-013) deferred them — kept separate from `excluded_file_count`
+     * (non-auditable files), since a budget skip is an honest partial-coverage
+     * signal, not an exclusion. Optional so the shared `AuditFindingsSummary`
+     * (which omits it) stays assignable to this render shape; defaults to 0.
+     */
+    budget_deferred_task_count?: number;
 }
 export interface AuditReportModel {
     summary: AuditReportSummary;

package/dist/reporting/synthesis.js

@@ -25,6 +25,8 @@ function coverageSummary(coverage) {
     return {
         audited_file_count: files.filter((file) => file.audit_status === "complete").length,
         excluded_file_count: files.filter((file) => file.audit_status === "excluded").length,
+        // Distinct from excluded: files a budget cap deferred (status set by scope).
+        budget_deferred_task_count: files.filter((file) => file.audit_status === "budget_deferred").length,
     };
 }
 function formatSeverityList(summary) {
@@ -50,6 +52,7 @@ export function buildAuditReportModel(params) {
             severity_breakdown: severityBreakdown(findings),
             audited_file_count: coverage.audited_file_count,
             excluded_file_count: coverage.excluded_file_count,
+            budget_deferred_task_count: coverage.budget_deferred_task_count,
             runtime_validation_status_breakdown: runtimeStatusBreakdown(params.runtimeValidationReport),
         },
         findings,
@@ -117,7 +120,11 @@ export function renderAuditReportMarkdown(report, options = {}) {
     if (report.executive_summary && report.executive_summary.trim().length > 0) {
         lines.push("## Executive Summary", "", report.executive_summary.trim(), "");
     }
-    lines.push("## Summary", "", `- Findings: ${report.summary.finding_count}`, `- Work blocks: ${report.summary.work_block_count}`, `- Severity breakdown: ${formatSeverityList(report.summary.severity_breakdown)}`, `- Fully audited files: ${report.summary.audited_file_count}`, `- Excluded non-auditable files: ${report.summary.excluded_file_count}`, "");
+    lines.push("## Summary", "", `- Findings: ${report.summary.finding_count}`, `- Work blocks: ${report.summary.work_block_count}`, `- Severity breakdown: ${formatSeverityList(report.summary.severity_breakdown)}`, `- Fully audited files: ${report.summary.audited_file_count}`, `- Excluded non-auditable files: ${report.summary.excluded_file_count}`, ...((report.summary.budget_deferred_task_count ?? 0) > 0
+        ? [
+            `- Not audited (budget): ${report.summary.budget_deferred_task_count} task(s) skipped by packet budget cap`,
+        ]
+        : []), "");
     if (report.top_risks && report.top_risks.length > 0) {
         lines.push("## Top Risks", "");
         for (const risk of report.top_risks) {
@@ -186,6 +193,14 @@ export function renderAuditReportMarkdown(report, options = {}) {
             lines.push("", scope.dropped_note);
         }
     }
+    else if (scope && scope.mode === "budget") {
+        lines.push(`**Partial audit (budget cap).** This run dispatched only the top-${scope.budget?.max_files ?? "K"} packet(s); ` +
+            `${scope.deferred_packet_count ?? 0} packet(s) covering ${scope.deferred_task_ids?.length ?? 0} task(s) were deferred and NOT audited. ` +
+            `Findings above reflect only the audited subset. **A full audit is advised before release.**`);
+        if (scope.dropped_note) {
+            lines.push("", scope.dropped_note);
+        }
+    }
     else {
         lines.push("This report is deterministic output from the completed audit. Non-auditable files were excluded from scope before task generation.");
     }

package/dist/supervisor/operatorHandoff.js

@@ -24,9 +24,11 @@ const NON_PENDING_OBLIGATION_STATES = new Set([
 const INTERACTIVE_PROVIDER_OPTIONS = [
     "auto",
     "claude-code",
+    "codex",
     "opencode",
     "subprocess-template",
     "vscode-task",
+    "antigravity",
 ];
 function quoteShellPath(filePath) {
     // The handoff renders a single shell argument, so the snippet only needs
@@ -252,7 +254,12 @@ export function buildAuditCodeHandoff(params) {
             current_task: artifactPaths.current_task,
             current_prompt: artifactPaths.current_prompt,
             audit_results: params.activeReviewRun.audit_results_path,
-            final_report: join(params.root, AUDIT_REPORT_FILENAME),
+            // Synthesis writes the report into the artifacts dir; it is only promoted
+            // to <repo-root>/audit-report.md at completion (which then removes the
+            // artifacts dir). A blocked-for-review handoff happens before that, so the
+            // advertised deliverable must point at its real mid-run location, not the
+            // repo-root path that does not exist yet.
+            final_report: join(params.artifactsDir, AUDIT_REPORT_FILENAME),
         };
     }
     return handoff;

package/dist/types/auditScope.d.ts

@@ -19,8 +19,12 @@ export interface AuditScopeBudget {
     max_files: number;
 }
 export interface AuditScopeManifest {
-    /** `full` audits every auditable file; `delta` scopes to a changed neighbourhood. */
-    mode: "full" | "delta";
+    /**
+     * `full` audits every auditable file; `delta` scopes to a changed
+     * neighbourhood; `budget` dispatches only the top-K review packets under a
+     * `max_packets` cap and defers the rest.
+     */
+    mode: "full" | "delta" | "budget";
     /** Git ref/SHA the delta was measured against; `null` in full mode. */
     since: string | null;
     /**
@@ -40,4 +44,14 @@ export interface AuditScopeManifest {
      * requested `--since` could not be honoured and the run fell back to full.
      */
     dropped_note?: string;
+    /**
+     * When `mode === 'budget'`: the number of review packets that were NOT
+     * dispatched due to the `max_packets` cap. Present only in budget mode.
+     */
+    deferred_packet_count?: number;
+    /**
+     * When `mode === 'budget'`: the task_ids skipped due to the budget cap.
+     * Present only in budget mode.
+     */
+    deferred_task_ids?: string[];
 }