auditor-lambda 0.9.1 → 0.10.0

package/dist/validation/sessionConfig.js

@@ -164,7 +164,9 @@ export function validateSessionConfig(value) {
     }
     validateTemplateProviderSection(value.subprocess_template, "subprocess_template", issues, provider === "subprocess-template");
     validateTemplateProviderSection(value.vscode_task, "vscode_task", issues, provider === "vscode-task");
+    validateTemplateProviderSection(value.antigravity, "antigravity", issues, provider === "antigravity");
     validateAgentProviderSection(value.claude_code, "claude_code", issues);
+    validateAgentProviderSection(value.codex, "codex", issues);
     validateAgentProviderSection(value.opencode, "opencode", issues);
     if (value.synthesis !== undefined) {
         if (!isRecord(value.synthesis)) {
@@ -175,6 +177,27 @@ export function validateSessionConfig(value) {
             pushIssue(issues, "synthesis.narrative", "synthesis.narrative must be a boolean when provided.");
         }
     }
+    if (value.dispatch !== undefined) {
+        if (!isRecord(value.dispatch)) {
+            pushIssue(issues, "dispatch", "dispatch must be a JSON object.");
+        }
+        else {
+            if (value.dispatch.canary !== undefined &&
+                typeof value.dispatch.canary !== "boolean") {
+                pushIssue(issues, "dispatch.canary", "dispatch.canary must be a boolean when provided.");
+            }
+            if (value.dispatch.confirm_threshold !== undefined &&
+                (!Number.isInteger(value.dispatch.confirm_threshold) ||
+                    Number(value.dispatch.confirm_threshold) < 0)) {
+                pushIssue(issues, "dispatch.confirm_threshold", "dispatch.confirm_threshold must be a non-negative integer when provided.");
+            }
+            if (value.dispatch.max_packets !== undefined &&
+                (!Number.isInteger(value.dispatch.max_packets) ||
+                    Number(value.dispatch.max_packets) < 0)) {
+                pushIssue(issues, "dispatch.max_packets", "dispatch.max_packets must be a non-negative integer when provided.");
+            }
+        }
+    }
     if (value.analyzers !== undefined) {
         if (!isRecord(value.analyzers)) {
             pushIssue(issues, "analyzers", "analyzers must be a JSON object mapping analyzer id to a setting.");
@@ -219,6 +242,18 @@ export async function validateConfiguredProviderEnvironment(sessionConfig, optio
             pushIssue(issues, "opencode.command", "Configured opencode command must be a bare executable name or direct path. Put CLI flags in extra_args.");
         }
     }
+    if (provider === "codex") {
+        const command = sessionConfig.codex?.command ?? "codex";
+        if (isBareExecutableName(command) && !(await lookupCommand(command))) {
+            pushIssue(issues, "codex.command", `Configured codex executable was not found on PATH: ${command}.`);
+        }
+        else if (isDirectExecutablePath(command) && !lookupPath(command)) {
+            pushIssue(issues, "codex.command", `Configured codex executable path does not exist: ${command}.`);
+        }
+        else if (!isSupportedConfiguredCommand(command)) {
+            pushIssue(issues, "codex.command", "Configured codex command must be a bare executable name or direct path. Put CLI flags in extra_args.");
+        }
+    }
     return issues;
 }
 export { formatValidationIssues } from "@audit-tools/shared";

package/docs/contracts.md

@@ -214,22 +214,6 @@ Review packets may expose graph-derived context for workers:
 - `quality` metrics for cohesion, internal edges, boundary edges, and
   unexplained files
 
-## MCP contract
-
-The local MCP server exposes:
-
-- `start_audit`
-- `get_status`
-- `continue_audit`
-- `explain_task`
-- `validate_artifacts`
-- `import_results`
-- `import_runtime_updates`
-
-It also exposes resources for current artifacts, operator handoff, install
-guidance, and the current report. MCP consumers should prefer the tool and
-resource contracts over reading internal files directly.
-
 ## Guided recovery
 
 Failure responses should distinguish:

package/docs/operator-guide.md

@@ -43,9 +43,9 @@ Host-specific files may include:
 
 - Codex: managed `AGENTS.md` fallback guidance
 - Claude Desktop: project template, remote MCP connector, local MCP bundle
-- OpenCode: `opencode.json` with auditor MCP server and permission wiring; the `/audit-code` command is global npm-installed state
+- OpenCode: `opencode.json` with auditor agent and permission wiring; the `/audit-code` command is global npm-installed state
 - VS Code/Copilot: prompt, custom agent, instructions, and `.vscode/mcp.json`
-- Antigravity: planning-mode and MCP-oriented guidance
+- Antigravity: planning-mode guidance
 
 Use `.audit-code/install/GETTING-STARTED.md` as the repo-local handoff after
 bootstrap.
@@ -61,18 +61,17 @@ repo-local `AGENTS.md` fallback guidance. The installed skill includes
 `agents/openai.yaml` metadata so Codex can keep the slash-list display aligned
 with the canonical `/audit-code` spelling.
 
-Claude Desktop is treated as an MCP-first host. Use the generated project
+Claude Desktop is treated as a bundle-install host. Use the generated project
 template and local bundle artifacts when installing the integration.
 
 OpenCode uses the global command seeded by `npm install -g auditor-lambda`.
 The generated project `opencode.json` should not define `command["audit-code"]`;
-it only wires the auditor MCP server and project permissions. VS Code uses
+it only wires the auditor agent and project permissions. VS Code uses
 repo-local prompt and MCP configuration files.
 
 Antigravity should be treated as a workflow-and-artifacts host until it has a
-stable project-local config surface. Use generated planning-mode guidance,
-MCP tools/resources, or the backend fallback from an Antigravity-managed
-terminal when needed.
+stable project-local config surface. Use generated planning-mode guidance
+or the backend fallback from an Antigravity-managed terminal when needed.
 
 Manual prompt-import hosts can use:
 
@@ -110,7 +109,6 @@ audit-code --external-analyzer-results /path/to/external_analyzer_results.json
 audit-code explain-task <task_id>
 audit-code validate
 audit-code cleanup
-audit-code mcp
 ```
 
 `audit-code next-step` is the backend-rendered step engine used by the

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "auditor-lambda",
-  "version": "0.9.1",
+  "version": "0.10.0",
   "private": false,
   "description": "Portable hybrid code-auditing framework for arbitrary repositories.",
   "type": "module",

package/schemas/audit_findings.schema.json

@@ -26,6 +26,7 @@
         },
         "audited_file_count": { "type": "integer", "minimum": 0 },
         "excluded_file_count": { "type": "integer", "minimum": 0 },
+        "budget_deferred_task_count": { "type": "integer", "minimum": 0 },
         "runtime_validation_status_breakdown": {
           "type": "object",
           "additionalProperties": { "type": "integer", "minimum": 0 }

package/scripts/postinstall.mjs

@@ -92,114 +92,6 @@ function renderOpenCodeExternalDirectoryPermission() {
   return { '*': 'allow' };
 }
 
-function renderGlobalMcpLauncher(installedPkgRoot) {
-  return [
-    "import { access, readFile, appendFile } from 'node:fs/promises';",
-    "import { constants } from 'node:fs';",
-    "import { spawn } from 'node:child_process';",
-    "import { join } from 'node:path';",
-    "import { homedir } from 'node:os';",
-    '',
-    "const repoRoot = process.env.AUDIT_CODE_REPO_ROOT || process.cwd();",
-    "const artifactsDir = process.env.AUDIT_CODE_ARTIFACTS_DIR || join(repoRoot, '.audit-artifacts');",
-    `const globalPackageRoot = ${JSON.stringify(installedPkgRoot)};`,
-    "const logPath = join(homedir(), '.audit-code', 'mcp-server.log');",
-    '',
-    'async function log(msg) {',
-    '  try {',
-    '    const ts = new Date().toISOString();',
-    "    await appendFile(logPath, `${ts} ${msg}\\n`, 'utf8');",
-    '  } catch {',
-    '    // ignore log failures',
-    '  }',
-    '}',
-    '',
-    'async function exists(path) {',
-    '  try {',
-    '    await access(path, constants.F_OK);',
-    '    return true;',
-    '  } catch {',
-    '    return false;',
-    '  }',
-    '}',
-    '',
-    'function spawnForward(command, args) {',
-    '  return new Promise((resolvePromise, rejectPromise) => {',
-    '    const child = spawn(command, args, {',
-    '      cwd: repoRoot,',
-    '      env: process.env,',
-    "      stdio: ['inherit', 'inherit', 'inherit'],",
-    '    });',
-    "    child.on('error', rejectPromise);",
-    "    child.on('exit', (code) => resolvePromise(code ?? 1));",
-    '  });',
-    '}',
-    '',
-    'async function tryCandidates() {',
-    "  const localPackageEntrypoint = join(repoRoot, 'node_modules', 'auditor-lambda', 'audit-code.mjs');",
-    "  const localBin = process.platform === 'win32'",
-    "    ? join(repoRoot, 'node_modules', '.bin', 'audit-code.cmd')",
-    "    : join(repoRoot, 'node_modules', '.bin', 'audit-code');",
-    "  const repoPackageJsonPath = join(repoRoot, 'package.json');",
-    "  const globalPackageEntrypoint = globalPackageRoot ? join(globalPackageRoot, 'audit-code.mjs') : null;",
-    "  const sharedArgs = ['mcp', '--root', repoRoot, '--artifacts-dir', artifactsDir];",
-    '',
-    '  if (await exists(localPackageEntrypoint)) {',
-    "    await log(`launching local node_modules candidate: ${localPackageEntrypoint}`);",
-    '    return await spawnForward(process.execPath, [localPackageEntrypoint, ...sharedArgs]);',
-    '  }',
-    '',
-    "  if (await exists(repoPackageJsonPath) && await exists(join(repoRoot, 'audit-code.mjs'))) {",
-    '    try {',
-    "      const packageJson = JSON.parse(await readFile(repoPackageJsonPath, 'utf8'));",
-    "      if (packageJson?.name === 'auditor-lambda') {",
-    "        await log(`launching repo-root candidate: ${join(repoRoot, 'audit-code.mjs')}`);",
-    "        return await spawnForward(process.execPath, [join(repoRoot, 'audit-code.mjs'), ...sharedArgs]);",
-    '      }',
-    '    } catch {',
-    '      // fall through to the next candidate',
-    '    }',
-    '  }',
-    '',
-    '  if (globalPackageEntrypoint && await exists(globalPackageEntrypoint)) {',
-    "    await log(`launching global candidate: ${globalPackageEntrypoint}`);",
-    '    return await spawnForward(process.execPath, [globalPackageEntrypoint, ...sharedArgs]);',
-    '  }',
-    '',
-    '  if (await exists(localBin)) {',
-    "    await log(`launching local bin candidate: ${localBin}`);",
-    '    return await spawnForward(localBin, sharedArgs);',
-    '  }',
-    '',
-    "  const pathCandidate = process.platform === 'win32' ? 'audit-code.cmd' : 'audit-code';",
-    "  await log(`trying PATH candidate: ${pathCandidate}`);",
-    '  let exitCode = await spawnForward(pathCandidate, sharedArgs).catch(() => null);',
-    "  if (typeof exitCode === 'number') {",
-    '    return exitCode;',
-    '  }',
-    '',
-    "  exitCode = await spawnForward('npx', ['--no-install', 'audit-code', ...sharedArgs]).catch(() => null);",
-    "  if (typeof exitCode === 'number') {",
-    '    return exitCode;',
-    '  }',
-    '',
-    "  await log('ERROR: no candidate found');",
-    '  throw new Error(',
-    "    'Unable to locate an audit-code executable. Install auditor-lambda globally or as a local dependency.',",
-    '  );',
-    '}',
-    '',
-    "log(`run-mcp-server.mjs started: node=${process.execPath} cwd=${repoRoot} globalPkg=${globalPackageRoot}`).catch(() => {});",
-    'const code = await tryCandidates().catch(async (err) => {',
-    "  await log(`FATAL: ${err.message}`);",
-    '  process.stderr.write(err.message + "\\n");',
-    '  return 1;',
-    '});',
-    'process.exitCode = code;',
-    '',
-  ].join('\n');
-}
-
 function objectValue(value) {
   return value && typeof value === 'object' && !Array.isArray(value)
     ? value
@@ -284,7 +176,6 @@ function mergeOpenCodeGlobalConfig(existing) {
   const parsed = existing ? JSON.parse(existing) : {};
   const auditPermission = renderOpenCodePermissionConfig();
   const existingAuditor = objectValue(objectValue(parsed.agent).auditor);
-  const pkgEntrypoint = replaceBackslashes(join(pkgRoot, 'audit-code.mjs'));
   return {
     ...parsed,
     command: {
@@ -298,15 +189,6 @@ function mergeOpenCodeGlobalConfig(existing) {
         subtask: false,
       },
     },
-    mcp: {
-      ...objectValue(parsed.mcp),
-      auditor: {
-        type: 'local',
-        command: ['node', pkgEntrypoint, 'mcp'],
-        enabled: true,
-        timeout: 10000,
-      },
-    },
     permission: {
       ...mergeOpenCodePermissionConfig(parsed.permission, auditPermission),
       external_directory: { '*': 'allow' },
@@ -334,33 +216,6 @@ function claudePluginExternalDir() {
   return join(homedir(), '.claude', 'plugins', 'marketplaces', 'claude-plugins-official', 'external_plugins', 'audit-code');
 }
 
-function claudeDesktopConfigPath() {
-  if (process.platform === 'win32') {
-    return join(process.env.APPDATA || join(homedir(), 'AppData', 'Roaming'), 'Claude', 'claude_desktop_config.json');
-  }
-  if (process.platform === 'darwin') {
-    return join(homedir(), 'Library', 'Application Support', 'Claude', 'claude_desktop_config.json');
-  }
-  return join(homedir(), '.config', 'Claude', 'claude_desktop_config.json');
-}
-
-function mergeClaudeDesktopConfig(existing, globalMcpLauncherPath) {
-  const parsed = existing ? JSON.parse(existing) : {};
-  const mcpServers = parsed.mcpServers && typeof parsed.mcpServers === 'object' && !Array.isArray(parsed.mcpServers)
-    ? parsed.mcpServers
-    : {};
-  return {
-    ...parsed,
-    mcpServers: {
-      ...mcpServers,
-      auditor: {
-        command: 'node',
-        args: [replaceBackslashes(globalMcpLauncherPath)],
-      },
-    },
-  };
-}
-
 function installMergedJson(path, buildMerged) {
   const existing = existsSync(path) ? readFileSync(path, 'utf8') : null;
   const merged = buildMerged(existing);
@@ -429,17 +284,6 @@ for (const install of installs) {
   }
 }
 
-// Install global MCP launcher for OpenCode (and other hosts that support global config)
-const globalMcpLauncherPath = join(homedir(), '.audit-code', 'run-mcp-server.mjs');
-try {
-  const action = writeGeneratedFile(globalMcpLauncherPath, Buffer.from(renderGlobalMcpLauncher(pkgRoot)));
-  console.log(`audit-code: ${action} global MCP launcher at ${globalMcpLauncherPath}`);
-  succeeded++;
-} catch (err) {
-  console.warn(`audit-code: could not install global MCP launcher (${err.message})`);
-  failed++;
-}
-
 // Install OpenCode global command and MCP via merged config
 const opencodeGlobalConfig = join(homedir(), '.config', 'opencode', 'opencode.json');
 try {
@@ -515,22 +359,4 @@ try {
   failed++;
 }
 
-// Register auditor MCP server with Claude Desktop so /audit-code appears in its slash-command menu
-const claudeDesktopConfig = claudeDesktopConfigPath();
-try {
-  const action = installMergedJson(claudeDesktopConfig, (existing) =>
-    mergeClaudeDesktopConfig(existing, globalMcpLauncherPath),
-  );
-  console.log(`audit-code: ${action} Claude Desktop MCP server entry in ${claudeDesktopConfig}`);
-  console.log(`audit-code: restart Claude Desktop for /audit-code to appear`);
-  console.log(`audit-code: to target a specific repo, set AUDIT_CODE_REPO_ROOT in Claude Desktop's MCP env settings`);
-  succeeded++;
-} catch (err) {
-  console.warn(`audit-code: could not update Claude Desktop config (${err.message})`);
-  console.warn(`  To register manually, add "mcpServers.auditor" to:`);
-  console.warn(`    ${claudeDesktopConfig}`);
-  console.warn(`  with command "node" and args ["${replaceBackslashes(globalMcpLauncherPath)}"]`);
-  failed++;
-}
-
 console.log(`audit-code: postinstall complete — ${succeeded} succeeded, ${failed} failed (${Date.now() - postinstallStart}ms)`);

package/skills/audit-code/SKILL.md

@@ -22,7 +22,9 @@ dispatch them. The conversation orchestrator owns dispatch and ingestion control
 it should not perform broad review itself when subagents are available.
 Entering `/audit-code` is explicit user authorization to fan out those review
 subagents; do not require a separate delegation request before parallel
-dispatch.
+dispatch — unless `confirmation_recommended` is true (agent_count exceeds
+`sessionConfig.dispatch.confirm_threshold`, default 10), in which case pause for
+user confirmation.
 
 If the host cannot delegate to subagents, the conversation orchestrator may
 complete exactly one assigned review task, ingest it through the provided backend
@@ -36,6 +38,20 @@ the orchestrator does not need to infer the first task from a broad batch prompt
 Subagent fan-out belongs to the host agent runtime rather than to repo-local
 backend provider settings.
 
+### Scope confirmation
+
+The loader emits a scope summary after the intake step (the first `next-step`):
+the resolved repo root, the auditable file count, whether git is available, and
+any mis-scope smells. It echoes `Auditing <root>, <N> files, git: yes/no` so the
+operator can see exactly what is about to be audited. When a mis-scope smell is
+set — the resolved root has no `.git` but an ancestor does, or the root is a
+workspace member of a parent monorepo — the loader pauses and requires explicit
+confirmation before continuing. Expect the workflow to pause on the first step
+when targeting a workspace subdirectory or a non-git root whose ancestor is a
+repo; in the normal case the echo is informational and the run proceeds without
+interruption. Resolution behaviour is unchanged — only the visibility and the
+confirm gate are added.
+
 When dispatch-plan entries include provider-neutral complexity and
 `model_hint.tier` metadata, a capable host may map those tiers to its own
 subagent models. The backend should not prescribe concrete model names.

package/skills/audit-code/audit-code.prompt.md

@@ -48,6 +48,31 @@ follow only that prompt. Do not read packet prompts, schemas, command catalogs,
 or handoff files unless the current step prompt explicitly instructs you to do
 so.
 
+If the returned step is a dispatch step, before launching subagents check
+`progress.confirmation_recommended` in `steps/current-step.json`:
+
+- If `progress.confirmation_recommended` is `true`, pause and ask the user:
+  "Ready to launch **{progress.dispatch_summary}** — continue?"
+  Wait for an affirmative reply before proceeding with subagent dispatch.
+- If `progress.confirmation_recommended` is `false` (or absent), proceed
+  immediately.
+
+After the **first** `next-step` (the intake step) completes, confirm the audit
+scope before proceeding. Read `scope_summary.json` from the `.audit-artifacts/`
+directory (if absent, extract the JSON that follows the `SCOPE_SUMMARY:` marker
+at the start of the step's `progress_summary`). It contains `repo_root`,
+`auditable_file_count`, `git_available`, and `mis_scope_smells`. Then:
+
+- Echo one informational line to the user:
+  `Auditing <repo_root>, <auditable_file_count> files, git: <yes|no>`.
+- If `mis_scope_smells` is **non-empty**, display each smell as a warning and ask
+  `Auditing <repo_root>, <auditable_file_count> files, git: <yes|no> — proceed? (yes/no)`.
+  Wait for an affirmative reply before the next `next-step`. If the user declines,
+  stop and suggest the correct root (e.g. the ancestor git repo or monorepo root
+  named in the smell).
+- If `mis_scope_smells` is empty, the echo is informational only — continue
+  automatically without interrupting the workflow.
+
 Use MCP tools only as a compatibility adapter when direct shell access to
 `audit-code next-step` is unavailable. The MCP `start_audit` and
 `continue_audit` tools return the same one-step contract; they are not a

package/dist/mcp/server.d.ts

@@ -1,72 +0,0 @@
-interface ServerOptions {
-    root: string;
-    artifactsDir: string;
-}
-interface JsonRpcRequest {
-    jsonrpc?: string;
-    id?: string | number | null;
-    method?: string;
-    params?: Record<string, unknown>;
-}
-interface JsonRpcResponse {
-    jsonrpc: "2.0";
-    id: string | number | null;
-    result?: unknown;
-    error?: {
-        code: number;
-        message: string;
-        data?: unknown;
-    };
-}
-interface ToolCallContext {
-    root: string;
-    artifactsDir: string;
-}
-export declare function parseContentLength(headerBlock: string): number;
-interface ResourceRegistryEntry {
-    uri: string;
-    name: string;
-    description: string;
-    mimeType: string;
-    read: (context: ToolCallContext) => Promise<{
-        mimeType: string;
-        text: string;
-    }>;
-}
-export declare const resourceRegistry: ResourceRegistryEntry[];
-interface PromptRegistryEntry {
-    name: string;
-    description: string;
-    arguments: Array<{
-        name: string;
-        required?: boolean;
-        description: string;
-    }>;
-    render: (args: Record<string, unknown> | undefined) => string;
-}
-export declare const promptRegistry: PromptRegistryEntry[];
-/**
- * Extract zero or more complete Content-Length framed messages from a buffer.
- * Returns an array of parsed body strings and the remaining unconsumed buffer.
- * On framing errors, emits a framing error response via `emit` and resets the buffer.
- */
-export declare function extractFrames(buffer: Buffer, emit: (response: JsonRpcResponse) => void): {
-    bodies: string[];
-    remaining: Buffer<ArrayBufferLike>;
-};
-interface DispatchContext {
-    version: string;
-    defaults: ServerOptions;
-    shutdownRequested: boolean;
-}
-/**
- * Dispatch a single JSON-RPC request and return the response(s) to send,
- * plus updated shutdown state.
- */
-export declare function dispatchRequest(request: JsonRpcRequest, ctx: DispatchContext): Promise<{
-    responses: JsonRpcResponse[];
-    shutdownRequested: boolean;
-    exit?: number;
-}>;
-export declare function runAuditCodeMcpServer(argv: string[]): Promise<void>;
-export {};