auditor-lambda 0.9.2 → 0.10.0

package/scripts/postinstall.mjs

@@ -92,114 +92,6 @@ function renderOpenCodeExternalDirectoryPermission() {
   return { '*': 'allow' };
 }
 
-function renderGlobalMcpLauncher(installedPkgRoot) {
-  return [
-    "import { access, readFile, appendFile } from 'node:fs/promises';",
-    "import { constants } from 'node:fs';",
-    "import { spawn } from 'node:child_process';",
-    "import { join } from 'node:path';",
-    "import { homedir } from 'node:os';",
-    '',
-    "const repoRoot = process.env.AUDIT_CODE_REPO_ROOT || process.cwd();",
-    "const artifactsDir = process.env.AUDIT_CODE_ARTIFACTS_DIR || join(repoRoot, '.audit-artifacts');",
-    `const globalPackageRoot = ${JSON.stringify(installedPkgRoot)};`,
-    "const logPath = join(homedir(), '.audit-code', 'mcp-server.log');",
-    '',
-    'async function log(msg) {',
-    '  try {',
-    '    const ts = new Date().toISOString();',
-    "    await appendFile(logPath, `${ts} ${msg}\\n`, 'utf8');",
-    '  } catch {',
-    '    // ignore log failures',
-    '  }',
-    '}',
-    '',
-    'async function exists(path) {',
-    '  try {',
-    '    await access(path, constants.F_OK);',
-    '    return true;',
-    '  } catch {',
-    '    return false;',
-    '  }',
-    '}',
-    '',
-    'function spawnForward(command, args) {',
-    '  return new Promise((resolvePromise, rejectPromise) => {',
-    '    const child = spawn(command, args, {',
-    '      cwd: repoRoot,',
-    '      env: process.env,',
-    "      stdio: ['inherit', 'inherit', 'inherit'],",
-    '    });',
-    "    child.on('error', rejectPromise);",
-    "    child.on('exit', (code) => resolvePromise(code ?? 1));",
-    '  });',
-    '}',
-    '',
-    'async function tryCandidates() {',
-    "  const localPackageEntrypoint = join(repoRoot, 'node_modules', 'auditor-lambda', 'audit-code.mjs');",
-    "  const localBin = process.platform === 'win32'",
-    "    ? join(repoRoot, 'node_modules', '.bin', 'audit-code.cmd')",
-    "    : join(repoRoot, 'node_modules', '.bin', 'audit-code');",
-    "  const repoPackageJsonPath = join(repoRoot, 'package.json');",
-    "  const globalPackageEntrypoint = globalPackageRoot ? join(globalPackageRoot, 'audit-code.mjs') : null;",
-    "  const sharedArgs = ['mcp', '--root', repoRoot, '--artifacts-dir', artifactsDir];",
-    '',
-    '  if (await exists(localPackageEntrypoint)) {',
-    "    await log(`launching local node_modules candidate: ${localPackageEntrypoint}`);",
-    '    return await spawnForward(process.execPath, [localPackageEntrypoint, ...sharedArgs]);',
-    '  }',
-    '',
-    "  if (await exists(repoPackageJsonPath) && await exists(join(repoRoot, 'audit-code.mjs'))) {",
-    '    try {',
-    "      const packageJson = JSON.parse(await readFile(repoPackageJsonPath, 'utf8'));",
-    "      if (packageJson?.name === 'auditor-lambda') {",
-    "        await log(`launching repo-root candidate: ${join(repoRoot, 'audit-code.mjs')}`);",
-    "        return await spawnForward(process.execPath, [join(repoRoot, 'audit-code.mjs'), ...sharedArgs]);",
-    '      }',
-    '    } catch {',
-    '      // fall through to the next candidate',
-    '    }',
-    '  }',
-    '',
-    '  if (globalPackageEntrypoint && await exists(globalPackageEntrypoint)) {',
-    "    await log(`launching global candidate: ${globalPackageEntrypoint}`);",
-    '    return await spawnForward(process.execPath, [globalPackageEntrypoint, ...sharedArgs]);',
-    '  }',
-    '',
-    '  if (await exists(localBin)) {',
-    "    await log(`launching local bin candidate: ${localBin}`);",
-    '    return await spawnForward(localBin, sharedArgs);',
-    '  }',
-    '',
-    "  const pathCandidate = process.platform === 'win32' ? 'audit-code.cmd' : 'audit-code';",
-    "  await log(`trying PATH candidate: ${pathCandidate}`);",
-    '  let exitCode = await spawnForward(pathCandidate, sharedArgs).catch(() => null);',
-    "  if (typeof exitCode === 'number') {",
-    '    return exitCode;',
-    '  }',
-    '',
-    "  exitCode = await spawnForward('npx', ['--no-install', 'audit-code', ...sharedArgs]).catch(() => null);",
-    "  if (typeof exitCode === 'number') {",
-    '    return exitCode;',
-    '  }',
-    '',
-    "  await log('ERROR: no candidate found');",
-    '  throw new Error(',
-    "    'Unable to locate an audit-code executable. Install auditor-lambda globally or as a local dependency.',",
-    '  );',
-    '}',
-    '',
-    "log(`run-mcp-server.mjs started: node=${process.execPath} cwd=${repoRoot} globalPkg=${globalPackageRoot}`).catch(() => {});",
-    'const code = await tryCandidates().catch(async (err) => {',
-    "  await log(`FATAL: ${err.message}`);",
-    '  process.stderr.write(err.message + "\\n");',
-    '  return 1;',
-    '});',
-    'process.exitCode = code;',
-    '',
-  ].join('\n');
-}
-
 function objectValue(value) {
   return value && typeof value === 'object' && !Array.isArray(value)
     ? value
@@ -284,7 +176,6 @@ function mergeOpenCodeGlobalConfig(existing) {
   const parsed = existing ? JSON.parse(existing) : {};
   const auditPermission = renderOpenCodePermissionConfig();
   const existingAuditor = objectValue(objectValue(parsed.agent).auditor);
-  const pkgEntrypoint = replaceBackslashes(join(pkgRoot, 'audit-code.mjs'));
   return {
     ...parsed,
     command: {
@@ -298,15 +189,6 @@ function mergeOpenCodeGlobalConfig(existing) {
         subtask: false,
       },
     },
-    mcp: {
-      ...objectValue(parsed.mcp),
-      auditor: {
-        type: 'local',
-        command: ['node', pkgEntrypoint, 'mcp'],
-        enabled: true,
-        timeout: 10000,
-      },
-    },
     permission: {
       ...mergeOpenCodePermissionConfig(parsed.permission, auditPermission),
       external_directory: { '*': 'allow' },
@@ -334,33 +216,6 @@ function claudePluginExternalDir() {
   return join(homedir(), '.claude', 'plugins', 'marketplaces', 'claude-plugins-official', 'external_plugins', 'audit-code');
 }
 
-function claudeDesktopConfigPath() {
-  if (process.platform === 'win32') {
-    return join(process.env.APPDATA || join(homedir(), 'AppData', 'Roaming'), 'Claude', 'claude_desktop_config.json');
-  }
-  if (process.platform === 'darwin') {
-    return join(homedir(), 'Library', 'Application Support', 'Claude', 'claude_desktop_config.json');
-  }
-  return join(homedir(), '.config', 'Claude', 'claude_desktop_config.json');
-}
-
-function mergeClaudeDesktopConfig(existing, globalMcpLauncherPath) {
-  const parsed = existing ? JSON.parse(existing) : {};
-  const mcpServers = parsed.mcpServers && typeof parsed.mcpServers === 'object' && !Array.isArray(parsed.mcpServers)
-    ? parsed.mcpServers
-    : {};
-  return {
-    ...parsed,
-    mcpServers: {
-      ...mcpServers,
-      auditor: {
-        command: 'node',
-        args: [replaceBackslashes(globalMcpLauncherPath)],
-      },
-    },
-  };
-}
-
 function installMergedJson(path, buildMerged) {
   const existing = existsSync(path) ? readFileSync(path, 'utf8') : null;
   const merged = buildMerged(existing);
@@ -429,17 +284,6 @@ for (const install of installs) {
   }
 }
 
-// Install global MCP launcher for OpenCode (and other hosts that support global config)
-const globalMcpLauncherPath = join(homedir(), '.audit-code', 'run-mcp-server.mjs');
-try {
-  const action = writeGeneratedFile(globalMcpLauncherPath, Buffer.from(renderGlobalMcpLauncher(pkgRoot)));
-  console.log(`audit-code: ${action} global MCP launcher at ${globalMcpLauncherPath}`);
-  succeeded++;
-} catch (err) {
-  console.warn(`audit-code: could not install global MCP launcher (${err.message})`);
-  failed++;
-}
-
 // Install OpenCode global command and MCP via merged config
 const opencodeGlobalConfig = join(homedir(), '.config', 'opencode', 'opencode.json');
 try {
@@ -515,22 +359,4 @@ try {
   failed++;
 }
 
-// Register auditor MCP server with Claude Desktop so /audit-code appears in its slash-command menu
-const claudeDesktopConfig = claudeDesktopConfigPath();
-try {
-  const action = installMergedJson(claudeDesktopConfig, (existing) =>
-    mergeClaudeDesktopConfig(existing, globalMcpLauncherPath),
-  );
-  console.log(`audit-code: ${action} Claude Desktop MCP server entry in ${claudeDesktopConfig}`);
-  console.log(`audit-code: restart Claude Desktop for /audit-code to appear`);
-  console.log(`audit-code: to target a specific repo, set AUDIT_CODE_REPO_ROOT in Claude Desktop's MCP env settings`);
-  succeeded++;
-} catch (err) {
-  console.warn(`audit-code: could not update Claude Desktop config (${err.message})`);
-  console.warn(`  To register manually, add "mcpServers.auditor" to:`);
-  console.warn(`    ${claudeDesktopConfig}`);
-  console.warn(`  with command "node" and args ["${replaceBackslashes(globalMcpLauncherPath)}"]`);
-  failed++;
-}
-
 console.log(`audit-code: postinstall complete — ${succeeded} succeeded, ${failed} failed (${Date.now() - postinstallStart}ms)`);

package/skills/audit-code/SKILL.md

@@ -22,7 +22,9 @@ dispatch them. The conversation orchestrator owns dispatch and ingestion control
 it should not perform broad review itself when subagents are available.
 Entering `/audit-code` is explicit user authorization to fan out those review
 subagents; do not require a separate delegation request before parallel
-dispatch.
+dispatch — unless `confirmation_recommended` is true (agent_count exceeds
+`sessionConfig.dispatch.confirm_threshold`, default 10), in which case pause for
+user confirmation.
 
 If the host cannot delegate to subagents, the conversation orchestrator may
 complete exactly one assigned review task, ingest it through the provided backend
@@ -36,6 +38,20 @@ the orchestrator does not need to infer the first task from a broad batch prompt
 Subagent fan-out belongs to the host agent runtime rather than to repo-local
 backend provider settings.
 
+### Scope confirmation
+
+The loader emits a scope summary after the intake step (the first `next-step`):
+the resolved repo root, the auditable file count, whether git is available, and
+any mis-scope smells. It echoes `Auditing <root>, <N> files, git: yes/no` so the
+operator can see exactly what is about to be audited. When a mis-scope smell is
+set — the resolved root has no `.git` but an ancestor does, or the root is a
+workspace member of a parent monorepo — the loader pauses and requires explicit
+confirmation before continuing. Expect the workflow to pause on the first step
+when targeting a workspace subdirectory or a non-git root whose ancestor is a
+repo; in the normal case the echo is informational and the run proceeds without
+interruption. Resolution behaviour is unchanged — only the visibility and the
+confirm gate are added.
+
 When dispatch-plan entries include provider-neutral complexity and
 `model_hint.tier` metadata, a capable host may map those tiers to its own
 subagent models. The backend should not prescribe concrete model names.

package/skills/audit-code/audit-code.prompt.md

@@ -48,6 +48,31 @@ follow only that prompt. Do not read packet prompts, schemas, command catalogs,
 or handoff files unless the current step prompt explicitly instructs you to do
 so.
 
+If the returned step is a dispatch step, before launching subagents check
+`progress.confirmation_recommended` in `steps/current-step.json`:
+
+- If `progress.confirmation_recommended` is `true`, pause and ask the user:
+  "Ready to launch **{progress.dispatch_summary}** — continue?"
+  Wait for an affirmative reply before proceeding with subagent dispatch.
+- If `progress.confirmation_recommended` is `false` (or absent), proceed
+  immediately.
+
+After the **first** `next-step` (the intake step) completes, confirm the audit
+scope before proceeding. Read `scope_summary.json` from the `.audit-artifacts/`
+directory (if absent, extract the JSON that follows the `SCOPE_SUMMARY:` marker
+at the start of the step's `progress_summary`). It contains `repo_root`,
+`auditable_file_count`, `git_available`, and `mis_scope_smells`. Then:
+
+- Echo one informational line to the user:
+  `Auditing <repo_root>, <auditable_file_count> files, git: <yes|no>`.
+- If `mis_scope_smells` is **non-empty**, display each smell as a warning and ask
+  `Auditing <repo_root>, <auditable_file_count> files, git: <yes|no> — proceed? (yes/no)`.
+  Wait for an affirmative reply before the next `next-step`. If the user declines,
+  stop and suggest the correct root (e.g. the ancestor git repo or monorepo root
+  named in the smell).
+- If `mis_scope_smells` is empty, the echo is informational only — continue
+  automatically without interrupting the workflow.
+
 Use MCP tools only as a compatibility adapter when direct shell access to
 `audit-code next-step` is unavailable. The MCP `start_audit` and
 `continue_audit` tools return the same one-step contract; they are not a

package/dist/mcp/server.d.ts

@@ -1,72 +0,0 @@
-interface ServerOptions {
-    root: string;
-    artifactsDir: string;
-}
-interface JsonRpcRequest {
-    jsonrpc?: string;
-    id?: string | number | null;
-    method?: string;
-    params?: Record<string, unknown>;
-}
-interface JsonRpcResponse {
-    jsonrpc: "2.0";
-    id: string | number | null;
-    result?: unknown;
-    error?: {
-        code: number;
-        message: string;
-        data?: unknown;
-    };
-}
-interface ToolCallContext {
-    root: string;
-    artifactsDir: string;
-}
-export declare function parseContentLength(headerBlock: string): number;
-interface ResourceRegistryEntry {
-    uri: string;
-    name: string;
-    description: string;
-    mimeType: string;
-    read: (context: ToolCallContext) => Promise<{
-        mimeType: string;
-        text: string;
-    }>;
-}
-export declare const resourceRegistry: ResourceRegistryEntry[];
-interface PromptRegistryEntry {
-    name: string;
-    description: string;
-    arguments: Array<{
-        name: string;
-        required?: boolean;
-        description: string;
-    }>;
-    render: (args: Record<string, unknown> | undefined) => string;
-}
-export declare const promptRegistry: PromptRegistryEntry[];
-/**
- * Extract zero or more complete Content-Length framed messages from a buffer.
- * Returns an array of parsed body strings and the remaining unconsumed buffer.
- * On framing errors, emits a framing error response via `emit` and resets the buffer.
- */
-export declare function extractFrames(buffer: Buffer, emit: (response: JsonRpcResponse) => void): {
-    bodies: string[];
-    remaining: Buffer<ArrayBufferLike>;
-};
-interface DispatchContext {
-    version: string;
-    defaults: ServerOptions;
-    shutdownRequested: boolean;
-}
-/**
- * Dispatch a single JSON-RPC request and return the response(s) to send,
- * plus updated shutdown state.
- */
-export declare function dispatchRequest(request: JsonRpcRequest, ctx: DispatchContext): Promise<{
-    responses: JsonRpcResponse[];
-    shutdownRequested: boolean;
-    exit?: number;
-}>;
-export declare function runAuditCodeMcpServer(argv: string[]): Promise<void>;
-export {};