dual-brain 4.6.0 → 4.7.0

package/hooks/gpt-work-dispatcher.mjs

@@ -9,20 +9,34 @@
  * Usage as CLI:
  *   node .claude/hooks/gpt-work-dispatcher.mjs \
  *     --task "Add tests for budget-balancer.mjs" \
- *     --model gpt-5.4 \
+ *     --tier execute \
  *     --files hooks/budget-balancer.mjs
  *
  * Usage as module:
  *   import { dispatchGptTask } from './gpt-work-dispatcher.mjs';
- *   const result = await dispatchGptTask({ task, model, files, constraints, timeoutMs });
+ *   const result = await dispatchGptTask({ task, model, tier, forceModel, files, constraints, timeoutMs });
  */
 
-import { execSync, spawnSync } from 'child_process';
+import { spawnSync } from 'child_process';
 import { appendFileSync, readFileSync } from 'fs';
 import { dirname, join } from 'path';
 import { fileURLToPath } from 'url';
 
 const __dirname = dirname(fileURLToPath(import.meta.url));
+const CONFIG_FILE = join(__dirname, '..', 'orchestrator.json');
+const EXECUTE_WORDS = /\b(edit|write|fix|implement|modify|refactor|delete|commit|test|build|run|add|update|create)\b/i;
+const SEARCH_WORDS = /\b(explore|search|find|grep|locate|list\s+files|read[-\s]?only|lookup|scan)\b/i;
+const THINK_WORDS = /\b(plan|design|architect|review|audit|security|code[-\s]?review|threat[-\s]?model|complex[-\s]?debug)\b/i;
+const GPT_TIER_SANDBOX = {
+  search: 'read-only',
+  execute: 'danger-full-access',
+  think: 'read-only',
+};
+const GPT_TIER_PROMPTS = {
+  search: 'You are a READ-ONLY search agent. Do NOT edit files.',
+  execute: 'You are an execution agent. Edit files directly.',
+  think: 'You are an architecture/review agent. Analyze and recommend, do not edit unless explicitly asked.',
+};
 
 // ---------------------------------------------------------------------------
 // Codex discovery — mirrors dual-brain-review.mjs
@@ -51,16 +65,66 @@ function findCodex() {
   return null;
 }
 
+function isCodexAuthenticated(result) {
+  const out = ((result?.stdout || '') + (result?.stderr || '')).toLowerCase();
+  if (/\b(not\s+logged\s+in|unauthenticated|logged\s+out|no\s+auth)\b/.test(out)) return false;
+  return result?.status === 0 ||
+    /\b(logged\s+in|authenticated|signed\s+in)\b/.test(out);
+}
+
 // ---------------------------------------------------------------------------
 // Prompt builder
 // ---------------------------------------------------------------------------
 
+function normalizeTier(tier) {
+  return ['search', 'execute', 'think'].includes(tier) ? tier : null;
+}
+
+function loadOrchestratorConfig() {
+  try {
+    return JSON.parse(readFileSync(CONFIG_FILE, 'utf8'));
+  } catch {
+    return null;
+  }
+}
+
+export function classifyGptTier(task) {
+  const text = [
+    task?.task,
+    ...(Array.isArray(task?.constraints) ? task.constraints : []),
+  ]
+    .filter(Boolean)
+    .join(' ');
+
+  if (THINK_WORDS.test(text)) return 'think';
+  if (EXECUTE_WORDS.test(text)) return 'execute';
+  if (SEARCH_WORDS.test(text)) return 'search';
+  return 'execute';
+}
+
+export function resolveGptModel(tier, config = loadOrchestratorConfig()) {
+  const normalizedTier = normalizeTier(tier);
+  if (!normalizedTier) return null;
+
+  const models = config?.subscriptions?.openai?.models ?? {};
+  for (const [model, meta] of Object.entries(models)) {
+    if (meta?.tier === normalizedTier) return model;
+  }
+
+  if (normalizedTier === 'think') return 'gpt-5.5';
+  if (normalizedTier === 'search') return 'gpt-4.1-mini';
+  return 'gpt-5.4';
+}
+
 function buildPrompt(task) {
+  const tierInstruction = GPT_TIER_PROMPTS[task.tier] || GPT_TIER_PROMPTS.execute;
   let prompt = `You are a GPT execution agent inside the Dual-Brain Orchestrator.
 
 Task: ${task.task}
 
-Own this task completely. Edit files directly.
+${tierInstruction}
+
+Own this task completely.
 
 `;
   if (task.files?.length) {
@@ -81,13 +145,13 @@ Own this task completely. Edit files directly.
 // Codex executor
 // ---------------------------------------------------------------------------
 
-function executeCodex(codexBin, model, prompt, cwd, timeoutMs) {
+function executeCodex(codexBin, model, prompt, cwd, timeoutMs, sandbox = 'danger-full-access') {
   const startTime = Date.now();
 
   const proc = spawnSync(codexBin, [
     'exec', '--json', '--ephemeral',
     '-m', model,
-    '-s', 'danger-full-access',
+    '-s', sandbox,
     prompt,
   ], {
     encoding: 'utf8',
@@ -154,12 +218,14 @@ const SESSION_ID = process.env.CLAUDE_SESSION_ID || process.ppid?.toString() ||
 function logUsageEvent(result, task) {
   const logFile = join(__dirname, `usage-${new Date().toISOString().slice(0, 10)}.jsonl`);
   const entryObj = {
-    schema_version: 3,
+    schema_version: 4,
     timestamp: new Date().toISOString(),
     provider: 'openai',
     tier: task.tier || 'execute',
+    classified_tier: task.classifiedTier || task.tier || 'execute',
     tool: 'codex-exec',
     model: result.model,
+    model_override: task.modelOverride || null,
     status: result.success ? 'ok' : 'error',
     durationMs: result.durationMs,
     codex_startup_ms: result.startupMs || null,
@@ -202,6 +268,18 @@ function logUsageEvent(result, task) {
 // Main exported function
 // ---------------------------------------------------------------------------
 
+function tryHealCodexAuth(codexBin) {
+  const apiKey = process.env.OPENAI_API_KEY;
+  if (!apiKey) return false;
+  const pipe = spawnSync(codexBin, ['login', '--with-api-key'], {
+    input: apiKey,
+    encoding: 'utf8',
+    stdio: ['pipe', 'pipe', 'pipe'],
+    timeout: 10000,
+  });
+  return pipe.status === 0;
+}
+
 export async function dispatchGptTask(task) {
   const codexBin = findCodex();
   if (!codexBin) {
@@ -211,11 +289,70 @@ export async function dispatchGptTask(task) {
     };
   }
 
-  const model = task.model || 'gpt-5.4';
-  const prompt = buildPrompt(task);
-  const result = executeCodex(codexBin, model, prompt, task.cwd, task.timeoutMs);
+  // Pre-flight: check auth and heal if possible
+  const loginCheck = spawnSync(codexBin, ['login', 'status'], {
+    encoding: 'utf8', stdio: ['pipe', 'pipe', 'pipe'], timeout: 5000,
+  });
+  const isAuthed = isCodexAuthenticated(loginCheck);
+  if (!isAuthed) {
+    const healed = tryHealCodexAuth(codexBin);
+    if (!healed) {
+      return {
+        success: false,
+        error: 'Codex not authenticated. Run: npx dual-brain (sign in with your ChatGPT subscription) or codex login --device-auth',
+      };
+    }
+  }
+
+  const config = loadOrchestratorConfig();
+  const classifiedTier = classifyGptTier(task);
+  const explicitTier = normalizeTier(task.tier);
+  const tier = explicitTier || classifiedTier;
+  const expectedModel = resolveGptModel(tier, config) || 'gpt-5.4';
+
+  let model = task.model || expectedModel;
+  let modelOverride = null;
+
+  if (task.model && !task.forceModel && task.model !== expectedModel) {
+    console.warn(`[gpt-work-dispatcher] Warning: task classified as "${tier}", overriding requested model "${task.model}" with "${expectedModel}". Use --force-model to bypass.`);
+    model = expectedModel;
+    modelOverride = {
+      requested: task.model,
+      effective: expectedModel,
+      forced: false,
+      reason: `tier:${tier}`,
+    };
+  } else if (!task.model) {
+    modelOverride = {
+      requested: null,
+      effective: expectedModel,
+      forced: false,
+      reason: `auto-select:${tier}`,
+    };
+  } else if (task.forceModel) {
+    modelOverride = {
+      requested: task.model,
+      effective: task.model,
+      forced: true,
+      reason: `force-model:${tier}`,
+    };
+  }
+
+  const preparedTask = {
+    ...task,
+    tier,
+    classifiedTier,
+    modelOverride,
+  };
+  const prompt = buildPrompt(preparedTask);
+  const sandbox = GPT_TIER_SANDBOX[tier] || GPT_TIER_SANDBOX.execute;
+  const result = executeCodex(codexBin, model, prompt, task.cwd, task.timeoutMs, sandbox);
+  result.tier = tier;
+  result.classifiedTier = classifiedTier;
+  result.modelOverride = modelOverride;
+  result.sandbox = sandbox;
   result.profile = loadActiveProfile();
-  logUsageEvent(result, task);
+  logUsageEvent(result, preparedTask);
   return result;
 }
 
@@ -261,6 +398,10 @@ function parseArgs(argv) {
     args.timeoutMs = Number(args.timeout) * 1000;
     delete args.timeout;
   }
+  if (typeof args['force-model'] === 'boolean') {
+    args.forceModel = args['force-model'];
+    delete args['force-model'];
+  }
 
   return args;
 }
@@ -273,7 +414,7 @@ if (import.meta.url === `file://${process.argv[1]}`) {
   const rawArgs = parseArgs(process.argv.slice(2));
 
   if (!rawArgs.task) {
-    console.error('Usage: node gpt-work-dispatcher.mjs --task "<description>" [--model gpt-5.4] [--files file1,file2] [--timeout 120]');
+    console.error('Usage: node gpt-work-dispatcher.mjs --task "<description>" [--tier think|execute|search] [--model MODEL] [--force-model] [--files file1,file2] [--timeout 120]');
     process.exit(1);
   }
 

package/hooks/health-check.mjs

@@ -11,7 +11,7 @@
  * Checks:
  *   1. orchestrator.json    — exists and parses as valid JSON
  *   2. pricing_verified     — exists, warn if >30 days, fail if >90 days
- *   3. model_intelligence   — inline in subscriptions, covers all models
+ *   3. model_intelligence   — exists and covers all subscription models
  *   4. hook scripts         — enforce-tier, cost-logger, quality-gate, dual-brain-review readable
  *   5. usage.jsonl active   — recent entries (last 15 min) indicate PostToolUse hook is wired
  *   6. codex CLI            — found on PATH or known locations; auth status checked
@@ -42,6 +42,13 @@ function check(name, status, detail) {
   return { name, status, detail };
 }
 
+function isCodexAuthenticated(result) {
+  const output = ((result?.stdout || "") + (result?.stderr || "")).toLowerCase();
+  if (/\b(not\s+logged\s+in|unauthenticated|logged\s+out|no\s+auth)\b/.test(output)) return false;
+  return result?.status === 0 ||
+    /\b(logged\s+in|authenticated|signed\s+in)\b/.test(output);
+}
+
 // ---------------------------------------------------------------------------
 // Check implementations
 // ---------------------------------------------------------------------------
@@ -94,7 +101,7 @@ function checkPricingVerified() {
   return check("pricing_verified", STATUS.pass, `${ageDays} days ago`);
 }
 
-/** 3. model_intelligence — merged into subscriptions; validate inline fields */
+/** 3. model_intelligence — exists and has entries for at least the subscription models */
 function checkModelIntelligence() {
   let config;
   try {
@@ -103,30 +110,31 @@ function checkModelIntelligence() {
     return check("model_intelligence", STATUS.fail, "cannot read config");
   }
 
-  // Collect all models from subscriptions and check for intelligence fields
-  let entryCount = 0;
-  const missing = [];
-  for (const [providerName, provider] of Object.entries(config.subscriptions || {})) {
-    for (const [modelName, meta] of Object.entries(provider.models || {})) {
-      entryCount++;
-      if (!meta.best_for && !meta.model_id) {
-        missing.push(modelName);
-      }
-    }
+  const mi = config.model_intelligence;
+  if (!mi || typeof mi !== "object") {
+    return check("model_intelligence", STATUS.fail, "key missing from config");
   }
 
-  if (entryCount === 0) {
-    return check("model_intelligence", STATUS.fail, "no models in subscriptions");
+  // Collect model keys from subscriptions
+  const subscriptionModels = new Set();
+  for (const provider of Object.values(config.subscriptions || {})) {
+    for (const key of Object.keys(provider.models || {})) {
+      subscriptionModels.add(key);
+    }
   }
 
+  const miKeys     = Object.keys(mi);
+  const missing    = [...subscriptionModels].filter((m) => !mi[m]);
+  const entryCount = miKeys.length;
+
   if (missing.length > 0) {
     return check(
       "model_intelligence",
       STATUS.warn,
-      `${entryCount} models, missing intelligence: ${missing.join(", ")}`
+      `${entryCount} models, missing: ${missing.join(", ")}`
     );
   }
-  return check("model_intelligence", STATUS.pass, `${entryCount} models (inline)`);
+  return check("model_intelligence", STATUS.pass, `${entryCount} models`);
 }
 
 /** 4. Hook scripts readable */
@@ -255,7 +263,7 @@ function checkCodexCli() {
 
   const output = (loginResult.stdout + loginResult.stderr).toLowerCase();
 
-  if (loginResult.status === 0 || output.includes("logged in") || output.includes("authenticated")) {
+  if (isCodexAuthenticated(loginResult)) {
     return check("codex CLI", STATUS.pass, "authenticated");
   }
 

package/hooks/quality-gate.mjs

@@ -16,7 +16,7 @@
  */
 
 import { createHash } from 'crypto';
-import { execSync, spawnSync } from 'child_process';
+import { spawnSync } from 'child_process';
 import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'fs';
 import { dirname, extname, join, resolve } from 'path';
 import { fileURLToPath } from 'url';
@@ -81,9 +81,14 @@ function exit(obj) {
   process.exit(0);
 }
 
-function runGit(cmd) {
+function runGit(args) {
   try {
-    return execSync(cmd, { encoding: 'utf8', stdio: ['pipe', 'pipe', 'pipe'] });
+    const proc = spawnSync('git', args, {
+      encoding: 'utf8',
+      stdio: ['pipe', 'pipe', 'pipe'],
+      timeout: 10_000,
+    });
+    return proc.status === 0 ? proc.stdout : '';
   } catch {
     return '';
   }
@@ -165,8 +170,8 @@ function matchesSkipPattern(filePath, patterns) {
 }
 
 function getChangedFiles() {
-  const tracked = runGit('git diff --name-only HEAD') || '';
-  const untracked = runGit('git ls-files --others --exclude-standard') || '';
+  const tracked = runGit(['diff', '--name-only', 'HEAD']) || '';
+  const untracked = runGit(['ls-files', '--others', '--exclude-standard']) || '';
   const all = [...new Set([
     ...tracked.split('\n').filter(Boolean),
     ...untracked.split('\n').filter(Boolean),
@@ -252,7 +257,7 @@ function main() {
   }
 
   // Compute diff hash
-  const diff = runGit('git diff HEAD');
+  const diff = runGit(['diff', 'HEAD']);
   const diffHash = createHash('sha256').update(diff).digest('hex').slice(0, 8);
 
   // Build review record (includes sensitivity info)

package/hooks/risk-classifier.mjs

@@ -2,22 +2,9 @@
 /**
  * risk-classifier.mjs — File-path risk classification for adaptive routing.
  *
- * Exports:
- *   classifyRisk(paths)              → { level, reason }           (static, backward-compat)
- *   classifyRiskEnhanced(filePath)   → { risk, basis, details }    (empirical, v4.3.0+)
- *   getGitChurn(filePath, days?)     → { commits, isHot } | null
- *   getFileRiskHistory(filePath)     → { total, failures, success_rate, risk_adjustment }
- *   extractPaths(text)               → string[]
+ * Export: classifyRisk(paths) → { level, reason }
  */
 
-import { execSync } from 'child_process';
-import { existsSync, readFileSync } from 'fs';
-import { dirname, join } from 'path';
-import { fileURLToPath } from 'url';
-
-const __dirname = dirname(fileURLToPath(import.meta.url));
-const LEDGER_FILE = join(__dirname, 'decision-ledger.jsonl');
-
 const PATTERNS = [
   { level: 'critical', regex: /\b(auth|credential|secret|\.env|key[s]?|token[s]?|password|encrypt|certificate|cert[s]?|\.pem|\.key)\b/i, label: 'security-sensitive' },
   { level: 'high', regex: /\b(billing|payment|migration|deploy|ci[-/]cd|\.github\/workflows|security|permission|policy|schema\.prisma|schema\.sql|api[-_]?contract|openapi|swagger)\b/i, label: 'high-impact infrastructure' },
@@ -26,7 +13,6 @@ const PATTERNS = [
 ];
 
 const LEVEL_ORDER = { critical: 3, high: 2, medium: 1, low: 0 };
-const LEVEL_UP = { low: 'medium', medium: 'high', high: 'critical', critical: 'critical' };
 
 function classifyRisk(paths) {
   if (!paths || paths.length === 0) return { level: 'low', reason: 'no file paths detected' };
@@ -45,125 +31,6 @@ function classifyRisk(paths) {
   return highest;
 }
 
-/**
- * Count how many commits touched a file in the last N days using git log.
- * Returns { commits, isHot: commits > 10 }, or null if git is unavailable.
- */
-function getGitChurn(filePath, days = 30) {
-  try {
-    const output = execSync(
-      `git log --oneline --since="${days} days ago" -- "${filePath}"`,
-      { encoding: 'utf8', stdio: ['pipe', 'pipe', 'pipe'], timeout: 5000 }
-    );
-    const commits = output.split('\n').filter(Boolean).length;
-    return { commits, isHot: commits > 10 };
-  } catch {
-    return null;
-  }
-}
-
-/**
- * Read decision-ledger.jsonl and compute success rate for entries that
- * touched this file path or its parent directory.
- *
- * Returns { total, failures, success_rate, risk_adjustment } where
- * risk_adjustment is 'escalate' if success_rate < 60% with 3+ entries,
- * 'normal' otherwise.
- */
-function getFileRiskHistory(filePath) {
-  const empty = { total: 0, failures: 0, success_rate: 100, risk_adjustment: 'normal' };
-  if (!existsSync(LEDGER_FILE)) return empty;
-
-  let raw;
-  try { raw = readFileSync(LEDGER_FILE, 'utf8'); } catch { return empty; }
-
-  // Normalize the file path and compute its parent directory prefix
-  const normalizedPath = filePath.replace(/\\/g, '/');
-  const parentDir = normalizedPath.includes('/') ? normalizedPath.slice(0, normalizedPath.lastIndexOf('/')) : '';
-
-  let total = 0;
-  let failures = 0;
-
-  for (const line of raw.split('\n').filter(Boolean)) {
-    try {
-      const entry = JSON.parse(line);
-      if (entry.type !== 'outcome') continue;
-
-      const files = entry.files_changed || entry.files_read || [];
-      if (!Array.isArray(files)) continue;
-
-      const matches = files.some(f => {
-        const nf = String(f).replace(/\\/g, '/');
-        return nf === normalizedPath ||
-          nf.includes(normalizedPath) ||
-          (parentDir && nf.includes(parentDir));
-      });
-
-      if (!matches) continue;
-
-      total++;
-      if (entry.success === false) failures++;
-    } catch {}
-  }
-
-  if (total === 0) return empty;
-
-  const success_rate = Math.round(((total - failures) / total) * 100);
-  const risk_adjustment = (success_rate < 60 && total >= 3) ? 'escalate' : 'normal';
-
-  return { total, failures, success_rate, risk_adjustment };
-}
-
-/**
- * Enhanced risk classifier that combines static patterns with empirical data.
- *
- * Returns { risk, basis, details } where:
- *   risk    — 'low' | 'medium' | 'high' | 'critical'
- *   basis   — 'static' | 'churn' | 'history' | 'churn+history'
- *   details — { static_risk, churn_commits, history_success_rate }
- */
-function classifyRiskEnhanced(filePath) {
-  // Step 1: static pattern classification
-  const staticResult = classifyRisk([filePath]);
-  let risk = staticResult.level;
-  const details = {
-    static_risk: risk,
-    churn_commits: null,
-    history_success_rate: null,
-  };
-
-  let bumpedByChurn = false;
-  let bumpedByHistory = false;
-
-  // Step 2: git churn check
-  const churn = getGitChurn(filePath);
-  if (churn !== null) {
-    details.churn_commits = churn.commits;
-    if (churn.isHot && risk !== 'critical') {
-      risk = LEVEL_UP[risk];
-      bumpedByChurn = true;
-    }
-  }
-
-  // Step 3: file risk history check
-  const history = getFileRiskHistory(filePath);
-  details.history_success_rate = history.success_rate;
-  if (history.risk_adjustment === 'escalate' && risk !== 'critical') {
-    risk = LEVEL_UP[risk];
-    bumpedByHistory = true;
-  }
-
-  // Cap at critical
-  if (LEVEL_ORDER[risk] > LEVEL_ORDER['critical']) risk = 'critical';
-
-  let basis = 'static';
-  if (bumpedByChurn && bumpedByHistory) basis = 'churn+history';
-  else if (bumpedByChurn) basis = 'churn';
-  else if (bumpedByHistory) basis = 'history';
-
-  return { risk, basis, details };
-}
-
 function extractPaths(text) {
   if (!text) return [];
   const matches = text.match(/(?:^|\s|["'`])([./~]?(?:[\w@.-]+\/)+[\w@.*-]+(?:\.\w+)?)/g);
@@ -171,4 +38,4 @@ function extractPaths(text) {
   return matches.map(m => m.trim().replace(/^["'`]/, ''));
 }
 
-export { classifyRisk, classifyRiskEnhanced, getGitChurn, getFileRiskHistory, extractPaths };
+export { classifyRisk, extractPaths };