forgeos 0.1.0-alpha.2 → 0.1.0-alpha.21

package/src/forge/make/templates.ts

@@ -351,6 +351,166 @@ export default function ${pascal}Page() {
 `;
 }
 
+export function renderAiAgentFile(name: string): string {
+  const camel = camelCase(name);
+  const pascal = pascalCase(name);
+  return `import { agent, aiTool } from "forge/server";
+import { z } from "zod";
+
+export const ${camel}ProjectContext = aiTool({
+  description: "Return concise project context for the ${pascal} agent.",
+  inputSchema: z.object({
+    topic: z.string().optional(),
+  }),
+  outputSchema: z.object({
+    context: z.string(),
+  }),
+  risk: "read",
+  strict: true,
+  needsApproval: false,
+  handler: async (_ctx, input) => ({
+    context: \`ForgeOS project context for \${input.topic ?? "the current request"}.\`,
+  }),
+});
+
+export const ${camel}Agent = agent({
+  provider: "gateway",
+  model: "openai/gpt-5.4",
+  instructions: "You are a ForgeOS app agent. Use Forge tools before answering when runtime data is needed.",
+  tools: { ${camel}ProjectContext },
+  stopWhen: { kind: "stepCount", maxSteps: 8 },
+});
+`;
+}
+
+export function renderAiChatComponent(name: string): string {
+  const pascal = pascalCase(name);
+  return `"use client";
+
+import { DefaultChatTransport } from "ai";
+import { useChat } from "@ai-sdk/react";
+import { FormEvent, useMemo, useState } from "react";
+import { forgeUrl } from "../lib/forge";
+
+export function ${pascal}AiChat() {
+  const [input, setInput] = useState("");
+  const transport = useMemo(
+    () =>
+      new DefaultChatTransport({
+        api: \`\${forgeUrl}/ai/agents/chat\`,
+        headers: {
+          "x-forge-user-id": "dev-user",
+          "x-forge-tenant-id": "dev-tenant",
+          "x-forge-role": "owner",
+        },
+        body: {
+          agent: "${camelCase(name)}Agent",
+          provider: "gateway",
+          model: "openai/gpt-5.4",
+          instructions: "Answer as a ForgeOS app agent. Use available Forge tools when useful.",
+          maxSteps: 8,
+        },
+      }),
+    [],
+  );
+  const { messages, sendMessage, status, error, addToolApprovalResponse } = useChat({
+    transport,
+  });
+  const busy = status === "submitted" || status === "streaming";
+
+  async function submit(event: FormEvent<HTMLFormElement>) {
+    event.preventDefault();
+    const prompt = input.trim();
+    if (!prompt || busy) return;
+    setInput("");
+    sendMessage({ text: prompt });
+  }
+
+  return (
+    <section>
+      <div>
+        {messages.map((message) => (
+          <article key={message.id}>
+            <strong>{message.role}</strong>
+            {message.parts.map((part, index) => {
+              if (part.type === "text") {
+                return <p key={index}>{part.text}</p>;
+              }
+              if (part.type.startsWith("tool-")) {
+                const toolPart = part as typeof part & {
+                  input?: unknown;
+                  output?: unknown;
+                  approval?: { id: string; state: string };
+                };
+                return (
+                  <div key={index}>
+                    <code>{part.type.replace(/^tool-/, "")}</code>
+                    {toolPart.approval?.state === "approval-requested" ? (
+                      <span>
+                        <button
+                          type="button"
+                          onClick={() =>
+                            addToolApprovalResponse({
+                              id: toolPart.approval!.id,
+                              approved: true,
+                            })
+                          }
+                        >
+                          Approve
+                        </button>
+                        <button
+                          type="button"
+                          onClick={() =>
+                            addToolApprovalResponse({
+                              id: toolPart.approval!.id,
+                              approved: false,
+                            })
+                          }
+                        >
+                          Deny
+                        </button>
+                      </span>
+                    ) : null}
+                  </div>
+                );
+              }
+              return null;
+            })}
+          </article>
+        ))}
+      </div>
+      <form onSubmit={submit}>
+        <input
+          value={input}
+          onChange={(event) => setInput(event.currentTarget.value)}
+          placeholder="Ask the Forge agent"
+        />
+        <button type="submit" disabled={busy}>{busy ? "Running" : "Send"}</button>
+      </form>
+      {error ? <p>{error.message}</p> : null}
+    </section>
+  );
+}
+`;
+}
+
+export function renderAiChatPage(name: string): string {
+  const pascal = pascalCase(name);
+  return `"use client";
+
+import { ${pascal}AiChat } from "../../components/${pascal}AiChat";
+
+export default function ${pascal}AiPage() {
+  return (
+    <main>
+      <h1>${titleCase(name)} AI</h1>
+      <${pascal}AiChat />
+    </main>
+  );
+}
+`;
+}
+
 export function renderWebBridge(): string {
   return `export const forgeUrl =
   import.meta.env.VITE_FORGE_URL ?? "http://127.0.0.1:3765";
@@ -476,8 +636,189 @@ export function renderVitePackage(appName: string): string {
     "typecheck": "tsc --noEmit"
   },
   "dependencies": {
-    "@vitejs/plugin-react": "^4.3.4",
-    "vite": "^6.0.5",
+    "@ai-sdk/react": "^3.0.0",
+    "@vitejs/plugin-react": "^6.0.2",
+    "ai": "^6.0.0",
+    "vite": "^8.0.16",
+    "react": "^19.0.0",
+    "react-dom": "^19.0.0"
+  },
+  "devDependencies": {
+    "@types/react": "^19.0.0",
+    "@types/react-dom": "^19.0.0",
+    "typescript": "^5.7.3"
+  }
+}
+`;
+}
+
+export function renderNuxtPackage(appName: string): string {
+  return `{
+  "name": "${kebabCase(appName)}-web",
+  "private": true,
+  "type": "module",
+  "scripts": {
+    "dev": "nuxt dev --host 127.0.0.1",
+    "build": "nuxt build",
+    "typecheck": "nuxt typecheck"
+  },
+  "dependencies": {
+    "nuxt": "^4.0.0",
+    "vue": "^3.5.38"
+  },
+  "devDependencies": {
+    "typescript": "^5.7.3"
+  }
+}
+`;
+}
+
+export function renderNuxtConfig(): string {
+  return `export default defineNuxtConfig({
+  compatibilityDate: "2026-06-18",
+  runtimeConfig: {
+    public: {
+      forgeUrl: process.env.NUXT_PUBLIC_FORGE_URL ?? "http://127.0.0.1:3765",
+    },
+  },
+  typescript: {
+    strict: true,
+  },
+});
+`;
+}
+
+export function renderNuxtTsconfig(): string {
+  return `{
+  "extends": "./.nuxt/tsconfig.json"
+}
+`;
+}
+
+export function renderNuxtForgeComposable(): string {
+  return `export const forgeUrl = "http://127.0.0.1:3765";
+
+export { api } from "../../src/forge/_generated/api";
+export { createForgeClient, ForgeError } from "../../src/forge/_generated/client";
+export {
+  ForgeVuePlugin,
+  provideForge,
+  useForgeAuth,
+  useForgeClient,
+  useForgeCommand,
+  useForgeLiveQuery,
+  useForgeQuery,
+} from "../../src/forge/_generated/vue";
+`;
+}
+
+export function renderNuxtForgePlugin(): string {
+  return `import { ForgeVuePlugin } from "../composables/forge";
+
+export default defineNuxtPlugin((nuxtApp) => {
+  const config = useRuntimeConfig();
+
+  nuxtApp.vueApp.use(ForgeVuePlugin, {
+    url: String(config.public.forgeUrl),
+    devAuth: true,
+  });
+});
+`;
+}
+
+export function renderNuxtApp(): string {
+  return `<script setup lang="ts">
+import ForgeStatus from "./components/ForgeStatus.vue";
+</script>
+
+<template>
+  <main class="shell">
+    <p class="eyebrow">ForgeOS Nuxt app</p>
+    <h1>Full-stack loop ready</h1>
+    <ForgeStatus />
+  </main>
+</template>
+
+<style scoped>
+.shell {
+  width: min(760px, calc(100vw - 32px));
+  margin: 0 auto;
+  padding: 48px 0;
+}
+
+.eyebrow {
+  color: #58655f;
+  font-size: 0.82rem;
+  font-weight: 800;
+  text-transform: uppercase;
+}
+
+h1 {
+  margin: 0 0 12px;
+  color: #17211d;
+  font-size: 2.2rem;
+}
+</style>
+`;
+}
+
+export function renderNuxtStatusComponent(): string {
+  return `<script setup lang="ts">
+import { computed } from "vue";
+import { useForgeAuth } from "../composables/forge";
+
+const auth = useForgeAuth();
+const tenantLabel = computed(() => auth?.tenantId ?? "dev-tenant");
+const roleLabel = computed(() => auth?.role ?? "owner");
+</script>
+
+<template>
+  <section class="status-panel">
+    <span class="status-dot" aria-hidden="true" />
+    <p>
+      Connected as <strong>{{ roleLabel }}</strong> on
+      <strong>{{ tenantLabel }}</strong>.
+    </p>
+  </section>
+</template>
+
+<style scoped>
+.status-panel {
+  display: flex;
+  align-items: center;
+  gap: 10px;
+  margin-top: 24px;
+  color: #26332d;
+}
+
+.status-dot {
+  width: 10px;
+  height: 10px;
+  border-radius: 999px;
+  background: #1f9d55;
+}
+
+p {
+  margin: 0;
+}
+</style>
+`;
+}
+
+export function renderNextAiPackage(appName: string): string {
+  return `{
+  "name": "${kebabCase(appName)}-web",
+  "private": true,
+  "type": "module",
+  "scripts": {
+    "dev": "next dev --hostname 127.0.0.1",
+    "build": "next build",
+    "typecheck": "tsc --noEmit"
+  },
+  "dependencies": {
+    "@ai-sdk/react": "^3.0.0",
+    "ai": "^6.0.0",
+    "next": "^15.5.9",
     "react": "^19.0.0",
     "react-dom": "^19.0.0"
   },

package/src/forge/make/types.ts

@@ -14,6 +14,7 @@ export type MakePrimitive =
   | "component"
   | "page"
   | "ui"
+  | "ai-chat"
   | "resource"
   | "apply"
   | "rollback";
@@ -60,6 +61,7 @@ export interface MakeIntent {
   trigger?: string;
   component?: string;
   route?: string;
+  framework?: "vite" | "next" | "nuxt";
   withAi: boolean;
   withCreateForm: boolean;
 }
@@ -129,7 +131,7 @@ export interface MakeCommandOptions {
   event?: string;
   trigger?: string;
   component?: string;
-  framework?: "vite" | "next";
+  framework?: "vite" | "next" | "nuxt";
   withAi: boolean;
   withCrud: boolean;
   withLiveQuery: boolean;

package/src/forge/refactor/index.ts

@@ -420,6 +420,7 @@ function createCommandProgram(
     module: ts.ModuleKind.ESNext,
     moduleResolution: ts.ModuleResolutionKind.Bundler,
     noEmit: true,
+    noLib: true,
     skipLibCheck: true,
     strict: true,
     target: ts.ScriptTarget.ES2022,

package/src/forge/repair/rules/index.ts

@@ -228,7 +228,7 @@ export const repairRules: RepairRule[] = [
         failureKind: "secrets",
         code: "FORGE_SECRET_DIRECT_PROCESS_ENV",
         summary: `Secret/config usage is unsafe or missing for ${secret}.`,
-        likelyCause: "Code reads process.env directly, accesses secrets in a forbidden runtime, or the environment lacks a required secret.",
+        likelyCause: "Code reads secret/config values through process.env in Forge runtime code, accesses secrets in a forbidden runtime, or the environment lacks a required secret.",
         confidence: "high",
         suggestedRepairs: [
           {
@@ -466,7 +466,7 @@ export function explainDiagnostic(code: string): string {
     FORGE_GUARD_VIOLATION: "A package or capability is used in a runtime context where it is forbidden. Move side effects to actions/workflows.",
     FORGE_POLICY_UNKNOWN: "A runtime entry references a missing policy. Create or correct the policy, then simulate expected roles.",
     FORGE_POLICY_DENIED: "The caller auth context does not satisfy the policy. Fix test auth or intentionally update policy roles.",
-    FORGE_SECRET_DIRECT_PROCESS_ENV: "Code reads process.env directly. Use ctx.secrets/ctx.config in allowed runtime contexts.",
+    FORGE_SECRET_DIRECT_PROCESS_ENV: "Code reads secret/config values through process.env in Forge runtime code. Use ctx.secrets/ctx.config in allowed runtime contexts.",
     FORGE_AI_FORBIDDEN_CONTEXT: "AI is being used in a deterministic context. Move AI calls to action/workflow/server runtime.",
     FORGE_WORKFLOW_STEP_FAILED: "A workflow step failed. Inspect the workflow run and trace before retrying.",
     FORGE_OUTBOX_PROCESS_FAILED: "An outbox delivery failed. Inspect the subscribed action and retry after fixing the cause.",

package/src/forge/review/index.ts

@@ -6,6 +6,8 @@ import { serializeCanonical } from "../compiler/primitives/serialize.ts";
 import { stripDeterministicHeader } from "../compiler/primitives/header.ts";
 import { analyzeImpact, buildImpactTestPlan, detectChangedFiles } from "../impact/index.ts";
 import type { ImpactCommandOptions, ImpactSource } from "../impact/types.ts";
+import { buildDiffPlanFromChangeSummary, categorizeFiles } from "../workspace/change-summary.ts";
+import type { CategorizedFileSummary, ChangeType } from "../workspace/change-summary.ts";
 import type {
   ReviewChanged,
   ReviewCommandOptions,
@@ -14,6 +16,8 @@ import type {
   ReviewFinding,
   ReviewFindingCategory,
   ReviewFindingSeverity,
+  ReviewFocus,
+  ReviewDiffPlan,
   ReviewReport,
   ReviewResult,
   ReviewRisk,
@@ -41,6 +45,21 @@ const ALL_CATEGORIES: ReviewFindingCategory[] = [
   "agent",
 ];
 
+const SYSTEM_ENV_NAMES = new Set([
+  "CI",
+  "HOME",
+  "PATH",
+  "PWD",
+  "SHELL",
+  "TEMP",
+  "TMP",
+  "USER",
+  "USERNAME",
+  "USERPROFILE",
+]);
+
+const SECRET_ENV_PATTERN = /(^|_)(API_KEY|AUTH_TOKEN|CLIENT_SECRET|CREDENTIALS|JWT_SECRET|PASSWORD|PRIVATE_KEY|SECRET|SECRET_KEY|TOKEN|WEBHOOK_SECRET)$/;
+
 const RULE_DOCS: ReviewRuleDoc[] = [
   {
     id: "runtime-command-forbidden-import",
@@ -124,6 +143,32 @@ function changedFromFiles(files: string[]): ReviewChanged {
   };
 }
 
+function buildReviewFocus(changeSummary: CategorizedFileSummary): ReviewFocus {
+  const authoredOrder = ([
+    "source",
+    "tests",
+    "docs",
+    "config",
+    "operational",
+    "assets",
+    "other",
+  ] satisfies ChangeType[])
+    .filter((type) => changeSummary.byType[type].count > 0);
+  const suggestedOrder: ChangeType[] = [...authoredOrder];
+  if (changeSummary.byType.generated.count > 0) {
+    suggestedOrder.push("generated");
+  }
+  return {
+    first: "authoredChanges",
+    then: "derivedArtifacts",
+    generatedIsDerived: true,
+    suggestedOrder,
+    summary: changeSummary.byType.generated.count > 0
+      ? "Review authored changes first; inspect generated artifacts after the source cause is understood."
+      : "Review authored changes directly; no generated artifacts changed.",
+  };
+}
+
 function loadContext(options: ReviewCommandOptions): ReviewContext {
   const source = sourceFromOptions(options);
   const impactSource = impactSourceFromReview(source);
@@ -190,9 +235,22 @@ function isTestFile(file: string): boolean {
   return /\.(test|spec)\.(ts|tsx|js|jsx)$/.test(file) || normalize(file).startsWith("tests/");
 }
 
+function isDocumentationFile(file: string): boolean {
+  const normalized = normalize(file);
+  return normalized.startsWith("docs/") ||
+    normalized.startsWith("marketing/") ||
+    normalized.endsWith(".md") ||
+    normalized.endsWith(".mdx");
+}
+
 function isForgeToolingFile(file: string): boolean {
   const normalized = normalize(file);
-  return normalized.startsWith("src/forge/cli/") || normalized.startsWith("src/forge/review/");
+  return normalized.startsWith("src/forge/cli/") ||
+    normalized.startsWith("src/forge/review/") ||
+    normalized.startsWith("src/forge/dev/") ||
+    normalized.startsWith("src/forge/dev-console/") ||
+    normalized.startsWith("src/forge/compiler/package-manager/") ||
+    normalized.startsWith("src/forge/compiler/integration/");
 }
 
 function includesCategory(options: ReviewCommandOptions, category: ReviewFindingCategory): boolean {
@@ -200,20 +258,47 @@ function includesCategory(options: ReviewCommandOptions, category: ReviewFinding
   return options.include.length === 0 || options.include.includes(category);
 }
 
-function secretNamesFromText(text: string): string[] {
+function processEnvNamesFromText(text: string): string[] {
   const names = new Set<string>();
-  for (const regex of [/process\.env\.([A-Z0-9_]+)/g, /process\.env\[['"]([A-Z0-9_]+)['"]\]/g, /ctx\.secrets\.get\(['"]([A-Z0-9_]+)['"]\)/g]) {
+  for (const regex of [/process\.env\.([A-Z0-9_]+)/g, /process\.env\[['"]([A-Z0-9_]+)['"]\]/g]) {
     let match: RegExpExecArray | null;
     while ((match = regex.exec(text))) names.add(match[1]);
   }
   return [...names].sort();
 }
 
-function processEnvNamesFromText(text: string): string[] {
+function ctxSecretNamesFromText(text: string): string[] {
+  const names = new Set<string>();
+  const regex = /ctx\.secrets\.get\(['"]([A-Z0-9_]+)['"]\)/g;
+  let match: RegExpExecArray | null;
+  while ((match = regex.exec(text))) names.add(match[1]);
+  return [...names].sort();
+}
+
+function isSecretEnvName(name: string): boolean {
+  if (SYSTEM_ENV_NAMES.has(name)) return false;
+  return SECRET_ENV_PATTERN.test(name);
+}
+
+function secretNamesFromText(text: string): string[] {
+  const names = new Set<string>();
+  for (const name of processEnvNamesFromText(text)) {
+    if (isSecretEnvName(name)) names.add(name);
+  }
+  for (const name of ctxSecretNamesFromText(text)) names.add(name);
+  return [...names].sort();
+}
+
+function publicSecretNamesFromText(text: string): string[] {
   const names = new Set<string>();
   for (const regex of [/process\.env\.([A-Z0-9_]+)/g, /process\.env\[['"]([A-Z0-9_]+)['"]\]/g]) {
     let match: RegExpExecArray | null;
-    while ((match = regex.exec(text))) names.add(match[1]);
+    while ((match = regex.exec(text))) {
+      const name = match[1];
+      if ((name.startsWith("PUBLIC_") || name.startsWith("NEXT_PUBLIC_")) && isSecretEnvName(name)) {
+        names.add(name);
+      }
+    }
   }
   return [...names].sort();
 }
@@ -352,15 +437,16 @@ function secretRules(ctx: ReviewContext): ReviewFinding[] {
   const findings: ReviewFinding[] = [];
   const documented = ctx.envExample;
   for (const [file, text] of ctx.fileTexts) {
-    if (isTestFile(file) || isForgeToolingFile(file)) continue;
+    if (isTestFile(file) || isDocumentationFile(file)) continue;
     const names = secretNamesFromText(text);
-    if (processEnvNamesFromText(text).length > 0) {
+    const directSecretEnvNames = processEnvNamesFromText(text).filter(isSecretEnvName);
+    if (directSecretEnvNames.length > 0 && !isForgeToolingFile(file)) {
       findings.push(finding({
         severity: "error",
         category: "secrets",
         code: "secret-direct-process-env",
         title: "Direct process.env usage introduced",
-        message: "ForgeOS code should access secrets through ctx.secrets or generated config context.",
+        message: `${directSecretEnvNames.join(", ")} should be accessed through ctx.secrets or generated config context.`,
         file,
         suggestedCommands: ["forge secrets check", "forge refactor replace-process-env <ENV_VAR>"],
         autoRepair: { available: true, command: "forge refactor replace-process-env <ENV_VAR>", confidence: "medium" },
@@ -378,7 +464,7 @@ function secretRules(ctx: ReviewContext): ReviewFinding[] {
           suggestedCommands: ["forge secrets check"],
         }));
       }
-      if (/(_SECRET|SECRET_|TOKEN|KEY)/.test(name) && (name.startsWith("PUBLIC_") || name.startsWith("NEXT_PUBLIC_"))) {
+      if (publicSecretNamesFromText(text).includes(name)) {
         findings.push(finding({
           severity: "blocking",
           category: "secrets",
@@ -693,6 +779,9 @@ function buildReport(options: ReviewCommandOptions): ReviewReport {
     findings: findings.map((item) => [item.code, item.file, item.severity]),
   })).slice(0, 12)}`;
   const generatedPaths = ctx.changed.generated;
+  const changeSummary = categorizeFiles(ctx.changed.files);
+  const reviewFocus = buildReviewFocus(changeSummary);
+  const diffPlan: ReviewDiffPlan = buildDiffPlanFromChangeSummary(changeSummary);
   return {
     schemaVersion: "0.1.0",
     reviewVersion: REVIEW_VERSION,
@@ -709,6 +798,9 @@ function buildReport(options: ReviewCommandOptions): ReviewReport {
     risk,
     findings,
     changed: ctx.changed,
+    changeSummary,
+    reviewFocus,
+    diffPlan,
     impacted: ctx.impacted,
     checks: [
       { name: "impact-analysis", ok: true, message: `risk ${risk.level}` },
@@ -755,7 +847,13 @@ ${report.summary.bullets.map((bullet) => `- ${bullet}`).join("\n")}
 
 ## Changed Files
 
-${report.changed.files.map((file) => `- ${file}`).join("\n") || "- none"}
+${report.changed.files.filter((file) => !file.startsWith(`${GENERATED}/`) && file !== "forge.lock").map((file) => `- ${file}`).join("\n") || "- none"}
+
+Generated artifacts are derived and collapsed by default.
+
+- Generated files: ${report.diffPlan.generatedFiles}
+- Authored diff: \`${report.diffPlan.authoredDiffCommand}\`
+- Generated diff: \`${report.diffPlan.generatedDiffCommand}\`
 
 ## Findings
 
@@ -958,8 +1056,54 @@ export function runReviewCommand(options: ReviewCommandOptions): ReviewResult {
   }
 }
 
-export function formatReviewJson(result: ReviewResult): string {
-  return `${JSON.stringify(result.report ?? result.reports ?? result.explanation ?? result, null, 2)}\n`;
+function compactReviewReport(result: ReviewResult): unknown {
+  const report = result.report;
+  if (!report) return result.reports ?? result.explanation ?? result;
+  const impacted = {
+    ...report.impacted,
+    generatedArtifacts: report.impacted.generatedArtifacts.length,
+  };
+  return {
+    schemaVersion: report.schemaVersion,
+    reviewVersion: report.reviewVersion,
+    ok: result.ok,
+    id: report.id,
+    source: report.source,
+    summary: report.summary,
+    risk: report.risk,
+    findings: report.findings,
+    changed: {
+      files: report.changed.files.length,
+      tests: report.changed.tests.length,
+      sourceFiles: report.changed.sourceFiles.length,
+      generated: report.changed.generated.length,
+      packageFiles: report.changed.packageFiles.length,
+      deployFiles: report.changed.deployFiles.length,
+    },
+    changeSummary: report.changeSummary,
+    reviewFocus: report.reviewFocus,
+    diffPlan: report.diffPlan,
+    impacted,
+    checks: report.checks,
+    recommendedCommands: report.recommendedCommands,
+    humanChecklist: report.humanChecklist,
+    agentInstructions: report.agentInstructions,
+    generatedArtifacts: {
+      paths: report.generatedArtifacts.paths.length,
+      stale: report.generatedArtifacts.stale,
+    },
+    writeResult: result.writeResult,
+    diagnostics: result.diagnostics,
+    exitCode: result.exitCode,
+    fullCommand: "forge review run --changed --full --json",
+  };
+}
+
+export function formatReviewJson(result: ReviewResult, options: { full?: boolean } = {}): string {
+  const payload = options.full
+    ? result.report ?? result.reports ?? result.explanation ?? result
+    : compactReviewReport(result);
+  return `${JSON.stringify(payload, null, 2)}\n`;
 }
 
 export function formatReviewHuman(result: ReviewResult): string {
@@ -978,6 +1122,8 @@ ${result.reports.map((report) => `- ${report.id}: ${report.dir}`).join("\n") ||
 
 Risk: ${report.risk.level} (${report.risk.score})
 Findings: ${report.findings.length}
+Review focus: ${report.reviewFocus.summary}
+Review order: ${report.reviewFocus.suggestedOrder.join(" -> ") || "none"}
 
 Blocking issues:
 ${report.findings.filter((finding) => finding.severity === "blocking").map((finding) => `  - ${finding.code}: ${finding.message}`).join("\n") || "  - none"}