martin-loop 0.1.5 → 1.3.0

package/dist/vendor/core/cost/pipeline.js

@@ -0,0 +1,141 @@
+/**
+ * Composable cost-aware LLM pipeline.
+ *
+ * Combines four patterns into one composable function:
+ *   1. Model routing by task complexity (Haiku vs Sonnet)
+ *   2. Immutable cost tracking with budget enforcement
+ *   3. Narrow retry logic (transient errors only, exponential backoff)
+ *   4. Prompt caching via Anthropic cache_control messages
+ *
+ * Does NOT import @anthropic-ai/sdk — uses an injected LlmClient interface
+ * so it works with the claude-cli adapter or any HTTP client.
+ */
+// ---------------------------------------------------------------------------
+// Model constants
+// ---------------------------------------------------------------------------
+export const MODEL_HAIKU = "claude-haiku-4-5-20251001";
+export const MODEL_SONNET = "claude-sonnet-4-6";
+const COMPLEXITY_CHAR_THRESHOLD = 10_000;
+const COMPLEXITY_ITEM_THRESHOLD = 30;
+// Private pricing for budget preflight estimation only.
+// Canonical pricing lives in packages/adapters/src/usage.ts.
+const PIPELINE_PRICING = {
+    [MODEL_HAIKU]: { inputPer1K: 0.00025, outputPer1K: 0.00125 },
+    [MODEL_SONNET]: { inputPer1K: 0.003, outputPer1K: 0.015 }
+};
+const FALLBACK_PRICING = { inputPer1K: 0.003, outputPer1K: 0.015 };
+// ---------------------------------------------------------------------------
+// 1. Model routing
+// ---------------------------------------------------------------------------
+/**
+ * Select the cheapest model that can handle the task complexity.
+ * Returns forceModel unchanged when provided.
+ */
+export function selectModel(textLength, itemCount, forceModel) {
+    if (forceModel !== undefined)
+        return forceModel;
+    if (textLength >= COMPLEXITY_CHAR_THRESHOLD || itemCount >= COMPLEXITY_ITEM_THRESHOLD) {
+        return MODEL_SONNET;
+    }
+    return MODEL_HAIKU;
+}
+export function createCostTracker(budgetLimitUsd) {
+    return makeFrozenTracker(budgetLimitUsd, []);
+}
+export function addCostRecord(tracker, record) {
+    const full = Object.freeze({
+        ...record,
+        timestamp: new Date().toISOString()
+    });
+    return makeFrozenTracker(tracker.budgetLimitUsd, [...tracker.records, full]);
+}
+function makeFrozenTracker(budgetLimitUsd, records) {
+    const totalCost = records.reduce((sum, r) => sum + r.costUsd, 0);
+    return Object.freeze({
+        budgetLimitUsd,
+        records: Object.freeze(records),
+        totalCost,
+        overBudget: totalCost > budgetLimitUsd
+    });
+}
+function classifyError(err) {
+    const msg = err instanceof Error ? err.message.toLowerCase() : String(err).toLowerCase();
+    if (/econnreset|etimedout|enotfound|econnrefused|socket hang up/.test(msg))
+        return "retryable";
+    if (/429|rate.limit|too.many.requests/.test(msg))
+        return "retryable";
+    if (/5\d{2}|internal.server.error|overloaded/.test(msg))
+        return "retryable";
+    return "fatal";
+}
+export async function callWithRetry(fn, options = {}) {
+    const maxRetries = options.maxRetries ?? 3;
+    const baseDelayMs = options.baseDelayMs ?? 1_000;
+    let lastErr;
+    for (let attempt = 0; attempt < maxRetries; attempt++) {
+        try {
+            return await fn();
+        }
+        catch (err) {
+            if (classifyError(err) === "fatal")
+                throw err;
+            lastErr = err;
+            if (attempt < maxRetries - 1) {
+                const delay = Math.min(baseDelayMs * Math.pow(2, attempt), 32_000);
+                await new Promise((resolve) => setTimeout(resolve, delay));
+            }
+        }
+    }
+    throw lastErr;
+}
+export function buildCachedMessages(systemPrompt, userInput) {
+    const systemMsg = Object.freeze({
+        role: "system",
+        content: Object.freeze([
+            Object.freeze({
+                type: "text",
+                text: systemPrompt,
+                cache_control: Object.freeze({ type: "ephemeral" })
+            })
+        ])
+    });
+    const userMsg = Object.freeze({
+        role: "user",
+        content: userInput
+    });
+    return Object.freeze([systemMsg, userMsg]);
+}
+export class BudgetExceededError extends Error {
+    totalCost;
+    budgetLimit;
+    constructor(totalCost, budgetLimit) {
+        super(`Budget exceeded: spent $${totalCost.toFixed(4)} of $${budgetLimit.toFixed(4)}`);
+        this.totalCost = totalCost;
+        this.budgetLimit = budgetLimit;
+        this.name = "BudgetExceededError";
+    }
+}
+export async function runCostAwarePipeline(input) {
+    const { text, config, tracker, client, systemPrompt } = input;
+    const itemCount = text.split("\n").length;
+    const model = selectModel(text.length, itemCount, config?.forceModel);
+    // Preflight budget check: estimate cost before spending
+    const estimatedInputTokens = Math.ceil(text.length / 3.5);
+    const estimatedOutputTokens = 500;
+    const pricing = PIPELINE_PRICING[model] ?? FALLBACK_PRICING;
+    const estimatedCost = (estimatedInputTokens / 1000) * pricing.inputPer1K +
+        (estimatedOutputTokens / 1000) * pricing.outputPer1K;
+    if (tracker.totalCost + estimatedCost > tracker.budgetLimitUsd) {
+        throw new BudgetExceededError(tracker.totalCost, tracker.budgetLimitUsd);
+    }
+    const messages = buildCachedMessages(systemPrompt, text);
+    const result = await callWithRetry(() => client.call(model, messages, { maxTokens: config?.maxTokens }), { maxRetries: config?.maxRetries, baseDelayMs: config?.baseDelayMs });
+    const updatedTracker = addCostRecord(tracker, {
+        model,
+        inputTokens: result.inputTokens,
+        outputTokens: result.outputTokens,
+        costUsd: result.costUsd
+    });
+    return { result, tracker: updatedTracker };
+}
+//# sourceMappingURL=pipeline.js.map

package/dist/vendor/core/cost/tagged-cost.d.ts

@@ -0,0 +1,27 @@
+export interface TaggedCostEntry {
+    runId: string;
+    tags: Record<string, string>;
+    totalUsd: number;
+    inputTokens: number;
+    outputTokens: number;
+    timestamp: string;
+}
+export interface TaggedCostSummary {
+    tag: string;
+    value: string;
+    totalUsd: number;
+    runCount: number;
+    entries: TaggedCostEntry[];
+}
+/**
+ * Groups cost entries by the value of a specific tag key.
+ * Entries missing the tag key are grouped under "(untagged)".
+ * Results are sorted descending by totalUsd.
+ */
+export declare function aggregateCostsByTag(entries: TaggedCostEntry[], tagKey: string): TaggedCostSummary[];
+/**
+ * Formats a list of TaggedCostSummary objects as a plain-text table.
+ * Columns: tag value | runs | total USD
+ * Sorted descending by totalUsd (aggregateCostsByTag already sorts).
+ */
+export declare function formatCostReport(summaries: TaggedCostSummary[]): string;

package/dist/vendor/core/cost/tagged-cost.js

@@ -0,0 +1,55 @@
+// SLICE-17 — Per-run cost attribution by tag
+// Groups cost ledger entries by arbitrary key-value tags for chargeback reporting.
+/**
+ * Groups cost entries by the value of a specific tag key.
+ * Entries missing the tag key are grouped under "(untagged)".
+ * Results are sorted descending by totalUsd.
+ */
+export function aggregateCostsByTag(entries, tagKey) {
+    const groups = new Map();
+    for (const entry of entries) {
+        const tagValue = entry.tags[tagKey] ?? "(untagged)";
+        const existing = groups.get(tagValue);
+        if (existing) {
+            existing.push(entry);
+        }
+        else {
+            groups.set(tagValue, [entry]);
+        }
+    }
+    const summaries = [];
+    for (const [value, groupEntries] of groups) {
+        const totalUsd = groupEntries.reduce((sum, e) => sum + e.totalUsd, 0);
+        summaries.push({
+            tag: tagKey,
+            value,
+            totalUsd,
+            runCount: groupEntries.length,
+            entries: groupEntries
+        });
+    }
+    // Sort descending by totalUsd
+    summaries.sort((a, b) => b.totalUsd - a.totalUsd);
+    return summaries;
+}
+/**
+ * Formats a list of TaggedCostSummary objects as a plain-text table.
+ * Columns: tag value | runs | total USD
+ * Sorted descending by totalUsd (aggregateCostsByTag already sorts).
+ */
+export function formatCostReport(summaries) {
+    if (summaries.length === 0) {
+        return "No cost data available.";
+    }
+    const tagKey = summaries[0].tag;
+    const header = `${tagKey.padEnd(30)} | ${"runs".padStart(6)} | ${"total USD".padStart(10)}`;
+    const separator = "-".repeat(header.length);
+    const rows = summaries.map((s) => {
+        const value = s.value.padEnd(30);
+        const runs = String(s.runCount).padStart(6);
+        const cost = `$${s.totalUsd.toFixed(4)}`.padStart(10);
+        return `${value} | ${runs} | ${cost}`;
+    });
+    return [header, separator, ...rows].join("\n");
+}
+//# sourceMappingURL=tagged-cost.js.map

package/dist/vendor/core/cost-governor.d.ts

@@ -0,0 +1,2 @@
+import type { CostGovernorInput, CostGovernorState } from "./types.js";
+export declare function evaluateCostGovernor(input: CostGovernorInput): CostGovernorState;

package/dist/vendor/core/cost-governor.js

@@ -0,0 +1,50 @@
+export function evaluateCostGovernor(input) {
+    const totalTokens = input.cost.tokensIn + input.cost.tokensOut;
+    const projectedUsd = input.cost.actualUsd + (input.projectedUsage?.actualUsd ?? 0);
+    const projectedTokens = totalTokens +
+        (input.projectedUsage?.tokensIn ?? 0) +
+        (input.projectedUsage?.tokensOut ?? 0);
+    const remainingBudgetUsd = clamp(input.budget.maxUsd - input.cost.actualUsd);
+    const remainingIterations = Math.max(0, input.budget.maxIterations - input.attemptsUsed);
+    const remainingTokens = Math.max(0, input.budget.maxTokens - totalTokens);
+    const hardLimitReached = input.cost.actualUsd >= input.budget.maxUsd ||
+        projectedUsd > input.budget.maxUsd ||
+        totalTokens >= input.budget.maxTokens ||
+        projectedTokens > input.budget.maxTokens ||
+        input.attemptsUsed >= input.budget.maxIterations;
+    if (hardLimitReached) {
+        return {
+            pressure: "hard_limit",
+            shouldStop: true,
+            remainingBudgetUsd,
+            remainingIterations,
+            remainingTokens,
+            recommendedIntervention: "stop_loop"
+        };
+    }
+    const softLimitReached = input.cost.actualUsd >= input.budget.softLimitUsd ||
+        projectedUsd >= input.budget.softLimitUsd ||
+        totalTokens >= input.budget.maxTokens * 0.75 ||
+        remainingIterations <= 1;
+    if (softLimitReached) {
+        return {
+            pressure: "soft_limit",
+            shouldStop: false,
+            remainingBudgetUsd,
+            remainingIterations,
+            remainingTokens,
+            recommendedIntervention: "compress_context"
+        };
+    }
+    return {
+        pressure: "healthy",
+        shouldStop: false,
+        remainingBudgetUsd,
+        remainingIterations,
+        remainingTokens
+    };
+}
+function clamp(value) {
+    return value < 0 ? 0 : Number(value.toFixed(4));
+}
+//# sourceMappingURL=cost-governor.js.map

package/dist/vendor/core/cve/cve-check.d.ts

@@ -0,0 +1,80 @@
+/**
+ * cve-check.ts — SLICE-22
+ *
+ * CVE-watch pre-execution hook.
+ *
+ * Before a patch is applied, scans the diff for any package.json changes that
+ * introduce or upgrade a dependency. Each new/upgraded package is checked against
+ * the OSV (Open Source Vulnerabilities) API.
+ *
+ * Blocking behavior (configurable via martin.policy.yaml):
+ *   cveCheck:
+ *     enabled: true           # default: true
+ *     blockSeverity: HIGH     # CRITICAL | HIGH | MEDIUM | LOW
+ *     failClosed: false       # true = block on API error (default: false = warn)
+ *
+ * The result is written to cve-check.json in the attempt artifacts directory.
+ */
+export type CveSeverity = "CRITICAL" | "HIGH" | "MEDIUM" | "LOW" | "UNKNOWN";
+export interface CveCheckPolicy {
+    enabled: boolean;
+    /** Block when any finding is at or above this severity. */
+    blockSeverity: CveSeverity;
+    /** When true, an OSV API error blocks the patch. Default false (fail-open). */
+    failClosed: boolean;
+}
+export interface PackageRef {
+    name: string;
+    version: string;
+    ecosystem: "npm" | "PyPI" | "crates.io" | "Go";
+}
+export interface CveFinding {
+    vulnerabilityId: string;
+    severity: CveSeverity;
+    packageName: string;
+    packageVersion: string;
+    summary?: string;
+}
+export interface CveCheckResult {
+    blocked: boolean;
+    /** Populated when blocked:true due to a CVE finding. */
+    reasonCode?: "cve_blocked" | "cve_api_error";
+    /** Human-readable explanation. */
+    reason?: string;
+    findings: CveFinding[];
+    /** Populated when the OSV call failed. */
+    apiError?: string;
+    /** true when cveCheck.enabled:false in policy. */
+    skipped?: boolean;
+    /** ISO timestamp of when the check ran. */
+    checkedAt: string;
+    /** Number of packages checked. */
+    checkedCount: number;
+}
+export interface OsvQueryResult {
+    results: Array<{
+        vulns?: Array<{
+            id: string;
+            summary?: string;
+            database_specific?: {
+                severity?: string;
+            };
+            severity?: Array<{
+                type: string;
+                score: string;
+            }>;
+        }>;
+    }>;
+}
+/**
+ * Extracts added/upgraded npm package name+version pairs from a unified diff.
+ *
+ * Looks for `+ "name": "version"` patterns on lines added within package.json hunks.
+ * Supports regular and scoped packages (@scope/name).
+ */
+export declare function parseDependencyChanges(diff: string): PackageRef[];
+export declare function checkCves(options: {
+    packages: PackageRef[];
+    policy: CveCheckPolicy;
+    fetchFn?: typeof fetch;
+}): Promise<CveCheckResult>;

package/dist/vendor/core/cve/cve-check.js

@@ -0,0 +1,172 @@
+/**
+ * cve-check.ts — SLICE-22
+ *
+ * CVE-watch pre-execution hook.
+ *
+ * Before a patch is applied, scans the diff for any package.json changes that
+ * introduce or upgrade a dependency. Each new/upgraded package is checked against
+ * the OSV (Open Source Vulnerabilities) API.
+ *
+ * Blocking behavior (configurable via martin.policy.yaml):
+ *   cveCheck:
+ *     enabled: true           # default: true
+ *     blockSeverity: HIGH     # CRITICAL | HIGH | MEDIUM | LOW
+ *     failClosed: false       # true = block on API error (default: false = warn)
+ *
+ * The result is written to cve-check.json in the attempt artifacts directory.
+ */
+// ---------------------------------------------------------------------------
+// Diff parsing
+// ---------------------------------------------------------------------------
+/**
+ * Extracts added/upgraded npm package name+version pairs from a unified diff.
+ *
+ * Looks for `+ "name": "version"` patterns on lines added within package.json hunks.
+ * Supports regular and scoped packages (@scope/name).
+ */
+export function parseDependencyChanges(diff) {
+    const found = [];
+    let inPackageJson = false;
+    for (const line of diff.split("\n")) {
+        // Track when we're inside a package.json diff block
+        if (line.startsWith("diff --git")) {
+            inPackageJson = /\bpackage\.json\b/.test(line);
+            continue;
+        }
+        if (!inPackageJson)
+            continue;
+        // Only look at added lines (+ prefix, not +++ header)
+        if (!line.startsWith("+") || line.startsWith("+++"))
+            continue;
+        const content = line.slice(1); // strip leading +
+        // Match: "name": "version" or "name": "^version" etc.
+        // Supports scoped packages like @scope/name
+        const match = content.match(/"(@?[\w/.-]+)":\s*"[~^]?([0-9][^"]*|latest|next)"/u);
+        if (match?.[1] && match[2]) {
+            const name = match[1];
+            const version = match[2].replace(/^[~^]/, "");
+            // Skip non-package keys that might look like packages
+            const SKIP_KEYS = new Set(["version", "main", "module", "types", "license", "description"]);
+            if (!SKIP_KEYS.has(name)) {
+                found.push({ name, version, ecosystem: "npm" });
+            }
+        }
+    }
+    return found;
+}
+// ---------------------------------------------------------------------------
+// OSV query
+// ---------------------------------------------------------------------------
+const OSV_BATCH_URL = "https://api.osv.dev/v1/querybatch";
+const SEVERITY_ORDER = ["LOW", "MEDIUM", "HIGH", "CRITICAL"];
+function severityFromString(raw) {
+    const upper = (raw ?? "").toUpperCase();
+    if (upper === "CRITICAL")
+        return "CRITICAL";
+    if (upper === "HIGH")
+        return "HIGH";
+    if (upper === "MEDIUM")
+        return "MEDIUM";
+    if (upper === "LOW")
+        return "LOW";
+    return "UNKNOWN";
+}
+function isSeverityAtOrAbove(finding, threshold) {
+    const fi = SEVERITY_ORDER.indexOf(finding);
+    const ti = SEVERITY_ORDER.indexOf(threshold);
+    if (fi === -1 || ti === -1)
+        return false;
+    return fi >= ti;
+}
+// ---------------------------------------------------------------------------
+// Main entry point
+// ---------------------------------------------------------------------------
+export async function checkCves(options) {
+    const checkedAt = new Date().toISOString();
+    const { packages, policy, fetchFn = fetch } = options;
+    // Fast exit: disabled by policy
+    if (!policy.enabled) {
+        return { blocked: false, findings: [], skipped: true, checkedAt, checkedCount: 0 };
+    }
+    // Fast exit: nothing to check
+    if (packages.length === 0) {
+        return { blocked: false, findings: [], checkedAt, checkedCount: 0 };
+    }
+    // Build OSV batch request
+    const queries = packages.map((pkg) => ({
+        package: { name: pkg.name, ecosystem: "npm" },
+        version: pkg.version
+    }));
+    let osvData;
+    try {
+        const response = await fetchFn(OSV_BATCH_URL, {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify({ queries }),
+            signal: AbortSignal.timeout(10_000)
+        });
+        if (!response.ok) {
+            throw new Error(`OSV API returned HTTP ${response.status}`);
+        }
+        osvData = (await response.json());
+    }
+    catch (err) {
+        const apiError = err instanceof Error ? err.message : String(err);
+        if (policy.failClosed) {
+            return {
+                blocked: true,
+                reasonCode: "cve_api_error",
+                reason: `CVE check failed: OSV API error (failClosed:true). Error: ${apiError}`,
+                findings: [],
+                apiError,
+                checkedAt,
+                checkedCount: packages.length
+            };
+        }
+        // Fail-open: warn but do not block
+        return {
+            blocked: false,
+            findings: [],
+            apiError,
+            reason: `CVE check skipped (OSV API unavailable, failClosed:false): ${apiError}`,
+            checkedAt,
+            checkedCount: packages.length
+        };
+    }
+    // Parse findings
+    const findings = [];
+    for (let i = 0; i < (osvData.results ?? []).length; i++) {
+        const pkg = packages[i];
+        const result = osvData.results[i];
+        for (const vuln of result?.vulns ?? []) {
+            const severity = severityFromString(vuln.database_specific?.severity);
+            findings.push({
+                vulnerabilityId: vuln.id,
+                severity,
+                packageName: pkg?.name ?? "unknown",
+                packageVersion: pkg?.version ?? "unknown",
+                summary: vuln.summary
+            });
+        }
+    }
+    // Apply threshold
+    const blockingFindings = findings.filter((f) => isSeverityAtOrAbove(f.severity, policy.blockSeverity));
+    if (blockingFindings.length > 0) {
+        const names = blockingFindings.map((f) => `${f.packageName}@${f.packageVersion} (${f.severity})`).join(", ");
+        return {
+            blocked: true,
+            reasonCode: "cve_blocked",
+            reason: `CVE check blocked patch: ${blockingFindings.length} ${policy.blockSeverity}+ advisory(ies) found: ${names}`,
+            findings,
+            checkedAt,
+            checkedCount: packages.length
+        };
+    }
+    return {
+        blocked: false,
+        findings,
+        checkedAt,
+        checkedCount: packages.length
+    };
+}
+//# sourceMappingURL=cve-check.js.map

package/dist/vendor/core/digital-twin/index.d.ts

@@ -0,0 +1,27 @@
+import type { ApprovalPolicy } from "../../contracts/index.js";
+export interface DigitalTwinSimulationInput {
+    scenarioId: string;
+    objective?: string;
+    changedFiles: string[];
+    verificationPlan: string[];
+    requestedSurfaces: string[];
+    allowedSurfaces: string[];
+    approvalPolicy?: ApprovalPolicy;
+    allowedPaths?: string[];
+    deniedPaths?: string[];
+    allowedNetworkDomains?: string[];
+    requiresHumanApproval?: boolean;
+}
+export interface DigitalTwinSimulationReport {
+    scenarioId: string;
+    riskTier: "low" | "medium" | "high" | "critical";
+    blastRadiusScore: number;
+    rollbackConfidence: number;
+    protectedSurfaceTouched: boolean;
+    requiresIndependentVerification: boolean;
+    recommendedAction: "proceed" | "require_review" | "block";
+    reasons: string[];
+    allowedClaimWording: string;
+    nonClaims: string[];
+}
+export declare function runDigitalTwinSimulation(input: DigitalTwinSimulationInput): DigitalTwinSimulationReport;

package/dist/vendor/core/digital-twin/index.js

@@ -0,0 +1,90 @@
+import { evaluateAutonomyEnvelopeV2 } from "../autonomy/envelope-v2.js";
+import { analyzeLoopSurface } from "../surface-signals.js";
+export function runDigitalTwinSimulation(input) {
+    const envelopeDecision = evaluateAutonomyEnvelopeV2({
+        taskId: input.scenarioId,
+        taskFamily: "digital-twin",
+        requestedSurfaces: input.requestedSurfaces,
+        allowedSurfaces: input.allowedSurfaces,
+        verificationPlan: input.verificationPlan,
+        commands: input.verificationPlan,
+        changedFiles: input.changedFiles,
+        allowedPaths: input.allowedPaths,
+        deniedPaths: input.deniedPaths,
+        allowedNetworkDomains: input.allowedNetworkDomains,
+        approvalPolicy: input.approvalPolicy,
+        requiresHumanApproval: input.requiresHumanApproval
+    });
+    const surfaceSignals = analyzeLoopSurface({
+        objective: input.objective,
+        verificationPlan: input.verificationPlan,
+        changedFiles: input.changedFiles
+    });
+    const protectedSurfaceTouched = input.changedFiles.some(isProtectedSurface);
+    const blastRadiusScore = clampScore(10 +
+        surfaceSignals.workspaceGraphRiskScore * 25 +
+        surfaceSignals.crossBoundaryRiskScore * 25 +
+        (protectedSurfaceTouched ? 20 : 0) +
+        (envelopeDecision.blockedSurfaces.includes("command") ? 20 : 0) +
+        (envelopeDecision.blockedSurfaces.includes("dependency") ? 15 : 0) +
+        (input.requiresHumanApproval ? 15 : 0));
+    const riskTier = classifyRiskTier(blastRadiusScore);
+    const rollbackConfidence = clampRatio(0.92 -
+        surfaceSignals.workspaceGraphRiskScore * 0.25 -
+        surfaceSignals.crossBoundaryRiskScore * 0.2 -
+        (protectedSurfaceTouched ? 0.15 : 0) -
+        (input.requiresHumanApproval ? 0.12 : 0) -
+        (envelopeDecision.blockedSurfaces.includes("command") ? 0.1 : 0));
+    const reasons = [...envelopeDecision.reasons];
+    if (protectedSurfaceTouched) {
+        reasons.push("protected release or deployment surface touched");
+    }
+    if (surfaceSignals.workspaceGraphRiskScore >= 0.5) {
+        reasons.push("workspace graph risk is elevated");
+    }
+    if (surfaceSignals.crossBoundaryRiskScore >= 0.5) {
+        reasons.push("cross-boundary change risk is elevated");
+    }
+    return {
+        scenarioId: input.scenarioId,
+        riskTier,
+        blastRadiusScore,
+        rollbackConfidence,
+        protectedSurfaceTouched,
+        requiresIndependentVerification: riskTier === "high" || riskTier === "critical" || protectedSurfaceTouched,
+        recommendedAction: riskTier === "critical"
+            ? "block"
+            : riskTier === "high" || envelopeDecision.decision === "escalate"
+                ? "require_review"
+                : "proceed",
+        reasons,
+        allowedClaimWording: "High-risk runs are simulated in a pre-merge digital twin with blast-radius scoring, rollback confidence, and explicit review recommendations.",
+        nonClaims: ["perfect predictive safety", "simulation replaces human judgment"]
+    };
+}
+function classifyRiskTier(score) {
+    if (score >= 80)
+        return "critical";
+    if (score >= 55)
+        return "high";
+    if (score >= 30)
+        return "medium";
+    return "low";
+}
+function isProtectedSurface(file) {
+    const normalized = file.replace(/\\/gu, "/").toLowerCase();
+    return (normalized.startsWith(".github/workflows/") ||
+        normalized.startsWith("deploy/") ||
+        normalized.startsWith("infra/") ||
+        normalized.includes("/migrations/") ||
+        normalized.endsWith("/package.json") ||
+        normalized === "package.json" ||
+        normalized === "pnpm-lock.yaml");
+}
+function clampScore(value) {
+    return Math.max(0, Math.min(100, Math.round(value)));
+}
+function clampRatio(value) {
+    return Math.max(0, Math.min(1, Math.round(value * 100) / 100));
+}
+//# sourceMappingURL=index.js.map