saasgadget 0.1.0

package/dist/prompts/repo-scan-quick.js

@@ -0,0 +1,69 @@
+import { registerTemplate } from './catalog.js';
+export const REPO_SCAN_QUICK_TEMPLATE = {
+    persona: `You are "Scout Scotty." You are the Lead Reconnaissance Analyst in the Engineering Department at SaaSGadgetCLI, in partnership with WxZRD Consulting. You will complete your objective efficiently, as to satisfy the customers with their requests.
+
+MOOD: Sharp-eyed and efficient. First in, fast out. You sweep the terrain, tag the signals, and move on — no dithering, no rabbit holes.`,
+    objective: `Perform a rapid signal scan of the target repository to detect SaaS-relevant patterns across authentication, billing, tenancy, security, and code health categories. Produce a structured signal report with severity ratings and actionable findings. Target completion: under 2 minutes wall time.`,
+    constraints: `CONSTRAINTS:
+- Read-only analysis — never modify repository files.
+- Complete within ~25,000 token budget (quick scan, not deep dive).
+- Focus on signal detection, not deep architecture analysis (that's repo.audit.deep).
+- Scan breadth over depth: cover all 5 signal categories even if superficially, rather than deeply analyzing one category.
+- When patterns are ambiguous, flag them as "needs-review" rather than making definitive claims.
+- Do NOT duplicate work already done in a prior scan within the same session.`,
+    required_context: `REQUIRED CONTEXT:
+- repo: Repository URL or local path (REQUIRED)
+- File tree listing (via glob)
+- package.json / requirements.txt / go.mod (dependency manifest)
+- README.md (project description)
+- Auth-related files (middleware, auth config, JWT usage)
+- Billing-related files (Stripe, payment, subscription code)
+- FounderContextProfile (OPTIONAL — improves relevance if available)`,
+    tool_policy: `TOOL POLICY:
+- ALLOWED: grep, glob, view (read-only built-in tools)
+- DENIED: mcp_call, write operations
+- Tool profile: "scan" (read-only)
+- File read budget: up to 50 files sampled`,
+    output_schema_ref: `OUTPUT SCHEMA: schemas/scan-result.v1
+MARKDOWN TEMPLATE: templates/scan-result.v1.md
+CHECKLIST TEMPLATE: templates/scan-result-checklist.v1.md`,
+    confidence_rubric: `CONFIDENCE PER SIGNAL:
+- 1.0: Deterministic rule match (e.g., "package.json has stripe dependency")
+- 0.7–0.9: Strong pattern match (e.g., "JWT middleware found in auth/")
+- 0.4–0.6: Weak pattern match (e.g., "file named 'billing' but unclear usage")
+- 0.1–0.3: Inference only (e.g., "no auth detected — assuming public app")
+
+OVERALL SCAN CONFIDENCE:
+- Based on file coverage (% of repo scanned) and signal clarity.`,
+};
+/** SaaS signal heuristics for each domain category. */
+export const SIGNAL_HEURISTICS = {
+    auth: {
+        dependencies: ['passport', 'jsonwebtoken', 'bcrypt', 'argon2', 'next-auth', '@auth0/nextjs-auth0', 'express-session', 'cookie-session', '@supabase/auth-helpers-nextjs', 'firebase-admin', 'clerk', '@clerk/nextjs'],
+        filePatterns: ['**/auth/**', '**/middleware/auth*', '**/lib/auth*', '**/utils/auth*', '**/api/auth/**'],
+        codePatterns: ['jwt.verify', 'jwt.sign', 'bcrypt.hash', 'passport.use', 'getSession', 'useSession', 'getServerSession'],
+    },
+    billing: {
+        dependencies: ['stripe', '@stripe/stripe-js', 'paddle-sdk', 'lemonsqueezy', 'chargebee', 'recurly'],
+        filePatterns: ['**/billing/**', '**/payments/**', '**/subscription*', '**/pricing*', '**/webhook*'],
+        codePatterns: ['stripe.customers', 'stripe.subscriptions', 'stripe.checkout', 'createCheckoutSession', 'webhookSecret'],
+    },
+    tenancy: {
+        dependencies: [],
+        filePatterns: ['**/tenant*', '**/organization*', '**/workspace*', '**/team*'],
+        codePatterns: ['tenantId', 'orgId', 'workspaceId', 'tenant_id', 'organization_id', 'RLS', 'row level security'],
+    },
+    security: {
+        dependencies: ['helmet', 'cors', 'csurf', 'express-rate-limit', 'rate-limiter-flexible', 'zod', 'joi', 'yup'],
+        filePatterns: ['**/security/**', '**/middleware/rate*', '**/.env*', '**/config/security*'],
+        codePatterns: ['helmet()', 'cors()', 'rateLimit(', 'csrf', 'sanitize', 'escape', 'validate'],
+    },
+    'code-health': {
+        dependencies: ['jest', 'vitest', 'mocha', 'cypress', 'playwright', 'eslint', 'prettier', 'typescript'],
+        filePatterns: ['**/*.test.*', '**/*.spec.*', '**/__tests__/**', '.github/workflows/**', 'jest.config*', 'vitest.config*', '.eslintrc*', 'tsconfig*'],
+        codePatterns: ['describe(', 'it(', 'test(', 'expect(', 'assert'],
+    },
+};
+// Self-register on import
+registerTemplate('repo.scan.quick', 'scan', REPO_SCAN_QUICK_TEMPLATE);
+//# sourceMappingURL=repo-scan-quick.js.map

package/dist/prompts/repo-scan-quick.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"repo-scan-quick.js","sourceRoot":"","sources":["../../src/prompts/repo-scan-quick.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAEhD,MAAM,CAAC,MAAM,wBAAwB,GAAmB;IACtD,OAAO,EAAE;;yIAE8H;IAEvI,SAAS,EAAE,sSAAsS;IAEjT,WAAW,EAAE;;;;;;8EAM+D;IAE5E,gBAAgB,EAAE;;;;;;;qEAOiD;IAEnE,WAAW,EAAE;;;;2CAI4B;IAEzC,iBAAiB,EAAE;;0DAEqC;IAExD,iBAAiB,EAAE;;;;;;;iEAO4C;CAChE,CAAC;AAEF,uDAAuD;AACvD,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,IAAI,EAAE;QACJ,YAAY,EAAE,CAAC,UAAU,EAAE,cAAc,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,qBAAqB,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,+BAA+B,EAAE,gBAAgB,EAAE,OAAO,EAAE,eAAe,CAAC;QACpN,YAAY,EAAE,CAAC,YAAY,EAAE,qBAAqB,EAAE,cAAc,EAAE,gBAAgB,EAAE,gBAAgB,CAAC;QACvG,YAAY,EAAE,CAAC,YAAY,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,YAAY,EAAE,YAAY,EAAE,kBAAkB,CAAC;KACxH;IACD,OAAO,EAAE;QACP,YAAY,EAAE,CAAC,QAAQ,EAAE,mBAAmB,EAAE,YAAY,EAAE,cAAc,EAAE,WAAW,EAAE,SAAS,CAAC;QACnG,YAAY,EAAE,CAAC,eAAe,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,aAAa,EAAE,aAAa,CAAC;QACnG,YAAY,EAAE,CAAC,kBAAkB,EAAE,sBAAsB,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,eAAe,CAAC;KACxH;IACD,OAAO,EAAE;QACP,YAAY,EAAE,EAAE;QAChB,YAAY,EAAE,CAAC,YAAY,EAAE,kBAAkB,EAAE,eAAe,EAAE,UAAU,CAAC;QAC7E,YAAY,EAAE,CAAC,UAAU,EAAE,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,iBAAiB,EAAE,KAAK,EAAE,oBAAoB,CAAC;KAChH;IACD,QAAQ,EAAE;QACR,YAAY,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,oBAAoB,EAAE,uBAAuB,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;QAC7G,YAAY,EAAE,CAAC,gBAAgB,EAAE,qBAAqB,EAAE,UAAU,EAAE,qBAAqB,CAAC;QAC1F,YAAY,EAAE,CAAC,UAAU,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,CAAC;KAC7F;IACD,aAAa,EAAE;QACb,YAAY,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE,YAAY,CAAC;QACtG,YAAY,EAAE,CAAC,aAAa,EAAE,aAAa,EAAE,iBAAiB,EAAE,sBAAsB,EAAE,cAAc,EAAE,gBAAgB,EAAE,YAAY,EAAE,WAAW,CAAC;QACpJ,YAAY,EAAE,CAAC,WAAW,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;KACjE;CACO,CAAC;AAEX,0BAA0B;AAC1B,gBAAgB,CAAC,iBAAiB,EAAE,MAAM,EAAE,wBAAwB,CAAC,CAAC"}

package/dist/prompts/skeptic-review.d.ts

@@ -0,0 +1,10 @@
+/**
+ * skeptic-review prompt template — assumption challenging, overconfidence detection.
+ * Template ID: skeptic.review.challenge
+ * Agent: Skeptic Reviewer
+ * @module prompts/skeptic-review
+ */
+import type { PromptTemplate } from './prompt-template.js';
+export declare const SKEPTIC_REVIEW_TEMPLATE_ID = "skeptic.review.challenge";
+export declare const skepticReviewTemplate: PromptTemplate;
+//# sourceMappingURL=skeptic-review.d.ts.map

package/dist/prompts/skeptic-review.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"skeptic-review.d.ts","sourceRoot":"","sources":["../../src/prompts/skeptic-review.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAE3D,eAAO,MAAM,0BAA0B,6BAA6B,CAAC;AAErE,eAAO,MAAM,qBAAqB,EAAE,cA2CnC,CAAC"}

package/dist/prompts/skeptic-review.js

@@ -0,0 +1,40 @@
+export const SKEPTIC_REVIEW_TEMPLATE_ID = 'skeptic.review.challenge';
+export const skepticReviewTemplate = {
+    persona: `You are "Skeptic Sam." You are the Lead Contrarian Analyst in the Quality Assurance Department at SaaSGadgetCLI, in partnership with WxZRD Consulting. You will complete your objective efficiently, as to satisfy the customers with their requests.
+
+MOOD: Sharp and constructively critical. You're not here to tear things down — you're here to make sure they're built on solid ground. If a claim can't survive your questions, it shouldn't survive the report.`,
+    objective: `Perform a contrarian review of the completed analysis output. Challenge optimistic assumptions, flag overconfidence, identify unsupported claims, and inject counterpoints. The goal is NOT to invalidate the analysis but to strengthen it by surfacing blind spots and ensuring intellectual honesty. Produce a SkepticReview artifact with severity-rated challenges.`,
+    constraints: `CONSTRAINTS:
+- Constructive contrarian, not nihilistic — every challenge MUST include a suggestedRevision, not just criticism.
+- Do not challenge deterministic/rule-based findings (confidence = 1.0). Focus on agent-inferred claims (confidence < 0.9).
+- Maximum 10 challenges per review (focus on the most impactful).
+- Challenges rated by severity: minor, moderate, major.
+- Do not introduce new analysis — only review what was already produced.
+- Never fabricate counterevidence — cite what evidence is missing, not fake contrary evidence.`,
+    required_context: `REQUIRED CONTEXT:
+- Completed pack output to review (the full JSON artifact + markdown)
+- The assumptions array from the artifact being reviewed
+- Confidence scores from the original analysis
+- FounderContextProfile (if available — to check if assumptions align with founder-provided data)
+- The promptVersions used by the original analysis (for traceability)`,
+    tool_policy: `TOOL POLICY:
+- ALLOWED: read-only access to the artifact under review
+- DENIED: grep, glob, view (skeptic does NOT re-analyze the repo)
+- DENIED: write operations, web search, mcp_call
+- The skeptic reviewer operates on analysis artifacts, not source code.`,
+    output_schema_ref: `OUTPUT SCHEMA: SkepticReview (schemas/common.ts)
+{
+  challenges: Challenge[],
+  overconfidenceFlags: string[],
+  counterpoints: string[]
+}`,
+    confidence_rubric: `CHALLENGE CONFIDENCE:
+- 1.0: Challenge is factually grounded (e.g., "claims 95% uptime but no monitoring detected")
+- 0.7–0.9: Challenge based on strong logical reasoning
+- 0.4–0.6: Challenge based on industry experience
+- 0.1–0.3: Speculative challenge (flag but don't overweight)
+
+SKEPTIC REVIEW INTEGRITY:
+- A clean review with few challenges IS a valid output. Don't manufacture challenges where none exist.`,
+};
+//# sourceMappingURL=skeptic-review.js.map

package/dist/prompts/skeptic-review.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"skeptic-review.js","sourceRoot":"","sources":["../../src/prompts/skeptic-review.ts"],"names":[],"mappings":"AAQA,MAAM,CAAC,MAAM,0BAA0B,GAAG,0BAA0B,CAAC;AAErE,MAAM,CAAC,MAAM,qBAAqB,GAAmB;IACnD,OAAO,EAAE;;iNAEsM;IAE/M,SAAS,EAAE,0WAA0W;IAErX,WAAW,EAAE;;;;;;+FAMgF;IAE7F,gBAAgB,EAAE;;;;;sEAKkD;IAEpE,WAAW,EAAE;;;;wEAIyD;IAEtE,iBAAiB,EAAE;;;;;EAKnB;IAEA,iBAAiB,EAAE;;;;;;;uGAOkF;CACtG,CAAC"}

package/dist/schemas/agent-step-sequence.d.ts

@@ -0,0 +1,41 @@
+/**
+ * AgentStepSequence schema — multi-step agent reasoning within sessions.
+ * @module schemas/agent-step-sequence
+ */
+import { z } from 'zod';
+export declare const AgentStepSchema: z.ZodObject<{
+    order: z.ZodNumber;
+    thought: z.ZodString;
+    action: z.ZodNullable<z.ZodString>;
+    observation: z.ZodNullable<z.ZodString>;
+    timestamp: z.ZodString;
+}, z.core.$strip>;
+export type AgentStep = z.infer<typeof AgentStepSchema>;
+export declare const AgentStepSequenceStateSchema: z.ZodEnum<{
+    initiated: "initiated";
+    stepping: "stepping";
+    concluded: "concluded";
+}>;
+export declare const AgentStepSequenceSchema: z.ZodObject<{
+    sequenceId: z.ZodString;
+    sessionId: z.ZodString;
+    agentId: z.ZodString;
+    state: z.ZodEnum<{
+        initiated: "initiated";
+        stepping: "stepping";
+        concluded: "concluded";
+    }>;
+    startedAt: z.ZodString;
+    concludedAt: z.ZodNullable<z.ZodString>;
+    steps: z.ZodArray<z.ZodObject<{
+        order: z.ZodNumber;
+        thought: z.ZodString;
+        action: z.ZodNullable<z.ZodString>;
+        observation: z.ZodNullable<z.ZodString>;
+        timestamp: z.ZodString;
+    }, z.core.$strip>>;
+    partialResult: z.ZodNullable<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
+    conclusion: z.ZodNullable<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
+}, z.core.$strip>;
+export type AgentStepSequence = z.infer<typeof AgentStepSequenceSchema>;
+//# sourceMappingURL=agent-step-sequence.d.ts.map

package/dist/schemas/agent-step-sequence.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"agent-step-sequence.d.ts","sourceRoot":"","sources":["../../src/schemas/agent-step-sequence.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,eAAO,MAAM,eAAe;;;;;;iBAM1B,CAAC;AACH,MAAM,MAAM,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAC;AAExD,eAAO,MAAM,4BAA4B;;;;EAAiD,CAAC;AAE3F,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;;;iBAUlC,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,uBAAuB,CAAC,CAAC"}

package/dist/schemas/agent-step-sequence.js

@@ -0,0 +1,25 @@
+/**
+ * AgentStepSequence schema — multi-step agent reasoning within sessions.
+ * @module schemas/agent-step-sequence
+ */
+import { z } from 'zod';
+export const AgentStepSchema = z.object({
+    order: z.number().int(),
+    thought: z.string(),
+    action: z.string().nullable(),
+    observation: z.string().nullable(),
+    timestamp: z.string(),
+});
+export const AgentStepSequenceStateSchema = z.enum(['initiated', 'stepping', 'concluded']);
+export const AgentStepSequenceSchema = z.object({
+    sequenceId: z.string(),
+    sessionId: z.string(),
+    agentId: z.string(),
+    state: AgentStepSequenceStateSchema,
+    startedAt: z.string(),
+    concludedAt: z.string().nullable(),
+    steps: z.array(AgentStepSchema),
+    partialResult: z.record(z.string(), z.unknown()).nullable(),
+    conclusion: z.record(z.string(), z.unknown()).nullable(),
+});
+//# sourceMappingURL=agent-step-sequence.js.map

package/dist/schemas/agent-step-sequence.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"agent-step-sequence.js","sourceRoot":"","sources":["../../src/schemas/agent-step-sequence.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC;IACtC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IACvB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC7B,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;CACtB,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,4BAA4B,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC;AAE3F,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9C,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE;IACtB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,KAAK,EAAE,4BAA4B;IACnC,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC;IAC/B,aAAa,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC3D,UAAU,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE;CACzD,CAAC,CAAC"}

package/dist/schemas/artifact-envelope.v1.d.ts

@@ -0,0 +1,69 @@
+/**
+ * ArtifactEnvelope schema — common wrapper for all artifact outputs.
+ * @module schemas/artifact-envelope.v1
+ */
+import { z } from 'zod';
+export declare const ArtifactEnvelopeSchema: z.ZodObject<{
+    metadata: z.ZodObject<{
+        schemaVersion: z.ZodString;
+        packType: z.ZodString;
+        generatedAt: z.ZodString;
+        repo: z.ZodString;
+        sessionId: z.ZodString;
+        promptVersions: z.ZodRecord<z.ZodString, z.ZodString>;
+    }, z.core.$strip>;
+    data: z.ZodRecord<z.ZodString, z.ZodUnknown>;
+    nextActions: z.ZodArray<z.ZodObject<{
+        rank: z.ZodNumber;
+        action: z.ZodString;
+        impact: z.ZodEnum<{
+            low: "low";
+            medium: "medium";
+            high: "high";
+        }>;
+        file: z.ZodNullable<z.ZodString>;
+        lineRef: z.ZodNullable<z.ZodString>;
+        doNothingTradeoff: z.ZodString;
+    }, z.core.$strip>>;
+    sevenDayTimeline: z.ZodArray<z.ZodObject<{
+        day: z.ZodNumber;
+        action: z.ZodString;
+        priority: z.ZodEnum<{
+            medium: "medium";
+            high: "high";
+            critical: "critical";
+        }>;
+    }, z.core.$strip>>;
+    assumptions: z.ZodArray<z.ZodObject<{
+        statement: z.ZodString;
+        confidence: z.ZodNumber;
+        source: z.ZodEnum<{
+            rule: "rule";
+            agent: "agent";
+            profile: "profile";
+            inferred: "inferred";
+        }>;
+    }, z.core.$strip>>;
+    dataFreshness: z.ZodString;
+    completeness: z.ZodEnum<{
+        complete: "complete";
+        partial: "partial";
+        "budget-limited": "budget-limited";
+    }>;
+    skepticReview: z.ZodNullable<z.ZodObject<{
+        challenges: z.ZodArray<z.ZodObject<{
+            claim: z.ZodString;
+            concern: z.ZodString;
+            suggestedRevision: z.ZodString;
+            severity: z.ZodEnum<{
+                minor: "minor";
+                moderate: "moderate";
+                major: "major";
+            }>;
+        }, z.core.$strip>>;
+        overconfidenceFlags: z.ZodArray<z.ZodString>;
+        counterpoints: z.ZodArray<z.ZodString>;
+    }, z.core.$strip>>;
+}, z.core.$strip>;
+export type ArtifactEnvelope = z.infer<typeof ArtifactEnvelopeSchema>;
+//# sourceMappingURL=artifact-envelope.v1.d.ts.map

package/dist/schemas/artifact-envelope.v1.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"artifact-envelope.v1.d.ts","sourceRoot":"","sources":["../../src/schemas/artifact-envelope.v1.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AASxB,eAAO,MAAM,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAgBjC,CAAC;AACH,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC"}

package/dist/schemas/artifact-envelope.v1.js

@@ -0,0 +1,24 @@
+/**
+ * ArtifactEnvelope schema — common wrapper for all artifact outputs.
+ * @module schemas/artifact-envelope.v1
+ */
+import { z } from 'zod';
+import { NextActionSchema, TimelineItemSchema, AssumptionSchema, SkepticReviewSchema, CompletenessSchema, } from './common.js';
+export const ArtifactEnvelopeSchema = z.object({
+    metadata: z.object({
+        schemaVersion: z.string(),
+        packType: z.string(),
+        generatedAt: z.string(),
+        repo: z.string(),
+        sessionId: z.string(),
+        promptVersions: z.record(z.string(), z.string()),
+    }),
+    data: z.record(z.string(), z.unknown()),
+    nextActions: z.array(NextActionSchema),
+    sevenDayTimeline: z.array(TimelineItemSchema),
+    assumptions: z.array(AssumptionSchema),
+    dataFreshness: z.string(),
+    completeness: CompletenessSchema,
+    skepticReview: SkepticReviewSchema.nullable(),
+});
+//# sourceMappingURL=artifact-envelope.v1.js.map

package/dist/schemas/artifact-envelope.v1.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"artifact-envelope.v1.js","sourceRoot":"","sources":["../../src/schemas/artifact-envelope.v1.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EACL,gBAAgB,EAChB,kBAAkB,EAClB,gBAAgB,EAChB,mBAAmB,EACnB,kBAAkB,GACnB,MAAM,aAAa,CAAC;AAErB,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC7C,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC;QACjB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE;QACzB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;QACpB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;QACvB,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;QAChB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;QACrB,cAAc,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;KACjD,CAAC;IACF,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;IACvC,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC;IACtC,gBAAgB,EAAE,CAAC,CAAC,KAAK,CAAC,kBAAkB,CAAC;IAC7C,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC;IACtC,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE;IACzB,YAAY,EAAE,kBAAkB;IAChC,aAAa,EAAE,mBAAmB,CAAC,QAAQ,EAAE;CAC9C,CAAC,CAAC"}

package/dist/schemas/business-viability.v1.d.ts

@@ -0,0 +1,223 @@
+/**
+ * Business Viability pack schema — market, revenue model, moat, runway analysis.
+ * @module schemas/business-viability.v1
+ */
+import { z } from 'zod';
+export declare const RevenueModelSchema: z.ZodObject<{
+    type: z.ZodEnum<{
+        unknown: "unknown";
+        "one-time": "one-time";
+        freemium: "freemium";
+        marketplace: "marketplace";
+        "saas-subscription": "saas-subscription";
+        "usage-based": "usage-based";
+        enterprise: "enterprise";
+        hybrid: "hybrid";
+    }>;
+    recurringPercentage: z.ZodNumber;
+    estimatedMRR: z.ZodNullable<z.ZodString>;
+    pricingTiers: z.ZodArray<z.ZodObject<{
+        name: z.ZodString;
+        price: z.ZodString;
+        targetSegment: z.ZodString;
+    }, z.core.$strip>>;
+}, z.core.$strip>;
+export type RevenueModel = z.infer<typeof RevenueModelSchema>;
+export declare const CompetitiveMoatSchema: z.ZodObject<{
+    moatType: z.ZodEnum<{
+        data: "data";
+        brand: "brand";
+        none: "none";
+        "network-effects": "network-effects";
+        "switching-costs": "switching-costs";
+        technology: "technology";
+        regulatory: "regulatory";
+    }>;
+    strength: z.ZodEnum<{
+        moderate: "moderate";
+        none: "none";
+        strong: "strong";
+        weak: "weak";
+    }>;
+    evidence: z.ZodString;
+}, z.core.$strip>;
+export type CompetitiveMoat = z.infer<typeof CompetitiveMoatSchema>;
+export declare const BusinessViabilityDataSchema: z.ZodObject<{
+    market: z.ZodObject<{
+        targetMarket: z.ZodString;
+        marketSize: z.ZodString;
+        growthTrend: z.ZodEnum<{
+            unknown: "unknown";
+            growing: "growing";
+            stable: "stable";
+            declining: "declining";
+        }>;
+        competitorCount: z.ZodNumber;
+        signals: z.ZodArray<z.ZodObject<{
+            id: z.ZodString;
+            category: z.ZodEnum<{
+                auth: "auth";
+                billing: "billing";
+                tenancy: "tenancy";
+                security: "security";
+                "code-health": "code-health";
+                dependency: "dependency";
+                architecture: "architecture";
+            }>;
+            severity: z.ZodEnum<{
+                info: "info";
+                low: "low";
+                medium: "medium";
+                high: "high";
+                critical: "critical";
+            }>;
+            title: z.ZodString;
+            finding: z.ZodString;
+            evidence: z.ZodArray<z.ZodObject<{
+                filePath: z.ZodString;
+                lineRange: z.ZodNullable<z.ZodObject<{
+                    start: z.ZodNumber;
+                    end: z.ZodNumber;
+                }, z.core.$strip>>;
+                content: z.ZodString;
+                toolOutput: z.ZodNullable<z.ZodString>;
+            }, z.core.$strip>>;
+            ruleAnchored: z.ZodBoolean;
+            agentConfidence: z.ZodNumber;
+            priority: z.ZodDefault<z.ZodEnum<{
+                now: "now";
+                next: "next";
+                later: "later";
+            }>>;
+        }, z.core.$strip>>;
+    }, z.core.$strip>;
+    revenueModel: z.ZodObject<{
+        type: z.ZodEnum<{
+            unknown: "unknown";
+            "one-time": "one-time";
+            freemium: "freemium";
+            marketplace: "marketplace";
+            "saas-subscription": "saas-subscription";
+            "usage-based": "usage-based";
+            enterprise: "enterprise";
+            hybrid: "hybrid";
+        }>;
+        recurringPercentage: z.ZodNumber;
+        estimatedMRR: z.ZodNullable<z.ZodString>;
+        pricingTiers: z.ZodArray<z.ZodObject<{
+            name: z.ZodString;
+            price: z.ZodString;
+            targetSegment: z.ZodString;
+        }, z.core.$strip>>;
+    }, z.core.$strip>;
+    moats: z.ZodArray<z.ZodObject<{
+        moatType: z.ZodEnum<{
+            data: "data";
+            brand: "brand";
+            none: "none";
+            "network-effects": "network-effects";
+            "switching-costs": "switching-costs";
+            technology: "technology";
+            regulatory: "regulatory";
+        }>;
+        strength: z.ZodEnum<{
+            moderate: "moderate";
+            none: "none";
+            strong: "strong";
+            weak: "weak";
+        }>;
+        evidence: z.ZodString;
+    }, z.core.$strip>>;
+    customerAcquisition: z.ZodObject<{
+        primaryChannel: z.ZodString;
+        estimatedCAC: z.ZodNullable<z.ZodString>;
+        conversionFunnel: z.ZodString;
+        signals: z.ZodArray<z.ZodObject<{
+            id: z.ZodString;
+            category: z.ZodEnum<{
+                auth: "auth";
+                billing: "billing";
+                tenancy: "tenancy";
+                security: "security";
+                "code-health": "code-health";
+                dependency: "dependency";
+                architecture: "architecture";
+            }>;
+            severity: z.ZodEnum<{
+                info: "info";
+                low: "low";
+                medium: "medium";
+                high: "high";
+                critical: "critical";
+            }>;
+            title: z.ZodString;
+            finding: z.ZodString;
+            evidence: z.ZodArray<z.ZodObject<{
+                filePath: z.ZodString;
+                lineRange: z.ZodNullable<z.ZodObject<{
+                    start: z.ZodNumber;
+                    end: z.ZodNumber;
+                }, z.core.$strip>>;
+                content: z.ZodString;
+                toolOutput: z.ZodNullable<z.ZodString>;
+            }, z.core.$strip>>;
+            ruleAnchored: z.ZodBoolean;
+            agentConfidence: z.ZodNumber;
+            priority: z.ZodDefault<z.ZodEnum<{
+                now: "now";
+                next: "next";
+                later: "later";
+            }>>;
+        }, z.core.$strip>>;
+    }, z.core.$strip>;
+    operationalReadiness: z.ZodObject<{
+        teamSize: z.ZodString;
+        hiringNeeds: z.ZodString;
+        legalCompliance: z.ZodString;
+        signals: z.ZodArray<z.ZodObject<{
+            id: z.ZodString;
+            category: z.ZodEnum<{
+                auth: "auth";
+                billing: "billing";
+                tenancy: "tenancy";
+                security: "security";
+                "code-health": "code-health";
+                dependency: "dependency";
+                architecture: "architecture";
+            }>;
+            severity: z.ZodEnum<{
+                info: "info";
+                low: "low";
+                medium: "medium";
+                high: "high";
+                critical: "critical";
+            }>;
+            title: z.ZodString;
+            finding: z.ZodString;
+            evidence: z.ZodArray<z.ZodObject<{
+                filePath: z.ZodString;
+                lineRange: z.ZodNullable<z.ZodObject<{
+                    start: z.ZodNumber;
+                    end: z.ZodNumber;
+                }, z.core.$strip>>;
+                content: z.ZodString;
+                toolOutput: z.ZodNullable<z.ZodString>;
+            }, z.core.$strip>>;
+            ruleAnchored: z.ZodBoolean;
+            agentConfidence: z.ZodNumber;
+            priority: z.ZodDefault<z.ZodEnum<{
+                now: "now";
+                next: "next";
+                later: "later";
+            }>>;
+        }, z.core.$strip>>;
+    }, z.core.$strip>;
+    riskRating: z.ZodEnum<{
+        green: "green";
+        yellow: "yellow";
+        red: "red";
+    }>;
+    citedSignalIds: z.ZodArray<z.ZodString>;
+}, z.core.$strip>;
+export type BusinessViabilityData = z.infer<typeof BusinessViabilityDataSchema>;
+//# sourceMappingURL=business-viability.v1.d.ts.map

package/dist/schemas/business-viability.v1.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"business-viability.v1.d.ts","sourceRoot":"","sources":["../../src/schemas/business-viability.v1.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;iBAS7B,CAAC;AACH,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAE9D,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;iBAIhC,CAAC;AACH,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAEpE,eAAO,MAAM,2BAA2B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAwBtC,CAAC;AACH,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,2BAA2B,CAAC,CAAC"}

package/dist/schemas/business-viability.v1.js

@@ -0,0 +1,47 @@
+/**
+ * Business Viability pack schema — market, revenue model, moat, runway analysis.
+ * @module schemas/business-viability.v1
+ */
+import { z } from 'zod';
+import { SignalSchema, RiskLevelSchema } from './common.js';
+export const RevenueModelSchema = z.object({
+    type: z.enum(['saas-subscription', 'marketplace', 'freemium', 'usage-based', 'enterprise', 'one-time', 'hybrid', 'unknown']),
+    recurringPercentage: z.number().min(0).max(100),
+    estimatedMRR: z.string().nullable(),
+    pricingTiers: z.array(z.object({
+        name: z.string(),
+        price: z.string(),
+        targetSegment: z.string(),
+    })),
+});
+export const CompetitiveMoatSchema = z.object({
+    moatType: z.enum(['network-effects', 'data', 'switching-costs', 'brand', 'technology', 'regulatory', 'none']),
+    strength: z.enum(['strong', 'moderate', 'weak', 'none']),
+    evidence: z.string(),
+});
+export const BusinessViabilityDataSchema = z.object({
+    market: z.object({
+        targetMarket: z.string(),
+        marketSize: z.string(),
+        growthTrend: z.enum(['growing', 'stable', 'declining', 'unknown']),
+        competitorCount: z.number().int(),
+        signals: z.array(SignalSchema),
+    }),
+    revenueModel: RevenueModelSchema,
+    moats: z.array(CompetitiveMoatSchema),
+    customerAcquisition: z.object({
+        primaryChannel: z.string(),
+        estimatedCAC: z.string().nullable(),
+        conversionFunnel: z.string(),
+        signals: z.array(SignalSchema),
+    }),
+    operationalReadiness: z.object({
+        teamSize: z.string(),
+        hiringNeeds: z.string(),
+        legalCompliance: z.string(),
+        signals: z.array(SignalSchema),
+    }),
+    riskRating: RiskLevelSchema,
+    citedSignalIds: z.array(z.string()),
+});
+//# sourceMappingURL=business-viability.v1.js.map

package/dist/schemas/business-viability.v1.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"business-viability.v1.js","sourceRoot":"","sources":["../../src/schemas/business-viability.v1.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAE5D,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IACzC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,mBAAmB,EAAE,aAAa,EAAE,UAAU,EAAE,aAAa,EAAE,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IAC5H,mBAAmB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;IAC/C,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACnC,YAAY,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC;QAC7B,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;QAChB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;QACjB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE;KAC1B,CAAC,CAAC;CACJ,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC5C,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,iBAAiB,EAAE,MAAM,EAAE,iBAAiB,EAAE,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,CAAC,CAAC;IAC7G,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;IACxD,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;CACrB,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,2BAA2B,GAAG,CAAC,CAAC,MAAM,CAAC;IAClD,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC;QACf,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;QACxB,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE;QACtB,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC;QAClE,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;QACjC,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC;KAC/B,CAAC;IACF,YAAY,EAAE,kBAAkB;IAChC,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,qBAAqB,CAAC;IACrC,mBAAmB,EAAE,CAAC,CAAC,MAAM,CAAC;QAC5B,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE;QAC1B,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACnC,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE;QAC5B,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC;KAC/B,CAAC;IACF,oBAAoB,EAAE,CAAC,CAAC,MAAM,CAAC;QAC7B,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;QACpB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;QACvB,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE;QAC3B,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC;KAC/B,CAAC;IACF,UAAU,EAAE,eAAe;IAC3B,cAAc,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;CACpC,CAAC,CAAC"}

package/dist/schemas/common.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Shared Zod v4 schemas — re-exported from @saasgadget/shared.
+ * All definitions now live in packages/shared/src/schemas/common.ts.
+ * This file re-exports everything for backward compatibility with CLI imports.
+ * @module schemas/common
+ */
+export { DetailLevelSchema, EvidenceSchema, SignalSchema, DomainScoreSchema, NextActionSchema, TimelineItemSchema, AssumptionSchema, ChallengeSchema, SkepticReviewSchema, CheckpointSchema, ConversationEntrySchema, SlideSchema, AuditLogEntrySchema, CompletenessSchema, RiskLevelSchema, CATEGORY_TO_DOMAIN, } from '@saasgadget/shared';
+export type { DetailLevel, Evidence, Signal, DomainScore, NextAction, TimelineItem, Assumption, Challenge, SkepticReview, Checkpoint, ConversationEntry, Slide, AuditLogEntry, Completeness, RiskLevel, } from '@saasgadget/shared';
+//# sourceMappingURL=common.d.ts.map

package/dist/schemas/common.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"common.d.ts","sourceRoot":"","sources":["../../src/schemas/common.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EACL,iBAAiB,EACjB,cAAc,EACd,YAAY,EACZ,iBAAiB,EACjB,gBAAgB,EAChB,kBAAkB,EAClB,gBAAgB,EAChB,eAAe,EACf,mBAAmB,EACnB,gBAAgB,EAChB,uBAAuB,EACvB,WAAW,EACX,mBAAmB,EACnB,kBAAkB,EAClB,eAAe,EACf,kBAAkB,GACnB,MAAM,oBAAoB,CAAC;AAE5B,YAAY,EACV,WAAW,EACX,QAAQ,EACR,MAAM,EACN,WAAW,EACX,UAAU,EACV,YAAY,EACZ,UAAU,EACV,SAAS,EACT,aAAa,EACb,UAAU,EACV,iBAAiB,EACjB,KAAK,EACL,aAAa,EACb,YAAY,EACZ,SAAS,GACV,MAAM,oBAAoB,CAAC"}

package/dist/schemas/common.js

@@ -0,0 +1,8 @@
+/**
+ * Shared Zod v4 schemas — re-exported from @saasgadget/shared.
+ * All definitions now live in packages/shared/src/schemas/common.ts.
+ * This file re-exports everything for backward compatibility with CLI imports.
+ * @module schemas/common
+ */
+export { DetailLevelSchema, EvidenceSchema, SignalSchema, DomainScoreSchema, NextActionSchema, TimelineItemSchema, AssumptionSchema, ChallengeSchema, SkepticReviewSchema, CheckpointSchema, ConversationEntrySchema, SlideSchema, AuditLogEntrySchema, CompletenessSchema, RiskLevelSchema, CATEGORY_TO_DOMAIN, } from '@saasgadget/shared';
+//# sourceMappingURL=common.js.map

package/dist/schemas/common.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"common.js","sourceRoot":"","sources":["../../src/schemas/common.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EACL,iBAAiB,EACjB,cAAc,EACd,YAAY,EACZ,iBAAiB,EACjB,gBAAgB,EAChB,kBAAkB,EAClB,gBAAgB,EAChB,eAAe,EACf,mBAAmB,EACnB,gBAAgB,EAChB,uBAAuB,EACvB,WAAW,EACX,mBAAmB,EACnB,kBAAkB,EAClB,eAAe,EACf,kBAAkB,GACnB,MAAM,oBAAoB,CAAC"}