sentinelayer-cli 0.6.2 → 0.8.0

package/bin/create-sentinelayer.js

@@ -1,5 +1,5 @@
-#!/usr/bin/env node
-
-import { runCli } from "../src/cli.js";
-
-await runCli();
+#!/usr/bin/env node
+
+import { runCli } from "../src/cli.js";
+
+await runCli();

package/bin/sentinelayer-cli.js

@@ -1,5 +1,5 @@
-#!/usr/bin/env node
-
-import { runCli } from "../src/cli.js";
-
+#!/usr/bin/env node
+
+import { runCli } from "../src/cli.js";
+
 await runCli();

package/bin/sl.js

@@ -1,5 +1,5 @@
-#!/usr/bin/env node
-
-import { runCli } from "../src/cli.js";
-
-await runCli();
+#!/usr/bin/env node
+
+import { runCli } from "../src/cli.js";
+
+await runCli();

package/package.json

@@ -1,63 +1,64 @@
-{
-  "name": "sentinelayer-cli",
-  "version": "0.6.2",
-  "description": "Scaffold Sentinelayer spec/prompt/guide artifacts with secure browser auth and token bootstrap.",
-  "type": "module",
-  "scripts": {
-    "check": "node --check bin/sentinelayer-cli.js && node --check bin/create-sentinelayer.js && node --check bin/sl.js && node --check src/cli.js && node --check src/legacy-cli.js && node --check src/commands/config.js && node --check src/commands/ingest.js && node --check src/commands/spec.js && node --check src/commands/prompt.js && node --check src/commands/scan.js && node --check src/commands/guide.js && node --check src/commands/cost.js && node --check src/commands/telemetry.js && node --check src/commands/auth.js && node --check src/commands/watch.js && node --check src/commands/mcp.js && node --check src/commands/plugin.js && node --check src/commands/ai.js && node --check src/commands/review.js && node --check src/commands/chat.js && node --check src/commands/policy.js && node --check src/commands/swarm.js && node --check src/commands/daemon.js && node --check src/commands/audit.js && node --check src/config/service.js && node --check src/ingest/engine.js && node --check src/spec/generator.js && node --check src/spec/regenerate.js && node --check src/spec/templates.js && node --check src/prompt/generator.js && node --check src/scan/generator.js && node --check src/guide/generator.js && node --check src/cost/tracker.js && node --check src/cost/history.js && node --check src/cost/budget.js && node --check src/ai/client.js && node --check src/ai/aidenid.js && node --check src/ai/identity-store.js && node --check src/ai/domain-target-store.js && node --check src/ai/site-store.js && node --check src/review/local-review.js && node --check src/review/ai-review.js && node --check src/review/report.js && node --check src/review/replay.js && node --check src/audit/registry.js && node --check src/audit/orchestrator.js && node --check src/audit/package.js && node --check src/audit/replay.js && node --check src/audit/agents/security.js && node --check src/audit/agents/architecture.js && node --check src/audit/agents/testing.js && node --check src/audit/agents/performance.js && node --check src/audit/agents/compliance.js && node --check src/audit/agents/documentation.js && node --check src/swarm/registry.js && node --check src/swarm/factory.js && node --check src/swarm/runtime.js && node --check src/swarm/scenario-dsl.js && node --check src/swarm/dashboard.js && node --check src/swarm/report.js && node --check src/swarm/pentest.js && node --check src/daemon/error-worker.js && node --check src/daemon/assignment-ledger.js && node --check src/daemon/jira-lifecycle.js && node --check src/daemon/budget-governor.js && node --check src/daemon/operator-control.js && node --check src/daemon/artifact-lineage.js && node --check src/daemon/ast-parser-layer.js && node --check src/daemon/callgraph-overlay.js && node --check src/daemon/hybrid-mapper.js && node --check src/daemon/reliability-lane.js && node --check src/daemon/watchdog.js && node --check src/telemetry/ledger.js && node --check src/auth/http.js && node --check src/auth/session-store.js && node --check src/auth/service.js && node --check src/mcp/registry.js && node --check src/memory/blackboard.js && node --check src/memory/retrieval.js && node --check src/plugin/manifest.js && node --check src/policy/packs.js && node --check src/ui/markdown.js && node --check src/ui/progress.js && node --check src/ui/command-hints.js && node --check src/agents/jules/tools/file-read.js && node --check src/agents/jules/tools/grep.js && node --check src/agents/jules/tools/glob.js && node --check src/agents/jules/tools/shell.js && node --check src/agents/jules/tools/file-edit.js && node --check src/agents/jules/tools/dispatch.js && node --check src/agents/jules/tools/index.js && node --check src/agents/jules/tools/frontend-analyze.js && node --check src/agents/jules/swarm/sub-agent.js && node --check src/agents/jules/swarm/file-scanner.js && node --check src/agents/jules/swarm/pattern-hunter.js && node --check src/agents/jules/swarm/index.js && node --check src/agents/jules/swarm/orchestrator.js && node --check src/agents/jules/config/definition.js && node --check src/agents/jules/loop.js && node --check src/agents/jules/stream.js && node --check src/agents/jules/fix-cycle.js && node --check src/agents/jules/error-intake.js && node --check src/agents/jules/tools/runtime-audit.js && node --check src/agents/jules/config/system-prompt.js && node --check src/agents/jules/tools/auth-audit.js && node --check src/auth/gate.js && node --check src/telemetry/sync.js && node --check src/telemetry/session-tracker.js && node --check src/interactive/workspace.js && node --check src/interactive/auto-ingest.js && node --check src/interactive/action-menu.js && node --check src/interactive/index.js && node --check src/daemon/ingest-refresh.js",
-    "test": "npm run test:unit && npm run test:e2e",
-    "test:unit": "node --test tests/unit*.test.mjs",
-    "test:e2e": "node --test tests/e2e.test.mjs",
-    "test:coverage": "c8 node --test tests/unit*.test.mjs",
-    "verify": "npm run check && npm run test:e2e && npm run test:coverage && npm pack --dry-run"
-  },
-  "bin": {
-    "sentinelayer-cli": "bin/sentinelayer-cli.js",
-    "create-sentinelayer": "bin/create-sentinelayer.js",
-    "sentinel": "bin/create-sentinelayer.js",
-    "sl-cli": "bin/sentinelayer-cli.js",
-    "slc": "bin/sentinelayer-cli.js",
-    "sl": "bin/sl.js"
-  },
-  "files": [
-    "bin",
-    "src",
-    "README.md"
-  ],
-  "engines": {
-    "node": "^20.0.0 || ^22.0.0"
-  },
-  "keywords": [
-    "sentinelayer",
-    "sentinelayer-cli",
-    "omar-gate",
-    "security",
-    "scaffold",
-    "cli"
-  ],
-  "license": "MIT",
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/mrrCarter/create-sentinelayer"
-  },
-  "homepage": "https://github.com/mrrCarter/create-sentinelayer#readme",
-  "bugs": {
-    "url": "https://github.com/mrrCarter/create-sentinelayer/issues"
-  },
-  "dependencies": {
-    "@babel/parser": "7.29.2",
-    "cli-highlight": "2.1.11",
-    "commander": "14.0.1",
-    "ignore": "7.0.5",
-    "open": "10.1.2",
-    "picocolors": "1.1.1",
-    "prompts": "2.4.2",
-    "yaml": "2.8.3",
-    "zod": "4.1.12"
-  },
-  "optionalDependencies": {},
-  "devDependencies": {
-    "c8": "10.1.3",
-    "license-checker-rseidelsohn": "4.4.2"
-  }
-}
+{
+  "name": "sentinelayer-cli",
+  "version": "0.8.0",
+  "description": "Scaffold Sentinelayer spec/prompt/guide artifacts with secure browser auth and token bootstrap.",
+  "type": "module",
+  "scripts": {
+    "check": "node --check bin/sentinelayer-cli.js && node --check bin/create-sentinelayer.js && node --check bin/sl.js && node --check src/cli.js && node --check src/legacy-cli.js && node --check src/commands/config.js && node --check src/commands/ingest.js && node --check src/commands/spec.js && node --check src/commands/prompt.js && node --check src/commands/scan.js && node --check src/commands/guide.js && node --check src/commands/cost.js && node --check src/commands/telemetry.js && node --check src/commands/auth.js && node --check src/commands/watch.js && node --check src/commands/mcp.js && node --check src/commands/plugin.js && node --check src/commands/ai.js && node --check src/commands/review.js && node --check src/commands/chat.js && node --check src/commands/policy.js && node --check src/commands/swarm.js && node --check src/commands/daemon.js && node --check src/commands/session.js && node --check src/commands/audit.js && node --check src/config/service.js && node --check src/ingest/engine.js && node --check src/spec/generator.js && node --check src/spec/regenerate.js && node --check src/spec/templates.js && node --check src/prompt/generator.js && node --check src/scan/generator.js && node --check src/guide/generator.js && node --check src/cost/tracker.js && node --check src/cost/history.js && node --check src/cost/budget.js && node --check src/ai/client.js && node --check src/ai/aidenid.js && node --check src/ai/identity-store.js && node --check src/ai/domain-target-store.js && node --check src/ai/site-store.js && node --check src/review/local-review.js && node --check src/review/ai-review.js && node --check src/review/report.js && node --check src/review/replay.js && node --check src/audit/registry.js && node --check src/audit/orchestrator.js && node --check src/audit/package.js && node --check src/audit/replay.js && node --check src/audit/agents/security.js && node --check src/audit/agents/architecture.js && node --check src/audit/agents/testing.js && node --check src/audit/agents/performance.js && node --check src/audit/agents/compliance.js && node --check src/audit/agents/documentation.js && node --check src/swarm/registry.js && node --check src/swarm/factory.js && node --check src/swarm/runtime.js && node --check src/swarm/scenario-dsl.js && node --check src/swarm/dashboard.js && node --check src/swarm/report.js && node --check src/swarm/pentest.js && node --check src/daemon/error-worker.js && node --check src/daemon/assignment-ledger.js && node --check src/daemon/jira-lifecycle.js && node --check src/daemon/budget-governor.js && node --check src/daemon/operator-control.js && node --check src/daemon/artifact-lineage.js && node --check src/daemon/ast-parser-layer.js && node --check src/daemon/callgraph-overlay.js && node --check src/daemon/hybrid-mapper.js && node --check src/daemon/scope-engine.js && node --check src/daemon/reliability-lane.js && node --check src/daemon/watchdog.js && node --check src/telemetry/ledger.js && node --check src/auth/http.js && node --check src/auth/session-store.js && node --check src/auth/service.js && node --check src/mcp/registry.js && node --check src/memory/blackboard.js && node --check src/memory/retrieval.js && node --check src/plugin/manifest.js && node --check src/policy/packs.js && node --check src/ui/markdown.js && node --check src/ui/progress.js && node --check src/ui/command-hints.js && node --check src/agents/jules/tools/file-read.js && node --check src/agents/jules/tools/grep.js && node --check src/agents/jules/tools/glob.js && node --check src/agents/jules/tools/shell.js && node --check src/agents/jules/tools/file-edit.js && node --check src/agents/jules/tools/dispatch.js && node --check src/agents/jules/tools/index.js && node --check src/agents/jules/tools/frontend-analyze.js && node --check src/agents/jules/swarm/sub-agent.js && node --check src/agents/jules/swarm/file-scanner.js && node --check src/agents/jules/swarm/pattern-hunter.js && node --check src/agents/jules/swarm/index.js && node --check src/agents/jules/swarm/orchestrator.js && node --check src/agents/jules/config/definition.js && node --check src/agents/jules/loop.js && node --check src/agents/jules/stream.js && node --check src/agents/jules/fix-cycle.js && node --check src/agents/jules/error-intake.js && node --check src/agents/jules/tools/runtime-audit.js && node --check src/agents/jules/config/system-prompt.js && node --check src/agents/jules/tools/auth-audit.js && node --check src/auth/gate.js && node --check src/telemetry/sync.js && node --check src/telemetry/session-tracker.js && node --check src/session/paths.js && node --check src/session/store.js && node --check src/session/stream.js && node --check src/session/agent-registry.js && node --check src/session/daemon.js && node --check src/session/runtime-bridge.js && node --check src/interactive/workspace.js && node --check src/interactive/auto-ingest.js && node --check src/interactive/action-menu.js && node --check src/interactive/index.js && node --check src/daemon/ingest-refresh.js",
+    "test": "npm run test:unit && npm run test:e2e",
+    "test:unit": "node --test tests/unit*.test.mjs",
+    "test:e2e": "node --test tests/e2e.test.mjs",
+    "test:coverage": "c8 node --test tests/unit*.test.mjs",
+    "verify": "npm run check && npm run test:e2e && npm run test:coverage && npm pack --dry-run"
+  },
+  "bin": {
+    "sentinelayer-cli": "bin/sentinelayer-cli.js",
+    "create-sentinelayer": "bin/create-sentinelayer.js",
+    "sentinel": "bin/create-sentinelayer.js",
+    "sl-cli": "bin/sentinelayer-cli.js",
+    "slc": "bin/sentinelayer-cli.js",
+    "sl": "bin/sl.js"
+  },
+  "files": [
+    "bin",
+    "src",
+    "README.md"
+  ],
+  "engines": {
+    "node": "^20.0.0 || ^22.0.0"
+  },
+  "keywords": [
+    "sentinelayer",
+    "sentinelayer-cli",
+    "omar-gate",
+    "security",
+    "scaffold",
+    "cli"
+  ],
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mrrCarter/create-sentinelayer"
+  },
+  "homepage": "https://github.com/mrrCarter/create-sentinelayer#readme",
+  "bugs": {
+    "url": "https://github.com/mrrCarter/create-sentinelayer/issues"
+  },
+  "dependencies": {
+    "@babel/parser": "7.29.2",
+    "cli-highlight": "2.1.11",
+    "commander": "14.0.1",
+    "ignore": "7.0.5",
+    "open": "10.1.2",
+    "picocolors": "1.1.1",
+    "prompts": "2.4.2",
+    "yaml": "2.8.3",
+    "zod": "4.1.12"
+  },
+  "optionalDependencies": {},
+  "devDependencies": {
+    "c8": "10.1.3",
+    "license-checker-rseidelsohn": "4.4.2"
+  }
+}
+

package/src/agents/jules/config/definition.js

@@ -1,160 +1,160 @@
-/**
- * Jules Tanaka — Agent Definition
- *
- * Declarative configuration for the Jules Tanaka frontend audit persona.
- * Used by the audit orchestrator and standalone invocation to configure
- * tools, budget, scope, persona identity, and visual styling.
- */
-
-export const JULES_DEFINITION = Object.freeze({
-  id: "frontend",
-  persona: "Jules Tanaka",
-  fullTitle: "SentinelLayer Frontend Specialist",
-  domain: "frontend_runtime",
-  signature: "— Jules Tanaka, SentinelLayer Frontend Specialist",
-
-  // Visual identity
-  color: "cyan",
-  avatar: "\u{1F3AF}", // 🎯
-  shortName: "Jules",
-
-  // Execution constraints
-  permissionMode: "plan", // read-only for audit
-  fixPermissionMode: "worktree", // worktree isolation for fix mode
-  maxTurns: 25,
-  maxSubAgents: 4,
-
-  // Budget
-  budget: {
-    maxCostUsd: 5.0,
-    maxOutputTokens: 12000,
-    maxRuntimeMs: 300000, // 5 minutes
-    maxToolCalls: 150,
-    warningThresholdPercent: 70,
-  },
-
-  // Tool access (audit mode)
-  auditTools: ["FileRead", "Grep", "Glob", "FrontendAnalyze", "RuntimeAudit", "AuthAudit"],
-
-  // Tool access (fix mode — adds write capabilities in worktree)
-  fixTools: ["FileRead", "Grep", "Glob", "FrontendAnalyze", "FileEdit", "Shell"],
-
-  // Tools never allowed
-  disallowedTools: [],
-
-  // Scope patterns (used when no explicit scope map provided)
-  defaultScope: {
-    primaryPatterns: [
-      "src/app/**", "src/pages/**", "src/components/**",
-      "src/hooks/**", "src/contexts/**", "src/providers/**",
-      "app/**", "pages/**", "components/**",
-    ],
-    secondaryPatterns: [
-      "src/lib/**", "src/utils/**", "src/styles/**",
-      "src/middleware.*", "next.config.*", "vite.config.*",
-      "tailwind.config.*", "webpack.config.*",
-    ],
-    tertiaryPatterns: [
-      "tests/**", "**/*.test.*", "**/*.spec.*",
-      "**/*.stories.*", "cypress/**", "playwright/**",
-    ],
-  },
-
-  // Evidence requirements (aligned with output contract in system-prompt.js)
-  evidenceRequirements: [
-    "file_and_line",
-    "evidence",
-    "user_impact",
-    "reproduction_p0_p1",
-    "confidence",
-  ],
-  confidenceFloor: 0.75,
-
-  // Escalation
-  escalationTargets: ["security", "testing", "performance"],
-
-  // Agent modes
-  modes: {
-    primary: "maximize recall over the reachable frontend runtime graph",
-    secondary: "attack blind spots: SSR/CSR seams, middleware, caching, headers, providers, tests, CI, mobile",
-    tertiary: "adversarial verifier: falsify weak findings, detect contamination, collapse noise",
-  },
-
-  // Swarm configuration (for large codebases)
-  swarm: {
-    spawnThresholds: {
-      minFiles: 15,
-      minRouteGroups: 3,
-      minLoc: 5000,
-    },
-    maxFilesPerScanner: 12,
-    maxConcurrent: 4,
-    hunterTypes: ["xss", "state", "hydration", "a11y", "perf", "security"],
-  },
-
-  // Performance thresholds (SWE Excellence Framework defaults)
-  thresholds: {
-    LCP_good_ms: 2500,
-    LCP_poor_ms: 4000,
-    INP_good_ms: 200,
-    INP_poor_ms: 500,
-    CLS_good: 0.1,
-    CLS_poor: 0.25,
-    initial_js_target_kb: 200,
-    initial_js_critical_kb: 500,
-    initial_css_target_kb: 50,
-    per_route_chunk_target_kb: 100,
-    per_route_chunk_critical_kb: 200,
-    useState_normal: 5,
-    useState_scrutiny: 10,
-    useState_refactor: 15,
-    useState_god: 16,
-    component_loc_hotspot: 300,
-    component_loc_god: 700,
-  },
-
-  // Severity model
-  severityExamples: {
-    P0: [
-      "white screen or hydration crash on critical route",
-      "clearly poor mobile LCP on key journey",
-      "broken keyboard-only critical flow",
-      "unsafe HTML injection on untrusted content",
-      "core journey impossible to complete on mobile",
-    ],
-    P1: [
-      "severe bundle bloat on hot route",
-      "repeated stale-closure / cleanup bugs in critical UI",
-      "major accessibility failures on core flow",
-      "broken cache/data refresh behavior",
-      "strong evidence of jank on frequent interaction",
-    ],
-    P2: [
-      "localized but real performance regressions",
-      "medium-sized god components",
-      "weak error/loading states",
-      "missing mobile fallback in important but non-core surfaces",
-      "weak regression coverage for risky touched code",
-    ],
-  },
-
-  // Automation safety classification
-  automationSafety: {
-    green: "auto-safe, no user-flow change",
-    yellow: "draft + human approval + QA signoff",
-    red: "escalate, no autonomous change",
-    alwaysYellowOrRed: [
-      "auth flow", "payment UI", "data collection",
-      "trust-critical UX", "cookie/session handling",
-      "third-party script loading",
-    ],
-  },
-});
-
-// Re-export from shared persona-visuals. These cover all 13 personas — not Jules-specific.
-export {
-  PERSONA_VISUALS,
-  resolvePersonaVisual,
-  listPersonaIds,
-  listPersonaNames,
-} from "../../persona-visuals.js";
+/**
+ * Jules Tanaka — Agent Definition
+ *
+ * Declarative configuration for the Jules Tanaka frontend audit persona.
+ * Used by the audit orchestrator and standalone invocation to configure
+ * tools, budget, scope, persona identity, and visual styling.
+ */
+
+export const JULES_DEFINITION = Object.freeze({
+  id: "frontend",
+  persona: "Jules Tanaka",
+  fullTitle: "SentinelLayer Frontend Specialist",
+  domain: "frontend_runtime",
+  signature: "— Jules Tanaka, SentinelLayer Frontend Specialist",
+
+  // Visual identity
+  color: "cyan",
+  avatar: "\u{1F3AF}", // 🎯
+  shortName: "Jules",
+
+  // Execution constraints
+  permissionMode: "plan", // read-only for audit
+  fixPermissionMode: "worktree", // worktree isolation for fix mode
+  maxTurns: 25,
+  maxSubAgents: 4,
+
+  // Budget
+  budget: {
+    maxCostUsd: 5.0,
+    maxOutputTokens: 12000,
+    maxRuntimeMs: 300000, // 5 minutes
+    maxToolCalls: 150,
+    warningThresholdPercent: 70,
+  },
+
+  // Tool access (audit mode)
+  auditTools: ["FileRead", "Grep", "Glob", "FrontendAnalyze", "RuntimeAudit", "AuthAudit"],
+
+  // Tool access (fix mode — adds write capabilities in worktree)
+  fixTools: ["FileRead", "Grep", "Glob", "FrontendAnalyze", "FileEdit", "Shell"],
+
+  // Tools never allowed
+  disallowedTools: [],
+
+  // Scope patterns (used when no explicit scope map provided)
+  defaultScope: {
+    primaryPatterns: [
+      "src/app/**", "src/pages/**", "src/components/**",
+      "src/hooks/**", "src/contexts/**", "src/providers/**",
+      "app/**", "pages/**", "components/**",
+    ],
+    secondaryPatterns: [
+      "src/lib/**", "src/utils/**", "src/styles/**",
+      "src/middleware.*", "next.config.*", "vite.config.*",
+      "tailwind.config.*", "webpack.config.*",
+    ],
+    tertiaryPatterns: [
+      "tests/**", "**/*.test.*", "**/*.spec.*",
+      "**/*.stories.*", "cypress/**", "playwright/**",
+    ],
+  },
+
+  // Evidence requirements (aligned with output contract in system-prompt.js)
+  evidenceRequirements: [
+    "file_and_line",
+    "evidence",
+    "user_impact",
+    "reproduction_p0_p1",
+    "confidence",
+  ],
+  confidenceFloor: 0.75,
+
+  // Escalation
+  escalationTargets: ["security", "testing", "performance"],
+
+  // Agent modes
+  modes: {
+    primary: "maximize recall over the reachable frontend runtime graph",
+    secondary: "attack blind spots: SSR/CSR seams, middleware, caching, headers, providers, tests, CI, mobile",
+    tertiary: "adversarial verifier: falsify weak findings, detect contamination, collapse noise",
+  },
+
+  // Swarm configuration (for large codebases)
+  swarm: {
+    spawnThresholds: {
+      minFiles: 15,
+      minRouteGroups: 3,
+      minLoc: 5000,
+    },
+    maxFilesPerScanner: 12,
+    maxConcurrent: 4,
+    hunterTypes: ["xss", "state", "hydration", "a11y", "perf", "security"],
+  },
+
+  // Performance thresholds (SWE Excellence Framework defaults)
+  thresholds: {
+    LCP_good_ms: 2500,
+    LCP_poor_ms: 4000,
+    INP_good_ms: 200,
+    INP_poor_ms: 500,
+    CLS_good: 0.1,
+    CLS_poor: 0.25,
+    initial_js_target_kb: 200,
+    initial_js_critical_kb: 500,
+    initial_css_target_kb: 50,
+    per_route_chunk_target_kb: 100,
+    per_route_chunk_critical_kb: 200,
+    useState_normal: 5,
+    useState_scrutiny: 10,
+    useState_refactor: 15,
+    useState_god: 16,
+    component_loc_hotspot: 300,
+    component_loc_god: 700,
+  },
+
+  // Severity model
+  severityExamples: {
+    P0: [
+      "white screen or hydration crash on critical route",
+      "clearly poor mobile LCP on key journey",
+      "broken keyboard-only critical flow",
+      "unsafe HTML injection on untrusted content",
+      "core journey impossible to complete on mobile",
+    ],
+    P1: [
+      "severe bundle bloat on hot route",
+      "repeated stale-closure / cleanup bugs in critical UI",
+      "major accessibility failures on core flow",
+      "broken cache/data refresh behavior",
+      "strong evidence of jank on frequent interaction",
+    ],
+    P2: [
+      "localized but real performance regressions",
+      "medium-sized god components",
+      "weak error/loading states",
+      "missing mobile fallback in important but non-core surfaces",
+      "weak regression coverage for risky touched code",
+    ],
+  },
+
+  // Automation safety classification
+  automationSafety: {
+    green: "auto-safe, no user-flow change",
+    yellow: "draft + human approval + QA signoff",
+    red: "escalate, no autonomous change",
+    alwaysYellowOrRed: [
+      "auth flow", "payment UI", "data collection",
+      "trust-critical UX", "cookie/session handling",
+      "third-party script loading",
+    ],
+  },
+});
+
+// Re-export from shared persona-visuals. These cover all 13 personas — not Jules-specific.
+export {
+  PERSONA_VISUALS,
+  resolvePersonaVisual,
+  listPersonaIds,
+  listPersonaNames,
+} from "../../persona-visuals.js";