solidity-argus 0.3.4 → 0.3.5

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "solidity-argus",
-  "version": "0.3.4",
+  "version": "0.3.5",
   "description": "Solidity smart contract security auditing plugin for OpenCode — 4 specialized agents, 12 tools (11 core + optional Solodit), and a curated vulnerability knowledge base",
   "keywords": [
     "solidity",

package/src/agents/argus-prompt.ts

@@ -225,6 +225,49 @@ Task(subagent_type="scribe", prompt="Generate the final audit report for Project
   \`\`\`
 - Wait for both to complete before synthesizing their results.
 
+### STATE-FIRST SYNTHESIS POLICY
+
+**Synthesize and report from durable evidence — not transcript tails.**
+
+When building the final report or synthesizing findings:
+1. **Primary source**: \`toolsExecuted\` records, \`findings\` from state, and event stream data persisted via argus_* tool outputs.
+2. **Secondary source**: Tool transcript text (use only when durable evidence is unavailable or incomplete).
+3. **Never** synthesize findings from ephemeral background transcript retrieval alone if durable state evidence exists.
+
+**Bounded background fan-out**: For deep audits, limit concurrent high-context background delegations to max 2 at a time. Split larger workloads into sequential waves. This prevents retrieval blind spots from simultaneous long-running tasks.
+
+Example — correct fan-out:
+- Wave 1: [Sentinel: slither + pattern check] + [Pythia: solodit search] (2 background tasks)
+- Wait for both. Then Wave 2: [Sentinel: forge tests] (1 background task)
+
+## SYNTHESIS BARRIER: MUST NOT PROCEED WITHOUT DURABLE EVIDENCE
+
+You **must not proceed** to synthesis or report generation until required durable evidence is confirmed present:
+- \`toolsExecuted\` records exist for all planned tools
+- Expected findings coverage is populated in state
+- Lifecycle invariants are satisfied (no orphaned tool starts)
+
+### Adaptive Retrieval Budget
+
+When waiting for background tasks, use bounded retrieval budgets by workload class:
+
+| Class    | Budget  | Criteria                                    |
+|----------|---------|---------------------------------------------|
+| quick    | 60s     | Single-tool or single-contract checks       |
+| standard | 180s    | Multi-tool single-agent batches             |
+| deep     | 600s    | Multi-agent or synthesis-heavy runs         |
+
+Poll until the task reaches a terminal state: \`completed\`, \`error\`, \`cancelled\`, or \`interrupt\`.
+
+### Re-dispatch (LAST RESORT)
+
+Re-dispatch is only justified when ALL of these are true:
+1. The task has reached terminal state OR retrieval budget has expired
+2. Required durable evidence is STILL missing from state/events
+3. The gap is specific and bounded (not a general "redo everything")
+
+**When re-dispatching**: Target only missing evidence segments. Use \`run_in_background=false\` (foreground only) for re-dispatch pivots. Do NOT re-dispatch routinely after a single transcript retrieval miss if durable state evidence is already complete.
+
 ## TASK COMPLETION TRACKING
 
 You must track which audit phases are complete to avoid redundant work and tool re-execution.
@@ -424,6 +467,8 @@ Tools may fail. You must be resilient.
 
 After you have synthesized your findings, build a canonical ReportInput payload and invoke Scribe:
 
+**State-first requirement**: Before invoking Scribe, verify that \`toolsExecuted\` in your ReportInput contains entries for each tool you ran. Do NOT proceed to report generation if required tool coverage is missing from durable state — re-run the missing tool instead. Use \`preflight_policy: "strict-fail"\` for the final report invocation.
+
 \`\`\`
 Task(subagent_type="scribe", prompt="Generate the final security audit report.
 
@@ -454,6 +499,7 @@ Scribe must call argus_generate_report with:
 - project_name: project name
 - scope: audited file list
 - report_input: serialized ReportInput JSON string
+- preflight_policy: "strict-fail" (non-negotiable for final report)
 
 Legacy audit_state is transitional-only and deprecated.
 

package/src/agents/scribe-prompt.ts

@@ -44,10 +44,14 @@ You must adhere to these strict writing standards:
 Argus passes you structured report data. Use that payload directly and keep it schema-accurate.
 
 **Your workflow**:
-1. Validate Argus provided a serialized ReportInput JSON string (schema_version 1.0.0) with required fields: run_id, seq, session_id, tool_call_id, source, schema_version, projectDir, findings, toolsExecuted, scope.
+1. Validate Argus provided a serialized ReportInput JSON string (schema_version 1.0.0) with required fields: run_id, seq, session_id, tool_call_id, source, schema_version, projectDir, findings, toolsExecuted, scope. **Execution integrity check**: \`toolsExecuted\` must be non-empty for the audit to be considered complete. If \`toolsExecuted\` is empty or missing key tool families (slither, forge, patterns), add a \`## Limitations\` section to the report noting which tool coverage is absent.
 2. Write the complete report in Markdown following the Report Structure and Output Format sections.
 3. Call \`argus_generate_report\` with arguments { project_name, scope, report_input }. Use legacy \`audit_state\` only for transitional compatibility and treat it as deprecated.
-4. Confirm the report was generated in your response to Argus: "Report generated via argus_generate_report: {filePath}".
+4. **Limitations disclosure** (MANDATORY when tools fail): If any tool was unavailable, timed out, or failed, add a \`## Limitations\` section to the report BEFORE \`## Findings\`. Use this format:
+   - \`**Tool name**: [reason \u2014 unavailable/failed/timed out]. [Impact on finding coverage if any.]\`
+   - Example: \`**argus_solodit_search**: External database was unavailable. Known-vulnerability cross-referencing was performed using local patterns only.\`
+   - Never silently omit limitations — incomplete coverage must be disclosed.
+5. Confirm the report was generated in your response to Argus: "Report generated via argus_generate_report: {filePath}".
 
 ## SINGLE-WRITER POLICY
 

package/src/cli/commands/init.ts

@@ -20,7 +20,7 @@ export const initCommand: CliCommand = {
   description: "Initialize Argus configuration for this project",
   async execute(_args: string[]): Promise<number> {
     const cwd = process.cwd()
-    const configDir = join(cwd, ".opencode")
+    const configDir = join(cwd, ".argus")
     const configPath = join(configDir, "solidity-argus.json")
 
     if (existsSync(configPath)) {

package/src/config/schema.ts

@@ -31,7 +31,7 @@ const ReportingConfigSchema = z.object({
   format: z.enum(["markdown"]).default("markdown"),
   severityThreshold: z.enum(["critical", "high", "medium", "low", "informational"]).default("low"),
   gasAnalysis: z.boolean().default(false),
-  output_dir: z.string().default(".opencode/reports/"),
+  output_dir: z.string().default(".argus/reports/"),
 })
 
 const SoloditConfigSchema = z.object({
@@ -74,7 +74,7 @@ export const ArgusConfigSchema = z.object({
     format: "markdown",
     severityThreshold: "low",
     gasAnalysis: false,
-    output_dir: ".opencode/reports/",
+    output_dir: ".argus/reports/",
   }),
   solodit: SoloditConfigSchema.default({
     enabled: true,

package/src/create-hooks.ts

@@ -1,4 +1,3 @@
-import { join } from "node:path"
 import type { Hooks as PluginHooks } from "@opencode-ai/plugin"
 import type { ArgusConfig } from "./config/types"
 import { createAuditEnforcer } from "./features/audit-enforcer/audit-enforcer"
@@ -7,9 +6,12 @@ import {
   createSessionRecoveryHandler,
   createToolErrorRecoveryHandler,
 } from "./features/error-recovery"
-import { createDebouncedSave } from "./features/persistent-state/audit-state-manager"
 import { getMigrationMode } from "./features/migration"
+import { adaptLegacyFindings } from "./features/migration/migration-adapter"
+import { computeParityMetrics, formatParityReport } from "./features/migration/parity-telemetry"
+import { createDebouncedSave } from "./features/persistent-state/audit-state-manager"
 import { createEventSink, type EventSink } from "./features/persistent-state/event-sink"
+import { materializeFindings } from "./features/persistent-state/findings-materializer"
 import { recordRun } from "./features/persistent-state/global-run-index"
 import { createRunJournal } from "./features/persistent-state/run-journal"
 import { createAgentTracker } from "./hooks/agent-tracker"
@@ -24,8 +26,8 @@ import { createSystemPromptHook } from "./hooks/system-prompt-hook"
 import { createToolTrackingHook } from "./hooks/tool-tracking-hook"
 import type { HookName } from "./hooks/types"
 import type { Managers } from "./managers/types"
-import { createLogger } from "./shared/logger"
 import { createAuditArtifactResolver } from "./shared/audit-artifact-resolver"
+import { createLogger } from "./shared/logger"
 import type { AuditState } from "./state/types"
 import { detectAuditArtifacts } from "./utils/audit-artifact-detector"
 import { detectProject, type ProjectConfig } from "./utils/project-detector"
@@ -135,10 +137,8 @@ export function createHooks(args: {
 
         const effectiveState = recoveredState ?? auditStateManager.get()
         if (effectiveState) {
+          const resolver = createAuditArtifactResolver(effectiveState.sessionId, projectDir)
           try {
-            // createAuditArtifactResolver is the canonical source for all run artifact paths.
-            // The journal file path is: {projectDir}/.opencode/runs/{runId}/events.jsonl
-            const resolver = createAuditArtifactResolver(effectiveState.sessionId, projectDir)
             const journalFile = resolver.paths().journalFile
             // createEventSink builds the same path internally; the resolver makes it explicit.
             currentEventSink = createEventSink(effectiveState.sessionId, projectDir)
@@ -149,13 +149,12 @@ export function createHooks(args: {
               `Failed to create event sink: ${error instanceof Error ? error.message : String(error)}`,
             )
           }
-
           void recordRun({
             runId: effectiveState.sessionId,
             opencodeSessionId: sessionId,
             projectDir: effectiveState.projectDir,
-            statePath: join(effectiveState.projectDir, ".opencode", "argus-state.json"),
-            journalPath: join(effectiveState.projectDir, ".opencode", "argus-journal.jsonl"),
+            statePath: resolver.paths().stateFile,
+            journalPath: resolver.paths().journalFile,
             startedAt: effectiveState.startTime,
             phase: effectiveState.currentPhase,
             findingsCount: effectiveState.findings.length,
@@ -188,17 +187,36 @@ export function createHooks(args: {
           toolsExecutedCount: auditState.toolsExecuted.length,
         })
 
+        const idleResolver = createAuditArtifactResolver(
+          auditState.sessionId,
+          auditState.projectDir,
+        )
         void recordRun({
           runId: auditState.sessionId,
           opencodeSessionId: sessionId,
           projectDir: auditState.projectDir,
-          statePath: join(auditState.projectDir, ".opencode", "argus-state.json"),
-          journalPath: join(auditState.projectDir, ".opencode", "argus-journal.jsonl"),
+          statePath: idleResolver.paths().stateFile,
+          journalPath: idleResolver.paths().journalFile,
           startedAt: auditState.startTime,
           phase: auditState.currentPhase,
           findingsCount: auditState.findings.length,
         })
 
+        if (migrationMode !== "legacy") {
+          try {
+            const { legacyFindings, canonicalFindings } = adaptLegacyFindings(
+              auditState,
+              migrationMode,
+              auditState.sessionId,
+            )
+            const parityMetrics = computeParityMetrics(legacyFindings, canonicalFindings)
+            logger.debug(formatParityReport(parityMetrics))
+          } catch (error) {
+            logger.warn(
+              `Migration parity check failed: ${error instanceof Error ? error.message : String(error)}`,
+            )
+          }
+        }
         return
       }
 
@@ -302,11 +320,26 @@ export function createHooks(args: {
     ? safeCreateHook(
         () => async (input: Parameters<typeof eventHook>[0]) => {
           const isSessionDeleted = input.event.type === "session.deleted"
+          const finalizationBeforeDelete = isSessionDeleted ? getLastFinalizationResult() : null
 
           try {
             await eventHook(input)
           } finally {
             if (isSessionDeleted) {
+              const finalizationResult = getLastFinalizationResult()
+              const hasNewFinalization =
+                finalizationResult !== null && finalizationResult !== finalizationBeforeDelete
+
+              if (hasNewFinalization && finalizationResult.runId.length > 0) {
+                try {
+                  await materializeFindings(finalizationResult.runId, projectDir)
+                } catch (error) {
+                  logger.warn(
+                    `Failed to materialize findings artifact for run ${finalizationResult.runId}: ${error instanceof Error ? error.message : String(error)}`,
+                  )
+                }
+              }
+
               await auditStateManager.archive()
 
               const deletedSessionId = input.event.sessionId
@@ -318,7 +351,7 @@ export function createHooks(args: {
                 type: "session.deleted",
                 timestamp: Date.now(),
                 archived: true,
-                finalizationPassed: getLastFinalizationResult()?.invariantsPassed ?? null,
+                finalizationPassed: finalizationResult?.invariantsPassed ?? null,
               })
 
               currentEventSink = null

package/src/features/audit-enforcer/audit-enforcer.ts

@@ -11,6 +11,24 @@ const PHASE_ORDER: AuditPhase[] = [
   "complete",
 ]
 
+const REPORTING_PHASES: AuditPhase[] = ["reporting", "complete"]
+
+
+const KEY_TOOL_FAMILIES: Array<{ family: string; prefixes: string[] }> = [
+  { family: "slither", prefixes: ["argus_slither_analyze", "slither"] },
+  { family: "forge_test", prefixes: ["argus_forge_test", "forge_test"] },
+  { family: "forge_fuzz", prefixes: ["argus_forge_fuzz", "forge_fuzz"] },
+  { family: "forge_coverage", prefixes: ["argus_forge_coverage", "forge_coverage"] },
+]
+
+function getMissingToolFamilies(auditState: AuditState): string[] {
+  const executedTools = auditState.toolsExecuted.map((t) => t.tool)
+  return KEY_TOOL_FAMILIES.filter(
+    ({ prefixes }) =>
+      !executedTools.some((tool) => prefixes.some((prefix) => tool.startsWith(prefix))),
+  ).map(({ family }) => family)
+}
+
 function getNextPhase(current: AuditPhase): AuditPhase | null {
   const idx = PHASE_ORDER.indexOf(current)
   if (idx === -1 || idx >= PHASE_ORDER.length - 1) return null
@@ -25,10 +43,21 @@ export function createAuditEnforcer() {
     const nextPhase = getNextPhase(auditState.currentPhase)
     if (!nextPhase) return null
 
-    return [
+    const parts: string[] = [
       `[Argus Audit Enforcer] Audit in progress — current phase: ${auditState.currentPhase}.`,
       `Next phase: ${nextPhase}. Do not stop until audit is complete.`,
       `Progress: ${auditState.findings.length} findings, ${auditState.contractsReviewed.length} contracts reviewed.`,
-    ].join(" ")
+    ]
+
+    if (REPORTING_PHASES.includes(auditState.currentPhase)) {
+      const missing = getMissingToolFamilies(auditState)
+      if (missing.length > 0) {
+        parts.push(
+          `\u26a0\ufe0f Tool coverage incomplete: ${missing.join(", ")} have not been executed. Do not proceed to report generation until required tools are complete.`,
+        )
+      }
+    }
+
+    return parts.join(" ")
   }
 }

package/src/features/persistent-state/audit-state-manager.ts

@@ -2,10 +2,10 @@ import { mkdir, rename } from "node:fs/promises"
 import { dirname, join } from "node:path"
 import type { AuditStateManager } from "../../managers/types"
 import { createLogger } from "../../shared/logger"
+import { type ArgusRootResolver, defaultRootResolver } from "../../shared/path-root-resolver"
 import { createAuditState } from "../../state/audit-state"
 import type { AuditState, PersistentAuditState } from "../../state/types"
 
-const STATE_FILE_DIR = ".opencode"
 const STATE_FILE_NAME = "argus-state.json"
 const STATE_VERSION = "2"
 
@@ -95,14 +95,21 @@ export function createDebouncedSave(
   }
 }
 
-export function createAuditStateManager(projectDir: string): AuditStateManager {
+export function createAuditStateManager(
+  projectDir: string,
+  resolver: ArgusRootResolver = defaultRootResolver,
+): AuditStateManager {
   const logger = createLogger()
-  const stateFilePath = join(projectDir, STATE_FILE_DIR, STATE_FILE_NAME)
+
+  const stateFilePath = join(resolver.writeRoot(projectDir), STATE_FILE_NAME)
   let currentState: AuditState = createAuditState(projectDir).state
 
   async function load(): Promise<AuditState | null> {
     try {
-      const file = Bun.file(stateFilePath)
+      const resolvedPath = resolver.resolveReadPath(projectDir, STATE_FILE_NAME)
+      const readPath = resolvedPath ?? stateFilePath
+
+      const file = Bun.file(readPath)
       if (!(await file.exists())) {
         return null
       }
@@ -114,11 +121,19 @@ export function createAuditStateManager(projectDir: string): AuditStateManager {
 
       const parsed: unknown = JSON.parse(content)
       if (!isPersistentAuditState(parsed)) {
-        logger.warn("Persistent audit state is invalid, ignoring", stateFilePath)
+        logger.warn("Persistent audit state is invalid, ignoring", readPath)
         return null
       }
 
-      const { savedAt: _savedAt, version, filePath: _filePath, ...state } = parsed
+      const {
+        savedAt: _savedAt,
+        version,
+        filePath: _filePath,
+        source_of_truth: _sourceOfTruth,
+        last_event_seq: snapshotSeq,
+        event_stream_hash: _eventStreamHash,
+        ...state
+      } = parsed
 
       if (version === "1") {
         if (!state.soloditResults) {
@@ -129,6 +144,11 @@ export function createAuditStateManager(projectDir: string): AuditStateManager {
         }
       }
 
+
+      if (snapshotSeq !== undefined) {
+        logger.debug(`Loaded snapshot with last_event_seq=${snapshotSeq} from ${readPath}`)
+      }
+
       currentState = state
       return currentState
     } catch (err) {
@@ -154,6 +174,7 @@ export function createAuditStateManager(projectDir: string): AuditStateManager {
           savedAt: Date.now(),
           version: STATE_VERSION,
           filePath: stateFilePath,
+          source_of_truth: "events",
         }
 
         const tempFilePath = `${stateFilePath}.${Date.now()}.tmp`
@@ -205,6 +226,7 @@ export function createAuditStateManager(projectDir: string): AuditStateManager {
           savedAt: Date.now(),
           version: STATE_VERSION,
           filePath: archivePath,
+          source_of_truth: "events",
         }
         await Bun.write(archivePath, `${JSON.stringify(persistentState, null, 2)}\n`)
       } catch {

package/src/features/persistent-state/event-sink.ts

@@ -1,5 +1,9 @@
 import { mkdir, rename } from "node:fs/promises"
 import { dirname, join } from "node:path"
+import {
+  type ArgusRootResolver,
+  defaultRootResolver,
+} from "../../shared/path-root-resolver"
 import type { AuditEvent, AuditEventType } from "../../state/schemas"
 
 export type EventSinkErrorCode = "SEQUENCE_CONFLICT" | "INVALID_EVENT" | "IO_ERROR"
@@ -52,8 +56,8 @@ function createMutex() {
   }
 }
 
-function buildJournalPath(runId: string, projectDir: string): string {
-  return join(projectDir, ".opencode", "runs", runId, "events.jsonl")
+function buildJournalPath(runId: string, projectDir: string, resolver: ArgusRootResolver): string {
+  return join(resolver.writeRoot(projectDir), "runs", runId, "events.jsonl")
 }
 
 async function readRawContent(path: string): Promise<string> {
@@ -85,8 +89,8 @@ function parseJournalLines(content: string): AuditEvent[] {
 /**
  * Replay-safe stateless read — returns all events for a run sorted by seq.
  */
-export async function readEvents(runId: string, projectDir: string): Promise<AuditEvent[]> {
-  const journalPath = buildJournalPath(runId, projectDir)
+export async function readEvents(runId: string, projectDir: string, resolver: ArgusRootResolver = defaultRootResolver): Promise<AuditEvent[]> {
+  const journalPath = buildJournalPath(runId, projectDir, resolver)
   const content = await readRawContent(journalPath)
   return parseJournalLines(content)
 }
@@ -95,8 +99,8 @@ export async function readEvents(runId: string, projectDir: string): Promise<Aud
  * Append-only event sink with monotonic seq allocation, in-process mutex,
  * and atomic temp-file-then-rename writes. Restart-safe via journal replay.
  */
-export function createEventSink(runId: string, projectDir: string): EventSink {
-  const journalPath = buildJournalPath(runId, projectDir)
+export function createEventSink(runId: string, projectDir: string, resolver: ArgusRootResolver = defaultRootResolver): EventSink {
+  const journalPath = buildJournalPath(runId, projectDir, resolver)
   const mutex = createMutex()
   let lastSeq = 0
   let initialized = false

package/src/features/persistent-state/findings-materializer.ts

@@ -0,0 +1,51 @@
+import { mkdir, writeFile } from "node:fs/promises"
+import { dirname } from "node:path"
+import { createAuditArtifactResolver } from "../../shared/audit-artifact-resolver"
+import { projectFindings, projectToolExecutions, stableHash } from "../../state/projectors"
+import type { CanonicalFinding, CanonicalToolExecution } from "../../state/schemas"
+import { SCHEMA_VERSION } from "../../state/schemas"
+import { readEvents } from "./event-sink"
+
+export interface FindingsArtifact {
+  run_id: string
+  session_id: string
+  schema_version: string
+  seq_first: number
+  seq_last: number
+  event_count: number
+  content_hash: string
+  generated_at: number
+  findings: CanonicalFinding[]
+  toolsExecuted: CanonicalToolExecution[]
+}
+
+export async function materializeFindings(
+  runId: string,
+  projectDir: string,
+  sessionId?: string,
+): Promise<FindingsArtifact> {
+  const events = await readEvents(runId, projectDir)
+  const findings = projectFindings(events)
+  const toolsExecuted = projectToolExecutions(events)
+  const contentHash = stableHash(JSON.stringify(findings))
+  const generatedAt = events.at(-1)?.timestamp ?? 0
+
+  const artifact: FindingsArtifact = {
+    run_id: runId,
+    session_id: sessionId ?? events[0]?.session_id ?? "",
+    schema_version: SCHEMA_VERSION,
+    seq_first: events[0]?.seq ?? 0,
+    seq_last: events.at(-1)?.seq ?? 0,
+    event_count: events.length,
+    content_hash: contentHash,
+    generated_at: generatedAt,
+    findings,
+    toolsExecuted,
+  }
+
+  const findingsFile = createAuditArtifactResolver(runId, projectDir).paths().findingsFile
+  await mkdir(dirname(findingsFile), { recursive: true })
+  await writeFile(findingsFile, JSON.stringify(artifact, null, 2))
+
+  return artifact
+}

package/src/features/persistent-state/index.ts

@@ -1,3 +1,3 @@
 export { createAuditStateManager } from "./audit-state-manager"
-export { createEventSink, readEvents, EventSinkError } from "./event-sink"
 export type { EventSink, EventSinkErrorCode } from "./event-sink"
+export { createEventSink, EventSinkError, readEvents } from "./event-sink"

package/src/features/persistent-state/run-finalizer.ts

@@ -12,18 +12,23 @@ export type FinalizationResult = {
   timestamp: number
 }
 
-function hasSessionCreated(events: AuditEvent[]): boolean {
+export function hasSessionCreated(events: AuditEvent[]): boolean {
   return events.some((event) => event.type === "session.created")
 }
 
-function hasSessionDeleted(events: AuditEvent[]): boolean {
+export function hasSessionDeleted(events: AuditEvent[]): boolean {
   return events.some((event) => event.type === "session.deleted")
 }
 
-function collectOrphanedToolStarts(events: AuditEvent[]): string[] {
+export type ToolLifecycleCheckResult = {
+  orphanedToolCallIds: string[]
+  malformedEvents: string[]
+}
+
+export function collectToolLifecycleIssues(events: AuditEvent[]): ToolLifecycleCheckResult {
   const startedCallIds = new Set<string>()
   const completedCallIds = new Set<string>()
-  const errors: string[] = []
+  const malformedEvents: string[] = []
 
   for (const event of events) {
     if (event.type !== "tool.started" && event.type !== "tool.completed") {
@@ -31,7 +36,7 @@ function collectOrphanedToolStarts(events: AuditEvent[]): string[] {
     }
 
     if (typeof event.tool_call_id !== "string" || event.tool_call_id.length === 0) {
-      errors.push(`${event.type} at seq ${event.seq} missing tool_call_id`)
+      malformedEvents.push(`${event.type} at seq ${event.seq} missing tool_call_id`)
       continue
     }
 
@@ -44,13 +49,25 @@ function collectOrphanedToolStarts(events: AuditEvent[]): string[] {
     }
   }
 
+  const orphanedToolCallIds: string[] = []
   for (const toolCallId of startedCallIds) {
     if (!completedCallIds.has(toolCallId)) {
-      errors.push(`orphaned tool.started without matching tool.completed: ${toolCallId}`)
+      orphanedToolCallIds.push(toolCallId)
     }
   }
 
-  return errors
+  return {
+    orphanedToolCallIds,
+    malformedEvents,
+  }
+}
+
+function collectOrphanedToolStarts(events: AuditEvent[]): string[] {
+  const { orphanedToolCallIds, malformedEvents } = collectToolLifecycleIssues(events)
+  const orphanedErrors = orphanedToolCallIds.map(
+    (toolCallId) => `orphaned tool.started without matching tool.completed: ${toolCallId}`,
+  )
+  return [...malformedEvents, ...orphanedErrors]
 }
 
 function asRecord(value: unknown): Record<string, unknown> | null {

package/src/features/persistent-state/run-journal.ts

@@ -1,10 +1,13 @@
 import { appendFile, mkdir } from "node:fs/promises"
 import { dirname, join } from "node:path"
+import {
+  type ArgusRootResolver,
+  defaultRootResolver,
+} from "../../shared/path-root-resolver"
 import { createLogger } from "../../shared/logger"
 
 const logger = createLogger()
 
-const JOURNAL_DIR = ".opencode"
 const JOURNAL_FILE = "argus-journal.jsonl"
 
 export type JournalEvent =
@@ -15,7 +18,12 @@ export type JournalEvent =
       findingsCount: number
       toolsExecutedCount: number
     }
-  | { type: "session.deleted"; timestamp: number; archived: boolean; finalizationPassed: boolean | null }
+  | {
+      type: "session.deleted"
+      timestamp: number
+      archived: boolean
+      finalizationPassed: boolean | null
+    }
   | {
       type: "tool.executed"
       tool: string
@@ -30,12 +38,15 @@ export type JournalEvent =
       findingsCount: number
     }
 
-export function createRunJournal(projectDir: string): {
+export function createRunJournal(
+  projectDir: string,
+  resolver: ArgusRootResolver = defaultRootResolver,
+): {
   log(event: JournalEvent): void
   close(): Promise<void>
   getPath(): string
 } {
-  const journalPath = join(projectDir, JOURNAL_DIR, JOURNAL_FILE)
+  const journalPath = join(resolver.writeRoot(projectDir), JOURNAL_FILE)
   let ensureDirPromise: Promise<void> | null = null
   const pendingWrites = new Set<Promise<void>>()
 

package/src/hooks/event-hook.ts

@@ -1,6 +1,6 @@
 import type { EventSink } from "../features/persistent-state/event-sink"
-import { finalizeRun } from "../features/persistent-state/run-finalizer"
 import type { FinalizationResult } from "../features/persistent-state/run-finalizer"
+import { finalizeRun } from "../features/persistent-state/run-finalizer"
 import { createLogger } from "../shared/logger"
 import { createAuditState } from "../state/audit-state"
 import type { AuditEvent } from "../state/schemas"

package/src/hooks/system-prompt-hook.ts

@@ -12,6 +12,14 @@ const TOOL_SHORT_NAMES: Record<string, string> = {
 }
 const KEY_TOOLS = ["slither", "forge-test", "patterns", "solodit", "analyzer"]
 
+
+/** Maps unavailable-tool short names to their KEY_TOOLS counterpart */
+const UNAVAILABLE_TO_KEY_TOOL: Record<string, string> = {
+  slither: "slither",
+  forge: "forge-test",
+  solodit: "solodit",
+}
+
 export interface SystemPromptHookDeps {
   getAuditState: () => AuditState | null
   getAgentForSession: (sessionID: string) => string | undefined
@@ -69,8 +77,19 @@ export function buildDynamicContext(
     (t) => `${t}=${executedToolNames.has(t) ? "done" : "pending"}`,
   ).join(" ")
   const unavailable = auditState.unavailableTools ?? []
+  const excusedTools = new Set(
+    unavailable.map((t) => UNAVAILABLE_TO_KEY_TOOL[t]).filter(Boolean),
+  )
+  const pendingKeyTools = KEY_TOOLS.filter(
+    (t) => !executedToolNames.has(t) && !excusedTools.has(t),
+  )
+  const gateStatus =
+    pendingKeyTools.length > 0
+      ? `REPORTING GATE: BLOCKED \u2014 key tools pending: ${pendingKeyTools.join(", ")}`
+      : "REPORTING GATE: ALLOWED"
   const lines: string[] = [
     `<argus-context agent="${agent}">`,
+    gateStatus,
     `Phase: ${auditState.currentPhase}`,
     `Contracts: ${auditState.contractsReviewed.length} reviewed`,
     `Findings: Critical=${severityCounts.Critical} High=${severityCounts.High} Medium=${severityCounts.Medium} Low=${severityCounts.Low} Info=${severityCounts.Informational}`,
@@ -91,6 +110,7 @@ export function buildDynamicContext(
     const doneCount = KEY_TOOLS.filter((t) => executedToolNames.has(t)).length
     summary = [
       `<argus-context agent="${agent}">`,
+      gateStatus,
       `Phase: ${auditState.currentPhase} | Findings: ${auditState.findings.length} | Contracts: ${auditState.contractsReviewed.length} | Tasks: ${doneCount}/${KEY_TOOLS.length} done`,
       "</argus-context>",
     ].join("\n")

package/src/shared/audit-artifact-resolver.ts

@@ -1,4 +1,5 @@
 import { join } from "node:path"
+import { defaultRootResolver } from "./path-root-resolver"
 
 export class ArtifactResolverError extends Error {
   constructor(message: string) {
@@ -8,19 +9,19 @@ export class ArtifactResolverError extends Error {
 }
 
 export interface AuditArtifactPaths {
-  /** {projectDir}/.opencode/argus-state.json (legacy compat) */
+  /** {projectDir}/.argus/argus-state.json */
   stateFile: string
-  /** {projectDir}/.opencode/runs/{runId}/events.jsonl */
+  /** {projectDir}/.argus/runs/{runId}/events.jsonl */
   journalFile: string
-  /** {projectDir}/.opencode/runs/{runId}/findings.json */
+  /** {projectDir}/.argus/runs/{runId}/findings.json */
   findingsFile: string
-  /** {projectDir}/.opencode/reports */
+  /** {projectDir}/.argus/reports */
   reportDir: string
-  /** {projectDir}/.opencode/runs/{runId}/evidence */
+  /** {projectDir}/.argus/runs/{runId}/evidence */
   evidenceDir: string
-  /** {projectDir}/.opencode/archives */
+  /** {projectDir}/.argus/archives */
   archiveDir: string
-  /** {projectDir}/.opencode/runs/{runId} */
+  /** {projectDir}/.argus/runs/{runId} */
   runDir: string
 }
 
@@ -45,16 +46,16 @@ export function createAuditArtifactResolver(
     throw new ArtifactResolverError("projectDir must not be empty")
   }
 
-  const opencodeDir = join(projectDir, ".opencode")
-  const runDir = join(opencodeDir, "runs", runId)
+  const writeRoot = defaultRootResolver.writeRoot(projectDir)
+  const runDir = join(writeRoot, "runs", runId)
 
   const cachedPaths: AuditArtifactPaths = {
-    stateFile: join(opencodeDir, "argus-state.json"),
+    stateFile: join(writeRoot, "argus-state.json"),
     journalFile: join(runDir, "events.jsonl"),
     findingsFile: join(runDir, "findings.json"),
-    reportDir: join(opencodeDir, "reports"),
+    reportDir: join(writeRoot, "reports"),
     evidenceDir: join(runDir, "evidence"),
-    archiveDir: join(opencodeDir, "archives"),
+    archiveDir: join(writeRoot, "archives"),
     runDir,
   }
 

package/src/shared/file-utils.ts

@@ -1,6 +1,7 @@
 import { existsSync, readFileSync } from "node:fs"
 import { join } from "node:path"
 import { stripJsoncComments } from "./jsonc-parser"
+import { defaultRootResolver } from "./path-root-resolver"
 
 export type ConfigFormat = "json" | "jsonc" | "none"
 
@@ -10,9 +11,13 @@ export interface ConfigFileInfo {
 }
 
 export function detectConfigFile(basePath: string): ConfigFileInfo {
+  const rootCandidates = defaultRootResolver.readRoots(basePath).flatMap((rootPath) => [
+    { path: join(rootPath, "solidity-argus.jsonc"), format: "jsonc" as const },
+    { path: join(rootPath, "solidity-argus.json"), format: "json" as const },
+  ])
+
   const candidates = [
-    { path: join(basePath, ".opencode", "solidity-argus.jsonc"), format: "jsonc" as const },
-    { path: join(basePath, ".opencode", "solidity-argus.json"), format: "json" as const },
+    ...rootCandidates,
     { path: join(basePath, "solidity-argus.jsonc"), format: "jsonc" as const },
     { path: join(basePath, "solidity-argus.json"), format: "json" as const },
   ]

package/src/shared/index.ts

@@ -1,3 +1,9 @@
+export {
+  ArtifactResolverError,
+  type AuditArtifactPaths,
+  type AuditArtifactResolver,
+  createAuditArtifactResolver,
+} from "./audit-artifact-resolver"
 export { extractContractNames, hasBinary, parseSolcVersion } from "./binary-utils"
 export { deepMerge } from "./deep-merge"
 export {
@@ -10,16 +16,10 @@ export { stripJsoncComments } from "./jsonc-parser"
 export { createLogger, type Logger, type LoggerConfig } from "./logger"
 export { findFoundryProjectDir, resolveProjectDir } from "./project-utils"
 export {
-  ArtifactResolverError,
-  type AuditArtifactPaths,
-  type AuditArtifactResolver,
-  createAuditArtifactResolver,
-} from "./audit-artifact-resolver"
-export {
+  formatReportDate,
   ReportPathError,
   type ReportPathOptions,
   type ResolvedReportPath,
-  formatReportDate,
-  sanitizeContractName,
   resolveReportPath,
+  sanitizeContractName,
 } from "./report-path-resolver"

package/src/shared/path-root-resolver.ts

@@ -0,0 +1,34 @@
+import { existsSync } from "node:fs"
+import { join } from "node:path"
+
+export interface ArgusRootResolver {
+  writeRoot(projectDir: string): string
+  readRoots(projectDir: string): string[]
+  resolveReadPath(projectDir: string, relativePath: string): string | null
+}
+
+class DefaultArgusRootResolver implements ArgusRootResolver {
+  writeRoot(projectDir: string): string {
+    return join(projectDir, ".argus")
+  }
+
+  readRoots(projectDir: string): string[] {
+    return [this.writeRoot(projectDir), join(projectDir, ".opencode")]
+  }
+
+  resolveReadPath(projectDir: string, relativePath: string): string | null {
+    for (const root of this.readRoots(projectDir)) {
+      const candidatePath = join(root, relativePath)
+      if (existsSync(candidatePath)) {
+        return candidatePath
+      }
+    }
+    return null
+  }
+}
+
+export function createArgusRootResolver(): ArgusRootResolver {
+  return new DefaultArgusRootResolver()
+}
+
+export const defaultRootResolver: ArgusRootResolver = createArgusRootResolver()

package/src/shared/report-path-resolver.ts

@@ -30,9 +30,9 @@ export interface ResolvedReportPath {
 }
 
 export function formatReportDate(date: Date): string {
-  const year = date.getFullYear()
-  const month = String(date.getMonth() + 1).padStart(2, "0")
-  const day = String(date.getDate()).padStart(2, "0")
+  const year = date.getUTCFullYear()
+  const month = String(date.getUTCMonth() + 1).padStart(2, "0")
+  const day = String(date.getUTCDate()).padStart(2, "0")
   return `${year}-${month}-${day}`
 }
 

package/src/state/schemas.ts

@@ -260,6 +260,91 @@ export function validateCanonicalFinding(raw: unknown): ValidationResult<Canonic
   return { success: true, data: raw as unknown as CanonicalFinding }
 }
 
+
+export function validateCanonicalToolExecution(
+  raw: unknown,
+): ValidationResult<CanonicalToolExecution> {
+  if (!isRecord(raw)) {
+    return {
+      success: false,
+      errors: [
+        {
+          field: "$root",
+          code: "type",
+          message: "canonical tool execution must be an object",
+        },
+      ],
+    }
+  }
+
+  const errors: ValidationError[] = []
+
+  if (typeof raw.tool !== "string" || raw.tool.trim().length === 0) {
+    errors.push({
+      field: "tool",
+      code: "required",
+      message: "tool is required and must be a non-empty string",
+    })
+  }
+
+  if (typeof raw.startTime !== "number" || !Number.isInteger(raw.startTime) || raw.startTime <= 0) {
+    errors.push({
+      field: "startTime",
+      code: "invalid",
+      message: "startTime must be a positive integer",
+    })
+  }
+
+  if (raw.endTime != null && (typeof raw.endTime !== "number" || !Number.isInteger(raw.endTime))) {
+    errors.push({
+      field: "endTime",
+      code: "invalid",
+      message: "endTime must be an integer when provided",
+    })
+  }
+
+  if (typeof raw.success !== "boolean") {
+    errors.push({
+      field: "success",
+      code: "required",
+      message: "success is required and must be a boolean",
+    })
+  }
+
+  if (
+    typeof raw.findingsCount !== "number" ||
+    !Number.isInteger(raw.findingsCount) ||
+    raw.findingsCount < 0
+  ) {
+    errors.push({
+      field: "findingsCount",
+      code: "invalid",
+      message: "findingsCount must be a non-negative integer",
+    })
+  }
+
+  if (typeof raw.run_id !== "string" || raw.run_id.trim().length === 0) {
+    errors.push({
+      field: "run_id",
+      code: "required",
+      message: "run_id is required and must be a non-empty string",
+    })
+  }
+
+  if (typeof raw.schema_version !== "string" || raw.schema_version.trim().length === 0) {
+    errors.push({
+      field: "schema_version",
+      code: "required",
+      message: "schema_version is required and must be a non-empty string",
+    })
+  }
+
+  if (errors.length > 0) {
+    return { success: false, errors }
+  }
+
+  return { success: true, data: raw as unknown as CanonicalToolExecution }
+}
 export function validateReportInput(raw: unknown): ValidationResult<ReportInput> {
   if (!isRecord(raw)) {
     return {
@@ -306,6 +391,18 @@ export function validateReportInput(raw: unknown): ValidationResult<ReportInput>
       code: "invalid",
       message: "toolsExecuted must be an array",
     })
+  } else {
+    for (const [index, entry] of raw.toolsExecuted.entries()) {
+      const toolValidation = validateCanonicalToolExecution(entry)
+      if (toolValidation.success) continue
+      for (const toolError of toolValidation.errors) {
+        errors.push({
+          field: `toolsExecuted[${index}].${toolError.field}`,
+          code: toolError.code,
+          message: toolError.message,
+        })
+      }
+    }
   }
 
   if (raw.patternVersion != null && typeof raw.patternVersion !== "string") {

package/src/state/types.ts

@@ -110,4 +110,10 @@ export interface PersistentAuditState extends AuditState {
   savedAt: number
   version: string
   filePath: string
+  /** Whether this snapshot was projected from events or loaded from a prior snapshot */
+  source_of_truth?: "events" | "snapshot"
+  /** Sequence number of the last event included in this snapshot */
+  last_event_seq?: number
+  /** Hash of the event stream for staleness detection */
+  event_stream_hash?: string
 }

package/src/tools/report-generator-tool.ts

@@ -3,6 +3,7 @@ import path from "node:path"
 import { type ToolContext, tool } from "@opencode-ai/plugin"
 import { loadArgusConfig } from "../config/loader"
 import type { ArgusConfig } from "../config/types"
+import { readEvents } from "../features/persistent-state/event-sink"
 import type { DropDiagnostic, DropPolicy } from "../shared/drop-diagnostics"
 import { createDropDiagnosticsCollector } from "../shared/drop-diagnostics"
 import { createLogger } from "../shared/logger"
@@ -12,6 +13,7 @@ import { normalizeToCanonicalFinding } from "../state/adapters"
 import { stableHash } from "../state/projectors"
 import { type ReportInput, SCHEMA_VERSION, validateReportInput } from "../state/schemas"
 import type { AuditState, Finding, FindingSeverity } from "../state/types"
+import { checkReportPreflight } from "./report-preflight"
 
 type SeverityThreshold = "critical" | "high" | "medium" | "low" | "informational"
 
@@ -23,6 +25,7 @@ type ReportGeneratorArgs = {
   quality_gate_policy?: QualityGatePolicy
   report_input?: string
   audit_state?: string
+  preflight_policy?: PreflightPolicy
 }
 
 type FindingsCount = {
@@ -46,6 +49,8 @@ export type ReportGenerationResult = {
 
 type QualityGatePolicy = "warn" | "strict-fail"
 
+type PreflightPolicy = "warn" | "strict-fail"
+
 type ReportQualityViolation = {
   findingId: string
   code: string
@@ -59,6 +64,10 @@ type ReportQualityValidation = {
 
 export type ReportGenerationDependencies = {
   loadConfig?: (projectDir: string) => ArgusConfig
+  readEvents?: (
+    runId: string,
+    projectDir: string,
+  ) => Promise<import("../state/schemas").AuditEvent[]>
 }
 
 export const SINGLE_WRITER_POLICY_VERSION = "1.0.0"
@@ -993,9 +1002,25 @@ export function buildProvenanceAppendix(
     lines.push("| Tool | Duration | Status | Findings |")
     lines.push("| --- | --- | --- | ---: |")
     for (const exec of state.toolsExecuted) {
-      const duration = exec.endTime != null ? formatDuration(exec.endTime - exec.startTime) : "—"
-      const status = exec.success ? "✅ success" : "❌ failure"
-      lines.push(`| ${exec.tool} | ${duration} | ${status} | ${exec.findingsCount} |`)
+      const toolName = typeof exec.tool === "string" && exec.tool ? exec.tool : "(unknown tool)"
+      const hasTimes =
+        typeof exec.startTime === "number" &&
+        !Number.isNaN(exec.startTime) &&
+        exec.endTime != null &&
+        typeof exec.endTime === "number" &&
+        !Number.isNaN(exec.endTime)
+      const duration = hasTimes ? formatDuration(exec.endTime! - exec.startTime) : "N/A"
+      const status =
+        typeof exec.success === "boolean"
+          ? exec.success
+            ? "\u2705 success"
+            : "\u274C failure"
+          : "\u26A0 malformed"
+      const findings =
+        typeof exec.findingsCount === "number" && !Number.isNaN(exec.findingsCount)
+          ? exec.findingsCount
+          : "N/A"
+      lines.push(`| ${toolName} | ${duration} | ${status} | ${findings} |`)
     }
   }
 
@@ -1008,7 +1033,8 @@ export function buildProvenanceAppendix(
       lines.push(`- Pattern pack version: \`${state.patternVersion}\``)
     }
     if (syncExec) {
-      lines.push(`- SCVD last synced: ${new Date(syncExec.startTime).toISOString()}`)
+      const syncTime = typeof syncExec.startTime === "number" && !Number.isNaN(syncExec.startTime) ? new Date(syncExec.startTime).toISOString() : "N/A"
+      lines.push(`- SCVD last synced: ${syncTime}`)
     }
   }
 
@@ -1066,6 +1092,48 @@ export async function executeReportGeneration(
   const threshold = args.severity_threshold ?? "low"
   const qualityGatePolicy = args.quality_gate_policy ?? "warn"
   const { reportInput, diagnostics } = parseReportInputPayload(args, context)
+  const preflightPolicy = args.preflight_policy ?? "warn"
+  let preflightWarningSection: string | null = null
+  try {
+    const readEventsFn = deps.readEvents ?? readEvents
+    const events = await readEventsFn(reportInput.run_id, reportInput.projectDir)
+    const preflightResult = checkReportPreflight(events)
+    if (!preflightResult.passed) {
+      if (preflightPolicy === "strict-fail") {
+        const parts: string[] = []
+        if (preflightResult.orphanedTools.length > 0)
+          parts.push(`orphaned tools: ${preflightResult.orphanedTools.join(", ")}`)
+        if (preflightResult.missingLifecycle.length > 0)
+          parts.push(`missing lifecycle: ${preflightResult.missingLifecycle.join(", ")}`)
+        if (preflightResult.missingRequiredTools.length > 0)
+          parts.push(`missing required tools: ${preflightResult.missingRequiredTools.join(", ")}`)
+        throw new Error(`Preflight failed (strict-fail): ${parts.join("; ")}`)
+      }
+      const lines: string[] = [
+        "## \u26A0 Completeness Warning",
+        "",
+        "This report was generated with incomplete orchestration state.",
+        "",
+      ]
+      if (preflightResult.orphanedTools.length > 0)
+        lines.push(`- Orphaned tools: ${preflightResult.orphanedTools.join(", ")}`)
+      if (preflightResult.missingLifecycle.length > 0)
+        lines.push(`- Missing lifecycle: ${preflightResult.missingLifecycle.join(", ")}`)
+      if (preflightResult.missingRequiredTools.length > 0)
+        lines.push(`- Missing required tools: ${preflightResult.missingRequiredTools.join(", ")}`)
+      if (preflightResult.warnings.length > 0)
+        lines.push(`- Warnings: ${preflightResult.warnings.join(", ")}`)
+      preflightWarningSection = lines.join("\n")
+    }
+  } catch (err) {
+    if (err instanceof Error && err.message.startsWith("Preflight failed (strict-fail)")) {
+      throw err
+    }
+    if (preflightPolicy === "strict-fail") {
+      throw new Error("Preflight failed: unable to read event stream for completeness check")
+    }
+    // warn mode: skip preflight when events cannot be read
+  }
   const state = reportInputToAuditState(reportInput)
   const scope = args.scope.length > 0 ? args.scope : reportInput.scope
   const findings = sortFindingsDeterministically(
@@ -1129,6 +1197,10 @@ export async function executeReportGeneration(
     sections.push(`- ${item}`)
   }
 
+  if (preflightWarningSection) {
+    sections.push(preflightWarningSection)
+  }
+
   sections.push(buildProvenanceAppendix(state, threshold, findings.length))
 
   // Embed report metadata for single-writer policy enforcement
@@ -1159,7 +1231,7 @@ export async function executeReportGeneration(
     const loadConfig = deps.loadConfig ?? loadArgusConfig
     const projectDir = resolveProjectDir(context)
     const config = loadConfig(projectDir)
-    const outputDir = config.reporting?.output_dir ?? ".opencode/reports/"
+    const outputDir = config.reporting?.output_dir ?? ".argus/reports/"
     const fullPath = path.join(projectDir, outputDir, canonicalFilename)
 
     // Single-writer policy: check for duplicate writes with same run_id
@@ -1194,6 +1266,7 @@ export const reportGeneratorTool = tool({
       .default("low"),
     report_input: tool.schema.string().optional(),
     audit_state: tool.schema.string().optional(),
+    preflight_policy: tool.schema.enum(["warn", "strict-fail"]).optional(),
   },
   async execute(args, context) {
     const result = await executeReportGeneration(args, context)

package/src/tools/report-preflight.ts

@@ -0,0 +1,79 @@
+import {
+  collectToolLifecycleIssues,
+  hasSessionCreated,
+  hasSessionDeleted,
+} from "../features/persistent-state/run-finalizer"
+import type { AuditEvent } from "../state/schemas"
+
+export interface PreflightResult {
+  passed: boolean
+  orphanedTools: string[]
+  missingLifecycle: string[]
+  missingRequiredTools: string[]
+  warnings: string[]
+}
+
+export interface PreflightOptions {
+  requiredTools?: string[]
+}
+
+function asRecord(value: unknown): Record<string, unknown> | null {
+  if (typeof value === "object" && value !== null && !Array.isArray(value)) {
+    return value as Record<string, unknown>
+  }
+  return null
+}
+
+function hasCompletedTool(events: AuditEvent[], toolName: string): boolean {
+  for (const event of events) {
+    if (event.type !== "tool.completed") {
+      continue
+    }
+
+    const payload = asRecord(event.payload)
+    if (!payload) {
+      continue
+    }
+
+    const name = payload.name
+    const tool = payload.tool
+    if (name === toolName || tool === toolName) {
+      return true
+    }
+  }
+
+  return false
+}
+
+export function checkReportPreflight(
+  events: AuditEvent[],
+  options: PreflightOptions = {},
+): PreflightResult {
+  const missingLifecycle: string[] = []
+  if (!hasSessionCreated(events)) {
+    missingLifecycle.push("session.created")
+  }
+  if (!hasSessionDeleted(events)) {
+    missingLifecycle.push("session.deleted")
+  }
+
+  const { orphanedToolCallIds, malformedEvents } = collectToolLifecycleIssues(events)
+
+  const missingRequiredTools: string[] = []
+  for (const requiredTool of options.requiredTools ?? []) {
+    if (!hasCompletedTool(events, requiredTool)) {
+      missingRequiredTools.push(requiredTool)
+    }
+  }
+
+  return {
+    passed:
+      orphanedToolCallIds.length === 0 &&
+      missingLifecycle.length === 0 &&
+      missingRequiredTools.length === 0,
+    orphanedTools: orphanedToolCallIds,
+    missingLifecycle,
+    missingRequiredTools,
+    warnings: malformedEvents,
+  }
+}

package/src/tools/solodit-search-tool.ts

@@ -258,7 +258,9 @@ export async function executeSoloditSearch(
   let hadMcpError = false
   for (const toolName of SOLODIT_MCP_TOOLS) {
     try {
-      logger.debug(`[solodit] Trying MCP tool '${toolName}' on server '${SOLODIT_MCP_SERVER}' for query: ${query}`)
+      logger.debug(
+        `[solodit] Trying MCP tool '${toolName}' on server '${SOLODIT_MCP_SERVER}' for query: ${query}`,
+      )
       const response = await mcpCaller(
         SOLODIT_MCP_SERVER,
         toolName,
@@ -289,7 +291,9 @@ export async function executeSoloditSearch(
   }
 
   // All MCP tools failed — fall back to HTTP
-  logger.debug(`[solodit] All MCP tools failed (hadMcpError=${hadMcpError}) — falling back to HTTP for query: ${query}`)
+  logger.debug(
+    `[solodit] All MCP tools failed (hadMcpError=${hadMcpError}) — falling back to HTTP for query: ${query}`,
+  )
   return callSoloditHttp(query, limit, args.severity, port)
 }