npm - windows-exe-decompiler-mcp-server - Versions diffs - 0.1.0 - Mend

windows-exe-decompiler-mcp-server 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (190) hide show

package/CODEX_INSTALLATION.md +69 -0
package/COPILOT_INSTALLATION.md +77 -0
package/LICENSE +21 -0
package/README.md +314 -0
package/bin/windows-exe-decompiler-mcp-server.js +3 -0
package/dist/analysis-provenance.d.ts +184 -0
package/dist/analysis-provenance.js +74 -0
package/dist/analysis-task-runner.d.ts +31 -0
package/dist/analysis-task-runner.js +160 -0
package/dist/artifact-inventory.d.ts +23 -0
package/dist/artifact-inventory.js +175 -0
package/dist/cache-manager.d.ts +128 -0
package/dist/cache-manager.js +454 -0
package/dist/confidence-semantics.d.ts +66 -0
package/dist/confidence-semantics.js +122 -0
package/dist/config.d.ts +335 -0
package/dist/config.js +193 -0
package/dist/database.d.ts +227 -0
package/dist/database.js +601 -0
package/dist/decompiler-worker.d.ts +441 -0
package/dist/decompiler-worker.js +1962 -0
package/dist/dynamic-trace.d.ts +95 -0
package/dist/dynamic-trace.js +629 -0
package/dist/env-validator.d.ts +15 -0
package/dist/env-validator.js +249 -0
package/dist/error-handler.d.ts +28 -0
package/dist/error-handler.example.d.ts +22 -0
package/dist/error-handler.example.js +141 -0
package/dist/error-handler.js +139 -0
package/dist/ghidra-analysis-status.d.ts +49 -0
package/dist/ghidra-analysis-status.js +178 -0
package/dist/ghidra-config.d.ts +134 -0
package/dist/ghidra-config.js +464 -0
package/dist/index.d.ts +9 -0
package/dist/index.js +200 -0
package/dist/job-queue.d.ts +169 -0
package/dist/job-queue.js +407 -0
package/dist/logger.d.ts +106 -0
package/dist/logger.js +176 -0
package/dist/policy-guard.d.ts +115 -0
package/dist/policy-guard.js +243 -0
package/dist/process-output.d.ts +15 -0
package/dist/process-output.js +90 -0
package/dist/prompts/function-explanation-review.d.ts +5 -0
package/dist/prompts/function-explanation-review.js +64 -0
package/dist/prompts/semantic-name-review.d.ts +5 -0
package/dist/prompts/semantic-name-review.js +63 -0
package/dist/runtime-correlation.d.ts +34 -0
package/dist/runtime-correlation.js +279 -0
package/dist/runtime-paths.d.ts +3 -0
package/dist/runtime-paths.js +11 -0
package/dist/selection-diff.d.ts +667 -0
package/dist/selection-diff.js +53 -0
package/dist/semantic-name-suggestion-artifacts.d.ts +116 -0
package/dist/semantic-name-suggestion-artifacts.js +314 -0
package/dist/server.d.ts +129 -0
package/dist/server.js +578 -0
package/dist/tools/artifact-read.d.ts +235 -0
package/dist/tools/artifact-read.js +317 -0
package/dist/tools/artifacts-diff.d.ts +728 -0
package/dist/tools/artifacts-diff.js +304 -0
package/dist/tools/artifacts-list.d.ts +515 -0
package/dist/tools/artifacts-list.js +389 -0
package/dist/tools/attack-map.d.ts +290 -0
package/dist/tools/attack-map.js +519 -0
package/dist/tools/cache-observability.d.ts +4 -0
package/dist/tools/cache-observability.js +36 -0
package/dist/tools/code-function-cfg.d.ts +50 -0
package/dist/tools/code-function-cfg.js +102 -0
package/dist/tools/code-function-decompile.d.ts +55 -0
package/dist/tools/code-function-decompile.js +103 -0
package/dist/tools/code-function-disassemble.d.ts +43 -0
package/dist/tools/code-function-disassemble.js +185 -0
package/dist/tools/code-function-explain-apply.d.ts +255 -0
package/dist/tools/code-function-explain-apply.js +225 -0
package/dist/tools/code-function-explain-prepare.d.ts +535 -0
package/dist/tools/code-function-explain-prepare.js +276 -0
package/dist/tools/code-function-explain-review.d.ts +397 -0
package/dist/tools/code-function-explain-review.js +589 -0
package/dist/tools/code-function-rename-apply.d.ts +248 -0
package/dist/tools/code-function-rename-apply.js +220 -0
package/dist/tools/code-function-rename-prepare.d.ts +506 -0
package/dist/tools/code-function-rename-prepare.js +279 -0
package/dist/tools/code-function-rename-review.d.ts +574 -0
package/dist/tools/code-function-rename-review.js +761 -0
package/dist/tools/code-functions-list.d.ts +37 -0
package/dist/tools/code-functions-list.js +91 -0
package/dist/tools/code-functions-rank.d.ts +34 -0
package/dist/tools/code-functions-rank.js +90 -0
package/dist/tools/code-functions-reconstruct.d.ts +2725 -0
package/dist/tools/code-functions-reconstruct.js +2807 -0
package/dist/tools/code-functions-search.d.ts +39 -0
package/dist/tools/code-functions-search.js +90 -0
package/dist/tools/code-reconstruct-export.d.ts +1212 -0
package/dist/tools/code-reconstruct-export.js +4002 -0
package/dist/tools/code-reconstruct-plan.d.ts +274 -0
package/dist/tools/code-reconstruct-plan.js +342 -0
package/dist/tools/dotnet-metadata-extract.d.ts +541 -0
package/dist/tools/dotnet-metadata-extract.js +355 -0
package/dist/tools/dotnet-reconstruct-export.d.ts +567 -0
package/dist/tools/dotnet-reconstruct-export.js +1151 -0
package/dist/tools/dotnet-types-list.d.ts +325 -0
package/dist/tools/dotnet-types-list.js +201 -0
package/dist/tools/dynamic-dependencies.d.ts +115 -0
package/dist/tools/dynamic-dependencies.js +213 -0
package/dist/tools/dynamic-memory-import.d.ts +10 -0
package/dist/tools/dynamic-memory-import.js +567 -0
package/dist/tools/dynamic-trace-import.d.ts +10 -0
package/dist/tools/dynamic-trace-import.js +235 -0
package/dist/tools/entrypoint-fallback-disasm.d.ts +30 -0
package/dist/tools/entrypoint-fallback-disasm.js +89 -0
package/dist/tools/ghidra-analyze.d.ts +88 -0
package/dist/tools/ghidra-analyze.js +208 -0
package/dist/tools/ghidra-health.d.ts +37 -0
package/dist/tools/ghidra-health.js +212 -0
package/dist/tools/ioc-export.d.ts +209 -0
package/dist/tools/ioc-export.js +542 -0
package/dist/tools/packer-detect.d.ts +165 -0
package/dist/tools/packer-detect.js +284 -0
package/dist/tools/pe-exports-extract.d.ts +175 -0
package/dist/tools/pe-exports-extract.js +253 -0
package/dist/tools/pe-fingerprint.d.ts +234 -0
package/dist/tools/pe-fingerprint.js +269 -0
package/dist/tools/pe-imports-extract.d.ts +105 -0
package/dist/tools/pe-imports-extract.js +245 -0
package/dist/tools/report-generate.d.ts +157 -0
package/dist/tools/report-generate.js +457 -0
package/dist/tools/report-summarize.d.ts +2131 -0
package/dist/tools/report-summarize.js +596 -0
package/dist/tools/runtime-detect.d.ts +135 -0
package/dist/tools/runtime-detect.js +247 -0
package/dist/tools/sample-ingest.d.ts +94 -0
package/dist/tools/sample-ingest.js +327 -0
package/dist/tools/sample-profile-get.d.ts +183 -0
package/dist/tools/sample-profile-get.js +121 -0
package/dist/tools/sandbox-execute.d.ts +441 -0
package/dist/tools/sandbox-execute.js +392 -0
package/dist/tools/strings-extract.d.ts +375 -0
package/dist/tools/strings-extract.js +314 -0
package/dist/tools/strings-floss-decode.d.ts +143 -0
package/dist/tools/strings-floss-decode.js +259 -0
package/dist/tools/system-health.d.ts +434 -0
package/dist/tools/system-health.js +446 -0
package/dist/tools/task-cancel.d.ts +21 -0
package/dist/tools/task-cancel.js +70 -0
package/dist/tools/task-status.d.ts +27 -0
package/dist/tools/task-status.js +106 -0
package/dist/tools/task-sweep.d.ts +22 -0
package/dist/tools/task-sweep.js +77 -0
package/dist/tools/tool-help.d.ts +340 -0
package/dist/tools/tool-help.js +261 -0
package/dist/tools/yara-scan.d.ts +554 -0
package/dist/tools/yara-scan.js +313 -0
package/dist/types.d.ts +266 -0
package/dist/types.js +41 -0
package/dist/worker-pool.d.ts +204 -0
package/dist/worker-pool.js +650 -0
package/dist/workflows/deep-static.d.ts +104 -0
package/dist/workflows/deep-static.js +276 -0
package/dist/workflows/function-explanation-review.d.ts +655 -0
package/dist/workflows/function-explanation-review.js +440 -0
package/dist/workflows/reconstruct.d.ts +2053 -0
package/dist/workflows/reconstruct.js +666 -0
package/dist/workflows/semantic-name-review.d.ts +2418 -0
package/dist/workflows/semantic-name-review.js +521 -0
package/dist/workflows/triage.d.ts +659 -0
package/dist/workflows/triage.js +1374 -0
package/dist/workspace-manager.d.ts +150 -0
package/dist/workspace-manager.js +411 -0
package/ghidra_scripts/DecompileFunction.java +487 -0
package/ghidra_scripts/DecompileFunction.py +150 -0
package/ghidra_scripts/ExtractCFG.java +256 -0
package/ghidra_scripts/ExtractCFG.py +233 -0
package/ghidra_scripts/ExtractFunctions.java +442 -0
package/ghidra_scripts/ExtractFunctions.py +101 -0
package/ghidra_scripts/README.md +125 -0
package/ghidra_scripts/SearchFunctionReferences.java +380 -0
package/helpers/DotNetMetadataProbe/DotNetMetadataProbe.csproj +9 -0
package/helpers/DotNetMetadataProbe/Program.cs +566 -0
package/install-to-codex.ps1 +178 -0
package/install-to-copilot.ps1 +303 -0
package/package.json +101 -0
package/requirements.txt +9 -0
package/workers/requirements-dynamic.txt +11 -0
package/workers/requirements.txt +8 -0
package/workers/speakeasy_compat.py +175 -0
package/workers/static_worker.py +5183 -0
package/workers/yara_rules/default.yar +33 -0
package/workers/yara_rules/malware_families.yar +93 -0
package/workers/yara_rules/packers.yar +80 -0

package/dist/workflows/function-explanation-review.js ADDED Viewed

@@ -0,0 +1,440 @@
+/**
+ * workflow.function_explanation_review
+ * High-level orchestration for function explanation review plus optional reconstruct export refresh.
+ */
+import { z } from 'zod';
+import { createCodeFunctionExplainReviewHandler } from '../tools/code-function-explain-review.js';
+import { createReconstructWorkflowHandler } from './reconstruct.js';
+const TOOL_NAME = 'workflow.function_explanation_review';
+export const functionExplanationReviewWorkflowInputSchema = z
+    .object({
+    sample_id: z.string().describe('Sample ID (format: sha256:<hex>)'),
+    address: z.string().optional().describe('Optional specific function address'),
+    symbol: z.string().optional().describe('Optional specific function symbol'),
+    topk: z
+        .number()
+        .int()
+        .min(1)
+        .max(20)
+        .default(6)
+        .describe('When address/symbol not provided, review up to top-K functions'),
+    max_functions: z
+        .number()
+        .int()
+        .min(1)
+        .max(20)
+        .default(6)
+        .describe('Maximum number of functions included in the explanation review bundle'),
+    include_resolved: z
+        .boolean()
+        .default(true)
+        .describe('Include already resolved functions so the external LLM can explain stable and unresolved ones together'),
+    analysis_goal: z
+        .string()
+        .min(1)
+        .max(400)
+        .default('Explain the prepared functions in plain language and propose evidence-grounded rewrite guidance.')
+        .describe('Human-readable analysis goal injected into the MCP prompt and sampling request'),
+    session_tag: z
+        .string()
+        .optional()
+        .describe('Optional semantic explanation session tag used for artifact grouping'),
+    evidence_scope: z
+        .enum(['all', 'latest', 'session'])
+        .default('all')
+        .describe('Runtime evidence scope forwarded to review and optional reconstruct/export refresh'),
+    evidence_session_tag: z
+        .string()
+        .optional()
+        .describe('Optional runtime evidence session selector used when evidence_scope=session or to narrow all/latest results'),
+    semantic_scope: z
+        .enum(['all', 'latest', 'session'])
+        .default('all')
+        .describe('Semantic artifact scope used when refreshing reconstruct/export output after apply'),
+    semantic_session_tag: z
+        .string()
+        .optional()
+        .describe('Optional semantic review session selector used when semantic_scope=session or to narrow all/latest results'),
+    persist_artifact: z
+        .boolean()
+        .default(true)
+        .describe('Persist the prepare bundle artifact before requesting external explanation review'),
+    auto_apply: z
+        .boolean()
+        .default(true)
+        .describe('Persist accepted explanations automatically via code.function.explain.apply'),
+    temperature: z
+        .number()
+        .min(0)
+        .max(1)
+        .default(0.2)
+        .describe('Sampling temperature passed to the connected MCP client'),
+    max_tokens: z
+        .number()
+        .int()
+        .min(200)
+        .max(8000)
+        .default(2200)
+        .describe('Maximum sampling tokens requested from the connected MCP client'),
+    include_context: z
+        .enum(['none', 'thisServer', 'allServers'])
+        .default('none')
+        .describe('Requested MCP sampling context scope; clients may ignore this preference'),
+    model_hint: z
+        .string()
+        .min(1)
+        .max(120)
+        .optional()
+        .describe('Optional advisory model-family hint for client-mediated MCP sampling'),
+    cost_priority: z
+        .number()
+        .min(0)
+        .max(1)
+        .default(0.1)
+        .describe('Advisory model selection preference for sampling cost'),
+    speed_priority: z
+        .number()
+        .min(0)
+        .max(1)
+        .default(0.2)
+        .describe('Advisory model selection preference for sampling latency'),
+    intelligence_priority: z
+        .number()
+        .min(0)
+        .max(1)
+        .default(0.95)
+        .describe('Advisory model selection preference for reasoning quality'),
+    system_prompt: z
+        .string()
+        .min(1)
+        .max(800)
+        .optional()
+        .describe('Optional extra system prompt for the client-mediated explanation review'),
+    rerun_export: z
+        .boolean()
+        .default(true)
+        .describe('After successful apply, rerun workflow.reconstruct to refresh rewrite/export output'),
+    export_path: z
+        .enum(['auto', 'native', 'dotnet'])
+        .default('auto')
+        .describe('Routing strategy used when rerun_export=true'),
+    export_topk: z
+        .number()
+        .int()
+        .min(1)
+        .max(40)
+        .default(12)
+        .describe('Top-K high-value functions used for optional reconstruct/export refresh'),
+    export_name: z
+        .string()
+        .min(1)
+        .max(64)
+        .optional()
+        .describe('Optional export folder name used for the refresh run'),
+    include_plan: z
+        .boolean()
+        .default(false)
+        .describe('Include code.reconstruct.plan when rerun_export=true'),
+    include_obfuscation_fallback: z
+        .boolean()
+        .default(true)
+        .describe('When routing to .NET path, generate IL fallback notes when needed'),
+    fallback_on_error: z
+        .boolean()
+        .default(true)
+        .describe('When primary export path fails, automatically try the alternative path'),
+    allow_partial: z
+        .boolean()
+        .default(true)
+        .describe('When all export paths fail, still return runtime/plan as partial output'),
+    validate_build: z
+        .boolean()
+        .default(false)
+        .describe('Compile the refreshed native reconstruction when rerun_export=true'),
+    run_harness: z
+        .boolean()
+        .default(false)
+        .describe('Execute reconstruct_harness after a successful refreshed native build'),
+    compiler_path: z
+        .string()
+        .min(1)
+        .max(260)
+        .optional()
+        .describe('Optional explicit clang compiler path for the refresh run'),
+    build_timeout_ms: z
+        .number()
+        .int()
+        .min(5000)
+        .max(300000)
+        .default(60000)
+        .describe('Timeout for native clang build validation in milliseconds'),
+    run_timeout_ms: z
+        .number()
+        .int()
+        .min(5000)
+        .max(300000)
+        .default(30000)
+        .describe('Timeout for reconstruct_harness execution in milliseconds'),
+    reuse_cached: z
+        .boolean()
+        .default(true)
+        .describe('Reuse cached reconstruct workflow results for the optional refresh run'),
+})
+    .refine((value) => value.evidence_scope !== 'session' || Boolean(value.evidence_session_tag?.trim()), {
+    message: 'evidence_session_tag is required when evidence_scope=session',
+    path: ['evidence_session_tag'],
+})
+    .refine((value) => value.semantic_scope !== 'session' || Boolean(value.semantic_session_tag?.trim()), {
+    message: 'semantic_session_tag is required when semantic_scope=session',
+    path: ['semantic_session_tag'],
+});
+export const functionExplanationReviewWorkflowOutputSchema = z.object({
+    ok: z.boolean(),
+    data: z
+        .object({
+        sample_id: z.string(),
+        review: z.object({
+            review_status: z.string(),
+            prompt_name: z.string(),
+            client: z.object({
+                name: z.string().nullable(),
+                version: z.string().nullable(),
+                sampling_available: z.boolean(),
+            }),
+            prepare: z.object({
+                prepared_count: z.number().int().nonnegative(),
+                artifact_id: z.string().nullable(),
+            }),
+            sampling: z.object({
+                attempted: z.boolean(),
+                model: z.string().nullable(),
+                stop_reason: z.string().nullable(),
+                parsed_explanation_count: z.number().int().nonnegative(),
+            }),
+            apply: z.object({
+                attempted: z.boolean(),
+                accepted_count: z.number().int().nonnegative(),
+                rejected_count: z.number().int().nonnegative(),
+                artifact_id: z.string().nullable(),
+            }),
+            confidence_policy: z.object({
+                calibrated: z.boolean(),
+                explanation_scores_are_heuristic: z.boolean(),
+                meaning: z.string(),
+            }),
+        }),
+        export: z.object({
+            attempted: z.boolean(),
+            status: z.enum(['completed', 'failed', 'skipped']),
+            selected_path: z.enum(['native', 'dotnet']).nullable(),
+            export_tool: z.string().nullable(),
+            export_root: z.string().nullable(),
+            manifest_path: z.string().nullable(),
+            build_validation_status: z.string().nullable(),
+            harness_validation_status: z.string().nullable(),
+            notes: z.array(z.string()),
+        }),
+        next_steps: z.array(z.string()),
+    })
+        .optional(),
+    warnings: z.array(z.string()).optional(),
+    errors: z.array(z.string()).optional(),
+    artifacts: z.array(z.any()).optional(),
+    metrics: z
+        .object({
+        elapsed_ms: z.number(),
+        tool: z.string(),
+    })
+        .optional(),
+});
+export const functionExplanationReviewWorkflowToolDefinition = {
+    name: TOOL_NAME,
+    description: 'Run function explanation review end-to-end for any MCP-capable LLM client, then optionally refresh reconstruct/export output with the applied explanations.',
+    inputSchema: functionExplanationReviewWorkflowInputSchema,
+    outputSchema: functionExplanationReviewWorkflowOutputSchema,
+};
+export function createFunctionExplanationReviewWorkflowHandler(workspaceManager, database, cacheManager, mcpServer, dependencies) {
+    const explainReviewHandler = dependencies?.explainReviewHandler ||
+        createCodeFunctionExplainReviewHandler(workspaceManager, database, cacheManager, mcpServer);
+    const reconstructWorkflowHandler = dependencies?.reconstructWorkflowHandler ||
+        createReconstructWorkflowHandler(workspaceManager, database, cacheManager);
+    return async (args) => {
+        const startTime = Date.now();
+        const warnings = [];
+        const errors = [];
+        const artifacts = [];
+        try {
+            const input = functionExplanationReviewWorkflowInputSchema.parse(args);
+            const reviewResult = await explainReviewHandler({
+                sample_id: input.sample_id,
+                address: input.address,
+                symbol: input.symbol,
+                topk: input.topk,
+                max_functions: input.max_functions,
+                include_resolved: input.include_resolved,
+                analysis_goal: input.analysis_goal,
+                session_tag: input.session_tag,
+                evidence_scope: input.evidence_scope,
+                evidence_session_tag: input.evidence_session_tag,
+                persist_artifact: input.persist_artifact,
+                auto_apply: input.auto_apply,
+                temperature: input.temperature,
+                max_tokens: input.max_tokens,
+                include_context: input.include_context,
+                model_hint: input.model_hint,
+                cost_priority: input.cost_priority,
+                speed_priority: input.speed_priority,
+                intelligence_priority: input.intelligence_priority,
+                system_prompt: input.system_prompt,
+            });
+            warnings.push(...(reviewResult.warnings || []));
+            artifacts.push(...(reviewResult.artifacts || []));
+            if (!reviewResult.ok) {
+                return {
+                    ok: false,
+                    errors: reviewResult.errors || ['code.function.explain.review failed'],
+                    warnings: warnings.length > 0 ? warnings : undefined,
+                    artifacts: artifacts.length > 0 ? artifacts : undefined,
+                    metrics: {
+                        elapsed_ms: Date.now() - startTime,
+                        tool: TOOL_NAME,
+                    },
+                };
+            }
+            const reviewData = (reviewResult.data || {});
+            const acceptedCount = Number(reviewData?.apply?.accepted_count || 0);
+            const canRefreshExport = input.rerun_export &&
+                reviewData.review_status === 'sampled_and_applied' &&
+                acceptedCount > 0;
+            let exportSummary = {
+                attempted: false,
+                status: 'skipped',
+                selected_path: null,
+                export_tool: null,
+                export_root: null,
+                manifest_path: null,
+                build_validation_status: null,
+                harness_validation_status: null,
+                notes: [],
+            };
+            if (canRefreshExport) {
+                const exportResult = await reconstructWorkflowHandler({
+                    sample_id: input.sample_id,
+                    path: input.export_path,
+                    topk: input.export_topk,
+                    export_name: input.export_name,
+                    validate_build: input.validate_build,
+                    run_harness: input.run_harness,
+                    compiler_path: input.compiler_path,
+                    build_timeout_ms: input.build_timeout_ms,
+                    run_timeout_ms: input.run_timeout_ms,
+                    evidence_scope: input.evidence_scope,
+                    evidence_session_tag: input.evidence_session_tag,
+                    semantic_scope: input.semantic_scope === 'all' && input.session_tag ? 'session' : input.semantic_scope,
+                    semantic_session_tag: input.semantic_session_tag || input.session_tag,
+                    include_plan: input.include_plan,
+                    include_obfuscation_fallback: input.include_obfuscation_fallback,
+                    fallback_on_error: input.fallback_on_error,
+                    allow_partial: input.allow_partial,
+                    reuse_cached: input.reuse_cached,
+                });
+                warnings.push(...(exportResult.warnings || []));
+                artifacts.push(...(exportResult.artifacts || []));
+                if (!exportResult.ok) {
+                    errors.push(...(exportResult.errors || ['workflow.reconstruct failed during export refresh']));
+                    exportSummary = {
+                        attempted: true,
+                        status: 'failed',
+                        selected_path: null,
+                        export_tool: null,
+                        export_root: null,
+                        manifest_path: null,
+                        build_validation_status: null,
+                        harness_validation_status: null,
+                        notes: ['Refresh export failed after function explanation apply.'],
+                    };
+                }
+                else {
+                    const exportData = (exportResult.data || {});
+                    exportSummary = {
+                        attempted: true,
+                        status: 'completed',
+                        selected_path: exportData.selected_path || null,
+                        export_tool: exportData.export?.tool || null,
+                        export_root: exportData.export?.export_root || null,
+                        manifest_path: exportData.export?.manifest_path || null,
+                        build_validation_status: exportData.export?.build_validation_status || null,
+                        harness_validation_status: exportData.export?.harness_validation_status || null,
+                        notes: Array.isArray(exportData.notes) ? exportData.notes : [],
+                    };
+                }
+            }
+            else if (input.rerun_export) {
+                exportSummary.notes.push(reviewData.review_status === 'prompt_contract_only'
+                    ? 'Refresh export skipped because no sampled explanations were applied yet.'
+                    : 'Refresh export skipped because no explanation artifacts were applied.');
+            }
+            const nextSteps = [
+                ...(Array.isArray(reviewData.next_steps) ? reviewData.next_steps : []),
+                ...exportSummary.notes,
+            ];
+            return {
+                ok: errors.length === 0,
+                data: {
+                    sample_id: input.sample_id,
+                    review: {
+                        review_status: reviewData.review_status || 'unknown',
+                        prompt_name: reviewData.prompt_name || 'reverse.function_explanation_review',
+                        client: {
+                            name: reviewData.client?.name || null,
+                            version: reviewData.client?.version || null,
+                            sampling_available: Boolean(reviewData.client?.sampling_available),
+                        },
+                        prepare: {
+                            prepared_count: Number(reviewData.prepare?.prepared_count || 0),
+                            artifact_id: reviewData.prepare?.artifact_id || null,
+                        },
+                        sampling: {
+                            attempted: Boolean(reviewData.sampling?.attempted),
+                            model: reviewData.sampling?.model || null,
+                            stop_reason: reviewData.sampling?.stop_reason || null,
+                            parsed_explanation_count: Number(reviewData.sampling?.parsed_explanation_count || 0),
+                        },
+                        apply: {
+                            attempted: Boolean(reviewData.apply?.attempted),
+                            accepted_count: acceptedCount,
+                            rejected_count: Number(reviewData.apply?.rejected_count || 0),
+                            artifact_id: reviewData.apply?.artifact_id || null,
+                        },
+                        confidence_policy: {
+                            calibrated: Boolean(reviewData.confidence_policy?.calibrated),
+                            explanation_scores_are_heuristic: reviewData.confidence_policy?.explanation_scores_are_heuristic !== false,
+                            meaning: String(reviewData.confidence_policy?.meaning ||
+                                'Explanation confidence remains heuristic and should be read as evidence support strength, not proof of source-equivalent recovery.'),
+                        },
+                    },
+                    export: exportSummary,
+                    next_steps: nextSteps,
+                },
+                warnings: warnings.length > 0 ? warnings : undefined,
+                errors: errors.length > 0 ? errors : undefined,
+                artifacts: artifacts.length > 0 ? artifacts : undefined,
+                metrics: {
+                    elapsed_ms: Date.now() - startTime,
+                    tool: TOOL_NAME,
+                },
+            };
+        }
+        catch (error) {
+            return {
+                ok: false,
+                errors: [error instanceof Error ? error.message : String(error)],
+                metrics: {
+                    elapsed_ms: Date.now() - startTime,
+                    tool: TOOL_NAME,
+                },
+            };
+        }
+    };
+}
+//# sourceMappingURL=function-explanation-review.js.map