* feat(auth): reuse preflight's authenticated session across agents
* fix(preflight): verify saved auth state parses and has cookies or origins
* fix(prompts): strip shared-session block when no auth is configured
* fix(shannon): store shared auth state in the per-session audit dir
* fix(prompts): write stub auth-state in pipeline-testing preflight
* fix(preflight): clear stale auth-state.json before validate-authentication
* fix(preflight): drop auth-state.json on workflow completion
* docs(claude): refresh auth-state.json description for new layout and cleanup
* refactor(prompts): drop unused PLAYWRIGHT_SESSION resolve in login instructions
* style(prompts): collapse verifySavedAuthState signature per biome
* refactor(prompts): require AUTH_STATE_FILE on authenticated runs
* style(prompts): trim numbered-step comments back to step headers
* feat(steerability): add config-driven profile with code_path avoid enforcement
* fix(steerability): write SDK deny rules once per workflow to avoid parallel-agent race
* fix(steerability): reference guidance by pointer in report DROP rules
* fix(steerability): tighten code_path avoid enforcement
* chore(steerability): use shared ALL_VULN_CLASSES const and tighten RunScope type
* fix(steerability): validate run scope before resume short-circuit
* fix(steerability): emit only documented Read/Edit deny rules for code_path
* fix(steerability): assemble report from analysis deliverables when exploit is disabled
* feat(steerability): preflight check that code_path rules match at least one repo entry
* fix(steerability): tag missing code_path entries with avoid/focus kind
* revert(steerability): assemble report from analysis deliverables when exploit is disabled
* feat(steerability): render per-class findings from queue JSON when exploit is disabled
* refactor(steerability): trim findings renderer to common mappable rows
* feat(steerability): allow report agent to rewrite category-label finding titles
* docs(steerability): document new config fields in README and CLAUDE.md
* docs(steerability): comment out optional config sections in examples
* feat: add ReportOutputProvider for consumer-extended report artifacts
* fix: thread deliverablesSubdir through report assembly
* fix: produce structured report JSON on resume path
* fix: fail loud on structured report output provider errors
* feat: extend checkpoint provider and container DI for consumer-specific backends
* fix: pre-create .shannon overlay mount points on all platforms
* chore: drop claude-code-router mode
* fix: drop 'resets' keyword from spending-cap text patterns
* feat: extract pipeline core for library consumption
* fix: chmod workspace directory for container write access
* fix: resolve playwright output dir relative to deliverables parent
* feat: add multi-provider LLM support via ProviderConfig
* fix: resolve model overrides via options.model, remove unused model env passthrough
* fix: use ANTHROPIC_AUTH_TOKEN for custom base URL and router auth
* fix: skip env-based credential validation when providerConfig is present
* fix: support large UID/GID values for AD/LDAP users in container
* feat: mount user repo as read-only with deliverables bind-mount overlay
* feat: add playground and .playwright-cli overlay mounts
* feat: add filesystem context to pipeline-testing prompts
* fix: use explicit REPO_PATH in filesystem prompt for clarity
* fix: update filesystem prompts with playground notes and absolute screenshot paths
* feat: namespace writable overlays under .shannon/ to avoid polluting host repo
* refactor: rename playground to scratchpad
* fix: redirect playwright-cli output to writable .shannon/ overlay
* fix: pre-create .shannon/ overlay mount points for Linux compatibility
* fix: exclude nested node_modules and dist from Docker build context
* fix: enforce LF line endings for shell scripts on Windows
- Add minimum-release-age=10080 (7 days) and ignore-scripts=true to .npmrc
- Upgrade pnpm from 10.12.1 to 10.33.0 (minimumReleaseAge requires >= 10.16.0)
- Document package installation age policy in CLAUDE.md
* feat: add structured outputs for vuln agent exploitation queues
Use Claude Agent SDK's native outputFormat to get schema-validated JSON
queue data from vulnerability analysis agents instead of relying on
save-deliverable tool calls for queue files.
- Add Zod schemas for all 5 vuln types (injection, xss, auth, ssrf, authz)
- Thread outputFormat through SDK call chain (executor → message handlers)
- Write structured_output to disk as queue JSON before validation
- Handle error_max_structured_output_retries as retryable failure
- Update vuln prompts to use structured output for queues
- Keep save-deliverable for markdown deliverables (unchanged)
* fix: correct structured output schema conversion for Claude Agent SDK
Use draft-07 target for z.toJSONSchema() instead of the default
draft-2020-12, which the SDK's AJV validator doesn't support. Update
pipeline-testing prompts to use structured output instead of raw JSON
responses.
* refactor: remove save-deliverable references for queues in vuln prompts
Queues are now captured via structured outputs, so vuln agents no longer
need to use save-deliverable for queue JSON. Removes references to
"structured response/output" phrasing and aligns all prompts to use
consistent "exploitation queue" terminology.
* refactor: remove queue support from save-deliverable
Queues are now produced via structured outputs, so save-deliverable no
longer needs queue-related code. Removes queue enum values, filename
mappings, JSON validation, and updates all prompt tool descriptions to
match the simplified CLI interface.
* fix: instruct vuln agents to save deliverable before exploitation queue
The structured output tool terminates the agent session when called.
Agents were calling it before saving their deliverable markdown,
causing output validation failures and unnecessary retries.
* refactor: remove explicit exploitation queue output instructions from vuln prompts
The Claude Agent SDK automatically captures structured output on the
last turn when outputFormat is set. Prompts explicitly telling agents
to produce the queue caused them to call StructuredOutput mid-session,
conflicting with the SDK mechanism and silently dropping the output.
Removed exploitation_queue_requirements sections and queue references
from conclusion triggers. Added note that the queue is captured
automatically. Updated Your Output to point to the deliverable markdown.