{
  "base_ref": null,
  "changed_files": [
    ".env",
    "requirements.txt",
    "src/auth.py"
  ],
  "context_bundle": null,
  "diff_stat": "untracked files:\n1\t0\t.env (untracked)\n1\t0\trequirements.txt (untracked)\n2\t0\tsrc/auth.py (untracked)",
  "final_gate": "final_judge must APPROVE before delivery/commit/push; BLOCK beats REQUEST_CHANGES beats APPROVE",
  "repo": "/private/tmp/rapid42-review-factory-demo/repo",
  "reviewers": [
    {
      "checks": [
        "All stated task requirements are implemented.",
        "Changed files match the intended scope.",
        "No unrelated feature work or opportunistic rewrites were added.",
        "Acceptance criteria are testable and mapped to evidence."
      ],
      "id": "spec_compliance",
      "mission": "Check whether the diff satisfies the requested task without under-building or scope creep.",
      "title": "Spec Compliance Reviewer",
      "verdicts": [
        "PASS",
        "REQUEST_CHANGES"
      ]
    },
    {
      "checks": [
        "Relevant tests exist for behavior changes.",
        "The stated test command is enough for this slice or gaps are called out.",
        "Failure paths and edge cases are covered where risk warrants it.",
        "No tests or gates were weakened to force green output."
      ],
      "id": "tests_regression",
      "mission": "Check test coverage, regression risk, and whether verification evidence is sufficient.",
      "title": "Tests and Regression Reviewer",
      "verdicts": [
        "PASS",
        "REQUEST_CHANGES",
        "BLOCK"
      ]
    },
    {
      "checks": [
        "The change fits existing architecture and naming conventions.",
        "New abstractions are justified; no generic abstraction theater.",
        "State, IO, and external side effects are isolated and testable.",
        "Diff is coherent enough to commit as one slice."
      ],
      "id": "architecture",
      "mission": "Check maintainability, boundaries, coupling, and project conventions.",
      "title": "Architecture Reviewer",
      "verdicts": [
        "PASS",
        "REQUEST_CHANGES"
      ]
    },
    {
      "checks": [
        "No secrets, tokens, credentials, or private data are exposed.",
        "Auth/session/permission paths fail closed.",
        "Rapid42 approval gates are respected: spending, public publish/contact, secrets/auth/billing, destructive/prod/live-money.",
        "Dangerous ambiguity is blocked rather than guessed through."
      ],
      "id": "security",
      "mission": "Check security, secrets, auth, permissions, production/live-money/public-contact gates, and fail-closed behavior.",
      "title": "Security and Approval-Gate Reviewer",
      "verdicts": [
        "PASS",
        "REQUEST_CHANGES",
        "BLOCK"
      ]
    },
    {
      "checks": [
        "New/changed dependencies are necessary and pinned where appropriate.",
        "No suspicious install scripts, untrusted registries, or broad permissions.",
        "Runtime/container changes do not expand blast radius silently.",
        "License/compliance concerns are flagged when visible."
      ],
      "id": "dependency_supply_chain",
      "mission": "Check dependency, container, and runtime manifest changes for risk and justification.",
      "title": "Dependency and Supply-Chain Reviewer",
      "verdicts": [
        "PASS",
        "REQUEST_CHANGES",
        "BLOCK"
      ]
    },
    {
      "checks": [
        "Reviewer context is scoped rather than whole-repo dumped.",
        "Heavy model/subagent use is justified by risk.",
        "Repeated logs/tool output are summarized with retrieval breadcrumbs when possible.",
        "The final answer reports evidence, not agent activity theater."
      ],
      "id": "cost_context",
      "mission": "Check token/cost efficiency, context routing, and whether agents read too much or too little.",
      "title": "Cost and Context Reviewer",
      "verdicts": [
        "PASS",
        "REQUEST_CHANGES"
      ]
    },
    {
      "checks": [
        "Docs are accurate, concrete, and not generic AI-slop.",
        "Commands/examples are executable or clearly labelled as templates.",
        "State/evidence is stored in durable project docs where appropriate.",
        "User-facing claims are evidence-backed and not overpromised."
      ],
      "id": "docs_dx",
      "mission": "Check clarity, operational usefulness, examples, and handoff quality.",
      "title": "Docs and Developer Experience Reviewer",
      "verdicts": [
        "PASS",
        "REQUEST_CHANGES"
      ]
    },
    {
      "checks": [
        "Deduplicate specialist findings and preserve the most severe verdict.",
        "Return one final verdict: APPROVE, REQUEST_CHANGES, or BLOCK.",
        "BLOCK if any security/approval/live-system gate is unsafe or ambiguous.",
        "Require concrete fixes and verification evidence for REQUEST_CHANGES/BLOCK."
      ],
      "id": "final_judge",
      "mission": "Fuse specialist findings into one decision and block delivery when any hard gate fails.",
      "title": "Coordinator / Final Judge",
      "verdicts": [
        "APPROVE",
        "REQUEST_CHANGES",
        "BLOCK"
      ]
    }
  ],
  "risk_reasons": [
    "code changed",
    "security-sensitive path changed",
    "secret-sensitive path changed",
    "dependency manifest changed"
  ],
  "risk_tier": "full",
  "schema_version": 1,
  "spec_contract": null,
  "task": "Demo: review auth gate + dependency manifest + secret-like config routing"
}