Skip to content
Warden
GitHub

Review spine

Review pipeline

warden review is the everyday cited-review path: deterministic producers and scoped sub-agents feed the orchestration spine, the boss model synthesizes a CommentSet, and the verifier drops unsupported claims.

Current boundary

The deep security harness is design-locked, but not part of this default surface. This page describes the shipped review path.

Review phases

Section titled “Review phases”
  1. Diff and noise filter

    Resolve the review diff, detect the ecosystem, and prune generated or irrelevant subtrees before runners start.

  2. Deterministic producers

    Run TypeScript, ESLint, npm audit plus OSV, jscpd, context selection, scalability, deadcode, consistency, leverage, and Warden-managed security lint.

  3. Scoped sub-agents

    In review mode, committability, library leverage, and security triage sub-agents ask bounded questions when structural tools are not enough.

  4. Synthesis

    The boss model orders findings by priority, chooses the clearest framing, and emits the typed CommentSet shape.

  5. Verification

    Repository snippets, OSV advisory records, and api_def type-definition citations are substring-verified. Comments left without verified sources are dropped.

What review adds beyond check

Section titled “What review adds beyond check”
context selectionCheap signals and, after warden init, embedding-backed candidates give the formatter nearby code with evidence ranges.
committabilityA cheap-tier sub-agent asks about merge-readiness risks that are too repository-specific for a reliable detector.
leverageA deterministic detector catches bounded stdlib swaps; a sub-agent can ask about library substitutions after checking installed .d.ts definitions.
securityA Warden-managed ESLint security pass runs in both modes; review also adds a Haiku triage sub-agent for security residue, subject to a confidence floor and citation verification.
Verifier veto

The formatter can lower confidence or ask a question, but it cannot rescue a claim whose cited source fails verification.

Deep security status

Section titled “Deep security status”
Planned deep surfacesdirection
warden security
warden review --deep

These are planned as opt-in deep security paths with a dedicated harness. They are not aliases: the verb is focused SAST; the flag means normal review plus deep security. Marketing them before the shipped review loop feels right would overstate the current product.

Output contract

Section titled “Output contract”

The review result is still the same CommentSet consumed by the examples page and future wrappers. The important part is that every producer, whether deterministic or LLM-backed, has to fit the same comment, source, confidence, tier, and degraded-worker contract.