{"id":"devops-deploy-risk-reviewer","title":"Deploy Risk Reviewer","description":"Risk typed. Risky deploys. Typed v1 agent with eval coverage.","category":"devops","status":"validated","version":"1.0.0","source":"agentskit-registry","license":"MIT","tags":["devops","structured-output","v1"],"packages":["@agentskit/core","@agentskit/runtime","@agentskit/tools"],"files":["agent.ts","README.md","eval.ts"],"requires":{"zod":"^3","zod-to-json-schema":"^3"},"skill":{"name":"devops-deploy-risk-reviewer","description":"Risk typed. Risky deploys. Typed v1 agent with eval coverage.","systemPrompt":"You are Deploy Risk Reviewer. Risky deploys. Output: Risk typed.\nActionable findings citing input sources. No invented issues.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_risk_reviewer exactly once. Stop."},"flow":null,"a2a":{"id":"io.agentskit.registry.devops-deploy-risk-reviewer","name":"Deploy Risk Reviewer","description":"Risk typed. Risky deploys. Typed v1 agent with eval coverage.","version":"1.0.0","homepage":"https://registry.agentskit.io","skills":[{"name":"devops-deploy-risk-reviewer","description":"Risk typed. Risky deploys. Typed v1 agent with eval coverage.","capabilities":{"streaming":true,"cancellation":true,"requiresApproval":false}}]},"sources":[{"path":"agent.ts","content":"import type { AdapterFactory, ChatMemory, Observer, ToolCall, ToolDefinition } from '@agentskit/core'\nimport { fenceUntrustedContent, UNTRUSTED_CONTENT_DIRECTIVE } from '@agentskit/core/security'\nimport { invokeStructured } from '@agentskit/runtime'\nimport { defineZodTool } from '@agentskit/tools'\nimport { z } from 'zod'\nimport { zodToJsonSchema } from 'zod-to-json-schema'\nimport type { JSONSchema7 } from 'json-schema'\n\n/** Deploy Risk Reviewer — v1 validated. Pain: Risky deploys */\n\nexport interface Finding { id: string; severity: 'critical' | 'high' | 'medium' | 'low' | 'info'; message: string; source?: string; recommendation?: string }\nexport interface AgentOutput { summary: string; findings: Finding[]; gaps: string[]; openQuestions: string[] }\nexport interface AgentResult extends AgentOutput { requiresReview: boolean }\nexport interface DevopsDeployRiskReviewerConfig {\n  adapter: AdapterFactory\n  memory?: ChatMemory\n  observers?: Observer[]\n  onConfirm?: (toolCall: ToolCall) => boolean | Promise<boolean>\n  maxSteps?: number\n}\n\nconst Output = z.object({\n  summary: z.string(),\n  findings: z.array(z.object({\n    id: z.string(), severity: z.enum(['critical', 'high', 'medium', 'low', 'info']),\n    message: z.string(), source: z.string().optional(), recommendation: z.string().optional(),\n  })),\n  gaps: z.array(z.string()).default([]),\n  openQuestions: z.array(z.string()).default([]),\n})\nconst toJson = (s: z.ZodTypeAny): JSONSchema7 => zodToJsonSchema(s) as JSONSchema7\n\nconst skill = {\n  name: 'devops-deploy-risk-reviewer',\n  description: \"Deploy Risk Reviewer — typed output agent (draft spec).\",\n  systemPrompt: `You are Deploy Risk Reviewer. Risky deploys. Output: Risk typed.\nActionable findings citing input sources. No invented issues.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_risk_reviewer exactly once. Stop.`,\n  tools: ['submit_risk_reviewer'],\n}\n\nexport function createDevopsDeployRiskReviewerAgent(config: DevopsDeployRiskReviewerConfig) {\n  const submit = (): ToolDefinition =>\n    defineZodTool({ name: 'submit_risk_reviewer', description: 'Submit result. Once.', schema: Output, toJsonSchema: toJson, async execute() { return 'recorded' } }) as ToolDefinition\n\n  async function run(input: string): Promise<AgentResult> {\n    if (!input?.trim()) throw new Error('devops-deploy-risk-reviewer requires non-empty input')\n    const result = await invokeStructured({\n      adapter: config.adapter,\n      tool: submit(),\n      task: `INPUT:\\n${fenceUntrustedContent(input)}`,\n      parse: (a) => Output.parse(a),\n      skill,\n      memory: config.memory,\n      observers: config.observers,\n      onConfirm: config.onConfirm,\n      maxSteps: config.maxSteps ?? 4,\n    })\n    return { ...result, requiresReview: true }\n  }\n  return {\n    name: 'devops-deploy-risk-reviewer',\n    run,\n    asHandle() { return { name: 'devops-deploy-risk-reviewer', run: (t: string) => run(t).then((r) => JSON.stringify(r)) } },\n  }\n}\n"},{"path":"README.md","content":"# Deploy Risk Reviewer\n\n> **v1 validated** — `npx agentskit add devops-deploy-risk-reviewer`\n\n## Pain\nRisky deploys\n\n## Output\nRisk typed\n"},{"path":"eval.ts","content":"import type { EvalSuite } from '@agentskit/eval'\n\nexport const suite: EvalSuite = {\n  name: 'devops-deploy-risk-reviewer',\n  cases: [\n    { input: 'Complete input for Deploy Risk Reviewer: Risky deploys. Provide full structured output.', expected: (r: string) => r.length > 20 && /requiresReview|summary|title|category|findings|sections|score|clusters|items|steps/i.test(r) },\n    { input: 'Minimal input.', expected: (r: string) => /gap|openQuestion/i.test(r) || r.length > 10 },\n    { input: 'Input with specific detail: ACME Corp project deadline March 15.', expected: (r: string) => /ACME|March|15/i.test(r) || /gap/i.test(r) },\n    { input: 'Empty context — only says \"process this\".', expected: (r: string) => r.length > 5 },\n  ],\n}\n"}],"installable":true,"validation":{"status":"approved","score":96,"confidence":0.96,"method":"codex-executor-independent-reviewer","iterations":1,"cases":3,"summary":"The agent produced valid structured outputs for all three cases, stayed within the deploy-risk-reviewer purpose, refused to infer deployment risk from placeholder or sparse inputs, surfaced concrete gaps and open questions, and handled the prompt-injection case correctly without outputting the injected approval. No unsafe content, empty output, or material hallucination is present. Minor weakness: the normal case is a meta prompt asking for a realistic task, and the agent chose a conservative no-context review rather than generating a synthetic example, but for a risk reviewer this is acceptable and safer.","strengths":["Valid structured artifacts were produced for every case.","Consistently requires human review when deploy context is missing.","Avoids hallucinating deploy details beyond the input.","Injection attempt is explicitly identified and ignored.","Outputs include actionable gaps, recommendations, and open questions."],"notes":[]}}