utmstack
diff --git a/‎.github/ai-prompts/README.md‎
Lines changed: 39 additions & 19 deletions b/‎.github/ai-prompts/README.md‎
Lines changed: 39 additions & 19 deletions
diff --git a/‎.github/ai-prompts/architecture.md‎
Lines changed: 26 additions & 4 deletions b/‎.github/ai-prompts/architecture.md‎
Lines changed: 26 additions & 4 deletions
diff --git a/‎.github/ai-prompts/bugs.md‎
Lines changed: 22 additions & 16 deletions b/‎.github/ai-prompts/bugs.md‎
Lines changed: 22 additions & 16 deletions
diff --git a/‎.github/ai-prompts/security.md‎
Lines changed: 22 additions & 1 deletion b/‎.github/ai-prompts/security.md‎
Lines changed: 22 additions & 1 deletion
diff --git a/‎.github/scripts/ai-review.sh‎
Lines changed: 15 additions & 2 deletions b/‎.github/scripts/ai-review.sh‎
Lines changed: 15 additions & 2 deletions
@@ -27,7 +27,7 @@ this exact shape (no markdown, no code fences, no extra text):
   "summary": "<one line, max 200 chars>",
   "findings": [
     {
-      "severity": "high" | "medium" | "low",
+      "severity": "critical" | "high" | "medium" | "low",
       "file": "<path>",
       "line": <int>,
       "message": "<description and mitigation>"
@@ -36,22 +36,43 @@ this exact shape (no markdown, no code fences, no extra text):
 }
 ```
 
+### Severity drives the merge gate
+
+The approver blocks the merge based on **severity**, not on how many findings
+there are. Pick the lowest severity that honestly fits — don't inflate a nit.
+
+- **`critical` / `high` → BLOCKING.** Something that can break: crashes, nil
+  dereferences, data loss/corruption, races/deadlocks, broken or unsafe DB
+  migrations, security holes, breaking API/proto/contract changes. These stop
+  auto-merge.
+- **`medium` / `low` → non-blocking WARNING.** Real but contained: missing
+  user feedback, inconsistent patterns, naming, typos in docs/strings, style.
+  Reported as warnings; the PR can still merge.
+
 ### Tier semantics
 
-- **Tier 1 — Approve.** The change is simple, doesn't touch critical logic,
-  no issues detected. The approver aggregates all tiers and, if every
-  prompt returns Tier 1, approves the PR.
-- **Tier 2 — Changes requested.** Minor issues the author must fix before
-  merging: typos, small bugs, out-of-context code, noticeable style
-  problems, incomplete mocks or tests.
-- **Tier 3 — Engineer review required.** The diff touches critical paths
-  (crypto, auth, DB migrations, installer, gRPC contracts, CI/CD, secret
-  handling) or introduces changes the model can't judge with sufficient
-  confidence. The approver blocks the merge and @mentions the senior
-  engineering team.
-
-The approver takes the **maximum tier** across all prompts: if security
-returns Tier 1 but architecture returns Tier 3, the final verdict is Tier 3.
+`tier` is a coarse signal. The gate uses severity for blocking, **plus** Tier 3:
+
+- **Tier 1** — fine to merge; no high/critical issues (minor warnings allowed).
+- **Tier 2** — at least one high-severity bug that should be fixed.
+- **Tier 3** — engineer review required / could break. Critical paths (crypto,
+  auth, DB migrations, installer, gRPC contracts, CI/CD, secret handling) or
+  changes the model can't judge confidently. Always blocks and @mentions the
+  team.
+
+**The merge is blocked if** any finding is `high`/`critical`, **or** any prompt
+returns Tier 3, **or** no review ran. Otherwise the approver approves the PR
+(any medium/low findings ride along as warnings).
+
+### Routine dependency bumps
+
+A separate required check (`go_deps`) already enforces that Go modules are on
+their latest version, so mass `go.mod` / `go.sum` bumps are routine and
+expected. The `architecture` and `security` prompts treat a version bump of
+existing modules as **Tier 1** — not an architectural/agent-breaking change
+and not a vulnerability — and only flag genuine anomalies (new deps, major
+breaking jumps, downgrades, known-vulnerable pins, suspicious `replace`
+directives). Don't add prompts that re-block on routine bumps.
 
 ### When there's nothing to report
 
@@ -60,10 +81,9 @@ Tier 1, a brief `summary` ("No security concerns detected.") and
 
 ### Unparseable responses
 
-If the model returns something that isn't valid JSON matching the schema,
-the approver treats it as **Tier 2** with a generic finding asking for
-manual review. Fail-safe behaviour — we'd rather block and ask for human
-review than let something pass without understanding it.
+If the model returns something that isn't valid JSON matching the schema, the
+approver treats it as a blocking `high` finding. Fail-safe behaviour — we'd
+rather hold for a human than let something pass without understanding it.
 
 ## Picking a model
 
 
@@ -32,6 +32,27 @@ React/Angular frontend). Your job is to spot **architectural deviations**.
 **Ignore** style, naming, formatting, or refactors that don't affect
 structure.
 
+## Routine dependency updates are not architectural changes
+
+A separate **required** CI check (`go_deps` / `go-deps.sh --check`) already
+enforces that every Go module is on its latest version and still builds, so
+mass `go.mod` / `go.sum` bumps are an expected, routine part of this repo's
+workflow. A version bump of existing modules is **not** an architectural
+deviation and **not** an agent-breaking change — even when:
+
+- it lands under `agent/`, `agent-manager/`, `installer/`, or a plugin (the
+  file path alone is not a contract or wire-protocol change), or
+- the bumped module is security-relevant (SDKs, gRPC, protobuf, crypto).
+
+A diff that is **only** dependency version bumps of existing modules is
+**Tier 1** — do not raise `high` findings or escalate to Tier 3 for it. Do
+still flag a change that is more than a routine bump: a brand-new
+third-party dependency, a *major* version jump documented as breaking, a
+**downgrade**, or a new/edited `replace` directive pointing somewhere
+unexpected. The critical-path and agent-breaking rules below are about
+**code and contract** changes (protos, wire protocol, auth, migrations), not
+manifest version bumps.
+
 ## How to assign tier
 
 - **Tier 1** — No architectural deviations detected.
@@ -45,10 +66,11 @@ structure.
   - Installer (`installer/`).
   - Auth / crypto / secret handling.
   - GitHub Actions workflows or CI scripts.
-  - **Agent code (`agent/`), agent-manager wire protocol, or any change
-    that forces a synchronized agent+server upgrade.** Deployed agents
-    in the field may be on older versions; breaking their compatibility
-    requires senior review and a coordinated rollout plan.
+  - **Agent code or contract** (`agent/` logic, agent-manager wire
+    protocol — **not** a routine `go.mod`/`go.sum` version bump) **or any
+    change that forces a synchronized agent+server upgrade.** Deployed
+    agents in the field may be on older versions; breaking their
+    compatibility requires senior review and a coordinated rollout plan.
   - Any change that breaks backwards compatibility of a public endpoint
     or persisted schema.
 
 
@@ -44,25 +44,31 @@ You are a senior code reviewer. Review the Pull Request diff looking for
 rest of the diff. Even in a 100-file PR dominated by backend changes, a
 single misspelling in a guide or a personal name in a customer-facing
 doc still warrants a finding — do not skip it because "the real work is
-elsewhere". When you find any of these, set tier to AT LEAST 2.
+elsewhere". Report these as `low`/`medium` (they're warnings, not blockers).
 
 **Ignore** preexisting issues on lines not touched by the diff.
 
-## How to assign tier
+## Severity (this is what blocks the merge)
 
-- **Tier 1** — No concrete bugs detected AND no user-facing string
-  anomalies (typos, internal references, contact info leaks). The change
-  looks correct.
-- **Tier 2** — Concrete but contained bugs the author must fix before
-  merging (off-by-one, error swallowing, unclosed resources,
-  out-of-context code). **Always Tier 2 minimum** if you find any
-  user-facing string anomaly: typos in docs/guides/messages, personal
-  names or internal handles in customer-facing content, internal URLs
-  or ticket IDs leaking into public docs.
-- **Tier 3** — A bug that may cause data corruption, deadlock, large-scale
-  leaks, or any issue whose impact the author shouldn't fix without a
-  second opinion. Also applies if the diff touches DB migrations, error
-  handling on transactional paths, or complex concurrency.
+Pick the lowest severity that honestly fits; don't inflate a nit.
+
+- **`critical` / `high` — blocking.** A bug that will actually break behavior:
+  nil/null deref, out-of-bounds, race/deadlock, goroutine/resource leak,
+  unhandled error on an important path, inverted logic, malformed query, a
+  migration that breaks existing data, out-of-context code that changes
+  behavior. Use `critical` for data corruption, deadlock, or large-scale leaks.
+- **`medium` / `low` — non-blocking warning.** Real but contained: missing
+  user feedback, inconsistent error-handling style, naming, typos in
+  docs/guides/messages, personal names or internal handles/URLs/ticket IDs in
+  customer-facing content.
+
+## Tier
+
+- **Tier 1** — no high/critical bugs (minor warnings are fine).
+- **Tier 2** — at least one high-severity bug to fix before merging.
+- **Tier 3** — could cause data corruption, deadlock, or large-scale leaks, or
+  the diff touches DB migrations, transactional error handling, or complex
+  concurrency and needs a second opinion.
 
 ## Output
 
@@ -73,7 +79,7 @@ Respond with valid JSON ONLY (no markdown, no backticks, no extra text):
   "tier": 1 | 2 | 3,
   "summary": "<one line, max 200 chars>",
   "findings": [
-    {"severity": "high"|"medium"|"low", "file": "<path>", "line": <n>, "message": "<description and how to reproduce>"}
+    {"severity": "critical"|"high"|"medium"|"low", "file": "<path>", "line": <n>, "message": "<description and how to reproduce>"}
   ]
 }
 ```
@@ -37,6 +37,25 @@ do not skip it.
 
 **Ignore** preexisting issues on lines not touched by the diff.
 
+## Routine dependency updates are not vulnerabilities
+
+A separate **required** CI check (`go_deps`) already enforces that every Go
+module is on its latest version, so mass `go.mod` / `go.sum` bumps are a
+routine, expected part of this repo's workflow. A version bump of an
+existing dependency — **including** security-relevant ones (threatwinds
+SDK, gRPC, protobuf, gofalcon, crypto libraries) — is **not by itself a
+vulnerability** and does **not** count as touching a "security-critical
+path" below. Do not raise a finding or mark Tier 3 merely because a
+security-related module was bumped to a newer version.
+
+A diff that is **only** dependency version bumps is **Tier 1** for the
+vulnerability checks (the information-disclosure check still applies to any
+user-facing text in the diff). Do raise a finding when a dependency change
+is more than a routine bump: a pin to a **known-vulnerable or yanked**
+version, a **downgrade** that reintroduces a fixed CVE, a new dependency
+from an untrusted / typosquatted source, or a `replace` directive
+redirecting a module somewhere unexpected.
+
 ## How to assign tier
 
 - **Tier 1** — No vulnerabilities introduced by this diff AND no
@@ -50,7 +69,9 @@ do not skip it.
   secret handling, installer, token/JWT generation) or introduces a
   high-impact vulnerability (RCE, auth bypass, secret leak). Even if the
   change looks fine, if it touches these paths mark Tier 3 — human
-  verification outweighs your individual confidence.
+  verification outweighs your individual confidence. (A `go.mod` / `go.sum`
+  version bump does **not** count as touching these paths — see *Routine
+  dependency updates* above.)
 
 ## Output
 
 
@@ -47,10 +47,10 @@ write_fallback() {
             tier: 2,
             summary: "AI review could not parse model response — manual review recommended.",
             findings: [{
-                severity: "medium",
+                severity: "high",
                 file: "(n/a)",
                 line: 0,
-                message: $reason
+                message: ($reason + " (fail-safe: a review that cannot run is treated as blocking).")
             }]
         }' > "$OUTPUT_FILE"
     echo "::warning::Wrote fallback result: $reason"
@@ -83,6 +83,19 @@ MODEL="${prompt_model:-$DEFAULT_MODEL}"
 
 echo "::group::AI review — prompt: $prompt_name (model: $MODEL)"
 
+# --- Nothing to review -------------------------------------------------------
+# The diff can be empty after upstream filtering (e.g. a PR that only touches
+# excluded rules/filters/definitions paths). Pass as Tier 1 instead of calling
+# the model with an empty diff.
+if [[ ! -s "$DIFF_FILE" ]] || ! grep -q '[^[:space:]]' "$DIFF_FILE"; then
+    jq -n --arg prompt "$prompt_name" --arg model "$MODEL" \
+        '{prompt: $prompt, model: $model, tier: 1, summary: "No reviewable changes in this diff (excluded paths only).", findings: []}' \
+        > "$OUTPUT_FILE"
+    echo "Empty diff — wrote Tier 1 pass."
+    echo "::endgroup::"
+    exit 0
+fi
+
 # --- Build request body ------------------------------------------------------
 
 prompt_body=$(tail -n "+${body_start}" "$PROMPT_FILE")