> For the complete documentation index, see [llms.txt](https://ai-os-and-trend-finder.gitbook.io/ai-os-and-trend-finder-docs/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://ai-os-and-trend-finder.gitbook.io/ai-os-and-trend-finder-docs/.spec_system/archive/sessions/phase40-session07-connection-probe-parity/code-review.md).

# Code Review and Repair Report

**Session ID**: `phase40-session07-connection-probe-parity` **Reviewed**: 2026-07-03 **Base Commit**: `b871f8890d43d8cd0626eb894b760c590a6219d6` **Scope**: All changes since the base commit (uncommitted work plus mid-session commits) **Result**: RESOLVED

## Review Surface

**Files reviewed** (all changes since the base commit):

* `.spec_system/state.json` - tracked-modified
* `.spec_system/specs/phase40-session07-connection-probe-parity/spec.md` - untracked text
* `.spec_system/specs/phase40-session07-connection-probe-parity/tasks.md` - untracked text
* `.spec_system/specs/phase40-session07-connection-probe-parity/implementation-notes.md` - untracked text
* `scripts/lib/hermes-connection-probes.ts` - untracked text
* `scripts/lib/__tests__/hermes-connection-probes.test.ts` - untracked text
* `scripts/lib/hermes-dev-bridge.ts` - tracked-modified
* `scripts/lib/__tests__/hermes-dev-bridge.test.ts` - tracked-modified
* `src/lib/hermes-types.ts` - tracked-modified
* `src/lib/__tests__/hermes-types.test.ts` - tracked-modified
* `src/hooks/__tests__/use-hermes.test.tsx` - tracked-modified
* `src/components/hermes/hermes-connections.tsx` - tracked-modified
* `src/components/hermes/__tests__/hermes-sections.test.tsx` - tracked-modified
* `src/lib/hermes-demo-data.ts` - tracked-modified

**Generated by this command**:

* `.spec_system/specs/phase40-session07-connection-probe-parity/code-review.md`

**Inventory commands**: `git status`, `git log --oneline "$BASE"..HEAD`, `git diff "$BASE"`, `git diff --cached "$BASE"`, `git ls-files --others --exclude-standard`

Mid-session commits: none. Staged changes: none.

## Findings by Severity

### Critical

* No findings.

### High

* No findings.

### Medium

* `scripts/lib/hermes-connection-probes.ts:216` - Injected probe definitions were checked against the command/argv allowlist but were then executed using the injected candidate's metadata and timeout. A bridge/test injection path could preserve an allowlisted command while changing browser-visible `name`/`slug` or widening `timeoutMs`, weakening the status-only and timeout-bounded contract. | Fix: canonicalized every matching candidate back to the built-in allowlisted probe before CLI resolution, execution, result mapping, and caching; added regression coverage for metadata and timeout override attempts in `scripts/lib/__tests__/hermes-connection-probes.test.ts`. | Status: FIXED

### Low

* `.spec_system/specs/phase40-session07-connection-probe-parity/spec.md` and `.spec_system/specs/phase40-session07-connection-probe-parity/implementation-notes.md` - In-scope session Markdown did not pass the configured Prettier check. | Fix: ran Prettier on only those two in-scope session artifacts. | Status: FIXED

## Assumptions and Deliberate Non-Fixes

* `bun run format:check` still fails on 33 pre-existing `.spec_system` Markdown files outside this session's review surface. Those files were not changed because `creview` is scoped to changes since the base commit, and the changed-file Prettier check now passes.

## Behavior Changes

* Probe helper injection now uses canonical built-in probe metadata and timeout for allowlisted candidates. Default production probe behavior is unchanged.

## Verification

* Tests: `bunx vitest run scripts/lib/__tests__/hermes-connection-probes.test.ts` - PASS - 1 file, 7 tests.
* Tests: `bunx vitest run scripts/lib/__tests__/hermes-connection-probes.test.ts scripts/lib/__tests__/hermes-dev-bridge.test.ts src/lib/__tests__/hermes-types.test.ts src/hooks/__tests__/use-hermes.test.tsx src/components/hermes/__tests__/hermes-sections.test.tsx` - PASS - 5 files, 141 tests.
* Tests: `bun run test` - PASS - 410 files, 4719 tests.
* Type checker: `bun run typecheck:scripts` - PASS.
* Type checker: `bun run typecheck` - PASS.
* Linter: `bun run lint` - PASS.
* Formatter: `bunx prettier --check [review-surface files]` - PASS.
* Formatter: `bun run format:check` - FAIL - 33 pre-existing `.spec_system` Markdown files outside the review surface remain unformatted.
* Whitespace: `git diff --check` - PASS.
* Encoding: review-surface ASCII and CRLF scan - PASS.
* Final diff re-read: no remaining in-scope issues.

## Summary

1. Reviewed 14 original review-surface files covering the new CLI probe helper, Hermes connections bridge integration, browser parser, hook fixtures, component rendering, demo fixture, tests, and session artifacts.
2. Findings: 0 critical, 0 high, 1 medium, 1 low; all in-scope findings fixed.
3. Deliberately did not format unrelated historical `.spec_system` Markdown files because they are outside the base-commit review surface.
4. Verification passed for focused tests, full Vitest, script/app typechecks, lint, changed-file formatting, whitespace, and encoding. Repo-wide formatting still reports unrelated pre-existing Markdown warnings.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://ai-os-and-trend-finder.gitbook.io/ai-os-and-trend-finder-docs/.spec_system/archive/sessions/phase40-session07-connection-probe-parity/code-review.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
