Adds kimi_architect as a fifth check kind in the auditor. Runs
sequentially after static/dynamic/inference/kb_query, consumes their
findings as context, and asks Kimi For Coding "what did everyone
miss?" — targeting load-bearing issues that deepseek N=3 voting can't
see (compile errors, false telemetry, schema bypasses, determinism
leaks). 7/7 grounded on the distillation v1.0.0 audit experiment
2026-04-27.
Off by default. Enable on the lakehouse-auditor service:
systemctl edit lakehouse-auditor.service
Environment=LH_AUDITOR_KIMI=1
Tunable env (all optional):
LH_AUDITOR_KIMI_MODEL default kimi-for-coding
LH_AUDITOR_KIMI_MAX_TOKENS default 12000
LH_GATEWAY_URL default http://localhost:3100
Guardrails:
- Failure-isolated. Any Kimi error / 429 / TOS revocation returns a
single info-level skip-finding so the existing pipeline never blocks
on a Kimi outage.
- Cost-bounded. Cached verdicts at data/_auditor/kimi_verdicts/<pr>-
<sha>.json with 24h TTL — re-audits within the window return cached
findings instead of re-calling upstream. New commits produce new
SHAs so caching is per-head, not per-day.
- 6min upstream timeout (vs 2min for openrouter inference) — Kimi is
a reasoning model and the audit prompt is large.
- Grounding verification baked in. Every finding's cited file:line is
greppped against the actual file before the verdict is persisted.
Per-finding evidence carries [grounding: verified at FILE:LINE] or
[grounding: line N > EOF] / [grounding: file not found]. Confab-
ulation rate goes into data/_kb/kimi_audits.jsonl as grounding_rate
for "is this still valuable" tracking.
Persisted artifacts:
data/_auditor/kimi_verdicts/<pr>-<sha>.json full verdict + raw
Kimi response + grounding
data/_kb/kimi_audits.jsonl one row per call:
latency, tokens, findings,
grounding rate
Verdict-rendering: kimi_architect now appears in the per-check
sections of the human-readable comment posted to PRs (auditor/audit.ts
checkOrder), after kb_query.
Verification:
bun build auditor/checks/kimi_architect.ts compiles
bun build auditor/audit.ts compiles
parser sanity (3-finding fixture) 3/3 lifted correctly
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
All-Bun sub-agent that watches open PRs on Gitea, reads ship-claims,
and hard-blocks merges when the code doesn't back the claim. First
commit of N; this is the skeleton. Dynamic/static/inference/kb checks
+ poller land in follow-up commits on this same branch.
- auditor/types.ts — Claim, Finding, Verdict, PrSnapshot shapes
- auditor/gitea.ts — minimal API client (listOpenPrs, getPrDiff,
postCommitStatus, postReview). Live-proven: returned 0 open PRs
against our repo (which IS the current state — every commit today
went to main directly, which is the problem this auditor is meant
to prevent)
- auditor/policy.ts — stub `assembleVerdict` + severity rules.
Intentionally conservative defaults: strong claim + zero evidence
= block, not warn.
- auditor/README.md — how to run + the hard-block mechanism
Workflow discipline change: starting with this branch, no more
direct pushes to main. Every change lands as a PR. When this
auditor is fully built and running, it'll review its own
completion PR — the recursive self-test.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
