import { BaseAgent, AgentContext, AgentResult } from "./base.js";

export class SecurityAuditorAgent extends BaseAgent {
  readonly name = "security-auditor";
  readonly description = "Auto-dispositions threats: low=accept, medium=mitigate, high=escalate.";
  readonly workflow = "verify";

  async execute(context: AgentContext): Promise<AgentResult> {
    const start = Date.now();
    this.log("Running security audit...");
    if (context.backend) {
      const result = await this.executeViaBackend(
        context,
        `Perform security audit for phase ${context.phase}. Specification: ${context.specification}`
      );
      return { ...result, duration_ms: Date.now() - start };
    }
    return {
      success: false,
      output: "Security auditing requires an intelligence backend. Configure one with: ci init --backend",
      artifacts_created: [],
      decisions: 0,
      escalations: 0,
      duration_ms: Date.now() - start,
      error: "No intelligence backend available",
    };
  }
}