{ "version": "act 2.0.0", "url": "https://act101.ai/docs/verification", "operations": [ { "name": "bisect_regression", "anchor": "op-bisect-regression", "description": "Semantic git-bisect: walk good_ref..bad_ref oldest-to-newest, apply verify_diff_semantics to each adjacent commit pair for the target symbol, and return the first commit that introduced a Behavior hunk. Returns BisectResult { target, file, culprit: { commit, author } | null, scanned, modeled_kinds }. Pairs where the file is absent at either revision are skipped. Params: file (string), target (string), good_ref (string), bad_ref (string)", "params": "file (string, repo-root-relative path), target (string, function/method name), good_ref (string, last-known-good git ref), bad_ref (string, currently-failing git ref)", "tier": "architecture" }, { "name": "gate", "anchor": "op-gate", "description": "Deterministic merge gate: discover changed functions from the git diff (working tree vs HEAD, or vs merge-base of base_ref), run verify_diff_semantics + verify_test_impact + verify_side_effects per function, and synthesize MERGE | REVIEW | BLOCK | UNKNOWN per function and overall \u2014 UNKNOWN is never presented as MERGE; unmodeled dimensions and tier-blocked files degrade to UNKNOWN with the evidence quoted. receipts: write verification receipts to .act/receipts/ (consumption of valid receipts is always on). Params: none [, base_ref (string), root (string), receipts (boolean)]", "params": "none [, base_ref (string), root (string)]", "tier": "engineer" }, { "name": "generate_test_harness", "anchor": "op-generate-test-harness", "description": "Generate a test scaffold for a target function \u2014 extracts the Contract (signature, guards, raises) and synthesises a test file with one happy-path case + one case per guard + one case per error path. Supported across tier-1+ programming languages (TypeScript/TSX, JavaScript, Python, Rust, Go, Java, Kotlin, C#, Swift, Ruby, C, C++, PHP, Scala); grammars with no unit-test idiom return supported:false (documented opt-out). Params: file (string), target (string)", "params": "file (string, path to source file), target (string, function name)", "tier": "engineer" }, { "name": "scan", "anchor": "op-scan", "description": "Scan a repository for AI-code security issues (hardcoded credentials, .cursorrules backdoors, MCP-config RCE) and return an AI-Code Health Score + remediation bundle (JSON). Private repos require an act101 scan entitlement; public repos are free. Coverage auto-discovery: conventional lcov reports (coverage/lcov.info, lcov.info, target/coverage/lcov.info) are probed and, when found, test-gap statuses are coverage-evidence-based with the report named (and stale-flagged) in the coverage record. Params: none [, root (string), visibility (\"public\"|\"private\"), files (string[] \u2014 path-scoped scan; report gains scope section, scores cover the selected files only; conflicts with baseline_write), baseline (string \u2014 compare against a committed baseline; report gains new/baselined partition), baseline_write (string \u2014 record current findings as the baseline; full scans only), base_ref (string \u2014 diff-scoped scan vs merge-base(ref, HEAD); report gains scope section; conflicts with baseline_write)]", "params": "none [, root (string), visibility (\"public\"|\"private\"), files (string[] \u2014 path-scoped scan; report gains scope section, scores cover the selected files only; conflicts with baseline_write), baseline (string \u2014 compare against a committed baseline; report gains new/baselined partition), baseline_write (string \u2014 record current findings as the baseline; full scans only), base_ref (string \u2014 diff-scoped scan vs merge-base(ref, HEAD); report gains scope section; conflicts with baseline_write)]", "tier": "free" }, { "name": "secret_surface", "anchor": "op-secret-surface", "description": "Surface secret-touching code in a file \u2014 credential params, token vars, signing keys, env-secret reads, and hardcoded secret literals \u2014 with per-item confidence. Heuristic; LSP upgrades confidence. Params: file (string)", "params": "file (string)", "tier": "engineer" }, { "name": "summarize_pr", "anchor": "op-summarize-pr", "description": "Summarize a changed file by composing verify_diff_semantics across changed symbols and tallying signature, behavior, and format-only changes. Params: file (string) [, base_ref (string)='HEAD', before (string), after (string), targets (string[])]", "params": "file (string) [, base_ref (string)='HEAD', before (string), after (string), targets (string[])].", "tier": "engineer" }, { "name": "taint_flow", "anchor": "op-taint-flow", "description": "Trace tainted (untrusted) data from sources (request params, env/file reads, argv) to dangerous sinks (raw SQL, eval, command exec, fs path, deserialization) across the call graph, with per-flow steps and the unresolved-call frontier. Params: target (string), file (string) [, max_depth (u32), max_nodes (u32)]", "params": "target (string), file (string) [, max_depth (u32), max_nodes (u32)]", "tier": "architecture" }, { "name": "unsafe_surface", "anchor": "op-unsafe-surface", "description": "Surface dangerous constructs in a file \u2014 unsafe blocks, dynamic eval, raw SQL sinks, FFI calls, reflective invocation, unsafe deserialization \u2014 with per-item confidence. Params: file (string)", "params": "file (string)", "tier": "free" }, { "name": "verify_behavioral_equivalence", "anchor": "op-verify-behavioral-equivalence", "description": "Verify two versions of a function have equivalent behavior by structural CFG diff (same branch/loop/exception/return shape). Verdict: equivalent | changed{dimensions} | unknown{reason}. scope='refactor' (default, Engineering) or 'port' (Enterprise, cross-language). Params: target (string), file (string) [, base_ref (string)='HEAD', before (string), after (string), scope (string)='refactor']", "params": "", "tier": "engineer" }, { "name": "verify_contract_preserved", "anchor": "op-verify-contract-preserved", "description": "Verify a function's public + behavioral contract (signature, effects, control-flow shape, return shape, guards, raises) is preserved across two versions. Verdict: preserved | broken{dimensions} | unknown{dimensions} \u2014 never claims preserved on a dimension the grammar does not model. Params: target (string), file (string) [, base_ref (string)='HEAD', before (string), after (string)]", "params": "", "tier": "engineer" }, { "name": "verify_diff_semantics", "anchor": "op-verify-diff-semantics", "description": "Classify how a function changed across two versions: each hunk as format | signature | behavior (rename/move when symbol-identity is available). Uses model diffs (signature via interface, behavior via CFG/effect diff, format via AST-equal-but-text-different). Params: target (string), file (string) [, base_ref (string)='HEAD', before (string), after (string)]", "params": "", "tier": "engineer" }, { "name": "verify_port_parity", "anchor": "op-verify-port-parity", "description": "Cross-language contract equivalence check (v1): compare the source and ported symbol's signature arity, return presence, effect-kind set, CFG shape, and raise count. A dimension that either grammar doesn't model contributes no evidence \u2014 never a false Preserved. Verdict: 'diverged' if any compared dimension differs (dominates); 'preserved' only if all compared dimensions match AND at least two dimensions were jointly modeled (matching signature arity alone is not parity evidence); 'unknown' when too few dimensions are jointly modeled to claim parity (e.g. only signature was comparable). Tier-1 contract analysis runs by default \u2014 no code execution. OPT-IN Tier-2: pass execute=true to ALSO run subprocess differential execution for interpreter languages whose runtime is present (node, python3) and a JSON-able source signature \u2014 it generates inputs, runs both functions under a ulimit resource cap (CPU/address-space/file-size) in a throwaway temp CWD, and diffs their JSON outputs; verified_by becomes 'execution' and an executed output divergence forces 'diverged'. This is a RESOURCE boundary, NOT a security sandbox (no network isolation). When execution is not eligible (compiled language, absent runtime, non-JSON-able signature) it falls back to Tier-1 cleanly with no false parity claim. Returns ParityReport { verdict: preserved|diverged|unknown, dimensions_checked, mismatches, verified_by: 'contract'|'execution', modeled_kinds, execution?: { cases_run, mismatches, note } }. Params: source_file (string), source_target (string), ported_file (string), ported_target (string), execute (bool, optional, default false)", "params": "source_file (string), source_target (string), ported_file (string), ported_target (string), execute (bool, optional, default false)", "tier": "enterprise" }, { "name": "verify_side_effects", "anchor": "op-verify-side-effects", "description": "Diff a function's side effects between two versions (git working-tree vs HEAD by default, or an explicit before/after pair) \u2014 added/removed effects plus the dropped-cleanup class (a removed write/blocking call while an allocation is kept). Params: target (string), file (string) [, base_ref (string)='HEAD', before (string), after (string)]", "params": "", "tier": "engineer" }, { "name": "verify_test_impact", "anchor": "op-verify-test-impact", "description": "The minimal set of tests whose call graph reaches a change \u2014 pass `target` for one changed symbol, or omit it to derive the changed set from the file's before/after symbol diff (git working-tree vs base_ref, or explicit before/after). Composes the call-graph engine + test-file detection. Params: file (string) [, target (string), base_ref (string)='HEAD', before (string), after (string), max_depth (u32)=32]", "params": "file (string) [, target (string), base_ref (string)='HEAD', before (string), after (string), max_depth (u32)=32].", "tier": "engineer" } ] }