Documentation Index
Fetch the complete documentation index at: https://docs.sigilix.ai/llms.txt
Use this file to discover all available pages before exploring further.
This page covers the ~18 production shipments between the Phase 3 single-agent baseline and today. Items are grouped by theme, not chronology — when you’re catching up, capability changes matter more than dates.
Theme 1: Deterministic signals before the LLMs
The pre-LLM layer didn’t exist in Phase 3. In Phase 4 it became a load-bearing tier — cheap, certain, authoritative.
| Ship | What changed | Reference |
|---|
| ARC-187 — Built-in secret scanning | Regex sweep over added diff lines for AWS, Stripe, GitHub, GCP, Slack, OpenAI/Anthropic, JWT patterns. Findings always critical, post before the LLM specialists see the diff. | Secret Scanning |
| ARC-181 — AST rule-pack scanner | JS/TS AST scanner running a starter rule pack (currently no-eval-call). ESLint-shaped rules, room to grow. | Deterministic Checks |
ARC-193 — deterministicChecks in sigilix.json | User-defined regex rules in sigilix.json v3. Matches inject as findings the specialists treat as facts. | Writing Deterministic Checks |
Theme 2: Memory & state
Phase 3 reviews were stateless. Phase 4 reviews remember.
| Ship | What changed | Reference |
|---|
| ARC-189 — Cross-PR review memory | Sigilix records accept/dismiss feedback signals per finding category, per repo. Future reviews calibrate flag-worthiness against that history. | Review Memory |
| ARC-184 — Review provenance & stale markers | Every review carries a manifest of which models/specialists ran. Reviews on outdated SHAs are marked, never silently re-used. | Review Provenance |
| ARC-194 — Incremental review on synchronize | Pushing a new commit only re-reviews what changed. Findings on unchanged lines carry forward with a “still applies” marker. | Review Lifecycle |
Theme 3: Evidence & provenance
Sigilix now consumes — and emits — structured evidence that external tools can produce or consume.
| Ship | What changed | Reference |
|---|
| ARC-186 — Dependency vulnerability scan | Bundled npm CVE database, range-aware and transitive-aware. Inline findings on lockfile diffs. | Dependency Vulnerabilities |
| ARC-188 — SARIF evidence channel | Upload Trivy / Semgrep / gitleaks / CodeQL SARIF v2.1.0 reports as PR artifacts; Sigilix pulls them in and injects high-severity findings as authoritative evidence. | SARIF Evidence |
| ARC-180 — Fix Plan | The synthesizer renders a prioritized repair queue at the top of each review — what to fix first, in what order. | (in-product) |
Theme 4: Interactivity
Phase 3 was a one-way comment. Phase 4 added slash commands and conversation.
| Ship | What changed | Reference |
|---|
ARC-178 — /sigilix review | Re-run the full specialist ensemble on demand. | Slash Commands |
ARC-179 — /sigilix improve | Apply-able suggested-change comments — clickable patches, not just commentary. | Slash Commands |
ARC-191 — /sigilix describe | Draft a PR description, internal changelog, or external changelog. Three modes: pr / internal / external. | Slash Commands |
/sigilix help — Inline command list | Quick reference reply for the available commands. | Slash Commands |
Theme 5: Per-repo control surface
sigilix.json grew through three additive versions during Phase 4.
| Ship | What changed | Reference |
|---|
ARC-174 — sigilix.json v1 | First version of the per-repo config file: guidance + rules.<role>. | Configuration reference |
ARC-176 — sigilix.json v2 | Added pathFilters (glob includes/excludes) and profile (chill / assertive review tone). | Path Filters & Profile |
ARC-185 — commands block | Per-command prompt addenda and model overrides in sigilix.json. | Slash Commands |
| ARC-183 — Sensitivity controls | Operator-side denylist gate for sensitive repos. | Configuration reference |
Theme 6: Reliability & infrastructure
The least-glamorous theme and the most production-impactful.
| Ship | What changed | |
|---|
| Phase 4a.1 — Timeouts + perf-primary swap + synth timeout handling | Performance specialist primary moved to glm-5.1:cloud after shadow telemetry; synthesizer learned to handle partial specialist outputs gracefully. | |
Phase 4a.2 — wrapFailure across abort path | Specialist abort signals propagate through Promise.allSettled correctly. No more silently-dropped failures. | |
| Phase 4a.3 — Specialist budget rebalance | Logic specialist budget extended to 270s to fund the cross-provider fallback after the primary’s first retry. | |
Phase 4a.4 — Per-attempt timeout cap in runWithRetryAndFallback | Every model call has a hard ceiling; total review duration is bounded as attempts × cap. | |
| ARC-190 — Durable-Object split of pr-review webhook ingest | Per-PR serialization across regions. Two concurrent webhooks on the same PR can no longer post duplicate reviews. | Durable Objects |
Theme 7: Brand & rename
The product was renamed mid-Phase-4. The visible-surface rename landed; the codebase still uses the old worker name in a few places by design (deploy config, log streams).
| Ship | What changed |
|---|
Rebrand openclaw-worker → sigilix | Visible-surface rename across PR comments, prompts, and response bodies. |
| Indexer fix post-rename | Codebase indexer restored after the worker rename broke its identification path. See Known Issues. |
What’s next
Items on deck (not yet landed):
- Stage 2 of the duplicate-comment race fix — Port
handlePrOverview to a Durable Object mirroring ARC-190’s PrReviewRunDO pattern. Stage 1 (a post-Ollama second-pass dedupe in arc-156) is shipped.
- Cross-ecosystem dependency scanning — Cargo, Go modules, Python pip beyond the current npm-only coverage.
- Pro / Max insights dashboard — Surface review memory state, usage trends, and per-category accept/dismiss ratios.
If something here is missing or wrong, file an issue at the GitHub org.
