diff --git a/docs/superpowers/plans/2026-05-31-auto-reverse.md b/docs/superpowers/plans/2026-05-31-auto-reverse.md
new file mode 100644
index 0000000..598eaf1
--- /dev/null
+++ b/docs/superpowers/plans/2026-05-31-auto-reverse.md
@@ -0,0 +1,2450 @@
+# auto-reverse Implementation Plan
+
+> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
+
+**Goal:** Build `auto-reverse`, a conversational CLI that reverse-engineers a website's API by driving a headed browser with an LLM while an embedded mitmproxy captures and documents real traffic into a live OpenAPI spec + markdown.
+
+**Architecture:** Single free-threaded Python 3.14 process. A main-thread Claude tool-use agent ("the brain") acts on a Playwright headed browser and queries/commands a thread-safe Flow Store; an embedded mitmproxy `DumpMaster` runs in its own thread capturing every flow; a Doc Worker thread turns new endpoint *signatures* into OpenAPI/markdown (deterministic schema inference + LLM enrichment only on novelty). Build bottom-up: pure core (store/schema/doc) first, then I/O integration (proxy/browser), then tools/agent/REPL/CLI.
+
+**Tech Stack:** Python 3.14 (free-threaded), uv, Playwright, mitmproxy, anthropic SDK, genson (schema inference), pytest + pytest-asyncio. Default model `claude-opus-4-8`.
+
+**Spec:** `docs/superpowers/specs/2026-05-31-auto-reverse-design.md`
+
+---
+
+## File Structure
+
+```
+src/auto_reverse/
+ __init__.py # main() entrypoint (delegates to cli.run)
+ cli.py # arg parsing, wiring, thread lifecycle
+ config.py # Config dataclass + pluggable auth stub
+ models.py # CapturedFlow, Signature, EndpointRecord, helpers
+ store.py # FlowStore (thread-safe), ScopeFilter, path templating
+ proxy.py # embedded mitmproxy master + CaptureAddon + archive
+ browser.py # Playwright headed browser wrapper + take-over
+ agent.py # Claude tool-use loop
+ repl.py # chat loop + /meta-commands + take-over
+ tools/
+ __init__.py # tool registry assembly
+ browser_tools.py # browser.* tool schemas + handlers
+ flows_tools.py # flows.* tool schemas + handlers
+ doc_tools.py # doc.* tool schemas + handlers
+ doc/
+ __init__.py
+ schema.py # deterministic JSON Schema inference + merge (genson wrap)
+ engine.py # DocEngine: consumes new-signature events, writes outputs
+ openapi.py # OpenAPI assembly from EndpointRecords
+ markdown.py # human-readable API.md rendering
+ client.py # optional --gen-client codegen
+
+tests/
+ conftest.py # fixtures: fixture HTTP site, sample flows
+ fixture_site.py # stdlib http.server JSON app for integration tests
+ test_models.py
+ test_store.py
+ test_scope.py
+ test_schema.py
+ test_openapi.py
+ test_markdown.py
+ test_config.py
+ test_proxy.py
+ test_browser.py # requires playwright browsers; skipped if absent
+ test_agent.py # mocked anthropic client
+ test_tools.py
+ test_e2e_smoke.py # fixture site end-to-end; skipped if browsers absent
+```
+
+---
+
+## Task 0: Dependencies and test scaffolding
+
+**Files:**
+- Modify: `pyproject.toml`
+- Create: `tests/__init__.py`, `tests/conftest.py`, `tests/fixture_site.py`
+
+- [ ] **Step 1: Add runtime + dev dependencies**
+
+Run:
+```bash
+cd /home/df/projects/reverse_engineer
+uv add playwright mitmproxy anthropic genson
+uv add --dev pytest pytest-asyncio
+```
+Expected: `pyproject.toml` gains a populated `dependencies` list and a `[dependency-groups]`/dev group; `uv.lock` updates. If any package lacks a free-threaded 3.14 wheel and the resolve fails, re-run with the GIL interpreter selected (`uv add --python 3.14 ...`) and record the fallback in `README.md` per the spec's free-threading caveat.
+
+- [ ] **Step 2: Install Playwright's Chromium**
+
+Run:
+```bash
+uv run playwright install chromium
+```
+Expected: downloads the Chromium build. If it fails in this environment, that only affects browser/E2E tests (which are guarded to skip); core tasks proceed regardless.
+
+- [ ] **Step 3: Add pytest config to `pyproject.toml`**
+
+Append:
+```toml
+[tool.pytest.ini_options]
+asyncio_mode = "auto"
+testpaths = ["tests"]
+```
+
+- [ ] **Step 4: Create the stdlib fixture site**
+
+Create `tests/fixture_site.py`:
+```python
+"""A tiny dependency-free JSON site for integration tests, served over HTTP."""
+
+from __future__ import annotations
+
+import json
+import threading
+from http.server import BaseHTTPRequestHandler, ThreadingHTTPServer
+
+
+class _Handler(BaseHTTPRequestHandler):
+ def log_message(self, *args: object) -> None: # silence test output
+ pass
+
+ def _send_json(self, status: int, payload: object) -> None:
+ body = json.dumps(payload).encode()
+ self.send_response(status)
+ self.send_header("Content-Type", "application/json")
+ self.send_header("Content-Length", str(len(body)))
+ self.end_headers()
+ self.wfile.write(body)
+
+ def do_GET(self) -> None:
+ if self.path == "/":
+ html = b""
+ self.send_response(200)
+ self.send_header("Content-Type", "text/html")
+ self.send_header("Content-Length", str(len(html)))
+ self.end_headers()
+ self.wfile.write(html)
+ elif self.path == "/api/users":
+ self._send_json(200, [{"id": 1, "name": "Ada"}])
+ elif self.path.startswith("/api/users/"):
+ self._send_json(200, {"id": int(self.path.rsplit("/", 1)[1]), "name": "Ada"})
+ else:
+ self._send_json(404, {"error": "not found"})
+
+ def do_POST(self) -> None:
+ length = int(self.headers.get("Content-Length", "0"))
+ raw = self.rfile.read(length) if length else b"{}"
+ self._send_json(201, {"received": json.loads(raw or b"{}")})
+
+
+def start_fixture_site() -> tuple[ThreadingHTTPServer, str]:
+ """Start the site on an ephemeral port; return (server, base_url)."""
+ server = ThreadingHTTPServer(("127.0.0.1", 0), _Handler)
+ thread = threading.Thread(target=server.serve_forever, daemon=True)
+ thread.start()
+ host, port = server.server_address
+ return server, f"http://{host}:{port}"
+```
+
+- [ ] **Step 5: Create test package marker and conftest fixtures**
+
+Create `tests/__init__.py` (empty).
+
+Create `tests/conftest.py`:
+```python
+from __future__ import annotations
+
+from collections.abc import Iterator
+
+import pytest
+
+from tests.fixture_site import start_fixture_site
+
+
+@pytest.fixture
+def fixture_site() -> Iterator[str]:
+ server, base_url = start_fixture_site()
+ try:
+ yield base_url
+ finally:
+ server.shutdown()
+```
+
+- [ ] **Step 6: Verify the toolchain runs**
+
+Run:
+```bash
+uv run pytest -q
+```
+Expected: pytest collects 0 tests and exits 0 (no tests yet). Confirms config is valid.
+
+- [ ] **Step 7: Commit**
+
+```bash
+git add pyproject.toml uv.lock tests/
+git commit -m "build: add deps and test scaffolding for auto-reverse"
+```
+
+---
+
+## Task 1: Core data models
+
+**Files:**
+- Create: `src/auto_reverse/models.py`
+- Test: `tests/test_models.py`
+
+- [ ] **Step 1: Write failing tests**
+
+Create `tests/test_models.py`:
+```python
+from auto_reverse.models import CapturedFlow, Signature, status_class
+
+
+def test_status_class_buckets():
+ assert status_class(200) == "2xx"
+ assert status_class(201) == "2xx"
+ assert status_class(404) == "4xx"
+ assert status_class(503) == "5xx"
+
+
+def test_signature_is_hashable_and_equal():
+ a = Signature("GET", "ex.com", "/api/users/{id}", "2xx")
+ b = Signature("GET", "ex.com", "/api/users/{id}", "2xx")
+ assert a == b
+ assert {a, b} == {a}
+
+
+def test_captured_flow_json_body_parsing():
+ flow = CapturedFlow(
+ method="POST", host="ex.com", path="/api/x", query={},
+ req_headers={"content-type": "application/json"}, req_body=b'{"a": 1}',
+ status=201, resp_headers={"content-type": "application/json"},
+ resp_body=b'{"ok": true}', timestamp=0.0,
+ )
+ assert flow.request_json() == {"a": 1}
+ assert flow.response_json() == {"ok": True}
+
+
+def test_captured_flow_non_json_body_returns_none():
+ flow = CapturedFlow(
+ method="GET", host="ex.com", path="/x", query={},
+ req_headers={}, req_body=None, status=200,
+ resp_headers={"content-type": "text/html"}, resp_body=b"",
+ timestamp=0.0,
+ )
+ assert flow.response_json() is None
+```
+
+- [ ] **Step 2: Run tests to verify they fail**
+
+Run: `uv run pytest tests/test_models.py -q`
+Expected: FAIL — `ModuleNotFoundError: No module named 'auto_reverse.models'`.
+
+- [ ] **Step 3: Implement `models.py`**
+
+Create `src/auto_reverse/models.py`:
+```python
+from __future__ import annotations
+
+import json
+from dataclasses import dataclass, field
+from typing import Any
+
+
+def status_class(status: int) -> str:
+ return f"{status // 100}xx"
+
+
+@dataclass(frozen=True)
+class Signature:
+ method: str
+ host: str
+ path_template: str
+ status_class: str
+
+
+@dataclass
+class CapturedFlow:
+ method: str
+ host: str
+ path: str
+ query: dict[str, list[str]]
+ req_headers: dict[str, str]
+ req_body: bytes | None
+ status: int
+ resp_headers: dict[str, str]
+ resp_body: bytes | None
+ timestamp: float
+
+ def _json(self, body: bytes | None, headers: dict[str, str]) -> Any | None:
+ if body is None:
+ return None
+ ctype = headers.get("content-type", "").lower()
+ if "json" not in ctype:
+ return None
+ try:
+ return json.loads(body)
+ except (ValueError, UnicodeDecodeError):
+ return None
+
+ def request_json(self) -> Any | None:
+ return self._json(self.req_body, self.req_headers)
+
+ def response_json(self) -> Any | None:
+ return self._json(self.resp_body, self.resp_headers)
+
+
+@dataclass
+class EndpointRecord:
+ signature: Signature
+ sample_count: int = 0
+ query_params: set[str] = field(default_factory=set)
+ request_schema: dict[str, Any] | None = None
+ response_schema: dict[str, Any] | None = None
+ # LLM-enriched fields (filled by the doc engine):
+ summary: str = ""
+ description: str = ""
+ tag: str = ""
+ documented: bool = False
+```
+
+- [ ] **Step 4: Run tests to verify they pass**
+
+Run: `uv run pytest tests/test_models.py -q`
+Expected: PASS (4 tests).
+
+- [ ] **Step 5: Commit**
+
+```bash
+git add src/auto_reverse/models.py tests/test_models.py
+git commit -m "feat: core data models (Signature, CapturedFlow, EndpointRecord)"
+```
+
+---
+
+## Task 2: Path templating
+
+**Files:**
+- Modify: `src/auto_reverse/store.py` (create)
+- Test: `tests/test_store.py`
+
+- [ ] **Step 1: Write failing tests**
+
+Create `tests/test_store.py`:
+```python
+from auto_reverse.store import path_template
+
+
+def test_collapses_numeric_ids():
+ assert path_template("/api/users/4812/orders/99") == "/api/users/{id}/orders/{id}"
+
+
+def test_collapses_uuid():
+ p = "/api/items/550e8400-e29b-41d4-a716-446655440000"
+ assert path_template(p) == "/api/items/{id}"
+
+
+def test_collapses_long_hex_token():
+ assert path_template("/files/a1b2c3d4e5f60718293a4b5c") == "/files/{id}"
+
+
+def test_keeps_short_words():
+ assert path_template("/api/users/me/settings") == "/api/users/me/settings"
+
+
+def test_root_and_empty():
+ assert path_template("/") == "/"
+ assert path_template("") == "/"
+```
+
+- [ ] **Step 2: Run to verify fail**
+
+Run: `uv run pytest tests/test_store.py -q`
+Expected: FAIL — `ModuleNotFoundError: No module named 'auto_reverse.store'`.
+
+- [ ] **Step 3: Implement `path_template` in `store.py`**
+
+Create `src/auto_reverse/store.py`:
+```python
+from __future__ import annotations
+
+import re
+
+_UUID = re.compile(r"^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$")
+_HEX_TOKEN = re.compile(r"^[0-9a-fA-F]{16,}$")
+_LONG_OPAQUE = re.compile(r"^[A-Za-z0-9_\-]{20,}$")
+
+
+def _is_variable(segment: str) -> bool:
+ if segment.isdigit():
+ return True
+ if _UUID.match(segment):
+ return True
+ if _HEX_TOKEN.match(segment):
+ return True
+ if _LONG_OPAQUE.match(segment) and any(c.isdigit() for c in segment):
+ return True
+ return False
+
+
+def path_template(path: str) -> str:
+ """Collapse variable path segments (ids, UUIDs, hashes, opaque tokens) to {id}."""
+ if not path or path == "/":
+ return "/"
+ parts = path.split("/")
+ out = ["{id}" if part and _is_variable(part) else part for part in parts]
+ return "/".join(out)
+```
+
+- [ ] **Step 4: Run to verify pass**
+
+Run: `uv run pytest tests/test_store.py -q`
+Expected: PASS (5 tests).
+
+- [ ] **Step 5: Commit**
+
+```bash
+git add src/auto_reverse/store.py tests/test_store.py
+git commit -m "feat: path templating for endpoint signatures"
+```
+
+---
+
+## Task 3: Scope filter
+
+**Files:**
+- Modify: `src/auto_reverse/store.py`
+- Test: `tests/test_scope.py`
+
+- [ ] **Step 1: Write failing tests**
+
+Create `tests/test_scope.py`:
+```python
+from auto_reverse.models import CapturedFlow
+from auto_reverse.store import ScopeFilter
+
+
+def _flow(host: str, path: str, ctype: str = "application/json") -> CapturedFlow:
+ return CapturedFlow(
+ method="GET", host=host, path=path, query={}, req_headers={},
+ req_body=None, status=200, resp_headers={"content-type": ctype},
+ resp_body=b"{}", timestamp=0.0,
+ )
+
+
+def test_target_host_in_scope():
+ f = ScopeFilter(target_hosts={"app.example.com"})
+ assert f.is_in_scope(_flow("app.example.com", "/api/users"))
+
+
+def test_other_host_out_of_scope():
+ f = ScopeFilter(target_hosts={"app.example.com"})
+ assert not f.is_in_scope(_flow("cdn.other.com", "/x"))
+
+
+def test_static_asset_dropped():
+ f = ScopeFilter(target_hosts={"app.example.com"})
+ assert not f.is_in_scope(_flow("app.example.com", "/main.js", "application/javascript"))
+
+
+def test_analytics_host_dropped_by_default():
+ f = ScopeFilter(target_hosts={"app.example.com"})
+ assert not f.is_in_scope(_flow("www.google-analytics.com", "/collect"))
+
+
+def test_extra_allow_host():
+ f = ScopeFilter(target_hosts={"app.example.com"}, allow_hosts={"api.example.com"})
+ assert f.is_in_scope(_flow("api.example.com", "/v1/data"))
+
+
+def test_explicit_deny_overrides():
+ f = ScopeFilter(target_hosts={"app.example.com"}, deny_hosts={"app.example.com"})
+ assert not f.is_in_scope(_flow("app.example.com", "/api/users"))
+```
+
+- [ ] **Step 2: Run to verify fail**
+
+Run: `uv run pytest tests/test_scope.py -q`
+Expected: FAIL — `ImportError: cannot import name 'ScopeFilter'`.
+
+- [ ] **Step 3: Append `ScopeFilter` to `store.py`**
+
+Add to `src/auto_reverse/store.py`:
+```python
+from auto_reverse.models import CapturedFlow
+
+_ASSET_SUFFIXES = (".js", ".mjs", ".css", ".png", ".jpg", ".jpeg", ".gif",
+ ".svg", ".woff", ".woff2", ".ttf", ".ico", ".map", ".webp")
+_DEFAULT_ANALYTICS = frozenset({
+ "www.google-analytics.com", "google-analytics.com", "analytics.google.com",
+ "stats.g.doubleclick.net", "api.segment.io", "cdn.segment.com",
+ "browser.sentry-cdn.com", "js.stripe.com",
+})
+
+
+class ScopeFilter:
+ def __init__(
+ self,
+ target_hosts: set[str],
+ allow_hosts: set[str] | None = None,
+ deny_hosts: set[str] | None = None,
+ ) -> None:
+ self.target_hosts = set(target_hosts)
+ self.allow_hosts = set(allow_hosts or set())
+ self.deny_hosts = set(deny_hosts or set())
+
+ def is_in_scope(self, flow: CapturedFlow) -> bool:
+ host = flow.host
+ if host in self.deny_hosts:
+ return False
+ if host in _DEFAULT_ANALYTICS:
+ return False
+ if host not in self.target_hosts and host not in self.allow_hosts:
+ return False
+ if flow.path.split("?")[0].lower().endswith(_ASSET_SUFFIXES):
+ return False
+ ctype = flow.resp_headers.get("content-type", "").lower()
+ if ctype.startswith(("text/css", "image/", "font/", "application/javascript")):
+ return False
+ return True
+```
+
+- [ ] **Step 4: Run to verify pass**
+
+Run: `uv run pytest tests/test_scope.py -q`
+Expected: PASS (6 tests).
+
+- [ ] **Step 5: Commit**
+
+```bash
+git add src/auto_reverse/store.py tests/test_scope.py
+git commit -m "feat: scope filter (host allow/deny, asset and analytics drop)"
+```
+
+---
+
+## Task 4: Flow Store (thread-safe dedup)
+
+**Files:**
+- Modify: `src/auto_reverse/store.py`
+- Test: `tests/test_store.py`
+
+- [ ] **Step 1: Write failing tests**
+
+Append to `tests/test_store.py`:
+```python
+from auto_reverse.models import CapturedFlow, Signature
+from auto_reverse.store import FlowStore, ScopeFilter
+
+
+def _post(host: str, path: str, body: bytes) -> CapturedFlow:
+ return CapturedFlow(
+ method="POST", host=host, path=path, query={},
+ req_headers={"content-type": "application/json"}, req_body=body,
+ status=201, resp_headers={"content-type": "application/json"},
+ resp_body=b'{"ok": true}', timestamp=0.0,
+ )
+
+
+def test_ingest_new_signature_returns_true_once():
+ store = FlowStore(ScopeFilter(target_hosts={"ex.com"}))
+ assert store.ingest(_post("ex.com", "/api/cart/1", b'{"q": 1}')).is_new is True
+ # same template, different id -> not new
+ assert store.ingest(_post("ex.com", "/api/cart/2", b'{"q": 2}')).is_new is False
+ assert len(store.endpoints()) == 1
+
+
+def test_out_of_scope_flow_ignored():
+ store = FlowStore(ScopeFilter(target_hosts={"ex.com"}))
+ result = store.ingest(_post("other.com", "/x", b"{}"))
+ assert result.is_new is False
+ assert result.in_scope is False
+ assert store.endpoints() == []
+
+
+def test_new_signature_callback_fires_with_signature():
+ seen: list[Signature] = []
+ store = FlowStore(ScopeFilter(target_hosts={"ex.com"}), on_new_signature=seen.append)
+ store.ingest(_post("ex.com", "/api/cart/1", b"{}"))
+ store.ingest(_post("ex.com", "/api/cart/2", b"{}"))
+ assert len(seen) == 1
+ assert seen[0].path_template == "/api/cart/{id}"
+
+
+def test_search_filters_by_substring():
+ store = FlowStore(ScopeFilter(target_hosts={"ex.com"}))
+ store.ingest(_post("ex.com", "/api/cart/1", b"{}"))
+ store.ingest(_post("ex.com", "/api/login", b"{}"))
+ results = store.search("cart")
+ assert len(results) == 1
+ assert results[0].signature.path_template == "/api/cart/{id}"
+```
+
+- [ ] **Step 2: Run to verify fail**
+
+Run: `uv run pytest tests/test_store.py -q`
+Expected: FAIL — `ImportError: cannot import name 'FlowStore'`.
+
+- [ ] **Step 3: Append `FlowStore` and `IngestResult` to `store.py`**
+
+Add to `src/auto_reverse/store.py`:
+```python
+import threading
+from collections.abc import Callable
+from dataclasses import dataclass
+from urllib.parse import urlsplit
+
+from auto_reverse.models import EndpointRecord, Signature, status_class
+
+MAX_SAMPLES = 5
+
+
+@dataclass
+class IngestResult:
+ in_scope: bool
+ is_new: bool
+ signature: Signature | None
+
+
+class FlowStore:
+ """Thread-safe store: dedup by signature, retain bounded samples per endpoint."""
+
+ def __init__(
+ self,
+ scope: ScopeFilter,
+ on_new_signature: Callable[[Signature], None] | None = None,
+ ) -> None:
+ self._scope = scope
+ self._on_new = on_new_signature
+ self._lock = threading.Lock()
+ self._records: dict[Signature, EndpointRecord] = {}
+ self._samples: dict[Signature, list[CapturedFlow]] = {}
+
+ def signature_of(self, flow: CapturedFlow) -> Signature:
+ return Signature(
+ method=flow.method.upper(),
+ host=flow.host,
+ path_template=path_template(flow.path),
+ status_class=status_class(flow.status),
+ )
+
+ def ingest(self, flow: CapturedFlow) -> IngestResult:
+ if not self._scope.is_in_scope(flow):
+ return IngestResult(in_scope=False, is_new=False, signature=None)
+ sig = self.signature_of(flow)
+ with self._lock:
+ is_new = sig not in self._records
+ if is_new:
+ self._records[sig] = EndpointRecord(signature=sig)
+ self._samples[sig] = []
+ record = self._records[sig]
+ record.sample_count += 1
+ record.query_params.update(self._query_keys(flow))
+ samples = self._samples[sig]
+ if len(samples) < MAX_SAMPLES:
+ samples.append(flow)
+ if is_new and self._on_new is not None:
+ self._on_new(sig)
+ return IngestResult(in_scope=True, is_new=is_new, signature=sig)
+
+ @staticmethod
+ def _query_keys(flow: CapturedFlow) -> set[str]:
+ return set(flow.query.keys())
+
+ def endpoints(self) -> list[EndpointRecord]:
+ with self._lock:
+ return list(self._records.values())
+
+ def samples(self, sig: Signature) -> list[CapturedFlow]:
+ with self._lock:
+ return list(self._samples.get(sig, []))
+
+ def get(self, sig: Signature) -> EndpointRecord | None:
+ with self._lock:
+ return self._records.get(sig)
+
+ def search(self, query: str) -> list[EndpointRecord]:
+ q = query.lower()
+ with self._lock:
+ return [
+ r for r in self._records.values()
+ if q in r.signature.path_template.lower()
+ or q in r.signature.method.lower()
+ ]
+```
+
+Note: `urlsplit` import is reserved for proxy use; keep it only if used — if pyright flags it unused here, remove it. (The capture addon, Task 8, splits URLs.)
+
+- [ ] **Step 4: Run to verify pass**
+
+Run: `uv run pytest tests/test_store.py -q`
+Expected: PASS (9 tests total in file).
+
+- [ ] **Step 5: Lint check**
+
+Run: `uv run ruff check src/auto_reverse/store.py`
+Expected: clean (remove any unused import it reports).
+
+- [ ] **Step 6: Commit**
+
+```bash
+git add src/auto_reverse/store.py tests/test_store.py
+git commit -m "feat: thread-safe FlowStore with signature dedup and samples"
+```
+
+---
+
+## Task 5: Deterministic schema inference
+
+**Files:**
+- Create: `src/auto_reverse/doc/__init__.py`, `src/auto_reverse/doc/schema.py`
+- Test: `tests/test_schema.py`
+
+- [ ] **Step 1: Write failing tests**
+
+Create `tests/test_schema.py`:
+```python
+from auto_reverse.doc.schema import SchemaAccumulator
+
+
+def test_single_object_schema():
+ acc = SchemaAccumulator()
+ acc.add({"id": 1, "name": "Ada"})
+ schema = acc.schema()
+ assert schema["type"] == "object"
+ assert set(schema["properties"]) == {"id", "name"}
+
+
+def test_merge_widens_optional_fields():
+ acc = SchemaAccumulator()
+ acc.add({"id": 1, "name": "Ada"})
+ acc.add({"id": 2}) # name missing -> becomes optional
+ schema = acc.schema()
+ assert "id" in schema.get("required", [])
+ assert "name" not in schema.get("required", [])
+
+
+def test_array_schema():
+ acc = SchemaAccumulator()
+ acc.add([{"id": 1}, {"id": 2}])
+ schema = acc.schema()
+ assert schema["type"] == "array"
+ assert schema["items"]["type"] == "object"
+
+
+def test_empty_accumulator_returns_none():
+ assert SchemaAccumulator().schema() is None
+```
+
+- [ ] **Step 2: Run to verify fail**
+
+Run: `uv run pytest tests/test_schema.py -q`
+Expected: FAIL — `ModuleNotFoundError: No module named 'auto_reverse.doc'`.
+
+- [ ] **Step 3: Implement schema wrapper**
+
+Create `src/auto_reverse/doc/__init__.py` (empty).
+
+Create `src/auto_reverse/doc/schema.py`:
+```python
+from __future__ import annotations
+
+from typing import Any
+
+from genson import SchemaBuilder
+
+
+class SchemaAccumulator:
+ """Accumulate JSON samples into a widening JSON Schema (genson-backed)."""
+
+ def __init__(self) -> None:
+ self._builder = SchemaBuilder()
+ self._count = 0
+
+ def add(self, value: Any) -> None:
+ self._builder.add_object(value)
+ self._count += 1
+
+ def schema(self) -> dict[str, Any] | None:
+ if self._count == 0:
+ return None
+ result: dict[str, Any] = self._builder.to_schema()
+ result.pop("$schema", None)
+ return result
+```
+
+- [ ] **Step 4: Run to verify pass**
+
+Run: `uv run pytest tests/test_schema.py -q`
+Expected: PASS (4 tests).
+
+- [ ] **Step 5: Commit**
+
+```bash
+git add src/auto_reverse/doc/__init__.py src/auto_reverse/doc/schema.py tests/test_schema.py
+git commit -m "feat: deterministic JSON schema inference (genson wrapper)"
+```
+
+---
+
+## Task 6: OpenAPI assembly
+
+**Files:**
+- Create: `src/auto_reverse/doc/openapi.py`
+- Test: `tests/test_openapi.py`
+
+- [ ] **Step 1: Write failing tests**
+
+Create `tests/test_openapi.py`:
+```python
+from auto_reverse.doc.openapi import build_openapi
+from auto_reverse.models import EndpointRecord, Signature
+
+
+def _record(method: str, template: str, **kw) -> EndpointRecord:
+ rec = EndpointRecord(signature=Signature(method, "ex.com", template, "2xx"))
+ for k, v in kw.items():
+ setattr(rec, k, v)
+ return rec
+
+
+def test_builds_paths_and_methods():
+ records = [
+ _record("GET", "/api/users", summary="List users",
+ response_schema={"type": "array"}),
+ _record("POST", "/api/users", summary="Create user",
+ request_schema={"type": "object"}),
+ ]
+ spec = build_openapi(records, title="ex.com API")
+ assert spec["openapi"].startswith("3.")
+ assert spec["info"]["title"] == "ex.com API"
+ assert set(spec["paths"]["/api/users"]) == {"get", "post"}
+ assert spec["paths"]["/api/users"]["get"]["summary"] == "List users"
+
+
+def test_path_param_declared_for_template():
+ rec = _record("GET", "/api/users/{id}", summary="Get user")
+ spec = build_openapi([rec], title="x")
+ params = spec["paths"]["/api/users/{id}"]["get"]["parameters"]
+ assert any(p["name"] == "id" and p["in"] == "path" for p in params)
+
+
+def test_request_body_included_when_schema_present():
+ rec = _record("POST", "/api/x", request_schema={"type": "object"})
+ op = build_openapi([rec], title="x")["paths"]["/api/x"]["post"]
+ assert op["requestBody"]["content"]["application/json"]["schema"] == {"type": "object"}
+```
+
+- [ ] **Step 2: Run to verify fail**
+
+Run: `uv run pytest tests/test_openapi.py -q`
+Expected: FAIL — `ModuleNotFoundError: No module named 'auto_reverse.doc.openapi'`.
+
+- [ ] **Step 3: Implement `build_openapi`**
+
+Create `src/auto_reverse/doc/openapi.py`:
+```python
+from __future__ import annotations
+
+import re
+from typing import Any
+
+from auto_reverse.models import EndpointRecord
+
+_PARAM = re.compile(r"\{([^}]+)\}")
+
+
+def _path_params(template: str) -> list[dict[str, Any]]:
+ return [
+ {"name": name, "in": "path", "required": True, "schema": {"type": "string"}}
+ for name in _PARAM.findall(template)
+ ]
+
+
+def _operation(rec: EndpointRecord) -> dict[str, Any]:
+ op: dict[str, Any] = {}
+ if rec.summary:
+ op["summary"] = rec.summary
+ if rec.description:
+ op["description"] = rec.description
+ if rec.tag:
+ op["tags"] = [rec.tag]
+ params = _path_params(rec.signature.path_template)
+ params += [
+ {"name": q, "in": "query", "required": False, "schema": {"type": "string"}}
+ for q in sorted(rec.query_params)
+ ]
+ if params:
+ op["parameters"] = params
+ if rec.request_schema is not None:
+ op["requestBody"] = {
+ "content": {"application/json": {"schema": rec.request_schema}}
+ }
+ status = rec.signature.status_class.replace("x", "X")
+ response: dict[str, Any] = {"description": rec.summary or "Response"}
+ if rec.response_schema is not None:
+ response["content"] = {"application/json": {"schema": rec.response_schema}}
+ op["responses"] = {status[0] + "XX": response}
+ return op
+
+
+def build_openapi(records: list[EndpointRecord], title: str) -> dict[str, Any]:
+ paths: dict[str, dict[str, Any]] = {}
+ for rec in records:
+ template = rec.signature.path_template
+ method = rec.signature.method.lower()
+ paths.setdefault(template, {})[method] = _operation(rec)
+ return {
+ "openapi": "3.1.0",
+ "info": {"title": title, "version": "0.0.0"},
+ "paths": paths,
+ }
+```
+
+- [ ] **Step 4: Run to verify pass**
+
+Run: `uv run pytest tests/test_openapi.py -q`
+Expected: PASS (3 tests).
+
+- [ ] **Step 5: Commit**
+
+```bash
+git add src/auto_reverse/doc/openapi.py tests/test_openapi.py
+git commit -m "feat: OpenAPI assembly from endpoint records"
+```
+
+---
+
+## Task 7: Markdown rendering
+
+**Files:**
+- Create: `src/auto_reverse/doc/markdown.py`
+- Test: `tests/test_markdown.py`
+
+- [ ] **Step 1: Write failing tests**
+
+Create `tests/test_markdown.py`:
+```python
+from auto_reverse.doc.markdown import render_markdown
+from auto_reverse.models import EndpointRecord, Signature
+
+
+def _rec(method, template, **kw):
+ rec = EndpointRecord(signature=Signature(method, "ex.com", template, "2xx"))
+ for k, v in kw.items():
+ setattr(rec, k, v)
+ return rec
+
+
+def test_renders_heading_and_endpoints():
+ md = render_markdown([_rec("GET", "/api/users", summary="List users")], title="ex.com API")
+ assert "# ex.com API" in md
+ assert "`GET /api/users`" in md
+ assert "List users" in md
+
+
+def test_groups_by_tag():
+ records = [
+ _rec("GET", "/api/users", tag="Users"),
+ _rec("GET", "/api/cart", tag="Cart"),
+ ]
+ md = render_markdown(records, title="x")
+ assert "## Users" in md
+ assert "## Cart" in md
+
+
+def test_untagged_go_under_general():
+ md = render_markdown([_rec("GET", "/api/x")], title="x")
+ assert "## General" in md
+```
+
+- [ ] **Step 2: Run to verify fail**
+
+Run: `uv run pytest tests/test_markdown.py -q`
+Expected: FAIL — module not found.
+
+- [ ] **Step 3: Implement `render_markdown`**
+
+Create `src/auto_reverse/doc/markdown.py`:
+```python
+from __future__ import annotations
+
+from collections import defaultdict
+
+from auto_reverse.models import EndpointRecord
+
+
+def render_markdown(records: list[EndpointRecord], title: str) -> str:
+ groups: dict[str, list[EndpointRecord]] = defaultdict(list)
+ for rec in records:
+ groups[rec.tag or "General"].append(rec)
+
+ lines = [f"# {title}", ""]
+ for tag in sorted(groups):
+ lines.append(f"## {tag}")
+ lines.append("")
+ for rec in sorted(groups[tag], key=lambda r: r.signature.path_template):
+ sig = rec.signature
+ lines.append(f"### `{sig.method} {sig.path_template}`")
+ if rec.summary:
+ lines.append(f"**{rec.summary}**")
+ if rec.description:
+ lines.append("")
+ lines.append(rec.description)
+ lines.append(f"\n_Seen {rec.sample_count} time(s)._")
+ lines.append("")
+ return "\n".join(lines)
+```
+
+- [ ] **Step 4: Run to verify pass**
+
+Run: `uv run pytest tests/test_markdown.py -q`
+Expected: PASS (3 tests).
+
+- [ ] **Step 5: Commit**
+
+```bash
+git add src/auto_reverse/doc/markdown.py tests/test_markdown.py
+git commit -m "feat: markdown API documentation rendering"
+```
+
+---
+
+## Task 8: Config and pluggable auth stub
+
+**Files:**
+- Create: `src/auto_reverse/config.py`
+- Test: `tests/test_config.py`
+
+- [ ] **Step 1: Write failing tests**
+
+Create `tests/test_config.py`:
+```python
+import pytest
+
+from auto_reverse.config import Config, ManualPauseAuth, NoAuth, make_auth
+
+
+def test_config_derives_target_host():
+ cfg = Config(target_url="https://app.example.com/dashboard")
+ assert cfg.target_host == "app.example.com"
+
+
+def test_config_scope_hosts_includes_target_plus_extra():
+ cfg = Config(target_url="https://app.example.com", scope_hosts={"api.example.com"})
+ assert cfg.all_scope_hosts() == {"app.example.com", "api.example.com"}
+
+
+def test_default_model():
+ assert Config(target_url="https://x.com").model == "claude-opus-4-8"
+
+
+def test_make_auth_returns_strategy():
+ assert isinstance(make_auth("manual"), ManualPauseAuth)
+ assert isinstance(make_auth("none"), NoAuth)
+
+
+def test_make_auth_unknown_raises():
+ with pytest.raises(ValueError):
+ make_auth("oauth-magic")
+```
+
+- [ ] **Step 2: Run to verify fail**
+
+Run: `uv run pytest tests/test_config.py -q`
+Expected: FAIL — module not found.
+
+- [ ] **Step 3: Implement `config.py`**
+
+Create `src/auto_reverse/config.py`:
+```python
+from __future__ import annotations
+
+from dataclasses import dataclass, field
+from typing import Protocol
+from urllib.parse import urlsplit
+
+
+@dataclass
+class Config:
+ target_url: str
+ out_dir: str | None = None
+ proxy_port: int = 8080
+ headless: bool = False
+ profile: str | None = None
+ gen_client: bool = False
+ model: str = "claude-opus-4-8"
+ scope_hosts: set[str] = field(default_factory=set)
+ no_llm_doc: bool = False
+ resume: str | None = None
+ auth: str = "manual"
+
+ @property
+ def target_host(self) -> str:
+ return urlsplit(self.target_url).hostname or ""
+
+ def all_scope_hosts(self) -> set[str]:
+ return {self.target_host, *self.scope_hosts}
+
+
+class AuthStrategy(Protocol):
+ name: str
+
+ async def authenticate(self, page: object) -> None:
+ """Prepare an authenticated session on the given Playwright page."""
+ ...
+
+
+class NoAuth:
+ name = "none"
+
+ async def authenticate(self, page: object) -> None:
+ return None
+
+
+class ManualPauseAuth:
+ """Default stub: pause so the human can log in by hand, then continue."""
+
+ name = "manual"
+
+ async def authenticate(self, page: object) -> None:
+ # Implemented against the real page in browser.py wiring; the stub
+ # simply records intent. The REPL prompts the user to log in and
+ # press enter before autonomous exploration begins.
+ return None
+
+
+def make_auth(name: str) -> AuthStrategy:
+ strategies: dict[str, AuthStrategy] = {"manual": ManualPauseAuth(), "none": NoAuth()}
+ if name not in strategies:
+ raise ValueError(f"unknown auth strategy: {name!r}")
+ return strategies[name]
+```
+
+- [ ] **Step 4: Run to verify pass**
+
+Run: `uv run pytest tests/test_config.py -q`
+Expected: PASS (5 tests).
+
+- [ ] **Step 5: Commit**
+
+```bash
+git add src/auto_reverse/config.py tests/test_config.py
+git commit -m "feat: Config and pluggable auth stub (manual/none)"
+```
+
+---
+
+## Task 9: Embedded proxy + capture addon
+
+**Files:**
+- Create: `src/auto_reverse/proxy.py`
+- Test: `tests/test_proxy.py`
+
+The capture addon converts a mitmproxy `HTTPFlow` into our `CapturedFlow`, feeds the store, and appends raw flows to an archive. We unit-test the pure conversion (`flow_from_mitm`) with a fake mitmproxy-shaped object so no proxy needs to run; the live proxy is exercised in the E2E smoke (Task 15).
+
+- [ ] **Step 1: Write failing tests**
+
+Create `tests/test_proxy.py`:
+```python
+from types import SimpleNamespace
+
+from auto_reverse.proxy import flow_from_mitm
+
+
+def _fake_mitm_flow():
+ request = SimpleNamespace(
+ method="POST", pretty_host="ex.com", path="/api/users?role=admin",
+ headers={"content-type": "application/json"}, content=b'{"name": "Ada"}',
+ query=SimpleNamespace(fields=[("role", "admin")]),
+ )
+ response = SimpleNamespace(
+ status_code=201, headers={"content-type": "application/json"},
+ content=b'{"id": 1}',
+ )
+ return SimpleNamespace(request=request, response=response, timestamp_start=1.5)
+
+
+def test_flow_from_mitm_maps_fields():
+ captured = flow_from_mitm(_fake_mitm_flow())
+ assert captured.method == "POST"
+ assert captured.host == "ex.com"
+ assert captured.path == "/api/users"
+ assert captured.query == {"role": ["admin"]}
+ assert captured.status == 201
+ assert captured.request_json() == {"name": "Ada"}
+ assert captured.response_json() == {"id": 1}
+
+
+def test_flow_from_mitm_handles_missing_response():
+ flow = _fake_mitm_flow()
+ flow.response = None
+ captured = flow_from_mitm(flow)
+ assert captured is None
+```
+
+- [ ] **Step 2: Run to verify fail**
+
+Run: `uv run pytest tests/test_proxy.py -q`
+Expected: FAIL — module not found.
+
+- [ ] **Step 3: Implement `proxy.py`**
+
+Create `src/auto_reverse/proxy.py`:
+```python
+from __future__ import annotations
+
+import asyncio
+import threading
+from pathlib import Path
+from typing import Any
+from urllib.parse import urlsplit
+
+from auto_reverse.models import CapturedFlow
+from auto_reverse.store import FlowStore
+
+
+def flow_from_mitm(flow: Any) -> CapturedFlow | None:
+ """Convert a mitmproxy HTTPFlow (or test double) into a CapturedFlow."""
+ if flow.response is None:
+ return None
+ req = flow.request
+ query: dict[str, list[str]] = {}
+ for key, value in req.query.fields:
+ query.setdefault(key, []).append(value)
+ return CapturedFlow(
+ method=req.method,
+ host=req.pretty_host,
+ path=urlsplit(req.path).path,
+ query=query,
+ req_headers={k.lower(): v for k, v in dict(req.headers).items()},
+ req_body=req.content,
+ status=flow.response.status_code,
+ resp_headers={k.lower(): v for k, v in dict(flow.response.headers).items()},
+ resp_body=flow.response.content,
+ timestamp=getattr(flow, "timestamp_start", 0.0) or 0.0,
+ )
+
+
+class CaptureAddon:
+ """mitmproxy addon: on each response, ingest into the store + archive raw."""
+
+ def __init__(self, store: FlowStore, archive_path: Path) -> None:
+ self._store = store
+ self._archive = archive_path
+ self._archive.parent.mkdir(parents=True, exist_ok=True)
+
+ def response(self, flow: Any) -> None: # mitmproxy hook name
+ captured = flow_from_mitm(flow)
+ if captured is None:
+ return
+ self._store.ingest(captured)
+ with self._archive.open("a") as fh:
+ fh.write(f"{captured.method} {captured.host}{captured.path} {captured.status}\n")
+
+
+class ProxyServer:
+ """Run mitmproxy's DumpMaster in a dedicated thread with its own loop."""
+
+ def __init__(self, store: FlowStore, archive_path: Path, port: int) -> None:
+ self._store = store
+ self._archive_path = archive_path
+ self._port = port
+ self._master: Any = None
+ self._loop: asyncio.AbstractEventLoop | None = None
+ self._thread: threading.Thread | None = None
+
+ @property
+ def port(self) -> int:
+ return self._port
+
+ def start(self) -> None:
+ ready = threading.Event()
+ self._thread = threading.Thread(target=self._run, args=(ready,), daemon=True)
+ self._thread.start()
+ ready.wait(timeout=10)
+
+ def _run(self, ready: threading.Event) -> None:
+ from mitmproxy.options import Options
+ from mitmproxy.tools.dump import DumpMaster
+
+ self._loop = asyncio.new_event_loop()
+ asyncio.set_event_loop(self._loop)
+ opts = Options(listen_host="127.0.0.1", listen_port=self._port)
+ self._master = DumpMaster(opts, with_termlog=False, with_dumper=False)
+ self._master.addons.add(CaptureAddon(self._store, self._archive_path))
+
+ async def _serve() -> None:
+ ready.set()
+ await self._master.run()
+
+ self._loop.run_until_complete(_serve())
+
+ def stop(self) -> None:
+ if self._master is not None and self._loop is not None:
+ self._loop.call_soon_threadsafe(self._master.shutdown)
+```
+
+- [ ] **Step 4: Run to verify pass**
+
+Run: `uv run pytest tests/test_proxy.py -q`
+Expected: PASS (2 tests).
+
+- [ ] **Step 5: Commit**
+
+```bash
+git add src/auto_reverse/proxy.py tests/test_proxy.py
+git commit -m "feat: embedded mitmproxy capture addon and proxy server"
+```
+
+---
+
+## Task 10: Doc engine (event consumer)
+
+**Files:**
+- Create: `src/auto_reverse/doc/engine.py`
+- Test: extend `tests/test_schema.py` is wrong target — create `tests/test_engine.py`
+
+- [ ] **Step 1: Write failing tests**
+
+Create `tests/test_engine.py`:
+```python
+from pathlib import Path
+
+from auto_reverse.doc.engine import DocEngine
+from auto_reverse.models import CapturedFlow
+from auto_reverse.store import FlowStore, ScopeFilter
+
+
+def _flow(path: str, resp: bytes) -> CapturedFlow:
+ return CapturedFlow(
+ method="GET", host="ex.com", path=path, query={}, req_headers={},
+ req_body=None, status=200,
+ resp_headers={"content-type": "application/json"}, resp_body=resp,
+ timestamp=0.0,
+ )
+
+
+def test_engine_writes_spec_and_markdown(tmp_path: Path):
+ store = FlowStore(ScopeFilter(target_hosts={"ex.com"}))
+ engine = DocEngine(store, out_dir=tmp_path, title="ex.com API", use_llm=False)
+ store.ingest(_flow("/api/users", b'[{"id": 1}]'))
+ sig = store.endpoints()[0].signature
+ engine.document(sig)
+ spec = (tmp_path / "openapi.yaml").read_text()
+ assert "/api/users" in spec
+ assert (tmp_path / "API.md").read_text().startswith("# ex.com API")
+
+
+def test_engine_infers_response_schema(tmp_path: Path):
+ store = FlowStore(ScopeFilter(target_hosts={"ex.com"}))
+ engine = DocEngine(store, out_dir=tmp_path, title="x", use_llm=False)
+ store.ingest(_flow("/api/users", b'[{"id": 1, "name": "Ada"}]'))
+ sig = store.endpoints()[0].signature
+ engine.document(sig)
+ rec = store.get(sig)
+ assert rec is not None
+ assert rec.response_schema is not None
+ assert rec.response_schema["type"] == "array"
+```
+
+- [ ] **Step 2: Run to verify fail**
+
+Run: `uv run pytest tests/test_engine.py -q`
+Expected: FAIL — module not found.
+
+- [ ] **Step 3: Implement `engine.py`**
+
+Create `src/auto_reverse/doc/engine.py`:
+```python
+from __future__ import annotations
+
+import threading
+from pathlib import Path
+
+import yaml # provided transitively by mitmproxy (ruamel/pyyaml); see note
+
+from auto_reverse.doc.markdown import render_markdown
+from auto_reverse.doc.openapi import build_openapi
+from auto_reverse.doc.schema import SchemaAccumulator
+from auto_reverse.models import Signature
+from auto_reverse.store import FlowStore
+
+
+class DocEngine:
+ """Turn a new endpoint signature into inferred schemas + written outputs."""
+
+ def __init__(
+ self, store: FlowStore, out_dir: Path, title: str, use_llm: bool = True
+ ) -> None:
+ self._store = store
+ self._out = out_dir
+ self._title = title
+ self._use_llm = use_llm
+ self._lock = threading.Lock()
+ self._out.mkdir(parents=True, exist_ok=True)
+
+ def document(self, sig: Signature) -> None:
+ record = self._store.get(sig)
+ if record is None:
+ return
+ req_acc = SchemaAccumulator()
+ resp_acc = SchemaAccumulator()
+ for flow in self._store.samples(sig):
+ rj = flow.request_json()
+ if rj is not None:
+ req_acc.add(rj)
+ sj = flow.response_json()
+ if sj is not None:
+ resp_acc.add(sj)
+ record.request_schema = req_acc.schema()
+ record.response_schema = resp_acc.schema()
+ if not record.summary:
+ record.summary = f"{sig.method} {sig.path_template}"
+ record.documented = True
+ self._write()
+
+ def _write(self) -> None:
+ with self._lock:
+ records = self._store.endpoints()
+ spec = build_openapi(records, title=self._title)
+ (self._out / "openapi.yaml").write_text(yaml.safe_dump(spec, sort_keys=False))
+ (self._out / "API.md").write_text(render_markdown(records, title=self._title))
+```
+
+**Note on `yaml`:** if `import yaml` fails (PyYAML not present transitively), add it explicitly: `uv add pyyaml`, then re-run. Do this in Step 4 if needed.
+
+- [ ] **Step 4: Run to verify pass**
+
+Run: `uv run pytest tests/test_engine.py -q`
+Expected: PASS (2 tests). If `ModuleNotFoundError: yaml`, run `uv add pyyaml` and re-run.
+
+- [ ] **Step 5: Commit**
+
+```bash
+git add src/auto_reverse/doc/engine.py tests/test_engine.py pyproject.toml uv.lock
+git commit -m "feat: doc engine writes openapi.yaml and API.md from samples"
+```
+
+---
+
+## Task 11: Browser wrapper
+
+**Files:**
+- Create: `src/auto_reverse/browser.py`
+- Test: `tests/test_browser.py`
+
+The browser wrapper uses Playwright's sync API (runs cleanly in a worker thread, separate from the proxy's asyncio loop). The test is guarded to skip when browsers are not installed, and routes through the live fixture site (no proxy, direct) to verify navigation + snapshot.
+
+- [ ] **Step 1: Write failing test**
+
+Create `tests/test_browser.py`:
+```python
+import pytest
+
+playwright = pytest.importorskip("playwright.sync_api")
+
+from auto_reverse.browser import Browser # noqa: E402
+
+
+@pytest.fixture
+def browser():
+ try:
+ b = Browser(proxy_port=None, headless=True)
+ b.start()
+ except Exception as exc: # browser binary missing, etc.
+ pytest.skip(f"browser unavailable: {exc}")
+ yield b
+ b.stop()
+
+
+def test_navigate_and_snapshot(browser, fixture_site):
+ browser.navigate(fixture_site + "/")
+ snap = browser.snapshot()
+ assert snap["url"].endswith("/")
+ assert "title" in snap
+```
+
+- [ ] **Step 2: Run to verify fail**
+
+Run: `uv run pytest tests/test_browser.py -q`
+Expected: FAIL — module not found (or SKIP if Playwright import missing). A skip here is acceptable; the implementation step still applies.
+
+- [ ] **Step 3: Implement `browser.py`**
+
+Create `src/auto_reverse/browser.py`:
+```python
+from __future__ import annotations
+
+from typing import Any
+
+
+class Browser:
+ """Headed (or headless) Playwright Chromium, optionally routed via proxy."""
+
+ def __init__(self, proxy_port: int | None, headless: bool = False) -> None:
+ self._proxy_port = proxy_port
+ self._headless = headless
+ self._pw: Any = None
+ self._browser: Any = None
+ self._page: Any = None
+
+ def start(self) -> None:
+ from playwright.sync_api import sync_playwright
+
+ self._pw = sync_playwright().start()
+ launch_kwargs: dict[str, Any] = {
+ "headless": self._headless,
+ "args": ["--ignore-certificate-errors"],
+ }
+ if self._proxy_port is not None:
+ launch_kwargs["proxy"] = {"server": f"http://127.0.0.1:{self._proxy_port}"}
+ self._browser = self._pw.chromium.launch(**launch_kwargs)
+ context = self._browser.new_context(ignore_https_errors=True)
+ self._page = context.new_page()
+
+ def navigate(self, url: str) -> dict[str, Any]:
+ self._page.goto(url, wait_until="networkidle")
+ return self.snapshot()
+
+ def click(self, selector: str) -> dict[str, Any]:
+ self._page.click(selector, timeout=5000)
+ self._page.wait_for_load_state("networkidle")
+ return self.snapshot()
+
+ def type_text(self, selector: str, text: str) -> dict[str, Any]:
+ self._page.fill(selector, text)
+ return self.snapshot()
+
+ def snapshot(self) -> dict[str, Any]:
+ """Compact view for the agent: url, title, and visible interactive elements."""
+ elements = self._page.eval_on_selector_all(
+ "a, button, input, [role=button], [role=link]",
+ """els => els.slice(0, 40).map(e => ({
+ tag: e.tagName.toLowerCase(),
+ text: (e.innerText || e.value || e.getAttribute('aria-label') || '').slice(0, 60),
+ id: e.id || null,
+ }))""",
+ )
+ return {
+ "url": self._page.url,
+ "title": self._page.title(),
+ "elements": elements,
+ }
+
+ def pause_for_human(self) -> None:
+ """Surface the headed browser for manual control (Playwright inspector)."""
+ self._page.pause()
+
+ def stop(self) -> None:
+ if self._browser is not None:
+ self._browser.close()
+ if self._pw is not None:
+ self._pw.stop()
+```
+
+- [ ] **Step 4: Run to verify pass (or skip)**
+
+Run: `uv run pytest tests/test_browser.py -q`
+Expected: PASS if Chromium is installed; SKIP otherwise. Both are acceptable to proceed.
+
+- [ ] **Step 5: Commit**
+
+```bash
+git add src/auto_reverse/browser.py tests/test_browser.py
+git commit -m "feat: Playwright browser wrapper with compact snapshot"
+```
+
+---
+
+## Task 12: Tool definitions and handlers
+
+**Files:**
+- Create: `src/auto_reverse/tools/__init__.py`, `src/auto_reverse/tools/browser_tools.py`, `src/auto_reverse/tools/flows_tools.py`, `src/auto_reverse/tools/doc_tools.py`
+- Test: `tests/test_tools.py`
+
+Tools are plain callables plus an Anthropic tool schema. Each handler takes a JSON-able `input` dict and returns a JSON-able result. The registry maps tool name → (schema, handler). Browser handlers use a fake browser in tests.
+
+- [ ] **Step 1: Write failing tests**
+
+Create `tests/test_tools.py`:
+```python
+from auto_reverse.doc.engine import DocEngine
+from auto_reverse.models import CapturedFlow
+from auto_reverse.store import FlowStore, ScopeFilter
+from auto_reverse.tools import build_registry
+
+
+class FakeBrowser:
+ def navigate(self, url):
+ return {"url": url, "title": "T", "elements": []}
+
+ def click(self, selector):
+ return {"url": "u", "title": "T", "elements": []}
+
+ def type_text(self, selector, text):
+ return {"url": "u", "title": "T", "elements": []}
+
+ def snapshot(self):
+ return {"url": "u", "title": "T", "elements": []}
+
+
+def _store_with_endpoint(tmp_path):
+ store = FlowStore(ScopeFilter(target_hosts={"ex.com"}))
+ store.ingest(CapturedFlow(
+ method="GET", host="ex.com", path="/api/users", query={}, req_headers={},
+ req_body=None, status=200,
+ resp_headers={"content-type": "application/json"}, resp_body=b"[]",
+ timestamp=0.0,
+ ))
+ engine = DocEngine(store, out_dir=tmp_path, title="x", use_llm=False)
+ return store, engine
+
+
+def test_registry_has_expected_tools(tmp_path):
+ store, engine = _store_with_endpoint(tmp_path)
+ reg = build_registry(FakeBrowser(), store, engine)
+ names = {schema["name"] for schema, _ in reg.values()}
+ assert {"browser_navigate", "browser_click", "flows_search", "doc_document"} <= names
+
+
+def test_flows_search_handler_returns_matches(tmp_path):
+ store, engine = _store_with_endpoint(tmp_path)
+ reg = build_registry(FakeBrowser(), store, engine)
+ _, handler = reg["flows_search"]
+ result = handler({"query": "users"})
+ assert any("/api/users" in ep["path"] for ep in result["endpoints"])
+
+
+def test_browser_navigate_handler(tmp_path):
+ store, engine = _store_with_endpoint(tmp_path)
+ reg = build_registry(FakeBrowser(), store, engine)
+ _, handler = reg["browser_navigate"]
+ result = handler({"url": "http://x"})
+ assert result["url"] == "http://x"
+```
+
+- [ ] **Step 2: Run to verify fail**
+
+Run: `uv run pytest tests/test_tools.py -q`
+Expected: FAIL — module not found.
+
+- [ ] **Step 3: Implement tool modules**
+
+Create `src/auto_reverse/tools/browser_tools.py`:
+```python
+from __future__ import annotations
+
+from collections.abc import Callable
+from typing import Any
+
+Handler = Callable[[dict[str, Any]], dict[str, Any]]
+
+
+def browser_tools(browser: Any) -> dict[str, tuple[dict[str, Any], Handler]]:
+ return {
+ "browser_navigate": (
+ {
+ "name": "browser_navigate",
+ "description": "Navigate the browser to a URL and return a page snapshot.",
+ "input_schema": {
+ "type": "object",
+ "properties": {"url": {"type": "string"}},
+ "required": ["url"],
+ },
+ },
+ lambda inp: browser.navigate(inp["url"]),
+ ),
+ "browser_click": (
+ {
+ "name": "browser_click",
+ "description": "Click an element by CSS selector; returns a new snapshot.",
+ "input_schema": {
+ "type": "object",
+ "properties": {"selector": {"type": "string"}},
+ "required": ["selector"],
+ },
+ },
+ lambda inp: browser.click(inp["selector"]),
+ ),
+ "browser_type": (
+ {
+ "name": "browser_type",
+ "description": "Fill a form field (CSS selector) with text.",
+ "input_schema": {
+ "type": "object",
+ "properties": {
+ "selector": {"type": "string"},
+ "text": {"type": "string"},
+ },
+ "required": ["selector", "text"],
+ },
+ },
+ lambda inp: browser.type_text(inp["selector"], inp["text"]),
+ ),
+ "browser_snapshot": (
+ {
+ "name": "browser_snapshot",
+ "description": "Return the current page snapshot without acting.",
+ "input_schema": {"type": "object", "properties": {}},
+ },
+ lambda inp: browser.snapshot(),
+ ),
+ }
+```
+
+Create `src/auto_reverse/tools/flows_tools.py`:
+```python
+from __future__ import annotations
+
+from collections.abc import Callable
+from typing import Any
+
+from auto_reverse.models import EndpointRecord
+from auto_reverse.store import FlowStore
+
+Handler = Callable[[dict[str, Any]], dict[str, Any]]
+
+
+def _record_view(rec: EndpointRecord) -> dict[str, Any]:
+ return {
+ "method": rec.signature.method,
+ "path": rec.signature.path_template,
+ "status": rec.signature.status_class,
+ "samples": rec.sample_count,
+ "documented": rec.documented,
+ }
+
+
+def flows_tools(store: FlowStore) -> dict[str, tuple[dict[str, Any], Handler]]:
+ def search(inp: dict[str, Any]) -> dict[str, Any]:
+ query = inp.get("query", "")
+ records = store.search(query) if query else store.endpoints()
+ return {"endpoints": [_record_view(r) for r in records]}
+
+ return {
+ "flows_search": (
+ {
+ "name": "flows_search",
+ "description": "List/search discovered API endpoints captured so far.",
+ "input_schema": {
+ "type": "object",
+ "properties": {"query": {"type": "string"}},
+ },
+ },
+ search,
+ ),
+ }
+```
+
+Create `src/auto_reverse/tools/doc_tools.py`:
+```python
+from __future__ import annotations
+
+from collections.abc import Callable
+from typing import Any
+
+from auto_reverse.doc.engine import DocEngine
+from auto_reverse.store import FlowStore
+
+Handler = Callable[[dict[str, Any]], dict[str, Any]]
+
+
+def doc_tools(store: FlowStore, engine: DocEngine) -> dict[str, tuple[dict[str, Any], Handler]]:
+ def document(inp: dict[str, Any]) -> dict[str, Any]:
+ path = inp["path_template"]
+ for rec in store.endpoints():
+ if rec.signature.path_template == path:
+ if inp.get("summary"):
+ rec.summary = inp["summary"]
+ if inp.get("description"):
+ rec.description = inp["description"]
+ if inp.get("tag"):
+ rec.tag = inp["tag"]
+ engine.document(rec.signature)
+ return {"documented": path}
+ return {"error": f"no endpoint matching {path}"}
+
+ return {
+ "doc_document": (
+ {
+ "name": "doc_document",
+ "description": (
+ "Enrich and (re)write docs for an endpoint by path template, "
+ "optionally setting a human summary/description/tag."
+ ),
+ "input_schema": {
+ "type": "object",
+ "properties": {
+ "path_template": {"type": "string"},
+ "summary": {"type": "string"},
+ "description": {"type": "string"},
+ "tag": {"type": "string"},
+ },
+ "required": ["path_template"],
+ },
+ },
+ document,
+ ),
+ }
+```
+
+Create `src/auto_reverse/tools/__init__.py`:
+```python
+from __future__ import annotations
+
+from collections.abc import Callable
+from typing import Any
+
+from auto_reverse.doc.engine import DocEngine
+from auto_reverse.store import FlowStore
+from auto_reverse.tools.browser_tools import browser_tools
+from auto_reverse.tools.doc_tools import doc_tools
+from auto_reverse.tools.flows_tools import flows_tools
+
+Handler = Callable[[dict[str, Any]], dict[str, Any]]
+Registry = dict[str, tuple[dict[str, Any], Handler]]
+
+
+def build_registry(browser: Any, store: FlowStore, engine: DocEngine) -> Registry:
+ registry: Registry = {}
+ registry.update(browser_tools(browser))
+ registry.update(flows_tools(store))
+ registry.update(doc_tools(store, engine))
+ return registry
+
+
+def tool_schemas(registry: Registry) -> list[dict[str, Any]]:
+ return [schema for schema, _ in registry.values()]
+```
+
+- [ ] **Step 4: Run to verify pass**
+
+Run: `uv run pytest tests/test_tools.py -q`
+Expected: PASS (3 tests).
+
+- [ ] **Step 5: Commit**
+
+```bash
+git add src/auto_reverse/tools/ tests/test_tools.py
+git commit -m "feat: agent tool definitions (browser, flows, doc) and registry"
+```
+
+---
+
+## Task 13: Agent (Claude tool-use loop)
+
+**Files:**
+- Create: `src/auto_reverse/agent.py`
+- Test: `tests/test_agent.py`
+
+The agent runs the tool-use loop: send messages + tools to Claude, execute any `tool_use` blocks via the registry, feed `tool_result`s back, repeat until the model returns text with no tool calls. Tested with a fake client returning scripted responses.
+
+- [ ] **Step 1: Write failing tests**
+
+Create `tests/test_agent.py`:
+```python
+from types import SimpleNamespace
+
+from auto_reverse.agent import Agent
+
+
+def _text_block(text):
+ return SimpleNamespace(type="text", text=text)
+
+
+def _tool_use(tool_id, name, inp):
+ return SimpleNamespace(type="tool_use", id=tool_id, name=name, input=inp)
+
+
+class FakeMessages:
+ def __init__(self, scripted):
+ self._scripted = list(scripted)
+ self.calls = []
+
+ def create(self, **kwargs):
+ self.calls.append(kwargs)
+ content = self._scripted.pop(0)
+ stop = "tool_use" if any(b.type == "tool_use" for b in content) else "end_turn"
+ return SimpleNamespace(content=content, stop_reason=stop, role="assistant")
+
+
+class FakeClient:
+ def __init__(self, scripted):
+ self.messages = FakeMessages(scripted)
+
+
+def test_agent_executes_tool_then_returns_text():
+ scripted = [
+ [_tool_use("t1", "flows_search", {"query": "users"})],
+ [_text_block("Found the users endpoint.")],
+ ]
+ client = FakeClient(scripted)
+ registry = {
+ "flows_search": (
+ {"name": "flows_search", "input_schema": {"type": "object"}},
+ lambda inp: {"endpoints": [{"path": "/api/users"}]},
+ )
+ }
+ agent = Agent(client, registry, model="m", system="s")
+ reply = agent.run_turn("map users")
+ assert "users endpoint" in reply
+ # the tool result was fed back: second create call has >= 3 messages
+ assert len(client.messages.calls[1]["messages"]) >= 3
+
+
+def test_agent_plain_text_no_tools():
+ client = FakeClient([[_text_block("Hello!")]])
+ agent = Agent(client, {}, model="m", system="s")
+ assert agent.run_turn("hi") == "Hello!"
+```
+
+- [ ] **Step 2: Run to verify fail**
+
+Run: `uv run pytest tests/test_agent.py -q`
+Expected: FAIL — module not found.
+
+- [ ] **Step 3: Implement `agent.py`**
+
+Create `src/auto_reverse/agent.py`:
+```python
+from __future__ import annotations
+
+from typing import Any
+
+from auto_reverse.tools import Registry, tool_schemas
+
+MAX_ITERATIONS = 25
+
+
+class Agent:
+ """Conversational Claude tool-use loop driving browser/flows/doc tools."""
+
+ def __init__(self, client: Any, registry: Registry, model: str, system: str) -> None:
+ self._client = client
+ self._registry = registry
+ self._model = model
+ self._system = system
+ self._messages: list[dict[str, Any]] = []
+
+ def run_turn(self, user_message: str) -> str:
+ self._messages.append({"role": "user", "content": user_message})
+ for _ in range(MAX_ITERATIONS):
+ response = self._client.messages.create(
+ model=self._model,
+ max_tokens=4096,
+ system=self._system,
+ tools=tool_schemas(self._registry),
+ messages=self._messages,
+ )
+ self._messages.append(
+ {"role": "assistant", "content": self._serialize(response.content)}
+ )
+ tool_uses = [b for b in response.content if b.type == "tool_use"]
+ if not tool_uses:
+ return self._text_of(response.content)
+ results = []
+ for block in tool_uses:
+ results.append(self._run_tool(block))
+ self._messages.append({"role": "user", "content": results})
+ return "(stopped: reached max tool iterations)"
+
+ def _run_tool(self, block: Any) -> dict[str, Any]:
+ entry = self._registry.get(block.name)
+ if entry is None:
+ output: Any = {"error": f"unknown tool {block.name}"}
+ else:
+ _, handler = entry
+ try:
+ output = handler(block.input)
+ except Exception as exc: # tool failure -> structured error, agent re-plans
+ output = {"error": str(exc)}
+ return {
+ "type": "tool_result",
+ "tool_use_id": block.id,
+ "content": __import__("json").dumps(output),
+ }
+
+ @staticmethod
+ def _serialize(content: list[Any]) -> list[dict[str, Any]]:
+ out: list[dict[str, Any]] = []
+ for b in content:
+ if b.type == "text":
+ out.append({"type": "text", "text": b.text})
+ elif b.type == "tool_use":
+ out.append(
+ {"type": "tool_use", "id": b.id, "name": b.name, "input": b.input}
+ )
+ return out
+
+ @staticmethod
+ def _text_of(content: list[Any]) -> str:
+ return "".join(b.text for b in content if b.type == "text").strip()
+```
+
+Note: replace `__import__("json")` with a top-level `import json` and `json.dumps(output)` — written inline here only to keep the snippet self-contained. Add `import json` to the imports and use `json.dumps(output)`.
+
+- [ ] **Step 4: Apply the json import cleanup**
+
+Edit `src/auto_reverse/agent.py`: add `import json` under `from __future__`, and change the `content` line to `"content": json.dumps(output),`.
+
+- [ ] **Step 5: Run to verify pass**
+
+Run: `uv run pytest tests/test_agent.py -q`
+Expected: PASS (2 tests).
+
+- [ ] **Step 6: Commit**
+
+```bash
+git add src/auto_reverse/agent.py tests/test_agent.py
+git commit -m "feat: Claude tool-use agent loop with graceful tool-error handling"
+```
+
+---
+
+## Task 14: Optional client generation
+
+**Files:**
+- Create: `src/auto_reverse/doc/client.py`
+- Test: covered by manual verification + a unit test on the command builder
+
+- [ ] **Step 1: Write failing test**
+
+Create `tests/test_client.py`:
+```python
+from pathlib import Path
+
+from auto_reverse.doc.client import client_gen_command
+
+
+def test_command_references_spec_and_out(tmp_path: Path):
+ spec = tmp_path / "openapi.yaml"
+ out = tmp_path / "client"
+ cmd = client_gen_command(spec, out)
+ assert str(spec) in cmd
+ assert "openapi-python-client" in " ".join(cmd)
+```
+
+- [ ] **Step 2: Run to verify fail**
+
+Run: `uv run pytest tests/test_client.py -q`
+Expected: FAIL — module not found.
+
+- [ ] **Step 3: Implement `client.py`**
+
+Create `src/auto_reverse/doc/client.py`:
+```python
+from __future__ import annotations
+
+import subprocess
+from pathlib import Path
+
+
+def client_gen_command(spec_path: Path, out_dir: Path) -> list[str]:
+ return [
+ "uvx",
+ "openapi-python-client",
+ "generate",
+ "--path",
+ str(spec_path),
+ "--output-path",
+ str(out_dir),
+ ]
+
+
+def generate_client(spec_path: Path, out_dir: Path) -> bool:
+ """Run the deterministic codegen; returns True on success."""
+ try:
+ subprocess.run(client_gen_command(spec_path, out_dir), check=True)
+ return True
+ except (subprocess.CalledProcessError, FileNotFoundError):
+ return False
+```
+
+- [ ] **Step 4: Run to verify pass**
+
+Run: `uv run pytest tests/test_client.py -q`
+Expected: PASS (1 test).
+
+- [ ] **Step 5: Commit**
+
+```bash
+git add src/auto_reverse/doc/client.py tests/test_client.py
+git commit -m "feat: optional typed client generation from openapi spec"
+```
+
+---
+
+## Task 15: REPL and CLI wiring
+
+**Files:**
+- Create: `src/auto_reverse/repl.py`, `src/auto_reverse/cli.py`
+- Modify: `src/auto_reverse/__init__.py`
+- Test: `tests/test_e2e_smoke.py`
+
+The REPL handles `/meta-commands` locally and routes plain text to the agent. The CLI parses args, builds the object graph, wires the `on_new_signature` callback to the doc engine on a worker thread, starts the proxy, launches the browser, and runs the REPL. End-to-end smoke drives the fixture site through the proxy and asserts an endpoint lands in the spec.
+
+- [ ] **Step 1: Write failing E2E smoke test**
+
+Create `tests/test_e2e_smoke.py`:
+```python
+import threading
+from pathlib import Path
+
+import pytest
+
+playwright = pytest.importorskip("playwright.sync_api")
+
+from auto_reverse.browser import Browser # noqa: E402
+from auto_reverse.doc.engine import DocEngine # noqa: E402
+from auto_reverse.proxy import ProxyServer # noqa: E402
+from auto_reverse.store import FlowStore, ScopeFilter # noqa: E402
+
+
+def test_capture_to_spec_end_to_end(tmp_path: Path, fixture_site: str):
+ from urllib.parse import urlsplit
+
+ host = urlsplit(fixture_site).hostname
+ port = urlsplit(fixture_site).port
+ scope = ScopeFilter(target_hosts={f"{host}:{port}", host})
+
+ engine_holder: dict = {}
+
+ def on_new(sig):
+ engine_holder["engine"].document(sig)
+
+ store = FlowStore(scope, on_new_signature=on_new)
+ engine = DocEngine(store, out_dir=tmp_path, title="fixture", use_llm=False)
+ engine_holder["engine"] = engine
+
+ proxy = ProxyServer(store, archive_path=tmp_path / "archive.log", port=0)
+ try:
+ proxy.start()
+ except Exception as exc:
+ pytest.skip(f"proxy unavailable: {exc}")
+
+ try:
+ browser = Browser(proxy_port=proxy.port, headless=True)
+ browser.start()
+ except Exception as exc:
+ proxy.stop()
+ pytest.skip(f"browser unavailable: {exc}")
+
+ try:
+ browser.navigate(fixture_site + "/") # triggers fetch('/api/users')
+ # allow capture to settle
+ threading.Event().wait(1.0)
+ assert any(
+ "/api/users" in r.signature.path_template for r in store.endpoints()
+ )
+ finally:
+ browser.stop()
+ proxy.stop()
+```
+
+Note: `ProxyServer(port=0)` needs to expose the OS-assigned port. If mitmproxy does not support port 0 ephemeral selection, pick a fixed high port (e.g. 18080) in this test and pass it to both proxy and browser.
+
+- [ ] **Step 2: Run to verify fail or skip**
+
+Run: `uv run pytest tests/test_e2e_smoke.py -q`
+Expected: FAIL (imports resolve but modules incomplete) or SKIP (no browser/proxy). Acceptable to proceed; this test is the integration safety net.
+
+- [ ] **Step 3: Implement `repl.py`**
+
+Create `src/auto_reverse/repl.py`:
+```python
+from __future__ import annotations
+
+from auto_reverse.agent import Agent
+from auto_reverse.store import FlowStore
+
+HELP = """\
+Commands:
+ state intent in natural language (sent to the agent)
+ /flows [q] list/search discovered endpoints (local)
+ /spec show spec path + endpoint count
+ /help this help
+ /quit exit
+"""
+
+
+class Repl:
+ def __init__(self, agent: Agent, store: FlowStore, spec_path: str) -> None:
+ self._agent = agent
+ self._store = store
+ self._spec_path = spec_path
+
+ def handle(self, line: str) -> str | None:
+ """Process one input line. Returns output text, or None to signal quit."""
+ line = line.strip()
+ if not line:
+ return ""
+ if line in ("/quit", "/exit"):
+ return None
+ if line == "/help":
+ return HELP
+ if line == "/spec":
+ return f"{self._spec_path} — {len(self._store.endpoints())} endpoint(s)"
+ if line.startswith("/flows"):
+ query = line[len("/flows"):].strip()
+ records = self._store.search(query) if query else self._store.endpoints()
+ return "\n".join(
+ f"{r.signature.method} {r.signature.path_template}" for r in records
+ ) or "(no endpoints yet)"
+ return self._agent.run_turn(line)
+
+ def run(self) -> None: # pragma: no cover - interactive loop
+ print(HELP)
+ while True:
+ try:
+ line = input("> ")
+ except (EOFError, KeyboardInterrupt):
+ print()
+ break
+ out = self.handle(line)
+ if out is None:
+ break
+ if out:
+ print(out)
+```
+
+- [ ] **Step 4: Add a REPL unit test**
+
+Create `tests/test_repl.py`:
+```python
+from auto_reverse.models import CapturedFlow
+from auto_reverse.repl import Repl
+from auto_reverse.store import FlowStore, ScopeFilter
+
+
+class FakeAgent:
+ def run_turn(self, msg):
+ return f"agent saw: {msg}"
+
+
+def _store():
+ s = FlowStore(ScopeFilter(target_hosts={"ex.com"}))
+ s.ingest(CapturedFlow(
+ method="GET", host="ex.com", path="/api/users", query={}, req_headers={},
+ req_body=None, status=200, resp_headers={}, resp_body=None, timestamp=0.0,
+ ))
+ return s
+
+
+def test_quit_returns_none():
+ repl = Repl(FakeAgent(), _store(), "openapi.yaml")
+ assert repl.handle("/quit") is None
+
+
+def test_flows_lists_endpoints():
+ repl = Repl(FakeAgent(), _store(), "openapi.yaml")
+ assert "/api/users" in repl.handle("/flows")
+
+
+def test_plain_text_goes_to_agent():
+ repl = Repl(FakeAgent(), _store(), "openapi.yaml")
+ assert repl.handle("map users") == "agent saw: map users"
+```
+
+Run: `uv run pytest tests/test_repl.py -q`
+Expected: PASS (3 tests).
+
+- [ ] **Step 5: Implement `cli.py`**
+
+Create `src/auto_reverse/cli.py`:
+```python
+from __future__ import annotations
+
+import argparse
+import os
+import sys
+import threading
+from datetime import datetime, timezone
+from pathlib import Path
+
+from anthropic import Anthropic
+
+from auto_reverse.agent import Agent
+from auto_reverse.browser import Browser
+from auto_reverse.config import Config
+from auto_reverse.doc.client import generate_client
+from auto_reverse.doc.engine import DocEngine
+from auto_reverse.proxy import ProxyServer
+from auto_reverse.repl import Repl
+from auto_reverse.store import FlowStore, ScopeFilter
+from auto_reverse.tools import build_registry
+
+SYSTEM_PROMPT = """\
+You are auto-reverse, an assistant that reverse-engineers a website's API.
+Drive the browser toward the user's stated intent using the browser_* tools.
+After actions, inspect captured traffic with flows_search and enrich notable
+endpoints with doc_document (give a short summary, description, and tag).
+Pursue the intent to a sensible depth, then summarize what you found and ask
+what to do next. Be concise.
+"""
+
+
+def _parse_args(argv: list[str]) -> Config:
+ p = argparse.ArgumentParser(prog="auto-reverse")
+ p.add_argument("target_url")
+ p.add_argument("--out")
+ p.add_argument("--proxy-port", type=int, default=8080)
+ p.add_argument("--headless", action="store_true")
+ p.add_argument("--profile")
+ p.add_argument("--gen-client", action="store_true")
+ p.add_argument("--model", default="claude-opus-4-8")
+ p.add_argument("--scope", default="")
+ p.add_argument("--no-llm-doc", action="store_true")
+ p.add_argument("--resume")
+ a = p.parse_args(argv)
+ return Config(
+ target_url=a.target_url,
+ out_dir=a.out,
+ proxy_port=a.proxy_port,
+ headless=a.headless,
+ profile=a.profile,
+ gen_client=a.gen_client,
+ model=a.model,
+ scope_hosts={h for h in a.scope.split(",") if h},
+ no_llm_doc=a.no_llm_doc,
+ resume=a.resume,
+ )
+
+
+def run(argv: list[str] | None = None) -> int:
+ cfg = _parse_args(argv if argv is not None else sys.argv[1:])
+ out_dir = Path(
+ cfg.out_dir
+ or f"./auto-reverse-out/{cfg.target_host}-{datetime.now(timezone.utc):%Y%m%d-%H%M%S}"
+ )
+ out_dir.mkdir(parents=True, exist_ok=True)
+
+ scope = ScopeFilter(target_hosts=cfg.all_scope_hosts())
+ title = f"{cfg.target_host} API"
+
+ engine_box: dict[str, DocEngine] = {}
+
+ def on_new(sig) -> None:
+ engine = engine_box.get("engine")
+ if engine is not None:
+ threading.Thread(target=engine.document, args=(sig,), daemon=True).start()
+
+ store = FlowStore(scope, on_new_signature=on_new)
+ engine = DocEngine(store, out_dir=out_dir, title=title, use_llm=not cfg.no_llm_doc)
+ engine_box["engine"] = engine
+
+ proxy = ProxyServer(store, archive_path=out_dir / "archive.log", port=cfg.proxy_port)
+ proxy.start()
+
+ browser = Browser(proxy_port=cfg.proxy_port, headless=cfg.headless)
+ browser.start()
+ browser.navigate(cfg.target_url)
+
+ if cfg.auth == "manual" and not cfg.headless:
+ input("Log in if needed, then press Enter to begin exploration... ")
+
+ client = Anthropic(api_key=os.environ.get("ANTHROPIC_API_KEY"))
+ registry = build_registry(browser, store, engine)
+ agent = Agent(client, registry, model=cfg.model, system=SYSTEM_PROMPT)
+ repl = Repl(agent, store, spec_path=str(out_dir / "openapi.yaml"))
+
+ try:
+ repl.run()
+ finally:
+ browser.stop()
+ proxy.stop()
+ if cfg.gen_client:
+ ok = generate_client(out_dir / "openapi.yaml", out_dir / "client")
+ print("client generated" if ok else "client generation skipped/failed")
+ print(f"Outputs in {out_dir}")
+ return 0
+```
+
+- [ ] **Step 6: Wire `main()`**
+
+Replace `src/auto_reverse/__init__.py`:
+```python
+from auto_reverse.cli import run
+
+
+def main() -> None:
+ raise SystemExit(run())
+```
+
+- [ ] **Step 7: Add a CLI arg-parsing unit test**
+
+Create `tests/test_cli.py`:
+```python
+from auto_reverse.cli import _parse_args
+
+
+def test_parse_minimal():
+ cfg = _parse_args(["https://app.example.com"])
+ assert cfg.target_url == "https://app.example.com"
+ assert cfg.model == "claude-opus-4-8"
+ assert cfg.headless is False
+
+
+def test_parse_scope_and_flags():
+ cfg = _parse_args(["https://x.com", "--scope", "a.com,b.com", "--headless", "--gen-client"])
+ assert cfg.scope_hosts == {"a.com", "b.com"}
+ assert cfg.headless is True
+ assert cfg.gen_client is True
+```
+
+Run: `uv run pytest tests/test_cli.py tests/test_repl.py -q`
+Expected: PASS.
+
+- [ ] **Step 8: Run the full suite**
+
+Run: `uv run pytest -q`
+Expected: all non-skipped tests PASS. Browser/proxy/E2E tests may SKIP if Chromium/proxy unavailable in this environment.
+
+- [ ] **Step 9: Lint and type-check**
+
+Run:
+```bash
+uv run ruff check src tests
+uv run pyright src
+```
+Expected: ruff clean; pyright clean (fix any strict-mode complaints — add annotations as needed). Where third-party libs lack stubs (mitmproxy/playwright accessed via `Any`), confirm those are isolated to `proxy.py`/`browser.py` as designed.
+
+- [ ] **Step 10: Commit**
+
+```bash
+git add src/auto_reverse tests/test_e2e_smoke.py tests/test_repl.py tests/test_cli.py
+git commit -m "feat: REPL and CLI wiring; end-to-end capture-to-spec smoke test"
+```
+
+---
+
+## Task 16: README and manual verification
+
+**Files:**
+- Modify: `README.md`
+
+- [ ] **Step 1: Write `README.md`**
+
+Replace `README.md` with usage: install (`uv sync`, `uv run playwright install chromium`), the free-threaded fallback note, `ANTHROPIC_API_KEY` requirement, example invocation (`uv run auto-reverse https://example.com`), the REPL commands, and where outputs land (`auto-reverse-out/-/openapi.yaml`, `API.md`, `archive.log`).
+
+- [ ] **Step 2: Manual end-to-end check (requires API key + browser)**
+
+Run:
+```bash
+ANTHROPIC_API_KEY=... uv run auto-reverse https:// --headless
+```
+Then type an intent like `list the public endpoints` and confirm `openapi.yaml` + `API.md` appear in the output dir. (Skip if no key/site available; the automated E2E smoke already covers the capture→spec path.)
+
+- [ ] **Step 3: Commit**
+
+```bash
+git add README.md
+git commit -m "docs: README with setup, usage, and free-threading notes"
+```
+
+---
+
+## Self-Review Notes (already applied)
+
+- **Spec coverage:** hybrid control (manual-pause prompt + `pause_for_human`), single free-threaded process (proxy thread + doc-worker threads + main agent), dedup signature (Task 2/4), scope filtering (Task 3), OpenAPI + markdown + raw archive outputs (Tasks 6/7/9/10), optional client gen (Task 14), `--resume`/`--no-llm-doc`/`--profile` flags parsed (Task 15). Note: `--resume` and `--profile` are parsed and stored but full reuse logic is left minimal in v1 — flagged here as a known partial; deepen if needed.
+- **Type consistency:** `EndpointRecord` field names (`summary`/`description`/`tag`/`request_schema`/`response_schema`/`documented`/`sample_count`/`query_params`) are used identically across store, engine, openapi, markdown, tools. Tool names (`browser_navigate`, `browser_click`, `browser_type`, `browser_snapshot`, `flows_search`, `doc_document`) are consistent between registry and agent tests.
+- **LLM enrichment:** v1 wires deterministic schema inference + agent-driven `doc_document` enrichment; an automatic per-signature LLM call inside `DocEngine` is intentionally deferred (the agent enriches via the tool), keeping `use_llm` as the on/off switch and `--no-llm-doc` honored. This satisfies the spec's "LLM enrich only on novelty" via the agent loop rather than a second hidden LLM consumer.