feat: agentic orchestrator — forge detector, plugin protocol, LangGraph agent, Gittuf (example) and reproducibility plugins

[Marc-cn]

Summary

Extends Darnit toward the agentic/skills-based workflow. Darnit can now drive its own audit pipeline via darnit run, and external tools can plug in via a plugin protocol.

What was built:

• Forge / CI detector — init_project_config() now auto-detects hosting platform, CI system, and build tool, writing results to .project.yaml. Moves detection logic into the framework core rather than repeating it in each plugin.

• Plugin protocol extension — ComplianceImplementation now supports three optional action handlers: get_check_handlers(), get_context_handlers(), get_remediation_handlers(). Backwards compatible existing plugins unaffected.

• LangGraph state machine — darnit/agent/graph.py drives the full pipeline: load context → run checks → collect context → remediate → finish. Replaces the passive MCP-only model with an autonomous agent.

• Bring-your-own LLM — darnit/llm/backends.py adds Anthropic, OpenAI, and Ollama backends. PENDING_LLM results are now resolved directly in standalone mode.

• Gittuf plugin — packages/darnit-gittuf is a reference external plugin implementing the new protocol. Three controls: GittufInitialized, GittufPolicyValid, CommitsSigned.

• Reproducibility module — packages/darnit-reproducibility adds a new compliance domain with 5 controls across 3 levels: DependenciesPinned, BuildEnvDeclared, HermeticBuild, ProvenanceExists, BitForBitReproducible.

• darnit run CLI command — triggers the full agentic pipeline from the terminal. "darnit run ."

Type of Change

• Bug fix (non-breaking change fixing an issue)
• New feature (non-breaking change adding functionality)
• Breaking change (fix or feature causing existing functionality to change)
• Documentation update
• Refactoring (no functional changes)

Framework Changes Checklist

If this PR modifies the darnit framework (packages/darnit/):

• [x ] Updated framework spec (openspec/specs/framework-design/spec.md) if behavior changed
  note: validate_sync.py and generate_docs.py fail on Windows due to a pre-existing cp1252 encoding issue (UnicodeDecodeError on spec.md). Not caused by this PR, same failure exists on main branch on Windows.
• Ran uv run python scripts/validate_sync.py --verbose and it passes
• Ran uv run python scripts/generate_docs.py and committed any doc changes

Control/TOML Changes Checklist

If this PR modifies controls or TOML configuration:

• [x ] Control metadata defined in TOML (not Python code)
• SARIF fields (description, severity, help_url) included where appropriate
• Ran validation to confirm TOML schema compliance

Testing

• Tests pass locally (uv run pytest tests/ -v)
• Added tests for new functionality (if applicable)
• [x ] Linting passes (uv run ruff check .)

Additional Notes

• validate_sync.py and generate_docs.py fail on Windows due to a pre-existing cp1252 encoding issue unrelated to this PR
• SARIF fields not yet added to gittuf.toml and reproducibility.toml, known gap
• darnit run only executes the OpenSSF baseline, Gittuf and reproducibility controls not yet wired into the agent loop
• Tested locally: 4 plugins discovered, 62 controls checked, 27 passed

[kusari-inspector]

Kusari Analysis Results:

✅ No Flagged Issues Detected
All values appear to be within acceptable risk parameters.

After synthesizing both analyses, the combined risk profile supports proceeding with this PR. The code analysis recommended DO NOT PROCEED solely because its dependency scanner was disabled (govulncheck_run: false), leaving it unable to confirm whether CVE-2026-34070 (HIGH severity path traversal in langchain-core@1.2.20) had been resolved. The dependency analysis directly fills this gap, explicitly confirming that langchain-core has been upgraded to 1.2.24, which resolves CVE-2026-34070. The condition stated by the code analysis ('upgrade langchain-core to >= 1.2.22 and confirm via dependency scan') is fully satisfied. The only remaining code-level findings are 2 LOW severity dynamic URL construction issues in llm/backends.py and storage/backends.py, both using configuration-time values (not user-controlled input), making them non-actionable and not a meaningful risk. License concerns on transitive dependencies (jsonpointer, jsonpatch, xxhash, orjson) are minor and likely reflect tool classification limitations rather than true licensing conflicts. No secrets, workflow issues, or unresolved high/critical vulnerabilities remain. The PR is safe to merge.

Note

View full detailed analysis result for more information on the output and the checks that were run.

---

@kusari-inspector rerun - Trigger a re-analysis of this PR
@kusari-inspector feedback [your message] - Send feedback to our AI and team
See Kusari's documentation for setup and configuration.
Commit: 6165772, performed at: 2026-04-02T15:44:51Z

Found this helpful? Give it a 👍 or 👎 reaction!

[kusari-inspector]

Kusari PR Analysis rerun based on - 6165772 performed at: 2026-04-02T15:45:39Z - link to updated analysis

[mlieberman85]

Closing in favor of the split PRs (#137, #138, #139, #143) which cover the same ground with cleaner scope and history. The Gittuf plugin from this PR doesn't appear in the split PRs — please open a separate PR for it if still needed.