@delegance/claude-autopilot 2.4.0 → 5.0.0-alpha.1

package/src/cli/pr.ts

@@ -0,0 +1,76 @@
+import * as path from 'node:path';
+import * as fs from 'node:fs';
+import { spawnSync } from 'node:child_process';
+import { runCommand } from './run.ts';
+
+const C = {
+  reset: '\x1b[0m', bold: '\x1b[1m', dim: '\x1b[2m',
+  green: '\x1b[32m', yellow: '\x1b[33m', red: '\x1b[31m',
+};
+const fmt = (c: keyof typeof C, t: string) => `${C[c]}${t}${C.reset}`;
+
+export interface PrCommandOptions {
+  cwd?: string;
+  configPath?: string;
+  prNumber?: string;
+  noPostComments?: boolean;
+  noInlineComments?: boolean;
+}
+
+function ghJson<T>(args: string[], cwd: string): T | null {
+  const r = spawnSync('gh', args, { cwd, encoding: 'utf8' });
+  if (r.status !== 0) return null;
+  try { return JSON.parse(r.stdout) as T; } catch { return null; }
+}
+
+function gitFetch(remote: string, ref: string, cwd: string): boolean {
+  const r = spawnSync('git', ['fetch', remote, ref], { cwd, encoding: 'utf8', stdio: 'pipe' });
+  return r.status === 0;
+}
+
+export async function runPr(options: PrCommandOptions = {}): Promise<number> {
+  const cwd = options.cwd ?? process.cwd();
+  const configPath = options.configPath ?? path.join(cwd, 'guardrail.config.yaml');
+
+  if (!fs.existsSync(configPath)) {
+    console.error(fmt('red', `[pr] guardrail.config.yaml not found at ${configPath}`));
+    return 1;
+  }
+
+  // Resolve PR number
+  let prNumber = options.prNumber;
+  if (!prNumber) {
+    const detected = ghJson<{ number: number }>(['pr', 'view', '--json', 'number'], cwd);
+    if (!detected) {
+      console.error(fmt('red', '[pr] No PR number given and no open PR found for current branch.'));
+      console.error(fmt('dim', '  Usage: guardrail pr <number>'));
+      return 1;
+    }
+    prNumber = String(detected.number);
+  }
+
+  // Look up PR metadata
+  interface PrMeta { number: number; baseRefName: string; headRefName: string; title: string }
+  const pr = ghJson<PrMeta>(['pr', 'view', prNumber, '--json', 'number,baseRefName,headRefName,title'], cwd);
+  if (!pr) {
+    console.error(fmt('red', `[pr] Could not fetch PR #${prNumber} — is gh authenticated?`));
+    return 1;
+  }
+
+  console.log(`\n${fmt('bold', `[guardrail pr]`)} #${pr.number} ${fmt('dim', pr.title)}`);
+  console.log(fmt('dim', `  base: ${pr.baseRefName}  head: ${pr.headRefName}`));
+
+  // Fetch base ref so diff works locally
+  const fetched = gitFetch('origin', pr.baseRefName, cwd);
+  if (!fetched) {
+    console.log(fmt('yellow', `  [pr] Warning: could not fetch origin/${pr.baseRefName} — diff may be stale`));
+  }
+
+  return runCommand({
+    cwd,
+    configPath,
+    base: `origin/${pr.baseRefName}`,
+    postComments: !options.noPostComments,
+    inlineComments: !options.noInlineComments,
+  });
+}

package/src/cli/preflight.ts

@@ -3,6 +3,7 @@ import * as fs from 'node:fs';
 import * as path from 'node:path';
 import { fileURLToPath } from 'node:url';
 import { runSafe } from '../core/shell.ts';
+import { detectLLMKey, loadEnvFile, LLM_KEY_NAMES } from '../core/detect/llm-key.ts';
 
 const PASS = '\x1b[32m✓\x1b[0m';
 const FAIL = '\x1b[31m✗\x1b[0m';
@@ -16,21 +17,6 @@ interface Check {
   message?: string;
 }
 
-function loadEnvFile(filePath: string): Record<string, string> {
-  const vars: Record<string, string> = {};
-  try {
-    const content = fs.readFileSync(filePath, 'utf-8');
-    for (const line of content.split('\n')) {
-      const trimmed = line.trim();
-      if (!trimmed || trimmed.startsWith('#')) continue;
-      const eq = trimmed.indexOf('=');
-      if (eq < 0) continue;
-      vars[trimmed.slice(0, eq).trim()] = trimmed.slice(eq + 1).trim().replace(/^['"]|['"]$/g, '');
-    }
-  } catch { /* ignore */ }
-  return vars;
-}
-
 export interface DoctorResult {
   blockers: number;
   warnings: number;
@@ -56,7 +42,7 @@ export async function runDoctor(): Promise<DoctorResult> {
   checks.push({
     name: 'tsx available',
     result: tsxVersion ? 'pass' : 'fail',
-    message: !tsxVersion ? 'tsx not found — run: npm install @delegance/claude-autopilot (includes tsx)' : undefined,
+    message: !tsxVersion ? 'tsx not found — run: npm install @delegance/guardrail (includes tsx)' : undefined,
   });
 
   // 3. gh CLI authenticated
@@ -67,13 +53,13 @@ export async function runDoctor(): Promise<DoctorResult> {
     message: ghAuth === null ? 'gh CLI not authenticated — run: gh auth login' : undefined,
   });
 
-  // 4. autopilot.config.yaml in cwd
-  const configYaml = path.join(process.cwd(), 'autopilot.config.yaml');
+  // 4. guardrail.config.yaml in cwd
+  const configYaml = path.join(process.cwd(), 'guardrail.config.yaml');
   checks.push({
-    name: 'autopilot.config.yaml',
+    name: 'guardrail.config.yaml',
     result: fs.existsSync(configYaml) ? 'pass' : 'warn',
     message: !fs.existsSync(configYaml)
-      ? 'autopilot.config.yaml not found in current directory — copy from a preset: presets/nextjs-supabase/autopilot.config.yaml'
+      ? 'guardrail.config.yaml not found in current directory — copy from a preset: presets/nextjs-supabase/guardrail.config.yaml'
       : undefined,
   });
 
@@ -83,21 +69,18 @@ export async function runDoctor(): Promise<DoctorResult> {
     name: `Local env file (${envFile ?? 'none found'})`,
     result: envFile ? 'pass' : 'warn',
     message: !envFile
-      ? `No env file found. Looked for: ${ENV_CANDIDATES.join(', ')}. Create one with your OPENAI_API_KEY.`
+      ? `No env file found. Looked for: ${ENV_CANDIDATES.join(', ')}. Create one with one of: ${LLM_KEY_NAMES.join(', ')}.`
       : undefined,
   });
 
-  // 6. LLM API key (ANTHROPIC_API_KEY preferred, OPENAI_API_KEY as fallback)
+  // 6. LLM API key — shared detection with setup/scan/run (all 5 providers)
   const envVars = envFile ? loadEnvFile(envFile) : {};
-  const hasAnthropic = !!process.env.ANTHROPIC_API_KEY || !!envVars['ANTHROPIC_API_KEY'];
-  const hasOpenAI = !!process.env.OPENAI_API_KEY || !!envVars['OPENAI_API_KEY'];
-  const hasLLMKey = hasAnthropic || hasOpenAI;
-  const llmKeyName = hasAnthropic ? 'ANTHROPIC_API_KEY' : hasOpenAI ? 'OPENAI_API_KEY' : 'none';
+  const { hasKey, preferred } = detectLLMKey({ extraEnv: envVars });
   checks.push({
-    name: `LLM API key (${llmKeyName})`,
-    result: hasLLMKey ? 'pass' : 'warn',
-    message: !hasLLMKey
-      ? `No LLM API key found — set ANTHROPIC_API_KEY (recommended) or OPENAI_API_KEY to enable review`
+    name: `LLM API key (${preferred ?? 'none'})`,
+    result: hasKey ? 'pass' : 'warn',
+    message: !hasKey
+      ? `No LLM API key found — set one of: ${LLM_KEY_NAMES.join(', ')} to enable review`
       : undefined,
   });
 
@@ -125,7 +108,7 @@ export async function runDoctor(): Promise<DoctorResult> {
 
 
   // Print results
-  console.log('\n\x1b[1m[doctor] Autopilot prerequisite check\x1b[0m\n');
+  console.log('\n\x1b[1m[doctor] Guardrail prerequisite check\x1b[0m\n');
   let blockers = 0;
   let warnings = 0;
   for (const check of checks) {
@@ -140,7 +123,7 @@ export async function runDoctor(): Promise<DoctorResult> {
 
   console.log('');
   if (blockers > 0) {
-    console.log(`\x1b[31m[doctor] ${blockers} blocker(s) — fix before running npx autopilot run\x1b[0m\n`);
+    console.log(`\x1b[31m[doctor] ${blockers} blocker(s) — fix before running npx guardrail run\x1b[0m\n`);
   } else if (warnings > 0) {
     console.log(`\x1b[33m[doctor] ${warnings} warning(s) — pipeline will run but some steps may be skipped\x1b[0m\n`);
   } else {

package/src/cli/report.ts

@@ -0,0 +1,186 @@
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import { loadCachedFindings } from '../core/persist/findings-cache.ts';
+import { readCostLog } from '../core/persist/cost-log.ts';
+import type { Finding } from '../core/findings/types.ts';
+
+const C = {
+  reset: '\x1b[0m', bold: '\x1b[1m', dim: '\x1b[2m',
+  green: '\x1b[32m', yellow: '\x1b[33m', red: '\x1b[31m',
+};
+const fmt = (c: keyof typeof C, t: string) => `${C[c]}${t}${C.reset}`;
+
+export interface ReportCommandOptions {
+  cwd?: string;
+  output?: string;   // file path to write markdown (default: stdout)
+  trend?: boolean;   // include trend analysis from cost log run history
+}
+
+function severityOrder(s: Finding['severity']): number {
+  return s === 'critical' ? 0 : s === 'warning' ? 1 : 2;
+}
+
+function buildTrendSection(cwd: string): string {
+  const log = readCostLog(cwd);
+  if (log.length === 0) return '';
+
+  const sevenDaysAgo = Date.now() - 7 * 24 * 60 * 60 * 1000;
+  const recent = log.filter(e => new Date(e.timestamp).getTime() >= sevenDaysAgo);
+  const totalCost = log.reduce((s, e) => s + e.costUSD, 0);
+  const avgFiles = log.reduce((s, e) => s + e.files, 0) / log.length;
+
+  const lines: string[] = [
+    '## 📈 Trend',
+    '',
+    `| Metric | Value |`,
+    `|--------|-------|`,
+    `| Runs (7d) | ${recent.length} |`,
+    `| Runs (all-time) | ${log.length} |`,
+    `| All-time cost | $${totalCost.toFixed(4)} |`,
+    `| Avg files/run | ${avgFiles.toFixed(1)} |`,
+    '',
+  ];
+
+  if (recent.length > 0) {
+    lines.push('### Recent runs', '');
+    lines.push('| Date | Files | Cost |');
+    lines.push('|------|-------|------|');
+    for (const e of recent.slice(-7).reverse()) {
+      const d = new Date(e.timestamp).toLocaleDateString();
+      lines.push(`| ${d} | ${e.files} | $${e.costUSD.toFixed(4)} |`);
+    }
+    lines.push('');
+  }
+
+  return lines.join('\n');
+}
+
+function buildFileBreakdown(findings: Finding[]): string {
+  const withFiles = findings.filter(f => f.file && f.file !== '<unspecified>' && f.file !== '<pipeline>');
+  if (withFiles.length === 0) return '';
+
+  const counts = new Map<string, { critical: number; warning: number; note: number; total: number }>();
+  for (const f of withFiles) {
+    const entry = counts.get(f.file) ?? { critical: 0, warning: 0, note: 0, total: 0 };
+    entry[f.severity]++;
+    entry.total++;
+    counts.set(f.file, entry);
+  }
+
+  const sorted = [...counts.entries()].sort((a, b) => b[1].total - a[1].total).slice(0, 10);
+  if (sorted.length < 2) return ''; // single file — not worth a table
+
+  const lines = [
+    '## 📁 By File',
+    '',
+    '| File | Critical | Warning | Note | Total |',
+    '|------|----------|---------|------|-------|',
+  ];
+  for (const [file, c] of sorted) {
+    lines.push(`| \`${file}\` | ${c.critical || '–'} | ${c.warning || '–'} | ${c.note || '–'} | **${c.total}** |`);
+  }
+  if (counts.size > 10) lines.push(`| *(${counts.size - 10} more files)* | | | | |`);
+  lines.push('');
+  return lines.join('\n');
+}
+
+function buildSourceBreakdown(findings: Finding[]): string {
+  const counts = new Map<string, number>();
+  for (const f of findings) {
+    counts.set(f.source, (counts.get(f.source) ?? 0) + 1);
+  }
+  if (counts.size < 2) return '';
+
+  const lines = ['## 🔬 By Source', '', '| Source | Findings |', '|--------|----------|'];
+  for (const [source, n] of [...counts.entries()].sort((a, b) => b[1] - a[1])) {
+    lines.push(`| ${source} | ${n} |`);
+  }
+  lines.push('');
+  return lines.join('\n');
+}
+
+function buildMarkdown(findings: Finding[], cwd: string, trend: boolean): string {
+  const critical = findings.filter(f => f.severity === 'critical');
+  const warnings  = findings.filter(f => f.severity === 'warning');
+  const notes     = findings.filter(f => f.severity === 'note');
+  const fixable   = critical.length + warnings.length;
+
+  const lines: string[] = [
+    '# Guardrail Report',
+    '',
+    `> Generated ${new Date().toISOString()}`,
+    '',
+    '## Summary',
+    '',
+    `| Severity | Count |`,
+    `|----------|-------|`,
+    `| 🚨 Critical | ${critical.length} |`,
+    `| ⚠️  Warning  | ${warnings.length} |`,
+    `| ℹ️  Note     | ${notes.length} |`,
+    `| **Total**   | **${findings.length}** |`,
+    '',
+  ];
+
+  if (fixable > 0) {
+    lines.push(`> **${fixable} finding${fixable !== 1 ? 's' : ''} can be auto-fixed** — run \`guardrail fix\` to attempt repairs.`, '');
+  }
+
+  if (trend) {
+    const trendSection = buildTrendSection(cwd);
+    if (trendSection) lines.push(trendSection);
+  }
+
+  const fileBreakdown = buildFileBreakdown(findings);
+  if (fileBreakdown) lines.push(fileBreakdown);
+
+  const sourceBreakdown = buildSourceBreakdown(findings);
+  if (sourceBreakdown) lines.push(sourceBreakdown);
+
+  function renderGroup(label: string, icon: string, group: Finding[]) {
+    if (group.length === 0) return;
+    lines.push(`## ${icon} ${label}`, '');
+    for (const f of group) {
+      const loc = f.file && f.file !== '<unspecified>' && f.file !== '<pipeline>'
+        ? `\`${f.file}${f.line ? `:${f.line}` : ''}\``
+        : null;
+      lines.push(`### ${loc ? `${loc} — ` : ''}${f.message}`);
+      if (f.suggestion) lines.push('', `> **Suggestion:** ${f.suggestion}`);
+      lines.push('', `*Source: ${f.source} · Rule: ${f.id}*`, '');
+    }
+  }
+
+  renderGroup('Critical', '🚨', critical);
+  renderGroup('Warnings', '⚠️', warnings);
+  renderGroup('Notes', 'ℹ️', notes);
+
+  if (findings.length === 0) {
+    lines.push('## ✅ No findings', '', 'No cached findings — run `guardrail run` or `guardrail scan` first.', '');
+  }
+
+  return lines.join('\n');
+}
+
+export async function runReport(options: ReportCommandOptions = {}): Promise<number> {
+  const cwd = options.cwd ?? process.cwd();
+  const findings = loadCachedFindings(cwd);
+
+  if (findings.length === 0) {
+    console.log(fmt('yellow', '[report] No cached findings — run `guardrail run` or `guardrail scan` first.'));
+    return 0;
+  }
+
+  const sorted = [...findings].sort((a, b) => severityOrder(a.severity) - severityOrder(b.severity));
+  const md = buildMarkdown(sorted, cwd, options.trend ?? false);
+
+  if (options.output) {
+    fs.writeFileSync(options.output, md, 'utf8');
+    const critical = findings.filter(f => f.severity === 'critical').length;
+    const warnings = findings.filter(f => f.severity === 'warning').length;
+    console.log(fmt('bold', `[report] Written to ${options.output}`));
+    console.log(`  ${critical > 0 ? fmt('red', `${critical} critical`) : fmt('green', '0 critical')}  ${warnings > 0 ? fmt('yellow', `${warnings} warning${warnings !== 1 ? 's' : ''}`) : fmt('dim', '0 warnings')}`);
+  } else {
+    process.stdout.write(md + '\n');
+  }
+
+  return findings.some(f => f.severity === 'critical') ? 1 : 0;
+}

package/src/cli/run.ts

@@ -25,23 +25,37 @@ import { loadRulesFromConfig } from '../core/static-rules/registry.ts';
 import { resolvePreset } from '../core/config/preset-resolver.ts';
 import { mergeConfigs } from '../core/config/preset-resolver.ts';
 import { loadAdapter } from '../adapters/loader.ts';
-import { runAutopilot } from '../core/pipeline/run.ts';
+import { runGuardrail } from '../core/pipeline/run.ts';
 import { resolveGitTouchedFiles } from '../core/git/touched-files.ts';
 import type { RunInput } from '../core/pipeline/run.ts';
 import type { ReviewEngine } from '../adapters/review-engine/types.ts';
-import type { AutopilotConfig } from '../core/config/types.ts';
+import type { GuardrailConfig } from '../core/config/types.ts';
 import { fileURLToPath } from 'node:url';
 import { toSarif } from '../formatters/sarif.ts';
+import { toJUnit } from '../formatters/junit.ts';
+import { loadTriage, filterTriaged } from '../core/persist/triage.ts';
 import { emitAnnotations } from '../formatters/github-annotations.ts';
 import { detectStack } from '../core/detect/stack.ts';
 import { detectProtectedPaths } from '../core/detect/protected-paths.ts';
 import { detectGitContext } from '../core/detect/git-context.ts';
+import { detectWorkspaces, mapFilesToWorkspaces } from '../core/detect/workspaces.ts';
 import { detectProject } from './detector.ts';
 import { detectPrNumber, formatComment, postPrComment } from './pr-comment.ts';
 import { postReviewComments } from './pr-review-comments.ts';
 import { loadIgnoreRules, parseConfigIgnore, applyIgnoreRules } from '../core/ignore/index.ts';
+import { detectLLMKey, LLM_KEY_HINTS } from '../core/detect/llm-key.ts';
 import { loadCachedFindings, saveCachedFindings, filterNewFindings } from '../core/persist/findings-cache.ts';
+import { loadBaseline, filterBaselined } from '../core/persist/baseline.ts';
 import { appendCostLog } from '../core/persist/cost-log.ts';
+import { postCommitStatus, resolveCommitSha } from '../adapters/vcs-host/commit-status.ts';
+
+function computeExitCode(findings: { severity: string }[], failOn: string): number {
+  if (failOn === 'none') return 0;
+  const fail = failOn === 'warning' ? ['critical', 'warning']
+    : failOn === 'note' ? ['critical', 'warning', 'note']
+    : ['critical'];
+  return findings.some(f => fail.includes(f.severity)) ? 1 : 0;
+}
 
 function readToolVersion(): string {
   const pkgPath = path.join(path.dirname(fileURLToPath(import.meta.url)), '../../package.json');
@@ -70,10 +84,13 @@ export interface RunCommandOptions {
   dryRun?: boolean;     // skip review, print what would run
   diff?: boolean;           // use diff strategy (send git hunks instead of full files)
   delta?: boolean;          // only report findings not present in last run's baseline
+  newOnly?: boolean;        // only report findings not in committed .guardrail-baseline.json
+  failOn?: 'critical' | 'warning' | 'note' | 'none'; // severity threshold for exit 1
   inlineComments?: boolean; // post per-line review comments on the PR diff
-  format?: 'text' | 'sarif';
+  format?: 'text' | 'sarif' | 'junit';
   outputPath?: string;
   postComments?: boolean; // post/update summary comment on the open PR
+  skipReview?: boolean;  // skip tests and review phases (static rules only)
 }
 
 /**
@@ -82,27 +99,26 @@ export interface RunCommandOptions {
  */
 export async function runCommand(options: RunCommandOptions = {}): Promise<number> {
   const cwd = options.cwd ?? process.cwd();
-  const configPath = options.configPath ?? path.join(cwd, 'autopilot.config.yaml');
+  const configPath = options.configPath ?? path.join(cwd, 'guardrail.config.yaml');
 
+  // Load + merge config (graceful zero-config fallback)
+  let config: GuardrailConfig;
   if (!fs.existsSync(configPath)) {
-    console.error(fmt('red', `[run] autopilot.config.yaml not found at ${configPath}`));
-    console.error(fmt('dim', '      Run: npx autopilot init'));
-    return 1;
-  }
-
-  // Load + merge config
-  let config: AutopilotConfig;
-  try {
-    const userConfig = await loadConfig(configPath);
-    if (userConfig.preset) {
-      const preset = await resolvePreset(userConfig.preset);
-      config = mergeConfigs(preset.config, userConfig);
-    } else {
-      config = userConfig;
+    console.log(fmt('dim', `[run] No guardrail.config.yaml found — using defaults. Run \`npx guardrail setup\` to configure.`));
+    config = { configVersion: 1, reviewEngine: { adapter: 'auto' }, testCommand: null };
+  } else {
+    try {
+      const userConfig = await loadConfig(configPath);
+      if (userConfig.preset) {
+        const preset = await resolvePreset(userConfig.preset);
+        config = mergeConfigs(preset.config, userConfig);
+      } else {
+        config = userConfig;
+      }
+    } catch (err) {
+      console.error(fmt('red', `[run] Config error: ${err instanceof Error ? err.message : String(err)}`));
+      return 1;
     }
-  } catch (err) {
-    console.error(fmt('red', `[run] Config error: ${err instanceof Error ? err.message : String(err)}`));
-    return 1;
   }
 
   // Fill in missing config fields from auto-detection (track what was auto-detected for logging)
@@ -124,6 +140,13 @@ export async function runCommand(options: RunCommandOptions = {}): Promise<numbe
     config = { ...config, testCommand: detected };
     autoDetected.push(`test: ${detected}`);
   }
+
+  // Monorepo workspace detection
+  const workspaces = detectWorkspaces(cwd);
+  if (workspaces && workspaces.length > 0) {
+    autoDetected.push(`workspaces: ${workspaces.length} (${workspaces.map(w => w.name).slice(0, 3).join(', ')}${workspaces.length > 3 ? ` +${workspaces.length - 3} more` : ''})`);
+  }
+
   const gitCtx = detectGitContext(cwd);
 
   // Resolve touched files
@@ -134,7 +157,7 @@ export async function runCommand(options: RunCommandOptions = {}): Promise<numbe
     return 0;
   }
 
-  console.log(`\n${fmt('bold', '[autopilot run]')} ${fmt('dim', configPath)}`);
+  console.log(`\n${fmt('bold', '[guardrail run]')} ${fmt('dim', configPath)}`);
   console.log(`${fmt('dim', `  ${touchedFiles.length} changed file(s):`)} ${touchedFiles.slice(0, 5).join(', ')}${touchedFiles.length > 5 ? ` … +${touchedFiles.length - 5} more` : ''}`);
   if (gitCtx.summary) {
     console.log(fmt('dim', `  ${gitCtx.summary}`));
@@ -152,10 +175,13 @@ export async function runCommand(options: RunCommandOptions = {}): Promise<numbe
   let reviewEngine: ReviewEngine | undefined;
   if (config.reviewEngine) {
     const ref = typeof config.reviewEngine === 'string' ? config.reviewEngine : config.reviewEngine.adapter;
-    const hasAnyKey = !!(process.env.ANTHROPIC_API_KEY || process.env.GEMINI_API_KEY ||
-      process.env.GOOGLE_API_KEY || process.env.OPENAI_API_KEY || process.env.GROQ_API_KEY);
-    if (!hasAnyKey && ['auto', 'claude', 'gemini', 'codex', 'openai-compatible'].includes(ref)) {
-      console.log(fmt('yellow', '\n  [run] No LLM API key found — set ANTHROPIC_API_KEY, GEMINI_API_KEY, OPENAI_API_KEY, or GROQ_API_KEY to enable review'));
+    if (!detectLLMKey().hasKey && ['auto', 'claude', 'gemini', 'codex', 'openai-compatible'].includes(ref)) {
+      console.log(fmt('yellow', '\n  [run] No LLM API key — set one of:'));
+      for (const { name, url, note } of LLM_KEY_HINTS) {
+        const suffix = note ? `  (${note})` : '';
+        console.log(fmt('dim', `         ${name.padEnd(18)} ${url}${suffix}`));
+      }
+      console.log('');
     } else {
       try {
         reviewEngine = await loadAdapter<ReviewEngine>({
@@ -179,6 +205,18 @@ export async function runCommand(options: RunCommandOptions = {}): Promise<numbe
     config = { ...config, reviewStrategy: 'diff' };
   }
 
+  // Pre-run cost estimate
+  if (config.cost?.estimateBeforeRun) {
+    const totalChars = touchedFiles.reduce((sum, f) => {
+      try { return sum + fs.statSync(f).size; } catch { return sum; }
+    }, 0);
+    const estTokens = Math.round(totalChars / 4);
+    const estCost = estTokens / 1_000_000 * 3.0; // rough: $3/M tokens (Sonnet)
+    const cap = config.cost?.maxPerRun;
+    console.log(fmt('dim', `  [run] estimated: ~${estTokens.toLocaleString()} tokens, ~$${estCost.toFixed(4)}`
+      + (cap ? ` (cap: $${cap})` : '')));
+  }
+
   // Execute pipeline
   const input: RunInput = {
     touchedFiles,
@@ -188,12 +226,19 @@ export async function runCommand(options: RunCommandOptions = {}): Promise<numbe
     cwd,
     gitSummary: gitCtx.summary ?? undefined,
     base: options.base,
+    skipReview: options.skipReview,
   };
 
+  // Post pending commit status (best-effort — never fatal)
+  const commitSha = resolveCommitSha(cwd);
+  if (commitSha) {
+    postCommitStatus({ sha: commitSha, state: 'pending', description: `Reviewing ${touchedFiles.length} file(s)…`, cwd });
+  }
+
   console.log('');
-  const result = await runAutopilot(input);
+  const result = await runGuardrail(input);
 
-  // Apply .autopilot-ignore + config ignore: rules
+  // Apply .guardrail-ignore + config ignore: rules
   const ignoreRules = [...loadIgnoreRules(cwd), ...parseConfigIgnore(config.ignore)];
   if (ignoreRules.length > 0) {
     const before = result.allFindings.length;
@@ -203,11 +248,11 @@ export async function runCommand(options: RunCommandOptions = {}): Promise<numbe
     }
     const suppressed = before - result.allFindings.length;
     if (suppressed > 0) {
-      console.log(fmt('dim', `  [run] ${suppressed} finding${suppressed !== 1 ? 's' : ''} suppressed by .autopilot-ignore`));
+      console.log(fmt('dim', `  [run] ${suppressed} finding${suppressed !== 1 ? 's' : ''} suppressed by .guardrail-ignore`));
     }
   }
 
-  // Delta mode: filter to only new findings vs last run's baseline, then persist
+  // Delta mode: filter to only new findings vs last run's cache, then persist
   if (options.delta) {
     const cached = loadCachedFindings(cwd);
     const before = result.allFindings.length;
@@ -220,7 +265,41 @@ export async function runCommand(options: RunCommandOptions = {}): Promise<numbe
       console.log(fmt('dim', `  [run] ${existing} pre-existing finding${existing !== 1 ? 's' : ''} hidden (--delta mode)`));
     }
   }
-  // Always persist the unfiltered findings as the new baseline
+
+  // --new-only / policy.newOnly: filter against committed .guardrail-baseline.json
+  const policy = config.policy ?? {};
+  const newOnly = options.newOnly ?? policy.newOnly ?? false;
+  if (newOnly) {
+    const baseline = loadBaseline(cwd, policy.baselinePath);
+    if (baseline) {
+      const { newFindings, baselinedCount } = filterBaselined(result.allFindings, baseline);
+      result.allFindings = newFindings;
+      for (const phase of result.phases) {
+        phase.findings = filterBaselined(phase.findings, baseline).newFindings;
+      }
+      if (baselinedCount > 0) {
+        console.log(fmt('dim', `  [run] ${baselinedCount} baselined finding${baselinedCount !== 1 ? 's' : ''} suppressed (--new-only)`));
+      }
+    } else {
+      console.log(fmt('yellow', '  [run] --new-only: no .guardrail-baseline.json found — showing all findings'));
+      console.log(fmt('dim',    '         Run `guardrail baseline create` after first scan to pin the baseline'));
+    }
+  }
+
+  // Triage filter: suppress accepted-risk / false-positive findings
+  const triageStore = loadTriage(cwd);
+  if (triageStore.entries.length > 0) {
+    const { active, triageCount } = filterTriaged(result.allFindings, triageStore);
+    if (triageCount > 0) {
+      result.allFindings = active;
+      for (const phase of result.phases) {
+        phase.findings = filterTriaged(phase.findings, triageStore).active;
+      }
+      console.log(fmt('dim', `  [run] ${triageCount} triaged finding${triageCount !== 1 ? 's' : ''} suppressed (accepted-risk / false-positive)`));
+    }
+  }
+
+  // Always persist the unfiltered findings as the run cache
   saveCachedFindings(cwd, result.allFindings);
 
   // Append to per-run cost log
@@ -245,6 +324,14 @@ export async function runCommand(options: RunCommandOptions = {}): Promise<numbe
     console.log(fmt('dim', `[run] SARIF written to ${options.outputPath}`));
   }
 
+  // Write JUnit XML output if requested
+  if (options.format === 'junit' && options.outputPath) {
+    const junit = toJUnit(result);
+    fs.mkdirSync(path.dirname(path.resolve(options.outputPath)), { recursive: true });
+    fs.writeFileSync(options.outputPath, junit, 'utf8');
+    console.log(fmt('dim', `[run] JUnit XML written to ${options.outputPath}`));
+  }
+
   // Post inline PR review comments if requested
   if (options.inlineComments) {
     const pr = detectPrNumber(cwd);
@@ -304,16 +391,33 @@ export async function runCommand(options: RunCommandOptions = {}): Promise<numbe
     console.log(`\n  ${fmt('dim', `${result.durationMs}ms total`)}`);
   }
 
-  // Final verdict
+  // Post final commit status
+  if (commitSha) {
+    const critical = result.allFindings.filter(f => f.severity === 'critical').length;
+    const warnings = result.allFindings.filter(f => f.severity === 'warning').length;
+    const state = result.status === 'fail' ? 'failure' : 'success';
+    const desc = result.status === 'pass'
+      ? 'All checks passed'
+      : result.status === 'warn'
+        ? `Passed with ${warnings} warning${warnings !== 1 ? 's' : ''}`
+        : `${critical} critical finding${critical !== 1 ? 's' : ''}`;
+    postCommitStatus({ sha: commitSha, state, description: desc, cwd });
+  }
+
+  // Final verdict — apply policy.failOn threshold
+  const failOn = options.failOn ?? policy.failOn ?? 'critical';
+  const exitCode = computeExitCode(result.allFindings, failOn);
+
   console.log('');
-  if (result.status === 'pass') {
+  if (exitCode === 0 && result.status !== 'pass') {
+    const reason = failOn === 'none' ? ' (policy: fail-on=none)' : ` (policy: fail-on=${failOn})`;
+    console.log(fmt('yellow', `[run] ! Passed with findings${reason}\n`));
+  } else if (result.status === 'pass') {
     console.log(fmt('green', '[run] ✓ All phases passed\n'));
-    return 0;
   } else if (result.status === 'warn') {
     console.log(fmt('yellow', '[run] ! Passed with warnings\n'));
-    return 0;
   } else {
     console.log(fmt('red', '[run] ✗ Pipeline failed — see findings above\n'));
-    return 1;
   }
+  return exitCode;
 }