@delegance/claude-autopilot 2.5.0 → 5.0.0-alpha.2

package/src/cli/index.ts

@@ -1,14 +1,14 @@
 #!/usr/bin/env node
 /**
- * autopilot CLI — entry point
+ * guardrail CLI — entry point
  *
  * Usage:
- *   autopilot init              scaffold autopilot.config.yaml from a preset
- *   autopilot run               run the pipeline on git-changed files
- *   autopilot run --base main   diff against a specific branch
- *   autopilot run --dry-run     show what would run, no execution
- *   autopilot watch             re-run pipeline on every file save (debounced)
- *   autopilot doctor            check prerequisites (alias: preflight)
+ *   guardrail run               review git-changed files
+ *   guardrail scan src/auth/    review any path (no git required)
+ *   guardrail scan --ask "..."  ask a targeted question about code
+ *   guardrail ci                opinionated CI entrypoint
+ *   guardrail watch             re-run on every file save
+ *   guardrail doctor            check prerequisites
  */
 import { runCommand } from './run.ts';
 import { runWatch } from './watch.ts';
@@ -16,6 +16,17 @@ import { runSetup } from './setup.ts';
 import { runDoctor } from './preflight.ts';
 import { runCi } from './ci.ts';
 import { runFix } from './fix.ts';
+import { runScan } from './scan.ts';
+import { runReport } from './report.ts';
+import { runExplain } from './explain.ts';
+import { runIgnore } from './ignore-helper.ts';
+import { runPr } from './pr.ts';
+import { runBaseline } from './baseline.ts';
+import { runTriage } from './triage.ts';
+import { runLsp } from './lsp.ts';
+import { runWorker } from './worker.ts';
+import { runTestGen } from './test-gen.ts';
+import { runCouncilCmd } from './council.ts';
 
 const args = process.argv.slice(2);
 
@@ -29,8 +40,113 @@ if (args[0] === '--version' || args[0] === '-v') {
   process.exit(0);
 }
 
-const SUBCOMMANDS = ['init', 'run', 'ci', 'fix', 'costs', 'watch', 'hook', 'autoregress', 'doctor', 'preflight', 'setup', 'help', '--help', '-h'] as const;
-const VALUE_FLAGS = ['base', 'config', 'files', 'format', 'output', 'debounce'];
+// Help flag — route to help handler explicitly before subcommand defaulting.
+// Without this, `--help` falls through the "args[0].startsWith('--')" check below
+// and defaults to `run`, which is surprising and a v4 regression we preserve no longer.
+if (args[0] === '--help' || args[0] === '-h') {
+  args.unshift('help');
+  args.splice(1, 1); // remove the original --help/-h token
+}
+
+// Verb grouping (new in alpha.2): `claude-autopilot review <verb>` and
+// `claude-autopilot advanced <verb>` are dispatcher prefixes that route to the
+// same flat handlers. Legacy flat invocation (`claude-autopilot run`) is unchanged
+// — the grouped form is purely additive.
+//
+// Scope gates enforce that only the documented verb sets work under each prefix,
+// so `claude-autopilot review doctor` is rejected with a clear error instead of
+// silently routing to the doctor handler (which would confuse the mental model).
+const REVIEW_VERBS = new Set(['run', 'scan', 'ci', 'fix', 'baseline', 'explain', 'watch', 'report']);
+// `detector` is a library used by setup/run, not a CLI subcommand — leave it out.
+const ADVANCED_VERBS = new Set(['lsp', 'mcp', 'worker', 'autoregress', 'test-gen', 'hook', 'ignore']);
+if (args[0] === 'review') {
+  const sub = args[1];
+  if (!sub || sub === '--help' || sub === '-h') {
+    console.log(`
+Usage: claude-autopilot review <verb> [options]
+
+Review-phase verbs:
+  run          Review git-changed files (default)
+  scan         Review any path — no git required
+  ci           Opinionated CI entrypoint (post comments + SARIF)
+  fix          Auto-fix cached findings using the configured LLM
+  baseline     Manage the committed findings baseline
+  explain      Deep-dive explanation + remediation for a specific finding
+  watch        Watch for file changes and re-run on each save
+  report       Render cached findings as a markdown report
+
+These are aliases for the flat subcommands — \`claude-autopilot run\` and
+\`claude-autopilot review run\` are equivalent.
+`);
+    process.exit(0);
+  }
+  if (!REVIEW_VERBS.has(sub)) {
+    console.error(`\x1b[31m[claude-autopilot] "${sub}" is not a review-phase verb.\x1b[0m`);
+    console.error(`\x1b[2m  Valid: ${[...REVIEW_VERBS].join(', ')}\x1b[0m`);
+    console.error(`\x1b[2m  Did you mean: claude-autopilot ${sub} ...?\x1b[0m`);
+    process.exit(1);
+  }
+  args.shift(); // drop 'review', leave the flat subcommand at args[0]
+}
+if (args[0] === 'advanced') {
+  const sub = args[1];
+  if (!sub || sub === '--help' || sub === '-h') {
+    console.log(`
+Usage: claude-autopilot advanced <verb> [options]
+
+Advanced / niche verbs (hidden from top-level --help to keep it readable):
+  lsp          Language server — publishes findings as LSP diagnostics
+  mcp          MCP server for Claude / ChatGPT integration
+  worker       Persistent review daemon (start|stop|status)
+  autoregress  Snapshot regression tests
+  test-gen     Generate test cases for uncovered exports
+  hook         Install / remove the pre-push git hook
+  ignore       Edit the findings ignore list
+
+These are aliases for the flat subcommands; they still work without the 'advanced' prefix.
+`);
+    process.exit(0);
+  }
+  if (!ADVANCED_VERBS.has(sub)) {
+    console.error(`\x1b[31m[claude-autopilot] "${sub}" is not an advanced verb.\x1b[0m`);
+    console.error(`\x1b[2m  Valid: ${[...ADVANCED_VERBS].join(', ')}\x1b[0m`);
+    process.exit(1);
+  }
+  args.shift(); // drop 'advanced'
+}
+
+const SUBCOMMANDS = ['init', 'run', 'scan', 'report', 'explain', 'ignore', 'ci', 'pr', 'fix', 'costs', 'watch', 'hook', 'autoregress', 'baseline', 'triage', 'lsp', 'worker', 'mcp', 'test-gen', 'pr-desc', 'doctor', 'preflight', 'setup', 'council', 'help', '--help', '-h'] as const;
+const VALUE_FLAGS = ['base', 'config', 'files', 'format', 'output', 'debounce', 'ask', 'focus', 'fail-on', 'note', 'reason', 'expires', 'profile', 'severity', 'prompt', 'context-file'];
+
+// Bare invocation — no subcommand, no flags → show welcome guide
+if (args.length === 0) {
+  const hasKey = !!(process.env.ANTHROPIC_API_KEY || process.env.GEMINI_API_KEY ||
+    process.env.GOOGLE_API_KEY || process.env.OPENAI_API_KEY || process.env.GROQ_API_KEY);
+  const keyLine = hasKey
+    ? '\x1b[32m✓\x1b[0m  LLM API key detected'
+    : '\x1b[33m!\x1b[0m  No LLM API key found — set one of:\n     ANTHROPIC_API_KEY  https://console.anthropic.com/\n     OPENAI_API_KEY     https://platform.openai.com/api-keys\n     GEMINI_API_KEY     https://aistudio.google.com/app/apikey\n     GROQ_API_KEY       https://console.groq.com/keys  (fast free tier)';
+  console.log(`
+\x1b[1m@delegance/guardrail\x1b[0m — LLM-powered code review for your PR diffs
+
+  ${keyLine}
+
+\x1b[1mQuick start:\x1b[0m
+
+  \x1b[36mnpx guardrail run --base main\x1b[0m          Review files changed vs main
+  \x1b[36mnpx guardrail scan src/auth/\x1b[0m           Scan any path (no git required)
+  \x1b[36mnpx guardrail scan --ask "SQL injection?" src/db/\x1b[0m
+  \x1b[36mnpx guardrail fix\x1b[0m                      Auto-fix cached findings
+  \x1b[36mnpx guardrail pr-desc\x1b[0m                  Generate PR description from current diff
+
+\x1b[1mSetup:\x1b[0m
+
+  \x1b[36mnpx guardrail setup\x1b[0m                    Auto-detect stack, write config, install hook
+  \x1b[36mnpx guardrail doctor\x1b[0m                   Check prerequisites
+
+Run \x1b[36mnpx guardrail --help\x1b[0m for full command reference.
+`);
+  process.exit(0);
+}
 
 // Detect first non-flag arg as subcommand, default to 'run'
 const subcommand = (args[0] && !args[0].startsWith('--')) ? args[0] : 'run';
@@ -41,7 +157,7 @@ function flag(name: string): string | undefined {
   if (idx < 0) return undefined;
   const val = args[idx + 1];
   if (val === undefined || val.startsWith('--')) {
-    console.error(`\x1b[31m[autopilot] --${name} requires a value\x1b[0m`);
+    console.error(`\x1b[31m[guardrail] --${name} requires a value\x1b[0m`);
     process.exit(1);
   }
   return val;
@@ -53,18 +169,37 @@ function boolFlag(name: string): boolean {
 
 function printUsage(): void {
   console.log(`
-Usage: autopilot <command> [options]
+Usage: guardrail <command> [options]
 
 Commands:
-  run          Run the pipeline on git-changed files (default)
-  watch        Watch for file changes and re-run pipeline on each save
-  init         Scaffold autopilot.config.yaml from a preset
-  doctor       Check prerequisites and show exact fix commands (alias: preflight)
-  autoregress  Run snapshot regression tests (run|diff|update|generate)
+  run          Review git-changed files (default)
+  scan         Review any path — no git required
+  report       Render cached findings as a markdown report
+  explain      Deep-dive explanation + remediation for a specific finding
+  ignore       Interactively add findings to .guardrail-ignore
+  watch        Watch for file changes and re-run on each save
+  pr           Review a specific PR by number (auto-detects if on PR branch)
+  fix          Auto-fix cached findings using the configured LLM
+  costs        Show per-run cost summary
+  ci           Opinionated CI entrypoint (post comments + SARIF)
+  init         Scaffold guardrail.config.yaml from a preset
+  setup        Auto-detect stack, write config, install pre-push hook
+  doctor       Check prerequisites (alias: preflight)
+  preflight    Check prerequisites (alias: doctor)
+  hook         Install / remove the pre-push git hook
+  baseline     Manage the committed findings baseline (create|update|show|delete)
+  triage       Mark individual findings as accepted/dismissed
+  pr-desc      Generate a PR title / summary / test plan from the current diff
+  council      Multi-model review — dispatch the diff to N models and synthesize consensus
+  mcp          MCP server for Claude / ChatGPT integration
+  autoregress  Snapshot regression tests (run|diff|update|generate)
+  lsp          Language server — publishes findings as LSP diagnostics (stdin/stdout)
+  worker       Persistent review daemon for multi-terminal parallel usage (start|stop|status)
+  test-gen     Detect uncovered exports and generate test cases using the LLM
 
 Options (run):
   --base <ref>         Git base ref for diff (default: HEAD~1)
-  --config <path>      Path to config file (default: ./autopilot.config.yaml)
+  --config <path>      Path to config file (default: ./guardrail.config.yaml)
   --files <a,b,c>      Explicit comma-separated file list (skips git detection)
   --dry-run            Show what would run without executing
   --diff               Send git diff hunks instead of full files (~70% fewer tokens)
@@ -74,8 +209,19 @@ Options (run):
   --format <text|sarif>  Output format (default: text)
   --output <path>        Output file path (required with --format sarif)
 
-  fix          Auto-fix cached findings using the configured LLM
-  costs        Show per-run cost summary from .autopilot-cache/costs.jsonl
+Options (scan):
+  <path> [path...]     Files or directories to scan (or --all for entire codebase)
+  --all                Scan entire codebase
+  --ask <question>     Targeted question to inject into the LLM review prompt
+  --focus <type>       security | logic | performance (default: all)
+  --dry-run            List files that would be scanned without running
+  --config <path>      Path to config file
+
+Options (pr):
+  <number>                   PR number to review (optional if on a PR branch)
+  --no-post-comments         Skip posting/updating PR summary comment
+  --no-inline-comments       Skip posting per-line inline annotations
+  --config <path>            Path to config file
 
 Options (fix):
   --severity <critical|warning|all>  Which findings to fix (default: critical)
@@ -83,7 +229,7 @@ Options (fix):
   --config <path>                    Path to config file
 
 Options (watch):
-  --config <path>      Path to config file (default: ./autopilot.config.yaml)
+  --config <path>      Path to config file (default: ./guardrail.config.yaml)
   --debounce <ms>      Debounce delay in ms (default: 300)
 
 Options (autoregress):
@@ -95,8 +241,32 @@ Options (autoregress):
 }
 
 switch (subcommand) {
+  case 'scan': {
+    const config = flag('config');
+    const ask = flag('ask');
+    const focusArg = flag('focus');
+    if (focusArg && !['security', 'logic', 'performance', 'brand', 'all'].includes(focusArg)) {
+      console.error(`\x1b[31m[guardrail] --focus must be "security", "logic", "performance", or "all"\x1b[0m`);
+      process.exit(1);
+    }
+    const dryRun = boolFlag('dry-run');
+    const all = boolFlag('all');
+    // Remaining non-flag args after 'scan' are paths
+    const targets = args.slice(1).filter(a => !a.startsWith('--') && a !== ask && a !== focusArg && a !== config);
+    const code = await runScan({
+      configPath: config,
+      targets: targets.length > 0 ? targets : undefined,
+      all,
+      ask,
+      focus: focusArg as 'security' | 'logic' | 'performance' | 'brand' | 'all' | undefined,
+      dryRun,
+    });
+    process.exit(code);
+    break;
+  }
+
   case 'init': {
-    console.log('\x1b[33m[init] autopilot init is deprecated — use: npx autopilot setup\x1b[0m\n');
+    console.log('\x1b[33m[init] guardrail init is deprecated — use: npx guardrail setup\x1b[0m\n');
     const force = args.includes('--force');
     await runSetup({ force });
     break;
@@ -120,7 +290,7 @@ switch (subcommand) {
     const debounceArg = flag('debounce');
     const debounceMs = debounceArg ? parseInt(debounceArg, 10) : undefined;
     if (debounceArg && (isNaN(debounceMs!) || debounceMs! < 0)) {
-      console.error(`\x1b[31m[autopilot] --debounce must be a non-negative integer\x1b[0m`);
+      console.error(`\x1b[31m[guardrail] --debounce must be a non-negative integer\x1b[0m`);
       process.exit(1);
     }
     await runWatch({ configPath: config, debounceMs });
@@ -134,19 +304,27 @@ switch (subcommand) {
     const dryRun = boolFlag('dry-run');
     const diff = boolFlag('diff');
     const delta = boolFlag('delta');
+    const staticOnly = args.includes('--static-only');
     const inlineComments = boolFlag('inline-comments');
     const postComments = boolFlag('post-comments');
     const formatArg = flag('format');
     const outputPath = flag('output');
 
-    if (formatArg && formatArg !== 'text' && formatArg !== 'sarif') {
-      console.error(`\x1b[31m[autopilot] --format must be "text" or "sarif"\x1b[0m`);
+    if (formatArg && formatArg !== 'text' && formatArg !== 'sarif' && formatArg !== 'junit') {
+      console.error(`\x1b[31m[guardrail] --format must be "text", "sarif", or "junit"\x1b[0m`);
+      process.exit(1);
+    }
+    if ((formatArg === 'sarif' || formatArg === 'junit') && !outputPath) {
+      console.error(`\x1b[31m[guardrail] --format ${formatArg} requires --output <path>\x1b[0m`);
       process.exit(1);
     }
-    if (formatArg === 'sarif' && !outputPath) {
-      console.error(`\x1b[31m[autopilot] --format sarif requires --output <path>\x1b[0m`);
+
+    const failOnArg = flag('fail-on');
+    if (failOnArg && !['critical', 'warning', 'note', 'none'].includes(failOnArg)) {
+      console.error(`\x1b[31m[guardrail] --fail-on must be "critical", "warning", "note", or "none"\x1b[0m`);
       process.exit(1);
     }
+    const newOnly = boolFlag('new-only');
 
     const code = await runCommand({
       base,
@@ -155,10 +333,13 @@ switch (subcommand) {
       dryRun,
       diff,
       delta,
+      newOnly,
+      failOn: failOnArg as 'critical' | 'warning' | 'note' | 'none' | undefined,
       inlineComments,
       postComments,
-      format: formatArg as 'text' | 'sarif' | undefined,
+      format: formatArg as 'text' | 'sarif' | 'junit' | undefined,
       outputPath,
+      skipReview: staticOnly,
     });
     process.exit(code);
     break;
@@ -171,6 +352,8 @@ switch (subcommand) {
     const noPostComments = boolFlag('no-post-comments');
     const noInlineComments = boolFlag('no-inline-comments');
     const diff = boolFlag('diff');
+    const newOnly = boolFlag('new-only');
+    const failOnArg = flag('fail-on');
     const code = await runCi({
       configPath: config,
       base,
@@ -178,6 +361,33 @@ switch (subcommand) {
       postComments: noPostComments ? false : undefined,
       inlineComments: noInlineComments ? false : undefined,
       diff,
+      newOnly,
+      failOn: failOnArg as 'critical' | 'warning' | 'note' | 'none' | undefined,
+    });
+    process.exit(code);
+    break;
+  }
+
+  case 'baseline': {
+    const { runBaseline: rb } = await import('./baseline.ts');
+    const sub = args[1] ?? 'show';
+    const note = flag('note');
+    const config = flag('config');
+    const code = await rb(sub, { cwd: process.cwd(), note, baselinePath: config });
+    process.exit(code);
+    break;
+  }
+
+  case 'pr': {
+    const config = flag('config');
+    const noPostComments = boolFlag('no-post-comments');
+    const noInlineComments = boolFlag('no-inline-comments');
+    const prNumber = args.slice(1).find(a => !a.startsWith('--') && /^\d+$/.test(a));
+    const code = await runPr({
+      configPath: config,
+      prNumber,
+      noPostComments,
+      noInlineComments,
     });
     process.exit(code);
     break;
@@ -187,7 +397,11 @@ switch (subcommand) {
     const { runHook } = await import('./hook.ts');
     const hookSub = args[1] ?? 'status';
     const force = boolFlag('force');
-    const code = await runHook(hookSub, { force });
+    const code = await runHook(hookSub, {
+      force,
+      preCommitOnly: args.includes('--pre-commit-only'),
+      prePushOnly: args.includes('--pre-push-only'),
+    });
     process.exit(code);
     break;
   }
@@ -203,19 +417,67 @@ switch (subcommand) {
     const config = flag('config');
     const severityArg = flag('severity');
     if (severityArg && !['critical', 'warning', 'all'].includes(severityArg)) {
-      console.error(`\x1b[31m[autopilot] --severity must be "critical", "warning", or "all"\x1b[0m`);
+      console.error(`\x1b[31m[guardrail] --severity must be "critical", "warning", or "all"\x1b[0m`);
       process.exit(1);
     }
     const dryRun = boolFlag('dry-run');
+    const noVerify = boolFlag('no-verify');
     const code = await runFix({
       configPath: config,
       severity: severityArg as 'critical' | 'warning' | 'all' | undefined,
       dryRun,
+      noVerify,
+    });
+    process.exit(code);
+    break;
+  }
+
+  case 'triage': {
+    const sub = args[1];
+    const rest = args.slice(2);
+    const code = await runTriage(sub, rest);
+    process.exit(code);
+    break;
+  }
+
+  case 'test-gen': {
+    const config = flag('config');
+    const base = flag('base');
+    const dryRun = boolFlag('dry-run');
+    const verify = boolFlag('verify');
+    const targets = args.slice(1).filter(a => !a.startsWith('--') && a !== config && a !== base);
+    const code = await runTestGen({
+      cwd: process.cwd(),
+      configPath: config,
+      targets: targets.length > 0 ? targets : undefined,
+      base,
+      dryRun,
+      verify,
     });
     process.exit(code);
     break;
   }
 
+  case 'pr-desc': {
+    const { runPrDesc } = await import('./pr-desc.ts');
+    const baseIdx = args.indexOf('--base');
+    const base = baseIdx !== -1 ? args[baseIdx + 1] : undefined;
+    const outputIdx = args.indexOf('--output');
+    const output = outputIdx !== -1 ? args[outputIdx + 1] : undefined;
+    await runPrDesc({
+      base,
+      post: args.includes('--post'),
+      yes: args.includes('--yes'),
+      output,
+    });
+    break;
+  }
+
+  case 'lsp': {
+    await runLsp({ cwd: process.cwd() });
+    break;
+  }
+
   case 'costs': {
     const { runCosts } = await import('./costs.ts');
     const code = await runCosts();
@@ -223,14 +485,76 @@ switch (subcommand) {
     break;
   }
 
+  case 'report': {
+    const outputPath = flag('output');
+    const trend = boolFlag('trend');
+    const code = await runReport({ output: outputPath, trend });
+    process.exit(code);
+    break;
+  }
+
+  case 'explain': {
+    const config = flag('config');
+    // Target is the first non-flag arg after 'explain'
+    const target = args.slice(1).find(a => !a.startsWith('--'));
+    const code = await runExplain({ configPath: config, target });
+    process.exit(code);
+    break;
+  }
+
+  case 'ignore': {
+    const all = boolFlag('all');
+    const dryRun = boolFlag('dry-run');
+    const code = await runIgnore({ all, dryRun });
+    process.exit(code);
+    break;
+  }
+
   case 'setup': {
     const force = args.includes('--force');
-    await runSetup({ force });
+    const profileArg = flag('profile');
+    if (profileArg && !['security-strict', 'team', 'solo'].includes(profileArg)) {
+      console.error(`\x1b[31m[guardrail] --profile must be "security-strict", "team", or "solo"\x1b[0m`);
+      process.exit(1);
+    }
+    await runSetup({ force, profile: profileArg as 'security-strict' | 'team' | 'solo' | undefined });
+    break;
+  }
+
+  case 'worker': {
+    const sub = args[1];
+    const config = flag('config');
+    const code = await runWorker(sub, { cwd: process.cwd(), configPath: config });
+    process.exit(code);
+    break;
+  }
+
+  case 'council': {
+    const config = flag('config');
+    const prompt = flag('prompt');
+    const contextFile = flag('context-file');
+    const dryRun = boolFlag('dry-run');
+    const noSynthesize = boolFlag('no-synthesize');
+    const code = await runCouncilCmd({
+      prompt,
+      contextFile,
+      configPath: config,
+      dryRun,
+      noSynthesize,
+    });
+    process.exit(code);
+    break;
+  }
+
+  case 'mcp': {
+    const { runMcp } = await import('./mcp.ts');
+    const configPath = flag('config');
+    await runMcp({ cwd: process.cwd(), configPath });
     break;
   }
 
   default:
-    console.error(`\x1b[31m[autopilot] Unknown subcommand: "${subcommand}"\x1b[0m`);
+    console.error(`\x1b[31m[guardrail] Unknown subcommand: "${subcommand}"\x1b[0m`);
     printUsage();
     process.exit(1);
 }

package/src/cli/init.ts

@@ -17,14 +17,14 @@ const PRESET_DESCRIPTIONS: Record<string, string> = {
 const PRESET_NAMES = Object.keys(PRESET_DESCRIPTIONS);
 
 export async function runInit(cwd: string = process.cwd()): Promise<void> {
-  const dest = path.join(cwd, 'autopilot.config.yaml');
+  const dest = path.join(cwd, 'guardrail.config.yaml');
 
   if (fs.existsSync(dest)) {
-    console.error(`\x1b[33m[init] autopilot.config.yaml already exists — remove it first to re-init\x1b[0m`);
+    console.error(`\x1b[33m[init] guardrail.config.yaml already exists — remove it first to re-init\x1b[0m`);
     process.exit(1);
   }
 
-  console.log('\n\x1b[1m[autopilot init] Choose a preset:\x1b[0m\n');
+  console.log('\n\x1b[1m[guardrail init] Choose a preset:\x1b[0m\n');
   PRESET_NAMES.forEach((name, i) => {
     console.log(`  ${i + 1}. ${name.padEnd(22)} ${PRESET_DESCRIPTIONS[name]}`);
   });
@@ -63,27 +63,27 @@ export async function runInit(cwd: string = process.cwd()): Promise<void> {
   const presetContent = await fsAsync.readFile(presetConfigPath, 'utf8');
   await fsAsync.writeFile(dest, presetContent, 'utf8');
 
-  console.log(`\n\x1b[32m✓\x1b[0m  Created autopilot.config.yaml from preset \x1b[1m${presetName}\x1b[0m`);
+  console.log(`\n\x1b[32m✓\x1b[0m  Created guardrail.config.yaml from preset \x1b[1m${presetName}\x1b[0m`);
   console.log('\nNext steps:');
-  console.log('  1. Review autopilot.config.yaml and adjust testCommand / protectedPaths');
+  console.log('  1. Review guardrail.config.yaml and adjust testCommand / protectedPaths');
   console.log('  2. Set OPENAI_API_KEY in your environment (for Codex review)');
   console.log('  3. Run your first pipeline to verify the setup:');
-  console.log('       npx autopilot run');
+  console.log('       npx guardrail run');
   console.log('  4. Generate snapshot baselines after your first feature lands:');
-  console.log('       npx autopilot autoregress generate');
+  console.log('       npx guardrail autoregress generate');
   console.log('  5. Install the pre-push git hook (enforces snapshots on push):');
-  console.log('       npx autopilot hook install');
+  console.log('       npx guardrail hook install');
   console.log('  6. (Optional) Add CI with GitHub Actions:');
-  console.log('       uses: axledbetter/claude-autopilot/.github/actions/ci@main\n');
+  console.log('       uses: axledbetter/guardrail/.github/actions/ci@main\n');
 }
 
 function presetSearchPaths(name: string): string[] {
   // fileURLToPath handles encoded chars and Windows drive letters safely
   const pkgRoot = path.resolve(path.dirname(fileURLToPath(import.meta.url)), '..', '..');
   return [
-    path.join(pkgRoot, 'presets', name, 'autopilot.config.yaml'),
-    path.join(process.cwd(), 'presets', name, 'autopilot.config.yaml'),
-    path.join(process.cwd(), 'node_modules', '@delegance', 'claude-autopilot', 'presets', name, 'autopilot.config.yaml'),
+    path.join(pkgRoot, 'presets', name, 'guardrail.config.yaml'),
+    path.join(process.cwd(), 'presets', name, 'guardrail.config.yaml'),
+    path.join(process.cwd(), 'node_modules', '@delegance', 'claude-autopilot', 'presets', name, 'guardrail.config.yaml'),
   ];
 }