@nerviq/cli 1.5.1 → 1.5.2

package/README.md

@@ -67,8 +67,8 @@ Nerviq scores your AI coding agent setup from 0 to 100, finds what's missing, an
 ## Quick Start
 
 ```bash
-npx @nerviq/cli audit              # Score your project (10 seconds)
-npx @nerviq/cli audit --lite       # Quick top-3 scan
+npx @nerviq/cli audit              # Quick scan: score + top 3 actions
+npx @nerviq/cli audit --full       # Full audit with all checks + badge
 npx @nerviq/cli setup              # Generate starter-safe baseline
 npx @nerviq/cli augment            # Improvement plan, no writes
 npx @nerviq/cli governance         # Permission profiles + policy packs
@@ -226,6 +226,8 @@ Levels:
 |---------|-------------|
 | `nerviq audit` | Score 0-100 against 2,431 checks |
 | `nerviq audit --lite` | Quick top-3 scan |
+| `nerviq fix <key>` | Auto-fix a specific check (shows score impact) |
+| `nerviq fix --all-critical` | Fix all critical issues at once |
 | `nerviq setup` | Generate starter-safe CLAUDE.md + hooks + commands |
 | `nerviq augment` | Repo-aware improvement plan (no writes) |
 | `nerviq suggest-only` | Structured report for sharing |
@@ -281,6 +283,21 @@ Nerviq is built on the CLAUDEX knowledge engine — the largest verified catalog
 - Every check is traceable to primary documentation or verified experiment
 - 90-day freshness cycle: stale findings are re-verified or pruned
 
+## Safety Modes
+
+Nerviq provides explicit safety controls so you decide what it can touch:
+
+| Mode | Flag | What it does |
+|------|------|-------------|
+| **Read-only** | `nerviq audit` | Reads files, writes nothing. Default command. |
+| **Suggest-only** | `nerviq suggest-only` | Generates markdown report, no file writes. |
+| **Dry-run** | `--dry-run` | Previews setup/fix/apply changes without writing. |
+| **Config-only** | `--config-only` | Only writes config files (.claude/, rules, hooks). Never touches source code. |
+| **Safe-write** | `--profile safe-write` | Default write profile. Creates new files, never overwrites existing ones. |
+| **Power-user** | `--profile power-user` | Overwrites existing files (use with `--snapshot` for rollback). |
+
+Every write command supports `--snapshot` for automatic backup before changes.
+
 ## Privacy
 
 - **Zero dependencies** — nothing to audit

package/bin/cli.js

@@ -26,7 +26,7 @@ const COMMAND_ALIASES = {
   gov: 'governance',
   outcome: 'feedback',
 };
-const KNOWN_COMMANDS = ['audit', 'org', 'setup', 'augment', 'suggest-only', 'plan', 'apply', 'governance', 'benchmark', 'deep-review', 'interactive', 'watch', 'badge', 'insights', 'history', 'compare', 'trend', 'scan', 'feedback', 'doctor', 'convert', 'migrate', 'catalog', 'certify', 'serve', 'harmony-audit', 'harmony-sync', 'harmony-drift', 'harmony-advise', 'harmony-watch', 'harmony-governance', 'harmony-add', 'synergy-report', 'anti-patterns', 'rules-export', 'freshness', 'help', 'version'];
+const KNOWN_COMMANDS = ['audit', 'org', 'setup', 'augment', 'suggest-only', 'plan', 'apply', 'fix', 'governance', 'benchmark', 'deep-review', 'interactive', 'watch', 'badge', 'insights', 'history', 'compare', 'trend', 'scan', 'feedback', 'doctor', 'convert', 'migrate', 'catalog', 'certify', 'serve', 'harmony-audit', 'harmony-sync', 'harmony-drift', 'harmony-advise', 'harmony-watch', 'harmony-governance', 'harmony-add', 'synergy-report', 'anti-patterns', 'rules-export', 'freshness', 'help', 'version'];
 
 function levenshtein(a, b) {
   const matrix = Array.from({ length: a.length + 1 }, () => Array(b.length + 1).fill(0));
@@ -289,9 +289,9 @@ const HELP = `
   Audit, align, and amplify every platform on every project.
 
   DISCOVER
-    nerviq audit                  Score your project (0-100)
+    nerviq audit                  Quick scan: score + top 3 gaps (default)
+    nerviq audit --full           Full audit with all checks, weakest areas, badge
     nerviq audit --platform X     Audit specific platform (claude|codex|cursor|copilot|gemini|windsurf|aider|opencode)
-    nerviq audit --lite           Quick scan: top 3 gaps + next command
     nerviq audit --json           Machine-readable JSON output (for CI)
     nerviq audit --workspace packages/*     Audit each workspace in a monorepo
     nerviq scan dir1 dir2         Compare multiple repos side-by-side
@@ -307,6 +307,12 @@ const HELP = `
     nerviq interactive            Step-by-step guided wizard
     nerviq doctor                 Self-diagnostics: Node, deps, freshness, platform detection
 
+  FIX
+    nerviq fix                    Show fixable checks and manual-fix guidance
+    nerviq fix <key>              Auto-fix a specific check (with score impact)
+    nerviq fix --all-critical     Fix all critical issues at once
+    nerviq fix --dry-run          Preview fixes without writing
+
   IMPROVE
     nerviq augment                Improvement plan (no writes)
     nerviq suggest-only           Structured report for sharing (no writes)
@@ -365,9 +371,11 @@ const HELP = `
     --port N          Port for \`serve\` (default: 3000)
     --workspace GLOBS Audit workspaces separately (e.g. packages/* or apps/web,apps/api)
     --snapshot        Save snapshot artifact under .claude/nerviq/snapshots/
-    --lite            Short top-3 scan with one clear next step
+    --full            Show full audit output (all checks, weakest areas, badge)
+    --lite            Short top-3 scan (default behavior since v1.5.2)
     --dry-run         Preview changes without writing files
-    --verbose         Show all checks (not just critical/high)
+    --config-only     Only write config files (.claude/, rules, hooks) — never source code
+    --verbose         Full audit + medium-priority recommendations
     --json            Output as JSON
     --auto            Apply all generated files without prompting
     --key NAME        Feedback: recommendation key (e.g. permissionDeny)
@@ -425,12 +433,14 @@ async function main() {
     verbose: flags.includes('--verbose'),
     json: flags.includes('--json'),
     auto: flags.includes('--auto'),
-    lite: flags.includes('--lite'),
+    lite: flags.includes('--full') || flags.includes('--verbose') ? false : true,
+    full: flags.includes('--full'),
     snapshot: flags.includes('--snapshot'),
     feedback: flags.includes('--feedback'),
     fix: flags.includes('--fix'),
     autoSync: flags.includes('--auto-sync'),
     dryRun: flags.includes('--dry-run'),
+    configOnly: flags.includes('--config-only'),
     threshold: parsed.threshold !== null ? Number(parsed.threshold) : null,
     out: parsed.out,
     planFile: parsed.planFile,
@@ -1101,6 +1111,113 @@ async function main() {
       });
       console.log(output);
       process.exit(0);
+    } else if (normalizedCommand === 'fix') {
+      // nerviq fix [key] [--all-critical] [--dry-run]
+      const fixKey = parsed.extraArgs[0] || null;
+      const allCritical = flags.includes('--all-critical');
+
+      // Step 1: Run silent audit to find failed checks
+      const auditResult = await audit({ dir: options.dir, silent: true, platform: options.platform });
+      const failedResults = (auditResult.results || []).filter(r => !r.passed);
+
+      if (failedResults.length === 0) {
+        console.log('\n  ✅ All checks passing — nothing to fix.\n');
+        process.exit(0);
+      }
+
+      // Step 2: Determine which checks to fix
+      const { TECHNIQUES } = require('../src/techniques');
+      let targetKeys = [];
+
+      if (fixKey) {
+        // Fix a specific check
+        if (!failedResults.find(r => r.key === fixKey)) {
+          const passed = (auditResult.results || []).find(r => r.key === fixKey && r.passed);
+          if (passed) {
+            console.log(`\n  ✅ '${fixKey}' is already passing.\n`);
+          } else {
+            console.log(`\n  Error: Unknown check key '${fixKey}'.`);
+            console.log(`  Fix: Run 'nerviq audit --full' to see all check keys.\n`);
+          }
+          process.exit(1);
+        }
+        targetKeys = [fixKey];
+      } else if (allCritical) {
+        targetKeys = failedResults.filter(r => r.impact === 'critical').map(r => r.key);
+        if (targetKeys.length === 0) {
+          console.log('\n  ✅ No critical issues found.\n');
+          process.exit(0);
+        }
+      } else {
+        // No key specified — show fixable checks and exit
+        const fixable = failedResults.filter(r => TECHNIQUES[r.key] && TECHNIQUES[r.key].template);
+        const nonFixable = failedResults.filter(r => !TECHNIQUES[r.key] || !TECHNIQUES[r.key].template);
+        console.log('');
+        console.log(`  nerviq fix — ${failedResults.length} failed checks\n`);
+        if (fixable.length > 0) {
+          console.log(`  Auto-fixable (${fixable.length}):`);
+          for (const r of fixable) {
+            const tier = r.impact === 'critical' ? '🔴' : r.impact === 'high' ? '🟡' : '🔵';
+            console.log(`    ${tier} nerviq fix ${r.key}`);
+          }
+          console.log('');
+        }
+        if (nonFixable.length > 0) {
+          console.log(`  Manual fix needed (${nonFixable.length}):`);
+          for (const r of nonFixable.slice(0, 5)) {
+            const tier = r.impact === 'critical' ? '🔴' : r.impact === 'high' ? '🟡' : '🔵';
+            console.log(`    ${tier} ${r.key}: ${r.fix}`);
+          }
+          if (nonFixable.length > 5) {
+            console.log(`    ... and ${nonFixable.length - 5} more (use --full to see all)`);
+          }
+          console.log('');
+        }
+        if (fixable.length > 0) {
+          console.log(`  Quick actions:`);
+          console.log(`    nerviq fix ${fixable[0].key}        Fix the first auto-fixable check`);
+          console.log(`    nerviq fix --all-critical    Fix all critical issues at once`);
+        }
+        console.log('');
+        process.exit(0);
+      }
+
+      // Step 3: For each target, either use template or show manual instructions
+      const preScore = auditResult.score;
+      let fixed = 0;
+      let manual = 0;
+
+      for (const key of targetKeys) {
+        const technique = TECHNIQUES[key];
+        const failedCheck = failedResults.find(r => r.key === key);
+
+        if (technique && technique.template) {
+          if (options.dryRun) {
+            console.log(`\n  [dry-run] Would fix: ${failedCheck.name} (${key})`);
+            fixed++;
+          } else {
+            // Use setup with only this key
+            await setup({ ...options, only: [key], silent: true });
+            console.log(`  ✅ Fixed: ${failedCheck.name}`);
+            fixed++;
+          }
+        } else {
+          console.log(`  📋 ${failedCheck.name} (manual fix needed)`);
+          console.log(`     ${failedCheck.fix}`);
+          manual++;
+        }
+      }
+
+      // Step 4: Show score impact
+      if (fixed > 0 && !options.dryRun) {
+        const postResult = await audit({ dir: options.dir, silent: true, platform: options.platform });
+        const delta = postResult.score - preScore;
+        console.log('');
+        console.log(`  Score: ${preScore} → ${postResult.score} (${delta >= 0 ? '+' : ''}${delta})`);
+      }
+
+      console.log(`\n  ${fixed} fixed, ${manual} need manual action.\n`);
+
     } else if (normalizedCommand === 'setup') {
       await setup(options);
       if (options.snapshot) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nerviq/cli",
-  "version": "1.5.1",
+  "version": "1.5.2",
   "description": "The intelligent nervous system for AI coding agents — 2,431 checks across 8 platforms, 10 languages, and 62 domain packs. Audit, align, and amplify.",
   "main": "src/index.js",
   "bin": {

package/src/analyze.js

@@ -697,7 +697,7 @@ function printAnalysis(report, options = {}) {
  */
 function exportMarkdown(report) {
   const lines = [];
-  lines.push(`# Claudex Setup Analysis Report`);
+  lines.push(`# Nerviq Analysis Report`);
   lines.push(`## ${report.platformLabel} ${report.mode === 'suggest-only' ? 'Suggest-Only' : 'Augment'} Mode`);
   lines.push('');
   lines.push(`**Project:** ${report.projectSummary.name}${report.projectSummary.description ? ` — ${report.projectSummary.description}` : ''}`);

package/src/audit.js

@@ -532,6 +532,12 @@ function confidenceFromImpact(impact) {
   return impact === 'critical' || impact === 'high' ? 'high' : 'medium';
 }
 
+function confidenceLabel(confidence) {
+  if (confidence >= 0.8) return 'HIGH';
+  if (confidence >= 0.5) return 'MEDIUM';
+  return 'HEURISTIC';
+}
+
 function getPrioritizedFailed(failed) {
   const prioritized = failed.filter(r => !(r.category === 'hygiene' && r.impact === 'low'));
   return prioritized.length > 0 ? prioritized : failed;
@@ -901,18 +907,32 @@ function printLiteAudit(result, dir) {
     return;
   }
 
+  // Urgency summary line
+  const criticalCount = (result.results || []).filter(r => !r.passed && r.impact === 'critical').length;
+  const highCount = (result.results || []).filter(r => !r.passed && r.impact === 'high').length;
+  const mediumCount = result.failed - criticalCount - highCount;
+  const urgencyParts = [];
+  if (criticalCount > 0) urgencyParts.push(colorize(`🔴 ${criticalCount} critical`, 'red'));
+  if (highCount > 0) urgencyParts.push(colorize(`🟡 ${highCount} high`, 'yellow'));
+  if (mediumCount > 0) urgencyParts.push(colorize(`🔵 ${mediumCount} recommended`, 'blue'));
+  if (urgencyParts.length > 0) {
+    console.log(`  ${urgencyParts.join('  ')}`);
+    console.log('');
+  }
+
   console.log(colorize('  Top 3 things to fix right now:', 'magenta'));
   console.log('');
   result.liteSummary.topNextActions.forEach((item, index) => {
-    console.log(`  ${index + 1}. ${colorize(item.name, 'bold')}`);
-    console.log(colorize(`     Why: ${item.why}`, 'dim'));
-    console.log(colorize(`     Fix: ${item.fix}`, 'dim'));
+    const tier = item.impact === 'critical' ? '🔴' : item.impact === 'high' ? '🟡' : '🔵';
+    console.log(`  ${index + 1}. ${tier} ${colorize(item.name, 'bold')}`);
+    console.log(colorize(`     ${item.fix}`, 'dim'));
   });
   console.log('');
   console.log(`  Ready? Run: ${colorize(result.suggestedNextCommand, 'bold')}`);
   if (result.platform === 'codex') {
     console.log(colorize('  Note: Codex now supports no-write advisory flows via augment and suggest-only before setup/apply.', 'dim'));
   }
+  console.log(colorize(`  See all ${result.failed} failed checks: ${colorize('nerviq audit --full', 'bold')}`, 'dim'));
   console.log('');
 }
 
@@ -1195,7 +1215,8 @@ async function audit(options) {
   if (critical.length > 0) {
     console.log(colorize('  🔴 Critical (fix immediately)', 'red'));
     for (const r of critical) {
-      console.log(`     ${colorize(r.name, 'bold')}`);
+      const conf = r.confidence ? ` [${confidenceLabel(r.confidence)}]` : '';
+      console.log(`     ${colorize(r.name, 'bold')}${colorize(conf, 'dim')}`);
       if (r.file) {
         console.log(colorize(`     at ${formatLocation(r.file, r.line)}`, 'dim'));
       }
@@ -1207,7 +1228,8 @@ async function audit(options) {
   if (high.length > 0) {
     console.log(colorize('  🟡 High Impact', 'yellow'));
     for (const r of high) {
-      console.log(`     ${colorize(r.name, 'bold')}`);
+      const conf = r.confidence ? ` [${confidenceLabel(r.confidence)}]` : '';
+      console.log(`     ${colorize(r.name, 'bold')}${colorize(conf, 'dim')}`);
       if (r.file) {
         console.log(colorize(`     at ${formatLocation(r.file, r.line)}`, 'dim'));
       }
@@ -1219,7 +1241,8 @@ async function audit(options) {
   if (medium.length > 0 && options.verbose) {
     console.log(colorize('  🔵 Recommended', 'blue'));
     for (const r of medium) {
-      console.log(`     ${colorize(r.name, 'bold')}`);
+      const conf = r.confidence ? ` [${confidenceLabel(r.confidence)}]` : '';
+      console.log(`     ${colorize(r.name, 'bold')}${colorize(conf, 'dim')}`);
       if (r.file) {
         console.log(colorize(`     at ${formatLocation(r.file, r.line)}`, 'dim'));
       }