@qulib/core 0.5.3 → 0.6.0

package/dist/agent-summary.d.ts

@@ -0,0 +1,52 @@
+import type { AnalyzeResult } from './analyze.js';
+import type { CostIntelligence } from './schemas/cost-intelligence.schema.js';
+/**
+ * Agent-readable summary of an AnalyzeResult. Intended for orchestrators
+ * (CI gates, external agent loops) that need a small, stable JSON shape.
+ *
+ * QLIB-001 spec: see docs/agent-summary-output.md.
+ * C02 helper; exposed via CLI (`--agent-summary`) and MCP (`agentSummary: true`).
+ * Field names below are the v1 contract for `toAgentSummary`.
+ */
+export type AgentGate = 'pass' | 'warn' | 'fail';
+export type CoverageStatus = 'ok' | 'thin' | 'blocked-by-auth' | 'budget-exceeded' | 'navigation-failures' | 'unknown';
+export interface AgentSummaryCostSummary {
+    maxOutputTokensPerLlmCall: number;
+    totalInputTokens: number;
+    totalOutputTokens: number;
+    budgetWarningCount: number;
+    dataQuality: CostIntelligence['usageSummary']['dataQuality'];
+    maturityLevel: number;
+    maturityLabel: string;
+}
+export interface AgentSummary {
+    schemaVersion: 1;
+    gate: AgentGate;
+    releaseConfidence: number | null;
+    coverageStatus: CoverageStatus;
+    topRisks: string[];
+    recommendedNextChecks: string[];
+    honestyNotes: string[];
+    costSummary: AgentSummaryCostSummary | null;
+    deterministicFollowUps: string[];
+}
+export interface AgentSummaryPolicy {
+    /** Confidence at or above this number is required for `pass`. Default 80. */
+    passConfidenceThreshold?: number;
+    /** Confidence below this triggers `fail` (when no harder failure already applies). Default 30. */
+    failConfidenceThreshold?: number;
+    /** Max risks/checks/notes to include in each list. Default 5. */
+    maxListLength?: number;
+    /**
+     * Treat `mode === 'auth-required'` as `fail` (default) or `warn`.
+     * Honest default: a deployment that was never exercised past auth cannot pass.
+     */
+    authRequiredGate?: 'fail' | 'warn';
+}
+/**
+ * Convert an `AnalyzeResult` into a small agent-facing summary.
+ *
+ * Pure function. No I/O. CLI / MCP wiring belongs to QLIB-001-C03 and -C04.
+ */
+export declare function toAgentSummary(result: AnalyzeResult, policy?: AgentSummaryPolicy): AgentSummary;
+//# sourceMappingURL=agent-summary.d.ts.map

package/dist/agent-summary.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"agent-summary.d.ts","sourceRoot":"","sources":["../src/agent-summary.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAElD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uCAAuC,CAAC;AAE9E;;;;;;;GAOG;AAEH,MAAM,MAAM,SAAS,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;AAEjD,MAAM,MAAM,cAAc,GACtB,IAAI,GACJ,MAAM,GACN,iBAAiB,GACjB,iBAAiB,GACjB,qBAAqB,GACrB,SAAS,CAAC;AAEd,MAAM,WAAW,uBAAuB;IACtC,yBAAyB,EAAE,MAAM,CAAC;IAClC,gBAAgB,EAAE,MAAM,CAAC;IACzB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,gBAAgB,CAAC,cAAc,CAAC,CAAC,aAAa,CAAC,CAAC;IAC7D,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,YAAY;IAC3B,aAAa,EAAE,CAAC,CAAC;IACjB,IAAI,EAAE,SAAS,CAAC;IAChB,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,cAAc,EAAE,cAAc,CAAC;IAC/B,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,qBAAqB,EAAE,MAAM,EAAE,CAAC;IAChC,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,WAAW,EAAE,uBAAuB,GAAG,IAAI,CAAC;IAC5C,sBAAsB,EAAE,MAAM,EAAE,CAAC;CAClC;AAED,MAAM,WAAW,kBAAkB;IACjC,6EAA6E;IAC7E,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,kGAAkG;IAClG,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,iEAAiE;IACjE,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB;;;OAGG;IACH,gBAAgB,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;CACpC;AAmLD;;;;GAIG;AACH,wBAAgB,cAAc,CAC5B,MAAM,EAAE,aAAa,EACrB,MAAM,CAAC,EAAE,kBAAkB,GAC1B,YAAY,CAiBd"}

package/dist/agent-summary.js

@@ -0,0 +1,187 @@
+const DEFAULT_POLICY = {
+    passConfidenceThreshold: 80,
+    failConfidenceThreshold: 30,
+    maxListLength: 5,
+    authRequiredGate: 'fail',
+};
+const severityOrder = { critical: 0, high: 1, medium: 2, low: 3 };
+function resolvePolicy(p) {
+    return {
+        passConfidenceThreshold: p?.passConfidenceThreshold ?? DEFAULT_POLICY.passConfidenceThreshold,
+        failConfidenceThreshold: p?.failConfidenceThreshold ?? DEFAULT_POLICY.failConfidenceThreshold,
+        maxListLength: p?.maxListLength ?? DEFAULT_POLICY.maxListLength,
+        authRequiredGate: p?.authRequiredGate ?? DEFAULT_POLICY.authRequiredGate,
+    };
+}
+function countBySeverity(gaps) {
+    const counts = { critical: 0, high: 0, medium: 0, low: 0 };
+    for (const g of gaps)
+        counts[g.severity]++;
+    return counts;
+}
+function deriveCoverageStatus(result) {
+    const g = result.gapAnalysis;
+    if (g.mode === 'auth-required' || g.coverageWarning === 'auth-required') {
+        return 'blocked-by-auth';
+    }
+    if (g.coverageWarning === 'budget-exceeded' || g.coverageBudgetExceeded) {
+        return 'budget-exceeded';
+    }
+    if (g.coverageWarning === 'navigation-failures') {
+        return 'navigation-failures';
+    }
+    if (g.coverageWarning === 'low-coverage') {
+        return 'thin';
+    }
+    if (g.coveragePagesScanned === 0) {
+        return 'unknown';
+    }
+    return 'ok';
+}
+function buildTopRisks(result, limit) {
+    const risks = [];
+    const status = deriveCoverageStatus(result);
+    if (status === 'blocked-by-auth') {
+        risks.push('Auth blocked the scan; protected routes were not exercised.');
+    }
+    else if (status === 'thin') {
+        risks.push('Crawl coverage was below the confidence floor.');
+    }
+    else if (status === 'budget-exceeded') {
+        risks.push('Crawl budget exceeded; coverage is partial.');
+    }
+    else if (status === 'navigation-failures') {
+        risks.push('Navigation errors limited what could be scanned.');
+    }
+    const sorted = [...result.gaps].sort((a, b) => severityOrder[a.severity] - severityOrder[b.severity]);
+    for (const g of sorted) {
+        if (risks.length >= limit)
+            break;
+        risks.push(`[${g.severity}] ${g.category} — ${g.path}`);
+    }
+    return risks.slice(0, limit);
+}
+function buildRecommendedNextChecks(result, limit) {
+    const out = [];
+    const status = deriveCoverageStatus(result);
+    if (status === 'blocked-by-auth') {
+        out.push('Provide auth (form login or storage state) and re-run, or use explore_auth.');
+    }
+    if (status === 'thin') {
+        out.push('Increase crawl budget or supply deeper entry URLs to raise coverage above the floor.');
+    }
+    if (status === 'budget-exceeded') {
+        out.push('Increase maxPagesToScan or narrow scope to bring the crawl under budget.');
+    }
+    const byCat = new Map();
+    for (const g of result.gaps)
+        byCat.set(g.category, (byCat.get(g.category) ?? 0) + 1);
+    const topCats = [...byCat.entries()].sort((a, b) => b[1] - a[1]).slice(0, 3);
+    for (const [cat, n] of topCats) {
+        if (out.length >= limit)
+            break;
+        out.push(`Add or tighten deterministic coverage for ${cat} (${n} gap(s) this scan).`);
+    }
+    return out.slice(0, limit);
+}
+function buildHonestyNotes(result) {
+    const notes = ['This scan does not guarantee production readiness.'];
+    const g = result.gapAnalysis;
+    if (g.mode === 'auth-required' || g.coverageWarning === 'auth-required') {
+        notes.push('Authenticated surface was not exercised: confidence does not reflect protected routes.');
+    }
+    if (g.coverageWarning === 'low-coverage') {
+        notes.push('Coverage was below the confidence threshold; treat the score as a ceiling.');
+    }
+    if (g.coverageBudgetExceeded || g.coverageWarning === 'budget-exceeded') {
+        notes.push('Crawl budget was exceeded; some routes were not scanned.');
+    }
+    if (g.coverageWarning === 'navigation-failures') {
+        notes.push('Navigation failures reduced effective coverage.');
+    }
+    if (result.status === 'partial') {
+        notes.push('Scan completed only partially; signals are derived from a subset of intended work.');
+    }
+    if (result.status === 'blocked') {
+        notes.push('Scan was blocked before producing a meaningful evaluation.');
+    }
+    return notes;
+}
+function buildCostSummary(ci) {
+    if (!ci)
+        return null;
+    return {
+        maxOutputTokensPerLlmCall: ci.maxOutputTokensPerLlmCall,
+        totalInputTokens: ci.usageSummary.totalInputTokens,
+        totalOutputTokens: ci.usageSummary.totalOutputTokens,
+        budgetWarningCount: ci.budgetWarnings.length,
+        dataQuality: ci.usageSummary.dataQuality,
+        maturityLevel: ci.deterministicMaturity.level,
+        maturityLabel: ci.deterministicMaturity.label,
+    };
+}
+function buildDeterministicFollowUps(ci, limit) {
+    if (!ci)
+        return [];
+    return ci.conversionRecommendations.slice(0, limit);
+}
+/**
+ * Default gate policy:
+ *   - fail when: any critical gap, status === 'blocked', releaseConfidence is null,
+ *                releaseConfidence < failConfidenceThreshold, or mode === 'auth-required'
+ *                under the default authRequiredGate.
+ *   - warn when: any high-severity gap, status === 'partial', coverage is thin /
+ *                budget-exceeded / navigation-failures, or confidence is below
+ *                passConfidenceThreshold (but at or above failConfidenceThreshold).
+ *   - pass when: confidence >= passConfidenceThreshold AND no blocking conditions.
+ *
+ * Honesty rule: an `auth-required` scan never silently `pass`es under defaults.
+ */
+function deriveGate(result, policy) {
+    const g = result.gapAnalysis;
+    const counts = countBySeverity(result.gaps);
+    if (counts.critical > 0)
+        return 'fail';
+    if (result.status === 'blocked')
+        return 'fail';
+    if (g.mode === 'auth-required' || g.coverageWarning === 'auth-required') {
+        return policy.authRequiredGate;
+    }
+    if (result.releaseConfidence === null)
+        return 'fail';
+    if (result.releaseConfidence < policy.failConfidenceThreshold)
+        return 'fail';
+    const hasCoverageIssue = g.coverageWarning === 'low-coverage' ||
+        g.coverageWarning === 'budget-exceeded' ||
+        g.coverageWarning === 'navigation-failures' ||
+        g.coverageBudgetExceeded;
+    if (counts.high > 0)
+        return 'warn';
+    if (result.status === 'partial')
+        return 'warn';
+    if (hasCoverageIssue)
+        return 'warn';
+    if (result.releaseConfidence < policy.passConfidenceThreshold)
+        return 'warn';
+    return 'pass';
+}
+/**
+ * Convert an `AnalyzeResult` into a small agent-facing summary.
+ *
+ * Pure function. No I/O. CLI / MCP wiring belongs to QLIB-001-C03 and -C04.
+ */
+export function toAgentSummary(result, policy) {
+    const resolved = resolvePolicy(policy);
+    const limit = resolved.maxListLength;
+    return {
+        schemaVersion: 1,
+        gate: deriveGate(result, resolved),
+        releaseConfidence: result.releaseConfidence,
+        coverageStatus: deriveCoverageStatus(result),
+        topRisks: buildTopRisks(result, limit),
+        recommendedNextChecks: buildRecommendedNextChecks(result, limit),
+        honestyNotes: buildHonestyNotes(result),
+        costSummary: buildCostSummary(result.gapAnalysis.costIntelligence),
+        deterministicFollowUps: buildDeterministicFollowUps(result.gapAnalysis.costIntelligence, limit),
+    };
+}

package/dist/cli/index.js

@@ -8,6 +8,7 @@ const requirePkg = createRequire(import.meta.url);
 const pkg = requirePkg('../../package.json');
 import { HarnessConfigSchema } from '../schemas/config.schema.js';
 import { analyzeApp } from '../analyze.js';
+import { toAgentSummary } from '../agent-summary.js';
 import { detectAuth } from '../tools/auth/detect.js';
 import { exploreAuth } from '../tools/auth/explore.js';
 import { assertExactlyOneCredentialSource, parseCredentialsJsonString, resolveAuthLoginConfig, } from './auth-login-resolve.js';
@@ -80,15 +81,22 @@ function mergeAuthFromCli(config, options) {
     return config;
 }
 async function runAnalyze(options) {
+    if (options.ephemeral && options.agentSummary) {
+        throw new Error('Use either --agent-summary or --ephemeral, not both — pick one stdout output mode.');
+    }
     const validatedUrl = AnalyzeUrlSchema.parse(options.url);
     const mode = options.repo ? 'url-repo' : 'url-only';
     const baseConfig = await loadConfigFile(options.configFile ?? 'qulib.config.ts');
     const config = mergeAuthFromCli(baseConfig, options);
     const ephemeral = options.ephemeral ?? false;
-    const writeArtifacts = !ephemeral;
+    const agentSummary = options.agentSummary ?? false;
+    const writeArtifacts = !ephemeral && !agentSummary;
     if (ephemeral) {
         console.error('[qulib] Ephemeral mode: no disk writes; full result JSON on stdout');
     }
+    else if (agentSummary) {
+        console.error('[qulib] Agent-summary mode: no disk writes; agent gate JSON on stdout');
+    }
     else {
         console.log('[qulib] Detected mode:', mode);
         console.log('[qulib] Active config:', redactConfigForLog(config));
@@ -100,6 +108,10 @@ async function runAnalyze(options) {
         writeArtifacts,
         skipAuthDetection: options.skipAuthDetection,
     });
+    if (agentSummary) {
+        console.log(JSON.stringify(toAgentSummary(result), null, 2));
+        return;
+    }
     if (ephemeral) {
         console.log(JSON.stringify({
             status: result.status,
@@ -158,6 +170,7 @@ program
     .option('--config <file>', 'Path to config file (relative to cwd)', 'qulib.config.ts')
     .option('--adapter <type>', 'Override default test adapter (playwright, cypress-e2e, cypress-component, api)', 'playwright')
     .option('--ephemeral', 'Do not write to disk — return full report as JSON on stdout (use for MCP/CI)', false)
+    .option('--agent-summary', 'Do not write to disk — return the compact agent-summary gate JSON on stdout (pass/warn/fail with honesty notes). Mutually exclusive with --ephemeral.', false)
     .option('--skip-auth-detection', 'Crawl the public surface even if auth is detected (useful for sites with sign-in CTAs on public pages)', false)
     .option('--auth-storage-state <path>', 'Path to a storage state JSON file (use after `qulib auth init`)')
     .option('--auth-form-login', 'Use form-login; requires --login-url, credentials, and selectors', false)
@@ -181,6 +194,7 @@ program
         repo: options.repo,
         configFile: options.config,
         ephemeral: options.ephemeral,
+        agentSummary: options.agentSummary,
         skipAuthDetection: Boolean(options.skipAuthDetection),
         authStorageState: options.authStorageState,
         authFormLogin,

package/dist/index.d.ts

@@ -1,4 +1,6 @@
 export { analyzeApp } from './analyze.js';
+export { toAgentSummary } from './agent-summary.js';
+export type { AgentSummary, AgentSummaryPolicy, AgentGate, CoverageStatus, AgentSummaryCostSummary, } from './agent-summary.js';
 export { detectAuth, validateStorageState, evaluateStorageStateValidity, preflightStorageStateFile, waitForReturnToOrigin, } from './tools/auth/detect.js';
 export type { StorageStateInvalidReason, StorageStateValidationResult, } from './tools/auth/detect.js';
 export { exploreAuth } from './tools/auth/explore.js';

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EACL,UAAU,EACV,oBAAoB,EACpB,4BAA4B,EAC5B,yBAAyB,EACzB,qBAAqB,GACtB,MAAM,wBAAwB,CAAC;AAChC,YAAY,EACV,yBAAyB,EACzB,4BAA4B,GAC7B,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAC1G,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,yBAAyB,EAAE,MAAM,wCAAwC,CAAC;AACnF,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,OAAO,EAAE,gCAAgC,EAAE,MAAM,4BAA4B,CAAC;AAC9E,OAAO,EAAE,uBAAuB,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AACvF,YAAY,EAAE,cAAc,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AACjF,YAAY,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AACrE,YAAY,EACV,aAAa,EACb,cAAc,EACd,kBAAkB,GACnB,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAC5D,YAAY,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC9E,YAAY,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAC5D,YAAY,EACV,aAAa,EACb,UAAU,EACV,cAAc,EACd,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,eAAe,EACf,QAAQ,EACR,oBAAoB,EACpB,gBAAgB,EAChB,cAAc,EACd,iBAAiB,EACjB,qBAAqB,EACrB,aAAa,EACb,kBAAkB,EAClB,2BAA2B,EAC3B,wBAAwB,EACxB,wBAAwB,GACzB,MAAM,oBAAoB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,YAAY,EACV,YAAY,EACZ,kBAAkB,EAClB,SAAS,EACT,cAAc,EACd,uBAAuB,GACxB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,UAAU,EACV,oBAAoB,EACpB,4BAA4B,EAC5B,yBAAyB,EACzB,qBAAqB,GACtB,MAAM,wBAAwB,CAAC;AAChC,YAAY,EACV,yBAAyB,EACzB,4BAA4B,GAC7B,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAC1G,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,yBAAyB,EAAE,MAAM,wCAAwC,CAAC;AACnF,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,OAAO,EAAE,gCAAgC,EAAE,MAAM,4BAA4B,CAAC;AAC9E,OAAO,EAAE,uBAAuB,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AACvF,YAAY,EAAE,cAAc,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AACjF,YAAY,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AACrE,YAAY,EACV,aAAa,EACb,cAAc,EACd,kBAAkB,GACnB,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAC5D,YAAY,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC9E,YAAY,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAC5D,YAAY,EACV,aAAa,EACb,UAAU,EACV,cAAc,EACd,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,eAAe,EACf,QAAQ,EACR,oBAAoB,EACpB,gBAAgB,EAChB,cAAc,EACd,iBAAiB,EACjB,qBAAqB,EACrB,aAAa,EACb,kBAAkB,EAClB,2BAA2B,EAC3B,wBAAwB,EACxB,wBAAwB,GACzB,MAAM,oBAAoB,CAAC"}

package/dist/index.js

@@ -1,4 +1,5 @@
 export { analyzeApp } from './analyze.js';
+export { toAgentSummary } from './agent-summary.js';
 export { detectAuth, validateStorageState, evaluateStorageStateValidity, preflightStorageStateFile, waitForReturnToOrigin, } from './tools/auth/detect.js';
 export { exploreAuth } from './tools/auth/explore.js';
 export { addUserProvider, removeUserProvider, listUserProviders } from './tools/auth/custom-providers.js';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@qulib/core",
-  "version": "0.5.3",
+  "version": "0.6.0",
   "description": "Qulib — analyze deployed web apps for honest quality gaps (CLI + programmatic API)",
   "license": "MIT",
   "author": "Tapesh Nagarwal",
@@ -48,7 +48,7 @@
     "analyze": "tsx src/cli/index.ts analyze",
     "clean": "tsx src/cli/index.ts clean",
     "build": "tsc",
-    "test": "node --import tsx/esm --test src/llm/__tests__/cost-intelligence.test.ts src/llm/__tests__/context-builder.test.ts src/tools/scoring/__tests__/gaps.test.ts src/tools/auth/__tests__/gaps.test.ts src/tools/auth/__tests__/detect.test.ts src/tools/scoring/__tests__/automation-maturity.test.ts src/harness/__tests__/state-manager.test.ts src/telemetry/__tests__/redact-url.test.ts src/cli/__tests__/auth-login.test.ts src/cli/__tests__/cli-version.test.ts src/__tests__/analyze.storage-state-invalid.test.ts src/__tests__/analyze.fixtures.test.ts",
+    "test": "node --import tsx/esm --test src/llm/__tests__/cost-intelligence.test.ts src/llm/__tests__/context-builder.test.ts src/tools/scoring/__tests__/gaps.test.ts src/tools/auth/__tests__/gaps.test.ts src/tools/auth/__tests__/detect.test.ts src/tools/scoring/__tests__/automation-maturity.test.ts src/harness/__tests__/state-manager.test.ts src/telemetry/__tests__/redact-url.test.ts src/cli/__tests__/auth-login.test.ts src/cli/__tests__/cli-version.test.ts src/__tests__/agent-summary.test.ts src/__tests__/cli-agent-summary.test.ts src/__tests__/analyze.storage-state-invalid.test.ts src/__tests__/analyze.fixtures.test.ts",
     "test:integration": "node --import tsx/esm --test src/__tests__/analyze.integration.test.ts",
     "smoke": "tsx src/cli/index.ts analyze --url https://example.com --ephemeral",
     "cost-doctor": "tsx src/cli/index.ts cost doctor"