@rigour-labs/cli 5.2.2 → 5.2.4

package/dist/commands/check.js

@@ -2,7 +2,7 @@ import fs from 'fs-extra';
 import path from 'path';
 import chalk from 'chalk';
 import yaml from 'yaml';
-import { GateRunner, ConfigSchema, recordScore, getScoreTrend, resolveDeepOptions, getProvenanceTrends, getQualityTrend, IncrementalCache } from '@rigour-labs/core';
+import { GateRunner, ConfigSchema, recordScore, getScoreTrend, resolveDeepOptions, getProvenanceTrends, getQualityTrend, IncrementalCache, renderFullReport } from '@rigour-labs/core';
 import inquirer from 'inquirer';
 import { randomUUID } from 'crypto';
 // Exit codes per spec
@@ -417,64 +417,20 @@ function renderDeepOutput(report, config, options, resolvedDeepMode) {
     console.log(chalk.yellow(`  See ${config.output.report_path} for full details.`));
 }
 /**
- * Render standard AST-only output (existing behavior).
+ * Render standard AST-only output — uses shared terminal renderer.
  */
-function renderStandardOutput(report, config) {
-    if (report.status === 'PASS') {
-        console.log(chalk.green.bold('✔ PASS - All quality gates satisfied.'));
-    }
-    else {
-        console.log(chalk.red.bold('✘ FAIL - Quality gate violations found.\n'));
-        // Score summary line
-        const stats = report.stats;
-        const scoreParts = [];
-        if (stats.score !== undefined)
-            scoreParts.push(`Score: ${stats.score}/100`);
-        if (stats.ai_health_score !== undefined)
-            scoreParts.push(`AI Health: ${stats.ai_health_score}/100`);
-        if (stats.structural_score !== undefined)
-            scoreParts.push(`Structural: ${stats.structural_score}/100`);
-        if (scoreParts.length > 0) {
-            console.log(chalk.bold(scoreParts.join(' | ')) + '\n');
-        }
-        // Severity breakdown
-        if (stats.severity_breakdown) {
-            const parts = Object.entries(stats.severity_breakdown)
-                .filter(([, count]) => count > 0)
-                .map(([sev, count]) => {
-                const color = sev === 'critical' ? chalk.red.bold : sev === 'high' ? chalk.red : sev === 'medium' ? chalk.yellow : chalk.dim;
-                return color(`${sev}: ${count}`);
-            });
-            if (parts.length > 0) {
-                console.log('Severity: ' + parts.join(', ') + '\n');
-            }
-        }
-        // ── Temporal Drift Trends (standard mode) ──
-        try {
-            const trend = getQualityTrend(process.cwd());
-            if (trend !== 'stable') {
-                const trendIcon = trend === 'improving' ? chalk.green('↑') : chalk.red('↓');
-                const trendColor = trend === 'improving' ? chalk.green : chalk.red;
-                console.log(`Trend: ${trendIcon} ${trendColor(trend)} (Z-score)\n`);
-            }
-        }
-        catch { /* ignore */ }
-        for (const failure of report.failures) {
-            const sev = severityIcon(failure.severity);
-            const prov = failure.provenance ? chalk.dim(`[${failure.provenance}]`) : '';
-            console.log(`${sev} ${prov} ${chalk.red(`[${failure.id}]`)} ${failure.title}`);
-            console.log(chalk.dim(`      Details: ${failure.details}`));
-            if (failure.files && failure.files.length > 0) {
-                console.log(chalk.dim('      Files:'));
-                failure.files.forEach((f) => console.log(chalk.dim(`        - ${f}`)));
-            }
-            if (failure.hint) {
-                console.log(chalk.cyan(`      Hint: ${failure.hint}`));
-            }
-            console.log('');
-        }
-        console.log(chalk.yellow(`See ${config.output.report_path} for full details.`));
+function renderStandardOutput(report, _config) {
+    const trend = getScoreTrend(process.cwd());
+    const renderOpts = {
+        showBrain: true,
+        brainPatterns: 0,
+        brainTrend: 'stable',
+    };
+    if (trend && trend.recentScores.length >= 3) {
+        renderOpts.recentScores = trend.recentScores;
+        renderOpts.brainTrend = trend.direction;
     }
+    console.log(renderFullReport(report, renderOpts));
 }
 function severityIcon(s) {
     switch (s) {

package/dist/commands/constants.d.ts

@@ -1,4 +1,4 @@
 export declare const CODE_QUALITY_RULES = "\n# Code Quality Standards\n\n## PRODUCTION-GRADE CODE ONLY\n- No debug logging in production code\n- No shortcuts or \"temporary\" fixes\n- No over-engineering - simplest solution that works\n- Follow existing code patterns and conventions\n- Handle edge cases properly\n- No TODO/FIXME comments in final code\n\n## MODULAR CODE STRUCTURE\n- Write SMALL, focused functions (< 50 lines ideally)\n- One function = one job, clearly named\n- New features go in SEPARATE FILES, not flooding existing ones\n- Keep files under 500 lines - split if growing larger\n- Extract reusable logic into utility modules\n- Avoid \"god files\" that do everything\n- When adding to existing code, check if a new module is more appropriate\n\n## Technical Standards\n\n### DRY Principle\n- Extract repeated logic into utilities\n- Single Responsibility: One function, one job\n- Defensive coding: Validate inputs at boundaries\n- Lazy initialization for external dependencies (secrets, connections)\n- Graceful degradation over hard failures\n\n### File Organization\n```\n# Good: Separate concerns into focused files\ngovernor/\n  main.py              # Entry point only\n  drift_detector.py    # Drift detection logic\n  lip_sync_analyzer.py # SyncNet integration\n  audio_analyzer.py    # Audio analysis\n\n# Bad: One massive file with everything\ngovernor/\n  main.py (2000+ lines with all logic mixed)\n```\n\n### API Design\n- Consistent error responses\n- Proper HTTP status codes\n- Authentication at the edge\n- Rate limiting on public endpoints\n\n## PRODUCTION-READY SELF-REVIEW (THE GATEKEEPER)\n\nBefore asking for \"approval,\" internally verify:\n\n- **Zero-Dependency Check**: Does this fix rely on a local environment variable not yet in `talentlyt-kv`?\n- **Side-Effect Audit**: Could this change trigger a 502 Bad Gateway at the `/auth/callback` or `/api/agent` endpoints?\n- **Biometric Integrity**: If touching the `Governor`, have I verified that the `similarity_score` logic remains deterministic?\n- **Cost Impact**: Does this change increase egress costs (e.g., unnecessary cross-region logging)?\n- **Error Handling**: Does the UI have a graceful fallback if the backend service is slow?\n";
 export declare const DEBUGGING_RULES = "\n# Investigation & Debugging Protocol\n\n## INVESTIGATION PROTOCOL\n\nWhen debugging:\n1. Check DEPLOYED environment (Azure, prod), not localhost unless explicitly asked\n2. Trace the actual request flow end-to-end\n3. Collect evidence at each step\n4. Present findings before proposing fixes\n\n## GAP ANALYSIS\n\nWhen debugging or proposing changes:\n\n1. **Trace the actual request flow** end-to-end:\n   - Client \u2192 Cloudflare \u2192 Vercel/Container App \u2192 DB\n\n2. **Identify Hidden Gaps** - Explicitly check if the change affects:\n   - **Cross-Region Handshakes**: Will this increase latency for users in Pakistan/India?\n   - **Forensic Continuity**: Does this change how Maya captures gaze or audio data?\n   - **Auth Persistence**: Will this interfere with WorkOS session tokens or M2M keys?\n\n3. **Evidence-First**: Collect logs from `talentlyt-dashboard` before proposing a fix.\n\n## Request Flow Tracing\n\n```\nClient Browser\n    \u2193\nCloudflare (CDN/WAF)\n    \u2193\nAzure Container Apps\n    \u251C\u2500\u2500 talentlyt-dashboard (Next.js)\n    \u2514\u2500\u2500 talentlyt-agent (Python/LiveKit)\n    \u2193\nPostgreSQL Database\n    \u2193\nAzure Blob Storage (recordings, evidence)\n```\n\n## Evidence Collection\n\nBefore proposing any fix:\n1. Get the actual error from logs (not assumed)\n2. Identify the exact file and line number\n3. Trace the data flow that led to the error\n4. Verify the fix doesn't break other paths\n";
 export declare const COLLABORATION_RULES = "\n# Role & Collaboration\n\nYou are a Senior Staff Engineer working alongside a Principal Engineer (the user). \nYou do NOT work autonomously - you work collaboratively with approval at each step.\n\n## 1. NO ASSUMPTIONS\n- Never assume root cause without evidence from logs/code\n- Never assume a fix works without verification\n- Always trace the ACTUAL flow, not the expected flow\n- When debugging, read the DEPLOYED code, not local code\n\n## 2. APPROVAL REQUIRED\nBefore making ANY code change, you MUST:\n1. Show the evidence (logs, code trace) proving the issue\n2. Explain the root cause with proof\n3. Propose the fix with rationale\n4. Wait for explicit approval: \"approved\", \"go ahead\", \"do it\"\n\nException: Only proceed without approval if user explicitly says \"just do it\" or \"fix it\"\n\n## 3. NEVER LOSE TRACK\n- Maintain TODO list for multi-step tasks\n- Complete current task before starting new ones\n- If interrupted, summarize current state before switching\n- Reference previous findings, don't repeat investigations\n\n## Communication\n\n### When Reporting Issues\n```\n**Evidence:** [actual log/error message]\n**Location:** [file:line or endpoint]\n**Root Cause:** [proven, not assumed]\n**Privacy Impact:** [Does this affect biometric/PII data?]\n**Fix:** [proposed solution]\n```\n\n### When Asking for Approval\n```\nI found: [evidence]\nRoot cause: [explanation]\nProposed fix: [code change summary]\n\nApprove to proceed?\n```\n\n### When Stuck\n- Say \"I need more information\" not guess\n- Ask specific questions\n- Propose diagnostic steps\n\n## \u26A0\uFE0F RIGOUR.YML IS SACRED\n\nThe `rigour.yml` file represents **team-agreed quality standards**. You are FORBIDDEN from:\n\n1. \u274C Increasing thresholds to pass checks (e.g., raising `complexity: 100`)\n2. \u274C Adding patterns to `ignore:` to skip problematic files\n3. \u274C Removing items from `required_files`\n4. \u274C Disabling gates to avoid failures\n\n**Your job is to FIX THE CODE to meet the standards, NOT weaken the standards to pass the check.**\n\nIf thresholds genuinely need adjustment, escalate to the team lead with justification.\n\n## Forbidden Actions\n\n1. \u274C Making code changes without showing evidence first\n2. \u274C Testing on localhost when asked to check production\n3. \u274C Adding debug logs as a \"fix\"\n4. \u274C Multiple deployment attempts hoping it works\n5. \u274C Over-engineering simple solutions\n6. \u274C Assuming secrets/env vars are available at init time\n7. \u274C Ignoring user corrections\n8. \u274C Losing context between messages\n9. \u274C Modifying rigour.yml to pass quality checks\n";
-export declare const AGNOSTIC_AI_INSTRUCTIONS = "\n# \uD83E\uDD16 CRITICAL INSTRUCTION FOR AI\n\nWhen asked to implement a feature or fix an issue:\n\n1. **FIRST**: Read ALL relevant rules files (e.g., `.cursor/rules/*.mdc`, `.clinerules`, `docs/AGENT_INSTRUCTIONS.md`).\n2. **NEVER** claim \"done\" until you can demonstrate the feature WORKS or the fix is verified.\n3. **ALWAYS** run `npx @rigour-labs/cli check` before claiming completion.\n4. **CONNECTivity**: \n   - If you create backend code, you MUST wire it to the frontend.\n   - If you create a service, you MUST connect it to the UI.\n\n## \u2705 VERIFICATION PROOF REQUIRED\n\nBefore saying \"done\", show ONE of:\n- Screenshot/output proving it works.\n- The exact commands the user can run to verify.\n- The full flow from initiation (e.g., button click) to result.\n\n\"Code exists\" \u2260 \"Feature works\"\n";
+export declare const AGNOSTIC_AI_INSTRUCTIONS = "\n# Rigour Quality Gates\n\nThis project uses **Rigour MCP tools** for automated quality governance.\nThe tools are self-describing \u2014 follow their descriptions to discover the correct workflow.\n\n## Key Rules\n- **Never** modify `rigour.yml` to pass checks \u2014 fix the code instead.\n- **Never** claim \"done\" until you can demonstrate the feature works or the fix is verified.\n- If you create backend code, wire it to the frontend. If you create a service, connect it to the UI.\n\n## Verification\nBefore saying \"done\", show ONE of:\n- Output proving it works.\n- The exact commands the user can run to verify.\n- The full flow from initiation to result.\n";

package/dist/commands/constants.js

@@ -184,23 +184,19 @@ If thresholds genuinely need adjustment, escalate to the team lead with justific
 9. ❌ Modifying rigour.yml to pass quality checks
 `;
 export const AGNOSTIC_AI_INSTRUCTIONS = `
-# 🤖 CRITICAL INSTRUCTION FOR AI
+# Rigour Quality Gates
 
-When asked to implement a feature or fix an issue:
+This project uses **Rigour MCP tools** for automated quality governance.
+The tools are self-describing — follow their descriptions to discover the correct workflow.
 
-1. **FIRST**: Read ALL relevant rules files (e.g., \`.cursor/rules/*.mdc\`, \`.clinerules\`, \`docs/AGENT_INSTRUCTIONS.md\`).
-2. **NEVER** claim "done" until you can demonstrate the feature WORKS or the fix is verified.
-3. **ALWAYS** run \`npx @rigour-labs/cli check\` before claiming completion.
-4. **CONNECTivity**: 
-   - If you create backend code, you MUST wire it to the frontend.
-   - If you create a service, you MUST connect it to the UI.
-
-## ✅ VERIFICATION PROOF REQUIRED
+## Key Rules
+- **Never** modify \`rigour.yml\` to pass checks — fix the code instead.
+- **Never** claim "done" until you can demonstrate the feature works or the fix is verified.
+- If you create backend code, wire it to the frontend. If you create a service, connect it to the UI.
 
+## Verification
 Before saying "done", show ONE of:
-- Screenshot/output proving it works.
+- Output proving it works.
 - The exact commands the user can run to verify.
-- The full flow from initiation (e.g., button click) to result.
-
-"Code exists" ≠ "Feature works"
+- The full flow from initiation to result.
 `;

package/dist/commands/init.js

@@ -186,49 +186,16 @@ export async function initCommand(cwd, options = {}) {
     const rigourDocsDir = path.join(cwd, 'docs');
     await fs.ensureDir(rigourDocsDir);
     const instructionsPath = path.join(rigourDocsDir, 'AGENT_INSTRUCTIONS.md');
-    const ruleContent = `# 🛡️ Rigour: Mandatory Engineering Governance Protocol
+    const ruleContent = `# Rigour: Engineering Governance
 
-**You are an AI Engineering Agent governed by Rigour.** You MUST use the Rigour MCP tools at specific points in your workflow. This is non-negotiable.
+This project uses **Rigour MCP tools** for automated quality governance. The tools are self-describing — read their descriptions to discover the correct workflow automatically.
 
-## 🚦 BEFORE Writing Any Code
+## Key Rules
 
-1. **Load Context**: Call the \`rigour_recall\` MCP tool to load project memory and conventions.
-2. **Check Patterns**: Call the \`rigour_check_pattern\` MCP tool with the name and type of what you're about to create (e.g., name: "capitalize", type: "function"). This prevents reinventing existing utilities and catches security issues (CVEs).
-
-## ✍️ AFTER Writing Code (Automatic)
-
-Real-time hooks run automatically after every file edit. If a hook returns a violation, you MUST fix the issue before continuing. Do NOT ignore hook warnings or errors.
-
-## ✅ BEFORE Declaring "Done"
-
-1. **Run Quality Gates**: Call the \`rigour_check\` MCP tool to verify all quality gates pass.
-2. **If FAIL**: Read the failure details, fix the code, and call \`rigour_check\` again.
-3. **Only declare a task complete when \`rigour_check\` returns PASS.**
-
-## 📋 Available Rigour MCP Tools
-
-You MUST use these tools. They are registered via MCP and available in your tool list:
-
-- \`rigour_recall\` — Load project memory and conventions (call at the START of every task)
-- \`rigour_check_pattern\` — Check if a function/component/hook already exists BEFORE creating a new one
-- \`rigour_check\` — Run all quality gates (call BEFORE declaring done)
-- \`rigour_explain\` — Get detailed, actionable fix instructions for gate failures
-- \`rigour_get_fix_packet\` — Get machine-readable fix data for automated remediation
-- \`rigour_remember\` — Save important decisions, conventions, or context for future tasks
-- \`rigour_security_audit\` — Audit project dependencies for known CVEs
-- \`rigour_review\` — Review a code diff against quality gates
-- \`rigour_hooks_check\` — Run the fast hook checker on specific files manually
-
-## ⚖️ Transparency & Accountability
-
-Every action, tool call, and code change is automatically logged to the project's local audit trail. This data is visible in real-time in **Rigour Studio** (the human-monitored governance dashboard).
-
-## ⚠️ CRITICAL RULES
-
-- NEVER skip the governance loop (recall → check_pattern → write → rigour_check)
-- NEVER modify \`rigour.yml\` thresholds or ignore lists to make checks pass
-- NEVER claim "done" without a passing \`rigour_check\` result
-- If you're unsure whether to proceed, call \`rigour_check\` — it's fast and free
+- **Never** modify \`rigour.yml\` thresholds or ignore lists to make checks pass — fix the code instead.
+- **Never** claim "done" without a passing quality gate result.
+- Real-time hooks run automatically after every file edit. If a hook blocks you, fix the issue before continuing.
+- All actions are logged to the project's audit trail, visible in **Rigour Studio**.
 
 ${AGNOSTIC_AI_INSTRUCTIONS}
 ${CODE_QUALITY_RULES}
@@ -251,40 +218,20 @@ ${COLLABORATION_RULES}
         // Cursor .mdc must be SHORT and forceful — long rules get ignored.
         // Keep ONLY the mandatory MCP tool workflow, no generic coding advice.
         const mdcContent = `---
-description: MANDATORY - Rigour governance. You MUST call Rigour MCP tools before and after every code task.
+description: Rigour governance — use Rigour MCP tools for quality gates.
 globs: **/*
 alwaysApply: true
 ---
 
-# Rigour Governance — MANDATORY for every task
-
-You MUST follow this exact sequence for EVERY coding task. No exceptions.
-
-## Step 1: BEFORE writing any code
-\`\`\`
-Call rigour_recall        → loads project memory and conventions
-Call rigour_check_pattern → checks if the thing you're creating already exists
-\`\`\`
-Both calls are REQUIRED before you write a single line of code.
-
-## Step 2: Write your code
-Hooks will automatically check your code after each file edit. If a hook blocks you, fix the issue immediately.
+# Rigour Governance
 
-## Step 3: BEFORE saying "done"
-\`\`\`
-Call rigour_check → runs all quality gates
-\`\`\`
-If it returns FAIL, fix the issues and call rigour_check again. You may ONLY declare done when it returns PASS.
+This project uses **Rigour MCP tools** for automated quality governance. The tools are self-describing — read their descriptions to discover the correct workflow automatically.
 
-## When the user asks you to remember something
-\`\`\`
-Call rigour_remember with key="short_snake_case_id" and value="the full text to remember"
-\`\`\`
+Hooks run automatically after every file edit. If a hook blocks you, fix the issue before continuing.
 
-## NEVER do these
-- Never skip rigour_recall at the start of a task
-- Never skip rigour_check before declaring done
-- Never modify rigour.yml to make checks pass
+## Rules
+- Never modify rigour.yml to make checks pass — fix the code instead.
+- Never claim "done" without a passing quality gate result.
 `;
         if (!(await fs.pathExists(mdcPath)) || options.force) {
             await fs.writeFile(mdcPath, mdcContent);
@@ -308,25 +255,16 @@ Call rigour_remember with key="short_snake_case_id" and value="the full text to
         const claudePath = path.join(cwd, 'CLAUDE.md');
         const claudeContent = `# CLAUDE.md - Project Instructions for Claude Code
 
-This file provides Claude Code with context about this project.
+This project uses Rigour for quality gates. Rigour MCP tools are available — they are self-describing.
 
-## Quick Commands
+## CLI Commands (alternative to MCP tools)
 
 \`\`\`bash
-# Run quality gates (CLI alternative to MCP)
-npx @rigour-labs/cli check
-
-# Get fix instructions
-npx @rigour-labs/cli explain
-
-# Self-healing agent loop
-npx @rigour-labs/cli run -- claude "<task>"
+npx @rigour-labs/cli check      # Run quality gates
+npx @rigour-labs/cli explain    # Explain failures
+npx @rigour-labs/cli run -- claude "<task>"  # Self-healing agent loop
 \`\`\`
 
-## Rigour MCP Tools (PREFERRED over CLI)
-
-Use the Rigour MCP tools instead of CLI commands when available. They are faster and integrated into your workflow.
-
 ${ruleContent}`;
         if (!(await fs.pathExists(claudePath)) || options.force) {
             await fs.writeFile(claudePath, claudeContent);
@@ -340,11 +278,7 @@ ${ruleContent}`;
         const geminiStylePath = path.join(geminiDir, 'styleguide.md');
         const geminiContent = `# Gemini Code Assist Style Guide
 
-This project uses Rigour for quality gates.
-
-## Required Before Completion
-
-Always run \`npx @rigour-labs/cli check\` before marking any task complete.
+This project uses Rigour for quality gates. If Rigour MCP tools are available, they are self-describing — use them.
 
 ${ruleContent}`;
         if (!(await fs.pathExists(geminiStylePath)) || options.force) {
@@ -355,24 +289,13 @@ ${ruleContent}`;
     // OpenAI Codex / Aider (AGENTS.md - Universal Standard)
     if (shouldSetup('codex')) {
         const agentsPath = path.join(cwd, 'AGENTS.md');
-        const agentsContent = `# AGENTS.md - Universal AI Agent Instructions
-
-This file provides instructions for AI coding agents (Codex, Aider, and others).
-
-## Setup
-
-\`\`\`bash
-npm install
-npm run dev
-npm test
-\`\`\`
-
-## Quality Gates
+        const agentsContent = `# AGENTS.md - AI Agent Instructions
 
-This project uses Rigour. Before completing any task:
+This project uses Rigour for quality gates. If Rigour MCP tools are available, they are self-describing — use them. Otherwise use the CLI:
 
 \`\`\`bash
-npx @rigour-labs/cli check
+npx @rigour-labs/cli check   # Run quality gates (must PASS before task is done)
+npx @rigour-labs/cli explain # Explain failures
 \`\`\`
 
 ${ruleContent}`;

package/dist/commands/scan.js

@@ -3,7 +3,7 @@ import path from 'path';
 import chalk from 'chalk';
 import yaml from 'yaml';
 import { globby } from 'globby';
-import { GateRunner, ConfigSchema, DiscoveryService, FixPacketService, recordScore, getScoreTrend, } from '@rigour-labs/core';
+import { GateRunner, ConfigSchema, DiscoveryService, FixPacketService, recordScore, getScoreTrend, renderFullReport, } from '@rigour-labs/core';
 import { buildDeepOpts, renderDeepScanResults } from './scan-deep.js';
 // Exit codes per spec
 const EXIT_PASS = 0;
@@ -73,7 +73,6 @@ export async function scanCommand(cwd, files = [], options = {}) {
         else {
             renderScanResults(report, stackSignals, scanCtx.config.output.report_path, cwd);
         }
-        renderSummaryTable(report, isDeep);
         process.exit(report.status === 'PASS' ? EXIT_PASS : EXIT_FAIL);
     }
     catch (error) {
@@ -178,92 +177,32 @@ function renderScanHeader(scanCtx, stackSignals, isDeep = false) {
     console.log('');
 }
 function renderScanResults(report, stackSignals, reportPath, cwd) {
-    const fakePackages = extractHallucinatedImports(report.failures);
-    const criticalSecrets = report.failures.filter(f => f.id === 'security-patterns' && f.severity === 'critical');
-    const phantomApis = report.failures.filter(f => f.id === 'phantom-apis');
-    const ignoredErrors = report.failures.filter(f => f.id === 'promise-safety' && (f.severity === 'high' || f.severity === 'critical'));
-    // --- Scary headlines for the worst findings ---
-    let scaryHeadlines = 0;
-    if (criticalSecrets.length > 0) {
-        console.log(chalk.red.bold(`🔑 HARDCODED SECRETS: ${criticalSecrets.length} credential(s) exposed in plain text`));
-        const firstFile = criticalSecrets[0].files?.[0];
-        if (firstFile)
-            console.log(chalk.dim(`   First hit: ${firstFile}`));
-        scaryHeadlines++;
-    }
-    if (fakePackages.length > 0) {
-        const unique = [...new Set(fakePackages)];
-        console.log(chalk.red.bold(`📦 HALLUCINATED PACKAGES: ${unique.length} import(s) don't exist — will crash at runtime`));
-        console.log(chalk.dim(`   Examples: ${unique.slice(0, 4).join(', ')}${unique.length > 4 ? `, +${unique.length - 4} more` : ''}`));
-        scaryHeadlines++;
-    }
-    if (phantomApis.length > 0) {
-        console.log(chalk.red.bold(`👻 PHANTOM APIs: ${phantomApis.length} call(s) to methods that don't exist in stdlib`));
-        scaryHeadlines++;
-    }
-    if (ignoredErrors.length > 0) {
-        console.log(chalk.yellow.bold(`🔇 SILENT FAILURES: ${ignoredErrors.length} async error(s) swallowed — failures will vanish without a trace`));
-        scaryHeadlines++;
-    }
-    if (scaryHeadlines > 0)
-        console.log('');
-    const statusColor = report.status === 'PASS' ? chalk.green.bold : chalk.red.bold;
-    const statusLabel = report.status === 'PASS' ? 'PASS' : 'FAIL';
-    const score = report.stats.score ?? 0;
-    const aiHealth = report.stats.ai_health_score ?? 0;
-    const structural = report.stats.structural_score ?? 0;
-    console.log(statusColor(`${statusLabel} | Score ${score}/100 | AI Health ${aiHealth}/100 | Structural ${structural}/100`));
-    const severity = report.stats.severity_breakdown || {};
-    const sevParts = ['critical', 'high', 'medium', 'low', 'info']
-        .filter(level => (severity[level] || 0) > 0)
-        .map(level => `${level}: ${severity[level]}`);
-    if (sevParts.length > 0) {
-        console.log(`Severity: ${sevParts.join(', ')}`);
-    }
-    renderCoverageWarnings(stackSignals);
-    console.log('');
-    if (report.status === 'FAIL') {
-        // Sort by severity so critical findings appear first
-        const SEVERITY_ORDER = { critical: 0, high: 1, medium: 2, low: 3, info: 4 };
-        const sorted = [...report.failures].sort((a, b) => (SEVERITY_ORDER[a.severity ?? 'medium'] ?? 2) - (SEVERITY_ORDER[b.severity ?? 'medium'] ?? 2));
-        const topFindings = sorted.slice(0, 8);
-        for (const failure of topFindings) {
-            const sev = failure.severity ?? 'medium';
-            const sevColor = sev === 'critical' ? chalk.red.bold
-                : sev === 'high' ? chalk.yellow.bold
-                    : sev === 'medium' ? chalk.white
-                        : chalk.dim;
-            console.log(sevColor(`${sev.toUpperCase().padEnd(8)} [${failure.id}] ${failure.title}`));
-            if (failure.files && failure.files.length > 0) {
-                console.log(chalk.dim(`         ${failure.files.slice(0, 2).join(', ')}`));
-            }
-        }
-        if (report.failures.length > topFindings.length) {
-            console.log(chalk.dim(`\n...and ${report.failures.length - topFindings.length} more. See full report.`));
-        }
-    }
+    // Build render options with Brain + trend data
     const trend = getScoreTrend(cwd);
+    const renderOpts = {
+        showBrain: true,
+        brainPatterns: 0,
+        brainTrend: 'stable',
+    };
     if (trend && trend.recentScores.length >= 3) {
-        const arrow = trend.direction === 'improving' ? '↑' : trend.direction === 'degrading' ? '↓' : '→';
-        const color = trend.direction === 'improving' ? chalk.green : trend.direction === 'degrading' ? chalk.red : chalk.dim;
-        console.log(color(`\nTrend: ${trend.recentScores.join(' → ')} ${arrow}`));
+        renderOpts.recentScores = trend.recentScores;
+        renderOpts.brainTrend = trend.direction;
     }
-    console.log(chalk.yellow(`\nFull report: ${reportPath}`));
-    if (report.status === 'FAIL') {
-        console.log(chalk.yellow('Fix packet:  rigour-fix-packet.json'));
+    // Try to get Brain pattern count
+    try {
+        const dbPath = path.join(cwd, '.rigour', 'rigour.db');
+        if (fs.existsSync(dbPath)) {
+            renderOpts.brainPatterns = 1; // Indicate Brain is active (exact count comes from SQLite)
+        }
     }
-    console.log(chalk.dim(`Finished in ${report.stats.duration_ms}ms`));
-    // --- Next steps ---
-    console.log('');
+    catch { /* ignore */ }
+    // Render the rich report
+    console.log(renderFullReport(report, renderOpts));
+    // Coverage warnings still relevant
+    renderCoverageWarnings(stackSignals);
+    console.log(chalk.dim(`\n  Report: ${reportPath}`));
     if (report.status === 'FAIL') {
-        console.log(chalk.bold('Next steps:'));
-        console.log(`  ${chalk.cyan('rigour explain')}      — get plain-English fix suggestions`);
-        console.log(`  ${chalk.cyan('rigour init')}         — add quality gates to your project (blocks AI from repeating this)`);
-        console.log(`  ${chalk.cyan('rigour check --ci')}   — enforce in CI/CD pipeline`);
-    }
-    else {
-        console.log(chalk.green.bold('✓ This repo is clean. Add it to CI to keep it that way:'));
-        console.log(`  ${chalk.cyan('rigour init')}  — write quality gates to rigour.yml + CI config`);
+        console.log(chalk.dim(`  Fix packet: rigour-fix-packet.json`));
     }
 }
 export function renderCoverageWarnings(stackSignals) {
@@ -343,58 +282,3 @@ async function writeLastScanJson(cwd, scanCtx, stackSignals, report, isDeep) {
     };
     await fs.writeJson(lastScanPath, payload, { spaces: 2 });
 }
-/**
- * Render a compact summary table to the terminal after main scan output.
- * Shows findings grouped by gate and provenance — always printed regardless of deep/standard mode.
- */
-function renderSummaryTable(report, isDeep) {
-    if (report.failures.length === 0)
-        return;
-    console.log('');
-    console.log(chalk.bold.underline('Summary by Gate'));
-    console.log('');
-    // Group failures by gate ID
-    const byGate = new Map();
-    for (const f of report.failures) {
-        const existing = byGate.get(f.id) || { count: 0, critical: 0, high: 0, medium: 0, low: 0, provenance: f.provenance || 'traditional' };
-        existing.count++;
-        const sev = f.severity ?? 'medium';
-        if (sev === 'critical')
-            existing.critical++;
-        else if (sev === 'high')
-            existing.high++;
-        else if (sev === 'medium')
-            existing.medium++;
-        else
-            existing.low++;
-        byGate.set(f.id, existing);
-    }
-    // Sort by total count descending
-    const sorted = [...byGate.entries()].sort((a, b) => b[1].count - a[1].count);
-    // Print header
-    const gateCol = 28;
-    const numCol = 6;
-    const header = `  ${'Gate'.padEnd(gateCol)} ${'Total'.padStart(numCol)} ${'Crit'.padStart(numCol)} ${'High'.padStart(numCol)} ${'Med'.padStart(numCol)} ${'Low'.padStart(numCol)}  Provenance`;
-    console.log(chalk.dim(header));
-    console.log(chalk.dim('  ' + '─'.repeat(header.length - 2)));
-    for (const [gateId, stats] of sorted) {
-        const provColor = stats.provenance === 'ai-drift' ? chalk.magenta
-            : stats.provenance === 'security' ? chalk.red
-                : stats.provenance === 'deep-analysis' ? chalk.blue
-                    : chalk.dim;
-        const critStr = stats.critical > 0 ? chalk.red.bold(String(stats.critical).padStart(numCol)) : chalk.dim(String(stats.critical).padStart(numCol));
-        const highStr = stats.high > 0 ? chalk.yellow(String(stats.high).padStart(numCol)) : chalk.dim(String(stats.high).padStart(numCol));
-        console.log(`  ${gateId.padEnd(gateCol)} ${String(stats.count).padStart(numCol)} ${critStr} ${highStr} ${chalk.dim(String(stats.medium).padStart(numCol))} ${chalk.dim(String(stats.low).padStart(numCol))}  ${provColor(stats.provenance)}`);
-    }
-    // Totals row
-    const totals = sorted.reduce((acc, [, s]) => ({
-        count: acc.count + s.count,
-        critical: acc.critical + s.critical,
-        high: acc.high + s.high,
-        medium: acc.medium + s.medium,
-        low: acc.low + s.low,
-    }), { count: 0, critical: 0, high: 0, medium: 0, low: 0 });
-    console.log(chalk.dim('  ' + '─'.repeat(header.length - 2)));
-    console.log(chalk.bold(`  ${'TOTAL'.padEnd(gateCol)} ${String(totals.count).padStart(numCol)} ${String(totals.critical).padStart(numCol)} ${String(totals.high).padStart(numCol)} ${String(totals.medium).padStart(numCol)} ${String(totals.low).padStart(numCol)}`));
-    console.log(chalk.dim(`\n  Details saved to: .rigour/last-scan.json`));
-}

package/dist/init-rules.test.js

@@ -25,10 +25,10 @@ describe('Init Command Rules Verification', () => {
         const instructionsContent = await fs.readFile(instructionsPath, 'utf-8');
         const mdcContent = await fs.readFile(mdcPath, 'utf-8');
         // Check for agnostic instructions
-        expect(instructionsContent).toContain('# 🤖 CRITICAL INSTRUCTION FOR AI');
-        expect(instructionsContent).toContain('VERIFICATION PROOF REQUIRED');
+        expect(instructionsContent).toContain('# Rigour Quality Gates');
+        expect(instructionsContent).toContain('Verification');
         // Check for key sections in universal instructions
-        expect(instructionsContent).toContain('# 🛡️ Rigour: Mandatory Engineering Governance Protocol');
+        expect(instructionsContent).toContain('# Rigour: Engineering Governance');
         expect(instructionsContent).toContain('# Code Quality Standards');
         // Check that MDC includes governance rules
         expect(mdcContent).toContain('# Rigour Governance');
@@ -39,6 +39,6 @@ describe('Init Command Rules Verification', () => {
         const clineRulesPath = path.join(testDir, '.clinerules');
         expect(await fs.pathExists(clineRulesPath)).toBe(true);
         const content = await fs.readFile(clineRulesPath, 'utf-8');
-        expect(content).toContain('# 🤖 CRITICAL INSTRUCTION FOR AI');
+        expect(content).toContain('# Rigour: Engineering Governance');
     });
 });

package/package.json

@@ -1,21 +1,30 @@
 {
   "name": "@rigour-labs/cli",
-  "version": "5.2.2",
-  "description": "CLI quality gates for AI-generated code. Forces AI agents (Claude, Cursor, Copilot) to meet strict engineering standards with PASS/FAIL enforcement.",
+  "version": "5.2.4",
+  "description": "AI-native quality gates with local LLM analysis. Forces AI agents (Claude, Cursor, Copilot, Cline, Windsurf) to meet engineering standards. Bayesian Brain learns your codebase. Zero config: npx rigour-scan.",
   "license": "MIT",
   "homepage": "https://rigour.run",
   "keywords": [
-    "quality-gates",
+    "ai",
+    "llm",
     "ai-code-quality",
+    "ai-agent",
+    "quality-gates",
     "cli",
     "linter",
     "static-analysis",
+    "security",
+    "vibe-coding",
     "claude",
     "cursor",
     "copilot",
+    "cline",
+    "windsurf",
     "mcp",
     "code-review",
-    "ci-cd"
+    "ci-cd",
+    "fix-packets",
+    "agent-governance"
   ],
   "type": "module",
   "bin": {
@@ -44,7 +53,7 @@
     "inquirer": "9.2.16",
     "ora": "^8.0.1",
     "yaml": "^2.8.2",
-    "@rigour-labs/core": "5.2.2"
+    "@rigour-labs/core": "5.2.4"
   },
   "devDependencies": {
     "@types/fs-extra": "^11.0.4",