@rosh100yx/outlier 0.3.0 → 0.4.0

package/README.md

@@ -1,7 +1,12 @@
 <div align="center">
+  <img src="assets/cover.jpg" alt="Outlier Cover" width="100%" />
   <h1>outlier</h1>
   <p><b>The Governance & Policy Engine for AI Engineering</b></p>
   <p><i>Measure AI adoption. Enforce Zero-Trust. Protect Human Mastery.</i></p>
+  <br/>
+  <a href="https://github.com/rosh100yx/outlier/issues/new?assignees=&labels=enhancement&projects=&template=feature_request.md&title=%5BFEATURE%5D+">
+    <img src="https://img.shields.io/badge/%E2%9C%A8_Feature_Request-Submit_an_idea-blueviolet?style=for-the-badge&logo=github" alt="Feature Request" />
+  </a>
   
   <p>
     <img src="https://img.shields.io/badge/Compliance-Strict-blue?style=for-the-badge" />
@@ -9,6 +14,15 @@
     <img src="https://img.shields.io/badge/Zero_Trust-Verified-orange?style=for-the-badge" />
     <img src="https://img.shields.io/badge/Carbon_Footprint-Tracked-lightgrey?style=for-the-badge" />
   </p>
+
+  <p>
+    <b>Get Started Instantly:</b><br/>
+    <code>npx @rosh100yx/outlier status</code>
+  </p>
+
+  <br/>
+  <img src="assets/cli-demo.png" alt="Outlier CLI Demo" width="800" />
+  <br/>
 </div>
 
 `outlier` is an open-source, local-first policy engine and governance framework designed to measure the true cost and risk of AI code generation. As teams accelerate with LLM agents (Cursor, Copilot, Claude Code), `outlier` acts as the definitive **Bouncer**—auditing AI authorship, mitigating deskilling risks, and tracking regional carbon footprints entirely locally. 
@@ -21,22 +35,9 @@
 
 > *"In a room full of agents" shifts the perspective. It acknowledges that the developer is no longer a solo coder; they are a manager of bots. The product exists to make sure the human doesn't get lazy while managing them. We all want our time back, but we don't want to lose control of the craft.*
 
-```text
-┌   outlier 
-│
-◇  [outlier] 4/5 policies • ✓ safe surface • Local CI ───────╮
-│                                                            │
-│  [1] Capability Engine ▰▰▰▰▰▰▱▱▱▱  Active                  │
-│      status: ✓ Configured                                  │
-│  (=^･ω･^=) [2] AI Code Reliance ▰▰▰▰▰▰▰▰▱▱  85.0% Reliance │
-│      vibe: Did you write any of this, or are you just the manager now? (ФДФ)
-│      gate: (=ಠᆽಠ=) Deskilling Risk Detected ⚠ Security Audit Required
-│  [3] Tokenomics & Cost ▰▰▰▰▰▰▰▰▰▱ 96.5% Cache Bloat        │
-│      waste: ⚠ 96.5% of tokens are redundant context reads  │
-│  Governance: (=ಠᆽಠ=) 1 policy failures                     │
-│                                                            │
-├────────────────────────────────────────────────────────────╯
-```
+<div align="center">
+  <img src="assets/codecore.gif" alt="Codecore Aesthetic" width="300" />
+</div>
 
 ## How It Works
 ```text
@@ -66,10 +67,13 @@
 ## Commands
 | Command | Purpose |
 |---------|---------|
-| `outlier audit` | Run the standard telemetry dashboard (Cats + Vibes + Metrics) |
-| `outlier audit --strict` | Run the dashboard without the Cats/Vibes (Enterprise Dry Mode) |
-| `outlier policy` | Interactively select and install the Git Pre-Commit Hook (Bouncer) |
-| `outlier capabilities` | Audit your workspace for active MCP servers and Open Session Skills |
+| `outlier` | Start the interactive Onboarding Wizard (Recommended for first-timers) |
+| `outlier --help` | View the CLI help menu and all available commands |
+| `outlier status` | Run the full AI reliance & capability audit (Generates the Thermal Receipt) |
+| `outlier authorship` | Scan git history for AI co-authorship ratio and Hallucination Risk |
+| `outlier carbon` | Scan local logs for context waste & token costs |
+| `outlier policy` | Configure Personal, Team, or Enterprise guardrails in CI |
+| `outlier confessional` | Submit qualitative feedback or feature requests directly from the terminal |
 
 ## Quickstart: Your First Audit
 
@@ -103,7 +107,7 @@
 ## FAQ
 
 **Does this send my code or prompts to the cloud?**  
-No. `outlier` is a zero-trust, local-first engine. It parses `git log` and local JSONL token logs. Your code and token usage never leave your machine.
+**Absolutely not.** `outlier` is built on a strict **Zero-Trust, Local-First Architecture**. It runs native parsing commands against your `.git/` history and your local `~/.claude/` session logs. It never calls an API, it never extracts your proprietary data, and it never phones home. Your research, your code, and your prompts stay 100% on your machine. We believe in open-source integrity.
 
 **Do I need to be using a specific IDE?**  
 `outlier` is IDE-agnostic. It works by parsing standard `Co-Authored-By` Git trailers, meaning it supports Claude Code, Cursor, Aider, and manual generation.

package/package.json

@@ -1,12 +1,12 @@
 {
   "name": "@rosh100yx/outlier",
-  "version": "0.3.0",
+  "version": "0.4.0",
   "description": "AI Code Governance & Capability Auditing for the Terminal. Measures AI reliance, context waste, and enforces local CI/CD policies.",
   "bin": {
-    "outlier": "bin/outlier.js"
+    "outlier": "bin/outlier"
   },
   "files": [
-    "bin/outlier.js",
+    "bin/outlier",
     "src",
     "data"
   ],
@@ -42,7 +42,6 @@
   },
   "dependencies": {
     "@clack/prompts": "^1.6.0",
-    "commander": "^15.0.0",
     "picocolors": "^1.1.1"
   }
 }

package/src/cli.ts

@@ -1,11 +1,12 @@
 #!/usr/bin/env bun
-import { intro, outro, select, spinner, isCancel, cancel, note } from '@clack/prompts';
+import { intro, outro, select, spinner, isCancel, cancel, note, text } from '@clack/prompts';
 import pc from 'picocolors';
 import { getAuthorshipStats } from './git';
 import { getCarbonStats } from './carbon';
 import { getCapabilitiesStats } from './capabilities';
 import { writeFileSync, chmodSync, existsSync } from 'fs';
 import { join } from 'path';
+import { execSync } from 'child_process';
 
 const ASCII_LOGO = `
    ____  _   _ _____ _     ___ _____ ____  
@@ -16,14 +17,92 @@ const ASCII_LOGO = `
   \\____/|_| |_| |_| |_| |_|___|_____|_|  \\_\\
 `;
 
+import os from 'os';
+import { confirm } from '@clack/prompts';
+
+async function runOnboarding() {
+  console.clear();
+  console.log(pc.cyan(ASCII_LOGO));
+  intro(pc.inverse(' outlier: Welcome '));
+
+  note(
+    `Outlier is a local-first Policy Engine & Governance Framework for AI Engineering.
+
+Our mission is AI Safety for developers:
+As agents (Cursor, Copilot, Claude) write more of our code, we lose visibility into:
+1. Deskilling Risk (Are we becoming spectators in our own codebase?)
+2. Carbon Cost (What is the true regional energy cost of token caching?)
+3. Capability Drift (What hidden skills and external tools are our agents using?)
+
+We built Outlier to enforce Zero-Trust and protect Human Mastery. You are in control.`,
+    'The Problem: AI Safety in Development'
+  );
+
+  note(
+    `Outlier operates entirely on your machine.
+- Local Only: No API keys. No cloud telemetry. No data leaves your machine.
+- Native Auditing: We only read your local \`~/.claude\` logs and \`.git/\` commit history.
+- Actionable Policies: We enforce rules locally via terminal or Git pre-commit hooks.`,
+    'Privacy & Zero-Trust Principles'
+  );
+
+  note(
+    `Available Commands:
+- status: Run a full system audit (Reliance, Carbon, Capabilities)
+- policy: Configure team/enterprise guardrails and CLI blockers
+- carbon: View isolated token caching metrics and regional counterfactuals
+- authorship: View Git authorship ratio (Human vs AI)`,
+    'How it is used'
+  );
+
+  note(
+    `When you start the audit, Outlier will locally parse your Git commits to identify AI co-authorship and cross-reference your agent logs to calculate token waste. 
+
+The results will assign you a "vibe" and evaluate if you are at risk of deskilling.`,
+    'What to Expect'
+  );
+
+  const ready = await confirm({
+    message: 'Are you ready to run your first Governance Audit and measure your AI reliance?',
+    initialValue: true,
+  });
+
+  if (isCancel(ready) || !ready) {
+    cancel('Onboarding paused. Run outlier again when you are ready.');
+    process.exit(0);
+  }
+
+  const configPath = join(os.homedir(), '.outlier_config');
+  writeFileSync(configPath, JSON.stringify({ onboarded: true, date: new Date().toISOString() }));
+}
+
 async function main() {
   console.clear();
   console.log(pc.cyan(ASCII_LOGO));
-  console.log(pc.dim('  Outlier v0.3.0 · AI Code Reliance & Telemetry Engine\n'));
+  console.log(pc.dim('  Outlier v0.4.0 · AI Code Reliance & Telemetry Engine\n'));
+  
+  let action = process.argv[2] as any;
   
+  if (action === '--help' || action === '-h' || action === 'help') {
+    console.log(pc.bold('\nCOMMANDS:'));
+    console.log(`  ${pc.cyan('outlier')}              Interactive menu (Onboarding for first-timers)`);
+    console.log(`  ${pc.cyan('outlier status')}       Run full AI reliance & capability audit`);
+    console.log(`  ${pc.cyan('outlier authorship')}   Scan git history for AI co-authorship ratio`);
+    console.log(`  ${pc.cyan('outlier carbon')}       Scan local logs for token waste & carbon cost`);
+    console.log(`  ${pc.cyan('outlier policy')}       Configure CI/CD guardrails and thresholds`);
+    console.log(`  ${pc.cyan('outlier confessional')} Submit qualitative feedback or feature requests`);
+    console.log('\n' + pc.dim('Run without arguments to start the interactive wizard.'));
+    process.exit(0);
+  }
+
+  const configPath = join(os.homedir(), '.outlier_config');
+  if (!existsSync(configPath) && !action) {
+    await runOnboarding();
+    action = 'status'; // auto-run status after onboarding
+  }
+
   intro(pc.inverse(' outlier '));
 
-  let action = process.argv[2] as any;
   if (!action || action === 'audit') {
     if (action !== 'audit') {
       action = await select({
@@ -33,7 +112,8 @@ async function main() {
           { value: 'capabilities', label: 'Capabilities Map', hint: 'Audit active MCPs, skills, and orchestrations' },
           { value: 'authorship', label: 'Code Durability', hint: 'Scan git history for AI Code Reliance & Hallucination Risk' },
           { value: 'carbon', label: 'Cache Bloat', hint: 'Scan local logs for context waste & token costs' },
-          { value: 'policy', label: 'Policy Profiles', hint: 'Set Personal, Team, or Enterprise guardrails in CI' }
+          { value: 'policy', label: 'Policy Profiles', hint: 'Set Personal, Team, or Enterprise guardrails in CI' },
+          { value: 'confessional', label: 'Confessional', hint: 'Tell us how AI is really affecting your job (Feature Requests)' }
         ],
       });
 
@@ -71,15 +151,13 @@ Ratio: ~31x carbon penalty on coal-heavy grid`,
       s.stop('Audit failed');
       console.error(pc.red(e.message));
     }
-  } else if (action === 'authorship' || action === 'status') {
-    s.start('Scanning local git history and agent logs...');
-    
+  } else if (action === 'authorship') {
+    s.start('Scanning local git history...');
     try {
       const gitStats = await getAuthorshipStats().catch(() => null);
-      const carbon = await getCarbonStats().catch(() => null);
       s.stop('Audit complete');
       
-      if (action === 'authorship' && gitStats) {
+      if (gitStats) {
         const pct = (gitStats.ratio * 100).toFixed(1);
         const nmPct = (gitStats.ratioNoMerges * 100).toFixed(1);
         
@@ -103,14 +181,53 @@ AI Co-Authored:     ${gitStats.aiNoMerges}
 Conservative Floor: ${color(nmPct + '%')}`,
             'Git Authorship Breakdown'
           );
-      } else if (action === 'status') {
-        const isStrict = process.argv.includes('--strict');
-        s.start('Running outlier telemetry audit...');
-        const carbon = await getCarbonStats().catch(() => null);
-        const gitStats = await getAuthorshipStats().catch(() => null);
-        const capabilities = await getCapabilitiesStats().catch(() => null);
-        s.stop('Audit complete');
-        
+      }
+    } catch (e: any) {
+      s.stop('Audit failed');
+      console.error(pc.red(e.message));
+    }
+  } else if (action === 'status') {
+    const isStrict = process.argv.includes('--strict');
+    
+    let gitStats: any = null;
+    let carbon: any = null;
+    let capabilities: any = null;
+
+    if (!isStrict) {
+      s.start('[SYSTEM] Booting local-first sandbox...');
+      await new Promise(r => setTimeout(r, 800));
+      s.message(`↳ Guarantee: No API calls. Your code and logs never leave this machine.`);
+      await new Promise(r => setTimeout(r, 1200));
+      
+      s.message('[GIT] Scanning your commit history...');
+      gitStats = await getAuthorshipStats().catch(() => null);
+      await new Promise(r => setTimeout(r, 600));
+      s.message(`↳ Check: Are you writing the code, or just reviewing what the AI wrote?`);
+      await new Promise(r => setTimeout(r, 1200));
+      
+      s.message('[TOKENS] Parsing local AI logs (~/.claude/)...');
+      carbon = await getCarbonStats().catch(() => null);
+      await new Promise(r => setTimeout(r, 600));
+      s.message(`↳ Check: How much API waste is your workflow generating locally?`);
+      await new Promise(r => setTimeout(r, 1200));
+      
+      s.message('[ANALYSIS] Calculating your mastery score...');
+      capabilities = await getCapabilitiesStats().catch(() => null);
+      await new Promise(r => setTimeout(r, 600));
+      s.message(`↳ Warning: Heavy AI use creates the 'Illusion of Competence'. Don't lose your edge.`);
+      await new Promise(r => setTimeout(r, 1200));
+      
+      s.message('[PRINT] Generating Thermal Receipt...');
+      await new Promise(r => setTimeout(r, 600));
+    } else {
+      s.start('Running outlier telemetry audit...');
+      gitStats = await getAuthorshipStats().catch(() => null);
+      carbon = await getCarbonStats().catch(() => null);
+      capabilities = await getCapabilitiesStats().catch(() => null);
+    }
+    s.stop('Audit complete');
+    
+    try {
         let authPct = '0%';
         let ruleFailures = 0;
         let authWarning = '';
@@ -165,7 +282,6 @@ ${costIcon}${pc.dim('[3] Tokenomics & Cost')} ${pc.magenta('▰▰▰▰▰▰
 ${pc.bold('Governance:')} ${ruleFailures > 0 ? pc.red(`${failIcon} ${ruleFailures + 1} policy failures`) : pc.green(`${passIcon} All clear`)}`,
           `${pc.bold('[outlier]')} ${5 - (ruleFailures+1)}/5 policies • ${authWarning || pc.green(`${passIcon} safe surface`)} • ${co2Str}`
         );
-      }
     } catch (e: any) {
       s.stop('Audit failed');
       console.error(pc.red(e.message));
@@ -238,8 +354,8 @@ ${caps.skills.length > 5 ? pc.red('⚠ High Surface Area: Ensure strict authorsh
 
       const isStrict = process.argv.includes('--strict');
       const bouncerMsg = isStrict 
-        ? `echo "❌ outlier policy violation: AI authorship ($CURRENT_RATIO%) exceeds threshold ($MAX_RATIO%)"`
-        : `echo "😾 ✋ The Bouncer says no: Your code is $CURRENT_RATIO% AI-generated."\n    echo "A human must review this before it enters the club (main branch)."`;
+        ? `echo "⚠️  outlier policy warning: AI authorship ($CURRENT_RATIO%) exceeds threshold ($MAX_RATIO%)"`
+        : `echo "🛡️  Outlier Bouncer: Repository AI-generation ($CURRENT_RATIO%) exceeds your defined mastery threshold ($MAX_RATIO%)."\n    echo "Take a moment to review your recent architectural decisions. Ensure you still understand the system."`;
 
       const hookPath = join(gitDir, 'hooks', 'pre-commit');
       if (existsSync(hookPath)) {
@@ -257,10 +373,11 @@ if [ "$TOTAL" -eq 0 ]; then exit 0; fi
 CURRENT_RATIO=$(awk "BEGIN {print ($AI / $TOTAL) * 100}")
 MAX_RATIO=${maxAuthorship}
 
-OVER_LIMIT=$(awk "BEGIN {if ($CURRENT_RATIO > $MAX_RATIO) print 1; else print 0}")
+OVER_LIMIT=$(awk "BEGIN {print ($CURRENT_RATIO > $MAX_RATIO) ? 1 : 0}")
 if [ "$OVER_LIMIT" -eq 1 ]; then
     ${bouncerMsg}
-    exit 1
+    # Warn instead of hard-blocking the commit, protecting human iterations
+    exit 0
 fi
 echo "✅ Governance Policy OK"
 `;
@@ -282,7 +399,7 @@ Enforcement:  ${pc.cyan('Local pre-commit hook installed (backup created)')}`,
       await new Promise(resolve => setTimeout(resolve, 1200));
       
       const reportPath = join(process.cwd(), 'outlier-audit-report.jsonl');
-      writeFileSync(reportPath, JSON.stringify({ timestamp: new Date().toISOString(), status: 'COMPLIANT', policy: 'Decree 142', humanOversight: true }) + '\\n');
+      writeFileSync(reportPath, JSON.stringify({ timestamp: new Date().toISOString(), status: 'PREVIEW', policy: 'Decree 142', simulatedOversight: true }) + '\n');
       s.stop('Audit Generated');
 
       note(
@@ -293,14 +410,76 @@ Artifact:     ${pc.cyan(reportPath)}`,
         'Regulatory Compliance'
       );
     }
+  } else if (action === 'confessional') {
+    s.start('Connecting to the human element...');
+    await new Promise(resolve => setTimeout(resolve, 600));
+    s.stop('Secure connection established.');
+
+    const feedback = await text({
+      message: pc.cyan('What is AI actually doing to your codebase? Are you a 10x dev or a 10x reviewer now?\n(Note: This will draft a public GitHub issue)'),
+      placeholder: 'Honestly, I just let the agent write the regex...',
+      validate(value) {
+        if (!value || value.length === 0) return `C'mon, confess something!`;
+      },
+    });
+
+    if (isCancel(feedback)) {
+      cancel('Confession aborted.');
+      process.exit(0);
+    }
+
+    note(
+      `${pc.italic(`"${feedback}"`)}\n\nYour confession is safe with us. But if you want to make it official (and help us build what you need), we've generated a secure transmission link for you.`,
+      'The Confessional'
+    );
+
+    const url = `https://github.com/rosh100yx/outlier/issues/new?assignees=&labels=enhancement&projects=&template=feature_request.md&title=%5BConfessional%5D+Feedback&body=${encodeURIComponent(feedback.toString())}`;
+    console.log(`\n${pc.bold('Submit here:')} ${pc.underline(pc.cyan(url))}\n`);
+    
+    try {
+      if (process.platform === 'darwin') {
+        execSync(`open "${url}"`);
+      }
+    } catch(e) {}
   }
 
-  let shareText = 'Local telemetry run completed. No data left your machine.';
-  if (action === 'status') {
-    shareText += `\n\n${pc.dim('└')} ${pc.cyan('Share your audit:')} https://x.com/intent/tweet?text=I%20just%20audited%20my%20codebase%20for%20AI%20reliance%20and%20deskilling%20risk.%20What%20does%20your%20repo%20score%3F%0A%0A%F0%9F%93%8F%20npx%20%40rosh100yx%2Foutlier`;
+  outro('Local telemetry run completed. No data left your machine.');
+
+  // Artifact Level Storytelling: Dither Garden style thermal receipt
+  if (action === 'status' || action === 'authorship' || action === 'carbon') {
+    const d = new Date();
+    const dateStr = d.toLocaleDateString('en-US', { month: 'short', day: '2-digit', year: 'numeric' }).toUpperCase();
+    const timeStr = d.toLocaleTimeString('en-US', { hour12: false });
+    
+    let repoName = process.cwd().split('/').pop() || 'Unknown';
+    
+    console.log(`\n${pc.dim('-------------------------')} ${pc.bold('AUDIT RECEIPT')} ${pc.dim('-------------------------')}`);
+    console.log(`\n Project                                      ${pc.bold(repoName.padEnd(16).substring(0,16))}`);
+    console.log(` Timestamp                                  ${pc.dim(`${dateStr} ${timeStr}`)}\n`);
+    
+    console.log(` 01x Authorship Policy                      ${process.argv.includes('--strict') ? 'Strict Mode' : 'Vibe Check'}`);
+    console.log(` 02x AI Reliance Risk                       ${action === 'carbon' ? 'N/A' : 'Assessed'}`);
+    console.log(` 03x Cache Bloat Tokens                     ${action === 'authorship' ? 'N/A' : 'Audited'}`);
+    console.log(` 04x Regional Grid Check                    ${action === 'authorship' ? 'N/A' : 'Completed'}\n`);
+    
+    console.log(pc.dim(' **********************************************************'));
+    console.log(`\n ${pc.italic('patterns emerge in the commit history,')}`);
+    console.log(` ${pc.italic('code becomes commoditized by algorithms.')}`);
+    console.log(` ${pc.italic('human mastery is the only true moat.')}\n`);
+    console.log(pc.dim(' **********************************************************\n'));
+    
+    console.log('                 Outlier Governance Engine');
+    console.log(pc.bold('\n                   ***AUDIT COMPLETE***'));
+    console.log(pc.bold('                   ***STAY VIGILANT***\n'));
   }
 
-  outro(shareText);
+  console.log(
+    pc.dim(
+      `└ Share your audit: https://x.com/intent/tweet?text=${encodeURIComponent(
+        'I just audited my codebase for AI reliance and deskilling risk. What does your repo score?\n\n📏 npx @rosh100yx/outlier'
+      )}`
+    )
+  );
 }
 
 main().catch(console.error);

package/bin/outlier.js

@@ -1,14 +0,0 @@
-#!/usr/bin/env node
-import { spawnSync } from 'child_process';
-import path from 'path';
-import { fileURLToPath } from 'url';
-
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = path.dirname(__filename);
-
-const cliPath = path.join(__dirname, '../src/cli.ts');
-const result = spawnSync('bun', ['run', cliPath, ...process.argv.slice(2)], {
-  stdio: 'inherit'
-});
-
-process.exit(result.status || 0);