@sandrinio/vbounce 1.0.0

package/skills/vibe-code-review/references/report-template.md

@@ -0,0 +1,189 @@
+# Report Template
+
+Use this template structure for all code review outputs. Adapt sections based on the review mode.
+
+## Universal Report Header
+
+```markdown
+# 🔍 Vibe Code Review Report
+
+**Project:** [project name]
+**Date:** [date]
+**Mode:** [Quick Scan | PR Review | Deep Audit | Trend Check]
+**Stack:** [detected tech stack]
+
+---
+```
+
+## Severity Definitions
+
+Use consistently across all reports:
+
+- 🔴 **Critical** — Must fix before shipping. Active risk to reliability, security, or sustainability.
+- 🟡 **Warning** — Technical debt accumulating. Safe for now, but will cause problems if ignored.
+- 🟢 **Healthy** — No action needed. Meets or exceeds standards.
+- ℹ️ **Info** — Not a problem, but worth knowing about.
+
+## Quick Scan Report Structure
+
+```markdown
+## Summary
+
+[2-3 sentence plain-language verdict. Use a building inspection analogy.]
+
+## Findings
+
+### 🔴 Critical Issues
+[List each with a one-line description and a plain-language "what this means" explanation]
+
+### 🟡 Warnings  
+[Same format]
+
+### 🟢 Healthy Areas
+[Brief acknowledgment of what's working well]
+
+## Metrics Snapshot
+
+| Metric | Value | Status |
+|--------|-------|--------|
+| Source files | X | ℹ️ |
+| Total LOC | X | ℹ️ |
+| Files over 400 lines | X | 🟢/🟡/🔴 |
+| Dependencies | X | 🟢/🟡/🔴 |
+| Test files | X | 🟢/🟡/🔴 |
+| Empty catch blocks | X | 🟢/🟡/🔴 |
+| Architectural patterns | X competing | 🟢/🟡/🔴 |
+
+## Recommended Actions
+
+1. [Highest priority action — what and why]
+2. [Second priority]
+3. [Third priority]
+```
+
+## PR Review Report Structure
+
+```markdown
+## Verdict: [✅ Ship It | ⚠️ Ship With Notes | 🛑 Hold]
+
+[One sentence explaining the verdict]
+
+## Change Summary
+
+- **Files changed:** X
+- **Lines added/removed:** +X / -X  
+- **Directories touched:** X
+- **New dependencies:** X
+
+## Findings
+
+### [Each finding with file path and line reference]
+
+**File:** `path/to/file.ts`  
+**Severity:** 🔴/🟡  
+**Issue:** [description]  
+**What this means:** [plain-language explanation]  
+**Suggested fix:** [concrete action]
+
+## Checklist
+
+- [ ] No new empty catch blocks
+- [ ] New code has corresponding tests
+- [ ] No new dependencies without justification
+- [ ] Duplication check passed
+- [ ] Cross-module impact is acceptable
+```
+
+## Deep Audit Report Structure
+
+```markdown
+## Executive Summary
+
+[3-5 sentence overview. A non-technical stakeholder should understand the state of the project from this alone.]
+
+## Architecture
+
+### Pattern Map
+[Table or list of all detected patterns and their usage counts]
+
+### Consistency Score: [X/10]
+[Explanation of competing patterns found]
+
+### Coupling Analysis
+[Most-imported modules, circular dependencies, god modules]
+
+## Code Health
+
+### Duplication: [X%]
+[Top duplicated blocks with file references]
+
+### Dead Code
+[Orphaned files and unused exports]
+
+### File Size Distribution
+[How many files fall into each size bucket]
+
+## Reliability
+
+### Error Handling Score: [X/10]
+[Empty catches, console-only handling, missing validation]
+
+### Test Quality Score: [X/10]
+[Test ratio, assertion quality, weak assertions, snapshot tests]
+
+## Sustainability
+
+### Dependency Health
+[Count, known vulnerabilities, unnecessary packages]
+
+### Complexity Hotspots
+[Top 5 most complex files/functions]
+
+## Recommendations (Prioritized)
+
+| Priority | Action | Effort | Impact |
+|----------|--------|--------|--------|
+| 1 | [action] | [hours/days] | [what improves] |
+| 2 | [action] | [hours/days] | [what improves] |
+| 3 | [action] | [hours/days] | [what improves] |
+
+## Plain-Language Summary
+
+If this codebase were a building:
+- **Foundation:** [solid/cracking/unstable]
+- **Plumbing (data flow):** [clean/leaky/clogged]
+- **Electrical (error handling):** [up to code/some dead outlets/fire hazard]
+- **Layout (architecture):** [coherent/quirky but functional/maze]
+- **Maintenance access:** [easy/tight/sealed shut]
+```
+
+## Trend Check Report Structure
+
+```markdown
+## Trajectory: [📈 Improving | ➡️ Stable | 📉 Degrading]
+
+[One sentence summary of the overall trend]
+
+## Metrics Over Time
+
+| Date | LOC | Deps | Large Files | Empty Catches | Dup % | Test Ratio |
+|------|-----|------|-------------|---------------|-------|------------|
+| [date] | X | X | X | X | X% | X |
+
+## Trend Signals
+
+[For each metric that changed significantly, explain what the trend means]
+
+## Recommended Actions
+
+1. [Based on trends, not just current state]
+```
+
+## Writing Guidelines
+
+- **Lead with the verdict** — don't bury it
+- **Use analogies** — the user may not read code
+- **Be specific** — file paths, line numbers, concrete examples
+- **Prioritize recommendations** — the user needs to know what to fix first
+- **Don't overwhelm** — for Quick Scan, keep to top 5 findings max. Save exhaustive lists for Deep Audit.
+- **Celebrate wins** — if something is well-structured, say so. Positive reinforcement matters in vibe coding.

package/skills/vibe-code-review/references/trend-check.md

@@ -0,0 +1,224 @@
+# Trend Check Mode
+
+Compare metrics over time to catch gradual degradation. Individual snapshots tell you the current state — trends tell you the trajectory.
+
+## When to Use
+
+- "Is my codebase getting better or worse?"
+- Weekly/monthly quality check-ins
+- After a sprint or feature push, compare before/after
+- Tracking the "Effort Paradox" — are new features getting harder to add?
+
+## Concept
+
+This mode generates a metrics snapshot and compares it against previous snapshots stored in a `.quality/` directory in the project root. Each snapshot is a JSON file timestamped with the scan date.
+
+## Steps
+
+### 1. Generate Current Snapshot
+
+Run this script to produce a metrics JSON:
+
+```bash
+#!/bin/bash
+# generate-snapshot.sh — produces a quality metrics snapshot
+
+TIMESTAMP=$(date +%Y-%m-%d)
+OUTPUT_DIR=".quality"
+OUTPUT_FILE="$OUTPUT_DIR/snapshot-$TIMESTAMP.json"
+
+mkdir -p "$OUTPUT_DIR"
+
+# Count source files
+SRC_FILES=$(find . -name "*.ts" -o -name "*.tsx" -o -name "*.js" -o -name "*.jsx" -o -name "*.py" \
+  | grep -v node_modules | grep -v __pycache__ | grep -v .next | grep -v dist | grep -v test | grep -v spec | wc -l | tr -d ' ')
+
+# Count test files
+TEST_FILES=$(find . -name "*.test.*" -o -name "*.spec.*" -o -name "test_*" -o -name "*_test.*" \
+  | grep -v node_modules | grep -v __pycache__ | wc -l | tr -d ' ')
+
+# Count total lines of code
+TOTAL_LOC=$(find . -name "*.ts" -o -name "*.tsx" -o -name "*.js" -o -name "*.jsx" -o -name "*.py" \
+  | grep -v node_modules | grep -v __pycache__ | grep -v .next | grep -v dist \
+  | xargs wc -l 2>/dev/null | tail -1 | awk '{print $1}')
+
+# Count dependencies
+if [ -f package.json ]; then
+  DEPS=$(python3 -c "import json; d=json.load(open('package.json')); print(len(d.get('dependencies',{})))" 2>/dev/null || echo "0")
+  DEV_DEPS=$(python3 -c "import json; d=json.load(open('package.json')); print(len(d.get('devDependencies',{})))" 2>/dev/null || echo "0")
+else
+  DEPS=0
+  DEV_DEPS=0
+fi
+
+# Count files over 400 lines
+LARGE_FILES=$(find . -name "*.ts" -o -name "*.tsx" -o -name "*.js" -o -name "*.jsx" -o -name "*.py" \
+  | grep -v node_modules | grep -v __pycache__ | grep -v .next \
+  | while read f; do
+    lines=$(wc -l < "$f" 2>/dev/null)
+    if [ "$lines" -gt 400 ]; then echo "$f"; fi
+  done | wc -l | tr -d ' ')
+
+# Count empty catch blocks
+EMPTY_CATCHES=$(grep -rn "catch" --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" -A 2 . \
+  | grep -v node_modules | grep -E "catch.*\{$" -A 1 | grep -c "^\s*\}" 2>/dev/null || echo "0")
+
+# Count TODO/FIXME markers
+TODOS=$(grep -rn "TODO\|FIXME\|HACK\|XXX" --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" --include="*.py" . \
+  | grep -v node_modules | grep -v __pycache__ | wc -l | tr -d ' ')
+
+# Count directories (proxy for module count)
+MODULES=$(find . -maxdepth 2 -type d \
+  -not -path "*/node_modules/*" -not -path "*/.git/*" -not -path "*/.next/*" -not -path "*/dist/*" \
+  | wc -l | tr -d ' ')
+
+# Duplication percentage (if jscpd available)
+DUP_PCT=$(npx jscpd . --min-lines 5 --min-tokens 50 --reporters json --output /tmp/jscpd-trend \
+  --ignore "node_modules,dist,build,.next,__pycache__,coverage" 2>/dev/null \
+  && python3 -c "import json; d=json.load(open('/tmp/jscpd-trend/jscpd-report.json')); print(d['statistics']['total']['percentage'])" 2>/dev/null || echo "null")
+
+# Write snapshot
+cat > "$OUTPUT_FILE" << EOF
+{
+  "date": "$TIMESTAMP",
+  "source_files": $SRC_FILES,
+  "test_files": $TEST_FILES,
+  "test_ratio": $(python3 -c "print(round($TEST_FILES / max($SRC_FILES, 1), 2))"),
+  "total_loc": $TOTAL_LOC,
+  "dependencies": $DEPS,
+  "dev_dependencies": $DEV_DEPS,
+  "large_files_over_400": $LARGE_FILES,
+  "empty_catch_blocks": $EMPTY_CATCHES,
+  "todo_fixme_count": $TODOS,
+  "module_count": $MODULES,
+  "duplication_pct": $DUP_PCT
+}
+EOF
+
+echo "Snapshot saved to $OUTPUT_FILE"
+cat "$OUTPUT_FILE" | python3 -m json.tool
+```
+
+### 2. Compare Against Previous Snapshots
+
+```bash
+#!/bin/bash
+# compare-snapshots.sh — compare latest snapshot against previous ones
+
+QUALITY_DIR=".quality"
+SNAPSHOTS=$(ls "$QUALITY_DIR"/snapshot-*.json 2>/dev/null | sort)
+COUNT=$(echo "$SNAPSHOTS" | wc -l)
+
+if [ "$COUNT" -lt 2 ]; then
+  echo "Need at least 2 snapshots to compare. Run a scan first."
+  exit 0
+fi
+
+LATEST=$(echo "$SNAPSHOTS" | tail -1)
+PREVIOUS=$(echo "$SNAPSHOTS" | tail -2 | head -1)
+
+python3 << 'PYEOF'
+import json, sys
+
+with open("LATEST_FILE") as f:
+    latest = json.load(f)
+with open("PREVIOUS_FILE") as f:
+    prev = json.load(f)
+
+print(f"Comparing: {prev['date']} → {latest['date']}")
+print("=" * 60)
+
+metrics = [
+    ("source_files", "Source files", "neutral"),
+    ("test_files", "Test files", "higher_better"),
+    ("test_ratio", "Test ratio", "higher_better"),
+    ("total_loc", "Total LOC", "neutral"),
+    ("dependencies", "Dependencies", "lower_better"),
+    ("large_files_over_400", "Large files (>400 lines)", "lower_better"),
+    ("empty_catch_blocks", "Empty catch blocks", "lower_better"),
+    ("todo_fixme_count", "TODO/FIXME markers", "lower_better"),
+    ("module_count", "Module count", "neutral"),
+    ("duplication_pct", "Duplication %", "lower_better"),
+]
+
+for key, label, direction in metrics:
+    old = prev.get(key)
+    new = latest.get(key)
+    if old is None or new is None or old == "null" or new == "null":
+        print(f"  {label}: no data")
+        continue
+    
+    old, new = float(old), float(new)
+    delta = new - old
+    pct = (delta / old * 100) if old != 0 else 0
+    
+    if direction == "lower_better":
+        icon = "🟢" if delta <= 0 else "🔴"
+    elif direction == "higher_better":
+        icon = "🟢" if delta >= 0 else "🔴"
+    else:
+        icon = "➡️"
+    
+    sign = "+" if delta > 0 else ""
+    print(f"  {icon} {label}: {old} → {new} ({sign}{delta:.1f}, {sign}{pct:.1f}%)")
+
+PYEOF
+```
+
+Replace `LATEST_FILE` and `PREVIOUS_FILE` with actual paths when running.
+
+### 3. Trend Visualization
+
+If the user wants a visual trend, generate a simple markdown table or ASCII chart:
+
+```python
+import json, os, glob
+
+snapshots = sorted(glob.glob(".quality/snapshot-*.json"))
+if not snapshots:
+    print("No snapshots found")
+    exit()
+
+data = []
+for s in snapshots:
+    with open(s) as f:
+        data.append(json.load(f))
+
+# Print trend table
+print("| Date | LOC | Deps | Large Files | Empty Catches | Duplication | Test Ratio |")
+print("|------|-----|------|-------------|---------------|-------------|------------|")
+for d in data:
+    dup = f"{d.get('duplication_pct', 'N/A')}%" if d.get('duplication_pct') not in (None, 'null') else "N/A"
+    print(f"| {d['date']} | {d['total_loc']} | {d['dependencies']} | {d['large_files_over_400']} | {d['empty_catch_blocks']} | {dup} | {d['test_ratio']} |")
+```
+
+### Key Trend Signals
+
+| Signal | What It Means | Action |
+|--------|---------------|--------|
+| LOC rising, test ratio falling | Building without testing | Pause features, write tests |
+| Dependencies climbing steadily | AI agents adding packages every session | Audit and remove unused deps |
+| Large files increasing | Monoliths forming | Decompose before they calcify |
+| Empty catches increasing | Reliability degrading | Add error handling sprint |
+| Duplication climbing | AI reinventing existing solutions | Document shared utilities, update AI context |
+| Feature time increasing | Architecture is fighting you | Deep audit needed |
+
+### 4. Generate Trend Report
+
+Output a markdown report with:
+1. The comparison table
+2. Traffic-light summary (🟢🟡🔴) for each metric's trajectory
+3. Top 3 recommended actions based on the trends
+4. A plain-language summary: "Your codebase is [improving/stable/degrading] in these areas..."
+
+## Automation
+
+Recommend the user add the snapshot script to their CI pipeline or run it weekly:
+
+```bash
+# Add to .github/workflows/quality-snapshot.yml or run manually
+# The .quality/ directory should be committed to the repo
+# so trends persist across machines and sessions
+```
+
+This way, every time they come back to review, historical data is already there.

package/skills/vibe-code-review/scripts/generate-snapshot.sh

@@ -0,0 +1,89 @@
+#!/bin/bash
+# generate-snapshot.sh — Produces a quality metrics snapshot for trend tracking
+# Usage: bash scripts/generate-snapshot.sh [project-path]
+#
+# Saves a JSON snapshot to .quality/snapshot-YYYY-MM-DD.json in the project root.
+# Commit the .quality/ directory to your repo so trends persist.
+
+set -e
+
+PROJECT_DIR="${1:-.}"
+cd "$PROJECT_DIR"
+
+TIMESTAMP=$(date +%Y-%m-%d)
+OUTPUT_DIR=".quality"
+OUTPUT_FILE="$OUTPUT_DIR/snapshot-$TIMESTAMP.json"
+
+mkdir -p "$OUTPUT_DIR"
+
+echo "📊 Generating quality snapshot for $(pwd)..."
+
+# Count source files
+SRC_FILES=$(find . -name "*.ts" -o -name "*.tsx" -o -name "*.js" -o -name "*.jsx" -o -name "*.py" -o -name "*.go" -o -name "*.rs" \
+  | grep -v node_modules | grep -v __pycache__ | grep -v .next | grep -v dist | grep -v build \
+  | grep -v test | grep -v spec | wc -l | tr -d ' ')
+
+# Count test files
+TEST_FILES=$(find . -name "*.test.*" -o -name "*.spec.*" -o -name "test_*" -o -name "*_test.*" \
+  | grep -v node_modules | grep -v __pycache__ | wc -l | tr -d ' ')
+
+# Total lines of code
+TOTAL_LOC=$(find . \( -name "*.ts" -o -name "*.tsx" -o -name "*.js" -o -name "*.jsx" -o -name "*.py" -o -name "*.go" -o -name "*.rs" \) \
+  -not -path "*/node_modules/*" -not -path "*/__pycache__/*" -not -path "*/.next/*" -not -path "*/dist/*" \
+  | xargs wc -l 2>/dev/null | tail -1 | awk '{print $1}')
+TOTAL_LOC=${TOTAL_LOC:-0}
+
+# Count dependencies
+if [ -f package.json ]; then
+  DEPS=$(python3 -c "import json; d=json.load(open('package.json')); print(len(d.get('dependencies',{})))" 2>/dev/null || echo "0")
+  DEV_DEPS=$(python3 -c "import json; d=json.load(open('package.json')); print(len(d.get('devDependencies',{})))" 2>/dev/null || echo "0")
+elif [ -f requirements.txt ]; then
+  DEPS=$(grep -v "^#" requirements.txt | grep -v "^$" | wc -l | tr -d ' ')
+  DEV_DEPS=0
+elif [ -f go.mod ]; then
+  DEPS=$(grep "^\t" go.mod | grep -v "indirect" | wc -l | tr -d ' ')
+  DEV_DEPS=0
+else
+  DEPS=0
+  DEV_DEPS=0
+fi
+
+# Count files over 400 lines
+LARGE_FILES=$(find . \( -name "*.ts" -o -name "*.tsx" -o -name "*.js" -o -name "*.jsx" -o -name "*.py" -o -name "*.go" -o -name "*.rs" \) \
+  -not -path "*/node_modules/*" -not -path "*/__pycache__/*" -not -path "*/.next/*" \
+  | while read f; do
+    lines=$(wc -l < "$f" 2>/dev/null || echo 0)
+    if [ "$lines" -gt 400 ]; then echo "$f"; fi
+  done | wc -l | tr -d ' ')
+
+# Count empty catch blocks
+EMPTY_CATCHES=$(grep -rn "catch" --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" --include="*.py" -A 2 . \
+  2>/dev/null | grep -v node_modules | grep -E "catch.*\{$" -A 1 | grep -c "^\s*\}" 2>/dev/null || echo "0")
+
+# Count TODO/FIXME markers
+TODOS=$(grep -rn "TODO\|FIXME\|HACK\|XXX" \
+  --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" --include="*.py" --include="*.go" --include="*.rs" . \
+  2>/dev/null | grep -v node_modules | grep -v __pycache__ | wc -l | tr -d ' ')
+
+# Test ratio
+TEST_RATIO=$(python3 -c "print(round($TEST_FILES / max($SRC_FILES, 1), 2))")
+
+# Write snapshot
+cat > "$OUTPUT_FILE" << EOF
+{
+  "date": "$TIMESTAMP",
+  "source_files": $SRC_FILES,
+  "test_files": $TEST_FILES,
+  "test_ratio": $TEST_RATIO,
+  "total_loc": $TOTAL_LOC,
+  "dependencies": $DEPS,
+  "dev_dependencies": $DEV_DEPS,
+  "large_files_over_400": $LARGE_FILES,
+  "empty_catch_blocks": $EMPTY_CATCHES,
+  "todo_fixme_count": $TODOS
+}
+EOF
+
+echo "✅ Snapshot saved to $OUTPUT_FILE"
+echo ""
+python3 -m json.tool "$OUTPUT_FILE"

package/skills/vibe-code-review/scripts/pr-analyze.sh

@@ -0,0 +1,180 @@
+#!/bin/bash
+# pr-analyze.sh — Analyze a git diff for code quality issues
+# Usage: bash scripts/pr-analyze.sh [base-branch]
+#
+# Defaults to comparing against 'main'. Pass a different branch name if needed.
+# Outputs a markdown report to stdout.
+
+set -e
+
+BASE="${1:-main}"
+REPORT=""
+
+add() { REPORT="$REPORT$1\n"; }
+
+add "# 🔍 PR Review Report"
+add ""
+add "**Date:** $(date +%Y-%m-%d)"
+add "**Comparing:** \`$BASE...HEAD\`"
+add ""
+
+# Get changed files
+CHANGED=$(git diff --name-only "$BASE"...HEAD 2>/dev/null || git diff --name-only HEAD~1)
+SOURCE_CHANGED=$(echo "$CHANGED" | grep -E '\.(ts|tsx|js|jsx|py|go|rs)$' | grep -v node_modules || true)
+FILE_COUNT=$(echo "$CHANGED" | grep -v "^$" | wc -l | tr -d ' ')
+DIR_COUNT=$(echo "$CHANGED" | grep -v "^$" | xargs -I{} dirname {} 2>/dev/null | sort -u | wc -l | tr -d ' ')
+
+add "## Change Summary"
+add ""
+add "- **Files changed:** $FILE_COUNT"
+add "- **Directories touched:** $DIR_COUNT"
+add "- **Source files in diff:** $(echo "$SOURCE_CHANGED" | grep -v "^$" | wc -l | tr -d ' ')"
+add ""
+
+# Stats
+STATS=$(git diff --stat "$BASE"...HEAD 2>/dev/null || git diff --stat HEAD~1)
+add "\`\`\`"
+add "$STATS"
+add "\`\`\`"
+add ""
+
+# Cross-module impact
+if [ "$DIR_COUNT" -gt 5 ]; then
+  add "### 🔴 High Cross-Module Impact"
+  add ""
+  add "This PR touches $DIR_COUNT directories. Consider breaking into smaller, focused PRs."
+  add ""
+elif [ "$DIR_COUNT" -gt 3 ]; then
+  add "### 🟡 Moderate Cross-Module Impact"
+  add ""
+  add "This PR touches $DIR_COUNT directories."
+  add ""
+fi
+
+add "## Findings"
+add ""
+
+# Check for new dependencies
+if echo "$CHANGED" | grep -q "package.json"; then
+  NEW_DEPS=$(git diff "$BASE"...HEAD -- package.json 2>/dev/null | grep "^+" | grep -v "^+++" | grep -E '"[^"]+":' || true)
+  if [ -n "$NEW_DEPS" ]; then
+    add "### 🟡 New Dependencies Detected"
+    add ""
+    add "\`\`\`"
+    add "$NEW_DEPS"
+    add "\`\`\`"
+    add ""
+    add "**What this means:** Every new dependency is a future maintenance burden and potential security risk. Verify each is necessary."
+    add ""
+  fi
+fi
+
+if echo "$CHANGED" | grep -q "requirements.txt"; then
+  NEW_PY_DEPS=$(git diff "$BASE"...HEAD -- requirements.txt 2>/dev/null | grep "^+" | grep -v "^+++" || true)
+  if [ -n "$NEW_PY_DEPS" ]; then
+    add "### 🟡 New Python Dependencies"
+    add ""
+    add "\`\`\`"
+    add "$NEW_PY_DEPS"
+    add "\`\`\`"
+    add ""
+  fi
+fi
+
+# Error handling in diff
+DIFF_CONTENT=$(git diff "$BASE"...HEAD -- $SOURCE_CHANGED 2>/dev/null || true)
+EMPTY_CATCHES=$(echo "$DIFF_CONTENT" | grep "^+" | grep -E "catch.*\{" -A 2 | grep -c "^\+\s*\}" 2>/dev/null || echo "0")
+CONSOLE_CATCHES=$(echo "$DIFF_CONTENT" | grep "^+" | grep -B1 -A3 "catch" | grep -c "console\.\(log\|error\)" 2>/dev/null || echo "0")
+NEW_TODOS=$(echo "$DIFF_CONTENT" | grep "^+" | grep -ci "TODO\|FIXME\|HACK\|XXX" 2>/dev/null || echo "0")
+
+if [ "$EMPTY_CATCHES" -gt 0 ]; then
+  add "### 🔴 Empty Catch Blocks in New Code"
+  add ""
+  add "Found **$EMPTY_CATCHES** empty catch blocks. Errors will be swallowed silently."
+  add ""
+  add "**What this means:** Your smoke detectors have dead batteries — failures happen silently."
+  add ""
+fi
+
+if [ "$CONSOLE_CATCHES" -gt 0 ]; then
+  add "### 🟡 Console-Only Error Handling"
+  add ""
+  add "Found **$CONSOLE_CATCHES** catch blocks that only console.log/error."
+  add ""
+  add "**What this means:** Errors are acknowledged but not actually handled. In production, nobody reads the console."
+  add ""
+fi
+
+if [ "$NEW_TODOS" -gt 0 ]; then
+  add "### 🟡 TODO/FIXME Markers"
+  add ""
+  add "Found **$NEW_TODOS** new TODO/FIXME/HACK markers. This is unfinished work entering the codebase."
+  add ""
+fi
+
+# Test coverage for changed files
+add "## Test Coverage for Changed Files"
+add ""
+UNTESTED=0
+TESTED=0
+UPDATED=0
+
+for file in $(echo "$SOURCE_CHANGED" | grep -v test | grep -v spec | grep -v "^$"); do
+  BASENAME=$(basename "$file" | sed 's/\.\(ts\|tsx\|js\|jsx\|py\|go\|rs\)$//')
+  TEST_EXISTS=$(find . -name "${BASENAME}.test.*" -o -name "${BASENAME}.spec.*" -o -name "test_${BASENAME}.*" 2>/dev/null | grep -v node_modules | head -1)
+  
+  if [ -n "$TEST_EXISTS" ]; then
+    if echo "$CHANGED" | grep -q "$(basename "$TEST_EXISTS")"; then
+      add "- 🟢 \`$file\` — test exists and was updated"
+      UPDATED=$((UPDATED + 1))
+    else
+      add "- 🟡 \`$file\` — test exists but NOT updated"
+      TESTED=$((TESTED + 1))
+    fi
+  else
+    add "- 🔴 \`$file\` — no test file found"
+    UNTESTED=$((UNTESTED + 1))
+  fi
+done
+
+add ""
+add "**Summary:** $UPDATED tested & updated, $TESTED tested but stale, $UNTESTED untested"
+add ""
+
+# Large files in diff
+add "## File Size Check"
+add ""
+for file in $(echo "$SOURCE_CHANGED" | grep -v "^$"); do
+  if [ -f "$file" ]; then
+    LINES=$(wc -l < "$file")
+    if [ "$LINES" -gt 400 ]; then
+      add "- 🔴 \`$file\` — $LINES lines (over 400 threshold)"
+    elif [ "$LINES" -gt 200 ]; then
+      add "- 🟡 \`$file\` — $LINES lines (approaching threshold)"
+    fi
+  fi
+done
+add ""
+
+# Verdict
+CRITICAL=0
+[ "$EMPTY_CATCHES" -gt 0 ] && CRITICAL=$((CRITICAL + 1))
+[ "$UNTESTED" -gt 3 ] && CRITICAL=$((CRITICAL + 1))
+[ "$DIR_COUNT" -gt 7 ] && CRITICAL=$((CRITICAL + 1))
+
+if [ "$CRITICAL" -gt 0 ]; then
+  add "## Verdict: 🛑 Hold"
+  add ""
+  add "**$CRITICAL critical issues** should be addressed before merging."
+elif [ "$NEW_TODOS" -gt 0 ] || [ "$CONSOLE_CATCHES" -gt 0 ] || [ "$TESTED" -gt 2 ]; then
+  add "## Verdict: ⚠️ Ship With Notes"
+  add ""
+  add "No blocking issues, but address the warnings above soon."
+else
+  add "## Verdict: ✅ Ship It"
+  add ""
+  add "No significant issues found in this diff."
+fi
+
+# Output
+echo -e "$REPORT"