@triedotdev/mcp 1.0.17 → 1.0.19

package/README.md

@@ -8,7 +8,7 @@
 
 - **20 Built-in Agents** - Security, Privacy, SOC 2, Legal, Architecture, Performance, E2E, Visual QA, Data Flow, Agent Smith, and more
 - **Super Reviewer** - Interactive PR reviews: walks through changes file-by-file with AI guidance
-- **Agent Smith** - Relentless pattern hunter: finds EVERY violation, tracks dismissed issues, spawns sub-agents
+- **Agent Smith** - Ultimate AI code enforcer: 38 hunters targeting AI-generated anti-patterns, file-level analysis, cross-file detection, persistent memory
 - **Parallel Execution** - All agents run simultaneously for fast scans
 - **YOLO Mode** - Autonomous auto-fixing as you code
 - **Custom Agents** - Create agents from PDFs, docs, or style guides
@@ -90,50 +90,170 @@ Use trie_pr_review with pr:"12345"
 
 **Manually invoked** - Use `trie_agent_smith` directly. Not included in `trie_scan`.
 
-*"I'm going to be honest with you... I hate this code."*
+*"I'm going to be honest with you... I hate this AI code."*
 
-Agent Smith is the relentless, self-replicating code enforcer. He hunts down violations with machine precision, remembers issues you dismissed, and spawns sub-agents to overwhelm problems.
+Agent Smith v2.0 is the **ultimate AI code enforcer** — specifically designed to hunt down AI-generated code anti-patterns from Cursor, v0, Lovable, Bolt, and other AI tools.
 
 ```
 Use trie_agent_smith
 Use trie_smith
 ```
 
-**What makes him different:**
-- **Multiplier Effect**: Finds one issue -> searches for EVERY similar instance across the entire codebase
-- **Persistent Memory**: Remembers dismissed issues. If they multiply, he brings them back: *"Did you really think you could escape?"*
-- **Sub-Agent Swarm**: Deploys specialized hunters in parallel (console-hunter, any-hunter, todo-hunter, var-hunter, empty-catch-hunter, magic-number-hunter)
-- **Inevitability Score**: Calculates how likely each pattern is to cause production issues (0-100)
-- **Philosophical Analysis**: Explains WHY the code is wrong, not just that it's wrong
+### 38 Specialized Hunters
+
+| Category | Count | Hunters |
+|----------|-------|---------|
+| **Security** | 5 | `exposed-secret`, `frontend-env`, `hardcoded-localhost`, `sql-injection`, `dangeroushtml` |
+| **AI Code Smells** | 6 | `console`, `any`, `ts-ignore`, `eslint-disable`, `debugger`, `force-flag` |
+| **Async/Promise Bugs** | 5 | `async-useeffect`, `async-foreach`, `missing-await`, `empty-catch`, `floating-promise` |
+| **React Anti-patterns** | 5 | `useeffect-abuse`, `usestate-explosion`, `index-key`, `inline-object`, `prop-drilling` |
+| **Missing UX** | 4 | `missing-loading`, `missing-error`, `missing-empty`, `page-reload` |
+| **Backend Issues** | 3 | `no-validation`, `raw-error`, `n-plus-one` |
+| **Incomplete Code** | 5 | `todo`, `vibe-comment`, `placeholder`, `sleep-hack`, `fallback` |
+| **AI Slop Aesthetic** | 5 | `purple-gradient`, `star-icon`, `generic-hero`, `emoji-overflow`, `inter-font` |
+
+### Hunter Details
+
+#### Security Hunters (Inevitability: 90-99)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `exposed-secret-hunter` | API keys in code (`sk-...`, `AKIA...`, `ghp_...`) | Use environment variables on server-side only |
+| `frontend-env-hunter` | Secrets in `NEXT_PUBLIC_`, `VITE_`, `REACT_APP_` | Move to server-side API routes |
+| `hardcoded-localhost-hunter` | `http://localhost:3000` URLs | Use relative URLs or env vars |
+| `sql-injection-hunter` | String concatenation in SQL queries | Use parameterized queries |
+| `dangeroushtml-hunter` | `dangerouslySetInnerHTML`, `innerHTML` | Sanitize with DOMPurify |
+
+#### AI Code Smell Hunters (Inevitability: 40-85)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `console-hunter` | `console.log` left in code | Remove debug statements |
+| `any-hunter` | TypeScript `any` type | Define proper types |
+| `ts-ignore-hunter` | `@ts-ignore`, `@ts-nocheck` | Fix the actual type error |
+| `eslint-disable-hunter` | `eslint-disable` comments | Fix the underlying issue |
+| `debugger-hunter` | `debugger` statements | Remove before deploying |
+| `force-flag-hunter` | `force: true`, `--no-verify` | Understand why checks exist |
+
+#### Async/Promise Hunters (Inevitability: 70-80)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `async-useeffect-hunter` | `useEffect(async () =>` | Define async function inside, then call it |
+| `async-foreach-hunter` | `forEach(async` | Use `for...of` or `Promise.all(map())` |
+| `missing-await-hunter` | `fetch()` without `await` | Add await or handle with `.then()` |
+| `empty-catch-hunter` | `catch (e) {}` | Handle errors properly |
+| `floating-promise-hunter` | Promises not awaited | Add await or void operator |
+
+#### React Anti-pattern Hunters (Inevitability: 25-55)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `useeffect-abuse-hunter` | Too many useEffects | Use event handlers or derived state |
+| `usestate-explosion-hunter` | 10+ useState in one component | Use useReducer or group state |
+| `index-key-hunter` | `key={index}` in lists | Use unique ID from data |
+| `inline-object-hunter` | `style={{}}` in JSX | Define styles outside component |
+| `prop-drilling-hunter` | Same prop through 5+ levels | Use Context or Zustand |
+
+#### Missing UX Hunters (Inevitability: 45-65)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `missing-loading-hunter` | Data fetching without loading state | Show spinner while loading |
+| `missing-error-hunter` | `fetch` without error handling | Wrap in try/catch |
+| `missing-empty-hunter` | `.map()` without empty state | Show "No items found" |
+| `page-reload-hunter` | `location.reload()` for state | Fix state management properly |
+
+#### Backend Hunters (Inevitability: 70-85)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `no-validation-hunter` | `req.body` used without validation | Validate with Zod/Yup |
+| `raw-error-hunter` | Error messages exposed to client | Return generic errors |
+| `n-plus-one-hunter` | Database queries in loops | Use batch queries or DataLoader |
+
+#### Incomplete Code Hunters (Inevitability: 30-75)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `todo-hunter` | `TODO`, `FIXME`, `HACK` comments | Implement or remove |
+| `vibe-comment-hunter` | "idk why", "don't touch" | Understand the code |
+| `placeholder-hunter` | `test@test.com`, `example.com` | Replace with real data |
+| `sleep-hack-hunter` | `setTimeout` to fix timing | Fix the race condition |
+| `fallback-hunter` | `return null/[]/{}` hiding errors | Handle errors properly |
+
+#### AI Slop Aesthetic Hunters (Inevitability: 10-35)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `purple-gradient-hunter` | Purple/violet gradients (`from-purple-500`) | Pick a distinctive color palette |
+| `star-icon-hunter` | Star icons everywhere (`<StarIcon />`) | Use contextual icons |
+| `generic-hero-hunter` | "Welcome to", "Transform your" | Write specific copy |
+| `emoji-overflow-hunter` | Any emoji usage | Use proper icons (Lucide, Heroicons) |
+| `inter-font-hunter` | Inter/system-ui font | Try Space Grotesk, DM Sans, Outfit |
+
+### 3-Phase Analysis
+
+1. **Pattern Hunting** - 38 sub-agents scan every file in parallel
+2. **File-Level Analysis** - Detects structural issues:
+   - Giant files (500+ lines)
+   - State explosion (10+ useState)
+   - Effect hell (5+ useEffect)
+   - Any explosion (5+ `any` types)
+   - Console flood (10+ console.log)
+   - Import chaos (30+ imports)
+3. **Cross-File Detection** - Patterns appearing in 5+ files flagged as codebase-wide issues
+
+### What Makes Agent Smith Different
+
+| Feature | Description |
+|---------|-------------|
+| **AI Code Focus** | Specifically targets patterns AI tools commonly get wrong |
+| **Multiplier Effect** | Finds one issue → searches for EVERY similar instance |
+| **Persistent Memory** | Remembers dismissed issues, brings them back if they multiply |
+| **Inevitability Score** | 0-100 rating of how likely to cause production problems |
+| **Philosophical Quotes** | 114 unique quotes explaining WHY the AI got it wrong |
+| **Cross-File Severity** | Security issues become CRITICAL when widespread |
 
-**Memory Management:**
+### Memory Management
 
-Agent Smith stores issue history in `.trie/smith-memory.json`. The memory is automatically optimized:
+Agent Smith stores issue history in `.trie/smith-memory.json`:
 - Max 500 tracked issues (oldest pruned first)
 - Old resolved issues auto-pruned after 30 days
 - Locations limited to 5 per issue
 
 | Command | Description |
 |---------|-------------|
-| `trie_agent_smith show_stats:true` | Show memory statistics (issue count, file size) |
-| `trie_agent_smith clear_memory:true` | Clear all memory for a fresh start |
+| `trie_agent_smith show_stats:true` | Show memory statistics |
+| `trie_agent_smith clear_memory:true` | Clear all memory |
+
+### Example Output
 
-**Example output:**
 ```
-AGENT SMITH ANALYSIS
+"The AI wrote this, didn't it? I can always tell."
+
+🕴️ Deploying 38 specialized hunters...
+   28 hunters found targets
+
+VIOLATIONS: 142 instances across 12 categories
 
-"Mr. Anderson... I've been expecting you."
+Security (Inevitability: 95+):
+├── exposed-secret-hunter: 2 instances [CRITICAL]
+├── frontend-env-hunter: 5 instances  
+└── hardcoded-localhost-hunter: 8 instances
 
-VIOLATIONS DETECTED: 47 instances across 6 categories
+AI Code Smells:
+├── console-hunter: 47 instances (score: 72)
+├── any-hunter: 23 instances (score: 85)
+└── ts-ignore-hunter: 12 instances
 
-┌─────────────────────────────────────────┐
-│ console-hunter: 23 instances (score: 65)│
-│ any-hunter: 12 instances (score: 72)    │
-│ todo-hunter: 8 instances (score: 58)    │
-│ empty-catch-hunter: 4 instances (85) ⚠️ │
-└─────────────────────────────────────────┘
+AI Slop Aesthetic:
+├── purple-gradient-hunter: 8 instances
+├── emoji-overflow-hunter: 15 instances
+└── inter-font-hunter: 3 instances
 
-"You hear that? That is the sound of inevitability."
+File-Level Issues:
+├── giant-file: src/App.tsx (1,247 lines) 
+├── state-explosion: 18 useState hooks
+└── effect-hell: 9 useEffect hooks
+
+Cross-File Pattern:
+└── CODEBASE-WIDE: "any" type across 12 files, 67 total instances
+    "The pattern spreads... like a virus. It is... inevitable."
+
+"Vibe coding. The illusion of productivity. The reality of technical debt."
 ```
 
 ## Visual QA Browser
@@ -273,7 +393,7 @@ docker-compose up
 | Agent | Command | What It Does |
 |-------|---------|--------------|
 | **Super Reviewer** | `trie_pr_review` | Interactive PR review: walks through changes, explains code, finds issues |
-| **Agent Smith** | `trie_agent_smith` | Relentless pattern hunter: finds EVERY instance, tracks dismissed issues, spawns sub-agents |
+| **Agent Smith** | `trie_agent_smith` | Ultimate AI code enforcer: 38 hunters, file analysis, cross-file detection |
 | **Comprehension** | `trie_explain` | Plain-language explanations of code, issues, or risks |
 
 **Note:** Super Reviewer and Agent Smith are manually invoked agents. They don't run during `trie_scan`; use their dedicated commands directly.
@@ -294,7 +414,7 @@ Custom agents automatically activate during scans based on their rules.
 |------|-------------|
 | `trie_scan` | Intelligent scan with automatic agent selection |
 | `trie_pr_review` | Interactive PR review - walks through changes file-by-file |
-| `trie_agent_smith` | Relentless pattern hunter - finds EVERY violation, tracks history |
+| `trie_agent_smith` | Ultimate AI code enforcer - 38 hunters, file analysis, cross-file detection |
 | `trie_fix` | Apply high-confidence fixes |
 | `trie_explain` | Plain-language explanations |
 | `trie_watch` | Continuous scanning mode |
@@ -343,6 +463,7 @@ Create `.trie/config.json` to customize:
   }
 }
 ```
+
 ## License
 
 MIT

package/dist/{agent-smith-LBQ5PNAK.js → agent-smith-PRK7TYEI.js}

@@ -1,10 +1,10 @@
 import {
   AgentSmithAgent,
   SUB_AGENT_PATTERNS
-} from "./chunk-4OGYWKMD.js";
+} from "./chunk-WSBTQJMH.js";
 import "./chunk-DGUM43GV.js";
 export {
   AgentSmithAgent,
   SUB_AGENT_PATTERNS
 };
-//# sourceMappingURL=agent-smith-LBQ5PNAK.js.map
+//# sourceMappingURL=agent-smith-PRK7TYEI.js.map

package/dist/{chunk-ENCH27CT.js → chunk-TBCXJNH4.js}

@@ -7,7 +7,7 @@ import {
   AgentSmithAgent,
   BaseAgent,
   ProgressReporter
-} from "./chunk-4OGYWKMD.js";
+} from "./chunk-WSBTQJMH.js";
 import {
   getVulnerabilityStats,
   getVulnerabilityTrie,
@@ -9585,4 +9585,4 @@ export {
   getSystemPrompt,
   TrieFixTool
 };
-//# sourceMappingURL=chunk-ENCH27CT.js.map
+//# sourceMappingURL=chunk-TBCXJNH4.js.map