@vibecheckai/cli 3.0.4 → 3.0.7

package/mcp-server/consolidated-tools.js

@@ -0,0 +1,804 @@
+/**
+ * Vibecheck MCP Consolidated Tools
+ * 
+ * Reduced from 50+ tools to 15 focused tools that map to CLI commands.
+ * Each tool returns evidence-backed responses with file/line citations.
+ * 
+ * Tool Categories:
+ * 1. Core Commands (5) - ship, scan, fix, verify, ctx
+ * 2. Truth Queries (5) - truthpack, routes, env, auth, billing
+ * 3. Evidence (3) - validate_claim, evidence, proof_graph
+ * 4. Utilities (2) - status, doctor
+ */
+
+import { execSync, spawn } from 'child_process';
+import fs from 'fs';
+import path from 'path';
+
+// ============================================================================
+// TOOL DEFINITIONS (15 Core Tools)
+// ============================================================================
+
+export const CONSOLIDATED_TOOLS = [
+  // === CORE COMMANDS (5) ===
+  {
+    name: "vibecheck.ship",
+    description: "Get ship verdict: SHIP/WARN/BLOCK with evidence. Returns top blockers and fix suggestions.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        strict: { type: "boolean", description: "Treat warnings as blockers", default: false },
+        json: { type: "boolean", description: "Return raw JSON output", default: false }
+      }
+    }
+  },
+  {
+    name: "vibecheck.scan",
+    description: "Deep scan for ship-killers: secrets, auth gaps, fake success, dead UI, billing bypasses.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        profile: { 
+          type: "string", 
+          enum: ["quick", "full", "security", "billing"],
+          description: "Scan profile",
+          default: "quick"
+        }
+      }
+    }
+  },
+  {
+    name: "vibecheck.fix",
+    description: "Generate fix plan or apply patches for findings. Returns evidence-backed fix suggestions.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        apply: { type: "boolean", description: "Apply patches (requires clean git)", default: false },
+        promptOnly: { type: "boolean", description: "Generate prompts only, no patches", default: false }
+      }
+    }
+  },
+  {
+    name: "vibecheck.verify",
+    description: "Runtime verification using Playwright. Tests UI behavior, auth flows, dead buttons.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        url: { type: "string", description: "Base URL to verify (required)" },
+        auth: { type: "string", description: "Login credentials as email:password" },
+        paths: { type: "string", description: "Comma-separated paths to test" },
+        budget: { type: "string", enum: ["2m", "5m", "10m"], description: "Time budget", default: "5m" }
+      },
+      required: ["url"]
+    }
+  },
+  {
+    name: "vibecheck.ctx",
+    description: "Generate Truth Pack with routes, env, auth, billing facts. Evidence-backed context.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        snapshot: { type: "boolean", description: "Save timestamped snapshot", default: false }
+      }
+    }
+  },
+
+  // === TRUTH QUERIES (5) ===
+  {
+    name: "vibecheck.get_truthpack",
+    description: "Get the full Truth Pack for the project. Use this BEFORE making claims about the codebase.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        refresh: { type: "boolean", description: "Force regenerate truthpack", default: false }
+      }
+    }
+  },
+  {
+    name: "vibecheck.get_routes",
+    description: "Get all server and client routes with file/line evidence.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        type: { type: "string", enum: ["server", "client", "all"], default: "all" }
+      }
+    }
+  },
+  {
+    name: "vibecheck.get_env",
+    description: "Get env vars: declared, used, mismatches. Evidence-backed.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." }
+      }
+    }
+  },
+  {
+    name: "vibecheck.get_auth",
+    description: "Get auth model: guards, protected routes, unprotected routes, gaps.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." }
+      }
+    }
+  },
+  {
+    name: "vibecheck.get_billing",
+    description: "Get billing model: gates, paid features, bypasses, enforcement gaps.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." }
+      }
+    }
+  },
+
+  // === EVIDENCE (3) ===
+  {
+    name: "vibecheck.validate_claim",
+    description: "Validate a claim about the codebase. Returns true/false/unknown with evidence.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        claim: { type: "string", description: "The claim to validate (required)" },
+        type: { 
+          type: "string", 
+          enum: ["route_exists", "env_var_used", "auth_enforced", "file_exists", "function_exists"],
+          description: "Type of claim"
+        }
+      },
+      required: ["claim"]
+    }
+  },
+  {
+    name: "vibecheck.get_evidence",
+    description: "Get file/line evidence for a specific finding or claim.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        findingId: { type: "string", description: "Finding ID to get evidence for" },
+        file: { type: "string", description: "File path to extract evidence from" },
+        pattern: { type: "string", description: "Regex pattern to search for" }
+      }
+    }
+  },
+  {
+    name: "vibecheck.get_proof_graph",
+    description: "Get the proof graph: claims -> evidence -> gaps -> risk score.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." }
+      }
+    }
+  },
+
+  // === SPEC-REQUIRED TOOLS (4) ===
+  {
+    name: "vibecheck.get_contracts",
+    description: "Get context contracts (routes, env, auth, external). Use with validate_plan to stop hallucinations.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." }
+      }
+    }
+  },
+  {
+    name: "vibecheck.validate_plan",
+    description: "Validate an AI-generated plan against contracts. Returns violations for invented routes, missing env vars, auth mismatches.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        plan: { 
+          type: "array", 
+          description: "Array of plan actions to validate",
+          items: {
+            type: "object",
+            properties: {
+              action: { type: "string" },
+              target: { type: "string" },
+              details: { type: "object" }
+            }
+          }
+        }
+      },
+      required: ["plan"]
+    }
+  },
+  {
+    name: "vibecheck.share",
+    description: "Build share pack from latest mission. Generates sanitized share.json, share.md, pr_comment.md.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        missionDir: { type: "string", description: "Specific mission directory (default: latest)" }
+      }
+    }
+  },
+  {
+    name: "vibecheck.pr_comment",
+    description: "Render PR comment markdown from last ship report. Ready to paste into GitHub PR.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        maxFindings: { type: "number", description: "Max findings to include", default: 12 }
+      }
+    }
+  },
+
+  // === UTILITIES (2) ===
+  {
+    name: "vibecheck.status",
+    description: "Get current vibecheck status: last verdict, findings count, truthpack freshness.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." }
+      }
+    }
+  },
+  {
+    name: "vibecheck.doctor",
+    description: "Environment health check. Verifies dependencies, configs, permissions.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." }
+      }
+    }
+  }
+];
+
+// ============================================================================
+// TOOL HANDLERS
+// ============================================================================
+
+export async function handleConsolidatedTool(name, args) {
+  const projectPath = args.projectPath || process.cwd();
+  
+  switch (name) {
+    // Core Commands
+    case "vibecheck.ship":
+      return await runCliCommand("ship", projectPath, args);
+    case "vibecheck.scan":
+      return await runCliCommand("scan", projectPath, args);
+    case "vibecheck.fix":
+      return await runCliCommand("fix", projectPath, args);
+    case "vibecheck.verify":
+      return await runCliCommand("verify", projectPath, args);
+    case "vibecheck.ctx":
+      return await runCliCommand("ctx", projectPath, args);
+    
+    // Truth Queries
+    case "vibecheck.get_truthpack":
+      return await getTruthpack(projectPath, args.refresh);
+    case "vibecheck.get_routes":
+      return await getRoutes(projectPath, args.type);
+    case "vibecheck.get_env":
+      return await getEnv(projectPath);
+    case "vibecheck.get_auth":
+      return await getAuth(projectPath);
+    case "vibecheck.get_billing":
+      return await getBilling(projectPath);
+    
+    // Evidence
+    case "vibecheck.validate_claim":
+      return await validateClaim(projectPath, args.claim, args.type);
+    case "vibecheck.get_evidence":
+      return await getEvidence(projectPath, args);
+    case "vibecheck.get_proof_graph":
+      return await getProofGraph(projectPath);
+    
+    // Utilities
+    case "vibecheck.status":
+      return await getStatus(projectPath);
+    case "vibecheck.doctor":
+      return await runCliCommand("doctor", projectPath, args);
+    
+    // Spec-required tools
+    case "vibecheck.get_contracts":
+      return await getContracts(projectPath);
+    case "vibecheck.validate_plan":
+      return await validatePlan(projectPath, args.plan);
+    case "vibecheck.share":
+      return await buildShare(projectPath, args.missionDir);
+    case "vibecheck.pr_comment":
+      return await renderPRComment(projectPath, args.maxFindings);
+    
+    default:
+      return { error: `Unknown tool: ${name}`, available: CONSOLIDATED_TOOLS.map(t => t.name) };
+  }
+}
+
+// ============================================================================
+// IMPLEMENTATION HELPERS
+// ============================================================================
+
+async function runCliCommand(cmd, projectPath, args) {
+  const binPath = path.join(__dirname, '..', 'bin', 'vibecheck.js');
+  let cmdArgs = [cmd];
+  
+  // Add flags based on args
+  if (args.strict) cmdArgs.push('--strict');
+  if (args.json) cmdArgs.push('--json');
+  if (args.apply) cmdArgs.push('--apply');
+  if (args.promptOnly) cmdArgs.push('--prompt-only');
+  if (args.snapshot) cmdArgs.push('--snapshot');
+  if (args.url) cmdArgs.push('--url', args.url);
+  if (args.auth) cmdArgs.push('--auth', args.auth);
+  if (args.paths) cmdArgs.push('--paths', args.paths);
+  if (args.budget) cmdArgs.push('--budget', args.budget);
+  if (args.profile) cmdArgs.push('--profile', args.profile);
+  
+  try {
+    const result = execSync(`node "${binPath}" ${cmdArgs.join(' ')}`, {
+      cwd: projectPath,
+      encoding: 'utf8',
+      timeout: 120000
+    });
+    
+    // Try to parse JSON output
+    try {
+      return JSON.parse(result);
+    } catch {
+      return { output: result, success: true };
+    }
+  } catch (error) {
+    return {
+      error: error.message,
+      exitCode: error.status,
+      output: error.stdout || error.stderr
+    };
+  }
+}
+
+async function getTruthpack(projectPath, refresh = false) {
+  // Spec path: .vibecheck/truthpack.json
+  const specPath = path.join(projectPath, '.vibecheck', 'truthpack.json');
+  // Legacy path: .vibecheck/truth/truthpack.json
+  const legacyPath = path.join(projectPath, '.vibecheck', 'truth', 'truthpack.json');
+  
+  const truthpackPath = fs.existsSync(specPath) ? specPath : legacyPath;
+  
+  if (refresh || !fs.existsSync(truthpackPath)) {
+    await runCliCommand('ctx', projectPath, {});
+  }
+  
+  // Try spec path first after potential regeneration
+  for (const tpPath of [specPath, legacyPath]) {
+    try {
+      const truthpack = JSON.parse(fs.readFileSync(tpPath, 'utf8'));
+      return {
+        data: truthpack,
+        evidence: [{ file: tpPath.replace(projectPath, '.'), line: 1 }],
+        confidence: 1.0,
+        freshness: truthpack.generatedAt
+      };
+    } catch {}
+  }
+  
+  return { error: 'Truthpack not found. Run vibecheck ctx first.', gaps: ['truthpack_missing'] };
+}
+
+async function getRoutes(projectPath, type = 'all') {
+  const truthpack = await getTruthpack(projectPath);
+  if (truthpack.error) return truthpack;
+  
+  const routes = truthpack.data.routes || {};
+  
+  if (type === 'server') {
+    return { data: routes.server || [], evidence: [], confidence: 0.9 };
+  } else if (type === 'client') {
+    return { data: routes.clientRefs || [], evidence: [], confidence: 0.85 };
+  }
+  
+  return {
+    data: {
+      server: routes.server || [],
+      client: routes.clientRefs || [],
+      gaps: routes.gaps || []
+    },
+    evidence: [],
+    confidence: 0.9
+  };
+}
+
+async function getEnv(projectPath) {
+  const truthpack = await getTruthpack(projectPath);
+  if (truthpack.error) return truthpack;
+  
+  return {
+    data: truthpack.data.env || {},
+    evidence: [],
+    confidence: 0.95
+  };
+}
+
+async function getAuth(projectPath) {
+  const truthpack = await getTruthpack(projectPath);
+  if (truthpack.error) return truthpack;
+  
+  return {
+    data: truthpack.data.auth || {},
+    evidence: [],
+    confidence: 0.85
+  };
+}
+
+async function getBilling(projectPath) {
+  const truthpack = await getTruthpack(projectPath);
+  if (truthpack.error) return truthpack;
+  
+  return {
+    data: truthpack.data.billing || {},
+    evidence: [],
+    confidence: 0.8
+  };
+}
+
+async function validateClaim(projectPath, claim, type) {
+  // Use the claim verifier runner
+  const binPath = path.join(__dirname, '..', 'bin', 'runners', 'runClaimVerifier.js');
+  
+  try {
+    const { validateClaim: verify } = require(binPath);
+    const result = await verify(projectPath, { claim, type });
+    return result;
+  } catch (error) {
+    // Fallback to simple validation
+    const truthpack = await getTruthpack(projectPath);
+    if (truthpack.error) return { valid: 'unknown', reason: truthpack.error };
+    
+    // Simple claim validation based on type
+    if (type === 'route_exists') {
+      const routes = truthpack.data.routes?.server || [];
+      const exists = routes.some(r => r.path === claim || r.path.includes(claim));
+      return {
+        valid: exists,
+        confidence: exists ? 0.9 : 0.7,
+        evidence: exists ? routes.filter(r => r.path.includes(claim)).slice(0, 3) : [],
+        gaps: exists ? [] : [`Route ${claim} not found in server routes`]
+      };
+    }
+    
+    if (type === 'env_var_used') {
+      const vars = truthpack.data.env?.vars || [];
+      const found = vars.find(v => v.name === claim);
+      return {
+        valid: !!found,
+        confidence: found ? 0.95 : 0.8,
+        evidence: found ? [{ file: found.file, line: found.line }] : [],
+        gaps: found ? [] : [`Env var ${claim} not found in codebase`]
+      };
+    }
+    
+    if (type === 'file_exists') {
+      const filePath = path.join(projectPath, claim);
+      const exists = fs.existsSync(filePath);
+      return {
+        valid: exists,
+        confidence: 1.0,
+        evidence: exists ? [{ file: claim, line: 1 }] : [],
+        gaps: exists ? [] : [`File ${claim} does not exist`]
+      };
+    }
+    
+    return { valid: 'unknown', reason: 'Claim type not supported', type };
+  }
+}
+
+async function getEvidence(projectPath, args) {
+  if (args.findingId) {
+    // Get evidence for a specific finding from last ship report
+    const shipPath = path.join(projectPath, '.vibecheck', 'last_ship.json');
+    try {
+      const report = JSON.parse(fs.readFileSync(shipPath, 'utf8'));
+      const finding = report.findings?.find(f => f.id === args.findingId);
+      if (finding) {
+        return {
+          data: finding.evidence || [],
+          finding,
+          confidence: 0.9
+        };
+      }
+    } catch {}
+    return { error: 'Finding not found', findingId: args.findingId };
+  }
+  
+  if (args.file && args.pattern) {
+    // Search for pattern in file
+    const filePath = path.join(projectPath, args.file);
+    try {
+      const content = fs.readFileSync(filePath, 'utf8');
+      const regex = new RegExp(args.pattern, 'gi');
+      const matches = [];
+      let match;
+      while ((match = regex.exec(content)) !== null) {
+        const line = content.substring(0, match.index).split('\n').length;
+        matches.push({
+          file: args.file,
+          line,
+          snippet: match[0],
+          confidence: 0.95
+        });
+      }
+      return { data: matches, confidence: 0.9 };
+    } catch (error) {
+      return { error: error.message };
+    }
+  }
+  
+  return { error: 'Provide either findingId or file+pattern' };
+}
+
+async function getProofGraph(projectPath) {
+  const proofPath = path.join(projectPath, '.vibecheck', 'proof-graph.json');
+  
+  try {
+    const proofGraph = JSON.parse(fs.readFileSync(proofPath, 'utf8'));
+    return {
+      data: proofGraph,
+      confidence: 0.9
+    };
+  } catch {
+    // Generate if not exists
+    await runCliCommand('ship', projectPath, {});
+    try {
+      const proofGraph = JSON.parse(fs.readFileSync(proofPath, 'utf8'));
+      return { data: proofGraph, confidence: 0.9 };
+    } catch {
+      return { error: 'Proof graph not available. Run vibecheck ship first.' };
+    }
+  }
+}
+
+async function getStatus(projectPath) {
+  const shipPath = path.join(projectPath, '.vibecheck', 'last_ship.json');
+  // Check both spec path and legacy path
+  const truthpackPath = path.join(projectPath, '.vibecheck', 'truthpack.json');
+  const legacyTruthpackPath = path.join(projectPath, '.vibecheck', 'truth', 'truthpack.json');
+  
+  const status = {
+    hasShipReport: false,
+    hasTruthpack: false,
+    lastVerdict: null,
+    findingsCount: 0,
+    truthpackAge: null
+  };
+  
+  try {
+    const report = JSON.parse(fs.readFileSync(shipPath, 'utf8'));
+    status.hasShipReport = true;
+    status.lastVerdict = report.meta?.verdict;
+    status.findingsCount = report.findings?.length || 0;
+  } catch {}
+  
+  // Try spec path first, then legacy
+  for (const tpPath of [truthpackPath, legacyTruthpackPath]) {
+    try {
+      const truthpack = JSON.parse(fs.readFileSync(tpPath, 'utf8'));
+      status.hasTruthpack = true;
+      status.truthpackAge = truthpack.generatedAt;
+      break;
+    } catch {}
+  }
+  
+  return { data: status, confidence: 1.0 };
+}
+
+// ============================================================================
+// SPEC-REQUIRED TOOL IMPLEMENTATIONS
+// ============================================================================
+
+async function getContracts(projectPath) {
+  const contractDir = path.join(projectPath, '.vibecheck', 'contracts');
+  const contracts = {};
+  
+  const files = ['routes.json', 'env.json', 'auth.json', 'external.json'];
+  
+  for (const file of files) {
+    const filePath = path.join(contractDir, file);
+    try {
+      contracts[file.replace('.json', '')] = JSON.parse(fs.readFileSync(filePath, 'utf8'));
+    } catch {}
+  }
+  
+  if (Object.keys(contracts).length === 0) {
+    return { 
+      error: 'No contracts found. Run vibecheck ctx sync first.',
+      hint: 'vibecheck ctx sync generates contracts from your truthpack'
+    };
+  }
+  
+  return {
+    data: contracts,
+    files: Object.keys(contracts).map(k => `.vibecheck/contracts/${k}.json`),
+    confidence: 1.0
+  };
+}
+
+async function validatePlan(projectPath, plan) {
+  if (!plan || !Array.isArray(plan)) {
+    return { error: 'Plan must be an array of actions' };
+  }
+  
+  // Load contracts
+  const contractsResult = await getContracts(projectPath);
+  if (contractsResult.error) {
+    return { 
+      valid: 'unknown', 
+      reason: contractsResult.error,
+      hint: 'Generate contracts first with: vibecheck ctx sync'
+    };
+  }
+  
+  const contracts = contractsResult.data;
+  const violations = [];
+  const requiredContractEdits = [];
+  
+  for (const action of plan) {
+    // Check route references
+    if (action.action === 'fetch' || action.action === 'api_call' || action.target?.startsWith('/api/')) {
+      const routeTarget = action.target || action.details?.endpoint;
+      if (routeTarget && contracts.routes?.routes) {
+        const routeExists = contracts.routes.routes.some(r => 
+          r.path === routeTarget || 
+          r.path.replace(/:\w+/g, '[^/]+').match(new RegExp(`^${routeTarget.replace(/:\w+/g, '[^/]+')}$`))
+        );
+        if (!routeExists) {
+          violations.push({
+            type: 'route_not_in_contract',
+            action: action.action,
+            target: routeTarget,
+            message: `Route ${routeTarget} not found in routes contract`,
+            severity: 'BLOCK'
+          });
+          requiredContractEdits.push({
+            contract: 'routes',
+            action: 'add_route',
+            data: { path: routeTarget, method: action.details?.method || 'GET' }
+          });
+        }
+      }
+    }
+    
+    // Check env var references
+    if (action.action === 'use_env' || action.details?.env) {
+      const envVar = action.target || action.details?.env;
+      if (envVar && contracts.env?.vars) {
+        const envExists = contracts.env.vars.some(v => v.name === envVar);
+        if (!envExists) {
+          violations.push({
+            type: 'env_not_in_contract',
+            action: action.action,
+            target: envVar,
+            message: `Env var ${envVar} not declared in env contract`,
+            severity: 'WARN'
+          });
+          requiredContractEdits.push({
+            contract: 'env',
+            action: 'add_var',
+            data: { name: envVar, required: true }
+          });
+        }
+      }
+    }
+  }
+  
+  return {
+    valid: violations.length === 0,
+    violations,
+    requiredContractEdits,
+    checkedActions: plan.length,
+    confidence: 0.9
+  };
+}
+
+async function buildShare(projectPath, missionDir) {
+  const binPath = path.join(__dirname, '..', 'bin', 'vibecheck.js');
+  let cmdArgs = ['share'];
+  if (missionDir) cmdArgs.push('--mission-dir', missionDir);
+  
+  try {
+    const result = execSync(`node "${binPath}" ${cmdArgs.join(' ')}`, {
+      cwd: projectPath,
+      encoding: 'utf8',
+      timeout: 30000
+    });
+    
+    // Read generated files
+    const shareDir = path.join(projectPath, '.vibecheck', 'missions');
+    const files = {};
+    
+    for (const file of ['share.json', 'share.md', 'pr_comment.md']) {
+      // Find latest mission dir
+      try {
+        const dirs = fs.readdirSync(shareDir).filter(d => d.match(/^\d+$/)).sort().reverse();
+        if (dirs.length > 0) {
+          const latestShare = path.join(shareDir, dirs[0], 'share', file);
+          if (fs.existsSync(latestShare)) {
+            files[file] = fs.readFileSync(latestShare, 'utf8');
+          }
+        }
+      } catch {}
+    }
+    
+    return {
+      success: true,
+      output: result,
+      files,
+      confidence: 1.0
+    };
+  } catch (error) {
+    return { error: error.message };
+  }
+}
+
+async function renderPRComment(projectPath, maxFindings = 12) {
+  const shipPath = path.join(projectPath, '.vibecheck', 'last_ship.json');
+  
+  try {
+    const report = JSON.parse(fs.readFileSync(shipPath, 'utf8'));
+    const verdict = report.meta?.verdict || 'unknown';
+    const findings = report.findings || [];
+    
+    // Build PR comment markdown
+    const severityCounts = { BLOCK: 0, WARN: 0, INFO: 0 };
+    for (const f of findings) {
+      severityCounts[f.severity] = (severityCounts[f.severity] || 0) + 1;
+    }
+    
+    const verdictEmoji = verdict === 'SHIP' ? '✅' : verdict === 'WARN' ? '⚠️' : '🛑';
+    
+    let md = `## vibecheck — ${verdictEmoji} ${verdict}\n\n`;
+    md += `**Reality summary:** BLOCK=${severityCounts.BLOCK} • WARN=${severityCounts.WARN}\n\n`;
+    
+    const topFindings = findings
+      .filter(f => f.severity === 'BLOCK' || f.severity === 'WARN')
+      .slice(0, maxFindings);
+    
+    if (topFindings.length === 0) {
+      md += `✅ No blockers. Ship it.\n`;
+    } else {
+      md += `### Top findings\n`;
+      for (const f of topFindings) {
+        md += `- **${f.severity}** \`${f.id}\` — ${f.title}\n`;
+        const ev = (f.evidence || [])[0];
+        if (ev?.file) {
+          md += `  - Evidence: \`${ev.file}:${ev.lines}\` (${ev.reason})\n`;
+        }
+        const hint = (f.fixHints || [])[0];
+        if (hint) md += `  - Fix: ${hint}\n`;
+      }
+      
+      if (findings.length > topFindings.length) {
+        md += `\n_…and ${findings.length - topFindings.length} more finding(s). See \`.vibecheck/last_ship.json\` for full details._\n`;
+      }
+    }
+    
+    return {
+      markdown: md,
+      verdict,
+      findingsCount: findings.length,
+      confidence: 1.0
+    };
+  } catch (error) {
+    return { error: 'No ship report found. Run vibecheck ship first.' };
+  }
+}
+
+export default { CONSOLIDATED_TOOLS, handleConsolidatedTool };