@vibecheckai/cli 3.7.0 → 3.9.0

package/README.md

@@ -1,4 +1,4 @@
-# vibecheck CLI v3.1.8
+# vibecheck CLI v4.0
 
 **Ship with confidence. One verdict: SHIP | WARN | BLOCK**
 
@@ -9,97 +9,127 @@ The CLI that catches AI hallucinations before they ship. Dead routes, fake data,
 ```bash
 npm install -g @vibecheckai/cli
 # or
-npx @vibecheckai/cli ship
+npx @vibecheckai/cli --help
 ```
 
 ## Quick Start
 
 ```bash
-# 1. Setup your project
-vibecheck init --local
+# 1. Setup your project (one-time)
+vibecheck link
 
-# 2. Scan for issues
-vibecheck scan
+# 2. 60-second onboarding (recommended)
+vibecheck kickoff
 
-# 3. Get ship verdict
+# 3. Run analysis
+vibecheck audit
+
+# 4. Get ship verdict (PRO)
 vibecheck ship
 
-# 4. Full proof loop (PRO tier)
+# 5. Full proof loop (PRO)
 vibecheck prove
-
-# 5. Runtime verification
-vibecheck reality --url http://localhost:3000
 ```
 
-## Commands
+## Command Reference
 
-### Setup Commands
+### Tiers
 
-| Command | Tier | Description |
-|---------|------|-------------|
-| `vibecheck init` | FREE | Project setup (`--local` or `--connect`) |
-| `vibecheck doctor` | FREE | Environment diagnostics |
-| `vibecheck watch` | FREE | Continuous mode - re-runs on changes |
+| Tier | Price | Description |
+|------|-------|-------------|
+| **FREE** | $0 | Inspect & Observe |
+| **PRO** | $49/mo | Fix, Prove & Enforce |
 
-### Proof Loop
+---
 
-| Command | Tier | Description |
-|---------|------|-------------|
-| `vibecheck scan` | FREE | Static analysis - routes, secrets, contracts |
-| `vibecheck ship` | FREE | Verdict engine - SHIP / WARN / BLOCK |
-| `vibecheck reality` | FREE* | Browser-based runtime verification |
-| `vibecheck prove` | PRO | Full loop: scan → reality → ship → fix |
-| `vibecheck fix` | FREE* | AI-powered auto-fix (plan-only on FREE) |
-| `vibecheck report` | FREE | Generate HTML/MD/SARIF reports |
+### FREE Tier Commands
+
+| Command | Aliases | Description |
+|---------|---------|-------------|
+| `link` | `init`, `setup`, `configure` | Instant project binding (<10s, zero questions) |
+| `kickoff` | `quickstart`, `qs`, `start`, `onboard` | 60-second dopamine: link → forge → audit → ship |
+| `doctor` | `health`, `diag` | Environment + dependency + config health check |
+| `watch` | `w`, `dev` | Continuous mode - re-runs on changes |
+| `forge` | `context`, `ctx`, `rules`, `ai-rules`, `mdc`, `brain` | AI Brain Generator - minimal but lethal rules |
+| `audit` | `scan`, `s`, `check` | Convincing wrongness detector |
+| `auth` | `login`, `logout`, `whoami` | Authentication management |
+| `safelist` | `allowlist`, `al`, `suppress` | Responsible finding suppression with justification & expiry |
+| `labs` | — | Experimental & beta features |
+| `packs` | `report`, `html`, `artifact`, `evidence-pack` | Unified artifact generation (evidence, reports, graphs) |
+| `ci` | — | One-command enterprise CI wiring (GitHub Actions) |
 
-### Quality & Checkpoints
+---
 
-| Command | Tier | Description |
-|---------|------|-------------|
-| `vibecheck polish` | FREE | Production polish analyzer (0-100 score) |
-| `vibecheck checkpoint` | FREE* | Compare baseline vs current, hallucination scoring |
+### PRO Tier Commands
+
+| Command | Aliases | Description |
+|---------|---------|-------------|
+| `intent` | — | Declare intent for Agent Firewall enforcement |
+| `approve` | — | Review and approve session changes |
+| `shield` | `guard`, `ai-guard`, `firewall`, `validate` | Agent Firewall - intercept, validate, and enforce AI actions |
+| `launch` | `gate`, `ci-gate`, `enforce` | Pre-release validation wizard |
+| `reality` | `browser`, `e2e` | Browser-based runtime verification |
+| `prove` | `p`, `verify` | Full proof loop with runtime verification |
+| `ship` | — | Verdict engine - SHIP / WARN / BLOCK |
+| `seal` | `badge`, `attest` | Generate ship badge and attestation |
+| `fix` | `f`, `repair`, `missions` | Mission-based auto-fix with safety gates |
+| `checkpoint` | `cp`, `snap`, `snapshot`, `timemachine` | Time machine - snapshot & restore |
+| `polish` | `prod`, `final` | Production polish - final cleanup before deploy |
+| `mcp` | — | Start MCP server for AI IDEs |
 
-### Truth System (AI Guardrails)
+---
 
-| Command | Tier | Description |
-|---------|------|-------------|
-| `vibecheck context` | FREE | Generate .cursorrules, .windsurf/rules, MDC |
-| `vibecheck guard` | FREE | Validate AI claims against truth |
+### Shield Subcommands (Agent Firewall)
 
-### Automation
+```bash
+vibecheck shield status           # Show firewall status
+vibecheck shield enforce          # Enable enforcement mode
+vibecheck shield observe          # Enable observe-only mode
+vibecheck shield lock             # Hard lockdown (all rules)
+vibecheck shield unlock           # Release lock
+vibecheck shield verify           # Verify claims/prompts
+vibecheck shield install          # Install IDE hooks
+vibecheck shield stats            # Show statistics
+```
 
-| Command | Tier | Description |
-|---------|------|-------------|
-| `vibecheck mcp` | STARTER | Start MCP server for AI IDEs |
-| `vibecheck ai-test` | PRO | AI autonomous test |
+---
 
-### Account
+### Packs Subcommands (Artifacts)
 
-| Command | Tier | Description |
-|---------|------|-------------|
-| `vibecheck login` | FREE | Authenticate with API key |
-| `vibecheck logout` | FREE | Remove stored credentials |
-| `vibecheck whoami` | FREE | Show current user and plan |
+```bash
+vibecheck packs evidence          # Bundle videos, traces, screenshots
+vibecheck packs report            # Generate HTML/MD/SARIF reports
+vibecheck packs graph             # Proof graph visualization
+```
+
+---
 
-*Commands marked with * have limited functionality on FREE tier
+### Auth Subcommands
 
-## Pricing
+```bash
+vibecheck auth login              # Authenticate with API key
+vibecheck auth logout             # Remove stored credentials
+vibecheck auth whoami             # Show current user and plan
+vibecheck auth --check            # Verify authentication status
+vibecheck auth --refresh          # Refresh credentials
+```
 
-| Tier | Price | Features |
-|------|-------|----------|
-| FREE | $0 | init --local, scan, ship (static), doctor, polish, report (HTML/MD), context, guard, checkpoint (basic) |
-| STARTER | $39/mo | + init --connect, scan --autofix, report (SARIF/CSV), mcp, reality (basic) |
-| PRO | $49/mo | + prove, fix --apply, checkpoint (hallucination), reality (advanced), ai-test |
+---
 
 ## What It Catches
 
-- **Dead Routes** - Client calls API that doesn't exist → BLOCK
-- **Ghost Auth** - Sensitive endpoint without auth → BLOCK  
-- **Exposed Secrets** - API keys in code → BLOCK
-- **Fake Success** - Success UI without API confirmation → BLOCK
-- **Env Gaps** - Used env vars not in .env.example → WARN
-- **Stripe Violations** - Unverified webhooks → BLOCK
-- **Owner Mode Bypass** - Debug flags in production → BLOCK
+| Issue | Severity | Description |
+|-------|----------|-------------|
+| Dead Routes | BLOCK | Client calls API that doesn't exist |
+| Ghost Auth | BLOCK | Sensitive endpoint without auth |
+| Exposed Secrets | BLOCK | API keys in code |
+| Fake Success | BLOCK | Success UI without API confirmation |
+| Env Gaps | WARN | Used env vars not in .env.example |
+| Stripe Violations | BLOCK | Unverified webhooks |
+| Owner Mode Bypass | BLOCK | Debug flags in production |
+| Mock Data | BLOCK | Fake/fixture data in production |
+
+---
 
 ## Ship Verdict
 
@@ -109,7 +139,16 @@ vibecheck reality --url http://localhost:3000
 ╚═════════════════════════════════════════════════════════════════╝
 ```
 
-Exit codes: `0` = SHIP, `1` = WARN, `2` = BLOCK, `3` = Feature not allowed, `4` = Unknown command
+### Exit Codes
+
+| Code | Status | Meaning |
+|------|--------|---------|
+| `0` | ✅ SHIP | All checks passed |
+| `2` | 🚫 BLOCK | Violations found (CI failure) |
+| `3` | ⚠️ UPGRADE | Feature requires higher tier |
+| `4` | ❌ ERROR | Misconfiguration / env error |
+
+---
 
 ## MCP Server
 
@@ -126,6 +165,20 @@ Connect vibecheck to AI coding agents (Cursor, Windsurf, Claude):
 }
 ```
 
+### Available MCP Tools
+
+| Tool | Description |
+|------|-------------|
+| `vibecheck_audit` | Run static analysis |
+| `vibecheck_ship` | Get ship verdict |
+| `vibecheck_fix` | Apply AI-powered fixes |
+| `vibecheck_prove` | Full proof loop |
+| `vibecheck_shield` | Agent Firewall controls |
+| `vibecheck_forge` | Generate IDE rules |
+| `vibecheck_reality` | Runtime verification |
+
+---
+
 ## Configuration
 
 Create `.vibecheck/config.json`:
@@ -138,6 +191,25 @@ Create `.vibecheck/config.json`:
 }
 ```
 
+Or `vibecheck.config.json` in project root:
+
+```json
+{
+  "version": "4.0.0",
+  "checks": ["integrity", "security", "hygiene"],
+  "output": ".vibecheck",
+  "policy": {
+    "failOn": ["critical", "high"],
+    "allowlist": {
+      "domains": ["api.stripe.com"],
+      "paths": ["src/testing/*"]
+    }
+  }
+}
+```
+
+---
+
 ## License
 
 MIT © Vibecheck AI