npm - @vigolium/piolium - Versions diffs - 0.0.1 - Mend

@vigolium/piolium 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (271) hide show

package/LICENSE +21 -0
package/README.md +117 -0
package/agents/access-auditor.md +300 -0
package/agents/assumption-breaker.md +154 -0
package/agents/attack-designer.md +116 -0
package/agents/code-scanner.md +139 -0
package/agents/concurrency-auditor.md +238 -0
package/agents/confirm-writer.md +257 -0
package/agents/context-reviewer.md +274 -0
package/agents/cross-verifier.md +165 -0
package/agents/cve-scout.md +381 -0
package/agents/env-builder.md +282 -0
package/agents/env-profiler.md +205 -0
package/agents/evidence-collector.md +140 -0
package/agents/finding-grader.md +142 -0
package/agents/finding-writer.md +148 -0
package/agents/flow-tracer.md +106 -0
package/agents/goal-backtracer.md +146 -0
package/agents/history-miner.md +467 -0
package/agents/independent-verifier.md +118 -0
package/agents/intent-mapper.md +183 -0
package/agents/longshot-collector.md +128 -0
package/agents/longshot-prober.md +126 -0
package/agents/patch-auditor.md +73 -0
package/agents/poc-author.md +124 -0
package/agents/poc-runner.md +194 -0
package/agents/probe-lead.md +269 -0
package/agents/red-challenger.md +101 -0
package/agents/report-composer.md +208 -0
package/agents/review-adjudicator.md +216 -0
package/agents/spec-auditor.md +155 -0
package/agents/taint-tracer.md +265 -0
package/agents/test-locator.md +209 -0
package/agents/threat-modeler.md +132 -0
package/agents/variant-scanner.md +108 -0
package/agents/variant-spotter.md +110 -0
package/bin/piolium.mjs +376 -0
package/extensions/piolium/_vendor/yaml.bundle.d.mts +6 -0
package/extensions/piolium/_vendor/yaml.bundle.mjs +139 -0
package/extensions/piolium/agent-runner.ts +322 -0
package/extensions/piolium/agents.ts +266 -0
package/extensions/piolium/audit-state.ts +522 -0
package/extensions/piolium/bundled-resources.ts +97 -0
package/extensions/piolium/candidate-scan.ts +966 -0
package/extensions/piolium/command-target.ts +177 -0
package/extensions/piolium/console-stream.ts +57 -0
package/extensions/piolium/export-results.ts +380 -0
package/extensions/piolium/findings.ts +448 -0
package/extensions/piolium/heartbeat.ts +182 -0
package/extensions/piolium/help.ts +234 -0
package/extensions/piolium/index.ts +1865 -0
package/extensions/piolium/longshot.ts +530 -0
package/extensions/piolium/matcher-suggestions.ts +196 -0
package/extensions/piolium/matcher-utils.ts +83 -0
package/extensions/piolium/modes/balanced.ts +750 -0
package/extensions/piolium/modes/confirm-bootstrap.ts +186 -0
package/extensions/piolium/modes/confirm.ts +697 -0
package/extensions/piolium/modes/deep.ts +917 -0
package/extensions/piolium/modes/diff.ts +177 -0
package/extensions/piolium/modes/lite.ts +540 -0
package/extensions/piolium/modes/longshot.ts +595 -0
package/extensions/piolium/modes/merge.ts +204 -0
package/extensions/piolium/modes/phase-runner.ts +267 -0
package/extensions/piolium/modes/reinvest.ts +546 -0
package/extensions/piolium/modes/revisit.ts +279 -0
package/extensions/piolium/modes.ts +48 -0
package/extensions/piolium/phase-labels.ts +123 -0
package/extensions/piolium/phase-status-strip.ts +92 -0
package/extensions/piolium/prompt-prefix-editor.ts +39 -0
package/extensions/piolium/providers/anthropic-vertex.ts +836 -0
package/extensions/piolium/recon.ts +409 -0
package/extensions/piolium/result-stats.ts +105 -0
package/extensions/piolium/retry.ts +120 -0
package/extensions/piolium/scheduler.ts +212 -0
package/extensions/piolium/secrets.ts +368 -0
package/extensions/piolium/tools/web-tools.ts +148 -0
package/package.json +77 -0
package/skills/agentic-actions-auditor/SKILL.md +327 -0
package/skills/agentic-actions-auditor/references/action-profiles.md +186 -0
package/skills/agentic-actions-auditor/references/cross-file-resolution.md +209 -0
package/skills/agentic-actions-auditor/references/foundations.md +94 -0
package/skills/agentic-actions-auditor/references/vector-a-env-var-intermediary.md +77 -0
package/skills/agentic-actions-auditor/references/vector-b-direct-expression-injection.md +83 -0
package/skills/agentic-actions-auditor/references/vector-c-cli-data-fetch.md +83 -0
package/skills/agentic-actions-auditor/references/vector-d-pr-target-checkout.md +88 -0
package/skills/agentic-actions-auditor/references/vector-e-error-log-injection.md +88 -0
package/skills/agentic-actions-auditor/references/vector-f-subshell-expansion.md +82 -0
package/skills/agentic-actions-auditor/references/vector-g-eval-of-ai-output.md +91 -0
package/skills/agentic-actions-auditor/references/vector-h-dangerous-sandbox-configs.md +102 -0
package/skills/agentic-actions-auditor/references/vector-i-wildcard-allowlists.md +88 -0
package/skills/audit/SKILL.md +562 -0
package/skills/audit/assets/icon.svg +7 -0
package/skills/audit/hooks/scripts/validate_phase_output.py +550 -0
package/skills/audit/references/adversarial-review.md +148 -0
package/skills/audit/references/architecture-aware-sast.md +306 -0
package/skills/audit/references/audit-workflow.md +737 -0
package/skills/audit/references/chamber-protocol.md +384 -0
package/skills/audit/references/creative-attack-modes.md +221 -0
package/skills/audit/references/deep-analysis.md +273 -0
package/skills/audit/references/domain-attack-playbooks.md +1129 -0
package/skills/audit/references/knowledge-base-template.md +513 -0
package/skills/audit/references/real-env-validation.md +191 -0
package/skills/audit/references/report-templates.md +417 -0
package/skills/audit/references/triage-and-prereqs.md +134 -0
package/skills/audit/scripts/consolidate_drafts.py +554 -0
package/skills/audit/scripts/partition_findings.py +152 -0
package/skills/audit/scripts/rg-hotspots.sh +121 -0
package/skills/audit/scripts/stamp_file_state.py +349 -0
package/skills/code-reviewer/SKILL.md +65 -0
package/skills/codeql/SKILL.md +281 -0
package/skills/codeql/references/build-fixes.md +90 -0
package/skills/codeql/references/diagnostic-query-templates.md +339 -0
package/skills/codeql/references/extension-yaml-format.md +209 -0
package/skills/codeql/references/important-only-suite.md +153 -0
package/skills/codeql/references/language-details.md +207 -0
package/skills/codeql/references/macos-arm64e-workaround.md +179 -0
package/skills/codeql/references/performance-tuning.md +111 -0
package/skills/codeql/references/quality-assessment.md +172 -0
package/skills/codeql/references/ruleset-catalog.md +63 -0
package/skills/codeql/references/run-all-suite.md +92 -0
package/skills/codeql/references/sarif-processing.md +79 -0
package/skills/codeql/references/threat-models.md +51 -0
package/skills/codeql/workflows/build-database.md +280 -0
package/skills/codeql/workflows/create-data-extensions.md +261 -0
package/skills/codeql/workflows/run-analysis.md +301 -0
package/skills/differential-review/SKILL.md +220 -0
package/skills/differential-review/adversarial.md +203 -0
package/skills/differential-review/methodology.md +234 -0
package/skills/differential-review/patterns.md +300 -0
package/skills/differential-review/reporting.md +369 -0
package/skills/fp-check/SKILL.md +125 -0
package/skills/fp-check/references/bug-class-verification.md +114 -0
package/skills/fp-check/references/deep-verification.md +143 -0
package/skills/fp-check/references/evidence-templates.md +91 -0
package/skills/fp-check/references/false-positive-patterns.md +115 -0
package/skills/fp-check/references/gate-reviews.md +27 -0
package/skills/fp-check/references/standard-verification.md +78 -0
package/skills/insecure-defaults/SKILL.md +117 -0
package/skills/insecure-defaults/references/examples.md +409 -0
package/skills/last30days/SKILL.md +444 -0
package/skills/sarif-parsing/SKILL.md +483 -0
package/skills/sarif-parsing/resources/jq-queries.md +162 -0
package/skills/sarif-parsing/resources/sarif_helpers.py +331 -0
package/skills/security-threat-model/LICENSE.txt +201 -0
package/skills/security-threat-model/SKILL.md +81 -0
package/skills/security-threat-model/agents/openai.yaml +4 -0
package/skills/security-threat-model/references/prompt-template.md +255 -0
package/skills/security-threat-model/references/security-controls-and-assets.md +32 -0
package/skills/semgrep/SKILL.md +212 -0
package/skills/semgrep/references/rulesets.md +162 -0
package/skills/semgrep/references/scan-modes.md +110 -0
package/skills/semgrep/references/scanner-task-prompt.md +140 -0
package/skills/semgrep/scripts/merge_sarif.py +203 -0
package/skills/semgrep/workflows/scan-workflow.md +311 -0
package/skills/semgrep-rule-creator/SKILL.md +168 -0
package/skills/semgrep-rule-creator/references/quick-reference.md +202 -0
package/skills/semgrep-rule-creator/references/workflow.md +240 -0
package/skills/semgrep-rule-variant-creator/SKILL.md +205 -0
package/skills/semgrep-rule-variant-creator/references/applicability-analysis.md +250 -0
package/skills/semgrep-rule-variant-creator/references/language-syntax-guide.md +324 -0
package/skills/semgrep-rule-variant-creator/references/workflow.md +518 -0
package/skills/sharp-edges/SKILL.md +292 -0
package/skills/sharp-edges/references/auth-patterns.md +252 -0
package/skills/sharp-edges/references/case-studies.md +274 -0
package/skills/sharp-edges/references/config-patterns.md +333 -0
package/skills/sharp-edges/references/crypto-apis.md +190 -0
package/skills/sharp-edges/references/lang-c.md +205 -0
package/skills/sharp-edges/references/lang-csharp.md +285 -0
package/skills/sharp-edges/references/lang-go.md +270 -0
package/skills/sharp-edges/references/lang-java.md +263 -0
package/skills/sharp-edges/references/lang-javascript.md +269 -0
package/skills/sharp-edges/references/lang-kotlin.md +265 -0
package/skills/sharp-edges/references/lang-php.md +245 -0
package/skills/sharp-edges/references/lang-python.md +274 -0
package/skills/sharp-edges/references/lang-ruby.md +273 -0
package/skills/sharp-edges/references/lang-rust.md +272 -0
package/skills/sharp-edges/references/lang-swift.md +287 -0
package/skills/sharp-edges/references/language-specific.md +588 -0
package/skills/spec-to-code-compliance/SKILL.md +357 -0
package/skills/spec-to-code-compliance/resources/COMPLETENESS_CHECKLIST.md +69 -0
package/skills/spec-to-code-compliance/resources/IR_EXAMPLES.md +417 -0
package/skills/spec-to-code-compliance/resources/OUTPUT_REQUIREMENTS.md +105 -0
package/skills/supply-chain-risk-auditor/SKILL.md +67 -0
package/skills/supply-chain-risk-auditor/resources/results-template.md +41 -0
package/skills/variant-analysis/METHODOLOGY.md +327 -0
package/skills/variant-analysis/SKILL.md +142 -0
package/skills/variant-analysis/resources/codeql/cpp.ql +119 -0
package/skills/variant-analysis/resources/codeql/go.ql +69 -0
package/skills/variant-analysis/resources/codeql/java.ql +71 -0
package/skills/variant-analysis/resources/codeql/javascript.ql +63 -0
package/skills/variant-analysis/resources/codeql/python.ql +80 -0
package/skills/variant-analysis/resources/semgrep/cpp.yaml +98 -0
package/skills/variant-analysis/resources/semgrep/go.yaml +63 -0
package/skills/variant-analysis/resources/semgrep/java.yaml +61 -0
package/skills/variant-analysis/resources/semgrep/javascript.yaml +60 -0
package/skills/variant-analysis/resources/semgrep/python.yaml +72 -0
package/skills/variant-analysis/resources/variant-report-template.md +75 -0
package/skills/vuln-report/SKILL.md +137 -0
package/skills/vuln-report/agents/openai.yaml +4 -0
package/skills/vuln-report/references/report-template.md +135 -0
package/skills/wooyun-legacy/SKILL.md +367 -0
package/skills/wooyun-legacy/references/bank-penetration.md +222 -0
package/skills/wooyun-legacy/references/checklists/command-execution-checklist.md +119 -0
package/skills/wooyun-legacy/references/checklists/csrf-checklist.md +74 -0
package/skills/wooyun-legacy/references/checklists/file-upload-checklist.md +108 -0
package/skills/wooyun-legacy/references/checklists/info-disclosure-checklist.md +114 -0
package/skills/wooyun-legacy/references/checklists/logic-flaws-checklist.md +95 -0
package/skills/wooyun-legacy/references/checklists/misconfig-checklist.md +124 -0
package/skills/wooyun-legacy/references/checklists/path-traversal-checklist.md +87 -0
package/skills/wooyun-legacy/references/checklists/rce-checklist.md +93 -0
package/skills/wooyun-legacy/references/checklists/sql-injection-checklist.md +97 -0
package/skills/wooyun-legacy/references/checklists/ssrf-checklist.md +99 -0
package/skills/wooyun-legacy/references/checklists/unauthorized-access-checklist.md +89 -0
package/skills/wooyun-legacy/references/checklists/weak-password-checklist.md +115 -0
package/skills/wooyun-legacy/references/checklists/xss-checklist.md +103 -0
package/skills/wooyun-legacy/references/checklists/xxe-checklist.md +130 -0
package/skills/wooyun-legacy/references/info-disclosure.md +975 -0
package/skills/wooyun-legacy/references/logic-flaws.md +721 -0
package/skills/wooyun-legacy/references/path-traversal.md +1191 -0
package/skills/wooyun-legacy/references/telecom-penetration.md +156 -0
package/skills/wooyun-legacy/references/unauthorized-access.md +980 -0
package/skills/wooyun-legacy/references/xss.md +746 -0
package/skills/zeroize-audit/SKILL.md +371 -0
package/skills/zeroize-audit/configs/c.yaml +21 -0
package/skills/zeroize-audit/configs/default.yaml +128 -0
package/skills/zeroize-audit/configs/rust.yaml +83 -0
package/skills/zeroize-audit/prompts/report_template.md +238 -0
package/skills/zeroize-audit/prompts/system.md +163 -0
package/skills/zeroize-audit/prompts/task.md +97 -0
package/skills/zeroize-audit/references/compile-commands.md +231 -0
package/skills/zeroize-audit/references/detection-strategy.md +191 -0
package/skills/zeroize-audit/references/ir-analysis.md +252 -0
package/skills/zeroize-audit/references/mcp-analysis.md +221 -0
package/skills/zeroize-audit/references/poc-generation.md +470 -0
package/skills/zeroize-audit/references/rust-zeroization-patterns.md +867 -0
package/skills/zeroize-audit/schemas/input.json +83 -0
package/skills/zeroize-audit/schemas/output.json +140 -0
package/skills/zeroize-audit/tools/analyze_asm.sh +202 -0
package/skills/zeroize-audit/tools/analyze_cfg.py +381 -0
package/skills/zeroize-audit/tools/analyze_heap.sh +211 -0
package/skills/zeroize-audit/tools/analyze_ir_semantic.py +429 -0
package/skills/zeroize-audit/tools/diff_ir.sh +135 -0
package/skills/zeroize-audit/tools/diff_rust_mir.sh +189 -0
package/skills/zeroize-audit/tools/emit_asm.sh +67 -0
package/skills/zeroize-audit/tools/emit_ir.sh +77 -0
package/skills/zeroize-audit/tools/emit_rust_asm.sh +178 -0
package/skills/zeroize-audit/tools/emit_rust_ir.sh +150 -0
package/skills/zeroize-audit/tools/emit_rust_mir.sh +158 -0
package/skills/zeroize-audit/tools/extract_compile_flags.py +284 -0
package/skills/zeroize-audit/tools/generate_poc.py +1329 -0
package/skills/zeroize-audit/tools/mcp/apply_confidence_gates.py +113 -0
package/skills/zeroize-audit/tools/mcp/check_mcp.sh +68 -0
package/skills/zeroize-audit/tools/mcp/normalize_mcp_evidence.py +125 -0
package/skills/zeroize-audit/tools/scripts/check_llvm_patterns.py +481 -0
package/skills/zeroize-audit/tools/scripts/check_mir_patterns.py +554 -0
package/skills/zeroize-audit/tools/scripts/check_rust_asm.py +424 -0
package/skills/zeroize-audit/tools/scripts/check_rust_asm_aarch64.py +300 -0
package/skills/zeroize-audit/tools/scripts/check_rust_asm_x86.py +283 -0
package/skills/zeroize-audit/tools/scripts/find_dangerous_apis.py +375 -0
package/skills/zeroize-audit/tools/scripts/semantic_audit.py +923 -0
package/skills/zeroize-audit/tools/track_dataflow.sh +196 -0
package/skills/zeroize-audit/tools/validate_rust_toolchain.sh +298 -0
package/skills/zeroize-audit/workflows/phase-0-preflight.md +150 -0
package/skills/zeroize-audit/workflows/phase-1-source-analysis.md +144 -0
package/skills/zeroize-audit/workflows/phase-2-compiler-analysis.md +139 -0
package/skills/zeroize-audit/workflows/phase-3-interim-report.md +46 -0
package/skills/zeroize-audit/workflows/phase-4-poc-generation.md +46 -0
package/skills/zeroize-audit/workflows/phase-5-poc-validation.md +136 -0
package/skills/zeroize-audit/workflows/phase-6-final-report.md +44 -0
package/skills/zeroize-audit/workflows/phase-7-test-generation.md +42 -0
package/themes/piolium-srcery.json +94 -0

package/extensions/piolium/help.ts ADDED Viewed

@@ -0,0 +1,234 @@
+interface CommandHelp {
+	command: string;
+	usage: string;
+	does: string;
+	example: string;
+}
+interface FlagHelp {
+	flag: string;
+	does: string;
+	example: string;
+}
+export const PIOLIUM_STARTUP_HINT =
+	"Piolium loaded. Run /piolium-help for usage and flags, or start auditing this repo with /piolium-balanced.";
+const COMMANDS: CommandHelp[] = [
+	{
+		command: "/piolium-status",
+		usage: "/piolium-status [path]",
+		does: "Shows current audit progress from piolium/audit-state.json.",
+		example: 'pi -p "/piolium-status"',
+	},
+	{
+		command: "/piolium-resume",
+		usage: "/piolium-resume [path]",
+		does: "Resumes the most recent in-progress or failed audit in this directory.",
+		example: 'pi -p "/piolium-resume"',
+	},
+	{
+		command: "/piolium-export",
+		usage:
+			"/piolium-export [path] [--format=json|md-dir] [--min-severity=high] [--confirmed-only] [--exclude-fp]",
+		does: "Exports finalized findings with filters and CODEOWNERS-derived owner labels.",
+		example: 'pi -p "/piolium-export --min-severity=high --exclude-fp"',
+	},
+	{
+		command: "/piolium-learn",
+		usage: "/piolium-learn [path] [--apply]",
+		does: "Suggests project-local candidate matchers from finalized findings.",
+		example: 'pi -p "/piolium-learn --apply"',
+	},
+	{
+		command: "/piolium-smoke",
+		usage: "/piolium-smoke [path] [prompt]",
+		does: "Runs a tiny agent to verify provider/auth/runner wiring before a real audit.",
+		example: 'pi -p "/piolium-smoke check runner"',
+	},
+	{
+		command: "/piolium-lite",
+		usage: "/piolium-lite [path] [--fresh]",
+		does: "Runs quick source recon, secret scanning, and fast SAST (draft findings).",
+		example: 'pi -p "/piolium-lite --fresh"',
+	},
+	{
+		command: "/piolium-balanced",
+		usage: "/piolium-balanced [path] [--fresh]",
+		does:
+			"Runs the default audit pipeline with threat modeling, SAST, probes, PoCs, reports, and cleanup.",
+		example: 'pi --plm-dir /path/to/repo -p "/piolium-balanced --fresh"',
+	},
+	{
+		command: "/piolium-deep",
+		usage: "/piolium-deep [path] [--fresh] [D1..D14]",
+		does: "Runs the full deep pipeline, or reruns selected deep phases when phase ids are supplied.",
+		example: 'pi --plm-scan-limit 250 -p "/piolium-deep --fresh"',
+	},
+	{
+		command: "/piolium-confirm",
+		usage: "/piolium-confirm [path] [--fresh] [https://target]",
+		does: "Confirms existing findings against a live app or generated tests.",
+		example: 'pi -p "/piolium-confirm https://staging.example.test"',
+	},
+	{
+		command: "/piolium-diff",
+		usage: "/piolium-diff [path] [--since=<sha>]",
+		does: "Audits files changed since a prior commit or the last completed audit.",
+		example: 'pi --plm-since abc123 -p "/piolium-diff"',
+	},
+	{
+		command: "/piolium-revisit",
+		usage: "/piolium-revisit [path] [--fresh]",
+		does: "Runs an anti-anchored second pass over an existing completed audit.",
+		example: 'pi -p "/piolium-revisit --fresh"',
+	},
+	{
+		command: "/piolium-merge",
+		usage: "/piolium-merge [path] --dir=<tree> --dir=<tree>",
+		does: "Merges and deduplicates multiple piolium result trees into one canonical output.",
+		example: 'pi -p "/piolium-merge --dir=run-a/piolium --dir=run-b/piolium"',
+	},
+	{
+		command: "/piolium-longshot",
+		usage: "/piolium-longshot [path] [--fresh] [--limit=N] [--timeout=ms] [--langs=a,b]",
+		does: "Runs a broad file-by-file vulnerability hunt for high-recall bug discovery.",
+		example: 'pi --plm-longshot-limit 200 --plm-longshot-langs python,go -p "/piolium-longshot"',
+	},
+	{
+		command: "/piolium-reinvest",
+		usage: "/piolium-reinvest [path] [--fresh] [--scope=C1,H1,H3]",
+		does:
+			"Cross-agent re-verification of CRIT/HIGH findings; writes piolium/reinvest-report.md without mutating any existing audit artefact.",
+		example: 'pi -p "/piolium-reinvest --scope=C1,H1"',
+	},
+];
+const CLI_FLAGS: FlagHelp[] = [
+	{
+		flag: "--plm-dir <path>",
+		does: "Sets the default target directory for /piolium-* commands.",
+		example: 'pi --plm-dir /path/to/repo -p "/piolium-balanced"',
+	},
+	{
+		flag: "--plm-since <sha>",
+		does: "Sets the default base commit for /piolium-diff.",
+		example: 'pi --plm-since abc123 -p "/piolium-diff"',
+	},
+	{
+		flag: "--plm-scan-limit <N>",
+		does: "Caps history-aware phases to N commits. Default: 500.",
+		example: 'pi --plm-scan-limit 250 -p "/piolium-deep"',
+	},
+	{
+		flag: '--plm-scan-since "<git since expression>"',
+		does: 'Caps history-aware phases to a git --since window. Default: "60 days ago".',
+		example: 'pi --plm-scan-since "90 days ago" -p "/piolium-deep"',
+	},
+	{
+		flag: "--plm-file-records <1|true>",
+		does: "Writes piolium/file-records per-file candidate records. Default: off.",
+		example: 'pi --plm-file-records true -p "/piolium-deep"',
+	},
+	{
+		flag: "--plm-phase-retries <N>",
+		does: "Sets retries after the first attempt for phase agents. Default: 5.",
+		example: 'pi --plm-phase-retries 5 -p "/piolium-balanced"',
+	},
+	{
+		flag: "--plm-phase-backoff <ms>",
+		does: "Sets phase retry base backoff in milliseconds. Default: 5000.",
+		example: 'pi --plm-phase-backoff 10000 -p "/piolium-balanced"',
+	},
+	{
+		flag: "--plm-phase-backoff-max <ms>",
+		does: "Sets phase retry max backoff in milliseconds. Default: 120000.",
+		example: 'pi --plm-phase-backoff-max 180000 -p "/piolium-balanced"',
+	},
+	{
+		flag: "--plm-lite-retries <N>",
+		does: "Overrides retries for deterministic lite L1/L2 phases. Default: phase retries.",
+		example: 'pi --plm-lite-retries 1 -p "/piolium-lite"',
+	},
+	{
+		flag: "--plm-lite-backoff <ms>",
+		does: "Overrides retry base backoff for deterministic lite L1/L2 phases.",
+		example: 'pi --plm-lite-backoff 10000 -p "/piolium-lite"',
+	},
+	{
+		flag: "--plm-lite-backoff-max <ms>",
+		does: "Overrides retry max backoff for deterministic lite L1/L2 phases.",
+		example: 'pi --plm-lite-backoff-max 180000 -p "/piolium-lite"',
+	},
+	{
+		flag: "--plm-command-retries <N>",
+		does: "Sets retries after the first attempt for top-level /piolium-* commands. Default: 3.",
+		example: 'pi --plm-command-retries 3 -p "/piolium-balanced"',
+	},
+	{
+		flag: "--plm-command-backoff <ms>",
+		does: "Sets command retry base backoff in milliseconds. Default: 5000.",
+		example: 'pi --plm-command-backoff 10000 -p "/piolium-balanced"',
+	},
+	{
+		flag: "--plm-command-backoff-max <ms>",
+		does: "Sets command retry max backoff in milliseconds. Default: 120000.",
+		example: 'pi --plm-command-backoff-max 180000 -p "/piolium-balanced"',
+	},
+	{
+		flag: "--plm-longshot-limit <N>",
+		does: "Caps the number of source files hunted by /piolium-longshot. Default: 1000.",
+		example: 'pi --plm-longshot-limit 200 -p "/piolium-longshot"',
+	},
+	{
+		flag: "--plm-longshot-timeout <ms>",
+		does: "Sets /piolium-longshot per-file timeout. Default: 21600000.",
+		example: 'pi --plm-longshot-timeout 900000 -p "/piolium-longshot"',
+	},
+	{
+		flag: "--plm-longshot-langs <csv>",
+		does: "Restricts /piolium-longshot to a comma-separated language allowlist.",
+		example: 'pi --plm-longshot-langs python,go -p "/piolium-longshot"',
+	},
+	{
+		flag: "--plm-longshot-include-tests <true|false>",
+		does: "Includes test files in /piolium-longshot enumeration when set to true.",
+		example: 'pi --plm-longshot-include-tests true -p "/piolium-longshot"',
+	},
+];
+export function buildPioliumHelpLines(): string[] {
+	const lines: string[] = [
+		"Piolium help",
+		"",
+		"Start here:",
+		"  /piolium-balanced [path] [--fresh]",
+		"    Default audit path for most repositories.",
+		"  /piolium-help",
+		"    Shows this helper.",
+		"",
+		"Slash commands:",
+	];
+	for (const command of COMMANDS) {
+		lines.push(
+			`  ${command.command}`,
+			`    Usage:   ${command.usage}`,
+			`    Does:    ${command.does}`,
+			`    Example: ${command.example}`,
+		);
+	}
+	lines.push("", "CLI session flags:");
+	for (const flag of CLI_FLAGS) {
+		lines.push(`  ${flag.flag}`, `    Does:    ${flag.does}`, `    Example: ${flag.example}`);
+	}
+	lines.push(
+		"",
+		"Command-local arguments win over session flags.",
+		'Example: pi --plm-dir /repo-a -p "/piolium-balanced /repo-b --fresh" audits /repo-b.',
+	);
+	return lines;
+}