argus-ci 1.0.0

package/.cursorrules

@@ -0,0 +1,29 @@
+# Semgrep Quality Gate
+
+## MANDATORY: After every file write or edit
+
+Call the scan_files MCP tool on every file you just created or modified.
+Do this BEFORE reporting the task as complete.
+
+scan_files({
+  files: ["<files you modified>"],
+  cwd: "<repo root>"
+})
+
+## On findings
+
+- ERROR severity: Fix immediately. Do not mark task done until errors are resolved.
+- WARNING severity: Show to user, explain the risk, let them decide.
+- INFO severity: Mention at the end as a note.
+- Clean scan: Tell the user explicitly that the code passed Semgrep checks.
+
+## On user requests to review
+
+- "review PR <url>" → scan_pr({ pr_url: "<url>" })
+- "check branch X" → scan_branch({ branch: "X", base: "main" })
+- "check my changes" / "before I commit" → scan_staged({})
+
+## Non-negotiable
+
+Never commit or suggest committing code with unresolved ERROR-severity findings.
+Never skip the post-generation scan.

package/CLAUDE.md

@@ -0,0 +1,39 @@
+# Semgrep Agent — AI Instructions
+
+## After every code generation or modification
+
+After you finish writing or modifying any source files, you MUST call the `scan_files` MCP tool immediately before reporting completion to the user.
+
+```
+scan_files(files=["<list of files you just created or modified"], cwd="<repo root>")
+```
+
+**This is mandatory — do not skip it.** The scan takes 2–5 seconds and catches security vulnerabilities before they reach a commit.
+
+### What to do with the results
+
+- **Error severity** → You MUST fix these before saying the task is done. Explain what you found and show the fix.
+- **Warning severity** → Surface these to the user with a brief explanation. They should decide whether to fix now.
+- **Info severity** → Mention briefly at the end. Non-blocking.
+- **No issues** → Tell the user the code is clean and which rulesets passed.
+
+### Example workflow
+
+1. User asks you to add authentication to a route
+2. You write the code
+3. You call `scan_files(files=["src/auth/login.ts"], cwd="/repo")`
+4. Semgrep finds a timing attack vulnerability in token comparison
+5. You fix it, re-scan to confirm clean, then report done
+
+## Scanning PRs and branches
+
+When the user asks to review a PR or branch, use:
+
+- `scan_pr(pr_url="https://github.com/org/repo/pull/N")` — for PR URLs
+- `scan_branch(branch="feature/xyz", base="main")` — for branch names
+- `scan_staged(cwd="/repo")` — for "check my changes before I commit"
+
+## Never bypass
+
+Do not tell the user to ignore scan results or suggest committing without fixing errors.
+If a finding is a false positive, explain why — don't silently skip it.

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Venkat Swara Moyya
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,242 @@
+# argus-ci
+
+**AI-powered code security agent** — catches vulnerabilities as your AI agent writes code, blocks bad commits, and reviews PRs on demand.
+
+Powered by [Semgrep](https://semgrep.dev) under the hood. Works with Cursor, Claude Code, or any MCP-compatible editor.
+
+---
+
+## What it does
+
+- **In-IDE scan** — auto-triggers after every AI code generation via MCP, surfaces issues before you even see the code
+- **Pre-commit gate** — mandatory Semgrep scan on staged files before every commit; errors block the commit
+- **PR / branch review** — conversational agent: type `"review PR #142"` and get a full security report
+- **Zero config** — auto-detects your stack (React, Vue, Node, Python, Go…) and picks the right rulesets
+
+Catches: injection, XSS, hardcoded secrets, insecure crypto, path traversal, prototype pollution, OWASP Top 10, and more.
+
+---
+
+## Requirements
+
+- Node.js ≥ 18
+- [Semgrep](https://semgrep.dev/docs/getting-started/) (`pip install semgrep` or `brew install semgrep`)
+- `ANTHROPIC_API_KEY` — only needed for the conversational agent interface
+
+---
+
+## Install
+
+```bash
+npm install -g argus-ci
+# or use without installing:
+npx argus-ci
+```
+
+---
+
+## 1. Add to your AI editor (MCP)
+
+This is the main use case. Once added, your AI agent will automatically scan every file it writes.
+
+**Cursor** — Settings → MCP → add:
+```json
+{
+  "argus-ci": {
+    "command": "npx",
+    "args": ["argus-ci"]
+  }
+}
+```
+
+**Claude Code** — add to `~/.claude/settings.json`:
+```json
+{
+  "mcpServers": {
+    "argus-ci": {
+      "command": "npx",
+      "args": ["argus-ci"]
+    }
+  }
+}
+```
+
+Then copy `CLAUDE.md` (or `.cursorrules`) from this package into your repo root. The AI agent will automatically call `scan_files` after every code generation.
+
+```bash
+# Copy the trigger instructions into your repo
+cp node_modules/argus-ci/CLAUDE.md ./CLAUDE.md
+cp node_modules/argus-ci/.cursorrules ./.cursorrules
+```
+
+### MCP tools available
+
+| Tool | Description |
+|------|-------------|
+| `scan_files` | Scan specific files — called automatically after code generation |
+| `scan_staged` | Scan all git-staged files |
+| `scan_branch` | Scan changed files on a branch vs base |
+| `scan_pr` | Scan a GitHub PR by URL, optionally post results as a comment |
+
+---
+
+## 2. Pre-commit hook (mandatory gate)
+
+Installs a git hook that runs on every `git commit`. Errors block the commit. Warnings pass through.
+
+```bash
+cd your-repo
+npx argus-ci setup
+```
+
+Output:
+```
+✅ argus-ci pre-commit hook installed.
+   Using semgrep 1.x.x
+
+The hook will:
+  • Run on every git commit automatically
+  • Scan only the files you're committing (fast)
+  • Block the commit if any ERROR-severity issues are found
+  • Allow commits with only warnings
+
+To remove:  argus-ci setup --remove
+To bypass:  git commit --no-verify  (emergency only)
+```
+
+---
+
+## 3. Conversational agent
+
+Review a PR or branch in plain English:
+
+```bash
+# Interactive REPL
+argus-ci chat
+
+# One-shot
+argus-ci chat "review PR https://github.com/org/repo/pull/142"
+argus-ci pr https://github.com/org/repo/pull/142
+argus-ci scan --branch feature/auth
+```
+
+Requires `ANTHROPIC_API_KEY`:
+```bash
+export ANTHROPIC_API_KEY=sk-ant-...
+argus-ci chat
+```
+
+Example session:
+```
+You: review PR https://github.com/org/repo/pull/87
+
+⚙️  Running scan_pr...
+
+## Semgrep scan — PR #87: Add user authentication
+
+| Severity | Count |
+|----------|-------|
+| 🔴 Error   | 2     |
+| 🟡 Warning | 1     |
+
+### `src/auth/login.ts`
+
+**🔴 ERROR** — Line 34
+> Timing attack: comparing secrets with === allows attackers to measure
+> response time and guess tokens byte by byte.
+`if (token === storedToken) {`
+_Rule: `javascript.lang.security.audit.timing-attack`_
+_CWE: CWE-208_
+
+**Fix:** Use `crypto.timingSafeEqual(Buffer.from(token), Buffer.from(storedToken))`
+```
+
+---
+
+## 4. CLI scan
+
+```bash
+# Scan staged files (same as what the pre-commit hook runs)
+argus-ci scan
+
+# Scan specific files
+argus-ci scan src/auth/login.ts src/api/users.ts
+
+# Scan a branch vs main
+argus-ci scan --branch feature/payments
+
+# Version
+argus-ci --version
+```
+
+---
+
+## 5. GitHub Actions (CI gate)
+
+Add to `.github/workflows/argus-ci.yml`:
+
+```yaml
+name: Code Patrol
+
+on:
+  pull_request:
+    branches: [main, develop]
+
+jobs:
+  scan:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+
+      - name: Install Semgrep
+        run: pip install semgrep
+
+      - name: Run argus-ci
+        run: npx argus-ci scan --branch ${{ github.head_ref }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+```
+
+---
+
+## Rulesets
+
+Auto-detected from your project. Override in any scan:
+
+```bash
+argus-ci scan --config '{"rulesets":["p/secrets","p/owasp-top-ten","p/nodejs"]}'
+```
+
+| Ruleset | When used |
+|---------|-----------|
+| `p/secrets` | Always — catches hardcoded API keys, tokens, passwords |
+| `p/owasp-top-ten` | Always — injection, XSS, broken auth, etc. |
+| `p/javascript` | Any JS project |
+| `p/typescript` | TypeScript detected |
+| `p/react` | React dependency found |
+| `p/nodejs` | Express/Fastify/NestJS/etc. found |
+| `p/nextjs` | Next.js detected |
+| `p/python` | Python project |
+| `p/golang` | Go project |
+| `p/java` | Java/Kotlin project |
+
+---
+
+## Environment variables
+
+| Variable | Required | Purpose |
+|----------|----------|---------|
+| `ANTHROPIC_API_KEY` | For chat/agent | Powers the conversational interface |
+| `GITHUB_TOKEN` | For private repos | Fetch PR files, post PR comments |
+
+---
+
+## License
+
+MIT © [Venkat Swara Moyya](https://github.com/venkatswaramoyya)

package/bin/argus-ci.js

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+import "../dist/cli/index.js";

package/dist/agent/index.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Semgrep Agent — Conversational Interface
+ *
+ * A Claude-powered agent that understands natural language requests
+ * and runs the appropriate Semgrep scan.
+ *
+ * Usage:
+ *   argus-ci chat
+ *   echo "review PR https://github.com/org/repo/pull/142" | argus-ci chat
+ *
+ * Requires: ANTHROPIC_API_KEY env var
+ */
+export declare function runAgent(userMessage: string): Promise<void>;
+export declare function startRepl(): Promise<void>;
+//# sourceMappingURL=index.d.ts.map

package/dist/agent/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/agent/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAsHH,wBAAsB,QAAQ,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CA6EjE;AAID,wBAAsB,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC,CAwB/C"}

package/dist/agent/index.js

@@ -0,0 +1,208 @@
+/**
+ * Semgrep Agent — Conversational Interface
+ *
+ * A Claude-powered agent that understands natural language requests
+ * and runs the appropriate Semgrep scan.
+ *
+ * Usage:
+ *   argus-ci chat
+ *   echo "review PR https://github.com/org/repo/pull/142" | argus-ci chat
+ *
+ * Requires: ANTHROPIC_API_KEY env var
+ */
+import Anthropic from "@anthropic-ai/sdk";
+import * as readline from "readline";
+import { scanFiles, scanStaged, scanBranch } from "../core/scanner.js";
+import { fetchPRFiles } from "../core/github.js";
+import { detectRulesets } from "../core/detector.js";
+import { toMarkdown } from "../core/reporter.js";
+const MODEL = "claude-opus-4-6";
+// ─── Tool definitions ─────────────────────────────────────────────────────────
+const TOOLS = [
+    {
+        name: "scan_files",
+        description: "Scan specific files with Semgrep for security issues.",
+        input_schema: {
+            type: "object",
+            properties: {
+                files: { type: "array", items: { type: "string" }, description: "File paths to scan" },
+                cwd: { type: "string", description: "Repo root directory" },
+                rulesets: { type: "array", items: { type: "string" }, description: "Semgrep rulesets" },
+            },
+            required: ["files"],
+        },
+    },
+    {
+        name: "scan_staged",
+        description: "Scan all git-staged files. Use when asked to check current changes before committing.",
+        input_schema: {
+            type: "object",
+            properties: {
+                cwd: { type: "string", description: "Repo root directory" },
+                rulesets: { type: "array", items: { type: "string" } },
+            },
+            required: [],
+        },
+    },
+    {
+        name: "scan_branch",
+        description: "Scan files changed on a branch compared to a base branch.",
+        input_schema: {
+            type: "object",
+            properties: {
+                branch: { type: "string", description: "Branch to scan" },
+                base: { type: "string", description: "Base branch (default: main)" },
+                cwd: { type: "string" },
+                rulesets: { type: "array", items: { type: "string" } },
+            },
+            required: ["branch"],
+        },
+    },
+    {
+        name: "scan_pr",
+        description: "Scan a GitHub Pull Request by URL.",
+        input_schema: {
+            type: "object",
+            properties: {
+                pr_url: { type: "string", description: "GitHub PR URL" },
+                cwd: { type: "string" },
+                rulesets: { type: "array", items: { type: "string" } },
+                post_comment: { type: "boolean", description: "Post results as PR comment" },
+            },
+            required: ["pr_url"],
+        },
+    },
+];
+// ─── Tool executor ────────────────────────────────────────────────────────────
+async function executeTool(name, input) {
+    const cwd = input.cwd ?? process.cwd();
+    const detected = detectRulesets(cwd);
+    const config = {
+        rulesets: input.rulesets ?? detected.rulesets,
+    };
+    try {
+        switch (name) {
+            case "scan_files": {
+                const files = input.files;
+                const result = await scanFiles(files, cwd, config);
+                return toMarkdown(result, `${files.length} file(s)`);
+            }
+            case "scan_staged": {
+                const result = await scanStaged(cwd, config);
+                return toMarkdown(result, "staged files");
+            }
+            case "scan_branch": {
+                const branch = input.branch;
+                const base = input.base ?? "main";
+                const result = await scanBranch(cwd, branch, base, config);
+                return toMarkdown(result, `branch \`${branch}\` vs \`${base}\``);
+            }
+            case "scan_pr": {
+                const prUrl = input.pr_url;
+                const prInfo = await fetchPRFiles(prUrl);
+                if (!prInfo)
+                    return `❌ Could not parse PR URL: ${prUrl}`;
+                const result = await scanFiles(prInfo.files, cwd, config);
+                return toMarkdown(result, `PR #${prInfo.meta.number}: ${prInfo.meta.title}`);
+            }
+            default:
+                return `Unknown tool: ${name}`;
+        }
+    }
+    catch (err) {
+        return `❌ Tool error: ${String(err)}`;
+    }
+}
+// ─── Agent loop ───────────────────────────────────────────────────────────────
+export async function runAgent(userMessage) {
+    const apiKey = process.env.ANTHROPIC_API_KEY;
+    if (!apiKey) {
+        console.error("❌ ANTHROPIC_API_KEY not set. Export it or add to .argus-ci.json");
+        process.exit(1);
+    }
+    const client = new Anthropic({ apiKey });
+    const messages = [
+        { role: "user", content: userMessage },
+    ];
+    const systemPrompt = `You are a code security and quality agent powered by Semgrep.
+Your job is to run security scans on code and clearly explain the findings.
+
+When the user asks you to:
+- "scan files X, Y, Z" → use scan_files
+- "check my changes" / "check staged files" / "before I commit" → use scan_staged
+- "review branch X" / "check branch X" → use scan_branch
+- "review PR <url>" / "scan PR #N" → use scan_pr
+
+After getting scan results:
+1. Summarise the findings clearly (errors first, then warnings)
+2. For each finding, explain WHY it's a security risk in plain language
+3. Give a concrete one-line fix for each issue
+4. If no issues, confirm the code looks clean and what was checked
+
+Always be specific: name the file, the line, and the exact variable or function involved.
+Use the current working directory (${process.cwd()}) unless the user specifies otherwise.`;
+    // Agentic loop
+    while (true) {
+        const response = await client.messages.create({
+            model: MODEL,
+            max_tokens: 4096,
+            system: systemPrompt,
+            tools: TOOLS,
+            messages,
+        });
+        // Collect text output as we go
+        for (const block of response.content) {
+            if (block.type === "text") {
+                process.stdout.write(block.text);
+            }
+        }
+        if (response.stop_reason === "end_turn") {
+            process.stdout.write("\n");
+            break;
+        }
+        if (response.stop_reason === "tool_use") {
+            // Execute all tool calls
+            const toolResults = [];
+            for (const block of response.content) {
+                if (block.type === "tool_use") {
+                    process.stdout.write(`\n⚙️  Running ${block.name}...\n`);
+                    const result = await executeTool(block.name, block.input);
+                    toolResults.push({
+                        type: "tool_result",
+                        tool_use_id: block.id,
+                        content: result,
+                    });
+                }
+            }
+            // Add assistant turn + tool results
+            messages.push({ role: "assistant", content: response.content });
+            messages.push({ role: "user", content: toolResults });
+            continue;
+        }
+        break;
+    }
+}
+// ─── Interactive REPL ─────────────────────────────────────────────────────────
+export async function startRepl() {
+    console.log("🔍 Semgrep Agent — type your request or 'exit' to quit\n");
+    console.log("Examples:");
+    console.log("  review PR https://github.com/org/repo/pull/42");
+    console.log("  scan branch feature/auth");
+    console.log("  check my staged changes\n");
+    const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+    const ask = () => {
+        rl.question("You: ", async (line) => {
+            const input = line.trim();
+            if (!input || input === "exit" || input === "quit") {
+                rl.close();
+                return;
+            }
+            console.log("");
+            await runAgent(input);
+            console.log("\n" + "─".repeat(60) + "\n");
+            ask();
+        });
+    };
+    ask();
+}
+//# sourceMappingURL=index.js.map

package/dist/agent/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/agent/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,SAAS,MAAM,mBAAmB,CAAC;AAC1C,OAAO,KAAK,QAAQ,MAAM,UAAU,CAAC;AACrC,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AACvE,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAGjD,MAAM,KAAK,GAAG,iBAAiB,CAAC;AAEhC,iFAAiF;AAEjF,MAAM,KAAK,GAAqB;IAC9B;QACE,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,uDAAuD;QACpE,YAAY,EAAE;YACZ,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,KAAK,EAAK,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,WAAW,EAAE,oBAAoB,EAAE;gBACzF,GAAG,EAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,qBAAqB,EAAE;gBAChE,QAAQ,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,WAAW,EAAE,kBAAkB,EAAE;aACxF;YACD,QAAQ,EAAE,CAAC,OAAO,CAAC;SACpB;KACF;IACD;QACE,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,uFAAuF;QACpG,YAAY,EAAE;YACZ,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,GAAG,EAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,qBAAqB,EAAE;gBAChE,QAAQ,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;aACvD;YACD,QAAQ,EAAE,EAAE;SACb;KACF;IACD;QACE,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,2DAA2D;QACxE,YAAY,EAAE;YACZ,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,MAAM,EAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,gBAAgB,EAAE;gBAC3D,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6BAA6B,EAAE;gBACxE,GAAG,EAAO,EAAE,IAAI,EAAE,QAAQ,EAAE;gBAC5B,QAAQ,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;aACvD;YACD,QAAQ,EAAE,CAAC,QAAQ,CAAC;SACrB;KACF;IACD;QACE,IAAI,EAAE,SAAS;QACf,WAAW,EAAE,oCAAoC;QACjD,YAAY,EAAE;YACZ,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,MAAM,EAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE;gBAC9D,GAAG,EAAW,EAAE,IAAI,EAAE,QAAQ,EAAE;gBAChC,QAAQ,EAAM,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;gBAC1D,YAAY,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,WAAW,EAAE,4BAA4B,EAAE;aAC7E;YACD,QAAQ,EAAE,CAAC,QAAQ,CAAC;SACrB;KACF;CACF,CAAC;AAEF,iFAAiF;AAEjF,KAAK,UAAU,WAAW,CAAC,IAAY,EAAE,KAA8B;IACrE,MAAM,GAAG,GAAI,KAAK,CAAC,GAA0B,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;IAC/D,MAAM,QAAQ,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;IACrC,MAAM,MAAM,GAAe;QACzB,QAAQ,EAAG,KAAK,CAAC,QAAiC,IAAI,QAAQ,CAAC,QAAQ;KACxE,CAAC;IAEF,IAAI,CAAC;QACH,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,YAAY,CAAC,CAAC,CAAC;gBAClB,MAAM,KAAK,GAAG,KAAK,CAAC,KAAiB,CAAC;gBACtC,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;gBACnD,OAAO,UAAU,CAAC,MAAM,EAAE,GAAG,KAAK,CAAC,MAAM,UAAU,CAAC,CAAC;YACvD,CAAC;YAED,KAAK,aAAa,CAAC,CAAC,CAAC;gBACnB,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;gBAC7C,OAAO,UAAU,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YAC5C,CAAC;YAED,KAAK,aAAa,CAAC,CAAC,CAAC;gBACnB,MAAM,MAAM,GAAG,KAAK,CAAC,MAAgB,CAAC;gBACtC,MAAM,IAAI,GAAM,KAAK,CAAC,IAA2B,IAAI,MAAM,CAAC;gBAC5D,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;gBAC3D,OAAO,UAAU,CAAC,MAAM,EAAE,YAAY,MAAM,WAAW,IAAI,IAAI,CAAC,CAAC;YACnE,CAAC;YAED,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,MAAM,KAAK,GAAG,KAAK,CAAC,MAAgB,CAAC;gBACrC,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,CAAC;gBACzC,IAAI,CAAC,MAAM;oBAAE,OAAO,6BAA6B,KAAK,EAAE,CAAC;gBAEzD,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;gBAC1D,OAAO,UAAU,CAAC,MAAM,EAAE,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;YAC/E,CAAC;YAED;gBACE,OAAO,iBAAiB,IAAI,EAAE,CAAC;QACnC,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,iBAAiB,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;IACxC,CAAC;AACH,CAAC;AAED,iFAAiF;AAEjF,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,WAAmB;IAChD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;IAC7C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,KAAK,CAAC,iEAAiE,CAAC,CAAC;QACjF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;IAEzC,MAAM,QAAQ,GAA6B;QACzC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE;KACvC,CAAC;IAEF,MAAM,YAAY,GAAG;;;;;;;;;;;;;;;;qCAgBc,OAAO,CAAC,GAAG,EAAE,wCAAwC,CAAC;IAEzF,eAAe;IACf,OAAO,IAAI,EAAE,CAAC;QACZ,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YAC5C,KAAK,EAAO,KAAK;YACjB,UAAU,EAAE,IAAI;YAChB,MAAM,EAAM,YAAY;YACxB,KAAK,EAAO,KAAK;YACjB,QAAQ;SACT,CAAC,CAAC;QAEH,+BAA+B;QAC/B,KAAK,MAAM,KAAK,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACrC,IAAI,KAAK,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;gBAC1B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACnC,CAAC;QACH,CAAC;QAED,IAAI,QAAQ,CAAC,WAAW,KAAK,UAAU,EAAE,CAAC;YACxC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAC3B,MAAM;QACR,CAAC;QAED,IAAI,QAAQ,CAAC,WAAW,KAAK,UAAU,EAAE,CAAC;YACxC,yBAAyB;YACzB,MAAM,WAAW,GAAqC,EAAE,CAAC;YAEzD,KAAK,MAAM,KAAK,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;gBACrC,IAAI,KAAK,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;oBAC9B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,KAAK,CAAC,IAAI,OAAO,CAAC,CAAC;oBACzD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,KAAgC,CAAC,CAAC;oBACrF,WAAW,CAAC,IAAI,CAAC;wBACf,IAAI,EAAS,aAAa;wBAC1B,WAAW,EAAE,KAAK,CAAC,EAAE;wBACrB,OAAO,EAAM,MAAM;qBACpB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,oCAAoC;YACpC,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC;YAChE,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAO,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;YAC3D,SAAS;QACX,CAAC;QAED,MAAM;IACR,CAAC;AACH,CAAC;AAED,iFAAiF;AAEjF,MAAM,CAAC,KAAK,UAAU,SAAS;IAC7B,OAAO,CAAC,GAAG,CAAC,0DAA0D,CAAC,CAAC;IACxE,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACzB,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;IAC1C,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;IAE3C,MAAM,EAAE,GAAG,QAAQ,CAAC,eAAe,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAEtF,MAAM,GAAG,GAAG,GAAS,EAAE;QACrB,EAAE,CAAC,QAAQ,CAAC,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;YAClC,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YAC1B,IAAI,CAAC,KAAK,IAAI,KAAK,KAAK,MAAM,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;gBACnD,EAAE,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO;YACT,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAChB,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;YAC1C,GAAG,EAAE,CAAC;QACR,CAAC,CAAC,CAAC;IACL,CAAC,CAAC;IAEF,GAAG,EAAE,CAAC;AACR,CAAC"}

package/dist/cli/index.d.ts

@@ -0,0 +1,12 @@
+/**
+ * argus-ci CLI
+ *
+ * Commands:
+ *   argus-ci               — start MCP server (default, for Cursor/Claude)
+ *   argus-ci chat          — start conversational agent REPL
+ *   argus-ci scan [files]  — scan files / staged / branch from terminal
+ *   argus-ci pr <url>      — scan a PR directly
+ *   argus-ci setup         — install pre-commit hook in current repo
+ */
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/cli/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG"}