npm - avorelo - Versions diffs - 0.1.0 - Mend

avorelo 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (258) hide show

package/LICENSE +21 -0
package/README.md +56 -0
package/bin/avorelo +9 -0
package/package.json +135 -0
package/scripts/README.md +40 -0
package/scripts/cco-dashboard.js +252 -0
package/scripts/cco-status.js +430 -0
package/scripts/lib/activation/account-state.js +37 -0
package/scripts/lib/activation/activation-runner.js +546 -0
package/scripts/lib/activation/activation-self-healing.js +480 -0
package/scripts/lib/activation/activation-state.js +83 -0
package/scripts/lib/activation/activation-summary.js +191 -0
package/scripts/lib/activation/adapters/claude-code.js +77 -0
package/scripts/lib/activation/adapters/codex-cli.js +52 -0
package/scripts/lib/activation/adapters/cursor.js +37 -0
package/scripts/lib/activation/adapters/github-agent.js +39 -0
package/scripts/lib/activation/adapters/terminal.js +42 -0
package/scripts/lib/activation/adapters/vscode.js +39 -0
package/scripts/lib/activation/adapters/windsurf.js +37 -0
package/scripts/lib/activation/ai-surface-detector.js +151 -0
package/scripts/lib/activation/connect-account.js +145 -0
package/scripts/lib/activation/detect-environment.js +75 -0
package/scripts/lib/activation/detect-hosts.js +62 -0
package/scripts/lib/activation/format-activation-output.js +109 -0
package/scripts/lib/activation/next-action.js +43 -0
package/scripts/lib/activation/repair-engine.js +219 -0
package/scripts/lib/activation-distribution-readiness.js +507 -0
package/scripts/lib/adapter-conformance.js +176 -0
package/scripts/lib/adapter-readiness.js +417 -0
package/scripts/lib/adapter-safety-boundaries.js +335 -0
package/scripts/lib/adapter-technical-readiness-gate.js +205 -0
package/scripts/lib/agent-access-governance.js +455 -0
package/scripts/lib/agent-enforcement.js +765 -0
package/scripts/lib/agent-policy-profile.js +210 -0
package/scripts/lib/agent-security/action-evaluator.js +507 -0
package/scripts/lib/agent-security/adapter-registry.js +98 -0
package/scripts/lib/agent-security/auto-policy.js +139 -0
package/scripts/lib/agent-security/bounded-scan.js +93 -0
package/scripts/lib/agent-security/enforcement-adapter.js +174 -0
package/scripts/lib/agent-security/enforcement-engine.js +1129 -0
package/scripts/lib/agent-security/file-write-adapter.js +183 -0
package/scripts/lib/agent-security/file-write-rules.js +178 -0
package/scripts/lib/agent-security/index.js +3342 -0
package/scripts/lib/agent-security/instruction-risk.js +181 -0
package/scripts/lib/agent-security/mcp-action-adapter.js +185 -0
package/scripts/lib/agent-security/mcp-action-rules.js +184 -0
package/scripts/lib/agent-security/package-action-adapter.js +175 -0
package/scripts/lib/agent-security/package-action-rules.js +233 -0
package/scripts/lib/agent-security/performance.js +148 -0
package/scripts/lib/agent-security/permission-minimizer.js +403 -0
package/scripts/lib/agent-security/scan-cache.js +74 -0
package/scripts/lib/agent-security/source-trust.js +146 -0
package/scripts/lib/ai-install-prompt.js +288 -0
package/scripts/lib/ai-workspace-hygiene.js +1499 -0
package/scripts/lib/alpha-activation.js +520 -0
package/scripts/lib/alpha-feedback.js +263 -0
package/scripts/lib/alpha-readiness-gate.js +332 -0
package/scripts/lib/anti-gaming.js +169 -0
package/scripts/lib/artifact-health.js +431 -0
package/scripts/lib/attribution.js +180 -0
package/scripts/lib/audit.js +289 -0
package/scripts/lib/avorelo-skill-registry.js +810 -0
package/scripts/lib/batch-jobs.js +71 -0
package/scripts/lib/brain-pack.js +578 -0
package/scripts/lib/brand-boundary.js +424 -0
package/scripts/lib/brand.js +74 -0
package/scripts/lib/browser-capability.js +1048 -0
package/scripts/lib/browser-proof-preflight.js +321 -0
package/scripts/lib/cache-readiness.js +187 -0
package/scripts/lib/canonical-reentry.js +162 -0
package/scripts/lib/capability-packs.js +314 -0
package/scripts/lib/capability-recommender.js +512 -0
package/scripts/lib/capability-registry.js +1059 -0
package/scripts/lib/carry-forward-surfacing.js +194 -0
package/scripts/lib/ccusage-adapter.js +188 -0
package/scripts/lib/company-loop.js +1149 -0
package/scripts/lib/config.js +637 -0
package/scripts/lib/context-acquisition-plan.js +287 -0
package/scripts/lib/context-budget-guard.js +170 -0
package/scripts/lib/context-budget-scanner.js +257 -0
package/scripts/lib/context-optimizer.js +715 -0
package/scripts/lib/context-reduction-plan.js +178 -0
package/scripts/lib/context-safety.js +88 -0
package/scripts/lib/context-savings-engine.js +158 -0
package/scripts/lib/cost-evidence.js +254 -0
package/scripts/lib/cross-host-install-plan.js +308 -0
package/scripts/lib/cross-host-install-readiness.js +237 -0
package/scripts/lib/cross-host-value-flow.js +268 -0
package/scripts/lib/dashboard.js +900 -0
package/scripts/lib/design-partner-feedback.js +346 -0
package/scripts/lib/entitlements.js +100 -0
package/scripts/lib/execution-packet.js +559 -0
package/scripts/lib/experimentation-events.js +547 -0
package/scripts/lib/external-capability-compliance.js +107 -0
package/scripts/lib/external-user-simulation.js +166 -0
package/scripts/lib/failure-recovery-readiness.js +81 -0
package/scripts/lib/failure-recovery.js +419 -0
package/scripts/lib/feedback-intelligence.js +537 -0
package/scripts/lib/feedback-signals.js +205 -0
package/scripts/lib/file-integrity.js +68 -0
package/scripts/lib/fsx.js +127 -0
package/scripts/lib/full-readiness-gate.js +451 -0
package/scripts/lib/guidance-builder.js +174 -0
package/scripts/lib/hook-apply.js +1019 -0
package/scripts/lib/hook-baseline.js +310 -0
package/scripts/lib/hook-config-preview.js +275 -0
package/scripts/lib/hook-contracts.js +290 -0
package/scripts/lib/hook-safety-boundary-readiness.js +80 -0
package/scripts/lib/host-capability-matrix.js +351 -0
package/scripts/lib/host-support-context.js +254 -0
package/scripts/lib/http-hook-action.js +538 -0
package/scripts/lib/install-ai-readiness.js +84 -0
package/scripts/lib/install-intake-risk.js +1037 -0
package/scripts/lib/install-journey-intelligence.js +329 -0
package/scripts/lib/intervention-guidance.js +57 -0
package/scripts/lib/known-limitations.js +115 -0
package/scripts/lib/l8-path-truth.js +146 -0
package/scripts/lib/launch-hardening-gate.js +436 -0
package/scripts/lib/launch-readiness.js +628 -0
package/scripts/lib/learning-memory.js +686 -0
package/scripts/lib/lifecycle-hooks.js +802 -0
package/scripts/lib/local-package-smoke.js +423 -0
package/scripts/lib/local-pricing.js +299 -0
package/scripts/lib/mcp-enforcement.js +311 -0
package/scripts/lib/mcp-least-privilege-policy.js +303 -0
package/scripts/lib/mcp-tool-inventory.js +388 -0
package/scripts/lib/mcp-tool-risk.js +0 -0
package/scripts/lib/memory.js +335 -0
package/scripts/lib/metrics.js +699 -0
package/scripts/lib/micro-proof.js +133 -0
package/scripts/lib/next-run-context.js +436 -0
package/scripts/lib/operating-value.js +1648 -0
package/scripts/lib/optimization-v3.js +122 -0
package/scripts/lib/orchestration/adapters/_shared.js +49 -0
package/scripts/lib/orchestration/adapters/aider.js +18 -0
package/scripts/lib/orchestration/adapters/claude-code.js +35 -0
package/scripts/lib/orchestration/adapters/codex.js +35 -0
package/scripts/lib/orchestration/adapters/gemini-cli.js +18 -0
package/scripts/lib/orchestration/adapters/git.js +25 -0
package/scripts/lib/orchestration/adapters/index.js +31 -0
package/scripts/lib/orchestration/adapters/lm-studio.js +18 -0
package/scripts/lib/orchestration/adapters/ollama.js +18 -0
package/scripts/lib/orchestration/adapters/opencode.js +18 -0
package/scripts/lib/orchestration/adapters/openrouter.js +18 -0
package/scripts/lib/orchestration/adapters/test-runner.js +25 -0
package/scripts/lib/orchestration/cli.js +438 -0
package/scripts/lib/orchestration/execution-manager.js +279 -0
package/scripts/lib/orchestration/handoff.js +314 -0
package/scripts/lib/orchestration/index.js +456 -0
package/scripts/lib/orchestration/inventory.js +47 -0
package/scripts/lib/orchestration/model-discovery.js +498 -0
package/scripts/lib/orchestration/model-profiler.js +170 -0
package/scripts/lib/orchestration/model-profiles.js +252 -0
package/scripts/lib/orchestration/model-refresh-policy.js +72 -0
package/scripts/lib/orchestration/proof-writer.js +349 -0
package/scripts/lib/orchestration/provider-discovery/aider.js +49 -0
package/scripts/lib/orchestration/provider-discovery/claude-code.js +56 -0
package/scripts/lib/orchestration/provider-discovery/codex.js +49 -0
package/scripts/lib/orchestration/provider-discovery/common.js +186 -0
package/scripts/lib/orchestration/provider-discovery/gemini.js +106 -0
package/scripts/lib/orchestration/provider-discovery/lm-studio.js +118 -0
package/scripts/lib/orchestration/provider-discovery/models-dev.js +12 -0
package/scripts/lib/orchestration/provider-discovery/ollama.js +100 -0
package/scripts/lib/orchestration/provider-discovery/opencode.js +47 -0
package/scripts/lib/orchestration/provider-discovery/openrouter.js +44 -0
package/scripts/lib/orchestration/risk-classifier.js +130 -0
package/scripts/lib/orchestration/routing-policy.js +486 -0
package/scripts/lib/orchestration/settings.js +112 -0
package/scripts/lib/orchestration/state.js +165 -0
package/scripts/lib/orchestration/verification-manager.js +138 -0
package/scripts/lib/output-profiles.js +146 -0
package/scripts/lib/package-content-audit.js +368 -0
package/scripts/lib/package-runtime.js +278 -0
package/scripts/lib/plan-surface.js +53 -0
package/scripts/lib/plans.js +2318 -0
package/scripts/lib/policy-provider.js +27 -0
package/scripts/lib/prelaunch-activation-readiness.js +409 -0
package/scripts/lib/prelaunch-evidence-store.js +816 -0
package/scripts/lib/prelaunch-intelligence.js +869 -0
package/scripts/lib/pricing-experiment.js +118 -0
package/scripts/lib/pro-moment-events.js +77 -0
package/scripts/lib/pro-moment-state.js +227 -0
package/scripts/lib/pro-moments.js +1216 -0
package/scripts/lib/product-learning-events.js +629 -0
package/scripts/lib/project-profile.js +555 -0
package/scripts/lib/prompt-compiler.js +280 -0
package/scripts/lib/prompt-lint.js +32 -0
package/scripts/lib/prompt-suggestions.js +52 -0
package/scripts/lib/proof-canonical.js +398 -0
package/scripts/lib/proof-drilldown.js +383 -0
package/scripts/lib/proof-events.js +342 -0
package/scripts/lib/proof-history.js +243 -0
package/scripts/lib/proof-metrics.js +296 -0
package/scripts/lib/proof-outcome-evidence.js +134 -0
package/scripts/lib/proof-receipt.js +335 -0
package/scripts/lib/proof-record.js +461 -0
package/scripts/lib/public-activation-distribution-gate.js +258 -0
package/scripts/lib/public-cli.js +3891 -0
package/scripts/lib/public-distribution-truth.js +211 -0
package/scripts/lib/public-install-claim-checker.js +294 -0
package/scripts/lib/publish-provenance-readiness.js +283 -0
package/scripts/lib/readiness-delta.js +218 -0
package/scripts/lib/readiness-evidence-closure.js +196 -0
package/scripts/lib/reentry-memory-capture.js +241 -0
package/scripts/lib/reentry-memory-retrieval.js +302 -0
package/scripts/lib/reentry-memory-status.js +146 -0
package/scripts/lib/reentry-memory-store.js +178 -0
package/scripts/lib/reentry-state.js +66 -0
package/scripts/lib/release-candidate-bundle.js +166 -0
package/scripts/lib/remediation.js +81 -0
package/scripts/lib/repo-map.js +391 -0
package/scripts/lib/run-improvements-lifecycle.js +330 -0
package/scripts/lib/run-improvements.js +789 -0
package/scripts/lib/runtime-decision-policy.js +387 -0
package/scripts/lib/safe-path-engine.js +705 -0
package/scripts/lib/safe-run-controller.js +887 -0
package/scripts/lib/score.js +262 -0
package/scripts/lib/seamless-enforcement.js +329 -0
package/scripts/lib/seamless-outcome.js +689 -0
package/scripts/lib/seamless-reality-gate.js +5043 -0
package/scripts/lib/security-risk-classifier.js +511 -0
package/scripts/lib/security-scan.js +384 -0
package/scripts/lib/session-context-optimizer.js +1211 -0
package/scripts/lib/session-timing.js +315 -0
package/scripts/lib/skill-hygiene.js +805 -0
package/scripts/lib/skill-packs.js +161 -0
package/scripts/lib/skills-operating-layer.js +580 -0
package/scripts/lib/smart-work-routing.js +768 -0
package/scripts/lib/source-catalog.js +700 -0
package/scripts/lib/status-value-summary.js +32 -0
package/scripts/lib/support-bundle.js +578 -0
package/scripts/lib/task-continuation.js +440 -0
package/scripts/lib/test-helpers.js +15 -0
package/scripts/lib/tier.js +38 -0
package/scripts/lib/token-context-quality-gate.js +370 -0
package/scripts/lib/token-cost-capture.js +187 -0
package/scripts/lib/token-cost-intelligence.js +358 -0
package/scripts/lib/token-efficiency-evidence.js +213 -0
package/scripts/lib/token-evidence.js +699 -0
package/scripts/lib/tokenish.js +17 -0
package/scripts/lib/tool-output-sandbox.js +304 -0
package/scripts/lib/trust-audit.js +136 -0
package/scripts/lib/unified-events.js +396 -0
package/scripts/lib/upgrade-interruption-recovery.js +407 -0
package/scripts/lib/usage-ledger.js +201 -0
package/scripts/lib/value-ledger.js +130 -0
package/scripts/lib/value-proof-calibration.js +531 -0
package/scripts/lib/visual-qa.js +231 -0
package/scripts/lib/voice-alpha.js +29 -0
package/scripts/lib/work-aware-orchestration.js +976 -0
package/scripts/lib/work-control-receipts.js +577 -0
package/scripts/lib/work-ledger.js +1123 -0
package/scripts/lib/work-panel-preview.js +352 -0
package/scripts/lib/workflow-discipline.js +280 -0
package/scripts/lib/workflow-signals.js +419 -0
package/scripts/lib/workspace-map.js +281 -0
package/scripts/lib/workspace-registry.js +1367 -0
package/scripts/lib/workspace-resolver.js +480 -0

package/scripts/lib/unified-events.js ADDED Viewed

@@ -0,0 +1,396 @@
+"use strict";
+const fs = require("fs");
+const path = require("path");
+const crypto = require("crypto");
+const { nowIso } = require("./fsx");
+const { normalizeAttribution, inferValueUnit } = require("./attribution");
+const { numberOrNull } = require("./cost-evidence");
+const OUTBOX_REL = ".claude/cco/cloud/outbox/events.jsonl";
+const OUTCOME_EVENTS_REL = ".claude/cco/events/outcome-events.jsonl";
+const OUTCOME_EXPORTS_REL = ".claude/cco/exports";
+function ensureDirFor(filePath) {
+  fs.mkdirSync(path.dirname(filePath), { recursive: true });
+}
+function parseJsonl(absPath) {
+  if (!fs.existsSync(absPath)) return [];
+  return fs
+    .readFileSync(absPath, "utf8")
+    .split("\n")
+    .filter(Boolean)
+    .map((ln) => {
+      try {
+        return JSON.parse(ln);
+      } catch {
+        return null;
+      }
+    })
+    .filter(Boolean);
+}
+function appendJsonl(absPath, rows) {
+  ensureDirFor(absPath);
+  const lines = (rows || []).map((row) => JSON.stringify(row)).join("\n");
+  if (!lines) return;
+  fs.appendFileSync(absPath, lines + "\n", "utf8");
+}
+function confidenceFromReasonCodes(reasonCodes) {
+  const sec = (reasonCodes || []).filter((x) => String(x).startsWith("SEC_")).length;
+  if (sec >= 2) return "high";
+  if (sec === 1) return "medium";
+  return "low";
+}
+function confidenceScore(reasonCodes) {
+  const sec = (reasonCodes || []).filter((x) => String(x).startsWith("SEC_")).length;
+  if (sec >= 2) return 0.92;
+  if (sec === 1) return 0.75;
+  if ((reasonCodes || []).includes("LOOP_REPEATED_TOOL")) return 0.81;
+  if ((reasonCodes || []).includes("CTX_LARGE_OUTPUT")) return 0.72;
+  return 0.58;
+}
+function inferCategory(metric) {
+  const codes = metric.reasonCodes || [];
+  const event = String(metric.event || "");
+  if (codes.some((c) => String(c).startsWith("SEC_"))) return "risky_skill_flagged";
+  if (codes.includes("LOOP_REPEATED_TOOL") || codes.includes("FAIL_RETRY_GUARD")) return "loop_detected";
+  if (codes.includes("CTX_LARGE_OUTPUT") || codes.includes("CTX_SCAN_SKIPPED_UNCHANGED")) return "output_trimmed";
+  if (codes.includes("SEC_REMEDIATION_JOB_CREATED")) return "patch_suggested";
+  if (codes.includes("PERM_FATIGUE_CONSOLIDATED")) return "permission_consolidated";
+  if (codes.includes("SEC_TRUST_UNKNOWN_HIGH") || codes.includes("SEC_TRUST_AUDIT") || event === "WorktreeCreate" || event === "WorktreeRemove") {
+    return "trust_alert";
+  }
+  if (event === "CloudSync" || event === "SessionEnd" || event === "TaskCompleted") return "pricing_signal";
+  if (String(metric.event || "").toLowerCase().includes("intel")) return "intel_signal";
+  return "waste_prevented";
+}
+function measuredValue(metric, category) {
+  const meta = metric.meta || {};
+  if (typeof meta.measured_value === "number") return meta.measured_value;
+  if (category === "output_trimmed") {
+    const bytes = Number(meta.bytes || 0);
+    return Number.isFinite(bytes) && bytes > 0 ? bytes : null;
+  }
+  if (category === "loop_detected") return (metric.reasonCodes || []).includes("LOOP_REPEATED_TOOL") ? 1 : null;
+  if (category === "risky_skill_flagged") return (metric.reasonCodes || []).some((x) => String(x).startsWith("SEC_")) ? 1 : null;
+  if (category === "patch_suggested") return (metric.reasonCodes || []).includes("SEC_REMEDIATION_JOB_CREATED") ? 1 : null;
+  if (category === "pricing_signal") return Number(meta.syncedEvents || 0) || null;
+  return null;
+}
+function counterfactualValue(metric, category) {
+  const meta = metric.meta || {};
+  if (typeof meta.estimated_counterfactual_value === "number") return meta.estimated_counterfactual_value;
+  if (category === "loop_detected") {
+    if ((metric.reasonCodes || []).includes("LOOP_REPEATED_TOOL")) return 3;
+    if ((metric.reasonCodes || []).includes("FAIL_RETRY_GUARD")) return 2;
+  }
+  if (category === "output_trimmed") {
+    const bytes = Number(meta.bytes || 0);
+    return Number.isFinite(bytes) && bytes > 0 ? Math.round(bytes * 0.65) : null;
+  }
+  if (category === "risky_skill_flagged") return (metric.reasonCodes || []).some((x) => String(x).startsWith("SEC_")) ? 1 : null;
+  if (category === "patch_suggested") return (metric.reasonCodes || []).includes("SEC_REMEDIATION_JOB_CREATED") ? 1 : null;
+  return null;
+}
+function stableId(parts) {
+  const joined = parts.map((x) => String(x || "")).join("|");
+  const hex = crypto.createHash("sha256").update(joined).digest("hex");
+  return `evt_${hex.slice(0, 16)}`;
+}
+function buildOutcomeEvent(params) {
+  const metric = params?.metric || {};
+  const platform = params?.platform || "claude";
+  const projectId = params?.projectId || metric?.meta?.projectId || "unknown-project";
+  const userId = params?.userId || metric?.meta?.userId || process.env.CCO_USER_ID || "local-user";
+  const repoId = params?.repoId || metric?.meta?.repoId || projectId;
+  const category = inferCategory(metric);
+  const reasonCode = (metric.reasonCodes && metric.reasonCodes[0]) || "UNKNOWN_REASON";
+  const measured = measuredValue(metric, category);
+  const counterfactual = counterfactualValue(metric, category);
+  const attribution = normalizeAttribution(metric);
+  const valueUnit = inferValueUnit({ ...metric, category }, attribution, measured, counterfactual);
+  return {
+    event_id: stableId([metric.ts || nowIso(), metric.sessionId || "unknown", metric.event || "UnknownEvent", metric.tool || "", metric.action || "", reasonCode]),
+    session_id: metric.sessionId || "unknown",
+    repo_id: repoId,
+    project_id: projectId,
+    user_id: userId,
+    timestamp: metric.ts || nowIso(),
+    category,
+    reason_code: reasonCode,
+    measured_value: measured,
+    estimated_counterfactual_value: counterfactual,
+    confidence_score: confidenceScore(metric.reasonCodes || []),
+    platform,
+    event_name: metric.event || "UnknownEvent",
+    action: metric.action || null,
+    tool: metric.tool || null,
+    value_unit: valueUnit,
+    attribution,
+    metadata: metric.meta || {},
+  };
+}
+function appendOutcomeEvents(cwd, events) {
+  const abs = path.join(cwd, OUTCOME_EVENTS_REL);
+  appendJsonl(abs, events || []);
+  return abs;
+}
+function readOutcomeEvents(cwd) {
+  const abs = path.join(cwd, OUTCOME_EVENTS_REL);
+  return parseJsonl(abs);
+}
+function aggregateOutcomeEvents(events, options = {}) {
+  const list = Array.isArray(events) ? events : [];
+  const now = Date.now();
+  const days = Number(options.days || 7);
+  const cutoff = now - days * 24 * 60 * 60 * 1000;
+  const weekly = list.filter((e) => {
+    const ts = Date.parse(e.timestamp || 0);
+    return Number.isFinite(ts) && ts >= cutoff;
+  });
+  const byCategory = {
+    waste_prevented: 0,
+    loop_detected: 0,
+    output_trimmed: 0,
+    risky_skill_flagged: 0,
+    patch_suggested: 0,
+    permission_consolidated: 0,
+    trust_alert: 0,
+    pricing_signal: 0,
+    intel_signal: 0,
+    other: 0,
+  };
+  let measuredTotal = 0;
+  let counterfactualTotal = 0;
+  let measuredCostTotal = 0;
+  let estimatedCostCounterfactualTotal = 0;
+  let tokenUsageTotal = 0;
+  const reasonCounts = {};
+  weekly.forEach((e) => {
+    if (byCategory[e.category] === undefined) byCategory.other += 1;
+    else byCategory[e.category] += 1;
+    const m = Number(e.measured_value);
+    if (Number.isFinite(m)) measuredTotal += m;
+    const c = Number(e.estimated_counterfactual_value);
+    if (Number.isFinite(c)) counterfactualTotal += c;
+    const metadata = e.metadata || {};
+    const cost = numberOrNull(e.attribution?.cost ?? metadata.totalCost);
+    const tokens = numberOrNull(e.attribution?.tokenUsage ?? metadata.totalTokens);
+    const isCurrency = String(e.value_unit || "") === "currency" || (cost !== null && cost > 0);
+    if (isCurrency && cost !== null && cost > 0) {
+      measuredCostTotal += cost;
+      if (Number.isFinite(c)) estimatedCostCounterfactualTotal += c;
+    }
+    if (tokens !== null && tokens > 0) tokenUsageTotal += tokens;
+    reasonCounts[e.reason_code] = (reasonCounts[e.reason_code] || 0) + 1;
+  });
+  const topReasonCodes = Object.keys(reasonCounts)
+    .sort((a, b) => reasonCounts[b] - reasonCounts[a])
+    .slice(0, 5);
+  const firstSession = list[0]?.session_id || "unknown";
+  const repoId = list[0]?.repo_id || "unknown-project";
+  const loopsPrevented = byCategory.loop_detected;
+  const contextPressureReduction = byCategory.output_trimmed;
+  const riskEventsPrevented = byCategory.risky_skill_flagged + byCategory.trust_alert;
+  const confidenceLabel = weekly.length >= 20 ? "high" : weekly.length >= 8 ? "medium" : "low";
+  return {
+    sessionSummary: {
+      sessionId: firstSession,
+      events: list.filter((x) => x.session_id === firstSession).length,
+      measuredValueTotal: measuredTotal,
+      estimatedCounterfactualTotal: counterfactualTotal,
+      measuredCostTotal: Math.round(measuredCostTotal * 100) / 100,
+      estimatedCostCounterfactualTotal: Math.round(estimatedCostCounterfactualTotal * 100) / 100,
+      tokenUsageTotal: Math.round(tokenUsageTotal),
+      legacyMixedUnitTotals: {
+        measuredValueTotal: measuredTotal,
+        estimatedCounterfactualTotal: counterfactualTotal,
+      },
+      costAwareTotals: {
+        measuredCostTotal: Math.round(measuredCostTotal * 100) / 100,
+        estimatedCostCounterfactualTotal: Math.round(estimatedCostCounterfactualTotal * 100) / 100,
+        tokenUsageTotal: Math.round(tokenUsageTotal),
+      },
+      topReasonCodes,
+    },
+    weeklyRepoSummary: {
+      repoId,
+      days,
+      events: weekly.length,
+      measuredValueTotal: measuredTotal,
+      estimatedCounterfactualTotal: counterfactualTotal,
+      measuredCostTotal: Math.round(measuredCostTotal * 100) / 100,
+      estimatedCostCounterfactualTotal: Math.round(estimatedCostCounterfactualTotal * 100) / 100,
+      tokenUsageTotal: Math.round(tokenUsageTotal),
+      legacyMixedUnitTotals: {
+        measuredValueTotal: measuredTotal,
+        estimatedCounterfactualTotal: counterfactualTotal,
+      },
+      costAwareTotals: {
+        measuredCostTotal: Math.round(measuredCostTotal * 100) / 100,
+        estimatedCostCounterfactualTotal: Math.round(estimatedCostCounterfactualTotal * 100) / 100,
+        tokenUsageTotal: Math.round(tokenUsageTotal),
+      },
+      byCategory,
+    },
+    savingsSummary: {
+      minutesSavedEstimate: Math.max(0, loopsPrevented * 3),
+      contextPressureReduction,
+      loopsPrevented,
+      confidenceLabel,
+    },
+    riskSummary: {
+      riskEventsPrevented,
+      highRiskEvents: byCategory.risky_skill_flagged,
+      remediationSuggested: byCategory.patch_suggested,
+      confidenceLabel,
+    },
+  };
+}
+function csvEscape(v) {
+  const s = String(v == null ? "" : v);
+  if (/[",\n]/.test(s)) return `"${s.replace(/"/g, '""')}"`;
+  return s;
+}
+function toCsv(events) {
+  const headers = [
+    "event_id",
+    "session_id",
+    "repo_id",
+    "project_id",
+    "user_id",
+    "timestamp",
+    "category",
+    "reason_code",
+    "measured_value",
+    "estimated_counterfactual_value",
+    "confidence_score",
+    "platform",
+    "event_name",
+    "action",
+    "tool",
+  ];
+  const lines = [headers.join(",")];
+  (events || []).forEach((e) => {
+    const row = headers.map((h) => csvEscape(e[h]));
+    lines.push(row.join(","));
+  });
+  return lines.join("\n") + "\n";
+}
+function exportOutcomeEvents(cwd, options = {}) {
+  const events = Array.isArray(options.events) ? options.events : readOutcomeEvents(cwd);
+  const ts = nowIso().replace(/[:.]/g, "-");
+  const jsonRel = path.posix.join(OUTCOME_EXPORTS_REL, `outcomes-${ts}.json`);
+  const csvRel = path.posix.join(OUTCOME_EXPORTS_REL, `outcomes-${ts}.csv`);
+  const jsonAbs = path.join(cwd, jsonRel);
+  const csvAbs = path.join(cwd, csvRel);
+  ensureDirFor(jsonAbs);
+  fs.writeFileSync(jsonAbs, JSON.stringify({
+    version: 2,
+    generatedAt: nowIso(),
+    count: events.length,
+    aggregation: aggregateOutcomeEvents(events, { days: Number(options.days || 7) }),
+    events,
+  }, null, 2), "utf8");
+  ensureDirFor(csvAbs);
+  fs.writeFileSync(csvAbs, toCsv(events), "utf8");
+  return { jsonRel, csvRel, count: events.length };
+}
+function buildUnifiedEventEnvelope(params) {
+  const metric = params?.metric || {};
+  const platform = params?.platform || "claude";
+  const projectId = params?.projectId || "unknown-project";
+  return {
+    version: 1,
+    platform,
+    eventName: metric.event || "UnknownEvent",
+    sessionId: metric.sessionId || "unknown",
+    repoId: projectId,
+    ts: metric.ts || nowIso(),
+    signals: {
+      tool: metric.tool || null,
+      action: metric.action || null,
+      meta: metric.meta || {},
+    },
+    reasonCodes: metric.reasonCodes || [],
+    confidence: confidenceFromReasonCodes(metric.reasonCodes || []),
+  };
+}
+function appendUnifiedEvents(cwd, envelopes) {
+  const abs = path.join(cwd, OUTBOX_REL);
+  appendJsonl(abs, envelopes || []);
+  return abs;
+}
+function buildUnifiedBenefitRecord(params) {
+  const weekly = params?.weekly || {};
+  const platform = params?.platform || "claude";
+  const savings = weekly.savingsFirstSummary || {};
+  return {
+    version: 1,
+    sourcePlatform: platform,
+    minutesSavedEstimate: Number(savings.estimatedMinutesSaved || 0),
+    riskEventsPrevented: Number(weekly.riskyIntercepts || 0),
+    contextPressureDelta: -1 * Number(savings.outputsTrimmed || weekly.largeOutputsStored || 0),
+    confidenceLabel: savings.confidenceLabel || (Number(weekly.sessions || 0) >= 5 ? "medium" : "low"),
+  };
+}
+function readOutbox(cwd) {
+  const abs = path.join(cwd, OUTBOX_REL);
+  return parseJsonl(abs);
+}
+module.exports = {
+  OUTBOX_REL,
+  OUTCOME_EVENTS_REL,
+  OUTCOME_EXPORTS_REL,
+  confidenceFromReasonCodes,
+  buildOutcomeEvent,
+  appendOutcomeEvents,
+  readOutcomeEvents,
+  aggregateOutcomeEvents,
+  exportOutcomeEvents,
+  buildUnifiedEventEnvelope,
+  buildUnifiedBenefitRecord,
+  appendUnifiedEvents,
+  readOutbox,
+};