npm - claude-crap - Versions diffs - 0.1.2 → 0.3.0 - Mend

claude-crap 0.1.2 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (45) hide show

package/CHANGELOG.md +68 -0
package/README.md +44 -23
package/dist/index.js +142 -1
package/dist/index.js.map +1 -1
package/dist/scanner/auto-scan.d.ts +57 -0
package/dist/scanner/auto-scan.d.ts.map +1 -0
package/dist/scanner/auto-scan.js +138 -0
package/dist/scanner/auto-scan.js.map +1 -0
package/dist/scanner/bootstrap.d.ts +89 -0
package/dist/scanner/bootstrap.d.ts.map +1 -0
package/dist/scanner/bootstrap.js +278 -0
package/dist/scanner/bootstrap.js.map +1 -0
package/dist/scanner/detector.d.ts +53 -0
package/dist/scanner/detector.d.ts.map +1 -0
package/dist/scanner/detector.js +173 -0
package/dist/scanner/detector.js.map +1 -0
package/dist/scanner/index.d.ts +23 -0
package/dist/scanner/index.d.ts.map +1 -0
package/dist/scanner/index.js +23 -0
package/dist/scanner/index.js.map +1 -0
package/dist/scanner/runner.d.ts +59 -0
package/dist/scanner/runner.d.ts.map +1 -0
package/dist/scanner/runner.js +159 -0
package/dist/scanner/runner.js.map +1 -0
package/dist/schemas/tool-schemas.d.ts +23 -0
package/dist/schemas/tool-schemas.d.ts.map +1 -1
package/dist/schemas/tool-schemas.js +23 -0
package/dist/schemas/tool-schemas.js.map +1 -1
package/package.json +5 -1
package/plugin/.claude-plugin/plugin.json +1 -1
package/plugin/bundle/mcp-server.mjs +732 -0
package/plugin/bundle/mcp-server.mjs.map +4 -4
package/plugin/package.json +1 -1
package/src/index.ts +176 -0
package/src/scanner/auto-scan.ts +212 -0
package/src/scanner/bootstrap.ts +383 -0
package/src/scanner/detector.ts +224 -0
package/src/scanner/index.ts +30 -0
package/src/scanner/runner.ts +212 -0
package/src/schemas/tool-schemas.ts +27 -0
package/src/tests/auto-scan.test.ts +137 -0
package/src/tests/integration/mcp-server.integration.test.ts +3 -1
package/src/tests/scanner-bootstrap.test.ts +186 -0
package/src/tests/scanner-detector.test.ts +181 -0
package/src/tests/scanner-runner.test.ts +63 -0

package/plugin/bundle/mcp-server.mjs CHANGED Viewed

@@ -8083,6 +8083,586 @@ function resolveWithinWorkspace(workspaceRoot, filePath) {
   return candidate;
 }
+// src/scanner/detector.ts
+import { existsSync, readFileSync as readFileSync2 } from "node:fs";
+import { join as join6 } from "node:path";
+import { execFile } from "node:child_process";
+var SCANNER_SIGNALS = {
+  eslint: {
+    configFiles: [
+      "eslint.config.js",
+      "eslint.config.mjs",
+      "eslint.config.cjs",
+      "eslint.config.ts",
+      "eslint.config.mts",
+      "eslint.config.cts",
+      ".eslintrc.js",
+      ".eslintrc.cjs",
+      ".eslintrc.yaml",
+      ".eslintrc.yml",
+      ".eslintrc.json"
+    ],
+    packageJsonKeys: ["eslint"],
+    binaryNames: ["eslint"]
+  },
+  semgrep: {
+    configFiles: [
+      ".semgrep.yml",
+      ".semgrep.yaml",
+      ".semgrep.json"
+    ],
+    packageJsonKeys: [],
+    binaryNames: ["semgrep"]
+  },
+  bandit: {
+    configFiles: [
+      ".bandit",
+      "bandit.yaml",
+      "bandit.yml"
+    ],
+    packageJsonKeys: [],
+    binaryNames: ["bandit"]
+  },
+  stryker: {
+    configFiles: [
+      "stryker.conf.js",
+      "stryker.conf.mjs",
+      "stryker.conf.cjs",
+      "stryker.conf.json",
+      ".strykerrc",
+      ".strykerrc.json"
+    ],
+    packageJsonKeys: ["@stryker-mutator/core"],
+    binaryNames: ["stryker"]
+  }
+};
+function probeConfigFiles(workspaceRoot, scanner) {
+  const signals = SCANNER_SIGNALS[scanner];
+  for (const file of signals.configFiles) {
+    const fullPath = join6(workspaceRoot, file);
+    if (existsSync(fullPath)) {
+      return { found: true, path: fullPath };
+    }
+  }
+  return { found: false };
+}
+function probePackageJson(workspaceRoot, scanner) {
+  const signals = SCANNER_SIGNALS[scanner];
+  if (signals.packageJsonKeys.length === 0) return false;
+  const pkgPath = join6(workspaceRoot, "package.json");
+  if (!existsSync(pkgPath)) return false;
+  try {
+    const raw = readFileSync2(pkgPath, "utf-8");
+    const pkg = JSON.parse(raw);
+    const deps = {
+      ...typeof pkg.dependencies === "object" && pkg.dependencies !== null ? pkg.dependencies : {},
+      ...typeof pkg.devDependencies === "object" && pkg.devDependencies !== null ? pkg.devDependencies : {}
+    };
+    return signals.packageJsonKeys.some((key) => key in deps);
+  } catch {
+    return false;
+  }
+}
+function probeBinary(binaryName) {
+  return new Promise((resolve6) => {
+    execFile("which", [binaryName], { timeout: 5e3 }, (err) => {
+      resolve6(err === null);
+    });
+  });
+}
+async function detectScanners(workspaceRoot) {
+  const scanners = ["eslint", "semgrep", "bandit", "stryker"];
+  const results = await Promise.all(
+    scanners.map(async (scanner) => {
+      const configProbe = probeConfigFiles(workspaceRoot, scanner);
+      if (configProbe.found && configProbe.path) {
+        return {
+          scanner,
+          available: true,
+          reason: `config file found: ${configProbe.path.replace(workspaceRoot + "/", "")}`,
+          configPath: configProbe.path
+        };
+      }
+      if (probePackageJson(workspaceRoot, scanner)) {
+        return {
+          scanner,
+          available: true,
+          reason: `found in package.json dependencies`
+        };
+      }
+      const signals = SCANNER_SIGNALS[scanner];
+      for (const bin of signals.binaryNames) {
+        if (await probeBinary(bin)) {
+          return {
+            scanner,
+            available: true,
+            reason: `binary "${bin}" found on PATH`
+          };
+        }
+      }
+      return {
+        scanner,
+        available: false,
+        reason: "no config file, package.json entry, or binary found"
+      };
+    })
+  );
+  return results;
+}
+// src/scanner/runner.ts
+import { execFile as execFile2 } from "node:child_process";
+import { readFileSync as readFileSync3, existsSync as existsSync2 } from "node:fs";
+import { join as join7 } from "node:path";
+function getScannerCommand(scanner, workspaceRoot) {
+  switch (scanner) {
+    case "eslint":
+      return {
+        command: "npx",
+        args: ["eslint", "-f", "json", "."],
+        timeoutMs: 12e4,
+        nonZeroIsNormal: true
+      };
+    case "semgrep":
+      return {
+        command: "semgrep",
+        args: ["--sarif", "--quiet", "."],
+        timeoutMs: 12e4,
+        nonZeroIsNormal: false
+      };
+    case "bandit":
+      return {
+        command: "bandit",
+        args: ["-f", "json", "-r", ".", "-q"],
+        timeoutMs: 12e4,
+        nonZeroIsNormal: true
+      };
+    case "stryker":
+      return {
+        command: "npx",
+        args: ["stryker", "run"],
+        timeoutMs: 3e5,
+        nonZeroIsNormal: false,
+        outputFile: join7(workspaceRoot, "reports", "mutation", "mutation.json")
+      };
+  }
+}
+function runScanner(scanner, workspaceRoot) {
+  const start = Date.now();
+  const cmd = getScannerCommand(scanner, workspaceRoot);
+  return new Promise((resolve6) => {
+    execFile2(
+      cmd.command,
+      cmd.args,
+      {
+        cwd: workspaceRoot,
+        timeout: cmd.timeoutMs,
+        maxBuffer: 50 * 1024 * 1024,
+        // 50 MB — large codebases produce verbose output
+        env: { ...process.env, FORCE_COLOR: "0" }
+        // suppress ANSI in output
+      },
+      (err, stdout, stderr) => {
+        const durationMs = Date.now() - start;
+        if (err && !cmd.nonZeroIsNormal) {
+          if (cmd.outputFile && existsSync2(cmd.outputFile)) {
+            try {
+              const fileOutput = readFileSync3(cmd.outputFile, "utf-8");
+              resolve6({
+                scanner,
+                success: true,
+                rawOutput: fileOutput,
+                durationMs
+              });
+              return;
+            } catch {
+            }
+          }
+          resolve6({
+            scanner,
+            success: false,
+            rawOutput: "",
+            error: stderr || err.message,
+            durationMs
+          });
+          return;
+        }
+        if (cmd.outputFile) {
+          if (existsSync2(cmd.outputFile)) {
+            try {
+              const fileOutput = readFileSync3(cmd.outputFile, "utf-8");
+              resolve6({
+                scanner,
+                success: true,
+                rawOutput: fileOutput,
+                durationMs
+              });
+              return;
+            } catch (readErr) {
+              resolve6({
+                scanner,
+                success: false,
+                rawOutput: "",
+                error: `Failed to read output file: ${readErr.message}`,
+                durationMs
+              });
+              return;
+            }
+          }
+          resolve6({
+            scanner,
+            success: false,
+            rawOutput: "",
+            error: `Scanner completed but output file not found: ${cmd.outputFile}`,
+            durationMs
+          });
+          return;
+        }
+        const output = stdout.trim();
+        if (!output) {
+          resolve6({
+            scanner,
+            success: true,
+            rawOutput: "[]",
+            // ESLint returns empty when no files match
+            durationMs
+          });
+          return;
+        }
+        resolve6({
+          scanner,
+          success: true,
+          rawOutput: output,
+          durationMs
+        });
+      }
+    );
+  });
+}
+// src/scanner/auto-scan.ts
+function ingestScannerRun(scanner, rawOutput, sarifStore) {
+  let parsed;
+  try {
+    parsed = JSON.parse(rawOutput);
+  } catch {
+    parsed = rawOutput;
+  }
+  const adapted = adaptScannerOutput(scanner, parsed);
+  const stats = sarifStore.ingestRun(adapted.document, adapted.sourceTool);
+  return { accepted: stats.accepted };
+}
+async function autoScan(workspaceRoot, sarifStore, logger2) {
+  const start = Date.now();
+  const detected = await detectScanners(workspaceRoot);
+  const available = detected.filter((d) => d.available);
+  logger2.info(
+    {
+      detected: detected.map((d) => `${d.scanner}:${d.available}`),
+      available: available.length
+    },
+    "auto-scan: detection complete"
+  );
+  if (available.length === 0) {
+    return {
+      detected,
+      results: [],
+      totalFindings: 0,
+      totalDurationMs: Date.now() - start
+    };
+  }
+  const runResults = await Promise.allSettled(
+    available.map((d) => runScanner(d.scanner, workspaceRoot))
+  );
+  const results = [];
+  let totalFindings = 0;
+  let persistNeeded = false;
+  for (let i = 0; i < available.length; i++) {
+    const detection = available[i];
+    const settled = runResults[i];
+    if (settled.status === "rejected") {
+      const error = String(settled.reason);
+      logger2.warn(
+        { scanner: detection.scanner, error },
+        "auto-scan: scanner execution rejected"
+      );
+      results.push({
+        scanner: detection.scanner,
+        success: false,
+        findingsIngested: 0,
+        durationMs: 0,
+        error
+      });
+      continue;
+    }
+    const runResult = settled.value;
+    if (!runResult.success) {
+      logger2.warn(
+        { scanner: runResult.scanner, error: runResult.error },
+        "auto-scan: scanner returned failure"
+      );
+      results.push({
+        scanner: runResult.scanner,
+        success: false,
+        findingsIngested: 0,
+        durationMs: runResult.durationMs,
+        error: runResult.error ?? "unknown error"
+      });
+      continue;
+    }
+    try {
+      const { accepted } = ingestScannerRun(
+        runResult.scanner,
+        runResult.rawOutput,
+        sarifStore
+      );
+      totalFindings += accepted;
+      persistNeeded = true;
+      logger2.info(
+        { scanner: runResult.scanner, accepted, durationMs: runResult.durationMs },
+        "auto-scan: scanner ingested"
+      );
+      results.push({
+        scanner: runResult.scanner,
+        success: true,
+        findingsIngested: accepted,
+        durationMs: runResult.durationMs
+      });
+    } catch (err) {
+      const error = err.message;
+      logger2.warn(
+        { scanner: runResult.scanner, error },
+        "auto-scan: adapter/ingestion failed"
+      );
+      results.push({
+        scanner: runResult.scanner,
+        success: false,
+        findingsIngested: 0,
+        durationMs: runResult.durationMs,
+        error
+      });
+    }
+  }
+  if (persistNeeded) {
+    await sarifStore.persist();
+  }
+  return {
+    detected,
+    results,
+    totalFindings,
+    totalDurationMs: Date.now() - start
+  };
+}
+// src/scanner/bootstrap.ts
+import { existsSync as existsSync3, writeFileSync, readdirSync } from "node:fs";
+import { join as join8 } from "node:path";
+import { execFile as execFile3 } from "node:child_process";
+function detectProjectType(workspaceRoot) {
+  const has = (file) => existsSync3(join8(workspaceRoot, file));
+  if (has("package.json")) {
+    if (has("tsconfig.json")) return "typescript";
+    return "javascript";
+  }
+  if (has("pyproject.toml") || has("setup.py") || has("requirements.txt")) {
+    return "python";
+  }
+  if (has("pom.xml") || has("build.gradle") || has("build.gradle.kts")) {
+    return "java";
+  }
+  if (has("Directory.Build.props")) return "csharp";
+  try {
+    const entries = readdirSync(workspaceRoot);
+    if (entries.some((e) => e.endsWith(".csproj") || e.endsWith(".sln"))) {
+      return "csharp";
+    }
+  } catch {
+  }
+  return "unknown";
+}
+function generateEslintConfig(isTypeScript) {
+  if (isTypeScript) {
+    return `import js from "@eslint/js";
+import tseslint from "typescript-eslint";
+export default tseslint.config(
+  js.configs.recommended,
+  ...tseslint.configs.recommended,
+  {
+    ignores: ["dist/", "node_modules/", "coverage/"],
+  },
+);
+`;
+  }
+  return `import js from "@eslint/js";
+export default [
+  js.configs.recommended,
+  {
+    ignores: ["dist/", "node_modules/", "coverage/"],
+  },
+];
+`;
+}
+function npmInstall(workspaceRoot, packages) {
+  return new Promise((resolve6) => {
+    execFile3(
+      "npm",
+      ["install", "--save-dev", ...packages],
+      {
+        cwd: workspaceRoot,
+        timeout: 12e4,
+        env: { ...process.env, FORCE_COLOR: "0" }
+      },
+      (err, stdout, stderr) => {
+        if (err) {
+          resolve6({
+            action: `npm install --save-dev ${packages.join(" ")}`,
+            success: false,
+            detail: stderr || err.message
+          });
+          return;
+        }
+        resolve6({
+          action: `npm install --save-dev ${packages.join(" ")}`,
+          success: true,
+          detail: `installed ${packages.join(", ")}`
+        });
+      }
+    );
+  });
+}
+function writeEslintConfigFile(workspaceRoot, isTypeScript) {
+  const configPath = join8(workspaceRoot, "eslint.config.mjs");
+  if (existsSync3(configPath)) {
+    return {
+      action: "create eslint.config.mjs",
+      success: true,
+      detail: "eslint.config.mjs already exists \u2014 skipped"
+    };
+  }
+  try {
+    writeFileSync(configPath, generateEslintConfig(isTypeScript), "utf-8");
+    return {
+      action: "create eslint.config.mjs",
+      success: true,
+      detail: `created eslint.config.mjs (${isTypeScript ? "TypeScript" : "JavaScript"} template)`
+    };
+  } catch (err) {
+    return {
+      action: "create eslint.config.mjs",
+      success: false,
+      detail: err.message
+    };
+  }
+}
+function getRecommendation(projectType) {
+  switch (projectType) {
+    case "javascript":
+    case "typescript":
+      return {
+        scanner: "eslint",
+        canAutoInstall: true,
+        installInstructions: "npm install --save-dev eslint @eslint/js"
+      };
+    case "python":
+      return {
+        scanner: "bandit",
+        canAutoInstall: false,
+        installInstructions: "pip install bandit  (or: pipx install bandit, poetry add --group dev bandit)"
+      };
+    case "java":
+    case "csharp":
+      return {
+        scanner: "semgrep",
+        canAutoInstall: false,
+        installInstructions: "brew install semgrep  (or: pip install semgrep, pipx install semgrep)"
+      };
+    case "unknown":
+      return {
+        scanner: "semgrep",
+        canAutoInstall: false,
+        installInstructions: "brew install semgrep  (or: pip install semgrep, pipx install semgrep)"
+      };
+  }
+}
+async function bootstrapScanner(workspaceRoot, sarifStore, logger2) {
+  const detections = await detectScanners(workspaceRoot);
+  const available = detections.filter((d) => d.available);
+  if (available.length > 0) {
+    const existingScanners = available.map((d) => d.scanner);
+    logger2.info(
+      { existingScanners },
+      "bootstrap: scanner(s) already configured \u2014 skipping"
+    );
+    return {
+      projectType: detectProjectType(workspaceRoot),
+      alreadyConfigured: true,
+      existingScanners,
+      steps: [],
+      autoScanResult: null,
+      success: true,
+      summary: `Scanner(s) already configured: ${existingScanners.join(", ")}. Run auto_scan to ingest findings.`
+    };
+  }
+  const projectType = detectProjectType(workspaceRoot);
+  const recommendation = getRecommendation(projectType);
+  const steps = [];
+  logger2.info(
+    { projectType, scanner: recommendation.scanner },
+    "bootstrap: detected project type"
+  );
+  if (recommendation.canAutoInstall) {
+    const isTypeScript = projectType === "typescript";
+    const packages = isTypeScript ? ["eslint", "@eslint/js", "typescript-eslint"] : ["eslint", "@eslint/js"];
+    const installStep = await npmInstall(workspaceRoot, packages);
+    steps.push(installStep);
+    if (installStep.success) {
+      const configStep = writeEslintConfigFile(workspaceRoot, isTypeScript);
+      steps.push(configStep);
+    }
+  } else {
+    steps.push({
+      action: `suggest ${recommendation.scanner} install`,
+      success: true,
+      detail: recommendation.installInstructions
+    });
+  }
+  const installSucceeded = steps.every((s) => s.success);
+  let autoScanResult = null;
+  if (installSucceeded && recommendation.canAutoInstall) {
+    try {
+      autoScanResult = await autoScan(workspaceRoot, sarifStore, logger2);
+    } catch (err) {
+      logger2.warn(
+        { err: err.message },
+        "bootstrap: auto_scan after install failed"
+      );
+    }
+  }
+  const findings = autoScanResult?.totalFindings ?? 0;
+  const scannerInstalled = recommendation.canAutoInstall && installSucceeded;
+  let summary;
+  if (scannerInstalled && autoScanResult) {
+    summary = `Installed ${recommendation.scanner} for ${projectType} project. Auto-scan found ${findings} finding(s).`;
+  } else if (scannerInstalled) {
+    summary = `Installed ${recommendation.scanner} for ${projectType} project. Auto-scan did not run.`;
+  } else if (!recommendation.canAutoInstall) {
+    summary = `Detected ${projectType} project. Install ${recommendation.scanner} manually: ${recommendation.installInstructions}`;
+  } else {
+    summary = `Failed to install ${recommendation.scanner}. Check the error details in the steps.`;
+  }
+  return {
+    projectType,
+    alreadyConfigured: false,
+    existingScanners: [],
+    steps,
+    autoScanResult,
+    success: installSucceeded,
+    summary
+  };
+}
 // src/schemas/tool-schemas.ts
 var computeCrapSchema = {
   type: "object",
@@ -8210,6 +8790,20 @@ var ingestScannerOutputSchema = {
   required: ["scanner", "rawOutput"],
   additionalProperties: false
 };
+var bootstrapScannerSchema = {
+  type: "object",
+  description: "Detect the project type (JavaScript, TypeScript, Python, Java, C#), install the appropriate scanner (ESLint for JS/TS, Bandit for Python, Semgrep for Java/C#), create a minimal config file, and run auto_scan to verify. Skips installation if a scanner is already configured. Use this when auto_scan finds no scanners and quality grades are vacuously A.",
+  properties: {},
+  required: [],
+  additionalProperties: false
+};
+var autoScanSchema = {
+  type: "object",
+  description: "Auto-detect available scanners (ESLint, Semgrep, Bandit, Stryker) in the workspace, execute them, and ingest findings into the SARIF store. Returns detection results, per-scanner execution stats, and total findings ingested. Call this to populate findings without manual scanner invocation.",
+  properties: {},
+  required: [],
+  additionalProperties: false
+};
 var ingestSarifSchema = {
   type: "object",
   description: "Ingest a raw SARIF 2.1.0 report produced by an external scanner (Semgrep, ESLint, Bandit, Stryker, etc.), deduplicate it against the internal store, and return the normalized document. The agent should call this once per scanner invocation, not once per finding.",
@@ -8329,6 +8923,16 @@ async function main() {
         name: "score_project",
         description: "Aggregate the project score across Maintainability, Reliability, Security and Overall, returning a chat-friendly Markdown summary, the structured JSON, the local dashboard URL, and the consolidated SARIF report path.",
         inputSchema: scoreProjectSchema
+      },
+      {
+        name: "auto_scan",
+        description: "Auto-detect available scanners (ESLint, Semgrep, Bandit, Stryker) in the workspace, run them, and ingest findings into the SARIF store.",
+        inputSchema: autoScanSchema
+      },
+      {
+        name: "bootstrap_scanner",
+        description: "Detect project type, install the right scanner (ESLint for JS/TS, Bandit for Python, Semgrep for Java/C#), create minimal config, and run auto_scan to verify.",
+        inputSchema: bootstrapScannerSchema
       }
     ]
   }));
@@ -8610,6 +9214,63 @@ async function main() {
           };
         }
       }
+      case "bootstrap_scanner": {
+        logger.info({ tool: "bootstrap_scanner" }, "Tool call received");
+        try {
+          const result = await bootstrapScanner(config.pluginRoot, sarifStore, logger);
+          const markdown = renderBootstrapMarkdown(result);
+          return {
+            content: [
+              { type: "text", text: markdown },
+              { type: "text", text: JSON.stringify(result, null, 2) }
+            ],
+            isError: !result.success
+          };
+        } catch (err) {
+          logger.error({ err }, "bootstrap_scanner failed");
+          return {
+            content: [
+              {
+                type: "text",
+                text: JSON.stringify(
+                  { tool: "bootstrap_scanner", status: "error", message: err.message },
+                  null,
+                  2
+                )
+              }
+            ],
+            isError: true
+          };
+        }
+      }
+      case "auto_scan": {
+        logger.info({ tool: "auto_scan" }, "Tool call received");
+        try {
+          const result = await autoScan(config.pluginRoot, sarifStore, logger);
+          const markdown = renderAutoScanMarkdown(result);
+          return {
+            content: [
+              { type: "text", text: markdown },
+              { type: "text", text: JSON.stringify(result, null, 2) }
+            ]
+          };
+        } catch (err) {
+          logger.error({ err }, "auto_scan failed");
+          return {
+            content: [
+              {
+                type: "text",
+                text: JSON.stringify(
+                  { tool: "auto_scan", status: "error", message: err.message },
+                  null,
+                  2
+                )
+              }
+            ],
+            isError: true
+          };
+        }
+      }
       default:
         throw new Error(`[claude-crap] Unknown tool: ${name}`);
     }
@@ -8661,6 +9322,77 @@ async function main() {
   const transport = new StdioServerTransport();
   await server.connect(transport);
   logger.info("claude-crap MCP server ready (stdio)");
+  autoScan(config.pluginRoot, sarifStore, logger).then((result) => {
+    const scanners = result.results.filter((r) => r.success).map((r) => r.scanner);
+    logger.info(
+      {
+        scannersRun: scanners,
+        totalFindings: result.totalFindings,
+        durationMs: result.totalDurationMs
+      },
+      "auto-scan completed"
+    );
+  }).catch((err) => {
+    logger.warn(
+      { err: err.message },
+      "auto-scan failed \u2014 continuing without it"
+    );
+  });
+}
+function renderBootstrapMarkdown(result) {
+  const lines = ["## claude-crap :: bootstrap scanner\n"];
+  lines.push(`**Project type:** ${result.projectType}`);
+  if (result.alreadyConfigured) {
+    lines.push(`**Status:** Scanner(s) already configured: ${result.existingScanners.join(", ")}`);
+    lines.push("\nNo installation needed. Run `auto_scan` to ingest findings.");
+    return lines.join("\n");
+  }
+  lines.push("");
+  if (result.steps.length > 0) {
+    lines.push("### Steps\n");
+    lines.push("| Action | Status | Detail |");
+    lines.push("| ------ | :----: | ------ |");
+    for (const s of result.steps) {
+      const status = s.success ? "ok" : "failed";
+      lines.push(`| ${s.action} | ${status} | ${s.detail} |`);
+    }
+    lines.push("");
+  }
+  if (result.autoScanResult) {
+    const r = result.autoScanResult;
+    const scanners = r.results.filter((s) => s.success).map((s) => s.scanner);
+    lines.push(
+      `**Auto-scan:** ${r.totalFindings} finding(s) ingested from ${scanners.join(", ") || "no scanners"} in ${(r.totalDurationMs / 1e3).toFixed(1)}s`
+    );
+    lines.push("");
+  }
+  lines.push(`**Summary:** ${result.summary}`);
+  return lines.join("\n");
+}
+function renderAutoScanMarkdown(result) {
+  const lines = ["## claude-crap :: auto-scan results\n"];
+  lines.push("### Detected scanners\n");
+  lines.push("| Scanner | Available | Reason |");
+  lines.push("| ------- | :-------: | ------ |");
+  for (const d of result.detected) {
+    lines.push(`| ${d.scanner} | ${d.available ? "yes" : "no"} | ${d.reason} |`);
+  }
+  lines.push("");
+  if (result.results.length > 0) {
+    lines.push("### Execution results\n");
+    lines.push("| Scanner | Status | Findings | Duration |");
+    lines.push("| ------- | :----: | :------: | -------: |");
+    for (const r of result.results) {
+      const status = r.success ? "ok" : "failed";
+      const duration = `${(r.durationMs / 1e3).toFixed(1)}s`;
+      lines.push(`| ${r.scanner} | ${status} | ${r.findingsIngested} | ${duration} |`);
+    }
+    lines.push("");
+  }
+  lines.push(
+    `**Total findings ingested:** ${result.totalFindings} in ${(result.totalDurationMs / 1e3).toFixed(1)}s`
+  );
+  return lines.join("\n");
 }
 function safeLoadStrictness(workspaceRoot, logger2) {
   try {