codeslick-cli 1.2.0 → 1.2.2

package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.js

@@ -21,21 +21,87 @@ exports.detectRedundantNullChecks = detectRedundantNullChecks;
 exports.detectUnnecessaryAsync = detectUnnecessaryAsync;
 exports.detectGenericVariableOveruse = detectGenericVariableOveruse;
 exports.detectInconsistentStringConcatenation = detectInconsistentStringConcatenation;
+exports.detectVerboseDocstrings = detectVerboseDocstrings;
+exports.detectDefensiveNullChecks = detectDefensiveNullChecks;
+exports.detectExcessiveTryCatch = detectExcessiveTryCatch;
+exports.detectHelperFunctionProliferation = detectHelperFunctionProliferation;
+exports.detectOverlyDescriptiveNames = detectOverlyDescriptiveNames;
+exports.detectPrematureOptimizationComments = detectPrematureOptimizationComments;
+exports.detectDetailedTodoMarkers = detectDetailedTodoMarkers;
+exports.detectTypeAnnotationOveruse = detectTypeAnnotationOveruse;
+exports.detectBoilerplateComments = detectBoilerplateComments;
+exports.detectPlaceholderTodos = detectPlaceholderTodos;
+exports.detectGenericFunctionNames = detectGenericFunctionNames;
+exports.detectPlaceholderConstants = detectPlaceholderConstants;
+exports.detectUnusualImportOrdering = detectUnusualImportOrdering;
+exports.detectCopilotMarkers = detectCopilotMarkers;
+exports.detectExcessiveTypeAssertions = detectExcessiveTypeAssertions;
+exports.detectDetailedExplanatoryComments = detectDetailedExplanatoryComments;
+exports.detectCustomErrorClasses = detectCustomErrorClasses;
+exports.detectExtensiveInputValidation = detectExtensiveInputValidation;
+exports.detectDescriptiveHelperFunctions = detectDescriptiveHelperFunctions;
+exports.detectStructuredReturnObjects = detectStructuredReturnObjects;
+exports.detectAICommandMarkers = detectAICommandMarkers;
+exports.detectDiffStyleComments = detectDiffStyleComments;
+exports.detectTabCompletionArtifacts = detectTabCompletionArtifacts;
+exports.detectContextWindowLeakage = detectContextWindowLeakage;
+exports.detectOverGenericExports = detectOverGenericExports;
+exports.detectUnusedImportCleanup = detectUnusedImportCleanup;
+exports.detectPlaceholderErrorMessages = detectPlaceholderErrorMessages;
+exports.detectInlineDocumentationOverload = detectInlineDocumentationOverload;
+exports.detectZeroEdgeCases = detectZeroEdgeCases;
+exports.detectUniformIndentation = detectUniformIndentation;
+exports.detectTextbookVariableNames = detectTextbookVariableNames;
+exports.detectNoCommentsWithPerfectStructure = detectNoCommentsWithPerfectStructure;
+exports.detectExcessiveParameterValidation = detectExcessiveParameterValidation;
 exports.calculateAICodeConfidence = calculateAICodeConfidence;
 exports.isTestFile = isTestFile;
 exports.removeCommentsAndStrings = removeCommentsAndStrings;
 /**
- * Heuristic weights (sum = 1.0)
+ * Heuristic weights (sum = 1.0) - Now 13 heuristics
  */
 const HEURISTIC_WEIGHTS = {
-    overEngineeredErrors: 0.15,
-    unnecessaryWrappers: 0.12,
-    verboseComments: 0.10,
-    mixedNaming: 0.13,
-    redundantNullChecks: 0.15,
-    unnecessaryAsync: 0.12,
-    genericVariables: 0.10,
-    inconsistentStrings: 0.13,
+    // Original 8 heuristics (slightly reduced weights)
+    overEngineeredErrors: 0.10,
+    unnecessaryWrappers: 0.08,
+    verboseComments: 0.07,
+    mixedNaming: 0.09,
+    redundantNullChecks: 0.10,
+    unnecessaryAsync: 0.08,
+    genericVariables: 0.07,
+    inconsistentStrings: 0.09,
+    // "Perfect code" heuristics (5 new patterns - 32% total)
+    zeroEdgeCases: 0.08,
+    uniformIndentation: 0.07,
+    textbookVariableNames: 0.07,
+    noCommentsWithPerfectStructure: 0.05,
+    excessiveParameterValidation: 0.05,
+};
+/**
+ * LLM fingerprint weights for GPT-4 (sum = 1.0)
+ */
+const GPT4_FINGERPRINT_WEIGHTS = {
+    verboseDocstrings: 0.15,
+    defensiveNullChecks: 0.12,
+    excessiveTryCatch: 0.15,
+    helperFunctionProliferation: 0.13,
+    overlyDescriptiveNames: 0.10,
+    prematureOptimizationComments: 0.10,
+    detailedTodoMarkers: 0.10,
+    typeAnnotationOveruse: 0.15,
+};
+/**
+ * LLM fingerprint weights for Cursor (sum = 1.0)
+ */
+const CURSOR_FINGERPRINT_WEIGHTS = {
+    aiCommandMarkers: 0.15,
+    diffStyleComments: 0.12,
+    tabCompletionArtifacts: 0.15,
+    contextWindowLeakage: 0.10,
+    overGenericExports: 0.10,
+    unusedImportCleanup: 0.13,
+    placeholderErrorMessages: 0.13,
+    inlineDocumentationOverload: 0.12,
 };
 /**
  * 1. Detect over-engineered error handling
@@ -290,41 +356,1060 @@ function detectInconsistentStringConcatenation(lines) {
     return totalFunctions > 0 ? Math.min(inconsistentFunctions / totalFunctions, 1.0) : 0;
 }
 /**
- * Calculate confidence score from hallucination count and heuristic scores
+ * ====================
+ * LLM FINGERPRINT DETECTORS (Week 2)
+ * ====================
+ */
+/**
+ * GPT-4 Fingerprint #1: Verbose docstrings
+ * Pattern: JSDoc/docstring with >5 lines and @param/@returns for trivial functions
+ */
+function detectVerboseDocstrings(lines) {
+    let verboseDocCount = 0;
+    let totalDocs = 0;
+    let inDocstring = false;
+    let docstringLines = 0;
+    let docstringStart = -1;
+    let docstringType = ''; // '/**' or '"""'
+    for (let i = 0; i < lines.length; i++) {
+        const trimmed = lines[i].trim();
+        // If already in docstring, check for end first
+        if (inDocstring) {
+            docstringLines++;
+            // Detect docstring end
+            const isJSDocEnd = docstringType === '/**' && trimmed.endsWith('*/');
+            const isPythonDocEnd = docstringType === '"""' && trimmed.endsWith('"""') && i > docstringStart;
+            if (isJSDocEnd || isPythonDocEnd) {
+                inDocstring = false;
+                // Check if next line is a trivial function
+                let nextFunctionLine = i + 1;
+                while (nextFunctionLine < lines.length && lines[nextFunctionLine].trim() === '') {
+                    nextFunctionLine++;
+                }
+                if (nextFunctionLine < lines.length) {
+                    const functionDecl = lines[nextFunctionLine].trim();
+                    // Check if trivial function (one-liner or simple return on next line)
+                    const isJSOneLiner = functionDecl.match(/^function\s+\w+\s*\([^)]*\)\s*{\s*return/);
+                    const isPythonOneLiner = functionDecl.match(/^def\s+\w+\([^)]*\):\s*return/);
+                    // Check if it's a function declaration followed by a simple return statement
+                    let isSimpleReturn = false;
+                    if (functionDecl.match(/^function\s+\w+\s*\([^)]*\)\s*{/) && nextFunctionLine + 1 < lines.length) {
+                        const nextLine = lines[nextFunctionLine + 1].trim();
+                        isSimpleReturn = nextLine.startsWith('return ');
+                    }
+                    const isTrivialFunction = isJSOneLiner || isPythonOneLiner || isSimpleReturn;
+                    // Verbose = >5 lines of docs for trivial function
+                    if (docstringLines > 5 && isTrivialFunction) {
+                        verboseDocCount++;
+                    }
+                }
+            }
+        }
+        else {
+            // Not in docstring, check for start (/** or """)
+            if (trimmed.startsWith('/**')) {
+                inDocstring = true;
+                docstringStart = i;
+                docstringLines = 0;
+                docstringType = '/**';
+                totalDocs++;
+            }
+            else if (trimmed.startsWith('"""') || trimmed === '"""') {
+                inDocstring = true;
+                docstringStart = i;
+                docstringLines = 0;
+                docstringType = '"""';
+                totalDocs++;
+            }
+        }
+    }
+    return totalDocs > 0 ? Math.min(verboseDocCount / totalDocs, 1.0) : 0;
+}
+/**
+ * GPT-4 Fingerprint #2: Defensive null checks
+ * Pattern: 3+ consecutive null checks on different variables
+ */
+function detectDefensiveNullChecks(lines) {
+    let defensiveBlocks = 0;
+    for (let i = 0; i < lines.length - 2; i++) {
+        const window = lines.slice(i, i + 3).join('\n');
+        // Count null checks (JavaScript/TypeScript/Java and Python)
+        const jsNullChecks = (window.match(/if\s*\([^)]*\s*(===|!==|==|!=)\s*(null|undefined)\s*\)/g) || []).length;
+        // Count typeof checks (typeof x === 'string', typeof x !== 'number', etc.)
+        const typeofChecks = (window.match(/if\s*\([^)]*typeof\s+[\w.]+\s*(===|!==|==|!=)\s*['"][a-z]+['"]\s*\)/g) || []).length;
+        // Python: if user is None, if user.name is None, etc.
+        const pythonNullChecks = (window.match(/if\s+[\w.]+\s+is\s+(None|null)/gi) || []).length;
+        const totalChecks = jsNullChecks + typeofChecks + pythonNullChecks;
+        if (totalChecks >= 3) {
+            defensiveBlocks++;
+        }
+    }
+    return Math.min(defensiveBlocks / 5, 1.0); // Normalize (5 = very defensive)
+}
+/**
+ * GPT-4 Fingerprint #3: Excessive try-catch
+ * Pattern: >50% of functions wrapped in try-catch, even for simple operations
+ */
+function detectExcessiveTryCatch(lines) {
+    let functionsWithTryCatch = 0;
+    let totalFunctions = 0;
+    let inFunction = false;
+    let functionStart = -1;
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i].trim();
+        // Detect function start
+        const isFunctionStart = line.match(/^function\s+\w+\s*\(/) ||
+            line.match(/^def\s+\w+\s*\(/) ||
+            line.match(/^(public|private|protected)?\s*(static)?\s+\w+\s+\w+\s*\(/);
+        if (isFunctionStart) {
+            inFunction = true;
+            functionStart = i;
+            totalFunctions++;
+        }
+        // Detect function end
+        if (inFunction && line.match(/^}/)) {
+            const functionBody = lines.slice(functionStart, i + 1).join('\n');
+            // Check if function contains try-catch
+            const hasTryCatch = functionBody.match(/\btry\s*{/) !== null;
+            if (hasTryCatch) {
+                functionsWithTryCatch++;
+            }
+            inFunction = false;
+        }
+    }
+    const tryCatchRatio = totalFunctions > 0 ? functionsWithTryCatch / totalFunctions : 0;
+    // GPT-4 fingerprint: ≥50% of functions have try-catch (excessive)
+    // Flag if 50% or more functions have try-catch
+    if (tryCatchRatio < 0.5)
+        return 0;
+    return Math.min(tryCatchRatio * 2 - 0.9, 1.0); // Maps 50% → 0.1, 75% → 0.6, 100% → 1.0
+}
+/**
+ * GPT-4 Fingerprint #4: Helper function proliferation
+ * Pattern: >30% of functions are single-line helpers used only once
+ */
+function detectHelperFunctionProliferation(lines) {
+    const functionNames = new Map(); // name -> line count
+    const functionUsage = new Map(); // name -> usage count
+    let inFunction = false;
+    let currentFunctionName = '';
+    let functionStart = -1;
+    // Phase 1: Identify functions and count their body lines
+    for (let i = 0; i < lines.length; i++) {
+        const trimmed = lines[i].trim();
+        // Detect function declaration
+        const funcMatch = trimmed.match(/^function\s+(\w+)\s*\(/) ||
+            trimmed.match(/^def\s+(\w+)\s*\(/) ||
+            trimmed.match(/^(?:public|private|protected)?\s*(?:static)?\s+\w+\s+(\w+)\s*\(/);
+        if (funcMatch) {
+            inFunction = true;
+            currentFunctionName = funcMatch[1];
+            functionStart = i;
+            // Check if it's a one-liner (declaration and closing brace on same line)
+            if (trimmed.includes('}') && trimmed.endsWith('}')) {
+                const lineCount = 1; // One-liner function
+                functionNames.set(currentFunctionName, lineCount);
+                functionUsage.set(currentFunctionName, 0); // Initialize usage count
+                inFunction = false;
+                continue;
+            }
+            // Check if it's a Python one-liner (def foo(): return bar)
+            if (trimmed.match(/^def\s+\w+\([^)]*\):\s*return/)) {
+                const lineCount = 1; // Python one-liner
+                functionNames.set(currentFunctionName, lineCount);
+                functionUsage.set(currentFunctionName, 0); // Initialize usage count
+                inFunction = false;
+                continue;
+            }
+        }
+        // Detect function end (closing brace)
+        if (inFunction && (trimmed === '}' || trimmed.startsWith('}'))) {
+            const lineCount = i - functionStart;
+            functionNames.set(currentFunctionName, lineCount);
+            functionUsage.set(currentFunctionName, 0); // Initialize usage count
+            inFunction = false;
+        }
+    }
+    // Phase 2: Count function usage
+    const code = lines.join('\n');
+    functionNames.forEach((_, name) => {
+        const usagePattern = new RegExp(`\\b${name}\\s*\\(`, 'g');
+        const matches = code.match(usagePattern) || [];
+        functionUsage.set(name, matches.length - 1); // -1 to exclude declaration
+    });
+    // Phase 3: Count single-line helpers used ≤1 time
+    let helperCount = 0;
+    functionNames.forEach((lineCount, name) => {
+        const usageCount = functionUsage.get(name) || 0;
+        // Only flag truly trivial one-liners (lineCount == 1) with low usage
+        if (lineCount == 1 && usageCount <= 1) {
+            helperCount++;
+        }
+    });
+    const helperRatio = functionNames.size > 0 ? helperCount / functionNames.size : 0;
+    // GPT-4 fingerprint: >30% are single-use helpers
+    return helperRatio > 0.3 ? 1.0 : helperRatio / 0.3;
+}
+/**
+ * GPT-4 Fingerprint #5: Overly descriptive variable names
+ * Pattern: >3 variables with names >25 characters
+ */
+function detectOverlyDescriptiveNames(lines) {
+    const longVariableNames = new Set();
+    lines.forEach(line => {
+        // Match variable declarations
+        const varPattern = /(?:const|let|var|val)\s+(\w{26,})\s*=/g;
+        const matches = Array.from(line.matchAll(varPattern));
+        matches.forEach(match => {
+            longVariableNames.add(match[1]);
+        });
+    });
+    return Math.min(longVariableNames.size / 3, 1.0); // Normalize (3+ = verbose)
+}
+/**
+ * GPT-4 Fingerprint #6: Premature optimization comments
+ * Pattern: Comments mentioning "performance", "optimization", "O(n)" before implementation
+ */
+function detectPrematureOptimizationComments(lines) {
+    let optimizationComments = 0;
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        const isComment = trimmed.startsWith('//') || trimmed.startsWith('#');
+        if (isComment) {
+            const hasOptimizationKeywords = /\b(performance|optimization|optimize|O\(\w+\)|time complexity|space complexity)\b/i.test(trimmed);
+            if (hasOptimizationKeywords) {
+                optimizationComments++;
+            }
+        }
+    });
+    return Math.min(optimizationComments / 3, 1.0); // Normalize (3+ = premature)
+}
+/**
+ * GPT-4 Fingerprint #7: Detailed TODO markers
+ * Pattern: TODO comments with >10 words (GPT-4 over-explains)
+ */
+function detectDetailedTodoMarkers(lines) {
+    let detailedTodoCount = 0;
+    let totalTodos = 0;
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        const isTodo = /TODO|FIXME|XXX/i.test(trimmed);
+        if (isTodo) {
+            totalTodos++;
+            // Extract TODO text
+            const todoText = trimmed.replace(/^(\/\/|#)\s*/, '');
+            const wordCount = todoText.split(/\s+/).length;
+            if (wordCount > 10) {
+                detailedTodoCount++;
+            }
+        }
+    });
+    return totalTodos > 0 ? Math.min(detailedTodoCount / totalTodos, 1.0) : 0;
+}
+/**
+ * GPT-4 Fingerprint #8: Type annotation overuse
+ * Pattern: Type hints on >70% of variables in Python/TypeScript (unnecessary)
+ */
+function detectTypeAnnotationOveruse(lines) {
+    let annotatedVariables = 0;
+    let totalVariables = 0;
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        // Python type hints: var: str = "value"
+        const pythonTypeHint = trimmed.match(/^(\w+)\s*:\s*\w+\s*=/);
+        if (pythonTypeHint) {
+            annotatedVariables++;
+            totalVariables++;
+        }
+        // Python variable without type hint: var = "value"
+        const pythonVar = trimmed.match(/^(\w+)\s*=\s*[^=]/);
+        if (pythonVar && !pythonTypeHint) {
+            totalVariables++;
+        }
+        // TypeScript/JavaScript type annotations
+        const tsAnnotated = line.match(/(?:const|let|var)\s+\w+\s*:\s*\w+/g) || [];
+        annotatedVariables += tsAnnotated.length;
+        const tsVars = line.match(/(?:const|let|var)\s+\w+/g) || [];
+        totalVariables += tsVars.length;
+    });
+    const annotationRatio = totalVariables > 0 ? annotatedVariables / totalVariables : 0;
+    // GPT-4 fingerprint: >70% annotated (excessive for dynamic languages)
+    return annotationRatio > 0.7 ? 1.0 : annotationRatio / 0.7;
+}
+/**
+ * ====================
+ * GITHUB COPILOT FINGERPRINT DETECTORS (Week 2)
+ * ====================
+ */
+/**
+ * GitHub Copilot Fingerprint #1: Boilerplate comments
+ * Pattern: Comments like "// your code here", "// TODO: implement this"
+ */
+function detectBoilerplateComments(lines) {
+    let boilerplateCount = 0;
+    const boilerplatePatterns = [
+        /\/\/\s*(your code here|add your code|implementation here|code goes here)/i,
+        /#\s*(your code here|add your code|implementation here|code goes here)/i,
+    ];
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        if (boilerplatePatterns.some(pattern => pattern.test(trimmed))) {
+            boilerplateCount++;
+        }
+    });
+    return Math.min(boilerplateCount / 3, 1.0); // 3+ = high score
+}
+/**
+ * GitHub Copilot Fingerprint #2: Placeholder TODOs
+ * Pattern: Generic TODOs like "TODO: implement", "TODO: add error handling"
+ */
+function detectPlaceholderTodos(lines) {
+    let placeholderTodoCount = 0;
+    const placeholderPatterns = [
+        /TODO:\s*(implement|add|fix|update|handle|check)/i,
+        /FIXME:\s*(implement|add|fix|update|handle|check)/i,
+    ];
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        if (placeholderPatterns.some(pattern => pattern.test(trimmed))) {
+            placeholderTodoCount++;
+        }
+    });
+    return Math.min(placeholderTodoCount / 5, 1.0); // 5+ = high score
+}
+/**
+ * GitHub Copilot Fingerprint #3: Generic function names
+ * Pattern: handleClick, doSomething, processData, etc.
+ */
+function detectGenericFunctionNames(lines) {
+    const genericNames = [
+        'handleClick', 'handleSubmit', 'handleChange', 'handleEvent',
+        'doSomething', 'doStuff', 'processData', 'processInput',
+        'getData', 'setData', 'updateData', 'fetchData',
+        'myFunction', 'testFunction', 'exampleFunction',
+    ];
+    let genericFunctionCount = 0;
+    let totalFunctions = 0;
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        // Detect function declarations
+        const funcMatch = trimmed.match(/function\s+(\w+)\s*\(/) ||
+            trimmed.match(/def\s+(\w+)\s*\(/) ||
+            trimmed.match(/const\s+(\w+)\s*=\s*(?:async\s*)?\([^)]*\)\s*=>/);
+        if (funcMatch) {
+            totalFunctions++;
+            const functionName = funcMatch[1];
+            if (genericNames.includes(functionName)) {
+                genericFunctionCount++;
+            }
+        }
+    });
+    return totalFunctions > 0 ? Math.min(genericFunctionCount / totalFunctions, 1.0) : 0;
+}
+/**
+ * GitHub Copilot Fingerprint #4: Placeholder constants
+ * Pattern: PLACEHOLDER, YOUR_API_KEY, CHANGE_ME, etc.
+ */
+function detectPlaceholderConstants(lines) {
+    const placeholderPatterns = [
+        /\b(PLACEHOLDER|YOUR_API_KEY|YOUR_SECRET|CHANGE_ME|REPLACE_ME|API_KEY_HERE|TOKEN_HERE)\b/,
+        /\b(TODO_REPLACE|FIX_ME|UPDATE_THIS|CHANGEME)\b/,
+    ];
+    let placeholderCount = 0;
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        if (placeholderPatterns.some(pattern => pattern.test(trimmed))) {
+            placeholderCount++;
+        }
+    });
+    return Math.min(placeholderCount / 2, 1.0); // 2+ = high score
+}
+/**
+ * GitHub Copilot Fingerprint #5: Unusual import ordering
+ * Pattern: Copilot often puts imports in alphabetical order, which is uncommon
+ */
+function detectUnusualImportOrdering(lines) {
+    const imports = [];
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        if (trimmed.startsWith('import ') || trimmed.startsWith('from ')) {
+            imports.push(trimmed);
+        }
+    });
+    if (imports.length < 3)
+        return 0;
+    // Check if imports are in strict alphabetical order
+    const sortedImports = [...imports].sort();
+    const isAlphabetical = imports.every((imp, i) => imp === sortedImports[i]);
+    return isAlphabetical ? 0.7 : 0; // Alphabetical imports = 70% score
+}
+/**
+ * GitHub Copilot Fingerprint #6: Copilot suggestion markers
+ * Pattern: Comments mentioning "Copilot", "AI-generated", "auto-generated"
+ */
+function detectCopilotMarkers(lines) {
+    const markerPatterns = [
+        /\b(copilot|github copilot|ai.generated|auto.generated|generated by ai)\b/i,
+        /\b(ai suggestion|suggested by copilot)\b/i,
+    ];
+    let markerCount = 0;
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        if (markerPatterns.some(pattern => pattern.test(trimmed))) {
+            markerCount++;
+        }
+    });
+    return markerCount > 0 ? 1.0 : 0; // Any marker = 100% score
+}
+/**
+ * GitHub Copilot Fingerprint #7: Excessive type assertions
+ * Pattern: Overuse of `as any`, `!` (non-null assertion) in TypeScript
+ */
+function detectExcessiveTypeAssertions(lines) {
+    let typeAssertionCount = 0;
+    let totalLines = 0;
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        if (trimmed.length > 0 && !trimmed.startsWith('//') && !trimmed.startsWith('#')) {
+            totalLines++;
+            // Count `as any`, `as unknown`, `!.` (non-null assertion)
+            const asAnyCount = (trimmed.match(/\s+as\s+any\b/g) || []).length;
+            const asUnknownCount = (trimmed.match(/\s+as\s+unknown\b/g) || []).length;
+            const nonNullCount = (trimmed.match(/!\./g) || []).length;
+            typeAssertionCount += asAnyCount + asUnknownCount + nonNullCount;
+        }
+    });
+    const assertionRatio = totalLines > 0 ? typeAssertionCount / totalLines : 0;
+    // >10% of lines have type assertions = excessive
+    return assertionRatio > 0.1 ? 1.0 : assertionRatio * 10;
+}
+/**
+ * ====================
+ * CLAUDE CODE FINGERPRINT DETECTORS (Week 2)
+ * ====================
+ */
+/**
+ * Claude Code Fingerprint #1: Detailed explanatory comments
+ * Pattern: Multi-line comments explaining "why" not just "what" (Claude's style)
+ */
+function detectDetailedExplanatoryComments(lines) {
+    let detailedCommentBlocks = 0;
+    let inCommentBlock = false;
+    let commentLines = 0;
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        // Multi-line comment start
+        if (trimmed.startsWith('/*') || trimmed.startsWith('/**')) {
+            inCommentBlock = true;
+            commentLines = 0;
+        }
+        if (inCommentBlock) {
+            commentLines++;
+            // Check for explanatory keywords (why, because, note, important)
+            if (/\b(why|because|note that|important|rationale|reason)\b/i.test(trimmed)) {
+                detailedCommentBlocks++;
+                inCommentBlock = false; // Count once per block
+            }
+            if (trimmed.endsWith('*/')) {
+                inCommentBlock = false;
+            }
+        }
+        // Single-line explanatory comments
+        if (trimmed.startsWith('//') && /\b(why|because|note that|important|rationale)\b/i.test(trimmed)) {
+            detailedCommentBlocks++;
+        }
+    });
+    return Math.min(detailedCommentBlocks / 5, 1.0); // 5+ explanatory comments = Claude style
+}
+/**
+ * Claude Code Fingerprint #2: Custom error classes
+ * Pattern: Creating custom error classes instead of using built-in errors
+ */
+function detectCustomErrorClasses(lines) {
+    let customErrorCount = 0;
+    const customErrorPatterns = [
+        /class\s+\w+Error\s+extends\s+Error/, // JavaScript/TypeScript
+        /class\s+\w+Exception\s*\([^)]*\):/, // Python custom exception
+        /public\s+class\s+\w+Exception\s+extends\s+Exception/, // Java
+    ];
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        if (customErrorPatterns.some(pattern => pattern.test(trimmed))) {
+            customErrorCount++;
+        }
+    });
+    return Math.min(customErrorCount / 2, 1.0); // 2+ custom error classes = Claude style
+}
+/**
+ * Claude Code Fingerprint #3: Extensive input validation
+ * Pattern: Multiple validation checks at function entry (Claude is thorough)
+ */
+function detectExtensiveInputValidation(lines) {
+    let functionsWithExtensiveValidation = 0;
+    let totalFunctions = 0;
+    let inFunction = false;
+    let validationChecks = 0;
+    let linesIntoFunction = 0;
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        // Detect function start
+        const isFunctionStart = trimmed.match(/^function\s+\w+\s*\(/) ||
+            trimmed.match(/^def\s+\w+\s*\(/) ||
+            trimmed.match(/^(public|private|protected)?\s*(static)?\s+\w+\s+\w+\s*\(/);
+        if (isFunctionStart) {
+            inFunction = true;
+            validationChecks = 0;
+            linesIntoFunction = 0;
+            totalFunctions++;
+        }
+        if (inFunction) {
+            linesIntoFunction++;
+            // Count validation patterns in first 10 lines of function
+            if (linesIntoFunction <= 10) {
+                if (/if\s*\([^)]*(!|===|!==|<|>|typeof|instanceof)\s*\)/.test(trimmed)) {
+                    validationChecks++;
+                }
+                if (/throw new \w+Error/.test(trimmed)) {
+                    validationChecks++;
+                }
+            }
+            // Function end
+            if (trimmed === '}' || trimmed.startsWith('}')) {
+                if (validationChecks >= 3) {
+                    functionsWithExtensiveValidation++;
+                }
+                inFunction = false;
+            }
+        }
+    });
+    return totalFunctions > 0 ? Math.min(functionsWithExtensiveValidation / totalFunctions, 1.0) : 0;
+}
+/**
+ * Claude Code Fingerprint #4: Descriptive helper functions
+ * Pattern: Helper functions with very clear, descriptive names (Claude's clarity)
+ */
+function detectDescriptiveHelperFunctions(lines) {
+    let descriptiveHelperCount = 0;
+    let totalFunctions = 0;
+    // Claude-style descriptive prefixes
+    const descriptivePrefixes = [
+        'validate', 'ensure', 'verify', 'check', 'sanitize',
+        'normalize', 'transform', 'convert', 'extract', 'parse',
+        'calculate', 'compute', 'determine', 'resolve',
+    ];
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        // Detect function declarations
+        const funcMatch = trimmed.match(/^function\s+(\w+)\s*\(/) ||
+            trimmed.match(/^def\s+(\w+)\s*\(/) ||
+            trimmed.match(/^const\s+(\w+)\s*=\s*(?:async\s*)?\([^)]*\)\s*=>/);
+        if (funcMatch) {
+            totalFunctions++;
+            const functionName = funcMatch[1];
+            // Check if name starts with descriptive prefix
+            if (descriptivePrefixes.some(prefix => functionName.toLowerCase().startsWith(prefix))) {
+                descriptiveHelperCount++;
+            }
+        }
+    });
+    return totalFunctions > 0 ? Math.min(descriptiveHelperCount / totalFunctions, 1.0) : 0;
+}
+/**
+ * Claude Code Fingerprint #5: Structured return objects
+ * Pattern: Returning objects with { success, data, error } structure
+ */
+function detectStructuredReturnObjects(lines) {
+    let structuredReturnCount = 0;
+    const structuredReturnPatterns = [
+        /return\s*{\s*success\s*:/,
+        /return\s*{\s*data\s*:/,
+        /return\s*{\s*error\s*:/,
+        /return\s*{\s*ok\s*:/,
+        /return\s*{\s*result\s*:/,
+        /\{\s*success\s*,\s*data\s*,\s*error\s*\}/,
+    ];
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        if (structuredReturnPatterns.some(pattern => pattern.test(trimmed))) {
+            structuredReturnCount++;
+        }
+    });
+    return Math.min(structuredReturnCount / 3, 1.0); // 3+ structured returns = Claude style
+}
+// =======================================================================================
+// CURSOR BEHAVIORAL FINGERPRINTS (8 patterns)
+// =======================================================================================
+/**
+ * Cursor Fingerprint #1: AI command markers
+ * Pattern: Comments with AI/Cursor directives
+ */
+function detectAICommandMarkers(lines) {
+    let markerCount = 0;
+    const aiCommandPatterns = [
+        /\/\/\s*AI:/i,
+        /\/\/\s*Cursor:/i,
+        /#\s*AI:/i,
+        /#\s*Cursor:/i,
+        /@cursor/i,
+        /\/\*\s*@cursor/i,
+        /\/\/\s*@ai\s/i,
+    ];
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        if (aiCommandPatterns.some(pattern => pattern.test(trimmed))) {
+            markerCount++;
+        }
+    });
+    return Math.min(markerCount / 2, 1.0); // 2+ AI command markers = Cursor usage
+}
+/**
+ * Cursor Fingerprint #2: Diff-style comments
+ * Pattern: Comments indicating code generation/addition
+ */
+function detectDiffStyleComments(lines) {
+    let diffCommentCount = 0;
+    const diffStylePatterns = [
+        /\/\/\s*Added by Cursor/i,
+        /\/\/\s*Generated block/i,
+        /\/\/\s*Cursor suggestion/i,
+        /#\s*Added by Cursor/i,
+        /#\s*Generated by AI/i,
+        /\/\/\s*AI-assisted code/i,
+        /\/\*\s*Generated code\s*\*\//i,
+    ];
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        if (diffStylePatterns.some(pattern => pattern.test(trimmed))) {
+            diffCommentCount++;
+        }
+    });
+    return Math.min(diffCommentCount / 2, 1.0); // 2+ diff-style comments
+}
+/**
+ * Cursor Fingerprint #3: Tab completion artifacts
+ * Pattern: Incomplete suggestions, placeholder text left in code
  */
-function calculateAICodeConfidence(hallucinationCount, heuristicScores) {
-    // Calculate weighted heuristic score
-    const heuristicScore = heuristicScores.overEngineeredErrors * HEURISTIC_WEIGHTS.overEngineeredErrors +
+function detectTabCompletionArtifacts(lines) {
+    let artifactCount = 0;
+    const artifactPatterns = [
+        /\.\.\.\s*$/, // Trailing ellipsis
+        /\/\/\s*\.\.\./, // Comment with ellipsis
+        /#\s*\.\.\./, // Python comment with ellipsis
+        /\bTODO:\s*$/i, // Empty TODO
+        /\/\/\s*TODO\s*$/i, // Empty TODO comment
+        /\?\?\?/, // Question marks placeholder
+        /<<<<<<</, // Merge conflict markers (Cursor artifacts)
+        />>>>>>>/,
+    ];
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        if (artifactPatterns.some(pattern => pattern.test(trimmed))) {
+            artifactCount++;
+        }
+    });
+    return Math.min(artifactCount / 3, 1.0); // 3+ artifacts
+}
+/**
+ * Cursor Fingerprint #4: Context window leakage
+ * Pattern: Comments referencing files/context not in codebase
+ */
+function detectContextWindowLeakage(lines) {
+    let leakageCount = 0;
+    const leakagePatterns = [
+        /\/\/\s*From:\s*[a-zA-Z0-9_\-]+\.(js|ts|py|java|go)/i, // "From: otherfile.js"
+        /\/\/\s*See:\s*[a-zA-Z0-9_\-]+\.(js|ts|py|java|go)/i, // "See: utils.ts"
+        /\/\/\s*Similar to\s+[a-zA-Z0-9_\-]+/i, // "Similar to OtherClass"
+        /#\s*Based on\s+[a-zA-Z0-9_\-]+/i, // "Based on module_name"
+        /\/\/\s*Imported from\s+/i,
+    ];
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        if (leakagePatterns.some(pattern => pattern.test(trimmed))) {
+            leakageCount++;
+        }
+    });
+    return Math.min(leakageCount / 2, 1.0); // 2+ context leakage comments
+}
+/**
+ * Cursor Fingerprint #5: Over-generic exports
+ * Pattern: Export statements with placeholder/generic patterns
+ */
+function detectOverGenericExports(lines) {
+    let genericExportCount = 0;
+    const genericExportPatterns = [
+        /export\s*\{\s*everything\s*\}/i,
+        /export\s+\*\s+as\s+utils\s+from/i,
+        /export\s+\*\s+as\s+helpers\s+from/i,
+        /export\s+\*\s+as\s+components\s+from/i,
+        /export\s+default\s+\{\}/, // Empty default export
+    ];
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        if (genericExportPatterns.some(pattern => pattern.test(trimmed))) {
+            genericExportCount++;
+        }
+    });
+    return Math.min(genericExportCount / 2, 1.0); // 2+ generic exports
+}
+/**
+ * Cursor Fingerprint #6: Unused import cleanup
+ * Pattern: Perfect alphabetical imports with no actual usage
+ */
+function detectUnusedImportCleanup(lines) {
+    const imports = [];
+    let alphabeticalCount = 0;
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        // Detect import statements
+        const importMatch = trimmed.match(/^import\s+.*\s+from\s+['"]([^'"]+)['"]/) ||
+            trimmed.match(/^from\s+([^\s]+)\s+import/);
+        if (importMatch) {
+            imports.push(trimmed);
+        }
+    });
+    // Check if imports are perfectly alphabetical (Cursor cleanup signature)
+    if (imports.length >= 5) {
+        const sorted = [...imports].sort();
+        alphabeticalCount = imports.every((imp, i) => imp === sorted[i]) ? 1 : 0;
+    }
+    return alphabeticalCount;
+}
+/**
+ * Cursor Fingerprint #7: Placeholder error messages
+ * Pattern: Generic error messages from AI suggestions
+ */
+function detectPlaceholderErrorMessages(lines) {
+    let placeholderErrorCount = 0;
+    const placeholderErrorPatterns = [
+        /(throw new Error|raise Exception)\s*\(\s*['"]An error occurred['"]\s*\)/i,
+        /(throw new Error|raise Exception)\s*\(\s*['"]Something went wrong['"]\s*\)/i,
+        /(throw new Error|raise Exception)\s*\(\s*['"]Error['"]\s*\)/i,
+        /(throw new Error|raise Exception)\s*\(\s*['"]Invalid input['"]\s*\)/i,
+        /(throw new Error|raise Exception)\s*\(\s*['"]Failed['"]\s*\)/i,
+        /console\.error\s*\(\s*['"]Error:['"]/i,
+        /logger\.error\s*\(\s*['"]An error/i,
+    ];
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        if (placeholderErrorPatterns.some(pattern => pattern.test(trimmed))) {
+            placeholderErrorCount++;
+        }
+    });
+    return Math.min(placeholderErrorCount / 3, 1.0); // 3+ placeholder errors
+}
+/**
+ * Cursor Fingerprint #8: Inline documentation overload
+ * Pattern: JSDoc/docstrings on every single line (Cursor over-generates docs)
+ */
+function detectInlineDocumentationOverload(lines) {
+    let docLineCount = 0;
+    let codeLineCount = 0;
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        // Skip empty lines
+        if (trimmed.length === 0)
+            return;
+        // Count documentation lines
+        if (trimmed.startsWith('/**') ||
+            trimmed.startsWith('*') ||
+            trimmed.startsWith('*/') ||
+            trimmed.startsWith('///') ||
+            trimmed.startsWith('///')) {
+            docLineCount++;
+        }
+        else if (trimmed.startsWith('//') || trimmed.startsWith('#')) {
+            // Count inline comments
+            docLineCount++;
+        }
+        else {
+            codeLineCount++;
+        }
+    });
+    // Cursor signature: >60% of lines are documentation/comments
+    const docRatio = codeLineCount > 0 ? docLineCount / (docLineCount + codeLineCount) : 0;
+    return docRatio > 0.6 ? 1.0 : docRatio / 0.6;
+}
+// =======================================================================================
+// "PERFECT CODE" HEURISTICS (5 patterns) - AI code is "too perfect"
+// =======================================================================================
+/**
+ * Perfect Code #1: Zero edge cases
+ * Pattern: Functions with no error handling or boundary checks (AI assumes happy path)
+ */
+function detectZeroEdgeCases(lines) {
+    let functionCount = 0;
+    let functionsWithErrorHandling = 0;
+    let inFunction = false;
+    let currentFunctionHasErrorHandling = false;
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        // Detect function start
+        if (trimmed.match(/^function\s+\w+\s*\(/) ||
+            trimmed.match(/^(async\s+)?function\s*\(/) ||
+            trimmed.match(/^def\s+\w+\s*\(/) ||
+            trimmed.match(/^(public|private|protected)?\s*(static\s+)?\w+\s+\w+\s*\(/)) {
+            if (inFunction && !currentFunctionHasErrorHandling) {
+                // Previous function had no error handling
+            }
+            else if (inFunction) {
+                functionsWithErrorHandling++;
+            }
+            inFunction = true;
+            currentFunctionHasErrorHandling = false;
+            functionCount++;
+        }
+        // Detect error handling patterns
+        if (inFunction) {
+            if (trimmed.includes('try') ||
+                trimmed.includes('catch') ||
+                trimmed.includes('except') ||
+                trimmed.includes('if (!') ||
+                trimmed.includes('if (!') ||
+                trimmed.includes('if (') && (trimmed.includes('null') || trimmed.includes('undefined')) ||
+                trimmed.includes('throw') ||
+                trimmed.includes('raise') ||
+                trimmed.includes('assert')) {
+                currentFunctionHasErrorHandling = true;
+            }
+        }
+        // Detect function end
+        if (trimmed === '}' && inFunction) {
+            if (currentFunctionHasErrorHandling) {
+                functionsWithErrorHandling++;
+            }
+            inFunction = false;
+            currentFunctionHasErrorHandling = false;
+        }
+    });
+    // AI code: >60% of functions have NO error handling (assumes happy path)
+    const noErrorHandlingRatio = functionCount > 0 ? 1 - (functionsWithErrorHandling / functionCount) : 0;
+    return noErrorHandlingRatio > 0.6 ? 1.0 : noErrorHandlingRatio / 0.6;
+}
+/**
+ * Perfect Code #2: Uniform indentation
+ * Pattern: Perfectly aligned code (humans are messy, AI is perfect)
+ */
+function detectUniformIndentation(lines) {
+    const indentationLevels = [];
+    lines.forEach(line => {
+        if (line.trim().length === 0)
+            return; // Skip empty lines
+        // Count leading spaces
+        const leadingSpaces = line.match(/^(\s*)/)?.[1].length || 0;
+        if (leadingSpaces > 0) {
+            indentationLevels.push(leadingSpaces);
+        }
+    });
+    if (indentationLevels.length < 10)
+        return 0; // Not enough data
+    // Check if all indentation is perfectly consistent (multiples of 2 or 4)
+    const allMultiplesOf2 = indentationLevels.every(level => level % 2 === 0);
+    const allMultiplesOf4 = indentationLevels.every(level => level % 4 === 0);
+    // Check for perfect uniformity (no variation)
+    const uniqueLevels = new Set(indentationLevels);
+    const uniformityRatio = 1 - (uniqueLevels.size / indentationLevels.length);
+    // AI signature: Perfect multiples + high uniformity
+    if ((allMultiplesOf2 || allMultiplesOf4) && uniformityRatio > 0.8) {
+        return 1.0;
+    }
+    else if ((allMultiplesOf2 || allMultiplesOf4) && uniformityRatio > 0.6) {
+        return 0.5;
+    }
+    return 0;
+}
+/**
+ * Perfect Code #3: Textbook variable names
+ * Pattern: Generic tutorial-style names (firstName, lastName, emailAddress)
+ */
+function detectTextbookVariableNames(lines) {
+    let textbookNameCount = 0;
+    const textbookNames = [
+        'firstName', 'first_name', 'lastname', 'last_name',
+        'emailAddress', 'email_address', 'phoneNumber', 'phone_number',
+        'userName', 'user_name', 'password', 'confirmPassword',
+        'startDate', 'endDate', 'createdAt', 'updatedAt',
+        'userId', 'user_id', 'customerId', 'customer_id',
+    ];
+    lines.forEach(line => {
+        textbookNames.forEach(name => {
+            if (line.includes(name)) {
+                textbookNameCount++;
+            }
+        });
+    });
+    // AI uses textbook names from tutorials
+    return Math.min(textbookNameCount / 5, 1.0); // 5+ textbook names = AI
+}
+/**
+ * Perfect Code #4: No comments + perfect structure
+ * Pattern: Production code is messy; AI generates clean, structured code with zero comments
+ */
+function detectNoCommentsWithPerfectStructure(lines) {
+    let commentCount = 0;
+    let structuralComplexity = 0;
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        // Count comments
+        if (trimmed.startsWith('//') || trimmed.startsWith('#') || trimmed.startsWith('/*')) {
+            commentCount++;
+        }
+        // Count structural elements
+        if (trimmed.includes('function') ||
+            trimmed.includes('def ') ||
+            trimmed.includes('class ') ||
+            trimmed.includes('if (') ||
+            trimmed.includes('for (') ||
+            trimmed.includes('while (')) {
+            structuralComplexity++;
+        }
+    });
+    // AI signature: >10 structural elements with <2 comments
+    if (structuralComplexity > 10 && commentCount < 2) {
+        return 1.0;
+    }
+    else if (structuralComplexity > 5 && commentCount === 0) {
+        return 0.5;
+    }
+    return 0;
+}
+/**
+ * Perfect Code #5: Excessive parameter validation
+ * Pattern: AI validates every parameter, even in private functions
+ */
+function detectExcessiveParameterValidation(lines) {
+    let functionCount = 0;
+    let functionsWithParamValidation = 0;
+    let inFunction = false;
+    let currentFunctionHasValidation = false;
+    let linesIntoFunction = 0;
+    lines.forEach(line => {
+        const trimmed = line.trim();
+        // Detect function start
+        if (trimmed.match(/^function\s+\w+\s*\(/) ||
+            trimmed.match(/^def\s+\w+\s*\(/) ||
+            trimmed.match(/^(public|private|protected)?\s*\w+\s+\w+\s*\(/)) {
+            if (inFunction && currentFunctionHasValidation) {
+                functionsWithParamValidation++;
+            }
+            inFunction = true;
+            currentFunctionHasValidation = false;
+            linesIntoFunction = 0;
+            functionCount++;
+        }
+        // Check for parameter validation in first 5 lines of function
+        if (inFunction && linesIntoFunction < 5) {
+            if (trimmed.includes('if (!') ||
+                trimmed.includes('if (typeof') ||
+                trimmed.includes('if (') && (trimmed.includes('=== null') || trimmed.includes('=== undefined')) ||
+                trimmed.includes('throw') && trimmed.includes('Invalid') ||
+                trimmed.includes('raise') && (trimmed.includes('ValueError') || trimmed.includes('TypeError'))) {
+                currentFunctionHasValidation = true;
+            }
+            linesIntoFunction++;
+        }
+        // Detect function end
+        if (trimmed === '}' && inFunction) {
+            if (currentFunctionHasValidation) {
+                functionsWithParamValidation++;
+            }
+            inFunction = false;
+            currentFunctionHasValidation = false;
+        }
+    });
+    // AI validates >70% of functions (even private ones)
+    const validationRatio = functionCount > 0 ? functionsWithParamValidation / functionCount : 0;
+    return validationRatio > 0.7 ? 1.0 : validationRatio / 0.7;
+}
+/**
+ * Calculate confidence score from hallucination count, heuristics, and LLM fingerprints
+ *
+ * Scoring weights:
+ * - Hallucination patterns: 60% (strongest signal - causes runtime errors)
+ * - Code smell heuristics: 25% (structural patterns)
+ * - LLM fingerprints: 15% (behavioral patterns)
+ */
+function calculateAICodeConfidence(hallucinationCount, heuristicScores, llmFingerprintScores) {
+    // Calculate weighted heuristic score (13 heuristics total)
+    const heuristicScore = 
+    // Original 8 heuristics
+    heuristicScores.overEngineeredErrors * HEURISTIC_WEIGHTS.overEngineeredErrors +
         heuristicScores.unnecessaryWrappers * HEURISTIC_WEIGHTS.unnecessaryWrappers +
         heuristicScores.verboseComments * HEURISTIC_WEIGHTS.verboseComments +
         heuristicScores.mixedNaming * HEURISTIC_WEIGHTS.mixedNaming +
         heuristicScores.redundantNullChecks * HEURISTIC_WEIGHTS.redundantNullChecks +
         heuristicScores.unnecessaryAsync * HEURISTIC_WEIGHTS.unnecessaryAsync +
         heuristicScores.genericVariables * HEURISTIC_WEIGHTS.genericVariables +
-        heuristicScores.inconsistentStrings * HEURISTIC_WEIGHTS.inconsistentStrings;
-    // HIGH confidence: 2+ hallucinations OR 1 hallucination + strong heuristics
-    if (hallucinationCount >= 2 || (hallucinationCount >= 1 && heuristicScore >= 0.5)) {
+        heuristicScores.inconsistentStrings * HEURISTIC_WEIGHTS.inconsistentStrings +
+        // Perfect code heuristics (5 new)
+        heuristicScores.zeroEdgeCases * HEURISTIC_WEIGHTS.zeroEdgeCases +
+        heuristicScores.uniformIndentation * HEURISTIC_WEIGHTS.uniformIndentation +
+        heuristicScores.textbookVariableNames * HEURISTIC_WEIGHTS.textbookVariableNames +
+        heuristicScores.noCommentsWithPerfectStructure * HEURISTIC_WEIGHTS.noCommentsWithPerfectStructure +
+        heuristicScores.excessiveParameterValidation * HEURISTIC_WEIGHTS.excessiveParameterValidation;
+    // Calculate weighted LLM fingerprint scores (all 4 LLM tools)
+    let llmFingerprintScore = 0;
+    if (llmFingerprintScores) {
+        // GPT-4 fingerprints
+        const gpt4Score = (llmFingerprintScores.verboseDocstrings || 0) * GPT4_FINGERPRINT_WEIGHTS.verboseDocstrings +
+            (llmFingerprintScores.defensiveNullChecks || 0) * GPT4_FINGERPRINT_WEIGHTS.defensiveNullChecks +
+            (llmFingerprintScores.excessiveTryCatch || 0) * GPT4_FINGERPRINT_WEIGHTS.excessiveTryCatch +
+            (llmFingerprintScores.helperFunctionProliferation || 0) * GPT4_FINGERPRINT_WEIGHTS.helperFunctionProliferation +
+            (llmFingerprintScores.overlyDescriptiveNames || 0) * GPT4_FINGERPRINT_WEIGHTS.overlyDescriptiveNames +
+            (llmFingerprintScores.prematureOptimizationComments || 0) * GPT4_FINGERPRINT_WEIGHTS.prematureOptimizationComments +
+            (llmFingerprintScores.detailedTodoMarkers || 0) * GPT4_FINGERPRINT_WEIGHTS.detailedTodoMarkers +
+            (llmFingerprintScores.typeAnnotationOveruse || 0) * GPT4_FINGERPRINT_WEIGHTS.typeAnnotationOveruse;
+        // GitHub Copilot fingerprints (equal weight to GPT-4)
+        const copilotScore = (llmFingerprintScores.boilerplateComments || 0) * 0.15 +
+            (llmFingerprintScores.placeholderTodos || 0) * 0.14 +
+            (llmFingerprintScores.genericFunctionNames || 0) * 0.15 +
+            (llmFingerprintScores.placeholderConstants || 0) * 0.14 +
+            (llmFingerprintScores.unusualImportOrdering || 0) * 0.14 +
+            (llmFingerprintScores.copilotMarkers || 0) * 0.14 +
+            (llmFingerprintScores.excessiveTypeAssertions || 0) * 0.14;
+        // Claude Code fingerprints (equal weight to GPT-4)
+        const claudeScore = (llmFingerprintScores.detailedExplanatoryComments || 0) * 0.20 +
+            (llmFingerprintScores.customErrorClasses || 0) * 0.20 +
+            (llmFingerprintScores.extensiveInputValidation || 0) * 0.20 +
+            (llmFingerprintScores.descriptiveHelperFunctions || 0) * 0.20 +
+            (llmFingerprintScores.structuredReturnObjects || 0) * 0.20;
+        // Cursor fingerprints
+        const cursorScore = (llmFingerprintScores.aiCommandMarkers || 0) * CURSOR_FINGERPRINT_WEIGHTS.aiCommandMarkers +
+            (llmFingerprintScores.diffStyleComments || 0) * CURSOR_FINGERPRINT_WEIGHTS.diffStyleComments +
+            (llmFingerprintScores.tabCompletionArtifacts || 0) * CURSOR_FINGERPRINT_WEIGHTS.tabCompletionArtifacts +
+            (llmFingerprintScores.contextWindowLeakage || 0) * CURSOR_FINGERPRINT_WEIGHTS.contextWindowLeakage +
+            (llmFingerprintScores.overGenericExports || 0) * CURSOR_FINGERPRINT_WEIGHTS.overGenericExports +
+            (llmFingerprintScores.unusedImportCleanup || 0) * CURSOR_FINGERPRINT_WEIGHTS.unusedImportCleanup +
+            (llmFingerprintScores.placeholderErrorMessages || 0) * CURSOR_FINGERPRINT_WEIGHTS.placeholderErrorMessages +
+            (llmFingerprintScores.inlineDocumentationOverload || 0) * CURSOR_FINGERPRINT_WEIGHTS.inlineDocumentationOverload;
+        // Average all LLM tool scores (equal weight per tool)
+        llmFingerprintScore = (gpt4Score + copilotScore + claudeScore + cursorScore) / 4;
+    }
+    // Combined weighted score (hallucinations 60%, heuristics 25%, LLM fingerprints 15%)
+    const hallucinationWeight = hallucinationCount > 0 ? Math.min(hallucinationCount / 3, 1.0) : 0;
+    const combinedScore = (hallucinationWeight * 0.6) + (heuristicScore * 0.25) + (llmFingerprintScore * 0.15);
+    // HIGH confidence: 2+ hallucinations OR combined score >= 0.6
+    if (hallucinationCount >= 2 || combinedScore >= 0.6) {
         return {
             hallucinationPatterns: hallucinationCount,
-            heuristicScore,
+            heuristicScore: combinedScore,
             confidence: 'HIGH',
             severity: 'CRITICAL',
         };
     }
-    // MEDIUM confidence: 1 hallucination OR strong heuristics
-    if (hallucinationCount === 1 || heuristicScore >= 0.4) {
+    // MEDIUM confidence: 1 hallucination OR combined score >= 0.4
+    if (hallucinationCount === 1 || combinedScore >= 0.4) {
         return {
             hallucinationPatterns: hallucinationCount,
-            heuristicScore,
+            heuristicScore: combinedScore,
             confidence: 'MEDIUM',
             severity: 'HIGH',
         };
     }
-    // LOW confidence: Weak heuristics only
-    if (heuristicScore >= 0.25) {
+    // LOW confidence: Weak signals (combined score >= 0.25)
+    if (combinedScore >= 0.25) {
         return {
             hallucinationPatterns: 0,
-            heuristicScore,
+            heuristicScore: combinedScore,
             confidence: 'LOW',
             severity: 'MEDIUM',
         };