cognium-ai 1.20.1 → 2.0.0

package/README.md

@@ -11,35 +11,39 @@ npm install -g cognium-ai
 ## Commands
 
 ```bash
-cognium-ai scan <path>         # Scan for security vulnerabilities (LLM-enhanced)
-cognium-ai dead-code <path>    # Detect dead/unreachable code
-cognium-ai secrets <path>      # Scan for secrets and credentials
-cognium-ai health <path>       # Calculate codebase health score
-cognium-ai metrics <path>      # Software metrics (CK suite, Halstead)
-cognium-ai skill <path>        # Analyze AI skill bundle security
-cognium-ai trust <path>        # Trust score (27 passes: supply chain, security, AI safety)
-cognium-ai compare <A> <B>     # Compare trust scores between two paths
-cognium-ai quality <path>      # Quality score (5 passes)
-cognium-ai understand <path>   # Semantic understanding (functions, roles, side effects)
-cognium-ai spec-diff <path>    # Spec-gap analysis (code vs spec alignment)
-cognium-ai cluster <path>      # Component clustering and architecture analysis
-cognium-ai generate-spec <file> # Generate Specifica spec from code
-cognium-ai init                # Create configuration file
+cognium-ai scan <path>          # Scan for security vulnerabilities (LLM-enhanced)
+cognium-ai trust <path>         # Trust score across 30+ passes (supply chain, security, AI safety, compliance)
+cognium-ai quality <path>       # Quality score (complexity, tests, docs, maintainability, performance)
+cognium-ai spec-diff <path>     # Spec-gap analysis (code vs Specifica spec alignment)
+cognium-ai generate-spec <path> # Generate Specifica spec from code
+
+cognium-ai init                 # Create cognium.config.json (auto-detects languages)
+cognium-ai doctor               # Check environment, LLM config, project setup
+cognium-ai version              # Show component versions
 ```
 
+Run `cognium-ai <command> --help` for command-specific options. Several
+additional commands (`dead-code`, `secrets`, `health`, `metrics`,
+`understand`, `cluster`, `compare`, `analyze-skill`, `benchmark`) are
+available but currently undergoing CLI polish — they remain callable but
+are hidden from the headline `--help` until they soak.
+
 ## Scan Options
 
 ```bash
 cognium-ai scan src/                              # LLM-enhanced scan (default)
 cognium-ai scan src/ --no-llm                     # Static-only (no LLM)
-cognium-ai scan src/ --llm-discovery              # LLM discovery mode (deeper)
 cognium-ai scan src/ -f json -o results.json      # JSON output to file
-cognium-ai scan src/ -f sarif -o results.sarif    # SARIF output
 cognium-ai scan src/ --severity high              # High+ severity only
 cognium-ai scan src/ --exclude-tests              # Skip test files
 cognium-ai scan src/ --threads 20                 # Custom parallelism
+cognium-ai scan src/ -x '**/vendor/**'            # Exclude paths
+cognium-ai scan src/ --exit-code                  # Exit 1 on findings (CI)
 ```
 
+For SARIF output, use `cognium-ai trust` (`-f sarif -o trust.sarif`),
+which produces SARIF 2.1.0 against all trust passes.
+
 ## LLM Configuration
 
 Configure via CLI flags or environment variables (flags take precedence):
@@ -62,8 +66,8 @@ export LLM_ENRICHMENT_MODEL=cognium/gpt-oss-120b
 | `--llm-base-url <url>` | LLM API base URL (OpenAI-compatible) | `http://localhost:4000/v1` |
 | `--llm-api-key <key>` | LLM API key | `LLM_API_KEY` env var |
 | `--llm-model <model>` | LLM model name | `cognium/gpt-oss-120b` |
-| `--no-llm` | Disable LLM, static analysis only | off |
-| `--llm-discovery` | Enable deeper LLM discovery mode | off |
+| `--no-llm` | Disable LLM, use static analysis only | LLM enabled by default |
+| `--no-llm-discovery` | Disable LLM discovery mode | discovery enabled by default |
 
 ### Provider Examples
 
@@ -107,7 +111,17 @@ jobs:
             --llm-base-url https://models.github.ai/inference \
             --llm-api-key "$GITHUB_TOKEN" \
             --llm-model openai/gpt-5 \
-            -f sarif -o results.sarif
+            -f json -o scan.json
+
+      - name: Trust score with SARIF for code-scanning upload
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          cognium-ai trust ./src \
+            --llm-base-url https://models.github.ai/inference \
+            --llm-api-key "$GITHUB_TOKEN" \
+            --llm-model openai/gpt-5 \
+            -f sarif -o trust.sarif
 ```
 
 **Free tier limits**: `openai/gpt-5` = 50 req/day, `openai/gpt-4o-mini` = 150 req/day. Uses the built-in `GITHUB_TOKEN` with `models: read` permission.

package/dist/cli/args.d.ts

@@ -0,0 +1,82 @@
+/**
+ * CLI Argument Parser
+ */
+export type OutputFormat = 'json' | 'summary' | 'sarif' | 'markdown' | 'csv';
+export type Command = 'analyze' | 'benchmark' | 'scan' | 'health' | 'secrets' | 'dead-code' | 'generate-spec' | 'analyze-skill' | 'metrics' | 'trust' | 'compare' | 'quality' | 'understand' | 'spec-diff' | 'cluster';
+export type LogLevel = 'trace' | 'debug' | 'info' | 'warn' | 'error' | 'silent';
+export type BundleType = 'jr-dev' | 'sr-dev' | 'architect' | 'security-review' | 'full-review';
+export interface CliArgs {
+    command: Command;
+    file: string | null;
+    directory: string | null;
+    format: OutputFormat;
+    output: string | null;
+    config: string | null;
+    include: string[];
+    exclude: string[];
+    exitCode: boolean;
+    quiet: boolean;
+    help: boolean;
+    version: boolean;
+    logLevel: LogLevel | null;
+    discoverPatterns: boolean;
+    patternThreshold: number;
+    noLlm: boolean;
+    llmEnrich: boolean;
+    llmVerify: boolean;
+    llmBaseUrl: string | null;
+    llmApiKey: string | null;
+    llmModel: string | null;
+    language: string | null;
+    threads: number;
+    bundle: BundleType | null;
+    expectedResults: string | null;
+    limit: number | null;
+    categories: string[];
+    parallel: number | null;
+    cache: boolean;
+    cacheDir: string | null;
+    clearCache: boolean;
+    streamOutput: string | null;
+    memoryEfficient: boolean;
+    specModel: string | null;
+    specOverwrite: boolean;
+    specSkip: boolean;
+    specNoBackup: boolean;
+    specDesign: boolean;
+    specPrinciples: boolean;
+    specTasks: boolean;
+    specDesignLLM: boolean;
+    specPrinciplesLLM: boolean;
+    specTasksLLM: boolean;
+    specDir: string | null;
+    crossArtifact?: boolean;
+    verification?: boolean;
+    minConfidence?: number;
+    minSeverity?: 'critical' | 'high' | 'medium' | 'low' | 'info';
+    severity: 'critical' | 'high' | 'medium' | 'low' | null;
+    excludeTests: boolean;
+    llmDiscovery: boolean;
+    disablePass: string[];
+    fileTimeout: number;
+    maxFiles: number | null;
+    pathB: string | null;
+    history: boolean;
+    maxCommits: number;
+    includeCategory: string[];
+    excludeCategory: string[];
+    includeTests: boolean;
+    publicAsEntry: boolean;
+    top: number | null;
+    full: boolean;
+    metricCategory: string[];
+    role: string[];
+    securityOnly: boolean;
+    healthSecurity: boolean;
+    healthSecrets: boolean;
+    healthDeadCode: boolean;
+    healthQuality: boolean;
+    healthPerformance: boolean;
+    threshold: number;
+}
+//# sourceMappingURL=args.d.ts.map

package/dist/cli/args.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"args.d.ts","sourceRoot":"","sources":["../../src/cli/args.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,SAAS,GAAG,OAAO,GAAG,UAAU,GAAG,KAAK,CAAC;AAC7E,MAAM,MAAM,OAAO,GAAG,SAAS,GAAG,WAAW,GAAG,MAAM,GAAG,QAAQ,GAAG,SAAS,GAAG,WAAW,GAAG,eAAe,GAAG,eAAe,GAAG,SAAS,GAAG,OAAO,GAAG,SAAS,GAAG,SAAS,GAAG,YAAY,GAAG,WAAW,GAAG,SAAS,CAAC;AACvN,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,QAAQ,CAAC;AAEhF,MAAM,MAAM,UAAU,GAAG,QAAQ,GAAG,QAAQ,GAAG,WAAW,GAAG,iBAAiB,GAAG,aAAa,CAAC;AAE/F,MAAM,WAAW,OAAO;IACtB,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,MAAM,EAAE,YAAY,CAAC;IACrB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,QAAQ,EAAE,OAAO,CAAC;IAClB,KAAK,EAAE,OAAO,CAAC;IACf,IAAI,EAAE,OAAO,CAAC;IACd,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAAC;IAE1B,gBAAgB,EAAE,OAAO,CAAC;IAC1B,gBAAgB,EAAE,MAAM,CAAC;IAEzB,KAAK,EAAE,OAAO,CAAC;IACf,SAAS,EAAE,OAAO,CAAC;IACnB,SAAS,EAAE,OAAO,CAAC;IACnB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IAExB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IAExB,OAAO,EAAE,MAAM,CAAC;IAEhB,MAAM,EAAE,UAAU,GAAG,IAAI,CAAC;IAE1B,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IAExB,KAAK,EAAE,OAAO,CAAC;IACf,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,UAAU,EAAE,OAAO,CAAC;IAEpB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,eAAe,EAAE,OAAO,CAAC;IAEzB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,aAAa,EAAE,OAAO,CAAC;IACvB,QAAQ,EAAE,OAAO,CAAC;IAClB,YAAY,EAAE,OAAO,CAAC;IACtB,UAAU,EAAE,OAAO,CAAC;IACpB,cAAc,EAAE,OAAO,CAAC;IACxB,SAAS,EAAE,OAAO,CAAC;IACnB,aAAa,EAAE,OAAO,CAAC;IACvB,iBAAiB,EAAE,OAAO,CAAC;IAC3B,YAAY,EAAE,OAAO,CAAC;IAEtB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IAEvB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,WAAW,CAAC,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IAE9D,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,IAAI,CAAC;IAExD,YAAY,EAAE,OAAO,CAAC;IAEtB,YAAY,EAAE,OAAO,CAAC;IAEtB,WAAW,EAAE,MAAM,EAAE,CAAC;IAEtB,WAAW,EAAE,MAAM,CAAC;IAEpB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IAExB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAErB,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,eAAe,EAAE,MAAM,EAAE,CAAC;IAE1B,YAAY,EAAE,OAAO,CAAC;IACtB,aAAa,EAAE,OAAO,CAAC;IACvB,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,IAAI,EAAE,OAAO,CAAC;IAEd,cAAc,EAAE,MAAM,EAAE,CAAC;IAEzB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,YAAY,EAAE,OAAO,CAAC;IAEtB,cAAc,EAAE,OAAO,CAAC;IACxB,aAAa,EAAE,OAAO,CAAC;IACvB,cAAc,EAAE,OAAO,CAAC;IACxB,aAAa,EAAE,OAAO,CAAC;IACvB,iBAAiB,EAAE,OAAO,CAAC;IAC3B,SAAS,EAAE,MAAM,CAAC;CACnB"}

package/dist/cli/args.js

@@ -0,0 +1,5 @@
+/**
+ * CLI Argument Parser
+ */
+export {};
+//# sourceMappingURL=args.js.map

package/dist/cli/args.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"args.js","sourceRoot":"","sources":["../../src/cli/args.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/dist/cli/colors.d.ts

@@ -0,0 +1,31 @@
+/**
+ * Terminal Colors
+ *
+ * Lightweight color utilities using ANSI codes.
+ * Colors are disabled when output is not a TTY (piping to file).
+ */
+export declare const colors: {
+    red: (text: string) => string;
+    green: (text: string) => string;
+    yellow: (text: string) => string;
+    blue: (text: string) => string;
+    magenta: (text: string) => string;
+    cyan: (text: string) => string;
+    gray: (text: string) => string;
+    bold: (text: string) => string;
+    dim: (text: string) => string;
+    error: (text: string) => string;
+    warning: (text: string) => string;
+    success: (text: string) => string;
+    info: (text: string) => string;
+    critical: (text: string) => string;
+    high: (text: string) => string;
+    medium: (text: string) => string;
+    low: (text: string) => string;
+};
+export declare function getSpinnerFrame(): string;
+/**
+ * Clear the current line and move cursor to start.
+ */
+export declare function clearLine(): void;
+//# sourceMappingURL=colors.d.ts.map

package/dist/cli/colors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"colors.d.ts","sourceRoot":"","sources":["../../src/cli/colors.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAuCH,eAAO,MAAM,MAAM;gBAEL,MAAM;kBACJ,MAAM;mBACL,MAAM;iBACR,MAAM;oBACH,MAAM;iBACT,MAAM;iBACN,MAAM;iBAGN,MAAM;gBACP,MAAM;kBAGJ,MAAM;oBACJ,MAAM;oBACN,MAAM;iBACT,MAAM;qBAGF,MAAM;iBACV,MAAM;mBACJ,MAAM;gBACT,MAAM;CACnB,CAAC;AAQF,wBAAgB,eAAe,IAAI,MAAM,CAGxC;AAED;;GAEG;AACH,wBAAgB,SAAS,IAAI,IAAI,CAGhC"}

package/dist/cli/colors.js

@@ -0,0 +1,80 @@
+/**
+ * Terminal Colors
+ *
+ * Lightweight color utilities using ANSI codes.
+ * Colors are disabled when output is not a TTY (piping to file).
+ */
+// Check if colors should be enabled
+const supportsColor = process.stdout.isTTY && !process.env.NO_COLOR;
+const codes = {
+    reset: '\x1b[0m',
+    bold: '\x1b[1m',
+    dim: '\x1b[2m',
+    // Colors
+    red: '\x1b[31m',
+    green: '\x1b[32m',
+    yellow: '\x1b[33m',
+    blue: '\x1b[34m',
+    magenta: '\x1b[35m',
+    cyan: '\x1b[36m',
+    white: '\x1b[37m',
+    gray: '\x1b[90m',
+    // Bright colors
+    brightRed: '\x1b[91m',
+    brightGreen: '\x1b[92m',
+    brightYellow: '\x1b[93m',
+    brightBlue: '\x1b[94m',
+    brightMagenta: '\x1b[95m',
+    brightCyan: '\x1b[96m',
+    // Background
+    bgRed: '\x1b[41m',
+    bgGreen: '\x1b[42m',
+    bgYellow: '\x1b[43m',
+};
+function colorize(color, text) {
+    if (!supportsColor)
+        return text;
+    return `${color}${text}${codes.reset}`;
+}
+export const colors = {
+    // Text colors
+    red: (text) => colorize(codes.red, text),
+    green: (text) => colorize(codes.green, text),
+    yellow: (text) => colorize(codes.yellow, text),
+    blue: (text) => colorize(codes.blue, text),
+    magenta: (text) => colorize(codes.magenta, text),
+    cyan: (text) => colorize(codes.cyan, text),
+    gray: (text) => colorize(codes.gray, text),
+    // Styles
+    bold: (text) => colorize(codes.bold, text),
+    dim: (text) => colorize(codes.dim, text),
+    // Semantic colors
+    error: (text) => colorize(codes.red, text),
+    warning: (text) => colorize(codes.yellow, text),
+    success: (text) => colorize(codes.green, text),
+    info: (text) => colorize(codes.cyan, text),
+    // Severity
+    critical: (text) => colorize(codes.brightRed + codes.bold, text),
+    high: (text) => colorize(codes.red, text),
+    medium: (text) => colorize(codes.yellow, text),
+    low: (text) => colorize(codes.gray, text),
+};
+/**
+ * Format a spinner character for progress indication.
+ */
+const spinnerFrames = ['⠋', '⠙', '⠹', '⠸', '⠼', '⠴', '⠦', '⠧', '⠇', '⠏'];
+let spinnerIndex = 0;
+export function getSpinnerFrame() {
+    if (!supportsColor)
+        return '*';
+    return spinnerFrames[spinnerIndex++ % spinnerFrames.length];
+}
+/**
+ * Clear the current line and move cursor to start.
+ */
+export function clearLine() {
+    if (!supportsColor)
+        return;
+    process.stdout.write('\r\x1b[K');
+}
+//# sourceMappingURL=colors.js.map

package/dist/cli/colors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"colors.js","sourceRoot":"","sources":["../../src/cli/colors.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,oCAAoC;AACpC,MAAM,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC;AAEpE,MAAM,KAAK,GAAG;IACZ,KAAK,EAAE,SAAS;IAChB,IAAI,EAAE,SAAS;IACf,GAAG,EAAE,SAAS;IAEd,SAAS;IACT,GAAG,EAAE,UAAU;IACf,KAAK,EAAE,UAAU;IACjB,MAAM,EAAE,UAAU;IAClB,IAAI,EAAE,UAAU;IAChB,OAAO,EAAE,UAAU;IACnB,IAAI,EAAE,UAAU;IAChB,KAAK,EAAE,UAAU;IACjB,IAAI,EAAE,UAAU;IAEhB,gBAAgB;IAChB,SAAS,EAAE,UAAU;IACrB,WAAW,EAAE,UAAU;IACvB,YAAY,EAAE,UAAU;IACxB,UAAU,EAAE,UAAU;IACtB,aAAa,EAAE,UAAU;IACzB,UAAU,EAAE,UAAU;IAEtB,aAAa;IACb,KAAK,EAAE,UAAU;IACjB,OAAO,EAAE,UAAU;IACnB,QAAQ,EAAE,UAAU;CACrB,CAAC;AAEF,SAAS,QAAQ,CAAC,KAAa,EAAE,IAAY;IAC3C,IAAI,CAAC,aAAa;QAAE,OAAO,IAAI,CAAC;IAChC,OAAO,GAAG,KAAK,GAAG,IAAI,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC;AACzC,CAAC;AAED,MAAM,CAAC,MAAM,MAAM,GAAG;IACpB,cAAc;IACd,GAAG,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC;IAChD,KAAK,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC;IACpD,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,CAAC;IACtD,IAAI,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC;IAClD,OAAO,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,IAAI,CAAC;IACxD,IAAI,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC;IAClD,IAAI,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC;IAElD,SAAS;IACT,IAAI,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC;IAClD,GAAG,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC;IAEhD,kBAAkB;IAClB,KAAK,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC;IAClD,OAAO,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,CAAC;IACvD,OAAO,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC;IACtD,IAAI,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC;IAElD,WAAW;IACX,QAAQ,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,SAAS,GAAG,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC;IACxE,IAAI,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC;IACjD,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,CAAC;IACtD,GAAG,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC;CAClD,CAAC;AAEF;;GAEG;AACH,MAAM,aAAa,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;AACzE,IAAI,YAAY,GAAG,CAAC,CAAC;AAErB,MAAM,UAAU,eAAe;IAC7B,IAAI,CAAC,aAAa;QAAE,OAAO,GAAG,CAAC;IAC/B,OAAO,aAAa,CAAC,YAAY,EAAE,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;AAC9D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS;IACvB,IAAI,CAAC,aAAa;QAAE,OAAO;IAC3B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;AACnC,CAAC"}

package/dist/cli/commands/analyze-skill.d.ts

@@ -0,0 +1,33 @@
+/**
+ * Analyze Skill CLI Command
+ *
+ * Analyzes AI skill bundles for security issues.
+ *
+ * Usage:
+ *   cognium-ai analyze-skill <skill-path>
+ *   cognium-ai analyze-skill <skill-path> --format json
+ *   cognium-ai analyze-skill <skill-path> --format json -o report.json
+ *   cognium-ai analyze-skill <skill-path> --no-cross-artifact
+ *   cognium-ai analyze-skill <skill-path> --min-confidence 0.8
+ */
+export interface AnalyzeSkillOptions {
+    /** Output format */
+    format?: 'text' | 'json' | 'markdown';
+    /** Output file path */
+    output?: string;
+    /** Enable cross-artifact analysis */
+    crossArtifact?: boolean;
+    /** Enable LLM verification */
+    verification?: boolean;
+    /** Minimum confidence threshold */
+    minConfidence?: number;
+    /** Minimum severity to report */
+    minSeverity?: 'critical' | 'high' | 'medium' | 'low' | 'info';
+    /** Show progress */
+    verbose?: boolean;
+}
+/**
+ * Execute analyze-skill command
+ */
+export declare function executeAnalyzeSkill(skillPath: string, options?: AnalyzeSkillOptions): Promise<void>;
+//# sourceMappingURL=analyze-skill.d.ts.map

package/dist/cli/commands/analyze-skill.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"analyze-skill.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/analyze-skill.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAUH,MAAM,WAAW,mBAAmB;IAClC,oBAAoB;IACpB,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,UAAU,CAAC;IAEtC,uBAAuB;IACvB,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,qCAAqC;IACrC,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB,8BAA8B;IAC9B,YAAY,CAAC,EAAE,OAAO,CAAC;IAEvB,mCAAmC;IACnC,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB,iCAAiC;IACjC,WAAW,CAAC,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IAE9D,oBAAoB;IACpB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,GAAE,mBAAwB,GAAG,OAAO,CAAC,IAAI,CAAC,CA6C7G"}

package/dist/cli/commands/analyze-skill.js

@@ -0,0 +1,217 @@
+/**
+ * Analyze Skill CLI Command
+ *
+ * Analyzes AI skill bundles for security issues.
+ *
+ * Usage:
+ *   cognium-ai analyze-skill <skill-path>
+ *   cognium-ai analyze-skill <skill-path> --format json
+ *   cognium-ai analyze-skill <skill-path> --format json -o report.json
+ *   cognium-ai analyze-skill <skill-path> --no-cross-artifact
+ *   cognium-ai analyze-skill <skill-path> --min-confidence 0.8
+ */
+import * as fs from 'fs/promises';
+import { analyzeSkillBundle, } from 'circle-ir-ai';
+/**
+ * Execute analyze-skill command
+ */
+export async function executeAnalyzeSkill(skillPath, options = {}) {
+    const { format = 'text', output, crossArtifact = true, verification = true, minConfidence = 0.7, minSeverity = 'low', verbose = false, } = options;
+    try {
+        if (verbose) {
+            console.log(`Analyzing skill: ${skillPath}\n`);
+        }
+        // Run analysis
+        const result = await analyzeSkillBundle(skillPath, {
+            enableCrossArtifact: crossArtifact,
+            enableVerification: verification,
+            minConfidence,
+            minSeverity,
+            onProgress: verbose ? progressCallback : undefined,
+        });
+        // Format output
+        const formattedOutput = formatAnalysisResult(result, format);
+        // Write to file or stdout
+        if (output) {
+            await fs.writeFile(output, formattedOutput, 'utf-8');
+            console.log(`\nReport written to: ${output}`);
+        }
+        else {
+            console.log(formattedOutput);
+        }
+        // Exit with appropriate code
+        const hasCriticalFindings = result.findings.some((f) => f.severity === 'critical');
+        if (hasCriticalFindings) {
+            process.exit(1);
+        }
+    }
+    catch (error) {
+        console.error(`Error: ${error instanceof Error ? error.message : error}`);
+        process.exit(1);
+    }
+}
+/**
+ * Progress callback for verbose mode
+ */
+function progressCallback(status) {
+    const progress = status.progress.toFixed(0).padStart(3, ' ');
+    console.log(`[${progress}%] ${status.phase.toUpperCase().padEnd(10)} ${status.message}`);
+}
+/**
+ * Format analysis result based on format option
+ */
+function formatAnalysisResult(result, format) {
+    switch (format) {
+        case 'json':
+            return JSON.stringify(result, null, 2);
+        case 'markdown':
+            return formatMarkdown(result);
+        case 'text':
+        default:
+            return formatText(result);
+    }
+}
+/**
+ * Format as plain text
+ */
+function formatText(result) {
+    const lines = [];
+    lines.push('='.repeat(80));
+    lines.push(`SKILL ANALYSIS REPORT: ${result.name}`);
+    lines.push('='.repeat(80));
+    lines.push('');
+    lines.push(`Skill ID:       ${result.skillId}`);
+    lines.push(`Version:        ${result.version}`);
+    lines.push(`Trust Score:    ${(result.score * 100).toFixed(1)}% ${getScoreEmoji(result.score)}`);
+    lines.push(`Findings:       ${result.findings.length}`);
+    lines.push(`Analysis Time:  ${(result.metadata.durationMs / 1000).toFixed(2)}s`);
+    lines.push('');
+    // Group findings by severity
+    const bySeverity = groupBySeverity(result.findings);
+    for (const severity of ['critical', 'high', 'medium', 'low', 'info']) {
+        const findings = bySeverity.get(severity) || [];
+        if (findings.length === 0)
+            continue;
+        lines.push('');
+        lines.push(`${'─'.repeat(80)}`);
+        lines.push(`${severity.toUpperCase()} FINDINGS (${findings.length})`);
+        lines.push(`${'─'.repeat(80)}`);
+        lines.push('');
+        for (let i = 0; i < findings.length; i++) {
+            const finding = findings[i];
+            lines.push(`${i + 1}. ${finding.title}`);
+            lines.push(`   Type:       ${finding.type}`);
+            lines.push(`   Artifact:   ${finding.artifact}`);
+            lines.push(`   Confidence: ${(finding.confidence * 100).toFixed(0)}%`);
+            if (finding.cwe) {
+                lines.push(`   CWE:        ${finding.cwe}`);
+            }
+            if (finding.location?.line) {
+                lines.push(`   Location:   Line ${finding.location.line}`);
+            }
+            lines.push(`   Description: ${finding.description}`);
+            lines.push('');
+        }
+    }
+    // Recommendations
+    if (result.recommendations.length > 0) {
+        lines.push('');
+        lines.push(`${'─'.repeat(80)}`);
+        lines.push('RECOMMENDATIONS');
+        lines.push(`${'─'.repeat(80)}`);
+        lines.push('');
+        for (let i = 0; i < result.recommendations.length; i++) {
+            lines.push(`${i + 1}. ${result.recommendations[i]}`);
+        }
+        lines.push('');
+    }
+    lines.push('='.repeat(80));
+    return lines.join('\n');
+}
+/**
+ * Format as Markdown
+ */
+function formatMarkdown(result) {
+    const lines = [];
+    lines.push(`# Skill Analysis Report: ${result.name}`);
+    lines.push('');
+    lines.push(`**Skill ID:** ${result.skillId}  `);
+    lines.push(`**Version:** ${result.version}  `);
+    lines.push(`**Trust Score:** ${(result.score * 100).toFixed(1)}% ${getScoreEmoji(result.score)}  `);
+    lines.push(`**Findings:** ${result.findings.length}  `);
+    lines.push(`**Analysis Time:** ${(result.metadata.durationMs / 1000).toFixed(2)}s  `);
+    lines.push('');
+    // Summary by severity
+    const bySeverity = groupBySeverity(result.findings);
+    lines.push('## Summary');
+    lines.push('');
+    lines.push('| Severity | Count |');
+    lines.push('|----------|-------|');
+    for (const severity of ['critical', 'high', 'medium', 'low', 'info']) {
+        const count = bySeverity.get(severity)?.length || 0;
+        if (count > 0) {
+            lines.push(`| ${severity} | ${count} |`);
+        }
+    }
+    lines.push('');
+    // Detailed findings
+    for (const severity of ['critical', 'high', 'medium', 'low', 'info']) {
+        const findings = bySeverity.get(severity) || [];
+        if (findings.length === 0)
+            continue;
+        lines.push(`## ${severity.toUpperCase()} Findings (${findings.length})`);
+        lines.push('');
+        for (let i = 0; i < findings.length; i++) {
+            const finding = findings[i];
+            lines.push(`### ${i + 1}. ${finding.title}`);
+            lines.push('');
+            lines.push(`- **Type:** ${finding.type}`);
+            lines.push(`- **Artifact:** ${finding.artifact}`);
+            lines.push(`- **Confidence:** ${(finding.confidence * 100).toFixed(0)}%`);
+            if (finding.cwe) {
+                lines.push(`- **CWE:** ${finding.cwe}`);
+            }
+            if (finding.location?.line) {
+                lines.push(`- **Location:** Line ${finding.location.line}`);
+            }
+            lines.push('');
+            lines.push(`**Description:** ${finding.description}`);
+            lines.push('');
+        }
+    }
+    // Recommendations
+    if (result.recommendations.length > 0) {
+        lines.push('## Recommendations');
+        lines.push('');
+        for (let i = 0; i < result.recommendations.length; i++) {
+            lines.push(`${i + 1}. ${result.recommendations[i]}`);
+        }
+        lines.push('');
+    }
+    return lines.join('\n');
+}
+/**
+ * Get emoji for score
+ */
+function getScoreEmoji(score) {
+    if (score >= 0.9)
+        return '✅';
+    if (score >= 0.7)
+        return '⚠️';
+    if (score >= 0.5)
+        return '❌';
+    return '🚨';
+}
+/**
+ * Group findings by severity
+ */
+function groupBySeverity(findings) {
+    const map = new Map();
+    for (const finding of findings) {
+        const existing = map.get(finding.severity) || [];
+        existing.push(finding);
+        map.set(finding.severity, existing);
+    }
+    return map;
+}
+//# sourceMappingURL=analyze-skill.js.map

package/dist/cli/commands/analyze-skill.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"analyze-skill.js","sourceRoot":"","sources":["../../../src/cli/commands/analyze-skill.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,EACL,kBAAkB,GAInB,MAAM,cAAc,CAAC;AAyBtB;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,SAAiB,EAAE,UAA+B,EAAE;IAC5F,MAAM,EACJ,MAAM,GAAG,MAAM,EACf,MAAM,EACN,aAAa,GAAG,IAAI,EACpB,YAAY,GAAG,IAAI,EACnB,aAAa,GAAG,GAAG,EACnB,WAAW,GAAG,KAAK,EACnB,OAAO,GAAG,KAAK,GAChB,GAAG,OAAO,CAAC;IAEZ,IAAI,CAAC;QACH,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,CAAC,GAAG,CAAC,oBAAoB,SAAS,IAAI,CAAC,CAAC;QACjD,CAAC;QAED,eAAe;QACf,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,SAAS,EAAE;YACjD,mBAAmB,EAAE,aAAa;YAClC,kBAAkB,EAAE,YAAY;YAChC,aAAa;YACb,WAAW;YACX,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS;SACnD,CAAC,CAAC;QAEH,gBAAgB;QAChB,MAAM,eAAe,GAAG,oBAAoB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAE7D,0BAA0B;QAC1B,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,EAAE,CAAC,SAAS,CAAC,MAAM,EAAE,eAAe,EAAE,OAAO,CAAC,CAAC;YACrD,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,EAAE,CAAC,CAAC;QAChD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAC/B,CAAC;QAED,6BAA6B;QAC7B,MAAM,mBAAmB,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACnF,IAAI,mBAAmB,EAAE,CAAC;YACxB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,UAAU,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QAC1E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,MAAwB;IAChD,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAC7D,OAAO,CAAC,GAAG,CAAC,IAAI,QAAQ,MAAM,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;AAC3F,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,MAA2B,EAAE,MAAoC;IAC7F,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,MAAM;YACT,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QACzC,KAAK,UAAU;YACb,OAAO,cAAc,CAAC,MAAM,CAAC,CAAC;QAChC,KAAK,MAAM,CAAC;QACZ;YACE,OAAO,UAAU,CAAC,MAAM,CAAC,CAAC;IAC9B,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,MAA2B;IAC7C,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,0BAA0B,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;IACpD,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,mBAAmB,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IAChD,KAAK,CAAC,IAAI,CAAC,mBAAmB,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IAChD,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,aAAa,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACjG,KAAK,CAAC,IAAI,CAAC,mBAAmB,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;IACxD,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACjF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,6BAA6B;IAC7B,MAAM,UAAU,GAAG,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAEpD,KAAK,MAAM,QAAQ,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,EAAE,CAAC;QACrE,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QAChD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAEpC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAChC,KAAK,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,WAAW,EAAE,cAAc,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;QACtE,KAAK,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAChC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACzC,MAAM,OAAO,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC5B,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;YACzC,KAAK,CAAC,IAAI,CAAC,kBAAkB,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;YAC7C,KAAK,CAAC,IAAI,CAAC,kBAAkB,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;YACjD,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,UAAU,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACvE,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;gBAChB,KAAK,CAAC,IAAI,CAAC,kBAAkB,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;YAC9C,CAAC;YACD,IAAI,OAAO,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC;gBAC3B,KAAK,CAAC,IAAI,CAAC,uBAAuB,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;YAC7D,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,mBAAmB,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;YACrD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;IAED,kBAAkB;IAClB,IAAI,MAAM,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAChC,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAC9B,KAAK,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAChC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACvD,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACvD,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAE3B,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,MAA2B;IACjD,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,CAAC,IAAI,CAAC,4BAA4B,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;IACtD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,OAAO,IAAI,CAAC,CAAC;IAChD,KAAK,CAAC,IAAI,CAAC,gBAAgB,MAAM,CAAC,OAAO,IAAI,CAAC,CAAC;IAC/C,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,aAAa,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACpG,KAAK,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,QAAQ,CAAC,MAAM,IAAI,CAAC,CAAC;IACxD,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IACtF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,sBAAsB;IACtB,MAAM,UAAU,GAAG,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACpD,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACzB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACnC,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACnC,KAAK,MAAM,QAAQ,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,EAAE,CAAC;QACrE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,MAAM,IAAI,CAAC,CAAC;QACpD,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;YACd,KAAK,CAAC,IAAI,CAAC,KAAK,QAAQ,MAAM,KAAK,IAAI,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,oBAAoB;IACpB,KAAK,MAAM,QAAQ,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,EAAE,CAAC;QACrE,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QAChD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAEpC,KAAK,CAAC,IAAI,CAAC,MAAM,QAAQ,CAAC,WAAW,EAAE,cAAc,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;QACzE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACzC,MAAM,OAAO,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC5B,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;YAC7C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,eAAe,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;YAC1C,KAAK,CAAC,IAAI,CAAC,mBAAmB,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;YAClD,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,UAAU,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YAC1E,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;gBAChB,KAAK,CAAC,IAAI,CAAC,cAAc,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;YAC1C,CAAC;YACD,IAAI,OAAO,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC;gBAC3B,KAAK,CAAC,IAAI,CAAC,wBAAwB,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;YAC9D,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,oBAAoB,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;YACtD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;IAED,kBAAkB;IAClB,IAAI,MAAM,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtC,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QACjC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACvD,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACvD,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,KAAa;IAClC,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,GAAG,CAAC;IAC7B,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,IAAI,CAAC;IAC9B,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,GAAG,CAAC;IAC7B,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CACtB,QAAwB;IAExB,MAAM,GAAG,GAAG,IAAI,GAAG,EAA0B,CAAC;IAE9C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QACjD,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACvB,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IACtC,CAAC;IAED,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/cli/commands/analyze.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Analyze command — single-file, directory swarm, or multi-agent bundle.
+ *
+ * Also exports the lower-level runAnalysis() helper used by other code.
+ */
+import { type CircleIR, type TaintConfig } from 'circle-ir';
+import type { CliArgs } from '../args.js';
+export interface AnalysisOptions {
+    taintConfig?: TaintConfig;
+    discoverPatterns?: boolean;
+    patternThreshold?: number;
+    llmEnrich?: boolean;
+    llmVerify?: boolean;
+    llmBaseUrl?: string;
+    llmApiKey?: string;
+}
+export declare function runAnalysis(filePath: string, options?: AnalysisOptions): Promise<CircleIR>;
+export declare function executeAnalyze(args: CliArgs): Promise<number>;
+//# sourceMappingURL=analyze.d.ts.map

package/dist/cli/commands/analyze.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"analyze.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/analyze.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,EAAW,KAAK,QAAQ,EAAE,KAAK,WAAW,EAAE,MAAM,WAAW,CAAC;AASrE,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAS1C,MAAM,WAAW,eAAe;IAC9B,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,wBAAsB,WAAW,CAC/B,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,eAAoB,GAC5B,OAAO,CAAC,QAAQ,CAAC,CAQnB;AAyGD,wBAAsB,cAAc,CAAC,IAAI,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAuLnE"}