cto-ai-cli 4.0.0 → 5.1.0

package/dist/cli/score.js

@@ -621,8 +621,8 @@ async function analyzeProject(projectPath, config) {
     maxDepth: mergedConfig.analysis.maxDepth
   });
   const tokenMethod = mergedConfig.tokens.method;
-  const files = [];
-  for (const entry of walkEntries) {
+  const BATCH_SIZE = 50;
+  async function estimateFileTokens(entry) {
     let tokens;
     if (tokenMethod === "tiktoken") {
       try {
@@ -634,7 +634,7 @@ async function analyzeProject(projectPath, config) {
     } else {
       tokens = countTokensChars4(entry.size);
     }
-    files.push({
+    return {
       path: entry.path,
       relativePath: entry.relativePath,
       extension: entry.extension,
@@ -643,16 +643,20 @@ async function analyzeProject(projectPath, config) {
       lines: entry.lines,
       lastModified: entry.lastModified,
       kind: classifyFileKind(entry.relativePath),
-      // Graph data — populated by graph analysis
       imports: [],
       importedBy: [],
       isHub: false,
       complexity: 0,
-      // Risk data — populated by risk analysis
       riskScore: 0,
       riskFactors: [],
       exclusionImpact: "none"
-    });
+    };
+  }
+  const files = [];
+  for (let i = 0; i < walkEntries.length; i += BATCH_SIZE) {
+    const batch = walkEntries.slice(i, i + BATCH_SIZE);
+    const results = await Promise.all(batch.map(estimateFileTokens));
+    files.push(...results);
   }
   const graph = buildProjectGraph(absPath, files);
   for (const file of files) {
@@ -1344,10 +1348,7 @@ var init_secrets = __esm({
 });
 
 // src/engine/pruner.ts
-import { Project as Project2, SyntaxKind as SyntaxKind2 } from "ts-morph";
 import { readFile as readFile4 } from "fs/promises";
-import { existsSync as existsSync3 } from "fs";
-import { join as join4 } from "path";
 async function pruneFile(file, level) {
   if (level === "excluded") {
     return emptyResult(file, "excluded");
@@ -1369,23 +1370,7 @@ async function pruneTypeScript(file, level) {
   } catch {
     return emptyResult(file, level);
   }
-  let project;
-  try {
-    const tsConfigPath = findTsConfig(file.path);
-    project = new Project2({
-      tsConfigFilePath: tsConfigPath,
-      skipAddingFilesFromTsConfig: true,
-      compilerOptions: tsConfigPath ? void 0 : { allowJs: true, esModuleInterop: true }
-    });
-    project.createSourceFile(file.path, content, { overwrite: true });
-  } catch {
-    return pruneGenericFromContent(file, content, level);
-  }
-  const sourceFile = project.getSourceFiles()[0];
-  if (!sourceFile) {
-    return pruneGenericFromContent(file, content, level);
-  }
-  const prunedContent = level === "signatures" ? extractSignaturesAST(sourceFile) : extractSkeletonAST(sourceFile);
+  const prunedContent = level === "signatures" ? extractSignaturesRegex(content) : extractSkeletonRegex(content);
   const prunedTokens = countTokensChars4(Buffer.byteLength(prunedContent, "utf-8"));
   const savingsPercent = file.tokens > 0 ? (file.tokens - prunedTokens) / file.tokens * 100 : 0;
   return {
@@ -1397,131 +1382,281 @@ async function pruneTypeScript(file, level) {
     savingsPercent: Math.max(0, savingsPercent)
   };
 }
-function extractSignaturesAST(sf) {
+function extractSignaturesRegex(content) {
+  const lines = content.split("\n");
   const parts = [];
-  for (const imp of sf.getImportDeclarations()) {
-    parts.push(imp.getText());
-  }
-  if (parts.length > 0) parts.push("");
-  for (const ta of sf.getTypeAliases()) {
-    addJSDoc(ta, parts);
-    parts.push(ta.getText());
-  }
-  for (const iface of sf.getInterfaces()) {
-    addJSDoc(iface, parts);
-    parts.push(iface.getText());
-  }
-  for (const en of sf.getEnums()) {
-    addJSDoc(en, parts);
-    parts.push(en.getText());
-  }
-  for (const fn of sf.getFunctions()) {
-    addJSDoc(fn, parts);
-    const isExported = fn.isExported();
-    const isAsync = fn.isAsync();
-    const name = fn.getName() ?? "<anonymous>";
-    const params = fn.getParameters().map((p) => p.getText()).join(", ");
-    const returnType = fn.getReturnTypeNode()?.getText();
-    const returnStr = returnType ? `: ${returnType}` : "";
-    const prefix = isExported ? "export " : "";
-    const asyncStr = isAsync ? "async " : "";
-    parts.push(`${prefix}${asyncStr}function ${name}(${params})${returnStr} { /* ... */ }`);
-  }
-  for (const stmt of sf.getVariableStatements()) {
-    for (const decl of stmt.getDeclarations()) {
-      const init = decl.getInitializer();
-      if (init && (init.getKind() === SyntaxKind2.ArrowFunction || init.getKind() === SyntaxKind2.FunctionExpression)) {
-        addJSDoc(stmt, parts);
-        const isExported = stmt.isExported();
-        const prefix = isExported ? "export " : "";
-        const kind = stmt.getDeclarationKind();
-        const name = decl.getName();
-        const typeNode = decl.getTypeNode()?.getText();
-        const typeStr = typeNode ? `: ${typeNode}` : "";
-        parts.push(`${prefix}${kind} ${name}${typeStr} = /* ... */;`);
-      } else {
-        addJSDoc(stmt, parts);
-        parts.push(stmt.getText());
+  let i = 0;
+  while (i < lines.length) {
+    const line = lines[i];
+    const trimmed = line.trim();
+    if (trimmed === "") {
+      i++;
+      continue;
+    }
+    if (trimmed.startsWith("/**")) {
+      const docLines = [];
+      while (i < lines.length) {
+        docLines.push(lines[i]);
+        if (lines[i].includes("*/")) {
+          i++;
+          break;
+        }
+        i++;
       }
+      parts.push(docLines.join("\n"));
+      continue;
     }
-  }
-  for (const cls of sf.getClasses()) {
-    addJSDoc(cls, parts);
-    const isExported = cls.isExported();
-    const prefix = isExported ? "export " : "";
-    const name = cls.getName() ?? "<anonymous>";
-    const ext = cls.getExtends()?.getText();
-    const impl = cls.getImplements().map((i) => i.getText()).join(", ");
-    let header = `${prefix}class ${name}`;
-    if (ext) header += ` extends ${ext}`;
-    if (impl) header += ` implements ${impl}`;
-    header += " {";
-    parts.push(header);
-    for (const prop of cls.getProperties()) {
-      parts.push(`  ${prop.getText()}`);
-    }
-    const ctor = cls.getConstructors()[0];
-    if (ctor) {
-      const ctorParams = ctor.getParameters().map((p) => p.getText()).join(", ");
-      parts.push(`  constructor(${ctorParams}) { /* ... */ }`);
-    }
-    for (const method of cls.getMethods()) {
-      const isStatic = method.isStatic();
-      const isAsync = method.isAsync();
-      const methodName = method.getName();
-      const methodParams = method.getParameters().map((p) => p.getText()).join(", ");
-      const returnType = method.getReturnTypeNode()?.getText();
-      const returnStr = returnType ? `: ${returnType}` : "";
-      const staticStr = isStatic ? "static " : "";
-      const asyncStr = isAsync ? "async " : "";
-      parts.push(`  ${staticStr}${asyncStr}${methodName}(${methodParams})${returnStr} { /* ... */ }`);
-    }
-    parts.push("}");
-  }
-  for (const exp of sf.getExportDeclarations()) {
-    parts.push(exp.getText());
-  }
-  for (const exp of sf.getExportAssignments()) {
-    parts.push(exp.getText());
+    if (trimmed.startsWith("//")) {
+      parts.push(line);
+      i++;
+      continue;
+    }
+    if (/^\s*(import|export)\s/.test(line) && (trimmed.includes(" from ") || trimmed.startsWith("import "))) {
+      const block = collectBracedLine(lines, i);
+      parts.push(block.text);
+      i = block.nextIndex;
+      continue;
+    }
+    if (/^\s*export\s*(\{|\*)/.test(trimmed)) {
+      const block = collectBracedLine(lines, i);
+      parts.push(block.text);
+      i = block.nextIndex;
+      continue;
+    }
+    if (/^\s*(export\s+)?type\s+\w/.test(trimmed) && !trimmed.startsWith("typeof")) {
+      const block = collectBalanced(lines, i);
+      parts.push(block.text);
+      i = block.nextIndex;
+      continue;
+    }
+    if (/^\s*(export\s+)?interface\s+\w/.test(trimmed)) {
+      const block = collectBalanced(lines, i);
+      parts.push(block.text);
+      i = block.nextIndex;
+      continue;
+    }
+    if (/^\s*(export\s+)?(const\s+)?enum\s+\w/.test(trimmed)) {
+      const block = collectBalanced(lines, i);
+      parts.push(block.text);
+      i = block.nextIndex;
+      continue;
+    }
+    const fnMatch = trimmed.match(/^(export\s+)?(async\s+)?function\s+(\w+)/);
+    if (fnMatch) {
+      const sig = extractFnSignature(lines, i);
+      parts.push(`${sig} { /* ... */ }`);
+      i = skipBlock(lines, i);
+      continue;
+    }
+    const arrowMatch = trimmed.match(/^(export\s+)?(const|let|var)\s+(\w+)/);
+    if (arrowMatch && looksLikeFunctionDecl(lines, i)) {
+      const prefix = trimmed.match(/^((?:export\s+)?(?:const|let|var)\s+\w+[^=]*=)/)?.[1];
+      if (prefix) {
+        parts.push(`${prefix} /* ... */;`);
+      }
+      i = skipBlock(lines, i);
+      continue;
+    }
+    if (arrowMatch) {
+      const block = collectStatement(lines, i);
+      parts.push(block.text);
+      i = block.nextIndex;
+      continue;
+    }
+    if (/^\s*(export\s+)?(abstract\s+)?class\s+\w/.test(trimmed)) {
+      const classOutline = extractClassOutline(lines, i);
+      parts.push(classOutline.text);
+      i = classOutline.nextIndex;
+      continue;
+    }
+    i++;
   }
   return parts.join("\n");
 }
-function extractSkeletonAST(sf) {
+function extractSkeletonRegex(content) {
+  const lines = content.split("\n");
   const parts = [];
-  for (const imp of sf.getImportDeclarations()) {
-    parts.push(imp.getText());
-  }
-  if (parts.length > 0) parts.push("");
-  for (const ta of sf.getTypeAliases()) {
-    if (ta.isExported()) parts.push(ta.getText());
-  }
-  for (const iface of sf.getInterfaces()) {
-    if (!iface.isExported()) continue;
-    const ext = iface.getExtends().map((e) => e.getText());
-    const extStr = ext.length > 0 ? ` extends ${ext.join(", ")}` : "";
-    parts.push(`export interface ${iface.getName()}${extStr} { /* ${iface.getProperties().length} props */ }`);
-  }
-  for (const en of sf.getEnums()) {
-    if (!en.isExported()) continue;
-    const members = en.getMembers().map((m) => m.getName());
-    parts.push(`export enum ${en.getName()} { ${members.join(", ")} }`);
-  }
-  for (const fn of sf.getFunctions()) {
-    if (!fn.isExported()) continue;
-    const name = fn.getName() ?? "<anonymous>";
-    const params = fn.getParameters().map((p) => p.getText()).join(", ");
-    parts.push(`export function ${name}(${params});`);
-  }
-  for (const cls of sf.getClasses()) {
-    if (!cls.isExported()) continue;
-    const methods = cls.getMethods().map((m) => m.getName());
-    parts.push(`export class ${cls.getName()} { /* methods: ${methods.join(", ")} */ }`);
-  }
-  for (const exp of sf.getExportDeclarations()) {
-    parts.push(exp.getText());
+  let i = 0;
+  while (i < lines.length) {
+    const trimmed = lines[i].trim();
+    if (/^import\s/.test(trimmed)) {
+      const block = collectBracedLine(lines, i);
+      parts.push(block.text);
+      i = block.nextIndex;
+      continue;
+    }
+    if (/^export\s+(type|interface)\s+\w/.test(trimmed)) {
+      const block = collectBalanced(lines, i);
+      parts.push(block.text);
+      i = block.nextIndex;
+      continue;
+    }
+    if (/^export\s+(const\s+)?enum\s+\w/.test(trimmed)) {
+      const block = collectBalanced(lines, i);
+      parts.push(block.text);
+      i = block.nextIndex;
+      continue;
+    }
+    if (/^export\s+(async\s+)?function\s+\w/.test(trimmed)) {
+      const sig = extractFnSignature(lines, i);
+      parts.push(`${sig};`);
+      i = skipBlock(lines, i);
+      continue;
+    }
+    if (/^export\s+(abstract\s+)?class\s+/.test(trimmed)) {
+      const nameMatch = trimmed.match(/class\s+(\w+)/);
+      const name = nameMatch?.[1] ?? "Unknown";
+      const end = skipBlock(lines, i);
+      const methods = [];
+      for (let j = i + 1; j < end; j++) {
+        const mt = lines[j].trim();
+        const mm = mt.match(/^(?:static\s+)?(?:async\s+)?(\w+)\s*\(/);
+        if (mm && mm[1] !== "constructor") methods.push(mm[1]);
+      }
+      parts.push(`export class ${name} { /* methods: ${methods.join(", ")} */ }`);
+      i = end;
+      continue;
+    }
+    if (/^export\s*(\{|\*)/.test(trimmed)) {
+      const block = collectBracedLine(lines, i);
+      parts.push(block.text);
+      i = block.nextIndex;
+      continue;
+    }
+    i++;
   }
   return parts.join("\n");
 }
+function collectBracedLine(lines, start) {
+  let text = lines[start];
+  let i = start + 1;
+  while (i < lines.length && !text.includes(";") && !text.trimEnd().endsWith("'") && !text.trimEnd().endsWith('"')) {
+    text += "\n" + lines[i];
+    i++;
+  }
+  return { text, nextIndex: i };
+}
+function collectBalanced(lines, start) {
+  let depth = 0;
+  let text = "";
+  let i = start;
+  let started = false;
+  while (i < lines.length) {
+    const line = lines[i];
+    text += (text ? "\n" : "") + line;
+    for (const ch of line) {
+      if (ch === "{" || ch === "(") {
+        depth++;
+        started = true;
+      }
+      if (ch === "}" || ch === ")") depth--;
+    }
+    i++;
+    if (started && depth <= 0) break;
+    if (!started && line.includes(";")) break;
+  }
+  return { text, nextIndex: i };
+}
+function collectStatement(lines, start) {
+  let text = lines[start];
+  let i = start + 1;
+  if (text.includes(";")) return { text, nextIndex: i };
+  let depth = 0;
+  for (const ch of text) {
+    if (ch === "{" || ch === "(" || ch === "[") depth++;
+    if (ch === "}" || ch === ")" || ch === "]") depth--;
+  }
+  while (i < lines.length && depth > 0) {
+    text += "\n" + lines[i];
+    for (const ch of lines[i]) {
+      if (ch === "{" || ch === "(" || ch === "[") depth++;
+      if (ch === "}" || ch === ")" || ch === "]") depth--;
+    }
+    i++;
+  }
+  return { text, nextIndex: i };
+}
+function extractFnSignature(lines, start) {
+  let sig = "";
+  let i = start;
+  while (i < lines.length) {
+    const line = lines[i].trim();
+    sig += (sig ? " " : "") + line;
+    if (line.includes("{")) {
+      sig = sig.replace(/\s*\{[^]*$/, "").trim();
+      break;
+    }
+    i++;
+  }
+  return sig;
+}
+function skipBlock(lines, start) {
+  let depth = 0;
+  let i = start;
+  let foundBrace = false;
+  while (i < lines.length) {
+    for (const ch of lines[i]) {
+      if (ch === "{") {
+        depth++;
+        foundBrace = true;
+      }
+      if (ch === "}") depth--;
+    }
+    i++;
+    if (foundBrace && depth <= 0) break;
+    if (!foundBrace && lines[i - 1].includes(";")) break;
+  }
+  return i;
+}
+function looksLikeFunctionDecl(lines, start) {
+  const chunk = lines.slice(start, Math.min(start + 5, lines.length)).join(" ");
+  return /=>/.test(chunk) || /=\s*function/.test(chunk);
+}
+function extractClassOutline(lines, start) {
+  const header = lines[start].trim();
+  let headerText = header;
+  let i = start + 1;
+  if (!header.includes("{")) {
+    while (i < lines.length) {
+      headerText += " " + lines[i].trim();
+      if (lines[i].includes("{")) {
+        i++;
+        break;
+      }
+      i++;
+    }
+  } else {
+    i = start + 1;
+  }
+  const bodyParts = [headerText.replace(/\{[^]*$/, "{").trim()];
+  let depth = 1;
+  while (i < lines.length && depth > 0) {
+    const line = lines[i];
+    const trimmed = line.trim();
+    for (const ch of line) {
+      if (ch === "{") depth++;
+      if (ch === "}") depth--;
+    }
+    if (depth <= 0) {
+      i++;
+      break;
+    }
+    if (depth === 1) {
+      if (/^(private|protected|public|readonly|static|#)/.test(trimmed) && !trimmed.includes("(")) {
+        bodyParts.push(`  ${trimmed}`);
+      } else if (/^constructor\s*\(/.test(trimmed)) {
+        const sig = extractFnSignature(lines, i);
+        bodyParts.push(`  ${sig} { /* ... */ }`);
+      } else if (/^(?:static\s+)?(?:async\s+)?(?:get\s+|set\s+)?\w+\s*[(<]/.test(trimmed) && !trimmed.startsWith("//")) {
+        const sig = extractFnSignature(lines, i);
+        bodyParts.push(`  ${sig} { /* ... */ }`);
+      }
+    }
+    i++;
+  }
+  bodyParts.push("}");
+  return { text: bodyParts.join("\n"), nextIndex: i };
+}
 async function pruneGeneric(file, level) {
   let content;
   try {
@@ -1582,22 +1717,6 @@ function emptyResult(file, level) {
     savingsPercent: 100
   };
 }
-function addJSDoc(node, parts) {
-  if (!node.getJsDocs) return;
-  const docs = node.getJsDocs();
-  if (docs.length > 0) {
-    parts.push(docs[0].getText());
-  }
-}
-function findTsConfig(filePath) {
-  let dir = filePath;
-  for (let i = 0; i < 10; i++) {
-    dir = join4(dir, "..");
-    const candidate = join4(dir, "tsconfig.json");
-    if (existsSync3(candidate)) return candidate;
-  }
-  return void 0;
-}
 var TS_EXTENSIONS2;
 var init_pruner = __esm({
   "src/engine/pruner.ts"() {
@@ -2045,7 +2164,8 @@ var init_types = __esm({
 
 // src/gateway/providers.ts
 function parseOpenAIRequest(body) {
-  const messages = (body.messages || []).map((m) => ({
+  const rawMessages = Array.isArray(body.messages) ? body.messages : [];
+  const messages = rawMessages.map((m) => ({
     role: m.role || "user",
     content: typeof m.content === "string" ? m.content : JSON.stringify(m.content)
   }));
@@ -2057,34 +2177,29 @@ function parseOpenAIRequest(body) {
     temperature: body.temperature
   };
 }
-function parseOpenAIResponse(body, streaming) {
-  if (streaming) {
-    return {
-      model: body.model || "unknown",
-      inputTokens: body.usage?.prompt_tokens || 0,
-      outputTokens: body.usage?.completion_tokens || 0,
-      content: body.choices?.[0]?.message?.content || "",
-      finishReason: body.choices?.[0]?.finish_reason || "stop"
-    };
-  }
+function parseOpenAIResponse(body, _streaming) {
+  const usage = body.usage;
+  const choices = Array.isArray(body.choices) ? body.choices : [];
+  const first = choices[0];
+  const msg = first?.message;
   return {
     model: body.model || "unknown",
-    inputTokens: body.usage?.prompt_tokens || 0,
-    outputTokens: body.usage?.completion_tokens || 0,
-    content: body.choices?.[0]?.message?.content || "",
-    finishReason: body.choices?.[0]?.finish_reason || "stop"
+    inputTokens: usage?.prompt_tokens || 0,
+    outputTokens: usage?.completion_tokens || 0,
+    content: msg?.content || "",
+    finishReason: first?.finish_reason || "stop"
   };
 }
 function parseAnthropicRequest(body) {
   const messages = [];
   if (body.system) {
-    messages.push({ role: "system", content: body.system });
+    messages.push({ role: "system", content: String(body.system) });
   }
-  for (const m of body.messages || []) {
-    messages.push({
-      role: m.role || "user",
-      content: typeof m.content === "string" ? m.content : m.content?.map((b) => b.text || "").join("\n") || ""
-    });
+  const rawMessages = Array.isArray(body.messages) ? body.messages : [];
+  for (const m of rawMessages) {
+    const content = typeof m.content === "string" ? m.content : Array.isArray(m.content) ? m.content.map((b) => String(b.text ?? "")).join("\n") : "";
+    const role = m.role || "user";
+    messages.push({ role, content });
   }
   return {
     model: body.model || "unknown",
@@ -2095,43 +2210,53 @@ function parseAnthropicRequest(body) {
   };
 }
 function parseAnthropicResponse(body, _streaming) {
+  const usage = body.usage;
+  const contentBlocks = Array.isArray(body.content) ? body.content : [];
   return {
     model: body.model || "unknown",
-    inputTokens: body.usage?.input_tokens || 0,
-    outputTokens: body.usage?.output_tokens || 0,
-    content: body.content?.map((b) => b.text || "").join("\n") || "",
+    inputTokens: usage?.input_tokens || 0,
+    outputTokens: usage?.output_tokens || 0,
+    content: contentBlocks.map((b) => String(b.text ?? "")).join("\n"),
     finishReason: body.stop_reason || "end_turn"
   };
 }
 function parseGoogleRequest(body) {
   const messages = [];
-  if (body.systemInstruction?.parts) {
+  const sysInst = body.systemInstruction;
+  if (sysInst && Array.isArray(sysInst.parts)) {
     messages.push({
       role: "system",
-      content: body.systemInstruction.parts.map((p) => p.text || "").join("\n")
+      content: sysInst.parts.map((p) => String(p.text ?? "")).join("\n")
     });
   }
-  for (const item of body.contents || []) {
+  const contents = Array.isArray(body.contents) ? body.contents : [];
+  for (const item of contents) {
     const role = item.role === "model" ? "assistant" : "user";
-    const content = item.parts?.map((p) => p.text || "").join("\n") || "";
+    const parts = Array.isArray(item.parts) ? item.parts : [];
+    const content = parts.map((p) => String(p.text ?? "")).join("\n");
     messages.push({ role, content });
   }
   const model = body.model || body.modelId || "gemini-2.0-flash";
+  const genConfig = body.generationConfig;
   return {
     model,
     messages,
     stream: body.stream === true,
-    maxTokens: body.generationConfig?.maxOutputTokens,
-    temperature: body.generationConfig?.temperature
+    maxTokens: genConfig?.maxOutputTokens,
+    temperature: genConfig?.temperature
   };
 }
 function parseGoogleResponse(body, _streaming) {
-  const candidate = body.candidates?.[0];
+  const candidates = Array.isArray(body.candidates) ? body.candidates : [];
+  const candidate = candidates[0];
+  const usage = body.usageMetadata;
+  const candidateContent = candidate?.content;
+  const parts = Array.isArray(candidateContent?.parts) ? candidateContent.parts : [];
   return {
     model: body.modelVersion || body.model || "gemini-2.0-flash",
-    inputTokens: body.usageMetadata?.promptTokenCount || 0,
-    outputTokens: body.usageMetadata?.candidatesTokenCount || 0,
-    content: candidate?.content?.parts?.map((p) => p.text || "").join("\n") || "",
+    inputTokens: usage?.promptTokenCount || 0,
+    outputTokens: usage?.candidatesTokenCount || 0,
+    content: parts.map((p) => String(p.text ?? "")).join("\n"),
     finishReason: candidate?.finishReason || "STOP"
   };
 }
@@ -2240,8 +2365,8 @@ var init_providers = __esm({
 });
 
 // src/gateway/interceptor.ts
-import { readFileSync as readFileSync2 } from "fs";
-import { resolve as resolve6 } from "path";
+import { readFileSync as readFileSync3 } from "fs";
+import { resolve as resolve10 } from "path";
 function estimateTokensFromString(s) {
   return Math.ceil(Buffer.byteLength(s, "utf-8") / 4);
 }
@@ -2355,8 +2480,8 @@ async function optimizeContext(messages, analysis, config) {
         continue;
       }
       try {
-        const fullPath = resolve6(config.projectPath, f.relativePath);
-        const content = readFileSync2(fullPath, "utf-8");
+        const fullPath = resolve10(config.projectPath, f.relativePath);
+        const content = readFileSync3(fullPath, "utf-8");
         const fileTokens = estimateTokensFromString(content);
         const remainingBudget = contentBudget - usedTokens;
         let fileContent;
@@ -2425,7 +2550,8 @@ async function optimizeContext(messages, analysis, config) {
     );
     return { messages: optimizedMessages, injected: true, optimizeDecisions };
   } catch (err) {
-    optimizeDecisions.push(`Context optimization failed: ${err.message}`);
+    const errMsg = err instanceof Error ? err.message : String(err);
+    optimizeDecisions.push(`Context optimization failed: ${errMsg}`);
     return { messages, injected: false, optimizeDecisions };
   }
 }
@@ -2438,8 +2564,8 @@ var init_interceptor = __esm({
 });
 
 // src/gateway/tracker.ts
-import { mkdirSync as mkdirSync2, appendFileSync, readFileSync as readFileSync3, readdirSync, existsSync as existsSync6 } from "fs";
-import { join as join7 } from "path";
+import { mkdirSync as mkdirSync7, appendFileSync as appendFileSync2, readFileSync as readFileSync4, readdirSync, existsSync as existsSync5 } from "fs";
+import { join as join14 } from "path";
 import { randomUUID } from "crypto";
 var UsageTracker;
 var init_tracker = __esm({
@@ -2455,8 +2581,8 @@ var init_tracker = __esm({
       memRecords = [];
       constructor(config) {
         this.config = config;
-        this.logDir = join7(config.logDir, "usage");
-        mkdirSync2(this.logDir, { recursive: true });
+        this.logDir = join14(config.logDir, "usage");
+        mkdirSync7(this.logDir, { recursive: true });
       }
       // ===== EVENT SYSTEM =====
       onEvent(handler) {
@@ -2478,12 +2604,12 @@ var init_tracker = __esm({
           ...params
         };
         const monthKey = this.getMonthKey(record.timestamp);
-        const logFile = join7(this.logDir, `${monthKey}.jsonl`);
+        const logFile = join14(this.logDir, `${monthKey}.jsonl`);
         const line = JSON.stringify({
           ...record,
           timestamp: record.timestamp.toISOString()
         });
-        appendFileSync(logFile, line + "\n");
+        appendFileSync2(logFile, line + "\n");
         this.memRecords.push(record);
         this.cache = null;
         this.emit({ type: "request", record });
@@ -2612,9 +2738,9 @@ var init_tracker = __esm({
         return date.toISOString().slice(0, 7);
       }
       getMonthRecordsByKey(monthKey) {
-        const filePath = join7(this.logDir, `${monthKey}.jsonl`);
-        if (!existsSync6(filePath)) return [];
-        return readFileSync3(filePath, "utf-8").split("\n").filter((line) => line.trim()).map((line) => {
+        const filePath = join14(this.logDir, `${monthKey}.jsonl`);
+        if (!existsSync5(filePath)) return [];
+        return readFileSync4(filePath, "utf-8").split("\n").filter((line) => line.trim()).map((line) => {
           try {
             const parsed = JSON.parse(line);
             parsed.timestamp = new Date(parsed.timestamp);
@@ -2627,9 +2753,9 @@ var init_tracker = __esm({
       getMonthRecords(date) {
         const monthKey = this.getMonthKey(date);
         if (this.cache && this.cacheMonth === monthKey) return this.cache;
-        const filePath = join7(this.logDir, `${monthKey}.jsonl`);
-        if (!existsSync6(filePath)) return [];
-        const records = readFileSync3(filePath, "utf-8").split("\n").filter((line) => line.trim()).map((line) => {
+        const filePath = join14(this.logDir, `${monthKey}.jsonl`);
+        if (!existsSync5(filePath)) return [];
+        const records = readFileSync4(filePath, "utf-8").split("\n").filter((line) => line.trim()).map((line) => {
           try {
             const parsed = JSON.parse(line);
             parsed.timestamp = new Date(parsed.timestamp);
@@ -2643,11 +2769,11 @@ var init_tracker = __esm({
         return records;
       }
       getAllRecords() {
-        if (!existsSync6(this.logDir)) return [];
+        if (!existsSync5(this.logDir)) return [];
         const files = readdirSync(this.logDir).filter((f) => f.endsWith(".jsonl")).sort();
         const allRecords = [];
         for (const file of files) {
-          const content = readFileSync3(join7(this.logDir, file), "utf-8");
+          const content = readFileSync4(join14(this.logDir, file), "utf-8");
           const records = content.split("\n").filter((line) => line.trim()).map((line) => {
             try {
               const parsed = JSON.parse(line);
@@ -2676,7 +2802,7 @@ import { request as httpRequest } from "http";
 import { URL } from "url";
 import { lookup } from "dns/promises";
 function readBody(req, maxBytes = 0) {
-  return new Promise((resolve8, reject) => {
+  return new Promise((resolve12, reject) => {
     const chunks = [];
     let totalBytes = 0;
     req.on("data", (chunk) => {
@@ -2688,7 +2814,7 @@ function readBody(req, maxBytes = 0) {
       }
       chunks.push(chunk);
     });
-    req.on("end", () => resolve8(Buffer.concat(chunks).toString()));
+    req.on("end", () => resolve12(Buffer.concat(chunks).toString()));
     req.on("error", reject);
   });
 }
@@ -2904,18 +3030,18 @@ var init_server = __esm({
           this.analysisPromise = this.refreshAnalysis();
         }
         this.server = createServer((req, res) => this.handleRequest(req, res));
-        return new Promise((resolve8) => {
+        return new Promise((resolve12) => {
           this.server.listen(this.config.port, this.config.host, () => {
-            resolve8();
+            resolve12();
           });
         });
       }
       async stop() {
-        return new Promise((resolve8) => {
+        return new Promise((resolve12) => {
           if (this.server) {
-            this.server.close(() => resolve8());
+            this.server.close(() => resolve12());
           } else {
-            resolve8();
+            resolve12();
           }
         });
       }
@@ -2929,7 +3055,8 @@ var init_server = __esm({
           this.analysis = analysis;
           return analysis;
         } catch (err) {
-          this.emit({ type: "error", message: `Analysis failed: ${err.message}`, error: err });
+          const message = err instanceof Error ? err.message : String(err);
+          this.emit({ type: "error", message: `Analysis failed: ${message}`, error: err instanceof Error ? err : void 0 });
           throw err;
         }
       }
@@ -2966,7 +3093,8 @@ var init_server = __esm({
         try {
           body = await readBody(req, this.config.maxBodyBytes);
         } catch (err) {
-          const status = err.message === "body-too-large" ? 413 : 400;
+          const errMsg = err instanceof Error ? err.message : String(err);
+          const status = errMsg === "body-too-large" ? 413 : 400;
           res.writeHead(status, { "Content-Type": "application/json" });
           res.end(JSON.stringify({ error: status === 413 ? `Request body too large. Max: ${Math.round(this.config.maxBodyBytes / 1024 / 1024)}MB` : "Failed to read request body" }));
           return;
@@ -3077,12 +3205,13 @@ var init_server = __esm({
         try {
           await this.proxyRequest(targetUrl, req, res, modifiedBody, provider, parsed, interceptResult, startTime);
         } catch (err) {
+          const errMsg = err instanceof Error ? err.message : String(err);
           if (!res.headersSent) {
-            const status = err.message === "upstream-timeout" ? 504 : 502;
+            const status = errMsg === "upstream-timeout" ? 504 : 502;
             res.writeHead(status, { "Content-Type": "application/json" });
-            res.end(JSON.stringify({ error: status === 504 ? "Upstream provider timeout" : `Proxy error: ${err.message}` }));
+            res.end(JSON.stringify({ error: status === 504 ? "Upstream provider timeout" : `Proxy error: ${errMsg}` }));
           }
-          this.emit({ type: "error", message: `Proxy error: ${err.message}`, error: err });
+          this.emit({ type: "error", message: `Proxy error: ${errMsg}`, error: err instanceof Error ? err : void 0 });
         }
       }
       // ===== PROXY =====
@@ -3097,7 +3226,7 @@ var init_server = __esm({
           if (value) forwardHeaders[key] = Array.isArray(value) ? value[0] : value;
         }
         forwardHeaders["content-length"] = Buffer.byteLength(body).toString();
-        return new Promise((resolve8, reject) => {
+        return new Promise((resolve12, reject) => {
           const proxyReq = requester(
             {
               hostname: url.hostname,
@@ -3118,7 +3247,7 @@ var init_server = __esm({
                   parsed,
                   interceptResult,
                   startTime
-                ).then(resolve8).catch(reject);
+                ).then(resolve12).catch(reject);
               } else {
                 this.handleBufferedResponse(
                   proxyRes,
@@ -3127,7 +3256,7 @@ var init_server = __esm({
                   parsed,
                   interceptResult,
                   startTime
-                ).then(resolve8).catch(reject);
+                ).then(resolve12).catch(reject);
               }
             }
           );
@@ -3147,7 +3276,7 @@ var init_server = __esm({
         let inputTokens = 0;
         let outputTokens = 0;
         let sseBuffer = "";
-        return new Promise((resolve8) => {
+        return new Promise((resolve12) => {
           proxyRes.on("data", (chunk) => {
             clientRes.write(chunk);
             sseBuffer += chunk.toString();
@@ -3208,17 +3337,17 @@ var init_server = __esm({
               latencyMs: Date.now() - startTime,
               stream: true
             });
-            resolve8();
+            resolve12();
           });
           proxyRes.on("error", () => {
             clientRes.end();
-            resolve8();
+            resolve12();
           });
         });
       }
       // ===== BUFFERED HANDLER =====
       async handleBufferedResponse(proxyRes, clientRes, provider, parsed, interceptResult, startTime) {
-        return new Promise((resolve8) => {
+        return new Promise((resolve12) => {
           const chunks = [];
           proxyRes.on("data", (chunk) => chunks.push(chunk));
           proxyRes.on("end", () => {
@@ -3275,11 +3404,11 @@ var init_server = __esm({
                 error: "response-parse-failed"
               });
             }
-            resolve8();
+            resolve12();
           });
           proxyRes.on("error", () => {
             clientRes.end();
-            resolve8();
+            resolve12();
           });
         });
       }
@@ -3297,8 +3426,7 @@ var init_server = __esm({
 
 // src/cli/score.ts
 init_analyzer();
-import { resolve as resolve7, join as join8 } from "path";
-import { mkdirSync as mkdirSync3, writeFileSync as writeFileSync2, readFileSync as readFileSync4, appendFileSync as appendFileSync2 } from "fs";
+import { resolve as resolve11 } from "path";
 
 // src/engine/score.ts
 init_selector();
@@ -3605,9 +3733,9 @@ function renderBar(pct, width) {
   return "\u2588".repeat(filled) + "\u2591".repeat(empty);
 }
 function padCenter(str, width) {
-  const pad2 = Math.max(0, width - str.length);
-  const left = Math.floor(pad2 / 2);
-  return " ".repeat(left) + str + " ".repeat(pad2 - left);
+  const pad3 = Math.max(0, width - str.length);
+  const left = Math.floor(pad3 / 2);
+  return " ".repeat(left) + str + " ".repeat(pad3 - left);
 }
 function formatNumber(n) {
   if (n >= 1e6) return `${(n / 1e6).toFixed(1)}M`;
@@ -3769,163 +3897,798 @@ function fmt(n) {
   return n.toString();
 }
 
-// src/cli/score.ts
-init_selector();
-init_secrets();
-
-// src/engine/monorepo.ts
-import { readFile as readFile5, readdir as readdir2 } from "fs/promises";
-import { join as join5, relative as relative4, basename as basename3 } from "path";
-import { existsSync as existsSync4 } from "fs";
-async function detectMonorepoTool(rootPath) {
-  const checks = [
-    { file: "nx.json", tool: "nx" },
-    { file: "turbo.json", tool: "turborepo" },
-    { file: "lerna.json", tool: "lerna" },
-    { file: "pnpm-workspace.yaml", tool: "pnpm-workspaces" },
-    {
-      file: "package.json",
-      tool: "npm-workspaces",
-      validate: (content) => {
-        try {
-          const pkg = JSON.parse(content);
-          return Array.isArray(pkg.workspaces) || typeof pkg.workspaces?.packages !== "undefined";
-        } catch {
-          return false;
-        }
-      }
-    }
-  ];
-  for (const check of checks) {
-    const filePath = join5(rootPath, check.file);
-    if (existsSync4(filePath)) {
-      if (!check.validate) return check.tool;
-      try {
-        const content = await readFile5(filePath, "utf-8");
-        if (check.validate(content)) {
-          if (check.tool === "npm-workspaces") {
-            if (existsSync4(join5(rootPath, "yarn.lock"))) return "yarn-workspaces";
-            return "npm-workspaces";
-          }
-          return check.tool;
-        }
-      } catch {
-      }
-    }
+// src/engine/logger.ts
+var LEVEL_ORDER = { debug: 0, info: 1, warn: 2, error: 3 };
+var currentLevel = process.env.CTO_LOG_LEVEL ?? "warn";
+var jsonOutput = process.env.CTO_LOG_JSON === "1";
+function shouldLog(level) {
+  return LEVEL_ORDER[level] >= LEVEL_ORDER[currentLevel];
+}
+function emit(entry) {
+  if (!shouldLog(entry.level)) return;
+  if (jsonOutput) {
+    const stream = entry.level === "error" ? process.stderr : process.stdout;
+    stream.write(JSON.stringify(entry) + "\n");
+    return;
   }
-  return "none";
-}
-async function resolveWorkspaceGlobs(rootPath, globs) {
-  const packagePaths = [];
-  for (const glob of globs) {
-    const cleanGlob = glob.replace(/\/?\*\*?$/, "");
-    const searchDir = join5(rootPath, cleanGlob);
-    if (!existsSync4(searchDir)) continue;
-    try {
-      const entries = await readdir2(searchDir, { withFileTypes: true });
-      for (const entry of entries) {
-        if (!entry.isDirectory()) continue;
-        const pkgJsonPath = join5(searchDir, entry.name, "package.json");
-        if (existsSync4(pkgJsonPath)) {
-          packagePaths.push(join5(searchDir, entry.name));
-        }
-      }
-    } catch {
-    }
+  const prefix = entry.module ? `[${entry.module}]` : "";
+  const extra = Object.entries(entry).filter(([k]) => !["level", "msg", "ts", "module"].includes(k)).map(([k, v]) => `${k}=${typeof v === "object" ? JSON.stringify(v) : v}`).join(" ");
+  const line = `${prefix} ${entry.msg}${extra ? " " + extra : ""}`.trim();
+  if (entry.level === "error") {
+    process.stderr.write(`  \u274C ${line}
+`);
+  } else if (entry.level === "warn") {
+    process.stderr.write(`  \u26A0\uFE0F  ${line}
+`);
+  } else {
+    process.stdout.write(`  ${line}
+`);
   }
-  return packagePaths;
 }
-async function discoverPackages(rootPath, tool) {
-  switch (tool) {
-    case "npm-workspaces":
-    case "yarn-workspaces": {
-      const pkgJson = JSON.parse(await readFile5(join5(rootPath, "package.json"), "utf-8"));
-      const workspaces = Array.isArray(pkgJson.workspaces) ? pkgJson.workspaces : pkgJson.workspaces?.packages || [];
-      return resolveWorkspaceGlobs(rootPath, workspaces);
-    }
-    case "pnpm-workspaces": {
-      const content = await readFile5(join5(rootPath, "pnpm-workspace.yaml"), "utf-8");
-      const packages = [];
-      let inPackages = false;
-      for (const line of content.split("\n")) {
-        const trimmed = line.trim();
-        if (trimmed === "packages:") {
-          inPackages = true;
-          continue;
-        }
-        if (inPackages && trimmed.startsWith("- ")) {
-          packages.push(trimmed.slice(2).replace(/['"]/g, ""));
-        } else if (inPackages && !trimmed.startsWith("-") && trimmed.length > 0) {
-          inPackages = false;
-        }
-      }
-      return resolveWorkspaceGlobs(rootPath, packages);
-    }
-    case "turborepo": {
-      const pkgJson = JSON.parse(await readFile5(join5(rootPath, "package.json"), "utf-8"));
-      const workspaces = Array.isArray(pkgJson.workspaces) ? pkgJson.workspaces : pkgJson.workspaces?.packages || [];
-      if (workspaces.length > 0) return resolveWorkspaceGlobs(rootPath, workspaces);
-      if (existsSync4(join5(rootPath, "pnpm-workspace.yaml"))) {
-        return discoverPackages(rootPath, "pnpm-workspaces");
-      }
-      return [];
-    }
-    case "nx": {
-      const standardDirs = ["packages", "apps", "libs"];
-      const globs = standardDirs.filter((d) => existsSync4(join5(rootPath, d)));
-      if (globs.length > 0) return resolveWorkspaceGlobs(rootPath, globs);
-      try {
-        const pkgJson = JSON.parse(await readFile5(join5(rootPath, "package.json"), "utf-8"));
-        const workspaces = Array.isArray(pkgJson.workspaces) ? pkgJson.workspaces : [];
-        if (workspaces.length > 0) return resolveWorkspaceGlobs(rootPath, workspaces);
-      } catch {
-      }
-      return [];
-    }
-    case "lerna": {
-      const lernaJson = JSON.parse(await readFile5(join5(rootPath, "lerna.json"), "utf-8"));
-      const packages = lernaJson.packages || ["packages/*"];
-      return resolveWorkspaceGlobs(rootPath, packages);
-    }
-    default:
-      return [];
-  }
+function createLogger(module) {
+  const log5 = (level, msg, data) => {
+    emit({ level, msg, ts: (/* @__PURE__ */ new Date()).toISOString(), module, ...data });
+  };
+  return {
+    debug: (msg, data) => log5("debug", msg, data),
+    info: (msg, data) => log5("info", msg, data),
+    warn: (msg, data) => log5("warn", msg, data),
+    error: (msg, data) => log5("error", msg, data)
+  };
 }
-function buildCrossPackageEdges(packages, allFiles, graphEdges, rootPath) {
-  const fileToPackage = /* @__PURE__ */ new Map();
-  for (const pkg of packages) {
-    const pkgRel = relative4(rootPath, pkg.path);
-    for (const f of allFiles) {
-      if (f.relativePath.startsWith(pkgRel + "/") || f.relativePath.startsWith(pkgRel + "\\")) {
-        fileToPackage.set(f.relativePath, pkg.name);
-      }
+
+// src/engine/errors.ts
+var CtoError = class extends Error {
+  code;
+  module;
+  context;
+  constructor(code, message, module, context) {
+    super(message);
+    this.name = "CtoError";
+    this.code = code;
+    this.module = module;
+    this.context = context;
+  }
+  toJSON() {
+    return {
+      name: this.name,
+      code: this.code,
+      message: this.message,
+      module: this.module,
+      context: this.context
+    };
+  }
+};
+
+// src/cli/commands/fix.ts
+init_selector();
+import { join as join4 } from "path";
+import { mkdirSync as mkdirSync2, writeFileSync as writeFileSync2 } from "fs";
+var log = createLogger("cli:fix");
+async function runFix(projectPath, analysis, score) {
+  const ctoDir = join4(projectPath, ".cto");
+  mkdirSync2(ctoDir, { recursive: true });
+  const selection = await selectContext({
+    task: "general code review and refactoring",
+    analysis,
+    budget: 5e4
+  });
+  const criticalFiles = selection.files.filter((f) => f.riskScore >= 60).sort((a, b) => b.riskScore - a.riskScore);
+  const typeFiles = analysis.files.filter((f) => f.kind === "type").sort((a, b) => b.riskScore - a.riskScore);
+  const entryFiles = analysis.files.filter((f) => f.kind === "entry").sort((a, b) => b.riskScore - a.riskScore);
+  let contextMd = `# CTO Context \u2014 ${analysis.projectName}
+`;
+  contextMd += `# Generated by cto-ai-cli \xB7 Score: ${score.overall}/100 (${score.grade})
+`;
+  contextMd += `# Paste this into your AI prompt for better results.
+
+`;
+  contextMd += `## Critical files (always include these):
+`;
+  for (const f of criticalFiles.slice(0, 15)) {
+    contextMd += `- ${f.relativePath} \u2014 risk:${f.riskScore} (${f.reason})
+`;
+  }
+  if (typeFiles.length > 0) {
+    contextMd += `
+## Type definitions (AI needs these to generate correct code):
+`;
+    for (const f of typeFiles.slice(0, 10)) {
+      contextMd += `- ${f.relativePath} (${f.tokens} tokens)
+`;
     }
   }
-  const edgeMap = /* @__PURE__ */ new Map();
-  for (const edge of graphEdges) {
-    const fromPkg = fileToPackage.get(edge.from);
-    const toPkg = fileToPackage.get(edge.to);
-    if (fromPkg && toPkg && fromPkg !== toPkg) {
-      const key = `${fromPkg}\u2192${toPkg}`;
-      if (!edgeMap.has(key)) {
-        edgeMap.set(key, { files: /* @__PURE__ */ new Set(), type: "dependency" });
-      }
-      edgeMap.get(key).files.add(edge.from);
+  if (entryFiles.length > 0) {
+    contextMd += `
+## Entry points:
+`;
+    for (const f of entryFiles.slice(0, 5)) {
+      contextMd += `- ${f.relativePath}
+`;
     }
   }
-  return Array.from(edgeMap.entries()).map(([key, val]) => {
-    const [from, to] = key.split("\u2192");
-    return { from, to, files: val.files.size, type: val.type };
-  });
-}
-async function analyzeMonorepo(rootPath, analysis) {
-  const tool = await detectMonorepoTool(rootPath);
-  if (tool === "none") {
-    return {
-      detected: false,
-      tool: "none",
-      rootPath,
-      packages: [],
+  contextMd += `
+## Project structure:
+`;
+  contextMd += `- ${analysis.totalFiles} files, ${Math.round(analysis.totalTokens / 1e3)}K tokens total
+`;
+  contextMd += `- Stack: ${analysis.stack.join(", ") || "unknown"}
+`;
+  contextMd += `- Clusters: ${analysis.graph.clusters.length}
+`;
+  contextMd += `- Hubs: ${analysis.graph.hubs.map((h) => h.relativePath).slice(0, 5).join(", ")}
+`;
+  contextMd += `
+## Recommended token budget: ${selection.totalTokens.toLocaleString()} tokens
+`;
+  contextMd += `## Full project tokens: ${analysis.totalTokens.toLocaleString()} tokens
+`;
+  contextMd += `## Savings: ${score.comparison.savedPercent}% (${formatTokens(score.comparison.savedTokens)})
+`;
+  writeFileSync2(join4(ctoDir, "context.md"), contextMd);
+  const config = {
+    version: "5.0",
+    project: analysis.projectName,
+    generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    score: score.overall,
+    grade: score.grade,
+    budget: 5e4,
+    criticalFiles: criticalFiles.slice(0, 20).map((f) => f.relativePath),
+    typeFiles: typeFiles.map((f) => f.relativePath),
+    ignorePatterns: [
+      "node_modules",
+      "dist",
+      "build",
+      ".git",
+      "*.test.*",
+      "*.spec.*",
+      "__tests__",
+      "*.md",
+      "*.json",
+      "*.lock"
+    ],
+    insights: score.insights.slice(0, 5).map((i) => ({
+      type: i.type,
+      title: i.title,
+      impact: i.impact
+    }))
+  };
+  writeFileSync2(join4(ctoDir, "config.json"), JSON.stringify(config, null, 2));
+  const ignoreContent = [
+    "# CTO AI-ignore \u2014 files that add noise to AI context",
+    "# Generated by cto-ai-cli",
+    "",
+    "# Build artifacts",
+    "dist/",
+    "build/",
+    ".next/",
+    "coverage/",
+    "",
+    "# Dependencies",
+    "node_modules/",
+    "",
+    "# Large/binary files",
+    "*.lock",
+    "package-lock.json",
+    "yarn.lock",
+    "",
+    "# Low-value for AI",
+    ...analysis.graph.orphans.filter((o) => {
+      const f = analysis.files.find((af) => af.relativePath === o);
+      return f && f.riskScore < 20;
+    }).slice(0, 20).map((o) => `${o}  # orphan, low-risk`),
+    ""
+  ].join("\n");
+  writeFileSync2(join4(ctoDir, ".cteignore"), ignoreContent);
+  log.info("Fix complete", { files: 3, dir: ctoDir });
+  console.log("");
+  console.log("  \u2705 Auto-fix complete! Generated:");
+  console.log("");
+  console.log("  \u{1F4CB} .cto/context.md     Copy-paste this into Claude/Cursor/ChatGPT");
+  console.log("  \u2699\uFE0F  .cto/config.json    Optimized CTO configuration");
+  console.log("  \u{1F6AB} .cto/.cteignore     Files AI should skip");
+  console.log("");
+  console.log("  \u{1F4A1} Tip: Paste .cto/context.md at the start of your AI conversation");
+  console.log("     for dramatically better code generation.");
+  console.log("");
+}
+function formatTokens(n) {
+  if (n >= 1e6) return `${(n / 1e6).toFixed(1)}M`;
+  if (n >= 1e3) return `${(n / 1e3).toFixed(1)}K`;
+  return n.toString();
+}
+
+// src/cli/commands/context.ts
+init_selector();
+import { join as join5 } from "path";
+import { mkdirSync as mkdirSync3, writeFileSync as writeFileSync3, readFileSync as readFileSync2 } from "fs";
+var log2 = createLogger("cli:context");
+async function runContext(projectPath, analysis, task) {
+  const ctoDir = join5(projectPath, ".cto");
+  mkdirSync3(ctoDir, { recursive: true });
+  const selection = await selectContext({ task, analysis, budget: 5e4 });
+  const typeFiles = analysis.files.filter((f) => f.kind === "type");
+  const selectedPaths = new Set(selection.files.map((f) => f.relativePath));
+  const includedTypes = typeFiles.filter((f) => selectedPaths.has(f.relativePath));
+  let contextMd = `# Context for: ${task}
+`;
+  contextMd += `# Generated by cto-ai-cli
+`;
+  contextMd += `# ${selection.files.length} files selected, ${selection.totalTokens.toLocaleString()} tokens
+
+`;
+  const targets = selection.files.filter((f) => f.reason === "Target file");
+  const critical = selection.files.filter((f) => f.riskScore >= 80 && f.reason !== "Target file");
+  const high = selection.files.filter((f) => f.riskScore >= 60 && f.riskScore < 80 && f.reason !== "Target file");
+  const rest = selection.files.filter((f) => f.riskScore < 60 && f.reason !== "Target file");
+  if (targets.length > 0) {
+    contextMd += `## Target files (directly related to task):
+`;
+    for (const f of targets) contextMd += `- ${f.relativePath}
+`;
+    contextMd += "\n";
+  }
+  if (critical.length > 0) {
+    contextMd += `## Critical dependencies:
+`;
+    for (const f of critical) contextMd += `- ${f.relativePath} \u2014 ${f.reason}
+`;
+    contextMd += "\n";
+  }
+  if (includedTypes.length > 0) {
+    contextMd += `## Type definitions (needed for correct code generation):
+`;
+    for (const f of includedTypes) contextMd += `- ${f.relativePath}
+`;
+    contextMd += "\n";
+  }
+  if (high.length > 0) {
+    contextMd += `## High-relevance files:
+`;
+    for (const f of high) contextMd += `- ${f.relativePath}
+`;
+    contextMd += "\n";
+  }
+  if (rest.length > 0) {
+    contextMd += `## Supporting files:
+`;
+    for (const f of rest.slice(0, 15)) contextMd += `- ${f.relativePath}
+`;
+    if (rest.length > 15) contextMd += `- ... and ${rest.length - 15} more
+`;
+    contextMd += "\n";
+  }
+  contextMd += `---
+
+`;
+  contextMd += `## File contents (top ${Math.min(targets.length + critical.length, 10)} files):
+
+`;
+  const topFiles = [...targets, ...critical].slice(0, 10);
+  for (const sf of topFiles) {
+    const fullFile = analysis.files.find((f) => f.relativePath === sf.relativePath);
+    if (!fullFile) continue;
+    try {
+      const content = readFileSync2(fullFile.path, "utf-8");
+      const ext = fullFile.extension.replace(".", "");
+      const maxChars = 5e3;
+      const truncated = content.length > maxChars;
+      contextMd += `### ${sf.relativePath}
+`;
+      contextMd += `\`\`\`${ext}
+${content.slice(0, maxChars)}${truncated ? "\n// ... [truncated \u2014 " + (content.length - maxChars) + " chars omitted]" : ""}
+\`\`\`
+
+`;
+    } catch (err) {
+      log2.debug("Could not read file for context", { file: fullFile.path, error: String(err) });
+    }
+  }
+  const safeName = task.replace(/[^a-zA-Z0-9]/g, "-").toLowerCase().slice(0, 40);
+  const filename = `context-${safeName}.md`;
+  writeFileSync3(join5(ctoDir, filename), contextMd);
+  console.log("");
+  console.log(`  \u2705 Task context generated!`);
+  console.log("");
+  console.log(`  \u{1F4CB} .cto/${filename}`);
+  console.log(`     ${selection.files.length} files \xB7 ${selection.totalTokens.toLocaleString()} tokens`);
+  console.log(`     Coverage: ${selection.coverage.score}%`);
+  console.log("");
+  console.log(`  \u{1F4A1} Copy-paste this file into Claude/Cursor/ChatGPT for`);
+  console.log(`     optimized context on: "${task}"`);
+  console.log("");
+}
+
+// src/cli/commands/report.ts
+import { join as join6 } from "path";
+import { mkdirSync as mkdirSync4, writeFileSync as writeFileSync4 } from "fs";
+async function runReport(projectPath, analysis, score) {
+  const gradeEmoji = score.grade.startsWith("A") ? "\u{1F7E2}" : score.grade.startsWith("B") ? "\u{1F535}" : score.grade.startsWith("C") ? "\u{1F7E1}" : "\u{1F534}";
+  const gradeColor = score.overall >= 80 ? "brightgreen" : score.overall >= 60 ? "green" : score.overall >= 40 ? "yellow" : "red";
+  const safeGrade = encodeURIComponent(score.grade);
+  let report = `# CTO Context Score\u2122 Report
+
+`;
+  report += `![CTO Score](https://img.shields.io/badge/CTO_Score-${score.overall}%2F100-${gradeColor}?style=for-the-badge)
+`;
+  report += `![Grade](https://img.shields.io/badge/Grade-${safeGrade}-${gradeColor}?style=for-the-badge)
+
+`;
+  report += `> Generated by [cto-ai-cli](https://npmjs.com/package/cto-ai-cli) on ${(/* @__PURE__ */ new Date()).toISOString().split("T")[0]}
+
+`;
+  report += `## Project: ${analysis.projectName}
+
+`;
+  report += `| Metric | Value |
+|--------|-------|
+`;
+  report += `| **Score** | ${gradeEmoji} ${score.overall}/100 (${score.grade}) |
+`;
+  report += `| **Files** | ${analysis.totalFiles} |
+`;
+  report += `| **Total tokens** | ${analysis.totalTokens.toLocaleString()} |
+`;
+  report += `| **Optimized tokens** | ${score.comparison.optimizedTokens.toLocaleString()} |
+`;
+  report += `| **Token savings** | ${score.comparison.savedPercent}% (${formatTokens(score.comparison.savedTokens)}) |
+`;
+  report += `| **Est. monthly savings** | $${score.comparison.monthlySavingsUSD.toFixed(2)} |
+`;
+  report += `| **Stack** | ${analysis.stack.join(", ") || "unknown"} |
+
+`;
+  report += `## Dimensions
+
+`;
+  report += `| Dimension | Score | Weight | Detail |
+|-----------|-------|--------|--------|
+`;
+  report += `| Efficiency | ${score.dimensions.efficiency.score}% | 30% | ${score.dimensions.efficiency.detail} |
+`;
+  report += `| Coverage | ${score.dimensions.coverage.score}% | 25% | ${score.dimensions.coverage.detail} |
+`;
+  report += `| Risk Control | ${score.dimensions.riskControl.score}% | 20% | ${score.dimensions.riskControl.detail} |
+`;
+  report += `| Structure | ${score.dimensions.structure.score}% | 15% | ${score.dimensions.structure.detail} |
+`;
+  report += `| Governance | ${score.dimensions.governance.score}% | 10% | ${score.dimensions.governance.detail} |
+
+`;
+  if (score.insights.length > 0) {
+    report += `## Insights
+
+`;
+    for (const insight of score.insights.slice(0, 8)) {
+      const icon = insight.type === "strength" ? "\u2705" : insight.type === "weakness" ? "\u26A0\uFE0F" : "\u{1F4A1}";
+      report += `- ${icon} **${insight.title}** \u2014 ${insight.detail}
+`;
+    }
+    report += "\n";
+  }
+  report += `## Badge for your README
+
+`;
+  report += `\`\`\`markdown
+![CTO Score](https://img.shields.io/badge/CTO_Score-${score.overall}%2F100-${gradeColor})
+\`\`\`
+
+`;
+  report += `---
+
+*Run \`npx cto-ai-cli\` to generate your own report. [Learn more](https://npmjs.com/package/cto-ai-cli)*
+`;
+  const ctoDir = join6(projectPath, ".cto");
+  mkdirSync4(ctoDir, { recursive: true });
+  writeFileSync4(join6(ctoDir, "report.md"), report);
+  console.log("");
+  console.log("  \u2705 Report generated!");
+  console.log("");
+  console.log("  \u{1F4CA} .cto/report.md     Share on Slack, Discord, or GitHub");
+  console.log("");
+  console.log("  \u{1F3F7}\uFE0F  Badge for your README:");
+  console.log(`     ![CTO Score](https://img.shields.io/badge/CTO_Score-${score.overall}%2F100-${gradeColor})`);
+  console.log("");
+}
+
+// src/cli/commands/compare.ts
+var PROJECT_PROFILES = [
+  // Zod: Small, pure TypeScript, excellent types, focused API
+  { name: "Zod", files: 441, tokens: "804K", efficiency: 88, coverage: 98, riskControl: 95, structure: 82, governance: 100 },
+  // Prisma: Well-structured, strongly typed, clear module boundaries
+  { name: "Prisma Client", files: 320, tokens: "650K", efficiency: 82, coverage: 95, riskControl: 90, structure: 78, governance: 100 },
+  // tRPC: TypeScript-first, moderate size, good structure
+  { name: "tRPC", files: 280, tokens: "420K", efficiency: 80, coverage: 92, riskControl: 85, structure: 72, governance: 100 },
+  // Next.js: Large, complex, many entry points, harder to compress
+  { name: "Next.js (core)", files: 890, tokens: "2.1M", efficiency: 72, coverage: 85, riskControl: 75, structure: 65, governance: 90 },
+  // Express: Small but flat structure, few types, weak graph
+  { name: "Express.js", files: 158, tokens: "171K", efficiency: 68, coverage: 80, riskControl: 78, structure: 55, governance: 75 },
+  // Lodash: Many small independent files, no graph, no types
+  { name: "Lodash", files: 612, tokens: "380K", efficiency: 60, coverage: 70, riskControl: 65, structure: 40, governance: 60 }
+];
+function computeProfileScore(p) {
+  const overall = Math.round(
+    p.efficiency / 100 * 30 + p.coverage / 100 * 25 + p.riskControl / 100 * 20 + p.structure / 100 * 15 + p.governance / 100 * 10
+  );
+  const grade = overall >= 95 ? "A+" : overall >= 90 ? "A" : overall >= 85 ? "A-" : overall >= 80 ? "B+" : overall >= 75 ? "B" : overall >= 70 ? "B-" : overall >= 65 ? "C+" : overall >= 60 ? "C" : overall >= 55 ? "C-" : overall >= 40 ? "D" : "F";
+  return { score: overall, grade };
+}
+function runCompare(score) {
+  const benchmarks = PROJECT_PROFILES.map((p) => {
+    const computed = computeProfileScore(p);
+    return { name: p.name, score: computed.score, grade: computed.grade, files: p.files, tokens: p.tokens };
+  });
+  console.log("");
+  console.log("  \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+  console.log("  \u{1F4CA} Your project vs popular open source");
+  console.log("  \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+  console.log("");
+  const all = [
+    { name: `\u2192 ${score.meta.projectName} (you)`, score: score.overall, grade: score.grade, isYou: true },
+    ...benchmarks.map((b) => ({ ...b, isYou: false }))
+  ].sort((a, b) => b.score - a.score);
+  for (const entry of all) {
+    const bar = renderCompareBar(entry.score);
+    const marker = entry.isYou ? "  \u25C4" : "";
+    const name = entry.name.padEnd(25);
+    console.log(`  ${name} ${entry.score.toString().padStart(3)}/100 (${entry.grade.padEnd(2)}) ${bar}${marker}`);
+  }
+  console.log("");
+  const beaten = benchmarks.filter((b) => score.overall > b.score);
+  const aheadOf = benchmarks.filter((b) => score.overall < b.score);
+  if (beaten.length > 0) console.log(`  \u2705 You beat: ${beaten.map((b) => b.name).join(", ")}`);
+  if (aheadOf.length > 0 && aheadOf.length <= 3) {
+    console.log(`  \u{1F3AF} To reach ${aheadOf[0].name}'s level: run --fix and address the insights above`);
+  }
+  if (beaten.length === benchmarks.length) console.log(`  \u{1F3C6} You outperform ALL benchmarked projects!`);
+  console.log("");
+  console.log("  \u2139  Comparison scores are estimated from project profiles using the");
+  console.log("     same scoring algorithm. Run CTO on each repo for exact scores.");
+  console.log("");
+}
+function renderCompareBar(pct) {
+  const width = 25;
+  const filled = Math.round(pct / 100 * width);
+  return "\u2588".repeat(filled) + "\u2591".repeat(width - filled);
+}
+
+// src/cli/commands/audit.ts
+init_secrets();
+import { join as join7 } from "path";
+import { mkdirSync as mkdirSync5, writeFileSync as writeFileSync5, appendFileSync } from "fs";
+var log3 = createLogger("cli:audit");
+async function runAudit(projectPath, analysis, flags = {}) {
+  if (flags.initHookMode) {
+    const { generatePreCommitHook: generatePreCommitHook2 } = await Promise.resolve().then(() => (init_secrets(), secrets_exports));
+    const hookPath = generatePreCommitHook2(projectPath, "husky");
+    console.log("");
+    console.log("  \u2705 Pre-commit hook generated!");
+    console.log(`  \u{1F4CB} ${hookPath}`);
+    console.log("");
+    console.log("  Staged files will be scanned for secrets before every commit.");
+    console.log("  To remove: delete the hook file.");
+    console.log("");
+    return;
+  }
+  console.log("");
+  console.log("  \u{1F50D} Running security audit...");
+  console.log("");
+  const filePaths = analysis.files.map((f) => f.path);
+  const result = await auditProject(projectPath, filePaths, {
+    includePII: true,
+    incrementalScan: !flags.fullScanMode,
+    useAllowlist: !flags.noAllowlistMode
+  });
+  const { summary, findings, recommendations } = result;
+  const statusIcon = summary.bySeverity.critical > 0 ? "\u{1F534}" : summary.bySeverity.high > 0 ? "\u{1F7E0}" : summary.totalFindings > 0 ? "\u{1F7E1}" : "\u{1F7E2}";
+  const statusText = summary.bySeverity.critical > 0 ? "CRITICAL ISSUES FOUND" : summary.bySeverity.high > 0 ? "HIGH-SEVERITY ISSUES FOUND" : summary.totalFindings > 0 ? "MINOR ISSUES FOUND" : "ALL CLEAR";
+  console.log("  \u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557");
+  console.log("  \u2551                                                  \u2551");
+  console.log(`  \u2551   ${statusIcon} Security Audit: ${statusText.padEnd(28)} \u2551`);
+  console.log("  \u2551                                                  \u2551");
+  console.log(`  \u2551   Files scanned:  ${summary.filesScanned.toString().padEnd(30)} \u2551`);
+  console.log(`  \u2551   Files affected: ${summary.filesWithSecrets.toString().padEnd(30)} \u2551`);
+  console.log(`  \u2551   Total findings: ${summary.totalFindings.toString().padEnd(30)} \u2551`);
+  console.log("  \u2551                                                  \u2551");
+  console.log("  \u2560\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2563");
+  console.log("  \u2551                                                  \u2551");
+  if (summary.bySeverity.critical > 0) console.log(`  \u2551   \u{1F534} Critical: ${summary.bySeverity.critical.toString().padEnd(33)} \u2551`);
+  if (summary.bySeverity.high > 0) console.log(`  \u2551   \u{1F7E0} High:     ${summary.bySeverity.high.toString().padEnd(33)} \u2551`);
+  if (summary.bySeverity.medium > 0) console.log(`  \u2551   \u{1F7E1} Medium:   ${summary.bySeverity.medium.toString().padEnd(33)} \u2551`);
+  if (summary.bySeverity.low > 0) console.log(`  \u2551   \u{1F535} Low:      ${summary.bySeverity.low.toString().padEnd(33)} \u2551`);
+  if (summary.totalFindings === 0) console.log("  \u2551   \u2705 No secrets or PII detected                  \u2551");
+  console.log("  \u2551                                                  \u2551");
+  if (Object.keys(summary.byType).length > 0) {
+    console.log("  \u2560\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2563");
+    console.log("  \u2551                                                  \u2551");
+    console.log("  \u2551   By type:                                       \u2551");
+    for (const [type, count] of Object.entries(summary.byType)) {
+      const label = type.padEnd(18);
+      console.log(`  \u2551     ${label} ${count.toString().padEnd(28)} \u2551`);
+    }
+    console.log("  \u2551                                                  \u2551");
+  }
+  console.log("  \u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D");
+  if (findings.length > 0) {
+    console.log("");
+    console.log("  Findings:");
+    console.log("");
+    const shown = findings.slice(0, 15);
+    for (const f of shown) {
+      const icon = f.severity === "critical" ? "\u{1F534}" : f.severity === "high" ? "\u{1F7E0}" : f.severity === "medium" ? "\u{1F7E1}" : "\u{1F535}";
+      const sev = f.severity.toUpperCase().padEnd(8);
+      console.log(`  ${icon} ${sev} ${f.file}:${f.line}`);
+      console.log(`           ${f.type}: ${f.redacted}`);
+    }
+    if (findings.length > 15) {
+      console.log(`  ... and ${findings.length - 15} more (see .cto/audit/ for full report)`);
+    }
+  }
+  if (recommendations.length > 0) {
+    console.log("");
+    console.log("  Recommendations:");
+    console.log("");
+    for (const rec of recommendations) {
+      const icon = rec.startsWith("CRITICAL") ? "\u{1F6A8}" : "\u{1F4A1}";
+      console.log(`  ${icon} ${rec}`);
+    }
+  }
+  const ctoDir = join7(projectPath, ".cto");
+  const auditDir = join7(ctoDir, "audit");
+  mkdirSync5(auditDir, { recursive: true });
+  const now = /* @__PURE__ */ new Date();
+  const dateStr = now.toISOString().split("T")[0];
+  const logFile = join7(auditDir, `${dateStr}.jsonl`);
+  const logEntry = {
+    timestamp: now.toISOString(),
+    version: "5.0.0",
+    summary: {
+      filesScanned: summary.filesScanned,
+      filesWithSecrets: summary.filesWithSecrets,
+      totalFindings: summary.totalFindings,
+      bySeverity: summary.bySeverity,
+      byType: summary.byType
+    },
+    findings: findings.map((f) => ({
+      type: f.type,
+      file: f.file,
+      line: f.line,
+      severity: f.severity,
+      redacted: f.redacted
+    }))
+  };
+  appendFileSync(logFile, JSON.stringify(logEntry) + "\n");
+  let report = `# Security Audit Report
+
+`;
+  report += `> Generated by cto-ai-cli on ${now.toISOString()}
+
+`;
+  report += `## Summary
+
+| Metric | Value |
+|--------|-------|
+`;
+  report += `| Files scanned | ${summary.filesScanned} |
+`;
+  report += `| Files with issues | ${summary.filesWithSecrets} |
+`;
+  report += `| Total findings | ${summary.totalFindings} |
+`;
+  report += `| Critical | ${summary.bySeverity.critical} |
+`;
+  report += `| High | ${summary.bySeverity.high} |
+`;
+  report += `| Medium | ${summary.bySeverity.medium} |
+
+`;
+  if (findings.length > 0) {
+    report += `## Findings
+
+| Severity | Type | File | Line | Redacted |
+|----------|------|------|------|----------|
+`;
+    for (const f of findings) {
+      report += `| ${f.severity} | ${f.type} | ${f.file} | ${f.line} | \`${f.redacted.slice(0, 30)}\` |
+`;
+    }
+    report += "\n";
+  }
+  if (recommendations.length > 0) {
+    report += `## Recommendations
+
+`;
+    for (const rec of recommendations) report += `- ${rec}
+`;
+  }
+  writeFileSync5(join7(auditDir, "report.md"), report);
+  const envSecrets = findings.filter(
+    (f) => f.type === "env-variable" || f.type === "password" || f.type === "api-key" || f.type === "aws-key" || f.type === "connection-string"
+  );
+  if (envSecrets.length > 0) {
+    const envVarNames = /* @__PURE__ */ new Set();
+    for (const f of envSecrets) {
+      const varMatch = f.match.match(/^([A-Z_][A-Z0-9_]*)\s*[:=]/i);
+      if (varMatch) {
+        envVarNames.add(varMatch[1].toUpperCase());
+      } else {
+        envVarNames.add(f.type.toUpperCase().replace(/-/g, "_"));
+      }
+    }
+    if (envVarNames.size > 0) {
+      let envExample = "# Environment variables \u2014 NEVER commit real values\n";
+      envExample += "# Generated by cto-ai-cli --audit\n\n";
+      for (const name of envVarNames) envExample += `${name}=your_${name.toLowerCase()}_here
+`;
+      writeFileSync5(join7(ctoDir, ".env.example"), envExample);
+    }
+  }
+  log3.info("Audit complete", { findings: summary.totalFindings, critical: summary.bySeverity.critical });
+  console.log("");
+  console.log("  \u{1F4C1} Audit artifacts:");
+  console.log(`  \u{1F4CB} .cto/audit/${dateStr}.jsonl   Audit log (append-only)`);
+  console.log("  \u{1F4CA} .cto/audit/report.md         Full report");
+  if (envSecrets.length > 0) console.log("  \u{1F4DD} .cto/.env.example            Template for environment variables");
+  console.log("");
+  if (process.env.CI && (summary.bySeverity.critical > 0 || summary.bySeverity.high > 0)) {
+    console.log("  \u274C CI mode: Failing due to critical/high severity findings.");
+    process.exit(1);
+  }
+}
+
+// src/engine/monorepo.ts
+import { readFile as readFile5, readdir as readdir2 } from "fs/promises";
+import { join as join8, relative as relative4, basename as basename3 } from "path";
+import { existsSync as existsSync3 } from "fs";
+async function detectMonorepoTool(rootPath) {
+  const checks = [
+    { file: "nx.json", tool: "nx" },
+    { file: "turbo.json", tool: "turborepo" },
+    { file: "lerna.json", tool: "lerna" },
+    { file: "pnpm-workspace.yaml", tool: "pnpm-workspaces" },
+    {
+      file: "package.json",
+      tool: "npm-workspaces",
+      validate: (content) => {
+        try {
+          const pkg = JSON.parse(content);
+          return Array.isArray(pkg.workspaces) || typeof pkg.workspaces?.packages !== "undefined";
+        } catch {
+          return false;
+        }
+      }
+    }
+  ];
+  for (const check of checks) {
+    const filePath = join8(rootPath, check.file);
+    if (existsSync3(filePath)) {
+      if (!check.validate) return check.tool;
+      try {
+        const content = await readFile5(filePath, "utf-8");
+        if (check.validate(content)) {
+          if (check.tool === "npm-workspaces") {
+            if (existsSync3(join8(rootPath, "yarn.lock"))) return "yarn-workspaces";
+            return "npm-workspaces";
+          }
+          return check.tool;
+        }
+      } catch {
+      }
+    }
+  }
+  return "none";
+}
+async function resolveWorkspaceGlobs(rootPath, globs) {
+  const packagePaths = [];
+  for (const glob of globs) {
+    const cleanGlob = glob.replace(/\/?\*\*?$/, "");
+    const searchDir = join8(rootPath, cleanGlob);
+    if (!existsSync3(searchDir)) continue;
+    try {
+      const entries = await readdir2(searchDir, { withFileTypes: true });
+      for (const entry of entries) {
+        if (!entry.isDirectory()) continue;
+        const pkgJsonPath = join8(searchDir, entry.name, "package.json");
+        if (existsSync3(pkgJsonPath)) {
+          packagePaths.push(join8(searchDir, entry.name));
+        }
+      }
+    } catch {
+    }
+  }
+  return packagePaths;
+}
+async function discoverPackages(rootPath, tool) {
+  switch (tool) {
+    case "npm-workspaces":
+    case "yarn-workspaces": {
+      const pkgJson = JSON.parse(await readFile5(join8(rootPath, "package.json"), "utf-8"));
+      const workspaces = Array.isArray(pkgJson.workspaces) ? pkgJson.workspaces : pkgJson.workspaces?.packages || [];
+      return resolveWorkspaceGlobs(rootPath, workspaces);
+    }
+    case "pnpm-workspaces": {
+      const content = await readFile5(join8(rootPath, "pnpm-workspace.yaml"), "utf-8");
+      const packages = [];
+      let inPackages = false;
+      for (const line of content.split("\n")) {
+        const trimmed = line.trim();
+        if (trimmed === "packages:") {
+          inPackages = true;
+          continue;
+        }
+        if (inPackages && trimmed.startsWith("- ")) {
+          packages.push(trimmed.slice(2).replace(/['"]/g, ""));
+        } else if (inPackages && !trimmed.startsWith("-") && trimmed.length > 0) {
+          inPackages = false;
+        }
+      }
+      return resolveWorkspaceGlobs(rootPath, packages);
+    }
+    case "turborepo": {
+      const pkgJson = JSON.parse(await readFile5(join8(rootPath, "package.json"), "utf-8"));
+      const workspaces = Array.isArray(pkgJson.workspaces) ? pkgJson.workspaces : pkgJson.workspaces?.packages || [];
+      if (workspaces.length > 0) return resolveWorkspaceGlobs(rootPath, workspaces);
+      if (existsSync3(join8(rootPath, "pnpm-workspace.yaml"))) {
+        return discoverPackages(rootPath, "pnpm-workspaces");
+      }
+      return [];
+    }
+    case "nx": {
+      const standardDirs = ["packages", "apps", "libs"];
+      const globs = standardDirs.filter((d) => existsSync3(join8(rootPath, d)));
+      if (globs.length > 0) return resolveWorkspaceGlobs(rootPath, globs);
+      try {
+        const pkgJson = JSON.parse(await readFile5(join8(rootPath, "package.json"), "utf-8"));
+        const workspaces = Array.isArray(pkgJson.workspaces) ? pkgJson.workspaces : [];
+        if (workspaces.length > 0) return resolveWorkspaceGlobs(rootPath, workspaces);
+      } catch {
+      }
+      return [];
+    }
+    case "lerna": {
+      const lernaJson = JSON.parse(await readFile5(join8(rootPath, "lerna.json"), "utf-8"));
+      const packages = lernaJson.packages || ["packages/*"];
+      return resolveWorkspaceGlobs(rootPath, packages);
+    }
+    default:
+      return [];
+  }
+}
+function buildCrossPackageEdges(packages, allFiles, graphEdges, rootPath) {
+  const fileToPackage = /* @__PURE__ */ new Map();
+  for (const pkg of packages) {
+    const pkgRel = relative4(rootPath, pkg.path);
+    for (const f of allFiles) {
+      if (f.relativePath.startsWith(pkgRel + "/") || f.relativePath.startsWith(pkgRel + "\\")) {
+        fileToPackage.set(f.relativePath, pkg.name);
+      }
+    }
+  }
+  const edgeMap = /* @__PURE__ */ new Map();
+  for (const edge of graphEdges) {
+    const fromPkg = fileToPackage.get(edge.from);
+    const toPkg = fileToPackage.get(edge.to);
+    if (fromPkg && toPkg && fromPkg !== toPkg) {
+      const key = `${fromPkg}\u2192${toPkg}`;
+      if (!edgeMap.has(key)) {
+        edgeMap.set(key, { files: /* @__PURE__ */ new Set(), type: "dependency" });
+      }
+      edgeMap.get(key).files.add(edge.from);
+    }
+  }
+  return Array.from(edgeMap.entries()).map(([key, val]) => {
+    const [from, to] = key.split("\u2192");
+    return { from, to, files: val.files.size, type: val.type };
+  });
+}
+async function analyzeMonorepo(rootPath, analysis) {
+  const tool = await detectMonorepoTool(rootPath);
+  if (tool === "none") {
+    return {
+      detected: false,
+      tool: "none",
+      rootPath,
+      packages: [],
       sharedPackages: [],
       crossPackageEdges: [],
       isolationScore: 100,
@@ -3937,7 +4700,7 @@ async function analyzeMonorepo(rootPath, analysis) {
   const packages = [];
   const packageTokenMap = {};
   for (const pkgPath of packagePaths) {
-    const pkgJsonPath = join5(pkgPath, "package.json");
+    const pkgJsonPath = join8(pkgPath, "package.json");
     let name = basename3(pkgPath);
     let pkgDeps = [];
     try {
@@ -3980,7 +4743,7 @@ async function analyzeMonorepo(rootPath, analysis) {
   }
   const pkgNames = new Set(packages.map((p) => p.name));
   for (const pkg of packages) {
-    const pkgJsonPath = join5(pkg.path, "package.json");
+    const pkgJsonPath = join8(pkg.path, "package.json");
     try {
       const pkgJson = JSON.parse(await readFile5(pkgJsonPath, "utf-8"));
       const allDeps = {
@@ -4127,14 +4890,36 @@ function renderPackageContext(result) {
       lines.push(`     ... and ${result.excludedPackages.length - 10} more`);
     }
   }
-  lines.push("");
-  return lines.join("\n");
+  lines.push("");
+  return lines.join("\n");
+}
+
+// src/cli/commands/monorepo.ts
+async function runMonorepo(projectPath, analysis, targetPackage, jsonMode) {
+  const mono = await analyzeMonorepo(projectPath, analysis);
+  if (jsonMode) {
+    if (targetPackage) {
+      const pkgCtx = selectPackageContext(mono, targetPackage);
+      console.log(JSON.stringify({ monorepo: mono, packageContext: pkgCtx }, null, 2));
+    } else {
+      console.log(JSON.stringify(mono, null, 2));
+    }
+    return;
+  }
+  console.log(renderMonorepoAnalysis(mono));
+  if (targetPackage && mono.detected) {
+    const pkgCtx = selectPackageContext(mono, targetPackage);
+    console.log(renderPackageContext(pkgCtx));
+  }
 }
 
+// src/cli/commands/ci.ts
+init_secrets();
+
 // src/engine/quality-gate.ts
 import { readFile as readFile6, writeFile as writeFile2, mkdir } from "fs/promises";
 import { resolve as resolve5 } from "path";
-import { existsSync as existsSync5 } from "fs";
+import { existsSync as existsSync4 } from "fs";
 var DEFAULT_GATE_CONFIG = {
   threshold: 70,
   failOnSecrets: true,
@@ -4145,7 +4930,7 @@ var DEFAULT_GATE_CONFIG = {
 };
 async function loadBaseline(projectPath, baselinePath) {
   const filePath = resolve5(projectPath, baselinePath || ".cto/baseline.json");
-  if (!existsSync5(filePath)) return null;
+  if (!existsSync4(filePath)) return null;
   try {
     const content = await readFile6(filePath, "utf-8");
     return JSON.parse(content);
@@ -4155,7 +4940,7 @@ async function loadBaseline(projectPath, baselinePath) {
 }
 async function saveBaseline(projectPath, score, commit, branch, baselinePath) {
   const dir = resolve5(projectPath, ".cto");
-  if (!existsSync5(dir)) await mkdir(dir, { recursive: true });
+  if (!existsSync4(dir)) await mkdir(dir, { recursive: true });
   const baseline = {
     score: score.overall,
     grade: score.grade,
@@ -4239,912 +5024,1328 @@ function generatePRComment(score, analysis, checks, baseline, delta) {
     "",
     `### ${gradeEmoji} Context Score: ${score.overall}/100 (${score.grade})${deltaStr}`,
     "",
-    `> **${analysis.projectName}** \xB7 ${analysis.totalFiles} files \xB7 ${Math.round(analysis.totalTokens / 1e3)}K tokens`,
-    "",
-    "### Checks",
-    "",
-    "| Check | Status | Detail |",
-    "|-------|--------|--------|"
-  ];
-  for (const check of checks) {
-    const icon = check.passed ? "\u2705" : check.severity === "warning" ? "\u26A0\uFE0F" : "\u274C";
-    lines.push(`| ${check.name} | ${icon} | ${check.detail} |`);
-  }
-  lines.push("");
-  lines.push("### Dimensions");
-  lines.push("");
-  lines.push("| Dimension | Score | vs Baseline |");
-  lines.push("|-----------|-------|-------------|");
-  for (const [name, dim] of Object.entries(score.dimensions)) {
-    const prev = baseline?.dimensions[name];
-    const diff = prev !== void 0 ? dim.score - prev : null;
-    const diffStr = diff !== null ? `${diff >= 0 ? "+" : ""}${diff}` : "\u2014";
-    const bar = renderBar2(dim.score);
-    lines.push(`| ${name} | ${bar} ${dim.score}% | ${diffStr} |`);
-  }
-  lines.push("");
-  lines.push("### Savings");
-  lines.push("");
-  lines.push(`| Metric | Value |`);
-  lines.push(`|--------|-------|`);
-  lines.push(`| Tokens saved | ${score.comparison.savedTokens.toLocaleString()} (${score.comparison.savedPercent}%) |`);
-  lines.push(`| Monthly savings | $${score.comparison.monthlySavingsUSD.toFixed(2)} |`);
-  if (score.insights.length > 0) {
-    lines.push("");
-    lines.push("### Insights");
-    lines.push("");
-    for (const insight of score.insights.slice(0, 5)) {
-      const icon = insight.type === "strength" ? "\u2705" : insight.type === "weakness" ? "\u26A0\uFE0F" : "\u{1F4A1}";
-      lines.push(`- ${icon} **${insight.title}** \u2014 ${insight.detail}`);
-    }
-  }
-  lines.push("");
-  lines.push("---");
-  lines.push(`<sub>Generated by [CTO Quality Gate](https://npmjs.com/package/cto-ai-cli) \xB7 ${(/* @__PURE__ */ new Date()).toISOString().split("T")[0]}</sub>`);
-  return lines.join("\n");
-}
-function renderBar2(score) {
-  const filled = Math.round(score / 10);
-  return "\u2588".repeat(filled) + "\u2591".repeat(10 - filled);
-}
-function generateSummary(score, checks, passed) {
-  const status = passed ? "\u2705 PASSED" : "\u274C FAILED";
-  const failedChecks = checks.filter((c) => !c.passed && c.severity === "error");
-  const warnings = checks.filter((c) => !c.passed && c.severity === "warning");
-  let summary = `Quality Gate ${status} \u2014 Score: ${score.overall}/100 (${score.grade})`;
-  if (failedChecks.length > 0) {
-    summary += `
-Failed: ${failedChecks.map((c) => c.name).join(", ")}`;
-  }
-  if (warnings.length > 0) {
-    summary += `
-Warnings: ${warnings.map((c) => c.name).join(", ")}`;
-  }
-  return summary;
-}
-
-// src/cli/score.ts
-async function main() {
-  const args = process.argv.slice(2);
-  const jsonMode = args.includes("--json");
-  const benchmarkMode = args.includes("--benchmark");
-  const fixMode = args.includes("--fix");
-  const reportMode = args.includes("--report");
-  const compareMode = args.includes("--compare");
-  const auditMode = args.includes("--audit");
-  const initHookMode = args.includes("--init-hook");
-  const fullScanMode = args.includes("--full-scan");
-  const noAllowlistMode = args.includes("--no-allowlist");
-  const monorepoMode = args.includes("--monorepo");
-  const gatewayMode = args.includes("--gateway");
-  const ciMode = args.includes("--ci");
-  const helpMode = args.includes("--help") || args.includes("-h");
-  const pkgIdx = args.indexOf("--package");
-  const targetPackage = pkgIdx !== -1 && args[pkgIdx + 1] ? args[pkgIdx + 1] : null;
-  const threshIdx = args.indexOf("--threshold");
-  const thresholdArg = threshIdx !== -1 && args[threshIdx + 1] ? parseInt(args[threshIdx + 1], 10) : 70;
-  const contextIdx = args.indexOf("--context");
-  const contextTask = contextIdx !== -1 && args[contextIdx + 1] ? args[contextIdx + 1] : null;
-  const pathArg = args.find((a) => !a.startsWith("--") && !a.startsWith("-") && a !== contextTask && a !== targetPackage);
-  const projectPath = resolve7(pathArg ?? ".");
-  if (helpMode) {
-    console.log(`
-  \u26A1 cto-score \u2014 How AI-ready is your codebase?
-
-  Usage:
-    npx cto-ai-cli                               Scan current directory
-    npx cto-ai-cli ./path                        Scan a specific project
-
-  Phase 1 \u2014 Marketing:
-    npx cto-ai-cli --benchmark                   CTO vs naive vs random comparison
-    npx cto-ai-cli --fix                         Auto-generate optimized context files
-    npx cto-ai-cli --context "your task"         Generate task-specific context
-    npx cto-ai-cli --report                      Generate shareable markdown report
-    npx cto-ai-cli --compare                     Compare your score vs popular projects
-
-  Phase 2 \u2014 Security:
-    npx cto-ai-cli --audit                       Security audit: detect secrets & PII
-    npx cto-ai-cli --audit --init-hook           Generate pre-commit hook
-    npx cto-ai-cli --audit --full-scan           Skip incremental cache
-    npx cto-ai-cli --audit --no-allowlist        Ignore allowlist
-
-  Phase 3 \u2014 Gateway:
-    npx cto-ai-cli --gateway                     Start Context Gateway (proxy)
-    npx cto-ai-cli --gateway --port 9000         Custom port
-    npx cto-ai-cli --gateway --block-secrets     Block requests with secrets
-    npx cto-ai-cli --gateway --budget-daily 10   Daily budget ($10/day)
-
-  Phase 4 \u2014 Monorepo:
-    npx cto-ai-cli --monorepo                    Analyze monorepo structure
-    npx cto-ai-cli --monorepo --package <name>   Context savings for a package
-
-  Phase 5 \u2014 CI/CD Quality Gate:
-    npx cto-ai-cli --ci                          Run quality gate (exits 1 on failure)
-    npx cto-ai-cli --ci --threshold 80           Set minimum score (default: 70)
-    npx cto-ai-cli --ci --json                   JSON output for CI pipelines
-
-  Options:
-    npx cto-ai-cli --json                        Output as JSON (for CI/scripts)
-
-  What it does:
-    Analyzes your project's structure, dependencies, and risk profile.
-    Gives you a single 0-100 score showing how efficiently AI tools
-    can work with your codebase.
-
-  No data leaves your machine. No API keys needed. MIT licensed.
-  Learn more: https://npmjs.com/package/cto-ai-cli
-`);
-    process.exit(0);
-  }
-  if (gatewayMode) {
-    const { ContextGateway: ContextGateway2 } = await Promise.resolve().then(() => (init_server(), server_exports));
-    const { DEFAULT_GATEWAY_CONFIG: DEFAULT_GATEWAY_CONFIG2 } = await Promise.resolve().then(() => (init_types(), types_exports));
-    const getArg = (flag) => {
-      const idx = args.indexOf(flag);
-      return idx !== -1 && args[idx + 1] ? args[idx + 1] : void 0;
-    };
-    const gwConfig = { projectPath };
-    const port = getArg("--port");
-    if (port) gwConfig.port = parseInt(port, 10);
-    const budgetDaily = getArg("--budget-daily");
-    if (budgetDaily) gwConfig.budgetDaily = parseFloat(budgetDaily);
-    const budgetMonthly = getArg("--budget-monthly");
-    if (budgetMonthly) gwConfig.budgetMonthly = parseFloat(budgetMonthly);
-    const apiKey = getArg("--api-key");
-    if (apiKey) gwConfig.apiKey = apiKey;
-    if (args.includes("--block-secrets")) gwConfig.blockOnSecrets = true;
-    if (args.includes("--no-optimize")) gwConfig.optimize = false;
-    if (args.includes("--no-redact")) gwConfig.redactSecrets = false;
-    if (args.includes("--no-dashboard")) gwConfig.dashboard = false;
-    const finalConfig = { ...DEFAULT_GATEWAY_CONFIG2, ...gwConfig };
-    const gateway = new ContextGateway2(finalConfig);
-    gateway.onEvent((event) => {
-      const ts = (/* @__PURE__ */ new Date()).toLocaleTimeString();
-      switch (event.type) {
-        case "request": {
-          const r = event.record;
-          const saved = r.savedTokens > 0 ? ` (saved ${(r.savedTokens / 1e3).toFixed(1)}K)` : "";
-          const secrets = r.secretsRedacted > 0 ? ` [${r.secretsRedacted} redacted]` : "";
-          console.log(`  ${ts}  ${r.provider}/${r.model}  $${r.costUSD.toFixed(4)}${saved}${secrets}  ${r.latencyMs}ms`);
-          break;
-        }
-        case "budget-alert":
-          console.log(`  \u26A0\uFE0F  ${ts}  Budget alert: $${event.current.toFixed(2)}/$${event.limit.toFixed(2)} (${event.period})`);
-          break;
-        case "budget-exceeded":
-          console.log(`  \u{1F534}  ${ts}  Budget EXCEEDED: $${event.current.toFixed(2)}/$${event.limit.toFixed(2)} (${event.period})`);
-          break;
-        case "error":
-          console.log(`  \u274C  ${ts}  ${event.message}`);
-          break;
-      }
-    });
-    console.log("");
-    console.log("  \u26A1 CTO Context Gateway v4.1.0");
-    console.log("");
-    await gateway.start();
-    console.log(`  \u{1F310} Proxy:      http://${finalConfig.host}:${finalConfig.port}`);
-    if (finalConfig.dashboard) {
-      console.log(`  \u{1F4CA} Dashboard:  http://${finalConfig.host}:${finalConfig.port}${finalConfig.dashboardPath}`);
-    }
-    console.log(`  \u{1F4C1} Project:    ${finalConfig.projectPath}`);
-    console.log("");
-    console.log("  Waiting for requests... (Ctrl+C to stop)");
-    console.log("");
-    await new Promise(() => {
-    });
-    return;
-  }
-  console.log("");
-  console.log("  \u26A1 cto-score \u2014 analyzing your project...");
-  console.log("");
-  try {
-    const startTime = Date.now();
-    const analysis = await analyzeProject(projectPath);
-    const score = await computeContextScore(analysis);
-    const elapsed = ((Date.now() - startTime) / 1e3).toFixed(1);
-    if (jsonMode) {
-      console.log(JSON.stringify({
-        project: analysis.projectName,
-        files: analysis.totalFiles,
-        tokens: analysis.totalTokens,
-        score: score.overall,
-        grade: score.grade,
-        dimensions: {
-          efficiency: score.dimensions.efficiency.score,
-          coverage: score.dimensions.coverage.score,
-          riskControl: score.dimensions.riskControl.score,
-          structure: score.dimensions.structure.score,
-          governance: score.dimensions.governance.score
-        },
-        savings: {
-          percent: score.comparison.savedPercent,
-          monthlyUSD: score.comparison.monthlySavingsUSD,
-          tokensOptimized: score.comparison.optimizedTokens,
-          tokensNaive: score.comparison.naiveTokens
-        }
-      }, null, 2));
-      process.exit(0);
-    }
-    console.log(renderContextScore(score));
-    if (benchmarkMode) {
-      const benchmark = await runBenchmark(analysis);
-      console.log(renderBenchmark(benchmark));
-    }
-    if (fixMode) {
-      await runFix(projectPath, analysis, score);
-    }
-    if (contextTask) {
-      await runContext(projectPath, analysis, contextTask);
-    }
-    if (reportMode) {
-      await runReport(projectPath, analysis, score);
-    }
-    if (compareMode) {
-      runCompare(score);
-    }
-    if (auditMode) {
-      await runAudit(projectPath, analysis, { initHookMode, fullScanMode, noAllowlistMode });
-    }
-    if (monorepoMode) {
-      await runMonorepo(projectPath, analysis, targetPackage, jsonMode);
-    }
-    if (ciMode) {
-      await runCIGate(projectPath, analysis, score, thresholdArg, jsonMode);
-    }
-    console.log("");
-    console.log(`  Scanned in ${elapsed}s \xB7 ${analysis.totalFiles} files \xB7 ${Math.round(analysis.totalTokens / 1e3)}K tokens`);
-    console.log("");
-    console.log("  What does this mean?");
-    console.log(`    Your project scores ${score.overall}/100 (${score.grade}) for AI context efficiency.`);
-    if (score.overall >= 80) {
-      console.log("    \u2705 Great! AI tools can work effectively with your codebase.");
-    } else if (score.overall >= 60) {
-      console.log("    \u{1F7E1} Good, but there's room to improve. Run with --fix to auto-optimize.");
-    } else {
-      console.log("    \u{1F534} AI tools are likely wasting tokens on your project. Run with --fix.");
-    }
-    console.log("");
-    console.log("  Next steps:");
-    console.log("    npx cto-ai-cli --fix                  Auto-generate optimized context");
-    console.log('    npx cto-ai-cli --context "your task"  Task-specific context for Claude/Cursor');
-    console.log("    npx cto-ai-cli --report               Shareable report + badge");
-    console.log("    npx cto-ai-cli --compare              Compare vs popular open source");
-    console.log("    npm i -g cto-ai-cli                   Install for full CLI + MCP server");
-    console.log("");
-  } catch (err) {
-    console.error(`  \u274C Error: ${err.message}`);
-    console.error("");
-    console.error("  Make sure you're running this in a project directory with source files.");
-    console.error("  Supported: TypeScript, JavaScript, Python, Go, Rust, Java, C/C++");
-    process.exit(1);
-  }
-}
-async function runFix(projectPath, analysis, score) {
-  const ctoDir = join8(projectPath, ".cto");
-  mkdirSync3(ctoDir, { recursive: true });
-  const selection = await selectContext({
-    task: "general code review and refactoring",
-    analysis,
-    budget: 5e4
-  });
-  const criticalFiles = selection.files.filter((f) => f.riskScore >= 60).sort((a, b) => b.riskScore - a.riskScore);
-  const typeFiles = analysis.files.filter((f) => f.kind === "type").sort((a, b) => b.riskScore - a.riskScore);
-  const entryFiles = analysis.files.filter((f) => f.kind === "entry").sort((a, b) => b.riskScore - a.riskScore);
-  let contextMd = `# CTO Context \u2014 ${analysis.projectName}
-`;
-  contextMd += `# Generated by cto-ai-cli \xB7 Score: ${score.overall}/100 (${score.grade})
-`;
-  contextMd += `# Paste this into your AI prompt for better results.
-
-`;
-  contextMd += `## Critical files (always include these):
-`;
-  for (const f of criticalFiles.slice(0, 15)) {
-    contextMd += `- ${f.relativePath} \u2014 risk:${f.riskScore} (${f.reason})
-`;
-  }
-  if (typeFiles.length > 0) {
-    contextMd += `
-## Type definitions (AI needs these to generate correct code):
-`;
-    for (const f of typeFiles.slice(0, 10)) {
-      contextMd += `- ${f.relativePath} (${f.tokens} tokens)
-`;
-    }
-  }
-  if (entryFiles.length > 0) {
-    contextMd += `
-## Entry points:
-`;
-    for (const f of entryFiles.slice(0, 5)) {
-      contextMd += `- ${f.relativePath}
-`;
-    }
-  }
-  contextMd += `
-## Project structure:
-`;
-  contextMd += `- ${analysis.totalFiles} files, ${Math.round(analysis.totalTokens / 1e3)}K tokens total
-`;
-  contextMd += `- Stack: ${analysis.stack.join(", ") || "unknown"}
-`;
-  contextMd += `- Clusters: ${analysis.graph.clusters.length}
-`;
-  contextMd += `- Hubs: ${analysis.graph.hubs.map((h) => h.relativePath).slice(0, 5).join(", ")}
-`;
-  contextMd += `
-## Recommended token budget: ${selection.totalTokens.toLocaleString()} tokens
-`;
-  contextMd += `## Full project tokens: ${analysis.totalTokens.toLocaleString()} tokens
-`;
-  contextMd += `## Savings: ${score.comparison.savedPercent}% (${formatTokens(score.comparison.savedTokens)})
-`;
-  writeFileSync2(join8(ctoDir, "context.md"), contextMd);
-  const config = {
-    version: "3.0",
-    project: analysis.projectName,
-    generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
-    score: score.overall,
-    grade: score.grade,
-    budget: 5e4,
-    criticalFiles: criticalFiles.slice(0, 20).map((f) => f.relativePath),
-    typeFiles: typeFiles.map((f) => f.relativePath),
-    ignorePatterns: [
-      "node_modules",
-      "dist",
-      "build",
-      ".git",
-      "*.test.*",
-      "*.spec.*",
-      "__tests__",
-      "*.md",
-      "*.json",
-      "*.lock"
-    ],
-    insights: score.insights.slice(0, 5).map((i) => ({
-      type: i.type,
-      title: i.title,
-      impact: i.impact
-    }))
-  };
-  writeFileSync2(join8(ctoDir, "config.json"), JSON.stringify(config, null, 2));
-  const ignoreContent = [
-    "# CTO AI-ignore \u2014 files that add noise to AI context",
-    "# Generated by cto-ai-cli",
-    "",
-    "# Build artifacts",
-    "dist/",
-    "build/",
-    ".next/",
-    "coverage/",
-    "",
-    "# Dependencies",
-    "node_modules/",
+    `> **${analysis.projectName}** \xB7 ${analysis.totalFiles} files \xB7 ${Math.round(analysis.totalTokens / 1e3)}K tokens`,
     "",
-    "# Large/binary files",
-    "*.lock",
-    "package-lock.json",
-    "yarn.lock",
+    "### Checks",
     "",
-    "# Low-value for AI",
-    ...analysis.graph.orphans.filter((o) => {
-      const f = analysis.files.find((af) => af.relativePath === o);
-      return f && f.riskScore < 20;
-    }).slice(0, 20).map((o) => `${o}  # orphan, low-risk`),
-    ""
-  ].join("\n");
-  writeFileSync2(join8(ctoDir, ".cteignore"), ignoreContent);
-  console.log("");
-  console.log("  \u2705 Auto-fix complete! Generated:");
-  console.log("");
-  console.log("  \u{1F4CB} .cto/context.md     Copy-paste this into Claude/Cursor/ChatGPT");
-  console.log("  \u2699\uFE0F  .cto/config.json    Optimized CTO configuration");
-  console.log("  \u{1F6AB} .cto/.cteignore     Files AI should skip");
-  console.log("");
-  console.log("  \u{1F4A1} Tip: Paste .cto/context.md at the start of your AI conversation");
-  console.log("     for dramatically better code generation.");
-  console.log("");
-}
-async function runContext(projectPath, analysis, task) {
-  const ctoDir = join8(projectPath, ".cto");
-  mkdirSync3(ctoDir, { recursive: true });
-  const selection = await selectContext({
-    task,
-    analysis,
-    budget: 5e4
-  });
-  const typeFiles = analysis.files.filter((f) => f.kind === "type");
-  const selectedPaths = new Set(selection.files.map((f) => f.relativePath));
-  const includedTypes = typeFiles.filter((f) => selectedPaths.has(f.relativePath));
-  let contextMd = `# Context for: ${task}
-`;
-  contextMd += `# Generated by cto-ai-cli
-`;
-  contextMd += `# ${selection.files.length} files selected, ${selection.totalTokens.toLocaleString()} tokens
-
-`;
-  const targets = selection.files.filter((f) => f.reason === "Target file");
-  const critical = selection.files.filter((f) => f.riskScore >= 80 && f.reason !== "Target file");
-  const high = selection.files.filter((f) => f.riskScore >= 60 && f.riskScore < 80 && f.reason !== "Target file");
-  const rest = selection.files.filter((f) => f.riskScore < 60 && f.reason !== "Target file");
-  if (targets.length > 0) {
-    contextMd += `## Target files (directly related to task):
-`;
-    for (const f of targets) {
-      contextMd += `- ${f.relativePath}
-`;
-    }
-    contextMd += "\n";
+    "| Check | Status | Detail |",
+    "|-------|--------|--------|"
+  ];
+  for (const check of checks) {
+    const icon = check.passed ? "\u2705" : check.severity === "warning" ? "\u26A0\uFE0F" : "\u274C";
+    lines.push(`| ${check.name} | ${icon} | ${check.detail} |`);
   }
-  if (critical.length > 0) {
-    contextMd += `## Critical dependencies:
-`;
-    for (const f of critical) {
-      contextMd += `- ${f.relativePath} \u2014 ${f.reason}
-`;
-    }
-    contextMd += "\n";
+  lines.push("");
+  lines.push("### Dimensions");
+  lines.push("");
+  lines.push("| Dimension | Score | vs Baseline |");
+  lines.push("|-----------|-------|-------------|");
+  for (const [name, dim] of Object.entries(score.dimensions)) {
+    const prev = baseline?.dimensions[name];
+    const diff = prev !== void 0 ? dim.score - prev : null;
+    const diffStr = diff !== null ? `${diff >= 0 ? "+" : ""}${diff}` : "\u2014";
+    const bar = renderBar2(dim.score);
+    lines.push(`| ${name} | ${bar} ${dim.score}% | ${diffStr} |`);
   }
-  if (includedTypes.length > 0) {
-    contextMd += `## Type definitions (needed for correct code generation):
-`;
-    for (const f of includedTypes) {
-      contextMd += `- ${f.relativePath}
-`;
+  lines.push("");
+  lines.push("### Savings");
+  lines.push("");
+  lines.push(`| Metric | Value |`);
+  lines.push(`|--------|-------|`);
+  lines.push(`| Tokens saved | ${score.comparison.savedTokens.toLocaleString()} (${score.comparison.savedPercent}%) |`);
+  lines.push(`| Monthly savings | $${score.comparison.monthlySavingsUSD.toFixed(2)} |`);
+  if (score.insights.length > 0) {
+    lines.push("");
+    lines.push("### Insights");
+    lines.push("");
+    for (const insight of score.insights.slice(0, 5)) {
+      const icon = insight.type === "strength" ? "\u2705" : insight.type === "weakness" ? "\u26A0\uFE0F" : "\u{1F4A1}";
+      lines.push(`- ${icon} **${insight.title}** \u2014 ${insight.detail}`);
     }
-    contextMd += "\n";
   }
-  if (high.length > 0) {
-    contextMd += `## High-relevance files:
-`;
-    for (const f of high) {
-      contextMd += `- ${f.relativePath}
-`;
-    }
-    contextMd += "\n";
+  lines.push("");
+  lines.push("---");
+  lines.push(`<sub>Generated by [CTO Quality Gate](https://npmjs.com/package/cto-ai-cli) \xB7 ${(/* @__PURE__ */ new Date()).toISOString().split("T")[0]}</sub>`);
+  return lines.join("\n");
+}
+function renderBar2(score) {
+  const filled = Math.round(score / 10);
+  return "\u2588".repeat(filled) + "\u2591".repeat(10 - filled);
+}
+function generateSummary(score, checks, passed) {
+  const status = passed ? "\u2705 PASSED" : "\u274C FAILED";
+  const failedChecks = checks.filter((c) => !c.passed && c.severity === "error");
+  const warnings = checks.filter((c) => !c.passed && c.severity === "warning");
+  let summary = `Quality Gate ${status} \u2014 Score: ${score.overall}/100 (${score.grade})`;
+  if (failedChecks.length > 0) {
+    summary += `
+Failed: ${failedChecks.map((c) => c.name).join(", ")}`;
   }
-  if (rest.length > 0) {
-    contextMd += `## Supporting files:
-`;
-    for (const f of rest.slice(0, 15)) {
-      contextMd += `- ${f.relativePath}
-`;
-    }
-    if (rest.length > 15) {
-      contextMd += `- ... and ${rest.length - 15} more
-`;
-    }
-    contextMd += "\n";
+  if (warnings.length > 0) {
+    summary += `
+Warnings: ${warnings.map((c) => c.name).join(", ")}`;
   }
-  contextMd += `---
-
-`;
-  contextMd += `## File contents (top ${Math.min(targets.length + critical.length, 10)} files):
-
-`;
-  const topFiles = [...targets, ...critical].slice(0, 10);
-  for (const sf of topFiles) {
-    const fullFile = analysis.files.find((f) => f.relativePath === sf.relativePath);
-    if (!fullFile) continue;
-    try {
-      const content = readFileSync4(fullFile.path, "utf-8");
-      const ext = fullFile.extension.replace(".", "");
-      contextMd += `### ${sf.relativePath}
-`;
-      const maxChars = 5e3;
-      const truncated = content.length > maxChars;
-      contextMd += `\`\`\`${ext}
-${content.slice(0, maxChars)}${truncated ? "\n// ... [truncated \u2014 " + (content.length - maxChars) + " chars omitted]" : ""}
-\`\`\`
+  return summary;
+}
 
-`;
-    } catch {
-    }
+// src/cli/commands/ci.ts
+async function runCIGate(projectPath, analysis, score, threshold, jsonMode) {
+  const filePaths = analysis.files.map((f) => f.path);
+  const auditResult = await auditProject(projectPath, filePaths, { includePII: false });
+  const result = await runQualityGate(score, analysis, auditResult.findings, { threshold });
+  await saveBaseline(projectPath, score);
+  if (jsonMode) {
+    console.log(JSON.stringify(result, null, 2));
+    if (!result.passed) process.exit(1);
+    return;
   }
-  const safeName = task.replace(/[^a-zA-Z0-9]/g, "-").toLowerCase().slice(0, 40);
-  const filename = `context-${safeName}.md`;
-  writeFileSync2(join8(ctoDir, filename), contextMd);
   console.log("");
-  console.log(`  \u2705 Task context generated!`);
+  console.log("  \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+  console.log(`  \u{1F6A6} Quality Gate: ${result.passed ? "\u2705 PASSED" : "\u274C FAILED"}`);
+  console.log("  \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
   console.log("");
-  console.log(`  \u{1F4CB} .cto/${filename}`);
-  console.log(`     ${selection.files.length} files \xB7 ${selection.totalTokens.toLocaleString()} tokens`);
-  console.log(`     Coverage: ${selection.coverage.score}%`);
+  for (const check of result.checks) {
+    const icon = check.passed ? "\u2705" : check.severity === "warning" ? "\u26A0\uFE0F" : "\u274C";
+    console.log(`  ${icon} ${check.name}: ${check.detail}`);
+  }
+  if (result.delta !== null) {
+    const arrow = result.delta >= 0 ? "\u2191" : "\u2193";
+    console.log("");
+    console.log(`  \u{1F4CA} Score: ${result.score}/100 (${result.grade}) ${arrow} ${Math.abs(result.delta)} from baseline`);
+  }
   console.log("");
-  console.log(`  \u{1F4A1} Copy-paste this file into Claude/Cursor/ChatGPT for`);
-  console.log(`     optimized context on: "${task}"`);
+  console.log("  \u{1F4CB} Baseline saved to .cto/baseline.json");
   console.log("");
+  if (!result.passed) {
+    console.log("  \u274C Quality gate failed. Fix the issues above and re-run.");
+    process.exit(1);
+  }
 }
-async function runReport(projectPath, analysis, score) {
-  const gradeEmoji = score.grade.startsWith("A") ? "\u{1F7E2}" : score.grade.startsWith("B") ? "\u{1F535}" : score.grade.startsWith("C") ? "\u{1F7E1}" : "\u{1F534}";
-  const gradeColor = score.overall >= 80 ? "brightgreen" : score.overall >= 60 ? "green" : score.overall >= 40 ? "yellow" : "red";
-  let report = `# CTO Context Score\u2122 Report
-
-`;
-  const safeGrade = encodeURIComponent(score.grade);
-  report += `![CTO Score](https://img.shields.io/badge/CTO_Score-${score.overall}%2F100-${gradeColor}?style=for-the-badge)
-`;
-  report += `![Grade](https://img.shields.io/badge/Grade-${safeGrade}-${gradeColor}?style=for-the-badge)
-
-`;
-  report += `> Generated by [cto-ai-cli](https://npmjs.com/package/cto-ai-cli) on ${(/* @__PURE__ */ new Date()).toISOString().split("T")[0]}
-
-`;
-  report += `## Project: ${analysis.projectName}
-
-`;
-  report += `| Metric | Value |
-`;
-  report += `|--------|-------|
-`;
-  report += `| **Score** | ${gradeEmoji} ${score.overall}/100 (${score.grade}) |
-`;
-  report += `| **Files** | ${analysis.totalFiles} |
-`;
-  report += `| **Total tokens** | ${analysis.totalTokens.toLocaleString()} |
-`;
-  report += `| **Optimized tokens** | ${score.comparison.optimizedTokens.toLocaleString()} |
-`;
-  report += `| **Token savings** | ${score.comparison.savedPercent}% (${formatTokens(score.comparison.savedTokens)}) |
-`;
-  report += `| **Est. monthly savings** | $${score.comparison.monthlySavingsUSD.toFixed(2)} |
-`;
-  report += `| **Stack** | ${analysis.stack.join(", ") || "unknown"} |
-
-`;
-  report += `## Dimensions
 
-`;
-  report += `| Dimension | Score | Weight | Detail |
-`;
-  report += `|-----------|-------|--------|--------|
-`;
-  report += `| Efficiency | ${score.dimensions.efficiency.score}% | 30% | ${score.dimensions.efficiency.detail} |
-`;
-  report += `| Coverage | ${score.dimensions.coverage.score}% | 25% | ${score.dimensions.coverage.detail} |
-`;
-  report += `| Risk Control | ${score.dimensions.riskControl.score}% | 20% | ${score.dimensions.riskControl.detail} |
-`;
-  report += `| Structure | ${score.dimensions.structure.score}% | 15% | ${score.dimensions.structure.detail} |
-`;
-  report += `| Governance | ${score.dimensions.governance.score}% | 10% | ${score.dimensions.governance.detail} |
+// src/engine/feedback.ts
+import { resolve as resolve6, join as join10 } from "path";
+import { readFile as readFile7, writeFile as writeFile3, mkdir as mkdir2 } from "fs/promises";
 
-`;
-  if (score.insights.length > 0) {
-    report += `## Insights
+// src/interact/router.ts
+var TASK_KEYWORDS = {
+  debug: ["debug", "fix", "bug", "error", "issue", "broken", "crash", "failing", "wrong"],
+  review: ["review", "check", "assess", "evaluate", "audit", "inspect", "critique"],
+  refactor: ["refactor", "restructure", "reorganize", "clean up", "simplify", "extract", "move"],
+  test: ["test", "spec", "coverage", "unit test", "integration test", "e2e"],
+  docs: ["document", "docs", "readme", "jsdoc", "comment", "explain"],
+  feature: ["add", "implement", "create", "build", "new", "feature", "endpoint"],
+  architecture: ["architecture", "design", "system", "structure", "migrate", "pattern"],
+  "simple-edit": ["rename", "typo", "update", "change", "modify", "tweak", "adjust"]
+};
+function classifyTask(taskDescription) {
+  const lower = taskDescription.toLowerCase();
+  let bestType = "simple-edit";
+  let bestScore = 0;
+  for (const [type, keywords] of Object.entries(TASK_KEYWORDS)) {
+    let score = 0;
+    for (const kw of keywords) {
+      if (lower.includes(kw)) score++;
+    }
+    if (score > bestScore) {
+      bestScore = score;
+      bestType = type;
+    }
+  }
+  return bestType;
+}
 
-`;
-    for (const insight of score.insights.slice(0, 8)) {
-      const icon = insight.type === "strength" ? "\u2705" : insight.type === "weakness" ? "\u26A0\uFE0F" : "\u{1F4A1}";
-      report += `- ${icon} **${insight.title}** \u2014 ${insight.detail}
-`;
+// src/engine/feedback.ts
+async function getFeedbackPath(projectPath) {
+  const ctoDir = join10(resolve6(projectPath), ".cto");
+  await mkdir2(ctoDir, { recursive: true });
+  return join10(ctoDir, "feedback.json");
+}
+async function getModelPath(projectPath) {
+  const ctoDir = join10(resolve6(projectPath), ".cto");
+  await mkdir2(ctoDir, { recursive: true });
+  return join10(ctoDir, "feedback-model.json");
+}
+async function loadFeedback(projectPath) {
+  try {
+    const raw = await readFile7(await getFeedbackPath(projectPath), "utf-8");
+    return JSON.parse(raw);
+  } catch {
+    return [];
+  }
+}
+async function loadFeedbackModel(projectPath) {
+  try {
+    const raw = await readFile7(await getModelPath(projectPath), "utf-8");
+    return JSON.parse(raw);
+  } catch {
+    return createEmptyModel();
+  }
+}
+function createEmptyModel() {
+  return {
+    version: 2,
+    updatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    totalFeedback: 0,
+    acceptRate: 0,
+    fileAcceptance: {},
+    taskTypeAcceptance: {},
+    pairAcceptance: {},
+    sessions: {},
+    strategyComparison: {},
+    insights: []
+  };
+}
+async function exportFeedbackForTeam(projectPath, projectName) {
+  const model = await loadFeedbackModel(projectPath);
+  const entries = await loadFeedback(projectPath);
+  return {
+    version: 2,
+    exportedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    projectName,
+    model,
+    entrySummary: {
+      total: entries.length,
+      accepted: entries.filter((e) => e.outcome.accepted).length,
+      sessions: new Set(entries.map((e) => e.sessionId).filter(Boolean)).size
+    }
+  };
+}
+function renderFeedbackReport(model) {
+  const lines = [];
+  lines.push("");
+  lines.push(`  \u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557`);
+  lines.push(`  \u2551        \u{1F4CA} Feedback Loop Report                   \u2551`);
+  lines.push(`  \u2560\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2563`);
+  lines.push(`  \u2551                                                  \u2551`);
+  lines.push(`  \u2551  Total feedback:  ${pad2(model.totalFeedback.toString(), 8)}                   \u2551`);
+  lines.push(`  \u2551  Accept rate:     ${pad2(Math.round(model.acceptRate * 100) + "%", 8)}                   \u2551`);
+  lines.push(`  \u2551  Tracked files:   ${pad2(Object.keys(model.fileAcceptance).length.toString(), 8)}                   \u2551`);
+  lines.push(`  \u2551  Task types:      ${pad2(Object.keys(model.taskTypeAcceptance).length.toString(), 8)}                   \u2551`);
+  lines.push(`  \u2551                                                  \u2551`);
+  if (model.insights.length > 0) {
+    lines.push(`  \u2551  Insights:                                       \u2551`);
+    for (const insight of model.insights.slice(0, 5)) {
+      const icon = insight.type === "positive" ? "\u2705" : insight.type === "negative" ? "\u26A0\uFE0F" : "\u{1F4A1}";
+      lines.push(`  \u2551  ${icon} ${pad2(insight.title, 43)}  \u2551`);
     }
-    report += "\n";
   }
-  report += `## Badge for your README
-
-`;
-  report += `\`\`\`markdown
-`;
-  report += `![CTO Score](https://img.shields.io/badge/CTO_Score-${score.overall}%2F100-${gradeColor})
-`;
-  report += `\`\`\`
+  lines.push(`  \u2551                                                  \u2551`);
+  lines.push(`  \u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D`);
+  return lines.join("\n");
+}
+function pad2(s, w) {
+  return s.padEnd(w).substring(0, w);
+}
+function renderCrossRepoReport(stats) {
+  const lines = [];
+  lines.push("");
+  lines.push("  \u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557");
+  lines.push("  \u2551        \u{1F310} Cross-Repo Intelligence                \u2551");
+  lines.push("  \u2560\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2563");
+  lines.push("  \u2551                                                  \u2551");
+  lines.push(`  \u2551  Projects learned:    ${pad2(stats.totalProjects.toString(), 8)}                   \u2551`);
+  lines.push(`  \u2551  Total observations:  ${pad2(stats.totalObservations.toString(), 8)}                   \u2551`);
+  lines.push(`  \u2551  Archetypes:          ${pad2(stats.archetypes.length.toString(), 8)}                   \u2551`);
+  lines.push(`  \u2551  Universal patterns:  ${pad2(stats.universalPatterns.toString(), 8)}                   \u2551`);
+  lines.push("  \u2551                                                  \u2551");
+  if (stats.archetypes.length > 0) {
+    lines.push("  \u2551  Archetypes:                                     \u2551");
+    for (const a of stats.archetypes.slice(0, 5)) {
+      lines.push(`  \u2551    ${pad2(a.name, 24)} ${pad2(a.observations + " obs", 12)}     \u2551`);
+    }
+  }
+  lines.push("  \u2551                                                  \u2551");
+  lines.push("  \u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D");
+  return lines.join("\n");
+}
 
-`;
-  report += `---
+// src/engine/predictor.ts
+import { resolve as resolve7, join as join11 } from "path";
+import { readFile as readFile8, writeFile as writeFile4, mkdir as mkdir3 } from "fs/promises";
+init_graph_utils();
+var DEFAULT_PREDICTOR_CONFIG = {
+  maxCoSelectionPairs: 500,
+  decayFactor: 0.95,
+  // slight decay to favor recent patterns
+  minObservations: 2
+  // need at least 2 observations before predicting
+};
+async function getModelPath2(projectPath) {
+  const ctoDir = join11(resolve7(projectPath), ".cto");
+  await mkdir3(ctoDir, { recursive: true });
+  return join11(ctoDir, "predictor.json");
+}
+async function loadModel(projectPath) {
+  try {
+    const path = await getModelPath2(projectPath);
+    const raw = await readFile8(path, "utf-8");
+    return JSON.parse(raw);
+  } catch {
+    return createEmptyModel2();
+  }
+}
+function createEmptyModel2() {
+  return {
+    version: 1,
+    trainedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    totalObservations: 0,
+    taskTypeFrequency: {},
+    keywordFrequency: {},
+    fileStats: {},
+    coSelection: {}
+  };
+}
+async function predictRelevantFiles(projectPath, task, analysis, config = {}) {
+  const cfg = { ...DEFAULT_PREDICTOR_CONFIG, ...config };
+  const model = await loadModel(projectPath);
+  if (model.totalObservations < cfg.minObservations) {
+    return [];
+  }
+  const taskType = classifyTask(task);
+  const keywords = extractKeywords(task);
+  const scores = /* @__PURE__ */ new Map();
+  const boost = (path, amount, reason) => {
+    const existing = scores.get(path) ?? { score: 0, reasons: [] };
+    existing.score += amount;
+    existing.reasons.push(reason);
+    scores.set(path, existing);
+  };
+  const taskFreqs = model.taskTypeFrequency[taskType];
+  if (taskFreqs) {
+    const maxFreq = Math.max(...Object.values(taskFreqs));
+    for (const [path, freq] of Object.entries(taskFreqs)) {
+      const normalized = maxFreq > 0 ? freq / maxFreq : 0;
+      boost(path, normalized * 30, `${taskType} task history (${freq}\xD7 selected)`);
+    }
+  }
+  for (const kw of keywords) {
+    const kwFreqs = model.keywordFrequency[kw];
+    if (kwFreqs) {
+      const maxFreq = Math.max(...Object.values(kwFreqs));
+      for (const [path, freq] of Object.entries(kwFreqs)) {
+        const normalized = maxFreq > 0 ? freq / maxFreq : 0;
+        boost(path, normalized * 20, `keyword "${kw}" (${freq}\xD7 selected)`);
+      }
+    }
+  }
+  for (const [path, stats] of Object.entries(model.fileStats)) {
+    const freqRatio = model.totalObservations > 0 ? stats.totalSelections / model.totalObservations : 0;
+    if (freqRatio > 0.3) {
+      boost(path, freqRatio * 10, `frequently selected (${stats.totalSelections}/${model.totalObservations})`);
+    }
+  }
+  const topPredicted = [...scores.entries()].sort((a, b) => b[1].score - a[1].score).slice(0, 10).map(([path]) => path);
+  for (const topPath of topPredicted) {
+    const coFiles = model.coSelection[topPath];
+    if (coFiles) {
+      for (const [coPath, count] of Object.entries(coFiles)) {
+        if (count >= 2) {
+          boost(coPath, count * 2, `co-selected with ${topPath} (${count}\xD7)`);
+        }
+      }
+    }
+  }
+  const existingPaths = new Set(analysis.files.map((f) => f.relativePath));
+  const results = [];
+  for (const [path, data] of scores) {
+    if (existingPaths.has(path)) {
+      results.push({
+        filePath: path,
+        predictedScore: Math.round(data.score * 10) / 10,
+        reasons: data.reasons.slice(0, 5)
+      });
+    }
+  }
+  return results.sort((a, b) => b.predictedScore - a.predictedScore).slice(0, 50);
+}
+function getModelStats(model) {
+  const coSelectionPairs = Object.values(model.coSelection).reduce((s, pairs) => s + Object.keys(pairs).length, 0) / 2;
+  return {
+    observations: model.totalObservations,
+    taskTypes: Object.keys(model.taskTypeFrequency).length,
+    keywords: Object.keys(model.keywordFrequency).length,
+    trackedFiles: Object.keys(model.fileStats).length,
+    coSelectionPairs: Math.round(coSelectionPairs),
+    trainedAt: model.trainedAt
+  };
+}
+function extractKeywords(task) {
+  const stopWords = /* @__PURE__ */ new Set([
+    "the",
+    "a",
+    "an",
+    "is",
+    "are",
+    "was",
+    "were",
+    "be",
+    "been",
+    "being",
+    "have",
+    "has",
+    "had",
+    "do",
+    "does",
+    "did",
+    "will",
+    "would",
+    "could",
+    "should",
+    "may",
+    "might",
+    "can",
+    "shall",
+    "to",
+    "of",
+    "in",
+    "for",
+    "on",
+    "with",
+    "at",
+    "by",
+    "from",
+    "as",
+    "into",
+    "through",
+    "and",
+    "but",
+    "or",
+    "not",
+    "this",
+    "that",
+    "it",
+    "its",
+    "fix",
+    "add",
+    "remove",
+    "update",
+    "change",
+    "refactor",
+    "implement",
+    "create",
+    "build",
+    "make",
+    "code",
+    "file",
+    "module",
+    "function"
+  ]);
+  return task.toLowerCase().replace(/[^a-z0-9\s]/g, "").split(/\s+/).filter((w) => w.length > 2 && !stopWords.has(w));
+}
 
-`;
-  report += `*Run \`npx cto-ai-cli\` to generate your own report. [Learn more](https://npmjs.com/package/cto-ai-cli)*
-`;
-  const ctoDir = join8(projectPath, ".cto");
-  mkdirSync3(ctoDir, { recursive: true });
-  writeFileSync2(join8(ctoDir, "report.md"), report);
-  console.log("");
-  console.log("  \u2705 Report generated!");
-  console.log("");
-  console.log("  \u{1F4CA} .cto/report.md     Share on Slack, Discord, or GitHub");
-  console.log("");
-  console.log("  \u{1F3F7}\uFE0F  Badge for your README:");
-  console.log(`     ![CTO Score](https://img.shields.io/badge/CTO_Score-${score.overall}%2F100-${gradeColor})`);
-  console.log("");
-  console.log("  Copy-paste this markdown into your README:");
-  console.log(`     ![CTO Score](https://img.shields.io/badge/CTO_Score-${score.overall}%2F100-${gradeColor})`);
-  console.log("");
+// src/engine/cross-repo.ts
+import { join as join12, basename as basename4 } from "path";
+import { readFile as readFile9, writeFile as writeFile5, mkdir as mkdir4 } from "fs/promises";
+function getGlobalModelPath() {
+  const home = process.env.HOME ?? process.env.USERPROFILE ?? "/tmp";
+  return join12(home, ".cto", "global-intelligence.json");
+}
+async function loadGlobalModel() {
+  try {
+    const raw = await readFile9(getGlobalModelPath(), "utf-8");
+    return JSON.parse(raw);
+  } catch {
+    return createEmptyModel3();
+  }
 }
-function runCompare(score) {
-  const benchmarks = [
-    { name: "Zod", score: 92, grade: "A", files: 441, tokens: "804K" },
-    { name: "Prisma Client", score: 88, grade: "A", files: 320, tokens: "650K" },
-    { name: "tRPC", score: 85, grade: "A-", files: 280, tokens: "420K" },
-    { name: "Next.js (core)", score: 78, grade: "B+", files: 890, tokens: "2.1M" },
-    { name: "Express.js", score: 74, grade: "B-", files: 158, tokens: "171K" },
-    { name: "Lodash", score: 65, grade: "C+", files: 612, tokens: "380K" }
-  ];
+function createEmptyModel3() {
+  return {
+    version: 1,
+    updatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    totalProjects: 0,
+    totalObservations: 0,
+    archetypes: {},
+    universalPatterns: []
+  };
+}
+function getCrossRepoStats(model) {
+  return {
+    totalProjects: model.totalProjects,
+    totalObservations: model.totalObservations,
+    archetypes: Object.values(model.archetypes).map((a) => ({
+      name: a.name,
+      projects: a.projectCount,
+      observations: a.observationCount
+    })),
+    universalPatterns: model.universalPatterns.length
+  };
+}
+
+// src/cli/commands/learn.ts
+async function runLearn(projectPath, analysis, jsonMode) {
+  const feedbackModel = await loadFeedbackModel(projectPath);
+  const predictorModel = await loadModel(projectPath);
+  const predictorStats = getModelStats(predictorModel);
+  const globalModel = await loadGlobalModel();
+  const crossRepoStats = getCrossRepoStats(globalModel);
+  if (jsonMode) {
+    const exported = await exportFeedbackForTeam(projectPath, analysis.projectName);
+    console.log(JSON.stringify({
+      feedback: feedbackModel,
+      predictor: predictorStats,
+      crossRepo: crossRepoStats,
+      teamExport: exported
+    }, null, 2));
+    return;
+  }
+  console.log(renderFeedbackReport(feedbackModel));
   console.log("");
   console.log("  \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
-  console.log("  \u{1F4CA} Your project vs popular open source");
+  console.log("  \u{1F9E0} Predictor Model");
   console.log("  \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
   console.log("");
-  const all = [
-    { name: `\u2192 ${score.meta.projectName} (you)`, score: score.overall, grade: score.grade, isYou: true },
-    ...benchmarks.map((b) => ({ ...b, isYou: false }))
-  ].sort((a, b) => b.score - a.score);
-  for (const entry of all) {
-    const bar = renderCompareBar(entry.score);
-    const marker = entry.isYou ? "  \u25C4" : "";
-    const name = entry.name.padEnd(25);
-    console.log(`  ${name} ${entry.score.toString().padStart(3)}/100 (${entry.grade.padEnd(2)}) ${bar}${marker}`);
-  }
+  console.log(`  Observations:     ${predictorStats.observations}`);
+  console.log(`  Task types:       ${predictorStats.taskTypes}`);
+  console.log(`  Keywords:         ${predictorStats.keywords}`);
+  console.log(`  Tracked files:    ${predictorStats.trackedFiles}`);
+  console.log(`  Co-selection:     ${predictorStats.coSelectionPairs} pairs`);
+  console.log(`  Last trained:     ${predictorStats.trainedAt || "never"}`);
   console.log("");
-  const beaten = benchmarks.filter((b) => score.overall > b.score);
-  const aheadOf = benchmarks.filter((b) => score.overall < b.score);
-  if (beaten.length > 0) {
-    console.log(`  \u2705 You beat: ${beaten.map((b) => b.name).join(", ")}`);
+  console.log(renderCrossRepoReport(crossRepoStats));
+  if (feedbackModel.insights.length > 0) {
+    console.log("");
+    console.log("  \u{1F4A1} Top Insights:");
+    console.log("");
+    for (const insight of feedbackModel.insights.slice(0, 8)) {
+      const icon = insight.type === "positive" ? "\u2705" : insight.type === "negative" ? "\u26A0\uFE0F" : "\u{1F4A1}";
+      console.log(`  ${icon} ${insight.title}`);
+      console.log(`     ${insight.detail}`);
+    }
+    console.log("");
   }
-  if (aheadOf.length > 0 && aheadOf.length <= 3) {
-    console.log(`  \u{1F3AF} To reach ${aheadOf[0].name}'s level: run --fix and address the insights above`);
+  const strategies = Object.entries(feedbackModel.strategyComparison);
+  if (strategies.length > 1) {
+    console.log("");
+    console.log("  \u{1F52C} A/B Strategy Comparison:");
+    console.log("");
+    for (const [name, sc] of strategies) {
+      console.log(`  ${name}: ${Math.round(sc.acceptRate * 100)}% accept (n=${sc.totalCount}), avg ${Math.round(sc.avgTimeToAccept / 1e3)}s`);
+    }
+    console.log("");
   }
-  if (beaten.length === benchmarks.length) {
-    console.log("  \u{1F3C6} You outperform ALL benchmarked projects! \u{1F389}");
+}
+async function runPredict(projectPath, analysis, task, jsonMode) {
+  const predictions = await predictRelevantFiles(projectPath, task, analysis);
+  if (jsonMode) {
+    console.log(JSON.stringify({ task, predictions }, null, 2));
+    return;
   }
   console.log("");
-}
-function renderCompareBar(pct) {
-  const width = 25;
-  const filled = Math.round(pct / 100 * width);
-  const empty = width - filled;
-  return "\u2588".repeat(filled) + "\u2591".repeat(empty);
-}
-async function runAudit(projectPath, analysis, flags = {}) {
-  if (flags.initHookMode) {
-    const { generatePreCommitHook: generatePreCommitHook2 } = await Promise.resolve().then(() => (init_secrets(), secrets_exports));
-    const hookPath = generatePreCommitHook2(projectPath, "husky");
-    console.log("");
-    console.log("  \u2705 Pre-commit hook generated!");
-    console.log(`  \u{1F4CB} ${hookPath}`);
-    console.log("");
-    console.log("  Staged files will be scanned for secrets before every commit.");
-    console.log("  To remove: delete the hook file.");
+  console.log("  \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+  console.log(`  \u{1F52E} Predictions for: "${task}"`);
+  console.log("  \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+  console.log("");
+  if (predictions.length === 0) {
+    console.log("  Not enough learning data yet. Use the tool more and run --learn to see insights.");
     console.log("");
     return;
   }
+  for (const p of predictions.slice(0, 15)) {
+    const bar = "\u2588".repeat(Math.round(p.predictedScore / 5)) + "\u2591".repeat(Math.max(0, 20 - Math.round(p.predictedScore / 5)));
+    console.log(`  ${bar} ${p.predictedScore.toFixed(1).padStart(5)}  ${p.filePath}`);
+    if (p.reasons.length > 0) console.log(`                           ${p.reasons[0]}`);
+  }
   console.log("");
-  console.log("  \u{1F50D} Running security audit...");
+  console.log(`  ${predictions.length} files predicted as relevant.`);
   console.log("");
-  const filePaths = analysis.files.map((f) => f.path);
-  const result = await auditProject(projectPath, filePaths, {
-    includePII: true,
-    incrementalScan: !flags.fullScanMode,
-    useAllowlist: !flags.noAllowlistMode
-  });
-  const { summary, findings, recommendations } = result;
-  const statusIcon = summary.bySeverity.critical > 0 ? "\u{1F534}" : summary.bySeverity.high > 0 ? "\u{1F7E0}" : summary.totalFindings > 0 ? "\u{1F7E1}" : "\u{1F7E2}";
-  const statusText = summary.bySeverity.critical > 0 ? "CRITICAL ISSUES FOUND" : summary.bySeverity.high > 0 ? "HIGH-SEVERITY ISSUES FOUND" : summary.totalFindings > 0 ? "MINOR ISSUES FOUND" : "ALL CLEAR";
-  console.log("  \u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557");
-  console.log("  \u2551                                                  \u2551");
-  console.log(`  \u2551   ${statusIcon} Security Audit: ${statusText.padEnd(28)} \u2551`);
-  console.log("  \u2551                                                  \u2551");
-  console.log(`  \u2551   Files scanned:  ${summary.filesScanned.toString().padEnd(30)} \u2551`);
-  console.log(`  \u2551   Files affected: ${summary.filesWithSecrets.toString().padEnd(30)} \u2551`);
-  console.log(`  \u2551   Total findings: ${summary.totalFindings.toString().padEnd(30)} \u2551`);
-  console.log("  \u2551                                                  \u2551");
-  console.log("  \u2560\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2563");
-  console.log("  \u2551                                                  \u2551");
-  if (summary.bySeverity.critical > 0) {
-    console.log(`  \u2551   \u{1F534} Critical: ${summary.bySeverity.critical.toString().padEnd(33)} \u2551`);
+}
+
+// src/cli/commands/review.ts
+import { join as join13 } from "path";
+import { mkdirSync as mkdirSync6, writeFileSync as writeFileSync6 } from "fs";
+
+// src/engine/code-review.ts
+init_graph_utils();
+import { resolve as resolve9, basename as basename5, dirname as dirname4 } from "path";
+import { readFile as readFile10 } from "fs/promises";
+import { execFile } from "child_process";
+import { promisify } from "util";
+var exec = promisify(execFile);
+async function git(args, cwd) {
+  try {
+    const { stdout } = await exec("git", args, { cwd, maxBuffer: 10 * 1024 * 1024 });
+    return stdout.trim();
+  } catch {
+    return "";
   }
-  if (summary.bySeverity.high > 0) {
-    console.log(`  \u2551   \u{1F7E0} High:     ${summary.bySeverity.high.toString().padEnd(33)} \u2551`);
+}
+async function analyzeForReview(analysis, options = {}) {
+  const projectPath = resolve9(analysis.projectPath);
+  const baseBranch = options.baseBranch ?? "main";
+  const depth = options.depth ?? 2;
+  const maxPromptFiles = options.maxPromptFiles ?? 20;
+  const isRepo = await git(["rev-parse", "--is-inside-work-tree"], projectPath) === "true";
+  if (!isRepo) {
+    return emptyResult2(baseBranch);
   }
-  if (summary.bySeverity.medium > 0) {
-    console.log(`  \u2551   \u{1F7E1} Medium:   ${summary.bySeverity.medium.toString().padEnd(33)} \u2551`);
+  const branch = await git(["rev-parse", "--abbrev-ref", "HEAD"], projectPath);
+  const changedFiles = await getChangedFilesWithHunks(projectPath, baseBranch, analysis);
+  if (changedFiles.length === 0) {
+    return {
+      ...emptyResult2(baseBranch),
+      branch,
+      isGitRepo: true,
+      renderedSummary: "# Code Review\n\nNo changed files detected."
+    };
   }
-  if (summary.bySeverity.low > 0) {
-    console.log(`  \u2551   \u{1F535} Low:      ${summary.bySeverity.low.toString().padEnd(33)} \u2551`);
+  const totalLinesChanged = changedFiles.reduce((s, f) => s + f.linesAdded + f.linesRemoved, 0);
+  const breakingChanges = detectBreakingChanges(changedFiles, analysis);
+  const missingFiles = findMissingFiles(changedFiles, analysis, depth);
+  const impactRadius = computeImpactRadius(changedFiles, analysis, depth);
+  const reviewQuality = calculateReviewQuality(changedFiles, breakingChanges, missingFiles, impactRadius, totalLinesChanged);
+  const reviewPrompt = await generateReviewPrompt(changedFiles, breakingChanges, missingFiles, analysis, projectPath, maxPromptFiles);
+  const renderedSummary = renderReviewSummary(branch, baseBranch, changedFiles, breakingChanges, missingFiles, impactRadius, reviewQuality);
+  return {
+    branch,
+    baseBranch,
+    isGitRepo: true,
+    changedFiles,
+    totalLinesChanged,
+    breakingChanges,
+    missingFiles,
+    impactRadius,
+    reviewQuality,
+    reviewPrompt,
+    renderedSummary
+  };
+}
+async function getChangedFilesWithHunks(projectPath, baseBranch, analysis) {
+  const files = [];
+  const fileMap = new Map(analysis.files.map((f) => [f.relativePath, f]));
+  const numstat = await git(["diff", "--numstat", "HEAD"], projectPath);
+  const branchNumstat = await git(["diff", "--numstat", `${baseBranch}...HEAD`], projectPath);
+  const nameStatus = await git(["diff", "--name-status", `${baseBranch}...HEAD`], projectPath);
+  const changeTypes = /* @__PURE__ */ new Map();
+  for (const line of nameStatus.split("\n")) {
+    const parts = line.trim().split("	");
+    if (parts.length < 2) continue;
+    const status = parts[0];
+    const filePath = parts[parts.length - 1];
+    if (status === "A") changeTypes.set(filePath, "added");
+    else if (status === "D") changeTypes.set(filePath, "deleted");
+    else if (status.startsWith("R")) changeTypes.set(filePath, "renamed");
+    else changeTypes.set(filePath, "modified");
+  }
+  const allNumstat = (numstat + "\n" + branchNumstat).split("\n");
+  const seen = /* @__PURE__ */ new Set();
+  for (const line of allNumstat) {
+    const parts = line.trim().split("	");
+    if (parts.length < 3) continue;
+    const added = parts[0] === "-" ? 0 : parseInt(parts[0], 10) || 0;
+    const removed = parts[1] === "-" ? 0 : parseInt(parts[1], 10) || 0;
+    const filePath = parts[2];
+    if (!filePath || seen.has(filePath)) continue;
+    seen.add(filePath);
+    const af = fileMap.get(filePath);
+    const changeType = changeTypes.get(filePath) ?? "modified";
+    const hunks = await parseDiffHunks(projectPath, baseBranch, filePath);
+    const hasExportChanges = hunks.some(
+      (h) => h.additions.some((l) => /^\s*export\s/.test(l)) || h.deletions.some((l) => /^\s*export\s/.test(l))
+    );
+    const hasTypeChanges = hunks.some(
+      (h) => h.additions.some((l) => /^\s*(interface|type|enum)\s/.test(l)) || h.deletions.some((l) => /^\s*(interface|type|enum)\s/.test(l))
+    );
+    files.push({
+      relativePath: filePath,
+      changeType,
+      linesAdded: added,
+      linesRemoved: removed,
+      riskScore: af?.riskScore ?? 0,
+      kind: af?.kind ?? "unknown",
+      hunks,
+      hasExportChanges,
+      hasTypeChanges
+    });
   }
-  if (summary.totalFindings === 0) {
-    console.log("  \u2551   \u2705 No secrets or PII detected                  \u2551");
+  const workingNumstat = await git(["diff", "--numstat"], projectPath);
+  for (const line of workingNumstat.split("\n")) {
+    const parts = line.trim().split("	");
+    if (parts.length < 3) continue;
+    const filePath = parts[2];
+    if (!filePath || seen.has(filePath)) continue;
+    seen.add(filePath);
+    const af = fileMap.get(filePath);
+    const added = parts[0] === "-" ? 0 : parseInt(parts[0], 10) || 0;
+    const removed = parts[1] === "-" ? 0 : parseInt(parts[1], 10) || 0;
+    files.push({
+      relativePath: filePath,
+      changeType: "modified",
+      linesAdded: added,
+      linesRemoved: removed,
+      riskScore: af?.riskScore ?? 0,
+      kind: af?.kind ?? "unknown",
+      hunks: [],
+      hasExportChanges: false,
+      hasTypeChanges: false
+    });
   }
-  console.log("  \u2551                                                  \u2551");
-  if (Object.keys(summary.byType).length > 0) {
-    console.log("  \u2560\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2563");
-    console.log("  \u2551                                                  \u2551");
-    console.log("  \u2551   By type:                                       \u2551");
-    for (const [type, count] of Object.entries(summary.byType)) {
-      const label = type.padEnd(18);
-      console.log(`  \u2551     ${label} ${count.toString().padEnd(28)} \u2551`);
+  return files.sort((a, b) => b.riskScore - a.riskScore);
+}
+async function parseDiffHunks(projectPath, baseBranch, filePath) {
+  const diff = await git(["diff", "-U3", `${baseBranch}...HEAD`, "--", filePath], projectPath);
+  if (!diff) return [];
+  const hunks = [];
+  const lines = diff.split("\n");
+  let currentHunk = null;
+  for (const line of lines) {
+    const hunkMatch = line.match(/^@@\s+-(\d+)(?:,\d+)?\s+\+(\d+)(?:,\d+)?\s+@@\s*(.*)/);
+    if (hunkMatch) {
+      if (currentHunk) hunks.push(currentHunk);
+      currentHunk = {
+        startLine: parseInt(hunkMatch[2], 10),
+        endLine: parseInt(hunkMatch[2], 10),
+        header: hunkMatch[3] || "",
+        additions: [],
+        deletions: []
+      };
+      continue;
+    }
+    if (!currentHunk) continue;
+    if (line.startsWith("+") && !line.startsWith("+++")) {
+      currentHunk.additions.push(line.substring(1));
+      currentHunk.endLine++;
+    } else if (line.startsWith("-") && !line.startsWith("---")) {
+      currentHunk.deletions.push(line.substring(1));
+    } else if (!line.startsWith("\\")) {
+      if (currentHunk) currentHunk.endLine++;
     }
-    console.log("  \u2551                                                  \u2551");
   }
-  console.log("  \u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D");
-  if (findings.length > 0) {
-    console.log("");
-    console.log("  Findings:");
-    console.log("");
-    const shown = findings.slice(0, 15);
-    for (const f of shown) {
-      const icon = f.severity === "critical" ? "\u{1F534}" : f.severity === "high" ? "\u{1F7E0}" : f.severity === "medium" ? "\u{1F7E1}" : "\u{1F535}";
-      const sev = f.severity.toUpperCase().padEnd(8);
-      console.log(`  ${icon} ${sev} ${f.file}:${f.line}`);
-      console.log(`           ${f.type}: ${f.redacted}`);
+  if (currentHunk) hunks.push(currentHunk);
+  return hunks;
+}
+function detectBreakingChanges(changedFiles, analysis) {
+  const breaks = [];
+  const adj = buildAdjacencyList(analysis.graph.edges);
+  for (const file of changedFiles) {
+    if (file.changeType === "deleted") {
+      const dependents = findDependents(file.relativePath, analysis);
+      if (dependents.length > 0) {
+        breaks.push({
+          file: file.relativePath,
+          type: "export-removed",
+          severity: "critical",
+          description: `File deleted but ${dependents.length} files depend on it`,
+          affectedFiles: dependents
+        });
+      }
+      continue;
     }
-    if (findings.length > 15) {
-      console.log(`  ... and ${findings.length - 15} more (see .cto/audit/ for full report)`);
+    for (const hunk of file.hunks) {
+      for (const del of hunk.deletions) {
+        const exportMatch = del.match(/^\s*export\s+(function|const|class|type|interface|enum)\s+(\w+)/);
+        if (exportMatch) {
+          const [, kind, name] = exportMatch;
+          const wasReAdded = hunk.additions.some(
+            (a) => new RegExp(`export\\s+${kind}\\s+${name}\\b`).test(a)
+          );
+          if (!wasReAdded) {
+            const dependents = findDependents(file.relativePath, analysis);
+            breaks.push({
+              file: file.relativePath,
+              type: kind === "type" || kind === "interface" ? "type-changed" : "export-removed",
+              severity: dependents.length > 3 ? "critical" : dependents.length > 0 ? "high" : "medium",
+              description: `Removed export ${kind} ${name}`,
+              affectedFiles: dependents
+            });
+          }
+        }
+        const propMatch = del.match(/^\s+(\w+)\s*[?:].*[;,]?\s*$/);
+        if (propMatch && file.hasTypeChanges) {
+          const propName = propMatch[1];
+          const wasReAdded = hunk.additions.some(
+            (a) => new RegExp(`\\b${propName}\\s*[?:]`).test(a)
+          );
+          if (!wasReAdded) {
+            breaks.push({
+              file: file.relativePath,
+              type: "interface-changed",
+              severity: "high",
+              description: `Removed property "${propName}" from type/interface`,
+              affectedFiles: findDependents(file.relativePath, analysis)
+            });
+          }
+        }
+      }
+      for (const add of hunk.additions) {
+        const fnMatch = add.match(/^\s*export\s+(async\s+)?function\s+(\w+)\s*\(([^)]*)\)/);
+        if (fnMatch) {
+          const [, , fnName, newParams] = fnMatch;
+          for (const del of hunk.deletions) {
+            const origMatch = del.match(new RegExp(`export\\s+(async\\s+)?function\\s+${fnName}\\s*\\(([^)]*)\\)`));
+            if (origMatch) {
+              const oldParams = origMatch[2];
+              if (oldParams !== newParams) {
+                const oldCount = oldParams.split(",").filter((p) => p.trim()).length;
+                const newCount = newParams.split(",").filter((p) => p.trim()).length;
+                if (oldCount !== newCount || !paramsCompatible(oldParams, newParams)) {
+                  breaks.push({
+                    file: file.relativePath,
+                    type: "function-signature",
+                    severity: "high",
+                    description: `Function "${fnName}" signature changed: (${oldParams.trim()}) \u2192 (${newParams.trim()})`,
+                    affectedFiles: findDependents(file.relativePath, analysis)
+                  });
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+  return breaks.sort((a, b) => {
+    const sev = { critical: 0, high: 1, medium: 2 };
+    return sev[a.severity] - sev[b.severity];
+  });
+}
+function paramsCompatible(oldParams, newParams) {
+  const oldParts = oldParams.split(",").map((p) => p.trim().split(":")[0].trim().replace("?", ""));
+  const newParts = newParams.split(",").map((p) => p.trim().split(":")[0].trim().replace("?", ""));
+  let j = 0;
+  for (let i = 0; i < oldParts.length && j < newParts.length; i++) {
+    if (oldParts[i] === newParts[j]) j++;
+  }
+  return j >= oldParts.length;
+}
+function findDependents(filePath, analysis) {
+  return analysis.files.filter((f) => f.imports.includes(filePath) || f.imports.some((imp) => imp.endsWith(filePath))).map((f) => f.relativePath);
+}
+function findMissingFiles(changedFiles, analysis, depth) {
+  const missing = [];
+  const changedPaths = new Set(changedFiles.map((f) => f.relativePath));
+  const fileMap = new Map(analysis.files.map((f) => [f.relativePath, f]));
+  for (const changed of changedFiles) {
+    if (changed.changeType === "deleted") continue;
+    const af = fileMap.get(changed.relativePath);
+    if (!af) continue;
+    if (changed.hasTypeChanges || changed.hasExportChanges) {
+      const dir2 = dirname4(changed.relativePath);
+      const base = basename5(changed.relativePath).replace(/\.[^.]+$/, "");
+      const typeVariants = [
+        `${dir2}/${base}.types.ts`,
+        `${dir2}/${base}.types.tsx`,
+        `${dir2}/types.ts`,
+        `${dir2}/types/${base}.ts`,
+        `${dir2}/index.d.ts`
+      ];
+      for (const variant of typeVariants) {
+        if (fileMap.has(variant) && !changedPaths.has(variant)) {
+          missing.push({
+            file: variant,
+            reason: `Type file for ${changed.relativePath} \u2014 may need updates`,
+            severity: changed.hasExportChanges ? "high" : "medium",
+            relatedChangedFile: changed.relativePath,
+            relationship: "sibling-type"
+          });
+        }
+      }
+    }
+    const testVariants = [
+      changed.relativePath.replace(/\.([^.]+)$/, ".test.$1"),
+      changed.relativePath.replace(/\.([^.]+)$/, ".spec.$1"),
+      changed.relativePath.replace(/^src\//, "tests/").replace(/\.([^.]+)$/, ".test.$1"),
+      changed.relativePath.replace(/^src\//, "__tests__/").replace(/\.([^.]+)$/, ".test.$1")
+    ];
+    for (const testPath of testVariants) {
+      if (fileMap.has(testPath) && !changedPaths.has(testPath)) {
+        missing.push({
+          file: testPath,
+          reason: `Test file for ${changed.relativePath} \u2014 should be updated`,
+          severity: "medium",
+          relatedChangedFile: changed.relativePath,
+          relationship: "test"
+        });
+        break;
+      }
+    }
+    if (changed.hasExportChanges) {
+      const importers = analysis.files.filter(
+        (f) => f.imports.includes(af.relativePath) && !changedPaths.has(f.relativePath)
+      );
+      for (const importer of importers.slice(0, 5)) {
+        missing.push({
+          file: importer.relativePath,
+          reason: `Imports ${changed.relativePath} which has export changes`,
+          severity: "high",
+          relatedChangedFile: changed.relativePath,
+          relationship: "imported-by"
+        });
+      }
+    }
+    const dir = dirname4(changed.relativePath);
+    const indexFile = `${dir}/index.ts`;
+    if (fileMap.has(indexFile) && !changedPaths.has(indexFile) && changed.hasExportChanges) {
+      missing.push({
+        file: indexFile,
+        reason: `Barrel export may need updating after changes to ${changed.relativePath}`,
+        severity: "medium",
+        relatedChangedFile: changed.relativePath,
+        relationship: "co-located"
+      });
+    }
+  }
+  const seen = /* @__PURE__ */ new Set();
+  return missing.filter((m) => {
+    if (seen.has(m.file)) return false;
+    seen.add(m.file);
+    return true;
+  }).sort((a, b) => {
+    const sev = { high: 0, medium: 1, low: 2 };
+    return sev[a.severity] - sev[b.severity];
+  });
+}
+function computeImpactRadius(changedFiles, analysis, depth) {
+  const changedPaths = changedFiles.map((f) => f.relativePath);
+  const adj = buildAdjacencyList(analysis.graph.edges);
+  const direct = /* @__PURE__ */ new Set();
+  for (const path of changedPaths) {
+    const importers = adj.reverse.get(path) ?? [];
+    const imports = adj.forward.get(path) ?? [];
+    for (const n of [...importers, ...imports]) {
+      if (!changedPaths.includes(n)) direct.add(n);
     }
   }
-  if (recommendations.length > 0) {
-    console.log("");
-    console.log("  Recommendations:");
-    console.log("");
-    for (const rec of recommendations) {
-      const icon = rec.startsWith("CRITICAL") ? "\u{1F6A8}" : "\u{1F4A1}";
-      console.log(`  ${icon} ${rec}`);
+  const allAffected = bfsBidirectional(changedPaths, adj, depth);
+  const transitive = /* @__PURE__ */ new Set();
+  for (const path of allAffected) {
+    if (!changedPaths.includes(path) && !direct.has(path)) {
+      transitive.add(path);
     }
   }
-  const ctoDir = join8(projectPath, ".cto");
-  const auditDir = join8(ctoDir, "audit");
-  mkdirSync3(auditDir, { recursive: true });
-  const now = /* @__PURE__ */ new Date();
-  const dateStr = now.toISOString().split("T")[0];
-  const logFile = join8(auditDir, `${dateStr}.jsonl`);
-  const logEntry = {
-    timestamp: now.toISOString(),
-    version: "3.2.0",
-    summary: {
-      filesScanned: summary.filesScanned,
-      filesWithSecrets: summary.filesWithSecrets,
-      totalFindings: summary.totalFindings,
-      bySeverity: summary.bySeverity,
-      byType: summary.byType
-    },
-    findings: findings.map((f) => ({
-      type: f.type,
-      file: f.file,
-      line: f.line,
-      severity: f.severity,
-      redacted: f.redacted
-    }))
+  const affectedTests = [...allAffected].filter((p) => {
+    const f = analysis.files.find((af) => af.relativePath === p);
+    return f?.kind === "test";
+  }).length;
+  const hotspots = changedFiles.map((f) => ({
+    file: f.relativePath,
+    dependents: adj.reverse.get(f.relativePath)?.length ?? 0,
+    riskScore: f.riskScore
+  })).sort((a, b) => b.dependents * b.riskScore - a.dependents * a.riskScore).slice(0, 5);
+  const totalAffected = direct.size + transitive.size;
+  const maxRisk = Math.max(...changedFiles.map((f) => f.riskScore), 0);
+  const avgRisk = changedFiles.length > 0 ? changedFiles.reduce((s, f) => s + f.riskScore, 0) / changedFiles.length : 0;
+  const riskScore = Math.min(100, Math.round(
+    avgRisk * 0.3 + maxRisk * 0.2 + Math.min(100, totalAffected * 3) * 0.3 + Math.min(100, changedFiles.length * 5) * 0.2
+  ));
+  return {
+    directlyAffected: direct.size,
+    transitivelyAffected: transitive.size,
+    totalAffected,
+    affectedTests,
+    riskScore,
+    hotspots
   };
-  appendFileSync2(logFile, JSON.stringify(logEntry) + "\n");
-  let report = `# Security Audit Report
-
-`;
-  report += `> Generated by cto-ai-cli on ${now.toISOString()}
-
-`;
-  report += `## Summary
-
-`;
-  report += `| Metric | Value |
-`;
-  report += `|--------|-------|
-`;
-  report += `| Files scanned | ${summary.filesScanned} |
-`;
-  report += `| Files with issues | ${summary.filesWithSecrets} |
-`;
-  report += `| Total findings | ${summary.totalFindings} |
-`;
-  report += `| Critical | ${summary.bySeverity.critical} |
-`;
-  report += `| High | ${summary.bySeverity.high} |
-`;
-  report += `| Medium | ${summary.bySeverity.medium} |
-
-`;
-  if (findings.length > 0) {
-    report += `## Findings
-
-`;
-    report += `| Severity | Type | File | Line | Redacted |
-`;
-    report += `|----------|------|------|------|----------|
-`;
-    for (const f of findings) {
-      report += `| ${f.severity} | ${f.type} | ${f.file} | ${f.line} | \`${f.redacted.slice(0, 30)}\` |
-`;
+}
+function calculateReviewQuality(changedFiles, breakingChanges, missingFiles, impactRadius, totalLinesChanged) {
+  const factors = [];
+  const sizeScore = totalLinesChanged <= 50 ? 100 : totalLinesChanged <= 200 ? 85 : totalLinesChanged <= 500 ? 65 : totalLinesChanged <= 1e3 ? 40 : 20;
+  factors.push({
+    name: "PR Size",
+    score: sizeScore,
+    weight: 0.25,
+    detail: `${totalLinesChanged} lines changed \u2014 ${sizeScore >= 80 ? "easy" : sizeScore >= 50 ? "manageable" : "too large"} to review`
+  });
+  const focusScore = changedFiles.length <= 3 ? 100 : changedFiles.length <= 8 ? 80 : changedFiles.length <= 15 ? 55 : 25;
+  factors.push({
+    name: "Focus",
+    score: focusScore,
+    weight: 0.2,
+    detail: `${changedFiles.length} files \u2014 ${focusScore >= 80 ? "focused" : focusScore >= 50 ? "moderate scope" : "unfocused"}`
+  });
+  const criticalBreaks = breakingChanges.filter((b) => b.severity === "critical").length;
+  const highBreaks = breakingChanges.filter((b) => b.severity === "high").length;
+  const breakScore = criticalBreaks > 0 ? 10 : highBreaks > 2 ? 30 : highBreaks > 0 ? 60 : breakingChanges.length > 0 ? 80 : 100;
+  factors.push({
+    name: "Breaking Changes",
+    score: breakScore,
+    weight: 0.25,
+    detail: `${breakingChanges.length} breaking changes (${criticalBreaks} critical, ${highBreaks} high)`
+  });
+  const highMissing = missingFiles.filter((m) => m.severity === "high").length;
+  const completenessScore = highMissing > 3 ? 20 : highMissing > 0 ? 50 : missingFiles.length > 3 ? 65 : missingFiles.length > 0 ? 80 : 100;
+  factors.push({
+    name: "Completeness",
+    score: completenessScore,
+    weight: 0.15,
+    detail: `${missingFiles.length} potentially missing files (${highMissing} high priority)`
+  });
+  const radiusScore = impactRadius.totalAffected <= 5 ? 100 : impactRadius.totalAffected <= 15 ? 75 : impactRadius.totalAffected <= 30 ? 50 : 25;
+  factors.push({
+    name: "Blast Radius",
+    score: radiusScore,
+    weight: 0.15,
+    detail: `${impactRadius.totalAffected} files affected (${impactRadius.directlyAffected} direct, ${impactRadius.transitivelyAffected} transitive)`
+  });
+  const overall = Math.round(factors.reduce((s, f) => s + f.score * f.weight, 0));
+  const grade = overall >= 95 ? "A+" : overall >= 90 ? "A" : overall >= 85 ? "A-" : overall >= 80 ? "B+" : overall >= 75 ? "B" : overall >= 70 ? "B-" : overall >= 65 ? "C+" : overall >= 60 ? "C" : overall >= 55 ? "C-" : overall >= 50 ? "D+" : overall >= 45 ? "D" : overall >= 40 ? "D-" : "F";
+  return { score: overall, grade, factors };
+}
+async function generateReviewPrompt(changedFiles, breakingChanges, missingFiles, analysis, projectPath, maxFiles) {
+  const lines = [];
+  lines.push("# Code Review Context");
+  lines.push("");
+  lines.push("## Project: " + analysis.projectName);
+  lines.push("## Stack: " + analysis.stack.join(", "));
+  lines.push("");
+  if (breakingChanges.length > 0) {
+    lines.push("## \u26A0\uFE0F BREAKING CHANGES DETECTED");
+    lines.push("");
+    for (const bc of breakingChanges) {
+      lines.push("- **" + bc.severity.toUpperCase() + "** " + bc.file + ": " + bc.description);
+      if (bc.affectedFiles.length > 0) {
+        lines.push("  Affected: " + bc.affectedFiles.slice(0, 5).join(", "));
+      }
     }
-    report += "\n";
+    lines.push("");
   }
-  if (recommendations.length > 0) {
-    report += `## Recommendations
-
-`;
-    for (const rec of recommendations) {
-      report += `- ${rec}
-`;
+  if (missingFiles.length > 0) {
+    lines.push("## \u{1F4CB} Potentially Missing Files");
+    lines.push("");
+    for (const mf of missingFiles.slice(0, 10)) {
+      lines.push("- " + mf.file + " \u2014 " + mf.reason);
     }
+    lines.push("");
   }
-  writeFileSync2(join8(auditDir, "report.md"), report);
-  const envSecrets = findings.filter(
-    (f) => f.type === "env-variable" || f.type === "password" || f.type === "api-key" || f.type === "aws-key" || f.type === "connection-string"
-  );
-  if (envSecrets.length > 0) {
-    const envVarNames = /* @__PURE__ */ new Set();
-    for (const f of envSecrets) {
-      const varMatch = f.match.match(/^([A-Z_][A-Z0-9_]*)\s*[:=]/i);
-      if (varMatch) {
-        envVarNames.add(varMatch[1].toUpperCase());
-      } else {
-        const name = f.type.toUpperCase().replace(/-/g, "_");
-        envVarNames.add(name);
+  lines.push("## Changed Files");
+  lines.push("");
+  const topFiles = changedFiles.slice(0, maxFiles);
+  for (const file of topFiles) {
+    const icon = file.changeType === "added" ? "\u{1F195}" : file.changeType === "deleted" ? "\u{1F5D1}\uFE0F" : "\u{1F4DD}";
+    lines.push("### " + icon + " " + file.relativePath + " (risk: " + file.riskScore + ", " + file.kind + ")");
+    lines.push("+" + file.linesAdded + "/-" + file.linesRemoved + " lines");
+    lines.push("");
+    if (file.riskScore >= 40 && file.changeType !== "deleted") {
+      try {
+        const content = await readFile10(resolve9(projectPath, file.relativePath), "utf-8");
+        const ext = file.relativePath.split(".").pop() ?? "";
+        const maxChars = 4e3;
+        const truncated = content.length > maxChars;
+        lines.push("```" + ext);
+        lines.push(content.slice(0, maxChars));
+        if (truncated) lines.push("// ... [truncated]");
+        lines.push("```");
+        lines.push("");
+      } catch {
       }
     }
-    if (envVarNames.size > 0) {
-      let envExample = "# Environment variables \u2014 NEVER commit real values\n";
-      envExample += "# Generated by cto-ai-cli --audit\n\n";
-      for (const name of envVarNames) {
-        envExample += `${name}=your_${name.toLowerCase()}_here
-`;
-      }
-      writeFileSync2(join8(ctoDir, ".env.example"), envExample);
+  }
+  lines.push("## Review Instructions");
+  lines.push("");
+  lines.push("1. Check breaking changes above for correctness");
+  lines.push("2. Verify all affected files have been updated");
+  lines.push("3. Review changed files for bugs, security issues, and code quality");
+  lines.push("4. Ensure tests cover the changes");
+  if (missingFiles.length > 0) {
+    lines.push('5. Consider whether the "potentially missing files" need updates');
+  }
+  return lines.join("\n");
+}
+function renderReviewSummary(branch, baseBranch, changedFiles, breakingChanges, missingFiles, impactRadius, reviewQuality) {
+  const lines = [];
+  const qIcon = reviewQuality.score >= 80 ? "\u{1F7E2}" : reviewQuality.score >= 60 ? "\u{1F7E1}" : "\u{1F534}";
+  lines.push("");
+  lines.push("  \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+  lines.push("  " + qIcon + " Code Review: " + reviewQuality.score + "/100 (" + reviewQuality.grade + ")");
+  lines.push("  \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+  lines.push("");
+  lines.push("  Branch: " + branch + " \u2190 " + baseBranch);
+  lines.push("  Files: " + changedFiles.length + " changed");
+  lines.push("  Lines: +" + changedFiles.reduce((s, f) => s + f.linesAdded, 0) + "/-" + changedFiles.reduce((s, f) => s + f.linesRemoved, 0));
+  lines.push("");
+  for (const f of reviewQuality.factors) {
+    const icon = f.score >= 80 ? "\u2705" : f.score >= 50 ? "\u26A0\uFE0F" : "\u274C";
+    lines.push("  " + icon + " " + f.name + ": " + f.score + "/100 \u2014 " + f.detail);
+  }
+  if (breakingChanges.length > 0) {
+    lines.push("");
+    lines.push("  \u26A0\uFE0F  BREAKING CHANGES (" + breakingChanges.length + "):");
+    for (const bc of breakingChanges.slice(0, 5)) {
+      const icon = bc.severity === "critical" ? "\u{1F534}" : bc.severity === "high" ? "\u{1F7E0}" : "\u{1F7E1}";
+      lines.push("    " + icon + " " + bc.file + ": " + bc.description);
     }
   }
-  console.log("");
-  console.log("  \u{1F4C1} Audit artifacts:");
-  console.log(`  \u{1F4CB} .cto/audit/${dateStr}.jsonl   Audit log (append-only)`);
-  console.log("  \u{1F4CA} .cto/audit/report.md         Full report");
-  if (envSecrets.length > 0) {
-    console.log("  \u{1F4DD} .cto/.env.example            Template for environment variables");
+  if (missingFiles.length > 0) {
+    lines.push("");
+    lines.push("  \u{1F4CB} Potentially missing (" + missingFiles.length + "):");
+    for (const mf of missingFiles.slice(0, 5)) {
+      lines.push("    \u2192 " + mf.file + " (" + mf.reason + ")");
+    }
   }
-  console.log("");
-  if (process.env.CI && (summary.bySeverity.critical > 0 || summary.bySeverity.high > 0)) {
-    console.log("  \u274C CI mode: Failing due to critical/high severity findings.");
-    process.exit(1);
+  lines.push("");
+  lines.push("  \u{1F4A5} Impact: " + impactRadius.totalAffected + " files affected (" + impactRadius.directlyAffected + " direct, " + impactRadius.transitivelyAffected + " transitive)");
+  if (impactRadius.affectedTests > 0) {
+    lines.push("  \u{1F9EA} Tests: " + impactRadius.affectedTests + " test files in blast radius");
+  }
+  if (impactRadius.hotspots.length > 0) {
+    lines.push("");
+    lines.push("  \u{1F525} Hotspots:");
+    for (const h of impactRadius.hotspots.slice(0, 3)) {
+      lines.push("    " + h.file + " (risk: " + h.riskScore + ", " + h.dependents + " dependents)");
+    }
   }
+  lines.push("");
+  return lines.join("\n");
 }
-function formatTokens(n) {
-  if (n >= 1e6) return `${(n / 1e6).toFixed(1)}M`;
-  if (n >= 1e3) return `${(n / 1e3).toFixed(1)}K`;
-  return n.toString();
+function emptyResult2(baseBranch) {
+  return {
+    branch: "",
+    baseBranch,
+    isGitRepo: false,
+    changedFiles: [],
+    totalLinesChanged: 0,
+    breakingChanges: [],
+    missingFiles: [],
+    impactRadius: {
+      directlyAffected: 0,
+      transitivelyAffected: 0,
+      totalAffected: 0,
+      affectedTests: 0,
+      riskScore: 0,
+      hotspots: []
+    },
+    reviewQuality: {
+      score: 0,
+      grade: "F",
+      factors: []
+    },
+    reviewPrompt: "",
+    renderedSummary: "# Code Review\n\nNot a git repository."
+  };
 }
-async function runMonorepo(projectPath, analysis, targetPackage, jsonMode) {
-  const mono = await analyzeMonorepo(projectPath, analysis);
+
+// src/cli/commands/review.ts
+async function runReview(projectPath, analysis, jsonMode) {
+  const result = await analyzeForReview(analysis);
   if (jsonMode) {
-    if (targetPackage) {
-      const pkgCtx = selectPackageContext(mono, targetPackage);
-      console.log(JSON.stringify({ monorepo: mono, packageContext: pkgCtx }, null, 2));
-    } else {
-      console.log(JSON.stringify(mono, null, 2));
-    }
+    console.log(JSON.stringify({
+      branch: result.branch,
+      baseBranch: result.baseBranch,
+      changedFiles: result.changedFiles.length,
+      totalLinesChanged: result.totalLinesChanged,
+      breakingChanges: result.breakingChanges,
+      missingFiles: result.missingFiles,
+      impactRadius: result.impactRadius,
+      reviewQuality: result.reviewQuality
+    }, null, 2));
     return;
   }
-  console.log(renderMonorepoAnalysis(mono));
-  if (targetPackage && mono.detected) {
-    const pkgCtx = selectPackageContext(mono, targetPackage);
-    console.log(renderPackageContext(pkgCtx));
-  }
+  console.log(result.renderedSummary);
+  const ctoDir = join13(projectPath, ".cto");
+  mkdirSync6(ctoDir, { recursive: true });
+  writeFileSync6(join13(ctoDir, "review-prompt.md"), result.reviewPrompt);
+  console.log("  \u{1F4CB} Review prompt saved: .cto/review-prompt.md");
+  console.log("     Paste it into Claude/Cursor for an AI-powered code review.");
+  console.log("");
 }
-async function runCIGate(projectPath, analysis, score, threshold, jsonMode) {
-  const filePaths = analysis.files.map((f) => f.path);
-  const auditResult = await auditProject(projectPath, filePaths, { includePII: false });
-  const result = await runQualityGate(score, analysis, auditResult.findings, { threshold });
-  await saveBaseline(projectPath, score);
-  if (jsonMode) {
-    console.log(JSON.stringify(result, null, 2));
-    if (!result.passed) process.exit(1);
-    return;
+
+// src/cli/commands/gateway.ts
+async function runGateway(args, projectPath) {
+  const { ContextGateway: ContextGateway2 } = await Promise.resolve().then(() => (init_server(), server_exports));
+  const { DEFAULT_GATEWAY_CONFIG: DEFAULT_GATEWAY_CONFIG2 } = await Promise.resolve().then(() => (init_types(), types_exports));
+  const getArg = (flag) => {
+    const idx = args.indexOf(flag);
+    return idx !== -1 && args[idx + 1] ? args[idx + 1] : void 0;
+  };
+  const gwConfig = { projectPath };
+  const port = getArg("--port");
+  if (port) gwConfig.port = parseInt(port, 10);
+  const budgetDaily = getArg("--budget-daily");
+  if (budgetDaily) gwConfig.budgetDaily = parseFloat(budgetDaily);
+  const budgetMonthly = getArg("--budget-monthly");
+  if (budgetMonthly) gwConfig.budgetMonthly = parseFloat(budgetMonthly);
+  const apiKey = getArg("--api-key");
+  if (apiKey) gwConfig.apiKey = apiKey;
+  if (args.includes("--block-secrets")) gwConfig.blockOnSecrets = true;
+  if (args.includes("--no-optimize")) gwConfig.optimize = false;
+  if (args.includes("--no-redact")) gwConfig.redactSecrets = false;
+  if (args.includes("--no-dashboard")) gwConfig.dashboard = false;
+  const finalConfig = { ...DEFAULT_GATEWAY_CONFIG2, ...gwConfig };
+  const gateway = new ContextGateway2(finalConfig);
+  gateway.onEvent((event) => {
+    const ts = (/* @__PURE__ */ new Date()).toLocaleTimeString();
+    switch (event.type) {
+      case "request": {
+        const r = event.record;
+        const saved = r.savedTokens > 0 ? ` (saved ${(r.savedTokens / 1e3).toFixed(1)}K)` : "";
+        const secrets = r.secretsRedacted > 0 ? ` [${r.secretsRedacted} redacted]` : "";
+        console.log(`  ${ts}  ${r.provider}/${r.model}  $${r.costUSD.toFixed(4)}${saved}${secrets}  ${r.latencyMs}ms`);
+        break;
+      }
+      case "budget-alert":
+        console.log(`  \u26A0\uFE0F  ${ts}  Budget alert: $${event.current.toFixed(2)}/$${event.limit.toFixed(2)} (${event.period})`);
+        break;
+      case "budget-exceeded":
+        console.log(`  \u{1F534}  ${ts}  Budget EXCEEDED: $${event.current.toFixed(2)}/$${event.limit.toFixed(2)} (${event.period})`);
+        break;
+      case "error":
+        console.log(`  \u274C  ${ts}  ${event.message}`);
+        break;
+    }
+  });
+  console.log("");
+  console.log("  \u26A1 CTO Context Gateway v5.0.0");
+  console.log("");
+  await gateway.start();
+  console.log(`  \u{1F310} Proxy:      http://${finalConfig.host}:${finalConfig.port}`);
+  if (finalConfig.dashboard) {
+    console.log(`  \u{1F4CA} Dashboard:  http://${finalConfig.host}:${finalConfig.port}${finalConfig.dashboardPath}`);
   }
+  console.log(`  \u{1F4C1} Project:    ${finalConfig.projectPath}`);
   console.log("");
-  console.log("  \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
-  console.log(`  \u{1F6A6} Quality Gate: ${result.passed ? "\u2705 PASSED" : "\u274C FAILED"}`);
-  console.log("  \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+  console.log("  Waiting for requests... (Ctrl+C to stop)");
   console.log("");
-  for (const check of result.checks) {
-    const icon = check.passed ? "\u2705" : check.severity === "warning" ? "\u26A0\uFE0F" : "\u274C";
-    console.log(`  ${icon} ${check.name}: ${check.detail}`);
+  await new Promise(() => {
+  });
+}
+
+// src/cli/score.ts
+var log4 = createLogger("cli");
+function parseArgs(argv) {
+  const args = argv.slice(2);
+  const has = (flag) => args.includes(flag);
+  const getVal = (flag, fallback) => {
+    const idx = args.indexOf(flag);
+    return idx !== -1 && args[idx + 1] ? args[idx + 1] : fallback;
+  };
+  const getInt = (flag, fallback) => {
+    const v = getVal(flag);
+    return v ? parseInt(v, 10) : fallback;
+  };
+  const contextTask = getVal("--context") ?? null;
+  const targetPackage = getVal("--package") ?? null;
+  const pathArg = args.find((a) => !a.startsWith("--") && !a.startsWith("-") && a !== contextTask && a !== targetPackage);
+  return {
+    args,
+    projectPath: resolve11(pathArg ?? "."),
+    jsonMode: has("--json"),
+    benchmarkMode: has("--benchmark"),
+    fixMode: has("--fix"),
+    reportMode: has("--report"),
+    compareMode: has("--compare"),
+    auditMode: has("--audit"),
+    initHookMode: has("--init-hook"),
+    fullScanMode: has("--full-scan"),
+    noAllowlistMode: has("--no-allowlist"),
+    monorepoMode: has("--monorepo"),
+    gatewayMode: has("--gateway"),
+    ciMode: has("--ci"),
+    learnMode: has("--learn") || has("--feedback"),
+    predictMode: has("--predict"),
+    reviewMode: has("--review"),
+    helpMode: has("--help") || has("-h"),
+    threshold: getInt("--threshold", 70),
+    contextTask,
+    targetPackage
+  };
+}
+function showHelp() {
+  console.log(`
+  \u26A1 cto-ai-cli \u2014 How AI-ready is your codebase?
+
+  Usage:
+    npx cto-ai-cli [path]                        Score a project
+    npx cto-ai-cli --fix                         Auto-generate optimized context
+    npx cto-ai-cli --context "task"              Task-specific context
+    npx cto-ai-cli --audit                       Security audit
+    npx cto-ai-cli --review                      PR review analysis
+    npx cto-ai-cli --ci --threshold 80           CI quality gate
+    npx cto-ai-cli --monorepo                    Monorepo analysis
+    npx cto-ai-cli --gateway                     Start AI proxy
+    npx cto-ai-cli --learn                       Learning mode
+    npx cto-ai-cli --predict                     File predictions
+    npx cto-ai-cli --benchmark                   CTO vs naive comparison
+    npx cto-ai-cli --report                      Markdown report + badge
+    npx cto-ai-cli --compare                     Compare vs popular projects
+    npx cto-ai-cli --json                        JSON output
+
+  No data leaves your machine. No API keys. MIT licensed.
+  https://npmjs.com/package/cto-ai-cli
+`);
+}
+async function main() {
+  const flags = parseArgs(process.argv);
+  if (flags.helpMode) {
+    showHelp();
+    process.exit(0);
   }
-  if (result.delta !== null) {
-    const arrow = result.delta >= 0 ? "\u2191" : "\u2193";
-    console.log("");
-    console.log(`  \u{1F4CA} Score: ${result.score}/100 (${result.grade}) ${arrow} ${Math.abs(result.delta)} from baseline`);
+  if (flags.gatewayMode) {
+    await runGateway(flags.args, flags.projectPath);
+    return;
   }
   console.log("");
-  console.log("  \u{1F4CB} Baseline saved to .cto/baseline.json");
+  console.log("  \u26A1 cto-score \u2014 analyzing your project...");
   console.log("");
-  if (!result.passed) {
-    console.log("  \u274C Quality gate failed. Fix the issues above and re-run.");
+  try {
+    const startTime = Date.now();
+    const analysis = await analyzeProject(flags.projectPath);
+    const score = await computeContextScore(analysis);
+    const elapsed = ((Date.now() - startTime) / 1e3).toFixed(1);
+    log4.debug("Analysis complete", { files: analysis.totalFiles, elapsed });
+    const hasModeFlag = flags.learnMode || flags.predictMode || flags.reviewMode || flags.ciMode;
+    if (flags.jsonMode && !hasModeFlag) {
+      console.log(JSON.stringify({
+        project: analysis.projectName,
+        files: analysis.totalFiles,
+        tokens: analysis.totalTokens,
+        score: score.overall,
+        grade: score.grade,
+        dimensions: {
+          efficiency: score.dimensions.efficiency.score,
+          coverage: score.dimensions.coverage.score,
+          riskControl: score.dimensions.riskControl.score,
+          structure: score.dimensions.structure.score,
+          governance: score.dimensions.governance.score
+        },
+        savings: {
+          percent: score.comparison.savedPercent,
+          monthlyUSD: score.comparison.monthlySavingsUSD,
+          tokensOptimized: score.comparison.optimizedTokens,
+          tokensNaive: score.comparison.naiveTokens
+        }
+      }, null, 2));
+      process.exit(0);
+    }
+    if (!(flags.jsonMode && hasModeFlag)) {
+      console.log(renderContextScore(score));
+    }
+    if (flags.benchmarkMode) {
+      const b = await runBenchmark(analysis);
+      console.log(renderBenchmark(b));
+    }
+    if (flags.fixMode) await runFix(flags.projectPath, analysis, score);
+    if (flags.contextTask) await runContext(flags.projectPath, analysis, flags.contextTask);
+    if (flags.reportMode) await runReport(flags.projectPath, analysis, score);
+    if (flags.compareMode) runCompare(score);
+    if (flags.auditMode) await runAudit(flags.projectPath, analysis, { initHookMode: flags.initHookMode, fullScanMode: flags.fullScanMode, noAllowlistMode: flags.noAllowlistMode });
+    if (flags.monorepoMode) await runMonorepo(flags.projectPath, analysis, flags.targetPackage, flags.jsonMode);
+    if (flags.ciMode) await runCIGate(flags.projectPath, analysis, score, flags.threshold, flags.jsonMode);
+    if (flags.learnMode) await runLearn(flags.projectPath, analysis, flags.jsonMode);
+    if (flags.predictMode) await runPredict(flags.projectPath, analysis, flags.contextTask ?? "general code review", flags.jsonMode);
+    if (flags.reviewMode) await runReview(flags.projectPath, analysis, flags.jsonMode);
+    if (flags.jsonMode && hasModeFlag) {
+      process.exit(0);
+    }
+    console.log("");
+    console.log(`  Scanned in ${elapsed}s \xB7 ${analysis.totalFiles} files \xB7 ${Math.round(analysis.totalTokens / 1e3)}K tokens`);
+    console.log("");
+    console.log("  What does this mean?");
+    console.log(`    Your project scores ${score.overall}/100 (${score.grade}) for AI context efficiency.`);
+    if (score.overall >= 80) console.log("    \u2705 Great! AI tools can work effectively with your codebase.");
+    else if (score.overall >= 60) console.log("    \u{1F7E1} Good, but there's room to improve. Run with --fix to auto-optimize.");
+    else console.log("    \u{1F534} AI tools are likely wasting tokens on your project. Run with --fix.");
+    console.log("");
+    console.log("  Next steps:");
+    console.log("    npx cto-ai-cli --fix                  Auto-generate optimized context");
+    console.log('    npx cto-ai-cli --context "your task"  Task-specific context for Claude/Cursor');
+    console.log("    npx cto-ai-cli --report               Shareable report + badge");
+    console.log("");
+  } catch (err) {
+    const message = err instanceof CtoError ? `[${err.code}] ${err.message}` : err instanceof Error ? err.message : String(err);
+    log4.error("CLI failed", { error: message });
+    console.error(`  \u274C Error: ${message}`);
+    console.error("");
+    console.error("  Make sure you're running this in a project directory with source files.");
+    console.error("  Supported: TypeScript, JavaScript, Python, Go, Rust, Java, C/C++");
     process.exit(1);
   }
 }