cto-ai-cli 5.1.0 → 6.1.0

package/dist/cli/v2/index.js

@@ -1,3695 +0,0 @@
-#!/usr/bin/env node
-
-// src/cli/v2/index.ts
-import { Command as Command7 } from "commander";
-import chalk7 from "chalk";
-
-// src/cli/v2/init.ts
-import { Command } from "commander";
-import chalk from "chalk";
-import { resolve, join as join2 } from "path";
-import { writeFile as writeFile2 } from "fs/promises";
-
-// src/engine/config.ts
-import { readFile, writeFile, mkdir } from "fs/promises";
-import { join } from "path";
-import { existsSync } from "fs";
-import { parse as parseYAML, stringify as stringifyYAML } from "yaml";
-
-// src/types/config.ts
-var DEFAULT_CONFIG = {
-  version: "2.0",
-  analysis: {
-    extensions: {
-      code: ["ts", "tsx", "js", "jsx", "py", "go", "rs", "java", "kt", "rb", "php", "c", "cpp", "h", "hpp", "cs"],
-      config: ["json", "yml", "yaml", "toml"],
-      docs: ["md", "txt", "rst"]
-    },
-    ignore: {
-      dirs: ["node_modules", "dist", "build", ".git", "coverage", "__pycache__", ".next", "vendor", ".cto"],
-      patterns: ["*.min.js", "*.map", "*.lock", "*.generated.*"]
-    },
-    maxDepth: 20
-  },
-  risk: {
-    weights: {
-      hub: 30,
-      typeProvider: 25,
-      complexity: 15,
-      recency: 15,
-      config: 10,
-      churn: 5
-    }
-  },
-  interaction: {
-    defaultBudget: 5e4,
-    defaultModel: "claude-sonnet-4"
-  },
-  tokens: {
-    method: "chars4"
-  },
-  governance: {
-    auditEnabled: true,
-    secretDetection: true,
-    retentionDays: 90
-  }
-};
-
-// src/engine/config.ts
-var CONFIG_DIR = ".cto";
-var CONFIG_FILE = "config.yml";
-var POLICY_FILE = "policy.yml";
-function getConfigPath(projectPath) {
-  return join(projectPath, CONFIG_DIR, CONFIG_FILE);
-}
-function getPolicyPath(projectPath) {
-  return join(projectPath, CONFIG_DIR, POLICY_FILE);
-}
-function getCTODir(projectPath) {
-  return join(projectPath, CONFIG_DIR);
-}
-async function saveConfig(projectPath, config) {
-  const ctoDir = getCTODir(projectPath);
-  await mkdir(ctoDir, { recursive: true });
-  const configPath = getConfigPath(projectPath);
-  const yamlContent = stringifyYAML(config, { indent: 2 });
-  await writeFile(configPath, yamlContent, "utf-8");
-  return configPath;
-}
-async function initProjectConfig(projectPath) {
-  const ctoDir = getCTODir(projectPath);
-  await mkdir(join(ctoDir, "snapshots"), { recursive: true });
-  const created = [];
-  const configPath = getConfigPath(projectPath);
-  if (!existsSync(configPath)) {
-    await saveConfig(projectPath, DEFAULT_CONFIG);
-    created.push(configPath);
-  }
-  const policyPath = getPolicyPath(projectPath);
-  if (!existsSync(policyPath)) {
-    const defaultPolicy = {
-      version: "1.0",
-      name: "default",
-      rules: [
-        {
-          id: "types-always",
-          type: "include-always",
-          pattern: "**/types/**",
-          reason: "Type definitions provide essential context",
-          enabled: true
-        },
-        {
-          id: "no-env",
-          type: "exclude-always",
-          pattern: "**/*.env*",
-          reason: "Environment files must never be sent to AI",
-          enabled: true
-        },
-        {
-          id: "no-secrets",
-          type: "secret-block",
-          reason: "Files with detected secrets are blocked",
-          enabled: true
-        },
-        {
-          id: "test-budget",
-          type: "budget-limit",
-          category: "test",
-          threshold: 20,
-          reason: "Test files should not exceed 20% of budget",
-          enabled: true
-        },
-        {
-          id: "min-coverage",
-          type: "coverage-minimum",
-          threshold: 70,
-          reason: "Warn if context coverage drops below 70%",
-          enabled: true
-        }
-      ]
-    };
-    const yamlContent = stringifyYAML(defaultPolicy, { indent: 2 });
-    await writeFile(policyPath, yamlContent, "utf-8");
-    created.push(policyPath);
-  }
-  return { configPath, policyPath, created };
-}
-
-// src/cli/v2/init.ts
-var initCommand = new Command("init").description("Initialize CTO v2 for a project").argument("[path]", "Project path", ".").option("--defaults", "Skip prompts and use defaults").action(async (path, opts) => {
-  try {
-    const projectPath = resolve(path);
-    const ctoDir = join2(projectPath, ".cto");
-    console.log("");
-    console.log(chalk.bold.cyan("  \u{1F527} CTO v2.0 \u2014 Context Operating System"));
-    console.log(chalk.dim("  AI Interaction Infrastructure for Engineering Teams"));
-    console.log("");
-    const { configPath, policyPath, created } = await initProjectConfig(projectPath);
-    const gitignorePath = join2(ctoDir, ".gitignore");
-    const gitignoreContent = [
-      "# CTO v2 \u2014 local state (do not commit)",
-      "audit/",
-      "snapshots/",
-      "",
-      "# Config and policy should be committed",
-      "!config.yml",
-      "!policy.yml",
-      ""
-    ].join("\n");
-    await writeFile2(gitignorePath, gitignoreContent, "utf-8");
-    console.log(chalk.green("  \u2705 Initialized .cto/ directory"));
-    console.log(chalk.dim(`     ${ctoDir}/`));
-    console.log(chalk.dim("     \u251C\u2500\u2500 config.yml      (commit this)"));
-    console.log(chalk.dim("     \u251C\u2500\u2500 policy.yml      (commit this)"));
-    console.log(chalk.dim("     \u251C\u2500\u2500 snapshots/      (local)"));
-    console.log(chalk.dim("     \u2514\u2500\u2500 .gitignore"));
-    if (created.length > 0) {
-      console.log(chalk.dim(`     Created: ${created.length} file(s)`));
-    }
-    console.log("");
-    console.log(chalk.bold("  Next steps:"));
-    console.log(chalk.dim("    cto analyze                          \u2014 Analyze project structure & risk"));
-    console.log(chalk.dim('    cto interact "refactor auth module"  \u2014 Build optimized AI context'));
-    console.log(chalk.dim("    cto snapshot create baseline         \u2014 Save a reproducible snapshot"));
-    console.log(chalk.dim("    cto policy show                      \u2014 View context policies"));
-    console.log("");
-  } catch (err) {
-    console.error(chalk.red(`
-  Error: ${err.message}
-`));
-    process.exit(1);
-  }
-});
-
-// src/cli/v2/analyze.ts
-import { Command as Command2 } from "commander";
-import chalk2 from "chalk";
-import { resolve as resolve4 } from "path";
-
-// src/engine/analyzer.ts
-import { readFile as readFile3, readdir, stat as stat2 } from "fs/promises";
-import { join as join4, extname, relative as relative2, resolve as resolve3, basename as basename2 } from "path";
-import { createHash } from "crypto";
-
-// src/types/engine.ts
-var DEFAULT_RISK_WEIGHTS = {
-  hub: 30,
-  typeProvider: 25,
-  complexity: 15,
-  recency: 15,
-  config: 10,
-  churn: 5
-};
-
-// src/engine/tokenizer.ts
-import { encodingForModel } from "js-tiktoken";
-import { readFile as readFile2, stat } from "fs/promises";
-var CHARS_PER_TOKEN = 4;
-var encoder = null;
-function getEncoder() {
-  if (!encoder) {
-    encoder = encodingForModel("claude-3-5-sonnet-20241022");
-  }
-  return encoder;
-}
-function countTokensTiktoken(text) {
-  try {
-    const enc = getEncoder();
-    const tokens = enc.encode(text);
-    return tokens.length;
-  } catch {
-    return Math.ceil(text.length / CHARS_PER_TOKEN);
-  }
-}
-function countTokensChars4(sizeInBytes) {
-  return Math.ceil(sizeInBytes / CHARS_PER_TOKEN);
-}
-function estimateTokens(content, sizeInBytes, method = "chars4") {
-  if (method === "tiktoken") {
-    return countTokensTiktoken(content);
-  }
-  return countTokensChars4(sizeInBytes);
-}
-
-// src/engine/graph.ts
-import { Project, SyntaxKind } from "ts-morph";
-import { resolve as resolve2, relative, dirname, join as join3 } from "path";
-import { existsSync as existsSync2 } from "fs";
-var TS_EXTENSIONS = /* @__PURE__ */ new Set(["ts", "tsx", "js", "jsx", "mts", "mjs", "cts", "cjs"]);
-function createProject(projectPath, filePaths) {
-  const tsConfigPath = join3(projectPath, "tsconfig.json");
-  const hasTsConfig = existsSync2(tsConfigPath);
-  const project = new Project({
-    tsConfigFilePath: hasTsConfig ? tsConfigPath : void 0,
-    skipAddingFilesFromTsConfig: true,
-    compilerOptions: hasTsConfig ? void 0 : {
-      allowJs: true,
-      jsx: 4,
-      // JsxEmit.ReactJSX
-      esModuleInterop: true,
-      moduleResolution: 100
-      // Bundler
-    }
-  });
-  const tsFiles = filePaths.filter((f) => {
-    const ext = f.split(".").pop()?.toLowerCase() ?? "";
-    return TS_EXTENSIONS.has(ext);
-  });
-  for (const filePath of tsFiles) {
-    try {
-      project.addSourceFileAtPath(filePath);
-    } catch {
-    }
-  }
-  return project;
-}
-function buildProjectGraph(projectPath, files) {
-  const absPath = resolve2(projectPath);
-  const tsFiles = files.filter((f) => TS_EXTENSIONS.has(f.extension)).map((f) => f.path);
-  if (tsFiles.length === 0) {
-    return emptyGraph(files);
-  }
-  let project;
-  try {
-    project = createProject(projectPath, tsFiles);
-  } catch {
-    return emptyGraph(files);
-  }
-  const edges = [];
-  const nodeSet = /* @__PURE__ */ new Set();
-  for (const sourceFile of project.getSourceFiles()) {
-    const fromRel = relative(absPath, sourceFile.getFilePath());
-    if (fromRel.startsWith("..") || fromRel.includes("node_modules")) continue;
-    nodeSet.add(fromRel);
-    for (const imp of sourceFile.getImportDeclarations()) {
-      const moduleSpecifier = imp.getModuleSpecifierValue();
-      const resolved = resolveImport(sourceFile, moduleSpecifier, absPath);
-      if (resolved) {
-        nodeSet.add(resolved);
-        edges.push({ from: fromRel, to: resolved, type: "import" });
-      }
-    }
-    for (const exp of sourceFile.getExportDeclarations()) {
-      const moduleSpecifier = exp.getModuleSpecifierValue();
-      if (moduleSpecifier) {
-        const resolved = resolveImport(sourceFile, moduleSpecifier, absPath);
-        if (resolved) {
-          nodeSet.add(resolved);
-          edges.push({ from: fromRel, to: resolved, type: "re-export" });
-        }
-      }
-    }
-  }
-  const nodes = Array.from(nodeSet);
-  const importedByCount = /* @__PURE__ */ new Map();
-  const importCount = /* @__PURE__ */ new Map();
-  for (const edge of edges) {
-    importedByCount.set(edge.to, (importedByCount.get(edge.to) ?? 0) + 1);
-    importCount.set(edge.from, (importCount.get(edge.from) ?? 0) + 1);
-  }
-  const N = Math.max(nodes.length, 1);
-  const hubs = nodes.map((node) => {
-    const inDeg = importedByCount.get(node) ?? 0;
-    const outDeg = importCount.get(node) ?? 0;
-    const centrality = N > 1 ? inDeg / (N - 1) * 100 : 0;
-    const score = Math.round(centrality + outDeg * (100 / (2 * N)));
-    return {
-      relativePath: node,
-      dependents: inDeg,
-      dependencies: outDeg,
-      score: Math.min(100, score)
-    };
-  }).filter((h) => h.dependents >= 3 || h.score >= 15).sort((a, b) => b.score - a.score);
-  const leaves = nodes.filter(
-    (node) => (importedByCount.get(node) ?? 0) === 0 && (importCount.get(node) ?? 0) > 0
-  );
-  const connectedNodes = /* @__PURE__ */ new Set();
-  for (const edge of edges) {
-    connectedNodes.add(edge.from);
-    connectedNodes.add(edge.to);
-  }
-  const allFileNodes = new Set(files.map((f) => f.relativePath));
-  const orphans = Array.from(allFileNodes).filter((n) => !connectedNodes.has(n));
-  const clusters = detectClusters(nodes, edges, files);
-  enrichComplexity(project, absPath, files);
-  return { nodes, edges, hubs, leaves, orphans, clusters };
-}
-var UnionFind = class {
-  parent;
-  rank;
-  constructor(nodes) {
-    this.parent = /* @__PURE__ */ new Map();
-    this.rank = /* @__PURE__ */ new Map();
-    for (const n of nodes) {
-      this.parent.set(n, n);
-      this.rank.set(n, 0);
-    }
-  }
-  find(x) {
-    const p = this.parent.get(x);
-    if (p === void 0) return x;
-    if (p !== x) {
-      this.parent.set(x, this.find(p));
-    }
-    return this.parent.get(x);
-  }
-  union(a, b) {
-    const ra = this.find(a);
-    const rb = this.find(b);
-    if (ra === rb) return;
-    const rankA = this.rank.get(ra) ?? 0;
-    const rankB = this.rank.get(rb) ?? 0;
-    if (rankA < rankB) {
-      this.parent.set(ra, rb);
-    } else if (rankA > rankB) {
-      this.parent.set(rb, ra);
-    } else {
-      this.parent.set(rb, ra);
-      this.rank.set(ra, rankA + 1);
-    }
-  }
-};
-function detectClusters(nodes, edges, files) {
-  const uf = new UnionFind(nodes);
-  for (const edge of edges) {
-    uf.union(edge.from, edge.to);
-  }
-  const components = /* @__PURE__ */ new Map();
-  for (const node of nodes) {
-    const root = uf.find(node);
-    if (!components.has(root)) components.set(root, []);
-    components.get(root).push(node);
-  }
-  const tokenMap = new Map(files.map((f) => [f.relativePath, f.tokens]));
-  const clusters = [];
-  for (const [, groupFiles] of components) {
-    if (groupFiles.length < 2) continue;
-    const name = commonPrefix(groupFiles);
-    const fileSet = new Set(groupFiles);
-    let internalEdges = 0;
-    let externalEdges = 0;
-    for (const edge of edges) {
-      const fromIn = fileSet.has(edge.from);
-      const toIn = fileSet.has(edge.to);
-      if (fromIn && toIn) internalEdges++;
-      else if (fromIn || toIn) externalEdges++;
-    }
-    const totalEdges = internalEdges + externalEdges;
-    const cohesion = totalEdges > 0 ? internalEdges / totalEdges : 0;
-    const totalTokens = groupFiles.reduce((s, f) => s + (tokenMap.get(f) ?? 0), 0);
-    clusters.push({
-      id: name.replace(/[^a-zA-Z0-9]/g, "-") || `cluster-${clusters.length}`,
-      name: name || `cluster-${clusters.length}`,
-      files: groupFiles,
-      totalTokens,
-      internalEdges,
-      externalEdges,
-      cohesion: Math.round(cohesion * 100) / 100
-    });
-  }
-  return clusters.sort((a, b) => b.files.length - a.files.length);
-}
-function commonPrefix(paths) {
-  if (paths.length === 0) return "";
-  const parts = paths.map((p) => p.split("/"));
-  const prefix = [];
-  for (let i = 0; i < parts[0].length - 1; i++) {
-    const segment = parts[0][i];
-    if (parts.every((p) => p[i] === segment)) {
-      prefix.push(segment);
-    } else break;
-  }
-  return prefix.join("/") || parts[0][0];
-}
-function enrichComplexity(project, absPath, files) {
-  const fileMap = new Map(files.map((f) => [f.relativePath, f]));
-  for (const sourceFile of project.getSourceFiles()) {
-    const relPath = relative(absPath, sourceFile.getFilePath());
-    if (relPath.startsWith("..") || relPath.includes("node_modules")) continue;
-    const file = fileMap.get(relPath);
-    if (!file) continue;
-    let totalComplexity = 0;
-    for (const func of sourceFile.getFunctions()) {
-      totalComplexity += calculateCyclomaticComplexity(func);
-    }
-    for (const cls of sourceFile.getClasses()) {
-      for (const method of cls.getMethods()) {
-        totalComplexity += calculateCyclomaticComplexity(method);
-      }
-    }
-    for (const varDecl of sourceFile.getVariableDeclarations()) {
-      const init = varDecl.getInitializer();
-      if (init && (init.getKind() === SyntaxKind.ArrowFunction || init.getKind() === SyntaxKind.FunctionExpression)) {
-        totalComplexity += calculateCyclomaticComplexity(init);
-      }
-    }
-    file.complexity = Math.max(1, totalComplexity);
-  }
-}
-function calculateCyclomaticComplexity(node) {
-  let complexity = 1;
-  node.forEachDescendant((descendant) => {
-    switch (descendant.getKind()) {
-      case SyntaxKind.IfStatement:
-      case SyntaxKind.ConditionalExpression:
-      case SyntaxKind.ForStatement:
-      case SyntaxKind.ForInStatement:
-      case SyntaxKind.ForOfStatement:
-      case SyntaxKind.WhileStatement:
-      case SyntaxKind.DoStatement:
-      case SyntaxKind.CaseClause:
-      case SyntaxKind.CatchClause:
-        complexity++;
-        break;
-      case SyntaxKind.BinaryExpression: {
-        const opToken = descendant.getOperatorToken?.();
-        if (opToken) {
-          const kind = opToken.getKind();
-          if (kind === SyntaxKind.AmpersandAmpersandToken || kind === SyntaxKind.BarBarToken || kind === SyntaxKind.QuestionQuestionToken) {
-            complexity++;
-          }
-        }
-        break;
-      }
-    }
-  });
-  return complexity;
-}
-function resolveImport(sourceFile, moduleSpecifier, projectRoot) {
-  if (!moduleSpecifier.startsWith(".")) return null;
-  const sourceDir = dirname(sourceFile.getFilePath());
-  const basePath = resolve2(sourceDir, moduleSpecifier);
-  const extensions = [".ts", ".tsx", ".js", ".jsx", "/index.ts", "/index.tsx", "/index.js", "/index.jsx"];
-  for (const ext of extensions) {
-    const candidate = basePath.endsWith(ext) ? basePath : basePath + ext;
-    if (existsSync2(candidate)) {
-      const rel = relative(projectRoot, candidate);
-      if (!rel.startsWith("..")) return rel;
-    }
-  }
-  if (moduleSpecifier.endsWith(".js")) {
-    const tsPath = basePath.replace(/\.js$/, ".ts");
-    if (existsSync2(tsPath)) {
-      const rel = relative(projectRoot, tsPath);
-      if (!rel.startsWith("..")) return rel;
-    }
-  }
-  return null;
-}
-function emptyGraph(files) {
-  return {
-    nodes: files.map((f) => f.relativePath),
-    edges: [],
-    hubs: [],
-    leaves: [],
-    orphans: files.map((f) => f.relativePath),
-    clusters: []
-  };
-}
-
-// src/engine/risk.ts
-function scoreAllFiles(files, graph, weights = DEFAULT_RISK_WEIGHTS) {
-  const typeProviderUsage = computeTypeProviderUsage(files, graph);
-  for (const file of files) {
-    const factors = computeRiskFactors(file, graph, typeProviderUsage, weights);
-    file.riskFactors = factors;
-    file.riskScore = computeWeightedScore(factors);
-    file.exclusionImpact = scoreToImpact(file.riskScore);
-  }
-}
-function computeRiskFactors(file, graph, typeProviderUsage, weights) {
-  const factors = [];
-  factors.push(computeHubFactor(file, weights.hub));
-  factors.push(computeTypeProviderFactor(file, typeProviderUsage, weights.typeProvider));
-  factors.push(computeComplexityFactor(file, weights.complexity));
-  factors.push(computeRecencyFactor(file, weights.recency));
-  factors.push(computeConfigFactor(file, weights.config));
-  factors.push(computeChurnFactor(file, weights.churn));
-  return factors;
-}
-function computeHubFactor(file, weight) {
-  const dependents = file.importedBy.length;
-  const K = 12;
-  const score = dependents === 0 ? 0 : Math.min(100, Math.round(100 * Math.log2(1 + dependents) / Math.log2(1 + K)));
-  const detail = dependents === 0 ? "No dependents" : `Hub: ${dependents} file(s) depend on this (score ${score}/100)`;
-  return { type: "hub", score, weight, detail };
-}
-function computeTypeProviderFactor(file, usage, weight) {
-  const isTypeFile = file.kind === "type";
-  const consumers = usage.get(file.relativePath) ?? 0;
-  let score;
-  let detail;
-  if (isTypeFile && consumers >= 4) {
-    score = 100;
-    detail = `Type provider: used by ${consumers} files (critical type source)`;
-  } else if (isTypeFile && consumers >= 1) {
-    score = 50;
-    detail = `Type provider: used by ${consumers} files`;
-  } else if (isTypeFile) {
-    score = 30;
-    detail = "Type file (no detected consumers)";
-  } else {
-    score = 0;
-    detail = "Not a type provider";
-  }
-  return { type: "type-provider", score, weight, detail };
-}
-function computeComplexityFactor(file, weight) {
-  const c = file.complexity;
-  const K = 30;
-  const score = Math.min(100, Math.round(100 * Math.log(1 + c) / Math.log(1 + K)));
-  const detail = c >= 30 ? `Very high complexity: ${c} (AI needs full context)` : c >= 10 ? `High complexity: ${c}` : `Complexity: ${c}`;
-  return { type: "complexity", score, weight, detail };
-}
-function computeRecencyFactor(file, weight) {
-  const now = Date.now();
-  const modified = new Date(file.lastModified).getTime();
-  const daysAgo = (now - modified) / (1e3 * 60 * 60 * 24);
-  const HALF_LIFE = 7;
-  const score = Math.round(100 * Math.pow(2, -daysAgo / HALF_LIFE));
-  const detail = daysAgo <= 1 ? "Modified today" : `Modified ${Math.round(daysAgo)} days ago (decay score ${score})`;
-  return { type: "recency", score, weight, detail };
-}
-function computeConfigFactor(file, weight) {
-  let score;
-  let detail;
-  if (file.kind === "entry") {
-    score = 90;
-    detail = "Entry point \u2014 critical for understanding app structure";
-  } else if (file.kind === "config") {
-    score = 80;
-    detail = "Configuration file \u2014 affects runtime behavior";
-  } else {
-    score = 0;
-    detail = "Regular source file";
-  }
-  return { type: "config", score, weight, detail };
-}
-function computeChurnFactor(file, weight) {
-  const complexitySignal = Math.min(file.complexity / 20, 1);
-  const now = Date.now();
-  const daysAgo = (now - new Date(file.lastModified).getTime()) / (1e3 * 60 * 60 * 24);
-  const recencySignal = Math.pow(2, -daysAgo / 7);
-  const score = Math.round(Math.sqrt(complexitySignal * recencySignal) * 100);
-  const detail = score >= 50 ? "Likely under active development (complex + recent)" : score >= 20 ? "Some recent activity" : "Stable \u2014 low churn (proxy estimate)";
-  return { type: "churn", score, weight, detail };
-}
-function computeWeightedScore(factors) {
-  let totalWeightedScore = 0;
-  let totalWeight = 0;
-  for (const factor of factors) {
-    totalWeightedScore += factor.score * factor.weight;
-    totalWeight += factor.weight;
-  }
-  if (totalWeight === 0) return 0;
-  return Math.round(totalWeightedScore / totalWeight);
-}
-function scoreToImpact(score) {
-  if (score >= 80) return "critical";
-  if (score >= 60) return "high";
-  if (score >= 30) return "medium";
-  if (score > 0) return "low";
-  return "none";
-}
-function computeTypeProviderUsage(files, graph) {
-  const usage = /* @__PURE__ */ new Map();
-  const typeFiles = new Set(
-    files.filter((f) => f.kind === "type").map((f) => f.relativePath)
-  );
-  for (const edge of graph.edges) {
-    if (typeFiles.has(edge.to)) {
-      usage.set(edge.to, (usage.get(edge.to) ?? 0) + 1);
-    }
-  }
-  return usage;
-}
-
-// src/engine/analyzer.ts
-function matchesPattern(filename, patterns) {
-  for (const pattern of patterns) {
-    if (pattern.startsWith("*.")) {
-      const ext = pattern.slice(1);
-      if (filename.endsWith(ext)) return true;
-    } else if (filename === pattern) {
-      return true;
-    }
-  }
-  return false;
-}
-async function walkProject(rootPath, options) {
-  const results = [];
-  const { ignoreDirs, ignorePatterns, extensions, maxDepth = 20 } = options;
-  const ignoreDirSet = new Set(ignoreDirs);
-  async function walk(dir, depth) {
-    if (depth > maxDepth) return;
-    let entries;
-    try {
-      entries = await readdir(dir, { withFileTypes: true });
-    } catch {
-      return;
-    }
-    const promises = [];
-    for (const entry of entries) {
-      const fullPath = join4(dir, entry.name);
-      if (entry.isDirectory()) {
-        if (!ignoreDirSet.has(entry.name) && !entry.name.startsWith(".")) {
-          promises.push(walk(fullPath, depth + 1));
-        }
-      } else if (entry.isFile()) {
-        const ext = extname(entry.name).slice(1).toLowerCase();
-        if (ext && extensions.includes(ext) && !matchesPattern(entry.name, ignorePatterns)) {
-          promises.push(
-            (async () => {
-              const fileStat = await stat2(fullPath).catch(() => null);
-              if (!fileStat) return;
-              let lines = 0;
-              try {
-                const content = await readFile3(fullPath, "utf-8");
-                lines = content.split("\n").length;
-              } catch {
-                lines = 0;
-              }
-              results.push({
-                path: fullPath,
-                relativePath: relative2(rootPath, fullPath),
-                extension: ext,
-                size: fileStat.size,
-                lastModified: fileStat.mtime,
-                lines
-              });
-            })()
-          );
-        }
-      }
-    }
-    await Promise.all(promises);
-  }
-  await walk(rootPath, 0);
-  return results;
-}
-var TYPE_PATTERNS = [/types?\//i, /\.d\.ts$/, /interfaces?\//i];
-var TEST_PATTERNS = [/\.test\.[jt]sx?$/, /\.spec\.[jt]sx?$/, /\/__tests__\//, /\/tests?\//];
-var CONFIG_PATTERNS = [/\.config\.[jt]s$/, /rc\.[jt]s$/, /\.env/, /tsconfig/, /package\.json$/, /\.yml$/, /\.yaml$/, /\.toml$/];
-var ENTRY_PATTERNS = [/^index\.[jt]sx?$/, /^main\.[jt]sx?$/, /^app\.[jt]sx?$/, /^server\.[jt]sx?$/];
-function classifyFileKind(relativePath) {
-  const filename = basename2(relativePath);
-  if (TYPE_PATTERNS.some((p) => p.test(relativePath))) return "type";
-  if (TEST_PATTERNS.some((p) => p.test(relativePath))) return "test";
-  if (CONFIG_PATTERNS.some((p) => p.test(relativePath) || p.test(filename))) return "config";
-  if (ENTRY_PATTERNS.some((p) => p.test(filename))) return "entry";
-  return "source";
-}
-function detectStack(files) {
-  const stack = [];
-  const extensions = new Set(files.map((f) => f.extension));
-  const paths = files.map((f) => f.relativePath.toLowerCase());
-  if (extensions.has("ts") || extensions.has("tsx")) stack.push("TypeScript");
-  else if (extensions.has("js") || extensions.has("jsx")) stack.push("JavaScript");
-  if (extensions.has("py")) stack.push("Python");
-  if (extensions.has("go")) stack.push("Go");
-  if (extensions.has("rs")) stack.push("Rust");
-  if (extensions.has("java")) stack.push("Java");
-  if (extensions.has("kt")) stack.push("Kotlin");
-  if (extensions.has("rb")) stack.push("Ruby");
-  if (extensions.has("php")) stack.push("PHP");
-  if (extensions.has("cs")) stack.push("C#");
-  if (extensions.has("c") || extensions.has("cpp")) stack.push("C/C++");
-  if (paths.some((p) => p.includes("next.config"))) stack.push("Next.js");
-  if (paths.some((p) => p.includes("nuxt.config"))) stack.push("Nuxt");
-  if (paths.some((p) => p.includes("angular.json"))) stack.push("Angular");
-  return stack;
-}
-async function analyzeProject(projectPath, config) {
-  const absPath = resolve3(projectPath);
-  const projectName = basename2(absPath);
-  const mergedConfig = mergeConfig(DEFAULT_CONFIG, config);
-  const allExtensions = [
-    ...mergedConfig.analysis.extensions.code,
-    ...mergedConfig.analysis.extensions.config,
-    ...mergedConfig.analysis.extensions.docs
-  ];
-  const walkEntries = await walkProject(absPath, {
-    ignoreDirs: mergedConfig.analysis.ignore.dirs,
-    ignorePatterns: mergedConfig.analysis.ignore.patterns,
-    extensions: allExtensions,
-    maxDepth: mergedConfig.analysis.maxDepth
-  });
-  const tokenMethod = mergedConfig.tokens.method;
-  const files = [];
-  for (const entry of walkEntries) {
-    let tokens;
-    if (tokenMethod === "tiktoken") {
-      try {
-        const content = await readFile3(entry.path, "utf-8");
-        tokens = estimateTokens(content, entry.size, "tiktoken");
-      } catch {
-        tokens = countTokensChars4(entry.size);
-      }
-    } else {
-      tokens = countTokensChars4(entry.size);
-    }
-    files.push({
-      path: entry.path,
-      relativePath: entry.relativePath,
-      extension: entry.extension,
-      size: entry.size,
-      tokens,
-      lines: entry.lines,
-      lastModified: entry.lastModified,
-      kind: classifyFileKind(entry.relativePath),
-      // Graph data — populated by graph analysis
-      imports: [],
-      importedBy: [],
-      isHub: false,
-      complexity: 0,
-      // Risk data — populated by risk analysis
-      riskScore: 0,
-      riskFactors: [],
-      exclusionImpact: "none"
-    });
-  }
-  const graph = buildProjectGraph(absPath, files);
-  for (const file of files) {
-    const nodeImports = [];
-    const nodeImportedBy = [];
-    for (const edge of graph.edges) {
-      if (edge.from === file.relativePath) nodeImports.push(edge.to);
-      if (edge.to === file.relativePath) nodeImportedBy.push(edge.from);
-    }
-    file.imports = nodeImports;
-    file.importedBy = nodeImportedBy;
-    file.isHub = graph.hubs.some((h) => h.relativePath === file.relativePath);
-  }
-  const riskWeights = mergedConfig.risk.weights;
-  scoreAllFiles(files, graph, riskWeights);
-  const riskProfile = {
-    distribution: {
-      critical: files.filter((f) => f.riskScore >= 80).length,
-      high: files.filter((f) => f.riskScore >= 60 && f.riskScore < 80).length,
-      medium: files.filter((f) => f.riskScore >= 30 && f.riskScore < 60).length,
-      low: files.filter((f) => f.riskScore < 30).length
-    },
-    topRiskFiles: [...files].sort((a, b) => b.riskScore - a.riskScore).slice(0, 10),
-    overallComplexity: files.length > 0 ? files.reduce((s, f) => s + f.complexity, 0) / files.length : 0
-  };
-  const totalTokens = files.reduce((s, f) => s + f.tokens, 0);
-  const hashInput = files.map((f) => `${f.relativePath}:${f.tokens}:${f.riskScore}`).sort().join("|");
-  const hash = createHash("sha256").update(hashInput).digest("hex").substring(0, 16);
-  const stack = detectStack(walkEntries);
-  return {
-    projectPath: absPath,
-    projectName,
-    analyzedAt: /* @__PURE__ */ new Date(),
-    hash,
-    files,
-    totalFiles: files.length,
-    totalTokens,
-    graph,
-    riskProfile,
-    stack,
-    tokenMethod
-  };
-}
-function mergeConfig(base, overrides) {
-  if (!overrides) return base;
-  return {
-    ...base,
-    ...overrides,
-    analysis: {
-      ...base.analysis,
-      ...overrides.analysis,
-      extensions: {
-        ...base.analysis.extensions,
-        ...overrides.analysis?.extensions
-      },
-      ignore: {
-        ...base.analysis.ignore,
-        ...overrides.analysis?.ignore
-      }
-    },
-    risk: {
-      ...base.risk,
-      ...overrides.risk,
-      weights: {
-        ...base.risk.weights,
-        ...overrides.risk?.weights
-      }
-    },
-    interaction: {
-      ...base.interaction,
-      ...overrides.interaction
-    },
-    tokens: {
-      ...base.tokens,
-      ...overrides.tokens
-    },
-    governance: {
-      ...base.governance,
-      ...overrides.governance
-    }
-  };
-}
-
-// src/cli/v2/analyze.ts
-var analyzeCommand = new Command2("analyze").description("Analyze project structure, dependencies, and risk profile").argument("[path]", "Project path to analyze", ".").option("--json", "Output as JSON").option("--method <method>", "Token counting method: chars4 | tiktoken", "chars4").option("--risk-only", "Show only risk distribution and top risk files").option("--graph", "Show detailed dependency graph info (hubs, clusters, orphans)").action(async (path, opts) => {
-  try {
-    const projectPath = resolve4(path);
-    const method = opts.method === "tiktoken" ? "tiktoken" : "chars4";
-    console.log(chalk2.dim(`
-  Analyzing ${projectPath}...
-`));
-    const analysis = await analyzeProject(projectPath, { tokens: { method } });
-    if (opts.json) {
-      console.log(JSON.stringify(analysis, null, 2));
-      return;
-    }
-    console.log(chalk2.bold.cyan("  \u{1F4CA} Project Analysis"));
-    console.log("");
-    console.log(`  ${chalk2.bold("Project:")}   ${analysis.projectName}`);
-    console.log(`  ${chalk2.bold("Stack:")}     ${analysis.stack.join(", ") || "Unknown"}`);
-    console.log(`  ${chalk2.bold("Files:")}     ${analysis.totalFiles}`);
-    console.log(`  ${chalk2.bold("Tokens:")}    ~${Math.round(analysis.totalTokens / 1e3)}K`);
-    console.log(`  ${chalk2.bold("Method:")}    ${analysis.tokenMethod}`);
-    console.log(`  ${chalk2.bold("Hash:")}      ${analysis.hash.substring(0, 12)}`);
-    console.log("");
-    const d = analysis.riskProfile.distribution;
-    console.log(chalk2.bold("  Risk Distribution:"));
-    console.log(`    ${chalk2.red("Critical:")} ${d.critical}  ${chalk2.yellow("High:")} ${d.high}  ${chalk2.blue("Medium:")} ${d.medium}  ${chalk2.dim("Low:")} ${d.low}`);
-    console.log(`    ${chalk2.bold("Overall complexity:")} ${analysis.riskProfile.overallComplexity.toFixed(1)}`);
-    console.log("");
-    if (opts.riskOnly) {
-      console.log(chalk2.dim(`  Run ${chalk2.bold("cto interact")} to build optimized AI context`));
-      console.log("");
-      return;
-    }
-    const g = analysis.graph;
-    console.log(chalk2.bold("  Dependency Graph:"));
-    console.log(`    Nodes: ${g.nodes.length}  Edges: ${g.edges.length}`);
-    console.log(`    Hubs: ${g.hubs.length}  Leaves: ${g.leaves.length}  Orphans: ${g.orphans.length}  Clusters: ${g.clusters.length}`);
-    if (opts.graph) {
-      if (g.hubs.length > 0) {
-        console.log("");
-        console.log(chalk2.bold("  Hub Files (imported by 3+ files):"));
-        for (const hub of g.hubs.slice(0, 15)) {
-          console.log(`    ${hub.relativePath} \u2014 ${hub.dependents} dependents, score ${hub.score}`);
-        }
-      }
-      if (g.clusters.length > 0) {
-        console.log("");
-        console.log(chalk2.bold("  Clusters:"));
-        for (const c of g.clusters.slice(0, 10)) {
-          console.log(`    ${c.name} \u2014 ${c.files.length} files, ${Math.round(c.totalTokens / 1e3)}K tokens, cohesion ${c.cohesion}`);
-        }
-      }
-      if (g.orphans.length > 0) {
-        console.log("");
-        console.log(chalk2.bold(`  Orphans (${g.orphans.length} files with no connections):`));
-        for (const o of g.orphans.slice(0, 10)) {
-          console.log(`    ${chalk2.dim(o)}`);
-        }
-        if (g.orphans.length > 10) {
-          console.log(chalk2.dim(`    ... and ${g.orphans.length - 10} more`));
-        }
-      }
-    }
-    console.log("");
-    if (analysis.riskProfile.topRiskFiles.length > 0) {
-      console.log(chalk2.bold("  Top Risk Files:"));
-      for (const f of analysis.riskProfile.topRiskFiles.slice(0, 10)) {
-        const impact = f.exclusionImpact;
-        const impactColor = impact === "critical" ? chalk2.red : impact === "high" ? chalk2.yellow : chalk2.dim;
-        console.log(`    ${impactColor(`[${impact}]`)} ${f.relativePath} \u2014 risk ${f.riskScore}, ~${Math.round(f.tokens / 1e3)}K tokens`);
-      }
-      console.log("");
-    }
-    console.log(chalk2.dim(`  Run ${chalk2.bold("cto interact")} to build optimized AI context`));
-    console.log("");
-  } catch (err) {
-    console.error(chalk2.red(`
-  Error: ${err.message}
-`));
-    process.exit(1);
-  }
-});
-
-// src/cli/v2/interact.ts
-import { Command as Command3 } from "commander";
-import chalk3 from "chalk";
-import { resolve as resolve8, join as join8 } from "path";
-import { writeFile as writeFile4 } from "fs/promises";
-
-// src/engine/cache.ts
-import { createHash as createHash2 } from "crypto";
-import { readdir as readdir2, stat as stat3 } from "fs/promises";
-import { join as join5, extname as extname2, relative as relative3, resolve as resolve5 } from "path";
-var DEFAULT_CACHE_OPTIONS = {
-  maxAgeMs: 5 * 60 * 1e3,
-  // 5 minutes
-  maxEntries: 10,
-  enabled: true
-};
-var cache = /* @__PURE__ */ new Map();
-var cacheOptions = { ...DEFAULT_CACHE_OPTIONS };
-async function computeFingerprint(rootPath, config = DEFAULT_CONFIG) {
-  const entries = [];
-  const allExtensions = /* @__PURE__ */ new Set([
-    ...config.analysis.extensions.code,
-    ...config.analysis.extensions.config,
-    ...config.analysis.extensions.docs
-  ]);
-  const ignoreDirSet = new Set(config.analysis.ignore.dirs);
-  async function walk(dir, depth) {
-    if (depth > config.analysis.maxDepth) return;
-    let dirEntries;
-    try {
-      dirEntries = await readdir2(dir, { withFileTypes: true });
-    } catch {
-      return;
-    }
-    const promises = [];
-    for (const entry of dirEntries) {
-      const fullPath = join5(dir, entry.name);
-      if (entry.isDirectory()) {
-        if (!ignoreDirSet.has(entry.name) && !entry.name.startsWith(".")) {
-          promises.push(walk(fullPath, depth + 1));
-        }
-      } else if (entry.isFile()) {
-        const ext = extname2(entry.name).slice(1).toLowerCase();
-        if (ext && allExtensions.has(ext)) {
-          promises.push(
-            (async () => {
-              try {
-                const s = await stat3(fullPath);
-                const rel = relative3(rootPath, fullPath);
-                entries.push(`${rel}:${s.mtimeMs.toFixed(0)}:${s.size}`);
-              } catch {
-              }
-            })()
-          );
-        }
-      }
-    }
-    await Promise.all(promises);
-  }
-  await walk(rootPath, 0);
-  entries.sort();
-  return createHash2("sha256").update(entries.join("|")).digest("hex").substring(0, 16);
-}
-async function getCachedAnalysis(projectPath, config) {
-  const absPath = resolve5(projectPath);
-  if (!cacheOptions.enabled) {
-    return analyzeProject(absPath, config);
-  }
-  const existing = cache.get(absPath);
-  if (existing) {
-    const age = Date.now() - existing.createdAt;
-    if (age > cacheOptions.maxAgeMs) {
-      cache.delete(absPath);
-    }
-  }
-  const mergedConfig = config ? { ...DEFAULT_CONFIG, ...config } : DEFAULT_CONFIG;
-  const fingerprint = await computeFingerprint(absPath, mergedConfig);
-  const cached = cache.get(absPath);
-  if (cached && cached.fingerprint === fingerprint) {
-    cached.hits++;
-    return cached.analysis;
-  }
-  const analysis = await analyzeProject(absPath, config);
-  if (cache.size >= cacheOptions.maxEntries) {
-    const oldest = [...cache.entries()].sort(
-      (a, b) => a[1].createdAt - b[1].createdAt
-    )[0];
-    if (oldest) cache.delete(oldest[0]);
-  }
-  cache.set(absPath, {
-    analysis,
-    fingerprint,
-    createdAt: Date.now(),
-    hits: 0
-  });
-  return analysis;
-}
-
-// src/engine/pr-context.ts
-import { resolve as resolve6 } from "path";
-import { execFile } from "child_process";
-import { promisify } from "util";
-
-// src/engine/graph-utils.ts
-function buildAdjacencyList(edges) {
-  const forward = /* @__PURE__ */ new Map();
-  const reverse = /* @__PURE__ */ new Map();
-  for (const edge of edges) {
-    if (!forward.has(edge.from)) forward.set(edge.from, []);
-    forward.get(edge.from).push(edge.to);
-    if (!reverse.has(edge.to)) reverse.set(edge.to, []);
-    reverse.get(edge.to).push(edge.from);
-  }
-  return { forward, reverse };
-}
-function bfsBidirectional(seeds, adj, depth) {
-  const result = new Set(seeds);
-  let frontier = [...seeds];
-  const visited = /* @__PURE__ */ new Set();
-  for (let d = 0; d < depth; d++) {
-    const nextFrontier = [];
-    for (const node of frontier) {
-      if (visited.has(node)) continue;
-      visited.add(node);
-      const fwd = adj.forward.get(node);
-      if (fwd) {
-        for (const neighbor of fwd) {
-          if (!visited.has(neighbor)) {
-            result.add(neighbor);
-            nextFrontier.push(neighbor);
-          }
-        }
-      }
-      const rev = adj.reverse.get(node);
-      if (rev) {
-        for (const neighbor of rev) {
-          if (!visited.has(neighbor)) {
-            result.add(neighbor);
-            nextFrontier.push(neighbor);
-          }
-        }
-      }
-    }
-    frontier = nextFrontier;
-  }
-  return result;
-}
-function matchGlob(path, pattern) {
-  const regexStr = pattern.replace(/\./g, "\\.").replace(/\*\*/g, "\xA7\xA7").replace(/\*/g, "[^/]*").replace(/§§/g, ".*").replace(/\?/g, ".");
-  try {
-    return new RegExp(`^${regexStr}$`).test(path);
-  } catch {
-    return false;
-  }
-}
-
-// src/engine/pr-context.ts
-var exec = promisify(execFile);
-async function git(args, cwd) {
-  try {
-    const { stdout } = await exec("git", args, { cwd, maxBuffer: 10 * 1024 * 1024 });
-    return stdout.trim();
-  } catch {
-    return "";
-  }
-}
-async function isGitRepo(projectPath) {
-  const result = await git(["rev-parse", "--is-inside-work-tree"], projectPath);
-  return result === "true";
-}
-async function getCurrentBranch(projectPath) {
-  return git(["rev-parse", "--abbrev-ref", "HEAD"], projectPath);
-}
-async function getChangedFilesFromDiff(projectPath, baseBranch) {
-  const results = /* @__PURE__ */ new Map();
-  const workingDiff = await git(["diff", "--numstat", "HEAD"], projectPath);
-  parseDiffNumstat(workingDiff, results, "modified");
-  const stagedDiff = await git(["diff", "--numstat", "--cached"], projectPath);
-  parseDiffNumstat(stagedDiff, results, "modified");
-  const untracked = await git(["ls-files", "--others", "--exclude-standard"], projectPath);
-  for (const line of untracked.split("\n")) {
-    const f = line.trim();
-    if (f && !results.has(f)) {
-      results.set(f, { relativePath: f, changeType: "added", linesAdded: 0, linesRemoved: 0 });
-    }
-  }
-  if (baseBranch) {
-    const branchExists = await git(["rev-parse", "--verify", baseBranch], projectPath);
-    if (branchExists) {
-      const branchDiff = await git(["diff", "--numstat", `${baseBranch}...HEAD`], projectPath);
-      parseDiffNumstat(branchDiff, results, "modified");
-      const nameStatus = await git(["diff", "--name-status", `${baseBranch}...HEAD`], projectPath);
-      for (const line of nameStatus.split("\n")) {
-        const parts = line.trim().split("	");
-        if (parts.length >= 2) {
-          const status = parts[0];
-          const filePath = parts[parts.length - 1];
-          if (results.has(filePath)) {
-            const existing = results.get(filePath);
-            if (status === "A") existing.changeType = "added";
-            else if (status === "D") existing.changeType = "deleted";
-            else if (status.startsWith("R")) existing.changeType = "renamed";
-          }
-        }
-      }
-    }
-  }
-  return [...results.values()];
-}
-function parseDiffNumstat(output, results, defaultType) {
-  for (const line of output.split("\n")) {
-    const parts = line.trim().split("	");
-    if (parts.length < 3) continue;
-    const added = parts[0] === "-" ? 0 : parseInt(parts[0], 10) || 0;
-    const removed = parts[1] === "-" ? 0 : parseInt(parts[1], 10) || 0;
-    const filePath = parts[2];
-    if (!filePath) continue;
-    const existing = results.get(filePath);
-    if (existing) {
-      existing.linesAdded = Math.max(existing.linesAdded, added);
-      existing.linesRemoved = Math.max(existing.linesRemoved, removed);
-    } else {
-      results.set(filePath, {
-        relativePath: filePath,
-        changeType: defaultType,
-        linesAdded: added,
-        linesRemoved: removed
-      });
-    }
-  }
-}
-async function generatePRContext(analysis, options = {}) {
-  const projectPath = resolve6(analysis.projectPath);
-  const baseBranch = options.baseBranch ?? "main";
-  const depth = options.depth ?? 2;
-  const includeTests = options.includeTests ?? false;
-  const gitRepo = await isGitRepo(projectPath);
-  if (!gitRepo) {
-    return emptyResult(baseBranch);
-  }
-  const currentBranch = await getCurrentBranch(projectPath);
-  const changedFiles = await getChangedFilesFromDiff(projectPath, baseBranch);
-  if (changedFiles.length === 0) {
-    return {
-      ...emptyResult(baseBranch),
-      currentBranch,
-      isGitRepo: true,
-      renderedSummary: "# PR Context\n\nNo changed files detected."
-    };
-  }
-  const analysisFileSet = new Set(analysis.files.map((f) => f.relativePath));
-  const validChangedPaths = changedFiles.filter((c) => c.changeType !== "deleted" && analysisFileSet.has(c.relativePath)).map((c) => c.relativePath);
-  const adj = buildAdjacencyList(analysis.graph.edges);
-  const expanded = bfsBidirectional(validChangedPaths, adj, depth);
-  const changedSet = new Set(validChangedPaths);
-  const dependencyFiles = [...expanded].filter((f) => !changedSet.has(f));
-  const allRelevantPaths = new Set(expanded);
-  if (!includeTests) {
-    for (const path of allRelevantPaths) {
-      const file = analysis.files.find((f) => f.relativePath === path);
-      if (file && file.kind === "test") {
-        if (!changedSet.has(path)) {
-          allRelevantPaths.delete(path);
-        }
-      }
-    }
-  }
-  const allRelevantFiles = analysis.files.filter((f) => allRelevantPaths.has(f.relativePath)).sort((a, b) => b.riskScore - a.riskScore);
-  const changedAnalyzed = allRelevantFiles.filter((f) => changedSet.has(f.relativePath));
-  const totalChangedTokens = changedAnalyzed.reduce((s, f) => s + f.tokens, 0);
-  const totalContextTokens = allRelevantFiles.reduce((s, f) => s + f.tokens, 0);
-  const riskSummary = {
-    critical: allRelevantFiles.filter((f) => f.riskScore >= 80).length,
-    high: allRelevantFiles.filter((f) => f.riskScore >= 60 && f.riskScore < 80).length,
-    medium: allRelevantFiles.filter((f) => f.riskScore >= 30 && f.riskScore < 60).length,
-    low: allRelevantFiles.filter((f) => f.riskScore < 30).length,
-    maxRiskFile: allRelevantFiles[0]?.relativePath ?? "",
-    maxRiskScore: allRelevantFiles[0]?.riskScore ?? 0
-  };
-  const renderedSummary = renderSummary(
-    analysis,
-    currentBranch,
-    baseBranch,
-    changedFiles,
-    dependencyFiles,
-    allRelevantFiles,
-    changedSet,
-    riskSummary,
-    totalChangedTokens,
-    totalContextTokens
-  );
-  return {
-    baseBranch,
-    currentBranch,
-    isGitRepo: true,
-    changedFiles,
-    dependencyFiles: dependencyFiles.filter((f) => allRelevantPaths.has(f)),
-    allRelevantFiles,
-    totalChangedTokens,
-    totalContextTokens,
-    riskSummary,
-    renderedSummary
-  };
-}
-function renderSummary(analysis, currentBranch, baseBranch, changedFiles, dependencyFiles, allRelevant, changedSet, risk, changedTokens, totalTokens) {
-  const lines = [];
-  lines.push(`## PR Context \u2014 ${analysis.projectName}`);
-  lines.push("");
-  lines.push(`**Branch:** ${currentBranch} \u2190 ${baseBranch}`);
-  lines.push(`**Changed:** ${changedFiles.length} files | **Dependencies:** ${dependencyFiles.length} files`);
-  lines.push(`**Tokens:** ~${Math.round(changedTokens / 1e3)}K changed + ~${Math.round((totalTokens - changedTokens) / 1e3)}K context = ~${Math.round(totalTokens / 1e3)}K total`);
-  lines.push("");
-  if (risk.critical > 0 || risk.high > 0) {
-    lines.push(`\u26A0\uFE0F **Risk:** ${risk.critical} critical + ${risk.high} high-risk files affected`);
-    lines.push(`**Highest risk:** ${risk.maxRiskFile} (score: ${risk.maxRiskScore})`);
-    lines.push("");
-  }
-  lines.push("### Changed Files");
-  lines.push("");
-  const sortedChanged = changedFiles.filter((c) => c.changeType !== "deleted").sort((a, b) => {
-    const fa = allRelevant.find((f) => f.relativePath === a.relativePath);
-    const fb = allRelevant.find((f) => f.relativePath === b.relativePath);
-    return (fb?.riskScore ?? 0) - (fa?.riskScore ?? 0);
-  });
-  for (const c of sortedChanged) {
-    const file = allRelevant.find((f) => f.relativePath === c.relativePath);
-    const risk2 = file ? ` risk:${file.riskScore}` : "";
-    const delta = c.linesAdded || c.linesRemoved ? ` (+${c.linesAdded}/-${c.linesRemoved})` : "";
-    const badge = c.changeType === "added" ? " \u{1F195}" : c.changeType === "renamed" ? " \u{1F4DD}" : "";
-    lines.push(`- \`${c.relativePath}\`${delta}${risk2}${badge}`);
-  }
-  const deleted = changedFiles.filter((c) => c.changeType === "deleted");
-  if (deleted.length > 0) {
-    lines.push("");
-    lines.push(`**Deleted:** ${deleted.map((d) => `\`${d.relativePath}\``).join(", ")}`);
-  }
-  if (dependencyFiles.length > 0) {
-    lines.push("");
-    lines.push("### Dependencies (included for context)");
-    lines.push("");
-    const depWithInfo = dependencyFiles.map((d) => {
-      const file = allRelevant.find((f) => f.relativePath === d);
-      return { path: d, riskScore: file?.riskScore ?? 0, tokens: file?.tokens ?? 0 };
-    }).sort((a, b) => b.riskScore - a.riskScore);
-    for (const d of depWithInfo) {
-      lines.push(`- \`${d.path}\` risk:${d.riskScore} ~${Math.round(d.tokens / 1e3)}K tokens`);
-    }
-  }
-  lines.push("");
-  lines.push("### Review Focus");
-  lines.push("");
-  lines.push("- Review changed files for correctness, especially high-risk files");
-  lines.push("- Dependencies are included for type/interface context \u2014 not for review");
-  lines.push(`- ${analysis.totalFiles - allRelevant.length} files excluded (not affected by this change)`);
-  return lines.join("\n");
-}
-function emptyResult(baseBranch) {
-  return {
-    baseBranch,
-    currentBranch: "",
-    isGitRepo: false,
-    changedFiles: [],
-    dependencyFiles: [],
-    allRelevantFiles: [],
-    totalChangedTokens: 0,
-    totalContextTokens: 0,
-    riskSummary: { critical: 0, high: 0, medium: 0, low: 0, maxRiskFile: "", maxRiskScore: 0 },
-    renderedSummary: "# PR Context\n\nNot a git repository."
-  };
-}
-
-// src/interact/orchestrator.ts
-import { randomUUID as randomUUID2 } from "crypto";
-
-// src/engine/selector.ts
-import { createHash as createHash4 } from "crypto";
-
-// src/govern/secrets.ts
-import { readFile as readFile4 } from "fs/promises";
-import { readFileSync, existsSync as existsSync3, mkdirSync, writeFileSync } from "fs";
-import { resolve as resolve7, relative as relative4, join as join6, dirname as dirname2 } from "path";
-import { createHash as createHash3 } from "crypto";
-var BUILTIN_PATTERNS = [
-  // API Keys
-  { type: "api-key", source: `(?:api[_-]?key|apikey)\\s*[:=]\\s*['"]?([a-zA-Z0-9_\\-]{20,})['"]?`, flags: "gi", severity: "critical", description: "API Key" },
-  { type: "api-key", source: "sk-[a-zA-Z0-9]{20,}", flags: "g", severity: "critical", description: "OpenAI/Anthropic API Key" },
-  { type: "api-key", source: "sk-ant-[a-zA-Z0-9\\-]{20,}", flags: "g", severity: "critical", description: "Anthropic API Key" },
-  // AWS
-  { type: "aws-key", source: "AKIA[0-9A-Z]{16}", flags: "g", severity: "critical", description: "AWS Access Key ID" },
-  { type: "aws-key", source: `(?:aws_secret_access_key|aws_secret)\\s*[:=]\\s*['"]?([a-zA-Z0-9/+=]{40})['"]?`, flags: "gi", severity: "critical", description: "AWS Secret Key" },
-  // Private Keys
-  { type: "private-key", source: "-----BEGIN (?:RSA |EC |DSA )?PRIVATE KEY-----", flags: "g", severity: "critical", description: "Private Key" },
-  { type: "private-key", source: "-----BEGIN OPENSSH PRIVATE KEY-----", flags: "g", severity: "critical", description: "SSH Private Key" },
-  // Passwords
-  { type: "password", source: `(?:password|passwd|pwd)\\s*[:=]\\s*['"]([^'"]{8,})['"](?!\\s*\\{)`, flags: "gi", severity: "high", description: "Hardcoded Password" },
-  { type: "password", source: `(?:DB_PASSWORD|DATABASE_PASSWORD|MYSQL_PASSWORD|POSTGRES_PASSWORD)\\s*[:=]\\s*['"]?([^'"{}\\s]{4,})['"]?`, flags: "gi", severity: "high", description: "Database Password" },
-  // Tokens
-  { type: "token", source: `(?:bearer|token|auth_token|access_token|refresh_token)\\s*[:=]\\s*['"]([a-zA-Z0-9_\\-.]{20,})['"](?!\\s*\\{)`, flags: "gi", severity: "high", description: "Auth Token" },
-  { type: "token", source: "ghp_[a-zA-Z0-9]{36}", flags: "g", severity: "critical", description: "GitHub Personal Access Token" },
-  { type: "token", source: "gho_[a-zA-Z0-9]{36}", flags: "g", severity: "critical", description: "GitHub OAuth Token" },
-  { type: "token", source: "glpat-[a-zA-Z0-9\\-]{20,}", flags: "g", severity: "critical", description: "GitLab Personal Access Token" },
-  { type: "token", source: "npm_[a-zA-Z0-9]{36}", flags: "g", severity: "high", description: "npm Token" },
-  // Connection strings
-  { type: "connection-string", source: `(?:mongodb(?:\\+srv)?|postgres(?:ql)?|mysql|redis|amqp):\\/\\/[^\\s'"]+:[^\\s'"]+@[^\\s'"]+`, flags: "gi", severity: "critical", description: "Database Connection String" },
-  { type: "connection-string", source: `(?:DATABASE_URL|REDIS_URL|MONGODB_URI)\\s*[:=]\\s*['"]?([^\\s'"]{10,})['"]?`, flags: "gi", severity: "high", description: "Database URL" },
-  // Environment variables with secrets
-  { type: "env-variable", source: `(?:SECRET|PRIVATE|ENCRYPTION)[_-]?(?:KEY|TOKEN|PASS)\\s*[:=]\\s*['"]?([^\\s'"]{8,})['"]?`, flags: "gi", severity: "high", description: "Secret Environment Variable" },
-  // Stripe
-  { type: "api-key", source: "sk_live_[a-zA-Z0-9]{24,}", flags: "g", severity: "critical", description: "Stripe Live Secret Key" },
-  { type: "api-key", source: "pk_live_[a-zA-Z0-9]{24,}", flags: "g", severity: "high", description: "Stripe Live Publishable Key" },
-  { type: "api-key", source: "rk_live_[a-zA-Z0-9]{24,}", flags: "g", severity: "critical", description: "Stripe Restricted Key" },
-  // Slack
-  { type: "token", source: "xoxb-[0-9]{10,}-[0-9]{10,}-[a-zA-Z0-9]{24,}", flags: "g", severity: "critical", description: "Slack Bot Token" },
-  { type: "token", source: "xoxp-[0-9]{10,}-[0-9]{10,}-[a-zA-Z0-9]{24,}", flags: "g", severity: "critical", description: "Slack User Token" },
-  { type: "api-key", source: "https://hooks\\.slack\\.com/services/T[a-zA-Z0-9_]+/B[a-zA-Z0-9_]+/[a-zA-Z0-9_]+", flags: "g", severity: "high", description: "Slack Webhook URL" },
-  // Google
-  { type: "api-key", source: "AIza[0-9A-Za-z_-]{35}", flags: "g", severity: "high", description: "Google API Key" },
-  { type: "token", source: "ya29\\.[0-9A-Za-z_-]+", flags: "g", severity: "high", description: "Google OAuth Token" },
-  // Azure
-  { type: "api-key", source: "(?:AccountKey|SharedAccessKey)\\s*=\\s*[a-zA-Z0-9+/=]{40,}", flags: "g", severity: "critical", description: "Azure Storage Key" },
-  // Twilio
-  { type: "api-key", source: "AC[a-f0-9]{32}", flags: "g", severity: "high", description: "Twilio Account SID" },
-  // SendGrid
-  { type: "api-key", source: "SG\\.[a-zA-Z0-9_-]{22}\\.[a-zA-Z0-9_-]{43}", flags: "g", severity: "critical", description: "SendGrid API Key" },
-  // JWT
-  { type: "token", source: "eyJ[a-zA-Z0-9_-]{10,}\\.eyJ[a-zA-Z0-9_-]{10,}\\.[a-zA-Z0-9_-]{10,}", flags: "g", severity: "high", description: "JSON Web Token" },
-  // Datadog
-  { type: "api-key", source: `(?:DD_API_KEY|DATADOG_API_KEY)\\s*[:=]\\s*['"]?([a-f0-9]{32})['"]?`, flags: "gi", severity: "critical", description: "Datadog API Key" },
-  { type: "api-key", source: `(?:DD_APP_KEY|DATADOG_APP_KEY)\\s*[:=]\\s*['"]?([a-f0-9]{40})['"]?`, flags: "gi", severity: "critical", description: "Datadog App Key" },
-  // Sentry
-  { type: "connection-string", source: "https://[a-f0-9]{32}@[a-z0-9]+\\.ingest\\.sentry\\.io/[0-9]+", flags: "g", severity: "high", description: "Sentry DSN" },
-  // Firebase
-  { type: "api-key", source: `(?:FIREBASE_API_KEY|FIREBASE_KEY)\\s*[:=]\\s*['"]?([a-zA-Z0-9_\\-]{30,})['"]?`, flags: "gi", severity: "high", description: "Firebase API Key" },
-  { type: "connection-string", source: `firebase[a-z]*:\\/\\/[^\\s'"]+`, flags: "gi", severity: "high", description: "Firebase URL" },
-  // Supabase
-  { type: "api-key", source: "sbp_[a-f0-9]{40}", flags: "g", severity: "critical", description: "Supabase Service Key" },
-  { type: "token", source: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\\.[a-zA-Z0-9_-]{20,}\\.[a-zA-Z0-9_-]{20,}", flags: "g", severity: "high", description: "Supabase Anon/Service JWT" },
-  // Vercel
-  { type: "token", source: `(?:VERCEL_TOKEN|VERCEL_API_TOKEN)\\s*[:=]\\s*['"]?([a-zA-Z0-9]{24,})['"]?`, flags: "gi", severity: "critical", description: "Vercel Token" },
-  // Heroku
-  { type: "api-key", source: `(?:HEROKU_API_KEY|HEROKU_TOKEN)\\s*[:=]\\s*['"]?([a-f0-9\\-]{36,})['"]?`, flags: "gi", severity: "critical", description: "Heroku API Key" },
-  // DigitalOcean
-  { type: "token", source: "dop_v1_[a-f0-9]{64}", flags: "g", severity: "critical", description: "DigitalOcean Personal Access Token" },
-  { type: "token", source: "doo_v1_[a-f0-9]{64}", flags: "g", severity: "critical", description: "DigitalOcean OAuth Token" },
-  // Mailgun
-  { type: "api-key", source: "key-[a-zA-Z0-9]{32}", flags: "g", severity: "high", description: "Mailgun API Key" },
-  // PII
-  { type: "pii", source: "\\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\\.[A-Z|a-z]{2,}\\b", flags: "g", severity: "medium", description: "Email Address (PII)" },
-  { type: "pii", source: "\\b(?!000|666|9\\d{2})(\\d{3})[-.]?(?!00)(\\d{2})[-.]?(?!0000)(\\d{4})\\b", flags: "g", severity: "high", description: "Possible SSN (PII)" }
-];
-var _cachedBuiltinPatterns = null;
-function getBuiltinPatterns() {
-  if (!_cachedBuiltinPatterns) {
-    _cachedBuiltinPatterns = BUILTIN_PATTERNS.map((def) => ({
-      type: def.type,
-      pattern: new RegExp(def.source, def.flags),
-      severity: def.severity,
-      description: def.description
-    }));
-  }
-  return _cachedBuiltinPatterns;
-}
-function buildPatterns(customPatterns = []) {
-  const builtins = getBuiltinPatterns();
-  if (customPatterns.length === 0) return builtins;
-  const patterns = [...builtins];
-  for (const custom of customPatterns) {
-    try {
-      patterns.push({
-        type: "custom",
-        pattern: new RegExp(custom, "gi"),
-        severity: "medium",
-        description: `Custom pattern: ${custom}`
-      });
-    } catch {
-    }
-  }
-  return patterns;
-}
-function scanContentForSecrets(content, filePath, customPatterns = [], extraPiiSafeDomains) {
-  const findings = [];
-  const lines = content.split("\n");
-  const allPatterns = buildPatterns(customPatterns);
-  for (const secretPattern of allPatterns) {
-    for (let i = 0; i < lines.length; i++) {
-      const line = lines[i];
-      secretPattern.pattern.lastIndex = 0;
-      let match;
-      while ((match = secretPattern.pattern.exec(line)) !== null) {
-        const matchText = match[0];
-        if (isTemplateOrPlaceholder(matchText)) continue;
-        if (secretPattern.type === "pii" && isSafeEmail(matchText, extraPiiSafeDomains)) continue;
-        findings.push({
-          type: secretPattern.type,
-          file: filePath,
-          line: i + 1,
-          match: matchText,
-          redacted: redactSecret(matchText),
-          severity: secretPattern.severity
-        });
-      }
-    }
-  }
-  return deduplicateFindings(findings);
-}
-async function scanFileForSecrets(filePath, projectPath, customPatterns = []) {
-  try {
-    const content = await readFile4(filePath, "utf-8");
-    const relPath = relative4(resolve7(projectPath), resolve7(filePath));
-    return scanContentForSecrets(content, relPath, customPatterns);
-  } catch {
-    return [];
-  }
-}
-function redactSecret(value) {
-  if (value.length <= 8) return "***REDACTED***";
-  const prefix = value.substring(0, 4);
-  const suffix = value.substring(value.length - 2);
-  return `${prefix}${"*".repeat(Math.min(value.length - 6, 20))}${suffix}`;
-}
-function isTemplateOrPlaceholder(value) {
-  const placeholders = [
-    /\$\{.*\}/,
-    /\{\{.*\}\}/,
-    /%[sd]/,
-    /<[A-Z_]+>/,
-    /YOUR_.*_HERE/i,
-    /\bCHANGE_ME\b/i,
-    /\bPLACEHOLDER\b/i,
-    /\bexample\b/i,
-    /\bTODO\b/i,
-    /xxx+/i,
-    /\breplace.?me\b/i,
-    /\bdummy\b/i,
-    /\btest_?key\b/i,
-    /\bsample\b/i
-  ];
-  return placeholders.some((p) => p.test(value));
-}
-var PII_SAFE_EMAIL_DOMAINS = /* @__PURE__ */ new Set([
-  "example.com",
-  "example.org",
-  "example.net",
-  "test.com",
-  "test.org",
-  "test.net",
-  "localhost",
-  "localhost.localdomain",
-  "email.com",
-  "mail.com",
-  "foo.com",
-  "bar.com",
-  "baz.com",
-  "acme.com",
-  "company.com",
-  "corp.com",
-  "noreply.com",
-  "no-reply.com",
-  "users.noreply.github.com",
-  "placeholder.com"
-]);
-function isSafeEmail(value, extraDomains) {
-  const match = value.match(/@([a-zA-Z0-9.-]+)$/);
-  if (!match) return false;
-  const domain = match[1].toLowerCase();
-  if (PII_SAFE_EMAIL_DOMAINS.has(domain)) return true;
-  if (extraDomains && extraDomains.has(domain)) return true;
-  return false;
-}
-function deduplicateFindings(findings) {
-  const seen = /* @__PURE__ */ new Set();
-  return findings.filter((f) => {
-    const key = `${f.file}:${f.line}:${f.type}:${f.match}`;
-    if (seen.has(key)) return false;
-    seen.add(key);
-    return true;
-  });
-}
-
-// src/engine/pruner.ts
-import { readFile as readFile5 } from "fs/promises";
-var TS_EXTENSIONS2 = /* @__PURE__ */ new Set(["ts", "tsx", "js", "jsx", "mts", "mjs"]);
-async function pruneFile(file, level) {
-  if (level === "excluded") {
-    return emptyResult2(file, "excluded");
-  }
-  if (level === "full") {
-    return fullContent(file);
-  }
-  const ext = file.extension.toLowerCase();
-  const isTS = TS_EXTENSIONS2.has(ext);
-  if (isTS) {
-    return pruneTypeScript(file, level);
-  }
-  return pruneGeneric(file, level);
-}
-async function pruneTypeScript(file, level) {
-  let content;
-  try {
-    content = await readFile5(file.path, "utf-8");
-  } catch {
-    return emptyResult2(file, level);
-  }
-  const prunedContent = level === "signatures" ? extractSignaturesRegex(content) : extractSkeletonRegex(content);
-  const prunedTokens = countTokensChars4(Buffer.byteLength(prunedContent, "utf-8"));
-  const savingsPercent = file.tokens > 0 ? (file.tokens - prunedTokens) / file.tokens * 100 : 0;
-  return {
-    relativePath: file.relativePath,
-    originalTokens: file.tokens,
-    prunedTokens,
-    pruneLevel: level,
-    content: prunedContent,
-    savingsPercent: Math.max(0, savingsPercent)
-  };
-}
-function extractSignaturesRegex(content) {
-  const lines = content.split("\n");
-  const parts = [];
-  let i = 0;
-  while (i < lines.length) {
-    const line = lines[i];
-    const trimmed = line.trim();
-    if (trimmed === "") {
-      i++;
-      continue;
-    }
-    if (trimmed.startsWith("/**")) {
-      const docLines = [];
-      while (i < lines.length) {
-        docLines.push(lines[i]);
-        if (lines[i].includes("*/")) {
-          i++;
-          break;
-        }
-        i++;
-      }
-      parts.push(docLines.join("\n"));
-      continue;
-    }
-    if (trimmed.startsWith("//")) {
-      parts.push(line);
-      i++;
-      continue;
-    }
-    if (/^\s*(import|export)\s/.test(line) && (trimmed.includes(" from ") || trimmed.startsWith("import "))) {
-      const block = collectBracedLine(lines, i);
-      parts.push(block.text);
-      i = block.nextIndex;
-      continue;
-    }
-    if (/^\s*export\s*(\{|\*)/.test(trimmed)) {
-      const block = collectBracedLine(lines, i);
-      parts.push(block.text);
-      i = block.nextIndex;
-      continue;
-    }
-    if (/^\s*(export\s+)?type\s+\w/.test(trimmed) && !trimmed.startsWith("typeof")) {
-      const block = collectBalanced(lines, i);
-      parts.push(block.text);
-      i = block.nextIndex;
-      continue;
-    }
-    if (/^\s*(export\s+)?interface\s+\w/.test(trimmed)) {
-      const block = collectBalanced(lines, i);
-      parts.push(block.text);
-      i = block.nextIndex;
-      continue;
-    }
-    if (/^\s*(export\s+)?(const\s+)?enum\s+\w/.test(trimmed)) {
-      const block = collectBalanced(lines, i);
-      parts.push(block.text);
-      i = block.nextIndex;
-      continue;
-    }
-    const fnMatch = trimmed.match(/^(export\s+)?(async\s+)?function\s+(\w+)/);
-    if (fnMatch) {
-      const sig = extractFnSignature(lines, i);
-      parts.push(`${sig} { /* ... */ }`);
-      i = skipBlock(lines, i);
-      continue;
-    }
-    const arrowMatch = trimmed.match(/^(export\s+)?(const|let|var)\s+(\w+)/);
-    if (arrowMatch && looksLikeFunctionDecl(lines, i)) {
-      const prefix = trimmed.match(/^((?:export\s+)?(?:const|let|var)\s+\w+[^=]*=)/)?.[1];
-      if (prefix) {
-        parts.push(`${prefix} /* ... */;`);
-      }
-      i = skipBlock(lines, i);
-      continue;
-    }
-    if (arrowMatch) {
-      const block = collectStatement(lines, i);
-      parts.push(block.text);
-      i = block.nextIndex;
-      continue;
-    }
-    if (/^\s*(export\s+)?(abstract\s+)?class\s+\w/.test(trimmed)) {
-      const classOutline = extractClassOutline(lines, i);
-      parts.push(classOutline.text);
-      i = classOutline.nextIndex;
-      continue;
-    }
-    i++;
-  }
-  return parts.join("\n");
-}
-function extractSkeletonRegex(content) {
-  const lines = content.split("\n");
-  const parts = [];
-  let i = 0;
-  while (i < lines.length) {
-    const trimmed = lines[i].trim();
-    if (/^import\s/.test(trimmed)) {
-      const block = collectBracedLine(lines, i);
-      parts.push(block.text);
-      i = block.nextIndex;
-      continue;
-    }
-    if (/^export\s+(type|interface)\s+\w/.test(trimmed)) {
-      const block = collectBalanced(lines, i);
-      parts.push(block.text);
-      i = block.nextIndex;
-      continue;
-    }
-    if (/^export\s+(const\s+)?enum\s+\w/.test(trimmed)) {
-      const block = collectBalanced(lines, i);
-      parts.push(block.text);
-      i = block.nextIndex;
-      continue;
-    }
-    if (/^export\s+(async\s+)?function\s+\w/.test(trimmed)) {
-      const sig = extractFnSignature(lines, i);
-      parts.push(`${sig};`);
-      i = skipBlock(lines, i);
-      continue;
-    }
-    if (/^export\s+(abstract\s+)?class\s+/.test(trimmed)) {
-      const nameMatch = trimmed.match(/class\s+(\w+)/);
-      const name = nameMatch?.[1] ?? "Unknown";
-      const end = skipBlock(lines, i);
-      const methods = [];
-      for (let j = i + 1; j < end; j++) {
-        const mt = lines[j].trim();
-        const mm = mt.match(/^(?:static\s+)?(?:async\s+)?(\w+)\s*\(/);
-        if (mm && mm[1] !== "constructor") methods.push(mm[1]);
-      }
-      parts.push(`export class ${name} { /* methods: ${methods.join(", ")} */ }`);
-      i = end;
-      continue;
-    }
-    if (/^export\s*(\{|\*)/.test(trimmed)) {
-      const block = collectBracedLine(lines, i);
-      parts.push(block.text);
-      i = block.nextIndex;
-      continue;
-    }
-    i++;
-  }
-  return parts.join("\n");
-}
-function collectBracedLine(lines, start) {
-  let text = lines[start];
-  let i = start + 1;
-  while (i < lines.length && !text.includes(";") && !text.trimEnd().endsWith("'") && !text.trimEnd().endsWith('"')) {
-    text += "\n" + lines[i];
-    i++;
-  }
-  return { text, nextIndex: i };
-}
-function collectBalanced(lines, start) {
-  let depth = 0;
-  let text = "";
-  let i = start;
-  let started = false;
-  while (i < lines.length) {
-    const line = lines[i];
-    text += (text ? "\n" : "") + line;
-    for (const ch of line) {
-      if (ch === "{" || ch === "(") {
-        depth++;
-        started = true;
-      }
-      if (ch === "}" || ch === ")") depth--;
-    }
-    i++;
-    if (started && depth <= 0) break;
-    if (!started && line.includes(";")) break;
-  }
-  return { text, nextIndex: i };
-}
-function collectStatement(lines, start) {
-  let text = lines[start];
-  let i = start + 1;
-  if (text.includes(";")) return { text, nextIndex: i };
-  let depth = 0;
-  for (const ch of text) {
-    if (ch === "{" || ch === "(" || ch === "[") depth++;
-    if (ch === "}" || ch === ")" || ch === "]") depth--;
-  }
-  while (i < lines.length && depth > 0) {
-    text += "\n" + lines[i];
-    for (const ch of lines[i]) {
-      if (ch === "{" || ch === "(" || ch === "[") depth++;
-      if (ch === "}" || ch === ")" || ch === "]") depth--;
-    }
-    i++;
-  }
-  return { text, nextIndex: i };
-}
-function extractFnSignature(lines, start) {
-  let sig = "";
-  let i = start;
-  while (i < lines.length) {
-    const line = lines[i].trim();
-    sig += (sig ? " " : "") + line;
-    if (line.includes("{")) {
-      sig = sig.replace(/\s*\{[^]*$/, "").trim();
-      break;
-    }
-    i++;
-  }
-  return sig;
-}
-function skipBlock(lines, start) {
-  let depth = 0;
-  let i = start;
-  let foundBrace = false;
-  while (i < lines.length) {
-    for (const ch of lines[i]) {
-      if (ch === "{") {
-        depth++;
-        foundBrace = true;
-      }
-      if (ch === "}") depth--;
-    }
-    i++;
-    if (foundBrace && depth <= 0) break;
-    if (!foundBrace && lines[i - 1].includes(";")) break;
-  }
-  return i;
-}
-function looksLikeFunctionDecl(lines, start) {
-  const chunk = lines.slice(start, Math.min(start + 5, lines.length)).join(" ");
-  return /=>/.test(chunk) || /=\s*function/.test(chunk);
-}
-function extractClassOutline(lines, start) {
-  const header = lines[start].trim();
-  let headerText = header;
-  let i = start + 1;
-  if (!header.includes("{")) {
-    while (i < lines.length) {
-      headerText += " " + lines[i].trim();
-      if (lines[i].includes("{")) {
-        i++;
-        break;
-      }
-      i++;
-    }
-  } else {
-    i = start + 1;
-  }
-  const bodyParts = [headerText.replace(/\{[^]*$/, "{").trim()];
-  let depth = 1;
-  while (i < lines.length && depth > 0) {
-    const line = lines[i];
-    const trimmed = line.trim();
-    for (const ch of line) {
-      if (ch === "{") depth++;
-      if (ch === "}") depth--;
-    }
-    if (depth <= 0) {
-      i++;
-      break;
-    }
-    if (depth === 1) {
-      if (/^(private|protected|public|readonly|static|#)/.test(trimmed) && !trimmed.includes("(")) {
-        bodyParts.push(`  ${trimmed}`);
-      } else if (/^constructor\s*\(/.test(trimmed)) {
-        const sig = extractFnSignature(lines, i);
-        bodyParts.push(`  ${sig} { /* ... */ }`);
-      } else if (/^(?:static\s+)?(?:async\s+)?(?:get\s+|set\s+)?\w+\s*[(<]/.test(trimmed) && !trimmed.startsWith("//")) {
-        const sig = extractFnSignature(lines, i);
-        bodyParts.push(`  ${sig} { /* ... */ }`);
-      }
-    }
-    i++;
-  }
-  bodyParts.push("}");
-  return { text: bodyParts.join("\n"), nextIndex: i };
-}
-async function pruneGeneric(file, level) {
-  let content;
-  try {
-    content = await readFile5(file.path, "utf-8");
-  } catch {
-    return emptyResult2(file, level);
-  }
-  return pruneGenericFromContent(file, content, level);
-}
-function pruneGenericFromContent(file, content, level) {
-  const lines = content.split("\n");
-  let result;
-  if (level === "signatures") {
-    result = lines.filter((line) => {
-      const t = line.trim();
-      return t === "" || t.startsWith("#") || t.startsWith("//") || t.startsWith("import ") || t.startsWith("from ") || t.startsWith("export ") || t.startsWith("def ") || t.startsWith("async def ") || t.startsWith("class ") || t.startsWith("function ") || t.startsWith("const ") || t.startsWith("let ") || t.startsWith("var ") || /^(pub |fn |struct |enum |impl |mod |use )/.test(t);
-    });
-  } else {
-    result = lines.filter((line) => {
-      const t = line.trim();
-      return t.startsWith("import ") || t.startsWith("from ") || t.startsWith("export ") || t.startsWith("def ") || t.startsWith("class ") || t.startsWith("function ") || /^(pub |fn |struct |enum |mod |use )/.test(t);
-    });
-  }
-  const prunedContent = result.join("\n");
-  const prunedTokens = countTokensChars4(Buffer.byteLength(prunedContent, "utf-8"));
-  const savingsPercent = file.tokens > 0 ? (file.tokens - prunedTokens) / file.tokens * 100 : 0;
-  return {
-    relativePath: file.relativePath,
-    originalTokens: file.tokens,
-    prunedTokens,
-    pruneLevel: level,
-    content: prunedContent,
-    savingsPercent: Math.max(0, savingsPercent)
-  };
-}
-async function fullContent(file) {
-  let content = "";
-  try {
-    content = await readFile5(file.path, "utf-8");
-  } catch {
-  }
-  return {
-    relativePath: file.relativePath,
-    originalTokens: file.tokens,
-    prunedTokens: file.tokens,
-    pruneLevel: "full",
-    content,
-    savingsPercent: 0
-  };
-}
-function emptyResult2(file, level) {
-  return {
-    relativePath: file.relativePath,
-    originalTokens: file.tokens,
-    prunedTokens: 0,
-    pruneLevel: level,
-    content: "",
-    savingsPercent: 100
-  };
-}
-
-// src/engine/coverage.ts
-function calculateCoverage(targetPaths, includedPaths, allFiles, graph, depth = 2) {
-  const adj = buildAdjacencyList(graph.edges);
-  const relevantSet = targetPaths.length > 0 ? bfsBidirectional(targetPaths, adj, depth) : /* @__PURE__ */ new Set();
-  const includedSet = new Set(includedPaths);
-  const tempFileMap = new Map(allFiles.map((f) => [f.relativePath, f]));
-  for (const path of includedPaths) {
-    const file = tempFileMap.get(path);
-    if (!file) continue;
-    for (const imp of file.imports) {
-      const impFile = tempFileMap.get(imp);
-      if (impFile && impFile.kind === "type") {
-        relevantSet.add(imp);
-      }
-    }
-  }
-  const relevantFiles = Array.from(relevantSet);
-  const includedRelevant = relevantFiles.filter((f) => includedSet.has(f));
-  const missingRelevant = relevantFiles.filter((f) => !includedSet.has(f));
-  const missingCritical = missingRelevant.filter((f) => {
-    const file = tempFileMap.get(f);
-    return file && (file.exclusionImpact === "critical" || file.exclusionImpact === "high");
-  });
-  const fileMap = new Map(allFiles.map((f) => [f.relativePath, f]));
-  let totalRelevantRisk = 0;
-  let includedRelevantRisk = 0;
-  for (const f of relevantFiles) {
-    const risk = fileMap.get(f)?.riskScore ?? 1;
-    totalRelevantRisk += risk;
-    if (includedSet.has(f)) {
-      includedRelevantRisk += risk;
-    }
-  }
-  const score = totalRelevantRisk > 0 ? Math.round(includedRelevantRisk / totalRelevantRisk * 100) : relevantFiles.length > 0 ? Math.round(includedRelevant.length / relevantFiles.length * 100) : 100;
-  let explanation;
-  if (score >= 90) {
-    explanation = `Excellent coverage (${score}%): AI has nearly all relevant context.`;
-  } else if (score >= 70) {
-    explanation = `Good coverage (${score}%): Most relevant files included.`;
-    if (missingCritical.length > 0) {
-      explanation += ` Warning: ${missingCritical.length} critical file(s) missing.`;
-    }
-  } else if (score >= 50) {
-    explanation = `Partial coverage (${score}%): Significant context is missing.`;
-    if (missingCritical.length > 0) {
-      explanation += ` ${missingCritical.length} critical file(s) not included \u2014 AI quality will degrade.`;
-    }
-  } else {
-    explanation = `Low coverage (${score}%): Most relevant files are excluded. AI response quality will be poor.`;
-  }
-  return {
-    score,
-    relevantFiles,
-    includedRelevant,
-    missingRelevant,
-    missingCritical,
-    explanation
-  };
-}
-
-// src/engine/budget.ts
-function getPruneLevelForRisk(riskScore) {
-  if (riskScore >= 80) return "full";
-  if (riskScore >= 60) return "full";
-  if (riskScore >= 30) return "signatures";
-  return "skeleton";
-}
-
-// src/engine/selector.ts
-async function selectContext(input) {
-  const { task, analysis, budget, policies, depth = 2 } = input;
-  const decisions = [];
-  const targetPaths = identifyTargetFiles(task, analysis.files);
-  if (targetPaths.length > 0) {
-    decisions.push({
-      file: targetPaths.join(", "),
-      action: "include-full",
-      reason: `Target file(s) identified from task description`
-    });
-  }
-  const adj = buildAdjacencyList(analysis.graph.edges);
-  const expandedPaths = targetPaths.length > 0 ? Array.from(bfsBidirectional(targetPaths, adj, depth)) : [];
-  const expansionCount = expandedPaths.length - targetPaths.length;
-  if (expansionCount > 0) {
-    decisions.push({
-      file: `${expansionCount} dependencies`,
-      action: "include-full",
-      reason: `Expanded ${targetPaths.length} target(s) to ${expandedPaths.length} files via dependency graph (depth ${depth})`
-    });
-  }
-  const allFileMap = new Map(analysis.files.map((f) => [f.relativePath, f]));
-  if (targetPaths.length > 0) {
-    for (const path of expandedPaths) {
-      const file = allFileMap.get(path);
-      if (!file) continue;
-      for (const imp of file.imports) {
-        const impFile = allFileMap.get(imp);
-        if (impFile && impFile.kind === "type") {
-          expandedPaths.push(imp);
-        }
-      }
-    }
-  }
-  const { mustInclude, mustExclude } = applyPolicies(analysis.files, policies);
-  const candidateSet = /* @__PURE__ */ new Set([...expandedPaths, ...mustInclude]);
-  if (targetPaths.length === 0) {
-    for (const f of analysis.files) {
-      candidateSet.add(f.relativePath);
-    }
-  }
-  for (const ex of mustExclude) {
-    candidateSet.delete(ex);
-    decisions.push({
-      file: ex,
-      action: "exclude",
-      reason: "Excluded by policy"
-    });
-  }
-  const hasSecretBlock = policies?.rules.some(
-    (r) => r.type === "secret-block" && r.enabled
-  );
-  if (hasSecretBlock) {
-    for (const path of Array.from(candidateSet)) {
-      const file = allFileMap.get(path);
-      if (!file) continue;
-      const findings = await scanFileForSecrets(
-        file.path,
-        analysis.projectPath
-      );
-      if (findings.length > 0) {
-        candidateSet.delete(path);
-        decisions.push({
-          file: path,
-          action: "exclude",
-          reason: `Blocked: ${findings.length} secret(s) detected (${findings.map((f) => f.type).join(", ")})`
-        });
-      }
-    }
-  }
-  const candidates = Array.from(candidateSet).map((p) => allFileMap.get(p)).filter((f) => f !== void 0).sort((a, b) => {
-    const aIsTarget = targetPaths.includes(a.relativePath) ? 0 : 1;
-    const bIsTarget = targetPaths.includes(b.relativePath) ? 0 : 1;
-    if (aIsTarget !== bIsTarget) return aIsTarget - bIsTarget;
-    const aIsMust = mustInclude.has(a.relativePath) ? 0 : 1;
-    const bIsMust = mustInclude.has(b.relativePath) ? 0 : 1;
-    if (aIsMust !== bIsMust) return aIsMust - bIsMust;
-    return b.riskScore - a.riskScore;
-  });
-  const selectedFiles = [];
-  let usedTokens = 0;
-  for (const file of candidates) {
-    const isTarget = targetPaths.includes(file.relativePath);
-    const isMustInclude = mustInclude.has(file.relativePath);
-    const defaultLevel = isTarget ? "full" : getPruneLevelForRisk(file.riskScore);
-    const levels = getCascadeLevels(defaultLevel);
-    let included = false;
-    for (const level of levels) {
-      if (level === "excluded") break;
-      let tokens;
-      if (level === "full") {
-        tokens = file.tokens;
-      } else {
-        const pruned = await pruneFile(file, level);
-        tokens = pruned.prunedTokens;
-      }
-      if (usedTokens + tokens <= budget) {
-        usedTokens += tokens;
-        selectedFiles.push({
-          relativePath: file.relativePath,
-          tokens,
-          originalTokens: file.tokens,
-          pruneLevel: level,
-          riskScore: file.riskScore,
-          reason: buildReason(file, level, isTarget, isMustInclude)
-        });
-        if (level !== defaultLevel) {
-          decisions.push({
-            file: file.relativePath,
-            action: `include-${level}`,
-            reason: `Downgraded from ${defaultLevel} to ${level} due to budget constraint`,
-            alternatives: `Would need ${file.tokens - tokens} more tokens for ${defaultLevel}`
-          });
-        }
-        included = true;
-        break;
-      }
-    }
-    if (!included) {
-      decisions.push({
-        file: file.relativePath,
-        action: "exclude",
-        reason: `Budget exhausted (risk: ${file.riskScore}, needs ${file.tokens} tokens)`
-      });
-    }
-  }
-  const includedPaths = selectedFiles.map((f) => f.relativePath);
-  const coverage = calculateCoverage(
-    targetPaths,
-    includedPaths,
-    analysis.files,
-    analysis.graph,
-    depth
-  );
-  const includedSet = new Set(includedPaths);
-  const excludedFiles = analysis.files.filter(
-    (f) => !includedSet.has(f.relativePath)
-  );
-  const excludedRisk = excludedFiles.length > 0 ? Math.round(excludedFiles.reduce((s, f) => s + f.riskScore, 0) / excludedFiles.length) : 0;
-  const hashInput = selectedFiles.map((f) => `${f.relativePath}:${f.pruneLevel}`).sort().join("|") + `|budget:${budget}`;
-  const hash = createHash4("sha256").update(hashInput).digest("hex").substring(0, 16);
-  return {
-    files: selectedFiles,
-    totalTokens: usedTokens,
-    budget,
-    usedPercent: budget > 0 ? Math.round(usedTokens / budget * 100 * 10) / 10 : 0,
-    coverage,
-    riskScore: excludedRisk,
-    deterministic: true,
-    hash,
-    decisions
-  };
-}
-function identifyTargetFiles(task, files) {
-  const targets = [];
-  const pathPattern = /(?:^|\s|["'`])([.\w/-]+\.[a-zA-Z]{1,4})(?:\s|$|["'`]|,|:)/g;
-  let match;
-  while ((match = pathPattern.exec(task)) !== null) {
-    const candidate = match[1];
-    const found = files.find(
-      (f) => f.relativePath === candidate || f.relativePath.endsWith(candidate)
-    );
-    if (found && !targets.includes(found.relativePath)) {
-      targets.push(found.relativePath);
-    }
-  }
-  return targets;
-}
-function applyPolicies(files, policies) {
-  const mustInclude = /* @__PURE__ */ new Set();
-  const mustExclude = /* @__PURE__ */ new Set();
-  if (!policies) return { mustInclude, mustExclude };
-  for (const rule of policies.rules) {
-    if (!rule.enabled) continue;
-    if (rule.type === "include-always" && rule.pattern) {
-      for (const file of files) {
-        if (matchGlob(file.relativePath, rule.pattern)) {
-          mustInclude.add(file.relativePath);
-        }
-      }
-    }
-    if (rule.type === "exclude-always" && rule.pattern) {
-      for (const file of files) {
-        if (matchGlob(file.relativePath, rule.pattern)) {
-          mustExclude.add(file.relativePath);
-        }
-      }
-    }
-  }
-  return { mustInclude, mustExclude };
-}
-function getCascadeLevels(startLevel) {
-  const all = ["full", "signatures", "skeleton", "excluded"];
-  const startIdx = all.indexOf(startLevel);
-  return all.slice(startIdx);
-}
-function buildReason(file, level, isTarget, isMustInclude) {
-  if (isTarget) return "Target file";
-  if (isMustInclude) return "Required by policy";
-  const impact = file.exclusionImpact;
-  const levelStr = level === "full" ? "full content" : level;
-  if (impact === "critical") return `Critical dependency (risk ${file.riskScore}) \u2014 ${levelStr}`;
-  if (impact === "high") return `High-risk dependency (risk ${file.riskScore}) \u2014 ${levelStr}`;
-  if (impact === "medium") return `Medium relevance (risk ${file.riskScore}) \u2014 ${levelStr}`;
-  return `Low relevance (risk ${file.riskScore}) \u2014 ${levelStr}`;
-}
-
-// src/interact/router.ts
-var MODEL_REGISTRY = [
-  {
-    id: "claude-haiku-3.5",
-    name: "Claude 3.5 Haiku",
-    tier: "fast",
-    pricing: { inputPerMillion: 0.8, outputPerMillion: 4, cacheReadPerMillion: 0.08 },
-    contextWindow: 2e5,
-    strengths: ["speed", "simple-tasks", "low-cost"]
-  },
-  {
-    id: "claude-sonnet-4",
-    name: "Claude Sonnet 4",
-    tier: "balanced",
-    pricing: { inputPerMillion: 3, outputPerMillion: 15, cacheReadPerMillion: 0.3 },
-    contextWindow: 2e5,
-    strengths: ["code-generation", "refactoring", "balanced-reasoning"]
-  },
-  {
-    id: "claude-opus-4",
-    name: "Claude Opus 4",
-    tier: "reasoning",
-    pricing: { inputPerMillion: 15, outputPerMillion: 75, cacheReadPerMillion: 1.5 },
-    contextWindow: 2e5,
-    strengths: ["deep-reasoning", "architecture", "complex-debugging"]
-  }
-];
-var ROUTING_RULES = [
-  {
-    task: "simple-edit",
-    defaultModel: "claude-haiku-3.5",
-    upgradeIf: () => false,
-    upgradeTo: "claude-haiku-3.5",
-    reason: "Simple edits are best handled by fast models",
-    upgradeReason: ""
-  },
-  {
-    task: "docs",
-    defaultModel: "claude-haiku-3.5",
-    upgradeIf: (a) => a.totalTokens > 1e5,
-    upgradeTo: "claude-sonnet-4",
-    reason: "Documentation tasks are straightforward",
-    upgradeReason: "Large codebase \u2014 Sonnet provides better understanding"
-  },
-  {
-    task: "test",
-    defaultModel: "claude-sonnet-4",
-    upgradeIf: (a) => a.riskProfile.overallComplexity > 15,
-    upgradeTo: "claude-opus-4",
-    reason: "Test generation requires good code understanding",
-    upgradeReason: "High complexity codebase \u2014 Opus for better test coverage"
-  },
-  {
-    task: "debug",
-    defaultModel: "claude-sonnet-4",
-    upgradeIf: (a) => a.riskProfile.distribution.critical > 5,
-    upgradeTo: "claude-opus-4",
-    reason: "Debugging requires solid reasoning about code flow",
-    upgradeReason: "Many critical files involved \u2014 Opus for deeper analysis"
-  },
-  {
-    task: "refactor",
-    defaultModel: "claude-sonnet-4",
-    upgradeIf: (a) => a.totalFiles > 50 && a.riskProfile.overallComplexity > 10,
-    upgradeTo: "claude-opus-4",
-    reason: "Refactoring needs good structural understanding",
-    upgradeReason: "Large + complex project \u2014 Opus for safer refactoring"
-  },
-  {
-    task: "review",
-    defaultModel: "claude-sonnet-4",
-    upgradeIf: (a) => a.riskProfile.distribution.critical > 3,
-    upgradeTo: "claude-opus-4",
-    reason: "Code review benefits from balanced reasoning",
-    upgradeReason: "Critical code under review \u2014 Opus for thorough analysis"
-  },
-  {
-    task: "feature",
-    defaultModel: "claude-sonnet-4",
-    upgradeIf: (a) => a.totalFiles > 100,
-    upgradeTo: "claude-opus-4",
-    reason: "Feature development needs code generation + understanding",
-    upgradeReason: "Large codebase \u2014 Opus for better integration"
-  },
-  {
-    task: "architecture",
-    defaultModel: "claude-opus-4",
-    upgradeIf: () => false,
-    upgradeTo: "claude-opus-4",
-    reason: "Architecture decisions require deep reasoning",
-    upgradeReason: ""
-  }
-];
-var TASK_KEYWORDS = {
-  debug: ["debug", "fix", "bug", "error", "issue", "broken", "crash", "failing", "wrong"],
-  review: ["review", "check", "assess", "evaluate", "audit", "inspect", "critique"],
-  refactor: ["refactor", "restructure", "reorganize", "clean up", "simplify", "extract", "move"],
-  test: ["test", "spec", "coverage", "unit test", "integration test", "e2e"],
-  docs: ["document", "docs", "readme", "jsdoc", "comment", "explain"],
-  feature: ["add", "implement", "create", "build", "new", "feature", "endpoint"],
-  architecture: ["architecture", "design", "system", "structure", "migrate", "pattern"],
-  "simple-edit": ["rename", "typo", "update", "change", "modify", "tweak", "adjust"]
-};
-function classifyTask(taskDescription) {
-  const lower = taskDescription.toLowerCase();
-  let bestType = "simple-edit";
-  let bestScore = 0;
-  for (const [type, keywords] of Object.entries(TASK_KEYWORDS)) {
-    let score = 0;
-    for (const kw of keywords) {
-      if (lower.includes(kw)) score++;
-    }
-    if (score > bestScore) {
-      bestScore = score;
-      bestType = type;
-    }
-  }
-  return bestType;
-}
-function routeModel(taskType, analysis, preferredModel) {
-  if (preferredModel) {
-    const spec = MODEL_REGISTRY.find((m) => m.id === preferredModel);
-    if (spec) {
-      return {
-        model: preferredModel,
-        reason: "User-specified model",
-        confidence: 1,
-        alternatives: buildAlternatives(preferredModel, taskType)
-      };
-    }
-  }
-  const rule = ROUTING_RULES.find((r) => r.task === taskType);
-  if (!rule) {
-    return {
-      model: "claude-sonnet-4",
-      reason: "Default model for unrecognized task type",
-      confidence: 0.5,
-      alternatives: buildAlternatives("claude-sonnet-4", taskType)
-    };
-  }
-  const shouldUpgrade = rule.upgradeIf(analysis);
-  const model = shouldUpgrade ? rule.upgradeTo : rule.defaultModel;
-  const reason = shouldUpgrade ? rule.upgradeReason : rule.reason;
-  return {
-    model,
-    reason,
-    confidence: shouldUpgrade ? 0.8 : 0.9,
-    alternatives: buildAlternatives(model, taskType)
-  };
-}
-function buildAlternatives(chosenModel, taskType) {
-  return MODEL_REGISTRY.filter((m) => m.id !== chosenModel).map((m) => {
-    const chosen = MODEL_REGISTRY.find((r) => r.id === chosenModel);
-    const costDelta = m.pricing.inputPerMillion - chosen.pricing.inputPerMillion;
-    const tradeoff = costDelta > 0 ? `More capable but ${(costDelta / chosen.pricing.inputPerMillion * 100).toFixed(0)}% more expensive` : `${Math.abs(costDelta / chosen.pricing.inputPerMillion * 100).toFixed(0)}% cheaper but less capable`;
-    return { model: m.id, costDelta, tradeoff };
-  });
-}
-function getModelSpec(modelId) {
-  return MODEL_REGISTRY.find((m) => m.id === modelId);
-}
-
-// src/interact/estimator.ts
-function estimateCost(modelId, inputTokens, totalProjectTokens, estimatedOutputRatio = 0.3) {
-  const spec = getModelSpec(modelId) ?? MODEL_REGISTRY[1];
-  const estimatedOutputTokens = Math.round(inputTokens * estimatedOutputRatio);
-  const inputCost = inputTokens / 1e6 * spec.pricing.inputPerMillion;
-  const outputCost = estimatedOutputTokens / 1e6 * spec.pricing.outputPerMillion;
-  const totalCost = inputCost + outputCost;
-  const woInputCost = totalProjectTokens / 1e6 * spec.pricing.inputPerMillion;
-  const woOutputCost = Math.round(totalProjectTokens * estimatedOutputRatio) / 1e6 * spec.pricing.outputPerMillion;
-  const woTotalCost = woInputCost + woOutputCost;
-  const tokensSaved = totalProjectTokens - inputTokens;
-  const costSaved = woTotalCost - totalCost;
-  const savingsPercent = woTotalCost > 0 ? costSaved / woTotalCost * 100 : 0;
-  return {
-    model: modelId,
-    inputTokens,
-    estimatedOutputTokens,
-    inputCost: round(inputCost),
-    outputCost: round(outputCost),
-    totalCost: round(totalCost),
-    formatted: formatCost(totalCost),
-    withoutOptimization: {
-      inputTokens: totalProjectTokens,
-      totalCost: round(woTotalCost),
-      formatted: formatCost(woTotalCost)
-    },
-    savings: {
-      tokensSaved: Math.max(0, tokensSaved),
-      costSaved: round(Math.max(0, costSaved)),
-      percent: Math.max(0, Math.round(savingsPercent)),
-      formatted: costSaved > 0 ? `saved ${formatCost(costSaved)} (${Math.round(savingsPercent)}%)` : "no savings"
-    }
-  };
-}
-function round(n) {
-  return Math.round(n * 1e6) / 1e6;
-}
-function formatCost(cost) {
-  if (cost < 1e-3) return "<$0.001";
-  if (cost < 0.01) return `$${cost.toFixed(4)}`;
-  if (cost < 1) return `$${cost.toFixed(3)}`;
-  return `$${cost.toFixed(2)}`;
-}
-
-// src/interact/prompt.ts
-function buildPrompt(options) {
-  const {
-    task,
-    taskType,
-    analysis,
-    selection,
-    enableCoT = true,
-    enableConstraints = true,
-    enableAntiHallucination = true
-  } = options;
-  const sections = [];
-  sections.push(buildSystemSection(analysis.stack, taskType));
-  sections.push(buildContextSection(analysis, selection));
-  sections.push(buildTaskSection(task, taskType));
-  if (enableConstraints) {
-    sections.push(buildConstraintsSection(analysis.stack, taskType));
-  }
-  if (enableCoT) {
-    sections.push(buildCoTSection(taskType));
-  }
-  if (enableAntiHallucination) {
-    sections.push(buildAntiHallucinationSection());
-  }
-  sections.push(buildFormatSection(taskType));
-  const rendered = sections.map((s) => s.content).join("\n\n---\n\n");
-  const totalTokens = sections.reduce((s, sec) => s + sec.tokens, 0);
-  return { sections, totalTokens, rendered };
-}
-function buildSystemSection(stack, taskType) {
-  const stackStr = stack.length > 0 ? stack.join(", ") : "software";
-  const taskRole = TASK_ROLES[taskType] ?? "engineer";
-  const content = [
-    `You are a senior ${stackStr} ${taskRole} with deep expertise in clean architecture, testing, and production-quality code.`,
-    "You prioritize correctness, readability, and maintainability.",
-    "You never make assumptions without evidence from the code."
-  ].join(" ");
-  return makeSection("system", "system", content);
-}
-function buildContextSection(analysis, selection) {
-  const lines = [];
-  lines.push(`## Project: ${analysis.projectName}`);
-  lines.push(`Stack: ${analysis.stack.join(", ") || "Unknown"}`);
-  lines.push(`Files analyzed: ${analysis.totalFiles} | Tokens: ~${Math.round(analysis.totalTokens / 1e3)}K`);
-  lines.push(`Context coverage: ${selection.coverage.score}% | Risk score: ${selection.riskScore}/100`);
-  lines.push("");
-  lines.push("### Included Files");
-  lines.push("");
-  const fullFiles = selection.files.filter((f) => f.pruneLevel === "full");
-  const sigFiles = selection.files.filter((f) => f.pruneLevel === "signatures");
-  const skelFiles = selection.files.filter((f) => f.pruneLevel === "skeleton");
-  if (fullFiles.length > 0) {
-    lines.push("**Full content (read these first):**");
-    for (const f of fullFiles) {
-      lines.push(`- \`${f.relativePath}\` (~${Math.round(f.tokens / 1e3)}K tokens) \u2014 ${f.reason}`);
-    }
-    lines.push("");
-  }
-  if (sigFiles.length > 0) {
-    lines.push("**Signatures only (reference as needed):**");
-    for (const f of sigFiles) {
-      lines.push(`- \`${f.relativePath}\` (~${Math.round(f.tokens / 1e3)}K tokens)`);
-    }
-    lines.push("");
-  }
-  if (skelFiles.length > 0) {
-    lines.push("**Skeleton (structure overview):**");
-    for (const f of skelFiles) {
-      lines.push(`- \`${f.relativePath}\``);
-    }
-    lines.push("");
-  }
-  if (selection.coverage.missingCritical.length > 0) {
-    lines.push("\u26A0\uFE0F **Missing critical files** (not included due to budget):");
-    for (const f of selection.coverage.missingCritical) {
-      lines.push(`- \`${f}\``);
-    }
-    lines.push("");
-  }
-  const content = lines.join("\n");
-  return makeSection("context", "context", content);
-}
-function buildTaskSection(task, taskType) {
-  const content = [
-    "## Task",
-    "",
-    task,
-    "",
-    `Task type: **${taskType}**`
-  ].join("\n");
-  return makeSection("task", "task", content);
-}
-function buildConstraintsSection(stack, taskType) {
-  const lines = ["## Constraints", ""];
-  lines.push("- **Do NOT** delete or modify existing tests unless explicitly asked");
-  lines.push("- **Do NOT** change function signatures that are part of the public API");
-  lines.push("- **Do NOT** introduce new dependencies without mentioning it");
-  lines.push("- **Always** handle errors explicitly (no silent catches)");
-  lines.push("- **Always** preserve existing code style and conventions");
-  lines.push("- **Prefer** minimal changes \u2014 smallest diff that solves the problem");
-  if (stack.includes("TypeScript")) {
-    lines.push("- **Always** use strict TypeScript types (no `any` unless unavoidable)");
-    lines.push("- **Always** add explicit return types to exported functions");
-  }
-  if (taskType === "refactor") {
-    lines.push("- **Do NOT** change behavior \u2014 refactoring must be behavior-preserving");
-    lines.push("- **Verify** all existing tests still pass after changes");
-  }
-  if (taskType === "test") {
-    lines.push("- Use AAA pattern: Arrange, Act, Assert");
-    lines.push("- Test boundaries, null/undefined, async errors, type edges");
-    lines.push('- Use descriptive test names: "should [expected] when [condition]"');
-  }
-  return makeSection("constraints", "constraints", lines.join("\n"));
-}
-function buildCoTSection(taskType) {
-  const steps = COT_STEPS[taskType] ?? COT_STEPS["simple-edit"];
-  const lines = ["## Thinking Process", "", "Before writing any code:"];
-  steps.forEach((step, i) => {
-    lines.push(`${i + 1}. ${step}`);
-  });
-  return makeSection("cot", "constraints", lines.join("\n"));
-}
-function buildAntiHallucinationSection() {
-  const content = [
-    "## Important",
-    "",
-    "- Only reference files, functions, and APIs that exist in the provided context",
-    "- If you are unsure about something, say so explicitly",
-    "- Do NOT invent function signatures, types, or module paths",
-    "- If the context is insufficient to complete the task, explain what is missing"
-  ].join("\n");
-  return makeSection("anti-hallucination", "constraints", content);
-}
-function buildFormatSection(taskType) {
-  const lines = ["## Output Format", ""];
-  if (taskType === "review") {
-    lines.push("Provide findings in priority order: Critical > Major > Minor > Nitpick");
-    lines.push("For each finding: file, line, issue, and concrete suggestion with code");
-  } else if (taskType === "architecture") {
-    lines.push("Present 2-3 options with trade-offs, then recommend one with justification");
-  } else if (taskType === "debug") {
-    lines.push("1. Root cause analysis");
-    lines.push("2. Minimal fix");
-    lines.push("3. Explanation of why the fix works");
-    lines.push("4. Edge cases to consider");
-  } else {
-    lines.push("Provide clean, production-ready code with brief explanations of key decisions");
-  }
-  return makeSection("format", "format", lines.join("\n"));
-}
-var TASK_ROLES = {
-  debug: "debugger",
-  review: "code reviewer",
-  refactor: "architect",
-  test: "test engineer",
-  docs: "technical writer",
-  feature: "engineer",
-  architecture: "systems architect",
-  "simple-edit": "engineer"
-};
-var COT_STEPS = {
-  debug: [
-    "**Reproduce** \u2014 Understand the exact symptom and when it occurs",
-    "**Hypothesize** \u2014 List the most likely root causes (max 3)",
-    "**Verify** \u2014 Check each hypothesis against the code",
-    "**Fix** \u2014 Apply the minimal fix that addresses the root cause",
-    "**Validate** \u2014 Explain why the fix works and what edge cases it covers"
-  ],
-  review: [
-    "**Understand** \u2014 Read the code and understand its purpose",
-    "**Assess** \u2014 Evaluate correctness, readability, performance, security",
-    "**Prioritize** \u2014 Rank issues by severity (critical > major > minor)",
-    "**Suggest** \u2014 Provide concrete, actionable improvements with code"
-  ],
-  refactor: [
-    "**Analyze** \u2014 Identify code smells and structural issues",
-    "**Plan** \u2014 Define the target structure before changing anything",
-    "**Preserve** \u2014 Ensure behavior doesn't change",
-    "**Refactor** \u2014 Apply changes incrementally",
-    "**Verify** \u2014 Confirm all existing tests still pass"
-  ],
-  test: [
-    "**Identify** \u2014 What needs testing? (happy path, edge cases, errors)",
-    "**Structure** \u2014 Use AAA pattern: Arrange, Act, Assert",
-    "**Cover** \u2014 Test boundaries, null/undefined, async errors",
-    "**Isolate** \u2014 Mock external dependencies, test units independently"
-  ],
-  docs: [
-    "**Read** \u2014 Understand the code before documenting",
-    "**Structure** \u2014 Organize by audience (API users, contributors, operators)",
-    "**Write** \u2014 Clear, concise, with examples"
-  ],
-  feature: [
-    "**Clarify** \u2014 Restate the requirement in your own words",
-    "**Design** \u2014 Plan the approach (types, interfaces, flow)",
-    "**Implement** \u2014 Build incrementally, starting with types",
-    "**Test** \u2014 Write tests alongside implementation",
-    "**Integrate** \u2014 Ensure no regressions"
-  ],
-  architecture: [
-    "**Context** \u2014 Understand current architecture and constraints",
-    "**Options** \u2014 Present 2-3 viable approaches with trade-offs",
-    "**Recommend** \u2014 Choose the best and explain why",
-    "**Plan** \u2014 Define migration steps",
-    "**Risks** \u2014 Identify risks and mitigation strategies"
-  ],
-  "simple-edit": [
-    "**Understand** \u2014 Read the relevant code",
-    "**Plan** \u2014 Think before writing",
-    "**Implement** \u2014 Write clean, well-typed code",
-    "**Verify** \u2014 Check for edge cases"
-  ]
-};
-function makeSection(id, role, content) {
-  const tokens = countTokensChars4(Buffer.byteLength(content, "utf-8"));
-  return { id, role, content, tokens };
-}
-
-// src/govern/audit.ts
-import { randomUUID, createHash as createHash5 } from "crypto";
-import { readdir as readdir3, chmod } from "fs/promises";
-import { join as join7 } from "path";
-import { userInfo } from "os";
-import { homedir } from "os";
-var CTO_DIR = ".cto-ai";
-var AUDIT_DIR = "audit";
-var MAX_ENTRIES_PER_FILE = 500;
-function getAuditDir() {
-  return join7(homedir(), CTO_DIR, AUDIT_DIR);
-}
-function getCurrentAuditFile() {
-  const date = (/* @__PURE__ */ new Date()).toISOString().split("T")[0].replace(/-/g, "");
-  return join7(getAuditDir(), `audit_${date}.json`);
-}
-function computeIntegrityHash(entry) {
-  const payload = JSON.stringify({
-    id: entry.id,
-    timestamp: entry.timestamp,
-    action: entry.action,
-    user: entry.user,
-    projectPath: entry.projectPath,
-    details: entry.details
-  });
-  return createHash5("sha256").update(payload).digest("hex");
-}
-async function ensureDir(dirPath) {
-  const { mkdir: mkdir5 } = await import("fs/promises");
-  await mkdir5(dirPath, { recursive: true });
-}
-async function readJSON(filePath) {
-  const { readFile: readFile9 } = await import("fs/promises");
-  try {
-    const content = await readFile9(filePath, "utf-8");
-    return JSON.parse(content);
-  } catch {
-    return null;
-  }
-}
-async function writeJSON(filePath, data) {
-  const { writeFile: writeFile7 } = await import("fs/promises");
-  await ensureDir(join7(filePath, ".."));
-  await writeFile7(filePath, JSON.stringify(data, null, 2), "utf-8");
-}
-async function logAudit(action, projectPath, details = {}) {
-  const auditDir = getAuditDir();
-  await ensureDir(auditDir);
-  let currentUser;
-  try {
-    currentUser = userInfo().username;
-  } catch {
-    currentUser = process.env.USER ?? process.env.USERNAME ?? "unknown";
-  }
-  const partialEntry = {
-    id: randomUUID().substring(0, 12),
-    timestamp: /* @__PURE__ */ new Date(),
-    action,
-    user: currentUser,
-    projectPath,
-    details
-  };
-  const entry = {
-    ...partialEntry,
-    integrityHash: computeIntegrityHash(partialEntry)
-  };
-  const auditFile = getCurrentAuditFile();
-  let entries = await readJSON(auditFile) ?? [];
-  entries.push(entry);
-  if (entries.length > MAX_ENTRIES_PER_FILE) {
-    entries = entries.slice(-MAX_ENTRIES_PER_FILE);
-  }
-  await writeJSON(auditFile, entries);
-  try {
-    await chmod(auditFile, 384);
-  } catch {
-  }
-  return entry;
-}
-async function getAuditEntries(options = {}) {
-  const auditDir = getAuditDir();
-  let files;
-  try {
-    files = await readdir3(auditDir);
-  } catch {
-    return [];
-  }
-  const auditFiles = files.filter((f) => f.startsWith("audit_") && f.endsWith(".json")).sort().reverse();
-  const allEntries = [];
-  const limit = options.limit ?? 100;
-  for (const file of auditFiles) {
-    if (allEntries.length >= limit) break;
-    const entries = await readJSON(join7(auditDir, file));
-    if (!entries) continue;
-    for (const entry of entries.reverse()) {
-      if (allEntries.length >= limit) break;
-      if (options.projectPath && entry.projectPath !== options.projectPath) continue;
-      if (options.action && entry.action !== options.action) continue;
-      if (options.since && new Date(entry.timestamp) < options.since) continue;
-      allEntries.push(entry);
-    }
-  }
-  return allEntries;
-}
-function verifyAuditEntry(entry) {
-  const { integrityHash, ...rest } = entry;
-  const expected = computeIntegrityHash(rest);
-  return expected === integrityHash;
-}
-async function verifyAuditIntegrity() {
-  const entries = await getAuditEntries({ limit: 1e4 });
-  const invalidEntries = [];
-  for (const entry of entries) {
-    if (!verifyAuditEntry(entry)) {
-      invalidEntries.push(entry);
-    }
-  }
-  return {
-    totalEntries: entries.length,
-    validEntries: entries.length - invalidEntries.length,
-    invalidEntries
-  };
-}
-async function purgeOldAuditEntries(retentionDays) {
-  const auditDir = getAuditDir();
-  let files;
-  try {
-    files = await readdir3(auditDir);
-  } catch {
-    return 0;
-  }
-  const cutoff = /* @__PURE__ */ new Date();
-  cutoff.setDate(cutoff.getDate() - retentionDays);
-  const cutoffStr = cutoff.toISOString().split("T")[0].replace(/-/g, "");
-  let purged = 0;
-  const { unlink } = await import("fs/promises");
-  for (const file of files) {
-    if (!file.startsWith("audit_") || !file.endsWith(".json")) continue;
-    const dateStr = file.replace("audit_", "").replace(".json", "");
-    if (dateStr < cutoffStr) {
-      try {
-        await unlink(join7(auditDir, file));
-        purged++;
-      } catch {
-      }
-    }
-  }
-  return purged;
-}
-
-// src/interact/orchestrator.ts
-async function planInteraction(input) {
-  const {
-    task,
-    analysis,
-    budget = 5e4,
-    model: preferredModel,
-    policies,
-    depth = 2,
-    enableCoT = true,
-    enableConstraints = true,
-    enableAntiHallucination = true
-  } = input;
-  const decisions = [];
-  const taskType = classifyTask(task);
-  decisions.push({
-    step: "classify",
-    decision: taskType,
-    reason: `Task classified as "${taskType}" based on keyword analysis`,
-    data: { task, taskType }
-  });
-  const context = await selectContext({
-    task,
-    analysis,
-    budget,
-    policies,
-    depth
-  });
-  decisions.push({
-    step: "select-context",
-    decision: `${context.files.length} files selected (${context.totalTokens} tokens)`,
-    reason: `Coverage: ${context.coverage.score}%, Risk: ${context.riskScore}/100`,
-    data: {
-      filesIncluded: context.files.length,
-      tokensUsed: context.totalTokens,
-      budget,
-      coverage: context.coverage.score,
-      risk: context.riskScore
-    }
-  });
-  const modelChoice = routeModel(taskType, analysis, preferredModel);
-  decisions.push({
-    step: "choose-model",
-    decision: modelChoice.model,
-    reason: modelChoice.reason,
-    data: {
-      confidence: modelChoice.confidence,
-      alternatives: modelChoice.alternatives.length
-    }
-  });
-  const prompt = buildPrompt({
-    task,
-    taskType,
-    analysis,
-    selection: context,
-    enableCoT,
-    enableConstraints,
-    enableAntiHallucination
-  });
-  decisions.push({
-    step: "build-prompt",
-    decision: `${prompt.sections.length} sections, ${prompt.totalTokens} tokens`,
-    reason: `Sections: ${prompt.sections.map((s) => s.id).join(", ")}`
-  });
-  const cost = estimateCost(
-    modelChoice.model,
-    context.totalTokens + prompt.totalTokens,
-    analysis.totalTokens
-  );
-  decisions.push({
-    step: "estimate-cost",
-    decision: cost.formatted,
-    reason: cost.savings.formatted,
-    data: {
-      inputTokens: cost.inputTokens,
-      totalCost: cost.totalCost,
-      savings: cost.savings.percent
-    }
-  });
-  const plan = {
-    id: randomUUID2().substring(0, 8),
-    task,
-    taskType,
-    timestamp: /* @__PURE__ */ new Date(),
-    context,
-    model: modelChoice,
-    prompt,
-    cost,
-    decisions
-  };
-  try {
-    await logAudit("interact", analysis.projectPath, {
-      interactionId: plan.id,
-      task,
-      taskType,
-      contextHash: context.hash,
-      filesIncluded: context.files.length,
-      filesExcluded: analysis.totalFiles - context.files.length,
-      tokensUsed: context.totalTokens,
-      coverageScore: context.coverage.score,
-      riskScore: context.riskScore,
-      model: modelChoice.model,
-      estimatedCost: cost.totalCost
-    });
-  } catch {
-  }
-  return plan;
-}
-
-// src/cli/v2/interact.ts
-var interactCommand = new Command3("interact").description("Build optimized AI context for a task").argument("<task>", 'Description of the task (e.g. "refactor the auth middleware")').option("-p, --path <path>", "Project path", ".").option("-b, --budget <tokens>", "Token budget", "50000").option("-m, --model <model>", "Force model: claude-haiku-3.5 | claude-sonnet-4 | claude-opus-4").option("--no-cot", "Disable chain-of-thought in prompt").option("--json", "Output as JSON").option("--prompt-only", "Only show the generated prompt").option("-o, --output <target>", "Output target: stdout | file | clipboard", "stdout").option("--explain", "Show detailed decision explanations").option("--pr [branch]", "PR mode: focus on changed files vs base branch (default: main)").action(async (task, opts) => {
-  try {
-    const projectPath = resolve8(opts.path ?? ".");
-    const budget = parseInt(opts.budget ?? "50000", 10);
-    console.log(chalk3.dim(`
-  Analyzing ${projectPath}...`));
-    const analysis = await getCachedAnalysis(projectPath);
-    if (opts.pr !== void 0) {
-      const baseBranch = typeof opts.pr === "string" ? opts.pr : "main";
-      console.log(chalk3.dim(`  PR mode: comparing against ${baseBranch}...
-`));
-      const pr = await generatePRContext(analysis, { baseBranch });
-      if (!pr.isGitRepo) {
-        console.log(chalk3.yellow("  \u26A0\uFE0F  Not a git repository. Falling back to normal mode.\n"));
-      } else if (pr.changedFiles.length === 0) {
-        console.log(chalk3.yellow(`  \u26A0\uFE0F  No changed files vs ${baseBranch}. Falling back to normal mode.
-`));
-      } else {
-        console.log(chalk3.bold.magenta("  \u{1F4CB} PR Context"));
-        console.log(`    Branch: ${pr.currentBranch} \u2190 ${baseBranch}`);
-        console.log(`    Changed: ${pr.changedFiles.length} files | Dependencies: ${pr.dependencyFiles.length} files`);
-        console.log(`    Tokens: ~${Math.round(pr.totalContextTokens / 1e3)}K`);
-        if (pr.riskSummary.critical > 0 || pr.riskSummary.high > 0) {
-          console.log(chalk3.yellow(`    \u26A0\uFE0F  ${pr.riskSummary.critical} critical + ${pr.riskSummary.high} high-risk files`));
-        }
-        console.log("");
-      }
-    }
-    console.log(chalk3.dim(`  Planning interaction for: "${task}"
-`));
-    const plan = await planInteraction({
-      task,
-      analysis,
-      budget,
-      model: opts.model,
-      enableCoT: opts.cot !== false
-    });
-    if (opts.json) {
-      console.log(JSON.stringify(plan, null, 2));
-      return;
-    }
-    if (opts.promptOnly) {
-      console.log(plan.prompt.rendered);
-      return;
-    }
-    console.log(chalk3.bold.cyan("  \u{1F9E0} Interaction Plan"));
-    console.log("");
-    for (const d of plan.decisions) {
-      const icon = d.step === "classify" ? "\u{1F3F7}\uFE0F" : d.step === "select-context" ? "\u{1F4C2}" : d.step === "choose-model" ? "\u{1F916}" : d.step === "build-prompt" ? "\u{1F4DD}" : d.step === "estimate-cost" ? "\u{1F4B0}" : "\u2022";
-      console.log(`  ${icon} ${chalk3.bold(d.step)}: ${d.decision}`);
-      console.log(`     ${chalk3.dim(d.reason)}`);
-    }
-    console.log("");
-    console.log(chalk3.bold("  Context:"));
-    const ctx = plan.context;
-    console.log(`    Files: ${ctx.files.length} | Tokens: ~${Math.round(ctx.totalTokens / 1e3)}K / ${Math.round(budget / 1e3)}K (${ctx.usedPercent.toFixed(1)}%)`);
-    console.log(`    Coverage: ${ctx.coverage.score}% | Risk: ${ctx.riskScore}/100`);
-    if (ctx.coverage.missingCritical.length > 0) {
-      console.log(chalk3.yellow(`    \u26A0\uFE0F  Missing critical: ${ctx.coverage.missingCritical.join(", ")}`));
-    }
-    console.log("");
-    const fullFiles = ctx.files.filter((f) => f.pruneLevel === "full");
-    const sigFiles = ctx.files.filter((f) => f.pruneLevel === "signatures");
-    const skelFiles = ctx.files.filter((f) => f.pruneLevel === "skeleton");
-    if (fullFiles.length > 0) {
-      console.log(chalk3.bold("  Full content:"));
-      for (const f of fullFiles) {
-        console.log(`    ${chalk3.green("\u25CF")} ${f.relativePath} (~${Math.round(f.tokens / 1e3)}K)`);
-      }
-    }
-    if (sigFiles.length > 0) {
-      console.log(chalk3.bold("  Signatures:"));
-      for (const f of sigFiles) {
-        console.log(`    ${chalk3.yellow("\u25CB")} ${f.relativePath} (~${Math.round(f.tokens / 1e3)}K)`);
-      }
-    }
-    if (skelFiles.length > 0) {
-      console.log(chalk3.bold("  Skeleton:"));
-      for (const f of skelFiles) {
-        console.log(`    ${chalk3.dim("\u25CC")} ${f.relativePath}`);
-      }
-    }
-    console.log("");
-    console.log(chalk3.bold("  Cost Estimate:"));
-    console.log(`    Model: ${plan.model.model}`);
-    console.log(`    This interaction: ${plan.cost.formatted}`);
-    console.log(`    Without optimization: ${plan.cost.withoutOptimization.formatted}`);
-    console.log(`    ${chalk3.green(plan.cost.savings.formatted)}`);
-    console.log("");
-    console.log(chalk3.bold("  Prompt:"));
-    console.log(`    Sections: ${plan.prompt.sections.map((s) => s.id).join(", ")}`);
-    console.log(`    Prompt tokens: ~${Math.round(plan.prompt.totalTokens / 1e3)}K`);
-    console.log("");
-    if (opts.explain && plan.context.decisions.length > 0) {
-      console.log(chalk3.bold("  Decisions:"));
-      for (const d of plan.context.decisions.slice(0, 20)) {
-        const icon = d.action === "exclude" ? chalk3.red("\u2717") : chalk3.green("\u2713");
-        console.log(`    ${icon} ${d.file} \u2014 ${d.reason}`);
-        if (d.alternatives) {
-          console.log(chalk3.dim(`      Alternative: ${d.alternatives}`));
-        }
-      }
-      if (plan.context.decisions.length > 20) {
-        console.log(chalk3.dim(`    ... and ${plan.context.decisions.length - 20} more decisions`));
-      }
-      console.log("");
-    }
-    if (opts.output === "file") {
-      const outPath = join8(resolve8(opts.path ?? "."), ".cto", `prompt-${plan.id}.md`);
-      await writeFile4(outPath, plan.prompt.rendered, "utf-8");
-      console.log(chalk3.green(`  \u{1F4BE} Prompt saved to ${outPath}`));
-      console.log("");
-    } else if (opts.output === "clipboard") {
-      try {
-        const { execSync } = await import("child_process");
-        execSync("pbcopy", { input: plan.prompt.rendered });
-        console.log(chalk3.green("  \u{1F4CB} Prompt copied to clipboard"));
-        console.log("");
-      } catch {
-        console.log(chalk3.yellow("  \u26A0\uFE0F  Could not copy to clipboard. Use --output file instead."));
-        console.log("");
-      }
-    }
-    console.log(chalk3.dim(`  Use ${chalk3.bold("--prompt-only")} to get the full prompt`));
-    console.log(chalk3.dim(`  Use ${chalk3.bold("--json")} for machine-readable output`));
-    console.log(chalk3.dim(`  Use ${chalk3.bold("--explain")} for detailed selection decisions`));
-    console.log("");
-  } catch (err) {
-    console.error(chalk3.red(`
-  Error: ${err.message}
-`));
-    process.exit(1);
-  }
-});
-
-// src/cli/v2/snapshot.ts
-import { Command as Command4 } from "commander";
-import chalk4 from "chalk";
-import { resolve as resolve9, join as join9 } from "path";
-import { readFile as readFile7, writeFile as writeFile5, readdir as readdir4, mkdir as mkdir3 } from "fs/promises";
-
-// src/govern/snapshot.ts
-import { randomUUID as randomUUID3, createHash as createHash6 } from "crypto";
-import "fs/promises";
-function createSnapshot(name, analysis, selection, metadata = {}) {
-  const files = selection.files.map((f) => ({
-    relativePath: f.relativePath,
-    hash: hashString(`${f.relativePath}:${f.tokens}:${f.pruneLevel}`),
-    tokens: f.tokens,
-    pruneLevel: f.pruneLevel
-  }));
-  const snapshotData = files.map((f) => `${f.relativePath}:${f.hash}:${f.pruneLevel}`).sort().join("|");
-  return {
-    id: randomUUID3().substring(0, 8),
-    name,
-    createdAt: /* @__PURE__ */ new Date(),
-    hash: hashString(snapshotData),
-    projectHash: analysis.hash,
-    analysisHash: analysis.hash,
-    selectionHash: selection.hash,
-    files,
-    totalTokens: selection.totalTokens,
-    coverageScore: selection.coverage.score,
-    riskScore: selection.riskScore,
-    metadata
-  };
-}
-async function verifySnapshot(snapshot, currentAnalysis, currentSelection) {
-  const currentFiles = new Map(
-    currentSelection.files.map((f) => [f.relativePath, f])
-  );
-  let filesMatched = 0;
-  const filesMissing = [];
-  const filesChanged = [];
-  for (const snapFile of snapshot.files) {
-    const current = currentFiles.get(snapFile.relativePath);
-    if (!current) {
-      filesMissing.push(snapFile.relativePath);
-      continue;
-    }
-    const currentHash2 = hashString(
-      `${current.relativePath}:${current.tokens}:${current.pruneLevel}`
-    );
-    if (currentHash2 === snapFile.hash) {
-      filesMatched++;
-    } else {
-      filesChanged.push(snapFile.relativePath);
-    }
-  }
-  const currentSnapshotData = snapshot.files.map((f) => {
-    const current = currentFiles.get(f.relativePath);
-    if (!current) return `${f.relativePath}:MISSING:MISSING`;
-    return `${current.relativePath}:${hashString(`${current.relativePath}:${current.tokens}:${current.pruneLevel}`)}:${current.pruneLevel}`;
-  }).sort().join("|");
-  const currentHash = hashString(currentSnapshotData);
-  const integrityOk = currentHash === snapshot.hash && filesMissing.length === 0 && filesChanged.length === 0;
-  return {
-    valid: integrityOk,
-    snapshotId: snapshot.id,
-    filesChecked: snapshot.files.length,
-    filesMatched,
-    filesMissing,
-    filesChanged,
-    integrityOk
-  };
-}
-function compareSnapshots(older, newer) {
-  const olderFiles = new Map(older.files.map((f) => [f.relativePath, f]));
-  const newerFiles = new Map(newer.files.map((f) => [f.relativePath, f]));
-  const added = [];
-  const removed = [];
-  const changed = [];
-  for (const [path, file] of newerFiles) {
-    const old = olderFiles.get(path);
-    if (!old) {
-      added.push(path);
-    } else if (old.hash !== file.hash) {
-      changed.push(path);
-    }
-  }
-  for (const path of olderFiles.keys()) {
-    if (!newerFiles.has(path)) {
-      removed.push(path);
-    }
-  }
-  return {
-    added,
-    removed,
-    changed,
-    tokenDelta: newer.totalTokens - older.totalTokens,
-    coverageDelta: newer.coverageScore - older.coverageScore,
-    riskDelta: newer.riskScore - older.riskScore
-  };
-}
-function hashString(input) {
-  return createHash6("sha256").update(input).digest("hex").substring(0, 16);
-}
-
-// src/cli/v2/snapshot.ts
-var SNAPSHOTS_DIR = ".cto/snapshots";
-async function ensureSnapshotsDir(projectPath) {
-  const dir = join9(projectPath, SNAPSHOTS_DIR);
-  await mkdir3(dir, { recursive: true });
-  return dir;
-}
-async function loadSnapshot(filePath) {
-  const content = await readFile7(filePath, "utf-8");
-  return JSON.parse(content);
-}
-var snapshotCommand = new Command4("snapshot").description("Create and manage reproducible context snapshots").addCommand(
-  new Command4("create").description("Create a snapshot of current context selection").argument("<name>", "Snapshot name").option("-p, --path <path>", "Project path", ".").option("-b, --budget <tokens>", "Token budget", "50000").option("-t, --task <task>", "Task description for context selection", "general review").action(async (name, opts) => {
-    try {
-      const projectPath = resolve9(opts.path ?? ".");
-      const budget = parseInt(opts.budget ?? "50000", 10);
-      console.log(chalk4.dim(`
-  Analyzing project...`));
-      const analysis = await analyzeProject(projectPath);
-      console.log(chalk4.dim(`  Selecting context...`));
-      const selection = await selectContext({
-        task: opts.task ?? "general review",
-        analysis,
-        budget
-      });
-      const snap = createSnapshot(name, analysis, selection, {
-        task: opts.task,
-        budget,
-        createdBy: process.env.USER ?? "unknown"
-      });
-      const dir = await ensureSnapshotsDir(projectPath);
-      const filePath = join9(dir, `${name}.json`);
-      await writeFile5(filePath, JSON.stringify(snap, null, 2), "utf-8");
-      console.log("");
-      console.log(chalk4.bold.cyan(`  \u{1F4F8} Snapshot "${name}" created`));
-      console.log(`    Files: ${snap.files.length}`);
-      console.log(`    Tokens: ~${Math.round(snap.totalTokens / 1e3)}K`);
-      console.log(`    Coverage: ${snap.coverageScore}%`);
-      console.log(`    Risk: ${snap.riskScore}/100`);
-      console.log(`    Hash: ${snap.hash}`);
-      console.log(`    Saved: ${filePath}`);
-      console.log("");
-    } catch (err) {
-      console.error(chalk4.red(`
-  Error: ${err.message}
-`));
-      process.exit(1);
-    }
-  })
-).addCommand(
-  new Command4("verify").description("Verify a snapshot against current project state").argument("<name>", "Snapshot name").option("-p, --path <path>", "Project path", ".").option("-b, --budget <tokens>", "Token budget", "50000").action(async (name, opts) => {
-    try {
-      const projectPath = resolve9(opts.path ?? ".");
-      const budget = parseInt(opts.budget ?? "50000", 10);
-      const snapPath = join9(projectPath, SNAPSHOTS_DIR, `${name}.json`);
-      const snap = await loadSnapshot(snapPath);
-      console.log(chalk4.dim(`
-  Re-analyzing project...`));
-      const analysis = await analyzeProject(projectPath);
-      const selection = await selectContext({
-        task: snap.metadata.task ?? "general review",
-        analysis,
-        budget
-      });
-      const result = await verifySnapshot(snap, analysis, selection);
-      console.log("");
-      if (result.valid) {
-        console.log(chalk4.bold.green(`  \u2705 Snapshot "${name}" is valid`));
-      } else {
-        console.log(chalk4.bold.red(`  \u274C Snapshot "${name}" has drifted`));
-      }
-      console.log(`    Files checked: ${result.filesChecked}`);
-      console.log(`    Files matched: ${result.filesMatched}`);
-      if (result.filesMissing.length > 0) {
-        console.log(chalk4.yellow(`    Missing: ${result.filesMissing.join(", ")}`));
-      }
-      if (result.filesChanged.length > 0) {
-        console.log(chalk4.yellow(`    Changed: ${result.filesChanged.join(", ")}`));
-      }
-      console.log("");
-    } catch (err) {
-      console.error(chalk4.red(`
-  Error: ${err.message}
-`));
-      process.exit(1);
-    }
-  })
-).addCommand(
-  new Command4("compare").description("Compare two snapshots").argument("<older>", "Older snapshot name").argument("<newer>", "Newer snapshot name").option("-p, --path <path>", "Project path", ".").action(async (older, newer, opts) => {
-    try {
-      const projectPath = resolve9(opts.path ?? ".");
-      const dir = join9(projectPath, SNAPSHOTS_DIR);
-      const snap1 = await loadSnapshot(join9(dir, `${older}.json`));
-      const snap2 = await loadSnapshot(join9(dir, `${newer}.json`));
-      const diff = compareSnapshots(snap1, snap2);
-      console.log("");
-      console.log(chalk4.bold.cyan(`  \u{1F4CA} Snapshot Comparison: ${older} \u2192 ${newer}`));
-      console.log("");
-      if (diff.added.length > 0) {
-        console.log(chalk4.green(`  Added (${diff.added.length}):`));
-        for (const f of diff.added) console.log(`    + ${f}`);
-      }
-      if (diff.removed.length > 0) {
-        console.log(chalk4.red(`  Removed (${diff.removed.length}):`));
-        for (const f of diff.removed) console.log(`    - ${f}`);
-      }
-      if (diff.changed.length > 0) {
-        console.log(chalk4.yellow(`  Changed (${diff.changed.length}):`));
-        for (const f of diff.changed) console.log(`    ~ ${f}`);
-      }
-      console.log("");
-      console.log(`  Token delta: ${diff.tokenDelta > 0 ? "+" : ""}${diff.tokenDelta}`);
-      console.log(`  Coverage delta: ${diff.coverageDelta > 0 ? "+" : ""}${diff.coverageDelta}%`);
-      console.log(`  Risk delta: ${diff.riskDelta > 0 ? "+" : ""}${diff.riskDelta}`);
-      console.log("");
-    } catch (err) {
-      console.error(chalk4.red(`
-  Error: ${err.message}
-`));
-      process.exit(1);
-    }
-  })
-).addCommand(
-  new Command4("list").description("List saved snapshots").option("-p, --path <path>", "Project path", ".").action(async (opts) => {
-    try {
-      const projectPath = resolve9(opts.path ?? ".");
-      const dir = join9(projectPath, SNAPSHOTS_DIR);
-      let files;
-      try {
-        files = await readdir4(dir);
-      } catch {
-        console.log(chalk4.dim("\n  No snapshots found. Run `cto snapshot create <name>` first.\n"));
-        return;
-      }
-      const snapFiles = files.filter((f) => f.endsWith(".json")).sort();
-      if (snapFiles.length === 0) {
-        console.log(chalk4.dim("\n  No snapshots found.\n"));
-        return;
-      }
-      console.log("");
-      console.log(chalk4.bold.cyan(`  \u{1F4F8} Snapshots (${snapFiles.length})`));
-      console.log("");
-      for (const file of snapFiles) {
-        try {
-          const snap = await loadSnapshot(join9(dir, file));
-          const date = new Date(snap.createdAt).toLocaleString();
-          console.log(`  ${chalk4.bold(snap.name)} \u2014 ${snap.files.length} files, ~${Math.round(snap.totalTokens / 1e3)}K tokens, coverage ${snap.coverageScore}%`);
-          console.log(`    ${chalk4.dim(`Created: ${date} | Hash: ${snap.hash}`)}`);
-        } catch {
-          console.log(`  ${chalk4.dim(file)} ${chalk4.red("(corrupted)")}`);
-        }
-      }
-      console.log("");
-    } catch (err) {
-      console.error(chalk4.red(`
-  Error: ${err.message}
-`));
-      process.exit(1);
-    }
-  })
-);
-
-// src/cli/v2/audit.ts
-import { Command as Command5 } from "commander";
-import chalk5 from "chalk";
-var auditCommand = new Command5("audit").description("View and manage the audit trail").addCommand(
-  new Command5("list").description("List recent audit entries").option("-n, --limit <limit>", "Number of entries to show", "20").option("-a, --action <action>", "Filter by action type").option("-p, --project <path>", "Filter by project path").option("--json", "Output as JSON").action(async (opts) => {
-    try {
-      const entries = await getAuditEntries({
-        limit: parseInt(opts.limit ?? "20", 10),
-        action: opts.action,
-        projectPath: opts.project
-      });
-      if (opts.json) {
-        console.log(JSON.stringify(entries, null, 2));
-        return;
-      }
-      if (entries.length === 0) {
-        console.log(chalk5.dim("\n  No audit entries found.\n"));
-        return;
-      }
-      console.log("");
-      console.log(chalk5.bold.cyan(`  \u{1F4CB} Audit Trail (${entries.length} entries)`));
-      console.log("");
-      for (const entry of entries) {
-        const date = new Date(entry.timestamp).toLocaleString();
-        const actionColor = entry.action.includes("secret") ? chalk5.red : entry.action.includes("integrity") ? chalk5.yellow : chalk5.blue;
-        console.log(`  ${chalk5.dim(date)} ${actionColor(entry.action)} ${chalk5.dim("by")} ${entry.user}`);
-        if (entry.projectPath) {
-          console.log(`    ${chalk5.dim(`Project: ${entry.projectPath}`)}`);
-        }
-        if (entry.tokensUsed) {
-          console.log(`    ${chalk5.dim(`Tokens: ~${Math.round(entry.tokensUsed / 1e3)}K | Coverage: ${entry.coverageScore ?? "?"}% | Risk: ${entry.riskScore ?? "?"}`)}`);
-        }
-      }
-      console.log("");
-    } catch (err) {
-      console.error(chalk5.red(`
-  Error: ${err.message}
-`));
-      process.exit(1);
-    }
-  })
-).addCommand(
-  new Command5("verify").description("Verify audit trail integrity").action(async () => {
-    try {
-      console.log(chalk5.dim("\n  Verifying audit integrity...\n"));
-      const result = await verifyAuditIntegrity();
-      if (result.invalidEntries.length === 0) {
-        console.log(chalk5.bold.green(`  \u2705 Audit trail is intact`));
-      } else {
-        console.log(chalk5.bold.red(`  \u274C Audit trail has been tampered with`));
-      }
-      console.log(`    Total entries: ${result.totalEntries}`);
-      console.log(`    Valid: ${result.validEntries}`);
-      console.log(`    Invalid: ${result.invalidEntries.length}`);
-      if (result.invalidEntries.length > 0) {
-        console.log("");
-        console.log(chalk5.red("  Tampered entries:"));
-        for (const entry of result.invalidEntries.slice(0, 5)) {
-          console.log(`    ${entry.id} \u2014 ${entry.action} at ${new Date(entry.timestamp).toLocaleString()}`);
-        }
-      }
-      console.log("");
-    } catch (err) {
-      console.error(chalk5.red(`
-  Error: ${err.message}
-`));
-      process.exit(1);
-    }
-  })
-).addCommand(
-  new Command5("purge").description("Purge old audit entries").option("-d, --days <days>", "Retention days", "90").action(async (opts) => {
-    try {
-      const days = parseInt(opts.days ?? "90", 10);
-      const purged = await purgeOldAuditEntries(days);
-      console.log("");
-      if (purged > 0) {
-        console.log(chalk5.bold(`  \u{1F5D1}\uFE0F  Purged ${purged} audit file(s) older than ${days} days`));
-      } else {
-        console.log(chalk5.dim(`  No audit files older than ${days} days found.`));
-      }
-      console.log("");
-    } catch (err) {
-      console.error(chalk5.red(`
-  Error: ${err.message}
-`));
-      process.exit(1);
-    }
-  })
-);
-
-// src/cli/v2/policy.ts
-import { Command as Command6 } from "commander";
-import chalk6 from "chalk";
-import { resolve as resolve10, join as join10 } from "path";
-import { readFile as readFile8, writeFile as writeFile6, mkdir as mkdir4 } from "fs/promises";
-
-// src/govern/policy.ts
-var DEFAULT_POLICY = {
-  version: "1.0",
-  name: "default",
-  rules: [
-    {
-      id: "no-env",
-      type: "exclude-always",
-      pattern: "**/*.env*",
-      reason: "Environment files must never be sent to AI",
-      enabled: true
-    },
-    {
-      id: "no-secrets",
-      type: "secret-block",
-      reason: "Files with detected secrets are blocked",
-      enabled: true
-    },
-    {
-      id: "min-coverage",
-      type: "coverage-minimum",
-      threshold: 70,
-      reason: "Warn if context coverage drops below 70%",
-      enabled: true
-    }
-  ]
-};
-function validateSelection(selection, policies, allFiles) {
-  const violations = [];
-  const warnings = [];
-  const includedPaths = new Set(selection.files.map((f) => f.relativePath));
-  for (const rule of policies.rules) {
-    if (!rule.enabled) continue;
-    switch (rule.type) {
-      case "exclude-always": {
-        if (!rule.pattern) break;
-        const violatingFiles = selection.files.filter(
-          (f) => matchGlob(f.relativePath, rule.pattern)
-        );
-        for (const f of violatingFiles) {
-          violations.push({
-            rule,
-            message: `File "${f.relativePath}" is included but matches exclude-always pattern "${rule.pattern}"`,
-            severity: "error"
-          });
-        }
-        break;
-      }
-      case "include-always": {
-        if (!rule.pattern || !allFiles) break;
-        const requiredFiles = allFiles.filter(
-          (f) => matchGlob(f.relativePath, rule.pattern)
-        );
-        for (const f of requiredFiles) {
-          if (!includedPaths.has(f.relativePath)) {
-            violations.push({
-              rule,
-              message: `File "${f.relativePath}" matches include-always pattern "${rule.pattern}" but is not included`,
-              severity: "warning"
-            });
-          }
-        }
-        break;
-      }
-      case "coverage-minimum": {
-        const threshold = rule.threshold ?? 70;
-        if (selection.coverage.score < threshold) {
-          warnings.push({
-            rule,
-            message: `Coverage ${selection.coverage.score}% is below minimum ${threshold}%`,
-            currentValue: selection.coverage.score,
-            threshold
-          });
-        }
-        break;
-      }
-      case "risk-maximum": {
-        const threshold = rule.threshold ?? 50;
-        if (selection.riskScore > threshold) {
-          warnings.push({
-            rule,
-            message: `Exclusion risk ${selection.riskScore}/100 exceeds maximum ${threshold}`,
-            currentValue: selection.riskScore,
-            threshold
-          });
-        }
-        break;
-      }
-      case "budget-limit": {
-        if (!rule.category || !rule.threshold) break;
-        const categoryFiles = selection.files.filter(
-          (f) => fileMatchesCategory(f.relativePath, rule.category)
-        );
-        const categoryTokens = categoryFiles.reduce((s, f) => s + f.tokens, 0);
-        const categoryPercent = selection.totalTokens > 0 ? categoryTokens / selection.totalTokens * 100 : 0;
-        if (categoryPercent > rule.threshold) {
-          warnings.push({
-            rule,
-            message: `Category "${rule.category}" uses ${Math.round(categoryPercent)}% of budget (max: ${rule.threshold}%)`,
-            currentValue: Math.round(categoryPercent),
-            threshold: rule.threshold
-          });
-        }
-        break;
-      }
-    }
-  }
-  return {
-    passed: violations.filter((v) => v.severity === "error").length === 0,
-    violations,
-    warnings
-  };
-}
-function addRule(policies, rule) {
-  return {
-    ...policies,
-    rules: [...policies.rules, rule]
-  };
-}
-function removeRule(policies, ruleId) {
-  return {
-    ...policies,
-    rules: policies.rules.filter((r) => r.id !== ruleId)
-  };
-}
-function toggleRule(policies, ruleId, enabled) {
-  return {
-    ...policies,
-    rules: policies.rules.map(
-      (r) => r.id === ruleId ? { ...r, enabled } : r
-    )
-  };
-}
-function fileMatchesCategory(path, category) {
-  switch (category) {
-    case "test":
-      return /\.(test|spec)\.[jt]sx?$/.test(path) || /\/__tests__\//.test(path) || /\/tests?\//.test(path);
-    case "config":
-      return /\.(config|rc)\.[jt]s$/.test(path) || /\.json$/.test(path) || /\.ya?ml$/.test(path);
-    case "docs":
-      return /\.(md|txt|rst)$/.test(path);
-    case "types":
-      return /types?\//i.test(path) || /\.d\.ts$/.test(path);
-    default:
-      return path.includes(category);
-  }
-}
-
-// src/cli/v2/policy.ts
-var POLICY_FILE2 = ".cto/policy.json";
-async function loadPolicy(projectPath) {
-  try {
-    const content = await readFile8(join10(projectPath, POLICY_FILE2), "utf-8");
-    return JSON.parse(content);
-  } catch {
-    return DEFAULT_POLICY;
-  }
-}
-async function savePolicy(projectPath, policy) {
-  const dir = join10(projectPath, ".cto");
-  await mkdir4(dir, { recursive: true });
-  await writeFile6(join10(projectPath, POLICY_FILE2), JSON.stringify(policy, null, 2), "utf-8");
-}
-var policyCommand = new Command6("policy").description("Manage context selection policies").addCommand(
-  new Command6("show").description("Show current policy rules").option("-p, --path <path>", "Project path", ".").option("--json", "Output as JSON").action(async (opts) => {
-    try {
-      const projectPath = resolve10(opts.path ?? ".");
-      const policy = await loadPolicy(projectPath);
-      if (opts.json) {
-        console.log(JSON.stringify(policy, null, 2));
-        return;
-      }
-      console.log("");
-      console.log(chalk6.bold.cyan(`  \u{1F4DC} Policy: ${policy.name} (v${policy.version})`));
-      console.log("");
-      if (policy.rules.length === 0) {
-        console.log(chalk6.dim("  No rules defined."));
-      }
-      for (const rule of policy.rules) {
-        const status = rule.enabled ? chalk6.green("\u25CF") : chalk6.dim("\u25CB");
-        const typeColor = rule.type.includes("exclude") ? chalk6.red : rule.type.includes("include") ? chalk6.green : chalk6.yellow;
-        console.log(`  ${status} ${chalk6.bold(rule.id)} \u2014 ${typeColor(rule.type)}`);
-        console.log(`    ${chalk6.dim(rule.reason)}`);
-        if (rule.pattern) console.log(`    ${chalk6.dim(`Pattern: ${rule.pattern}`)}`);
-        if (rule.threshold != null) console.log(`    ${chalk6.dim(`Threshold: ${rule.threshold}`)}`);
-        if (rule.category) console.log(`    ${chalk6.dim(`Category: ${rule.category}`)}`);
-      }
-      console.log("");
-    } catch (err) {
-      console.error(chalk6.red(`
-  Error: ${err.message}
-`));
-      process.exit(1);
-    }
-  })
-).addCommand(
-  new Command6("add").description("Add a new policy rule").argument("<id>", "Rule ID").argument("<type>", "Rule type: exclude-always | include-always | coverage-minimum | risk-maximum | budget-limit").option("-p, --path <path>", "Project path", ".").option("--pattern <pattern>", "Glob pattern for include/exclude rules").option("--threshold <n>", "Threshold value for metric rules").option("--category <cat>", "Category for budget-limit rules").option("--reason <reason>", "Reason for the rule", "User-defined rule").action(async (id, type, opts) => {
-    try {
-      const projectPath = resolve10(opts.path ?? ".");
-      let policy = await loadPolicy(projectPath);
-      policy = addRule(policy, {
-        id,
-        type,
-        pattern: opts.pattern,
-        threshold: opts.threshold ? parseInt(opts.threshold, 10) : void 0,
-        category: opts.category,
-        reason: opts.reason ?? "User-defined rule",
-        enabled: true
-      });
-      await savePolicy(projectPath, policy);
-      console.log(chalk6.green(`
-  \u2705 Rule "${id}" added (${type})
-`));
-    } catch (err) {
-      console.error(chalk6.red(`
-  Error: ${err.message}
-`));
-      process.exit(1);
-    }
-  })
-).addCommand(
-  new Command6("remove").description("Remove a policy rule").argument("<id>", "Rule ID to remove").option("-p, --path <path>", "Project path", ".").action(async (id, opts) => {
-    try {
-      const projectPath = resolve10(opts.path ?? ".");
-      let policy = await loadPolicy(projectPath);
-      policy = removeRule(policy, id);
-      await savePolicy(projectPath, policy);
-      console.log(chalk6.green(`
-  \u2705 Rule "${id}" removed
-`));
-    } catch (err) {
-      console.error(chalk6.red(`
-  Error: ${err.message}
-`));
-      process.exit(1);
-    }
-  })
-).addCommand(
-  new Command6("toggle").description("Enable or disable a rule").argument("<id>", "Rule ID").argument("<state>", "on | off").option("-p, --path <path>", "Project path", ".").action(async (id, state, opts) => {
-    try {
-      const projectPath = resolve10(opts.path ?? ".");
-      let policy = await loadPolicy(projectPath);
-      policy = toggleRule(policy, id, state === "on");
-      await savePolicy(projectPath, policy);
-      console.log(chalk6.green(`
-  \u2705 Rule "${id}" ${state === "on" ? "enabled" : "disabled"}
-`));
-    } catch (err) {
-      console.error(chalk6.red(`
-  Error: ${err.message}
-`));
-      process.exit(1);
-    }
-  })
-).addCommand(
-  new Command6("validate").description("Validate current context selection against policies").option("-p, --path <path>", "Project path", ".").option("-b, --budget <tokens>", "Token budget", "50000").option("-t, --task <task>", "Task description", "general review").action(async (opts) => {
-    try {
-      const projectPath = resolve10(opts.path ?? ".");
-      const budget = parseInt(opts.budget ?? "50000", 10);
-      const policy = await loadPolicy(projectPath);
-      console.log(chalk6.dim("\n  Analyzing project..."));
-      const analysis = await analyzeProject(projectPath);
-      console.log(chalk6.dim("  Selecting context..."));
-      const selection = await selectContext({
-        task: opts.task ?? "general review",
-        analysis,
-        budget,
-        policies: policy
-      });
-      const result = validateSelection(selection, policy, analysis.files);
-      console.log("");
-      if (result.passed) {
-        console.log(chalk6.bold.green("  \u2705 Policy validation passed"));
-      } else {
-        console.log(chalk6.bold.red("  \u274C Policy validation failed"));
-      }
-      if (result.violations.length > 0) {
-        console.log("");
-        console.log(chalk6.bold("  Violations:"));
-        for (const v of result.violations) {
-          const icon = v.severity === "error" ? chalk6.red("\u2717") : chalk6.yellow("\u26A0");
-          console.log(`    ${icon} ${v.message}`);
-        }
-      }
-      if (result.warnings.length > 0) {
-        console.log("");
-        console.log(chalk6.bold("  Warnings:"));
-        for (const w of result.warnings) {
-          console.log(`    ${chalk6.yellow("\u26A0")} ${w.message}`);
-        }
-      }
-      console.log("");
-    } catch (err) {
-      console.error(chalk6.red(`
-  Error: ${err.message}
-`));
-      process.exit(1);
-    }
-  })
-).addCommand(
-  new Command6("init").description("Initialize default policy file").option("-p, --path <path>", "Project path", ".").action(async (opts) => {
-    try {
-      const projectPath = resolve10(opts.path ?? ".");
-      await savePolicy(projectPath, DEFAULT_POLICY);
-      console.log(chalk6.green(`
-  \u2705 Default policy initialized at ${join10(projectPath, POLICY_FILE2)}
-`));
-    } catch (err) {
-      console.error(chalk6.red(`
-  Error: ${err.message}
-`));
-      process.exit(1);
-    }
-  })
-);
-
-// src/cli/v2/index.ts
-var CTO_V2_VERSION = "2.0.0";
-var program = new Command7();
-program.name("cto").description("CTO \u2014 Context Operating System for AI-native Engineering").version(CTO_V2_VERSION, "-v, --version");
-program.addCommand(initCommand);
-program.addCommand(analyzeCommand);
-program.addCommand(interactCommand);
-program.addCommand(snapshotCommand);
-program.addCommand(auditCommand);
-program.addCommand(policyCommand);
-program.action(() => {
-  console.log("");
-  console.log(chalk7.bold.cyan("  \u{1F9E0} CTO v2 \u2014 Context Operating System"));
-  console.log(chalk7.dim(`  v${CTO_V2_VERSION}`));
-  console.log("");
-  console.log(chalk7.dim("  AI Interaction Infrastructure for Engineering Teams"));
-  console.log(chalk7.dim("  Formal risk modeling \xB7 Deterministic selection \xB7 Enterprise auditability"));
-  console.log("");
-  console.log(chalk7.bold("  Commands:"));
-  console.log(chalk7.dim("    init                                  Setup CTO for a project"));
-  console.log(chalk7.dim("    analyze [path]                        Analyze structure, deps & risk"));
-  console.log(chalk7.dim("    interact <task>                       Build optimized AI context"));
-  console.log(chalk7.dim("    snapshot create|verify|compare|list   Reproducible context snapshots"));
-  console.log(chalk7.dim("    audit list|verify|purge               Tamper-evident audit trail"));
-  console.log(chalk7.dim("    policy show|add|remove|toggle|validate|init   Context policies"));
-  console.log("");
-  console.log(chalk7.bold("  Quick Start:"));
-  console.log(chalk7.dim("    $ cto init"));
-  console.log(chalk7.dim("    $ cto analyze"));
-  console.log(chalk7.dim('    $ cto interact "refactor the auth middleware"'));
-  console.log(chalk7.dim("    $ cto snapshot create baseline"));
-  console.log("");
-  console.log(chalk7.dim("  Run cto <command> --help for details"));
-  console.log("");
-});
-program.parse();
-//# sourceMappingURL=index.js.map