daystrom 0.1.0

package/README.md

@@ -0,0 +1,98 @@
+# Daystrom
+
+**Automated Prisma AIRS custom topic guardrail generator with iterative, self-improving refinement.**
+
+Named after Dr. Richard Daystrom's self-learning M-5 multitronic unit from Star Trek TOS — a system designed to improve itself through experience. Daystrom generates, tests, evaluates, and refines Palo Alto Prisma AIRS custom topic guardrails in an autonomous loop, learning from each run to produce better results over time.
+
+## What It Does
+
+Daystrom automates the creation and optimization of [Prisma AIRS](https://docs.paloaltonetworks.com/ai-runtime-security) custom topic guardrails — content detection rules that tell the AIRS scanner what prompts to block or allow. Instead of manually crafting topic definitions and testing them by hand, Daystrom:
+
+1. **Generates** a custom topic definition (name, description, up to 5 examples) using an LLM, informed by any prior learnings from previous runs
+2. **Deploys** the topic to a live Prisma AIRS security profile via the Management API (OAuth2)
+3. **Generates test cases** — balanced positive prompts (should trigger detection) and negative prompts (should not trigger)
+4. **Scans** all test prompts against the live AIRS Scan API with configurable concurrency
+5. **Evaluates** efficacy: true positive rate, true negative rate, accuracy, coverage (`min(TPR, TNR)`), and F1 score
+6. **Analyzes** false positives and false negatives using the LLM to identify patterns
+7. **Improves** the topic definition iteratively — refining description and examples while keeping the topic name locked
+8. **Learns** — after the loop completes, extracts actionable insights and persists them for future runs on similar topics
+
+The loop runs until coverage reaches a target threshold (default 90%) or max iterations (default 20) are exhausted.
+
+## Quick Start
+
+```bash
+# Install
+pnpm install
+
+# Configure credentials
+cp .env.example .env
+# Edit .env — you need: ANTHROPIC_API_KEY (or other LLM provider),
+# PANW_AI_SEC_API_KEY, PANW_MGMT_CLIENT_ID, PANW_MGMT_CLIENT_SECRET, PANW_MGMT_TSG_ID
+
+# Run interactively (prompts for topic, profile, intent, etc.)
+pnpm run generate
+
+# Run non-interactively
+pnpm run generate \
+  --provider claude-api \
+  --profile my-security-profile \
+  --topic "Block discussions about building explosives" \
+  --intent block \
+  --target-coverage 90
+```
+
+## Commands
+
+All commands use `daystrom` as the binary name (or `pnpm run dev` in development):
+
+| Command | Description |
+|---------|-------------|
+| `daystrom generate` | Start a new guardrail generation loop |
+| `daystrom resume <runId>` | Resume a paused or failed run with additional iterations |
+| `daystrom report <runId>` | View detailed results for a saved run (best or specific iteration) |
+| `daystrom list` | List all saved runs with status and coverage |
+
+### Generate Flags
+
+| Flag | Default | Description |
+|------|---------|-------------|
+| `--provider <name>` | `claude-api` | LLM provider (`claude-api`, `claude-vertex`, `claude-bedrock`, `gemini-api`, `gemini-vertex`, `gemini-bedrock`) |
+| `--model <name>` | per-provider | Override the default model |
+| `--profile <name>` | (prompted) | AIRS security profile name to attach the topic to |
+| `--topic <desc>` | (prompted) | Natural language description of what to detect |
+| `--intent <block\|allow>` | `block` | Whether matching prompts should be blocked or allowed |
+| `--max-iterations <n>` | `20` | Maximum refinement iterations |
+| `--target-coverage <n>` | `90` | Coverage percentage to stop at |
+| `--no-memory` | memory on | Disable cross-run learning for this run |
+
+## Documentation
+
+Full documentation: **[cdot65.github.io/daystrom](https://cdot65.github.io/daystrom/)**
+
+## Tech Stack
+
+- **TypeScript ESM** on Node.js 20+ with strict mode
+- **LangChain.js** — Claude (Anthropic API, Vertex, Bedrock) and Gemini (API, Vertex, Bedrock) with structured output via Zod schemas
+- **Prisma AIRS SDK** (`@cdot65/prisma-airs-sdk@^0.2.0`) — scan API + management API (OAuth2 client credentials)
+- **Commander.js** — CLI framework with 4 subcommands
+- **Vitest** + **MSW** — 165 tests across 17 files (~98% stmt coverage)
+- **Biome** — linting and formatting
+- **Zod** — config validation, LLM output parsing, learning extraction schemas
+
+## Project Structure
+
+```
+src/
+├── cli/              CLI entry, commands (generate/resume/report/list), prompts, renderer
+├── config/           Zod-validated config schema + env/file/CLI cascade loader
+├── core/             Async generator loop, efficacy metrics, AIRS topic constraints
+├── llm/              LangChain provider factory, structured output service, prompt templates
+├── airs/             Scanner (sync scan + batch) and Management (CRUD + profile linking) services
+├── memory/           Learning store, extractor, budget-aware injector, iteration diff
+└── persistence/      JSON file store for run state
+```
+
+## License
+
+MIT

package/dist/airs/management.d.ts

@@ -0,0 +1,21 @@
+import { type CreateCustomTopicRequest, type ManagementClientOptions, type CustomTopic as SdkCustomTopic } from '@cdot65/prisma-airs-sdk';
+import type { ManagementService } from './types.js';
+/**
+ * Wraps the SDK's ManagementClient to implement our ManagementService interface.
+ * OAuth2 token management, caching, and retry are handled by the SDK.
+ */
+export declare class SdkManagementService implements ManagementService {
+    private client;
+    constructor(opts?: ManagementClientOptions);
+    createTopic(request: CreateCustomTopicRequest): Promise<SdkCustomTopic>;
+    updateTopic(topicId: string, request: CreateCustomTopicRequest): Promise<SdkCustomTopic>;
+    deleteTopic(topicId: string): Promise<void>;
+    listTopics(): Promise<SdkCustomTopic[]>;
+    /**
+     * Sets a single custom topic on a profile's topic-guardrails config.
+     * Replaces any existing topics so only the current topic is evaluated.
+     * Previous runs may have left stale topics — this clears them.
+     */
+    assignTopicToProfile(profileName: string, topicId: string, topicName: string, action: 'allow' | 'block'): Promise<void>;
+}
+//# sourceMappingURL=management.d.ts.map

package/dist/airs/management.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"management.d.ts","sourceRoot":"","sources":["../../src/airs/management.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,wBAAwB,EAE7B,KAAK,uBAAuB,EAC5B,KAAK,WAAW,IAAI,cAAc,EACnC,MAAM,yBAAyB,CAAC;AACjC,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAEpD;;;GAGG;AACH,qBAAa,oBAAqB,YAAW,iBAAiB;IAC5D,OAAO,CAAC,MAAM,CAAmB;gBAErB,IAAI,CAAC,EAAE,uBAAuB;IAIpC,WAAW,CAAC,OAAO,EAAE,wBAAwB,GAAG,OAAO,CAAC,cAAc,CAAC;IAIvE,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,wBAAwB,GAAG,OAAO,CAAC,cAAc,CAAC;IAIxF,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI3C,UAAU,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;IAK7C;;;;OAIG;IACG,oBAAoB,CACxB,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,OAAO,GAAG,OAAO,GACxB,OAAO,CAAC,IAAI,CAAC;CAsDjB"}

package/dist/airs/management.js

@@ -0,0 +1,78 @@
+import { ManagementClient, } from '@cdot65/prisma-airs-sdk';
+/**
+ * Wraps the SDK's ManagementClient to implement our ManagementService interface.
+ * OAuth2 token management, caching, and retry are handled by the SDK.
+ */
+export class SdkManagementService {
+    client;
+    constructor(opts) {
+        this.client = new ManagementClient(opts);
+    }
+    async createTopic(request) {
+        return this.client.topics.create(request);
+    }
+    async updateTopic(topicId, request) {
+        return this.client.topics.update(topicId, request);
+    }
+    async deleteTopic(topicId) {
+        await this.client.topics.delete(topicId);
+    }
+    async listTopics() {
+        const response = await this.client.topics.list();
+        return response.custom_topics;
+    }
+    /**
+     * Sets a single custom topic on a profile's topic-guardrails config.
+     * Replaces any existing topics so only the current topic is evaluated.
+     * Previous runs may have left stale topics — this clears them.
+     */
+    async assignTopicToProfile(profileName, topicId, topicName, action) {
+        // Find profile by name
+        const { ai_profiles } = await this.client.profiles.list();
+        const profile = ai_profiles.find((p) => p.profile_name === profileName);
+        if (!profile?.profile_id) {
+            throw new Error(`Profile "${profileName}" not found`);
+        }
+        // Deep clone the policy to mutate
+        const policy = JSON.parse(JSON.stringify(profile.policy ?? {}));
+        const aiProfiles = policy['ai-security-profiles'] ?? [
+            { 'model-type': 'default', 'model-configuration': {} },
+        ];
+        const modelConfig = aiProfiles[0]?.['model-configuration'] ?? {};
+        // Find or create model-protection with topic-guardrails
+        const modelProtection = modelConfig['model-protection'] ?? [];
+        let topicGuardrails = modelProtection.find((mp) => mp.name === 'topic-guardrails');
+        if (!topicGuardrails) {
+            topicGuardrails = {
+                action: 'allow',
+                name: 'topic-guardrails',
+                options: [],
+                'topic-list': [],
+            };
+            modelProtection.push(topicGuardrails);
+        }
+        // Replace the entire topic-list with only the current topic under the given action.
+        // The opposite action gets an empty list to ensure no stale topics remain.
+        const oppositeAction = action === 'block' ? 'allow' : 'block';
+        topicGuardrails['topic-list'] = [
+            {
+                action,
+                topic: [{ topic_id: topicId, topic_name: topicName, revision: 1 }],
+            },
+            {
+                action: oppositeAction,
+                topic: [],
+            },
+        ];
+        // Write back
+        modelConfig['model-protection'] = modelProtection;
+        aiProfiles[0]['model-configuration'] = modelConfig;
+        policy['ai-security-profiles'] = aiProfiles;
+        await this.client.profiles.update(profile.profile_id, {
+            profile_name: profile.profile_name,
+            active: profile.active,
+            policy,
+        });
+    }
+}
+//# sourceMappingURL=management.js.map

package/dist/airs/management.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"management.js","sourceRoot":"","sources":["../../src/airs/management.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,gBAAgB,GAGjB,MAAM,yBAAyB,CAAC;AAGjC;;;GAGG;AACH,MAAM,OAAO,oBAAoB;IACvB,MAAM,CAAmB;IAEjC,YAAY,IAA8B;QACxC,IAAI,CAAC,MAAM,GAAG,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC;IAC3C,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAiC;QACjD,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAe,EAAE,OAAiC;QAClE,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACrD,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAe;QAC/B,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3C,CAAC;IAED,KAAK,CAAC,UAAU;QACd,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACjD,OAAO,QAAQ,CAAC,aAAa,CAAC;IAChC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,oBAAoB,CACxB,WAAmB,EACnB,OAAe,EACf,SAAiB,EACjB,MAAyB;QAEzB,uBAAuB;QACvB,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC1D,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,KAAK,WAAW,CAAC,CAAC;QACxE,IAAI,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,YAAY,WAAW,aAAa,CAAC,CAAC;QACxD,CAAC;QAED,kCAAkC;QAClC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC;QAChE,MAAM,UAAU,GAAG,MAAM,CAAC,sBAAsB,CAAC,IAAI;YACnD,EAAE,YAAY,EAAE,SAAS,EAAE,qBAAqB,EAAE,EAAE,EAAE;SACvD,CAAC;QACF,MAAM,WAAW,GAAG,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,qBAAqB,CAAC,IAAI,EAAE,CAAC;QAEjE,wDAAwD;QACxD,MAAM,eAAe,GAA8B,WAAW,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC;QACzF,IAAI,eAAe,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,KAAK,kBAAkB,CAAC,CAAC;QAEnF,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,eAAe,GAAG;gBAChB,MAAM,EAAE,OAAO;gBACf,IAAI,EAAE,kBAAkB;gBACxB,OAAO,EAAE,EAAE;gBACX,YAAY,EAAE,EAAE;aACjB,CAAC;YACF,eAAe,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACxC,CAAC;QAED,oFAAoF;QACpF,2EAA2E;QAC3E,MAAM,cAAc,GAAG,MAAM,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC;QAC9D,eAAe,CAAC,YAAY,CAAC,GAAG;YAC9B;gBACE,MAAM;gBACN,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;aACnE;YACD;gBACE,MAAM,EAAE,cAAc;gBACtB,KAAK,EAAE,EAAE;aACV;SACF,CAAC;QAEF,aAAa;QACb,WAAW,CAAC,kBAAkB,CAAC,GAAG,eAAe,CAAC;QAClD,UAAU,CAAC,CAAC,CAAC,CAAC,qBAAqB,CAAC,GAAG,WAAW,CAAC;QACnD,MAAM,CAAC,sBAAsB,CAAC,GAAG,UAAU,CAAC;QAE5C,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE;YACpD,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,MAAM;SACP,CAAC,CAAC;IACL,CAAC;CACF"}

package/dist/airs/scanner.d.ts

@@ -0,0 +1,8 @@
+import type { ScanResult, ScanService } from './types.js';
+export declare class AirsScanService implements ScanService {
+    private scanner;
+    constructor(apiKey: string);
+    scan(profileName: string, prompt: string, sessionId?: string): Promise<ScanResult>;
+    scanBatch(profileName: string, prompts: string[], concurrency?: number, sessionId?: string): Promise<ScanResult[]>;
+}
+//# sourceMappingURL=scanner.d.ts.map

package/dist/airs/scanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/airs/scanner.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAE1D,qBAAa,eAAgB,YAAW,WAAW;IACjD,OAAO,CAAC,OAAO,CAA+B;gBAElC,MAAM,EAAE,MAAM;IAKpB,IAAI,CAAC,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAqBlF,SAAS,CACb,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,EAAE,EACjB,WAAW,SAAI,EACf,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,UAAU,EAAE,CAAC;CAMzB"}

package/dist/airs/scanner.js

@@ -0,0 +1,28 @@
+import { Content, init, Scanner } from '@cdot65/prisma-airs-sdk';
+import pLimit from 'p-limit';
+export class AirsScanService {
+    scanner;
+    constructor(apiKey) {
+        init({ apiKey });
+        this.scanner = new Scanner();
+    }
+    async scan(profileName, prompt, sessionId) {
+        const content = new Content({ prompt });
+        const response = await this.scanner.syncScan({ profile_name: profileName }, content, sessionId ? { sessionId } : undefined);
+        const action = response.action === 'block' ? 'block' : 'allow';
+        const detected = response.prompt_detected;
+        const triggered = !!(detected?.topic_guardrails_details || detected?.topic_violation);
+        return {
+            scanId: response.scan_id ?? '',
+            reportId: response.report_id ?? '',
+            action: action,
+            triggered,
+            raw: response,
+        };
+    }
+    async scanBatch(profileName, prompts, concurrency = 5, sessionId) {
+        const limit = pLimit(concurrency);
+        return Promise.all(prompts.map((prompt) => limit(() => this.scan(profileName, prompt, sessionId))));
+    }
+}
+//# sourceMappingURL=scanner.js.map

package/dist/airs/scanner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../../src/airs/scanner.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,MAAM,MAAM,SAAS,CAAC;AAG7B,MAAM,OAAO,eAAe;IAClB,OAAO,CAA+B;IAE9C,YAAY,MAAc;QACxB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;QACjB,IAAI,CAAC,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;IAC/B,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,WAAmB,EAAE,MAAc,EAAE,SAAkB;QAChE,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;QACxC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,CAC1C,EAAE,YAAY,EAAE,WAAW,EAAE,EAC7B,OAAO,EACP,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC,SAAS,CACtC,CAAC;QAEF,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC;QAC/D,MAAM,QAAQ,GAAG,QAAQ,CAAC,eAAsD,CAAC;QACjF,MAAM,SAAS,GAAG,CAAC,CAAC,CAAC,QAAQ,EAAE,wBAAwB,IAAI,QAAQ,EAAE,eAAe,CAAC,CAAC;QAEtF,OAAO;YACL,MAAM,EAAE,QAAQ,CAAC,OAAO,IAAI,EAAE;YAC9B,QAAQ,EAAE,QAAQ,CAAC,SAAS,IAAI,EAAE;YAClC,MAAM,EAAE,MAA2B;YACnC,SAAS;YACT,GAAG,EAAE,QAAQ;SACd,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,SAAS,CACb,WAAmB,EACnB,OAAiB,EACjB,WAAW,GAAG,CAAC,EACf,SAAkB;QAElB,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC;QAClC,OAAO,OAAO,CAAC,GAAG,CAChB,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,CAChF,CAAC;IACJ,CAAC;CACF"}

package/dist/airs/types.d.ts

@@ -0,0 +1,26 @@
+/**
+ * AIRS integration types — scan results and service interfaces for the
+ * Prisma AIRS scanner and topic management APIs.
+ */
+import type { CreateCustomTopicRequest, CustomTopic as SdkCustomTopic } from '@cdot65/prisma-airs-sdk';
+export type { CreateCustomTopicRequest, SdkCustomTopic };
+export interface ScanResult {
+    scanId: string;
+    reportId: string;
+    action: 'allow' | 'block';
+    triggered: boolean;
+    category?: string;
+    raw?: unknown;
+}
+export interface ScanService {
+    scan(profileName: string, prompt: string, sessionId?: string): Promise<ScanResult>;
+    scanBatch(profileName: string, prompts: string[], concurrency?: number, sessionId?: string): Promise<ScanResult[]>;
+}
+export interface ManagementService {
+    createTopic(request: CreateCustomTopicRequest): Promise<SdkCustomTopic>;
+    updateTopic(topicId: string, request: CreateCustomTopicRequest): Promise<SdkCustomTopic>;
+    deleteTopic(topicId: string): Promise<void>;
+    listTopics(): Promise<SdkCustomTopic[]>;
+    assignTopicToProfile(profileName: string, topicId: string, topicName: string, action: 'allow' | 'block'): Promise<void>;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/airs/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/airs/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EACV,wBAAwB,EACxB,WAAW,IAAI,cAAc,EAC9B,MAAM,yBAAyB,CAAC;AAKjC,YAAY,EAAE,wBAAwB,EAAE,cAAc,EAAE,CAAC;AAKzD,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,OAAO,GAAG,OAAO,CAAC;IAC1B,SAAS,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,GAAG,CAAC,EAAE,OAAO,CAAC;CACf;AAKD,MAAM,WAAW,WAAW;IAC1B,IAAI,CAAC,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IACnF,SAAS,CACP,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,EAAE,EACjB,WAAW,CAAC,EAAE,MAAM,EACpB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;CAC1B;AAED,MAAM,WAAW,iBAAiB;IAChC,WAAW,CAAC,OAAO,EAAE,wBAAwB,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IACxE,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,wBAAwB,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IACzF,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5C,UAAU,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC;IACxC,oBAAoB,CAClB,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,OAAO,GAAG,OAAO,GACxB,OAAO,CAAC,IAAI,CAAC,CAAC;CAClB"}

package/dist/airs/types.js

@@ -0,0 +1,6 @@
+/**
+ * AIRS integration types — scan results and service interfaces for the
+ * Prisma AIRS scanner and topic management APIs.
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/airs/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/airs/types.ts"],"names":[],"mappings":"AAAA;;;GAGG"}

package/dist/cli/commands/generate.d.ts

@@ -0,0 +1,3 @@
+import type { Command } from 'commander';
+export declare function registerGenerateCommand(program: Command): void;
+//# sourceMappingURL=generate.d.ts.map

package/dist/cli/commands/generate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"generate.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/generate.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AA2BzC,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAuH9D"}

package/dist/cli/commands/generate.js

@@ -0,0 +1,127 @@
+import { SdkManagementService } from '../../airs/management.js';
+import { AirsScanService } from '../../airs/scanner.js';
+import { loadConfig } from '../../config/loader.js';
+import { runLoop } from '../../core/loop.js';
+import { createLlmProvider } from '../../llm/provider.js';
+import { LangChainLlmService } from '../../llm/service.js';
+import { LearningExtractor } from '../../memory/extractor.js';
+import { MemoryInjector } from '../../memory/injector.js';
+import { MemoryStore } from '../../memory/store.js';
+import { JsonFileStore } from '../../persistence/store.js';
+import { collectUserInput } from '../prompts.js';
+import { renderAnalysis, renderError, renderHeader, renderIterationStart, renderIterationSummary, renderLoopComplete, renderMemoryExtracted, renderMemoryLoaded, renderMetrics, renderTestProgress, renderTopic, } from '../renderer.js';
+export function registerGenerateCommand(program) {
+    program
+        .command('generate')
+        .description('Start a new guardrail generation loop')
+        .option('--provider <provider>', 'LLM provider')
+        .option('--model <model>', 'LLM model name')
+        .option('--profile <name>', 'AIRS security profile name')
+        .option('--topic <description>', 'Topic description')
+        .option('--intent <intent>', 'Intent: block or allow')
+        .option('--max-iterations <n>', 'Max iterations', '20')
+        .option('--target-coverage <n>', 'Target coverage %', '90')
+        .option('--memory', 'Enable learning memory (default)')
+        .option('--no-memory', 'Disable learning memory')
+        .action(async (opts) => {
+        try {
+            renderHeader();
+            const config = await loadConfig({
+                llmProvider: opts.provider,
+                llmModel: opts.model,
+                memoryEnabled: opts.memory !== undefined ? String(opts.memory) : undefined,
+            });
+            // Collect user input (interactive or from CLI flags)
+            let userInput;
+            if (opts.topic && opts.profile) {
+                userInput = {
+                    topicDescription: opts.topic,
+                    intent: (opts.intent ?? 'block'),
+                    profileName: opts.profile,
+                    maxIterations: Number.parseInt(opts.maxIterations, 10),
+                    targetCoverage: Number.parseInt(opts.targetCoverage, 10) / 100,
+                };
+            }
+            else {
+                userInput = await collectUserInput();
+            }
+            // Initialize services
+            const model = await createLlmProvider({
+                provider: config.llmProvider,
+                model: config.llmModel,
+                anthropicApiKey: config.anthropicApiKey,
+                googleApiKey: config.googleApiKey,
+                googleCloudProject: config.googleCloudProject,
+                googleCloudLocation: config.googleCloudLocation,
+                awsRegion: config.awsRegion,
+                awsAccessKeyId: config.awsAccessKeyId,
+                awsSecretAccessKey: config.awsSecretAccessKey,
+            });
+            // Set up memory system
+            const memoryEnabled = config.memoryEnabled;
+            const memoryStore = memoryEnabled ? new MemoryStore(config.memoryDir) : undefined;
+            const memoryInjector = memoryStore
+                ? new MemoryInjector(memoryStore, config.maxMemoryChars)
+                : undefined;
+            const llm = new LangChainLlmService(model, memoryInjector);
+            if (!config.airsApiKey)
+                throw new Error('PANW_AI_SEC_API_KEY is required');
+            const scanner = new AirsScanService(config.airsApiKey);
+            const management = new SdkManagementService({
+                clientId: config.mgmtClientId,
+                clientSecret: config.mgmtClientSecret,
+                tsgId: config.mgmtTsgId,
+                apiEndpoint: config.mgmtEndpoint,
+                tokenEndpoint: config.mgmtTokenEndpoint,
+            });
+            const store = new JsonFileStore(config.dataDir);
+            // Load memory before loop
+            if (memoryEnabled) {
+                const learningCount = await llm.loadMemory(userInput.topicDescription);
+                renderMemoryLoaded(learningCount);
+            }
+            const memoryExtractor = memoryStore ? new LearningExtractor(model, memoryStore) : undefined;
+            // Run the loop
+            for await (const event of runLoop(userInput, {
+                llm,
+                management,
+                scanner,
+                propagationDelayMs: config.propagationDelayMs,
+                memory: memoryExtractor ? { extractor: memoryExtractor } : undefined,
+            })) {
+                switch (event.type) {
+                    case 'iteration:start':
+                        renderIterationStart(event.iteration);
+                        break;
+                    case 'generate:complete':
+                        renderTopic(event.topic);
+                        break;
+                    case 'test:progress':
+                        renderTestProgress(event.completed, event.total);
+                        break;
+                    case 'evaluate:complete':
+                        renderMetrics(event.metrics);
+                        break;
+                    case 'analyze:complete':
+                        renderAnalysis(event.analysis);
+                        break;
+                    case 'iteration:complete':
+                        renderIterationSummary(event.result);
+                        break;
+                    case 'memory:extracted':
+                        renderMemoryExtracted(event.learningCount);
+                        break;
+                    case 'loop:complete':
+                        await store.save(event.runState);
+                        renderLoopComplete(event.runState);
+                        break;
+                }
+            }
+        }
+        catch (err) {
+            renderError(err instanceof Error ? err.message : String(err));
+            process.exit(1);
+        }
+    });
+}
+//# sourceMappingURL=generate.js.map

package/dist/cli/commands/generate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"generate.js","sourceRoot":"","sources":["../../../src/cli/commands/generate.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAE7C,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EACL,cAAc,EACd,WAAW,EACX,YAAY,EACZ,oBAAoB,EACpB,sBAAsB,EACtB,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,aAAa,EACb,kBAAkB,EAClB,WAAW,GACZ,MAAM,gBAAgB,CAAC;AAExB,MAAM,UAAU,uBAAuB,CAAC,OAAgB;IACtD,OAAO;SACJ,OAAO,CAAC,UAAU,CAAC;SACnB,WAAW,CAAC,uCAAuC,CAAC;SACpD,MAAM,CAAC,uBAAuB,EAAE,cAAc,CAAC;SAC/C,MAAM,CAAC,iBAAiB,EAAE,gBAAgB,CAAC;SAC3C,MAAM,CAAC,kBAAkB,EAAE,4BAA4B,CAAC;SACxD,MAAM,CAAC,uBAAuB,EAAE,mBAAmB,CAAC;SACpD,MAAM,CAAC,mBAAmB,EAAE,wBAAwB,CAAC;SACrD,MAAM,CAAC,sBAAsB,EAAE,gBAAgB,EAAE,IAAI,CAAC;SACtD,MAAM,CAAC,uBAAuB,EAAE,mBAAmB,EAAE,IAAI,CAAC;SAC1D,MAAM,CAAC,UAAU,EAAE,kCAAkC,CAAC;SACtD,MAAM,CAAC,aAAa,EAAE,yBAAyB,CAAC;SAChD,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;QACrB,IAAI,CAAC;YACH,YAAY,EAAE,CAAC;YAEf,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC;gBAC9B,WAAW,EAAE,IAAI,CAAC,QAAQ;gBAC1B,QAAQ,EAAE,IAAI,CAAC,KAAK;gBACpB,aAAa,EAAE,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;aAC3E,CAAC,CAAC;YAEH,qDAAqD;YACrD,IAAI,SAAoB,CAAC;YACzB,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gBAC/B,SAAS,GAAG;oBACV,gBAAgB,EAAE,IAAI,CAAC,KAAK;oBAC5B,MAAM,EAAE,CAAC,IAAI,CAAC,MAAM,IAAI,OAAO,CAAsB;oBACrD,WAAW,EAAE,IAAI,CAAC,OAAO;oBACzB,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC;oBACtD,cAAc,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC,GAAG,GAAG;iBAC/D,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,SAAS,GAAG,MAAM,gBAAgB,EAAE,CAAC;YACvC,CAAC;YAED,sBAAsB;YACtB,MAAM,KAAK,GAAG,MAAM,iBAAiB,CAAC;gBACpC,QAAQ,EAAE,MAAM,CAAC,WAAW;gBAC5B,KAAK,EAAE,MAAM,CAAC,QAAQ;gBACtB,eAAe,EAAE,MAAM,CAAC,eAAe;gBACvC,YAAY,EAAE,MAAM,CAAC,YAAY;gBACjC,kBAAkB,EAAE,MAAM,CAAC,kBAAkB;gBAC7C,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;gBAC/C,SAAS,EAAE,MAAM,CAAC,SAAS;gBAC3B,cAAc,EAAE,MAAM,CAAC,cAAc;gBACrC,kBAAkB,EAAE,MAAM,CAAC,kBAAkB;aAC9C,CAAC,CAAC;YAEH,uBAAuB;YACvB,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,CAAC;YAC3C,MAAM,WAAW,GAAG,aAAa,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,MAAM,cAAc,GAAG,WAAW;gBAChC,CAAC,CAAC,IAAI,cAAc,CAAC,WAAW,EAAE,MAAM,CAAC,cAAc,CAAC;gBACxD,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,GAAG,GAAG,IAAI,mBAAmB,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC;YAC3D,IAAI,CAAC,MAAM,CAAC,UAAU;gBAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;YAC3E,MAAM,OAAO,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;YACvD,MAAM,UAAU,GAAG,IAAI,oBAAoB,CAAC;gBAC1C,QAAQ,EAAE,MAAM,CAAC,YAAY;gBAC7B,YAAY,EAAE,MAAM,CAAC,gBAAgB;gBACrC,KAAK,EAAE,MAAM,CAAC,SAAS;gBACvB,WAAW,EAAE,MAAM,CAAC,YAAY;gBAChC,aAAa,EAAE,MAAM,CAAC,iBAAiB;aACxC,CAAC,CAAC;YAEH,MAAM,KAAK,GAAG,IAAI,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAEhD,0BAA0B;YAC1B,IAAI,aAAa,EAAE,CAAC;gBAClB,MAAM,aAAa,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;gBACvE,kBAAkB,CAAC,aAAa,CAAC,CAAC;YACpC,CAAC;YAED,MAAM,eAAe,GAAG,WAAW,CAAC,CAAC,CAAC,IAAI,iBAAiB,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAE5F,eAAe;YACf,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,OAAO,CAAC,SAAS,EAAE;gBAC3C,GAAG;gBACH,UAAU;gBACV,OAAO;gBACP,kBAAkB,EAAE,MAAM,CAAC,kBAAkB;gBAC7C,MAAM,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,eAAe,EAAE,CAAC,CAAC,CAAC,SAAS;aACrE,CAAC,EAAE,CAAC;gBACH,QAAQ,KAAK,CAAC,IAAI,EAAE,CAAC;oBACnB,KAAK,iBAAiB;wBACpB,oBAAoB,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;wBACtC,MAAM;oBACR,KAAK,mBAAmB;wBACtB,WAAW,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;wBACzB,MAAM;oBACR,KAAK,eAAe;wBAClB,kBAAkB,CAAC,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;wBACjD,MAAM;oBACR,KAAK,mBAAmB;wBACtB,aAAa,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;wBAC7B,MAAM;oBACR,KAAK,kBAAkB;wBACrB,cAAc,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBAC/B,MAAM;oBACR,KAAK,oBAAoB;wBACvB,sBAAsB,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;wBACrC,MAAM;oBACR,KAAK,kBAAkB;wBACrB,qBAAqB,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;wBAC3C,MAAM;oBACR,KAAK,eAAe;wBAClB,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACjC,kBAAkB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,MAAM;gBACV,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,WAAW,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;YAC9D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/cli/commands/list.d.ts

@@ -0,0 +1,3 @@
+import type { Command } from 'commander';
+export declare function registerListCommand(program: Command): void;
+//# sourceMappingURL=list.d.ts.map

package/dist/cli/commands/list.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"list.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/list.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAKzC,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAgB1D"}

package/dist/cli/commands/list.js

@@ -0,0 +1,22 @@
+import { loadConfig } from '../../config/loader.js';
+import { JsonFileStore } from '../../persistence/store.js';
+import { renderError, renderHeader, renderRunList } from '../renderer.js';
+export function registerListCommand(program) {
+    program
+        .command('list')
+        .description('List all saved runs')
+        .action(async () => {
+        try {
+            renderHeader();
+            const config = await loadConfig();
+            const store = new JsonFileStore(config.dataDir);
+            const runs = await store.list();
+            renderRunList(runs);
+        }
+        catch (err) {
+            renderError(err instanceof Error ? err.message : String(err));
+            process.exit(1);
+        }
+    });
+}
+//# sourceMappingURL=list.js.map

package/dist/cli/commands/list.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"list.js","sourceRoot":"","sources":["../../../src/cli/commands/list.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAE1E,MAAM,UAAU,mBAAmB,CAAC,OAAgB;IAClD,OAAO;SACJ,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,qBAAqB,CAAC;SAClC,MAAM,CAAC,KAAK,IAAI,EAAE;QACjB,IAAI,CAAC;YACH,YAAY,EAAE,CAAC;YACf,MAAM,MAAM,GAAG,MAAM,UAAU,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,IAAI,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAChD,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,IAAI,EAAE,CAAC;YAChC,aAAa,CAAC,IAAI,CAAC,CAAC;QACtB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,WAAW,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;YAC9D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/cli/commands/report.d.ts

@@ -0,0 +1,3 @@
+import type { Command } from 'commander';
+export declare function registerReportCommand(program: Command): void;
+//# sourceMappingURL=report.d.ts.map

package/dist/cli/commands/report.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"report.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/report.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAWzC,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAsD5D"}

package/dist/cli/commands/report.js

@@ -0,0 +1,57 @@
+import chalk from 'chalk';
+import { loadConfig } from '../../config/loader.js';
+import { JsonFileStore } from '../../persistence/store.js';
+import { renderAnalysis, renderError, renderHeader, renderMetrics, renderTopic, } from '../renderer.js';
+export function registerReportCommand(program) {
+    program
+        .command('report <runId>')
+        .description('View detailed report for a run')
+        .option('--iteration <n>', 'Show specific iteration')
+        .action(async (runId, opts) => {
+        try {
+            renderHeader();
+            const config = await loadConfig();
+            const store = new JsonFileStore(config.dataDir);
+            const run = await store.load(runId);
+            if (!run) {
+                renderError(`Run ${runId} not found`);
+                process.exit(1);
+            }
+            console.log(chalk.bold(`\n  Run: ${run.id}`));
+            console.log(`  Status: ${run.status}`);
+            console.log(`  Created: ${run.createdAt}`);
+            console.log(`  Topic: ${run.userInput.topicDescription}`);
+            console.log(`  Intent: ${run.userInput.intent}`);
+            console.log(`  Best coverage: ${(run.bestCoverage * 100).toFixed(1)}% (iteration ${run.bestIteration})`);
+            console.log(`  Total iterations: ${run.iterations.length}`);
+            if (opts.iteration) {
+                const idx = Number.parseInt(opts.iteration, 10) - 1;
+                const iter = run.iterations[idx];
+                if (!iter) {
+                    renderError(`Iteration ${opts.iteration} not found`);
+                    process.exit(1);
+                }
+                console.log(chalk.bold(`\n  Iteration ${iter.iteration}:`));
+                renderTopic(iter.topic);
+                renderMetrics(iter.metrics);
+                renderAnalysis(iter.analysis);
+            }
+            else {
+                // Show best iteration
+                const best = run.iterations[run.bestIteration - 1];
+                if (best) {
+                    console.log(chalk.bold(`\n  Best Iteration (${best.iteration}):`));
+                    renderTopic(best.topic);
+                    renderMetrics(best.metrics);
+                    renderAnalysis(best.analysis);
+                }
+            }
+            console.log();
+        }
+        catch (err) {
+            renderError(err instanceof Error ? err.message : String(err));
+            process.exit(1);
+        }
+    });
+}
+//# sourceMappingURL=report.js.map

package/dist/cli/commands/report.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"report.js","sourceRoot":"","sources":["../../../src/cli/commands/report.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EACL,cAAc,EACd,WAAW,EACX,YAAY,EACZ,aAAa,EACb,WAAW,GACZ,MAAM,gBAAgB,CAAC;AAExB,MAAM,UAAU,qBAAqB,CAAC,OAAgB;IACpD,OAAO;SACJ,OAAO,CAAC,gBAAgB,CAAC;SACzB,WAAW,CAAC,gCAAgC,CAAC;SAC7C,MAAM,CAAC,iBAAiB,EAAE,yBAAyB,CAAC;SACpD,MAAM,CAAC,KAAK,EAAE,KAAa,EAAE,IAAI,EAAE,EAAE;QACpC,IAAI,CAAC;YACH,YAAY,EAAE,CAAC;YACf,MAAM,MAAM,GAAG,MAAM,UAAU,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,IAAI,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAChD,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAEpC,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,WAAW,CAAC,OAAO,KAAK,YAAY,CAAC,CAAC;gBACtC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,YAAY,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;YAC9C,OAAO,CAAC,GAAG,CAAC,aAAa,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;YACvC,OAAO,CAAC,GAAG,CAAC,cAAc,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC;YAC3C,OAAO,CAAC,GAAG,CAAC,YAAY,GAAG,CAAC,SAAS,CAAC,gBAAgB,EAAE,CAAC,CAAC;YAC1D,OAAO,CAAC,GAAG,CAAC,aAAa,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;YACjD,OAAO,CAAC,GAAG,CACT,oBAAoB,CAAC,GAAG,CAAC,YAAY,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,gBAAgB,GAAG,CAAC,aAAa,GAAG,CAC5F,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,uBAAuB,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;YAE5D,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;gBACnB,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;gBACpD,MAAM,IAAI,GAAG,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBACjC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACV,WAAW,CAAC,aAAa,IAAI,CAAC,SAAS,YAAY,CAAC,CAAC;oBACrD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAClB,CAAC;gBACD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;gBAC5D,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACxB,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC5B,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAChC,CAAC;iBAAM,CAAC;gBACN,sBAAsB;gBACtB,MAAM,IAAI,GAAG,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,aAAa,GAAG,CAAC,CAAC,CAAC;gBACnD,IAAI,IAAI,EAAE,CAAC;oBACT,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,uBAAuB,IAAI,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC;oBACnE,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;oBACxB,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBAC5B,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBAChC,CAAC;YACH,CAAC;YACD,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,WAAW,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;YAC9D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/cli/commands/resume.d.ts

@@ -0,0 +1,3 @@
+import type { Command } from 'commander';
+export declare function registerResumeCommand(program: Command): void;
+//# sourceMappingURL=resume.d.ts.map

package/dist/cli/commands/resume.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"resume.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/resume.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAoBzC,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CA2F5D"}