getprismo 0.1.26 → 0.1.28

package/lib/prismo-dev/firewall.js

@@ -99,6 +99,58 @@ function buildBlockedContext(ctx) {
   return uniq(blocked).slice(0, 80);
 }
 
+function isGeneratedLike(value) {
+  const text = String(value || "").replace(/\\/g, "/").toLowerCase();
+  return /(^|\/)(node_modules|dist|build|coverage|\.next|__pycache__|logs?|events?|source-streams?|session-dumps?|playwright-report|test-results)(\/|$)/.test(text)
+    || /(^|\/)(package-lock\.json|yarn\.lock|pnpm-lock\.yaml|bun\.lockb)$/.test(text)
+    || /\.(log|jsonl|ndjson|map|pyc)$/.test(text);
+}
+
+function firewallPatternForPath(value) {
+  const text = String(value || "").replace(/\\/g, "/").replace(/\s+\(\d+x\)$/, "");
+  if (!text) return null;
+  if (/(^|\/)__pycache__(\/|$)/.test(text)) return "**/__pycache__/**";
+  if (/(^|\/)(node_modules|dist|build|coverage|\.next|logs?|events?|source-streams?|session-dumps?|playwright-report|test-results)\//.test(text)) {
+    const match = text.match(/(^|\/)(node_modules|dist|build|coverage|\.next|logs?|events?|source-streams?|session-dumps?|playwright-report|test-results)\//);
+    const prefix = text.slice(0, match.index + match[0].length).replace(/\/$/, "");
+    return `${prefix}/**`;
+  }
+  return text;
+}
+
+function timelineEventPath(event) {
+  const detail = String(event?.detail || "");
+  const match = detail.match(/^(.+?)\s+\(\d+x\)$/);
+  return (match ? match[1] : detail).trim();
+}
+
+function buildTimelineFirewallSuggestions(ctx, session, taskScope) {
+  const baseAllowed = buildAllowedContext(ctx, taskScope);
+  const baseBlocked = buildBlockedContext(ctx);
+  const timeline = session?.timeline || [];
+  const repeated = session?.repeatedPathMentions || [];
+  const artifacts = session?.generatedArtifacts || [];
+
+  const sessionAllowed = repeated
+    .map((item) => item.value)
+    .filter((value) => value && !isGeneratedLike(value))
+    .map(globForFile)
+    .slice(0, 20);
+
+  const sessionBlocked = [
+    ...artifacts.map((item) => item.value),
+    ...timeline.filter((event) => event.type === "artifact-leak").map(timelineEventPath),
+    ...repeated.map((item) => item.value).filter(isGeneratedLike),
+  ].map(firewallPatternForPath).filter(Boolean);
+
+  return {
+    allowed: uniq([...sessionAllowed, ...baseAllowed]).slice(0, 80),
+    blocked: uniq([...sessionBlocked, ...baseBlocked]).slice(0, 100),
+    sessionAllowed: uniq(sessionAllowed),
+    sessionBlocked: uniq(sessionBlocked),
+  };
+}
+
 function renderLines(title, items) {
   return [`# ${title}`, "", ...items.map((item) => item)].join("\n") + "\n";
 }
@@ -187,6 +239,71 @@ function runFirewall(rootDir = process.cwd(), options = {}) {
   return result;
 }
 
+function renderTimelineFirewallSuggestions(result) {
+  const lines = [];
+  lines.push("# Prismo Timeline Firewall Suggestions");
+  lines.push("");
+  lines.push(`Generated: ${result.generatedAt}`);
+  lines.push(`Task: ${result.task}`);
+  lines.push(`Scope: ${result.scope}`);
+  if (result.sessionId) lines.push(`Session: ${result.sessionId}`);
+  lines.push("");
+  lines.push("These suggestions came from `cc timeline` session evidence. They are safe recommendation files; Prismo does not overwrite your active firewall unless you copy/apply them.");
+  lines.push("");
+  lines.push("## Session-Derived Allowed Context");
+  lines.push("");
+  if (result.sessionAllowed.length) result.sessionAllowed.forEach((item) => lines.push(`- ${item}`));
+  else lines.push("- No repeated source files were strong enough to promote.");
+  lines.push("");
+  lines.push("## Session-Derived Blocked Context");
+  lines.push("");
+  if (result.sessionBlocked.length) result.sessionBlocked.forEach((item) => lines.push(`- ${item}`));
+  else lines.push("- No generated/noisy paths were strong enough to add.");
+  lines.push("");
+  lines.push("## Next Session Prompt");
+  lines.push("");
+  lines.push("```text");
+  lines.push(`Use .prismo/context-firewall.suggested.md as the starting context policy for this ${result.task} task.`);
+  lines.push("Start from allowed context first. Do not read blocked paths unless you explain why they are required.");
+  lines.push("If you need wider context, name the exact file and reason before reading.");
+  lines.push("```");
+  lines.push("");
+  return lines.join("\n");
+}
+
+function runTimelineFirewallSuggestions(rootDir = process.cwd(), session = null, options = {}) {
+  const ctx = createOptimizeContext(rootDir, options.scope || null);
+  const task = options.task || options.scope || "timeline-followup";
+  const scope = inferTaskScope(task, ctx);
+  const suggestions = buildTimelineFirewallSuggestions(ctx, session, scope);
+  const result = {
+    root: ctx.root,
+    task,
+    scope,
+    sessionId: session?.sessionId || null,
+    allowed: suggestions.allowed,
+    blocked: suggestions.blocked,
+    sessionAllowed: suggestions.sessionAllowed,
+    sessionBlocked: suggestions.sessionBlocked,
+    generatedAt: new Date().toISOString(),
+    generatedFiles: [
+      ".prismo/timeline-firewall-suggestions.md",
+      ".prismo/context-firewall.suggested.md",
+      ".prismo/allowed-context.suggested.txt",
+      ".prismo/blocked-context.suggested.txt",
+    ],
+  };
+
+  if (!options.dryRun) {
+    writeGeneratedFile(ctx.root, ".prismo/timeline-firewall-suggestions.md", renderTimelineFirewallSuggestions(result));
+    writeGeneratedFile(ctx.root, ".prismo/context-firewall.suggested.md", renderFirewallPolicy(result));
+    writeGeneratedFile(ctx.root, ".prismo/allowed-context.suggested.txt", renderLines("Allowed Context Suggestions", result.allowed));
+    writeGeneratedFile(ctx.root, ".prismo/blocked-context.suggested.txt", renderLines("Blocked Context Suggestions", result.blocked));
+  }
+  result.dryRun = Boolean(options.dryRun);
+  return result;
+}
+
 function renderFirewallTerminal(result) {
   const lines = [];
   lines.push("");
@@ -218,6 +335,8 @@ function renderFirewallTerminal(result) {
     renderFirewallPolicy,
     renderFirewallPrompt,
     renderFirewallTerminal,
+    renderTimelineFirewallSuggestions,
     runFirewall,
+    runTimelineFirewallSuggestions,
   };
 };

package/lib/prismo-dev/mcp.js

@@ -31,6 +31,7 @@ function createMcpTools(deps) {
     toDoctorJsonPayload,
     getUsageSummary,
     getClaudeCodeCostSummary,
+    getCursorSessionSummary,
     runOptimize,
     createOptimizeContext,
     renderStarterPrompt,
@@ -106,6 +107,11 @@ function createMcpTools(deps) {
       path: pathProperty,
       limit: limitProperty,
     }),
+    makeTool("prismo_cursor_sessions", "Return Cursor session data including AI authorship, conversations, and AI-generated file tracking.", {
+      path: pathProperty,
+      limit: limitProperty,
+      command: { type: "string", enum: ["latest", "list", "authorship", "timeline", "files"], description: "Subcommand: latest (summary), list (sessions), authorship (AI%), timeline (events), files (AI-generated)." },
+    }),
   ];
 
   function resolveRoot(args) {
@@ -195,6 +201,15 @@ function createMcpTools(deps) {
       }));
     }
 
+    if (name === "prismo_cursor_sessions") {
+      if (!getCursorSessionSummary) throw new Error("Cursor session support not available");
+      return createTextResult(getCursorSessionSummary({
+        cwd: target,
+        limit: Number(args.limit) || 20,
+        mode: args.command || "latest",
+      }));
+    }
+
     throw new Error(`Unknown MCP tool: ${name}`);
   }
 
@@ -293,6 +308,7 @@ async function runMcpDoctor(deps) {
     "prismo_context_pack",
     "prismo_firewall",
     "prismo_cc_timeline",
+    "prismo_cursor_sessions",
   ];
   const toolNames = tools.map((tool) => tool.name);
   const missingTools = requiredTools.filter((name) => !toolNames.includes(name));

package/lib/prismo-dev/scan-detect.js

@@ -1,6 +1,14 @@
 module.exports = function createScanDetect(deps) {
   const { fs, http, https, os, path, readIfText, estimateTokens, getClaudeSessionFiles, getCodexSessionFiles, normalizeRel } = deps;
 
+  let cursorSessionsModule = null;
+  function getCursorModule() {
+    if (!cursorSessionsModule) {
+      cursorSessionsModule = require("./cursor-sessions")({ fs, os, path, estimateTokens });
+    }
+    return cursorSessionsModule;
+  }
+
   function countJsonObjectKeys(value, keyName) {
     if (!value || typeof value !== "object") return 0;
     let count = 0;
@@ -111,10 +119,11 @@ module.exports = function createScanDetect(deps) {
   function detectAgentReadiness(root, claudeConfig, codexConfig, realUsage) {
     const claudeHome = process.env.PRISMO_CLAUDE_HOME || path.join(os.homedir(), ".claude");
     const codexHome = process.env.PRISMO_CODEX_HOME || path.join(os.homedir(), ".codex");
+    const cursorHome = process.env.PRISMO_CURSOR_HOME || path.join(os.homedir(), ".cursor");
     const cursorPaths = [
       path.join(root, ".cursor"),
       path.join(root, ".cursorrules"),
-      path.join(os.homedir(), ".cursor"),
+      cursorHome,
       path.join(os.homedir(), ".config", "Cursor"),
     ];
     const usageSources = new Set(realUsage && realUsage.sources ? realUsage.sources : []);
@@ -140,13 +149,26 @@ module.exports = function createScanDetect(deps) {
         exactProxyTracking: "available-when-using-api-key-base-url-mode",
         recommendedMode: "prismo-proxy-for-api-mode-or-local-log-watch",
       },
-      cursor: {
-        detected: pathExistsAny(cursorPaths),
-        configFiles: cursorPaths.filter((candidate) => fs.existsSync(candidate)),
-        localLogsFound: false,
-        exactProxyTracking: "available-only-if-configured-for-openai-compatible-base-url",
-        recommendedMode: "repo-scan-and-prismo-proxy-when-supported",
-      },
+      cursor: (() => {
+        const detected = pathExistsAny(cursorPaths);
+        const cursorMod = getCursorModule();
+        const dbAvailable = cursorMod.isSqlite3Available() && fs.existsSync(path.join(cursorHome, "ai-tracking", "ai-code-tracking.db"));
+        const dbStats = dbAvailable ? cursorMod.getAiTrackingDbStats() : null;
+        const workspace = detected ? cursorMod.getCursorWorkspaceForProject(root) : null;
+        const composers = dbAvailable ? cursorMod.getCursorComposerHeaders() : [];
+        return {
+          detected,
+          configFiles: cursorPaths.filter((candidate) => fs.existsSync(candidate)),
+          localLogsFound: dbAvailable && (dbStats ? (dbStats.ai_code_hashes + dbStats.scored_commits + dbStats.conversation_summaries) > 0 : false),
+          dbAvailable,
+          dbStats,
+          workspace,
+          totalSessions: composers.length,
+          activeSessions: composers.filter((c) => !c.isArchived).length,
+          exactProxyTracking: "available-only-if-configured-for-openai-compatible-base-url",
+          recommendedMode: dbAvailable ? "cursor-tracking-db-and-repo-scan" : "repo-scan-and-prismo-proxy-when-supported",
+        };
+      })(),
       localUsageLogsAvailable: Boolean((realUsage && realUsage.sessions.length) || claudeSessionFiles.length || codexSessionFiles.length),
       exactProxyTrackingAvailable: true,
       notes: [

package/lib/prismo-dev/scan.js

@@ -229,7 +229,11 @@ function renderSetupTerminal(result) {
   lines.push("Detected:");
   lines.push(`- Claude Code: ${result.detected.claudeCode.detected ? "detected" : "not detected"}; logs: ${result.detected.claudeCode.localLogsFound ? "found" : "not found"}; MCP: ${result.detected.claudeCode.mcpServers}; hooks: ${result.detected.claudeCode.hooks}`);
   lines.push(`- Codex: ${result.detected.codex.detected ? "detected" : "not detected"}; logs: ${result.detected.codex.localLogsFound ? "found" : "not found"}; MCP: ${result.detected.codex.mcpServers}`);
-  lines.push(`- Cursor: ${result.detected.cursor.detected ? "detected" : "not detected"}`);
+  const cursorInfo = result.detected.cursor;
+  lines.push(`- Cursor: ${cursorInfo.detected ? "detected" : "not detected"}${cursorInfo.dbAvailable ? `; tracking DB: found (${cursorInfo.totalSessions} sessions, ${cursorInfo.activeSessions} active)` : ""}${cursorInfo.workspace ? `; workspace: matched` : ""}`);
+  if (cursorInfo.dbStats) {
+    lines.push(`  Tracking: ${cursorInfo.dbStats.scored_commits} scored commits, ${cursorInfo.dbStats.ai_code_hashes} code hashes, ${cursorInfo.dbStats.conversation_summaries} conversation summaries`);
+  }
   const detectedTools = result.detected.optimizationStack.detectedTools;
   lines.push(`- Optimization tools: ${detectedTools.length ? detectedTools.join(", ") : "none detected"}`);
   lines.push("");
@@ -562,6 +566,31 @@ function scanRepo(rootDir = process.cwd(), options = {}) {
   }
   const optimizationStack = detectOptimizationStack(root, claudeConfig, codexConfig);
   const agentReadiness = detectAgentReadiness(root, claudeConfig, codexConfig, realUsage);
+
+  if (agentReadiness.cursor.dbAvailable) {
+    try {
+      const cursorMod = require("./cursor-sessions")({ fs, os, path, estimateTokens });
+      const tracked = cursorMod.getCursorTrackedFileContent(20);
+      const cursorAiFiles = tracked.filter((f) => {
+        const fullPath = path.join(root, f.gitPath);
+        return fs.existsSync(fullPath);
+      });
+      if (cursorAiFiles.length >= 3) {
+        addIssue(
+          issues,
+          "medium",
+          "ai_generated_files",
+          `${cursorAiFiles.length} AI-generated files still in repo (tracked by Cursor)`,
+          cursorAiFiles.slice(0, 5).map((f) => `${f.gitPath} (${f.model || "unknown model"})`).join(", "),
+          "Review AI-generated files for quality and whether they should remain in the project.",
+          `AI-generated content may inflate context if agents re-read it. Run: npx getprismo cursor files`
+        );
+      }
+    } catch {
+      // Cursor data unavailable
+    }
+  }
+
   const toolOutputRisk = detectToolOutputRisk({ exposedLargeFiles, exposedHighRiskDirs, highRiskDirs });
   const operationalNoise = detectOperationalNoise(files);
   const proxyTrackingReadiness = buildProxyTrackingReadiness({ codexConfig, claudeConfig, realUsage });

package/lib/prismo-dev/usage-sessions.js

@@ -9,6 +9,10 @@ module.exports = function createUsageSessions(deps) {
     readIfText,
   } = deps;
 
+  const {
+    analyzeCursorSessions,
+  } = require("./cursor-sessions")({ fs, os, path, estimateTokens });
+
   const {
     addUsage,
     collectText,
@@ -261,6 +265,69 @@ function getUsageSummary(options = {}) {
       sessions.push(analyzeSessionFile(file, "claude-code"));
     }
   }
+  if (tool === "all" || tool === "cursor") {
+    try {
+      const cursorData = analyzeCursorSessions({ limit, cwd });
+      if (cursorData.sessions.length) {
+        for (const cursorSession of cursorData.sessions.slice(0, limit)) {
+          sessions.push({
+            tool: "cursor",
+            filePath: null,
+            sessionId: cursorSession.sessionId,
+            title: cursorSession.title,
+            cwd: cwd,
+            model: cursorSession.model,
+            startedAt: cursorSession.createdAt,
+            updatedAt: cursorSession.updatedAt || cursorSession.createdAt,
+            turns: 0,
+            userMessages: 0,
+            assistantMessages: 0,
+            toolCalls: 0,
+            toolResults: 0,
+            estimatedInputTokens: 0,
+            estimatedOutputTokens: 0,
+            estimatedToolTokens: 0,
+            inputTokens: 0,
+            outputTokens: 0,
+            cacheReadTokens: 0,
+            cacheCreationTokens: 0,
+            exactInputTokens: 0,
+            exactOutputTokens: 0,
+            exactCacheReadTokens: 0,
+            exactCacheCreationTokens: 0,
+            exactTotalTokens: 0,
+            exactAvailable: false,
+            confidence: "cursor-metadata",
+            largestTextBlobs: [],
+            toolNames: {},
+            pathMentions: {},
+            generatedArtifactMentions: {},
+            commandMentions: {},
+            failureMentions: 0,
+            eventTokenDeltas: [],
+            exactTokenTimeline: [],
+            estimatedTotalTokens: 0,
+            exactActiveTokens: 0,
+            contextTokens: 0,
+            displayTokens: 0,
+            contextRisk: "Low",
+            recentContextGrowth: 0,
+            repeatedPathMentions: [],
+            generatedArtifacts: [],
+            repeatedCommands: [],
+            loopSuspicion: false,
+            loopConfidence: "low",
+            cost: null,
+            cursorMode: cursorSession.mode,
+            cursorLinesAdded: cursorSession.linesAdded,
+            cursorLinesRemoved: cursorSession.linesRemoved,
+          });
+        }
+      }
+    } catch {
+      // Cursor data unavailable
+    }
+  }
   sessions.sort((a, b) => new Date(b.updatedAt || 0) - new Date(a.updatedAt || 0));
   const selected = sessions.slice(0, limit);
   const totals = selected.reduce(
@@ -290,6 +357,7 @@ function getUsageSummary(options = {}) {
 
   return {
     analyzeSessionFile,
+    analyzeCursorSessions,
     getAllClaudeSessionFiles,
     getClaudeSessionFiles,
     getCodexSessionFiles,

package/lib/prismo-dev/usage-watch.js

@@ -63,6 +63,7 @@ const {
 
 const {
   analyzeSessionFile,
+  analyzeCursorSessions,
   getAllClaudeSessionFiles,
   getClaudeSessionFiles,
   getCodexSessionFiles,
@@ -77,6 +78,12 @@ const {
   readIfText,
 });
 
+const {
+  buildCursorDiagnosis,
+  buildCursorSessionTimeline,
+  renderCursorTerminal,
+} = require("./cursor-sessions")({ fs, os, path, estimateTokens });
+
 function getUsageSummary(options = {}) {
   const summary = getBaseUsageSummary(options);
   if ((summary.sessions || []).length > 1) {
@@ -176,6 +183,17 @@ function getClaudeCodeCostSummary(options = {}) {
   };
 }
 
+function getCursorSessionSummary(options = {}) {
+  const cwd = options.cwd || process.cwd();
+  const limit = options.limit || 20;
+  const mode = options.mode || "latest";
+  const cursorData = analyzeCursorSessions({ limit, cwd });
+  cursorData.command = mode;
+  cursorData.timeline = buildCursorSessionTimeline(cursorData);
+  cursorData.diagnosis = buildCursorDiagnosis(cursorData);
+  return cursorData;
+}
+
 function parsePositiveInt(value, fallback) {
   const parsed = Number.parseInt(value, 10);
   return Number.isFinite(parsed) && parsed > 0 ? parsed : fallback;
@@ -550,6 +568,9 @@ async function watchUsage(options = {}) {
 
   return {
     analyzeSessionFile,
+    analyzeCursorSessions,
+    buildCursorDiagnosis,
+    buildCursorSessionTimeline,
     calculateClaudeCost,
     compactUsageSummary,
     formatMoney,
@@ -557,11 +578,13 @@ async function watchUsage(options = {}) {
     getClaudeCodeCostSummary,
     getClaudeSessionFiles,
     getCodexSessionFiles,
+    getCursorSessionSummary,
     getUsageSummary,
     getPositionals,
     parsePositiveInt,
     parseScopeAndTarget,
     renderClaudeCostTerminal,
+    renderCursorTerminal,
     renderUsageTerminal,
     renderContextThrottle,
     buildWatchEvent,