getprismo 0.1.52 → 0.1.53
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/docs/announcement.md +39 -26
- package/lib/prismo-dev/firewall.js +8 -1
- package/package.json +1 -1
package/docs/announcement.md
CHANGED
|
@@ -1,56 +1,69 @@
|
|
|
1
|
-
#
|
|
1
|
+
# Launch drafts
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
Built on real numbers from a week of dogfooding (getprismo 0.1.52). Verified figures are measured against actual later sessions, never estimated — keep that distinction in every claim, it's the whole point.
|
|
4
|
+
|
|
5
|
+
Snapshot used below (one developer, ~1 week, single machine):
|
|
6
|
+
- **Verified saved: $22.81 (6,338,568 tokens)** — repairs whose savings were confirmed by a lower waste rate in later sessions.
|
|
7
|
+
- Observed: 141 sessions, 11.69M tokens, ~5.3M flagged avoidable.
|
|
8
|
+
- Per-developer annualized ≈ **$1,100/yr**; a 10-dev team ≈ **$11k/yr** — verified, not projected from a model.
|
|
4
9
|
|
|
5
10
|
---
|
|
6
11
|
|
|
7
12
|
## Show HN
|
|
8
13
|
|
|
9
|
-
**Title:** Show HN: Prismo
|
|
14
|
+
**Title:** Show HN: Prismo – an AI-coding cost agent that verifies its own savings ($22/wk/dev)
|
|
10
15
|
|
|
11
16
|
**Body:**
|
|
12
17
|
|
|
13
|
-
AI coding agents (Claude Code, Codex, Cursor) waste a
|
|
18
|
+
AI coding agents (Claude Code, Codex, Cursor) quietly waste a big share of their tokens: re-reading the same file hundreds of times, dumping full test output into context, loading lockfiles and build artifacts, retrying a failing command over and over. Most tools here show you a dashboard of the damage and stop. I wanted one that *fixes* it and then *proves* the fix worked.
|
|
14
19
|
|
|
15
|
-
Prismo
|
|
20
|
+
Prismo runs locally — `npx getprismo doctor`, no login, nothing leaves your machine — reads your agents' own session logs, and attributes waste to one of five causes. Connect it and it closes the loop:
|
|
16
21
|
|
|
17
|
-
-
|
|
18
|
-
-
|
|
19
|
-
-
|
|
20
|
-
-
|
|
21
|
-
-
|
|
22
|
-
- and the planner learns from the fleet: anonymized repair verdicts (counts only) aggregate into priors, so your first repair starts at the tier that's known to work
|
|
22
|
+
- A local planner repairs the top cause automatically. Each cause gets a dedicated fix (ignore rules + context packs, shielded commands, a context firewall, scoped session restarts) — not one generic "optimize."
|
|
23
|
+
- After each repair it measures that cause's waste rate in your *later* sessions and stores a verdict: improved / no-change / regressed (14-day baseline, before/after rates, 1% epsilon — the math is in the repo).
|
|
24
|
+
- A repair that doesn't help escalates to a stronger tier; one that fails both tiers is held for human review instead of being retried forever.
|
|
25
|
+
- For Claude Code it goes past advice: a PreToolUse hook actually *denies* reads into blocked context and the 4th retry of an identical failing command (fail-open, removed with one command).
|
|
26
|
+
- Savings are reported in dollars, **verified against real usage, not estimated**, with a weekly digest you can paste into Slack.
|
|
23
27
|
|
|
24
|
-
|
|
28
|
+
I dogfooded it on my own machine for a week. It verified **$22.81 / 6.3M tokens saved** (≈ $1,100/yr/dev annualized) — and, more honestly, the week of dogfooding caught **six real bugs in Prismo itself**, including one where it silently dropped *all* Claude Code telemetry for any repo whose path contains a space (e.g. `~/Code Projects/...`), and a verification bug where mixing in Cursor (which can't report the signal) poisoned the baseline so nothing ever verified. Both are fixed; finding them this way is kind of the best argument for the verify-everything design.
|
|
25
29
|
|
|
26
|
-
|
|
30
|
+
MIT-licensed, the verification and enforcement logic is all in the open: https://github.com/shanirsh/prismodev — would love feedback on the enforcement model and the verdict thresholds.
|
|
27
31
|
|
|
28
32
|
---
|
|
29
33
|
|
|
30
34
|
## X / Twitter thread
|
|
31
35
|
|
|
32
|
-
1/ Every AI-coding-cost tool shows you a dashboard of waste.
|
|
36
|
+
1/ Every AI-coding-cost tool shows you a dashboard of waste. I built the one that fixes it — then proves the fix worked, in dollars, measured against your real later sessions.
|
|
33
37
|
|
|
34
|
-
2/
|
|
38
|
+
2/ One week dogfooding on my own machine: **$22.81 / 6.3M tokens verified saved** (~$1,100/yr/dev). "Verified" = a repair ran, then later sessions showed a measurably lower waste rate. Not an estimate.
|
|
35
39
|
|
|
36
|
-
3/
|
|
40
|
+
3/ How: it reads your Claude Code / Codex / Cursor logs locally, attributes waste to 5 causes, and repairs the top one — each cause gets its own fix, not a generic "optimize."
|
|
37
41
|
|
|
38
|
-
4/
|
|
42
|
+
4/ The part nobody else does: after a repair it re-measures that cause in your NEXT sessions. Improved → stand down. No change → escalate to a stronger repair. Failed twice → stop and ask a human. A feedback controller, not a script.
|
|
39
43
|
|
|
40
|
-
5/
|
|
44
|
+
5/ For Claude Code it's not advisory — a PreToolUse hook *denies* reads into node_modules/logs/build output and blocks the 4th retry of an identical failing command. Fail-open, one command to remove.
|
|
41
45
|
|
|
42
|
-
6/
|
|
46
|
+
6/ Most honest part: a week of dogfooding caught 6 real bugs in Prismo itself — including one that silently hid ALL Claude Code data for any repo path with a space in it. Verifying everything is how you find that.
|
|
43
47
|
|
|
44
|
-
7/
|
|
48
|
+
7/ `npx getprismo doctor` — 10 seconds, no login, local-only. MIT: github.com/shanirsh/prismodev
|
|
45
49
|
|
|
46
50
|
---
|
|
47
51
|
|
|
48
|
-
## Release notes (0.1.40 → 0.1.
|
|
52
|
+
## Release notes (0.1.40 → 0.1.52)
|
|
49
53
|
|
|
50
|
-
- **Cause-specific repair executors** —
|
|
51
|
-
- **Autonomous repair planner** — `agent --watch` self-repairs
|
|
52
|
-
- **Runtime enforcement** — `prismo enforce install` adds
|
|
53
|
-
- **Verified savings in dollars** — `prismo digest
|
|
54
|
+
- **Cause-specific repair executors** — targeted repairs per waste cause instead of generic doctor; `prismo repair <cause|auto>`.
|
|
55
|
+
- **Autonomous repair planner** — `agent --watch` self-repairs with thresholds, per-cause cooldowns, local before/after verdicts, and mild→aggressive escalation.
|
|
56
|
+
- **Runtime enforcement** — `prismo enforce install` adds Claude Code Pre/PostToolUse hooks that block blocked-context reads and failing-command loops; fail-open; outcome-aware.
|
|
57
|
+
- **Verified savings in dollars** — `prismo digest`; the dashboard leads with verified dollars, with live prevention and early signals labeled separately.
|
|
54
58
|
- **Fleet priors** — first repairs start at the tier the fleet's verified outcomes recommend (anonymized counts only; local verdicts always win).
|
|
55
|
-
- **
|
|
59
|
+
- **Multi-repo capture** — one connector observes every repo on the machine, each session attributed to its own repo.
|
|
60
|
+
- **One-command protect** — `prismo protect` runs the full stack (safe fixes + context packs + enforcement + connector).
|
|
56
61
|
- **CI releases** — tag push runs tests and publishes.
|
|
62
|
+
|
|
63
|
+
### Bugs the dogfood week caught (and fixed)
|
|
64
|
+
1. Digest counted background auto-detect scans as interventions (186 fake vs 3 real).
|
|
65
|
+
2. Verification baseline poisoned by Cursor's blind zero-signals — now compares like-for-like across tools.
|
|
66
|
+
3. Claude Code telemetry silently dropped for repo paths containing a space or dot (folder-name encoding mismatch).
|
|
67
|
+
4. Connector was single-repo — now captures every repo.
|
|
68
|
+
5. `prismo protect` silently repointed a running connector (checked a field that never existed).
|
|
69
|
+
6. Dashboard polling (every 8s, loading a large unused column) blew past the DB egress quota — deferred the column, slowed/gated polling, windowed scans.
|
|
@@ -201,6 +201,13 @@ function renderFirewallPrompt(result) {
|
|
|
201
201
|
].join("\n");
|
|
202
202
|
}
|
|
203
203
|
|
|
204
|
+
function writeFirewallGeneratedFile(root, relPath, contents) {
|
|
205
|
+
const fullPath = path.join(root, relPath);
|
|
206
|
+
fs.mkdirSync(path.dirname(fullPath), { recursive: true });
|
|
207
|
+
fs.writeFileSync(fullPath, contents, "utf8");
|
|
208
|
+
return { path: relPath, backupPath: null };
|
|
209
|
+
}
|
|
210
|
+
|
|
204
211
|
function runFirewall(rootDir = process.cwd(), options = {}) {
|
|
205
212
|
const ctx = createOptimizeContext(rootDir, options.scope || null);
|
|
206
213
|
const task = options.task || options.scope || "general";
|
|
@@ -224,7 +231,7 @@ function runFirewall(rootDir = process.cwd(), options = {}) {
|
|
|
224
231
|
|
|
225
232
|
if (!options.dryRun) {
|
|
226
233
|
const write = (relPath, contents) => {
|
|
227
|
-
if (!options.live) return
|
|
234
|
+
if (!options.live) return writeFirewallGeneratedFile(ctx.root, relPath, contents);
|
|
228
235
|
const fullPath = path.join(ctx.root, relPath);
|
|
229
236
|
fs.mkdirSync(path.dirname(fullPath), { recursive: true });
|
|
230
237
|
fs.writeFileSync(fullPath, contents, "utf8");
|
package/package.json
CHANGED