gitpadi 2.0.0

package/src/commands/repos.ts

@@ -0,0 +1,129 @@
+// commands/repos.ts — Repository management commands for GitPadi
+
+import chalk from 'chalk';
+import ora from 'ora';
+import Table from 'cli-table3';
+import { getOctokit, getOwner, setRepo } from '../core/github.js';
+import { execSync } from 'child_process';
+
+export async function createRepo(name: string, opts: { org?: string; private?: boolean; description?: string }) {
+    const spinner = ora(`Creating repo ${chalk.cyan(name)}...`).start();
+    const octokit = getOctokit();
+
+    try {
+        let data: any;
+        if (opts.org) {
+            ({ data } = await octokit.repos.createInOrg({
+                org: opts.org, name,
+                description: opts.description || '',
+                private: opts.private || false,
+                has_issues: true, has_wiki: false, auto_init: true,
+            }));
+        } else {
+            ({ data } = await octokit.repos.createForAuthenticatedUser({
+                name,
+                description: opts.description || '',
+                private: opts.private || false,
+                has_issues: true, has_wiki: false, auto_init: true,
+            }));
+        }
+
+        spinner.succeed(`Created ${chalk.green(data.full_name)} ${data.private ? chalk.dim('(private)') : chalk.dim('(public)')}`);
+        console.log(chalk.dim(`  → ${data.html_url}\n`));
+    } catch (e: any) { spinner.fail(e.message); }
+}
+
+export async function deleteRepo(name: string, opts: { org?: string }) {
+    const owner = opts.org || getOwner();
+    const spinner = ora(`Deleting ${chalk.red(`${owner}/${name}`)}...`).start();
+
+    try {
+        await getOctokit().repos.delete({ owner, repo: name });
+        spinner.succeed(`Deleted ${chalk.red(`${owner}/${name}`)}`);
+    } catch (e: any) { spinner.fail(e.message); }
+}
+
+export async function cloneRepo(name: string, opts: { org?: string; dir?: string }) {
+    const owner = opts.org || getOwner();
+    const url = `https://github.com/${owner}/${name}.git`;
+    const dir = opts.dir || name;
+    const spinner = ora(`Cloning ${chalk.cyan(`${owner}/${name}`)}...`).start();
+
+    try {
+        execSync(`git clone ${url} ${dir}`, { stdio: 'pipe' });
+        spinner.succeed(`Cloned to ${chalk.green(`./${dir}`)}`);
+    } catch (e: any) { spinner.fail(`Clone failed: ${e.message}`); }
+}
+
+export async function repoInfo(name: string, opts: { org?: string }) {
+    const owner = opts.org || getOwner();
+    const spinner = ora(`Fetching info for ${owner}/${name}...`).start();
+
+    try {
+        const { data: repo } = await getOctokit().repos.get({ owner, repo: name });
+        spinner.stop();
+
+        console.log(`\n${chalk.bold(`📦 ${repo.full_name}`)}\n`);
+
+        const table = new Table({ style: { head: [], border: [] } });
+        table.push(
+            { [chalk.cyan('Description')]: repo.description || chalk.dim('none') },
+            { [chalk.cyan('Stars')]: `⭐ ${repo.stargazers_count}` },
+            { [chalk.cyan('Forks')]: `🍴 ${repo.forks_count}` },
+            { [chalk.cyan('Issues')]: `📋 ${repo.open_issues_count} open` },
+            { [chalk.cyan('Language')]: repo.language || chalk.dim('none') },
+            { [chalk.cyan('Visibility')]: repo.private ? chalk.yellow('Private') : chalk.green('Public') },
+            { [chalk.cyan('Default Branch')]: repo.default_branch },
+            { [chalk.cyan('Created')]: new Date(repo.created_at).toLocaleDateString() },
+            { [chalk.cyan('URL')]: repo.html_url },
+        );
+
+        console.log(table.toString());
+        console.log('');
+    } catch (e: any) { spinner.fail(e.message); }
+}
+
+export async function setTopics(name: string, topics: string[], opts: { org?: string }) {
+    const owner = opts.org || getOwner();
+    const spinner = ora('Updating topics...').start();
+
+    try {
+        await getOctokit().repos.replaceAllTopics({ owner, repo: name, names: topics });
+        spinner.succeed(`Topics set: ${chalk.cyan(topics.join(', '))}`);
+    } catch (e: any) { spinner.fail(e.message); }
+}
+
+export async function listRepos(opts: { org?: string; limit?: number }) {
+    const spinner = ora('Fetching repos...').start();
+    const octokit = getOctokit();
+
+    try {
+        let repos: any[];
+        if (opts.org) {
+            ({ data: repos } = await octokit.repos.listForOrg({ org: opts.org, per_page: opts.limit || 25, sort: 'updated' }));
+        } else {
+            ({ data: repos } = await octokit.repos.listForAuthenticatedUser({ per_page: opts.limit || 25, sort: 'updated' }));
+        }
+
+        spinner.stop();
+
+        const table = new Table({
+            head: ['Name', 'Stars', 'Language', 'Visibility', 'Updated'].map((h) => chalk.cyan(h)),
+            style: { head: [], border: [] },
+        });
+
+        repos.forEach((r: any) => {
+            table.push([
+                r.full_name,
+                `⭐ ${r.stargazers_count}`,
+                r.language || '-',
+                r.private ? chalk.yellow('private') : chalk.green('public'),
+                new Date(r.updated_at).toLocaleDateString(),
+            ]);
+        });
+
+        console.log(`\n${chalk.bold('📦 Repositories')} (${repos.length})\n`);
+        console.log(table.toString());
+        console.log('');
+    } catch (e: any) { spinner.fail(e.message); }
+}

package/src/core/github.ts

@@ -0,0 +1,43 @@
+// core/github.ts — Shared Octokit client + auth for GitPadi
+
+import { Octokit } from '@octokit/rest';
+import chalk from 'chalk';
+
+let _octokit: Octokit | null = null;
+let _owner: string = '';
+let _repo: string = '';
+
+export function initGitHub(token?: string, owner?: string, repo?: string): void {
+    const t = token || process.env.GITHUB_TOKEN || process.env.GITPADI_TOKEN || '';
+    if (!t) {
+        console.error(chalk.red('\n❌ GitHub token required.'));
+        console.error(chalk.dim('   Set it: export GITHUB_TOKEN=ghp_xxx'));
+        console.error(chalk.dim('   Or:     export GITPADI_TOKEN=ghp_xxx\n'));
+        process.exit(1);
+    }
+
+    _octokit = new Octokit({ auth: t });
+    _owner = owner || process.env.GITHUB_OWNER || process.env.GITHUB_REPOSITORY?.split('/')[0] || '';
+    _repo = repo || process.env.GITHUB_REPO || process.env.GITHUB_REPOSITORY?.split('/')[1] || '';
+}
+
+export function getOctokit(): Octokit {
+    if (!_octokit) {
+        initGitHub();
+    }
+    return _octokit!;
+}
+
+export function getOwner(): string { return _owner; }
+export function getRepo(): string { return _repo; }
+export function setRepo(owner: string, repo: string): void { _owner = owner; _repo = repo; }
+export function getFullRepo(): string { return `${_owner}/${_repo}`; }
+
+export function requireRepo(): void {
+    if (!_owner || !_repo) {
+        console.error(chalk.red('\n❌ Repository not set.'));
+        console.error(chalk.dim('   Use: gitpadi --owner <org> --repo <name> <command>'));
+        console.error(chalk.dim('   Or set: GITHUB_OWNER and GITHUB_REPO env vars\n'));
+        process.exit(1);
+    }
+}

package/src/core/scorer.ts

@@ -0,0 +1,127 @@
+// core/scorer.ts — Applicant scoring algorithm (extracted for reuse)
+
+import { getOctokit, getOwner, getRepo } from './github.js';
+
+export interface ApplicantProfile {
+    username: string;
+    avatarUrl: string;
+    accountAge: number;
+    publicRepos: number;
+    followers: number;
+    totalContributions: number;
+    repoContributions: number;
+    relevantLanguages: string[];
+    hasReadme: boolean;
+    prsMerged: number;
+    prsOpen: number;
+    issuesCreated: number;
+    commentBody: string;
+}
+
+export interface ScoreBreakdown {
+    accountMaturity: number;
+    repoExperience: number;
+    githubPresence: number;
+    activityLevel: number;
+    applicationQuality: number;
+    languageRelevance: number;
+    total: number;
+}
+
+export interface ScoredApplicant extends ApplicantProfile {
+    score: number;
+    breakdown: ScoreBreakdown;
+    tier: 'S' | 'A' | 'B' | 'C' | 'D';
+}
+
+export const TIER_EMOJI: Record<string, string> = { S: '🏆', A: '🟢', B: '🟡', C: '🟠', D: '🔴' };
+
+export const APPLICATION_PATTERNS = [
+    /i('d| would) (like|love|want) to (work on|tackle|take|pick up|handle)/i,
+    /can i (work on|take|pick up|handle|be assigned)/i,
+    /assign (this |it )?(to )?me/i,
+    /i('m| am) interested/i,
+    /let me (work on|take|handle)/i,
+    /i('ll| will) (work on|take|handle|do)/i,
+    /i want to contribute/i,
+    /please assign/i,
+    /i can (do|handle|take care of|work on)/i,
+    /picking this up/i,
+    /claiming this/i,
+];
+
+export function isApplicationComment(body: string): boolean {
+    return APPLICATION_PATTERNS.some((p) => p.test(body));
+}
+
+export async function fetchProfile(username: string, commentBody: string = ''): Promise<ApplicantProfile> {
+    const octokit = getOctokit();
+    const OWNER = getOwner();
+    const REPO = getRepo();
+
+    const { data: user } = await octokit.users.getByUsername({ username });
+    const accountAge = Math.floor((Date.now() - new Date(user.created_at).getTime()) / 86400000);
+
+    let totalContributions = 0;
+    try {
+        const { data: events } = await octokit.activity.listPublicEventsForUser({ username, per_page: 100 });
+        totalContributions = events.length;
+    } catch { /* continue */ }
+
+    let prsMerged = 0, prsOpen = 0, issuesCreated = 0;
+    try {
+        prsMerged = (await octokit.search.issuesAndPullRequests({ q: `repo:${OWNER}/${REPO} type:pr author:${username} is:merged` })).data.total_count;
+        prsOpen = (await octokit.search.issuesAndPullRequests({ q: `repo:${OWNER}/${REPO} type:pr author:${username} is:open` })).data.total_count;
+        issuesCreated = (await octokit.search.issuesAndPullRequests({ q: `repo:${OWNER}/${REPO} type:issue author:${username}` })).data.total_count;
+    } catch { /* rate limit */ }
+
+    let relevantLanguages: string[] = [];
+    try {
+        const { data: repos } = await octokit.repos.listForUser({ username, sort: 'updated', per_page: 20 });
+        const langs = new Set<string>();
+        repos.forEach((r) => { if (r.language) langs.add(r.language); });
+        relevantLanguages = Array.from(langs);
+    } catch { /* continue */ }
+
+    let hasReadme = false;
+    try { await octokit.repos.get({ owner: username, repo: username }); hasReadme = true; } catch { /* no readme */ }
+
+    return {
+        username, avatarUrl: user.avatar_url, accountAge,
+        publicRepos: user.public_repos, followers: user.followers,
+        totalContributions, repoContributions: prsMerged + prsOpen + issuesCreated,
+        relevantLanguages, hasReadme, prsMerged, prsOpen, issuesCreated, commentBody,
+    };
+}
+
+export function scoreApplicant(p: ApplicantProfile, issueLabels: string[] = []): ScoredApplicant {
+    const b: ScoreBreakdown = { accountMaturity: 0, repoExperience: 0, githubPresence: 0, activityLevel: 0, applicationQuality: 0, languageRelevance: 0, total: 0 };
+
+    b.accountMaturity = p.accountAge > 730 ? 15 : p.accountAge > 365 ? 12 : p.accountAge > 180 ? 9 : p.accountAge > 90 ? 6 : p.accountAge > 30 ? 3 : 1;
+    b.repoExperience = Math.min(15, p.prsMerged * 5) + Math.min(5, p.prsOpen * 3) + Math.min(5, p.issuesCreated * 2) + Math.min(5, p.repoContributions);
+    b.githubPresence = Math.min(5, Math.floor(p.publicRepos / 5)) + Math.min(5, Math.floor(p.followers / 10)) + (p.hasReadme ? 5 : 0);
+    b.activityLevel = p.totalContributions >= 80 ? 15 : p.totalContributions >= 50 ? 12 : p.totalContributions >= 30 ? 9 : p.totalContributions >= 15 ? 6 : p.totalContributions >= 5 ? 3 : 1;
+
+    const words = p.commentBody.split(/\s+/).length;
+    const hasApproach = /approach|plan|implement|would|will|by|using|step/i.test(p.commentBody);
+    const hasExp = /experience|worked|built|familiar|know|background/i.test(p.commentBody);
+    b.applicationQuality = (words >= 50 && hasApproach && hasExp) ? 15 : (words >= 30 && (hasApproach || hasExp)) ? 12 : (words >= 20 && hasApproach) ? 9 : words >= 15 ? 6 : words >= 8 ? 3 : 1;
+
+    b.languageRelevance = 5;
+    if (issueLabels.length > 0 && p.relevantLanguages.length > 0) {
+        const labelLower = issueLabels.map((l) => l.toLowerCase()).join(' ');
+        const hasRust = p.relevantLanguages.includes('Rust');
+        const hasTS = p.relevantLanguages.includes('TypeScript') || p.relevantLanguages.includes('JavaScript');
+        const needsRust = /contract|rust|wasm|soroban/i.test(labelLower);
+        const needsTS = /backend|frontend|api|websocket|typescript/i.test(labelLower);
+        let matches = 0, needed = 0;
+        if (needsRust) { needed++; if (hasRust) matches++; }
+        if (needsTS) { needed++; if (hasTS) matches++; }
+        if (needed > 0) b.languageRelevance = Math.round((matches / needed) * 10);
+    }
+
+    b.total = b.accountMaturity + b.repoExperience + b.githubPresence + b.activityLevel + b.applicationQuality + b.languageRelevance;
+    const tier: ScoredApplicant['tier'] = b.total >= 75 ? 'S' : b.total >= 55 ? 'A' : b.total >= 40 ? 'B' : b.total >= 25 ? 'C' : 'D';
+
+    return { ...p, score: b.total, breakdown: b, tier };
+}

package/src/create-issues.ts

@@ -0,0 +1,203 @@
+#!/usr/bin/env tsx
+// create-issues.ts — Generic issue creator from JSON data file
+//
+// Usage via GitHub Action:
+//   action: create-issues
+//   issues-file: path/to/issues.json
+//
+// Usage (CLI):
+//   GITHUB_TOKEN=xxx npx tsx src/create-issues.ts --file issues.json
+//   GITHUB_TOKEN=xxx npx tsx src/create-issues.ts --file issues.json --dry-run
+//   GITHUB_TOKEN=xxx npx tsx src/create-issues.ts --file issues.json --start 1 --end 10
+
+import { Octokit } from '@octokit/rest';
+import * as fs from 'fs';
+import * as path from 'path';
+
+// ── Config ─────────────────────────────────────────────────────────────
+const GITHUB_TOKEN = process.env.GITHUB_TOKEN;
+const OWNER = process.env.GITHUB_OWNER || '';
+const REPO = process.env.GITHUB_REPO || '';
+
+// ── Parse CLI args ─────────────────────────────────────────────────────
+const args = process.argv.slice(2);
+const dryRun = args.includes('--dry-run') || process.env.DRY_RUN === 'true';
+
+const startIdx = args.includes('--start')
+    ? parseInt(args[args.indexOf('--start') + 1])
+    : parseInt(process.env.ISSUE_START || '1');
+const endIdx = args.includes('--end')
+    ? parseInt(args[args.indexOf('--end') + 1])
+    : parseInt(process.env.ISSUE_END || '999');
+
+const issuesFilePath = args.includes('--file')
+    ? args[args.indexOf('--file') + 1]
+    : process.env.ISSUES_FILE || '';
+
+// ── Types ──────────────────────────────────────────────────────────────
+interface IssueData {
+    number: number;
+    title: string;
+    body: string;
+    labels: string[];
+    milestone?: string;
+}
+
+interface IssuesConfig {
+    labels?: Record<string, string>; // label name → color hex
+    milestones?: Record<string, string>; // milestone title → description
+    issues: IssueData[];
+}
+
+// ── Validation ─────────────────────────────────────────────────────────
+if (!GITHUB_TOKEN && !dryRun) {
+    console.error('❌ GITHUB_TOKEN environment variable is required.');
+    console.error('   Or use --dry-run to preview without creating.');
+    process.exit(1);
+}
+
+if (!issuesFilePath) {
+    console.error('❌ Issues file required. Use --file <path> or set ISSUES_FILE env var.');
+    console.error('\nExample issues.json:');
+    console.error(JSON.stringify({
+        labels: { 'bug': 'd73a49', 'feature': '0e8a16' },
+        milestones: { 'v1.0': 'First release' },
+        issues: [{ number: 1, title: 'Fix login bug', body: '## Description\n...', labels: ['bug'], milestone: 'v1.0' }]
+    }, null, 2));
+    process.exit(1);
+}
+
+if (!OWNER || !REPO) {
+    console.error('❌ GITHUB_OWNER and GITHUB_REPO are required.');
+    process.exit(1);
+}
+
+// ── Load issues file ───────────────────────────────────────────────────
+const resolvedPath = path.resolve(process.env.GITHUB_WORKSPACE || '.', issuesFilePath);
+if (!fs.existsSync(resolvedPath)) {
+    console.error(`❌ File not found: ${resolvedPath}`);
+    process.exit(1);
+}
+
+const config: IssuesConfig = JSON.parse(fs.readFileSync(resolvedPath, 'utf-8'));
+const ISSUES = config.issues;
+const LABEL_COLORS = config.labels || {};
+const MILESTONES = config.milestones || {};
+
+const octokit = new Octokit({ auth: GITHUB_TOKEN });
+
+// ── Helpers ────────────────────────────────────────────────────────────
+const sleep = (ms: number) => new Promise((r) => setTimeout(r, ms));
+const log = (emoji: string, msg: string) => console.log(`${emoji}  ${msg}`);
+
+// ── Ensure labels exist ────────────────────────────────────────────────
+async function ensureLabels(): Promise<void> {
+    log('🏷️', 'Checking labels...');
+    try {
+        const existing = new Set<string>();
+        let page = 1;
+        while (true) {
+            const { data } = await octokit.issues.listLabelsForRepo({ owner: OWNER, repo: REPO, per_page: 100, page });
+            if (data.length === 0) break;
+            data.forEach((l) => existing.add(l.name));
+            page++;
+        }
+
+        let created = 0;
+        const allLabels = new Set<string>();
+        ISSUES.forEach((i) => i.labels.forEach((l) => allLabels.add(l)));
+
+        for (const label of allLabels) {
+            if (!existing.has(label)) {
+                const color = LABEL_COLORS[label] || 'ededed';
+                try {
+                    await octokit.issues.createLabel({ owner: OWNER, repo: REPO, name: label, color });
+                    created++;
+                    log('  ✅', `Created label: ${label}`);
+                    await sleep(300);
+                } catch (e: any) {
+                    if (e?.status !== 422) throw e;
+                }
+            }
+        }
+        log('🏷️', `Labels ready (${created} new)`);
+    } catch (e: any) {
+        if (e?.status === 403) log('⚠️', 'No label write permission — skipping');
+        else log('⚠️', `Label setup failed — continuing`);
+    }
+}
+
+// ── Ensure milestones ──────────────────────────────────────────────────
+async function ensureMilestones(): Promise<Map<string, number>> {
+    log('🎯', 'Checking milestones...');
+    const map = new Map<string, number>();
+    try {
+        const { data } = await octokit.issues.listMilestones({ owner: OWNER, repo: REPO, state: 'open', per_page: 100 });
+        data.forEach((m) => map.set(m.title, m.number));
+        for (const [title, desc] of Object.entries(MILESTONES)) {
+            if (!map.has(title)) {
+                try {
+                    const { data: ms } = await octokit.issues.createMilestone({ owner: OWNER, repo: REPO, title, description: desc });
+                    map.set(title, ms.number);
+                    log('  ✅', `Created milestone: ${title}`);
+                } catch (e: any) { if (e?.status !== 422) throw e; }
+            }
+        }
+        log('🎯', `Milestones ready (${map.size} total)`);
+    } catch (e: any) {
+        if (e?.status === 403) log('⚠️', 'No milestone permission — skipping');
+    }
+    return map;
+}
+
+// ── Main ───────────────────────────────────────────────────────────────
+async function main() {
+    console.log('\n╔════════════════════════════════════════╗');
+    console.log('║     Contributor Agent — Issue Creator   ║');
+    console.log('╚════════════════════════════════════════╝\n');
+    console.log(`  Repo:    ${OWNER}/${REPO}`);
+    console.log(`  File:    ${issuesFilePath}`);
+    console.log(`  Range:   #${startIdx} - #${endIdx}`);
+    console.log(`  Dry Run: ${dryRun ? 'YES' : 'NO'}\n`);
+
+    const filtered = ISSUES.filter((i) => i.number >= startIdx && i.number <= endIdx);
+    log('📋', `${filtered.length} issues to create\n`);
+
+    if (dryRun) {
+        for (const issue of filtered) {
+            console.log(`  #${String(issue.number).padStart(2, '0')}  ${issue.title}`);
+            console.log(`       Labels: [${issue.labels.join(', ')}]`);
+            if (issue.milestone) console.log(`       Milestone: ${issue.milestone}`);
+            console.log('');
+        }
+        console.log(`\n✅ Dry run: ${filtered.length} issues would be created.\n`);
+        return;
+    }
+
+    await ensureLabels();
+    const milestoneMap = await ensureMilestones();
+    console.log('');
+    log('🚀', 'Creating issues...\n');
+
+    let created = 0, failed = 0;
+    for (const issue of filtered) {
+        try {
+            const milestone = issue.milestone ? milestoneMap.get(issue.milestone) : undefined;
+            const { data } = await octokit.issues.create({
+                owner: OWNER, repo: REPO, title: issue.title, body: issue.body,
+                labels: issue.labels, milestone,
+            });
+            created++;
+            log('  ✅', `#${String(issue.number).padStart(2, '0')} → GitHub #${data.number}: ${issue.title}`);
+            await sleep(1200);
+        } catch (e: any) {
+            failed++;
+            log('  ❌', `#${String(issue.number).padStart(2, '0')} FAILED: ${e?.message || e}`);
+            await sleep(2000);
+        }
+    }
+
+    console.log(`\n  ✅ Created: ${created}  ❌ Failed: ${failed}\n`);
+}
+
+main().catch((e) => { console.error('Fatal:', e); process.exit(1); });

package/src/pr-review.ts

@@ -0,0 +1,132 @@
+#!/usr/bin/env tsx
+// pr-review.ts — Generic PR review agent for any repository
+//
+// Checks: linked issues, PR size, file scope, test coverage, commit messages, sensitive files
+//
+// Usage via Action:  action: review-pr
+// Usage (CLI):       GITHUB_TOKEN=xxx PR_NUMBER=5 GITHUB_OWNER=org GITHUB_REPO=repo npx tsx src/pr-review.ts
+
+import { Octokit } from '@octokit/rest';
+
+// ── Config ─────────────────────────────────────────────────────────────
+const GITHUB_TOKEN = process.env.GITHUB_TOKEN!;
+const OWNER = process.env.GITHUB_OWNER || process.env.GITHUB_REPOSITORY?.split('/')[0] || '';
+const REPO = process.env.GITHUB_REPO || process.env.GITHUB_REPOSITORY?.split('/')[1] || '';
+const PR_NUMBER = parseInt(process.env.PR_NUMBER || '0');
+
+if (!GITHUB_TOKEN || !OWNER || !REPO || !PR_NUMBER) {
+    console.error('❌ Required: GITHUB_TOKEN, GITHUB_OWNER, GITHUB_REPO, PR_NUMBER');
+    process.exit(1);
+}
+
+const octokit = new Octokit({ auth: GITHUB_TOKEN });
+
+// ── Types ──────────────────────────────────────────────────────────────
+interface CheckResult {
+    name: string;
+    status: '✅' | '⚠️' | '❌';
+    detail: string;
+}
+
+// ── Main ───────────────────────────────────────────────────────────────
+async function main(): Promise<void> {
+    console.log(`\n🤖 PR Review Agent — ${OWNER}/${REPO} #${PR_NUMBER}\n`);
+
+    const { data: pr } = await octokit.pulls.get({ owner: OWNER, repo: REPO, pull_number: PR_NUMBER });
+    const { data: files } = await octokit.pulls.listFiles({ owner: OWNER, repo: REPO, pull_number: PR_NUMBER, per_page: 100 });
+    const { data: commits } = await octokit.pulls.listCommits({ owner: OWNER, repo: REPO, pull_number: PR_NUMBER, per_page: 100 });
+
+    const checks: CheckResult[] = [];
+
+    // ── 1. Linked Issues ─────────────────────────────────────────────
+    const issuePattern = /(fix(es|ed)?|clos(e[sd]?)|resolv(e[sd]?))\s+#\d+/gi;
+    const linkedIssues = pr.body?.match(issuePattern) || [];
+    if (linkedIssues.length > 0) {
+        checks.push({ name: 'Linked Issues', status: '✅', detail: `References: ${linkedIssues.join(', ')}` });
+    } else {
+        checks.push({ name: 'Linked Issues', status: '⚠️', detail: 'No linked issues found. Use `Fixes #N` or `Closes #N` in the PR description.' });
+    }
+
+    // ── 2. PR Size ────────────────────────────────────────────────────
+    const totalChanges = files.reduce((sum, f) => sum + f.additions + f.deletions, 0);
+    if (totalChanges > 1000) {
+        checks.push({ name: 'PR Size', status: '❌', detail: `${totalChanges} lines changed. Consider splitting into smaller PRs.` });
+    } else if (totalChanges > 500) {
+        checks.push({ name: 'PR Size', status: '⚠️', detail: `${totalChanges} lines changed. Large PR — review carefully.` });
+    } else {
+        checks.push({ name: 'PR Size', status: '✅', detail: `${totalChanges} lines changed — good size.` });
+    }
+
+    // ── 3. File Scope ─────────────────────────────────────────────────
+    const dirs = new Set(files.map((f) => f.filename.split('/')[0]));
+    if (dirs.size > 5) {
+        checks.push({ name: 'File Scope', status: '⚠️', detail: `Touches ${dirs.size} top-level directories: ${[...dirs].join(', ')}` });
+    } else {
+        checks.push({ name: 'File Scope', status: '✅', detail: `Focused on ${dirs.size} area(s): ${[...dirs].join(', ')}` });
+    }
+
+    // ── 4. Test Coverage ──────────────────────────────────────────────
+    const srcFiles = files.filter((f) => !f.filename.includes('test') && !f.filename.includes('spec') && (f.filename.endsWith('.ts') || f.filename.endsWith('.rs') || f.filename.endsWith('.js')));
+    const testFiles = files.filter((f) => f.filename.includes('test') || f.filename.includes('spec'));
+    if (srcFiles.length > 0 && testFiles.length === 0) {
+        checks.push({ name: 'Test Coverage', status: '⚠️', detail: `${srcFiles.length} source file(s) changed but no tests included.` });
+    } else if (testFiles.length > 0) {
+        checks.push({ name: 'Test Coverage', status: '✅', detail: `${testFiles.length} test file(s) included.` });
+    } else {
+        checks.push({ name: 'Test Coverage', status: '✅', detail: 'No source code changes requiring tests.' });
+    }
+
+    // ── 5. Commit Messages ────────────────────────────────────────────
+    const conventionalRegex = /^(feat|fix|docs|style|refactor|test|chore|ci|perf|build|revert)(\(.+\))?!?:\s/;
+    const badCommits = commits.filter((c) => !conventionalRegex.test(c.commit.message));
+    if (badCommits.length > 0) {
+        const examples = badCommits.slice(0, 3).map((c) => `\`${c.commit.message.split('\n')[0]}\``).join(', ');
+        checks.push({ name: 'Commit Messages', status: '⚠️', detail: `${badCommits.length} commit(s) don't follow conventional format. Examples: ${examples}` });
+    } else {
+        checks.push({ name: 'Commit Messages', status: '✅', detail: 'All commits follow conventional format.' });
+    }
+
+    // ── 6. Sensitive Files ────────────────────────────────────────────
+    const sensitivePatterns = ['.env', 'secret', 'credential', 'password', 'private_key', '.pem', '.key', 'token'];
+    const flaggedFiles = files.filter((f) => sensitivePatterns.some((p) => f.filename.toLowerCase().includes(p)));
+    if (flaggedFiles.length > 0) {
+        checks.push({ name: 'Sensitive Files', status: '❌', detail: `Potentially sensitive: ${flaggedFiles.map((f) => f.filename).join(', ')}` });
+    } else {
+        checks.push({ name: 'Sensitive Files', status: '✅', detail: 'No sensitive files detected.' });
+    }
+
+    // ── Build Comment ─────────────────────────────────────────────────
+    const hasCritical = checks.some((c) => c.status === '❌');
+    const hasWarning = checks.some((c) => c.status === '⚠️');
+    const headerEmoji = hasCritical ? '🚨' : hasWarning ? '⚠️' : '✅';
+
+    let body = `## ${headerEmoji} Contributor Agent — PR Review\n\n`;
+    body += `| Check | Status | Details |\n|-------|--------|--------|\n`;
+    checks.forEach((c) => { body += `| ${c.name} | ${c.status} | ${c.detail} |\n`; });
+    body += `\n`;
+
+    if (hasCritical) body += `> 🚨 **Action Required:** Critical issues found. Please address before merging.\n`;
+    else if (hasWarning) body += `> ⚠️ **Note:** Some warnings detected. Review recommended.\n`;
+    else body += `> ✅ **Looking good!** All checks passed.\n`;
+
+    body += `\n---\n<sub>🤖 Contributor Agent — PR Review</sub>`;
+
+    // ── Post/Update Comment ───────────────────────────────────────────
+    const MARKER = '## ';
+    const markerText = 'Contributor Agent — PR Review';
+    const { data: comments } = await octokit.issues.listComments({ owner: OWNER, repo: REPO, issue_number: PR_NUMBER, per_page: 100 });
+    const existing = comments.find((c) => c.body?.includes(markerText));
+
+    if (existing) {
+        await octokit.issues.updateComment({ owner: OWNER, repo: REPO, comment_id: existing.id, body });
+        console.log('✅ Updated existing review comment');
+    } else {
+        await octokit.issues.createComment({ owner: OWNER, repo: REPO, issue_number: PR_NUMBER, body });
+        console.log('✅ Posted review comment');
+    }
+
+    checks.forEach((c) => console.log(`  ${c.status} ${c.name}: ${c.detail}`));
+    if (hasCritical) process.exit(1);
+}
+
+main().catch((e) => { console.error('Fatal:', e); process.exit(1); });