llm-checker 3.2.1 → 3.2.3

package/README.md

@@ -9,7 +9,7 @@
   </p>
   <p align="center">
     AI-powered CLI that analyzes your hardware and recommends optimal LLM models<br/>
-    Deterministic scoring across <b>35+ curated models</b> with hardware-calibrated memory estimation
+    Deterministic scoring across <b>200+ dynamic models</b> (35+ curated fallback) with hardware-calibrated memory estimation
   </p>
 </p>
 
@@ -17,6 +17,7 @@
   <a href="https://www.npmjs.com/package/llm-checker"><img src="https://img.shields.io/npm/v/llm-checker?style=flat-square&color=0066FF" alt="npm version"></a>
   <a href="https://www.npmjs.com/package/llm-checker"><img src="https://img.shields.io/npm/dm/llm-checker?style=flat-square&color=0066FF" alt="npm downloads"></a>
   <a href="https://opensource.org/licenses/MIT"><img src="https://img.shields.io/badge/License-MIT-0066FF?style=flat-square" alt="License"></a>
+  <a href="https://discord.gg/mnmYrA7T"><img src="https://img.shields.io/discord/1457032977849520374?style=flat-square&color=0066FF&label=Discord" alt="Discord"></a>
   <a href="https://nodejs.org/"><img src="https://img.shields.io/badge/node-%3E%3D16-0066FF?style=flat-square" alt="Node.js"></a>
 </p>
 
@@ -26,7 +27,8 @@
   <a href="#claude-code-mcp">Claude MCP</a> &bull;
   <a href="#commands">Commands</a> &bull;
   <a href="#scoring-system">Scoring</a> &bull;
-  <a href="#supported-hardware">Hardware</a>
+  <a href="#supported-hardware">Hardware</a> &bull;
+  <a href="https://discord.gg/mnmYrA7T"><img src="https://cdn.simpleicons.org/discord/0066FF" alt="Discord" width="14" height="14"> Discord</a>
 </p>
 
 ---
@@ -43,7 +45,7 @@ Choosing the right LLM for your hardware is complex. With thousands of model var
 
 | | Feature | Description |
 |:---:|---|---|
-| **35+** | Curated Models | Hand-picked catalog covering all major families and sizes (1B-32B) |
+| **200+** | Dynamic Model Pool | Uses full scraped Ollama catalog/variants when available (with curated fallback) |
 | **4D** | Scoring Engine | Quality, Speed, Fit, Context &mdash; weighted by use case |
 | **Multi-GPU** | Hardware Detection | Apple Silicon, NVIDIA CUDA, AMD ROCm, Intel Arc, CPU |
 | **Calibrated** | Memory Estimation | Bytes-per-parameter formula validated against real Ollama sizes |
@@ -87,6 +89,32 @@ npm install sql.js
 
 ---
 
+## Distribution
+
+LLM Checker is published in all primary channels:
+
+- npm (latest): [`llm-checker@3.2.1`](https://www.npmjs.com/package/llm-checker)
+- GitHub Release: [`v3.2.1` (2026-02-17)](https://github.com/Pavelevich/llm-checker/releases/tag/v3.2.1)
+- GitHub Packages: [`@pavelevich/llm-checker`](https://github.com/users/Pavelevich/packages/npm/package/llm-checker)
+
+### v3.2.1 Highlights
+
+- Added vLLM/MLX runtime support and speculative decoding estimation.
+- Improved GPU detection, added DGX Spark/GB10 support, strengthened Node runtime guards, and updated tooling comparison notes.
+
+### Optional: Install from GitHub Packages
+
+```bash
+# 1) Configure registry + token (PAT with read:packages)
+echo "@pavelevich:registry=https://npm.pkg.github.com" >> ~/.npmrc
+echo "//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}" >> ~/.npmrc
+
+# 2) Install
+npm install -g @pavelevich/llm-checker@3.2.1
+```
+
+---
+
 ## Quick Start
 
 ```bash
@@ -198,6 +226,58 @@ Claude will automatically call the right tools and give you actionable results.
 | `search <query>` | Search models with filters and intelligent scoring |
 | `smart-recommend` | Advanced recommendations using the full scoring engine |
 
+### Enterprise Policy Commands
+
+| Command | Description |
+|---------|-------------|
+| `policy init` | Generate a `policy.yaml` template for enterprise governance |
+| `policy validate` | Validate a policy file and return non-zero on schema errors |
+| `audit export` | Evaluate policy outcomes and export compliance reports (`json`, `csv`, `sarif`) |
+
+### Policy Enforcement in `check` and `recommend`
+
+Both `check` and `recommend` support `--policy <file>`.
+
+- In `audit` mode, policy violations are reported but the command exits with `0`.
+- In `enforce` mode, blocking violations return non-zero (default `1`).
+- You can override the non-zero code with `enforcement.exit_code` in `policy.yaml`.
+
+Examples:
+
+```bash
+llm-checker check --policy ./policy.yaml
+llm-checker check --policy ./policy.yaml --use-case coding --runtime vllm
+llm-checker recommend --policy ./policy.yaml --category coding
+```
+
+### Policy Audit Export
+
+Use `audit export` when you need machine-readable compliance evidence for CI/CD gates, governance reviews, or security tooling.
+
+```bash
+# Single report format
+llm-checker audit export --policy ./policy.yaml --command check --format json --out ./reports/check-policy.json
+
+# Export all configured formats (json, csv, sarif)
+llm-checker audit export --policy ./policy.yaml --command check --format all --out-dir ./reports
+```
+
+- `--command check|recommend` chooses the candidate source.
+- `--format all` honors `reporting.formats` in your policy (falls back to `json,csv,sarif`).
+- In `enforce` mode with blocking violations, reports are still written before non-zero exit.
+
+### Provenance Fields in Reports
+
+Each finding includes normalized model provenance fields:
+
+- `source`
+- `registry`
+- `version`
+- `license`
+- `digest`
+
+If a field is unavailable from model metadata, reports use `"unknown"` instead of omitting the field. This keeps downstream parsers deterministic.
+
 ### AI Commands
 
 | Command | Description |
@@ -277,7 +357,9 @@ llm-checker search qwen --quant Q4_K_M --max-size 8
 
 ## Model Catalog
 
-The built-in catalog includes 35+ models from the most popular Ollama families:
+LLM Checker prioritizes the full scraped Ollama model cache (all families/sizes/variants) and falls back to a built-in curated catalog when cache is unavailable.
+
+The curated fallback catalog includes 35+ models from the most popular Ollama families:
 
 | Family | Models | Best For |
 |--------|--------|----------|
@@ -291,7 +373,7 @@ The built-in catalog includes 35+ models from the most popular Ollama families:
 | **LLaVA** | 7B, 13B | Vision |
 | **Embeddings** | nomic-embed-text, mxbai-embed-large, bge-m3, all-minilm | RAG, search |
 
-Models are automatically combined with any locally installed Ollama models for scoring.
+All available models are automatically combined with locally installed Ollama models for scoring.
 
 ---
 
@@ -418,7 +500,7 @@ The selector automatically picks the best quantization that fits your available
 
 **Selector Pipeline:**
 1. **Hardware profiling** &mdash; CPU, GPU, RAM, acceleration backend
-2. **Model pool** &mdash; Merge catalog + installed Ollama models (deduped)
+2. **Model pool** &mdash; Merge full Ollama scraped pool (or curated fallback) + installed models (deduped)
 3. **Category filter** &mdash; Keep models relevant to the use case
 4. **Quantization selection** &mdash; Best quant that fits in memory budget
 5. **4D scoring** &mdash; Q, S, F, C with category-specific weights
@@ -477,7 +559,7 @@ src/
     deterministic-selector.js  # Primary selection algorithm
     scoring-config.js          # Centralized scoring weights
     scoring-engine.js          # Advanced scoring (smart-recommend)
-    catalog.json               # Curated model catalog (35+ models)
+    catalog.json               # Curated fallback catalog (35+ models)
   ai/
     multi-objective-selector.js  # Multi-objective optimization
     ai-check-selector.js        # LLM-based evaluation
@@ -501,6 +583,9 @@ MIT License &mdash; see [LICENSE](LICENSE) for details.
 
 <p align="center">
   <a href="https://github.com/Pavelevich/llm-checker">GitHub</a> &bull;
+  <a href="https://github.com/Pavelevich/llm-checker/releases">Releases</a> &bull;
   <a href="https://www.npmjs.com/package/llm-checker">npm</a> &bull;
-  <a href="https://github.com/Pavelevich/llm-checker/issues">Issues</a>
+  <a href="https://github.com/users/Pavelevich/packages/npm/package/llm-checker">GitHub Packages</a> &bull;
+  <a href="https://github.com/Pavelevich/llm-checker/issues">Issues</a> &bull;
+  <a href="https://discord.gg/mnmYrA7T">Discord</a>
 </p>

package/bin/enhanced_cli.js

@@ -24,6 +24,20 @@ const {
     getRuntimeCommandSet
 } = require('../src/runtime/runtime-support');
 const SpeculativeDecodingEstimator = require('../src/models/speculative-decoding-estimator');
+const PolicyManager = require('../src/policy/policy-manager');
+const PolicyEngine = require('../src/policy/policy-engine');
+const {
+    collectCandidatesFromAnalysis,
+    collectCandidatesFromRecommendationData,
+    buildPolicyRuntimeContext,
+    evaluatePolicyCandidates,
+    resolvePolicyEnforcement
+} = require('../src/policy/cli-policy');
+const {
+    buildComplianceReport,
+    serializeComplianceReport
+} = require('../src/policy/audit-reporter');
+const policyManager = new PolicyManager();
 
 // ASCII Art for each command - Large text banners
 const ASCII_ART = {
@@ -2060,6 +2074,365 @@ function extractModelName(command) {
     return match ? match[1] : 'model';
 }
 
+function loadPolicyConfiguration(policyFile) {
+    const validation = policyManager.validatePolicyFile(policyFile);
+    if (!validation.valid) {
+        const details = validation.errors
+            .map((entry) => `${entry.path}: ${entry.message}`)
+            .join('; ');
+        throw new Error(`Invalid policy file: ${details}`);
+    }
+
+    return {
+        policyPath: validation.path,
+        policy: validation.policy,
+        policyEngine: new PolicyEngine(validation.policy)
+    };
+}
+
+function parseSizeFilterInput(sizeStr) {
+    if (!sizeStr) return null;
+    const match = String(sizeStr)
+        .toUpperCase()
+        .trim()
+        .match(/^([0-9]+(?:\.[0-9]+)?)\s*(B|GB)?$/);
+    if (!match) return null;
+
+    const value = Number.parseFloat(match[1]);
+    const unit = match[2] || 'B';
+
+    // Convert to "B params" approximation used by existing check flow
+    return unit === 'GB' ? value / 0.5 : value;
+}
+
+function normalizeUseCaseInput(useCase = '') {
+    const alias = String(useCase || '')
+        .toLowerCase()
+        .trim();
+
+    const useCaseMap = {
+        embed: 'embeddings',
+        embedding: 'embeddings',
+        embeddings: 'embeddings',
+        embedings: 'embeddings',
+        talk: 'chat',
+        talking: 'chat',
+        conversation: 'chat',
+        chat: 'chat'
+    };
+
+    return useCaseMap[alias] || alias || 'general';
+}
+
+function resolveAuditFormats(formatOption, policy) {
+    const requested = String(formatOption || 'json').trim().toLowerCase();
+    const allowed = new Set(['json', 'csv', 'sarif']);
+
+    if (requested === 'all') {
+        const configured = Array.isArray(policy?.reporting?.formats)
+            ? policy.reporting.formats
+                  .map((entry) => String(entry || '').trim().toLowerCase())
+                  .filter((entry) => allowed.has(entry))
+            : [];
+
+        return configured.length > 0 ? configured : ['json', 'csv', 'sarif'];
+    }
+
+    if (!allowed.has(requested)) {
+        throw new Error('Invalid format. Use one of: json, csv, sarif, all');
+    }
+
+    return [requested];
+}
+
+function toAuditOutputPath({ outputPath, outputDir, commandName, format, timestamp }) {
+    if (outputPath) {
+        return path.resolve(outputPath);
+    }
+
+    const safeTimestamp = timestamp.replace(/[:.]/g, '-');
+    const extension = format === 'sarif' ? 'sarif.json' : format;
+    const fileName = `${commandName}-policy-audit-${safeTimestamp}.${extension}`;
+    return path.resolve(outputDir || 'audit-reports', fileName);
+}
+
+function writeReportFile(filePath, content) {
+    fs.mkdirSync(path.dirname(filePath), { recursive: true });
+    fs.writeFileSync(filePath, content, 'utf8');
+}
+
+function displayPolicySummary(commandName, policyConfig, evaluation, enforcement) {
+    if (!policyConfig || !evaluation || !enforcement) return;
+
+    console.log('\n' + chalk.bgMagenta.white.bold(` POLICY SUMMARY (${commandName.toUpperCase()}) `));
+    console.log(chalk.magenta('╭' + '─'.repeat(65)));
+    console.log(chalk.magenta('│') + ` File: ${chalk.white(policyConfig.policyPath)}`);
+    console.log(
+        chalk.magenta('│') +
+            ` Mode: ${chalk.cyan(enforcement.mode)} | Action: ${chalk.cyan(enforcement.onViolation)}`
+    );
+    console.log(chalk.magenta('│') + ` Total checked: ${chalk.white.bold(evaluation.totalChecked)}`);
+    console.log(chalk.magenta('│') + ` Pass: ${chalk.green.bold(evaluation.passCount)} | Fail: ${chalk.red.bold(evaluation.failCount)}`);
+    console.log(
+        chalk.magenta('│') +
+            ` Suppressed: ${chalk.yellow.bold(evaluation.suppressedViolationCount || 0)} | Exceptions: ${chalk.cyan.bold(
+                evaluation.exceptionsAppliedCount || 0
+            )}`
+    );
+
+    if (evaluation.topViolations.length === 0) {
+        console.log(chalk.magenta('│') + ` Top violations: ${chalk.green('none')}`);
+    } else {
+        console.log(chalk.magenta('│') + ` Top violations:`);
+        evaluation.topViolations.slice(0, 3).forEach((violation) => {
+            console.log(
+                chalk.magenta('│') +
+                    `   - ${chalk.yellow(violation.code)}: ${chalk.white(violation.count)}`
+            );
+        });
+    }
+
+    if (enforcement.shouldBlock) {
+        console.log(
+            chalk.magenta('│') +
+                chalk.red.bold(
+                    ` Enforcement result: blocking violations detected (exit ${enforcement.exitCode})`
+                )
+        );
+    } else if (enforcement.mode === 'audit' && enforcement.hasFailures) {
+        console.log(
+            chalk.magenta('│') +
+                chalk.yellow(' Audit mode: violations reported, command exits with code 0')
+        );
+    } else if (enforcement.onViolation === 'warn' && enforcement.hasFailures) {
+        console.log(
+            chalk.magenta('│') +
+                chalk.yellow(' Enforce+warn: violations reported, command exits with code 0')
+        );
+    } else {
+        console.log(chalk.magenta('│') + chalk.green(' Policy check passed'));
+    }
+
+    console.log(chalk.magenta('╰' + '─'.repeat(65)));
+}
+
+const policyCommand = program
+    .command('policy')
+    .description('Manage enterprise policy files (policy.yaml)')
+    .showHelpAfterError();
+
+policyCommand
+    .command('init')
+    .description('Create a policy.yaml template')
+    .option('-f, --file <path>', 'Policy file path', 'policy.yaml')
+    .option('--force', 'Overwrite existing file if it already exists')
+    .action((options) => {
+        try {
+            const result = policyManager.initPolicy(options.file, {
+                force: Boolean(options.force)
+            });
+
+            const status = result.overwritten ? 'overwritten' : 'created';
+            console.log(chalk.green(`Policy file ${status}: ${result.path}`));
+        } catch (error) {
+            console.error(chalk.red(`Failed to initialize policy: ${error.message}`));
+            process.exit(1);
+        }
+    });
+
+policyCommand
+    .command('validate')
+    .description('Validate policy.yaml against the v1 schema')
+    .option('-f, --file <path>', 'Policy file path', 'policy.yaml')
+    .option('-j, --json', 'Output validation result as JSON')
+    .action((options) => {
+        try {
+            const result = policyManager.validatePolicyFile(options.file);
+
+            if (options.json) {
+                console.log(JSON.stringify({
+                    valid: result.valid,
+                    file: result.path,
+                    errorCount: result.errors.length,
+                    errors: result.errors
+                }, null, 2));
+                if (!result.valid) {
+                    process.exit(1);
+                }
+            } else if (result.valid) {
+                const mode = result.policy?.mode || 'unknown';
+                console.log(chalk.green(`Policy is valid (${mode} mode): ${result.path}`));
+            } else {
+                console.error(chalk.red(`Policy validation failed: ${result.path}`));
+                result.errors.forEach((entry) => {
+                    console.error(chalk.red(`  - ${entry.path}: ${entry.message}`));
+                });
+                process.exit(1);
+            }
+        } catch (error) {
+            if (options.json) {
+                console.log(JSON.stringify({
+                    valid: false,
+                    file: policyManager.resolvePolicyPath(options.file),
+                    errorCount: 1,
+                    errors: [{ path: 'file', message: error.message }]
+                }, null, 2));
+            } else {
+                console.error(chalk.red(`Policy validation failed: ${error.message}`));
+            }
+            process.exit(1);
+        }
+    });
+
+policyCommand.action(() => {
+    policyCommand.outputHelp();
+});
+
+const auditCommand = program
+    .command('audit')
+    .description('Run policy audits and export compliance reports')
+    .showHelpAfterError();
+
+auditCommand
+    .command('export')
+    .description('Evaluate policy compliance and export JSON/CSV/SARIF reports')
+    .requiredOption('--policy <file>', 'Policy file path')
+    .option('--command <name>', 'Evaluation source: check | recommend', 'check')
+    .option('--format <format>', 'Report format: json | csv | sarif | all', 'json')
+    .option('--out <path>', 'Output file path (single-format export only)')
+    .option('--out-dir <path>', 'Output directory when --out is omitted', 'audit-reports')
+    .option('-u, --use-case <case>', 'Use case when --command check is selected', 'general')
+    .option('-c, --category <category>', 'Category hint when --command recommend is selected')
+    .option('--runtime <runtime>', `Runtime for check mode (${SUPPORTED_RUNTIMES.join('|')})`, 'ollama')
+    .option('--include-cloud', 'Include cloud models in check-mode analysis')
+    .option('--max-size <size>', 'Maximum model size for check mode (e.g., "24B" or "12GB")')
+    .option('--min-size <size>', 'Minimum model size for check mode (e.g., "3B" or "2GB")')
+    .option('-l, --limit <number>', 'Model analysis limit for check mode', '25')
+    .option('--no-verbose', 'Disable verbose progress while collecting audit inputs')
+    .action(async (options) => {
+        try {
+            const policyConfig = loadPolicyConfiguration(options.policy);
+            const selectedCommand = String(options.command || 'check')
+                .toLowerCase()
+                .trim();
+
+            if (!['check', 'recommend'].includes(selectedCommand)) {
+                throw new Error('Invalid --command value. Use "check" or "recommend".');
+            }
+
+            const exportFormats = resolveAuditFormats(options.format, policyConfig.policy);
+            if (options.out && exportFormats.length > 1) {
+                throw new Error('--out can only be used with a single export format.');
+            }
+
+            const verboseEnabled = options.verbose !== false;
+            const checker = new (getLLMChecker())({ verbose: verboseEnabled });
+            const hardware = await checker.getSystemInfo();
+
+            let runtimeBackend = 'ollama';
+            let policyCandidates = [];
+            let analysisResult = null;
+            let recommendationResult = null;
+
+            if (selectedCommand === 'check') {
+                let selectedRuntime = normalizeRuntime(options.runtime);
+                if (!runtimeSupportedOnHardware(selectedRuntime, hardware)) {
+                    selectedRuntime = 'ollama';
+                }
+
+                const maxSize = parseSizeFilterInput(options.maxSize);
+                const minSize = parseSizeFilterInput(options.minSize);
+                const normalizedUseCase = normalizeUseCaseInput(options.useCase);
+
+                analysisResult = await checker.analyze({
+                    useCase: normalizedUseCase,
+                    includeCloud: Boolean(options.includeCloud),
+                    limit: Number.parseInt(options.limit, 10) || 25,
+                    maxSize,
+                    minSize,
+                    runtime: selectedRuntime
+                });
+
+                runtimeBackend = selectedRuntime;
+                policyCandidates = collectCandidatesFromAnalysis(analysisResult);
+            } else {
+                recommendationResult = await checker.generateIntelligentRecommendations(hardware);
+                if (!recommendationResult) {
+                    throw new Error('Unable to generate recommendation data for policy audit export.');
+                }
+
+                runtimeBackend = normalizeRuntime(options.runtime || 'ollama');
+                policyCandidates = collectCandidatesFromRecommendationData(recommendationResult);
+            }
+
+            const policyContext = buildPolicyRuntimeContext({
+                hardware,
+                runtimeBackend
+            });
+
+            const policyEvaluation = evaluatePolicyCandidates(
+                policyConfig.policyEngine,
+                policyCandidates,
+                policyContext,
+                policyConfig.policy
+            );
+            const policyEnforcement = resolvePolicyEnforcement(policyConfig.policy, policyEvaluation);
+
+            const report = buildComplianceReport({
+                commandName: selectedCommand,
+                policyPath: policyConfig.policyPath,
+                policy: policyConfig.policy,
+                evaluation: policyEvaluation,
+                enforcement: policyEnforcement,
+                runtimeContext: policyContext,
+                options: {
+                    format: exportFormats,
+                    runtime: runtimeBackend,
+                    use_case: selectedCommand === 'check' ? normalizeUseCaseInput(options.useCase) : null,
+                    category: selectedCommand === 'recommend' ? options.category || null : null,
+                    include_cloud: Boolean(options.includeCloud)
+                },
+                hardware
+            });
+
+            const generatedAt = report.generated_at || new Date().toISOString();
+            const writtenFiles = [];
+            exportFormats.forEach((format) => {
+                const filePath = toAuditOutputPath({
+                    outputPath: options.out,
+                    outputDir: options.outDir,
+                    commandName: selectedCommand,
+                    format,
+                    timestamp: generatedAt
+                });
+                const content = serializeComplianceReport(report, format);
+                writeReportFile(filePath, content);
+                writtenFiles.push({ format, filePath });
+            });
+
+            displayPolicySummary(`audit ${selectedCommand}`, policyConfig, policyEvaluation, policyEnforcement);
+
+            console.log('\n' + chalk.bgBlue.white.bold(' AUDIT EXPORT '));
+            writtenFiles.forEach((entry) => {
+                console.log(`${chalk.cyan(entry.format.toUpperCase())}: ${chalk.white(entry.filePath)}`);
+            });
+
+            if (policyEnforcement.shouldBlock) {
+                process.exit(policyEnforcement.exitCode);
+            }
+        } catch (error) {
+            console.error(chalk.red(`Audit export failed: ${error.message}`));
+            if (process.env.DEBUG) {
+                console.error(error.stack);
+            }
+            process.exit(1);
+        }
+    });
+
+auditCommand.action(() => {
+    auditCommand.outputHelp();
+});
+
 program
     .command('check')
     .description('Analyze your system and show compatible LLM models')
@@ -2072,15 +2445,30 @@ program
     .option('--include-cloud', 'Include cloud models in analysis')
     .option('--ollama-only', 'Only show models available in Ollama')
     .option('--runtime <runtime>', `Inference runtime (${SUPPORTED_RUNTIMES.join('|')})`, 'ollama')
+    .option('--policy <file>', 'Evaluate candidate models against a policy file')
     .option('--performance-test', 'Run performance benchmarks')
     .option('--show-ollama-analysis', 'Show detailed Ollama model analysis')
     .option('--no-verbose', 'Disable step-by-step progress display')
+    .addHelpText(
+        'after',
+        `
+Enterprise policy examples:
+  $ llm-checker check --policy ./policy.yaml
+  $ llm-checker check --policy ./policy.yaml --use-case coding --runtime vllm
+  $ llm-checker check --policy ./policy.yaml --include-cloud --max-size 24B
+
+Policy scope:
+  - Evaluates all compatible and marginal candidates discovered during analysis
+  - Not limited to the top --limit results shown in output
+`
+    )
     .action(async (options) => {
         showAsciiArt('check');
         try {
             // Use verbose progress unless explicitly disabled
             const verboseEnabled = options.verbose !== false;
             const checker = new (getLLMChecker())({ verbose: verboseEnabled });
+            const policyConfig = options.policy ? loadPolicyConfiguration(options.policy) : null;
             
             // If verbose is disabled, show simple loading message
             if (!verboseEnabled) {
@@ -2147,6 +2535,23 @@ program
                 console.log(chalk.green(' done'));
             }
 
+            let policyEvaluation = null;
+            let policyEnforcement = null;
+            if (policyConfig) {
+                const policyCandidates = collectCandidatesFromAnalysis(analysis);
+                const policyContext = buildPolicyRuntimeContext({
+                    hardware,
+                    runtimeBackend: selectedRuntime
+                });
+                policyEvaluation = evaluatePolicyCandidates(
+                    policyConfig.policyEngine,
+                    policyCandidates,
+                    policyContext,
+                    policyConfig.policy
+                );
+                policyEnforcement = resolvePolicyEnforcement(policyConfig.policy, policyEvaluation);
+            }
+
             // Simplified output - show only essential information
             displaySimplifiedSystemInfo(hardware);
             const recommendedModels = await displayModelRecommendations(
@@ -2158,6 +2563,13 @@ program
             );
             await displayQuickStartCommands(analysis, recommendedModels[0], recommendedModels, selectedRuntime);
 
+            if (policyConfig && policyEvaluation && policyEnforcement) {
+                displayPolicySummary('check', policyConfig, policyEvaluation, policyEnforcement);
+                if (policyEnforcement.shouldBlock) {
+                    process.exit(policyEnforcement.exitCode);
+                }
+            }
+
         } catch (error) {
             console.error(chalk.red('\nError:'), error.message);
             if (process.env.DEBUG) {
@@ -2387,11 +2799,22 @@ program
     .description('Get intelligent model recommendations for your hardware')
     .option('-c, --category <category>', 'Get recommendations for specific category (coding, talking, reading, etc.)')
     .option('--no-verbose', 'Disable step-by-step progress display')
+    .option('--policy <file>', 'Evaluate recommendations against a policy file')
+    .addHelpText(
+        'after',
+        `
+Enterprise policy examples:
+  $ llm-checker recommend --policy ./policy.yaml
+  $ llm-checker recommend --policy ./policy.yaml --category coding
+  $ llm-checker recommend --policy ./policy.yaml --no-verbose
+`
+    )
     .action(async (options) => {
         showAsciiArt('recommend');
         try {
             const verboseEnabled = options.verbose !== false;
             const checker = new (getLLMChecker())({ verbose: verboseEnabled });
+            const policyConfig = options.policy ? loadPolicyConfiguration(options.policy) : null;
             
             if (!verboseEnabled) {
                 process.stdout.write(chalk.gray('Generating recommendations...'));
@@ -2409,12 +2832,36 @@ program
                 console.log(chalk.green(' done'));
             }
 
+            let policyEvaluation = null;
+            let policyEnforcement = null;
+            if (policyConfig) {
+                const policyCandidates = collectCandidatesFromRecommendationData(intelligentRecommendations);
+                const policyContext = buildPolicyRuntimeContext({
+                    hardware,
+                    runtimeBackend: 'ollama'
+                });
+                policyEvaluation = evaluatePolicyCandidates(
+                    policyConfig.policyEngine,
+                    policyCandidates,
+                    policyContext,
+                    policyConfig.policy
+                );
+                policyEnforcement = resolvePolicyEnforcement(policyConfig.policy, policyEvaluation);
+            }
+
             // Mostrar información del sistema
             displaySystemInfo(hardware, { summary: { hardwareTier: intelligentRecommendations.summary.hardware_tier } });
             
             // Mostrar recomendaciones
             displayIntelligentRecommendations(intelligentRecommendations);
 
+            if (policyConfig && policyEvaluation && policyEnforcement) {
+                displayPolicySummary('recommend', policyConfig, policyEvaluation, policyEnforcement);
+                if (policyEnforcement.shouldBlock) {
+                    process.exit(policyEnforcement.exitCode);
+                }
+            }
+
         } catch (error) {
             console.error(chalk.red('\nError:'), error.message);
             if (process.env.DEBUG) {