moflo 4.7.8 → 4.8.1

package/.claude/helpers/patch-aggressive-prune.mjs

@@ -1,184 +0,0 @@
-#!/usr/bin/env node
-/**
- * Patch: Aggressive Text Pruning for Claude Code
- *
- * Extends Claude Code's micro-compaction (Vd function) to also prune old
- * user/assistant TEXT content, not just tool results. This keeps context
- * lean and prevents full compaction from ever being needed.
- *
- * What it does:
- *   After Vd() runs (pruning tool results), this patch adds a second pass
- *   that truncates old conversation text. It keeps the last N turns intact
- *   and replaces older text with brief summaries.
- *
- * How it works:
- *   Patches cli.js to insert a textPrune() function call after Vd().
- *   The function:
- *   1. Counts total text tokens in the message array
- *   2. If above threshold (configurable via CLAUDE_TEXT_PRUNE_THRESHOLD)
- *   3. Keeps the last CLAUDE_TEXT_PRUNE_KEEP turns intact
- *   4. Truncates older text blocks to first line + "[earlier context pruned]"
- *   5. Preserves tool_use/tool_result structure (never breaks the API contract)
- *
- * Safety:
- *   - Only modifies text content blocks, never tool_use or tool_result
- *   - Always keeps last N turns fully intact
- *   - Preserves message structure (role, type, ids)
- *   - Falls back gracefully if anything fails
- *   - Can be reverted by running: node patch-aggressive-prune.mjs --revert
- *
- * Usage:
- *   node patch-aggressive-prune.mjs          # Apply patch
- *   node patch-aggressive-prune.mjs --revert # Revert patch
- *   node patch-aggressive-prune.mjs --check  # Check if patched
- */
-
-import { readFileSync, writeFileSync, copyFileSync, existsSync } from 'fs';
-import { join, dirname } from 'path';
-import { fileURLToPath } from 'url';
-
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = dirname(__filename);
-const PROJECT_ROOT = join(__dirname, '../..');
-const CLI_PATH = join(PROJECT_ROOT, 'node_modules/@anthropic-ai/claude-agent-sdk/cli.js');
-const BACKUP_PATH = CLI_PATH + '.backup';
-
-const PATCH_MARKER = '/*AGGRESSIVE_TEXT_PRUNE_PATCH*/';
-
-// The text pruning function to inject
-const TEXT_PRUNE_FUNCTION = `
-/*AGGRESSIVE_TEXT_PRUNE_PATCH*/
-function _aggressiveTextPrune(messages) {
-  try {
-    var KEEP = parseInt(process.env.CLAUDE_TEXT_PRUNE_KEEP || '10', 10);
-    var THRESHOLD = parseInt(process.env.CLAUDE_TEXT_PRUNE_THRESHOLD || '60000', 10);
-    var MAX_OLD_TEXT = parseInt(process.env.CLAUDE_TEXT_PRUNE_MAX_CHARS || '150', 10);
-
-    // Count text tokens roughly (4 chars per token)
-    var totalChars = 0;
-    for (var i = 0; i < messages.length; i++) {
-      var m = messages[i];
-      if ((m.type === 'user' || m.type === 'assistant') && Array.isArray(m.message?.content)) {
-        for (var j = 0; j < m.message.content.length; j++) {
-          var c = m.message.content[j];
-          if (c.type === 'text') totalChars += (c.text || '').length;
-        }
-      }
-    }
-
-    var totalTokensEst = Math.ceil(totalChars / 4);
-    if (totalTokensEst < THRESHOLD) return messages;
-
-    // Find turn boundaries (user message = new turn)
-    var turnStarts = [];
-    for (var i = 0; i < messages.length; i++) {
-      if (messages[i].type === 'user') turnStarts.push(i);
-    }
-
-    // Keep last KEEP turns intact
-    var cutoffIdx = turnStarts.length > KEEP ? turnStarts[turnStarts.length - KEEP] : 0;
-    if (cutoffIdx === 0) return messages;
-
-    var pruned = [];
-    var prunedChars = 0;
-    for (var i = 0; i < messages.length; i++) {
-      var m = messages[i];
-      if (i >= cutoffIdx) {
-        pruned.push(m);
-        continue;
-      }
-      if ((m.type === 'user' || m.type === 'assistant') && Array.isArray(m.message?.content)) {
-        var newContent = [];
-        for (var j = 0; j < m.message.content.length; j++) {
-          var c = m.message.content[j];
-          if (c.type === 'text' && c.text && c.text.length > MAX_OLD_TEXT) {
-            var firstLine = c.text.split('\\n')[0].slice(0, MAX_OLD_TEXT);
-            prunedChars += c.text.length - firstLine.length - 30;
-            newContent.push({ ...c, text: firstLine + '\\n[earlier context pruned]' });
-          } else {
-            newContent.push(c);
-          }
-        }
-        pruned.push({ ...m, message: { ...m.message, content: newContent } });
-      } else {
-        pruned.push(m);
-      }
-    }
-
-    if (prunedChars > 1000) {
-      process.stderr?.write?.('[TextPrune] Pruned ~' + Math.round(prunedChars/4) + ' tokens of old text (kept last ' + KEEP + ' turns)\\n');
-    }
-    return pruned;
-  } catch(e) {
-    return messages;
-  }
-}
-/*END_AGGRESSIVE_TEXT_PRUNE_PATCH*/`;
-
-// The injection point: after Vd() call, before CT2() call
-const VD_CALL_PATTERN = 'z=await Vd(F,void 0,Y);if(F=z.messages,';
-const PATCHED_PATTERN = 'z=await Vd(F,void 0,Y);if(F=_aggressiveTextPrune(z.messages),';
-
-function check() {
-  const src = readFileSync(CLI_PATH, 'utf8');
-  const isPatched = src.includes(PATCH_MARKER);
-  console.log(isPatched ? 'PATCHED' : 'NOT PATCHED');
-  return isPatched;
-}
-
-function apply() {
-  if (check()) {
-    console.log('Already patched. Use --revert first to re-apply.');
-    return;
-  }
-
-  const src = readFileSync(CLI_PATH, 'utf8');
-
-  // Verify the injection point exists
-  if (!src.includes(VD_CALL_PATTERN)) {
-    console.error('ERROR: Could not find Vd() call pattern in cli.js.');
-    console.error('Claude Code may have been updated. Pattern expected:');
-    console.error('  ' + VD_CALL_PATTERN);
-    process.exit(1);
-  }
-
-  // Backup
-  if (!existsSync(BACKUP_PATH)) {
-    copyFileSync(CLI_PATH, BACKUP_PATH);
-    console.log('Backup saved to:', BACKUP_PATH);
-  }
-
-  // Inject the function at the top of the file (after the first line)
-  let patched = src;
-  const firstNewline = patched.indexOf('\n');
-  patched = patched.slice(0, firstNewline + 1) + TEXT_PRUNE_FUNCTION + '\n' + patched.slice(firstNewline + 1);
-
-  // Patch the Vd() call site to also run our text pruner
-  patched = patched.replace(VD_CALL_PATTERN, PATCHED_PATTERN);
-
-  writeFileSync(CLI_PATH, patched);
-  console.log('PATCH APPLIED successfully.');
-  console.log('');
-  console.log('Configuration (via env vars in settings.json):');
-  console.log('  CLAUDE_TEXT_PRUNE_KEEP=10       # Keep last N turns intact');
-  console.log('  CLAUDE_TEXT_PRUNE_THRESHOLD=60000 # Start pruning above this token count');
-  console.log('  CLAUDE_TEXT_PRUNE_MAX_CHARS=150  # Truncate old text to this many chars');
-  console.log('');
-  console.log('Restart Claude Code for the patch to take effect.');
-}
-
-function revert() {
-  if (!existsSync(BACKUP_PATH)) {
-    console.error('No backup found at:', BACKUP_PATH);
-    console.error('Cannot revert. Reinstall with: npm install @anthropic-ai/claude-agent-sdk');
-    process.exit(1);
-  }
-
-  copyFileSync(BACKUP_PATH, CLI_PATH);
-  console.log('REVERTED to original cli.js from backup.');
-}
-
-const arg = process.argv[2];
-if (arg === '--revert') revert();
-else if (arg === '--check') check();
-else apply();

package/.claude/helpers/pattern-consolidator.sh

@@ -1,86 +0,0 @@
-#!/bin/bash
-# RuFlo V3 - Pattern Consolidator Worker
-# Deduplicates patterns, prunes old ones, improves quality scores
-
-set -euo pipefail
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
-PATTERNS_DB="$PROJECT_ROOT/.claude-flow/learning/patterns.db"
-METRICS_DIR="$PROJECT_ROOT/.claude-flow/metrics"
-LAST_RUN_FILE="$METRICS_DIR/.consolidator-last-run"
-
-mkdir -p "$METRICS_DIR"
-
-should_run() {
-  if [ ! -f "$LAST_RUN_FILE" ]; then return 0; fi
-  local last_run=$(cat "$LAST_RUN_FILE" 2>/dev/null || echo "0")
-  local now=$(date +%s)
-  [ $((now - last_run)) -ge 900 ]  # 15 minutes
-}
-
-consolidate_patterns() {
-  if [ ! -f "$PATTERNS_DB" ] || ! command -v sqlite3 &>/dev/null; then
-    echo "[$(date +%H:%M:%S)] No patterns database found"
-    return 0
-  fi
-
-  echo "[$(date +%H:%M:%S)] Consolidating patterns..."
-
-  # Count before
-  local before=$(sqlite3 "$PATTERNS_DB" "SELECT COUNT(*) FROM short_term_patterns" 2>/dev/null || echo "0")
-
-  # Remove duplicates (keep highest quality)
-  sqlite3 "$PATTERNS_DB" "
-    DELETE FROM short_term_patterns
-    WHERE rowid NOT IN (
-      SELECT MIN(rowid) FROM short_term_patterns
-      GROUP BY strategy, domain
-    )
-  " 2>/dev/null || true
-
-  # Prune old low-quality patterns (older than 7 days, quality < 0.3)
-  sqlite3 "$PATTERNS_DB" "
-    DELETE FROM short_term_patterns
-    WHERE quality < 0.3
-    AND created_at < datetime('now', '-7 days')
-  " 2>/dev/null || true
-
-  # Promote high-quality patterns to long-term (quality > 0.8, used > 5 times)
-  sqlite3 "$PATTERNS_DB" "
-    INSERT OR IGNORE INTO long_term_patterns (strategy, domain, quality, source)
-    SELECT strategy, domain, quality, 'consolidated'
-    FROM short_term_patterns
-    WHERE quality > 0.8
-  " 2>/dev/null || true
-
-  # Decay quality of unused patterns
-  sqlite3 "$PATTERNS_DB" "
-    UPDATE short_term_patterns
-    SET quality = quality * 0.95
-    WHERE updated_at < datetime('now', '-1 day')
-  " 2>/dev/null || true
-
-  # Count after
-  local after=$(sqlite3 "$PATTERNS_DB" "SELECT COUNT(*) FROM short_term_patterns" 2>/dev/null || echo "0")
-  local removed=$((before - after))
-
-  echo "[$(date +%H:%M:%S)] ✓ Consolidated: $before → $after patterns (removed $removed)"
-
-  date +%s > "$LAST_RUN_FILE"
-}
-
-case "${1:-check}" in
-  "run"|"consolidate") consolidate_patterns ;;
-  "check") should_run && consolidate_patterns || echo "[$(date +%H:%M:%S)] Skipping (throttled)" ;;
-  "force") rm -f "$LAST_RUN_FILE"; consolidate_patterns ;;
-  "status")
-    if [ -f "$PATTERNS_DB" ] && command -v sqlite3 &>/dev/null; then
-      local short=$(sqlite3 "$PATTERNS_DB" "SELECT COUNT(*) FROM short_term_patterns" 2>/dev/null || echo "0")
-      local long=$(sqlite3 "$PATTERNS_DB" "SELECT COUNT(*) FROM long_term_patterns" 2>/dev/null || echo "0")
-      local avg_q=$(sqlite3 "$PATTERNS_DB" "SELECT ROUND(AVG(quality), 2) FROM short_term_patterns" 2>/dev/null || echo "0")
-      echo "Patterns: $short short-term, $long long-term, avg quality: $avg_q"
-    fi
-    ;;
-  *) echo "Usage: $0 [run|check|force|status]" ;;
-esac

package/.claude/helpers/perf-worker.sh

@@ -1,160 +0,0 @@
-#!/bin/bash
-# RuFlo V3 - Performance Benchmark Worker
-# Runs periodic benchmarks and updates metrics using agentic-flow agents
-
-set -euo pipefail
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
-METRICS_DIR="$PROJECT_ROOT/.claude-flow/metrics"
-PERF_FILE="$METRICS_DIR/performance.json"
-LAST_RUN_FILE="$METRICS_DIR/.perf-last-run"
-
-mkdir -p "$METRICS_DIR"
-
-# Check if we should run (throttle to once per 5 minutes)
-should_run() {
-  if [ ! -f "$LAST_RUN_FILE" ]; then
-    return 0
-  fi
-
-  local last_run=$(cat "$LAST_RUN_FILE" 2>/dev/null || echo "0")
-  local now=$(date +%s)
-  local diff=$((now - last_run))
-
-  # Run every 5 minutes (300 seconds)
-  [ "$diff" -ge 300 ]
-}
-
-# Simple search benchmark (measures grep/search speed)
-benchmark_search() {
-  local start=$(date +%s%3N)
-
-  # Search through v3 codebase
-  find "$PROJECT_ROOT/v3" -name "*.ts" -type f 2>/dev/null | \
-    xargs grep -l "function\|class\|interface" 2>/dev/null | \
-    wc -l > /dev/null
-
-  local end=$(date +%s%3N)
-  local duration=$((end - start))
-
-  # Baseline is ~100ms, calculate improvement
-  local baseline=100
-  if [ "$duration" -gt 0 ]; then
-    local improvement=$(echo "scale=2; $baseline / $duration" | bc 2>/dev/null || echo "1.0")
-    echo "${improvement}x"
-  else
-    echo "1.0x"
-  fi
-}
-
-# Memory efficiency check
-benchmark_memory() {
-  local node_mem=$(ps aux 2>/dev/null | grep -E "(node|agentic)" | grep -v grep | awk '{sum += $6} END {print int(sum/1024)}')
-  local baseline_mem=4000  # 4GB baseline
-
-  if [ -n "$node_mem" ] && [ "$node_mem" -gt 0 ]; then
-    local reduction=$(echo "scale=0; 100 - ($node_mem * 100 / $baseline_mem)" | bc 2>/dev/null || echo "0")
-    if [ "$reduction" -lt 0 ]; then reduction=0; fi
-    echo "${reduction}%"
-  else
-    echo "0%"
-  fi
-}
-
-# Startup time check
-benchmark_startup() {
-  local start=$(date +%s%3N)
-
-  # Quick check of agentic-flow responsiveness
-  timeout 5 npx agentic-flow@alpha --version >/dev/null 2>&1 || true
-
-  local end=$(date +%s%3N)
-  local duration=$((end - start))
-
-  echo "${duration}ms"
-}
-
-# Run benchmarks and update metrics
-run_benchmarks() {
-  echo "[$(date +%H:%M:%S)] Running performance benchmarks..."
-
-  local search_speed=$(benchmark_search)
-  local memory_reduction=$(benchmark_memory)
-  local startup_time=$(benchmark_startup)
-
-  # Calculate overall speedup (simplified)
-  local speedup_num=$(echo "$search_speed" | tr -d 'x')
-  if [ -z "$speedup_num" ] || [ "$speedup_num" = "1.0" ]; then
-    speedup_num="1.0"
-  fi
-
-  # Update performance.json
-  if [ -f "$PERF_FILE" ] && command -v jq &>/dev/null; then
-    jq --arg search "$search_speed" \
-       --arg memory "$memory_reduction" \
-       --arg startup "$startup_time" \
-       --arg speedup "${speedup_num}x" \
-       --arg updated "$(date -Iseconds)" \
-       '.search.improvement = $search |
-        .memory.reduction = $memory |
-        .startupTime.current = $startup |
-        .flashAttention.speedup = $speedup |
-        ."last-updated" = $updated' \
-       "$PERF_FILE" > "$PERF_FILE.tmp" && mv "$PERF_FILE.tmp" "$PERF_FILE"
-
-    echo "[$(date +%H:%M:%S)] ✓ Metrics updated: search=$search_speed memory=$memory_reduction startup=$startup_time"
-  else
-    echo "[$(date +%H:%M:%S)] ⚠ Could not update metrics (missing jq or file)"
-  fi
-
-  # Record last run time
-  date +%s > "$LAST_RUN_FILE"
-}
-
-# Spawn agentic-flow performance agent for deep analysis
-run_deep_benchmark() {
-  echo "[$(date +%H:%M:%S)] Spawning performance-benchmarker agent..."
-
-  npx agentic-flow@alpha --agent perf-analyzer --task "Analyze current system performance and update metrics" 2>/dev/null &
-  local pid=$!
-
-  # Don't wait, let it run in background
-  echo "[$(date +%H:%M:%S)] Agent spawned (PID: $pid)"
-}
-
-# Main dispatcher
-case "${1:-check}" in
-  "run"|"benchmark")
-    run_benchmarks
-    ;;
-  "deep")
-    run_deep_benchmark
-    ;;
-  "check")
-    if should_run; then
-      run_benchmarks
-    else
-      echo "[$(date +%H:%M:%S)] Skipping benchmark (throttled)"
-    fi
-    ;;
-  "force")
-    rm -f "$LAST_RUN_FILE"
-    run_benchmarks
-    ;;
-  "status")
-    if [ -f "$PERF_FILE" ]; then
-      jq -r '"Search: \(.search.improvement // "1x") | Memory: \(.memory.reduction // "0%") | Startup: \(.startupTime.current // "N/A")"' "$PERF_FILE" 2>/dev/null
-    else
-      echo "No metrics available"
-    fi
-    ;;
-  *)
-    echo "Usage: perf-worker.sh [run|deep|check|force|status]"
-    echo "  run    - Run quick benchmarks"
-    echo "  deep   - Spawn agentic-flow agent for deep analysis"
-    echo "  check  - Run if throttle allows (default)"
-    echo "  force  - Force run ignoring throttle"
-    echo "  status - Show current metrics"
-    ;;
-esac

package/.claude/helpers/quick-start.sh

@@ -1,19 +0,0 @@
-#!/bin/bash
-# Quick start guide for Claude Flow
-
-echo "🚀 Claude Flow Quick Start"
-echo "=========================="
-echo ""
-echo "1. Initialize a swarm:"
-echo "   npx claude-flow swarm init --topology hierarchical"
-echo ""
-echo "2. Spawn agents:"
-echo "   npx claude-flow agent spawn --type coder --name "API Developer""
-echo ""
-echo "3. Orchestrate tasks:"
-echo "   npx claude-flow task orchestrate --task "Build REST API""
-echo ""
-echo "4. Monitor progress:"
-echo "   npx claude-flow swarm monitor"
-echo ""
-echo "📚 For more examples, see .claude/commands/"

package/.claude/helpers/router.cjs

@@ -1,62 +0,0 @@
-#!/usr/bin/env node
-/**
- * Claude Flow Agent Router
- * Routes tasks to optimal agents based on learned patterns
- */
-
-const AGENT_CAPABILITIES = {
-  coder: ['code-generation', 'refactoring', 'debugging', 'implementation'],
-  tester: ['unit-testing', 'integration-testing', 'coverage', 'test-generation'],
-  reviewer: ['code-review', 'security-audit', 'quality-check', 'best-practices'],
-  researcher: ['web-search', 'documentation', 'analysis', 'summarization'],
-  architect: ['system-design', 'architecture', 'patterns', 'scalability'],
-  'backend-dev': ['api', 'database', 'server', 'authentication'],
-  'frontend-dev': ['ui', 'react', 'css', 'components'],
-  devops: ['ci-cd', 'docker', 'deployment', 'infrastructure'],
-};
-
-const TASK_PATTERNS = {
-  'implement|create|build|add|write code': 'coder',
-  'test|spec|coverage|unit test|integration': 'tester',
-  'review|audit|check|validate|security': 'reviewer',
-  'research|find|search|documentation|explore': 'researcher',
-  'design|architect|structure|plan': 'architect',
-  'api|endpoint|server|backend|database': 'backend-dev',
-  'ui|frontend|component|react|css|style': 'frontend-dev',
-  'deploy|docker|ci|cd|pipeline|infrastructure': 'devops',
-};
-
-function routeTask(task) {
-  const taskLower = task.toLowerCase();
-
-  for (const [pattern, agent] of Object.entries(TASK_PATTERNS)) {
-    const regex = new RegExp(pattern, 'i');
-    if (regex.test(taskLower)) {
-      return {
-        agent,
-        confidence: 0.8,
-        reason: `Matched pattern: ${pattern}`,
-      };
-    }
-  }
-
-  return {
-    agent: 'coder',
-    confidence: 0.5,
-    reason: 'Default routing - no specific pattern matched',
-  };
-}
-
-module.exports = { routeTask, AGENT_CAPABILITIES, TASK_PATTERNS };
-
-// CLI - only run when executed directly
-if (require.main === module) {
-  const task = process.argv.slice(2).join(' ');
-  if (task) {
-    const result = routeTask(task);
-    console.log(JSON.stringify(result, null, 2));
-  } else {
-    console.log('Usage: router.js <task description>');
-    console.log('\nAvailable agents:', Object.keys(AGENT_CAPABILITIES).join(', '));
-  }
-}

package/.claude/helpers/security-scanner.sh

@@ -1,127 +0,0 @@
-#!/bin/bash
-# RuFlo V3 - Security Scanner Worker
-# Scans for secrets, vulnerabilities, CVE updates
-
-set -euo pipefail
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
-SECURITY_DIR="$PROJECT_ROOT/.claude-flow/security"
-SCAN_FILE="$SECURITY_DIR/scan-results.json"
-LAST_RUN_FILE="$SECURITY_DIR/.scanner-last-run"
-
-mkdir -p "$SECURITY_DIR"
-
-should_run() {
-  if [ ! -f "$LAST_RUN_FILE" ]; then return 0; fi
-  local last_run=$(cat "$LAST_RUN_FILE" 2>/dev/null || echo "0")
-  local now=$(date +%s)
-  [ $((now - last_run)) -ge 1800 ]  # 30 minutes
-}
-
-scan_secrets() {
-  local secrets_found=0
-  local patterns=(
-    "password\s*=\s*['\"][^'\"]+['\"]"
-    "api[_-]?key\s*=\s*['\"][^'\"]+['\"]"
-    "secret\s*=\s*['\"][^'\"]+['\"]"
-    "token\s*=\s*['\"][^'\"]+['\"]"
-    "private[_-]?key"
-  )
-
-  for pattern in "${patterns[@]}"; do
-    local count=$(grep -riE "$pattern" "$PROJECT_ROOT/src" "$PROJECT_ROOT/v3" 2>/dev/null | grep -v node_modules | grep -v ".git" | wc -l | tr -d '[:space:]')
-    count=${count:-0}
-    secrets_found=$((secrets_found + count))
-  done
-
-  echo "$secrets_found"
-}
-
-scan_vulnerabilities() {
-  local vulns=0
-
-  # Check for known vulnerable patterns
-  # SQL injection patterns
-  local sql_count=$(grep -rE "execute\s*\(" "$PROJECT_ROOT/src" "$PROJECT_ROOT/v3" 2>/dev/null | grep -v node_modules | grep -v ".test." | wc -l | tr -d '[:space:]')
-  vulns=$((vulns + ${sql_count:-0}))
-
-  # Command injection patterns
-  local cmd_count=$(grep -rE "exec\s*\(|spawn\s*\(" "$PROJECT_ROOT/src" "$PROJECT_ROOT/v3" 2>/dev/null | grep -v node_modules | grep -v ".test." | wc -l | tr -d '[:space:]')
-  vulns=$((vulns + ${cmd_count:-0}))
-
-  # Unsafe eval
-  local eval_count=$(grep -rE "\beval\s*\(" "$PROJECT_ROOT/src" "$PROJECT_ROOT/v3" 2>/dev/null | grep -v node_modules | wc -l | tr -d '[:space:]')
-  vulns=$((vulns + ${eval_count:-0}))
-
-  echo "$vulns"
-}
-
-check_npm_audit() {
-  if [ -f "$PROJECT_ROOT/package-lock.json" ]; then
-    # Skip npm audit for speed - it's slow
-    echo "0"
-  else
-    echo "0"
-  fi
-}
-
-run_scan() {
-  echo "[$(date +%H:%M:%S)] Running security scan..."
-
-  local secrets=$(scan_secrets)
-  local vulns=$(scan_vulnerabilities)
-  local npm_vulns=$(check_npm_audit)
-
-  local total_issues=$((secrets + vulns + npm_vulns))
-  local status="clean"
-
-  if [ "$total_issues" -gt 10 ]; then
-    status="critical"
-  elif [ "$total_issues" -gt 0 ]; then
-    status="warning"
-  fi
-
-  # Update audit status
-  cat > "$SCAN_FILE" << EOF
-{
-  "status": "$status",
-  "timestamp": "$(date -Iseconds)",
-  "findings": {
-    "secrets": $secrets,
-    "vulnerabilities": $vulns,
-    "npm_audit": $npm_vulns,
-    "total": $total_issues
-  },
-  "cves": {
-    "tracked": ["CVE-1", "CVE-2", "CVE-3"],
-    "remediated": 3
-  }
-}
-EOF
-
-  # Update main audit status file
-  if [ "$status" = "clean" ]; then
-    echo '{"status":"CLEAN","cvesFixed":3}' > "$SECURITY_DIR/audit-status.json"
-  else
-    echo "{\"status\":\"$status\",\"cvesFixed\":3,\"issues\":$total_issues}" > "$SECURITY_DIR/audit-status.json"
-  fi
-
-  echo "[$(date +%H:%M:%S)] ✓ Security: $status | Secrets: $secrets | Vulns: $vulns | NPM: $npm_vulns"
-
-  date +%s > "$LAST_RUN_FILE"
-}
-
-case "${1:-check}" in
-  "run"|"scan") run_scan ;;
-  "check") should_run && run_scan || echo "[$(date +%H:%M:%S)] Skipping (throttled)" ;;
-  "force") rm -f "$LAST_RUN_FILE"; run_scan ;;
-  "status")
-    if [ -f "$SCAN_FILE" ]; then
-      jq -r '"Status: \(.status) | Secrets: \(.findings.secrets) | Vulns: \(.findings.vulnerabilities) | NPM: \(.findings.npm_audit)"' "$SCAN_FILE"
-    else
-      echo "No scan data available"
-    fi
-    ;;
-  *) echo "Usage: $0 [run|check|force|status]" ;;
-esac