rebar-mcp 2.0.0

package/rebar-v2.0.0-platform-spec.md

@@ -0,0 +1,1567 @@
+# Rebar v2.0.0 — The Complete Rebrand and Platform Expansion
+
+## STATUS: IMPLEMENTATION SPEC — NOT A DISCUSSION DOCUMENT
+
+Every section in this document is a directive. Do not paraphrase. Do not summarize.
+Do not replace specific text with "appropriate content" or "relevant rules."
+When this spec says "use this exact text," copy it verbatim.
+When this spec says "the command MUST be," use that exact command string.
+When this spec says "create this file," create that exact file with that exact content.
+
+If you are unsure about something, re-read the spec. The answer is in here.
+
+---
+
+## What Rebar v2.0.0 Is
+
+Rebar is an enforcement platform for AI-generated code. It prevents AI coding tools from shipping broken, incomplete, or insecure code by embedding guardrails directly into the development environment.
+
+v2.0.0 transforms ccboot-mcp-server into Rebar:
+- New name, new npm package, new GitHub repo, new identity
+- Multi-platform support (Claude Code + Cursor + Codex + Windsurf)
+- Strictness profiles (Standard / Strict / Paranoid)
+- `rebar doctor` health check command
+- Enhanced metrics dashboard with quality score over time
+- Standalone CLI mode for CI/CD pipelines
+- README badge / embeddable quality score SVG
+
+Previous versions (ccboot v1.0–v1.2) are being superseded. All functionality carries forward.
+
+---
+
+## IMPLEMENTATION ORDER
+
+Complete these in EXACT sequence. Do not skip ahead. Do not combine phases.
+After each phase, run `npm run build` and `npm run test`. Fix ALL errors before proceeding.
+
+```
+Phase A: Repository rebrand (Section 1)
+Phase B: Strictness profiles (Section 2)
+Phase C: Multi-platform template generation (Section 3)
+Phase D: `rebar doctor` command (Section 4)
+Phase E: Standalone CLI mode (Section 5)
+Phase F: Enhanced metrics dashboard (Section 6)
+Phase G: Quality score badge (Section 7)
+Phase H: Custom rules engine (Section 8)
+Phase I: Update all tests (Section 9)
+Phase J: README, CHANGELOG, publish (Section 10)
+```
+
+---
+
+# SECTION 1: REPOSITORY REBRAND
+
+## 1.1 Package Identity
+
+| Field | Old Value | New Value |
+|-------|-----------|-----------|
+| Package name | `ccboot-mcp-server` | `rebar-mcp` |
+| Binary name | `ccboot-mcp-server` | `rebar` |
+| npm scope | `@vaspera/ccboot-mcp-server` (if scoped) | `rebar-mcp` (unscoped for easier install) |
+| GitHub repo | (existing) | `rebar-mcp` |
+| Tool name prefix | `ccboot_` | `rebar_` |
+| Display name | "CCBoot MCP Server" | "Rebar" |
+| Tagline | "Claude Code Bootstrapper" | "Reinforcement for AI-generated code" |
+
+## 1.2 File Changes
+
+### package.json
+
+Update these fields EXACTLY:
+
+```json
+{
+  "name": "rebar-mcp",
+  "version": "2.0.0",
+  "description": "Reinforcement for AI-generated code. Enforcement hooks, quality audits, and opinionated templates that prevent AI coding tools from shipping broken code.",
+  "main": "dist/index.js",
+  "bin": {
+    "rebar": "dist/index.js",
+    "rebar-mcp": "dist/index.js"
+  },
+  "keywords": [
+    "mcp",
+    "claude-code",
+    "cursor",
+    "codex",
+    "windsurf",
+    "ai-coding",
+    "code-quality",
+    "enforcement",
+    "guardrails",
+    "linting",
+    "security",
+    "testing",
+    "agent-skills"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/RCOLKITT/rebar-mcp"
+  },
+  "homepage": "https://github.com/RCOLKITT/rebar-mcp#readme",
+  "author": "Ryan Colkitt <vaspera>",
+  "license": "MIT"
+}
+```
+
+### src/index.ts
+
+Update the McpServer initialization:
+
+```typescript
+const server = new McpServer({
+  name: "rebar-mcp",
+  version: "2.0.0"
+});
+```
+
+### All tool registrations
+
+Every tool name MUST be renamed from `ccboot_*` to `rebar_*`. This is a global find-and-replace but VERIFY every occurrence:
+
+| Old Name | New Name |
+|----------|----------|
+| `ccboot_init_project` | `rebar_init_project` |
+| `ccboot_generate_claudemd` | `rebar_generate_claudemd` |
+| `ccboot_create_skill` | `rebar_create_skill` |
+| `ccboot_create_agent` | `rebar_create_agent` |
+| `ccboot_create_hook` | `rebar_create_hook` |
+| `ccboot_create_command` | `rebar_create_command` |
+| `ccboot_create_knowledge` | `rebar_create_knowledge` |
+| `ccboot_create_adr` | `rebar_create_adr` |
+| `ccboot_list_artifacts` | `rebar_list_artifacts` |
+| `ccboot_validate_config` | `rebar_validate_config` |
+| `ccboot_audit_context` | `rebar_audit_context` |
+| `ccboot_apply_compliance` | `rebar_apply_compliance` |
+| `ccboot_create_ci_workflow` | `rebar_create_ci_workflow` |
+| `ccboot_create_security_hook` | `rebar_create_security_hook` |
+| `ccboot_generate_mcp_config` | `rebar_generate_mcp_config` |
+| `ccboot_audit_code_quality` | `rebar_audit` |
+
+Note: `ccboot_audit_code_quality` becomes `rebar_audit` (shorter, cleaner).
+
+### Tool descriptions
+
+Every tool description must be updated to remove references to "ccboot" and replace with "Rebar." Additionally, every tool description's FIRST LINE must include the Rebar identity. Example:
+
+OLD: `"Full project bootstrap. Generates CLAUDE.md, .claude/ directory..."`
+NEW: `"[Rebar] Full project bootstrap with enforcement hooks, opinionated templates, and quality guardrails. Generates CLAUDE.md, .claude/ directory..."`
+
+### All template files
+
+Search every file in `templates/` for the string "ccboot" and replace with "rebar". This includes:
+- Template content that references ccboot
+- YAML frontmatter that references ccboot
+- Comments that reference ccboot
+
+### All test files
+
+Update all test files to use `rebar_*` tool names and `rebar-mcp` package references.
+
+### README.md
+
+Will be fully rewritten in Section 10. For now, update the title to `# Rebar` and the description to `Reinforcement for AI-generated code.`
+
+## 1.3 Verification
+
+After completing the rebrand:
+
+1. `grep -r "ccboot" src/ templates/ tests/` must return ZERO results
+2. `grep -r "ccboot" package.json` must return ZERO results
+3. `npm run build` must pass with zero errors
+4. `npm run test` must pass with all tests green
+5. Running `node dist/index.js` must start the MCP server with name "rebar-mcp"
+
+Do NOT proceed to Phase B until all 5 verifications pass.
+
+---
+
+# SECTION 2: STRICTNESS PROFILES
+
+## 2.1 Overview
+
+Strictness profiles control how aggressively Rebar's hooks enforce quality. Three named profiles replace the binary "notify vs. block" choice.
+
+## 2.2 Profile Definitions
+
+### Standard Profile
+
+Behavior: Hooks **notify** on issues but do not block. Claude sees the warning and should act on it, but is not forced to stop.
+
+| Hook | Behavior | Exit Code |
+|------|----------|-----------|
+| Format-on-write | Formats automatically | 0 (always succeeds) |
+| Lint-on-write | Shows lint output | 0 (notify only) |
+| Test enforcement | Runs tests, shows results | 0 (notify only) |
+| Danger blocker | **Blocks** destructive commands | 2 (always blocks — even Standard doesn't allow rm -rf) |
+| Secret detector | **Blocks** secret commits | 2 (always blocks — even Standard doesn't allow secrets) |
+
+### Strict Profile
+
+Behavior: Hooks **block** on quality failures. Claude must fix the issue before continuing.
+
+| Hook | Behavior | Exit Code |
+|------|----------|-----------|
+| Format-on-write | Formats automatically | 0 |
+| Lint-on-write | Shows lint output, **blocks** if errors found | 2 if lint errors |
+| Test enforcement | Runs tests, **blocks** if any test fails | 2 if tests fail |
+| Danger blocker | **Blocks** destructive commands | 2 |
+| Secret detector | **Blocks** secret commits | 2 |
+
+### Paranoid Profile
+
+Behavior: Everything in Strict, plus additional checks that enforce code structure limits.
+
+| Hook | Behavior | Exit Code |
+|------|----------|-----------|
+| All Strict hooks | Same as Strict | Same as Strict |
+| File size guard | **Blocks** writes to files over 400 lines | 2 if file > 400 lines |
+| Function size guard | **Warns** about functions over 50 lines | 0 (notify) |
+| Any type guard | **Blocks** writes that introduce `any` type | 2 if `any` found in written file |
+| Commit completeness | **Blocks** commits if TODO/FIXME found in staged files | 2 if TODO/FIXME found |
+
+## 2.3 Implementation
+
+### New file: `src/services/strictness.ts`
+
+This module MUST export:
+
+```typescript
+export type StrictnessProfile = "standard" | "strict" | "paranoid";
+
+export interface HookConfig {
+  event: string;
+  matcher: string;
+  command: string;
+  description: string;
+}
+
+export function getHooksForProfile(
+  profile: StrictnessProfile,
+  testCommand: string,
+  lintCommand: string,
+  formatCommand: string
+): HookConfig[];
+```
+
+The `getHooksForProfile` function generates the complete set of hooks for the given profile.
+
+### Standard profile hooks
+
+```typescript
+// Standard hooks — notify only (except danger + secrets which always block)
+const standardHooks: HookConfig[] = [
+  // Format on write — always auto-formats, never blocks
+  {
+    event: "PostToolUse",
+    matcher: "Write(*.ts)|Write(*.tsx)|Write(*.js)|Write(*.jsx)",
+    command: `${formatCommand} "$CLAUDE_FILE_PATH" 2>/dev/null || true`,
+    description: "Auto-format TypeScript/JavaScript files after write"
+  },
+  // Lint on write — shows output but does not block
+  {
+    event: "PostToolUse",
+    matcher: "Write(*.ts)|Write(*.tsx)|Write(*.js)|Write(*.jsx)",
+    command: `${lintCommand} "$CLAUDE_FILE_PATH" 2>&1 | head -20; exit 0`,
+    description: "Show lint results after write (non-blocking)"
+  },
+  // Test enforcement — runs tests, shows results, does not block
+  {
+    event: "PostToolUse",
+    matcher: "Write(*.ts)|Write(*.tsx)|Write(*.js)|Write(*.jsx)|Edit(*.ts)|Edit(*.tsx)|Edit(*.js)|Edit(*.jsx)",
+    command: `${testCommand} 2>&1 | tail -10; if [ $? -ne 0 ]; then echo '\\n⚠️ TESTS FAILED — You should fix these before continuing.'; fi; exit 0`,
+    description: "Run tests after code changes (non-blocking notification)"
+  },
+  // Danger blocker — ALWAYS blocks, even in Standard
+  {
+    event: "PreToolUse",
+    matcher: "Bash",
+    command: `BLOCKED='rm -rf|rm -fr|git push --force|git push -f|DROP TABLE|DROP DATABASE|TRUNCATE TABLE|chmod -R 777'; if echo "$CLAUDE_BASH_COMMAND" | grep -qiE "$BLOCKED"; then echo 'BLOCKED: Destructive command detected. Ask the developer for explicit approval.' >&2; exit 2; fi; exit 0`,
+    description: "Block destructive commands (always active)"
+  },
+  // Secret detector — ALWAYS blocks, even in Standard
+  {
+    event: "PreToolUse",
+    matcher: "Bash(git commit*)|Bash(git add*)",
+    command: `STAGED=$(git diff --cached --name-only 2>/dev/null); if [ -z "$STAGED" ]; then exit 0; fi; SECRETS=$(git diff --cached | grep -inE '(api[_-]?key|secret|password|token|private[_-]?key|aws_access|AKIA[A-Z0-9]{16})\\s*[:=]\\s*[\"\\x27]?[A-Za-z0-9+/=_-]{8,}' | head -5); if [ -n "$SECRETS" ]; then echo "BLOCKED: Potential secrets in staged files:" >&2; echo "$SECRETS" >&2; exit 2; fi; exit 0`,
+    description: "Block commits containing potential secrets (always active)"
+  }
+];
+```
+
+### Strict profile hooks
+
+Start with ALL standard hooks, then OVERRIDE the lint and test hooks to use exit code 2:
+
+```typescript
+// Override: Lint now blocks
+{
+  event: "PostToolUse",
+  matcher: "Write(*.ts)|Write(*.tsx)|Write(*.js)|Write(*.jsx)",
+  command: `RESULT=$(${lintCommand} "$CLAUDE_FILE_PATH" 2>&1); EXITCODE=$?; if [ $EXITCODE -ne 0 ]; then echo "$RESULT" | head -20; echo '\\n❌ LINT ERRORS — Fix these before continuing.' >&2; exit 2; fi; exit 0`,
+  description: "Block on lint errors after write"
+},
+// Override: Tests now block
+{
+  event: "PostToolUse",
+  matcher: "Write(*.ts)|Write(*.tsx)|Write(*.js)|Write(*.jsx)|Edit(*.ts)|Edit(*.tsx)|Edit(*.js)|Edit(*.jsx)",
+  command: `${testCommand} 2>&1 | tail -10; EXIT_CODE=$?; if [ $EXIT_CODE -ne 0 ]; then echo '\\n❌ TESTS FAILED — Fix failing tests before continuing. Do not move to the next task.' >&2; exit 2; fi; exit 0`,
+  description: "Block on test failures after code changes"
+}
+```
+
+### Paranoid profile hooks
+
+Start with ALL strict hooks, then ADD these additional hooks:
+
+```typescript
+// File size guard — blocks writes to files over 400 lines
+{
+  event: "PostToolUse",
+  matcher: "Write(*)|Edit(*)",
+  command: `if [ -f "$CLAUDE_FILE_PATH" ]; then LINES=$(wc -l < "$CLAUDE_FILE_PATH"); if [ "$LINES" -gt 400 ]; then echo "BLOCKED: File $CLAUDE_FILE_PATH has $LINES lines (max 400). Split this file into smaller modules." >&2; exit 2; fi; fi; exit 0`,
+  description: "Block files exceeding 400 lines"
+},
+// Any type guard — blocks writes that introduce `any` type (TypeScript only)
+{
+  event: "PostToolUse",
+  matcher: "Write(*.ts)|Write(*.tsx)|Edit(*.ts)|Edit(*.tsx)",
+  command: `if [ -f "$CLAUDE_FILE_PATH" ]; then ANY_COUNT=$(grep -cE ':\\s*any\\b|as\\s+any\\b|<any>' "$CLAUDE_FILE_PATH" 2>/dev/null || echo 0); if [ "$ANY_COUNT" -gt 0 ]; then echo "BLOCKED: File $CLAUDE_FILE_PATH contains $ANY_COUNT uses of 'any' type. Use specific types or 'unknown' instead." >&2; exit 2; fi; fi; exit 0`,
+  description: "Block TypeScript files containing 'any' type"
+},
+// Commit completeness — blocks commits with TODO/FIXME in staged files
+{
+  event: "PreToolUse",
+  matcher: "Bash(git commit*)",
+  command: `STAGED=$(git diff --cached --name-only 2>/dev/null); TODOS=""; for f in $STAGED; do if [ -f "$f" ]; then FOUND=$(grep -n 'TODO\\|FIXME\\|HACK\\|XXX' "$f" 2>/dev/null | head -3); if [ -n "$FOUND" ]; then TODOS="$TODOS\\n$f:\\n$FOUND"; fi; fi; done; if [ -n "$TODOS" ]; then echo "BLOCKED: Incomplete work found in staged files:" >&2; echo -e "$TODOS" >&2; echo "\\nRemove all TODO/FIXME/HACK/XXX comments before committing." >&2; exit 2; fi; exit 0`,
+  description: "Block commits containing TODO/FIXME/HACK/XXX comments"
+}
+```
+
+## 2.4 Integration with rebar_init_project
+
+Add a `strictness` parameter to `rebar_init_project`:
+
+```typescript
+strictness: z.enum(["standard", "strict", "paranoid"])
+  .default("standard")
+  .describe("Enforcement strictness level. 'standard' notifies on issues, 'strict' blocks on test/lint failures, 'paranoid' adds file size limits, any-type blocking, and commit completeness checks.")
+```
+
+When `rebar_init_project` generates `.claude/settings.json`, it calls `getHooksForProfile(strictness, testCommand, lintCommand, formatCommand)` and merges the result into the hooks configuration.
+
+## 2.5 New tool: `rebar_set_strictness`
+
+Register a new tool that changes the strictness profile for an existing project:
+
+```typescript
+server.registerTool(
+  "rebar_set_strictness",
+  {
+    title: "Set Rebar Strictness Profile",
+    description: "[Rebar] Changes the enforcement strictness level for the current project. Rewrites the hooks in .claude/settings.json to match the selected profile. Options: 'standard' (notify only), 'strict' (blocks on test/lint failures), 'paranoid' (strict + file size limits, any-type blocking, commit completeness checks).",
+    inputSchema: {
+      project_path: z.string().describe("Path to the project root"),
+      strictness: z.enum(["standard", "strict", "paranoid"]).describe("Desired strictness level"),
+      output_format: z.enum(["markdown", "json"]).default("markdown")
+    },
+    annotations: {
+      readOnlyHint: false,
+      destructiveHint: false,
+      idempotentHint: true,
+      openWorldHint: false
+    }
+  },
+  async (params) => {
+    // 1. Read existing .claude/settings.json
+    // 2. Remove all Rebar-generated hooks (identified by description starting with "Auto-format", "Show lint", "Run tests", "Block destructive", "Block commits", "Block files", "Block TypeScript")
+    // 3. Generate new hooks from getHooksForProfile()
+    // 4. Merge into settings.json
+    // 5. Write atomically
+    // 6. Return summary of what changed
+  }
+);
+```
+
+## 2.6 Verification
+
+1. `rebar_init_project` with `strictness: "standard"` generates hooks where only danger-blocker and secret-detector use exit 2
+2. `rebar_init_project` with `strictness: "strict"` generates hooks where test and lint hooks also use exit 2
+3. `rebar_init_project` with `strictness: "paranoid"` generates all of strict plus file size, any-type, and TODO guards
+4. `rebar_set_strictness` can switch between profiles without duplicating hooks
+5. All hook commands are syntactically valid bash (test by running them against sample input)
+
+---
+
+# SECTION 3: MULTI-PLATFORM TEMPLATE GENERATION
+
+## 3.1 Overview
+
+Rebar currently generates configuration files for Claude Code only. v2.0.0 adds support for Cursor, Windsurf, and Codex CLI. When `rebar_init_project` runs, it generates config files for ALL detected or specified platforms.
+
+## 3.2 Platform Detection
+
+Add to `src/services/platform-detect.ts`:
+
+```typescript
+export type AIPlatform = "claude-code" | "cursor" | "windsurf" | "codex";
+
+export interface DetectedPlatforms {
+  platforms: AIPlatform[];
+  evidence: Record<AIPlatform, string>;
+}
+
+export async function detectPlatforms(projectPath: string): Promise<DetectedPlatforms> {
+  const platforms: AIPlatform[] = [];
+  const evidence: Record<string, string> = {};
+
+  // Claude Code: .claude/ directory or CLAUDE.md exists
+  if (await fileExists(join(projectPath, ".claude")) || await fileExists(join(projectPath, "CLAUDE.md"))) {
+    platforms.push("claude-code");
+    evidence["claude-code"] = "Found .claude/ directory or CLAUDE.md";
+  }
+
+  // Cursor: .cursor/ directory or .cursorrules exists
+  if (await fileExists(join(projectPath, ".cursor")) || await fileExists(join(projectPath, ".cursorrules"))) {
+    platforms.push("cursor");
+    evidence["cursor"] = "Found .cursor/ directory or .cursorrules";
+  }
+
+  // Windsurf: .windsurf/ directory exists
+  if (await fileExists(join(projectPath, ".windsurf"))) {
+    platforms.push("windsurf");
+    evidence["windsurf"] = "Found .windsurf/ directory";
+  }
+
+  // Codex: AGENTS.md exists
+  if (await fileExists(join(projectPath, "AGENTS.md"))) {
+    platforms.push("codex");
+    evidence["codex"] = "Found AGENTS.md";
+  }
+
+  // If nothing detected, default to Claude Code (since we're an MCP server running in it)
+  if (platforms.length === 0) {
+    platforms.push("claude-code");
+    evidence["claude-code"] = "Default (no platform detected)";
+  }
+
+  return { platforms, evidence };
+}
+```
+
+## 3.3 Add `platforms` parameter to `rebar_init_project`
+
+```typescript
+platforms: z.array(z.enum(["claude-code", "cursor", "windsurf", "codex", "all"]))
+  .default(["all"])
+  .describe("Which AI coding platforms to generate configuration for. 'all' detects and generates for every supported platform.")
+```
+
+When `"all"` is specified (the default), call `detectPlatforms()` and generate for detected platforms. If none detected, generate for ALL platforms.
+
+## 3.4 Cursor Configuration Generation
+
+Cursor uses `.cursor/rules/*.md` files (called "rules") that are functionally equivalent to Claude Code's skills.
+
+### Directory structure
+
+```
+.cursor/
+└── rules/
+    ├── project-rules.md      (equivalent to CLAUDE.md)
+    ├── code-review.md         (equivalent to code-review skill)
+    ├── test-writer.md         (equivalent to test-writer skill)
+    ├── security-scan.md       (equivalent to security-scan skill)
+    └── documentation.md       (equivalent to documentation skill)
+```
+
+### project-rules.md format
+
+Cursor rules files use YAML frontmatter with a different schema than Claude Code skills. The format is:
+
+```markdown
+---
+description: Project rules and coding standards for {{project_name}}
+globs:
+alwaysApply: true
+---
+
+[Content goes here — use the same Mandatory Practices and Self-Review Checklist from the CLAUDE.md template]
+```
+
+### Conversion logic
+
+Create `src/services/cursor-generator.ts`:
+
+```typescript
+export async function generateCursorConfig(
+  projectPath: string,
+  claudeMdContent: string,
+  skills: SkillTemplate[]
+): Promise<GeneratedFile[]>
+```
+
+This function:
+1. Takes the rendered CLAUDE.md content and converts it to a Cursor rules file at `.cursor/rules/project-rules.md`
+2. Converts each skill template to a Cursor rule file
+3. Cursor rules use `description` (not `name`) and `globs` (not `allowed-tools`) in frontmatter
+4. Cursor does NOT support hooks — add a NOTE in the project-rules.md that says:
+
+```markdown
+> Note: Cursor does not support enforcement hooks. The guardrails below rely on
+> you following these rules. For automated enforcement, use Rebar with Claude Code
+> or run `npx rebar audit` in your CI pipeline.
+```
+
+## 3.5 Windsurf Configuration Generation
+
+Windsurf uses `.windsurf/rules/*.md` files.
+
+### Directory structure
+
+```
+.windsurf/
+└── rules/
+    ├── project-rules.md
+    ├── code-review.md
+    ├── test-writer.md
+    ├── security-scan.md
+    └── documentation.md
+```
+
+### Format
+
+Windsurf rules use a simpler frontmatter:
+
+```markdown
+---
+trigger: always
+---
+
+[Content — same as Cursor rules]
+```
+
+Create `src/services/windsurf-generator.ts` following the same pattern as cursor-generator.ts.
+
+## 3.6 Codex CLI Configuration Generation
+
+OpenAI's Codex CLI uses an `AGENTS.md` file at the project root (equivalent to CLAUDE.md).
+
+### File: `AGENTS.md`
+
+Create `src/services/codex-generator.ts`:
+
+```typescript
+export async function generateCodexConfig(
+  projectPath: string,
+  claudeMdContent: string
+): Promise<GeneratedFile[]>
+```
+
+This function:
+1. Takes the rendered CLAUDE.md content
+2. Writes it to `AGENTS.md` at the project root
+3. Adds a Codex-specific header:
+
+```markdown
+# {{project_name}} — Agent Instructions
+
+> Generated by Rebar (https://github.com/RCOLKITT/rebar-mcp)
+> These rules apply to all AI coding agents working in this repository.
+
+[Rest of CLAUDE.md content]
+```
+
+Codex does NOT support skills, agents, or hooks. The AGENTS.md file is the only configuration point.
+
+## 3.7 Updated rebar_init_project Output
+
+When `rebar_init_project` completes with multi-platform generation, the output MUST list what was created per platform:
+
+```markdown
+## Rebar Project Initialized
+
+### Claude Code
+- ✅ CLAUDE.md (Mandatory Practices + Self-Review Checklist)
+- ✅ .claude/settings.json (5 enforcement hooks, strictness: standard)
+- ✅ .claude/skills/ (5 skills: code-review, test-writer, security-scan, documentation, performance-audit)
+- ✅ .claude/agents/ (4 agents: explore, plan, test-runner, security-auditor)
+- ✅ .claudeignore
+
+### Cursor
+- ✅ .cursor/rules/project-rules.md
+- ✅ .cursor/rules/code-review.md
+- ✅ .cursor/rules/test-writer.md
+- ✅ .cursor/rules/security-scan.md
+- ✅ .cursor/rules/documentation.md
+
+### Windsurf
+- ✅ .windsurf/rules/project-rules.md
+- ✅ .windsurf/rules/code-review.md
+- ✅ .windsurf/rules/test-writer.md
+- ✅ .windsurf/rules/security-scan.md
+- ✅ .windsurf/rules/documentation.md
+
+### Codex CLI
+- ✅ AGENTS.md
+
+### Quality Audit
+- Score: XX/100
+- Issues found: X (X critical, X high, X medium, X low)
+```
+
+## 3.8 Verification
+
+1. `rebar_init_project` with `platforms: ["all"]` generates files for all 4 platforms
+2. `.cursor/rules/project-rules.md` contains valid Cursor frontmatter with `alwaysApply: true`
+3. `.windsurf/rules/project-rules.md` contains valid Windsurf frontmatter with `trigger: always`
+4. `AGENTS.md` exists and contains the full mandatory practices section
+5. All generated files contain the Mandatory Practices section verbatim
+6. No `{{variable}}` markers remain in any generated file
+
+---
+
+# SECTION 4: `rebar doctor` COMMAND
+
+## 4.1 Overview
+
+`rebar doctor` is a diagnostic tool that checks the health of a project's Rebar setup. It verifies that all enforcement mechanisms are properly installed and configured.
+
+## 4.2 Tool Registration
+
+```typescript
+server.registerTool(
+  "rebar_doctor",
+  {
+    title: "Rebar Doctor — Diagnose Setup Health",
+    description: "[Rebar] Checks the health of your Rebar enforcement setup. Verifies hooks are installed, templates are complete, skills are present, CLAUDE.md has mandatory sections, and there are no configuration conflicts. Run this when enforcement doesn't seem to be working.",
+    inputSchema: {
+      project_path: z.string().describe("Path to the project root"),
+      output_format: z.enum(["markdown", "json"]).default("markdown"),
+    },
+    annotations: {
+      readOnlyHint: true,
+      destructiveHint: false,
+      idempotentHint: true,
+      openWorldHint: false
+    }
+  },
+  async (params) => { /* implementation */ }
+);
+```
+
+## 4.3 Health Checks
+
+The doctor MUST perform ALL of the following checks. Each check returns PASS, WARN, or FAIL.
+
+### Check 1: CLAUDE.md Exists and Has Mandatory Sections
+
+- PASS: CLAUDE.md exists at project root AND contains "Mandatory Practices" heading AND contains "Self-Review Checklist" heading
+- WARN: CLAUDE.md exists but is missing one or both sections
+- FAIL: CLAUDE.md does not exist
+
+### Check 2: Enforcement Hooks Installed
+
+- PASS: `.claude/settings.json` exists AND contains at least the danger-blocker and secret-detector hooks
+- WARN: Settings file exists but is missing some hooks
+- FAIL: Settings file does not exist or has no hooks
+
+### Check 3: Skills Installed
+
+- PASS: `.claude/skills/` contains at least 3 skill directories with valid SKILL.md files
+- WARN: Skills directory exists but has fewer than 3 skills, or some SKILL.md files have invalid frontmatter
+- FAIL: No `.claude/skills/` directory
+
+### Check 4: Agents Installed
+
+- PASS: `.claude/agents/` contains at least 2 agent files
+- WARN: Agents directory exists but has fewer than 2 agents
+- FAIL: No `.claude/agents/` directory
+
+### Check 5: .claudeignore Exists
+
+- PASS: `.claudeignore` exists and includes at least `node_modules/` and `dist/`
+- WARN: `.claudeignore` exists but is empty or missing common exclusions
+- FAIL: `.claudeignore` does not exist
+
+### Check 6: Test Command Works
+
+- PASS: The test command from CLAUDE.md (or detected from package.json scripts.test) executes successfully
+- WARN: Test command found but returns non-zero exit code (tests failing is not a setup issue, but worth noting)
+- FAIL: No test command found in package.json or CLAUDE.md
+
+### Check 7: Strictness Profile Consistency
+
+- PASS: All hooks in settings.json are consistent with a single strictness profile
+- WARN: Hooks appear to be a mix of different profiles (some notify, some block inconsistently)
+- FAIL: N/A (this check only produces PASS or WARN)
+
+### Check 8: Context Budget
+
+- PASS: Total estimated token count of all skills + CLAUDE.md is under 2% of 200K context window (4,000 tokens)
+- WARN: Total is between 2% and 5% (some skills may not load)
+- FAIL: Total exceeds 5% (skills will definitely be dropped)
+
+### Check 9: Cross-Platform Config Consistency
+
+- PASS: If multiple platform configs exist (CLAUDE.md + .cursor/rules + AGENTS.md), they all contain the same mandatory practices
+- WARN: Platform configs exist but have divergent content
+- FAIL: N/A (only WARN or PASS)
+
+### Check 10: No Configuration Conflicts
+
+- PASS: No duplicate hook definitions, no conflicting tool permissions
+- WARN: Duplicate hooks found (same event + matcher appearing twice)
+- FAIL: Settings.json is invalid JSON
+
+## 4.4 Output Format
+
+```markdown
+## 🔧 Rebar Doctor Report
+
+**Project:** /path/to/project
+**Overall Health:** ✅ Healthy | ⚠️ Needs Attention | ❌ Broken
+
+### Results
+
+| # | Check | Status | Detail |
+|---|-------|--------|--------|
+| 1 | CLAUDE.md | ✅ PASS | Found with Mandatory Practices + Self-Review Checklist |
+| 2 | Enforcement hooks | ✅ PASS | 9 hooks installed (strictness: strict) |
+| 3 | Skills | ✅ PASS | 5 skills with valid frontmatter |
+| 4 | Agents | ✅ PASS | 4 agents configured |
+| 5 | .claudeignore | ✅ PASS | Excludes node_modules/, dist/, .git/ |
+| 6 | Test command | ⚠️ WARN | `npm test` found but 2 tests failing |
+| 7 | Strictness consistency | ✅ PASS | All hooks match "strict" profile |
+| 8 | Context budget | ✅ PASS | Estimated 2,847 tokens (1.4% of budget) |
+| 9 | Cross-platform consistency | ✅ PASS | CLAUDE.md and .cursor/rules aligned |
+| 10 | No conflicts | ✅ PASS | No duplicate hooks or conflicts found |
+
+### Summary
+✅ 9 passed, ⚠️ 1 warning, ❌ 0 failed
+
+### Recommendations
+- Fix the 2 failing tests to get a clean test suite
+```
+
+Overall health:
+- **Healthy**: Zero FAIL, at most 2 WARN
+- **Needs Attention**: Zero FAIL, 3+ WARN
+- **Broken**: Any FAIL
+
+---
+
+# SECTION 5: STANDALONE CLI MODE
+
+## 5.1 Overview
+
+Rebar currently only runs as an MCP server (stdio transport). v2.0.0 adds a standalone CLI mode so `rebar` can be used directly in terminals and CI/CD pipelines without an MCP client.
+
+## 5.2 Entry Point Changes
+
+Update `src/index.ts` to detect whether it's being invoked as an MCP server or a CLI:
+
+```typescript
+#!/usr/bin/env node
+
+const args = process.argv.slice(2);
+
+if (args.length > 0 && !args.includes("--mcp")) {
+  // CLI mode
+  await runCLI(args);
+} else {
+  // MCP server mode (default when no args or --mcp flag)
+  await runMCPServer();
+}
+```
+
+## 5.3 CLI Commands
+
+### `rebar init`
+
+```bash
+rebar init [--path .] [--stack auto] [--strictness standard] [--platforms all]
+```
+
+Calls `rebar_init_project` with the given options. Outputs to stdout.
+
+### `rebar audit`
+
+```bash
+rebar audit [--path .] [--format markdown|json] [--threshold 70]
+```
+
+Calls `rebar_audit` (formerly `rebar_audit_code_quality`). When `--threshold` is provided, exits with code 1 if the quality score is below the threshold. This is the key CI/CD integration point.
+
+### `rebar doctor`
+
+```bash
+rebar doctor [--path .]
+```
+
+Calls `rebar_doctor`. Exits with code 1 if any check FAILs.
+
+### `rebar set-strictness`
+
+```bash
+rebar set-strictness <standard|strict|paranoid> [--path .]
+```
+
+Calls `rebar_set_strictness`.
+
+### `rebar version`
+
+```bash
+rebar version
+```
+
+Prints `rebar-mcp v2.0.0`.
+
+### `rebar help`
+
+```bash
+rebar help
+```
+
+Prints:
+
+```
+Rebar — Reinforcement for AI-generated code
+
+Usage:
+  rebar init [options]          Initialize Rebar enforcement in a project
+  rebar audit [options]         Scan code for quality issues
+  rebar doctor [options]        Check Rebar setup health
+  rebar set-strictness <level>  Change enforcement strictness
+  rebar version                 Print version
+  rebar help                    Show this help
+
+Options:
+  --path <dir>          Project path (default: current directory)
+  --strictness <level>  standard | strict | paranoid (default: standard)
+  --platforms <list>    claude-code,cursor,windsurf,codex,all (default: all)
+  --format <type>       markdown | json (default: markdown)
+  --threshold <score>   Minimum quality score for audit (exits 1 if below)
+  --mcp                 Run as MCP server (default when no command given)
+
+Examples:
+  rebar init --strictness strict --platforms all
+  rebar audit --threshold 80 --format json
+  rebar doctor
+  npx rebar-mcp audit --threshold 70    # CI/CD usage
+```
+
+## 5.4 Implementation
+
+Create `src/cli.ts`:
+
+```typescript
+import { parseArgs } from "node:util";
+
+export async function runCLI(args: string[]): Promise<void> {
+  const command = args[0];
+
+  switch (command) {
+    case "init":
+      await handleInit(args.slice(1));
+      break;
+    case "audit":
+      await handleAudit(args.slice(1));
+      break;
+    case "doctor":
+      await handleDoctor(args.slice(1));
+      break;
+    case "set-strictness":
+      await handleSetStrictness(args.slice(1));
+      break;
+    case "version":
+      console.log("rebar-mcp v2.0.0");
+      break;
+    case "help":
+    case "--help":
+    case "-h":
+      printHelp();
+      break;
+    default:
+      console.error(`Unknown command: ${command}`);
+      printHelp();
+      process.exit(1);
+  }
+}
+```
+
+Each handler function:
+1. Parses CLI flags using `node:util`'s `parseArgs`
+2. Calls the SAME implementation function that the MCP tool handler calls (DRY — do not duplicate logic)
+3. Formats the output for terminal display (use the markdown output format)
+4. Sets the process exit code appropriately
+
+CRITICAL: The CLI handlers and MCP tool handlers MUST share the same core logic. Create shared implementation functions in `src/services/` that both the CLI and MCP handlers call. Do NOT copy-paste implementation between cli.ts and the tool handlers.
+
+## 5.5 CI/CD Integration Example
+
+The README must include this CI/CD example:
+
+```yaml
+# .github/workflows/rebar-audit.yml
+name: Rebar Code Quality
+on: [pull_request]
+
+jobs:
+  quality:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+      - run: npm ci
+      - run: npx rebar-mcp audit --threshold 70 --format json
+```
+
+## 5.6 Verification
+
+1. `node dist/index.js help` prints the help text
+2. `node dist/index.js version` prints `rebar-mcp v2.0.0`
+3. `node dist/index.js audit --path . --format json` returns valid JSON with quality score
+4. `node dist/index.js audit --path . --threshold 999` exits with code 1 (no project has score 999)
+5. `node dist/index.js doctor --path .` runs all 10 health checks
+6. `node dist/index.js` (no args) starts the MCP server via stdio
+7. `node dist/index.js --mcp` starts the MCP server via stdio
+
+---
+
+# SECTION 6: ENHANCED METRICS DASHBOARD
+
+## 6.1 Overview
+
+The existing public metrics page gets enhanced with quality score tracking over time, trend visualization, and a summary card that engineering leads can screenshot for status reports.
+
+## 6.2 Data Storage
+
+Create `src/services/metrics-store.ts`:
+
+Quality score history is stored in a JSON file at `.rebar/metrics.json` in the project directory:
+
+```typescript
+export interface MetricsSnapshot {
+  timestamp: string;        // ISO 8601
+  score: number;            // 0-100
+  issues: {
+    critical: number;
+    high: number;
+    medium: number;
+    low: number;
+  };
+  checks: Record<string, number>;  // count per check category
+  files_scanned: number;
+}
+
+export interface MetricsStore {
+  project_name: string;
+  created_at: string;
+  snapshots: MetricsSnapshot[];
+}
+```
+
+### Automatic snapshot capture
+
+Every time `rebar_audit` (or `rebar audit` CLI) runs, it automatically appends a snapshot to `.rebar/metrics.json`. This happens transparently — the user does not need to opt in.
+
+### Snapshot retention
+
+Keep the last 100 snapshots. When adding snapshot 101, drop the oldest.
+
+## 6.3 New tool: `rebar_metrics`
+
+```typescript
+server.registerTool(
+  "rebar_metrics",
+  {
+    title: "Rebar Metrics — Quality Score History",
+    description: "[Rebar] Shows quality score history, trends, and improvement rate. Generates a metrics summary card with score over time. Use to track code quality progress.",
+    inputSchema: {
+      project_path: z.string().describe("Path to the project root"),
+      period: z.enum(["7d", "30d", "90d", "all"]).default("30d").describe("Time period for metrics"),
+      output_format: z.enum(["markdown", "json"]).default("markdown"),
+    },
+    annotations: {
+      readOnlyHint: true,
+      destructiveHint: false,
+      idempotentHint: true,
+      openWorldHint: false
+    }
+  },
+  // handler
+);
+```
+
+### Markdown output format
+
+```markdown
+## 📊 Rebar Quality Metrics
+
+**Project:** {{project_name}}
+**Period:** Last 30 days
+**Current Score:** 85/100 ↑ (+12 from 30 days ago)
+
+### Score Trend
+```
+100 |
+ 90 |          ●  ●  ●  ●
+ 80 |     ●  ●
+ 70 |  ●
+ 60 |●
+    +--+--+--+--+--+--+--→ time
+    Mar 1        Mar 15
+```
+
+### Issue Trend
+| Category | 30 days ago | Now | Change |
+|----------|-------------|-----|--------|
+| Critical | 2 | 0 | ✅ -2 |
+| High | 8 | 3 | ✅ -5 |
+| Medium | 15 | 9 | ✅ -6 |
+| Low | 12 | 11 | ↔ -1 |
+
+### Summary
+- **Highest score:** 88 (March 14)
+- **Lowest score:** 61 (March 1)
+- **Average score:** 79
+- **Improvement rate:** +0.4 points/day
+- **Audits run:** 23 in this period
+```
+
+The ASCII chart is a simple visualization. Use the actual score values to plot points. Use `●` for data points and `|` / `+` / `→` for axes. The chart should have 7–10 data points max (aggregate if more snapshots exist in the period).
+
+## 6.4 CLI command: `rebar metrics`
+
+```bash
+rebar metrics [--path .] [--period 30d] [--format markdown|json]
+```
+
+## 6.5 `.rebar/` Directory
+
+The `.rebar/` directory is Rebar's data directory. Add it to the default generated `.gitignore` (NOT .claudeignore — Claude should be able to read metrics).
+
+Contents:
+- `metrics.json` — Quality score history
+- (Future: `config.json` — Rebar configuration that persists across sessions)
+
+---
+
+# SECTION 7: QUALITY SCORE BADGE
+
+## 7.1 Overview
+
+Generate an SVG badge that shows the current quality score, suitable for embedding in README files and dashboards.
+
+## 7.2 New tool: `rebar_badge`
+
+```typescript
+server.registerTool(
+  "rebar_badge",
+  {
+    title: "Rebar Badge — Generate Quality Score Badge",
+    description: "[Rebar] Generates an SVG badge showing the current quality score. Embed in README.md to display code quality status.",
+    inputSchema: {
+      project_path: z.string().describe("Path to the project root"),
+      style: z.enum(["flat", "flat-square"]).default("flat").describe("Badge style"),
+    },
+    annotations: {
+      readOnlyHint: true,
+      destructiveHint: false,
+      idempotentHint: true,
+      openWorldHint: false
+    }
+  },
+  // handler
+);
+```
+
+## 7.3 SVG Template
+
+The badge MUST be generated from this template. Do NOT use an external badge service — generate the SVG locally.
+
+```typescript
+function generateBadgeSVG(score: number, style: "flat" | "flat-square"): string {
+  const color = score >= 90 ? "#4c1" :    // bright green
+                score >= 70 ? "#97ca00" :  // green
+                score >= 50 ? "#dfb317" :  // yellow
+                score >= 30 ? "#fe7d37" :  // orange
+                "#e05d44";                  // red
+
+  const label = "rebar";
+  const value = `${score}/100`;
+  const radius = style === "flat" ? 3 : 0;
+
+  return `<svg xmlns="http://www.w3.org/2000/svg" width="106" height="20">
+  <linearGradient id="b" x2="0" y2="100%">
+    <stop offset="0" stop-color="#bbb" stop-opacity=".1"/>
+    <stop offset="1" stop-opacity=".1"/>
+  </linearGradient>
+  <clipPath id="a">
+    <rect width="106" height="20" rx="${radius}" fill="#fff"/>
+  </clipPath>
+  <g clip-path="url(#a)">
+    <path fill="#555" d="M0 0h47v20H0z"/>
+    <path fill="${color}" d="M47 0h59v20H47z"/>
+    <path fill="url(#b)" d="M0 0h106v20H0z"/>
+  </g>
+  <g fill="#fff" text-anchor="middle" font-family="DejaVu Sans,Verdana,Geneva,sans-serif" font-size="11">
+    <text x="23.5" y="15" fill="#010101" fill-opacity=".3">${label}</text>
+    <text x="23.5" y="14">${label}</text>
+    <text x="75.5" y="15" fill="#010101" fill-opacity=".3">${value}</text>
+    <text x="75.5" y="14">${value}</text>
+  </g>
+</svg>`;
+}
+```
+
+## 7.4 Output
+
+The tool writes the badge to `.rebar/badge.svg` and returns the markdown embed code:
+
+```markdown
+Badge generated at .rebar/badge.svg
+
+Add to your README.md:
+![Rebar Quality Score](.rebar/badge.svg)
+```
+
+## 7.5 CLI command: `rebar badge`
+
+```bash
+rebar badge [--path .] [--style flat]
+```
+
+## 7.6 Auto-update
+
+The badge is automatically regenerated every time `rebar_audit` runs. This ensures the badge always reflects the current score.
+
+---
+
+# SECTION 8: CUSTOM RULES ENGINE
+
+## 8.1 Overview
+
+Allow teams to add their own code quality rules beyond the 8 built-in checks. Rules are defined in a YAML file and evaluated during `rebar_audit`.
+
+## 8.2 Rules File
+
+Location: `.rebar/rules.yaml`
+
+Format:
+
+```yaml
+rules:
+  - name: no-direct-axios
+    description: "Use the centralized API client instead of importing axios directly"
+    pattern: "import.*from ['\"]axios['\"]"
+    severity: HIGH
+    file_patterns: ["*.ts", "*.tsx", "*.js", "*.jsx"]
+    exclude_files: ["src/lib/api.ts", "src/lib/http-client.ts"]
+
+  - name: no-console-error
+    description: "Use the logger service instead of console.error"
+    pattern: "console\\.error\\("
+    severity: MEDIUM
+    file_patterns: ["*.ts", "*.tsx"]
+    exclude_files: ["src/services/logger.ts"]
+
+  - name: no-inline-styles
+    description: "Use Tailwind classes instead of inline styles"
+    pattern: "style=\\{\\{"
+    severity: LOW
+    file_patterns: ["*.tsx", "*.jsx"]
+    exclude_files: []
+
+  - name: require-error-boundary
+    description: "Every page component must be wrapped in an ErrorBoundary"
+    pattern: "export default function.*Page"
+    anti_pattern: "ErrorBoundary"
+    severity: HIGH
+    file_patterns: ["*/pages/*.tsx", "*/app/**/page.tsx"]
+    exclude_files: []
+    note: "Checks that files matching the pattern also contain the anti_pattern. Flags files that have the pattern but NOT the anti_pattern."
+```
+
+## 8.3 Rule Schema
+
+```typescript
+const CustomRuleSchema = z.object({
+  name: z.string().max(64).describe("Unique rule identifier (kebab-case)"),
+  description: z.string().max(200).describe("Human-readable description of what the rule enforces"),
+  pattern: z.string().describe("Regex pattern to search for in files"),
+  anti_pattern: z.string().optional().describe("If provided, the rule flags files that match 'pattern' but do NOT contain 'anti_pattern'"),
+  severity: z.enum(["CRITICAL", "HIGH", "MEDIUM", "LOW"]).describe("Severity when the rule is violated"),
+  file_patterns: z.array(z.string()).describe("Glob patterns for files to scan (e.g., ['*.ts', '*.tsx'])"),
+  exclude_files: z.array(z.string()).default([]).describe("Files to exclude from this rule"),
+  note: z.string().optional().describe("Additional context about the rule"),
+});
+
+const RulesFileSchema = z.object({
+  rules: z.array(CustomRuleSchema),
+}).strict();
+```
+
+## 8.4 Integration with rebar_audit
+
+When `rebar_audit` runs:
+1. Check if `.rebar/rules.yaml` exists
+2. If yes, parse and validate against `RulesFileSchema`
+3. For each custom rule, scan matching files for the pattern
+4. If `anti_pattern` is specified, flag files that have `pattern` but NOT `anti_pattern`
+5. Add violations to the audit results under a "Custom Rules" section
+6. Include custom rule violations in the quality score calculation (same weights as built-in checks)
+
+## 8.5 New tool: `rebar_add_rule`
+
+```typescript
+server.registerTool(
+  "rebar_add_rule",
+  {
+    title: "Rebar Add Custom Rule",
+    description: "[Rebar] Adds a custom code quality rule to the project's .rebar/rules.yaml. Custom rules are evaluated during `rebar audit` alongside built-in checks.",
+    inputSchema: {
+      project_path: z.string(),
+      name: z.string().max(64).describe("Rule name in kebab-case"),
+      description: z.string().max(200).describe("What the rule enforces"),
+      pattern: z.string().describe("Regex to search for"),
+      anti_pattern: z.string().optional().describe("Regex that SHOULD be present when pattern is found"),
+      severity: z.enum(["CRITICAL", "HIGH", "MEDIUM", "LOW"]),
+      file_patterns: z.array(z.string()).describe("Glob patterns for files to scan"),
+      exclude_files: z.array(z.string()).default([]),
+      output_format: z.enum(["markdown", "json"]).default("markdown"),
+    },
+    annotations: {
+      readOnlyHint: false,
+      destructiveHint: false,
+      idempotentHint: true,
+      openWorldHint: false
+    }
+  },
+  // handler: reads existing rules.yaml (or creates new), adds rule, writes back
+);
+```
+
+## 8.6 Verification
+
+1. Create a `.rebar/rules.yaml` with a test rule that matches `console.log`
+2. Run `rebar_audit` and verify the custom rule catches `console.log` instances
+3. Verify custom rule violations appear in the audit output under "Custom Rules" section
+4. Verify custom rule violations affect the quality score
+5. Verify `rebar_add_rule` creates the YAML file if it doesn't exist
+6. Verify `rebar_add_rule` appends to existing rules without overwriting
+
+---
+
+# SECTION 9: TESTING REQUIREMENTS
+
+## 9.1 Rebrand Tests
+
+- All tool names in test assertions use `rebar_*` prefix
+- No test file references `ccboot` anywhere
+- `grep -r "ccboot" tests/` returns ZERO results
+
+## 9.2 Strictness Profile Tests
+
+- `getHooksForProfile("standard")` returns hooks where only danger-blocker and secret-detector have exit 2
+- `getHooksForProfile("strict")` returns hooks where lint and test hooks also have exit 2
+- `getHooksForProfile("paranoid")` returns all strict hooks plus file-size, any-type, and commit-completeness guards
+- `rebar_set_strictness` correctly replaces hooks in settings.json without duplicating
+
+## 9.3 Multi-Platform Tests
+
+- `rebar_init_project` with `platforms: ["cursor"]` creates `.cursor/rules/` directory with valid files
+- `rebar_init_project` with `platforms: ["windsurf"]` creates `.windsurf/rules/` directory with valid files
+- `rebar_init_project` with `platforms: ["codex"]` creates `AGENTS.md`
+- `rebar_init_project` with `platforms: ["all"]` creates config for all 4 platforms
+- All generated platform files contain the Mandatory Practices section
+- Cursor rules have `alwaysApply: true` in frontmatter
+- Windsurf rules have `trigger: always` in frontmatter
+
+## 9.4 Doctor Tests
+
+- Create a healthy project setup → all 10 checks PASS
+- Create a project with missing CLAUDE.md → Check 1 FAIL
+- Create a project with missing hooks → Check 2 FAIL
+- Create a project with empty skills → Check 3 FAIL or WARN
+- Overall health correctly calculated from check results
+
+## 9.5 CLI Tests
+
+- `runCLI(["version"])` prints version string
+- `runCLI(["help"])` prints help text
+- `runCLI(["audit", "--path", testDir])` returns audit results
+- `runCLI(["audit", "--threshold", "999"])` exits with code 1
+- `runCLI([])` does NOT crash (falls through to MCP server mode)
+
+## 9.6 Metrics Tests
+
+- Running `rebar_audit` creates `.rebar/metrics.json` if it doesn't exist
+- Running `rebar_audit` multiple times appends snapshots
+- Snapshot count never exceeds 100 (oldest dropped)
+- `rebar_metrics` correctly calculates score trend and improvement rate
+- `rebar_metrics` handles the case where only 1 snapshot exists (no trend to show)
+
+## 9.7 Badge Tests
+
+- `rebar_badge` generates valid SVG
+- Score >= 90 produces green badge (#4c1)
+- Score >= 70 produces yellow-green badge (#97ca00)
+- Score >= 50 produces yellow badge (#dfb317)
+- Score < 30 produces red badge (#e05d44)
+- Badge file is written to `.rebar/badge.svg`
+
+## 9.8 Custom Rules Tests
+
+- Valid `.rebar/rules.yaml` is parsed without errors
+- Invalid YAML produces a clear error message
+- Custom rule with `pattern` catches matching code
+- Custom rule with `anti_pattern` flags files that have pattern but not anti_pattern
+- Custom rule violations appear in audit output
+- Custom rule violations affect quality score
+- `rebar_add_rule` creates rules.yaml if it doesn't exist
+- `rebar_add_rule` appends without overwriting existing rules
+
+---
+
+# SECTION 10: README, CHANGELOG, AND PUBLISH
+
+## 10.1 README.md
+
+The README MUST follow this EXACT structure. Do not add extra sections. Do not remove any section.
+
+```markdown
+# Rebar
+
+**Reinforcement for AI-generated code.**
+
+Rebar prevents AI coding tools from shipping broken, incomplete, or insecure code. It embeds enforcement hooks, quality audits, and opinionated templates directly into your development environment — catching shortcuts at the moment of creation, not after the PR is opened.
+
+Works with: **Claude Code** • **Cursor** • **Windsurf** • **Codex CLI**
+
+![Rebar Quality Score](.rebar/badge.svg)
+
+---
+
+## What Rebar Does
+
+| Problem | Without Rebar | With Rebar |
+|---------|---------------|------------|
+| Claude skips tests | "I've completed the implementation" (no tests run) | Hook runs tests after every file change. Strict mode blocks until tests pass. |
+| Empty catch blocks | Errors silently swallowed | Audit detects and flags every empty catch block |
+| `any` types everywhere | TypeScript without type safety | Paranoid mode blocks files containing `any` |
+| Incomplete implementations | TODO comments shipped to production | Paranoid mode blocks commits with TODO/FIXME |
+| Hardcoded secrets | API keys in source code | Pre-commit hook detects and blocks secret patterns |
+| Destructive commands | `rm -rf /` | Pre-execution hook blocks dangerous commands |
+| Inconsistent setup | Every developer configures differently | One `rebar init` standardizes the entire team |
+
+---
+
+## Quick Start
+
+### As an MCP Server (Claude Code)
+
+```bash
+claude mcp add rebar -- npx rebar-mcp
+```
+
+Then in Claude Code:
+```
+> Initialize Rebar with strict enforcement
+```
+
+### As a CLI
+
+```bash
+# Initialize a project
+npx rebar-mcp init --strictness strict --platforms all
+
+# Audit code quality
+npx rebar-mcp audit --threshold 70
+
+# Check setup health
+npx rebar-mcp doctor
+```
+
+### In CI/CD
+
+```yaml
+# .github/workflows/rebar.yml
+- run: npx rebar-mcp audit --threshold 70 --format json
+```
+
+---
+
+## Strictness Profiles
+
+| Profile | Tests | Lint | Secrets | Danger | File Size | `any` Types | TODOs |
+|---------|-------|------|---------|--------|-----------|-------------|-------|
+| **Standard** | ⚠️ Notify | ⚠️ Notify | 🛑 Block | 🛑 Block | — | — | — |
+| **Strict** | 🛑 Block | 🛑 Block | 🛑 Block | 🛑 Block | — | — | — |
+| **Paranoid** | 🛑 Block | 🛑 Block | 🛑 Block | 🛑 Block | 🛑 Block >400 lines | 🛑 Block | 🛑 Block |
+
+```bash
+# Set strictness
+npx rebar-mcp set-strictness paranoid
+```
+
+---
+
+## What Gets Generated
+
+Running `rebar init` creates:
+
+**Claude Code:** CLAUDE.md, .claude/settings.json (enforcement hooks), .claude/skills/ (5 skills), .claude/agents/ (4 agents), .claudeignore
+
+**Cursor:** .cursor/rules/ (project rules + 4 skill rules)
+
+**Windsurf:** .windsurf/rules/ (project rules + 4 skill rules)
+
+**Codex CLI:** AGENTS.md
+
+---
+
+## Quality Audit
+
+```bash
+npx rebar-mcp audit
+```
+
+Checks for:
+1. TODO/FIXME/HACK/XXX comments
+2. Empty catch blocks
+3. `any` type usage
+4. console.log in production code
+5. Files over 400 lines
+6. Functions over 50 lines
+7. Hardcoded secrets
+8. Custom rules (.rebar/rules.yaml)
+
+Returns a quality score from 0–100.
+
+---
+
+## Custom Rules
+
+Add project-specific rules in `.rebar/rules.yaml`:
+
+```yaml
+rules:
+  - name: no-direct-axios
+    description: "Use the API client in src/lib/api.ts"
+    pattern: "import.*from ['\"]axios['\"]"
+    severity: HIGH
+    file_patterns: ["*.ts", "*.tsx"]
+    exclude_files: ["src/lib/api.ts"]
+```
+
+---
+
+## Metrics
+
+```bash
+npx rebar-mcp metrics --period 30d
+```
+
+Tracks quality score over time with trend analysis and improvement rate.
+
+---
+
+## Doctor
+
+```bash
+npx rebar-mcp doctor
+```
+
+Runs 10 health checks on your Rebar setup: CLAUDE.md presence, hook installation, skill configuration, context budget, cross-platform consistency, and more.
+
+---
+
+## License
+
+MIT
+```
+
+## 10.2 CHANGELOG.md
+
+```markdown
+## [2.0.0] - 2026-XX-XX
+
+### Breaking Changes
+- Renamed from `ccboot-mcp-server` to `rebar-mcp`
+- All tool names changed from `ccboot_*` to `rebar_*`
+- Package name changed to `rebar-mcp`
+- Binary name changed to `rebar`
+
+### Added
+- **Multi-platform support:** Generates configurations for Claude Code, Cursor, Windsurf, and Codex CLI
+- **Strictness profiles:** Standard (notify), Strict (block on test/lint failures), Paranoid (block on any types, file size, TODOs)
+- **`rebar doctor`:** 10-point health check for enforcement setup
+- **Standalone CLI:** `rebar init`, `rebar audit`, `rebar doctor`, `rebar metrics`, `rebar badge` commands
+- **CI/CD integration:** `rebar audit --threshold` exits with code 1 for pipeline gating
+- **Quality score tracking:** `.rebar/metrics.json` stores score history with trend analysis
+- **Quality score badge:** SVG badge generation for README embedding
+- **Custom rules engine:** `.rebar/rules.yaml` for project-specific quality rules
+- **`rebar_add_rule` tool:** Add custom rules via MCP or CLI
+- **`rebar_set_strictness` tool:** Change enforcement profile without re-initializing
+- **`rebar_metrics` tool:** View quality score trends and improvement rate
+
+### Changed
+- `rebar_init_project` now generates config for all detected AI coding platforms
+- `rebar_audit` (formerly `ccboot_audit_code_quality`) now supports custom rules and auto-generates metrics snapshots
+- All templates updated to include platform-specific formatting for Cursor and Windsurf
+```
+
+## 10.3 Publish
+
+```bash
+npm run build
+npm run test
+# Verify: grep -r "ccboot" src/ templates/ tests/ returns ZERO results
+# Verify: node dist/index.js version prints "rebar-mcp v2.0.0"
+# Verify: node dist/index.js help prints help text
+# Verify: node dist/index.js audit --path . returns audit results
+npm publish
+```
+
+Register on MCP registry:
+```bash
+# Update MCP registry listing from ccboot to rebar
+```
+
+---
+
+# FINAL CHECKLIST
+
+Before marking v2.0.0 as complete, verify ALL of the following:
+
+- [ ] `grep -r "ccboot" src/ templates/ tests/ package.json` returns ZERO results
+- [ ] Package name in package.json is `rebar-mcp`
+- [ ] Version is `2.0.0`
+- [ ] Binary name is `rebar`
+- [ ] All 15+ tools use `rebar_*` prefix
+- [ ] New tools registered: `rebar_set_strictness`, `rebar_doctor`, `rebar_metrics`, `rebar_badge`, `rebar_add_rule`
+- [ ] Strictness profiles: standard/strict/paranoid all generate correct hooks
+- [ ] Standard: only danger+secrets block. Strict: adds lint+test blocking. Paranoid: adds file size, any type, TODO blocking
+- [ ] `rebar_init_project` generates configs for Claude Code, Cursor, Windsurf, and Codex
+- [ ] `.cursor/rules/*.md` files have correct `alwaysApply: true` frontmatter
+- [ ] `.windsurf/rules/*.md` files have correct `trigger: always` frontmatter
+- [ ] `AGENTS.md` is generated for Codex with full mandatory practices
+- [ ] `rebar_doctor` performs all 10 health checks
+- [ ] CLI mode works: `rebar init`, `rebar audit`, `rebar doctor`, `rebar metrics`, `rebar badge`, `rebar set-strictness`, `rebar version`, `rebar help`
+- [ ] `rebar audit --threshold 70` exits with code 1 when score is below 70
+- [ ] `.rebar/metrics.json` is created/updated on every audit run
+- [ ] `rebar_metrics` shows score trend with ASCII chart
+- [ ] `rebar_badge` generates valid SVG with correct colors per score range
+- [ ] `.rebar/rules.yaml` custom rules are evaluated during audit
+- [ ] `rebar_add_rule` creates/appends to rules.yaml
+- [ ] `npm run build` passes with ZERO errors
+- [ ] `npm run test` passes with ALL tests green
+- [ ] README.md matches the structure in Section 10.1
+- [ ] CHANGELOG.md has the v2.0.0 entry
+- [ ] No TODO, FIXME, or placeholder text in any file
+
+If ANY item above is not checked, v2.0.0 is NOT complete. Do not publish.