redline-review 1.0.0

package/README.md

@@ -0,0 +1,239 @@
+# redline-review
+
+Adaptive AI code review skill for any frontier agent — context-aware, rule-driven, diff-native.
+
+`redline-review` assembles a focused review prompt from your git diff and injects only the rule categories relevant to your stack. Your agent (Claude Code, Copilot, Codex, etc.) performs the actual review using its own model. No API keys. No external calls.
+
+---
+
+## Getting started
+
+### Step 1 — Clone the repo
+
+```bash
+git clone https://github.com/nabil1440/redline-review
+cd redline-review
+```
+
+### Step 2 — Install dependencies and build
+
+```bash
+npm install
+```
+
+The build runs automatically as part of install (`prepare` script). You should see `tsc` compile without errors.
+
+### Step 3 — Install globally
+
+```bash
+npm link
+```
+
+This makes `redline-review` available as a global command from any directory on your machine.
+
+### Step 4 — Verify it works
+
+```bash
+which redline-review
+# → /path/to/node/bin/redline-review
+
+redline-review --help 2>&1 || redline-review | head -5
+```
+
+---
+
+## Using as a Claude Code command
+
+There are two ways to install the command — global (recommended) or per-project.
+
+### Global install — available in every project
+
+```bash
+mkdir -p ~/.claude/commands
+cp /path/to/redline-review/adapters/claude/redline-review.md ~/.claude/commands/redline-review.md
+```
+
+That's it. Open any project in Claude Code and `/redline-review` will be available immediately — no per-project setup needed.
+
+### Per-project install — scoped to one project
+
+```bash
+cd /your/project
+mkdir -p .claude/commands
+cp /path/to/redline-review/adapters/claude/redline-review.md .claude/commands/redline-review.md
+```
+
+### Step 6 — Use it in Claude Code
+
+Open any project in Claude Code and type:
+
+```
+/redline-review
+```
+
+Claude Code will:
+
+1. Run `redline-review` as a shell command
+2. Receive the assembled review prompt (rules + your git diff)
+3. Perform the code review inline using its own model
+
+You can pass flags directly:
+
+```
+/redline-review --stack laravel --type auth,backend
+/redline-review --prompt strict
+```
+
+---
+
+## How it works
+
+1. Detects your git diff automatically (`git diff main...HEAD`, falls back through `master...HEAD` → `HEAD~1` → `--cached`)
+2. **Auto-detects relevant rule categories** from the diff content (or uses your `--stack`/`--type` flags)
+3. Prints the assembled review prompt to stdout
+4. Your agent reads that prompt and performs the review — no external calls made by the CLI
+
+---
+
+## Flags
+
+### `--type` — focus by concern
+
+```bash
+redline-review --type auth
+redline-review --type auth,backend,performance
+```
+
+| Value           | Rule categories loaded                                      |
+| --------------- | ----------------------------------------------------------- |
+| `auth`          | auth, correctness                                           |
+| `security`      | auth, correctness, risk-patterns                            |
+| `performance`   | db-performance, system-performance, algorithmic-performance |
+| `backend`       | correctness, concurrency, observability                     |
+| `frontend`      | frontend, simplicity                                        |
+| `architecture`  | architecture, maintainability                               |
+| `concurrency`   | concurrency, correctness                                    |
+| `observability` | observability, correctness                                  |
+| `risk`          | risk-patterns, architecture                                 |
+
+### `--stack` — focus by technology
+
+```bash
+redline-review --stack laravel
+redline-review --stack go --type backend
+```
+
+| Stack               | Focus areas                                                 | Why                                             |
+| ------------------- | ----------------------------------------------------------- | ----------------------------------------------- |
+| `laravel`           | architecture, db-performance                                | ORM-heavy, layered architecture                 |
+| `inertia`           | frontend, architecture                                      | SSR frontend patterns                           |
+| `react`             | frontend                                                    | Component & state patterns                      |
+| `vue`               | frontend                                                    | Component & state patterns                      |
+| `svelte`            | frontend                                                    | Component & state patterns                      |
+| `node`              | concurrency, system-performance                             | Async I/O, event loop                           |
+| `django`            | architecture, db-performance                                | ORM, layered architecture                       |
+| `rails`             | architecture, db-performance                                | ORM, layered architecture                       |
+| `go`                | concurrency, system-performance, correctness, observability | Goroutines, error handling, distributed systems |
+| `csharp` / `dotnet` | architecture, correctness, concurrency, system-performance  | DDD/clean arch, async/await, nullability        |
+| `java`              | architecture, concurrency, db-performance, correctness      | Spring/JPA, Hibernate N+1, thread safety        |
+
+### `--prompt` — control review depth
+
+```bash
+redline-review --prompt base         # default
+redline-review --prompt strict       # CRITICAL and HIGH only + fix suggestions
+redline-review --prompt lightweight  # top 3 issues only
+```
+
+| Value            | Output                                            |
+| ---------------- | ------------------------------------------------- |
+| `base` (default) | All issues grouped CRITICAL → HIGH → MEDIUM → LOW |
+| `strict`         | CRITICAL and HIGH only, concrete fix per issue    |
+| `lightweight`    | Top 3 issues, one tight paragraph each            |
+
+---
+
+## Examples
+
+```bash
+# Auto-detect everything (recommended default)
+redline-review
+
+# Laravel + Inertia, focused on auth and backend
+redline-review --stack laravel,inertia --type auth,backend
+
+# Go service, strict pass (CRITICAL/HIGH only)
+redline-review --stack go --prompt strict
+
+# Java backend, quick scan
+redline-review --stack java --prompt lightweight
+
+# Security review, any stack
+redline-review --type security
+
+# Pipe to clipboard (macOS) — paste into any agent
+redline-review | pbcopy
+
+# Preview the prompt
+redline-review | head -80
+```
+
+---
+
+## Auto-detection
+
+When no `--type` or `--stack` flags are given, `redline-review` scans the diff for keyword patterns and loads only the matching rule files. For example:
+
+- Diff contains `middleware`, `policy`, `permission` → loads `auth.yaml`
+- Diff contains `goroutine`, `mutex`, `transaction` → loads `concurrency.yaml`
+- Diff contains `->with(`, `paginate`, `::all()` → loads `performance-db.yaml`
+- Diff contains `useState`, `useEffect`, `.tsx` → loads `frontend.yaml`
+
+If nothing is detected, falls back to `correctness + maintainability + risk-patterns`.
+
+Detected domains are printed to stderr so they don't pollute the prompt:
+
+```
+Domains (auto-detected): auth.yaml, concurrency.yaml, performance-db.yaml
+```
+
+---
+
+## Rule categories
+
+| Category                  | What it catches                                                |
+| ------------------------- | -------------------------------------------------------------- |
+| Auth & Authorization      | Missing auth checks, IDOR, privilege bypass, hardcoded roles   |
+| Correctness & Safety      | Swallowed exceptions, hidden side effects, bad error messages  |
+| Architecture & Design     | God classes, responsibility leakage, bad abstractions          |
+| Frontend Heuristics       | God components, duplicated state, prop drilling                |
+| Database Performance      | N+1 queries, unbounded queries, overfetching                   |
+| Algorithmic Performance   | Nested loops, brute-force, bad complexity                      |
+| System Performance        | Sync waterfalls, serialized I/O, excess roundtrips             |
+| Concurrency & Consistency | Race conditions, missing transactions, non-idempotent retries  |
+| Observability             | Sensitive data in logs, missing error logging, silent failures |
+| Simplicity & Clarity      | Redundant checks, nested conditionals, unclear naming          |
+| Maintainability           | Large functions, implicit mutations, future change friction    |
+| Risk Patterns             | Dangerous defaults, hidden blast radius, fragile assumptions   |
+
+---
+
+## Other agents
+
+Adapter files for other agents are in `adapters/`:
+
+| Agent          | File to use                                                                |
+| -------------- | -------------------------------------------------------------------------- |
+| Claude Code    | `adapters/claude/redline-review.md` → `.claude/commands/redline-review.md` |
+| GitHub Copilot | `adapters/copilot/redline-review.md` → `.github/copilot-instructions.md`   |
+| Codex CLI      | `adapters/codex/redline-review.md` → `AGENTS.md`                           |
+| OpenCode       | `adapters/opencode/redline-review.md` → `AGENTS.md`                        |
+| Anti-gravity   | `adapters/antigravity/redline-review.md`                                   |
+
+Each adapter follows the same pattern: run `redline-review`, take the output as the review task.
+
+---
+
+## License
+
+MIT

package/adapters/antigravity/redline-review.md

@@ -0,0 +1,32 @@
+# redline-review — Anti-gravity adapter
+
+## Setup
+
+```bash
+npm install -g redline-review
+```
+
+## Usage
+
+Run the CLI in your project root:
+
+```bash
+redline-review
+```
+
+Anti-gravity will receive the assembled review prompt. Use it as the task instructions for the code review.
+
+## Focused reviews
+
+```bash
+redline-review --type auth,performance
+redline-review --stack laravel,inertia --type backend,auth
+redline-review --prompt strict        # CRITICAL/HIGH severity only
+redline-review --prompt lightweight   # top 3 issues, quick scan
+```
+
+## One-shot (no global install)
+
+```bash
+npx redline-review
+```

package/adapters/claude/redline-review.md

@@ -0,0 +1,41 @@
+# redline-review
+
+Run `redline-review` (or `npx redline-review` if not globally installed) in the current project root.
+
+The CLI assembles a focused code review prompt from the git diff and the installed rule set, then prints it to stdout.
+
+**Take that output and use it as your task.** Perform the code review based on the prompt content.
+
+## Install
+
+```bash
+npm install -g redline-review
+```
+
+## Usage
+
+```bash
+# All rules (default — base branch auto-detected)
+redline-review
+
+# Pin the base branch explicitly (use when auto-detection picks the wrong base)
+redline-review --base origin/develop
+redline-review --base develop
+
+# Focused by review type
+redline-review --type auth,performance
+
+# Focused by stack
+redline-review --stack laravel,inertia --type backend,auth
+
+# Strict mode (CRITICAL/HIGH only)
+redline-review --prompt strict
+
+# Quick scan (top 3 issues)
+redline-review --prompt lightweight
+```
+
+## How to use as a Claude Code skill
+
+Place this file at `.claude/commands/redline-review.md` in your project.
+Then invoke it with `/redline-review` in Claude Code.

package/adapters/codex/redline-review.md

@@ -0,0 +1,38 @@
+# redline-review — Codex adapter
+
+## Setup
+
+```bash
+npm install -g redline-review
+```
+
+## Usage with Codex CLI
+
+Add to your project's `AGENTS.md`:
+
+```markdown
+## Code Review
+
+When performing a code review, always run `redline-review` first:
+
+```bash
+redline-review
+```
+
+Use the output as your review instructions. Do not perform the review without it.
+```
+
+## Focused reviews
+
+```bash
+redline-review --type auth,performance
+redline-review --stack laravel --type backend,auth
+redline-review --prompt strict        # CRITICAL/HIGH only
+redline-review --prompt lightweight   # top 3 issues
+```
+
+## One-shot (no global install)
+
+```bash
+npx redline-review
+```

package/adapters/copilot/redline-review.md

@@ -0,0 +1,38 @@
+# redline-review — GitHub Copilot adapter
+
+## Setup
+
+```bash
+npm install -g redline-review
+```
+
+## Usage with GitHub Copilot (VS Code)
+
+Add to `.github/copilot-instructions.md` in your project:
+
+```markdown
+## Code Review Instructions
+
+When asked to review code or a PR, first run this command in the terminal:
+
+```bash
+redline-review
+```
+
+Take the full output and treat it as your review instructions. Perform the review based on the rules and diff provided.
+```
+
+## Focused reviews
+
+In the Copilot Chat panel, ask it to run:
+
+```bash
+redline-review --type auth,performance
+redline-review --stack laravel,inertia --type backend
+redline-review --prompt strict
+redline-review --prompt lightweight
+```
+
+## Workspace instructions path
+
+`.github/copilot-instructions.md` is loaded automatically by Copilot in VS Code for workspace-level context.

package/adapters/opencode/redline-review.md

@@ -0,0 +1,34 @@
+# redline-review — OpenCode adapter
+
+## Setup
+
+```bash
+npm install -g redline-review
+```
+
+## Usage in OpenCode
+
+Run the CLI as a shell command within your OpenCode session:
+
+```bash
+redline-review
+```
+
+OpenCode will receive the assembled review prompt as output. Use it as the basis for your review task.
+
+## Focused reviews
+
+```bash
+redline-review --type auth,performance
+redline-review --stack laravel,inertia --type backend
+redline-review --prompt strict
+redline-review --prompt lightweight
+```
+
+## Integration tip
+
+Add to your project's `AGENTS.md` or OpenCode instructions:
+
+```markdown
+When asked to review code, run `redline-review` first and use the output as your review criteria.
+```

package/bin/redline-review

@@ -0,0 +1,4 @@
+#!/usr/bin/env node
+'use strict';
+
+require('../dist/redline-review.js');

package/dist/build-context.d.ts

@@ -0,0 +1,6 @@
+export interface ReviewContext {
+    stack?: string[];
+    reviewType?: string[];
+}
+export declare function buildReviewContext(context: ReviewContext): string[];
+//# sourceMappingURL=build-context.d.ts.map

package/dist/build-context.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"build-context.d.ts","sourceRoot":"","sources":["../src/build-context.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;CACvB;AA6BD,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,aAAa,GAAG,MAAM,EAAE,CAkBnE"}

package/dist/build-context.js

@@ -0,0 +1,47 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.buildReviewContext = buildReviewContext;
+const REVIEW_TYPE_MAP = {
+    auth: ['auth.yaml', 'correctness.yaml'],
+    security: ['auth.yaml', 'correctness.yaml', 'risk-patterns.yaml'],
+    performance: ['performance-db.yaml', 'performance-system.yaml', 'performance-algorithmic.yaml'],
+    backend: ['correctness.yaml', 'concurrency.yaml', 'observability.yaml'],
+    frontend: ['frontend.yaml', 'simplicity.yaml'],
+    architecture: ['architecture.yaml', 'maintainability.yaml'],
+    concurrency: ['concurrency.yaml', 'correctness.yaml'],
+    observability: ['observability.yaml', 'correctness.yaml'],
+    risk: ['risk-patterns.yaml', 'architecture.yaml'],
+};
+const STACK_MAP = {
+    laravel: ['architecture.yaml', 'performance-db.yaml'],
+    inertia: ['frontend.yaml', 'architecture.yaml'],
+    react: ['frontend.yaml'],
+    vue: ['frontend.yaml'],
+    svelte: ['frontend.yaml'],
+    node: ['concurrency.yaml', 'performance-system.yaml'],
+    django: ['architecture.yaml', 'performance-db.yaml'],
+    rails: ['architecture.yaml', 'performance-db.yaml'],
+    go: ['concurrency.yaml', 'performance-system.yaml', 'correctness.yaml', 'observability.yaml'],
+    csharp: ['architecture.yaml', 'correctness.yaml', 'concurrency.yaml', 'performance-system.yaml'],
+    dotnet: ['architecture.yaml', 'correctness.yaml', 'concurrency.yaml', 'performance-system.yaml'],
+    java: ['architecture.yaml', 'concurrency.yaml', 'performance-db.yaml', 'correctness.yaml'],
+};
+function buildReviewContext(context) {
+    const files = new Set();
+    if (context.reviewType && context.reviewType.length > 0) {
+        for (const type of context.reviewType) {
+            const mapped = REVIEW_TYPE_MAP[type.toLowerCase().trim()];
+            if (mapped)
+                mapped.forEach(f => files.add(f));
+        }
+    }
+    if (context.stack && context.stack.length > 0) {
+        for (const s of context.stack) {
+            const mapped = STACK_MAP[s.toLowerCase().trim()];
+            if (mapped)
+                mapped.forEach(f => files.add(f));
+        }
+    }
+    return Array.from(files);
+}
+//# sourceMappingURL=build-context.js.map

package/dist/build-context.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"build-context.js","sourceRoot":"","sources":["../src/build-context.ts"],"names":[],"mappings":";;AAgCA,gDAkBC;AA7CD,MAAM,eAAe,GAA6B;IAChD,IAAI,EAAU,CAAC,WAAW,EAAE,kBAAkB,CAAC;IAC/C,QAAQ,EAAM,CAAC,WAAW,EAAE,kBAAkB,EAAE,oBAAoB,CAAC;IACrE,WAAW,EAAG,CAAC,qBAAqB,EAAE,yBAAyB,EAAE,8BAA8B,CAAC;IAChG,OAAO,EAAO,CAAC,kBAAkB,EAAE,kBAAkB,EAAE,oBAAoB,CAAC;IAC5E,QAAQ,EAAM,CAAC,eAAe,EAAE,iBAAiB,CAAC;IAClD,YAAY,EAAE,CAAC,mBAAmB,EAAE,sBAAsB,CAAC;IAC3D,WAAW,EAAG,CAAC,kBAAkB,EAAE,kBAAkB,CAAC;IACtD,aAAa,EAAC,CAAC,oBAAoB,EAAE,kBAAkB,CAAC;IACxD,IAAI,EAAU,CAAC,oBAAoB,EAAE,mBAAmB,CAAC;CAC1D,CAAC;AAEF,MAAM,SAAS,GAA6B;IAC1C,OAAO,EAAE,CAAC,mBAAmB,EAAE,qBAAqB,CAAC;IACrD,OAAO,EAAE,CAAC,eAAe,EAAE,mBAAmB,CAAC;IAC/C,KAAK,EAAI,CAAC,eAAe,CAAC;IAC1B,GAAG,EAAM,CAAC,eAAe,CAAC;IAC1B,MAAM,EAAG,CAAC,eAAe,CAAC;IAC1B,IAAI,EAAK,CAAC,kBAAkB,EAAE,yBAAyB,CAAC;IACxD,MAAM,EAAG,CAAC,mBAAmB,EAAE,qBAAqB,CAAC;IACrD,KAAK,EAAI,CAAC,mBAAmB,EAAE,qBAAqB,CAAC;IACrD,EAAE,EAAO,CAAC,kBAAkB,EAAE,yBAAyB,EAAE,kBAAkB,EAAE,oBAAoB,CAAC;IAClG,MAAM,EAAG,CAAC,mBAAmB,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,yBAAyB,CAAC;IACjG,MAAM,EAAG,CAAC,mBAAmB,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,yBAAyB,CAAC;IACjG,IAAI,EAAK,CAAC,mBAAmB,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,kBAAkB,CAAC;CAC9F,CAAC;AAEF,SAAgB,kBAAkB,CAAC,OAAsB;IACvD,MAAM,KAAK,GAAG,IAAI,GAAG,EAAU,CAAC;IAEhC,IAAI,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxD,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YACtC,MAAM,MAAM,GAAG,eAAe,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;YAC1D,IAAI,MAAM;gBAAE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED,IAAI,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9C,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAC9B,MAAM,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;YACjD,IAAI,MAAM;gBAAE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC3B,CAAC"}

package/dist/detect-domains.d.ts

@@ -0,0 +1,2 @@
+export declare function detectRelevantDomains(diff: string): string[];
+//# sourceMappingURL=detect-domains.d.ts.map

package/dist/detect-domains.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"detect-domains.d.ts","sourceRoot":"","sources":["../src/detect-domains.ts"],"names":[],"mappings":"AAuDA,wBAAgB,qBAAqB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,CAU5D"}

package/dist/detect-domains.js

@@ -0,0 +1,66 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.detectRelevantDomains = detectRelevantDomains;
+const DOMAIN_MAP = [
+    {
+        // Auth: guards, policies, tokens, permission checks
+        pattern: /\b(middleware|guard|policy|permission|role|token|session|jwt|oauth|login|logout|authenticate|authoriz|Gate::|Can::|@auth|sanctum|passport|allowlist|denylist|acl)\b/i,
+        file: 'auth.yaml',
+    },
+    {
+        // Concurrency: async coordination, locks, transactions, goroutines
+        pattern: /\b(queue|retry|idempotent|mutex|goroutine|chan\b|sync\.|synchronized|ExecutorService|Thread\.|deadlock|race\s+condition|semaphore|CancellationToken|lock\(|Interlocked|volatile)\b|\btransaction\b/i,
+        file: 'concurrency.yaml',
+    },
+    {
+        // DB performance: ORM patterns, unbounded queries, N+1
+        pattern: /(->with\(|->load\(|->whereHas\(|::all\(\)|\.getAll\(|findAll\(|paginate|\.chunk\(|N\+1|eager|lazy\s+load|SELECT\s+\*|GROUP\s+BY|@Query|EntityManager|JpaRepository|\.save\(|\.flush\()/i,
+        file: 'performance-db.yaml',
+    },
+    {
+        // System performance: network I/O, HTTP calls, parallelism
+        pattern: /\b(fetch\(|axios\.|http\.get|http\.post|curl|gRPC|HttpClient|WebClient|RestTemplate|Promise\.all|Promise\.allSettled|parallel|pipeline|batch|roundtrip)\b/i,
+        file: 'performance-system.yaml',
+    },
+    {
+        // Observability: logging, tracing, metrics, error capture
+        pattern: /\b(log\.|log\(|logger\.|Logger\.|trace\(|metric|monitor|Sentry|Datadog|NewRelic|Honeybadger|Rollbar|Bugsnag|dd\.|opentelemetry|tracing)\b/i,
+        file: 'observability.yaml',
+    },
+    {
+        // Simplicity: nested conditions, complex boolean logic
+        pattern: /\bif\s*\(.*&&.*&&|\belse\s+if\b|\bswitch\s*\(|(\?\s*[^:]+\s*:\s*[^:]+\s*:\s*)|\bternary\b/i,
+        file: 'simplicity.yaml',
+    },
+    {
+        // Architecture: classes, services, repositories, DI patterns
+        pattern: /\b(class\s+\w|interface\s+\w|abstract\s+class|implements\b|extends\b|@Service|@Repository|@Controller|@Component|@Injectable|ServiceProvider|DependencyInjection|namespace\s+App)\b/i,
+        file: 'architecture.yaml',
+    },
+    {
+        // Frontend: React/Vue/Svelte component patterns
+        pattern: /\b(useState|useEffect|useCallback|useMemo|useRef|useContext|props\b|emit\(|<template>|<script\s+setup|defineComponent|createApp|svelte|\.svelte)\b|\.jsx\b|\.tsx\b/i,
+        file: 'frontend.yaml',
+    },
+    {
+        // Algorithmic performance: loops, sorting, brute-force patterns
+        pattern: /\b(for\s*\(.*for\s*\(|forEach.*forEach|\.sort\(|\.filter\(.*\.filter\(|\.map\(.*\.map\(|O\(n\^2\)|nested\s+loop)\b/i,
+        file: 'performance-algorithmic.yaml',
+    },
+    {
+        // Risk: dangerous flags, production settings, admin ops
+        pattern: /\b(skipAuth|bypassAuth|isProduction\s*=\s*false|dryRun\s*=\s*false|force\s*=\s*true|deleteAll|truncate|drop\s+table|TRUNCATE|sudo|runAsRoot|disable.*check)\b/i,
+        file: 'risk-patterns.yaml',
+    },
+];
+const FALLBACK_FILES = ['correctness.yaml', 'maintainability.yaml', 'risk-patterns.yaml'];
+function detectRelevantDomains(diff) {
+    const detected = new Set();
+    for (const { pattern, file } of DOMAIN_MAP) {
+        if (pattern.test(diff)) {
+            detected.add(file);
+        }
+    }
+    return detected.size > 0 ? Array.from(detected) : FALLBACK_FILES;
+}
+//# sourceMappingURL=detect-domains.js.map

package/dist/detect-domains.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"detect-domains.js","sourceRoot":"","sources":["../src/detect-domains.ts"],"names":[],"mappings":";;AAuDA,sDAUC;AAjED,MAAM,UAAU,GAA6C;IAC3D;QACE,oDAAoD;QACpD,OAAO,EAAE,sKAAsK;QAC/K,IAAI,EAAE,WAAW;KAClB;IACD;QACE,mEAAmE;QACnE,OAAO,EAAE,qMAAqM;QAC9M,IAAI,EAAE,kBAAkB;KACzB;IACD;QACE,uDAAuD;QACvD,OAAO,EAAE,yLAAyL;QAClM,IAAI,EAAE,qBAAqB;KAC5B;IACD;QACE,2DAA2D;QAC3D,OAAO,EAAE,4JAA4J;QACrK,IAAI,EAAE,yBAAyB;KAChC;IACD;QACE,0DAA0D;QAC1D,OAAO,EAAE,4IAA4I;QACrJ,IAAI,EAAE,oBAAoB;KAC3B;IACD;QACE,uDAAuD;QACvD,OAAO,EAAE,4FAA4F;QACrG,IAAI,EAAE,iBAAiB;KACxB;IACD;QACE,6DAA6D;QAC7D,OAAO,EAAE,sLAAsL;QAC/L,IAAI,EAAE,mBAAmB;KAC1B;IACD;QACE,gDAAgD;QAChD,OAAO,EAAE,qKAAqK;QAC9K,IAAI,EAAE,eAAe;KACtB;IACD;QACE,gEAAgE;QAChE,OAAO,EAAE,qHAAqH;QAC9H,IAAI,EAAE,8BAA8B;KACrC;IACD;QACE,wDAAwD;QACxD,OAAO,EAAE,gKAAgK;QACzK,IAAI,EAAE,oBAAoB;KAC3B;CACF,CAAC;AAEF,MAAM,cAAc,GAAG,CAAC,kBAAkB,EAAE,sBAAsB,EAAE,oBAAoB,CAAC,CAAC;AAE1F,SAAgB,qBAAqB,CAAC,IAAY;IAChD,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAC;IAEnC,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,UAAU,EAAE,CAAC;QAC3C,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvB,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACrB,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC;AACnE,CAAC"}

package/dist/redline-review.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=redline-review.d.ts.map

package/dist/redline-review.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"redline-review.d.ts","sourceRoot":"","sources":["../src/redline-review.ts"],"names":[],"mappings":""}