semlint-cli 0.1.6 → 0.1.9

package/.semlint/rules/SEMLINT_COUPLING_004.json

@@ -0,0 +1,8 @@
+{
+  "id": "SEMLINT_COUPLING_004",
+  "title": "Check for unwanted hidden coupling",
+  "severity_default": "warn",
+  "include_globs": [],
+  "exclude_globs": [],
+  "prompt": "Flag any coupling that is not obvious at first glance. (hidden/implicit coupling, and forms of connascence)"
+}

package/.semlint/rules/SEMLINT_NAMING_001.json

@@ -0,0 +1,8 @@
+{
+  "id": "SEMLINT_NAMING_001",
+  "title": "Ambient naming convention consistency",
+  "severity_default": "warn",
+  "include_globs": [],
+  "exclude_globs": [],
+  "prompt": "Verify naming is consistent with the ambient naming conventions already used in surrounding code. Both in term of semantic and casing."
+}

package/.semlint/rules/SEMLINT_PATTERN_002.json

@@ -0,0 +1,8 @@
+{
+  "id": "SEMLINT_PATTERN_002",
+  "title": "Ambient pattern is respected",
+  "severity_default": "warn",
+  "include_globs": [],
+  "exclude_globs": [],
+  "prompt": "Any change that breaks an established local pattern should be flagged by default. Consistency with adjacent implementations is the enforced invariant."
+}

package/.semlint/rules/SEMLINT_SWE_003.json

@@ -0,0 +1,8 @@
+{
+  "id": "SEMLINT_SWE_003",
+  "title": "Obvious SWE mistakes",
+  "severity_default": "warn",
+  "include_globs": [],
+  "exclude_globs": [],
+  "prompt": "Find obvious software-engineering mistakes in the proposed change that are likely unintended. Do not nitpick style or architecture unless the issue is clearly harmful. Report only high-signal findings."
+}

package/README.md

@@ -1,5 +1,13 @@
 # Semlint CLI MVP
 
+## Motivation
+
+Upstream instruction files (`AGENTS.md`, `CURSOR.md`, etc.) are the standard way to guide coding agents — but a [recent study (Gloaguen et al., 2026)](https://arxiv.org/abs/2602.11988) found that such context files tend to *reduce* task success rates compared to providing no context at all, while increasing inference cost by over 20%. The root cause: agents respect the instructions, but unnecessary or over-specified requirements make tasks harder, with no feedback mechanism to catch when rules are ignored or misapplied.
+
+Semlint takes a different approach. Instead of providing guidance upfront and hoping for the best, rules are enforced *after the fact* as a lint pass on the diff — giving agents a deterministic red/green signal and closing the feedback loop.
+
+---
+
 Semlint is a deterministic semantic lint CLI that:
 
 - reads a git diff,
@@ -43,6 +51,7 @@ pnpm check
 - `--head <ref>`: head git ref for explicit ref-to-ref diff
 - `--fail-on <error|warn|never>`: failure threshold (default `error`)
 - `--batch`: run all selected rules in one backend call
+- `--yes` / `-y`: auto-accept diff file confirmation (useful for CI)
 - `--debug`: enable debug logs to stderr
 - `init --force`: overwrite an existing `semlint.json`
 
@@ -55,6 +64,9 @@ Default diff behavior (without `--base`/`--head`) uses your local branch state:
 
 If you pass `--base` or `--head`, Semlint uses explicit `git diff <base> <head>` mode.
 
+Before backend execution, Semlint shows the included and excluded diff files and asks for confirmation by default.
+Use `--yes` / `-y` to skip this prompt.
+
 ## Exit codes
 
 - `0`: no blocking diagnostics
@@ -84,8 +96,14 @@ Unknown fields are ignored.
   "execution": {
     "batch": false
   },
+  "security": {
+    "secret_guard": true,
+    "allow_patterns": [],
+    "allow_files": [],
+    "ignore_files": [".gitignore", ".cursorignore", ".semlintignore", ".cursoringore"]
+  },
   "rules": {
-    "disable": ["SEMLINT_EXAMPLE_001"],
+    "disable": [],
     "severity_overrides": {
       "SEMLINT_API_001": "error"
     }
@@ -116,11 +134,11 @@ This creates `./semlint.json` and auto-detects installed coding agent CLIs in th
 
 If no known CLI is detected, Semlint falls back to `cursor-cli` + executable `cursor`.
 
-Use `semlint init --force` to overwrite an existing config file. Init also creates `.semlint/rules/` and a starter rule `SEMLINT_EXAMPLE_001.json` (with a placeholder title and prompt) if they do not exist.
+Use `semlint init --force` to overwrite an existing config file. Init also creates `.semlint/rules/` and copies the bundled Semlint rule files into it.
 
 ## Rule files
 
-Rule JSON files are loaded from `.semlint/rules/`. Run `semlint init` to create this folder and an example rule you can edit.
+Rule JSON files are loaded from `.semlint/rules/`. Run `semlint init` to create this folder and copy bundled rules into it.
 
 Required fields:
 
@@ -187,6 +205,43 @@ If parsing fails, Semlint retries once with appended instruction:
 
 If backend execution still fails and Semlint is running in an interactive terminal (TTY), it automatically performs one interactive passthrough run so you can satisfy backend setup prompts (for example auth/workspace trust), then retries machine parsing once.
 
+## Secret guard
+
+Semlint uses a fail-closed secret guard before any backend call:
+
+- Filters diff chunks using path ignore rules from `.gitignore`, `.cursorignore`, `.semlintignore`
+- Applies additional built-in sensitive path deny patterns (`.env*`, key files, secrets/credentials folders)
+- Scans added diff lines for high-signal secret keywords and token prefixes (password/token/api key/private key/JWT/provider key prefixes)
+- If any potential secrets are found, Semlint exits with code `2` and sends nothing to the backend
+
+Config:
+
+```json
+{
+  "security": {
+    "secret_guard": true,
+    "allow_patterns": [],
+    "allow_files": [],
+    "ignore_files": [".gitignore", ".cursorignore", ".semlintignore", ".cursoringore"]
+  }
+}
+```
+
+- `secret_guard`: enable/disable secret blocking (default `true`)
+- `allow_patterns`: regex list to suppress known-safe fixtures from triggering the guard
+- `allow_files`: file glob allowlist to skip secret scanning for known-safe files (example: `["src/test-fixtures/**"]`)
+- `ignore_files`: ignore files Semlint reads for path-level filtering (default: `.gitignore`, `.cursorignore`, `.semlintignore`, `.cursoringore`)
+
+Ignore file patterns are evaluated with standard gitignore semantics (including basename matching and `!` negation).
+
+## Security responsibility model
+
+Security in Semlint is shared, and the repository owner remains responsible for secure setup:
+
+- **Diff-level (your responsibility):** carefully configure ignore files and Semlint security settings so sensitive files/content never enter the analyzed diff.
+- **Semlint guard (best-effort control):** Semlint filters diff paths and scans added lines, but this is not a complete prevention system.
+- **Agent/runtime level (handled by your backend tool):** after Semlint sends a prompt to your configured CLI, what the agent can do is controlled by the native agent/backend configuration.
+
 ## Prompt files
 
 Core system prompts are externalized under `prompts/` so prompt behavior is easy to inspect and iterate:

package/dist/cli.js

@@ -7,18 +7,22 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const picocolors_1 = __importDefault(require("picocolors"));
 const init_1 = require("./init");
 const main_1 = require("./main");
+const security_1 = require("./security");
 const HELP_TEXT = [
     "Usage:",
-    "  semlint check [--backend <name>] [--model <name>] [--config <path>] [--format <text|json>] [--base <ref>] [--head <ref>] [--fail-on <error|warn|never>] [--batch] [--debug]",
-    "  semlint init [--force]",
-    "  semlint --help",
+    " semlint-cli check [--backend <name>] [--model <name>] [--config <path>] [--format <text|json>] [--base <ref>] [--head <ref>] [--fail-on <error|warn|never>] [--batch] [--yes|-y] [--debug]",
+    " semlint-cli init [--force]",
+    " semlint-cli security",
+    " semlint-cli --help",
     "",
     "Commands:",
     "  check   Run semantic lint rules against your git diff",
     "  init    Create semlint.json, .semlint/rules/, and an example rule to edit",
+    "  security  Show security responsibility guidance",
     "",
     "Options:",
-    "  -h, --help   Show this help text"
+    "  -h, --help   Show this help text",
+    "  -y, --yes    Auto-accept diff file confirmation"
 ].join("\n");
 class HelpRequestedError extends Error {
     constructor() {
@@ -45,7 +49,7 @@ function parseArgs(argv) {
         throw new HelpRequestedError();
     }
     const [command, ...rest] = argv;
-    if (!command || (command !== "check" && command !== "init")) {
+    if (!command || (command !== "check" && command !== "init" && command !== "security")) {
         throw new Error(HELP_TEXT);
     }
     if (command === "init") {
@@ -62,12 +66,25 @@ function parseArgs(argv) {
         }
         return options;
     }
+    if (command === "security") {
+        if (rest.length > 0) {
+            throw new Error(`Unknown flag for security: ${rest[0]}`);
+        }
+        return {
+            command: "security",
+            debug: false
+        };
+    }
     const options = {
         command: "check",
         debug: false
     };
     for (let i = 0; i < rest.length; i += 1) {
         const token = rest[i];
+        if (token === "--yes" || token === "-y") {
+            options.autoAccept = true;
+            continue;
+        }
         if (token === "--debug") {
             options.debug = true;
             continue;
@@ -121,7 +138,11 @@ function parseArgs(argv) {
 async function main() {
     try {
         const options = parseArgs(process.argv.slice(2));
-        const exitCode = options.command === "init" ? (0, init_1.scaffoldConfig)(options.force) : await (0, main_1.runSemlint)(options);
+        const exitCode = options.command === "init"
+            ? (0, init_1.scaffoldConfig)(options.force)
+            : options.command === "security"
+                ? (0, security_1.printSecurityGuide)()
+                : await (0, main_1.runSemlint)(options);
         process.exitCode = exitCode;
     }
     catch (error) {

package/dist/config.js

@@ -20,7 +20,15 @@ const DEFAULTS = {
     batchMode: false,
     rulesDisable: [],
     severityOverrides: {},
-    backendConfigs: {}
+    rulesIncludeGlobs: [],
+    rulesExcludeGlobs: [],
+    backendConfigs: {},
+    security: {
+        secretGuard: true,
+        allowPatterns: [],
+        ignoreFiles: [".gitignore", ".cursorignore", ".semlintignore"],
+        allowFiles: []
+    }
 };
 function readJsonIfExists(filePath) {
     if (!node_fs_1.default.existsSync(filePath)) {
@@ -81,6 +89,63 @@ function sanitizeBackendConfigs(value) {
         return [[name, { executable, args: normalizedArgs, model: model && model !== "" ? model : undefined }]];
     }));
 }
+function sanitizeAllowPatterns(value) {
+    if (!Array.isArray(value)) {
+        return [];
+    }
+    return value.flatMap((candidate) => {
+        if (typeof candidate !== "string" || candidate.trim() === "") {
+            return [];
+        }
+        try {
+            new RegExp(candidate);
+            return [candidate];
+        }
+        catch {
+            return [];
+        }
+    });
+}
+function sanitizeIgnoreFiles(value) {
+    if (!Array.isArray(value)) {
+        return [...DEFAULTS.security.ignoreFiles];
+    }
+    const normalized = value.flatMap((candidate) => {
+        if (typeof candidate !== "string") {
+            return [];
+        }
+        const trimmed = candidate.trim();
+        if (trimmed === "") {
+            return [];
+        }
+        return [trimmed];
+    });
+    return normalized.length > 0 ? normalized : [...DEFAULTS.security.ignoreFiles];
+}
+function sanitizeAllowFiles(value) {
+    if (!Array.isArray(value)) {
+        return [];
+    }
+    return value.flatMap((candidate) => {
+        if (typeof candidate !== "string") {
+            return [];
+        }
+        const trimmed = candidate.trim();
+        return trimmed === "" ? [] : [trimmed];
+    });
+}
+function sanitizeGlobList(value) {
+    if (!Array.isArray(value)) {
+        return [];
+    }
+    return value.flatMap((candidate) => {
+        if (typeof candidate !== "string") {
+            return [];
+        }
+        const trimmed = candidate.trim();
+        return trimmed === "" ? [] : [trimmed];
+    });
+}
 function ensureSelectedBackendIsConfigured(backend, backendConfigs) {
     if (!(backend in backendConfigs)) {
         throw new Error(`Backend "${backend}" is not configured. Add it under backends.${backend} with executable and args (including "{prompt}") in semlint.json.`);
@@ -113,6 +178,16 @@ function loadEffectiveConfig(options) {
             ? fileConfig.rules?.disable.filter((item) => typeof item === "string")
             : DEFAULTS.rulesDisable,
         severityOverrides: sanitizeSeverityOverrides((fileConfig.rules?.severity_overrides ?? undefined)),
-        backendConfigs
+        rulesIncludeGlobs: sanitizeGlobList(fileConfig.rules?.include_globs),
+        rulesExcludeGlobs: sanitizeGlobList(fileConfig.rules?.exclude_globs),
+        backendConfigs,
+        security: {
+            secretGuard: typeof fileConfig.security?.secret_guard === "boolean"
+                ? fileConfig.security.secret_guard
+                : DEFAULTS.security.secretGuard,
+            allowPatterns: sanitizeAllowPatterns(fileConfig.security?.allow_patterns),
+            ignoreFiles: sanitizeIgnoreFiles(fileConfig.security?.ignore_files),
+            allowFiles: sanitizeAllowFiles(fileConfig.security?.allow_files)
+        }
     };
 }

package/dist/diff.js

@@ -0,0 +1,54 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseDiffGitHeader = parseDiffGitHeader;
+exports.splitDiffIntoFileChunks = splitDiffIntoFileChunks;
+function unquoteDiffPath(raw) {
+    if (raw.startsWith("\"") && raw.endsWith("\"") && raw.length >= 2) {
+        return raw.slice(1, -1).replace(/\\"/g, "\"").replace(/\\\\/g, "\\");
+    }
+    return raw;
+}
+function parseDiffGitHeader(line) {
+    const match = line.match(/^diff --git (?:"a\/((?:[^"\\]|\\.)+)"|a\/(\S+)) (?:"b\/((?:[^"\\]|\\.)+)"|b\/(\S+))$/);
+    if (!match) {
+        return undefined;
+    }
+    const aRaw = match[1] ?? match[2];
+    const bRaw = match[3] ?? match[4];
+    if (!aRaw || !bRaw) {
+        return undefined;
+    }
+    return {
+        aPath: unquoteDiffPath(aRaw),
+        bPath: unquoteDiffPath(bRaw)
+    };
+}
+function splitDiffIntoFileChunks(diff) {
+    const lines = diff.split("\n");
+    const chunks = [];
+    let currentLines = [];
+    let currentFile = "";
+    const flush = () => {
+        if (currentLines.length === 0) {
+            return;
+        }
+        chunks.push({
+            file: currentFile,
+            chunk: currentLines.join("\n")
+        });
+        currentLines = [];
+        currentFile = "";
+    };
+    for (const line of lines) {
+        if (line.startsWith("diff --git ")) {
+            flush();
+            const parsed = parseDiffGitHeader(line);
+            if (parsed) {
+                currentFile = parsed.bPath;
+            }
+        }
+        currentLines.push(line);
+    }
+    flush();
+    return chunks;
+}

package/dist/dispatch.js

@@ -24,7 +24,7 @@ async function runBatchDispatch(input) {
     let backendErrors = 0;
     (0, utils_1.debugLog)(config.debug, `Running ${rules.length} rule(s) in batch mode`);
     const combinedDiff = rules
-        .map((rule) => (0, filter_1.buildScopedDiff)(rule, diff, changedFiles))
+        .map((rule) => (0, filter_1.buildScopedDiff)(rule, diff, changedFiles, config.rulesIncludeGlobs, config.rulesExcludeGlobs))
         .filter((chunk) => chunk.trim() !== "")
         .join("\n");
     const batchPrompt = buildBatchPrompt(rules, combinedDiff || diff);
@@ -68,7 +68,7 @@ async function runParallelDispatch(input) {
     const runResults = await Promise.all(rules.map(async (rule) => {
         const ruleStartedAt = Date.now();
         (0, utils_1.debugLog)(config.debug, `Rule ${rule.id}: started`);
-        const scopedDiff = (0, filter_1.buildScopedDiff)(rule, diff, changedFiles);
+        const scopedDiff = (0, filter_1.buildScopedDiff)(rule, diff, changedFiles, config.rulesIncludeGlobs, config.rulesExcludeGlobs);
         const prompt = (0, filter_1.buildRulePrompt)(rule, scopedDiff);
         try {
             const result = await backend.runRule({

package/dist/filter.js

@@ -8,29 +8,9 @@ exports.getRuleCandidateFiles = getRuleCandidateFiles;
 exports.shouldRunRule = shouldRunRule;
 exports.buildScopedDiff = buildScopedDiff;
 exports.buildRulePrompt = buildRulePrompt;
+const diff_1 = require("./diff");
 const picomatch_1 = __importDefault(require("picomatch"));
 const prompts_1 = require("./prompts");
-function unquoteDiffPath(raw) {
-    if (raw.startsWith("\"") && raw.endsWith("\"") && raw.length >= 2) {
-        return raw.slice(1, -1).replace(/\\"/g, "\"").replace(/\\\\/g, "\\");
-    }
-    return raw;
-}
-function parseDiffGitHeader(line) {
-    const match = line.match(/^diff --git (?:"a\/((?:[^"\\]|\\.)+)"|a\/(\S+)) (?:"b\/((?:[^"\\]|\\.)+)"|b\/(\S+))$/);
-    if (!match) {
-        return undefined;
-    }
-    const aRaw = match[1] ?? match[2];
-    const bRaw = match[3] ?? match[4];
-    if (!aRaw || !bRaw) {
-        return undefined;
-    }
-    return {
-        aPath: unquoteDiffPath(aRaw),
-        bPath: unquoteDiffPath(bRaw)
-    };
-}
 function extractChangedFilesFromDiff(diff) {
     const files = new Set();
     const lines = diff.split("\n");
@@ -38,7 +18,7 @@ function extractChangedFilesFromDiff(diff) {
         if (!line.startsWith("diff --git ")) {
             continue;
         }
-        const parsed = parseDiffGitHeader(line);
+        const parsed = (0, diff_1.parseDiffGitHeader)(line);
         if (!parsed) {
             continue;
         }
@@ -63,10 +43,18 @@ function matchesAnyRegex(diff, regexes) {
     }
     return false;
 }
-function getRuleCandidateFiles(rule, changedFiles) {
+function resolveRuleGlobs(ruleGlobs, globalGlobs) {
+    if (ruleGlobs === undefined) {
+        return globalGlobs;
+    }
+    return ruleGlobs;
+}
+function getRuleCandidateFiles(rule, changedFiles, globalIncludeGlobs = [], globalExcludeGlobs = []) {
     let fileCandidates = changedFiles;
-    const includeMatcher = rule.include_globs && rule.include_globs.length > 0 ? (0, picomatch_1.default)(rule.include_globs) : null;
-    const excludeMatcher = rule.exclude_globs && rule.exclude_globs.length > 0 ? (0, picomatch_1.default)(rule.exclude_globs) : null;
+    const effectiveIncludeGlobs = resolveRuleGlobs(rule.include_globs, globalIncludeGlobs);
+    const effectiveExcludeGlobs = resolveRuleGlobs(rule.exclude_globs, globalExcludeGlobs);
+    const includeMatcher = effectiveIncludeGlobs.length > 0 ? (0, picomatch_1.default)(effectiveIncludeGlobs) : null;
+    const excludeMatcher = effectiveExcludeGlobs.length > 0 ? (0, picomatch_1.default)(effectiveExcludeGlobs) : null;
     if (includeMatcher) {
         fileCandidates = changedFiles.filter((filePath) => includeMatcher(filePath));
         if (fileCandidates.length === 0) {
@@ -78,8 +66,8 @@ function getRuleCandidateFiles(rule, changedFiles) {
     }
     return fileCandidates;
 }
-function shouldRunRule(rule, changedFiles, diff) {
-    const fileCandidates = getRuleCandidateFiles(rule, changedFiles);
+function shouldRunRule(rule, changedFiles, diff, globalIncludeGlobs = [], globalExcludeGlobs = []) {
+    const fileCandidates = getRuleCandidateFiles(rule, changedFiles, globalIncludeGlobs, globalExcludeGlobs);
     if (fileCandidates.length === 0) {
         return false;
     }
@@ -88,41 +76,12 @@ function shouldRunRule(rule, changedFiles, diff) {
     }
     return true;
 }
-function splitDiffIntoFileChunks(diff) {
-    const lines = diff.split("\n");
-    const chunks = [];
-    let currentLines = [];
-    let currentFile = "";
-    const flush = () => {
-        if (currentLines.length === 0) {
-            return;
-        }
-        chunks.push({
-            file: currentFile,
-            chunk: currentLines.join("\n")
-        });
-        currentLines = [];
-        currentFile = "";
-    };
-    for (const line of lines) {
-        if (line.startsWith("diff --git ")) {
-            flush();
-            const parsed = parseDiffGitHeader(line);
-            if (parsed) {
-                currentFile = parsed.bPath;
-            }
-        }
-        currentLines.push(line);
-    }
-    flush();
-    return chunks;
-}
-function buildScopedDiff(rule, fullDiff, changedFiles) {
-    const candidateFiles = new Set(getRuleCandidateFiles(rule, changedFiles));
+function buildScopedDiff(rule, fullDiff, changedFiles, globalIncludeGlobs = [], globalExcludeGlobs = []) {
+    const candidateFiles = new Set(getRuleCandidateFiles(rule, changedFiles, globalIncludeGlobs, globalExcludeGlobs));
     if (candidateFiles.size === 0) {
         return fullDiff;
     }
-    const chunks = splitDiffIntoFileChunks(fullDiff);
+    const chunks = (0, diff_1.splitDiffIntoFileChunks)(fullDiff);
     const scoped = chunks
         .filter((chunk) => chunk.file !== "" && candidateFiles.has(chunk.file))
         .map((chunk) => chunk.chunk)

package/dist/filter.test.js

@@ -0,0 +1,42 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const strict_1 = __importDefault(require("node:assert/strict"));
+const node_test_1 = __importDefault(require("node:test"));
+const filter_1 = require("./filter");
+function makeRule(overrides = {}) {
+    return {
+        id: "SEMLINT_TEST_001",
+        title: "Test rule",
+        severity_default: "warn",
+        prompt: "Test",
+        sourcePath: "/tmp/SEMLINT_TEST_001.json",
+        effectiveSeverity: "warn",
+        ...overrides
+    };
+}
+(0, node_test_1.default)("getRuleCandidateFiles inherits global include/exclude globs", () => {
+    const changedFiles = ["src/a.ts", "src/a.test.ts", "docs/readme.md"];
+    const rule = makeRule();
+    const candidates = (0, filter_1.getRuleCandidateFiles)(rule, changedFiles, ["src/**/*.ts"], ["**/*.test.ts", "**/*.spec.ts"]);
+    strict_1.default.deepEqual(candidates, ["src/a.ts"]);
+});
+(0, node_test_1.default)("getRuleCandidateFiles lets empty rule globs disable global filters", () => {
+    const changedFiles = ["src/a.ts", "src/a.test.ts", "docs/readme.md"];
+    const rule = makeRule({
+        include_globs: [],
+        exclude_globs: []
+    });
+    const candidates = (0, filter_1.getRuleCandidateFiles)(rule, changedFiles, ["src/**/*.ts"], ["**/*.test.ts", "**/*.spec.ts"]);
+    strict_1.default.deepEqual(candidates, changedFiles);
+});
+(0, node_test_1.default)("getRuleCandidateFiles uses explicit rule globs instead of globals", () => {
+    const changedFiles = ["src/a.ts", "docs/readme.md"];
+    const rule = makeRule({
+        include_globs: ["docs/**/*.md"]
+    });
+    const candidates = (0, filter_1.getRuleCandidateFiles)(rule, changedFiles, ["src/**/*.ts"], []);
+    strict_1.default.deepEqual(candidates, ["docs/readme.md"]);
+});

package/dist/init.js

@@ -87,8 +87,16 @@ function scaffoldConfig(force = false) {
         execution: {
             batch: false
         },
+        security: {
+            secret_guard: true,
+            allow_patterns: [],
+            ignore_files: [".gitignore", ".cursorignore", ".semlintignore"],
+            allow_files: []
+        },
         rules: {
             disable: [],
+            include_globs: ["src/**/*.ts"],
+            exclude_globs: [],
             severity_overrides: {}
         },
         backends: {
@@ -102,21 +110,32 @@ function scaffoldConfig(force = false) {
     node_fs_1.default.writeFileSync(targetPath, `${JSON.stringify(scaffold, null, 2)}\n`, "utf8");
     process.stdout.write(picocolors_1.default.green(`Created ${targetPath}\n`));
     process.stdout.write(picocolors_1.default.cyan(`Backend setup: ${detected.backend} (${detected.reason})\n`));
+    process.stderr.write(`${picocolors_1.default.bgRed(picocolors_1.default.white(picocolors_1.default.bold(" SECURITY WARNING ")))}
+${picocolors_1.default.red("Semlint can only filter and scan diff content before invoking your backend. You must configure ignore files and security settings for your repository.")}
+${picocolors_1.default.red("During backend execution, security is handled by your agent/backend native configuration.")}
+${picocolors_1.default.yellow("Review semlint.json security.*, ignore files, and backend/org security settings before use.\n")}`);
     const rulesDir = node_path_1.default.join(process.cwd(), ".semlint", "rules");
     if (!node_fs_1.default.existsSync(rulesDir)) {
         node_fs_1.default.mkdirSync(rulesDir, { recursive: true });
         process.stdout.write(picocolors_1.default.green(`Created ${node_path_1.default.join(".semlint", "rules")}/\n`));
     }
-    const exampleRulePath = node_path_1.default.join(rulesDir, "SEMLINT_EXAMPLE_001.json");
-    if (!node_fs_1.default.existsSync(exampleRulePath)) {
-        const exampleRule = {
-            id: "SEMLINT_EXAMPLE_001",
-            title: "My first rule",
-            severity_default: "warn",
-            prompt: "Describe what the agent should check in the changed code. Example: flag when new functions lack JSDoc, or when error handling is missing."
-        };
-        node_fs_1.default.writeFileSync(exampleRulePath, `${JSON.stringify(exampleRule, null, 2)}\n`, "utf8");
-        process.stdout.write(picocolors_1.default.green(`Created ${node_path_1.default.join(".semlint", "rules", "SEMLINT_EXAMPLE_001.json")} `) + picocolors_1.default.dim(`(edit the title and prompt to define your rule)\n`));
+    const bundledRulesDir = node_path_1.default.resolve(__dirname, "..", ".semlint", "rules");
+    if (!node_fs_1.default.existsSync(bundledRulesDir) || !node_fs_1.default.statSync(bundledRulesDir).isDirectory()) {
+        process.stderr.write(picocolors_1.default.yellow(`No bundled rules found at ${bundledRulesDir}. Add rule files manually under ${node_path_1.default.join(".semlint", "rules")}.\n`));
+        return 0;
+    }
+    const bundledRules = node_fs_1.default
+        .readdirSync(bundledRulesDir)
+        .filter((name) => name.endsWith(".json"))
+        .sort((a, b) => a.localeCompare(b));
+    for (const fileName of bundledRules) {
+        const source = node_path_1.default.join(bundledRulesDir, fileName);
+        const target = node_path_1.default.join(rulesDir, fileName);
+        if (!force && node_fs_1.default.existsSync(target)) {
+            continue;
+        }
+        node_fs_1.default.copyFileSync(source, target);
+        process.stdout.write(picocolors_1.default.green(`Copied ${node_path_1.default.join(".semlint", "rules", fileName)}\n`));
     }
     return 0;
 }

package/dist/main.js

@@ -7,6 +7,8 @@ exports.runSemlint = runSemlint;
 const picocolors_1 = __importDefault(require("picocolors"));
 const nanospinner_1 = require("nanospinner");
 const node_path_1 = __importDefault(require("node:path"));
+const promises_1 = __importDefault(require("node:readline/promises"));
+const node_process_1 = require("node:process");
 const package_json_1 = require("../package.json");
 const backend_1 = require("./backend");
 const config_1 = require("./config");
@@ -16,6 +18,7 @@ const filter_1 = require("./filter");
 const git_1 = require("./git");
 const reporter_1 = require("./reporter");
 const rules_1 = require("./rules");
+const secrets_1 = require("./secrets");
 const utils_1 = require("./utils");
 function timed(enabled, label, action) {
     const startedAt = Date.now();
@@ -29,6 +32,64 @@ async function timedAsync(enabled, label, action) {
     (0, utils_1.debugLog)(enabled, `${label} in ${Date.now() - startedAt}ms`);
     return result;
 }
+function formatFileList(title, files) {
+    if (files.length === 0) {
+        return `${title} (0):\n  (none)\n`;
+    }
+    return `${title} (${files.length}):\n${files.map((file) => `  - ${file}`).join("\n")}\n`;
+}
+async function confirmDiffPreview(includedFiles, excludedFiles, autoAccept) {
+    const boxWidth = 80;
+    const boxBorder = picocolors_1.default.dim(`+${"-".repeat(boxWidth - 2)}+`);
+    // INFO : https://patorjk.com/software/taag/#p=display&f=Terrace&t=Semlint&x=none&v=4&h=4&w=80&we=false
+    const semlintAscii = [
+        "  ░██████                              ░██ ░██              ░██    ",
+        " ░██   ░██                             ░██                  ░██    ",
+        "░██          ░███████  ░█████████████  ░██ ░██░████████  ░████████ ",
+        " ░████████  ░██    ░██ ░██   ░██   ░██ ░██ ░██░██    ░██    ░██    ",
+        "        ░██ ░█████████ ░██   ░██   ░██ ░██ ░██░██    ░██    ░██    ",
+        " ░██   ░██  ░██        ░██   ░██   ░██ ░██ ░██░██    ░██    ░██    ",
+        "  ░██████    ░███████  ░██   ░██   ░██ ░██ ░██░██    ░██     ░████ ",
+        "                                                                   ",
+        "                                                                   "
+    ];
+    const boxLine = (text = "", style = (value) => value) => {
+        const visibleText = text.length > boxWidth - 4 ? `${text.slice(0, boxWidth - 7)}...` : text;
+        const padded = visibleText.padEnd(boxWidth - 4, " ");
+        return `${picocolors_1.default.dim("|")} ${style(padded)} ${picocolors_1.default.dim("|")}\n`;
+    };
+    process.stdout.write("\n");
+    process.stdout.write(`${picocolors_1.default.cyan(semlintAscii.join("\n"))}\n\n`);
+    process.stdout.write(`${picocolors_1.default.dim(`Semlint v${package_json_1.version} (alpha) - Use at your own risk.`)}\n`);
+    process.stdout.write(`${boxBorder}\n`);
+    process.stdout.write(boxLine("Diff preview", (value) => picocolors_1.default.bold(value)));
+    process.stdout.write(boxLine("Review which files are included before sending this diff to your agent.", picocolors_1.default.dim));
+    process.stdout.write(boxLine());
+    process.stdout.write(boxLine("! Security warning", (value) => picocolors_1.default.red(picocolors_1.default.bold(value))));
+    process.stdout.write(boxLine("Run `semlint-cli security` to review security guidance.", picocolors_1.default.dim));
+    process.stdout.write(`${boxBorder}\n\n`);
+    process.stdout.write(formatFileList(picocolors_1.default.bold("Included files"), includedFiles));
+    process.stdout.write("\n");
+    process.stdout.write(formatFileList(picocolors_1.default.bold("Excluded files"), excludedFiles));
+    process.stdout.write("\n");
+    if (autoAccept) {
+        process.stdout.write(picocolors_1.default.dim("Auto-accepted with --yes.\n\n"));
+        return true;
+    }
+    if (!process.stdin.isTTY || !process.stdout.isTTY) {
+        process.stderr.write(picocolors_1.default.red("Diff confirmation is required by default. Re-run with --yes (-y) to auto-accept in non-interactive environments.\n"));
+        return false;
+    }
+    const rl = promises_1.default.createInterface({ input: node_process_1.stdin, output: node_process_1.stdout });
+    try {
+        const answer = await rl.question(picocolors_1.default.yellow("Proceed with Semlint analysis? [y/N] "));
+        const normalized = answer.trim().toLowerCase();
+        return normalized === "y" || normalized === "yes";
+    }
+    finally {
+        rl.close();
+    }
+}
 async function runSemlint(options) {
     const startedAt = Date.now();
     let spinner = null;
@@ -39,17 +100,42 @@ async function runSemlint(options) {
         (0, utils_1.debugLog)(config.debug, `Loaded ${rules.length} rule(s)`);
         (0, utils_1.debugLog)(config.debug, `Rule IDs: ${rules.map((rule) => rule.id).join(", ")}`);
         const useLocalBranchDiff = !options.base && !options.head;
-        const diff = await timedAsync(config.debug, "Computed git diff", () => useLocalBranchDiff ? (0, git_1.getLocalBranchDiff)() : (0, git_1.getGitDiff)(config.base, config.head));
+        const repoRoot = await timedAsync(config.debug, "Resolved git repo root", () => (0, git_1.getRepoRoot)());
+        const scanRoot = repoRoot ?? process.cwd();
+        (0, utils_1.debugLog)(config.debug, `Using diff/ignore scan root: ${scanRoot}`);
+        const rawDiff = await timedAsync(config.debug, "Computed git diff", () => useLocalBranchDiff ? (0, git_1.getLocalBranchDiff)() : (0, git_1.getGitDiff)(config.base, config.head));
+        const { filteredDiff: diff, excludedFiles } = timed(config.debug, "Filtered diff by ignore rules", () => (0, secrets_1.filterDiffByIgnoreRules)(rawDiff, scanRoot, config.security.ignoreFiles));
+        if (excludedFiles.length > 0) {
+            (0, utils_1.debugLog)(config.debug, `Excluded ${excludedFiles.length} file(s) by ignore/security rules: ${excludedFiles.join(", ")}`);
+        }
+        if (config.security.secretGuard) {
+            const findings = timed(config.debug, "Scanned diff for secrets", () => (0, secrets_1.scanDiffForSecrets)(diff, config.security.allowPatterns, config.security.allowFiles));
+            if (findings.length > 0) {
+                process.stderr.write(picocolors_1.default.red("Secret guard blocked analysis: potential secrets were detected in the diff. Nothing was sent to the backend.\n"));
+                process.stderr.write("Allow a known-safe file by adding a glob to security.allow_files in semlint.json (example: \"allow_files\": [\"src/my-sensitive-file.ts\"]).\n");
+                findings.slice(0, 20).forEach((finding) => {
+                    process.stderr.write(`  ${finding.file}:${finding.line}  ${finding.kind}  sample=${finding.redactedSample}\n`);
+                });
+                if (findings.length > 20) {
+                    process.stderr.write(`  ...and ${findings.length - 20} more finding(s)\n`);
+                }
+                return 2;
+            }
+        }
         const changedFiles = timed(config.debug, "Parsed changed files from diff", () => (0, filter_1.extractChangedFilesFromDiff)(diff));
+        const confirmed = await timedAsync(config.debug, "User confirmation", () => confirmDiffPreview(changedFiles, excludedFiles, options.autoAccept));
+        if (!confirmed) {
+            process.stderr.write("Aborted by user.\n");
+            return 2;
+        }
         (0, utils_1.debugLog)(config.debug, useLocalBranchDiff
             ? "Using local branch diff (staged + unstaged + untracked only)"
             : `Using explicit ref diff (${config.base}..${config.head})`);
         (0, utils_1.debugLog)(config.debug, `Detected ${changedFiles.length} changed file(s)`);
-        const repoRoot = await timedAsync(config.debug, "Resolved git repo root", () => (0, git_1.getRepoRoot)());
         const backend = timed(config.debug, "Initialized backend runner", () => (0, backend_1.createBackendRunner)(config));
         const runnableRules = rules.filter((rule) => {
             const filterStartedAt = Date.now();
-            const shouldRun = (0, filter_1.shouldRunRule)(rule, changedFiles, diff);
+            const shouldRun = (0, filter_1.shouldRunRule)(rule, changedFiles, diff, config.rulesIncludeGlobs, config.rulesExcludeGlobs);
             (0, utils_1.debugLog)(config.debug, `Rule ${rule.id}: filter check in ${Date.now() - filterStartedAt}ms`);
             if (!shouldRun) {
                 (0, utils_1.debugLog)(config.debug, `Skipping rule ${rule.id}: filters did not match`);

package/dist/secrets.js

@@ -0,0 +1,160 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.filterDiffByIgnoreRules = filterDiffByIgnoreRules;
+exports.scanDiffForSecrets = scanDiffForSecrets;
+const node_fs_1 = __importDefault(require("node:fs"));
+const node_path_1 = __importDefault(require("node:path"));
+const ignore_1 = __importDefault(require("ignore"));
+const picomatch_1 = __importDefault(require("picomatch"));
+const diff_1 = require("./diff");
+const BUILTIN_SENSITIVE_GLOBS = [
+    ".env",
+    "*.env",
+    ".env.*",
+    "*.env.*",
+    "*.pem",
+    "*.key",
+    "id_rsa",
+    "id_rsa.*",
+    "secrets/",
+    "credentials/",
+    "*credentials*.json"
+];
+const SECRET_KEYWORDS = [
+    "password",
+    "passwd",
+    "secret",
+    "token",
+    "api_key",
+    "apikey",
+    "x-api-key",
+    "access_token",
+    "refresh_token",
+    "id_token",
+    "client_secret",
+    "auth_token",
+    "authorization",
+    "bearer ",
+    "private_key",
+    "private key",
+    "certificate",
+    "cert",
+    "connectionstring",
+    "database_url",
+    "postgres://",
+    "mongodb+srv://",
+    "mysql://",
+    "redis://",
+    "sk-",
+    "sk_",
+    "ghp_",
+    "github_pat_",
+    "xoxb-",
+    "xoxp-",
+    "akia",
+    "-----begin",
+    "key"
+];
+function readIgnorePatterns(cwd, ignoreFiles) {
+    return ignoreFiles.flatMap((fileName) => {
+        const filePath = node_path_1.default.join(cwd, fileName);
+        if (!node_fs_1.default.existsSync(filePath)) {
+            return [];
+        }
+        return node_fs_1.default
+            .readFileSync(filePath, "utf8")
+            .split("\n")
+            .map((line) => line.trim())
+            .filter((line) => line !== "" && !line.startsWith("#"));
+    });
+}
+function createIgnoreMatcher(patterns) {
+    const matcher = (0, ignore_1.default)().add(patterns);
+    return (filePath) => matcher.ignores(filePath);
+}
+function redactSample(sample) {
+    const compact = sample.trim();
+    if (compact.length <= 6) {
+        return "***";
+    }
+    return `${compact.slice(0, 2)}***${compact.slice(-2)}`;
+}
+function parseAllowMatchers(patterns) {
+    return patterns.flatMap((pattern) => {
+        try {
+            return [new RegExp(pattern)];
+        }
+        catch {
+            return [];
+        }
+    });
+}
+function filterDiffByIgnoreRules(diff, cwd, ignoreFiles) {
+    const ignorePatterns = [...readIgnorePatterns(cwd, ignoreFiles), ...BUILTIN_SENSITIVE_GLOBS];
+    const ignoreMatcher = createIgnoreMatcher(ignorePatterns);
+    const chunks = (0, diff_1.splitDiffIntoFileChunks)(diff);
+    const excludedFiles = chunks
+        .filter((chunk) => chunk.file !== "" && ignoreMatcher(chunk.file))
+        .map((chunk) => chunk.file);
+    const filteredDiff = chunks
+        .filter((chunk) => chunk.file === "" || !ignoreMatcher(chunk.file))
+        .map((chunk) => chunk.chunk)
+        .join("\n");
+    return {
+        filteredDiff,
+        excludedFiles: Array.from(new Set(excludedFiles)).sort((a, b) => a.localeCompare(b))
+    };
+}
+function scanDiffForSecrets(diff, allowPatterns, allowFiles) {
+    const findings = [];
+    const allowMatchers = parseAllowMatchers(allowPatterns);
+    const allowFileMatcher = allowFiles.length > 0 ? (0, picomatch_1.default)(allowFiles, { dot: true }) : undefined;
+    const lines = diff.split("\n");
+    let currentFile = "(unknown)";
+    let newLine = 1;
+    for (const line of lines) {
+        if (line.startsWith("diff --git ")) {
+            const parsed = (0, diff_1.parseDiffGitHeader)(line);
+            if (parsed) {
+                currentFile = parsed.bPath;
+            }
+            continue;
+        }
+        const hunk = line.match(/^@@ -\d+(?:,\d+)? \+(\d+)(?:,\d+)? @@/);
+        if (hunk) {
+            newLine = Number(hunk[1]);
+            continue;
+        }
+        if (line.startsWith("+") && !line.startsWith("+++")) {
+            const fileAllowed = allowFileMatcher?.(currentFile) ?? false;
+            if (fileAllowed) {
+                newLine += 1;
+                continue;
+            }
+            const added = line.slice(1);
+            const allowed = allowMatchers.some((matcher) => matcher.test(added));
+            if (!allowed) {
+                const lowered = added.toLowerCase();
+                const matchedKeyword = SECRET_KEYWORDS.find((keyword) => lowered.includes(keyword));
+                if (matchedKeyword) {
+                    findings.push({
+                        file: currentFile,
+                        line: newLine,
+                        kind: `keyword:${matchedKeyword}`,
+                        redactedSample: redactSample(added)
+                    });
+                }
+            }
+            newLine += 1;
+            continue;
+        }
+        if (line.startsWith(" ")) {
+            newLine += 1;
+            continue;
+        }
+    }
+    return findings;
+}

package/dist/secrets.test.js

@@ -0,0 +1,157 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const strict_1 = __importDefault(require("node:assert/strict"));
+const node_fs_1 = __importDefault(require("node:fs"));
+const node_os_1 = __importDefault(require("node:os"));
+const node_path_1 = __importDefault(require("node:path"));
+const node_test_1 = __importDefault(require("node:test"));
+const secrets_1 = require("./secrets");
+(0, node_test_1.default)("filterDiffByIgnoreRules aggregates ignore files", () => {
+    const cwd = node_fs_1.default.mkdtempSync(node_path_1.default.join(node_os_1.default.tmpdir(), "semlint-ignore-"));
+    try {
+        node_fs_1.default.writeFileSync(node_path_1.default.join(cwd, ".cursorignore"), "cursor-only/**\n", "utf8");
+        node_fs_1.default.writeFileSync(node_path_1.default.join(cwd, ".semlintignore"), "semlint-only/**\n", "utf8");
+        node_fs_1.default.writeFileSync(node_path_1.default.join(cwd, ".cursoringore"), "typo-ignore/**\n", "utf8");
+        const diff = [
+            "diff --git a/cursor-only/a.ts b/cursor-only/a.ts",
+            "--- a/cursor-only/a.ts",
+            "+++ b/cursor-only/a.ts",
+            "@@ -0,0 +1 @@",
+            "+const a = 1;",
+            "diff --git a/semlint-only/b.ts b/semlint-only/b.ts",
+            "--- a/semlint-only/b.ts",
+            "+++ b/semlint-only/b.ts",
+            "@@ -0,0 +1 @@",
+            "+const b = 1;",
+            "diff --git a/typo-ignore/c.ts b/typo-ignore/c.ts",
+            "--- a/typo-ignore/c.ts",
+            "+++ b/typo-ignore/c.ts",
+            "@@ -0,0 +1 @@",
+            "+const c = 1;",
+            "diff --git a/src/safe.ts b/src/safe.ts",
+            "--- a/src/safe.ts",
+            "+++ b/src/safe.ts",
+            "@@ -0,0 +1 @@",
+            "+const safe = 1;"
+        ].join("\n");
+        const result = (0, secrets_1.filterDiffByIgnoreRules)(diff, cwd, [
+            ".cursorignore",
+            ".semlintignore",
+            ".cursoringore"
+        ]);
+        strict_1.default.deepEqual(result.excludedFiles, [
+            "cursor-only/a.ts",
+            "semlint-only/b.ts",
+            "typo-ignore/c.ts"
+        ]);
+        strict_1.default.match(result.filteredDiff, /src\/safe\.ts/);
+        strict_1.default.doesNotMatch(result.filteredDiff, /cursor-only\/a\.ts/);
+        strict_1.default.doesNotMatch(result.filteredDiff, /semlint-only\/b\.ts/);
+        strict_1.default.doesNotMatch(result.filteredDiff, /typo-ignore\/c\.ts/);
+    }
+    finally {
+        node_fs_1.default.rmSync(cwd, { recursive: true, force: true });
+    }
+});
+(0, node_test_1.default)("scanDiffForSecrets flags keyword matches on added lines", () => {
+    const diff = [
+        "diff --git a/src/test2.ts b/src/test2.ts",
+        "--- a/src/test2.ts",
+        "+++ b/src/test2.ts",
+        "@@ -0,0 +4 @@",
+        '+const payload = { "PASSWORD": "password", "API_KEY": "api-key" };'
+    ].join("\n");
+    const findings = (0, secrets_1.scanDiffForSecrets)(diff, [], []);
+    strict_1.default.ok(findings.length >= 1);
+    strict_1.default.equal(findings[0].file, "src/test2.ts");
+    strict_1.default.equal(findings[0].line, 4);
+    strict_1.default.match(findings[0].kind, /^keyword:/);
+});
+(0, node_test_1.default)("scanDiffForSecrets skips files listed in allow_files", () => {
+    const diff = [
+        "diff --git a/src/test2.ts b/src/test2.ts",
+        "--- a/src/test2.ts",
+        "+++ b/src/test2.ts",
+        "@@ -0,0 +1 @@",
+        '+const password = "should-not-block-when-allowed";'
+    ].join("\n");
+    const findings = (0, secrets_1.scanDiffForSecrets)(diff, [], ["src/test2.ts"]);
+    strict_1.default.equal(findings.length, 0);
+});
+(0, node_test_1.default)("filterDiffByIgnoreRules matches basename ignores in nested paths", () => {
+    const cwd = node_fs_1.default.mkdtempSync(node_path_1.default.join(node_os_1.default.tmpdir(), "semlint-ignore-basename-"));
+    try {
+        node_fs_1.default.writeFileSync(node_path_1.default.join(cwd, ".semlintignore"), ".env\n*.env\n", "utf8");
+        const diff = [
+            "diff --git a/src/secret.env b/src/secret.env",
+            "--- a/src/secret.env",
+            "+++ b/src/secret.env",
+            "@@ -0,0 +1 @@",
+            "+API_KEY=abc",
+            "diff --git a/src/safe.ts b/src/safe.ts",
+            "--- a/src/safe.ts",
+            "+++ b/src/safe.ts",
+            "@@ -0,0 +1 @@",
+            "+const safe = true;"
+        ].join("\n");
+        const result = (0, secrets_1.filterDiffByIgnoreRules)(diff, cwd, [".semlintignore"]);
+        strict_1.default.deepEqual(result.excludedFiles, ["src/secret.env"]);
+        strict_1.default.match(result.filteredDiff, /src\/safe\.ts/);
+        strict_1.default.doesNotMatch(result.filteredDiff, /src\/secret\.env/);
+    }
+    finally {
+        node_fs_1.default.rmSync(cwd, { recursive: true, force: true });
+    }
+});
+(0, node_test_1.default)("filterDiffByIgnoreRules supports gitignore negation patterns", () => {
+    const cwd = node_fs_1.default.mkdtempSync(node_path_1.default.join(node_os_1.default.tmpdir(), "semlint-ignore-negation-"));
+    try {
+        node_fs_1.default.writeFileSync(node_path_1.default.join(cwd, ".semlintignore"), "*.env\n!src/public.env\n", "utf8");
+        const diff = [
+            "diff --git a/src/secret.env b/src/secret.env",
+            "--- a/src/secret.env",
+            "+++ b/src/secret.env",
+            "@@ -0,0 +1 @@",
+            "+API_KEY=blocked",
+            "diff --git a/src/public.env b/src/public.env",
+            "--- a/src/public.env",
+            "+++ b/src/public.env",
+            "@@ -0,0 +1 @@",
+            "+SAFE=true"
+        ].join("\n");
+        const result = (0, secrets_1.filterDiffByIgnoreRules)(diff, cwd, [".semlintignore"]);
+        strict_1.default.deepEqual(result.excludedFiles, ["src/secret.env"]);
+        strict_1.default.match(result.filteredDiff, /src\/public\.env/);
+        strict_1.default.doesNotMatch(result.filteredDiff, /src\/secret\.env/);
+    }
+    finally {
+        node_fs_1.default.rmSync(cwd, { recursive: true, force: true });
+    }
+});
+(0, node_test_1.default)("filterDiffByIgnoreRules excludes *.env by builtin sensitive globs", () => {
+    const cwd = node_fs_1.default.mkdtempSync(node_path_1.default.join(node_os_1.default.tmpdir(), "semlint-ignore-builtin-env-"));
+    try {
+        const diff = [
+            "diff --git a/src/secret.env b/src/secret.env",
+            "--- a/src/secret.env",
+            "+++ b/src/secret.env",
+            "@@ -0,0 +1 @@",
+            "+API_KEY=blocked",
+            "diff --git a/src/safe.ts b/src/safe.ts",
+            "--- a/src/safe.ts",
+            "+++ b/src/safe.ts",
+            "@@ -0,0 +1 @@",
+            "+const safe = true;"
+        ].join("\n");
+        const result = (0, secrets_1.filterDiffByIgnoreRules)(diff, cwd, [".semlintignore"]);
+        strict_1.default.deepEqual(result.excludedFiles, ["src/secret.env"]);
+        strict_1.default.match(result.filteredDiff, /src\/safe\.ts/);
+        strict_1.default.doesNotMatch(result.filteredDiff, /src\/secret\.env/);
+    }
+    finally {
+        node_fs_1.default.rmSync(cwd, { recursive: true, force: true });
+    }
+});

package/dist/security.js

@@ -0,0 +1,26 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.printSecurityGuide = printSecurityGuide;
+const picocolors_1 = __importDefault(require("picocolors"));
+const SECURITY_TEXT = [
+    picocolors_1.default.bold("Semlint security guide"),
+    "",
+    "Semlint applies security controls before backend execution:",
+    "- It filters diff paths using ignore files and built-in sensitive globs.",
+    "- It scans added lines for high-signal secret patterns.",
+    "- It blocks backend execution when potential secrets are found.",
+    "",
+    "Your responsibilities:",
+    "- Keep `.gitignore`, `.cursorignore`, `.semlintignore` (and configured `security.ignore_files`) up to date.",
+    "- Tune `security.allow_patterns` and `security.allow_files` only for known-safe cases.",
+    "- Review your agent native access and security policy.",
+    "",
+    "More details: README.md#security-responsibility-model"
+].join("\n");
+function printSecurityGuide() {
+    process.stdout.write(`${SECURITY_TEXT}\n`);
+    return 0;
+}

package/dist/test2.js

@@ -0,0 +1,5 @@
+"use strict";
+const a = {
+    "PASSWORD": "password",
+    "API_KEY": "api-key"
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "semlint-cli",
-  "version": "0.1.6",
+  "version": "0.1.9",
   "description": "Semantic lint CLI — runs LLM-backed rules on your git diff and returns CI-friendly exit codes",
   "type": "commonjs",
   "main": "dist/main.js",
@@ -10,11 +10,12 @@
   "files": [
     "dist",
     "prompts",
-    "rules",
+    ".semlint/rules",
     "README.md"
   ],
   "scripts": {
     "build": "tsc -p tsconfig.json",
+    "test": "pnpm run build && node --test \"dist/*.test.js\"",
     "prepublishOnly": "pnpm run build",
     "check": "node dist/cli.js check",
     "start": "node dist/cli.js check",
@@ -41,6 +42,7 @@
   },
   "packageManager": "pnpm@10.29.2",
   "dependencies": {
+    "ignore": "^7.0.5",
     "nanospinner": "^1.2.2",
     "picocolors": "^1.1.1",
     "picomatch": "^4.0.3"