solidity-argus 0.1.8 → 0.2.0

package/src/cli/commands/doctor.ts

@@ -1,8 +1,20 @@
 import { execSync } from "node:child_process"
-import { existsSync } from "node:fs"
-import { join } from "node:path"
+import { existsSync, readdirSync, readFileSync } from "node:fs"
+import { basename, dirname, extname, join } from "node:path"
 import type { CliCommand } from "../types"
+import type { ArgusConfig } from "../../config/types"
 import { loadArgusConfig } from "../../config/loader"
+import {
+  getRequiredAuditSkills,
+  normalizeSkillName,
+  resolveArgusSkills,
+  resolveSkillRoots,
+  type ResolvedSkill,
+} from "../../skills/argus-skill-resolver"
+import { parseFrontmatter, validateSkillFrontmatter } from "../../skills/skill-schema"
+import { detectViaIr } from "../../tools/slither-tool"
+import { checkSoloditHealth } from "../../utils/solodit-health"
+import { cliOutput } from "../cli-output"
 
 const GREEN = "\x1b[32m"
 const RED = "\x1b[31m"
@@ -11,7 +23,10 @@ const RESET = "\x1b[0m"
 
 function checkBinary(name: string): { found: boolean; version: string | null } {
   try {
-    const version = execSync(`${name} --version`, { timeout: 5000 })
+    const version = execSync(`${name} --version`, {
+      timeout: 5000,
+      stdio: ["pipe", "pipe", "pipe"],
+    })
       .toString()
       .trim()
       .split("\n")[0] ?? null
@@ -28,6 +43,144 @@ function checkSolidityProject(dir: string): string | null {
   return null
 }
 
+export const ALL_CATEGORIES = [
+  "vulnerability-pattern",
+  "methodology",
+  "protocol-pattern",
+  "checklist",
+  "reference",
+] as const
+
+export const REQUIRED_CATEGORIES: readonly string[] = ["vulnerability-pattern", "methodology"]
+
+export type SkillHealthReport = {
+  categoryBreakdown: Record<string, number>
+  trustTierBreakdown: Record<string, number>
+  duplicates: Array<{ name: string; sources: string[] }>
+  schemaValid: number
+  schemaInvalid: number
+  schemaSkipped: number
+  invalidSkills: Array<{ name: string; error: string }>
+  missingCategories: string[]
+}
+
+export function findDuplicateSkills(
+  entries: Array<{ name: string; source: string }>,
+): Array<{ name: string; sources: string[] }> {
+  const nameToSources = new Map<string, Set<string>>()
+  for (const { name, source } of entries) {
+    if (!nameToSources.has(name)) nameToSources.set(name, new Set())
+    nameToSources.get(name)!.add(source)
+  }
+  return Array.from(nameToSources)
+    .filter(([, sources]) => sources.size > 1)
+    .map(([name, sources]) => ({ name, sources: Array.from(sources) }))
+}
+
+export function buildSkillHealthReport(
+  resolvedSkills: Map<string, ResolvedSkill>,
+  duplicateEntries?: Array<{ name: string; source: string }>,
+): SkillHealthReport {
+  const categoryBreakdown: Record<string, number> = {}
+  for (const cat of ALL_CATEGORIES) categoryBreakdown[cat] = 0
+
+  const trustTierBreakdown: Record<string, number> = {}
+  let schemaValid = 0
+  let schemaInvalid = 0
+  let schemaSkipped = 0
+  const invalidSkills: Array<{ name: string; error: string }> = []
+
+  for (const [name, skill] of resolvedSkills) {
+    trustTierBreakdown[skill.source] = (trustTierBreakdown[skill.source] ?? 0) + 1
+
+    const fm = parseFrontmatter(skill.content)
+    if (fm) {
+      const validation = validateSkillFrontmatter(fm)
+      if (validation.success) {
+        schemaValid++
+        if (validation.data.category) {
+          categoryBreakdown[validation.data.category] =
+            (categoryBreakdown[validation.data.category] ?? 0) + 1
+        }
+      } else {
+        schemaInvalid++
+        invalidSkills.push({ name, error: validation.errors[0] ?? "unknown error" })
+      }
+    } else {
+      schemaSkipped++
+    }
+  }
+
+  const duplicates = duplicateEntries ? findDuplicateSkills(duplicateEntries) : []
+  const missingCategories = REQUIRED_CATEGORIES.filter(
+    (cat) => (categoryBreakdown[cat] ?? 0) === 0,
+  )
+
+  return {
+    categoryBreakdown,
+    trustTierBreakdown,
+    duplicates,
+    schemaValid,
+    schemaInvalid,
+    schemaSkipped,
+    invalidSkills,
+    missingCategories,
+  }
+}
+
+function scanMarkdownFiles(dir: string, maxDepth = 8): string[] {
+  if (!existsSync(dir)) return []
+  const files: string[] = []
+  const stack: Array<{ path: string; depth: number }> = [{ path: dir, depth: 0 }]
+  while (stack.length > 0) {
+    const current = stack.pop()
+    if (!current || current.depth > maxDepth) continue
+    try {
+      const entries = readdirSync(current.path, { withFileTypes: true })
+      for (const entry of entries) {
+        const fullPath = join(current.path, entry.name)
+        if (entry.isDirectory()) {
+          stack.push({ path: fullPath, depth: current.depth + 1 })
+        } else if (entry.isFile() && extname(entry.name).toLowerCase() === ".md") {
+          files.push(fullPath)
+        }
+      }
+    } catch {
+    }
+  }
+  return files
+}
+
+function inferSkillName(filePath: string): string {
+  if (basename(filePath) === "SKILL.md") {
+    return basename(dirname(filePath))
+  }
+  return basename(filePath, extname(filePath))
+}
+
+function collectAllSkillNames(
+  projectDir: string,
+  argusConfig?: ArgusConfig,
+): Array<{ name: string; source: string }> {
+  const roots = resolveSkillRoots(projectDir, argusConfig)
+  const entries: Array<{ name: string; source: string }> = []
+  for (const root of roots) {
+    const files = scanMarkdownFiles(root.path)
+    for (const file of files) {
+      try {
+        const content = readFileSync(file, "utf8")
+        const fm = parseFrontmatter(content)
+        const nameFromFm = typeof fm?.name === "string" ? fm.name : null
+        const rawName = nameFromFm || inferSkillName(file)
+        const name = normalizeSkillName(rawName)
+        if (name) entries.push({ name, source: root.source })
+      } catch {
+      }
+    }
+  }
+  return entries
+}
+
 export const doctorCommand: CliCommand = {
   name: "doctor",
   description: "Check tool dependencies and configuration",
@@ -35,47 +188,152 @@ export const doctorCommand: CliCommand = {
     const cwd = process.cwd()
     let hasFailure = false
 
-    console.log("Argus Doctor\n")
+    cliOutput.log("Argus Doctor\n")
 
     const slither = checkBinary("slither")
     if (slither.found) {
-      console.log(`${GREEN}✓${RESET} Slither: installed (${slither.version})`)
+      cliOutput.log(`${GREEN}✓${RESET} Slither: installed (${slither.version})`)
     } else {
-      console.log(`${RED}✗${RESET} Slither: not found — pip install slither-analyzer`)
+      cliOutput.log(`${RED}✗${RESET} Slither: not found — pip install slither-analyzer`)
       hasFailure = true
     }
 
     const forge = checkBinary("forge")
     if (forge.found) {
-      console.log(`${GREEN}✓${RESET} Forge: installed (${forge.version})`)
+      cliOutput.log(`${GREEN}✓${RESET} Forge: installed (${forge.version})`)
     } else {
-      console.log(`${RED}✗${RESET} Forge: not found — curl -L https://foundry.paradigm.xyz | bash`)
+      cliOutput.log(`${RED}✗${RESET} Forge: not found — curl -L https://foundry.paradigm.xyz | bash`)
       hasFailure = true
     }
 
+    const solcSelect = checkBinary("solc-select")
+    if (solcSelect.found) {
+      cliOutput.log(`${GREEN}✓${RESET} solc-select: installed (${solcSelect.version})`)
+    } else {
+      cliOutput.log(`${YELLOW}⚠${RESET} solc-select: not found — pipx install solc-select (needed for via_ir flatten fallback)`)
+    }
+
     const projectType = checkSolidityProject(cwd)
     if (projectType) {
-      console.log(`${GREEN}✓${RESET} Project: ${projectType} detected`)
+      cliOutput.log(`${GREEN}✓${RESET} Project: ${projectType} detected`)
     } else {
-      console.log(`${YELLOW}⚠${RESET} Project: no Solidity project detected`)
+      cliOutput.log(`${YELLOW}⚠${RESET} Project: no Solidity project detected`)
     }
 
+    if (projectType === "foundry" && detectViaIr(cwd)) {
+      cliOutput.log(`${YELLOW}⚠${RESET} via_ir: enabled in foundry.toml — Slither will use flatten fallback`)
+      if (!forge.found) {
+        cliOutput.log(`${RED}✗${RESET}   forge is required for via_ir flatten fallback but is missing`)
+        hasFailure = true
+      }
+      if (!solcSelect.found) {
+        cliOutput.log(`${YELLOW}⚠${RESET}   solc-select is recommended for via_ir flatten fallback`)
+      }
+    }
+
+    let config: ReturnType<typeof loadArgusConfig> | undefined
     try {
-      const config = loadArgusConfig(cwd)
-      console.log(`${GREEN}✓${RESET} Config: valid`)
+      config = loadArgusConfig(cwd)
+      cliOutput.log(`${GREEN}✓${RESET} Config: valid`)
+
+      const requiredSkills = getRequiredAuditSkills()
+      const resolvedSkills = resolveArgusSkills(cwd, config)
+      const missingSkills = requiredSkills.filter((skillName) => !resolvedSkills.has(skillName))
+
+      if (missingSkills.length === 0) {
+        cliOutput.log(`${GREEN}✓${RESET} Skills: required audit skills resolvable (${requiredSkills.join(", ")})`)
+      } else {
+        cliOutput.log(`${RED}✗${RESET} Skills: missing required skills (${missingSkills.join(", ")})`)
+        hasFailure = true
+      }
     } catch {
-      console.log(`${YELLOW}⚠${RESET} Config: using defaults`)
+      cliOutput.log(`${YELLOW}⚠${RESET} Config: using defaults`)
+
+      const requiredSkills = getRequiredAuditSkills()
+      const resolvedSkills = resolveArgusSkills(cwd)
+      const missingSkills = requiredSkills.filter((skillName) => !resolvedSkills.has(skillName))
+
+      if (missingSkills.length === 0) {
+        cliOutput.log(`${GREEN}✓${RESET} Skills: required audit skills resolvable (${requiredSkills.join(", ")})`)
+      } else {
+        cliOutput.log(`${RED}✗${RESET} Skills: missing required skills (${missingSkills.join(", ")})`)
+        hasFailure = true
+      }
     }
 
     try {
       const response = await fetch("https://api.scvd.dev/stats", { signal: AbortSignal.timeout(5000) })
       if (response.ok) {
-        console.log(`${GREEN}✓${RESET} SCVD API: reachable`)
+        cliOutput.log(`${GREEN}✓${RESET} SCVD API: reachable`)
       } else {
-        console.log(`${YELLOW}⚠${RESET} SCVD API: returned ${response.status}`)
+        cliOutput.log(`${YELLOW}⚠${RESET} SCVD API: returned ${response.status}`)
+      }
+    } catch {
+      cliOutput.log(`${YELLOW}⚠${RESET} SCVD API: unreachable`)
+    }
+
+    // Solodit MCP check
+    const soloditConfig = config?.solodit ?? { enabled: true, port: 3000 }
+    const soloditEnabled = soloditConfig.enabled !== false
+    const soloditPort = soloditConfig.port ?? 3000
+
+    if (soloditEnabled) {
+      const health = await checkSoloditHealth(soloditPort, true)
+      if (health.reachable) {
+        cliOutput.log(`${GREEN}✓${RESET} Solodit MCP: reachable on port ${soloditPort}`)
+      } else {
+        cliOutput.log(
+          `${YELLOW}⚠${RESET} Solodit MCP: unreachable on port ${soloditPort} (start with: npx @lyuboslavlyubenov/solodit-mcp)`,
+        )
+      }
+    } else {
+      cliOutput.log(`${YELLOW}⚠${RESET} Solodit MCP: disabled in config`)
+    }
+
+    cliOutput.log("\nSkill Health")
+    try {
+      const healthSkills = resolveArgusSkills(cwd, config)
+      const allEntries = collectAllSkillNames(cwd, config)
+      const report = buildSkillHealthReport(healthSkills, allEntries)
+
+      const catParts = ALL_CATEGORIES.map(
+        (cat) => `${cat}: ${report.categoryBreakdown[cat] ?? 0}`,
+      )
+      cliOutput.log(`${GREEN}✓${RESET} Categories: ${catParts.join(", ")}`)
+
+      const tierParts = Object.entries(report.trustTierBreakdown).map(
+        ([tier, count]) => `${tier}: ${count}`,
+      )
+      cliOutput.log(`${GREEN}✓${RESET} Trust tiers: ${tierParts.join(", ")}`)
+
+      if (report.schemaInvalid === 0) {
+        cliOutput.log(
+          `${GREEN}✓${RESET} Schema: ${report.schemaValid} valid, 0 invalid, ${report.schemaSkipped} skipped (no frontmatter)`,
+        )
+      } else {
+        cliOutput.log(
+          `${YELLOW}⚠${RESET} Schema: ${report.schemaValid} valid, ${report.schemaInvalid} invalid, ${report.schemaSkipped} skipped (no frontmatter)`,
+        )
+        for (const inv of report.invalidSkills) {
+          cliOutput.log(`  ${RED}✗${RESET} ${inv.name}: ${inv.error}`)
+        }
+      }
+
+      if (report.duplicates.length > 0) {
+        for (const dup of report.duplicates) {
+          cliOutput.log(
+            `${YELLOW}⚠${RESET} Duplicate skill: "${dup.name}" found in ${dup.sources.join(" and ")}`,
+          )
+        }
+      } else {
+        cliOutput.log(`${GREEN}✓${RESET} No duplicate skills detected`)
+      }
+
+      for (const cat of report.missingCategories) {
+        cliOutput.log(`${YELLOW}⚠${RESET} Required category "${cat}" has 0 skills`)
       }
     } catch {
-      console.log(`${YELLOW}⚠${RESET} SCVD API: unreachable`)
+      cliOutput.log(`${RED}✗${RESET} Could not analyze skill health`)
     }
 
     return hasFailure ? 1 : 0

package/src/cli/commands/init.ts

@@ -1,6 +1,7 @@
 import { existsSync, mkdirSync, writeFileSync } from "node:fs"
 import { join } from "node:path"
 import type { CliCommand } from "../types"
+import { cliOutput } from "../cli-output"
 
 const GREEN = "\x1b[32m"
 const YELLOW = "\x1b[33m"
@@ -23,8 +24,7 @@ export const initCommand: CliCommand = {
     const configPath = join(configDir, "solidity-argus.json")
 
     if (existsSync(configPath)) {
-      console.error(`${YELLOW}⚠${RESET} Config already exists: ${configPath}`)
-      console.error("  Remove it first if you want to reinitialize.")
+      cliOutput.error(`${YELLOW}⚠${RESET} Config already exists: ${configPath} — remove it first if you want to reinitialize.`)
       return 1
     }
 
@@ -37,9 +37,9 @@ export const initCommand: CliCommand = {
         ? "Hardhat"
         : "unknown"
 
-    console.log(`${GREEN}✓${RESET} Created ${configPath}`)
-    console.log(`  Project type: ${projectType}`)
-    console.log("  Run 'argus doctor' to check dependencies.")
+    cliOutput.log(`${GREEN}✓${RESET} Created ${configPath}`)
+    cliOutput.log(`  Project type: ${projectType}`)
+    cliOutput.log("  Run 'argus doctor' to check dependencies.")
 
     return 0
   },

package/src/cli/commands/install.ts

@@ -2,6 +2,7 @@ import { existsSync, readFileSync, writeFileSync } from "node:fs"
 import { join } from "node:path"
 import { homedir } from "node:os"
 import type { CliCommand } from "../types"
+import { cliOutput } from "../cli-output"
 
 const GREEN = "\x1b[32m"
 const YELLOW = "\x1b[33m"
@@ -26,8 +27,7 @@ export const installCommand: CliCommand = {
     const configPath = findOpencodeConfig()
 
     if (!configPath) {
-      console.error(`${YELLOW}⚠${RESET} opencode.json not found`)
-      console.error("  Create one first, or run: opencode init")
+      cliOutput.error(`${YELLOW}⚠${RESET} opencode.json not found — create one first, or run: opencode init`)
       return 1
     }
 
@@ -37,7 +37,7 @@ export const installCommand: CliCommand = {
       const plugins: string[] = config.plugin ?? []
 
       if (plugins.includes("solidity-argus")) {
-        console.log(`${GREEN}✓${RESET} solidity-argus already registered in ${configPath}`)
+        cliOutput.log(`${GREEN}✓${RESET} solidity-argus already registered in ${configPath}`)
         return 0
       }
 
@@ -45,10 +45,10 @@ export const installCommand: CliCommand = {
       config.plugin = plugins
       writeFileSync(configPath, `${JSON.stringify(config, null, 2)}\n`)
 
-      console.log(`${GREEN}✓${RESET} Added solidity-argus to ${configPath}`)
+      cliOutput.log(`${GREEN}✓${RESET} Added solidity-argus to ${configPath}`)
       return 0
     } catch (error) {
-      console.error(`${YELLOW}⚠${RESET} Failed to update ${configPath}`)
+      cliOutput.error(`${YELLOW}⚠${RESET} Failed to update ${configPath}`)
       return 1
     }
   },

package/src/cli/commands/lint-skills.ts

@@ -0,0 +1,114 @@
+import { readFileSync, readdirSync } from "node:fs"
+import { extname, join } from "node:path"
+import type { CliCommand } from "../types"
+import { resolveSkillRoots } from "../../skills/argus-skill-resolver"
+import { parseFrontmatter, validateSkillFrontmatter } from "../../skills/skill-schema"
+import { loadArgusConfig } from "../../config/loader"
+import { cliOutput } from "../cli-output"
+
+const GREEN = "\x1b[32m"
+const RED = "\x1b[31m"
+const RESET = "\x1b[0m"
+
+function findMarkdownFiles(dir: string, maxDepth = 8): string[] {
+  const files: string[] = []
+  const stack: Array<{ path: string; depth: number }> = [{ path: dir, depth: 0 }]
+
+  while (stack.length > 0) {
+    const current = stack.pop()
+    if (!current || current.depth > maxDepth) continue
+
+    try {
+      const entries = readdirSync(current.path, { withFileTypes: true })
+      for (const entry of entries) {
+        const fullPath = join(current.path, entry.name)
+        if (entry.isDirectory()) {
+          stack.push({ path: fullPath, depth: current.depth + 1 })
+        } else if (entry.isFile() && extname(entry.name).toLowerCase() === ".md") {
+          files.push(fullPath)
+        }
+      }
+    } catch {
+      continue
+    }
+  }
+
+  return files
+}
+
+export interface LintResult {
+  valid: number
+  invalid: number
+  skipped: number
+  errors: Array<{ file: string; errors: string[] }>
+}
+
+export function lintSkillFiles(skillFiles: Array<{ path: string; content: string }>): LintResult {
+  let valid = 0
+  let invalid = 0
+  let skipped = 0
+  const errors: Array<{ file: string; errors: string[] }> = []
+
+  for (const { path, content } of skillFiles) {
+    const fm = parseFrontmatter(content)
+    if (!fm) {
+      skipped++
+      continue
+    }
+
+    const result = validateSkillFrontmatter(fm)
+    if (result.success) {
+      valid++
+    } else {
+      invalid++
+      errors.push({ file: path, errors: result.errors })
+    }
+  }
+
+  return { valid, invalid, skipped, errors }
+}
+
+export const lintSkillsCommand: CliCommand = {
+  name: "lint-skills",
+  description: "Validate all SKILL.md files against schema",
+  async execute(): Promise<number> {
+    const cwd = process.cwd()
+    let config: ReturnType<typeof loadArgusConfig> | undefined
+    try {
+      config = loadArgusConfig(cwd)
+    } catch {
+      // fallback to undefined, resolveSkillRoots handles this
+    }
+
+    const roots = resolveSkillRoots(cwd, config)
+    const skillFiles: Array<{ path: string; content: string }> = []
+
+    for (const root of roots) {
+      const files = findMarkdownFiles(root.path)
+      for (const file of files) {
+        try {
+          skillFiles.push({ path: file, content: readFileSync(file, "utf8") })
+        } catch {
+          // continue on read errors
+        }
+      }
+    }
+
+    const result = lintSkillFiles(skillFiles)
+
+    cliOutput.log(`Skill Lint: ${result.valid} valid, ${result.invalid} invalid, ${result.skipped} skipped (no frontmatter)`)
+
+    if (result.errors.length > 0) {
+      for (const { file, errors } of result.errors) {
+        cliOutput.log(`\n${RED}✗${RESET} ${file}`)
+        for (const err of errors) {
+          cliOutput.log(`  - ${err}`)
+        }
+      }
+    } else if (result.valid > 0) {
+      cliOutput.log(`${GREEN}✓${RESET} All skills pass schema validation`)
+    }
+
+    return result.invalid > 0 ? 1 : 0
+  },
+}

package/src/cli/tui-prompts.ts

@@ -1,3 +1,5 @@
+import { cliOutput } from "./cli-output"
+
 const NON_INTERACTIVE =
   !process.stdin.isTTY || process.env.CI === "true" || process.env.ARGUS_NON_INTERACTIVE === "true"
 
@@ -29,10 +31,10 @@ export async function select(
 ): Promise<string> {
   if (NON_INTERACTIVE) return options[defaultIndex] ?? options[0] ?? ""
 
-  console.log(message)
+  cliOutput.log(message)
   for (let i = 0; i < options.length; i++) {
     const marker = i === defaultIndex ? ">" : " "
-    console.log(`  ${marker} ${i + 1}. ${options[i]}`)
+    cliOutput.log(`  ${marker} ${i + 1}. ${options[i]}`)
   }
 
   return new Promise((resolve) => {

package/src/config/schema.ts

@@ -23,6 +23,7 @@ const KnowledgeConfigSchema = z.object({
   }),
   autoSync: z.boolean().default(true),
   customSkillsDir: z.string().optional(),
+  skillPrecedence: z.enum(["bundled-first", "custom-first"]).default("bundled-first"),
 })
 
 const ReportingConfigSchema = z.object({
@@ -63,6 +64,7 @@ export const ArgusConfigSchema = z.object({
       apiUrl: "https://api.scvd.dev",
     },
     autoSync: true,
+    skillPrecedence: "bundled-first",
   }),
   reporting: ReportingConfigSchema.default({
     format: "markdown",