thumbgate 0.9.10

package/scripts/social-quality-gate.js

@@ -0,0 +1,18 @@
+#!/usr/bin/env node
+'use strict';
+const BOT_SLOP_PATTERNS = [
+  { id: 'emoji_spam', pattern: /(?:🚀|💡|🔥|⚡|🎯|💪|🙌|👀){3,}/g, reason: 'Excessive emoji spam' },
+  { id: 'generic_opener', pattern: /^(?:Just|Excited to|Thrilled to|Happy to|Proud to) (?:\w+ )*?(?:launch|ship|release|publish|built|creat|announc)/i, reason: 'Generic shipped opener' },
+  { id: 'hashtag_spam', pattern: /#[A-Za-z]+(?:\s+#[A-Za-z]+){5,}/g, reason: 'Too many hashtags' },
+  { id: 'engagement_bait', pattern: /(?:Like if you agree|Retweet if|Share this|Follow for more|Drop a .* in the comments|Who else)/i, reason: 'Engagement bait' },
+  { id: 'thread_bait', pattern: /^(?:Thread|🧵|A thread on|Here are \d+ (?:ways|tips|tricks|things|reasons))/i, reason: 'Thread bait opener' },
+  { id: 'ai_generated_tell', pattern: /(?:In today's rapidly evolving|In this comprehensive|Without further ado|It's worth noting that|At the end of the day)/i, reason: 'AI-generated phrasing' },
+  { id: 'fake_urgency', pattern: /(?:Don't miss out|Act now|Limited time|Last chance|You won't believe)/i, reason: 'Fake urgency' },
+  { id: 'self_congratulation', pattern: /(?:We're proud to|I'm honored to|Humbled to|Grateful to announce)/i, reason: 'Self-congratulatory opener' },
+  { id: 'empty_hype', pattern: /(?:game.?changer|revolutionary|disruptive|next.?gen|cutting.?edge|world.?class|best.?in.?class)/i, reason: 'Empty hype words' },
+];
+const MIN_POST_LENGTH = 30;
+const MAX_POST_LENGTH = 2000;
+function scanForSlop(postText) { const text = String(postText || ''); const findings = []; if (text.length < MIN_POST_LENGTH) findings.push({ id: 'too_short', reason: 'Too short' }); if (text.length > MAX_POST_LENGTH) findings.push({ id: 'too_long', reason: 'Too long' }); for (const p of BOT_SLOP_PATTERNS) { p.pattern.lastIndex = 0; if (p.pattern.test(text)) findings.push({ id: p.id, reason: p.reason }); } const words = text.split(/\s+/).filter(w => w.length > 3); const capsWords = words.filter(w => w === w.toUpperCase() && /[A-Z]/.test(w)); if (words.length > 5 && capsWords.length / words.length > 0.3) findings.push({ id: 'caps_shouting', reason: 'Too many ALL CAPS' }); return { allowed: findings.length === 0, findings, findingCount: findings.length, postLength: text.length }; }
+function gatePost(postText) { const scan = scanForSlop(postText); if (!scan.allowed) { console.error('[social-quality-gate] BLOCKED:'); for (const f of scan.findings) console.error('  -', f.id, f.reason); } return scan; }
+module.exports = { scanForSlop, gatePost, BOT_SLOP_PATTERNS, MIN_POST_LENGTH, MAX_POST_LENGTH };

package/scripts/social-reply-monitor.js

@@ -0,0 +1,445 @@
+'use strict';
+
+/**
+ * social-reply-monitor.js
+ * Monitors Reddit, X.com, and LinkedIn for replies to our posts,
+ * then generates and posts contextual responses.
+ *
+ * Usage:
+ *   node scripts/social-reply-monitor.js                    # Check all platforms
+ *   node scripts/social-reply-monitor.js --platform=reddit  # Check one platform
+ *   node scripts/social-reply-monitor.js --dry-run          # Preview replies without posting
+ *
+ * Env vars: see individual publisher modules.
+ * Reply generation uses smart templates (zero cost, no external API).
+ *
+ * State file: .thumbgate/reply-monitor-state.json — tracks which replies we've already responded to.
+ */
+
+require('dotenv').config();
+const fs = require('fs');
+const path = require('path');
+
+const STATE_FILE = path.resolve(__dirname, '..', '.thumbgate', 'reply-monitor-state.json');
+const REDDIT_API_BASE = 'https://oauth.reddit.com';
+
+// ---------------------------------------------------------------------------
+// State management
+// ---------------------------------------------------------------------------
+
+function loadState() {
+  try {
+    if (fs.existsSync(STATE_FILE)) {
+      return JSON.parse(fs.readFileSync(STATE_FILE, 'utf8'));
+    }
+  } catch { /* ignore */ }
+  return { repliedTo: {}, lastCheck: {} };
+}
+
+function saveState(state) {
+  const dir = path.dirname(STATE_FILE);
+  if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+  fs.writeFileSync(STATE_FILE, JSON.stringify(state, null, 2));
+}
+
+// ---------------------------------------------------------------------------
+// Reply generation (uses Gemini API for cost-effective generation)
+// ---------------------------------------------------------------------------
+
+// ---------------------------------------------------------------------------
+// Draft file for human review (Reddit replies are NEVER auto-posted)
+// ---------------------------------------------------------------------------
+
+const DRAFT_FILE = path.resolve(__dirname, '..', '.thumbgate', 'reply-drafts.jsonl');
+
+function saveDraft(draft) {
+  const dir = path.dirname(DRAFT_FILE);
+  if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+  fs.appendFileSync(DRAFT_FILE, JSON.stringify(draft) + '\n');
+}
+
+// ---------------------------------------------------------------------------
+// Bot/hostile detection — skip comments that are calling us out
+// ---------------------------------------------------------------------------
+
+function isHostileOrMeta(comment) {
+  const lc = (comment || '').toLowerCase();
+  const hostile = [
+    'bot', 'spam', 'shill', 'promotional', 'reported',
+    'same answer', 'word for word', 'copy paste', 'running amok',
+    'smell these', 'not what i asked', 'didn\'t ask',
+    'auto-generated', 'ai generated', 'chatgpt', 'template',
+  ];
+  return hostile.some(phrase => lc.includes(phrase));
+}
+
+// ---------------------------------------------------------------------------
+// Reply generation — context-aware, NOT canned templates
+// ---------------------------------------------------------------------------
+
+/**
+ * Generate a contextual reply by actually reading the comment.
+ * Returns null if we should NOT reply (hostile, off-topic, or duplicate risk).
+ */
+async function generateReply(comment, context) {
+  const lc = (comment || '').toLowerCase();
+
+  // NEVER reply to hostile/meta comments calling out bots
+  if (isHostileOrMeta(comment)) {
+    console.log('[reply-monitor] Skipping hostile/meta comment — do not engage');
+    return null;
+  }
+
+  // NEVER reply to our own comments
+  if (context.author === 'eazyigz123' || context.author === 'IgorGanapolsky') {
+    return null;
+  }
+
+  // NEVER reply with generic fluff — build reply from what they ACTUALLY said
+  const isQuestion = context.isQuestion || /\?/.test(comment);
+  const REPO = 'https://github.com/IgorGanapolsky/ThumbGate';
+
+  // Extract the specific topic they're asking about
+  const mentionsSetup = /install|setup|config|init|npx|how.+start/i.test(lc);
+  const mentionsHow = /how does|how do|explain|what is|can you describe/i.test(lc);
+  const mentionsGates = /gate|block|prevent|hook|intercept|firewall/i.test(lc);
+  const mentionsMemory = /memory|context|session|forget|amnesia|remember/i.test(lc);
+  const mentionsCursor = /cursor|windsurf|copilot|cline/i.test(lc);
+  const mentionsScaling = /scale|team|multi.?repo|collaborate|share/i.test(lc);
+  const mentionsSkeptical = /why not|already exist|what.+different|vs |compared to/i.test(lc);
+  const mentionsThanks = /thanks|thank you|cool|nice|interesting|awesome/i.test(lc);
+
+  // Build response that addresses THEIR specific point
+  if (mentionsSetup && isQuestion) {
+    return `\`npx thumbgate init\` auto-detects your agent and wires the hooks. Takes about 30 seconds. What agent are you using?`;
+  }
+  if (mentionsSkeptical) {
+    return `Fair question. The difference from rules files or memory tools: this physically blocks the action before execution, not after. The agent can't ignore a gate the way it can ignore a system prompt. Whether that tradeoff is worth it depends on how often your agent repeats mistakes.`;
+  }
+  if (mentionsHow && mentionsGates) {
+    return `PreToolUse hooks intercept the tool call before it runs. Each call is checked against prevention rules promoted from past failures. If it matches, the action is blocked — the agent has to try a different approach. The rules adapt over time via Thompson Sampling so false positives decrease.`;
+  }
+  if (mentionsScaling) {
+    return `For teams, the Pro tier syncs prevention rules across machines so everyone benefits from lessons learned on any repo. But the free local version covers solo dev workflows completely.`;
+  }
+  if (mentionsMemory && isQuestion) {
+    return `The key difference from memory tools: memory helps agents remember, but they can still ignore what they remember. Gates enforce — if there's a rule against force-pushing, the agent physically can't do it. It's enforcement, not suggestion.`;
+  }
+  if (mentionsCursor && isQuestion) {
+    return `Works with Cursor via MCP. The hooks are agent-agnostic — same prevention rules apply whether you're using Cursor, Claude Code, or Codex. What specific failure patterns are you hitting?`;
+  }
+  if (mentionsThanks && !isQuestion) {
+    // Don't reply to simple "thanks" — it looks desperate
+    return null;
+  }
+  if (isQuestion) {
+    // They asked something specific we didn't match — better to draft for human review
+    return null;
+  }
+  // Not a question, not hostile, not thanks — probably a statement. Don't reply.
+  return null;
+}
+
+// ---------------------------------------------------------------------------
+// Reddit: fetch replies and respond
+// ---------------------------------------------------------------------------
+
+async function getRedditToken() {
+  const { REDDIT_CLIENT_ID, REDDIT_CLIENT_SECRET, REDDIT_USERNAME, REDDIT_PASSWORD } = process.env;
+  if (!REDDIT_CLIENT_ID || !REDDIT_CLIENT_SECRET || !REDDIT_USERNAME || !REDDIT_PASSWORD) {
+    throw new Error('Missing Reddit credentials (REDDIT_CLIENT_ID, REDDIT_CLIENT_SECRET, REDDIT_USERNAME, REDDIT_PASSWORD)');
+  }
+
+  const credentials = Buffer.from(`${REDDIT_CLIENT_ID}:${REDDIT_CLIENT_SECRET}`).toString('base64');
+  const res = await fetch('https://www.reddit.com/api/v1/access_token', {
+    method: 'POST',
+    headers: {
+      Authorization: `Basic ${credentials}`,
+      'Content-Type': 'application/x-www-form-urlencoded',
+      'User-Agent': `thumbgate/1.0 by ${REDDIT_USERNAME}`,
+    },
+    body: new URLSearchParams({ grant_type: 'password', username: REDDIT_USERNAME, password: REDDIT_PASSWORD }).toString(),
+  });
+
+  const json = await res.json();
+  if (json.error) throw new Error(`Reddit auth: ${json.error}`);
+  return json.access_token;
+}
+
+async function checkRedditReplies(state, dryRun) {
+  console.log('[reply-monitor] Checking Reddit inbox...');
+
+  let token;
+  try {
+    token = await getRedditToken();
+  } catch (err) {
+    console.warn(`[reply-monitor] Reddit auth failed: ${err.message}`);
+    return [];
+  }
+
+  const userAgent = `thumbgate/1.0 by ${process.env.REDDIT_USERNAME}`;
+
+  // Fetch inbox (comment replies)
+  const res = await fetch(`${REDDIT_API_BASE}/message/inbox?limit=25`, {
+    headers: {
+      Authorization: `Bearer ${token}`,
+      'User-Agent': userAgent,
+    },
+  });
+
+  if (!res.ok) {
+    console.warn(`[reply-monitor] Reddit inbox fetch failed: ${res.status}`);
+    return [];
+  }
+
+  const data = await res.json();
+  const replies = (data.data?.children || []).filter(
+    (c) => c.kind === 't1' && c.data.type === 'comment_reply'
+  );
+
+  const results = [];
+  for (const reply of replies) {
+    const commentId = reply.data.name;
+    if (state.repliedTo[commentId]) continue; // Already replied
+
+    const commentBody = reply.data.body || '';
+    const postTitle = reply.data.link_title || '';
+
+    console.log(`[reply-monitor] New Reddit reply from u/${reply.data.author}: "${commentBody.slice(0, 80)}..."`);
+
+    const isQuestion = /\?/.test(commentBody);
+    const generatedReply = await generateReply(commentBody, {
+      platform: 'reddit',
+      postTitle,
+      isQuestion,
+    });
+
+    if (!generatedReply) {
+      console.warn(`[reply-monitor] Could not generate reply for ${commentId}`);
+      continue;
+    }
+
+    console.log(`[reply-monitor] Generated reply: "${generatedReply.slice(0, 100)}..."`);
+
+    // Reddit is ALWAYS draft-only — never auto-post.
+    // Bot detection on Reddit is aggressive; human must review and post manually.
+    const draft = {
+      platform: 'reddit',
+      commentId,
+      author: reply.data.author,
+      subreddit: reply.data.subreddit,
+      theirComment: commentBody.slice(0, 500),
+      suggestedReply: generatedReply,
+      postTitle,
+      draftedAt: new Date().toISOString(),
+      status: 'pending_review',
+    };
+    saveDraft(draft);
+    state.repliedTo[commentId] = { at: new Date().toISOString(), platform: 'reddit', drafted: true };
+    results.push({ commentId, reply: generatedReply, posted: false, drafted: true });
+    console.log(`[reply-monitor] 📝 DRAFTED reply for ${commentId} (saved to .thumbgate/reply-drafts.jsonl — post manually)`);
+
+  }
+
+  state.lastCheck.reddit = new Date().toISOString();
+  return results;
+}
+
+// ---------------------------------------------------------------------------
+// X/Twitter: fetch mentions and respond
+// ---------------------------------------------------------------------------
+
+async function checkXReplies(state, dryRun) {
+  console.log('[reply-monitor] Checking X/Twitter mentions...');
+
+  const { X_API_KEY, X_API_SECRET, X_ACCESS_TOKEN, X_ACCESS_TOKEN_SECRET } = process.env;
+  if (!X_API_KEY || !X_ACCESS_TOKEN) {
+    console.warn('[reply-monitor] X credentials not configured, skipping');
+    return [];
+  }
+
+  // Use the post-to-x module for OAuth signing
+  let xModule;
+  try {
+    xModule = require('./post-to-x.js');
+  } catch {
+    console.warn('[reply-monitor] Could not load post-to-x.js, skipping X');
+    return [];
+  }
+
+  // Search for recent mentions
+  let mentions;
+  try {
+    mentions = await xModule.searchTweets('thumbgate OR ThumbGate OR "pre-action gates"');
+  } catch (err) {
+    console.warn(`[reply-monitor] X search failed: ${err.message}`);
+    return [];
+  }
+
+  // searchTweets returns the array directly, not {data: [...]}
+  const mentionsList = Array.isArray(mentions) ? mentions : mentions?.data;
+  if (!mentionsList || mentionsList.length === 0) {
+    console.log('[reply-monitor] No X mentions found');
+    return [];
+  }
+
+  const results = [];
+  const repliesSentThisRun = new Set(); // Track reply text to prevent duplicates
+
+  // Our own user ID — skip our own tweets
+  const OWN_USER_ID = process.env.X_USER_ID || '1733256637199073280';
+
+  for (const tweet of mentionsList) {
+    const tweetId = tweet.id;
+    if (state.repliedTo[`x_${tweetId}`]) continue;
+
+    // Skip our own tweets
+    if (tweet.author_id === OWN_USER_ID) {
+      state.repliedTo[`x_${tweetId}`] = { at: new Date().toISOString(), platform: 'x', skipped: 'own_tweet' };
+      continue;
+    }
+
+    console.log(`[reply-monitor] New X mention: "${tweet.text.slice(0, 80)}..."`);
+
+    const isQuestion = /\?/.test(tweet.text);
+    const generatedReply = await generateReply(tweet.text, {
+      platform: 'x',
+      isQuestion,
+      author: tweet.author_id,
+    });
+
+    if (!generatedReply) {
+      // Mark as seen so we don't re-process, but don't reply
+      state.repliedTo[`x_${tweetId}`] = { at: new Date().toISOString(), platform: 'x', skipped: 'no_reply_generated' };
+      continue;
+    }
+
+    // Truncate to 280 chars for Twitter
+    const truncated = generatedReply.slice(0, 275) + (generatedReply.length > 275 ? '...' : '');
+
+    // DUPLICATE CHECK: don't post the same text twice in one run
+    if (repliesSentThisRun.has(truncated)) {
+      console.log(`[reply-monitor] Skipping duplicate reply for tweet ${tweetId}`);
+      state.repliedTo[`x_${tweetId}`] = { at: new Date().toISOString(), platform: 'x', skipped: 'duplicate' };
+      continue;
+    }
+
+    console.log(`[reply-monitor] Generated X reply: "${truncated.slice(0, 100)}..."`);
+
+    if (dryRun) {
+      results.push({ tweetId, reply: truncated, posted: false });
+      repliesSentThisRun.add(truncated);
+      continue;
+    }
+
+    try {
+      await xModule.postTweet(truncated, tweetId);
+      state.repliedTo[`x_${tweetId}`] = { at: new Date().toISOString(), platform: 'x' };
+      results.push({ tweetId, reply: truncated, posted: true });
+      repliesSentThisRun.add(truncated);
+      console.log(`[reply-monitor] Replied to tweet ${tweetId}`);
+    } catch (err) {
+      console.warn(`[reply-monitor] Failed to reply to tweet ${tweetId}: ${err.message}`);
+      // Still mark as seen to avoid retry spam
+      state.repliedTo[`x_${tweetId}`] = { at: new Date().toISOString(), platform: 'x', skipped: 'post_failed' };
+    }
+  }
+
+  state.lastCheck.x = new Date().toISOString();
+  return results;
+}
+
+// ---------------------------------------------------------------------------
+// LinkedIn: check for comments on our posts
+// ---------------------------------------------------------------------------
+
+async function checkLinkedInReplies(state, dryRun) {
+  console.log('[reply-monitor] Checking LinkedIn comments...');
+
+  const { LINKEDIN_ACCESS_TOKEN, LINKEDIN_PERSON_URN } = process.env;
+  if (!LINKEDIN_ACCESS_TOKEN || !LINKEDIN_PERSON_URN) {
+    console.warn('[reply-monitor] LinkedIn credentials not configured, skipping');
+    return [];
+  }
+
+  // LinkedIn's comment API is restrictive — log a note for now
+  console.log('[reply-monitor] LinkedIn comment monitoring requires Community Management API approval.');
+  console.log('[reply-monitor] Once approved, this will auto-fetch and reply to comments on our posts.');
+
+  state.lastCheck.linkedin = new Date().toISOString();
+  return [];
+}
+
+// ---------------------------------------------------------------------------
+// Main
+// ---------------------------------------------------------------------------
+
+async function monitor({ platforms, dryRun } = {}) {
+  const state = loadState();
+  const allPlatforms = platforms || ['reddit', 'x', 'linkedin'];
+  const allResults = {};
+
+  for (const platform of allPlatforms) {
+    try {
+      if (platform === 'reddit') allResults.reddit = await checkRedditReplies(state, dryRun);
+      else if (platform === 'x') allResults.x = await checkXReplies(state, dryRun);
+      else if (platform === 'linkedin') allResults.linkedin = await checkLinkedInReplies(state, dryRun);
+    } catch (err) {
+      console.error(`[reply-monitor] ${platform} error: ${err.message}`);
+      allResults[platform] = { error: err.message };
+    }
+  }
+
+  saveState(state);
+
+  const totalReplies = Object.values(allResults)
+    .flat()
+    .filter((r) => r && !r.error && r.posted).length;
+  console.log(`\n[reply-monitor] Done. ${totalReplies} replies posted.`);
+
+  return allResults;
+}
+
+module.exports = { monitor, generateReply };
+
+// ---------------------------------------------------------------------------
+// CLI
+// ---------------------------------------------------------------------------
+if (require.main === module) {
+  const args = process.argv.slice(2);
+  const dryRun = args.includes('--dry-run');
+
+  function getArg(flag) {
+    const prefix = `${flag}=`;
+    const entry = args.find((a) => a.startsWith(prefix));
+    return entry ? entry.slice(prefix.length) : null;
+  }
+
+  const platformArg = getArg('--platform');
+  const platforms = platformArg ? [platformArg] : null;
+
+  // Load .env
+  const envPath = path.resolve(__dirname, '..', '.env');
+  if (fs.existsSync(envPath)) {
+    const envContent = fs.readFileSync(envPath, 'utf8');
+    for (const line of envContent.split('\n')) {
+      const trimmed = line.trim();
+      if (!trimmed || trimmed.startsWith('#')) continue;
+      const eqIdx = trimmed.indexOf('=');
+      if (eqIdx > 0) {
+        const key = trimmed.slice(0, eqIdx);
+        const value = trimmed.slice(eqIdx + 1);
+        if (!process.env[key]) process.env[key] = value;
+      }
+    }
+  }
+
+  monitor({ platforms, dryRun })
+    .then((results) => {
+      console.log('\n[reply-monitor] Summary:', JSON.stringify(results, null, 2));
+    })
+    .catch((err) => {
+      console.error('[reply-monitor] Fatal:', err.message);
+      process.exit(1);
+    });
+}

package/scripts/status-dashboard.js

@@ -0,0 +1,155 @@
+#!/usr/bin/env node
+/**
+ * Status Dashboard
+ *
+ * CLI dashboard that reads feedback data and outputs a learning curve summary.
+ *
+ * Usage:
+ *   node scripts/status-dashboard.js
+ *
+ * Exports:
+ *   generateStatus(feedbackDir) — returns status object with approval rates,
+ *   trends, failure domains, memory count, prevention rule count, and learning curve.
+ */
+
+const fs = require('fs');
+const path = require('path');
+const { getFeedbackPaths, readJSONL } = require('./feedback-loop');
+
+function generateStatus(feedbackDir) {
+  const feedbackLogPath = path.join(feedbackDir, 'feedback-log.jsonl');
+  const memoryLogPath = path.join(feedbackDir, 'memory-log.jsonl');
+  const preventionRulesPath = path.join(feedbackDir, 'prevention-rules.md');
+
+  const entries = readJSONL(feedbackLogPath);
+  const totalSignals = entries.length;
+  const positive = entries.filter((e) => e.signal === 'positive').length;
+  const negative = entries.filter((e) => e.signal === 'negative').length;
+  const approvalRate = totalSignals > 0 ? Math.round((positive / totalSignals) * 100) : 0;
+
+  // Recent approval rate (last 20)
+  const recentWindow = 20;
+  const recent = entries.slice(-recentWindow);
+  const recentPositive = recent.filter((e) => e.signal === 'positive').length;
+  const recentApprovalRate = recent.length > 0 ? Math.round((recentPositive / recent.length) * 100) : 0;
+
+  // Trend
+  let trend = 'stable';
+  if (totalSignals >= recentWindow) {
+    const diff = recentApprovalRate - approvalRate;
+    if (diff > 5) trend = 'improving';
+    else if (diff < -5) trend = 'declining';
+  }
+
+  // Top failure domains
+  const domainCounts = {};
+  entries
+    .filter((e) => e.signal === 'negative')
+    .forEach((e) => {
+      const domain = (e.richContext && e.richContext.domain) || inferDomainFromTags(e.tags);
+      domainCounts[domain] = (domainCounts[domain] || 0) + 1;
+    });
+  const topFailureDomains = Object.entries(domainCounts)
+    .map(([domain, count]) => ({ domain, count }))
+    .sort((a, b) => b.count - a.count);
+
+  // Memory count
+  const memoryEntries = readJSONL(memoryLogPath);
+  const memoryCount = memoryEntries.length;
+
+  // Prevention rule count
+  let preventionRuleCount = 0;
+  if (fs.existsSync(preventionRulesPath)) {
+    const rulesContent = fs.readFileSync(preventionRulesPath, 'utf-8');
+    const ruleHeaders = rulesContent.match(/^## /gm);
+    preventionRuleCount = ruleHeaders ? ruleHeaders.length : 0;
+  }
+
+  // Learning curve — sliding windows of 10
+  const learningCurve = [];
+  const windowSize = 10;
+  for (let i = 0; i + windowSize <= entries.length; i++) {
+    const window = entries.slice(i, i + windowSize);
+    const windowPositive = window.filter((e) => e.signal === 'positive').length;
+    const windowRate = Math.round((windowPositive / windowSize) * 100);
+    learningCurve.push({ window: i, approvalRate: windowRate });
+  }
+
+  return {
+    totalSignals,
+    positive,
+    negative,
+    approvalRate,
+    recentApprovalRate,
+    trend,
+    topFailureDomains,
+    memoryCount,
+    preventionRuleCount,
+    learningCurve,
+  };
+}
+
+function inferDomainFromTags(tags) {
+  if (!Array.isArray(tags) || tags.length === 0) return 'general';
+  const tagSet = new Set(tags.map((t) => t.toLowerCase()));
+  if (tagSet.has('testing') || tagSet.has('test')) return 'testing';
+  if (tagSet.has('security')) return 'security';
+  if (tagSet.has('performance') || tagSet.has('perf')) return 'performance';
+  if (tagSet.has('ui') || tagSet.has('component')) return 'ui-components';
+  if (tagSet.has('api') || tagSet.has('endpoint')) return 'api-integration';
+  if (tagSet.has('git') || tagSet.has('commit')) return 'git-workflow';
+  if (tagSet.has('doc') || tagSet.has('readme')) return 'documentation';
+  if (tagSet.has('debug') || tagSet.has('debugging')) return 'debugging';
+  if (tagSet.has('arch') || tagSet.has('architecture')) return 'architecture';
+  if (tagSet.has('data') || tagSet.has('schema')) return 'data-modeling';
+  return 'general';
+}
+
+function printDashboard(status) {
+  console.log('╔══════════════════════════════════════════╗');
+  console.log('║      Feedback Tracking Dashboard          ║');
+  console.log('╠══════════════════════════════════════════╣');
+  console.log(`║  Total Signals:     ${String(status.totalSignals).padStart(6)}              ║`);
+  console.log(`║  Positive:          ${String(status.positive).padStart(6)}              ║`);
+  console.log(`║  Negative:          ${String(status.negative).padStart(6)}              ║`);
+  console.log(`║  Approval Rate:     ${String(status.approvalRate + '%').padStart(6)}              ║`);
+  console.log(`║  Recent (last 20):  ${String(status.recentApprovalRate + '%').padStart(6)}              ║`);
+  console.log(`║  Trend:             ${status.trend.padStart(6)}              ║`);
+  console.log(`║  Memories:          ${String(status.memoryCount).padStart(6)}              ║`);
+  console.log(`║  Prevention Rules:  ${String(status.preventionRuleCount).padStart(6)}              ║`);
+  console.log('╠══════════════════════════════════════════╣');
+
+  if (status.topFailureDomains.length > 0) {
+    console.log('║  Top Failure Domains:                    ║');
+    status.topFailureDomains.slice(0, 5).forEach((d) => {
+      const line = `    ${d.domain}: ${d.count}`;
+      console.log(`║  ${line.padEnd(38)}║`);
+    });
+  } else {
+    console.log('║  No failure domains recorded             ║');
+  }
+
+  console.log('╠══════════════════════════════════════════╣');
+  console.log('║  Feedback Trend:                         ║');
+  if (status.learningCurve.length > 0) {
+    const step = Math.max(1, Math.floor(status.learningCurve.length / 5));
+    for (let i = 0; i < status.learningCurve.length; i += step) {
+      const point = status.learningCurve[i];
+      const bar = '█'.repeat(Math.floor(point.approvalRate / 5));
+      const line = `    w${String(point.window).padStart(3)}: ${bar} ${point.approvalRate}%`;
+      console.log(`║  ${line.padEnd(38)}║`);
+    }
+  } else {
+    console.log('║  Not enough data for feedback trend      ║');
+  }
+
+  console.log('╚══════════════════════════════════════════╝');
+}
+
+if (require.main === module) {
+  const { FEEDBACK_DIR } = getFeedbackPaths();
+  const status = generateStatus(FEEDBACK_DIR);
+  printDashboard(status);
+}
+
+module.exports = { generateStatus, printDashboard };

package/scripts/statusline-lesson.js

@@ -0,0 +1,16 @@
+#!/usr/bin/env node
+'use strict';
+
+/**
+ * Statusline helper for most recent lesson.
+ * Called by statusline.sh — outputs JSON for the shell to consume.
+ */
+
+const { getStatusbarLessonData } = require('./lesson-inference');
+
+try {
+  const data = getStatusbarLessonData();
+  process.stdout.write(JSON.stringify(data));
+} catch (e) {
+  process.stdout.write(JSON.stringify({ hasLesson: false, text: null, lessonId: null, error: e.message }));
+}

package/scripts/statusline-tower.js

@@ -0,0 +1,8 @@
+#!/usr/bin/env node
+'use strict';
+const { computeToolKpis, getAtRiskTools } = require('./tool-kpi-tracker');
+const { checkSloViolations } = require('./slo-alert-engine');
+const { computeAccessStats, detectAnomalies } = require('./access-anomaly-detector');
+function getStatuslineTowerData({ periodHours = 24 } = {}) { const kpis = computeToolKpis({ periodHours }); const sloCheck = checkSloViolations({ periodHours }); const accessStats = computeAccessStats({ periodHours }); const anomalyCheck = detectAnomalies({ baselineHours: 168, recentHours: periodHours }); return { totalToolCalls: kpis.totalCalls, serverCount: kpis.servers.length, atRiskToolCount: getAtRiskTools({ periodHours }).length, sloViolations: sloCheck.violationCount, worstTool: sloCheck.violations.length > 0 ? sloCheck.violations[0].toolName : null, accessTotal: accessStats.total, accessFailed: accessStats.failed, accessFailRate: accessStats.failRate, anomalyCount: anomalyCheck.anomalies.length, hasAnomalies: anomalyCheck.hasAnomalies }; }
+if (require.main === module) { try { process.stdout.write(JSON.stringify(getStatuslineTowerData())); } catch (e) { process.stdout.write(JSON.stringify({ error: e.message })); } }
+module.exports = { getStatuslineTowerData };