npm - triage-ai - Versions diffs - 1.6.0 → 1.6.1 - Mend

triage-ai 1.6.0 → 1.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +68 -8
package/SKILL.md +89 -0
package/examples/agents-md-example.md +27 -0
package/examples/gemini-md-example.md +27 -0
package/package.json +8 -3

package/README.md CHANGED Viewed

@@ -1,8 +1,8 @@
 # triage-ai
-**Multi-model AI code review. Run Claude Code, Gemini CLI and OpenAI Codex in parallel — each independently explores your codebase, then triage merges their findings into one prioritized report.**
+**Collaborative AI triage for code, plans and architecture — Claude, Gemini and Codex independently explore your codebase, then merge findings with consensus scoring into one prioritized report. Use it for security audits, bug hunts, plan reviews, second opinions on AI-generated code, and more. Available as a Claude Code skill or MCP server for any AI editor.**
-![Node.js 18+](https://img.shields.io/badge/node-18+-green.svg) ![npm](https://img.shields.io/npm/v/triage-ai.svg) ![MIT License](https://img.shields.io/badge/license-MIT-green.svg) ![Claude | Gemini | Codex](https://img.shields.io/badge/models-Claude%20%7C%20Gemini%20%7C%20Codex-purple.svg) ![MCP Compatible](https://img.shields.io/badge/MCP-compatible-orange.svg)
+![Node.js 18+](https://img.shields.io/badge/node-18+-green.svg) ![npm](https://img.shields.io/npm/v/triage-ai.svg) ![MIT License](https://img.shields.io/badge/license-MIT-green.svg) ![Claude | Gemini | Codex](https://img.shields.io/badge/models-Claude%20%7C%20Gemini%20%7C%20Codex-purple.svg) ![MCP Compatible](https://img.shields.io/badge/MCP-compatible-orange.svg) ![Claude Code Skill](https://img.shields.io/badge/Claude%20Code-skill-blue.svg)
 ---
@@ -216,9 +216,29 @@ triage-ai ready [models]         # smoke test all or specific models
 | **S2** | Medium | N+1 queries, missing validation |
 | **S3** | Low | Naming conventions, dead code |
-## MCP Server
+## AI Editor Integration
-Add to your editor's MCP configuration:
+triage-ai works in any AI editor — as a **Claude Code skill** (auto-discovered, richest experience) or as an **MCP server** (universal, works everywhere).
+### Claude Code (Skill — recommended)
+triage-ai ships with a `SKILL.md` that Claude Code discovers automatically after install. Claude will know when and how to run triage without any configuration.
+```bash
+npm install -g triage-ai
+# That's it — ask Claude to "run a triage" or "find security issues"
+```
+You can also use the `/triage` slash command:
+```bash
+cp examples/claude-code-skill.md ~/.claude/commands/triage.md
+# Then: /triage "find security vulnerabilities"
+```
+### Claude Code (MCP)
+Alternatively, add triage as an MCP server in `~/.claude/settings.json`:
 ```json
 {
@@ -231,15 +251,55 @@ Add to your editor's MCP configuration:
 }
 ```
-Works with Claude Desktop, Claude Code, Cursor, Windsurf, Cline, VS Code (Copilot), Zed, and Continue.
+### Gemini CLI
+Add to `~/.gemini/settings.json`:
-### Claude Code Slash Command
+```json
+{
+  "mcpServers": {
+    "triage": {
+      "command": "triage-ai",
+      "args": ["--mcp"]
+    }
+  }
+}
+```
+For project-level context, copy the example memory file:
 ```bash
-cp examples/claude-code-skill.md ~/.claude/commands/triage.md
+cp examples/gemini-md-example.md your-project/GEMINI.md
+```
+### OpenAI Codex
+Add to your Codex MCP configuration, or run directly:
+```bash
+codex "run triage-ai to find bugs"
+```
+For project-level context, copy the example memory file:
+```bash
+cp examples/agents-md-example.md your-project/AGENTS.md
 ```
-Then use `/triage "find security issues"` in Claude Code.
+### Cursor / Windsurf / Cline / VS Code (Copilot) / Zed / Continue
+Add to your editor's MCP configuration:
+```json
+{
+  "mcpServers": {
+    "triage": {
+      "command": "triage-ai",
+      "args": ["--mcp"]
+    }
+  }
+}
+```
 ## Configuration

package/SKILL.md ADDED Viewed

@@ -0,0 +1,89 @@
+---
+name: triage
+description: Triage — Collaborative AI analysis with Claude, Gemini and Codex for code review, plan review, security audits, architecture review and bug hunts. Each model independently explores the codebase, then findings are merged with consensus scoring. Use this skill when the user asks to "triage", "run triage", "code review", "security audit", "find bugs", "review this plan", "second opinion", "check for vulnerabilities", "review my changes", "architecture review", "audit", mentions "triage-ai", or wants collaborative multi-model analysis of their code, plans or architecture.
+version: 1.6.1
+---
+# Triage — Collaborative AI analysis with Claude, Gemini and Codex
+Run `triage-ai` to launch Claude Code, Gemini CLI and OpenAI Codex as a collaborative review team. Each model independently explores the codebase, then findings are merged with consensus scoring into one prioritized report. Works for code review, plan review, security audits, architecture analysis, bug hunts, and getting second opinions on AI-generated code. When multiple models independently flag the same issue, confidence is high.
+## Prerequisites
+triage-ai must be installed globally:
+```bash
+npm install -g triage-ai
+```
+At least one AI CLI must be installed and authenticated:
+- **Claude Code**: `npm install -g @anthropic-ai/claude-code` then `claude auth login`
+- **Gemini CLI**: `npm install -g @google/gemini-cli` then `gemini auth login`
+- **OpenAI Codex**: `npm install -g @openai/codex` then set `OPENAI_API_KEY`
+Run `triage-ai ready` to verify which models are available.
+## How to Run
+**IMPORTANT: Run the triage command in the background** using `run_in_background: true` on the Bash tool. This lets you relay progress to the user as it happens instead of showing a truncated bash window.
+```bash
+triage-ai "<user's prompt>" --nice 10 --timeout 300 --verbose
+```
+### Common invocations
+```bash
+# Full 3-model review
+triage-ai "find bugs and security issues"
+# Single model, quick check
+triage-ai --models claude "quick security scan"
+# Review only uncommitted changes
+triage-ai --diff-only "check my changes for bugs"
+# Save report + remember findings in project memory
+triage-ai --remember --out report.md "full security audit"
+# Preview patches without applying
+triage-ai --dry-run "fix the SQL injection"
+# Restrict models to pre-gathered context only (faster, no filesystem exploration)
+triage-ai --context-only "review this code for issues"
+```
+## While triage is running
+1. Tell the user: "Running triage with Claude, Gemini and Codex in parallel — I'll relay progress as each model completes."
+2. Check the output file periodically (every 15-20s) to relay status updates
+3. Look for these markers in the output:
+   - `=== triage-ai vX.Y.Z ===` = startup confirmed (version check)
+   - `[phase:N/6] name — Title` = phase transition (N of 6 total phases)
+   - `[assess] ModelName…` = model still running (with elapsed time)
+   - `[assess] ModelName ✓` = model completed (with finding count and time)
+   - `[assess] ModelName ✗` = model failed (with error hint)
+   - `=== TRIAGE COMPLETE ===` = all done — read full output
+   - `=== REPORT START ===` / `=== REPORT END ===` = report body delimiters
+4. When you see a model complete, tell the user immediately, e.g. "Codex finished — 5 findings in 12.3s"
+## Interpreting results
+- **Auth failures**: If a model shows "not authenticated" or "rate limited", tell the user the fix:
+  - Claude: `claude auth login`
+  - Gemini: `gemini auth login`
+  - Codex: `codex` interactively, or set `OPENAI_API_KEY`
+- **Severity levels**: S0 = blockers (fix now), S1 = high, S2 = medium, S3 = low
+- **Consensus findings** (2+ models agree): highest confidence — present these first
+- **Prose responses**: "(prose)" in model results means the model responded but couldn't produce structured findings
+- **Context truncation**: `⚠ Context was truncated` in summary means large files were cut short — warn the user
+## After triage completes
+1. Show a summary: "X models completed, Y findings (Z consensus)"
+2. If any model failed, explain why and how to fix it
+3. Present findings in a table: severity, title, consensus status
+4. Show S0/S1 findings with full detail
+5. For S2/S3, provide a brief list unless the user asks for more
+6. If patches were generated, offer to show or apply them
+7. **ALWAYS ask the user before implementing any fixes** — never auto-implement

package/examples/agents-md-example.md ADDED Viewed

@@ -0,0 +1,27 @@
+# Triage AI — Project Instructions for Codex
+Copy this file to your project root as `AGENTS.md` so Codex knows how to use triage-ai.
+---
+## Triage
+This project uses [triage-ai](https://github.com/wyman101/triage-ai) for multi-model code analysis.
+### Running a triage
+```bash
+triage-ai "<prompt>" --nice 10 --timeout 300 --verbose
+```
+Examples:
+- `triage-ai "find security vulnerabilities"`
+- `triage-ai "review authentication flow for bugs"`
+- `triage-ai --diff-only "check my changes for bugs"`
+- `triage-ai --remember "full security audit"` (saves findings to AGENTS.md)
+### Interpreting results
+- **S0** = blockers (fix immediately), **S1** = high, **S2** = medium, **S3** = low
+- **Consensus findings** (flagged by 2+ models) have high confidence — prioritize these
+- Always ask the user before implementing any fixes from the triage report

package/examples/gemini-md-example.md ADDED Viewed

@@ -0,0 +1,27 @@
+# Triage AI — Project Instructions for Gemini
+Copy this file to your project root as `GEMINI.md` so Gemini CLI knows how to use triage-ai.
+---
+## Triage
+This project uses [triage-ai](https://github.com/wyman101/triage-ai) for multi-model code analysis.
+### Running a triage
+```bash
+triage-ai "<prompt>" --nice 10 --timeout 300 --verbose
+```
+Examples:
+- `triage-ai "find security vulnerabilities"`
+- `triage-ai "review authentication flow for bugs"`
+- `triage-ai --diff-only "check my changes for bugs"`
+- `triage-ai --remember "full security audit"` (saves findings to GEMINI.md)
+### Interpreting results
+- **S0** = blockers (fix immediately), **S1** = high, **S2** = medium, **S3** = low
+- **Consensus findings** (flagged by 2+ models) have high confidence — prioritize these
+- Always ask the user before implementing any fixes from the triage report

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "triage-ai",
-  "version": "1.6.0",
-  "description": "Multi-model code triage — run Claude, Gemini and Codex in parallel to analyze your codebase and merge their findings",
+  "version": "1.6.1",
+  "description": "Collaborative AI triage for code, plans and architecture — Claude, Gemini and Codex independently analyze your codebase then merge findings with consensus scoring. Security audits, bug hunts, plan reviews, second opinions. Claude Code skill + MCP server.",
   "type": "module",
   "main": "dist/cli.js",
   "bin": {
@@ -20,6 +20,7 @@
     "dist",
     "README.md",
     "LICENSE",
+    "SKILL.md",
     "examples"
   ],
   "keywords": [
@@ -44,7 +45,11 @@
     "linter",
     "bug-detection",
     "consensus",
-    "llm"
+    "llm",
+    "claude-code",
+    "claude-code-skill",
+    "skill",
+    "plugin"
   ],
   "author": {
     "name": "wyman101",