npm - vibecheck-ai - Versions diffs - 2.0.1 → 5.0.0 - Mend

vibecheck-ai 2.0.1 → 5.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (456) hide show

package/bin/.generated +25 -0
package/bin/_deprecations.js +463 -0
package/bin/_router.js +46 -0
package/bin/cli-hygiene.js +241 -0
package/bin/dev/run-v2-torture.js +30 -0
package/bin/registry.js +656 -0
package/bin/runners/CLI_REFACTOR_SUMMARY.md +229 -0
package/bin/runners/ENHANCEMENT_GUIDE.md +121 -0
package/bin/runners/REPORT_AUDIT.md +64 -0
package/bin/runners/cli-utils.js +1070 -0
package/bin/runners/context/ai-task-decomposer.js +337 -0
package/bin/runners/context/analyzer.js +513 -0
package/bin/runners/context/api-contracts.js +427 -0
package/bin/runners/context/context-diff.js +342 -0
package/bin/runners/context/context-pruner.js +291 -0
package/bin/runners/context/dependency-graph.js +414 -0
package/bin/runners/context/generators/claude.js +107 -0
package/bin/runners/context/generators/codex.js +108 -0
package/bin/runners/context/generators/copilot.js +119 -0
package/bin/runners/context/generators/cursor-enhanced.js +2525 -0
package/bin/runners/context/generators/cursor.js +514 -0
package/bin/runners/context/generators/mcp.js +169 -0
package/bin/runners/context/generators/windsurf.js +180 -0
package/bin/runners/context/git-context.js +304 -0
package/bin/runners/context/index.js +1110 -0
package/bin/runners/context/insights.js +173 -0
package/bin/runners/context/mcp-server/generate-rules.js +337 -0
package/bin/runners/context/mcp-server/index.js +1176 -0
package/bin/runners/context/mcp-server/package.json +24 -0
package/bin/runners/context/memory.js +200 -0
package/bin/runners/context/monorepo.js +215 -0
package/bin/runners/context/multi-repo-federation.js +404 -0
package/bin/runners/context/patterns.js +253 -0
package/bin/runners/context/proof-context.js +1264 -0
package/bin/runners/context/security-scanner.js +541 -0
package/bin/runners/context/semantic-search.js +350 -0
package/bin/runners/context/shared.js +264 -0
package/bin/runners/context/team-conventions.js +336 -0
package/bin/runners/lib/__tests__/entitlements-v2.test.js +295 -0
package/bin/runners/lib/agent-firewall/ai/false-positive-analyzer.js +474 -0
package/bin/runners/lib/agent-firewall/change-packet/builder.js +488 -0
package/bin/runners/lib/agent-firewall/change-packet/schema.json +228 -0
package/bin/runners/lib/agent-firewall/change-packet/store.js +200 -0
package/bin/runners/lib/agent-firewall/claims/claim-types.js +21 -0
package/bin/runners/lib/agent-firewall/claims/extractor.js +303 -0
package/bin/runners/lib/agent-firewall/claims/patterns.js +24 -0
package/bin/runners/lib/agent-firewall/critic/index.js +151 -0
package/bin/runners/lib/agent-firewall/critic/judge.js +432 -0
package/bin/runners/lib/agent-firewall/critic/prompts.js +305 -0
package/bin/runners/lib/agent-firewall/enforcement/gateway.js +1059 -0
package/bin/runners/lib/agent-firewall/enforcement/index.js +98 -0
package/bin/runners/lib/agent-firewall/enforcement/mode.js +318 -0
package/bin/runners/lib/agent-firewall/enforcement/orchestrator.js +484 -0
package/bin/runners/lib/agent-firewall/enforcement/proof-artifact.js +418 -0
package/bin/runners/lib/agent-firewall/enforcement/schemas/change-event.schema.json +173 -0
package/bin/runners/lib/agent-firewall/enforcement/schemas/intent.schema.json +181 -0
package/bin/runners/lib/agent-firewall/enforcement/schemas/verdict.schema.json +222 -0
package/bin/runners/lib/agent-firewall/enforcement/verdict-v2.js +333 -0
package/bin/runners/lib/agent-firewall/evidence/auth-evidence.js +88 -0
package/bin/runners/lib/agent-firewall/evidence/contract-evidence.js +75 -0
package/bin/runners/lib/agent-firewall/evidence/env-evidence.js +127 -0
package/bin/runners/lib/agent-firewall/evidence/resolver.js +102 -0
package/bin/runners/lib/agent-firewall/evidence/route-evidence.js +213 -0
package/bin/runners/lib/agent-firewall/evidence/side-effect-evidence.js +145 -0
package/bin/runners/lib/agent-firewall/fs-hook/daemon.js +19 -0
package/bin/runners/lib/agent-firewall/fs-hook/installer.js +87 -0
package/bin/runners/lib/agent-firewall/fs-hook/watcher.js +184 -0
package/bin/runners/lib/agent-firewall/git-hook/pre-commit.js +163 -0
package/bin/runners/lib/agent-firewall/ide-extension/cursor.js +107 -0
package/bin/runners/lib/agent-firewall/ide-extension/vscode.js +68 -0
package/bin/runners/lib/agent-firewall/ide-extension/windsurf.js +66 -0
package/bin/runners/lib/agent-firewall/index.js +200 -0
package/bin/runners/lib/agent-firewall/integration/index.js +20 -0
package/bin/runners/lib/agent-firewall/integration/ship-gate.js +437 -0
package/bin/runners/lib/agent-firewall/intent/alignment-engine.js +634 -0
package/bin/runners/lib/agent-firewall/intent/auto-detect.js +426 -0
package/bin/runners/lib/agent-firewall/intent/index.js +102 -0
package/bin/runners/lib/agent-firewall/intent/schema.js +352 -0
package/bin/runners/lib/agent-firewall/intent/store.js +283 -0
package/bin/runners/lib/agent-firewall/interception/fs-interceptor.js +502 -0
package/bin/runners/lib/agent-firewall/interception/index.js +23 -0
package/bin/runners/lib/agent-firewall/interceptor/base.js +308 -0
package/bin/runners/lib/agent-firewall/interceptor/cursor.js +35 -0
package/bin/runners/lib/agent-firewall/interceptor/vscode.js +35 -0
package/bin/runners/lib/agent-firewall/interceptor/windsurf.js +34 -0
package/bin/runners/lib/agent-firewall/lawbook/distributor.js +465 -0
package/bin/runners/lib/agent-firewall/lawbook/evaluator.js +604 -0
package/bin/runners/lib/agent-firewall/lawbook/index.js +304 -0
package/bin/runners/lib/agent-firewall/lawbook/registry.js +514 -0
package/bin/runners/lib/agent-firewall/lawbook/schema.js +420 -0
package/bin/runners/lib/agent-firewall/logger.js +141 -0
package/bin/runners/lib/agent-firewall/policy/default-policy.json +90 -0
package/bin/runners/lib/agent-firewall/policy/engine.js +103 -0
package/bin/runners/lib/agent-firewall/policy/loader.js +451 -0
package/bin/runners/lib/agent-firewall/policy/rules/auth-drift.js +50 -0
package/bin/runners/lib/agent-firewall/policy/rules/contract-drift.js +50 -0
package/bin/runners/lib/agent-firewall/policy/rules/fake-success.js +79 -0
package/bin/runners/lib/agent-firewall/policy/rules/ghost-env.js +227 -0
package/bin/runners/lib/agent-firewall/policy/rules/ghost-route.js +191 -0
package/bin/runners/lib/agent-firewall/policy/rules/scope.js +93 -0
package/bin/runners/lib/agent-firewall/policy/rules/unsafe-side-effect.js +57 -0
package/bin/runners/lib/agent-firewall/policy/schema.json +183 -0
package/bin/runners/lib/agent-firewall/policy/verdict.js +54 -0
package/bin/runners/lib/agent-firewall/proposal/extractor.js +394 -0
package/bin/runners/lib/agent-firewall/proposal/index.js +212 -0
package/bin/runners/lib/agent-firewall/proposal/schema.js +251 -0
package/bin/runners/lib/agent-firewall/proposal/validator.js +386 -0
package/bin/runners/lib/agent-firewall/reality/index.js +332 -0
package/bin/runners/lib/agent-firewall/reality/state.js +625 -0
package/bin/runners/lib/agent-firewall/reality/watcher.js +322 -0
package/bin/runners/lib/agent-firewall/risk/index.js +173 -0
package/bin/runners/lib/agent-firewall/risk/scorer.js +328 -0
package/bin/runners/lib/agent-firewall/risk/thresholds.js +322 -0
package/bin/runners/lib/agent-firewall/risk/vectors.js +421 -0
package/bin/runners/lib/agent-firewall/session/collector.js +451 -0
package/bin/runners/lib/agent-firewall/session/index.js +26 -0
package/bin/runners/lib/agent-firewall/simulator/diff-simulator.js +472 -0
package/bin/runners/lib/agent-firewall/simulator/import-resolver.js +346 -0
package/bin/runners/lib/agent-firewall/simulator/index.js +181 -0
package/bin/runners/lib/agent-firewall/simulator/route-validator.js +380 -0
package/bin/runners/lib/agent-firewall/time-machine/incident-correlator.js +661 -0
package/bin/runners/lib/agent-firewall/time-machine/index.js +267 -0
package/bin/runners/lib/agent-firewall/time-machine/replay-engine.js +436 -0
package/bin/runners/lib/agent-firewall/time-machine/state-reconstructor.js +490 -0
package/bin/runners/lib/agent-firewall/time-machine/timeline-builder.js +530 -0
package/bin/runners/lib/agent-firewall/truthpack/index.js +67 -0
package/bin/runners/lib/agent-firewall/truthpack/loader.js +137 -0
package/bin/runners/lib/agent-firewall/unblock/planner.js +337 -0
package/bin/runners/lib/agent-firewall/utils/ignore-checker.js +118 -0
package/bin/runners/lib/ai-bridge.js +416 -0
package/bin/runners/lib/analysis-core.js +309 -0
package/bin/runners/lib/analyzers.js +2500 -0
package/bin/runners/lib/api-client.js +269 -0
package/bin/runners/lib/approve-output.js +235 -0
package/bin/runners/lib/artifact-envelope.js +540 -0
package/bin/runners/lib/assets/vibecheck-logo.png +0 -0
package/bin/runners/lib/audit-bridge.js +391 -0
package/bin/runners/lib/auth-shared.js +977 -0
package/bin/runners/lib/auth-truth.js +193 -0
package/bin/runners/lib/auth.js +215 -0
package/bin/runners/lib/authority-badge.js +425 -0
package/bin/runners/lib/backup.js +62 -0
package/bin/runners/lib/billing.js +107 -0
package/bin/runners/lib/checkpoint.js +941 -0
package/bin/runners/lib/claims.js +118 -0
package/bin/runners/lib/classify-output.js +204 -0
package/bin/runners/lib/cleanup/engine.js +571 -0
package/bin/runners/lib/cleanup/index.js +53 -0
package/bin/runners/lib/cleanup/output.js +375 -0
package/bin/runners/lib/cleanup/rules.js +1060 -0
package/bin/runners/lib/cli-output.js +400 -0
package/bin/runners/lib/cli-ui.js +540 -0
package/bin/runners/lib/compliance-bridge-new.js +0 -0
package/bin/runners/lib/compliance-bridge.js +165 -0
package/bin/runners/lib/contracts/auth-contract.js +202 -0
package/bin/runners/lib/contracts/env-contract.js +181 -0
package/bin/runners/lib/contracts/external-contract.js +206 -0
package/bin/runners/lib/contracts/guard.js +168 -0
package/bin/runners/lib/contracts/index.js +89 -0
package/bin/runners/lib/contracts/plan-validator.js +311 -0
package/bin/runners/lib/contracts/route-contract.js +199 -0
package/bin/runners/lib/contracts.js +804 -0
package/bin/runners/lib/default-config.js +127 -0
package/bin/runners/lib/detect.js +89 -0
package/bin/runners/lib/detectors-v2.js +622 -0
package/bin/runners/lib/doctor/autofix.js +254 -0
package/bin/runners/lib/doctor/diagnosis-receipt.js +454 -0
package/bin/runners/lib/doctor/failure-signatures.js +526 -0
package/bin/runners/lib/doctor/fix-script.js +336 -0
package/bin/runners/lib/doctor/index.js +37 -0
package/bin/runners/lib/doctor/modules/build-tools.js +453 -0
package/bin/runners/lib/doctor/modules/dependencies.js +325 -0
package/bin/runners/lib/doctor/modules/index.js +105 -0
package/bin/runners/lib/doctor/modules/network.js +250 -0
package/bin/runners/lib/doctor/modules/os-quirks.js +706 -0
package/bin/runners/lib/doctor/modules/project.js +312 -0
package/bin/runners/lib/doctor/modules/repo-integrity.js +485 -0
package/bin/runners/lib/doctor/modules/runtime.js +224 -0
package/bin/runners/lib/doctor/modules/security.js +350 -0
package/bin/runners/lib/doctor/modules/system.js +213 -0
package/bin/runners/lib/doctor/modules/vibecheck.js +394 -0
package/bin/runners/lib/doctor/reporter.js +262 -0
package/bin/runners/lib/doctor/safe-repair.js +384 -0
package/bin/runners/lib/doctor/service.js +262 -0
package/bin/runners/lib/doctor/types.js +113 -0
package/bin/runners/lib/doctor/ui.js +263 -0
package/bin/runners/lib/doctor-enhanced.js +233 -0
package/bin/runners/lib/doctor-output.js +226 -0
package/bin/runners/lib/doctor-v2.js +608 -0
package/bin/runners/lib/drift.js +425 -0
package/bin/runners/lib/enforcement.js +72 -0
package/bin/runners/lib/engine/ast-cache.js +210 -0
package/bin/runners/lib/engine/auth-extractor.js +211 -0
package/bin/runners/lib/engine/billing-extractor.js +112 -0
package/bin/runners/lib/engine/enforcement-extractor.js +100 -0
package/bin/runners/lib/engine/env-extractor.js +207 -0
package/bin/runners/lib/engine/express-extractor.js +208 -0
package/bin/runners/lib/engine/extractors.js +849 -0
package/bin/runners/lib/engine/index.js +207 -0
package/bin/runners/lib/engine/repo-index.js +514 -0
package/bin/runners/lib/engine/types.js +124 -0
package/bin/runners/lib/engines/accessibility-engine.js +190 -0
package/bin/runners/lib/engines/api-consistency-engine.js +162 -0
package/bin/runners/lib/engines/ast-cache.js +99 -0
package/bin/runners/lib/engines/attack-detector.js +1192 -0
package/bin/runners/lib/engines/code-quality-engine.js +255 -0
package/bin/runners/lib/engines/console-logs-engine.js +115 -0
package/bin/runners/lib/engines/cross-file-analysis-engine.js +268 -0
package/bin/runners/lib/engines/dead-code-engine.js +198 -0
package/bin/runners/lib/engines/deprecated-api-engine.js +226 -0
package/bin/runners/lib/engines/empty-catch-engine.js +150 -0
package/bin/runners/lib/engines/file-filter.js +131 -0
package/bin/runners/lib/engines/hardcoded-secrets-engine.js +251 -0
package/bin/runners/lib/engines/mock-data-engine.js +272 -0
package/bin/runners/lib/engines/parallel-processor.js +71 -0
package/bin/runners/lib/engines/performance-issues-engine.js +265 -0
package/bin/runners/lib/engines/security-vulnerabilities-engine.js +243 -0
package/bin/runners/lib/engines/todo-fixme-engine.js +115 -0
package/bin/runners/lib/engines/type-aware-engine.js +152 -0
package/bin/runners/lib/engines/unsafe-regex-engine.js +225 -0
package/bin/runners/lib/engines/vibecheck-engines/README.md +53 -0
package/bin/runners/lib/engines/vibecheck-engines/index.js +15 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/ast-cache.js +164 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/code-quality-engine.js +291 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/console-logs-engine.js +83 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/dead-code-engine.js +198 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/deprecated-api-engine.js +275 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/empty-catch-engine.js +167 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/file-filter.js +217 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/hardcoded-secrets-engine.js +139 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/mock-data-engine.js +140 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/parallel-processor.js +164 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/performance-issues-engine.js +234 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/type-aware-engine.js +217 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/unsafe-regex-engine.js +78 -0
package/bin/runners/lib/engines/vibecheck-engines/package.json +13 -0
package/bin/runners/lib/enterprise-detect.js +603 -0
package/bin/runners/lib/enterprise-init.js +942 -0
package/bin/runners/lib/entitlements-v2.js +265 -0
package/bin/runners/lib/entitlements.generated.js +0 -0
package/bin/runners/lib/entitlements.js +340 -0
package/bin/runners/lib/env-resolver.js +417 -0
package/bin/runners/lib/env-template.js +66 -0
package/bin/runners/lib/env.js +189 -0
package/bin/runners/lib/error-handler.js +368 -0
package/bin/runners/lib/error-messages.js +289 -0
package/bin/runners/lib/evidence-pack.js +684 -0
package/bin/runners/lib/exit-codes.js +275 -0
package/bin/runners/lib/extractors/client-calls.js +990 -0
package/bin/runners/lib/extractors/fastify-route-dump.js +573 -0
package/bin/runners/lib/extractors/fastify-routes.js +426 -0
package/bin/runners/lib/extractors/index.js +363 -0
package/bin/runners/lib/extractors/next-routes.js +524 -0
package/bin/runners/lib/extractors/proof-graph.js +431 -0
package/bin/runners/lib/extractors/route-matcher.js +451 -0
package/bin/runners/lib/extractors/truthpack-v2.js +377 -0
package/bin/runners/lib/extractors/ui-bindings.js +547 -0
package/bin/runners/lib/finding-id.js +69 -0
package/bin/runners/lib/finding-sorter.js +89 -0
package/bin/runners/lib/findings-schema.js +281 -0
package/bin/runners/lib/fingerprint.js +377 -0
package/bin/runners/lib/firewall-prompt.js +50 -0
package/bin/runners/lib/fix-output.js +228 -0
package/bin/runners/lib/global-flags.js +250 -0
package/bin/runners/lib/graph/graph-builder.js +265 -0
package/bin/runners/lib/graph/html-renderer.js +413 -0
package/bin/runners/lib/graph/index.js +32 -0
package/bin/runners/lib/graph/runtime-collector.js +215 -0
package/bin/runners/lib/graph/static-extractor.js +518 -0
package/bin/runners/lib/help-formatter.js +413 -0
package/bin/runners/lib/html-proof-report.js +913 -0
package/bin/runners/lib/html-report.js +650 -0
package/bin/runners/lib/init-wizard.js +601 -0
package/bin/runners/lib/interactive-menu.js +1496 -0
package/bin/runners/lib/json-output.js +76 -0
package/bin/runners/lib/llm.js +75 -0
package/bin/runners/lib/logger.js +38 -0
package/bin/runners/lib/meter.js +61 -0
package/bin/runners/lib/missions/briefing.js +427 -0
package/bin/runners/lib/missions/checkpoint.js +753 -0
package/bin/runners/lib/missions/evidence.js +126 -0
package/bin/runners/lib/missions/hardening.js +851 -0
package/bin/runners/lib/missions/plan.js +648 -0
package/bin/runners/lib/missions/safety-gates.js +645 -0
package/bin/runners/lib/missions/schema.js +478 -0
package/bin/runners/lib/missions/templates.js +317 -0
package/bin/runners/lib/next-action.js +560 -0
package/bin/runners/lib/packs/bundle.js +675 -0
package/bin/runners/lib/packs/evidence-pack.js +671 -0
package/bin/runners/lib/packs/pack-factory.js +837 -0
package/bin/runners/lib/packs/permissions-pack.js +686 -0
package/bin/runners/lib/packs/proof-graph-pack.js +779 -0
package/bin/runners/lib/patch.js +40 -0
package/bin/runners/lib/permissions/auth-model.js +213 -0
package/bin/runners/lib/permissions/idor-prover.js +205 -0
package/bin/runners/lib/permissions/index.js +45 -0
package/bin/runners/lib/permissions/matrix-builder.js +198 -0
package/bin/runners/lib/pkgjson.js +28 -0
package/bin/runners/lib/policy.js +295 -0
package/bin/runners/lib/polish/accessibility.js +62 -0
package/bin/runners/lib/polish/analyzer.js +93 -0
package/bin/runners/lib/polish/backend.js +87 -0
package/bin/runners/lib/polish/configuration.js +83 -0
package/bin/runners/lib/polish/documentation.js +83 -0
package/bin/runners/lib/polish/frontend.js +817 -0
package/bin/runners/lib/polish/index.js +27 -0
package/bin/runners/lib/polish/infrastructure.js +80 -0
package/bin/runners/lib/polish/internationalization.js +85 -0
package/bin/runners/lib/polish/libraries.js +180 -0
package/bin/runners/lib/polish/observability.js +75 -0
package/bin/runners/lib/polish/performance.js +64 -0
package/bin/runners/lib/polish/privacy.js +110 -0
package/bin/runners/lib/polish/resilience.js +92 -0
package/bin/runners/lib/polish/security.js +78 -0
package/bin/runners/lib/polish/seo.js +71 -0
package/bin/runners/lib/polish/styles.js +62 -0
package/bin/runners/lib/polish/utils.js +104 -0
package/bin/runners/lib/preflight.js +142 -0
package/bin/runners/lib/prerequisites.js +149 -0
package/bin/runners/lib/prove-output.js +220 -0
package/bin/runners/lib/reality/correlation-detectors.js +359 -0
package/bin/runners/lib/reality/index.js +318 -0
package/bin/runners/lib/reality/request-hashing.js +416 -0
package/bin/runners/lib/reality/request-mapper.js +453 -0
package/bin/runners/lib/reality/safety-rails.js +463 -0
package/bin/runners/lib/reality/semantic-snapshot.js +408 -0
package/bin/runners/lib/reality/toast-detector.js +393 -0
package/bin/runners/lib/reality-findings.js +84 -0
package/bin/runners/lib/reality-output.js +231 -0
package/bin/runners/lib/receipts.js +179 -0
package/bin/runners/lib/redact.js +29 -0
package/bin/runners/lib/replay/capsule-manager.js +154 -0
package/bin/runners/lib/replay/index.js +263 -0
package/bin/runners/lib/replay/player.js +348 -0
package/bin/runners/lib/replay/recorder.js +331 -0
package/bin/runners/lib/report-engine.js +626 -0
package/bin/runners/lib/report-html.js +1233 -0
package/bin/runners/lib/report-output.js +366 -0
package/bin/runners/lib/report-templates.js +967 -0
package/bin/runners/lib/report.js +135 -0
package/bin/runners/lib/route-detection.js +1209 -0
package/bin/runners/lib/route-truth.js +1322 -0
package/bin/runners/lib/safelist/index.js +96 -0
package/bin/runners/lib/safelist/integration.js +334 -0
package/bin/runners/lib/safelist/matcher.js +696 -0
package/bin/runners/lib/safelist/schema.js +948 -0
package/bin/runners/lib/safelist/store.js +438 -0
package/bin/runners/lib/sandbox/index.js +59 -0
package/bin/runners/lib/sandbox/proof-chain.js +399 -0
package/bin/runners/lib/sandbox/sandbox-runner.js +205 -0
package/bin/runners/lib/sandbox/worktree.js +174 -0
package/bin/runners/lib/scan-cache.js +330 -0
package/bin/runners/lib/scan-output-schema.js +344 -0
package/bin/runners/lib/scan-output.js +631 -0
package/bin/runners/lib/scan-runner.js +135 -0
package/bin/runners/lib/schema-validator.js +350 -0
package/bin/runners/lib/schemas/ajv-validator.js +464 -0
package/bin/runners/lib/schemas/contracts.schema.json +160 -0
package/bin/runners/lib/schemas/error-envelope.schema.json +105 -0
package/bin/runners/lib/schemas/finding-v3.schema.json +151 -0
package/bin/runners/lib/schemas/finding.schema.json +100 -0
package/bin/runners/lib/schemas/mission-pack.schema.json +206 -0
package/bin/runners/lib/schemas/proof-graph.schema.json +176 -0
package/bin/runners/lib/schemas/reality-report.schema.json +162 -0
package/bin/runners/lib/schemas/report-artifact.schema.json +120 -0
package/bin/runners/lib/schemas/run-request.schema.json +108 -0
package/bin/runners/lib/schemas/share-pack.schema.json +180 -0
package/bin/runners/lib/schemas/ship-manifest.schema.json +251 -0
package/bin/runners/lib/schemas/ship-report.schema.json +117 -0
package/bin/runners/lib/schemas/truthpack-v2.schema.json +303 -0
package/bin/runners/lib/schemas/validator.js +465 -0
package/bin/runners/lib/schemas/verdict.schema.json +140 -0
package/bin/runners/lib/score-history.js +282 -0
package/bin/runners/lib/security-bridge.js +249 -0
package/bin/runners/lib/server-usage.js +513 -0
package/bin/runners/lib/share-pack.js +239 -0
package/bin/runners/lib/ship-gate.js +832 -0
package/bin/runners/lib/ship-manifest.js +1153 -0
package/bin/runners/lib/ship-output-enterprise.js +239 -0
package/bin/runners/lib/ship-output.js +1128 -0
package/bin/runners/lib/snippets.js +67 -0
package/bin/runners/lib/status-output.js +340 -0
package/bin/runners/lib/terminal-ui.js +356 -0
package/bin/runners/lib/truth.js +1691 -0
package/bin/runners/lib/ui.js +562 -0
package/bin/runners/lib/unified-cli-output.js +947 -0
package/bin/runners/lib/unified-output.js +197 -0
package/bin/runners/lib/upsell.js +410 -0
package/bin/runners/lib/usage.js +153 -0
package/bin/runners/lib/validate-patch.js +156 -0
package/bin/runners/lib/verdict-engine.js +628 -0
package/bin/runners/lib/verification.js +345 -0
package/bin/runners/lib/why-tree.js +650 -0
package/bin/runners/reality/engine.js +917 -0
package/bin/runners/reality/flows.js +122 -0
package/bin/runners/reality/report.js +378 -0
package/bin/runners/reality/session.js +193 -0
package/bin/runners/runAIAgent.js +229 -0
package/bin/runners/runAgent.d.ts +5 -0
package/bin/runners/runAgent.js +161 -0
package/bin/runners/runAllowlist.js +418 -0
package/bin/runners/runApprove.js +320 -0
package/bin/runners/runAudit.js +692 -0
package/bin/runners/runAuth.js +731 -0
package/bin/runners/runCI.js +353 -0
package/bin/runners/runCheckpoint.js +530 -0
package/bin/runners/runClassify.js +928 -0
package/bin/runners/runCleanup.js +343 -0
package/bin/runners/runContext.d.ts +4 -0
package/bin/runners/runContext.js +175 -0
package/bin/runners/runDoctor.js +877 -0
package/bin/runners/runEvidencePack.js +362 -0
package/bin/runners/runFirewall.d.ts +5 -0
package/bin/runners/runFirewall.js +134 -0
package/bin/runners/runFirewallHook.d.ts +5 -0
package/bin/runners/runFirewallHook.js +56 -0
package/bin/runners/runFix.js +1355 -0
package/bin/runners/runForge.js +451 -0
package/bin/runners/runGuard.js +262 -0
package/bin/runners/runInit.js +1927 -0
package/bin/runners/runIntent.js +906 -0
package/bin/runners/runKickoff.js +878 -0
package/bin/runners/runLabs.js +424 -0
package/bin/runners/runLaunch.js +2000 -0
package/bin/runners/runLink.js +785 -0
package/bin/runners/runMcp.js +1875 -0
package/bin/runners/runPacks.js +2089 -0
package/bin/runners/runPolish.d.ts +4 -0
package/bin/runners/runPolish.js +390 -0
package/bin/runners/runPromptFirewall.js +211 -0
package/bin/runners/runProve.js +1411 -0
package/bin/runners/runQuickstart.js +531 -0
package/bin/runners/runReality.js +2260 -0
package/bin/runners/runReport.js +726 -0
package/bin/runners/runRuntime.js +110 -0
package/bin/runners/runSafelist.js +1190 -0
package/bin/runners/runScan.js +688 -0
package/bin/runners/runShield.js +1282 -0
package/bin/runners/runShip.js +1660 -0
package/bin/runners/runTruth.d.ts +5 -0
package/bin/runners/runTruth.js +101 -0
package/bin/runners/runValidate.js +179 -0
package/bin/runners/runWatch.js +478 -0
package/bin/runners/utils.js +360 -0
package/bin/scan.js +617 -0
package/bin/vibecheck.js +1617 -0
package/dist/guardrail/index.d.ts +2405 -0
package/dist/guardrail/index.js +9747 -0
package/dist/guardrail/index.js.map +1 -0
package/dist/scanner/index.d.ts +282 -0
package/dist/scanner/index.js +3395 -0
package/dist/scanner/index.js.map +1 -0
package/package.json +123 -104
package/README.md +0 -491
package/dist/index.js +0 -99711
package/dist/index.js.map +0 -1

package/bin/runners/lib/polish/index.js ADDED Viewed

@@ -0,0 +1,27 @@
+/**
+ * Engine Registry
+ *
+ * Single source of truth for all polish engines.
+ * Adding a new engine = add one line here + create the file.
+ */
+const engines = {
+  frontend: require("./frontend"),
+  backend: require("./backend"),
+  security: require("./security"),
+  performance: require("./performance"),
+  accessibility: require("./accessibility"),
+  seo: require("./seo"),
+  configuration: require("./configuration"),
+  documentation: require("./documentation"),
+  infrastructure: require("./infrastructure"),
+  observability: require("./observability"),
+  resilience: require("./resilience"),
+  internationalization: require("./internationalization"),
+  privacy: require("./privacy"),
+};
+/** All registered category names */
+const categories = Object.keys(engines);
+module.exports = { engines, categories };

package/bin/runners/lib/polish/infrastructure.js ADDED Viewed

@@ -0,0 +1,80 @@
+/**
+ * Infrastructure Polish Engine
+ *
+ * Checks: Docker, CI/CD, deployment config, env validation.
+ */
+const path = require("path");
+const { pathExists, readFileSafe } = require("./utils");
+module.exports = async function infrastructureEngine(projectPath) {
+  const issues = [];
+  const packageJson = await readFileSafe(path.join(projectPath, "package.json"));
+  // Docker
+  const hasDocker =
+    (await pathExists(path.join(projectPath, "Dockerfile"))) ||
+    (await pathExists(path.join(projectPath, "docker-compose.yml")));
+  if (!hasDocker) {
+    issues.push({
+      id: "missing-docker",
+      category: "Infrastructure",
+      severity: "low",
+      title: "Missing Docker Configuration",
+      description: "No Docker setup found. Deployment may be inconsistent.",
+      suggestion: "Add Dockerfile for consistent deployment environments.",
+      autoFixable: true,
+    });
+  }
+  // CI/CD
+  const hasCi =
+    (await pathExists(path.join(projectPath, ".github", "workflows"))) ||
+    (await pathExists(path.join(projectPath, ".gitlab-ci.yml"))) ||
+    (await pathExists(path.join(projectPath, ".circleci")));
+  if (!hasCi) {
+    issues.push({
+      id: "missing-ci",
+      category: "Infrastructure",
+      severity: "high",
+      title: "Missing CI/CD Configuration",
+      description: "No CI/CD pipeline found. Code changes are not automatically tested.",
+      suggestion: "Add GitHub Actions, GitLab CI, or CircleCI for automated testing.",
+      autoFixable: true,
+    });
+  }
+  // Deployment config
+  const hasDeployConfig =
+    (await pathExists(path.join(projectPath, "vercel.json"))) ||
+    (await pathExists(path.join(projectPath, "netlify.toml"))) ||
+    (await pathExists(path.join(projectPath, "railway.json")));
+  if (!hasDeployConfig && !hasDocker) {
+    issues.push({
+      id: "missing-deployment-config",
+      category: "Infrastructure",
+      severity: "medium",
+      title: "No Deployment Configuration",
+      description: "No deployment platform configuration found.",
+      suggestion: "Add vercel.json, netlify.toml, or similar for deployment settings.",
+      autoFixable: false,
+    });
+  }
+  // Env validation
+  const hasEnvValidation =
+    packageJson && /@t3-oss\/env|envalid|dotenv-safe/i.test(packageJson);
+  if (!hasEnvValidation) {
+    issues.push({
+      id: "missing-env-validation",
+      category: "Infrastructure",
+      severity: "medium",
+      title: "No Environment Validation",
+      description: "Environment variables are not validated at startup.",
+      suggestion: "Add @t3-oss/env-nextjs or envalid to validate env vars at startup.",
+      autoFixable: false,
+    });
+  }
+  return issues;
+};

package/bin/runners/lib/polish/internationalization.js ADDED Viewed

@@ -0,0 +1,85 @@
+/**
+ * Internationalization Polish Engine
+ *
+ * Checks: i18n library, locale detection, RTL support, translation files.
+ */
+const path = require("path");
+const { pathExists, findFile, readFileSafe } = require("./utils");
+module.exports = async function internationalizationEngine(projectPath) {
+  const issues = [];
+  const packageJson = await readFileSafe(path.join(projectPath, "package.json"));
+  const srcPath = path.join(projectPath, "src");
+  const hasSrc = await pathExists(srcPath);
+  const searchPath = hasSrc ? srcPath : projectPath;
+  const hasI18n =
+    packageJson && /next-intl|react-i18next|i18next|lingui|formatjs|react-intl/i.test(packageJson);
+  if (!hasI18n) {
+    issues.push({
+      id: "missing-i18n",
+      category: "Internationalization",
+      severity: "low",
+      title: "Missing Internationalization (i18n)",
+      description: "No i18n library found. Adding translations later is costly.",
+      suggestion: "Add next-intl or react-i18next for internationalization support.",
+      autoFixable: false,
+      aiPrompt: "Set up internationalization using next-intl or react-i18next. Include locale detection, language switching, and translation extraction workflow.",
+    });
+  }
+  // Locale detection (only if i18n is installed)
+  if (hasI18n) {
+    const hasLocaleDetection = await findFile(searchPath, /locale|navigator\.language|accept-language|getLocale/i);
+    if (!hasLocaleDetection) {
+      issues.push({
+        id: "missing-locale-detection",
+        category: "Internationalization",
+        severity: "medium",
+        title: "Missing Locale Detection",
+        description: "i18n setup found but no automatic locale detection.",
+        suggestion: "Add automatic locale detection from browser settings or Accept-Language header.",
+        autoFixable: false,
+        aiPrompt: "Add automatic locale detection. Detect from Accept-Language header on server, navigator.language on client, allow user override with persistence.",
+      });
+    }
+    // RTL support
+    const hasRTL = await findFile(searchPath, /rtl|dir=.*rtl|direction.*rtl|ltr.*rtl/i);
+    if (!hasRTL) {
+      issues.push({
+        id: "missing-rtl-support",
+        category: "Internationalization",
+        severity: "low",
+        title: "Missing RTL Support",
+        description: "No RTL (right-to-left) support found. Arabic/Hebrew users affected.",
+        suggestion: "Add RTL layout support using CSS logical properties or rtlcss.",
+        autoFixable: false,
+        aiPrompt: "Add RTL support for Arabic/Hebrew locales. Use CSS logical properties, directional icons, and proper text alignment.",
+      });
+    }
+    // Translation files
+    const hasTranslationFiles =
+      (await pathExists(path.join(projectPath, "locales"))) ||
+      (await pathExists(path.join(projectPath, "translations"))) ||
+      (await pathExists(path.join(projectPath, "messages"))) ||
+      (await pathExists(path.join(srcPath, "locales")));
+    if (!hasTranslationFiles) {
+      issues.push({
+        id: "missing-translation-files",
+        category: "Internationalization",
+        severity: "medium",
+        title: "Missing Translation Files",
+        description: "i18n library found but no translation files directory.",
+        suggestion: "Create locales/ directory with JSON translation files for each language.",
+        autoFixable: true,
+        aiPrompt: "Create a translation file structure with English as base, organized namespaces, and a script to extract translation keys from code.",
+      });
+    }
+  }
+  return issues;
+};

package/bin/runners/lib/polish/libraries.js ADDED Viewed

@@ -0,0 +1,180 @@
+/**
+ * Library detection for context-aware polish checking.
+ *
+ * When a project already uses a library that provides a feature,
+ * we skip the corresponding check to reduce false positives.
+ */
+const path = require("path");
+const { pathExists, readFileSafe } = require("./utils");
+/**
+ * Common libraries grouped by the functionality they provide.
+ */
+const LIBRARY_ALTERNATIVES = {
+  errorBoundary: [
+    "react-error-boundary",
+    "@sentry/react",
+    "bugsnag-react",
+  ],
+  toast: [
+    "react-hot-toast",
+    "react-toastify",
+    "sonner",
+    "@radix-ui/react-toast",
+    "notistack",
+    "react-notifications",
+  ],
+  spinner: [
+    "react-spinners",
+    "react-loader-spinner",
+    "react-loading",
+    "@chakra-ui/react",
+    "@mantine/core",
+  ],
+  skeleton: [
+    "react-loading-skeleton",
+    "react-content-loader",
+    "@chakra-ui/react",
+    "@mantine/core",
+    "@radix-ui/themes",
+  ],
+  formValidation: [
+    "react-hook-form",
+    "formik",
+    "@tanstack/react-form",
+    "react-final-form",
+    "zod",
+    "yup",
+  ],
+  uiLibrary: [
+    "@chakra-ui/react",
+    "@mantine/core",
+    "@radix-ui/themes",
+    "@mui/material",
+    "antd",
+    "@nextui-org/react",
+    "shadcn",
+    "@headlessui/react",
+  ],
+  stateManagement: [
+    "zustand",
+    "@reduxjs/toolkit",
+    "jotai",
+    "recoil",
+    "mobx",
+    "@tanstack/react-query",
+  ],
+  i18n: [
+    "next-intl",
+    "react-i18next",
+    "next-translate",
+    "@formatjs/intl",
+    "lingui",
+  ],
+  analytics: [
+    "@sentry/nextjs",
+    "@sentry/react",
+    "@vercel/analytics",
+    "posthog-js",
+    "mixpanel-browser",
+    "@segment/analytics-next",
+  ],
+};
+/**
+ * Check if package.json contains any of the specified libraries.
+ * @param {string} packageJsonContent - Raw package.json content
+ * @param {string[]} libraries - Library names to look for
+ * @returns {string|null} First matched library name, or null
+ */
+function hasLibrary(packageJsonContent, libraries) {
+  if (!packageJsonContent) return null;
+  for (const lib of libraries) {
+    const escaped = lib.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+    const pattern = new RegExp(`"${escaped}"\\s*:`, "i");
+    if (pattern.test(packageJsonContent)) {
+      return lib;
+    }
+  }
+  return null;
+}
+/**
+ * Detect project type for context-aware severity adjustments.
+ */
+async function detectProjectType(projectPath, packageJsonContent) {
+  const hasApp = await pathExists(path.join(projectPath, "app"));
+  const hasPages = await pathExists(path.join(projectPath, "pages"));
+  const hasSrc = await pathExists(path.join(projectPath, "src"));
+  const isNextJs = packageJsonContent && /["']next["']/.test(packageJsonContent);
+  const isRemix = packageJsonContent && /["']@remix-run\//.test(packageJsonContent);
+  const isVite = packageJsonContent && /["']vite["']/.test(packageJsonContent);
+  const isAstro = packageJsonContent && /["']astro["']/.test(packageJsonContent);
+  const isLibrary = packageJsonContent && /"main"|"module"|"exports"/.test(packageJsonContent);
+  const isCli = packageJsonContent && /"bin"/.test(packageJsonContent);
+  const isApi =
+    !hasApp &&
+    !hasPages &&
+    packageJsonContent &&
+    /["']express["']|["']fastify["']|["']hono["']/.test(packageJsonContent);
+  const uiLib = hasLibrary(packageJsonContent, LIBRARY_ALTERNATIVES.uiLibrary);
+  return {
+    isNextJs,
+    isRemix,
+    isVite,
+    isAstro,
+    isLibrary,
+    isCli,
+    isApi,
+    hasAppRouter: hasApp && isNextJs,
+    hasPagesRouter: hasPages && isNextJs,
+    hasSrc,
+    uiLibrary: uiLib,
+    skipFrontend: isLibrary || isCli || isApi,
+  };
+}
+/**
+ * Adjust severity based on project context.
+ */
+function adjustSeverity(baseSeverity, projectType, issueId) {
+  if (projectType.skipFrontend && issueId.startsWith("missing-")) {
+    return "low";
+  }
+  if (projectType.uiLibrary) {
+    const componentIssues = [
+      "missing-spinner",
+      "missing-skeleton",
+      "missing-toast",
+      "missing-empty-states",
+    ];
+    if (componentIssues.includes(issueId)) {
+      return "low";
+    }
+  }
+  return baseSeverity;
+}
+module.exports = {
+  LIBRARY_ALTERNATIVES,
+  hasLibrary,
+  detectProjectType,
+  adjustSeverity,
+};

package/bin/runners/lib/polish/observability.js ADDED Viewed

@@ -0,0 +1,75 @@
+/**
+ * Observability Polish Engine
+ *
+ * Checks: OpenTelemetry, structured logging, metrics, correlation IDs.
+ */
+const path = require("path");
+const { pathExists, findFile, readFileSafe } = require("./utils");
+module.exports = async function observabilityEngine(projectPath) {
+  const issues = [];
+  const packageJson = await readFileSafe(path.join(projectPath, "package.json"));
+  const srcPath = path.join(projectPath, "src");
+  const hasSrc = await pathExists(srcPath);
+  const searchPath = hasSrc ? srcPath : projectPath;
+  // OpenTelemetry
+  if (!(packageJson && /@opentelemetry|otel/i.test(packageJson))) {
+    issues.push({
+      id: "missing-opentelemetry",
+      category: "Observability",
+      severity: "medium",
+      title: "Missing OpenTelemetry",
+      description: "No OpenTelemetry setup found. Distributed tracing helps debug production issues.",
+      suggestion: "Add @opentelemetry/sdk-node and configure tracing for your application.",
+      autoFixable: false,
+      aiPrompt: "Set up OpenTelemetry for distributed tracing in my Node.js/Next.js application. Include automatic instrumentation for HTTP requests, database queries, and external API calls.",
+    });
+  }
+  // Structured logging
+  if (!(packageJson && /pino|winston|bunyan|@elastic\/ecs-pino-format/i.test(packageJson))) {
+    issues.push({
+      id: "missing-structured-logging",
+      category: "Observability",
+      severity: "high",
+      title: "Missing Structured Logging",
+      description: "No structured logging library found. console.log is hard to parse in production.",
+      suggestion: "Add pino or winston for structured JSON logging.",
+      autoFixable: false,
+      aiPrompt: "Set up structured logging using pino. Configure JSON output in production with request ID correlation, log levels, and proper error serialization. Include dev mode pretty-printing.",
+    });
+  }
+  // Metrics
+  if (!(packageJson && /prom-client|@opentelemetry\/sdk-metrics|datadog-metrics/i.test(packageJson))) {
+    issues.push({
+      id: "missing-metrics",
+      category: "Observability",
+      severity: "medium",
+      title: "Missing Metrics Collection",
+      description: "No metrics library found. You won't have visibility into application performance.",
+      suggestion: "Add prom-client or OpenTelemetry metrics for application monitoring.",
+      autoFixable: false,
+      aiPrompt: "Set up Prometheus metrics collection using prom-client. Include default metrics (CPU, memory, event loop lag) and custom business metrics.",
+    });
+  }
+  // Correlation IDs
+  const hasCorrelationId = await findFile(searchPath, /correlation|request.*id|trace.*id|x-request-id/i);
+  if (!hasCorrelationId && hasSrc) {
+    issues.push({
+      id: "missing-correlation-ids",
+      category: "Observability",
+      severity: "medium",
+      title: "Missing Request Correlation IDs",
+      description: "No correlation ID handling found. Debugging distributed requests is difficult.",
+      suggestion: "Add correlation ID middleware to trace requests across services.",
+      autoFixable: true,
+      aiPrompt: "Add request correlation ID middleware. Generate unique IDs per request, propagate in headers, include in all log output.",
+    });
+  }
+  return issues;
+};

package/bin/runners/lib/polish/performance.js ADDED Viewed

@@ -0,0 +1,64 @@
+/**
+ * Performance Polish Engine
+ *
+ * Checks: Image optimization, caching, bundle analysis.
+ */
+const path = require("path");
+const { findFile, readFileSafe } = require("./utils");
+module.exports = async function performanceEngine(projectPath) {
+  const issues = [];
+  const packageJson = await readFileSafe(path.join(projectPath, "package.json"));
+  // Image optimization
+  const nextConfig =
+    (await readFileSafe(path.join(projectPath, "next.config.js"))) ||
+    (await readFileSafe(path.join(projectPath, "next.config.mjs")));
+  const hasImageOptimization =
+    (packageJson && /sharp|next\/image|@next\/image/i.test(packageJson)) ||
+    (nextConfig && /images:/i.test(nextConfig));
+  if (!hasImageOptimization) {
+    issues.push({
+      id: "missing-image-optimization",
+      category: "Performance",
+      severity: "medium",
+      title: "Missing Image Optimization",
+      description: "No image optimization setup found. Images may be served unoptimized.",
+      suggestion: "Use Next.js Image component or sharp for image optimization.",
+      autoFixable: false,
+    });
+  }
+  // Caching
+  const hasCaching = await findFile(projectPath, /cache|stale-while-revalidate/i);
+  if (!hasCaching) {
+    issues.push({
+      id: "missing-caching",
+      category: "Performance",
+      severity: "medium",
+      title: "No Caching Strategy",
+      description: "No caching configuration found. API responses may not be cached.",
+      suggestion: "Add Cache-Control headers or use SWR/React Query for client-side caching.",
+      autoFixable: false,
+    });
+  }
+  // Bundle analyzer
+  const hasBundleAnalyzer =
+    packageJson && /@next\/bundle-analyzer|webpack-bundle-analyzer/i.test(packageJson);
+  if (!hasBundleAnalyzer) {
+    issues.push({
+      id: "missing-bundle-analyzer",
+      category: "Performance",
+      severity: "low",
+      title: "No Bundle Analyzer",
+      description: "No bundle analyzer installed. Can't visualize bundle size.",
+      suggestion: "Add @next/bundle-analyzer to track and optimize bundle size.",
+      autoFixable: false,
+    });
+  }
+  return issues;
+};

package/bin/runners/lib/polish/privacy.js ADDED Viewed

@@ -0,0 +1,110 @@
+/**
+ * Privacy Polish Engine
+ *
+ * Checks: Cookie consent, privacy policy, data export, account deletion,
+ * data retention, PII encryption.
+ */
+const path = require("path");
+const { pathExists, findFile, readFileSafe } = require("./utils");
+module.exports = async function privacyEngine(projectPath) {
+  const issues = [];
+  const packageJson = await readFileSafe(path.join(projectPath, "package.json"));
+  const srcPath = path.join(projectPath, "src");
+  const hasSrc = await pathExists(srcPath);
+  const searchPath = hasSrc ? srcPath : projectPath;
+  // Cookie consent
+  const hasCookieConsentLib =
+    packageJson && /cookie-consent|cookieconsent|react-cookie-consent|gdpr|onetrust|cookiebot/i.test(packageJson);
+  const hasCookieConsentCode = await findFile(searchPath, /cookie.*consent|gdpr.*consent|consent.*banner/i);
+  if (!hasCookieConsentLib && !hasCookieConsentCode) {
+    issues.push({
+      id: "missing-cookie-consent",
+      category: "Privacy",
+      severity: "high",
+      title: "Missing Cookie Consent",
+      description: "No cookie consent mechanism found. GDPR/CCPA compliance required.",
+      suggestion: "Add a cookie consent banner for EU/California visitors.",
+      autoFixable: false,
+      aiPrompt: "Implement GDPR-compliant cookie consent banner with categories (necessary, analytics, marketing), persist choice, only load tracking scripts after consent.",
+    });
+  }
+  // Privacy policy
+  const hasPrivacyPolicy =
+    (await pathExists(path.join(projectPath, "public", "privacy.html"))) ||
+    (await pathExists(path.join(projectPath, "public", "privacy-policy.html"))) ||
+    (await findFile(searchPath, /privacy.*policy|PrivacyPolicy/i));
+  if (!hasPrivacyPolicy) {
+    issues.push({
+      id: "missing-privacy-policy",
+      category: "Privacy",
+      severity: "high",
+      title: "Missing Privacy Policy",
+      description: "No privacy policy page found. Required by law in many jurisdictions.",
+      suggestion: "Add a privacy policy page explaining data collection and usage.",
+      autoFixable: false,
+      aiPrompt: "Create a privacy policy page covering: data collected, usage, third-party services, cookies, user rights (GDPR), and contact information.",
+    });
+  }
+  // Data export
+  if (!(await findFile(searchPath, /export.*data|download.*data|gdpr.*export|data.*portability/i))) {
+    issues.push({
+      id: "missing-data-export",
+      category: "Privacy",
+      severity: "medium",
+      title: "Missing Data Export Feature",
+      description: "No data export capability found. GDPR requires data portability.",
+      suggestion: "Add ability for users to export their data in a standard format.",
+      autoFixable: false,
+      aiPrompt: "Implement data export for GDPR compliance. Allow users to download personal data in JSON/CSV including profile, activity history, and preferences.",
+    });
+  }
+  // Account deletion
+  if (!(await findFile(searchPath, /delete.*account|account.*deletion|remove.*account|gdpr.*delete/i))) {
+    issues.push({
+      id: "missing-account-deletion",
+      category: "Privacy",
+      severity: "high",
+      title: "Missing Account Deletion",
+      description: "No account deletion feature found. GDPR requires right to erasure.",
+      suggestion: "Add ability for users to delete their account and all associated data.",
+      autoFixable: false,
+      aiPrompt: "Implement account deletion with confirmation flow, grace period, cascade deletion, and anonymization of non-deletable records.",
+    });
+  }
+  // Data retention
+  if (!(await findFile(searchPath, /retention|data.*cleanup|purge.*old|ttl.*expire/i))) {
+    issues.push({
+      id: "missing-data-retention",
+      category: "Privacy",
+      severity: "medium",
+      title: "Missing Data Retention Policy",
+      description: "No data retention/cleanup logic found. Old data should be purged.",
+      suggestion: "Implement data retention policies to automatically purge old data.",
+      autoFixable: false,
+      aiPrompt: "Implement data retention policy. Add scheduled jobs to purge old sessions, logs, and inactive accounts. Document retention periods.",
+    });
+  }
+  // PII encryption
+  if (!(await findFile(searchPath, /encrypt|crypto.*cipher|aes|bcrypt|argon2/i))) {
+    issues.push({
+      id: "missing-pii-encryption",
+      category: "Privacy",
+      severity: "high",
+      title: "Missing Data Encryption",
+      description: "No encryption utilities found. Sensitive data should be encrypted.",
+      suggestion: "Add encryption for PII at rest and ensure passwords use bcrypt/argon2.",
+      autoFixable: false,
+      aiPrompt: "Set up encryption for sensitive data. Use bcrypt/argon2 for passwords, field-level encryption for PII, proper key management.",
+    });
+  }
+  return issues;
+};