wdyt 0.1.4 → 0.1.6

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "wdyt",
-  "version": "0.1.4",
+  "version": "0.1.6",
   "type": "module",
   "description": "Code review context builder for LLMs - what do you think?",
   "license": "MIT",

package/src/commands/chat.ts

@@ -87,39 +87,112 @@ async function claudeCliAvailable(): Promise<boolean> {
 }
 
 /**
- * Run a review using Claude CLI
- * Returns the review output including verdict
+ * Quality auditor system prompt (matches flow-next's quality-auditor agent)
  */
-async function runClaudeReview(contextPath: string, prompt: string): Promise<string> {
+const QUALITY_AUDITOR_PROMPT = `You are a pragmatic code auditor. Your job is to find real risks in recent changes - fast.
+
+## Audit Strategy
+
+### 1. Quick Scan (find obvious issues fast)
+- **Secrets**: API keys, passwords, tokens in code
+- **Debug code**: console.log, debugger, TODO/FIXME
+- **Commented code**: Dead code that should be deleted
+- **Large files**: Accidentally committed binaries, logs
+
+### 2. Correctness Review
+- Does the code match the stated intent?
+- Are there off-by-one errors, wrong operators, inverted conditions?
+- Do error paths actually handle errors?
+- Are promises/async properly awaited?
+
+### 3. Security Scan
+- **Injection**: SQL, XSS, command injection vectors
+- **Auth/AuthZ**: Are permissions checked? Can they be bypassed?
+- **Data exposure**: Is sensitive data logged, leaked, or over-exposed?
+- **Dependencies**: Any known vulnerable packages added?
+
+### 4. Simplicity Check
+- Could this be simpler?
+- Is there duplicated code that should be extracted?
+- Are there unnecessary abstractions?
+- Over-engineering for hypothetical future needs?
+
+### 5. Test Coverage
+- Are new code paths tested?
+- Do tests actually assert behavior (not just run)?
+- Are edge cases from gap analysis covered?
+- Are error paths tested?
+
+### 6. Performance Red Flags
+- N+1 queries or O(n²) loops
+- Unbounded data fetching
+- Missing pagination/limits
+- Blocking operations on hot paths
+
+## Output Format
+
+\`\`\`markdown
+## Quality Audit: [Branch/Feature]
+
+### Summary
+- Files changed: N
+- Risk level: Low / Medium / High
+- Ship recommendation: ✅ Ship / ⚠️ Fix first / ❌ Major rework
+
+### Critical (MUST fix before shipping)
+- **[File:line]**: [Issue]
+  - Risk: [What could go wrong]
+  - Fix: [Specific suggestion]
+
+### Should Fix (High priority)
+- **[File:line]**: [Issue]
+  - [Brief fix suggestion]
+
+### Consider (Nice to have)
+- [Minor improvement suggestion]
+
+### Test Gaps
+- [ ] [Untested scenario]
+
+### Security Notes
+- [Any security observations]
+
+### What's Good
+- [Positive observations - patterns followed, good decisions]
+\`\`\`
+
+## Rules
+
+- Find real risks, not style nitpicks
+- Be specific: file:line + concrete fix
+- Critical = could cause outage, data loss, security breach
+- Don't block shipping for minor issues
+- Acknowledge what's done well
+- If no issues found, say so clearly`;
+
+/**
+ * Run a chat using Claude CLI
+ * Sends the prompt + context to Claude and returns the response
+ */
+async function runClaudeChat(contextPath: string, prompt: string): Promise<string> {
   // Read the context file content first
   const contextFile = Bun.file(contextPath);
   const contextContent = await contextFile.text();
 
-  const reviewPrompt = `You are reviewing code changes. Analyze the following context and provide a thorough review.
+  // Build the full prompt with quality auditor system prompt + user prompt + context
+  const fullPrompt = `${QUALITY_AUDITOR_PROMPT}
+
+## User Request
 
-Review instructions:
 ${prompt}
 
 <context>
 ${contextContent}
-</context>
-
-Analyze the code for:
-- Correctness - Logic errors, bugs, spec compliance
-- Security - Injection risks, auth gaps, data exposure
-- Simplicity - Over-engineering, unnecessary complexity
-- Edge cases - Failure modes, boundary conditions
-
-Provide findings organized by severity (Critical > Major > Minor).
-
-REQUIRED: End your review with exactly one verdict tag:
-<verdict>SHIP</verdict> - Code is production-ready
-<verdict>NEEDS_WORK</verdict> - Issues must be fixed first
-<verdict>MAJOR_RETHINK</verdict> - Fundamental problems require redesign`;
+</context>`;
 
   // Write prompt to temp file to avoid shell escaping issues
-  const tempPromptPath = join(getChatsDir(), `review-prompt-${Date.now()}.txt`);
-  await Bun.write(tempPromptPath, reviewPrompt);
+  const tempPromptPath = join(getChatsDir(), `prompt-${Date.now()}.txt`);
+  await Bun.write(tempPromptPath, fullPrompt);
 
   try {
     // Run claude CLI in print mode, reading from temp file
@@ -318,40 +391,24 @@ export async function chatSendCommand(
     const chatPath = join(chatsDir, `${chatId}.xml`);
     await Bun.write(chatPath, xmlContent);
 
-    // Check if this is a review request - if so, run Claude CLI to do the review
-    // Triggers: mode="review", WDYT_REVIEW=1 env var, or --review in message
-    const isReviewMode = payload.mode === "review" ||
-                         payload.mode === "impl-review" ||
-                         process.env.WDYT_REVIEW === "1" ||
-                         prompt.includes("[REVIEW]");
-
-    if (isReviewMode) {
-      console.error(`[wdyt] Review mode triggered (mode=${payload.mode}, env=${process.env.WDYT_REVIEW || "unset"})`);
-
-      // Check if claude CLI is available
-      if (!(await claudeCliAvailable())) {
-        return {
-          success: false,
-          error: "Review mode requires Claude CLI (claude) to be installed and in PATH",
-        };
-      }
-
-      // Run the review using Claude CLI
-      console.error("[wdyt] Running review with Claude CLI...");
-      const reviewOutput = await runClaudeReview(chatPath, prompt);
+    // Always run Claude CLI to process the chat - that's what a drop-in rp-cli replacement does
+    if (await claudeCliAvailable()) {
+      console.error("[wdyt] Processing with Claude CLI...");
+      const response = await runClaudeChat(chatPath, prompt);
 
       return {
         success: true,
-        data: { id: chatId, path: chatPath, review: reviewOutput },
-        output: `Chat: \`${chatId}\`\n\n${reviewOutput}`,
+        data: { id: chatId, path: chatPath, review: response },
+        output: `Chat: \`${chatId}\`\n\n${response}`,
       };
     }
 
-    // Return in the expected format: Chat: `<uuid>`
+    // Fallback: just return the chat ID if Claude CLI isn't available
+    console.error("[wdyt] Claude CLI not found, returning context only");
     return {
       success: true,
       data: { id: chatId, path: chatPath },
-      output: `Chat: \`${chatId}\``,
+      output: `Chat: \`${chatId}\`\n\nContext exported to: ${chatPath}\n(Install Claude CLI for automatic LLM processing)`,
     };
   } catch (error) {
     const message = error instanceof Error ? error.message : String(error);