conduct-cli 0.4.47__tar.gz → 0.4.53__tar.gz

{conduct_cli-0.4.47 → conduct_cli-0.4.53}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: conduct-cli
-Version: 0.4.47
+Version: 0.4.53
 Summary: CLI for Conduct AI — install agents, manage projects, run tests
 Author-email: Conduct AI <hello@conductai.ai>
 License: MIT

{conduct_cli-0.4.47 → conduct_cli-0.4.53}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "conduct-cli"
-version = "0.4.47"
+version = "0.4.53"
 description = "CLI for Conduct AI — install agents, manage projects, run tests"
 readme = "README.md"
 license = { text = "MIT" }

{conduct_cli-0.4.47 → conduct_cli-0.4.53}/src/conduct_cli/guard.py

@@ -107,44 +107,51 @@ def _fetch_budget_status():
         return False, None
 
 
-def _check_policy(tool_name, tool_input):
-    """Return (matched_rule, action, rule_id, message) or (None, 'allow', None, None)."""
-    if not POLICY_PATH.exists():
-        return None, "allow", None, None
-    try:
-        policy = json.loads(POLICY_PATH.read_text())
-    except Exception:
-        return None, "allow", None, None
+try:
+    from conduct_cli.guard import _check_policy
+except Exception:
+    def _check_policy(tool_name, tool_input, tokens_before=0):
+        """Return (matched_rule, action, rule_id, message) or (None, 'allow', None, None)."""
+        if not POLICY_PATH.exists():
+            return None, "allow", None, None
+        try:
+            policy = json.loads(POLICY_PATH.read_text())
+        except Exception:
+            return None, "allow", None, None
 
-    rules      = policy.get("rules", [])
-    input_text = json.dumps(tool_input)
-    path_text  = " ".join(str(tool_input.get(f, "")) for f in ["file_path", "path", "command"])
+        rules      = policy.get("rules", [])
+        input_text = json.dumps(tool_input)
+        path_fields = [str(tool_input.get(f, "")) for f in ["file_path", "path", "command"]]
 
-    for rule in rules:
-        match_tool = (rule.get("match_tool") or "*").lower()
-        if match_tool != "*":
-            if tool_name not in [t.strip() for t in match_tool.split(",")]:
-                continue
-        pattern = rule.get("match_pattern")
-        if pattern:
-            try:
-                if not re.search(pattern, input_text, re.IGNORECASE):
+        for rule in rules:
+            match_tool = (rule.get("match_tool") or "*").lower()
+            if match_tool != "*":
+                if tool_name not in [t.strip() for t in match_tool.split(",")]:
                     continue
-            except re.error:
-                continue
-        path_pattern = rule.get("match_path_pattern")
-        if path_pattern:
-            try:
-                if not re.search(path_pattern, path_text, re.IGNORECASE):
+            pattern = rule.get("match_pattern")
+            if pattern:
+                try:
+                    if not re.search(pattern, input_text, re.IGNORECASE):
+                        continue
+                except re.error:
                     continue
-            except re.error:
-                continue
-        action  = rule.get("action", "audit")
-        rule_id = rule.get("rule_id", "unknown")
-        message = rule.get("message") or f"Policy violation: {rule_id}"
-        return rule, action, rule_id, message
+            path_pattern = rule.get("match_path_pattern")
+            if path_pattern:
+                try:
+                    if not any(re.search(path_pattern, f, re.IGNORECASE) for f in path_fields if f):
+                        continue
+                except re.error:
+                    continue
+            min_tokens = rule.get("match_tokens_before_gt")
+            if min_tokens is not None:
+                if tokens_before <= int(min_tokens):
+                    continue
+            action  = rule.get("action", "audit")
+            rule_id = rule.get("rule_id", "unknown")
+            message = rule.get("message") or f"Policy violation: {rule_id}"
+            return rule, action, rule_id, message
 
-    return None, "allow", None, None
+        return None, "allow", None, None
 
 
 def _detect_ai_tool():
@@ -234,6 +241,90 @@ def _post_usage(session_id, tool_name, tokens_input, tokens_output, duration_ms)
     )
 
 
+def _maybe_emit_security_finding(tool_response, session_id, tool_name):
+    """Classify tool_response for security findings; POST to /security-findings if flag ON. Never raises."""
+    try:
+        cfg = json.loads(CONFIG_PATH.read_text()) if CONFIG_PATH.exists() else {}
+    except Exception:
+        return
+    if not cfg.get("security_emit_enabled", False):
+        return
+    workspace_id = cfg.get("workspace_id")
+    api_key = cfg.get("api_key", "")
+    api_url = cfg.get("api_url", "https://api.conductai.ai").rstrip("/")
+    if not workspace_id:
+        return
+
+    import re as _re2
+    text = str(tool_response)
+
+    # Fast-path classifier
+    SECRET_PATTERNS = [
+        (r"sk-[A-Za-z0-9]{20,}", "secret-leak", "high", "Potential OpenAI/Anthropic API key"),
+        (r"ghp_[A-Za-z0-9]{36}", "secret-leak", "high", "GitHub Personal Access Token"),
+        (r"AKIA[0-9A-Z]{16}", "secret-leak", "critical", "AWS Access Key ID"),
+        (r"Bearer\s+[A-Za-z0-9+/=]{20,}", "secret-leak", "high", "Bearer token in output"),
+        (r"""password\s*=\s*['"][^'"]{4,}""", "secret-leak", "high", "Hardcoded password"),
+        (r"""api[_-]?key\s*=\s*['"][^'"]{4,}""", "secret-leak", "high", "Hardcoded API key"),
+        (r"\.\./\.\./\.\./", "path-traversal", "medium", "Path traversal sequence"),
+        (r"file://", "path-traversal", "medium", "File URI scheme in output"),
+        (r"\beval\s*\(", "injection", "high", "eval() in output"),
+        (r"\bexec\s*\(", "injection", "high", "exec() in output"),
+        (r"\b__import__\s*\(", "injection", "high", "__import__() in output"),
+        (r"ssl\.CERT_NONE", "crypto", "high", "SSL verification disabled"),
+        (r"verify\s*=\s*False", "crypto", "medium", "TLS verification bypassed"),
+    ]
+    OWASP_KEYWORDS = [
+        ("sql injection", "injection", "high", "SQL injection mentioned in AI output"),
+        ("cross-site scripting", "injection", "high", "XSS mentioned in AI output"),
+        (" xss ", "injection", "high", "XSS mentioned in AI output"),
+        ("idor", "injection", "medium", "IDOR mentioned in AI output"),
+        ("ssrf", "injection", "high", "SSRF mentioned in AI output"),
+        ("command injection", "injection", "high", "Command injection mentioned in AI output"),
+        ("auth bypass", "auth-bypass", "high", "Auth bypass mentioned in AI output"),
+    ]
+
+    finding_type = severity = description = None
+    for pattern, ftype, sev, desc in SECRET_PATTERNS:
+        if _re2.search(pattern, text, _re2.IGNORECASE):
+            finding_type, severity, description = ftype, sev, desc
+            break
+    if not finding_type:
+        lower = text.lower()
+        for kw, ftype, sev, desc in OWASP_KEYWORDS:
+            if kw in lower:
+                finding_type, severity, description = ftype, sev, desc
+                break
+    if not finding_type:
+        return
+
+    payload = json.dumps({
+        "tool": _detect_ai_tool(),
+        "severity": severity,
+        "type": finding_type,
+        "description": description,
+        "source_run_id": session_id,
+    })
+    script = (
+        "import urllib.request\\n"
+        "try:\\n"
+        f"    req = urllib.request.Request(\\"{api_url}/security-findings\\","
+        f" data={repr(payload.encode())}, headers={{\\\"Content-Type\\\": \\\"application/json\\\","
+        f" \\\"Authorization\\\": \\\"Bearer {api_key}\\\"}}, method=\\"POST\\")\\n"
+        "    urllib.request.urlopen(req, timeout=5)\\n"
+        "except: pass\\n"
+    )
+    try:
+        subprocess.Popen(
+            [sys.executable, "-c", script],
+            stdout=subprocess.DEVNULL,
+            stderr=subprocess.DEVNULL,
+            start_new_session=True,
+        )
+    except Exception:
+        pass
+
+
 def _tail_lines(path, n=200):
     """Read last n lines of a file efficiently without loading the whole file."""
     size = path.stat().st_size
@@ -389,6 +480,14 @@ def post_usage_main():
     elif transcript_path:
         tokens_input, tokens_output = _read_tokens_from_transcript(transcript_path, tool_use_id)
         _post_usage(session_id, tool_name, tokens_input, tokens_output, None)
+        # Token-threshold policy check (PostToolUse only — tokens not known at PreToolUse)
+        _, action, rule_id, message = _check_policy(tool_name, {}, tokens_before=tokens_input)
+        if action in ("warn", "block"):
+            decision = "warned" if action == "warn" else "blocked"
+            _post_event(tool_name, {}, decision, rule_id, message, session_id=session_id)
+        # Security classifier — emit finding if flag ON
+        tool_response = data.get("tool_response") or data.get("output") or ""
+        _maybe_emit_security_finding(str(tool_response), session_id, tool_name)
 
     sys.exit(0)
 
@@ -584,6 +683,55 @@ if __name__ == "__main__":
 '''
 
 
+# ── Policy engine (also embedded in _HOOK_SCRIPT for standalone use) ──────────
+
+import json as _json
+import re as _re
+
+def _check_policy(tool_name, tool_input, tokens_before=0):
+    """Return (matched_rule, action, rule_id, message) or (None, 'allow', None, None)."""
+    if not POLICY_PATH.exists():
+        return None, "allow", None, None
+    try:
+        policy = _json.loads(POLICY_PATH.read_text())
+    except Exception:
+        return None, "allow", None, None
+
+    rules      = policy.get("rules", [])
+    input_text = _json.dumps(tool_input)
+    path_fields = [str(tool_input.get(f, "")) for f in ["file_path", "path", "command"]]
+
+    for rule in rules:
+        match_tool = (rule.get("match_tool") or "*").lower()
+        if match_tool != "*":
+            if tool_name not in [t.strip() for t in match_tool.split(",")]:
+                continue
+        pattern = rule.get("match_pattern")
+        if pattern:
+            try:
+                if not _re.search(pattern, input_text, _re.IGNORECASE):
+                    continue
+            except _re.error:
+                continue
+        path_pattern = rule.get("match_path_pattern")
+        if path_pattern:
+            try:
+                if not any(_re.search(path_pattern, f, _re.IGNORECASE) for f in path_fields if f):
+                    continue
+            except _re.error:
+                continue
+        min_tokens = rule.get("match_tokens_before_gt")
+        if min_tokens is not None:
+            if tokens_before <= int(min_tokens):
+                continue
+        action  = rule.get("action", "audit")
+        rule_id = rule.get("rule_id", "unknown")
+        message = rule.get("message") or f"Policy violation: {rule_id}"
+        return rule, action, rule_id, message
+
+    return None, "allow", None, None
+
+
 # ── Python interpreter selection ─────────────────────────────────────────────
 
 def _best_python() -> str:
@@ -669,11 +817,11 @@ def _require_guard_config() -> dict:
     cfg = _load_guard_config()
     ws = cfg.get("workspace_id")
     if not cfg or not ws:
-        print(f"{RED}Guard not connected. Run: conduct login --api-key <key>{RESET}")
-        sys.exit(1)
+        print(f"{RED}Guard not connected. Run: conduct login --api-key <key>{RESET}", file=sys.stderr)
+        sys.exit(0)
     if not cfg.get("api_key"):
-        print(f"{RED}Guard config is missing API key. Re-run: conduct login --api-key <key>{RESET}")
-        sys.exit(1)
+        print(f"{RED}Guard config is missing API key. Re-run: conduct login --api-key <key>{RESET}", file=sys.stderr)
+        sys.exit(0)
     return cfg
 
 
@@ -955,15 +1103,27 @@ def cmd_guard_install(args):
     user_email     = result.get("user_email") or ""
     clerk_user_id  = result.get("clerk_user_id") or ""
 
+    # Check if Security Loop module is installed for this workspace
+    security_emit = False
+    try:
+        sec = _req("GET", f"{server}/secure/installed?workspace_id={workspace_id}", api_key=api_key)
+        if sec.get("installed"):
+            security_emit = True
+    except Exception:
+        pass
+
     # Persist guard config — include api_key so CLI commands can authenticate
     _save_guard_config({
-        "workspace_id":  workspace_id,
-        "member_token":  member_token,
-        "user_email":    user_email,
-        "clerk_user_id": clerk_user_id,
-        "api_key":       api_key,
-        "api_url":       server,
+        "workspace_id":          workspace_id,
+        "member_token":          member_token,
+        "user_email":            user_email,
+        "clerk_user_id":         clerk_user_id,
+        "api_key":               api_key,
+        "api_url":               server,
+        "security_emit_enabled": security_emit,
     })
+    if security_emit:
+        print(f"  {GREEN}Security Loop:{RESET} installed — classifier active")
 
     # Download policies
     try:
@@ -1184,15 +1344,35 @@ def cmd_guard_sync(args):
 
     print(f"Syncing policy…")
 
-    policy = _req(
-        "GET",
-        f"{base_url}/guard/policies/sync?workspace_id={workspace_id}",
-        api_key=api_key,
-    )
+    try:
+        policy = _req(
+            "GET",
+            f"{base_url}/guard/policies/sync?workspace_id={workspace_id}",
+            api_key=api_key,
+        )
+    except Exception as e:
+        print(f"Guard sync skipped: {e}", file=sys.stderr)
+        sys.exit(0)
     _save_policy(policy)
     rule_count = len(policy.get("rules", []))
     print(f"  {GREEN}Policy refreshed:{RESET} {rule_count} rule(s)")
 
+    # Re-check Security Loop install status
+    try:
+        sec = _req("GET", f"{base_url}/secure/installed?workspace_id={workspace_id}", api_key=api_key)
+        cfg["security_emit_enabled"] = bool(sec.get("installed"))
+        _save_guard_config(cfg)
+        if sec.get("installed"):
+            print(f"  {GREEN}Security Loop:{RESET} installed — classifier active")
+            try:
+                policies = _req("GET", f"{base_url}/secure/policies?workspace_id={workspace_id}", api_key=api_key)
+                policy_count = len(policies) if isinstance(policies, list) else 0
+                print(f"  {GREEN}Security Loop policies:{RESET} {policy_count} rule(s) synced")
+            except Exception:
+                pass
+    except Exception:
+        pass
+
     # Refresh hook script + re-register in all tools
     hook_path = GUARD_DIR / "hook.py"
     _write_hook(hook_path)
@@ -1391,6 +1571,46 @@ def cmd_guard_status(args):
     print()
 
 
+def cmd_guard_savings(args):
+    cfg          = _require_guard_config()
+    workspace_id = cfg.get("workspace_id")
+    api_key      = cfg.get("api_key", "")
+    base_url     = _api_url(cfg)
+
+    try:
+        data = _req(
+            "GET",
+            f"{base_url}/guard/savings/team-summary?workspace_id={workspace_id}",
+            api_key=api_key,
+        )
+    except Exception:
+        print(f"{RED}Failed to fetch team savings.{RESET}")
+        return
+    if not isinstance(data, dict):
+        print(f"{RED}Failed to fetch team savings.{RESET}")
+        return
+
+    dev_count   = data.get("developer_count", 0)
+    total_tok   = data.get("total_tokens_saved", 0)
+    per_day     = data.get("per_day_usd", 0.0)
+    per_month   = data.get("per_month_usd", 0.0)
+    per_year    = data.get("per_year_usd", 0.0)
+    tools       = data.get("tools_installed", [])
+    avg_tok     = total_tok // dev_count if dev_count else 0
+    avg_day_usd = round(per_day / dev_count, 2) if dev_count else 0.0
+
+    print()
+    print(f"{BOLD}Team Token Savings{RESET}  ({dev_count} developer{'s' if dev_count != 1 else ''})")
+    print("─" * 52)
+    print(f"  Total tokens saved:    {total_tok:>14,}")
+    print(f"  Estimated savings:     ${per_day:>8.2f}/day  ·  ${per_month:,.0f}/month  ·  ${per_year:,.0f}/year")
+    if dev_count:
+        print(f"  Avg per developer:     {avg_tok:>14,} tokens  ·  ${avg_day_usd:.2f}/day")
+    if tools:
+        print(f"  Tools contributing:    {', '.join(tools)}")
+    print()
+
+
 def cmd_guard_audit(args):
     cfg          = _require_guard_config()
     workspace_id = cfg.get("workspace_id")
@@ -1468,6 +1688,9 @@ def register_guard_parser(sub):
     # conduct guard status
     guard_sub.add_parser("status", help="Show today's spend and violations")
 
+    # conduct guard savings --team
+    guard_sub.add_parser("savings", help="Show org-level token savings across all developers")
+
     # conduct guard audit [--since 7d]
     audit_p = guard_sub.add_parser("audit", help="Show recent guard events")
     audit_p.add_argument(
@@ -1487,6 +1710,8 @@ def dispatch_guard(args, guard_p):
         cmd_guard_sync(args)
     elif guard_command == "status":
         cmd_guard_status(args)
+    elif guard_command == "savings":
+        cmd_guard_savings(args)
     elif guard_command == "audit":
         cmd_guard_audit(args)
     else:

{conduct_cli-0.4.47 → conduct_cli-0.4.53}/src/conduct_cli/main.py

@@ -1198,22 +1198,36 @@ _ALL_SLUGS = [
     "security_scanner",
     "security_patch_updater",
     "smoke_test",
+    "flaky_test_detective",
+    "release_readiness",
+    "postmortem_drafter",
+    "docs_drift_detector",
+    "terraform_reviewer",
+    "thirdparty_autopilot_fix",
+    "factory",
 ]
 
 _FRIENDLY_NAMES = {
-    "autopilot_quick":        "Autopilot Quick",
-    "autopilot_full":         "Autopilot Full",
-    "autopilot_approved":     "Autopilot + Approval",
-    "pr_reviewer":            "PR Reviewer",
-    "ci_notify":              "CI Failure Alert",
-    "incident_responder":     "Incident Responder",
-    "dependency_updater":     "Dependency Updater",
-    "release_notes":          "Release Notes",
-    "issue_triage":           "Issue Triage",
-    "copilot_reviewer":       "Copilot / AI PR Reviewer",
-    "security_scanner":       "Security Scanner",
-    "security_patch_updater": "Security Patch Updater",
-    "smoke_test":             "Smoke Test",
+    "autopilot_quick":          "Autopilot Quick",
+    "autopilot_full":           "Autopilot Full",
+    "autopilot_approved":       "Autopilot + Approval",
+    "pr_reviewer":              "PR Reviewer",
+    "ci_notify":                "CI Failure Alert",
+    "incident_responder":       "Incident Responder",
+    "dependency_updater":       "Dependency Updater",
+    "release_notes":            "Release Notes",
+    "issue_triage":             "Issue Triage",
+    "copilot_reviewer":         "Copilot / AI PR Reviewer",
+    "security_scanner":         "Security Scanner",
+    "security_patch_updater":   "Security Patch Updater",
+    "smoke_test":               "Smoke Test",
+    "flaky_test_detective":     "Flaky Test Detective",
+    "release_readiness":        "Release Readiness Reviewer",
+    "postmortem_drafter":       "Postmortem Drafter",
+    "docs_drift_detector":      "Docs Drift Detector",
+    "terraform_reviewer":       "Terraform Plan Reviewer",
+    "thirdparty_autopilot_fix": "Third-Party Autopilot Fix",
+    "factory":                  "Factory",
 }
 
 
@@ -2051,6 +2065,107 @@ def cmd_sessions(args):
     print(_render_table(rows))
 
 
+# ── Security finding classifier ───────────────────────────────────────────────
+
+import re as _re
+
+_SEVERITY_KEYWORDS = {
+    "critical": ["rce", "remote code execution", "sql injection", "sqli", "command injection"],
+    "high": ["xss", "cross-site", "path traversal", "directory traversal", "auth bypass",
+             "authentication bypass", "idor", "privilege escalation", "ssrf"],
+    "medium": ["csrf", "open redirect", "clickjacking", "insecure deserialization", "xxe"],
+    "low": ["information disclosure", "verbose error", "stack trace exposed", "version disclosure"],
+    "info": ["todo security", "fixme security", "hardcoded", "weak cipher"],
+}
+
+_SECRET_PATTERNS = [
+    r'(?i)(api[_-]?key|secret|password|token|private[_-]?key)\s*[:=]\s*["\']?[\w\-]{8,}',
+    r'(?i)sk-[a-zA-Z0-9]{20,}',   # OpenAI key pattern
+    r'(?i)ghp_[a-zA-Z0-9]{36}',   # GitHub PAT
+]
+
+_VULN_TYPES = {
+    "injection": ["sql injection", "sqli", "command injection", "code injection", "ldap injection"],
+    "path-traversal": ["path traversal", "directory traversal", "../"],
+    "secret-leak": ["hardcoded", "secret", "api key", "password", "token", "private key"],
+    "auth-bypass": ["auth bypass", "authentication bypass", "idor", "privilege escalation"],
+    "crypto": ["weak cipher", "md5", "sha1", "tls 1.0", "ssl 2.0", "cert_none"],
+}
+
+
+def classify_finding(text: str) -> "dict | None":
+    """
+    Fast-path classifier. Returns structured finding dict or None if not a security issue.
+    Checks secret patterns first (regex), then keyword severity matching.
+    """
+    text_lower = text.lower()
+
+    # Secret detection (regex fast path)
+    for pattern in _SECRET_PATTERNS:
+        if _re.search(pattern, text):
+            return {
+                "severity": "high",
+                "type": "secret-leak",
+                "description": text[:500],
+            }
+
+    # Severity + type matching
+    for severity, keywords in _SEVERITY_KEYWORDS.items():
+        for kw in keywords:
+            if kw in text_lower:
+                vuln_type = "other"
+                for vtype, vkws in _VULN_TYPES.items():
+                    if any(vk in text_lower for vk in vkws):
+                        vuln_type = vtype
+                        break
+                return {
+                    "severity": severity,
+                    "type": vuln_type,
+                    "description": text[:500],
+                }
+    return None
+
+
+def cmd_emit_finding(args):
+    """POST a security finding to /security-findings."""
+    server, workspace_id, api_key, token = _require_auth(args)
+    hdrs = api.headers(workspace_id, token, "application/json", api_key)
+
+    from_stdin = getattr(args, "from_stdin", False)
+
+    if from_stdin:
+        raw = sys.stdin.read()
+        result = classify_finding(raw)
+        if result is None:
+            print("No security finding detected")
+            sys.exit(0)
+        severity    = result["severity"]
+        vuln_type   = result["type"]
+        description = result["description"]
+    else:
+        severity    = args.severity
+        vuln_type   = args.type
+        description = args.description
+
+    payload: dict = {
+        "severity":    severity,
+        "type":        vuln_type,
+        "description": description,
+    }
+    if getattr(args, "file", None):
+        payload["file"] = args.file
+    if getattr(args, "line", None) is not None:
+        payload["line"] = args.line
+    if getattr(args, "repo", None):
+        payload["repo"] = args.repo
+
+    result = api.req("POST", f"{server}/security-findings", hdrs, payload)
+    finding_id = result.get("id", result.get("finding_id", ""))
+    print(f"[FINDING] {severity} · {vuln_type} · {finding_id}")
+    if finding_id:
+        print(finding_id)
+
+
 def cmd_run(args):
     server, workspace_id, api_key, token = _require_auth(args)
     json_h = api.headers(workspace_id, token, "application/json", api_key)
@@ -2089,13 +2204,13 @@ def cmd_run(args):
             print(f"  {GRAY}{k}={v}{RESET}")
     print()
 
-    body: dict = {
-        "triggered_by": "cli",
-        "initial_state": {"__manual": True, "inputs": initial_state},
-    }
+    # Call the test-trigger endpoint so the YAML's built-in test_trigger.payload
+    # (PR fixture, issue fixture, etc.) is loaded and the configured repo is
+    # injected — instead of running with an empty trigger context.
+    body: dict = {**initial_state}
     if getattr(args, "max_turns", None):
-        body["max_turns"] = args.max_turns
-    run = api.req("POST", f"{server}/workflows/{workflow_id}/runs", json_h, body)
+        body["__max_turns"] = args.max_turns
+    run = api.req("POST", f"{server}/workflows/{workflow_id}/trigger", json_h, body)
     _stream_run(server, workflow_id, run["id"], workspace_id, token, api_key)
 
 
@@ -2198,6 +2313,22 @@ def main():
     ia_p.add_argument("--input",    action="append", metavar="key=value",
                       help="Input value applied to all playbooks (repeatable)")
 
+    # conduct emit finding
+    emit_p = sub.add_parser("emit", help="Emit events to Conduct (e.g. security findings)")
+    emit_sub = emit_p.add_subparsers(dest="emit_command")
+
+    finding_p = emit_sub.add_parser("finding", help="Emit a security finding to POST /security-findings")
+    finding_p.add_argument("--severity",    choices=["critical", "high", "medium", "low", "info"],
+                           help="Finding severity")
+    finding_p.add_argument("--type",        dest="type",        metavar="TYPE",
+                           help="Vulnerability type (e.g. secret-leak, injection, path-traversal)")
+    finding_p.add_argument("--file",        metavar="PATH",     help="Source file path where finding was detected")
+    finding_p.add_argument("--line",        type=int,           metavar="N",    help="Line number of finding")
+    finding_p.add_argument("--description", metavar="TEXT",     help="Human-readable description of the finding")
+    finding_p.add_argument("--repo",        metavar="owner/repo", help="Repository where finding was detected")
+    finding_p.add_argument("--from-stdin",  dest="from_stdin",  action="store_true",
+                           help="Read raw tool output from stdin and auto-classify the finding")
+
     # conduct run (existing)
     run_p = sub.add_parser("run", help="Run an installed agent by name")
     run_p.add_argument("agent",       help="Agent name (e.g. 'security_autopilot_fix')")
@@ -2277,6 +2408,16 @@ def main():
         cmd_sessions(args)
     elif args.command == "guard":
         _guard.dispatch_guard(args, guard_p)
+    elif args.command == "emit":
+        emit_command = getattr(args, "emit_command", None)
+        if emit_command == "finding":
+            from_stdin = getattr(args, "from_stdin", False)
+            if not from_stdin and not (args.severity and args.type and args.description):
+                finding_p.print_help()
+                sys.exit(1)
+            cmd_emit_finding(args)
+        else:
+            emit_p.print_help()
     elif args.command == "mcp":
         if getattr(args, "mcp_command", None) == "install":
             cmd_mcp_install(args)

{conduct_cli-0.4.47 → conduct_cli-0.4.53}/src/conduct_cli.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: conduct-cli
-Version: 0.4.47
+Version: 0.4.53
 Summary: CLI for Conduct AI — install agents, manage projects, run tests
 Author-email: Conduct AI <hello@conductai.ai>
 License: MIT

{conduct_cli-0.4.47 → conduct_cli-0.4.53}/src/conduct_cli.egg-info/SOURCES.txt

@@ -13,4 +13,6 @@ src/conduct_cli.egg-info/dependency_links.txt
 src/conduct_cli.egg-info/entry_points.txt
 src/conduct_cli.egg-info/requires.txt
 src/conduct_cli.egg-info/top_level.txt
+tests/test_guard_policy.py
+tests/test_guard_savings.py
 tests/test_switch.py

conduct_cli-0.4.53/tests/test_guard_policy.py

@@ -0,0 +1,388 @@
+"""
+Tests for conduct_cli.guard._check_policy
+
+Covers:
+  - No policy file → allow
+  - match_tool: wildcard, exact, comma-separated, no-match
+  - match_pattern: hit, miss, invalid regex
+  - match_path_pattern: hit, miss
+  - match_tokens_before_gt: above threshold, at threshold, below threshold
+  - action pass-through (block, warn, audit, approval)
+  - First-match-wins ordering
+  - Builtin policy rules from builtin_policies.yaml
+"""
+from __future__ import annotations
+
+import json
+import sys
+from pathlib import Path
+
+import pytest
+
+# ── ensure conduct_cli is importable ─────────────────────────────────────────
+CONDUCT_CLI_SRC = Path(__file__).resolve().parent.parent / "src"
+if str(CONDUCT_CLI_SRC) not in sys.path:
+    sys.path.insert(0, str(CONDUCT_CLI_SRC))
+
+import conduct_cli.guard as guard_mod
+from conduct_cli.guard import _check_policy, POLICY_PATH
+
+BUILTIN_POLICIES_YAML = (
+    Path(__file__).resolve().parents[3]
+    / "apps/api/app/modules/guard/builtin_policies.yaml"
+)
+
+
+# ── helpers ───────────────────────────────────────────────────────────────────
+
+def _write_policy(tmp_path: Path, rules: list[dict]) -> Path:
+    p = tmp_path / "policy.json"
+    p.write_text(json.dumps({"version": "test", "rules": rules}))
+    return p
+
+
+def _rule(**kw) -> dict:
+    return {
+        "rule_id": kw.get("rule_id", "test-rule"),
+        "match_tool": kw.get("match_tool", "*"),
+        "match_pattern": kw.get("match_pattern", None),
+        "match_path_pattern": kw.get("match_path_pattern", None),
+        "action": kw.get("action", "block"),
+        "message": kw.get("message", "Test violation"),
+        **{k: v for k, v in kw.items()
+           if k not in ("rule_id", "match_tool", "match_pattern",
+                        "match_path_pattern", "action", "message")},
+    }
+
+
+@pytest.fixture()
+def policy_path(tmp_path, monkeypatch):
+    """Returns a factory; call it with rules to write policy and patch the path."""
+    def _make(rules):
+        p = _write_policy(tmp_path, rules)
+        monkeypatch.setattr(guard_mod, "POLICY_PATH", p)
+        return p
+    return _make
+
+
+@pytest.fixture()
+def no_policy(tmp_path, monkeypatch):
+    """Point POLICY_PATH at a non-existent file."""
+    p = tmp_path / "missing.json"
+    monkeypatch.setattr(guard_mod, "POLICY_PATH", p)
+
+
+# ── no policy file ────────────────────────────────────────────────────────────
+
+class TestNoPolicyFile:
+    def test_allow_when_file_missing(self, no_policy):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "ls"})
+        assert action == "allow"
+        assert rule_id is None
+
+    def test_allow_when_file_corrupt(self, tmp_path, monkeypatch):
+        p = tmp_path / "policy.json"
+        p.write_text("not json {{{{")
+        monkeypatch.setattr(guard_mod, "POLICY_PATH", p)
+        _, action, _, _ = _check_policy("bash", {"command": "ls"})
+        assert action == "allow"
+
+
+# ── match_tool ────────────────────────────────────────────────────────────────
+
+class TestMatchTool:
+    def test_wildcard_matches_any_tool(self, policy_path):
+        policy_path([_rule(match_tool="*", action="warn")])
+        _, action, _, _ = _check_policy("bash", {})
+        assert action == "warn"
+
+    def test_exact_tool_match(self, policy_path):
+        policy_path([_rule(match_tool="bash", action="warn")])
+        _, action, _, _ = _check_policy("bash", {})
+        assert action == "warn"
+
+    def test_exact_tool_no_match(self, policy_path):
+        policy_path([_rule(match_tool="edit", action="block")])
+        _, action, _, _ = _check_policy("bash", {})
+        assert action == "allow"
+
+    def test_comma_separated_includes_tool(self, policy_path):
+        policy_path([_rule(match_tool="bash,edit,write", action="warn")])
+        _, action, _, _ = _check_policy("edit", {})
+        assert action == "warn"
+
+    def test_comma_separated_excludes_tool(self, policy_path):
+        policy_path([_rule(match_tool="bash,edit,write", action="warn")])
+        _, action, _, _ = _check_policy("read", {})
+        assert action == "allow"
+
+    def test_tool_name_case_insensitive(self, policy_path):
+        policy_path([_rule(match_tool="Bash", action="warn")])
+        _, action, _, _ = _check_policy("bash", {})
+        assert action == "warn"
+
+
+# ── match_pattern ─────────────────────────────────────────────────────────────
+
+class TestMatchPattern:
+    def test_pattern_hit(self, policy_path):
+        policy_path([_rule(match_pattern=r"rm\s+-rf", action="block")])
+        _, action, _, _ = _check_policy("bash", {"command": "rm -rf /tmp/foo"})
+        assert action == "block"
+
+    def test_pattern_miss(self, policy_path):
+        policy_path([_rule(match_pattern=r"DROP TABLE", action="block")])
+        _, action, _, _ = _check_policy("bash", {"command": "select * from users"})
+        assert action == "allow"
+
+    def test_pattern_case_insensitive(self, policy_path):
+        policy_path([_rule(match_pattern=r"drop table", action="block")])
+        _, action, _, _ = _check_policy("bash", {"command": "DROP TABLE users;"})
+        assert action == "block"
+
+    def test_invalid_regex_skips_rule(self, policy_path):
+        policy_path([_rule(match_pattern=r"[invalid(", action="block")])
+        _, action, _, _ = _check_policy("bash", {"command": "anything"})
+        assert action == "allow"
+
+    def test_pattern_searches_full_input_json(self, policy_path):
+        policy_path([_rule(match_pattern=r"secret_value", action="warn")])
+        _, action, _, _ = _check_policy("write", {"content": "secret_value = 'abc'"})
+        assert action == "warn"
+
+
+# ── match_path_pattern ────────────────────────────────────────────────────────
+
+class TestMatchPathPattern:
+    def test_path_hit_via_file_path(self, policy_path):
+        policy_path([_rule(match_path_pattern=r"\.(pem|key)$", action="block")])
+        _, action, _, _ = _check_policy("write", {"file_path": "/project/id_rsa.key"})
+        assert action == "block"
+
+    def test_path_hit_via_path_field(self, policy_path):
+        policy_path([_rule(match_path_pattern=r"\.env$", action="block")])
+        _, action, _, _ = _check_policy("edit", {"path": "/project/.env"})
+        assert action == "block"
+
+    def test_path_miss(self, policy_path):
+        policy_path([_rule(match_path_pattern=r"\.env$", action="block")])
+        _, action, _, _ = _check_policy("edit", {"file_path": "/project/app.py"})
+        assert action == "allow"
+
+    def test_invalid_path_regex_skips(self, policy_path):
+        policy_path([_rule(match_path_pattern=r"[bad(", action="block")])
+        _, action, _, _ = _check_policy("write", {"file_path": "/any/file.py"})
+        assert action == "allow"
+
+
+# ── match_tokens_before_gt ────────────────────────────────────────────────────
+
+class TestMatchTokensBeforeGt:
+    def test_above_threshold_fires(self, policy_path):
+        policy_path([_rule(match_tokens_before_gt=50000, action="warn")])
+        _, action, _, _ = _check_policy("bash", {}, tokens_before=60000)
+        assert action == "warn"
+
+    def test_at_threshold_does_not_fire(self, policy_path):
+        policy_path([_rule(match_tokens_before_gt=50000, action="warn")])
+        _, action, _, _ = _check_policy("bash", {}, tokens_before=50000)
+        assert action == "allow"
+
+    def test_below_threshold_does_not_fire(self, policy_path):
+        policy_path([_rule(match_tokens_before_gt=50000, action="warn")])
+        _, action, _, _ = _check_policy("bash", {}, tokens_before=10000)
+        assert action == "allow"
+
+    def test_no_threshold_field_ignores_tokens(self, policy_path):
+        policy_path([_rule(match_tool="*", action="warn")])
+        _, action, _, _ = _check_policy("bash", {}, tokens_before=999999)
+        assert action == "warn"
+
+    def test_threshold_string_value_coerced(self, policy_path):
+        policy_path([_rule(match_tokens_before_gt="50000", action="warn")])
+        _, action, _, _ = _check_policy("bash", {}, tokens_before=60000)
+        assert action == "warn"
+
+
+# ── actions and return values ─────────────────────────────────────────────────
+
+class TestReturnValues:
+    def test_rule_id_returned(self, policy_path):
+        policy_path([_rule(rule_id="no-rm-rf", action="block")])
+        _, action, rule_id, _ = _check_policy("bash", {})
+        assert rule_id == "no-rm-rf"
+
+    def test_message_returned(self, policy_path):
+        policy_path([_rule(action="block", message="Custom message")])
+        _, _, _, msg = _check_policy("bash", {})
+        assert msg == "Custom message"
+
+    def test_action_block(self, policy_path):
+        policy_path([_rule(action="block")])
+        _, action, _, _ = _check_policy("bash", {})
+        assert action == "block"
+
+    def test_action_warn(self, policy_path):
+        policy_path([_rule(action="warn")])
+        _, action, _, _ = _check_policy("bash", {})
+        assert action == "warn"
+
+    def test_action_audit(self, policy_path):
+        policy_path([_rule(action="audit")])
+        _, action, _, _ = _check_policy("bash", {})
+        assert action == "audit"
+
+    def test_action_approval(self, policy_path):
+        policy_path([_rule(action="approval")])
+        _, action, _, _ = _check_policy("bash", {})
+        assert action == "approval"
+
+    def test_first_match_wins(self, policy_path):
+        policy_path([
+            _rule(rule_id="first", match_pattern=r"secret", action="block"),
+            _rule(rule_id="second", match_pattern=r"secret", action="warn"),
+        ])
+        _, action, rule_id, _ = _check_policy("bash", {"cmd": "secret"})
+        assert action == "block"
+        assert rule_id == "first"
+
+    def test_allow_returns_none_rule(self, policy_path):
+        policy_path([_rule(match_pattern=r"no-match-ever-xyz", action="block")])
+        rule, action, rule_id, msg = _check_policy("bash", {})
+        assert rule is None
+        assert action == "allow"
+        assert rule_id is None
+        assert msg is None
+
+
+# ── builtin policies integration ──────────────────────────────────────────────
+
+@pytest.fixture(scope="module")
+def builtin_rules():
+    """Load rules from builtin_policies.yaml (requires PyYAML)."""
+    pytest.importorskip("yaml")
+    import yaml  # noqa: PLC0415
+
+    if not BUILTIN_POLICIES_YAML.exists():
+        pytest.skip(f"builtin_policies.yaml not found at {BUILTIN_POLICIES_YAML}")
+    return yaml.safe_load(BUILTIN_POLICIES_YAML.read_text())
+
+
+@pytest.fixture()
+def builtin_policy_path(tmp_path, monkeypatch, builtin_rules):
+    p = tmp_path / "policy.json"
+    p.write_text(json.dumps({"version": "builtin", "rules": builtin_rules}))
+    monkeypatch.setattr(guard_mod, "POLICY_PATH", p)
+
+
+class TestBuiltinPolicies:
+    # ── Destructive ───────────────────────────────────────────────────────────
+    def test_no_rm_rf_blocks(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "rm -rf /tmp/test"})
+        assert action == "block"
+        assert rule_id == "no-rm-rf"
+
+    def test_no_rm_rf_misses_plain_rm(self, builtin_policy_path):
+        _, _, rule_id, _ = _check_policy("bash", {"command": "rm file.txt"})
+        assert rule_id != "no-rm-rf"
+
+    def test_no_git_reset_hard_blocks(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "git reset --hard HEAD~1"})
+        assert action == "block"
+        assert rule_id == "no-git-reset-hard"
+
+    def test_no_force_push_blocks(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "git push --force origin main"})
+        assert action == "block"
+        assert rule_id == "no-force-push"
+
+    def test_no_force_push_short_flag(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "git push -f origin main"})
+        assert action == "block"
+        assert rule_id == "no-force-push"
+
+    def test_no_drop_table_blocks(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "DROP TABLE users;"})
+        assert action == "block"
+        assert rule_id == "no-drop-table"
+
+    # ── Permissions ───────────────────────────────────────────────────────────
+    def test_no_sudo_blocks(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "sudo apt-get install pkg"})
+        assert action == "block"
+        assert rule_id == "no-sudo"
+
+    def test_no_chmod_777_warns(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "chmod 777 /etc/passwd"})
+        assert action == "warn"
+        assert rule_id == "no-chmod-permissive"
+
+    # ── Secrets ───────────────────────────────────────────────────────────────
+    def test_no_env_commits_blocks(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "git add .env && git commit -m fix"})
+        assert action == "block"
+        assert rule_id == "no-env-commits"
+
+    def test_no_hardcoded_secrets_warns(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy(
+            "write",
+            {"content": "API_KEY='Abc123XyzLong456AbcXyz789'"},
+        )
+        assert action == "warn"
+        assert rule_id == "no-hardcoded-secrets"
+
+    def test_no_private_key_files_blocks(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("write", {"file_path": "/project/server.pem"})
+        assert action == "block"
+        assert rule_id == "no-private-key-files"
+
+    # ── Production gates ──────────────────────────────────────────────────────
+    def test_approve_prod_deploy(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "deploy to production"})
+        assert action == "approval"
+        assert rule_id == "approve-prod-deploy"
+
+    def test_approve_db_migration(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "alembic upgrade head"})
+        assert action == "approval"
+        assert rule_id == "approve-db-migration-prod"
+
+    # ── Token efficiency ──────────────────────────────────────────────────────
+    def test_warn_deterministic_compute_sort_uniq(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "sort users.csv | uniq -c"})
+        assert action == "warn"
+        assert rule_id == "warn-deterministic-compute"
+
+    def test_warn_deterministic_compute_grep_count(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "grep -c 'ERROR' app.log"})
+        assert action == "warn"
+        assert rule_id == "warn-deterministic-compute"
+
+    def test_warn_deterministic_compute_wc_l(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "cat data.txt | wc -l"})
+        assert action == "warn"
+        assert rule_id == "warn-deterministic-compute"
+
+    def test_warn_deterministic_compute_python_oneliner(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "python -c 'print(sum([1,2,3]))'"}  )
+        assert action == "warn"
+        assert rule_id == "warn-deterministic-compute"
+
+    def test_warn_deterministic_compute_no_false_positive(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {"command": "git status"})
+        assert rule_id != "warn-deterministic-compute"
+
+    def test_warn_large_context_above_threshold(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {}, tokens_before=60000)
+        assert action == "warn"
+        assert rule_id == "warn-large-context-dump"
+
+    def test_warn_large_context_at_threshold_does_not_fire(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {}, tokens_before=50000)
+        assert rule_id != "warn-large-context-dump"
+
+    def test_warn_large_context_below_threshold_does_not_fire(self, builtin_policy_path):
+        _, action, rule_id, _ = _check_policy("bash", {}, tokens_before=1000)
+        assert rule_id != "warn-large-context-dump"
+
+

conduct_cli-0.4.53/tests/test_guard_savings.py

@@ -0,0 +1,195 @@
+"""
+Tests for `conduct guard savings` CLI command (cmd_guard_savings).
+
+Mocks _req and _require_guard_config to avoid real network calls.
+Verifies output formatting for various API response shapes.
+"""
+from __future__ import annotations
+
+import sys
+import types
+from pathlib import Path
+from unittest.mock import MagicMock, patch
+
+import pytest
+
+# Ensure conduct_cli package is importable
+HERE = Path(__file__).resolve()
+CLI_PKG = HERE.parent.parent / "src"
+if str(CLI_PKG) not in sys.path:
+    sys.path.insert(0, str(CLI_PKG))
+
+
+def _args():
+    return types.SimpleNamespace()
+
+
+_FAKE_CFG = {
+    "workspace_id": "ws-abc-123",
+    "api_key": "cond_live_test",
+    "api_url": "https://api.example.com",
+}
+
+_TEAM_RESPONSE = {
+    "workspace_id": "ws-abc-123",
+    "developer_count": 2,
+    "total_tokens_saved": 1_500_000,
+    "total_cost_saved_usd": 8.1,
+    "per_day_usd": 8.10,
+    "per_month_usd": 243.00,
+    "per_year_usd": 2956.50,
+    "tools_installed": ["rtk", "booster"],
+}
+
+
+@pytest.fixture(autouse=True)
+def patch_config_and_url(monkeypatch):
+    """Patch _require_guard_config and _api_url for all tests in this module."""
+    import conduct_cli.guard as g
+    monkeypatch.setattr(g, "_require_guard_config", lambda: _FAKE_CFG)
+    monkeypatch.setattr(g, "_api_url", lambda cfg: cfg.get("api_url", ""))
+
+
+class TestCmdGuardSavingsOutput:
+    def test_prints_team_header(self, capsys):
+        import conduct_cli.guard as g
+        with patch.object(g, "_req", return_value=_TEAM_RESPONSE):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "Team Token Savings" in out
+
+    def test_prints_developer_count(self, capsys):
+        import conduct_cli.guard as g
+        with patch.object(g, "_req", return_value=_TEAM_RESPONSE):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "2 developer" in out
+
+    def test_prints_total_tokens_formatted(self, capsys):
+        import conduct_cli.guard as g
+        with patch.object(g, "_req", return_value=_TEAM_RESPONSE):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        # 1_500_000 formatted with commas
+        assert "1,500,000" in out
+
+    def test_prints_per_day_amount(self, capsys):
+        import conduct_cli.guard as g
+        with patch.object(g, "_req", return_value=_TEAM_RESPONSE):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "8.10" in out
+        assert "/day" in out
+
+    def test_prints_per_month_amount(self, capsys):
+        import conduct_cli.guard as g
+        with patch.object(g, "_req", return_value=_TEAM_RESPONSE):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "243" in out
+        assert "/month" in out
+
+    def test_prints_per_year_amount(self, capsys):
+        import conduct_cli.guard as g
+        with patch.object(g, "_req", return_value=_TEAM_RESPONSE):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "2,956" in out or "2957" in out
+        assert "/year" in out
+
+    def test_prints_tools_contributing(self, capsys):
+        import conduct_cli.guard as g
+        with patch.object(g, "_req", return_value=_TEAM_RESPONSE):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "rtk" in out
+        assert "booster" in out
+
+    def test_prints_avg_per_developer(self, capsys):
+        import conduct_cli.guard as g
+        with patch.object(g, "_req", return_value=_TEAM_RESPONSE):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "Avg per developer" in out
+        # 1_500_000 // 2 = 750_000
+        assert "750,000" in out
+
+
+class TestCmdGuardSavingsZeroDevelopers:
+    def test_zero_developer_count(self, capsys):
+        import conduct_cli.guard as g
+        resp = dict(_TEAM_RESPONSE, developer_count=0, total_tokens_saved=0, per_day_usd=0.0, per_month_usd=0.0, per_year_usd=0.0)
+        with patch.object(g, "_req", return_value=resp):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "Team Token Savings" in out
+        assert "0 developer" in out
+
+    def test_no_avg_line_when_no_developers(self, capsys):
+        import conduct_cli.guard as g
+        resp = dict(_TEAM_RESPONSE, developer_count=0, total_tokens_saved=0, per_day_usd=0.0)
+        with patch.object(g, "_req", return_value=resp):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "Avg per developer" not in out
+
+    def test_no_tools_line_when_empty(self, capsys):
+        import conduct_cli.guard as g
+        resp = dict(_TEAM_RESPONSE, developer_count=0, tools_installed=[])
+        with patch.object(g, "_req", return_value=resp):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "Tools contributing" not in out
+
+
+class TestCmdGuardSavingsToolsFilter:
+    def test_rtk_only_tools(self, capsys):
+        import conduct_cli.guard as g
+        resp = dict(_TEAM_RESPONSE, tools_installed=["rtk"])
+        with patch.object(g, "_req", return_value=resp):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "rtk" in out
+        assert "booster" not in out
+
+    def test_booster_only_tools(self, capsys):
+        import conduct_cli.guard as g
+        resp = dict(_TEAM_RESPONSE, tools_installed=["booster"])
+        with patch.object(g, "_req", return_value=resp):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "booster" in out
+        assert "rtk" not in out.split("Tools contributing")[1] if "Tools contributing" in out else True
+
+
+class TestCmdGuardSavingsApiFailure:
+    def test_non_dict_response_prints_error(self, capsys):
+        import conduct_cli.guard as g
+        with patch.object(g, "_req", return_value=None):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "Failed" in out
+
+    def test_string_response_prints_error(self, capsys):
+        import conduct_cli.guard as g
+        with patch.object(g, "_req", return_value="error"):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "Failed" in out
+
+    def test_network_error_prints_error(self, capsys):
+        import conduct_cli.guard as g
+        with patch.object(g, "_req", side_effect=ConnectionError("timeout")):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        assert "Failed" in out
+
+    def test_single_developer_singular_label(self, capsys):
+        import conduct_cli.guard as g
+        resp = dict(_TEAM_RESPONSE, developer_count=1, total_tokens_saved=750_000)
+        with patch.object(g, "_req", return_value=resp):
+            g.cmd_guard_savings(_args())
+        out = capsys.readouterr().out
+        # "1 developer" not "1 developers"
+        assert "1 developer" in out
+        assert "1 developers" not in out