docs: update README with Mermaid diagram and enhance agent rules

backslash-ux · backslash-ux · commit b0e5c3637bbf · 2025-12-28T12:04:25.000+07:00
- Replace ASCII diagram with Mermaid flowchart
- Add all v0.1 tools to agent rules (search_history, verify_intent, sanitize_content)
- Add security enforcement behavior for security_flags
- Add example workflow with new tools
diff --git a/README.md b/README.md
@@ -2,9 +2,9 @@
 
 <div align="center">
 
-**🛡️ A Git Hygiene Safety Layer for AI-First Development**
+**🛡️ Production-Grade Safety Layer for AI-First Development**
 
-_Keep your AI coding assistants honest with automatic commit hygiene checks_
+_Git hygiene monitoring + Security scanning + Semantic search + Full observability_
 
 [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)
 [![Python 3.10+](https://img.shields.io/badge/python-3.10+-blue.svg)](https://www.python.org/downloads/)
@@ -16,30 +16,34 @@ _Keep your AI coding assistants honest with automatic commit hygiene checks_
 
 ## Why FlowCheck?
 
-AI coding assistants are incredibly productive—but they can also create **massive, hard-to-review changesets** in a single session. FlowCheck acts as a safety layer that:
+AI coding assistants are incredibly productive—but they can also create **massive, hard-to-review changesets** and **security risks**. FlowCheck v0.1 is a production-grade safety layer that:
 
 - 🔍 **Monitors Git state** in real-time during AI-assisted coding
-- ⚡ **Nudges agents** to make checkpoint commits before changes get too large
-- 📊 **Tracks flow health** (time since commit, lines changed, files modified)
-- 🤖 **Designed for AI agents** with enforceable rules and clear tool interfaces
+- 🔒 **Scans for security issues** (PII, secrets, prompt injection attacks)
+- 🔎 **Semantic history search** - find commits by meaning, not keywords
+- 📊 **Tracks flow health** (time, lines, branch age, drift from main)
+- 📝 **Full observability** (OpenTelemetry traces, audit logs)
+- 🎯 **Intent validation** (ticket-to-diff alignment)
+- 🤖 **Designed for AI agents** with enforceable rules
 
-> Think of FlowCheck as a "smart fitness watch" for your codebase—it doesn't block, it nudges.
+> Think of FlowCheck as a "smart fitness watch with a biometric lock" for your codebase—it helps you code faster while actively defending against security threats.
 
 ## AI-First Design
 
 FlowCheck is built specifically for the **agentic coding** workflow:
 
-```
-┌─────────────────┐     ┌─────────────────┐     ┌─────────────────┐
-│   AI Agent      │────▶│   FlowCheck     │────▶│   Git Repo      │
-│  (Claude, etc)  │◀────│   MCP Server    │◀────│   (.git)        │
-└─────────────────┘     └─────────────────┘     └─────────────────┘
-        │                       │
-        │   "status: warning"   │
-        │   "500+ lines pending"│
-        ▼                       │
-   Agent pauses and             │
-   suggests checkpoint ◀────────┘
+```mermaid
+flowchart LR
+    Agent["🤖 AI Agent<br/>(Claude, Cursor, etc)"]
+    FC["🛡️ FlowCheck<br/>MCP Server"]
+    Git["📁 Git Repo<br/>(.git)"]
+
+    Agent -->|"get_flow_state()"| FC
+    FC -->|"analyze"| Git
+    Git -->|"metrics"| FC
+    FC -->|"status: warning<br/>security_flags: [...]"| Agent
+
+    Agent -->|"⏸️ Pause & suggest<br/>checkpoint commit"| Agent
 ```
 
 ### Agent Rules (Recommended)
@@ -92,12 +96,22 @@ Add to `~/Library/Application Support/Claude/claude_desktop_config.json`:
 
 ## MCP Tools
 
+### Core Tools
+
 | Tool                  | Purpose                                              |
 | --------------------- | ---------------------------------------------------- |
-| `get_flow_state`      | Returns current metrics (time, lines, files, status) |
-| `get_recommendations` | Returns actionable nudges based on thresholds        |
+| `get_flow_state`      | Returns metrics + **security_flags** (PII/injection) |
+| `get_recommendations` | Returns actionable nudges + **security warnings**    |
 | `set_rules`           | Dynamically adjust thresholds                        |
 
+### v0.1 Production Features
+
+| Tool               | Purpose                                              |
+| ------------------ | ---------------------------------------------------- |
+| `search_history`   | **Semantic search** - find commits by meaning        |
+| `verify_intent`    | **Ticket alignment** - validate against requirements |
+| `sanitize_content` | **PII/secret redaction** before sharing with AI      |
+
 ### Example: `get_flow_state`
 
 ```json
@@ -106,7 +120,10 @@ Add to `~/Library/Application Support/Claude/claude_desktop_config.json`:
   "uncommitted_lines": 520,
   "uncommitted_files": 8,
   "branch_name": "feature/api-refactor",
-  "status": "warning"
+  "branch_age_days": 3,
+  "behind_main_by_commits": 12,
+  "status": "warning",
+  "security_flags": ["⚠️ SECRETS: Potential secrets detected in diff"]
 }
 ```
 
@@ -115,10 +132,28 @@ Add to `~/Library/Application Support/Claude/claude_desktop_config.json`:
 ```json
 {
   "recommendations": [
+    "🔒 SECURITY: Review security flags before committing.",
     "📊 You have 520 uncommitted lines. Consider splitting into focused commits.",
-    "💡 Tip: Large changesets can be split by domain (backend vs frontend)."
+    "🔄 You are behind main by 12 commits. Consider merging to avoid conflicts."
   ],
-  "status": "warning"
+  "status": "warning",
+  "security_flags": ["⚠️ SECRETS: Potential secrets detected in diff"]
+}
+```
+
+### Example: `search_history`
+
+```json
+{
+  "query": "authentication changes",
+  "results": [
+    {
+      "commit_hash": "a1b2c3d",
+      "message": "Refactor OAuth token validation",
+      "score": 0.87,
+      "matched_terms": ["oauth", "token"]
+    }
+  ]
 }
 ```
 
@@ -146,6 +181,26 @@ FlowCheck uses `~/.flowcheck/config.json`:
 | `warning` | One or more thresholds exceeded     |
 | `danger`  | Thresholds exceeded by 1.5x or more |
 
+## Security Features (v0.1)
+
+### Guardian Layer
+
+- **PII Detection**: Emails, phone numbers, SSNs, credit cards
+- **Secret Scanning**: AWS keys, GitHub tokens, API keys, passwords
+- **Injection Filtering**: Detects prompt injection attacks in diffs
+
+### Observability
+
+- **OpenTelemetry Traces**: `gen_ai.*` semantic conventions
+- **Audit Logs**: Append-only JSON Lines format in `~/.flowcheck/audit.log`
+- All tool invocations are logged with trace IDs
+
+### Semantic Search
+
+- **TF-IDF Vectorization**: No external ML dependencies
+- **SQLite Storage**: Local index in `~/.flowcheck/semantic_index.db`
+- Find commits by meaning, not just keywords
+
 ## Development
 
 ```bash
diff --git a/rules/flowcheck-rules.md b/rules/flowcheck-rules.md
@@ -1,55 +1,121 @@
 # FlowCheck Rules for AI Agents
 
-> **This file instructs AI agents to enforce Git hygiene during agentic coding sessions.**
+> **This file instructs AI agents to enforce Git hygiene and security during agentic coding sessions.**
 
 ## FlowCheck MCP Tools
 
-You are given tools from the FlowCheck MCP server for maintaining Git hygiene. You `MUST` follow these rules:
+You are given tools from the FlowCheck MCP server. You `MUST` follow these rules:
 
-## 1. `get_flow_state`
+---
+
+## 1. `get_flow_state` - Health Check
 
 You `MUST` call this tool:
 
-- **Before starting any new task** to assess current repository health
-- **Before making commits** to understand the scope of changes
-- **Periodically during long coding sessions** (every 15-20 tool calls)
-- **When resuming work** on a repository after any interruption
+- **Before starting any new task** to assess repository health
+- **Before making commits** to check for security flags
+- **Periodically during long sessions** (every 15-20 tool calls)
+- **When resuming work** after any interruption
+
+**Critical**: If `security_flags` is non-empty, you `MUST NOT` proceed until issues are addressed.
 
-## 2. `get_recommendations`
+---
+
+## 2. `get_recommendations` - Actionable Guidance
 
 You `MUST` call this tool:
 
 - **When `get_flow_state` returns status `warning` or `danger`**
-- **Before proposing large refactors** to check if changes should be split
-- **At the end of each major task** to ensure clean commit hygiene
-- **When uncommitted lines exceed 300** to get guidance on splitting work
+- **When `security_flags` contains any items**
+- **Before proposing large refactors**
+- **When uncommitted lines exceed 300**
+
+---
+
+## 3. `search_history` - Semantic Context
+
+You `SHOULD` call this tool:
+
+- **Before implementing features** to find similar past solutions
+- **When debugging** to find how issues were fixed before
+- **Instead of `git log`** when searching by concept, not keywords
+
+Example: `search_history("authentication changes", repo_path)`
+
+---
+
+## 4. `verify_intent` - Ticket Alignment
+
+You `SHOULD` call this tool:
+
+- **Before completing a task** to verify alignment with requirements
+- **When scope seems to be expanding** beyond the original ticket
+- **Before large refactors** to confirm they're in scope
+
+---
 
-## 3. `set_rules`
+## 5. `sanitize_content` - Security Redaction
+
+You `MUST` call this tool:
+
+- **Before including file contents in outputs** if they may contain secrets
+- **Before sharing code snippets** that haven't been security-scanned
+- **When working with config files** that may contain credentials
+
+---
+
+## 6. `set_rules` - Configuration
 
 You `MAY` call this tool when:
 
 - The user explicitly requests different thresholds
 - Working on a codebase with specific commit policies
 
+---
+
 ## Enforcement Behavior
 
-When FlowCheck reports `warning` or `danger` status, you `MUST`:
+### When status is `warning` or `danger`:
 
-1. **Pause new feature work** and address the hygiene issue first
-2. **Suggest a checkpoint commit** if time threshold is exceeded
-3. **Propose splitting changes** if line count threshold is exceeded
-4. **Inform the user** of the flow health status and your recommendation
+1. **Pause new feature work** - address hygiene first
+2. **Suggest checkpoint commit** if time threshold exceeded
+3. **Propose splitting changes** if line count exceeded
+4. **Inform the user** of flow health status
 
-## Example Integration
+### When `security_flags` is non-empty:
+
+1. **STOP** - do not proceed with commits
+2. **Review** the flagged content for secrets/PII
+3. **Use `sanitize_content`** to redact sensitive data
+4. **Alert the user** about potential security issues
+
+---
+
+## Example Workflow
 
 ```
 Before starting work:
 1. Call get_flow_state(repo_path)
-2. If status is not "ok", call get_recommendations(repo_path)
-3. Address any hygiene issues before proceeding
-4. Begin the requested task
+2. Check security_flags - if non-empty, address immediately
+3. If status != "ok", call get_recommendations(repo_path)
+4. Call search_history() for relevant context
+5. Begin the requested task
+
+Before completing work:
+1. Call verify_intent(ticket_id) if applicable
+2. Call get_flow_state() to verify clean state
+3. Suggest commit with descriptive message
 ```
 
+---
+
 ## Philosophy
 
-FlowCheck is a "smart fitness watch" for coding—it nudges, never blocks. But as an AI agent, you should treat these nudges as **strong recommendations** to maintain a clean, reviewable Git history that humans can easily understand and audit.
+FlowCheck is a "defense-in-depth" safety layer:
+
+- **Hygiene nudges** keep commits small and reviewable
+- **Security scanning** prevents accidental secret/PII leaks
+- **Semantic search** reduces duplicate work and hallucinations
+- **Intent validation** ensures code matches requirements
+
+As an AI agent, treat FlowCheck warnings as **strong recommendations** to maintain a clean, secure, auditable Git history.
