scrutiny-ai-review

# scrutiny-ai-review

AI-powered secondary review of scrutiny warnings to identify false positives and provide deeper analysis. Evaluates keyword-triggered warnings in context to determine if they represent actual issues or incidental word usage.

## Installation

This is a CmdForge tool. Install it via:

```bash
cmdforge install scrutiny-ai-review
```

Or from the CmdForge registry at https://cmdforge.brrd.tech

## Usage

This tool accepts scrutiny warnings via pipe and performs AI-powered analysis to identify false positives:

```bash
# Review scrutiny warnings from a previous scan
echo '{"warnings": [...], "tool_config": {...}}' | scrutiny-ai-review

# With custom warnings JSON
scrutiny-ai-review --warnings '[{"line": 42, "message": "security concern"}]' --tool-config '{"name": "my-tool", "description": "..."}'

# Chained with other tools
scrutiny scan-tool my-tool | scrutiny-ai-review
```

## Arguments

| Flag | Variable | Description |
|------|----------|-------------|
| `--warnings` | `warnings_json` | JSON array of scrutiny warnings/findings |
| `--tool-config` | `tool_config_json` | JSON object containing tool name, description, and steps |

## How It Works

The tool executes a 2-step pipeline:

1. **AI Analysis** (`step_1`): Sends warnings and tool configuration to the `opencode-pickle` provider for contextual analysis, identifying false positives and providing deeper insight into each warning
2. **Result Processing** (`step_2`): Executes Python code to format and structure the AI analysis output

The final output includes refined warnings with AI-determined severity levels, explanations of why certain warnings may be false positives, and recommendations for actual security or quality concerns.

## Dependencies

None - uses the `opencode-pickle` provider for AI analysis.