# AI Code Guard CLI (stella guard run/status)

## Module
Cli

## Status
IMPLEMENTED

## Description
CLI commands for analyzing AI-generated code for security issues including secrets scanning, attribution checking, and license hygiene. Provides `stella guard run` to analyze directories/files and `stella guard status` to check guard configuration.

## Implementation Details
- **Command Group**: `src/Cli/StellaOps.Cli/Commands/GuardCommandGroup.cs` -- `GuardCommandGroup` (public static class)
- **Sprint**: SPRINT_20260112_010_CLI_ai_code_guard_command (tasks CLI-AIGUARD-001/002)
- **Policy DSL extensions**: `src/Policy/StellaOps.PolicyDsl/AiCodeGuardSignalContextExtensions.cs` -- signal context for AI code guard in policy DSL
- **Commands**:
  - `stella guard run <path>` -- analyze a directory or file for AI-generated code issues (secrets, attribution, license). Options: `--format text|json`, `--verbose`
  - `stella guard status` -- check guard configuration and enabled analyzers
- **Output**: Uses Spectre.Console for rich terminal rendering
- **Tests**: `src/Cli/__Tests/StellaOps.Cli.Tests/GuardCommandTests.cs`

## E2E Test Plan
- [ ] Run `stella guard run ./src` and verify analysis output showing detected issues (secrets, attribution, license)
- [ ] Run `stella guard run ./src --format json` and verify valid JSON output with findings array
- [ ] Run `stella guard run ./src --verbose` and verify detailed analyzer output
- [ ] Run `stella guard status` and verify guard configuration including enabled analyzers
- [ ] Run `stella guard run` on a clean directory and verify no findings reported with exit code 0
- [ ] Run `stella guard run` on a directory with known secrets and verify detection with exit code 1
- [ ] Verify error handling for non-existent paths
- [ ] Verify AI-generated code attribution checks identify code without proper attribution