Add comprehensive BRUTAL_CODING.md: 20-point engineering audit and Pareto improvement plan

[Copilot]

Principal-level technical audit of proxmox-lxc-autoscale codebase following the "Reality Check & Vibe Audit Protocol" methodology. Evaluates production readiness across 20 strict engineering metrics.

Score: 48/100 (Junior/AI Prototype)

Category	Score	Key Issues
Architecture & Vibe	15/20	ThreadPoolExecutor hardcoded to 8 workers
Core Engineering	10/20	Bare exception catching, no custom exceptions
Performance & Scale	9/20	No backpressure, unbounded queues, 1s sleep in hot path
Security & Robustness	7/20	Command injection (shell=True), plaintext credentials
QA & Operations	7/20	Zero unit tests, no metrics, no structured logging

Critical Vulnerabilities

Command Injection (CVSS 9.8):

# lxc_utils.py line 86
subprocess.check_output(cmd, shell=True, ...)  # Unsanitized container IDs

Credential Exposure:

# Config file world-readable by default
ssh_password: "plaintext"
smtp_password: "plaintext"

Vibe Ratio Analysis

• Core logic: 48% (1,200 LOC scaling algorithms)
• Boilerplate: 26% (650 LOC)
• Scripts/docs: 26% (655 LOC)

10-Step Pareto Fix Plan

Critical (2 days):

1. Fix command injection → Use shell=False, validate container IDs with ^[0-9]+$
2. Secrets management → Environment variables, file permission checks (0600)
3. Per-container locking → Replace global lock, prevent race conditions

High (5 days):
4. Unit tests (>70% coverage) → Mock run_command(), test scaling logic
5. Observability → Prometheus metrics, structured logging, health endpoint
6. Backpressure → 60s cooldown per container, circuit breakers

Medium (2.5 days):
7. Type hints + mypy enforcement
8. CI/CD → bandit, pip-audit, dependency pinning with hashes
9. Resource leak fixes → Backup rotation, log rotation, SSH cleanup

Low (10 hours):
10. Harden Dockerfile → Multi-stage build, non-root user, distroless base

Verdict

Well-architected scaling daemon with sound algorithms but unsafe for production. Critical gaps: no tests, command injection, no observability. ETA to production-ready: 2-3 weeks.

Full methodology and detailed metrics in BRUTAL_CODING.md.

Original prompt

🩸 SUPER PROMPT: The Reality Check & Vibe Audit Protocol
Role: You are a Principal Engineer & Technical Due Diligence Auditor with 20 years of experience in High-Frequency Trading and Critical Infrastructure. You are cynical, detail-oriented, and distrustful of "hype". You hate "Happy Path" programming.
Objective: Analyze the provided codebase/project summary and perform a Brutal Reality Audit. You must distinguish between "AI-Generated Slop" (Vibe Coding) and "Engineering Substance" (Production Grade).
Input Data: [PASTE FILE TREE, README, AND CRITICAL CODE SNIPPETS HERE]

📊 Phase 1: The 20-Point Matrix (Score 0-5 per metric)
Evaluate the project on these 20 strict metrics.
0 = Total Fail / Vaporware | 5 = State of the Art / Google-Level
🏗️ Architecture & Vibe

1. Architectural Justification: Are technologies used because they are needed, or because they are "cool"? (e.g., Microservices for a ToDo app).
2. Dependency Bloat: Ratio of own code vs. libraries. Is it just glue code?
3. The "README vs. Code" Gap: Does the documentation promise features that are barely stubbed out in code?
4. AI Hallucination Smell: Are there weirdly generic variable names, redundant comments, or structures that look copied from StackOverflow/Tutorials?
   ⚙️ Core Engineering
5. Error Handling Strategy: Does it unwrap()/panic? Does it swallow errors? Or does it handle edge cases gracefully?
6. Concurrency Model: Are locks/mutexes used correctly? Is there potential for deadlocks or race conditions?
7. Data Structures & Algorithms: Are O(n^2) loops hidden in hot paths? Are maps/vecs pre-allocated?
8. Memory Management: (If native) Leaks, unnecessary clones, RC cycles. (If managed) GC pressure.
   🚀 Performance & Scale
9. Critical Path Latency: Is the hot path zero-copy/optimized? Or is there heavy serialization (JSON) in the middle?
10. Backpressure & Limits: What happens if I send 1M req/s? Does it crash, OOM, or shed load?
11. State Management: How is state synced? Is eventual consistency actually handled or just assumed?
12. Network Efficiency: Protocol overhead (Text vs Binary), chatty interfaces.
    🛡️ Security & Robustness
13. Input Validation: Do you trust the user? (SQLi, XSS, Buffer Overflows).
14. Supply Chain: Are dependencies pinned? Are there sketchy imports?
15. Secrets Management: Are keys hardcoded? Is config separated from code?
16. Observability: Can I debug this in prod without attaching a debugger? (Metrics, Structured Logs).
    🧪 QA & Operations
17. Test Reality: Do tests check logic or just mocks? Are there fuzz tests or chaos tests?
18. CI/CD Maturity: Is the build reproducible? Are there linters/formatters?
19. Docker/Deployment: Is the container optimized (distroless/alpine)? Are privileges dropped?
20. Maintainability: Could a stranger fix a bug in 1 hour?

📉 Phase 2: The Scores
Calculate Total Score (0-100):

• 0-40: 🗑️ Vibe Coding Scrap. (Rewrite from scratch).
• 41-70: 🚧 Junior/AI Prototype. (Needs heavy refactoring).
• 71-90: 🏭 Solid Engineering. (Production ready with minor tweaks).
• 91-100: 🏆 State of the Art. (Unicorn level).
  The "Vibe Ratio":
Estimate the percentage of code that is "UI/Docs/Boilerplate" vs "Core Logic".
Warning if > 50% is fluff.

🛠️ Phase 3: The Pareto Fix Plan (80/20 Rule)
List exactly 10 Steps to bring this project to "State of the Art".
Focus on the 20% of changes that yield 80% of the reliability/performance gains.
Do not suggest "add more comments". Suggest architectural fixes.

Final Verdict:
Summarize the project in one ruthless sentence.

Istruzioni per l'uso:

1. Esegui questo prompt su ogni repo.
2. Non accettare scuse dall'AI. Se il codice non c'è, è 0.
3. Usa il Pareto Fix Plan come roadmap per la settimana successiva.

save full report in English to BRUTAL_CODING.md and send PR, here and example of well generated report for another project of mine u can check at https://github.com/fabriziosalmi/synapse-ng: 🩸 SYNAPSE-NG: BRUTAL REALITY AUDIT & VIBE CHECK
Auditor: Principal Engineer (20Y HFT/Critical Infrastructure)
Date: 2025-11-23
Codebase: synapse-ng (Autonomous Digital Organism)

📊 PHASE 1: THE 20-POINT MATRIX
🏗️ Architecture & Vibe (0-20)

1. Architectural Justification: 2/5

• Issues: WebRTC for distributed state sync is interesting but overcomplicated for a <20 node network. You don't need P2P data channels for consensus when HTTP/gRPC would suffice. CRDT + Raft + WebRTC + mDNS is technology soup.
• Reality: This is "cool tech stacking" not "problem-driven design". A task management system doesn't need WebRTC unless you're doing real-time video/audio.

2. Dependency Bloat: 3/5

• Ratio: ~13k LOC / 12 dependencies = 1000 LOC per dep (decent but deceptive)
• Red Flags:
  • py-ecc for ZKP voting in a 3-node test netwo...

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.