tenet-toolchain-setuplisted

# Tenet Toolchain Setup > First-run concierge. Scans the host for installed static-analysis tools, scans the project to determine what tools it needs, shows a gap report, and — with confirmation — writes a sensible `.healthcheck.toml`. ## Purpose This skill bootstraps the Tenet audit environment for a project. It inventories the host machine's installed tools, cross-references them against what the project actually needs, produces a formatted gap report, generates install commands, and writes the `.healthcheck.toml` configuration file that all other Tenet skills depend on. ## Language Support Matrix ```yaml support: native: [all] note: "This skill detects languages but does not analyze code. It determines which tools and dimensions are relevant for the detected languages." ``` ## Toolchain Inputs This skill does not consume toolchain outputs — it *produces* the configuration that the toolchain skill reads. ## Procedure ### Step 1: Host Inventory For every tool in the Tenet toolchain catalog, check if it is installed and capture its version: ```bash # Tools to check (run `which <tool>` and `<tool> --version` for each): # Required: # git, jq # Static analysis: # semgrep, gitleaks, trufflehog # Package auditing: # npm (+ npm audit), pip-audit, osv-scanner, trivy, syft, grype # Linting / complexity: # eslint, radon, gocyclo # CI / Docker: # hadolint, actionlint # Accessibility: # axe (npx @axe-core/cli), pa11y # Docs: # markdownlint # Infrastructure: