Initial commit: Vibe-Coding Risk Radar v1.0.0

Interactive React component for MECE risk classification of AI-generated code.
5 dimensions, 4 tiers, bilingual (DE/EN), SVG radar chart, inline documentation.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: rdmueller

.github/workflows/deploy.yml

@@ -0,0 +1,75 @@
+name: Deploy to GitHub Pages
+
+on:
+  push:
+    branches: [main]
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+concurrency:
+  group: pages
+  cancel-in-progress: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: npm
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Detect base path
+        id: base
+        run: |
+          REPO_NAME=$(echo "${{ github.repository }}" | cut -d'/' -f2)
+          echo "path=/${REPO_NAME}/" >> "$GITHUB_OUTPUT"
+
+      - name: Build React app
+        run: npm run build
+        env:
+          VITE_BASE_PATH: ${{ steps.base.outputs.path }}
+
+      - name: Install Asciidoctor
+        run: sudo gem install asciidoctor --no-document
+
+      - name: Render AsciiDoc documentation
+        run: |
+          mkdir -p dist/docs
+          asciidoctor \
+            -a icons=font \
+            -a source-highlighter=highlight.js \
+            -a linkcss! \
+            -a toc=left \
+            -a toclevels=3 \
+            -a sectanchors \
+            -a sectlinks \
+            -D dist/docs \
+            docs/risk-radar.adoc
+
+      - name: Upload artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: dist
+
+  deploy:
+    needs: build
+    runs-on: ubuntu-latest
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    steps:
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4

.gitignore

@@ -0,0 +1,17 @@
+node_modules/
+dist/
+*.local
+.env
+.env.*
+!.env.example
+
+# OS files
+*:Zone.Identifier
+.DS_Store
+Thumbs.db
+
+# Editor
+.idea/
+.vscode/
+*.swp
+*.swo

CLAUDE.md

@@ -0,0 +1,40 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Build & Dev Commands
+
+```bash
+npm install          # Install dependencies
+npm run dev          # Start dev server at http://localhost:5173
+npm run build        # Production build → dist/
+npm run preview      # Preview production build locally
+npm run docs         # Render AsciiDoc docs with Asciidoctor
+```
+
+No test framework is configured. No linter is configured.
+
+## Architecture
+
+This is a single-page React app (React 18, Vite 6) that visualizes a MECE risk framework for AI-generated code. It has **no routing, no state management library, and no backend**.
+
+### Core Structure
+
+- **`src/RiskRadar.jsx`** — The entire application lives in this single self-contained component (~517 lines). It includes:
+  - **i18n**: A `T` object at the top with full DE/EN translations, dimension definitions, preset scenarios, mitigation measures, and documentation content. All text is inline, no external i18n library.
+  - **Risk model**: 5 dimensions (codeType, language, deployment, data, blastRadius), each scored 0–4. The tier is determined by `Math.max()` across all dimensions, mapped to 4 tiers.
+  - **Components** (not exported, all in the same file): `RadarChart` (SVG polygon radar), `MitigationCard` (expandable tier cards), `DocSidebar` (slide-out documentation panel), and the default export `RiskRadar`.
+  - **Styling**: All inline styles, no CSS modules or styled-components. Dark theme with slate color palette. Colors defined via `TIER_BG` and `TYPE_COLORS` constants.
+
+- **`docs/risk-radar.adoc`** — Standalone AsciiDoc documentation with 30+ references. Rendered separately by Asciidoctor (not by the React app).
+
+### Deployment
+
+GitHub Actions workflow (`.github/workflows/deploy.yml`) builds the React app and renders AsciiDoc docs, then deploys both to GitHub Pages. The base path is auto-detected from the repo name via `VITE_BASE_PATH`.
+
+## Key Patterns
+
+- Dimension values are stored as `{ codeType: number, language: number, ... }` with values 0–4
+- `getTierIndex(values)` maps the max dimension value to tier index 0–3
+- Presets are predefined value combinations (e.g., "Payment Service", "Medical Device FW")
+- Mitigations are categorized as deterministic/probabilistic/organizational with corresponding color coding

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.adoc

@@ -0,0 +1,96 @@
+= Vibe-Coding Risk Radar
+:toc: macro
+:toclevels: 2
+:icons: font
+
+MECE risk framework for AI-generated code — 5 dimensions, 4 tiers, actionable mitigations.
+
+toc::[]
+
+== What is this?
+
+An interactive React component that classifies vibe-coding risk across 5 orthogonal dimensions and maps results to concrete mitigation tiers.
+Accompanied by full AsciiDoc documentation with 30+ verified references.
+
+=== Features
+
+* *5 MECE Dimensions:* Code type, language safety, deployment context, data sensitivity, blast radius
+* *4 Cumulative Tiers:* Each tier includes all mitigations of lower tiers
+* *Radar Chart:* SVG visualization of the risk profile
+* *Presets:* Quick scenarios (Landing Page → Payment Service)
+* *DE / EN:* Full bilingual support, switchable at runtime
+* *Inline Documentation:* Slide-out sidebar with all 6 doc sections
+* *Mobile-friendly:* Responsive layout with stacked sliders
+
+== Quick Start
+
+=== Local Development
+
+[source,bash]
+----
+npm install
+npm run dev
+----
+
+Opens at `http://localhost:5173`.
+
+=== Production Build
+
+[source,bash]
+----
+npm run build
+npm run preview
+----
+
+Output in `dist/`.
+
+== GitHub Pages Deployment
+
+The included GitHub Action (`.github/workflows/deploy.yml`) handles everything automatically:
+
+. Builds the React app with Vite
+. Renders the AsciiDoc documentation with Asciidoctor
+. Deploys both to GitHub Pages
+
+=== Setup
+
+. Go to *Settings → Pages* in your GitHub repository
+. Under *Build and deployment*, select *GitHub Actions* as the source
+. Push to `main` — the workflow runs automatically
+
+After deployment:
+
+* *App:* `https://<user>.github.io/<repo>/`
+* *Docs:* `https://<user>.github.io/<repo>/docs/risk-radar.html`
+
+== Project Structure
+
+[source]
+----
+.
+├── .github/workflows/deploy.yml   # GitHub Pages CI/CD
+├── docs/
+│   └── risk-radar.adoc            # Full AsciiDoc documentation (30+ refs)
+├── src/
+│   ├── RiskRadar.jsx              # Main React component (self-contained)
+│   ├── main.jsx                   # React entry point
+│   └── index.css                  # Minimal reset
+├── index.html                     # Vite entry HTML
+├── package.json
+├── vite.config.js
+└── README.adoc
+----
+
+== Documentation
+
+The `docs/risk-radar.adoc` file contains the full framework documentation:
+
+* Empirical evidence (Veracode, CodeRabbit, METR, Perry et al.)
+* 5×5 dimension matrix with detailed descriptions
+* 4-tier mitigation model with deterministic, probabilistic, and organizational measures
+* Regulatory context (EU AI Act, HIPAA, PCI-DSS, IEC 61508, DO-178C, ISO 26262)
+* References: 30+ verified URLs to primary sources
+
+== License
+
+MIT