Docs
Quick start
npm install -g @sinameraji/tpm
cd your-product-repo
tpm init
tpm audit
Don't want to install globally? npx @sinameraji/tpm@latest audit works without
any install. macOS users hitting EACCES on global install:
one-time prefix fix.
TPM runs on the source code in your current directory (primary source of truth). No
browser automation, no fake signups. Step 2 of tpm audit optionally asks for
your public marketing URL (landing/pricing/features) — auxiliary context that helps with
positioning. Skip with Enter.
First audit runs on our hosted Cloudflare Workers AI (one per device). For unlimited audits, self-host on your own Cloudflare.
The six-stage method
TPM runs a deterministic pipeline. Each stage checkpoints to disk and can be replayed independently. Artifacts live in .tpm/artifacts/{audit_id}/:
map.yaml— the static code map (routes, forms, components, nav)lean-canvas.yaml— Stage A: what the builder intendedpaths.yaml— Stage B: imagined user journey per personadelta.yaml— Stage C: the structured differenceproblems.yaml— Stage D: ranked by leverage argumentsolutions.yaml+prototypes/*.html— Stage E: top-5 fixesspec.md+spec.html— Stage F: the PM deliverable
Commands
tpm init— initialize.tpm/in the current projecttpm audit— run the full audit on this codebasetpm audit --gateway byo— force BYO mode for this runtpm report [audit_id]— show a prior spec.mdtpm config get/set/show— inspect or change configtpm self-host— print the BYO setup guidetpm cost— show Neuron spend per audit / per stage / per model
Privacy & security
TPM runs on your machine. In hosted-trial mode, prompts flow through our Cloudflare Worker proxy — logged server-side as token counts only (not content), unless you opt into debug mode. In BYO mode, prompts go directly from your CLI to your own Cloudflare account; nothing touches our infrastructure.
Source code never leaves your machine in either mode.