diff --git a/README.md b/README.md
index eb320fe..131a6cd 100644
--- a/README.md
+++ b/README.md
@@ -16,11 +16,7 @@ While others try to _guess_ if a prompt is malicious (Semantic Security), Node9
**AIs are literal.** When you ask an agent to "Fix my disk space," it might decide to run `docker system prune -af`.
-<<<<<<< dev
- 
-=======
->>>>>>> main
**With Node9, the interaction looks like this:**
@@ -79,6 +75,8 @@ Revert to this snapshot? [y/N]
Node9 keeps the last 10 snapshots. Snapshots are only taken for file-writing tools (`write_file`, `edit_file`, `str_replace_based_edit_tool`, `create_file`) โ not for read-only or shell commands.
+Node9 keeps the last 10 snapshots. Snapshots are only taken for file-writing tools (`write_file`, `edit_file`, `str_replace_based_edit_tool`, `create_file`) โ not for read-only or shell commands.
+
### ๐ The Resolution Waterfall
Security posture is resolved using a strict 5-tier waterfall:
@@ -97,13 +95,17 @@ Security posture is resolved using a strict 5-tier waterfall:
npm install -g @node9/proxy
# 1. Setup protection for your favorite agent
-node9 addto claude
+node9 setup # interactive menu โ picks the right agent for you
+node9 addto claude # or wire directly
node9 addto gemini
# 2. Initialize your local safety net
node9 init
-# 3. Check your status
+# 3. Verify everything is wired correctly
+node9 doctor
+
+# 4. Check your status
node9 status
```
@@ -151,6 +153,65 @@ Rules are **merged additive**โyou cannot "un-danger" a word locally if it was
---
+## ๐ฅ๏ธ CLI Reference
+
+| Command | Description |
+| :---------------------------- | :------------------------------------------------------------------------------------ |
+| `node9 setup` | Interactive menu โ detects installed agents and wires hooks for you |
+| `node9 addto ` | Wire hooks for a specific agent (`claude`, `gemini`, `cursor`) |
+| `node9 init` | Create default `~/.node9/config.json` |
+| `node9 status` | Show current protection status and active rules |
+| `node9 doctor` | Health check โ verifies binaries, config, credentials, and all agent hooks |
+| `node9 explain [args]` | Trace the policy waterfall for a given tool call (dry-run, no approval prompt) |
+| `node9 undo [--steps N]` | Revert the last N AI file edits using shadow Git snapshots |
+| `node9 check` | Called by agent hooks; evaluates a pending tool call and exits 0 (allow) or 1 (block) |
+
+### `node9 doctor`
+
+Runs a full self-test and exits 1 if any required check fails:
+
+```
+Node9 Doctor v1.2.0
+โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
+Binaries
+ โ
Node.js v20.11.0
+ โ
git version 2.43.0
+
+Configuration
+ โ
~/.node9/config.json found and valid
+ โ
~/.node9/credentials.json โ cloud credentials found
+
+Agent Hooks
+ โ
Claude Code โ PreToolUse hook active
+ โ ๏ธ Gemini CLI โ not configured (optional)
+ โ ๏ธ Cursor โ not configured (optional)
+
+โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
+All checks passed โ
+```
+
+### `node9 explain`
+
+Dry-runs the policy engine and prints exactly which rule (or waterfall tier) would block or allow a given tool call โ useful for debugging your config:
+
+```bash
+node9 explain bash '{"command":"rm -rf /tmp/build"}'
+```
+
+```
+Policy Waterfall for: bash
+โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
+Tier 1 ยท Cloud Org Policy SKIP (no org policy loaded)
+Tier 2 ยท Dangerous Words BLOCK โ matched "rm -rf"
+Tier 3 ยท Path Block โ
+Tier 4 ยท Inline Exec โ
+Tier 5 ยท Rule Match โ
+โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
+Verdict: BLOCK (dangerous word: rm -rf)
+```
+
+---
+
## ๐ง Troubleshooting
**`node9 check` exits immediately / Claude is never blocked**