@accelerationguy/accel 1.0.0

package/modules/radar/commands/audit.md

@@ -0,0 +1,233 @@
+---
+name: radar:audit
+description: Run a full or targeted Radar diagnostic audit on a codebase
+argument-hint: "[path-to-repo]"
+allowed-tools: [Read, Write, Edit, Bash, Glob, Grep, Task, AskUserQuestion]
+---
+
+<objective>
+Initiates a new Radar diagnostic audit on a target codebase. This is the primary entry point for all Core audit operations. Guides the user through scope selection, domain targeting, tool configuration, and confirmation before delegating to the Phase 0 workflow.
+
+If no `.radar/` directory exists, delegates project initialization to `/radar:init` before proceeding.
+If an existing audit is detected, routes to `/radar:resume` instead of starting fresh.
+
+Produces: Phase 0 (Context & Threat Modeling) output, building on the `.radar/` structure created by `/radar:init`.
+</objective>
+
+<execution_context>
+@~/.claude/commands/radar/init.md
+@~/.claude/radar/core/workflows/phase-0-context.md
+@~/.claude/radar/core/workflows/phase-1-reconnaissance.md
+@~/.claude/radar/core/workflows/phase-2-domain-audits.md
+@~/.claude/radar/core/workflows/phase-3-cross-domain.md
+@~/.claude/radar/core/workflows/phase-4-adversarial-review.md
+@~/.claude/radar/core/workflows/phase-5-report.md
+@~/.claude/radar/core/workflows/session-handoff.md
+@~/.claude/radar/core/workflows/disagreement-resolution.md
+@~/.claude/radar/core/workflows/phase-checkpoint.md
+</execution_context>
+
+<context>
+$ARGUMENTS
+@.radar/STATE.md
+@.radar/MANIFEST.md
+</context>
+
+<process>
+
+## Step 1: Determine Target Repository
+
+Check if $ARGUMENTS contains a repository path:
+- If YES: use the provided path as the audit target
+- If NO: use the current working directory
+
+Validate the target:
+- Confirm the path exists and is a directory
+- Check for .git/ (warn if absent — not required but informative)
+- Display target path for user confirmation
+
+## Step 2: Ensure Project Initialized
+
+Check if `.radar/STATE.md` exists in the target repository:
+
+- If YES (existing project): Read STATE.md to determine status.
+  - If status is "initialized" (init done but no audit started): proceed to Step 3
+  - If status is "in_progress" or "paused": An audit is already in progress.
+    ```
+    ════════════════════════════════════════
+    EXISTING AUDIT DETECTED
+    ════════════════════════════════════════
+
+    Target: [path]
+    Current Phase: [from STATE.md]
+    Status: [from STATE.md]
+    Findings so far: [count]
+
+    [1] Resume existing audit (recommended) → runs /radar:resume
+    [2] Start fresh (WARNING: archives existing .radar/ state)
+    [3] Cancel
+    ════════════════════════════════════════
+    ```
+    - If [1]: delegate to /radar:resume
+    - If [2]: run /radar:init logic (archives old .radar/, creates fresh), then proceed to Step 3
+    - If [3]: exit
+
+- If NO (no .radar/ directory): Project not yet initialized.
+  - Run /radar:init process to create .radar/ with STATE.md, MANIFEST.md, and findings/
+  - The init process handles: git repo validation, tool detection, .gitignore update
+  - After init completes, proceed to Step 3
+
+## Step 3: Repository Analysis
+
+Analyze the target repository and display:
+```
+════════════════════════════════════════
+TARGET REPOSITORY
+════════════════════════════════════════
+
+Path: [absolute path]
+Languages: [detected from file extensions]
+Frameworks: [detected from config files — package.json, requirements.txt, go.mod, etc.]
+Repository size: [file count estimate]
+Last commit: [if git repo — short hash + date]
+════════════════════════════════════════
+```
+
+## Step 4: Select Audit Scope
+
+Present audit scope options:
+```
+════════════════════════════════════════
+AUDIT SCOPE
+════════════════════════════════════════
+
+[1] Full audit — all phases (0-5), all 14 domains (recommended for first run)
+[2] Targeted audit — select specific domains to include
+[3] Quick scan — Phases 0-2 only (context + signals + domain audits, no synthesis/adversarial)
+[4] Cancel
+════════════════════════════════════════
+```
+
+If [2] (Targeted) selected, present domain checklist:
+```
+Select domains to include:
+
+[ ] 00 — Context & Intent
+[ ] 01 — Architecture & System Design
+[ ] 02 — Data & State Integrity
+[ ] 03 — Correctness & Logic
+[ ] 04 — Security
+[ ] 05 — Compliance, Privacy & Governance
+[ ] 06 — Testing Strategy & Verification
+[ ] 07 — Reliability & Resilience
+[ ] 08 — Scalability & Performance
+[ ] 09 — Maintainability & Code Health
+[ ] 10 — Operability & Developer Experience
+[ ] 11 — Change Risk & Evolvability
+[ ] 12 — Team, Ownership & Knowledge Risk
+[ ] 13 — Risk Synthesis & Forecasting
+
+Enter domain numbers (comma-separated), "all" for full audit, or "back" to return to scope selection:
+```
+
+Note: Domain 00 (Context) is always included regardless of selection — it is required for scope establishment.
+
+## Step 5: Audit Configuration
+
+Present optional configuration:
+```
+════════════════════════════════════════
+AUDIT CONFIGURATION
+════════════════════════════════════════
+
+Tool selection (all enabled by default):
+  [x] SonarQube — code quality, complexity, duplication
+  [x] Semgrep — pattern-based security/correctness scanning
+  [x] Trivy — vulnerability and misconfiguration scanning
+  [x] Gitleaks — secrets detection
+  [x] Checkov — infrastructure-as-code scanning
+  [x] Syft + Grype — SBOM generation + CVE matching
+  [x] git-history — churn, author concentration, change frequency
+
+Toggle tools? Enter tool names to disable, "ok" to continue, or "back" to return to scope selection:
+════════════════════════════════════════
+```
+
+If the target has no IaC files, note that Checkov will be skipped automatically.
+If no .git/ directory, note that git-history and Gitleaks will have limited output.
+
+## Step 6: Confirm and Execute
+
+Display the audit plan for confirmation:
+```
+════════════════════════════════════════
+AUDIT PLAN
+════════════════════════════════════════
+
+Target: [path]
+Scope: [Full / Targeted / Quick]
+Phases: [0-5 or 0-2]
+Domains: [count] of 14 [list if targeted]
+Tools: [count] enabled [list any disabled]
+Estimated sessions: [count based on scope — full ~8-10, quick ~4-5]
+
+[1] Start audit (recommended)
+[2] Modify scope
+[3] Cancel
+════════════════════════════════════════
+```
+
+If [1] selected:
+1. Update .radar/STATE.md: set current phase to 0, overall status to "in_progress"
+2. Record audit scope, domain selection, and tool configuration in .radar/STATE.md
+3. Update .radar/STATE.md Session Tracking: set Started to current timestamp, Sessions to 1, Last session to current timestamp
+4. Begin the phase execution loop (Step 7)
+
+Note: .radar/ directory, STATE.md, and MANIFEST.md were created by /radar:init in Step 2.
+
+If [2]: return to Step 4
+If [3]: exit without creating any files
+
+## Step 7: Phase Execution Loop
+
+Execute audit phases sequentially with checkpoints between each phase:
+
+```
+For each phase in the audit scope (full: 0-5, quick: 0-2):
+
+  1. Invoke the phase workflow:
+     - Phase 0 → phase-0-context workflow
+     - Phase 1 → phase-1-reconnaissance workflow
+     - Phase 2 → phase-2-domain-audits workflow
+     - Phase 3 → phase-3-cross-domain workflow
+     - Phase 4 → phase-4-adversarial-review workflow
+     - Phase 5 → phase-5-report workflow
+
+  2. After phase workflow completes, invoke phase-checkpoint workflow:
+     - Displays phase completion summary and cumulative progress
+     - Previews the next phase
+     - Offers: [1] Continue  [2] Pause  [3] Abort
+
+  3. Based on user's checkpoint decision:
+     - "Continue": proceed to next iteration of this loop
+     - "Pause": stop loop — STATE.md updated with resume point, exit cleanly
+     - "Abort": stop loop — STATE.md updated, exit cleanly
+
+  4. If user paused or aborted: display resume instructions and stop execution
+```
+
+The final checkpoint (after Phase 5 or last phase in scope) displays "Core audit complete" with next steps (/radar:report, /radar:transform) instead of continue/pause/abort options.
+
+Note: Each phase workflow internally handles session-handoff between agents. The checkpoint workflow operates at the phase boundary level, not the agent boundary level.
+
+</process>
+
+<success_criteria>
+- [ ] Target repository identified and validated
+- [ ] Audit scope clearly defined and confirmed by user
+- [ ] Tool configuration confirmed (defaults or user-modified)
+- [ ] .radar/ directory initialized with STATE.md and MANIFEST.md
+- [ ] Phase 0 workflow delegation begins successfully
+- [ ] User receives clear feedback on what will happen next
+- [ ] Cancellation available at every decision point
+</success_criteria>

package/modules/radar/commands/guardrails.md

@@ -0,0 +1,194 @@
+---
+name: radar:guardrails
+description: Generate project rules from audit findings for AI coding assistants
+argument-hint: "[format]"
+allowed-tools: [Read, Write, Glob, Grep, AskUserQuestion]
+---
+
+<objective>
+Generates machine-enforceable project rules from audit findings and remediation knowledge. Produces rules formatted for AI coding assistants (CLAUDE.md, .cursorrules) that encode audit-derived best practices as persistent guardrails.
+
+Requires both Layer A (diagnostic) and Layer B (remediation) to be complete — guardrails derive from remediation patterns, not raw findings.
+
+Produces: rule files in .radar/remediation/guardrails/ (claude-md-rules.md, cursorrules.md).
+</objective>
+
+<execution_context>
+@~/.claude/radar/transform/workflows/phase-7-risk-validation.md
+@~/.claude/radar/transform/workflows/transform-safety.md
+</execution_context>
+
+<context>
+$ARGUMENTS
+@.radar/STATE.md
+@.radar/remediation/
+@.radar/remediation/guardrails/
+</context>
+
+<process>
+
+## Step 1: Check Prerequisites
+
+**Layer A check:** Verify .radar/report/ exists (Core audit complete).
+
+- If Layer A incomplete:
+  ```
+  ════════════════════════════════════════
+  CORE AUDIT INCOMPLETE
+  ════════════════════════════════════════
+
+  Guardrail generation requires a completed Core audit.
+
+  [1] Resume audit → runs /radar:resume
+  [2] Cancel
+  ════════════════════════════════════════
+  ```
+
+**Layer B check:** Verify .radar/remediation/playbooks/ exists (remediation knowledge generated).
+
+- If Layer B incomplete:
+  ```
+  ════════════════════════════════════════
+  REMEDIATION REQUIRED
+  ════════════════════════════════════════
+
+  Guardrails derive from remediation knowledge (Layer B).
+  Remediation playbooks must be generated first.
+
+  [1] Generate remediation first → runs /radar:remediate
+  [2] Cancel
+  ════════════════════════════════════════
+  ```
+
+- If both layers complete: proceed to Step 2
+
+## Step 2: Select Guardrail Format
+
+Check $ARGUMENTS for format specification:
+- If "claude" or "claude-md": pre-select Claude MD format
+- If "cursor" or "cursorrules": pre-select Cursor rules format
+- If no argument or unrecognized: present options
+
+```
+════════════════════════════════════════
+GUARDRAIL FORMAT
+════════════════════════════════════════
+
+Select output format:
+
+[1] Claude MD rules — for .claude/CLAUDE.md (recommended)
+[2] Cursor rules — for .cursorrules
+[3] Both formats
+[4] Cancel
+════════════════════════════════════════
+```
+
+## Step 3: Display Guardrail Scope
+
+```
+════════════════════════════════════════
+GUARDRAIL SCOPE
+════════════════════════════════════════
+
+Source data:
+  Playbooks: [N] remediation playbooks
+  Patterns: [N] cross-cutting patterns identified
+  Domains: [N] domains with findings
+
+Guardrails will codify:
+  - Architectural constraints from findings
+  - Security rules from vulnerability patterns
+  - Code quality standards from audit observations
+  - Testing requirements from coverage gaps
+
+Format: [selected format(s)]
+════════════════════════════════════════
+```
+
+## Step 4: Safety Confirmation
+
+```
+════════════════════════════════════════
+SAFETY REVIEW
+════════════════════════════════════════
+
+Guardrails will be generated at intervention level: Suggesting
+(Guardrails are advisory rules — they suggest constraints but do not
+enforce them. Enforcement depends on the AI assistant's behavior.)
+
+Patterns being codified: [N] from [M] domains
+
+No changes will be applied to your codebase. Guardrail files are
+generated in .radar/remediation/guardrails/ for your review before
+copying to project root.
+
+[1] Generate guardrails (recommended)
+[2] Back to format selection
+[3] Cancel
+════════════════════════════════════════
+```
+
+## Step 5: Check Existing Guardrails
+
+Check if .radar/remediation/guardrails/ already contains files:
+
+- If guardrails exist:
+  ```
+  ════════════════════════════════════════
+  EXISTING GUARDRAILS FOUND
+  ════════════════════════════════════════
+
+  claude-md-rules.md: [exists / not found]
+  cursorrules.md: [exists / not found]
+
+  [1] View existing guardrails
+  [2] Regenerate (overwrites existing)
+  [3] Back to format selection
+  [4] Cancel
+  ════════════════════════════════════════
+  ```
+
+- If no guardrails exist: proceed to Step 6
+
+## Step 6: Generate Guardrails
+
+1. Delegate to phase-7-risk-validation workflow (guardrail-generator portion)
+2. Transform safety validation runs automatically
+
+## Step 7: Guardrails Complete
+
+```
+════════════════════════════════════════
+GUARDRAILS GENERATED
+════════════════════════════════════════
+
+Generated files:
+  - .radar/remediation/guardrails/claude-md-rules.md
+  - .radar/remediation/guardrails/cursorrules.md
+
+To apply guardrails to your project:
+  - Review the generated rules
+  - Copy relevant sections to your .claude/CLAUDE.md or .cursorrules
+  - Customize rules for your project's specific needs
+
+Next steps:
+  - Run full Transform pipeline: /radar:transform
+  - Generate execution plan: continue with Phase 8 via /radar:transform
+
+════════════════════════════════════════
+```
+
+</process>
+
+<success_criteria>
+- [ ] Layer A prerequisite validated (Core audit complete)
+- [ ] Layer B prerequisite validated (remediation playbooks exist)
+- [ ] Guardrail format selected (Claude MD / Cursor / both)
+- [ ] Guardrail scope displayed (pattern count, domain count)
+- [ ] Intervention level displayed (Suggesting for guardrails)
+- [ ] Explicit confirmation obtained before generation
+- [ ] Existing guardrails detected and options presented
+- [ ] Phase 7 workflow delegated to (guardrail-generator portion)
+- [ ] Output file locations and usage instructions provided
+- [ ] Cancellation available at every decision point
+</success_criteria>

package/modules/radar/commands/init.md

@@ -0,0 +1,207 @@
+---
+name: radar:init
+description: Initialize Radar in a target project
+argument-hint: "[path-to-repo]"
+allowed-tools: [Read, Write, Edit, Bash, Glob, Grep, AskUserQuestion]
+---
+
+<objective>
+Initializes Radar in a target project by creating the `.radar/` directory structure with state tracking and framework manifest. This is the project setup command — run once per repository before auditing.
+
+If an existing `.radar/` is detected, offers resume, fresh start, or cancel.
+
+This command does NOT start an audit — it prepares the project. Run `/radar:audit` after init to begin.
+</objective>
+
+<execution_context>
+<!-- Standalone command: no workflow delegation required -->
+</execution_context>
+
+<context>
+$ARGUMENTS
+@.radar/STATE.md
+</context>
+
+<process>
+
+## Step 1: Determine Target Repository
+
+Check if $ARGUMENTS contains a repository path:
+- If YES: use the provided path as the audit target
+- If NO: use the current working directory
+
+Validate the target:
+- Confirm the path exists and is a directory
+- Check for `.git/` directory
+- If no `.git/`: warn "This directory is not a git repository. Radar works best with git repos (git-history analysis, Gitleaks). Continue anyway? [y/N]"
+- Display target path for confirmation
+
+## Step 2: Check for Existing .radar/
+
+Check if `.radar/STATE.md` exists in the target repository:
+
+- If YES: An Radar project already exists.
+  ```
+  ════════════════════════════════════════
+  EXISTING Radar PROJECT DETECTED
+  ════════════════════════════════════════
+
+  Target: [path]
+  Status: [from STATE.md — initialized / in_progress / complete]
+  Current Phase: [from STATE.md]
+  Initialized: [from STATE.md timestamp]
+
+  [1] Resume existing audit → /radar:resume
+  [2] Fresh start (archives current .radar/ to .radar-backup-{YYYYMMDD-HHMMSS}/)
+  [3] Cancel
+  ════════════════════════════════════════
+  ```
+  - If [1]: inform user to run `/radar:resume` and exit
+  - If [2]: rename `.radar/` to `.radar-backup-{timestamp}/`, then proceed to Step 3
+  - If [3]: exit
+
+- If NO `.radar/`: proceed to Step 3
+
+## Step 3: Create .radar/ Directory Structure
+
+Create the following structure:
+
+```
+.radar/
+├── STATE.md         # Audit state tracking
+├── MANIFEST.md      # Version-locked framework references
+└── findings/        # Output directory for phase findings
+```
+
+## Step 4: Initialize STATE.md
+
+Create `.radar/STATE.md` with:
+
+```markdown
+# Radar Audit State
+
+## Target
+
+Repository: {repo-name (directory basename)}
+Path: {absolute-path}
+Initialized: {ISO 8601 timestamp}
+
+## Status
+
+Overall: initialized
+Current Phase: none (run /radar:audit to begin)
+
+## Phases
+
+| Phase | Name | Status | Findings |
+|-------|------|--------|----------|
+| 0 | Context & Threat Modeling | pending | - |
+| 1 | Automated Signal Gathering | pending | - |
+| 2 | Deep Domain Audits | pending | - |
+| 3 | Change Risk & Reality Gap | pending | - |
+| 4 | Adversarial Review | pending | - |
+| 5 | Synthesis & Report | pending | - |
+
+## Tool Configuration
+
+Configured by /radar:audit at audit start.
+
+## Resume Info
+
+Last action: Project initialized
+Next action: Run /radar:audit to begin diagnostic audit
+
+## Session Tracking
+
+Sessions: 0
+Last session: -
+Started: -
+
+## Checkpoint History
+
+(Populated as phases complete)
+```
+
+## Step 5: Initialize MANIFEST.md
+
+Create `.radar/MANIFEST.md` with:
+
+```markdown
+# Radar Manifest
+
+## Framework
+
+Version: {read from ~/.claude/radar/ if available, else "unknown"}
+Framework path: ~/.claude/radar/
+Commands path: ~/.claude/commands/radar/
+Initialized: {ISO 8601 timestamp}
+
+## Installed Tools
+
+| Tool | Status | Location |
+|------|--------|----------|
+| SonarQube | {detected/not found} | {path or "n/a"} |
+| Semgrep | {detected/not found} | {path — CLI or venv} |
+| Trivy | {detected/not found} | {path} |
+| Gitleaks | {detected/not found} | {path} |
+| Checkov | {detected/not found} | {path — CLI or venv} |
+| Syft | {detected/not found} | {path} |
+| Grype | {detected/not found} | {path} |
+| Git | {detected/not found} | {path} |
+
+## Notes
+
+Run /radar:validate for detailed tool verification and troubleshooting.
+```
+
+To detect each tool:
+- Try `command -v {tool}` first (checks PATH)
+- For Python tools, also check `~/.local/share/radar/venvs/{tool}/bin/{tool}`
+- For SonarQube, also check `docker image inspect sonarsource/sonar-scanner-cli 2>/dev/null`
+- For git, use `command -v git`
+
+## Step 6: Update .gitignore
+
+Check if `.gitignore` exists in the target repository:
+- If YES: check if it contains `.radar/` (or `.radar`)
+  - If already present: do nothing
+  - If not present: append `\n# Radar audit state (generated)\n.radar/\n`
+- If NO .gitignore: create one with:
+  ```
+  # Radar audit state (generated)
+  .radar/
+  ```
+
+Report what was done.
+
+## Step 7: Display Summary
+
+```
+════════════════════════════════════════
+Radar Project Initialized
+════════════════════════════════════════
+
+Target:    {repo-name} ({absolute-path})
+State:     .radar/STATE.md
+Manifest:  .radar/MANIFEST.md
+Tools:     {X}/8 detected
+
+.radar/ added to .gitignore ✓
+
+────────────────────────────────────────
+Next steps:
+  /radar:validate  — verify tool installation
+  /radar:audit     — begin diagnostic audit
+════════════════════════════════════════
+```
+
+</process>
+
+<success_criteria>
+- [ ] Target repository identified and validated
+- [ ] Existing .radar/ handled (resume/fresh/cancel)
+- [ ] .radar/ directory created with STATE.md, MANIFEST.md, findings/
+- [ ] Tool inventory detected and recorded in MANIFEST.md
+- [ ] .radar/ added to .gitignore
+- [ ] User informed of next steps
+</success_criteria>