@agentskillkit/agent-skills 1.0.1 → 3.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.agent/ARCHITECTURE.md +406 -149
- package/.agent/CONTINUOUS_EXECUTION_POLICY.md +623 -0
- package/.agent/GEMINI.md +935 -67
- package/.agent/WORKFLOW_CHAINS.md +683 -0
- package/.agent/agents/{code-archaeologist.md → analyst.md} +37 -25
- package/.agent/agents/assessor.md +186 -0
- package/.agent/agents/{backend-specialist.md → backend.md} +44 -30
- package/.agent/agents/critic.md +164 -0
- package/.agent/agents/{database-architect.md → database.md} +36 -24
- package/.agent/agents/{debugger.md → debug.md} +49 -43
- package/.agent/agents/{devops-engineer.md → devops.md} +50 -50
- package/.agent/agents/{documentation-writer.md → docs.md} +13 -13
- package/.agent/agents/{explorer-agent.md → explorer.md} +12 -6
- package/.agent/agents/{frontend-specialist.md → frontend.md} +79 -33
- package/.agent/agents/{game-developer.md → gamedev.md} +30 -30
- package/.agent/agents/lead.md +447 -0
- package/.agent/agents/learner.md +143 -0
- package/.agent/agents/mobile.md +383 -0
- package/.agent/agents/orchestrator.md +122 -339
- package/.agent/agents/pentest.md +188 -0
- package/.agent/agents/{performance-optimizer.md → perf.md} +44 -40
- package/.agent/agents/planner.md +413 -0
- package/.agent/agents/{product-manager.md → pm.md} +38 -23
- package/.agent/agents/po.md +106 -0
- package/.agent/agents/qa.md +109 -0
- package/.agent/agents/recovery.md +168 -0
- package/.agent/agents/security.md +171 -0
- package/.agent/agents/{seo-specialist.md → seo.md} +24 -24
- package/.agent/agents/{test-engineer.md → testing.md} +39 -39
- package/.agent/archive/registry.json.v1-backup +514 -0
- package/.agent/config/execution-policy.json +90 -0
- package/.agent/config/metrics-config.json +109 -0
- package/.agent/config/notification-config.json +43 -0
- package/.agent/knowledge/README.md +95 -0
- package/.agent/knowledge/_migration_backup/lessons-learned_2026-01-27T07-45-58.862Z.yaml +55 -0
- package/.agent/knowledge/_needs_review.yaml +24 -0
- package/.agent/knowledge/autopilot-metrics.json +93 -0
- package/.agent/knowledge/autopilot-runs.json +11 -0
- package/.agent/knowledge/backups/2026-01-25T17-08-04-097Z/lessons-learned.yaml +12 -0
- package/.agent/knowledge/backups/2026-01-25T17-08-04-097Z/settings.yaml +5 -0
- package/.agent/knowledge/backups/2026-01-25T17-08-08-345Z/lessons-learned.yaml +12 -0
- package/.agent/knowledge/backups/2026-01-25T17-08-08-345Z/settings.yaml +5 -0
- package/.agent/knowledge/backups/2026-01-25T17-08-09-232Z/lessons-learned.yaml +12 -0
- package/.agent/knowledge/backups/2026-01-25T17-08-09-232Z/settings.yaml +5 -0
- package/.agent/knowledge/backups/2026-01-29T15-15-32-715Z/lessons-learned.yaml +37 -0
- package/.agent/knowledge/backups/2026-01-29T15-15-32-715Z/settings.yaml +24 -0
- package/.agent/knowledge/backups/lessons-learned.yaml.archived +58 -0
- package/.agent/knowledge/backups/lessons-learned.yaml.bak-20260128-180048 +58 -0
- package/.agent/knowledge/backups/lessons.yaml.archived +2 -0
- package/.agent/knowledge/detected-errors.json +5 -0
- package/.agent/knowledge/evolution-signals.json +95 -0
- package/.agent/knowledge/improvements.yaml +68 -0
- package/.agent/knowledge/index.json +133 -0
- package/.agent/knowledge/lessons-learned.json +15 -0
- package/.agent/knowledge/lessons-learned.yaml +10 -15
- package/.agent/knowledge/metrics.json +66 -0
- package/.agent/knowledge/mistakes.yaml +74 -0
- package/.agent/knowledge/retention.yaml +165 -0
- package/.agent/knowledge/scans/scan_1769543882183.json +13 -0
- package/.agent/knowledge/scans/scan_1769543882322.json +13 -0
- package/.agent/knowledge/scans/scan_1769543882443.json +13 -0
- package/.agent/knowledge/scans/scan_1769543889157.json +13 -0
- package/.agent/knowledge/scans/scan_1769543950029.json +13 -0
- package/.agent/knowledge/scans/scan_1769696246716.json +13 -0
- package/.agent/knowledge/scans/scan_1769696247452.json +13 -0
- package/.agent/knowledge/scans/scan_1769698907767.json +13 -0
- package/.agent/knowledge/scans/scan_1769698934018.json +13 -0
- package/.agent/knowledge/scans/scan_1769699718013.json +13 -0
- package/.agent/knowledge/schema/common.schema.json +140 -0
- package/.agent/knowledge/schema/evolution-signals.schema.json +93 -0
- package/.agent/knowledge/schema/improvements.schema.json +132 -0
- package/.agent/knowledge/schema/mistakes.schema.json +138 -0
- package/.agent/knowledge/schema/settings.schema.json +102 -0
- package/.agent/knowledge/settings.yaml +5 -0
- package/.agent/knowledge/taxonomy.yaml +218 -0
- package/.agent/metrics/autopilot-metrics-schema.yaml +183 -0
- package/.agent/scripts-js/adaptive-workflow.js +504 -0
- package/.agent/scripts-js/auto_preview.js +166 -0
- package/.agent/scripts-js/autopilot-metrics.js +567 -0
- package/.agent/scripts-js/autopilot-runner.js +455 -0
- package/.agent/scripts-js/batch-skill-update.cjs +248 -0
- package/.agent/scripts-js/benchmark.cjs +147 -0
- package/.agent/scripts-js/checklist.js +174 -0
- package/.agent/scripts-js/compact-registry.cjs +79 -0
- package/.agent/scripts-js/execution-history.js +119 -0
- package/.agent/scripts-js/execution-policy.js +339 -0
- package/.agent/scripts-js/health-check.js +192 -0
- package/.agent/scripts-js/metrics-collector.js +364 -0
- package/.agent/scripts-js/metrics-dashboard.js +372 -0
- package/.agent/scripts-js/preflight-assessment.js +347 -0
- package/.agent/scripts-js/scaffold-nextjs.js +197 -0
- package/.agent/scripts-js/session_manager.js +200 -0
- package/.agent/scripts-js/skill-validator.js +318 -0
- package/.agent/scripts-js/utils/colors.js +56 -0
- package/.agent/scripts-js/utils/process-manager.js +148 -0
- package/.agent/scripts-js/utils/reporter.js +168 -0
- package/.agent/scripts-js/utils/runner.js +117 -0
- package/.agent/scripts-js/verify-skills.js +252 -0
- package/.agent/scripts-js/verify_all.js +242 -0
- package/.agent/scripts-js/workflow-engine.js +545 -0
- package/.agent/scripts-js/workflow-validator.js +417 -0
- package/.agent/skill-lock.json +343 -0
- package/.agent/skills/agent-patterns/SKILL.md +761 -0
- package/.agent/skills/auto-learner/SKILL.md +280 -0
- package/.agent/skills/auto-learner/dashboard/index.html +494 -0
- package/.agent/skills/auto-learner/references/learned-imports.md +50 -0
- package/.agent/skills/auto-learner/scripts/dashboard_server.js +224 -0
- package/.agent/skills/auto-learner/scripts/error_sensor.js +460 -0
- package/.agent/skills/auto-learner/scripts/learn_from_failure.js +225 -0
- package/.agent/skills/auto-learner/scripts/pattern_analyzer.js +594 -0
- package/.agent/skills/auto-learner/scripts/pre_execution_check.js +464 -0
- package/.agent/skills/auto-learner/scripts/user_correction_sensor.js +426 -0
- package/.agent/skills/debug-pro/SKILL.md +354 -0
- package/.agent/skills/execution-reporter/SKILL.md +195 -0
- package/.agent/skills/gitops/SKILL.md +303 -0
- package/.agent/skills/gitops/references/argocd-setup.md +134 -0
- package/.agent/skills/gitops/references/sync-policies.md +131 -0
- package/.agent/skills/lifecycle-orchestrator/SKILL.md +83 -0
- package/.agent/skills/mobile-design/SKILL.md +258 -50
- package/.agent/skills/mobile-developer/SKILL.md +205 -0
- package/.agent/skills/mobile-security-coder/SKILL.md +184 -0
- package/.agent/skills/observability/SKILL.md +397 -0
- package/.agent/skills/problem-checker/SKILL.md +195 -0
- package/.agent/skills/problem-checker/scripts/check_problems.js +261 -0
- package/.agent/skills/registry.backup.json +2251 -0
- package/.agent/skills/registry.json +940 -366
- package/.agent/skills/registry.phase1.backup.json +1278 -0
- package/.agent/skills/requirements-python.txt +25 -0
- package/.agent/skills/requirements.txt +96 -0
- package/.agent/skills/state-rollback/SKILL.md +240 -0
- package/.agent/skills/state-rollback/scripts/state_manager.js +282 -0
- package/.agent/skills/studio/SKILL.md +107 -0
- package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/styles.csv +16 -16
- package/.agent/skills/studio/scripts-js/core.js +344 -0
- package/.agent/skills/studio/scripts-js/design_system.js +952 -0
- package/.agent/skills/studio/scripts-js/jsconfig.json +27 -0
- package/.agent/skills/studio/scripts-js/search.js +191 -0
- package/.agent/skills/studio/scripts-js/types.d.ts +276 -0
- package/.agent/skills/studio/scripts-js/utils/component-specs.js +153 -0
- package/.agent/skills/studio/scripts-js/utils/config-loader.js +164 -0
- package/.agent/skills/studio/scripts-js/utils/css-templates.js +168 -0
- package/.agent/skills/studio/scripts-js/utils/css-validator.js +94 -0
- package/.agent/skills/studio/scripts-js/utils/csv-loader.js +55 -0
- package/.agent/skills/studio/scripts-js/utils/intelligent-overrides.js +128 -0
- package/.agent/skills/studio/scripts-js/utils/page-override-formatter.js +142 -0
- package/.agent/skills/studio/scripts-js/utils/page-type-detector.js +123 -0
- package/.agent/skills/studio/scripts-js/utils/search-cache.js +190 -0
- package/.agent/skills/studio/scripts-js/utils/text-utils.js +54 -0
- package/.agent/skills/typescript-expert/SKILL.md +429 -0
- package/.agent/skills/typescript-expert/references/tsconfig-strict.json +92 -0
- package/.agent/skills/typescript-expert/references/typescript-cheatsheet.md +383 -0
- package/.agent/skills/typescript-expert/references/utility-types.ts +335 -0
- package/.agent/skills/typescript-expert/scripts/ts_diagnostic.py +203 -0
- package/.agent/skills-audit-report.md +114 -0
- package/.agent/workflows/README.md +707 -0
- package/.agent/workflows/agent.md +77 -0
- package/.agent/workflows/alert.md +333 -0
- package/.agent/workflows/api.md +209 -0
- package/.agent/workflows/architect.md +148 -42
- package/.agent/workflows/auto-accept-process.md +275 -0
- package/.agent/workflows/autopilot.md +755 -92
- package/.agent/workflows/benchmark.md +221 -0
- package/.agent/workflows/boost.md +61 -26
- package/.agent/workflows/build.md +114 -54
- package/.agent/workflows/chronicle.md +19 -0
- package/.agent/workflows/diagnose.md +72 -30
- package/.agent/workflows/diagram.md +121 -0
- package/.agent/workflows/flags.md +149 -0
- package/.agent/workflows/forge.md +15 -5
- package/.agent/workflows/game.md +142 -0
- package/.agent/workflows/inspect.md +76 -40
- package/.agent/workflows/launch.md +183 -40
- package/.agent/workflows/mobile.md +106 -0
- package/.agent/workflows/monitor.md +283 -0
- package/.agent/workflows/optimize.md +220 -0
- package/.agent/workflows/pulse.md +113 -43
- package/.agent/workflows/stage.md +37 -10
- package/.agent/workflows/studio.md +35 -13
- package/.agent/workflows/think.md +19 -0
- package/.agent/workflows/validate.md +21 -1
- package/CHANGELOG.md +448 -24
- package/LICENSE +29 -7
- package/README.backup.md +540 -0
- package/README.md +870 -203
- package/docs/README.md +62 -0
- package/docs/archive/plan-v21.md +170 -0
- package/docs/getting-started.md +337 -0
- package/docs/guides/migration.md +70 -0
- package/docs/guides/publishing.md +88 -0
- package/docs/reference/python-strategy.md +393 -0
- package/docs/reference/scripts.md +56 -0
- package/docs/reference/skill-standard.md +457 -0
- package/package.json +51 -7
- package/packages/cli/.agent/knowledge/evolution-signals.json +51 -0
- package/packages/cli/.agent/knowledge/lessons-learned.yaml +25 -15
- package/packages/cli/.agent/knowledge/scans/scan_demo.json +58 -0
- package/packages/cli/README.md +21 -0
- package/packages/cli/bin/{ag-smart.js → agent.js} +37 -5
- package/packages/cli/examples/demo-violations.js +27 -0
- package/packages/cli/lib/audit.js +134 -49
- package/packages/cli/lib/audit.test.js +100 -0
- package/packages/cli/lib/auto-learn.js +1 -1
- package/packages/cli/lib/backup.js +138 -0
- package/packages/cli/lib/backup.test.js +78 -0
- package/packages/cli/lib/cognitive-lesson.js +476 -0
- package/packages/cli/lib/completion.js +149 -0
- package/packages/cli/lib/config.js +8 -2
- package/packages/cli/lib/eslint-fix.js +1 -1
- package/packages/cli/lib/evolution-signal.js +215 -0
- package/packages/cli/lib/export.js +86 -0
- package/packages/cli/lib/export.test.js +65 -0
- package/packages/cli/lib/fix.js +61 -2
- package/packages/cli/lib/fix.test.js +80 -0
- package/packages/cli/lib/gemini-export.js +83 -0
- package/packages/cli/lib/hooks/install-hooks.js +8 -32
- package/packages/cli/lib/hooks/lint-learn.js +2 -2
- package/packages/cli/lib/icons.js +93 -0
- package/packages/cli/lib/ignore.js +116 -0
- package/packages/cli/lib/ignore.test.js +58 -0
- package/packages/cli/lib/init.js +124 -0
- package/packages/cli/lib/knowledge-index.js +326 -0
- package/packages/cli/lib/knowledge-metrics.js +335 -0
- package/packages/cli/lib/knowledge-retention.js +398 -0
- package/packages/cli/lib/knowledge-validator.js +312 -0
- package/packages/cli/lib/learn.js +115 -33
- package/packages/cli/lib/migrate-to-v4.js +322 -0
- package/packages/cli/lib/proposals.js +199 -0
- package/packages/cli/lib/proposals.test.js +56 -0
- package/packages/cli/lib/recall.js +792 -41
- package/packages/cli/lib/recall.test.js +107 -0
- package/packages/cli/lib/selfevolution-bridge.js +167 -0
- package/packages/cli/lib/settings.js +203 -0
- package/packages/cli/lib/skill-learn.js +1 -1
- package/packages/cli/lib/stats.js +31 -42
- package/packages/cli/lib/stats.test.js +94 -0
- package/packages/cli/lib/ui/audit-ui.js +146 -0
- package/packages/cli/lib/ui/backup-ui.js +107 -0
- package/packages/cli/lib/ui/clack-helpers.js +317 -0
- package/packages/cli/lib/ui/common.js +83 -0
- package/packages/cli/lib/ui/completion-ui.js +126 -0
- package/packages/cli/lib/ui/custom-select.js +69 -0
- package/packages/cli/lib/ui/evolution-signals-ui.js +107 -0
- package/packages/cli/lib/ui/export-ui.js +94 -0
- package/packages/cli/lib/ui/fix-all-ui.js +191 -0
- package/packages/cli/lib/ui/help-ui.js +26 -0
- package/packages/cli/lib/ui/index.js +147 -0
- package/packages/cli/lib/ui/init-ui.js +56 -0
- package/packages/cli/lib/ui/knowledge-ui.js +55 -0
- package/packages/cli/lib/ui/learn-ui.js +706 -0
- package/packages/cli/lib/ui/lessons-ui.js +148 -0
- package/packages/cli/lib/ui/pretty.js +145 -0
- package/packages/cli/lib/ui/proposals-ui.js +99 -0
- package/packages/cli/lib/ui/recall-ui.js +342 -0
- package/packages/cli/lib/ui/routing-demo.js +79 -0
- package/packages/cli/lib/ui/routing-ui.js +325 -0
- package/packages/cli/lib/ui/settings-ui.js +103 -0
- package/packages/cli/lib/ui/stats-ui.js +73 -0
- package/packages/cli/lib/ui/watch-ui.js +236 -0
- package/packages/cli/lib/watcher.js +1 -1
- package/packages/cli/lib/watcher.test.js +85 -0
- package/packages/cli/node_modules/.package-lock.json +1529 -0
- package/packages/cli/node_modules/.vite/vitest/results.json +1 -0
- package/packages/cli/package-lock.json +1164 -688
- package/packages/cli/package.json +39 -10
- package/packages/cli/scripts/export-key.js +80 -0
- package/packages/cli/src/MIGRATION.md +418 -0
- package/packages/cli/src/README.md +367 -0
- package/packages/cli/src/core/evolution/evolution-signal.js +42 -0
- package/packages/cli/src/core/evolution/index.js +17 -0
- package/packages/cli/src/core/evolution/review-gate.js +40 -0
- package/packages/cli/src/core/evolution/signal-detector.js +137 -0
- package/packages/cli/src/core/evolution/signal-queue.js +79 -0
- package/packages/cli/src/core/evolution/threshold-checker.js +79 -0
- package/packages/cli/src/core/index.js +15 -0
- package/packages/cli/src/core/learning/cognitive-enhancer.js +282 -0
- package/packages/cli/src/core/learning/index.js +12 -0
- package/packages/cli/src/core/learning/lesson-synthesizer.js +83 -0
- package/packages/cli/src/core/scanning/index.js +14 -0
- package/packages/cli/src/data/index.js +13 -0
- package/packages/cli/src/data/repositories/index.js +8 -0
- package/packages/cli/src/data/repositories/lesson-repository.js +130 -0
- package/packages/cli/src/data/repositories/signal-repository.js +119 -0
- package/packages/cli/src/data/storage/index.js +8 -0
- package/packages/cli/src/data/storage/json-storage.js +64 -0
- package/packages/cli/src/data/storage/yaml-storage.js +66 -0
- package/packages/cli/src/infrastructure/index.js +13 -0
- package/packages/cli/src/presentation/formatters/skill-formatter.js +232 -0
- package/packages/cli/src/services/export-service.js +162 -0
- package/packages/cli/src/services/index.js +13 -0
- package/packages/cli/src/services/learning-service.js +99 -0
- package/packages/cli/tests/integration/evolution-signals.test.js +46 -0
- package/packages/cli/tests/integration/gemini-export.test.js +53 -0
- package/packages/cli/tests/integration/learning-service.test.js +33 -0
- package/packages/cli/tests/integration/signal-detector.test.js +29 -0
- package/packages/cli/tests/unit/cognitive-enhancer.test.js +56 -0
- package/packages/cli/tests/unit/lesson-synthesizer.test.js +84 -0
- package/packages/cli/tests/unit/skill-formatter.test.js +106 -0
- package/packages/cli/vitest.config.js +28 -1
- package/scripts/rebrand/README.md +472 -0
- package/scripts/rebrand/index.mjs +449 -0
- package/scripts/rebrand/v4.mjs +800 -0
- package/tests/e2e/studio-workflow.test.js +100 -0
- package/tests/e2e/validate-workflow.test.js +71 -0
- package/tests/scripts/colors.test.js +75 -0
- package/tests/scripts/component-specs.test.js +157 -0
- package/tests/scripts/config-loader.test.js +204 -0
- package/tests/scripts/core-bm25.test.js +112 -0
- package/tests/scripts/css-templates.test.js +123 -0
- package/tests/scripts/css-validator.test.js +137 -0
- package/tests/scripts/format-master-md.test.js +232 -0
- package/tests/scripts/integration/studio-integration.test.js +183 -0
- package/tests/scripts/intelligent-overrides.test.js +181 -0
- package/tests/scripts/page-override-formatter.test.js +227 -0
- package/tests/scripts/page-type-detector.test.js +141 -0
- package/tests/scripts/process-manager.test.js +79 -0
- package/tests/scripts/reporter.test.js +96 -0
- package/tests/scripts/runner.test.js +82 -0
- package/tests/scripts/search-cache.test.js +210 -0
- package/tests/scripts/text-utils.test.js +63 -0
- package/.agent/.shared/ui-ux-pro-max/scripts/__pycache__/core.cpython-313.pyc +0 -0
- package/.agent/.shared/ui-ux-pro-max/scripts/__pycache__/design_system.cpython-313.pyc +0 -0
- package/.agent/.shared/ui-ux-pro-max/scripts/core.py +0 -258
- package/.agent/.shared/ui-ux-pro-max/scripts/design_system.py +0 -1067
- package/.agent/.shared/ui-ux-pro-max/scripts/search.py +0 -106
- package/.agent/agents/mobile-developer.md +0 -377
- package/.agent/agents/penetration-tester.md +0 -188
- package/.agent/agents/product-owner.md +0 -95
- package/.agent/agents/project-planner.md +0 -406
- package/.agent/agents/qa-automation-engineer.md +0 -103
- package/.agent/agents/security-auditor.md +0 -170
- package/.agent/rules/GEMINI.md +0 -253
- package/.agent/scripts/auto_preview.py +0 -148
- package/.agent/scripts/checklist.py +0 -217
- package/.agent/scripts/session_manager.py +0 -120
- package/.agent/scripts/verify_all.py +0 -327
- package/.agent/skills/aesthetic/SKILL.md +0 -121
- package/.agent/skills/aesthetic/assets/design-guideline-template.md +0 -163
- package/.agent/skills/aesthetic/assets/design-story-template.md +0 -135
- package/.agent/skills/aesthetic/references/design-principles.md +0 -62
- package/.agent/skills/aesthetic/references/design-resources.md +0 -75
- package/.agent/skills/aesthetic/references/micro-interactions.md +0 -53
- package/.agent/skills/aesthetic/references/storytelling-design.md +0 -50
- package/.agent/skills/api-patterns/SKILL.md +0 -81
- package/.agent/skills/api-patterns/rules/api-style.md +0 -42
- package/.agent/skills/api-patterns/rules/auth.md +0 -24
- package/.agent/skills/api-patterns/rules/documentation.md +0 -26
- package/.agent/skills/api-patterns/rules/graphql.md +0 -41
- package/.agent/skills/api-patterns/rules/rate-limiting.md +0 -31
- package/.agent/skills/api-patterns/rules/response.md +0 -37
- package/.agent/skills/api-patterns/rules/rest.md +0 -40
- package/.agent/skills/api-patterns/rules/security-testing.md +0 -122
- package/.agent/skills/api-patterns/rules/trpc.md +0 -41
- package/.agent/skills/api-patterns/rules/versioning.md +0 -22
- package/.agent/skills/api-patterns/scripts/api_validator.py +0 -211
- package/.agent/skills/app-builder/SKILL.md +0 -75
- package/.agent/skills/app-builder/agent-coordination.md +0 -71
- package/.agent/skills/app-builder/feature-building.md +0 -53
- package/.agent/skills/app-builder/project-detection.md +0 -34
- package/.agent/skills/app-builder/scaffolding.md +0 -118
- package/.agent/skills/app-builder/tech-stack.md +0 -40
- package/.agent/skills/app-builder/templates/SKILL.md +0 -39
- package/.agent/skills/app-builder/templates/astro-static/TEMPLATE.md +0 -76
- package/.agent/skills/app-builder/templates/chrome-extension/TEMPLATE.md +0 -92
- package/.agent/skills/app-builder/templates/cli-tool/TEMPLATE.md +0 -88
- package/.agent/skills/app-builder/templates/electron-desktop/TEMPLATE.md +0 -88
- package/.agent/skills/app-builder/templates/express-api/TEMPLATE.md +0 -83
- package/.agent/skills/app-builder/templates/flutter-app/TEMPLATE.md +0 -90
- package/.agent/skills/app-builder/templates/monorepo-turborepo/TEMPLATE.md +0 -90
- package/.agent/skills/app-builder/templates/nextjs-fullstack/TEMPLATE.md +0 -82
- package/.agent/skills/app-builder/templates/nextjs-saas/TEMPLATE.md +0 -100
- package/.agent/skills/app-builder/templates/nextjs-static/TEMPLATE.md +0 -106
- package/.agent/skills/app-builder/templates/nuxt-app/TEMPLATE.md +0 -101
- package/.agent/skills/app-builder/templates/python-fastapi/TEMPLATE.md +0 -83
- package/.agent/skills/app-builder/templates/react-native-app/TEMPLATE.md +0 -93
- package/.agent/skills/architecture/SKILL.md +0 -55
- package/.agent/skills/architecture/context-discovery.md +0 -43
- package/.agent/skills/architecture/examples.md +0 -94
- package/.agent/skills/architecture/pattern-selection.md +0 -68
- package/.agent/skills/architecture/patterns-reference.md +0 -50
- package/.agent/skills/architecture/trade-off-analysis.md +0 -77
- package/.agent/skills/bash-linux/SKILL.md +0 -199
- package/.agent/skills/behavioral-modes/SKILL.md +0 -242
- package/.agent/skills/brainstorming/SKILL.md +0 -163
- package/.agent/skills/brainstorming/dynamic-questioning.md +0 -350
- package/.agent/skills/clean-code/SKILL.md +0 -201
- package/.agent/skills/code-review-checklist/SKILL.md +0 -109
- package/.agent/skills/code-reviewer/.skill-source.json +0 -8
- package/.agent/skills/code-reviewer/SKILL.md +0 -32
- package/.agent/skills/code-reviewer/enforcement/checklists/backend-api-review-checklist.md +0 -5
- package/.agent/skills/code-reviewer/examples/approved-pr/review-output.md +0 -76
- package/.agent/skills/code-reviewer/examples/rejected-pr/review-output.md +0 -99
- package/.agent/skills/code-reviewer/examples/scenarios.md +0 -3
- package/.agent/skills/code-reviewer/metadata/doctrine-mapping.yaml +0 -167
- package/.agent/skills/code-reviewer/metadata/intent-triggers.yaml +0 -41
- package/.agent/skills/code-reviewer/resources/links.md +0 -59
- package/.agent/skills/code-reviewer/scripts/audit_pr.js +0 -8
- package/.agent/skills/code-reviewer/scripts/audit_pr.v2.js +0 -417
- package/.agent/skills/code-reviewer/scripts/validate_doctrine.js +0 -307
- package/.agent/skills/context-engineering/SKILL.md +0 -86
- package/.agent/skills/context-engineering/references/context-compression.md +0 -84
- package/.agent/skills/context-engineering/references/context-degradation.md +0 -93
- package/.agent/skills/context-engineering/references/context-fundamentals.md +0 -75
- package/.agent/skills/context-engineering/references/context-optimization.md +0 -82
- package/.agent/skills/context-engineering/references/evaluation.md +0 -89
- package/.agent/skills/context-engineering/references/memory-systems.md +0 -88
- package/.agent/skills/context-engineering/references/multi-agent-patterns.md +0 -90
- package/.agent/skills/context-engineering/references/project-development.md +0 -97
- package/.agent/skills/context-engineering/references/tool-design.md +0 -86
- package/.agent/skills/context-engineering/scripts/compression_evaluator.py +0 -329
- package/.agent/skills/context-engineering/scripts/context_analyzer.py +0 -294
- package/.agent/skills/database-design/SKILL.md +0 -52
- package/.agent/skills/database-design/database-selection.md +0 -43
- package/.agent/skills/database-design/indexing.md +0 -39
- package/.agent/skills/database-design/migrations.md +0 -48
- package/.agent/skills/database-design/optimization.md +0 -36
- package/.agent/skills/database-design/orm-selection.md +0 -30
- package/.agent/skills/database-design/schema-design.md +0 -56
- package/.agent/skills/database-design/scripts/schema_validator.py +0 -172
- package/.agent/skills/debugging/SKILL.md +0 -42
- package/.agent/skills/deployment-procedures/SKILL.md +0 -241
- package/.agent/skills/doc.md +0 -177
- package/.agent/skills/document-skills/SKILL.md +0 -49
- package/.agent/skills/document-skills/docx/LICENSE.txt +0 -30
- package/.agent/skills/document-skills/docx/SKILL.md +0 -197
- package/.agent/skills/document-skills/docx/docx-js.md +0 -350
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/dml-chart.xsd +0 -1499
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/dml-chartDrawing.xsd +0 -146
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/dml-diagram.xsd +0 -1085
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/dml-lockedCanvas.xsd +0 -11
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/dml-main.xsd +0 -3081
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/dml-picture.xsd +0 -23
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/dml-spreadsheetDrawing.xsd +0 -185
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/dml-wordprocessingDrawing.xsd +0 -287
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/pml.xsd +0 -1676
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/shared-additionalCharacteristics.xsd +0 -28
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/shared-bibliography.xsd +0 -144
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/shared-commonSimpleTypes.xsd +0 -174
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/shared-customXmlDataProperties.xsd +0 -25
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/shared-customXmlSchemaProperties.xsd +0 -18
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/shared-documentPropertiesCustom.xsd +0 -59
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/shared-documentPropertiesExtended.xsd +0 -56
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/shared-documentPropertiesVariantTypes.xsd +0 -195
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/shared-math.xsd +0 -582
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/shared-relationshipReference.xsd +0 -25
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/sml.xsd +0 -4439
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/vml-main.xsd +0 -570
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/vml-officeDrawing.xsd +0 -509
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/vml-presentationDrawing.xsd +0 -12
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/vml-spreadsheetDrawing.xsd +0 -108
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/vml-wordprocessingDrawing.xsd +0 -96
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/wml.xsd +0 -3646
- package/.agent/skills/document-skills/docx/ooxml/schemas/ISO-IEC29500-4_2016/xml.xsd +0 -116
- package/.agent/skills/document-skills/docx/ooxml/schemas/ecma/fouth-edition/opc-contentTypes.xsd +0 -42
- package/.agent/skills/document-skills/docx/ooxml/schemas/ecma/fouth-edition/opc-coreProperties.xsd +0 -50
- package/.agent/skills/document-skills/docx/ooxml/schemas/ecma/fouth-edition/opc-digSig.xsd +0 -49
- package/.agent/skills/document-skills/docx/ooxml/schemas/ecma/fouth-edition/opc-relationships.xsd +0 -33
- package/.agent/skills/document-skills/docx/ooxml/schemas/mce/mc.xsd +0 -75
- package/.agent/skills/document-skills/docx/ooxml/schemas/microsoft/wml-2010.xsd +0 -560
- package/.agent/skills/document-skills/docx/ooxml/schemas/microsoft/wml-2012.xsd +0 -67
- package/.agent/skills/document-skills/docx/ooxml/schemas/microsoft/wml-2018.xsd +0 -14
- package/.agent/skills/document-skills/docx/ooxml/schemas/microsoft/wml-cex-2018.xsd +0 -20
- package/.agent/skills/document-skills/docx/ooxml/schemas/microsoft/wml-cid-2016.xsd +0 -13
- package/.agent/skills/document-skills/docx/ooxml/schemas/microsoft/wml-sdtdatahash-2020.xsd +0 -4
- package/.agent/skills/document-skills/docx/ooxml/schemas/microsoft/wml-symex-2015.xsd +0 -8
- package/.agent/skills/document-skills/docx/ooxml/scripts/pack.py +0 -159
- package/.agent/skills/document-skills/docx/ooxml/scripts/unpack.py +0 -29
- package/.agent/skills/document-skills/docx/ooxml/scripts/validate.py +0 -69
- package/.agent/skills/document-skills/docx/ooxml/scripts/validation/__init__.py +0 -15
- package/.agent/skills/document-skills/docx/ooxml/scripts/validation/base.py +0 -951
- package/.agent/skills/document-skills/docx/ooxml/scripts/validation/docx.py +0 -274
- package/.agent/skills/document-skills/docx/ooxml/scripts/validation/pptx.py +0 -315
- package/.agent/skills/document-skills/docx/ooxml/scripts/validation/redlining.py +0 -279
- package/.agent/skills/document-skills/docx/ooxml.md +0 -610
- package/.agent/skills/document-skills/docx/scripts/__init__.py +0 -1
- package/.agent/skills/document-skills/docx/scripts/document.py +0 -1276
- package/.agent/skills/document-skills/docx/scripts/templates/comments.xml +0 -3
- package/.agent/skills/document-skills/docx/scripts/templates/commentsExtended.xml +0 -3
- package/.agent/skills/document-skills/docx/scripts/templates/commentsExtensible.xml +0 -3
- package/.agent/skills/document-skills/docx/scripts/templates/commentsIds.xml +0 -3
- package/.agent/skills/document-skills/docx/scripts/templates/people.xml +0 -3
- package/.agent/skills/document-skills/docx/scripts/utilities.py +0 -374
- package/.agent/skills/document-skills/pdf/LICENSE.txt +0 -30
- package/.agent/skills/document-skills/pdf/SKILL.md +0 -294
- package/.agent/skills/document-skills/pdf/forms.md +0 -205
- package/.agent/skills/document-skills/pdf/reference.md +0 -612
- package/.agent/skills/document-skills/pdf/scripts/check_bounding_boxes.py +0 -70
- package/.agent/skills/document-skills/pdf/scripts/check_bounding_boxes_test.py +0 -226
- package/.agent/skills/document-skills/pdf/scripts/check_fillable_fields.py +0 -12
- package/.agent/skills/document-skills/pdf/scripts/convert_pdf_to_images.py +0 -35
- package/.agent/skills/document-skills/pdf/scripts/create_validation_image.py +0 -41
- package/.agent/skills/document-skills/pdf/scripts/extract_form_field_info.py +0 -152
- package/.agent/skills/document-skills/pdf/scripts/fill_fillable_fields.py +0 -114
- package/.agent/skills/document-skills/pdf/scripts/fill_pdf_form_with_annotations.py +0 -108
- package/.agent/skills/document-skills/pptx/LICENSE.txt +0 -30
- package/.agent/skills/document-skills/pptx/SKILL.md +0 -484
- package/.agent/skills/document-skills/pptx/html2pptx.md +0 -625
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-chart.xsd +0 -1499
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-chartDrawing.xsd +0 -146
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-diagram.xsd +0 -1085
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-lockedCanvas.xsd +0 -11
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-main.xsd +0 -3081
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-picture.xsd +0 -23
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-spreadsheetDrawing.xsd +0 -185
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-wordprocessingDrawing.xsd +0 -287
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/pml.xsd +0 -1676
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-additionalCharacteristics.xsd +0 -28
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-bibliography.xsd +0 -144
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-commonSimpleTypes.xsd +0 -174
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-customXmlDataProperties.xsd +0 -25
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-customXmlSchemaProperties.xsd +0 -18
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-documentPropertiesCustom.xsd +0 -59
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-documentPropertiesExtended.xsd +0 -56
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-documentPropertiesVariantTypes.xsd +0 -195
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-math.xsd +0 -582
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-relationshipReference.xsd +0 -25
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/sml.xsd +0 -4439
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/vml-main.xsd +0 -570
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/vml-officeDrawing.xsd +0 -509
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/vml-presentationDrawing.xsd +0 -12
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/vml-spreadsheetDrawing.xsd +0 -108
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/vml-wordprocessingDrawing.xsd +0 -96
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/wml.xsd +0 -3646
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/xml.xsd +0 -116
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ecma/fouth-edition/opc-contentTypes.xsd +0 -42
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ecma/fouth-edition/opc-coreProperties.xsd +0 -50
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ecma/fouth-edition/opc-digSig.xsd +0 -49
- package/.agent/skills/document-skills/pptx/ooxml/schemas/ecma/fouth-edition/opc-relationships.xsd +0 -33
- package/.agent/skills/document-skills/pptx/ooxml/schemas/mce/mc.xsd +0 -75
- package/.agent/skills/document-skills/pptx/ooxml/schemas/microsoft/wml-2010.xsd +0 -560
- package/.agent/skills/document-skills/pptx/ooxml/schemas/microsoft/wml-2012.xsd +0 -67
- package/.agent/skills/document-skills/pptx/ooxml/schemas/microsoft/wml-2018.xsd +0 -14
- package/.agent/skills/document-skills/pptx/ooxml/schemas/microsoft/wml-cex-2018.xsd +0 -20
- package/.agent/skills/document-skills/pptx/ooxml/schemas/microsoft/wml-cid-2016.xsd +0 -13
- package/.agent/skills/document-skills/pptx/ooxml/schemas/microsoft/wml-sdtdatahash-2020.xsd +0 -4
- package/.agent/skills/document-skills/pptx/ooxml/schemas/microsoft/wml-symex-2015.xsd +0 -8
- package/.agent/skills/document-skills/pptx/ooxml/scripts/pack.py +0 -159
- package/.agent/skills/document-skills/pptx/ooxml/scripts/unpack.py +0 -29
- package/.agent/skills/document-skills/pptx/ooxml/scripts/validate.py +0 -69
- package/.agent/skills/document-skills/pptx/ooxml/scripts/validation/__init__.py +0 -15
- package/.agent/skills/document-skills/pptx/ooxml/scripts/validation/base.py +0 -951
- package/.agent/skills/document-skills/pptx/ooxml/scripts/validation/docx.py +0 -274
- package/.agent/skills/document-skills/pptx/ooxml/scripts/validation/pptx.py +0 -315
- package/.agent/skills/document-skills/pptx/ooxml/scripts/validation/redlining.py +0 -279
- package/.agent/skills/document-skills/pptx/ooxml.md +0 -427
- package/.agent/skills/document-skills/pptx/scripts/html2pptx.js +0 -979
- package/.agent/skills/document-skills/pptx/scripts/inventory.py +0 -1020
- package/.agent/skills/document-skills/pptx/scripts/rearrange.py +0 -231
- package/.agent/skills/document-skills/pptx/scripts/replace.py +0 -385
- package/.agent/skills/document-skills/pptx/scripts/thumbnail.py +0 -450
- package/.agent/skills/document-skills/xlsx/LICENSE.txt +0 -30
- package/.agent/skills/document-skills/xlsx/SKILL.md +0 -289
- package/.agent/skills/document-skills/xlsx/recalc.py +0 -178
- package/.agent/skills/documentation-templates/SKILL.md +0 -194
- package/.agent/skills/frontend/SKILL.md +0 -38
- package/.agent/skills/frontend/rules/_sections.md +0 -46
- package/.agent/skills/frontend/rules/_template.md +0 -28
- package/.agent/skills/frontend/rules/advanced-event-handler-refs.md +0 -55
- package/.agent/skills/frontend/rules/advanced-init-once.md +0 -42
- package/.agent/skills/frontend/rules/advanced-use-latest.md +0 -39
- package/.agent/skills/frontend/rules/async-api-routes.md +0 -38
- package/.agent/skills/frontend/rules/async-defer-await.md +0 -80
- package/.agent/skills/frontend/rules/async-dependencies.md +0 -51
- package/.agent/skills/frontend/rules/async-parallel.md +0 -28
- package/.agent/skills/frontend/rules/async-suspense-boundaries.md +0 -99
- package/.agent/skills/frontend/rules/bundle-barrel-imports.md +0 -59
- package/.agent/skills/frontend/rules/bundle-conditional.md +0 -31
- package/.agent/skills/frontend/rules/bundle-defer-third-party.md +0 -49
- package/.agent/skills/frontend/rules/bundle-dynamic-imports.md +0 -35
- package/.agent/skills/frontend/rules/bundle-preload.md +0 -50
- package/.agent/skills/frontend/rules/client-event-listeners.md +0 -74
- package/.agent/skills/frontend/rules/client-localstorage-schema.md +0 -71
- package/.agent/skills/frontend/rules/client-passive-event-listeners.md +0 -48
- package/.agent/skills/frontend/rules/client-swr-dedup.md +0 -56
- package/.agent/skills/frontend/rules/js-batch-dom-css.md +0 -107
- package/.agent/skills/frontend/rules/js-cache-function-results.md +0 -80
- package/.agent/skills/frontend/rules/js-cache-property-access.md +0 -28
- package/.agent/skills/frontend/rules/js-cache-storage.md +0 -70
- package/.agent/skills/frontend/rules/js-combine-iterations.md +0 -32
- package/.agent/skills/frontend/rules/js-early-exit.md +0 -50
- package/.agent/skills/frontend/rules/js-hoist-regexp.md +0 -45
- package/.agent/skills/frontend/rules/js-index-maps.md +0 -37
- package/.agent/skills/frontend/rules/js-length-check-first.md +0 -49
- package/.agent/skills/frontend/rules/js-min-max-loop.md +0 -82
- package/.agent/skills/frontend/rules/js-set-map-lookups.md +0 -24
- package/.agent/skills/frontend/rules/js-tosorted-immutable.md +0 -57
- package/.agent/skills/frontend/rules/rendering-activity.md +0 -26
- package/.agent/skills/frontend/rules/rendering-animate-svg-wrapper.md +0 -47
- package/.agent/skills/frontend/rules/rendering-conditional-render.md +0 -40
- package/.agent/skills/frontend/rules/rendering-content-visibility.md +0 -38
- package/.agent/skills/frontend/rules/rendering-hoist-jsx.md +0 -46
- package/.agent/skills/frontend/rules/rendering-hydration-no-flicker.md +0 -82
- package/.agent/skills/frontend/rules/rendering-hydration-suppress-warning.md +0 -30
- package/.agent/skills/frontend/rules/rendering-svg-precision.md +0 -28
- package/.agent/skills/frontend/rules/rendering-usetransition-loading.md +0 -75
- package/.agent/skills/frontend/rules/rerender-defer-reads.md +0 -39
- package/.agent/skills/frontend/rules/rerender-dependencies.md +0 -45
- package/.agent/skills/frontend/rules/rerender-derived-state-no-effect.md +0 -40
- package/.agent/skills/frontend/rules/rerender-derived-state.md +0 -29
- package/.agent/skills/frontend/rules/rerender-functional-setstate.md +0 -74
- package/.agent/skills/frontend/rules/rerender-lazy-state-init.md +0 -58
- package/.agent/skills/frontend/rules/rerender-memo-with-default-value.md +0 -38
- package/.agent/skills/frontend/rules/rerender-memo.md +0 -44
- package/.agent/skills/frontend/rules/rerender-move-effect-to-event.md +0 -45
- package/.agent/skills/frontend/rules/rerender-simple-expression-in-memo.md +0 -35
- package/.agent/skills/frontend/rules/rerender-transitions.md +0 -40
- package/.agent/skills/frontend/rules/rerender-use-ref-transient-values.md +0 -73
- package/.agent/skills/frontend/rules/schema.json +0 -34
- package/.agent/skills/frontend/rules/server-after-nonblocking.md +0 -73
- package/.agent/skills/frontend/rules/server-auth-actions.md +0 -96
- package/.agent/skills/frontend/rules/server-cache-lru.md +0 -41
- package/.agent/skills/frontend/rules/server-cache-react.md +0 -76
- package/.agent/skills/frontend/rules/server-dedup-props.md +0 -65
- package/.agent/skills/frontend/rules/server-parallel-fetching.md +0 -83
- package/.agent/skills/frontend/rules/server-serialization.md +0 -38
- package/.agent/skills/frontend-design/SKILL.md +0 -33
- package/.agent/skills/frontend-design/rules/animation-guide.md +0 -331
- package/.agent/skills/frontend-design/rules/color-system.md +0 -311
- package/.agent/skills/frontend-design/rules/decision-trees.md +0 -418
- package/.agent/skills/frontend-design/rules/motion-graphics.md +0 -306
- package/.agent/skills/frontend-design/rules/typography-system.md +0 -345
- package/.agent/skills/frontend-design/rules/ux-psychology.md +0 -541
- package/.agent/skills/frontend-design/rules/visual-effects.md +0 -383
- package/.agent/skills/frontend-design/scripts/accessibility_checker.py +0 -183
- package/.agent/skills/frontend-design/scripts/ux_audit.py +0 -722
- package/.agent/skills/geo-fundamentals/SKILL.md +0 -156
- package/.agent/skills/geo-fundamentals/scripts/geo_checker.py +0 -289
- package/.agent/skills/git-conventions/.skill-source.json +0 -8
- package/.agent/skills/git-conventions/SKILL.md +0 -28
- package/.agent/skills/git-conventions/enforcement/commit-validation-rules.md +0 -55
- package/.agent/skills/git-conventions/examples/bad-commits.md +0 -201
- package/.agent/skills/git-conventions/examples/good-commits.md +0 -135
- package/.agent/skills/git-conventions/metadata/commit-config.yaml +0 -79
- package/.agent/skills/git-conventions/metadata/intent-triggers.yaml +0 -25
- package/.agent/skills/git-conventions/metadata/scope-mapping.yaml +0 -83
- package/.agent/skills/git-conventions/resources/BEST_PRACTICES.md +0 -121
- package/.agent/skills/git-conventions/resources/references.md +0 -53
- package/.agent/skills/git-conventions/scripts/format-commit.js +0 -393
- package/.agent/skills/git-conventions/scripts/validate-commit-msg.sh +0 -27
- package/.agent/skills/governance/.skill-source.json +0 -8
- package/.agent/skills/governance/CHANGELOG.md +0 -222
- package/.agent/skills/governance/README.md +0 -250
- package/.agent/skills/governance/SKILL.md +0 -199
- package/.agent/skills/governance/VERSION +0 -4
- package/.agent/skills/governance/examples/violation-backend-mutation/after.tsx +0 -59
- package/.agent/skills/governance/examples/violation-backend-mutation/before.tsx +0 -42
- package/.agent/skills/governance/examples/violation-backend-mutation/explanation.md +0 -87
- package/.agent/skills/governance/examples/violation-chart-injection/after.tsx +0 -99
- package/.agent/skills/governance/examples/violation-chart-injection/before.tsx +0 -57
- package/.agent/skills/governance/examples/violation-chart-injection/explanation.md +0 -116
- package/.agent/skills/governance/knowledge/lessons-learned.yaml +0 -3
- package/.agent/skills/governance/metadata/precedence.yaml +0 -117
- package/.agent/skills/governance/metadata/scope-map.yaml +0 -156
- package/.agent/skills/governance/proposals/v1.1-change-proposal-template.md +0 -197
- package/.agent/skills/governance/resources/AUTHORITY_MODEL.md +0 -111
- package/.agent/skills/governance/resources/ENFORCEMENT_GUIDE.md +0 -242
- package/.agent/skills/governance/resources/LOAD_ORDER.md +0 -82
- package/.agent/skills/governance/rules/constitution/coinpika-master-constitution.md +0 -206
- package/.agent/skills/governance/rules/doctrines/architecture/coinpika-architecture-doctrine.md +0 -184
- package/.agent/skills/governance/rules/doctrines/backend/coinpika-backend-data-engine-doctrine.md +0 -214
- package/.agent/skills/governance/rules/doctrines/commercial/coinpika-commercial-guardrails-doctrine.md +0 -192
- package/.agent/skills/governance/rules/doctrines/data/coinpika-chart-data-doctrine.md +0 -198
- package/.agent/skills/governance/rules/doctrines/frontend/coinpika-frontend-mobile-doctrine.md +0 -165
- package/.agent/skills/governance/rules/doctrines/frontend/coinpika-swipe-tabs-doctrine.md +0 -172
- package/.agent/skills/governance/rules/doctrines/learning/coinpika-learning-engine-doctrine.md +0 -188
- package/.agent/skills/governance/rules/doctrines/performance/coinpika-performance-doctrine.md +0 -176
- package/.agent/skills/governance/rules/doctrines/review/coinpika-code-review-doctrine.md +0 -170
- package/.agent/skills/governance/rules/enforcement/agents/coinpika-agent-enforcement-protocol.md +0 -214
- package/.agent/skills/governance/rules/enforcement/agents/coinpika-agent-system-prompt.md +0 -192
- package/.agent/skills/governance/rules/enforcement/checklists/backend-api-review-checklist.md +0 -127
- package/.agent/skills/governance/rules/enforcement/checklists/chart-component-review-checklist.md +0 -143
- package/.agent/skills/governance/rules/enforcement/checklists/coinpika-frontend-gesture-review-checklist.md +0 -190
- package/.agent/skills/governance/rules/enforcement/playbooks/doctrine-violation-playbook.md +0 -232
- package/.agent/skills/governance/scripts/audit_pr.js +0 -218
- package/.agent/skills/governance/scripts/learn.js +0 -161
- package/.agent/skills/governance/scripts/validate_doctrine.js +0 -286
- package/.agent/skills/i18n-localization/SKILL.md +0 -154
- package/.agent/skills/i18n-localization/scripts/i18n_checker.py +0 -241
- package/.agent/skills/intelligent-routing/SKILL.md +0 -335
- package/.agent/skills/lint-and-validate/SKILL.md +0 -45
- package/.agent/skills/lint-and-validate/scripts/lint_runner.py +0 -172
- package/.agent/skills/lint-and-validate/scripts/type_coverage.py +0 -173
- package/.agent/skills/mcp-builder/SKILL.md +0 -176
- package/.agent/skills/mermaidjs-v11/SKILL.md +0 -115
- package/.agent/skills/mermaidjs-v11/references/cli-usage.md +0 -228
- package/.agent/skills/mermaidjs-v11/references/configuration.md +0 -232
- package/.agent/skills/mermaidjs-v11/references/diagram-types.md +0 -315
- package/.agent/skills/mermaidjs-v11/references/examples.md +0 -344
- package/.agent/skills/mermaidjs-v11/references/integration.md +0 -310
- package/.agent/skills/mobile-design/references/anti-patterns.md +0 -46
- package/.agent/skills/nextjs-best-practices/SKILL.md +0 -203
- package/.agent/skills/nodejs-best-practices/SKILL.md +0 -76
- package/.agent/skills/nodejs-best-practices/references/architecture-patterns.md +0 -34
- package/.agent/skills/nodejs-best-practices/references/async-patterns.md +0 -32
- package/.agent/skills/nodejs-best-practices/references/error-handling.md +0 -39
- package/.agent/skills/nodejs-best-practices/references/framework-selection.md +0 -39
- package/.agent/skills/nodejs-best-practices/references/runtime-modules.md +0 -33
- package/.agent/skills/nodejs-best-practices/references/testing-strategy.md +0 -25
- package/.agent/skills/nodejs-best-practices/references/validation-security.md +0 -45
- package/.agent/skills/parallel-agents/SKILL.md +0 -175
- package/.agent/skills/performance-profiling/SKILL.md +0 -143
- package/.agent/skills/performance-profiling/scripts/lighthouse_audit.py +0 -76
- package/.agent/skills/plan-writing/SKILL.md +0 -152
- package/.agent/skills/powershell-windows/SKILL.md +0 -167
- package/.agent/skills/problem-solving/ABOUT.md +0 -40
- package/.agent/skills/problem-solving/SKILL.md +0 -69
- package/.agent/skills/problem-solving/collision-zone-thinking/SKILL.md +0 -62
- package/.agent/skills/problem-solving/inversion-exercise/SKILL.md +0 -58
- package/.agent/skills/problem-solving/meta-pattern-recognition/SKILL.md +0 -54
- package/.agent/skills/problem-solving/scale-game/SKILL.md +0 -63
- package/.agent/skills/problem-solving/simplification-cascades/SKILL.md +0 -76
- package/.agent/skills/problem-solving/when-stuck/SKILL.md +0 -88
- package/.agent/skills/python-patterns/SKILL.md +0 -80
- package/.agent/skills/python-patterns/references/async-patterns.md +0 -57
- package/.agent/skills/python-patterns/references/django-patterns.md +0 -41
- package/.agent/skills/python-patterns/references/fastapi-patterns.md +0 -54
- package/.agent/skills/python-patterns/references/framework-selection.md +0 -39
- package/.agent/skills/python-patterns/references/project-structure.md +0 -80
- package/.agent/skills/python-patterns/references/testing-patterns.md +0 -34
- package/.agent/skills/python-patterns/references/type-hints.md +0 -51
- package/.agent/skills/react-patterns/SKILL.md +0 -198
- package/.agent/skills/red-team-tactics/SKILL.md +0 -199
- package/.agent/skills/seo-fundamentals/SKILL.md +0 -129
- package/.agent/skills/seo-fundamentals/scripts/seo_checker.py +0 -219
- package/.agent/skills/sequential-thinking/README.md +0 -118
- package/.agent/skills/sequential-thinking/SKILL.md +0 -93
- package/.agent/skills/sequential-thinking/references/advanced.md +0 -122
- package/.agent/skills/sequential-thinking/references/examples.md +0 -274
- package/.agent/skills/server-management/SKILL.md +0 -161
- package/.agent/skills/skill-creator/LICENSE.txt +0 -202
- package/.agent/skills/skill-creator/SKILL.md +0 -237
- package/.agent/skills/skill-creator/scripts/init_skill.py +0 -303
- package/.agent/skills/skill-creator/scripts/package_skill.py +0 -110
- package/.agent/skills/skill-creator/scripts/quick_validate.py +0 -65
- package/.agent/skills/systematic-debugging/SKILL.md +0 -109
- package/.agent/skills/tailwind-patterns/SKILL.md +0 -269
- package/.agent/skills/tdd-workflow/SKILL.md +0 -149
- package/.agent/skills/testing-patterns/SKILL.md +0 -178
- package/.agent/skills/testing-patterns/scripts/test_runner.py +0 -219
- package/.agent/skills/vulnerability-scanner/SKILL.md +0 -276
- package/.agent/skills/vulnerability-scanner/checklists.md +0 -121
- package/.agent/skills/vulnerability-scanner/scripts/security_scan.py +0 -458
- package/.agent/skills/webapp-testing/SKILL.md +0 -187
- package/.agent/skills/webapp-testing/scripts/playwright_runner.py +0 -173
- package/.editorconfig +0 -21
- package/.github/workflows/release.yml +0 -39
- package/docs/PLAN-consolidation-final.md +0 -14
- package/docs/PLAN-integration.md +0 -28
- package/docs/PLAN-rebrand-agent-skills-kit.md +0 -104
- package/docs/PLAN-refactor.md +0 -48
- package/docs/PYTHON_SCRIPTS.md +0 -55
- package/docs/awf-user-guide.md +0 -436
- package/packages/cli/bin/ag-smart.v1.js +0 -78
- package/packages/cli/lib/audit.v2.js +0 -151
- package/packages/cli/lib/auto_preview.py +0 -148
- package/packages/cli/lib/checklist.py +0 -222
- package/packages/cli/lib/learn.v2.js +0 -255
- package/packages/cli/lib/recall.v2.js +0 -252
- package/packages/cli/lib/session_manager.py +0 -120
- package/packages/cli/lib/verify_all.py +0 -327
- /package/.agent/skills/{debugging → debug-pro}/defense-in-depth/SKILL.md +0 -0
- /package/.agent/skills/{debugging → debug-pro}/root-cause-tracing/SKILL.md +0 -0
- /package/.agent/skills/{debugging → debug-pro}/root-cause-tracing/find-polluter.sh +0 -0
- /package/.agent/skills/{debugging → debug-pro}/verification-before-completion/SKILL.md +0 -0
- /package/.agent/skills/mobile-design/{references/decision-trees.md → decision-trees.md} +0 -0
- /package/.agent/skills/mobile-design/{references/mobile-backend.md → mobile-backend.md} +0 -0
- /package/.agent/skills/mobile-design/{references/mobile-color-system.md → mobile-color-system.md} +0 -0
- /package/.agent/skills/mobile-design/{references/mobile-debugging.md → mobile-debugging.md} +0 -0
- /package/.agent/skills/mobile-design/{references/mobile-design-thinking.md → mobile-design-thinking.md} +0 -0
- /package/.agent/skills/mobile-design/{references/mobile-navigation.md → mobile-navigation.md} +0 -0
- /package/.agent/skills/mobile-design/{references/mobile-performance.md → mobile-performance.md} +0 -0
- /package/.agent/skills/mobile-design/{references/mobile-testing.md → mobile-testing.md} +0 -0
- /package/.agent/skills/mobile-design/{references/mobile-typography.md → mobile-typography.md} +0 -0
- /package/.agent/skills/mobile-design/{references/platform-android.md → platform-android.md} +0 -0
- /package/.agent/skills/mobile-design/{references/platform-ios.md → platform-ios.md} +0 -0
- /package/.agent/skills/mobile-design/{references/touch-psychology.md → touch-psychology.md} +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/charts.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/colors.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/icons.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/landing.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/products.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/prompts.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/react-performance.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/stacks/flutter.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/stacks/html-tailwind.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/stacks/jetpack-compose.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/stacks/nextjs.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/stacks/nuxt-ui.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/stacks/nuxtjs.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/stacks/react-native.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/stacks/react.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/stacks/shadcn.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/stacks/svelte.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/stacks/swiftui.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/stacks/vue.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/typography.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/ui-reasoning.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/ux-guidelines.csv +0 -0
- /package/.agent/{.shared/ui-ux-pro-max → skills/studio}/data/web-interface.csv +0 -0
- /package/docs/{PATTERNS_REFERENCE.md → archive/patterns-anthropic.md} +0 -0
- /package/docs/{context-engineering-guide.md → guides/context-engineering.md} +0 -0
- /package/{VERSIONING.md → docs/guides/versioning.md} +0 -0
|
@@ -1,121 +0,0 @@
|
|
|
1
|
-
# Security Checklists
|
|
2
|
-
|
|
3
|
-
> Quick reference checklists for security audits. Use alongside vulnerability-scanner principles.
|
|
4
|
-
|
|
5
|
-
---
|
|
6
|
-
|
|
7
|
-
## OWASP Top 10 Audit Checklist
|
|
8
|
-
|
|
9
|
-
### A01: Broken Access Control
|
|
10
|
-
- [ ] Authorization on all protected routes
|
|
11
|
-
- [ ] Deny by default
|
|
12
|
-
- [ ] Rate limiting implemented
|
|
13
|
-
- [ ] CORS properly configured
|
|
14
|
-
|
|
15
|
-
### A02: Cryptographic Failures
|
|
16
|
-
- [ ] Passwords hashed (bcrypt/argon2, cost 12+)
|
|
17
|
-
- [ ] Sensitive data encrypted at rest
|
|
18
|
-
- [ ] TLS 1.2+ for all connections
|
|
19
|
-
- [ ] No secrets in code/logs
|
|
20
|
-
|
|
21
|
-
### A03: Injection
|
|
22
|
-
- [ ] Parameterized queries
|
|
23
|
-
- [ ] Input validation on all user data
|
|
24
|
-
- [ ] Output encoding for XSS
|
|
25
|
-
- [ ] No eval() or dynamic code execution
|
|
26
|
-
|
|
27
|
-
### A04: Insecure Design
|
|
28
|
-
- [ ] Threat modeling done
|
|
29
|
-
- [ ] Security requirements defined
|
|
30
|
-
- [ ] Business logic validated
|
|
31
|
-
|
|
32
|
-
### A05: Security Misconfiguration
|
|
33
|
-
- [ ] Unnecessary features disabled
|
|
34
|
-
- [ ] Error messages sanitized
|
|
35
|
-
- [ ] Security headers configured
|
|
36
|
-
- [ ] Default credentials changed
|
|
37
|
-
|
|
38
|
-
### A06: Vulnerable Components
|
|
39
|
-
- [ ] Dependencies up to date
|
|
40
|
-
- [ ] No known vulnerabilities
|
|
41
|
-
- [ ] Unused dependencies removed
|
|
42
|
-
|
|
43
|
-
### A07: Authentication Failures
|
|
44
|
-
- [ ] MFA available
|
|
45
|
-
- [ ] Session invalidation on logout
|
|
46
|
-
- [ ] Session timeout implemented
|
|
47
|
-
- [ ] Brute force protection
|
|
48
|
-
|
|
49
|
-
### A08: Integrity Failures
|
|
50
|
-
- [ ] Dependency integrity verified
|
|
51
|
-
- [ ] CI/CD pipeline secured
|
|
52
|
-
- [ ] Update mechanism secured
|
|
53
|
-
|
|
54
|
-
### A09: Logging Failures
|
|
55
|
-
- [ ] Security events logged
|
|
56
|
-
- [ ] Logs protected
|
|
57
|
-
- [ ] No sensitive data in logs
|
|
58
|
-
- [ ] Alerting configured
|
|
59
|
-
|
|
60
|
-
### A10: SSRF
|
|
61
|
-
- [ ] URL validation implemented
|
|
62
|
-
- [ ] Allow-list for external calls
|
|
63
|
-
- [ ] Network segmentation
|
|
64
|
-
|
|
65
|
-
---
|
|
66
|
-
|
|
67
|
-
## Authentication Checklist
|
|
68
|
-
|
|
69
|
-
- [ ] Strong password policy
|
|
70
|
-
- [ ] Account lockout
|
|
71
|
-
- [ ] Secure password reset
|
|
72
|
-
- [ ] Session management
|
|
73
|
-
- [ ] Token expiration
|
|
74
|
-
- [ ] Logout invalidation
|
|
75
|
-
|
|
76
|
-
---
|
|
77
|
-
|
|
78
|
-
## API Security Checklist
|
|
79
|
-
|
|
80
|
-
- [ ] Authentication required
|
|
81
|
-
- [ ] Authorization per endpoint
|
|
82
|
-
- [ ] Input validation
|
|
83
|
-
- [ ] Rate limiting
|
|
84
|
-
- [ ] Output sanitization
|
|
85
|
-
- [ ] Error handling
|
|
86
|
-
|
|
87
|
-
---
|
|
88
|
-
|
|
89
|
-
## Data Protection Checklist
|
|
90
|
-
|
|
91
|
-
- [ ] Encryption at rest
|
|
92
|
-
- [ ] Encryption in transit
|
|
93
|
-
- [ ] Key management
|
|
94
|
-
- [ ] Data minimization
|
|
95
|
-
- [ ] Secure deletion
|
|
96
|
-
|
|
97
|
-
---
|
|
98
|
-
|
|
99
|
-
## Security Headers
|
|
100
|
-
|
|
101
|
-
| Header | Purpose |
|
|
102
|
-
|--------|---------|
|
|
103
|
-
| **Content-Security-Policy** | XSS prevention |
|
|
104
|
-
| **X-Content-Type-Options** | MIME sniffing |
|
|
105
|
-
| **X-Frame-Options** | Clickjacking |
|
|
106
|
-
| **Strict-Transport-Security** | Force HTTPS |
|
|
107
|
-
| **Referrer-Policy** | Referrer control |
|
|
108
|
-
|
|
109
|
-
---
|
|
110
|
-
|
|
111
|
-
## Quick Audit Commands
|
|
112
|
-
|
|
113
|
-
| Check | What to Look For |
|
|
114
|
-
|-------|------------------|
|
|
115
|
-
| Secrets in code | password, api_key, secret |
|
|
116
|
-
| Dangerous patterns | eval, innerHTML, SQL concat |
|
|
117
|
-
| Dependency issues | npm audit, snyk |
|
|
118
|
-
|
|
119
|
-
---
|
|
120
|
-
|
|
121
|
-
> **Usage:** Copy relevant checklists into your PLAN.md or security report.
|
|
@@ -1,458 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env python3
|
|
2
|
-
"""
|
|
3
|
-
Skill: vulnerability-scanner
|
|
4
|
-
Script: security_scan.py
|
|
5
|
-
Purpose: Validate that security principles from SKILL.md are applied correctly
|
|
6
|
-
Usage: python security_scan.py <project_path> [--scan-type all|deps|secrets|patterns|config]
|
|
7
|
-
Output: JSON with validation findings
|
|
8
|
-
|
|
9
|
-
This script verifies:
|
|
10
|
-
1. Dependencies - Supply chain security (OWASP A03)
|
|
11
|
-
2. Secrets - No hardcoded credentials (OWASP A04)
|
|
12
|
-
3. Code Patterns - Dangerous patterns identified (OWASP A05)
|
|
13
|
-
4. Configuration - Security settings validated (OWASP A02)
|
|
14
|
-
"""
|
|
15
|
-
import subprocess
|
|
16
|
-
import json
|
|
17
|
-
import os
|
|
18
|
-
import sys
|
|
19
|
-
import re
|
|
20
|
-
import argparse
|
|
21
|
-
from pathlib import Path
|
|
22
|
-
from typing import Dict, List, Any
|
|
23
|
-
from datetime import datetime
|
|
24
|
-
|
|
25
|
-
# Fix Windows console encoding for Unicode output
|
|
26
|
-
try:
|
|
27
|
-
sys.stdout.reconfigure(encoding='utf-8', errors='replace')
|
|
28
|
-
sys.stderr.reconfigure(encoding='utf-8', errors='replace')
|
|
29
|
-
except AttributeError:
|
|
30
|
-
pass # Python < 3.7
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
# ============================================================================
|
|
34
|
-
# CONFIGURATION
|
|
35
|
-
# ============================================================================
|
|
36
|
-
|
|
37
|
-
SECRET_PATTERNS = [
|
|
38
|
-
# API Keys & Tokens
|
|
39
|
-
(r'api[_-]?key\s*[=:]\s*["\'][^"\']{10,}["\']', "API Key", "high"),
|
|
40
|
-
(r'token\s*[=:]\s*["\'][^"\']{10,}["\']', "Token", "high"),
|
|
41
|
-
(r'bearer\s+[a-zA-Z0-9\-_.]+', "Bearer Token", "critical"),
|
|
42
|
-
|
|
43
|
-
# Cloud Credentials
|
|
44
|
-
(r'AKIA[0-9A-Z]{16}', "AWS Access Key", "critical"),
|
|
45
|
-
(r'aws[_-]?secret[_-]?access[_-]?key\s*[=:]\s*["\'][^"\']+["\']', "AWS Secret", "critical"),
|
|
46
|
-
(r'AZURE[_-]?[A-Z_]+\s*[=:]\s*["\'][^"\']+["\']', "Azure Credential", "critical"),
|
|
47
|
-
(r'GOOGLE[_-]?[A-Z_]+\s*[=:]\s*["\'][^"\']+["\']', "GCP Credential", "critical"),
|
|
48
|
-
|
|
49
|
-
# Database & Connections
|
|
50
|
-
(r'password\s*[=:]\s*["\'][^"\']{4,}["\']', "Password", "high"),
|
|
51
|
-
(r'(mongodb|postgres|mysql|redis):\/\/[^\s"\']+', "Database Connection String", "critical"),
|
|
52
|
-
|
|
53
|
-
# Private Keys
|
|
54
|
-
(r'-----BEGIN\s+(RSA|PRIVATE|EC)\s+KEY-----', "Private Key", "critical"),
|
|
55
|
-
(r'ssh-rsa\s+[A-Za-z0-9+/]+', "SSH Key", "critical"),
|
|
56
|
-
|
|
57
|
-
# JWT
|
|
58
|
-
(r'eyJ[A-Za-z0-9-_]+\.eyJ[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+', "JWT Token", "high"),
|
|
59
|
-
]
|
|
60
|
-
|
|
61
|
-
DANGEROUS_PATTERNS = [
|
|
62
|
-
# Injection risks
|
|
63
|
-
(r'eval\s*\(', "eval() usage", "critical", "Code Injection risk"),
|
|
64
|
-
(r'exec\s*\(', "exec() usage", "critical", "Code Injection risk"),
|
|
65
|
-
(r'new\s+Function\s*\(', "Function constructor", "high", "Code Injection risk"),
|
|
66
|
-
(r'child_process\.exec\s*\(', "child_process.exec", "high", "Command Injection risk"),
|
|
67
|
-
(r'subprocess\.call\s*\([^)]*shell\s*=\s*True', "subprocess with shell=True", "high", "Command Injection risk"),
|
|
68
|
-
|
|
69
|
-
# XSS risks
|
|
70
|
-
(r'dangerouslySetInnerHTML', "dangerouslySetInnerHTML", "high", "XSS risk"),
|
|
71
|
-
(r'\.innerHTML\s*=', "innerHTML assignment", "medium", "XSS risk"),
|
|
72
|
-
(r'document\.write\s*\(', "document.write", "medium", "XSS risk"),
|
|
73
|
-
|
|
74
|
-
# SQL Injection indicators
|
|
75
|
-
(r'["\'][^"\']*\+\s*[a-zA-Z_]+\s*\+\s*["\'].*(?:SELECT|INSERT|UPDATE|DELETE)', "SQL String Concat", "critical", "SQL Injection risk"),
|
|
76
|
-
(r'f"[^"]*(?:SELECT|INSERT|UPDATE|DELETE)[^"]*\{', "SQL f-string", "critical", "SQL Injection risk"),
|
|
77
|
-
|
|
78
|
-
# Insecure configurations
|
|
79
|
-
(r'verify\s*=\s*False', "SSL Verify Disabled", "high", "MITM risk"),
|
|
80
|
-
(r'--insecure', "Insecure flag", "medium", "Security disabled"),
|
|
81
|
-
(r'disable[_-]?ssl', "SSL Disabled", "high", "MITM risk"),
|
|
82
|
-
|
|
83
|
-
# Unsafe deserialization
|
|
84
|
-
(r'pickle\.loads?\s*\(', "pickle usage", "high", "Deserialization risk"),
|
|
85
|
-
(r'yaml\.load\s*\([^)]*\)(?!\s*,\s*Loader)', "Unsafe YAML load", "high", "Deserialization risk"),
|
|
86
|
-
]
|
|
87
|
-
|
|
88
|
-
SKIP_DIRS = {'node_modules', '.git', 'dist', 'build', '__pycache__', '.venv', 'venv', '.next'}
|
|
89
|
-
CODE_EXTENSIONS = {'.js', '.ts', '.jsx', '.tsx', '.py', '.go', '.java', '.rb', '.php'}
|
|
90
|
-
CONFIG_EXTENSIONS = {'.json', '.yaml', '.yml', '.toml', '.env', '.env.local', '.env.development'}
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
# ============================================================================
|
|
94
|
-
# SCANNING FUNCTIONS
|
|
95
|
-
# ============================================================================
|
|
96
|
-
|
|
97
|
-
def scan_dependencies(project_path: str) -> Dict[str, Any]:
|
|
98
|
-
"""
|
|
99
|
-
Validate supply chain security (OWASP A03).
|
|
100
|
-
Checks: npm audit, lock file presence, dependency age.
|
|
101
|
-
"""
|
|
102
|
-
results = {"tool": "dependency_scanner", "findings": [], "status": "[OK] Secure"}
|
|
103
|
-
|
|
104
|
-
# Check for lock files
|
|
105
|
-
lock_files = {
|
|
106
|
-
"npm": ["package-lock.json", "npm-shrinkwrap.json"],
|
|
107
|
-
"yarn": ["yarn.lock"],
|
|
108
|
-
"pnpm": ["pnpm-lock.yaml"],
|
|
109
|
-
"pip": ["requirements.txt", "Pipfile.lock", "poetry.lock"],
|
|
110
|
-
}
|
|
111
|
-
|
|
112
|
-
found_locks = []
|
|
113
|
-
missing_locks = []
|
|
114
|
-
|
|
115
|
-
for manager, files in lock_files.items():
|
|
116
|
-
pkg_file = "package.json" if manager in ["npm", "yarn", "pnpm"] else "setup.py"
|
|
117
|
-
pkg_path = Path(project_path) / pkg_file
|
|
118
|
-
|
|
119
|
-
if pkg_path.exists() or (manager == "pip" and (Path(project_path) / "requirements.txt").exists()):
|
|
120
|
-
has_lock = any((Path(project_path) / f).exists() for f in files)
|
|
121
|
-
if has_lock:
|
|
122
|
-
found_locks.append(manager)
|
|
123
|
-
else:
|
|
124
|
-
missing_locks.append(manager)
|
|
125
|
-
results["findings"].append({
|
|
126
|
-
"type": "Missing Lock File",
|
|
127
|
-
"severity": "high",
|
|
128
|
-
"message": f"{manager}: No lock file found. Supply chain integrity at risk."
|
|
129
|
-
})
|
|
130
|
-
|
|
131
|
-
# Run npm audit if applicable
|
|
132
|
-
if (Path(project_path) / "package.json").exists():
|
|
133
|
-
try:
|
|
134
|
-
result = subprocess.run(
|
|
135
|
-
["npm", "audit", "--json"],
|
|
136
|
-
cwd=project_path,
|
|
137
|
-
capture_output=True,
|
|
138
|
-
text=True,
|
|
139
|
-
timeout=60
|
|
140
|
-
)
|
|
141
|
-
|
|
142
|
-
try:
|
|
143
|
-
audit_data = json.loads(result.stdout)
|
|
144
|
-
vulnerabilities = audit_data.get("vulnerabilities", {})
|
|
145
|
-
|
|
146
|
-
severity_count = {"critical": 0, "high": 0, "moderate": 0, "low": 0}
|
|
147
|
-
for vuln in vulnerabilities.values():
|
|
148
|
-
sev = vuln.get("severity", "low").lower()
|
|
149
|
-
if sev in severity_count:
|
|
150
|
-
severity_count[sev] += 1
|
|
151
|
-
|
|
152
|
-
if severity_count["critical"] > 0:
|
|
153
|
-
results["status"] = "[!!] Critical vulnerabilities"
|
|
154
|
-
results["findings"].append({
|
|
155
|
-
"type": "npm audit",
|
|
156
|
-
"severity": "critical",
|
|
157
|
-
"message": f"{severity_count['critical']} critical vulnerabilities in dependencies"
|
|
158
|
-
})
|
|
159
|
-
elif severity_count["high"] > 0:
|
|
160
|
-
results["status"] = "[!] High vulnerabilities"
|
|
161
|
-
results["findings"].append({
|
|
162
|
-
"type": "npm audit",
|
|
163
|
-
"severity": "high",
|
|
164
|
-
"message": f"{severity_count['high']} high severity vulnerabilities"
|
|
165
|
-
})
|
|
166
|
-
|
|
167
|
-
results["npm_audit"] = severity_count
|
|
168
|
-
|
|
169
|
-
except json.JSONDecodeError:
|
|
170
|
-
pass
|
|
171
|
-
|
|
172
|
-
except (FileNotFoundError, subprocess.TimeoutExpired):
|
|
173
|
-
pass
|
|
174
|
-
|
|
175
|
-
if not results["findings"]:
|
|
176
|
-
results["status"] = "[OK] Supply chain checks passed"
|
|
177
|
-
|
|
178
|
-
return results
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
def scan_secrets(project_path: str) -> Dict[str, Any]:
|
|
182
|
-
"""
|
|
183
|
-
Validate no hardcoded secrets (OWASP A04).
|
|
184
|
-
Checks: API keys, tokens, passwords, cloud credentials.
|
|
185
|
-
"""
|
|
186
|
-
results = {
|
|
187
|
-
"tool": "secret_scanner",
|
|
188
|
-
"findings": [],
|
|
189
|
-
"status": "[OK] No secrets detected",
|
|
190
|
-
"scanned_files": 0,
|
|
191
|
-
"by_severity": {"critical": 0, "high": 0, "medium": 0}
|
|
192
|
-
}
|
|
193
|
-
|
|
194
|
-
for root, dirs, files in os.walk(project_path):
|
|
195
|
-
dirs[:] = [d for d in dirs if d not in SKIP_DIRS]
|
|
196
|
-
|
|
197
|
-
for file in files:
|
|
198
|
-
ext = Path(file).suffix.lower()
|
|
199
|
-
if ext not in CODE_EXTENSIONS and ext not in CONFIG_EXTENSIONS:
|
|
200
|
-
continue
|
|
201
|
-
|
|
202
|
-
filepath = Path(root) / file
|
|
203
|
-
results["scanned_files"] += 1
|
|
204
|
-
|
|
205
|
-
try:
|
|
206
|
-
with open(filepath, 'r', encoding='utf-8', errors='ignore') as f:
|
|
207
|
-
content = f.read()
|
|
208
|
-
|
|
209
|
-
for pattern, secret_type, severity in SECRET_PATTERNS:
|
|
210
|
-
matches = re.findall(pattern, content, re.IGNORECASE)
|
|
211
|
-
if matches:
|
|
212
|
-
results["findings"].append({
|
|
213
|
-
"file": str(filepath.relative_to(project_path)),
|
|
214
|
-
"type": secret_type,
|
|
215
|
-
"severity": severity,
|
|
216
|
-
"count": len(matches)
|
|
217
|
-
})
|
|
218
|
-
results["by_severity"][severity] += len(matches)
|
|
219
|
-
|
|
220
|
-
except Exception:
|
|
221
|
-
pass
|
|
222
|
-
|
|
223
|
-
if results["by_severity"]["critical"] > 0:
|
|
224
|
-
results["status"] = "[!!] CRITICAL: Secrets exposed!"
|
|
225
|
-
elif results["by_severity"]["high"] > 0:
|
|
226
|
-
results["status"] = "[!] HIGH: Secrets found"
|
|
227
|
-
elif sum(results["by_severity"].values()) > 0:
|
|
228
|
-
results["status"] = "[?] Potential secrets detected"
|
|
229
|
-
|
|
230
|
-
# Limit findings for output
|
|
231
|
-
results["findings"] = results["findings"][:15]
|
|
232
|
-
|
|
233
|
-
return results
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
def scan_code_patterns(project_path: str) -> Dict[str, Any]:
|
|
237
|
-
"""
|
|
238
|
-
Validate dangerous code patterns (OWASP A05).
|
|
239
|
-
Checks: Injection risks, XSS, unsafe deserialization.
|
|
240
|
-
"""
|
|
241
|
-
results = {
|
|
242
|
-
"tool": "pattern_scanner",
|
|
243
|
-
"findings": [],
|
|
244
|
-
"status": "[OK] No dangerous patterns",
|
|
245
|
-
"scanned_files": 0,
|
|
246
|
-
"by_category": {}
|
|
247
|
-
}
|
|
248
|
-
|
|
249
|
-
for root, dirs, files in os.walk(project_path):
|
|
250
|
-
dirs[:] = [d for d in dirs if d not in SKIP_DIRS]
|
|
251
|
-
|
|
252
|
-
for file in files:
|
|
253
|
-
ext = Path(file).suffix.lower()
|
|
254
|
-
if ext not in CODE_EXTENSIONS:
|
|
255
|
-
continue
|
|
256
|
-
|
|
257
|
-
filepath = Path(root) / file
|
|
258
|
-
results["scanned_files"] += 1
|
|
259
|
-
|
|
260
|
-
try:
|
|
261
|
-
with open(filepath, 'r', encoding='utf-8', errors='ignore') as f:
|
|
262
|
-
lines = f.readlines()
|
|
263
|
-
|
|
264
|
-
for line_num, line in enumerate(lines, 1):
|
|
265
|
-
for pattern, name, severity, category in DANGEROUS_PATTERNS:
|
|
266
|
-
if re.search(pattern, line, re.IGNORECASE):
|
|
267
|
-
results["findings"].append({
|
|
268
|
-
"file": str(filepath.relative_to(project_path)),
|
|
269
|
-
"line": line_num,
|
|
270
|
-
"pattern": name,
|
|
271
|
-
"severity": severity,
|
|
272
|
-
"category": category,
|
|
273
|
-
"snippet": line.strip()[:80]
|
|
274
|
-
})
|
|
275
|
-
results["by_category"][category] = results["by_category"].get(category, 0) + 1
|
|
276
|
-
|
|
277
|
-
except Exception:
|
|
278
|
-
pass
|
|
279
|
-
|
|
280
|
-
critical_count = sum(1 for f in results["findings"] if f["severity"] == "critical")
|
|
281
|
-
high_count = sum(1 for f in results["findings"] if f["severity"] == "high")
|
|
282
|
-
|
|
283
|
-
if critical_count > 0:
|
|
284
|
-
results["status"] = f"[!!] CRITICAL: {critical_count} dangerous patterns"
|
|
285
|
-
elif high_count > 0:
|
|
286
|
-
results["status"] = f"[!] HIGH: {high_count} risky patterns"
|
|
287
|
-
elif results["findings"]:
|
|
288
|
-
results["status"] = "[?] Some patterns need review"
|
|
289
|
-
|
|
290
|
-
# Limit findings
|
|
291
|
-
results["findings"] = results["findings"][:20]
|
|
292
|
-
|
|
293
|
-
return results
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
def scan_configuration(project_path: str) -> Dict[str, Any]:
|
|
297
|
-
"""
|
|
298
|
-
Validate security configuration (OWASP A02).
|
|
299
|
-
Checks: Security headers, CORS, debug modes.
|
|
300
|
-
"""
|
|
301
|
-
results = {
|
|
302
|
-
"tool": "config_scanner",
|
|
303
|
-
"findings": [],
|
|
304
|
-
"status": "[OK] Configuration secure",
|
|
305
|
-
"checks": {}
|
|
306
|
-
}
|
|
307
|
-
|
|
308
|
-
# Check common config files for issues
|
|
309
|
-
config_issues = [
|
|
310
|
-
(r'"DEBUG"\s*:\s*true', "Debug mode enabled", "high"),
|
|
311
|
-
(r'debug\s*=\s*True', "Debug mode enabled", "high"),
|
|
312
|
-
(r'NODE_ENV.*development', "Development mode in config", "medium"),
|
|
313
|
-
(r'"CORS_ALLOW_ALL".*true', "CORS allow all origins", "high"),
|
|
314
|
-
(r'"Access-Control-Allow-Origin".*\*', "CORS wildcard", "high"),
|
|
315
|
-
(r'allowCredentials.*true.*origin.*\*', "Dangerous CORS combo", "critical"),
|
|
316
|
-
]
|
|
317
|
-
|
|
318
|
-
for root, dirs, files in os.walk(project_path):
|
|
319
|
-
dirs[:] = [d for d in dirs if d not in SKIP_DIRS]
|
|
320
|
-
|
|
321
|
-
for file in files:
|
|
322
|
-
ext = Path(file).suffix.lower()
|
|
323
|
-
if ext not in CONFIG_EXTENSIONS and file not in ['next.config.js', 'webpack.config.js', '.eslintrc.js']:
|
|
324
|
-
continue
|
|
325
|
-
|
|
326
|
-
filepath = Path(root) / file
|
|
327
|
-
|
|
328
|
-
try:
|
|
329
|
-
with open(filepath, 'r', encoding='utf-8', errors='ignore') as f:
|
|
330
|
-
content = f.read()
|
|
331
|
-
|
|
332
|
-
for pattern, issue, severity in config_issues:
|
|
333
|
-
if re.search(pattern, content, re.IGNORECASE):
|
|
334
|
-
results["findings"].append({
|
|
335
|
-
"file": str(filepath.relative_to(project_path)),
|
|
336
|
-
"issue": issue,
|
|
337
|
-
"severity": severity
|
|
338
|
-
})
|
|
339
|
-
|
|
340
|
-
except Exception:
|
|
341
|
-
pass
|
|
342
|
-
|
|
343
|
-
# Check for security header configurations
|
|
344
|
-
header_files = ["next.config.js", "next.config.mjs", "middleware.ts", "nginx.conf"]
|
|
345
|
-
for hf in header_files:
|
|
346
|
-
hf_path = Path(project_path) / hf
|
|
347
|
-
if hf_path.exists():
|
|
348
|
-
results["checks"]["security_headers_config"] = True
|
|
349
|
-
break
|
|
350
|
-
else:
|
|
351
|
-
results["checks"]["security_headers_config"] = False
|
|
352
|
-
results["findings"].append({
|
|
353
|
-
"issue": "No security headers configuration found",
|
|
354
|
-
"severity": "medium",
|
|
355
|
-
"recommendation": "Configure CSP, HSTS, X-Frame-Options headers"
|
|
356
|
-
})
|
|
357
|
-
|
|
358
|
-
if any(f["severity"] == "critical" for f in results["findings"]):
|
|
359
|
-
results["status"] = "[!!] CRITICAL: Configuration issues"
|
|
360
|
-
elif any(f["severity"] == "high" for f in results["findings"]):
|
|
361
|
-
results["status"] = "[!] HIGH: Configuration review needed"
|
|
362
|
-
elif results["findings"]:
|
|
363
|
-
results["status"] = "[?] Minor configuration issues"
|
|
364
|
-
|
|
365
|
-
return results
|
|
366
|
-
|
|
367
|
-
|
|
368
|
-
# ============================================================================
|
|
369
|
-
# MAIN
|
|
370
|
-
# ============================================================================
|
|
371
|
-
|
|
372
|
-
def run_full_scan(project_path: str, scan_type: str = "all") -> Dict[str, Any]:
|
|
373
|
-
"""Execute security validation scans."""
|
|
374
|
-
|
|
375
|
-
report = {
|
|
376
|
-
"project": project_path,
|
|
377
|
-
"timestamp": datetime.now().isoformat(),
|
|
378
|
-
"scan_type": scan_type,
|
|
379
|
-
"scans": {},
|
|
380
|
-
"summary": {
|
|
381
|
-
"total_findings": 0,
|
|
382
|
-
"critical": 0,
|
|
383
|
-
"high": 0,
|
|
384
|
-
"overall_status": "[OK] SECURE"
|
|
385
|
-
}
|
|
386
|
-
}
|
|
387
|
-
|
|
388
|
-
scanners = {
|
|
389
|
-
"deps": ("dependencies", scan_dependencies),
|
|
390
|
-
"secrets": ("secrets", scan_secrets),
|
|
391
|
-
"patterns": ("code_patterns", scan_code_patterns),
|
|
392
|
-
"config": ("configuration", scan_configuration),
|
|
393
|
-
}
|
|
394
|
-
|
|
395
|
-
for key, (name, scanner) in scanners.items():
|
|
396
|
-
if scan_type == "all" or scan_type == key:
|
|
397
|
-
result = scanner(project_path)
|
|
398
|
-
report["scans"][name] = result
|
|
399
|
-
|
|
400
|
-
findings_count = len(result.get("findings", []))
|
|
401
|
-
report["summary"]["total_findings"] += findings_count
|
|
402
|
-
|
|
403
|
-
for finding in result.get("findings", []):
|
|
404
|
-
sev = finding.get("severity", "low")
|
|
405
|
-
if sev == "critical":
|
|
406
|
-
report["summary"]["critical"] += 1
|
|
407
|
-
elif sev == "high":
|
|
408
|
-
report["summary"]["high"] += 1
|
|
409
|
-
|
|
410
|
-
# Determine overall status
|
|
411
|
-
if report["summary"]["critical"] > 0:
|
|
412
|
-
report["summary"]["overall_status"] = "[!!] CRITICAL ISSUES FOUND"
|
|
413
|
-
elif report["summary"]["high"] > 0:
|
|
414
|
-
report["summary"]["overall_status"] = "[!] HIGH RISK ISSUES"
|
|
415
|
-
elif report["summary"]["total_findings"] > 0:
|
|
416
|
-
report["summary"]["overall_status"] = "[?] REVIEW RECOMMENDED"
|
|
417
|
-
|
|
418
|
-
return report
|
|
419
|
-
|
|
420
|
-
|
|
421
|
-
def main():
|
|
422
|
-
parser = argparse.ArgumentParser(
|
|
423
|
-
description="Validate security principles from vulnerability-scanner skill"
|
|
424
|
-
)
|
|
425
|
-
parser.add_argument("project_path", nargs="?", default=".", help="Project directory to scan")
|
|
426
|
-
parser.add_argument("--scan-type", choices=["all", "deps", "secrets", "patterns", "config"],
|
|
427
|
-
default="all", help="Type of scan to run")
|
|
428
|
-
parser.add_argument("--output", choices=["json", "summary"], default="json",
|
|
429
|
-
help="Output format")
|
|
430
|
-
|
|
431
|
-
args = parser.parse_args()
|
|
432
|
-
|
|
433
|
-
if not os.path.isdir(args.project_path):
|
|
434
|
-
print(json.dumps({"error": f"Directory not found: {args.project_path}"}))
|
|
435
|
-
sys.exit(1)
|
|
436
|
-
|
|
437
|
-
result = run_full_scan(args.project_path, args.scan_type)
|
|
438
|
-
|
|
439
|
-
if args.output == "summary":
|
|
440
|
-
print(f"\n{'='*60}")
|
|
441
|
-
print(f"Security Scan: {result['project']}")
|
|
442
|
-
print(f"{'='*60}")
|
|
443
|
-
print(f"Status: {result['summary']['overall_status']}")
|
|
444
|
-
print(f"Total Findings: {result['summary']['total_findings']}")
|
|
445
|
-
print(f" Critical: {result['summary']['critical']}")
|
|
446
|
-
print(f" High: {result['summary']['high']}")
|
|
447
|
-
print(f"{'='*60}\n")
|
|
448
|
-
|
|
449
|
-
for scan_name, scan_result in result['scans'].items():
|
|
450
|
-
print(f"\n{scan_name.upper()}: {scan_result['status']}")
|
|
451
|
-
for finding in scan_result.get('findings', [])[:5]:
|
|
452
|
-
print(f" - {finding}")
|
|
453
|
-
else:
|
|
454
|
-
print(json.dumps(result, indent=2))
|
|
455
|
-
|
|
456
|
-
|
|
457
|
-
if __name__ == "__main__":
|
|
458
|
-
main()
|