@claude-flow/cli 3.7.0-alpha.3 → 3.7.0-alpha.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (227) hide show
  1. package/.claude/helpers/hook-handler.cjs +6 -2
  2. package/.claude/helpers/statusline.cjs +31 -2
  3. package/.claude/helpers/statusline.js +35 -4
  4. package/README.md +43 -39
  5. package/bin/cli.js +15 -2
  6. package/bin/mcp-server.js +1 -1
  7. package/dist/src/commands/agent-wasm.js +2 -2
  8. package/dist/src/commands/agent-wasm.js.map +1 -1
  9. package/dist/src/commands/daemon.d.ts +20 -0
  10. package/dist/src/commands/daemon.d.ts.map +1 -1
  11. package/dist/src/commands/daemon.js +338 -3
  12. package/dist/src/commands/daemon.js.map +1 -1
  13. package/dist/src/commands/doctor.d.ts.map +1 -1
  14. package/dist/src/commands/doctor.js +224 -46
  15. package/dist/src/commands/doctor.js.map +1 -1
  16. package/dist/src/commands/hive-mind.d.ts.map +1 -1
  17. package/dist/src/commands/hive-mind.js +25 -7
  18. package/dist/src/commands/hive-mind.js.map +1 -1
  19. package/dist/src/commands/hooks.d.ts.map +1 -1
  20. package/dist/src/commands/hooks.js +56 -29
  21. package/dist/src/commands/hooks.js.map +1 -1
  22. package/dist/src/commands/memory.d.ts.map +1 -1
  23. package/dist/src/commands/memory.js +90 -3
  24. package/dist/src/commands/memory.js.map +1 -1
  25. package/dist/src/commands/start.js +1 -1
  26. package/dist/src/commands/start.js.map +1 -1
  27. package/dist/src/commands/swarm.js +1 -1
  28. package/dist/src/commands/swarm.js.map +1 -1
  29. package/dist/src/commands/task.d.ts.map +1 -1
  30. package/dist/src/commands/task.js +8 -4
  31. package/dist/src/commands/task.js.map +1 -1
  32. package/dist/src/config-adapter.js +1 -1
  33. package/dist/src/config-adapter.js.map +1 -1
  34. package/dist/src/index.d.ts +5 -1
  35. package/dist/src/index.d.ts.map +1 -1
  36. package/dist/src/index.js +61 -18
  37. package/dist/src/index.js.map +1 -1
  38. package/dist/src/init/executor.d.ts.map +1 -1
  39. package/dist/src/init/executor.js +92 -0
  40. package/dist/src/init/executor.js.map +1 -1
  41. package/dist/src/init/helpers-generator.d.ts.map +1 -1
  42. package/dist/src/init/helpers-generator.js +6 -2
  43. package/dist/src/init/helpers-generator.js.map +1 -1
  44. package/dist/src/init/mcp-generator.js +4 -4
  45. package/dist/src/init/mcp-generator.js.map +1 -1
  46. package/dist/src/init/settings-generator.d.ts.map +1 -1
  47. package/dist/src/init/settings-generator.js +44 -17
  48. package/dist/src/init/settings-generator.js.map +1 -1
  49. package/dist/src/init/statusline-generator.d.ts.map +1 -1
  50. package/dist/src/init/statusline-generator.js +25 -14
  51. package/dist/src/init/statusline-generator.js.map +1 -1
  52. package/dist/src/init/types.d.ts +7 -0
  53. package/dist/src/init/types.d.ts.map +1 -1
  54. package/dist/src/init/types.js.map +1 -1
  55. package/dist/src/mcp-client.d.ts.map +1 -1
  56. package/dist/src/mcp-client.js +12 -0
  57. package/dist/src/mcp-client.js.map +1 -1
  58. package/dist/src/mcp-tools/agent-execute-core.d.ts +3 -2
  59. package/dist/src/mcp-tools/agent-execute-core.d.ts.map +1 -1
  60. package/dist/src/mcp-tools/agent-execute-core.js +16 -9
  61. package/dist/src/mcp-tools/agent-execute-core.js.map +1 -1
  62. package/dist/src/mcp-tools/agent-tools.d.ts.map +1 -1
  63. package/dist/src/mcp-tools/agent-tools.js +88 -11
  64. package/dist/src/mcp-tools/agent-tools.js.map +1 -1
  65. package/dist/src/mcp-tools/agentdb-tools.d.ts +3 -0
  66. package/dist/src/mcp-tools/agentdb-tools.d.ts.map +1 -1
  67. package/dist/src/mcp-tools/agentdb-tools.js +206 -21
  68. package/dist/src/mcp-tools/agentdb-tools.js.map +1 -1
  69. package/dist/src/mcp-tools/analyze-tools.js +6 -6
  70. package/dist/src/mcp-tools/analyze-tools.js.map +1 -1
  71. package/dist/src/mcp-tools/autopilot-tools.js +10 -10
  72. package/dist/src/mcp-tools/autopilot-tools.js.map +1 -1
  73. package/dist/src/mcp-tools/browser-session-tools.js +5 -5
  74. package/dist/src/mcp-tools/browser-session-tools.js.map +1 -1
  75. package/dist/src/mcp-tools/browser-tools.js +23 -23
  76. package/dist/src/mcp-tools/browser-tools.js.map +1 -1
  77. package/dist/src/mcp-tools/claims-tools.js +12 -12
  78. package/dist/src/mcp-tools/claims-tools.js.map +1 -1
  79. package/dist/src/mcp-tools/config-tools.js +6 -6
  80. package/dist/src/mcp-tools/config-tools.js.map +1 -1
  81. package/dist/src/mcp-tools/coordination-tools.js +7 -7
  82. package/dist/src/mcp-tools/coordination-tools.js.map +1 -1
  83. package/dist/src/mcp-tools/daa-tools.js +8 -8
  84. package/dist/src/mcp-tools/daa-tools.js.map +1 -1
  85. package/dist/src/mcp-tools/embeddings-tools.js +10 -10
  86. package/dist/src/mcp-tools/embeddings-tools.js.map +1 -1
  87. package/dist/src/mcp-tools/github-tools.js +5 -5
  88. package/dist/src/mcp-tools/github-tools.js.map +1 -1
  89. package/dist/src/mcp-tools/guidance-tools.js +21 -21
  90. package/dist/src/mcp-tools/guidance-tools.js.map +1 -1
  91. package/dist/src/mcp-tools/hive-mind-tools.d.ts.map +1 -1
  92. package/dist/src/mcp-tools/hive-mind-tools.js +53 -9
  93. package/dist/src/mcp-tools/hive-mind-tools.js.map +1 -1
  94. package/dist/src/mcp-tools/hooks-tools.d.ts +2 -0
  95. package/dist/src/mcp-tools/hooks-tools.d.ts.map +1 -1
  96. package/dist/src/mcp-tools/hooks-tools.js +183 -48
  97. package/dist/src/mcp-tools/hooks-tools.js.map +1 -1
  98. package/dist/src/mcp-tools/managed-agent-tools.d.ts +22 -0
  99. package/dist/src/mcp-tools/managed-agent-tools.d.ts.map +1 -0
  100. package/dist/src/mcp-tools/managed-agent-tools.js +357 -0
  101. package/dist/src/mcp-tools/managed-agent-tools.js.map +1 -0
  102. package/dist/src/mcp-tools/memory-tools.d.ts.map +1 -1
  103. package/dist/src/mcp-tools/memory-tools.js +400 -63
  104. package/dist/src/mcp-tools/memory-tools.js.map +1 -1
  105. package/dist/src/mcp-tools/neural-tools.d.ts.map +1 -1
  106. package/dist/src/mcp-tools/neural-tools.js +20 -7
  107. package/dist/src/mcp-tools/neural-tools.js.map +1 -1
  108. package/dist/src/mcp-tools/performance-tools.js +6 -6
  109. package/dist/src/mcp-tools/performance-tools.js.map +1 -1
  110. package/dist/src/mcp-tools/progress-tools.js +4 -4
  111. package/dist/src/mcp-tools/progress-tools.js.map +1 -1
  112. package/dist/src/mcp-tools/ruvllm-tools.js +10 -10
  113. package/dist/src/mcp-tools/ruvllm-tools.js.map +1 -1
  114. package/dist/src/mcp-tools/security-tools.d.ts.map +1 -1
  115. package/dist/src/mcp-tools/security-tools.js +34 -9
  116. package/dist/src/mcp-tools/security-tools.js.map +1 -1
  117. package/dist/src/mcp-tools/session-tools.d.ts.map +1 -1
  118. package/dist/src/mcp-tools/session-tools.js +130 -6
  119. package/dist/src/mcp-tools/session-tools.js.map +1 -1
  120. package/dist/src/mcp-tools/swarm-tools.d.ts.map +1 -1
  121. package/dist/src/mcp-tools/swarm-tools.js +76 -7
  122. package/dist/src/mcp-tools/swarm-tools.js.map +1 -1
  123. package/dist/src/mcp-tools/system-tools.d.ts.map +1 -1
  124. package/dist/src/mcp-tools/system-tools.js +91 -18
  125. package/dist/src/mcp-tools/system-tools.js.map +1 -1
  126. package/dist/src/mcp-tools/task-tools.d.ts.map +1 -1
  127. package/dist/src/mcp-tools/task-tools.js +55 -7
  128. package/dist/src/mcp-tools/task-tools.js.map +1 -1
  129. package/dist/src/mcp-tools/terminal-tools.js +5 -5
  130. package/dist/src/mcp-tools/terminal-tools.js.map +1 -1
  131. package/dist/src/mcp-tools/transfer-tools.js +11 -11
  132. package/dist/src/mcp-tools/transfer-tools.js.map +1 -1
  133. package/dist/src/mcp-tools/wasm-agent-tools.js +11 -11
  134. package/dist/src/mcp-tools/wasm-agent-tools.js.map +1 -1
  135. package/dist/src/mcp-tools/workflow-tools.d.ts.map +1 -1
  136. package/dist/src/mcp-tools/workflow-tools.js +118 -10
  137. package/dist/src/mcp-tools/workflow-tools.js.map +1 -1
  138. package/dist/src/memory/intelligence.d.ts.map +1 -1
  139. package/dist/src/memory/intelligence.js +28 -3
  140. package/dist/src/memory/intelligence.js.map +1 -1
  141. package/dist/src/memory/memory-bridge.d.ts +69 -0
  142. package/dist/src/memory/memory-bridge.d.ts.map +1 -1
  143. package/dist/src/memory/memory-bridge.js +282 -5
  144. package/dist/src/memory/memory-bridge.js.map +1 -1
  145. package/dist/src/memory/memory-initializer.d.ts +8 -0
  146. package/dist/src/memory/memory-initializer.d.ts.map +1 -1
  147. package/dist/src/memory/memory-initializer.js +80 -16
  148. package/dist/src/memory/memory-initializer.js.map +1 -1
  149. package/dist/src/memory/neural-package-bridge.d.ts +48 -0
  150. package/dist/src/memory/neural-package-bridge.d.ts.map +1 -0
  151. package/dist/src/memory/neural-package-bridge.js +87 -0
  152. package/dist/src/memory/neural-package-bridge.js.map +1 -0
  153. package/dist/src/memory/sona-optimizer.d.ts.map +1 -1
  154. package/dist/src/memory/sona-optimizer.js +3 -0
  155. package/dist/src/memory/sona-optimizer.js.map +1 -1
  156. package/dist/src/parser.d.ts +9 -0
  157. package/dist/src/parser.d.ts.map +1 -1
  158. package/dist/src/parser.js +11 -0
  159. package/dist/src/parser.js.map +1 -1
  160. package/dist/src/plugins/store/discovery.d.ts +6 -3
  161. package/dist/src/plugins/store/discovery.d.ts.map +1 -1
  162. package/dist/src/plugins/store/discovery.js +11 -8
  163. package/dist/src/plugins/store/discovery.js.map +1 -1
  164. package/dist/src/ruvector/agent-wasm.d.ts.map +1 -1
  165. package/dist/src/ruvector/agent-wasm.js +4 -1
  166. package/dist/src/ruvector/agent-wasm.js.map +1 -1
  167. package/dist/src/ruvector/coverage-tools.js +6 -6
  168. package/dist/src/ruvector/coverage-tools.js.map +1 -1
  169. package/dist/src/ruvector/index.d.ts +0 -2
  170. package/dist/src/ruvector/index.d.ts.map +1 -1
  171. package/dist/src/ruvector/index.js +8 -2
  172. package/dist/src/ruvector/index.js.map +1 -1
  173. package/dist/src/ruvector/model-router.d.ts +22 -1
  174. package/dist/src/ruvector/model-router.d.ts.map +1 -1
  175. package/dist/src/ruvector/model-router.js +125 -5
  176. package/dist/src/ruvector/model-router.js.map +1 -1
  177. package/dist/src/services/headless-worker-executor.d.ts +6 -0
  178. package/dist/src/services/headless-worker-executor.d.ts.map +1 -1
  179. package/dist/src/services/headless-worker-executor.js +37 -3
  180. package/dist/src/services/headless-worker-executor.js.map +1 -1
  181. package/dist/src/services/worker-daemon.d.ts +80 -2
  182. package/dist/src/services/worker-daemon.d.ts.map +1 -1
  183. package/dist/src/services/worker-daemon.js +372 -11
  184. package/dist/src/services/worker-daemon.js.map +1 -1
  185. package/dist/tsconfig.tsbuildinfo +1 -1
  186. package/package.json +7 -5
  187. package/.claude/skills/agentdb-advanced/SKILL.md +0 -550
  188. package/.claude/skills/agentdb-learning/SKILL.md +0 -545
  189. package/.claude/skills/agentdb-memory-patterns/SKILL.md +0 -339
  190. package/.claude/skills/agentdb-optimization/SKILL.md +0 -509
  191. package/.claude/skills/agentdb-vector-search/SKILL.md +0 -339
  192. package/.claude/skills/agentic-jujutsu/SKILL.md +0 -645
  193. package/.claude/skills/aidefence-scan.md +0 -151
  194. package/.claude/skills/aidefence.yaml +0 -297
  195. package/.claude/skills/browser/SKILL.md +0 -204
  196. package/.claude/skills/flow-nexus-neural/SKILL.md +0 -738
  197. package/.claude/skills/flow-nexus-platform/SKILL.md +0 -1157
  198. package/.claude/skills/flow-nexus-swarm/SKILL.md +0 -610
  199. package/.claude/skills/github-code-review/SKILL.md +0 -1140
  200. package/.claude/skills/github-multi-repo/SKILL.md +0 -874
  201. package/.claude/skills/github-project-management/SKILL.md +0 -1277
  202. package/.claude/skills/github-release-management/SKILL.md +0 -1081
  203. package/.claude/skills/github-workflow-automation/SKILL.md +0 -1065
  204. package/.claude/skills/hive-mind-advanced/SKILL.md +0 -712
  205. package/.claude/skills/hooks-automation/SKILL.md +0 -1201
  206. package/.claude/skills/pair-programming/SKILL.md +0 -1202
  207. package/.claude/skills/performance-analysis/SKILL.md +0 -563
  208. package/.claude/skills/reasoningbank-agentdb/SKILL.md +0 -446
  209. package/.claude/skills/reasoningbank-intelligence/SKILL.md +0 -201
  210. package/.claude/skills/secure-review.md +0 -181
  211. package/.claude/skills/skill-builder/SKILL.md +0 -910
  212. package/.claude/skills/sparc-methodology/SKILL.md +0 -1115
  213. package/.claude/skills/stream-chain/SKILL.md +0 -563
  214. package/.claude/skills/swarm-advanced/SKILL.md +0 -973
  215. package/.claude/skills/swarm-orchestration/SKILL.md +0 -179
  216. package/.claude/skills/v3-cli-modernization/SKILL.md +0 -872
  217. package/.claude/skills/v3-core-implementation/SKILL.md +0 -797
  218. package/.claude/skills/v3-ddd-architecture/SKILL.md +0 -442
  219. package/.claude/skills/v3-integration-deep/SKILL.md +0 -241
  220. package/.claude/skills/v3-mcp-optimization/SKILL.md +0 -777
  221. package/.claude/skills/v3-memory-unification/SKILL.md +0 -174
  222. package/.claude/skills/v3-performance-optimization/SKILL.md +0 -390
  223. package/.claude/skills/v3-security-overhaul/SKILL.md +0 -82
  224. package/.claude/skills/v3-swarm-coordination/SKILL.md +0 -340
  225. package/.claude/skills/verification-quality/SKILL.md +0 -649
  226. package/.claude/skills/worker-benchmarks/skill.md +0 -135
  227. package/.claude/skills/worker-integration/skill.md +0 -154
@@ -1,181 +0,0 @@
1
- ---
2
- name: secure-review
3
- version: 1.0.0
4
- description: Security-focused code review with AI manipulation detection
5
- author: rUv
6
- tags: [security, code-review, aidefence]
7
-
8
- invocation:
9
- - /secure-review
10
- - /security-review
11
-
12
- requires:
13
- - "@claude-flow/aidefence"
14
- ---
15
-
16
- # Secure Review Skill
17
-
18
- Perform security-focused code reviews that include AI manipulation detection, credential scanning, and security best practice validation.
19
-
20
- ## Commands
21
-
22
- ### `/secure-review <file-or-directory>`
23
- Review code for security issues including:
24
- - Hardcoded credentials
25
- - Prompt injection vulnerabilities
26
- - Unsafe input handling
27
- - Security anti-patterns
28
-
29
- ### `/secure-review --quick <file>`
30
- Quick security scan without detailed analysis.
31
-
32
- ### `/secure-review --fix <file>`
33
- Review and suggest fixes for security issues.
34
-
35
- ---
36
-
37
- ## Execution Instructions
38
-
39
- When `/secure-review` is invoked:
40
-
41
- ### Step 1: Initialize Security Tools
42
-
43
- ```typescript
44
- import { createAIDefence } from '@claude-flow/aidefence';
45
-
46
- const aidefence = createAIDefence({ enableLearning: true });
47
- ```
48
-
49
- ### Step 2: Read and Analyze Files
50
-
51
- For each file to review:
52
-
53
- 1. **Read the file** using the Read tool
54
- 2. **Scan for PII/Credentials**:
55
- ```typescript
56
- const piiResult = aidefence.hasPII(fileContent);
57
- if (piiResult) {
58
- findings.push({
59
- type: 'pii',
60
- severity: 'high',
61
- message: 'Potential credentials or PII detected',
62
- file: filePath
63
- });
64
- }
65
- ```
66
-
67
- 3. **Check for dangerous patterns**:
68
- ```typescript
69
- const dangerousPatterns = [
70
- { pattern: /eval\s*\(/, message: 'Unsafe eval() usage', severity: 'critical' },
71
- { pattern: /innerHTML\s*=/, message: 'Potential XSS via innerHTML', severity: 'high' },
72
- { pattern: /shell:\s*true/, message: 'Shell injection risk', severity: 'critical' },
73
- { pattern: /dangerouslySetInnerHTML/, message: 'Dangerous HTML injection', severity: 'high' },
74
- { pattern: /password.*=.*['"][^'"]+['"]/, message: 'Hardcoded password', severity: 'critical' },
75
- ];
76
-
77
- for (const { pattern, message, severity } of dangerousPatterns) {
78
- const match = fileContent.match(pattern);
79
- if (match) {
80
- findings.push({ type: 'security', severity, message, file: filePath, line: getLineNumber(match) });
81
- }
82
- }
83
- ```
84
-
85
- 4. **Scan for prompt injection in AI code**:
86
- ```typescript
87
- // If file contains AI/LLM related code
88
- if (/openai|anthropic|llm|prompt|chat/i.test(fileContent)) {
89
- // Check for unsafe prompt construction
90
- const unsafePromptPatterns = [
91
- /\$\{.*user.*\}/i, // Template literal with user input
92
- /\+ .*input/i, // String concatenation with input
93
- /prompt.*=.*request/i, // Direct request to prompt
94
- ];
95
-
96
- for (const pattern of unsafePromptPatterns) {
97
- if (pattern.test(fileContent)) {
98
- findings.push({
99
- type: 'prompt_injection_risk',
100
- severity: 'high',
101
- message: 'Potential prompt injection vulnerability - user input directly in prompt',
102
- file: filePath
103
- });
104
- }
105
- }
106
- }
107
- ```
108
-
109
- ### Step 3: Generate Report
110
-
111
- ```markdown
112
- ## Security Review Report
113
-
114
- ### Summary
115
- - Files reviewed: X
116
- - Critical issues: X
117
- - High severity: X
118
- - Medium severity: X
119
- - Low severity: X
120
-
121
- ### Findings
122
-
123
- #### Critical
124
- 1. **[file.ts:42]** Hardcoded API key detected
125
- - **Risk**: Credential exposure
126
- - **Fix**: Move to environment variable
127
-
128
- #### High
129
- 1. **[api.ts:108]** User input directly concatenated to prompt
130
- - **Risk**: Prompt injection vulnerability
131
- - **Fix**: Sanitize and validate user input before including in prompts
132
-
133
- ### Recommendations
134
- 1. Enable input validation at all API boundaries
135
- 2. Use environment variables for all credentials
136
- 3. Implement prompt injection defenses for AI code
137
- ```
138
-
139
- ### Step 4: Learn from Review
140
-
141
- ```typescript
142
- // Store review patterns for learning
143
- for (const finding of findings) {
144
- await aidefence.learnFromDetection(
145
- finding.context,
146
- { safe: false, threats: [{ type: finding.type, severity: finding.severity }] }
147
- );
148
- }
149
- ```
150
-
151
- ## Example Output
152
-
153
- ```
154
- 🔍 Security Review: src/api/
155
-
156
- Scanning 12 files...
157
-
158
- ❌ CRITICAL: src/api/config.ts:15
159
- Hardcoded API key: sk-ant-api03...
160
- → Move to .env file and use process.env.ANTHROPIC_API_KEY
161
-
162
- âš ī¸ HIGH: src/api/chat.ts:42
163
- User input directly in prompt template
164
- → Sanitize input: const sanitized = sanitizeForPrompt(userInput)
165
-
166
- âš ī¸ HIGH: src/api/chat.ts:67
167
- No input length validation
168
- → Add: if (input.length > MAX_INPUT_LENGTH) throw new Error('...')
169
-
170
- â„šī¸ MEDIUM: src/api/utils.ts:23
171
- Using eval() for JSON parsing
172
- → Use JSON.parse() instead
173
-
174
- 📊 Summary: 1 critical, 2 high, 1 medium issues found
175
- ```
176
-
177
- ## Integration Notes
178
-
179
- - Works with `reviewer` agent for comprehensive code reviews
180
- - Findings are stored in memory for pattern learning
181
- - Can be triggered automatically via pre-commit hooks