@cubis/foundry 0.3.33 → 0.3.35

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (591) hide show
  1. package/CHANGELOG.md +30 -0
  2. package/README.md +56 -11
  3. package/bin/cubis.js +2809 -965
  4. package/mcp/.dockerignore +5 -0
  5. package/mcp/Dockerfile +19 -0
  6. package/mcp/README.md +550 -11
  7. package/mcp/config.json +18 -0
  8. package/mcp/dist/index.d.ts +1 -0
  9. package/mcp/dist/index.js +1488 -0
  10. package/mcp/package.json +36 -0
  11. package/mcp/src/cbxConfig/index.ts +23 -0
  12. package/mcp/src/cbxConfig/paths.ts +45 -0
  13. package/mcp/src/cbxConfig/reader.ts +149 -0
  14. package/mcp/src/cbxConfig/readerWriter.test.ts +147 -0
  15. package/mcp/src/cbxConfig/serviceConfig.test.ts +42 -0
  16. package/mcp/src/cbxConfig/serviceConfig.ts +157 -0
  17. package/mcp/src/cbxConfig/types.ts +44 -0
  18. package/mcp/src/cbxConfig/writer.ts +90 -0
  19. package/mcp/src/config/index.test.ts +81 -0
  20. package/mcp/src/config/index.ts +45 -0
  21. package/mcp/src/config/schema.ts +55 -0
  22. package/mcp/src/gateway/catalog.ts +37 -0
  23. package/mcp/src/gateway/config.ts +247 -0
  24. package/mcp/src/gateway/manager.ts +255 -0
  25. package/mcp/src/gateway/types.ts +54 -0
  26. package/mcp/src/gateway/upstreamClient.ts +80 -0
  27. package/mcp/src/index.ts +211 -0
  28. package/mcp/src/server.ts +219 -0
  29. package/mcp/src/tools/configTools.test.ts +166 -0
  30. package/mcp/src/tools/future/README.md +21 -0
  31. package/mcp/src/tools/future/index.ts +8 -0
  32. package/mcp/src/tools/index.ts +76 -0
  33. package/mcp/src/tools/mcpGateway.ts +44 -0
  34. package/mcp/src/tools/postmanGetMode.ts +82 -0
  35. package/mcp/src/tools/postmanGetStatus.ts +65 -0
  36. package/mcp/src/tools/postmanModes.ts +28 -0
  37. package/mcp/src/tools/postmanSetMode.ts +71 -0
  38. package/mcp/src/tools/skillBrowseCategory.ts +54 -0
  39. package/mcp/src/tools/skillGet.ts +43 -0
  40. package/mcp/src/tools/skillListCategories.ts +40 -0
  41. package/mcp/src/tools/skillSearch.ts +72 -0
  42. package/mcp/src/tools/skillTools.test.ts +126 -0
  43. package/mcp/src/tools/stitchGetMode.ts +58 -0
  44. package/mcp/src/tools/stitchGetStatus.ts +70 -0
  45. package/mcp/src/tools/stitchSetProfile.ts +82 -0
  46. package/mcp/src/transports/stdio.ts +9 -0
  47. package/mcp/src/transports/streamableHttp.ts +43 -0
  48. package/mcp/src/upstream/passthrough.ts +273 -0
  49. package/mcp/src/utils/errors.ts +38 -0
  50. package/mcp/src/utils/logger.ts +63 -0
  51. package/mcp/src/vault/manifest.test.ts +126 -0
  52. package/mcp/src/vault/manifest.ts +99 -0
  53. package/mcp/src/vault/scanner.test.ts +70 -0
  54. package/mcp/src/vault/scanner.ts +145 -0
  55. package/mcp/src/vault/types.ts +21 -0
  56. package/package.json +9 -2
  57. package/workflows/scripts/generate-powers.mjs +27 -18
  58. package/workflows/skills/skills_index.json +0 -102
  59. package/workflows/workflows/agent-environment-setup/manifest.json +0 -24
  60. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/nextjs-react-expert/SKILL.md +1 -1
  61. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/skills_index.json +0 -102
  62. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/nextjs-react-expert/SKILL.md +1 -1
  63. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/skills_index.json +0 -102
  64. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/nextjs-react-expert/SKILL.md +1 -1
  65. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/skills_index.json +0 -102
  66. package/mcp/catalogs/default.json +0 -14
  67. package/mcp/powers/atlassian-mcp/POWER.md +0 -91
  68. package/mcp/powers/atlassian-mcp/SKILL.md +0 -88
  69. package/mcp/powers/atlassian-mcp/steering/authentication-patterns.md +0 -520
  70. package/mcp/powers/atlassian-mcp/steering/common-workflows.md +0 -660
  71. package/mcp/powers/atlassian-mcp/steering/confluence-operations.md +0 -528
  72. package/mcp/powers/atlassian-mcp/steering/jira-queries.md +0 -421
  73. package/mcp/powers/atlassian-mcp/steering/mcp-server-setup.md +0 -292
  74. package/mcp/powers/building-mcp-server-on-cloudflare/POWER.md +0 -261
  75. package/mcp/powers/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  76. package/mcp/powers/building-mcp-server-on-cloudflare/steering/examples.md +0 -115
  77. package/mcp/powers/building-mcp-server-on-cloudflare/steering/oauth-setup.md +0 -338
  78. package/mcp/powers/building-mcp-server-on-cloudflare/steering/troubleshooting.md +0 -317
  79. package/mcp/powers/datadog-automation/POWER.md +0 -238
  80. package/mcp/powers/datadog-automation/SKILL.md +0 -235
  81. package/mcp/powers/github-automation/POWER.md +0 -230
  82. package/mcp/powers/github-automation/SKILL.md +0 -227
  83. package/mcp/powers/mcp-builder/LICENSE.txt +0 -202
  84. package/mcp/powers/mcp-builder/POWER.md +0 -179
  85. package/mcp/powers/mcp-builder/SKILL.md +0 -176
  86. package/mcp/powers/mcp-builder/reference/evaluation.md +0 -602
  87. package/mcp/powers/mcp-builder/reference/mcp_best_practices.md +0 -915
  88. package/mcp/powers/mcp-builder/reference/node_mcp_server.md +0 -916
  89. package/mcp/powers/mcp-builder/reference/python_mcp_server.md +0 -752
  90. package/mcp/powers/mcp-builder/scripts/connections.py +0 -151
  91. package/mcp/powers/mcp-builder/scripts/evaluation.py +0 -373
  92. package/mcp/powers/mcp-builder/scripts/example_evaluation.xml +0 -22
  93. package/mcp/powers/mcp-builder/scripts/requirements.txt +0 -2
  94. package/mcp/powers/mcp-developer/POWER.md +0 -88
  95. package/mcp/powers/mcp-developer/SKILL.md +0 -85
  96. package/mcp/powers/mcp-developer/steering/protocol.md +0 -244
  97. package/mcp/powers/mcp-developer/steering/python-sdk.md +0 -367
  98. package/mcp/powers/mcp-developer/steering/resources.md +0 -554
  99. package/mcp/powers/mcp-developer/steering/tools.md +0 -480
  100. package/mcp/powers/mcp-developer/steering/typescript-sdk.md +0 -350
  101. package/mcp/powers/postman/POWER.md +0 -243
  102. package/mcp/powers/postman/SKILL.md +0 -240
  103. package/mcp/powers/postman/flutter-expert/POWER.md +0 -89
  104. package/mcp/powers/postman/flutter-expert/SKILL.md +0 -77
  105. package/mcp/powers/postman/flutter-expert/steering/bloc-state.md +0 -259
  106. package/mcp/powers/postman/flutter-expert/steering/engineering-principles.md +0 -82
  107. package/mcp/powers/postman/flutter-expert/steering/gorouter-navigation.md +0 -157
  108. package/mcp/powers/postman/flutter-expert/steering/performance.md +0 -99
  109. package/mcp/powers/postman/flutter-expert/steering/project-structure.md +0 -77
  110. package/mcp/powers/postman/flutter-expert/steering/riverpod-state.md +0 -404
  111. package/mcp/powers/postman/flutter-expert/steering/widget-patterns.md +0 -123
  112. package/mcp/powers/postman/flutter-security-reviewer/POWER.md +0 -204
  113. package/mcp/powers/postman/flutter-security-reviewer/SKILL.md +0 -180
  114. package/mcp/powers/postman/flutter-security-reviewer/steering/log_redaction.md +0 -17
  115. package/mcp/powers/postman/flutter-security-reviewer/steering/network_hardening.md +0 -13
  116. package/mcp/powers/postman/flutter-security-reviewer/steering/secret-scanning.md +0 -123
  117. package/mcp/powers/postman/flutter-security-reviewer/steering/secure_storage_policy.md +0 -16
  118. package/mcp/powers/postman/flutter-security-reviewer/steering/vulnerability-patterns.md +0 -189
  119. package/mcp/powers/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  120. package/mcp/powers/postman/flutter-test-master/POWER.md +0 -527
  121. package/mcp/powers/postman/flutter-test-master/SKILL.md +0 -513
  122. package/mcp/powers/postman/flutter-test-master/steering/golden-testing.md +0 -444
  123. package/mcp/powers/postman/flutter-test-master/steering/integration-testing.md +0 -688
  124. package/mcp/powers/postman/flutter-test-master/steering/property-testing.md +0 -408
  125. package/mcp/powers/postman/flutter-test-master/steering/riverpod-testing.md +0 -606
  126. package/mcp/powers/postman/flutter-test-master/steering/test-utilities.md +0 -566
  127. package/mcp/powers/postman/flutter-test-master/steering/unit-testing.md +0 -511
  128. package/mcp/powers/postman/flutter-test-master/steering/widget-testing.md +0 -601
  129. package/mcp/powers/postman/git-commit/POWER.md +0 -47
  130. package/mcp/powers/postman/git-commit/SKILL.md +0 -46
  131. package/mcp/powers/postman/gorouter-restoration/POWER.md +0 -227
  132. package/mcp/powers/postman/gorouter-restoration/SKILL.md +0 -217
  133. package/mcp/powers/postman/gorouter-restoration/steering/guard_patterns.md +0 -14
  134. package/mcp/powers/postman/gorouter-restoration/steering/tab_preservation.md +0 -12
  135. package/mcp/powers/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  136. package/mcp/powers/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  137. package/mcp/powers/postman/mcp.json +0 -11
  138. package/mcp/powers/postman/microservices-architect/POWER.md +0 -109
  139. package/mcp/powers/postman/microservices-architect/SKILL.md +0 -93
  140. package/mcp/powers/postman/microservices-architect/steering/communication.md +0 -499
  141. package/mcp/powers/postman/microservices-architect/steering/data.md +0 -721
  142. package/mcp/powers/postman/microservices-architect/steering/decomposition.md +0 -344
  143. package/mcp/powers/postman/microservices-architect/steering/observability.md +0 -805
  144. package/mcp/powers/postman/microservices-architect/steering/patterns.md +0 -603
  145. package/mcp/powers/postman/nestjs-expert/POWER.md +0 -130
  146. package/mcp/powers/postman/nestjs-expert/SKILL.md +0 -114
  147. package/mcp/powers/postman/nestjs-expert/steering/authentication.md +0 -461
  148. package/mcp/powers/postman/nestjs-expert/steering/controllers-routing.md +0 -114
  149. package/mcp/powers/postman/nestjs-expert/steering/dtos-validation.md +0 -156
  150. package/mcp/powers/postman/nestjs-expert/steering/migration-from-express.md +0 -1240
  151. package/mcp/powers/postman/nestjs-expert/steering/secure-sessions.md +0 -56
  152. package/mcp/powers/postman/nestjs-expert/steering/services-di.md +0 -143
  153. package/mcp/powers/postman/nestjs-expert/steering/strangler-fig-pattern.md +0 -47
  154. package/mcp/powers/postman/nestjs-expert/steering/testing-patterns.md +0 -189
  155. package/mcp/powers/postman/oneup-design/POWER.md +0 -72
  156. package/mcp/powers/postman/oneup-design/SKILL.md +0 -71
  157. package/mcp/powers/postman/oneup-design/steering/colors.md +0 -41
  158. package/mcp/powers/postman/oneup-design/steering/components.md +0 -53
  159. package/mcp/powers/postman/oneup-design/steering/spacing.md +0 -84
  160. package/mcp/powers/postman/openapi-docs/POWER.md +0 -78
  161. package/mcp/powers/postman/openapi-docs/SKILL.md +0 -68
  162. package/mcp/powers/postman/openapi-docs/steering/crud-templates.md +0 -43
  163. package/mcp/powers/postman/openapi-docs/steering/framework-express.md +0 -19
  164. package/mcp/powers/postman/openapi-docs/steering/framework-fastapi.md +0 -20
  165. package/mcp/powers/postman/openapi-docs/steering/framework-nestjs.md +0 -20
  166. package/mcp/powers/postman/openapi-docs/steering/framework-raw-openapi.md +0 -14
  167. package/mcp/powers/postman/openapi-docs/steering/openapi-checklist.md +0 -33
  168. package/mcp/powers/postman/openapi-docs/steering/stoplight-ui.md +0 -21
  169. package/mcp/powers/postman/steering/steering.md +0 -26
  170. package/mcp/powers/sentry-automation/POWER.md +0 -235
  171. package/mcp/powers/sentry-automation/SKILL.md +0 -232
  172. package/mcp/skills/atlassian-mcp/SKILL.md +0 -88
  173. package/mcp/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  174. package/mcp/skills/atlassian-mcp/references/common-workflows.md +0 -660
  175. package/mcp/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  176. package/mcp/skills/atlassian-mcp/references/jira-queries.md +0 -421
  177. package/mcp/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  178. package/mcp/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  179. package/mcp/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  180. package/mcp/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  181. package/mcp/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  182. package/mcp/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  183. package/mcp/skills/datadog-automation/SKILL.md +0 -235
  184. package/mcp/skills/github-automation/SKILL.md +0 -227
  185. package/mcp/skills/mcp-builder/LICENSE.txt +0 -202
  186. package/mcp/skills/mcp-builder/SKILL.md +0 -176
  187. package/mcp/skills/mcp-builder/reference/evaluation.md +0 -602
  188. package/mcp/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  189. package/mcp/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  190. package/mcp/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  191. package/mcp/skills/mcp-builder/scripts/connections.py +0 -151
  192. package/mcp/skills/mcp-builder/scripts/evaluation.py +0 -373
  193. package/mcp/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  194. package/mcp/skills/mcp-builder/scripts/requirements.txt +0 -2
  195. package/mcp/skills/mcp-developer/SKILL.md +0 -85
  196. package/mcp/skills/mcp-developer/references/protocol.md +0 -244
  197. package/mcp/skills/mcp-developer/references/python-sdk.md +0 -367
  198. package/mcp/skills/mcp-developer/references/resources.md +0 -554
  199. package/mcp/skills/mcp-developer/references/tools.md +0 -480
  200. package/mcp/skills/mcp-developer/references/typescript-sdk.md +0 -350
  201. package/mcp/skills/postman/POWER.md +0 -242
  202. package/mcp/skills/postman/SKILL.md +0 -240
  203. package/mcp/skills/postman/flutter-expert/POWER.md +0 -89
  204. package/mcp/skills/postman/flutter-expert/SKILL.md +0 -77
  205. package/mcp/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  206. package/mcp/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  207. package/mcp/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  208. package/mcp/skills/postman/flutter-expert/references/performance.md +0 -99
  209. package/mcp/skills/postman/flutter-expert/references/project-structure.md +0 -77
  210. package/mcp/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  211. package/mcp/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  212. package/mcp/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  213. package/mcp/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  214. package/mcp/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  215. package/mcp/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  216. package/mcp/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  217. package/mcp/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  218. package/mcp/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  219. package/mcp/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  220. package/mcp/skills/postman/flutter-test-master/POWER.md +0 -527
  221. package/mcp/skills/postman/flutter-test-master/SKILL.md +0 -513
  222. package/mcp/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  223. package/mcp/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  224. package/mcp/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  225. package/mcp/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  226. package/mcp/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  227. package/mcp/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  228. package/mcp/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  229. package/mcp/skills/postman/git-commit/POWER.md +0 -47
  230. package/mcp/skills/postman/git-commit/SKILL.md +0 -46
  231. package/mcp/skills/postman/gorouter-restoration/POWER.md +0 -227
  232. package/mcp/skills/postman/gorouter-restoration/SKILL.md +0 -217
  233. package/mcp/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  234. package/mcp/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  235. package/mcp/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  236. package/mcp/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  237. package/mcp/skills/postman/mcp.json +0 -11
  238. package/mcp/skills/postman/microservices-architect/POWER.md +0 -109
  239. package/mcp/skills/postman/microservices-architect/SKILL.md +0 -93
  240. package/mcp/skills/postman/microservices-architect/references/communication.md +0 -499
  241. package/mcp/skills/postman/microservices-architect/references/data.md +0 -721
  242. package/mcp/skills/postman/microservices-architect/references/decomposition.md +0 -344
  243. package/mcp/skills/postman/microservices-architect/references/observability.md +0 -805
  244. package/mcp/skills/postman/microservices-architect/references/patterns.md +0 -603
  245. package/mcp/skills/postman/nestjs-expert/POWER.md +0 -130
  246. package/mcp/skills/postman/nestjs-expert/SKILL.md +0 -114
  247. package/mcp/skills/postman/nestjs-expert/references/authentication.md +0 -461
  248. package/mcp/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  249. package/mcp/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  250. package/mcp/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  251. package/mcp/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  252. package/mcp/skills/postman/nestjs-expert/references/services-di.md +0 -143
  253. package/mcp/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  254. package/mcp/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  255. package/mcp/skills/postman/oneup-design/POWER.md +0 -72
  256. package/mcp/skills/postman/oneup-design/SKILL.md +0 -71
  257. package/mcp/skills/postman/oneup-design/references/colors.md +0 -41
  258. package/mcp/skills/postman/oneup-design/references/components.md +0 -53
  259. package/mcp/skills/postman/oneup-design/references/spacing.md +0 -84
  260. package/mcp/skills/postman/openapi-docs/POWER.md +0 -78
  261. package/mcp/skills/postman/openapi-docs/SKILL.md +0 -68
  262. package/mcp/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  263. package/mcp/skills/postman/openapi-docs/references/framework-express.md +0 -19
  264. package/mcp/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  265. package/mcp/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  266. package/mcp/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  267. package/mcp/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  268. package/mcp/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  269. package/mcp/skills/postman/references/steering.md +0 -26
  270. package/mcp/skills/sentry-automation/SKILL.md +0 -232
  271. package/workflows/powers/atlassian-mcp/POWER.md +0 -21
  272. package/workflows/powers/atlassian-mcp/SKILL.md +0 -18
  273. package/workflows/powers/building-mcp-server-on-cloudflare/POWER.md +0 -21
  274. package/workflows/powers/building-mcp-server-on-cloudflare/SKILL.md +0 -18
  275. package/workflows/powers/datadog-automation/POWER.md +0 -21
  276. package/workflows/powers/datadog-automation/SKILL.md +0 -18
  277. package/workflows/powers/github-automation/POWER.md +0 -21
  278. package/workflows/powers/github-automation/SKILL.md +0 -18
  279. package/workflows/powers/mcp-builder/POWER.md +0 -21
  280. package/workflows/powers/mcp-builder/SKILL.md +0 -18
  281. package/workflows/powers/mcp-developer/POWER.md +0 -21
  282. package/workflows/powers/mcp-developer/SKILL.md +0 -18
  283. package/workflows/powers/postman/POWER.md +0 -21
  284. package/workflows/powers/postman/SKILL.md +0 -18
  285. package/workflows/powers/sentry-automation/POWER.md +0 -21
  286. package/workflows/powers/sentry-automation/SKILL.md +0 -18
  287. package/workflows/skills/atlassian-mcp/SKILL.md +0 -18
  288. package/workflows/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -18
  289. package/workflows/skills/datadog-automation/SKILL.md +0 -18
  290. package/workflows/skills/github-automation/SKILL.md +0 -18
  291. package/workflows/skills/mcp-builder/SKILL.md +0 -18
  292. package/workflows/skills/mcp-developer/SKILL.md +0 -18
  293. package/workflows/skills/postman/SKILL.md +0 -18
  294. package/workflows/skills/sentry-automation/SKILL.md +0 -18
  295. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/SKILL.md +0 -88
  296. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  297. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/common-workflows.md +0 -660
  298. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  299. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/jira-queries.md +0 -421
  300. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  301. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  302. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  303. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  304. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  305. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  306. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/datadog-automation/SKILL.md +0 -235
  307. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/github-automation/SKILL.md +0 -227
  308. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/LICENSE.txt +0 -202
  309. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/SKILL.md +0 -176
  310. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/evaluation.md +0 -602
  311. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  312. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  313. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  314. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/connections.py +0 -151
  315. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/evaluation.py +0 -373
  316. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  317. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/requirements.txt +0 -2
  318. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/SKILL.md +0 -85
  319. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/protocol.md +0 -244
  320. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/python-sdk.md +0 -367
  321. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/resources.md +0 -554
  322. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/tools.md +0 -480
  323. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/typescript-sdk.md +0 -350
  324. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/POWER.md +0 -242
  325. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/SKILL.md +0 -240
  326. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/POWER.md +0 -89
  327. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/SKILL.md +0 -77
  328. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  329. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  330. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  331. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/performance.md +0 -99
  332. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/project-structure.md +0 -77
  333. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  334. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  335. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  336. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  337. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  338. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  339. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  340. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  341. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  342. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  343. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/POWER.md +0 -527
  344. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/SKILL.md +0 -513
  345. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  346. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  347. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  348. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  349. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  350. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  351. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  352. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/git-commit/POWER.md +0 -47
  353. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/git-commit/SKILL.md +0 -46
  354. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/POWER.md +0 -227
  355. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/SKILL.md +0 -217
  356. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  357. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  358. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  359. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  360. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/mcp.json +0 -11
  361. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/POWER.md +0 -109
  362. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/SKILL.md +0 -93
  363. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/communication.md +0 -499
  364. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/data.md +0 -721
  365. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/decomposition.md +0 -344
  366. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/observability.md +0 -805
  367. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/patterns.md +0 -603
  368. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/POWER.md +0 -130
  369. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/SKILL.md +0 -114
  370. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/authentication.md +0 -461
  371. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  372. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  373. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  374. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  375. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/services-di.md +0 -143
  376. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  377. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  378. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/POWER.md +0 -72
  379. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/SKILL.md +0 -71
  380. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/references/colors.md +0 -41
  381. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/references/components.md +0 -53
  382. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/references/spacing.md +0 -84
  383. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/POWER.md +0 -78
  384. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/SKILL.md +0 -68
  385. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  386. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-express.md +0 -19
  387. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  388. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  389. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  390. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  391. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  392. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/references/steering.md +0 -26
  393. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/sentry-automation/SKILL.md +0 -232
  394. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/SKILL.md +0 -88
  395. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  396. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/common-workflows.md +0 -660
  397. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  398. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/jira-queries.md +0 -421
  399. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  400. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  401. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  402. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  403. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  404. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  405. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/datadog-automation/SKILL.md +0 -235
  406. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/github-automation/SKILL.md +0 -227
  407. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/LICENSE.txt +0 -202
  408. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/SKILL.md +0 -176
  409. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/evaluation.md +0 -602
  410. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  411. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  412. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  413. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/connections.py +0 -151
  414. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/evaluation.py +0 -373
  415. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  416. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/requirements.txt +0 -2
  417. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/SKILL.md +0 -85
  418. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/protocol.md +0 -244
  419. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/python-sdk.md +0 -367
  420. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/resources.md +0 -554
  421. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/tools.md +0 -480
  422. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/typescript-sdk.md +0 -350
  423. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/POWER.md +0 -242
  424. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/SKILL.md +0 -240
  425. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/POWER.md +0 -89
  426. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/SKILL.md +0 -77
  427. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  428. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  429. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  430. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/performance.md +0 -99
  431. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/project-structure.md +0 -77
  432. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  433. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  434. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  435. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  436. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  437. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  438. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  439. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  440. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  441. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  442. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/POWER.md +0 -527
  443. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/SKILL.md +0 -513
  444. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  445. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  446. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  447. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  448. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  449. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  450. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  451. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/git-commit/POWER.md +0 -47
  452. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/git-commit/SKILL.md +0 -46
  453. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/POWER.md +0 -227
  454. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/SKILL.md +0 -217
  455. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  456. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  457. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  458. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  459. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/mcp.json +0 -11
  460. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/POWER.md +0 -109
  461. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/SKILL.md +0 -93
  462. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/communication.md +0 -499
  463. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/data.md +0 -721
  464. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/decomposition.md +0 -344
  465. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/observability.md +0 -805
  466. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/patterns.md +0 -603
  467. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/POWER.md +0 -130
  468. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/SKILL.md +0 -114
  469. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/authentication.md +0 -461
  470. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  471. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  472. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  473. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  474. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/services-di.md +0 -143
  475. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  476. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  477. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/POWER.md +0 -72
  478. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/SKILL.md +0 -71
  479. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/references/colors.md +0 -41
  480. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/references/components.md +0 -53
  481. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/references/spacing.md +0 -84
  482. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/POWER.md +0 -78
  483. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/SKILL.md +0 -68
  484. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  485. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-express.md +0 -19
  486. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  487. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  488. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  489. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  490. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  491. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/references/steering.md +0 -26
  492. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/sentry-automation/SKILL.md +0 -232
  493. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/SKILL.md +0 -88
  494. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  495. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/common-workflows.md +0 -660
  496. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  497. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/jira-queries.md +0 -421
  498. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  499. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  500. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  501. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  502. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  503. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  504. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/datadog-automation/SKILL.md +0 -235
  505. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/github-automation/SKILL.md +0 -227
  506. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/LICENSE.txt +0 -202
  507. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/SKILL.md +0 -176
  508. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/evaluation.md +0 -602
  509. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  510. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  511. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  512. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/connections.py +0 -151
  513. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/evaluation.py +0 -373
  514. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  515. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/requirements.txt +0 -2
  516. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/SKILL.md +0 -85
  517. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/protocol.md +0 -244
  518. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/python-sdk.md +0 -367
  519. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/resources.md +0 -554
  520. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/tools.md +0 -480
  521. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/typescript-sdk.md +0 -350
  522. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/POWER.md +0 -242
  523. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/SKILL.md +0 -240
  524. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/POWER.md +0 -89
  525. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/SKILL.md +0 -77
  526. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  527. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  528. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  529. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/performance.md +0 -99
  530. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/project-structure.md +0 -77
  531. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  532. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  533. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  534. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  535. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  536. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  537. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  538. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  539. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  540. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  541. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/POWER.md +0 -527
  542. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/SKILL.md +0 -513
  543. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  544. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  545. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  546. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  547. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  548. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  549. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  550. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/git-commit/POWER.md +0 -47
  551. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/git-commit/SKILL.md +0 -46
  552. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/POWER.md +0 -227
  553. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/SKILL.md +0 -217
  554. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  555. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  556. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  557. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  558. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/mcp.json +0 -11
  559. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/POWER.md +0 -109
  560. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/SKILL.md +0 -93
  561. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/communication.md +0 -499
  562. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/data.md +0 -721
  563. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/decomposition.md +0 -344
  564. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/observability.md +0 -805
  565. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/patterns.md +0 -603
  566. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/POWER.md +0 -130
  567. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/SKILL.md +0 -114
  568. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/authentication.md +0 -461
  569. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  570. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  571. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  572. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  573. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/services-di.md +0 -143
  574. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  575. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  576. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/POWER.md +0 -72
  577. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/SKILL.md +0 -71
  578. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/references/colors.md +0 -41
  579. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/references/components.md +0 -53
  580. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/references/spacing.md +0 -84
  581. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/POWER.md +0 -78
  582. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/SKILL.md +0 -68
  583. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  584. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-express.md +0 -19
  585. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  586. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  587. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  588. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  589. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  590. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/references/steering.md +0 -26
  591. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/sentry-automation/SKILL.md +0 -232
package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/SKILL.md DELETED
@@ -1,180 +0,0 @@
1
- ---
2
- name: "flutter-security-reviewer"
3
- description: "Review Flutter/Dart code for security vulnerabilities: secure storage, network hardening, log redaction, and data protection"
4
- ---
5
-
6
-
7
- # Flutter/Dart Security Reviewer
8
-
9
- ## Overview
10
-
11
- This power helps you identify and fix security vulnerabilities in mobile and web applications, focusing on secure storage, network hardening, log redaction, and sensitive data handling.
12
-
13
- ## When to Use
14
-
15
- - Reviewing code that handles authentication tokens
16
- - Implementing secure storage for sensitive data
17
- - Adding logging/analytics that might expose PII
18
- - Reviewing network requests for security issues
19
- - Implementing biometric authentication
20
- - Handling user passwords or credentials
21
- - Processing payment information
22
- - Storing user preferences that contain sensitive data
23
- - Implementing session management
24
- - Any code that touches user data
25
-
26
- ## Review Output Format
27
-
28
- When reviewing, output exactly:
29
-
30
- 1. **Threat summary** (what could go wrong; 3-6 bullets)
31
- 2. **Findings** grouped by severity (CRITICAL/HIGH/MED/LOW)
32
- 3. **Concrete mitigations** (specific code-level steps)
33
- 4. **Security regression tests/checks** (what to verify)
34
- 5. **Logging & privacy audit** (PII, tokens, crash reports)
35
-
36
- ## Severity Definitions
37
-
38
- - **CRITICAL**: Token/session compromise, auth bypass, remote code/data exposure, storing secrets insecurely, PII leakage
39
- - **HIGH**: Weak access control, insecure defaults, sensitive data in logs, missing TLS assumptions
40
- - **MED**: Hardening gaps (timeouts, retry abuse, overly broad permissions)
41
- - **LOW**: Best-practice improvements
42
-
43
-
44
- ## 1) Authentication & Session Security
45
-
46
- ### Tokens
47
-
48
- **CRITICAL:**
49
- - Tokens in logs, analytics events, crash reports
50
- - Tokens stored in plain SharedPreferences without justification
51
-
52
- **Recommendations:**
53
- - Prefer secure storage for tokens (platform-backed) where possible
54
- - If SharedPreferences must be used, ensure:
55
- - Short-lived access tokens + refresh tokens handled carefully
56
- - Minimal token surface; never log
57
-
58
- ### Route Guards
59
- - Ensure router guards cannot be bypassed by deep links
60
- - Guard decisions must use authoritative session provider state
61
- - Avoid redirect loops (secure + usability)
62
-
63
-
64
- ## 2) Network Security
65
-
66
- ### Checklist
67
- - [ ] Use HTTPS in UAT/Prod baseUrl
68
- - [ ] Reasonable timeouts (connect/receive)
69
- - [ ] Avoid disabling cert validation
70
- - [ ] Do not accept all certs in production
71
- - [ ] Interceptors must not log sensitive headers or body fields
72
-
73
- ### Retry Policy
74
- - Avoid retrying non-idempotent requests unless safe
75
- - Backoff + max attempts
76
-
77
- ### Device ↔ Gateway Security
78
- - Prefer server-side validation and proper auth
79
- - Never "security-by-obscurity" headers
80
-
81
-
82
- ## 3) Local Data Protection
83
-
84
- **CRITICAL:**
85
- - Storing PII or tokens unencrypted without threat model
86
-
87
- **Guidance:**
88
- - Store only what's needed offline
89
- - Encrypt sensitive cached blobs if possible, or avoid caching them
90
- - Apply TTL to cached session/profile data
91
- - Clear data on logout
92
-
93
-
94
- ## 4) Input Validation & Injection Safety
95
-
96
- - [ ] Validate all user inputs before sending to API
97
- - [ ] Avoid string interpolation for SQL queries: use parameters
98
- - [ ] Avoid trusting client-only checks (roles, orgId); server must enforce
99
-
100
-
101
- ## 5) Privacy, Logging, Analytics
102
-
103
- **CRITICAL:**
104
- - PII in logs (`name`, `phone`, `location`, identifiers)
105
- - Tokens/headers in logs
106
- - Crashlytics sending PII
107
-
108
- **Guidance:**
109
- - Redact: Authorization headers, cookies, IDs if sensitive
110
- - Provide `toSafeLog()` helpers
111
- - Ensure debug logging is disabled/limited in release builds
112
-
113
-
114
- ## 6) Dependency & Supply Chain Hygiene
115
-
116
- - [ ] Check new packages are reputable and maintained
117
- - [ ] Avoid adding packages that request broad permissions without need
118
- - [ ] Pin versions as appropriate; review changelogs for security fixes
119
-
120
-
121
- ## 7) Security Review Checklist for PRs
122
-
123
- ### Always Search For
124
- - `print(`, `debugPrint(`, logging interceptors
125
- - `Authorization`, `token`, `refresh`, `secret`, `apiKey`
126
- - `badCertificateCallback`, `HttpClient` overrides
127
- - Persistent storage of user/session data
128
-
129
- ### Enforce
130
- - [ ] No secrets in repo
131
- - [ ] No insecure network overrides in production
132
- - [ ] Logout clears sensitive local data
133
- - [ ] Access control enforced server-side (don't trust client role/org headers alone)
134
-
135
-
136
- ## Quick Reference
137
-
138
- ### Secure Storage (DO)
139
-
140
- ```dart
141
- // ✅ Use flutter_secure_storage for tokens
142
- final storage = FlutterSecureStorage();
143
- await storage.write(key: 'auth_token', value: token);
144
- ```
145
-
146
- ### Secure Storage (DON'T)
147
-
148
- ```dart
149
- // ❌ Never store tokens in SharedPreferences
150
- final prefs = await SharedPreferences.getInstance();
151
- prefs.setString('auth_token', token); // INSECURE!
152
-
153
- // ❌ Never hardcode secrets
154
- const apiKey = 'sk_live_abc123'; // NEVER DO THIS
155
- ```
156
-
157
- ### Log Redaction
158
-
159
- ```dart
160
- // ❌ Bad - logs sensitive data
161
- logger.info('User login: ${user.email}, password: ${password}');
162
-
163
- // ✅ Good - no sensitive data in logs
164
- logger.info('User login successful: userId=${user.id}');
165
- ```
166
-
167
-
168
- ## Steering Files
169
-
170
- | File | Load When |
171
- | --------------------------- | -------------------------------------- |
172
- | `secure_storage_policy.md` | What to store where |
173
- | `network_hardening.md` | Network security best practices |
174
- | `log_redaction.md` | How to redact sensitive data from logs |
175
- | `vulnerability-patterns.md` | SQL injection, XSS, IDOR patterns |
176
- | `secret-scanning.md` | Finding hardcoded secrets |
177
-
178
- ## Templates
179
-
180
- - `security_review_response.md` - Security review report template
package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/log_redaction.md DELETED
@@ -1,17 +0,0 @@
1
- # Logging redaction policy
2
-
3
- ## Never log
4
- - Authorization headers
5
- - Cookies
6
- - refresh/access tokens
7
- - passwords/OTP codes
8
- - full request/response bodies containing PII
9
-
10
- ## Recommended
11
- - Log request method + path + status code
12
- - Log timing and correlation ids
13
- - Redact sensitive fields:
14
-
15
- Example (pseudo):
16
- - headers: replace Authorization with "***"
17
- - body: replace keys like token/password with "***"
package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/network_hardening.md DELETED
@@ -1,13 +0,0 @@
1
- # Network hardening (Dio)
2
-
3
- Checklist:
4
- - HTTPS only for UAT/Prod
5
- - Timeouts configured
6
- - Interceptors do not leak sensitive info
7
- - No `badCertificateCallback` in release
8
- - Use request IDs/transaction hashes for tracing (non-secret)
9
-
10
- Retry policy:
11
- - idempotent requests only (GET)
12
- - exponential backoff
13
- - cap attempts
package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/secret-scanning.md DELETED
@@ -1,123 +0,0 @@
1
- # Secret Scanning
2
-
3
- > Reference for: Security Reviewer
4
- > Load when: Scanning for hardcoded secrets
5
-
6
- ## Manual Grep Patterns
7
-
8
- ```bash
9
- # Common secret patterns
10
- grep -rn "api_key\|apikey\|api-key" --include="*.dart" .
11
- grep -rn "secret\|password\|passwd" --include="*.dart" .
12
- grep -rn "private_key\|privatekey" --include="*.dart" .
13
- grep -rn "access_token\|accesstoken" --include="*.dart" .
14
-
15
- # Firebase/Google
16
- grep -rn "AIza[0-9A-Za-z_-]{35}" .
17
- grep -rn "firebase" --include="*.dart" .
18
-
19
- # AWS credentials
20
- grep -rn "AKIA[0-9A-Z]{16}" .
21
- grep -rn "aws_secret_access_key" .
22
-
23
- # Base64 encoded (potential secrets)
24
- grep -rn "[A-Za-z0-9+/]{40,}=" .
25
-
26
- # JWT tokens
27
- grep -rn "eyJ[A-Za-z0-9_-]*\.eyJ[A-Za-z0-9_-]*\." .
28
- ```
29
-
30
- ## Common Secret Patterns
31
-
32
- | Type | Pattern | Example |
33
- | ----------------- | -------------------------------- | -------------------------- |
34
- | AWS Access Key | `AKIA[0-9A-Z]{16}` | AKIAIOSFODNN7EXAMPLE |
35
- | AWS Secret Key | 40 char base64 | wJalrXUtnFEMI/K7MDENG... |
36
- | Firebase API Key | `AIza[0-9A-Za-z_-]{35}` | AIzaSyC... |
37
- | GitHub Token | `ghp_[A-Za-z0-9]{36}` | ghp_xxxxxxxxxxxx |
38
- | Slack Token | `xox[baprs]-` | xoxb-xxx-xxx |
39
- | Stripe Key | `sk_live_[A-Za-z0-9]{24}` | sk_live_xxxx |
40
- | Private Key | `-----BEGIN.*PRIVATE KEY-----` | RSA/EC keys |
41
- | JWT | `eyJ[A-Za-z0-9_-]*\.eyJ` | Encoded tokens |
42
-
43
- ## Flutter-Specific Locations to Check
44
-
45
- ```bash
46
- # Check these files for hardcoded secrets
47
- lib/core/config/
48
- lib/firebase_options.dart
49
- android/app/google-services.json
50
- ios/Runner/GoogleService-Info.plist
51
- .env files
52
- pubspec.yaml (sometimes contains keys)
53
- ```
54
-
55
- ## What to Look For
56
-
57
- ### Hardcoded API Keys
58
- ```dart
59
- // BAD - Hardcoded
60
- const apiKey = 'sk_live_abc123xyz';
61
- const firebaseKey = 'AIzaSyC...';
62
-
63
- // GOOD - Environment variable or secure storage
64
- final apiKey = const String.fromEnvironment('API_KEY');
65
- final apiKey = await secureStorage.read(key: 'api_key');
66
- ```
67
-
68
- ### Hardcoded URLs with Credentials
69
- ```dart
70
- // BAD
71
- const dbUrl = 'postgres://user:password@host:5432/db';
72
-
73
- // GOOD
74
- final dbUrl = const String.fromEnvironment('DATABASE_URL');
75
- ```
76
-
77
- ### Debug/Test Credentials
78
- ```dart
79
- // BAD - Test credentials in production code
80
- const testUser = 'admin';
81
- const testPassword = 'admin123';
82
-
83
- // GOOD - Only in test files, never committed
84
- // Use environment variables or test fixtures
85
- ```
86
-
87
- ## Remediation Steps
88
-
89
- 1. **Rotate immediately** - Consider secret compromised
90
- 2. **Remove from code** - Replace with environment variable
91
- 3. **Remove from git history** - Use BFG or git filter-branch
92
- 4. **Add to .gitignore** - Prevent future commits
93
- 5. **Use secure storage** - flutter_secure_storage for runtime secrets
94
- 6. **Use --dart-define** - For build-time configuration
95
-
96
- ```bash
97
- # Build with environment variables
98
- flutter build apk --dart-define=API_KEY=$API_KEY
99
-
100
- # Access in code
101
- const apiKey = String.fromEnvironment('API_KEY');
102
- ```
103
-
104
- ## Pre-commit Prevention
105
-
106
- ```yaml
107
- # .pre-commit-config.yaml
108
- repos:
109
- - repo: https://github.com/gitleaks/gitleaks
110
- rev: v8.18.0
111
- hooks:
112
- - id: gitleaks
113
- ```
114
-
115
- ## Quick Reference
116
-
117
- | Location | Risk Level | Action |
118
- | --------------------------- | ---------- | --------------------------- |
119
- | Source code (.dart) | Critical | Remove, use env vars |
120
- | Config files | High | Move to .gitignore |
121
- | Git history | Critical | Rewrite history |
122
- | Build artifacts | Medium | Ensure not committed |
123
- | Comments/TODOs | Medium | Remove sensitive info |
package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md DELETED
@@ -1,16 +0,0 @@
1
- # Secure storage policy (mobile)
2
-
3
- ## Token storage
4
- Preferred:
5
- - Platform-backed secure storage for auth tokens
6
-
7
- If you must use SharedPreferences:
8
- - access tokens should be short-lived
9
- - never store refresh token unless encrypted/secured
10
- - clear all tokens on logout
11
- - guard against backup/restore exposures where relevant
12
-
13
- ## Cached user/profile data
14
- - Apply TTL
15
- - Avoid caching sensitive PII unless required for offline
16
- - Clear per-organization/user on logout or org switch
package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md DELETED
@@ -1,189 +0,0 @@
1
- # Vulnerability Patterns
2
-
3
- > Reference for: Security Reviewer
4
- > Load when: Manual security code review
5
-
6
- ## SQL/NoSQL Injection
7
-
8
- ```dart
9
- // VULNERABLE - String interpolation
10
- final query = "SELECT * FROM users WHERE id = $userId";
11
-
12
- // SECURE - Parameterized queries (Sqflite)
13
- final result = await db.query(
14
- 'users',
15
- where: 'id = ?',
16
- whereArgs: [userId],
17
- );
18
-
19
- // SECURE - ORM (Isar)
20
- final user = await isar.users.filter().idEqualTo(userId).findFirst();
21
- ```
22
-
23
- ## Path Traversal
24
-
25
- ```dart
26
- // VULNERABLE
27
- final file = File('$uploadDir/${request.filename}');
28
-
29
- // SECURE - Validate and normalize
30
- final filename = path.basename(request.filename);
31
- final file = File(path.join(uploadDir, filename));
32
-
33
- // Verify path is within allowed directory
34
- if (!file.path.startsWith(path.canonicalize(uploadDir))) {
35
- throw SecurityException('Invalid path');
36
- }
37
- ```
38
-
39
- ## Insecure Direct Object Reference (IDOR)
40
-
41
- ```dart
42
- // VULNERABLE - No authorization check
43
- Future<Document> getDocument(String docId) async {
44
- return await documentRepository.findById(docId);
45
- }
46
-
47
- // SECURE - Verify ownership
48
- Future<Document> getDocument(String docId, String userId) async {
49
- final doc = await documentRepository.findById(docId);
50
- if (doc.ownerId != userId) {
51
- throw UnauthorizedException('Access denied');
52
- }
53
- return doc;
54
- }
55
- ```
56
-
57
- ## Sensitive Data Exposure
58
-
59
- ```dart
60
- // VULNERABLE - Logging sensitive data
61
- logger.info('User login: email=$email, password=$password');
62
- logger.debug('Token: $authToken');
63
-
64
- // SECURE - Redact sensitive fields
65
- logger.info('User login: email=$email');
66
- logger.debug('Token: [REDACTED]');
67
-
68
- // VULNERABLE - Error response exposes internals
69
- return Response.error(exception.stackTrace.toString());
70
-
71
- // SECURE - Generic error
72
- return Response.error('An error occurred');
73
- ```
74
-
75
- ## Insecure Storage
76
-
77
- ```dart
78
- // VULNERABLE - Plain SharedPreferences for tokens
79
- final prefs = await SharedPreferences.getInstance();
80
- await prefs.setString('auth_token', token);
81
-
82
- // SECURE - Use flutter_secure_storage
83
- final storage = FlutterSecureStorage();
84
- await storage.write(key: 'auth_token', value: token);
85
-
86
- // VULNERABLE - Unencrypted Isar for sensitive data
87
- final isar = await Isar.open([UserSchema]);
88
-
89
- // SECURE - Encrypted Isar
90
- final isar = await Isar.open(
91
- [UserSchema],
92
- encryptionKey: encryptionKey,
93
- );
94
- ```
95
-
96
- ## Authentication Bypass
97
-
98
- ```dart
99
- // VULNERABLE - Client-side only check
100
- if (user.role == 'admin') {
101
- showAdminPanel();
102
- }
103
-
104
- // SECURE - Server validates, client just displays
105
- // Server: verify role in JWT/session before returning admin data
106
- // Client: display based on server response
107
-
108
- // VULNERABLE - Trusting client headers
109
- final orgId = request.headers['X-Org-Id'];
110
-
111
- // SECURE - Derive from authenticated session
112
- final orgId = authenticatedUser.organizationId;
113
- ```
114
-
115
- ## Session Management Issues
116
-
117
- ```dart
118
- // VULNERABLE - No session timeout
119
- // Token never expires
120
-
121
- // SECURE - Short-lived access tokens + refresh
122
- final accessToken = jwt.sign(
123
- payload,
124
- secret,
125
- expiresIn: Duration(minutes: 15),
126
- );
127
-
128
- // VULNERABLE - Session not cleared on logout
129
- Future<void> logout() async {
130
- // Just navigate away
131
- context.go('/login');
132
- }
133
-
134
- // SECURE - Clear all sensitive data
135
- Future<void> logout() async {
136
- await secureStorage.deleteAll();
137
- await isar.writeTxn(() => isar.clear());
138
- ref.invalidate(sessionProvider);
139
- context.go('/login');
140
- }
141
- ```
142
-
143
- ## Deep Link Security
144
-
145
- ```dart
146
- // VULNERABLE - No auth check on deep link
147
- GoRoute(
148
- path: '/document/:id',
149
- builder: (context, state) => DocumentView(id: state.params['id']!),
150
- )
151
-
152
- // SECURE - Guard protects deep links
153
- GoRoute(
154
- path: '/document/:id',
155
- redirect: (context, state) {
156
- if (!isAuthenticated) return '/login?redirect=${state.uri}';
157
- return null;
158
- },
159
- builder: (context, state) => DocumentView(id: state.params['id']!),
160
- )
161
- ```
162
-
163
- ## Quick Reference
164
-
165
- | Vulnerability | Input Vector | Prevention |
166
- | ----------------- | --------------- | ----------------------------- |
167
- | SQL Injection | Query params | Parameterized queries |
168
- | Path Traversal | File paths | path.basename + validation |
169
- | IDOR | Resource IDs | Authorization checks |
170
- | Data Exposure | Logs, errors | Redaction, generic errors |
171
- | Insecure Storage | Local storage | flutter_secure_storage |
172
- | Auth Bypass | Client checks | Server-side validation |
173
- | Session Issues | Token handling | Short TTL, proper logout |
174
- | Deep Link Bypass | URL schemes | Route guards |
175
-
176
- ## OWASP Mobile Top 10 Mapping
177
-
178
- | OWASP Mobile | Vulnerabilities |
179
- | ------------------------- | ---------------------------------- |
180
- | M1 Improper Platform Use | Insecure storage, deep link bypass |
181
- | M2 Insecure Data Storage | SharedPreferences for tokens |
182
- | M3 Insecure Communication | HTTP, no cert pinning |
183
- | M4 Insecure Authentication| Weak session, no timeout |
184
- | M5 Insufficient Crypto | Weak encryption, hardcoded keys |
185
- | M6 Insecure Authorization | IDOR, client-side checks |
186
- | M7 Client Code Quality | Injection, path traversal |
187
- | M8 Code Tampering | No integrity checks |
188
- | M9 Reverse Engineering | Hardcoded secrets |
189
- | M10 Extraneous Functionality | Debug endpoints, test data |
package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/templates/security_review_response.md DELETED
@@ -1,31 +0,0 @@
1
- # Security Review (OneUp HR)
2
-
3
- ## Threat summary
4
- - ...
5
-
6
- ## Findings
7
-
8
- ### CRITICAL
9
- - **...**
10
- - Risk:
11
- - Evidence:
12
- - Fix:
13
-
14
- ### HIGH
15
- - ...
16
-
17
- ### MED
18
- - ...
19
-
20
- ### LOW
21
- - ...
22
-
23
- ## Concrete mitigations
24
- 1) ...
25
- 2) ...
26
-
27
- ## Security regression checks
28
- - [ ] ...
29
-
30
- ## Logging & privacy audit
31
- - ...