@cubis/foundry 0.3.34 → 0.3.35

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (590) hide show
  1. package/README.md +56 -11
  2. package/bin/cubis.js +2809 -965
  3. package/mcp/.dockerignore +5 -0
  4. package/mcp/Dockerfile +19 -0
  5. package/mcp/README.md +550 -11
  6. package/mcp/config.json +18 -0
  7. package/mcp/dist/index.d.ts +1 -0
  8. package/mcp/dist/index.js +1488 -0
  9. package/mcp/package.json +36 -0
  10. package/mcp/src/cbxConfig/index.ts +23 -0
  11. package/mcp/src/cbxConfig/paths.ts +45 -0
  12. package/mcp/src/cbxConfig/reader.ts +149 -0
  13. package/mcp/src/cbxConfig/readerWriter.test.ts +147 -0
  14. package/mcp/src/cbxConfig/serviceConfig.test.ts +42 -0
  15. package/mcp/src/cbxConfig/serviceConfig.ts +157 -0
  16. package/mcp/src/cbxConfig/types.ts +44 -0
  17. package/mcp/src/cbxConfig/writer.ts +90 -0
  18. package/mcp/src/config/index.test.ts +81 -0
  19. package/mcp/src/config/index.ts +45 -0
  20. package/mcp/src/config/schema.ts +55 -0
  21. package/mcp/src/gateway/catalog.ts +37 -0
  22. package/mcp/src/gateway/config.ts +247 -0
  23. package/mcp/src/gateway/manager.ts +255 -0
  24. package/mcp/src/gateway/types.ts +54 -0
  25. package/mcp/src/gateway/upstreamClient.ts +80 -0
  26. package/mcp/src/index.ts +211 -0
  27. package/mcp/src/server.ts +219 -0
  28. package/mcp/src/tools/configTools.test.ts +166 -0
  29. package/mcp/src/tools/future/README.md +21 -0
  30. package/mcp/src/tools/future/index.ts +8 -0
  31. package/mcp/src/tools/index.ts +76 -0
  32. package/mcp/src/tools/mcpGateway.ts +44 -0
  33. package/mcp/src/tools/postmanGetMode.ts +82 -0
  34. package/mcp/src/tools/postmanGetStatus.ts +65 -0
  35. package/mcp/src/tools/postmanModes.ts +28 -0
  36. package/mcp/src/tools/postmanSetMode.ts +71 -0
  37. package/mcp/src/tools/skillBrowseCategory.ts +54 -0
  38. package/mcp/src/tools/skillGet.ts +43 -0
  39. package/mcp/src/tools/skillListCategories.ts +40 -0
  40. package/mcp/src/tools/skillSearch.ts +72 -0
  41. package/mcp/src/tools/skillTools.test.ts +126 -0
  42. package/mcp/src/tools/stitchGetMode.ts +58 -0
  43. package/mcp/src/tools/stitchGetStatus.ts +70 -0
  44. package/mcp/src/tools/stitchSetProfile.ts +82 -0
  45. package/mcp/src/transports/stdio.ts +9 -0
  46. package/mcp/src/transports/streamableHttp.ts +43 -0
  47. package/mcp/src/upstream/passthrough.ts +273 -0
  48. package/mcp/src/utils/errors.ts +38 -0
  49. package/mcp/src/utils/logger.ts +63 -0
  50. package/mcp/src/vault/manifest.test.ts +126 -0
  51. package/mcp/src/vault/manifest.ts +99 -0
  52. package/mcp/src/vault/scanner.test.ts +70 -0
  53. package/mcp/src/vault/scanner.ts +145 -0
  54. package/mcp/src/vault/types.ts +21 -0
  55. package/package.json +9 -2
  56. package/workflows/scripts/generate-powers.mjs +27 -18
  57. package/workflows/skills/skills_index.json +0 -102
  58. package/workflows/workflows/agent-environment-setup/manifest.json +0 -24
  59. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/nextjs-react-expert/SKILL.md +1 -1
  60. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/skills_index.json +0 -102
  61. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/nextjs-react-expert/SKILL.md +1 -1
  62. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/skills_index.json +0 -102
  63. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/nextjs-react-expert/SKILL.md +1 -1
  64. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/skills_index.json +0 -102
  65. package/mcp/catalogs/default.json +0 -14
  66. package/mcp/powers/atlassian-mcp/POWER.md +0 -91
  67. package/mcp/powers/atlassian-mcp/SKILL.md +0 -88
  68. package/mcp/powers/atlassian-mcp/steering/authentication-patterns.md +0 -520
  69. package/mcp/powers/atlassian-mcp/steering/common-workflows.md +0 -660
  70. package/mcp/powers/atlassian-mcp/steering/confluence-operations.md +0 -528
  71. package/mcp/powers/atlassian-mcp/steering/jira-queries.md +0 -421
  72. package/mcp/powers/atlassian-mcp/steering/mcp-server-setup.md +0 -292
  73. package/mcp/powers/building-mcp-server-on-cloudflare/POWER.md +0 -261
  74. package/mcp/powers/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  75. package/mcp/powers/building-mcp-server-on-cloudflare/steering/examples.md +0 -115
  76. package/mcp/powers/building-mcp-server-on-cloudflare/steering/oauth-setup.md +0 -338
  77. package/mcp/powers/building-mcp-server-on-cloudflare/steering/troubleshooting.md +0 -317
  78. package/mcp/powers/datadog-automation/POWER.md +0 -238
  79. package/mcp/powers/datadog-automation/SKILL.md +0 -235
  80. package/mcp/powers/github-automation/POWER.md +0 -230
  81. package/mcp/powers/github-automation/SKILL.md +0 -227
  82. package/mcp/powers/mcp-builder/LICENSE.txt +0 -202
  83. package/mcp/powers/mcp-builder/POWER.md +0 -179
  84. package/mcp/powers/mcp-builder/SKILL.md +0 -176
  85. package/mcp/powers/mcp-builder/reference/evaluation.md +0 -602
  86. package/mcp/powers/mcp-builder/reference/mcp_best_practices.md +0 -915
  87. package/mcp/powers/mcp-builder/reference/node_mcp_server.md +0 -916
  88. package/mcp/powers/mcp-builder/reference/python_mcp_server.md +0 -752
  89. package/mcp/powers/mcp-builder/scripts/connections.py +0 -151
  90. package/mcp/powers/mcp-builder/scripts/evaluation.py +0 -373
  91. package/mcp/powers/mcp-builder/scripts/example_evaluation.xml +0 -22
  92. package/mcp/powers/mcp-builder/scripts/requirements.txt +0 -2
  93. package/mcp/powers/mcp-developer/POWER.md +0 -88
  94. package/mcp/powers/mcp-developer/SKILL.md +0 -85
  95. package/mcp/powers/mcp-developer/steering/protocol.md +0 -244
  96. package/mcp/powers/mcp-developer/steering/python-sdk.md +0 -367
  97. package/mcp/powers/mcp-developer/steering/resources.md +0 -554
  98. package/mcp/powers/mcp-developer/steering/tools.md +0 -480
  99. package/mcp/powers/mcp-developer/steering/typescript-sdk.md +0 -350
  100. package/mcp/powers/postman/POWER.md +0 -243
  101. package/mcp/powers/postman/SKILL.md +0 -240
  102. package/mcp/powers/postman/flutter-expert/POWER.md +0 -89
  103. package/mcp/powers/postman/flutter-expert/SKILL.md +0 -77
  104. package/mcp/powers/postman/flutter-expert/steering/bloc-state.md +0 -259
  105. package/mcp/powers/postman/flutter-expert/steering/engineering-principles.md +0 -82
  106. package/mcp/powers/postman/flutter-expert/steering/gorouter-navigation.md +0 -157
  107. package/mcp/powers/postman/flutter-expert/steering/performance.md +0 -99
  108. package/mcp/powers/postman/flutter-expert/steering/project-structure.md +0 -77
  109. package/mcp/powers/postman/flutter-expert/steering/riverpod-state.md +0 -404
  110. package/mcp/powers/postman/flutter-expert/steering/widget-patterns.md +0 -123
  111. package/mcp/powers/postman/flutter-security-reviewer/POWER.md +0 -204
  112. package/mcp/powers/postman/flutter-security-reviewer/SKILL.md +0 -180
  113. package/mcp/powers/postman/flutter-security-reviewer/steering/log_redaction.md +0 -17
  114. package/mcp/powers/postman/flutter-security-reviewer/steering/network_hardening.md +0 -13
  115. package/mcp/powers/postman/flutter-security-reviewer/steering/secret-scanning.md +0 -123
  116. package/mcp/powers/postman/flutter-security-reviewer/steering/secure_storage_policy.md +0 -16
  117. package/mcp/powers/postman/flutter-security-reviewer/steering/vulnerability-patterns.md +0 -189
  118. package/mcp/powers/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  119. package/mcp/powers/postman/flutter-test-master/POWER.md +0 -527
  120. package/mcp/powers/postman/flutter-test-master/SKILL.md +0 -513
  121. package/mcp/powers/postman/flutter-test-master/steering/golden-testing.md +0 -444
  122. package/mcp/powers/postman/flutter-test-master/steering/integration-testing.md +0 -688
  123. package/mcp/powers/postman/flutter-test-master/steering/property-testing.md +0 -408
  124. package/mcp/powers/postman/flutter-test-master/steering/riverpod-testing.md +0 -606
  125. package/mcp/powers/postman/flutter-test-master/steering/test-utilities.md +0 -566
  126. package/mcp/powers/postman/flutter-test-master/steering/unit-testing.md +0 -511
  127. package/mcp/powers/postman/flutter-test-master/steering/widget-testing.md +0 -601
  128. package/mcp/powers/postman/git-commit/POWER.md +0 -47
  129. package/mcp/powers/postman/git-commit/SKILL.md +0 -46
  130. package/mcp/powers/postman/gorouter-restoration/POWER.md +0 -227
  131. package/mcp/powers/postman/gorouter-restoration/SKILL.md +0 -217
  132. package/mcp/powers/postman/gorouter-restoration/steering/guard_patterns.md +0 -14
  133. package/mcp/powers/postman/gorouter-restoration/steering/tab_preservation.md +0 -12
  134. package/mcp/powers/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  135. package/mcp/powers/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  136. package/mcp/powers/postman/mcp.json +0 -11
  137. package/mcp/powers/postman/microservices-architect/POWER.md +0 -109
  138. package/mcp/powers/postman/microservices-architect/SKILL.md +0 -93
  139. package/mcp/powers/postman/microservices-architect/steering/communication.md +0 -499
  140. package/mcp/powers/postman/microservices-architect/steering/data.md +0 -721
  141. package/mcp/powers/postman/microservices-architect/steering/decomposition.md +0 -344
  142. package/mcp/powers/postman/microservices-architect/steering/observability.md +0 -805
  143. package/mcp/powers/postman/microservices-architect/steering/patterns.md +0 -603
  144. package/mcp/powers/postman/nestjs-expert/POWER.md +0 -130
  145. package/mcp/powers/postman/nestjs-expert/SKILL.md +0 -114
  146. package/mcp/powers/postman/nestjs-expert/steering/authentication.md +0 -461
  147. package/mcp/powers/postman/nestjs-expert/steering/controllers-routing.md +0 -114
  148. package/mcp/powers/postman/nestjs-expert/steering/dtos-validation.md +0 -156
  149. package/mcp/powers/postman/nestjs-expert/steering/migration-from-express.md +0 -1240
  150. package/mcp/powers/postman/nestjs-expert/steering/secure-sessions.md +0 -56
  151. package/mcp/powers/postman/nestjs-expert/steering/services-di.md +0 -143
  152. package/mcp/powers/postman/nestjs-expert/steering/strangler-fig-pattern.md +0 -47
  153. package/mcp/powers/postman/nestjs-expert/steering/testing-patterns.md +0 -189
  154. package/mcp/powers/postman/oneup-design/POWER.md +0 -72
  155. package/mcp/powers/postman/oneup-design/SKILL.md +0 -71
  156. package/mcp/powers/postman/oneup-design/steering/colors.md +0 -41
  157. package/mcp/powers/postman/oneup-design/steering/components.md +0 -53
  158. package/mcp/powers/postman/oneup-design/steering/spacing.md +0 -84
  159. package/mcp/powers/postman/openapi-docs/POWER.md +0 -78
  160. package/mcp/powers/postman/openapi-docs/SKILL.md +0 -68
  161. package/mcp/powers/postman/openapi-docs/steering/crud-templates.md +0 -43
  162. package/mcp/powers/postman/openapi-docs/steering/framework-express.md +0 -19
  163. package/mcp/powers/postman/openapi-docs/steering/framework-fastapi.md +0 -20
  164. package/mcp/powers/postman/openapi-docs/steering/framework-nestjs.md +0 -20
  165. package/mcp/powers/postman/openapi-docs/steering/framework-raw-openapi.md +0 -14
  166. package/mcp/powers/postman/openapi-docs/steering/openapi-checklist.md +0 -33
  167. package/mcp/powers/postman/openapi-docs/steering/stoplight-ui.md +0 -21
  168. package/mcp/powers/postman/steering/steering.md +0 -26
  169. package/mcp/powers/sentry-automation/POWER.md +0 -235
  170. package/mcp/powers/sentry-automation/SKILL.md +0 -232
  171. package/mcp/skills/atlassian-mcp/SKILL.md +0 -88
  172. package/mcp/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  173. package/mcp/skills/atlassian-mcp/references/common-workflows.md +0 -660
  174. package/mcp/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  175. package/mcp/skills/atlassian-mcp/references/jira-queries.md +0 -421
  176. package/mcp/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  177. package/mcp/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  178. package/mcp/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  179. package/mcp/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  180. package/mcp/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  181. package/mcp/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  182. package/mcp/skills/datadog-automation/SKILL.md +0 -235
  183. package/mcp/skills/github-automation/SKILL.md +0 -227
  184. package/mcp/skills/mcp-builder/LICENSE.txt +0 -202
  185. package/mcp/skills/mcp-builder/SKILL.md +0 -176
  186. package/mcp/skills/mcp-builder/reference/evaluation.md +0 -602
  187. package/mcp/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  188. package/mcp/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  189. package/mcp/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  190. package/mcp/skills/mcp-builder/scripts/connections.py +0 -151
  191. package/mcp/skills/mcp-builder/scripts/evaluation.py +0 -373
  192. package/mcp/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  193. package/mcp/skills/mcp-builder/scripts/requirements.txt +0 -2
  194. package/mcp/skills/mcp-developer/SKILL.md +0 -85
  195. package/mcp/skills/mcp-developer/references/protocol.md +0 -244
  196. package/mcp/skills/mcp-developer/references/python-sdk.md +0 -367
  197. package/mcp/skills/mcp-developer/references/resources.md +0 -554
  198. package/mcp/skills/mcp-developer/references/tools.md +0 -480
  199. package/mcp/skills/mcp-developer/references/typescript-sdk.md +0 -350
  200. package/mcp/skills/postman/POWER.md +0 -242
  201. package/mcp/skills/postman/SKILL.md +0 -240
  202. package/mcp/skills/postman/flutter-expert/POWER.md +0 -89
  203. package/mcp/skills/postman/flutter-expert/SKILL.md +0 -77
  204. package/mcp/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  205. package/mcp/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  206. package/mcp/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  207. package/mcp/skills/postman/flutter-expert/references/performance.md +0 -99
  208. package/mcp/skills/postman/flutter-expert/references/project-structure.md +0 -77
  209. package/mcp/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  210. package/mcp/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  211. package/mcp/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  212. package/mcp/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  213. package/mcp/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  214. package/mcp/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  215. package/mcp/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  216. package/mcp/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  217. package/mcp/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  218. package/mcp/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  219. package/mcp/skills/postman/flutter-test-master/POWER.md +0 -527
  220. package/mcp/skills/postman/flutter-test-master/SKILL.md +0 -513
  221. package/mcp/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  222. package/mcp/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  223. package/mcp/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  224. package/mcp/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  225. package/mcp/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  226. package/mcp/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  227. package/mcp/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  228. package/mcp/skills/postman/git-commit/POWER.md +0 -47
  229. package/mcp/skills/postman/git-commit/SKILL.md +0 -46
  230. package/mcp/skills/postman/gorouter-restoration/POWER.md +0 -227
  231. package/mcp/skills/postman/gorouter-restoration/SKILL.md +0 -217
  232. package/mcp/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  233. package/mcp/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  234. package/mcp/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  235. package/mcp/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  236. package/mcp/skills/postman/mcp.json +0 -11
  237. package/mcp/skills/postman/microservices-architect/POWER.md +0 -109
  238. package/mcp/skills/postman/microservices-architect/SKILL.md +0 -93
  239. package/mcp/skills/postman/microservices-architect/references/communication.md +0 -499
  240. package/mcp/skills/postman/microservices-architect/references/data.md +0 -721
  241. package/mcp/skills/postman/microservices-architect/references/decomposition.md +0 -344
  242. package/mcp/skills/postman/microservices-architect/references/observability.md +0 -805
  243. package/mcp/skills/postman/microservices-architect/references/patterns.md +0 -603
  244. package/mcp/skills/postman/nestjs-expert/POWER.md +0 -130
  245. package/mcp/skills/postman/nestjs-expert/SKILL.md +0 -114
  246. package/mcp/skills/postman/nestjs-expert/references/authentication.md +0 -461
  247. package/mcp/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  248. package/mcp/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  249. package/mcp/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  250. package/mcp/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  251. package/mcp/skills/postman/nestjs-expert/references/services-di.md +0 -143
  252. package/mcp/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  253. package/mcp/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  254. package/mcp/skills/postman/oneup-design/POWER.md +0 -72
  255. package/mcp/skills/postman/oneup-design/SKILL.md +0 -71
  256. package/mcp/skills/postman/oneup-design/references/colors.md +0 -41
  257. package/mcp/skills/postman/oneup-design/references/components.md +0 -53
  258. package/mcp/skills/postman/oneup-design/references/spacing.md +0 -84
  259. package/mcp/skills/postman/openapi-docs/POWER.md +0 -78
  260. package/mcp/skills/postman/openapi-docs/SKILL.md +0 -68
  261. package/mcp/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  262. package/mcp/skills/postman/openapi-docs/references/framework-express.md +0 -19
  263. package/mcp/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  264. package/mcp/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  265. package/mcp/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  266. package/mcp/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  267. package/mcp/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  268. package/mcp/skills/postman/references/steering.md +0 -26
  269. package/mcp/skills/sentry-automation/SKILL.md +0 -232
  270. package/workflows/powers/atlassian-mcp/POWER.md +0 -21
  271. package/workflows/powers/atlassian-mcp/SKILL.md +0 -18
  272. package/workflows/powers/building-mcp-server-on-cloudflare/POWER.md +0 -21
  273. package/workflows/powers/building-mcp-server-on-cloudflare/SKILL.md +0 -18
  274. package/workflows/powers/datadog-automation/POWER.md +0 -21
  275. package/workflows/powers/datadog-automation/SKILL.md +0 -18
  276. package/workflows/powers/github-automation/POWER.md +0 -21
  277. package/workflows/powers/github-automation/SKILL.md +0 -18
  278. package/workflows/powers/mcp-builder/POWER.md +0 -21
  279. package/workflows/powers/mcp-builder/SKILL.md +0 -18
  280. package/workflows/powers/mcp-developer/POWER.md +0 -21
  281. package/workflows/powers/mcp-developer/SKILL.md +0 -18
  282. package/workflows/powers/postman/POWER.md +0 -21
  283. package/workflows/powers/postman/SKILL.md +0 -18
  284. package/workflows/powers/sentry-automation/POWER.md +0 -21
  285. package/workflows/powers/sentry-automation/SKILL.md +0 -18
  286. package/workflows/skills/atlassian-mcp/SKILL.md +0 -18
  287. package/workflows/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -18
  288. package/workflows/skills/datadog-automation/SKILL.md +0 -18
  289. package/workflows/skills/github-automation/SKILL.md +0 -18
  290. package/workflows/skills/mcp-builder/SKILL.md +0 -18
  291. package/workflows/skills/mcp-developer/SKILL.md +0 -18
  292. package/workflows/skills/postman/SKILL.md +0 -18
  293. package/workflows/skills/sentry-automation/SKILL.md +0 -18
  294. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/SKILL.md +0 -88
  295. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  296. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/common-workflows.md +0 -660
  297. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  298. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/jira-queries.md +0 -421
  299. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  300. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  301. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  302. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  303. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  304. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  305. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/datadog-automation/SKILL.md +0 -235
  306. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/github-automation/SKILL.md +0 -227
  307. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/LICENSE.txt +0 -202
  308. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/SKILL.md +0 -176
  309. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/evaluation.md +0 -602
  310. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  311. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  312. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  313. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/connections.py +0 -151
  314. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/evaluation.py +0 -373
  315. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  316. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/requirements.txt +0 -2
  317. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/SKILL.md +0 -85
  318. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/protocol.md +0 -244
  319. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/python-sdk.md +0 -367
  320. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/resources.md +0 -554
  321. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/tools.md +0 -480
  322. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/typescript-sdk.md +0 -350
  323. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/POWER.md +0 -242
  324. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/SKILL.md +0 -240
  325. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/POWER.md +0 -89
  326. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/SKILL.md +0 -77
  327. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  328. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  329. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  330. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/performance.md +0 -99
  331. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/project-structure.md +0 -77
  332. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  333. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  334. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  335. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  336. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  337. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  338. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  339. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  340. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  341. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  342. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/POWER.md +0 -527
  343. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/SKILL.md +0 -513
  344. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  345. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  346. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  347. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  348. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  349. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  350. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  351. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/git-commit/POWER.md +0 -47
  352. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/git-commit/SKILL.md +0 -46
  353. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/POWER.md +0 -227
  354. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/SKILL.md +0 -217
  355. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  356. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  357. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  358. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  359. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/mcp.json +0 -11
  360. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/POWER.md +0 -109
  361. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/SKILL.md +0 -93
  362. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/communication.md +0 -499
  363. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/data.md +0 -721
  364. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/decomposition.md +0 -344
  365. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/observability.md +0 -805
  366. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/patterns.md +0 -603
  367. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/POWER.md +0 -130
  368. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/SKILL.md +0 -114
  369. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/authentication.md +0 -461
  370. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  371. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  372. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  373. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  374. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/services-di.md +0 -143
  375. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  376. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  377. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/POWER.md +0 -72
  378. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/SKILL.md +0 -71
  379. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/references/colors.md +0 -41
  380. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/references/components.md +0 -53
  381. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/references/spacing.md +0 -84
  382. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/POWER.md +0 -78
  383. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/SKILL.md +0 -68
  384. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  385. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-express.md +0 -19
  386. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  387. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  388. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  389. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  390. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  391. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/references/steering.md +0 -26
  392. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/sentry-automation/SKILL.md +0 -232
  393. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/SKILL.md +0 -88
  394. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  395. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/common-workflows.md +0 -660
  396. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  397. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/jira-queries.md +0 -421
  398. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  399. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  400. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  401. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  402. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  403. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  404. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/datadog-automation/SKILL.md +0 -235
  405. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/github-automation/SKILL.md +0 -227
  406. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/LICENSE.txt +0 -202
  407. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/SKILL.md +0 -176
  408. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/evaluation.md +0 -602
  409. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  410. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  411. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  412. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/connections.py +0 -151
  413. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/evaluation.py +0 -373
  414. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  415. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/requirements.txt +0 -2
  416. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/SKILL.md +0 -85
  417. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/protocol.md +0 -244
  418. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/python-sdk.md +0 -367
  419. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/resources.md +0 -554
  420. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/tools.md +0 -480
  421. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/typescript-sdk.md +0 -350
  422. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/POWER.md +0 -242
  423. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/SKILL.md +0 -240
  424. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/POWER.md +0 -89
  425. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/SKILL.md +0 -77
  426. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  427. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  428. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  429. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/performance.md +0 -99
  430. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/project-structure.md +0 -77
  431. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  432. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  433. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  434. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  435. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  436. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  437. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  438. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  439. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  440. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  441. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/POWER.md +0 -527
  442. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/SKILL.md +0 -513
  443. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  444. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  445. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  446. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  447. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  448. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  449. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  450. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/git-commit/POWER.md +0 -47
  451. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/git-commit/SKILL.md +0 -46
  452. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/POWER.md +0 -227
  453. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/SKILL.md +0 -217
  454. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  455. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  456. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  457. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  458. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/mcp.json +0 -11
  459. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/POWER.md +0 -109
  460. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/SKILL.md +0 -93
  461. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/communication.md +0 -499
  462. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/data.md +0 -721
  463. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/decomposition.md +0 -344
  464. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/observability.md +0 -805
  465. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/patterns.md +0 -603
  466. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/POWER.md +0 -130
  467. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/SKILL.md +0 -114
  468. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/authentication.md +0 -461
  469. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  470. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  471. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  472. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  473. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/services-di.md +0 -143
  474. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  475. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  476. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/POWER.md +0 -72
  477. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/SKILL.md +0 -71
  478. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/references/colors.md +0 -41
  479. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/references/components.md +0 -53
  480. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/references/spacing.md +0 -84
  481. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/POWER.md +0 -78
  482. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/SKILL.md +0 -68
  483. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  484. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-express.md +0 -19
  485. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  486. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  487. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  488. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  489. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  490. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/references/steering.md +0 -26
  491. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/sentry-automation/SKILL.md +0 -232
  492. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/SKILL.md +0 -88
  493. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  494. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/common-workflows.md +0 -660
  495. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  496. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/jira-queries.md +0 -421
  497. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  498. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  499. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  500. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  501. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  502. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  503. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/datadog-automation/SKILL.md +0 -235
  504. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/github-automation/SKILL.md +0 -227
  505. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/LICENSE.txt +0 -202
  506. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/SKILL.md +0 -176
  507. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/evaluation.md +0 -602
  508. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  509. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  510. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  511. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/connections.py +0 -151
  512. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/evaluation.py +0 -373
  513. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  514. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/requirements.txt +0 -2
  515. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/SKILL.md +0 -85
  516. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/protocol.md +0 -244
  517. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/python-sdk.md +0 -367
  518. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/resources.md +0 -554
  519. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/tools.md +0 -480
  520. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/typescript-sdk.md +0 -350
  521. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/POWER.md +0 -242
  522. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/SKILL.md +0 -240
  523. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/POWER.md +0 -89
  524. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/SKILL.md +0 -77
  525. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  526. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  527. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  528. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/performance.md +0 -99
  529. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/project-structure.md +0 -77
  530. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  531. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  532. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  533. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  534. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  535. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  536. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  537. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  538. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  539. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  540. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/POWER.md +0 -527
  541. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/SKILL.md +0 -513
  542. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  543. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  544. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  545. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  546. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  547. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  548. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  549. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/git-commit/POWER.md +0 -47
  550. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/git-commit/SKILL.md +0 -46
  551. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/POWER.md +0 -227
  552. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/SKILL.md +0 -217
  553. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  554. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  555. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  556. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  557. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/mcp.json +0 -11
  558. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/POWER.md +0 -109
  559. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/SKILL.md +0 -93
  560. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/communication.md +0 -499
  561. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/data.md +0 -721
  562. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/decomposition.md +0 -344
  563. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/observability.md +0 -805
  564. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/patterns.md +0 -603
  565. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/POWER.md +0 -130
  566. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/SKILL.md +0 -114
  567. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/authentication.md +0 -461
  568. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  569. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  570. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  571. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  572. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/services-di.md +0 -143
  573. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  574. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  575. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/POWER.md +0 -72
  576. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/SKILL.md +0 -71
  577. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/references/colors.md +0 -41
  578. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/references/components.md +0 -53
  579. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/references/spacing.md +0 -84
  580. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/POWER.md +0 -78
  581. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/SKILL.md +0 -68
  582. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  583. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-express.md +0 -19
  584. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  585. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  586. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  587. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  588. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  589. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/references/steering.md +0 -26
  590. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/sentry-automation/SKILL.md +0 -232
package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/SKILL.md DELETED
@@ -1,180 +0,0 @@
1
- ---
2
- name: "flutter-security-reviewer"
3
- description: "Review Flutter/Dart code for security vulnerabilities: secure storage, network hardening, log redaction, and data protection"
4
- ---
5
-
6
-
7
- # Flutter/Dart Security Reviewer
8
-
9
- ## Overview
10
-
11
- This power helps you identify and fix security vulnerabilities in mobile and web applications, focusing on secure storage, network hardening, log redaction, and sensitive data handling.
12
-
13
- ## When to Use
14
-
15
- - Reviewing code that handles authentication tokens
16
- - Implementing secure storage for sensitive data
17
- - Adding logging/analytics that might expose PII
18
- - Reviewing network requests for security issues
19
- - Implementing biometric authentication
20
- - Handling user passwords or credentials
21
- - Processing payment information
22
- - Storing user preferences that contain sensitive data
23
- - Implementing session management
24
- - Any code that touches user data
25
-
26
- ## Review Output Format
27
-
28
- When reviewing, output exactly:
29
-
30
- 1. **Threat summary** (what could go wrong; 3-6 bullets)
31
- 2. **Findings** grouped by severity (CRITICAL/HIGH/MED/LOW)
32
- 3. **Concrete mitigations** (specific code-level steps)
33
- 4. **Security regression tests/checks** (what to verify)
34
- 5. **Logging & privacy audit** (PII, tokens, crash reports)
35
-
36
- ## Severity Definitions
37
-
38
- - **CRITICAL**: Token/session compromise, auth bypass, remote code/data exposure, storing secrets insecurely, PII leakage
39
- - **HIGH**: Weak access control, insecure defaults, sensitive data in logs, missing TLS assumptions
40
- - **MED**: Hardening gaps (timeouts, retry abuse, overly broad permissions)
41
- - **LOW**: Best-practice improvements
42
-
43
-
44
- ## 1) Authentication & Session Security
45
-
46
- ### Tokens
47
-
48
- **CRITICAL:**
49
- - Tokens in logs, analytics events, crash reports
50
- - Tokens stored in plain SharedPreferences without justification
51
-
52
- **Recommendations:**
53
- - Prefer secure storage for tokens (platform-backed) where possible
54
- - If SharedPreferences must be used, ensure:
55
- - Short-lived access tokens + refresh tokens handled carefully
56
- - Minimal token surface; never log
57
-
58
- ### Route Guards
59
- - Ensure router guards cannot be bypassed by deep links
60
- - Guard decisions must use authoritative session provider state
61
- - Avoid redirect loops (secure + usability)
62
-
63
-
64
- ## 2) Network Security
65
-
66
- ### Checklist
67
- - [ ] Use HTTPS in UAT/Prod baseUrl
68
- - [ ] Reasonable timeouts (connect/receive)
69
- - [ ] Avoid disabling cert validation
70
- - [ ] Do not accept all certs in production
71
- - [ ] Interceptors must not log sensitive headers or body fields
72
-
73
- ### Retry Policy
74
- - Avoid retrying non-idempotent requests unless safe
75
- - Backoff + max attempts
76
-
77
- ### Device ↔ Gateway Security
78
- - Prefer server-side validation and proper auth
79
- - Never "security-by-obscurity" headers
80
-
81
-
82
- ## 3) Local Data Protection
83
-
84
- **CRITICAL:**
85
- - Storing PII or tokens unencrypted without threat model
86
-
87
- **Guidance:**
88
- - Store only what's needed offline
89
- - Encrypt sensitive cached blobs if possible, or avoid caching them
90
- - Apply TTL to cached session/profile data
91
- - Clear data on logout
92
-
93
-
94
- ## 4) Input Validation & Injection Safety
95
-
96
- - [ ] Validate all user inputs before sending to API
97
- - [ ] Avoid string interpolation for SQL queries: use parameters
98
- - [ ] Avoid trusting client-only checks (roles, orgId); server must enforce
99
-
100
-
101
- ## 5) Privacy, Logging, Analytics
102
-
103
- **CRITICAL:**
104
- - PII in logs (`name`, `phone`, `location`, identifiers)
105
- - Tokens/headers in logs
106
- - Crashlytics sending PII
107
-
108
- **Guidance:**
109
- - Redact: Authorization headers, cookies, IDs if sensitive
110
- - Provide `toSafeLog()` helpers
111
- - Ensure debug logging is disabled/limited in release builds
112
-
113
-
114
- ## 6) Dependency & Supply Chain Hygiene
115
-
116
- - [ ] Check new packages are reputable and maintained
117
- - [ ] Avoid adding packages that request broad permissions without need
118
- - [ ] Pin versions as appropriate; review changelogs for security fixes
119
-
120
-
121
- ## 7) Security Review Checklist for PRs
122
-
123
- ### Always Search For
124
- - `print(`, `debugPrint(`, logging interceptors
125
- - `Authorization`, `token`, `refresh`, `secret`, `apiKey`
126
- - `badCertificateCallback`, `HttpClient` overrides
127
- - Persistent storage of user/session data
128
-
129
- ### Enforce
130
- - [ ] No secrets in repo
131
- - [ ] No insecure network overrides in production
132
- - [ ] Logout clears sensitive local data
133
- - [ ] Access control enforced server-side (don't trust client role/org headers alone)
134
-
135
-
136
- ## Quick Reference
137
-
138
- ### Secure Storage (DO)
139
-
140
- ```dart
141
- // ✅ Use flutter_secure_storage for tokens
142
- final storage = FlutterSecureStorage();
143
- await storage.write(key: 'auth_token', value: token);
144
- ```
145
-
146
- ### Secure Storage (DON'T)
147
-
148
- ```dart
149
- // ❌ Never store tokens in SharedPreferences
150
- final prefs = await SharedPreferences.getInstance();
151
- prefs.setString('auth_token', token); // INSECURE!
152
-
153
- // ❌ Never hardcode secrets
154
- const apiKey = 'sk_live_abc123'; // NEVER DO THIS
155
- ```
156
-
157
- ### Log Redaction
158
-
159
- ```dart
160
- // ❌ Bad - logs sensitive data
161
- logger.info('User login: ${user.email}, password: ${password}');
162
-
163
- // ✅ Good - no sensitive data in logs
164
- logger.info('User login successful: userId=${user.id}');
165
- ```
166
-
167
-
168
- ## Steering Files
169
-
170
- | File | Load When |
171
- | --------------------------- | -------------------------------------- |
172
- | `secure_storage_policy.md` | What to store where |
173
- | `network_hardening.md` | Network security best practices |
174
- | `log_redaction.md` | How to redact sensitive data from logs |
175
- | `vulnerability-patterns.md` | SQL injection, XSS, IDOR patterns |
176
- | `secret-scanning.md` | Finding hardcoded secrets |
177
-
178
- ## Templates
179
-
180
- - `security_review_response.md` - Security review report template
package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/log_redaction.md DELETED
@@ -1,17 +0,0 @@
1
- # Logging redaction policy
2
-
3
- ## Never log
4
- - Authorization headers
5
- - Cookies
6
- - refresh/access tokens
7
- - passwords/OTP codes
8
- - full request/response bodies containing PII
9
-
10
- ## Recommended
11
- - Log request method + path + status code
12
- - Log timing and correlation ids
13
- - Redact sensitive fields:
14
-
15
- Example (pseudo):
16
- - headers: replace Authorization with "***"
17
- - body: replace keys like token/password with "***"
package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/network_hardening.md DELETED
@@ -1,13 +0,0 @@
1
- # Network hardening (Dio)
2
-
3
- Checklist:
4
- - HTTPS only for UAT/Prod
5
- - Timeouts configured
6
- - Interceptors do not leak sensitive info
7
- - No `badCertificateCallback` in release
8
- - Use request IDs/transaction hashes for tracing (non-secret)
9
-
10
- Retry policy:
11
- - idempotent requests only (GET)
12
- - exponential backoff
13
- - cap attempts
package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/secret-scanning.md DELETED
@@ -1,123 +0,0 @@
1
- # Secret Scanning
2
-
3
- > Reference for: Security Reviewer
4
- > Load when: Scanning for hardcoded secrets
5
-
6
- ## Manual Grep Patterns
7
-
8
- ```bash
9
- # Common secret patterns
10
- grep -rn "api_key\|apikey\|api-key" --include="*.dart" .
11
- grep -rn "secret\|password\|passwd" --include="*.dart" .
12
- grep -rn "private_key\|privatekey" --include="*.dart" .
13
- grep -rn "access_token\|accesstoken" --include="*.dart" .
14
-
15
- # Firebase/Google
16
- grep -rn "AIza[0-9A-Za-z_-]{35}" .
17
- grep -rn "firebase" --include="*.dart" .
18
-
19
- # AWS credentials
20
- grep -rn "AKIA[0-9A-Z]{16}" .
21
- grep -rn "aws_secret_access_key" .
22
-
23
- # Base64 encoded (potential secrets)
24
- grep -rn "[A-Za-z0-9+/]{40,}=" .
25
-
26
- # JWT tokens
27
- grep -rn "eyJ[A-Za-z0-9_-]*\.eyJ[A-Za-z0-9_-]*\." .
28
- ```
29
-
30
- ## Common Secret Patterns
31
-
32
- | Type | Pattern | Example |
33
- | ----------------- | -------------------------------- | -------------------------- |
34
- | AWS Access Key | `AKIA[0-9A-Z]{16}` | AKIAIOSFODNN7EXAMPLE |
35
- | AWS Secret Key | 40 char base64 | wJalrXUtnFEMI/K7MDENG... |
36
- | Firebase API Key | `AIza[0-9A-Za-z_-]{35}` | AIzaSyC... |
37
- | GitHub Token | `ghp_[A-Za-z0-9]{36}` | ghp_xxxxxxxxxxxx |
38
- | Slack Token | `xox[baprs]-` | xoxb-xxx-xxx |
39
- | Stripe Key | `sk_live_[A-Za-z0-9]{24}` | sk_live_xxxx |
40
- | Private Key | `-----BEGIN.*PRIVATE KEY-----` | RSA/EC keys |
41
- | JWT | `eyJ[A-Za-z0-9_-]*\.eyJ` | Encoded tokens |
42
-
43
- ## Flutter-Specific Locations to Check
44
-
45
- ```bash
46
- # Check these files for hardcoded secrets
47
- lib/core/config/
48
- lib/firebase_options.dart
49
- android/app/google-services.json
50
- ios/Runner/GoogleService-Info.plist
51
- .env files
52
- pubspec.yaml (sometimes contains keys)
53
- ```
54
-
55
- ## What to Look For
56
-
57
- ### Hardcoded API Keys
58
- ```dart
59
- // BAD - Hardcoded
60
- const apiKey = 'sk_live_abc123xyz';
61
- const firebaseKey = 'AIzaSyC...';
62
-
63
- // GOOD - Environment variable or secure storage
64
- final apiKey = const String.fromEnvironment('API_KEY');
65
- final apiKey = await secureStorage.read(key: 'api_key');
66
- ```
67
-
68
- ### Hardcoded URLs with Credentials
69
- ```dart
70
- // BAD
71
- const dbUrl = 'postgres://user:password@host:5432/db';
72
-
73
- // GOOD
74
- final dbUrl = const String.fromEnvironment('DATABASE_URL');
75
- ```
76
-
77
- ### Debug/Test Credentials
78
- ```dart
79
- // BAD - Test credentials in production code
80
- const testUser = 'admin';
81
- const testPassword = 'admin123';
82
-
83
- // GOOD - Only in test files, never committed
84
- // Use environment variables or test fixtures
85
- ```
86
-
87
- ## Remediation Steps
88
-
89
- 1. **Rotate immediately** - Consider secret compromised
90
- 2. **Remove from code** - Replace with environment variable
91
- 3. **Remove from git history** - Use BFG or git filter-branch
92
- 4. **Add to .gitignore** - Prevent future commits
93
- 5. **Use secure storage** - flutter_secure_storage for runtime secrets
94
- 6. **Use --dart-define** - For build-time configuration
95
-
96
- ```bash
97
- # Build with environment variables
98
- flutter build apk --dart-define=API_KEY=$API_KEY
99
-
100
- # Access in code
101
- const apiKey = String.fromEnvironment('API_KEY');
102
- ```
103
-
104
- ## Pre-commit Prevention
105
-
106
- ```yaml
107
- # .pre-commit-config.yaml
108
- repos:
109
- - repo: https://github.com/gitleaks/gitleaks
110
- rev: v8.18.0
111
- hooks:
112
- - id: gitleaks
113
- ```
114
-
115
- ## Quick Reference
116
-
117
- | Location | Risk Level | Action |
118
- | --------------------------- | ---------- | --------------------------- |
119
- | Source code (.dart) | Critical | Remove, use env vars |
120
- | Config files | High | Move to .gitignore |
121
- | Git history | Critical | Rewrite history |
122
- | Build artifacts | Medium | Ensure not committed |
123
- | Comments/TODOs | Medium | Remove sensitive info |
package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md DELETED
@@ -1,16 +0,0 @@
1
- # Secure storage policy (mobile)
2
-
3
- ## Token storage
4
- Preferred:
5
- - Platform-backed secure storage for auth tokens
6
-
7
- If you must use SharedPreferences:
8
- - access tokens should be short-lived
9
- - never store refresh token unless encrypted/secured
10
- - clear all tokens on logout
11
- - guard against backup/restore exposures where relevant
12
-
13
- ## Cached user/profile data
14
- - Apply TTL
15
- - Avoid caching sensitive PII unless required for offline
16
- - Clear per-organization/user on logout or org switch
package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md DELETED
@@ -1,189 +0,0 @@
1
- # Vulnerability Patterns
2
-
3
- > Reference for: Security Reviewer
4
- > Load when: Manual security code review
5
-
6
- ## SQL/NoSQL Injection
7
-
8
- ```dart
9
- // VULNERABLE - String interpolation
10
- final query = "SELECT * FROM users WHERE id = $userId";
11
-
12
- // SECURE - Parameterized queries (Sqflite)
13
- final result = await db.query(
14
- 'users',
15
- where: 'id = ?',
16
- whereArgs: [userId],
17
- );
18
-
19
- // SECURE - ORM (Isar)
20
- final user = await isar.users.filter().idEqualTo(userId).findFirst();
21
- ```
22
-
23
- ## Path Traversal
24
-
25
- ```dart
26
- // VULNERABLE
27
- final file = File('$uploadDir/${request.filename}');
28
-
29
- // SECURE - Validate and normalize
30
- final filename = path.basename(request.filename);
31
- final file = File(path.join(uploadDir, filename));
32
-
33
- // Verify path is within allowed directory
34
- if (!file.path.startsWith(path.canonicalize(uploadDir))) {
35
- throw SecurityException('Invalid path');
36
- }
37
- ```
38
-
39
- ## Insecure Direct Object Reference (IDOR)
40
-
41
- ```dart
42
- // VULNERABLE - No authorization check
43
- Future<Document> getDocument(String docId) async {
44
- return await documentRepository.findById(docId);
45
- }
46
-
47
- // SECURE - Verify ownership
48
- Future<Document> getDocument(String docId, String userId) async {
49
- final doc = await documentRepository.findById(docId);
50
- if (doc.ownerId != userId) {
51
- throw UnauthorizedException('Access denied');
52
- }
53
- return doc;
54
- }
55
- ```
56
-
57
- ## Sensitive Data Exposure
58
-
59
- ```dart
60
- // VULNERABLE - Logging sensitive data
61
- logger.info('User login: email=$email, password=$password');
62
- logger.debug('Token: $authToken');
63
-
64
- // SECURE - Redact sensitive fields
65
- logger.info('User login: email=$email');
66
- logger.debug('Token: [REDACTED]');
67
-
68
- // VULNERABLE - Error response exposes internals
69
- return Response.error(exception.stackTrace.toString());
70
-
71
- // SECURE - Generic error
72
- return Response.error('An error occurred');
73
- ```
74
-
75
- ## Insecure Storage
76
-
77
- ```dart
78
- // VULNERABLE - Plain SharedPreferences for tokens
79
- final prefs = await SharedPreferences.getInstance();
80
- await prefs.setString('auth_token', token);
81
-
82
- // SECURE - Use flutter_secure_storage
83
- final storage = FlutterSecureStorage();
84
- await storage.write(key: 'auth_token', value: token);
85
-
86
- // VULNERABLE - Unencrypted Isar for sensitive data
87
- final isar = await Isar.open([UserSchema]);
88
-
89
- // SECURE - Encrypted Isar
90
- final isar = await Isar.open(
91
- [UserSchema],
92
- encryptionKey: encryptionKey,
93
- );
94
- ```
95
-
96
- ## Authentication Bypass
97
-
98
- ```dart
99
- // VULNERABLE - Client-side only check
100
- if (user.role == 'admin') {
101
- showAdminPanel();
102
- }
103
-
104
- // SECURE - Server validates, client just displays
105
- // Server: verify role in JWT/session before returning admin data
106
- // Client: display based on server response
107
-
108
- // VULNERABLE - Trusting client headers
109
- final orgId = request.headers['X-Org-Id'];
110
-
111
- // SECURE - Derive from authenticated session
112
- final orgId = authenticatedUser.organizationId;
113
- ```
114
-
115
- ## Session Management Issues
116
-
117
- ```dart
118
- // VULNERABLE - No session timeout
119
- // Token never expires
120
-
121
- // SECURE - Short-lived access tokens + refresh
122
- final accessToken = jwt.sign(
123
- payload,
124
- secret,
125
- expiresIn: Duration(minutes: 15),
126
- );
127
-
128
- // VULNERABLE - Session not cleared on logout
129
- Future<void> logout() async {
130
- // Just navigate away
131
- context.go('/login');
132
- }
133
-
134
- // SECURE - Clear all sensitive data
135
- Future<void> logout() async {
136
- await secureStorage.deleteAll();
137
- await isar.writeTxn(() => isar.clear());
138
- ref.invalidate(sessionProvider);
139
- context.go('/login');
140
- }
141
- ```
142
-
143
- ## Deep Link Security
144
-
145
- ```dart
146
- // VULNERABLE - No auth check on deep link
147
- GoRoute(
148
- path: '/document/:id',
149
- builder: (context, state) => DocumentView(id: state.params['id']!),
150
- )
151
-
152
- // SECURE - Guard protects deep links
153
- GoRoute(
154
- path: '/document/:id',
155
- redirect: (context, state) {
156
- if (!isAuthenticated) return '/login?redirect=${state.uri}';
157
- return null;
158
- },
159
- builder: (context, state) => DocumentView(id: state.params['id']!),
160
- )
161
- ```
162
-
163
- ## Quick Reference
164
-
165
- | Vulnerability | Input Vector | Prevention |
166
- | ----------------- | --------------- | ----------------------------- |
167
- | SQL Injection | Query params | Parameterized queries |
168
- | Path Traversal | File paths | path.basename + validation |
169
- | IDOR | Resource IDs | Authorization checks |
170
- | Data Exposure | Logs, errors | Redaction, generic errors |
171
- | Insecure Storage | Local storage | flutter_secure_storage |
172
- | Auth Bypass | Client checks | Server-side validation |
173
- | Session Issues | Token handling | Short TTL, proper logout |
174
- | Deep Link Bypass | URL schemes | Route guards |
175
-
176
- ## OWASP Mobile Top 10 Mapping
177
-
178
- | OWASP Mobile | Vulnerabilities |
179
- | ------------------------- | ---------------------------------- |
180
- | M1 Improper Platform Use | Insecure storage, deep link bypass |
181
- | M2 Insecure Data Storage | SharedPreferences for tokens |
182
- | M3 Insecure Communication | HTTP, no cert pinning |
183
- | M4 Insecure Authentication| Weak session, no timeout |
184
- | M5 Insufficient Crypto | Weak encryption, hardcoded keys |
185
- | M6 Insecure Authorization | IDOR, client-side checks |
186
- | M7 Client Code Quality | Injection, path traversal |
187
- | M8 Code Tampering | No integrity checks |
188
- | M9 Reverse Engineering | Hardcoded secrets |
189
- | M10 Extraneous Functionality | Debug endpoints, test data |
package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/templates/security_review_response.md DELETED
@@ -1,31 +0,0 @@
1
- # Security Review (OneUp HR)
2
-
3
- ## Threat summary
4
- - ...
5
-
6
- ## Findings
7
-
8
- ### CRITICAL
9
- - **...**
10
- - Risk:
11
- - Evidence:
12
- - Fix:
13
-
14
- ### HIGH
15
- - ...
16
-
17
- ### MED
18
- - ...
19
-
20
- ### LOW
21
- - ...
22
-
23
- ## Concrete mitigations
24
- 1) ...
25
- 2) ...
26
-
27
- ## Security regression checks
28
- - [ ] ...
29
-
30
- ## Logging & privacy audit
31
- - ...