@cubis/foundry 0.3.34 → 0.3.36

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (594) hide show
  1. package/README.md +56 -11
  2. package/bin/cubis.js +2824 -966
  3. package/mcp/.dockerignore +5 -0
  4. package/mcp/Dockerfile +19 -0
  5. package/mcp/README.md +550 -11
  6. package/mcp/config.json +18 -0
  7. package/mcp/dist/index.d.ts +1 -0
  8. package/mcp/dist/index.js +1488 -0
  9. package/mcp/package.json +36 -0
  10. package/mcp/src/cbxConfig/index.ts +23 -0
  11. package/mcp/src/cbxConfig/paths.ts +45 -0
  12. package/mcp/src/cbxConfig/reader.ts +149 -0
  13. package/mcp/src/cbxConfig/readerWriter.test.ts +147 -0
  14. package/mcp/src/cbxConfig/serviceConfig.test.ts +42 -0
  15. package/mcp/src/cbxConfig/serviceConfig.ts +157 -0
  16. package/mcp/src/cbxConfig/types.ts +44 -0
  17. package/mcp/src/cbxConfig/writer.ts +90 -0
  18. package/mcp/src/config/index.test.ts +81 -0
  19. package/mcp/src/config/index.ts +45 -0
  20. package/mcp/src/config/schema.ts +55 -0
  21. package/mcp/src/gateway/catalog.ts +37 -0
  22. package/mcp/src/gateway/config.ts +247 -0
  23. package/mcp/src/gateway/manager.ts +255 -0
  24. package/mcp/src/gateway/types.ts +54 -0
  25. package/mcp/src/gateway/upstreamClient.ts +80 -0
  26. package/mcp/src/index.ts +211 -0
  27. package/mcp/src/server.ts +219 -0
  28. package/mcp/src/tools/configTools.test.ts +166 -0
  29. package/mcp/src/tools/future/README.md +21 -0
  30. package/mcp/src/tools/future/index.ts +8 -0
  31. package/mcp/src/tools/index.ts +76 -0
  32. package/mcp/src/tools/mcpGateway.ts +44 -0
  33. package/mcp/src/tools/postmanGetMode.ts +82 -0
  34. package/mcp/src/tools/postmanGetStatus.ts +65 -0
  35. package/mcp/src/tools/postmanModes.ts +28 -0
  36. package/mcp/src/tools/postmanSetMode.ts +71 -0
  37. package/mcp/src/tools/skillBrowseCategory.ts +54 -0
  38. package/mcp/src/tools/skillGet.ts +43 -0
  39. package/mcp/src/tools/skillListCategories.ts +40 -0
  40. package/mcp/src/tools/skillSearch.ts +72 -0
  41. package/mcp/src/tools/skillTools.test.ts +126 -0
  42. package/mcp/src/tools/stitchGetMode.ts +58 -0
  43. package/mcp/src/tools/stitchGetStatus.ts +70 -0
  44. package/mcp/src/tools/stitchSetProfile.ts +82 -0
  45. package/mcp/src/transports/stdio.ts +9 -0
  46. package/mcp/src/transports/streamableHttp.ts +43 -0
  47. package/mcp/src/upstream/passthrough.ts +273 -0
  48. package/mcp/src/utils/errors.ts +38 -0
  49. package/mcp/src/utils/logger.ts +63 -0
  50. package/mcp/src/vault/manifest.test.ts +126 -0
  51. package/mcp/src/vault/manifest.ts +99 -0
  52. package/mcp/src/vault/scanner.test.ts +70 -0
  53. package/mcp/src/vault/scanner.ts +145 -0
  54. package/mcp/src/vault/types.ts +21 -0
  55. package/package.json +9 -2
  56. package/workflows/scripts/generate-powers.mjs +27 -18
  57. package/workflows/skills/postman/SKILL.md +11 -12
  58. package/workflows/skills/skills_index.json +11 -93
  59. package/workflows/skills/stitch/SKILL.md +17 -0
  60. package/workflows/workflows/agent-environment-setup/manifest.json +0 -24
  61. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/nextjs-react-expert/SKILL.md +1 -1
  62. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/SKILL.md +9 -232
  63. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/skills_index.json +0 -102
  64. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/stitch/SKILL.md +17 -0
  65. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/nextjs-react-expert/SKILL.md +1 -1
  66. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/SKILL.md +9 -232
  67. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/skills_index.json +0 -102
  68. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/stitch/SKILL.md +17 -0
  69. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/nextjs-react-expert/SKILL.md +1 -1
  70. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/SKILL.md +9 -232
  71. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/skills_index.json +0 -102
  72. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/stitch/SKILL.md +17 -0
  73. package/mcp/catalogs/default.json +0 -14
  74. package/mcp/powers/atlassian-mcp/POWER.md +0 -91
  75. package/mcp/powers/atlassian-mcp/SKILL.md +0 -88
  76. package/mcp/powers/atlassian-mcp/steering/authentication-patterns.md +0 -520
  77. package/mcp/powers/atlassian-mcp/steering/common-workflows.md +0 -660
  78. package/mcp/powers/atlassian-mcp/steering/confluence-operations.md +0 -528
  79. package/mcp/powers/atlassian-mcp/steering/jira-queries.md +0 -421
  80. package/mcp/powers/atlassian-mcp/steering/mcp-server-setup.md +0 -292
  81. package/mcp/powers/building-mcp-server-on-cloudflare/POWER.md +0 -261
  82. package/mcp/powers/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  83. package/mcp/powers/building-mcp-server-on-cloudflare/steering/examples.md +0 -115
  84. package/mcp/powers/building-mcp-server-on-cloudflare/steering/oauth-setup.md +0 -338
  85. package/mcp/powers/building-mcp-server-on-cloudflare/steering/troubleshooting.md +0 -317
  86. package/mcp/powers/datadog-automation/POWER.md +0 -238
  87. package/mcp/powers/datadog-automation/SKILL.md +0 -235
  88. package/mcp/powers/github-automation/POWER.md +0 -230
  89. package/mcp/powers/github-automation/SKILL.md +0 -227
  90. package/mcp/powers/mcp-builder/LICENSE.txt +0 -202
  91. package/mcp/powers/mcp-builder/POWER.md +0 -179
  92. package/mcp/powers/mcp-builder/SKILL.md +0 -176
  93. package/mcp/powers/mcp-builder/reference/evaluation.md +0 -602
  94. package/mcp/powers/mcp-builder/reference/mcp_best_practices.md +0 -915
  95. package/mcp/powers/mcp-builder/reference/node_mcp_server.md +0 -916
  96. package/mcp/powers/mcp-builder/reference/python_mcp_server.md +0 -752
  97. package/mcp/powers/mcp-builder/scripts/connections.py +0 -151
  98. package/mcp/powers/mcp-builder/scripts/evaluation.py +0 -373
  99. package/mcp/powers/mcp-builder/scripts/example_evaluation.xml +0 -22
  100. package/mcp/powers/mcp-builder/scripts/requirements.txt +0 -2
  101. package/mcp/powers/mcp-developer/POWER.md +0 -88
  102. package/mcp/powers/mcp-developer/SKILL.md +0 -85
  103. package/mcp/powers/mcp-developer/steering/protocol.md +0 -244
  104. package/mcp/powers/mcp-developer/steering/python-sdk.md +0 -367
  105. package/mcp/powers/mcp-developer/steering/resources.md +0 -554
  106. package/mcp/powers/mcp-developer/steering/tools.md +0 -480
  107. package/mcp/powers/mcp-developer/steering/typescript-sdk.md +0 -350
  108. package/mcp/powers/postman/POWER.md +0 -243
  109. package/mcp/powers/postman/SKILL.md +0 -240
  110. package/mcp/powers/postman/flutter-expert/POWER.md +0 -89
  111. package/mcp/powers/postman/flutter-expert/SKILL.md +0 -77
  112. package/mcp/powers/postman/flutter-expert/steering/bloc-state.md +0 -259
  113. package/mcp/powers/postman/flutter-expert/steering/engineering-principles.md +0 -82
  114. package/mcp/powers/postman/flutter-expert/steering/gorouter-navigation.md +0 -157
  115. package/mcp/powers/postman/flutter-expert/steering/performance.md +0 -99
  116. package/mcp/powers/postman/flutter-expert/steering/project-structure.md +0 -77
  117. package/mcp/powers/postman/flutter-expert/steering/riverpod-state.md +0 -404
  118. package/mcp/powers/postman/flutter-expert/steering/widget-patterns.md +0 -123
  119. package/mcp/powers/postman/flutter-security-reviewer/POWER.md +0 -204
  120. package/mcp/powers/postman/flutter-security-reviewer/SKILL.md +0 -180
  121. package/mcp/powers/postman/flutter-security-reviewer/steering/log_redaction.md +0 -17
  122. package/mcp/powers/postman/flutter-security-reviewer/steering/network_hardening.md +0 -13
  123. package/mcp/powers/postman/flutter-security-reviewer/steering/secret-scanning.md +0 -123
  124. package/mcp/powers/postman/flutter-security-reviewer/steering/secure_storage_policy.md +0 -16
  125. package/mcp/powers/postman/flutter-security-reviewer/steering/vulnerability-patterns.md +0 -189
  126. package/mcp/powers/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  127. package/mcp/powers/postman/flutter-test-master/POWER.md +0 -527
  128. package/mcp/powers/postman/flutter-test-master/SKILL.md +0 -513
  129. package/mcp/powers/postman/flutter-test-master/steering/golden-testing.md +0 -444
  130. package/mcp/powers/postman/flutter-test-master/steering/integration-testing.md +0 -688
  131. package/mcp/powers/postman/flutter-test-master/steering/property-testing.md +0 -408
  132. package/mcp/powers/postman/flutter-test-master/steering/riverpod-testing.md +0 -606
  133. package/mcp/powers/postman/flutter-test-master/steering/test-utilities.md +0 -566
  134. package/mcp/powers/postman/flutter-test-master/steering/unit-testing.md +0 -511
  135. package/mcp/powers/postman/flutter-test-master/steering/widget-testing.md +0 -601
  136. package/mcp/powers/postman/git-commit/POWER.md +0 -47
  137. package/mcp/powers/postman/git-commit/SKILL.md +0 -46
  138. package/mcp/powers/postman/gorouter-restoration/POWER.md +0 -227
  139. package/mcp/powers/postman/gorouter-restoration/SKILL.md +0 -217
  140. package/mcp/powers/postman/gorouter-restoration/steering/guard_patterns.md +0 -14
  141. package/mcp/powers/postman/gorouter-restoration/steering/tab_preservation.md +0 -12
  142. package/mcp/powers/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  143. package/mcp/powers/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  144. package/mcp/powers/postman/mcp.json +0 -11
  145. package/mcp/powers/postman/microservices-architect/POWER.md +0 -109
  146. package/mcp/powers/postman/microservices-architect/SKILL.md +0 -93
  147. package/mcp/powers/postman/microservices-architect/steering/communication.md +0 -499
  148. package/mcp/powers/postman/microservices-architect/steering/data.md +0 -721
  149. package/mcp/powers/postman/microservices-architect/steering/decomposition.md +0 -344
  150. package/mcp/powers/postman/microservices-architect/steering/observability.md +0 -805
  151. package/mcp/powers/postman/microservices-architect/steering/patterns.md +0 -603
  152. package/mcp/powers/postman/nestjs-expert/POWER.md +0 -130
  153. package/mcp/powers/postman/nestjs-expert/SKILL.md +0 -114
  154. package/mcp/powers/postman/nestjs-expert/steering/authentication.md +0 -461
  155. package/mcp/powers/postman/nestjs-expert/steering/controllers-routing.md +0 -114
  156. package/mcp/powers/postman/nestjs-expert/steering/dtos-validation.md +0 -156
  157. package/mcp/powers/postman/nestjs-expert/steering/migration-from-express.md +0 -1240
  158. package/mcp/powers/postman/nestjs-expert/steering/secure-sessions.md +0 -56
  159. package/mcp/powers/postman/nestjs-expert/steering/services-di.md +0 -143
  160. package/mcp/powers/postman/nestjs-expert/steering/strangler-fig-pattern.md +0 -47
  161. package/mcp/powers/postman/nestjs-expert/steering/testing-patterns.md +0 -189
  162. package/mcp/powers/postman/oneup-design/POWER.md +0 -72
  163. package/mcp/powers/postman/oneup-design/SKILL.md +0 -71
  164. package/mcp/powers/postman/oneup-design/steering/colors.md +0 -41
  165. package/mcp/powers/postman/oneup-design/steering/components.md +0 -53
  166. package/mcp/powers/postman/oneup-design/steering/spacing.md +0 -84
  167. package/mcp/powers/postman/openapi-docs/POWER.md +0 -78
  168. package/mcp/powers/postman/openapi-docs/SKILL.md +0 -68
  169. package/mcp/powers/postman/openapi-docs/steering/crud-templates.md +0 -43
  170. package/mcp/powers/postman/openapi-docs/steering/framework-express.md +0 -19
  171. package/mcp/powers/postman/openapi-docs/steering/framework-fastapi.md +0 -20
  172. package/mcp/powers/postman/openapi-docs/steering/framework-nestjs.md +0 -20
  173. package/mcp/powers/postman/openapi-docs/steering/framework-raw-openapi.md +0 -14
  174. package/mcp/powers/postman/openapi-docs/steering/openapi-checklist.md +0 -33
  175. package/mcp/powers/postman/openapi-docs/steering/stoplight-ui.md +0 -21
  176. package/mcp/powers/postman/steering/steering.md +0 -26
  177. package/mcp/powers/sentry-automation/POWER.md +0 -235
  178. package/mcp/powers/sentry-automation/SKILL.md +0 -232
  179. package/mcp/skills/atlassian-mcp/SKILL.md +0 -88
  180. package/mcp/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  181. package/mcp/skills/atlassian-mcp/references/common-workflows.md +0 -660
  182. package/mcp/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  183. package/mcp/skills/atlassian-mcp/references/jira-queries.md +0 -421
  184. package/mcp/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  185. package/mcp/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  186. package/mcp/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  187. package/mcp/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  188. package/mcp/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  189. package/mcp/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  190. package/mcp/skills/datadog-automation/SKILL.md +0 -235
  191. package/mcp/skills/github-automation/SKILL.md +0 -227
  192. package/mcp/skills/mcp-builder/LICENSE.txt +0 -202
  193. package/mcp/skills/mcp-builder/SKILL.md +0 -176
  194. package/mcp/skills/mcp-builder/reference/evaluation.md +0 -602
  195. package/mcp/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  196. package/mcp/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  197. package/mcp/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  198. package/mcp/skills/mcp-builder/scripts/connections.py +0 -151
  199. package/mcp/skills/mcp-builder/scripts/evaluation.py +0 -373
  200. package/mcp/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  201. package/mcp/skills/mcp-builder/scripts/requirements.txt +0 -2
  202. package/mcp/skills/mcp-developer/SKILL.md +0 -85
  203. package/mcp/skills/mcp-developer/references/protocol.md +0 -244
  204. package/mcp/skills/mcp-developer/references/python-sdk.md +0 -367
  205. package/mcp/skills/mcp-developer/references/resources.md +0 -554
  206. package/mcp/skills/mcp-developer/references/tools.md +0 -480
  207. package/mcp/skills/mcp-developer/references/typescript-sdk.md +0 -350
  208. package/mcp/skills/postman/POWER.md +0 -242
  209. package/mcp/skills/postman/SKILL.md +0 -240
  210. package/mcp/skills/postman/flutter-expert/POWER.md +0 -89
  211. package/mcp/skills/postman/flutter-expert/SKILL.md +0 -77
  212. package/mcp/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  213. package/mcp/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  214. package/mcp/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  215. package/mcp/skills/postman/flutter-expert/references/performance.md +0 -99
  216. package/mcp/skills/postman/flutter-expert/references/project-structure.md +0 -77
  217. package/mcp/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  218. package/mcp/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  219. package/mcp/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  220. package/mcp/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  221. package/mcp/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  222. package/mcp/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  223. package/mcp/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  224. package/mcp/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  225. package/mcp/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  226. package/mcp/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  227. package/mcp/skills/postman/flutter-test-master/POWER.md +0 -527
  228. package/mcp/skills/postman/flutter-test-master/SKILL.md +0 -513
  229. package/mcp/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  230. package/mcp/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  231. package/mcp/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  232. package/mcp/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  233. package/mcp/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  234. package/mcp/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  235. package/mcp/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  236. package/mcp/skills/postman/git-commit/POWER.md +0 -47
  237. package/mcp/skills/postman/git-commit/SKILL.md +0 -46
  238. package/mcp/skills/postman/gorouter-restoration/POWER.md +0 -227
  239. package/mcp/skills/postman/gorouter-restoration/SKILL.md +0 -217
  240. package/mcp/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  241. package/mcp/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  242. package/mcp/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  243. package/mcp/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  244. package/mcp/skills/postman/mcp.json +0 -11
  245. package/mcp/skills/postman/microservices-architect/POWER.md +0 -109
  246. package/mcp/skills/postman/microservices-architect/SKILL.md +0 -93
  247. package/mcp/skills/postman/microservices-architect/references/communication.md +0 -499
  248. package/mcp/skills/postman/microservices-architect/references/data.md +0 -721
  249. package/mcp/skills/postman/microservices-architect/references/decomposition.md +0 -344
  250. package/mcp/skills/postman/microservices-architect/references/observability.md +0 -805
  251. package/mcp/skills/postman/microservices-architect/references/patterns.md +0 -603
  252. package/mcp/skills/postman/nestjs-expert/POWER.md +0 -130
  253. package/mcp/skills/postman/nestjs-expert/SKILL.md +0 -114
  254. package/mcp/skills/postman/nestjs-expert/references/authentication.md +0 -461
  255. package/mcp/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  256. package/mcp/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  257. package/mcp/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  258. package/mcp/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  259. package/mcp/skills/postman/nestjs-expert/references/services-di.md +0 -143
  260. package/mcp/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  261. package/mcp/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  262. package/mcp/skills/postman/oneup-design/POWER.md +0 -72
  263. package/mcp/skills/postman/oneup-design/SKILL.md +0 -71
  264. package/mcp/skills/postman/oneup-design/references/colors.md +0 -41
  265. package/mcp/skills/postman/oneup-design/references/components.md +0 -53
  266. package/mcp/skills/postman/oneup-design/references/spacing.md +0 -84
  267. package/mcp/skills/postman/openapi-docs/POWER.md +0 -78
  268. package/mcp/skills/postman/openapi-docs/SKILL.md +0 -68
  269. package/mcp/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  270. package/mcp/skills/postman/openapi-docs/references/framework-express.md +0 -19
  271. package/mcp/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  272. package/mcp/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  273. package/mcp/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  274. package/mcp/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  275. package/mcp/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  276. package/mcp/skills/postman/references/steering.md +0 -26
  277. package/mcp/skills/sentry-automation/SKILL.md +0 -232
  278. package/workflows/powers/atlassian-mcp/POWER.md +0 -21
  279. package/workflows/powers/atlassian-mcp/SKILL.md +0 -18
  280. package/workflows/powers/building-mcp-server-on-cloudflare/POWER.md +0 -21
  281. package/workflows/powers/building-mcp-server-on-cloudflare/SKILL.md +0 -18
  282. package/workflows/powers/datadog-automation/POWER.md +0 -21
  283. package/workflows/powers/datadog-automation/SKILL.md +0 -18
  284. package/workflows/powers/github-automation/POWER.md +0 -21
  285. package/workflows/powers/github-automation/SKILL.md +0 -18
  286. package/workflows/powers/mcp-builder/POWER.md +0 -21
  287. package/workflows/powers/mcp-builder/SKILL.md +0 -18
  288. package/workflows/powers/mcp-developer/POWER.md +0 -21
  289. package/workflows/powers/mcp-developer/SKILL.md +0 -18
  290. package/workflows/powers/postman/POWER.md +0 -21
  291. package/workflows/powers/postman/SKILL.md +0 -18
  292. package/workflows/powers/sentry-automation/POWER.md +0 -21
  293. package/workflows/powers/sentry-automation/SKILL.md +0 -18
  294. package/workflows/skills/atlassian-mcp/SKILL.md +0 -18
  295. package/workflows/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -18
  296. package/workflows/skills/datadog-automation/SKILL.md +0 -18
  297. package/workflows/skills/github-automation/SKILL.md +0 -18
  298. package/workflows/skills/mcp-builder/SKILL.md +0 -18
  299. package/workflows/skills/mcp-developer/SKILL.md +0 -18
  300. package/workflows/skills/sentry-automation/SKILL.md +0 -18
  301. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/SKILL.md +0 -88
  302. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  303. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/common-workflows.md +0 -660
  304. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  305. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/jira-queries.md +0 -421
  306. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  307. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  308. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  309. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  310. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  311. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  312. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/datadog-automation/SKILL.md +0 -235
  313. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/github-automation/SKILL.md +0 -227
  314. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/LICENSE.txt +0 -202
  315. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/SKILL.md +0 -176
  316. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/evaluation.md +0 -602
  317. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  318. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  319. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  320. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/connections.py +0 -151
  321. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/evaluation.py +0 -373
  322. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  323. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/requirements.txt +0 -2
  324. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/SKILL.md +0 -85
  325. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/protocol.md +0 -244
  326. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/python-sdk.md +0 -367
  327. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/resources.md +0 -554
  328. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/tools.md +0 -480
  329. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/typescript-sdk.md +0 -350
  330. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/POWER.md +0 -242
  331. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/POWER.md +0 -89
  332. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/SKILL.md +0 -77
  333. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  334. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  335. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  336. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/performance.md +0 -99
  337. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/project-structure.md +0 -77
  338. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  339. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  340. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  341. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  342. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  343. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  344. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  345. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  346. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  347. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  348. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/POWER.md +0 -527
  349. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/SKILL.md +0 -513
  350. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  351. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  352. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  353. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  354. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  355. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  356. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  357. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/git-commit/POWER.md +0 -47
  358. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/git-commit/SKILL.md +0 -46
  359. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/POWER.md +0 -227
  360. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/SKILL.md +0 -217
  361. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  362. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  363. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  364. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  365. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/mcp.json +0 -11
  366. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/POWER.md +0 -109
  367. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/SKILL.md +0 -93
  368. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/communication.md +0 -499
  369. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/data.md +0 -721
  370. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/decomposition.md +0 -344
  371. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/observability.md +0 -805
  372. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/patterns.md +0 -603
  373. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/POWER.md +0 -130
  374. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/SKILL.md +0 -114
  375. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/authentication.md +0 -461
  376. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  377. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  378. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  379. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  380. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/services-di.md +0 -143
  381. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  382. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  383. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/POWER.md +0 -72
  384. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/SKILL.md +0 -71
  385. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/references/colors.md +0 -41
  386. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/references/components.md +0 -53
  387. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/references/spacing.md +0 -84
  388. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/POWER.md +0 -78
  389. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/SKILL.md +0 -68
  390. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  391. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-express.md +0 -19
  392. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  393. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  394. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  395. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  396. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  397. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/references/steering.md +0 -26
  398. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/sentry-automation/SKILL.md +0 -232
  399. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/SKILL.md +0 -88
  400. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  401. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/common-workflows.md +0 -660
  402. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  403. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/jira-queries.md +0 -421
  404. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  405. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  406. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  407. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  408. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  409. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  410. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/datadog-automation/SKILL.md +0 -235
  411. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/github-automation/SKILL.md +0 -227
  412. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/LICENSE.txt +0 -202
  413. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/SKILL.md +0 -176
  414. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/evaluation.md +0 -602
  415. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  416. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  417. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  418. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/connections.py +0 -151
  419. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/evaluation.py +0 -373
  420. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  421. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/requirements.txt +0 -2
  422. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/SKILL.md +0 -85
  423. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/protocol.md +0 -244
  424. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/python-sdk.md +0 -367
  425. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/resources.md +0 -554
  426. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/tools.md +0 -480
  427. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/typescript-sdk.md +0 -350
  428. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/POWER.md +0 -242
  429. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/POWER.md +0 -89
  430. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/SKILL.md +0 -77
  431. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  432. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  433. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  434. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/performance.md +0 -99
  435. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/project-structure.md +0 -77
  436. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  437. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  438. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  439. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  440. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  441. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  442. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  443. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  444. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  445. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  446. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/POWER.md +0 -527
  447. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/SKILL.md +0 -513
  448. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  449. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  450. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  451. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  452. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  453. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  454. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  455. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/git-commit/POWER.md +0 -47
  456. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/git-commit/SKILL.md +0 -46
  457. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/POWER.md +0 -227
  458. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/SKILL.md +0 -217
  459. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  460. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  461. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  462. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  463. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/mcp.json +0 -11
  464. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/POWER.md +0 -109
  465. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/SKILL.md +0 -93
  466. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/communication.md +0 -499
  467. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/data.md +0 -721
  468. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/decomposition.md +0 -344
  469. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/observability.md +0 -805
  470. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/patterns.md +0 -603
  471. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/POWER.md +0 -130
  472. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/SKILL.md +0 -114
  473. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/authentication.md +0 -461
  474. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  475. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  476. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  477. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  478. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/services-di.md +0 -143
  479. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  480. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  481. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/POWER.md +0 -72
  482. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/SKILL.md +0 -71
  483. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/references/colors.md +0 -41
  484. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/references/components.md +0 -53
  485. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/references/spacing.md +0 -84
  486. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/POWER.md +0 -78
  487. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/SKILL.md +0 -68
  488. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  489. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-express.md +0 -19
  490. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  491. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  492. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  493. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  494. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  495. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/references/steering.md +0 -26
  496. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/sentry-automation/SKILL.md +0 -232
  497. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/SKILL.md +0 -88
  498. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  499. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/common-workflows.md +0 -660
  500. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  501. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/jira-queries.md +0 -421
  502. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  503. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  504. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  505. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  506. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  507. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  508. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/datadog-automation/SKILL.md +0 -235
  509. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/github-automation/SKILL.md +0 -227
  510. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/LICENSE.txt +0 -202
  511. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/SKILL.md +0 -176
  512. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/evaluation.md +0 -602
  513. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  514. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  515. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  516. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/connections.py +0 -151
  517. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/evaluation.py +0 -373
  518. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  519. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/requirements.txt +0 -2
  520. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/SKILL.md +0 -85
  521. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/protocol.md +0 -244
  522. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/python-sdk.md +0 -367
  523. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/resources.md +0 -554
  524. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/tools.md +0 -480
  525. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/typescript-sdk.md +0 -350
  526. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/POWER.md +0 -242
  527. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/POWER.md +0 -89
  528. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/SKILL.md +0 -77
  529. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  530. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  531. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  532. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/performance.md +0 -99
  533. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/project-structure.md +0 -77
  534. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  535. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  536. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  537. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  538. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  539. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  540. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  541. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  542. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  543. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  544. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/POWER.md +0 -527
  545. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/SKILL.md +0 -513
  546. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  547. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  548. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  549. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  550. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  551. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  552. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  553. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/git-commit/POWER.md +0 -47
  554. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/git-commit/SKILL.md +0 -46
  555. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/POWER.md +0 -227
  556. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/SKILL.md +0 -217
  557. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  558. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  559. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  560. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  561. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/mcp.json +0 -11
  562. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/POWER.md +0 -109
  563. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/SKILL.md +0 -93
  564. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/communication.md +0 -499
  565. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/data.md +0 -721
  566. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/decomposition.md +0 -344
  567. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/observability.md +0 -805
  568. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/patterns.md +0 -603
  569. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/POWER.md +0 -130
  570. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/SKILL.md +0 -114
  571. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/authentication.md +0 -461
  572. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  573. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  574. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  575. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  576. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/services-di.md +0 -143
  577. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  578. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  579. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/POWER.md +0 -72
  580. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/SKILL.md +0 -71
  581. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/references/colors.md +0 -41
  582. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/references/components.md +0 -53
  583. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/references/spacing.md +0 -84
  584. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/POWER.md +0 -78
  585. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/SKILL.md +0 -68
  586. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  587. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-express.md +0 -19
  588. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  589. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  590. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  591. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  592. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  593. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/references/steering.md +0 -26
  594. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/sentry-automation/SKILL.md +0 -232
package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/POWER.md DELETED
@@ -1,204 +0,0 @@
1
- ---
2
- name: "flutter-security-reviewer"
3
- displayName: "Flutter/Dart Security Reviewer"
4
- description: "Review Flutter/Dart code for security vulnerabilities: secure storage, network hardening, log redaction, and data protection"
5
- keywords:
6
- [
7
- "security",
8
- "flutter security",
9
- "dart security",
10
- "secure storage",
11
- "encryption",
12
- "log redaction",
13
- "network security",
14
- "data protection",
15
- "pii",
16
- "sensitive data",
17
- "authentication",
18
- "authorization",
19
- ]
20
- ---
21
-
22
- # Flutter/Dart Security Reviewer
23
-
24
- ## Overview
25
-
26
- This power helps you identify and fix security vulnerabilities in mobile and web applications, focusing on secure storage, network hardening, log redaction, and sensitive data handling.
27
-
28
- ## When to Use
29
-
30
- - Reviewing code that handles authentication tokens
31
- - Implementing secure storage for sensitive data
32
- - Adding logging/analytics that might expose PII
33
- - Reviewing network requests for security issues
34
- - Implementing biometric authentication
35
- - Handling user passwords or credentials
36
- - Processing payment information
37
- - Storing user preferences that contain sensitive data
38
- - Implementing session management
39
- - Any code that touches user data
40
-
41
- ## Review Output Format
42
-
43
- When reviewing, output exactly:
44
-
45
- 1. **Threat summary** (what could go wrong; 3-6 bullets)
46
- 2. **Findings** grouped by severity (CRITICAL/HIGH/MED/LOW)
47
- 3. **Concrete mitigations** (specific code-level steps)
48
- 4. **Security regression tests/checks** (what to verify)
49
- 5. **Logging & privacy audit** (PII, tokens, crash reports)
50
-
51
- ## Severity Definitions
52
-
53
- - **CRITICAL**: Token/session compromise, auth bypass, remote code/data exposure, storing secrets insecurely, PII leakage
54
- - **HIGH**: Weak access control, insecure defaults, sensitive data in logs, missing TLS assumptions
55
- - **MED**: Hardening gaps (timeouts, retry abuse, overly broad permissions)
56
- - **LOW**: Best-practice improvements
57
-
58
- ---
59
-
60
- ## 1) Authentication & Session Security
61
-
62
- ### Tokens
63
-
64
- **CRITICAL:**
65
- - Tokens in logs, analytics events, crash reports
66
- - Tokens stored in plain SharedPreferences without justification
67
-
68
- **Recommendations:**
69
- - Prefer secure storage for tokens (platform-backed) where possible
70
- - If SharedPreferences must be used, ensure:
71
- - Short-lived access tokens + refresh tokens handled carefully
72
- - Minimal token surface; never log
73
-
74
- ### Route Guards
75
- - Ensure router guards cannot be bypassed by deep links
76
- - Guard decisions must use authoritative session provider state
77
- - Avoid redirect loops (secure + usability)
78
-
79
- ---
80
-
81
- ## 2) Network Security
82
-
83
- ### Checklist
84
- - [ ] Use HTTPS in UAT/Prod baseUrl
85
- - [ ] Reasonable timeouts (connect/receive)
86
- - [ ] Avoid disabling cert validation
87
- - [ ] Do not accept all certs in production
88
- - [ ] Interceptors must not log sensitive headers or body fields
89
-
90
- ### Retry Policy
91
- - Avoid retrying non-idempotent requests unless safe
92
- - Backoff + max attempts
93
-
94
- ### Device ↔ Gateway Security
95
- - Prefer server-side validation and proper auth
96
- - Never "security-by-obscurity" headers
97
-
98
- ---
99
-
100
- ## 3) Local Data Protection
101
-
102
- **CRITICAL:**
103
- - Storing PII or tokens unencrypted without threat model
104
-
105
- **Guidance:**
106
- - Store only what's needed offline
107
- - Encrypt sensitive cached blobs if possible, or avoid caching them
108
- - Apply TTL to cached session/profile data
109
- - Clear data on logout
110
-
111
- ---
112
-
113
- ## 4) Input Validation & Injection Safety
114
-
115
- - [ ] Validate all user inputs before sending to API
116
- - [ ] Avoid string interpolation for SQL queries: use parameters
117
- - [ ] Avoid trusting client-only checks (roles, orgId); server must enforce
118
-
119
- ---
120
-
121
- ## 5) Privacy, Logging, Analytics
122
-
123
- **CRITICAL:**
124
- - PII in logs (`name`, `phone`, `location`, identifiers)
125
- - Tokens/headers in logs
126
- - Crashlytics sending PII
127
-
128
- **Guidance:**
129
- - Redact: Authorization headers, cookies, IDs if sensitive
130
- - Provide `toSafeLog()` helpers
131
- - Ensure debug logging is disabled/limited in release builds
132
-
133
- ---
134
-
135
- ## 6) Dependency & Supply Chain Hygiene
136
-
137
- - [ ] Check new packages are reputable and maintained
138
- - [ ] Avoid adding packages that request broad permissions without need
139
- - [ ] Pin versions as appropriate; review changelogs for security fixes
140
-
141
- ---
142
-
143
- ## 7) Security Review Checklist for PRs
144
-
145
- ### Always Search For
146
- - `print(`, `debugPrint(`, logging interceptors
147
- - `Authorization`, `token`, `refresh`, `secret`, `apiKey`
148
- - `badCertificateCallback`, `HttpClient` overrides
149
- - Persistent storage of user/session data
150
-
151
- ### Enforce
152
- - [ ] No secrets in repo
153
- - [ ] No insecure network overrides in production
154
- - [ ] Logout clears sensitive local data
155
- - [ ] Access control enforced server-side (don't trust client role/org headers alone)
156
-
157
- ---
158
-
159
- ## Quick Reference
160
-
161
- ### Secure Storage (DO)
162
-
163
- ```dart
164
- // ✅ Use flutter_secure_storage for tokens
165
- final storage = FlutterSecureStorage();
166
- await storage.write(key: 'auth_token', value: token);
167
- ```
168
-
169
- ### Secure Storage (DON'T)
170
-
171
- ```dart
172
- // ❌ Never store tokens in SharedPreferences
173
- final prefs = await SharedPreferences.getInstance();
174
- prefs.setString('auth_token', token); // INSECURE!
175
-
176
- // ❌ Never hardcode secrets
177
- const apiKey = 'sk_live_abc123'; // NEVER DO THIS
178
- ```
179
-
180
- ### Log Redaction
181
-
182
- ```dart
183
- // ❌ Bad - logs sensitive data
184
- logger.info('User login: ${user.email}, password: ${password}');
185
-
186
- // ✅ Good - no sensitive data in logs
187
- logger.info('User login successful: userId=${user.id}');
188
- ```
189
-
190
- ---
191
-
192
- ## Steering Files
193
-
194
- | File | Load When |
195
- | --------------------------- | -------------------------------------- |
196
- | `secure_storage_policy.md` | What to store where |
197
- | `network_hardening.md` | Network security best practices |
198
- | `log_redaction.md` | How to redact sensitive data from logs |
199
- | `vulnerability-patterns.md` | SQL injection, XSS, IDOR patterns |
200
- | `secret-scanning.md` | Finding hardcoded secrets |
201
-
202
- ## Templates
203
-
204
- - `security_review_response.md` - Security review report template
package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/SKILL.md DELETED
@@ -1,180 +0,0 @@
1
- ---
2
- name: "flutter-security-reviewer"
3
- description: "Review Flutter/Dart code for security vulnerabilities: secure storage, network hardening, log redaction, and data protection"
4
- ---
5
-
6
-
7
- # Flutter/Dart Security Reviewer
8
-
9
- ## Overview
10
-
11
- This power helps you identify and fix security vulnerabilities in mobile and web applications, focusing on secure storage, network hardening, log redaction, and sensitive data handling.
12
-
13
- ## When to Use
14
-
15
- - Reviewing code that handles authentication tokens
16
- - Implementing secure storage for sensitive data
17
- - Adding logging/analytics that might expose PII
18
- - Reviewing network requests for security issues
19
- - Implementing biometric authentication
20
- - Handling user passwords or credentials
21
- - Processing payment information
22
- - Storing user preferences that contain sensitive data
23
- - Implementing session management
24
- - Any code that touches user data
25
-
26
- ## Review Output Format
27
-
28
- When reviewing, output exactly:
29
-
30
- 1. **Threat summary** (what could go wrong; 3-6 bullets)
31
- 2. **Findings** grouped by severity (CRITICAL/HIGH/MED/LOW)
32
- 3. **Concrete mitigations** (specific code-level steps)
33
- 4. **Security regression tests/checks** (what to verify)
34
- 5. **Logging & privacy audit** (PII, tokens, crash reports)
35
-
36
- ## Severity Definitions
37
-
38
- - **CRITICAL**: Token/session compromise, auth bypass, remote code/data exposure, storing secrets insecurely, PII leakage
39
- - **HIGH**: Weak access control, insecure defaults, sensitive data in logs, missing TLS assumptions
40
- - **MED**: Hardening gaps (timeouts, retry abuse, overly broad permissions)
41
- - **LOW**: Best-practice improvements
42
-
43
-
44
- ## 1) Authentication & Session Security
45
-
46
- ### Tokens
47
-
48
- **CRITICAL:**
49
- - Tokens in logs, analytics events, crash reports
50
- - Tokens stored in plain SharedPreferences without justification
51
-
52
- **Recommendations:**
53
- - Prefer secure storage for tokens (platform-backed) where possible
54
- - If SharedPreferences must be used, ensure:
55
- - Short-lived access tokens + refresh tokens handled carefully
56
- - Minimal token surface; never log
57
-
58
- ### Route Guards
59
- - Ensure router guards cannot be bypassed by deep links
60
- - Guard decisions must use authoritative session provider state
61
- - Avoid redirect loops (secure + usability)
62
-
63
-
64
- ## 2) Network Security
65
-
66
- ### Checklist
67
- - [ ] Use HTTPS in UAT/Prod baseUrl
68
- - [ ] Reasonable timeouts (connect/receive)
69
- - [ ] Avoid disabling cert validation
70
- - [ ] Do not accept all certs in production
71
- - [ ] Interceptors must not log sensitive headers or body fields
72
-
73
- ### Retry Policy
74
- - Avoid retrying non-idempotent requests unless safe
75
- - Backoff + max attempts
76
-
77
- ### Device ↔ Gateway Security
78
- - Prefer server-side validation and proper auth
79
- - Never "security-by-obscurity" headers
80
-
81
-
82
- ## 3) Local Data Protection
83
-
84
- **CRITICAL:**
85
- - Storing PII or tokens unencrypted without threat model
86
-
87
- **Guidance:**
88
- - Store only what's needed offline
89
- - Encrypt sensitive cached blobs if possible, or avoid caching them
90
- - Apply TTL to cached session/profile data
91
- - Clear data on logout
92
-
93
-
94
- ## 4) Input Validation & Injection Safety
95
-
96
- - [ ] Validate all user inputs before sending to API
97
- - [ ] Avoid string interpolation for SQL queries: use parameters
98
- - [ ] Avoid trusting client-only checks (roles, orgId); server must enforce
99
-
100
-
101
- ## 5) Privacy, Logging, Analytics
102
-
103
- **CRITICAL:**
104
- - PII in logs (`name`, `phone`, `location`, identifiers)
105
- - Tokens/headers in logs
106
- - Crashlytics sending PII
107
-
108
- **Guidance:**
109
- - Redact: Authorization headers, cookies, IDs if sensitive
110
- - Provide `toSafeLog()` helpers
111
- - Ensure debug logging is disabled/limited in release builds
112
-
113
-
114
- ## 6) Dependency & Supply Chain Hygiene
115
-
116
- - [ ] Check new packages are reputable and maintained
117
- - [ ] Avoid adding packages that request broad permissions without need
118
- - [ ] Pin versions as appropriate; review changelogs for security fixes
119
-
120
-
121
- ## 7) Security Review Checklist for PRs
122
-
123
- ### Always Search For
124
- - `print(`, `debugPrint(`, logging interceptors
125
- - `Authorization`, `token`, `refresh`, `secret`, `apiKey`
126
- - `badCertificateCallback`, `HttpClient` overrides
127
- - Persistent storage of user/session data
128
-
129
- ### Enforce
130
- - [ ] No secrets in repo
131
- - [ ] No insecure network overrides in production
132
- - [ ] Logout clears sensitive local data
133
- - [ ] Access control enforced server-side (don't trust client role/org headers alone)
134
-
135
-
136
- ## Quick Reference
137
-
138
- ### Secure Storage (DO)
139
-
140
- ```dart
141
- // ✅ Use flutter_secure_storage for tokens
142
- final storage = FlutterSecureStorage();
143
- await storage.write(key: 'auth_token', value: token);
144
- ```
145
-
146
- ### Secure Storage (DON'T)
147
-
148
- ```dart
149
- // ❌ Never store tokens in SharedPreferences
150
- final prefs = await SharedPreferences.getInstance();
151
- prefs.setString('auth_token', token); // INSECURE!
152
-
153
- // ❌ Never hardcode secrets
154
- const apiKey = 'sk_live_abc123'; // NEVER DO THIS
155
- ```
156
-
157
- ### Log Redaction
158
-
159
- ```dart
160
- // ❌ Bad - logs sensitive data
161
- logger.info('User login: ${user.email}, password: ${password}');
162
-
163
- // ✅ Good - no sensitive data in logs
164
- logger.info('User login successful: userId=${user.id}');
165
- ```
166
-
167
-
168
- ## Steering Files
169
-
170
- | File | Load When |
171
- | --------------------------- | -------------------------------------- |
172
- | `secure_storage_policy.md` | What to store where |
173
- | `network_hardening.md` | Network security best practices |
174
- | `log_redaction.md` | How to redact sensitive data from logs |
175
- | `vulnerability-patterns.md` | SQL injection, XSS, IDOR patterns |
176
- | `secret-scanning.md` | Finding hardcoded secrets |
177
-
178
- ## Templates
179
-
180
- - `security_review_response.md` - Security review report template
package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/log_redaction.md DELETED
@@ -1,17 +0,0 @@
1
- # Logging redaction policy
2
-
3
- ## Never log
4
- - Authorization headers
5
- - Cookies
6
- - refresh/access tokens
7
- - passwords/OTP codes
8
- - full request/response bodies containing PII
9
-
10
- ## Recommended
11
- - Log request method + path + status code
12
- - Log timing and correlation ids
13
- - Redact sensitive fields:
14
-
15
- Example (pseudo):
16
- - headers: replace Authorization with "***"
17
- - body: replace keys like token/password with "***"
package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/network_hardening.md DELETED
@@ -1,13 +0,0 @@
1
- # Network hardening (Dio)
2
-
3
- Checklist:
4
- - HTTPS only for UAT/Prod
5
- - Timeouts configured
6
- - Interceptors do not leak sensitive info
7
- - No `badCertificateCallback` in release
8
- - Use request IDs/transaction hashes for tracing (non-secret)
9
-
10
- Retry policy:
11
- - idempotent requests only (GET)
12
- - exponential backoff
13
- - cap attempts
package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/secret-scanning.md DELETED
@@ -1,123 +0,0 @@
1
- # Secret Scanning
2
-
3
- > Reference for: Security Reviewer
4
- > Load when: Scanning for hardcoded secrets
5
-
6
- ## Manual Grep Patterns
7
-
8
- ```bash
9
- # Common secret patterns
10
- grep -rn "api_key\|apikey\|api-key" --include="*.dart" .
11
- grep -rn "secret\|password\|passwd" --include="*.dart" .
12
- grep -rn "private_key\|privatekey" --include="*.dart" .
13
- grep -rn "access_token\|accesstoken" --include="*.dart" .
14
-
15
- # Firebase/Google
16
- grep -rn "AIza[0-9A-Za-z_-]{35}" .
17
- grep -rn "firebase" --include="*.dart" .
18
-
19
- # AWS credentials
20
- grep -rn "AKIA[0-9A-Z]{16}" .
21
- grep -rn "aws_secret_access_key" .
22
-
23
- # Base64 encoded (potential secrets)
24
- grep -rn "[A-Za-z0-9+/]{40,}=" .
25
-
26
- # JWT tokens
27
- grep -rn "eyJ[A-Za-z0-9_-]*\.eyJ[A-Za-z0-9_-]*\." .
28
- ```
29
-
30
- ## Common Secret Patterns
31
-
32
- | Type | Pattern | Example |
33
- | ----------------- | -------------------------------- | -------------------------- |
34
- | AWS Access Key | `AKIA[0-9A-Z]{16}` | AKIAIOSFODNN7EXAMPLE |
35
- | AWS Secret Key | 40 char base64 | wJalrXUtnFEMI/K7MDENG... |
36
- | Firebase API Key | `AIza[0-9A-Za-z_-]{35}` | AIzaSyC... |
37
- | GitHub Token | `ghp_[A-Za-z0-9]{36}` | ghp_xxxxxxxxxxxx |
38
- | Slack Token | `xox[baprs]-` | xoxb-xxx-xxx |
39
- | Stripe Key | `sk_live_[A-Za-z0-9]{24}` | sk_live_xxxx |
40
- | Private Key | `-----BEGIN.*PRIVATE KEY-----` | RSA/EC keys |
41
- | JWT | `eyJ[A-Za-z0-9_-]*\.eyJ` | Encoded tokens |
42
-
43
- ## Flutter-Specific Locations to Check
44
-
45
- ```bash
46
- # Check these files for hardcoded secrets
47
- lib/core/config/
48
- lib/firebase_options.dart
49
- android/app/google-services.json
50
- ios/Runner/GoogleService-Info.plist
51
- .env files
52
- pubspec.yaml (sometimes contains keys)
53
- ```
54
-
55
- ## What to Look For
56
-
57
- ### Hardcoded API Keys
58
- ```dart
59
- // BAD - Hardcoded
60
- const apiKey = 'sk_live_abc123xyz';
61
- const firebaseKey = 'AIzaSyC...';
62
-
63
- // GOOD - Environment variable or secure storage
64
- final apiKey = const String.fromEnvironment('API_KEY');
65
- final apiKey = await secureStorage.read(key: 'api_key');
66
- ```
67
-
68
- ### Hardcoded URLs with Credentials
69
- ```dart
70
- // BAD
71
- const dbUrl = 'postgres://user:password@host:5432/db';
72
-
73
- // GOOD
74
- final dbUrl = const String.fromEnvironment('DATABASE_URL');
75
- ```
76
-
77
- ### Debug/Test Credentials
78
- ```dart
79
- // BAD - Test credentials in production code
80
- const testUser = 'admin';
81
- const testPassword = 'admin123';
82
-
83
- // GOOD - Only in test files, never committed
84
- // Use environment variables or test fixtures
85
- ```
86
-
87
- ## Remediation Steps
88
-
89
- 1. **Rotate immediately** - Consider secret compromised
90
- 2. **Remove from code** - Replace with environment variable
91
- 3. **Remove from git history** - Use BFG or git filter-branch
92
- 4. **Add to .gitignore** - Prevent future commits
93
- 5. **Use secure storage** - flutter_secure_storage for runtime secrets
94
- 6. **Use --dart-define** - For build-time configuration
95
-
96
- ```bash
97
- # Build with environment variables
98
- flutter build apk --dart-define=API_KEY=$API_KEY
99
-
100
- # Access in code
101
- const apiKey = String.fromEnvironment('API_KEY');
102
- ```
103
-
104
- ## Pre-commit Prevention
105
-
106
- ```yaml
107
- # .pre-commit-config.yaml
108
- repos:
109
- - repo: https://github.com/gitleaks/gitleaks
110
- rev: v8.18.0
111
- hooks:
112
- - id: gitleaks
113
- ```
114
-
115
- ## Quick Reference
116
-
117
- | Location | Risk Level | Action |
118
- | --------------------------- | ---------- | --------------------------- |
119
- | Source code (.dart) | Critical | Remove, use env vars |
120
- | Config files | High | Move to .gitignore |
121
- | Git history | Critical | Rewrite history |
122
- | Build artifacts | Medium | Ensure not committed |
123
- | Comments/TODOs | Medium | Remove sensitive info |
package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md DELETED
@@ -1,16 +0,0 @@
1
- # Secure storage policy (mobile)
2
-
3
- ## Token storage
4
- Preferred:
5
- - Platform-backed secure storage for auth tokens
6
-
7
- If you must use SharedPreferences:
8
- - access tokens should be short-lived
9
- - never store refresh token unless encrypted/secured
10
- - clear all tokens on logout
11
- - guard against backup/restore exposures where relevant
12
-
13
- ## Cached user/profile data
14
- - Apply TTL
15
- - Avoid caching sensitive PII unless required for offline
16
- - Clear per-organization/user on logout or org switch