@cubis/foundry 0.3.34 → 0.3.36

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (594) hide show
  1. package/README.md +56 -11
  2. package/bin/cubis.js +2824 -966
  3. package/mcp/.dockerignore +5 -0
  4. package/mcp/Dockerfile +19 -0
  5. package/mcp/README.md +550 -11
  6. package/mcp/config.json +18 -0
  7. package/mcp/dist/index.d.ts +1 -0
  8. package/mcp/dist/index.js +1488 -0
  9. package/mcp/package.json +36 -0
  10. package/mcp/src/cbxConfig/index.ts +23 -0
  11. package/mcp/src/cbxConfig/paths.ts +45 -0
  12. package/mcp/src/cbxConfig/reader.ts +149 -0
  13. package/mcp/src/cbxConfig/readerWriter.test.ts +147 -0
  14. package/mcp/src/cbxConfig/serviceConfig.test.ts +42 -0
  15. package/mcp/src/cbxConfig/serviceConfig.ts +157 -0
  16. package/mcp/src/cbxConfig/types.ts +44 -0
  17. package/mcp/src/cbxConfig/writer.ts +90 -0
  18. package/mcp/src/config/index.test.ts +81 -0
  19. package/mcp/src/config/index.ts +45 -0
  20. package/mcp/src/config/schema.ts +55 -0
  21. package/mcp/src/gateway/catalog.ts +37 -0
  22. package/mcp/src/gateway/config.ts +247 -0
  23. package/mcp/src/gateway/manager.ts +255 -0
  24. package/mcp/src/gateway/types.ts +54 -0
  25. package/mcp/src/gateway/upstreamClient.ts +80 -0
  26. package/mcp/src/index.ts +211 -0
  27. package/mcp/src/server.ts +219 -0
  28. package/mcp/src/tools/configTools.test.ts +166 -0
  29. package/mcp/src/tools/future/README.md +21 -0
  30. package/mcp/src/tools/future/index.ts +8 -0
  31. package/mcp/src/tools/index.ts +76 -0
  32. package/mcp/src/tools/mcpGateway.ts +44 -0
  33. package/mcp/src/tools/postmanGetMode.ts +82 -0
  34. package/mcp/src/tools/postmanGetStatus.ts +65 -0
  35. package/mcp/src/tools/postmanModes.ts +28 -0
  36. package/mcp/src/tools/postmanSetMode.ts +71 -0
  37. package/mcp/src/tools/skillBrowseCategory.ts +54 -0
  38. package/mcp/src/tools/skillGet.ts +43 -0
  39. package/mcp/src/tools/skillListCategories.ts +40 -0
  40. package/mcp/src/tools/skillSearch.ts +72 -0
  41. package/mcp/src/tools/skillTools.test.ts +126 -0
  42. package/mcp/src/tools/stitchGetMode.ts +58 -0
  43. package/mcp/src/tools/stitchGetStatus.ts +70 -0
  44. package/mcp/src/tools/stitchSetProfile.ts +82 -0
  45. package/mcp/src/transports/stdio.ts +9 -0
  46. package/mcp/src/transports/streamableHttp.ts +43 -0
  47. package/mcp/src/upstream/passthrough.ts +273 -0
  48. package/mcp/src/utils/errors.ts +38 -0
  49. package/mcp/src/utils/logger.ts +63 -0
  50. package/mcp/src/vault/manifest.test.ts +126 -0
  51. package/mcp/src/vault/manifest.ts +99 -0
  52. package/mcp/src/vault/scanner.test.ts +70 -0
  53. package/mcp/src/vault/scanner.ts +145 -0
  54. package/mcp/src/vault/types.ts +21 -0
  55. package/package.json +9 -2
  56. package/workflows/scripts/generate-powers.mjs +27 -18
  57. package/workflows/skills/postman/SKILL.md +11 -12
  58. package/workflows/skills/skills_index.json +11 -93
  59. package/workflows/skills/stitch/SKILL.md +17 -0
  60. package/workflows/workflows/agent-environment-setup/manifest.json +0 -24
  61. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/nextjs-react-expert/SKILL.md +1 -1
  62. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/SKILL.md +9 -232
  63. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/skills_index.json +0 -102
  64. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/stitch/SKILL.md +17 -0
  65. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/nextjs-react-expert/SKILL.md +1 -1
  66. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/SKILL.md +9 -232
  67. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/skills_index.json +0 -102
  68. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/stitch/SKILL.md +17 -0
  69. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/nextjs-react-expert/SKILL.md +1 -1
  70. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/SKILL.md +9 -232
  71. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/skills_index.json +0 -102
  72. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/stitch/SKILL.md +17 -0
  73. package/mcp/catalogs/default.json +0 -14
  74. package/mcp/powers/atlassian-mcp/POWER.md +0 -91
  75. package/mcp/powers/atlassian-mcp/SKILL.md +0 -88
  76. package/mcp/powers/atlassian-mcp/steering/authentication-patterns.md +0 -520
  77. package/mcp/powers/atlassian-mcp/steering/common-workflows.md +0 -660
  78. package/mcp/powers/atlassian-mcp/steering/confluence-operations.md +0 -528
  79. package/mcp/powers/atlassian-mcp/steering/jira-queries.md +0 -421
  80. package/mcp/powers/atlassian-mcp/steering/mcp-server-setup.md +0 -292
  81. package/mcp/powers/building-mcp-server-on-cloudflare/POWER.md +0 -261
  82. package/mcp/powers/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  83. package/mcp/powers/building-mcp-server-on-cloudflare/steering/examples.md +0 -115
  84. package/mcp/powers/building-mcp-server-on-cloudflare/steering/oauth-setup.md +0 -338
  85. package/mcp/powers/building-mcp-server-on-cloudflare/steering/troubleshooting.md +0 -317
  86. package/mcp/powers/datadog-automation/POWER.md +0 -238
  87. package/mcp/powers/datadog-automation/SKILL.md +0 -235
  88. package/mcp/powers/github-automation/POWER.md +0 -230
  89. package/mcp/powers/github-automation/SKILL.md +0 -227
  90. package/mcp/powers/mcp-builder/LICENSE.txt +0 -202
  91. package/mcp/powers/mcp-builder/POWER.md +0 -179
  92. package/mcp/powers/mcp-builder/SKILL.md +0 -176
  93. package/mcp/powers/mcp-builder/reference/evaluation.md +0 -602
  94. package/mcp/powers/mcp-builder/reference/mcp_best_practices.md +0 -915
  95. package/mcp/powers/mcp-builder/reference/node_mcp_server.md +0 -916
  96. package/mcp/powers/mcp-builder/reference/python_mcp_server.md +0 -752
  97. package/mcp/powers/mcp-builder/scripts/connections.py +0 -151
  98. package/mcp/powers/mcp-builder/scripts/evaluation.py +0 -373
  99. package/mcp/powers/mcp-builder/scripts/example_evaluation.xml +0 -22
  100. package/mcp/powers/mcp-builder/scripts/requirements.txt +0 -2
  101. package/mcp/powers/mcp-developer/POWER.md +0 -88
  102. package/mcp/powers/mcp-developer/SKILL.md +0 -85
  103. package/mcp/powers/mcp-developer/steering/protocol.md +0 -244
  104. package/mcp/powers/mcp-developer/steering/python-sdk.md +0 -367
  105. package/mcp/powers/mcp-developer/steering/resources.md +0 -554
  106. package/mcp/powers/mcp-developer/steering/tools.md +0 -480
  107. package/mcp/powers/mcp-developer/steering/typescript-sdk.md +0 -350
  108. package/mcp/powers/postman/POWER.md +0 -243
  109. package/mcp/powers/postman/SKILL.md +0 -240
  110. package/mcp/powers/postman/flutter-expert/POWER.md +0 -89
  111. package/mcp/powers/postman/flutter-expert/SKILL.md +0 -77
  112. package/mcp/powers/postman/flutter-expert/steering/bloc-state.md +0 -259
  113. package/mcp/powers/postman/flutter-expert/steering/engineering-principles.md +0 -82
  114. package/mcp/powers/postman/flutter-expert/steering/gorouter-navigation.md +0 -157
  115. package/mcp/powers/postman/flutter-expert/steering/performance.md +0 -99
  116. package/mcp/powers/postman/flutter-expert/steering/project-structure.md +0 -77
  117. package/mcp/powers/postman/flutter-expert/steering/riverpod-state.md +0 -404
  118. package/mcp/powers/postman/flutter-expert/steering/widget-patterns.md +0 -123
  119. package/mcp/powers/postman/flutter-security-reviewer/POWER.md +0 -204
  120. package/mcp/powers/postman/flutter-security-reviewer/SKILL.md +0 -180
  121. package/mcp/powers/postman/flutter-security-reviewer/steering/log_redaction.md +0 -17
  122. package/mcp/powers/postman/flutter-security-reviewer/steering/network_hardening.md +0 -13
  123. package/mcp/powers/postman/flutter-security-reviewer/steering/secret-scanning.md +0 -123
  124. package/mcp/powers/postman/flutter-security-reviewer/steering/secure_storage_policy.md +0 -16
  125. package/mcp/powers/postman/flutter-security-reviewer/steering/vulnerability-patterns.md +0 -189
  126. package/mcp/powers/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  127. package/mcp/powers/postman/flutter-test-master/POWER.md +0 -527
  128. package/mcp/powers/postman/flutter-test-master/SKILL.md +0 -513
  129. package/mcp/powers/postman/flutter-test-master/steering/golden-testing.md +0 -444
  130. package/mcp/powers/postman/flutter-test-master/steering/integration-testing.md +0 -688
  131. package/mcp/powers/postman/flutter-test-master/steering/property-testing.md +0 -408
  132. package/mcp/powers/postman/flutter-test-master/steering/riverpod-testing.md +0 -606
  133. package/mcp/powers/postman/flutter-test-master/steering/test-utilities.md +0 -566
  134. package/mcp/powers/postman/flutter-test-master/steering/unit-testing.md +0 -511
  135. package/mcp/powers/postman/flutter-test-master/steering/widget-testing.md +0 -601
  136. package/mcp/powers/postman/git-commit/POWER.md +0 -47
  137. package/mcp/powers/postman/git-commit/SKILL.md +0 -46
  138. package/mcp/powers/postman/gorouter-restoration/POWER.md +0 -227
  139. package/mcp/powers/postman/gorouter-restoration/SKILL.md +0 -217
  140. package/mcp/powers/postman/gorouter-restoration/steering/guard_patterns.md +0 -14
  141. package/mcp/powers/postman/gorouter-restoration/steering/tab_preservation.md +0 -12
  142. package/mcp/powers/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  143. package/mcp/powers/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  144. package/mcp/powers/postman/mcp.json +0 -11
  145. package/mcp/powers/postman/microservices-architect/POWER.md +0 -109
  146. package/mcp/powers/postman/microservices-architect/SKILL.md +0 -93
  147. package/mcp/powers/postman/microservices-architect/steering/communication.md +0 -499
  148. package/mcp/powers/postman/microservices-architect/steering/data.md +0 -721
  149. package/mcp/powers/postman/microservices-architect/steering/decomposition.md +0 -344
  150. package/mcp/powers/postman/microservices-architect/steering/observability.md +0 -805
  151. package/mcp/powers/postman/microservices-architect/steering/patterns.md +0 -603
  152. package/mcp/powers/postman/nestjs-expert/POWER.md +0 -130
  153. package/mcp/powers/postman/nestjs-expert/SKILL.md +0 -114
  154. package/mcp/powers/postman/nestjs-expert/steering/authentication.md +0 -461
  155. package/mcp/powers/postman/nestjs-expert/steering/controllers-routing.md +0 -114
  156. package/mcp/powers/postman/nestjs-expert/steering/dtos-validation.md +0 -156
  157. package/mcp/powers/postman/nestjs-expert/steering/migration-from-express.md +0 -1240
  158. package/mcp/powers/postman/nestjs-expert/steering/secure-sessions.md +0 -56
  159. package/mcp/powers/postman/nestjs-expert/steering/services-di.md +0 -143
  160. package/mcp/powers/postman/nestjs-expert/steering/strangler-fig-pattern.md +0 -47
  161. package/mcp/powers/postman/nestjs-expert/steering/testing-patterns.md +0 -189
  162. package/mcp/powers/postman/oneup-design/POWER.md +0 -72
  163. package/mcp/powers/postman/oneup-design/SKILL.md +0 -71
  164. package/mcp/powers/postman/oneup-design/steering/colors.md +0 -41
  165. package/mcp/powers/postman/oneup-design/steering/components.md +0 -53
  166. package/mcp/powers/postman/oneup-design/steering/spacing.md +0 -84
  167. package/mcp/powers/postman/openapi-docs/POWER.md +0 -78
  168. package/mcp/powers/postman/openapi-docs/SKILL.md +0 -68
  169. package/mcp/powers/postman/openapi-docs/steering/crud-templates.md +0 -43
  170. package/mcp/powers/postman/openapi-docs/steering/framework-express.md +0 -19
  171. package/mcp/powers/postman/openapi-docs/steering/framework-fastapi.md +0 -20
  172. package/mcp/powers/postman/openapi-docs/steering/framework-nestjs.md +0 -20
  173. package/mcp/powers/postman/openapi-docs/steering/framework-raw-openapi.md +0 -14
  174. package/mcp/powers/postman/openapi-docs/steering/openapi-checklist.md +0 -33
  175. package/mcp/powers/postman/openapi-docs/steering/stoplight-ui.md +0 -21
  176. package/mcp/powers/postman/steering/steering.md +0 -26
  177. package/mcp/powers/sentry-automation/POWER.md +0 -235
  178. package/mcp/powers/sentry-automation/SKILL.md +0 -232
  179. package/mcp/skills/atlassian-mcp/SKILL.md +0 -88
  180. package/mcp/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  181. package/mcp/skills/atlassian-mcp/references/common-workflows.md +0 -660
  182. package/mcp/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  183. package/mcp/skills/atlassian-mcp/references/jira-queries.md +0 -421
  184. package/mcp/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  185. package/mcp/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  186. package/mcp/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  187. package/mcp/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  188. package/mcp/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  189. package/mcp/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  190. package/mcp/skills/datadog-automation/SKILL.md +0 -235
  191. package/mcp/skills/github-automation/SKILL.md +0 -227
  192. package/mcp/skills/mcp-builder/LICENSE.txt +0 -202
  193. package/mcp/skills/mcp-builder/SKILL.md +0 -176
  194. package/mcp/skills/mcp-builder/reference/evaluation.md +0 -602
  195. package/mcp/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  196. package/mcp/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  197. package/mcp/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  198. package/mcp/skills/mcp-builder/scripts/connections.py +0 -151
  199. package/mcp/skills/mcp-builder/scripts/evaluation.py +0 -373
  200. package/mcp/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  201. package/mcp/skills/mcp-builder/scripts/requirements.txt +0 -2
  202. package/mcp/skills/mcp-developer/SKILL.md +0 -85
  203. package/mcp/skills/mcp-developer/references/protocol.md +0 -244
  204. package/mcp/skills/mcp-developer/references/python-sdk.md +0 -367
  205. package/mcp/skills/mcp-developer/references/resources.md +0 -554
  206. package/mcp/skills/mcp-developer/references/tools.md +0 -480
  207. package/mcp/skills/mcp-developer/references/typescript-sdk.md +0 -350
  208. package/mcp/skills/postman/POWER.md +0 -242
  209. package/mcp/skills/postman/SKILL.md +0 -240
  210. package/mcp/skills/postman/flutter-expert/POWER.md +0 -89
  211. package/mcp/skills/postman/flutter-expert/SKILL.md +0 -77
  212. package/mcp/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  213. package/mcp/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  214. package/mcp/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  215. package/mcp/skills/postman/flutter-expert/references/performance.md +0 -99
  216. package/mcp/skills/postman/flutter-expert/references/project-structure.md +0 -77
  217. package/mcp/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  218. package/mcp/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  219. package/mcp/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  220. package/mcp/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  221. package/mcp/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  222. package/mcp/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  223. package/mcp/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  224. package/mcp/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  225. package/mcp/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  226. package/mcp/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  227. package/mcp/skills/postman/flutter-test-master/POWER.md +0 -527
  228. package/mcp/skills/postman/flutter-test-master/SKILL.md +0 -513
  229. package/mcp/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  230. package/mcp/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  231. package/mcp/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  232. package/mcp/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  233. package/mcp/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  234. package/mcp/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  235. package/mcp/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  236. package/mcp/skills/postman/git-commit/POWER.md +0 -47
  237. package/mcp/skills/postman/git-commit/SKILL.md +0 -46
  238. package/mcp/skills/postman/gorouter-restoration/POWER.md +0 -227
  239. package/mcp/skills/postman/gorouter-restoration/SKILL.md +0 -217
  240. package/mcp/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  241. package/mcp/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  242. package/mcp/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  243. package/mcp/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  244. package/mcp/skills/postman/mcp.json +0 -11
  245. package/mcp/skills/postman/microservices-architect/POWER.md +0 -109
  246. package/mcp/skills/postman/microservices-architect/SKILL.md +0 -93
  247. package/mcp/skills/postman/microservices-architect/references/communication.md +0 -499
  248. package/mcp/skills/postman/microservices-architect/references/data.md +0 -721
  249. package/mcp/skills/postman/microservices-architect/references/decomposition.md +0 -344
  250. package/mcp/skills/postman/microservices-architect/references/observability.md +0 -805
  251. package/mcp/skills/postman/microservices-architect/references/patterns.md +0 -603
  252. package/mcp/skills/postman/nestjs-expert/POWER.md +0 -130
  253. package/mcp/skills/postman/nestjs-expert/SKILL.md +0 -114
  254. package/mcp/skills/postman/nestjs-expert/references/authentication.md +0 -461
  255. package/mcp/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  256. package/mcp/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  257. package/mcp/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  258. package/mcp/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  259. package/mcp/skills/postman/nestjs-expert/references/services-di.md +0 -143
  260. package/mcp/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  261. package/mcp/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  262. package/mcp/skills/postman/oneup-design/POWER.md +0 -72
  263. package/mcp/skills/postman/oneup-design/SKILL.md +0 -71
  264. package/mcp/skills/postman/oneup-design/references/colors.md +0 -41
  265. package/mcp/skills/postman/oneup-design/references/components.md +0 -53
  266. package/mcp/skills/postman/oneup-design/references/spacing.md +0 -84
  267. package/mcp/skills/postman/openapi-docs/POWER.md +0 -78
  268. package/mcp/skills/postman/openapi-docs/SKILL.md +0 -68
  269. package/mcp/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  270. package/mcp/skills/postman/openapi-docs/references/framework-express.md +0 -19
  271. package/mcp/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  272. package/mcp/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  273. package/mcp/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  274. package/mcp/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  275. package/mcp/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  276. package/mcp/skills/postman/references/steering.md +0 -26
  277. package/mcp/skills/sentry-automation/SKILL.md +0 -232
  278. package/workflows/powers/atlassian-mcp/POWER.md +0 -21
  279. package/workflows/powers/atlassian-mcp/SKILL.md +0 -18
  280. package/workflows/powers/building-mcp-server-on-cloudflare/POWER.md +0 -21
  281. package/workflows/powers/building-mcp-server-on-cloudflare/SKILL.md +0 -18
  282. package/workflows/powers/datadog-automation/POWER.md +0 -21
  283. package/workflows/powers/datadog-automation/SKILL.md +0 -18
  284. package/workflows/powers/github-automation/POWER.md +0 -21
  285. package/workflows/powers/github-automation/SKILL.md +0 -18
  286. package/workflows/powers/mcp-builder/POWER.md +0 -21
  287. package/workflows/powers/mcp-builder/SKILL.md +0 -18
  288. package/workflows/powers/mcp-developer/POWER.md +0 -21
  289. package/workflows/powers/mcp-developer/SKILL.md +0 -18
  290. package/workflows/powers/postman/POWER.md +0 -21
  291. package/workflows/powers/postman/SKILL.md +0 -18
  292. package/workflows/powers/sentry-automation/POWER.md +0 -21
  293. package/workflows/powers/sentry-automation/SKILL.md +0 -18
  294. package/workflows/skills/atlassian-mcp/SKILL.md +0 -18
  295. package/workflows/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -18
  296. package/workflows/skills/datadog-automation/SKILL.md +0 -18
  297. package/workflows/skills/github-automation/SKILL.md +0 -18
  298. package/workflows/skills/mcp-builder/SKILL.md +0 -18
  299. package/workflows/skills/mcp-developer/SKILL.md +0 -18
  300. package/workflows/skills/sentry-automation/SKILL.md +0 -18
  301. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/SKILL.md +0 -88
  302. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  303. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/common-workflows.md +0 -660
  304. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  305. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/jira-queries.md +0 -421
  306. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  307. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  308. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  309. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  310. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  311. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  312. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/datadog-automation/SKILL.md +0 -235
  313. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/github-automation/SKILL.md +0 -227
  314. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/LICENSE.txt +0 -202
  315. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/SKILL.md +0 -176
  316. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/evaluation.md +0 -602
  317. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  318. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  319. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  320. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/connections.py +0 -151
  321. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/evaluation.py +0 -373
  322. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  323. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-builder/scripts/requirements.txt +0 -2
  324. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/SKILL.md +0 -85
  325. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/protocol.md +0 -244
  326. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/python-sdk.md +0 -367
  327. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/resources.md +0 -554
  328. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/tools.md +0 -480
  329. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/mcp-developer/references/typescript-sdk.md +0 -350
  330. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/POWER.md +0 -242
  331. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/POWER.md +0 -89
  332. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/SKILL.md +0 -77
  333. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  334. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  335. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  336. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/performance.md +0 -99
  337. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/project-structure.md +0 -77
  338. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  339. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  340. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  341. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  342. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  343. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  344. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  345. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  346. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  347. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  348. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/POWER.md +0 -527
  349. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/SKILL.md +0 -513
  350. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  351. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  352. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  353. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  354. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  355. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  356. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  357. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/git-commit/POWER.md +0 -47
  358. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/git-commit/SKILL.md +0 -46
  359. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/POWER.md +0 -227
  360. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/SKILL.md +0 -217
  361. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  362. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  363. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  364. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  365. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/mcp.json +0 -11
  366. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/POWER.md +0 -109
  367. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/SKILL.md +0 -93
  368. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/communication.md +0 -499
  369. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/data.md +0 -721
  370. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/decomposition.md +0 -344
  371. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/observability.md +0 -805
  372. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/microservices-architect/references/patterns.md +0 -603
  373. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/POWER.md +0 -130
  374. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/SKILL.md +0 -114
  375. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/authentication.md +0 -461
  376. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  377. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  378. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  379. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  380. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/services-di.md +0 -143
  381. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  382. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  383. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/POWER.md +0 -72
  384. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/SKILL.md +0 -71
  385. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/references/colors.md +0 -41
  386. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/references/components.md +0 -53
  387. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/oneup-design/references/spacing.md +0 -84
  388. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/POWER.md +0 -78
  389. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/SKILL.md +0 -68
  390. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  391. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-express.md +0 -19
  392. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  393. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  394. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  395. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  396. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  397. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/postman/references/steering.md +0 -26
  398. package/workflows/workflows/agent-environment-setup/platforms/copilot/skills/sentry-automation/SKILL.md +0 -232
  399. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/SKILL.md +0 -88
  400. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  401. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/common-workflows.md +0 -660
  402. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  403. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/jira-queries.md +0 -421
  404. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  405. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  406. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  407. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  408. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  409. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  410. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/datadog-automation/SKILL.md +0 -235
  411. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/github-automation/SKILL.md +0 -227
  412. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/LICENSE.txt +0 -202
  413. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/SKILL.md +0 -176
  414. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/evaluation.md +0 -602
  415. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  416. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  417. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  418. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/connections.py +0 -151
  419. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/evaluation.py +0 -373
  420. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  421. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-builder/scripts/requirements.txt +0 -2
  422. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/SKILL.md +0 -85
  423. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/protocol.md +0 -244
  424. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/python-sdk.md +0 -367
  425. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/resources.md +0 -554
  426. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/tools.md +0 -480
  427. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/mcp-developer/references/typescript-sdk.md +0 -350
  428. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/POWER.md +0 -242
  429. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/POWER.md +0 -89
  430. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/SKILL.md +0 -77
  431. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  432. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  433. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  434. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/performance.md +0 -99
  435. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/project-structure.md +0 -77
  436. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  437. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  438. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  439. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  440. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  441. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  442. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  443. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  444. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  445. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  446. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/POWER.md +0 -527
  447. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/SKILL.md +0 -513
  448. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  449. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  450. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  451. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  452. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  453. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  454. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  455. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/git-commit/POWER.md +0 -47
  456. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/git-commit/SKILL.md +0 -46
  457. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/POWER.md +0 -227
  458. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/SKILL.md +0 -217
  459. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  460. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  461. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  462. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  463. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/mcp.json +0 -11
  464. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/POWER.md +0 -109
  465. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/SKILL.md +0 -93
  466. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/communication.md +0 -499
  467. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/data.md +0 -721
  468. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/decomposition.md +0 -344
  469. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/observability.md +0 -805
  470. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/microservices-architect/references/patterns.md +0 -603
  471. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/POWER.md +0 -130
  472. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/SKILL.md +0 -114
  473. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/authentication.md +0 -461
  474. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  475. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  476. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  477. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  478. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/services-di.md +0 -143
  479. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  480. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  481. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/POWER.md +0 -72
  482. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/SKILL.md +0 -71
  483. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/references/colors.md +0 -41
  484. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/references/components.md +0 -53
  485. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/oneup-design/references/spacing.md +0 -84
  486. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/POWER.md +0 -78
  487. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/SKILL.md +0 -68
  488. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  489. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-express.md +0 -19
  490. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  491. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  492. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  493. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  494. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  495. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/postman/references/steering.md +0 -26
  496. package/workflows/workflows/agent-environment-setup/platforms/cursor/skills/sentry-automation/SKILL.md +0 -232
  497. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/SKILL.md +0 -88
  498. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/authentication-patterns.md +0 -520
  499. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/common-workflows.md +0 -660
  500. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/confluence-operations.md +0 -528
  501. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/jira-queries.md +0 -421
  502. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/atlassian-mcp/references/mcp-server-setup.md +0 -292
  503. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/SKILL.md +0 -258
  504. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/examples.md +0 -115
  505. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/oauth-setup.md +0 -338
  506. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/tool-patterns.md +0 -29
  507. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/building-mcp-server-on-cloudflare/references/troubleshooting.md +0 -317
  508. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/datadog-automation/SKILL.md +0 -235
  509. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/github-automation/SKILL.md +0 -227
  510. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/LICENSE.txt +0 -202
  511. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/SKILL.md +0 -176
  512. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/evaluation.md +0 -602
  513. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/mcp_best_practices.md +0 -915
  514. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/node_mcp_server.md +0 -916
  515. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/reference/python_mcp_server.md +0 -752
  516. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/connections.py +0 -151
  517. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/evaluation.py +0 -373
  518. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/example_evaluation.xml +0 -22
  519. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-builder/scripts/requirements.txt +0 -2
  520. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/SKILL.md +0 -85
  521. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/protocol.md +0 -244
  522. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/python-sdk.md +0 -367
  523. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/resources.md +0 -554
  524. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/tools.md +0 -480
  525. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/mcp-developer/references/typescript-sdk.md +0 -350
  526. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/POWER.md +0 -242
  527. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/POWER.md +0 -89
  528. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/SKILL.md +0 -77
  529. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/bloc-state.md +0 -259
  530. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/engineering-principles.md +0 -82
  531. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/gorouter-navigation.md +0 -157
  532. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/performance.md +0 -99
  533. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/project-structure.md +0 -77
  534. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/riverpod-state.md +0 -404
  535. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-expert/references/widget-patterns.md +0 -123
  536. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/POWER.md +0 -204
  537. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/SKILL.md +0 -180
  538. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/log_redaction.md +0 -17
  539. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/network_hardening.md +0 -13
  540. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/secret-scanning.md +0 -123
  541. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/secure_storage_policy.md +0 -16
  542. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/references/vulnerability-patterns.md +0 -189
  543. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-security-reviewer/templates/security_review_response.md +0 -31
  544. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/POWER.md +0 -527
  545. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/SKILL.md +0 -513
  546. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/golden-testing.md +0 -444
  547. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/integration-testing.md +0 -688
  548. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/property-testing.md +0 -408
  549. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/riverpod-testing.md +0 -606
  550. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/test-utilities.md +0 -566
  551. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/unit-testing.md +0 -511
  552. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/flutter-test-master/references/widget-testing.md +0 -601
  553. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/git-commit/POWER.md +0 -47
  554. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/git-commit/SKILL.md +0 -46
  555. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/POWER.md +0 -227
  556. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/SKILL.md +0 -217
  557. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/references/guard_patterns.md +0 -14
  558. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/references/tab_preservation.md +0 -12
  559. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/templates/guard_redirect.md +0 -30
  560. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/gorouter-restoration/templates/stateful_shell_skeleton.md +0 -40
  561. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/mcp.json +0 -11
  562. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/POWER.md +0 -109
  563. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/SKILL.md +0 -93
  564. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/communication.md +0 -499
  565. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/data.md +0 -721
  566. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/decomposition.md +0 -344
  567. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/observability.md +0 -805
  568. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/microservices-architect/references/patterns.md +0 -603
  569. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/POWER.md +0 -130
  570. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/SKILL.md +0 -114
  571. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/authentication.md +0 -461
  572. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/controllers-routing.md +0 -114
  573. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/dtos-validation.md +0 -156
  574. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/migration-from-express.md +0 -1240
  575. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/secure-sessions.md +0 -56
  576. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/services-di.md +0 -143
  577. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/strangler-fig-pattern.md +0 -47
  578. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/nestjs-expert/references/testing-patterns.md +0 -189
  579. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/POWER.md +0 -72
  580. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/SKILL.md +0 -71
  581. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/references/colors.md +0 -41
  582. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/references/components.md +0 -53
  583. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/oneup-design/references/spacing.md +0 -84
  584. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/POWER.md +0 -78
  585. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/SKILL.md +0 -68
  586. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/crud-templates.md +0 -43
  587. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-express.md +0 -19
  588. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-fastapi.md +0 -20
  589. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-nestjs.md +0 -20
  590. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/framework-raw-openapi.md +0 -14
  591. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/openapi-checklist.md +0 -33
  592. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/openapi-docs/references/stoplight-ui.md +0 -21
  593. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/postman/references/steering.md +0 -26
  594. package/workflows/workflows/agent-environment-setup/platforms/windsurf/skills/sentry-automation/SKILL.md +0 -232
package/mcp/powers/postman/flutter-security-reviewer/SKILL.md DELETED
@@ -1,180 +0,0 @@
1
- ---
2
- name: "flutter-security-reviewer"
3
- description: "Review Flutter/Dart code for security vulnerabilities: secure storage, network hardening, log redaction, and data protection"
4
- ---
5
-
6
-
7
- # Flutter/Dart Security Reviewer
8
-
9
- ## Overview
10
-
11
- This power helps you identify and fix security vulnerabilities in mobile and web applications, focusing on secure storage, network hardening, log redaction, and sensitive data handling.
12
-
13
- ## When to Use
14
-
15
- - Reviewing code that handles authentication tokens
16
- - Implementing secure storage for sensitive data
17
- - Adding logging/analytics that might expose PII
18
- - Reviewing network requests for security issues
19
- - Implementing biometric authentication
20
- - Handling user passwords or credentials
21
- - Processing payment information
22
- - Storing user preferences that contain sensitive data
23
- - Implementing session management
24
- - Any code that touches user data
25
-
26
- ## Review Output Format
27
-
28
- When reviewing, output exactly:
29
-
30
- 1. **Threat summary** (what could go wrong; 3-6 bullets)
31
- 2. **Findings** grouped by severity (CRITICAL/HIGH/MED/LOW)
32
- 3. **Concrete mitigations** (specific code-level steps)
33
- 4. **Security regression tests/checks** (what to verify)
34
- 5. **Logging & privacy audit** (PII, tokens, crash reports)
35
-
36
- ## Severity Definitions
37
-
38
- - **CRITICAL**: Token/session compromise, auth bypass, remote code/data exposure, storing secrets insecurely, PII leakage
39
- - **HIGH**: Weak access control, insecure defaults, sensitive data in logs, missing TLS assumptions
40
- - **MED**: Hardening gaps (timeouts, retry abuse, overly broad permissions)
41
- - **LOW**: Best-practice improvements
42
-
43
-
44
- ## 1) Authentication & Session Security
45
-
46
- ### Tokens
47
-
48
- **CRITICAL:**
49
- - Tokens in logs, analytics events, crash reports
50
- - Tokens stored in plain SharedPreferences without justification
51
-
52
- **Recommendations:**
53
- - Prefer secure storage for tokens (platform-backed) where possible
54
- - If SharedPreferences must be used, ensure:
55
- - Short-lived access tokens + refresh tokens handled carefully
56
- - Minimal token surface; never log
57
-
58
- ### Route Guards
59
- - Ensure router guards cannot be bypassed by deep links
60
- - Guard decisions must use authoritative session provider state
61
- - Avoid redirect loops (secure + usability)
62
-
63
-
64
- ## 2) Network Security
65
-
66
- ### Checklist
67
- - [ ] Use HTTPS in UAT/Prod baseUrl
68
- - [ ] Reasonable timeouts (connect/receive)
69
- - [ ] Avoid disabling cert validation
70
- - [ ] Do not accept all certs in production
71
- - [ ] Interceptors must not log sensitive headers or body fields
72
-
73
- ### Retry Policy
74
- - Avoid retrying non-idempotent requests unless safe
75
- - Backoff + max attempts
76
-
77
- ### Device ↔ Gateway Security
78
- - Prefer server-side validation and proper auth
79
- - Never "security-by-obscurity" headers
80
-
81
-
82
- ## 3) Local Data Protection
83
-
84
- **CRITICAL:**
85
- - Storing PII or tokens unencrypted without threat model
86
-
87
- **Guidance:**
88
- - Store only what's needed offline
89
- - Encrypt sensitive cached blobs if possible, or avoid caching them
90
- - Apply TTL to cached session/profile data
91
- - Clear data on logout
92
-
93
-
94
- ## 4) Input Validation & Injection Safety
95
-
96
- - [ ] Validate all user inputs before sending to API
97
- - [ ] Avoid string interpolation for SQL queries: use parameters
98
- - [ ] Avoid trusting client-only checks (roles, orgId); server must enforce
99
-
100
-
101
- ## 5) Privacy, Logging, Analytics
102
-
103
- **CRITICAL:**
104
- - PII in logs (`name`, `phone`, `location`, identifiers)
105
- - Tokens/headers in logs
106
- - Crashlytics sending PII
107
-
108
- **Guidance:**
109
- - Redact: Authorization headers, cookies, IDs if sensitive
110
- - Provide `toSafeLog()` helpers
111
- - Ensure debug logging is disabled/limited in release builds
112
-
113
-
114
- ## 6) Dependency & Supply Chain Hygiene
115
-
116
- - [ ] Check new packages are reputable and maintained
117
- - [ ] Avoid adding packages that request broad permissions without need
118
- - [ ] Pin versions as appropriate; review changelogs for security fixes
119
-
120
-
121
- ## 7) Security Review Checklist for PRs
122
-
123
- ### Always Search For
124
- - `print(`, `debugPrint(`, logging interceptors
125
- - `Authorization`, `token`, `refresh`, `secret`, `apiKey`
126
- - `badCertificateCallback`, `HttpClient` overrides
127
- - Persistent storage of user/session data
128
-
129
- ### Enforce
130
- - [ ] No secrets in repo
131
- - [ ] No insecure network overrides in production
132
- - [ ] Logout clears sensitive local data
133
- - [ ] Access control enforced server-side (don't trust client role/org headers alone)
134
-
135
-
136
- ## Quick Reference
137
-
138
- ### Secure Storage (DO)
139
-
140
- ```dart
141
- // ✅ Use flutter_secure_storage for tokens
142
- final storage = FlutterSecureStorage();
143
- await storage.write(key: 'auth_token', value: token);
144
- ```
145
-
146
- ### Secure Storage (DON'T)
147
-
148
- ```dart
149
- // ❌ Never store tokens in SharedPreferences
150
- final prefs = await SharedPreferences.getInstance();
151
- prefs.setString('auth_token', token); // INSECURE!
152
-
153
- // ❌ Never hardcode secrets
154
- const apiKey = 'sk_live_abc123'; // NEVER DO THIS
155
- ```
156
-
157
- ### Log Redaction
158
-
159
- ```dart
160
- // ❌ Bad - logs sensitive data
161
- logger.info('User login: ${user.email}, password: ${password}');
162
-
163
- // ✅ Good - no sensitive data in logs
164
- logger.info('User login successful: userId=${user.id}');
165
- ```
166
-
167
-
168
- ## Steering Files
169
-
170
- | File | Load When |
171
- | --------------------------- | -------------------------------------- |
172
- | `secure_storage_policy.md` | What to store where |
173
- | `network_hardening.md` | Network security best practices |
174
- | `log_redaction.md` | How to redact sensitive data from logs |
175
- | `vulnerability-patterns.md` | SQL injection, XSS, IDOR patterns |
176
- | `secret-scanning.md` | Finding hardcoded secrets |
177
-
178
- ## Templates
179
-
180
- - `security_review_response.md` - Security review report template
package/mcp/powers/postman/flutter-security-reviewer/steering/log_redaction.md DELETED
@@ -1,17 +0,0 @@
1
- # Logging redaction policy
2
-
3
- ## Never log
4
- - Authorization headers
5
- - Cookies
6
- - refresh/access tokens
7
- - passwords/OTP codes
8
- - full request/response bodies containing PII
9
-
10
- ## Recommended
11
- - Log request method + path + status code
12
- - Log timing and correlation ids
13
- - Redact sensitive fields:
14
-
15
- Example (pseudo):
16
- - headers: replace Authorization with "***"
17
- - body: replace keys like token/password with "***"
package/mcp/powers/postman/flutter-security-reviewer/steering/network_hardening.md DELETED
@@ -1,13 +0,0 @@
1
- # Network hardening (Dio)
2
-
3
- Checklist:
4
- - HTTPS only for UAT/Prod
5
- - Timeouts configured
6
- - Interceptors do not leak sensitive info
7
- - No `badCertificateCallback` in release
8
- - Use request IDs/transaction hashes for tracing (non-secret)
9
-
10
- Retry policy:
11
- - idempotent requests only (GET)
12
- - exponential backoff
13
- - cap attempts
package/mcp/powers/postman/flutter-security-reviewer/steering/secret-scanning.md DELETED
@@ -1,123 +0,0 @@
1
- # Secret Scanning
2
-
3
- > Reference for: Security Reviewer
4
- > Load when: Scanning for hardcoded secrets
5
-
6
- ## Manual Grep Patterns
7
-
8
- ```bash
9
- # Common secret patterns
10
- grep -rn "api_key\|apikey\|api-key" --include="*.dart" .
11
- grep -rn "secret\|password\|passwd" --include="*.dart" .
12
- grep -rn "private_key\|privatekey" --include="*.dart" .
13
- grep -rn "access_token\|accesstoken" --include="*.dart" .
14
-
15
- # Firebase/Google
16
- grep -rn "AIza[0-9A-Za-z_-]{35}" .
17
- grep -rn "firebase" --include="*.dart" .
18
-
19
- # AWS credentials
20
- grep -rn "AKIA[0-9A-Z]{16}" .
21
- grep -rn "aws_secret_access_key" .
22
-
23
- # Base64 encoded (potential secrets)
24
- grep -rn "[A-Za-z0-9+/]{40,}=" .
25
-
26
- # JWT tokens
27
- grep -rn "eyJ[A-Za-z0-9_-]*\.eyJ[A-Za-z0-9_-]*\." .
28
- ```
29
-
30
- ## Common Secret Patterns
31
-
32
- | Type | Pattern | Example |
33
- | ----------------- | -------------------------------- | -------------------------- |
34
- | AWS Access Key | `AKIA[0-9A-Z]{16}` | AKIAIOSFODNN7EXAMPLE |
35
- | AWS Secret Key | 40 char base64 | wJalrXUtnFEMI/K7MDENG... |
36
- | Firebase API Key | `AIza[0-9A-Za-z_-]{35}` | AIzaSyC... |
37
- | GitHub Token | `ghp_[A-Za-z0-9]{36}` | ghp_xxxxxxxxxxxx |
38
- | Slack Token | `xox[baprs]-` | xoxb-xxx-xxx |
39
- | Stripe Key | `sk_live_[A-Za-z0-9]{24}` | sk_live_xxxx |
40
- | Private Key | `-----BEGIN.*PRIVATE KEY-----` | RSA/EC keys |
41
- | JWT | `eyJ[A-Za-z0-9_-]*\.eyJ` | Encoded tokens |
42
-
43
- ## Flutter-Specific Locations to Check
44
-
45
- ```bash
46
- # Check these files for hardcoded secrets
47
- lib/core/config/
48
- lib/firebase_options.dart
49
- android/app/google-services.json
50
- ios/Runner/GoogleService-Info.plist
51
- .env files
52
- pubspec.yaml (sometimes contains keys)
53
- ```
54
-
55
- ## What to Look For
56
-
57
- ### Hardcoded API Keys
58
- ```dart
59
- // BAD - Hardcoded
60
- const apiKey = 'sk_live_abc123xyz';
61
- const firebaseKey = 'AIzaSyC...';
62
-
63
- // GOOD - Environment variable or secure storage
64
- final apiKey = const String.fromEnvironment('API_KEY');
65
- final apiKey = await secureStorage.read(key: 'api_key');
66
- ```
67
-
68
- ### Hardcoded URLs with Credentials
69
- ```dart
70
- // BAD
71
- const dbUrl = 'postgres://user:password@host:5432/db';
72
-
73
- // GOOD
74
- final dbUrl = const String.fromEnvironment('DATABASE_URL');
75
- ```
76
-
77
- ### Debug/Test Credentials
78
- ```dart
79
- // BAD - Test credentials in production code
80
- const testUser = 'admin';
81
- const testPassword = 'admin123';
82
-
83
- // GOOD - Only in test files, never committed
84
- // Use environment variables or test fixtures
85
- ```
86
-
87
- ## Remediation Steps
88
-
89
- 1. **Rotate immediately** - Consider secret compromised
90
- 2. **Remove from code** - Replace with environment variable
91
- 3. **Remove from git history** - Use BFG or git filter-branch
92
- 4. **Add to .gitignore** - Prevent future commits
93
- 5. **Use secure storage** - flutter_secure_storage for runtime secrets
94
- 6. **Use --dart-define** - For build-time configuration
95
-
96
- ```bash
97
- # Build with environment variables
98
- flutter build apk --dart-define=API_KEY=$API_KEY
99
-
100
- # Access in code
101
- const apiKey = String.fromEnvironment('API_KEY');
102
- ```
103
-
104
- ## Pre-commit Prevention
105
-
106
- ```yaml
107
- # .pre-commit-config.yaml
108
- repos:
109
- - repo: https://github.com/gitleaks/gitleaks
110
- rev: v8.18.0
111
- hooks:
112
- - id: gitleaks
113
- ```
114
-
115
- ## Quick Reference
116
-
117
- | Location | Risk Level | Action |
118
- | --------------------------- | ---------- | --------------------------- |
119
- | Source code (.dart) | Critical | Remove, use env vars |
120
- | Config files | High | Move to .gitignore |
121
- | Git history | Critical | Rewrite history |
122
- | Build artifacts | Medium | Ensure not committed |
123
- | Comments/TODOs | Medium | Remove sensitive info |
package/mcp/powers/postman/flutter-security-reviewer/steering/secure_storage_policy.md DELETED
@@ -1,16 +0,0 @@
1
- # Secure storage policy (mobile)
2
-
3
- ## Token storage
4
- Preferred:
5
- - Platform-backed secure storage for auth tokens
6
-
7
- If you must use SharedPreferences:
8
- - access tokens should be short-lived
9
- - never store refresh token unless encrypted/secured
10
- - clear all tokens on logout
11
- - guard against backup/restore exposures where relevant
12
-
13
- ## Cached user/profile data
14
- - Apply TTL
15
- - Avoid caching sensitive PII unless required for offline
16
- - Clear per-organization/user on logout or org switch
package/mcp/powers/postman/flutter-security-reviewer/steering/vulnerability-patterns.md DELETED
@@ -1,189 +0,0 @@
1
- # Vulnerability Patterns
2
-
3
- > Reference for: Security Reviewer
4
- > Load when: Manual security code review
5
-
6
- ## SQL/NoSQL Injection
7
-
8
- ```dart
9
- // VULNERABLE - String interpolation
10
- final query = "SELECT * FROM users WHERE id = $userId";
11
-
12
- // SECURE - Parameterized queries (Sqflite)
13
- final result = await db.query(
14
- 'users',
15
- where: 'id = ?',
16
- whereArgs: [userId],
17
- );
18
-
19
- // SECURE - ORM (Isar)
20
- final user = await isar.users.filter().idEqualTo(userId).findFirst();
21
- ```
22
-
23
- ## Path Traversal
24
-
25
- ```dart
26
- // VULNERABLE
27
- final file = File('$uploadDir/${request.filename}');
28
-
29
- // SECURE - Validate and normalize
30
- final filename = path.basename(request.filename);
31
- final file = File(path.join(uploadDir, filename));
32
-
33
- // Verify path is within allowed directory
34
- if (!file.path.startsWith(path.canonicalize(uploadDir))) {
35
- throw SecurityException('Invalid path');
36
- }
37
- ```
38
-
39
- ## Insecure Direct Object Reference (IDOR)
40
-
41
- ```dart
42
- // VULNERABLE - No authorization check
43
- Future<Document> getDocument(String docId) async {
44
- return await documentRepository.findById(docId);
45
- }
46
-
47
- // SECURE - Verify ownership
48
- Future<Document> getDocument(String docId, String userId) async {
49
- final doc = await documentRepository.findById(docId);
50
- if (doc.ownerId != userId) {
51
- throw UnauthorizedException('Access denied');
52
- }
53
- return doc;
54
- }
55
- ```
56
-
57
- ## Sensitive Data Exposure
58
-
59
- ```dart
60
- // VULNERABLE - Logging sensitive data
61
- logger.info('User login: email=$email, password=$password');
62
- logger.debug('Token: $authToken');
63
-
64
- // SECURE - Redact sensitive fields
65
- logger.info('User login: email=$email');
66
- logger.debug('Token: [REDACTED]');
67
-
68
- // VULNERABLE - Error response exposes internals
69
- return Response.error(exception.stackTrace.toString());
70
-
71
- // SECURE - Generic error
72
- return Response.error('An error occurred');
73
- ```
74
-
75
- ## Insecure Storage
76
-
77
- ```dart
78
- // VULNERABLE - Plain SharedPreferences for tokens
79
- final prefs = await SharedPreferences.getInstance();
80
- await prefs.setString('auth_token', token);
81
-
82
- // SECURE - Use flutter_secure_storage
83
- final storage = FlutterSecureStorage();
84
- await storage.write(key: 'auth_token', value: token);
85
-
86
- // VULNERABLE - Unencrypted Isar for sensitive data
87
- final isar = await Isar.open([UserSchema]);
88
-
89
- // SECURE - Encrypted Isar
90
- final isar = await Isar.open(
91
- [UserSchema],
92
- encryptionKey: encryptionKey,
93
- );
94
- ```
95
-
96
- ## Authentication Bypass
97
-
98
- ```dart
99
- // VULNERABLE - Client-side only check
100
- if (user.role == 'admin') {
101
- showAdminPanel();
102
- }
103
-
104
- // SECURE - Server validates, client just displays
105
- // Server: verify role in JWT/session before returning admin data
106
- // Client: display based on server response
107
-
108
- // VULNERABLE - Trusting client headers
109
- final orgId = request.headers['X-Org-Id'];
110
-
111
- // SECURE - Derive from authenticated session
112
- final orgId = authenticatedUser.organizationId;
113
- ```
114
-
115
- ## Session Management Issues
116
-
117
- ```dart
118
- // VULNERABLE - No session timeout
119
- // Token never expires
120
-
121
- // SECURE - Short-lived access tokens + refresh
122
- final accessToken = jwt.sign(
123
- payload,
124
- secret,
125
- expiresIn: Duration(minutes: 15),
126
- );
127
-
128
- // VULNERABLE - Session not cleared on logout
129
- Future<void> logout() async {
130
- // Just navigate away
131
- context.go('/login');
132
- }
133
-
134
- // SECURE - Clear all sensitive data
135
- Future<void> logout() async {
136
- await secureStorage.deleteAll();
137
- await isar.writeTxn(() => isar.clear());
138
- ref.invalidate(sessionProvider);
139
- context.go('/login');
140
- }
141
- ```
142
-
143
- ## Deep Link Security
144
-
145
- ```dart
146
- // VULNERABLE - No auth check on deep link
147
- GoRoute(
148
- path: '/document/:id',
149
- builder: (context, state) => DocumentView(id: state.params['id']!),
150
- )
151
-
152
- // SECURE - Guard protects deep links
153
- GoRoute(
154
- path: '/document/:id',
155
- redirect: (context, state) {
156
- if (!isAuthenticated) return '/login?redirect=${state.uri}';
157
- return null;
158
- },
159
- builder: (context, state) => DocumentView(id: state.params['id']!),
160
- )
161
- ```
162
-
163
- ## Quick Reference
164
-
165
- | Vulnerability | Input Vector | Prevention |
166
- | ----------------- | --------------- | ----------------------------- |
167
- | SQL Injection | Query params | Parameterized queries |
168
- | Path Traversal | File paths | path.basename + validation |
169
- | IDOR | Resource IDs | Authorization checks |
170
- | Data Exposure | Logs, errors | Redaction, generic errors |
171
- | Insecure Storage | Local storage | flutter_secure_storage |
172
- | Auth Bypass | Client checks | Server-side validation |
173
- | Session Issues | Token handling | Short TTL, proper logout |
174
- | Deep Link Bypass | URL schemes | Route guards |
175
-
176
- ## OWASP Mobile Top 10 Mapping
177
-
178
- | OWASP Mobile | Vulnerabilities |
179
- | ------------------------- | ---------------------------------- |
180
- | M1 Improper Platform Use | Insecure storage, deep link bypass |
181
- | M2 Insecure Data Storage | SharedPreferences for tokens |
182
- | M3 Insecure Communication | HTTP, no cert pinning |
183
- | M4 Insecure Authentication| Weak session, no timeout |
184
- | M5 Insufficient Crypto | Weak encryption, hardcoded keys |
185
- | M6 Insecure Authorization | IDOR, client-side checks |
186
- | M7 Client Code Quality | Injection, path traversal |
187
- | M8 Code Tampering | No integrity checks |
188
- | M9 Reverse Engineering | Hardcoded secrets |
189
- | M10 Extraneous Functionality | Debug endpoints, test data |
package/mcp/powers/postman/flutter-security-reviewer/templates/security_review_response.md DELETED
@@ -1,31 +0,0 @@
1
- # Security Review (OneUp HR)
2
-
3
- ## Threat summary
4
- - ...
5
-
6
- ## Findings
7
-
8
- ### CRITICAL
9
- - **...**
10
- - Risk:
11
- - Evidence:
12
- - Fix:
13
-
14
- ### HIGH
15
- - ...
16
-
17
- ### MED
18
- - ...
19
-
20
- ### LOW
21
- - ...
22
-
23
- ## Concrete mitigations
24
- 1) ...
25
- 2) ...
26
-
27
- ## Security regression checks
28
- - [ ] ...
29
-
30
- ## Logging & privacy audit
31
- - ...