@gong-ym/ai-spec-auto 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (640) hide show
  1. package/.agents/commands/README.md +33 -0
  2. package/.agents/commands/claude/spec-start-review.md +88 -0
  3. package/.agents/commands/codex/spec-continue.md +74 -0
  4. package/.agents/commands/codex/spec-orchestrate.md +35 -0
  5. package/.agents/commands/codex/spec-start-review.md +88 -0
  6. package/.agents/commands/codex/spec-start.md +67 -0
  7. package/.agents/commands/codex/spec-status.md +22 -0
  8. package/.agents/commands/codex/spec-stop.md +29 -0
  9. package/.agents/commands/codex/spec-update.md +40 -0
  10. package/.agents/commands/common/branch-review.md +117 -0
  11. package/.agents/commands/common/project-init.md +25 -0
  12. package/.agents/commands/common/spec-continue.md +74 -0
  13. package/.agents/commands/common/spec-orchestrate.md +35 -0
  14. package/.agents/commands/common/spec-start-review.md +82 -0
  15. package/.agents/commands/common/spec-start.md +67 -0
  16. package/.agents/commands/common/spec-status.md +22 -0
  17. package/.agents/commands/common/spec-stop.md +29 -0
  18. package/.agents/commands/common/spec-update.md +40 -0
  19. package/.agents/commands/cursor/opsx-apply.md +55 -0
  20. package/.agents/commands/cursor/opsx-archive.md +48 -0
  21. package/.agents/commands/cursor/opsx-explore.md +45 -0
  22. package/.agents/commands/cursor/opsx-propose.md +59 -0
  23. package/.agents/commands/cursor/spec-continue.md +63 -0
  24. package/.agents/commands/cursor/spec-orchestrate.md +53 -0
  25. package/.agents/commands/cursor/spec-start-review.md +78 -0
  26. package/.agents/commands/cursor/spec-start.md +59 -0
  27. package/.agents/commands/cursor/spec-status.md +30 -0
  28. package/.agents/commands/cursor/spec-stop.md +29 -0
  29. package/.agents/commands/cursor/spec-update.md +41 -0
  30. package/.agents/flows/FRONTMATTER.md +263 -0
  31. package/.agents/flows/RUN_OUTPUT.md +263 -0
  32. package/.agents/flows/common/README.md +29 -0
  33. package/.agents/flows/common/bugfix-to-verification.md +95 -0
  34. package/.agents/flows/common/change-to-architecture-review.md +89 -0
  35. package/.agents/flows/common/change-to-release.md +94 -0
  36. package/.agents/flows/common/prd-to-delivery.md +184 -0
  37. package/.agents/flows/common/requirement-to-observability.md +97 -0
  38. package/.agents/orchestration/README.md +22 -0
  39. package/.agents/orchestration/expert-dispatch-spec.md +155 -0
  40. package/.agents/orchestration/expert-executor-spec.md +84 -0
  41. package/.agents/orchestration/expert-runtime-action-spec.md +73 -0
  42. package/.agents/orchestration/runtime-state-handoff-spec.md +264 -0
  43. package/.agents/orchestration/task-anchor-spec.md +212 -0
  44. package/.agents/orchestration/task-orchestrator-adapter-payload.md +153 -0
  45. package/.agents/orchestration/task-orchestrator-bootstrap-payload.md +145 -0
  46. package/.agents/orchestration/task-orchestrator-output-extractor-spec.md +93 -0
  47. package/.agents/orchestration/task-orchestrator-run-plan-template.md +312 -0
  48. package/.agents/orchestration/task-orchestrator-runtime-hooks.md +214 -0
  49. package/.agents/registry/README.md +63 -0
  50. package/.agents/registry/flows.json +125 -0
  51. package/.agents/registry/profiles.json +101 -0
  52. package/.agents/registry/roles.json +1266 -0
  53. package/.agents/registry/rules.json +148 -0
  54. package/.agents/registry/scenario-packages.json +123 -0
  55. package/.agents/registry/skills.json +130 -0
  56. package/.agents/roles/INDEX.md +346 -0
  57. package/.agents/roles/common/README.md +76 -0
  58. package/.agents/roles/common/archive-change.md +80 -0
  59. package/.agents/roles/common/backend-implementer.md +92 -0
  60. package/.agents/roles/common/code-guardian.md +151 -0
  61. package/.agents/roles/common/frontend-implementer.md +146 -0
  62. package/.agents/roles/common/requirement-analyst.md +138 -0
  63. package/.agents/roles/common/task-orchestrator-routing.md +301 -0
  64. package/.agents/roles/common/task-orchestrator.md +224 -0
  65. package/.agents/roles/common/tooling-implementer.md +92 -0
  66. package/.agents/roles/domains/README.md +35 -0
  67. package/.agents/roles/domains/delivery/README.md +11 -0
  68. package/.agents/roles/domains/delivery/container-specialist.md +50 -0
  69. package/.agents/roles/domains/delivery/deployment-specialist.md +50 -0
  70. package/.agents/roles/domains/delivery/pipeline-specialist.md +50 -0
  71. package/.agents/roles/domains/demand-design/README.md +16 -0
  72. package/.agents/roles/domains/demand-design/api-contract-specialist.md +52 -0
  73. package/.agents/roles/domains/demand-design/design-collaborator.md +58 -0
  74. package/.agents/roles/domains/documentation/README.md +11 -0
  75. package/.agents/roles/domains/documentation/api-doc-specialist.md +50 -0
  76. package/.agents/roles/domains/documentation/component-doc-specialist.md +49 -0
  77. package/.agents/roles/domains/documentation/technical-writing-specialist.md +48 -0
  78. package/.agents/roles/domains/engineering/README.md +17 -0
  79. package/.agents/roles/domains/engineering/architecture-advisor.md +53 -0
  80. package/.agents/roles/domains/engineering/build-specialist.md +51 -0
  81. package/.agents/roles/domains/engineering/dependency-governor.md +52 -0
  82. package/.agents/roles/domains/governance/README.md +17 -0
  83. package/.agents/roles/domains/governance/api-governance-specialist.md +51 -0
  84. package/.agents/roles/domains/governance/lint-policy-specialist.md +49 -0
  85. package/.agents/roles/domains/governance/route-governance-specialist.md +52 -0
  86. package/.agents/roles/domains/observability/README.md +11 -0
  87. package/.agents/roles/domains/observability/error-tracker.md +50 -0
  88. package/.agents/roles/domains/observability/event-instrumentation-specialist.md +51 -0
  89. package/.agents/roles/domains/observability/rum-analyst.md +50 -0
  90. package/.agents/roles/domains/performance/README.md +11 -0
  91. package/.agents/roles/domains/performance/asset-optimizer.md +50 -0
  92. package/.agents/roles/domains/performance/performance-auditor.md +56 -0
  93. package/.agents/roles/domains/performance/vitals-analyst.md +50 -0
  94. package/.agents/roles/domains/security-a11y/README.md +11 -0
  95. package/.agents/roles/domains/security-a11y/a11y-auditor.md +50 -0
  96. package/.agents/roles/domains/security-a11y/aria-specialist.md +51 -0
  97. package/.agents/roles/domains/security-a11y/security-reviewer.md +49 -0
  98. package/.agents/roles/domains/testing/README.md +12 -0
  99. package/.agents/roles/domains/testing/coverage-analyst.md +50 -0
  100. package/.agents/roles/domains/testing/e2e-test-specialist.md +51 -0
  101. package/.agents/roles/domains/testing/unit-test-specialist.md +56 -0
  102. package/.agents/roles/domains/testing/verification-reviewer.md +67 -0
  103. package/.agents/rules/README.md +87 -0
  104. package/.agents/rules/common/02-/347/274/226/347/240/201/350/247/204/350/214/203.md +45 -0
  105. package/.agents/rules/common/08-/351/200/232/347/224/250/347/272/246/346/235/237.md +63 -0
  106. package/.agents/rules/common/10-/346/226/207/346/241/243/350/247/204/350/214/203.md +101 -0
  107. package/.agents/rules/common/12-Superpowers/346/211/247/350/241/214/350/247/204/350/214/203.md +46 -0
  108. package/.agents/rules/common/14-/345/256/241/350/256/241/346/261/207/346/212/245/350/247/204/350/214/203.md +107 -0
  109. package/.agents/rules/common/15-visual-gate-wait.md +90 -0
  110. package/.agents/rules/profiles/nestjs/01-/351/241/271/347/233/256/346/246/202/350/277/260.md +27 -0
  111. package/.agents/rules/profiles/nestjs/03-/351/241/271/347/233/256/347/273/223/346/236/204.md +20 -0
  112. package/.agents/rules/profiles/nestjs/04-/346/250/241/345/235/227/347/273/223/346/236/204/350/247/204/350/214/203.md +24 -0
  113. package/.agents/rules/profiles/nestjs/05-/346/216/245/345/217/243/344/270/216/345/245/221/347/272/246/350/247/204/350/214/203.md +24 -0
  114. package/.agents/rules/profiles/nestjs/06-/346/225/260/346/215/256/350/256/277/351/227/256/350/247/204/350/214/203.md +24 -0
  115. package/.agents/rules/profiles/nestjs/07-/351/205/215/347/275/256/344/270/216/350/277/220/350/241/214/346/227/266/350/247/204/350/214/203.md +20 -0
  116. package/.agents/rules/profiles/nestjs/09-/345/274/202/345/270/270/344/270/216/346/227/245/345/277/227/350/247/204/350/214/203.md +20 -0
  117. package/.agents/rules/profiles/nestjs/11-/346/265/213/350/257/225/350/247/204/350/214/203.md +24 -0
  118. package/.agents/rules/profiles/nestjs/13-/344/273/243/347/240/201/346/240/274/345/274/217/345/214/226/344/270/216/346/243/200/346/237/245.md +20 -0
  119. package/.agents/rules/profiles/node-tooling/01-/351/241/271/347/233/256/346/246/202/350/277/260.md +30 -0
  120. package/.agents/rules/profiles/node-tooling/03-/351/241/271/347/233/256/347/273/223/346/236/204.md +37 -0
  121. package/.agents/rules/profiles/node-tooling/04-CLI/344/270/216/346/250/241/345/235/227/350/247/204/350/214/203.md +42 -0
  122. package/.agents/rules/profiles/node-tooling/05-Contract/344/270/216Schema/350/247/204/350/214/203.md +42 -0
  123. package/.agents/rules/profiles/node-tooling/06-/350/277/220/350/241/214/346/227/266/346/226/207/344/273/266/350/247/204/350/214/203.md +30 -0
  124. package/.agents/rules/profiles/node-tooling/07-/346/227/245/345/277/227/344/270/216/351/224/231/350/257/257/345/244/204/347/220/206/350/247/204/350/214/203.md +60 -0
  125. package/.agents/rules/profiles/node-tooling/09-/350/204/232/346/234/254/344/270/216/345/205/245/345/217/243/350/247/204/350/214/203.md +45 -0
  126. package/.agents/rules/profiles/node-tooling/11-/346/265/213/350/257/225/350/247/204/350/214/203.md +41 -0
  127. package/.agents/rules/profiles/node-tooling/13-/344/273/243/347/240/201/346/240/274/345/274/217/345/214/226/344/270/216/346/243/200/346/237/245.md +55 -0
  128. package/.agents/rules/profiles/react/01-/351/241/271/347/233/256/346/246/202/350/277/260.md +29 -0
  129. package/.agents/rules/profiles/react/03-/351/241/271/347/233/256/347/273/223/346/236/204.md +104 -0
  130. package/.agents/rules/profiles/react/04-/347/273/204/344/273/266/350/247/204/350/214/203.md +46 -0
  131. package/.agents/rules/profiles/react/05-API/350/247/204/350/214/203.md +67 -0
  132. package/.agents/rules/profiles/react/06-/350/267/257/347/224/261/350/247/204/350/214/203.md +54 -0
  133. package/.agents/rules/profiles/react/07-/347/212/266/346/200/201/347/256/241/347/220/206.md +226 -0
  134. package/.agents/rules/profiles/react/09-/346/240/267/345/274/217/350/247/204/350/214/203.md +71 -0
  135. package/.agents/rules/profiles/react/11-/346/265/213/350/257/225/350/247/204/350/214/203.md +80 -0
  136. package/.agents/rules/profiles/react/13-/344/273/243/347/240/201/346/240/274/345/274/217/345/214/226/344/270/216/346/243/200/346/237/245.md +159 -0
  137. package/.agents/rules/profiles/springboot/01-/351/241/271/347/233/256/346/246/202/350/277/260.md +31 -0
  138. package/.agents/rules/profiles/springboot/03-/351/241/271/347/233/256/347/273/223/346/236/204.md +37 -0
  139. package/.agents/rules/profiles/springboot/04-/345/210/206/345/261/202/350/247/204/350/214/203.md +33 -0
  140. package/.agents/rules/profiles/springboot/05-/346/216/245/345/217/243/344/270/216/345/245/221/347/272/246/350/247/204/350/214/203.md +51 -0
  141. package/.agents/rules/profiles/springboot/06-/346/225/260/346/215/256/350/256/277/351/227/256/350/247/204/350/214/203.md +34 -0
  142. package/.agents/rules/profiles/springboot/07-/351/205/215/347/275/256/344/270/216/350/277/220/350/241/214/346/227/266/350/247/204/350/214/203.md +38 -0
  143. package/.agents/rules/profiles/springboot/09-/345/274/202/345/270/270/344/270/216/346/227/245/345/277/227/350/247/204/350/214/203.md +48 -0
  144. package/.agents/rules/profiles/springboot/11-/346/265/213/350/257/225/350/247/204/350/214/203.md +43 -0
  145. package/.agents/rules/profiles/springboot/13-/344/273/243/347/240/201/346/240/274/345/274/217/345/214/226/344/270/216/346/243/200/346/237/245.md +48 -0
  146. package/.agents/rules/profiles/vue/01-/351/241/271/347/233/256/346/246/202/350/277/260.md +47 -0
  147. package/.agents/rules/profiles/vue/03-/351/241/271/347/233/256/347/273/223/346/236/204.md +106 -0
  148. package/.agents/rules/profiles/vue/04-/347/273/204/344/273/266/350/247/204/350/214/203.md +61 -0
  149. package/.agents/rules/profiles/vue/05-API/350/247/204/350/214/203.md +67 -0
  150. package/.agents/rules/profiles/vue/06-/350/267/257/347/224/261/350/247/204/350/214/203.md +69 -0
  151. package/.agents/rules/profiles/vue/07-/347/212/266/346/200/201/347/256/241/347/220/206.md +93 -0
  152. package/.agents/rules/profiles/vue/09-/346/240/267/345/274/217/350/247/204/350/214/203.md +67 -0
  153. package/.agents/rules/profiles/vue/11-/346/265/213/350/257/225/350/247/204/350/214/203.md +80 -0
  154. package/.agents/rules/profiles/vue/13-/344/273/243/347/240/201/346/240/274/345/274/217/345/214/226/344/270/216/346/243/200/346/237/245.md +159 -0
  155. package/.agents/skills/README.md +171 -0
  156. package/.agents/skills/common/archive-change/SKILL.md +180 -0
  157. package/.agents/skills/common/branch-code-reviewer/SKILL.md +459 -0
  158. package/.agents/skills/common/branch-code-reviewer/references/business-risk-guide.md +293 -0
  159. package/.agents/skills/common/branch-code-reviewer/references/html-template-guide.md +121 -0
  160. package/.agents/skills/common/config-and-secret-scan/SKILL.md +99 -0
  161. package/.agents/skills/common/create-proposal/SKILL.md +192 -0
  162. package/.agents/skills/common/create-proposal/evals/evals.json +16 -0
  163. package/.agents/skills/common/create-proposal/evals/train_queries.json +18 -0
  164. package/.agents/skills/common/create-proposal/evals/validation_queries.json +18 -0
  165. package/.agents/skills/common/create-proposal/references/interaction-spec-template.md +42 -0
  166. package/.agents/skills/common/create-test/SKILL.md +292 -0
  167. package/.agents/skills/common/dependency-impact-graph/SKILL.md +80 -0
  168. package/.agents/skills/common/execute-task/SKILL.md +206 -0
  169. package/.agents/skills/common/execute-task/evals/evals.json +16 -0
  170. package/.agents/skills/common/execute-task/evals/train_queries.json +18 -0
  171. package/.agents/skills/common/execute-task/evals/validation_queries.json +18 -0
  172. package/.agents/skills/common/find-skills/SKILL.md +144 -0
  173. package/.agents/skills/common/install-ai-spec-auto/SKILL.md +260 -0
  174. package/.agents/skills/common/install-ai-spec-auto/evals/evals.json +17 -0
  175. package/.agents/skills/common/install-ai-spec-auto/evals/train_queries.json +18 -0
  176. package/.agents/skills/common/install-ai-spec-auto/evals/validation_queries.json +18 -0
  177. package/.agents/skills/common/project-init/SKILL.md +178 -0
  178. package/.agents/skills/common/project-init/evals/evals.json +16 -0
  179. package/.agents/skills/common/project-init/evals/train_queries.json +18 -0
  180. package/.agents/skills/common/project-init/evals/validation_queries.json +18 -0
  181. package/.agents/skills/common/project-init/references/custom-rule-generation.md +89 -0
  182. package/.agents/skills/common/project-init/references/deep-scan-rules.md +67 -0
  183. package/.agents/skills/common/project-init/references/output-contracts.md +71 -0
  184. package/.agents/skills/common/project-init/references/repo-fact-gathering.md +83 -0
  185. package/.agents/skills/common/project-init/references/scope-resolution.md +76 -0
  186. package/.agents/skills/common/project-init/scripts/inspect-project.js +112 -0
  187. package/.agents/skills/common/skill-creator/LICENSE.txt +202 -0
  188. package/.agents/skills/common/skill-creator/SKILL.md +370 -0
  189. package/.agents/skills/common/skill-creator/evals/evals.json +16 -0
  190. package/.agents/skills/common/skill-creator/evals/train_queries.json +18 -0
  191. package/.agents/skills/common/skill-creator/evals/validation_queries.json +18 -0
  192. package/.agents/skills/common/skill-creator/references/output-patterns.md +82 -0
  193. package/.agents/skills/common/skill-creator/references/workflows.md +28 -0
  194. package/.agents/skills/common/skill-creator/scripts/init_skill.py +209 -0
  195. package/.agents/skills/common/skill-creator/scripts/package_skill.py +110 -0
  196. package/.agents/skills/common/skill-creator/scripts/quick_validate.py +51 -0
  197. package/.agents/skills/common/skill-optimizer/SKILL.md +102 -0
  198. package/.agents/skills/common/skill-optimizer/evals/evals.json +16 -0
  199. package/.agents/skills/common/skill-optimizer/evals/train_queries.json +18 -0
  200. package/.agents/skills/common/skill-optimizer/evals/validation_queries.json +18 -0
  201. package/.agents/skills/common/skill-optimizer/references/design-patterns.md +26 -0
  202. package/.agents/skills/common/skill-optimizer/references/review-checklist.md +22 -0
  203. package/.agents/skills/common/using-superpowers/SKILL.md +151 -0
  204. package/.agents/skills/common/wait-for-gate-signal/SKILL.md +85 -0
  205. package/.agents/skills/domains/README.md +19 -0
  206. package/.agents/skills/domains/ui-ux-pro-max/SKILL.md +58 -0
  207. package/.agents/skills/domains/web/design-analysis/SKILL.md +89 -0
  208. package/.agents/skills/domains/web/design-analysis/rules/analysis-order.md +61 -0
  209. package/.agents/skills/domains/web/design-analysis/rules/analysis-priorities.md +136 -0
  210. package/.agents/skills/domains/web/design-analysis/rules/checklist-common-misses.md +107 -0
  211. package/.agents/skills/domains/web/design-analysis/rules/implementation-common-errors.md +204 -0
  212. package/.agents/skills/domains/web/design-analysis/rules/implementation-guidelines.md +211 -0
  213. package/.agents/skills/domains/web/design-analysis/rules/output-analysis-checklist.md +247 -0
  214. package/.agents/skills/domains/web/design-analysis/rules/tools-design-guidelines.md +108 -0
  215. package/.agents/skills/domains/web/design-analysis/rules/workflow-element-extraction.md +162 -0
  216. package/.agents/skills/domains/web/design-analysis/rules/workflow-layout-map.md +131 -0
  217. package/.agents/skills/domains/web/design-analysis/rules/workflow-output-checklist.md +70 -0
  218. package/.agents/skills/domains/web/design-analysis/rules/workflow-style-summary.md +91 -0
  219. package/.agents/skills/domains/web/route-permission-map/SKILL.md +103 -0
  220. package/.agents/skills/domains/web/ui-verification/SKILL.md +114 -0
  221. package/.agents/skills/domains/web/ui-verification/evals/evals.json +16 -0
  222. package/.agents/skills/domains/web/ui-verification/evals/train_queries.json +18 -0
  223. package/.agents/skills/domains/web/ui-verification/evals/validation_queries.json +18 -0
  224. package/.agents/skills/domains/web/ui-verification/rules/comparison-content-image.md +34 -0
  225. package/.agents/skills/domains/web/ui-verification/rules/comparison-content-text.md +30 -0
  226. package/.agents/skills/domains/web/ui-verification/rules/comparison-hierarchy.md +33 -0
  227. package/.agents/skills/domains/web/ui-verification/rules/comparison-layout.md +35 -0
  228. package/.agents/skills/domains/web/ui-verification/rules/errors-alignment.md +42 -0
  229. package/.agents/skills/domains/web/ui-verification/rules/errors-button-dimensions.md +28 -0
  230. package/.agents/skills/domains/web/ui-verification/rules/errors-button-position.md +25 -0
  231. package/.agents/skills/domains/web/ui-verification/rules/errors-css-priority.md +50 -0
  232. package/.agents/skills/domains/web/ui-verification/rules/errors-flex-column-width.md +46 -0
  233. package/.agents/skills/domains/web/ui-verification/rules/errors-flex-layout.md +46 -0
  234. package/.agents/skills/domains/web/ui-verification/rules/errors-grid-container-width.md +44 -0
  235. package/.agents/skills/domains/web/ui-verification/rules/errors-page-container-width.md +39 -0
  236. package/.agents/skills/domains/web/ui-verification/rules/tools-browser-navigation.md +53 -0
  237. package/.agents/skills/domains/web/ui-verification/rules/tools-design-guidelines.md +53 -0
  238. package/.agents/skills/domains/web/ui-verification/rules/workflow-checklist.md +27 -0
  239. package/.agents/skills/domains/web/ui-verification/rules/workflow-problem-list.md +56 -0
  240. package/.agents/skills/domains/web/ui-verification/rules/workflow-reflection.md +44 -0
  241. package/.agents/skills/domains/web/ui-verification/rules/writing-alignment.md +44 -0
  242. package/.agents/skills/domains/web/ui-verification/rules/writing-element-completeness.md +63 -0
  243. package/.agents/skills/domains/web/ui-verification/rules/writing-list-layout.md +75 -0
  244. package/.agents/skills/domains/web/ui-verification/rules/writing-page-container-width.md +37 -0
  245. package/.agents/skills/domains/web/web-design-guidelines/SKILL.md +40 -0
  246. package/.agents/skills/profiles/nestjs/README.md +4 -0
  247. package/.agents/skills/profiles/node-tooling/README.md +9 -0
  248. package/.agents/skills/profiles/react/create-api/SKILL.md +145 -0
  249. package/.agents/skills/profiles/react/create-component/SKILL.md +160 -0
  250. package/.agents/skills/profiles/react/create-route/SKILL.md +168 -0
  251. package/.agents/skills/profiles/react/create-store/SKILL.md +262 -0
  252. package/.agents/skills/profiles/react/theme-variables/SKILL.md +82 -0
  253. package/.agents/skills/profiles/react/vercel-composition-patterns/AGENTS.md +899 -0
  254. package/.agents/skills/profiles/react/vercel-composition-patterns/SKILL.md +81 -0
  255. package/.agents/skills/profiles/react/vercel-composition-patterns/rules/architecture-avoid-boolean-props.md +100 -0
  256. package/.agents/skills/profiles/react/vercel-composition-patterns/rules/architecture-compound-components.md +112 -0
  257. package/.agents/skills/profiles/react/vercel-composition-patterns/rules/patterns-children-over-render-props.md +87 -0
  258. package/.agents/skills/profiles/react/vercel-composition-patterns/rules/patterns-explicit-variants.md +100 -0
  259. package/.agents/skills/profiles/react/vercel-composition-patterns/rules/state-context-interface.md +191 -0
  260. package/.agents/skills/profiles/react/vercel-composition-patterns/rules/state-decouple-implementation.md +113 -0
  261. package/.agents/skills/profiles/react/vercel-composition-patterns/rules/state-lift-state.md +125 -0
  262. package/.agents/skills/profiles/react/vercel-react-best-practices/AGENTS.md +2934 -0
  263. package/.agents/skills/profiles/react/vercel-react-best-practices/SKILL.md +136 -0
  264. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/advanced-event-handler-refs.md +55 -0
  265. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/advanced-init-once.md +42 -0
  266. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/advanced-use-latest.md +39 -0
  267. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/async-api-routes.md +38 -0
  268. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/async-defer-await.md +80 -0
  269. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/async-dependencies.md +51 -0
  270. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/async-parallel.md +28 -0
  271. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/async-suspense-boundaries.md +99 -0
  272. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/bundle-barrel-imports.md +59 -0
  273. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/bundle-conditional.md +31 -0
  274. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/bundle-defer-third-party.md +49 -0
  275. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/bundle-dynamic-imports.md +35 -0
  276. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/bundle-preload.md +50 -0
  277. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/client-event-listeners.md +74 -0
  278. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/client-localstorage-schema.md +71 -0
  279. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/client-passive-event-listeners.md +48 -0
  280. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/client-swr-dedup.md +56 -0
  281. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/js-batch-dom-css.md +107 -0
  282. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/js-cache-function-results.md +80 -0
  283. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/js-cache-property-access.md +28 -0
  284. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/js-cache-storage.md +70 -0
  285. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/js-combine-iterations.md +32 -0
  286. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/js-early-exit.md +50 -0
  287. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/js-hoist-regexp.md +45 -0
  288. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/js-index-maps.md +37 -0
  289. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/js-length-check-first.md +49 -0
  290. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/js-min-max-loop.md +82 -0
  291. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/js-set-map-lookups.md +24 -0
  292. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/js-tosorted-immutable.md +57 -0
  293. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rendering-activity.md +26 -0
  294. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rendering-animate-svg-wrapper.md +47 -0
  295. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rendering-conditional-render.md +40 -0
  296. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rendering-content-visibility.md +38 -0
  297. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rendering-hoist-jsx.md +46 -0
  298. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rendering-hydration-no-flicker.md +82 -0
  299. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rendering-hydration-suppress-warning.md +30 -0
  300. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rendering-svg-precision.md +28 -0
  301. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rendering-usetransition-loading.md +75 -0
  302. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rerender-defer-reads.md +39 -0
  303. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rerender-dependencies.md +45 -0
  304. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rerender-derived-state-no-effect.md +40 -0
  305. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rerender-derived-state.md +29 -0
  306. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rerender-functional-setstate.md +74 -0
  307. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rerender-lazy-state-init.md +58 -0
  308. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rerender-memo-with-default-value.md +38 -0
  309. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rerender-memo.md +44 -0
  310. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rerender-move-effect-to-event.md +45 -0
  311. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rerender-simple-expression-in-memo.md +35 -0
  312. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rerender-transitions.md +40 -0
  313. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/rerender-use-ref-transient-values.md +73 -0
  314. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/server-after-nonblocking.md +73 -0
  315. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/server-auth-actions.md +96 -0
  316. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/server-cache-lru.md +41 -0
  317. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/server-cache-react.md +76 -0
  318. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/server-dedup-props.md +65 -0
  319. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/server-parallel-fetching.md +83 -0
  320. package/.agents/skills/profiles/react/vercel-react-best-practices/rules/server-serialization.md +38 -0
  321. package/.agents/skills/profiles/springboot/README.md +10 -0
  322. package/.agents/skills/profiles/vue/create-api/SKILL.md +105 -0
  323. package/.agents/skills/profiles/vue/create-component/SKILL.md +76 -0
  324. package/.agents/skills/profiles/vue/create-route/SKILL.md +141 -0
  325. package/.agents/skills/profiles/vue/create-store/SKILL.md +97 -0
  326. package/.agents/skills/profiles/vue/create-view/SKILL.md +81 -0
  327. package/.agents/skills/profiles/vue/theme-variables/SKILL.md +73 -0
  328. package/.agents/skills/profiles/vue/vue-best-practices/SKILL.md +166 -0
  329. package/.agents/skills/profiles/vue/vue-best-practices/references/animation-class-based-technique.md +254 -0
  330. package/.agents/skills/profiles/vue/vue-best-practices/references/animation-state-driven-technique.md +291 -0
  331. package/.agents/skills/profiles/vue/vue-best-practices/references/component-async.md +97 -0
  332. package/.agents/skills/profiles/vue/vue-best-practices/references/component-data-flow.md +307 -0
  333. package/.agents/skills/profiles/vue/vue-best-practices/references/component-fallthrough-attrs.md +174 -0
  334. package/.agents/skills/profiles/vue/vue-best-practices/references/component-keep-alive.md +137 -0
  335. package/.agents/skills/profiles/vue/vue-best-practices/references/component-slots.md +216 -0
  336. package/.agents/skills/profiles/vue/vue-best-practices/references/component-suspense.md +228 -0
  337. package/.agents/skills/profiles/vue/vue-best-practices/references/component-teleport.md +108 -0
  338. package/.agents/skills/profiles/vue/vue-best-practices/references/component-transition-group.md +128 -0
  339. package/.agents/skills/profiles/vue/vue-best-practices/references/component-transition.md +125 -0
  340. package/.agents/skills/profiles/vue/vue-best-practices/references/composables.md +290 -0
  341. package/.agents/skills/profiles/vue/vue-best-practices/references/directives.md +162 -0
  342. package/.agents/skills/profiles/vue/vue-best-practices/references/perf-avoid-component-abstraction-in-lists.md +159 -0
  343. package/.agents/skills/profiles/vue/vue-best-practices/references/perf-v-once-v-memo-directives.md +182 -0
  344. package/.agents/skills/profiles/vue/vue-best-practices/references/perf-virtualize-large-lists.md +187 -0
  345. package/.agents/skills/profiles/vue/vue-best-practices/references/plugins.md +166 -0
  346. package/.agents/skills/profiles/vue/vue-best-practices/references/reactivity.md +344 -0
  347. package/.agents/skills/profiles/vue/vue-best-practices/references/render-functions.md +201 -0
  348. package/.agents/skills/profiles/vue/vue-best-practices/references/sfc.md +310 -0
  349. package/.agents/skills/profiles/vue/vue-best-practices/references/state-management.md +135 -0
  350. package/.agents/skills/profiles/vue/vue-best-practices/references/updated-hook-performance.md +187 -0
  351. package/.agents/templates/common/README.md +23 -0
  352. package/.agents/templates/common/bugfix.md +22 -0
  353. package/.agents/templates/common/create-expert-package.md +458 -0
  354. package/.agents/templates/common/mock-page.md +28 -0
  355. package/.agents/templates/common/new-component.md +25 -0
  356. package/.agents/templates/common/new-page.md +31 -0
  357. package/.cursor/mcp.json +36 -0
  358. package/.qoder/README.md +114 -0
  359. package/.qoder/commands +1 -0
  360. package/.qoder/mcp.json +26 -0
  361. package/.qoder/rules +1 -0
  362. package/.qoder/skills +1 -0
  363. package/LICENSE +21 -0
  364. package/README.md +433 -0
  365. package/bin/archive-change.js +474 -0
  366. package/bin/check-command.js +62 -0
  367. package/bin/cli.js +295 -0
  368. package/bin/command-template-renderer.js +40 -0
  369. package/bin/context-command.js +102 -0
  370. package/bin/demo-runtime-smoke.js +760 -0
  371. package/bin/execution-semantics.js +821 -0
  372. package/bin/executor-command.js +93 -0
  373. package/bin/expert-dispatch.js +334 -0
  374. package/bin/expert-executor.js +1148 -0
  375. package/bin/guard-command.js +52 -0
  376. package/bin/hub-command.js +876 -0
  377. package/bin/ide-command.js +242 -0
  378. package/bin/init-command.js +193 -0
  379. package/bin/install-workflow.js +2983 -0
  380. package/bin/manifest-export.js +34 -0
  381. package/bin/profile-registry.js +90 -0
  382. package/bin/protocol-workflow.js +446 -0
  383. package/bin/repair-command.js +161 -0
  384. package/bin/repo-map.js +177 -0
  385. package/bin/report-command.js +236 -0
  386. package/bin/runtime-bootstrap.js +428 -0
  387. package/bin/runtime-embedded.js +101 -0
  388. package/bin/runtime-fallback.js +106 -0
  389. package/bin/runtime-launcher.js +116 -0
  390. package/bin/runtime-paths.js +177 -0
  391. package/bin/runtime-registry.js +289 -0
  392. package/bin/runtime-state.js +2541 -0
  393. package/bin/scan.js +96 -0
  394. package/bin/self-upgrade.js +206 -0
  395. package/bin/skill-spec-validator.js +457 -0
  396. package/bin/spec-command.js +366 -0
  397. package/bin/superpowers.js +384 -0
  398. package/bin/sync-command.js +59 -0
  399. package/bin/sync.js +1904 -0
  400. package/bin/task-orchestrator-adapter.js +341 -0
  401. package/bin/task-orchestrator-extractor.js +274 -0
  402. package/bin/task-orchestrator-runner.js +1208 -0
  403. package/bin/telemetry/README.md +66 -0
  404. package/bin/telemetry/aspect.js +153 -0
  405. package/bin/telemetry/collect.js +67 -0
  406. package/bin/telemetry/config.js +114 -0
  407. package/bin/telemetry/defaults.json +5 -0
  408. package/bin/telemetry/healthcheck.js +195 -0
  409. package/bin/telemetry/identity.js +53 -0
  410. package/bin/telemetry/index.js +25 -0
  411. package/bin/telemetry/reporter.js +83 -0
  412. package/bin/telemetry/safe.js +39 -0
  413. package/bin/validate-registry.js +740 -0
  414. package/bin/visual-bridge-config.js +117 -0
  415. package/bin/visual-bridge.js +287 -0
  416. package/bin/visual-command.js +432 -0
  417. package/bin/worktree-command.js +194 -0
  418. package/configs/common/.editorconfig +15 -0
  419. package/configs/common/.husky/commit-msg +4 -0
  420. package/configs/common/.husky/pre-commit +4 -0
  421. package/configs/common/.lintstagedrc +11 -0
  422. package/configs/common/.prettierignore +11 -0
  423. package/configs/common/.prettierrc.json +11 -0
  424. package/configs/common/.stylelintignore +14 -0
  425. package/configs/common/.stylelintrc.json +21 -0
  426. package/configs/common/commitlint.config.js +3 -0
  427. package/configs/profiles/nestjs/.gitkeep +1 -0
  428. package/configs/profiles/node-tooling/.gitkeep +1 -0
  429. package/configs/profiles/react/.eslintignore +6 -0
  430. package/configs/profiles/react/.eslintrc.js +16 -0
  431. package/configs/profiles/react/.stylelintrc.json +18 -0
  432. package/configs/profiles/springboot/.gitkeep +1 -0
  433. package/configs/profiles/vue/.eslintignore +7 -0
  434. package/configs/profiles/vue/.eslintrc.cjs +17 -0
  435. package/contracts/README.md +28 -0
  436. package/contracts/fixtures/asset-package.fixture.json +26 -0
  437. package/contracts/fixtures/asset-usage-feedback.fixture.json +14 -0
  438. package/contracts/fixtures/evidence-report.fixture.json +28 -0
  439. package/contracts/fixtures/manifest.fixture.json +20 -0
  440. package/contracts/fixtures/run-event.fixture.json +15 -0
  441. package/contracts/schemas/asset-package.schema.json +76 -0
  442. package/contracts/schemas/asset-usage-feedback.schema.json +57 -0
  443. package/contracts/schemas/evidence-report.schema.json +60 -0
  444. package/contracts/schemas/manifest.schema.json +63 -0
  445. package/contracts/schemas/run-event.schema.json +72 -0
  446. package/install.ps1 +35 -0
  447. package/install.sh +17 -0
  448. package/internal/ai-protocol-workflow.js +5600 -0
  449. package/internal/hub-client.js +98 -0
  450. package/internal/hub-sync-selection.js +69 -0
  451. package/internal/visual-hooks/README.md +481 -0
  452. package/internal/visual-hooks/config-loader.js +218 -0
  453. package/internal/visual-hooks/control-puller.js +206 -0
  454. package/internal/visual-hooks/gate-signal.js +150 -0
  455. package/internal/visual-hooks/inbox-consumer.js +469 -0
  456. package/internal/visual-hooks/index.js +197 -0
  457. package/internal/visual-hooks/push-client.js +189 -0
  458. package/internal/visual-hooks/receipt-pusher.js +176 -0
  459. package/internal/visual-hooks/runtime-state-pusher.js +128 -0
  460. package/openspec/changes/.gitkeep +0 -0
  461. package/openspec/changes/archive/.gitkeep +0 -0
  462. package/openspec/config.yaml.template +52 -0
  463. package/openspec/schemas/expert-delivery/schema.yaml +68 -0
  464. package/openspec/schemas/expert-delivery/templates/checklist.md +39 -0
  465. package/openspec/schemas/expert-delivery/templates/design.md +61 -0
  466. package/openspec/schemas/expert-delivery/templates/iterations.md +25 -0
  467. package/openspec/schemas/expert-delivery/templates/proposal.md +45 -0
  468. package/openspec/schemas/expert-delivery/templates/spec.md +29 -0
  469. package/openspec/schemas/expert-delivery/templates/tasks.md +24 -0
  470. package/openspec/specs/.gitkeep +0 -0
  471. package/package.json +73 -0
  472. package/scripts/acceptance-zero-intrusion.sh +168 -0
  473. package/scripts/hub-sync-assets.config.example.json +296 -0
  474. package/scripts/hub-sync-assets.js +2038 -0
  475. package/scripts/local-verify.sh +280 -0
  476. package/scripts/post-publish-auto-fix-check.js +404 -0
  477. package/scripts/post-publish-verify.sh +175 -0
  478. package/scripts/setup-cursor-manual-test.sh +107 -0
  479. package/scripts/setup-cursor-spec-archive-test.sh +111 -0
  480. package/scripts/setup-visual-integration.sh +225 -0
  481. package/scripts/test-integration.sh +176 -0
  482. package/scripts/update-test-project.sh +93 -0
  483. package/scripts/upload-four-web.sh +57 -0
  484. package/scripts/verify-install-ps1-bom.js +26 -0
  485. package/src/agent/agent-context.js +259 -0
  486. package/src/agent/agent-profile.js +185 -0
  487. package/src/agent/agent-templates.js +161 -0
  488. package/src/agent/agent-types.js +108 -0
  489. package/src/agent/collaboration-protocol.js +333 -0
  490. package/src/agent/conflict-handler.js +364 -0
  491. package/src/agent/file-permission.js +121 -0
  492. package/src/agent/index.js +38 -0
  493. package/src/agent/permission-audit.js +151 -0
  494. package/src/agent/review-repair-loop.js +270 -0
  495. package/src/agent/tool-permission.js +101 -0
  496. package/src/asset/asset-dependency.js +322 -0
  497. package/src/asset/asset-feedback.js +350 -0
  498. package/src/asset/asset-fork.js +300 -0
  499. package/src/asset/asset-install.js +278 -0
  500. package/src/asset/asset-installer.js +497 -0
  501. package/src/asset/asset-lifecycle.js +324 -0
  502. package/src/asset/asset-manager.js +245 -0
  503. package/src/asset/asset-package-manager.js +349 -0
  504. package/src/asset/asset-package.js +186 -0
  505. package/src/asset/asset-quality.js +262 -0
  506. package/src/asset/asset-registry.js +387 -0
  507. package/src/asset/asset-version.js +293 -0
  508. package/src/asset/index.js +86 -0
  509. package/src/cache/agent-profile-cache.js +59 -0
  510. package/src/cache/asset-cache.js +63 -0
  511. package/src/cache/global-cache.js +61 -0
  512. package/src/cache/manifest-cache.js +30 -0
  513. package/src/check/check-service.js +32 -0
  514. package/src/config/config-layer.js +343 -0
  515. package/src/config/config-loader.js +60 -0
  516. package/src/config/defaults.js +49 -0
  517. package/src/connectors/hub/asset-package.js +72 -0
  518. package/src/connectors/hub/asset-usage-feedback.js +46 -0
  519. package/src/connectors/hub/hub-connector.js +44 -0
  520. package/src/connectors/hub/index.js +21 -0
  521. package/src/connectors/visual/evidence-report.js +49 -0
  522. package/src/connectors/visual/index.js +15 -0
  523. package/src/connectors/visual/queue.js +41 -0
  524. package/src/connectors/visual/run-event.js +81 -0
  525. package/src/connectors/visual/visual-connector.js +77 -0
  526. package/src/context/context-budget.js +59 -0
  527. package/src/context/context-builder.js +285 -0
  528. package/src/context/context-loader.js +116 -0
  529. package/src/context/context-planner.js +158 -0
  530. package/src/context/types.js +96 -0
  531. package/src/contracts/index.js +63 -0
  532. package/src/executor/executor-registry.js +78 -0
  533. package/src/executor/executor-result-parser.js +44 -0
  534. package/src/executor/executor-runner.js +141 -0
  535. package/src/executor/executor-selector.js +139 -0
  536. package/src/executor/executor-timeout.js +36 -0
  537. package/src/executor/providers/base-provider-utils.js +189 -0
  538. package/src/executor/providers/claude-code-executor-provider.js +128 -0
  539. package/src/executor/providers/codex-executor-provider.js +126 -0
  540. package/src/executor/providers/cursor-executor-provider.js +99 -0
  541. package/src/executor/types.js +137 -0
  542. package/src/git/branch-manager.js +71 -0
  543. package/src/git/dirty-checker.js +43 -0
  544. package/src/git/dirty-strategy-handler.js +29 -0
  545. package/src/git/git-command.js +37 -0
  546. package/src/git/git-repository-detector.js +45 -0
  547. package/src/git/multi-repo-worktree-planner.js +88 -0
  548. package/src/git/policy.js +19 -0
  549. package/src/git/strategies/block-dirty-strategy.js +34 -0
  550. package/src/git/strategies/ignore-dirty-strategy.js +33 -0
  551. package/src/git/strategies/patch-snapshot-strategy.js +53 -0
  552. package/src/git/strategies/wip-commit-strategy.js +38 -0
  553. package/src/git/types.js +71 -0
  554. package/src/git/worktree-manager.js +85 -0
  555. package/src/governance/asset-review.js +351 -0
  556. package/src/governance/audit-log.js +368 -0
  557. package/src/governance/gray-release.js +312 -0
  558. package/src/governance/index.js +31 -0
  559. package/src/governance/policy-types.js +56 -0
  560. package/src/governance/rbac-types.js +171 -0
  561. package/src/governance/rbac.js +382 -0
  562. package/src/governance/rollback.js +360 -0
  563. package/src/governance/security-policy.js +354 -0
  564. package/src/hook/hook-config-writer.js +125 -0
  565. package/src/hub/hub-client.js +186 -0
  566. package/src/hub/hub-config.js +39 -0
  567. package/src/hub/project-facts.js +31 -0
  568. package/src/hub/runtime-feedback-reporter.js +55 -0
  569. package/src/ide/adapters/adapter-protocol.js +385 -0
  570. package/src/ide/adapters/claude-adapter.js +419 -0
  571. package/src/ide/adapters/codex-adapter.js +60 -0
  572. package/src/ide/adapters/cursor-adapter.js +484 -0
  573. package/src/ide/adapters/index.js +24 -0
  574. package/src/ide/anchors/markdown-anchor-writer.js +152 -0
  575. package/src/ide/ide-service.js +270 -0
  576. package/src/ide/ide-types.js +94 -0
  577. package/src/ide/links/link-mode-resolver.js +160 -0
  578. package/src/ide/registry/ide-registry-builder.js +165 -0
  579. package/src/incident/incident-writer.js +47 -0
  580. package/src/incident/types.js +22 -0
  581. package/src/init/ide-linker.js +126 -0
  582. package/src/init/ide-pointer-injector.js +75 -0
  583. package/src/init/init-applier.js +197 -0
  584. package/src/init/init-plan.js +294 -0
  585. package/src/init/init-service.js +65 -0
  586. package/src/init/manifest-installer.js +302 -0
  587. package/src/init/types.js +26 -0
  588. package/src/project/config-writer.js +83 -0
  589. package/src/project/context-index-writer.js +82 -0
  590. package/src/project/json-utils.js +72 -0
  591. package/src/project/local-state-writer.js +50 -0
  592. package/src/project/lock-file-writer.js +98 -0
  593. package/src/project/manifest-writer.js +126 -0
  594. package/src/project/policy-config-writer.js +91 -0
  595. package/src/project/project-config-writer.js +74 -0
  596. package/src/project/project-files.js +39 -0
  597. package/src/project/registry-index-writer.js +43 -0
  598. package/src/project/workspace-config-writer.js +63 -0
  599. package/src/run/index.js +11 -0
  600. package/src/run/run-id.js +32 -0
  601. package/src/run/run-service.js +269 -0
  602. package/src/run/run-store.js +80 -0
  603. package/src/scanner/aggregator/detection-aggregator.js +23 -0
  604. package/src/scanner/boundary/boundary-resolver.js +229 -0
  605. package/src/scanner/detectors/detector-registry.js +44 -0
  606. package/src/scanner/detectors/fastapi-detector.js +46 -0
  607. package/src/scanner/detectors/go-detector.js +46 -0
  608. package/src/scanner/detectors/nestjs-detector.js +57 -0
  609. package/src/scanner/detectors/nextjs-detector.js +52 -0
  610. package/src/scanner/detectors/react-vite-detector.js +52 -0
  611. package/src/scanner/detectors/react-webpack-detector.js +57 -0
  612. package/src/scanner/detectors/springboot-detector.js +46 -0
  613. package/src/scanner/detectors/springcloud-detector.js +46 -0
  614. package/src/scanner/detectors/springmvc-detector.js +46 -0
  615. package/src/scanner/detectors/vue-vite-detector.js +52 -0
  616. package/src/scanner/engine.js +72 -0
  617. package/src/scanner/facts/fact-extractor.js +211 -0
  618. package/src/scanner/types.js +30 -0
  619. package/src/security/asset-tamper-checker.js +188 -0
  620. package/src/security/checksum.js +40 -0
  621. package/src/spec/spec-writer.js +302 -0
  622. package/src/state-machine/circuit-breaker.js +112 -0
  623. package/src/state-machine/escape-hatch.js +49 -0
  624. package/src/state-machine/stage-runner.js +281 -0
  625. package/src/state-machine/state-machine.js +24 -0
  626. package/src/state-machine/transition-guard.js +36 -0
  627. package/src/state-machine/types.js +37 -0
  628. package/src/sync/sync-service.js +192 -0
  629. package/src/visual/agent-visual.js +142 -0
  630. package/src/visual/event-gateway.js +357 -0
  631. package/src/visual/event-mapper.js +128 -0
  632. package/src/visual/hook-dashboard.js +216 -0
  633. package/src/visual/index.js +27 -0
  634. package/src/visual/metrics.js +287 -0
  635. package/src/visual/privacy-filter.js +100 -0
  636. package/src/visual/risk-board.js +252 -0
  637. package/src/visual/timeline.js +245 -0
  638. package/src/visual/visual-client.js +94 -0
  639. package/src/visual/visual-config.js +40 -0
  640. package/src/visual/visual-reporter.js +88 -0
@@ -0,0 +1,121 @@
1
+ /**
2
+ * File Permission — 文件作用域权限校验
3
+ *
4
+ * 根据 AgentProfile 的 allowedFileScopes / deniedFileScopes 判断是否允许访问某文件。
5
+ * 规则:deniedFileScopes 优先于 allowedFileScopes;使用 glob 匹配。
6
+ */
7
+
8
+ // ============================================================
9
+ // globMatch — 简易 glob 匹配
10
+ // ============================================================
11
+
12
+ /**
13
+ * 简易 glob 模式匹配(支持 ** / * / ?)
14
+ * @param {string} pattern - glob 模式
15
+ * @param {string} filePath - 文件路径
16
+ * @returns {boolean}
17
+ */
18
+ function globMatch(pattern, filePath) {
19
+ // 规范化路径分隔符
20
+ const normalizedPattern = pattern.replace(/\\/g, '/');
21
+ const normalizedPath = filePath.replace(/\\/g, '/');
22
+
23
+ // 转换 glob 为正则表达式
24
+ let regexStr = normalizedPattern
25
+ .replace(/[.+^${}()|[\]\\]/g, '\\$&') // 转义特殊字符
26
+ .replace(/\*\*/g, '{{DOUBLE_STAR}}') // 临时替换 **
27
+ .replace(/\*/g, '[^/]*') // * 匹配非斜杠字符
28
+ .replace(/\?/g, '[^/]') // ? 匹配单个非斜杠字符
29
+ .replace(/\{\{DOUBLE_STAR\}\}/g, '.*'); // ** 匹配任意路径
30
+
31
+ // **/ 前缀应匹配零个或多个路径段(根文件也需要匹配)
32
+ regexStr = regexStr.replace(/^\.\*\//, '(.*\\/)?');
33
+
34
+ const regex = new RegExp(`^${regexStr}$`);
35
+ return regex.test(normalizedPath);
36
+ }
37
+
38
+ // ============================================================
39
+ // matchesAnyGlob — 匹配任一 glob 模式
40
+ // ============================================================
41
+
42
+ /**
43
+ * 检查文件路径是否匹配 glob 模式列表中的任一模式
44
+ * @param {string[]} patterns - glob 模式列表
45
+ * @param {string} filePath - 文件路径
46
+ * @returns {boolean}
47
+ */
48
+ function matchesAnyGlob(patterns, filePath) {
49
+ return patterns.some((pattern) => globMatch(pattern, filePath));
50
+ }
51
+
52
+ // ============================================================
53
+ // checkFilePermission — 文件权限校验
54
+ // ============================================================
55
+
56
+ /**
57
+ * 检查 Agent 是否被允许访问指定文件
58
+ * @param {Object} profile - AgentProfile
59
+ * @param {string} filePath - 文件路径
60
+ * @returns {{ allowed: boolean, reason: string }}
61
+ */
62
+ function checkFilePermission(profile, filePath) {
63
+ if (!profile || typeof profile !== 'object') {
64
+ return { allowed: false, reason: 'profile 无效' };
65
+ }
66
+
67
+ if (!filePath || typeof filePath !== 'string') {
68
+ return { allowed: false, reason: 'filePath 无效' };
69
+ }
70
+
71
+ const deniedFileScopes = profile.deniedFileScopes || [];
72
+ const allowedFileScopes = profile.allowedFileScopes || [];
73
+
74
+ // deniedFileScopes 优先级最高
75
+ if (deniedFileScopes.length > 0 && matchesAnyGlob(deniedFileScopes, filePath)) {
76
+ return { allowed: false, reason: `文件 ${filePath} 匹配 deniedFileScopes` };
77
+ }
78
+
79
+ // 空 allowedFileScopes 表示全部允许(除 denied 外)
80
+ if (allowedFileScopes.length === 0) {
81
+ return { allowed: true, reason: 'allowedFileScopes 为空,全部允许' };
82
+ }
83
+
84
+ // allowedFileScopes 非空时,必须匹配至少一个
85
+ if (matchesAnyGlob(allowedFileScopes, filePath)) {
86
+ return { allowed: true, reason: `文件 ${filePath} 匹配 allowedFileScopes` };
87
+ }
88
+
89
+ return { allowed: false, reason: `文件 ${filePath} 不匹配任何 allowedFileScopes` };
90
+ }
91
+
92
+ // ============================================================
93
+ // checkBatchFilePermission — 批量文件权限校验
94
+ // ============================================================
95
+
96
+ /**
97
+ * 批量检查 Agent 是否被允许访问多个文件
98
+ * @param {Object} profile - AgentProfile
99
+ * @param {string[]} filePaths - 文件路径列表
100
+ * @returns {{ results: Record<string, { allowed: boolean, reason: string }>, allAllowed: boolean }}
101
+ */
102
+ function checkBatchFilePermission(profile, filePaths) {
103
+ const results = {};
104
+ let allAllowed = true;
105
+
106
+ for (const filePath of filePaths) {
107
+ results[filePath] = checkFilePermission(profile, filePath);
108
+ if (!results[filePath].allowed) {
109
+ allAllowed = false;
110
+ }
111
+ }
112
+
113
+ return { results, allAllowed };
114
+ }
115
+
116
+ module.exports = {
117
+ globMatch,
118
+ matchesAnyGlob,
119
+ checkFilePermission,
120
+ checkBatchFilePermission,
121
+ };
@@ -0,0 +1,38 @@
1
+ /**
2
+ * Agent 模块 — barrel 导出
3
+ */
4
+
5
+ const agentTypes = require('./agent-types');
6
+ const agentProfile = require('./agent-profile');
7
+ const agentTemplates = require('./agent-templates');
8
+ const toolPermission = require('./tool-permission');
9
+ const filePermission = require('./file-permission');
10
+ const { PermissionAuditLog } = require('./permission-audit');
11
+ const { AgentContext } = require('./agent-context');
12
+ const { AgentState, AgentCollaborationProtocol } = require('./collaboration-protocol');
13
+ const { ReviewRepairLoop } = require('./review-repair-loop');
14
+ const { FileLockManager, ApprovalQueue, ConflictHandler, detectConflicts } = require('./conflict-handler');
15
+
16
+ module.exports = {
17
+ // 类型与常量
18
+ ...agentTypes,
19
+ // Profile
20
+ ...agentProfile,
21
+ ...agentTemplates,
22
+ // 权限
23
+ ...toolPermission,
24
+ ...filePermission,
25
+ PermissionAuditLog,
26
+ // 上下文
27
+ AgentContext,
28
+ // 协作
29
+ AgentState,
30
+ AgentCollaborationProtocol,
31
+ // Review/Repair
32
+ ReviewRepairLoop,
33
+ // 冲突处理
34
+ FileLockManager,
35
+ ApprovalQueue,
36
+ ConflictHandler,
37
+ detectConflicts,
38
+ };
@@ -0,0 +1,151 @@
1
+ /**
2
+ * Permission Audit — 权限审计日志
3
+ *
4
+ * 记录每次权限检查的结果,支持查询和导出。
5
+ */
6
+
7
+ // ============================================================
8
+ // PermissionAuditLog
9
+ // ============================================================
10
+
11
+ class PermissionAuditLog {
12
+ constructor() {
13
+ /** @type {Array<PermissionAuditEntry>} */
14
+ this.entries = [];
15
+ }
16
+
17
+ /**
18
+ * 记录权限检查结果
19
+ * @param {Object} params
20
+ * @param {string} params.agentId - Agent ID
21
+ * @param {string} params.checkType - 检查类型 (tool/file)
22
+ * @param {string} params.target - 被检查的目标(工具名或文件路径)
23
+ * @param {boolean} params.allowed - 是否允许
24
+ * @param {string} params.reason - 原因
25
+ */
26
+ record({ agentId, checkType, target, allowed, reason }) {
27
+ this.entries.push({
28
+ agentId,
29
+ checkType,
30
+ target,
31
+ allowed,
32
+ reason,
33
+ timestamp: new Date().toISOString(),
34
+ });
35
+ }
36
+
37
+ /**
38
+ * 记录工具权限检查
39
+ * @param {string} agentId
40
+ * @param {string} toolName
41
+ * @param {{ allowed: boolean, reason: string }} result
42
+ */
43
+ recordToolCheck(agentId, toolName, result) {
44
+ this.record({
45
+ agentId,
46
+ checkType: 'tool',
47
+ target: toolName,
48
+ allowed: result.allowed,
49
+ reason: result.reason,
50
+ });
51
+ }
52
+
53
+ /**
54
+ * 记录文件权限检查
55
+ * @param {string} agentId
56
+ * @param {string} filePath
57
+ * @param {{ allowed: boolean, reason: string }} result
58
+ */
59
+ recordFileCheck(agentId, filePath, result) {
60
+ this.record({
61
+ agentId,
62
+ checkType: 'file',
63
+ target: filePath,
64
+ allowed: result.allowed,
65
+ reason: result.reason,
66
+ });
67
+ }
68
+
69
+ /**
70
+ * 查询指定 Agent 的所有审计记录
71
+ * @param {string} agentId
72
+ * @returns {Array<PermissionAuditEntry>}
73
+ */
74
+ getByAgent(agentId) {
75
+ return this.entries.filter((e) => e.agentId === agentId);
76
+ }
77
+
78
+ /**
79
+ * 查询被拒绝的记录
80
+ * @param {string} [agentId] - 可选,按 Agent 过滤
81
+ * @returns {Array<PermissionAuditEntry>}
82
+ */
83
+ getDenied(agentId) {
84
+ return this.entries.filter((e) => !e.allowed && (!agentId || e.agentId === agentId));
85
+ }
86
+
87
+ /**
88
+ * 获取审计统计
89
+ * @param {string} [agentId] - 可选,按 Agent 过滤
90
+ * @returns {{ total: number, allowed: number, denied: number, byType: Record<string, number> }}
91
+ */
92
+ getStats(agentId) {
93
+ const filtered = agentId ? this.getByAgent(agentId) : this.entries;
94
+
95
+ const stats = {
96
+ total: filtered.length,
97
+ allowed: 0,
98
+ denied: 0,
99
+ byType: {},
100
+ };
101
+
102
+ for (const entry of filtered) {
103
+ if (entry.allowed) {
104
+ stats.allowed++;
105
+ } else {
106
+ stats.denied++;
107
+ }
108
+
109
+ stats.byType[entry.checkType] = (stats.byType[entry.checkType] || 0) + 1;
110
+ }
111
+
112
+ return stats;
113
+ }
114
+
115
+ /**
116
+ * 清空审计日志
117
+ */
118
+ clear() {
119
+ this.entries = [];
120
+ }
121
+
122
+ /**
123
+ * 获取日志条目数量
124
+ * @returns {number}
125
+ */
126
+ get size() {
127
+ return this.entries.length;
128
+ }
129
+
130
+ /**
131
+ * 导出为 JSON
132
+ * @returns {Array<PermissionAuditEntry>}
133
+ */
134
+ toJSON() {
135
+ return [...this.entries];
136
+ }
137
+ }
138
+
139
+ /**
140
+ * @typedef {Object} PermissionAuditEntry
141
+ * @property {string} agentId
142
+ * @property {string} checkType - 'tool' | 'file'
143
+ * @property {string} target
144
+ * @property {boolean} allowed
145
+ * @property {string} reason
146
+ * @property {string} timestamp
147
+ */
148
+
149
+ module.exports = {
150
+ PermissionAuditLog,
151
+ };
@@ -0,0 +1,270 @@
1
+ /**
2
+ * Review/Repair Loop — Review → Repair → Re-test 闭环
3
+ *
4
+ * 管理 Agent 的审查-修复循环,控制最大修复次数和升级策略。
5
+ */
6
+
7
+ const { AGENT_STATES, ESCALATION_POLICIES } = require('./agent-types');
8
+
9
+ // ============================================================
10
+ // 默认配置
11
+ // ============================================================
12
+
13
+ const DEFAULT_LOOP_CONFIG = Object.freeze({
14
+ /** 最大修复次数 */
15
+ maxRepairAttempts: 2,
16
+ /** 最大审查次数 */
17
+ maxReviewAttempts: 3,
18
+ /** 超时时间(毫秒) */
19
+ timeout: 600000,
20
+ /** 超时后的升级策略 */
21
+ timeoutPolicy: ESCALATION_POLICIES.BLOCK,
22
+ /** 修复失败后的升级策略 */
23
+ repairFailurePolicy: ESCALATION_POLICIES.BLOCK,
24
+ });
25
+
26
+ // ============================================================
27
+ // ReviewRepairLoop
28
+ // ============================================================
29
+
30
+ class ReviewRepairLoop {
31
+ /**
32
+ * @param {Object} [config] - 配置覆盖
33
+ */
34
+ constructor(config = {}) {
35
+ this.config = { ...DEFAULT_LOOP_CONFIG, ...config };
36
+
37
+ /** 当前修复次数 */
38
+ this.repairCount = 0;
39
+ /** 当前审查次数 */
40
+ this.reviewCount = 0;
41
+ /** 循环是否已完成 */
42
+ this.completed = false;
43
+ /** 循环是否已失败 */
44
+ this.failed = false;
45
+ /** 最终状态 */
46
+ this.finalStatus = null;
47
+ /** 事件日志 */
48
+ this.events = [];
49
+ /** 开始时间 */
50
+ this.startedAt = new Date().toISOString();
51
+ }
52
+
53
+ // ============================================================
54
+ // 事件记录
55
+ // ============================================================
56
+
57
+ /**
58
+ * 记录事件
59
+ * @param {string} type - 事件类型
60
+ * @param {Object} data - 事件数据
61
+ */
62
+ recordEvent(type, data = {}) {
63
+ this.events.push({
64
+ type,
65
+ data,
66
+ timestamp: new Date().toISOString(),
67
+ repairCount: this.repairCount,
68
+ reviewCount: this.reviewCount,
69
+ });
70
+ }
71
+
72
+ // ============================================================
73
+ // Review 阶段
74
+ // ============================================================
75
+
76
+ /**
77
+ * 开始审查
78
+ * @returns {{ ok: boolean, state: string, error?: string }}
79
+ */
80
+ startReview() {
81
+ if (this.completed || this.failed) {
82
+ return { ok: false, state: this.completed ? 'completed' : 'failed', error: '循环已结束' };
83
+ }
84
+
85
+ if (this.reviewCount >= this.config.maxReviewAttempts) {
86
+ this.fail('超过最大审查次数');
87
+ return { ok: false, state: 'failed', error: '超过最大审查次数' };
88
+ }
89
+
90
+ this.reviewCount++;
91
+ this.recordEvent('review_start', { reviewCount: this.reviewCount });
92
+
93
+ return { ok: true, state: AGENT_STATES.REVIEWING };
94
+ }
95
+
96
+ /**
97
+ * 审查通过
98
+ * @param {Object} [reviewResult] - 审查结果
99
+ * @returns {{ ok: boolean, state: string }}
100
+ */
101
+ approveReview(reviewResult = {}) {
102
+ this.completed = true;
103
+ this.finalStatus = 'approved';
104
+ this.recordEvent('review_approved', reviewResult);
105
+ return { ok: true, state: AGENT_STATES.COMPLETED };
106
+ }
107
+
108
+ /**
109
+ * 审查不通过,需要修复
110
+ * @param {Object} [reviewResult] - 审查结果(含问题列表)
111
+ * @returns {{ ok: boolean, state: string, needsRepair: boolean, error?: string }}
112
+ */
113
+ rejectReview(reviewResult = {}) {
114
+ if (this.completed || this.failed) {
115
+ return { ok: false, state: this.completed ? 'completed' : 'failed', needsRepair: false, error: '循环已结束' };
116
+ }
117
+
118
+ this.recordEvent('review_rejected', reviewResult);
119
+ return { ok: true, state: AGENT_STATES.REPAIRING, needsRepair: true };
120
+ }
121
+
122
+ // ============================================================
123
+ // Repair 阶段
124
+ // ============================================================
125
+
126
+ /**
127
+ * 开始修复
128
+ * @returns {{ ok: boolean, state: string, error?: string }}
129
+ */
130
+ startRepair() {
131
+ if (this.completed || this.failed) {
132
+ return { ok: false, state: this.completed ? 'completed' : 'failed', error: '循环已结束' };
133
+ }
134
+
135
+ if (this.repairCount >= this.config.maxRepairAttempts) {
136
+ this.fail('超过最大修复次数');
137
+ return { ok: false, state: 'failed', error: '超过最大修复次数' };
138
+ }
139
+
140
+ this.repairCount++;
141
+ this.recordEvent('repair_start', { repairCount: this.repairCount });
142
+
143
+ return { ok: true, state: AGENT_STATES.REPAIRING };
144
+ }
145
+
146
+ /**
147
+ * 修复完成,重新进入审查
148
+ * @param {Object} [repairResult] - 修复结果
149
+ * @returns {{ ok: boolean, state: string }}
150
+ */
151
+ completeRepair(repairResult = {}) {
152
+ this.recordEvent('repair_complete', repairResult);
153
+ return { ok: true, state: AGENT_STATES.REVIEWING };
154
+ }
155
+
156
+ /**
157
+ * 修复失败
158
+ * @param {Object} [repairResult] - 修复结果
159
+ * @returns {{ ok: boolean, state: string, escalation: string }}
160
+ */
161
+ failRepair(repairResult = {}) {
162
+ this.recordEvent('repair_failed', repairResult);
163
+
164
+ const policy = this.config.repairFailurePolicy;
165
+
166
+ if (policy === ESCALATION_POLICIES.RETRY && this.repairCount < this.config.maxRepairAttempts) {
167
+ return { ok: true, state: AGENT_STATES.REPAIRING, escalation: 'retry' };
168
+ }
169
+
170
+ if (policy === ESCALATION_POLICIES.SKIP) {
171
+ this.completed = true;
172
+ this.finalStatus = 'skipped';
173
+ this.recordEvent('escalation_skip', {});
174
+ return { ok: true, state: AGENT_STATES.COMPLETED, escalation: 'skip' };
175
+ }
176
+
177
+ // BLOCK 或 ABORT
178
+ this.fail(`修复失败,升级策略: ${policy}`);
179
+ return { ok: true, state: AGENT_STATES.FAILED, escalation: policy };
180
+ }
181
+
182
+ // ============================================================
183
+ // 超时处理
184
+ // ============================================================
185
+
186
+ /**
187
+ * 检查是否超时
188
+ * @returns {boolean}
189
+ */
190
+ isTimedOut() {
191
+ const elapsed = Date.now() - new Date(this.startedAt).getTime();
192
+ return elapsed > this.config.timeout;
193
+ }
194
+
195
+ /**
196
+ * 处理超时
197
+ * @returns {{ ok: boolean, state: string, escalation: string }}
198
+ */
199
+ handleTimeout() {
200
+ this.recordEvent('timeout', { elapsed: Date.now() - new Date(this.startedAt).getTime() });
201
+
202
+ const policy = this.config.timeoutPolicy;
203
+
204
+ if (policy === ESCALATION_POLICIES.SKIP) {
205
+ this.completed = true;
206
+ this.finalStatus = 'timeout_skipped';
207
+ return { ok: true, state: AGENT_STATES.COMPLETED, escalation: 'skip' };
208
+ }
209
+
210
+ this.fail('超时');
211
+ return { ok: true, state: AGENT_STATES.FAILED, escalation: policy };
212
+ }
213
+
214
+ // ============================================================
215
+ // 失败处理
216
+ // ============================================================
217
+
218
+ /**
219
+ * 标记循环失败
220
+ * @param {string} reason
221
+ */
222
+ fail(reason) {
223
+ this.failed = true;
224
+ this.finalStatus = 'failed';
225
+ this.recordEvent('loop_failed', { reason });
226
+ }
227
+
228
+ // ============================================================
229
+ // 查询
230
+ // ============================================================
231
+
232
+ /**
233
+ * 获取循环状态摘要
234
+ * @returns {Object}
235
+ */
236
+ getSummary() {
237
+ return {
238
+ completed: this.completed,
239
+ failed: this.failed,
240
+ finalStatus: this.finalStatus,
241
+ repairCount: this.repairCount,
242
+ reviewCount: this.reviewCount,
243
+ maxRepairAttempts: this.config.maxRepairAttempts,
244
+ maxReviewAttempts: this.config.maxReviewAttempts,
245
+ eventCount: this.events.length,
246
+ startedAt: this.startedAt,
247
+ };
248
+ }
249
+
250
+ /**
251
+ * 检查是否可以继续修复
252
+ * @returns {boolean}
253
+ */
254
+ canRepair() {
255
+ return !this.completed && !this.failed && this.repairCount < this.config.maxRepairAttempts;
256
+ }
257
+
258
+ /**
259
+ * 检查是否可以继续审查
260
+ * @returns {boolean}
261
+ */
262
+ canReview() {
263
+ return !this.completed && !this.failed && this.reviewCount < this.config.maxReviewAttempts;
264
+ }
265
+ }
266
+
267
+ module.exports = {
268
+ ReviewRepairLoop,
269
+ DEFAULT_LOOP_CONFIG,
270
+ };
@@ -0,0 +1,101 @@
1
+ /**
2
+ * Tool Permission — 工具权限校验
3
+ *
4
+ * 根据 AgentProfile 的 allowedTools / deniedTools 判断是否允许使用某工具。
5
+ * 规则:deniedTools 优先于 allowedTools;空 allowedTools 表示全部允许。
6
+ */
7
+
8
+ // ============================================================
9
+ // checkToolPermission — 工具权限校验
10
+ // ============================================================
11
+
12
+ /**
13
+ * 检查 Agent 是否被允许使用指定工具
14
+ * @param {Object} profile - AgentProfile
15
+ * @param {string} toolName - 工具名称
16
+ * @returns {{ allowed: boolean, reason: string }}
17
+ */
18
+ function checkToolPermission(profile, toolName) {
19
+ if (!profile || typeof profile !== 'object') {
20
+ return { allowed: false, reason: 'profile 无效' };
21
+ }
22
+
23
+ if (!toolName || typeof toolName !== 'string') {
24
+ return { allowed: false, reason: 'toolName 无效' };
25
+ }
26
+
27
+ const deniedTools = profile.deniedTools || [];
28
+ const allowedTools = profile.allowedTools || [];
29
+
30
+ // deniedTools 优先级最高 — 精确匹配
31
+ if (deniedTools.includes(toolName)) {
32
+ return { allowed: false, reason: `工具 ${toolName} 在 deniedTools 列表中` };
33
+ }
34
+
35
+ // 空 allowedTools 表示全部允许(除 deniedTools 中的)
36
+ if (allowedTools.length === 0) {
37
+ return { allowed: true, reason: 'allowedTools 为空,全部允许' };
38
+ }
39
+
40
+ // allowedTools 非空时,必须在列表中
41
+ if (allowedTools.includes(toolName)) {
42
+ return { allowed: true, reason: `工具 ${toolName} 在 allowedTools 列表中` };
43
+ }
44
+
45
+ return { allowed: false, reason: `工具 ${toolName} 不在 allowedTools 列表中` };
46
+ }
47
+
48
+ // ============================================================
49
+ // checkBatchToolPermission — 批量工具权限校验
50
+ // ============================================================
51
+
52
+ /**
53
+ * 批量检查 Agent 是否被允许使用多个工具
54
+ * @param {Object} profile - AgentProfile
55
+ * @param {string[]} toolNames - 工具名称列表
56
+ * @returns {{ results: Record<string, { allowed: boolean, reason: string }>, allAllowed: boolean }}
57
+ */
58
+ function checkBatchToolPermission(profile, toolNames) {
59
+ const results = {};
60
+ let allAllowed = true;
61
+
62
+ for (const toolName of toolNames) {
63
+ results[toolName] = checkToolPermission(profile, toolName);
64
+ if (!results[toolName].allowed) {
65
+ allAllowed = false;
66
+ }
67
+ }
68
+
69
+ return { results, allAllowed };
70
+ }
71
+
72
+ // ============================================================
73
+ // getAllowedTools — 获取有效允许工具列表
74
+ // ============================================================
75
+
76
+ /**
77
+ * 获取 Agent 的有效允许工具列表
78
+ * @param {Object} profile - AgentProfile
79
+ * @param {string[]} allAvailableTools - 所有可用工具列表
80
+ * @returns {string[]}
81
+ */
82
+ function getAllowedTools(profile, allAvailableTools = []) {
83
+ if (!profile) return [];
84
+
85
+ const deniedTools = profile.deniedTools || [];
86
+ const allowedTools = profile.allowedTools || [];
87
+
88
+ // 空 allowedTools = 全部允许,排除 denied
89
+ if (allowedTools.length === 0) {
90
+ return allAvailableTools.filter((t) => !deniedTools.includes(t));
91
+ }
92
+
93
+ // 非空 allowedTools,取交集后排除 denied
94
+ return allowedTools.filter((t) => !deniedTools.includes(t));
95
+ }
96
+
97
+ module.exports = {
98
+ checkToolPermission,
99
+ checkBatchToolPermission,
100
+ getAllowedTools,
101
+ };