@nockdev/awf 6.2.0 → 6.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (709) hide show
  1. package/.agent/build.yaml +3 -3
  2. package/.agent/config.yaml +21 -146
  3. package/.agent/core/AGENT_BEHAVIOR.md +86 -0
  4. package/.agent/core/AUDIT_POLICY.md +1 -1
  5. package/.agent/core/CACHE.md +1 -1
  6. package/.agent/core/COMMANDS.md +16 -7
  7. package/.agent/core/CUSTOMIZE.md +61 -3
  8. package/.agent/core/DATA_SAFETY.md +1 -1
  9. package/.agent/core/MEMORY_PATHS.yaml +2 -2
  10. package/.agent/core/PERMISSIONS.md +1 -1
  11. package/.agent/core/README.md +1 -1
  12. package/.agent/core/VERSION.yaml +18 -8
  13. package/.agent/core/{ACTIVE_MEMORY.yaml → archive/ACTIVE_MEMORY.yaml} +2 -2
  14. package/.agent/core/{CHECKPOINT.yaml → archive/CHECKPOINT.yaml} +2 -2
  15. package/.agent/core/{CLEANUP_ENGINE.yaml → archive/CLEANUP_ENGINE.yaml} +2 -2
  16. package/.agent/core/{CONTEXT_INJECTOR.yaml → archive/CONTEXT_INJECTOR.yaml} +2 -2
  17. package/.agent/core/{CONTEXT_LOADER.yaml → archive/CONTEXT_LOADER.yaml} +1 -1
  18. package/.agent/core/{CONTEXT_OPTIMIZATION.yaml → archive/CONTEXT_OPTIMIZATION.yaml} +1 -1
  19. package/.agent/core/{CONTEXT_PRIORITY.yaml → archive/CONTEXT_PRIORITY.yaml} +2 -2
  20. package/.agent/core/{FLOW_ENGINE.yaml → archive/FLOW_ENGINE.yaml} +1 -1
  21. package/.agent/core/{GRAPH_MEMORY.yaml → archive/GRAPH_MEMORY.yaml} +1 -1
  22. package/.agent/core/{HYBRID_ROUTER.yaml → archive/HYBRID_ROUTER.yaml} +1 -1
  23. package/.agent/core/{INTENT_DETECTION.yaml → archive/INTENT_DETECTION.yaml} +1 -1
  24. package/.agent/core/{MEMORY_CONSOLIDATION.yaml → archive/MEMORY_CONSOLIDATION.yaml} +3 -3
  25. package/.agent/core/{MEMORY_ENGINE.yaml → archive/MEMORY_ENGINE.yaml} +2 -2
  26. package/.agent/core/{MEMORY_UTILS.yaml → archive/MEMORY_UTILS.yaml} +1 -1
  27. package/.agent/core/{REFLECTION_ENGINE.yaml → archive/REFLECTION_ENGINE.yaml} +1 -1
  28. package/.agent/core/{ROUTER.yaml → archive/ROUTER.yaml} +5 -5
  29. package/.agent/core/{SCORING_FORMULA.yaml → archive/SCORING_FORMULA.yaml} +2 -2
  30. package/.agent/core/{SEMANTIC_ENGINE.yaml → archive/SEMANTIC_ENGINE.yaml} +1 -1
  31. package/.agent/core/{SKILLS_FLOW.yaml → archive/SKILLS_FLOW.yaml} +2 -2
  32. package/.agent/core/{STATE_MACHINE.yaml → archive/STATE_MACHINE.yaml} +1 -1
  33. package/.agent/core/{SUMMARIZATION_ENGINE.yaml → archive/SUMMARIZATION_ENGINE.yaml} +2 -2
  34. package/.agent/core/{TOKEN_BUDGETS.yaml → archive/TOKEN_BUDGETS.yaml} +2 -2
  35. package/.agent/core/{TOKEN_LOADING.yaml → archive/TOKEN_LOADING.yaml} +2 -2
  36. package/.agent/core/{TOKEN_SUMMARY.yaml → archive/TOKEN_SUMMARY.yaml} +2 -2
  37. package/.agent/core/{CODING_STYLES.yaml → reference/CODING_STYLES.yaml} +1 -1
  38. package/.agent/core/{LIBRARY_REGISTRY.yaml → reference/LIBRARY_REGISTRY.yaml} +1 -1
  39. package/.agent/core/{MCP_TOOLS.yaml → reference/MCP_TOOLS.yaml} +2 -2
  40. package/.agent/core/{PATTERNS.yaml → reference/PATTERNS.yaml} +1 -1
  41. package/.agent/core/{SKILL_SCHEMA.yaml → reference/SKILL_SCHEMA.yaml} +2 -2
  42. package/.agent/i18n/en.yaml +6 -6
  43. package/.agent/i18n/vi.yaml +6 -6
  44. package/.agent/ide/README.md +1 -1
  45. package/.agent/ide/amazonq.json +3 -3
  46. package/.agent/ide/amp.json +4 -3
  47. package/.agent/ide/antigravity.json +4 -3
  48. package/.agent/ide/augment.json +4 -4
  49. package/.agent/ide/claude.json +4 -3
  50. package/.agent/ide/cline.json +4 -3
  51. package/.agent/ide/codex.json +6 -1
  52. package/.agent/ide/cody.json +4 -3
  53. package/.agent/ide/continue.json +4 -3
  54. package/.agent/ide/cursor.json +4 -3
  55. package/.agent/ide/gemini.json +4 -3
  56. package/.agent/ide/jetbrains.json +4 -3
  57. package/.agent/ide/kiro.json +4 -3
  58. package/.agent/ide/opencode.json +4 -3
  59. package/.agent/ide/roo.json +4 -3
  60. package/.agent/ide/tabnine.json +4 -3
  61. package/.agent/ide/trae.json +4 -3
  62. package/.agent/ide/vscode.json +4 -3
  63. package/.agent/ide/windsurf.json +4 -3
  64. package/.agent/ide/zed.json +4 -3
  65. package/.agent/manifest.yaml +142 -34
  66. package/.agent/memory/core_memory/persona.json +2 -2
  67. package/.agent/memory/core_memory/project.json +1 -1
  68. package/.agent/memory/core_memory/rules.json +1 -1
  69. package/.agent/memory/core_memory/user.json +1 -1
  70. package/.agent/memory/graph/knowledge_graph.json +1 -1
  71. package/.agent/memory/patterns/errors.json +1 -1
  72. package/.agent/memory/patterns/successes.json +1 -1
  73. package/.agent/memory/state.json +3 -3
  74. package/.agent/personas/README.md +1 -1
  75. package/.agent/personas/architect.md +1 -1
  76. package/.agent/personas/auditor.md +1 -1
  77. package/.agent/personas/debugger.md +1 -1
  78. package/.agent/personas/developer.md +1 -1
  79. package/.agent/personas/devops.md +1 -1
  80. package/.agent/personas/documenter.md +1 -1
  81. package/.agent/personas/orchestrator.md +1 -1
  82. package/.agent/personas/persona.schema.yaml +1 -1
  83. package/.agent/personas/planner.md +1 -1
  84. package/.agent/personas/researcher.md +1 -1
  85. package/.agent/personas/security.md +1 -1
  86. package/.agent/personas/tester.md +1 -1
  87. package/.agent/private/README.md +74 -0
  88. package/.agent/private/_index.yaml +23 -0
  89. package/.agent/private/_template/META.yaml +38 -0
  90. package/.agent/private/_template/SKILL.md +43 -0
  91. package/.agent/private/_template/data/.gitkeep +0 -0
  92. package/.agent/private/autodomyh-api/META.yaml +48 -0
  93. package/.agent/private/autodomyh-api/SKILL.md +141 -0
  94. package/.agent/private/autodomyh-api/data/conventions.yaml +107 -0
  95. package/.agent/rules/README.md +24 -18
  96. package/.agent/rules/SACRED_RULES.xml +42 -36
  97. package/.agent/rules/{constitutional → archive/constitutional}/tier-0-core.yaml +5 -5
  98. package/.agent/rules/{constitutional → archive/constitutional}/tier-1-safety.yaml +5 -5
  99. package/.agent/rules/{constitutional → archive/constitutional}/tier-2-execution.yaml +6 -6
  100. package/.agent/rules/{modules → archive}/context-management.yaml +1 -1
  101. package/.agent/rules/{duplication-prevention.md → archive/duplication-prevention.md} +1 -1
  102. package/.agent/rules/{modules → archive}/evidence.yaml +1 -1
  103. package/.agent/rules/{project-detection.md → archive/project-detection.md} +1 -1
  104. package/.agent/rules/{modules → archive}/reflection.yaml +1 -1
  105. package/.agent/rules/{modules → archive}/versioning.yaml +3 -3
  106. package/.agent/rules/data/build-systems.yaml +2 -2
  107. package/.agent/rules/modules/agent-delegation.yaml +136 -0
  108. package/.agent/rules/modules/edit-verification.yaml +1 -1
  109. package/.agent/rules/modules/git-workflow.yaml +1 -1
  110. package/.agent/rules/modules/language.yaml +1 -1
  111. package/.agent/rules/modules/online-research.yaml +1 -1
  112. package/.agent/rules/modules/performance-optimization.yaml +141 -0
  113. package/.agent/rules/modules/quality.yaml +1 -1
  114. package/.agent/rules/modules/stop-conditions.yaml +1 -1
  115. package/.agent/rules/modules/terminal-safety.yaml +1 -1
  116. package/.agent/rules/modules/yagni.yaml +1 -1
  117. package/.agent/rules/validation-framework.md +1 -1
  118. package/.agent/skills/DEVELOPMENT.yaml +5 -5
  119. package/.agent/skills/README.md +19 -16
  120. package/.agent/skills/_categories.yaml +60 -8
  121. package/.agent/skills/_router.yaml +61 -19
  122. package/.agent/skills/ai-ml/ai-agents/META.yaml +127 -0
  123. package/.agent/skills/ai-ml/ai-agents/SKILL.md +139 -0
  124. package/.agent/skills/ai-ml/ai-agents/data/agent-rules.yaml +120 -0
  125. package/.agent/skills/ai-ml/ai-agents/data/llm-integration.yaml +129 -0
  126. package/.agent/skills/ai-ml/ai-agents/data/memory-patterns.yaml +123 -0
  127. package/.agent/skills/ai-ml/ai-agents/data/orchestration-patterns.yaml +101 -0
  128. package/.agent/skills/ai-ml/gemini-live/META.yaml +55 -0
  129. package/.agent/skills/ai-ml/gemini-live/SKILL.md +155 -0
  130. package/.agent/skills/ai-ml/gemini-live/data/code-execution.yaml +131 -0
  131. package/.agent/skills/ai-ml/gemini-live/data/context-caching.yaml +96 -0
  132. package/.agent/skills/ai-ml/gemini-live/data/grounding.yaml +97 -0
  133. package/.agent/skills/ai-ml/gemini-live/data/live-api.yaml +103 -0
  134. package/.agent/skills/ai-ml/gemini-media-gen/META.yaml +56 -0
  135. package/.agent/skills/ai-ml/gemini-media-gen/SKILL.md +128 -0
  136. package/.agent/skills/ai-ml/gemini-media-gen/data/files-api.yaml +96 -0
  137. package/.agent/skills/ai-ml/gemini-media-gen/data/image-models.yaml +112 -0
  138. package/.agent/skills/ai-ml/gemini-media-gen/data/image-prompts.yaml +131 -0
  139. package/.agent/skills/ai-ml/gemini-media-gen/data/video-generation.yaml +131 -0
  140. package/.agent/skills/ai-ml/gemini-tts/META.yaml +49 -0
  141. package/.agent/skills/ai-ml/gemini-tts/SKILL.md +124 -0
  142. package/.agent/skills/ai-ml/gemini-tts/data/markup-tags.yaml +95 -0
  143. package/.agent/skills/ai-ml/gemini-tts/data/models.yaml +124 -0
  144. package/.agent/skills/ai-ml/gemini-tts/data/prompting-patterns.yaml +81 -0
  145. package/.agent/skills/ai-ml/prompt-engineering/META.yaml +77 -0
  146. package/.agent/skills/ai-ml/prompt-engineering/SKILL.md +217 -0
  147. package/.agent/skills/ai-ml/prompt-engineering/data/gemini3-patterns.yaml +170 -0
  148. package/.agent/skills/ai-ml/prompt-engineering/data/output-patterns.yaml +73 -0
  149. package/.agent/skills/ai-ml/prompt-engineering/data/provider-patterns.yaml +82 -0
  150. package/.agent/skills/ai-ml/prompt-engineering/data/reasoning-patterns.yaml +86 -0
  151. package/.agent/skills/ai-ml/prompt-engineering/data/safety-patterns.yaml +71 -0
  152. package/.agent/skills/ai-ml/prompt-engineering/data/tool-patterns.yaml +173 -0
  153. package/.agent/skills/ai-ml/rag-patterns/META.yaml +57 -0
  154. package/.agent/skills/ai-ml/rag-patterns/SKILL.md +92 -0
  155. package/.agent/skills/ai-ml/rag-patterns/data/chunking-strategies.yaml +71 -0
  156. package/.agent/skills/ai-ml/rag-patterns/data/embedding-models.yaml +76 -0
  157. package/.agent/skills/ai-ml/rag-patterns/data/evaluation.yaml +92 -0
  158. package/.agent/skills/ai-ml/rag-patterns/data/retrieval-patterns.yaml +101 -0
  159. package/.agent/skills/ai-ml/rag-patterns/data/vector-databases.yaml +103 -0
  160. package/.agent/skills/ai-ml/vector-search/META.yaml +63 -0
  161. package/.agent/skills/ai-ml/vector-search/SKILL.md +110 -0
  162. package/.agent/skills/ai-ml/vector-search/data/embedding-models.yaml +117 -0
  163. package/.agent/skills/ai-ml/vector-search/data/search-patterns.yaml +118 -0
  164. package/.agent/skills/ai-ml/vector-search/data/vector-dbs.yaml +155 -0
  165. package/.agent/skills/core/api-design/META.yaml +1 -5
  166. package/.agent/skills/core/api-design/SKILL.md +20 -26
  167. package/.agent/skills/core/api-design/data/api-versioning.yaml +211 -211
  168. package/.agent/skills/core/api-design/data/error-responses.yaml +129 -129
  169. package/.agent/skills/core/api-design/data/graphql-patterns.yaml +159 -159
  170. package/.agent/skills/core/api-design/data/grpc-patterns.yaml +159 -159
  171. package/.agent/skills/core/api-design/data/http-status-codes.yaml +170 -170
  172. package/.agent/skills/core/api-design/data/modern-api-patterns.yaml +160 -0
  173. package/.agent/skills/core/api-design/data/pagination.yaml +115 -115
  174. package/.agent/skills/core/api-design/data/rate-limiting.yaml +129 -129
  175. package/.agent/skills/core/api-design/data/rest-patterns.yaml +189 -189
  176. package/.agent/skills/core/api-design/data/test-apis.yaml +211 -211
  177. package/.agent/skills/core/authentication/META.yaml +1 -5
  178. package/.agent/skills/core/authentication/SKILL.md +36 -43
  179. package/.agent/skills/core/authentication/data/anti-patterns.yaml +129 -129
  180. package/.agent/skills/core/authentication/data/core-patterns.yaml +250 -250
  181. package/.agent/skills/core/authentication/data/jwt-patterns.yaml +249 -249
  182. package/.agent/skills/core/authentication/data/language-csharp.yaml +209 -209
  183. package/.agent/skills/core/authentication/data/language-go.yaml +209 -209
  184. package/.agent/skills/core/authentication/data/language-java.yaml +209 -209
  185. package/.agent/skills/core/authentication/data/language-mobile.yaml +209 -209
  186. package/.agent/skills/core/authentication/data/language-python.yaml +209 -209
  187. package/.agent/skills/core/authentication/data/language-rust.yaml +209 -209
  188. package/.agent/skills/core/authentication/data/language-typescript.yaml +209 -209
  189. package/.agent/skills/core/authentication/data/mfa-patterns.yaml +169 -169
  190. package/.agent/skills/core/authentication/data/oauth-patterns.yaml +249 -249
  191. package/.agent/skills/core/authentication/data/oauth.yaml +243 -243
  192. package/.agent/skills/core/authentication/data/passkey-patterns.yaml +149 -0
  193. package/.agent/skills/core/authentication/data/passkeys-webauthn.yaml +209 -209
  194. package/.agent/skills/core/authentication/data/passkeys.yaml +203 -203
  195. package/.agent/skills/core/authentication/data/password-patterns.yaml +169 -169
  196. package/.agent/skills/core/authentication/data/password.yaml +163 -163
  197. package/.agent/skills/core/authentication/data/session-patterns.yaml +209 -209
  198. package/.agent/skills/core/error-handling/META.yaml +1 -5
  199. package/.agent/skills/core/error-handling/SKILL.md +21 -25
  200. package/.agent/skills/core/error-handling/data/anti-patterns.yaml +99 -99
  201. package/.agent/skills/core/error-handling/data/api-error-patterns.yaml +2 -2
  202. package/.agent/skills/core/error-handling/data/core-patterns.yaml +2 -2
  203. package/.agent/skills/core/error-handling/data/error-codes.yaml +159 -159
  204. package/.agent/skills/core/error-handling/data/error-messages.yaml +2 -2
  205. package/.agent/skills/core/error-handling/data/language-c-cpp.yaml +220 -220
  206. package/.agent/skills/core/error-handling/data/language-go-rust.yaml +2 -2
  207. package/.agent/skills/core/error-handling/data/language-python-java.yaml +220 -220
  208. package/.agent/skills/core/error-handling/data/language-swift-kotlin.yaml +220 -220
  209. package/.agent/skills/core/error-handling/data/language-typescript-php-ruby.yaml +220 -220
  210. package/.agent/skills/core/error-handling/data/resilience-patterns.yaml +2 -2
  211. package/.agent/skills/core/error-handling/data/ui-error-patterns.yaml +129 -129
  212. package/.agent/skills/core/logging/META.yaml +1 -5
  213. package/.agent/skills/core/logging/SKILL.md +28 -42
  214. package/.agent/skills/core/logging/data/aggregation-patterns.yaml +185 -185
  215. package/.agent/skills/core/logging/data/anti-patterns.yaml +115 -115
  216. package/.agent/skills/core/logging/data/core-patterns.yaml +220 -220
  217. package/.agent/skills/core/logging/data/language-csharp.yaml +185 -185
  218. package/.agent/skills/core/logging/data/language-go.yaml +185 -185
  219. package/.agent/skills/core/logging/data/language-java.yaml +185 -185
  220. package/.agent/skills/core/logging/data/language-kotlin.yaml +150 -150
  221. package/.agent/skills/core/logging/data/language-others.yaml +178 -178
  222. package/.agent/skills/core/logging/data/language-python.yaml +185 -185
  223. package/.agent/skills/core/logging/data/language-rust.yaml +185 -185
  224. package/.agent/skills/core/logging/data/language-swift.yaml +150 -150
  225. package/.agent/skills/core/logging/data/language-typescript.yaml +185 -185
  226. package/.agent/skills/core/logging/data/otel-logging.yaml +150 -150
  227. package/.agent/skills/core/observability/META.yaml +1 -5
  228. package/.agent/skills/core/observability/SKILL.md +29 -38
  229. package/.agent/skills/core/observability/data/alerting-patterns.yaml +159 -159
  230. package/.agent/skills/core/observability/data/anti-patterns.yaml +99 -99
  231. package/.agent/skills/core/observability/data/core-patterns.yaml +189 -189
  232. package/.agent/skills/core/observability/data/language-cpp.yaml +159 -159
  233. package/.agent/skills/core/observability/data/language-csharp.yaml +159 -159
  234. package/.agent/skills/core/observability/data/language-go.yaml +159 -159
  235. package/.agent/skills/core/observability/data/language-java.yaml +159 -159
  236. package/.agent/skills/core/observability/data/language-others.yaml +249 -249
  237. package/.agent/skills/core/observability/data/language-python.yaml +159 -159
  238. package/.agent/skills/core/observability/data/language-rust.yaml +159 -159
  239. package/.agent/skills/core/observability/data/language-typescript.yaml +159 -159
  240. package/.agent/skills/core/observability/data/metrics-patterns.yaml +129 -129
  241. package/.agent/skills/core/observability/data/metrics-prometheus.yaml +159 -159
  242. package/.agent/skills/core/observability/data/otel-core.yaml +189 -189
  243. package/.agent/skills/core/observability/data/profiling-patterns.yaml +129 -129
  244. package/.agent/skills/core/observability/data/tracing-patterns.yaml +159 -159
  245. package/.agent/skills/core/observability/data/tracing-tools.yaml +129 -129
  246. package/.agent/skills/core/security/META.yaml +1 -5
  247. package/.agent/skills/core/security/SKILL.md +25 -25
  248. package/.agent/skills/core/security/data/ai-ml-security.yaml +255 -255
  249. package/.agent/skills/core/security/data/api-security.yaml +224 -224
  250. package/.agent/skills/core/security/data/auth-patterns.yaml +189 -189
  251. package/.agent/skills/core/security/data/binary-exploitation.yaml +333 -333
  252. package/.agent/skills/core/security/data/cloud-security.yaml +263 -263
  253. package/.agent/skills/core/security/data/cwe-top25.yaml +409 -409
  254. package/.agent/skills/core/security/data/language-specific/c-security.yaml +289 -289
  255. package/.agent/skills/core/security/data/language-specific/cpp-security.yaml +289 -289
  256. package/.agent/skills/core/security/data/language-specific/csharp-security.yaml +213 -213
  257. package/.agent/skills/core/security/data/language-specific/go-security.yaml +213 -213
  258. package/.agent/skills/core/security/data/language-specific/java-security.yaml +289 -289
  259. package/.agent/skills/core/security/data/language-specific/kotlin-security.yaml +192 -192
  260. package/.agent/skills/core/security/data/language-specific/php-security.yaml +213 -213
  261. package/.agent/skills/core/security/data/language-specific/python-security.yaml +289 -289
  262. package/.agent/skills/core/security/data/language-specific/ruby-security.yaml +192 -192
  263. package/.agent/skills/core/security/data/language-specific/rust-security.yaml +234 -234
  264. package/.agent/skills/core/security/data/language-specific/solidity-security.yaml +363 -363
  265. package/.agent/skills/core/security/data/language-specific/swift-security.yaml +192 -192
  266. package/.agent/skills/core/security/data/language-specific/typescript-security.yaml +289 -289
  267. package/.agent/skills/core/security/data/mobile-security.yaml +363 -363
  268. package/.agent/skills/core/security/data/network-security.yaml +291 -291
  269. package/.agent/skills/core/security/data/owasp-llm-top10.yaml +122 -0
  270. package/.agent/skills/core/security/data/owasp-top10.yaml +165 -165
  271. package/.agent/skills/core/security/data/reverse-engineering.yaml +491 -491
  272. package/.agent/skills/core/security/data/supply-chain.yaml +213 -213
  273. package/.agent/skills/cross-cutting/_index.yaml +4 -2
  274. package/.agent/skills/cross-cutting/accessibility/META.yaml +45 -0
  275. package/.agent/skills/cross-cutting/accessibility/SKILL.md +121 -0
  276. package/.agent/skills/cross-cutting/accessibility/data/aria-patterns.yaml +88 -0
  277. package/.agent/skills/cross-cutting/accessibility/data/testing-tools.yaml +60 -0
  278. package/.agent/skills/cross-cutting/accessibility/data/wcag-guidelines.yaml +98 -0
  279. package/.agent/skills/cross-cutting/audit-pro/META.yaml +2 -6
  280. package/.agent/skills/cross-cutting/bun/META.yaml +2 -8
  281. package/.agent/skills/cross-cutting/bun/SKILL.md +8 -12
  282. package/.agent/skills/cross-cutting/coding-rules/META.yaml +4 -11
  283. package/.agent/skills/cross-cutting/coding-rules/SKILL.md +38 -46
  284. package/.agent/skills/cross-cutting/coding-rules/data/adr-patterns.yaml +102 -0
  285. package/.agent/skills/cross-cutting/coding-rules/data/architecture-patterns.yaml +289 -90
  286. package/.agent/skills/cross-cutting/coding-rules/data/build-systems.yaml +340 -340
  287. package/.agent/skills/cross-cutting/coding-rules/data/coding-rules.yaml +641 -641
  288. package/.agent/skills/cross-cutting/coding-rules/data/concurrency-patterns.yaml +102 -102
  289. package/.agent/skills/cross-cutting/coding-rules/data/design-patterns.yaml +254 -254
  290. package/.agent/skills/cross-cutting/coding-rules/data/framework-directories.yaml +446 -0
  291. package/.agent/skills/cross-cutting/coding-rules/data/framework-signatures.yaml +338 -338
  292. package/.agent/skills/cross-cutting/coding-rules/data/memory-management.yaml +102 -102
  293. package/.agent/skills/cross-cutting/coding-rules/data/naming-conventions.yaml +314 -314
  294. package/.agent/skills/cross-cutting/coding-rules/data/performance-benchmarks.yaml +158 -158
  295. package/.agent/skills/cross-cutting/coding-rules/data/solid-principles.yaml +74 -74
  296. package/.agent/skills/cross-cutting/coding-rules/data/test-frameworks.yaml +177 -177
  297. package/.agent/skills/cross-cutting/database/META.yaml +2 -2
  298. package/.agent/skills/cross-cutting/database/SKILL.md +10 -19
  299. package/.agent/skills/cross-cutting/deno/META.yaml +2 -8
  300. package/.agent/skills/cross-cutting/deno/SKILL.md +8 -12
  301. package/.agent/skills/cross-cutting/domyh-design/ADVANCED.md +247 -0
  302. package/.agent/skills/cross-cutting/{ui-ux-pro-max → domyh-design}/META.yaml +44 -13
  303. package/.agent/skills/cross-cutting/domyh-design/SKILL.md +171 -0
  304. package/.agent/skills/cross-cutting/domyh-design/data/animation-ui-kits.yaml +198 -0
  305. package/.agent/skills/cross-cutting/domyh-design/data/charts.yaml +331 -0
  306. package/.agent/skills/cross-cutting/domyh-design/data/colors.yaml +1226 -0
  307. package/.agent/skills/cross-cutting/domyh-design/data/component-decision.yaml +287 -0
  308. package/.agent/skills/cross-cutting/domyh-design/data/component-effects.yaml +673 -0
  309. package/.agent/skills/cross-cutting/domyh-design/data/component-mapping.yaml +318 -0
  310. package/.agent/skills/cross-cutting/domyh-design/data/design-system-prompts.yaml +174 -0
  311. package/.agent/skills/cross-cutting/domyh-design/data/design-tokens.yaml +525 -0
  312. package/.agent/skills/cross-cutting/domyh-design/data/desktop-animation.yaml +680 -0
  313. package/.agent/skills/cross-cutting/domyh-design/data/desktop-architecture.yaml +140 -0
  314. package/.agent/skills/cross-cutting/{ui-ux-pro-max → domyh-design}/data/desktop-colors.yaml +4 -4
  315. package/.agent/skills/cross-cutting/domyh-design/data/directory-structure.yaml +80 -0
  316. package/.agent/skills/cross-cutting/domyh-design/data/icons.yaml +918 -0
  317. package/.agent/skills/cross-cutting/domyh-design/data/image-gen-prompts.yaml +678 -0
  318. package/.agent/skills/cross-cutting/domyh-design/data/image-gen-workflows.yaml +202 -0
  319. package/.agent/skills/cross-cutting/domyh-design/data/implementation-strategy.yaml +107 -0
  320. package/.agent/skills/cross-cutting/domyh-design/data/landing.yaml +373 -0
  321. package/.agent/skills/cross-cutting/domyh-design/data/micro-interactions.yaml +528 -0
  322. package/.agent/skills/cross-cutting/domyh-design/data/platform-frameworks.yaml +195 -0
  323. package/.agent/skills/cross-cutting/domyh-design/data/platform-guidelines.yaml +177 -0
  324. package/.agent/skills/cross-cutting/domyh-design/data/products.yaml +1339 -0
  325. package/.agent/skills/cross-cutting/domyh-design/data/prompts.yaml +207 -0
  326. package/.agent/skills/cross-cutting/domyh-design/data/react-performance.yaml +504 -0
  327. package/.agent/skills/cross-cutting/domyh-design/data/scroll-animation-patterns.yaml +398 -0
  328. package/.agent/skills/cross-cutting/domyh-design/data/stacks/desktop.yaml +228 -0
  329. package/.agent/skills/cross-cutting/domyh-design/data/stacks/flutter.yaml +508 -0
  330. package/.agent/skills/cross-cutting/domyh-design/data/stacks/html-tailwind.yaml +543 -0
  331. package/.agent/skills/cross-cutting/domyh-design/data/stacks/nextjs.yaml +515 -0
  332. package/.agent/skills/cross-cutting/domyh-design/data/stacks/nuxt-ui.yaml +519 -0
  333. package/.agent/skills/cross-cutting/domyh-design/data/stacks/nuxtjs.yaml +599 -0
  334. package/.agent/skills/cross-cutting/domyh-design/data/stacks/react-native.yaml +496 -0
  335. package/.agent/skills/cross-cutting/domyh-design/data/stacks/react.yaml +526 -0
  336. package/.agent/skills/cross-cutting/domyh-design/data/stacks/shadcn.yaml +616 -0
  337. package/.agent/skills/cross-cutting/domyh-design/data/stacks/svelte.yaml +520 -0
  338. package/.agent/skills/cross-cutting/domyh-design/data/stacks/swiftui.yaml +486 -0
  339. package/.agent/skills/cross-cutting/domyh-design/data/stacks/vue.yaml +485 -0
  340. package/.agent/skills/cross-cutting/domyh-design/data/styles.yaml +1473 -0
  341. package/.agent/skills/cross-cutting/domyh-design/data/tailwind-animation-plugins.yaml +462 -0
  342. package/.agent/skills/cross-cutting/domyh-design/data/typography.yaml +647 -0
  343. package/.agent/skills/cross-cutting/domyh-design/data/ui-reasoning.yaml +1019 -0
  344. package/.agent/skills/cross-cutting/domyh-design/data/ux-guidelines.yaml +1009 -0
  345. package/.agent/skills/cross-cutting/domyh-design/data/web-animation-libraries.yaml +541 -0
  346. package/.agent/skills/cross-cutting/domyh-design/data/web-interface.yaml +347 -0
  347. package/.agent/skills/cross-cutting/domyh-design/data/webview-animation-optimization.yaml +685 -0
  348. package/.agent/skills/cross-cutting/electron/SKILL.md +10 -14
  349. package/.agent/skills/cross-cutting/event-driven/META.yaml +108 -0
  350. package/.agent/skills/cross-cutting/event-driven/SKILL.md +123 -0
  351. package/.agent/skills/cross-cutting/event-driven/data/broker-comparison.yaml +123 -0
  352. package/.agent/skills/cross-cutting/event-driven/data/eda-patterns.yaml +120 -0
  353. package/.agent/skills/cross-cutting/event-driven/data/production-patterns.yaml +120 -0
  354. package/.agent/skills/cross-cutting/microservices/META.yaml +90 -0
  355. package/.agent/skills/cross-cutting/microservices/SKILL.md +120 -0
  356. package/.agent/skills/cross-cutting/microservices/data/communication.yaml +163 -0
  357. package/.agent/skills/cross-cutting/microservices/data/cqrs-patterns.yaml +199 -0
  358. package/.agent/skills/cross-cutting/microservices/data/deployment.yaml +153 -0
  359. package/.agent/skills/cross-cutting/microservices/data/event-sourcing.yaml +231 -0
  360. package/.agent/skills/cross-cutting/microservices/data/observability.yaml +152 -0
  361. package/.agent/skills/cross-cutting/microservices/data/resilience.yaml +189 -0
  362. package/.agent/skills/cross-cutting/microservices/data/saga-patterns.yaml +161 -0
  363. package/.agent/skills/cross-cutting/microservices/data/service-mesh.yaml +179 -0
  364. package/.agent/skills/cross-cutting/monorepo/META.yaml +54 -0
  365. package/.agent/skills/cross-cutting/monorepo/SKILL.md +108 -0
  366. package/.agent/skills/cross-cutting/monorepo/data/ci-cd-strategies.yaml +74 -0
  367. package/.agent/skills/cross-cutting/monorepo/data/nx-patterns.yaml +74 -0
  368. package/.agent/skills/cross-cutting/monorepo/data/turborepo-patterns.yaml +84 -0
  369. package/.agent/skills/cross-cutting/monorepo/data/versioning.yaml +83 -0
  370. package/.agent/skills/cross-cutting/monorepo/data/workspace-patterns.yaml +85 -0
  371. package/.agent/skills/cross-cutting/playwright/ADVANCED.md +289 -0
  372. package/.agent/skills/cross-cutting/playwright/META.yaml +90 -0
  373. package/.agent/skills/cross-cutting/playwright/SKILL.md +210 -0
  374. package/.agent/skills/cross-cutting/playwright/data/ai-agents.yaml +137 -0
  375. package/.agent/skills/cross-cutting/playwright/data/config-templates.yaml +141 -0
  376. package/.agent/skills/cross-cutting/playwright/data/interaction-checklist.yaml +398 -0
  377. package/.agent/skills/cross-cutting/playwright/data/locator-patterns.yaml +96 -0
  378. package/.agent/skills/cross-cutting/playwright/data/mcp-tools.yaml +153 -0
  379. package/.agent/skills/cross-cutting/playwright/data/open-source-tools.yaml +95 -0
  380. package/.agent/skills/cross-cutting/real-time/META.yaml +72 -0
  381. package/.agent/skills/cross-cutting/real-time/SKILL.md +128 -0
  382. package/.agent/skills/cross-cutting/real-time/data/socketio-patterns.yaml +165 -0
  383. package/.agent/skills/cross-cutting/real-time/data/sse-patterns.yaml +181 -0
  384. package/.agent/skills/cross-cutting/real-time/data/websocket-patterns.yaml +176 -0
  385. package/.agent/skills/cross-cutting/seo/META.yaml +47 -0
  386. package/.agent/skills/cross-cutting/seo/SKILL.md +114 -0
  387. package/.agent/skills/cross-cutting/seo/data/core-web-vitals.yaml +93 -0
  388. package/.agent/skills/cross-cutting/seo/data/structured-data.yaml +82 -0
  389. package/.agent/skills/cross-cutting/seo/data/technical-seo.yaml +75 -0
  390. package/.agent/skills/cross-cutting/sql/META.yaml +2 -8
  391. package/.agent/skills/cross-cutting/sql/SKILL.md +8 -12
  392. package/.agent/skills/cross-cutting/tailwind/META.yaml +3 -20
  393. package/.agent/skills/cross-cutting/tailwind/SKILL.md +13 -11
  394. package/.agent/skills/cross-cutting/tauri/META.yaml +75 -0
  395. package/.agent/skills/cross-cutting/tauri/SKILL.md +127 -0
  396. package/.agent/skills/cross-cutting/tauri/data/build.yaml +141 -0
  397. package/.agent/skills/cross-cutting/tauri/data/plugins.yaml +157 -0
  398. package/.agent/skills/cross-cutting/tauri/data/security.yaml +134 -0
  399. package/.agent/skills/cross-cutting/tdd-workflow/META.yaml +58 -0
  400. package/.agent/skills/cross-cutting/tdd-workflow/SKILL.md +128 -0
  401. package/.agent/skills/cross-cutting/tdd-workflow/data/anti-patterns.yaml +70 -0
  402. package/.agent/skills/cross-cutting/tdd-workflow/data/bdd-atdd-patterns.yaml +77 -0
  403. package/.agent/skills/cross-cutting/tdd-workflow/data/core-tdd-cycle.yaml +104 -0
  404. package/.agent/skills/cross-cutting/tdd-workflow/data/coverage-strategies.yaml +105 -0
  405. package/.agent/skills/cross-cutting/tdd-workflow/data/language-patterns.yaml +115 -0
  406. package/.agent/skills/cross-cutting/tdd-workflow/data/test-doubles.yaml +93 -0
  407. package/.agent/skills/cross-cutting/testing/META.yaml +1 -5
  408. package/.agent/skills/cross-cutting/testing/SKILL.md +13 -26
  409. package/.agent/skills/cross-cutting/testing/data/e2e-patterns.yaml +136 -0
  410. package/.agent/skills/cross-cutting/testing/data/frameworks.yaml +3 -3
  411. package/.agent/skills/cross-cutting/testing/data/patterns.yaml +149 -147
  412. package/.agent/skills/cross-cutting/wasm/META.yaml +47 -0
  413. package/.agent/skills/cross-cutting/wasm/SKILL.md +88 -0
  414. package/.agent/skills/cross-cutting/wasm/data/browser-patterns.yaml +106 -0
  415. package/.agent/skills/cross-cutting/wasm/data/component-model.yaml +85 -0
  416. package/.agent/skills/cross-cutting/wasm/data/server-patterns.yaml +89 -0
  417. package/.agent/skills/cross-cutting/web-perf/META.yaml +3 -9
  418. package/.agent/skills/cross-cutting/web-perf/SKILL.md +9 -18
  419. package/.agent/skills/devops/aws/META.yaml +48 -63
  420. package/.agent/skills/devops/azure/META.yaml +44 -0
  421. package/.agent/skills/devops/azure/SKILL.md +43 -0
  422. package/.agent/skills/devops/azure/data/cli.yaml +69 -0
  423. package/.agent/skills/devops/azure/data/compute.yaml +83 -0
  424. package/.agent/skills/devops/azure/data/data-services.yaml +126 -0
  425. package/.agent/skills/devops/ci-cd/META.yaml +47 -14
  426. package/.agent/skills/devops/docker/META.yaml +53 -14
  427. package/.agent/skills/devops/gcp/META.yaml +43 -0
  428. package/.agent/skills/devops/gcp/SKILL.md +43 -0
  429. package/.agent/skills/devops/gcp/data/cli.yaml +39 -0
  430. package/.agent/skills/devops/gcp/data/compute.yaml +92 -0
  431. package/.agent/skills/devops/gcp/data/data-services.yaml +97 -0
  432. package/.agent/skills/devops/kubernetes/META.yaml +56 -7
  433. package/.agent/skills/devops/terraform/META.yaml +47 -0
  434. package/.agent/skills/devops/terraform/SKILL.md +73 -0
  435. package/.agent/skills/devops/terraform/data/ci-cd.yaml +89 -0
  436. package/.agent/skills/devops/terraform/data/hcl-patterns.yaml +131 -0
  437. package/.agent/skills/devops/terraform/data/providers.yaml +96 -0
  438. package/.agent/skills/frameworks/angular/META.yaml +20 -6
  439. package/.agent/skills/frameworks/angular/SKILL.md +1 -1
  440. package/.agent/skills/frameworks/flutter/META.yaml +20 -6
  441. package/.agent/skills/frameworks/flutter/SKILL.md +1 -1
  442. package/.agent/skills/frameworks/nextjs/ADVANCED.md +2 -2
  443. package/.agent/skills/frameworks/nextjs/META.yaml +22 -8
  444. package/.agent/skills/frameworks/nextjs/SKILL.md +4 -4
  445. package/.agent/skills/frameworks/nextjs/data/server.yaml +4 -4
  446. package/.agent/skills/frameworks/nuxt/META.yaml +21 -7
  447. package/.agent/skills/frameworks/nuxt/SKILL.md +2 -2
  448. package/.agent/skills/frameworks/nuxt/data/core.yaml +14 -2
  449. package/.agent/skills/frameworks/nuxt/data/server.yaml +14 -2
  450. package/.agent/skills/frameworks/react/META.yaml +20 -7
  451. package/.agent/skills/frameworks/react/SKILL.md +7 -11
  452. package/.agent/skills/frameworks/react/data/core.yaml +14 -2
  453. package/.agent/skills/frameworks/react/data/server.yaml +16 -4
  454. package/.agent/skills/frameworks/react-native/META.yaml +19 -6
  455. package/.agent/skills/frameworks/react-native/SKILL.md +1 -1
  456. package/.agent/skills/frameworks/svelte/META.yaml +19 -6
  457. package/.agent/skills/frameworks/svelte/SKILL.md +1 -1
  458. package/.agent/skills/frameworks/vue/META.yaml +20 -8
  459. package/.agent/skills/frameworks/vue/SKILL.md +7 -7
  460. package/.agent/skills/frameworks/vue/data/advanced.yaml +19 -7
  461. package/.agent/skills/frameworks/vue/data/core.yaml +13 -1
  462. package/.agent/skills/index.json +67 -14
  463. package/.agent/skills/languages/asm/META.yaml +2 -8
  464. package/.agent/skills/languages/asm/SKILL.md +1 -1
  465. package/.agent/skills/languages/c/META.yaml +2 -8
  466. package/.agent/skills/languages/c/SKILL.md +1 -1
  467. package/.agent/skills/languages/clojure/META.yaml +2 -2
  468. package/.agent/skills/languages/clojure/SKILL.md +1 -1
  469. package/.agent/skills/languages/cpp/META.yaml +2 -8
  470. package/.agent/skills/languages/cpp/SKILL.md +1 -1
  471. package/.agent/skills/languages/crystal/META.yaml +2 -8
  472. package/.agent/skills/languages/crystal/SKILL.md +1 -1
  473. package/.agent/skills/languages/csharp/META.yaml +2 -2
  474. package/.agent/skills/languages/csharp/SKILL.md +1 -1
  475. package/.agent/skills/languages/elixir/META.yaml +2 -2
  476. package/.agent/skills/languages/elixir/SKILL.md +1 -1
  477. package/.agent/skills/languages/fsharp/META.yaml +2 -2
  478. package/.agent/skills/languages/fsharp/SKILL.md +1 -1
  479. package/.agent/skills/languages/go/META.yaml +2 -8
  480. package/.agent/skills/languages/go/SKILL.md +1 -1
  481. package/.agent/skills/languages/haskell/META.yaml +2 -2
  482. package/.agent/skills/languages/haskell/SKILL.md +1 -1
  483. package/.agent/skills/languages/java/META.yaml +2 -8
  484. package/.agent/skills/languages/java/SKILL.md +1 -1
  485. package/.agent/skills/languages/javascript/META.yaml +2 -8
  486. package/.agent/skills/languages/javascript/SKILL.md +1 -1
  487. package/.agent/skills/languages/julia/META.yaml +2 -2
  488. package/.agent/skills/languages/julia/SKILL.md +1 -1
  489. package/.agent/skills/languages/kotlin/META.yaml +2 -2
  490. package/.agent/skills/languages/kotlin/SKILL.md +1 -1
  491. package/.agent/skills/languages/lua/META.yaml +2 -8
  492. package/.agent/skills/languages/lua/SKILL.md +3 -3
  493. package/.agent/skills/languages/nim/META.yaml +2 -8
  494. package/.agent/skills/languages/nim/SKILL.md +1 -1
  495. package/.agent/skills/languages/ocaml/META.yaml +2 -2
  496. package/.agent/skills/languages/ocaml/SKILL.md +1 -1
  497. package/.agent/skills/languages/perl/META.yaml +2 -2
  498. package/.agent/skills/languages/perl/SKILL.md +1 -1
  499. package/.agent/skills/languages/php/META.yaml +2 -2
  500. package/.agent/skills/languages/php/SKILL.md +1 -1
  501. package/.agent/skills/languages/python/META.yaml +2 -8
  502. package/.agent/skills/languages/python/SKILL.md +1 -1
  503. package/.agent/skills/languages/r/META.yaml +2 -2
  504. package/.agent/skills/languages/r/SKILL.md +1 -1
  505. package/.agent/skills/languages/ruby/META.yaml +2 -2
  506. package/.agent/skills/languages/ruby/SKILL.md +1 -1
  507. package/.agent/skills/languages/rust/META.yaml +2 -8
  508. package/.agent/skills/languages/rust/SKILL.md +1 -1
  509. package/.agent/skills/languages/scala/META.yaml +2 -2
  510. package/.agent/skills/languages/scala/SKILL.md +1 -1
  511. package/.agent/skills/languages/solidity/META.yaml +2 -2
  512. package/.agent/skills/languages/solidity/SKILL.md +1 -1
  513. package/.agent/skills/languages/swift/META.yaml +2 -2
  514. package/.agent/skills/languages/swift/SKILL.md +1 -1
  515. package/.agent/skills/languages/typescript/META.yaml +2 -8
  516. package/.agent/skills/languages/typescript/SKILL.md +1 -1
  517. package/.agent/skills/languages/zig/META.yaml +5 -7
  518. package/.agent/skills/languages/zig/SKILL.md +1 -1
  519. package/.agent/skills/tooling/api-protocols/META.yaml +102 -0
  520. package/.agent/skills/tooling/api-protocols/SKILL.md +145 -0
  521. package/.agent/skills/tooling/api-protocols/data/graphql-patterns.yaml +115 -0
  522. package/.agent/skills/tooling/api-protocols/data/grpc-patterns.yaml +101 -0
  523. package/.agent/skills/tooling/api-protocols/data/trpc-patterns.yaml +97 -0
  524. package/.agent/skills/tooling/browser-agent/ADVANCED.md +242 -0
  525. package/.agent/skills/tooling/browser-agent/META.yaml +78 -0
  526. package/.agent/skills/tooling/browser-agent/SKILL.md +164 -0
  527. package/.agent/skills/tooling/browser-agent/data/element-discovery.yaml +208 -0
  528. package/.agent/skills/tooling/browser-agent/data/recording-patterns.yaml +74 -0
  529. package/.agent/skills/tooling/browser-agent/data/reporting-patterns.yaml +97 -0
  530. package/.agent/skills/tooling/browser-agent/data/subagent-patterns.yaml +158 -0
  531. package/.agent/skills/tooling/browser-agent/data/verification-flow.yaml +209 -0
  532. package/.agent/skills/tooling/cli-dev/META.yaml +55 -0
  533. package/.agent/skills/tooling/cli-dev/SKILL.md +83 -0
  534. package/.agent/skills/tooling/cli-dev/data/frameworks.yaml +128 -0
  535. package/.agent/skills/tooling/cli-dev/data/output-formats.yaml +58 -0
  536. package/.agent/skills/tooling/cli-dev/data/ux-patterns.yaml +97 -0
  537. package/.agent/skills/tooling/ide-extension/META.yaml +72 -0
  538. package/.agent/skills/tooling/ide-extension/SKILL.md +108 -0
  539. package/.agent/skills/tooling/ide-extension/data/jetbrains-patterns.yaml +118 -0
  540. package/.agent/skills/tooling/ide-extension/data/lsp-patterns.yaml +126 -0
  541. package/.agent/skills/tooling/ide-extension/data/vscode-patterns.yaml +172 -0
  542. package/.agent/skills/tooling/mcp/META.yaml +80 -0
  543. package/.agent/skills/tooling/mcp/SKILL.md +114 -0
  544. package/.agent/skills/tooling/mcp/data/security.yaml +116 -0
  545. package/.agent/skills/tooling/mcp/data/tool-design.yaml +124 -0
  546. package/.agent/skills/tooling/mcp/data/transport-patterns.yaml +95 -0
  547. package/.agent/templates/README.md +2 -2
  548. package/.agent/templates/debug-report.md +1 -1
  549. package/.agent/templates/deploy-plan.md +1 -1
  550. package/.agent/templates/doc-template.md +1 -1
  551. package/.agent/templates/index.yaml +2 -2
  552. package/.agent/templates/migrate-plan.md +1 -1
  553. package/.agent/templates/phase-template.md +1 -1
  554. package/.agent/templates/tasks/audit.yaml +1 -1
  555. package/.agent/templates/tasks/bug_fix.yaml +1 -1
  556. package/.agent/templates/tasks/code_implementation.yaml +1 -1
  557. package/.agent/templates/tasks/refactor.yaml +1 -1
  558. package/.agent/templates/test-report.md +1 -1
  559. package/.agent/workflows/code.md +22 -1
  560. package/.agent/workflows/deploy.md +5 -1
  561. package/.agent/workflows/e2e.md +112 -0
  562. package/.agent/workflows/fix.md +1 -1
  563. package/.agent/workflows/prompt.md +325 -0
  564. package/.agent/workflows/scaffold.md +1 -1
  565. package/.agent/workflows/tdd.md +108 -0
  566. package/.agent/workflows/verify.md +116 -0
  567. package/.agent/workflows/visualize.md +50 -18
  568. package/dist/commands/add.d.ts.map +1 -1
  569. package/dist/commands/add.js +9 -1
  570. package/dist/commands/add.js.map +1 -1
  571. package/dist/commands/config.d.ts.map +1 -1
  572. package/dist/commands/config.js +24 -8
  573. package/dist/commands/config.js.map +1 -1
  574. package/dist/commands/hsa.d.ts.map +1 -1
  575. package/dist/commands/hsa.js +106 -20
  576. package/dist/commands/hsa.js.map +1 -1
  577. package/dist/commands/init.d.ts.map +1 -1
  578. package/dist/commands/init.js +65 -61
  579. package/dist/commands/init.js.map +1 -1
  580. package/dist/commands/install-core.d.ts +2 -1
  581. package/dist/commands/install-core.d.ts.map +1 -1
  582. package/dist/commands/install-core.js +43 -16
  583. package/dist/commands/install-core.js.map +1 -1
  584. package/dist/commands/install-helpers.d.ts.map +1 -1
  585. package/dist/commands/install-helpers.js +23 -2
  586. package/dist/commands/install-helpers.js.map +1 -1
  587. package/dist/commands/install-hsa.d.ts +2 -5
  588. package/dist/commands/install-hsa.d.ts.map +1 -1
  589. package/dist/commands/install-hsa.js +2 -5
  590. package/dist/commands/install-hsa.js.map +1 -1
  591. package/dist/commands/install.d.ts +27 -0
  592. package/dist/commands/install.d.ts.map +1 -1
  593. package/dist/commands/install.js +68 -20
  594. package/dist/commands/install.js.map +1 -1
  595. package/dist/commands/list.d.ts.map +1 -1
  596. package/dist/commands/list.js +2 -1
  597. package/dist/commands/list.js.map +1 -1
  598. package/dist/commands/mcp-registry.d.ts +24 -9
  599. package/dist/commands/mcp-registry.d.ts.map +1 -1
  600. package/dist/commands/mcp-registry.js +39 -57
  601. package/dist/commands/mcp-registry.js.map +1 -1
  602. package/dist/commands/mcp-writers.d.ts.map +1 -1
  603. package/dist/commands/mcp-writers.js +6 -5
  604. package/dist/commands/mcp-writers.js.map +1 -1
  605. package/dist/commands/mcp.d.ts +1 -1
  606. package/dist/commands/mcp.d.ts.map +1 -1
  607. package/dist/commands/mcp.js +37 -9
  608. package/dist/commands/mcp.js.map +1 -1
  609. package/dist/commands/update.d.ts.map +1 -1
  610. package/dist/commands/update.js +16 -6
  611. package/dist/commands/update.js.map +1 -1
  612. package/dist/constants/cursor-globs.d.ts.map +1 -1
  613. package/dist/constants/cursor-globs.js +0 -6
  614. package/dist/constants/cursor-globs.js.map +1 -1
  615. package/dist/constants/ide-install-specs.js +2 -2
  616. package/dist/constants.d.ts +3 -3
  617. package/dist/constants.d.ts.map +1 -1
  618. package/dist/constants.js +3 -3
  619. package/dist/constants.js.map +1 -1
  620. package/dist/index.d.ts.map +1 -1
  621. package/dist/index.js +1 -9
  622. package/dist/index.js.map +1 -1
  623. package/dist/types/ide-install.js +1 -1
  624. package/dist/utils/copy-helpers.d.ts +7 -2
  625. package/dist/utils/copy-helpers.d.ts.map +1 -1
  626. package/dist/utils/copy-helpers.js +56 -42
  627. package/dist/utils/copy-helpers.js.map +1 -1
  628. package/dist/utils/install-manifest.d.ts +12 -0
  629. package/dist/utils/install-manifest.d.ts.map +1 -0
  630. package/dist/utils/install-manifest.js +26 -0
  631. package/dist/utils/install-manifest.js.map +1 -0
  632. package/dist/utils/validation.d.ts.map +1 -1
  633. package/dist/utils/validation.js +31 -1
  634. package/dist/utils/validation.js.map +1 -1
  635. package/package.json +1 -1
  636. package/.agent/core/embeddings.json +0 -2004
  637. package/.agent/core/session_cache.json +0 -50
  638. package/.agent/skills/cross-cutting/aws/META.yaml +0 -75
  639. package/.agent/skills/cross-cutting/ci-cd/META.yaml +0 -60
  640. package/.agent/skills/cross-cutting/docker/META.yaml +0 -65
  641. package/.agent/skills/cross-cutting/kubernetes/META.yaml +0 -70
  642. package/.agent/skills/cross-cutting/ui-ux-pro-max/SKILL.md +0 -565
  643. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/charts.yaml +0 -331
  644. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/colors.yaml +0 -1226
  645. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/component-decision.yaml +0 -287
  646. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/component-mapping.yaml +0 -318
  647. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/design-tokens.yaml +0 -525
  648. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-animation.yaml +0 -232
  649. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-architecture.yaml +0 -140
  650. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/directory-structure.yaml +0 -75
  651. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/icons.yaml +0 -918
  652. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/implementation-strategy.yaml +0 -107
  653. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/landing.yaml +0 -372
  654. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/platform-frameworks.yaml +0 -195
  655. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/platform-guidelines.yaml +0 -177
  656. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/products.yaml +0 -1339
  657. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/prompts.yaml +0 -180
  658. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/react-performance.yaml +0 -504
  659. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/desktop.yaml +0 -228
  660. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/flutter.yaml +0 -508
  661. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/html-tailwind.yaml +0 -543
  662. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nextjs.yaml +0 -515
  663. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nuxt-ui.yaml +0 -519
  664. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nuxtjs.yaml +0 -599
  665. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/react-native.yaml +0 -496
  666. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/react.yaml +0 -526
  667. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/shadcn.yaml +0 -616
  668. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/svelte.yaml +0 -520
  669. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/swiftui.yaml +0 -486
  670. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/vue.yaml +0 -485
  671. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/styles.yaml +0 -1473
  672. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/typography.yaml +0 -647
  673. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/ui-reasoning.yaml +0 -1019
  674. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/ux-guidelines.yaml +0 -1009
  675. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/web-interface.yaml +0 -347
  676. package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/core.cpython-310.pyc +0 -0
  677. package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/core.cpython-314.pyc +0 -0
  678. package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/design_system.cpython-314.pyc +0 -0
  679. package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/core.py +0 -393
  680. package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/core_legacy.py +0 -303
  681. package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/design_system.py +0 -496
  682. package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/search.py +0 -76
  683. package/.agent/skills/devops/aws/ADVANCED.md +0 -547
  684. package/.agent/skills/devops/aws/SKILL.md +0 -711
  685. package/.agent/skills/devops/ci-cd/ADVANCED.md +0 -529
  686. package/.agent/skills/devops/ci-cd/SKILL.md +0 -821
  687. package/.agent/skills/devops/docker/ADVANCED.md +0 -495
  688. package/.agent/skills/devops/docker/SKILL.md +0 -653
  689. package/.agent/skills/devops/kubernetes/ADVANCED.md +0 -252
  690. package/.agent/skills/devops/kubernetes/SKILL.md +0 -621
  691. /package/.agent/core/{ARCH_REGISTRY.yaml → reference/ARCH_REGISTRY.yaml} +0 -0
  692. /package/.agent/core/{BRANDING.yaml → reference/BRANDING.yaml} +0 -0
  693. /package/.agent/core/{HSA.yaml → reference/HSA.yaml} +0 -0
  694. /package/.agent/core/{TEMPLATES.yaml → reference/TEMPLATES.yaml} +0 -0
  695. /package/.agent/rules/{incremental-changes.md → archive/incremental-changes.md} +0 -0
  696. /package/.agent/rules/{shell-commands.md → archive/shell-commands.md} +0 -0
  697. /package/.agent/skills/{cross-cutting → devops}/aws/data/ai_ml.yaml +0 -0
  698. /package/.agent/skills/{cross-cutting → devops}/aws/data/compute.yaml +0 -0
  699. /package/.agent/skills/{cross-cutting → devops}/aws/data/kubernetes.yaml +0 -0
  700. /package/.agent/skills/{cross-cutting → devops}/aws/data/storage.yaml +0 -0
  701. /package/.agent/skills/{cross-cutting → devops}/ci-cd/data/github_actions.yaml +0 -0
  702. /package/.agent/skills/{cross-cutting → devops}/ci-cd/data/security.yaml +0 -0
  703. /package/.agent/skills/{cross-cutting → devops}/docker/data/build.yaml +0 -0
  704. /package/.agent/skills/{cross-cutting → devops}/docker/data/compose.yaml +0 -0
  705. /package/.agent/skills/{cross-cutting → devops}/docker/data/security.yaml +0 -0
  706. /package/.agent/skills/{cross-cutting → devops}/kubernetes/data/networking.yaml +0 -0
  707. /package/.agent/skills/{cross-cutting → devops}/kubernetes/data/scheduling.yaml +0 -0
  708. /package/.agent/skills/{cross-cutting → devops}/kubernetes/data/security.yaml +0 -0
  709. /package/.agent/skills/{cross-cutting → devops}/kubernetes/data/workloads.yaml +0 -0
package/.agent/skills/core/security/data/language-specific/c-security.yaml CHANGED
@@ -1,295 +1,295 @@
1
1
  metadata:
2
2
  skill: security
3
3
  domain: c_security
4
- version: 6.2.0
5
- updated: '2026-02-05'
6
- migrated_from: c-security.csv
4
+ version: 6.2.1
5
+ updated: "2026-02-05"
6
+ migrated_from: c-security.yaml
7
7
  patterns_count: 25
8
8
  columns:
9
- - id
10
- - name
11
- - severity
12
- - category
13
- - description
14
- - detection_pattern
15
- - fix_pattern
16
- - cwe
17
- - cve_reference
18
- - example_vuln
19
- - example_fix
9
+ - id
10
+ - name
11
+ - severity
12
+ - category
13
+ - description
14
+ - detection_pattern
15
+ - fix_pattern
16
+ - cwe
17
+ - cve_reference
18
+ - example_vuln
19
+ - example_fix
20
20
  patterns:
21
- - id: C-01
22
- name: Stack Buffer Overflow
23
- severity: CRITICAL
24
- category: Memory
25
- description: Buffer on stack overwritten via user input leading to RCE
26
- detection_pattern: (strcpy|sprintf|gets|scanf)\\((?!.*n)
27
- fix_pattern: Use strncpy snprintf fgets scanf with width specifier
28
- cwe: CWE-121
29
- cve_reference: CVE-2025-0282
30
- example_vuln: char buf[64]; strcpy(buf, user_input);
31
- example_fix: char buf[64]; strncpy(buf, user_input, sizeof(buf)-1); buf[63] = '\\0';
32
- - id: C-02
33
- name: Heap Buffer Overflow
34
- severity: CRITICAL
35
- category: Memory
36
- description: Buffer on heap overwritten allowing heap corruption RCE
37
- detection_pattern: (malloc|realloc).*memcpy(?!.*size_check)
38
- fix_pattern: Validate size before memcpy use bounded functions
39
- cwe: CWE-122
40
- cve_reference: CVE-2025-47436
41
- example_vuln: char *buf = malloc(64); memcpy(buf, data, data_len);
42
- example_fix: if (data_len > 64) return -1; memcpy(buf, data, data_len);
43
- - id: C-03
44
- name: Format String Vulnerability
45
- severity: CRITICAL
46
- category: Injection
47
- description: User input passed directly to printf allows arbitrary read/write
48
- detection_pattern: (printf|fprintf|sprintf|syslog)\\(.*input(?!.*%)
49
- fix_pattern: Use format specifier never pass user input directly
50
- cwe: CWE-134
51
- cve_reference: n/a
52
- example_vuln: printf(user_input);
53
- example_fix: printf(\%s\"
54
- - id: C-04
55
- name: Integer Overflow
56
- severity: HIGH
57
- category: Math
58
- description: Integer arithmetic without overflow check leads to small buffer
59
- detection_pattern: (malloc|realloc)\\(.*\\*(?!.*overflow|check)
60
- fix_pattern: Check for overflow before arithmetic use safe_mul
61
- cwe: CWE-190
62
- cve_reference: CVE-2024-7025
63
- example_vuln: size_t size = width * height; char *buf = malloc(size);
64
- example_fix: if (width > SIZE_MAX/height) return -1; size_t size = width * height;
65
- - id: C-05
66
- name: Off-by-One Error
67
- severity: HIGH
68
- category: Memory
69
- description: Loop boundary error allows one byte overflow
70
- detection_pattern: for.*\\<.*=.*len|while.*\\<=.*size
71
- fix_pattern: Use strict < comparison verify buffer bounds
72
- cwe: CWE-193
73
- cve_reference: n/a
74
- example_vuln: for (int i = 0; i <= len; i++) buf[i] = src[i];
75
- example_fix: for (int i = 0; i < len; i++) buf[i] = src[i];
76
- - id: C-06
77
- name: Use After Free
78
- severity: CRITICAL
79
- category: Memory
80
- description: Memory accessed after free causing crash or code execution
81
- detection_pattern: free\\(.*\\).*\\n.*(?!.*=.*NULL)
82
- fix_pattern: Set pointer to NULL after free check before use
83
- cwe: CWE-416
84
- cve_reference: n/a
85
- example_vuln: free(ptr); process(ptr);
86
- example_fix: free(ptr); ptr = NULL; if (ptr) process(ptr);
87
- - id: C-07
88
- name: Double Free
89
- severity: CRITICAL
90
- category: Memory
91
- description: Memory freed twice causing heap corruption
92
- detection_pattern: free\\(.*\\).*\\n.*free\\(.*same_ptr)
93
- fix_pattern: Set pointer to NULL after free track allocation state
94
- cwe: CWE-415
95
- cve_reference: n/a
96
- example_vuln: free(ptr); free(ptr);
97
- example_fix: free(ptr); ptr = NULL;
98
- - id: C-08
99
- name: Null Pointer Dereference
100
- severity: HIGH
101
- category: Memory
102
- description: Pointer dereferenced without null check
103
- detection_pattern: \*\\w+(?!.*if.*!=.*NULL|!=.*NULL)
104
- fix_pattern: Check pointer for NULL before dereference
105
- cwe: CWE-476
106
- cve_reference: n/a
107
- example_vuln: return *data;
108
- example_fix: if (data == NULL) return -1; return *data;
109
- - id: C-09
110
- name: Command Injection system
111
- severity: CRITICAL
112
- category: Injection
113
- description: system() with user input allows command execution
114
- detection_pattern: system\\(.*input|popen\\(.*user
115
- fix_pattern: Use execve with argument array avoid shell
116
- cwe: CWE-78
117
- cve_reference: n/a
118
- example_vuln: system(\cat \" + filename);"
119
- example_fix: execl(\/bin/cat\"
120
- - id: C-10
121
- name: Path Traversal
122
- severity: HIGH
123
- category: File
124
- description: User file path without validation allows directory escape
125
- detection_pattern: fopen\\(.*input(?!.*realpath|canonical)
126
- fix_pattern: Use realpath validate path is within allowed directory
127
- cwe: CWE-22
128
- cve_reference: n/a
129
- example_vuln: fopen(user_path, \r\");"
130
- example_fix: char *real = realpath(user_path, NULL); if (strncmp(real, base, strlen(base)) != 0) return -1;
131
- - id: C-11
132
- name: Uninitialized Variable
133
- severity: HIGH
134
- category: Memory
135
- description: Variable used before initialization contains garbage
136
- detection_pattern: (int|char|void\\*)\\s+\\w+;\\s*(?!.*=).*use
137
- fix_pattern: Initialize all variables at declaration
138
- cwe: CWE-457
139
- cve_reference: n/a
140
- example_vuln: int count; if (flag) count = 10; return count;
141
- example_fix: int count = 0; if (flag) count = 10; return count;
142
- - id: C-12
143
- name: Race Condition File
144
- severity: HIGH
145
- category: Concurrency
146
- description: TOCTOU race between check and use of file
147
- detection_pattern: access\\(.*\\).*open\\(|stat\\(.*\\).*fopen
148
- fix_pattern: Use atomic operations fopen directly with flags
149
- cwe: CWE-367
150
- cve_reference: n/a
151
- example_vuln: if (access(file, R_OK) == 0) fopen(file, \r\");"
152
- example_fix: FILE *f = fopen(file, \r\"); if (f == NULL) return -1;"
153
- - id: C-13
154
- name: Insecure Temporary File
155
- severity: HIGH
156
- category: File
157
- description: mktemp creates predictable temporary file names
158
- detection_pattern: mktemp\\((?!.*mkstemp)
159
- fix_pattern: Use mkstemp or tmpfile for secure temp files
160
- cwe: CWE-377
161
- cve_reference: n/a
162
- example_vuln: char *tmp = mktemp(template); fopen(tmp, \w\");"
163
- example_fix: int fd = mkstemp(template); FILE *f = fdopen(fd, \w\");"
164
- - id: C-14
165
- name: Memory Leak
166
- severity: MEDIUM
167
- category: Memory
168
- description: Allocated memory never freed causing resource exhaustion
169
- detection_pattern: malloc|calloc(?!.*free)
170
- fix_pattern: Ensure every malloc has corresponding free use RAII patterns
171
- cwe: CWE-401
172
- cve_reference: n/a
173
- example_vuln: char *buf = malloc(1024); return result;
174
- example_fix: char *buf = malloc(1024); /* ... */ free(buf); return result;
175
- - id: C-15
176
- name: Unbounded String Copy
177
- severity: CRITICAL
178
- category: Memory
179
- description: String functions without length limit
180
- detection_pattern: strncat.*sizeof(?!.*-1)|strcat\\(
181
- fix_pattern: Use strncat with proper size accounting for null terminator
182
- cwe: CWE-120
183
- cve_reference: n/a
184
- example_vuln: strncat(dest, src, sizeof(dest));
185
- example_fix: strncat(dest, src, sizeof(dest) - strlen(dest) - 1);
186
- - id: C-16
187
- name: Signed Integer Overflow
188
- severity: HIGH
189
- category: Math
190
- description: Signed integer overflow is undefined behavior
191
- detection_pattern: (int|long).*\\+.*>.*MAX|signed.*overflow
192
- fix_pattern: Use unsigned types or explicit overflow checks
193
- cwe: CWE-190
194
- cve_reference: n/a
195
- example_vuln: int result = a + b; if (result < a) // Too late
196
- example_fix: if (a > INT_MAX - b) return -1; int result = a + b;
197
- - id: C-17
198
- name: Improper Array Index
199
- severity: HIGH
200
- category: Memory
201
- description: Array accessed with unchecked index
202
- detection_pattern: \\[.*input\\]|\\[.*user(?!.*check|bound)
203
- fix_pattern: Validate array index against bounds before access
204
- cwe: CWE-129
205
- cve_reference: n/a
206
- example_vuln: return array[user_index];
207
- example_fix: if (user_index >= array_size) return -1; return array[user_index];
208
- - id: C-18
209
- name: Signal Handler Race
210
- severity: HIGH
211
- category: Concurrency
212
- description: Non-reentrant function called from signal handler
213
- detection_pattern: signal.*handler.*printf|malloc.*signal_handler
214
- fix_pattern: Use only async-signal-safe functions in handlers
215
- cwe: CWE-364
216
- cve_reference: n/a
217
- example_vuln: void handler(int sig) { printf(\signal\"); }"
218
- example_fix: void handler(int sig) { write(1, \signal\"
219
- - id: C-19
220
- name: Weak Random Number
221
- severity: HIGH
222
- category: Crypto
223
- description: rand() used for security-sensitive values
224
- detection_pattern: rand\\(\\).*token|srand.*time(?!.*secure)
225
- fix_pattern: Use CSPRNG like /dev/urandom or arc4random
226
- cwe: CWE-330
227
- cve_reference: n/a
228
- example_vuln: int token = rand();
229
- example_fix: arc4random_buf(token, sizeof(token));
230
- - id: C-20
231
- name: Sensitive Data in Core
232
- severity: HIGH
233
- category: Information
234
- description: Sensitive data may appear in core dumps
235
- detection_pattern: password|secret.*malloc(?!.*mlock)
236
- fix_pattern: Use mlock to prevent paging clear sensitive data
237
- cwe: CWE-316
238
- cve_reference: n/a
239
- example_vuln: char *password = malloc(256);
240
- example_fix: char *password = malloc(256); mlock(password, 256);
241
- - id: C-21
242
- name: va_arg Type Mismatch
243
- severity: CRITICAL
244
- category: Memory
245
- description: va_arg used with wrong type causing undefined behavior
246
- detection_pattern: va_arg\\(.*,\\s*\\w+(?!.*promoted)
247
- fix_pattern: Match va_arg type with actual argument type
248
- cwe: CWE-119
249
- cve_reference: n/a
250
- example_vuln: int val = va_arg(args, short); // Wrong
251
- example_fix: int val = va_arg(args, int); // short promotes to int
252
- - id: C-22
253
- name: Uncontrolled Recursion
254
- severity: MEDIUM
255
- category: DoS
256
- description: Recursive function without depth limit causes stack overflow
257
- detection_pattern: \\w+\\(.*\\)\\s*\\{[^}]*\\w+\\((?!.*depth)
258
- fix_pattern: Add depth parameter and limit max recursion depth
259
- cwe: CWE-674
260
- cve_reference: n/a
261
- example_vuln: void parse(Node *n) { parse(n->child); }
262
- example_fix: void parse(Node *n, int depth) { if (depth > MAX_DEPTH) return; parse(n->child, depth+1); }
263
- - id: C-23
264
- name: Dangerous Function gets
265
- severity: CRITICAL
266
- category: Memory
267
- description: gets() has no bounds checking now deprecated
268
- detection_pattern: gets\\(
269
- fix_pattern: Replace with fgets() which has size limit
270
- cwe: CWE-242
271
- cve_reference: n/a
272
- example_vuln: gets(buffer);
273
- example_fix: fgets(buffer, sizeof(buffer), stdin);
274
- - id: C-24
275
- name: Missing Return Value Check
276
- severity: HIGH
277
- category: Error
278
- description: malloc/realloc return value not checked for NULL
279
- detection_pattern: (malloc|realloc)\\(.*\\)(?!.*if.*==.*NULL|!=.*NULL)
280
- fix_pattern: Always check return value of memory allocation
281
- cwe: CWE-252
282
- cve_reference: n/a
283
- example_vuln: char *p = malloc(size); *p = 'x';
284
- example_fix: char *p = malloc(size); if (p == NULL) return -1; *p = 'x';
285
- - id: C-25
286
- name: Insecure Permissions
287
- severity: MEDIUM
288
- category: File
289
- description: File created with world-readable permissions
290
- detection_pattern: open\\(.*0777|fopen(?!.*fchmod)
291
- fix_pattern: Use restrictive permissions 0600 for sensitive files
292
- cwe: CWE-732
293
- cve_reference: n/a
294
- example_vuln: open(file, O_CREAT, 0777);
295
- example_fix: open(file, O_CREAT, 0600);
21
+ - id: C-01
22
+ name: Stack Buffer Overflow
23
+ severity: CRITICAL
24
+ category: Memory
25
+ description: Buffer on stack overwritten via user input leading to RCE
26
+ detection_pattern: (strcpy|sprintf|gets|scanf)\\((?!.*n)
27
+ fix_pattern: Use strncpy snprintf fgets scanf with width specifier
28
+ cwe: CWE-121
29
+ cve_reference: CVE-2025-0282
30
+ example_vuln: char buf[64]; strcpy(buf, user_input);
31
+ example_fix: char buf[64]; strncpy(buf, user_input, sizeof(buf)-1); buf[63] = '\\0';
32
+ - id: C-02
33
+ name: Heap Buffer Overflow
34
+ severity: CRITICAL
35
+ category: Memory
36
+ description: Buffer on heap overwritten allowing heap corruption RCE
37
+ detection_pattern: (malloc|realloc).*memcpy(?!.*size_check)
38
+ fix_pattern: Validate size before memcpy use bounded functions
39
+ cwe: CWE-122
40
+ cve_reference: CVE-2025-47436
41
+ example_vuln: char *buf = malloc(64); memcpy(buf, data, data_len);
42
+ example_fix: if (data_len > 64) return -1; memcpy(buf, data, data_len);
43
+ - id: C-03
44
+ name: Format String Vulnerability
45
+ severity: CRITICAL
46
+ category: Injection
47
+ description: User input passed directly to printf allows arbitrary read/write
48
+ detection_pattern: (printf|fprintf|sprintf|syslog)\\(.*input(?!.*%)
49
+ fix_pattern: Use format specifier never pass user input directly
50
+ cwe: CWE-134
51
+ cve_reference: n/a
52
+ example_vuln: printf(user_input);
53
+ example_fix: printf(\%s\"
54
+ - id: C-04
55
+ name: Integer Overflow
56
+ severity: HIGH
57
+ category: Math
58
+ description: Integer arithmetic without overflow check leads to small buffer
59
+ detection_pattern: (malloc|realloc)\\(.*\\*(?!.*overflow|check)
60
+ fix_pattern: Check for overflow before arithmetic use safe_mul
61
+ cwe: CWE-190
62
+ cve_reference: CVE-2024-7025
63
+ example_vuln: size_t size = width * height; char *buf = malloc(size);
64
+ example_fix: if (width > SIZE_MAX/height) return -1; size_t size = width * height;
65
+ - id: C-05
66
+ name: Off-by-One Error
67
+ severity: HIGH
68
+ category: Memory
69
+ description: Loop boundary error allows one byte overflow
70
+ detection_pattern: for.*\\<.*=.*len|while.*\\<=.*size
71
+ fix_pattern: Use strict < comparison verify buffer bounds
72
+ cwe: CWE-193
73
+ cve_reference: n/a
74
+ example_vuln: for (int i = 0; i <= len; i++) buf[i] = src[i];
75
+ example_fix: for (int i = 0; i < len; i++) buf[i] = src[i];
76
+ - id: C-06
77
+ name: Use After Free
78
+ severity: CRITICAL
79
+ category: Memory
80
+ description: Memory accessed after free causing crash or code execution
81
+ detection_pattern: free\\(.*\\).*\\n.*(?!.*=.*NULL)
82
+ fix_pattern: Set pointer to NULL after free check before use
83
+ cwe: CWE-416
84
+ cve_reference: n/a
85
+ example_vuln: free(ptr); process(ptr);
86
+ example_fix: free(ptr); ptr = NULL; if (ptr) process(ptr);
87
+ - id: C-07
88
+ name: Double Free
89
+ severity: CRITICAL
90
+ category: Memory
91
+ description: Memory freed twice causing heap corruption
92
+ detection_pattern: free\\(.*\\).*\\n.*free\\(.*same_ptr)
93
+ fix_pattern: Set pointer to NULL after free track allocation state
94
+ cwe: CWE-415
95
+ cve_reference: n/a
96
+ example_vuln: free(ptr); free(ptr);
97
+ example_fix: free(ptr); ptr = NULL;
98
+ - id: C-08
99
+ name: Null Pointer Dereference
100
+ severity: HIGH
101
+ category: Memory
102
+ description: Pointer dereferenced without null check
103
+ detection_pattern: \*\\w+(?!.*if.*!=.*NULL|!=.*NULL)
104
+ fix_pattern: Check pointer for NULL before dereference
105
+ cwe: CWE-476
106
+ cve_reference: n/a
107
+ example_vuln: return *data;
108
+ example_fix: if (data == NULL) return -1; return *data;
109
+ - id: C-09
110
+ name: Command Injection system
111
+ severity: CRITICAL
112
+ category: Injection
113
+ description: system() with user input allows command execution
114
+ detection_pattern: system\\(.*input|popen\\(.*user
115
+ fix_pattern: Use execve with argument array avoid shell
116
+ cwe: CWE-78
117
+ cve_reference: n/a
118
+ example_vuln: system(\cat \" + filename);"
119
+ example_fix: execl(\/bin/cat\"
120
+ - id: C-10
121
+ name: Path Traversal
122
+ severity: HIGH
123
+ category: File
124
+ description: User file path without validation allows directory escape
125
+ detection_pattern: fopen\\(.*input(?!.*realpath|canonical)
126
+ fix_pattern: Use realpath validate path is within allowed directory
127
+ cwe: CWE-22
128
+ cve_reference: n/a
129
+ example_vuln: fopen(user_path, \r\");"
130
+ example_fix: char *real = realpath(user_path, NULL); if (strncmp(real, base, strlen(base)) != 0) return -1;
131
+ - id: C-11
132
+ name: Uninitialized Variable
133
+ severity: HIGH
134
+ category: Memory
135
+ description: Variable used before initialization contains garbage
136
+ detection_pattern: (int|char|void\\*)\\s+\\w+;\\s*(?!.*=).*use
137
+ fix_pattern: Initialize all variables at declaration
138
+ cwe: CWE-457
139
+ cve_reference: n/a
140
+ example_vuln: int count; if (flag) count = 10; return count;
141
+ example_fix: int count = 0; if (flag) count = 10; return count;
142
+ - id: C-12
143
+ name: Race Condition File
144
+ severity: HIGH
145
+ category: Concurrency
146
+ description: TOCTOU race between check and use of file
147
+ detection_pattern: access\\(.*\\).*open\\(|stat\\(.*\\).*fopen
148
+ fix_pattern: Use atomic operations fopen directly with flags
149
+ cwe: CWE-367
150
+ cve_reference: n/a
151
+ example_vuln: if (access(file, R_OK) == 0) fopen(file, \r\");"
152
+ example_fix: FILE *f = fopen(file, \r\"); if (f == NULL) return -1;"
153
+ - id: C-13
154
+ name: Insecure Temporary File
155
+ severity: HIGH
156
+ category: File
157
+ description: mktemp creates predictable temporary file names
158
+ detection_pattern: mktemp\\((?!.*mkstemp)
159
+ fix_pattern: Use mkstemp or tmpfile for secure temp files
160
+ cwe: CWE-377
161
+ cve_reference: n/a
162
+ example_vuln: char *tmp = mktemp(template); fopen(tmp, \w\");"
163
+ example_fix: int fd = mkstemp(template); FILE *f = fdopen(fd, \w\");"
164
+ - id: C-14
165
+ name: Memory Leak
166
+ severity: MEDIUM
167
+ category: Memory
168
+ description: Allocated memory never freed causing resource exhaustion
169
+ detection_pattern: malloc|calloc(?!.*free)
170
+ fix_pattern: Ensure every malloc has corresponding free use RAII patterns
171
+ cwe: CWE-401
172
+ cve_reference: n/a
173
+ example_vuln: char *buf = malloc(1024); return result;
174
+ example_fix: char *buf = malloc(1024); /* ... */ free(buf); return result;
175
+ - id: C-15
176
+ name: Unbounded String Copy
177
+ severity: CRITICAL
178
+ category: Memory
179
+ description: String functions without length limit
180
+ detection_pattern: strncat.*sizeof(?!.*-1)|strcat\\(
181
+ fix_pattern: Use strncat with proper size accounting for null terminator
182
+ cwe: CWE-120
183
+ cve_reference: n/a
184
+ example_vuln: strncat(dest, src, sizeof(dest));
185
+ example_fix: strncat(dest, src, sizeof(dest) - strlen(dest) - 1);
186
+ - id: C-16
187
+ name: Signed Integer Overflow
188
+ severity: HIGH
189
+ category: Math
190
+ description: Signed integer overflow is undefined behavior
191
+ detection_pattern: (int|long).*\\+.*>.*MAX|signed.*overflow
192
+ fix_pattern: Use unsigned types or explicit overflow checks
193
+ cwe: CWE-190
194
+ cve_reference: n/a
195
+ example_vuln: int result = a + b; if (result < a) // Too late
196
+ example_fix: if (a > INT_MAX - b) return -1; int result = a + b;
197
+ - id: C-17
198
+ name: Improper Array Index
199
+ severity: HIGH
200
+ category: Memory
201
+ description: Array accessed with unchecked index
202
+ detection_pattern: \\[.*input\\]|\\[.*user(?!.*check|bound)
203
+ fix_pattern: Validate array index against bounds before access
204
+ cwe: CWE-129
205
+ cve_reference: n/a
206
+ example_vuln: return array[user_index];
207
+ example_fix: if (user_index >= array_size) return -1; return array[user_index];
208
+ - id: C-18
209
+ name: Signal Handler Race
210
+ severity: HIGH
211
+ category: Concurrency
212
+ description: Non-reentrant function called from signal handler
213
+ detection_pattern: signal.*handler.*printf|malloc.*signal_handler
214
+ fix_pattern: Use only async-signal-safe functions in handlers
215
+ cwe: CWE-364
216
+ cve_reference: n/a
217
+ example_vuln: void handler(int sig) { printf(\signal\"); }"
218
+ example_fix: void handler(int sig) { write(1, \signal\"
219
+ - id: C-19
220
+ name: Weak Random Number
221
+ severity: HIGH
222
+ category: Crypto
223
+ description: rand() used for security-sensitive values
224
+ detection_pattern: rand\\(\\).*token|srand.*time(?!.*secure)
225
+ fix_pattern: Use CSPRNG like /dev/urandom or arc4random
226
+ cwe: CWE-330
227
+ cve_reference: n/a
228
+ example_vuln: int token = rand();
229
+ example_fix: arc4random_buf(token, sizeof(token));
230
+ - id: C-20
231
+ name: Sensitive Data in Core
232
+ severity: HIGH
233
+ category: Information
234
+ description: Sensitive data may appear in core dumps
235
+ detection_pattern: password|secret.*malloc(?!.*mlock)
236
+ fix_pattern: Use mlock to prevent paging clear sensitive data
237
+ cwe: CWE-316
238
+ cve_reference: n/a
239
+ example_vuln: char *password = malloc(256);
240
+ example_fix: char *password = malloc(256); mlock(password, 256);
241
+ - id: C-21
242
+ name: va_arg Type Mismatch
243
+ severity: CRITICAL
244
+ category: Memory
245
+ description: va_arg used with wrong type causing undefined behavior
246
+ detection_pattern: va_arg\\(.*,\\s*\\w+(?!.*promoted)
247
+ fix_pattern: Match va_arg type with actual argument type
248
+ cwe: CWE-119
249
+ cve_reference: n/a
250
+ example_vuln: int val = va_arg(args, short); // Wrong
251
+ example_fix: int val = va_arg(args, int); // short promotes to int
252
+ - id: C-22
253
+ name: Uncontrolled Recursion
254
+ severity: MEDIUM
255
+ category: DoS
256
+ description: Recursive function without depth limit causes stack overflow
257
+ detection_pattern: \\w+\\(.*\\)\\s*\\{[^}]*\\w+\\((?!.*depth)
258
+ fix_pattern: Add depth parameter and limit max recursion depth
259
+ cwe: CWE-674
260
+ cve_reference: n/a
261
+ example_vuln: void parse(Node *n) { parse(n->child); }
262
+ example_fix: void parse(Node *n, int depth) { if (depth > MAX_DEPTH) return; parse(n->child, depth+1); }
263
+ - id: C-23
264
+ name: Dangerous Function gets
265
+ severity: CRITICAL
266
+ category: Memory
267
+ description: gets() has no bounds checking now deprecated
268
+ detection_pattern: gets\\(
269
+ fix_pattern: Replace with fgets() which has size limit
270
+ cwe: CWE-242
271
+ cve_reference: n/a
272
+ example_vuln: gets(buffer);
273
+ example_fix: fgets(buffer, sizeof(buffer), stdin);
274
+ - id: C-24
275
+ name: Missing Return Value Check
276
+ severity: HIGH
277
+ category: Error
278
+ description: malloc/realloc return value not checked for NULL
279
+ detection_pattern: (malloc|realloc)\\(.*\\)(?!.*if.*==.*NULL|!=.*NULL)
280
+ fix_pattern: Always check return value of memory allocation
281
+ cwe: CWE-252
282
+ cve_reference: n/a
283
+ example_vuln: char *p = malloc(size); *p = 'x';
284
+ example_fix: char *p = malloc(size); if (p == NULL) return -1; *p = 'x';
285
+ - id: C-25
286
+ name: Insecure Permissions
287
+ severity: MEDIUM
288
+ category: File
289
+ description: File created with world-readable permissions
290
+ detection_pattern: open\\(.*0777|fopen(?!.*fchmod)
291
+ fix_pattern: Use restrictive permissions 0600 for sensitive files
292
+ cwe: CWE-732
293
+ cve_reference: n/a
294
+ example_vuln: open(file, O_CREAT, 0777);
295
+ example_fix: open(file, O_CREAT, 0600);