@nockdev/awf 6.2.0 → 6.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (709) hide show
  1. package/.agent/build.yaml +3 -3
  2. package/.agent/config.yaml +21 -146
  3. package/.agent/core/AGENT_BEHAVIOR.md +86 -0
  4. package/.agent/core/AUDIT_POLICY.md +1 -1
  5. package/.agent/core/CACHE.md +1 -1
  6. package/.agent/core/COMMANDS.md +16 -7
  7. package/.agent/core/CUSTOMIZE.md +61 -3
  8. package/.agent/core/DATA_SAFETY.md +1 -1
  9. package/.agent/core/MEMORY_PATHS.yaml +2 -2
  10. package/.agent/core/PERMISSIONS.md +1 -1
  11. package/.agent/core/README.md +1 -1
  12. package/.agent/core/VERSION.yaml +18 -8
  13. package/.agent/core/{ACTIVE_MEMORY.yaml → archive/ACTIVE_MEMORY.yaml} +2 -2
  14. package/.agent/core/{CHECKPOINT.yaml → archive/CHECKPOINT.yaml} +2 -2
  15. package/.agent/core/{CLEANUP_ENGINE.yaml → archive/CLEANUP_ENGINE.yaml} +2 -2
  16. package/.agent/core/{CONTEXT_INJECTOR.yaml → archive/CONTEXT_INJECTOR.yaml} +2 -2
  17. package/.agent/core/{CONTEXT_LOADER.yaml → archive/CONTEXT_LOADER.yaml} +1 -1
  18. package/.agent/core/{CONTEXT_OPTIMIZATION.yaml → archive/CONTEXT_OPTIMIZATION.yaml} +1 -1
  19. package/.agent/core/{CONTEXT_PRIORITY.yaml → archive/CONTEXT_PRIORITY.yaml} +2 -2
  20. package/.agent/core/{FLOW_ENGINE.yaml → archive/FLOW_ENGINE.yaml} +1 -1
  21. package/.agent/core/{GRAPH_MEMORY.yaml → archive/GRAPH_MEMORY.yaml} +1 -1
  22. package/.agent/core/{HYBRID_ROUTER.yaml → archive/HYBRID_ROUTER.yaml} +1 -1
  23. package/.agent/core/{INTENT_DETECTION.yaml → archive/INTENT_DETECTION.yaml} +1 -1
  24. package/.agent/core/{MEMORY_CONSOLIDATION.yaml → archive/MEMORY_CONSOLIDATION.yaml} +3 -3
  25. package/.agent/core/{MEMORY_ENGINE.yaml → archive/MEMORY_ENGINE.yaml} +2 -2
  26. package/.agent/core/{MEMORY_UTILS.yaml → archive/MEMORY_UTILS.yaml} +1 -1
  27. package/.agent/core/{REFLECTION_ENGINE.yaml → archive/REFLECTION_ENGINE.yaml} +1 -1
  28. package/.agent/core/{ROUTER.yaml → archive/ROUTER.yaml} +5 -5
  29. package/.agent/core/{SCORING_FORMULA.yaml → archive/SCORING_FORMULA.yaml} +2 -2
  30. package/.agent/core/{SEMANTIC_ENGINE.yaml → archive/SEMANTIC_ENGINE.yaml} +1 -1
  31. package/.agent/core/{SKILLS_FLOW.yaml → archive/SKILLS_FLOW.yaml} +2 -2
  32. package/.agent/core/{STATE_MACHINE.yaml → archive/STATE_MACHINE.yaml} +1 -1
  33. package/.agent/core/{SUMMARIZATION_ENGINE.yaml → archive/SUMMARIZATION_ENGINE.yaml} +2 -2
  34. package/.agent/core/{TOKEN_BUDGETS.yaml → archive/TOKEN_BUDGETS.yaml} +2 -2
  35. package/.agent/core/{TOKEN_LOADING.yaml → archive/TOKEN_LOADING.yaml} +2 -2
  36. package/.agent/core/{TOKEN_SUMMARY.yaml → archive/TOKEN_SUMMARY.yaml} +2 -2
  37. package/.agent/core/{CODING_STYLES.yaml → reference/CODING_STYLES.yaml} +1 -1
  38. package/.agent/core/{LIBRARY_REGISTRY.yaml → reference/LIBRARY_REGISTRY.yaml} +1 -1
  39. package/.agent/core/{MCP_TOOLS.yaml → reference/MCP_TOOLS.yaml} +2 -2
  40. package/.agent/core/{PATTERNS.yaml → reference/PATTERNS.yaml} +1 -1
  41. package/.agent/core/{SKILL_SCHEMA.yaml → reference/SKILL_SCHEMA.yaml} +2 -2
  42. package/.agent/i18n/en.yaml +6 -6
  43. package/.agent/i18n/vi.yaml +6 -6
  44. package/.agent/ide/README.md +1 -1
  45. package/.agent/ide/amazonq.json +3 -3
  46. package/.agent/ide/amp.json +4 -3
  47. package/.agent/ide/antigravity.json +4 -3
  48. package/.agent/ide/augment.json +4 -4
  49. package/.agent/ide/claude.json +4 -3
  50. package/.agent/ide/cline.json +4 -3
  51. package/.agent/ide/codex.json +6 -1
  52. package/.agent/ide/cody.json +4 -3
  53. package/.agent/ide/continue.json +4 -3
  54. package/.agent/ide/cursor.json +4 -3
  55. package/.agent/ide/gemini.json +4 -3
  56. package/.agent/ide/jetbrains.json +4 -3
  57. package/.agent/ide/kiro.json +4 -3
  58. package/.agent/ide/opencode.json +4 -3
  59. package/.agent/ide/roo.json +4 -3
  60. package/.agent/ide/tabnine.json +4 -3
  61. package/.agent/ide/trae.json +4 -3
  62. package/.agent/ide/vscode.json +4 -3
  63. package/.agent/ide/windsurf.json +4 -3
  64. package/.agent/ide/zed.json +4 -3
  65. package/.agent/manifest.yaml +142 -34
  66. package/.agent/memory/core_memory/persona.json +2 -2
  67. package/.agent/memory/core_memory/project.json +1 -1
  68. package/.agent/memory/core_memory/rules.json +1 -1
  69. package/.agent/memory/core_memory/user.json +1 -1
  70. package/.agent/memory/graph/knowledge_graph.json +1 -1
  71. package/.agent/memory/patterns/errors.json +1 -1
  72. package/.agent/memory/patterns/successes.json +1 -1
  73. package/.agent/memory/state.json +3 -3
  74. package/.agent/personas/README.md +1 -1
  75. package/.agent/personas/architect.md +1 -1
  76. package/.agent/personas/auditor.md +1 -1
  77. package/.agent/personas/debugger.md +1 -1
  78. package/.agent/personas/developer.md +1 -1
  79. package/.agent/personas/devops.md +1 -1
  80. package/.agent/personas/documenter.md +1 -1
  81. package/.agent/personas/orchestrator.md +1 -1
  82. package/.agent/personas/persona.schema.yaml +1 -1
  83. package/.agent/personas/planner.md +1 -1
  84. package/.agent/personas/researcher.md +1 -1
  85. package/.agent/personas/security.md +1 -1
  86. package/.agent/personas/tester.md +1 -1
  87. package/.agent/private/README.md +74 -0
  88. package/.agent/private/_index.yaml +23 -0
  89. package/.agent/private/_template/META.yaml +38 -0
  90. package/.agent/private/_template/SKILL.md +43 -0
  91. package/.agent/private/_template/data/.gitkeep +0 -0
  92. package/.agent/private/autodomyh-api/META.yaml +48 -0
  93. package/.agent/private/autodomyh-api/SKILL.md +141 -0
  94. package/.agent/private/autodomyh-api/data/conventions.yaml +107 -0
  95. package/.agent/rules/README.md +24 -18
  96. package/.agent/rules/SACRED_RULES.xml +42 -36
  97. package/.agent/rules/{constitutional → archive/constitutional}/tier-0-core.yaml +5 -5
  98. package/.agent/rules/{constitutional → archive/constitutional}/tier-1-safety.yaml +5 -5
  99. package/.agent/rules/{constitutional → archive/constitutional}/tier-2-execution.yaml +6 -6
  100. package/.agent/rules/{modules → archive}/context-management.yaml +1 -1
  101. package/.agent/rules/{duplication-prevention.md → archive/duplication-prevention.md} +1 -1
  102. package/.agent/rules/{modules → archive}/evidence.yaml +1 -1
  103. package/.agent/rules/{project-detection.md → archive/project-detection.md} +1 -1
  104. package/.agent/rules/{modules → archive}/reflection.yaml +1 -1
  105. package/.agent/rules/{modules → archive}/versioning.yaml +3 -3
  106. package/.agent/rules/data/build-systems.yaml +2 -2
  107. package/.agent/rules/modules/agent-delegation.yaml +136 -0
  108. package/.agent/rules/modules/edit-verification.yaml +1 -1
  109. package/.agent/rules/modules/git-workflow.yaml +1 -1
  110. package/.agent/rules/modules/language.yaml +1 -1
  111. package/.agent/rules/modules/online-research.yaml +1 -1
  112. package/.agent/rules/modules/performance-optimization.yaml +141 -0
  113. package/.agent/rules/modules/quality.yaml +1 -1
  114. package/.agent/rules/modules/stop-conditions.yaml +1 -1
  115. package/.agent/rules/modules/terminal-safety.yaml +1 -1
  116. package/.agent/rules/modules/yagni.yaml +1 -1
  117. package/.agent/rules/validation-framework.md +1 -1
  118. package/.agent/skills/DEVELOPMENT.yaml +5 -5
  119. package/.agent/skills/README.md +19 -16
  120. package/.agent/skills/_categories.yaml +60 -8
  121. package/.agent/skills/_router.yaml +61 -19
  122. package/.agent/skills/ai-ml/ai-agents/META.yaml +127 -0
  123. package/.agent/skills/ai-ml/ai-agents/SKILL.md +139 -0
  124. package/.agent/skills/ai-ml/ai-agents/data/agent-rules.yaml +120 -0
  125. package/.agent/skills/ai-ml/ai-agents/data/llm-integration.yaml +129 -0
  126. package/.agent/skills/ai-ml/ai-agents/data/memory-patterns.yaml +123 -0
  127. package/.agent/skills/ai-ml/ai-agents/data/orchestration-patterns.yaml +101 -0
  128. package/.agent/skills/ai-ml/gemini-live/META.yaml +55 -0
  129. package/.agent/skills/ai-ml/gemini-live/SKILL.md +155 -0
  130. package/.agent/skills/ai-ml/gemini-live/data/code-execution.yaml +131 -0
  131. package/.agent/skills/ai-ml/gemini-live/data/context-caching.yaml +96 -0
  132. package/.agent/skills/ai-ml/gemini-live/data/grounding.yaml +97 -0
  133. package/.agent/skills/ai-ml/gemini-live/data/live-api.yaml +103 -0
  134. package/.agent/skills/ai-ml/gemini-media-gen/META.yaml +56 -0
  135. package/.agent/skills/ai-ml/gemini-media-gen/SKILL.md +128 -0
  136. package/.agent/skills/ai-ml/gemini-media-gen/data/files-api.yaml +96 -0
  137. package/.agent/skills/ai-ml/gemini-media-gen/data/image-models.yaml +112 -0
  138. package/.agent/skills/ai-ml/gemini-media-gen/data/image-prompts.yaml +131 -0
  139. package/.agent/skills/ai-ml/gemini-media-gen/data/video-generation.yaml +131 -0
  140. package/.agent/skills/ai-ml/gemini-tts/META.yaml +49 -0
  141. package/.agent/skills/ai-ml/gemini-tts/SKILL.md +124 -0
  142. package/.agent/skills/ai-ml/gemini-tts/data/markup-tags.yaml +95 -0
  143. package/.agent/skills/ai-ml/gemini-tts/data/models.yaml +124 -0
  144. package/.agent/skills/ai-ml/gemini-tts/data/prompting-patterns.yaml +81 -0
  145. package/.agent/skills/ai-ml/prompt-engineering/META.yaml +77 -0
  146. package/.agent/skills/ai-ml/prompt-engineering/SKILL.md +217 -0
  147. package/.agent/skills/ai-ml/prompt-engineering/data/gemini3-patterns.yaml +170 -0
  148. package/.agent/skills/ai-ml/prompt-engineering/data/output-patterns.yaml +73 -0
  149. package/.agent/skills/ai-ml/prompt-engineering/data/provider-patterns.yaml +82 -0
  150. package/.agent/skills/ai-ml/prompt-engineering/data/reasoning-patterns.yaml +86 -0
  151. package/.agent/skills/ai-ml/prompt-engineering/data/safety-patterns.yaml +71 -0
  152. package/.agent/skills/ai-ml/prompt-engineering/data/tool-patterns.yaml +173 -0
  153. package/.agent/skills/ai-ml/rag-patterns/META.yaml +57 -0
  154. package/.agent/skills/ai-ml/rag-patterns/SKILL.md +92 -0
  155. package/.agent/skills/ai-ml/rag-patterns/data/chunking-strategies.yaml +71 -0
  156. package/.agent/skills/ai-ml/rag-patterns/data/embedding-models.yaml +76 -0
  157. package/.agent/skills/ai-ml/rag-patterns/data/evaluation.yaml +92 -0
  158. package/.agent/skills/ai-ml/rag-patterns/data/retrieval-patterns.yaml +101 -0
  159. package/.agent/skills/ai-ml/rag-patterns/data/vector-databases.yaml +103 -0
  160. package/.agent/skills/ai-ml/vector-search/META.yaml +63 -0
  161. package/.agent/skills/ai-ml/vector-search/SKILL.md +110 -0
  162. package/.agent/skills/ai-ml/vector-search/data/embedding-models.yaml +117 -0
  163. package/.agent/skills/ai-ml/vector-search/data/search-patterns.yaml +118 -0
  164. package/.agent/skills/ai-ml/vector-search/data/vector-dbs.yaml +155 -0
  165. package/.agent/skills/core/api-design/META.yaml +1 -5
  166. package/.agent/skills/core/api-design/SKILL.md +20 -26
  167. package/.agent/skills/core/api-design/data/api-versioning.yaml +211 -211
  168. package/.agent/skills/core/api-design/data/error-responses.yaml +129 -129
  169. package/.agent/skills/core/api-design/data/graphql-patterns.yaml +159 -159
  170. package/.agent/skills/core/api-design/data/grpc-patterns.yaml +159 -159
  171. package/.agent/skills/core/api-design/data/http-status-codes.yaml +170 -170
  172. package/.agent/skills/core/api-design/data/modern-api-patterns.yaml +160 -0
  173. package/.agent/skills/core/api-design/data/pagination.yaml +115 -115
  174. package/.agent/skills/core/api-design/data/rate-limiting.yaml +129 -129
  175. package/.agent/skills/core/api-design/data/rest-patterns.yaml +189 -189
  176. package/.agent/skills/core/api-design/data/test-apis.yaml +211 -211
  177. package/.agent/skills/core/authentication/META.yaml +1 -5
  178. package/.agent/skills/core/authentication/SKILL.md +36 -43
  179. package/.agent/skills/core/authentication/data/anti-patterns.yaml +129 -129
  180. package/.agent/skills/core/authentication/data/core-patterns.yaml +250 -250
  181. package/.agent/skills/core/authentication/data/jwt-patterns.yaml +249 -249
  182. package/.agent/skills/core/authentication/data/language-csharp.yaml +209 -209
  183. package/.agent/skills/core/authentication/data/language-go.yaml +209 -209
  184. package/.agent/skills/core/authentication/data/language-java.yaml +209 -209
  185. package/.agent/skills/core/authentication/data/language-mobile.yaml +209 -209
  186. package/.agent/skills/core/authentication/data/language-python.yaml +209 -209
  187. package/.agent/skills/core/authentication/data/language-rust.yaml +209 -209
  188. package/.agent/skills/core/authentication/data/language-typescript.yaml +209 -209
  189. package/.agent/skills/core/authentication/data/mfa-patterns.yaml +169 -169
  190. package/.agent/skills/core/authentication/data/oauth-patterns.yaml +249 -249
  191. package/.agent/skills/core/authentication/data/oauth.yaml +243 -243
  192. package/.agent/skills/core/authentication/data/passkey-patterns.yaml +149 -0
  193. package/.agent/skills/core/authentication/data/passkeys-webauthn.yaml +209 -209
  194. package/.agent/skills/core/authentication/data/passkeys.yaml +203 -203
  195. package/.agent/skills/core/authentication/data/password-patterns.yaml +169 -169
  196. package/.agent/skills/core/authentication/data/password.yaml +163 -163
  197. package/.agent/skills/core/authentication/data/session-patterns.yaml +209 -209
  198. package/.agent/skills/core/error-handling/META.yaml +1 -5
  199. package/.agent/skills/core/error-handling/SKILL.md +21 -25
  200. package/.agent/skills/core/error-handling/data/anti-patterns.yaml +99 -99
  201. package/.agent/skills/core/error-handling/data/api-error-patterns.yaml +2 -2
  202. package/.agent/skills/core/error-handling/data/core-patterns.yaml +2 -2
  203. package/.agent/skills/core/error-handling/data/error-codes.yaml +159 -159
  204. package/.agent/skills/core/error-handling/data/error-messages.yaml +2 -2
  205. package/.agent/skills/core/error-handling/data/language-c-cpp.yaml +220 -220
  206. package/.agent/skills/core/error-handling/data/language-go-rust.yaml +2 -2
  207. package/.agent/skills/core/error-handling/data/language-python-java.yaml +220 -220
  208. package/.agent/skills/core/error-handling/data/language-swift-kotlin.yaml +220 -220
  209. package/.agent/skills/core/error-handling/data/language-typescript-php-ruby.yaml +220 -220
  210. package/.agent/skills/core/error-handling/data/resilience-patterns.yaml +2 -2
  211. package/.agent/skills/core/error-handling/data/ui-error-patterns.yaml +129 -129
  212. package/.agent/skills/core/logging/META.yaml +1 -5
  213. package/.agent/skills/core/logging/SKILL.md +28 -42
  214. package/.agent/skills/core/logging/data/aggregation-patterns.yaml +185 -185
  215. package/.agent/skills/core/logging/data/anti-patterns.yaml +115 -115
  216. package/.agent/skills/core/logging/data/core-patterns.yaml +220 -220
  217. package/.agent/skills/core/logging/data/language-csharp.yaml +185 -185
  218. package/.agent/skills/core/logging/data/language-go.yaml +185 -185
  219. package/.agent/skills/core/logging/data/language-java.yaml +185 -185
  220. package/.agent/skills/core/logging/data/language-kotlin.yaml +150 -150
  221. package/.agent/skills/core/logging/data/language-others.yaml +178 -178
  222. package/.agent/skills/core/logging/data/language-python.yaml +185 -185
  223. package/.agent/skills/core/logging/data/language-rust.yaml +185 -185
  224. package/.agent/skills/core/logging/data/language-swift.yaml +150 -150
  225. package/.agent/skills/core/logging/data/language-typescript.yaml +185 -185
  226. package/.agent/skills/core/logging/data/otel-logging.yaml +150 -150
  227. package/.agent/skills/core/observability/META.yaml +1 -5
  228. package/.agent/skills/core/observability/SKILL.md +29 -38
  229. package/.agent/skills/core/observability/data/alerting-patterns.yaml +159 -159
  230. package/.agent/skills/core/observability/data/anti-patterns.yaml +99 -99
  231. package/.agent/skills/core/observability/data/core-patterns.yaml +189 -189
  232. package/.agent/skills/core/observability/data/language-cpp.yaml +159 -159
  233. package/.agent/skills/core/observability/data/language-csharp.yaml +159 -159
  234. package/.agent/skills/core/observability/data/language-go.yaml +159 -159
  235. package/.agent/skills/core/observability/data/language-java.yaml +159 -159
  236. package/.agent/skills/core/observability/data/language-others.yaml +249 -249
  237. package/.agent/skills/core/observability/data/language-python.yaml +159 -159
  238. package/.agent/skills/core/observability/data/language-rust.yaml +159 -159
  239. package/.agent/skills/core/observability/data/language-typescript.yaml +159 -159
  240. package/.agent/skills/core/observability/data/metrics-patterns.yaml +129 -129
  241. package/.agent/skills/core/observability/data/metrics-prometheus.yaml +159 -159
  242. package/.agent/skills/core/observability/data/otel-core.yaml +189 -189
  243. package/.agent/skills/core/observability/data/profiling-patterns.yaml +129 -129
  244. package/.agent/skills/core/observability/data/tracing-patterns.yaml +159 -159
  245. package/.agent/skills/core/observability/data/tracing-tools.yaml +129 -129
  246. package/.agent/skills/core/security/META.yaml +1 -5
  247. package/.agent/skills/core/security/SKILL.md +25 -25
  248. package/.agent/skills/core/security/data/ai-ml-security.yaml +255 -255
  249. package/.agent/skills/core/security/data/api-security.yaml +224 -224
  250. package/.agent/skills/core/security/data/auth-patterns.yaml +189 -189
  251. package/.agent/skills/core/security/data/binary-exploitation.yaml +333 -333
  252. package/.agent/skills/core/security/data/cloud-security.yaml +263 -263
  253. package/.agent/skills/core/security/data/cwe-top25.yaml +409 -409
  254. package/.agent/skills/core/security/data/language-specific/c-security.yaml +289 -289
  255. package/.agent/skills/core/security/data/language-specific/cpp-security.yaml +289 -289
  256. package/.agent/skills/core/security/data/language-specific/csharp-security.yaml +213 -213
  257. package/.agent/skills/core/security/data/language-specific/go-security.yaml +213 -213
  258. package/.agent/skills/core/security/data/language-specific/java-security.yaml +289 -289
  259. package/.agent/skills/core/security/data/language-specific/kotlin-security.yaml +192 -192
  260. package/.agent/skills/core/security/data/language-specific/php-security.yaml +213 -213
  261. package/.agent/skills/core/security/data/language-specific/python-security.yaml +289 -289
  262. package/.agent/skills/core/security/data/language-specific/ruby-security.yaml +192 -192
  263. package/.agent/skills/core/security/data/language-specific/rust-security.yaml +234 -234
  264. package/.agent/skills/core/security/data/language-specific/solidity-security.yaml +363 -363
  265. package/.agent/skills/core/security/data/language-specific/swift-security.yaml +192 -192
  266. package/.agent/skills/core/security/data/language-specific/typescript-security.yaml +289 -289
  267. package/.agent/skills/core/security/data/mobile-security.yaml +363 -363
  268. package/.agent/skills/core/security/data/network-security.yaml +291 -291
  269. package/.agent/skills/core/security/data/owasp-llm-top10.yaml +122 -0
  270. package/.agent/skills/core/security/data/owasp-top10.yaml +165 -165
  271. package/.agent/skills/core/security/data/reverse-engineering.yaml +491 -491
  272. package/.agent/skills/core/security/data/supply-chain.yaml +213 -213
  273. package/.agent/skills/cross-cutting/_index.yaml +4 -2
  274. package/.agent/skills/cross-cutting/accessibility/META.yaml +45 -0
  275. package/.agent/skills/cross-cutting/accessibility/SKILL.md +121 -0
  276. package/.agent/skills/cross-cutting/accessibility/data/aria-patterns.yaml +88 -0
  277. package/.agent/skills/cross-cutting/accessibility/data/testing-tools.yaml +60 -0
  278. package/.agent/skills/cross-cutting/accessibility/data/wcag-guidelines.yaml +98 -0
  279. package/.agent/skills/cross-cutting/audit-pro/META.yaml +2 -6
  280. package/.agent/skills/cross-cutting/bun/META.yaml +2 -8
  281. package/.agent/skills/cross-cutting/bun/SKILL.md +8 -12
  282. package/.agent/skills/cross-cutting/coding-rules/META.yaml +4 -11
  283. package/.agent/skills/cross-cutting/coding-rules/SKILL.md +38 -46
  284. package/.agent/skills/cross-cutting/coding-rules/data/adr-patterns.yaml +102 -0
  285. package/.agent/skills/cross-cutting/coding-rules/data/architecture-patterns.yaml +289 -90
  286. package/.agent/skills/cross-cutting/coding-rules/data/build-systems.yaml +340 -340
  287. package/.agent/skills/cross-cutting/coding-rules/data/coding-rules.yaml +641 -641
  288. package/.agent/skills/cross-cutting/coding-rules/data/concurrency-patterns.yaml +102 -102
  289. package/.agent/skills/cross-cutting/coding-rules/data/design-patterns.yaml +254 -254
  290. package/.agent/skills/cross-cutting/coding-rules/data/framework-directories.yaml +446 -0
  291. package/.agent/skills/cross-cutting/coding-rules/data/framework-signatures.yaml +338 -338
  292. package/.agent/skills/cross-cutting/coding-rules/data/memory-management.yaml +102 -102
  293. package/.agent/skills/cross-cutting/coding-rules/data/naming-conventions.yaml +314 -314
  294. package/.agent/skills/cross-cutting/coding-rules/data/performance-benchmarks.yaml +158 -158
  295. package/.agent/skills/cross-cutting/coding-rules/data/solid-principles.yaml +74 -74
  296. package/.agent/skills/cross-cutting/coding-rules/data/test-frameworks.yaml +177 -177
  297. package/.agent/skills/cross-cutting/database/META.yaml +2 -2
  298. package/.agent/skills/cross-cutting/database/SKILL.md +10 -19
  299. package/.agent/skills/cross-cutting/deno/META.yaml +2 -8
  300. package/.agent/skills/cross-cutting/deno/SKILL.md +8 -12
  301. package/.agent/skills/cross-cutting/domyh-design/ADVANCED.md +247 -0
  302. package/.agent/skills/cross-cutting/{ui-ux-pro-max → domyh-design}/META.yaml +44 -13
  303. package/.agent/skills/cross-cutting/domyh-design/SKILL.md +171 -0
  304. package/.agent/skills/cross-cutting/domyh-design/data/animation-ui-kits.yaml +198 -0
  305. package/.agent/skills/cross-cutting/domyh-design/data/charts.yaml +331 -0
  306. package/.agent/skills/cross-cutting/domyh-design/data/colors.yaml +1226 -0
  307. package/.agent/skills/cross-cutting/domyh-design/data/component-decision.yaml +287 -0
  308. package/.agent/skills/cross-cutting/domyh-design/data/component-effects.yaml +673 -0
  309. package/.agent/skills/cross-cutting/domyh-design/data/component-mapping.yaml +318 -0
  310. package/.agent/skills/cross-cutting/domyh-design/data/design-system-prompts.yaml +174 -0
  311. package/.agent/skills/cross-cutting/domyh-design/data/design-tokens.yaml +525 -0
  312. package/.agent/skills/cross-cutting/domyh-design/data/desktop-animation.yaml +680 -0
  313. package/.agent/skills/cross-cutting/domyh-design/data/desktop-architecture.yaml +140 -0
  314. package/.agent/skills/cross-cutting/{ui-ux-pro-max → domyh-design}/data/desktop-colors.yaml +4 -4
  315. package/.agent/skills/cross-cutting/domyh-design/data/directory-structure.yaml +80 -0
  316. package/.agent/skills/cross-cutting/domyh-design/data/icons.yaml +918 -0
  317. package/.agent/skills/cross-cutting/domyh-design/data/image-gen-prompts.yaml +678 -0
  318. package/.agent/skills/cross-cutting/domyh-design/data/image-gen-workflows.yaml +202 -0
  319. package/.agent/skills/cross-cutting/domyh-design/data/implementation-strategy.yaml +107 -0
  320. package/.agent/skills/cross-cutting/domyh-design/data/landing.yaml +373 -0
  321. package/.agent/skills/cross-cutting/domyh-design/data/micro-interactions.yaml +528 -0
  322. package/.agent/skills/cross-cutting/domyh-design/data/platform-frameworks.yaml +195 -0
  323. package/.agent/skills/cross-cutting/domyh-design/data/platform-guidelines.yaml +177 -0
  324. package/.agent/skills/cross-cutting/domyh-design/data/products.yaml +1339 -0
  325. package/.agent/skills/cross-cutting/domyh-design/data/prompts.yaml +207 -0
  326. package/.agent/skills/cross-cutting/domyh-design/data/react-performance.yaml +504 -0
  327. package/.agent/skills/cross-cutting/domyh-design/data/scroll-animation-patterns.yaml +398 -0
  328. package/.agent/skills/cross-cutting/domyh-design/data/stacks/desktop.yaml +228 -0
  329. package/.agent/skills/cross-cutting/domyh-design/data/stacks/flutter.yaml +508 -0
  330. package/.agent/skills/cross-cutting/domyh-design/data/stacks/html-tailwind.yaml +543 -0
  331. package/.agent/skills/cross-cutting/domyh-design/data/stacks/nextjs.yaml +515 -0
  332. package/.agent/skills/cross-cutting/domyh-design/data/stacks/nuxt-ui.yaml +519 -0
  333. package/.agent/skills/cross-cutting/domyh-design/data/stacks/nuxtjs.yaml +599 -0
  334. package/.agent/skills/cross-cutting/domyh-design/data/stacks/react-native.yaml +496 -0
  335. package/.agent/skills/cross-cutting/domyh-design/data/stacks/react.yaml +526 -0
  336. package/.agent/skills/cross-cutting/domyh-design/data/stacks/shadcn.yaml +616 -0
  337. package/.agent/skills/cross-cutting/domyh-design/data/stacks/svelte.yaml +520 -0
  338. package/.agent/skills/cross-cutting/domyh-design/data/stacks/swiftui.yaml +486 -0
  339. package/.agent/skills/cross-cutting/domyh-design/data/stacks/vue.yaml +485 -0
  340. package/.agent/skills/cross-cutting/domyh-design/data/styles.yaml +1473 -0
  341. package/.agent/skills/cross-cutting/domyh-design/data/tailwind-animation-plugins.yaml +462 -0
  342. package/.agent/skills/cross-cutting/domyh-design/data/typography.yaml +647 -0
  343. package/.agent/skills/cross-cutting/domyh-design/data/ui-reasoning.yaml +1019 -0
  344. package/.agent/skills/cross-cutting/domyh-design/data/ux-guidelines.yaml +1009 -0
  345. package/.agent/skills/cross-cutting/domyh-design/data/web-animation-libraries.yaml +541 -0
  346. package/.agent/skills/cross-cutting/domyh-design/data/web-interface.yaml +347 -0
  347. package/.agent/skills/cross-cutting/domyh-design/data/webview-animation-optimization.yaml +685 -0
  348. package/.agent/skills/cross-cutting/electron/SKILL.md +10 -14
  349. package/.agent/skills/cross-cutting/event-driven/META.yaml +108 -0
  350. package/.agent/skills/cross-cutting/event-driven/SKILL.md +123 -0
  351. package/.agent/skills/cross-cutting/event-driven/data/broker-comparison.yaml +123 -0
  352. package/.agent/skills/cross-cutting/event-driven/data/eda-patterns.yaml +120 -0
  353. package/.agent/skills/cross-cutting/event-driven/data/production-patterns.yaml +120 -0
  354. package/.agent/skills/cross-cutting/microservices/META.yaml +90 -0
  355. package/.agent/skills/cross-cutting/microservices/SKILL.md +120 -0
  356. package/.agent/skills/cross-cutting/microservices/data/communication.yaml +163 -0
  357. package/.agent/skills/cross-cutting/microservices/data/cqrs-patterns.yaml +199 -0
  358. package/.agent/skills/cross-cutting/microservices/data/deployment.yaml +153 -0
  359. package/.agent/skills/cross-cutting/microservices/data/event-sourcing.yaml +231 -0
  360. package/.agent/skills/cross-cutting/microservices/data/observability.yaml +152 -0
  361. package/.agent/skills/cross-cutting/microservices/data/resilience.yaml +189 -0
  362. package/.agent/skills/cross-cutting/microservices/data/saga-patterns.yaml +161 -0
  363. package/.agent/skills/cross-cutting/microservices/data/service-mesh.yaml +179 -0
  364. package/.agent/skills/cross-cutting/monorepo/META.yaml +54 -0
  365. package/.agent/skills/cross-cutting/monorepo/SKILL.md +108 -0
  366. package/.agent/skills/cross-cutting/monorepo/data/ci-cd-strategies.yaml +74 -0
  367. package/.agent/skills/cross-cutting/monorepo/data/nx-patterns.yaml +74 -0
  368. package/.agent/skills/cross-cutting/monorepo/data/turborepo-patterns.yaml +84 -0
  369. package/.agent/skills/cross-cutting/monorepo/data/versioning.yaml +83 -0
  370. package/.agent/skills/cross-cutting/monorepo/data/workspace-patterns.yaml +85 -0
  371. package/.agent/skills/cross-cutting/playwright/ADVANCED.md +289 -0
  372. package/.agent/skills/cross-cutting/playwright/META.yaml +90 -0
  373. package/.agent/skills/cross-cutting/playwright/SKILL.md +210 -0
  374. package/.agent/skills/cross-cutting/playwright/data/ai-agents.yaml +137 -0
  375. package/.agent/skills/cross-cutting/playwright/data/config-templates.yaml +141 -0
  376. package/.agent/skills/cross-cutting/playwright/data/interaction-checklist.yaml +398 -0
  377. package/.agent/skills/cross-cutting/playwright/data/locator-patterns.yaml +96 -0
  378. package/.agent/skills/cross-cutting/playwright/data/mcp-tools.yaml +153 -0
  379. package/.agent/skills/cross-cutting/playwright/data/open-source-tools.yaml +95 -0
  380. package/.agent/skills/cross-cutting/real-time/META.yaml +72 -0
  381. package/.agent/skills/cross-cutting/real-time/SKILL.md +128 -0
  382. package/.agent/skills/cross-cutting/real-time/data/socketio-patterns.yaml +165 -0
  383. package/.agent/skills/cross-cutting/real-time/data/sse-patterns.yaml +181 -0
  384. package/.agent/skills/cross-cutting/real-time/data/websocket-patterns.yaml +176 -0
  385. package/.agent/skills/cross-cutting/seo/META.yaml +47 -0
  386. package/.agent/skills/cross-cutting/seo/SKILL.md +114 -0
  387. package/.agent/skills/cross-cutting/seo/data/core-web-vitals.yaml +93 -0
  388. package/.agent/skills/cross-cutting/seo/data/structured-data.yaml +82 -0
  389. package/.agent/skills/cross-cutting/seo/data/technical-seo.yaml +75 -0
  390. package/.agent/skills/cross-cutting/sql/META.yaml +2 -8
  391. package/.agent/skills/cross-cutting/sql/SKILL.md +8 -12
  392. package/.agent/skills/cross-cutting/tailwind/META.yaml +3 -20
  393. package/.agent/skills/cross-cutting/tailwind/SKILL.md +13 -11
  394. package/.agent/skills/cross-cutting/tauri/META.yaml +75 -0
  395. package/.agent/skills/cross-cutting/tauri/SKILL.md +127 -0
  396. package/.agent/skills/cross-cutting/tauri/data/build.yaml +141 -0
  397. package/.agent/skills/cross-cutting/tauri/data/plugins.yaml +157 -0
  398. package/.agent/skills/cross-cutting/tauri/data/security.yaml +134 -0
  399. package/.agent/skills/cross-cutting/tdd-workflow/META.yaml +58 -0
  400. package/.agent/skills/cross-cutting/tdd-workflow/SKILL.md +128 -0
  401. package/.agent/skills/cross-cutting/tdd-workflow/data/anti-patterns.yaml +70 -0
  402. package/.agent/skills/cross-cutting/tdd-workflow/data/bdd-atdd-patterns.yaml +77 -0
  403. package/.agent/skills/cross-cutting/tdd-workflow/data/core-tdd-cycle.yaml +104 -0
  404. package/.agent/skills/cross-cutting/tdd-workflow/data/coverage-strategies.yaml +105 -0
  405. package/.agent/skills/cross-cutting/tdd-workflow/data/language-patterns.yaml +115 -0
  406. package/.agent/skills/cross-cutting/tdd-workflow/data/test-doubles.yaml +93 -0
  407. package/.agent/skills/cross-cutting/testing/META.yaml +1 -5
  408. package/.agent/skills/cross-cutting/testing/SKILL.md +13 -26
  409. package/.agent/skills/cross-cutting/testing/data/e2e-patterns.yaml +136 -0
  410. package/.agent/skills/cross-cutting/testing/data/frameworks.yaml +3 -3
  411. package/.agent/skills/cross-cutting/testing/data/patterns.yaml +149 -147
  412. package/.agent/skills/cross-cutting/wasm/META.yaml +47 -0
  413. package/.agent/skills/cross-cutting/wasm/SKILL.md +88 -0
  414. package/.agent/skills/cross-cutting/wasm/data/browser-patterns.yaml +106 -0
  415. package/.agent/skills/cross-cutting/wasm/data/component-model.yaml +85 -0
  416. package/.agent/skills/cross-cutting/wasm/data/server-patterns.yaml +89 -0
  417. package/.agent/skills/cross-cutting/web-perf/META.yaml +3 -9
  418. package/.agent/skills/cross-cutting/web-perf/SKILL.md +9 -18
  419. package/.agent/skills/devops/aws/META.yaml +48 -63
  420. package/.agent/skills/devops/azure/META.yaml +44 -0
  421. package/.agent/skills/devops/azure/SKILL.md +43 -0
  422. package/.agent/skills/devops/azure/data/cli.yaml +69 -0
  423. package/.agent/skills/devops/azure/data/compute.yaml +83 -0
  424. package/.agent/skills/devops/azure/data/data-services.yaml +126 -0
  425. package/.agent/skills/devops/ci-cd/META.yaml +47 -14
  426. package/.agent/skills/devops/docker/META.yaml +53 -14
  427. package/.agent/skills/devops/gcp/META.yaml +43 -0
  428. package/.agent/skills/devops/gcp/SKILL.md +43 -0
  429. package/.agent/skills/devops/gcp/data/cli.yaml +39 -0
  430. package/.agent/skills/devops/gcp/data/compute.yaml +92 -0
  431. package/.agent/skills/devops/gcp/data/data-services.yaml +97 -0
  432. package/.agent/skills/devops/kubernetes/META.yaml +56 -7
  433. package/.agent/skills/devops/terraform/META.yaml +47 -0
  434. package/.agent/skills/devops/terraform/SKILL.md +73 -0
  435. package/.agent/skills/devops/terraform/data/ci-cd.yaml +89 -0
  436. package/.agent/skills/devops/terraform/data/hcl-patterns.yaml +131 -0
  437. package/.agent/skills/devops/terraform/data/providers.yaml +96 -0
  438. package/.agent/skills/frameworks/angular/META.yaml +20 -6
  439. package/.agent/skills/frameworks/angular/SKILL.md +1 -1
  440. package/.agent/skills/frameworks/flutter/META.yaml +20 -6
  441. package/.agent/skills/frameworks/flutter/SKILL.md +1 -1
  442. package/.agent/skills/frameworks/nextjs/ADVANCED.md +2 -2
  443. package/.agent/skills/frameworks/nextjs/META.yaml +22 -8
  444. package/.agent/skills/frameworks/nextjs/SKILL.md +4 -4
  445. package/.agent/skills/frameworks/nextjs/data/server.yaml +4 -4
  446. package/.agent/skills/frameworks/nuxt/META.yaml +21 -7
  447. package/.agent/skills/frameworks/nuxt/SKILL.md +2 -2
  448. package/.agent/skills/frameworks/nuxt/data/core.yaml +14 -2
  449. package/.agent/skills/frameworks/nuxt/data/server.yaml +14 -2
  450. package/.agent/skills/frameworks/react/META.yaml +20 -7
  451. package/.agent/skills/frameworks/react/SKILL.md +7 -11
  452. package/.agent/skills/frameworks/react/data/core.yaml +14 -2
  453. package/.agent/skills/frameworks/react/data/server.yaml +16 -4
  454. package/.agent/skills/frameworks/react-native/META.yaml +19 -6
  455. package/.agent/skills/frameworks/react-native/SKILL.md +1 -1
  456. package/.agent/skills/frameworks/svelte/META.yaml +19 -6
  457. package/.agent/skills/frameworks/svelte/SKILL.md +1 -1
  458. package/.agent/skills/frameworks/vue/META.yaml +20 -8
  459. package/.agent/skills/frameworks/vue/SKILL.md +7 -7
  460. package/.agent/skills/frameworks/vue/data/advanced.yaml +19 -7
  461. package/.agent/skills/frameworks/vue/data/core.yaml +13 -1
  462. package/.agent/skills/index.json +67 -14
  463. package/.agent/skills/languages/asm/META.yaml +2 -8
  464. package/.agent/skills/languages/asm/SKILL.md +1 -1
  465. package/.agent/skills/languages/c/META.yaml +2 -8
  466. package/.agent/skills/languages/c/SKILL.md +1 -1
  467. package/.agent/skills/languages/clojure/META.yaml +2 -2
  468. package/.agent/skills/languages/clojure/SKILL.md +1 -1
  469. package/.agent/skills/languages/cpp/META.yaml +2 -8
  470. package/.agent/skills/languages/cpp/SKILL.md +1 -1
  471. package/.agent/skills/languages/crystal/META.yaml +2 -8
  472. package/.agent/skills/languages/crystal/SKILL.md +1 -1
  473. package/.agent/skills/languages/csharp/META.yaml +2 -2
  474. package/.agent/skills/languages/csharp/SKILL.md +1 -1
  475. package/.agent/skills/languages/elixir/META.yaml +2 -2
  476. package/.agent/skills/languages/elixir/SKILL.md +1 -1
  477. package/.agent/skills/languages/fsharp/META.yaml +2 -2
  478. package/.agent/skills/languages/fsharp/SKILL.md +1 -1
  479. package/.agent/skills/languages/go/META.yaml +2 -8
  480. package/.agent/skills/languages/go/SKILL.md +1 -1
  481. package/.agent/skills/languages/haskell/META.yaml +2 -2
  482. package/.agent/skills/languages/haskell/SKILL.md +1 -1
  483. package/.agent/skills/languages/java/META.yaml +2 -8
  484. package/.agent/skills/languages/java/SKILL.md +1 -1
  485. package/.agent/skills/languages/javascript/META.yaml +2 -8
  486. package/.agent/skills/languages/javascript/SKILL.md +1 -1
  487. package/.agent/skills/languages/julia/META.yaml +2 -2
  488. package/.agent/skills/languages/julia/SKILL.md +1 -1
  489. package/.agent/skills/languages/kotlin/META.yaml +2 -2
  490. package/.agent/skills/languages/kotlin/SKILL.md +1 -1
  491. package/.agent/skills/languages/lua/META.yaml +2 -8
  492. package/.agent/skills/languages/lua/SKILL.md +3 -3
  493. package/.agent/skills/languages/nim/META.yaml +2 -8
  494. package/.agent/skills/languages/nim/SKILL.md +1 -1
  495. package/.agent/skills/languages/ocaml/META.yaml +2 -2
  496. package/.agent/skills/languages/ocaml/SKILL.md +1 -1
  497. package/.agent/skills/languages/perl/META.yaml +2 -2
  498. package/.agent/skills/languages/perl/SKILL.md +1 -1
  499. package/.agent/skills/languages/php/META.yaml +2 -2
  500. package/.agent/skills/languages/php/SKILL.md +1 -1
  501. package/.agent/skills/languages/python/META.yaml +2 -8
  502. package/.agent/skills/languages/python/SKILL.md +1 -1
  503. package/.agent/skills/languages/r/META.yaml +2 -2
  504. package/.agent/skills/languages/r/SKILL.md +1 -1
  505. package/.agent/skills/languages/ruby/META.yaml +2 -2
  506. package/.agent/skills/languages/ruby/SKILL.md +1 -1
  507. package/.agent/skills/languages/rust/META.yaml +2 -8
  508. package/.agent/skills/languages/rust/SKILL.md +1 -1
  509. package/.agent/skills/languages/scala/META.yaml +2 -2
  510. package/.agent/skills/languages/scala/SKILL.md +1 -1
  511. package/.agent/skills/languages/solidity/META.yaml +2 -2
  512. package/.agent/skills/languages/solidity/SKILL.md +1 -1
  513. package/.agent/skills/languages/swift/META.yaml +2 -2
  514. package/.agent/skills/languages/swift/SKILL.md +1 -1
  515. package/.agent/skills/languages/typescript/META.yaml +2 -8
  516. package/.agent/skills/languages/typescript/SKILL.md +1 -1
  517. package/.agent/skills/languages/zig/META.yaml +5 -7
  518. package/.agent/skills/languages/zig/SKILL.md +1 -1
  519. package/.agent/skills/tooling/api-protocols/META.yaml +102 -0
  520. package/.agent/skills/tooling/api-protocols/SKILL.md +145 -0
  521. package/.agent/skills/tooling/api-protocols/data/graphql-patterns.yaml +115 -0
  522. package/.agent/skills/tooling/api-protocols/data/grpc-patterns.yaml +101 -0
  523. package/.agent/skills/tooling/api-protocols/data/trpc-patterns.yaml +97 -0
  524. package/.agent/skills/tooling/browser-agent/ADVANCED.md +242 -0
  525. package/.agent/skills/tooling/browser-agent/META.yaml +78 -0
  526. package/.agent/skills/tooling/browser-agent/SKILL.md +164 -0
  527. package/.agent/skills/tooling/browser-agent/data/element-discovery.yaml +208 -0
  528. package/.agent/skills/tooling/browser-agent/data/recording-patterns.yaml +74 -0
  529. package/.agent/skills/tooling/browser-agent/data/reporting-patterns.yaml +97 -0
  530. package/.agent/skills/tooling/browser-agent/data/subagent-patterns.yaml +158 -0
  531. package/.agent/skills/tooling/browser-agent/data/verification-flow.yaml +209 -0
  532. package/.agent/skills/tooling/cli-dev/META.yaml +55 -0
  533. package/.agent/skills/tooling/cli-dev/SKILL.md +83 -0
  534. package/.agent/skills/tooling/cli-dev/data/frameworks.yaml +128 -0
  535. package/.agent/skills/tooling/cli-dev/data/output-formats.yaml +58 -0
  536. package/.agent/skills/tooling/cli-dev/data/ux-patterns.yaml +97 -0
  537. package/.agent/skills/tooling/ide-extension/META.yaml +72 -0
  538. package/.agent/skills/tooling/ide-extension/SKILL.md +108 -0
  539. package/.agent/skills/tooling/ide-extension/data/jetbrains-patterns.yaml +118 -0
  540. package/.agent/skills/tooling/ide-extension/data/lsp-patterns.yaml +126 -0
  541. package/.agent/skills/tooling/ide-extension/data/vscode-patterns.yaml +172 -0
  542. package/.agent/skills/tooling/mcp/META.yaml +80 -0
  543. package/.agent/skills/tooling/mcp/SKILL.md +114 -0
  544. package/.agent/skills/tooling/mcp/data/security.yaml +116 -0
  545. package/.agent/skills/tooling/mcp/data/tool-design.yaml +124 -0
  546. package/.agent/skills/tooling/mcp/data/transport-patterns.yaml +95 -0
  547. package/.agent/templates/README.md +2 -2
  548. package/.agent/templates/debug-report.md +1 -1
  549. package/.agent/templates/deploy-plan.md +1 -1
  550. package/.agent/templates/doc-template.md +1 -1
  551. package/.agent/templates/index.yaml +2 -2
  552. package/.agent/templates/migrate-plan.md +1 -1
  553. package/.agent/templates/phase-template.md +1 -1
  554. package/.agent/templates/tasks/audit.yaml +1 -1
  555. package/.agent/templates/tasks/bug_fix.yaml +1 -1
  556. package/.agent/templates/tasks/code_implementation.yaml +1 -1
  557. package/.agent/templates/tasks/refactor.yaml +1 -1
  558. package/.agent/templates/test-report.md +1 -1
  559. package/.agent/workflows/code.md +22 -1
  560. package/.agent/workflows/deploy.md +5 -1
  561. package/.agent/workflows/e2e.md +112 -0
  562. package/.agent/workflows/fix.md +1 -1
  563. package/.agent/workflows/prompt.md +325 -0
  564. package/.agent/workflows/scaffold.md +1 -1
  565. package/.agent/workflows/tdd.md +108 -0
  566. package/.agent/workflows/verify.md +116 -0
  567. package/.agent/workflows/visualize.md +50 -18
  568. package/dist/commands/add.d.ts.map +1 -1
  569. package/dist/commands/add.js +9 -1
  570. package/dist/commands/add.js.map +1 -1
  571. package/dist/commands/config.d.ts.map +1 -1
  572. package/dist/commands/config.js +24 -8
  573. package/dist/commands/config.js.map +1 -1
  574. package/dist/commands/hsa.d.ts.map +1 -1
  575. package/dist/commands/hsa.js +106 -20
  576. package/dist/commands/hsa.js.map +1 -1
  577. package/dist/commands/init.d.ts.map +1 -1
  578. package/dist/commands/init.js +65 -61
  579. package/dist/commands/init.js.map +1 -1
  580. package/dist/commands/install-core.d.ts +2 -1
  581. package/dist/commands/install-core.d.ts.map +1 -1
  582. package/dist/commands/install-core.js +43 -16
  583. package/dist/commands/install-core.js.map +1 -1
  584. package/dist/commands/install-helpers.d.ts.map +1 -1
  585. package/dist/commands/install-helpers.js +23 -2
  586. package/dist/commands/install-helpers.js.map +1 -1
  587. package/dist/commands/install-hsa.d.ts +2 -5
  588. package/dist/commands/install-hsa.d.ts.map +1 -1
  589. package/dist/commands/install-hsa.js +2 -5
  590. package/dist/commands/install-hsa.js.map +1 -1
  591. package/dist/commands/install.d.ts +27 -0
  592. package/dist/commands/install.d.ts.map +1 -1
  593. package/dist/commands/install.js +68 -20
  594. package/dist/commands/install.js.map +1 -1
  595. package/dist/commands/list.d.ts.map +1 -1
  596. package/dist/commands/list.js +2 -1
  597. package/dist/commands/list.js.map +1 -1
  598. package/dist/commands/mcp-registry.d.ts +24 -9
  599. package/dist/commands/mcp-registry.d.ts.map +1 -1
  600. package/dist/commands/mcp-registry.js +39 -57
  601. package/dist/commands/mcp-registry.js.map +1 -1
  602. package/dist/commands/mcp-writers.d.ts.map +1 -1
  603. package/dist/commands/mcp-writers.js +6 -5
  604. package/dist/commands/mcp-writers.js.map +1 -1
  605. package/dist/commands/mcp.d.ts +1 -1
  606. package/dist/commands/mcp.d.ts.map +1 -1
  607. package/dist/commands/mcp.js +37 -9
  608. package/dist/commands/mcp.js.map +1 -1
  609. package/dist/commands/update.d.ts.map +1 -1
  610. package/dist/commands/update.js +16 -6
  611. package/dist/commands/update.js.map +1 -1
  612. package/dist/constants/cursor-globs.d.ts.map +1 -1
  613. package/dist/constants/cursor-globs.js +0 -6
  614. package/dist/constants/cursor-globs.js.map +1 -1
  615. package/dist/constants/ide-install-specs.js +2 -2
  616. package/dist/constants.d.ts +3 -3
  617. package/dist/constants.d.ts.map +1 -1
  618. package/dist/constants.js +3 -3
  619. package/dist/constants.js.map +1 -1
  620. package/dist/index.d.ts.map +1 -1
  621. package/dist/index.js +1 -9
  622. package/dist/index.js.map +1 -1
  623. package/dist/types/ide-install.js +1 -1
  624. package/dist/utils/copy-helpers.d.ts +7 -2
  625. package/dist/utils/copy-helpers.d.ts.map +1 -1
  626. package/dist/utils/copy-helpers.js +56 -42
  627. package/dist/utils/copy-helpers.js.map +1 -1
  628. package/dist/utils/install-manifest.d.ts +12 -0
  629. package/dist/utils/install-manifest.d.ts.map +1 -0
  630. package/dist/utils/install-manifest.js +26 -0
  631. package/dist/utils/install-manifest.js.map +1 -0
  632. package/dist/utils/validation.d.ts.map +1 -1
  633. package/dist/utils/validation.js +31 -1
  634. package/dist/utils/validation.js.map +1 -1
  635. package/package.json +1 -1
  636. package/.agent/core/embeddings.json +0 -2004
  637. package/.agent/core/session_cache.json +0 -50
  638. package/.agent/skills/cross-cutting/aws/META.yaml +0 -75
  639. package/.agent/skills/cross-cutting/ci-cd/META.yaml +0 -60
  640. package/.agent/skills/cross-cutting/docker/META.yaml +0 -65
  641. package/.agent/skills/cross-cutting/kubernetes/META.yaml +0 -70
  642. package/.agent/skills/cross-cutting/ui-ux-pro-max/SKILL.md +0 -565
  643. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/charts.yaml +0 -331
  644. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/colors.yaml +0 -1226
  645. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/component-decision.yaml +0 -287
  646. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/component-mapping.yaml +0 -318
  647. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/design-tokens.yaml +0 -525
  648. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-animation.yaml +0 -232
  649. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-architecture.yaml +0 -140
  650. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/directory-structure.yaml +0 -75
  651. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/icons.yaml +0 -918
  652. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/implementation-strategy.yaml +0 -107
  653. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/landing.yaml +0 -372
  654. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/platform-frameworks.yaml +0 -195
  655. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/platform-guidelines.yaml +0 -177
  656. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/products.yaml +0 -1339
  657. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/prompts.yaml +0 -180
  658. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/react-performance.yaml +0 -504
  659. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/desktop.yaml +0 -228
  660. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/flutter.yaml +0 -508
  661. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/html-tailwind.yaml +0 -543
  662. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nextjs.yaml +0 -515
  663. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nuxt-ui.yaml +0 -519
  664. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nuxtjs.yaml +0 -599
  665. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/react-native.yaml +0 -496
  666. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/react.yaml +0 -526
  667. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/shadcn.yaml +0 -616
  668. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/svelte.yaml +0 -520
  669. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/swiftui.yaml +0 -486
  670. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/vue.yaml +0 -485
  671. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/styles.yaml +0 -1473
  672. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/typography.yaml +0 -647
  673. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/ui-reasoning.yaml +0 -1019
  674. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/ux-guidelines.yaml +0 -1009
  675. package/.agent/skills/cross-cutting/ui-ux-pro-max/data/web-interface.yaml +0 -347
  676. package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/core.cpython-310.pyc +0 -0
  677. package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/core.cpython-314.pyc +0 -0
  678. package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/design_system.cpython-314.pyc +0 -0
  679. package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/core.py +0 -393
  680. package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/core_legacy.py +0 -303
  681. package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/design_system.py +0 -496
  682. package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/search.py +0 -76
  683. package/.agent/skills/devops/aws/ADVANCED.md +0 -547
  684. package/.agent/skills/devops/aws/SKILL.md +0 -711
  685. package/.agent/skills/devops/ci-cd/ADVANCED.md +0 -529
  686. package/.agent/skills/devops/ci-cd/SKILL.md +0 -821
  687. package/.agent/skills/devops/docker/ADVANCED.md +0 -495
  688. package/.agent/skills/devops/docker/SKILL.md +0 -653
  689. package/.agent/skills/devops/kubernetes/ADVANCED.md +0 -252
  690. package/.agent/skills/devops/kubernetes/SKILL.md +0 -621
  691. /package/.agent/core/{ARCH_REGISTRY.yaml → reference/ARCH_REGISTRY.yaml} +0 -0
  692. /package/.agent/core/{BRANDING.yaml → reference/BRANDING.yaml} +0 -0
  693. /package/.agent/core/{HSA.yaml → reference/HSA.yaml} +0 -0
  694. /package/.agent/core/{TEMPLATES.yaml → reference/TEMPLATES.yaml} +0 -0
  695. /package/.agent/rules/{incremental-changes.md → archive/incremental-changes.md} +0 -0
  696. /package/.agent/rules/{shell-commands.md → archive/shell-commands.md} +0 -0
  697. /package/.agent/skills/{cross-cutting → devops}/aws/data/ai_ml.yaml +0 -0
  698. /package/.agent/skills/{cross-cutting → devops}/aws/data/compute.yaml +0 -0
  699. /package/.agent/skills/{cross-cutting → devops}/aws/data/kubernetes.yaml +0 -0
  700. /package/.agent/skills/{cross-cutting → devops}/aws/data/storage.yaml +0 -0
  701. /package/.agent/skills/{cross-cutting → devops}/ci-cd/data/github_actions.yaml +0 -0
  702. /package/.agent/skills/{cross-cutting → devops}/ci-cd/data/security.yaml +0 -0
  703. /package/.agent/skills/{cross-cutting → devops}/docker/data/build.yaml +0 -0
  704. /package/.agent/skills/{cross-cutting → devops}/docker/data/compose.yaml +0 -0
  705. /package/.agent/skills/{cross-cutting → devops}/docker/data/security.yaml +0 -0
  706. /package/.agent/skills/{cross-cutting → devops}/kubernetes/data/networking.yaml +0 -0
  707. /package/.agent/skills/{cross-cutting → devops}/kubernetes/data/scheduling.yaml +0 -0
  708. /package/.agent/skills/{cross-cutting → devops}/kubernetes/data/security.yaml +0 -0
  709. /package/.agent/skills/{cross-cutting → devops}/kubernetes/data/workloads.yaml +0 -0
package/.agent/skills/core/security/data/language-specific/swift-security.yaml CHANGED
@@ -1,198 +1,198 @@
1
1
  metadata:
2
2
  skill: security
3
3
  domain: swift_security
4
- version: 6.2.0
5
- updated: '2026-02-05'
6
- migrated_from: swift-security.csv
4
+ version: 6.2.1
5
+ updated: "2026-02-05"
6
+ migrated_from: swift-security.yaml
7
7
  patterns_count: 20
8
8
  columns:
9
- - id
10
- - name
11
- - severity
12
- - category
13
- - description
14
- - detection_pattern
15
- - fix_pattern
16
- - cwe
17
- - example_code
9
+ - id
10
+ - name
11
+ - severity
12
+ - category
13
+ - description
14
+ - detection_pattern
15
+ - fix_pattern
16
+ - cwe
17
+ - example_code
18
18
  patterns:
19
- - id: SW-01
20
- name: Keychain Without ACL
21
- severity: HIGH
22
- category: iOS
23
- description: Keychain item without biometric protection
24
- detection_pattern: kSecAttrAccessible(?!.*kSecAccessControl)
25
- fix_pattern: Use kSecAccessControlBiometryAny for sensitive data
26
- cwe: CWE-522
27
- example_code: // Weak\nkSecAttrAccessibleWhenUnlocked\n// SAFE\nSecAccessControlCreateWithFlags(nil, .biometryAny, ...)
28
- - id: SW-02
29
- name: ATS Bypass Domain
30
- severity: HIGH
31
- category: iOS
32
- description: App Transport Security disabled for domain
33
- detection_pattern: NSExceptionDomains|NSAllowsArbitraryLoads
34
- fix_pattern: Avoid ATS exceptions or whitelist specific domains only
35
- cwe: CWE-319
36
- example_code: '// Insecure\n<key>NSAllowsArbitraryLoads</key><true/>\n// SAFE: Use HTTPS only'
37
- - id: SW-03
38
- name: Hardcoded Credentials
39
- severity: CRITICAL
40
- category: iOS
41
- description: API key or password in source code
42
- detection_pattern: (apiKey|password|secret)\\s*=\\s*\[^\"]+\""
43
- fix_pattern: Use Keychain or environment variables
44
- cwe: CWE-798
45
- example_code: '// Exposed\nlet apiKey = \sk-1234567890\"\n// SAFE: Keychain or .xcconfig"'
46
- - id: SW-04
47
- name: Jailbreak Detection Weak
48
- severity: MEDIUM
49
- category: iOS
50
- description: Simple jailbreak check easily bypassed
51
- detection_pattern: fileExists.*cydia|canOpenURL.*cydia
52
- fix_pattern: Use multiple detection methods and obfuscate
53
- cwe: CWE-693
54
- example_code: '// Weak\nFileManager.default.fileExists(atPath: \/Applications/Cydia.app\")\n// SAFE: Multiple checks + native code"'
55
- - id: SW-05
56
- name: UserDefaults Sensitive
57
- severity: HIGH
58
- category: iOS
59
- description: Sensitive data in unencrypted UserDefaults
60
- detection_pattern: UserDefaults.*password|token|secret
61
- fix_pattern: Use Keychain for sensitive data
62
- cwe: CWE-312
63
- example_code: '// Unencrypted\nUserDefaults.standard.set(token, forKey: \token\")\n// SAFE: Keychain"'
64
- - id: SW-06
65
- name: URLSession No Pin
66
- severity: HIGH
67
- category: iOS
68
- description: URLSession without certificate pinning
69
- detection_pattern: URLSession(?!.*urlSession.*didReceive.*challenge)
70
- fix_pattern: Implement certificate pinning delegate
71
- cwe: CWE-295
72
- example_code: '// No pinning\nURLSession.shared.dataTask(...)\n// SAFE: Custom session with pinning'
73
- - id: SW-07
74
- name: WebView WKWebView JS
75
- severity: HIGH
76
- category: iOS
77
- description: WKWebView with unsafe JavaScript bridge
78
- detection_pattern: WKScriptMessageHandler|evaluateJavaScript.*\\+
79
- fix_pattern: Validate JavaScript input/output strictly
80
- cwe: CWE-79
81
- example_code: '// XSS risk\nwebView.evaluateJavaScript(userScript)\n// SAFE: Whitelist commands'
82
- - id: SW-08
83
- name: Biometric No Domain
84
- severity: MEDIUM
85
- category: iOS
86
- description: LAContext without kSecUseAuthenticationContext
87
- detection_pattern: evaluatePolicy(?!.*kSecUseAuthenticationContext)
88
- fix_pattern: Use domainState to detect biometric changes
89
- cwe: CWE-287
90
- example_code: '// Bypassed if fingerprint changed\ncontext.evaluatePolicy(.biometricOnly)\n// SAFE: Check domainState'
91
- - id: SW-09
92
- name: Pasteboard Leak
93
- severity: MEDIUM
94
- category: iOS
95
- description: Sensitive data copied to pasteboard persists
96
- detection_pattern: UIPasteboard.*setString|copiedText.*password
97
- fix_pattern: Clear pasteboard after short timeout
98
- cwe: CWE-200
99
- example_code: '// Persists\nUIPasteboard.general.string = password\n// SAFE: Clear after 30 seconds'
100
- - id: SW-10
101
- name: URL Scheme Hijack
102
- severity: HIGH
103
- category: iOS
104
- description: Custom URL scheme without source validation
105
- detection_pattern: openURL\\(.*\\)|application.*openURL(?!.*sourceApplication)
106
- fix_pattern: Validate source application and URL parameters
107
- cwe: CWE-601
108
- example_code: '// Hijackable\nfunc application(_ app: UIApplication, open url: URL)\n// SAFE: Validate sourceApplication'
109
- - id: SW-11
110
- name: Screenshot Capture
111
- severity: MEDIUM
112
- category: iOS
113
- description: Sensitive view not hidden on background
114
- detection_pattern: applicationWillResignActive(?!.*blur|hide)
115
- fix_pattern: Blur or hide sensitive content on backgrounding
116
- cwe: CWE-200
117
- example_code: '// Visible in task switcher\nfunc applicationWillResignActive(_:) {}\n// SAFE: Add blur overlay'
118
- - id: SW-12
119
- name: Swift Concurrency Race
120
- severity: HIGH
121
- category: Concurrency
122
- description: Actor state accessed from nonisolated context
123
- detection_pattern: nonisolated.*self\\.|Task\\s*\\{.*self\\.(?!await)
124
- fix_pattern: Use MainActor or proper isolation
125
- cwe: CWE-362
126
- example_code: '// Race condition\nnonisolated func update() { self.state = new }\n// SAFE: @MainActor'
127
- - id: SW-13
128
- name: Unowned Crash
129
- severity: HIGH
130
- category: Memory
131
- description: unowned reference accessed after deallocation
132
- detection_pattern: unowned\\s+(var|let)(?!.*\\[weak\\])
133
- fix_pattern: Use weak with guard instead of unowned
134
- cwe: CWE-416
135
- example_code: '// Crash\nunowned let delegate: Delegate\n// SAFE\nweak var delegate: Delegate?'
136
- - id: SW-14
137
- name: Force Unwrap Optional
138
- severity: MEDIUM
139
- category: Memory
140
- description: Force unwrap ! on optional can crash
141
- detection_pattern: \\!(?!.*guard|if\\s+let)
142
- fix_pattern: Use guard let or if let with fallback
143
- cwe: CWE-476
144
- example_code: // Crash\nlet value = optional!\n// SAFE\nguard let value = optional else { return }
145
- - id: SW-15
146
- name: Crypto Deprecated
147
- severity: HIGH
148
- category: Crypto
149
- description: Using deprecated Security.framework APIs
150
- detection_pattern: SecKeyEncrypt|CC_MD5|SecTransform
151
- fix_pattern: Use CryptoKit for modern encryption
152
- cwe: CWE-327
153
- example_code: '// Deprecated\nCC_MD5(data, len, digest)\n// SAFE\nCryptoKit.SHA256.hash(data: data)'
154
- - id: SW-16
155
- name: CoreData No Encryption
156
- severity: HIGH
157
- category: iOS
158
- description: CoreData store without file protection
159
- detection_pattern: NSSQLiteStoreType(?!.*NSFileProtection)
160
- fix_pattern: Enable NSFileProtectionComplete
161
- cwe: CWE-311
162
- example_code: '// Unencrypted\nNSSQLiteStoreType\n// SAFE: Add NSPersistentStoreFileProtectionKey: .complete'
163
- - id: SW-17
164
- name: Notification Payload
165
- severity: MEDIUM
166
- category: iOS
167
- description: Sensitive data in push notification payload
168
- detection_pattern: UNNotificationContent.*body.*secret|password
169
- fix_pattern: Avoid sensitive data in notifications
170
- cwe: CWE-200
171
- example_code: '// Exposed\ncontent.body = \Your OTP is \\(otp)\"\n// SAFE: Use silent push and fetch from server"'
172
- - id: SW-18
173
- name: Debug Build Leak
174
- severity: LOW
175
- category: iOS
176
- description: Debug assertions compiled in release
177
- detection_pattern: '#if DEBUG(?!.*#endif)|assert\\(.*DEBUG)'
178
- fix_pattern: Ensure assertions stripped in release
179
- cwe: CWE-215
180
- example_code: '// Left in release\nassert(isValid())\n// SAFE: Use #if DEBUG properly'
181
- - id: SW-19
182
- name: Sendable Violation
183
- severity: HIGH
184
- category: Concurrency
185
- description: Non-Sendable type across actor boundary
186
- detection_pattern: Task\\s*\\{.*capture.*(?!Sendable)
187
- fix_pattern: Mark types as Sendable or use @unchecked carefully
188
- cwe: CWE-362
189
- example_code: '// Data race\nTask { self.mutableArray.append() }\n// SAFE: Make Sendable or copy'
190
- - id: SW-20
191
- name: Path Traversal Bundle
192
- severity: HIGH
193
- category: iOS
194
- description: User path accessing outside app bundle
195
- detection_pattern: Bundle\\.main\\.path.*\\+.*user|URL.*appendingPathComponent.*params
196
- fix_pattern: Validate paths stay within allowed directories
197
- cwe: CWE-22
198
- example_code: '// Traversal\nBundle.main.path(forResource: userInput, ofType: nil)\n// SAFE: Validate and sanitize'
19
+ - id: SW-01
20
+ name: Keychain Without ACL
21
+ severity: HIGH
22
+ category: iOS
23
+ description: Keychain item without biometric protection
24
+ detection_pattern: kSecAttrAccessible(?!.*kSecAccessControl)
25
+ fix_pattern: Use kSecAccessControlBiometryAny for sensitive data
26
+ cwe: CWE-522
27
+ example_code: // Weak\nkSecAttrAccessibleWhenUnlocked\n// SAFE\nSecAccessControlCreateWithFlags(nil, .biometryAny, ...)
28
+ - id: SW-02
29
+ name: ATS Bypass Domain
30
+ severity: HIGH
31
+ category: iOS
32
+ description: App Transport Security disabled for domain
33
+ detection_pattern: NSExceptionDomains|NSAllowsArbitraryLoads
34
+ fix_pattern: Avoid ATS exceptions or whitelist specific domains only
35
+ cwe: CWE-319
36
+ example_code: '// Insecure\n<key>NSAllowsArbitraryLoads</key><true/>\n// SAFE: Use HTTPS only'
37
+ - id: SW-03
38
+ name: Hardcoded Credentials
39
+ severity: CRITICAL
40
+ category: iOS
41
+ description: API key or password in source code
42
+ detection_pattern: (apiKey|password|secret)\\s*=\\s*\[^\"]+\""
43
+ fix_pattern: Use Keychain or environment variables
44
+ cwe: CWE-798
45
+ example_code: '// Exposed\nlet apiKey = \sk-1234567890\"\n// SAFE: Keychain or .xcconfig"'
46
+ - id: SW-04
47
+ name: Jailbreak Detection Weak
48
+ severity: MEDIUM
49
+ category: iOS
50
+ description: Simple jailbreak check easily bypassed
51
+ detection_pattern: fileExists.*cydia|canOpenURL.*cydia
52
+ fix_pattern: Use multiple detection methods and obfuscate
53
+ cwe: CWE-693
54
+ example_code: '// Weak\nFileManager.default.fileExists(atPath: \/Applications/Cydia.app\")\n// SAFE: Multiple checks + native code"'
55
+ - id: SW-05
56
+ name: UserDefaults Sensitive
57
+ severity: HIGH
58
+ category: iOS
59
+ description: Sensitive data in unencrypted UserDefaults
60
+ detection_pattern: UserDefaults.*password|token|secret
61
+ fix_pattern: Use Keychain for sensitive data
62
+ cwe: CWE-312
63
+ example_code: '// Unencrypted\nUserDefaults.standard.set(token, forKey: \token\")\n// SAFE: Keychain"'
64
+ - id: SW-06
65
+ name: URLSession No Pin
66
+ severity: HIGH
67
+ category: iOS
68
+ description: URLSession without certificate pinning
69
+ detection_pattern: URLSession(?!.*urlSession.*didReceive.*challenge)
70
+ fix_pattern: Implement certificate pinning delegate
71
+ cwe: CWE-295
72
+ example_code: '// No pinning\nURLSession.shared.dataTask(...)\n// SAFE: Custom session with pinning'
73
+ - id: SW-07
74
+ name: WebView WKWebView JS
75
+ severity: HIGH
76
+ category: iOS
77
+ description: WKWebView with unsafe JavaScript bridge
78
+ detection_pattern: WKScriptMessageHandler|evaluateJavaScript.*\\+
79
+ fix_pattern: Validate JavaScript input/output strictly
80
+ cwe: CWE-79
81
+ example_code: '// XSS risk\nwebView.evaluateJavaScript(userScript)\n// SAFE: Whitelist commands'
82
+ - id: SW-08
83
+ name: Biometric No Domain
84
+ severity: MEDIUM
85
+ category: iOS
86
+ description: LAContext without kSecUseAuthenticationContext
87
+ detection_pattern: evaluatePolicy(?!.*kSecUseAuthenticationContext)
88
+ fix_pattern: Use domainState to detect biometric changes
89
+ cwe: CWE-287
90
+ example_code: '// Bypassed if fingerprint changed\ncontext.evaluatePolicy(.biometricOnly)\n// SAFE: Check domainState'
91
+ - id: SW-09
92
+ name: Pasteboard Leak
93
+ severity: MEDIUM
94
+ category: iOS
95
+ description: Sensitive data copied to pasteboard persists
96
+ detection_pattern: UIPasteboard.*setString|copiedText.*password
97
+ fix_pattern: Clear pasteboard after short timeout
98
+ cwe: CWE-200
99
+ example_code: '// Persists\nUIPasteboard.general.string = password\n// SAFE: Clear after 30 seconds'
100
+ - id: SW-10
101
+ name: URL Scheme Hijack
102
+ severity: HIGH
103
+ category: iOS
104
+ description: Custom URL scheme without source validation
105
+ detection_pattern: openURL\\(.*\\)|application.*openURL(?!.*sourceApplication)
106
+ fix_pattern: Validate source application and URL parameters
107
+ cwe: CWE-601
108
+ example_code: '// Hijackable\nfunc application(_ app: UIApplication, open url: URL)\n// SAFE: Validate sourceApplication'
109
+ - id: SW-11
110
+ name: Screenshot Capture
111
+ severity: MEDIUM
112
+ category: iOS
113
+ description: Sensitive view not hidden on background
114
+ detection_pattern: applicationWillResignActive(?!.*blur|hide)
115
+ fix_pattern: Blur or hide sensitive content on backgrounding
116
+ cwe: CWE-200
117
+ example_code: '// Visible in task switcher\nfunc applicationWillResignActive(_:) {}\n// SAFE: Add blur overlay'
118
+ - id: SW-12
119
+ name: Swift Concurrency Race
120
+ severity: HIGH
121
+ category: Concurrency
122
+ description: Actor state accessed from nonisolated context
123
+ detection_pattern: nonisolated.*self\\.|Task\\s*\\{.*self\\.(?!await)
124
+ fix_pattern: Use MainActor or proper isolation
125
+ cwe: CWE-362
126
+ example_code: '// Race condition\nnonisolated func update() { self.state = new }\n// SAFE: @MainActor'
127
+ - id: SW-13
128
+ name: Unowned Crash
129
+ severity: HIGH
130
+ category: Memory
131
+ description: unowned reference accessed after deallocation
132
+ detection_pattern: unowned\\s+(var|let)(?!.*\\[weak\\])
133
+ fix_pattern: Use weak with guard instead of unowned
134
+ cwe: CWE-416
135
+ example_code: '// Crash\nunowned let delegate: Delegate\n// SAFE\nweak var delegate: Delegate?'
136
+ - id: SW-14
137
+ name: Force Unwrap Optional
138
+ severity: MEDIUM
139
+ category: Memory
140
+ description: Force unwrap ! on optional can crash
141
+ detection_pattern: \\!(?!.*guard|if\\s+let)
142
+ fix_pattern: Use guard let or if let with fallback
143
+ cwe: CWE-476
144
+ example_code: // Crash\nlet value = optional!\n// SAFE\nguard let value = optional else { return }
145
+ - id: SW-15
146
+ name: Crypto Deprecated
147
+ severity: HIGH
148
+ category: Crypto
149
+ description: Using deprecated Security.framework APIs
150
+ detection_pattern: SecKeyEncrypt|CC_MD5|SecTransform
151
+ fix_pattern: Use CryptoKit for modern encryption
152
+ cwe: CWE-327
153
+ example_code: '// Deprecated\nCC_MD5(data, len, digest)\n// SAFE\nCryptoKit.SHA256.hash(data: data)'
154
+ - id: SW-16
155
+ name: CoreData No Encryption
156
+ severity: HIGH
157
+ category: iOS
158
+ description: CoreData store without file protection
159
+ detection_pattern: NSSQLiteStoreType(?!.*NSFileProtection)
160
+ fix_pattern: Enable NSFileProtectionComplete
161
+ cwe: CWE-311
162
+ example_code: '// Unencrypted\nNSSQLiteStoreType\n// SAFE: Add NSPersistentStoreFileProtectionKey: .complete'
163
+ - id: SW-17
164
+ name: Notification Payload
165
+ severity: MEDIUM
166
+ category: iOS
167
+ description: Sensitive data in push notification payload
168
+ detection_pattern: UNNotificationContent.*body.*secret|password
169
+ fix_pattern: Avoid sensitive data in notifications
170
+ cwe: CWE-200
171
+ example_code: '// Exposed\ncontent.body = \Your OTP is \\(otp)\"\n// SAFE: Use silent push and fetch from server"'
172
+ - id: SW-18
173
+ name: Debug Build Leak
174
+ severity: LOW
175
+ category: iOS
176
+ description: Debug assertions compiled in release
177
+ detection_pattern: '#if DEBUG(?!.*#endif)|assert\\(.*DEBUG)'
178
+ fix_pattern: Ensure assertions stripped in release
179
+ cwe: CWE-215
180
+ example_code: '// Left in release\nassert(isValid())\n// SAFE: Use #if DEBUG properly'
181
+ - id: SW-19
182
+ name: Sendable Violation
183
+ severity: HIGH
184
+ category: Concurrency
185
+ description: Non-Sendable type across actor boundary
186
+ detection_pattern: Task\\s*\\{.*capture.*(?!Sendable)
187
+ fix_pattern: Mark types as Sendable or use @unchecked carefully
188
+ cwe: CWE-362
189
+ example_code: '// Data race\nTask { self.mutableArray.append() }\n// SAFE: Make Sendable or copy'
190
+ - id: SW-20
191
+ name: Path Traversal Bundle
192
+ severity: HIGH
193
+ category: iOS
194
+ description: User path accessing outside app bundle
195
+ detection_pattern: Bundle\\.main\\.path.*\\+.*user|URL.*appendingPathComponent.*params
196
+ fix_pattern: Validate paths stay within allowed directories
197
+ cwe: CWE-22
198
+ example_code: '// Traversal\nBundle.main.path(forResource: userInput, ofType: nil)\n// SAFE: Validate and sanitize'