npm - @nockdev/awf - Versions diffs - 6.2.0 - Mend

@nockdev/awf 6.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (727) hide show

package/.agent/build.yaml +178 -0
package/.agent/config.yaml +235 -0
package/.agent/core/ACTIVE_MEMORY.yaml +344 -0
package/.agent/core/ARCH_REGISTRY.yaml +252 -0
package/.agent/core/AUDIT_POLICY.md +68 -0
package/.agent/core/BRANDING.yaml +185 -0
package/.agent/core/CACHE.md +59 -0
package/.agent/core/CHECKPOINT.yaml +153 -0
package/.agent/core/CLEANUP_ENGINE.yaml +326 -0
package/.agent/core/CODING_STYLES.yaml +346 -0
package/.agent/core/COMMANDS.md +93 -0
package/.agent/core/CONTEXT_INJECTOR.yaml +325 -0
package/.agent/core/CONTEXT_LOADER.yaml +323 -0
package/.agent/core/CONTEXT_OPTIMIZATION.yaml +286 -0
package/.agent/core/CONTEXT_PRIORITY.yaml +357 -0
package/.agent/core/CUSTOMIZE.md +138 -0
package/.agent/core/DATA_SAFETY.md +92 -0
package/.agent/core/FLOW_ENGINE.yaml +300 -0
package/.agent/core/GRAPH_MEMORY.yaml +420 -0
package/.agent/core/HSA.yaml +357 -0
package/.agent/core/HYBRID_ROUTER.yaml +346 -0
package/.agent/core/INTENT_DETECTION.yaml +384 -0
package/.agent/core/LIBRARY_REGISTRY.yaml +401 -0
package/.agent/core/MCP_TOOLS.yaml +414 -0
package/.agent/core/MEMORY_CONSOLIDATION.yaml +352 -0
package/.agent/core/MEMORY_ENGINE.yaml +353 -0
package/.agent/core/MEMORY_PATHS.yaml +79 -0
package/.agent/core/MEMORY_UTILS.yaml +212 -0
package/.agent/core/PATTERNS.yaml +319 -0
package/.agent/core/PERMISSIONS.md +100 -0
package/.agent/core/README.md +91 -0
package/.agent/core/REFLECTION_ENGINE.yaml +348 -0
package/.agent/core/ROUTER.yaml +424 -0
package/.agent/core/SCORING_FORMULA.yaml +103 -0
package/.agent/core/SEMANTIC_ENGINE.yaml +162 -0
package/.agent/core/SKILLS_FLOW.yaml +341 -0
package/.agent/core/SKILL_SCHEMA.yaml +266 -0
package/.agent/core/STATE_MACHINE.yaml +409 -0
package/.agent/core/SUMMARIZATION_ENGINE.yaml +258 -0
package/.agent/core/TEMPLATES.yaml +364 -0
package/.agent/core/TOKEN_BUDGETS.yaml +157 -0
package/.agent/core/TOKEN_LOADING.yaml +197 -0
package/.agent/core/TOKEN_SUMMARY.yaml +121 -0
package/.agent/core/VERSION.yaml +240 -0
package/.agent/core/embeddings.json +2004 -0
package/.agent/core/session_cache.json +50 -0
package/.agent/i18n/README.md +30 -0
package/.agent/i18n/en.yaml +302 -0
package/.agent/i18n/vi.yaml +302 -0
package/.agent/ide/README.md +47 -0
package/.agent/ide/amazonq.json +35 -0
package/.agent/ide/amp.json +35 -0
package/.agent/ide/antigravity.json +47 -0
package/.agent/ide/augment.json +35 -0
package/.agent/ide/claude.json +42 -0
package/.agent/ide/cline.json +34 -0
package/.agent/ide/codex.json +37 -0
package/.agent/ide/cody.json +35 -0
package/.agent/ide/continue.json +35 -0
package/.agent/ide/cursor.json +42 -0
package/.agent/ide/gemini.json +46 -0
package/.agent/ide/jetbrains.json +35 -0
package/.agent/ide/kiro.json +35 -0
package/.agent/ide/opencode.json +35 -0
package/.agent/ide/roo.json +35 -0
package/.agent/ide/tabnine.json +35 -0
package/.agent/ide/trae.json +35 -0
package/.agent/ide/vscode.json +34 -0
package/.agent/ide/windsurf.json +56 -0
package/.agent/ide/zed.json +36 -0
package/.agent/manifest.yaml +416 -0
package/.agent/memory/README.md +148 -0
package/.agent/memory/active_memories.json +35 -0
package/.agent/memory/archive/.gitkeep +0 -0
package/.agent/memory/audit_summary.json +58 -0
package/.agent/memory/cleanup_log.json +34 -0
package/.agent/memory/consolidated.md +75 -0
package/.agent/memory/core_memory/persona.json +30 -0
package/.agent/memory/core_memory/project.json +25 -0
package/.agent/memory/core_memory/rules.json +29 -0
package/.agent/memory/core_memory/user.json +24 -0
package/.agent/memory/decisions.md +40 -0
package/.agent/memory/graph/knowledge_graph.json +12 -0
package/.agent/memory/insights.md +52 -0
package/.agent/memory/metrics.json +48 -0
package/.agent/memory/patterns/errors.json +11 -0
package/.agent/memory/patterns/successes.json +10 -0
package/.agent/memory/session.md +64 -0
package/.agent/memory/session_rules.json +19 -0
package/.agent/memory/state.json +81 -0
package/.agent/memory/vectors/README.md +129 -0
package/.agent/personas/README.md +180 -0
package/.agent/personas/architect.md +186 -0
package/.agent/personas/auditor.md +222 -0
package/.agent/personas/debugger.md +210 -0
package/.agent/personas/developer.md +183 -0
package/.agent/personas/devops.md +268 -0
package/.agent/personas/documenter.md +262 -0
package/.agent/personas/orchestrator.md +240 -0
package/.agent/personas/persona.schema.yaml +209 -0
package/.agent/personas/planner.md +171 -0
package/.agent/personas/researcher.md +194 -0
package/.agent/personas/security.md +212 -0
package/.agent/personas/tester.md +247 -0
package/.agent/rules/README.md +231 -0
package/.agent/rules/SACRED_RULES.xml +142 -0
package/.agent/rules/constitutional/tier-0-core.yaml +182 -0
package/.agent/rules/constitutional/tier-1-safety.yaml +272 -0
package/.agent/rules/constitutional/tier-2-execution.yaml +294 -0
package/.agent/rules/data/build-systems.yaml +126 -0
package/.agent/rules/data/quality-standards.json +59 -0
package/.agent/rules/duplication-prevention.md +138 -0
package/.agent/rules/incremental-changes.md +146 -0
package/.agent/rules/modules/context-management.yaml +158 -0
package/.agent/rules/modules/edit-verification.yaml +197 -0
package/.agent/rules/modules/evidence.yaml +185 -0
package/.agent/rules/modules/git-workflow.yaml +165 -0
package/.agent/rules/modules/language.yaml +155 -0
package/.agent/rules/modules/online-research.yaml +192 -0
package/.agent/rules/modules/quality.yaml +185 -0
package/.agent/rules/modules/reflection.yaml +209 -0
package/.agent/rules/modules/stop-conditions.yaml +196 -0
package/.agent/rules/modules/terminal-safety.yaml +229 -0
package/.agent/rules/modules/versioning.yaml +97 -0
package/.agent/rules/modules/yagni.yaml +167 -0
package/.agent/rules/project-detection.md +317 -0
package/.agent/rules/prompt-injection-guard.md +260 -0
package/.agent/rules/shell-commands.md +210 -0
package/.agent/rules/validation-framework.md +189 -0
package/.agent/skills/DEVELOPMENT.yaml +226 -0
package/.agent/skills/README.md +69 -0
package/.agent/skills/_categories.yaml +145 -0
package/.agent/skills/_router.yaml +232 -0
package/.agent/skills/core/_index.yaml +12 -0
package/.agent/skills/core/api-design/META.yaml +64 -0
package/.agent/skills/core/api-design/SKILL.md +169 -0
package/.agent/skills/core/api-design/data/api-versioning.yaml +217 -0
package/.agent/skills/core/api-design/data/error-responses.yaml +135 -0
package/.agent/skills/core/api-design/data/graphql-patterns.yaml +165 -0
package/.agent/skills/core/api-design/data/grpc-patterns.yaml +165 -0
package/.agent/skills/core/api-design/data/http-status-codes.yaml +176 -0
package/.agent/skills/core/api-design/data/pagination.yaml +121 -0
package/.agent/skills/core/api-design/data/rate-limiting.yaml +135 -0
package/.agent/skills/core/api-design/data/rest-patterns.yaml +195 -0
package/.agent/skills/core/api-design/data/test-apis.yaml +217 -0
package/.agent/skills/core/authentication/META.yaml +73 -0
package/.agent/skills/core/authentication/SKILL.md +166 -0
package/.agent/skills/core/authentication/data/anti-patterns.yaml +135 -0
package/.agent/skills/core/authentication/data/core-patterns.yaml +256 -0
package/.agent/skills/core/authentication/data/jwt-patterns.yaml +255 -0
package/.agent/skills/core/authentication/data/language-csharp.yaml +215 -0
package/.agent/skills/core/authentication/data/language-go.yaml +215 -0
package/.agent/skills/core/authentication/data/language-java.yaml +215 -0
package/.agent/skills/core/authentication/data/language-mobile.yaml +215 -0
package/.agent/skills/core/authentication/data/language-python.yaml +215 -0
package/.agent/skills/core/authentication/data/language-rust.yaml +215 -0
package/.agent/skills/core/authentication/data/language-typescript.yaml +215 -0
package/.agent/skills/core/authentication/data/mfa-patterns.yaml +175 -0
package/.agent/skills/core/authentication/data/oauth-patterns.yaml +255 -0
package/.agent/skills/core/authentication/data/oauth.yaml +248 -0
package/.agent/skills/core/authentication/data/passkeys-webauthn.yaml +215 -0
package/.agent/skills/core/authentication/data/passkeys.yaml +208 -0
package/.agent/skills/core/authentication/data/password-patterns.yaml +175 -0
package/.agent/skills/core/authentication/data/password.yaml +168 -0
package/.agent/skills/core/authentication/data/session-patterns.yaml +215 -0
package/.agent/skills/core/error-handling/META.yaml +71 -0
package/.agent/skills/core/error-handling/SKILL.md +156 -0
package/.agent/skills/core/error-handling/data/anti-patterns.yaml +105 -0
package/.agent/skills/core/error-handling/data/api-error-patterns.yaml +135 -0
package/.agent/skills/core/error-handling/data/core-patterns.yaml +226 -0
package/.agent/skills/core/error-handling/data/error-codes.yaml +165 -0
package/.agent/skills/core/error-handling/data/error-messages.yaml +165 -0
package/.agent/skills/core/error-handling/data/language-c-cpp.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-go-rust.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-python-java.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-swift-kotlin.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-typescript-php-ruby.yaml +226 -0
package/.agent/skills/core/error-handling/data/resilience-patterns.yaml +191 -0
package/.agent/skills/core/error-handling/data/ui-error-patterns.yaml +135 -0
package/.agent/skills/core/logging/META.yaml +73 -0
package/.agent/skills/core/logging/SKILL.md +184 -0
package/.agent/skills/core/logging/data/aggregation-patterns.yaml +191 -0
package/.agent/skills/core/logging/data/anti-patterns.yaml +121 -0
package/.agent/skills/core/logging/data/core-patterns.yaml +226 -0
package/.agent/skills/core/logging/data/language-csharp.yaml +191 -0
package/.agent/skills/core/logging/data/language-go.yaml +191 -0
package/.agent/skills/core/logging/data/language-java.yaml +191 -0
package/.agent/skills/core/logging/data/language-kotlin.yaml +156 -0
package/.agent/skills/core/logging/data/language-others.yaml +184 -0
package/.agent/skills/core/logging/data/language-python.yaml +191 -0
package/.agent/skills/core/logging/data/language-rust.yaml +191 -0
package/.agent/skills/core/logging/data/language-swift.yaml +156 -0
package/.agent/skills/core/logging/data/language-typescript.yaml +191 -0
package/.agent/skills/core/logging/data/otel-logging.yaml +156 -0
package/.agent/skills/core/observability/META.yaml +76 -0
package/.agent/skills/core/observability/SKILL.md +153 -0
package/.agent/skills/core/observability/data/alerting-patterns.yaml +165 -0
package/.agent/skills/core/observability/data/anti-patterns.yaml +105 -0
package/.agent/skills/core/observability/data/core-patterns.yaml +195 -0
package/.agent/skills/core/observability/data/language-cpp.yaml +165 -0
package/.agent/skills/core/observability/data/language-csharp.yaml +165 -0
package/.agent/skills/core/observability/data/language-go.yaml +165 -0
package/.agent/skills/core/observability/data/language-java.yaml +165 -0
package/.agent/skills/core/observability/data/language-others.yaml +255 -0
package/.agent/skills/core/observability/data/language-python.yaml +165 -0
package/.agent/skills/core/observability/data/language-rust.yaml +165 -0
package/.agent/skills/core/observability/data/language-typescript.yaml +165 -0
package/.agent/skills/core/observability/data/metrics-patterns.yaml +135 -0
package/.agent/skills/core/observability/data/metrics-prometheus.yaml +165 -0
package/.agent/skills/core/observability/data/otel-core.yaml +195 -0
package/.agent/skills/core/observability/data/profiling-patterns.yaml +135 -0
package/.agent/skills/core/observability/data/tracing-patterns.yaml +165 -0
package/.agent/skills/core/observability/data/tracing-tools.yaml +135 -0
package/.agent/skills/core/security/ADVANCED.md +269 -0
package/.agent/skills/core/security/META.yaml +97 -0
package/.agent/skills/core/security/SKILL.md +234 -0
package/.agent/skills/core/security/data/ai-ml-security.yaml +261 -0
package/.agent/skills/core/security/data/api-security.yaml +230 -0
package/.agent/skills/core/security/data/auth-patterns.yaml +195 -0
package/.agent/skills/core/security/data/binary-exploitation.yaml +339 -0
package/.agent/skills/core/security/data/cloud-security.yaml +269 -0
package/.agent/skills/core/security/data/cwe-top25.yaml +415 -0
package/.agent/skills/core/security/data/language-specific/c-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/cpp-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/csharp-security.yaml +219 -0
package/.agent/skills/core/security/data/language-specific/go-security.yaml +219 -0
package/.agent/skills/core/security/data/language-specific/java-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/kotlin-security.yaml +198 -0
package/.agent/skills/core/security/data/language-specific/php-security.yaml +219 -0
package/.agent/skills/core/security/data/language-specific/python-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/ruby-security.yaml +198 -0
package/.agent/skills/core/security/data/language-specific/rust-security.yaml +240 -0
package/.agent/skills/core/security/data/language-specific/solidity-security.yaml +369 -0
package/.agent/skills/core/security/data/language-specific/swift-security.yaml +198 -0
package/.agent/skills/core/security/data/language-specific/typescript-security.yaml +295 -0
package/.agent/skills/core/security/data/mobile-security.yaml +369 -0
package/.agent/skills/core/security/data/network-security.yaml +297 -0
package/.agent/skills/core/security/data/owasp-top10.yaml +171 -0
package/.agent/skills/core/security/data/reverse-engineering.yaml +497 -0
package/.agent/skills/core/security/data/supply-chain.yaml +219 -0
package/.agent/skills/cross-cutting/_index.yaml +15 -0
package/.agent/skills/cross-cutting/audit-pro/META.yaml +43 -0
package/.agent/skills/cross-cutting/audit-pro/data/checklists.yaml +644 -0
package/.agent/skills/cross-cutting/audit-pro/data/scoring.yaml +101 -0
package/.agent/skills/cross-cutting/aws/META.yaml +75 -0
package/.agent/skills/cross-cutting/aws/data/ai_ml.yaml +194 -0
package/.agent/skills/cross-cutting/aws/data/compute.yaml +191 -0
package/.agent/skills/cross-cutting/aws/data/kubernetes.yaml +199 -0
package/.agent/skills/cross-cutting/aws/data/storage.yaml +174 -0
package/.agent/skills/cross-cutting/bun/META.yaml +58 -0
package/.agent/skills/cross-cutting/bun/SKILL.md +357 -0
package/.agent/skills/cross-cutting/bun/data/database.yaml +85 -0
package/.agent/skills/cross-cutting/bun/data/runtime.yaml +170 -0
package/.agent/skills/cross-cutting/bun/data/tooling.yaml +192 -0
package/.agent/skills/cross-cutting/ci-cd/META.yaml +60 -0
package/.agent/skills/cross-cutting/ci-cd/data/github_actions.yaml +248 -0
package/.agent/skills/cross-cutting/ci-cd/data/security.yaml +211 -0
package/.agent/skills/cross-cutting/coding-rules/META.yaml +61 -0
package/.agent/skills/cross-cutting/coding-rules/SKILL.md +171 -0
package/.agent/skills/cross-cutting/coding-rules/data/architecture-patterns.yaml +96 -0
package/.agent/skills/cross-cutting/coding-rules/data/build-systems.yaml +346 -0
package/.agent/skills/cross-cutting/coding-rules/data/coding-rules.yaml +647 -0
package/.agent/skills/cross-cutting/coding-rules/data/concurrency-patterns.yaml +108 -0
package/.agent/skills/cross-cutting/coding-rules/data/design-patterns.yaml +260 -0
package/.agent/skills/cross-cutting/coding-rules/data/framework-signatures.yaml +344 -0
package/.agent/skills/cross-cutting/coding-rules/data/memory-management.yaml +108 -0
package/.agent/skills/cross-cutting/coding-rules/data/naming-conventions.yaml +320 -0
package/.agent/skills/cross-cutting/coding-rules/data/performance-benchmarks.yaml +164 -0
package/.agent/skills/cross-cutting/coding-rules/data/solid-principles.yaml +80 -0
package/.agent/skills/cross-cutting/coding-rules/data/test-frameworks.yaml +183 -0
package/.agent/skills/cross-cutting/database/ADVANCED.md +465 -0
package/.agent/skills/cross-cutting/database/META.yaml +22 -0
package/.agent/skills/cross-cutting/database/SKILL.md +816 -0
package/.agent/skills/cross-cutting/database/data/anti_patterns.yaml +116 -0
package/.agent/skills/cross-cutting/database/data/distributed.yaml +152 -0
package/.agent/skills/cross-cutting/database/data/mongodb.yaml +132 -0
package/.agent/skills/cross-cutting/database/data/mysql.yaml +130 -0
package/.agent/skills/cross-cutting/database/data/orm.yaml +104 -0
package/.agent/skills/cross-cutting/database/data/postgresql.yaml +170 -0
package/.agent/skills/cross-cutting/database/data/redis.yaml +129 -0
package/.agent/skills/cross-cutting/deno/META.yaml +68 -0
package/.agent/skills/cross-cutting/deno/SKILL.md +343 -0
package/.agent/skills/cross-cutting/deno/data/runtime.yaml +260 -0
package/.agent/skills/cross-cutting/deno/data/security.yaml +168 -0
package/.agent/skills/cross-cutting/deno/data/tooling.yaml +133 -0
package/.agent/skills/cross-cutting/docker/META.yaml +65 -0
package/.agent/skills/cross-cutting/docker/data/build.yaml +197 -0
package/.agent/skills/cross-cutting/docker/data/compose.yaml +229 -0
package/.agent/skills/cross-cutting/docker/data/security.yaml +164 -0
package/.agent/skills/cross-cutting/electron/META.yaml +174 -0
package/.agent/skills/cross-cutting/electron/SKILL.md +862 -0
package/.agent/skills/cross-cutting/electron/data/build.yaml +105 -0
package/.agent/skills/cross-cutting/electron/data/crash.yaml +103 -0
package/.agent/skills/cross-cutting/electron/data/ipc.yaml +85 -0
package/.agent/skills/cross-cutting/electron/data/native.yaml +157 -0
package/.agent/skills/cross-cutting/electron/data/security.yaml +89 -0
package/.agent/skills/cross-cutting/electron/data/storage.yaml +100 -0
package/.agent/skills/cross-cutting/electron/data/testing.yaml +103 -0
package/.agent/skills/cross-cutting/electron/data/updates.yaml +99 -0
package/.agent/skills/cross-cutting/electron/data/window.yaml +83 -0
package/.agent/skills/cross-cutting/kubernetes/META.yaml +70 -0
package/.agent/skills/cross-cutting/kubernetes/data/networking.yaml +270 -0
package/.agent/skills/cross-cutting/kubernetes/data/scheduling.yaml +267 -0
package/.agent/skills/cross-cutting/kubernetes/data/security.yaml +253 -0
package/.agent/skills/cross-cutting/kubernetes/data/workloads.yaml +251 -0
package/.agent/skills/cross-cutting/sql/META.yaml +88 -0
package/.agent/skills/cross-cutting/sql/SKILL.md +296 -0
package/.agent/skills/cross-cutting/sql/data/indexing.yaml +147 -0
package/.agent/skills/cross-cutting/sql/data/json.yaml +156 -0
package/.agent/skills/cross-cutting/sql/data/performance.yaml +204 -0
package/.agent/skills/cross-cutting/sql/data/queries.yaml +150 -0
package/.agent/skills/cross-cutting/tailwind/META.yaml +72 -0
package/.agent/skills/cross-cutting/tailwind/SKILL.md +344 -0
package/.agent/skills/cross-cutting/tailwind/data/build.yaml +143 -0
package/.agent/skills/cross-cutting/tailwind/data/config.yaml +109 -0
package/.agent/skills/cross-cutting/tailwind/data/migration.yaml +149 -0
package/.agent/skills/cross-cutting/tailwind/data/responsive.yaml +148 -0
package/.agent/skills/cross-cutting/tailwind/data/states.yaml +152 -0
package/.agent/skills/cross-cutting/tailwind/data/theme.yaml +126 -0
package/.agent/skills/cross-cutting/tailwind/data/utilities.yaml +182 -0
package/.agent/skills/cross-cutting/tailwind/data/variants.yaml +154 -0
package/.agent/skills/cross-cutting/testing/ADVANCED.md +245 -0
package/.agent/skills/cross-cutting/testing/META.yaml +49 -0
package/.agent/skills/cross-cutting/testing/SKILL.md +263 -0
package/.agent/skills/cross-cutting/testing/data/frameworks.yaml +300 -0
package/.agent/skills/cross-cutting/testing/data/patterns.yaml +168 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/META.yaml +108 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/SKILL.md +565 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/charts.yaml +331 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/colors.yaml +1226 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/component-decision.yaml +287 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/component-mapping.yaml +318 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/design-tokens.yaml +525 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-animation.yaml +232 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-architecture.yaml +140 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-colors.yaml +467 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/directory-structure.yaml +75 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/icons.yaml +918 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/implementation-strategy.yaml +107 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/landing.yaml +372 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/platform-frameworks.yaml +195 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/platform-guidelines.yaml +177 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/products.yaml +1339 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/prompts.yaml +180 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/react-performance.yaml +504 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/desktop.yaml +228 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/flutter.yaml +508 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/html-tailwind.yaml +543 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nextjs.yaml +515 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nuxt-ui.yaml +519 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nuxtjs.yaml +599 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/react-native.yaml +496 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/react.yaml +526 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/shadcn.yaml +616 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/svelte.yaml +520 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/swiftui.yaml +486 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/vue.yaml +485 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/styles.yaml +1473 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/typography.yaml +647 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/ui-reasoning.yaml +1019 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/ux-guidelines.yaml +1009 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/web-interface.yaml +347 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/core.cpython-310.pyc +0 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/core.cpython-314.pyc +0 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/design_system.cpython-314.pyc +0 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/core.py +393 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/core_legacy.py +303 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/design_system.py +496 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/search.py +76 -0
package/.agent/skills/cross-cutting/web-perf/META.yaml +92 -0
package/.agent/skills/cross-cutting/web-perf/SKILL.md +181 -0
package/.agent/skills/cross-cutting/web-perf/data/cls_optimization.yaml +189 -0
package/.agent/skills/cross-cutting/web-perf/data/core_web_vitals.yaml +282 -0
package/.agent/skills/cross-cutting/web-perf/data/inp_optimization.yaml +240 -0
package/.agent/skills/cross-cutting/web-perf/data/lcp_optimization.yaml +202 -0
package/.agent/skills/cross-cutting/web-perf/data/measurement.yaml +170 -0
package/.agent/skills/devops/_index.yaml +9 -0
package/.agent/skills/devops/aws/ADVANCED.md +547 -0
package/.agent/skills/devops/aws/META.yaml +84 -0
package/.agent/skills/devops/aws/SKILL.md +711 -0
package/.agent/skills/devops/ci-cd/ADVANCED.md +529 -0
package/.agent/skills/devops/ci-cd/META.yaml +21 -0
package/.agent/skills/devops/ci-cd/SKILL.md +821 -0
package/.agent/skills/devops/docker/ADVANCED.md +495 -0
package/.agent/skills/devops/docker/META.yaml +20 -0
package/.agent/skills/devops/docker/SKILL.md +653 -0
package/.agent/skills/devops/kubernetes/ADVANCED.md +252 -0
package/.agent/skills/devops/kubernetes/META.yaml +15 -0
package/.agent/skills/devops/kubernetes/SKILL.md +621 -0
package/.agent/skills/frameworks/_index.yaml +13 -0
package/.agent/skills/frameworks/angular/META.yaml +70 -0
package/.agent/skills/frameworks/angular/SKILL.md +319 -0
package/.agent/skills/frameworks/angular/data/core.yaml +209 -0
package/.agent/skills/frameworks/angular/data/performance.yaml +210 -0
package/.agent/skills/frameworks/angular/data/server.yaml +175 -0
package/.agent/skills/frameworks/flutter/ADVANCED.md +491 -0
package/.agent/skills/frameworks/flutter/META.yaml +64 -0
package/.agent/skills/frameworks/flutter/SKILL.md +541 -0
package/.agent/skills/frameworks/flutter/data/core.yaml +210 -0
package/.agent/skills/frameworks/flutter/data/platform.yaml +246 -0
package/.agent/skills/frameworks/flutter/data/state.yaml +250 -0
package/.agent/skills/frameworks/nextjs/ADVANCED.md +225 -0
package/.agent/skills/frameworks/nextjs/META.yaml +67 -0
package/.agent/skills/frameworks/nextjs/SKILL.md +593 -0
package/.agent/skills/frameworks/nextjs/data/caching.yaml +210 -0
package/.agent/skills/frameworks/nextjs/data/core.yaml +255 -0
package/.agent/skills/frameworks/nextjs/data/server.yaml +248 -0
package/.agent/skills/frameworks/nuxt/META.yaml +57 -0
package/.agent/skills/frameworks/nuxt/SKILL.md +283 -0
package/.agent/skills/frameworks/nuxt/data/core.yaml +309 -0
package/.agent/skills/frameworks/nuxt/data/server.yaml +271 -0
package/.agent/skills/frameworks/react/ADVANCED.md +676 -0
package/.agent/skills/frameworks/react/META.yaml +60 -0
package/.agent/skills/frameworks/react/SKILL.md +263 -0
package/.agent/skills/frameworks/react/data/core.yaml +278 -0
package/.agent/skills/frameworks/react/data/server.yaml +283 -0
package/.agent/skills/frameworks/react-native/META.yaml +59 -0
package/.agent/skills/frameworks/react-native/SKILL.md +301 -0
package/.agent/skills/frameworks/react-native/data/core.yaml +260 -0
package/.agent/skills/frameworks/react-native/data/platform.yaml +287 -0
package/.agent/skills/frameworks/svelte/META.yaml +62 -0
package/.agent/skills/frameworks/svelte/SKILL.md +398 -0
package/.agent/skills/frameworks/svelte/data/runes.yaml +239 -0
package/.agent/skills/frameworks/svelte/data/sveltekit.yaml +244 -0
package/.agent/skills/frameworks/vue/ADVANCED.md +214 -0
package/.agent/skills/frameworks/vue/META.yaml +58 -0
package/.agent/skills/frameworks/vue/SKILL.md +356 -0
package/.agent/skills/frameworks/vue/data/advanced.yaml +253 -0
package/.agent/skills/frameworks/vue/data/core.yaml +270 -0
package/.agent/skills/index.json +143 -0
package/.agent/skills/languages/_index.yaml +33 -0
package/.agent/skills/languages/asm/ADVANCED.md +750 -0
package/.agent/skills/languages/asm/META.yaml +84 -0
package/.agent/skills/languages/asm/SKILL.md +753 -0
package/.agent/skills/languages/asm/data/advanced.yaml +295 -0
package/.agent/skills/languages/asm/data/core.yaml +280 -0
package/.agent/skills/languages/c/ADVANCED.md +625 -0
package/.agent/skills/languages/c/META.yaml +58 -0
package/.agent/skills/languages/c/SKILL.md +748 -0
package/.agent/skills/languages/c/data/core.yaml +179 -0
package/.agent/skills/languages/c/data/embedded.yaml +251 -0
package/.agent/skills/languages/c/data/memory.yaml +253 -0
package/.agent/skills/languages/clojure/META.yaml +13 -0
package/.agent/skills/languages/clojure/SKILL.md +130 -0
package/.agent/skills/languages/clojure/data/core.yaml +326 -0
package/.agent/skills/languages/cpp/ADVANCED.md +457 -0
package/.agent/skills/languages/cpp/META.yaml +61 -0
package/.agent/skills/languages/cpp/SKILL.md +936 -0
package/.agent/skills/languages/cpp/data/core.yaml +304 -0
package/.agent/skills/languages/cpp/data/memory.yaml +247 -0
package/.agent/skills/languages/cpp/data/modern.yaml +334 -0
package/.agent/skills/languages/crystal/META.yaml +30 -0
package/.agent/skills/languages/crystal/SKILL.md +117 -0
package/.agent/skills/languages/crystal/data/async.yaml +264 -0
package/.agent/skills/languages/crystal/data/core.yaml +279 -0
package/.agent/skills/languages/csharp/ADVANCED.md +592 -0
package/.agent/skills/languages/csharp/META.yaml +23 -0
package/.agent/skills/languages/csharp/SKILL.md +620 -0
package/.agent/skills/languages/csharp/data/aspnet.yaml +448 -0
package/.agent/skills/languages/csharp/data/core.yaml +362 -0
package/.agent/skills/languages/elixir/META.yaml +18 -0
package/.agent/skills/languages/elixir/SKILL.md +368 -0
package/.agent/skills/languages/elixir/data/core.yaml +392 -0
package/.agent/skills/languages/fsharp/META.yaml +14 -0
package/.agent/skills/languages/fsharp/SKILL.md +113 -0
package/.agent/skills/languages/fsharp/data/core.yaml +396 -0
package/.agent/skills/languages/go/ADVANCED.md +260 -0
package/.agent/skills/languages/go/META.yaml +64 -0
package/.agent/skills/languages/go/SKILL.md +489 -0
package/.agent/skills/languages/go/data/concurrency.yaml +424 -0
package/.agent/skills/languages/go/data/core.yaml +399 -0
package/.agent/skills/languages/go/data/http.yaml +507 -0
package/.agent/skills/languages/haskell/META.yaml +18 -0
package/.agent/skills/languages/haskell/SKILL.md +305 -0
package/.agent/skills/languages/haskell/data/core.yaml +347 -0
package/.agent/skills/languages/java/ADVANCED.md +450 -0
package/.agent/skills/languages/java/META.yaml +89 -0
package/.agent/skills/languages/java/SKILL.md +495 -0
package/.agent/skills/languages/java/data/core.yaml +307 -0
package/.agent/skills/languages/java/data/spring.yaml +437 -0
package/.agent/skills/languages/javascript/ADVANCED.md +530 -0
package/.agent/skills/languages/javascript/META.yaml +105 -0
package/.agent/skills/languages/javascript/SKILL.md +455 -0
package/.agent/skills/languages/javascript/data/async.yaml +290 -0
package/.agent/skills/languages/javascript/data/core.yaml +380 -0
package/.agent/skills/languages/javascript/data/modern.yaml +269 -0
package/.agent/skills/languages/julia/META.yaml +13 -0
package/.agent/skills/languages/julia/SKILL.md +174 -0
package/.agent/skills/languages/julia/data/core.yaml +356 -0
package/.agent/skills/languages/kotlin/ADVANCED.md +539 -0
package/.agent/skills/languages/kotlin/META.yaml +24 -0
package/.agent/skills/languages/kotlin/SKILL.md +525 -0
package/.agent/skills/languages/kotlin/data/android.yaml +495 -0
package/.agent/skills/languages/kotlin/data/core.yaml +366 -0
package/.agent/skills/languages/lua/ADVANCED.md +257 -0
package/.agent/skills/languages/lua/META.yaml +58 -0
package/.agent/skills/languages/lua/SKILL.md +492 -0
package/.agent/skills/languages/lua/data/core.yaml +264 -0
package/.agent/skills/languages/lua/data/embedding.yaml +300 -0
package/.agent/skills/languages/nim/META.yaml +30 -0
package/.agent/skills/languages/nim/SKILL.md +116 -0
package/.agent/skills/languages/nim/data/async.yaml +257 -0
package/.agent/skills/languages/nim/data/core.yaml +241 -0
package/.agent/skills/languages/ocaml/META.yaml +13 -0
package/.agent/skills/languages/ocaml/SKILL.md +123 -0
package/.agent/skills/languages/ocaml/data/core.yaml +357 -0
package/.agent/skills/languages/perl/META.yaml +13 -0
package/.agent/skills/languages/perl/SKILL.md +115 -0
package/.agent/skills/languages/perl/data/core.yaml +360 -0
package/.agent/skills/languages/php/ADVANCED.md +199 -0
package/.agent/skills/languages/php/META.yaml +18 -0
package/.agent/skills/languages/php/SKILL.md +488 -0
package/.agent/skills/languages/php/data/core.yaml +392 -0
package/.agent/skills/languages/php/data/laravel.yaml +525 -0
package/.agent/skills/languages/python/ADVANCED.md +207 -0
package/.agent/skills/languages/python/META.yaml +91 -0
package/.agent/skills/languages/python/SKILL.md +495 -0
package/.agent/skills/languages/python/data/async.yaml +265 -0
package/.agent/skills/languages/python/data/core.yaml +259 -0
package/.agent/skills/languages/python/data/fastapi.yaml +296 -0
package/.agent/skills/languages/python/data/testing.yaml +226 -0
package/.agent/skills/languages/r/META.yaml +16 -0
package/.agent/skills/languages/r/SKILL.md +348 -0
package/.agent/skills/languages/r/data/core.yaml +355 -0
package/.agent/skills/languages/ruby/ADVANCED.md +381 -0
package/.agent/skills/languages/ruby/META.yaml +19 -0
package/.agent/skills/languages/ruby/SKILL.md +417 -0
package/.agent/skills/languages/ruby/data/core.yaml +448 -0
package/.agent/skills/languages/ruby/data/rails.yaml +415 -0
package/.agent/skills/languages/rust/ADVANCED.md +212 -0
package/.agent/skills/languages/rust/META.yaml +87 -0
package/.agent/skills/languages/rust/SKILL.md +377 -0
package/.agent/skills/languages/rust/data/async.yaml +404 -0
package/.agent/skills/languages/rust/data/axum.yaml +450 -0
package/.agent/skills/languages/rust/data/core.yaml +356 -0
package/.agent/skills/languages/scala/META.yaml +17 -0
package/.agent/skills/languages/scala/SKILL.md +202 -0
package/.agent/skills/languages/scala/data/core.yaml +349 -0
package/.agent/skills/languages/solidity/META.yaml +13 -0
package/.agent/skills/languages/solidity/SKILL.md +188 -0
package/.agent/skills/languages/solidity/data/core.yaml +528 -0
package/.agent/skills/languages/swift/ADVANCED.md +231 -0
package/.agent/skills/languages/swift/META.yaml +18 -0
package/.agent/skills/languages/swift/SKILL.md +342 -0
package/.agent/skills/languages/swift/data/core.yaml +489 -0
package/.agent/skills/languages/typescript/ADVANCED.md +186 -0
package/.agent/skills/languages/typescript/META.yaml +92 -0
package/.agent/skills/languages/typescript/SKILL.md +306 -0
package/.agent/skills/languages/typescript/data/async.yaml +397 -0
package/.agent/skills/languages/typescript/data/core.yaml +283 -0
package/.agent/skills/languages/typescript/data/validation.yaml +338 -0
package/.agent/skills/languages/zig/META.yaml +52 -0
package/.agent/skills/languages/zig/SKILL.md +354 -0
package/.agent/skills/languages/zig/data/async.yaml +314 -0
package/.agent/skills/languages/zig/data/core.yaml +302 -0
package/.agent/templates/README.md +42 -0
package/.agent/templates/audit-report.md +153 -0
package/.agent/templates/chains/debug/step1-reproduce.md +83 -0
package/.agent/templates/chains/debug/step2-isolate.md +73 -0
package/.agent/templates/chains/debug/step3-analyze.md +86 -0
package/.agent/templates/chains/debug/step4-fix.md +85 -0
package/.agent/templates/chains/debug/step5-verify.md +122 -0
package/.agent/templates/chains/implement/step1-plan.md +88 -0
package/.agent/templates/chains/implement/step2-code.md +87 -0
package/.agent/templates/chains/implement/step3-test.md +87 -0
package/.agent/templates/chains/implement/step4-doc.md +118 -0
package/.agent/templates/chains/review/step1-understand.md +74 -0
package/.agent/templates/chains/review/step2-analyze.md +110 -0
package/.agent/templates/chains/review/step3-fix.md +93 -0
package/.agent/templates/chains/review/step4-summary.md +104 -0
package/.agent/templates/debug-report.md +50 -0
package/.agent/templates/deploy-plan.md +54 -0
package/.agent/templates/doc-template.md +57 -0
package/.agent/templates/findings.md +122 -0
package/.agent/templates/index.yaml +239 -0
package/.agent/templates/migrate-plan.md +50 -0
package/.agent/templates/phase-template.md +72 -0
package/.agent/templates/project-plan.md +87 -0
package/.agent/templates/prompts/context_block.md +114 -0
package/.agent/templates/prompts/guardrails_block.md +116 -0
package/.agent/templates/prompts/persona_base.md +155 -0
package/.agent/templates/prompts/tools_block.md +137 -0
package/.agent/templates/reflection/critic.md +110 -0
package/.agent/templates/reflection/error_analysis.md +149 -0
package/.agent/templates/reflection/success_analysis.md +174 -0
package/.agent/templates/task-list.md +144 -0
package/.agent/templates/tasks/audit.yaml +146 -0
package/.agent/templates/tasks/bug_fix.yaml +121 -0
package/.agent/templates/tasks/code_implementation.yaml +110 -0
package/.agent/templates/tasks/refactor.yaml +157 -0
package/.agent/templates/test-report.md +52 -0
package/.agent/workflows/ap.md +135 -0
package/.agent/workflows/code.md +130 -0
package/.agent/workflows/debug.md +230 -0
package/.agent/workflows/deploy.md +192 -0
package/.agent/workflows/dev.md +137 -0
package/.agent/workflows/doc.md +124 -0
package/.agent/workflows/env.md +98 -0
package/.agent/workflows/fix.md +76 -0
package/.agent/workflows/generate.md +28 -0
package/.agent/workflows/git.md +97 -0
package/.agent/workflows/help.md +75 -0
package/.agent/workflows/init.md +148 -0
package/.agent/workflows/migrate.md +135 -0
package/.agent/workflows/monitor.md +133 -0
package/.agent/workflows/onboard.md +144 -0
package/.agent/workflows/orchestrate.md +117 -0
package/.agent/workflows/perf.md +106 -0
package/.agent/workflows/plan.md +106 -0
package/.agent/workflows/recap.md +101 -0
package/.agent/workflows/refactor.md +161 -0
package/.agent/workflows/revert.md +99 -0
package/.agent/workflows/review.md +106 -0
package/.agent/workflows/scaffold.md +119 -0
package/.agent/workflows/security.md +186 -0
package/.agent/workflows/status.md +103 -0
package/.agent/workflows/test.md +157 -0
package/.agent/workflows/think.md +126 -0
package/.agent/workflows/upgrade.md +109 -0
package/.agent/workflows/visualize.md +295 -0
package/.agent/workflows/workflow.md +196 -0
package/README.md +64 -0
package/dist/commands/add.d.ts +2 -0
package/dist/commands/add.d.ts.map +1 -0
package/dist/commands/add.js +70 -0
package/dist/commands/add.js.map +1 -0
package/dist/commands/config.d.ts +4 -0
package/dist/commands/config.d.ts.map +1 -0
package/dist/commands/config.js +152 -0
package/dist/commands/config.js.map +1 -0
package/dist/commands/doctor.d.ts +4 -0
package/dist/commands/doctor.d.ts.map +1 -0
package/dist/commands/doctor.js +98 -0
package/dist/commands/doctor.js.map +1 -0
package/dist/commands/hsa.d.ts +4 -0
package/dist/commands/hsa.d.ts.map +1 -0
package/dist/commands/hsa.js +194 -0
package/dist/commands/hsa.js.map +1 -0
package/dist/commands/info.d.ts +2 -0
package/dist/commands/info.d.ts.map +1 -0
package/dist/commands/info.js +149 -0
package/dist/commands/info.js.map +1 -0
package/dist/commands/init.d.ts +4 -0
package/dist/commands/init.d.ts.map +1 -0
package/dist/commands/init.js +262 -0
package/dist/commands/init.js.map +1 -0
package/dist/commands/install-core.d.ts +4 -0
package/dist/commands/install-core.d.ts.map +1 -0
package/dist/commands/install-core.js +85 -0
package/dist/commands/install-core.js.map +1 -0
package/dist/commands/install-helpers.d.ts +27 -0
package/dist/commands/install-helpers.d.ts.map +1 -0
package/dist/commands/install-helpers.js +125 -0
package/dist/commands/install-helpers.js.map +1 -0
package/dist/commands/install-hsa.d.ts +18 -0
package/dist/commands/install-hsa.d.ts.map +1 -0
package/dist/commands/install-hsa.js +61 -0
package/dist/commands/install-hsa.js.map +1 -0
package/dist/commands/install.d.ts +4 -0
package/dist/commands/install.d.ts.map +1 -0
package/dist/commands/install.js +310 -0
package/dist/commands/install.js.map +1 -0
package/dist/commands/list.d.ts +4 -0
package/dist/commands/list.d.ts.map +1 -0
package/dist/commands/list.js +91 -0
package/dist/commands/list.js.map +1 -0
package/dist/commands/mcp-registry.d.ts +48 -0
package/dist/commands/mcp-registry.d.ts.map +1 -0
package/dist/commands/mcp-registry.js +246 -0
package/dist/commands/mcp-registry.js.map +1 -0
package/dist/commands/mcp-writers.d.ts +20 -0
package/dist/commands/mcp-writers.d.ts.map +1 -0
package/dist/commands/mcp-writers.js +144 -0
package/dist/commands/mcp-writers.js.map +1 -0
package/dist/commands/mcp.d.ts +10 -0
package/dist/commands/mcp.d.ts.map +1 -0
package/dist/commands/mcp.js +319 -0
package/dist/commands/mcp.js.map +1 -0
package/dist/commands/update.d.ts +4 -0
package/dist/commands/update.d.ts.map +1 -0
package/dist/commands/update.js +79 -0
package/dist/commands/update.js.map +1 -0
package/dist/constants/cursor-globs.d.ts +17 -0
package/dist/constants/cursor-globs.d.ts.map +1 -0
package/dist/constants/cursor-globs.js +62 -0
package/dist/constants/cursor-globs.js.map +1 -0
package/dist/constants/ide-install-specs.d.ts +36 -0
package/dist/constants/ide-install-specs.d.ts.map +1 -0
package/dist/constants/ide-install-specs.js +870 -0
package/dist/constants/ide-install-specs.js.map +1 -0
package/dist/constants/ides.d.ts +105 -0
package/dist/constants/ides.d.ts.map +1 -0
package/dist/constants/ides.js +412 -0
package/dist/constants/ides.js.map +1 -0
package/dist/constants/skills.d.ts +40 -0
package/dist/constants/skills.d.ts.map +1 -0
package/dist/constants/skills.js +78 -0
package/dist/constants/skills.js.map +1 -0
package/dist/constants.d.ts +39 -0
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +75 -0
package/dist/constants.js.map +1 -0
package/dist/index.d.ts +8 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +122 -0
package/dist/index.js.map +1 -0
package/dist/types/flags.d.ts +47 -0
package/dist/types/flags.d.ts.map +1 -0
package/dist/types/flags.js +4 -0
package/dist/types/flags.js.map +1 -0
package/dist/types/ide-install.d.ts +175 -0
package/dist/types/ide-install.d.ts.map +1 -0
package/dist/types/ide-install.js +29 -0
package/dist/types/ide-install.js.map +1 -0
package/dist/utils/copy-helpers.d.ts +60 -0
package/dist/utils/copy-helpers.d.ts.map +1 -0
package/dist/utils/copy-helpers.js +617 -0
package/dist/utils/copy-helpers.js.map +1 -0
package/dist/utils/index.d.ts +3 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +5 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/validation.d.ts +29 -0
package/dist/utils/validation.d.ts.map +1 -0
package/dist/utils/validation.js +211 -0
package/dist/utils/validation.js.map +1 -0
package/package.json +64 -0

package/.agent/skills/core/security/data/binary-exploitation.yaml ADDED Viewed

@@ -0,0 +1,339 @@
+metadata:
+  skill: security
+  domain: binary_exploitation
+  version: 6.2.0
+  updated: '2026-02-05'
+  migrated_from: binary-exploitation.csv
+  patterns_count: 25
+  columns:
+  - id
+  - name
+  - severity
+  - category
+  - description
+  - detection_pattern
+  - fix_pattern
+  - cwe
+  - tools
+  - example_attack
+  - defense
+patterns:
+- id: BE-01
+  name: Stack Canary Bypass
+  severity: CRITICAL
+  category: Exploit
+  description: Stack cookie can be leaked or brute-forced
+  detection_pattern: __stack_chk_fail|canary(?!.*random)
+  fix_pattern: Use ASLR compile with -fstack-protector-strong
+  cwe: CWE-693
+  tools:
+  - gdb
+  - pwntools
+  example_attack: '# Leak canary via format string\npayload = b''%15$p'' # Leaks canary'
+  defense: Compile with -fstack-protector-all use ASLR
+- id: BE-02
+  name: Return Oriented Programming
+  severity: CRITICAL
+  category: Exploit
+  description: ROP gadgets chained to bypass NX/DEP
+  detection_pattern: .text.*ret(?!.*CFI)
+  fix_pattern: Enable CFI Control Flow Integrity and CET
+  cwe: CWE-94
+  tools:
+  - ROPgadget
+  - ropper
+  example_attack: from pwn import *\nrop = ROP(binary)\nrop.call('system', ['/bin/sh'])
+  defense: Compile with -fcf-protection=full enable CET
+- id: BE-03
+  name: ASLR Bypass via Leak
+  severity: CRITICAL
+  category: Exploit
+  description: Address leak defeats ASLR randomization
+  detection_pattern: puts.*got|printf.*libc(?!.*PIE)
+  fix_pattern: Always use PIE with ASLR avoid format string bugs
+  cwe: CWE-200
+  tools:
+  - pwntools
+  - gdb
+  example_attack: '# Leak libc address\nlibc_leak = u64(io.recv(6) + b''\\x00\\x00'')'
+  defense: Compile with -fPIE -pie fix all info leaks
+- id: BE-04
+  name: Heap Feng Shui
+  severity: HIGH
+  category: Exploit
+  description: Heap layout manipulated for exploitation
+  detection_pattern: malloc.*free.*malloc(?!.*sanitize)
+  fix_pattern: Use hardened allocators like jemalloc-hardened
+  cwe: CWE-416
+  tools:
+  - gdb
+  - heapinspect
+  example_attack: '# Spray heap to control allocation\nfor i in range(100): alloc(0x100)'
+  defense: Use MALLOC_CHECK_=3 Address Sanitizer in debug
+- id: BE-05
+  name: GOT Overwrite
+  severity: CRITICAL
+  category: Exploit
+  description: Global Offset Table overwritten for code execution
+  detection_pattern: \.got.*write(?!.*RELRO)
+  fix_pattern: Enable FULL RELRO with -Wl,-z,relro,-z,now
+  cwe: CWE-94
+  tools:
+  - objdump
+  - pwntools
+  example_attack: '# Overwrite GOT entry\nwrite(elf.got[''puts''], system_addr)'
+  defense: Link with -z relro -z now for FULL RELRO
+- id: BE-06
+  name: JOP JIT Spray
+  severity: HIGH
+  category: Exploit
+  description: Jump Oriented Programming in JIT compiled code
+  detection_pattern: jit.*spray|trampoline(?!.*verify)
+  fix_pattern: Implement W^X strictly verify JIT code
+  cwe: CWE-94
+  tools:
+  - IDA
+  - Binary Ninja
+  example_attack: '# JIT spray NOP equivalent\nfor i in range(0x1000): emit_jmp()'
+  defense: Isolate JIT pages with guard pages proper W^X
+- id: BE-07
+  name: Type Confusion Exploit
+  severity: CRITICAL
+  category: Exploit
+  description: Object type confused for arbitrary access
+  detection_pattern: dynamic_cast.*vtable(?!.*check)
+  fix_pattern: Use static types bounds check virtual calls
+  cwe: CWE-843
+  tools:
+  - IDA
+  - WinDbg
+  example_attack: // Cast to wrong type\nBase* p = (Base*)evil_obj;
+  defense: Add runtime type checks CFI for virtual calls
+- id: BE-08
+  name: Integer Underflow Exploit
+  severity: HIGH
+  category: Exploit
+  description: Unsigned subtraction wraps to large value
+  detection_pattern: unsigned.*-(?!.*check)
+  fix_pattern: Use signed types or check for underflow first
+  cwe: CWE-191
+  tools:
+  - gdb
+  - pwntools
+  example_attack: size_t len = user_len - 1; // If 0, wraps to MAX
+  defense: if (user_len == 0) return; size_t len = user_len - 1;
+- id: BE-09
+  name: Null Byte Injection
+  severity: MEDIUM
+  category: Exploit
+  description: Null byte terminates string prematurely for bypass
+  detection_pattern: strcpy.*\\0.*injection
+  fix_pattern: Use length-counted strings not null-terminated
+  cwe: CWE-626
+  tools:
+  - Burp
+  - custom
+  example_attack: // Bypass path check\npath = 'admin.txt\\x00.jpg'
+  defense: Use strnlen and length parameters not null termination
+- id: BE-10
+  name: Unlink Exploit
+  severity: CRITICAL
+  category: Exploit
+  description: Heap metadata corruption via fake chunks
+  detection_pattern: unlink|FD.*BK(?!.*safe_unlink)
+  fix_pattern: Use safe_unlink checks in allocator
+  cwe: CWE-416
+  tools:
+  - gdb
+  - heapinspect
+  example_attack: '# Craft fake chunk for unlink\nfake_chunk = p64(fd) + p64(bk)'
+  defense: Use modern glibc with safe_unlink enabled
+- id: BE-11
+  name: Format String Write
+  severity: CRITICAL
+  category: Exploit
+  description: Format string used for arbitrary write via %n
+  detection_pattern: printf.*%n(?!.*disabled)
+  fix_pattern: Never pass user input directly to printf
+  cwe: CWE-134
+  tools:
+  - pwntools
+  - gdb
+  example_attack: '# Write to address via %n\npayload = fmtstr_payload(offset, {addr: value})'
+  defense: Compile with -Wformat-security use %s always
+- id: BE-12
+  name: Sigreturn Oriented
+  severity: HIGH
+  category: Exploit
+  description: SROP uses sigreturn for ROP without gadgets
+  detection_pattern: sigreturn.*frame(?!.*seccomp)
+  fix_pattern: Enable seccomp to filter syscalls
+  cwe: CWE-94
+  tools: pwntools ropper
+  example_attack: frame = SigreturnFrame()\nframe.rax = constants.SYS_execve
+  defense: Use seccomp to whitelist allowed syscalls
+- id: BE-13
+  name: Vtable Hijacking
+  severity: CRITICAL
+  category: Exploit
+  description: C++ virtual table pointer overwritten
+  detection_pattern: vtable.*overwrite|vptr(?!.*CFI)
+  fix_pattern: Enable CFI for vtable protection
+  cwe: CWE-843
+  tools:
+  - IDA
+  - gdb
+  example_attack: // Overwrite vptr\n*(void**)obj = fake_vtable;
+  defense: Compile with -fsanitize=cfi MSVC /guard:cf
+- id: BE-14
+  name: Blind ROP Attack
+  severity: HIGH
+  category: Exploit
+  description: ROP without binary using stack reading
+  detection_pattern: brop|blind.*rop(?!.*canary)
+  fix_pattern: Use stack canaries and ASLR together
+  cwe: CWE-94
+  tools:
+  - pwntools
+  - custom
+  example_attack: '# BROP: scan for stop gadget\nfor addr in range(0x400000, 0x500000): try_addr()'
+  defense: Strong stack canary ASLR PIE together
+- id: BE-15
+  name: Ret2libc Attack
+  severity: CRITICAL
+  category: Exploit
+  description: Return to libc function bypassing NX
+  detection_pattern: ret2libc|system.*binsh
+  fix_pattern: Use ASLR with PIE avoid libc addresses in binary
+  cwe: CWE-94
+  tools:
+  - pwntools
+  - gdb
+  example_attack: rop.call(libc.sym['system'], [next(libc.search(b'/bin/sh'))])
+  defense: Full ASLR PIE no hardcoded addresses
+- id: BE-16
+  name: Gadget Finder Detection
+  severity: MEDIUM
+  category: Static
+  description: Binary scanned for ROP gadgets
+  detection_pattern: ROPgadget|ropper(?!.*strip)
+  fix_pattern: Strip symbols reduce gadget availability
+  cwe: CWE-200
+  tools:
+  - ROPgadget
+  - ropper
+  example_attack: $ ROPgadget --binary vuln --ropchain
+  defense: Strip binary use control flow integrity
+- id: BE-17
+  name: Dangling Pointer Spray
+  severity: HIGH
+  category: Exploit
+  description: Freed pointer reallocated with attacker data
+  detection_pattern: free.*spray(?!.*null)
+  fix_pattern: Set pointer to NULL after free immediately
+  cwe: CWE-416
+  tools:
+  - gdb
+  - pwntools
+  example_attack: free(ptr); spray(0x100); ptr->func();
+  defense: ptr = NULL; after free use smart pointers
+- id: BE-18
+  name: Shadow Stack Missing
+  severity: HIGH
+  category: Mitigation
+  description: No shadow stack protection for return addresses
+  detection_pattern: (!.*shadow_stack|CET)
+  fix_pattern: Enable Intel CET or ARM PAC
+  cwe: CWE-693
+  tools:
+  - gdb
+  - IDA
+  example_attack: // No shadow stack\nret // Can be hijacked
+  defense: Compile with -fcf-protection=return use CET
+- id: BE-19
+  name: Double Fetch TOCTOU
+  severity: HIGH
+  category: Kernel
+  description: Race between user check and kernel use
+  detection_pattern: copy_from_user.*check.*use
+  fix_pattern: Use get_user once or copy entire structure atomically
+  cwe: CWE-367
+  tools: kernel debugger
+  example_attack: // Check then copy - can be modified between\nif (user->size < 100) copy_from_user()
+  defense: Copy once then validate the copy
+- id: BE-20
+  name: Kernel Pointer Leak
+  severity: CRITICAL
+  category: Kernel
+  description: Kernel address leaked to userspace
+  detection_pattern: /proc/.*(maps|kallsyms)(?!.*restrict)
+  fix_pattern: Enable kernel hardening kptr_restrict=2
+  cwe: CWE-200
+  tools: /proc
+  example_attack: $ cat /proc/kallsyms
+  defense: sysctl kernel.kptr_restrict=2
+- id: BE-21
+  name: Sandbox Escape
+  severity: CRITICAL
+  category: Sandbox
+  description: Attacker escapes from sandbox/container
+  detection_pattern: seccomp.*bypass|container.*escape
+  fix_pattern: Defense in depth multiple sandbox layers
+  cwe: CWE-693
+  tools:
+  - docker
+  - crictl
+  example_attack: // Escape via kernel vuln\nexploit_kernel_from_container()
+  defense: Use gVisor/Kata containers defense in depth
+- id: BE-22
+  name: Use After Scope
+  severity: HIGH
+  category: Memory
+  description: Local variable accessed after scope ends
+  detection_pattern: \\{.*\\&local.*\\}.*use_ptr
+  fix_pattern: Avoid taking address of locals use heap allocation
+  cwe: CWE-416
+  tools:
+  - ASAN
+  - gdb
+  example_attack: int* getPtr() { int x = 5; return &x; }
+  defense: Use heap allocation or static if needed
+- id: BE-23
+  name: Stack Pivot Attack
+  severity: HIGH
+  category: Exploit
+  description: ESP/RSP moved to attacker controlled memory
+  detection_pattern: xchg.*esp|leave.*ret(?!.*verify)
+  fix_pattern: Use stack canaries CFI and shadow stack
+  cwe: CWE-94
+  tools:
+  - pwntools
+  - IDA
+  example_attack: '# Pivot stack to heap\nxchg_esp_eax = 0x8048abc'
+  defense: Strong CFI shadow stack CET protection
+- id: BE-24
+  name: One Gadget RCE
+  severity: CRITICAL
+  category: Exploit
+  description: Single gadget provides system("/bin/sh")
+  detection_pattern: one_gadget|magic_gadget
+  fix_pattern: No direct defense - prevent memory corruption
+  cwe: CWE-94
+  tools:
+  - one_gadget
+  - pwntools
+  example_attack: $ one_gadget libc.so.6\n0x4f3d5 execve(\/bin/sh\"
+  defense: rsp+0x40)"
+- id: BE-25
+  name: Partial Overwrite
+  severity: HIGH
+  category: Exploit
+  description: Only low bytes overwritten bypassing ASLR partially
+  detection_pattern: \\x00.*overwrite(?!.*full_aslr)
+  fix_pattern: Ensure full 64-bit ASLR no page alignment
+  cwe: CWE-330
+  tools:
+  - pwntools
+  - gdb
+  example_attack: '# Overwrite only low 2 bytes\npayload = b''AA'' # Only affects low 16 bits'
+  defense: Full 64-bit ASLR high entropy

package/.agent/skills/core/security/data/cloud-security.yaml ADDED Viewed

@@ -0,0 +1,269 @@
+metadata:
+  skill: security
+  domain: cloud_security
+  version: 6.2.0
+  updated: '2026-02-05'
+  migrated_from: cloud-security.csv
+  patterns_count: 25
+  columns:
+  - id
+  - name
+  - severity
+  - category
+  - provider
+  - description
+  - detection_pattern
+  - fix_pattern
+  - example_vuln
+  - example_fix
+patterns:
+- id: CLOUD-01
+  name: Public S3 Bucket
+  severity: CRITICAL
+  category: Storage
+  provider: AWS
+  description: S3 bucket allows public read or write access
+  detection_pattern: (ACL.*public|PublicAccessBlock.*false|s3:GetObject.*Principal.*\\*)
+  fix_pattern: Block public access enable encryption and logging
+  example_vuln: 'ACL: ''public-read'''
+  example_fix: 'PublicAccessBlockConfiguration:\n  BlockPublicAcls: true\n  BlockPublicPolicy: true'
+- id: CLOUD-02
+  name: IMDS v1 Enabled
+  severity: CRITICAL
+  category: Compute
+  provider: AWS
+  description: EC2 metadata service v1 vulnerable to SSRF attacks
+  detection_pattern: (HttpTokens.*optional|IMDSv1)
+  fix_pattern: Force IMDSv2 with required tokens
+  example_vuln: 'HttpTokens: ''optional'''
+  example_fix: 'MetadataOptions:\n  HttpTokens: ''required''\n  HttpPutResponseHopLimit: 1'
+- id: CLOUD-03
+  name: Overly Permissive IAM
+  severity: CRITICAL
+  category: IAM
+  provider: All
+  description: IAM policy with * permissions or resources
+  detection_pattern: (Action.*\\*|Resource.*\\*|Effect.*Allow.*\\*)
+  fix_pattern: Apply least privilege specific actions and resources
+  example_vuln: 'Effect: ''Allow''\nAction: ''*''\nResource: ''*'''
+  example_fix: 'Effect: ''Allow''\nAction: ''s3:GetObject''\nResource: ''arn:aws:s3:::mybucket/*'''
+- id: CLOUD-04
+  name: Cross-Account Trust
+  severity: HIGH
+  category: IAM
+  provider: AWS
+  description: IAM role trusts external accounts without conditions
+  detection_pattern: (Principal.*arn:aws.*:root)(?!.*Condition)
+  fix_pattern: Add external ID and MFA conditions for cross-account
+  example_vuln: 'Principal: ''arn:aws:iam::123456789:root'''
+  example_fix: 'Principal: ''arn:aws:iam::123456789:root''\nCondition:\n  StringEquals:\n    sts:ExternalId: ''secret-id'''
+- id: CLOUD-05
+  name: Unencrypted Storage
+  severity: HIGH
+  category: Storage
+  provider: All
+  description: Storage not encrypted at rest
+  detection_pattern: (Encrypted.*false|SSEConfiguration.*null)
+  fix_pattern: Enable encryption with customer-managed keys
+  example_vuln: 'Encrypted: false'
+  example_fix: 'Encrypted: true\nKMSMasterKeyID: ''alias/my-key'''
+- id: CLOUD-06
+  name: Public Security Group
+  severity: HIGH
+  category: Network
+  provider: AWS
+  description: Security group allows 0.0.0.0/0 ingress on sensitive ports
+  detection_pattern: (CidrIp.*0\\.0\\.0\\.0/0.*(22|3389|3306|5432))
+  fix_pattern: Restrict ingress to specific IPs or VPN
+  example_vuln: 'CidrIp: ''0.0.0.0/0''\nFromPort: 22'
+  example_fix: 'CidrIp: ''10.0.0.0/8''\nFromPort: 22'
+- id: CLOUD-07
+  name: Missing VPC Flow Logs
+  severity: MEDIUM
+  category: Network
+  provider: AWS
+  description: VPC flow logs not enabled for network monitoring
+  detection_pattern: (FlowLog)(?!.*Enable)
+  fix_pattern: Enable VPC flow logs for security monitoring
+  example_vuln: // No flow logs configured
+  example_fix: FlowLogIds:\n  - fl-xxxxxxxx
+- id: CLOUD-08
+  name: Default VPC Used
+  severity: MEDIUM
+  category: Network
+  provider: AWS
+  description: Resources deployed in default VPC with weak isolation
+  detection_pattern: (vpc-.*default|DefaultVpc)
+  fix_pattern: Use custom VPCs with proper network segmentation
+  example_vuln: 'VpcId: ''vpc-default'''
+  example_fix: 'VpcId: ''vpc-custom-isolated'''
+- id: CLOUD-09
+  name: Container Escape Risk
+  severity: CRITICAL
+  category: Container
+  provider: All
+  description: Container running as root or with privileged mode
+  detection_pattern: (privileged.*true|runAsRoot|USER root)
+  fix_pattern: Run as non-root user disable privileges
+  example_vuln: 'securityContext:\n  privileged: true'
+  example_fix: 'securityContext:\n  runAsNonRoot: true\n  allowPrivilegeEscalation: false'
+- id: CLOUD-10
+  name: Secrets in Environment
+  severity: CRITICAL
+  category: Secrets
+  provider: All
+  description: Secrets passed via environment variables
+  detection_pattern: (env.*SECRET|env.*PASSWORD|env.*API_KEY)
+  fix_pattern: 'Use secrets manager: Vault AWS Secrets Manager'
+  example_vuln: 'env:\n  - name: DB_PASSWORD\n    value: ''plaintext'''
+  example_fix: 'env:\n  - name: DB_PASSWORD\n    valueFrom:\n      secretKeyRef:\n        name: db-secret'
+- id: CLOUD-11
+  name: Missing Secrets Rotation
+  severity: HIGH
+  category: Secrets
+  provider: All
+  description: Secrets without automatic rotation configured
+  detection_pattern: (rotation.*false|RotationEnabled.*false)
+  fix_pattern: Enable automatic rotation every 30-90 days
+  example_vuln: 'RotationEnabled: false'
+  example_fix: 'RotationEnabled: true\nRotationLambdaARN: ''arn:aws:lambda:...'''
+- id: CLOUD-12
+  name: Public Load Balancer
+  severity: MEDIUM
+  category: Network
+  provider: All
+  description: Internal resources exposed via public load balancer
+  detection_pattern: (Scheme.*internet-facing|PublicIpAddress).*internal
+  fix_pattern: Use internal load balancers for internal services
+  example_vuln: 'Type: ''internet-facing'''
+  example_fix: 'Type: ''internal'''
+- id: CLOUD-13
+  name: Missing WAF
+  severity: MEDIUM
+  category: Network
+  provider: All
+  description: No Web Application Firewall protecting endpoints
+  detection_pattern: (ALB|CloudFront)(?!.*WAF|WebACL)
+  fix_pattern: Attach WAF with OWASP rules for protection
+  example_vuln: // No WAF attached
+  example_fix: 'WebACLId: ''arn:aws:wafv2:...:webacl/owasp-rules'''
+- id: CLOUD-14
+  name: CloudTrail Disabled
+  severity: HIGH
+  category: Audit
+  provider: AWS
+  description: CloudTrail not enabled for API audit logging
+  detection_pattern: (IsLogging.*false|trailArn.*null)
+  fix_pattern: Enable CloudTrail with multi-region logging
+  example_vuln: 'IsLogging: false'
+  example_fix: 'IsLogging: true\nIsMultiRegionTrail: true\nIncludeGlobalServiceEvents: true'
+- id: CLOUD-15
+  name: Logging Disabled
+  severity: HIGH
+  category: Audit
+  provider: All
+  description: Resource logging and monitoring not configured
+  detection_pattern: (Logging.*Disabled|AccessLog.*false)
+  fix_pattern: Enable access logging and monitoring
+  example_vuln: 'AccessLoggingEnabled: false'
+  example_fix: 'AccessLoggingEnabled: true\nAccessLogBucket: ''logs-bucket'''
+- id: CLOUD-16
+  name: Serverless Cold Start Attack
+  severity: MEDIUM
+  category: Serverless
+  provider: All
+  description: Lambda or function injection via cold start
+  detection_pattern: (handler.*eval|import.*user)
+  fix_pattern: Validate all inputs sanitize function context
+  example_vuln: exports.handler = async (event) => eval(event.code)
+  example_fix: exports.handler = async (event) => {\n  const validated = schema.parse(event)\n  // Process validated input\n}
+- id: CLOUD-17
+  name: Missing Resource Tags
+  severity: LOW
+  category: Ops
+  provider: All
+  description: Resources without proper tagging for security tracking
+  detection_pattern: (Tags.*\\[\\]|tags.*null)
+  fix_pattern: Apply consistent security and ownership tags
+  example_vuln: 'Tags: []'
+  example_fix: 'Tags:\n  - Key: ''Environment''\n    Value: ''production''\n  - Key: ''Owner''\n    Value: ''security-team'''
+- id: CLOUD-18
+  name: Insecure Blob Storage
+  severity: HIGH
+  category: Storage
+  provider: Azure
+  description: Azure Blob allows anonymous access
+  detection_pattern: (AllowBlobPublicAccess.*true|publicAccess.*Blob)
+  fix_pattern: Disable public access use SAS tokens or RBAC
+  example_vuln: 'AllowBlobPublicAccess: true'
+  example_fix: 'AllowBlobPublicAccess: false'
+- id: CLOUD-19
+  name: GCP Default Service Account
+  severity: HIGH
+  category: IAM
+  provider: GCP
+  description: Using default compute service account with editor role
+  detection_pattern: (compute@.*gserviceaccount|Editor|Owner)
+  fix_pattern: Create custom service account with minimal permissions
+  example_vuln: 'serviceAccountEmail: ''123-compute@...'''
+  example_fix: 'serviceAccountEmail: ''custom-sa@project.iam'''
+- id: CLOUD-20
+  name: Kubernetes RBAC Missing
+  severity: HIGH
+  category: K8s
+  provider: All
+  description: No RBAC configured allowing privileged operations
+  detection_pattern: (rbac.*disabled|--authorization-mode.*AlwaysAllow)
+  fix_pattern: Enable RBAC with proper role bindings
+  example_vuln: --authorization-mode=AlwaysAllow
+  example_fix: --authorization-mode=RBAC
+- id: CLOUD-21
+  name: Pod Security Standards
+  severity: MEDIUM
+  category: K8s
+  provider: All
+  description: Pods running without security standards enforcement
+  detection_pattern: (PodSecurityPolicy.*null|pod-security.*disabled)
+  fix_pattern: 'Enable Pod Security Standards: restricted baseline'
+  example_vuln: // No PSS enforcement
+  example_fix: 'apiVersion: policy/v1\nkind: PodSecurityPolicy\nspec:\n  privileged: false'
+- id: CLOUD-22
+  name: Missing Network Policy
+  severity: MEDIUM
+  category: K8s
+  provider: All
+  description: No network policies for pod-to-pod traffic control
+  detection_pattern: (NetworkPolicy)(?!.*defined)
+  fix_pattern: Implement network policies for namespace isolation
+  example_vuln: // No network policies
+  example_fix: 'kind: NetworkPolicy\nspec:\n  podSelector: {}\n  policyTypes: [Ingress, Egress]'
+- id: CLOUD-23
+  name: Terraform State Exposure
+  severity: CRITICAL
+  category: IaC
+  provider: All
+  description: Terraform state file with secrets stored insecurely
+  detection_pattern: (terraform\\.tfstate|backend.*s3)(?!.*encrypt)
+  fix_pattern: Use encrypted remote backend with locking
+  example_vuln: backend 'local' {}
+  example_fix: backend 's3' {\n  encrypt = true\n  dynamodb_table = 'tf-locks'\n}
+- id: CLOUD-24
+  name: IaC Secrets Hardcoded
+  severity: CRITICAL
+  category: IaC
+  provider: All
+  description: Secrets hardcoded in Infrastructure as Code
+  detection_pattern: (password.*=.*['\]|secret.*=.*['\"]|api_key.*=.*['\"])"
+  fix_pattern: Use variables with secrets from vault
+  example_vuln: password = 'mysecret'
+  example_fix: password = var.db_password // From secrets manager
+- id: CLOUD-25
+  name: Missing CSPM
+  severity: HIGH
+  category: Ops
+  provider: All
+  description: No Cloud Security Posture Management in place
+  detection_pattern: (cspm|posture.*management)(?!.*enabled)
+  fix_pattern: Implement CSPM for continuous compliance monitoring
+  example_vuln: // No CSPM configured
+  example_fix: '// Enable: AWS Security Hub, Azure Defender, GCP SCC'