npm - @nockdev/awf - Versions diffs - 6.2.0 - Mend

@nockdev/awf 6.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (727) hide show

package/.agent/build.yaml +178 -0
package/.agent/config.yaml +235 -0
package/.agent/core/ACTIVE_MEMORY.yaml +344 -0
package/.agent/core/ARCH_REGISTRY.yaml +252 -0
package/.agent/core/AUDIT_POLICY.md +68 -0
package/.agent/core/BRANDING.yaml +185 -0
package/.agent/core/CACHE.md +59 -0
package/.agent/core/CHECKPOINT.yaml +153 -0
package/.agent/core/CLEANUP_ENGINE.yaml +326 -0
package/.agent/core/CODING_STYLES.yaml +346 -0
package/.agent/core/COMMANDS.md +93 -0
package/.agent/core/CONTEXT_INJECTOR.yaml +325 -0
package/.agent/core/CONTEXT_LOADER.yaml +323 -0
package/.agent/core/CONTEXT_OPTIMIZATION.yaml +286 -0
package/.agent/core/CONTEXT_PRIORITY.yaml +357 -0
package/.agent/core/CUSTOMIZE.md +138 -0
package/.agent/core/DATA_SAFETY.md +92 -0
package/.agent/core/FLOW_ENGINE.yaml +300 -0
package/.agent/core/GRAPH_MEMORY.yaml +420 -0
package/.agent/core/HSA.yaml +357 -0
package/.agent/core/HYBRID_ROUTER.yaml +346 -0
package/.agent/core/INTENT_DETECTION.yaml +384 -0
package/.agent/core/LIBRARY_REGISTRY.yaml +401 -0
package/.agent/core/MCP_TOOLS.yaml +414 -0
package/.agent/core/MEMORY_CONSOLIDATION.yaml +352 -0
package/.agent/core/MEMORY_ENGINE.yaml +353 -0
package/.agent/core/MEMORY_PATHS.yaml +79 -0
package/.agent/core/MEMORY_UTILS.yaml +212 -0
package/.agent/core/PATTERNS.yaml +319 -0
package/.agent/core/PERMISSIONS.md +100 -0
package/.agent/core/README.md +91 -0
package/.agent/core/REFLECTION_ENGINE.yaml +348 -0
package/.agent/core/ROUTER.yaml +424 -0
package/.agent/core/SCORING_FORMULA.yaml +103 -0
package/.agent/core/SEMANTIC_ENGINE.yaml +162 -0
package/.agent/core/SKILLS_FLOW.yaml +341 -0
package/.agent/core/SKILL_SCHEMA.yaml +266 -0
package/.agent/core/STATE_MACHINE.yaml +409 -0
package/.agent/core/SUMMARIZATION_ENGINE.yaml +258 -0
package/.agent/core/TEMPLATES.yaml +364 -0
package/.agent/core/TOKEN_BUDGETS.yaml +157 -0
package/.agent/core/TOKEN_LOADING.yaml +197 -0
package/.agent/core/TOKEN_SUMMARY.yaml +121 -0
package/.agent/core/VERSION.yaml +240 -0
package/.agent/core/embeddings.json +2004 -0
package/.agent/core/session_cache.json +50 -0
package/.agent/i18n/README.md +30 -0
package/.agent/i18n/en.yaml +302 -0
package/.agent/i18n/vi.yaml +302 -0
package/.agent/ide/README.md +47 -0
package/.agent/ide/amazonq.json +35 -0
package/.agent/ide/amp.json +35 -0
package/.agent/ide/antigravity.json +47 -0
package/.agent/ide/augment.json +35 -0
package/.agent/ide/claude.json +42 -0
package/.agent/ide/cline.json +34 -0
package/.agent/ide/codex.json +37 -0
package/.agent/ide/cody.json +35 -0
package/.agent/ide/continue.json +35 -0
package/.agent/ide/cursor.json +42 -0
package/.agent/ide/gemini.json +46 -0
package/.agent/ide/jetbrains.json +35 -0
package/.agent/ide/kiro.json +35 -0
package/.agent/ide/opencode.json +35 -0
package/.agent/ide/roo.json +35 -0
package/.agent/ide/tabnine.json +35 -0
package/.agent/ide/trae.json +35 -0
package/.agent/ide/vscode.json +34 -0
package/.agent/ide/windsurf.json +56 -0
package/.agent/ide/zed.json +36 -0
package/.agent/manifest.yaml +416 -0
package/.agent/memory/README.md +148 -0
package/.agent/memory/active_memories.json +35 -0
package/.agent/memory/archive/.gitkeep +0 -0
package/.agent/memory/audit_summary.json +58 -0
package/.agent/memory/cleanup_log.json +34 -0
package/.agent/memory/consolidated.md +75 -0
package/.agent/memory/core_memory/persona.json +30 -0
package/.agent/memory/core_memory/project.json +25 -0
package/.agent/memory/core_memory/rules.json +29 -0
package/.agent/memory/core_memory/user.json +24 -0
package/.agent/memory/decisions.md +40 -0
package/.agent/memory/graph/knowledge_graph.json +12 -0
package/.agent/memory/insights.md +52 -0
package/.agent/memory/metrics.json +48 -0
package/.agent/memory/patterns/errors.json +11 -0
package/.agent/memory/patterns/successes.json +10 -0
package/.agent/memory/session.md +64 -0
package/.agent/memory/session_rules.json +19 -0
package/.agent/memory/state.json +81 -0
package/.agent/memory/vectors/README.md +129 -0
package/.agent/personas/README.md +180 -0
package/.agent/personas/architect.md +186 -0
package/.agent/personas/auditor.md +222 -0
package/.agent/personas/debugger.md +210 -0
package/.agent/personas/developer.md +183 -0
package/.agent/personas/devops.md +268 -0
package/.agent/personas/documenter.md +262 -0
package/.agent/personas/orchestrator.md +240 -0
package/.agent/personas/persona.schema.yaml +209 -0
package/.agent/personas/planner.md +171 -0
package/.agent/personas/researcher.md +194 -0
package/.agent/personas/security.md +212 -0
package/.agent/personas/tester.md +247 -0
package/.agent/rules/README.md +231 -0
package/.agent/rules/SACRED_RULES.xml +142 -0
package/.agent/rules/constitutional/tier-0-core.yaml +182 -0
package/.agent/rules/constitutional/tier-1-safety.yaml +272 -0
package/.agent/rules/constitutional/tier-2-execution.yaml +294 -0
package/.agent/rules/data/build-systems.yaml +126 -0
package/.agent/rules/data/quality-standards.json +59 -0
package/.agent/rules/duplication-prevention.md +138 -0
package/.agent/rules/incremental-changes.md +146 -0
package/.agent/rules/modules/context-management.yaml +158 -0
package/.agent/rules/modules/edit-verification.yaml +197 -0
package/.agent/rules/modules/evidence.yaml +185 -0
package/.agent/rules/modules/git-workflow.yaml +165 -0
package/.agent/rules/modules/language.yaml +155 -0
package/.agent/rules/modules/online-research.yaml +192 -0
package/.agent/rules/modules/quality.yaml +185 -0
package/.agent/rules/modules/reflection.yaml +209 -0
package/.agent/rules/modules/stop-conditions.yaml +196 -0
package/.agent/rules/modules/terminal-safety.yaml +229 -0
package/.agent/rules/modules/versioning.yaml +97 -0
package/.agent/rules/modules/yagni.yaml +167 -0
package/.agent/rules/project-detection.md +317 -0
package/.agent/rules/prompt-injection-guard.md +260 -0
package/.agent/rules/shell-commands.md +210 -0
package/.agent/rules/validation-framework.md +189 -0
package/.agent/skills/DEVELOPMENT.yaml +226 -0
package/.agent/skills/README.md +69 -0
package/.agent/skills/_categories.yaml +145 -0
package/.agent/skills/_router.yaml +232 -0
package/.agent/skills/core/_index.yaml +12 -0
package/.agent/skills/core/api-design/META.yaml +64 -0
package/.agent/skills/core/api-design/SKILL.md +169 -0
package/.agent/skills/core/api-design/data/api-versioning.yaml +217 -0
package/.agent/skills/core/api-design/data/error-responses.yaml +135 -0
package/.agent/skills/core/api-design/data/graphql-patterns.yaml +165 -0
package/.agent/skills/core/api-design/data/grpc-patterns.yaml +165 -0
package/.agent/skills/core/api-design/data/http-status-codes.yaml +176 -0
package/.agent/skills/core/api-design/data/pagination.yaml +121 -0
package/.agent/skills/core/api-design/data/rate-limiting.yaml +135 -0
package/.agent/skills/core/api-design/data/rest-patterns.yaml +195 -0
package/.agent/skills/core/api-design/data/test-apis.yaml +217 -0
package/.agent/skills/core/authentication/META.yaml +73 -0
package/.agent/skills/core/authentication/SKILL.md +166 -0
package/.agent/skills/core/authentication/data/anti-patterns.yaml +135 -0
package/.agent/skills/core/authentication/data/core-patterns.yaml +256 -0
package/.agent/skills/core/authentication/data/jwt-patterns.yaml +255 -0
package/.agent/skills/core/authentication/data/language-csharp.yaml +215 -0
package/.agent/skills/core/authentication/data/language-go.yaml +215 -0
package/.agent/skills/core/authentication/data/language-java.yaml +215 -0
package/.agent/skills/core/authentication/data/language-mobile.yaml +215 -0
package/.agent/skills/core/authentication/data/language-python.yaml +215 -0
package/.agent/skills/core/authentication/data/language-rust.yaml +215 -0
package/.agent/skills/core/authentication/data/language-typescript.yaml +215 -0
package/.agent/skills/core/authentication/data/mfa-patterns.yaml +175 -0
package/.agent/skills/core/authentication/data/oauth-patterns.yaml +255 -0
package/.agent/skills/core/authentication/data/oauth.yaml +248 -0
package/.agent/skills/core/authentication/data/passkeys-webauthn.yaml +215 -0
package/.agent/skills/core/authentication/data/passkeys.yaml +208 -0
package/.agent/skills/core/authentication/data/password-patterns.yaml +175 -0
package/.agent/skills/core/authentication/data/password.yaml +168 -0
package/.agent/skills/core/authentication/data/session-patterns.yaml +215 -0
package/.agent/skills/core/error-handling/META.yaml +71 -0
package/.agent/skills/core/error-handling/SKILL.md +156 -0
package/.agent/skills/core/error-handling/data/anti-patterns.yaml +105 -0
package/.agent/skills/core/error-handling/data/api-error-patterns.yaml +135 -0
package/.agent/skills/core/error-handling/data/core-patterns.yaml +226 -0
package/.agent/skills/core/error-handling/data/error-codes.yaml +165 -0
package/.agent/skills/core/error-handling/data/error-messages.yaml +165 -0
package/.agent/skills/core/error-handling/data/language-c-cpp.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-go-rust.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-python-java.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-swift-kotlin.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-typescript-php-ruby.yaml +226 -0
package/.agent/skills/core/error-handling/data/resilience-patterns.yaml +191 -0
package/.agent/skills/core/error-handling/data/ui-error-patterns.yaml +135 -0
package/.agent/skills/core/logging/META.yaml +73 -0
package/.agent/skills/core/logging/SKILL.md +184 -0
package/.agent/skills/core/logging/data/aggregation-patterns.yaml +191 -0
package/.agent/skills/core/logging/data/anti-patterns.yaml +121 -0
package/.agent/skills/core/logging/data/core-patterns.yaml +226 -0
package/.agent/skills/core/logging/data/language-csharp.yaml +191 -0
package/.agent/skills/core/logging/data/language-go.yaml +191 -0
package/.agent/skills/core/logging/data/language-java.yaml +191 -0
package/.agent/skills/core/logging/data/language-kotlin.yaml +156 -0
package/.agent/skills/core/logging/data/language-others.yaml +184 -0
package/.agent/skills/core/logging/data/language-python.yaml +191 -0
package/.agent/skills/core/logging/data/language-rust.yaml +191 -0
package/.agent/skills/core/logging/data/language-swift.yaml +156 -0
package/.agent/skills/core/logging/data/language-typescript.yaml +191 -0
package/.agent/skills/core/logging/data/otel-logging.yaml +156 -0
package/.agent/skills/core/observability/META.yaml +76 -0
package/.agent/skills/core/observability/SKILL.md +153 -0
package/.agent/skills/core/observability/data/alerting-patterns.yaml +165 -0
package/.agent/skills/core/observability/data/anti-patterns.yaml +105 -0
package/.agent/skills/core/observability/data/core-patterns.yaml +195 -0
package/.agent/skills/core/observability/data/language-cpp.yaml +165 -0
package/.agent/skills/core/observability/data/language-csharp.yaml +165 -0
package/.agent/skills/core/observability/data/language-go.yaml +165 -0
package/.agent/skills/core/observability/data/language-java.yaml +165 -0
package/.agent/skills/core/observability/data/language-others.yaml +255 -0
package/.agent/skills/core/observability/data/language-python.yaml +165 -0
package/.agent/skills/core/observability/data/language-rust.yaml +165 -0
package/.agent/skills/core/observability/data/language-typescript.yaml +165 -0
package/.agent/skills/core/observability/data/metrics-patterns.yaml +135 -0
package/.agent/skills/core/observability/data/metrics-prometheus.yaml +165 -0
package/.agent/skills/core/observability/data/otel-core.yaml +195 -0
package/.agent/skills/core/observability/data/profiling-patterns.yaml +135 -0
package/.agent/skills/core/observability/data/tracing-patterns.yaml +165 -0
package/.agent/skills/core/observability/data/tracing-tools.yaml +135 -0
package/.agent/skills/core/security/ADVANCED.md +269 -0
package/.agent/skills/core/security/META.yaml +97 -0
package/.agent/skills/core/security/SKILL.md +234 -0
package/.agent/skills/core/security/data/ai-ml-security.yaml +261 -0
package/.agent/skills/core/security/data/api-security.yaml +230 -0
package/.agent/skills/core/security/data/auth-patterns.yaml +195 -0
package/.agent/skills/core/security/data/binary-exploitation.yaml +339 -0
package/.agent/skills/core/security/data/cloud-security.yaml +269 -0
package/.agent/skills/core/security/data/cwe-top25.yaml +415 -0
package/.agent/skills/core/security/data/language-specific/c-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/cpp-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/csharp-security.yaml +219 -0
package/.agent/skills/core/security/data/language-specific/go-security.yaml +219 -0
package/.agent/skills/core/security/data/language-specific/java-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/kotlin-security.yaml +198 -0
package/.agent/skills/core/security/data/language-specific/php-security.yaml +219 -0
package/.agent/skills/core/security/data/language-specific/python-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/ruby-security.yaml +198 -0
package/.agent/skills/core/security/data/language-specific/rust-security.yaml +240 -0
package/.agent/skills/core/security/data/language-specific/solidity-security.yaml +369 -0
package/.agent/skills/core/security/data/language-specific/swift-security.yaml +198 -0
package/.agent/skills/core/security/data/language-specific/typescript-security.yaml +295 -0
package/.agent/skills/core/security/data/mobile-security.yaml +369 -0
package/.agent/skills/core/security/data/network-security.yaml +297 -0
package/.agent/skills/core/security/data/owasp-top10.yaml +171 -0
package/.agent/skills/core/security/data/reverse-engineering.yaml +497 -0
package/.agent/skills/core/security/data/supply-chain.yaml +219 -0
package/.agent/skills/cross-cutting/_index.yaml +15 -0
package/.agent/skills/cross-cutting/audit-pro/META.yaml +43 -0
package/.agent/skills/cross-cutting/audit-pro/data/checklists.yaml +644 -0
package/.agent/skills/cross-cutting/audit-pro/data/scoring.yaml +101 -0
package/.agent/skills/cross-cutting/aws/META.yaml +75 -0
package/.agent/skills/cross-cutting/aws/data/ai_ml.yaml +194 -0
package/.agent/skills/cross-cutting/aws/data/compute.yaml +191 -0
package/.agent/skills/cross-cutting/aws/data/kubernetes.yaml +199 -0
package/.agent/skills/cross-cutting/aws/data/storage.yaml +174 -0
package/.agent/skills/cross-cutting/bun/META.yaml +58 -0
package/.agent/skills/cross-cutting/bun/SKILL.md +357 -0
package/.agent/skills/cross-cutting/bun/data/database.yaml +85 -0
package/.agent/skills/cross-cutting/bun/data/runtime.yaml +170 -0
package/.agent/skills/cross-cutting/bun/data/tooling.yaml +192 -0
package/.agent/skills/cross-cutting/ci-cd/META.yaml +60 -0
package/.agent/skills/cross-cutting/ci-cd/data/github_actions.yaml +248 -0
package/.agent/skills/cross-cutting/ci-cd/data/security.yaml +211 -0
package/.agent/skills/cross-cutting/coding-rules/META.yaml +61 -0
package/.agent/skills/cross-cutting/coding-rules/SKILL.md +171 -0
package/.agent/skills/cross-cutting/coding-rules/data/architecture-patterns.yaml +96 -0
package/.agent/skills/cross-cutting/coding-rules/data/build-systems.yaml +346 -0
package/.agent/skills/cross-cutting/coding-rules/data/coding-rules.yaml +647 -0
package/.agent/skills/cross-cutting/coding-rules/data/concurrency-patterns.yaml +108 -0
package/.agent/skills/cross-cutting/coding-rules/data/design-patterns.yaml +260 -0
package/.agent/skills/cross-cutting/coding-rules/data/framework-signatures.yaml +344 -0
package/.agent/skills/cross-cutting/coding-rules/data/memory-management.yaml +108 -0
package/.agent/skills/cross-cutting/coding-rules/data/naming-conventions.yaml +320 -0
package/.agent/skills/cross-cutting/coding-rules/data/performance-benchmarks.yaml +164 -0
package/.agent/skills/cross-cutting/coding-rules/data/solid-principles.yaml +80 -0
package/.agent/skills/cross-cutting/coding-rules/data/test-frameworks.yaml +183 -0
package/.agent/skills/cross-cutting/database/ADVANCED.md +465 -0
package/.agent/skills/cross-cutting/database/META.yaml +22 -0
package/.agent/skills/cross-cutting/database/SKILL.md +816 -0
package/.agent/skills/cross-cutting/database/data/anti_patterns.yaml +116 -0
package/.agent/skills/cross-cutting/database/data/distributed.yaml +152 -0
package/.agent/skills/cross-cutting/database/data/mongodb.yaml +132 -0
package/.agent/skills/cross-cutting/database/data/mysql.yaml +130 -0
package/.agent/skills/cross-cutting/database/data/orm.yaml +104 -0
package/.agent/skills/cross-cutting/database/data/postgresql.yaml +170 -0
package/.agent/skills/cross-cutting/database/data/redis.yaml +129 -0
package/.agent/skills/cross-cutting/deno/META.yaml +68 -0
package/.agent/skills/cross-cutting/deno/SKILL.md +343 -0
package/.agent/skills/cross-cutting/deno/data/runtime.yaml +260 -0
package/.agent/skills/cross-cutting/deno/data/security.yaml +168 -0
package/.agent/skills/cross-cutting/deno/data/tooling.yaml +133 -0
package/.agent/skills/cross-cutting/docker/META.yaml +65 -0
package/.agent/skills/cross-cutting/docker/data/build.yaml +197 -0
package/.agent/skills/cross-cutting/docker/data/compose.yaml +229 -0
package/.agent/skills/cross-cutting/docker/data/security.yaml +164 -0
package/.agent/skills/cross-cutting/electron/META.yaml +174 -0
package/.agent/skills/cross-cutting/electron/SKILL.md +862 -0
package/.agent/skills/cross-cutting/electron/data/build.yaml +105 -0
package/.agent/skills/cross-cutting/electron/data/crash.yaml +103 -0
package/.agent/skills/cross-cutting/electron/data/ipc.yaml +85 -0
package/.agent/skills/cross-cutting/electron/data/native.yaml +157 -0
package/.agent/skills/cross-cutting/electron/data/security.yaml +89 -0
package/.agent/skills/cross-cutting/electron/data/storage.yaml +100 -0
package/.agent/skills/cross-cutting/electron/data/testing.yaml +103 -0
package/.agent/skills/cross-cutting/electron/data/updates.yaml +99 -0
package/.agent/skills/cross-cutting/electron/data/window.yaml +83 -0
package/.agent/skills/cross-cutting/kubernetes/META.yaml +70 -0
package/.agent/skills/cross-cutting/kubernetes/data/networking.yaml +270 -0
package/.agent/skills/cross-cutting/kubernetes/data/scheduling.yaml +267 -0
package/.agent/skills/cross-cutting/kubernetes/data/security.yaml +253 -0
package/.agent/skills/cross-cutting/kubernetes/data/workloads.yaml +251 -0
package/.agent/skills/cross-cutting/sql/META.yaml +88 -0
package/.agent/skills/cross-cutting/sql/SKILL.md +296 -0
package/.agent/skills/cross-cutting/sql/data/indexing.yaml +147 -0
package/.agent/skills/cross-cutting/sql/data/json.yaml +156 -0
package/.agent/skills/cross-cutting/sql/data/performance.yaml +204 -0
package/.agent/skills/cross-cutting/sql/data/queries.yaml +150 -0
package/.agent/skills/cross-cutting/tailwind/META.yaml +72 -0
package/.agent/skills/cross-cutting/tailwind/SKILL.md +344 -0
package/.agent/skills/cross-cutting/tailwind/data/build.yaml +143 -0
package/.agent/skills/cross-cutting/tailwind/data/config.yaml +109 -0
package/.agent/skills/cross-cutting/tailwind/data/migration.yaml +149 -0
package/.agent/skills/cross-cutting/tailwind/data/responsive.yaml +148 -0
package/.agent/skills/cross-cutting/tailwind/data/states.yaml +152 -0
package/.agent/skills/cross-cutting/tailwind/data/theme.yaml +126 -0
package/.agent/skills/cross-cutting/tailwind/data/utilities.yaml +182 -0
package/.agent/skills/cross-cutting/tailwind/data/variants.yaml +154 -0
package/.agent/skills/cross-cutting/testing/ADVANCED.md +245 -0
package/.agent/skills/cross-cutting/testing/META.yaml +49 -0
package/.agent/skills/cross-cutting/testing/SKILL.md +263 -0
package/.agent/skills/cross-cutting/testing/data/frameworks.yaml +300 -0
package/.agent/skills/cross-cutting/testing/data/patterns.yaml +168 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/META.yaml +108 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/SKILL.md +565 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/charts.yaml +331 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/colors.yaml +1226 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/component-decision.yaml +287 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/component-mapping.yaml +318 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/design-tokens.yaml +525 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-animation.yaml +232 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-architecture.yaml +140 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-colors.yaml +467 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/directory-structure.yaml +75 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/icons.yaml +918 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/implementation-strategy.yaml +107 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/landing.yaml +372 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/platform-frameworks.yaml +195 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/platform-guidelines.yaml +177 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/products.yaml +1339 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/prompts.yaml +180 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/react-performance.yaml +504 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/desktop.yaml +228 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/flutter.yaml +508 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/html-tailwind.yaml +543 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nextjs.yaml +515 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nuxt-ui.yaml +519 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nuxtjs.yaml +599 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/react-native.yaml +496 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/react.yaml +526 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/shadcn.yaml +616 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/svelte.yaml +520 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/swiftui.yaml +486 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/vue.yaml +485 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/styles.yaml +1473 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/typography.yaml +647 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/ui-reasoning.yaml +1019 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/ux-guidelines.yaml +1009 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/web-interface.yaml +347 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/core.cpython-310.pyc +0 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/core.cpython-314.pyc +0 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/design_system.cpython-314.pyc +0 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/core.py +393 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/core_legacy.py +303 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/design_system.py +496 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/search.py +76 -0
package/.agent/skills/cross-cutting/web-perf/META.yaml +92 -0
package/.agent/skills/cross-cutting/web-perf/SKILL.md +181 -0
package/.agent/skills/cross-cutting/web-perf/data/cls_optimization.yaml +189 -0
package/.agent/skills/cross-cutting/web-perf/data/core_web_vitals.yaml +282 -0
package/.agent/skills/cross-cutting/web-perf/data/inp_optimization.yaml +240 -0
package/.agent/skills/cross-cutting/web-perf/data/lcp_optimization.yaml +202 -0
package/.agent/skills/cross-cutting/web-perf/data/measurement.yaml +170 -0
package/.agent/skills/devops/_index.yaml +9 -0
package/.agent/skills/devops/aws/ADVANCED.md +547 -0
package/.agent/skills/devops/aws/META.yaml +84 -0
package/.agent/skills/devops/aws/SKILL.md +711 -0
package/.agent/skills/devops/ci-cd/ADVANCED.md +529 -0
package/.agent/skills/devops/ci-cd/META.yaml +21 -0
package/.agent/skills/devops/ci-cd/SKILL.md +821 -0
package/.agent/skills/devops/docker/ADVANCED.md +495 -0
package/.agent/skills/devops/docker/META.yaml +20 -0
package/.agent/skills/devops/docker/SKILL.md +653 -0
package/.agent/skills/devops/kubernetes/ADVANCED.md +252 -0
package/.agent/skills/devops/kubernetes/META.yaml +15 -0
package/.agent/skills/devops/kubernetes/SKILL.md +621 -0
package/.agent/skills/frameworks/_index.yaml +13 -0
package/.agent/skills/frameworks/angular/META.yaml +70 -0
package/.agent/skills/frameworks/angular/SKILL.md +319 -0
package/.agent/skills/frameworks/angular/data/core.yaml +209 -0
package/.agent/skills/frameworks/angular/data/performance.yaml +210 -0
package/.agent/skills/frameworks/angular/data/server.yaml +175 -0
package/.agent/skills/frameworks/flutter/ADVANCED.md +491 -0
package/.agent/skills/frameworks/flutter/META.yaml +64 -0
package/.agent/skills/frameworks/flutter/SKILL.md +541 -0
package/.agent/skills/frameworks/flutter/data/core.yaml +210 -0
package/.agent/skills/frameworks/flutter/data/platform.yaml +246 -0
package/.agent/skills/frameworks/flutter/data/state.yaml +250 -0
package/.agent/skills/frameworks/nextjs/ADVANCED.md +225 -0
package/.agent/skills/frameworks/nextjs/META.yaml +67 -0
package/.agent/skills/frameworks/nextjs/SKILL.md +593 -0
package/.agent/skills/frameworks/nextjs/data/caching.yaml +210 -0
package/.agent/skills/frameworks/nextjs/data/core.yaml +255 -0
package/.agent/skills/frameworks/nextjs/data/server.yaml +248 -0
package/.agent/skills/frameworks/nuxt/META.yaml +57 -0
package/.agent/skills/frameworks/nuxt/SKILL.md +283 -0
package/.agent/skills/frameworks/nuxt/data/core.yaml +309 -0
package/.agent/skills/frameworks/nuxt/data/server.yaml +271 -0
package/.agent/skills/frameworks/react/ADVANCED.md +676 -0
package/.agent/skills/frameworks/react/META.yaml +60 -0
package/.agent/skills/frameworks/react/SKILL.md +263 -0
package/.agent/skills/frameworks/react/data/core.yaml +278 -0
package/.agent/skills/frameworks/react/data/server.yaml +283 -0
package/.agent/skills/frameworks/react-native/META.yaml +59 -0
package/.agent/skills/frameworks/react-native/SKILL.md +301 -0
package/.agent/skills/frameworks/react-native/data/core.yaml +260 -0
package/.agent/skills/frameworks/react-native/data/platform.yaml +287 -0
package/.agent/skills/frameworks/svelte/META.yaml +62 -0
package/.agent/skills/frameworks/svelte/SKILL.md +398 -0
package/.agent/skills/frameworks/svelte/data/runes.yaml +239 -0
package/.agent/skills/frameworks/svelte/data/sveltekit.yaml +244 -0
package/.agent/skills/frameworks/vue/ADVANCED.md +214 -0
package/.agent/skills/frameworks/vue/META.yaml +58 -0
package/.agent/skills/frameworks/vue/SKILL.md +356 -0
package/.agent/skills/frameworks/vue/data/advanced.yaml +253 -0
package/.agent/skills/frameworks/vue/data/core.yaml +270 -0
package/.agent/skills/index.json +143 -0
package/.agent/skills/languages/_index.yaml +33 -0
package/.agent/skills/languages/asm/ADVANCED.md +750 -0
package/.agent/skills/languages/asm/META.yaml +84 -0
package/.agent/skills/languages/asm/SKILL.md +753 -0
package/.agent/skills/languages/asm/data/advanced.yaml +295 -0
package/.agent/skills/languages/asm/data/core.yaml +280 -0
package/.agent/skills/languages/c/ADVANCED.md +625 -0
package/.agent/skills/languages/c/META.yaml +58 -0
package/.agent/skills/languages/c/SKILL.md +748 -0
package/.agent/skills/languages/c/data/core.yaml +179 -0
package/.agent/skills/languages/c/data/embedded.yaml +251 -0
package/.agent/skills/languages/c/data/memory.yaml +253 -0
package/.agent/skills/languages/clojure/META.yaml +13 -0
package/.agent/skills/languages/clojure/SKILL.md +130 -0
package/.agent/skills/languages/clojure/data/core.yaml +326 -0
package/.agent/skills/languages/cpp/ADVANCED.md +457 -0
package/.agent/skills/languages/cpp/META.yaml +61 -0
package/.agent/skills/languages/cpp/SKILL.md +936 -0
package/.agent/skills/languages/cpp/data/core.yaml +304 -0
package/.agent/skills/languages/cpp/data/memory.yaml +247 -0
package/.agent/skills/languages/cpp/data/modern.yaml +334 -0
package/.agent/skills/languages/crystal/META.yaml +30 -0
package/.agent/skills/languages/crystal/SKILL.md +117 -0
package/.agent/skills/languages/crystal/data/async.yaml +264 -0
package/.agent/skills/languages/crystal/data/core.yaml +279 -0
package/.agent/skills/languages/csharp/ADVANCED.md +592 -0
package/.agent/skills/languages/csharp/META.yaml +23 -0
package/.agent/skills/languages/csharp/SKILL.md +620 -0
package/.agent/skills/languages/csharp/data/aspnet.yaml +448 -0
package/.agent/skills/languages/csharp/data/core.yaml +362 -0
package/.agent/skills/languages/elixir/META.yaml +18 -0
package/.agent/skills/languages/elixir/SKILL.md +368 -0
package/.agent/skills/languages/elixir/data/core.yaml +392 -0
package/.agent/skills/languages/fsharp/META.yaml +14 -0
package/.agent/skills/languages/fsharp/SKILL.md +113 -0
package/.agent/skills/languages/fsharp/data/core.yaml +396 -0
package/.agent/skills/languages/go/ADVANCED.md +260 -0
package/.agent/skills/languages/go/META.yaml +64 -0
package/.agent/skills/languages/go/SKILL.md +489 -0
package/.agent/skills/languages/go/data/concurrency.yaml +424 -0
package/.agent/skills/languages/go/data/core.yaml +399 -0
package/.agent/skills/languages/go/data/http.yaml +507 -0
package/.agent/skills/languages/haskell/META.yaml +18 -0
package/.agent/skills/languages/haskell/SKILL.md +305 -0
package/.agent/skills/languages/haskell/data/core.yaml +347 -0
package/.agent/skills/languages/java/ADVANCED.md +450 -0
package/.agent/skills/languages/java/META.yaml +89 -0
package/.agent/skills/languages/java/SKILL.md +495 -0
package/.agent/skills/languages/java/data/core.yaml +307 -0
package/.agent/skills/languages/java/data/spring.yaml +437 -0
package/.agent/skills/languages/javascript/ADVANCED.md +530 -0
package/.agent/skills/languages/javascript/META.yaml +105 -0
package/.agent/skills/languages/javascript/SKILL.md +455 -0
package/.agent/skills/languages/javascript/data/async.yaml +290 -0
package/.agent/skills/languages/javascript/data/core.yaml +380 -0
package/.agent/skills/languages/javascript/data/modern.yaml +269 -0
package/.agent/skills/languages/julia/META.yaml +13 -0
package/.agent/skills/languages/julia/SKILL.md +174 -0
package/.agent/skills/languages/julia/data/core.yaml +356 -0
package/.agent/skills/languages/kotlin/ADVANCED.md +539 -0
package/.agent/skills/languages/kotlin/META.yaml +24 -0
package/.agent/skills/languages/kotlin/SKILL.md +525 -0
package/.agent/skills/languages/kotlin/data/android.yaml +495 -0
package/.agent/skills/languages/kotlin/data/core.yaml +366 -0
package/.agent/skills/languages/lua/ADVANCED.md +257 -0
package/.agent/skills/languages/lua/META.yaml +58 -0
package/.agent/skills/languages/lua/SKILL.md +492 -0
package/.agent/skills/languages/lua/data/core.yaml +264 -0
package/.agent/skills/languages/lua/data/embedding.yaml +300 -0
package/.agent/skills/languages/nim/META.yaml +30 -0
package/.agent/skills/languages/nim/SKILL.md +116 -0
package/.agent/skills/languages/nim/data/async.yaml +257 -0
package/.agent/skills/languages/nim/data/core.yaml +241 -0
package/.agent/skills/languages/ocaml/META.yaml +13 -0
package/.agent/skills/languages/ocaml/SKILL.md +123 -0
package/.agent/skills/languages/ocaml/data/core.yaml +357 -0
package/.agent/skills/languages/perl/META.yaml +13 -0
package/.agent/skills/languages/perl/SKILL.md +115 -0
package/.agent/skills/languages/perl/data/core.yaml +360 -0
package/.agent/skills/languages/php/ADVANCED.md +199 -0
package/.agent/skills/languages/php/META.yaml +18 -0
package/.agent/skills/languages/php/SKILL.md +488 -0
package/.agent/skills/languages/php/data/core.yaml +392 -0
package/.agent/skills/languages/php/data/laravel.yaml +525 -0
package/.agent/skills/languages/python/ADVANCED.md +207 -0
package/.agent/skills/languages/python/META.yaml +91 -0
package/.agent/skills/languages/python/SKILL.md +495 -0
package/.agent/skills/languages/python/data/async.yaml +265 -0
package/.agent/skills/languages/python/data/core.yaml +259 -0
package/.agent/skills/languages/python/data/fastapi.yaml +296 -0
package/.agent/skills/languages/python/data/testing.yaml +226 -0
package/.agent/skills/languages/r/META.yaml +16 -0
package/.agent/skills/languages/r/SKILL.md +348 -0
package/.agent/skills/languages/r/data/core.yaml +355 -0
package/.agent/skills/languages/ruby/ADVANCED.md +381 -0
package/.agent/skills/languages/ruby/META.yaml +19 -0
package/.agent/skills/languages/ruby/SKILL.md +417 -0
package/.agent/skills/languages/ruby/data/core.yaml +448 -0
package/.agent/skills/languages/ruby/data/rails.yaml +415 -0
package/.agent/skills/languages/rust/ADVANCED.md +212 -0
package/.agent/skills/languages/rust/META.yaml +87 -0
package/.agent/skills/languages/rust/SKILL.md +377 -0
package/.agent/skills/languages/rust/data/async.yaml +404 -0
package/.agent/skills/languages/rust/data/axum.yaml +450 -0
package/.agent/skills/languages/rust/data/core.yaml +356 -0
package/.agent/skills/languages/scala/META.yaml +17 -0
package/.agent/skills/languages/scala/SKILL.md +202 -0
package/.agent/skills/languages/scala/data/core.yaml +349 -0
package/.agent/skills/languages/solidity/META.yaml +13 -0
package/.agent/skills/languages/solidity/SKILL.md +188 -0
package/.agent/skills/languages/solidity/data/core.yaml +528 -0
package/.agent/skills/languages/swift/ADVANCED.md +231 -0
package/.agent/skills/languages/swift/META.yaml +18 -0
package/.agent/skills/languages/swift/SKILL.md +342 -0
package/.agent/skills/languages/swift/data/core.yaml +489 -0
package/.agent/skills/languages/typescript/ADVANCED.md +186 -0
package/.agent/skills/languages/typescript/META.yaml +92 -0
package/.agent/skills/languages/typescript/SKILL.md +306 -0
package/.agent/skills/languages/typescript/data/async.yaml +397 -0
package/.agent/skills/languages/typescript/data/core.yaml +283 -0
package/.agent/skills/languages/typescript/data/validation.yaml +338 -0
package/.agent/skills/languages/zig/META.yaml +52 -0
package/.agent/skills/languages/zig/SKILL.md +354 -0
package/.agent/skills/languages/zig/data/async.yaml +314 -0
package/.agent/skills/languages/zig/data/core.yaml +302 -0
package/.agent/templates/README.md +42 -0
package/.agent/templates/audit-report.md +153 -0
package/.agent/templates/chains/debug/step1-reproduce.md +83 -0
package/.agent/templates/chains/debug/step2-isolate.md +73 -0
package/.agent/templates/chains/debug/step3-analyze.md +86 -0
package/.agent/templates/chains/debug/step4-fix.md +85 -0
package/.agent/templates/chains/debug/step5-verify.md +122 -0
package/.agent/templates/chains/implement/step1-plan.md +88 -0
package/.agent/templates/chains/implement/step2-code.md +87 -0
package/.agent/templates/chains/implement/step3-test.md +87 -0
package/.agent/templates/chains/implement/step4-doc.md +118 -0
package/.agent/templates/chains/review/step1-understand.md +74 -0
package/.agent/templates/chains/review/step2-analyze.md +110 -0
package/.agent/templates/chains/review/step3-fix.md +93 -0
package/.agent/templates/chains/review/step4-summary.md +104 -0
package/.agent/templates/debug-report.md +50 -0
package/.agent/templates/deploy-plan.md +54 -0
package/.agent/templates/doc-template.md +57 -0
package/.agent/templates/findings.md +122 -0
package/.agent/templates/index.yaml +239 -0
package/.agent/templates/migrate-plan.md +50 -0
package/.agent/templates/phase-template.md +72 -0
package/.agent/templates/project-plan.md +87 -0
package/.agent/templates/prompts/context_block.md +114 -0
package/.agent/templates/prompts/guardrails_block.md +116 -0
package/.agent/templates/prompts/persona_base.md +155 -0
package/.agent/templates/prompts/tools_block.md +137 -0
package/.agent/templates/reflection/critic.md +110 -0
package/.agent/templates/reflection/error_analysis.md +149 -0
package/.agent/templates/reflection/success_analysis.md +174 -0
package/.agent/templates/task-list.md +144 -0
package/.agent/templates/tasks/audit.yaml +146 -0
package/.agent/templates/tasks/bug_fix.yaml +121 -0
package/.agent/templates/tasks/code_implementation.yaml +110 -0
package/.agent/templates/tasks/refactor.yaml +157 -0
package/.agent/templates/test-report.md +52 -0
package/.agent/workflows/ap.md +135 -0
package/.agent/workflows/code.md +130 -0
package/.agent/workflows/debug.md +230 -0
package/.agent/workflows/deploy.md +192 -0
package/.agent/workflows/dev.md +137 -0
package/.agent/workflows/doc.md +124 -0
package/.agent/workflows/env.md +98 -0
package/.agent/workflows/fix.md +76 -0
package/.agent/workflows/generate.md +28 -0
package/.agent/workflows/git.md +97 -0
package/.agent/workflows/help.md +75 -0
package/.agent/workflows/init.md +148 -0
package/.agent/workflows/migrate.md +135 -0
package/.agent/workflows/monitor.md +133 -0
package/.agent/workflows/onboard.md +144 -0
package/.agent/workflows/orchestrate.md +117 -0
package/.agent/workflows/perf.md +106 -0
package/.agent/workflows/plan.md +106 -0
package/.agent/workflows/recap.md +101 -0
package/.agent/workflows/refactor.md +161 -0
package/.agent/workflows/revert.md +99 -0
package/.agent/workflows/review.md +106 -0
package/.agent/workflows/scaffold.md +119 -0
package/.agent/workflows/security.md +186 -0
package/.agent/workflows/status.md +103 -0
package/.agent/workflows/test.md +157 -0
package/.agent/workflows/think.md +126 -0
package/.agent/workflows/upgrade.md +109 -0
package/.agent/workflows/visualize.md +295 -0
package/.agent/workflows/workflow.md +196 -0
package/README.md +64 -0
package/dist/commands/add.d.ts +2 -0
package/dist/commands/add.d.ts.map +1 -0
package/dist/commands/add.js +70 -0
package/dist/commands/add.js.map +1 -0
package/dist/commands/config.d.ts +4 -0
package/dist/commands/config.d.ts.map +1 -0
package/dist/commands/config.js +152 -0
package/dist/commands/config.js.map +1 -0
package/dist/commands/doctor.d.ts +4 -0
package/dist/commands/doctor.d.ts.map +1 -0
package/dist/commands/doctor.js +98 -0
package/dist/commands/doctor.js.map +1 -0
package/dist/commands/hsa.d.ts +4 -0
package/dist/commands/hsa.d.ts.map +1 -0
package/dist/commands/hsa.js +194 -0
package/dist/commands/hsa.js.map +1 -0
package/dist/commands/info.d.ts +2 -0
package/dist/commands/info.d.ts.map +1 -0
package/dist/commands/info.js +149 -0
package/dist/commands/info.js.map +1 -0
package/dist/commands/init.d.ts +4 -0
package/dist/commands/init.d.ts.map +1 -0
package/dist/commands/init.js +262 -0
package/dist/commands/init.js.map +1 -0
package/dist/commands/install-core.d.ts +4 -0
package/dist/commands/install-core.d.ts.map +1 -0
package/dist/commands/install-core.js +85 -0
package/dist/commands/install-core.js.map +1 -0
package/dist/commands/install-helpers.d.ts +27 -0
package/dist/commands/install-helpers.d.ts.map +1 -0
package/dist/commands/install-helpers.js +125 -0
package/dist/commands/install-helpers.js.map +1 -0
package/dist/commands/install-hsa.d.ts +18 -0
package/dist/commands/install-hsa.d.ts.map +1 -0
package/dist/commands/install-hsa.js +61 -0
package/dist/commands/install-hsa.js.map +1 -0
package/dist/commands/install.d.ts +4 -0
package/dist/commands/install.d.ts.map +1 -0
package/dist/commands/install.js +310 -0
package/dist/commands/install.js.map +1 -0
package/dist/commands/list.d.ts +4 -0
package/dist/commands/list.d.ts.map +1 -0
package/dist/commands/list.js +91 -0
package/dist/commands/list.js.map +1 -0
package/dist/commands/mcp-registry.d.ts +48 -0
package/dist/commands/mcp-registry.d.ts.map +1 -0
package/dist/commands/mcp-registry.js +246 -0
package/dist/commands/mcp-registry.js.map +1 -0
package/dist/commands/mcp-writers.d.ts +20 -0
package/dist/commands/mcp-writers.d.ts.map +1 -0
package/dist/commands/mcp-writers.js +144 -0
package/dist/commands/mcp-writers.js.map +1 -0
package/dist/commands/mcp.d.ts +10 -0
package/dist/commands/mcp.d.ts.map +1 -0
package/dist/commands/mcp.js +319 -0
package/dist/commands/mcp.js.map +1 -0
package/dist/commands/update.d.ts +4 -0
package/dist/commands/update.d.ts.map +1 -0
package/dist/commands/update.js +79 -0
package/dist/commands/update.js.map +1 -0
package/dist/constants/cursor-globs.d.ts +17 -0
package/dist/constants/cursor-globs.d.ts.map +1 -0
package/dist/constants/cursor-globs.js +62 -0
package/dist/constants/cursor-globs.js.map +1 -0
package/dist/constants/ide-install-specs.d.ts +36 -0
package/dist/constants/ide-install-specs.d.ts.map +1 -0
package/dist/constants/ide-install-specs.js +870 -0
package/dist/constants/ide-install-specs.js.map +1 -0
package/dist/constants/ides.d.ts +105 -0
package/dist/constants/ides.d.ts.map +1 -0
package/dist/constants/ides.js +412 -0
package/dist/constants/ides.js.map +1 -0
package/dist/constants/skills.d.ts +40 -0
package/dist/constants/skills.d.ts.map +1 -0
package/dist/constants/skills.js +78 -0
package/dist/constants/skills.js.map +1 -0
package/dist/constants.d.ts +39 -0
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +75 -0
package/dist/constants.js.map +1 -0
package/dist/index.d.ts +8 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +122 -0
package/dist/index.js.map +1 -0
package/dist/types/flags.d.ts +47 -0
package/dist/types/flags.d.ts.map +1 -0
package/dist/types/flags.js +4 -0
package/dist/types/flags.js.map +1 -0
package/dist/types/ide-install.d.ts +175 -0
package/dist/types/ide-install.d.ts.map +1 -0
package/dist/types/ide-install.js +29 -0
package/dist/types/ide-install.js.map +1 -0
package/dist/utils/copy-helpers.d.ts +60 -0
package/dist/utils/copy-helpers.d.ts.map +1 -0
package/dist/utils/copy-helpers.js +617 -0
package/dist/utils/copy-helpers.js.map +1 -0
package/dist/utils/index.d.ts +3 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +5 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/validation.d.ts +29 -0
package/dist/utils/validation.d.ts.map +1 -0
package/dist/utils/validation.js +211 -0
package/dist/utils/validation.js.map +1 -0
package/package.json +64 -0

package/.agent/skills/core/security/data/language-specific/go-security.yaml ADDED Viewed

@@ -0,0 +1,219 @@
+metadata:
+  skill: security
+  domain: go_security
+  version: 6.2.0
+  updated: '2026-02-05'
+  migrated_from: go-security.csv
+  patterns_count: 20
+  columns:
+  - id
+  - name
+  - severity
+  - category
+  - description
+  - detection_pattern
+  - fix_pattern
+  - cwe
+  - example_vuln
+  - example_fix
+patterns:
+- id: GO-01
+  name: Unchecked Error Return
+  severity: HIGH
+  category: Error
+  description: Error return value ignored allowing silent failures
+  detection_pattern: err\\s*:?=.*\\n(?!.*if\\s+err|.*err\\s*!=)
+  fix_pattern: Always check error returns handle or propagate
+  cwe: CWE-252
+  example_vuln: result, _ := doSomething()
+  example_fix: result, err := doSomething()\nif err != nil { return err }
+- id: GO-02
+  name: Race Condition
+  severity: CRITICAL
+  category: Concurrency
+  description: Concurrent map access or shared state without sync
+  detection_pattern: (map\\[.*\\].*go\\s+func|go\\s+func.*map\\[)(?!.*sync|mutex|atomic)
+  fix_pattern: Use sync.Mutex sync.Map or channels for shared state
+  cwe: CWE-362
+  example_vuln: var cache map[string]int\ngo func() { cache['key'] = val }()
+  example_fix: var mu sync.Mutex\nmu.Lock()\ncache['key'] = val\nmu.Unlock()
+- id: GO-03
+  name: Command Injection
+  severity: CRITICAL
+  category: Injection
+  description: User input used in exec.Command without sanitization
+  detection_pattern: exec\\.Command\\(.*\\+|fmt\\.Sprintf.*exec\\.Command
+  fix_pattern: Use argument arrays never shell strings validate input
+  cwe: CWE-78
+  example_vuln: exec.Command('sh', '-c', 'echo ' + userInput)
+  example_fix: exec.Command('echo', userInput) // No shell
+- id: GO-04
+  name: Path Traversal
+  severity: HIGH
+  category: File
+  description: User input in filepath.Join without sanitization
+  detection_pattern: filepath\\.Join.*req\\.|os\\.Open.*\\+|ioutil\\.ReadFile.*\\+
+  fix_pattern: Use filepath.Clean validate path is within allowed dir
+  cwe: CWE-22
+  example_vuln: filepath.Join(baseDir, req.URL.Query().Get('file'))
+  example_fix: clean := filepath.Clean(userPath)\nif !strings.HasPrefix(clean, baseDir) { return err }
+- id: GO-05
+  name: SQL Injection
+  severity: CRITICAL
+  category: Injection
+  description: String concatenation in SQL queries
+  detection_pattern: (db\\.Query|db\\.Exec)\\(.*\\+|fmt\\.Sprintf.*Query
+  fix_pattern: Use parameterized queries with db.Query(query args...)
+  cwe: CWE-89
+  example_vuln: db.Query('SELECT * FROM users WHERE id = ' + id)
+  example_fix: db.Query('SELECT * FROM users WHERE id = ?', id)
+- id: GO-06
+  name: Weak TLS Config
+  severity: HIGH
+  category: Crypto
+  description: TLS config allows weak versions or insecure settings
+  detection_pattern: MinVersion.*tls\\.VersionTLS1[01]|InsecureSkipVerify.*true
+  fix_pattern: Enforce TLS 1.2+ verify certificates
+  cwe: CWE-327
+  example_vuln: '&tls.Config{MinVersion: tls.VersionTLS10}'
+  example_fix: '&tls.Config{MinVersion: tls.VersionTLS12}'
+- id: GO-07
+  name: Unsafe Pointer Use
+  severity: HIGH
+  category: Memory
+  description: Unsafe pointer operations risking memory corruption
+  detection_pattern: unsafe\\.Pointer|uintptr(?!.*reflect\\.SliceHeader)
+  fix_pattern: Avoid unsafe unless absolutely necessary add bounds checks
+  cwe: CWE-119
+  example_vuln: ptr := unsafe.Pointer(&data)\n*(*int)(ptr) = 42
+  example_fix: // Use safe alternatives or add extensive validation
+- id: GO-08
+  name: Missing Timeout
+  severity: HIGH
+  category: Reliability
+  description: HTTP client or context without timeout
+  detection_pattern: http\\.DefaultClient|context\\.Background\\(\\)(?!.*WithTimeout)
+  fix_pattern: Always set timeouts on HTTP clients and contexts
+  cwe: CWE-400
+  example_vuln: resp, err := http.Get(url)
+  example_fix: ctx, cancel := context.WithTimeout(ctx, 10*time.Second)\nreq = req.WithContext(ctx)
+- id: GO-09
+  name: Goroutine Leak
+  severity: MEDIUM
+  category: Memory
+  description: Goroutines started without cancellation mechanism
+  detection_pattern: go\\s+func\\(\\)(?!.*context|done|cancel)
+  fix_pattern: Use context for cancellation or done channels
+  cwe: CWE-400
+  example_vuln: go func() { for { process() } }()
+  example_fix: 'go func() { for { select { case <-ctx.Done(): return } } }()'
+- id: GO-10
+  name: Template Injection
+  severity: HIGH
+  category: Injection
+  description: User input in HTML templates without escaping
+  detection_pattern: template\\.HTML\\(.*req|text/template.*user
+  fix_pattern: Use html/template package always escape user data
+  cwe: CWE-79
+  example_vuln: template.HTML(userInput)
+  example_fix: // html/template auto-escapes\ntmpl.Execute(w, data) // data is escaped
+- id: GO-11
+  name: SSRF Via HTTP Client
+  severity: CRITICAL
+  category: Network
+  description: User-controlled URLs fetched without validation
+  detection_pattern: http\\.(Get|Post|Do).*req\\.(URL|Body|Query)
+  fix_pattern: Validate URLs against allowlist block internal IPs
+  cwe: CWE-918
+  example_vuln: http.Get(req.Query.Get('url'))
+  example_fix: url := req.Query.Get('url')\nif !isAllowed(url) { return }\nhttp.Get(url)
+- id: GO-12
+  name: Crypto Rand Misuse
+  severity: HIGH
+  category: Crypto
+  description: Using math/rand instead of crypto/rand for security
+  detection_pattern: math/rand(?!.*seed)|rand\\.(Int|Read)(?!.*crypto)
+  fix_pattern: Use crypto/rand for security-sensitive random values
+  cwe: CWE-338
+  example_vuln: import 'math/rand'\ntoken := rand.Int()
+  example_fix: import 'crypto/rand'\nrand.Read(token)
+- id: GO-13
+  name: Defer in Loop
+  severity: MEDIUM
+  category: Resource
+  description: Defer statement inside loop causing resource accumulation
+  detection_pattern: for.*\\{[^}]*defer
+  fix_pattern: Move defer outside loop or use explicit close
+  cwe: CWE-400
+  example_vuln: for _, f := range files { defer f.Close() }
+  example_fix: for _, f := range files { f.Close() }
+- id: GO-14
+  name: Missing Input Validation
+  severity: HIGH
+  category: Input
+  description: No validation on struct fields from HTTP request
+  detection_pattern: json\\.Unmarshal.*req\\.Body(?!.*valid)
+  fix_pattern: Use validator package validate before processing
+  cwe: CWE-20
+  example_vuln: json.Unmarshal(body, &req)
+  example_fix: json.Unmarshal(body, &req)\nif err := validate.Struct(req); err != nil { return err }
+- id: GO-15
+  name: Hardcoded Credentials
+  severity: CRITICAL
+  category: Secrets
+  description: Passwords or API keys hardcoded in source
+  detection_pattern: (password|apikey|secret)\\s*[:=]\\s*['\][^'\"]+['\"]"
+  fix_pattern: Use environment variables or secrets manager
+  cwe: CWE-798
+  example_vuln: dbPassword := 'mypassword123'
+  example_fix: dbPassword := os.Getenv('DB_PASSWORD')
+- id: GO-16
+  name: Integer Overflow
+  severity: HIGH
+  category: Math
+  description: Integer operations without overflow check
+  detection_pattern: \\+\\+|\\+=|\\*=(?!.*overflow|check)
+  fix_pattern: Use math.MaxInt checks or safe math libraries
+  cwe: CWE-190
+  example_vuln: total := a + b // May overflow
+  example_fix: if a > math.MaxInt64-b { return ErrOverflow }\ntotal := a + b
+- id: GO-17
+  name: Missing CSRF Protection
+  severity: HIGH
+  category: Web
+  description: Form handlers without CSRF token validation
+  detection_pattern: http\\.HandleFunc.*/.*POST(?!.*csrf)
+  fix_pattern: Implement CSRF tokens for all state-changing requests
+  cwe: CWE-352
+  example_vuln: http.HandleFunc('/transfer', transferHandler)
+  example_fix: // Use gorilla/csrf middleware\nhttp.Handle('/transfer', csrf.Protect(key)(handler))
+- id: GO-18
+  name: Open Redirect
+  severity: MEDIUM
+  category: Web
+  description: Redirect destination from user input without validation
+  detection_pattern: http\\.Redirect.*req\\.(URL|Query|Form)
+  fix_pattern: Validate redirect URLs against allowlist
+  cwe: CWE-601
+  example_vuln: http.Redirect(w, r, r.Query.Get('next'), 302)
+  example_fix: next := r.Query.Get('next')\nif !isInternal(next) { next = '/' }\nhttp.Redirect(w, r, next, 302)
+- id: GO-19
+  name: Nil Pointer Dereference
+  severity: HIGH
+  category: Runtime
+  description: Pointer usage without nil check
+  detection_pattern: (\\*\\w+)\\.(\\w+)(?<!if.*!=.*nil.*\\{)
+  fix_pattern: Check for nil before dereferencing pointers
+  cwe: CWE-476
+  example_vuln: user.Name // user may be nil
+  example_fix: if user == nil { return ErrNotFound }\nname := user.Name
+- id: GO-20
+  name: Sync Once Misuse
+  severity: MEDIUM
+  category: Concurrency
+  description: sync.Once with closure over wrong variable
+  detection_pattern: sync\\.Once.*Do.*func.*\\{.*rangeVar
+  fix_pattern: Capture loop variable correctly in closure
+  cwe: CWE-362
+  example_vuln: for _, v := range items { once.Do(func() { use(v) }) }
+  example_fix: for _, v := range items { v := v; once.Do(func() { use(v) }) }

package/.agent/skills/core/security/data/language-specific/java-security.yaml ADDED Viewed

@@ -0,0 +1,295 @@
+metadata:
+  skill: security
+  domain: java_security
+  version: 6.2.0
+  updated: '2026-02-05'
+  migrated_from: java-security.csv
+  patterns_count: 25
+  columns:
+  - id
+  - name
+  - severity
+  - category
+  - description
+  - detection_pattern
+  - fix_pattern
+  - cwe
+  - cve_reference
+  - example_vuln
+  - example_fix
+patterns:
+- id: JV-01
+  name: Unsafe Deserialization
+  severity: CRITICAL
+  category: Deserialization
+  description: ObjectInputStream deserializes untrusted data leading to RCE
+  detection_pattern: ObjectInputStream(?!.*SerialKiller|whitelist)
+  fix_pattern: Use look-ahead deserialization with class whitelist
+  cwe: CWE-502
+  cve_reference: CVE-2024-28212
+  example_vuln: new ObjectInputStream(untrusted).readObject()
+  example_fix: ObjectInputFilter filter = ...; ois.setObjectInputFilter(filter);
+- id: JV-02
+  name: JNDI Injection
+  severity: CRITICAL
+  category: Injection
+  description: InitialContext.lookup with user input allows RCE via LDAP/RMI
+  detection_pattern: InitialContext.*lookup.*input(?!.*allowlist)
+  fix_pattern: Restrict JNDI protocols and factory classes
+  cwe: CWE-74
+  cve_reference: CVE-2022-44228,CVE-2024-22319
+  example_vuln: ctx.lookup(userInput)
+  example_fix: '// Restrict to java: naming\nif (!url.startsWith(\java:\")) throw new SecurityException();"'
+- id: JV-03
+  name: JNDI iiop Bypass
+  severity: CRITICAL
+  category: Injection
+  description: JNDI injection via iiop/corbaname bypasses blacklists
+  detection_pattern: 'lookup.*iiop:|lookup.*corbaname:'
+  fix_pattern: Disable iiop corbaname iiopname protocols
+  cwe: CWE-74
+  cve_reference: CVE-2025-64428
+  example_vuln: ctx.lookup(\iiop://evil\" + input)"
+  example_fix: // Block all non-java protocols\nSystem.setProperty(\jdk.jndi.object.factoriesFilter\"
+- id: JV-04
+  name: Spring SpEL Injection
+  severity: CRITICAL
+  category: Injection
+  description: SpEL parseExpression with user input leads to RCE
+  detection_pattern: SpelExpressionParser.*parseExpression.*input
+  fix_pattern: Use SimpleEvaluationContext or avoid SpEL with user input
+  cwe: CWE-917
+  cve_reference: n/a
+  example_vuln: new SpelExpressionParser().parseExpression(input)
+  example_fix: StandardEvaluationContext ctx = new StandardEvaluationContext();\nctx.setRootObject(safeData); // No user input in expression
+- id: JV-05
+  name: Spring Authorization Bypass
+  severity: HIGH
+  category: Authorization
+  description: Inherited method annotations not detected in complex hierarchies
+  detection_pattern: '@PreAuthorize.*extends.*\\<.*\\>(?!.*6\\.4\\.10)'
+  fix_pattern: Upgrade Spring Security 6.4.10+ or 6.5.4+
+  cwe: CWE-863
+  cve_reference: CVE-2025-41248,CVE-2025-41249
+  example_vuln: '@PreAuthorize on parent method with unbounded generic'
+  example_fix: // Upgrade Spring Security to 6.4.10+ or 6.5.4+
+- id: JV-06
+  name: Log4j Message Lookup
+  severity: CRITICAL
+  category: Injection
+  description: Log4j 2.x allows JNDI lookups in log messages
+  detection_pattern: log\\.(info|error|debug).*\\$\\{(?!.*2\\.17)
+  fix_pattern: Upgrade Log4j 2.17+ and set log4j2.formatMsgNoLookups=true
+  cwe: CWE-917
+  cve_reference: CVE-2021-44228,CVE-2021-45046
+  example_vuln: 'log.error(\User: \" + userInput) // Contains ${jndi:ldap://}"'
+  example_fix: 'log.error(\User: {}\"'
+- id: JV-07
+  name: XML External Entity
+  severity: CRITICAL
+  category: Injection
+  description: DocumentBuilder allows external entity resolution
+  detection_pattern: DocumentBuilderFactory(?!.*setFeature.*false)
+  fix_pattern: Disable external entities and DTD processing
+  cwe: CWE-611
+  cve_reference: n/a
+  example_vuln: factory.newDocumentBuilder().parse(xmlInput)
+  example_fix: factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);\nfactory.setFeature(\http://apache.org/xml/features/disallow-doctype-decl\"
+- id: JV-08
+  name: XXE SAXParser
+  severity: CRITICAL
+  category: Injection
+  description: SAXParser allows XXE via external entities
+  detection_pattern: SAXParserFactory(?!.*setFeature.*disallow-doctype)
+  fix_pattern: Disable DTD processing in SAXParserFactory
+  cwe: CWE-611
+  cve_reference: n/a
+  example_vuln: SAXParserFactory.newInstance().newSAXParser().parse(xml)
+  example_fix: factory.setFeature(\http://apache.org/xml/features/disallow-doctype-decl\"
+- id: JV-09
+  name: SQL Injection Statement
+  severity: CRITICAL
+  category: Injection
+  description: Statement.execute with string concatenation
+  detection_pattern: Statement.*execute.*\\+.*input|createStatement.*\\+
+  fix_pattern: Use PreparedStatement with parameterized queries
+  cwe: CWE-89
+  cve_reference: n/a
+  example_vuln: stmt.execute(\SELECT * WHERE id=\" + id)"
+  example_fix: PreparedStatement ps = conn.prepareStatement(\SELECT * WHERE id=?\");\nps.setInt(1
+- id: JV-10
+  name: SSRF RestTemplate
+  severity: HIGH
+  category: Network
+  description: RestTemplate with user URL allows SSRF
+  detection_pattern: RestTemplate.*getForObject.*input(?!.*allowlist)
+  fix_pattern: Validate URLs against allowlist block internal IPs
+  cwe: CWE-918
+  cve_reference: n/a
+  example_vuln: restTemplate.getForObject(userUrl, String.class)
+  example_fix: if (isAllowedUrl(userUrl)) restTemplate.getForObject(userUrl, String.class);
+- id: JV-11
+  name: Path Traversal Files
+  severity: HIGH
+  category: File
+  description: File constructor with user input allows path traversal
+  detection_pattern: new\\s+File.*input(?!.*normalize|canonicalize)
+  fix_pattern: Use Path.normalize() and validate against base directory
+  cwe: CWE-22
+  cve_reference: n/a
+  example_vuln: new File(base + userInput)
+  example_fix: Path path = Paths.get(base, userInput).normalize();\nif (!path.startsWith(base)) throw new SecurityException();
+- id: JV-12
+  name: Insecure Random
+  severity: HIGH
+  category: Cryptography
+  description: java.util.Random used for security-sensitive values
+  detection_pattern: java\\.util\\.Random(?!.*SecureRandom).*token|session
+  fix_pattern: Use java.security.SecureRandom for cryptographic purposes
+  cwe: CWE-330
+  cve_reference: n/a
+  example_vuln: new Random().nextLong() // For token
+  example_fix: new SecureRandom().nextLong()
+- id: JV-13
+  name: Hardcoded Credentials
+  severity: HIGH
+  category: Secrets
+  description: Password or secret hardcoded in source code
+  detection_pattern: (password|apiKey|secret)\\s*=\\s*\[^\"]+\""
+  fix_pattern: Use environment variables or secrets manager
+  cwe: CWE-798
+  cve_reference: n/a
+  example_vuln: String apiKey = \sk-1234567890\";"
+  example_fix: String apiKey = System.getenv(\API_KEY\");"
+- id: JV-14
+  name: Weak Password Hash
+  severity: HIGH
+  category: Cryptography
+  description: MD5 or SHA1 used for password hashing
+  detection_pattern: MessageDigest.*getInstance.*(MD5|SHA-1).*password
+  fix_pattern: Use bcrypt scrypt or PBKDF2 with sufficient iterations
+  cwe: CWE-327
+  cve_reference: n/a
+  example_vuln: MessageDigest.getInstance(\MD5\").digest(password.getBytes())"
+  example_fix: BCrypt.hashpw(password, BCrypt.gensalt(12))
+- id: JV-15
+  name: Timing Attack BCrypt
+  severity: MEDIUM
+  category: Authentication
+  description: BCrypt comparison bypassed with long passwords 72+ chars
+  detection_pattern: BCryptPasswordEncoder(?!.*truncate|length)
+  fix_pattern: Check password length before BCrypt or upgrade Spring Security 6.4.10+
+  cwe: CWE-208
+  cve_reference: CVE-2025-22234
+  example_vuln: // Password > 72 chars bypasses timing protection
+  example_fix: if (password.length() > 72) throw new IllegalArgumentException();
+- id: JV-16
+  name: Insecure Cookie
+  severity: HIGH
+  category: Session
+  description: Cookie without Secure/HttpOnly flags
+  detection_pattern: new\\s+Cookie(?!.*setSecure|setHttpOnly)
+  fix_pattern: Set Secure HttpOnly and SameSite attributes
+  cwe: CWE-614
+  cve_reference: n/a
+  example_vuln: Cookie c = new Cookie(\session\"
+  example_fix: token);"
+- id: JV-17
+  name: OGNL Injection Struts
+  severity: CRITICAL
+  category: Injection
+  description: OGNL expression evaluation with user input
+  detection_pattern: OgnlContext.*getValue.*input|Ognl.*getValue
+  fix_pattern: Upgrade Struts disable OGNL in user-facing code
+  cwe: CWE-917
+  cve_reference: CVE-2017-5638
+  example_vuln: Ognl.getValue(userExpression, context)
+  example_fix: // Struts 2.5.30+ with excludedPatterns
+- id: JV-18
+  name: Spring Kafka Deser
+  severity: HIGH
+  category: Deserialization
+  description: Improper ErrorHandlingDeserializer config allows RCE
+  detection_pattern: ErrorHandlingDeserializer(?!.*checkHeaders|trusted)
+  fix_pattern: Configure trusted packages or disable exception header deser
+  cwe: CWE-502
+  cve_reference: CVE-2023-34040
+  example_vuln: '@KafkaListener with default ErrorHandlingDeserializer'
+  example_fix: spring.kafka.consumer.properties.spring.deserializer.key.delegate.class=StringDeserializer
+- id: JV-19
+  name: DoS Spring Security
+  severity: HIGH
+  category: DoS
+  description: Spring Security 6.1/6.2 vulnerable to DoS with MVC
+  detection_pattern: Spring.*MVC.*Security\\.6\\.(1\\.[0-5]|2\\.[0-1])
+  fix_pattern: Upgrade Spring Framework 6.0.16+ or Spring Security 6.2.2+
+  cwe: CWE-400
+  cve_reference: CVE-2024-22233
+  example_vuln: // Affected versions
+  example_fix: // Upgrade to Spring Security 6.2.2+
+- id: JV-20
+  name: JWT Algorithm Confusion
+  severity: CRITICAL
+  category: Authentication
+  description: JWT verification without algorithm restriction
+  detection_pattern: Jwts\\.parser(?!.*setSigningKey.*Algorithm)
+  fix_pattern: Explicitly specify allowed algorithms in JWT parser
+  cwe: CWE-347
+  cve_reference: n/a
+  example_vuln: Jwts.parser().setSigningKey(key).parse(token)
+  example_fix: Jwts.parserBuilder().setSigningKey(key).setAllowedClockSkewSeconds(0).requireAlgorithm(\HS256\").build();"
+- id: JV-21
+  name: SSRF WebClient
+  severity: HIGH
+  category: Network
+  description: WebClient with user URL allows SSRF
+  detection_pattern: WebClient.*uri.*input(?!.*validate)
+  fix_pattern: Validate URLs block internal networks
+  cwe: CWE-918
+  cve_reference: n/a
+  example_vuln: webClient.get().uri(userUrl).retrieve()
+  example_fix: if (isExternalUrl(userUrl)) webClient.get().uri(userUrl).retrieve();
+- id: JV-22
+  name: Reflection Injection
+  severity: HIGH
+  category: Injection
+  description: Class.forName with user input allows instantiation of dangerous classes
+  detection_pattern: Class\\.forName.*input(?!.*allowlist)
+  fix_pattern: Whitelist allowed classes for reflection
+  cwe: CWE-470
+  cve_reference: n/a
+  example_vuln: Class.forName(userInput).newInstance()
+  example_fix: if (ALLOWED_CLASSES.contains(userInput)) Class.forName(userInput).newInstance();
+- id: JV-23
+  name: LDAP Injection
+  severity: HIGH
+  category: Injection
+  description: LDAP filter with unsanitized user input
+  detection_pattern: search.*filter.*\\+.*input(?!.*escape)
+  fix_pattern: Use parameterized LDAP filters or escape special characters
+  cwe: CWE-90
+  cve_reference: n/a
+  example_vuln: ctx.search(\ou=users\"
+  example_fix: \"(uid=\" + input + \")\")"
+- id: JV-24
+  name: Zip Slip
+  severity: HIGH
+  category: File
+  description: Zip extraction without validating entry names allows path traversal
+  detection_pattern: ZipInputStream.*getNextEntry(?!.*normalize|canonical)
+  fix_pattern: Validate zip entry names against destination directory
+  cwe: CWE-22
+  cve_reference: n/a
+  example_vuln: new File(destDir, entry.getName())
+  example_fix: Path dest = destDir.resolve(entry.getName()).normalize();\nif (!dest.startsWith(destDir)) throw new SecurityException();
+- id: JV-25
+  name: Server-Side Request Forgery URL
+  severity: HIGH
+  category: Network
+  description: java.net.URL with user input allows SSRF
+  detection_pattern: new\\s+URL.*input.*openConnection(?!.*validate)
+  fix_pattern: Validate URL protocol host and port against allowlist
+  cwe: CWE-918
+  cve_reference: n/a
+  example_vuln: new URL(userInput).openConnection()
+  example_fix: URL url = new URL(userInput);\nif (isAllowed(url.getHost())) url.openConnection();