npm - @nockdev/awf - Versions diffs - 6.2.0 - Mend

@nockdev/awf 6.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (727) hide show

package/.agent/build.yaml +178 -0
package/.agent/config.yaml +235 -0
package/.agent/core/ACTIVE_MEMORY.yaml +344 -0
package/.agent/core/ARCH_REGISTRY.yaml +252 -0
package/.agent/core/AUDIT_POLICY.md +68 -0
package/.agent/core/BRANDING.yaml +185 -0
package/.agent/core/CACHE.md +59 -0
package/.agent/core/CHECKPOINT.yaml +153 -0
package/.agent/core/CLEANUP_ENGINE.yaml +326 -0
package/.agent/core/CODING_STYLES.yaml +346 -0
package/.agent/core/COMMANDS.md +93 -0
package/.agent/core/CONTEXT_INJECTOR.yaml +325 -0
package/.agent/core/CONTEXT_LOADER.yaml +323 -0
package/.agent/core/CONTEXT_OPTIMIZATION.yaml +286 -0
package/.agent/core/CONTEXT_PRIORITY.yaml +357 -0
package/.agent/core/CUSTOMIZE.md +138 -0
package/.agent/core/DATA_SAFETY.md +92 -0
package/.agent/core/FLOW_ENGINE.yaml +300 -0
package/.agent/core/GRAPH_MEMORY.yaml +420 -0
package/.agent/core/HSA.yaml +357 -0
package/.agent/core/HYBRID_ROUTER.yaml +346 -0
package/.agent/core/INTENT_DETECTION.yaml +384 -0
package/.agent/core/LIBRARY_REGISTRY.yaml +401 -0
package/.agent/core/MCP_TOOLS.yaml +414 -0
package/.agent/core/MEMORY_CONSOLIDATION.yaml +352 -0
package/.agent/core/MEMORY_ENGINE.yaml +353 -0
package/.agent/core/MEMORY_PATHS.yaml +79 -0
package/.agent/core/MEMORY_UTILS.yaml +212 -0
package/.agent/core/PATTERNS.yaml +319 -0
package/.agent/core/PERMISSIONS.md +100 -0
package/.agent/core/README.md +91 -0
package/.agent/core/REFLECTION_ENGINE.yaml +348 -0
package/.agent/core/ROUTER.yaml +424 -0
package/.agent/core/SCORING_FORMULA.yaml +103 -0
package/.agent/core/SEMANTIC_ENGINE.yaml +162 -0
package/.agent/core/SKILLS_FLOW.yaml +341 -0
package/.agent/core/SKILL_SCHEMA.yaml +266 -0
package/.agent/core/STATE_MACHINE.yaml +409 -0
package/.agent/core/SUMMARIZATION_ENGINE.yaml +258 -0
package/.agent/core/TEMPLATES.yaml +364 -0
package/.agent/core/TOKEN_BUDGETS.yaml +157 -0
package/.agent/core/TOKEN_LOADING.yaml +197 -0
package/.agent/core/TOKEN_SUMMARY.yaml +121 -0
package/.agent/core/VERSION.yaml +240 -0
package/.agent/core/embeddings.json +2004 -0
package/.agent/core/session_cache.json +50 -0
package/.agent/i18n/README.md +30 -0
package/.agent/i18n/en.yaml +302 -0
package/.agent/i18n/vi.yaml +302 -0
package/.agent/ide/README.md +47 -0
package/.agent/ide/amazonq.json +35 -0
package/.agent/ide/amp.json +35 -0
package/.agent/ide/antigravity.json +47 -0
package/.agent/ide/augment.json +35 -0
package/.agent/ide/claude.json +42 -0
package/.agent/ide/cline.json +34 -0
package/.agent/ide/codex.json +37 -0
package/.agent/ide/cody.json +35 -0
package/.agent/ide/continue.json +35 -0
package/.agent/ide/cursor.json +42 -0
package/.agent/ide/gemini.json +46 -0
package/.agent/ide/jetbrains.json +35 -0
package/.agent/ide/kiro.json +35 -0
package/.agent/ide/opencode.json +35 -0
package/.agent/ide/roo.json +35 -0
package/.agent/ide/tabnine.json +35 -0
package/.agent/ide/trae.json +35 -0
package/.agent/ide/vscode.json +34 -0
package/.agent/ide/windsurf.json +56 -0
package/.agent/ide/zed.json +36 -0
package/.agent/manifest.yaml +416 -0
package/.agent/memory/README.md +148 -0
package/.agent/memory/active_memories.json +35 -0
package/.agent/memory/archive/.gitkeep +0 -0
package/.agent/memory/audit_summary.json +58 -0
package/.agent/memory/cleanup_log.json +34 -0
package/.agent/memory/consolidated.md +75 -0
package/.agent/memory/core_memory/persona.json +30 -0
package/.agent/memory/core_memory/project.json +25 -0
package/.agent/memory/core_memory/rules.json +29 -0
package/.agent/memory/core_memory/user.json +24 -0
package/.agent/memory/decisions.md +40 -0
package/.agent/memory/graph/knowledge_graph.json +12 -0
package/.agent/memory/insights.md +52 -0
package/.agent/memory/metrics.json +48 -0
package/.agent/memory/patterns/errors.json +11 -0
package/.agent/memory/patterns/successes.json +10 -0
package/.agent/memory/session.md +64 -0
package/.agent/memory/session_rules.json +19 -0
package/.agent/memory/state.json +81 -0
package/.agent/memory/vectors/README.md +129 -0
package/.agent/personas/README.md +180 -0
package/.agent/personas/architect.md +186 -0
package/.agent/personas/auditor.md +222 -0
package/.agent/personas/debugger.md +210 -0
package/.agent/personas/developer.md +183 -0
package/.agent/personas/devops.md +268 -0
package/.agent/personas/documenter.md +262 -0
package/.agent/personas/orchestrator.md +240 -0
package/.agent/personas/persona.schema.yaml +209 -0
package/.agent/personas/planner.md +171 -0
package/.agent/personas/researcher.md +194 -0
package/.agent/personas/security.md +212 -0
package/.agent/personas/tester.md +247 -0
package/.agent/rules/README.md +231 -0
package/.agent/rules/SACRED_RULES.xml +142 -0
package/.agent/rules/constitutional/tier-0-core.yaml +182 -0
package/.agent/rules/constitutional/tier-1-safety.yaml +272 -0
package/.agent/rules/constitutional/tier-2-execution.yaml +294 -0
package/.agent/rules/data/build-systems.yaml +126 -0
package/.agent/rules/data/quality-standards.json +59 -0
package/.agent/rules/duplication-prevention.md +138 -0
package/.agent/rules/incremental-changes.md +146 -0
package/.agent/rules/modules/context-management.yaml +158 -0
package/.agent/rules/modules/edit-verification.yaml +197 -0
package/.agent/rules/modules/evidence.yaml +185 -0
package/.agent/rules/modules/git-workflow.yaml +165 -0
package/.agent/rules/modules/language.yaml +155 -0
package/.agent/rules/modules/online-research.yaml +192 -0
package/.agent/rules/modules/quality.yaml +185 -0
package/.agent/rules/modules/reflection.yaml +209 -0
package/.agent/rules/modules/stop-conditions.yaml +196 -0
package/.agent/rules/modules/terminal-safety.yaml +229 -0
package/.agent/rules/modules/versioning.yaml +97 -0
package/.agent/rules/modules/yagni.yaml +167 -0
package/.agent/rules/project-detection.md +317 -0
package/.agent/rules/prompt-injection-guard.md +260 -0
package/.agent/rules/shell-commands.md +210 -0
package/.agent/rules/validation-framework.md +189 -0
package/.agent/skills/DEVELOPMENT.yaml +226 -0
package/.agent/skills/README.md +69 -0
package/.agent/skills/_categories.yaml +145 -0
package/.agent/skills/_router.yaml +232 -0
package/.agent/skills/core/_index.yaml +12 -0
package/.agent/skills/core/api-design/META.yaml +64 -0
package/.agent/skills/core/api-design/SKILL.md +169 -0
package/.agent/skills/core/api-design/data/api-versioning.yaml +217 -0
package/.agent/skills/core/api-design/data/error-responses.yaml +135 -0
package/.agent/skills/core/api-design/data/graphql-patterns.yaml +165 -0
package/.agent/skills/core/api-design/data/grpc-patterns.yaml +165 -0
package/.agent/skills/core/api-design/data/http-status-codes.yaml +176 -0
package/.agent/skills/core/api-design/data/pagination.yaml +121 -0
package/.agent/skills/core/api-design/data/rate-limiting.yaml +135 -0
package/.agent/skills/core/api-design/data/rest-patterns.yaml +195 -0
package/.agent/skills/core/api-design/data/test-apis.yaml +217 -0
package/.agent/skills/core/authentication/META.yaml +73 -0
package/.agent/skills/core/authentication/SKILL.md +166 -0
package/.agent/skills/core/authentication/data/anti-patterns.yaml +135 -0
package/.agent/skills/core/authentication/data/core-patterns.yaml +256 -0
package/.agent/skills/core/authentication/data/jwt-patterns.yaml +255 -0
package/.agent/skills/core/authentication/data/language-csharp.yaml +215 -0
package/.agent/skills/core/authentication/data/language-go.yaml +215 -0
package/.agent/skills/core/authentication/data/language-java.yaml +215 -0
package/.agent/skills/core/authentication/data/language-mobile.yaml +215 -0
package/.agent/skills/core/authentication/data/language-python.yaml +215 -0
package/.agent/skills/core/authentication/data/language-rust.yaml +215 -0
package/.agent/skills/core/authentication/data/language-typescript.yaml +215 -0
package/.agent/skills/core/authentication/data/mfa-patterns.yaml +175 -0
package/.agent/skills/core/authentication/data/oauth-patterns.yaml +255 -0
package/.agent/skills/core/authentication/data/oauth.yaml +248 -0
package/.agent/skills/core/authentication/data/passkeys-webauthn.yaml +215 -0
package/.agent/skills/core/authentication/data/passkeys.yaml +208 -0
package/.agent/skills/core/authentication/data/password-patterns.yaml +175 -0
package/.agent/skills/core/authentication/data/password.yaml +168 -0
package/.agent/skills/core/authentication/data/session-patterns.yaml +215 -0
package/.agent/skills/core/error-handling/META.yaml +71 -0
package/.agent/skills/core/error-handling/SKILL.md +156 -0
package/.agent/skills/core/error-handling/data/anti-patterns.yaml +105 -0
package/.agent/skills/core/error-handling/data/api-error-patterns.yaml +135 -0
package/.agent/skills/core/error-handling/data/core-patterns.yaml +226 -0
package/.agent/skills/core/error-handling/data/error-codes.yaml +165 -0
package/.agent/skills/core/error-handling/data/error-messages.yaml +165 -0
package/.agent/skills/core/error-handling/data/language-c-cpp.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-go-rust.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-python-java.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-swift-kotlin.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-typescript-php-ruby.yaml +226 -0
package/.agent/skills/core/error-handling/data/resilience-patterns.yaml +191 -0
package/.agent/skills/core/error-handling/data/ui-error-patterns.yaml +135 -0
package/.agent/skills/core/logging/META.yaml +73 -0
package/.agent/skills/core/logging/SKILL.md +184 -0
package/.agent/skills/core/logging/data/aggregation-patterns.yaml +191 -0
package/.agent/skills/core/logging/data/anti-patterns.yaml +121 -0
package/.agent/skills/core/logging/data/core-patterns.yaml +226 -0
package/.agent/skills/core/logging/data/language-csharp.yaml +191 -0
package/.agent/skills/core/logging/data/language-go.yaml +191 -0
package/.agent/skills/core/logging/data/language-java.yaml +191 -0
package/.agent/skills/core/logging/data/language-kotlin.yaml +156 -0
package/.agent/skills/core/logging/data/language-others.yaml +184 -0
package/.agent/skills/core/logging/data/language-python.yaml +191 -0
package/.agent/skills/core/logging/data/language-rust.yaml +191 -0
package/.agent/skills/core/logging/data/language-swift.yaml +156 -0
package/.agent/skills/core/logging/data/language-typescript.yaml +191 -0
package/.agent/skills/core/logging/data/otel-logging.yaml +156 -0
package/.agent/skills/core/observability/META.yaml +76 -0
package/.agent/skills/core/observability/SKILL.md +153 -0
package/.agent/skills/core/observability/data/alerting-patterns.yaml +165 -0
package/.agent/skills/core/observability/data/anti-patterns.yaml +105 -0
package/.agent/skills/core/observability/data/core-patterns.yaml +195 -0
package/.agent/skills/core/observability/data/language-cpp.yaml +165 -0
package/.agent/skills/core/observability/data/language-csharp.yaml +165 -0
package/.agent/skills/core/observability/data/language-go.yaml +165 -0
package/.agent/skills/core/observability/data/language-java.yaml +165 -0
package/.agent/skills/core/observability/data/language-others.yaml +255 -0
package/.agent/skills/core/observability/data/language-python.yaml +165 -0
package/.agent/skills/core/observability/data/language-rust.yaml +165 -0
package/.agent/skills/core/observability/data/language-typescript.yaml +165 -0
package/.agent/skills/core/observability/data/metrics-patterns.yaml +135 -0
package/.agent/skills/core/observability/data/metrics-prometheus.yaml +165 -0
package/.agent/skills/core/observability/data/otel-core.yaml +195 -0
package/.agent/skills/core/observability/data/profiling-patterns.yaml +135 -0
package/.agent/skills/core/observability/data/tracing-patterns.yaml +165 -0
package/.agent/skills/core/observability/data/tracing-tools.yaml +135 -0
package/.agent/skills/core/security/ADVANCED.md +269 -0
package/.agent/skills/core/security/META.yaml +97 -0
package/.agent/skills/core/security/SKILL.md +234 -0
package/.agent/skills/core/security/data/ai-ml-security.yaml +261 -0
package/.agent/skills/core/security/data/api-security.yaml +230 -0
package/.agent/skills/core/security/data/auth-patterns.yaml +195 -0
package/.agent/skills/core/security/data/binary-exploitation.yaml +339 -0
package/.agent/skills/core/security/data/cloud-security.yaml +269 -0
package/.agent/skills/core/security/data/cwe-top25.yaml +415 -0
package/.agent/skills/core/security/data/language-specific/c-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/cpp-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/csharp-security.yaml +219 -0
package/.agent/skills/core/security/data/language-specific/go-security.yaml +219 -0
package/.agent/skills/core/security/data/language-specific/java-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/kotlin-security.yaml +198 -0
package/.agent/skills/core/security/data/language-specific/php-security.yaml +219 -0
package/.agent/skills/core/security/data/language-specific/python-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/ruby-security.yaml +198 -0
package/.agent/skills/core/security/data/language-specific/rust-security.yaml +240 -0
package/.agent/skills/core/security/data/language-specific/solidity-security.yaml +369 -0
package/.agent/skills/core/security/data/language-specific/swift-security.yaml +198 -0
package/.agent/skills/core/security/data/language-specific/typescript-security.yaml +295 -0
package/.agent/skills/core/security/data/mobile-security.yaml +369 -0
package/.agent/skills/core/security/data/network-security.yaml +297 -0
package/.agent/skills/core/security/data/owasp-top10.yaml +171 -0
package/.agent/skills/core/security/data/reverse-engineering.yaml +497 -0
package/.agent/skills/core/security/data/supply-chain.yaml +219 -0
package/.agent/skills/cross-cutting/_index.yaml +15 -0
package/.agent/skills/cross-cutting/audit-pro/META.yaml +43 -0
package/.agent/skills/cross-cutting/audit-pro/data/checklists.yaml +644 -0
package/.agent/skills/cross-cutting/audit-pro/data/scoring.yaml +101 -0
package/.agent/skills/cross-cutting/aws/META.yaml +75 -0
package/.agent/skills/cross-cutting/aws/data/ai_ml.yaml +194 -0
package/.agent/skills/cross-cutting/aws/data/compute.yaml +191 -0
package/.agent/skills/cross-cutting/aws/data/kubernetes.yaml +199 -0
package/.agent/skills/cross-cutting/aws/data/storage.yaml +174 -0
package/.agent/skills/cross-cutting/bun/META.yaml +58 -0
package/.agent/skills/cross-cutting/bun/SKILL.md +357 -0
package/.agent/skills/cross-cutting/bun/data/database.yaml +85 -0
package/.agent/skills/cross-cutting/bun/data/runtime.yaml +170 -0
package/.agent/skills/cross-cutting/bun/data/tooling.yaml +192 -0
package/.agent/skills/cross-cutting/ci-cd/META.yaml +60 -0
package/.agent/skills/cross-cutting/ci-cd/data/github_actions.yaml +248 -0
package/.agent/skills/cross-cutting/ci-cd/data/security.yaml +211 -0
package/.agent/skills/cross-cutting/coding-rules/META.yaml +61 -0
package/.agent/skills/cross-cutting/coding-rules/SKILL.md +171 -0
package/.agent/skills/cross-cutting/coding-rules/data/architecture-patterns.yaml +96 -0
package/.agent/skills/cross-cutting/coding-rules/data/build-systems.yaml +346 -0
package/.agent/skills/cross-cutting/coding-rules/data/coding-rules.yaml +647 -0
package/.agent/skills/cross-cutting/coding-rules/data/concurrency-patterns.yaml +108 -0
package/.agent/skills/cross-cutting/coding-rules/data/design-patterns.yaml +260 -0
package/.agent/skills/cross-cutting/coding-rules/data/framework-signatures.yaml +344 -0
package/.agent/skills/cross-cutting/coding-rules/data/memory-management.yaml +108 -0
package/.agent/skills/cross-cutting/coding-rules/data/naming-conventions.yaml +320 -0
package/.agent/skills/cross-cutting/coding-rules/data/performance-benchmarks.yaml +164 -0
package/.agent/skills/cross-cutting/coding-rules/data/solid-principles.yaml +80 -0
package/.agent/skills/cross-cutting/coding-rules/data/test-frameworks.yaml +183 -0
package/.agent/skills/cross-cutting/database/ADVANCED.md +465 -0
package/.agent/skills/cross-cutting/database/META.yaml +22 -0
package/.agent/skills/cross-cutting/database/SKILL.md +816 -0
package/.agent/skills/cross-cutting/database/data/anti_patterns.yaml +116 -0
package/.agent/skills/cross-cutting/database/data/distributed.yaml +152 -0
package/.agent/skills/cross-cutting/database/data/mongodb.yaml +132 -0
package/.agent/skills/cross-cutting/database/data/mysql.yaml +130 -0
package/.agent/skills/cross-cutting/database/data/orm.yaml +104 -0
package/.agent/skills/cross-cutting/database/data/postgresql.yaml +170 -0
package/.agent/skills/cross-cutting/database/data/redis.yaml +129 -0
package/.agent/skills/cross-cutting/deno/META.yaml +68 -0
package/.agent/skills/cross-cutting/deno/SKILL.md +343 -0
package/.agent/skills/cross-cutting/deno/data/runtime.yaml +260 -0
package/.agent/skills/cross-cutting/deno/data/security.yaml +168 -0
package/.agent/skills/cross-cutting/deno/data/tooling.yaml +133 -0
package/.agent/skills/cross-cutting/docker/META.yaml +65 -0
package/.agent/skills/cross-cutting/docker/data/build.yaml +197 -0
package/.agent/skills/cross-cutting/docker/data/compose.yaml +229 -0
package/.agent/skills/cross-cutting/docker/data/security.yaml +164 -0
package/.agent/skills/cross-cutting/electron/META.yaml +174 -0
package/.agent/skills/cross-cutting/electron/SKILL.md +862 -0
package/.agent/skills/cross-cutting/electron/data/build.yaml +105 -0
package/.agent/skills/cross-cutting/electron/data/crash.yaml +103 -0
package/.agent/skills/cross-cutting/electron/data/ipc.yaml +85 -0
package/.agent/skills/cross-cutting/electron/data/native.yaml +157 -0
package/.agent/skills/cross-cutting/electron/data/security.yaml +89 -0
package/.agent/skills/cross-cutting/electron/data/storage.yaml +100 -0
package/.agent/skills/cross-cutting/electron/data/testing.yaml +103 -0
package/.agent/skills/cross-cutting/electron/data/updates.yaml +99 -0
package/.agent/skills/cross-cutting/electron/data/window.yaml +83 -0
package/.agent/skills/cross-cutting/kubernetes/META.yaml +70 -0
package/.agent/skills/cross-cutting/kubernetes/data/networking.yaml +270 -0
package/.agent/skills/cross-cutting/kubernetes/data/scheduling.yaml +267 -0
package/.agent/skills/cross-cutting/kubernetes/data/security.yaml +253 -0
package/.agent/skills/cross-cutting/kubernetes/data/workloads.yaml +251 -0
package/.agent/skills/cross-cutting/sql/META.yaml +88 -0
package/.agent/skills/cross-cutting/sql/SKILL.md +296 -0
package/.agent/skills/cross-cutting/sql/data/indexing.yaml +147 -0
package/.agent/skills/cross-cutting/sql/data/json.yaml +156 -0
package/.agent/skills/cross-cutting/sql/data/performance.yaml +204 -0
package/.agent/skills/cross-cutting/sql/data/queries.yaml +150 -0
package/.agent/skills/cross-cutting/tailwind/META.yaml +72 -0
package/.agent/skills/cross-cutting/tailwind/SKILL.md +344 -0
package/.agent/skills/cross-cutting/tailwind/data/build.yaml +143 -0
package/.agent/skills/cross-cutting/tailwind/data/config.yaml +109 -0
package/.agent/skills/cross-cutting/tailwind/data/migration.yaml +149 -0
package/.agent/skills/cross-cutting/tailwind/data/responsive.yaml +148 -0
package/.agent/skills/cross-cutting/tailwind/data/states.yaml +152 -0
package/.agent/skills/cross-cutting/tailwind/data/theme.yaml +126 -0
package/.agent/skills/cross-cutting/tailwind/data/utilities.yaml +182 -0
package/.agent/skills/cross-cutting/tailwind/data/variants.yaml +154 -0
package/.agent/skills/cross-cutting/testing/ADVANCED.md +245 -0
package/.agent/skills/cross-cutting/testing/META.yaml +49 -0
package/.agent/skills/cross-cutting/testing/SKILL.md +263 -0
package/.agent/skills/cross-cutting/testing/data/frameworks.yaml +300 -0
package/.agent/skills/cross-cutting/testing/data/patterns.yaml +168 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/META.yaml +108 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/SKILL.md +565 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/charts.yaml +331 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/colors.yaml +1226 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/component-decision.yaml +287 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/component-mapping.yaml +318 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/design-tokens.yaml +525 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-animation.yaml +232 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-architecture.yaml +140 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-colors.yaml +467 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/directory-structure.yaml +75 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/icons.yaml +918 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/implementation-strategy.yaml +107 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/landing.yaml +372 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/platform-frameworks.yaml +195 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/platform-guidelines.yaml +177 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/products.yaml +1339 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/prompts.yaml +180 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/react-performance.yaml +504 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/desktop.yaml +228 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/flutter.yaml +508 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/html-tailwind.yaml +543 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nextjs.yaml +515 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nuxt-ui.yaml +519 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nuxtjs.yaml +599 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/react-native.yaml +496 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/react.yaml +526 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/shadcn.yaml +616 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/svelte.yaml +520 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/swiftui.yaml +486 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/vue.yaml +485 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/styles.yaml +1473 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/typography.yaml +647 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/ui-reasoning.yaml +1019 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/ux-guidelines.yaml +1009 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/web-interface.yaml +347 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/core.cpython-310.pyc +0 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/core.cpython-314.pyc +0 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/design_system.cpython-314.pyc +0 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/core.py +393 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/core_legacy.py +303 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/design_system.py +496 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/search.py +76 -0
package/.agent/skills/cross-cutting/web-perf/META.yaml +92 -0
package/.agent/skills/cross-cutting/web-perf/SKILL.md +181 -0
package/.agent/skills/cross-cutting/web-perf/data/cls_optimization.yaml +189 -0
package/.agent/skills/cross-cutting/web-perf/data/core_web_vitals.yaml +282 -0
package/.agent/skills/cross-cutting/web-perf/data/inp_optimization.yaml +240 -0
package/.agent/skills/cross-cutting/web-perf/data/lcp_optimization.yaml +202 -0
package/.agent/skills/cross-cutting/web-perf/data/measurement.yaml +170 -0
package/.agent/skills/devops/_index.yaml +9 -0
package/.agent/skills/devops/aws/ADVANCED.md +547 -0
package/.agent/skills/devops/aws/META.yaml +84 -0
package/.agent/skills/devops/aws/SKILL.md +711 -0
package/.agent/skills/devops/ci-cd/ADVANCED.md +529 -0
package/.agent/skills/devops/ci-cd/META.yaml +21 -0
package/.agent/skills/devops/ci-cd/SKILL.md +821 -0
package/.agent/skills/devops/docker/ADVANCED.md +495 -0
package/.agent/skills/devops/docker/META.yaml +20 -0
package/.agent/skills/devops/docker/SKILL.md +653 -0
package/.agent/skills/devops/kubernetes/ADVANCED.md +252 -0
package/.agent/skills/devops/kubernetes/META.yaml +15 -0
package/.agent/skills/devops/kubernetes/SKILL.md +621 -0
package/.agent/skills/frameworks/_index.yaml +13 -0
package/.agent/skills/frameworks/angular/META.yaml +70 -0
package/.agent/skills/frameworks/angular/SKILL.md +319 -0
package/.agent/skills/frameworks/angular/data/core.yaml +209 -0
package/.agent/skills/frameworks/angular/data/performance.yaml +210 -0
package/.agent/skills/frameworks/angular/data/server.yaml +175 -0
package/.agent/skills/frameworks/flutter/ADVANCED.md +491 -0
package/.agent/skills/frameworks/flutter/META.yaml +64 -0
package/.agent/skills/frameworks/flutter/SKILL.md +541 -0
package/.agent/skills/frameworks/flutter/data/core.yaml +210 -0
package/.agent/skills/frameworks/flutter/data/platform.yaml +246 -0
package/.agent/skills/frameworks/flutter/data/state.yaml +250 -0
package/.agent/skills/frameworks/nextjs/ADVANCED.md +225 -0
package/.agent/skills/frameworks/nextjs/META.yaml +67 -0
package/.agent/skills/frameworks/nextjs/SKILL.md +593 -0
package/.agent/skills/frameworks/nextjs/data/caching.yaml +210 -0
package/.agent/skills/frameworks/nextjs/data/core.yaml +255 -0
package/.agent/skills/frameworks/nextjs/data/server.yaml +248 -0
package/.agent/skills/frameworks/nuxt/META.yaml +57 -0
package/.agent/skills/frameworks/nuxt/SKILL.md +283 -0
package/.agent/skills/frameworks/nuxt/data/core.yaml +309 -0
package/.agent/skills/frameworks/nuxt/data/server.yaml +271 -0
package/.agent/skills/frameworks/react/ADVANCED.md +676 -0
package/.agent/skills/frameworks/react/META.yaml +60 -0
package/.agent/skills/frameworks/react/SKILL.md +263 -0
package/.agent/skills/frameworks/react/data/core.yaml +278 -0
package/.agent/skills/frameworks/react/data/server.yaml +283 -0
package/.agent/skills/frameworks/react-native/META.yaml +59 -0
package/.agent/skills/frameworks/react-native/SKILL.md +301 -0
package/.agent/skills/frameworks/react-native/data/core.yaml +260 -0
package/.agent/skills/frameworks/react-native/data/platform.yaml +287 -0
package/.agent/skills/frameworks/svelte/META.yaml +62 -0
package/.agent/skills/frameworks/svelte/SKILL.md +398 -0
package/.agent/skills/frameworks/svelte/data/runes.yaml +239 -0
package/.agent/skills/frameworks/svelte/data/sveltekit.yaml +244 -0
package/.agent/skills/frameworks/vue/ADVANCED.md +214 -0
package/.agent/skills/frameworks/vue/META.yaml +58 -0
package/.agent/skills/frameworks/vue/SKILL.md +356 -0
package/.agent/skills/frameworks/vue/data/advanced.yaml +253 -0
package/.agent/skills/frameworks/vue/data/core.yaml +270 -0
package/.agent/skills/index.json +143 -0
package/.agent/skills/languages/_index.yaml +33 -0
package/.agent/skills/languages/asm/ADVANCED.md +750 -0
package/.agent/skills/languages/asm/META.yaml +84 -0
package/.agent/skills/languages/asm/SKILL.md +753 -0
package/.agent/skills/languages/asm/data/advanced.yaml +295 -0
package/.agent/skills/languages/asm/data/core.yaml +280 -0
package/.agent/skills/languages/c/ADVANCED.md +625 -0
package/.agent/skills/languages/c/META.yaml +58 -0
package/.agent/skills/languages/c/SKILL.md +748 -0
package/.agent/skills/languages/c/data/core.yaml +179 -0
package/.agent/skills/languages/c/data/embedded.yaml +251 -0
package/.agent/skills/languages/c/data/memory.yaml +253 -0
package/.agent/skills/languages/clojure/META.yaml +13 -0
package/.agent/skills/languages/clojure/SKILL.md +130 -0
package/.agent/skills/languages/clojure/data/core.yaml +326 -0
package/.agent/skills/languages/cpp/ADVANCED.md +457 -0
package/.agent/skills/languages/cpp/META.yaml +61 -0
package/.agent/skills/languages/cpp/SKILL.md +936 -0
package/.agent/skills/languages/cpp/data/core.yaml +304 -0
package/.agent/skills/languages/cpp/data/memory.yaml +247 -0
package/.agent/skills/languages/cpp/data/modern.yaml +334 -0
package/.agent/skills/languages/crystal/META.yaml +30 -0
package/.agent/skills/languages/crystal/SKILL.md +117 -0
package/.agent/skills/languages/crystal/data/async.yaml +264 -0
package/.agent/skills/languages/crystal/data/core.yaml +279 -0
package/.agent/skills/languages/csharp/ADVANCED.md +592 -0
package/.agent/skills/languages/csharp/META.yaml +23 -0
package/.agent/skills/languages/csharp/SKILL.md +620 -0
package/.agent/skills/languages/csharp/data/aspnet.yaml +448 -0
package/.agent/skills/languages/csharp/data/core.yaml +362 -0
package/.agent/skills/languages/elixir/META.yaml +18 -0
package/.agent/skills/languages/elixir/SKILL.md +368 -0
package/.agent/skills/languages/elixir/data/core.yaml +392 -0
package/.agent/skills/languages/fsharp/META.yaml +14 -0
package/.agent/skills/languages/fsharp/SKILL.md +113 -0
package/.agent/skills/languages/fsharp/data/core.yaml +396 -0
package/.agent/skills/languages/go/ADVANCED.md +260 -0
package/.agent/skills/languages/go/META.yaml +64 -0
package/.agent/skills/languages/go/SKILL.md +489 -0
package/.agent/skills/languages/go/data/concurrency.yaml +424 -0
package/.agent/skills/languages/go/data/core.yaml +399 -0
package/.agent/skills/languages/go/data/http.yaml +507 -0
package/.agent/skills/languages/haskell/META.yaml +18 -0
package/.agent/skills/languages/haskell/SKILL.md +305 -0
package/.agent/skills/languages/haskell/data/core.yaml +347 -0
package/.agent/skills/languages/java/ADVANCED.md +450 -0
package/.agent/skills/languages/java/META.yaml +89 -0
package/.agent/skills/languages/java/SKILL.md +495 -0
package/.agent/skills/languages/java/data/core.yaml +307 -0
package/.agent/skills/languages/java/data/spring.yaml +437 -0
package/.agent/skills/languages/javascript/ADVANCED.md +530 -0
package/.agent/skills/languages/javascript/META.yaml +105 -0
package/.agent/skills/languages/javascript/SKILL.md +455 -0
package/.agent/skills/languages/javascript/data/async.yaml +290 -0
package/.agent/skills/languages/javascript/data/core.yaml +380 -0
package/.agent/skills/languages/javascript/data/modern.yaml +269 -0
package/.agent/skills/languages/julia/META.yaml +13 -0
package/.agent/skills/languages/julia/SKILL.md +174 -0
package/.agent/skills/languages/julia/data/core.yaml +356 -0
package/.agent/skills/languages/kotlin/ADVANCED.md +539 -0
package/.agent/skills/languages/kotlin/META.yaml +24 -0
package/.agent/skills/languages/kotlin/SKILL.md +525 -0
package/.agent/skills/languages/kotlin/data/android.yaml +495 -0
package/.agent/skills/languages/kotlin/data/core.yaml +366 -0
package/.agent/skills/languages/lua/ADVANCED.md +257 -0
package/.agent/skills/languages/lua/META.yaml +58 -0
package/.agent/skills/languages/lua/SKILL.md +492 -0
package/.agent/skills/languages/lua/data/core.yaml +264 -0
package/.agent/skills/languages/lua/data/embedding.yaml +300 -0
package/.agent/skills/languages/nim/META.yaml +30 -0
package/.agent/skills/languages/nim/SKILL.md +116 -0
package/.agent/skills/languages/nim/data/async.yaml +257 -0
package/.agent/skills/languages/nim/data/core.yaml +241 -0
package/.agent/skills/languages/ocaml/META.yaml +13 -0
package/.agent/skills/languages/ocaml/SKILL.md +123 -0
package/.agent/skills/languages/ocaml/data/core.yaml +357 -0
package/.agent/skills/languages/perl/META.yaml +13 -0
package/.agent/skills/languages/perl/SKILL.md +115 -0
package/.agent/skills/languages/perl/data/core.yaml +360 -0
package/.agent/skills/languages/php/ADVANCED.md +199 -0
package/.agent/skills/languages/php/META.yaml +18 -0
package/.agent/skills/languages/php/SKILL.md +488 -0
package/.agent/skills/languages/php/data/core.yaml +392 -0
package/.agent/skills/languages/php/data/laravel.yaml +525 -0
package/.agent/skills/languages/python/ADVANCED.md +207 -0
package/.agent/skills/languages/python/META.yaml +91 -0
package/.agent/skills/languages/python/SKILL.md +495 -0
package/.agent/skills/languages/python/data/async.yaml +265 -0
package/.agent/skills/languages/python/data/core.yaml +259 -0
package/.agent/skills/languages/python/data/fastapi.yaml +296 -0
package/.agent/skills/languages/python/data/testing.yaml +226 -0
package/.agent/skills/languages/r/META.yaml +16 -0
package/.agent/skills/languages/r/SKILL.md +348 -0
package/.agent/skills/languages/r/data/core.yaml +355 -0
package/.agent/skills/languages/ruby/ADVANCED.md +381 -0
package/.agent/skills/languages/ruby/META.yaml +19 -0
package/.agent/skills/languages/ruby/SKILL.md +417 -0
package/.agent/skills/languages/ruby/data/core.yaml +448 -0
package/.agent/skills/languages/ruby/data/rails.yaml +415 -0
package/.agent/skills/languages/rust/ADVANCED.md +212 -0
package/.agent/skills/languages/rust/META.yaml +87 -0
package/.agent/skills/languages/rust/SKILL.md +377 -0
package/.agent/skills/languages/rust/data/async.yaml +404 -0
package/.agent/skills/languages/rust/data/axum.yaml +450 -0
package/.agent/skills/languages/rust/data/core.yaml +356 -0
package/.agent/skills/languages/scala/META.yaml +17 -0
package/.agent/skills/languages/scala/SKILL.md +202 -0
package/.agent/skills/languages/scala/data/core.yaml +349 -0
package/.agent/skills/languages/solidity/META.yaml +13 -0
package/.agent/skills/languages/solidity/SKILL.md +188 -0
package/.agent/skills/languages/solidity/data/core.yaml +528 -0
package/.agent/skills/languages/swift/ADVANCED.md +231 -0
package/.agent/skills/languages/swift/META.yaml +18 -0
package/.agent/skills/languages/swift/SKILL.md +342 -0
package/.agent/skills/languages/swift/data/core.yaml +489 -0
package/.agent/skills/languages/typescript/ADVANCED.md +186 -0
package/.agent/skills/languages/typescript/META.yaml +92 -0
package/.agent/skills/languages/typescript/SKILL.md +306 -0
package/.agent/skills/languages/typescript/data/async.yaml +397 -0
package/.agent/skills/languages/typescript/data/core.yaml +283 -0
package/.agent/skills/languages/typescript/data/validation.yaml +338 -0
package/.agent/skills/languages/zig/META.yaml +52 -0
package/.agent/skills/languages/zig/SKILL.md +354 -0
package/.agent/skills/languages/zig/data/async.yaml +314 -0
package/.agent/skills/languages/zig/data/core.yaml +302 -0
package/.agent/templates/README.md +42 -0
package/.agent/templates/audit-report.md +153 -0
package/.agent/templates/chains/debug/step1-reproduce.md +83 -0
package/.agent/templates/chains/debug/step2-isolate.md +73 -0
package/.agent/templates/chains/debug/step3-analyze.md +86 -0
package/.agent/templates/chains/debug/step4-fix.md +85 -0
package/.agent/templates/chains/debug/step5-verify.md +122 -0
package/.agent/templates/chains/implement/step1-plan.md +88 -0
package/.agent/templates/chains/implement/step2-code.md +87 -0
package/.agent/templates/chains/implement/step3-test.md +87 -0
package/.agent/templates/chains/implement/step4-doc.md +118 -0
package/.agent/templates/chains/review/step1-understand.md +74 -0
package/.agent/templates/chains/review/step2-analyze.md +110 -0
package/.agent/templates/chains/review/step3-fix.md +93 -0
package/.agent/templates/chains/review/step4-summary.md +104 -0
package/.agent/templates/debug-report.md +50 -0
package/.agent/templates/deploy-plan.md +54 -0
package/.agent/templates/doc-template.md +57 -0
package/.agent/templates/findings.md +122 -0
package/.agent/templates/index.yaml +239 -0
package/.agent/templates/migrate-plan.md +50 -0
package/.agent/templates/phase-template.md +72 -0
package/.agent/templates/project-plan.md +87 -0
package/.agent/templates/prompts/context_block.md +114 -0
package/.agent/templates/prompts/guardrails_block.md +116 -0
package/.agent/templates/prompts/persona_base.md +155 -0
package/.agent/templates/prompts/tools_block.md +137 -0
package/.agent/templates/reflection/critic.md +110 -0
package/.agent/templates/reflection/error_analysis.md +149 -0
package/.agent/templates/reflection/success_analysis.md +174 -0
package/.agent/templates/task-list.md +144 -0
package/.agent/templates/tasks/audit.yaml +146 -0
package/.agent/templates/tasks/bug_fix.yaml +121 -0
package/.agent/templates/tasks/code_implementation.yaml +110 -0
package/.agent/templates/tasks/refactor.yaml +157 -0
package/.agent/templates/test-report.md +52 -0
package/.agent/workflows/ap.md +135 -0
package/.agent/workflows/code.md +130 -0
package/.agent/workflows/debug.md +230 -0
package/.agent/workflows/deploy.md +192 -0
package/.agent/workflows/dev.md +137 -0
package/.agent/workflows/doc.md +124 -0
package/.agent/workflows/env.md +98 -0
package/.agent/workflows/fix.md +76 -0
package/.agent/workflows/generate.md +28 -0
package/.agent/workflows/git.md +97 -0
package/.agent/workflows/help.md +75 -0
package/.agent/workflows/init.md +148 -0
package/.agent/workflows/migrate.md +135 -0
package/.agent/workflows/monitor.md +133 -0
package/.agent/workflows/onboard.md +144 -0
package/.agent/workflows/orchestrate.md +117 -0
package/.agent/workflows/perf.md +106 -0
package/.agent/workflows/plan.md +106 -0
package/.agent/workflows/recap.md +101 -0
package/.agent/workflows/refactor.md +161 -0
package/.agent/workflows/revert.md +99 -0
package/.agent/workflows/review.md +106 -0
package/.agent/workflows/scaffold.md +119 -0
package/.agent/workflows/security.md +186 -0
package/.agent/workflows/status.md +103 -0
package/.agent/workflows/test.md +157 -0
package/.agent/workflows/think.md +126 -0
package/.agent/workflows/upgrade.md +109 -0
package/.agent/workflows/visualize.md +295 -0
package/.agent/workflows/workflow.md +196 -0
package/README.md +64 -0
package/dist/commands/add.d.ts +2 -0
package/dist/commands/add.d.ts.map +1 -0
package/dist/commands/add.js +70 -0
package/dist/commands/add.js.map +1 -0
package/dist/commands/config.d.ts +4 -0
package/dist/commands/config.d.ts.map +1 -0
package/dist/commands/config.js +152 -0
package/dist/commands/config.js.map +1 -0
package/dist/commands/doctor.d.ts +4 -0
package/dist/commands/doctor.d.ts.map +1 -0
package/dist/commands/doctor.js +98 -0
package/dist/commands/doctor.js.map +1 -0
package/dist/commands/hsa.d.ts +4 -0
package/dist/commands/hsa.d.ts.map +1 -0
package/dist/commands/hsa.js +194 -0
package/dist/commands/hsa.js.map +1 -0
package/dist/commands/info.d.ts +2 -0
package/dist/commands/info.d.ts.map +1 -0
package/dist/commands/info.js +149 -0
package/dist/commands/info.js.map +1 -0
package/dist/commands/init.d.ts +4 -0
package/dist/commands/init.d.ts.map +1 -0
package/dist/commands/init.js +262 -0
package/dist/commands/init.js.map +1 -0
package/dist/commands/install-core.d.ts +4 -0
package/dist/commands/install-core.d.ts.map +1 -0
package/dist/commands/install-core.js +85 -0
package/dist/commands/install-core.js.map +1 -0
package/dist/commands/install-helpers.d.ts +27 -0
package/dist/commands/install-helpers.d.ts.map +1 -0
package/dist/commands/install-helpers.js +125 -0
package/dist/commands/install-helpers.js.map +1 -0
package/dist/commands/install-hsa.d.ts +18 -0
package/dist/commands/install-hsa.d.ts.map +1 -0
package/dist/commands/install-hsa.js +61 -0
package/dist/commands/install-hsa.js.map +1 -0
package/dist/commands/install.d.ts +4 -0
package/dist/commands/install.d.ts.map +1 -0
package/dist/commands/install.js +310 -0
package/dist/commands/install.js.map +1 -0
package/dist/commands/list.d.ts +4 -0
package/dist/commands/list.d.ts.map +1 -0
package/dist/commands/list.js +91 -0
package/dist/commands/list.js.map +1 -0
package/dist/commands/mcp-registry.d.ts +48 -0
package/dist/commands/mcp-registry.d.ts.map +1 -0
package/dist/commands/mcp-registry.js +246 -0
package/dist/commands/mcp-registry.js.map +1 -0
package/dist/commands/mcp-writers.d.ts +20 -0
package/dist/commands/mcp-writers.d.ts.map +1 -0
package/dist/commands/mcp-writers.js +144 -0
package/dist/commands/mcp-writers.js.map +1 -0
package/dist/commands/mcp.d.ts +10 -0
package/dist/commands/mcp.d.ts.map +1 -0
package/dist/commands/mcp.js +319 -0
package/dist/commands/mcp.js.map +1 -0
package/dist/commands/update.d.ts +4 -0
package/dist/commands/update.d.ts.map +1 -0
package/dist/commands/update.js +79 -0
package/dist/commands/update.js.map +1 -0
package/dist/constants/cursor-globs.d.ts +17 -0
package/dist/constants/cursor-globs.d.ts.map +1 -0
package/dist/constants/cursor-globs.js +62 -0
package/dist/constants/cursor-globs.js.map +1 -0
package/dist/constants/ide-install-specs.d.ts +36 -0
package/dist/constants/ide-install-specs.d.ts.map +1 -0
package/dist/constants/ide-install-specs.js +870 -0
package/dist/constants/ide-install-specs.js.map +1 -0
package/dist/constants/ides.d.ts +105 -0
package/dist/constants/ides.d.ts.map +1 -0
package/dist/constants/ides.js +412 -0
package/dist/constants/ides.js.map +1 -0
package/dist/constants/skills.d.ts +40 -0
package/dist/constants/skills.d.ts.map +1 -0
package/dist/constants/skills.js +78 -0
package/dist/constants/skills.js.map +1 -0
package/dist/constants.d.ts +39 -0
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +75 -0
package/dist/constants.js.map +1 -0
package/dist/index.d.ts +8 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +122 -0
package/dist/index.js.map +1 -0
package/dist/types/flags.d.ts +47 -0
package/dist/types/flags.d.ts.map +1 -0
package/dist/types/flags.js +4 -0
package/dist/types/flags.js.map +1 -0
package/dist/types/ide-install.d.ts +175 -0
package/dist/types/ide-install.d.ts.map +1 -0
package/dist/types/ide-install.js +29 -0
package/dist/types/ide-install.js.map +1 -0
package/dist/utils/copy-helpers.d.ts +60 -0
package/dist/utils/copy-helpers.d.ts.map +1 -0
package/dist/utils/copy-helpers.js +617 -0
package/dist/utils/copy-helpers.js.map +1 -0
package/dist/utils/index.d.ts +3 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +5 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/validation.d.ts +29 -0
package/dist/utils/validation.d.ts.map +1 -0
package/dist/utils/validation.js +211 -0
package/dist/utils/validation.js.map +1 -0
package/package.json +64 -0

package/.agent/skills/core/security/data/language-specific/python-security.yaml ADDED Viewed

@@ -0,0 +1,295 @@
+metadata:
+  skill: security
+  domain: python_security
+  version: 6.2.0
+  updated: '2026-02-05'
+  migrated_from: python-security.csv
+  patterns_count: 25
+  columns:
+  - id
+  - name
+  - severity
+  - category
+  - description
+  - detection_pattern
+  - fix_pattern
+  - cwe
+  - cve_reference
+  - example_vuln
+  - example_fix
+patterns:
+- id: PY-01
+  name: Pickle Deserialization RCE
+  severity: CRITICAL
+  category: Deserialization
+  description: pickle.load on untrusted data leads to arbitrary code execution
+  detection_pattern: (pickle\\.load|pickle\\.loads|cPickle\\.load)(?!.*trusted)
+  fix_pattern: Use JSON safetensors or restrict classes with pickle.Unpickler
+  cwe: CWE-502
+  cve_reference: CVE-2024-50050,CVE-2025-3108
+  example_vuln: data = pickle.loads(request.data)
+  example_fix: 'data = json.loads(request.data) # or safetensors'
+- id: PY-02
+  name: SSTI Jinja2 RCE
+  severity: CRITICAL
+  category: Injection
+  description: render_template_string with user input leads to RCE
+  detection_pattern: render_template_string.*request|Template\\(.*input
+  fix_pattern: Use render_template with static templates never string input
+  cwe: CWE-94
+  cve_reference: CVE-2024-56085
+  example_vuln: render_template_string(user_input)
+  example_fix: render_template('safe.html', data=user_input)
+- id: PY-03
+  name: subprocess Shell Injection
+  severity: CRITICAL
+  category: Injection
+  description: shell=True with user input allows command injection
+  detection_pattern: subprocess\\.(run|call|Popen).*shell\\s*=\\s*True.*input
+  fix_pattern: Use list arguments never shell=True with user input
+  cwe: CWE-78
+  cve_reference: CVE-2024-3126
+  example_vuln: subprocess.run(f'echo {user}', shell=True)
+  example_fix: subprocess.run(['echo', user], shell=False)
+- id: PY-04
+  name: eval/exec RCE
+  severity: CRITICAL
+  category: Injection
+  description: eval or exec with user input leads to arbitrary code execution
+  detection_pattern: (eval|exec)\\s*\\(.*request|input|user
+  fix_pattern: Never use eval/exec with user input use ast.literal_eval
+  cwe: CWE-94
+  cve_reference: n/a
+  example_vuln: result = eval(request.form['expr'])
+  example_fix: import ast; result = ast.literal_eval(safe_expr)
+- id: PY-05
+  name: tarfile Path Traversal
+  severity: HIGH
+  category: File
+  description: tarfile extractall without filter allows path traversal
+  detection_pattern: tarfile\\.(open|extractall)(?!.*filter)
+  fix_pattern: Use extractall with filter parameter (Python 3.12+)
+  cwe: CWE-22
+  cve_reference: CVE-2024-12718,CVE-2025-4138
+  example_vuln: tar.extractall(path)
+  example_fix: 'tar.extractall(path, filter=''data'') # Python 3.12+'
+- id: PY-06
+  name: yaml.unsafe_load RCE
+  severity: CRITICAL
+  category: Deserialization
+  description: yaml.load without SafeLoader allows code execution
+  detection_pattern: yaml\\.load\\s*\\([^)]*(?!Loader=yaml\\.SafeLoader)
+  fix_pattern: Always use yaml.safe_load or specify SafeLoader
+  cwe: CWE-502
+  cve_reference: n/a
+  example_vuln: data = yaml.load(file)
+  example_fix: data = yaml.safe_load(file)
+- id: PY-07
+  name: os.system Injection
+  severity: CRITICAL
+  category: Injection
+  description: os.system with user input allows command injection
+  detection_pattern: os\\.system\\s*\\(.*input|request|user
+  fix_pattern: Use subprocess.run with list arguments
+  cwe: CWE-78
+  cve_reference: n/a
+  example_vuln: os.system('grep ' + user_input)
+  example_fix: subprocess.run(['grep', user_input])
+- id: PY-08
+  name: SQLAlchemy Raw Query
+  severity: HIGH
+  category: Injection
+  description: text() with string concatenation allows SQL injection
+  detection_pattern: (text|execute)\\s*\\(.*\\+.*input|f['\].*select"
+  fix_pattern: Use bound parameters with text() or ORM methods
+  cwe: CWE-89
+  cve_reference: n/a
+  example_vuln: db.execute(text(f'SELECT * WHERE id={id}'))
+  example_fix: 'db.execute(text(''SELECT * WHERE id=:id''), {''id'': id})'
+- id: PY-09
+  name: Flask Debug Mode Production
+  severity: HIGH
+  category: Configuration
+  description: Debug mode enabled in production exposes Werkzeug console
+  detection_pattern: app\\.run\\(.*debug\\s*=\\s*True(?!.*if.*__name__)
+  fix_pattern: Disable debug mode in production use environment config
+  cwe: CWE-200
+  cve_reference: n/a
+  example_vuln: app.run(debug=True)
+  example_fix: app.run(debug=os.getenv('FLASK_DEBUG', False))
+- id: PY-10
+  name: format String Injection
+  severity: MEDIUM
+  category: Injection
+  description: format() or f-strings with user input can leak data
+  detection_pattern: (format|f['\]).*\\{.*input|\\.format\\(.*request"
+  fix_pattern: Validate input or use safe template engines
+  cwe: CWE-134
+  cve_reference: n/a
+  example_vuln: 'msg = f''{user_input}'' # May contain {__class__}'
+  example_fix: 'msg = safe_format(user_input) # Validate first'
+- id: PY-11
+  name: Insecure Random
+  severity: HIGH
+  category: Cryptography
+  description: random module used for security-sensitive values
+  detection_pattern: import\\s+random(?!.*secrets)|random\\.(randint|choice).*token
+  fix_pattern: Use secrets module for cryptographic randomness
+  cwe: CWE-330
+  cve_reference: n/a
+  example_vuln: token = random.randint(0, 999999)
+  example_fix: token = secrets.token_urlsafe(32)
+- id: PY-12
+  name: Hardcoded Credentials
+  severity: HIGH
+  category: Secrets
+  description: Password or API key hardcoded in source
+  detection_pattern: (password|api_key|secret)\\s*=\\s*['\][^'\"]+['\"]"
+  fix_pattern: Use environment variables or secrets manager
+  cwe: CWE-798
+  cve_reference: n/a
+  example_vuln: API_KEY = 'sk-1234567890'
+  example_fix: API_KEY = os.getenv('API_KEY')
+- id: PY-13
+  name: Path Traversal os.path
+  severity: HIGH
+  category: File
+  description: User input in file path without validation
+  detection_pattern: os\\.path\\.join.*request|open\\(.*input(?!.*safe)
+  fix_pattern: Use os.path.realpath and validate against base directory
+  cwe: CWE-22
+  cve_reference: n/a
+  example_vuln: open(os.path.join(base, user_file))
+  example_fix: 'safe_path = os.path.realpath(os.path.join(base, user_file))\nif not safe_path.startswith(base): raise'
+- id: PY-14
+  name: SSRF requests
+  severity: HIGH
+  category: Network
+  description: User URL fetched without validation
+  detection_pattern: requests\\.(get|post)\\(.*input(?!.*allowlist)
+  fix_pattern: Validate URLs against allowlist block internal IPs
+  cwe: CWE-918
+  cve_reference: n/a
+  example_vuln: requests.get(user_url)
+  example_fix: 'if is_allowed_url(user_url): requests.get(user_url)'
+- id: PY-15
+  name: XML External Entity
+  severity: CRITICAL
+  category: Injection
+  description: XML parsing with external entities enabled
+  detection_pattern: etree\\.(parse|fromstring)(?!.*resolve_entities.*False)
+  fix_pattern: Disable external entity resolution in lxml defusedxml
+  cwe: CWE-611
+  cve_reference: n/a
+  example_vuln: tree = etree.parse(xml_file)
+  example_fix: from defusedxml import ElementTree as ET\ntree = ET.parse(xml_file)
+- id: PY-16
+  name: JWT Algorithm None
+  severity: CRITICAL
+  category: Authentication
+  description: JWT verification allows algorithm none
+  detection_pattern: jwt\\.decode\\(.*algorithms\\s*=\\s*None
+  fix_pattern: Explicitly specify allowed algorithms
+  cwe: CWE-347
+  cve_reference: n/a
+  example_vuln: jwt.decode(token, key, algorithms=None)
+  example_fix: jwt.decode(token, key, algorithms=['HS256'])
+- id: PY-17
+  name: Regex DoS ReDoS
+  severity: HIGH
+  category: DoS
+  description: Vulnerable regex pattern with user input
+  detection_pattern: re\\.compile\\(.*input|re\\.(match|search).*user
+  fix_pattern: Use re2 or timeout limit input length
+  cwe: CWE-400
+  cve_reference: n/a
+  example_vuln: re.match(user_regex, data)
+  example_fix: import google_re2 as re2\nre2.match(pattern, data)
+- id: PY-18
+  name: Race Condition File
+  severity: HIGH
+  category: Concurrency
+  description: TOCTOU race condition in file operations
+  detection_pattern: os\\.path\\.exists.*open|if.*isfile.*then.*open
+  fix_pattern: Use atomic operations or file locking
+  cwe: CWE-367
+  cve_reference: n/a
+  example_vuln: 'if os.path.exists(f): open(f) # TOCTOU'
+  example_fix: 'with open(f, ''x'') as file: # Atomic create'
+- id: PY-19
+  name: Insecure Temp File
+  severity: MEDIUM
+  category: File
+  description: tempfile created with predictable name or permissions
+  detection_pattern: tempfile\\.mk(s)?temp(?!.*dir=)
+  fix_pattern: Use tempfile.NamedTemporaryFile or mkstemp with secure dir
+  cwe: CWE-377
+  cve_reference: n/a
+  example_vuln: f = tempfile.mktemp()
+  example_fix: 'with tempfile.NamedTemporaryFile(delete=False) as f:'
+- id: PY-20
+  name: Assert Security Check
+  severity: MEDIUM
+  category: Logic
+  description: Assert used for security checks bypassed with -O flag
+  detection_pattern: assert\\s+.*authenticated|assert.*authorized
+  fix_pattern: Use if-raise pattern for security checks
+  cwe: CWE-617
+  cve_reference: n/a
+  example_vuln: 'assert user.is_admin # Bypassed with python -O'
+  example_fix: 'if not user.is_admin: raise PermissionError()'
+- id: PY-21
+  name: Dynamic Import Injection
+  severity: HIGH
+  category: Injection
+  description: importlib with user input allows code execution
+  detection_pattern: importlib\\.import_module\\(.*input
+  fix_pattern: Validate module against allowlist
+  cwe: CWE-94
+  cve_reference: n/a
+  example_vuln: mod = importlib.import_module(user_module)
+  example_fix: 'if user_module in ALLOWED: mod = importlib.import_module(user_module)'
+- id: PY-22
+  name: Django ORM extra() Injection
+  severity: HIGH
+  category: Injection
+  description: extra() with raw SQL allows injection
+  detection_pattern: extra\\(.*where.*=.*\\+|extra\\(select=\\{.*\\+
+  fix_pattern: Use ORM methods or parameterized raw queries
+  cwe: CWE-89
+  cve_reference: n/a
+  example_vuln: Model.objects.extra(where=['id=' + id])
+  example_fix: Model.objects.filter(id=id)
+- id: PY-23
+  name: Weak Password Hash
+  severity: HIGH
+  category: Cryptography
+  description: MD5 SHA1 or unsalted hash for passwords
+  detection_pattern: (md5|sha1)\\(.*password|hashlib\\.(md5|sha1)
+  fix_pattern: Use bcrypt argon2 or PBKDF2 with sufficient rounds
+  cwe: CWE-327
+  cve_reference: n/a
+  example_vuln: hashlib.md5(password.encode()).hexdigest()
+  example_fix: from argon2 import PasswordHasher; ph.hash(password)
+- id: PY-24
+  name: Socket Race Condition
+  severity: HIGH
+  category: Network
+  description: socket.socketpair fallback race on Windows
+  detection_pattern: socket\\.socketpair(?!.*verify)
+  fix_pattern: Upgrade Python 3.12+ or verify connection manually
+  cwe: CWE-362
+  cve_reference: CVE-2024-3219
+  example_vuln: s1, s2 = socket.socketpair()
+  example_fix: '# Python 3.12 fixes this - upgrade'
+- id: PY-25
+  name: Sandbox Escape exec
+  severity: CRITICAL
+  category: Sandbox
+  description: Restricted exec can be bypassed with builtins
+  detection_pattern: exec\\(.*\\{['\]__builtins__"
+  fix_pattern: Never use exec for sandboxing use proper isolation
+  cwe: CWE-94
+  cve_reference: n/a
+  example_vuln: 'exec(code, {''__builtins__'': {}})'
+  example_fix: '# Use subprocess with restricted user or container'

package/.agent/skills/core/security/data/language-specific/ruby-security.yaml ADDED Viewed

@@ -0,0 +1,198 @@
+metadata:
+  skill: security
+  domain: ruby_security
+  version: 6.2.0
+  updated: '2026-02-05'
+  migrated_from: ruby-security.csv
+  patterns_count: 20
+  columns:
+  - id
+  - name
+  - severity
+  - category
+  - description
+  - detection_pattern
+  - fix_pattern
+  - cwe
+  - example_code
+patterns:
+- id: RB-01
+  name: Mass Assignment
+  severity: CRITICAL
+  category: Injection
+  description: Unprotected attributes allow overwriting sensitive fields
+  detection_pattern: params\\.permit|attr_accessible(?!.*:role)
+  fix_pattern: Use strong_parameters with explicit permit list
+  cwe: CWE-915
+  example_code: '# BAD\nUser.create(params[:user])\n# GOOD\nUser.create(params.require(:user).permit(:name, :email))'
+- id: RB-02
+  name: Marshal Deserialization
+  severity: CRITICAL
+  category: Injection
+  description: Marshal.load on untrusted data leads to RCE
+  detection_pattern: Marshal\\.load(?!.*trusted)
+  fix_pattern: Use JSON.parse instead of Marshal for untrusted data
+  cwe: CWE-502
+  example_code: '# RCE via Marshal\nMarshal.load(Base64.decode64(cookies[:session]))\n# SAFE: Use JSON\nJSON.parse(data)'
+- id: RB-03
+  name: YAML.load Unsafe
+  severity: CRITICAL
+  category: Injection
+  description: YAML.load executes arbitrary Ruby code
+  detection_pattern: YAML\\.load(?!_file|.*permitted)
+  fix_pattern: Use YAML.safe_load with permitted_classes
+  cwe: CWE-502
+  example_code: '# RCE via YAML\nYAML.load(user_input)\n# SAFE\nYAML.safe_load(user_input, permitted_classes: [Date])'
+- id: RB-04
+  name: ERB Injection SSTI
+  severity: CRITICAL
+  category: Injection
+  description: User input in ERB template leads to code execution
+  detection_pattern: ERB\\.new\\(.*\\#\\{|render.*inline.*params
+  fix_pattern: Never use user input in ERB templates directly
+  cwe: CWE-94
+  example_code: '# SSTI\nERB.new(\<%= #{params[:name]} %>\").result\n# SAFE: Escape output"'
+- id: RB-05
+  name: Command Injection system
+  severity: CRITICAL
+  category: Injection
+  description: User input in system/exec/backticks
+  detection_pattern: system\\(.*\\#\\{|`.*\\#\\{|exec\\(.*\\+
+  fix_pattern: Use array form or shellwords escape
+  cwe: CWE-78
+  example_code: '# Vulnerable\nsystem(\ls #{params[:dir]}\")\n# SAFE\nsystem(''ls'''
+- id: RB-06
+  name: SQL Injection Raw
+  severity: CRITICAL
+  category: Injection
+  description: Raw SQL with string interpolation
+  detection_pattern: where\\(.*\\#\\{|find_by_sql.*\\#\\{
+  fix_pattern: Use parameterized queries with ?
+  cwe: CWE-89
+  example_code: '# SQLi\nUser.where(\name = ''#{params[:name]}''\")\n# SAFE\nUser.where(name: params[:name])"'
+- id: RB-07
+  name: Open Redirect
+  severity: HIGH
+  category: Web
+  description: Unvalidated redirect_to with user input
+  detection_pattern: redirect_to\\s+params|redirect_to.*url(?!_for)
+  fix_pattern: Whitelist allowed redirect paths
+  cwe: CWE-601
+  example_code: '# Open redirect\nredirect_to params[:url]\n# SAFE\nredirect_to url_for(params[:path].presence_in(ALLOWED))'
+- id: RB-08
+  name: Path Traversal send_file
+  severity: HIGH
+  category: Web
+  description: send_file with user-controlled path
+  detection_pattern: send_file.*params|send_data.*File\\.read.*params
+  fix_pattern: Validate path within allowed directory
+  cwe: CWE-22
+  example_code: '# Path traversal\nsend_file(params[:file])\n# SAFE\nsend_file(Rails.root.join(''public'', File.basename(params[:file])))'
+- id: RB-09
+  name: Eval Code Execution
+  severity: CRITICAL
+  category: Injection
+  description: eval/instance_eval on user input
+  detection_pattern: eval\\(.*params|instance_eval.*user
+  fix_pattern: Never use eval on user input
+  cwe: CWE-94
+  example_code: '# RCE\neval(params[:code])\n# SAFE: Use whitelist of allowed operations'
+- id: RB-10
+  name: render inline XSS
+  severity: HIGH
+  category: Web
+  description: render inline without escaping
+  detection_pattern: render.*inline.*params(?!.*escape)
+  fix_pattern: Use html_safe only on trusted content
+  cwe: CWE-79
+  example_code: '# XSS\nrender inline: params[:content]\n# SAFE\nrender inline: ERB::Util.html_escape(params[:content])'
+- id: RB-11
+  name: Insecure Regex ReDoS
+  severity: MEDIUM
+  category: DoS
+  description: Regex with nested quantifiers vulnerable to ReDoS
+  detection_pattern: Regexp\\.new.*\\+\\*|\\(.*\\*\\)\\+
+  fix_pattern: Use timeout or safe regex patterns
+  cwe: CWE-1333
+  example_code: '# ReDoS vulnerable\n/(a+)+$/.match(user_input)\n# SAFE: Use timeout or re2 gem'
+- id: RB-12
+  name: Session Fixation
+  severity: HIGH
+  category: Auth
+  description: Session not regenerated after login
+  detection_pattern: session\\[:user_id\\]\\s*=(?!.*reset_session)
+  fix_pattern: Call reset_session before setting user
+  cwe: CWE-384
+  example_code: '# Fixation\nsession[:user_id] = user.id\n# SAFE\nreset_session; session[:user_id] = user.id'
+- id: RB-13
+  name: CSRF Token Skip
+  severity: HIGH
+  category: Web
+  description: skip_forgery_protection without API check
+  detection_pattern: skip_forgery_protection|protect_from_forgery.*except
+  fix_pattern: Only skip for stateless API endpoints
+  cwe: CWE-352
+  example_code: '# Risky\nskip_forgery_protection\n# SAFE\nprotect_from_forgery with: :null_session, if: -> { request.format.json? }'
+- id: RB-14
+  name: Weak Password Hash
+  severity: HIGH
+  category: Crypto
+  description: Using MD5/SHA1 for password storage
+  detection_pattern: Digest::(MD5|SHA1).*password|digest.*password
+  fix_pattern: Use bcrypt via has_secure_password
+  cwe: CWE-328
+  example_code: '# Weak\nDigest::SHA1.hexdigest(password)\n# SAFE\nhas_secure_password'
+- id: RB-15
+  name: Constant Comparison Timing
+  severity: MEDIUM
+  category: Crypto
+  description: String comparison vulnerable to timing attack
+  detection_pattern: ==.*secret|secret.*==(?!.*secure_compare)
+  fix_pattern: Use ActiveSupport::SecurityUtils.secure_compare
+  cwe: CWE-208
+  example_code: '# Timing attack\nparams[:token] == secret_token\n# SAFE\nActiveSupport::SecurityUtils.secure_compare(params[:token], secret_token)'
+- id: RB-16
+  name: File.read Arbitrary
+  severity: HIGH
+  category: LFI
+  description: File.read with user input allows LFI
+  detection_pattern: File\\.(read|open).*params
+  fix_pattern: Validate path and use safe_join
+  cwe: CWE-22
+  example_code: '# LFI\nFile.read(params[:path])\n# SAFE: Validate and restrict to allowed directory'
+- id: RB-17
+  name: Paperclip/Shrine RCE
+  severity: CRITICAL
+  category: Upload
+  description: Image processing without validation
+  detection_pattern: has_attached_file|Shrine(?!.*validate)
+  fix_pattern: Validate content type and use imagemagick safely
+  cwe: CWE-434
+  example_code: '# RCE via ImageMagick\nhas_attached_file :avatar\n# SAFE: Validate and restrict types'
+- id: RB-18
+  name: ActiveRecord Serialize
+  severity: HIGH
+  category: Injection
+  description: serialize with unsafe coder class
+  detection_pattern: serialize.*Marshal|serialize(?!.*JSON|coder)
+  fix_pattern: Use JSON coder for serialization
+  cwe: CWE-502
+  example_code: '# Unsafe\nserialize :data, Marshal\n# SAFE\nserialize :data, JSON'
+- id: RB-19
+  name: Logger Injection
+  severity: MEDIUM
+  category: Log
+  description: User input in logs without sanitization
+  detection_pattern: Rails\\.logger\\.(info|debug).*params
+  fix_pattern: Sanitize user input before logging
+  cwe: CWE-117
+  example_code: '# Log injection\nRails.logger.info(\User: #{params[:user]}\")\n# SAFE: Filter and sanitize"'
+- id: RB-20
+  name: Rack CRLF Injection
+  severity: HIGH
+  category: Web
+  description: User input in headers allows CRLF
+  detection_pattern: response\\.headers\\[.*\\]\\s*=.*params
+  fix_pattern: Validate header values
+  cwe: CWE-113
+  example_code: '# CRLF\nresponse.headers[''X-Custom''] = params[:header]\n# SAFE: Validate alphanumeric only'