npm - @nockdev/awf - Versions diffs - 6.2.0 - Mend

@nockdev/awf 6.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (727) hide show

package/.agent/build.yaml +178 -0
package/.agent/config.yaml +235 -0
package/.agent/core/ACTIVE_MEMORY.yaml +344 -0
package/.agent/core/ARCH_REGISTRY.yaml +252 -0
package/.agent/core/AUDIT_POLICY.md +68 -0
package/.agent/core/BRANDING.yaml +185 -0
package/.agent/core/CACHE.md +59 -0
package/.agent/core/CHECKPOINT.yaml +153 -0
package/.agent/core/CLEANUP_ENGINE.yaml +326 -0
package/.agent/core/CODING_STYLES.yaml +346 -0
package/.agent/core/COMMANDS.md +93 -0
package/.agent/core/CONTEXT_INJECTOR.yaml +325 -0
package/.agent/core/CONTEXT_LOADER.yaml +323 -0
package/.agent/core/CONTEXT_OPTIMIZATION.yaml +286 -0
package/.agent/core/CONTEXT_PRIORITY.yaml +357 -0
package/.agent/core/CUSTOMIZE.md +138 -0
package/.agent/core/DATA_SAFETY.md +92 -0
package/.agent/core/FLOW_ENGINE.yaml +300 -0
package/.agent/core/GRAPH_MEMORY.yaml +420 -0
package/.agent/core/HSA.yaml +357 -0
package/.agent/core/HYBRID_ROUTER.yaml +346 -0
package/.agent/core/INTENT_DETECTION.yaml +384 -0
package/.agent/core/LIBRARY_REGISTRY.yaml +401 -0
package/.agent/core/MCP_TOOLS.yaml +414 -0
package/.agent/core/MEMORY_CONSOLIDATION.yaml +352 -0
package/.agent/core/MEMORY_ENGINE.yaml +353 -0
package/.agent/core/MEMORY_PATHS.yaml +79 -0
package/.agent/core/MEMORY_UTILS.yaml +212 -0
package/.agent/core/PATTERNS.yaml +319 -0
package/.agent/core/PERMISSIONS.md +100 -0
package/.agent/core/README.md +91 -0
package/.agent/core/REFLECTION_ENGINE.yaml +348 -0
package/.agent/core/ROUTER.yaml +424 -0
package/.agent/core/SCORING_FORMULA.yaml +103 -0
package/.agent/core/SEMANTIC_ENGINE.yaml +162 -0
package/.agent/core/SKILLS_FLOW.yaml +341 -0
package/.agent/core/SKILL_SCHEMA.yaml +266 -0
package/.agent/core/STATE_MACHINE.yaml +409 -0
package/.agent/core/SUMMARIZATION_ENGINE.yaml +258 -0
package/.agent/core/TEMPLATES.yaml +364 -0
package/.agent/core/TOKEN_BUDGETS.yaml +157 -0
package/.agent/core/TOKEN_LOADING.yaml +197 -0
package/.agent/core/TOKEN_SUMMARY.yaml +121 -0
package/.agent/core/VERSION.yaml +240 -0
package/.agent/core/embeddings.json +2004 -0
package/.agent/core/session_cache.json +50 -0
package/.agent/i18n/README.md +30 -0
package/.agent/i18n/en.yaml +302 -0
package/.agent/i18n/vi.yaml +302 -0
package/.agent/ide/README.md +47 -0
package/.agent/ide/amazonq.json +35 -0
package/.agent/ide/amp.json +35 -0
package/.agent/ide/antigravity.json +47 -0
package/.agent/ide/augment.json +35 -0
package/.agent/ide/claude.json +42 -0
package/.agent/ide/cline.json +34 -0
package/.agent/ide/codex.json +37 -0
package/.agent/ide/cody.json +35 -0
package/.agent/ide/continue.json +35 -0
package/.agent/ide/cursor.json +42 -0
package/.agent/ide/gemini.json +46 -0
package/.agent/ide/jetbrains.json +35 -0
package/.agent/ide/kiro.json +35 -0
package/.agent/ide/opencode.json +35 -0
package/.agent/ide/roo.json +35 -0
package/.agent/ide/tabnine.json +35 -0
package/.agent/ide/trae.json +35 -0
package/.agent/ide/vscode.json +34 -0
package/.agent/ide/windsurf.json +56 -0
package/.agent/ide/zed.json +36 -0
package/.agent/manifest.yaml +416 -0
package/.agent/memory/README.md +148 -0
package/.agent/memory/active_memories.json +35 -0
package/.agent/memory/archive/.gitkeep +0 -0
package/.agent/memory/audit_summary.json +58 -0
package/.agent/memory/cleanup_log.json +34 -0
package/.agent/memory/consolidated.md +75 -0
package/.agent/memory/core_memory/persona.json +30 -0
package/.agent/memory/core_memory/project.json +25 -0
package/.agent/memory/core_memory/rules.json +29 -0
package/.agent/memory/core_memory/user.json +24 -0
package/.agent/memory/decisions.md +40 -0
package/.agent/memory/graph/knowledge_graph.json +12 -0
package/.agent/memory/insights.md +52 -0
package/.agent/memory/metrics.json +48 -0
package/.agent/memory/patterns/errors.json +11 -0
package/.agent/memory/patterns/successes.json +10 -0
package/.agent/memory/session.md +64 -0
package/.agent/memory/session_rules.json +19 -0
package/.agent/memory/state.json +81 -0
package/.agent/memory/vectors/README.md +129 -0
package/.agent/personas/README.md +180 -0
package/.agent/personas/architect.md +186 -0
package/.agent/personas/auditor.md +222 -0
package/.agent/personas/debugger.md +210 -0
package/.agent/personas/developer.md +183 -0
package/.agent/personas/devops.md +268 -0
package/.agent/personas/documenter.md +262 -0
package/.agent/personas/orchestrator.md +240 -0
package/.agent/personas/persona.schema.yaml +209 -0
package/.agent/personas/planner.md +171 -0
package/.agent/personas/researcher.md +194 -0
package/.agent/personas/security.md +212 -0
package/.agent/personas/tester.md +247 -0
package/.agent/rules/README.md +231 -0
package/.agent/rules/SACRED_RULES.xml +142 -0
package/.agent/rules/constitutional/tier-0-core.yaml +182 -0
package/.agent/rules/constitutional/tier-1-safety.yaml +272 -0
package/.agent/rules/constitutional/tier-2-execution.yaml +294 -0
package/.agent/rules/data/build-systems.yaml +126 -0
package/.agent/rules/data/quality-standards.json +59 -0
package/.agent/rules/duplication-prevention.md +138 -0
package/.agent/rules/incremental-changes.md +146 -0
package/.agent/rules/modules/context-management.yaml +158 -0
package/.agent/rules/modules/edit-verification.yaml +197 -0
package/.agent/rules/modules/evidence.yaml +185 -0
package/.agent/rules/modules/git-workflow.yaml +165 -0
package/.agent/rules/modules/language.yaml +155 -0
package/.agent/rules/modules/online-research.yaml +192 -0
package/.agent/rules/modules/quality.yaml +185 -0
package/.agent/rules/modules/reflection.yaml +209 -0
package/.agent/rules/modules/stop-conditions.yaml +196 -0
package/.agent/rules/modules/terminal-safety.yaml +229 -0
package/.agent/rules/modules/versioning.yaml +97 -0
package/.agent/rules/modules/yagni.yaml +167 -0
package/.agent/rules/project-detection.md +317 -0
package/.agent/rules/prompt-injection-guard.md +260 -0
package/.agent/rules/shell-commands.md +210 -0
package/.agent/rules/validation-framework.md +189 -0
package/.agent/skills/DEVELOPMENT.yaml +226 -0
package/.agent/skills/README.md +69 -0
package/.agent/skills/_categories.yaml +145 -0
package/.agent/skills/_router.yaml +232 -0
package/.agent/skills/core/_index.yaml +12 -0
package/.agent/skills/core/api-design/META.yaml +64 -0
package/.agent/skills/core/api-design/SKILL.md +169 -0
package/.agent/skills/core/api-design/data/api-versioning.yaml +217 -0
package/.agent/skills/core/api-design/data/error-responses.yaml +135 -0
package/.agent/skills/core/api-design/data/graphql-patterns.yaml +165 -0
package/.agent/skills/core/api-design/data/grpc-patterns.yaml +165 -0
package/.agent/skills/core/api-design/data/http-status-codes.yaml +176 -0
package/.agent/skills/core/api-design/data/pagination.yaml +121 -0
package/.agent/skills/core/api-design/data/rate-limiting.yaml +135 -0
package/.agent/skills/core/api-design/data/rest-patterns.yaml +195 -0
package/.agent/skills/core/api-design/data/test-apis.yaml +217 -0
package/.agent/skills/core/authentication/META.yaml +73 -0
package/.agent/skills/core/authentication/SKILL.md +166 -0
package/.agent/skills/core/authentication/data/anti-patterns.yaml +135 -0
package/.agent/skills/core/authentication/data/core-patterns.yaml +256 -0
package/.agent/skills/core/authentication/data/jwt-patterns.yaml +255 -0
package/.agent/skills/core/authentication/data/language-csharp.yaml +215 -0
package/.agent/skills/core/authentication/data/language-go.yaml +215 -0
package/.agent/skills/core/authentication/data/language-java.yaml +215 -0
package/.agent/skills/core/authentication/data/language-mobile.yaml +215 -0
package/.agent/skills/core/authentication/data/language-python.yaml +215 -0
package/.agent/skills/core/authentication/data/language-rust.yaml +215 -0
package/.agent/skills/core/authentication/data/language-typescript.yaml +215 -0
package/.agent/skills/core/authentication/data/mfa-patterns.yaml +175 -0
package/.agent/skills/core/authentication/data/oauth-patterns.yaml +255 -0
package/.agent/skills/core/authentication/data/oauth.yaml +248 -0
package/.agent/skills/core/authentication/data/passkeys-webauthn.yaml +215 -0
package/.agent/skills/core/authentication/data/passkeys.yaml +208 -0
package/.agent/skills/core/authentication/data/password-patterns.yaml +175 -0
package/.agent/skills/core/authentication/data/password.yaml +168 -0
package/.agent/skills/core/authentication/data/session-patterns.yaml +215 -0
package/.agent/skills/core/error-handling/META.yaml +71 -0
package/.agent/skills/core/error-handling/SKILL.md +156 -0
package/.agent/skills/core/error-handling/data/anti-patterns.yaml +105 -0
package/.agent/skills/core/error-handling/data/api-error-patterns.yaml +135 -0
package/.agent/skills/core/error-handling/data/core-patterns.yaml +226 -0
package/.agent/skills/core/error-handling/data/error-codes.yaml +165 -0
package/.agent/skills/core/error-handling/data/error-messages.yaml +165 -0
package/.agent/skills/core/error-handling/data/language-c-cpp.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-go-rust.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-python-java.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-swift-kotlin.yaml +226 -0
package/.agent/skills/core/error-handling/data/language-typescript-php-ruby.yaml +226 -0
package/.agent/skills/core/error-handling/data/resilience-patterns.yaml +191 -0
package/.agent/skills/core/error-handling/data/ui-error-patterns.yaml +135 -0
package/.agent/skills/core/logging/META.yaml +73 -0
package/.agent/skills/core/logging/SKILL.md +184 -0
package/.agent/skills/core/logging/data/aggregation-patterns.yaml +191 -0
package/.agent/skills/core/logging/data/anti-patterns.yaml +121 -0
package/.agent/skills/core/logging/data/core-patterns.yaml +226 -0
package/.agent/skills/core/logging/data/language-csharp.yaml +191 -0
package/.agent/skills/core/logging/data/language-go.yaml +191 -0
package/.agent/skills/core/logging/data/language-java.yaml +191 -0
package/.agent/skills/core/logging/data/language-kotlin.yaml +156 -0
package/.agent/skills/core/logging/data/language-others.yaml +184 -0
package/.agent/skills/core/logging/data/language-python.yaml +191 -0
package/.agent/skills/core/logging/data/language-rust.yaml +191 -0
package/.agent/skills/core/logging/data/language-swift.yaml +156 -0
package/.agent/skills/core/logging/data/language-typescript.yaml +191 -0
package/.agent/skills/core/logging/data/otel-logging.yaml +156 -0
package/.agent/skills/core/observability/META.yaml +76 -0
package/.agent/skills/core/observability/SKILL.md +153 -0
package/.agent/skills/core/observability/data/alerting-patterns.yaml +165 -0
package/.agent/skills/core/observability/data/anti-patterns.yaml +105 -0
package/.agent/skills/core/observability/data/core-patterns.yaml +195 -0
package/.agent/skills/core/observability/data/language-cpp.yaml +165 -0
package/.agent/skills/core/observability/data/language-csharp.yaml +165 -0
package/.agent/skills/core/observability/data/language-go.yaml +165 -0
package/.agent/skills/core/observability/data/language-java.yaml +165 -0
package/.agent/skills/core/observability/data/language-others.yaml +255 -0
package/.agent/skills/core/observability/data/language-python.yaml +165 -0
package/.agent/skills/core/observability/data/language-rust.yaml +165 -0
package/.agent/skills/core/observability/data/language-typescript.yaml +165 -0
package/.agent/skills/core/observability/data/metrics-patterns.yaml +135 -0
package/.agent/skills/core/observability/data/metrics-prometheus.yaml +165 -0
package/.agent/skills/core/observability/data/otel-core.yaml +195 -0
package/.agent/skills/core/observability/data/profiling-patterns.yaml +135 -0
package/.agent/skills/core/observability/data/tracing-patterns.yaml +165 -0
package/.agent/skills/core/observability/data/tracing-tools.yaml +135 -0
package/.agent/skills/core/security/ADVANCED.md +269 -0
package/.agent/skills/core/security/META.yaml +97 -0
package/.agent/skills/core/security/SKILL.md +234 -0
package/.agent/skills/core/security/data/ai-ml-security.yaml +261 -0
package/.agent/skills/core/security/data/api-security.yaml +230 -0
package/.agent/skills/core/security/data/auth-patterns.yaml +195 -0
package/.agent/skills/core/security/data/binary-exploitation.yaml +339 -0
package/.agent/skills/core/security/data/cloud-security.yaml +269 -0
package/.agent/skills/core/security/data/cwe-top25.yaml +415 -0
package/.agent/skills/core/security/data/language-specific/c-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/cpp-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/csharp-security.yaml +219 -0
package/.agent/skills/core/security/data/language-specific/go-security.yaml +219 -0
package/.agent/skills/core/security/data/language-specific/java-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/kotlin-security.yaml +198 -0
package/.agent/skills/core/security/data/language-specific/php-security.yaml +219 -0
package/.agent/skills/core/security/data/language-specific/python-security.yaml +295 -0
package/.agent/skills/core/security/data/language-specific/ruby-security.yaml +198 -0
package/.agent/skills/core/security/data/language-specific/rust-security.yaml +240 -0
package/.agent/skills/core/security/data/language-specific/solidity-security.yaml +369 -0
package/.agent/skills/core/security/data/language-specific/swift-security.yaml +198 -0
package/.agent/skills/core/security/data/language-specific/typescript-security.yaml +295 -0
package/.agent/skills/core/security/data/mobile-security.yaml +369 -0
package/.agent/skills/core/security/data/network-security.yaml +297 -0
package/.agent/skills/core/security/data/owasp-top10.yaml +171 -0
package/.agent/skills/core/security/data/reverse-engineering.yaml +497 -0
package/.agent/skills/core/security/data/supply-chain.yaml +219 -0
package/.agent/skills/cross-cutting/_index.yaml +15 -0
package/.agent/skills/cross-cutting/audit-pro/META.yaml +43 -0
package/.agent/skills/cross-cutting/audit-pro/data/checklists.yaml +644 -0
package/.agent/skills/cross-cutting/audit-pro/data/scoring.yaml +101 -0
package/.agent/skills/cross-cutting/aws/META.yaml +75 -0
package/.agent/skills/cross-cutting/aws/data/ai_ml.yaml +194 -0
package/.agent/skills/cross-cutting/aws/data/compute.yaml +191 -0
package/.agent/skills/cross-cutting/aws/data/kubernetes.yaml +199 -0
package/.agent/skills/cross-cutting/aws/data/storage.yaml +174 -0
package/.agent/skills/cross-cutting/bun/META.yaml +58 -0
package/.agent/skills/cross-cutting/bun/SKILL.md +357 -0
package/.agent/skills/cross-cutting/bun/data/database.yaml +85 -0
package/.agent/skills/cross-cutting/bun/data/runtime.yaml +170 -0
package/.agent/skills/cross-cutting/bun/data/tooling.yaml +192 -0
package/.agent/skills/cross-cutting/ci-cd/META.yaml +60 -0
package/.agent/skills/cross-cutting/ci-cd/data/github_actions.yaml +248 -0
package/.agent/skills/cross-cutting/ci-cd/data/security.yaml +211 -0
package/.agent/skills/cross-cutting/coding-rules/META.yaml +61 -0
package/.agent/skills/cross-cutting/coding-rules/SKILL.md +171 -0
package/.agent/skills/cross-cutting/coding-rules/data/architecture-patterns.yaml +96 -0
package/.agent/skills/cross-cutting/coding-rules/data/build-systems.yaml +346 -0
package/.agent/skills/cross-cutting/coding-rules/data/coding-rules.yaml +647 -0
package/.agent/skills/cross-cutting/coding-rules/data/concurrency-patterns.yaml +108 -0
package/.agent/skills/cross-cutting/coding-rules/data/design-patterns.yaml +260 -0
package/.agent/skills/cross-cutting/coding-rules/data/framework-signatures.yaml +344 -0
package/.agent/skills/cross-cutting/coding-rules/data/memory-management.yaml +108 -0
package/.agent/skills/cross-cutting/coding-rules/data/naming-conventions.yaml +320 -0
package/.agent/skills/cross-cutting/coding-rules/data/performance-benchmarks.yaml +164 -0
package/.agent/skills/cross-cutting/coding-rules/data/solid-principles.yaml +80 -0
package/.agent/skills/cross-cutting/coding-rules/data/test-frameworks.yaml +183 -0
package/.agent/skills/cross-cutting/database/ADVANCED.md +465 -0
package/.agent/skills/cross-cutting/database/META.yaml +22 -0
package/.agent/skills/cross-cutting/database/SKILL.md +816 -0
package/.agent/skills/cross-cutting/database/data/anti_patterns.yaml +116 -0
package/.agent/skills/cross-cutting/database/data/distributed.yaml +152 -0
package/.agent/skills/cross-cutting/database/data/mongodb.yaml +132 -0
package/.agent/skills/cross-cutting/database/data/mysql.yaml +130 -0
package/.agent/skills/cross-cutting/database/data/orm.yaml +104 -0
package/.agent/skills/cross-cutting/database/data/postgresql.yaml +170 -0
package/.agent/skills/cross-cutting/database/data/redis.yaml +129 -0
package/.agent/skills/cross-cutting/deno/META.yaml +68 -0
package/.agent/skills/cross-cutting/deno/SKILL.md +343 -0
package/.agent/skills/cross-cutting/deno/data/runtime.yaml +260 -0
package/.agent/skills/cross-cutting/deno/data/security.yaml +168 -0
package/.agent/skills/cross-cutting/deno/data/tooling.yaml +133 -0
package/.agent/skills/cross-cutting/docker/META.yaml +65 -0
package/.agent/skills/cross-cutting/docker/data/build.yaml +197 -0
package/.agent/skills/cross-cutting/docker/data/compose.yaml +229 -0
package/.agent/skills/cross-cutting/docker/data/security.yaml +164 -0
package/.agent/skills/cross-cutting/electron/META.yaml +174 -0
package/.agent/skills/cross-cutting/electron/SKILL.md +862 -0
package/.agent/skills/cross-cutting/electron/data/build.yaml +105 -0
package/.agent/skills/cross-cutting/electron/data/crash.yaml +103 -0
package/.agent/skills/cross-cutting/electron/data/ipc.yaml +85 -0
package/.agent/skills/cross-cutting/electron/data/native.yaml +157 -0
package/.agent/skills/cross-cutting/electron/data/security.yaml +89 -0
package/.agent/skills/cross-cutting/electron/data/storage.yaml +100 -0
package/.agent/skills/cross-cutting/electron/data/testing.yaml +103 -0
package/.agent/skills/cross-cutting/electron/data/updates.yaml +99 -0
package/.agent/skills/cross-cutting/electron/data/window.yaml +83 -0
package/.agent/skills/cross-cutting/kubernetes/META.yaml +70 -0
package/.agent/skills/cross-cutting/kubernetes/data/networking.yaml +270 -0
package/.agent/skills/cross-cutting/kubernetes/data/scheduling.yaml +267 -0
package/.agent/skills/cross-cutting/kubernetes/data/security.yaml +253 -0
package/.agent/skills/cross-cutting/kubernetes/data/workloads.yaml +251 -0
package/.agent/skills/cross-cutting/sql/META.yaml +88 -0
package/.agent/skills/cross-cutting/sql/SKILL.md +296 -0
package/.agent/skills/cross-cutting/sql/data/indexing.yaml +147 -0
package/.agent/skills/cross-cutting/sql/data/json.yaml +156 -0
package/.agent/skills/cross-cutting/sql/data/performance.yaml +204 -0
package/.agent/skills/cross-cutting/sql/data/queries.yaml +150 -0
package/.agent/skills/cross-cutting/tailwind/META.yaml +72 -0
package/.agent/skills/cross-cutting/tailwind/SKILL.md +344 -0
package/.agent/skills/cross-cutting/tailwind/data/build.yaml +143 -0
package/.agent/skills/cross-cutting/tailwind/data/config.yaml +109 -0
package/.agent/skills/cross-cutting/tailwind/data/migration.yaml +149 -0
package/.agent/skills/cross-cutting/tailwind/data/responsive.yaml +148 -0
package/.agent/skills/cross-cutting/tailwind/data/states.yaml +152 -0
package/.agent/skills/cross-cutting/tailwind/data/theme.yaml +126 -0
package/.agent/skills/cross-cutting/tailwind/data/utilities.yaml +182 -0
package/.agent/skills/cross-cutting/tailwind/data/variants.yaml +154 -0
package/.agent/skills/cross-cutting/testing/ADVANCED.md +245 -0
package/.agent/skills/cross-cutting/testing/META.yaml +49 -0
package/.agent/skills/cross-cutting/testing/SKILL.md +263 -0
package/.agent/skills/cross-cutting/testing/data/frameworks.yaml +300 -0
package/.agent/skills/cross-cutting/testing/data/patterns.yaml +168 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/META.yaml +108 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/SKILL.md +565 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/charts.yaml +331 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/colors.yaml +1226 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/component-decision.yaml +287 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/component-mapping.yaml +318 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/design-tokens.yaml +525 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-animation.yaml +232 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-architecture.yaml +140 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/desktop-colors.yaml +467 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/directory-structure.yaml +75 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/icons.yaml +918 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/implementation-strategy.yaml +107 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/landing.yaml +372 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/platform-frameworks.yaml +195 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/platform-guidelines.yaml +177 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/products.yaml +1339 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/prompts.yaml +180 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/react-performance.yaml +504 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/desktop.yaml +228 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/flutter.yaml +508 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/html-tailwind.yaml +543 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nextjs.yaml +515 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nuxt-ui.yaml +519 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/nuxtjs.yaml +599 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/react-native.yaml +496 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/react.yaml +526 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/shadcn.yaml +616 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/svelte.yaml +520 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/swiftui.yaml +486 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/stacks/vue.yaml +485 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/styles.yaml +1473 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/typography.yaml +647 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/ui-reasoning.yaml +1019 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/ux-guidelines.yaml +1009 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/data/web-interface.yaml +347 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/core.cpython-310.pyc +0 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/core.cpython-314.pyc +0 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/__pycache__/design_system.cpython-314.pyc +0 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/core.py +393 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/core_legacy.py +303 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/design_system.py +496 -0
package/.agent/skills/cross-cutting/ui-ux-pro-max/scripts/search.py +76 -0
package/.agent/skills/cross-cutting/web-perf/META.yaml +92 -0
package/.agent/skills/cross-cutting/web-perf/SKILL.md +181 -0
package/.agent/skills/cross-cutting/web-perf/data/cls_optimization.yaml +189 -0
package/.agent/skills/cross-cutting/web-perf/data/core_web_vitals.yaml +282 -0
package/.agent/skills/cross-cutting/web-perf/data/inp_optimization.yaml +240 -0
package/.agent/skills/cross-cutting/web-perf/data/lcp_optimization.yaml +202 -0
package/.agent/skills/cross-cutting/web-perf/data/measurement.yaml +170 -0
package/.agent/skills/devops/_index.yaml +9 -0
package/.agent/skills/devops/aws/ADVANCED.md +547 -0
package/.agent/skills/devops/aws/META.yaml +84 -0
package/.agent/skills/devops/aws/SKILL.md +711 -0
package/.agent/skills/devops/ci-cd/ADVANCED.md +529 -0
package/.agent/skills/devops/ci-cd/META.yaml +21 -0
package/.agent/skills/devops/ci-cd/SKILL.md +821 -0
package/.agent/skills/devops/docker/ADVANCED.md +495 -0
package/.agent/skills/devops/docker/META.yaml +20 -0
package/.agent/skills/devops/docker/SKILL.md +653 -0
package/.agent/skills/devops/kubernetes/ADVANCED.md +252 -0
package/.agent/skills/devops/kubernetes/META.yaml +15 -0
package/.agent/skills/devops/kubernetes/SKILL.md +621 -0
package/.agent/skills/frameworks/_index.yaml +13 -0
package/.agent/skills/frameworks/angular/META.yaml +70 -0
package/.agent/skills/frameworks/angular/SKILL.md +319 -0
package/.agent/skills/frameworks/angular/data/core.yaml +209 -0
package/.agent/skills/frameworks/angular/data/performance.yaml +210 -0
package/.agent/skills/frameworks/angular/data/server.yaml +175 -0
package/.agent/skills/frameworks/flutter/ADVANCED.md +491 -0
package/.agent/skills/frameworks/flutter/META.yaml +64 -0
package/.agent/skills/frameworks/flutter/SKILL.md +541 -0
package/.agent/skills/frameworks/flutter/data/core.yaml +210 -0
package/.agent/skills/frameworks/flutter/data/platform.yaml +246 -0
package/.agent/skills/frameworks/flutter/data/state.yaml +250 -0
package/.agent/skills/frameworks/nextjs/ADVANCED.md +225 -0
package/.agent/skills/frameworks/nextjs/META.yaml +67 -0
package/.agent/skills/frameworks/nextjs/SKILL.md +593 -0
package/.agent/skills/frameworks/nextjs/data/caching.yaml +210 -0
package/.agent/skills/frameworks/nextjs/data/core.yaml +255 -0
package/.agent/skills/frameworks/nextjs/data/server.yaml +248 -0
package/.agent/skills/frameworks/nuxt/META.yaml +57 -0
package/.agent/skills/frameworks/nuxt/SKILL.md +283 -0
package/.agent/skills/frameworks/nuxt/data/core.yaml +309 -0
package/.agent/skills/frameworks/nuxt/data/server.yaml +271 -0
package/.agent/skills/frameworks/react/ADVANCED.md +676 -0
package/.agent/skills/frameworks/react/META.yaml +60 -0
package/.agent/skills/frameworks/react/SKILL.md +263 -0
package/.agent/skills/frameworks/react/data/core.yaml +278 -0
package/.agent/skills/frameworks/react/data/server.yaml +283 -0
package/.agent/skills/frameworks/react-native/META.yaml +59 -0
package/.agent/skills/frameworks/react-native/SKILL.md +301 -0
package/.agent/skills/frameworks/react-native/data/core.yaml +260 -0
package/.agent/skills/frameworks/react-native/data/platform.yaml +287 -0
package/.agent/skills/frameworks/svelte/META.yaml +62 -0
package/.agent/skills/frameworks/svelte/SKILL.md +398 -0
package/.agent/skills/frameworks/svelte/data/runes.yaml +239 -0
package/.agent/skills/frameworks/svelte/data/sveltekit.yaml +244 -0
package/.agent/skills/frameworks/vue/ADVANCED.md +214 -0
package/.agent/skills/frameworks/vue/META.yaml +58 -0
package/.agent/skills/frameworks/vue/SKILL.md +356 -0
package/.agent/skills/frameworks/vue/data/advanced.yaml +253 -0
package/.agent/skills/frameworks/vue/data/core.yaml +270 -0
package/.agent/skills/index.json +143 -0
package/.agent/skills/languages/_index.yaml +33 -0
package/.agent/skills/languages/asm/ADVANCED.md +750 -0
package/.agent/skills/languages/asm/META.yaml +84 -0
package/.agent/skills/languages/asm/SKILL.md +753 -0
package/.agent/skills/languages/asm/data/advanced.yaml +295 -0
package/.agent/skills/languages/asm/data/core.yaml +280 -0
package/.agent/skills/languages/c/ADVANCED.md +625 -0
package/.agent/skills/languages/c/META.yaml +58 -0
package/.agent/skills/languages/c/SKILL.md +748 -0
package/.agent/skills/languages/c/data/core.yaml +179 -0
package/.agent/skills/languages/c/data/embedded.yaml +251 -0
package/.agent/skills/languages/c/data/memory.yaml +253 -0
package/.agent/skills/languages/clojure/META.yaml +13 -0
package/.agent/skills/languages/clojure/SKILL.md +130 -0
package/.agent/skills/languages/clojure/data/core.yaml +326 -0
package/.agent/skills/languages/cpp/ADVANCED.md +457 -0
package/.agent/skills/languages/cpp/META.yaml +61 -0
package/.agent/skills/languages/cpp/SKILL.md +936 -0
package/.agent/skills/languages/cpp/data/core.yaml +304 -0
package/.agent/skills/languages/cpp/data/memory.yaml +247 -0
package/.agent/skills/languages/cpp/data/modern.yaml +334 -0
package/.agent/skills/languages/crystal/META.yaml +30 -0
package/.agent/skills/languages/crystal/SKILL.md +117 -0
package/.agent/skills/languages/crystal/data/async.yaml +264 -0
package/.agent/skills/languages/crystal/data/core.yaml +279 -0
package/.agent/skills/languages/csharp/ADVANCED.md +592 -0
package/.agent/skills/languages/csharp/META.yaml +23 -0
package/.agent/skills/languages/csharp/SKILL.md +620 -0
package/.agent/skills/languages/csharp/data/aspnet.yaml +448 -0
package/.agent/skills/languages/csharp/data/core.yaml +362 -0
package/.agent/skills/languages/elixir/META.yaml +18 -0
package/.agent/skills/languages/elixir/SKILL.md +368 -0
package/.agent/skills/languages/elixir/data/core.yaml +392 -0
package/.agent/skills/languages/fsharp/META.yaml +14 -0
package/.agent/skills/languages/fsharp/SKILL.md +113 -0
package/.agent/skills/languages/fsharp/data/core.yaml +396 -0
package/.agent/skills/languages/go/ADVANCED.md +260 -0
package/.agent/skills/languages/go/META.yaml +64 -0
package/.agent/skills/languages/go/SKILL.md +489 -0
package/.agent/skills/languages/go/data/concurrency.yaml +424 -0
package/.agent/skills/languages/go/data/core.yaml +399 -0
package/.agent/skills/languages/go/data/http.yaml +507 -0
package/.agent/skills/languages/haskell/META.yaml +18 -0
package/.agent/skills/languages/haskell/SKILL.md +305 -0
package/.agent/skills/languages/haskell/data/core.yaml +347 -0
package/.agent/skills/languages/java/ADVANCED.md +450 -0
package/.agent/skills/languages/java/META.yaml +89 -0
package/.agent/skills/languages/java/SKILL.md +495 -0
package/.agent/skills/languages/java/data/core.yaml +307 -0
package/.agent/skills/languages/java/data/spring.yaml +437 -0
package/.agent/skills/languages/javascript/ADVANCED.md +530 -0
package/.agent/skills/languages/javascript/META.yaml +105 -0
package/.agent/skills/languages/javascript/SKILL.md +455 -0
package/.agent/skills/languages/javascript/data/async.yaml +290 -0
package/.agent/skills/languages/javascript/data/core.yaml +380 -0
package/.agent/skills/languages/javascript/data/modern.yaml +269 -0
package/.agent/skills/languages/julia/META.yaml +13 -0
package/.agent/skills/languages/julia/SKILL.md +174 -0
package/.agent/skills/languages/julia/data/core.yaml +356 -0
package/.agent/skills/languages/kotlin/ADVANCED.md +539 -0
package/.agent/skills/languages/kotlin/META.yaml +24 -0
package/.agent/skills/languages/kotlin/SKILL.md +525 -0
package/.agent/skills/languages/kotlin/data/android.yaml +495 -0
package/.agent/skills/languages/kotlin/data/core.yaml +366 -0
package/.agent/skills/languages/lua/ADVANCED.md +257 -0
package/.agent/skills/languages/lua/META.yaml +58 -0
package/.agent/skills/languages/lua/SKILL.md +492 -0
package/.agent/skills/languages/lua/data/core.yaml +264 -0
package/.agent/skills/languages/lua/data/embedding.yaml +300 -0
package/.agent/skills/languages/nim/META.yaml +30 -0
package/.agent/skills/languages/nim/SKILL.md +116 -0
package/.agent/skills/languages/nim/data/async.yaml +257 -0
package/.agent/skills/languages/nim/data/core.yaml +241 -0
package/.agent/skills/languages/ocaml/META.yaml +13 -0
package/.agent/skills/languages/ocaml/SKILL.md +123 -0
package/.agent/skills/languages/ocaml/data/core.yaml +357 -0
package/.agent/skills/languages/perl/META.yaml +13 -0
package/.agent/skills/languages/perl/SKILL.md +115 -0
package/.agent/skills/languages/perl/data/core.yaml +360 -0
package/.agent/skills/languages/php/ADVANCED.md +199 -0
package/.agent/skills/languages/php/META.yaml +18 -0
package/.agent/skills/languages/php/SKILL.md +488 -0
package/.agent/skills/languages/php/data/core.yaml +392 -0
package/.agent/skills/languages/php/data/laravel.yaml +525 -0
package/.agent/skills/languages/python/ADVANCED.md +207 -0
package/.agent/skills/languages/python/META.yaml +91 -0
package/.agent/skills/languages/python/SKILL.md +495 -0
package/.agent/skills/languages/python/data/async.yaml +265 -0
package/.agent/skills/languages/python/data/core.yaml +259 -0
package/.agent/skills/languages/python/data/fastapi.yaml +296 -0
package/.agent/skills/languages/python/data/testing.yaml +226 -0
package/.agent/skills/languages/r/META.yaml +16 -0
package/.agent/skills/languages/r/SKILL.md +348 -0
package/.agent/skills/languages/r/data/core.yaml +355 -0
package/.agent/skills/languages/ruby/ADVANCED.md +381 -0
package/.agent/skills/languages/ruby/META.yaml +19 -0
package/.agent/skills/languages/ruby/SKILL.md +417 -0
package/.agent/skills/languages/ruby/data/core.yaml +448 -0
package/.agent/skills/languages/ruby/data/rails.yaml +415 -0
package/.agent/skills/languages/rust/ADVANCED.md +212 -0
package/.agent/skills/languages/rust/META.yaml +87 -0
package/.agent/skills/languages/rust/SKILL.md +377 -0
package/.agent/skills/languages/rust/data/async.yaml +404 -0
package/.agent/skills/languages/rust/data/axum.yaml +450 -0
package/.agent/skills/languages/rust/data/core.yaml +356 -0
package/.agent/skills/languages/scala/META.yaml +17 -0
package/.agent/skills/languages/scala/SKILL.md +202 -0
package/.agent/skills/languages/scala/data/core.yaml +349 -0
package/.agent/skills/languages/solidity/META.yaml +13 -0
package/.agent/skills/languages/solidity/SKILL.md +188 -0
package/.agent/skills/languages/solidity/data/core.yaml +528 -0
package/.agent/skills/languages/swift/ADVANCED.md +231 -0
package/.agent/skills/languages/swift/META.yaml +18 -0
package/.agent/skills/languages/swift/SKILL.md +342 -0
package/.agent/skills/languages/swift/data/core.yaml +489 -0
package/.agent/skills/languages/typescript/ADVANCED.md +186 -0
package/.agent/skills/languages/typescript/META.yaml +92 -0
package/.agent/skills/languages/typescript/SKILL.md +306 -0
package/.agent/skills/languages/typescript/data/async.yaml +397 -0
package/.agent/skills/languages/typescript/data/core.yaml +283 -0
package/.agent/skills/languages/typescript/data/validation.yaml +338 -0
package/.agent/skills/languages/zig/META.yaml +52 -0
package/.agent/skills/languages/zig/SKILL.md +354 -0
package/.agent/skills/languages/zig/data/async.yaml +314 -0
package/.agent/skills/languages/zig/data/core.yaml +302 -0
package/.agent/templates/README.md +42 -0
package/.agent/templates/audit-report.md +153 -0
package/.agent/templates/chains/debug/step1-reproduce.md +83 -0
package/.agent/templates/chains/debug/step2-isolate.md +73 -0
package/.agent/templates/chains/debug/step3-analyze.md +86 -0
package/.agent/templates/chains/debug/step4-fix.md +85 -0
package/.agent/templates/chains/debug/step5-verify.md +122 -0
package/.agent/templates/chains/implement/step1-plan.md +88 -0
package/.agent/templates/chains/implement/step2-code.md +87 -0
package/.agent/templates/chains/implement/step3-test.md +87 -0
package/.agent/templates/chains/implement/step4-doc.md +118 -0
package/.agent/templates/chains/review/step1-understand.md +74 -0
package/.agent/templates/chains/review/step2-analyze.md +110 -0
package/.agent/templates/chains/review/step3-fix.md +93 -0
package/.agent/templates/chains/review/step4-summary.md +104 -0
package/.agent/templates/debug-report.md +50 -0
package/.agent/templates/deploy-plan.md +54 -0
package/.agent/templates/doc-template.md +57 -0
package/.agent/templates/findings.md +122 -0
package/.agent/templates/index.yaml +239 -0
package/.agent/templates/migrate-plan.md +50 -0
package/.agent/templates/phase-template.md +72 -0
package/.agent/templates/project-plan.md +87 -0
package/.agent/templates/prompts/context_block.md +114 -0
package/.agent/templates/prompts/guardrails_block.md +116 -0
package/.agent/templates/prompts/persona_base.md +155 -0
package/.agent/templates/prompts/tools_block.md +137 -0
package/.agent/templates/reflection/critic.md +110 -0
package/.agent/templates/reflection/error_analysis.md +149 -0
package/.agent/templates/reflection/success_analysis.md +174 -0
package/.agent/templates/task-list.md +144 -0
package/.agent/templates/tasks/audit.yaml +146 -0
package/.agent/templates/tasks/bug_fix.yaml +121 -0
package/.agent/templates/tasks/code_implementation.yaml +110 -0
package/.agent/templates/tasks/refactor.yaml +157 -0
package/.agent/templates/test-report.md +52 -0
package/.agent/workflows/ap.md +135 -0
package/.agent/workflows/code.md +130 -0
package/.agent/workflows/debug.md +230 -0
package/.agent/workflows/deploy.md +192 -0
package/.agent/workflows/dev.md +137 -0
package/.agent/workflows/doc.md +124 -0
package/.agent/workflows/env.md +98 -0
package/.agent/workflows/fix.md +76 -0
package/.agent/workflows/generate.md +28 -0
package/.agent/workflows/git.md +97 -0
package/.agent/workflows/help.md +75 -0
package/.agent/workflows/init.md +148 -0
package/.agent/workflows/migrate.md +135 -0
package/.agent/workflows/monitor.md +133 -0
package/.agent/workflows/onboard.md +144 -0
package/.agent/workflows/orchestrate.md +117 -0
package/.agent/workflows/perf.md +106 -0
package/.agent/workflows/plan.md +106 -0
package/.agent/workflows/recap.md +101 -0
package/.agent/workflows/refactor.md +161 -0
package/.agent/workflows/revert.md +99 -0
package/.agent/workflows/review.md +106 -0
package/.agent/workflows/scaffold.md +119 -0
package/.agent/workflows/security.md +186 -0
package/.agent/workflows/status.md +103 -0
package/.agent/workflows/test.md +157 -0
package/.agent/workflows/think.md +126 -0
package/.agent/workflows/upgrade.md +109 -0
package/.agent/workflows/visualize.md +295 -0
package/.agent/workflows/workflow.md +196 -0
package/README.md +64 -0
package/dist/commands/add.d.ts +2 -0
package/dist/commands/add.d.ts.map +1 -0
package/dist/commands/add.js +70 -0
package/dist/commands/add.js.map +1 -0
package/dist/commands/config.d.ts +4 -0
package/dist/commands/config.d.ts.map +1 -0
package/dist/commands/config.js +152 -0
package/dist/commands/config.js.map +1 -0
package/dist/commands/doctor.d.ts +4 -0
package/dist/commands/doctor.d.ts.map +1 -0
package/dist/commands/doctor.js +98 -0
package/dist/commands/doctor.js.map +1 -0
package/dist/commands/hsa.d.ts +4 -0
package/dist/commands/hsa.d.ts.map +1 -0
package/dist/commands/hsa.js +194 -0
package/dist/commands/hsa.js.map +1 -0
package/dist/commands/info.d.ts +2 -0
package/dist/commands/info.d.ts.map +1 -0
package/dist/commands/info.js +149 -0
package/dist/commands/info.js.map +1 -0
package/dist/commands/init.d.ts +4 -0
package/dist/commands/init.d.ts.map +1 -0
package/dist/commands/init.js +262 -0
package/dist/commands/init.js.map +1 -0
package/dist/commands/install-core.d.ts +4 -0
package/dist/commands/install-core.d.ts.map +1 -0
package/dist/commands/install-core.js +85 -0
package/dist/commands/install-core.js.map +1 -0
package/dist/commands/install-helpers.d.ts +27 -0
package/dist/commands/install-helpers.d.ts.map +1 -0
package/dist/commands/install-helpers.js +125 -0
package/dist/commands/install-helpers.js.map +1 -0
package/dist/commands/install-hsa.d.ts +18 -0
package/dist/commands/install-hsa.d.ts.map +1 -0
package/dist/commands/install-hsa.js +61 -0
package/dist/commands/install-hsa.js.map +1 -0
package/dist/commands/install.d.ts +4 -0
package/dist/commands/install.d.ts.map +1 -0
package/dist/commands/install.js +310 -0
package/dist/commands/install.js.map +1 -0
package/dist/commands/list.d.ts +4 -0
package/dist/commands/list.d.ts.map +1 -0
package/dist/commands/list.js +91 -0
package/dist/commands/list.js.map +1 -0
package/dist/commands/mcp-registry.d.ts +48 -0
package/dist/commands/mcp-registry.d.ts.map +1 -0
package/dist/commands/mcp-registry.js +246 -0
package/dist/commands/mcp-registry.js.map +1 -0
package/dist/commands/mcp-writers.d.ts +20 -0
package/dist/commands/mcp-writers.d.ts.map +1 -0
package/dist/commands/mcp-writers.js +144 -0
package/dist/commands/mcp-writers.js.map +1 -0
package/dist/commands/mcp.d.ts +10 -0
package/dist/commands/mcp.d.ts.map +1 -0
package/dist/commands/mcp.js +319 -0
package/dist/commands/mcp.js.map +1 -0
package/dist/commands/update.d.ts +4 -0
package/dist/commands/update.d.ts.map +1 -0
package/dist/commands/update.js +79 -0
package/dist/commands/update.js.map +1 -0
package/dist/constants/cursor-globs.d.ts +17 -0
package/dist/constants/cursor-globs.d.ts.map +1 -0
package/dist/constants/cursor-globs.js +62 -0
package/dist/constants/cursor-globs.js.map +1 -0
package/dist/constants/ide-install-specs.d.ts +36 -0
package/dist/constants/ide-install-specs.d.ts.map +1 -0
package/dist/constants/ide-install-specs.js +870 -0
package/dist/constants/ide-install-specs.js.map +1 -0
package/dist/constants/ides.d.ts +105 -0
package/dist/constants/ides.d.ts.map +1 -0
package/dist/constants/ides.js +412 -0
package/dist/constants/ides.js.map +1 -0
package/dist/constants/skills.d.ts +40 -0
package/dist/constants/skills.d.ts.map +1 -0
package/dist/constants/skills.js +78 -0
package/dist/constants/skills.js.map +1 -0
package/dist/constants.d.ts +39 -0
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +75 -0
package/dist/constants.js.map +1 -0
package/dist/index.d.ts +8 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +122 -0
package/dist/index.js.map +1 -0
package/dist/types/flags.d.ts +47 -0
package/dist/types/flags.d.ts.map +1 -0
package/dist/types/flags.js +4 -0
package/dist/types/flags.js.map +1 -0
package/dist/types/ide-install.d.ts +175 -0
package/dist/types/ide-install.d.ts.map +1 -0
package/dist/types/ide-install.js +29 -0
package/dist/types/ide-install.js.map +1 -0
package/dist/utils/copy-helpers.d.ts +60 -0
package/dist/utils/copy-helpers.d.ts.map +1 -0
package/dist/utils/copy-helpers.js +617 -0
package/dist/utils/copy-helpers.js.map +1 -0
package/dist/utils/index.d.ts +3 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +5 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/validation.d.ts +29 -0
package/dist/utils/validation.d.ts.map +1 -0
package/dist/utils/validation.js +211 -0
package/dist/utils/validation.js.map +1 -0
package/package.json +64 -0

package/.agent/skills/core/security/data/language-specific/swift-security.yaml ADDED Viewed

@@ -0,0 +1,198 @@
+metadata:
+  skill: security
+  domain: swift_security
+  version: 6.2.0
+  updated: '2026-02-05'
+  migrated_from: swift-security.csv
+  patterns_count: 20
+  columns:
+  - id
+  - name
+  - severity
+  - category
+  - description
+  - detection_pattern
+  - fix_pattern
+  - cwe
+  - example_code
+patterns:
+- id: SW-01
+  name: Keychain Without ACL
+  severity: HIGH
+  category: iOS
+  description: Keychain item without biometric protection
+  detection_pattern: kSecAttrAccessible(?!.*kSecAccessControl)
+  fix_pattern: Use kSecAccessControlBiometryAny for sensitive data
+  cwe: CWE-522
+  example_code: // Weak\nkSecAttrAccessibleWhenUnlocked\n// SAFE\nSecAccessControlCreateWithFlags(nil, .biometryAny, ...)
+- id: SW-02
+  name: ATS Bypass Domain
+  severity: HIGH
+  category: iOS
+  description: App Transport Security disabled for domain
+  detection_pattern: NSExceptionDomains|NSAllowsArbitraryLoads
+  fix_pattern: Avoid ATS exceptions or whitelist specific domains only
+  cwe: CWE-319
+  example_code: '// Insecure\n<key>NSAllowsArbitraryLoads</key><true/>\n// SAFE: Use HTTPS only'
+- id: SW-03
+  name: Hardcoded Credentials
+  severity: CRITICAL
+  category: iOS
+  description: API key or password in source code
+  detection_pattern: (apiKey|password|secret)\\s*=\\s*\[^\"]+\""
+  fix_pattern: Use Keychain or environment variables
+  cwe: CWE-798
+  example_code: '// Exposed\nlet apiKey = \sk-1234567890\"\n// SAFE: Keychain or .xcconfig"'
+- id: SW-04
+  name: Jailbreak Detection Weak
+  severity: MEDIUM
+  category: iOS
+  description: Simple jailbreak check easily bypassed
+  detection_pattern: fileExists.*cydia|canOpenURL.*cydia
+  fix_pattern: Use multiple detection methods and obfuscate
+  cwe: CWE-693
+  example_code: '// Weak\nFileManager.default.fileExists(atPath: \/Applications/Cydia.app\")\n// SAFE: Multiple checks + native code"'
+- id: SW-05
+  name: UserDefaults Sensitive
+  severity: HIGH
+  category: iOS
+  description: Sensitive data in unencrypted UserDefaults
+  detection_pattern: UserDefaults.*password|token|secret
+  fix_pattern: Use Keychain for sensitive data
+  cwe: CWE-312
+  example_code: '// Unencrypted\nUserDefaults.standard.set(token, forKey: \token\")\n// SAFE: Keychain"'
+- id: SW-06
+  name: URLSession No Pin
+  severity: HIGH
+  category: iOS
+  description: URLSession without certificate pinning
+  detection_pattern: URLSession(?!.*urlSession.*didReceive.*challenge)
+  fix_pattern: Implement certificate pinning delegate
+  cwe: CWE-295
+  example_code: '// No pinning\nURLSession.shared.dataTask(...)\n// SAFE: Custom session with pinning'
+- id: SW-07
+  name: WebView WKWebView JS
+  severity: HIGH
+  category: iOS
+  description: WKWebView with unsafe JavaScript bridge
+  detection_pattern: WKScriptMessageHandler|evaluateJavaScript.*\\+
+  fix_pattern: Validate JavaScript input/output strictly
+  cwe: CWE-79
+  example_code: '// XSS risk\nwebView.evaluateJavaScript(userScript)\n// SAFE: Whitelist commands'
+- id: SW-08
+  name: Biometric No Domain
+  severity: MEDIUM
+  category: iOS
+  description: LAContext without kSecUseAuthenticationContext
+  detection_pattern: evaluatePolicy(?!.*kSecUseAuthenticationContext)
+  fix_pattern: Use domainState to detect biometric changes
+  cwe: CWE-287
+  example_code: '// Bypassed if fingerprint changed\ncontext.evaluatePolicy(.biometricOnly)\n// SAFE: Check domainState'
+- id: SW-09
+  name: Pasteboard Leak
+  severity: MEDIUM
+  category: iOS
+  description: Sensitive data copied to pasteboard persists
+  detection_pattern: UIPasteboard.*setString|copiedText.*password
+  fix_pattern: Clear pasteboard after short timeout
+  cwe: CWE-200
+  example_code: '// Persists\nUIPasteboard.general.string = password\n// SAFE: Clear after 30 seconds'
+- id: SW-10
+  name: URL Scheme Hijack
+  severity: HIGH
+  category: iOS
+  description: Custom URL scheme without source validation
+  detection_pattern: openURL\\(.*\\)|application.*openURL(?!.*sourceApplication)
+  fix_pattern: Validate source application and URL parameters
+  cwe: CWE-601
+  example_code: '// Hijackable\nfunc application(_ app: UIApplication, open url: URL)\n// SAFE: Validate sourceApplication'
+- id: SW-11
+  name: Screenshot Capture
+  severity: MEDIUM
+  category: iOS
+  description: Sensitive view not hidden on background
+  detection_pattern: applicationWillResignActive(?!.*blur|hide)
+  fix_pattern: Blur or hide sensitive content on backgrounding
+  cwe: CWE-200
+  example_code: '// Visible in task switcher\nfunc applicationWillResignActive(_:) {}\n// SAFE: Add blur overlay'
+- id: SW-12
+  name: Swift Concurrency Race
+  severity: HIGH
+  category: Concurrency
+  description: Actor state accessed from nonisolated context
+  detection_pattern: nonisolated.*self\\.|Task\\s*\\{.*self\\.(?!await)
+  fix_pattern: Use MainActor or proper isolation
+  cwe: CWE-362
+  example_code: '// Race condition\nnonisolated func update() { self.state = new }\n// SAFE: @MainActor'
+- id: SW-13
+  name: Unowned Crash
+  severity: HIGH
+  category: Memory
+  description: unowned reference accessed after deallocation
+  detection_pattern: unowned\\s+(var|let)(?!.*\\[weak\\])
+  fix_pattern: Use weak with guard instead of unowned
+  cwe: CWE-416
+  example_code: '// Crash\nunowned let delegate: Delegate\n// SAFE\nweak var delegate: Delegate?'
+- id: SW-14
+  name: Force Unwrap Optional
+  severity: MEDIUM
+  category: Memory
+  description: Force unwrap ! on optional can crash
+  detection_pattern: \\!(?!.*guard|if\\s+let)
+  fix_pattern: Use guard let or if let with fallback
+  cwe: CWE-476
+  example_code: // Crash\nlet value = optional!\n// SAFE\nguard let value = optional else { return }
+- id: SW-15
+  name: Crypto Deprecated
+  severity: HIGH
+  category: Crypto
+  description: Using deprecated Security.framework APIs
+  detection_pattern: SecKeyEncrypt|CC_MD5|SecTransform
+  fix_pattern: Use CryptoKit for modern encryption
+  cwe: CWE-327
+  example_code: '// Deprecated\nCC_MD5(data, len, digest)\n// SAFE\nCryptoKit.SHA256.hash(data: data)'
+- id: SW-16
+  name: CoreData No Encryption
+  severity: HIGH
+  category: iOS
+  description: CoreData store without file protection
+  detection_pattern: NSSQLiteStoreType(?!.*NSFileProtection)
+  fix_pattern: Enable NSFileProtectionComplete
+  cwe: CWE-311
+  example_code: '// Unencrypted\nNSSQLiteStoreType\n// SAFE: Add NSPersistentStoreFileProtectionKey: .complete'
+- id: SW-17
+  name: Notification Payload
+  severity: MEDIUM
+  category: iOS
+  description: Sensitive data in push notification payload
+  detection_pattern: UNNotificationContent.*body.*secret|password
+  fix_pattern: Avoid sensitive data in notifications
+  cwe: CWE-200
+  example_code: '// Exposed\ncontent.body = \Your OTP is \\(otp)\"\n// SAFE: Use silent push and fetch from server"'
+- id: SW-18
+  name: Debug Build Leak
+  severity: LOW
+  category: iOS
+  description: Debug assertions compiled in release
+  detection_pattern: '#if DEBUG(?!.*#endif)|assert\\(.*DEBUG)'
+  fix_pattern: Ensure assertions stripped in release
+  cwe: CWE-215
+  example_code: '// Left in release\nassert(isValid())\n// SAFE: Use #if DEBUG properly'
+- id: SW-19
+  name: Sendable Violation
+  severity: HIGH
+  category: Concurrency
+  description: Non-Sendable type across actor boundary
+  detection_pattern: Task\\s*\\{.*capture.*(?!Sendable)
+  fix_pattern: Mark types as Sendable or use @unchecked carefully
+  cwe: CWE-362
+  example_code: '// Data race\nTask { self.mutableArray.append() }\n// SAFE: Make Sendable or copy'
+- id: SW-20
+  name: Path Traversal Bundle
+  severity: HIGH
+  category: iOS
+  description: User path accessing outside app bundle
+  detection_pattern: Bundle\\.main\\.path.*\\+.*user|URL.*appendingPathComponent.*params
+  fix_pattern: Validate paths stay within allowed directories
+  cwe: CWE-22
+  example_code: '// Traversal\nBundle.main.path(forResource: userInput, ofType: nil)\n// SAFE: Validate and sanitize'

package/.agent/skills/core/security/data/language-specific/typescript-security.yaml ADDED Viewed

@@ -0,0 +1,295 @@
+metadata:
+  skill: security
+  domain: typescript_security
+  version: 6.2.0
+  updated: '2026-02-05'
+  migrated_from: typescript-security.csv
+  patterns_count: 25
+  columns:
+  - id
+  - name
+  - severity
+  - category
+  - description
+  - detection_pattern
+  - fix_pattern
+  - cwe
+  - cve_reference
+  - example_vuln
+  - example_fix
+patterns:
+- id: TS-01
+  name: Prototype Pollution
+  severity: CRITICAL
+  category: Injection
+  description: Object.assign or merge with user input pollutes Object.prototype
+  detection_pattern: (Object\\.assign|\\.\\.\\.|merge|extend).*input(?!.*sanitize)
+  fix_pattern: Use Object.create(null) or validate keys against __proto__
+  cwe: CWE-1321
+  cve_reference: CVE-2024-29650,CVE-2024-21529
+  example_vuln: Object.assign(target, userInput)
+  example_fix: const safe = Object.create(null);\nfor (const k of Object.keys(userInput)) {\n  if (!['__proto__', 'constructor', 'prototype'].includes(k)) safe[k] = userInput[k];\n}
+- id: TS-02
+  name: ReDoS Regex
+  severity: HIGH
+  category: DoS
+  description: User input in RegExp causes catastrophic backtracking
+  detection_pattern: new\\s+RegExp.*input(?!.*timeout|safe-regex)
+  fix_pattern: Use safe-regex library or re2 with timeout
+  cwe: CWE-1333
+  cve_reference: n/a
+  example_vuln: new RegExp(userPattern).test(data)
+  example_fix: import * as re2 from 're2';\nnew re2.RE2(userPattern).test(data);
+- id: TS-03
+  name: eval/Function RCE
+  severity: CRITICAL
+  category: Injection
+  description: eval or new Function with user input leads to RCE
+  detection_pattern: (eval|new\\s+Function)\\s*\\(.*input
+  fix_pattern: Never use eval with user input use JSON.parse for data
+  cwe: CWE-94
+  cve_reference: n/a
+  example_vuln: eval(userCode)
+  example_fix: JSON.parse(userData) // For data only
+- id: TS-04
+  name: vm Module Sandbox Escape
+  severity: CRITICAL
+  category: Sandbox
+  description: vm.runInContext can be escaped via constructor
+  detection_pattern: vm\\.(runIn|createContext).*input(?!.*vm2|isolated)
+  fix_pattern: Use vm2 or isolated-vm with proper limits
+  cwe: CWE-94
+  cve_reference: CVE-2024-21534
+  example_vuln: vm.runInNewContext(userCode)
+  example_fix: 'import ivm from ''isolated-vm'';\nconst isolate = new ivm.Isolate({ memoryLimit: 128 });'
+- id: TS-05
+  name: jsonpath-plus RCE
+  severity: CRITICAL
+  category: Injection
+  description: jsonpath-plus before 10.0.0 allows RCE via expressions
+  detection_pattern: jsonpath-plus(?!.*10\\.|[1-9][0-9]+\\.)
+  fix_pattern: Upgrade jsonpath-plus to 10.0.0+ or use safe alternatives
+  cwe: CWE-94
+  cve_reference: CVE-2024-21534
+  example_vuln: const { JSONPath } = require('jsonpath-plus'); // < 10.0.0
+  example_fix: npm install jsonpath-plus@^10.0.0
+- id: TS-06
+  name: Source Map Exposure
+  severity: MEDIUM
+  category: Information
+  description: Source maps exposed in production reveal original code
+  detection_pattern: sourceMappingURL(?=.*production)|\\*.map.*public
+  fix_pattern: Remove source maps from production builds
+  cwe: CWE-540
+  cve_reference: n/a
+  example_vuln: // bundle.js.map accessible in production
+  example_fix: '// webpack.prod.js\ndevtool: false'
+- id: TS-07
+  name: postMessage Origin
+  severity: HIGH
+  category: XSS
+  description: postMessage without origin validation allows XSS
+  detection_pattern: postMessage\\((?!.*targetOrigin)|onmessage(?!.*origin)
+  fix_pattern: Always check event.origin and use specific targetOrigin
+  cwe: CWE-346
+  cve_reference: n/a
+  example_vuln: window.postMessage(data, '*')
+  example_fix: 'window.postMessage(data, ''https://trusted.com'');\n// receiver: if (event.origin !== ''https://trusted.com'') return;'
+- id: TS-08
+  name: DOM Clobbering
+  severity: MEDIUM
+  category: XSS
+  description: HTML elements can clobber global document properties
+  detection_pattern: document\\.[a-zA-Z]+\\s*=(?!.*sanitize)
+  fix_pattern: Validate element IDs and names sanitize HTML
+  cwe: CWE-79
+  cve_reference: n/a
+  example_vuln: <form name=location href=javascript:alert(1)>
+  example_fix: 'DOMPurify.sanitize(html, { SANITIZE_DOM: true })'
+- id: TS-09
+  name: TypeScript any Bypass
+  severity: MEDIUM
+  category: Types
+  description: any type bypasses TypeScript's type system
+  detection_pattern: :\\s*any(?!.*\\/\\/\\s*(allowed|TODO))
+  fix_pattern: Use strict types unknown with type guards or generics
+  cwe: CWE-1287
+  cve_reference: n/a
+  example_vuln: 'function process(data: any) { data.anything() }'
+  example_fix: 'function process(data: unknown) { if (isValidData(data)) process(data); }'
+- id: TS-10
+  name: Template Literal Injection
+  severity: HIGH
+  category: Injection
+  description: Template literals with user input allow injection
+  detection_pattern: \\`[^\\`]*\\$\\{.*input[^\\`]*\\`(?!.*sanitize)
+  fix_pattern: Sanitize user input before template interpolation
+  cwe: CWE-94
+  cve_reference: n/a
+  example_vuln: '`SELECT * WHERE id=${userId}`'
+  example_fix: sql`SELECT * WHERE id=${userId}` // Use tagged template
+- id: TS-11
+  name: localStorage Secrets
+  severity: HIGH
+  category: Secrets
+  description: Sensitive data stored in localStorage accessible via XSS
+  detection_pattern: localStorage\\.(setItem|getItem).*token|secret|password
+  fix_pattern: Use httpOnly cookies for sensitive tokens
+  cwe: CWE-922
+  cve_reference: n/a
+  example_vuln: localStorage.setItem('authToken', token)
+  example_fix: // Use httpOnly cookie set by server instead
+- id: TS-12
+  name: Buffer Overread
+  severity: HIGH
+  category: Memory
+  description: Buffer.from with invalid length causes memory leaks
+  detection_pattern: Buffer\\.(from|alloc).*length(?!.*validate)
+  fix_pattern: Validate buffer sizes and use Buffer.allocSafe
+  cwe: CWE-125
+  cve_reference: n/a
+  example_vuln: Buffer.from(userInput, 0, userLength)
+  example_fix: const len = Math.min(userLength, MAX_SIZE);\nBuffer.allocSafe(len).fill(userInput);
+- id: TS-13
+  name: Path Traversal
+  severity: HIGH
+  category: File
+  description: User input in path.join without validation
+  detection_pattern: path\\.join.*input(?!.*normalize)
+  fix_pattern: Use path.normalize and validate against base directory
+  cwe: CWE-22
+  cve_reference: n/a
+  example_vuln: path.join(base, userInput)
+  example_fix: const full = path.normalize(path.join(base, userInput));\nif (!full.startsWith(base)) throw new Error();
+- id: TS-14
+  name: Command Injection
+  severity: CRITICAL
+  category: Injection
+  description: child_process.exec with user input allows command injection
+  detection_pattern: exec\\(.*input|execSync.*input
+  fix_pattern: Use execFile with array arguments
+  cwe: CWE-78
+  cve_reference: n/a
+  example_vuln: exec('ls ' + userInput)
+  example_fix: execFile('ls', [userInput])
+- id: TS-15
+  name: SSRF fetch
+  severity: HIGH
+  category: Network
+  description: fetch with user URL allows SSRF
+  detection_pattern: fetch\\(.*input(?!.*allowlist|validate)
+  fix_pattern: Validate URLs against allowlist block internal IPs
+  cwe: CWE-918
+  cve_reference: n/a
+  example_vuln: fetch(userUrl)
+  example_fix: if (isExternalUrl(userUrl)) fetch(userUrl)
+- id: TS-16
+  name: Insecure Random
+  severity: HIGH
+  category: Cryptography
+  description: Math.random used for security-sensitive values
+  detection_pattern: Math\\.random\\(\\).*token|session|secret
+  fix_pattern: Use crypto.randomBytes or crypto.randomUUID
+  cwe: CWE-330
+  cve_reference: n/a
+  example_vuln: const token = Math.random().toString(36)
+  example_fix: import { randomUUID } from 'crypto';\nconst token = randomUUID();
+- id: TS-17
+  name: SQL Injection Knex
+  severity: HIGH
+  category: Injection
+  description: Knex raw query with string interpolation
+  detection_pattern: knex\\.raw\\(.*\\+.*input|knex\\.raw\\(.*\\$\\{
+  fix_pattern: Use parameterized queries with knex.raw
+  cwe: CWE-89
+  cve_reference: n/a
+  example_vuln: knex.raw(`SELECT * WHERE id = ${id}`)
+  example_fix: knex.raw('SELECT * WHERE id = ?', [id])
+- id: TS-18
+  name: XSS dangerouslySetInnerHTML
+  severity: HIGH
+  category: XSS
+  description: React dangerouslySetInnerHTML with unsanitized input
+  detection_pattern: dangerouslySetInnerHTML.*input(?!.*DOMPurify)
+  fix_pattern: Use DOMPurify.sanitize before dangerouslySetInnerHTML
+  cwe: CWE-79
+  cve_reference: n/a
+  example_vuln: '<div dangerouslySetInnerHTML={{__html: userHtml}} />'
+  example_fix: 'import DOMPurify from ''dompurify'';\n<div dangerouslySetInnerHTML={{__html: DOMPurify.sanitize(userHtml)}} />'
+- id: TS-19
+  name: JWT Algorithm None
+  severity: CRITICAL
+  category: Authentication
+  description: JWT verification allows algorithm none or symmetric/asymmetric confusion
+  detection_pattern: jwt\\.verify(?!.*algorithms)
+  fix_pattern: Explicitly specify allowed algorithms in JWT verification
+  cwe: CWE-347
+  cve_reference: n/a
+  example_vuln: jwt.verify(token, key)
+  example_fix: 'jwt.verify(token, key, { algorithms: [''RS256''] })'
+- id: TS-20
+  name: Express Trust Proxy
+  severity: MEDIUM
+  category: Configuration
+  description: Express trust proxy misconfigured allows IP spoofing
+  detection_pattern: app\\.set.*trust\\s+proxy.*true
+  fix_pattern: Set trust proxy to specific count or proxy addresses
+  cwe: CWE-290
+  cve_reference: n/a
+  example_vuln: app.set('trust proxy', true)
+  example_fix: app.set('trust proxy', 1) // Trust only first proxy
+- id: TS-21
+  name: NoSQL Injection
+  severity: HIGH
+  category: Injection
+  description: MongoDB query with user object allows operator injection
+  detection_pattern: (find|findOne|updateOne).*input(?!.*sanitize)
+  fix_pattern: Sanitize input or use mongo-sanitize library
+  cwe: CWE-943
+  cve_reference: n/a
+  example_vuln: 'db.users.findOne({ user: userInput }) // userInput = {$gt: ''''}'
+  example_fix: 'import mongoSanitize from ''mongo-sanitize'';\ndb.users.findOne({ user: mongoSanitize(userInput) })'
+- id: TS-22
+  name: Type Juggling eqeq
+  severity: MEDIUM
+  category: Logic
+  description: == comparison allows type coercion bypass
+  detection_pattern: '[^!=]={1}[^=](?!.*===)'
+  fix_pattern: Always use === for equality comparison
+  cwe: CWE-1287
+  cve_reference: n/a
+  example_vuln: if (input == 'admin') // '0' == false is true
+  example_fix: if (input === 'admin')
+- id: TS-23
+  name: Insecure Deserialization
+  severity: HIGH
+  category: Deserialization
+  description: serialize-javascript or similar with user input
+  detection_pattern: (serialize|deserialize|unserialize).*input
+  fix_pattern: Use JSON.parse for data never execute serialized code
+  cwe: CWE-502
+  cve_reference: n/a
+  example_vuln: eval(deserialize(userInput))
+  example_fix: JSON.parse(userInput)
+- id: TS-24
+  name: CORS Misconfiguration
+  severity: HIGH
+  category: Configuration
+  description: CORS allows any origin or reflects origin header
+  detection_pattern: Access-Control-Allow-Origin.*\\*|origin.*req\\.headers
+  fix_pattern: Specify allowed origins explicitly never use wildcard with credentials
+  cwe: CWE-346
+  cve_reference: n/a
+  example_vuln: res.setHeader('Access-Control-Allow-Origin', '*')
+  example_fix: res.setHeader('Access-Control-Allow-Origin', 'https://trusted.com')
+- id: TS-25
+  name: DevTools Detection Bypass
+  severity: MEDIUM
+  category: Client
+  description: Client-side DevTools detection can be bypassed
+  detection_pattern: devtools.*detect|isDebuggerPresent(?!.*server)
+  fix_pattern: Don't rely on client-side detection for security
+  cwe: CWE-693
+  cve_reference: n/a
+  example_vuln: if (devtools.isOpen) redirect()
+  example_fix: // Move sensitive logic to server-side