@prestyj/cli 4.3.164 → 4.3.200
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +106 -27
- package/dist/cli.js.map +1 -1
- package/dist/core/agent-session.d.ts +50 -1
- package/dist/core/agent-session.d.ts.map +1 -1
- package/dist/core/agent-session.js +175 -20
- package/dist/core/agent-session.js.map +1 -1
- package/dist/core/agents.d.ts +6 -1
- package/dist/core/agents.d.ts.map +1 -1
- package/dist/core/agents.js +112 -3
- package/dist/core/agents.js.map +1 -1
- package/dist/core/auth-storage.d.ts.map +1 -1
- package/dist/core/auth-storage.js +20 -1
- package/dist/core/auth-storage.js.map +1 -1
- package/dist/core/claude-code-version.d.ts +10 -0
- package/dist/core/claude-code-version.d.ts.map +1 -0
- package/dist/core/claude-code-version.js +106 -0
- package/dist/core/claude-code-version.js.map +1 -0
- package/dist/core/compaction/compactor.d.ts +13 -0
- package/dist/core/compaction/compactor.d.ts.map +1 -1
- package/dist/core/compaction/compactor.js +20 -1
- package/dist/core/compaction/compactor.js.map +1 -1
- package/dist/core/compaction/compactor.test.js +12 -1
- package/dist/core/compaction/compactor.test.js.map +1 -1
- package/dist/core/index.d.ts +1 -1
- package/dist/core/index.d.ts.map +1 -1
- package/dist/core/index.js +1 -1
- package/dist/core/index.js.map +1 -1
- package/dist/core/model-registry.d.ts +30 -2
- package/dist/core/model-registry.d.ts.map +1 -1
- package/dist/core/model-registry.js +41 -26
- package/dist/core/model-registry.js.map +1 -1
- package/dist/core/model-registry.test.d.ts +2 -0
- package/dist/core/model-registry.test.d.ts.map +1 -0
- package/dist/core/model-registry.test.js +19 -0
- package/dist/core/model-registry.test.js.map +1 -0
- package/dist/core/oauth/anthropic.d.ts.map +1 -1
- package/dist/core/oauth/anthropic.js +64 -42
- package/dist/core/oauth/anthropic.js.map +1 -1
- package/dist/core/oauth/openai.js +1 -1
- package/dist/core/oauth/openai.js.map +1 -1
- package/dist/core/prompt-commands.d.ts.map +1 -1
- package/dist/core/prompt-commands.js +480 -100
- package/dist/core/prompt-commands.js.map +1 -1
- package/dist/core/prompt-commands.test.d.ts +2 -0
- package/dist/core/prompt-commands.test.d.ts.map +1 -0
- package/dist/core/prompt-commands.test.js +33 -0
- package/dist/core/prompt-commands.test.js.map +1 -0
- package/dist/core/repomap-context.d.ts +11 -0
- package/dist/core/repomap-context.d.ts.map +1 -0
- package/dist/core/repomap-context.js +68 -0
- package/dist/core/repomap-context.js.map +1 -0
- package/dist/core/repomap-context.test.d.ts +2 -0
- package/dist/core/repomap-context.test.d.ts.map +1 -0
- package/dist/core/repomap-context.test.js +47 -0
- package/dist/core/repomap-context.test.js.map +1 -0
- package/dist/core/repomap.d.ts +74 -0
- package/dist/core/repomap.d.ts.map +1 -0
- package/dist/core/repomap.js +897 -0
- package/dist/core/repomap.js.map +1 -0
- package/dist/core/repomap.test.d.ts +2 -0
- package/dist/core/repomap.test.d.ts.map +1 -0
- package/dist/core/repomap.test.js +444 -0
- package/dist/core/repomap.test.js.map +1 -0
- package/dist/core/session-compaction.d.ts +15 -0
- package/dist/core/session-compaction.d.ts.map +1 -0
- package/dist/core/session-compaction.js +31 -0
- package/dist/core/session-compaction.js.map +1 -0
- package/dist/core/session-compaction.test.d.ts +2 -0
- package/dist/core/session-compaction.test.d.ts.map +1 -0
- package/dist/core/session-compaction.test.js +70 -0
- package/dist/core/session-compaction.test.js.map +1 -0
- package/dist/core/settings-manager.d.ts +3 -5
- package/dist/core/settings-manager.d.ts.map +1 -1
- package/dist/core/settings-manager.js +6 -5
- package/dist/core/settings-manager.js.map +1 -1
- package/dist/core/slash-commands.d.ts +2 -0
- package/dist/core/slash-commands.d.ts.map +1 -1
- package/dist/core/slash-commands.js +15 -14
- package/dist/core/slash-commands.js.map +1 -1
- package/dist/core/style-packs/index.d.ts.map +1 -1
- package/dist/core/style-packs/index.js +8 -9
- package/dist/core/style-packs/index.js.map +1 -1
- package/dist/index.d.ts +2 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/interactive.d.ts.map +1 -1
- package/dist/interactive.js +12 -6
- package/dist/interactive.js.map +1 -1
- package/dist/modes/json-mode.d.ts +7 -0
- package/dist/modes/json-mode.d.ts.map +1 -1
- package/dist/modes/json-mode.js +9 -1
- package/dist/modes/json-mode.js.map +1 -1
- package/dist/system-prompt.d.ts.map +1 -1
- package/dist/system-prompt.js +105 -108
- package/dist/system-prompt.js.map +1 -1
- package/dist/system-prompt.test.d.ts +2 -0
- package/dist/system-prompt.test.d.ts.map +1 -0
- package/dist/system-prompt.test.js +107 -0
- package/dist/system-prompt.test.js.map +1 -0
- package/dist/tools/bash.d.ts.map +1 -1
- package/dist/tools/bash.js +1 -0
- package/dist/tools/bash.js.map +1 -1
- package/dist/tools/edit-diff.d.ts +66 -1
- package/dist/tools/edit-diff.d.ts.map +1 -1
- package/dist/tools/edit-diff.js +208 -10
- package/dist/tools/edit-diff.js.map +1 -1
- package/dist/tools/edit-diff.test.js +175 -15
- package/dist/tools/edit-diff.test.js.map +1 -1
- package/dist/tools/edit.d.ts +3 -1
- package/dist/tools/edit.d.ts.map +1 -1
- package/dist/tools/edit.js +190 -44
- package/dist/tools/edit.js.map +1 -1
- package/dist/tools/edit.test.js +392 -3
- package/dist/tools/edit.test.js.map +1 -1
- package/dist/tools/enter-plan.d.ts.map +1 -1
- package/dist/tools/enter-plan.js +1 -0
- package/dist/tools/enter-plan.js.map +1 -1
- package/dist/tools/exit-plan.d.ts.map +1 -1
- package/dist/tools/exit-plan.js +1 -0
- package/dist/tools/exit-plan.js.map +1 -1
- package/dist/tools/index.d.ts +13 -0
- package/dist/tools/index.d.ts.map +1 -1
- package/dist/tools/index.js +4 -4
- package/dist/tools/index.js.map +1 -1
- package/dist/tools/prompt-hints.d.ts.map +1 -1
- package/dist/tools/prompt-hints.js +6 -4
- package/dist/tools/prompt-hints.js.map +1 -1
- package/dist/tools/read.d.ts +1 -1
- package/dist/tools/read.d.ts.map +1 -1
- package/dist/tools/read.js +2 -1
- package/dist/tools/read.js.map +1 -1
- package/dist/tools/subagent.d.ts +1 -1
- package/dist/tools/subagent.d.ts.map +1 -1
- package/dist/tools/subagent.js +55 -2
- package/dist/tools/subagent.js.map +1 -1
- package/dist/tools/tasks.d.ts.map +1 -1
- package/dist/tools/tasks.js +1 -0
- package/dist/tools/tasks.js.map +1 -1
- package/dist/tools/web-fetch.d.ts +1 -0
- package/dist/tools/web-fetch.d.ts.map +1 -1
- package/dist/tools/web-fetch.js +96 -6
- package/dist/tools/web-fetch.js.map +1 -1
- package/dist/tools/web-fetch.test.d.ts +2 -0
- package/dist/tools/web-fetch.test.d.ts.map +1 -0
- package/dist/tools/web-fetch.test.js +90 -0
- package/dist/tools/web-fetch.test.js.map +1 -0
- package/dist/tools/web-search.d.ts +1 -0
- package/dist/tools/web-search.d.ts.map +1 -1
- package/dist/tools/web-search.js +167 -27
- package/dist/tools/web-search.js.map +1 -1
- package/dist/tools/web-search.test.d.ts +2 -0
- package/dist/tools/web-search.test.d.ts.map +1 -0
- package/dist/tools/web-search.test.js +119 -0
- package/dist/tools/web-search.test.js.map +1 -0
- package/dist/tools/write.d.ts +1 -1
- package/dist/tools/write.d.ts.map +1 -1
- package/dist/tools/write.js +3 -1
- package/dist/tools/write.js.map +1 -1
- package/dist/tools/write.test.js +23 -0
- package/dist/tools/write.test.js.map +1 -1
- package/dist/ui/App.d.ts +54 -5
- package/dist/ui/App.d.ts.map +1 -1
- package/dist/ui/App.js +533 -241
- package/dist/ui/App.js.map +1 -1
- package/dist/ui/activity-phrases.d.ts +2 -1
- package/dist/ui/activity-phrases.d.ts.map +1 -1
- package/dist/ui/activity-phrases.js +11 -1
- package/dist/ui/activity-phrases.js.map +1 -1
- package/dist/ui/components/ActivityIndicator.d.ts +15 -1
- package/dist/ui/components/ActivityIndicator.d.ts.map +1 -1
- package/dist/ui/components/ActivityIndicator.js +143 -44
- package/dist/ui/components/ActivityIndicator.js.map +1 -1
- package/dist/ui/components/ActivityIndicator.test.d.ts +2 -0
- package/dist/ui/components/ActivityIndicator.test.d.ts.map +1 -0
- package/dist/ui/components/ActivityIndicator.test.js +40 -0
- package/dist/ui/components/ActivityIndicator.test.js.map +1 -0
- package/dist/ui/components/AnimationContext.d.ts +8 -2
- package/dist/ui/components/AnimationContext.d.ts.map +1 -1
- package/dist/ui/components/AnimationContext.js +94 -16
- package/dist/ui/components/AnimationContext.js.map +1 -1
- package/dist/ui/components/AssistantMessage.js +1 -1
- package/dist/ui/components/AssistantMessage.js.map +1 -1
- package/dist/ui/components/CompactionNotice.d.ts +5 -1
- package/dist/ui/components/CompactionNotice.d.ts.map +1 -1
- package/dist/ui/components/CompactionNotice.js +4 -6
- package/dist/ui/components/CompactionNotice.js.map +1 -1
- package/dist/ui/components/Footer.d.ts +10 -2
- package/dist/ui/components/Footer.d.ts.map +1 -1
- package/dist/ui/components/Footer.js +45 -8
- package/dist/ui/components/Footer.js.map +1 -1
- package/dist/ui/components/InputArea.d.ts.map +1 -1
- package/dist/ui/components/InputArea.js +76 -28
- package/dist/ui/components/InputArea.js.map +1 -1
- package/dist/ui/components/ServerToolExecution.d.ts +1 -0
- package/dist/ui/components/ServerToolExecution.d.ts.map +1 -1
- package/dist/ui/components/ServerToolExecution.js +21 -2
- package/dist/ui/components/ServerToolExecution.js.map +1 -1
- package/dist/ui/components/Spinner.d.ts +3 -1
- package/dist/ui/components/Spinner.d.ts.map +1 -1
- package/dist/ui/components/Spinner.js +10 -4
- package/dist/ui/components/Spinner.js.map +1 -1
- package/dist/ui/components/StreamingArea.js +1 -1
- package/dist/ui/components/StreamingArea.js.map +1 -1
- package/dist/ui/components/SubAgentPanel.d.ts.map +1 -1
- package/dist/ui/components/SubAgentPanel.js +3 -4
- package/dist/ui/components/SubAgentPanel.js.map +1 -1
- package/dist/ui/components/ToolExecution.d.ts +2 -0
- package/dist/ui/components/ToolExecution.d.ts.map +1 -1
- package/dist/ui/components/ToolExecution.js +24 -5
- package/dist/ui/components/ToolExecution.js.map +1 -1
- package/dist/ui/components/ToolGroupExecution.d.ts.map +1 -1
- package/dist/ui/components/ToolGroupExecution.js +23 -2
- package/dist/ui/components/ToolGroupExecution.js.map +1 -1
- package/dist/ui/components/ToolUseLoader.d.ts +4 -2
- package/dist/ui/components/ToolUseLoader.d.ts.map +1 -1
- package/dist/ui/components/ToolUseLoader.js +3 -3
- package/dist/ui/components/ToolUseLoader.js.map +1 -1
- package/dist/ui/components/index.d.ts +1 -2
- package/dist/ui/components/index.d.ts.map +1 -1
- package/dist/ui/components/index.js +1 -2
- package/dist/ui/components/index.js.map +1 -1
- package/dist/ui/hooks/useAgentLoop.d.ts +4 -1
- package/dist/ui/hooks/useAgentLoop.d.ts.map +1 -1
- package/dist/ui/hooks/useAgentLoop.js +110 -13
- package/dist/ui/hooks/useAgentLoop.js.map +1 -1
- package/dist/ui/hooks/useBlink.d.ts.map +1 -1
- package/dist/ui/hooks/useBlink.js +3 -4
- package/dist/ui/hooks/useBlink.js.map +1 -1
- package/dist/ui/hooks/useTerminalSize.d.ts +12 -3
- package/dist/ui/hooks/useTerminalSize.d.ts.map +1 -1
- package/dist/ui/hooks/useTerminalSize.js +16 -1
- package/dist/ui/hooks/useTerminalSize.js.map +1 -1
- package/dist/ui/pixel.js +1 -1
- package/dist/ui/render.d.ts +44 -5
- package/dist/ui/render.d.ts.map +1 -1
- package/dist/ui/render.js +56 -8
- package/dist/ui/render.js.map +1 -1
- package/dist/utils/error-handler.d.ts.map +1 -1
- package/dist/utils/error-handler.js +2 -0
- package/dist/utils/error-handler.js.map +1 -1
- package/package.json +10 -7
- package/dist/ui/buddy/Buddy.d.ts +0 -15
- package/dist/ui/buddy/Buddy.d.ts.map +0 -1
- package/dist/ui/buddy/Buddy.js +0 -118
- package/dist/ui/buddy/Buddy.js.map +0 -1
- package/dist/ui/buddy/gacha.d.ts +0 -8
- package/dist/ui/buddy/gacha.d.ts.map +0 -1
- package/dist/ui/buddy/gacha.js +0 -94
- package/dist/ui/buddy/gacha.js.map +0 -1
- package/dist/ui/buddy/species.d.ts +0 -52
- package/dist/ui/buddy/species.d.ts.map +0 -1
- package/dist/ui/buddy/species.js +0 -257
- package/dist/ui/buddy/species.js.map +0 -1
- package/dist/ui/components/ThinkingIndicator.d.ts +0 -6
- package/dist/ui/components/ThinkingIndicator.d.ts.map +0 -1
- package/dist/ui/components/ThinkingIndicator.js +0 -145
- package/dist/ui/components/ThinkingIndicator.js.map +0 -1
|
@@ -6,102 +6,464 @@ export const PROMPT_COMMANDS = [
|
|
|
6
6
|
{
|
|
7
7
|
name: "scan",
|
|
8
8
|
aliases: [],
|
|
9
|
-
description: "Find dead code
|
|
10
|
-
prompt:
|
|
9
|
+
description: "Find confirmed dead code only",
|
|
10
|
+
prompt: `# Scan: Confirmed Dead Code Review
|
|
11
11
|
|
|
12
|
-
|
|
12
|
+
Find dead code in this codebase. Do not look for bugs, security issues, performance issues, style issues, or refactors. This command is report-first: do not edit or delete anything until the user chooses an option at the end.
|
|
13
13
|
|
|
14
|
-
|
|
14
|
+
## Phase 1: Parallel dead-code search
|
|
15
15
|
|
|
16
|
-
|
|
16
|
+
Spawn exactly 3 sub-agents in parallel using the subagent tool (call the subagent tool 3 times in a single response), each with a different validation angle:
|
|
17
17
|
|
|
18
|
-
**Agent
|
|
18
|
+
**Agent 1 - Static Reachability**: Check exports, imports, call sites, route registration, command registration, component usage, tests, package entrypoints, and public API surfaces. Identify candidates only when references appear absent or unreachable.
|
|
19
19
|
|
|
20
|
-
**Agent
|
|
20
|
+
**Agent 2 - Runtime & Dynamic Usage**: Check dynamic loading, reflection, string-based references, plugin systems, CLI commands, routes, config keys, generated-code hooks, framework conventions, side-effect imports, and files used outside TypeScript import graphs.
|
|
21
21
|
|
|
22
|
-
|
|
22
|
+
**Agent 3 - Historical & Boundary Safety**: Check git history, package manifests, build configs, docs, examples, scripts, CI, release artifacts, and external-facing filenames/API names that may be consumed by users even if unused internally.
|
|
23
23
|
|
|
24
|
-
|
|
24
|
+
Each sub-agent must return only candidates with file:line ranges, estimated line counts, validation evidence, and reasons removal may be unsafe. Finding nothing is valid.
|
|
25
25
|
|
|
26
|
-
|
|
27
|
-
2. **Broken** - Will cause errors, crashes, or wrong behavior. Not "might" - WILL.
|
|
28
|
-
3. **Dangerous** - Security holes, data exposure, resource exhaustion.
|
|
26
|
+
## Phase 2: Main-agent validation
|
|
29
27
|
|
|
30
|
-
|
|
28
|
+
For every candidate, validate it yourself before reporting it:
|
|
31
29
|
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
-
|
|
37
|
-
|
|
30
|
+
1. Search for references with grep/find and language-aware patterns where possible, including exact symbol names, filenames, route names, config keys, CLI command names, test names, and documented examples.
|
|
31
|
+
2. Check exports and package/public entrypoints before marking anything removable.
|
|
32
|
+
3. Check framework conventions and dynamic lookup risks before marking anything removable. Use official docs when a framework/tool convention could imply usage without direct imports.
|
|
33
|
+
4. Check whether removing it would change public API, CLI behavior, routes, config support, migration behavior, generated artifacts, docs examples, tests, or side effects.
|
|
34
|
+
5. For code-level removal tasks, kencode search is secondary: use it only to verify framework/tool conventions or common generated-code patterns that could make code appear unused locally. Do not treat absence from public code search as proof that local code is dead.
|
|
35
|
+
6. If evidence is incomplete, mark safety as Low or drop the finding.
|
|
38
36
|
|
|
39
|
-
|
|
37
|
+
## What counts as dead code
|
|
40
38
|
|
|
41
|
-
|
|
39
|
+
Report only code that is validated as one of:
|
|
42
40
|
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
41
|
+
- **Unused file**: no imports, no entrypoint references, no dynamic/framework usage, no public/exported contract.
|
|
42
|
+
- **Unused export**: exported but not referenced internally or by package entrypoints, and not part of documented/public API.
|
|
43
|
+
- **Unreachable branch**: condition/path cannot execute based on current code and config.
|
|
44
|
+
- **Obsolete artifact**: stale script/config/example/generated artifact no longer referenced by build, docs, package manifests, or CI.
|
|
45
|
+
- **No-op code**: code executes but has no observable effect and no intentional placeholder/documentation purpose.
|
|
46
|
+
|
|
47
|
+
Do not report:
|
|
48
|
+
- Public APIs, package exports, CLI commands, routes, config keys, migrations, docs examples, tests, generated-code integration points, or plugin hooks unless you can prove they are obsolete.
|
|
49
|
+
- Code only unused in the current test suite.
|
|
50
|
+
- Code that might be used through strings, framework conventions, side effects, or external consumers.
|
|
51
|
+
- Anything you are not confident is safe to remove.
|
|
52
|
+
|
|
53
|
+
## Safety labels
|
|
54
|
+
|
|
55
|
+
- **High**: Strong evidence from static references, entrypoints, configs, docs, tests, and dynamic-use checks; removal is likely safe.
|
|
56
|
+
- **Medium**: Probably dead, but one boundary or dynamic-use risk remains; remove only with targeted verification.
|
|
57
|
+
- **Low**: Suspicious but not proven; do not remove without more investigation.
|
|
58
|
+
|
|
59
|
+
## Final output
|
|
60
|
+
|
|
61
|
+
Output one concise table, prioritized by safety and impact. No prose before the table.
|
|
62
|
+
|
|
63
|
+
| Priority | Location | Lines | Dead-code type | Evidence | Safety to remove | Recommended action |
|
|
64
|
+
|---|---|---:|---|---|---|---|
|
|
65
|
+
| P0/P1/P2/P3 | file:line-line | N | unused file/export/branch/artifact/no-op | one sentence | High/Medium/Low | Remove / Investigate / Keep |
|
|
66
|
+
|
|
67
|
+
Priority guide:
|
|
68
|
+
- **P0**: High-safety removal with meaningful line or complexity reduction.
|
|
69
|
+
- **P1**: High-safety small removal, or Medium-safety meaningful cleanup.
|
|
70
|
+
- **P2**: Medium-safety small cleanup; needs targeted verification.
|
|
71
|
+
- **P3**: Low-safety candidate; keep unless user wants deeper investigation.
|
|
72
|
+
|
|
73
|
+
Rules:
|
|
74
|
+
- Put High safety rows first, then Medium, then Low.
|
|
75
|
+
- Keep each table cell short.
|
|
76
|
+
- If no confirmed dead code is found, output one row saying none found and set action to \`Keep\`.
|
|
77
|
+
- Do not recommend deletion for Low-safety rows.
|
|
78
|
+
|
|
79
|
+
After the table, ask exactly:
|
|
80
|
+
|
|
81
|
+
What should I do?
|
|
82
|
+
A) Create tasks to remove all High-safety dead code
|
|
83
|
+
B) Create tasks to remove only top priorities
|
|
84
|
+
C) Skip
|
|
85
|
+
|
|
86
|
+
Do not start deleting or editing until the user chooses.
|
|
48
87
|
|
|
49
|
-
|
|
88
|
+
If the user chooses A or B, do not remove code directly. Instead, use the tasks tool to create one task per selected removal or tightly coupled removal group, ordered by dependency and risk. Each task prompt must be standalone and include the exact locations, safety evidence, reference-search requirements, removal instructions, project verification commands, and instructions to prove the removal did not delete used code before marking the task complete. That proof must include fresh local reference searches after editing, relevant project checks/tests, and official-docs or kencode comparison only where framework/tool conventions or generated-code patterns could imply hidden usage. After creating tasks, tell the user exactly: "Tasks created. Press CTRL + T to open the Tasks Pane and press R to run all tasks." Do not begin executing them unless the user explicitly starts a task.`,
|
|
50
89
|
},
|
|
51
90
|
{
|
|
52
91
|
name: "verify",
|
|
53
92
|
aliases: [],
|
|
54
|
-
description: "
|
|
55
|
-
prompt:
|
|
93
|
+
description: "Review this codebase against real-world implementations",
|
|
94
|
+
prompt: `# Verify: Codebase Real-World Check
|
|
95
|
+
|
|
96
|
+
Review this codebase's implementation against real-world code, not opinions. Start with changes from this conversation or \`git diff\` / \`git status\`; if there are no relevant changes, choose the most important implemented feature or module in the current project and review that.
|
|
97
|
+
|
|
98
|
+
## Phase 1: Parallel codebase review
|
|
99
|
+
|
|
100
|
+
Spawn exactly 3 sub-agents in parallel using the subagent tool (call the subagent tool 3 times in a single response), each with a different focus:
|
|
101
|
+
|
|
102
|
+
**Agent 1 - Implementation Shape**: Identify the main APIs, components, functions, file structure, state flow, and integration points. Return only concrete search anchors and candidate concerns.
|
|
103
|
+
|
|
104
|
+
**Agent 2 - Completeness**: Check whether the implementation appears to miss expected pieces: edge cases, cleanup, error states, validation, tests, configuration, accessibility, migrations, docs, or lifecycle handling. Return only concrete candidate gaps.
|
|
105
|
+
|
|
106
|
+
**Agent 3 - Divergence**: Look for unusual patterns, over-custom code, reinvented utilities, brittle abstractions, or choices that may differ from how mature projects solve the same problem. Return only concrete candidate divergences.
|
|
107
|
+
|
|
108
|
+
Each sub-agent must include file:line references and suggested literal search anchors for kencode search, such as imports, function names, hooks, props, config keys, or API calls. Do not report subjective style preferences.
|
|
109
|
+
|
|
110
|
+
## Phase 2: Real-world comparison with kencode search
|
|
111
|
+
|
|
112
|
+
After the 3 agents return, use \`mcp__kencode-search__searchCode\` yourself to verify or reject their candidates.
|
|
113
|
+
|
|
114
|
+
Search rules:
|
|
115
|
+
- Use literal code tokens, not conceptual phrases.
|
|
116
|
+
- Prefer imports, framework identifiers, config keys, hook names, component names, and API calls from this codebase.
|
|
117
|
+
- Use \`peek: true\` first when exploring, then fetch narrowed examples with repo/path filters when useful.
|
|
118
|
+
- Compare against multiple real repositories when possible; one repo is weak evidence unless it is an official or canonical implementation.
|
|
119
|
+
- If kencode search is unavailable or returns insufficient evidence, say that in the Evidence column and lower confidence.
|
|
120
|
+
|
|
121
|
+
## What to classify
|
|
122
|
+
|
|
123
|
+
Report only findings that fit one of these:
|
|
124
|
+
|
|
125
|
+
1. **Aligned** - The implementation matches consistent real-world practice. No action needed.
|
|
126
|
+
2. **Missing** - Real-world implementations consistently include something this code lacks.
|
|
127
|
+
3. **Divergent** - This code differs from common implementations in a way that likely matters.
|
|
128
|
+
4. **Better Elsewhere** - Real-world implementations solve the same problem more robustly or simply, with evidence.
|
|
129
|
+
|
|
130
|
+
Drop anything that is only taste, personal preference, or unsupported by code evidence.
|
|
131
|
+
|
|
132
|
+
## Final output
|
|
133
|
+
|
|
134
|
+
Output one concise table, prioritized by impact. No prose before the table.
|
|
135
|
+
|
|
136
|
+
| Priority | Type | Location | Finding | Evidence | Recommended action |
|
|
137
|
+
|---|---|---|---|---|---|
|
|
138
|
+
| P0/P1/P2/P3 | Missing/Divergent/Better Elsewhere/Aligned | file:line | one sentence | kencode evidence in one sentence | concrete action or \`None\` |
|
|
139
|
+
|
|
140
|
+
Priority guide:
|
|
141
|
+
- **P0**: likely bug, data loss, security risk, or broken integration.
|
|
142
|
+
- **P1**: important missing behavior or maintainability risk.
|
|
143
|
+
- **P2**: useful improvement backed by real-world evidence.
|
|
144
|
+
- **P3**: aligned/no-action observations.
|
|
145
|
+
|
|
146
|
+
Rules:
|
|
147
|
+
- Keep each table cell short.
|
|
148
|
+
- Put action-taking findings before aligned findings.
|
|
149
|
+
- If everything is aligned, output only aligned rows and set every action to \`None\`.
|
|
150
|
+
- If there is not enough evidence for any finding, output one row explaining that verification was inconclusive.
|
|
151
|
+
|
|
152
|
+
After the table, ask exactly:
|
|
153
|
+
|
|
154
|
+
Which should I do?
|
|
155
|
+
A) Create tasks to refine and adjust all
|
|
156
|
+
B) Create tasks for just top priorities
|
|
157
|
+
C) Skip
|
|
158
|
+
|
|
159
|
+
Do not start fixing until the user chooses.
|
|
160
|
+
|
|
161
|
+
If the user chooses A or B, do not fix directly. Instead, use the tasks tool to create one task per selected finding or tightly coupled finding group, ordered by dependency and priority. Each task prompt must be standalone and include the finding, affected local files/anchors, kencode evidence from the report, instructions to compare the approach with kencode search before editing, implementation instructions, project verification commands, and instructions to compare the final implementation with kencode search again before marking the task complete. After creating tasks, tell the user exactly: "Tasks created. Press CTRL + T to open the Tasks Pane and press R to run all tasks." Do not begin executing them unless the user explicitly starts a task.`,
|
|
162
|
+
},
|
|
163
|
+
{
|
|
164
|
+
name: "expand",
|
|
165
|
+
aliases: [],
|
|
166
|
+
description: "Find high-value gaps by comparing this project to current alternatives",
|
|
167
|
+
prompt: `# Expand: Current Competitive Gap Review
|
|
168
|
+
|
|
169
|
+
Find high-value gaps by comparing this project to similar, adjacent, and best-in-class repositories/tools/websites/services. This command is project-agnostic: infer what THIS project is before choosing comparisons. This command is report-first: do not edit, install, or implement anything until the user chooses an option at the end.
|
|
170
|
+
|
|
171
|
+
## Phase 0: Profile this project first
|
|
172
|
+
|
|
173
|
+
Before external research, inspect the local project and write a private working profile:
|
|
174
|
+
|
|
175
|
+
- What the project does, who it serves, and how it ships/runs.
|
|
176
|
+
- Core workflows, entrypoints, packages/modules, integrations, and user-facing surfaces.
|
|
177
|
+
- Existing features, security controls, developer tooling, docs, tests, release/ops setup, and architecture patterns.
|
|
178
|
+
- The most relevant comparison categories for THIS project. Do not assume this is an AI-agent app unless the repo proves it.
|
|
179
|
+
|
|
180
|
+
Use this profile to decide what kinds of external projects are relevant. If the user passed arguments to /expand, treat them as a focus area and prioritize that lens while still validating project relevance.
|
|
181
|
+
|
|
182
|
+
## Phase 1: Parallel expansion research
|
|
183
|
+
|
|
184
|
+
Spawn exactly 5 sub-agents in parallel using the subagent tool (call the subagent tool 5 times in a single response). Give each sub-agent the project profile and a different comparison lens. Adapt the lenses to the project, but cover these defaults unless clearly irrelevant:
|
|
185
|
+
|
|
186
|
+
**Agent 1 - Direct peers & product features**: Find actively maintained projects/tools/services closest to this project. Look for user-facing capabilities, workflows, integrations, onboarding, and monetizable/retention-driving features they have that this project lacks.
|
|
187
|
+
|
|
188
|
+
**Agent 2 - Security, privacy & recent incidents**: Find recent security/privacy hardening, dependency ecosystem changes, advisories, exploit mitigations, auth/session patterns, sandboxing, supply-chain defenses, and issue/PR fixes from comparable projects that this project should consider.
|
|
189
|
+
|
|
190
|
+
**Agent 3 - Architecture, code quality & implementation shape**: Compare code organization, APIs, extensibility, agent/runtime loops, data models, concurrency, error handling, configuration, plugin systems, and maintainability patterns. Include cleaner implementation ideas only when they produce concrete user/developer value.
|
|
191
|
+
|
|
192
|
+
**Agent 4 - Developer experience, ops & release maturity**: Compare tests, CI/CD, docs, examples, templates, telemetry/observability, migrations, upgrade paths, packaging, installation, local dev, debugging, and support workflows.
|
|
193
|
+
|
|
194
|
+
**Agent 5 - Ecosystem, trends & adjacent inspiration**: Look beyond direct peers to adjacent current tools, libraries, SaaS products, standards, RFCs, framework releases, and recent commits/releases that suggest important missing directions.
|
|
195
|
+
|
|
196
|
+
Each sub-agent must:
|
|
56
197
|
|
|
57
|
-
|
|
198
|
+
1. Use current sources: prefer repos/releases/commits/docs/articles updated within the last 6 months. Drop old or stale sources unless they are canonical and still actively maintained.
|
|
199
|
+
2. Return only candidates that appear absent or materially weaker in this project.
|
|
200
|
+
3. Include source names/URLs, freshness date (commit/release/article/doc date), and the local search anchors they used or recommend to verify absence.
|
|
201
|
+
4. Separate findings into useful categories for the final report, such as Security, Product, Architecture, Developer Experience, Operations, or Ecosystem.
|
|
202
|
+
5. Avoid generic wishlist items. Every candidate must be grounded in an external comparison and relevant to this project profile.
|
|
58
203
|
|
|
59
|
-
|
|
204
|
+
## Phase 2: Main-agent validation against this repo
|
|
60
205
|
|
|
61
|
-
|
|
206
|
+
For every candidate from the sub-agents, validate it yourself before reporting:
|
|
62
207
|
|
|
63
|
-
|
|
208
|
+
1. Confirm the external source is relevant to this project and fresh enough (normally within 6 months).
|
|
209
|
+
2. Search this repo with grep/find and language-aware anchors to check whether the feature/pattern/control already exists under another name.
|
|
210
|
+
3. Check manifests, docs, configs, package exports, routes, CLI commands, tests, CI, examples, and framework conventions before calling something missing.
|
|
211
|
+
4. Use mcp__kencode-search__searchCode when code-level comparison would clarify whether the external implementation is materially cleaner or more complete. Use literal imports, functions, config keys, CLI flags, route names, or package names — not conceptual phrases.
|
|
212
|
+
5. Drop anything already present, not applicable, too vague, too stale, or unsupported by evidence.
|
|
213
|
+
6. Keep the report short: prioritize the highest-value gaps over completeness.
|
|
64
214
|
|
|
65
|
-
|
|
215
|
+
## What counts as a reportable gap
|
|
66
216
|
|
|
67
|
-
|
|
217
|
+
Report only gaps that are:
|
|
68
218
|
|
|
69
|
-
**
|
|
219
|
+
- **Missing capability**: A relevant current peer has a feature, integration, workflow, or user-facing behavior this project lacks.
|
|
220
|
+
- **Security/privacy hardening**: A current source addressed a meaningful risk this project has not addressed.
|
|
221
|
+
- **Operational maturity**: A relevant project has CI, release, observability, packaging, migration, or support practices this project lacks.
|
|
222
|
+
- **Developer experience**: A relevant project has docs, examples, tests, debugging, local dev, extension points, or generated commands that would materially improve this project.
|
|
223
|
+
- **Implementation quality**: A comparable codebase handles a shared concern more simply, safely, extensibly, or robustly, and this repo lacks that pattern.
|
|
224
|
+
- **Ecosystem alignment**: A recent framework/API/standard/release changed expectations and this project has not caught up.
|
|
70
225
|
|
|
71
|
-
|
|
226
|
+
Do not report:
|
|
72
227
|
|
|
73
|
-
|
|
228
|
+
- Ideas not tied to a real current source.
|
|
229
|
+
- Things this repo already has, even if named differently.
|
|
230
|
+
- Stale comparisons with no activity in the last 6 months unless canonical and still relevant.
|
|
231
|
+
- Pure taste or style preferences.
|
|
232
|
+
- Massive rewrites unless there is a specific incremental gap to implement.
|
|
233
|
+
- Low-confidence guesses.
|
|
74
234
|
|
|
75
|
-
|
|
76
|
-
1. **Identify** - What's relevant in THIS project for your category
|
|
77
|
-
2. **Find** - Locate specific implementations in the codebase
|
|
78
|
-
3. **Verify** - Check against real code or official docs
|
|
79
|
-
4. **Report** - Only report when verified current practice differs from codebase
|
|
235
|
+
## Priority levels
|
|
80
236
|
|
|
81
|
-
|
|
237
|
+
- **P0**: Critical gap: security exposure, data loss risk, broken compatibility, major missing core workflow, or urgent ecosystem change.
|
|
238
|
+
- **P1**: High-value gap: important feature/hardening/DX/ops improvement with strong external evidence and clear fit.
|
|
239
|
+
- **P2**: Useful gap: meaningful but not urgent, or requires a scoped design decision before implementation.
|
|
240
|
+
- **P3**: Exploratory gap: promising but lower confidence or lower immediate impact. Use sparingly.
|
|
82
241
|
|
|
83
|
-
|
|
84
|
-
1. **OUTDATED** - Works but uses old patterns with verified better alternatives
|
|
85
|
-
2. **DEPRECATED** - Uses APIs marked deprecated in current official docs
|
|
86
|
-
3. **INCORRECT** - Implementation contradicts official documentation
|
|
242
|
+
## Final output
|
|
87
243
|
|
|
88
|
-
|
|
89
|
-
- "I think there's a better way" without verification - NO
|
|
90
|
-
- "This looks old" without proof - NO
|
|
91
|
-
- Style preferences or subjective improvements - NO
|
|
92
|
-
- Anything not verified via real code or official docs - NO
|
|
244
|
+
Output separate category sections only for categories with findings. No prose before the first section. Each section must use a table with exactly these 3 columns:
|
|
93
245
|
|
|
94
|
-
|
|
246
|
+
| Repo/tool/source | Feature or gap | Priority |
|
|
247
|
+
|---|---|---|
|
|
248
|
+
| name + fresh date | concise gap, evidence, and why this repo lacks it | P0/P1/P2/P3 |
|
|
249
|
+
|
|
250
|
+
Rules:
|
|
251
|
+
|
|
252
|
+
- The table must have exactly 3 columns. Put source URL/date/evidence and local absence proof inside the first two cells, not extra columns.
|
|
253
|
+
- Sort rows by priority within each category: P0, then P1, then P2, then P3.
|
|
254
|
+
- Keep each cell concise but specific enough to be actionable.
|
|
255
|
+
- If no validated gaps are found, output one table row saying no fresh validated gaps were found.
|
|
256
|
+
- Do not include implementation prose after the tables except the options below.
|
|
257
|
+
|
|
258
|
+
After the tables, ask exactly:
|
|
259
|
+
|
|
260
|
+
What should I do?
|
|
261
|
+
A) Create tasks for all P0/P1 gaps
|
|
262
|
+
B) Create tasks for only the top priority gap from each category
|
|
263
|
+
C) Skip
|
|
264
|
+
|
|
265
|
+
Do not start implementing until the user chooses.
|
|
266
|
+
|
|
267
|
+
If the user chooses A or B, do not implement gaps directly. Instead, use the tasks tool to create one implementation task per selected gap, ordered by dependency and priority.
|
|
268
|
+
|
|
269
|
+
Each task prompt must be standalone and include:
|
|
270
|
+
|
|
271
|
+
1. The specific gap, including relevant local files/anchors and source evidence from the /expand report.
|
|
272
|
+
2. Instructions to compare the implementation approach with kencode search before editing, using literal code tokens and current real-world examples.
|
|
273
|
+
3. Instructions to implement the gap in the local codebase.
|
|
274
|
+
4. Instructions to verify correctness after implementation by running project checks and by comparing the final implementation with kencode search again before marking the task complete.
|
|
275
|
+
|
|
276
|
+
Do not create planning tasks, do not instruct tasks to use planning-only workflows, and do not create or write implementation plans from /expand selections.
|
|
277
|
+
|
|
278
|
+
After creating tasks, tell the user exactly: "Tasks created. Press CTRL + T to open the Tasks Pane and press R to run all tasks." Do not begin executing them unless the user explicitly starts a task.`,
|
|
279
|
+
},
|
|
280
|
+
{
|
|
281
|
+
name: "bullet-proof",
|
|
282
|
+
aliases: ["bp"],
|
|
283
|
+
description: "Defensive security review — audit the project for exploitable weaknesses",
|
|
284
|
+
prompt: `# Bullet-Proof: Defensive Security Review
|
|
285
|
+
|
|
286
|
+
You are a defensive security auditor reviewing this codebase to identify exploitable weaknesses so they can be patched before the project ships. Think rigorously about realistic threat scenarios — boundary checks, edge cases, race conditions, trust assumptions, supply-chain risks, agent-mediated paths.
|
|
287
|
+
|
|
288
|
+
Goal: harden this project against realistic threats. **Report only HIGH CONFIDENCE findings (≥0.8) with a concrete data-flow path that demonstrates exposure.** Better to miss theoretical issues than flood the report with noise.
|
|
289
|
+
|
|
290
|
+
This command is **dynamic and project-agnostic**. Recon drives everything. Do not assume the stack, the language, the deploy target, or that there is an LLM/agent layer. Read first, decide second.
|
|
291
|
+
|
|
292
|
+
## Phase 1: Recon — Understand THIS project before auditing anything
|
|
293
|
+
|
|
294
|
+
Spawn **FOUR recon subagents in parallel** using the subagent tool (call the subagent tool 4 times in a single response). Each has a narrow, independent slice so they can all run at once. **No vulnerabilities flagged in this phase.**
|
|
295
|
+
|
|
296
|
+
**Recon Agent A — Stack & Deployment.** Read manifests, lockfiles, CI/CD configs, Dockerfile/Helm/Terraform, deploy scripts. Produce:
|
|
297
|
+
- Primary language(s), framework(s), runtimes
|
|
298
|
+
- Deploy target (browser / server / CLI / mobile / desktop / embedded / cloud function / container / serverless / smart contract / firmware / ML pipeline / library / SaaS / self-hosted)
|
|
299
|
+
- How it ships (npm/PyPI/cargo/go modules/app store/binary/Docker image/Helm chart/Terraform)
|
|
300
|
+
- Where it runs (which cloud/host, multi-tenant or single-tenant, network topology if discernible)
|
|
301
|
+
|
|
302
|
+
**Recon Agent B — Trust Boundaries & Sources.** Walk entry-point code (route handlers, CLI argparse, queue consumers, WebSocket handlers, IPC receivers, MCP server handlers, file/env readers, deserialization entry, plugin loaders). Produce:
|
|
303
|
+
- **Trust boundaries table** — every place untrusted data crosses into the system
|
|
304
|
+
- **Sources table** — for each entry point: location (file:line), input shape, who controls it (anonymous / authenticated user / admin / other service / build-time / env)
|
|
305
|
+
|
|
306
|
+
**Recon Agent C — Sinks.** Walk dangerous-operation code. Produce a **Sinks table** with location (file:line) and sink type for: shell exec, SQL / NoSQL / LDAP / XPath queries, eval / Function / exec / pickle / yaml.load / Marshal / ObjectInputStream, file write, file include / require with dynamic path, network egress (fetch / requests / http.Get), auth decisions, secret reads, native deserializers, dynamic code load, smart-contract external calls, child_process spawns.
|
|
307
|
+
|
|
308
|
+
**Recon Agent D — Assets.** Scan for what is worth stealing or destroying. Produce an **Assets table** with location and asset type for: credentials / tokens (config files, env files, KMS, OAuth flows, ~/.{app}/auth.json-style stores), customer/PII data stores, source code with IP value, build/CI secrets, signing keys, model API tokens, on-chain funds / wallets, session state, MCP config files, license keys.
|
|
309
|
+
|
|
310
|
+
**After all four return, the main agent synthesizes:**
|
|
311
|
+
1. Assemble the four tables (Stack/Deploy, Sources, Sinks, Assets) into the recon report
|
|
312
|
+
2. Add the **Threat model** — concrete to THIS project, derived from the four agents' outputs. Who would realistically target it and what for? (Examples: supply-chain risks affecting downstream users of a library; multi-tenant abuse on a SaaS; untrusted user input on a CLI/mobile app; insider risk with repo access; phishing-based account takeover; coding-agent risks from injected web content; on-chain reentrancy risks for a smart contract.) Be specific.
|
|
313
|
+
3. Note any obvious gaps the four recon agents flagged (areas that need a deeper look in Phase 3)
|
|
314
|
+
|
|
315
|
+
## Phase 2: Plan the audit — recon drives this
|
|
316
|
+
|
|
317
|
+
From the recon output, decide which vulnerability classes apply to THIS project. **Skip audits with no entry surface.** A static documentation site does not get a SQLi audit. A Rust embedded firmware project does not get a prompt-injection audit. A Python ML pipeline does get pickle/yaml audits. A library that ships to others gets supply-chain weighted heavily.
|
|
318
|
+
|
|
319
|
+
Default catalog — pick what applies, drop what doesn't, add stack-specific audits where recon shows a unique surface:
|
|
320
|
+
|
|
321
|
+
| Audit | Fires when | Audits for |
|
|
322
|
+
|---|---|---|
|
|
323
|
+
| **Injection** | unsanitized input reaches an interpreter | SQLi, command injection, template injection, eval/Function/exec, pickle/yaml.load, NoSQL/LDAP/XPath injection, prompt injection |
|
|
324
|
+
| **AuthN/AuthZ/Session** | any auth, session, or access-control logic exists | broken access control (IDOR, BOLA), JWT alg confusion / alg:none, OAuth state/PKCE/redirect-uri abuse, session fixation, missing rate limit on credential checks, MFA bypass, TOCTOU races |
|
|
325
|
+
| **Secrets & exposure paths** | any secret/credential/token exists | hardcoded keys, logs/errors/debug-file leakage, source maps in published artifacts, telemetry leakage, prototype pollution exposing secrets, \`JSON.stringify(err)\` shapes, env dump in error pages, exposed \`.git\`/\`.env\`/\`.map\` |
|
|
326
|
+
| **Supply chain** | any dependency manager or external code | unpinned deps/actions, postinstall scripts, typosquats, **slopsquats (AI-hallucinated package names registered by malicious parties)**, dependency confusion, lockfile drift, install-time \`curl \\| sh\`, unsigned releases, unverified maintainer takeovers, self-spreading worms (Shai-Hulud family) |
|
|
327
|
+
| **CI/CD & build integrity** | any CI workflow, release pipeline | \`pull_request_target\` + checkout of PR HEAD (Pwn Request), Actions cache poisoning, OIDC token theft from \`/proc\`, self-hosted runner reuse, secret echoes, missing \`permissions:\` block |
|
|
328
|
+
| **SSRF, path traversal, file ops** | any URL/path/file built from input | SSRF to metadata endpoints (IMDSv1), path traversal, zip-slip, symlink races, unrestricted upload, archive extraction outside target dir |
|
|
329
|
+
| **Cloud/infra & misconfig** | any IaC, container, cloud SDK use | overpermissive IAM (\`Action:*\`, \`iam:PassRole:*\`), public buckets, IMDSv1, exposed K8s API/kubelet, presigned URLs without expiry, default creds, debug endpoints in prod, CORS \`origin:*\` + \`credentials:true\` |
|
|
330
|
+
| **Crypto** | any crypto/hashing/signing | weak algos (MD5/SHA1 for auth), missing IV, ECB mode, hardcoded keys, JWT \`alg:none\`, non-constant-time compare on secrets, predictable PRNG for tokens |
|
|
331
|
+
| **Agent surface** | only if recon detected LLM/AI/MCP/coding-agent/tool-calling code | indirect prompt injection via fetched content, MCP tool poisoning, tool-description injection (ToolLeak), system-prompt exposure via tool args, **Rules-File Backdoor (Unicode bidi / zero-width chars hiding instructions in CLAUDE.md / .cursorrules / AGENTS.md)**, malicious CLAUDE.md walking up parent dirs, DNS-exfil via coerced tool calls, RAG / memory / context poisoning, vector-store embedding risks |
|
|
332
|
+
| **Dangerous-sink dataflow (taint)** | Sources × Sinks tables are non-empty | trace each Source through the codebase to every reachable Sink; flag reachable paths with no sanitization between |
|
|
333
|
+
|
|
334
|
+
**Add stack-specific audits when recon surfaces them**: smart-contract reentrancy/oracle manipulation; mobile IPC / deep links / pasteboard / WebView \`addJavascriptInterface\`; embedded firmware update integrity, debug interfaces left enabled; ML model deserialization, training-data poisoning, MLflow/Triton config exposure.
|
|
335
|
+
|
|
336
|
+
## Phase 3: Parallel audits
|
|
337
|
+
|
|
338
|
+
Spawn one subagent per active audit **in a single response** (call the subagent tool N times **with \`agent: "auditor"\`**, where N is whatever Phase 2 picked — do not pad to a fixed number, do not drop audits Phase 2 selected). The \`auditor\` agent has the defensive-review persona and exclusion list baked in, so your task description only needs the vulnerability-class scope. Each auditor receives:
|
|
339
|
+
- The full recon output (Sources, Sinks, Assets, Threat model)
|
|
340
|
+
- Its specific vulnerability-class scope
|
|
341
|
+
- The 2026 threat reference at the bottom of this prompt
|
|
342
|
+
|
|
343
|
+
Each auditor must:
|
|
344
|
+
1. **Trace data flow** from Sources to Sinks for its class. Not pattern matching.
|
|
345
|
+
2. For every candidate, apply the **untrusted-input vs trusted-input** decision: is the input *actually reachable* by an untrusted source, or is it a settings constant / build-time string / hard-coded value?
|
|
346
|
+
3. Construct a concrete **vulnerability scenario** — describe how the weakness would be triggered (input → system response → resulting exposure). If you can't describe the steps, don't flag it.
|
|
347
|
+
4. Assign **confidence 0.0–1.0**. Drop anything <0.8 before returning.
|
|
348
|
+
5. Be framework-aware: ORM parameterization, auto-escape, memory-safe languages, JSX/template escaping all eliminate entire vuln classes. Don't flag what the framework already handles.
|
|
349
|
+
|
|
350
|
+
## Phase 4: False-positive filter
|
|
351
|
+
|
|
352
|
+
After auditors complete, spawn one verification subagent per surviving finding **in parallel with \`agent: "skeptic"\`** (call the subagent tool once per finding in a single response). The \`skeptic\` agent starts from "this is a false positive" and tries to disprove the finding — only confirmed findings survive. Pass each verifier the full audit finding (location, source/sink, vulnerability scenario, claimed confidence). Drop anything the skeptic returns as DROP; lower severity for DOWNGRADE.
|
|
353
|
+
|
|
354
|
+
**Hard exclusions — do NOT report these, even if real:**
|
|
355
|
+
- DOS / rate-limiting / memory exhaustion without a clear amplification primitive
|
|
356
|
+
- Theoretical race conditions without a demonstrable trigger window
|
|
357
|
+
- Regex-DOS without untrusted-supplied regex
|
|
358
|
+
- Log spoofing / log injection (cosmetic)
|
|
359
|
+
- SSRF where the URL is a settings constant or build-time string
|
|
360
|
+
- Env-var trust (env is server-controlled by definition)
|
|
361
|
+
- Client-side authentication theatre on a server-validated endpoint
|
|
362
|
+
- React/Angular/Vue XSS in non-unsafe-sink paths (\`dangerouslySetInnerHTML\`, \`v-html\`, \`bypassSecurityTrust*\` are the only real ones)
|
|
363
|
+
- Shell-script command injection without an untrusted input path
|
|
364
|
+
- Findings in documentation files, example code, or test fixtures
|
|
365
|
+
- Insecure-by-design dev tooling that doesn't ship to users
|
|
366
|
+
- "Could be improved" style preferences or hardening-best-practice nudges with no demonstrable path
|
|
367
|
+
|
|
368
|
+
## Phase 5: Report
|
|
369
|
+
|
|
370
|
+
Output one report. No code edits in this phase.
|
|
95
371
|
|
|
96
|
-
For each finding:
|
|
97
372
|
\`\`\`
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
373
|
+
# Bullet-Proof Report — [Project name from recon]
|
|
374
|
+
Date: [today's date]
|
|
375
|
+
Threat model: [from recon]
|
|
376
|
+
|
|
377
|
+
## Exposure Surface Summary
|
|
378
|
+
[1-paragraph summary of the project's realistic exposure profile and where untrusted data enters]
|
|
379
|
+
|
|
380
|
+
## Sources / Sinks / Assets
|
|
381
|
+
[Compact tables from recon]
|
|
382
|
+
|
|
383
|
+
## Risk Matrix
|
|
384
|
+
| Severity | Count | Definition |
|
|
385
|
+
|---|---|---|
|
|
386
|
+
| Critical | N | RCE, full auth bypass, credential theft, fund loss |
|
|
387
|
+
| High | N | privilege escalation, data exposure with auth, supply-chain compromise |
|
|
388
|
+
| Medium | N | limited-scope info disclosure, weakened crypto, partial bypass |
|
|
389
|
+
|
|
390
|
+
## Findings
|
|
391
|
+
|
|
392
|
+
### [BP-001] <title> — Critical
|
|
393
|
+
- Location: path:line
|
|
394
|
+
- Category: <slug> CWE: CWE-XXX Confidence: 0.95
|
|
395
|
+
- Exposure surface: <entry point from Sources>
|
|
396
|
+
- Source → Sink: <e.g. \`POST /api/foo body.userId\` → \`subprocess.run(..., shell=True)\`>
|
|
397
|
+
- Vulnerability scenario:
|
|
398
|
+
1. Untrusted input <specific payload> reaches <source>
|
|
399
|
+
2. Server processes it as <what>
|
|
400
|
+
3. Result: <RCE / data exposure / auth bypass>
|
|
401
|
+
- Impact: <blast radius — what is exposed, how far it spreads>
|
|
402
|
+
- Fix: <concrete remediation, code-level>
|
|
403
|
+
|
|
404
|
+
[…repeat per finding, ordered Critical → High → Medium…]
|
|
405
|
+
|
|
406
|
+
## What was not flagged
|
|
407
|
+
[1-paragraph: which vulnerability classes returned zero findings, and how many findings the FP filter dropped — so the user sees the work, not just the survivors]
|
|
102
408
|
\`\`\`
|
|
103
409
|
|
|
104
|
-
|
|
410
|
+
## Phase 6: Ask before fixing
|
|
411
|
+
|
|
412
|
+
After the report, ask:
|
|
413
|
+
|
|
414
|
+
> Which (if any) should I fix? Options:
|
|
415
|
+
> - A) Create tasks for all Critical + High
|
|
416
|
+
> - B) Create tasks for specific findings (give IDs, e.g. "BP-001, BP-004")
|
|
417
|
+
> - C) Create tasks for a category (auth, supply chain, secrets, …)
|
|
418
|
+
> - D) None — report only
|
|
419
|
+
|
|
420
|
+
**Do not start fixing until the user picks.**
|
|
421
|
+
|
|
422
|
+
If the user chooses A, B, or C, do not fix directly. Instead, use the tasks tool to create one task per selected finding or tightly coupled finding group, ordered by severity, exploitability, and dependency. Each task prompt must be standalone and include the finding ID, vulnerability scenario, affected local files/anchors, concrete remediation, instructions to compare security-sensitive implementation details with kencode search or authoritative docs before editing, project verification commands, and instructions to compare the final fix with kencode search or authoritative docs again before marking the task complete. After creating tasks, tell the user exactly: "Tasks created. Press CTRL + T to open the Tasks Pane and press R to run all tasks." Do not begin executing them unless the user explicitly starts a task.
|
|
423
|
+
|
|
424
|
+
## Threat reference (May 2026)
|
|
425
|
+
|
|
426
|
+
Cite these as needed per audit. Do not dump them into the report — use them to verify whether a candidate is actually reachable.
|
|
427
|
+
|
|
428
|
+
**OWASP Top 10:2025** — A01 Broken Access Control (now includes SSRF), A02 Misconfig, **A03 Supply Chain Failures (new)**, A05 Injection (now includes prompt injection), **A10 Mishandling Exceptional Conditions (new — fail-open patterns)**.
|
|
429
|
+
|
|
430
|
+
**OWASP API Security Top 10 (2023)** — BOLA, Broken Auth, BOPLA, SSRF (API7).
|
|
431
|
+
|
|
432
|
+
**OWASP Top 10 for LLM Apps v2025** — LLM01 Prompt Injection (direct + indirect), LLM02 Sensitive Info Disclosure, LLM03 Supply Chain, LLM04 Data & Model Poisoning, LLM05 Improper Output Handling, LLM06 Excessive Agency, **LLM07 System Prompt Leakage (new)**, **LLM08 Vector & Embedding Weaknesses (new — RAG/embedding-store attacks)**, LLM09 Misinformation, LLM10 Unbounded Consumption.
|
|
433
|
+
|
|
434
|
+
**OWASP Top 10 for Agents 2026 (ASI01–10)** — Goal hijack, tool misuse, identity/privilege abuse, agentic supply chain, unexpected code exec, memory/context poisoning, inter-agent comms, cascading failures, human-trust exploit, rogue agents.
|
|
435
|
+
|
|
436
|
+
**Real 2024-2026 incidents — use as grep templates:**
|
|
437
|
+
- tj-actions/changed-files (Mar 14-15 2025, CVE-2025-30066, 23k repos) → unpinned GH Actions, \`uses: foo/bar@main\` / mutable tags, runner-memory secret dumps
|
|
438
|
+
- TanStack Mini Shai-Hulud (May 11 2026, CVE-2026-45321, CVSS 9.6 — 84 versions across 42 \`@tanstack/*\` + UiPath/Mistral/Guardrails/OpenSearch, 169+ packages total, "TeamPCP") → self-spreading npm worm, \`pull_request_target\` + cache poisoning + OIDC token extraction from \`/proc/<pid>/mem\`, persistent \`gh-token-monitor\` daemon
|
|
439
|
+
- Slopsquatting (ongoing 2025-2026, \`react-codeshift\` Jan 2026) → AI coding assistants hallucinate ~20% non-existent package names (open-source models ~21.7%, GPT-4 ~5.2%); malicious parties register the hallucinated names on npm/PyPI. **Verify every package actually existed BEFORE the agent suggested it** — check registry age, download history, author identity
|
|
440
|
+
- XZ Utils (CVE-2024-3094) → unverified maintainer takeovers, multi-year backdoor injection in install scripts
|
|
441
|
+
- Invariant Labs MCP hijack (May 2025) → MCP server returns malicious tool descriptions / crafted issue content
|
|
442
|
+
- Claude Code source-map leak (Mar 2026, 513k LOC) → \`*.map\` files in \`npm pack\` / shipped artifacts
|
|
443
|
+
- Embrace The Red DNS-exfil (Aug 2025) → coding agent coerced into encoding secrets in DNS queries
|
|
444
|
+
- IMDSv1 → AWS creds via SSRF (Mar 2025 campaign) → Terraform missing \`http_tokens = "required"\`
|
|
445
|
+
- GitGuardian 2026 — 28.6M GitHub secret leaks in 2025, 24k inside MCP config files
|
|
446
|
+
|
|
447
|
+
**Language-specific hot zones — only apply to languages actually present:**
|
|
448
|
+
- **Node/TS**: \`child_process.exec\`/\`execSync\`, \`spawn(..., {shell:true})\`, \`eval\`/\`Function\`, \`vm.runIn*\`, prototype pollution via \`lodash.merge\`/\`Object.assign({}, userJson)\`, \`serialize-javascript\`/\`node-serialize\`, source maps in published packages
|
|
449
|
+
- **Python**: \`pickle.load\`, \`yaml.load\` without \`SafeLoader\`, \`eval\`/\`exec\`, \`subprocess.*(shell=True)\`, \`os.system\`, \`Jinja2(autoescape=False)\`, \`flask.render_template_string(user_input)\`, \`requests(verify=False)\`, \`xml.etree\`/\`lxml\` without \`defusedxml\`
|
|
450
|
+
- **Go**: \`exec.Command("sh", "-c", userInput)\`, \`html/template\` vs \`text/template\` confusion, unbounded \`io.ReadAll\`, race-prone \`map\` access without lock
|
|
451
|
+
- **Rust**: \`unsafe\` blocks with raw pointers, \`Command::new("sh").arg("-c")\`, deserializing untrusted \`bincode\`/\`serde_pickle\`/\`serde_json\` with \`#[serde(deny_unknown_fields)]\` missing
|
|
452
|
+
- **Java/JVM**: \`ObjectInputStream\` deserialization, JNDI lookup (Log4Shell-style), \`Runtime.exec(String)\`, XXE in default XML parsers
|
|
453
|
+
- **Ruby**: \`eval\`/\`instance_eval\`, \`Marshal.load\`, \`YAML.load\` (not \`safe_load\`), \`Kernel#system\` with interpolation, mass assignment
|
|
454
|
+
- **PHP**: \`unserialize\`, \`eval\`, \`assert(string)\`, \`include $userInput\`, \`preg_replace\` /e modifier
|
|
455
|
+
- **C/C++**: unsafe \`strcpy\`/\`sprintf\`/\`gets\`, integer overflows, format strings (\`printf(userInput)\`), use-after-free, double-free
|
|
456
|
+
- **Solidity / EVM**: reentrancy, unchecked external calls, integer over/underflow (pre-0.8), \`tx.origin\` for auth, delegatecall to untrusted, oracle manipulation
|
|
457
|
+
- **Mobile (iOS/Android)**: insecure IPC / deep links / pasteboard, WebView \`addJavascriptInterface\`, exported activities/intents without permission checks, insecure local storage
|
|
458
|
+
|
|
459
|
+
## Rules
|
|
460
|
+
|
|
461
|
+
- **Recon first, audits second.** No audit fires without a recon-identified entry surface to justify it.
|
|
462
|
+
- **No pattern-only findings.** Every flag must have a Sources → Sinks path traced through the code.
|
|
463
|
+
- **No "could be improved" recommendations.** Either it's exploitable or it's not in scope.
|
|
464
|
+
- **Strict confidence gate (≥0.8).** Drop everything else, even if it looks suspicious.
|
|
465
|
+
- **Adapt to the stack, always.** The audit catalog and threat reference above are guidance, not a checklist to apply uniformly.
|
|
466
|
+
- **Report only.** Wait for the user to pick what to fix in Phase 6.`,
|
|
105
467
|
},
|
|
106
468
|
{
|
|
107
469
|
name: "research",
|
|
@@ -111,7 +473,7 @@ No findings is a valid outcome. If implementations match current practices, that
|
|
|
111
473
|
|
|
112
474
|
First, if it's not clear what the project is building, ask me to describe the features, target platform, and any constraints. If you can infer this from the codebase, proceed directly.
|
|
113
475
|
|
|
114
|
-
Then spawn 6 sub-agents in parallel using the subagent tool (call the subagent tool 6 times in a single response, each with a different task). Every agent must verify ALL recommendations - no training-data assumptions allowed.
|
|
476
|
+
Then spawn 6 sub-agents in parallel using the subagent tool (call the subagent tool 6 times in a single response, each with a different task). Every agent must verify ALL recommendations with current official docs, package registries, releases, or maintained source repositories - no training-data assumptions allowed. Use kencode search for architecture and implementation-shape comparisons where real code examples matter.
|
|
115
477
|
|
|
116
478
|
**Agent 1 - Project Scan**: Read the current working directory. Catalog what already exists: config files, installed deps, directory structure, language/framework already chosen. Report exactly what's in place.
|
|
117
479
|
|
|
@@ -127,10 +489,11 @@ Then spawn 6 sub-agents in parallel using the subagent tool (call the subagent t
|
|
|
127
489
|
|
|
128
490
|
## Agent Rules
|
|
129
491
|
|
|
130
|
-
1. Every recommendation MUST be verified - no guessing
|
|
131
|
-
2. Confirm latest stable versions - do not assume version numbers
|
|
132
|
-
3.
|
|
133
|
-
4.
|
|
492
|
+
1. Every recommendation MUST be verified with a source URL/date - no guessing
|
|
493
|
+
2. Confirm latest stable versions from official registries or release pages - do not assume version numbers
|
|
494
|
+
3. Verify CLI flags, config keys, and file formats against official docs before recommending them
|
|
495
|
+
4. Pick ONE best option per category - no "you could also use X"
|
|
496
|
+
5. No prose, no hedging, no alternatives lists - decisive answers only
|
|
134
497
|
|
|
135
498
|
## Output
|
|
136
499
|
|
|
@@ -168,20 +531,23 @@ Stack: [framework + language + runtime]
|
|
|
168
531
|
[URLs used for verification]
|
|
169
532
|
\`\`\`
|
|
170
533
|
|
|
171
|
-
Write the file, then summarize what was researched.`,
|
|
534
|
+
Write the file, then summarize what was researched and list the verification sources used. If any recommendation could not be verified from current official sources or maintained repos, omit it rather than guessing.`,
|
|
172
535
|
},
|
|
173
536
|
{
|
|
174
537
|
name: "init",
|
|
175
538
|
aliases: [],
|
|
176
539
|
description: "Generate or update CLAUDE.md for this project",
|
|
177
|
-
prompt: `Generate or update a minimal CLAUDE.md with project
|
|
540
|
+
prompt: `Generate or update a minimal CLAUDE.md with project-specific context only: what this project is, how it is structured, and commands/workflows that are unique to it.
|
|
541
|
+
|
|
542
|
+
Do NOT add generic agent behavior already covered by the system prompt, including: read before edit/write, re-read after formatters, ask before destructive actions, no fake verification, generic code-quality advice, single-responsibility rules, one-file-per-component rules, or language-style conventions. Include only project-specific overrides or stricter local requirements.
|
|
178
543
|
|
|
179
544
|
## Step 1: Check if CLAUDE.md Exists
|
|
180
545
|
|
|
181
546
|
If CLAUDE.md exists:
|
|
182
547
|
- Read the existing file
|
|
183
548
|
- Preserve custom sections the user may have added
|
|
184
|
-
- Update
|
|
549
|
+
- Update only project-specific facts that are stale or missing
|
|
550
|
+
- Remove generic guidance that is already covered by the system prompt unless it is a deliberate project-specific override
|
|
185
551
|
|
|
186
552
|
If CLAUDE.md does NOT exist:
|
|
187
553
|
- Create a new one from scratch
|
|
@@ -199,22 +565,30 @@ Wait for all sub-agents to complete, then synthesize the information.
|
|
|
199
565
|
## Step 3: Detect Project Type & Commands
|
|
200
566
|
|
|
201
567
|
Check for config files:
|
|
202
|
-
- package.json -> JavaScript/TypeScript (extract lint, typecheck, server scripts)
|
|
568
|
+
- package.json -> JavaScript/TypeScript (extract package-manager, build, lint, typecheck, test, format, and server scripts)
|
|
203
569
|
- pyproject.toml or requirements.txt -> Python
|
|
204
570
|
- go.mod -> Go
|
|
205
571
|
- Cargo.toml -> Rust
|
|
206
572
|
|
|
207
|
-
Extract
|
|
573
|
+
Extract exact commands that are useful project facts. Verify commands against local package scripts, manifests, Makefiles, CI, or documented project workflows; do not invent commands from convention alone. Do not restate generic "run checks after edits" behavior unless this project requires a stricter command sequence than the system prompt's Verification section.
|
|
208
574
|
|
|
209
|
-
## Step 4:
|
|
575
|
+
## Step 4: Summarize Stable Structure
|
|
210
576
|
|
|
211
|
-
|
|
577
|
+
If useful, create a concise structure summary for future agents showing only key stable directories and files with brief descriptions. Do NOT embed generated symbol maps, exhaustive file indexes, generated repo maps, auto-generated directory listings, or large trees in CLAUDE.md.
|
|
212
578
|
|
|
213
579
|
## Step 5: Generate or Update CLAUDE.md
|
|
214
580
|
|
|
215
|
-
Create CLAUDE.md with
|
|
581
|
+
Create CLAUDE.md with only sections that add project-specific value. Prefer this structure:
|
|
582
|
+
|
|
583
|
+
- Project name and one-sentence purpose
|
|
584
|
+
- Key packages/apps/modules and what each owns
|
|
585
|
+
- Important project-specific architecture or workflow notes
|
|
586
|
+
- Exact local commands (install/build/check/test/dev/publish/deploy) when they are not obvious from package scripts alone
|
|
587
|
+
- Project-specific constraints that override defaults (for example required publish order, generated-file workflow, auth/secrets storage, deployment caveats)
|
|
216
588
|
|
|
217
|
-
|
|
589
|
+
Avoid generic sections named "Code Quality", "Organization Rules", or "How to Work" unless every bullet is specific to this project. Do not duplicate language style packs or generic verification rules. Do not add generated repo maps, symbol indexes, exhaustive file indexes, or auto-generated project inventories; CLAUDE.md must remain durable, agent-focused project context.
|
|
590
|
+
|
|
591
|
+
Keep total file under 100 lines. If updating, preserve any custom sections the user added. After writing, re-read CLAUDE.md and confirm it contains only project-specific facts supported by local files.
|
|
218
592
|
|
|
219
593
|
## Step 6: Restart Notice
|
|
220
594
|
|
|
@@ -250,7 +624,7 @@ Based on the project type, check if linting/typechecking tools are already confi
|
|
|
250
624
|
|
|
251
625
|
## Step 3: Install Missing Tools (if needed)
|
|
252
626
|
|
|
253
|
-
Only install what's missing. Use the detected package manager.
|
|
627
|
+
Only install what's missing. Use the detected package manager. Before installing or writing config, verify current recommended setup, CLI flags, and config filenames against official docs for the selected tools.
|
|
254
628
|
|
|
255
629
|
## Step 4: Generate /fix Command
|
|
256
630
|
|
|
@@ -288,7 +662,7 @@ Replace [INSERT PROJECT-SPECIFIC COMMANDS] with the actual commands for the dete
|
|
|
288
662
|
|
|
289
663
|
## Step 5: Confirm
|
|
290
664
|
|
|
291
|
-
Report what was detected, what was installed, and that /fix is now available.`,
|
|
665
|
+
Report what was detected, what official docs or local configs were used to verify it, what was installed, and that /fix is now available.`,
|
|
292
666
|
},
|
|
293
667
|
{
|
|
294
668
|
name: "setup-commit",
|
|
@@ -300,9 +674,11 @@ Report what was detected, what was installed, and that /fix is now available.`,
|
|
|
300
674
|
|
|
301
675
|
Check for config files and extract the lint/typecheck commands:
|
|
302
676
|
- package.json -> Extract lint, typecheck scripts
|
|
303
|
-
- pyproject.toml -> Use mypy, pylint/ruff
|
|
304
|
-
- go.mod -> Use go vet
|
|
305
|
-
- Cargo.toml -> Use cargo clippy
|
|
677
|
+
- pyproject.toml -> Use configured mypy, pylint/ruff commands
|
|
678
|
+
- go.mod -> Use configured go vet/gofmt/staticcheck commands
|
|
679
|
+
- Cargo.toml -> Use configured cargo clippy/fmt commands
|
|
680
|
+
|
|
681
|
+
Prefer existing project scripts. If you must synthesize a command from tool conventions, verify the current CLI flags against official docs first.
|
|
306
682
|
|
|
307
683
|
## Step 2: Generate /commit Command
|
|
308
684
|
|
|
@@ -337,7 +713,7 @@ Keep the command file under 20 lines.
|
|
|
337
713
|
|
|
338
714
|
## Step 3: Confirm
|
|
339
715
|
|
|
340
|
-
Report that /commit is now available with quality checks and AI-generated commit messages.`,
|
|
716
|
+
Report that /commit is now available with quality checks and AI-generated commit messages, and mention which local scripts/docs verified the commands.`,
|
|
341
717
|
},
|
|
342
718
|
{
|
|
343
719
|
name: "setup-tests",
|
|
@@ -351,7 +727,7 @@ Detect the project type, framework, and architecture. Identify all critical busi
|
|
|
351
727
|
|
|
352
728
|
## Step 2: Determine Testing Strategy
|
|
353
729
|
|
|
354
|
-
Use these tools based on project type (2025-2026 best practices):
|
|
730
|
+
Use these tools based on project type (2025-2026 best practices), but verify current versions, install commands, config files, and runner flags against official docs before installing anything:
|
|
355
731
|
|
|
356
732
|
| Language | Unit/Integration | E2E | Notes |
|
|
357
733
|
|----------|------------------|-----|-------|
|
|
@@ -370,7 +746,7 @@ Spawn 4 sub-agents in parallel using the subagent tool (call the subagent tool 4
|
|
|
370
746
|
**Agent 3 - Integration Tests**: Create integration tests for APIs, database operations, and service interactions
|
|
371
747
|
**Agent 4 - E2E Tests** (if applicable): Create end-to-end tests for critical user flows
|
|
372
748
|
|
|
373
|
-
Each agent should create COMPREHENSIVE tests covering all critical code paths - not just samples.
|
|
749
|
+
Each agent should create COMPREHENSIVE tests covering all critical code paths - not just samples. Each agent must verify test framework APIs and helper patterns against official docs or current maintained examples before adding tests.
|
|
374
750
|
|
|
375
751
|
## Step 4: Verify and Generate /test Command
|
|
376
752
|
|
|
@@ -403,7 +779,7 @@ Replace placeholders with the actual test commands for this project.
|
|
|
403
779
|
|
|
404
780
|
## Step 5: Report
|
|
405
781
|
|
|
406
|
-
Summarize what was set up, how many tests were created, and that /test is now available.`,
|
|
782
|
+
Summarize what was set up, how many tests were created, what official docs/current examples verified the setup, and that /test is now available.`,
|
|
407
783
|
},
|
|
408
784
|
{
|
|
409
785
|
name: "setup-update",
|
|
@@ -451,7 +827,7 @@ Run a clean install and read ALL output carefully. Look for:
|
|
|
451
827
|
## Step 4: Fix Issues
|
|
452
828
|
|
|
453
829
|
For each warning/deprecation:
|
|
454
|
-
1. Research the recommended replacement or fix
|
|
830
|
+
1. Research the recommended replacement or fix using official changelogs, migration guides, advisories, or package docs
|
|
455
831
|
2. Update code/dependencies accordingly
|
|
456
832
|
3. Re-run installation
|
|
457
833
|
4. Verify no warnings remain
|
|
@@ -471,7 +847,7 @@ Replace all placeholders with the actual commands for the detected project type
|
|
|
471
847
|
|
|
472
848
|
## Step 3: Confirm
|
|
473
849
|
|
|
474
|
-
Report that /update is now available with dependency updates, security audits, and deprecation fixes.`,
|
|
850
|
+
Report that /update is now available with dependency updates, security audits, and deprecation fixes, and mention that generated update steps require official changelog/migration-guide verification before applying changes.`,
|
|
475
851
|
},
|
|
476
852
|
{
|
|
477
853
|
name: "setup-eyes",
|
|
@@ -485,7 +861,7 @@ Build the perception probes this project needs and document them in CLAUDE.md so
|
|
|
485
861
|
|
|
486
862
|
1. \`ezcoder eyes list\` — see what's already installed/verified. **Resume**, don't restart. Skip verified probes; re-run failed ones.
|
|
487
863
|
2. \`ezcoder eyes detect\` — emits JSON of \`{capability: {candidates, primary}}\` for this project.
|
|
488
|
-
3. **Pick 3–8 capabilities to install this run.** Heuristics:
|
|
864
|
+
3. **Pick 3–8 capabilities to install this run.** Verify any capability assumptions against \`ezcoder eyes\` help output or official/local CLI docs before installing. Heuristics:
|
|
489
865
|
- Universal: \`http\` for any API/backend, \`runtime_logs\` for anything with a server.
|
|
490
866
|
- UI: \`visual\` — for multi-stack projects (e.g. React Native), install all primary candidates with distinct names: \`install visual --impl playwright --as visual-web\`, \`install visual --impl adb --as visual-android\`, \`install visual --impl simctl --as visual-ios\`.
|
|
491
867
|
- Backend with email/webhooks: \`capture_email\`, \`capture_webhook\`.
|
|
@@ -493,7 +869,7 @@ Build the perception probes this project needs and document them in CLAUDE.md so
|
|
|
493
869
|
4. For each pick: \`ezcoder eyes install <cap> [--impl <name>] [--as <name>]\`. On failure: retry once, then mark and continue — don't abort the whole run.
|
|
494
870
|
5. \`ezcoder eyes verify\` — runs every installed probe's self-test. Some failures (\`adb\` no device, \`simctl\` no booted simulator) are expected; they get recorded.
|
|
495
871
|
6. **Write/update the \`## Eyes\` section in CLAUDE.md** (create CLAUDE.md if missing; do NOT clobber other sections). Use the template below. The triggers are the load-bearing piece — make them project-specific and actionable.
|
|
496
|
-
7. **Report**: list verified ✓ / failed ✗ / deferred. End with the restart notice.
|
|
872
|
+
7. **Report**: list verified ✓ / failed ✗ / deferred, and note which probe self-tests or docs verified the setup. End with the restart notice.
|
|
497
873
|
|
|
498
874
|
## CLAUDE.md \`## Eyes\` template
|
|
499
875
|
|
|
@@ -577,9 +953,9 @@ Read the open signals in \`.ezcoder/eyes/journal.jsonl\`, group related ones, pr
|
|
|
577
953
|
- **New/updated trigger**: bullet added under \`## Eyes → When to use\` in CLAUDE.md.
|
|
578
954
|
5. Present all proposals as a numbered list with diffs inline. Ask: **"Accept which? Reply with numbers (e.g. '1, 3') or 'none'."**
|
|
579
955
|
6. On user reply:
|
|
580
|
-
- For accepted: apply the change. Then \`ezcoder eyes log ack <id>\` for every journal entry the proposal covers.
|
|
956
|
+
- For accepted: apply the change. Then run the relevant probe self-test or a focused command that exercises the changed probe/trigger. Then \`ezcoder eyes log ack <id>\` for every journal entry the proposal covers.
|
|
581
957
|
- For unmentioned / rejected: \`ezcoder eyes log defer <id>\` so they stop appearing in context every turn. The user can resurrect deferred entries later.
|
|
582
|
-
7. **Report**: applied changes (one line each), entries acked, entries deferred.
|
|
958
|
+
7. **Report**: applied changes (one line each), verification run, entries acked, entries deferred.
|
|
583
959
|
|
|
584
960
|
## Rules
|
|
585
961
|
|
|
@@ -641,7 +1017,9 @@ Review the same changes for efficiency:
|
|
|
641
1017
|
|
|
642
1018
|
Wait for all three agents to complete. Aggregate their findings and fix each issue directly. If a finding is a false positive or not worth addressing, note it and move on — do not argue with the finding, just skip it.
|
|
643
1019
|
|
|
644
|
-
|
|
1020
|
+
Before making any non-trivial pattern/API change, verify the intended approach against local neighboring code first; use kencode search or official docs when the change touches framework APIs, lifecycle behavior, concurrency, cleanup, or other conventions where real-world practice matters.
|
|
1021
|
+
|
|
1022
|
+
When done, run relevant project checks/tests, then briefly summarize what was fixed (or confirm the code was already clean) and what verification ran.`,
|
|
645
1023
|
},
|
|
646
1024
|
{
|
|
647
1025
|
name: "batch",
|
|
@@ -703,11 +1081,12 @@ For each worker, the task must be fully self-contained. Include:
|
|
|
703
1081
|
\`\`\`
|
|
704
1082
|
After you finish implementing the change:
|
|
705
1083
|
1. Self-review your diff for code reuse, quality, and efficiency. Search the codebase for existing utilities that could replace new code. Fix any issues found.
|
|
706
|
-
2.
|
|
707
|
-
3.
|
|
708
|
-
4.
|
|
709
|
-
5.
|
|
710
|
-
6.
|
|
1084
|
+
2. For framework/API/config changes, compare the approach with official docs or kencode search examples before finalizing. Do not use kencode for purely local renames or mechanical edits.
|
|
1085
|
+
3. Run the project's test suite (check for package.json scripts, Makefile targets, or common commands like npm test, pnpm test, pytest, go test). If tests fail, fix them.
|
|
1086
|
+
4. Follow the e2e test recipe above. If it says to skip e2e, skip it.
|
|
1087
|
+
5. Commit all changes with a clear message, push the branch, and create a PR with gh pr create. Use a descriptive title.
|
|
1088
|
+
6. Switch back to the original branch with git checkout -.
|
|
1089
|
+
7. End with exactly: PR: <url> or PR: none — <reason>
|
|
711
1090
|
\`\`\`
|
|
712
1091
|
|
|
713
1092
|
## Phase 4: Track Results
|
|
@@ -803,7 +1182,7 @@ Don't invent. Don't pad.
|
|
|
803
1182
|
|
|
804
1183
|
After all sub-agents complete, use the **skill** tool to invoke the \`find-skills\` skill. Feed it the aggregated candidate list with search terms. Let find-skills drive discovery across skills.sh, vercel-labs/agent-skills, and anthropics/skills.
|
|
805
1184
|
|
|
806
|
-
For each candidate, record the best 0–1 ecosystem match: skill name, source repo URL. If no fit exists, record "no match". **Do NOT install anything yet.**
|
|
1185
|
+
For each candidate, record the best 0–1 ecosystem match: skill name, source repo URL, and enough evidence from the skill README/source to prove it fits this project. If no fit exists, record "no match". **Do NOT install anything yet.**
|
|
807
1186
|
|
|
808
1187
|
## Phase 5: Prioritized recommendation
|
|
809
1188
|
|
|
@@ -886,7 +1265,7 @@ Report which are present, missing, or configured below the pack's strictness rec
|
|
|
886
1265
|
|
|
887
1266
|
"Active style packs" refers specifically to the per-language sub-sections inside the **Language Style Packs** section in your system prompt (e.g. \`### TypeScript\`, \`### Python\`, \`### Go\`). It does **NOT** include the cross-cutting \`### Agent-Written Code\` preamble that sits above them — those are guidelines for how code is *written*, not project-scaffolding to audit. It also does **NOT** include Skills (\`.ezcoder/skills/\`) or any other extension category. If the Language Style Packs section is absent or empty, **skip this entire section entirely** — do not substitute Skills or any other concept.
|
|
888
1267
|
|
|
889
|
-
When per-language packs are present, compare the project against each pack's **Tooling** bullet and the system prompt's **Verification** commands:
|
|
1268
|
+
When per-language packs are present, compare the project against each pack's **Tooling** bullet and the system prompt's **Verification** commands. For tool recommendations or config semantics, verify against official docs when local files are ambiguous:
|
|
890
1269
|
- Tooling: which strict-mode flags or lint-rule presets does the pack recommend that the project is missing? (e.g. \`tsconfig\` missing \`noUncheckedIndexedAccess\`, \`pyproject\` missing \`[tool.ruff]\`, Go project missing \`golangci-lint\` config).
|
|
891
1270
|
- Dependencies: list which pack-mentioned libs (Zod, Pydantic, thiserror, anyhow, etc.) the project uses, has an equivalent for, or lacks. **Observation only — no recommendation to install.**
|
|
892
1271
|
|
|
@@ -921,15 +1300,16 @@ At the end:
|
|
|
921
1300
|
<N> gaps in hygiene, <N> in tooling, <N> in verify pipeline, <N> in style-pack alignment.
|
|
922
1301
|
|
|
923
1302
|
Which (if any) would you like me to fix? Options:
|
|
924
|
-
- A)
|
|
925
|
-
- B)
|
|
926
|
-
- C)
|
|
1303
|
+
- A) Create tasks for all [GAP] items that are safe + additive (no overwrites)
|
|
1304
|
+
- B) Create tasks for a category: hygiene / tooling / verify / style-pack alignment
|
|
1305
|
+
- C) Create tasks for specific items — tell me which
|
|
927
1306
|
- D) None — just the report
|
|
928
1307
|
\`\`\`
|
|
929
1308
|
|
|
930
1309
|
## Rules
|
|
931
1310
|
|
|
932
1311
|
- **Report only.** No edits, no installs, no commits without explicit user confirmation after the report.
|
|
1312
|
+
- **Task handoff for fixes.** If the user chooses A, B, or C, do not fix directly. Use the tasks tool to create one standalone task per selected gap or tightly coupled gap group. Each task must include the gap, affected files/configs, safe-additive constraints, implementation instructions, project verification commands, and instructions to verify relevant tool/config semantics against official docs before marking the task complete. Use kencode search only for code-level examples, not as proof of scaffolding requirements. After creating tasks, tell the user exactly: "Tasks created. Press CTRL + T to open the Tasks Pane and press R to run all tasks." Do not begin executing them unless the user explicitly starts a task.
|
|
933
1313
|
- **No code refactors recommended.** This audit is about scaffolding/tooling, not code review. Use \`/scan\` or \`/verify\` for code-level findings.
|
|
934
1314
|
- **No dependency installations in the report.** Listing them as observations is fine; recommending installation is not — that's the user's call.
|
|
935
1315
|
- **Skip empty categories.** If a category has no findings, omit it.
|