@pzy560117/codex-harness 0.1.0 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +8 -1
- package/lib/commands/init.js +7 -1
- package/lib/release/resolve-package-source.js +6 -1
- package/package-source/AGENTS.md +57 -0
- package/package-source/PACKAGE.md +49 -0
- package/package-source/README.md +81 -0
- package/package-source/docs/codex-harness-engineering/templates/README.md +20 -0
- package/package-source/docs/codex-harness-engineering/templates/bootstrap-codex-harness.ps1 +746 -0
- package/package-source/docs/codex-harness-engineering/templates/ci/github-action-codex-review.yml +110 -0
- package/package-source/docs/codex-harness-engineering/templates/ci/github-action-codex-task.yml +46 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/architect.toml +17 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/backend-worker.toml +14 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/docs-researcher.toml +13 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/docs-worker.toml +15 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/explorer.toml +14 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/failure-triage.toml +18 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/frontend-worker.toml +14 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/harness-writer.toml +15 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/planner.toml +15 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/readonly-research.toml +13 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/reviewer.toml +13 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/security-reviewer.toml +15 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/stage1-reviewer.toml +15 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/stage2-reviewer.toml +16 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/test-planner.toml +17 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/test-runner.toml +14 -0
- package/package-source/docs/codex-harness-engineering/templates/config/agents/visual-reviewer.toml +15 -0
- package/package-source/docs/codex-harness-engineering/templates/config/codex-agent-roles.md +24 -0
- package/package-source/docs/codex-harness-engineering/templates/config/codex-config.toml +38 -0
- package/package-source/docs/codex-harness-engineering/templates/config/codex-readme.md +67 -0
- package/package-source/docs/codex-harness-engineering/templates/config/env-check.ps1 +40 -0
- package/package-source/docs/codex-harness-engineering/templates/config/env.example +12 -0
- package/package-source/docs/codex-harness-engineering/templates/config/global-AGENTS.md +40 -0
- package/package-source/docs/codex-harness-engineering/templates/config/global-config.toml +19 -0
- package/package-source/docs/codex-harness-engineering/templates/config/mcp-config.toml +38 -0
- package/package-source/docs/codex-harness-engineering/templates/config/rules/agents.md +115 -0
- package/package-source/docs/codex-harness-engineering/templates/config/rules/coding-style.md +74 -0
- package/package-source/docs/codex-harness-engineering/templates/config/rules/constitution.md +290 -0
- package/package-source/docs/codex-harness-engineering/templates/config/rules/git.rules +41 -0
- package/package-source/docs/codex-harness-engineering/templates/config/rules/harness.rules +29 -0
- package/package-source/docs/codex-harness-engineering/templates/config/rules/patterns.md +59 -0
- package/package-source/docs/codex-harness-engineering/templates/config/rules/safety.rules +35 -0
- package/package-source/docs/codex-harness-engineering/templates/config/rules/testing.md +34 -0
- package/package-source/docs/codex-harness-engineering/templates/context/architecture-brief.md +58 -0
- package/package-source/docs/codex-harness-engineering/templates/context/dev-plan.md +160 -0
- package/package-source/docs/codex-harness-engineering/templates/context/feature-pack.md +101 -0
- package/package-source/docs/codex-harness-engineering/templates/context/repo-map.md +78 -0
- package/package-source/docs/codex-harness-engineering/templates/context/service-dependency-matrix.yaml +25 -0
- package/package-source/docs/codex-harness-engineering/templates/contracts/README.md +16 -0
- package/package-source/docs/codex-harness-engineering/templates/contracts/openapi.yaml +182 -0
- package/package-source/docs/codex-harness-engineering/templates/contracts/orval.config.ts +20 -0
- package/package-source/docs/codex-harness-engineering/templates/contracts/prism-usage.md +34 -0
- package/package-source/docs/codex-harness-engineering/templates/design/ai-image-brief.md +122 -0
- package/package-source/docs/codex-harness-engineering/templates/design/assets/README.md +24 -0
- package/package-source/docs/codex-harness-engineering/templates/design/component-map.md +31 -0
- package/package-source/docs/codex-harness-engineering/templates/design/design-brief.md +178 -0
- package/package-source/docs/codex-harness-engineering/templates/design/design-tokens.json +88 -0
- package/package-source/docs/codex-harness-engineering/templates/design/frontend-architecture.md +147 -0
- package/package-source/docs/codex-harness-engineering/templates/design/image-to-frontend-spec.md +108 -0
- package/package-source/docs/codex-harness-engineering/templates/design/screen-states.md +122 -0
- package/package-source/docs/codex-harness-engineering/templates/design/ui-image-review.md +60 -0
- package/package-source/docs/codex-harness-engineering/templates/design/visual-parity-review.md +124 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/architecture-constraints.md +83 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/demo-readme.md +73 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/frontend-quality-rules.md +138 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/governance-auto-repair.md +80 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/harness-architecture.md +78 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/install-manifest-governance.md +307 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/knowledge-architecture.md +219 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/knowledge-import.md +108 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/knowledge-lint.md +98 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/new-project-checklist.md +7 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/new-project-usage.md +152 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/project-agents-template.md +154 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/prompt-knowledge-integration.md +89 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/regression-rules.md +45 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/requirement-prep-kit/README.md +3 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/rule-governance.md +98 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/service-dependency-matrix.md +55 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/spec-to-ui-to-code-workflow.md +196 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/task-session-strategy.md +116 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/team-knowledge-sync.md +187 -0
- package/package-source/docs/codex-harness-engineering/templates/docs/trace-format.md +74 -0
- package/package-source/docs/codex-harness-engineering/templates/governance/branch-protection-checklist.md +50 -0
- package/package-source/docs/codex-harness-engineering/templates/governance/feedback-evolution-loop.md +55 -0
- package/package-source/docs/codex-harness-engineering/templates/governance/retry-budget.yaml +30 -0
- package/package-source/docs/codex-harness-engineering/templates/governance/risk-levels.yaml +53 -0
- package/package-source/docs/codex-harness-engineering/templates/governance/sandbox-policy.md +13 -0
- package/package-source/docs/codex-harness-engineering/templates/hooks/hook-stop-verify.ps1 +818 -0
- package/package-source/docs/codex-harness-engineering/templates/hooks/hooks.json +40 -0
- package/package-source/docs/codex-harness-engineering/templates/knowledge/catalog.md +6 -0
- package/package-source/docs/codex-harness-engineering/templates/knowledge/decisions/DECISION-HARNESS-001.md +39 -0
- package/package-source/docs/codex-harness-engineering/templates/knowledge/guidelines/GUIDELINE-RULES-001.md +30 -0
- package/package-source/docs/codex-harness-engineering/templates/knowledge/knowledge-catalog.md +41 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/.specify/memory/constitution.md +72 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/.specify/scripts/powershell/check-prerequisites.ps1 +148 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/.specify/scripts/powershell/common.ps1 +137 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/.specify/scripts/powershell/create-new-feature.ps1 +279 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/.specify/scripts/powershell/setup-plan.ps1 +61 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/.specify/scripts/powershell/update-agent-context.ps1 +448 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/.specify/templates/agent-file-template.md +28 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/.specify/templates/checklist-template.md +40 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/.specify/templates/e2e-plan-template.md +38 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/.specify/templates/plan-template.md +393 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/.specify/templates/spec-template.md +307 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/.specify/templates/tasks-template.md +244 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/architecture/constraints.md +98 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/README.md +122 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/START-HERE.md +53 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/agent-ecosystem-practices.md +140 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/best-practices.md +267 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/codex-global-rules-example.md +292 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/goal-templates.md +380 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/README.md +64 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/contracts/openapi.yaml +25 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/contracts/orval.config.ts +20 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/docs/design/ai-image-brief.md +44 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/docs/design/component-map.md +17 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/docs/design/design-brief.md +58 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/docs/design/frontend-architecture.md +107 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/docs/design/image-to-frontend-spec.md +72 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/docs/design/screen-states.md +25 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/docs/design/ui-image-review.md +38 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/docs/product/difficulty-research.md +39 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/docs/product/page-inventory.md +5 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/docs/product/prd-lite.md +41 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/docs/product/requirement-interface-matrix.md +32 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/docs/product/state-matrix.yaml +14 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/packages/api-client/generated/model/Ticket.ts +6 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/packages/api-client/generated/ticket-api.ts +35 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/packages/api-client/http-client.ts +8 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/packages/ui/TicketFilterBar.tsx +72 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/plans/features/ticket-filter.dev-plan.md +48 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/progress.txt +1 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/stories/TicketFilterBar.stories.tsx +33 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/task.json +54 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/traces/DEMO-TICKET-FILTER-001-20260422-120000.json +74 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/examples/ticket-filter-demo/verify.ps1 +42 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/global-rules-and-bootstrap.md +415 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/goal-harness-integration-guide.md +364 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/implementation-flow.md +288 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/implementation-guide.md +25 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/mode-matrix.md +57 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/project-agents-template.md +154 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/spec-to-ui-to-code-workflow.md +196 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/superpowers-codex-solo-builder-playbook.md +676 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/templates/design/component-map.md +31 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/templates/design/design-brief.md +178 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/templates/design/design-tokens.json +88 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/templates/design/frontend-architecture.md +147 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/templates/design/image-to-frontend-spec.md +108 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/templates/design/screen-states.md +122 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/templates/design/visual-parity-review.md +124 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/codex-harness-engineering/templates/docs/frontend-quality-rules.md +138 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/AGENTS.md +165 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/CHANGELOG.md +149 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/CLAUDE.md +61 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/CODE_OF_CONDUCT.md +83 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/CONTRIBUTING.md +465 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/README.md +1390 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/SECURITY.md +53 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/SPONSORING.md +43 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/SPONSORS.md +59 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/TROUBLESHOOTING.md +446 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/architect.md +232 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/build-error-resolver.md +119 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/chief-of-staff.md +155 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/code-reviewer.md +238 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/cpp-build-resolver.md +91 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/cpp-reviewer.md +79 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/database-reviewer.md +94 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/doc-updater.md +110 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/docs-lookup.md +68 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/e2e-runner.md +110 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/go-build-resolver.md +95 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/go-reviewer.md +83 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/harness-optimizer.md +35 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/java-build-resolver.md +154 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/java-reviewer.md +105 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/kotlin-build-resolver.md +119 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/loop-operator.md +37 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/planner.md +215 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/python-reviewer.md +106 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/pytorch-build-resolver.md +122 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/refactor-cleaner.md +92 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/rust-build-resolver.md +149 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/rust-reviewer.md +95 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/security-reviewer.md +112 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/tdd-guide.md +96 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/agents/typescript-reviewer.md +122 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/aside.md +173 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/build-fix.md +64 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/checkpoint.md +78 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/claw.md +51 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/code-review.md +43 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/context-budget.md +29 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/cpp-build.md +173 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/cpp-review.md +140 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/cpp-test.md +257 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/docs.md +32 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/e2e.md +389 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/eval.md +122 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/evolve.md +194 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/go-build.md +183 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/go-review.md +156 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/go-test.md +274 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/gradle-build.md +72 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/harness-audit.md +72 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/instinct-export.md +67 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/instinct-import.md +117 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/instinct-status.md +59 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/kotlin-build.md +176 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/kotlin-review.md +144 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/kotlin-test.md +315 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/learn-eval.md +117 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/learn.md +70 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/loop-start.md +33 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/loop-status.md +25 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/model-route.md +27 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/multi-backend.md +162 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/multi-execute.md +321 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/multi-frontend.md +162 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/multi-plan.md +278 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/plan.md +118 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/pm2.md +283 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/projects.md +39 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/promote.md +41 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/prompt-optimize.md +37 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/prune.md +31 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/python-review.md +319 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/quality-gate.md +30 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/refactor-clean.md +83 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/resume-session.md +154 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/rules-distill.md +11 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/rust-build.md +189 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/rust-review.md +146 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/rust-test.md +311 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/setup-pm.md +83 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/skill-create.md +176 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/skill-health.md +54 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/tdd.md +330 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/test-coverage.md +69 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/update-codemaps.md +73 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/update-docs.md +86 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/commands/verify.md +60 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/contexts/dev.md +23 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/contexts/research.md +30 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/contexts/review.md +25 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/examples/CLAUDE.md +100 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/examples/django-api-CLAUDE.md +308 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/examples/go-microservice-CLAUDE.md +267 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/examples/rust-api-CLAUDE.md +285 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/examples/saas-nextjs-CLAUDE.md +166 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/examples/user-CLAUDE.md +118 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/hooks/README.md +220 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/plugins/README.md +89 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/the-openclaw-guide.md +471 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/ecc-zh-CN/the-security-guide.md +206 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/external-knowledge/README.md +60 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/external-knowledge/app/Mobile_App_Production_Readiness_Framework_/347/247/273/345/212/250/347/253/257/345/205/250/345/271/263/345/217/260/347/224/237/344/272/247/345/217/257/344/270/212/347/272/277/350/247/204/350/214/203.md +2457 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/external-knowledge/app/catalog.md +33 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/external-knowledge/architecture.md +358 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/external-knowledge/common/AI_Coding_Production_Control_Framework_AI/345/206/231/345/256/214/347/232/204/344/273/243/347/240/201/345/246/202/344/275/225/344/270/215/345/244/261/346/216/247.md +2055 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/external-knowledge/common/catalog.md +34 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/external-knowledge/initial-content.md +296 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/external-knowledge/integration-roadmap.md +221 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/harness/architecture-constraints.md +83 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/harness/frontend-quality-rules.md +138 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/harness/governance-auto-repair.md +80 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/harness/service-dependency-matrix.md +55 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/docs/harness/speckit-requirements-gate.md +260 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/root/PACKAGE.md +49 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/root/README.md +52 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/root/init-project.ps1 +51 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/root/install-agent-here.ps1 +57 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/root/install-agent.ps1 +2506 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/root/install-user.ps1 +29 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/rules/agents.md +115 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/rules/coding-style.md +74 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/rules/constitution.md +290 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/rules/git.rules +41 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/rules/harness.rules +29 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/rules/patterns.md +59 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/rules/safety.rules +35 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/rules/testing.md +34 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/scripts/ai-workflow/check-ai-sync-drift.ps1 +205 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/scripts/ai-workflow/sync-ai-config-to-targets.ps1 +826 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/scripts/ai-workflow/sync-targets.example.json +35 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/scripts/harness/harness-governance-check.ps1 +366 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/HOW_TO_USE_SKILLS.md +91 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/academic-mermaid-diagrams/SKILL.md +172 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ai-config-git-sync/SKILL.md +152 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ai-config-git-sync/references/command-recipes.md +92 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ai-ui-prompts/SKILL.md +350 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/allure-report/SKILL.md +230 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/allure-report/examples/usage.md +99 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/allure-report/scripts/view-allure.ps1 +28 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/api-auto-testing/SKILL.md +329 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/api-contract-template/SKILL.md +88 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/api-design/SKILL.md +139 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/api-integration/SKILL.md +302 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/architect/SKILL.md +211 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/auto-commit/SKILL.md +322 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/backend-patterns/SKILL.md +582 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/baseline-ui/SKILL.md +85 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/better-icons/SKILL.md +129 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/brand-design-md/README.md +215 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/brand-design-md/SKILL.md +191 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/browser-e2e-testing/SKILL.md +305 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/build-error-resolver/SKILL.md +532 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/build-fix/SKILL.md +34 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/business-rule-spec/SKILL.md +99 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/celery-tasks/SKILL.md +95 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/checkpoint/SKILL.md +79 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/cicd/SKILL.md +167 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/claude-openrouter-clash-debug/SKILL.md +100 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/claude-openrouter-clash-debug/references/windows-openrouter-clash-playbook.md +94 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/claude-openrouter-clash-debug/scripts/diagnose-openrouter-route.ps1 +282 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/claude-openrouter-clash-debug/scripts/ensure-openrouter-rule.ps1 +101 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/clickhouse-io/SKILL.md +429 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/code-review/SKILL.md +171 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/code-reviewer/SKILL.md +104 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/coding-standards/SKILL.md +520 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/consistency-checklist/SKILL.md +57 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/continuous-learning/SKILL.md +80 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/continuous-learning/config.json +18 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/continuous-learning/evaluate-session.sh +60 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/core-rules/SKILL.md +78 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/data-flow-spec/SKILL.md +63 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/database/SKILL.md +147 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/deep-interview/SKILL.md +154 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/django-drf/SKILL.md +97 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/doc-updater/SKILL.md +452 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/docker/SKILL.md +216 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/docx/SKILL.md +105 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/e2e/SKILL.md +364 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/e2e-runner/SKILL.md +708 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/error-handling/SKILL.md +245 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/eval/SKILL.md +125 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/eval-harness/SKILL.md +226 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/example-skill/README.md +37 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/example-skill/SKILL.md +141 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/example-skill/examples/usage.md +76 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/example-skill/resources/config.json +21 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/example-skill/scripts/helper.py +24 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/exception-handling-spec/SKILL.md +88 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/find-skill/SKILL.md +95 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/fixing-accessibility/SKILL.md +136 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/fixing-metadata/SKILL.md +111 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/fixing-motion-performance/SKILL.md +151 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/frontend-design/SKILL.md +58 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/frontend-first-workflow/SKILL.md +187 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/frontend-patterns/SKILL.md +631 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/fullstack-workflow/SKILL.md +85 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/git-workflow/SKILL.md +108 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/git-xianyu-analyzer/SKILL.md +346 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/git-xianyu-analyzer/scripts/download_images.py +112 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/github-research/SKILL.md +213 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/glue-coding/SKILL.md +389 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/glue-coding-workflow/SKILL.md +230 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/harness-surface-sync/SKILL.md +188 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/harness-surface-sync/references/current-repo-sync-matrix.md +110 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/harness-surface-sync/references/stale-patterns.md +65 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/SKILL.md +152 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/agents/openai.yaml +4 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/adapt.md +190 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/animate.md +173 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/audit.md +134 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/bolder.md +113 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/brand.md +104 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/clarify.md +174 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/cognitive-load.md +106 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/color-and-contrast.md +105 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/colorize.md +154 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/craft.md +138 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/critique.md +213 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/delight.md +302 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/distill.md +111 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/document.md +427 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/extract.md +70 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/harden.md +347 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/heuristics-scoring.md +234 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/interaction-design.md +195 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/layout.md +141 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/live.md +513 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/motion-design.md +99 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/onboard.md +234 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/optimize.md +258 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/overdrive.md +130 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/personas.md +178 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/polish.md +232 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/product.md +62 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/quieter.md +99 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/responsive-design.md +114 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/shape.md +136 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/spatial-design.md +100 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/teach.md +137 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/typeset.md +124 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/typography.md +159 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/reference/ux-writing.md +107 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/cleanup-deprecated.mjs +284 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/command-metadata.json +94 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/design-parser.mjs +820 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/detect-csp.mjs +198 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/is-generated.mjs +69 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/live-accept.mjs +465 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/live-browser.js +4684 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/live-inject.mjs +436 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/live-poll.mjs +187 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/live-server.mjs +679 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/live-wrap.mjs +395 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/live.mjs +247 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/load-context.mjs +93 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/modern-screenshot.umd.js +14 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/impeccable/scripts/pin.mjs +214 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/init-autopilot/SKILL.md +143 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/interaction-detail-spec/SKILL.md +98 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/knowledge-base/SKILL.md +87 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/langgraph/SKILL.md +108 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/learn/SKILL.md +75 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/log-analysis-optimization/SKILL.md +247 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/mcp-builder/SKILL.md +50 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/midscene-fix-review/SKILL.md +115 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/midscene-framework/SKILL.md +675 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/midscene-log-analysis/SKILL.md +146 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/mobile-e2e-test-case/SKILL.md +78 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/mock-strategy/SKILL.md +111 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/openspec-apply/SKILL.md +23 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/openspec-architecture-review/SKILL.md +532 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/openspec-archive/SKILL.md +27 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/openspec-proposal/SKILL.md +28 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/orchestrate/SKILL.md +177 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/page-spec-template/SKILL.md +95 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pdf/SKILL.md +116 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/performance/SKILL.md +169 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/plan/SKILL.md +114 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/planner/SKILL.md +119 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/SKILL.md +483 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/html2pptx.md +626 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-chart.xsd +1499 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-chartDrawing.xsd +146 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-diagram.xsd +1085 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-lockedCanvas.xsd +11 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-main.xsd +3081 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-picture.xsd +23 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-spreadsheetDrawing.xsd +185 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/dml-wordprocessingDrawing.xsd +287 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/pml.xsd +1676 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-additionalCharacteristics.xsd +28 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-bibliography.xsd +144 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-commonSimpleTypes.xsd +174 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-customXmlDataProperties.xsd +25 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-customXmlSchemaProperties.xsd +18 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-documentPropertiesCustom.xsd +59 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-documentPropertiesExtended.xsd +56 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-documentPropertiesVariantTypes.xsd +195 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-math.xsd +582 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/shared-relationshipReference.xsd +25 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/sml.xsd +4439 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/vml-main.xsd +570 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/vml-officeDrawing.xsd +509 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/vml-presentationDrawing.xsd +12 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/vml-spreadsheetDrawing.xsd +108 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/vml-wordprocessingDrawing.xsd +96 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/wml.xsd +3646 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ISO-IEC29500-4_2016/xml.xsd +116 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ecma/fouth-edition/opc-contentTypes.xsd +42 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ecma/fouth-edition/opc-coreProperties.xsd +50 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ecma/fouth-edition/opc-digSig.xsd +49 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/ecma/fouth-edition/opc-relationships.xsd +33 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/mce/mc.xsd +75 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/microsoft/wml-2010.xsd +560 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/microsoft/wml-2012.xsd +67 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/microsoft/wml-2018.xsd +14 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/microsoft/wml-cex-2018.xsd +20 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/microsoft/wml-cid-2016.xsd +13 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/microsoft/wml-sdtdatahash-2020.xsd +4 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/schemas/microsoft/wml-symex-2015.xsd +8 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/scripts/pack.py +159 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/scripts/unpack.py +29 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/scripts/validate.py +69 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/scripts/validation/__init__.py +15 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/scripts/validation/base.py +951 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/scripts/validation/docx.py +274 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/scripts/validation/pptx.py +315 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml/scripts/validation/redlining.py +279 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/ooxml.md +427 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/scripts/html2pptx.js +995 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/scripts/inventory.py +1020 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/scripts/rearrange.py +231 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/scripts/replace.py +385 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/pptx/scripts/thumbnail.py +450 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/prd-writer-skill/SKILL.md +106 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/prd-writer-skill/references/cloudflare-deploy.md +133 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/prd-writer-skill/references/feature-list-template.md +67 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/prd-writer-skill/references/prd-template.md +150 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/prd-writer-skill/references/prompts.md +88 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/prd-writer-skill/references/prototype-guide.md +156 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/prd-writer-skill/references/quality-checklist.md +120 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/project-context-template/SKILL.md +187 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/project-guidelines-example/SKILL.md +350 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/project-planning/SKILL.md +134 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/project-setup/SKILL.md +148 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/prompts-library/SKILL.md +362 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/property-testing/SKILL.md +304 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/qa-e2e-planner/SKILL.md +41 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/qa-e2e-runner/SKILL.md +27 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/qa-mock-cleaner/SKILL.md +29 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/qoder-codex-api-config/SKILL.md +67 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/qoder-codex-api-config/agents/openai.yaml +7 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/qoder-codex-api-config/scripts/configure-qoder-codex-api.ps1 +278 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/refactor-clean/SKILL.md +33 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/refactor-cleaner/SKILL.md +306 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/refactoring/SKILL.md +114 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/requirements-design-template/SKILL.md +825 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/security/SKILL.md +166 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/security-review/SKILL.md +494 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/security-reviewer/SKILL.md +545 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/skill-creator/SKILL.md +356 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/skill-creator/scripts/init_skill.py +303 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/skill-creator/scripts/package_skill.py +110 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/skill-creator/scripts/quick_validate.py +95 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/skill-generator/SKILL.md +491 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/skills-index.md +112 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/spec-based-review/SKILL.md +178 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/spec-review/SKILL.md +395 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/speckit-analyze/SKILL.md +144 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/speckit-checklist/SKILL.md +126 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/speckit-clarify/SKILL.md +108 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/speckit-constitution/SKILL.md +83 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/speckit-e2e-tasks/SKILL.md +54 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/speckit-implement/SKILL.md +143 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/speckit-plan/SKILL.md +224 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/speckit-specify/SKILL.md +229 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/speckit-tasks/SKILL.md +187 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/speckit-taskstoissues/SKILL.md +32 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/speckit-verify/SKILL.md +142 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/state-management/SKILL.md +164 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/strategic-compact/SKILL.md +63 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/strategic-compact/suggest-compact.sh +52 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/sync-project-root-docs/SKILL.md +143 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/sync-project-root-docs/references/current-repo-notes.md +41 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/sync-project-root-docs/references/github-samples.md +33 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/sync-project-root-docs/scripts/collect-root-doc-facts.ps1 +145 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/taste-skill/SKILL.md +226 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/tdd/SKILL.md +327 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/tdd-guide/SKILL.md +280 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/tdd-workflow/SKILL.md +409 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/test-coverage/SKILL.md +32 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/thesis-writing/SKILL.md +841 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/thesis-writing/references/ai-integrity-and-originality.md +191 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/thesis-writing/references/citation-templates.md +99 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/thesis-writing/references/final-checklist.md +60 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/thesis-writing/references/photographer-booking-paper.md +85 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/thesis-writing/references/template-qingdao-city-university.md +182 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/thesis-writing/references/test-result-templates.md +22 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/thesis-writing/references/thesis-analysis-template.md +63 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/typescript/SKILL.md +152 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/SKILL.md +292 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/charts.csv +26 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/colors.csv +97 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/icons.csv +101 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/landing.csv +31 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/products.csv +97 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/react-performance.csv +45 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/stacks/astro.csv +54 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/stacks/flutter.csv +53 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/stacks/html-tailwind.csv +56 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/stacks/jetpack-compose.csv +53 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/stacks/nextjs.csv +53 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/stacks/nuxt-ui.csv +51 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/stacks/nuxtjs.csv +59 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/stacks/react-native.csv +52 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/stacks/react.csv +54 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/stacks/shadcn.csv +61 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/stacks/svelte.csv +54 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/stacks/swiftui.csv +51 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/stacks/vue.csv +50 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/styles.csv +68 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/typography.csv +58 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/ui-reasoning.csv +101 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/ux-guidelines.csv +100 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/data/web-interface.csv +31 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/scripts/core.py +253 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/scripts/design_system.py +1067 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/ui-ux-pro-max/scripts/search.py +114 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/update-codemaps/SKILL.md +36 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/update-docs/SKILL.md +36 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/verification-loop/SKILL.md +125 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/verify/SKILL.md +64 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/vitest/SKILL.md +248 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/vue-arco/SKILL.md +119 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/webapp-testing/SKILL.md +179 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/skills/xlsx/SKILL.md +142 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/workflows/README.md +15 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/workflows/speckit.analyze.md +149 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/workflows/speckit.checklist.md +125 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/workflows/speckit.clarify.md +107 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/workflows/speckit.constitution.md +82 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/workflows/speckit.e2e-testing.md +59 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/workflows/speckit.implement.md +129 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/workflows/speckit.plan.md +223 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/workflows/speckit.specify.md +228 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/workflows/speckit.tasks.md +186 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/workflows/speckit.taskstoissues.md +31 -0
- package/package-source/docs/codex-harness-engineering/templates/package-assets/workflows/speckit.verify.md +130 -0
- package/package-source/docs/codex-harness-engineering/templates/product/acceptance-criteria.md +47 -0
- package/package-source/docs/codex-harness-engineering/templates/product/difficulty-research.md +47 -0
- package/package-source/docs/codex-harness-engineering/templates/product/page-inventory.md +21 -0
- package/package-source/docs/codex-harness-engineering/templates/product/prd-lite.md +158 -0
- package/package-source/docs/codex-harness-engineering/templates/product/requirement-interface-matrix.md +37 -0
- package/package-source/docs/codex-harness-engineering/templates/product/state-matrix.yaml +105 -0
- package/package-source/docs/codex-harness-engineering/templates/prompts/controller-loop.md +88 -0
- package/package-source/docs/codex-harness-engineering/templates/prompts/failure-triage.md +69 -0
- package/package-source/docs/codex-harness-engineering/templates/prompts/harness-audit.md +52 -0
- package/package-source/docs/codex-harness-engineering/templates/prompts/implement-one-task.md +148 -0
- package/package-source/docs/codex-harness-engineering/templates/prompts/repair-one-finding.md +67 -0
- package/package-source/docs/codex-harness-engineering/templates/prompts/review-one-task.md +43 -0
- package/package-source/docs/codex-harness-engineering/templates/prompts/review-stage1-spec.md +109 -0
- package/package-source/docs/codex-harness-engineering/templates/prompts/review-stage2-quality.md +80 -0
- package/package-source/docs/codex-harness-engineering/templates/prompts/visual-evaluator.md +78 -0
- package/package-source/docs/codex-harness-engineering/templates/prompts/worker-role/backend-worker.md +41 -0
- package/package-source/docs/codex-harness-engineering/templates/prompts/worker-role/docs-worker.md +28 -0
- package/package-source/docs/codex-harness-engineering/templates/prompts/worker-role/frontend-worker.md +46 -0
- package/package-source/docs/codex-harness-engineering/templates/prompts/worker-role/harness-writer.md +40 -0
- package/package-source/docs/codex-harness-engineering/templates/prompts/worker-role/test-runner.md +27 -0
- package/package-source/docs/codex-harness-engineering/templates/runtime/AGENTS.md +50 -0
- package/package-source/docs/codex-harness-engineering/templates/runtime/codex-loop.ps1 +2521 -0
- package/package-source/docs/codex-harness-engineering/templates/runtime/doctor.ps1 +1253 -0
- package/package-source/docs/codex-harness-engineering/templates/runtime/progress.txt +0 -0
- package/package-source/docs/codex-harness-engineering/templates/runtime/project-task-template.json +1047 -0
- package/package-source/docs/codex-harness-engineering/templates/runtime/scripts/test-install-modes.ps1 +3 -0
- package/package-source/docs/codex-harness-engineering/templates/runtime/scripts/validate-init-queue.ps1 +175 -0
- package/package-source/docs/codex-harness-engineering/templates/runtime/scripts/validate-queue-placeholders.ps1 +23 -0
- package/package-source/docs/codex-harness-engineering/templates/runtime/smoke-task.json +52 -0
- package/package-source/docs/codex-harness-engineering/templates/runtime/task-run-profile.json +86 -0
- package/package-source/docs/codex-harness-engineering/templates/runtime/task.json +49 -0
- package/package-source/docs/codex-harness-engineering/templates/runtime/verify.ps1 +285 -0
- package/package-source/docs/codex-harness-engineering/templates/scripts/ai-workflow/check-ai-sync-drift.ps1 +205 -0
- package/package-source/docs/codex-harness-engineering/templates/scripts/harness/harness-governance-check.ps1 +366 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/01-spec-guide-and-index.md +32 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/02-requirement-sources.md +26 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/03-proposal-and-scope.md +36 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/04-prd.md +29 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/05-user-stories-and-acceptance.md +25 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/06-functional-spec.md +33 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/07-nfr.md +29 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/08-architecture-design.md +31 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/09-api-contract.md +37 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/10-data-model.md +31 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/11-security-design.md +26 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/12-implementation-plan.md +23 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/13-test-strategy.md +26 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/14-rtm.md +24 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/spec-manifest.json +27 -0
- package/package-source/docs/codex-harness-engineering/templates/spec/spec-manifest.schema.json +40 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/ACCEPTANCE_CRITERIA.md +39 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/ACCEPTANCE_EXAMPLES.md +37 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/EVIDENCE_PROTOCOL.md +48 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/NATURAL_LANGUAGE_TEST_CASES.md +689 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/REGRESSION_PLAN.md +20 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/RISK_BASED_TEST_PLAN.md +16 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/TEST_DATA_MATRIX.md +30 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/TEST_STRATEGY.md +97 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/TRACEABILITY_MATRIX.md +22 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/coverage-policy.md +25 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/e2e-plan.md +139 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/failure-findings.example.json +21 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/failure-triage.md +62 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/test-data-plan.md +36 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/test-matrix.md +26 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/test-report.md +41 -0
- package/package-source/docs/codex-harness-engineering/templates/testing/verify-matrix.md +46 -0
- package/package-source/docs/codex-harness-engineering/templates/trace/eval-case.yaml +24 -0
- package/package-source/docs/codex-harness-engineering/templates/trace/trace.json +30 -0
- package/package-source/docs/codex-harness-engineering/templates/trace/trace.schema.json +225 -0
- package/package-source/install-manifest.json +453 -0
- package/package-source/install-manifest.schema.json +80 -0
- package/package-source/tools/install/ai-workflow/check-ai-sync-drift.ps1 +205 -0
- package/package-source/tools/install/ai-workflow/sync-ai-config-to-targets.ps1 +826 -0
- package/package-source/tools/install/ai-workflow/sync-targets.example.json +35 -0
- package/package-source/tools/install/bootstrap-codex-harness.ps1 +760 -0
- package/package-source/tools/install/env-check.ps1 +40 -0
- package/package-source/tools/install/init-project.ps1 +51 -0
- package/package-source/tools/install/install-agent-here.ps1 +57 -0
- package/package-source/tools/install/install-agent.ps1 +2511 -0
- package/package-source/tools/install/install-user.ps1 +29 -0
- package/package.json +3 -1
|
@@ -0,0 +1,166 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: security
|
|
3
|
+
description: Security Skill
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# Security Skill
|
|
7
|
+
|
|
8
|
+
安全编码实践和常见漏洞防护。
|
|
9
|
+
|
|
10
|
+
## 认证与授权
|
|
11
|
+
|
|
12
|
+
### 密码安全
|
|
13
|
+
```python
|
|
14
|
+
# ✅ 使用 bcrypt/argon2 哈希
|
|
15
|
+
import bcrypt
|
|
16
|
+
password_hash = bcrypt.hashpw(password.encode(), bcrypt.gensalt(12))
|
|
17
|
+
|
|
18
|
+
# ❌ 禁止明文存储或简单哈希
|
|
19
|
+
password_hash = md5(password) # 不安全
|
|
20
|
+
password_hash = sha256(password) # 不够安全
|
|
21
|
+
```
|
|
22
|
+
|
|
23
|
+
### JWT 最佳实践
|
|
24
|
+
```javascript
|
|
25
|
+
// Token 配置
|
|
26
|
+
{
|
|
27
|
+
algorithm: 'RS256', // 使用非对称加密
|
|
28
|
+
expiresIn: '15m', // 短期有效
|
|
29
|
+
issuer: 'your-app',
|
|
30
|
+
audience: 'your-api'
|
|
31
|
+
}
|
|
32
|
+
|
|
33
|
+
// 必须验证
|
|
34
|
+
- 签名有效性
|
|
35
|
+
- 过期时间 (exp)
|
|
36
|
+
- 签发者 (iss)
|
|
37
|
+
- 受众 (aud)
|
|
38
|
+
```
|
|
39
|
+
|
|
40
|
+
### 会话管理
|
|
41
|
+
- 登录后重新生成 Session ID
|
|
42
|
+
- 设置合理的会话超时
|
|
43
|
+
- 支持强制登出所有设备
|
|
44
|
+
- 敏感操作要求重新认证
|
|
45
|
+
|
|
46
|
+
## 输入验证
|
|
47
|
+
|
|
48
|
+
### 验证原则
|
|
49
|
+
- 白名单优于黑名单
|
|
50
|
+
- 服务端必须验证(不信任客户端)
|
|
51
|
+
- 验证数据类型、长度、格式、范围
|
|
52
|
+
|
|
53
|
+
### SQL 注入防护
|
|
54
|
+
```python
|
|
55
|
+
# ❌ 字符串拼接
|
|
56
|
+
query = f"SELECT * FROM users WHERE id = {user_id}"
|
|
57
|
+
|
|
58
|
+
# ✅ 参数化查询
|
|
59
|
+
cursor.execute("SELECT * FROM users WHERE id = %s", (user_id,))
|
|
60
|
+
|
|
61
|
+
# ✅ ORM
|
|
62
|
+
User.query.filter_by(id=user_id).first()
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
### XSS 防护
|
|
66
|
+
```javascript
|
|
67
|
+
// ❌ 直接插入 HTML
|
|
68
|
+
element.innerHTML = userInput;
|
|
69
|
+
|
|
70
|
+
// ✅ 文本内容
|
|
71
|
+
element.textContent = userInput;
|
|
72
|
+
|
|
73
|
+
// ✅ 使用框架的自动转义
|
|
74
|
+
// React: {userInput} 自动转义
|
|
75
|
+
// Vue: {{ userInput }} 自动转义
|
|
76
|
+
```
|
|
77
|
+
|
|
78
|
+
### CSRF 防护
|
|
79
|
+
```html
|
|
80
|
+
<!-- 表单中包含 CSRF Token -->
|
|
81
|
+
<form method="POST">
|
|
82
|
+
<input type="hidden" name="_csrf" value="{{ csrf_token }}">
|
|
83
|
+
</form>
|
|
84
|
+
```
|
|
85
|
+
|
|
86
|
+
```javascript
|
|
87
|
+
// API 请求携带 Token
|
|
88
|
+
headers: {
|
|
89
|
+
'X-CSRF-Token': getCsrfToken()
|
|
90
|
+
}
|
|
91
|
+
```
|
|
92
|
+
|
|
93
|
+
## 敏感数据处理
|
|
94
|
+
|
|
95
|
+
### 数据分类
|
|
96
|
+
| 级别 | 示例 | 处理要求 |
|
|
97
|
+
|------|------|----------|
|
|
98
|
+
| 高敏感 | 密码、密钥、身份证 | 加密存储,脱敏显示 |
|
|
99
|
+
| 中敏感 | 手机号、邮箱、地址 | 脱敏显示 |
|
|
100
|
+
| 低敏感 | 昵称、头像 | 常规保护 |
|
|
101
|
+
|
|
102
|
+
### 脱敏规则
|
|
103
|
+
```javascript
|
|
104
|
+
// 手机号: 138****8888
|
|
105
|
+
phone.replace(/(\d{3})\d{4}(\d{4})/, '$1****$2')
|
|
106
|
+
|
|
107
|
+
// 邮箱: t***@example.com
|
|
108
|
+
email.replace(/(.{1}).*(@.*)/, '$1***$2')
|
|
109
|
+
|
|
110
|
+
// 身份证: 110***********1234
|
|
111
|
+
idCard.replace(/(\d{3})\d{11}(\d{4})/, '$1***********$2')
|
|
112
|
+
```
|
|
113
|
+
|
|
114
|
+
### 密钥管理
|
|
115
|
+
```bash
|
|
116
|
+
# ❌ 硬编码
|
|
117
|
+
API_KEY = "sk-1234567890"
|
|
118
|
+
|
|
119
|
+
# ✅ 环境变量
|
|
120
|
+
API_KEY = os.environ.get('API_KEY')
|
|
121
|
+
|
|
122
|
+
# ✅ 密钥管理服务
|
|
123
|
+
# AWS Secrets Manager / HashiCorp Vault
|
|
124
|
+
```
|
|
125
|
+
|
|
126
|
+
## HTTP 安全头
|
|
127
|
+
|
|
128
|
+
```nginx
|
|
129
|
+
# 必须配置的安全头
|
|
130
|
+
add_header X-Content-Type-Options "nosniff" always;
|
|
131
|
+
add_header X-Frame-Options "SAMEORIGIN" always;
|
|
132
|
+
add_header X-XSS-Protection "1; mode=block" always;
|
|
133
|
+
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
|
134
|
+
add_header Content-Security-Policy "default-src 'self'; script-src 'self'" always;
|
|
135
|
+
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
|
|
136
|
+
```
|
|
137
|
+
|
|
138
|
+
## 日志安全
|
|
139
|
+
|
|
140
|
+
```python
|
|
141
|
+
# ❌ 记录敏感信息
|
|
142
|
+
logger.info(f"User login: {username}, password: {password}")
|
|
143
|
+
|
|
144
|
+
# ✅ 脱敏记录
|
|
145
|
+
logger.info(f"User login: {username}, password: [REDACTED]")
|
|
146
|
+
|
|
147
|
+
# 必须记录的安全事件
|
|
148
|
+
- 登录成功/失败
|
|
149
|
+
- 权限变更
|
|
150
|
+
- 敏感数据访问
|
|
151
|
+
- 异常操作
|
|
152
|
+
```
|
|
153
|
+
|
|
154
|
+
## 依赖安全
|
|
155
|
+
|
|
156
|
+
```bash
|
|
157
|
+
# 定期检查依赖漏洞
|
|
158
|
+
npm audit
|
|
159
|
+
pip-audit
|
|
160
|
+
snyk test
|
|
161
|
+
|
|
162
|
+
# 锁定依赖版本
|
|
163
|
+
package-lock.json
|
|
164
|
+
requirements.txt (pinned versions)
|
|
165
|
+
```
|
|
166
|
+
|
|
@@ -0,0 +1,494 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: security-review
|
|
3
|
+
description: Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns.
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# Security Review Skill
|
|
7
|
+
|
|
8
|
+
This skill ensures all code follows security best practices and identifies potential vulnerabilities.
|
|
9
|
+
|
|
10
|
+
## When to Activate
|
|
11
|
+
|
|
12
|
+
- Implementing authentication or authorization
|
|
13
|
+
- Handling user input or file uploads
|
|
14
|
+
- Creating new API endpoints
|
|
15
|
+
- Working with secrets or credentials
|
|
16
|
+
- Implementing payment features
|
|
17
|
+
- Storing or transmitting sensitive data
|
|
18
|
+
- Integrating third-party APIs
|
|
19
|
+
|
|
20
|
+
## Security Checklist
|
|
21
|
+
|
|
22
|
+
### 1. Secrets Management
|
|
23
|
+
|
|
24
|
+
#### ❌ NEVER Do This
|
|
25
|
+
```typescript
|
|
26
|
+
const apiKey = "sk-proj-xxxxx" // Hardcoded secret
|
|
27
|
+
const dbPassword = "password123" // In source code
|
|
28
|
+
```
|
|
29
|
+
|
|
30
|
+
#### ✅ ALWAYS Do This
|
|
31
|
+
```typescript
|
|
32
|
+
const apiKey = process.env.OPENAI_API_KEY
|
|
33
|
+
const dbUrl = process.env.DATABASE_URL
|
|
34
|
+
|
|
35
|
+
// Verify secrets exist
|
|
36
|
+
if (!apiKey) {
|
|
37
|
+
throw new Error('OPENAI_API_KEY not configured')
|
|
38
|
+
}
|
|
39
|
+
```
|
|
40
|
+
|
|
41
|
+
#### Verification Steps
|
|
42
|
+
- [ ] No hardcoded API keys, tokens, or passwords
|
|
43
|
+
- [ ] All secrets in environment variables
|
|
44
|
+
- [ ] `.env.local` in .gitignore
|
|
45
|
+
- [ ] No secrets in git history
|
|
46
|
+
- [ ] Production secrets in hosting platform (Vercel, Railway)
|
|
47
|
+
|
|
48
|
+
### 2. Input Validation
|
|
49
|
+
|
|
50
|
+
#### Always Validate User Input
|
|
51
|
+
```typescript
|
|
52
|
+
import { z } from 'zod'
|
|
53
|
+
|
|
54
|
+
// Define validation schema
|
|
55
|
+
const CreateUserSchema = z.object({
|
|
56
|
+
email: z.string().email(),
|
|
57
|
+
name: z.string().min(1).max(100),
|
|
58
|
+
age: z.number().int().min(0).max(150)
|
|
59
|
+
})
|
|
60
|
+
|
|
61
|
+
// Validate before processing
|
|
62
|
+
export async function createUser(input: unknown) {
|
|
63
|
+
try {
|
|
64
|
+
const validated = CreateUserSchema.parse(input)
|
|
65
|
+
return await db.users.create(validated)
|
|
66
|
+
} catch (error) {
|
|
67
|
+
if (error instanceof z.ZodError) {
|
|
68
|
+
return { success: false, errors: error.errors }
|
|
69
|
+
}
|
|
70
|
+
throw error
|
|
71
|
+
}
|
|
72
|
+
}
|
|
73
|
+
```
|
|
74
|
+
|
|
75
|
+
#### File Upload Validation
|
|
76
|
+
```typescript
|
|
77
|
+
function validateFileUpload(file: File) {
|
|
78
|
+
// Size check (5MB max)
|
|
79
|
+
const maxSize = 5 * 1024 * 1024
|
|
80
|
+
if (file.size > maxSize) {
|
|
81
|
+
throw new Error('File too large (max 5MB)')
|
|
82
|
+
}
|
|
83
|
+
|
|
84
|
+
// Type check
|
|
85
|
+
const allowedTypes = ['image/jpeg', 'image/png', 'image/gif']
|
|
86
|
+
if (!allowedTypes.includes(file.type)) {
|
|
87
|
+
throw new Error('Invalid file type')
|
|
88
|
+
}
|
|
89
|
+
|
|
90
|
+
// Extension check
|
|
91
|
+
const allowedExtensions = ['.jpg', '.jpeg', '.png', '.gif']
|
|
92
|
+
const extension = file.name.toLowerCase().match(/\.[^.]+$/)?.[0]
|
|
93
|
+
if (!extension || !allowedExtensions.includes(extension)) {
|
|
94
|
+
throw new Error('Invalid file extension')
|
|
95
|
+
}
|
|
96
|
+
|
|
97
|
+
return true
|
|
98
|
+
}
|
|
99
|
+
```
|
|
100
|
+
|
|
101
|
+
#### Verification Steps
|
|
102
|
+
- [ ] All user inputs validated with schemas
|
|
103
|
+
- [ ] File uploads restricted (size, type, extension)
|
|
104
|
+
- [ ] No direct use of user input in queries
|
|
105
|
+
- [ ] Whitelist validation (not blacklist)
|
|
106
|
+
- [ ] Error messages don't leak sensitive info
|
|
107
|
+
|
|
108
|
+
### 3. SQL Injection Prevention
|
|
109
|
+
|
|
110
|
+
#### ❌ NEVER Concatenate SQL
|
|
111
|
+
```typescript
|
|
112
|
+
// DANGEROUS - SQL Injection vulnerability
|
|
113
|
+
const query = `SELECT * FROM users WHERE email = '${userEmail}'`
|
|
114
|
+
await db.query(query)
|
|
115
|
+
```
|
|
116
|
+
|
|
117
|
+
#### ✅ ALWAYS Use Parameterized Queries
|
|
118
|
+
```typescript
|
|
119
|
+
// Safe - parameterized query
|
|
120
|
+
const { data } = await supabase
|
|
121
|
+
.from('users')
|
|
122
|
+
.select('*')
|
|
123
|
+
.eq('email', userEmail)
|
|
124
|
+
|
|
125
|
+
// Or with raw SQL
|
|
126
|
+
await db.query(
|
|
127
|
+
'SELECT * FROM users WHERE email = $1',
|
|
128
|
+
[userEmail]
|
|
129
|
+
)
|
|
130
|
+
```
|
|
131
|
+
|
|
132
|
+
#### Verification Steps
|
|
133
|
+
- [ ] All database queries use parameterized queries
|
|
134
|
+
- [ ] No string concatenation in SQL
|
|
135
|
+
- [ ] ORM/query builder used correctly
|
|
136
|
+
- [ ] Supabase queries properly sanitized
|
|
137
|
+
|
|
138
|
+
### 4. Authentication & Authorization
|
|
139
|
+
|
|
140
|
+
#### JWT Token Handling
|
|
141
|
+
```typescript
|
|
142
|
+
// ❌ WRONG: localStorage (vulnerable to XSS)
|
|
143
|
+
localStorage.setItem('token', token)
|
|
144
|
+
|
|
145
|
+
// ✅ CORRECT: httpOnly cookies
|
|
146
|
+
res.setHeader('Set-Cookie',
|
|
147
|
+
`token=${token}; HttpOnly; Secure; SameSite=Strict; Max-Age=3600`)
|
|
148
|
+
```
|
|
149
|
+
|
|
150
|
+
#### Authorization Checks
|
|
151
|
+
```typescript
|
|
152
|
+
export async function deleteUser(userId: string, requesterId: string) {
|
|
153
|
+
// ALWAYS verify authorization first
|
|
154
|
+
const requester = await db.users.findUnique({
|
|
155
|
+
where: { id: requesterId }
|
|
156
|
+
})
|
|
157
|
+
|
|
158
|
+
if (requester.role !== 'admin') {
|
|
159
|
+
return NextResponse.json(
|
|
160
|
+
{ error: 'Unauthorized' },
|
|
161
|
+
{ status: 403 }
|
|
162
|
+
)
|
|
163
|
+
}
|
|
164
|
+
|
|
165
|
+
// Proceed with deletion
|
|
166
|
+
await db.users.delete({ where: { id: userId } })
|
|
167
|
+
}
|
|
168
|
+
```
|
|
169
|
+
|
|
170
|
+
#### Row Level Security (Supabase)
|
|
171
|
+
```sql
|
|
172
|
+
-- Enable RLS on all tables
|
|
173
|
+
ALTER TABLE users ENABLE ROW LEVEL SECURITY;
|
|
174
|
+
|
|
175
|
+
-- Users can only view their own data
|
|
176
|
+
CREATE POLICY "Users view own data"
|
|
177
|
+
ON users FOR SELECT
|
|
178
|
+
USING (auth.uid() = id);
|
|
179
|
+
|
|
180
|
+
-- Users can only update their own data
|
|
181
|
+
CREATE POLICY "Users update own data"
|
|
182
|
+
ON users FOR UPDATE
|
|
183
|
+
USING (auth.uid() = id);
|
|
184
|
+
```
|
|
185
|
+
|
|
186
|
+
#### Verification Steps
|
|
187
|
+
- [ ] Tokens stored in httpOnly cookies (not localStorage)
|
|
188
|
+
- [ ] Authorization checks before sensitive operations
|
|
189
|
+
- [ ] Row Level Security enabled in Supabase
|
|
190
|
+
- [ ] Role-based access control implemented
|
|
191
|
+
- [ ] Session management secure
|
|
192
|
+
|
|
193
|
+
### 5. XSS Prevention
|
|
194
|
+
|
|
195
|
+
#### Sanitize HTML
|
|
196
|
+
```typescript
|
|
197
|
+
import DOMPurify from 'isomorphic-dompurify'
|
|
198
|
+
|
|
199
|
+
// ALWAYS sanitize user-provided HTML
|
|
200
|
+
function renderUserContent(html: string) {
|
|
201
|
+
const clean = DOMPurify.sanitize(html, {
|
|
202
|
+
ALLOWED_TAGS: ['b', 'i', 'em', 'strong', 'p'],
|
|
203
|
+
ALLOWED_ATTR: []
|
|
204
|
+
})
|
|
205
|
+
return <div dangerouslySetInnerHTML={{ __html: clean }} />
|
|
206
|
+
}
|
|
207
|
+
```
|
|
208
|
+
|
|
209
|
+
#### Content Security Policy
|
|
210
|
+
```typescript
|
|
211
|
+
// next.config.js
|
|
212
|
+
const securityHeaders = [
|
|
213
|
+
{
|
|
214
|
+
key: 'Content-Security-Policy',
|
|
215
|
+
value: `
|
|
216
|
+
default-src 'self';
|
|
217
|
+
script-src 'self' 'unsafe-eval' 'unsafe-inline';
|
|
218
|
+
style-src 'self' 'unsafe-inline';
|
|
219
|
+
img-src 'self' data: https:;
|
|
220
|
+
font-src 'self';
|
|
221
|
+
connect-src 'self' https://api.example.com;
|
|
222
|
+
`.replace(/\s{2,}/g, ' ').trim()
|
|
223
|
+
}
|
|
224
|
+
]
|
|
225
|
+
```
|
|
226
|
+
|
|
227
|
+
#### Verification Steps
|
|
228
|
+
- [ ] User-provided HTML sanitized
|
|
229
|
+
- [ ] CSP headers configured
|
|
230
|
+
- [ ] No unvalidated dynamic content rendering
|
|
231
|
+
- [ ] React's built-in XSS protection used
|
|
232
|
+
|
|
233
|
+
### 6. CSRF Protection
|
|
234
|
+
|
|
235
|
+
#### CSRF Tokens
|
|
236
|
+
```typescript
|
|
237
|
+
import { csrf } from '@/lib/csrf'
|
|
238
|
+
|
|
239
|
+
export async function POST(request: Request) {
|
|
240
|
+
const token = request.headers.get('X-CSRF-Token')
|
|
241
|
+
|
|
242
|
+
if (!csrf.verify(token)) {
|
|
243
|
+
return NextResponse.json(
|
|
244
|
+
{ error: 'Invalid CSRF token' },
|
|
245
|
+
{ status: 403 }
|
|
246
|
+
)
|
|
247
|
+
}
|
|
248
|
+
|
|
249
|
+
// Process request
|
|
250
|
+
}
|
|
251
|
+
```
|
|
252
|
+
|
|
253
|
+
#### SameSite Cookies
|
|
254
|
+
```typescript
|
|
255
|
+
res.setHeader('Set-Cookie',
|
|
256
|
+
`session=${sessionId}; HttpOnly; Secure; SameSite=Strict`)
|
|
257
|
+
```
|
|
258
|
+
|
|
259
|
+
#### Verification Steps
|
|
260
|
+
- [ ] CSRF tokens on state-changing operations
|
|
261
|
+
- [ ] SameSite=Strict on all cookies
|
|
262
|
+
- [ ] Double-submit cookie pattern implemented
|
|
263
|
+
|
|
264
|
+
### 7. Rate Limiting
|
|
265
|
+
|
|
266
|
+
#### API Rate Limiting
|
|
267
|
+
```typescript
|
|
268
|
+
import rateLimit from 'express-rate-limit'
|
|
269
|
+
|
|
270
|
+
const limiter = rateLimit({
|
|
271
|
+
windowMs: 15 * 60 * 1000, // 15 minutes
|
|
272
|
+
max: 100, // 100 requests per window
|
|
273
|
+
message: 'Too many requests'
|
|
274
|
+
})
|
|
275
|
+
|
|
276
|
+
// Apply to routes
|
|
277
|
+
app.use('/api/', limiter)
|
|
278
|
+
```
|
|
279
|
+
|
|
280
|
+
#### Expensive Operations
|
|
281
|
+
```typescript
|
|
282
|
+
// Aggressive rate limiting for searches
|
|
283
|
+
const searchLimiter = rateLimit({
|
|
284
|
+
windowMs: 60 * 1000, // 1 minute
|
|
285
|
+
max: 10, // 10 requests per minute
|
|
286
|
+
message: 'Too many search requests'
|
|
287
|
+
})
|
|
288
|
+
|
|
289
|
+
app.use('/api/search', searchLimiter)
|
|
290
|
+
```
|
|
291
|
+
|
|
292
|
+
#### Verification Steps
|
|
293
|
+
- [ ] Rate limiting on all API endpoints
|
|
294
|
+
- [ ] Stricter limits on expensive operations
|
|
295
|
+
- [ ] IP-based rate limiting
|
|
296
|
+
- [ ] User-based rate limiting (authenticated)
|
|
297
|
+
|
|
298
|
+
### 8. Sensitive Data Exposure
|
|
299
|
+
|
|
300
|
+
#### Logging
|
|
301
|
+
```typescript
|
|
302
|
+
// ❌ WRONG: Logging sensitive data
|
|
303
|
+
console.log('User login:', { email, password })
|
|
304
|
+
console.log('Payment:', { cardNumber, cvv })
|
|
305
|
+
|
|
306
|
+
// ✅ CORRECT: Redact sensitive data
|
|
307
|
+
console.log('User login:', { email, userId })
|
|
308
|
+
console.log('Payment:', { last4: card.last4, userId })
|
|
309
|
+
```
|
|
310
|
+
|
|
311
|
+
#### Error Messages
|
|
312
|
+
```typescript
|
|
313
|
+
// ❌ WRONG: Exposing internal details
|
|
314
|
+
catch (error) {
|
|
315
|
+
return NextResponse.json(
|
|
316
|
+
{ error: error.message, stack: error.stack },
|
|
317
|
+
{ status: 500 }
|
|
318
|
+
)
|
|
319
|
+
}
|
|
320
|
+
|
|
321
|
+
// ✅ CORRECT: Generic error messages
|
|
322
|
+
catch (error) {
|
|
323
|
+
console.error('Internal error:', error)
|
|
324
|
+
return NextResponse.json(
|
|
325
|
+
{ error: 'An error occurred. Please try again.' },
|
|
326
|
+
{ status: 500 }
|
|
327
|
+
)
|
|
328
|
+
}
|
|
329
|
+
```
|
|
330
|
+
|
|
331
|
+
#### Verification Steps
|
|
332
|
+
- [ ] No passwords, tokens, or secrets in logs
|
|
333
|
+
- [ ] Error messages generic for users
|
|
334
|
+
- [ ] Detailed errors only in server logs
|
|
335
|
+
- [ ] No stack traces exposed to users
|
|
336
|
+
|
|
337
|
+
### 9. Blockchain Security (Solana)
|
|
338
|
+
|
|
339
|
+
#### Wallet Verification
|
|
340
|
+
```typescript
|
|
341
|
+
import { verify } from '@solana/web3.js'
|
|
342
|
+
|
|
343
|
+
async function verifyWalletOwnership(
|
|
344
|
+
publicKey: string,
|
|
345
|
+
signature: string,
|
|
346
|
+
message: string
|
|
347
|
+
) {
|
|
348
|
+
try {
|
|
349
|
+
const isValid = verify(
|
|
350
|
+
Buffer.from(message),
|
|
351
|
+
Buffer.from(signature, 'base64'),
|
|
352
|
+
Buffer.from(publicKey, 'base64')
|
|
353
|
+
)
|
|
354
|
+
return isValid
|
|
355
|
+
} catch (error) {
|
|
356
|
+
return false
|
|
357
|
+
}
|
|
358
|
+
}
|
|
359
|
+
```
|
|
360
|
+
|
|
361
|
+
#### Transaction Verification
|
|
362
|
+
```typescript
|
|
363
|
+
async function verifyTransaction(transaction: Transaction) {
|
|
364
|
+
// Verify recipient
|
|
365
|
+
if (transaction.to !== expectedRecipient) {
|
|
366
|
+
throw new Error('Invalid recipient')
|
|
367
|
+
}
|
|
368
|
+
|
|
369
|
+
// Verify amount
|
|
370
|
+
if (transaction.amount > maxAmount) {
|
|
371
|
+
throw new Error('Amount exceeds limit')
|
|
372
|
+
}
|
|
373
|
+
|
|
374
|
+
// Verify user has sufficient balance
|
|
375
|
+
const balance = await getBalance(transaction.from)
|
|
376
|
+
if (balance < transaction.amount) {
|
|
377
|
+
throw new Error('Insufficient balance')
|
|
378
|
+
}
|
|
379
|
+
|
|
380
|
+
return true
|
|
381
|
+
}
|
|
382
|
+
```
|
|
383
|
+
|
|
384
|
+
#### Verification Steps
|
|
385
|
+
- [ ] Wallet signatures verified
|
|
386
|
+
- [ ] Transaction details validated
|
|
387
|
+
- [ ] Balance checks before transactions
|
|
388
|
+
- [ ] No blind transaction signing
|
|
389
|
+
|
|
390
|
+
### 10. Dependency Security
|
|
391
|
+
|
|
392
|
+
#### Regular Updates
|
|
393
|
+
```bash
|
|
394
|
+
# Check for vulnerabilities
|
|
395
|
+
npm audit
|
|
396
|
+
|
|
397
|
+
# Fix automatically fixable issues
|
|
398
|
+
npm audit fix
|
|
399
|
+
|
|
400
|
+
# Update dependencies
|
|
401
|
+
npm update
|
|
402
|
+
|
|
403
|
+
# Check for outdated packages
|
|
404
|
+
npm outdated
|
|
405
|
+
```
|
|
406
|
+
|
|
407
|
+
#### Lock Files
|
|
408
|
+
```bash
|
|
409
|
+
# ALWAYS commit lock files
|
|
410
|
+
git add package-lock.json
|
|
411
|
+
|
|
412
|
+
# Use in CI/CD for reproducible builds
|
|
413
|
+
npm ci # Instead of npm install
|
|
414
|
+
```
|
|
415
|
+
|
|
416
|
+
#### Verification Steps
|
|
417
|
+
- [ ] Dependencies up to date
|
|
418
|
+
- [ ] No known vulnerabilities (npm audit clean)
|
|
419
|
+
- [ ] Lock files committed
|
|
420
|
+
- [ ] Dependabot enabled on GitHub
|
|
421
|
+
- [ ] Regular security updates
|
|
422
|
+
|
|
423
|
+
## Security Testing
|
|
424
|
+
|
|
425
|
+
### Automated Security Tests
|
|
426
|
+
```typescript
|
|
427
|
+
// Test authentication
|
|
428
|
+
test('requires authentication', async () => {
|
|
429
|
+
const response = await fetch('/api/protected')
|
|
430
|
+
expect(response.status).toBe(401)
|
|
431
|
+
})
|
|
432
|
+
|
|
433
|
+
// Test authorization
|
|
434
|
+
test('requires admin role', async () => {
|
|
435
|
+
const response = await fetch('/api/admin', {
|
|
436
|
+
headers: { Authorization: `Bearer ${userToken}` }
|
|
437
|
+
})
|
|
438
|
+
expect(response.status).toBe(403)
|
|
439
|
+
})
|
|
440
|
+
|
|
441
|
+
// Test input validation
|
|
442
|
+
test('rejects invalid input', async () => {
|
|
443
|
+
const response = await fetch('/api/users', {
|
|
444
|
+
method: 'POST',
|
|
445
|
+
body: JSON.stringify({ email: 'not-an-email' })
|
|
446
|
+
})
|
|
447
|
+
expect(response.status).toBe(400)
|
|
448
|
+
})
|
|
449
|
+
|
|
450
|
+
// Test rate limiting
|
|
451
|
+
test('enforces rate limits', async () => {
|
|
452
|
+
const requests = Array(101).fill(null).map(() =>
|
|
453
|
+
fetch('/api/endpoint')
|
|
454
|
+
)
|
|
455
|
+
|
|
456
|
+
const responses = await Promise.all(requests)
|
|
457
|
+
const tooManyRequests = responses.filter(r => r.status === 429)
|
|
458
|
+
|
|
459
|
+
expect(tooManyRequests.length).toBeGreaterThan(0)
|
|
460
|
+
})
|
|
461
|
+
```
|
|
462
|
+
|
|
463
|
+
## Pre-Deployment Security Checklist
|
|
464
|
+
|
|
465
|
+
Before ANY production deployment:
|
|
466
|
+
|
|
467
|
+
- [ ] **Secrets**: No hardcoded secrets, all in env vars
|
|
468
|
+
- [ ] **Input Validation**: All user inputs validated
|
|
469
|
+
- [ ] **SQL Injection**: All queries parameterized
|
|
470
|
+
- [ ] **XSS**: User content sanitized
|
|
471
|
+
- [ ] **CSRF**: Protection enabled
|
|
472
|
+
- [ ] **Authentication**: Proper token handling
|
|
473
|
+
- [ ] **Authorization**: Role checks in place
|
|
474
|
+
- [ ] **Rate Limiting**: Enabled on all endpoints
|
|
475
|
+
- [ ] **HTTPS**: Enforced in production
|
|
476
|
+
- [ ] **Security Headers**: CSP, X-Frame-Options configured
|
|
477
|
+
- [ ] **Error Handling**: No sensitive data in errors
|
|
478
|
+
- [ ] **Logging**: No sensitive data logged
|
|
479
|
+
- [ ] **Dependencies**: Up to date, no vulnerabilities
|
|
480
|
+
- [ ] **Row Level Security**: Enabled in Supabase
|
|
481
|
+
- [ ] **CORS**: Properly configured
|
|
482
|
+
- [ ] **File Uploads**: Validated (size, type)
|
|
483
|
+
- [ ] **Wallet Signatures**: Verified (if blockchain)
|
|
484
|
+
|
|
485
|
+
## Resources
|
|
486
|
+
|
|
487
|
+
- [OWASP Top 10](https://owasp.org/www-project-top-ten/)
|
|
488
|
+
- [Next.js Security](https://nextjs.org/docs/security)
|
|
489
|
+
- [Supabase Security](https://supabase.com/docs/guides/auth)
|
|
490
|
+
- [Web Security Academy](https://portswigger.net/web-security)
|
|
491
|
+
|
|
492
|
+
---
|
|
493
|
+
|
|
494
|
+
**Remember**: Security is not optional. One vulnerability can compromise the entire platform. When in doubt, err on the side of caution.
|