@qball-inc/the-bulwark 1.0.0

package/skills/bug-magnet-data/data/formats/json.yaml

@@ -0,0 +1,187 @@
+metadata:
+  version: "1.0.0"
+  last_updated: "2026-02-01"
+  source_urls: []
+
+category: formats
+subcategory: json
+tier: T2
+
+bugs_caught:
+  - "JSON parsing errors"
+  - "Edge case handling"
+  - "Security issues"
+
+values:
+  # Valid edge cases
+  empty_object:
+    value: "{}"
+    valid: true
+    bugs_caught:
+      - "Empty object handling"
+    safe_for_automation: true
+
+  empty_array:
+    value: "[]"
+    valid: true
+    bugs_caught:
+      - "Empty array handling"
+    safe_for_automation: true
+
+  nested_deep:
+    value: "[[[[[[[[[[]]]]]]]]]]"
+    valid: true
+    bugs_caught:
+      - "Deep nesting"
+      - "Stack overflow"
+    safe_for_automation: true
+
+  large_number:
+    value: "{\"n\": 9999999999999999999999999999999}"
+    valid: true
+    bugs_caught:
+      - "Large number precision"
+    safe_for_automation: true
+
+  scientific_notation:
+    value: "{\"n\": 1e100}"
+    valid: true
+    bugs_caught:
+      - "Scientific notation"
+    safe_for_automation: true
+
+  negative_zero:
+    value: "{\"n\": -0}"
+    valid: true
+    bugs_caught:
+      - "Negative zero"
+    safe_for_automation: true
+
+  unicode_escape:
+    value: "{\"s\": \"\\u0041\"}"
+    valid: true
+    bugs_caught:
+      - "Unicode escape"
+    safe_for_automation: true
+
+  escaped_chars:
+    value: "{\"s\": \"\\\"\\\\\\n\\r\\t\"}"
+    valid: true
+    bugs_caught:
+      - "Escape sequence handling"
+    safe_for_automation: true
+
+  null_value:
+    value: "{\"n\": null}"
+    valid: true
+    bugs_caught:
+      - "JSON null handling"
+    safe_for_automation: true
+
+  boolean_values:
+    value: "{\"t\": true, \"f\": false}"
+    valid: true
+    bugs_caught:
+      - "Boolean handling"
+    safe_for_automation: true
+
+  # Invalid JSON
+  trailing_comma_object:
+    value: "{\"a\": 1,}"
+    valid: false
+    bugs_caught:
+      - "Trailing comma (invalid in JSON)"
+    safe_for_automation: true
+
+  trailing_comma_array:
+    value: "[1, 2, 3,]"
+    valid: false
+    bugs_caught:
+      - "Trailing comma array"
+    safe_for_automation: true
+
+  single_quotes:
+    value: "{'a': 1}"
+    valid: false
+    bugs_caught:
+      - "Single quotes (invalid JSON)"
+    safe_for_automation: true
+
+  unquoted_key:
+    value: "{a: 1}"
+    valid: false
+    bugs_caught:
+      - "Unquoted key (invalid JSON)"
+    safe_for_automation: true
+
+  comments:
+    value: "{\"a\": 1 /* comment */}"
+    valid: false
+    bugs_caught:
+      - "Comments (invalid JSON)"
+    safe_for_automation: true
+
+  undefined:
+    value: "{\"a\": undefined}"
+    valid: false
+    bugs_caught:
+      - "undefined (invalid JSON)"
+    safe_for_automation: true
+
+  nan:
+    value: "{\"a\": NaN}"
+    valid: false
+    bugs_caught:
+      - "NaN (invalid JSON)"
+    safe_for_automation: true
+
+  infinity:
+    value: "{\"a\": Infinity}"
+    valid: false
+    bugs_caught:
+      - "Infinity (invalid JSON)"
+    safe_for_automation: true
+
+  unclosed_object:
+    value: "{\"a\": 1"
+    valid: false
+    bugs_caught:
+      - "Unclosed object"
+    safe_for_automation: true
+
+  unclosed_array:
+    value: "[1, 2, 3"
+    valid: false
+    bugs_caught:
+      - "Unclosed array"
+    safe_for_automation: true
+
+  unclosed_string:
+    value: "{\"a\": \"hello}"
+    valid: false
+    bugs_caught:
+      - "Unclosed string"
+    safe_for_automation: true
+
+  empty:
+    value: ""
+    valid: false
+    bugs_caught:
+      - "Empty input"
+    safe_for_automation: true
+
+  whitespace_only:
+    value: "   "
+    valid: false
+    bugs_caught:
+      - "Whitespace only"
+    safe_for_automation: true
+
+  # Security concerns
+  proto_pollution:
+    value: "{\"__proto__\": {\"polluted\": true}}"
+    valid: true
+    bugs_caught:
+      - "Prototype pollution via JSON"
+    safe_for_automation: true
+    severity: security

package/skills/bug-magnet-data/data/formats/url.yaml

@@ -0,0 +1,165 @@
+metadata:
+  version: "1.0.0"
+  last_updated: "2026-02-01"
+  source_urls: []
+
+category: formats
+subcategory: url
+tier: T2
+
+bugs_caught:
+  - "URL parsing errors"
+  - "Protocol handling"
+  - "Encoding issues"
+
+values:
+  # Valid URLs often mishandled
+  no_www:
+    value: "https://example.com"
+    valid: true
+    bugs_caught:
+      - "Missing www handling"
+    safe_for_automation: true
+
+  with_port:
+    value: "https://example.com:8080"
+    valid: true
+    bugs_caught:
+      - "Port number handling"
+    safe_for_automation: true
+
+  with_auth:
+    value: "https://user:pass@example.com"
+    valid: true
+    bugs_caught:
+      - "URL authentication"
+      - "Credential exposure"
+    safe_for_automation: true
+
+  with_query:
+    value: "https://example.com?foo=bar&baz=qux"
+    valid: true
+    bugs_caught:
+      - "Query string parsing"
+    safe_for_automation: true
+
+  with_fragment:
+    value: "https://example.com#section"
+    valid: true
+    bugs_caught:
+      - "Fragment handling"
+    safe_for_automation: true
+
+  encoded_space:
+    value: "https://example.com/path%20with%20spaces"
+    valid: true
+    bugs_caught:
+      - "URL encoding"
+    safe_for_automation: true
+
+  unicode_path:
+    value: "https://example.com/café"
+    valid: true
+    bugs_caught:
+      - "Unicode in path"
+      - "IRI handling"
+    safe_for_automation: true
+
+  idn:
+    value: "https://münchen.de"
+    valid: true
+    bugs_caught:
+      - "International domain"
+      - "Punycode"
+    safe_for_automation: true
+
+  ipv4:
+    value: "http://192.168.1.1"
+    valid: true
+    bugs_caught:
+      - "IPv4 address"
+    safe_for_automation: true
+
+  ipv6:
+    value: "http://[::1]"
+    valid: true
+    bugs_caught:
+      - "IPv6 address"
+      - "Bracket notation"
+    safe_for_automation: true
+
+  localhost:
+    value: "http://localhost"
+    valid: true
+    bugs_caught:
+      - "Localhost handling"
+    safe_for_automation: true
+
+  file_protocol:
+    value: "file:///etc/passwd"
+    valid: true
+    bugs_caught:
+      - "File protocol"
+      - "Local file access"
+    safe_for_automation: true
+
+  data_uri:
+    value: "data:text/plain;base64,SGVsbG8="
+    valid: true
+    bugs_caught:
+      - "Data URI"
+      - "Embedded data"
+    safe_for_automation: true
+
+  javascript_uri:
+    value: "javascript:alert(1)"
+    valid: true
+    bugs_caught:
+      - "JavaScript protocol"
+      - "XSS via URL"
+    safe_for_automation: true
+    severity: security
+
+  # Malformed URLs
+  no_protocol:
+    value: "example.com"
+    bugs_caught:
+      - "Missing protocol"
+    safe_for_automation: true
+
+  double_slash_path:
+    value: "https://example.com//path"
+    bugs_caught:
+      - "Double slash in path"
+    safe_for_automation: true
+
+  backslash:
+    value: "https://example.com\\path"
+    bugs_caught:
+      - "Backslash in URL"
+    safe_for_automation: true
+
+  newline:
+    value: "https://example.com/\npath"
+    bugs_caught:
+      - "Newline in URL"
+      - "Header injection"
+    safe_for_automation: true
+
+  tab:
+    value: "https://example.com/\tpath"
+    bugs_caught:
+      - "Tab in URL"
+    safe_for_automation: true
+
+  empty:
+    value: ""
+    bugs_caught:
+      - "Empty URL"
+    safe_for_automation: true
+
+  whitespace_only:
+    value: "   "
+    bugs_caught:
+      - "Whitespace URL"
+    safe_for_automation: true

package/skills/bug-magnet-data/data/language-specific/javascript.yaml

@@ -0,0 +1,182 @@
+metadata:
+  version: "1.0.0"
+  last_updated: "2026-02-01"
+  source_urls: []
+
+category: language-specific
+subcategory: javascript
+tier: T2
+
+bugs_caught:
+  - "JavaScript type coercion"
+  - "Equality comparison bugs"
+  - "Truthy/falsy confusion"
+
+values:
+  # Equality quirks
+  eq_vs_strict:
+    comparisons:
+      - expr: "0 == ''"
+        result: true
+      - expr: "0 === ''"
+        result: false
+    bugs_caught:
+      - "== vs === confusion"
+      - "Type coercion in comparison"
+    safe_for_automation: true
+
+  null_undefined_eq:
+    comparisons:
+      - expr: "null == undefined"
+        result: true
+      - expr: "null === undefined"
+        result: false
+    bugs_caught:
+      - "null/undefined equivalence"
+    safe_for_automation: true
+
+  array_comparison:
+    comparisons:
+      - expr: "[] == []"
+        result: false
+      - expr: "[] == false"
+        result: true
+      - expr: "[] == ''"
+        result: true
+    bugs_caught:
+      - "Array comparison by reference"
+      - "Array coercion"
+    safe_for_automation: true
+
+  object_comparison:
+    comparisons:
+      - expr: "{} == {}"
+        result: false
+      - expr: "{} == '[object Object]'"
+        result: false
+    bugs_caught:
+      - "Object comparison by reference"
+    safe_for_automation: true
+
+  # Type coercion
+  plus_operator:
+    expressions:
+      - expr: "'5' + 3"
+        result: "'53'"
+      - expr: "5 + '3'"
+        result: "'53'"
+      - expr: "5 - '3'"
+        result: 2
+    bugs_caught:
+      - "+ operator string coercion"
+      - "Inconsistent arithmetic"
+    safe_for_automation: true
+
+  array_to_number:
+    expressions:
+      - expr: "+[]"
+        result: 0
+      - expr: "+[1]"
+        result: 1
+      - expr: "+[1,2]"
+        result: "NaN"
+    bugs_caught:
+      - "Array coercion to number"
+    safe_for_automation: true
+
+  # Truthy/falsy edge cases
+  empty_array_truthy:
+    value: "[]"
+    truthy: true
+    bugs_caught:
+      - "Empty array is truthy"
+      - "Need length check"
+    safe_for_automation: true
+
+  empty_object_truthy:
+    value: "{}"
+    truthy: true
+    bugs_caught:
+      - "Empty object is truthy"
+      - "Need Object.keys check"
+    safe_for_automation: true
+
+  nan_falsy:
+    value: "NaN"
+    truthy: false
+    bugs_caught:
+      - "NaN is falsy"
+    safe_for_automation: true
+
+  # typeof quirks
+  typeof_null:
+    expr: "typeof null"
+    result: "'object'"
+    bugs_caught:
+      - "typeof null is 'object'"
+    safe_for_automation: true
+
+  typeof_array:
+    expr: "typeof []"
+    result: "'object'"
+    bugs_caught:
+      - "Arrays are 'object' not 'array'"
+    safe_for_automation: true
+
+  typeof_nan:
+    expr: "typeof NaN"
+    result: "'number'"
+    bugs_caught:
+      - "NaN is type 'number'"
+    safe_for_automation: true
+
+  # Array methods
+  array_sort_numeric:
+    expr: "[10, 2, 1].sort()"
+    result: "[1, 10, 2]"
+    bugs_caught:
+      - "Default sort is lexicographic"
+    safe_for_automation: true
+
+  array_includes_nan:
+    expr: "[NaN].includes(NaN)"
+    result: true
+    bugs_caught:
+      - "includes works with NaN"
+    safe_for_automation: true
+
+  array_indexof_nan:
+    expr: "[NaN].indexOf(NaN)"
+    result: -1
+    bugs_caught:
+      - "indexOf fails with NaN"
+    safe_for_automation: true
+
+  # Number edge cases
+  parseint_leading_zero:
+    expr: "parseInt('08')"
+    result: 8
+    bugs_caught:
+      - "parseInt octal (fixed in ES5)"
+    safe_for_automation: true
+
+  parsefloat_trailing:
+    expr: "parseFloat('3.14abc')"
+    result: 3.14
+    bugs_caught:
+      - "parseFloat ignores trailing chars"
+    safe_for_automation: true
+
+  number_constructor:
+    expressions:
+      - expr: "Number('')"
+        result: 0
+      - expr: "Number(' ')"
+        result: 0
+      - expr: "Number(null)"
+        result: 0
+      - expr: "Number(undefined)"
+        result: "NaN"
+    bugs_caught:
+      - "Number() edge cases"
+    safe_for_automation: true

package/skills/bug-magnet-data/data/language-specific/python.yaml

@@ -0,0 +1,174 @@
+metadata:
+  version: "1.0.0"
+  last_updated: "2026-02-01"
+  source_urls: []
+
+category: language-specific
+subcategory: python
+tier: T2
+
+bugs_caught:
+  - "Python-specific gotchas"
+  - "Mutable default arguments"
+  - "None vs False confusion"
+
+values:
+  # None vs False
+  none_vs_false:
+    comparisons:
+      - expr: "None == False"
+        result: "False"
+      - expr: "not None"
+        result: "True"
+      - expr: "bool(None)"
+        result: "False"
+    bugs_caught:
+      - "None == False is False"
+      - "None is falsy but != False"
+    safe_for_automation: true
+
+  # Empty containers
+  empty_list_falsy:
+    value: "[]"
+    bool_value: "False"
+    bugs_caught:
+      - "Empty list is falsy"
+    safe_for_automation: true
+
+  empty_dict_falsy:
+    value: "{}"
+    bool_value: "False"
+    bugs_caught:
+      - "Empty dict is falsy"
+    safe_for_automation: true
+
+  empty_string_falsy:
+    value: "''"
+    bool_value: "False"
+    bugs_caught:
+      - "Empty string is falsy"
+    safe_for_automation: true
+
+  zero_falsy:
+    value: "0"
+    bool_value: "False"
+    bugs_caught:
+      - "Zero is falsy"
+    safe_for_automation: true
+
+  # Mutable default arguments
+  mutable_default:
+    code: |
+      def append_to(item, lst=[]):
+          lst.append(item)
+          return lst
+    issue: "Default list shared between calls"
+    bugs_caught:
+      - "Mutable default argument"
+      - "State accumulation between calls"
+    safe_for_automation: true
+
+  # Integer caching
+  integer_identity:
+    comparisons:
+      - expr: "256 is 256"
+        result: "True"
+      - expr: "257 is 257"
+        result: "False or True"
+    bugs_caught:
+      - "Integer caching -5 to 256"
+      - "is vs == for numbers"
+    safe_for_automation: true
+    note: "Result varies by context in Python 3.8+"
+
+  string_interning:
+    comparisons:
+      - expr: "'hello' is 'hello'"
+        result: "True"
+      - expr: "'hello world' is 'hello world'"
+        result: "False or True"
+    bugs_caught:
+      - "String interning"
+      - "is vs == for strings"
+    safe_for_automation: true
+
+  # Division
+  floor_division:
+    expressions:
+      - expr: "7 // 2"
+        result: 3
+      - expr: "-7 // 2"
+        result: -4
+    bugs_caught:
+      - "Floor division with negatives"
+    safe_for_automation: true
+
+  # Chained comparisons
+  chained_comparison:
+    expressions:
+      - expr: "1 < 2 < 3"
+        result: "True"
+      - expr: "1 < 2 > 0"
+        result: "True"
+    bugs_caught:
+      - "Chained comparison evaluation"
+    safe_for_automation: true
+
+  # List comprehension scope
+  list_comp_scope:
+    code: |
+      x = 10
+      [x for x in range(5)]
+      print(x)  # What is x?
+    issue: "List comp variable scope"
+    bugs_caught:
+      - "Loop variable scope in comprehension"
+    safe_for_automation: true
+    note: "Python 3: x is still 10. Python 2: x is 4"
+
+  # Late binding closures
+  closure_late_binding:
+    code: |
+      funcs = [lambda: i for i in range(3)]
+      [f() for f in funcs]
+    result: "[2, 2, 2]"
+    bugs_caught:
+      - "Late binding in closures"
+      - "All lambdas return same value"
+    safe_for_automation: true
+
+  # Exception handling
+  exception_in_finally:
+    code: |
+      def f():
+          try:
+              return 1
+          finally:
+              return 2
+    result: "returns 2"
+    bugs_caught:
+      - "finally overrides return"
+    safe_for_automation: true
+
+  # Dictionary iteration
+  dict_modification:
+    code: |
+      d = {'a': 1, 'b': 2}
+      for k in d:
+          del d[k]
+    issue: "RuntimeError: dictionary changed size"
+    bugs_caught:
+      - "Dict modification during iteration"
+    safe_for_automation: true
+
+  # Unicode
+  unicode_length:
+    expressions:
+      - expr: "len('😀')"
+        result: 1
+      - expr: "len('👨‍👩‍👧‍👦')"
+        result: 7
+    bugs_caught:
+      - "Emoji length counting"
+      - "ZWJ sequence handling"
+    safe_for_automation: true