@rubix0270/arboris 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (451) hide show
  1. package/package.json +8 -19
  2. package/run.mjs +10 -0
  3. package/dist/cli.mjs +0 -382
  4. package/manifest.json +0 -323
  5. package/prisma/skills/accessibility/SKILL.md +0 -147
  6. package/prisma/skills/agent-architecture-audit/SKILL.md +0 -257
  7. package/prisma/skills/agent-eval/SKILL.md +0 -146
  8. package/prisma/skills/agent-harness-construction/SKILL.md +0 -74
  9. package/prisma/skills/agent-introspection-debugging/SKILL.md +0 -154
  10. package/prisma/skills/agent-payment-x402/SKILL.md +0 -225
  11. package/prisma/skills/agent-self-evaluation/SKILL.md +0 -182
  12. package/prisma/skills/agent-self-evaluation/examples/high-score-example.md +0 -87
  13. package/prisma/skills/agent-self-evaluation/examples/low-score-example.md +0 -86
  14. package/prisma/skills/agent-self-evaluation/references/evaluation-criteria.md +0 -71
  15. package/prisma/skills/agent-self-evaluation/references/hook-integration.md +0 -64
  16. package/prisma/skills/agent-self-evaluation/scripts/evaluate.py +0 -408
  17. package/prisma/skills/agent-self-evaluation/templates/evaluation-report.md +0 -86
  18. package/prisma/skills/agent-sort/SKILL.md +0 -216
  19. package/prisma/skills/agentic-engineering/SKILL.md +0 -64
  20. package/prisma/skills/agentic-os/SKILL.md +0 -388
  21. package/prisma/skills/ai-first-engineering/SKILL.md +0 -52
  22. package/prisma/skills/ai-regression-testing/SKILL.md +0 -386
  23. package/prisma/skills/android-clean-architecture/SKILL.md +0 -340
  24. package/prisma/skills/angular-developer/SKILL.md +0 -155
  25. package/prisma/skills/angular-developer/references/angular-animations.md +0 -160
  26. package/prisma/skills/angular-developer/references/angular-aria.md +0 -410
  27. package/prisma/skills/angular-developer/references/cli.md +0 -86
  28. package/prisma/skills/angular-developer/references/component-harnesses.md +0 -59
  29. package/prisma/skills/angular-developer/references/component-styling.md +0 -91
  30. package/prisma/skills/angular-developer/references/components.md +0 -117
  31. package/prisma/skills/angular-developer/references/creating-services.md +0 -97
  32. package/prisma/skills/angular-developer/references/data-resolvers.md +0 -69
  33. package/prisma/skills/angular-developer/references/define-routes.md +0 -67
  34. package/prisma/skills/angular-developer/references/defining-providers.md +0 -72
  35. package/prisma/skills/angular-developer/references/di-fundamentals.md +0 -120
  36. package/prisma/skills/angular-developer/references/e2e-testing.md +0 -56
  37. package/prisma/skills/angular-developer/references/effects.md +0 -83
  38. package/prisma/skills/angular-developer/references/hierarchical-injectors.md +0 -43
  39. package/prisma/skills/angular-developer/references/host-elements.md +0 -80
  40. package/prisma/skills/angular-developer/references/injection-context.md +0 -63
  41. package/prisma/skills/angular-developer/references/inputs.md +0 -101
  42. package/prisma/skills/angular-developer/references/linked-signal.md +0 -59
  43. package/prisma/skills/angular-developer/references/loading-strategies.md +0 -61
  44. package/prisma/skills/angular-developer/references/mcp.md +0 -108
  45. package/prisma/skills/angular-developer/references/navigate-to-routes.md +0 -69
  46. package/prisma/skills/angular-developer/references/outputs.md +0 -86
  47. package/prisma/skills/angular-developer/references/reactive-forms.md +0 -122
  48. package/prisma/skills/angular-developer/references/rendering-strategies.md +0 -44
  49. package/prisma/skills/angular-developer/references/resource.md +0 -77
  50. package/prisma/skills/angular-developer/references/route-animations.md +0 -56
  51. package/prisma/skills/angular-developer/references/route-guards.md +0 -52
  52. package/prisma/skills/angular-developer/references/router-lifecycle.md +0 -45
  53. package/prisma/skills/angular-developer/references/router-testing.md +0 -87
  54. package/prisma/skills/angular-developer/references/show-routes-with-outlets.md +0 -68
  55. package/prisma/skills/angular-developer/references/signal-forms.md +0 -795
  56. package/prisma/skills/angular-developer/references/signals-overview.md +0 -94
  57. package/prisma/skills/angular-developer/references/tailwind-css.md +0 -69
  58. package/prisma/skills/angular-developer/references/template-driven-forms.md +0 -114
  59. package/prisma/skills/angular-developer/references/testing-fundamentals.md +0 -65
  60. package/prisma/skills/api-connector-builder/SKILL.md +0 -121
  61. package/prisma/skills/api-design/SKILL.md +0 -524
  62. package/prisma/skills/architecture-decision-records/SKILL.md +0 -180
  63. package/prisma/skills/article-writing/SKILL.md +0 -80
  64. package/prisma/skills/automation-audit-ops/SKILL.md +0 -143
  65. package/prisma/skills/autonomous-agent-harness/SKILL.md +0 -274
  66. package/prisma/skills/autonomous-loops/SKILL.md +0 -611
  67. package/prisma/skills/backend-patterns/SKILL.md +0 -562
  68. package/prisma/skills/benchmark/SKILL.md +0 -94
  69. package/prisma/skills/benchmark-methodology/SKILL.md +0 -190
  70. package/prisma/skills/benchmark-optimization-loop/SKILL.md +0 -70
  71. package/prisma/skills/blender-motion-state-inspection/SKILL.md +0 -165
  72. package/prisma/skills/blueprint/SKILL.md +0 -106
  73. package/prisma/skills/brand-discovery/SKILL.md +0 -145
  74. package/prisma/skills/brand-discovery/references/10_purpose-why.md +0 -40
  75. package/prisma/skills/brand-discovery/references/20_positioning.md +0 -44
  76. package/prisma/skills/brand-discovery/references/30_audience-niche.md +0 -52
  77. package/prisma/skills/brand-discovery/references/40_personality-archetype.md +0 -57
  78. package/prisma/skills/brand-discovery/references/50_voice-tone.md +0 -59
  79. package/prisma/skills/brand-discovery/references/60_narrative-story.md +0 -50
  80. package/prisma/skills/brand-discovery/references/70_founder-tension.md +0 -49
  81. package/prisma/skills/brand-discovery/references/90_SYNTHESIS.md +0 -133
  82. package/prisma/skills/brand-voice/SKILL.md +0 -98
  83. package/prisma/skills/brand-voice/references/voice-profile-schema.md +0 -55
  84. package/prisma/skills/browser-qa/SKILL.md +0 -105
  85. package/prisma/skills/bun-runtime/SKILL.md +0 -85
  86. package/prisma/skills/canary-watch/SKILL.md +0 -108
  87. package/prisma/skills/carrier-relationship-management/SKILL.md +0 -212
  88. package/prisma/skills/cisco-ios-patterns/SKILL.md +0 -164
  89. package/prisma/skills/ck/SKILL.md +0 -148
  90. package/prisma/skills/ck/commands/forget.mjs +0 -44
  91. package/prisma/skills/ck/commands/info.mjs +0 -24
  92. package/prisma/skills/ck/commands/init.mjs +0 -143
  93. package/prisma/skills/ck/commands/list.mjs +0 -40
  94. package/prisma/skills/ck/commands/migrate.mjs +0 -202
  95. package/prisma/skills/ck/commands/resume.mjs +0 -36
  96. package/prisma/skills/ck/commands/save.mjs +0 -210
  97. package/prisma/skills/ck/commands/shared.mjs +0 -387
  98. package/prisma/skills/ck/hooks/session-start.mjs +0 -224
  99. package/prisma/skills/claude-devfleet/SKILL.md +0 -112
  100. package/prisma/skills/click-path-audit/SKILL.md +0 -245
  101. package/prisma/skills/clickhouse-io/SKILL.md +0 -440
  102. package/prisma/skills/code-tour/SKILL.md +0 -254
  103. package/prisma/skills/codebase-onboarding/SKILL.md +0 -234
  104. package/prisma/skills/codehealth-mcp/SKILL.md +0 -167
  105. package/prisma/skills/coding-standards/SKILL.md +0 -551
  106. package/prisma/skills/competitive-platform-analysis/SKILL.md +0 -214
  107. package/prisma/skills/competitive-report-structure/SKILL.md +0 -162
  108. package/prisma/skills/compose-multiplatform-patterns/SKILL.md +0 -300
  109. package/prisma/skills/config-gc/SKILL.md +0 -120
  110. package/prisma/skills/configure-ecc/SKILL.md +0 -385
  111. package/prisma/skills/connections-optimizer/SKILL.md +0 -190
  112. package/prisma/skills/content-engine/SKILL.md +0 -132
  113. package/prisma/skills/content-hash-cache-pattern/SKILL.md +0 -162
  114. package/prisma/skills/context-budget/SKILL.md +0 -136
  115. package/prisma/skills/continuous-agent-loop/SKILL.md +0 -46
  116. package/prisma/skills/continuous-learning/SKILL.md +0 -132
  117. package/prisma/skills/continuous-learning/config.json +0 -18
  118. package/prisma/skills/continuous-learning/evaluate-session.sh +0 -69
  119. package/prisma/skills/continuous-learning-v2/SKILL.md +0 -361
  120. package/prisma/skills/continuous-learning-v2/agents/observer-loop.sh +0 -359
  121. package/prisma/skills/continuous-learning-v2/agents/observer.md +0 -189
  122. package/prisma/skills/continuous-learning-v2/agents/session-guardian.sh +0 -150
  123. package/prisma/skills/continuous-learning-v2/agents/start-observer.sh +0 -248
  124. package/prisma/skills/continuous-learning-v2/config.json +0 -8
  125. package/prisma/skills/continuous-learning-v2/hooks/observe.sh +0 -585
  126. package/prisma/skills/continuous-learning-v2/scripts/detect-project.sh +0 -322
  127. package/prisma/skills/continuous-learning-v2/scripts/instinct-cli.py +0 -1956
  128. package/prisma/skills/continuous-learning-v2/scripts/lib/homunculus-dir.sh +0 -31
  129. package/prisma/skills/continuous-learning-v2/scripts/migrate-homunculus.sh +0 -68
  130. package/prisma/skills/continuous-learning-v2/scripts/test_parse_instinct.py +0 -1421
  131. package/prisma/skills/cost-aware-llm-pipeline/SKILL.md +0 -184
  132. package/prisma/skills/cost-tracking/SKILL.md +0 -97
  133. package/prisma/skills/council/SKILL.md +0 -204
  134. package/prisma/skills/cpp-coding-standards/SKILL.md +0 -724
  135. package/prisma/skills/cpp-testing/SKILL.md +0 -325
  136. package/prisma/skills/crosspost/SKILL.md +0 -112
  137. package/prisma/skills/csharp-testing/SKILL.md +0 -322
  138. package/prisma/skills/customer-billing-ops/SKILL.md +0 -141
  139. package/prisma/skills/customs-trade-compliance/SKILL.md +0 -263
  140. package/prisma/skills/dart-flutter-patterns/SKILL.md +0 -564
  141. package/prisma/skills/dashboard-builder/SKILL.md +0 -109
  142. package/prisma/skills/data-scraper-agent/SKILL.md +0 -765
  143. package/prisma/skills/data-throughput-accelerator/SKILL.md +0 -73
  144. package/prisma/skills/database-migrations/SKILL.md +0 -430
  145. package/prisma/skills/deep-research/SKILL.md +0 -160
  146. package/prisma/skills/defi-amm-security/SKILL.md +0 -167
  147. package/prisma/skills/delivery-gate/SKILL.md +0 -126
  148. package/prisma/skills/delivery-gate/hooks/quality-gate.py +0 -220
  149. package/prisma/skills/deployment-patterns/SKILL.md +0 -428
  150. package/prisma/skills/design-system/SKILL.md +0 -83
  151. package/prisma/skills/django-celery/SKILL.md +0 -458
  152. package/prisma/skills/django-patterns/SKILL.md +0 -735
  153. package/prisma/skills/django-security/SKILL.md +0 -644
  154. package/prisma/skills/django-tdd/SKILL.md +0 -730
  155. package/prisma/skills/django-verification/SKILL.md +0 -470
  156. package/prisma/skills/dmux-workflows/SKILL.md +0 -192
  157. package/prisma/skills/docker-patterns/SKILL.md +0 -365
  158. package/prisma/skills/documentation-lookup/SKILL.md +0 -91
  159. package/prisma/skills/dotnet-patterns/SKILL.md +0 -322
  160. package/prisma/skills/dynamic-workflow-mode/SKILL.md +0 -124
  161. package/prisma/skills/e2e-testing/SKILL.md +0 -327
  162. package/prisma/skills/ecc-guide/SKILL.md +0 -190
  163. package/prisma/skills/ecc-recipes/SKILL.md +0 -149
  164. package/prisma/skills/ecc-tools-cost-audit/SKILL.md +0 -161
  165. package/prisma/skills/email-ops/SKILL.md +0 -122
  166. package/prisma/skills/energy-procurement/SKILL.md +0 -228
  167. package/prisma/skills/enterprise-agent-ops/SKILL.md +0 -51
  168. package/prisma/skills/error-handling/SKILL.md +0 -377
  169. package/prisma/skills/eval-harness/SKILL.md +0 -271
  170. package/prisma/skills/evm-token-decimals/SKILL.md +0 -131
  171. package/prisma/skills/exa-search/SKILL.md +0 -108
  172. package/prisma/skills/fal-ai-media/SKILL.md +0 -289
  173. package/prisma/skills/fastapi-patterns/SKILL.md +0 -514
  174. package/prisma/skills/finance-billing-ops/SKILL.md +0 -128
  175. package/prisma/skills/flox-environments/SKILL.md +0 -497
  176. package/prisma/skills/flutter-dart-code-review/SKILL.md +0 -436
  177. package/prisma/skills/foundation-models-on-device/SKILL.md +0 -243
  178. package/prisma/skills/frontend-a11y/SKILL.md +0 -446
  179. package/prisma/skills/frontend-design-direction/SKILL.md +0 -93
  180. package/prisma/skills/frontend-patterns/SKILL.md +0 -657
  181. package/prisma/skills/frontend-slides/SKILL.md +0 -185
  182. package/prisma/skills/frontend-slides/STYLE_PRESETS.md +0 -330
  183. package/prisma/skills/frontend-slides/animation-patterns.md +0 -122
  184. package/prisma/skills/frontend-slides/html-template.md +0 -419
  185. package/prisma/skills/frontend-slides/scripts/export-pdf.sh +0 -418
  186. package/prisma/skills/frontend-slides/scripts/extract-pptx.py +0 -96
  187. package/prisma/skills/frontend-slides/viewport-base.css +0 -153
  188. package/prisma/skills/fsharp-testing/SKILL.md +0 -281
  189. package/prisma/skills/gan-style-harness/SKILL.md +0 -279
  190. package/prisma/skills/gateguard/SKILL.md +0 -133
  191. package/prisma/skills/generating-python-installer/SKILL.md +0 -820
  192. package/prisma/skills/git-workflow/SKILL.md +0 -716
  193. package/prisma/skills/github-ops/SKILL.md +0 -145
  194. package/prisma/skills/golang-patterns/SKILL.md +0 -675
  195. package/prisma/skills/golang-testing/SKILL.md +0 -721
  196. package/prisma/skills/google-workspace-ops/SKILL.md +0 -96
  197. package/prisma/skills/growth-log/SKILL.md +0 -128
  198. package/prisma/skills/healthcare-cdss-patterns/SKILL.md +0 -246
  199. package/prisma/skills/healthcare-emr-patterns/SKILL.md +0 -160
  200. package/prisma/skills/healthcare-eval-harness/SKILL.md +0 -208
  201. package/prisma/skills/healthcare-phi-compliance/SKILL.md +0 -146
  202. package/prisma/skills/hermes-imports/SKILL.md +0 -89
  203. package/prisma/skills/hexagonal-architecture/SKILL.md +0 -277
  204. package/prisma/skills/hipaa-compliance/SKILL.md +0 -79
  205. package/prisma/skills/homelab-network-readiness/SKILL.md +0 -170
  206. package/prisma/skills/homelab-network-setup/SKILL.md +0 -130
  207. package/prisma/skills/homelab-pihole-dns/SKILL.md +0 -275
  208. package/prisma/skills/homelab-vlan-segmentation/SKILL.md +0 -312
  209. package/prisma/skills/homelab-wireguard-vpn/SKILL.md +0 -306
  210. package/prisma/skills/hookify-rules/SKILL.md +0 -128
  211. package/prisma/skills/inherit-legacy-style/SKILL.md +0 -157
  212. package/prisma/skills/intent-driven-development/SKILL.md +0 -360
  213. package/prisma/skills/inventory-demand-planning/SKILL.md +0 -247
  214. package/prisma/skills/investor-materials/SKILL.md +0 -97
  215. package/prisma/skills/investor-outreach/SKILL.md +0 -92
  216. package/prisma/skills/ios-icon-gen/SKILL.md +0 -158
  217. package/prisma/skills/ios-icon-gen/scripts/generate_icons.swift +0 -258
  218. package/prisma/skills/ios-icon-gen/scripts/iconify_gen.sh +0 -235
  219. package/prisma/skills/iterative-retrieval/SKILL.md +0 -212
  220. package/prisma/skills/ito-basket-compare/SKILL.md +0 -64
  221. package/prisma/skills/ito-data-atlas-agent/SKILL.md +0 -64
  222. package/prisma/skills/ito-market-intelligence/SKILL.md +0 -61
  223. package/prisma/skills/ito-trade-planner/SKILL.md +0 -68
  224. package/prisma/skills/java-coding-standards/SKILL.md +0 -384
  225. package/prisma/skills/jira-integration/SKILL.md +0 -303
  226. package/prisma/skills/jpa-patterns/SKILL.md +0 -152
  227. package/prisma/skills/knowledge-ops/SKILL.md +0 -155
  228. package/prisma/skills/kotlin-coroutines-flows/SKILL.md +0 -285
  229. package/prisma/skills/kotlin-exposed-patterns/SKILL.md +0 -720
  230. package/prisma/skills/kotlin-ktor-patterns/SKILL.md +0 -690
  231. package/prisma/skills/kotlin-patterns/SKILL.md +0 -712
  232. package/prisma/skills/kotlin-testing/SKILL.md +0 -825
  233. package/prisma/skills/kubernetes-patterns/SKILL.md +0 -756
  234. package/prisma/skills/laravel-patterns/SKILL.md +0 -416
  235. package/prisma/skills/laravel-plugin-discovery/SKILL.md +0 -230
  236. package/prisma/skills/laravel-security/SKILL.md +0 -948
  237. package/prisma/skills/laravel-tdd/SKILL.md +0 -675
  238. package/prisma/skills/laravel-verification/SKILL.md +0 -180
  239. package/prisma/skills/latency-critical-systems/SKILL.md +0 -74
  240. package/prisma/skills/lead-intelligence/SKILL.md +0 -322
  241. package/prisma/skills/lead-intelligence/agents/enrichment-agent.md +0 -85
  242. package/prisma/skills/lead-intelligence/agents/mutual-mapper.md +0 -75
  243. package/prisma/skills/lead-intelligence/agents/outreach-drafter.md +0 -98
  244. package/prisma/skills/lead-intelligence/agents/signal-scorer.md +0 -60
  245. package/prisma/skills/liquid-glass-design/SKILL.md +0 -279
  246. package/prisma/skills/llm-trading-agent-security/SKILL.md +0 -147
  247. package/prisma/skills/logistics-exception-management/SKILL.md +0 -222
  248. package/prisma/skills/loop-design-check/SKILL.md +0 -143
  249. package/prisma/skills/mailtrap-email-integration/SKILL.md +0 -77
  250. package/prisma/skills/make-interfaces-feel-better/SKILL.md +0 -152
  251. package/prisma/skills/manim-video/SKILL.md +0 -90
  252. package/prisma/skills/manim-video/assets/network_graph_scene.py +0 -52
  253. package/prisma/skills/market-research/SKILL.md +0 -76
  254. package/prisma/skills/marketing-campaign/SKILL.md +0 -114
  255. package/prisma/skills/mcp-server-patterns/SKILL.md +0 -70
  256. package/prisma/skills/messages-ops/SKILL.md +0 -105
  257. package/prisma/skills/ml-adoption-playbook/SKILL.md +0 -57
  258. package/prisma/skills/mle-workflow/SKILL.md +0 -347
  259. package/prisma/skills/motion-advanced/SKILL.md +0 -596
  260. package/prisma/skills/motion-foundations/SKILL.md +0 -299
  261. package/prisma/skills/motion-patterns/SKILL.md +0 -434
  262. package/prisma/skills/motion-ui/SKILL.md +0 -576
  263. package/prisma/skills/mysql-patterns/SKILL.md +0 -413
  264. package/prisma/skills/nanoclaw-repl/SKILL.md +0 -34
  265. package/prisma/skills/nestjs-patterns/SKILL.md +0 -231
  266. package/prisma/skills/netmiko-ssh-automation/SKILL.md +0 -174
  267. package/prisma/skills/network-bgp-diagnostics/SKILL.md +0 -168
  268. package/prisma/skills/network-config-validation/SKILL.md +0 -211
  269. package/prisma/skills/network-interface-health/SKILL.md +0 -153
  270. package/prisma/skills/nextjs-turbopack/SKILL.md +0 -58
  271. package/prisma/skills/nodejs-keccak256/SKILL.md +0 -103
  272. package/prisma/skills/nutrient-document-processing/SKILL.md +0 -168
  273. package/prisma/skills/nuxt4-patterns/SKILL.md +0 -101
  274. package/prisma/skills/openclaw-persona-forge/SKILL.md +0 -289
  275. package/prisma/skills/openclaw-persona-forge/gacha.py +0 -224
  276. package/prisma/skills/openclaw-persona-forge/gacha.sh +0 -5
  277. package/prisma/skills/openclaw-persona-forge/references/avatar-style.md +0 -124
  278. package/prisma/skills/openclaw-persona-forge/references/boundary-rules.md +0 -53
  279. package/prisma/skills/openclaw-persona-forge/references/error-handling.md +0 -53
  280. package/prisma/skills/openclaw-persona-forge/references/identity-tension.md +0 -48
  281. package/prisma/skills/openclaw-persona-forge/references/naming-system.md +0 -39
  282. package/prisma/skills/openclaw-persona-forge/references/output-template.md +0 -166
  283. package/prisma/skills/opensource-pipeline/SKILL.md +0 -256
  284. package/prisma/skills/orch-add-feature/SKILL.md +0 -45
  285. package/prisma/skills/orch-build-mvp/SKILL.md +0 -49
  286. package/prisma/skills/orch-change-feature/SKILL.md +0 -43
  287. package/prisma/skills/orch-fix-defect/SKILL.md +0 -43
  288. package/prisma/skills/orch-pipeline/SKILL.md +0 -121
  289. package/prisma/skills/orch-refine-code/SKILL.md +0 -44
  290. package/prisma/skills/parallel-execution-optimizer/SKILL.md +0 -73
  291. package/prisma/skills/perl-patterns/SKILL.md +0 -505
  292. package/prisma/skills/perl-security/SKILL.md +0 -504
  293. package/prisma/skills/perl-testing/SKILL.md +0 -476
  294. package/prisma/skills/plan-orchestrate/SKILL.md +0 -263
  295. package/prisma/skills/plankton-code-quality/SKILL.md +0 -237
  296. package/prisma/skills/postgres-patterns/SKILL.md +0 -148
  297. package/prisma/skills/prediction-market-oracle-research/SKILL.md +0 -64
  298. package/prisma/skills/prediction-market-risk-review/SKILL.md +0 -61
  299. package/prisma/skills/prisma-patterns/SKILL.md +0 -401
  300. package/prisma/skills/product-capability/SKILL.md +0 -142
  301. package/prisma/skills/product-lens/SKILL.md +0 -93
  302. package/prisma/skills/production-audit/SKILL.md +0 -207
  303. package/prisma/skills/production-scheduling/SKILL.md +0 -238
  304. package/prisma/skills/project-flow-ops/SKILL.md +0 -112
  305. package/prisma/skills/prompt-optimizer/SKILL.md +0 -398
  306. package/prisma/skills/python-patterns/SKILL.md +0 -751
  307. package/prisma/skills/python-testing/SKILL.md +0 -817
  308. package/prisma/skills/pytorch-patterns/SKILL.md +0 -397
  309. package/prisma/skills/quality-nonconformance/SKILL.md +0 -260
  310. package/prisma/skills/quarkus-patterns/SKILL.md +0 -723
  311. package/prisma/skills/quarkus-security/SKILL.md +0 -468
  312. package/prisma/skills/quarkus-tdd/SKILL.md +0 -812
  313. package/prisma/skills/quarkus-verification/SKILL.md +0 -480
  314. package/prisma/skills/ralphinho-rfc-pipeline/SKILL.md +0 -68
  315. package/prisma/skills/react-native-patterns/SKILL.md +0 -326
  316. package/prisma/skills/react-patterns/SKILL.md +0 -342
  317. package/prisma/skills/react-performance/SKILL.md +0 -575
  318. package/prisma/skills/react-testing/SKILL.md +0 -424
  319. package/prisma/skills/recsys-pipeline-architect/SKILL.md +0 -115
  320. package/prisma/skills/recursive-decision-ledger/SKILL.md +0 -80
  321. package/prisma/skills/redis-patterns/SKILL.md +0 -404
  322. package/prisma/skills/regex-vs-llm-structured-text/SKILL.md +0 -221
  323. package/prisma/skills/remotion-video-creation/SKILL.md +0 -43
  324. package/prisma/skills/remotion-video-creation/rules/3d.md +0 -86
  325. package/prisma/skills/remotion-video-creation/rules/animations.md +0 -29
  326. package/prisma/skills/remotion-video-creation/rules/assets/charts-bar-chart.tsx +0 -173
  327. package/prisma/skills/remotion-video-creation/rules/assets/text-animations-typewriter.tsx +0 -100
  328. package/prisma/skills/remotion-video-creation/rules/assets/text-animations-word-highlight.tsx +0 -108
  329. package/prisma/skills/remotion-video-creation/rules/assets.md +0 -78
  330. package/prisma/skills/remotion-video-creation/rules/audio.md +0 -172
  331. package/prisma/skills/remotion-video-creation/rules/calculate-metadata.md +0 -104
  332. package/prisma/skills/remotion-video-creation/rules/can-decode.md +0 -75
  333. package/prisma/skills/remotion-video-creation/rules/charts.md +0 -58
  334. package/prisma/skills/remotion-video-creation/rules/compositions.md +0 -146
  335. package/prisma/skills/remotion-video-creation/rules/display-captions.md +0 -126
  336. package/prisma/skills/remotion-video-creation/rules/extract-frames.md +0 -229
  337. package/prisma/skills/remotion-video-creation/rules/fonts.md +0 -152
  338. package/prisma/skills/remotion-video-creation/rules/get-audio-duration.md +0 -58
  339. package/prisma/skills/remotion-video-creation/rules/get-video-dimensions.md +0 -68
  340. package/prisma/skills/remotion-video-creation/rules/get-video-duration.md +0 -58
  341. package/prisma/skills/remotion-video-creation/rules/gifs.md +0 -138
  342. package/prisma/skills/remotion-video-creation/rules/images.md +0 -130
  343. package/prisma/skills/remotion-video-creation/rules/import-srt-captions.md +0 -67
  344. package/prisma/skills/remotion-video-creation/rules/lottie.md +0 -67
  345. package/prisma/skills/remotion-video-creation/rules/measuring-dom-nodes.md +0 -34
  346. package/prisma/skills/remotion-video-creation/rules/measuring-text.md +0 -143
  347. package/prisma/skills/remotion-video-creation/rules/sequencing.md +0 -106
  348. package/prisma/skills/remotion-video-creation/rules/tailwind.md +0 -11
  349. package/prisma/skills/remotion-video-creation/rules/text-animations.md +0 -20
  350. package/prisma/skills/remotion-video-creation/rules/timing.md +0 -179
  351. package/prisma/skills/remotion-video-creation/rules/transcribe-captions.md +0 -19
  352. package/prisma/skills/remotion-video-creation/rules/transitions.md +0 -122
  353. package/prisma/skills/remotion-video-creation/rules/trimming.md +0 -52
  354. package/prisma/skills/remotion-video-creation/rules/videos.md +0 -171
  355. package/prisma/skills/repo-scan/SKILL.md +0 -79
  356. package/prisma/skills/research-ops/SKILL.md +0 -113
  357. package/prisma/skills/returns-reverse-logistics/SKILL.md +0 -240
  358. package/prisma/skills/rules-distill/SKILL.md +0 -265
  359. package/prisma/skills/rules-distill/scripts/scan-rules.sh +0 -58
  360. package/prisma/skills/rules-distill/scripts/scan-skills.sh +0 -129
  361. package/prisma/skills/rust-patterns/SKILL.md +0 -500
  362. package/prisma/skills/rust-testing/SKILL.md +0 -501
  363. package/prisma/skills/safety-guard/SKILL.md +0 -76
  364. package/prisma/skills/santa-method/SKILL.md +0 -307
  365. package/prisma/skills/scientific-db-pubmed-database/SKILL.md +0 -176
  366. package/prisma/skills/scientific-db-uspto-database/SKILL.md +0 -178
  367. package/prisma/skills/scientific-pkg-gget/SKILL.md +0 -167
  368. package/prisma/skills/scientific-thinking-literature-review/SKILL.md +0 -193
  369. package/prisma/skills/scientific-thinking-scholar-evaluation/SKILL.md +0 -161
  370. package/prisma/skills/search-first/SKILL.md +0 -183
  371. package/prisma/skills/security-bounty-hunter/SKILL.md +0 -100
  372. package/prisma/skills/security-review/SKILL.md +0 -504
  373. package/prisma/skills/security-review/cloud-infrastructure-security.md +0 -361
  374. package/prisma/skills/security-scan/SKILL.md +0 -166
  375. package/prisma/skills/seo/SKILL.md +0 -155
  376. package/prisma/skills/skill-comply/SKILL.md +0 -59
  377. package/prisma/skills/skill-comply/fixtures/compliant_trace.jsonl +0 -5
  378. package/prisma/skills/skill-comply/fixtures/noncompliant_trace.jsonl +0 -3
  379. package/prisma/skills/skill-comply/fixtures/tdd_spec.yaml +0 -44
  380. package/prisma/skills/skill-comply/prompts/classifier.md +0 -24
  381. package/prisma/skills/skill-comply/prompts/scenario_generator.md +0 -62
  382. package/prisma/skills/skill-comply/prompts/spec_generator.md +0 -42
  383. package/prisma/skills/skill-comply/pyproject.toml +0 -15
  384. package/prisma/skills/skill-comply/scripts/__init__.py +0 -0
  385. package/prisma/skills/skill-comply/scripts/classifier.py +0 -85
  386. package/prisma/skills/skill-comply/scripts/grader.py +0 -124
  387. package/prisma/skills/skill-comply/scripts/parser.py +0 -107
  388. package/prisma/skills/skill-comply/scripts/report.py +0 -170
  389. package/prisma/skills/skill-comply/scripts/run.py +0 -127
  390. package/prisma/skills/skill-comply/scripts/runner.py +0 -194
  391. package/prisma/skills/skill-comply/scripts/scenario_generator.py +0 -70
  392. package/prisma/skills/skill-comply/scripts/spec_generator.py +0 -72
  393. package/prisma/skills/skill-comply/scripts/utils.py +0 -13
  394. package/prisma/skills/skill-comply/tests/test_grader.py +0 -197
  395. package/prisma/skills/skill-comply/tests/test_parser.py +0 -90
  396. package/prisma/skills/skill-comply/tests/test_runner.py +0 -172
  397. package/prisma/skills/skill-scout/SKILL.md +0 -141
  398. package/prisma/skills/skill-stocktake/SKILL.md +0 -195
  399. package/prisma/skills/skill-stocktake/scripts/quick-diff.sh +0 -87
  400. package/prisma/skills/skill-stocktake/scripts/save-results.sh +0 -56
  401. package/prisma/skills/skill-stocktake/scripts/scan.sh +0 -170
  402. package/prisma/skills/social-graph-ranker/SKILL.md +0 -155
  403. package/prisma/skills/social-publisher/SKILL.md +0 -130
  404. package/prisma/skills/springboot-patterns/SKILL.md +0 -315
  405. package/prisma/skills/springboot-security/SKILL.md +0 -273
  406. package/prisma/skills/springboot-tdd/SKILL.md +0 -159
  407. package/prisma/skills/springboot-verification/SKILL.md +0 -232
  408. package/prisma/skills/strategic-compact/SKILL.md +0 -136
  409. package/prisma/skills/swift-actor-persistence/SKILL.md +0 -144
  410. package/prisma/skills/swift-concurrency-6-2/SKILL.md +0 -216
  411. package/prisma/skills/swift-protocol-di-testing/SKILL.md +0 -191
  412. package/prisma/skills/swiftui-patterns/SKILL.md +0 -259
  413. package/prisma/skills/taste/SKILL.md +0 -264
  414. package/prisma/skills/taste/references/genre-taxonomy.md +0 -87
  415. package/prisma/skills/tdd-workflow/SKILL.md +0 -583
  416. package/prisma/skills/team-agent-orchestration/SKILL.md +0 -111
  417. package/prisma/skills/team-builder/SKILL.md +0 -169
  418. package/prisma/skills/terminal-ops/SKILL.md +0 -110
  419. package/prisma/skills/tinystruct-patterns/SKILL.md +0 -279
  420. package/prisma/skills/tinystruct-patterns/references/architecture.md +0 -90
  421. package/prisma/skills/tinystruct-patterns/references/data-handling.md +0 -60
  422. package/prisma/skills/tinystruct-patterns/references/database.md +0 -99
  423. package/prisma/skills/tinystruct-patterns/references/routing.md +0 -64
  424. package/prisma/skills/tinystruct-patterns/references/system-usage.md +0 -97
  425. package/prisma/skills/tinystruct-patterns/references/testing.md +0 -72
  426. package/prisma/skills/token-budget-advisor/SKILL.md +0 -134
  427. package/prisma/skills/ui-demo/SKILL.md +0 -466
  428. package/prisma/skills/ui-to-vue/SKILL.md +0 -135
  429. package/prisma/skills/uncloud/SKILL.md +0 -344
  430. package/prisma/skills/unified-notifications-ops/SKILL.md +0 -188
  431. package/prisma/skills/verification-loop/SKILL.md +0 -127
  432. package/prisma/skills/video-editing/SKILL.md +0 -311
  433. package/prisma/skills/videodb/SKILL.md +0 -375
  434. package/prisma/skills/videodb/reference/api-reference.md +0 -550
  435. package/prisma/skills/videodb/reference/capture-reference.md +0 -407
  436. package/prisma/skills/videodb/reference/capture.md +0 -101
  437. package/prisma/skills/videodb/reference/editor.md +0 -443
  438. package/prisma/skills/videodb/reference/generative.md +0 -331
  439. package/prisma/skills/videodb/reference/rtstream-reference.md +0 -564
  440. package/prisma/skills/videodb/reference/rtstream.md +0 -65
  441. package/prisma/skills/videodb/reference/search.md +0 -230
  442. package/prisma/skills/videodb/reference/streaming.md +0 -406
  443. package/prisma/skills/videodb/reference/use-cases.md +0 -118
  444. package/prisma/skills/videodb/scripts/ws_listener.py +0 -282
  445. package/prisma/skills/visa-doc-translate/README.md +0 -86
  446. package/prisma/skills/visa-doc-translate/SKILL.md +0 -117
  447. package/prisma/skills/vite-patterns/SKILL.md +0 -450
  448. package/prisma/skills/vue-patterns/SKILL.md +0 -471
  449. package/prisma/skills/windows-desktop-e2e/SKILL.md +0 -888
  450. package/prisma/skills/workspace-surface-audit/SKILL.md +0 -126
  451. package/prisma/skills/x-api/SKILL.md +0 -235
@@ -1,130 +0,0 @@
1
- ---
2
- name: social-publisher
3
- description: Agent-driven scheduling and publishing of social media posts across 13 platforms via SocialClaw. Use when the user wants to publish to X, LinkedIn, Instagram, Facebook Pages, TikTok, Discord, Telegram, YouTube, Reddit, WordPress, or Pinterest — or when managing campaigns, uploading media, or monitoring post delivery status.
4
- metadata:
5
- origin: community
6
- ---
7
-
8
- # Social Publisher (SocialClaw)
9
-
10
- Connects Claude Code to [SocialClaw](https://getsocialclaw.com) for agent-driven social media publishing across 13 platforms through a single workspace API key.
11
-
12
- ## When to Activate
13
-
14
- - publish content to X, LinkedIn, Instagram, TikTok, or other platforms
15
- - schedule a post campaign across multiple platforms at once
16
- - upload media for use in social posts
17
- - validate a post schedule before going live
18
- - monitor publishing run status and delivery analytics
19
-
20
- ## Setup
21
-
22
- ```bash
23
- # Required: workspace API key from https://getsocialclaw.com/dashboard
24
- export SC_API_KEY="<workspace-key>"
25
-
26
- # Verify access
27
- printf 'header = "Authorization: Bearer %s"\n' "$SC_API_KEY" |
28
- curl -sS -K - https://getsocialclaw.com/v1/keys/validate
29
-
30
- # Install CLI (optional but recommended)
31
- npm install -g socialclaw@0.1.12
32
- socialclaw login --api-key <workspace-key>
33
- ```
34
-
35
- ## Core Workflow
36
-
37
- ### 1. List connected accounts
38
- ```bash
39
- socialclaw accounts list --json
40
- ```
41
-
42
- If not connected:
43
- ```bash
44
- socialclaw accounts connect --provider x --open
45
- socialclaw accounts connect --provider linkedin --open
46
- ```
47
-
48
- ### 2. Upload media (optional)
49
- ```bash
50
- socialclaw assets upload --file ./image.png --json
51
- # → { "asset_id": "..." }
52
- ```
53
-
54
- ### 3. Build schedule.json
55
- ```json
56
- {
57
- "posts": [
58
- {
59
- "provider": "x",
60
- "account_id": "<account-id>",
61
- "text": "Post text here",
62
- "scheduled_at": "2026-06-01T10:00:00Z"
63
- }
64
- ]
65
- }
66
- ```
67
-
68
- ### Optional X/Twitter evidence packet
69
-
70
- Before building an X schedule, collect a source packet when the campaign depends on live audience signals rather than the draft alone.
71
-
72
- For OpenClaw users who have already approved TweetClaw in their dependency policy, use the pinned package as a separate evidence source:
73
-
74
- ```bash
75
- openclaw plugins install npm:@xquik/tweetclaw@1.6.31
76
- ```
77
-
78
- Use it for public tweet search, reply search, follower export, user lookup, media review, monitors, or giveaway evidence. Keep the output as research input for `schedule.json`; SocialClaw remains responsible for validation, scheduling, publishing, and delivery status. Store TweetClaw credentials in its plugin config, not in `SC_API_KEY`, schedule files, or campaign assets. Do not install it as a default ECC or SocialClaw dependency.
79
-
80
- ### 4. Validate before publishing
81
- ```bash
82
- socialclaw validate -f schedule.json --json
83
- ```
84
-
85
- ### 5. Publish
86
- ```bash
87
- socialclaw apply -f schedule.json --json
88
- # → { "run_id": "..." }
89
- ```
90
-
91
- ### 6. Monitor
92
- ```bash
93
- socialclaw status --run-id <run-id> --json
94
- socialclaw posts list --json
95
- ```
96
-
97
- ## Supported Providers
98
-
99
- | Provider | Key |
100
- |----------|-----|
101
- | X (Twitter) | `x` |
102
- | LinkedIn profile | `linkedin` |
103
- | LinkedIn page | `linkedin_page` |
104
- | Instagram Business | `instagram_business` |
105
- | Instagram standalone | `instagram` |
106
- | Facebook Page | `facebook` |
107
- | TikTok | `tiktok` |
108
- | YouTube | `youtube` |
109
- | Reddit | `reddit` |
110
- | WordPress | `wordpress` |
111
- | Discord | `discord` |
112
- | Telegram | `telegram` |
113
- | Pinterest | `pinterest` |
114
-
115
- ## Security
116
-
117
- - Outbound requests go to `getsocialclaw.com` only
118
- - Provider OAuth is in the SocialClaw dashboard — no per-provider secrets exposed to the agent
119
- - `SC_API_KEY` is a workspace-scoped key
120
-
121
- ## Related Skills
122
-
123
- - `x-api` — direct X/Twitter API operations
124
- - `social-graph-ranker` — network analysis for outreach targeting
125
- - `TweetClaw` - optional approved OpenClaw X/Twitter source evidence before SocialClaw scheduling
126
-
127
- ## Source
128
-
129
- - npm: `npm install -g socialclaw@0.1.12`
130
- - Dashboard: [SocialClaw dashboard](https://getsocialclaw.com/dashboard)
@@ -1,315 +0,0 @@
1
- ---
2
- name: springboot-patterns
3
- description: Spring Boot architecture patterns, REST API design, layered services, data access, caching, async processing, and logging. Use for Java Spring Boot backend work.
4
- metadata:
5
- origin: ECC
6
- ---
7
-
8
- # Spring Boot Development Patterns
9
-
10
- Spring Boot architecture and API patterns for scalable, production-grade services.
11
-
12
- ## When to Activate
13
-
14
- - Building REST APIs with Spring MVC or WebFlux
15
- - Structuring controller → service → repository layers
16
- - Configuring Spring Data JPA, caching, or async processing
17
- - Adding validation, exception handling, or pagination
18
- - Setting up profiles for dev/staging/production environments
19
- - Implementing event-driven patterns with Spring Events or Kafka
20
-
21
- ## REST API Structure
22
-
23
- ```java
24
- @RestController
25
- @RequestMapping("/api/markets")
26
- @Validated
27
- class MarketController {
28
- private final MarketService marketService;
29
-
30
- MarketController(MarketService marketService) {
31
- this.marketService = marketService;
32
- }
33
-
34
- @GetMapping
35
- ResponseEntity<Page<MarketResponse>> list(
36
- @RequestParam(defaultValue = "0") int page,
37
- @RequestParam(defaultValue = "20") int size) {
38
- Page<Market> markets = marketService.list(PageRequest.of(page, size));
39
- return ResponseEntity.ok(markets.map(MarketResponse::from));
40
- }
41
-
42
- @PostMapping
43
- ResponseEntity<MarketResponse> create(@Valid @RequestBody CreateMarketRequest request) {
44
- Market market = marketService.create(request);
45
- return ResponseEntity.status(HttpStatus.CREATED).body(MarketResponse.from(market));
46
- }
47
- }
48
- ```
49
-
50
- ## Repository Pattern (Spring Data JPA)
51
-
52
- ```java
53
- public interface MarketRepository extends JpaRepository<MarketEntity, Long> {
54
- @Query("select m from MarketEntity m where m.status = :status order by m.volume desc")
55
- List<MarketEntity> findActive(@Param("status") MarketStatus status, Pageable pageable);
56
- }
57
- ```
58
-
59
- ## Service Layer with Transactions
60
-
61
- ```java
62
- @Service
63
- public class MarketService {
64
- private final MarketRepository repo;
65
-
66
- public MarketService(MarketRepository repo) {
67
- this.repo = repo;
68
- }
69
-
70
- @Transactional
71
- public Market create(CreateMarketRequest request) {
72
- MarketEntity entity = MarketEntity.from(request);
73
- MarketEntity saved = repo.save(entity);
74
- return Market.from(saved);
75
- }
76
- }
77
- ```
78
-
79
- ## DTOs and Validation
80
-
81
- ```java
82
- public record CreateMarketRequest(
83
- @NotBlank @Size(max = 200) String name,
84
- @NotBlank @Size(max = 2000) String description,
85
- @NotNull @FutureOrPresent Instant endDate,
86
- @NotEmpty List<@NotBlank String> categories) {}
87
-
88
- public record MarketResponse(Long id, String name, MarketStatus status) {
89
- static MarketResponse from(Market market) {
90
- return new MarketResponse(market.id(), market.name(), market.status());
91
- }
92
- }
93
- ```
94
-
95
- ## Exception Handling
96
-
97
- ```java
98
- @ControllerAdvice
99
- class GlobalExceptionHandler {
100
- @ExceptionHandler(MethodArgumentNotValidException.class)
101
- ResponseEntity<ApiError> handleValidation(MethodArgumentNotValidException ex) {
102
- String message = ex.getBindingResult().getFieldErrors().stream()
103
- .map(e -> e.getField() + ": " + e.getDefaultMessage())
104
- .collect(Collectors.joining(", "));
105
- return ResponseEntity.badRequest().body(ApiError.validation(message));
106
- }
107
-
108
- @ExceptionHandler(AccessDeniedException.class)
109
- ResponseEntity<ApiError> handleAccessDenied() {
110
- return ResponseEntity.status(HttpStatus.FORBIDDEN).body(ApiError.of("Forbidden"));
111
- }
112
-
113
- @ExceptionHandler(Exception.class)
114
- ResponseEntity<ApiError> handleGeneric(Exception ex) {
115
- // Log unexpected errors with stack traces
116
- return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR)
117
- .body(ApiError.of("Internal server error"));
118
- }
119
- }
120
- ```
121
-
122
- ## Caching
123
-
124
- Requires `@EnableCaching` on a configuration class.
125
-
126
- ```java
127
- @Service
128
- public class MarketCacheService {
129
- private final MarketRepository repo;
130
-
131
- public MarketCacheService(MarketRepository repo) {
132
- this.repo = repo;
133
- }
134
-
135
- @Cacheable(value = "market", key = "#id")
136
- public Market getById(Long id) {
137
- return repo.findById(id)
138
- .map(Market::from)
139
- .orElseThrow(() -> new EntityNotFoundException("Market not found"));
140
- }
141
-
142
- @CacheEvict(value = "market", key = "#id")
143
- public void evict(Long id) {}
144
- }
145
- ```
146
-
147
- ## Async Processing
148
-
149
- Requires `@EnableAsync` on a configuration class.
150
-
151
- ```java
152
- @Service
153
- public class NotificationService {
154
- @Async
155
- public CompletableFuture<Void> sendAsync(Notification notification) {
156
- // send email/SMS
157
- return CompletableFuture.completedFuture(null);
158
- }
159
- }
160
- ```
161
-
162
- ## Logging (SLF4J)
163
-
164
- ```java
165
- @Service
166
- public class ReportService {
167
- private static final Logger log = LoggerFactory.getLogger(ReportService.class);
168
-
169
- public Report generate(Long marketId) {
170
- log.info("generate_report marketId={}", marketId);
171
- try {
172
- // logic
173
- } catch (Exception ex) {
174
- log.error("generate_report_failed marketId={}", marketId, ex);
175
- throw ex;
176
- }
177
- return new Report();
178
- }
179
- }
180
- ```
181
-
182
- ## Middleware / Filters
183
-
184
- ```java
185
- @Component
186
- public class RequestLoggingFilter extends OncePerRequestFilter {
187
- private static final Logger log = LoggerFactory.getLogger(RequestLoggingFilter.class);
188
-
189
- @Override
190
- protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
191
- FilterChain filterChain) throws ServletException, IOException {
192
- long start = System.currentTimeMillis();
193
- try {
194
- filterChain.doFilter(request, response);
195
- } finally {
196
- long duration = System.currentTimeMillis() - start;
197
- log.info("req method={} uri={} status={} durationMs={}",
198
- request.getMethod(), request.getRequestURI(), response.getStatus(), duration);
199
- }
200
- }
201
- }
202
- ```
203
-
204
- ## Pagination and Sorting
205
-
206
- ```java
207
- PageRequest page = PageRequest.of(pageNumber, pageSize, Sort.by("createdAt").descending());
208
- Page<Market> results = marketService.list(page);
209
- ```
210
-
211
- ## Error-Resilient External Calls
212
-
213
- ```java
214
- public <T> T withRetry(Supplier<T> supplier, int maxRetries) {
215
- int attempts = 0;
216
- while (true) {
217
- try {
218
- return supplier.get();
219
- } catch (Exception ex) {
220
- attempts++;
221
- if (attempts >= maxRetries) {
222
- throw ex;
223
- }
224
- try {
225
- Thread.sleep((long) Math.pow(2, attempts) * 100L);
226
- } catch (InterruptedException ie) {
227
- Thread.currentThread().interrupt();
228
- throw ex;
229
- }
230
- }
231
- }
232
- }
233
- ```
234
-
235
- ## Rate Limiting (Filter + Bucket4j)
236
-
237
- **Security Note**: The `X-Forwarded-For` header is untrusted by default because clients can spoof it.
238
- Only use forwarded headers when:
239
- 1. Your app is behind a trusted reverse proxy (nginx, AWS ALB, etc.)
240
- 2. You have registered `ForwardedHeaderFilter` as a bean
241
- 3. You have configured `server.forward-headers-strategy=NATIVE` or `FRAMEWORK` in application properties
242
- 4. Your proxy is configured to overwrite (not append to) the `X-Forwarded-For` header
243
-
244
- When `ForwardedHeaderFilter` is properly configured, `request.getRemoteAddr()` will automatically
245
- return the correct client IP from the forwarded headers. Without this configuration, use
246
- `request.getRemoteAddr()` directly—it returns the immediate connection IP, which is the only
247
- trustworthy value.
248
-
249
- ```java
250
- @Component
251
- public class RateLimitFilter extends OncePerRequestFilter {
252
- private final Map<String, Bucket> buckets = new ConcurrentHashMap<>();
253
-
254
- /*
255
- * SECURITY: This filter uses request.getRemoteAddr() to identify clients for rate limiting.
256
- *
257
- * If your application is behind a reverse proxy (nginx, AWS ALB, etc.), you MUST configure
258
- * Spring to handle forwarded headers properly for accurate client IP detection:
259
- *
260
- * 1. Set server.forward-headers-strategy=NATIVE (for cloud platforms) or FRAMEWORK in
261
- * application.properties/yaml
262
- * 2. If using FRAMEWORK strategy, register ForwardedHeaderFilter:
263
- *
264
- * @Bean
265
- * ForwardedHeaderFilter forwardedHeaderFilter() {
266
- * return new ForwardedHeaderFilter();
267
- * }
268
- *
269
- * 3. Ensure your proxy overwrites (not appends) the X-Forwarded-For header to prevent spoofing
270
- * 4. Configure server.tomcat.remoteip.trusted-proxies or equivalent for your container
271
- *
272
- * Without this configuration, request.getRemoteAddr() returns the proxy IP, not the client IP.
273
- * Do NOT read X-Forwarded-For directly—it is trivially spoofable without trusted proxy handling.
274
- */
275
- @Override
276
- protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
277
- FilterChain filterChain) throws ServletException, IOException {
278
- // Use getRemoteAddr() which returns the correct client IP when ForwardedHeaderFilter
279
- // is configured, or the direct connection IP otherwise. Never trust X-Forwarded-For
280
- // headers directly without proper proxy configuration.
281
- String clientIp = request.getRemoteAddr();
282
-
283
- Bucket bucket = buckets.computeIfAbsent(clientIp,
284
- k -> Bucket.builder()
285
- .addLimit(Bandwidth.classic(100, Refill.greedy(100, Duration.ofMinutes(1))))
286
- .build());
287
-
288
- if (bucket.tryConsume(1)) {
289
- filterChain.doFilter(request, response);
290
- } else {
291
- response.setStatus(HttpStatus.TOO_MANY_REQUESTS.value());
292
- }
293
- }
294
- }
295
- ```
296
-
297
- ## Background Jobs
298
-
299
- Use Spring’s `@Scheduled` or integrate with queues (e.g., Kafka, SQS, RabbitMQ). Keep handlers idempotent and observable.
300
-
301
- ## Observability
302
-
303
- - Structured logging (JSON) via Logback encoder
304
- - Metrics: Micrometer + Prometheus/OTel
305
- - Tracing: Micrometer Tracing with OpenTelemetry or Brave backend
306
-
307
- ## Production Defaults
308
-
309
- - Prefer constructor injection, avoid field injection
310
- - Enable `spring.mvc.problemdetails.enabled=true` for RFC 7807 errors (Spring Boot 3+)
311
- - Configure HikariCP pool sizes for workload, set timeouts
312
- - Use `@Transactional(readOnly = true)` for queries
313
- - Enforce null-safety via `@NonNull` and `Optional` where appropriate
314
-
315
- **Remember**: Keep controllers thin, services focused, repositories simple, and errors handled centrally. Optimize for maintainability and testability.
@@ -1,273 +0,0 @@
1
- ---
2
- name: springboot-security
3
- description: Spring Security best practices for authn/authz, validation, CSRF, secrets, headers, rate limiting, and dependency security in Java Spring Boot services.
4
- metadata:
5
- origin: ECC
6
- ---
7
-
8
- # Spring Boot Security Review
9
-
10
- Use when adding auth, handling input, creating endpoints, or dealing with secrets.
11
-
12
- ## When to Activate
13
-
14
- - Adding authentication (JWT, OAuth2, session-based)
15
- - Implementing authorization (@PreAuthorize, role-based access)
16
- - Validating user input (Bean Validation, custom validators)
17
- - Configuring CORS, CSRF, or security headers
18
- - Managing secrets (Vault, environment variables)
19
- - Adding rate limiting or brute-force protection
20
- - Scanning dependencies for CVEs
21
-
22
- ## Authentication
23
-
24
- - Prefer stateless JWT or opaque tokens with revocation list
25
- - Use `httpOnly`, `Secure`, `SameSite=Strict` cookies for sessions
26
- - Validate tokens with `OncePerRequestFilter` or resource server
27
-
28
- ```java
29
- @Component
30
- public class JwtAuthFilter extends OncePerRequestFilter {
31
- private final JwtService jwtService;
32
-
33
- public JwtAuthFilter(JwtService jwtService) {
34
- this.jwtService = jwtService;
35
- }
36
-
37
- @Override
38
- protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
39
- FilterChain chain) throws ServletException, IOException {
40
- String header = request.getHeader(HttpHeaders.AUTHORIZATION);
41
- if (header != null && header.startsWith("Bearer ")) {
42
- String token = header.substring(7);
43
- Authentication auth = jwtService.authenticate(token);
44
- SecurityContextHolder.getContext().setAuthentication(auth);
45
- }
46
- chain.doFilter(request, response);
47
- }
48
- }
49
- ```
50
-
51
- ## Authorization
52
-
53
- - Enable method security: `@EnableMethodSecurity`
54
- - Use `@PreAuthorize("hasRole('ADMIN')")` or `@PreAuthorize("@authz.canEdit(#id)")`
55
- - Deny by default; expose only required scopes
56
-
57
- ```java
58
- @RestController
59
- @RequestMapping("/api/admin")
60
- public class AdminController {
61
-
62
- @PreAuthorize("hasRole('ADMIN')")
63
- @GetMapping("/users")
64
- public List<UserDto> listUsers() {
65
- return userService.findAll();
66
- }
67
-
68
- @PreAuthorize("@authz.isOwner(#id, authentication)")
69
- @DeleteMapping("/users/{id}")
70
- public ResponseEntity<Void> deleteUser(@PathVariable Long id) {
71
- userService.delete(id);
72
- return ResponseEntity.noContent().build();
73
- }
74
- }
75
- ```
76
-
77
- ## Input Validation
78
-
79
- - Use Bean Validation with `@Valid` on controllers
80
- - Apply constraints on DTOs: `@NotBlank`, `@Email`, `@Size`, custom validators
81
- - Sanitize any HTML with a whitelist before rendering
82
-
83
- ```java
84
- // BAD: No validation
85
- @PostMapping("/users")
86
- public User createUser(@RequestBody UserDto dto) {
87
- return userService.create(dto);
88
- }
89
-
90
- // GOOD: Validated DTO
91
- public record CreateUserDto(
92
- @NotBlank @Size(max = 100) String name,
93
- @NotBlank @Email String email,
94
- @NotNull @Min(0) @Max(150) Integer age
95
- ) {}
96
-
97
- @PostMapping("/users")
98
- public ResponseEntity<UserDto> createUser(@Valid @RequestBody CreateUserDto dto) {
99
- return ResponseEntity.status(HttpStatus.CREATED)
100
- .body(userService.create(dto));
101
- }
102
- ```
103
-
104
- ## SQL Injection Prevention
105
-
106
- - Use Spring Data repositories or parameterized queries
107
- - For native queries, use `:param` bindings; never concatenate strings
108
-
109
- ```java
110
- // BAD: String concatenation in native query
111
- @Query(value = "SELECT * FROM users WHERE name = '" + name + "'", nativeQuery = true)
112
-
113
- // GOOD: Parameterized native query
114
- @Query(value = "SELECT * FROM users WHERE name = :name", nativeQuery = true)
115
- List<User> findByName(@Param("name") String name);
116
-
117
- // GOOD: Spring Data derived query (auto-parameterized)
118
- List<User> findByEmailAndActiveTrue(String email);
119
- ```
120
-
121
- ## Password Encoding
122
-
123
- - Always hash passwords with BCrypt or Argon2 — never store plaintext
124
- - Use `PasswordEncoder` bean, not manual hashing
125
-
126
- ```java
127
- @Bean
128
- public PasswordEncoder passwordEncoder() {
129
- return new BCryptPasswordEncoder(12); // cost factor 12
130
- }
131
-
132
- // In service
133
- public User register(CreateUserDto dto) {
134
- String hashedPassword = passwordEncoder.encode(dto.password());
135
- return userRepository.save(new User(dto.email(), hashedPassword));
136
- }
137
- ```
138
-
139
- ## CSRF Protection
140
-
141
- - For browser session apps, keep CSRF enabled; include token in forms/headers
142
- - For pure APIs with Bearer tokens, disable CSRF and rely on stateless auth
143
-
144
- ```java
145
- http
146
- .csrf(csrf -> csrf.disable())
147
- .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
148
- ```
149
-
150
- ## Secrets Management
151
-
152
- - No secrets in source; load from env or vault
153
- - Keep `application.yml` free of credentials; use placeholders
154
- - Rotate tokens and DB credentials regularly
155
-
156
- ```yaml
157
- # BAD: Hardcoded in application.yml
158
- spring:
159
- datasource:
160
- password: mySecretPassword123
161
-
162
- # GOOD: Environment variable placeholder
163
- spring:
164
- datasource:
165
- password: ${DB_PASSWORD}
166
-
167
- # GOOD: Spring Cloud Vault integration
168
- spring:
169
- cloud:
170
- vault:
171
- uri: https://vault.example.com
172
- token: ${VAULT_TOKEN}
173
- ```
174
-
175
- ## Security Headers
176
-
177
- ```java
178
- http
179
- .headers(headers -> headers
180
- .contentSecurityPolicy(csp -> csp
181
- .policyDirectives("default-src 'self'"))
182
- .frameOptions(HeadersConfigurer.FrameOptionsConfig::sameOrigin)
183
- .xssProtection(Customizer.withDefaults())
184
- .referrerPolicy(rp -> rp.policy(ReferrerPolicyHeaderWriter.ReferrerPolicy.NO_REFERRER)));
185
- ```
186
-
187
- ## CORS Configuration
188
-
189
- - Configure CORS at the security filter level, not per-controller
190
- - Restrict allowed origins — never use `*` in production
191
-
192
- ```java
193
- @Bean
194
- public CorsConfigurationSource corsConfigurationSource() {
195
- CorsConfiguration config = new CorsConfiguration();
196
- config.setAllowedOrigins(List.of("https://app.example.com"));
197
- config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE"));
198
- config.setAllowedHeaders(List.of("Authorization", "Content-Type"));
199
- config.setAllowCredentials(true);
200
- config.setMaxAge(3600L);
201
-
202
- UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
203
- source.registerCorsConfiguration("/api/**", config);
204
- return source;
205
- }
206
-
207
- // In SecurityFilterChain:
208
- http.cors(cors -> cors.configurationSource(corsConfigurationSource()));
209
- ```
210
-
211
- ## Rate Limiting
212
-
213
- - Apply Bucket4j or gateway-level limits on expensive endpoints
214
- - Log and alert on bursts; return 429 with retry hints
215
-
216
- ```java
217
- // Using Bucket4j for per-endpoint rate limiting
218
- @Component
219
- public class RateLimitFilter extends OncePerRequestFilter {
220
- private final Map<String, Bucket> buckets = new ConcurrentHashMap<>();
221
-
222
- private Bucket createBucket() {
223
- return Bucket.builder()
224
- .addLimit(Bandwidth.classic(100, Refill.intervally(100, Duration.ofMinutes(1))))
225
- .build();
226
- }
227
-
228
- @Override
229
- protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
230
- FilterChain chain) throws ServletException, IOException {
231
- String clientIp = request.getRemoteAddr();
232
- Bucket bucket = buckets.computeIfAbsent(clientIp, k -> createBucket());
233
-
234
- if (bucket.tryConsume(1)) {
235
- chain.doFilter(request, response);
236
- } else {
237
- response.setStatus(HttpStatus.TOO_MANY_REQUESTS.value());
238
- response.getWriter().write("{\"error\": \"Rate limit exceeded\"}");
239
- }
240
- }
241
- }
242
- ```
243
-
244
- ## Dependency Security
245
-
246
- - Run OWASP Dependency Check / Snyk in CI
247
- - Keep Spring Boot and Spring Security on supported versions
248
- - Fail builds on known CVEs
249
-
250
- ## Logging and PII
251
-
252
- - Never log secrets, tokens, passwords, or full PAN data
253
- - Redact sensitive fields; use structured JSON logging
254
-
255
- ## File Uploads
256
-
257
- - Validate size, content type, and extension
258
- - Store outside web root; scan if required
259
-
260
- ## Checklist Before Release
261
-
262
- - [ ] Auth tokens validated and expired correctly
263
- - [ ] Authorization guards on every sensitive path
264
- - [ ] All inputs validated and sanitized
265
- - [ ] No string-concatenated SQL
266
- - [ ] CSRF posture correct for app type
267
- - [ ] Secrets externalized; none committed
268
- - [ ] Security headers configured
269
- - [ ] Rate limiting on APIs
270
- - [ ] Dependencies scanned and up to date
271
- - [ ] Logs free of sensitive data
272
-
273
- **Remember**: Deny by default, validate inputs, least privilege, and secure-by-configuration first.