@saulwade/swl-ses 1.5.0 → 1.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (134) hide show
  1. package/CLAUDE.md +19 -2
  2. package/README.md +561 -561
  3. package/agentes/arquitecto-swl.md +33 -1
  4. package/agentes/nemesis-auditor-swl.md +59 -19
  5. package/bin/swl-mcp-server.js +214 -214
  6. package/comandos/swl/.evolved.json +22 -22
  7. package/comandos/swl/contribuir.md +233 -233
  8. package/comandos/swl/nemesis.md +230 -56
  9. package/gateway/lib/event-channel.js +191 -191
  10. package/habilidades/backend-production-resilience/SKILL.md +288 -288
  11. package/habilidades/benchmark-memoria/SKILL.md +186 -186
  12. package/habilidades/diagrama-arquitectura/assets/template.html +276 -276
  13. package/habilidades/doubt-driven-review/SKILL.md +171 -171
  14. package/habilidades/doubt-driven-review/recursos/EXAMPLES.md +130 -130
  15. package/habilidades/ejecutar-task-iterativo/SKILL.md +278 -278
  16. package/habilidades/eval-framework/SKILL.md +212 -212
  17. package/habilidades/feynman-auditor-swl/SKILL.md +123 -123
  18. package/habilidades/feynman-auditor-swl/recursos/preguntas-language-agnostic.md +108 -108
  19. package/habilidades/harness-claude-code/SKILL.md +299 -299
  20. package/habilidades/infra-github-actions/SKILL.md +166 -166
  21. package/habilidades/legacy-code-rescue/SKILL.md +267 -267
  22. package/habilidades/manejo-errores/.evolved.json +8 -8
  23. package/habilidades/meta-skills-estandar/SKILL.md +225 -1
  24. package/habilidades/meta-skills-estandar/recursos/convencion-examples.md +93 -93
  25. package/habilidades/meta-skills-estandar/recursos/skills-as-agents.md +163 -163
  26. package/habilidades/nemesis-evaluacion-json/SKILL.md +266 -0
  27. package/habilidades/nemesis-redistribuir/SKILL.md +341 -0
  28. package/habilidades/node-experto/SKILL.md +105 -4
  29. package/habilidades/patrones-python/SKILL.md +229 -229
  30. package/habilidades/patrones-python/recursos/patrones-avanzados.md +469 -469
  31. package/habilidades/planear-fase/SKILL.md +319 -319
  32. package/habilidades/protocolo-revision-swl/SKILL.md +350 -276
  33. package/habilidades/release-semver/.evolved.json +8 -8
  34. package/habilidades/state-inconsistency-auditor-swl/SKILL.md +166 -166
  35. package/habilidades/state-inconsistency-auditor-swl/recursos/coupled-state-patterns.md +147 -147
  36. package/habilidades/tdd-workflow/SKILL.md +150 -4
  37. package/habilidades/testing-python/SKILL.md +340 -340
  38. package/habilidades/verificar-trabajo/SKILL.md +8 -3
  39. package/habilidades/web-fetcher-routing/SKILL.md +75 -75
  40. package/hooks/check-update.js +31 -3
  41. package/hooks/claudemd-bloat-detector.js +161 -161
  42. package/hooks/lib/agent-routing.js +107 -107
  43. package/hooks/lib/auto-consolidator.js +335 -335
  44. package/hooks/lib/error-classifier.js +308 -308
  45. package/hooks/lib/merkle-audit.js +96 -96
  46. package/hooks/lib/provenance-tracker.js +191 -191
  47. package/hooks/lib/rate-limit-tracker.js +253 -253
  48. package/hooks/lib/resource-quota.js +122 -122
  49. package/hooks/lib/retry-jitter.js +165 -165
  50. package/hooks/lib/security-net.js +201 -201
  51. package/hooks/lib/skill-auditor.js +588 -588
  52. package/hooks/lib/sync-status.js +228 -228
  53. package/hooks/lib/taint-tracker.js +107 -107
  54. package/hooks/lib/text-similarity.js +241 -241
  55. package/hooks/lib/toon-compressor.js +245 -245
  56. package/hooks/registro-turnos.js +209 -209
  57. package/hooks/sugerir-regenerar-inventario.js +170 -170
  58. package/hooks/validar-formato-post-subagente.js +140 -140
  59. package/hooks/validar-memoria-hook.js +218 -218
  60. package/instintos/prompt-appendices.yaml +57 -57
  61. package/manifiestos/agent-output-schemas.json +57 -57
  62. package/manifiestos/modulos.json +1324 -1321
  63. package/manifiestos/skills-lock.json +1114 -1114
  64. package/package.json +2 -2
  65. package/plantillas/auditor-veto-template.md +105 -105
  66. package/plantillas/github-workflows/README.md +47 -47
  67. package/plantillas/github-workflows/release-please.yml +44 -44
  68. package/plantillas/github-workflows/swl-ci.yml +107 -107
  69. package/plantillas/github-workflows/swl-security.yml +51 -51
  70. package/plugin.json +353 -351
  71. package/reglas/analisis-previo-tareas-grandes.md +172 -172
  72. package/reglas/arreglar-al-detectar.md +147 -147
  73. package/reglas/fragmentos-compartidos.md +152 -152
  74. package/reglas/harness-claude-code.md +213 -213
  75. package/reglas/registro-componentes-nuevos.md +192 -0
  76. package/reglas/usar-context7.md +226 -226
  77. package/schemas/diary-entry.schema.json +80 -80
  78. package/scripts/actualizar.js +110 -1
  79. package/scripts/audit-tools/audit-history.js +330 -330
  80. package/scripts/audit-tools/bundle-tracker.js +290 -290
  81. package/scripts/audit-tools/canary-monitor.js +352 -352
  82. package/scripts/audit-tools/code-profiler.js +605 -605
  83. package/scripts/audit-tools/dep-doctor.js +320 -320
  84. package/scripts/audit-tools/env-validator.js +206 -206
  85. package/scripts/audit-tools/lib/fs-walk.js +48 -48
  86. package/scripts/audit-tools/lib/output.js +23 -23
  87. package/scripts/audit-tools/migration-checker.js +392 -392
  88. package/scripts/audit-tools/pentest-scanner.js +1436 -1436
  89. package/scripts/benchmark-memoria.js +167 -167
  90. package/scripts/configurar-branch-protection.js +418 -418
  91. package/scripts/derivar-feature-list.js +489 -489
  92. package/scripts/detectar-aprendizajes-duplicados.js +151 -151
  93. package/scripts/doctor.js +58 -4
  94. package/scripts/field-report.js +199 -199
  95. package/scripts/generar-checklists-consolidados.js +273 -273
  96. package/scripts/generar-inventario.js +420 -420
  97. package/scripts/generar-matriz-lenguajes.js +271 -271
  98. package/scripts/lib/artefactos-python.js +43 -43
  99. package/scripts/lib/benchmark-metrics.js +160 -160
  100. package/scripts/lib/budget-enforcer.js +252 -252
  101. package/scripts/lib/configurar-ci.js +380 -380
  102. package/scripts/lib/contadores-inventario.js +217 -217
  103. package/scripts/lib/detectar-stack-detallado.js +307 -307
  104. package/scripts/lib/diary-entry.js +234 -234
  105. package/scripts/lib/eval-metrics-store.js +218 -218
  106. package/scripts/lib/eval-quality.js +171 -171
  107. package/scripts/lib/eval-schemas.js +144 -144
  108. package/scripts/lib/eval-self-correct.js +106 -106
  109. package/scripts/lib/eval-validator.js +185 -185
  110. package/scripts/lib/expandir-targets.js +71 -71
  111. package/scripts/lib/jaccard-similarity.js +98 -98
  112. package/scripts/lib/longmemeval-runner.js +125 -125
  113. package/scripts/lib/mcp_config.py +127 -0
  114. package/scripts/lib/npm-version.js +261 -261
  115. package/scripts/lib/paquetes-conocidos.js +50 -50
  116. package/scripts/lib/prompt-builder.js +264 -264
  117. package/scripts/lib/rrf-fusion.js +175 -175
  118. package/scripts/lib/scoring-instintos.js +277 -277
  119. package/scripts/lib/semantic-search.js +252 -252
  120. package/scripts/lib/toml-merge.js +204 -204
  121. package/scripts/lib/transformadores/codex.js +375 -375
  122. package/scripts/lib/transformadores/cursor.js +359 -359
  123. package/scripts/limpiar-artefactos-python.js +131 -131
  124. package/scripts/mcp-orchestrator.py +8 -18
  125. package/scripts/mcp-pool-manager.py +12 -23
  126. package/scripts/mcp-server/README.md +170 -170
  127. package/scripts/mcp-server/auth.js +105 -105
  128. package/scripts/mcp-server/cache.js +106 -106
  129. package/scripts/mcp-server/telemetry.js +78 -78
  130. package/scripts/migrar-csv-a-array.js +168 -168
  131. package/scripts/migrar-fase-dominio.js +201 -201
  132. package/scripts/publicar.js +511 -511
  133. package/scripts/run-eval.js +141 -141
  134. package/scripts/validar-userland-vacio.js +110 -110
package/plantillas/github-workflows/swl-security.yml CHANGED
@@ -1,51 +1,51 @@
1
- name: Revisión de Seguridad — Claude Code
2
-
3
- # Plantilla distribuida por swl-ses.
4
- # Copiar este archivo a .github/workflows/ de tu proyecto.
5
- # Para setup automatizado: /swl:configurar-ci init
6
- #
7
- # PREREQUISITO — configurar el secret CLAUDE_API_KEY en tu repositorio:
8
- # GitHub → Settings → Secrets and variables → Actions → New repository secret
9
- # Nombre: CLAUDE_API_KEY
10
- # Valor: clave API de Anthropic (https://console.anthropic.com)
11
- # La clave requiere permisos tanto para Claude API como para Claude Code.
12
- #
13
- # Referencia de la action oficial:
14
- # https://github.com/anthropics/claude-code-security-review
15
- #
16
- # NOTA: los workflows de forks externos no reciben secrets por diseño de GitHub.
17
- # La revisión de seguridad solo corre en PRs de ramas del mismo repositorio.
18
-
19
- on:
20
- pull_request:
21
- branches: [main]
22
-
23
- # Permisos mínimos: escribir comentarios en PRs y leer contenido del repo.
24
- permissions:
25
- pull-requests: write
26
- contents: read
27
-
28
- jobs:
29
- security:
30
- name: Análisis de seguridad con Claude
31
- runs-on: ubuntu-latest
32
-
33
- steps:
34
- - uses: actions/checkout@v5
35
- with:
36
- # fetch-depth: 2 es requerido por la action para calcular el diff.
37
- ref: ${{ github.event.pull_request.head.sha || github.sha }}
38
- fetch-depth: 2
39
-
40
- # Análisis semántico de seguridad sobre el diff del PR.
41
- # Detecta: inyecciones SQL/OS, credenciales expuestas, auth débil,
42
- # SSRF, XSS y las 10 categorías del OWASP Top 10.
43
- # Comenta hallazgos directamente en el PR.
44
- - uses: anthropics/claude-code-security-review@main
45
- with:
46
- claude-api-key: ${{ secrets.CLAUDE_API_KEY }}
47
- comment-pr: true
48
- upload-results: true
49
- # Excluir directorios que no son código de producción.
50
- # Ajustar según la estructura de tu proyecto.
51
- # exclude-directories: "temp,docs,fixtures"
1
+ name: Revisión de Seguridad — Claude Code
2
+
3
+ # Plantilla distribuida por swl-ses.
4
+ # Copiar este archivo a .github/workflows/ de tu proyecto.
5
+ # Para setup automatizado: /swl:configurar-ci init
6
+ #
7
+ # PREREQUISITO — configurar el secret CLAUDE_API_KEY en tu repositorio:
8
+ # GitHub → Settings → Secrets and variables → Actions → New repository secret
9
+ # Nombre: CLAUDE_API_KEY
10
+ # Valor: clave API de Anthropic (https://console.anthropic.com)
11
+ # La clave requiere permisos tanto para Claude API como para Claude Code.
12
+ #
13
+ # Referencia de la action oficial:
14
+ # https://github.com/anthropics/claude-code-security-review
15
+ #
16
+ # NOTA: los workflows de forks externos no reciben secrets por diseño de GitHub.
17
+ # La revisión de seguridad solo corre en PRs de ramas del mismo repositorio.
18
+
19
+ on:
20
+ pull_request:
21
+ branches: [main]
22
+
23
+ # Permisos mínimos: escribir comentarios en PRs y leer contenido del repo.
24
+ permissions:
25
+ pull-requests: write
26
+ contents: read
27
+
28
+ jobs:
29
+ security:
30
+ name: Análisis de seguridad con Claude
31
+ runs-on: ubuntu-latest
32
+
33
+ steps:
34
+ - uses: actions/checkout@v5
35
+ with:
36
+ # fetch-depth: 2 es requerido por la action para calcular el diff.
37
+ ref: ${{ github.event.pull_request.head.sha || github.sha }}
38
+ fetch-depth: 2
39
+
40
+ # Análisis semántico de seguridad sobre el diff del PR.
41
+ # Detecta: inyecciones SQL/OS, credenciales expuestas, auth débil,
42
+ # SSRF, XSS y las 10 categorías del OWASP Top 10.
43
+ # Comenta hallazgos directamente en el PR.
44
+ - uses: anthropics/claude-code-security-review@main
45
+ with:
46
+ claude-api-key: ${{ secrets.CLAUDE_API_KEY }}
47
+ comment-pr: true
48
+ upload-results: true
49
+ # Excluir directorios que no son código de producción.
50
+ # Ajustar según la estructura de tu proyecto.
51
+ # exclude-directories: "temp,docs,fixtures"