aiag-cli 2.2.2 → 2.3.0

package/templates/skills/prd-taskmaster/.taskmaster/scripts/execution-state.py

@@ -0,0 +1,87 @@
+#!/usr/bin/env python3
+"""
+Task execution state manager for crash recovery.
+"""
+
+import json
+from pathlib import Path
+from datetime import datetime, timezone
+
+class ExecutionState:
+    def __init__(self):
+        self.state_file = Path(".taskmaster/state/execution-state.json")
+        self.state_file.parent.mkdir(parents=True, exist_ok=True)
+        self.load_state()
+
+    def load_state(self):
+        """Load current execution state."""
+        if self.state_file.exists():
+            with open(self.state_file, 'r') as f:
+                self.state = json.load(f)
+        else:
+            self.state = {
+                "mode": None,
+                "current_task": None,
+                "current_subtask": None,
+                "tasks_completed": [],
+                "last_update": None
+            }
+
+    def save_state(self):
+        """Persist current state to disk."""
+        self.state["last_update"] = datetime.now(timezone.utc).isoformat()
+        with open(self.state_file, 'w') as f:
+            json.dump(self.state, f, indent=2)
+
+    def set_mode(self, mode):
+        """Set execution mode (sequential, parallel, etc.)."""
+        self.state["mode"] = mode
+        self.save_state()
+
+    def start_task(self, task_id):
+        """Mark task as started."""
+        self.state["current_task"] = task_id
+        self.state["current_subtask"] = None
+        self.save_state()
+
+    def start_subtask(self, task_id, subtask_id):
+        """Mark subtask as started."""
+        self.state["current_task"] = task_id
+        self.state["current_subtask"] = subtask_id
+        self.save_state()
+
+    def complete_task(self, task_id):
+        """Mark task as completed."""
+        if task_id not in self.state["tasks_completed"]:
+            self.state["tasks_completed"].append(task_id)
+        self.state["current_task"] = None
+        self.state["current_subtask"] = None
+        self.save_state()
+
+    def has_incomplete_work(self):
+        """Check if there's incomplete work from previous session."""
+        return self.state["current_task"] is not None
+
+    def get_resume_point(self):
+        """Get information about where to resume."""
+        if not self.has_incomplete_work():
+            return None
+
+        return {
+            "mode": self.state["mode"],
+            "task": self.state["current_task"],
+            "subtask": self.state["current_subtask"],
+            "last_update": self.state["last_update"],
+            "completed_tasks": self.state["tasks_completed"]
+        }
+
+if __name__ == "__main__":
+    state = ExecutionState()
+    if state.has_incomplete_work():
+        resume = state.get_resume_point()
+        print(f"Incomplete work detected:")
+        print(f"  Task: {resume['task']}")
+        print(f"  Subtask: {resume['subtask']}")
+        print(f"  Last update: {resume['last_update']}")
+    else:
+        print("No incomplete work found.")

package/templates/skills/prd-taskmaster/.taskmaster/scripts/learn-accuracy.py

@@ -0,0 +1,113 @@
+#!/usr/bin/env python3
+"""
+Estimation accuracy learning system.
+Analyzes actual vs estimated times and improves future estimates.
+"""
+
+import json
+from pathlib import Path
+import sys
+sys.path.insert(0, str(Path(__file__).parent))
+from track_time import get_all_task_times, calculate_accuracy
+
+class AccuracyLearner:
+    def __init__(self):
+        self.reports_dir = Path(".taskmaster/reports")
+        self.reports_dir.mkdir(parents=True, exist_ok=True)
+        self.accuracy_file = self.reports_dir / "estimation-accuracy.json"
+        self.load_accuracy_data()
+
+    def load_accuracy_data(self):
+        """Load historical accuracy data."""
+        if self.accuracy_file.exists():
+            with open(self.accuracy_file, 'r') as f:
+                self.data = json.load(f)
+        else:
+            self.data = {
+                "tasks_analyzed": 0,
+                "average_accuracy": 100.0,
+                "adjustment_factor": 1.0,
+                "history": []
+            }
+
+    def save_accuracy_data(self):
+        """Save accuracy data."""
+        with open(self.accuracy_file, 'w') as f:
+            json.dump(self.data, f, indent=2)
+
+    def analyze_task(self, task_id, estimated_minutes, actual_minutes):
+        """Analyze a single task's accuracy."""
+        accuracy = calculate_accuracy(estimated_minutes, actual_minutes)
+
+        entry = {
+            "task_id": task_id,
+            "estimated_minutes": estimated_minutes,
+            "actual_minutes": actual_minutes,
+            "accuracy_percent": accuracy,
+            "variance_percent": accuracy - 100
+        }
+
+        self.data["history"].append(entry)
+        self.data["tasks_analyzed"] += 1
+
+        # Recalculate average
+        total_accuracy = sum(h["accuracy_percent"] for h in self.data["history"])
+        self.data["average_accuracy"] = round(total_accuracy / len(self.data["history"]), 1)
+
+        # Update adjustment factor
+        self.data["adjustment_factor"] = round(self.data["average_accuracy"] / 100, 2)
+
+        self.save_accuracy_data()
+
+        return entry
+
+    def get_adjusted_estimate(self, base_estimate_minutes):
+        """Apply learned adjustment to new estimate."""
+        adjusted = base_estimate_minutes * self.data["adjustment_factor"]
+        return round(adjusted, 0)
+
+    def generate_report(self):
+        """Generate human-readable accuracy report."""
+        if self.data["tasks_analyzed"] < 3:
+            return "❌ Need at least 3 completed tasks for accuracy analysis."
+
+        history = self.data["history"]
+        avg_accuracy = self.data["average_accuracy"]
+        adjustment = self.data["adjustment_factor"]
+
+        # Find outliers
+        outliers = [h for h in history if abs(h["variance_percent"]) > 50]
+
+        report = f"""
+📊 Estimation Accuracy Report
+
+Tasks Analyzed: {self.data["tasks_analyzed"]}
+Average Accuracy: {avg_accuracy}%
+Adjustment Factor: {adjustment}x
+
+Recent Tasks:
+"""
+
+        for h in history[-10:]:  # Last 10 tasks
+            status = "✅" if 90 <= h["accuracy_percent"] <= 110 else "⚠️"
+            report += f"  Task {h['task_id']}: {h['actual_minutes']}min (est: {h['estimated_minutes']}min) - {h['accuracy_percent']}% {status}\n"
+
+        if avg_accuracy < 90:
+            report += f"\n⚠️  You're completing tasks {100 - avg_accuracy:.0f}% faster than estimated.\n"
+            report += f"🎯 Recommendation: Reduce future estimates by {(1 - adjustment) * 100:.0f}%\n"
+        elif avg_accuracy > 110:
+            report += f"\n⚠️  You're taking {avg_accuracy - 100:.0f}% longer than estimated.\n"
+            report += f"🎯 Recommendation: Increase future estimates by {(adjustment - 1) * 100:.0f}%\n"
+        else:
+            report += f"\n✅ Your estimates are accurate! Keep it up.\n"
+
+        if outliers:
+            report += f"\n⚠️  {len(outliers)} outlier tasks found (>50% variance):\n"
+            for o in outliers:
+                report += f"  Task {o['task_id']}: {o['variance_percent']:+.0f}% variance\n"
+
+        return report
+
+if __name__ == "__main__":
+    learner = AccuracyLearner()
+    print(learner.generate_report())

package/templates/skills/prd-taskmaster/.taskmaster/scripts/rollback.sh

@@ -0,0 +1,71 @@
+#!/bin/bash
+# .taskmaster/scripts/rollback.sh
+# Rollback to any task checkpoint
+
+TASK_ID=$1
+
+if [ -z "$TASK_ID" ]; then
+  echo "❌ Error: Task ID required"
+  echo "Usage: rollback.sh <task_id>"
+  exit 1
+fi
+
+TAG="checkpoint-task-${TASK_ID}"
+
+# Check if tag exists
+if ! git tag -l | grep -q "^${TAG}$"; then
+  echo "❌ Error: Checkpoint tag '${TAG}' not found"
+  echo "Available checkpoints:"
+  git tag -l "checkpoint-task-*" | sort -V
+  exit 1
+fi
+
+echo "🔄 Rolling back to ${TAG}..."
+
+# Safety check
+echo "⚠️  This will:"
+echo "  - Discard all changes after Task ${TASK_ID}"
+echo "  - Reset to checkpoint-task-${TASK_ID}"
+echo "  - Preserve current work in rollback-backup branch"
+echo ""
+echo "Continue? (yes/no)"
+read -r CONFIRM
+
+if [ "$CONFIRM" != "yes" ]; then
+  echo "❌ Rollback cancelled"
+  exit 0
+fi
+
+# Create backup branch of current state
+BACKUP_BRANCH="rollback-backup-$(date +%Y%m%d-%H%M%S)"
+git checkout -b "$BACKUP_BRANCH"
+git checkout main
+
+echo "💾 Backed up current state to: ${BACKUP_BRANCH}"
+
+# Reset to checkpoint
+git reset --hard "${TAG}"
+
+echo "✅ Rolled back to Task ${TASK_ID} completion state"
+echo "📝 Updating progress.md..."
+
+# Log rollback
+cat >> .taskmaster/docs/progress.md <<EOF
+
+---
+## ROLLBACK PERFORMED
+**Timestamp**: $(date -u +"%Y-%m-%d %H:%M:%S UTC")
+**Rolled back to**: Task ${TASK_ID} (${TAG})
+**Backup branch**: ${BACKUP_BRANCH}
+**Reason**: User-initiated rollback
+
+Tasks after ${TASK_ID} discarded. Ready to resume from Task ${TASK_ID}.
+---
+
+EOF
+
+echo ""
+echo "🎯 Next steps:"
+echo "  1. Resume from Task $((TASK_ID + 1))"
+echo "  2. Redo Task ${TASK_ID} differently"
+echo "  3. Review backup: git checkout ${BACKUP_BRANCH}"

package/templates/skills/prd-taskmaster/.taskmaster/scripts/security-audit.py

@@ -0,0 +1,130 @@
+#!/usr/bin/env python3
+"""
+Auto-generate security audit checklist based on implemented features.
+"""
+
+import re
+from pathlib import Path
+
+def detect_security_concerns(codebase_path="."):
+    """Scan code for security-relevant features."""
+    concerns = []
+
+    # Scan for authentication-related code
+    for file_path in Path(codebase_path).rglob("*.{js,ts,py,go,java}"):
+        try:
+            content = file_path.read_text()
+
+            # Check for password handling
+            if re.search(r'password|passwd|pwd', content, re.I):
+                concerns.append({
+                    "category": "Authentication",
+                    "item": "Password hashing",
+                    "check": "Passwords hashed with bcrypt/argon2 (cost ≥ 10)",
+                    "file": str(file_path)
+                })
+
+            # Check for OAuth
+            if re.search(r'oauth|openid', content, re.I):
+                concerns.append({
+                    "category": "OAuth",
+                    "item": "OAuth token security",
+                    "check": "OAuth tokens encrypted at rest and in transit",
+                    "file": str(file_path)
+                })
+
+            # Check for database queries
+            if re.search(r'SELECT.*FROM|INSERT INTO|UPDATE.*SET', content, re.I):
+                concerns.append({
+                    "category": "Database",
+                    "item": "SQL injection prevention",
+                    "check": "All queries use parameterized statements (no string concatenation)",
+                    "file": str(file_path)
+                })
+
+            # Check for user input handling
+            if re.search(r'req\.body|request\.form|input\(', content):
+                concerns.append({
+                    "category": "Input Validation",
+                    "item": "XSS prevention",
+                    "check": "All user input sanitized before rendering",
+                    "file": str(file_path)
+                })
+        except:
+            pass  # Skip files that can't be read
+
+    # Deduplicate
+    unique_concerns = []
+    seen = set()
+    for c in concerns:
+        key = (c["category"], c["item"])
+        if key not in seen:
+            unique_concerns.append(c)
+            seen.add(key)
+
+    return unique_concerns
+
+def generate_security_checklist():
+    """Generate comprehensive security audit checklist."""
+    concerns = detect_security_concerns()
+
+    checklist = """
+🔒 SECURITY AUDIT CHECKLIST
+
+Auto-generated based on your implementation.
+
+"""
+
+    # Group by category
+    by_category = {}
+    for c in concerns:
+        cat = c["category"]
+        if cat not in by_category:
+            by_category[cat] = []
+        by_category[cat].append(c)
+
+    for category, items in sorted(by_category.items()):
+        checklist += f"\n### {category}\n"
+        for item in items:
+            checklist += f"- [ ] {item['check']}\n"
+            checklist += f"      File: {item['file']}\n"
+
+    # Add standard checks
+    checklist += """
+
+### General Security
+- [ ] HTTPS enforced in production
+- [ ] CSRF protection enabled
+- [ ] Rate limiting on sensitive endpoints
+- [ ] Security headers set (CSP, X-Frame-Options, etc.)
+- [ ] Dependencies audited (npm audit / pip-audit)
+- [ ] Secrets not committed to git (.env in .gitignore)
+- [ ] Error messages don't leak sensitive info
+- [ ] Logging doesn't include passwords/tokens
+
+### Compliance (if applicable)
+- [ ] GDPR: User data deletion implemented
+- [ ] SOC2: Audit logs for all auth events
+- [ ] PCI-DSS: No credit card data stored
+
+"""
+
+    checklist += """
+🧪 Automated Security Scans Available:
+
+1. npm audit (Node.js dependencies)
+2. pip-audit (Python dependencies)
+3. OWASP ZAP (web application scan)
+4. Snyk (vulnerability scanning)
+
+Run automated scans?
+  1. Yes, run npm audit + recommended scans
+  2. Manual review only
+  3. Skip for now
+
+"""
+
+    return checklist
+
+if __name__ == "__main__":
+    print(generate_security_checklist())

package/templates/skills/prd-taskmaster/.taskmaster/scripts/track-time.py

@@ -0,0 +1,133 @@
+#!/usr/bin/env python3
+"""
+Task time tracking with real datetime stamps.
+Auto-generated by PRD-Taskmaster skill.
+"""
+
+from datetime import datetime, timezone
+import json
+import os
+from pathlib import Path
+
+class TaskTimer:
+    """Track task execution time with precise datetime stamps."""
+
+    def __init__(self, task_id, subtask_id=None):
+        self.task_id = task_id
+        self.subtask_id = subtask_id
+        self.state_dir = Path(".taskmaster/state")
+        self.state_dir.mkdir(parents=True, exist_ok=True)
+
+        if subtask_id:
+            self.state_file = self.state_dir / f"task-{task_id}-subtask-{subtask_id}.json"
+        else:
+            self.state_file = self.state_dir / f"task-{task_id}.json"
+
+    def start(self):
+        """Mark task/subtask as started with current UTC timestamp."""
+        data = {
+            "task_id": self.task_id,
+            "subtask_id": self.subtask_id,
+            "start_time": datetime.now(timezone.utc).isoformat(),
+            "status": "in_progress"
+        }
+        with open(self.state_file, 'w') as f:
+            json.dump(data, f, indent=2)
+
+        start_time = datetime.now(timezone.utc).strftime("%Y-%m-%d %H:%M:%S UTC")
+        print(f"📅 Started: {start_time}")
+
+    def complete(self, notes=""):
+        """Mark task/subtask as complete and calculate actual duration."""
+        with open(self.state_file, 'r') as f:
+            data = json.load(f)
+
+        start = datetime.fromisoformat(data['start_time'])
+        end = datetime.now(timezone.utc)
+
+        duration_seconds = (end - start).total_seconds()
+        duration_minutes = duration_seconds / 60
+        duration_hours = duration_minutes / 60
+
+        data.update({
+            "end_time": end.isoformat(),
+            "status": "completed",
+            "actual_duration_seconds": int(duration_seconds),
+            "actual_duration_minutes": round(duration_minutes, 2),
+            "actual_duration_hours": round(duration_hours, 2),
+            "notes": notes
+        })
+
+        with open(self.state_file, 'w') as f:
+            json.dump(data, f, indent=2)
+
+        # Format output
+        if duration_hours >= 1:
+            duration_str = f"{int(duration_hours)}h {int(duration_minutes % 60)}min"
+        else:
+            duration_str = f"{int(duration_minutes)} min"
+
+        end_time = end.strftime("%Y-%m-%d %H:%M:%S UTC")
+        print(f"✅ COMPLETED")
+        print(f"📅 Ended: {end_time}")
+        print(f"⏱️  Actual: {duration_str} ({duration_minutes:.1f} min)")
+
+        return duration_minutes
+
+    def get_duration(self):
+        """Get current duration for in-progress task."""
+        if not self.state_file.exists():
+            return 0
+
+        with open(self.state_file, 'r') as f:
+            data = json.load(f)
+
+        if data['status'] == 'completed':
+            return data['actual_duration_minutes']
+
+        start = datetime.fromisoformat(data['start_time'])
+        now = datetime.now(timezone.utc)
+        duration_minutes = (now - start).total_seconds() / 60
+        return round(duration_minutes, 2)
+
+def get_all_task_times():
+    """Get timing data for all tasks."""
+    state_dir = Path(".taskmaster/state")
+    if not state_dir.exists():
+        return []
+
+    times = []
+    for state_file in state_dir.glob("task-*.json"):
+        with open(state_file, 'r') as f:
+            data = json.load(f)
+            if data['status'] == 'completed':
+                times.append(data)
+
+    return times
+
+def calculate_accuracy(estimated_minutes, actual_minutes):
+    """Calculate estimation accuracy percentage."""
+    if estimated_minutes == 0:
+        return 0
+    accuracy = (actual_minutes / estimated_minutes) * 100
+    return round(accuracy, 1)
+
+if __name__ == "__main__":
+    # CLI usage
+    import sys
+
+    if len(sys.argv) < 3:
+        print("Usage: python track-time.py <command> <task_id> [subtask_id]")
+        print("Commands: start, complete")
+        sys.exit(1)
+
+    command = sys.argv[1]
+    task_id = sys.argv[2]
+    subtask_id = sys.argv[3] if len(sys.argv) > 3 else None
+
+    timer = TaskTimer(task_id, subtask_id)
+
+    if command == "start":
+        timer.start()
+    elif command == "complete":
+        timer.complete()

package/templates/skills/prd-taskmaster/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 anombyte93
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.