antigravity-ide 3.5.36 → 3.5.37

package/.agent/.shared/ai-master/README.md

@@ -0,0 +1,25 @@
+# 🧠 AI Master Module
+
+> **Status**: Core Capability
+> **Type**: Shared Module (Prompts & Patterns)
+
+This module provides the intelligence backbone for AI Agent operations, including standardized prompt patterns and model configurations.
+
+## 📂 Structure
+
+```
+ai-master/
+├── best_patterns.md      # 📜 Theory & Strategy (Existing)
+├── checklists/           # ✅ Audit Tools
+│   └── prompt_audit.md   #    - Verify prompt quality & safety
+└── presets/              # ⚙️ Configuration
+    └── model_configs.json #    - Recommended params for Gemini/GPT
+```
+
+## 🚀 Usage
+
+### 1. Model Selection
+Use `presets/model_configs.json` to configure the optimal temperature and tokens for your task (Creative vs. Biological vs. Coding).
+
+### 2. Prompt Engineering
+Before sending a heavy prompt, audit it against `checklists/prompt_audit.md` to ensure it follows the "Chain of Thought" or "ReAct" standards.

package/.agent/.shared/ai-master/checklists/prompt_audit.md

@@ -0,0 +1,20 @@
+# ✅ Prompt Audit Checklist
+
+> check_type: manual_audit
+> priority: high
+
+Use this checklist to verify the quality of a System Prompt or Complex Task Prompt.
+
+## 1. Structure & Context
+- [ ] **Role Definition**: Does the prompt clearly state "You are [Role]"?
+- [ ] **Context Injection**: Is necessary context (File path, User intent) included?
+- [ ] **Output Format**: Is the expected output format (JSON, Markdown, Code only) explicitly defined?
+
+## 2. Reasoning & Logic
+- [ ] **Chain of Thought**: Does the prompt ask the AI to "Think step-by-step"?
+- [ ] **Few-Shot Examples**: Are there at least 2 snippets of "Input -> Output" examples?
+- [ ] **Edge Cases**: Does it instruct how to handle missing data or errors?
+
+## 3. Safety & Constraints
+- [ ] **No Hallucination**: Is there a directive to "Admit if you don't know"?
+- [ ] **Tone**: Is the specific tone (Professional, Friendly, Technical) requested?

package/.agent/.shared/ai-master/presets/model_configs.json

@@ -0,0 +1,21 @@
+{
+  "name": "AI Model Presets",
+  "description": "Standard configurations for different AI modalities.",
+  "configs": {
+    "coding_strict": {
+      "temperature": 0.1,
+      "top_p": 0.95,
+      "max_tokens": 8192,
+      "stop_sequences": ["User:", "Human:"]
+    },
+    "creative_brainstorm": {
+      "temperature": 0.8,
+      "top_p": 0.9,
+      "max_tokens": 4096
+    },
+    "data_extraction": {
+      "temperature": 0.0,
+      "response_mime_type": "application/json"
+    }
+  }
+}

package/.agent/.shared/api-standards/README.md

@@ -0,0 +1,25 @@
+# 📡 API Standards Module
+
+> **Status**: Interface Contract
+> **Type**: Shared Module (Specs & Formats)
+
+This module defines the laws of API communication to ensure Front-end and Back-end alignment.
+
+## 📂 Structure
+
+```
+api-standards/
+├── endpoints_naming.md   # 📜 Naming Conventions
+├── data/                 # 💾 Standard Data Formats
+│   ├── response_format.json
+│   └── error_codes.csv
+└── presets/              # ⚙️ Configs
+```
+
+## 🚀 Usage
+
+### 1. Response Format
+All APIs must return data wrapped in the structure defined in `data/response_format.json`.
+
+### 2. Naming
+Follow `endpoints_naming.md` (e.g., Kebab-case URLs, CamelCase JSON keys).

package/.agent/.shared/compliance/README.md

@@ -0,0 +1,19 @@
+# ⚖️ Compliance Master Module
+
+> **Status**: Regulatory Guard
+> **Type**: Shared Module (Policies & Audits)
+
+This module manages legal and regulatory compliance requirements (GDPR, HIPAA, SOC2).
+
+## 📂 Structure
+
+```
+compliance/
+├── checklists/           # ✅ Audit Tools
+│   └── gdpr_audit.md     #    - Data privacy checklist
+└── presets/              # ⚙️ Policies
+    └── privacy_policy_template.md
+```
+
+## 🚀 Usage
+Use the checklists to ensure data handling meets legal standards before launch.

package/.agent/.shared/database-master/README.md

@@ -0,0 +1,20 @@
+# 🗄️ Database Master Module
+
+> **Status**: Data Core
+> **Type**: Shared Module (Schemas & optimization)
+
+This module centralizes database design patterns, schema standards, and migration strategies.
+
+## 📂 Structure
+
+```
+database-master/
+├── schemas/              # 🗂️ Standard Schemas
+│   └── user_model.prisma
+├── normalization.md      # 📜 3NF Standards
+└── checklists/           # ✅ Audit Tools
+    └── index_audit.md    #    - Performance indexing check
+```
+
+## 🚀 Usage
+Reference `schemas/` for standard user/auth models to ensure consistency across services.

package/.agent/.shared/design-philosophy/MANIFESTO.md

@@ -0,0 +1,85 @@
+# 🎨 Tuyên Ngôn Thiết Kế (Design Manifesto)
+
+> *"Giao diện không chỉ là vỏ bọc, nó là linh hồn của sản phẩm."*
+
+Tài liệu này không phải là hướng dẫn sử dụng công cụ. Đây là tập hợp những **Nguyên tắc Cốt lõi (Core Principles)** mà dự án Google Antigravity cam kết tuân thủ để đạt chuẩn "High-Craft" & "Premium".
+
+---
+
+## I. Triết Lý Cốt Lõi (The Philosophy)
+
+### 1. Hệ Thống Đi Trước (System First)
+Chúng tôi không thiết kế từng trang rời rạc. Chúng tôi xây dựng một **Hệ sinh thái**.
+- Mọi màu sắc, khoảng cách, font chữ đều phải xuất phát từ `design-system/MASTER.md`.
+- Sự nhất quán (Consistency) > Sự sáng tạo tùy tiện.
+
+### 2. Sự Chủ Đích (Intentionality)
+Mọi pixel đều có lý do để tồn tại.
+- Không dùng placeholder vô nghĩa.
+- Không dùng icon emoji rẻ tiền (🚫 🎨). Dùng SVG/Vector cao cấp (Heroicons, Lucide).
+- Animation phải có ý nghĩa (phản hồi xúc giác), không phải để trang trí.
+
+### 3. Vẻ Đẹp Của Cấu Trúc (Structural Beauty)
+- **Hierarchy**: Tiêu đề chính (`H1`) phải kiêu hãnh. Nội dung phụ (`text-muted`) phải khiêm nhường.
+- **Whitespace**: Khoảng trắng là yếu tố sang trọng nhất. Đừng sợ khoảng trắng.
+
+---
+
+## II. Tiêu Chuẩn "High-Craft" (The Standard)
+
+Để được coi là "Hoàn thiện", một giao diện phải vượt qua các bài kiểm tra sau:
+
+### 1. Bài Test "Xúc Giác" (The Tactile Test)
+- [ ] **Cursor**: Mọi thứ click được phải có `cursor-pointer`.
+- [ ] **Hover**: Khi lướt chuột qua, vật thể phải "thở" (đổi màu nhẹ, nâng lên, đổ bóng).
+- [ ] **Timing**: Chuyển động phải mượt (150-300ms). Không giật cục, không rề rà.
+
+### 2. Bài Test "Ánh Sáng" (The Lighting Test)
+- [ ] **Dark Mode**: Không phải là nền đen, mà là sự xếp chồng của các lớp xám (Deep Gray layers).
+- [ ] **Glassmorphism**: Hiệu ứng kính phải rõ ràng trên nền sáng (`bg-white/80`), không tàng hình.
+- [ ] **Contrast**: Chữ phải đọc được trong mọi điều kiện ánh sáng.
+
+### 3. Bài Test "Chuyên Nghiệp" (The Professional Test)
+- [ ] **Icons**: Đồng bộ kích thước (thường là 24x24).
+- [ ] **Typography**: Dùng font chữ hiện đại (Inter, Geist, Outfit). Không dùng font mặc định `Times New Roman`.
+- [ ] **Mobile**: Không bao giờ được phép cuộn ngang (Horizontal Scroll) ngoài ý muốn.
+
+---
+
+## III. Quy Trình Hiện Thực Hóa (The Process)
+
+Khi bắt đầu một màn hình mới, chúng tôi tư duy theo trình tự:
+
+1.  **Định Hình (Shape)**: Xác định loại sản phẩm (SaaS, E-commerce, Dashboard...).
+2.  **Khung Sườn (Skeleton)**: Dựng layout với `html-tailwind` chuẩn chỉnh.
+3.  **Chi Tiết (Soul)**: Thêm Micro-interactions, xử lý trạng thái Loading/Error.
+4.  **Kiểm Tra (Audit)**: So sánh với các nguyên tắc trên.
+
+---
+
+## IV. Kỹ Thuật Thẩm Mỹ Nâng Cao (Advanced Aesthetics)
+
+Để đạt đẳng cấp "Premium" thực sự, chúng tôi học hỏi từ những người giỏi nhất (Linear, Aceternity, Magic UI).
+
+### 1. Hiệu Ứng "Linear" (The Subtle Glow)
+> *Học từ Linear.app*
+- **Border**: Không dùng border đơn sắc. Dùng `border-white/10` kết hợp với `bg-gradient-to-b` nhẹ.
+- **Micro-Glow**: Các nút bấm hoặc card khi hover phải có hiệu ứng phát sáng nhẹ từ viền (Subtle Border Glow).
+
+### 2. Chuyển Động "Magic" (The Bento Motion)
+> *Học từ Magic UI / Bento Grids*
+- **Layout**: Sử dụng Bento Grid (Lưới hợp cơm) để tổ chức thông tin.
+- **Motion**:
+    - Dùng `Marquee` (chữ chạy) cho danh sách đối tác/logo.
+    - Dùng `Typing Effect` cho các câu slogan chính.
+    - Số liệu (Numbers) phải tự động nhảy (Count up) khi lướt tới.
+
+### 3. Chiều Sâu "Aceternity" (The Cinematic Depth)
+> *Học từ Aceternity UI*
+- **Background**: Không dùng nền phẳng. Dùng `Grid Background`, `Spotlight` hoặc `Aurora` (Cực quang) để tạo chiều sâu vô tận.
+- **Lighting**: Giả lập nguồn sáng chiếu vào card (Spotlight Card) để tạo cảm giác vật lý 3D.
+
+---
+
+*Được tổng hợp và đúc kết từ tri thức của UI/UX Pro Max.*
+*Viết lại bởi: Dokhacgiakhoa's Agent.*

package/.agent/.shared/design-philosophy/README.md

@@ -0,0 +1,32 @@
+# 🎨 Design Philosophy Module
+
+> **Status**: Internalized Wisdom
+> **Type**: Shared Module (Philosophy & Assets)
+
+This module encapsulates the **Design Soul** of the Google Antigravity project. It is not just text; it contains actionable tools and assets to enforce "Premium" aesthetics.
+
+## 📂 Structure
+
+```
+design-philosophy/
+├── MANIFESTO.md          # 📜 The Core Philosophy (Declaration)
+├── checklists/           # ✅ Audit Tools (Manual Verification)
+│   ├── tactile_audit.md  #    - Check interactions (Hover, Cursor)
+│   └── visual_audit.md   #    - Check aesthetics (Light/Dark, Contrast)
+└── presets/              # 🎨 Copy-paste Assets (Tailwind/CSS)
+    └── linear_glow.json  #    - "Linear-style" border & glow configs
+```
+
+## 🚀 Usage
+
+### 1. Read the Manifesto
+Before designing any screen, read `MANIFESTO.md` to align your mindset.
+
+### 2. Run an Audit
+After implementing a UI, use the checklists to verify quality.
+```bash
+# Example: "Agent, please audit this page using the Tactile Checklist"
+```
+
+### 3. Use Presets
+Don't reinvent the wheel. Use the JSON presets for complex effects like "Subtle Border Glow".

package/.agent/.shared/design-philosophy/checklists/tactile_audit.md

@@ -0,0 +1,21 @@
+# ✅ Tactile Audit Checklist (Xúc Giác)
+
+> check_type: manual_audit
+> priority: high
+
+Use this checklist to verify the "feel" of the interface.
+
+## 1. Cursor & Interaction
+- [ ] **Cursor Pointer**: Are all clickable elements (Buttons, Cards, Links) showing `cursor: pointer`?
+- [ ] **No Dead Links**: Do all buttons have a feedback action (even if just a console log)?
+- [ ] **Hit Area**: Are mobile touch targets at least 44x44px?
+
+## 2. Hover Physics
+- [ ] **Existence**: Does hovering change the state (bg-color, interact, scale)?
+- [ ] **Subtlety**: Is the change subtle? (Avoid 0 -> 100 opacity jumps).
+- [ ] **Border Glow**: (If Premium) Does the border glow slightly on hover?
+
+## 3. Motion Timing
+- [ ] **Duration**: Are transitions between 150ms and 300ms?
+- [ ] **Easing**: Is `ease-out` used for entering elements?
+- [ ] **No Jauk**: Are there any layout shifts during hover?

package/.agent/.shared/design-philosophy/checklists/visual_audit.md

@@ -0,0 +1,20 @@
+# ✅ Visual Audit Checklist (Ánh Sáng)
+
+> check_type: manual_audit
+> priority: critical
+
+Use this checklist to verify the "look" and accessibility.
+
+## 1. Dark Mode Integrity
+- [ ] **No Pure Black**: Is the background `#000000`? (If yes, fail. Change to `#0a0a0a` or `#111`).
+- [ ] **Layering**: Do modal/cards have a lighter shade than the background?
+- [ ] **Borders**: Are borders visible? (e.g. `border-white/10`).
+
+## 2. Glassmorphism
+- [ ] **Visibility**: Is the glass effect visible on white/light backgrounds? (`bg-white/80` + `backdrop-blur`).
+- [ ] **Noise**: (Optional) Is there a subtle noise texture to add realism?
+
+## 3. Typography & Hierarchy
+- [ ] **H1 vs H2**: Is there a clear size difference (min 1.5x scale)?
+- [ ] **Muted Text**: Is secondary text using `text-muted-foreground` (or gray-500)?
+- [ ] **Font Family**: Is the correct font stack (Inter/Outfit) applied?

package/.agent/.shared/design-philosophy/presets/linear_glow.json

@@ -0,0 +1,20 @@
+{
+  "name": "Linear Glow Pack",
+  "description": "Tailwind configuration for Linear-style subtle gradients and borders.",
+  "tokens": {
+    "colors": {
+      "glass-border": "rgba(255, 255, 255, 0.08)",
+      "glass-surface": "rgba(255, 255, 255, 0.03)",
+      "linear-gradient-top": "linear-gradient(to bottom, rgba(255,255,255,0.05), transparent)"
+    },
+    "boxShadow": {
+      "glow-sm": "0 0 10px rgba(255, 255, 255, 0.05)",
+      "glow-md": "0 0 20px rgba(255, 255, 255, 0.1)"
+    }
+  },
+  "snippets": {
+    "card_base": "bg-black/40 backdrop-blur-md border border-white/10 hover:border-white/20 transition-all duration-300",
+    "card_highlight": "bg-gradient-to-b from-white/5 to-transparent border-t border-white/10",
+    "button_glow": "relative overflow-hidden bg-white/5 border border-white/10 hover:bg-white/10 hover:shadow-[0_0_15px_rgba(255,255,255,0.1)] transition-all duration-300"
+  }
+}

package/.agent/.shared/design-system/README.md

@@ -0,0 +1,18 @@
+# 🎨 Design System Module
+
+> **Status**: Visual Language
+> **Type**: Shared Module (Tokens & Components)
+
+This module houses the concrete implementation of design: Colors, Typography, Spacing, and Component definitions.
+
+## 📂 Structure
+
+```
+design-system/
+├── brand_presets.json    # 🎨 Color tokens
+├── micro_interactions.md # 📜 Animation specs
+└── components/           # 🧩 React/HTML Component specs
+```
+
+## 🚀 Usage
+Import `brand_presets.json` into Tailwind config to enforce brand colors.

package/.agent/.shared/domain-blueprints/README.md

@@ -0,0 +1,18 @@
+# 🏗️ Domain Blueprints Module
+
+> **Status**: Vertical Architecture
+> **Type**: Shared Module (Industry Patterns)
+
+This module provides reference architectures for specific industries (Fintech, EdTech, E-commerce).
+
+## 📂 Structure
+
+```
+domain-blueprints/
+├── fintech/              # 💰 Financial System Patterns
+├── e-commerce/           # 🛒 Shopping Cart Flows
+└── education/            # 🎓 LMS Structures
+```
+
+## 🚀 Usage
+Select the relevant folder to find architecture diagrams and data flows for your specific industry.

package/.agent/.shared/dx-toolkit/README.md

@@ -0,0 +1,19 @@
+# 🛠️ DX Toolkit Module
+
+> **Status**: Developer Experience
+> **Type**: Shared Module (Workflow Optimization)
+
+This module ensures your development team moves fast without breaking things.
+
+## 📂 Structure
+
+```
+dx-toolkit/
+├── checklists/           # ✅ Audit Tools
+│   └── code_review.md    #    - The "Senior Engineer" review guide
+└── presets/              # ⚙️ IDE Configs
+    └── vscode_settings.json # - Opinionated VSCode Workspace settings
+```
+
+## 🚀 Usage
+Copy `vscode_settings.json` to `.vscode/settings.json` in your project root to align the whole team's editor behavior (Auto-save, Linting on save).

package/.agent/.shared/dx-toolkit/checklists/code_review.md

@@ -0,0 +1,18 @@
+# ✅ Code Review Checklist
+
+> check_type: manual_audit
+> priority: medium
+
+## 1. Logic & Correctness
+- [ ] **Edge Cases**: Are null/undefined values handled?
+- [ ] **Complexity**: Is there any nested loop (O(n^2)) that can be optimized?
+- [ ] **Dead Code**: Are there unused variables or imports?
+
+## 2. Readability (Clean Code)
+- [ ] **Naming**: Do variables explain *what* they contain (e.g. `userList` vs `data`)?
+- [ ] **Functions**: Are functions small (< 20 lines) and do one thing?
+- [ ] **Comments**: Do comments explain *WHY*, not *WHAT*?
+
+## 3. Testing
+- [ ] **Coverage**: Is there a test case for this new feature?
+- [ ] **Regression**: Does this break existing tests?

package/.agent/.shared/dx-toolkit/presets/vscode_settings.json

@@ -0,0 +1,15 @@
+{
+  "name": "Opinionated VSCode Settings",
+  "description": "Standardize editor behavior for the team.",
+  "settings": {
+    "editor.formatOnSave": true,
+    "editor.defaultFormatter": "esbenp.prettier-vscode",
+    "editor.codeActionsOnSave": {
+      "source.fixAll.eslint": "explicit"
+    },
+    "files.trimTrailingWhitespace": true,
+    "files.insertFinalNewline": true,
+    "javascript.updateImportsOnFileMove.enabled": "always",
+    "typescript.updateImportsOnFileMove.enabled": "always"
+  }
+}

package/.agent/.shared/i18n-master/README.md

@@ -0,0 +1,18 @@
+# 🌐 I18n Master Module
+
+> **Status**: Global Reach
+> **Type**: Shared Module (Localization)
+
+This module standardizes internationalization (i18n) and localization (l10n) practices.
+
+## 📂 Structure
+
+```
+i18n-master/
+├── locales/              # 🏳️ Standard Locale Codes
+└── checklists/           # ✅ Audit Tools
+    └── text_expansion.md #    - Check for UI breaks with long text
+```
+
+## 🚀 Usage
+Use this module to ensure your application can properly handle multiple languages and cultural formats (dates, currency).

package/.agent/.shared/infra-blueprints/README.md

@@ -0,0 +1,18 @@
+# ☁️ Infra Blueprints Module
+
+> **Status**: Cloud Foundation
+> **Type**: Shared Module (IaC & Topology)
+
+This module contains Infrastructure as Code (IaC) templates and cloud topology designs.
+
+## 📂 Structure
+
+```
+infra-blueprints/
+├── aws/                  # 🟧 AWS Patterns (Terraform/CDK)
+├── gcp/                  # 🟦 Google Cloud Patterns
+└── docker/               # 🐳 Container Configs
+```
+
+## 🚀 Usage
+Copy templates from the relevant cloud provider folder to jumpstart infrastructure setup.

package/.agent/.shared/metrics/README.md

@@ -0,0 +1,17 @@
+# 📊 Metrics Master Module
+
+> **Status**: Observability
+> **Type**: Shared Module (Monitoring & KPI)
+
+This module defines standard metrics, logging formats, and dashboard layouts.
+
+## 📂 Structure
+
+```
+metrics/
+├── dashboards/           # 📉 Grafana/Datadog Templates
+└── templates/            # 📝 Log Format Specs
+```
+
+## 🚀 Usage
+Use these templates to ensure all services emit consistent logs and metrics for centralized monitoring.

package/.agent/.shared/resilience-patterns/README.md

@@ -0,0 +1,19 @@
+# 🦾 Resilience Patterns Module
+
+> **Status**: Deep Tech / Enterprise
+> **Type**: Shared Module (System Stability)
+
+This module provides the blueprints for building unbreakable, distributed systems.
+
+## 📂 Structure
+
+```
+resilience-patterns/
+├── checklists/           # ✅ Audit Tools
+│   └── chaos_engineering.md # - Simulation scenarios
+└── presets/              # ⚙️ Configs
+    └── circuit_breaker.json # - Timeout & Fallback policies
+```
+
+## 🚀 Usage
+Use these patterns when building interactions between Microservices or 3rd Party APIs. They prevent cascading failures.

package/.agent/.shared/resilience-patterns/checklists/chaos_engineering.md

@@ -0,0 +1,16 @@
+# ✅ Chaos Engineering Checklist (Simulation)
+
+> check_type: manual_audit
+> priority: critical (for distributed systems)
+
+## 1. Scenario: Dependency Failure
+- [ ] **Database Down**: If DB connection times out, does the API return 503 cleanly (vs hanging)?
+- [ ] **3rd Party API Slow**: If OpenAI/Stripe takes 30s, does the app handle it gracefully?
+
+## 2. Scenario: Traffic Spike
+- [ ] **Rate Limiting**: Is there a limit per IP (e.g. 100 req/min)?
+- [ ] **Queueing**: Do background jobs pile up safely without crashing memory?
+
+## 3. Scenario: Data Corruption
+- [ ] **Bad Input**: Does the system validate schema before processing?
+- [ ] **Poison Message**: Can the consumer handle a malformed message from Kafka/Queue?

package/.agent/.shared/resilience-patterns/presets/circuit_breaker.json

@@ -0,0 +1,21 @@
+{
+  "name": "Circuit Breaker Policies",
+  "description": "Standard configurations for Opossum or similar libraries.",
+  "policies": {
+    "standard_api": {
+      "timeout": 3000,
+      "errorThresholdPercentage": 50,
+      "resetTimeout": 30000
+    },
+    "critical_payment": {
+      "timeout": 10000,
+      "errorThresholdPercentage": 10,
+      "resetTimeout": 10000
+    },
+    "background_job": {
+      "timeout": 60000,
+      "errorThresholdPercentage": 70,
+      "resetTimeout": 300000
+    }
+  }
+}

package/.agent/.shared/security-armor/README.md

@@ -0,0 +1,25 @@
+# 🛡️ Security Armor Module
+
+> **Status**: Critical Defense
+> **Type**: Shared Module (Audits & Configs)
+
+This module encapsulates the security standards (OWASP, Best Practices) for the system.
+
+## 📂 Structure
+
+```
+security-armor/
+├── hardening.md          # 📜 Theoretical Hardening Guide (Existing)
+├── checklists/           # ✅ Audit Tools
+│   └── vuln_scan.md      #    - Manual/Automated Vulnerability Scan Checklist
+└── presets/              # ⚙️ Configuration
+    └── helmet_config.json #   - Reusable Helmet.js / Security Headers config
+```
+
+## 🚀 Usage
+
+### 1. Pre-Deployment Audit
+Before any major release, run through the `checklists/vuln_scan.md`.
+
+### 2. Header Configuration
+Copy the `helmet_config.json` settings into your web server (Express/Next.js) middleware to secure HTTP headers.

package/.agent/.shared/security-armor/checklists/vuln_scan.md

@@ -0,0 +1,19 @@
+# ✅ Vulnerability Scan Checklist
+
+> check_type: manual_audit
+> priority: critical
+> reference: OWASP Top 10
+
+## 1. Injection & Input
+- [ ] **SQL Injection**: Are all DB queries using parameterized statements (or ORM)?
+- [ ] **XSS**: Is user input sanitized before rendering (especially `dangerouslySetInnerHTML`)?
+- [ ] **Validation**: Is Input Validation (Zod/Joi) active on all API endpoints?
+
+## 2. Authentication & Data
+- [ ] **Secrets**: Are `API_KEY` and `DB_URL` loaded from `.env` (not hardcoded)?
+- [ ] **Hashing**: Are passwords hashed using Bcrypt/Argon2?
+- [ ] **HTTPS**: Is SSL/TLS enforced?
+
+## 3. Dependencies
+- [ ] **Audit**: Have you run `npm audit` to check for known CVEs?
+- [ ] **Lockfile**: Is `package-lock.json` committed?

package/.agent/.shared/security-armor/presets/helmet_config.json

@@ -0,0 +1,22 @@
+{
+  "name": "Standard Security Headers",
+  "description": "Recommended settings for Helmet.js or equivalent middleware.",
+  "recommended": {
+    "contentSecurityPolicy": {
+      "directives": {
+        "defaultSrc": ["'self'"],
+        "scriptSrc": ["'self'", "'unsafe-inline'"],
+        "styleSrc": ["'self'", "'unsafe-inline'"],
+        "imgSrc": ["'self'", "data:", "https:"]
+      }
+    },
+    "xFrameOptions": { "action": "deny" },
+    "xContentTypeOptions": true,
+    "strictTransportSecurity": {
+      "maxAge": 63072000,
+      "includeSubDomains": true,
+      "preload": true
+    },
+    "referrerPolicy": { "policy": "same-origin" }
+  }
+}

package/.agent/.shared/seo-master/README.md

@@ -0,0 +1,20 @@
+# 📈 SEO Master Module
+
+> **Status**: Growth Engines
+> **Type**: Shared Module (Traffic & Visibility)
+
+This module provides the tools to dominate search engines programmatically.
+
+## 📂 Structure
+
+```
+seo-master/
+├── checklists/           # ✅ Audit Tools
+│   └── technical_seo.md  #    - Core Web Vitals, Robots, Sitemaps
+└── presets/              # ⚙️ Schemas
+    └── json_ld_schema.json #  - Rich Snippet Definitions
+```
+
+## 🚀 Usage
+Use `json_ld_schema.json` to inject structured data into your Next.js Head component.
+Run `technical_seo.md` audit before every major content release.

package/.agent/.shared/seo-master/checklists/technical_seo.md

@@ -0,0 +1,18 @@
+# ✅ Technical SEO Checklist
+
+> check_type: manual_audit
+> priority: high
+
+## 1. Indexing & Crawling
+- [ ] **Robots.txt**: Is it present and allowing relevant bots?
+- [ ] **Sitemap.xml**: Is it dynamically generated and submitted to GSC?
+- [ ] **Canonicals**: Do all pages have `<link rel="canonical">` to prevent duplicate content?
+
+## 2. On-Page Structure
+- [ ] **Title Tags**: Are they unique and under 60 chars?
+- [ ] **Meta Desc**: Are they actionable and under 160 chars?
+- [ ] **H1**: Every page has exactly one H1 tag?
+
+## 3. Performance (Core Web Vitals)
+- [ ] **LCP**: Is Largest Contentful Paint < 2.5s?
+- [ ] **CLS**: Is Cumulative Layout Shift < 0.1?