arboris-cli 1.0.0 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (451) hide show
  1. package/dist/cli.mjs +420 -0
  2. package/manifest.json +602 -0
  3. package/package.json +22 -10
  4. package/prisma/skills/accessibility/SKILL.md +147 -0
  5. package/prisma/skills/agent-architecture-audit/SKILL.md +257 -0
  6. package/prisma/skills/agent-eval/SKILL.md +146 -0
  7. package/prisma/skills/agent-harness-construction/SKILL.md +74 -0
  8. package/prisma/skills/agent-introspection-debugging/SKILL.md +154 -0
  9. package/prisma/skills/agent-payment-x402/SKILL.md +225 -0
  10. package/prisma/skills/agent-self-evaluation/SKILL.md +182 -0
  11. package/prisma/skills/agent-self-evaluation/examples/high-score-example.md +87 -0
  12. package/prisma/skills/agent-self-evaluation/examples/low-score-example.md +86 -0
  13. package/prisma/skills/agent-self-evaluation/references/evaluation-criteria.md +71 -0
  14. package/prisma/skills/agent-self-evaluation/references/hook-integration.md +64 -0
  15. package/prisma/skills/agent-self-evaluation/scripts/evaluate.py +408 -0
  16. package/prisma/skills/agent-self-evaluation/templates/evaluation-report.md +86 -0
  17. package/prisma/skills/agent-sort/SKILL.md +216 -0
  18. package/prisma/skills/agentic-engineering/SKILL.md +64 -0
  19. package/prisma/skills/agentic-os/SKILL.md +388 -0
  20. package/prisma/skills/ai-first-engineering/SKILL.md +52 -0
  21. package/prisma/skills/ai-regression-testing/SKILL.md +386 -0
  22. package/prisma/skills/android-clean-architecture/SKILL.md +340 -0
  23. package/prisma/skills/angular-developer/SKILL.md +155 -0
  24. package/prisma/skills/angular-developer/references/angular-animations.md +160 -0
  25. package/prisma/skills/angular-developer/references/angular-aria.md +410 -0
  26. package/prisma/skills/angular-developer/references/cli.md +86 -0
  27. package/prisma/skills/angular-developer/references/component-harnesses.md +59 -0
  28. package/prisma/skills/angular-developer/references/component-styling.md +91 -0
  29. package/prisma/skills/angular-developer/references/components.md +117 -0
  30. package/prisma/skills/angular-developer/references/creating-services.md +97 -0
  31. package/prisma/skills/angular-developer/references/data-resolvers.md +69 -0
  32. package/prisma/skills/angular-developer/references/define-routes.md +67 -0
  33. package/prisma/skills/angular-developer/references/defining-providers.md +72 -0
  34. package/prisma/skills/angular-developer/references/di-fundamentals.md +120 -0
  35. package/prisma/skills/angular-developer/references/e2e-testing.md +56 -0
  36. package/prisma/skills/angular-developer/references/effects.md +83 -0
  37. package/prisma/skills/angular-developer/references/hierarchical-injectors.md +43 -0
  38. package/prisma/skills/angular-developer/references/host-elements.md +80 -0
  39. package/prisma/skills/angular-developer/references/injection-context.md +63 -0
  40. package/prisma/skills/angular-developer/references/inputs.md +101 -0
  41. package/prisma/skills/angular-developer/references/linked-signal.md +59 -0
  42. package/prisma/skills/angular-developer/references/loading-strategies.md +61 -0
  43. package/prisma/skills/angular-developer/references/mcp.md +108 -0
  44. package/prisma/skills/angular-developer/references/navigate-to-routes.md +69 -0
  45. package/prisma/skills/angular-developer/references/outputs.md +86 -0
  46. package/prisma/skills/angular-developer/references/reactive-forms.md +122 -0
  47. package/prisma/skills/angular-developer/references/rendering-strategies.md +44 -0
  48. package/prisma/skills/angular-developer/references/resource.md +77 -0
  49. package/prisma/skills/angular-developer/references/route-animations.md +56 -0
  50. package/prisma/skills/angular-developer/references/route-guards.md +52 -0
  51. package/prisma/skills/angular-developer/references/router-lifecycle.md +45 -0
  52. package/prisma/skills/angular-developer/references/router-testing.md +87 -0
  53. package/prisma/skills/angular-developer/references/show-routes-with-outlets.md +68 -0
  54. package/prisma/skills/angular-developer/references/signal-forms.md +795 -0
  55. package/prisma/skills/angular-developer/references/signals-overview.md +94 -0
  56. package/prisma/skills/angular-developer/references/tailwind-css.md +69 -0
  57. package/prisma/skills/angular-developer/references/template-driven-forms.md +114 -0
  58. package/prisma/skills/angular-developer/references/testing-fundamentals.md +65 -0
  59. package/prisma/skills/api-connector-builder/SKILL.md +121 -0
  60. package/prisma/skills/api-design/SKILL.md +524 -0
  61. package/prisma/skills/architecture-decision-records/SKILL.md +180 -0
  62. package/prisma/skills/article-writing/SKILL.md +80 -0
  63. package/prisma/skills/automation-audit-ops/SKILL.md +143 -0
  64. package/prisma/skills/autonomous-agent-harness/SKILL.md +274 -0
  65. package/prisma/skills/autonomous-loops/SKILL.md +611 -0
  66. package/prisma/skills/backend-patterns/SKILL.md +562 -0
  67. package/prisma/skills/benchmark/SKILL.md +94 -0
  68. package/prisma/skills/benchmark-methodology/SKILL.md +190 -0
  69. package/prisma/skills/benchmark-optimization-loop/SKILL.md +70 -0
  70. package/prisma/skills/blender-motion-state-inspection/SKILL.md +165 -0
  71. package/prisma/skills/blueprint/SKILL.md +106 -0
  72. package/prisma/skills/brand-discovery/SKILL.md +145 -0
  73. package/prisma/skills/brand-discovery/references/10_purpose-why.md +40 -0
  74. package/prisma/skills/brand-discovery/references/20_positioning.md +44 -0
  75. package/prisma/skills/brand-discovery/references/30_audience-niche.md +52 -0
  76. package/prisma/skills/brand-discovery/references/40_personality-archetype.md +57 -0
  77. package/prisma/skills/brand-discovery/references/50_voice-tone.md +59 -0
  78. package/prisma/skills/brand-discovery/references/60_narrative-story.md +50 -0
  79. package/prisma/skills/brand-discovery/references/70_founder-tension.md +49 -0
  80. package/prisma/skills/brand-discovery/references/90_SYNTHESIS.md +133 -0
  81. package/prisma/skills/brand-voice/SKILL.md +98 -0
  82. package/prisma/skills/brand-voice/references/voice-profile-schema.md +55 -0
  83. package/prisma/skills/browser-qa/SKILL.md +105 -0
  84. package/prisma/skills/bun-runtime/SKILL.md +85 -0
  85. package/prisma/skills/canary-watch/SKILL.md +108 -0
  86. package/prisma/skills/carrier-relationship-management/SKILL.md +212 -0
  87. package/prisma/skills/cisco-ios-patterns/SKILL.md +164 -0
  88. package/prisma/skills/ck/SKILL.md +148 -0
  89. package/prisma/skills/ck/commands/forget.mjs +44 -0
  90. package/prisma/skills/ck/commands/info.mjs +24 -0
  91. package/prisma/skills/ck/commands/init.mjs +143 -0
  92. package/prisma/skills/ck/commands/list.mjs +40 -0
  93. package/prisma/skills/ck/commands/migrate.mjs +202 -0
  94. package/prisma/skills/ck/commands/resume.mjs +36 -0
  95. package/prisma/skills/ck/commands/save.mjs +210 -0
  96. package/prisma/skills/ck/commands/shared.mjs +387 -0
  97. package/prisma/skills/ck/hooks/session-start.mjs +224 -0
  98. package/prisma/skills/claude-devfleet/SKILL.md +112 -0
  99. package/prisma/skills/click-path-audit/SKILL.md +245 -0
  100. package/prisma/skills/clickhouse-io/SKILL.md +440 -0
  101. package/prisma/skills/code-tour/SKILL.md +254 -0
  102. package/prisma/skills/codebase-onboarding/SKILL.md +234 -0
  103. package/prisma/skills/codehealth-mcp/SKILL.md +167 -0
  104. package/prisma/skills/coding-standards/SKILL.md +551 -0
  105. package/prisma/skills/competitive-platform-analysis/SKILL.md +214 -0
  106. package/prisma/skills/competitive-report-structure/SKILL.md +162 -0
  107. package/prisma/skills/compose-multiplatform-patterns/SKILL.md +300 -0
  108. package/prisma/skills/config-gc/SKILL.md +120 -0
  109. package/prisma/skills/configure-ecc/SKILL.md +385 -0
  110. package/prisma/skills/connections-optimizer/SKILL.md +190 -0
  111. package/prisma/skills/content-engine/SKILL.md +132 -0
  112. package/prisma/skills/content-hash-cache-pattern/SKILL.md +162 -0
  113. package/prisma/skills/context-budget/SKILL.md +136 -0
  114. package/prisma/skills/continuous-agent-loop/SKILL.md +46 -0
  115. package/prisma/skills/continuous-learning/SKILL.md +132 -0
  116. package/prisma/skills/continuous-learning/config.json +18 -0
  117. package/prisma/skills/continuous-learning/evaluate-session.sh +69 -0
  118. package/prisma/skills/continuous-learning-v2/SKILL.md +361 -0
  119. package/prisma/skills/continuous-learning-v2/agents/observer-loop.sh +359 -0
  120. package/prisma/skills/continuous-learning-v2/agents/observer.md +189 -0
  121. package/prisma/skills/continuous-learning-v2/agents/session-guardian.sh +150 -0
  122. package/prisma/skills/continuous-learning-v2/agents/start-observer.sh +248 -0
  123. package/prisma/skills/continuous-learning-v2/config.json +8 -0
  124. package/prisma/skills/continuous-learning-v2/hooks/observe.sh +585 -0
  125. package/prisma/skills/continuous-learning-v2/scripts/detect-project.sh +322 -0
  126. package/prisma/skills/continuous-learning-v2/scripts/instinct-cli.py +1956 -0
  127. package/prisma/skills/continuous-learning-v2/scripts/lib/homunculus-dir.sh +31 -0
  128. package/prisma/skills/continuous-learning-v2/scripts/migrate-homunculus.sh +68 -0
  129. package/prisma/skills/continuous-learning-v2/scripts/test_parse_instinct.py +1421 -0
  130. package/prisma/skills/cost-aware-llm-pipeline/SKILL.md +184 -0
  131. package/prisma/skills/cost-tracking/SKILL.md +97 -0
  132. package/prisma/skills/council/SKILL.md +204 -0
  133. package/prisma/skills/cpp-coding-standards/SKILL.md +724 -0
  134. package/prisma/skills/cpp-testing/SKILL.md +325 -0
  135. package/prisma/skills/crosspost/SKILL.md +112 -0
  136. package/prisma/skills/csharp-testing/SKILL.md +322 -0
  137. package/prisma/skills/customer-billing-ops/SKILL.md +141 -0
  138. package/prisma/skills/customs-trade-compliance/SKILL.md +263 -0
  139. package/prisma/skills/dart-flutter-patterns/SKILL.md +564 -0
  140. package/prisma/skills/dashboard-builder/SKILL.md +109 -0
  141. package/prisma/skills/data-scraper-agent/SKILL.md +765 -0
  142. package/prisma/skills/data-throughput-accelerator/SKILL.md +73 -0
  143. package/prisma/skills/database-migrations/SKILL.md +430 -0
  144. package/prisma/skills/deep-research/SKILL.md +160 -0
  145. package/prisma/skills/defi-amm-security/SKILL.md +167 -0
  146. package/prisma/skills/delivery-gate/SKILL.md +126 -0
  147. package/prisma/skills/delivery-gate/hooks/quality-gate.py +220 -0
  148. package/prisma/skills/deployment-patterns/SKILL.md +428 -0
  149. package/prisma/skills/design-system/SKILL.md +83 -0
  150. package/prisma/skills/django-celery/SKILL.md +458 -0
  151. package/prisma/skills/django-patterns/SKILL.md +735 -0
  152. package/prisma/skills/django-security/SKILL.md +644 -0
  153. package/prisma/skills/django-tdd/SKILL.md +730 -0
  154. package/prisma/skills/django-verification/SKILL.md +470 -0
  155. package/prisma/skills/dmux-workflows/SKILL.md +192 -0
  156. package/prisma/skills/docker-patterns/SKILL.md +365 -0
  157. package/prisma/skills/documentation-lookup/SKILL.md +91 -0
  158. package/prisma/skills/dotnet-patterns/SKILL.md +322 -0
  159. package/prisma/skills/dynamic-workflow-mode/SKILL.md +124 -0
  160. package/prisma/skills/e2e-testing/SKILL.md +327 -0
  161. package/prisma/skills/ecc-guide/SKILL.md +190 -0
  162. package/prisma/skills/ecc-recipes/SKILL.md +149 -0
  163. package/prisma/skills/ecc-tools-cost-audit/SKILL.md +161 -0
  164. package/prisma/skills/email-ops/SKILL.md +122 -0
  165. package/prisma/skills/energy-procurement/SKILL.md +228 -0
  166. package/prisma/skills/enterprise-agent-ops/SKILL.md +51 -0
  167. package/prisma/skills/error-handling/SKILL.md +377 -0
  168. package/prisma/skills/eval-harness/SKILL.md +271 -0
  169. package/prisma/skills/evm-token-decimals/SKILL.md +131 -0
  170. package/prisma/skills/exa-search/SKILL.md +108 -0
  171. package/prisma/skills/fal-ai-media/SKILL.md +289 -0
  172. package/prisma/skills/fastapi-patterns/SKILL.md +514 -0
  173. package/prisma/skills/finance-billing-ops/SKILL.md +128 -0
  174. package/prisma/skills/flox-environments/SKILL.md +497 -0
  175. package/prisma/skills/flutter-dart-code-review/SKILL.md +436 -0
  176. package/prisma/skills/foundation-models-on-device/SKILL.md +243 -0
  177. package/prisma/skills/frontend-a11y/SKILL.md +446 -0
  178. package/prisma/skills/frontend-design-direction/SKILL.md +93 -0
  179. package/prisma/skills/frontend-patterns/SKILL.md +657 -0
  180. package/prisma/skills/frontend-slides/SKILL.md +185 -0
  181. package/prisma/skills/frontend-slides/STYLE_PRESETS.md +330 -0
  182. package/prisma/skills/frontend-slides/animation-patterns.md +122 -0
  183. package/prisma/skills/frontend-slides/html-template.md +419 -0
  184. package/prisma/skills/frontend-slides/scripts/export-pdf.sh +418 -0
  185. package/prisma/skills/frontend-slides/scripts/extract-pptx.py +96 -0
  186. package/prisma/skills/frontend-slides/viewport-base.css +153 -0
  187. package/prisma/skills/fsharp-testing/SKILL.md +281 -0
  188. package/prisma/skills/gan-style-harness/SKILL.md +279 -0
  189. package/prisma/skills/gateguard/SKILL.md +133 -0
  190. package/prisma/skills/generating-python-installer/SKILL.md +820 -0
  191. package/prisma/skills/git-workflow/SKILL.md +716 -0
  192. package/prisma/skills/github-ops/SKILL.md +145 -0
  193. package/prisma/skills/golang-patterns/SKILL.md +675 -0
  194. package/prisma/skills/golang-testing/SKILL.md +721 -0
  195. package/prisma/skills/google-workspace-ops/SKILL.md +96 -0
  196. package/prisma/skills/growth-log/SKILL.md +128 -0
  197. package/prisma/skills/healthcare-cdss-patterns/SKILL.md +246 -0
  198. package/prisma/skills/healthcare-emr-patterns/SKILL.md +160 -0
  199. package/prisma/skills/healthcare-eval-harness/SKILL.md +208 -0
  200. package/prisma/skills/healthcare-phi-compliance/SKILL.md +146 -0
  201. package/prisma/skills/hermes-imports/SKILL.md +89 -0
  202. package/prisma/skills/hexagonal-architecture/SKILL.md +277 -0
  203. package/prisma/skills/hipaa-compliance/SKILL.md +79 -0
  204. package/prisma/skills/homelab-network-readiness/SKILL.md +170 -0
  205. package/prisma/skills/homelab-network-setup/SKILL.md +130 -0
  206. package/prisma/skills/homelab-pihole-dns/SKILL.md +275 -0
  207. package/prisma/skills/homelab-vlan-segmentation/SKILL.md +312 -0
  208. package/prisma/skills/homelab-wireguard-vpn/SKILL.md +306 -0
  209. package/prisma/skills/hookify-rules/SKILL.md +128 -0
  210. package/prisma/skills/inherit-legacy-style/SKILL.md +157 -0
  211. package/prisma/skills/intent-driven-development/SKILL.md +360 -0
  212. package/prisma/skills/inventory-demand-planning/SKILL.md +247 -0
  213. package/prisma/skills/investor-materials/SKILL.md +97 -0
  214. package/prisma/skills/investor-outreach/SKILL.md +92 -0
  215. package/prisma/skills/ios-icon-gen/SKILL.md +158 -0
  216. package/prisma/skills/ios-icon-gen/scripts/generate_icons.swift +258 -0
  217. package/prisma/skills/ios-icon-gen/scripts/iconify_gen.sh +235 -0
  218. package/prisma/skills/iterative-retrieval/SKILL.md +212 -0
  219. package/prisma/skills/ito-basket-compare/SKILL.md +64 -0
  220. package/prisma/skills/ito-data-atlas-agent/SKILL.md +64 -0
  221. package/prisma/skills/ito-market-intelligence/SKILL.md +61 -0
  222. package/prisma/skills/ito-trade-planner/SKILL.md +68 -0
  223. package/prisma/skills/java-coding-standards/SKILL.md +384 -0
  224. package/prisma/skills/jira-integration/SKILL.md +303 -0
  225. package/prisma/skills/jpa-patterns/SKILL.md +152 -0
  226. package/prisma/skills/knowledge-ops/SKILL.md +155 -0
  227. package/prisma/skills/kotlin-coroutines-flows/SKILL.md +285 -0
  228. package/prisma/skills/kotlin-exposed-patterns/SKILL.md +720 -0
  229. package/prisma/skills/kotlin-ktor-patterns/SKILL.md +690 -0
  230. package/prisma/skills/kotlin-patterns/SKILL.md +712 -0
  231. package/prisma/skills/kotlin-testing/SKILL.md +825 -0
  232. package/prisma/skills/kubernetes-patterns/SKILL.md +756 -0
  233. package/prisma/skills/laravel-patterns/SKILL.md +416 -0
  234. package/prisma/skills/laravel-plugin-discovery/SKILL.md +230 -0
  235. package/prisma/skills/laravel-security/SKILL.md +948 -0
  236. package/prisma/skills/laravel-tdd/SKILL.md +675 -0
  237. package/prisma/skills/laravel-verification/SKILL.md +180 -0
  238. package/prisma/skills/latency-critical-systems/SKILL.md +74 -0
  239. package/prisma/skills/lead-intelligence/SKILL.md +322 -0
  240. package/prisma/skills/lead-intelligence/agents/enrichment-agent.md +85 -0
  241. package/prisma/skills/lead-intelligence/agents/mutual-mapper.md +75 -0
  242. package/prisma/skills/lead-intelligence/agents/outreach-drafter.md +98 -0
  243. package/prisma/skills/lead-intelligence/agents/signal-scorer.md +60 -0
  244. package/prisma/skills/liquid-glass-design/SKILL.md +279 -0
  245. package/prisma/skills/llm-trading-agent-security/SKILL.md +147 -0
  246. package/prisma/skills/logistics-exception-management/SKILL.md +222 -0
  247. package/prisma/skills/loop-design-check/SKILL.md +143 -0
  248. package/prisma/skills/mailtrap-email-integration/SKILL.md +77 -0
  249. package/prisma/skills/make-interfaces-feel-better/SKILL.md +152 -0
  250. package/prisma/skills/manim-video/SKILL.md +90 -0
  251. package/prisma/skills/manim-video/assets/network_graph_scene.py +52 -0
  252. package/prisma/skills/market-research/SKILL.md +76 -0
  253. package/prisma/skills/marketing-campaign/SKILL.md +114 -0
  254. package/prisma/skills/mcp-server-patterns/SKILL.md +70 -0
  255. package/prisma/skills/messages-ops/SKILL.md +105 -0
  256. package/prisma/skills/ml-adoption-playbook/SKILL.md +57 -0
  257. package/prisma/skills/mle-workflow/SKILL.md +347 -0
  258. package/prisma/skills/motion-advanced/SKILL.md +596 -0
  259. package/prisma/skills/motion-foundations/SKILL.md +299 -0
  260. package/prisma/skills/motion-patterns/SKILL.md +434 -0
  261. package/prisma/skills/motion-ui/SKILL.md +576 -0
  262. package/prisma/skills/mysql-patterns/SKILL.md +413 -0
  263. package/prisma/skills/nanoclaw-repl/SKILL.md +34 -0
  264. package/prisma/skills/nestjs-patterns/SKILL.md +231 -0
  265. package/prisma/skills/netmiko-ssh-automation/SKILL.md +174 -0
  266. package/prisma/skills/network-bgp-diagnostics/SKILL.md +168 -0
  267. package/prisma/skills/network-config-validation/SKILL.md +211 -0
  268. package/prisma/skills/network-interface-health/SKILL.md +153 -0
  269. package/prisma/skills/nextjs-turbopack/SKILL.md +58 -0
  270. package/prisma/skills/nodejs-keccak256/SKILL.md +103 -0
  271. package/prisma/skills/nutrient-document-processing/SKILL.md +168 -0
  272. package/prisma/skills/nuxt4-patterns/SKILL.md +101 -0
  273. package/prisma/skills/openclaw-persona-forge/SKILL.md +289 -0
  274. package/prisma/skills/openclaw-persona-forge/gacha.py +224 -0
  275. package/prisma/skills/openclaw-persona-forge/gacha.sh +5 -0
  276. package/prisma/skills/openclaw-persona-forge/references/avatar-style.md +124 -0
  277. package/prisma/skills/openclaw-persona-forge/references/boundary-rules.md +53 -0
  278. package/prisma/skills/openclaw-persona-forge/references/error-handling.md +53 -0
  279. package/prisma/skills/openclaw-persona-forge/references/identity-tension.md +48 -0
  280. package/prisma/skills/openclaw-persona-forge/references/naming-system.md +39 -0
  281. package/prisma/skills/openclaw-persona-forge/references/output-template.md +166 -0
  282. package/prisma/skills/opensource-pipeline/SKILL.md +256 -0
  283. package/prisma/skills/orch-add-feature/SKILL.md +45 -0
  284. package/prisma/skills/orch-build-mvp/SKILL.md +49 -0
  285. package/prisma/skills/orch-change-feature/SKILL.md +43 -0
  286. package/prisma/skills/orch-fix-defect/SKILL.md +43 -0
  287. package/prisma/skills/orch-pipeline/SKILL.md +121 -0
  288. package/prisma/skills/orch-refine-code/SKILL.md +44 -0
  289. package/prisma/skills/parallel-execution-optimizer/SKILL.md +73 -0
  290. package/prisma/skills/perl-patterns/SKILL.md +505 -0
  291. package/prisma/skills/perl-security/SKILL.md +504 -0
  292. package/prisma/skills/perl-testing/SKILL.md +476 -0
  293. package/prisma/skills/plan-orchestrate/SKILL.md +263 -0
  294. package/prisma/skills/plankton-code-quality/SKILL.md +237 -0
  295. package/prisma/skills/postgres-patterns/SKILL.md +148 -0
  296. package/prisma/skills/prediction-market-oracle-research/SKILL.md +64 -0
  297. package/prisma/skills/prediction-market-risk-review/SKILL.md +61 -0
  298. package/prisma/skills/prisma-patterns/SKILL.md +401 -0
  299. package/prisma/skills/product-capability/SKILL.md +142 -0
  300. package/prisma/skills/product-lens/SKILL.md +93 -0
  301. package/prisma/skills/production-audit/SKILL.md +207 -0
  302. package/prisma/skills/production-scheduling/SKILL.md +238 -0
  303. package/prisma/skills/project-flow-ops/SKILL.md +112 -0
  304. package/prisma/skills/prompt-optimizer/SKILL.md +398 -0
  305. package/prisma/skills/python-patterns/SKILL.md +751 -0
  306. package/prisma/skills/python-testing/SKILL.md +817 -0
  307. package/prisma/skills/pytorch-patterns/SKILL.md +397 -0
  308. package/prisma/skills/quality-nonconformance/SKILL.md +260 -0
  309. package/prisma/skills/quarkus-patterns/SKILL.md +723 -0
  310. package/prisma/skills/quarkus-security/SKILL.md +468 -0
  311. package/prisma/skills/quarkus-tdd/SKILL.md +812 -0
  312. package/prisma/skills/quarkus-verification/SKILL.md +480 -0
  313. package/prisma/skills/ralphinho-rfc-pipeline/SKILL.md +68 -0
  314. package/prisma/skills/react-native-patterns/SKILL.md +326 -0
  315. package/prisma/skills/react-patterns/SKILL.md +342 -0
  316. package/prisma/skills/react-performance/SKILL.md +575 -0
  317. package/prisma/skills/react-testing/SKILL.md +424 -0
  318. package/prisma/skills/recsys-pipeline-architect/SKILL.md +115 -0
  319. package/prisma/skills/recursive-decision-ledger/SKILL.md +80 -0
  320. package/prisma/skills/redis-patterns/SKILL.md +404 -0
  321. package/prisma/skills/regex-vs-llm-structured-text/SKILL.md +221 -0
  322. package/prisma/skills/remotion-video-creation/SKILL.md +43 -0
  323. package/prisma/skills/remotion-video-creation/rules/3d.md +86 -0
  324. package/prisma/skills/remotion-video-creation/rules/animations.md +29 -0
  325. package/prisma/skills/remotion-video-creation/rules/assets/charts-bar-chart.tsx +173 -0
  326. package/prisma/skills/remotion-video-creation/rules/assets/text-animations-typewriter.tsx +100 -0
  327. package/prisma/skills/remotion-video-creation/rules/assets/text-animations-word-highlight.tsx +108 -0
  328. package/prisma/skills/remotion-video-creation/rules/assets.md +78 -0
  329. package/prisma/skills/remotion-video-creation/rules/audio.md +172 -0
  330. package/prisma/skills/remotion-video-creation/rules/calculate-metadata.md +104 -0
  331. package/prisma/skills/remotion-video-creation/rules/can-decode.md +75 -0
  332. package/prisma/skills/remotion-video-creation/rules/charts.md +58 -0
  333. package/prisma/skills/remotion-video-creation/rules/compositions.md +146 -0
  334. package/prisma/skills/remotion-video-creation/rules/display-captions.md +126 -0
  335. package/prisma/skills/remotion-video-creation/rules/extract-frames.md +229 -0
  336. package/prisma/skills/remotion-video-creation/rules/fonts.md +152 -0
  337. package/prisma/skills/remotion-video-creation/rules/get-audio-duration.md +58 -0
  338. package/prisma/skills/remotion-video-creation/rules/get-video-dimensions.md +68 -0
  339. package/prisma/skills/remotion-video-creation/rules/get-video-duration.md +58 -0
  340. package/prisma/skills/remotion-video-creation/rules/gifs.md +138 -0
  341. package/prisma/skills/remotion-video-creation/rules/images.md +130 -0
  342. package/prisma/skills/remotion-video-creation/rules/import-srt-captions.md +67 -0
  343. package/prisma/skills/remotion-video-creation/rules/lottie.md +67 -0
  344. package/prisma/skills/remotion-video-creation/rules/measuring-dom-nodes.md +34 -0
  345. package/prisma/skills/remotion-video-creation/rules/measuring-text.md +143 -0
  346. package/prisma/skills/remotion-video-creation/rules/sequencing.md +106 -0
  347. package/prisma/skills/remotion-video-creation/rules/tailwind.md +11 -0
  348. package/prisma/skills/remotion-video-creation/rules/text-animations.md +20 -0
  349. package/prisma/skills/remotion-video-creation/rules/timing.md +179 -0
  350. package/prisma/skills/remotion-video-creation/rules/transcribe-captions.md +19 -0
  351. package/prisma/skills/remotion-video-creation/rules/transitions.md +122 -0
  352. package/prisma/skills/remotion-video-creation/rules/trimming.md +52 -0
  353. package/prisma/skills/remotion-video-creation/rules/videos.md +171 -0
  354. package/prisma/skills/repo-scan/SKILL.md +79 -0
  355. package/prisma/skills/research-ops/SKILL.md +113 -0
  356. package/prisma/skills/returns-reverse-logistics/SKILL.md +240 -0
  357. package/prisma/skills/rules-distill/SKILL.md +265 -0
  358. package/prisma/skills/rules-distill/scripts/scan-rules.sh +58 -0
  359. package/prisma/skills/rules-distill/scripts/scan-skills.sh +129 -0
  360. package/prisma/skills/rust-patterns/SKILL.md +500 -0
  361. package/prisma/skills/rust-testing/SKILL.md +501 -0
  362. package/prisma/skills/safety-guard/SKILL.md +76 -0
  363. package/prisma/skills/santa-method/SKILL.md +307 -0
  364. package/prisma/skills/scientific-db-pubmed-database/SKILL.md +176 -0
  365. package/prisma/skills/scientific-db-uspto-database/SKILL.md +178 -0
  366. package/prisma/skills/scientific-pkg-gget/SKILL.md +167 -0
  367. package/prisma/skills/scientific-thinking-literature-review/SKILL.md +193 -0
  368. package/prisma/skills/scientific-thinking-scholar-evaluation/SKILL.md +161 -0
  369. package/prisma/skills/search-first/SKILL.md +183 -0
  370. package/prisma/skills/security-bounty-hunter/SKILL.md +100 -0
  371. package/prisma/skills/security-review/SKILL.md +504 -0
  372. package/prisma/skills/security-review/cloud-infrastructure-security.md +361 -0
  373. package/prisma/skills/security-scan/SKILL.md +166 -0
  374. package/prisma/skills/seo/SKILL.md +155 -0
  375. package/prisma/skills/skill-comply/SKILL.md +59 -0
  376. package/prisma/skills/skill-comply/fixtures/compliant_trace.jsonl +5 -0
  377. package/prisma/skills/skill-comply/fixtures/noncompliant_trace.jsonl +3 -0
  378. package/prisma/skills/skill-comply/fixtures/tdd_spec.yaml +44 -0
  379. package/prisma/skills/skill-comply/prompts/classifier.md +24 -0
  380. package/prisma/skills/skill-comply/prompts/scenario_generator.md +62 -0
  381. package/prisma/skills/skill-comply/prompts/spec_generator.md +42 -0
  382. package/prisma/skills/skill-comply/pyproject.toml +15 -0
  383. package/prisma/skills/skill-comply/scripts/__init__.py +0 -0
  384. package/prisma/skills/skill-comply/scripts/classifier.py +85 -0
  385. package/prisma/skills/skill-comply/scripts/grader.py +124 -0
  386. package/prisma/skills/skill-comply/scripts/parser.py +107 -0
  387. package/prisma/skills/skill-comply/scripts/report.py +170 -0
  388. package/prisma/skills/skill-comply/scripts/run.py +127 -0
  389. package/prisma/skills/skill-comply/scripts/runner.py +194 -0
  390. package/prisma/skills/skill-comply/scripts/scenario_generator.py +70 -0
  391. package/prisma/skills/skill-comply/scripts/spec_generator.py +72 -0
  392. package/prisma/skills/skill-comply/scripts/utils.py +13 -0
  393. package/prisma/skills/skill-comply/tests/test_grader.py +197 -0
  394. package/prisma/skills/skill-comply/tests/test_parser.py +90 -0
  395. package/prisma/skills/skill-comply/tests/test_runner.py +172 -0
  396. package/prisma/skills/skill-scout/SKILL.md +141 -0
  397. package/prisma/skills/skill-stocktake/SKILL.md +195 -0
  398. package/prisma/skills/skill-stocktake/scripts/quick-diff.sh +87 -0
  399. package/prisma/skills/skill-stocktake/scripts/save-results.sh +56 -0
  400. package/prisma/skills/skill-stocktake/scripts/scan.sh +170 -0
  401. package/prisma/skills/social-graph-ranker/SKILL.md +155 -0
  402. package/prisma/skills/social-publisher/SKILL.md +130 -0
  403. package/prisma/skills/springboot-patterns/SKILL.md +315 -0
  404. package/prisma/skills/springboot-security/SKILL.md +273 -0
  405. package/prisma/skills/springboot-tdd/SKILL.md +159 -0
  406. package/prisma/skills/springboot-verification/SKILL.md +232 -0
  407. package/prisma/skills/strategic-compact/SKILL.md +136 -0
  408. package/prisma/skills/swift-actor-persistence/SKILL.md +144 -0
  409. package/prisma/skills/swift-concurrency-6-2/SKILL.md +216 -0
  410. package/prisma/skills/swift-protocol-di-testing/SKILL.md +191 -0
  411. package/prisma/skills/swiftui-patterns/SKILL.md +259 -0
  412. package/prisma/skills/taste/SKILL.md +264 -0
  413. package/prisma/skills/taste/references/genre-taxonomy.md +87 -0
  414. package/prisma/skills/tdd-workflow/SKILL.md +583 -0
  415. package/prisma/skills/team-agent-orchestration/SKILL.md +111 -0
  416. package/prisma/skills/team-builder/SKILL.md +169 -0
  417. package/prisma/skills/terminal-ops/SKILL.md +110 -0
  418. package/prisma/skills/tinystruct-patterns/SKILL.md +279 -0
  419. package/prisma/skills/tinystruct-patterns/references/architecture.md +90 -0
  420. package/prisma/skills/tinystruct-patterns/references/data-handling.md +60 -0
  421. package/prisma/skills/tinystruct-patterns/references/database.md +99 -0
  422. package/prisma/skills/tinystruct-patterns/references/routing.md +64 -0
  423. package/prisma/skills/tinystruct-patterns/references/system-usage.md +97 -0
  424. package/prisma/skills/tinystruct-patterns/references/testing.md +72 -0
  425. package/prisma/skills/token-budget-advisor/SKILL.md +134 -0
  426. package/prisma/skills/ui-demo/SKILL.md +466 -0
  427. package/prisma/skills/ui-to-vue/SKILL.md +135 -0
  428. package/prisma/skills/uncloud/SKILL.md +344 -0
  429. package/prisma/skills/unified-notifications-ops/SKILL.md +188 -0
  430. package/prisma/skills/verification-loop/SKILL.md +127 -0
  431. package/prisma/skills/video-editing/SKILL.md +311 -0
  432. package/prisma/skills/videodb/SKILL.md +375 -0
  433. package/prisma/skills/videodb/reference/api-reference.md +550 -0
  434. package/prisma/skills/videodb/reference/capture-reference.md +407 -0
  435. package/prisma/skills/videodb/reference/capture.md +101 -0
  436. package/prisma/skills/videodb/reference/editor.md +443 -0
  437. package/prisma/skills/videodb/reference/generative.md +331 -0
  438. package/prisma/skills/videodb/reference/rtstream-reference.md +564 -0
  439. package/prisma/skills/videodb/reference/rtstream.md +65 -0
  440. package/prisma/skills/videodb/reference/search.md +230 -0
  441. package/prisma/skills/videodb/reference/streaming.md +406 -0
  442. package/prisma/skills/videodb/reference/use-cases.md +118 -0
  443. package/prisma/skills/videodb/scripts/ws_listener.py +282 -0
  444. package/prisma/skills/visa-doc-translate/README.md +86 -0
  445. package/prisma/skills/visa-doc-translate/SKILL.md +117 -0
  446. package/prisma/skills/vite-patterns/SKILL.md +450 -0
  447. package/prisma/skills/vue-patterns/SKILL.md +471 -0
  448. package/prisma/skills/windows-desktop-e2e/SKILL.md +888 -0
  449. package/prisma/skills/workspace-surface-audit/SKILL.md +126 -0
  450. package/prisma/skills/x-api/SKILL.md +235 -0
  451. package/run.mjs +0 -10
@@ -0,0 +1,644 @@
1
+ ---
2
+ name: django-security
3
+ description: Django security best practices, authentication, authorization, CSRF protection, SQL injection prevention, XSS prevention, and secure deployment configurations.
4
+ metadata:
5
+ origin: ECC
6
+ ---
7
+
8
+ # Django Security Best Practices
9
+
10
+ Comprehensive security guidelines for Django applications to protect against common vulnerabilities.
11
+
12
+ ## When to Activate
13
+
14
+ - Setting up Django authentication and authorization
15
+ - Implementing user permissions and roles
16
+ - Configuring production security settings
17
+ - Reviewing Django application for security issues
18
+ - Deploying Django applications to production
19
+
20
+ ## Core Security Settings
21
+
22
+ ### Production Settings Configuration
23
+
24
+ ```python
25
+ # settings/production.py
26
+ import os
27
+
28
+ DEBUG = False # CRITICAL: Never use True in production
29
+
30
+ ALLOWED_HOSTS = os.environ.get('ALLOWED_HOSTS', '').split(',')
31
+
32
+ # Security headers
33
+ SECURE_SSL_REDIRECT = True
34
+ SESSION_COOKIE_SECURE = True
35
+ CSRF_COOKIE_SECURE = True
36
+ SECURE_HSTS_SECONDS = 31536000 # 1 year
37
+ SECURE_HSTS_INCLUDE_SUBDOMAINS = True
38
+ SECURE_HSTS_PRELOAD = True
39
+ SECURE_CONTENT_TYPE_NOSNIFF = True
40
+ SECURE_BROWSER_XSS_FILTER = True
41
+ X_FRAME_OPTIONS = 'DENY'
42
+
43
+ # HTTPS and Cookies
44
+ SESSION_COOKIE_HTTPONLY = True
45
+ CSRF_COOKIE_HTTPONLY = True
46
+ SESSION_COOKIE_SAMESITE = 'Lax'
47
+ CSRF_COOKIE_SAMESITE = 'Lax'
48
+
49
+ # Secret key (must be set via environment variable)
50
+ SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY')
51
+ if not SECRET_KEY:
52
+ raise ImproperlyConfigured('DJANGO_SECRET_KEY environment variable is required')
53
+
54
+ # Password validation
55
+ AUTH_PASSWORD_VALIDATORS = [
56
+ {
57
+ 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
58
+ },
59
+ {
60
+ 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
61
+ 'OPTIONS': {
62
+ 'min_length': 12,
63
+ }
64
+ },
65
+ {
66
+ 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
67
+ },
68
+ {
69
+ 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
70
+ },
71
+ ]
72
+ ```
73
+
74
+ ## Authentication
75
+
76
+ ### Custom User Model
77
+
78
+ ```python
79
+ # apps/users/models.py
80
+ from django.contrib.auth.models import AbstractUser
81
+ from django.db import models
82
+
83
+ class User(AbstractUser):
84
+ """Custom user model for better security."""
85
+
86
+ email = models.EmailField(unique=True)
87
+ phone = models.CharField(max_length=20, blank=True)
88
+
89
+ USERNAME_FIELD = 'email' # Use email as username
90
+ REQUIRED_FIELDS = ['username']
91
+
92
+ class Meta:
93
+ db_table = 'users'
94
+ verbose_name = 'User'
95
+ verbose_name_plural = 'Users'
96
+
97
+ def __str__(self):
98
+ return self.email
99
+
100
+ # settings/base.py
101
+ AUTH_USER_MODEL = 'users.User'
102
+ ```
103
+
104
+ ### Password Hashing
105
+
106
+ ```python
107
+ # Django uses PBKDF2 by default. For stronger security:
108
+ PASSWORD_HASHERS = [
109
+ 'django.contrib.auth.hashers.Argon2PasswordHasher',
110
+ 'django.contrib.auth.hashers.PBKDF2PasswordHasher',
111
+ 'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
112
+ 'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
113
+ ]
114
+ ```
115
+
116
+ ### Session Management
117
+
118
+ ```python
119
+ # Session configuration
120
+ SESSION_ENGINE = 'django.contrib.sessions.backends.cache' # Or 'db'
121
+ SESSION_CACHE_ALIAS = 'default'
122
+ SESSION_COOKIE_AGE = 3600 * 24 * 7 # 1 week
123
+ SESSION_SAVE_EVERY_REQUEST = False
124
+ SESSION_EXPIRE_AT_BROWSER_CLOSE = False # Better UX, but less secure
125
+ ```
126
+
127
+ ## Authorization
128
+
129
+ ### Permissions
130
+
131
+ ```python
132
+ # models.py
133
+ from django.db import models
134
+ from django.contrib.auth.models import Permission
135
+
136
+ class Post(models.Model):
137
+ title = models.CharField(max_length=200)
138
+ content = models.TextField()
139
+ author = models.ForeignKey(User, on_delete=models.CASCADE)
140
+
141
+ class Meta:
142
+ permissions = [
143
+ ('can_publish', 'Can publish posts'),
144
+ ('can_edit_others', 'Can edit posts of others'),
145
+ ]
146
+
147
+ def user_can_edit(self, user):
148
+ """Check if user can edit this post."""
149
+ return self.author == user or user.has_perm('app.can_edit_others')
150
+
151
+ # views.py
152
+ from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin
153
+ from django.views.generic import UpdateView
154
+
155
+ class PostUpdateView(LoginRequiredMixin, PermissionRequiredMixin, UpdateView):
156
+ model = Post
157
+ permission_required = 'app.can_edit_others'
158
+ raise_exception = True # Return 403 instead of redirect
159
+
160
+ def get_queryset(self):
161
+ """Only allow users to edit their own posts."""
162
+ return Post.objects.filter(author=self.request.user)
163
+ ```
164
+
165
+ ### Custom Permissions
166
+
167
+ ```python
168
+ # permissions.py
169
+ from rest_framework import permissions
170
+
171
+ class IsOwnerOrReadOnly(permissions.BasePermission):
172
+ """Allow only owners to edit objects."""
173
+
174
+ def has_object_permission(self, request, view, obj):
175
+ # Read permissions allowed for any request
176
+ if request.method in permissions.SAFE_METHODS:
177
+ return True
178
+
179
+ # Write permissions only for owner
180
+ return obj.author == request.user
181
+
182
+ class IsAdminOrReadOnly(permissions.BasePermission):
183
+ """Allow admins to do anything, others read-only."""
184
+
185
+ def has_permission(self, request, view):
186
+ if request.method in permissions.SAFE_METHODS:
187
+ return True
188
+ return request.user and request.user.is_staff
189
+
190
+ class IsVerifiedUser(permissions.BasePermission):
191
+ """Allow only verified users."""
192
+
193
+ def has_permission(self, request, view):
194
+ return request.user and request.user.is_authenticated and request.user.is_verified
195
+ ```
196
+
197
+ ### Role-Based Access Control (RBAC)
198
+
199
+ ```python
200
+ # models.py
201
+ from django.contrib.auth.models import AbstractUser, Group
202
+
203
+ class User(AbstractUser):
204
+ ROLE_CHOICES = [
205
+ ('admin', 'Administrator'),
206
+ ('moderator', 'Moderator'),
207
+ ('user', 'Regular User'),
208
+ ]
209
+ role = models.CharField(max_length=20, choices=ROLE_CHOICES, default='user')
210
+
211
+ def is_admin(self):
212
+ return self.role == 'admin' or self.is_superuser
213
+
214
+ def is_moderator(self):
215
+ return self.role in ['admin', 'moderator']
216
+
217
+ # Mixins
218
+ class AdminRequiredMixin:
219
+ """Mixin to require admin role."""
220
+
221
+ def dispatch(self, request, *args, **kwargs):
222
+ if not request.user.is_authenticated or not request.user.is_admin():
223
+ from django.core.exceptions import PermissionDenied
224
+ raise PermissionDenied
225
+ return super().dispatch(request, *args, **kwargs)
226
+ ```
227
+
228
+ ## SQL Injection Prevention
229
+
230
+ ### Django ORM Protection
231
+
232
+ ```python
233
+ # GOOD: Django ORM automatically escapes parameters
234
+ def get_user(username):
235
+ return User.objects.get(username=username) # Safe
236
+
237
+ # GOOD: Using parameters with raw()
238
+ def search_users(query):
239
+ return User.objects.raw('SELECT * FROM users WHERE username = %s', [query])
240
+
241
+ # BAD: Never directly interpolate user input
242
+ def get_user_bad(username):
243
+ return User.objects.raw(f'SELECT * FROM users WHERE username = {username}') # VULNERABLE!
244
+
245
+ # GOOD: Using filter with proper escaping
246
+ def get_users_by_email(email):
247
+ return User.objects.filter(email__iexact=email) # Safe
248
+
249
+ # GOOD: Using Q objects for complex queries
250
+ from django.db.models import Q
251
+ def search_users_complex(query):
252
+ return User.objects.filter(
253
+ Q(username__icontains=query) |
254
+ Q(email__icontains=query)
255
+ ) # Safe
256
+ ```
257
+
258
+ ### Extra Security with raw()
259
+
260
+ ```python
261
+ # If you must use raw SQL, always use parameters
262
+ User.objects.raw(
263
+ 'SELECT * FROM users WHERE email = %s AND status = %s',
264
+ [user_input_email, status]
265
+ )
266
+ ```
267
+
268
+ ## XSS Prevention
269
+
270
+ ### Template Escaping
271
+
272
+ ```django
273
+ {# Django auto-escapes variables by default - SAFE #}
274
+ {{ user_input }} {# Escaped HTML #}
275
+
276
+ {# Explicitly mark safe only for trusted content #}
277
+ {{ trusted_html|safe }} {# Not escaped #}
278
+
279
+ {# Use template filters for safe HTML #}
280
+ {{ user_input|escape }} {# Same as default #}
281
+ {{ user_input|striptags }} {# Remove all HTML tags #}
282
+
283
+ {# JavaScript escaping #}
284
+ <script>
285
+ var username = {{ username|escapejs }};
286
+ </script>
287
+ ```
288
+
289
+ ### Safe String Handling
290
+
291
+ ```python
292
+ from django.utils.safestring import mark_safe
293
+ from django.utils.html import escape
294
+
295
+ # BAD: Never mark user input as safe without escaping
296
+ def render_bad(user_input):
297
+ return mark_safe(user_input) # VULNERABLE!
298
+
299
+ # GOOD: Escape first, then mark safe
300
+ def render_good(user_input):
301
+ return mark_safe(escape(user_input))
302
+
303
+ # GOOD: Use format_html for HTML with variables
304
+ from django.utils.html import format_html
305
+
306
+ def greet_user(username):
307
+ return format_html('<span class="user">{}</span>', escape(username))
308
+ ```
309
+
310
+ ### HTTP Headers
311
+
312
+ ```python
313
+ # settings.py
314
+ SECURE_CONTENT_TYPE_NOSNIFF = True # Prevent MIME sniffing
315
+ SECURE_BROWSER_XSS_FILTER = True # Enable XSS filter
316
+ X_FRAME_OPTIONS = 'DENY' # Prevent clickjacking
317
+
318
+ # Custom middleware
319
+ from django.conf import settings
320
+
321
+ class SecurityHeaderMiddleware:
322
+ def __init__(self, get_response):
323
+ self.get_response = get_response
324
+
325
+ def __call__(self, request):
326
+ response = self.get_response(request)
327
+ response['X-Content-Type-Options'] = 'nosniff'
328
+ response['X-Frame-Options'] = 'DENY'
329
+ response['X-XSS-Protection'] = '1; mode=block'
330
+ response['Content-Security-Policy'] = "default-src 'self'"
331
+ return response
332
+ ```
333
+
334
+ ## CSRF Protection
335
+
336
+ ### Default CSRF Protection
337
+
338
+ ```python
339
+ # settings.py - CSRF is enabled by default
340
+ CSRF_COOKIE_SECURE = True # Only send over HTTPS
341
+ CSRF_COOKIE_HTTPONLY = True # Prevent JavaScript access
342
+ CSRF_COOKIE_SAMESITE = 'Lax' # Prevent CSRF in some cases
343
+ CSRF_TRUSTED_ORIGINS = ['https://example.com'] # Trusted domains
344
+
345
+ # Template usage
346
+ <form method="post">
347
+ {% csrf_token %}
348
+ {{ form.as_p }}
349
+ <button type="submit">Submit</button>
350
+ </form>
351
+
352
+ # AJAX requests
353
+ function getCookie(name) {
354
+ let cookieValue = null;
355
+ if (document.cookie && document.cookie !== '') {
356
+ const cookies = document.cookie.split(';');
357
+ for (let i = 0; i < cookies.length; i++) {
358
+ const cookie = cookies[i].trim();
359
+ if (cookie.substring(0, name.length + 1) === (name + '=')) {
360
+ cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
361
+ break;
362
+ }
363
+ }
364
+ }
365
+ return cookieValue;
366
+ }
367
+
368
+ fetch('/api/endpoint/', {
369
+ method: 'POST',
370
+ headers: {
371
+ 'X-CSRFToken': getCookie('csrftoken'),
372
+ 'Content-Type': 'application/json',
373
+ },
374
+ body: JSON.stringify(data)
375
+ });
376
+ ```
377
+
378
+ ### Exempting Views (Use Carefully)
379
+
380
+ ```python
381
+ from django.views.decorators.csrf import csrf_exempt
382
+
383
+ @csrf_exempt # Only use when absolutely necessary!
384
+ def webhook_view(request):
385
+ # Webhook from external service
386
+ pass
387
+ ```
388
+
389
+ ## File Upload Security
390
+
391
+ ### File Validation
392
+
393
+ ```python
394
+ import os
395
+ import magic # pip install python-magic
396
+ from django.core.exceptions import ValidationError
397
+
398
+ ALLOWED_MIMES = {
399
+ 'image/jpeg', 'image/png', 'image/gif', 'application/pdf',
400
+ }
401
+
402
+ MIME_TO_EXTENSIONS = {
403
+ 'image/jpeg': {'.jpg', '.jpeg'},
404
+ 'image/png': {'.png'},
405
+ 'image/gif': {'.gif'},
406
+ 'application/pdf': {'.pdf'},
407
+ }
408
+
409
+ def validate_file_type(value):
410
+ """Validate file type using magic bytes and cross-check extension."""
411
+ mime = magic.from_buffer(value.read(2048), mime=True)
412
+ value.seek(0)
413
+
414
+ if mime not in ALLOWED_MIMES:
415
+ raise ValidationError('Unsupported file type.')
416
+
417
+ ext = os.path.splitext(value.name)[1].lower()
418
+ if ext not in MIME_TO_EXTENSIONS.get(mime, set()):
419
+ raise ValidationError('File extension does not match file content.')
420
+
421
+ def validate_file_size(value):
422
+ """Validate file size (max 5MB)."""
423
+ if value.size > 5 * 1024 * 1024:
424
+ raise ValidationError('File too large. Max size is 5MB.')
425
+
426
+ # models.py
427
+ class Document(models.Model):
428
+ file = models.FileField(
429
+ upload_to='documents/',
430
+ validators=[validate_file_type, validate_file_size]
431
+ )
432
+
433
+ ```
434
+
435
+ For environments where installing libmagic is difficult (e.g., minimal containers),
436
+ use the pure-Python `filetype` package as an alternative:
437
+
438
+ ```python
439
+ import os
440
+ from django.core.exceptions import ValidationError
441
+
442
+ import filetype # pip install filetype
443
+
444
+ ALLOWED_MIMES = {
445
+ 'image/jpeg', 'image/png', 'image/gif', 'application/pdf',
446
+ }
447
+
448
+ MIME_TO_EXTENSIONS = {
449
+ 'image/jpeg': {'.jpg', '.jpeg'},
450
+ 'image/png': {'.png'},
451
+ 'image/gif': {'.gif'},
452
+ 'application/pdf': {'.pdf'},
453
+ }
454
+
455
+ def validate_file_type(value):
456
+ """Validate file type using magic bytes."""
457
+ kind = filetype.guess(value.read(2048))
458
+ value.seek(0)
459
+
460
+ if kind is None or kind.mime not in ALLOWED_MIMES:
461
+ raise ValidationError('Unsupported file type.')
462
+
463
+ ext = os.path.splitext(value.name)[1].lower()
464
+ if ext not in MIME_TO_EXTENSIONS.get(kind.mime, set()):
465
+ raise ValidationError('File extension does not match file content.')
466
+ ```
467
+
468
+ ### Secure File Storage
469
+
470
+ ```python
471
+ # settings.py
472
+ MEDIA_ROOT = '/var/www/media/'
473
+ MEDIA_URL = '/media/'
474
+
475
+ # Use a separate domain for media in production
476
+ MEDIA_DOMAIN = 'https://media.example.com'
477
+
478
+ # Don't serve user uploads directly
479
+ # Use whitenoise or a CDN for static files
480
+ # Use a separate server or S3 for media files
481
+ ```
482
+
483
+ ## API Security
484
+
485
+ ### Rate Limiting
486
+
487
+ ```python
488
+ # settings.py
489
+ REST_FRAMEWORK = {
490
+ 'DEFAULT_THROTTLE_CLASSES': [
491
+ 'rest_framework.throttling.AnonRateThrottle',
492
+ 'rest_framework.throttling.UserRateThrottle'
493
+ ],
494
+ 'DEFAULT_THROTTLE_RATES': {
495
+ 'anon': '100/day',
496
+ 'user': '1000/day',
497
+ 'upload': '10/hour',
498
+ }
499
+ }
500
+
501
+ # Custom throttle
502
+ from rest_framework.throttling import UserRateThrottle
503
+
504
+ class BurstRateThrottle(UserRateThrottle):
505
+ scope = 'burst'
506
+ rate = '60/min'
507
+
508
+ class SustainedRateThrottle(UserRateThrottle):
509
+ scope = 'sustained'
510
+ rate = '1000/day'
511
+ ```
512
+
513
+ ### Authentication for APIs
514
+
515
+ ```python
516
+ # settings.py
517
+ REST_FRAMEWORK = {
518
+ 'DEFAULT_AUTHENTICATION_CLASSES': [
519
+ 'rest_framework.authentication.TokenAuthentication',
520
+ 'rest_framework.authentication.SessionAuthentication',
521
+ 'rest_framework_simplejwt.authentication.JWTAuthentication',
522
+ ],
523
+ 'DEFAULT_PERMISSION_CLASSES': [
524
+ 'rest_framework.permissions.IsAuthenticated',
525
+ ],
526
+ }
527
+
528
+ # views.py
529
+ from rest_framework.decorators import api_view, permission_classes
530
+ from rest_framework.permissions import IsAuthenticated
531
+
532
+ @api_view(['GET', 'POST'])
533
+ @permission_classes([IsAuthenticated])
534
+ def protected_view(request):
535
+ return Response({'message': 'You are authenticated'})
536
+ ```
537
+
538
+ ## Security Headers
539
+
540
+ ### Content Security Policy
541
+
542
+ ```python
543
+ # settings.py
544
+ CSP_DEFAULT_SRC = "'self'"
545
+ CSP_SCRIPT_SRC = "'self' https://cdn.example.com"
546
+ CSP_STYLE_SRC = "'self' 'unsafe-inline'"
547
+ CSP_IMG_SRC = "'self' data: https:"
548
+ CSP_CONNECT_SRC = "'self' https://api.example.com"
549
+
550
+ # Middleware
551
+ class CSPMiddleware:
552
+ def __init__(self, get_response):
553
+ self.get_response = get_response
554
+
555
+ def __call__(self, request):
556
+ response = self.get_response(request)
557
+ response['Content-Security-Policy'] = (
558
+ f"default-src {CSP_DEFAULT_SRC}; "
559
+ f"script-src {CSP_SCRIPT_SRC}; "
560
+ f"style-src {CSP_STYLE_SRC}; "
561
+ f"img-src {CSP_IMG_SRC}; "
562
+ f"connect-src {CSP_CONNECT_SRC}"
563
+ )
564
+ return response
565
+ ```
566
+
567
+ ## Environment Variables
568
+
569
+ ### Managing Secrets
570
+
571
+ ```python
572
+ # Use python-decouple or django-environ
573
+ import environ
574
+
575
+ env = environ.Env(
576
+ # set casting, default value
577
+ DEBUG=(bool, False)
578
+ )
579
+
580
+ # reading .env file
581
+ environ.Env.read_env()
582
+
583
+ SECRET_KEY = env('DJANGO_SECRET_KEY')
584
+ DATABASE_URL = env('DATABASE_URL')
585
+ ALLOWED_HOSTS = env.list('ALLOWED_HOSTS')
586
+
587
+ # .env file (never commit this)
588
+ DEBUG=False
589
+ SECRET_KEY=your-secret-key-here
590
+ DATABASE_URL=postgresql://user:password@localhost:5432/dbname
591
+ ALLOWED_HOSTS=example.com,www.example.com
592
+ ```
593
+
594
+ ## Logging Security Events
595
+
596
+ ```python
597
+ # settings.py
598
+ LOGGING = {
599
+ 'version': 1,
600
+ 'disable_existing_loggers': False,
601
+ 'handlers': {
602
+ 'file': {
603
+ 'level': 'WARNING',
604
+ 'class': 'logging.FileHandler',
605
+ 'filename': '/var/log/django/security.log',
606
+ },
607
+ 'console': {
608
+ 'level': 'INFO',
609
+ 'class': 'logging.StreamHandler',
610
+ },
611
+ },
612
+ 'loggers': {
613
+ 'django.security': {
614
+ 'handlers': ['file', 'console'],
615
+ 'level': 'WARNING',
616
+ 'propagate': True,
617
+ },
618
+ 'django.request': {
619
+ 'handlers': ['file'],
620
+ 'level': 'ERROR',
621
+ 'propagate': False,
622
+ },
623
+ },
624
+ }
625
+ ```
626
+
627
+ ## Quick Security Checklist
628
+
629
+ | Check | Description |
630
+ |-------|-------------|
631
+ | `DEBUG = False` | Never run with DEBUG in production |
632
+ | HTTPS only | Force SSL, secure cookies |
633
+ | Strong secrets | Use environment variables for SECRET_KEY |
634
+ | Password validation | Enable all password validators |
635
+ | CSRF protection | Enabled by default, don't disable |
636
+ | XSS prevention | Django auto-escapes, don't use `&#124;safe` with user input |
637
+ | SQL injection | Use ORM, never concatenate strings in queries |
638
+ | File uploads | Validate file type and size |
639
+ | Rate limiting | Throttle API endpoints |
640
+ | Security headers | CSP, X-Frame-Options, HSTS |
641
+ | Logging | Log security events |
642
+ | Updates | Keep Django and dependencies updated |
643
+
644
+ Remember: Security is a process, not a product. Regularly review and update your security practices.