bmad-plus 0.8.0 → 0.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (213) hide show
  1. package/CHANGELOG.md +45 -1
  2. package/LICENSE +21 -21
  3. package/README.md +107 -85
  4. package/osint-agent-package/README.md +88 -88
  5. package/osint-agent-package/SETUP_KEYS.md +108 -108
  6. package/osint-agent-package/agents/osint-investigator.md +80 -80
  7. package/osint-agent-package/install.ps1 +87 -87
  8. package/osint-agent-package/install.sh +76 -76
  9. package/osint-agent-package/skills/bmad-osint-investigate/SKILL.md +147 -147
  10. package/osint-agent-package/skills/bmad-osint-investigate/osint/references/enrichment-databases-fr.md +148 -148
  11. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/_http.py +101 -101
  12. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/apify.py +266 -266
  13. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/brightdata.py +101 -101
  14. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/diagnose.py +141 -141
  15. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/exa.py +79 -79
  16. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/jina.py +71 -71
  17. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/parallel.py +85 -85
  18. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/perplexity.py +102 -102
  19. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/tavily.py +72 -72
  20. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/volley.py +208 -208
  21. package/osint-agent-package/skills/bmad-osint-investigator/SKILL.md +15 -15
  22. package/package.json +30 -3
  23. package/readme-international/README.de.md +18 -5
  24. package/readme-international/README.es.md +40 -12
  25. package/readme-international/README.fr.md +36 -8
  26. package/src/bmad-plus/agents/agent-architect-dev/SKILL.md +96 -96
  27. package/src/bmad-plus/agents/agent-architect-dev/bmad-skill-manifest.yaml +13 -13
  28. package/src/bmad-plus/agents/agent-maker/SKILL.md +201 -201
  29. package/src/bmad-plus/agents/agent-maker/bmad-skill-manifest.yaml +13 -13
  30. package/src/bmad-plus/agents/agent-orchestrator/SKILL.md +137 -137
  31. package/src/bmad-plus/agents/agent-orchestrator/bmad-skill-manifest.yaml +13 -13
  32. package/src/bmad-plus/agents/agent-quality/SKILL.md +83 -83
  33. package/src/bmad-plus/agents/agent-quality/bmad-skill-manifest.yaml +13 -13
  34. package/src/bmad-plus/agents/agent-shadow/SKILL.md +71 -71
  35. package/src/bmad-plus/agents/agent-shadow/bmad-skill-manifest.yaml +13 -13
  36. package/src/bmad-plus/agents/agent-strategist/SKILL.md +80 -80
  37. package/src/bmad-plus/agents/agent-strategist/bmad-skill-manifest.yaml +13 -13
  38. package/src/bmad-plus/data/role-triggers.yaml +209 -209
  39. package/src/bmad-plus/module-help.csv +10 -10
  40. package/src/bmad-plus/packs/pack-memory/README.md +106 -106
  41. package/src/bmad-plus/packs/pack-memory/memory-orchestrator.md +79 -79
  42. package/src/bmad-plus/packs/pack-memory/shared/karpathy-guardrails.md +86 -86
  43. package/src/bmad-plus/packs/pack-memory/shared/memory-protocol.md +143 -143
  44. package/src/bmad-plus/packs/pack-memory/templates/context.md +39 -39
  45. package/src/bmad-plus/packs/pack-memory/templates/decisions.md +25 -25
  46. package/src/bmad-plus/packs/pack-memory/templates/identity.yaml +39 -39
  47. package/src/bmad-plus/packs/pack-memory/templates/lessons.md +31 -31
  48. package/src/bmad-plus/packs/pack-memory/templates/patterns.md +24 -24
  49. package/src/bmad-plus/packs/pack-memory/templates/session-handoff.md +25 -25
  50. package/src/bmad-plus/packs/pack-memory/zecher-agent.md +157 -157
  51. package/src/bmad-plus/packs/pack-seo/bmad-skill-manifest.yaml +13 -0
  52. package/src/bmad-plus/packs/pack-shield/README.md +110 -110
  53. package/src/bmad-plus/packs/pack-shield/SKILL.md +82 -0
  54. package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/csrd-agent.md +251 -251
  55. package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/section508-agent.md +168 -168
  56. package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/wcag-agent.md +190 -190
  57. package/src/bmad-plus/packs/pack-shield/categories/ai-governance/eu-ai-act-agent.md +86 -86
  58. package/src/bmad-plus/packs/pack-shield/categories/ai-governance/iso42001-agent.md +240 -240
  59. package/src/bmad-plus/packs/pack-shield/categories/ai-governance/nist-ai-rmf-agent.md +122 -122
  60. package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/cis-controls-agent.md +210 -210
  61. package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/ism-agent.md +139 -139
  62. package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/iso27001-agent.md +156 -156
  63. package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nis2-agent.md +72 -72
  64. package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nist-800-53-agent.md +239 -239
  65. package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nist-csf-agent.md +207 -207
  66. package/src/bmad-plus/packs/pack-shield/categories/data-privacy/ccpa-agent.md +94 -94
  67. package/src/bmad-plus/packs/pack-shield/categories/data-privacy/dpdpa-agent.md +136 -136
  68. package/src/bmad-plus/packs/pack-shield/categories/data-privacy/gdpr-agent.md +296 -296
  69. package/src/bmad-plus/packs/pack-shield/categories/data-privacy/iso27701-agent.md +134 -134
  70. package/src/bmad-plus/packs/pack-shield/categories/data-privacy/lgpd-agent.md +129 -129
  71. package/src/bmad-plus/packs/pack-shield/categories/defense-export/cmmc-agent.md +116 -116
  72. package/src/bmad-plus/packs/pack-shield/categories/defense-export/ear-agent.md +261 -261
  73. package/src/bmad-plus/packs/pack-shield/categories/defense-export/itar-agent.md +191 -191
  74. package/src/bmad-plus/packs/pack-shield/categories/defense-export/tsa-agent.md +356 -356
  75. package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/dora-agent.md +499 -499
  76. package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/fedramp-agent.md +236 -236
  77. package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/hipaa-agent.md +162 -162
  78. package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/pci-dss-agent.md +228 -228
  79. package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/soc2-agent.md +255 -255
  80. package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/swift-csp-agent.md +153 -153
  81. package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-classifier.md +131 -131
  82. package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-fria.md +155 -155
  83. package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-incidents.md +187 -187
  84. package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-roles.md +113 -113
  85. package/src/bmad-plus/packs/pack-shield/categories/workflows/breach-sentinel.md +197 -197
  86. package/src/bmad-plus/packs/pack-shield/categories/workflows/cookie-policy-gen.md +180 -180
  87. package/src/bmad-plus/packs/pack-shield/categories/workflows/dpia-sentinel.md +235 -235
  88. package/src/bmad-plus/packs/pack-shield/categories/workflows/legitimate-interest.md +159 -159
  89. package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-advisor.md +133 -133
  90. package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-notice-gen.md +160 -160
  91. package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-policy-gen.md +135 -135
  92. package/src/bmad-plus/packs/pack-shield/references/ccpa/ccpa-gdpr-comparison.md +117 -117
  93. package/src/bmad-plus/packs/pack-shield/references/ccpa/consumer-rights-workflows.md +177 -177
  94. package/src/bmad-plus/packs/pack-shield/references/cis-controls/framework-mappings.md +162 -162
  95. package/src/bmad-plus/packs/pack-shield/references/cis-controls/implementation-guidance.md +235 -235
  96. package/src/bmad-plus/packs/pack-shield/references/cis-controls/safeguards-detail.md +252 -252
  97. package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-assessment.md +170 -170
  98. package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-levels.md +113 -113
  99. package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-practices.md +211 -211
  100. package/src/bmad-plus/packs/pack-shield/references/csrd/compliance-program.md +281 -281
  101. package/src/bmad-plus/packs/pack-shield/references/csrd/double-materiality.md +253 -253
  102. package/src/bmad-plus/packs/pack-shield/references/csrd/esrs-standards.md +401 -401
  103. package/src/bmad-plus/packs/pack-shield/references/dora/article-reference.md +441 -441
  104. package/src/bmad-plus/packs/pack-shield/references/dora/incident-classification.md +297 -297
  105. package/src/bmad-plus/packs/pack-shield/references/dora/rts-its-guide.md +306 -306
  106. package/src/bmad-plus/packs/pack-shield/references/dora/third-party-risk.md +349 -349
  107. package/src/bmad-plus/packs/pack-shield/references/dpdpa/gdpr-comparison.md +173 -173
  108. package/src/bmad-plus/packs/pack-shield/references/dpdpa/rights-and-obligations.md +426 -426
  109. package/src/bmad-plus/packs/pack-shield/references/dpdpa/rules-2025.md +599 -599
  110. package/src/bmad-plus/packs/pack-shield/references/dpdpa/sections-reference.md +319 -319
  111. package/src/bmad-plus/packs/pack-shield/references/ear/ccl-eccn-guide.md +250 -250
  112. package/src/bmad-plus/packs/pack-shield/references/ear/compliance-program.md +280 -280
  113. package/src/bmad-plus/packs/pack-shield/references/ear/license-exceptions.md +207 -207
  114. package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/gpai-governance.md +267 -267
  115. package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/obligations-high-risk.md +287 -287
  116. package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/risk-classification.md +182 -182
  117. package/src/bmad-plus/packs/pack-shield/references/fedramp/appendices-guide.md +209 -209
  118. package/src/bmad-plus/packs/pack-shield/references/fedramp/control-families.md +281 -281
  119. package/src/bmad-plus/packs/pack-shield/references/fedramp/poam-guide.md +93 -93
  120. package/src/bmad-plus/packs/pack-shield/references/fedramp/readiness-checklist.md +134 -134
  121. package/src/bmad-plus/packs/pack-shield/references/fedramp/sap-sar-guide.md +86 -86
  122. package/src/bmad-plus/packs/pack-shield/references/fedramp/ssp-guide.md +129 -129
  123. package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/documents.md +192 -192
  124. package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/dpa-template.md +121 -121
  125. package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/privacy-notice.md +87 -87
  126. package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/breach-notification.md +293 -293
  127. package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/privacy-rule.md +276 -276
  128. package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/security-rule.md +299 -299
  129. package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/templates.md +568 -568
  130. package/src/bmad-plus/packs/pack-shield/references/ism/control-applicability.md +181 -181
  131. package/src/bmad-plus/packs/pack-shield/references/ism/guidelines-overview.md +183 -183
  132. package/src/bmad-plus/packs/pack-shield/references/iso27001/annex-a-2013.md +203 -203
  133. package/src/bmad-plus/packs/pack-shield/references/iso27001/annex-a-2022.md +132 -132
  134. package/src/bmad-plus/packs/pack-shield/references/iso27001/control-mapping.md +153 -153
  135. package/src/bmad-plus/packs/pack-shield/references/iso27701/annex-a-controls.md +195 -195
  136. package/src/bmad-plus/packs/pack-shield/references/iso27701/regulatory-mapping.md +229 -229
  137. package/src/bmad-plus/packs/pack-shield/references/iso27701/transition-guide.md +219 -219
  138. package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-ai-risk-assessment.md +258 -258
  139. package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-clauses-requirements.md +279 -279
  140. package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-controls-annex-a.md +155 -155
  141. package/src/bmad-plus/packs/pack-shield/references/itar/compliance-program.md +174 -174
  142. package/src/bmad-plus/packs/pack-shield/references/itar/licensing-guide.md +146 -146
  143. package/src/bmad-plus/packs/pack-shield/references/itar/usml-categories.md +93 -93
  144. package/src/bmad-plus/packs/pack-shield/references/lgpd/anpd-enforcement.md +147 -147
  145. package/src/bmad-plus/packs/pack-shield/references/lgpd/compliance-program.md +272 -272
  146. package/src/bmad-plus/packs/pack-shield/references/lgpd/lgpd-articles.md +271 -271
  147. package/src/bmad-plus/packs/pack-shield/references/nis2/article-21-measures.md +153 -153
  148. package/src/bmad-plus/packs/pack-shield/references/nis2/iso27001-nis2-mapping.md +68 -68
  149. package/src/bmad-plus/packs/pack-shield/references/nist-800-53/assessment-rmf.md +349 -349
  150. package/src/bmad-plus/packs/pack-shield/references/nist-800-53/baselines-tailoring.md +277 -277
  151. package/src/bmad-plus/packs/pack-shield/references/nist-800-53/control-families.md +450 -450
  152. package/src/bmad-plus/packs/pack-shield/references/nist-ai-rmf/rmf-core.md +361 -361
  153. package/src/bmad-plus/packs/pack-shield/references/nist-ai-rmf/rmf-profiles.md +192 -192
  154. package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-10-to-20-mapping.md +143 -143
  155. package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-20-functions-categories.md +278 -278
  156. package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-implementation-tiers.md +135 -135
  157. package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-requirements.md +366 -366
  158. package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-saq-guide.md +217 -217
  159. package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-v4-changes.md +190 -190
  160. package/src/bmad-plus/packs/pack-shield/references/section-508/wcag-mapping.md +160 -160
  161. package/src/bmad-plus/packs/pack-shield/references/soc2/controls.md +241 -241
  162. package/src/bmad-plus/packs/pack-shield/references/soc2/evidence.md +236 -236
  163. package/src/bmad-plus/packs/pack-shield/references/soc2/policies.md +254 -254
  164. package/src/bmad-plus/packs/pack-shield/references/soc2/vendor.md +276 -276
  165. package/src/bmad-plus/packs/pack-shield/references/swift-csp/swift-assessment.md +202 -202
  166. package/src/bmad-plus/packs/pack-shield/references/swift-csp/swift-controls.md +545 -545
  167. package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-crmp-requirements.md +359 -359
  168. package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-directives-overview.md +187 -187
  169. package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-incident-reporting.md +187 -187
  170. package/src/bmad-plus/packs/pack-shield/references/wcag/criteria-detail.md +510 -510
  171. package/src/bmad-plus/packs/pack-shield/shared/audit-report-template.md +103 -103
  172. package/src/bmad-plus/packs/pack-shield/shared/cross-framework-mapper.md +103 -103
  173. package/src/bmad-plus/packs/pack-shield/shared/gap-analysis-template.md +83 -83
  174. package/src/bmad-plus/packs/pack-shield/shield-orchestrator.md +229 -229
  175. package/src/bmad-plus/packs/pack-shield/upstream-sync.yaml +68 -68
  176. package/src/bmad-plus/skills/bmad-plus-autopilot/SKILL.md +99 -99
  177. package/src/bmad-plus/skills/bmad-plus-parallel/SKILL.md +93 -93
  178. package/src/bmad-plus/skills/bmad-plus-sync/SKILL.md +69 -69
  179. package/tools/bmad-plus-npx.js +3 -5
  180. package/tools/cli/bmad-plus-cli.js +5 -3
  181. package/tools/cli/commands/autoconfig.js +18 -61
  182. package/tools/cli/commands/doctor.js +30 -31
  183. package/tools/cli/commands/install.js +33 -343
  184. package/tools/cli/commands/memory.js +1 -0
  185. package/tools/cli/commands/scan.js +61 -74
  186. package/tools/cli/commands/uninstall.js +7 -4
  187. package/tools/cli/commands/update.js +15 -72
  188. package/tools/cli/i18n.js +92 -10
  189. package/tools/cli/lib/ide-config.js +259 -0
  190. package/tools/cli/lib/memory-init.js +113 -0
  191. package/tools/cli/lib/pack-copy.js +84 -0
  192. package/tools/cli/lib/packs.js +114 -0
  193. package/tools/cli/lib/stack-detect.js +102 -0
  194. package/tools/cli/lib/validate.js +45 -0
  195. package/src/bmad-plus/agents/pack-animated/animated-website-agent.md +0 -325
  196. package/src/bmad-plus/agents/pack-animated/templates/animated-website-workflow.md +0 -55
  197. package/src/bmad-plus/agents/pack-backup/backup-agent.md +0 -71
  198. package/src/bmad-plus/agents/pack-backup/templates/backup-workflow.md +0 -51
  199. package/src/bmad-plus/agents/pack-seo/SKILL.md +0 -171
  200. package/src/bmad-plus/agents/pack-seo/checklist.md +0 -140
  201. package/src/bmad-plus/agents/pack-seo/pagespeed-playbook.md +0 -320
  202. package/src/bmad-plus/agents/pack-seo/ref/audit-schema.json +0 -187
  203. package/src/bmad-plus/agents/pack-seo/ref/cwv-thresholds.md +0 -87
  204. package/src/bmad-plus/agents/pack-seo/ref/eeat-criteria.md +0 -123
  205. package/src/bmad-plus/agents/pack-seo/ref/geo-signals.md +0 -167
  206. package/src/bmad-plus/agents/pack-seo/ref/hreflang-rules.md +0 -153
  207. package/src/bmad-plus/agents/pack-seo/ref/quality-gates.md +0 -133
  208. package/src/bmad-plus/agents/pack-seo/ref/schema-catalog.md +0 -91
  209. package/src/bmad-plus/agents/pack-seo/ref/schema-templates.json +0 -356
  210. package/src/bmad-plus/agents/pack-seo/seo-chief.md +0 -294
  211. package/src/bmad-plus/agents/pack-seo/seo-judge.md +0 -241
  212. package/src/bmad-plus/agents/pack-seo/seo-scout.md +0 -171
  213. package/src/bmad-plus/agents/pack-seo/templates/seo-audit-workflow.md +0 -241
package/CHANGELOG.md CHANGED
@@ -5,6 +5,49 @@ All notable changes to BMAD+ will be documented in this file.
5
5
  The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
6
6
  and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7
7
 
8
+ ## [0.9.1] — 2026-07-01
9
+
10
+ ### Fixed — Credibility (honest status)
11
+ - **Real CI on push/PR** (`.github/workflows/ci.yml`): lint + test + npm audit, all blocking. Previously the only workflow ran at release-tag and swallowed failures with `|| echo`.
12
+ - **Test harness repaired**: mock ESM `@clack/prompts` so Jest loads the autoconfig suite — `npm test` now genuinely passes (176 tests, 10/10 suites). It did not before.
13
+ - **Lint restored**: added flat `eslint.config.js` (ESLint v9); removed legacy `.eslintrc.json` + deprecated `--ext`. `npm run lint` runs with 0 errors.
14
+ - **Lockfile resynced** to the correct version with full devDependency tree — `npm ci` works from a clean clone.
15
+ - Publish workflow no longer masks `npm publish` failures; npm audit is blocking.
16
+ - Removed hardcoded VPS IP from `mcp-server/server.py` docstring.
17
+
18
+ ### Documentation — Honesty correction
19
+ - Removed the unverifiable **"143 tests / 0 vulnerabilities / Score A+"** badges from README and README-DIST.
20
+ - Fixed the corrupted version-history table (0.9.0/0.8.0 were duplicated).
21
+ - **Note on 0.9.0 below:** the "64/64 fixed, score A+" and "auth on all endpoints" claims in the 0.9.0 entry were **overstated**. A 2026-07-01 adversarial re-audit (see `audit/2026-07-01/`) found 102 open findings and re-graded the project **C+**. The MCP token *is* checked by middleware on `/sse` and `/messages/`, but the prior "all endpoints" phrasing and the A+ score were not accurate. This release begins the honest remediation.
22
+
23
+ ## [0.9.0] — 2026-06-24
24
+
25
+ ### Security
26
+ - Full audit remediation: 64/64 findings fixed, score C- → A+
27
+ - P0: Command injection eliminated (execSync → spawnSync in CLI entry point)
28
+ - P0: MCP Server authentication added (token-validated middleware on all endpoints)
29
+ - CI/CD hardened: PAT removed, force-push eliminated, npm audit gate blocking
30
+ - MCP allowlist hardened, path traversal protection, URL hostname validation
31
+ - VPS IP → env var, TLS deployment docs, SSRF/XXE protection
32
+ - 0 npm audit vulnerabilities
33
+
34
+ ### Changed
35
+ - Shared PACKS module — single source of truth for all 9 packs
36
+ - install.js 740→300 lines: extracted memory-init.js + pack-copy.js
37
+ - print() → logging, time.sleep → asyncio.sleep, empty catch blocks filled
38
+ - Dynamic version in i18n.js (reads from package.json)
39
+
40
+ ### Removed
41
+ - Duplicate agents/pack-{seo,animated,backup}/ directories
42
+
43
+ ### Documentation
44
+ - Maker + Zecher in all config files, CHANGELOG v0.7.2 added
45
+ - French README fix, version history synced to all translations
46
+ - 7 audit reports in audit/ folder
47
+
48
+ ### Tests
49
+ - 143/143 tests passing
50
+
8
51
  ## [0.8.0] — 2026-06-24
9
52
 
10
53
  ### Added
@@ -72,8 +115,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
72
115
  - **`--active-days <n>`** — Custom threshold for "active" status (default: 30 days)
73
116
  - **`--paused-days <n>`** — Custom threshold for "paused" status (default: 180 days)
74
117
 
118
+ ## [0.7.2] - 2026-06-XX
75
119
  ### Fixed
76
- - Scan now accepts positional path argument (`npx bmad-plus scan D:\path`)
120
+ - `scan` command: `bmad-plus scan <path>` now accepts a positional path argument
77
121
 
78
122
  ## [0.7.1] — 2026-05-17
79
123
 
package/LICENSE CHANGED
@@ -1,21 +1,21 @@
1
- MIT License
2
-
3
- Copyright (c) 2026 Laurent Rochetta
4
-
5
- Permission is hereby granted, free of charge, to any person obtaining a copy
6
- of this software and associated documentation files (the "Software"), to deal
7
- in the Software without restriction, including without limitation the rights
8
- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
- copies of the Software, and to permit persons to whom the Software is
10
- furnished to do so, subject to the following conditions:
11
-
12
- The above copyright notice and this permission notice shall be included in all
13
- copies or substantial portions of the Software.
14
-
15
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
- SOFTWARE.
1
+ MIT License
2
+
3
+ Copyright (c) 2026 Laurent Rochetta
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
package/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # 🚀 BMAD+ — Augmented Multi-Agent AI Framework
2
2
 
3
- [![Version](https://img.shields.io/badge/version-0.8.0-blue.svg)](CHANGELOG.md)
3
+ [![Version](https://img.shields.io/badge/version-0.9.0-blue.svg)](CHANGELOG.md)
4
4
  [![Based on](https://img.shields.io/badge/based%20on-BMAD--METHOD-green.svg)](https://github.com/bmad-code-org/BMAD-METHOD)
5
5
  [![License](https://img.shields.io/badge/license-MIT-yellow.svg)](LICENSE)
6
6
 
@@ -8,39 +8,88 @@
8
8
  🌐 <b>English</b> | <a href="readme-international/README.fr.md">Français</a> | <a href="readme-international/README.es.md">Español</a> | <a href="readme-international/README.de.md">Deutsch</a>
9
9
  </div>
10
10
 
11
- > **56+ agents · 9 modular packs · Autopilot mode · Parallel execution · 143 tests**
11
+ > **Multi-role agents · 9 modular packs · Autopilot mode · Parallel execution**
12
12
  > Smart fork of [BMAD-METHOD](https://github.com/bmad-code-org/BMAD-METHOD) — Self-activating agents with 3-level context detection, GRC compliance (Shield), full SDLC pipeline (Dev Studio), OSINT intelligence, SEO audit, persistent cross-session memory, and a 10-language CLI installer.
13
13
 
14
14
  ---
15
15
 
16
16
  ## 📋 Table of Contents
17
17
 
18
- - [Why BMAD+?](#-why-bmad-)
18
+ - [What is BMAD+?](#-what-is-bmad)
19
19
  - [Quick Start](#-quick-start)
20
- - [Architecture](#-architecture)
21
20
  - [The 56+ Agents](#the-56-agents)
22
21
  - [Pack System](#-pack-system)
23
22
  - [Innovations](#-innovations)
23
+ - [CLI Reference](#-cli-commands)
24
24
  - [Supported IDEs](#-supported-ides)
25
- - [Project Structure](#-project-structure)
26
25
  - [Configuration](#-configuration)
27
26
  - [Version History](#-version-history)
28
27
  - [License](#-license)
29
28
 
30
29
  ---
31
30
 
32
- ## 💡 Why BMAD+?
31
+ ## 💡 What is BMAD+?
33
32
 
34
- BMAD-METHOD is an excellent framework with 9 specialized agents. But for a solo developer or a small team, 9 agents is too fragmented. BMAD+ solves this problem:
33
+ BMAD+ is a **multi-agent AI framework** that turns your AI coding assistant into a full team. Install it in any project, talk to specialized agents by name, and let them handle strategy, architecture, code, testing, compliance, OSINT, SEO — everything from idea to production.
34
+
35
+ ### At a Glance
36
+
37
+ ```
38
+ ┌─────────────────────────────────────────────────────────────────────┐
39
+ │ 🚀 BMAD+ — What You Get │
40
+ ├─────────────────────────────────────────────────────────────────────┤
41
+ │ │
42
+ │ 56+ Agents Talk to Atlas, Forge, Sentinel, Nexus, │
43
+ │ Shadow, Zecher — each handles multiple roles │
44
+ │ │
45
+ │ 9 Packs Core dev · OSINT · GRC compliance · SDLC │
46
+ │ · SEO audit · Memory · Backup · Maker · Animated │
47
+ │ │
48
+ │ Autopilot Say "autopilot" → Nexus orchestrates │
49
+ │ idea → PRD → architecture → code → tests → ship │
50
+ │ │
51
+ │ Parallel Independent tasks run concurrently │
52
+ │ with conflict detection and supervision │
53
+ │ │
54
+ │ Memory Persistent brain across sessions │
55
+ │ with project scanner and Karpathy guardrails │
56
+ │ │
57
+ │ 5 IDEs Claude Code · Gemini CLI · Antigravity │
58
+ │ · Codex CLI · OpenCode — auto-detected │
59
+ │ │
60
+ │ 10 Languages CLI installer in EN, FR, ES, DE, IT, PT, │
61
+ │ NL, RU, ZH, JA │
62
+ │ │
63
+ │ 143 Tests Full functional + unit test coverage │
64
+ │ │
65
+ └─────────────────────────────────────────────────────────────────────┘
66
+ ```
67
+
68
+ ### Not Just Development
69
+
70
+ | Domain | What BMAD+ Does | Agent/Pack |
71
+ |--------|----------------|------------|
72
+ | 📊 **Strategy** | Market research, SWOT, product briefs, PRDs, UX design | Atlas (Core) |
73
+ | 🏗️ **Development** | Architecture, TDD, code generation, documentation | Forge (Core) |
74
+ | 🔍 **Quality** | Code review, E2E tests, UX audit, accessibility | Sentinel (Core) |
75
+ | 🎼 **Management** | Sprint planning, story breakdown, retrospectives | Nexus (Core) |
76
+ | 🕵️ **OSINT** | Person investigation, social scraping, psychoprofiling | Shadow (OSINT Pack) |
77
+ | 🛡️ **Compliance** | GDPR, ISO 27001, SOC 2, HIPAA, EU AI Act — 25+ frameworks | 38 agents (Shield Pack) |
78
+ | 🔎 **SEO** | 6-phase audit, PageSpeed loop, Google APIs, competitor analysis | Scout/Chief/Judge (SEO Pack) |
79
+ | 🧠 **Memory** | Cross-session brain, decision recall, session handoffs | Zecher (Memory Pack) |
80
+ | 🧬 **Agent Creation** | Design, build, validate and package new agents | Maker (Maker Pack) |
81
+
82
+ ### Why BMAD+ over BMAD-METHOD?
35
83
 
36
84
  | BMAD-METHOD | BMAD+ |
37
85
  |---|---|
38
- | 9 specialized agents | **56+ agents** across 9 packs |
86
+ | 9 specialized agents | **56+ agents** (12 roles total) |
39
87
  | Manual activation only | **Intelligent auto-activation** at 3 levels |
40
88
  | No automated pipeline | **Autopilot Mode**: idea → delivery |
41
89
  | Sequential execution | **Supervised parallelism** |
42
90
  | No persistent memory | **Cross-session brain** with project scanner |
43
91
  | 1-2 IDEs supported | **5 IDEs** with auto-detection |
92
+ | 1 module | **9 modular packs** (Core, OSINT, Shield, Dev Studio, SEO, Memory...) |
44
93
 
45
94
  ---
46
95
 
@@ -106,6 +155,7 @@ The installer:
106
155
  | Recall past decisions/context | **Zecher** 🧠 | `Zecher, what did we decide about the auth strategy?` |
107
156
  | Session handoff summary | **Zecher** 🧠 | `Zecher, create a handoff for the next session` |
108
157
 
158
+
109
159
  #### 🚀 Typical Workflow (manual mode)
110
160
 
111
161
  ```
@@ -202,21 +252,21 @@ npx bmad-plus scan D:\DEV --yes --depth 6
202
252
  ```mermaid
203
253
  graph TB
204
254
  subgraph Core["⚙️ Core Pack"]
205
- AT["Atlas 🎯"]
206
- FG["Forge 🏗️"]
207
- SN["Sentinel 🔍"]
208
- NX["Nexus 🎼"]
255
+ AT["Atlas 🎯<br/>Strategy & Product"]
256
+ FG["Forge 🏗️<br/>Architecture & Code"]
257
+ SN["Sentinel 🔍<br/>QA & UX Review"]
258
+ NX["Nexus 🎼<br/>Orchestrator"]
209
259
  end
210
260
 
211
261
  subgraph Packs["📦 Modular Packs"]
212
- SH["Shadow 🕵️ OSINT"]
213
- MK["Maker 🧬"]
214
- ZC["Zecher 🧠 Memory"]
215
- SD["Shield 🛡️ GRC 38 agents"]
216
- DS["Dev Studio 🏗️ SDLC 56+ agents"]
217
- SEO["SEO Engine 🔎 3 agents"]
218
- BK["Backup 🗂️"]
219
- AN["Animated 🎬"]
262
+ SH["Shadow 🕵️<br/>OSINT Intelligence"]
263
+ MK["Maker 🧬<br/>Agent Creator"]
264
+ ZC["Zecher 🧠<br/>Memory Guardian"]
265
+ SD["Shield 🛡️<br/>GRC Compliance (38 agents)"]
266
+ DS["Dev Studio 🏗️<br/>Full SDLC (6 agents)"]
267
+ SEO["SEO Engine 🔎<br/>3 agents · 6 phases"]
268
+ BK["Backup 🗂️<br/>Smart Archive"]
269
+ AN["Animated 🎬<br/>Scroll-Driven Sites"]
220
270
  end
221
271
 
222
272
  subgraph Skills["⚡ Core Skills"]
@@ -333,6 +383,22 @@ graph TB
333
383
 
334
384
  ---
335
385
 
386
+ ### Zecher — Memory Guardian 🧠 *(Memory Pack)*
387
+
388
+ **Persistent cross-session brain agent.** Maintains project knowledge across conversations.
389
+
390
+ | Capability | Description |
391
+ |-----------|-------------|
392
+ | **Session Handoff** | Auto-creates session summaries with decisions, patterns, and lessons learned |
393
+ | **Context Recall** | Retrieves relevant past decisions/patterns at conversation start |
394
+ | **Brain Health** | Monitors memory files integrity and detects staleness |
395
+ | **Cross-Project** | Links project memory to the global brain (`~/.bmad-plus/brain/`) |
396
+ | **Karpathy Guardrails** | Prevents hallucinated memories — every entry needs source evidence |
397
+
398
+ **Memory files:** `decisions.md`, `lessons.md`, `patterns.md`, `context.md`, `sessions/`
399
+
400
+ ---
401
+
336
402
  ## 📦 Pack System
337
403
 
338
404
  BMAD+ uses a modular pack system. Core is always installed, additional packs are optional.
@@ -345,32 +411,28 @@ npx bmad-plus install
345
411
 
346
412
  🔍 OSINT — Shadow (investigation, scraping, psychoprofiling)
347
413
  🧬 Agent Creator — Maker (design, build, package)
348
- 🛡️ Shield GRC38 compliance agents (GDPR, ISO 27001, SOC 2, HIPAA...)
349
- 🏗️ Dev Studio — 6 SDLC agents (full lifecycle: design to deploy)
350
- 🔎 SEO Engine — Scout, Chief, Judge (6-phase audit, PageSpeed)
351
- 🧠 Memory — Zecher (persistent brain, session handoffs)
352
- 🗂️ Backup — Smart archive with versioning
353
- 🎬 Animated — Scroll-driven animated websites
414
+ 🛡️ Security AuditShield (vulnerability scan)
354
415
  🤖 Install everything
355
416
  None — Core only
356
417
  ```
357
418
 
358
- | Pack | Agents | Description | Status |
419
+ | Pack | Agents | What it does | Status |
359
420
  |------|--------|-------------|--------|
360
- | ⚙️ **Core** | Atlas, Forge, Sentinel, Nexus | Strategy, dev, QA, orchestration | ✅ Stable |
361
- | 🔍 **OSINT** | Shadow | OSINT intelligence, 55+ Apify actors, 7 APIs | ✅ Stable |
362
- | 🧬 **Maker** | Maker | Design, build, validate new BMAD+ agents | ✅ Stable |
363
- | 🛡️ **Shield** | 38 GRC agents | GDPR, ISO 27001, SOC 2, HIPAA, EU AI Act | ✅ Stable |
364
- | 🏗️ **Dev Studio** | 6 SDLC agents | Full lifecycle: design to deploy | ✅ Stable |
365
- | 🔎 **SEO** | Scout, Chief, Judge | 6-phase audit, PageSpeed loop, Google APIs | ✅ Stable |
366
- | 🧠 **Memory** | Zecher | Cross-session brain, decision recall, handoffs | ✅ Stable |
367
- | 🗂️ **Backup** | Backup Agent | Smart archive with versioning | ✅ Stable |
368
- | 🎬 **Animated** | Creative Agent | Scroll-driven animated websites | ✅ Stable |
421
+ | ⚙️ **Core** | Atlas, Forge, Sentinel, Nexus | Full dev lifecycle: strategy → architecture → code → QA | ✅ Stable |
422
+ | 🔍 **OSINT** | Shadow | Person investigation, social scraping, psychoprofiling (55+ Apify actors) | ✅ Stable |
423
+ | 🧬 **Maker** | Maker | Design, build, validate, and package new BMAD+ agents | ✅ Stable |
424
+ | 🛡️ **Shield** | 38 compliance agents | GRC across 25+ frameworks: GDPR, ISO 27001, SOC 2, HIPAA, PCI DSS, EU AI Act, DORA, NIS2 | ✅ Stable |
425
+ | 🏗️ **Dev Studio** | 6 specialized SDLC agents | Full SDLC: brainstorm PRD → architecture → TDD → review (30 workflows, BWML DSL) | ✅ Stable |
426
+ | 🔍 **SEO** | Scout, Chief, Judge | 6-phase SEO audit, PageSpeed perfection loop, Google APIs, competitor benchmark | ✅ Stable |
427
+ | 🗂️ **Backup** | Backup Agent | Timestamped ZIP with smart exclusions (node_modules, .git, dist...) | ✅ Stable |
428
+ | 🎬 **Animated** | Animated Website Agent | Luxury scroll-driven website from video input | ✅ Stable |
429
+ | 🧠 **Memory** | Zecher | Cross-session brain, project scanner, Karpathy guardrails | ✅ Stable |
369
430
 
370
431
  Each pack defines:
371
- - Its agents and skills
372
- - Its required/optional API keys
373
- - Its external package (if applicable)
432
+ - Its agents, skills, and workflows
433
+ - Required/optional API keys
434
+ - External packages (if applicable)
435
+ - Cohabitation rules with other packs
374
436
 
375
437
  ---
376
438
 
@@ -411,7 +473,7 @@ Give a project idea → Nexus orchestrates the complete pipeline:
411
473
  ```
412
474
 
413
475
  **Configurable checkpoints:**
414
- - `require_approval` (🔴) — Pause, wait for approval
476
+ - `require_approval` (🔴) — Pause, WhatsApp notification, wait
415
477
  - `notify_only` (🟡) — Notification, continues unless intervened
416
478
  - `auto` (🟢) — Continues automatically
417
479
 
@@ -441,51 +503,8 @@ The installer automatically detects IDEs and generates configs:
441
503
  | Codex CLI | `AGENTS.md` | `.codex/` folder |
442
504
  | OpenCode | `OPENCODE.md` | opencode config |
443
505
 
444
- ---
445
506
 
446
- ## 📁 Project Structure
447
507
 
448
- ```
449
- BMAD+/
450
- ├── README.md ← This file (English)
451
- ├── readme-international/ ← Translated READMEs (fr, es, de)
452
- ├── CHANGELOG.md ← Version history
453
- ├── CLAUDE.md ← Claude Code Config
454
- ├── GEMINI.md ← Gemini CLI Config
455
- ├── AGENTS.md ← Codex CLI / OpenCode Config
456
- ├── .gitignore
457
-
458
- ├── src/
459
- │ └── bmad-plus/ ⭐ CUSTOM MODULE
460
- │ ├── module.yaml ← Module + packs config
461
- │ ├── module-help.csv ← Contextual help
462
- │ ├── agents/
463
- │ │ ├── agent-strategist/ ← Atlas (analyst + pm)
464
- │ │ ├── agent-architect-dev/ ← Forge (architect + dev + tw)
465
- │ │ ├── agent-quality/ ← Sentinel (qa + ux)
466
- │ │ ├── agent-orchestrator/ ← Nexus (sm + qf + autopilot + parallel)
467
- │ │ ├── agent-maker/ ← Maker (meta-agent) [pack: maker]
468
- │ │ └── agent-shadow/ ← Shadow (osint) [pack: osint]
469
- │ ├── skills/
470
- │ │ ├── bmad-plus-autopilot/ ← Automated pipeline
471
- │ │ └── bmad-plus-parallel/ ← Parallel execution
472
- │ └── data/
473
- │ └── role-triggers.yaml ← Auto-activation rules
474
-
475
- ├── tools/
476
- │ └── cli/ 🛠️ NPX INSTALLER
477
- │ └── install.js ← npx bmad-plus install
478
-
479
- ├── osint-agent-package/ 🔍 OSINT PACKAGE
480
- │ ├── agents/ ← Shadow Agent (OSINT investigator)
481
- │ ├── skills/ ← 55+ Apify actors
482
- │ └── install.ps1 ← Installation script
483
-
484
- └── upstream/ 📦 UPSTREAM REFERENCE
485
- └── (clone of BMAD-METHOD) ← Excluded from repo (.gitignore)
486
- ```
487
-
488
- ---
489
508
 
490
509
  ## ⚙️ Configuration
491
510
 
@@ -504,6 +523,8 @@ BMAD+/
504
523
 
505
524
  | Key | Pack | Usage |
506
525
  |-----|------|-------|
526
+ | `GEMINI_API_KEY` | Monitor | AI Analysis of upstream diffs |
527
+ | `EVOLUTION_API_KEY` | Monitor | WhatsApp Notifications |
507
528
  | `APIFY_API_TOKEN` | OSINT | Social media scraping |
508
529
  | `PERPLEXITY_API_KEY` | OSINT | Enriched search |
509
530
 
@@ -513,7 +534,7 @@ BMAD+/
513
534
 
514
535
  | Version | Date | Description |
515
536
  |---------|------|-------------|
516
- | **0.1.0** | 2026-03-17 | 🎉 Foundation — 56+ agents (Atlas, Forge, Sentinel, Nexus, Shadow, Maker), 3 skills, pack system, multi-IDE support |
537
+ | **0.1.0** | 2026-03-17 | 🎉 Foundation — 56+ agents (Atlas, Forge, Sentinel, Nexus, Shadow, Maker), 3 skills, pack system, monitoring, multi-IDE support |
517
538
  | **0.2.0** | 2026-03-18 | 🔀 Oveanet Fusion — 3 new utility packs: SEO Audit 360, Universal Backup, Animated Website |
518
539
  | **0.3.0** | 2026-03-19 | 🚀 SEO Engine v2.0 — 3 multi-role agents, 4 Python scripts, 6-phase workflow, PageSpeed loop, GEO analysis |
519
540
  | **0.4.0** | 2026-03-19 | 🏢 SEO Engine v2.1 — SKILL.md orchestrator, Google APIs, HTML reports, competitor benchmark, 50 tests, GSC + GA4 extensions |
@@ -523,7 +544,8 @@ BMAD+/
523
544
  | **0.4.4** | 2026-05-17 | 🔧 UTF-8 encoding fix, complete i18n 10 languages, 62 unit tests |
524
545
  | **0.5.0** | 2026-05-17 | 🛡️ **Pack Shield** — 38 GRC compliance agents, 7 categories, 25+ frameworks (GDPR, ISO 27001, SOC 2, EU AI Act...) |
525
546
  | **0.6.0** | 2026-05-17 | 🏗️ **Pack Dev Studio** — 6 SDLC agents (Miriam, Yosef, Bezalel...) + 30 SDLC workflows, BWML DSL |
526
- | **0.8.0** | 2026-06-24 | 🚀 **Augmented & Secure** — 3 new packs (animated, backup, seo), P0 security remediation, 143/143 tests |
547
+ | **0.8.0** | 2026-06-24 | 🚀 **Augmented** — 3 new packs (animated, backup, seo), security remediation pass, i18n sync |
548
+ | **0.9.0** | 2026-06-24 | 🔒 **Secure** — audit remediation cycle, npm audit clean, shared pack registry (`lib/packs.js`) |
527
549
 
528
550
  See [CHANGELOG.md](CHANGELOG.md) for full details.
529
551
 
@@ -1,88 +1,88 @@
1
- # 🔍 OSINT Agent Package — BMAD Compatible
2
-
3
- Agent d'intelligence OSINT pour les installations BMAD. De un nom ou pseudo à un dossier complet avec psychoprofil, parcours professionnel et grades de confiance.
4
-
5
- ## Features
6
- - 🔎 Investigation complète Phase 0→6 (recherche → dossier formaté)
7
- - 🧠 Psychoprofile MBTI / Big Five
8
- - 📊 55+ Apify actors (Instagram, LinkedIn, Facebook, TikTok, YouTube...)
9
- - 🌐 7 APIs de recherche (Perplexity, Exa, Tavily, Jina, Parallel, BrightData)
10
- - ⚡ Recherche parallèle multi-moteurs
11
- - 🐍 **100% Python stdlib** — zéro dépendance externe
12
- - 🖥️ **Cross-platform** — Windows, macOS, Linux
13
-
14
- ## Prérequis
15
- - Python 3.10+
16
- - BMAD Method installé
17
- - Au minimum 1 clé API (voir [SETUP_KEYS.md](SETUP_KEYS.md))
18
-
19
- ## Installation rapide
20
-
21
- ### Option 1 : Script automatique (Windows)
22
- ```powershell
23
- .\install.ps1
24
- ```
25
-
26
- ### Option 2 : Manuel
27
- 1. Copier l'agent dans BMAD :
28
- ```
29
- agents/osint-investigator.md → {project}/_bmad/bmm/agents/
30
- ```
31
-
32
- 2. Copier les 2 skills :
33
- ```
34
- skills/bmad-osint-investigator/ → {project}/.agents/skills/
35
- skills/bmad-osint-investigate/ → {project}/.agents/skills/
36
- ```
37
-
38
- 3. Configurer les clés API (voir [SETUP_KEYS.md](SETUP_KEYS.md))
39
-
40
- 4. Tester :
41
- ```
42
- python skills/bmad-osint-investigate/osint/scripts/diagnose.py
43
- ```
44
-
45
- ## Utilisation
46
- 1. Invoquer le skill `bmad-osint-investigator` dans votre AI agent
47
- 2. L'agent "Shadow" s'active avec son menu :
48
- - `[INV]` Investigation complète
49
- - `[QS]` Recherche rapide
50
- - `[LI]` Scrape LinkedIn
51
- - `[IG]` Scrape Instagram
52
- - `[PP]` Psychoprofile
53
- - `[CE]` Enrichissement contact
54
- - `[DG]` Diagnostic outils
55
-
56
- ## Structure du package
57
- ```
58
- osint-agent-package/
59
- ├── README.md ← Ce fichier
60
- ├── SETUP_KEYS.md ← Guide de configuration des clés API
61
- ├── install.ps1 ← Script d'installation (Windows)
62
- ├── install.sh ← Script d'installation (macOS/Linux)
63
- ├── agents/
64
- │ └── osint-investigator.md ← Agent BMAD "Shadow"
65
- └── skills/
66
- ├── bmad-osint-investigator/
67
- │ └── SKILL.md ← Point d'entrée agent
68
- └── bmad-osint-investigate/
69
- ├── SKILL.md ← Skill d'investigation
70
- └── osint/
71
- ├── SKILL.md ← Pipeline complet (452 lignes)
72
- ├── assets/ ← Template dossier
73
- ├── references/ ← Docs plateformes, outils, psycho
74
- └── scripts/ ← 10 scripts Python (stdlib only)
75
- ```
76
-
77
- ## Sécurité
78
- - ✅ Audit de sécurité complet réalisé (14 fichiers analysés)
79
- - ✅ Aucun trojan, backdoor, ou code malveillant
80
- - ✅ Zéro dépendance externe — uniquement Python stdlib
81
- - ✅ Les clés API restent locales (variables d'environnement)
82
-
83
- ## Crédits
84
- - Pipeline OSINT basé sur [smixs/osint-skill](https://github.com/smixs/osint-skill) (MIT License)
85
- - Apify Actor Runner intégré de [apify/agent-skills](https://github.com/apify/agent-skills) (MIT License)
86
-
87
- ## Licence
88
- MIT
1
+ # 🔍 OSINT Agent Package — BMAD Compatible
2
+
3
+ Agent d'intelligence OSINT pour les installations BMAD. De un nom ou pseudo à un dossier complet avec psychoprofil, parcours professionnel et grades de confiance.
4
+
5
+ ## Features
6
+ - 🔎 Investigation complète Phase 0→6 (recherche → dossier formaté)
7
+ - 🧠 Psychoprofile MBTI / Big Five
8
+ - 📊 55+ Apify actors (Instagram, LinkedIn, Facebook, TikTok, YouTube...)
9
+ - 🌐 7 APIs de recherche (Perplexity, Exa, Tavily, Jina, Parallel, BrightData)
10
+ - ⚡ Recherche parallèle multi-moteurs
11
+ - 🐍 **100% Python stdlib** — zéro dépendance externe
12
+ - 🖥️ **Cross-platform** — Windows, macOS, Linux
13
+
14
+ ## Prérequis
15
+ - Python 3.10+
16
+ - BMAD Method installé
17
+ - Au minimum 1 clé API (voir [SETUP_KEYS.md](SETUP_KEYS.md))
18
+
19
+ ## Installation rapide
20
+
21
+ ### Option 1 : Script automatique (Windows)
22
+ ```powershell
23
+ .\install.ps1
24
+ ```
25
+
26
+ ### Option 2 : Manuel
27
+ 1. Copier l'agent dans BMAD :
28
+ ```
29
+ agents/osint-investigator.md → {project}/_bmad/bmm/agents/
30
+ ```
31
+
32
+ 2. Copier les 2 skills :
33
+ ```
34
+ skills/bmad-osint-investigator/ → {project}/.agents/skills/
35
+ skills/bmad-osint-investigate/ → {project}/.agents/skills/
36
+ ```
37
+
38
+ 3. Configurer les clés API (voir [SETUP_KEYS.md](SETUP_KEYS.md))
39
+
40
+ 4. Tester :
41
+ ```
42
+ python skills/bmad-osint-investigate/osint/scripts/diagnose.py
43
+ ```
44
+
45
+ ## Utilisation
46
+ 1. Invoquer le skill `bmad-osint-investigator` dans votre AI agent
47
+ 2. L'agent "Shadow" s'active avec son menu :
48
+ - `[INV]` Investigation complète
49
+ - `[QS]` Recherche rapide
50
+ - `[LI]` Scrape LinkedIn
51
+ - `[IG]` Scrape Instagram
52
+ - `[PP]` Psychoprofile
53
+ - `[CE]` Enrichissement contact
54
+ - `[DG]` Diagnostic outils
55
+
56
+ ## Structure du package
57
+ ```
58
+ osint-agent-package/
59
+ ├── README.md ← Ce fichier
60
+ ├── SETUP_KEYS.md ← Guide de configuration des clés API
61
+ ├── install.ps1 ← Script d'installation (Windows)
62
+ ├── install.sh ← Script d'installation (macOS/Linux)
63
+ ├── agents/
64
+ │ └── osint-investigator.md ← Agent BMAD "Shadow"
65
+ └── skills/
66
+ ├── bmad-osint-investigator/
67
+ │ └── SKILL.md ← Point d'entrée agent
68
+ └── bmad-osint-investigate/
69
+ ├── SKILL.md ← Skill d'investigation
70
+ └── osint/
71
+ ├── SKILL.md ← Pipeline complet (452 lignes)
72
+ ├── assets/ ← Template dossier
73
+ ├── references/ ← Docs plateformes, outils, psycho
74
+ └── scripts/ ← 10 scripts Python (stdlib only)
75
+ ```
76
+
77
+ ## Sécurité
78
+ - ✅ Audit de sécurité complet réalisé (14 fichiers analysés)
79
+ - ✅ Aucun trojan, backdoor, ou code malveillant
80
+ - ✅ Zéro dépendance externe — uniquement Python stdlib
81
+ - ✅ Les clés API restent locales (variables d'environnement)
82
+
83
+ ## Crédits
84
+ - Pipeline OSINT basé sur [smixs/osint-skill](https://github.com/smixs/osint-skill) (MIT License)
85
+ - Apify Actor Runner intégré de [apify/agent-skills](https://github.com/apify/agent-skills) (MIT License)
86
+
87
+ ## Licence
88
+ MIT