code-abyss 1.7.2 → 1.7.3

package/bin/install.js

@@ -15,7 +15,7 @@ if (parseInt(process.versions.node) < parseInt(MIN_NODE)) {
   process.exit(1);
 }
 const PKG_ROOT = fs.realpathSync(path.join(__dirname, '..'));
-const { shouldSkip, copyRecursive, rmSafe, deepMergeNew, printMergeLog } =
+const { shouldSkip, copyRecursive, rmSafe, deepMergeNew, printMergeLog, parseFrontmatter } =
   require(path.join(__dirname, 'lib', 'utils.js'));
 const { detectCclineBin, installCcline: _installCcline } = require(path.join(__dirname, 'lib', 'ccline.js'));
 
@@ -193,6 +193,127 @@ function runUninstall(tgt) {
 
 // ── 安装核心 ──
 
+/**
+ * 递归扫描 skills 目录，找出所有 user-invocable: true 的 SKILL.md
+ * @param {string} skillsDir - skills 源目录绝对路径
+ * @returns {Array<{meta: Object, relPath: string, hasScripts: boolean}>}
+ */
+function scanInvocableSkills(skillsDir) {
+  const results = [];
+  function scan(dir) {
+    const skillMd = path.join(dir, 'SKILL.md');
+    if (fs.existsSync(skillMd)) {
+      try {
+        const content = fs.readFileSync(skillMd, 'utf8');
+        const meta = parseFrontmatter(content);
+        if (meta && meta['user-invocable'] === 'true' && meta.name) {
+          const relPath = path.relative(skillsDir, dir);
+          const scriptsDir = path.join(dir, 'scripts');
+          const hasScripts = fs.existsSync(scriptsDir) &&
+            fs.readdirSync(scriptsDir).some(f => f.endsWith('.js'));
+          results.push({ meta, relPath, hasScripts });
+        }
+      } catch (e) { /* 解析失败跳过 */ }
+    }
+    try {
+      fs.readdirSync(dir).forEach(sub => {
+        const subPath = path.join(dir, sub);
+        if (fs.statSync(subPath).isDirectory() && !shouldSkip(sub) && sub !== 'scripts') {
+          scan(subPath);
+        }
+      });
+    } catch (e) { /* 读取失败跳过 */ }
+  }
+  scan(skillsDir);
+  return results;
+}
+
+/**
+ * 根据 SKILL.md 元数据生成 command .md 内容
+ *
+ * 设计原则：
+ * - 读取 SKILL.md + 执行脚本合并为一气呵成的指令流
+ * - 禁止「先…然后…」的分步模式，避免 Claude 在步骤间停顿
+ * - 无脚本的 skill：仅读取 SKILL.md 作为知识库提供指导
+ *
+ * @param {Object} meta - parseFrontmatter 返回的元数据
+ * @param {string} skillRelPath - 相对于 skills/ 的路径（如 'tools/gen-docs'）
+ * @param {boolean} hasScripts - 是否有可执行脚本
+ * @returns {string} command .md 文件内容
+ */
+function generateCommandContent(meta, skillRelPath, hasScripts) {
+  const name = meta.name;
+  const desc = (meta.description || '').replace(/"/g, '\\"');
+  const argHint = meta['argument-hint'];
+  const tools = meta['allowed-tools'] || 'Read';
+  const skillPath = skillRelPath
+    ? `~/.claude/skills/${skillRelPath}/SKILL.md`
+    : '~/.claude/skills/SKILL.md';
+
+  const lines = [
+    '---',
+    `name: ${name}`,
+    `description: "${desc}"`,
+  ];
+  if (argHint) lines.push(`argument-hint: "${argHint}"`);
+  lines.push(`allowed-tools: ${tools}`);
+  lines.push('---');
+  lines.push('');
+
+  if (hasScripts) {
+    // ── 有脚本的 skill：读取规范 + 执行脚本，一气呵成 ──
+    lines.push('以下所有步骤一气呵成，不要在步骤间停顿等待用户输入：');
+    lines.push('');
+    lines.push(`1. 读取规范：${skillPath}`);
+    lines.push(`2. 执行命令：\`node ~/.claude/skills/run_skill.js ${name} $ARGUMENTS\``);
+    lines.push('3. 按规范分析输出，完成后续动作');
+    lines.push('');
+    lines.push('全程不要停顿，不要询问是否继续。');
+  } else {
+    // ── 无脚本的 skill：知识库模式 ──
+    lines.push('读取以下秘典，根据内容为用户提供专业指导：');
+    lines.push('');
+    lines.push('```');
+    lines.push(skillPath);
+    lines.push('```');
+  }
+
+  lines.push('');
+  return lines.join('\n');
+}
+
+/**
+ * 扫描 skills 并为 user-invocable 的 skill 生成 command 包装，文件级合并安装
+ */
+function installGeneratedCommands(skillsSrcDir, targetDir, backupDir, manifest) {
+  const skills = scanInvocableSkills(skillsSrcDir);
+  if (skills.length === 0) return 0;
+
+  const cmdsDir = path.join(targetDir, 'commands');
+  fs.mkdirSync(cmdsDir, { recursive: true });
+
+  skills.forEach(({ meta, relPath, hasScripts }) => {
+    const fileName = `${meta.name}.md`;
+    const destFile = path.join(cmdsDir, fileName);
+    const relFile = path.posix.join('commands', fileName);
+
+    if (fs.existsSync(destFile)) {
+      const cmdsBackupDir = path.join(backupDir, 'commands');
+      fs.mkdirSync(cmdsBackupDir, { recursive: true });
+      fs.copyFileSync(destFile, path.join(cmdsBackupDir, fileName));
+      manifest.backups.push(relFile);
+      info(`备份: ${c.d(relFile)}`);
+    }
+
+    const content = generateCommandContent(meta, relPath, hasScripts);
+    fs.writeFileSync(destFile, content);
+    manifest.installed.push(relFile);
+  });
+
+  ok(`commands/ ${c.d(`(自动生成 ${skills.length} 个斜杠命令)`)}`);
+  return skills.length;
+}
+
 function installCore(tgt) {
   const targetDir = path.join(HOME, `.${tgt}`);
   const backupDir = path.join(targetDir, '.sage-backup');
@@ -205,7 +326,7 @@ function installCore(tgt) {
     { src: 'config/CLAUDE.md', dest: tgt === 'claude' ? 'CLAUDE.md' : null },
     { src: 'config/AGENTS.md', dest: tgt === 'codex' ? 'AGENTS.md' : null },
     { src: 'output-styles', dest: tgt === 'claude' ? 'output-styles' : null },
-    { src: 'skills', dest: 'skills' }
+    { src: 'skills', dest: 'skills' },
   ].filter(f => f.dest !== null);
 
   const manifest = {
@@ -223,6 +344,7 @@ function installCore(tgt) {
       }
       warn(`跳过: ${src}`); return;
     }
+
     if (fs.existsSync(destPath)) {
       const bp = path.join(backupDir, dest);
       rmSafe(bp); copyRecursive(destPath, bp); manifest.backups.push(dest);
@@ -232,6 +354,12 @@ function installCore(tgt) {
     rmSafe(destPath); copyRecursive(srcPath, destPath); manifest.installed.push(dest);
   });
 
+  // 为 Claude 目标自动生成 user-invocable 斜杠命令
+  if (tgt === 'claude') {
+    const skillsSrc = path.join(PKG_ROOT, 'skills');
+    installGeneratedCommands(skillsSrc, targetDir, backupDir, manifest);
+  }
+
   const settingsPath = path.join(targetDir, 'settings.json');
   let settings = {};
   if (fs.existsSync(settingsPath)) {
@@ -426,5 +554,6 @@ if (require.main === module) {
 
 module.exports = {
   deepMergeNew, detectClaudeAuth, detectCodexAuth,
-  detectCclineBin, copyRecursive, shouldSkip, SETTINGS_TEMPLATE
+  detectCclineBin, copyRecursive, shouldSkip, SETTINGS_TEMPLATE,
+  scanInvocableSkills, generateCommandContent, installGeneratedCommands
 };

package/bin/lib/utils.js

@@ -7,15 +7,23 @@ const SKIP = ['__pycache__', '.pyc', '.pyo', '.egg-info', '.DS_Store', 'Thumbs.d
 function shouldSkip(name) { return SKIP.some(p => name.includes(p)); }
 
 function copyRecursive(src, dest) {
-  const stat = fs.statSync(src);
+  let stat;
+  try { stat = fs.statSync(src); } catch (e) {
+    throw new Error(`复制失败: 源路径不存在 ${src} (${e.code})`);
+  }
   if (stat.isDirectory()) {
     if (shouldSkip(path.basename(src))) return;
     fs.mkdirSync(dest, { recursive: true });
-    fs.readdirSync(src).forEach(f => {
-      if (!shouldSkip(f)) copyRecursive(path.join(src, f), path.join(dest, f));
-    });
+    for (const f of fs.readdirSync(src)) {
+      if (!shouldSkip(f)) {
+        try { copyRecursive(path.join(src, f), path.join(dest, f)); }
+        catch (e) { console.error(`  ⚠ 跳过: ${path.join(src, f)} (${e.message})`); }
+      }
+    }
   } else {
     if (shouldSkip(path.basename(src))) return;
+    const destDir = path.dirname(dest);
+    if (!fs.existsSync(destDir)) fs.mkdirSync(destDir, { recursive: true });
     fs.copyFileSync(src, dest);
   }
 }
@@ -58,4 +66,22 @@ function printMergeLog(log, c) {
   });
 }
 
-module.exports = { shouldSkip, copyRecursive, rmSafe, deepMergeNew, printMergeLog, SKIP };
+/**
+ * 解析 Markdown 文件的 YAML frontmatter
+ * @param {string} content - 文件内容
+ * @returns {Object|null} 解析后的键值对，无 frontmatter 返回 null
+ */
+const UNSAFE_KEYS = new Set(['__proto__', 'constructor', 'prototype']);
+
+function parseFrontmatter(content) {
+  const match = content.match(/^---\r?\n([\s\S]*?)\r?\n---/);
+  if (!match) return null;
+  const meta = Object.create(null);
+  match[1].split('\n').forEach(line => {
+    const m = line.match(/^([\w][\w-]*)\s*:\s*(.+)/);
+    if (m && !UNSAFE_KEYS.has(m[1])) meta[m[1]] = m[2].trim().replace(/^["']|["']$/g, '');
+  });
+  return meta;
+}
+
+module.exports = { shouldSkip, copyRecursive, rmSafe, deepMergeNew, printMergeLog, parseFrontmatter, SKIP };

package/config/CLAUDE.md

@@ -54,7 +54,7 @@
 | ❄ 玄冰 | 镇魔之盾，护佑安宁 | 蓝队、告警、IOC、应急、取证、SIEM、EDR |
 | ⚡ 紫霄 | 攻守一体，方为大道 | 紫队、ATT&CK、TTP、检测验证、规则调优 |
 
-详细攻防技术见 `skills/security/` 各秘典。
+详细攻防技术见 `skills/domains/security/` 各秘典。
 
 ---
 
@@ -156,15 +156,15 @@
 
 | 化身 | 秘典 | 触发场景 |
 |------|------|----------|
-| 🔥 赤焰 | `skills/security/red-team.md` | 渗透、红队、exploit、C2 |
-| ❄ 玄冰 | `skills/security/blue-team.md` | 蓝队、告警、IOC、应急 |
-| ⚡ 紫霄 | `skills/security/` | ATT&CK、TTP、攻防演练 |
-| 📜 符箓 | `skills/development/` | 语言开发任务 |
-| 👁 天眼 | `skills/security/threat-intel.md` | OSINT、威胁情报 |
-| 🔮 丹鼎 | `skills/ai/` | RAG、Agent、LLM |
-| 🕸 天罗 | `skills/multi-agent/` | TeamCreate、多Agent协同 |
-| 🏗 阵法 | `skills/architecture/` | 架构、API、云原生、缓存、合规 |
-| 🔧 炼器 | `skills/devops/` | Git、测试、数据库、性能、可观测性 |
+| 🔥 赤焰 | `skills/domains/security/red-team.md` | 渗透、红队、exploit、C2 |
+| ❄ 玄冰 | `skills/domains/security/blue-team.md` | 蓝队、告警、IOC、应急 |
+| ⚡ 紫霄 | `skills/domains/security/` | ATT&CK、TTP、攻防演练 |
+| 📜 符箓 | `skills/domains/development/` | 语言开发任务 |
+| 👁 天眼 | `skills/domains/security/threat-intel.md` | OSINT、威胁情报 |
+| 🔮 丹鼎 | `skills/domains/ai/` | RAG、Agent、LLM |
+| 🕸 天罗 | `skills/orchestration/multi-agent/SKILL.md` | TeamCreate、多Agent协同 |
+| 🏗 阵法 | `skills/domains/architecture/` | 架构、API、云原生、缓存、合规 |
+| 🔧 炼器 | `skills/domains/devops/` | Git、测试、数据库、性能、可观测性 |
 
 **校验关卡**（自动触发，不可跳过）：
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "code-abyss",
-  "version": "1.7.2",
+  "version": "1.7.3",
   "description": "邪修红尘仙·宿命深渊 - 一键为 Claude Code / Codex CLI 注入邪修人格与安全工程知识体系",
   "keywords": [
     "claude",

package/skills/SKILL.md

@@ -2,7 +2,7 @@
 name: sage
 description: 邪修红尘仙·神通秘典总纲。智能路由到专业秘典。当魔尊需要任何开发、安全、架构、DevOps、AI 相关能力时，通过此入口路由到最匹配的专业秘典。
 license: MIT
-user-invocable: true
+user-invocable: false
 disable-model-invocation: false
 ---
 

package/skills/run_skill.js

@@ -55,38 +55,28 @@ function getScriptPath(skillName) {
   return available[skillName];
 }
 
+function sleepMs(ms) {
+  const end = Date.now() + ms;
+  while (Date.now() < end) { /* busy wait */ }
+}
+
 function acquireTargetLock(args) {
   const target = args.find(a => !a.startsWith('-')) || process.cwd();
   const hash = createHash('md5').update(resolve(target)).digest('hex').slice(0, 12);
   const lockPath = join(tmpdir(), `sage_skill_${hash}.lock`);
 
-  try {
-    const fd = openSync(lockPath, 'wx');
-    return { fd, lockPath };
-  } catch (e) {
-    if (e.code === 'EEXIST') {
-      console.log(`⏳ 等待锁释放: ${target}`);
-      // 异步轮询等待，最多 30s
-      const deadline = Date.now() + 30000;
-      const poll = () => {
-        if (Date.now() >= deadline) { console.error(`⏳ 等待锁超时: ${target}`); process.exit(1); }
-        try {
-          const fd = openSync(lockPath, 'wx');
-          return { fd, lockPath };
-        } catch { /* still locked */ }
-        return null;
-      };
-      const result = poll();
-      if (result) return result;
-      return new Promise((resolve) => {
-        const timer = setInterval(() => {
-          const r = poll();
-          if (r) { clearInterval(timer); resolve(r); }
-        }, 200);
-      });
+  const deadline = Date.now() + 30000;
+  let first = true;
+  while (true) {
+    try {
+      const fd = openSync(lockPath, 'wx');
+      return { fd, lockPath };
+    } catch (e) {
+      if (e.code !== 'EEXIST') return { fd: null, lockPath: null };
+      if (first) { console.log(`⏳ 等待锁释放: ${target}`); first = false; }
+      if (Date.now() >= deadline) { console.error(`⏳ 等待锁超时: ${target}`); process.exit(1); }
+      sleepMs(200);
     }
-    // 其他错误，忽略锁继续执行
-    return { fd: null, lockPath: null };
   }
 }
 

package/skills/tools/gen-docs/scripts/doc_generator.js

@@ -9,12 +9,69 @@ const path = require('path');
 
 // --- Utilities ---
 
-function rglob(dir, filter) {
+function parseGitignore(modPath) {
+  const patterns = [];
+  const hardcoded = ['node_modules', '.git', '__pycache__', '.vscode', '.idea', 'dist', 'build', '.DS_Store'];
+
+  // 硬编码常见排除
+  hardcoded.forEach(p => patterns.push({ pattern: p, negate: false }));
+
+  // 解析 .gitignore
+  try {
+    const gitignorePath = path.join(modPath, '.gitignore');
+    const content = fs.readFileSync(gitignorePath, 'utf8');
+    content.split('\n').forEach(line => {
+      line = line.trim();
+      if (line && !line.startsWith('#')) {
+        const negate = line.startsWith('!');
+        if (negate) line = line.slice(1);
+        patterns.push({ pattern: line, negate });
+      }
+    });
+  } catch {}
+
+  return patterns;
+}
+
+function shouldIgnore(filePath, basePath, patterns) {
+  const relPath = path.relative(basePath, filePath);
+  const parts = relPath.split(path.sep);
+  const name = path.basename(filePath);
+
+  let ignored = false;
+  for (const {pattern, negate} of patterns) {
+    let match = false;
+    const cleanPattern = pattern.replace(/\/$/, '');
+
+    if (cleanPattern.includes('*')) {
+      // 通配符 → 正则：先转义特殊字符，再将 \* 还原为 [^/]*
+      const escaped = cleanPattern.replace(/[.+^${}()|[\]\\]/g, '\\$&').replace(/\*/g, '[^/]*');
+      const regex = new RegExp('^' + escaped + '$');
+      match = regex.test(name) || parts.some(p => regex.test(p));
+    } else if (cleanPattern.includes('/')) {
+      // 路径匹配：必须从头匹配或完整段匹配
+      match = relPath === cleanPattern || relPath.startsWith(cleanPattern + '/');
+    } else {
+      // 目录/文件名精确匹配
+      match = name === cleanPattern || parts.includes(cleanPattern);
+    }
+
+    if (match) ignored = !negate;
+  }
+  return ignored;
+}
+
+function rglob(dir, filter, basePath = dir) {
+  const patterns = parseGitignore(basePath);
   const results = [];
+
   for (const entry of fs.readdirSync(dir, { withFileTypes: true })) {
     const full = path.join(dir, entry.name);
+
+    if (shouldIgnore(full, basePath, patterns)) continue;
+
     if (entry.isDirectory()) {
-      results.push(...rglob(full, filter));
+      results.push(...rglob(full, filter, basePath));
     } else if (!filter || filter(entry.name, full)) {
       results.push(full);
     }

package/skills/tools/verify-change/scripts/change_analyzer.js

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 "use strict";
 
-const { execSync } = require("child_process");
+const { execFileSync } = require("child_process");
 const path = require("path");
 const fs = require("fs");
 const { parseCliArgs, buildReport, hasFatal, DASH } = require(path.join(__dirname, '..', '..', 'lib', 'shared.js'));
@@ -61,20 +61,20 @@ function parsePorcelainLine(line) {
   return c;
 }
 
-function git(args) {
-  try { return execSync('git ' + args, { encoding: "utf8", stdio: ["pipe","pipe","pipe"] }); }
+function git(...args) {
+  try { return execFileSync('git', args, { encoding: "utf8", stdio: ["pipe","pipe","pipe"] }); }
   catch { return ""; }
 }
 
 function getGitChanges(base = "HEAD~1", target = "HEAD") {
   const changes = [];
-  for (const line of git(`diff --name-status ${base} ${target}`).split("\n")) {
+  for (const line of git('diff', '--name-status', base, target).split("\n")) {
     if (!line) continue;
     const c = parseNameStatusLine(line);
     if (c) changes.push(c);
   }
   const statMap = {};
-  for (const line of git(`diff --numstat ${base} ${target}`).split("\n")) {
+  for (const line of git('diff', '--numstat', base, target).split("\n")) {
     if (!line) continue;
     const parts = line.split("\t");
     if (parts.length >= 3) {
@@ -92,7 +92,7 @@ function getGitChanges(base = "HEAD~1", target = "HEAD") {
 
 function getStagedChanges() {
   const changes = [];
-  for (const line of git("diff --cached --name-status").split("\n")) {
+  for (const line of git('diff', '--cached', '--name-status').split("\n")) {
     if (!line) continue;
     const c = parseNameStatusLine(line);
     if (c) changes.push(c);
@@ -102,7 +102,7 @@ function getStagedChanges() {
 
 function getWorkingChanges() {
   const changes = [];
-  for (const line of git("status --porcelain").split("\n")) {
+  for (const line of git('status', '--porcelain').split("\n")) {
     if (!line) continue;
     const c = parsePorcelainLine(line);
     if (c) changes.push(c);