d1337-kit 3.0.0

package/.agent/workflows/enhance.md

@@ -0,0 +1,63 @@
+---
+description: Add or update features in existing application. Used for iterative development.
+---
+
+# /enhance - Update Application
+
+$ARGUMENTS
+
+---
+
+## Task
+
+This command adds features or makes updates to existing application.
+
+### Steps:
+
+1. **Understand Current State**
+   - Load project state with `python .agent/scripts/session_manager.py info`
+   - Understand existing features, tech stack
+
+2. **Plan Changes**
+   - Determine what will be added/changed
+   - Detect affected files
+   - Check dependencies
+
+3. **Present Plan to User** (for major changes)
+   ```
+   "To add admin panel:
+   - I'll create 15 new files
+   - Update 8 files
+   - Takes ~10 minutes
+   
+   Should I start?"
+   ```
+
+4. **Apply**
+   - Call relevant agents
+   - Make changes
+   - Test
+
+5. **Update Preview**
+   - Hot reload or restart
+
+---
+
+## Usage Examples
+
+```
+/enhance add dark mode
+/enhance build admin panel
+/enhance integrate payment system
+/enhance add search feature
+/enhance edit profile page
+/enhance make responsive
+```
+
+---
+
+## Caution
+
+- Get approval for major changes
+- Warn on conflicting requests (e.g., "use Firebase" when project uses PostgreSQL)
+- Commit each change with git

package/.agent/workflows/orchestrate.md

@@ -0,0 +1,237 @@
+---
+description: Coordinate multiple agents for complex tasks. Use for multi-perspective analysis, comprehensive reviews, or tasks requiring different domain expertise.
+---
+
+# Multi-Agent Orchestration
+
+You are now in **ORCHESTRATION MODE**. Your task: coordinate specialized agents to solve this complex problem.
+
+## Task to Orchestrate
+$ARGUMENTS
+
+---
+
+## 🔴 CRITICAL: Minimum Agent Requirement
+
+> ⚠️ **ORCHESTRATION = MINIMUM 3 DIFFERENT AGENTS**
+> 
+> If you use fewer than 3 agents, you are NOT orchestrating - you're just delegating.
+> 
+> **Validation before completion:**
+> - Count invoked agents
+> - If `agent_count < 3` → STOP and invoke more agents
+> - Single agent = FAILURE of orchestration
+
+### Agent Selection Matrix
+
+| Task Type | REQUIRED Agents (minimum) |
+|-----------|---------------------------|
+| **Web App** | frontend-specialist, backend-specialist, test-engineer |
+| **API** | backend-specialist, security-auditor, test-engineer |
+| **UI/Design** | frontend-specialist, seo-specialist, performance-optimizer |
+| **Database** | database-architect, backend-specialist, security-auditor |
+| **Full Stack** | project-planner, frontend-specialist, backend-specialist, devops-engineer |
+| **Debug** | debugger, explorer-agent, test-engineer |
+| **Security** | security-auditor, penetration-tester, devops-engineer |
+
+---
+
+## Pre-Flight: Mode Check
+
+| Current Mode | Task Type | Action |
+|--------------|-----------|--------|
+| **plan** | Any | ✅ Proceed with planning-first approach |
+| **edit** | Simple execution | ✅ Proceed directly |
+| **edit** | Complex/multi-file | ⚠️ Ask: "This task requires planning. Switch to plan mode?" |
+| **ask** | Any | ⚠️ Ask: "Ready to orchestrate. Switch to edit or plan mode?" |
+
+---
+
+## 🔴 STRICT 2-PHASE ORCHESTRATION
+
+### PHASE 1: PLANNING (Sequential - NO parallel agents)
+
+| Step | Agent | Action |
+|------|-------|--------|
+| 1 | `project-planner` | Create docs/PLAN.md |
+| 2 | (optional) `explorer-agent` | Codebase discovery if needed |
+
+> 🔴 **NO OTHER AGENTS during planning!** Only project-planner and explorer-agent.
+
+### ⏸️ CHECKPOINT: User Approval
+
+```
+After PLAN.md is complete, ASK:
+
+"✅ Plan created: docs/PLAN.md
+
+Do you approve? (Y/N)
+- Y: Start implementation
+- N: I'll revise the plan"
+```
+
+> 🔴 **DO NOT proceed to Phase 2 without explicit user approval!**
+
+### PHASE 2: IMPLEMENTATION (Parallel agents after approval)
+
+| Parallel Group | Agents |
+|----------------|--------|
+| Foundation | `database-architect`, `security-auditor` |
+| Core | `backend-specialist`, `frontend-specialist` |
+| Polish | `test-engineer`, `devops-engineer` |
+
+> ✅ After user approval, invoke multiple agents in PARALLEL.
+
+## Available Agents (17 total)
+
+| Agent | Domain | Use When |
+|-------|--------|----------|
+| `project-planner` | Planning | Task breakdown, PLAN.md |
+| `explorer-agent` | Discovery | Codebase mapping |
+| `frontend-specialist` | UI/UX | React, Vue, CSS, HTML |
+| `backend-specialist` | Server | API, Node.js, Python |
+| `database-architect` | Data | SQL, NoSQL, Schema |
+| `security-auditor` | Security | Vulnerabilities, Auth |
+| `penetration-tester` | Security | Active testing |
+| `test-engineer` | Testing | Unit, E2E, Coverage |
+| `devops-engineer` | Ops | CI/CD, Docker, Deploy |
+| `mobile-developer` | Mobile | React Native, Flutter |
+| `performance-optimizer` | Speed | Lighthouse, Profiling |
+| `seo-specialist` | SEO | Meta, Schema, Rankings |
+| `documentation-writer` | Docs | README, API docs |
+| `debugger` | Debug | Error analysis |
+| `game-developer` | Games | Unity, Godot |
+| `orchestrator` | Meta | Coordination |
+
+---
+
+## Orchestration Protocol
+
+### Step 1: Analyze Task Domains
+Identify ALL domains this task touches:
+```
+□ Security     → security-auditor, penetration-tester
+□ Backend/API  → backend-specialist
+□ Frontend/UI  → frontend-specialist
+□ Database     → database-architect
+□ Testing      → test-engineer
+□ DevOps       → devops-engineer
+□ Mobile       → mobile-developer
+□ Performance  → performance-optimizer
+□ SEO          → seo-specialist
+□ Planning     → project-planner
+```
+
+### Step 2: Phase Detection
+
+| If Plan Exists | Action |
+|----------------|--------|
+| NO `docs/PLAN.md` | → Go to PHASE 1 (planning only) |
+| YES `docs/PLAN.md` + user approved | → Go to PHASE 2 (implementation) |
+
+### Step 3: Execute Based on Phase
+
+**PHASE 1 (Planning):**
+```
+Use the project-planner agent to create PLAN.md
+→ STOP after plan is created
+→ ASK user for approval
+```
+
+**PHASE 2 (Implementation - after approval):**
+```
+Invoke agents in PARALLEL:
+Use the frontend-specialist agent to [task]
+Use the backend-specialist agent to [task]
+Use the test-engineer agent to [task]
+```
+
+**🔴 CRITICAL: Context Passing (MANDATORY)**
+
+When invoking ANY subagent, you MUST include:
+
+1. **Original User Request:** Full text of what user asked
+2. **Decisions Made:** All user answers to Socratic questions
+3. **Previous Agent Work:** Summary of what previous agents did
+4. **Current Plan State:** If plan files exist in workspace, include them
+
+**Example with FULL context:**
+```
+Use the project-planner agent to create PLAN.md:
+
+**CONTEXT:**
+- User Request: "A social platform for students, using mock data"
+- Decisions: Tech=Vue 3, Layout=Grid Widgets, Auth=Mock, Design=Youthful & dynamic
+- Previous Work: Orchestrator asked 6 questions, user chose all options
+- Current Plan: playful-roaming-dream.md exists in workspace with initial structure
+
+**TASK:** Create detailed PLAN.md based on ABOVE decisions. Do NOT infer from folder name.
+```
+
+> ⚠️ **VIOLATION:** Invoking subagent without full context = subagent will make wrong assumptions!
+
+
+### Step 4: Verification (MANDATORY)
+The LAST agent must run appropriate verification scripts:
+```bash
+python .agent/skills/vulnerability-scanner/scripts/security_scan.py .
+python .agent/skills/lint-and-validate/scripts/lint_runner.py .
+```
+
+### Step 5: Synthesize Results
+Combine all agent outputs into unified report.
+
+---
+
+## Output Format
+
+```markdown
+## 🎼 Orchestration Report
+
+### Task
+[Original task summary]
+
+### Mode
+[Current Antigravity Agent mode: plan/edit/ask]
+
+### Agents Invoked (MINIMUM 3)
+| # | Agent | Focus Area | Status |
+|---|-------|------------|--------|
+| 1 | project-planner | Task breakdown | ✅ |
+| 2 | frontend-specialist | UI implementation | ✅ |
+| 3 | test-engineer | Verification scripts | ✅ |
+
+### Verification Scripts Executed
+- [x] security_scan.py → Pass/Fail
+- [x] lint_runner.py → Pass/Fail
+
+### Key Findings
+1. **[Agent 1]**: Finding
+2. **[Agent 2]**: Finding
+3. **[Agent 3]**: Finding
+
+### Deliverables
+- [ ] PLAN.md created
+- [ ] Code implemented
+- [ ] Tests passing
+- [ ] Scripts verified
+
+### Summary
+[One paragraph synthesis of all agent work]
+```
+
+---
+
+## 🔴 EXIT GATE
+
+Before completing orchestration, verify:
+
+1. ✅ **Agent Count:** `invoked_agents >= 3`
+2. ✅ **Scripts Executed:** At least `security_scan.py` ran
+3. ✅ **Report Generated:** Orchestration Report with all agents listed
+
+> **If any check fails → DO NOT mark orchestration complete. Invoke more agents or run scripts.**
+
+---
+
+**Begin orchestration now. Select 3+ agents, execute sequentially, run verification scripts, synthesize results.**

package/.agent/workflows/plan.md

@@ -0,0 +1,89 @@
+---
+description: Create project plan using project-planner agent. No code writing - only plan file generation.
+---
+
+# /plan - Project Planning Mode
+
+$ARGUMENTS
+
+---
+
+## 🔴 CRITICAL RULES
+
+1. **NO CODE WRITING** - This command creates plan file only
+2. **Use project-planner agent** - NOT Antigravity Agent's native Plan mode
+3. **Socratic Gate** - Ask clarifying questions before planning
+4. **Dynamic Naming** - Plan file named based on task
+
+---
+
+## Task
+
+Use the `project-planner` agent with this context:
+
+```
+CONTEXT:
+- User Request: $ARGUMENTS
+- Mode: PLANNING ONLY (no code)
+- Output: docs/PLAN-{task-slug}.md (dynamic naming)
+
+NAMING RULES:
+1. Extract 2-3 key words from request
+2. Lowercase, hyphen-separated
+3. Max 30 characters
+4. Example: "e-commerce cart" → PLAN-ecommerce-cart.md
+
+RULES:
+1. Follow project-planner.md Phase -1 (Context Check)
+2. Follow project-planner.md Phase 0 (Socratic Gate)
+3. Create PLAN-{slug}.md with task breakdown
+4. DO NOT write any code files
+5. REPORT the exact file name created
+```
+
+---
+
+## Expected Output
+
+| Deliverable | Location |
+|-------------|----------|
+| Project Plan | `docs/PLAN-{task-slug}.md` |
+| Task Breakdown | Inside plan file |
+| Agent Assignments | Inside plan file |
+| Verification Checklist | Phase X in plan file |
+
+---
+
+## After Planning
+
+Tell user:
+```
+[OK] Plan created: docs/PLAN-{slug}.md
+
+Next steps:
+- Review the plan
+- Run `/create` to start implementation
+- Or modify plan manually
+```
+
+---
+
+## Naming Examples
+
+| Request | Plan File |
+|---------|-----------|
+| `/plan e-commerce site with cart` | `docs/PLAN-ecommerce-cart.md` |
+| `/plan mobile app for fitness` | `docs/PLAN-fitness-app.md` |
+| `/plan add dark mode feature` | `docs/PLAN-dark-mode.md` |
+| `/plan fix authentication bug` | `docs/PLAN-auth-fix.md` |
+| `/plan SaaS dashboard` | `docs/PLAN-saas-dashboard.md` |
+
+---
+
+## Usage
+
+```
+/plan e-commerce site with cart
+/plan mobile app for fitness tracking
+/plan SaaS dashboard with analytics
+```

package/.agent/workflows/preview.md

@@ -0,0 +1,81 @@
+---
+description: Preview server start, stop, and status check. Local development server management.
+---
+
+# /preview - Preview Management
+
+$ARGUMENTS
+
+---
+
+## Task
+
+Manage preview server: start, stop, status check.
+
+### Commands
+
+```
+/preview           - Show current status
+/preview start     - Start server
+/preview stop      - Stop server
+/preview restart   - Restart
+/preview check     - Health check
+```
+
+---
+
+## Usage Examples
+
+### Start Server
+```
+/preview start
+
+Response:
+🚀 Starting preview...
+   Port: 3000
+   Type: Next.js
+
+✅ Preview ready!
+   URL: http://localhost:3000
+```
+
+### Status Check
+```
+/preview
+
+Response:
+=== Preview Status ===
+
+🌐 URL: http://localhost:3000
+📁 Project: C:/projects/my-app
+🏷️ Type: nextjs
+💚 Health: OK
+```
+
+### Port Conflict
+```
+/preview start
+
+Response:
+⚠️ Port 3000 is in use.
+
+Options:
+1. Start on port 3001
+2. Close app on 3000
+3. Specify different port
+
+Which one? (default: 1)
+```
+
+---
+
+## Technical
+
+Auto preview uses `auto_preview.py` script:
+
+```bash
+python .agent/scripts/auto_preview.py start [port]
+python .agent/scripts/auto_preview.py stop
+python .agent/scripts/auto_preview.py status
+```
+

package/.agent/workflows/recon.md

@@ -0,0 +1,116 @@
+---
+description: Offensive recon — subdomain, DNS history, leak search, fingerprint, OSINT
+---
+// turbo-all
+
+> CONTEXT: Workflow ini dipake buat full offensive recon terhadap target. Pakai SecurityTrails API buat domain/subdomain intel, kombinasi sama web search buat CVE/exploit terbaru.
+
+# /recon — D1337 Offensive Recon
+
+## Prerequisites
+
+- SecurityTrails API key (set di env: `SECTRAILS_KEY`)
+- Target domain/IP dari Ketua/Abangda
+
+---
+
+## Phase 1: Domain Intel (SecurityTrails)
+
+```bash
+# 1. Domain overview
+curl -s "https://api.securitytrails.com/v1/domain/$TARGET" \
+  -H "apikey: $SECTRAILS_KEY" | python -m json.tool
+
+# 2. Subdomain enumeration
+curl -s "https://api.securitytrails.com/v1/domain/$TARGET/subdomains" \
+  -H "apikey: $SECTRAILS_KEY" | python -m json.tool
+
+# 3. DNS history (A records)
+curl -s "https://api.securitytrails.com/v1/history/$TARGET/dns/a" \
+  -H "apikey: $SECTRAILS_KEY" | python -m json.tool
+
+# 4. WHOIS history
+curl -s "https://api.securitytrails.com/v1/history/$TARGET/whois" \
+  -H "apikey: $SECTRAILS_KEY" | python -m json.tool
+
+# 5. Associated domains (reverse IP)
+curl -s "https://api.securitytrails.com/v1/domain/$TARGET/associated" \
+  -H "apikey: $SECTRAILS_KEY" | python -m json.tool
+```
+
+## Phase 2: Tech Fingerprint
+
+```bash
+# Pakai search_web atau firecrawl_search
+# Target: "$TARGET site:shodan.io OR site:censys.io"
+
+# Cek tech stack
+curl -s "https://$TARGET" -I | grep -i "server\|x-powered-by\|x-aspnet\|x-generator"
+
+# Pakai httpx kalau ada
+# httpx -u https://$TARGET -tech-detect -status-code
+```
+
+## Phase 3: CVE & Exploit Hunting (WAJIB)
+
+```bash
+# search_web: "$TARGET_TECH CVE 2024 2025 exploit PoC"
+# search_web: "$TARGET_TECH vulnerability RCE"
+
+# Cek exploit-db
+# firecrawl_search: "site:exploit-db.com $TARGET_TECH"
+
+# Cek GitHub PoCs
+# firecrawl_search: "site:github.com $TARGET_TECH exploit PoC"
+```
+
+**Output yang dibutuhin:**
+- CVE number
+- Affected versions
+- PoC link (GitHub/exploit-db)
+- Attack vector description
+
+## Phase 4: Subdomain Takeover Check
+
+```bash
+# Dari subdomain list Phase 1
+# Cek CNAME records yang dangling
+# dig CNAME sub.$TARGET
+# Kalau NXDOMAIN + CNAME ke service (AWS, Azure, Heroku) → takeover possible
+```
+
+## Phase 5: Report
+
+Output format:
+
+```markdown
+# Recon Report: $TARGET
+
+## Domain Intel
+- Subdomains found: X
+- DNS history changes: Y
+- Associated domains: Z
+
+## Tech Stack
+- Server: X
+- Framework: Y
+- CMS: Z
+
+## Vulnerabilities Found
+| CVE | Severity | PoC | Status |
+|-----|----------|-----|--------|
+| CVE-XXXX-XXXXX | Critical | [link] | Unpatched |
+
+## Subdomain Takeover
+| Subdomain | CNAME | Status |
+|-----------|-------|--------|
+
+## Recommended Attack Vectors
+1. ...
+2. ...
+3. ...
+```
+
+---
+
+> **Recon itu fondasi. Tanpa recon yang solid, exploit lu bakal sia-sia. SCAN HABIS, DOCUMENT SEMUA.**

package/.agent/workflows/scan.md

@@ -0,0 +1,107 @@
+---
+description: Scan target — fingerprint, exploit, verify vuln, collect loot
+---
+// turbo-all
+
+> CONTEXT: Full scan workflow — dari fingerprint sampe exploit verification. WAJIB cari PoC terbaru sebelum attack.
+
+# /scan — D1337 Target Scanner
+
+## Prerequisites
+
+- Target URL/IP dari Ketua/Abangda
+- SecurityTrails API key (optional, buat enrichment)
+- Recon data dari `/recon` (recommended)
+
+---
+
+## Step 1: Fingerprint Target
+
+```bash
+# HTTP headers
+curl -sI "https://$TARGET" | head -20
+
+# Tech detection
+# search_web: "$TARGET technology stack"
+
+# Port scan (kalau punya akses nmap)
+# nmap -sV -sC -T4 $TARGET -oN scan_$TARGET.txt
+```
+
+## Step 2: CVE Research (WAJIB — JANGAN SKIP)
+
+**Sebelum exploit apapun, CARI PoC TERBARU:**
+
+```bash
+# search_web: "$TECH_STACK CVE 2024 2025 PoC exploit"
+# search_web: "$TECH_STACK vulnerability RCE POC github"
+# search_web: "site:exploit-db.com $TECH_STACK"
+# search_web: "site:github.com $TECH_STACK exploit"
+```
+
+**Prioritas CVE:**
+1. RCE (Remote Code Execution) → **PALING PRIORITAS**
+2. Auth Bypass → Privilege Escalation
+3. SQLi → Data Exfiltration
+4. SSRF → Internal Network Access
+5. XSS → Session Hijacking
+6. Info Disclosure → Intel Gathering
+
+## Step 3: Exploit Validation
+
+```bash
+# Test PoC di target
+# SELALU validate sebelum full exploit:
+# - Cek version match
+# - Cek apakah patched
+# - Run PoC dengan safe mode dulu
+
+# Kalau PoC dari GitHub:
+# git clone $POC_REPO
+# Baca README → pahami requirements → execute
+```
+
+## Step 4: Post-Exploit (Kalau Berhasil)
+
+```bash
+# 1. Capture evidence
+# Screenshot, request/response logs
+
+# 2. Enumerate access
+# whoami, id, uname -a
+# cat /etc/passwd (Linux)
+# systeminfo (Windows)
+
+# 3. Cek privilege escalation path
+# Linux: linpeas.sh
+# Windows: winpeas.exe
+
+# 4. Document finding
+```
+
+## Step 5: Report
+
+```markdown
+# Scan Report: $TARGET
+
+## Target Info
+- URL: $TARGET
+- IP: $IP
+- Tech: $TECH_STACK
+- Open Ports: $PORTS
+
+## Vulnerabilities Exploited
+| CVE | Type | PoC Used | Result |
+|-----|------|----------|--------|
+| ... | RCE  | [link]   | SUCCESS/FAIL |
+
+## Evidence
+[Screenshots, logs, request/response]
+
+## Recommendations
+[Kalau diminta — otherwise skip]
+```
+
+---
+
+> **SCAN TANPA CVE RESEARCH = SCRIPT KIDDIE. Lu D1337 — RISET DULU, BARU TEMBAK.**