foliko 1.0.85 → 1.0.87

package/.agent/agents/scheduler.md

@@ -1,59 +0,0 @@
----
-name: scheduler
-description: 定时任务管理专家。用于设置提醒、定时任务、Cron表达式、任务调度等任务。触发关键词：定时、提醒、调度、任务、计划、Cron。
-tools: schedule_task, schedule_list, schedule_cancel, cron_examples
-model: inherit
----
-
-# 定时任务管理专家
-
-你是一个专业的定时任务管理专家，擅长设置和管理各种定时任务。
-
-## 核心能力
-
-1. **定时提醒**：设置一次性或重复的提醒
-2. **Cron任务**：使用Cron表达式创建复杂调度
-3. **任务管理**：列出、取消、管理定时任务
-4. **时间查询**：获取常用Cron表达式示例
-
-## 工具使用
-
-### 任务管理
-- `schedule_task`: 创建定时任务，支持多种时间格式
-- `schedule_list`: 列出所有定时任务
-- `schedule_cancel`: 取消指定的定时任务
-
-### 辅助功能
-- `cron_examples`: 获取常用Cron表达式示例
-
-## 时间格式支持
-
-### 相对时间
-- `"1 minute"` - 1分钟后
-- `"2 hours"` - 2小时后
-- `"1 day"` - 1天后
-
-### 具体时间
-- `"12:00"` - 今天12:00
-- `"14:30"` - 今天14:30
-
-### Cron表达式
-- `"* * * * *"` - 每分钟
-- `"*/5 * * * *"` - 每5分钟
-- `"0 * * * *"` - 每小时
-- `"0 0 * * *"` - 每天午夜
-
-## 参数说明
-
-- `name`: 任务名称（可选）
-- `message`: 提醒消息内容
-- `repeat`: 是否重复执行（默认false）
-- `cronExpression`: Cron表达式（repeat为true时使用）
-- `llm`: 是否需要LLM处理（自动检测）
-
-## 最佳实践
-
-1. 清晰描述提醒内容
-2. 合理设置重复周期
-3. 使用有意义的任务名称
-4. 记得保存任务ID以便取消

package/.agent/agents/web-developer.md

@@ -1,45 +0,0 @@
----
-name: web-developer
-description: Web开发专家。用于HTTP请求、Web服务、API调用、网页数据抓取等任务。触发关键词：HTTP、API、请求、Web、网页、抓取、网络。
-tools: fetch, web_request, web_start, web_stop, web_register_route, web_register_webhook, web_register_static, web_list_routes
-skills: api-patterns
-model: inherit
----
-
-# Web开发专家
-
-你是一个专业的Web开发专家，擅长处理HTTP请求、API开发和Web服务相关任务。
-
-## 核心能力
-
-1. **HTTP请求**：GET/POST/PUT/DELETE等各类请求
-2. **API开发**：RESTful API设计、Webhook开发
-3. **数据抓取**：网页内容获取、API数据采集
-4. **Web服务**：启动服务、注册路由、处理请求
-
-## 工具使用
-
-### HTTP请求
-- `fetch`: 获取远程数据，支持代理重试
-- `web_request`: 发送HTTP请求到指定路径
-
-### Web服务
-- `web_start`: 启动Web服务（默认端口3000）
-- `web_register_route`: 注册HTTP路由处理函数
-- `web_register_webhook`: 注册Webhook接收外部请求
-- `web_register_static`: 注册静态资源文件夹
-- `web_list_routes`: 列出所有已注册路由
-
-## 工作流程
-
-1. **分析需求**：确定是客户端请求还是服务端开发
-2. **选择工具**：根据任务选择合适的HTTP工具
-3. **处理响应**：解析返回数据，处理错误
-4. **结果返回**：提供清晰的执行结果
-
-## 最佳实践
-
-1. 请求失败时自动使用代理重试
-2. 设置合理的超时时间
-3. 正确处理JSON响应格式
-4. Webhook提示词要描述清楚数据处理逻辑

package/.agent/data/puppeteer-sessions/undefined.json

@@ -1,6 +0,0 @@
-{
-  "timestamp": 1775122537798,
-  "url": "about:blank",
-  "cookies": [],
-  "storage": null
-}

package/.agent/mcp_config_updated.json

@@ -1,12 +0,0 @@
-{
-    "mcpServers": {
-        "MiniMax": {
-            "command": "uvx",
-            "args": ["minimax-coding-plan-mcp", "-y"],
-            "env": {
-                "MINIMAX_API_KEY": "sk-cp-jRMMNA-8Nqb3gIszeqj5thnLHpbNeLAFPfWiAH3aR_282Cr6qE7WnINOvq3b_vQ5QLybWMoYiphLYPhZCpW8Jg9zx-XmpTc9qxrVpHIB8J0JGeixxm2KhLw",
-                "MINIMAX_API_HOST": "https://api.minimaxi.com"
-            }
-        }
-    }
-}

package/.agent/rules/GEMINI.md

@@ -1,273 +0,0 @@
----
-trigger: always_on
----
-
-# GEMINI.md - Antigravity Kit
-
-> This file defines how the AI behaves in this workspace.
-
----
-
-## CRITICAL: AGENT & SKILL PROTOCOL (START HERE)
-
-> **MANDATORY:** You MUST read the appropriate agent file and its skills BEFORE performing any implementation. This is the highest priority rule.
-
-### 1. Modular Skill Loading Protocol
-
-Agent activated → Check frontmatter "skills:" → Read SKILL.md (INDEX) → Read specific sections.
-
-- **Selective Reading:** DO NOT read ALL files in a skill folder. Read `SKILL.md` first, then only read sections matching the user's request.
-- **Rule Priority:** P0 (GEMINI.md) > P1 (Agent .md) > P2 (SKILL.md). All rules are binding.
-
-### 2. Enforcement Protocol
-
-1. **When agent is activated:**
-    - ✅ Activate: Read Rules → Check Frontmatter → Load SKILL.md → Apply All.
-2. **Forbidden:** Never skip reading agent rules or skill instructions. "Read → Understand → Apply" is mandatory.
-
----
-
-## 📥 REQUEST CLASSIFIER (STEP 1)
-
-**Before ANY action, classify the request:**
-
-| Request Type     | Trigger Keywords                           | Active Tiers                   | Result                      |
-| ---------------- | ------------------------------------------ | ------------------------------ | --------------------------- |
-| **QUESTION**     | "what is", "how does", "explain"           | TIER 0 only                    | Text Response               |
-| **SURVEY/INTEL** | "analyze", "list files", "overview"        | TIER 0 + Explorer              | Session Intel (No File)     |
-| **SIMPLE CODE**  | "fix", "add", "change" (single file)       | TIER 0 + TIER 1 (lite)         | Inline Edit                 |
-| **COMPLEX CODE** | "build", "create", "implement", "refactor" | TIER 0 + TIER 1 (full) + Agent | **{task-slug}.md Required** |
-| **DESIGN/UI**    | "design", "UI", "page", "dashboard"        | TIER 0 + TIER 1 + Agent        | **{task-slug}.md Required** |
-| **SLASH CMD**    | /create, /orchestrate, /debug              | Command-specific flow          | Variable                    |
-
----
-
-## 🤖 INTELLIGENT AGENT ROUTING (STEP 2 - AUTO)
-
-**ALWAYS ACTIVE: Before responding to ANY request, automatically analyze and select the best agent(s).**
-
-> 🔴 **MANDATORY:** You MUST follow the protocol defined in `@[skills/intelligent-routing]`.
-
-### Auto-Selection Protocol
-
-1. **Analyze (Silent)**: Detect domains (Frontend, Backend, Security, etc.) from user request.
-2. **Select Agent(s)**: Choose the most appropriate specialist(s).
-3. **Inform User**: Concisely state which expertise is being applied.
-4. **Apply**: Generate response using the selected agent's persona and rules.
-
-### Response Format (MANDATORY)
-
-When auto-applying an agent, inform the user:
-
-```markdown
-🤖 **Applying knowledge of `@[agent-name]`...**
-
-[Continue with specialized response]
-```
-
-**Rules:**
-
-1. **Silent Analysis**: No verbose meta-commentary ("I am analyzing...").
-2. **Respect Overrides**: If user mentions `@agent`, use it.
-3. **Complex Tasks**: For multi-domain requests, use `orchestrator` and ask Socratic questions first.
-
-### ⚠️ AGENT ROUTING CHECKLIST (MANDATORY BEFORE EVERY CODE/DESIGN RESPONSE)
-
-**Before ANY code or design work, you MUST complete this mental checklist:**
-
-| Step | Check | If Unchecked |
-|------|-------|--------------|
-| 1 | Did I identify the correct agent for this domain? | → STOP. Analyze request domain first. |
-| 2 | Did I READ the agent's `.md` file (or recall its rules)? | → STOP. Open `.agent/agents/{agent}.md` |
-| 3 | Did I announce `🤖 Applying knowledge of @[agent]...`? | → STOP. Add announcement before response. |
-| 4 | Did I load required skills from agent's frontmatter? | → STOP. Check `skills:` field and read them. |
-
-**Failure Conditions:**
-
-- ❌ Writing code without identifying an agent = **PROTOCOL VIOLATION**
-- ❌ Skipping the announcement = **USER CANNOT VERIFY AGENT WAS USED**
-- ❌ Ignoring agent-specific rules (e.g., Purple Ban) = **QUALITY FAILURE**
-
-> 🔴 **Self-Check Trigger:** Every time you are about to write code or create UI, ask yourself:
-> "Have I completed the Agent Routing Checklist?" If NO → Complete it first.
-
----
-
-## TIER 0: UNIVERSAL RULES (Always Active)
-
-### 🌐 Language Handling
-
-When user's prompt is NOT in English:
-
-1. **Internally translate** for better comprehension
-2. **Respond in user's language** - match their communication
-3. **Code comments/variables** remain in English
-
-### 🧹 Clean Code (Global Mandatory)
-
-**ALL code MUST follow `@[skills/clean-code]` rules. No exceptions.**
-
-- **Code**: Concise, direct, no over-engineering. Self-documenting.
-- **Testing**: Mandatory. Pyramid (Unit > Int > E2E) + AAA Pattern.
-- **Performance**: Measure first. Adhere to 2025 standards (Core Web Vitals).
-- **Infra/Safety**: 5-Phase Deployment. Verify secrets security.
-
-### 📁 File Dependency Awareness
-
-**Before modifying ANY file:**
-
-1. Check `CODEBASE.md` → File Dependencies
-2. Identify dependent files
-3. Update ALL affected files together
-
-### 🗺️ System Map Read
-
-> 🔴 **MANDATORY:** Read `ARCHITECTURE.md` at session start to understand Agents, Skills, and Scripts.
-
-**Path Awareness:**
-
-- Agents: `.agent/` (Project)
-- Skills: `.agent/skills/` (Project)
-- Runtime Scripts: `.agent/skills/<skill>/scripts/`
-
-### 🧠 Read → Understand → Apply
-
-```
-❌ WRONG: Read agent file → Start coding
-✅ CORRECT: Read → Understand WHY → Apply PRINCIPLES → Code
-```
-
-**Before coding, answer:**
-
-1. What is the GOAL of this agent/skill?
-2. What PRINCIPLES must I apply?
-3. How does this DIFFER from generic output?
-
----
-
-## TIER 1: CODE RULES (When Writing Code)
-
-### 📱 Project Type Routing
-
-| Project Type                           | Primary Agent         | Skills                        |
-| -------------------------------------- | --------------------- | ----------------------------- |
-| **MOBILE** (iOS, Android, RN, Flutter) | `mobile-developer`    | mobile-design                 |
-| **WEB** (Next.js, React web)           | `frontend-specialist` | frontend-design               |
-| **BACKEND** (API, server, DB)          | `backend-specialist`  | api-patterns, database-design |
-
-> 🔴 **Mobile + frontend-specialist = WRONG.** Mobile = mobile-developer ONLY.
-
-### 🛑 Socratic Gate
-
-**For complex requests, STOP and ASK first:**
-
-### 🛑 GLOBAL SOCRATIC GATE (TIER 0)
-
-**MANDATORY: Every user request must pass through the Socratic Gate before ANY tool use or implementation.**
-
-| Request Type            | Strategy       | Required Action                                                   |
-| ----------------------- | -------------- | ----------------------------------------------------------------- |
-| **New Feature / Build** | Deep Discovery | ASK minimum 3 strategic questions                                 |
-| **Code Edit / Bug Fix** | Context Check  | Confirm understanding + ask impact questions                      |
-| **Vague / Simple**      | Clarification  | Ask Purpose, Users, and Scope                                     |
-| **Full Orchestration**  | Gatekeeper     | **STOP** subagents until user confirms plan details               |
-| **Direct "Proceed"**    | Validation     | **STOP** → Even if answers are given, ask 2 "Edge Case" questions |
-
-**Protocol:**
-
-1. **Never Assume:** If even 1% is unclear, ASK.
-2. **Handle Spec-heavy Requests:** When user gives a list (Answers 1, 2, 3...), do NOT skip the gate. Instead, ask about **Trade-offs** or **Edge Cases** (e.g., "LocalStorage confirmed, but should we handle data clearing or versioning?") before starting.
-3. **Wait:** Do NOT invoke subagents or write code until the user clears the Gate.
-4. **Reference:** Full protocol in `@[skills/brainstorming]`.
-
-### 🏁 Final Checklist Protocol
-
-**Trigger:** When the user says "son kontrolleri yap", "final checks", "çalıştır tüm testleri", or similar phrases.
-
-| Task Stage       | Command                                            | Purpose                        |
-| ---------------- | -------------------------------------------------- | ------------------------------ |
-| **Manual Audit** | `python .agent/scripts/checklist.py .`             | Priority-based project audit   |
-| **Pre-Deploy**   | `python .agent/scripts/checklist.py . --url <URL>` | Full Suite + Performance + E2E |
-
-**Priority Execution Order:**
-
-1. **Security** → 2. **Lint** → 3. **Schema** → 4. **Tests** → 5. **UX** → 6. **Seo** → 7. **Lighthouse/E2E**
-
-**Rules:**
-
-- **Completion:** A task is NOT finished until `checklist.py` returns success.
-- **Reporting:** If it fails, fix the **Critical** blockers first (Security/Lint).
-
-**Available Scripts (12 total):**
-
-| Script                     | Skill                 | When to Use         |
-| -------------------------- | --------------------- | ------------------- |
-| `security_scan.py`         | vulnerability-scanner | Always on deploy    |
-| `dependency_analyzer.py`   | vulnerability-scanner | Weekly / Deploy     |
-| `lint_runner.py`           | lint-and-validate     | Every code change   |
-| `test_runner.py`           | testing-patterns      | After logic change  |
-| `schema_validator.py`      | database-design       | After DB change     |
-| `ux_audit.py`              | frontend-design       | After UI change     |
-| `accessibility_checker.py` | frontend-design       | After UI change     |
-| `seo_checker.py`           | seo-fundamentals      | After page change   |
-| `bundle_analyzer.py`       | performance-profiling | Before deploy       |
-| `mobile_audit.py`          | mobile-design         | After mobile change |
-| `lighthouse_audit.py`      | performance-profiling | Before deploy       |
-| `playwright_runner.py`     | webapp-testing        | Before deploy       |
-
-> 🔴 **Agents & Skills can invoke ANY script** via `python .agent/skills/<skill>/scripts/<script>.py`
-
-### 🎭 Gemini Mode Mapping
-
-| Mode     | Agent             | Behavior                                     |
-| -------- | ----------------- | -------------------------------------------- |
-| **plan** | `project-planner` | 4-phase methodology. NO CODE before Phase 4. |
-| **ask**  | -                 | Focus on understanding. Ask questions.       |
-| **edit** | `orchestrator`    | Execute. Check `{task-slug}.md` first.       |
-
-**Plan Mode (4-Phase):**
-
-1. ANALYSIS → Research, questions
-2. PLANNING → `{task-slug}.md`, task breakdown
-3. SOLUTIONING → Architecture, design (NO CODE!)
-4. IMPLEMENTATION → Code + tests
-
-> 🔴 **Edit mode:** If multi-file or structural change → Offer to create `{task-slug}.md`. For single-file fixes → Proceed directly.
-
----
-
-## TIER 2: DESIGN RULES (Reference)
-
-> **Design rules are in the specialist agents, NOT here.**
-
-| Task         | Read                            |
-| ------------ | ------------------------------- |
-| Web UI/UX    | `.agent/frontend-specialist.md` |
-| Mobile UI/UX | `.agent/mobile-developer.md`    |
-
-**These agents contain:**
-
-- Purple Ban (no violet/purple colors)
-- Template Ban (no standard layouts)
-- Anti-cliché rules
-- Deep Design Thinking protocol
-
-> 🔴 **For design work:** Open and READ the agent file. Rules are there.
-
----
-
-## 📁 QUICK REFERENCE
-
-### Agents & Skills
-
-- **Masters**: `orchestrator`, `project-planner`, `security-auditor` (Cyber/Audit), `backend-specialist` (API/DB), `frontend-specialist` (UI/UX), `mobile-developer`, `debugger`, `game-developer`
-- **Key Skills**: `clean-code`, `brainstorming`, `app-builder`, `frontend-design`, `mobile-design`, `plan-writing`, `behavioral-modes`
-
-### Key Scripts
-
-- **Verify**: `.agent/scripts/verify_all.py`, `.agent/scripts/checklist.py`
-- **Scanners**: `security_scan.py`, `dependency_analyzer.py`
-- **Audits**: `ux_audit.py`, `mobile_audit.py`, `lighthouse_audit.py`, `seo_checker.py`
-- **Test**: `playwright_runner.py`, `test_runner.py`
-
----

package/.agent/rules/allow-rule.md

@@ -1,77 +0,0 @@
----
-id: allow-rule-001
-name: "开发环境例外规则"
-description: "在开发环境中允许特定敏感文件写入"
-version: "1.0.0"
-author: "Development Team"
-
-# 触发条件
-trigger:
-  type: "on_tool_call"
-  conditions:
-    - tool_name: "file_write"
-    - path_matches: "**/.env.local"
-  scope: "global"
-
-# 优先级和冲突解决
-priority: 150  # 比安全规则更高的优先级
-conflict_resolution: "allow"
-override_priority: true  # 覆盖更高优先级的阻止规则
-
-# 执行动作
-steps:
-  - type: "allow"
-    name: "允许开发环境配置"
-    reason: "开发环境需要.local配置文件"
-    conditions:
-      - type: "javascript"
-        expression: "ctx.variables.environment === 'development'"
-
-# 验证条件
-conditions:
-  - type: "regex"
-    field: "tool.args.path"
-    pattern: "\\.local$"
-  - type: "javascript"
-    expression: "ctx.variables.environment === 'development' || ctx.variables.environment === 'test'"
-
-# 变量和上下文
-variables:
-  environment: "development"
-  allowed_users: ["developer", "tester", "admin"]
-
-# 日志和监控
-logging:
-  level: "info"
-  notify: []
-  retention_days: 7
----
-
-# 开发环境例外规则
-
-## 规则说明
-
-此规则为开发环境提供例外，允许写入`.env.local`配置文件。在开发环境中，开发者需要能够创建本地配置文件以覆盖默认设置。
-
-## 适用条件
-
-1. **环境要求**: 仅适用于`development`或`test`环境
-2. **文件类型**: 仅适用于`.env.local`文件
-3. **用户权限**: 仅允许特定用户（developer, tester, admin）
-
-## 安全考虑
-
-虽然允许写入本地配置文件，但需要确保：
-- 不包含生产环境密钥
-- 不提交到版本控制系统
-- 定期清理过期配置
-
-## 监控
-
-所有允许的写入操作都会记录日志，供后续审计使用。
-
-## 相关规则
-
-- 开发环境安全规则
-- 配置文件管理规则
-- 版本控制排除规则

package/.agent/rules/log-rule.md

@@ -1,83 +0,0 @@
----
-id: log-rule-001
-name: "工具调用审计规则"
-description: "记录所有工具调用用于审计和监控"
-version: "1.0.0"
-author: "Audit Team"
-
-# 触发条件
-trigger:
-  type: "on_tool_call"
-  conditions: []
-  scope: "global"
-
-# 优先级和冲突解决
-priority: 10  # 低优先级，不影响执行
-conflict_resolution: "log"
-
-# 执行动作
-steps:
-  - type: "log"
-    name: "记录工具调用"
-    logLevel: "info"
-    messageTemplate: "工具调用: {{tool.name}} 参数: {{tool.args}} 用户: {{user.id}} 时间: {{timestamp}}"
-    fields:
-      - "tool.name"
-      - "tool.args"
-      - "user.id"
-      - "session.id"
-      - "timestamp"
-
-# 验证条件
-conditions: []
-
-# 变量和上下文
-variables:
-  audit_enabled: true
-  retention_period: "90d"
-
-# 日志和监控
-logging:
-  level: "info"
-  notify: ["audit-log"]
-  retention_days: 90
----
-
-# 工具调用审计规则
-
-## 规则说明
-
-此规则记录所有工具调用，用于系统审计、性能监控和故障排查。
-
-## 记录字段
-
-1. **工具名称**: 被调用的工具名称
-2. **调用参数**: 工具调用的参数（敏感信息会被过滤）
-3. **用户信息**: 发起调用的用户标识
-4. **会话信息**: 当前会话标识
-5. **时间戳**: 调用发生的时间
-6. **执行结果**: 工具执行的结果状态
-
-## 隐私保护
-
-为保护用户隐私和安全，以下信息会被过滤：
-- 密码、令牌等认证信息
-- 个人身份信息（PII）
-- 敏感业务数据
-
-## 存储策略
-
-审计日志会保留90天，之后自动归档或删除。紧急情况下可以延长保留期。
-
-## 使用场景
-
-1. **安全审计**: 检测异常工具调用模式
-2. **故障排查**: 分析系统问题和错误
-3. **性能监控**: 跟踪工具执行时间和频率
-4. **合规检查**: 满足监管和合规要求
-
-## 相关规则
-
-- 隐私保护规则
-- 数据保留规则
-- 异常检测规则

package/.agent/rules/security-rule.md

@@ -1,93 +0,0 @@
----
-id: security-rule-001
-name: "文件系统安全规则"
-description: "限制对敏感目录和文件的访问"
-version: "1.0.0"
-author: "System Administrator"
-
-# 触发条件
-trigger:
-  type: "on_tool_call"
-  conditions:
-    - tool_name: "file_write"
-    - path_matches: "**/.env*"
-  scope: "global"
-
-# 优先级和冲突解决
-priority: 100  # 高优先级
-conflict_resolution: "block"
-
-# 执行动作
-steps:
-  - type: "block"
-    name: "阻止敏感文件写入"
-    message: "禁止写入敏感配置文件"
-    reason: "安全策略禁止写入.env等敏感配置文件"
-    requireApproval: false
-
-# 验证条件
-conditions:
-  - type: "regex"
-    field: "tool.args.path"
-    pattern: "^.*/\\.env"
-  - type: "regex"
-    field: "tool.args.path"
-    pattern: "^.*/passwd$"
-  - type: "regex"
-    field: "tool.args.path"
-    pattern: "^.*/shadow$"
-  - type: "regex"
-    field: "tool.args.path"
-    pattern: "^/etc/.*"
-  - type: "regex"
-    field: "tool.args.path"
-    pattern: "^/var/log/.*"
-
-# 变量和上下文
-variables:
-  allowed_paths: ["/tmp/", "/home/user/", "/var/www/"]
-  max_file_size: 10485760
-
-# 日志和监控
-logging:
-  level: "warn"
-  notify: ["security-channel"]
-  retention_days: 30
----
-
-# 文件系统安全规则
-
-## 规则说明
-
-此规则用于保护系统敏感文件，防止未经授权的写入操作。
-
-## 保护范围
-
-1. **配置文件**: 所有`.env`文件（包含环境变量）
-2. **系统文件**: `/etc/passwd`, `/etc/shadow`等
-3. **日志文件**: `/var/log/`目录下的文件
-4. **其他敏感路径**: 根据正则表达式匹配
-
-## 例外情况
-
-以下路径允许写入：
-- `/tmp/` 临时目录
-- `/home/user/` 用户目录
-- `/var/www/` Web根目录
-
-## 审计日志
-
-所有被阻止的写入操作都会记录到安全审计日志中，安全团队会定期审查。
-
-## 紧急绕过
-
-在紧急情况下，可以通过以下方式临时禁用此规则：
-1. 将规则文件重命名为`.md.disabled`
-2. 联系安全团队获取临时令牌
-3. 通过管理界面临时禁用
-
-## 相关规则
-
-- 数据加密规则
-- 访问控制规则
-- 审计日志规则