mcp-ai-agent-guidelines 0.7.2 → 0.7.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +236 -9
- package/dist/index.js +487 -5
- package/dist/index.js.map +1 -1
- package/dist/prompts/index.d.ts +18 -0
- package/dist/prompts/index.d.ts.map +1 -1
- package/dist/prompts/index.js +127 -492
- package/dist/prompts/index.js.map +1 -1
- package/dist/resources/structured.d.ts.map +1 -1
- package/dist/resources/structured.js +410 -0
- package/dist/resources/structured.js.map +1 -1
- package/dist/schemas/flow-tool-schemas.d.ts +167 -0
- package/dist/schemas/flow-tool-schemas.d.ts.map +1 -0
- package/dist/schemas/flow-tool-schemas.js +149 -0
- package/dist/schemas/flow-tool-schemas.js.map +1 -0
- package/dist/tools/bridge/index.d.ts +83 -0
- package/dist/tools/bridge/index.d.ts.map +1 -0
- package/dist/tools/bridge/index.js +85 -0
- package/dist/tools/bridge/index.js.map +1 -0
- package/dist/tools/bridge/project-onboarding-bridge.d.ts +54 -0
- package/dist/tools/bridge/project-onboarding-bridge.d.ts.map +1 -0
- package/dist/tools/bridge/project-onboarding-bridge.js +220 -0
- package/dist/tools/bridge/project-onboarding-bridge.js.map +1 -0
- package/dist/tools/bridge/semantic-analyzer-bridge.d.ts +47 -0
- package/dist/tools/bridge/semantic-analyzer-bridge.d.ts.map +1 -0
- package/dist/tools/bridge/semantic-analyzer-bridge.js +174 -0
- package/dist/tools/bridge/semantic-analyzer-bridge.js.map +1 -0
- package/dist/tools/clean-code-scorer.d.ts +7 -0
- package/dist/tools/clean-code-scorer.d.ts.map +1 -0
- package/dist/tools/clean-code-scorer.js +359 -0
- package/dist/tools/clean-code-scorer.js.map +1 -0
- package/dist/tools/code-hygiene-analyzer.js +181 -9
- package/dist/tools/code-hygiene-analyzer.js.map +1 -1
- package/dist/tools/config/guidelines-config.d.ts +2 -14
- package/dist/tools/config/guidelines-config.d.ts.map +1 -1
- package/dist/tools/config/guidelines-config.js +45 -6
- package/dist/tools/config/guidelines-config.js.map +1 -1
- package/dist/tools/config/model-config.d.ts +2 -23
- package/dist/tools/config/model-config.d.ts.map +1 -1
- package/dist/tools/config/model-config.js.map +1 -1
- package/dist/tools/config/types/guidelines.types.d.ts +15 -0
- package/dist/tools/config/types/guidelines.types.d.ts.map +1 -0
- package/dist/tools/config/types/guidelines.types.js +3 -0
- package/dist/tools/config/types/guidelines.types.js.map +1 -0
- package/dist/tools/config/types/index.d.ts +3 -0
- package/dist/tools/config/types/index.d.ts.map +1 -0
- package/dist/tools/config/types/index.js +3 -0
- package/dist/tools/config/types/index.js.map +1 -0
- package/dist/tools/config/types/model.types.d.ts +24 -0
- package/dist/tools/config/types/model.types.d.ts.map +1 -0
- package/dist/tools/config/types/model.types.js +3 -0
- package/dist/tools/config/types/model.types.js.map +1 -0
- package/dist/tools/design/adr-generator.d.ts +1 -1
- package/dist/tools/design/adr-generator.d.ts.map +1 -1
- package/dist/tools/design/adr-generator.js +5 -1
- package/dist/tools/design/adr-generator.js.map +1 -1
- package/dist/tools/design/confirmation-module.d.ts +1 -1
- package/dist/tools/design/confirmation-module.d.ts.map +1 -1
- package/dist/tools/design/confirmation-module.js +2 -0
- package/dist/tools/design/confirmation-module.js.map +1 -1
- package/dist/tools/design/confirmation-prompt-builder.d.ts +1 -1
- package/dist/tools/design/confirmation-prompt-builder.d.ts.map +1 -1
- package/dist/tools/design/confirmation-prompt-builder.js +5 -1
- package/dist/tools/design/confirmation-prompt-builder.js.map +1 -1
- package/dist/tools/design/constraint-consistency-enforcer.d.ts +1 -1
- package/dist/tools/design/constraint-consistency-enforcer.d.ts.map +1 -1
- package/dist/tools/design/constraint-consistency-enforcer.js +6 -1
- package/dist/tools/design/constraint-consistency-enforcer.js.map +1 -1
- package/dist/tools/design/constraint-manager.d.ts +9 -9
- package/dist/tools/design/constraint-manager.d.ts.map +1 -1
- package/dist/tools/design/coverage-enforcer.d.ts +1 -1
- package/dist/tools/design/coverage-enforcer.d.ts.map +1 -1
- package/dist/tools/design/cross-session-consistency-enforcer.d.ts +1 -1
- package/dist/tools/design/cross-session-consistency-enforcer.d.ts.map +1 -1
- package/dist/tools/design/design-assistant.d.ts +1 -15
- package/dist/tools/design/design-assistant.d.ts.map +1 -1
- package/dist/tools/design/design-assistant.js +29 -853
- package/dist/tools/design/design-assistant.js.map +1 -1
- package/dist/tools/design/design-phase-workflow.d.ts +1 -1
- package/dist/tools/design/design-phase-workflow.d.ts.map +1 -1
- package/dist/tools/design/design-phase-workflow.js +15 -8
- package/dist/tools/design/design-phase-workflow.js.map +1 -1
- package/dist/tools/design/index.d.ts +1 -1
- package/dist/tools/design/index.d.ts.map +1 -1
- package/dist/tools/design/methodology-selector.d.ts +1 -1
- package/dist/tools/design/methodology-selector.d.ts.map +1 -1
- package/dist/tools/design/pivot-module.d.ts +1 -1
- package/dist/tools/design/pivot-module.d.ts.map +1 -1
- package/dist/tools/design/roadmap-generator.d.ts +1 -1
- package/dist/tools/design/roadmap-generator.d.ts.map +1 -1
- package/dist/tools/design/roadmap-generator.js.map +1 -1
- package/dist/tools/design/services/additional-operations.service.d.ts +23 -0
- package/dist/tools/design/services/additional-operations.service.d.ts.map +1 -0
- package/dist/tools/design/services/additional-operations.service.js +215 -0
- package/dist/tools/design/services/additional-operations.service.js.map +1 -0
- package/dist/tools/design/services/artifact-generation.service.d.ts +19 -0
- package/dist/tools/design/services/artifact-generation.service.d.ts.map +1 -0
- package/dist/tools/design/services/artifact-generation.service.js +171 -0
- package/dist/tools/design/services/artifact-generation.service.js.map +1 -0
- package/dist/tools/design/services/consistency.service.d.ts +24 -0
- package/dist/tools/design/services/consistency.service.d.ts.map +1 -0
- package/dist/tools/design/services/consistency.service.js +196 -0
- package/dist/tools/design/services/consistency.service.js.map +1 -0
- package/dist/tools/design/services/index.d.ts +7 -0
- package/dist/tools/design/services/index.d.ts.map +1 -0
- package/dist/tools/design/services/index.js +9 -0
- package/dist/tools/design/services/index.js.map +1 -0
- package/dist/tools/design/services/phase-management.service.d.ts +25 -0
- package/dist/tools/design/services/phase-management.service.d.ts.map +1 -0
- package/dist/tools/design/services/phase-management.service.js +133 -0
- package/dist/tools/design/services/phase-management.service.js.map +1 -0
- package/dist/tools/design/services/session-management.service.d.ts +23 -0
- package/dist/tools/design/services/session-management.service.d.ts.map +1 -0
- package/dist/tools/design/services/session-management.service.js +190 -0
- package/dist/tools/design/services/session-management.service.js.map +1 -0
- package/dist/tools/design/spec-generator.d.ts +1 -1
- package/dist/tools/design/spec-generator.d.ts.map +1 -1
- package/dist/tools/design/spec-generator.js +3 -3
- package/dist/tools/design/spec-generator.js.map +1 -1
- package/dist/tools/design/strategic-pivot-prompt-builder.d.ts +1 -1
- package/dist/tools/design/strategic-pivot-prompt-builder.d.ts.map +1 -1
- package/dist/tools/design/types/artifact.types.d.ts +16 -0
- package/dist/tools/design/types/artifact.types.d.ts.map +1 -0
- package/dist/tools/design/types/artifact.types.js +3 -0
- package/dist/tools/design/types/artifact.types.js.map +1 -0
- package/dist/tools/design/types/common.types.d.ts +8 -0
- package/dist/tools/design/types/common.types.d.ts.map +1 -0
- package/dist/tools/design/types/common.types.js +3 -0
- package/dist/tools/design/types/common.types.js.map +1 -0
- package/dist/tools/design/types/consistency.types.d.ts +130 -0
- package/dist/tools/design/types/consistency.types.d.ts.map +1 -0
- package/dist/tools/design/types/consistency.types.js +3 -0
- package/dist/tools/design/types/consistency.types.js.map +1 -0
- package/dist/tools/design/types/constraint.types.d.ts +53 -0
- package/dist/tools/design/types/constraint.types.d.ts.map +1 -0
- package/dist/tools/design/types/constraint.types.js +3 -0
- package/dist/tools/design/types/constraint.types.js.map +1 -0
- package/dist/tools/design/types/coverage.types.d.ts +59 -0
- package/dist/tools/design/types/coverage.types.d.ts.map +1 -0
- package/dist/tools/design/types/coverage.types.js +3 -0
- package/dist/tools/design/types/coverage.types.js.map +1 -0
- package/dist/tools/design/types/index.d.ts +9 -0
- package/dist/tools/design/types/index.d.ts.map +1 -0
- package/dist/tools/design/types/index.js +4 -0
- package/dist/tools/design/types/index.js.map +1 -0
- package/dist/tools/design/types/methodology.types.d.ts +53 -0
- package/dist/tools/design/types/methodology.types.d.ts.map +1 -0
- package/dist/tools/design/types/methodology.types.js +3 -0
- package/dist/tools/design/types/methodology.types.js.map +1 -0
- package/dist/tools/design/types/pivot.types.d.ts +56 -0
- package/dist/tools/design/types/pivot.types.d.ts.map +1 -0
- package/dist/tools/design/types/pivot.types.js +3 -0
- package/dist/tools/design/types/pivot.types.js.map +1 -0
- package/dist/tools/design/types/session.types.d.ts +50 -0
- package/dist/tools/design/types/session.types.d.ts.map +1 -0
- package/dist/tools/design/types/session.types.js +3 -0
- package/dist/tools/design/types/session.types.js.map +1 -0
- package/dist/tools/design/types.d.ts +18 -401
- package/dist/tools/design/types.d.ts.map +1 -1
- package/dist/tools/design/types.js +17 -1
- package/dist/tools/design/types.js.map +1 -1
- package/dist/tools/guidelines-validator.js +3 -3
- package/dist/tools/mermaid-diagram-generator.d.ts.map +1 -1
- package/dist/tools/mermaid-diagram-generator.js +712 -58
- package/dist/tools/mermaid-diagram-generator.js.map +1 -1
- package/dist/tools/mode-switcher.d.ts +21 -0
- package/dist/tools/mode-switcher.d.ts.map +1 -0
- package/dist/tools/mode-switcher.js +383 -0
- package/dist/tools/mode-switcher.js.map +1 -0
- package/dist/tools/project-onboarding.d.ts +7 -0
- package/dist/tools/project-onboarding.d.ts.map +1 -0
- package/dist/tools/project-onboarding.js +344 -0
- package/dist/tools/project-onboarding.js.map +1 -0
- package/dist/tools/prompt/architecture-design-prompt-builder.d.ts +7 -0
- package/dist/tools/prompt/architecture-design-prompt-builder.d.ts.map +1 -0
- package/dist/tools/prompt/architecture-design-prompt-builder.js +143 -0
- package/dist/tools/prompt/architecture-design-prompt-builder.js.map +1 -0
- package/dist/tools/prompt/code-analysis-prompt-builder.d.ts +7 -0
- package/dist/tools/prompt/code-analysis-prompt-builder.d.ts.map +1 -0
- package/dist/tools/prompt/code-analysis-prompt-builder.js +292 -0
- package/dist/tools/prompt/code-analysis-prompt-builder.js.map +1 -0
- package/dist/tools/prompt/debugging-assistant-prompt-builder.d.ts +7 -0
- package/dist/tools/prompt/debugging-assistant-prompt-builder.d.ts.map +1 -0
- package/dist/tools/prompt/debugging-assistant-prompt-builder.js +360 -0
- package/dist/tools/prompt/debugging-assistant-prompt-builder.js.map +1 -0
- package/dist/tools/prompt/documentation-generator-prompt-builder.d.ts +7 -0
- package/dist/tools/prompt/documentation-generator-prompt-builder.d.ts.map +1 -0
- package/dist/tools/prompt/documentation-generator-prompt-builder.js +152 -0
- package/dist/tools/prompt/documentation-generator-prompt-builder.js.map +1 -0
- package/dist/tools/prompt/domain-neutral-prompt-builder.d.ts +39 -39
- package/dist/tools/prompt/hierarchical-prompt-builder.d.ts +20 -20
- package/dist/tools/prompt/hierarchical-prompt-builder.d.ts.map +1 -1
- package/dist/tools/prompt/hierarchical-prompt-builder.js +275 -17
- package/dist/tools/prompt/hierarchical-prompt-builder.js.map +1 -1
- package/dist/tools/prompt/hierarchy-level-selector.d.ts +7 -0
- package/dist/tools/prompt/hierarchy-level-selector.d.ts.map +1 -0
- package/dist/tools/prompt/hierarchy-level-selector.js +256 -0
- package/dist/tools/prompt/hierarchy-level-selector.js.map +1 -0
- package/dist/tools/prompt/prompt-chaining-builder.d.ts +29 -0
- package/dist/tools/prompt/prompt-chaining-builder.d.ts.map +1 -0
- package/dist/tools/prompt/prompt-chaining-builder.js +212 -0
- package/dist/tools/prompt/prompt-chaining-builder.js.map +1 -0
- package/dist/tools/prompt/prompt-flow-builder.d.ts +24 -0
- package/dist/tools/prompt/prompt-flow-builder.d.ts.map +1 -0
- package/dist/tools/prompt/prompt-flow-builder.js +426 -0
- package/dist/tools/prompt/prompt-flow-builder.js.map +1 -0
- package/dist/tools/prompt/prompting-hierarchy-evaluator.d.ts +13 -0
- package/dist/tools/prompt/prompting-hierarchy-evaluator.d.ts.map +1 -0
- package/dist/tools/prompt/prompting-hierarchy-evaluator.js +372 -0
- package/dist/tools/prompt/prompting-hierarchy-evaluator.js.map +1 -0
- package/dist/tools/prompt/spark-prompt-builder.d.ts +54 -54
- package/dist/tools/prompt/types/hierarchy.types.d.ts +42 -0
- package/dist/tools/prompt/types/hierarchy.types.d.ts.map +1 -0
- package/dist/tools/prompt/types/hierarchy.types.js +23 -0
- package/dist/tools/prompt/types/hierarchy.types.js.map +1 -0
- package/dist/tools/prompt/types/index.d.ts +2 -0
- package/dist/tools/prompt/types/index.d.ts.map +1 -0
- package/dist/tools/prompt/types/index.js +3 -0
- package/dist/tools/prompt/types/index.js.map +1 -0
- package/dist/tools/semantic-code-analyzer.d.ts +7 -0
- package/dist/tools/semantic-code-analyzer.d.ts.map +1 -0
- package/dist/tools/semantic-code-analyzer.js +380 -0
- package/dist/tools/semantic-code-analyzer.js.map +1 -0
- package/dist/tools/shared/errors.d.ts +101 -0
- package/dist/tools/shared/errors.d.ts.map +1 -0
- package/dist/tools/shared/errors.js +176 -0
- package/dist/tools/shared/errors.js.map +1 -0
- package/dist/tools/shared/logger.d.ts +40 -0
- package/dist/tools/shared/logger.d.ts.map +1 -0
- package/dist/tools/shared/logger.js +53 -0
- package/dist/tools/shared/logger.js.map +1 -0
- package/dist/tools/shared/prompt-sections.d.ts +3 -7
- package/dist/tools/shared/prompt-sections.d.ts.map +1 -1
- package/dist/tools/shared/prompt-sections.js +2 -26
- package/dist/tools/shared/prompt-sections.js.map +1 -1
- package/dist/tools/shared/prompt-utils.d.ts +2 -6
- package/dist/tools/shared/prompt-utils.d.ts.map +1 -1
- package/dist/tools/shared/prompt-utils.js.map +1 -1
- package/dist/tools/shared/types/index.d.ts +3 -0
- package/dist/tools/shared/types/index.d.ts.map +1 -0
- package/dist/tools/shared/types/index.js +3 -0
- package/dist/tools/shared/types/index.js.map +1 -0
- package/dist/tools/shared/types/prompt-sections.types.d.ts +8 -0
- package/dist/tools/shared/types/prompt-sections.types.d.ts.map +1 -0
- package/dist/tools/shared/types/prompt-sections.types.js +28 -0
- package/dist/tools/shared/types/prompt-sections.types.js.map +1 -0
- package/dist/tools/shared/types/prompt-utils.types.d.ts +7 -0
- package/dist/tools/shared/types/prompt-utils.types.d.ts.map +1 -0
- package/dist/tools/shared/types/prompt-utils.types.js +3 -0
- package/dist/tools/shared/types/prompt-utils.types.js.map +1 -0
- package/dist/tools/sprint-timeline-calculator.d.ts.map +1 -1
- package/dist/tools/sprint-timeline-calculator.js +134 -28
- package/dist/tools/sprint-timeline-calculator.js.map +1 -1
- package/package.json +9 -3
package/dist/prompts/index.js
CHANGED
|
@@ -1,3 +1,28 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* MCP Prompt Handlers
|
|
3
|
+
*
|
|
4
|
+
* This module provides MCP prompt capability handlers that delegate to tool builders
|
|
5
|
+
* to generate structured prompts. This ensures a single source of truth for prompt
|
|
6
|
+
* generation logic and maintains consistency across both MCP prompts and tools.
|
|
7
|
+
*
|
|
8
|
+
* Architecture:
|
|
9
|
+
* - Prompt definitions (metadata only) are maintained here for MCP listPrompts
|
|
10
|
+
* - Prompt generation delegates to corresponding tool builders in src/tools/prompt/
|
|
11
|
+
* - Output is cleaned to remove tool-specific metadata (frontmatter, refs, etc.)
|
|
12
|
+
*
|
|
13
|
+
* Benefits:
|
|
14
|
+
* - No code duplication between prompts and tools
|
|
15
|
+
* - Consistent, high-quality prompt generation
|
|
16
|
+
* - Single place to update prompt logic
|
|
17
|
+
* - Tools can be used directly or via MCP prompts
|
|
18
|
+
*/
|
|
19
|
+
import { architectureDesignPromptBuilder } from "../tools/prompt/architecture-design-prompt-builder.js";
|
|
20
|
+
import { codeAnalysisPromptBuilder } from "../tools/prompt/code-analysis-prompt-builder.js";
|
|
21
|
+
import { debuggingAssistantPromptBuilder } from "../tools/prompt/debugging-assistant-prompt-builder.js";
|
|
22
|
+
import { documentationGeneratorPromptBuilder } from "../tools/prompt/documentation-generator-prompt-builder.js";
|
|
23
|
+
import { hierarchicalPromptBuilder } from "../tools/prompt/hierarchical-prompt-builder.js";
|
|
24
|
+
import { securityHardeningPromptBuilder } from "../tools/prompt/security-hardening-prompt-builder.js";
|
|
25
|
+
import { sparkPromptBuilder } from "../tools/prompt/spark-prompt-builder.js";
|
|
1
26
|
const prompts = [
|
|
2
27
|
{
|
|
3
28
|
name: "code-analysis-prompt",
|
|
@@ -181,525 +206,135 @@ export async function getPrompt(name, args) {
|
|
|
181
206
|
if (missingArgs.length > 0) {
|
|
182
207
|
throw new Error(`Missing required arguments: ${missingArgs.join(", ")}`);
|
|
183
208
|
}
|
|
184
|
-
let
|
|
209
|
+
let result;
|
|
210
|
+
// Delegate to the appropriate tool builder
|
|
185
211
|
switch (name) {
|
|
186
212
|
case "code-analysis-prompt":
|
|
187
|
-
|
|
213
|
+
result = await codeAnalysisPromptBuilder({
|
|
214
|
+
codebase: args.codebase,
|
|
215
|
+
focusArea: args.focus_area,
|
|
216
|
+
language: args.language,
|
|
217
|
+
includeFrontmatter: false,
|
|
218
|
+
includeMetadata: false,
|
|
219
|
+
forcePromptMdStyle: false,
|
|
220
|
+
});
|
|
188
221
|
break;
|
|
189
222
|
case "hierarchical-task-prompt":
|
|
190
|
-
|
|
223
|
+
result = await hierarchicalPromptBuilder({
|
|
224
|
+
context: "Task Breakdown",
|
|
225
|
+
goal: args.task_description,
|
|
226
|
+
audience: args.target_audience,
|
|
227
|
+
includeFrontmatter: false,
|
|
228
|
+
includeMetadata: false,
|
|
229
|
+
forcePromptMdStyle: false,
|
|
230
|
+
});
|
|
191
231
|
break;
|
|
192
232
|
case "architecture-design-prompt":
|
|
193
|
-
|
|
233
|
+
result = await architectureDesignPromptBuilder({
|
|
234
|
+
systemRequirements: args.system_requirements,
|
|
235
|
+
scale: args.scale,
|
|
236
|
+
technologyStack: args.technology_stack,
|
|
237
|
+
includeFrontmatter: false,
|
|
238
|
+
includeMetadata: false,
|
|
239
|
+
forcePromptMdStyle: false,
|
|
240
|
+
});
|
|
194
241
|
break;
|
|
195
242
|
case "debugging-assistant-prompt":
|
|
196
|
-
|
|
243
|
+
result = await debuggingAssistantPromptBuilder({
|
|
244
|
+
errorDescription: args.error_description,
|
|
245
|
+
context: args.context,
|
|
246
|
+
attemptedSolutions: args.attempted_solutions,
|
|
247
|
+
includeFrontmatter: false,
|
|
248
|
+
includeMetadata: false,
|
|
249
|
+
forcePromptMdStyle: false,
|
|
250
|
+
});
|
|
197
251
|
break;
|
|
198
252
|
case "documentation-generator-prompt":
|
|
199
|
-
|
|
253
|
+
result = await documentationGeneratorPromptBuilder({
|
|
254
|
+
contentType: args.content_type,
|
|
255
|
+
targetAudience: args.target_audience,
|
|
256
|
+
existingContent: args.existing_content,
|
|
257
|
+
includeFrontmatter: false,
|
|
258
|
+
includeMetadata: false,
|
|
259
|
+
forcePromptMdStyle: false,
|
|
260
|
+
});
|
|
200
261
|
break;
|
|
201
262
|
case "spark-ui-prompt":
|
|
202
|
-
|
|
263
|
+
result = await sparkPromptBuilder({
|
|
264
|
+
title: args.title,
|
|
265
|
+
summary: args.summary,
|
|
266
|
+
complexityLevel: "medium",
|
|
267
|
+
designDirection: args.design_direction,
|
|
268
|
+
colorSchemeType: "dark",
|
|
269
|
+
colorPurpose: "readability",
|
|
270
|
+
primaryColor: "oklch(0.7 0.2 240)",
|
|
271
|
+
primaryColorPurpose: "brand identity",
|
|
272
|
+
accentColor: "oklch(0.75 0.25 180)",
|
|
273
|
+
accentColorPurpose: "highlights",
|
|
274
|
+
fontFamily: "system-ui",
|
|
275
|
+
fontIntention: "readability",
|
|
276
|
+
fontReasoning: "standard readable font",
|
|
277
|
+
animationPhilosophy: "subtle",
|
|
278
|
+
animationRestraint: "minimal",
|
|
279
|
+
animationPurpose: "feedback",
|
|
280
|
+
animationHierarchy: "secondary",
|
|
281
|
+
spacingRule: "8px base",
|
|
282
|
+
spacingContext: "consistent",
|
|
283
|
+
mobileLayout: "responsive",
|
|
284
|
+
includeFrontmatter: false,
|
|
285
|
+
includeMetadata: false,
|
|
286
|
+
forcePromptMdStyle: false,
|
|
287
|
+
});
|
|
203
288
|
break;
|
|
204
289
|
case "security-analysis-prompt":
|
|
205
|
-
|
|
290
|
+
result = await securityHardeningPromptBuilder({
|
|
291
|
+
codeContext: args.codebase,
|
|
292
|
+
securityFocus: args.security_focus || "vulnerability-analysis",
|
|
293
|
+
language: args.language,
|
|
294
|
+
complianceStandards: Array.isArray(args.compliance_standards)
|
|
295
|
+
? args.compliance_standards
|
|
296
|
+
: args.compliance_standards
|
|
297
|
+
? [
|
|
298
|
+
args.compliance_standards,
|
|
299
|
+
]
|
|
300
|
+
: undefined,
|
|
301
|
+
riskTolerance: args.risk_tolerance,
|
|
302
|
+
includeFrontmatter: false,
|
|
303
|
+
includeMetadata: false,
|
|
304
|
+
forcePromptMdStyle: false,
|
|
305
|
+
});
|
|
206
306
|
break;
|
|
207
307
|
default:
|
|
208
308
|
throw new Error(`Unknown prompt: ${name}`);
|
|
209
309
|
}
|
|
310
|
+
// Extract the text content from the tool result and strip frontmatter/metadata
|
|
311
|
+
const text = result.content[0].text;
|
|
312
|
+
// Remove frontmatter, headers, and metadata sections for cleaner prompt output
|
|
313
|
+
let cleanText = text;
|
|
314
|
+
// Remove YAML frontmatter (everything between --- markers at the start)
|
|
315
|
+
cleanText = cleanText.replace(/^---[\s\S]*?---\s*/m, "");
|
|
316
|
+
// Remove markdown headers with emojis - use alternation instead of character class
|
|
317
|
+
cleanText = cleanText.replace(/^##\s*(?:🔍|🏗️|🐛|📚|⚡|🔒|🧭)\s*[^\n]*\n+/gmu, "");
|
|
318
|
+
// Remove metadata blocks (lines starting with >)
|
|
319
|
+
cleanText = cleanText.replace(/^>.*\n/gm, "");
|
|
320
|
+
// Remove empty lines at the start
|
|
321
|
+
cleanText = cleanText.replace(/^\s+/, "");
|
|
322
|
+
// Remove technique hints, model tips, pitfalls, references, and disclaimer sections
|
|
323
|
+
// These are added by the builders but not needed in the simple prompt format
|
|
324
|
+
cleanText = cleanText.split(/\n+#\s+(Technique Hints|Model-Specific Tips|Pitfalls to Avoid|References|Disclaimer)/)[0];
|
|
325
|
+
// Also remove "## References" and "## Disclaimer" sections if they appear
|
|
326
|
+
cleanText = cleanText.split(/\n+##\s+(References|Disclaimer)/)[0];
|
|
327
|
+
cleanText = cleanText.trim();
|
|
210
328
|
return {
|
|
211
329
|
messages: [
|
|
212
330
|
{
|
|
213
331
|
role: "user",
|
|
214
332
|
content: {
|
|
215
333
|
type: "text",
|
|
216
|
-
text:
|
|
334
|
+
text: cleanText,
|
|
217
335
|
},
|
|
218
336
|
},
|
|
219
337
|
],
|
|
220
338
|
};
|
|
221
339
|
}
|
|
222
|
-
function generateCodeAnalysisPrompt(args) {
|
|
223
|
-
const { codebase, focus_area = "general", language = "auto-detect", } = args;
|
|
224
|
-
return `# Code Analysis Request
|
|
225
|
-
|
|
226
|
-
## Context
|
|
227
|
-
You are an expert code reviewer analyzing ${language} code with a focus on ${focus_area} aspects.
|
|
228
|
-
|
|
229
|
-
## Code to Analyze
|
|
230
|
-
\`\`\`${language}
|
|
231
|
-
${codebase}
|
|
232
|
-
\`\`\`
|
|
233
|
-
|
|
234
|
-
## Analysis Requirements
|
|
235
|
-
1. **Code Quality Assessment**
|
|
236
|
-
- Readability and maintainability
|
|
237
|
-
- Code structure and organization
|
|
238
|
-
- Naming conventions and clarity
|
|
239
|
-
|
|
240
|
-
2. **${focus_area === "security" ? "Security Analysis" : focus_area === "performance" ? "Performance Analysis" : "Maintainability Analysis"}**
|
|
241
|
-
${focus_area === "security"
|
|
242
|
-
? "- Identify potential security vulnerabilities\n - Check for input validation issues\n - Review authentication and authorization\n - Analyze data exposure risks"
|
|
243
|
-
: focus_area === "performance"
|
|
244
|
-
? "- Identify performance bottlenecks\n - Analyze algorithm complexity\n - Review resource usage patterns\n - Suggest optimization opportunities"
|
|
245
|
-
: "- Assess code maintainability\n - Check for code duplication\n - Review module coupling\n - Analyze technical debt"}
|
|
246
|
-
|
|
247
|
-
3. **Best Practices Compliance**
|
|
248
|
-
- Language-specific best practices
|
|
249
|
-
- Design pattern usage
|
|
250
|
-
- Error handling implementation
|
|
251
|
-
|
|
252
|
-
## Output Format
|
|
253
|
-
- **Summary**: Brief overview of code quality
|
|
254
|
-
- **Issues Found**: List of specific issues with severity levels
|
|
255
|
-
- **Recommendations**: Actionable improvement suggestions
|
|
256
|
-
- **Code Examples**: Improved code snippets where applicable
|
|
257
|
-
|
|
258
|
-
## Scoring
|
|
259
|
-
Provide an overall score from 1-10 for:
|
|
260
|
-
- Code Quality
|
|
261
|
-
- ${focus_area ? focus_area.charAt(0).toUpperCase() + focus_area.slice(1) : "General"}
|
|
262
|
-
- Best Practices Adherence
|
|
263
|
-
`;
|
|
264
|
-
}
|
|
265
|
-
function generateHierarchicalTaskPrompt(args) {
|
|
266
|
-
const { task_description, complexity_level = "medium", target_audience = "intermediate", } = args;
|
|
267
|
-
return `# Hierarchical Task Breakdown
|
|
268
|
-
|
|
269
|
-
## Context
|
|
270
|
-
Breaking down a ${complexity_level} complexity task for ${target_audience} level audience.
|
|
271
|
-
|
|
272
|
-
## Primary Task
|
|
273
|
-
${task_description}
|
|
274
|
-
|
|
275
|
-
## Requirements
|
|
276
|
-
1. **Hierarchical Structure**
|
|
277
|
-
- Main objective clearly defined
|
|
278
|
-
- Sub-tasks logically organized
|
|
279
|
-
- Dependencies identified
|
|
280
|
-
|
|
281
|
-
2. **Task Granularity**
|
|
282
|
-
${complexity_level === "simple"
|
|
283
|
-
? "- Keep breakdown to 2-3 levels maximum\n - Focus on concrete, actionable steps\n - Minimize complexity"
|
|
284
|
-
: complexity_level === "complex"
|
|
285
|
-
? "- Use 4-5 hierarchical levels\n - Include detailed sub-tasks\n - Consider multiple approaches"
|
|
286
|
-
: "- Use 3-4 hierarchical levels\n - Balance detail with clarity\n - Include alternative paths"}
|
|
287
|
-
|
|
288
|
-
3. **Audience Considerations**
|
|
289
|
-
${target_audience === "beginner"
|
|
290
|
-
? "- Provide detailed explanations\n - Include background information\n - Define technical terms"
|
|
291
|
-
: target_audience === "expert"
|
|
292
|
-
? "- Focus on high-level strategy\n - Assume domain knowledge\n - Highlight critical decision points"
|
|
293
|
-
: "- Balance explanation with efficiency\n - Provide context where needed\n - Include relevant examples"}
|
|
294
|
-
|
|
295
|
-
## Output Structure
|
|
296
|
-
1. **Level 1: Primary Objective**
|
|
297
|
-
- Clear goal statement
|
|
298
|
-
- Success criteria
|
|
299
|
-
- Overall timeline estimate
|
|
300
|
-
|
|
301
|
-
2. **Level 2: Major Components**
|
|
302
|
-
- Key deliverables
|
|
303
|
-
- Resource requirements
|
|
304
|
-
- Risk assessment
|
|
305
|
-
|
|
306
|
-
3. **Level 3: Detailed Tasks**
|
|
307
|
-
- Specific actions
|
|
308
|
-
- Dependencies
|
|
309
|
-
- Time estimates
|
|
310
|
-
|
|
311
|
-
4. **Level 4: Implementation Steps** (if needed)
|
|
312
|
-
- Granular activities
|
|
313
|
-
- Technical details
|
|
314
|
-
- Quality checkpoints
|
|
315
|
-
|
|
316
|
-
## Additional Elements
|
|
317
|
-
- **Dependencies Map**: Visual representation of task relationships
|
|
318
|
-
- **Timeline**: Suggested scheduling with milestones
|
|
319
|
-
- **Resources**: Required tools, knowledge, or personnel
|
|
320
|
-
- **Risks**: Potential challenges and mitigation strategies
|
|
321
|
-
`;
|
|
322
|
-
}
|
|
323
|
-
function generateArchitectureDesignPrompt(args) {
|
|
324
|
-
const { system_requirements, scale = "medium", technology_stack = "flexible", } = args;
|
|
325
|
-
return `# System Architecture Design
|
|
326
|
-
|
|
327
|
-
## Context
|
|
328
|
-
Designing a ${scale}-scale system architecture with ${technology_stack} technology constraints.
|
|
329
|
-
|
|
330
|
-
## System Requirements
|
|
331
|
-
${system_requirements}
|
|
332
|
-
|
|
333
|
-
## Design Constraints
|
|
334
|
-
- **Scale**: ${scale} (affects infrastructure and technology choices)
|
|
335
|
-
- **Technology Stack**: ${technology_stack}
|
|
336
|
-
- **Architecture Type**: ${scale === "small"
|
|
337
|
-
? "Monolithic or Simple Microservices"
|
|
338
|
-
: scale === "large"
|
|
339
|
-
? "Distributed Microservices"
|
|
340
|
-
: "Modular Monolith or Microservices"}
|
|
341
|
-
|
|
342
|
-
## Architecture Analysis Requirements
|
|
343
|
-
|
|
344
|
-
1. **High-Level Architecture**
|
|
345
|
-
- System components and their responsibilities
|
|
346
|
-
- Data flow between components
|
|
347
|
-
- External dependencies and integrations
|
|
348
|
-
|
|
349
|
-
2. **Technology Recommendations**
|
|
350
|
-
${technology_stack === "flexible"
|
|
351
|
-
? "- Suggest appropriate technologies for each component\n - Consider modern best practices\n - Balance proven solutions with innovation"
|
|
352
|
-
: `- Work within ${technology_stack} constraints\n - Optimize for chosen technology stack\n - Identify any limitations or workarounds needed`}
|
|
353
|
-
|
|
354
|
-
3. **Scalability Considerations**
|
|
355
|
-
${scale === "small"
|
|
356
|
-
? "- Simple deployment and maintenance\n - Cost-effective solutions\n - Easy to understand and modify"
|
|
357
|
-
: scale === "large"
|
|
358
|
-
? "- Horizontal scaling capabilities\n - Load balancing strategies\n - Performance optimization\n - Fault tolerance and redundancy"
|
|
359
|
-
: "- Moderate scaling requirements\n - Growth potential\n - Balanced complexity"}
|
|
360
|
-
|
|
361
|
-
## Output Format
|
|
362
|
-
|
|
363
|
-
### 1. Architecture Overview
|
|
364
|
-
- System context diagram
|
|
365
|
-
- High-level component architecture
|
|
366
|
-
- Key architectural decisions and rationale
|
|
367
|
-
|
|
368
|
-
### 2. Component Design
|
|
369
|
-
- Detailed component specifications
|
|
370
|
-
- Interface definitions
|
|
371
|
-
- Data models and schemas
|
|
372
|
-
|
|
373
|
-
### 3. Infrastructure Design
|
|
374
|
-
- Deployment architecture
|
|
375
|
-
- Network topology
|
|
376
|
-
- Security considerations
|
|
377
|
-
|
|
378
|
-
### 4. Implementation Roadmap
|
|
379
|
-
- Development phases
|
|
380
|
-
- Technology setup requirements
|
|
381
|
-
- Testing and deployment strategies
|
|
382
|
-
|
|
383
|
-
### 5. Documentation Artifacts
|
|
384
|
-
- Architecture diagrams (Mermaid format)
|
|
385
|
-
- Technical specifications
|
|
386
|
-
- Deployment guides
|
|
387
|
-
|
|
388
|
-
## Quality Attributes
|
|
389
|
-
Address the following non-functional requirements:
|
|
390
|
-
- **Performance**: Response time and throughput targets
|
|
391
|
-
- **Reliability**: Availability and fault tolerance requirements
|
|
392
|
-
- **Security**: Authentication, authorization, and data protection
|
|
393
|
-
- **Maintainability**: Code organization and documentation standards
|
|
394
|
-
- **Scalability**: Growth and load handling capabilities
|
|
395
|
-
`;
|
|
396
|
-
}
|
|
397
|
-
function generateDebuggingAssistantPrompt(args) {
|
|
398
|
-
const { error_description, context = "", attempted_solutions = "none specified", } = args;
|
|
399
|
-
return `# Debugging Assistant
|
|
400
|
-
|
|
401
|
-
## Problem Description
|
|
402
|
-
${error_description}
|
|
403
|
-
|
|
404
|
-
## Additional Context
|
|
405
|
-
${context || "No additional context provided"}
|
|
406
|
-
|
|
407
|
-
## Previously Attempted Solutions
|
|
408
|
-
${attempted_solutions}
|
|
409
|
-
|
|
410
|
-
## Systematic Debugging Approach
|
|
411
|
-
|
|
412
|
-
### 1. Problem Analysis
|
|
413
|
-
- **Symptom Classification**: Categorize the type of error/issue
|
|
414
|
-
- **Impact Assessment**: Determine scope and severity
|
|
415
|
-
- **Environment Factors**: Consider system, version, and configuration details
|
|
416
|
-
|
|
417
|
-
### 2. Root Cause Investigation
|
|
418
|
-
- **Error Pattern Analysis**: Look for recurring patterns or triggers
|
|
419
|
-
- **Code Path Tracing**: Identify the execution flow leading to the issue
|
|
420
|
-
- **Dependency Review**: Check external dependencies and integrations
|
|
421
|
-
|
|
422
|
-
### 3. Hypothesis Formation
|
|
423
|
-
- **Primary Hypothesis**: Most likely cause based on evidence
|
|
424
|
-
- **Alternative Hypotheses**: Secondary potential causes
|
|
425
|
-
- **Testing Strategy**: How to validate each hypothesis
|
|
426
|
-
|
|
427
|
-
### 4. Solution Development
|
|
428
|
-
- **Immediate Fixes**: Quick solutions to resolve symptoms
|
|
429
|
-
- **Long-term Solutions**: Comprehensive fixes addressing root causes
|
|
430
|
-
- **Prevention Measures**: Steps to avoid similar issues in the future
|
|
431
|
-
|
|
432
|
-
## Debugging Checklist
|
|
433
|
-
|
|
434
|
-
### Information Gathering
|
|
435
|
-
- [ ] Complete error messages and stack traces
|
|
436
|
-
- [ ] Environment details (OS, versions, configurations)
|
|
437
|
-
- [ ] Steps to reproduce the issue
|
|
438
|
-
- [ ] Recent changes or updates
|
|
439
|
-
- [ ] System logs and monitoring data
|
|
440
|
-
|
|
441
|
-
### Analysis Steps
|
|
442
|
-
- [ ] Isolate the problem to specific components
|
|
443
|
-
- [ ] Verify input data and parameters
|
|
444
|
-
- [ ] Check for resource constraints (memory, disk, network)
|
|
445
|
-
- [ ] Review recent code changes
|
|
446
|
-
- [ ] Validate configuration settings
|
|
447
|
-
|
|
448
|
-
### Testing Approach
|
|
449
|
-
- [ ] Create minimal reproduction case
|
|
450
|
-
- [ ] Test in isolated environment
|
|
451
|
-
- [ ] Verify fix effectiveness
|
|
452
|
-
- [ ] Test edge cases and error conditions
|
|
453
|
-
- [ ] Validate no regression introduced
|
|
454
|
-
|
|
455
|
-
## Output Format
|
|
456
|
-
|
|
457
|
-
### 1. Problem Analysis Summary
|
|
458
|
-
- Issue classification and severity
|
|
459
|
-
- Likely root cause(s)
|
|
460
|
-
- Contributing factors
|
|
461
|
-
|
|
462
|
-
### 2. Recommended Solutions
|
|
463
|
-
- Step-by-step resolution instructions
|
|
464
|
-
- Alternative approaches if primary solution fails
|
|
465
|
-
- Required tools or resources
|
|
466
|
-
|
|
467
|
-
### 3. Verification Steps
|
|
468
|
-
- How to confirm the fix works
|
|
469
|
-
- Regression testing recommendations
|
|
470
|
-
- Monitoring suggestions
|
|
471
|
-
|
|
472
|
-
### 4. Prevention Strategy
|
|
473
|
-
- Code improvements to prevent recurrence
|
|
474
|
-
- Process improvements
|
|
475
|
-
- Documentation updates needed
|
|
476
|
-
|
|
477
|
-
## Follow-up Actions
|
|
478
|
-
- Code review recommendations
|
|
479
|
-
- Testing improvements
|
|
480
|
-
- Documentation updates
|
|
481
|
-
- Knowledge sharing with team
|
|
482
|
-
`;
|
|
483
|
-
}
|
|
484
|
-
function generateDocumentationGeneratorPrompt(args) {
|
|
485
|
-
const { content_type, target_audience = "general", existing_content = "", } = args;
|
|
486
|
-
return `# Documentation Generation Request
|
|
487
|
-
|
|
488
|
-
## Documentation Type
|
|
489
|
-
${content_type}
|
|
490
|
-
|
|
491
|
-
## Target Audience
|
|
492
|
-
${target_audience}
|
|
493
|
-
|
|
494
|
-
## Existing Content to Build Upon
|
|
495
|
-
${existing_content || "Starting from scratch"}
|
|
496
|
-
|
|
497
|
-
## Documentation Requirements
|
|
498
|
-
|
|
499
|
-
### 1. Content Structure
|
|
500
|
-
${content_type === "API"
|
|
501
|
-
? "- API Overview and purpose\n- Authentication methods\n- Endpoint documentation with examples\n- Error codes and handling\n- SDK and integration guides"
|
|
502
|
-
: content_type === "user guide"
|
|
503
|
-
? "- Getting started guide\n- Feature walkthrough with screenshots\n- Common use cases and tutorials\n- Troubleshooting section\n- FAQ"
|
|
504
|
-
: content_type === "technical spec"
|
|
505
|
-
? "- System overview and architecture\n- Technical requirements\n- Implementation details\n- Configuration options\n- Performance specifications"
|
|
506
|
-
: "- Clear introduction and purpose\n- Logical content organization\n- Practical examples\n- Reference materials"}
|
|
507
|
-
|
|
508
|
-
### 2. Audience Considerations
|
|
509
|
-
$ {
|
|
510
|
-
target_audience === "developers"
|
|
511
|
-
? "- Technical depth and accuracy\n- Code examples and implementations\n- Integration patterns\n- Best practices and gotchas"
|
|
512
|
-
: target_audience === "end-users"
|
|
513
|
-
? "- Clear, jargon-free language\n- Step-by-step instructions\n- Visual aids and screenshots\n- Real-world scenarios"
|
|
514
|
-
: target_audience === "administrators"
|
|
515
|
-
? "- Configuration and setup procedures\n- Maintenance and monitoring guides\n- Security considerations\n- Troubleshooting procedures"
|
|
516
|
-
: "- Balanced technical depth\n- Clear explanations\n- Practical examples\n- Progressive complexity"
|
|
517
|
-
}
|
|
518
|
-
|
|
519
|
-
### 3. Quality Standards
|
|
520
|
-
- **Clarity**: Information is easy to understand and follow
|
|
521
|
-
- **Completeness**: All necessary information is included
|
|
522
|
-
- **Accuracy**: Technical details are correct and up-to-date
|
|
523
|
-
- **Usability**: Documentation is easy to navigate and search
|
|
524
|
-
|
|
525
|
-
## Output Format
|
|
526
|
-
|
|
527
|
-
### Documentation Structure
|
|
528
|
-
1. **Introduction**
|
|
529
|
-
- Purpose and scope
|
|
530
|
-
- Audience and prerequisites
|
|
531
|
-
- Document organization
|
|
532
|
-
|
|
533
|
-
2. **Main Content**
|
|
534
|
-
$
|
|
535
|
-
content_type === "API"
|
|
536
|
-
? "- Quick start guide\n - Detailed endpoint documentation\n - Authentication and authorization\n - Error handling\n - Examples and use cases"
|
|
537
|
-
: content_type === "user guide"
|
|
538
|
-
? "- Getting started\n - Core features and functionality\n - Advanced features\n - Troubleshooting\n - Tips and best practices"
|
|
539
|
-
: "- Core concepts\n - Detailed procedures\n - Configuration options\n - Advanced topics\n - Reference materials"
|
|
540
|
-
}
|
|
541
|
-
|
|
542
|
-
3. **Supporting Materials**
|
|
543
|
-
- Glossary of terms
|
|
544
|
-
- Additional resources
|
|
545
|
-
- Contact information
|
|
546
|
-
- Version history
|
|
547
|
-
|
|
548
|
-
### Content Guidelines
|
|
549
|
-
- Use clear, concise language appropriate for ${target_audience}
|
|
550
|
-
- Include practical examples and code snippets where relevant
|
|
551
|
-
- Provide context and explain the "why" behind procedures
|
|
552
|
-
- Use consistent formatting and terminology
|
|
553
|
-
- Include cross-references and links to related sections
|
|
554
|
-
|
|
555
|
-
### Visual Elements
|
|
556
|
-
- Diagrams for complex concepts (Mermaid format preferred)
|
|
557
|
-
- Screenshots for user interfaces
|
|
558
|
-
- Code blocks with syntax highlighting
|
|
559
|
-
- Tables for reference information
|
|
560
|
-
- Callout boxes for important notes and warnings
|
|
561
|
-
|
|
562
|
-
## Quality Checklist
|
|
563
|
-
- [ ] Content is accurate and up-to-date
|
|
564
|
-
- [ ] Language is appropriate for target audience
|
|
565
|
-
- [ ] Examples are practical and tested
|
|
566
|
-
- [ ] Navigation and structure are logical
|
|
567
|
-
- [ ] All links and references work correctly
|
|
568
|
-
- [ ] Document meets accessibility standards
|
|
569
|
-
`;
|
|
570
|
-
}
|
|
571
|
-
function generateSparkUiPrompt(args) {
|
|
572
|
-
const { title, summary, design_direction, color_scheme = "dark for contrast and readability", } = args;
|
|
573
|
-
return `---\nmode: 'agent'\nmodel: GPT-4.1\ntools: ['githubRepo', 'codebase', 'editFiles']\ndescription: '${summary.replace(/'/g, "''")}'\n---\n## ⚡ Spark Prompt Template\n\n# ${title}\n\n${summary}\n\n## Design Direction\n${design_direction}\n\n## Color Scheme\n${color_scheme}\n`;
|
|
574
|
-
}
|
|
575
|
-
function generateSecurityAnalysisPrompt(args) {
|
|
576
|
-
const { codebase, security_focus = "vulnerability-analysis", language = "auto-detect", compliance_standards = "OWASP-Top-10", risk_tolerance = "medium", } = args;
|
|
577
|
-
return `# Security Analysis Request
|
|
578
|
-
|
|
579
|
-
## Context
|
|
580
|
-
You are a security expert analyzing ${language} code with focus on ${security_focus.replaceAll("-", " ")}. Apply ${risk_tolerance} risk tolerance and check against ${compliance_standards} standards.
|
|
581
|
-
|
|
582
|
-
## Code to Analyze
|
|
583
|
-
\`\`\`${language}
|
|
584
|
-
${codebase}
|
|
585
|
-
\`\`\`
|
|
586
|
-
|
|
587
|
-
## Security Analysis Requirements
|
|
588
|
-
|
|
589
|
-
### 1. Vulnerability Assessment
|
|
590
|
-
${security_focus === "vulnerability-analysis"
|
|
591
|
-
? ` - Identify security vulnerabilities and weaknesses
|
|
592
|
-
- Check for common attack vectors (injection, XSS, CSRF)
|
|
593
|
-
- Analyze input validation and sanitization
|
|
594
|
-
- Review authentication and authorization mechanisms`
|
|
595
|
-
: security_focus === "compliance-check"
|
|
596
|
-
? ` - Verify compliance with ${compliance_standards} requirements
|
|
597
|
-
- Check adherence to security policies and standards
|
|
598
|
-
- Validate implementation of required security controls
|
|
599
|
-
- Assess documentation and audit trail completeness`
|
|
600
|
-
: security_focus === "threat-modeling"
|
|
601
|
-
? ` - Identify potential threat vectors and attack surfaces
|
|
602
|
-
- Analyze security boundaries and trust zones
|
|
603
|
-
- Evaluate data flow security implications
|
|
604
|
-
- Assess impact and likelihood of potential threats`
|
|
605
|
-
: ` - Implement security hardening measures
|
|
606
|
-
- Apply defense-in-depth principles
|
|
607
|
-
- Strengthen existing security controls
|
|
608
|
-
- Minimize attack surface and exposure`}
|
|
609
|
-
|
|
610
|
-
### 2. Risk Assessment
|
|
611
|
-
- Rate findings by severity (Critical/High/Medium/Low)
|
|
612
|
-
- Assess likelihood of exploitation (Very High/High/Medium/Low/Very Low)
|
|
613
|
-
- Evaluate impact on confidentiality, integrity, and availability
|
|
614
|
-
- Consider attack complexity and prerequisites
|
|
615
|
-
- Document potential for privilege escalation
|
|
616
|
-
- Apply OWASP Risk Rating methodology (Impact × Likelihood)
|
|
617
|
-
|
|
618
|
-
### 3. Security Controls Review
|
|
619
|
-
- Authentication mechanisms and strength
|
|
620
|
-
- Authorization and access control implementation
|
|
621
|
-
- Data encryption in transit and at rest
|
|
622
|
-
- Input validation and output encoding
|
|
623
|
-
- Error handling and information disclosure
|
|
624
|
-
- Session management security
|
|
625
|
-
- Logging and monitoring coverage
|
|
626
|
-
|
|
627
|
-
### 4. Remediation Guidance
|
|
628
|
-
- Specific fix recommendations with code examples
|
|
629
|
-
- Security best practices for the identified issues
|
|
630
|
-
- Implementation guidance and testing approaches
|
|
631
|
-
- Preventive measures for similar vulnerabilities
|
|
632
|
-
|
|
633
|
-
## Risk Assessment Framework
|
|
634
|
-
Follow OWASP Risk Rating Methodology using Impact vs Likelihood matrix:
|
|
635
|
-
|
|
636
|
-
### Risk Calculation: Overall Risk = Likelihood × Impact
|
|
637
|
-
|
|
638
|
-
**Likelihood Factors:**
|
|
639
|
-
- Threat Agent (skill level, motive, opportunity, population size)
|
|
640
|
-
- Vulnerability (ease of discovery, exploit, awareness, intrusion detection)
|
|
641
|
-
|
|
642
|
-
**Impact Factors:**
|
|
643
|
-
- Technical Impact (loss of confidentiality, integrity, availability, accountability)
|
|
644
|
-
- Business Impact (financial damage, reputation damage, non-compliance, privacy violation)
|
|
645
|
-
|
|
646
|
-
### Risk Matrix Visualization
|
|
647
|
-
|
|
648
|
-
\`\`\`mermaid
|
|
649
|
-
quadrantChart
|
|
650
|
-
title Security Risk Assessment Matrix
|
|
651
|
-
x-axis Low Impact --> High Impact
|
|
652
|
-
y-axis Low Likelihood --> High Likelihood
|
|
653
|
-
quadrant-1 Monitor & Review (High Impact, Low Likelihood)
|
|
654
|
-
quadrant-2 Immediate Action Required (High Impact, High Likelihood)
|
|
655
|
-
quadrant-3 Accept Risk (Low Impact, Low Likelihood)
|
|
656
|
-
quadrant-4 Mitigate When Possible (Low Impact, High Likelihood)
|
|
657
|
-
\`\`\`
|
|
658
|
-
|
|
659
|
-
## Risk Tolerance: ${risk_tolerance.toUpperCase()}
|
|
660
|
-
${risk_tolerance === "low"
|
|
661
|
-
? `- Accept minimal risk only (Low Impact × Low Likelihood)
|
|
662
|
-
- Flag all potential security issues, including minor ones
|
|
663
|
-
- Recommend defense-in-depth approaches
|
|
664
|
-
- Prioritize security over convenience and performance
|
|
665
|
-
- Require mitigation for Medium+ risk findings`
|
|
666
|
-
: risk_tolerance === "medium"
|
|
667
|
-
? `- Accept Low to Medium risk findings with proper justification
|
|
668
|
-
- Focus on medium to critical severity issues
|
|
669
|
-
- Balance security with usability and performance
|
|
670
|
-
- Recommend practical, cost-effective solutions
|
|
671
|
-
- Require immediate action for High+ risk findings`
|
|
672
|
-
: `- Accept Low to High risk findings with business justification
|
|
673
|
-
- Focus only on critical and high severity issues
|
|
674
|
-
- Consider business context and implementation cost
|
|
675
|
-
- Provide flexible security recommendations
|
|
676
|
-
- Require immediate action only for Critical risk findings`}
|
|
677
|
-
|
|
678
|
-
## Output Format
|
|
679
|
-
Provide a structured security assessment including:
|
|
680
|
-
|
|
681
|
-
- **Executive Summary**: High-level security posture and critical findings
|
|
682
|
-
- **Vulnerability Details**:
|
|
683
|
-
* Vulnerability description and location
|
|
684
|
-
* Severity rating (Critical/High/Medium/Low)
|
|
685
|
-
* Likelihood assessment (Very High/High/Medium/Low/Very Low)
|
|
686
|
-
* Overall risk score (Severity × Likelihood)
|
|
687
|
-
* Exploitation scenario and impact
|
|
688
|
-
* CVSS score if applicable
|
|
689
|
-
* Reference to OWASP risk matrix position
|
|
690
|
-
- **Security Recommendations**:
|
|
691
|
-
* Immediate actions for critical issues
|
|
692
|
-
* Short-term improvements for high/medium issues
|
|
693
|
-
* Long-term security enhancements
|
|
694
|
-
* Code examples demonstrating secure implementations
|
|
695
|
-
- **Compliance Assessment**: Alignment with ${compliance_standards} requirements
|
|
696
|
-
- **Testing Recommendations**: Security test cases to validate fixes
|
|
697
|
-
|
|
698
|
-
## Scoring
|
|
699
|
-
Provide an overall security score from 1-10 for:
|
|
700
|
-
- Security Posture
|
|
701
|
-
- ${security_focus.replace("-", " ").replace(/\b\w/g, (l) => l.toUpperCase())}
|
|
702
|
-
- Compliance Readiness
|
|
703
|
-
`;
|
|
704
|
-
}
|
|
705
340
|
//# sourceMappingURL=index.js.map
|