miclaw-app 0.2.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (222) hide show
  1. package/.next/standalone/.next/BUILD_ID +1 -1
  2. package/.next/standalone/.next/build-manifest.json +6 -5
  3. package/.next/standalone/.next/server/app/_global-error/page/build-manifest.json +3 -2
  4. package/.next/standalone/.next/server/app/_global-error/page.js +6 -4
  5. package/.next/standalone/.next/server/app/_global-error/page.js.nft.json +1 -1
  6. package/.next/standalone/.next/server/app/_global-error/page_client-reference-manifest.js +1 -1
  7. package/.next/standalone/.next/server/app/_global-error.html +1 -1
  8. package/.next/standalone/.next/server/app/_global-error.rsc +1 -1
  9. package/.next/standalone/.next/server/app/_global-error.segments/__PAGE__.segment.rsc +1 -1
  10. package/.next/standalone/.next/server/app/_global-error.segments/_full.segment.rsc +1 -1
  11. package/.next/standalone/.next/server/app/_global-error.segments/_head.segment.rsc +1 -1
  12. package/.next/standalone/.next/server/app/_global-error.segments/_index.segment.rsc +1 -1
  13. package/.next/standalone/.next/server/app/_global-error.segments/_tree.segment.rsc +1 -1
  14. package/.next/standalone/.next/server/app/_not-found/page/build-manifest.json +3 -2
  15. package/.next/standalone/.next/server/app/_not-found/page.js +6 -4
  16. package/.next/standalone/.next/server/app/_not-found/page.js.nft.json +1 -1
  17. package/.next/standalone/.next/server/app/_not-found/page_client-reference-manifest.js +1 -1
  18. package/.next/standalone/.next/server/app/_not-found.html +3 -3
  19. package/.next/standalone/.next/server/app/_not-found.rsc +10 -10
  20. package/.next/standalone/.next/server/app/_not-found.segments/_full.segment.rsc +10 -10
  21. package/.next/standalone/.next/server/app/_not-found.segments/_head.segment.rsc +4 -4
  22. package/.next/standalone/.next/server/app/_not-found.segments/_index.segment.rsc +5 -5
  23. package/.next/standalone/.next/server/app/_not-found.segments/_not-found/__PAGE__.segment.rsc +2 -2
  24. package/.next/standalone/.next/server/app/_not-found.segments/_not-found.segment.rsc +3 -3
  25. package/.next/standalone/.next/server/app/_not-found.segments/_tree.segment.rsc +2 -2
  26. package/.next/standalone/.next/server/app/agents/page/build-manifest.json +3 -2
  27. package/.next/standalone/.next/server/app/agents/page/server-reference-manifest.json +26 -1
  28. package/.next/standalone/.next/server/app/agents/page.js +10 -6
  29. package/.next/standalone/.next/server/app/agents/page.js.nft.json +1 -1
  30. package/.next/standalone/.next/server/app/agents/page_client-reference-manifest.js +1 -1
  31. package/.next/standalone/.next/server/app/agents.html +17 -10
  32. package/.next/standalone/.next/server/app/agents.rsc +19 -24
  33. package/.next/standalone/.next/server/app/agents.segments/_full.segment.rsc +19 -24
  34. package/.next/standalone/.next/server/app/agents.segments/_head.segment.rsc +4 -4
  35. package/.next/standalone/.next/server/app/agents.segments/_index.segment.rsc +5 -5
  36. package/.next/standalone/.next/server/app/agents.segments/_tree.segment.rsc +2 -2
  37. package/.next/standalone/.next/server/app/agents.segments/agents/__PAGE__.segment.rsc +14 -19
  38. package/.next/standalone/.next/server/app/agents.segments/agents.segment.rsc +3 -3
  39. package/.next/standalone/.next/server/app/commands/page/build-manifest.json +3 -2
  40. package/.next/standalone/.next/server/app/commands/page/server-reference-manifest.json +26 -1
  41. package/.next/standalone/.next/server/app/commands/page.js +10 -6
  42. package/.next/standalone/.next/server/app/commands/page.js.nft.json +1 -1
  43. package/.next/standalone/.next/server/app/commands/page_client-reference-manifest.js +1 -1
  44. package/.next/standalone/.next/server/app/commands.html +27 -15
  45. package/.next/standalone/.next/server/app/commands.rsc +166 -174
  46. package/.next/standalone/.next/server/app/commands.segments/_full.segment.rsc +166 -174
  47. package/.next/standalone/.next/server/app/commands.segments/_head.segment.rsc +4 -4
  48. package/.next/standalone/.next/server/app/commands.segments/_index.segment.rsc +5 -5
  49. package/.next/standalone/.next/server/app/commands.segments/_tree.segment.rsc +2 -2
  50. package/.next/standalone/.next/server/app/commands.segments/commands/__PAGE__.segment.rsc +161 -169
  51. package/.next/standalone/.next/server/app/commands.segments/commands.segment.rsc +3 -3
  52. package/.next/standalone/.next/server/app/hooks/page/build-manifest.json +3 -2
  53. package/.next/standalone/.next/server/app/hooks/page.js +7 -5
  54. package/.next/standalone/.next/server/app/hooks/page.js.nft.json +1 -1
  55. package/.next/standalone/.next/server/app/hooks/page_client-reference-manifest.js +1 -1
  56. package/.next/standalone/.next/server/app/hooks.html +3 -3
  57. package/.next/standalone/.next/server/app/hooks.rsc +11 -11
  58. package/.next/standalone/.next/server/app/hooks.segments/_full.segment.rsc +11 -11
  59. package/.next/standalone/.next/server/app/hooks.segments/_head.segment.rsc +4 -4
  60. package/.next/standalone/.next/server/app/hooks.segments/_index.segment.rsc +5 -5
  61. package/.next/standalone/.next/server/app/hooks.segments/_tree.segment.rsc +2 -2
  62. package/.next/standalone/.next/server/app/hooks.segments/hooks/__PAGE__.segment.rsc +2 -2
  63. package/.next/standalone/.next/server/app/hooks.segments/hooks.segment.rsc +3 -3
  64. package/.next/standalone/.next/server/app/index.html +18 -18
  65. package/.next/standalone/.next/server/app/index.rsc +12 -12
  66. package/.next/standalone/.next/server/app/index.segments/__PAGE__.segment.rsc +4 -4
  67. package/.next/standalone/.next/server/app/index.segments/_full.segment.rsc +12 -12
  68. package/.next/standalone/.next/server/app/index.segments/_head.segment.rsc +4 -4
  69. package/.next/standalone/.next/server/app/index.segments/_index.segment.rsc +5 -5
  70. package/.next/standalone/.next/server/app/index.segments/_tree.segment.rsc +2 -2
  71. package/.next/standalone/.next/server/app/mcp/page/build-manifest.json +3 -2
  72. package/.next/standalone/.next/server/app/mcp/page.js +7 -5
  73. package/.next/standalone/.next/server/app/mcp/page.js.nft.json +1 -1
  74. package/.next/standalone/.next/server/app/mcp/page_client-reference-manifest.js +1 -1
  75. package/.next/standalone/.next/server/app/mcp.html +3 -3
  76. package/.next/standalone/.next/server/app/mcp.rsc +12 -12
  77. package/.next/standalone/.next/server/app/mcp.segments/_full.segment.rsc +12 -12
  78. package/.next/standalone/.next/server/app/mcp.segments/_head.segment.rsc +4 -4
  79. package/.next/standalone/.next/server/app/mcp.segments/_index.segment.rsc +5 -5
  80. package/.next/standalone/.next/server/app/mcp.segments/_tree.segment.rsc +2 -2
  81. package/.next/standalone/.next/server/app/mcp.segments/mcp/__PAGE__.segment.rsc +7 -8
  82. package/.next/standalone/.next/server/app/mcp.segments/mcp.segment.rsc +3 -3
  83. package/.next/standalone/.next/server/app/page/build-manifest.json +3 -2
  84. package/.next/standalone/.next/server/app/page.js +7 -5
  85. package/.next/standalone/.next/server/app/page.js.nft.json +1 -1
  86. package/.next/standalone/.next/server/app/page_client-reference-manifest.js +1 -1
  87. package/.next/standalone/.next/server/app/projects/[slug]/page/build-manifest.json +3 -2
  88. package/.next/standalone/.next/server/app/projects/[slug]/page/server-reference-manifest.json +50 -1
  89. package/.next/standalone/.next/server/app/projects/[slug]/page.js +11 -7
  90. package/.next/standalone/.next/server/app/projects/[slug]/page.js.nft.json +1 -1
  91. package/.next/standalone/.next/server/app/projects/[slug]/page_client-reference-manifest.js +1 -1
  92. package/.next/standalone/.next/server/app/rules/page/build-manifest.json +3 -2
  93. package/.next/standalone/.next/server/app/rules/page/server-reference-manifest.json +14 -1
  94. package/.next/standalone/.next/server/app/rules/page.js +10 -6
  95. package/.next/standalone/.next/server/app/rules/page.js.nft.json +1 -1
  96. package/.next/standalone/.next/server/app/rules/page_client-reference-manifest.js +1 -1
  97. package/.next/standalone/.next/server/app/rules.html +24 -12
  98. package/.next/standalone/.next/server/app/rules.rsc +23 -23
  99. package/.next/standalone/.next/server/app/rules.segments/_full.segment.rsc +23 -23
  100. package/.next/standalone/.next/server/app/rules.segments/_head.segment.rsc +4 -4
  101. package/.next/standalone/.next/server/app/rules.segments/_index.segment.rsc +5 -5
  102. package/.next/standalone/.next/server/app/rules.segments/_tree.segment.rsc +2 -2
  103. package/.next/standalone/.next/server/app/rules.segments/rules/__PAGE__.segment.rsc +15 -15
  104. package/.next/standalone/.next/server/app/rules.segments/rules.segment.rsc +3 -3
  105. package/.next/standalone/.next/server/app/settings/page/build-manifest.json +3 -2
  106. package/.next/standalone/.next/server/app/settings/page.js +7 -5
  107. package/.next/standalone/.next/server/app/settings/page.js.nft.json +1 -1
  108. package/.next/standalone/.next/server/app/settings/page_client-reference-manifest.js +1 -1
  109. package/.next/standalone/.next/server/app/settings.html +3 -50
  110. package/.next/standalone/.next/server/app/settings.rsc +44 -229
  111. package/.next/standalone/.next/server/app/settings.segments/_full.segment.rsc +44 -229
  112. package/.next/standalone/.next/server/app/settings.segments/_head.segment.rsc +4 -4
  113. package/.next/standalone/.next/server/app/settings.segments/_index.segment.rsc +5 -5
  114. package/.next/standalone/.next/server/app/settings.segments/_tree.segment.rsc +2 -2
  115. package/.next/standalone/.next/server/app/settings.segments/settings/__PAGE__.segment.rsc +34 -224
  116. package/.next/standalone/.next/server/app/settings.segments/settings.segment.rsc +3 -3
  117. package/.next/standalone/.next/server/app/skills/page/build-manifest.json +3 -2
  118. package/.next/standalone/.next/server/app/skills/page/server-reference-manifest.json +26 -1
  119. package/.next/standalone/.next/server/app/skills/page.js +10 -6
  120. package/.next/standalone/.next/server/app/skills/page.js.nft.json +1 -1
  121. package/.next/standalone/.next/server/app/skills/page_client-reference-manifest.js +1 -1
  122. package/.next/standalone/.next/server/app/skills.html +17 -10
  123. package/.next/standalone/.next/server/app/skills.rsc +22 -24
  124. package/.next/standalone/.next/server/app/skills.segments/_full.segment.rsc +22 -24
  125. package/.next/standalone/.next/server/app/skills.segments/_head.segment.rsc +4 -4
  126. package/.next/standalone/.next/server/app/skills.segments/_index.segment.rsc +5 -5
  127. package/.next/standalone/.next/server/app/skills.segments/_tree.segment.rsc +2 -2
  128. package/.next/standalone/.next/server/app/skills.segments/skills/__PAGE__.segment.rsc +17 -19
  129. package/.next/standalone/.next/server/app/skills.segments/skills.segment.rsc +3 -3
  130. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0.angw.._.js +19 -0
  131. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0.n_sm9._.js +3 -0
  132. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__00-fvlp._.js +3 -0
  133. package/.next/standalone/.next/server/chunks/ssr/{[root-of-the-server]__0xrk31o._.js → [root-of-the-server]__07-x3pk._.js} +2 -2
  134. package/.next/standalone/.next/server/chunks/ssr/{[root-of-the-server]__09x1iac._.js → [root-of-the-server]__074ddak._.js} +2 -2
  135. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0762gzw._.js +3 -0
  136. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0a6fhf4._.js +3 -0
  137. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0cyn.yv._.js +3 -0
  138. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0drsnbn._.js +3 -0
  139. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0gs673v._.js +3 -0
  140. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0hb8yr6._.js +3 -0
  141. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0lvdgab._.js +3 -0
  142. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0pi2cyu._.js +3 -0
  143. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0pqmw9_._.js +3 -0
  144. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0qau0oe._.js +3 -0
  145. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0y_r~bl._.js +3 -0
  146. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__13f6exv._.js +3 -0
  147. package/.next/standalone/.next/server/chunks/ssr/_0155~lj._.js +4 -0
  148. package/.next/standalone/.next/server/chunks/ssr/_019pxqf._.js +3 -0
  149. package/.next/standalone/.next/server/chunks/ssr/_04f1jnd._.js +3 -0
  150. package/.next/standalone/.next/server/chunks/ssr/_075l.9f._.js +3 -0
  151. package/.next/standalone/.next/server/chunks/ssr/_08ya7_7._.js +18 -0
  152. package/.next/standalone/.next/server/chunks/ssr/_0_s6zlf._.js +4 -0
  153. package/.next/standalone/.next/server/chunks/ssr/_0blw8hh._.js +4 -0
  154. package/.next/standalone/.next/server/chunks/ssr/_0d3amaq._.js +3 -0
  155. package/.next/standalone/.next/server/chunks/ssr/_0henl1i._.js +3 -0
  156. package/.next/standalone/.next/server/chunks/ssr/_0n0cdzu._.js +7 -0
  157. package/.next/standalone/.next/server/chunks/ssr/_0odsblc._.js +4 -0
  158. package/.next/standalone/.next/server/chunks/ssr/_0qj6zf~._.js +4 -0
  159. package/.next/standalone/.next/server/chunks/ssr/_0~-r05b._.js +3 -0
  160. package/.next/standalone/.next/server/chunks/ssr/node_modules_06ooq~z._.js +3 -0
  161. package/.next/standalone/.next/server/chunks/ssr/node_modules_lucide-react_dist_esm_icons_x_06-w9xa.js +3 -0
  162. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_05~t7f3._.js +3 -0
  163. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_060d1m.._.js +3 -0
  164. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_0ve2ws3._.js +6 -0
  165. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_compiled_0wewlb4._.js +3 -0
  166. package/.next/standalone/.next/server/chunks/ssr/src_components_OverviewClient_tsx_02hf4_.._.js +4 -6
  167. package/.next/standalone/.next/server/chunks/ssr/src_components_PermissionList_tsx_11auuo4._.js +3 -0
  168. package/.next/standalone/.next/server/middleware-build-manifest.js +6 -5
  169. package/.next/standalone/.next/server/pages/404.html +3 -3
  170. package/.next/standalone/.next/server/pages/500.html +1 -1
  171. package/.next/standalone/.next/server/server-reference-manifest.js +1 -1
  172. package/.next/standalone/.next/server/server-reference-manifest.json +98 -1
  173. package/.next/standalone/AGENTS.md +5 -0
  174. package/.next/standalone/CLAUDE.md +123 -0
  175. package/.next/standalone/README.md +80 -0
  176. package/.next/standalone/package.json +1 -1
  177. package/.next/static/chunks/04aem330ymbdp.js +1 -0
  178. package/.next/static/chunks/04oemklgq9z0h.js +2 -0
  179. package/.next/static/chunks/05aigtet4z44u.js +2 -0
  180. package/.next/static/chunks/07xsxgej4fv2x.js +2 -0
  181. package/.next/static/chunks/08fwcb._hc08b.js +2 -0
  182. package/.next/static/chunks/0_y~i1hg5~4wi.js +1 -0
  183. package/.next/static/chunks/0g_3.48-9emgq.js +2 -0
  184. package/.next/static/chunks/0lb3l2a8_251j.css +4 -0
  185. package/.next/static/chunks/0pokw498xojn-.js +5 -0
  186. package/.next/static/chunks/13dvyaeya8iqh.js +2 -0
  187. package/.next/static/chunks/14eh46s-dfy04.js +13 -0
  188. package/.next/static/chunks/turbopack-0vxtok8kx-1on.js +1 -0
  189. package/README.md +8 -3
  190. package/package.json +1 -1
  191. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0-h~dmy._.js +0 -3
  192. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__03-xb~6._.js +0 -3
  193. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__05bypkr._.js +0 -3
  194. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0689aen._.js +0 -3
  195. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__09jukbl._.js +0 -3
  196. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__09z7o2x._.js +0 -19
  197. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0beg-.s._.js +0 -3
  198. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0bm8p5g._.js +0 -3
  199. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0j~ozdd._.js +0 -3
  200. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0m45oxh._.js +0 -3
  201. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0o4fjuz._.js +0 -3
  202. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0qk5gqw._.js +0 -3
  203. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0u-t242._.js +0 -3
  204. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0y_d026._.js +0 -3
  205. package/.next/standalone/.next/server/chunks/ssr/_09kkdgy._.js +0 -6
  206. package/.next/standalone/.next/server/chunks/ssr/_0g8yqoe._.js +0 -7
  207. package/.next/standalone/.next/server/chunks/ssr/_next-internal_server_app_agents_page_actions_07l1ss4.js +0 -3
  208. package/.next/standalone/.next/server/chunks/ssr/_next-internal_server_app_commands_page_actions_0npst50.js +0 -3
  209. package/.next/standalone/.next/server/chunks/ssr/_next-internal_server_app_projects_[slug]_page_actions_0xg3f7c.js +0 -3
  210. package/.next/standalone/.next/server/chunks/ssr/_next-internal_server_app_rules_page_actions_0xcrbur.js +0 -3
  211. package/.next/standalone/.next/server/chunks/ssr/_next-internal_server_app_skills_page_actions_0cxzzu-.js +0 -3
  212. package/.next/standalone/.next/server/chunks/ssr/node_modules_0sy8gnb._.js +0 -3
  213. package/.next/standalone/.next/server/chunks/ssr/src_components_ExpandableBody_tsx_0-ivqwg._.js +0 -3
  214. package/.next/static/chunks/0hbcy8fff~.ks.js +0 -15
  215. package/.next/static/chunks/0mmpyn9fv2fjf.js +0 -2
  216. package/.next/static/chunks/0xlrze18so95w.css +0 -4
  217. package/.next/static/chunks/0y3~cortx~or~.js +0 -5
  218. package/.next/static/chunks/12p3iqtw2ohfq.js +0 -1
  219. package/.next/static/chunks/turbopack-06dy8k5p5cegf.js +0 -1
  220. /package/.next/static/{vFFhR9bZqGO0pHP7N7NNG → ykykNEJbtAXExgOj13bt9}/_buildManifest.js +0 -0
  221. /package/.next/static/{vFFhR9bZqGO0pHP7N7NNG → ykykNEJbtAXExgOj13bt9}/_clientMiddlewareManifest.js +0 -0
  222. /package/.next/static/{vFFhR9bZqGO0pHP7N7NNG → ykykNEJbtAXExgOj13bt9}/_ssgManifest.js +0 -0
@@ -1,24 +1,24 @@
1
1
  1:"$Sreact.fragment"
2
- 2:I[22140,["/_next/static/chunks/0mmpyn9fv2fjf.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"Sidebar"]
3
- 3:I[39756,["/_next/static/chunks/0mmpyn9fv2fjf.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"default"]
4
- 4:I[37457,["/_next/static/chunks/0mmpyn9fv2fjf.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"default"]
5
- 6:I[97367,["/_next/static/chunks/0mmpyn9fv2fjf.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"OutletBoundary"]
2
+ 2:I[22140,["/_next/static/chunks/08fwcb._hc08b.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"Sidebar"]
3
+ 3:I[39756,["/_next/static/chunks/08fwcb._hc08b.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"default"]
4
+ 4:I[37457,["/_next/static/chunks/08fwcb._hc08b.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"default"]
5
+ 6:I[97367,["/_next/static/chunks/08fwcb._hc08b.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"OutletBoundary"]
6
6
  7:"$Sreact.suspense"
7
- a:I[97367,["/_next/static/chunks/0mmpyn9fv2fjf.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"ViewportBoundary"]
8
- c:I[97367,["/_next/static/chunks/0mmpyn9fv2fjf.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"MetadataBoundary"]
9
- e:I[68027,["/_next/static/chunks/0mmpyn9fv2fjf.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"default",1]
10
- :HL["/_next/static/chunks/0xlrze18so95w.css","style"]
7
+ a:I[97367,["/_next/static/chunks/08fwcb._hc08b.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"ViewportBoundary"]
8
+ c:I[97367,["/_next/static/chunks/08fwcb._hc08b.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"MetadataBoundary"]
9
+ e:I[68027,["/_next/static/chunks/08fwcb._hc08b.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"default",1]
10
+ :HL["/_next/static/chunks/0lb3l2a8_251j.css","style"]
11
11
  :HL["/_next/static/media/166ab60e98aadb0a-s.p.0mka4ru4_bj1d.woff2","font",{"crossOrigin":"","type":"font/woff2"}]
12
12
  :HL["/_next/static/media/797e433ab948586e-s.p.0.q-h669a_dqa.woff2","font",{"crossOrigin":"","type":"font/woff2"}]
13
13
  :HL["/_next/static/media/83afe278b6a6bb3c-s.p.0q-301v4kxxnr.woff2","font",{"crossOrigin":"","type":"font/woff2"}]
14
- 0:{"P":null,"c":["","commands"],"q":"","i":false,"f":[[["",{"children":["commands",{"children":["__PAGE__",{}]}]},"$undefined","$undefined",16],[["$","$1","c",{"children":[[["$","link","0",{"rel":"stylesheet","href":"/_next/static/chunks/0xlrze18so95w.css","precedence":"next","crossOrigin":"$undefined","nonce":"$undefined"}],["$","script","script-0",{"src":"/_next/static/chunks/0mmpyn9fv2fjf.js","async":true,"nonce":"$undefined"}],["$","script","script-1",{"src":"/_next/static/chunks/0d3shmwh5_nmn.js","async":true,"nonce":"$undefined"}]],["$","html",null,{"lang":"en","className":"inter_fe8b9d92-module__LINzvG__variable geist_mono_8d43a2aa-module__8Li5zG__variable fira_code_d18ac710-module__OladcG__variable","children":["$","body",null,{"className":"bg-surface text-text font-sans antialiased","children":["$","div",null,{"className":"flex h-screen overflow-hidden","children":[["$","$L2",null,{}],["$","main",null,{"className":"flex-1 overflow-y-auto bg-grid","children":["$","$L3",null,{"parallelRouterKey":"children","error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$L4",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":[[["$","title",null,{"children":"404: This page could not be found."}],["$","div",null,{"style":{"fontFamily":"system-ui,\"Segoe UI\",Roboto,Helvetica,Arial,sans-serif,\"Apple Color Emoji\",\"Segoe UI Emoji\"","height":"100vh","textAlign":"center","display":"flex","flexDirection":"column","alignItems":"center","justifyContent":"center"},"children":["$","div",null,{"children":[["$","style",null,{"dangerouslySetInnerHTML":{"__html":"body{color:#000;background:#fff;margin:0}.next-error-h1{border-right:1px solid rgba(0,0,0,.3)}@media (prefers-color-scheme:dark){body{color:#fff;background:#000}.next-error-h1{border-right:1px solid rgba(255,255,255,.3)}}"}}],["$","h1",null,{"className":"next-error-h1","style":{"display":"inline-block","margin":"0 20px 0 0","padding":"0 23px 0 0","fontSize":24,"fontWeight":500,"verticalAlign":"top","lineHeight":"49px"},"children":404}],["$","div",null,{"style":{"display":"inline-block"},"children":["$","h2",null,{"style":{"fontSize":14,"fontWeight":400,"lineHeight":"49px","margin":0},"children":"This page could not be found."}]}]]}]}]],[]],"forbidden":"$undefined","unauthorized":"$undefined"}]}]]}]}]}]]}],{"children":[["$","$1","c",{"children":[null,["$","$L3",null,{"parallelRouterKey":"children","error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$L4",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","forbidden":"$undefined","unauthorized":"$undefined"}]]}],{"children":[["$","$1","c",{"children":["$L5",[["$","script","script-0",{"src":"/_next/static/chunks/12p3iqtw2ohfq.js","async":true,"nonce":"$undefined"}]],["$","$L6",null,{"children":["$","$7",null,{"name":"Next.MetadataOutlet","children":"$@8"}]}]]}],{},null,false,null]},null,false,"$@9"]},null,false,null],["$","$1","h",{"children":[null,["$","$La",null,{"children":"$Lb"}],["$","div",null,{"hidden":true,"children":["$","$Lc",null,{"children":["$","$7",null,{"name":"Next.Metadata","children":"$Ld"}]}]}],["$","meta",null,{"name":"next-size-adjust","content":""}]]}],false]],"m":"$undefined","G":["$e",[["$","link","0",{"rel":"stylesheet","href":"/_next/static/chunks/0xlrze18so95w.css","precedence":"next","crossOrigin":"$undefined","nonce":"$undefined"}]]],"S":true,"h":null,"s":"$undefined","l":"$undefined","p":"$undefined","d":"$undefined","b":"vFFhR9bZqGO0pHP7N7NNG"}
14
+ 0:{"P":null,"c":["","commands"],"q":"","i":false,"f":[[["",{"children":["commands",{"children":["__PAGE__",{}]}]},"$undefined","$undefined",16],[["$","$1","c",{"children":[[["$","link","0",{"rel":"stylesheet","href":"/_next/static/chunks/0lb3l2a8_251j.css","precedence":"next","crossOrigin":"$undefined","nonce":"$undefined"}],["$","script","script-0",{"src":"/_next/static/chunks/08fwcb._hc08b.js","async":true,"nonce":"$undefined"}],["$","script","script-1",{"src":"/_next/static/chunks/0d3shmwh5_nmn.js","async":true,"nonce":"$undefined"}]],["$","html",null,{"lang":"en","className":"inter_fe8b9d92-module__LINzvG__variable geist_mono_8d43a2aa-module__8Li5zG__variable fira_code_d18ac710-module__OladcG__variable","children":["$","body",null,{"className":"bg-surface text-text font-sans antialiased","children":["$","div",null,{"className":"flex h-screen overflow-hidden","children":[["$","$L2",null,{}],["$","main",null,{"className":"flex-1 overflow-y-auto bg-grid","children":["$","$L3",null,{"parallelRouterKey":"children","error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$L4",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":[[["$","title",null,{"children":"404: This page could not be found."}],["$","div",null,{"style":{"fontFamily":"system-ui,\"Segoe UI\",Roboto,Helvetica,Arial,sans-serif,\"Apple Color Emoji\",\"Segoe UI Emoji\"","height":"100vh","textAlign":"center","display":"flex","flexDirection":"column","alignItems":"center","justifyContent":"center"},"children":["$","div",null,{"children":[["$","style",null,{"dangerouslySetInnerHTML":{"__html":"body{color:#000;background:#fff;margin:0}.next-error-h1{border-right:1px solid rgba(0,0,0,.3)}@media (prefers-color-scheme:dark){body{color:#fff;background:#000}.next-error-h1{border-right:1px solid rgba(255,255,255,.3)}}"}}],["$","h1",null,{"className":"next-error-h1","style":{"display":"inline-block","margin":"0 20px 0 0","padding":"0 23px 0 0","fontSize":24,"fontWeight":500,"verticalAlign":"top","lineHeight":"49px"},"children":404}],["$","div",null,{"style":{"display":"inline-block"},"children":["$","h2",null,{"style":{"fontSize":14,"fontWeight":400,"lineHeight":"49px","margin":0},"children":"This page could not be found."}]}]]}]}]],[]],"forbidden":"$undefined","unauthorized":"$undefined"}]}]]}]}]}]]}],{"children":[["$","$1","c",{"children":[null,["$","$L3",null,{"parallelRouterKey":"children","error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$L4",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","forbidden":"$undefined","unauthorized":"$undefined"}]]}],{"children":[["$","$1","c",{"children":["$L5",[["$","script","script-0",{"src":"/_next/static/chunks/04oemklgq9z0h.js","async":true,"nonce":"$undefined"}]],["$","$L6",null,{"children":["$","$7",null,{"name":"Next.MetadataOutlet","children":"$@8"}]}]]}],{},null,false,null]},null,false,"$@9"]},null,false,null],["$","$1","h",{"children":[null,["$","$La",null,{"children":"$Lb"}],["$","div",null,{"hidden":true,"children":["$","$Lc",null,{"children":["$","$7",null,{"name":"Next.Metadata","children":"$Ld"}]}]}],["$","meta",null,{"name":"next-size-adjust","content":""}]]}],false]],"m":"$undefined","G":["$e",[["$","link","0",{"rel":"stylesheet","href":"/_next/static/chunks/0lb3l2a8_251j.css","precedence":"next","crossOrigin":"$undefined","nonce":"$undefined"}]]],"S":true,"h":null,"s":"$undefined","l":"$undefined","p":"$undefined","d":"$undefined","b":"ykykNEJbtAXExgOj13bt9"}
15
15
  f:[]
16
16
  9:"$Wf"
17
17
  b:[["$","meta","0",{"charSet":"utf-8"}],["$","meta","1",{"name":"viewport","content":"width=device-width, initial-scale=1"}]]
18
- 10:I[27201,["/_next/static/chunks/0mmpyn9fv2fjf.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"IconMark"]
18
+ 10:I[27201,["/_next/static/chunks/08fwcb._hc08b.js","/_next/static/chunks/0d3shmwh5_nmn.js"],"IconMark"]
19
19
  8:null
20
20
  d:[["$","title","0",{"children":"MiClaw"}],["$","meta","1",{"name":"description","content":"Claude Code configuration visualizer"}],["$","link","2",{"rel":"icon","href":"/favicon.ico?favicon.0x3dzn~oxb6tn.ico","sizes":"256x256","type":"image/x-icon"}],["$","$L10","3",{}]]
21
- 11:I[22450,["/_next/static/chunks/0mmpyn9fv2fjf.js","/_next/static/chunks/0d3shmwh5_nmn.js","/_next/static/chunks/12p3iqtw2ohfq.js"],"ExpandableBody"]
21
+ 11:I[47258,["/_next/static/chunks/08fwcb._hc08b.js","/_next/static/chunks/0d3shmwh5_nmn.js","/_next/static/chunks/04oemklgq9z0h.js"],"CommandScopeGroup"]
22
22
  12:T1810,# Infrastructure Security Audit
23
23
 
24
24
  Scan all AWS infrastructure modules for security issues across four categories: IAM least-privilege, unprotected API routes, encryption, and factory module bypass.
@@ -131,8 +131,8 @@ Each sub-agent should write its report in this format:
131
131
 
132
132
  After the aggregation agent completes, tell the user the full report is at `/tmp/infra-security-audit/SUMMARY.md` and output the brief summary.
133
133
 
134
- Read the actual .tf files — don't guess based on module names. When a wildcard resource is found, check if it's a known AWS requirement before flagging.5:["$","div",null,{"className":"mx-auto max-w-5xl px-8 py-10","children":[["$","div",null,{"className":"mb-8","children":[["$","div",null,{"className":"flex items-baseline gap-3","children":[["$","h1",null,{"className":"text-2xl font-medium tracking-tight","children":"Commands"}],["$","span",null,{"className":"text-sm text-text-muted","children":12}]]}],["$","p",null,{"className":"mt-1 text-sm text-text-muted","children":"Procedural commands across projects"}]]}],[["$","div","infrastructure",{"className":"mb-8","children":[["$","div",null,{"className":"flex items-center gap-2 mb-3","children":[["$","span",null,{"className":"inline-flex items-center px-2 py-0.5 text-xs font-medium rounded-sm bg-surface-raised text-text-dim","children":"INFRASTRUCTURE"}],["$","span",null,{"className":"text-xs text-text-dim font-mono","children":"~/Desktop/infrastructure/.claude/commands"}]]}],["$","div",null,{"className":"space-y-3","children":[["$","div","/Users/gabry/Desktop/infrastructure/.claude/commands/security-audit.md",{"id":"security-audit","className":"border border-border rounded-sm p-5 scroll-mt-4 ","children":[["$","h3",null,{"className":"text-sm font-medium","children":"security-audit"}],["$","$L11",null,{"content":"$12","previewLines":3}]]}]]}]]}],"$L13","$L14"],false]}]
135
- 15:T368e,# Broken Access Control Scan
134
+ Read the actual .tf files — don't guess based on module names. When a wildcard resource is found, check if it's a known AWS requirement before flagging.5:["$","div",null,{"className":"mx-auto max-w-5xl px-8 py-10","children":[["$","div",null,{"className":"mb-8","children":[["$","div",null,{"className":"flex items-baseline gap-3","children":[["$","h1",null,{"className":"text-2xl font-mono font-medium tracking-tight","children":"Commands"}],["$","span",null,{"className":"font-mono text-sm text-text-dim","children":12}]]}],["$","p",null,{"className":"mt-1 text-sm text-text-muted","children":"Procedural commands across projects"}]]}],[["$","div","/Users/gabry/Desktop/infrastructure",{"className":"mb-8","children":[["$","div",null,{"className":"flex items-center gap-2 mb-3","children":[["$","span",null,{"className":"font-mono text-xs text-text-dim","children":["[","INFRASTRUCTURE","]"]}],["$","span",null,{"className":"text-xs text-text-dim font-mono","children":"~/Desktop/infrastructure"}]]}],["$","$L11",null,{"commands":[{"name":"security-audit","body":"$12","filePath":"/Users/gabry/Desktop/infrastructure/.claude/commands/security-audit.md","scope":{"type":"project","projectName":"infrastructure","projectPath":"/Users/gabry/Desktop/infrastructure"}}],"scopePath":"/Users/gabry/Desktop/infrastructure"}]]}],"$L13","$L14","$L15"],false]}]
135
+ 16:T368e,# Broken Access Control Scan
136
136
 
137
137
  Scan ALL route handlers and Lambda handlers in platform-services for broken access control vulnerabilities beyond IDOR (which is covered by the separate `idor-scan` command).
138
138
 
@@ -358,150 +358,7 @@ Write the final report to `access-control-scan-results/SUMMARY.md` with:
358
358
 
359
359
  Then output the summary to the user.
360
360
 
361
- Be thorough. Read the actual code — don't guess based on function names alone. When checking for role validation, trace the full dependency chain. If a role check happens in a called function or middleware rather than at the route level, note it but don't flag it as a vulnerability.13:["$","div","platform-services",{"className":"mb-8","children":[["$","div",null,{"className":"flex items-center gap-2 mb-3","children":[["$","span",null,{"className":"inline-flex items-center px-2 py-0.5 text-xs font-medium rounded-sm bg-surface-raised text-text-dim","children":"PLATFORM-SERVICES"}],["$","span",null,{"className":"text-xs text-text-dim font-mono","children":"~/Desktop/platform-services/.claude/commands"}]]}],["$","div",null,{"className":"space-y-3","children":[["$","div","/Users/gabry/Desktop/platform-services/.claude/commands/access-control-scan.md",{"id":"access-control-scan","className":"border border-border rounded-sm p-5 scroll-mt-4 ","children":[["$","h3",null,{"className":"text-sm font-medium","children":"access-control-scan"}],["$","$L11",null,{"content":"$15","previewLines":3}]]}],"$L16","$L17","$L18","$L19","$L1a","$L1b","$L1c","$L1d","$L1e"]}]]}]
362
- 1f:T1605,# Investigate WGS Ingestion Failure
363
-
364
- You are investigating a WGS ingestion Step Function failure in production. Follow each step. Do NOT ask for user input -- work autonomously.
365
-
366
- ## Input
367
-
368
- $ARGUMENTS
369
-
370
- ## Step 1: Parse the Alert
371
-
372
- Extract from the input text: `correlationId`, `wgsIngestionId`, `sfnError`, `sfnStatus`.
373
-
374
- If the input is missing required fields, write a report noting the parse failure and stop.
375
-
376
- ## Step 2: Query Axiom
377
-
378
- Use `mcp__axiom__queryDataset` with `startTime` = `now-24h` and `endTime` = `now`.
379
-
380
- Trace the correlationId:
381
-
382
- ```apl
383
- ['bioscope-prod']
384
- | where correlationId == "<correlationId>"
385
- | order by _time asc
386
- ```
387
-
388
- Search by wgsIngestionId:
389
-
390
- ```apl
391
- ['bioscope-prod']
392
- | where data.wgsIngestionId == "<wgsIngestionId>" or message contains "<wgsIngestionId>"
393
- | order by _time asc
394
- ```
395
-
396
- Focus on ERROR-level entries. Record only the key log lines needed to explain the failure -- not the full trace.
397
-
398
- ## Step 3: Cross-Reference Code
399
-
400
- Read the `PLATFORM_SERVICES_PATH` and `INFRASTRUCTURE_PATH` environment variables to locate the repos.
401
-
402
- ### Application code (platform-services)
403
-
404
- 1. `$PLATFORM_SERVICES_PATH/packages/wgs_ingestion_service/src/wgs_ingestion_service/handlers/handle_sfn_failure.py`
405
- 2. `$PLATFORM_SERVICES_PATH/packages/wgs_ingestion_service/src/wgs_ingestion_service/handlers/handle_initiate_ingestion.py`
406
- 3. `$PLATFORM_SERVICES_PATH/packages/bioscope_types/src/bioscope_types/dynamodb/wgs_ingestions.py`
407
-
408
- ### Infrastructure (Terraform)
409
-
410
- If the error points to a Step Function state, Lambda config, IAM permissions, or resource limits, cross-reference these files:
411
-
412
- 1. `$INFRASTRUCTURE_PATH/modules/aws/wgs_ingestion/sfn.tf` -- Step Function state machine definition and pipeline flow
413
- 2. `$INFRASTRUCTURE_PATH/modules/aws/wgs_ingestion/lambda.tf` -- Lambda function configuration (memory, timeout, layers)
414
- 3. `$INFRASTRUCTURE_PATH/modules/aws/wgs_ingestion/iam.tf` -- IAM roles and policies for the pipeline
415
- 4. `$INFRASTRUCTURE_PATH/modules/aws/wgs_ingestion/eventbridge.tf` -- EventBridge rule that triggers on SFN failures
416
- 5. `$INFRASTRUCTURE_PATH/modules/aws/wgs_ingestion/dynamodb.tf` -- DynamoDB table and index definitions
417
-
418
- The execution name format is `{wgs_ingestion_id}_{kit_id}_{timestamp}`.
419
-
420
- ## Step 4: Classify the Failure
421
-
422
- **Default to Bug.** Only classify as Transient if you can point to specific evidence (see criteria below).
423
-
424
- - **Bug**: Code error, unhandled exception, missing IAM permissions, missing config, infrastructure misconfiguration. Requires a code or infra fix. **This is the default classification when the root cause is unclear.**
425
- - **Transient**: A failure that meets ALL of these criteria:
426
- 1. The error is a network timeout, AWS throttling, or a known transient pattern (see below)
427
- 2. There is no underlying code/config/IAM issue that caused it
428
- 3. A redrive would be expected to succeed WITHOUT any code or infrastructure changes
429
- - **Data issue**: Bad input, missing files, malformed data. Requires manual intervention.
430
-
431
- You MUST justify your classification in the Root Cause section. If classifying as Transient, explicitly state why a redrive would fix it without code changes.
432
-
433
- ### Example Transient Errors
434
-
435
- These LOOK like data issues but are known transient -- classify as **Transient**:
436
-
437
- - **`INTERSECT_VARIANTS` / `KeyError: 'CHR:POS:A0:A1'` / "No variants in intersection"**: Intermittent failure in `pgsc_calc` during PRS generation. Resolves on redrive.
438
-
439
- ### Example Bug Patterns
440
-
441
- These may LOOK transient but are bugs -- classify as **Bug**:
442
-
443
- - **S3 403 Forbidden on HeadObject/GetObject/PutObject**: Usually a missing IAM permission on the task role, not a temporary auth issue. Check the relevant IAM policy in infrastructure. Example: BIOENG-535 where `genomics-bam-subset-processor` was missing `s3:GetObject` on its output bucket.
444
- - **S3 404 Not Found on expected files**: Could indicate a missing deployment artifact, misconfigured path, or a race condition in the pipeline -- not transient.
445
- - **Persistent STS/credential errors on FARGATE_SPOT**: If the same error recurs on redrive or appears on non-spot tasks, it is an IAM issue, not credential expiration.
446
-
447
- ## Step 5: Write the Report
448
-
449
- Write the report file as: `reports/YYYY-MM-DD_<first-8-chars-of-wgsIngestionId>.md`
450
-
451
- The `reports/` directory is in the current working directory. Verify with `Glob` that the directory exists before writing. If it does not exist, create it.
452
-
453
- Keep the report concise. Only include log lines that are directly relevant to explaining the failure cause.
454
-
455
- ```
456
- # WGS Ingestion Failure Report
457
-
458
- ## Summary
459
-
460
- | Field | Value |
461
- |-------|-------|
462
- | Date | YYYY-MM-DD HH:MM UTC |
463
- | Correlation ID | ... |
464
- | WGS Ingestion ID | ... |
465
- | Execution Name | ... |
466
- | SFN Error | ... |
467
- | SFN Status | ... |
468
-
469
- ## Key Logs
470
-
471
- Only the log lines that explain the failure (oldest first):
472
-
473
- - `TIMESTAMP` [LEVEL] message (logGroup: ...)
474
-
475
- ## Root Cause
476
-
477
- <1-3 sentences. What failed and why.>
478
-
479
- ## Classification
480
-
481
- **<Transient | Bug | Data issue>**
482
-
483
- ## Recommended Action
484
-
485
- <1-2 sentences.>
486
-
487
- ### Redrive JSON
488
-
489
- If transient, include:
490
-
491
- {
492
- "executionIds": ["<execution-name>"]
493
- }
494
-
495
- Env-task name: `redrive-wgs-ingestion-execution`
496
- ```
497
-
498
- ## Rules
499
-
500
- - Do NOT ask for user input. Work fully autonomously.
501
- - Do NOT include PII/PHI. Only UUIDs, error codes, timestamps, status values.
502
- - Do NOT use Bash commands. Use only Read, Glob, Grep, Write, and mcp__axiom__queryDataset.
503
- - If Axiom queries fail, proceed with code analysis and note the gap in the report.14:["$","div","wgs-ingestion-bot",{"className":"mb-8","children":[["$","div",null,{"className":"flex items-center gap-2 mb-3","children":[["$","span",null,{"className":"inline-flex items-center px-2 py-0.5 text-xs font-medium rounded-sm bg-surface-raised text-text-dim","children":"WGS-INGESTION-BOT"}],["$","span",null,{"className":"text-xs text-text-dim font-mono","children":"~/Desktop/wgs-ingestion-bot/.claude/commands"}]]}],["$","div",null,{"className":"space-y-3","children":[["$","div","/Users/gabry/Desktop/wgs-ingestion-bot/.claude/commands/investigate-wgs-ingestion.md",{"id":"investigate-wgs-ingestion","className":"border border-border rounded-sm p-5 scroll-mt-4 ","children":[["$","h3",null,{"className":"text-sm font-medium","children":"investigate-wgs-ingestion"}],["$","$L11",null,{"content":"$1f","previewLines":3}]]}]]}]]}]
504
- 20:Tf1d,# Add a New Model to llm-proxy-service
361
+ Be thorough. Read the actual code — don't guess based on function names alone. When checking for role validation, trace the full dependency chain. If a role check happens in a called function or middleware rather than at the route level, note it but don't flag it as a vulnerability.17:Tf1d,# Add a New Model to llm-proxy-service
505
362
 
506
363
  Add a new LLM model to `llm-proxy-service`, ensuring accurate cost reporting.
507
364
 
@@ -587,8 +444,7 @@ If the model requires additional env vars (vertex_ai, groq, or anthropic models)
587
444
 
588
445
  1. Run `pnpm exec nx run bioscope-types:type-check` to verify the type is valid
589
446
  2. Run `pnpm exec nx run llm-proxy-service:test` to verify tests pass
590
- 3. Run `pnpm exec nx run llm-proxy-service:lint` and `pnpm exec nx run llm-proxy-service:type-check`16:["$","div","/Users/gabry/Desktop/platform-services/.claude/commands/add-llm-proxy-service-model.md",{"id":"add-llm-proxy-service-model","className":"border border-border rounded-sm p-5 scroll-mt-4 ","children":[["$","h3",null,{"className":"text-sm font-medium","children":"add-llm-proxy-service-model"}],["$","$L11",null,{"content":"$20","previewLines":3}]]}]
591
- 21:T1c43,# IDOR & Authorization Vulnerability Scan
447
+ 3. Run `pnpm exec nx run llm-proxy-service:lint` and `pnpm exec nx run llm-proxy-service:type-check`18:T1c43,# IDOR & Authorization Vulnerability Scan
592
448
 
593
449
  Scan ALL route handlers in platform-services for IDOR (Insecure Direct Object Reference) and authorization vulnerabilities.
594
450
 
@@ -685,8 +541,7 @@ Write the final report to `/tmp/idor-scan-results/SUMMARY.md` with:
685
541
 
686
542
  Then output the summary to the user.
687
543
 
688
- Be thorough. Read the actual code — don't guess based on function names alone. When in doubt about whether a check exists, read the called functions to see if ownership validation happens deeper in the call chain. If validation happens in a called function rather than at the route level, note it but don't flag it as a vulnerability.17:["$","div","/Users/gabry/Desktop/platform-services/.claude/commands/idor-scan.md",{"id":"idor-scan","className":"border border-border rounded-sm p-5 scroll-mt-4 ","children":[["$","h3",null,{"className":"text-sm font-medium","children":"idor-scan"}],["$","$L11",null,{"content":"$21","previewLines":3}]]}]
689
- 22:T2543,# PHI/PII Data Exposure Scan
544
+ Be thorough. Read the actual code — don't guess based on function names alone. When in doubt about whether a check exists, read the called functions to see if ownership validation happens deeper in the call chain. If validation happens in a called function rather than at the route level, note it but don't flag it as a vulnerability.19:T2543,# PHI/PII Data Exposure Scan
690
545
 
691
546
  Scan ALL application code in platform-services for Protected Health Information (PHI) and Personally Identifiable Information (PII) exposure vulnerabilities. This covers logging, error responses, API over-fetching, and any other channel where sensitive data could leak.
692
547
 
@@ -857,8 +712,7 @@ Write the final report to `/tmp/phi-exposure-scan-results/SUMMARY.md` with:
857
712
 
858
713
  Then output the summary to the user.
859
714
 
860
- Be thorough. Read the actual code — don't guess based on function names alone. When checking log statements, look at what the `extra` dict actually contains. When checking for model dumps, trace the model class to see what fields it includes. If a model only contains safe fields (IDs, timestamps, statuses), it's not a PHI exposure even if it's logged via `model_dump()`.18:["$","div","/Users/gabry/Desktop/platform-services/.claude/commands/phi-exposure-scan.md",{"id":"phi-exposure-scan","className":"border border-border rounded-sm p-5 scroll-mt-4 ","children":[["$","h3",null,{"className":"text-sm font-medium","children":"phi-exposure-scan"}],["$","$L11",null,{"content":"$22","previewLines":3}]]}]
861
- 23:T1b86,# Upgrade litellm in llm-proxy-service
715
+ Be thorough. Read the actual code — don't guess based on function names alone. When checking log statements, look at what the `extra` dict actually contains. When checking for model dumps, trace the model class to see what fields it includes. If a model only contains safe fields (IDs, timestamps, statuses), it's not a PHI exposure even if it's logged via `model_dump()`.1a:T1b86,# Upgrade litellm in llm-proxy-service
862
716
 
863
717
  Upgrade the `litellm` dependency in `llm-proxy-service` to a new version, validating that all supported models have correct pricing.
864
718
 
@@ -971,8 +825,8 @@ After presenting findings to the user and getting their approval:
971
825
  4. Run `uv sync --all-packages` from the `platform-services/` directory to update the lock file
972
826
  5. Run `pnpm exec nx run llm-proxy-service:test` to verify tests pass
973
827
  6. Run `pnpm exec nx run llm-proxy-service:lint` and `pnpm exec nx run llm-proxy-service:type-check`
974
- 7. Run `pnpm exec nx run embedding-service:test`, `pnpm exec nx run embedding-service:lint`, and `pnpm exec nx run embedding-service:type-check`19:["$","div","/Users/gabry/Desktop/platform-services/.claude/commands/upgrade-litellm.md",{"id":"upgrade-litellm","className":"border border-border rounded-sm p-5 scroll-mt-4 ","children":[["$","h3",null,{"className":"text-sm font-medium","children":"upgrade-litellm"}],["$","$L11",null,{"content":"$23","previewLines":3}]]}]
975
- 24:T368e,# Broken Access Control Scan
828
+ 7. Run `pnpm exec nx run embedding-service:test`, `pnpm exec nx run embedding-service:lint`, and `pnpm exec nx run embedding-service:type-check`13:["$","div","/Users/gabry/Desktop/platform-services",{"className":"mb-8","children":[["$","div",null,{"className":"flex items-center gap-2 mb-3","children":[["$","span",null,{"className":"font-mono text-xs text-text-dim","children":["[","PLATFORM-SERVICES","]"]}],["$","span",null,{"className":"text-xs text-text-dim font-mono","children":"~/Desktop/platform-services"}]]}],["$","$L11",null,{"commands":[{"name":"access-control-scan","body":"$16","filePath":"/Users/gabry/Desktop/platform-services/.claude/commands/access-control-scan.md","scope":{"type":"project","projectName":"platform-services","projectPath":"/Users/gabry/Desktop/platform-services"}},{"name":"add-llm-proxy-service-model","body":"$17","filePath":"/Users/gabry/Desktop/platform-services/.claude/commands/add-llm-proxy-service-model.md","scope":"$13:props:children:1:props:commands:0:scope"},{"name":"idor-scan","body":"$18","filePath":"/Users/gabry/Desktop/platform-services/.claude/commands/idor-scan.md","scope":"$13:props:children:1:props:commands:0:scope"},{"name":"phi-exposure-scan","body":"$19","filePath":"/Users/gabry/Desktop/platform-services/.claude/commands/phi-exposure-scan.md","scope":"$13:props:children:1:props:commands:0:scope"},{"name":"upgrade-litellm","body":"$1a","filePath":"/Users/gabry/Desktop/platform-services/.claude/commands/upgrade-litellm.md","scope":"$13:props:children:1:props:commands:0:scope"}],"scopePath":"/Users/gabry/Desktop/platform-services"}]]}]
829
+ 1b:T368e,# Broken Access Control Scan
976
830
 
977
831
  Scan ALL route handlers and Lambda handlers in platform-services for broken access control vulnerabilities beyond IDOR (which is covered by the separate `idor-scan` command).
978
832
 
@@ -1198,8 +1052,7 @@ Write the final report to `access-control-scan-results/SUMMARY.md` with:
1198
1052
 
1199
1053
  Then output the summary to the user.
1200
1054
 
1201
- Be thorough. Read the actual code — don't guess based on function names alone. When checking for role validation, trace the full dependency chain. If a role check happens in a called function or middleware rather than at the route level, note it but don't flag it as a vulnerability.1a:["$","div","/Users/gabry/Desktop/ps-copy/platform-services/.claude/commands/access-control-scan.md",{"id":"access-control-scan","className":"border border-border rounded-sm p-5 scroll-mt-4 ","children":[["$","h3",null,{"className":"text-sm font-medium","children":"access-control-scan"}],["$","$L11",null,{"content":"$24","previewLines":3}]]}]
1202
- 25:Tf1d,# Add a New Model to llm-proxy-service
1055
+ Be thorough. Read the actual code — don't guess based on function names alone. When checking for role validation, trace the full dependency chain. If a role check happens in a called function or middleware rather than at the route level, note it but don't flag it as a vulnerability.1c:Tf1d,# Add a New Model to llm-proxy-service
1203
1056
 
1204
1057
  Add a new LLM model to `llm-proxy-service`, ensuring accurate cost reporting.
1205
1058
 
@@ -1285,8 +1138,7 @@ If the model requires additional env vars (vertex_ai, groq, or anthropic models)
1285
1138
 
1286
1139
  1. Run `pnpm exec nx run bioscope-types:type-check` to verify the type is valid
1287
1140
  2. Run `pnpm exec nx run llm-proxy-service:test` to verify tests pass
1288
- 3. Run `pnpm exec nx run llm-proxy-service:lint` and `pnpm exec nx run llm-proxy-service:type-check`1b:["$","div","/Users/gabry/Desktop/ps-copy/platform-services/.claude/commands/add-llm-proxy-service-model.md",{"id":"add-llm-proxy-service-model","className":"border border-border rounded-sm p-5 scroll-mt-4 ","children":[["$","h3",null,{"className":"text-sm font-medium","children":"add-llm-proxy-service-model"}],["$","$L11",null,{"content":"$25","previewLines":3}]]}]
1289
- 26:T1c43,# IDOR & Authorization Vulnerability Scan
1141
+ 3. Run `pnpm exec nx run llm-proxy-service:lint` and `pnpm exec nx run llm-proxy-service:type-check`1d:T1c43,# IDOR & Authorization Vulnerability Scan
1290
1142
 
1291
1143
  Scan ALL route handlers in platform-services for IDOR (Insecure Direct Object Reference) and authorization vulnerabilities.
1292
1144
 
@@ -1383,8 +1235,7 @@ Write the final report to `/tmp/idor-scan-results/SUMMARY.md` with:
1383
1235
 
1384
1236
  Then output the summary to the user.
1385
1237
 
1386
- Be thorough. Read the actual code — don't guess based on function names alone. When in doubt about whether a check exists, read the called functions to see if ownership validation happens deeper in the call chain. If validation happens in a called function rather than at the route level, note it but don't flag it as a vulnerability.1c:["$","div","/Users/gabry/Desktop/ps-copy/platform-services/.claude/commands/idor-scan.md",{"id":"idor-scan","className":"border border-border rounded-sm p-5 scroll-mt-4 ","children":[["$","h3",null,{"className":"text-sm font-medium","children":"idor-scan"}],["$","$L11",null,{"content":"$26","previewLines":3}]]}]
1387
- 27:T2543,# PHI/PII Data Exposure Scan
1238
+ Be thorough. Read the actual code — don't guess based on function names alone. When in doubt about whether a check exists, read the called functions to see if ownership validation happens deeper in the call chain. If validation happens in a called function rather than at the route level, note it but don't flag it as a vulnerability.1e:T2543,# PHI/PII Data Exposure Scan
1388
1239
 
1389
1240
  Scan ALL application code in platform-services for Protected Health Information (PHI) and Personally Identifiable Information (PII) exposure vulnerabilities. This covers logging, error responses, API over-fetching, and any other channel where sensitive data could leak.
1390
1241
 
@@ -1555,8 +1406,7 @@ Write the final report to `/tmp/phi-exposure-scan-results/SUMMARY.md` with:
1555
1406
 
1556
1407
  Then output the summary to the user.
1557
1408
 
1558
- Be thorough. Read the actual code — don't guess based on function names alone. When checking log statements, look at what the `extra` dict actually contains. When checking for model dumps, trace the model class to see what fields it includes. If a model only contains safe fields (IDs, timestamps, statuses), it's not a PHI exposure even if it's logged via `model_dump()`.1d:["$","div","/Users/gabry/Desktop/ps-copy/platform-services/.claude/commands/phi-exposure-scan.md",{"id":"phi-exposure-scan","className":"border border-border rounded-sm p-5 scroll-mt-4 ","children":[["$","h3",null,{"className":"text-sm font-medium","children":"phi-exposure-scan"}],["$","$L11",null,{"content":"$27","previewLines":3}]]}]
1559
- 28:T1b86,# Upgrade litellm in llm-proxy-service
1409
+ Be thorough. Read the actual code — don't guess based on function names alone. When checking log statements, look at what the `extra` dict actually contains. When checking for model dumps, trace the model class to see what fields it includes. If a model only contains safe fields (IDs, timestamps, statuses), it's not a PHI exposure even if it's logged via `model_dump()`.1f:T1b86,# Upgrade litellm in llm-proxy-service
1560
1410
 
1561
1411
  Upgrade the `litellm` dependency in `llm-proxy-service` to a new version, validating that all supported models have correct pricing.
1562
1412
 
@@ -1669,4 +1519,146 @@ After presenting findings to the user and getting their approval:
1669
1519
  4. Run `uv sync --all-packages` from the `platform-services/` directory to update the lock file
1670
1520
  5. Run `pnpm exec nx run llm-proxy-service:test` to verify tests pass
1671
1521
  6. Run `pnpm exec nx run llm-proxy-service:lint` and `pnpm exec nx run llm-proxy-service:type-check`
1672
- 7. Run `pnpm exec nx run embedding-service:test`, `pnpm exec nx run embedding-service:lint`, and `pnpm exec nx run embedding-service:type-check`1e:["$","div","/Users/gabry/Desktop/ps-copy/platform-services/.claude/commands/upgrade-litellm.md",{"id":"upgrade-litellm","className":"border border-border rounded-sm p-5 scroll-mt-4 ","children":[["$","h3",null,{"className":"text-sm font-medium","children":"upgrade-litellm"}],["$","$L11",null,{"content":"$28","previewLines":3}]]}]
1522
+ 7. Run `pnpm exec nx run embedding-service:test`, `pnpm exec nx run embedding-service:lint`, and `pnpm exec nx run embedding-service:type-check`14:["$","div","/Users/gabry/Desktop/ps-copy/platform-services",{"className":"mb-8","children":[["$","div",null,{"className":"flex items-center gap-2 mb-3","children":[["$","span",null,{"className":"font-mono text-xs text-text-dim","children":["[","PLATFORM-SERVICES","]"]}],["$","span",null,{"className":"text-xs text-text-dim font-mono","children":"~/Desktop/ps-copy/platform-services"}]]}],["$","$L11",null,{"commands":[{"name":"access-control-scan","body":"$1b","filePath":"/Users/gabry/Desktop/ps-copy/platform-services/.claude/commands/access-control-scan.md","scope":{"type":"project","projectName":"platform-services","projectPath":"/Users/gabry/Desktop/ps-copy/platform-services"}},{"name":"add-llm-proxy-service-model","body":"$1c","filePath":"/Users/gabry/Desktop/ps-copy/platform-services/.claude/commands/add-llm-proxy-service-model.md","scope":"$14:props:children:1:props:commands:0:scope"},{"name":"idor-scan","body":"$1d","filePath":"/Users/gabry/Desktop/ps-copy/platform-services/.claude/commands/idor-scan.md","scope":"$14:props:children:1:props:commands:0:scope"},{"name":"phi-exposure-scan","body":"$1e","filePath":"/Users/gabry/Desktop/ps-copy/platform-services/.claude/commands/phi-exposure-scan.md","scope":"$14:props:children:1:props:commands:0:scope"},{"name":"upgrade-litellm","body":"$1f","filePath":"/Users/gabry/Desktop/ps-copy/platform-services/.claude/commands/upgrade-litellm.md","scope":"$14:props:children:1:props:commands:0:scope"}],"scopePath":"/Users/gabry/Desktop/ps-copy/platform-services"}]]}]
1523
+ 20:T1605,# Investigate WGS Ingestion Failure
1524
+
1525
+ You are investigating a WGS ingestion Step Function failure in production. Follow each step. Do NOT ask for user input -- work autonomously.
1526
+
1527
+ ## Input
1528
+
1529
+ $ARGUMENTS
1530
+
1531
+ ## Step 1: Parse the Alert
1532
+
1533
+ Extract from the input text: `correlationId`, `wgsIngestionId`, `sfnError`, `sfnStatus`.
1534
+
1535
+ If the input is missing required fields, write a report noting the parse failure and stop.
1536
+
1537
+ ## Step 2: Query Axiom
1538
+
1539
+ Use `mcp__axiom__queryDataset` with `startTime` = `now-24h` and `endTime` = `now`.
1540
+
1541
+ Trace the correlationId:
1542
+
1543
+ ```apl
1544
+ ['bioscope-prod']
1545
+ | where correlationId == "<correlationId>"
1546
+ | order by _time asc
1547
+ ```
1548
+
1549
+ Search by wgsIngestionId:
1550
+
1551
+ ```apl
1552
+ ['bioscope-prod']
1553
+ | where data.wgsIngestionId == "<wgsIngestionId>" or message contains "<wgsIngestionId>"
1554
+ | order by _time asc
1555
+ ```
1556
+
1557
+ Focus on ERROR-level entries. Record only the key log lines needed to explain the failure -- not the full trace.
1558
+
1559
+ ## Step 3: Cross-Reference Code
1560
+
1561
+ Read the `PLATFORM_SERVICES_PATH` and `INFRASTRUCTURE_PATH` environment variables to locate the repos.
1562
+
1563
+ ### Application code (platform-services)
1564
+
1565
+ 1. `$PLATFORM_SERVICES_PATH/packages/wgs_ingestion_service/src/wgs_ingestion_service/handlers/handle_sfn_failure.py`
1566
+ 2. `$PLATFORM_SERVICES_PATH/packages/wgs_ingestion_service/src/wgs_ingestion_service/handlers/handle_initiate_ingestion.py`
1567
+ 3. `$PLATFORM_SERVICES_PATH/packages/bioscope_types/src/bioscope_types/dynamodb/wgs_ingestions.py`
1568
+
1569
+ ### Infrastructure (Terraform)
1570
+
1571
+ If the error points to a Step Function state, Lambda config, IAM permissions, or resource limits, cross-reference these files:
1572
+
1573
+ 1. `$INFRASTRUCTURE_PATH/modules/aws/wgs_ingestion/sfn.tf` -- Step Function state machine definition and pipeline flow
1574
+ 2. `$INFRASTRUCTURE_PATH/modules/aws/wgs_ingestion/lambda.tf` -- Lambda function configuration (memory, timeout, layers)
1575
+ 3. `$INFRASTRUCTURE_PATH/modules/aws/wgs_ingestion/iam.tf` -- IAM roles and policies for the pipeline
1576
+ 4. `$INFRASTRUCTURE_PATH/modules/aws/wgs_ingestion/eventbridge.tf` -- EventBridge rule that triggers on SFN failures
1577
+ 5. `$INFRASTRUCTURE_PATH/modules/aws/wgs_ingestion/dynamodb.tf` -- DynamoDB table and index definitions
1578
+
1579
+ The execution name format is `{wgs_ingestion_id}_{kit_id}_{timestamp}`.
1580
+
1581
+ ## Step 4: Classify the Failure
1582
+
1583
+ **Default to Bug.** Only classify as Transient if you can point to specific evidence (see criteria below).
1584
+
1585
+ - **Bug**: Code error, unhandled exception, missing IAM permissions, missing config, infrastructure misconfiguration. Requires a code or infra fix. **This is the default classification when the root cause is unclear.**
1586
+ - **Transient**: A failure that meets ALL of these criteria:
1587
+ 1. The error is a network timeout, AWS throttling, or a known transient pattern (see below)
1588
+ 2. There is no underlying code/config/IAM issue that caused it
1589
+ 3. A redrive would be expected to succeed WITHOUT any code or infrastructure changes
1590
+ - **Data issue**: Bad input, missing files, malformed data. Requires manual intervention.
1591
+
1592
+ You MUST justify your classification in the Root Cause section. If classifying as Transient, explicitly state why a redrive would fix it without code changes.
1593
+
1594
+ ### Example Transient Errors
1595
+
1596
+ These LOOK like data issues but are known transient -- classify as **Transient**:
1597
+
1598
+ - **`INTERSECT_VARIANTS` / `KeyError: 'CHR:POS:A0:A1'` / "No variants in intersection"**: Intermittent failure in `pgsc_calc` during PRS generation. Resolves on redrive.
1599
+
1600
+ ### Example Bug Patterns
1601
+
1602
+ These may LOOK transient but are bugs -- classify as **Bug**:
1603
+
1604
+ - **S3 403 Forbidden on HeadObject/GetObject/PutObject**: Usually a missing IAM permission on the task role, not a temporary auth issue. Check the relevant IAM policy in infrastructure. Example: BIOENG-535 where `genomics-bam-subset-processor` was missing `s3:GetObject` on its output bucket.
1605
+ - **S3 404 Not Found on expected files**: Could indicate a missing deployment artifact, misconfigured path, or a race condition in the pipeline -- not transient.
1606
+ - **Persistent STS/credential errors on FARGATE_SPOT**: If the same error recurs on redrive or appears on non-spot tasks, it is an IAM issue, not credential expiration.
1607
+
1608
+ ## Step 5: Write the Report
1609
+
1610
+ Write the report file as: `reports/YYYY-MM-DD_<first-8-chars-of-wgsIngestionId>.md`
1611
+
1612
+ The `reports/` directory is in the current working directory. Verify with `Glob` that the directory exists before writing. If it does not exist, create it.
1613
+
1614
+ Keep the report concise. Only include log lines that are directly relevant to explaining the failure cause.
1615
+
1616
+ ```
1617
+ # WGS Ingestion Failure Report
1618
+
1619
+ ## Summary
1620
+
1621
+ | Field | Value |
1622
+ |-------|-------|
1623
+ | Date | YYYY-MM-DD HH:MM UTC |
1624
+ | Correlation ID | ... |
1625
+ | WGS Ingestion ID | ... |
1626
+ | Execution Name | ... |
1627
+ | SFN Error | ... |
1628
+ | SFN Status | ... |
1629
+
1630
+ ## Key Logs
1631
+
1632
+ Only the log lines that explain the failure (oldest first):
1633
+
1634
+ - `TIMESTAMP` [LEVEL] message (logGroup: ...)
1635
+
1636
+ ## Root Cause
1637
+
1638
+ <1-3 sentences. What failed and why.>
1639
+
1640
+ ## Classification
1641
+
1642
+ **<Transient | Bug | Data issue>**
1643
+
1644
+ ## Recommended Action
1645
+
1646
+ <1-2 sentences.>
1647
+
1648
+ ### Redrive JSON
1649
+
1650
+ If transient, include:
1651
+
1652
+ {
1653
+ "executionIds": ["<execution-name>"]
1654
+ }
1655
+
1656
+ Env-task name: `redrive-wgs-ingestion-execution`
1657
+ ```
1658
+
1659
+ ## Rules
1660
+
1661
+ - Do NOT ask for user input. Work fully autonomously.
1662
+ - Do NOT include PII/PHI. Only UUIDs, error codes, timestamps, status values.
1663
+ - Do NOT use Bash commands. Use only Read, Glob, Grep, Write, and mcp__axiom__queryDataset.
1664
+ - If Axiom queries fail, proceed with code analysis and note the gap in the report.15:["$","div","/Users/gabry/Desktop/wgs-ingestion-bot",{"className":"mb-8","children":[["$","div",null,{"className":"flex items-center gap-2 mb-3","children":[["$","span",null,{"className":"font-mono text-xs text-text-dim","children":["[","WGS-INGESTION-BOT","]"]}],["$","span",null,{"className":"text-xs text-text-dim font-mono","children":"~/Desktop/wgs-ingestion-bot"}]]}],["$","$L11",null,{"commands":[{"name":"investigate-wgs-ingestion","body":"$20","filePath":"/Users/gabry/Desktop/wgs-ingestion-bot/.claude/commands/investigate-wgs-ingestion.md","scope":{"type":"project","projectName":"wgs-ingestion-bot","projectPath":"/Users/gabry/Desktop/wgs-ingestion-bot"}}],"scopePath":"/Users/gabry/Desktop/wgs-ingestion-bot"}]]}]