mindforge-cc 11.5.1 → 11.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (214) hide show
  1. package/.agent/mindforge/skill-tdd.md +53 -0
  2. package/.agent/mindforge/skills-index.md +118 -0
  3. package/.agent/mindforge/systematic-debug.md +60 -0
  4. package/.agent/mindforge/wf-catalog.md +37 -0
  5. package/.agent/mindforge/wf-code-audit.md +31 -0
  6. package/.agent/mindforge/wf-competitive-analysis.md +31 -0
  7. package/.agent/mindforge/wf-deep-research.md +32 -0
  8. package/.agent/mindforge/wf-feature-planner.md +31 -0
  9. package/.agent/mindforge/wf-incident-response.md +31 -0
  10. package/.agent/mindforge/wf-onboard-codebase.md +31 -0
  11. package/.agent/mindforge/wf-perf-optimize.md +31 -0
  12. package/.agent/mindforge/wf-pr-review.md +31 -0
  13. package/.agent/mindforge/wf-refactor-plan.md +31 -0
  14. package/.agent/mindforge/wf-release-prep.md +31 -0
  15. package/.agent/mindforge/wf-tdd-sprint.md +31 -0
  16. package/.agent/mindforge/wf-tech-evaluation.md +31 -0
  17. package/.agent/skills/1password-skill/SKILL.md +156 -0
  18. package/.agent/skills/1password-skill/references/cli-examples.md +31 -0
  19. package/.agent/skills/1password-skill/references/get-started.md +21 -0
  20. package/.agent/skills/article-illustrator/SKILL.md +199 -0
  21. package/.agent/skills/article-illustrator/references/prompt-construction.md +426 -0
  22. package/.agent/skills/article-illustrator/references/style-presets.md +80 -0
  23. package/.agent/skills/article-illustrator/references/styles.md +224 -0
  24. package/.agent/skills/article-illustrator/references/usage.md +50 -0
  25. package/.agent/skills/article-illustrator/references/workflow.md +332 -0
  26. package/.agent/skills/arxiv/SKILL.md +275 -0
  27. package/.agent/skills/blogwatcher/SKILL.md +130 -0
  28. package/.agent/skills/code-wiki/SKILL.md +438 -0
  29. package/.agent/skills/code-wiki/templates/README.md +31 -0
  30. package/.agent/skills/code-wiki/templates/architecture.md +30 -0
  31. package/.agent/skills/code-wiki/templates/getting-started.md +47 -0
  32. package/.agent/skills/code-wiki/templates/module.md +38 -0
  33. package/.agent/skills/codebase-inspection/SKILL.md +109 -0
  34. package/.agent/skills/comic-creator/SKILL.md +240 -0
  35. package/.agent/skills/comic-creator/references/analysis-framework.md +176 -0
  36. package/.agent/skills/comic-creator/references/auto-selection.md +71 -0
  37. package/.agent/skills/comic-creator/references/base-prompt.md +98 -0
  38. package/.agent/skills/comic-creator/references/character-template.md +180 -0
  39. package/.agent/skills/comic-creator/references/ohmsha-guide.md +85 -0
  40. package/.agent/skills/comic-creator/references/partial-workflows.md +106 -0
  41. package/.agent/skills/comic-creator/references/storyboard-template.md +143 -0
  42. package/.agent/skills/comic-creator/references/workflow.md +401 -0
  43. package/.agent/skills/concept-diagrams/SKILL.md +355 -0
  44. package/.agent/skills/concept-diagrams/references/dashboard-patterns.md +43 -0
  45. package/.agent/skills/concept-diagrams/references/infrastructure-patterns.md +144 -0
  46. package/.agent/skills/concept-diagrams/references/physical-shape-cookbook.md +42 -0
  47. package/.agent/skills/creative-ideation/SKILL.md +144 -0
  48. package/.agent/skills/creative-ideation/references/full-prompt-library.md +110 -0
  49. package/.agent/skills/devops-cli/SKILL.md +149 -0
  50. package/.agent/skills/devops-cli/references/app-discovery.md +112 -0
  51. package/.agent/skills/devops-cli/references/authentication.md +59 -0
  52. package/.agent/skills/devops-cli/references/cli-reference.md +104 -0
  53. package/.agent/skills/devops-cli/references/running-apps.md +171 -0
  54. package/.agent/skills/devops-watchers/SKILL.md +103 -0
  55. package/.agent/skills/docker-management/SKILL.md +273 -0
  56. package/.agent/skills/domain-intel/SKILL.md +96 -0
  57. package/.agent/skills/duckduckgo-search/SKILL.md +230 -0
  58. package/.agent/skills/github-auth/SKILL.md +240 -0
  59. package/.agent/skills/github-code-review/SKILL.md +474 -0
  60. package/.agent/skills/github-code-review/references/review-output-template.md +74 -0
  61. package/.agent/skills/github-issues/SKILL.md +363 -0
  62. package/.agent/skills/github-issues/templates/bug-report.md +35 -0
  63. package/.agent/skills/github-issues/templates/feature-request.md +31 -0
  64. package/.agent/skills/github-pr-workflow/SKILL.md +360 -0
  65. package/.agent/skills/github-pr-workflow/references/ci-troubleshooting.md +183 -0
  66. package/.agent/skills/github-pr-workflow/references/conventional-commits.md +71 -0
  67. package/.agent/skills/github-pr-workflow/templates/pr-body-bugfix.md +35 -0
  68. package/.agent/skills/github-pr-workflow/templates/pr-body-feature.md +33 -0
  69. package/.agent/skills/github-repo-management/SKILL.md +509 -0
  70. package/.agent/skills/github-repo-management/references/github-api-cheatsheet.md +161 -0
  71. package/.agent/skills/godmode/SKILL.md +396 -0
  72. package/.agent/skills/godmode/references/jailbreak-templates.md +128 -0
  73. package/.agent/skills/godmode/references/refusal-detection.md +142 -0
  74. package/.agent/skills/hyperframes/SKILL.md +182 -0
  75. package/.agent/skills/hyperframes/references/cli.md +185 -0
  76. package/.agent/skills/hyperframes/references/composition.md +129 -0
  77. package/.agent/skills/hyperframes/references/features.md +289 -0
  78. package/.agent/skills/hyperframes/references/gsap.md +136 -0
  79. package/.agent/skills/hyperframes/references/troubleshooting.md +137 -0
  80. package/.agent/skills/hyperframes/references/website-to-video.md +145 -0
  81. package/.agent/skills/jupyter-live-kernel/SKILL.md +160 -0
  82. package/.agent/skills/kanban-orchestrator/SKILL.md +209 -0
  83. package/.agent/skills/kanban-worker/SKILL.md +188 -0
  84. package/.agent/skills/llm-wiki/SKILL.md +499 -0
  85. package/.agent/skills/meme-generation/SKILL.md +122 -0
  86. package/.agent/skills/node-inspect-debugger/SKILL.md +312 -0
  87. package/.agent/skills/obsidian/SKILL.md +60 -0
  88. package/.agent/skills/osint-investigation/SKILL.md +269 -0
  89. package/.agent/skills/osint-investigation/templates/source-template.md +59 -0
  90. package/.agent/skills/oss-forensics/SKILL.md +422 -0
  91. package/.agent/skills/oss-forensics/references/evidence-types.md +89 -0
  92. package/.agent/skills/oss-forensics/references/github-archive-guide.md +184 -0
  93. package/.agent/skills/oss-forensics/references/investigation-templates.md +131 -0
  94. package/.agent/skills/oss-forensics/references/recovery-techniques.md +164 -0
  95. package/.agent/skills/oss-forensics/templates/forensic-report.md +151 -0
  96. package/.agent/skills/oss-forensics/templates/malicious-package-report.md +43 -0
  97. package/.agent/skills/parallel-cli/SKILL.md +384 -0
  98. package/.agent/skills/pinggy-tunnel/SKILL.md +302 -0
  99. package/.agent/skills/pixel-art/SKILL.md +209 -0
  100. package/.agent/skills/pixel-art/references/palettes.md +49 -0
  101. package/.agent/skills/plan/SKILL.md +331 -0
  102. package/.agent/skills/polymarket/SKILL.md +75 -0
  103. package/.agent/skills/polymarket/references/api-endpoints.md +220 -0
  104. package/.agent/skills/python-debugpy/SKILL.md +368 -0
  105. package/.agent/skills/requesting-code-review/SKILL.md +273 -0
  106. package/.agent/skills/research-paper-writing/SKILL.md +2367 -0
  107. package/.agent/skills/research-paper-writing/references/autoreason-methodology.md +394 -0
  108. package/.agent/skills/research-paper-writing/references/checklists.md +434 -0
  109. package/.agent/skills/research-paper-writing/references/citation-workflow.md +563 -0
  110. package/.agent/skills/research-paper-writing/references/experiment-patterns.md +728 -0
  111. package/.agent/skills/research-paper-writing/references/human-evaluation.md +476 -0
  112. package/.agent/skills/research-paper-writing/references/paper-types.md +481 -0
  113. package/.agent/skills/research-paper-writing/references/reviewer-guidelines.md +433 -0
  114. package/.agent/skills/research-paper-writing/references/sources.md +191 -0
  115. package/.agent/skills/research-paper-writing/references/writing-guide.md +474 -0
  116. package/.agent/skills/research-paper-writing/templates/README.md +251 -0
  117. package/.agent/skills/rest-graphql-debug/SKILL.md +507 -0
  118. package/.agent/skills/s6-container-supervision/SKILL.md +171 -0
  119. package/.agent/skills/scrapling/SKILL.md +328 -0
  120. package/.agent/skills/sherlock/SKILL.md +186 -0
  121. package/.agent/skills/simplify-code/SKILL.md +168 -0
  122. package/.agent/skills/skill-authoring/SKILL.md +158 -0
  123. package/.agent/skills/spike/SKILL.md +190 -0
  124. package/.agent/skills/subagent-driven-development/SKILL.md +345 -0
  125. package/.agent/skills/subagent-driven-development/references/context-budget-discipline.md +53 -0
  126. package/.agent/skills/subagent-driven-development/references/gates-taxonomy.md +93 -0
  127. package/.agent/skills/systematic-debugging/SKILL.md +360 -0
  128. package/.agent/skills/test-driven-development/SKILL.md +336 -0
  129. package/.agent/skills/video-orchestrator/SKILL.md +194 -0
  130. package/.agent/skills/video-orchestrator/references/examples.md +227 -0
  131. package/.agent/skills/video-orchestrator/references/intake.md +166 -0
  132. package/.agent/skills/video-orchestrator/references/kanban-setup.md +278 -0
  133. package/.agent/skills/video-orchestrator/references/monitoring.md +180 -0
  134. package/.agent/skills/video-orchestrator/references/role-archetypes.md +298 -0
  135. package/.agent/skills/video-orchestrator/references/tool-matrix.md +317 -0
  136. package/.agent/skills/web-pentest/SKILL.md +332 -0
  137. package/.agent/skills/web-pentest/references/bypass-techniques.md +133 -0
  138. package/.agent/skills/web-pentest/references/exploitation-techniques.md +204 -0
  139. package/.agent/skills/web-pentest/references/scope-enforcement.md +110 -0
  140. package/.agent/skills/web-pentest/references/vuln-taxonomy.md +81 -0
  141. package/.agent/skills/web-pentest/templates/authorization.md +69 -0
  142. package/.agent/skills/web-pentest/templates/pentest-report.md +178 -0
  143. package/.claude/commands/mindforge/skill-tdd.md +53 -0
  144. package/.claude/commands/mindforge/skills-index.md +118 -0
  145. package/.claude/commands/mindforge/systematic-debug.md +60 -0
  146. package/.claude/commands/mindforge/wf-catalog.md +37 -0
  147. package/.claude/commands/mindforge/wf-code-audit.md +31 -0
  148. package/.claude/commands/mindforge/wf-competitive-analysis.md +31 -0
  149. package/.claude/commands/mindforge/wf-deep-research.md +32 -0
  150. package/.claude/commands/mindforge/wf-feature-planner.md +31 -0
  151. package/.claude/commands/mindforge/wf-incident-response.md +31 -0
  152. package/.claude/commands/mindforge/wf-onboard-codebase.md +31 -0
  153. package/.claude/commands/mindforge/wf-perf-optimize.md +31 -0
  154. package/.claude/commands/mindforge/wf-pr-review.md +31 -0
  155. package/.claude/commands/mindforge/wf-refactor-plan.md +31 -0
  156. package/.claude/commands/mindforge/wf-release-prep.md +31 -0
  157. package/.claude/commands/mindforge/wf-tdd-sprint.md +31 -0
  158. package/.claude/commands/mindforge/wf-tech-evaluation.md +31 -0
  159. package/.mindforge/config.json +2 -2
  160. package/.mindforge/dynamic-workflows/REGISTRY.md +65 -0
  161. package/.mindforge/dynamic-workflows/index.json +171 -0
  162. package/.mindforge/dynamic-workflows/scripts/code-audit.js +103 -0
  163. package/.mindforge/dynamic-workflows/scripts/competitive-analysis.js +85 -0
  164. package/.mindforge/dynamic-workflows/scripts/deep-research.js +151 -0
  165. package/.mindforge/dynamic-workflows/scripts/feature-planner.js +104 -0
  166. package/.mindforge/dynamic-workflows/scripts/incident-response.js +106 -0
  167. package/.mindforge/dynamic-workflows/scripts/onboard-codebase.js +102 -0
  168. package/.mindforge/dynamic-workflows/scripts/perf-optimize.js +128 -0
  169. package/.mindforge/dynamic-workflows/scripts/pr-review.js +87 -0
  170. package/.mindforge/dynamic-workflows/scripts/refactor-plan.js +121 -0
  171. package/.mindforge/dynamic-workflows/scripts/release-prep.js +102 -0
  172. package/.mindforge/dynamic-workflows/scripts/tdd-sprint.js +103 -0
  173. package/.mindforge/dynamic-workflows/scripts/tech-evaluation.js +72 -0
  174. package/.mindforge/memory/sync-manifest.json +1 -1
  175. package/.mindforge/skills/arxiv/SKILL.md +294 -0
  176. package/.mindforge/skills/blogwatcher/SKILL.md +147 -0
  177. package/.mindforge/skills/code-wiki/SKILL.md +457 -0
  178. package/.mindforge/skills/codebase-inspection/SKILL.md +126 -0
  179. package/.mindforge/skills/concept-diagrams/SKILL.md +373 -0
  180. package/.mindforge/skills/creative-ideation/SKILL.md +162 -0
  181. package/.mindforge/skills/domain-intel/SKILL.md +116 -0
  182. package/.mindforge/skills/duckduckgo-search/SKILL.md +249 -0
  183. package/.mindforge/skills/github-code-review/SKILL.md +493 -0
  184. package/.mindforge/skills/github-issues/SKILL.md +382 -0
  185. package/.mindforge/skills/github-pr-workflow/SKILL.md +379 -0
  186. package/.mindforge/skills/jupyter-live-kernel/SKILL.md +179 -0
  187. package/.mindforge/skills/kanban-orchestrator/SKILL.md +227 -0
  188. package/.mindforge/skills/kanban-worker/SKILL.md +206 -0
  189. package/.mindforge/skills/meme-generation/SKILL.md +141 -0
  190. package/.mindforge/skills/obsidian/SKILL.md +80 -0
  191. package/.mindforge/skills/osint-investigation/SKILL.md +288 -0
  192. package/.mindforge/skills/oss-forensics/SKILL.md +421 -0
  193. package/.mindforge/skills/pixel-art/SKILL.md +228 -0
  194. package/.mindforge/skills/plan/SKILL.md +350 -0
  195. package/.mindforge/skills/requesting-code-review/SKILL.md +292 -0
  196. package/.mindforge/skills/research-paper-writing/SKILL.md +2384 -0
  197. package/.mindforge/skills/scrapling/SKILL.md +345 -0
  198. package/.mindforge/skills/sherlock/SKILL.md +203 -0
  199. package/.mindforge/skills/simplify-code/SKILL.md +187 -0
  200. package/.mindforge/skills/spike/SKILL.md +209 -0
  201. package/.mindforge/skills/subagent-driven-development/SKILL.md +364 -0
  202. package/.mindforge/skills/systematic-debugging/SKILL.md +379 -0
  203. package/.mindforge/skills/test-driven-development/SKILL.md +355 -0
  204. package/.mindforge/skills/web-pentest/SKILL.md +327 -0
  205. package/CHANGELOG.md +71 -0
  206. package/MINDFORGE.md +2 -2
  207. package/README.md +72 -3
  208. package/RELEASENOTES.md +109 -0
  209. package/bin/installer-core.js +6 -2
  210. package/bin/mindforge-cli.js +7 -0
  211. package/bin/workflows/workflow-runner.js +110 -0
  212. package/docs/commands-reference.md +25 -0
  213. package/docs/getting-started.md +42 -5
  214. package/package.json +2 -1
@@ -0,0 +1,422 @@
1
+ ---
2
+ name: oss-forensics
3
+ description: |
4
+ Supply chain investigation, evidence recovery, and forensic analysis for GitHub repositories.
5
+ Covers deleted commit recovery, force-push detection, IOC extraction, multi-source evidence
6
+ collection, hypothesis formation/validation, and structured forensic reporting.
7
+ Inspired by RAPTOR's 1800+ line OSS Forensics system.
8
+ category: security
9
+ triggers:
10
+ - "investigate this repository"
11
+ - "investigate [owner/repo]"
12
+ - "check for supply chain compromise"
13
+ - "recover deleted commits"
14
+ - "forensic analysis of [owner/repo]"
15
+ - "was this repo compromised"
16
+ - "supply chain attack"
17
+ - "suspicious commit"
18
+ - "force push detected"
19
+ - "IOC extraction"
20
+ toolsets:
21
+ - terminal
22
+ - web
23
+ - file
24
+ - delegation
25
+ ---
26
+
27
+ # OSS Security Forensics Skill
28
+
29
+ A 7-phase multi-agent investigation framework for researching open-source supply chain attacks.
30
+ Adapted from RAPTOR's forensics system. Covers GitHub Archive, Wayback Machine, GitHub API,
31
+ local git analysis, IOC extraction, evidence-backed hypothesis formation and validation,
32
+ and final forensic report generation.
33
+
34
+ ---
35
+
36
+ ## ⚠️ Anti-Hallucination Guardrails
37
+
38
+ Read these before every investigation step. Violating them invalidates the report.
39
+
40
+ 1. **Evidence-First Rule**: Every claim in any report, hypothesis, or summary MUST cite at least one evidence ID (`EV-XXXX`). Assertions without citations are forbidden.
41
+ 2. **STAY IN YOUR LANE**: Each sub-agent (investigator) has a single data source. Do NOT mix sources. The GH Archive investigator does not query the GitHub API, and vice versa. Role boundaries are hard.
42
+ 3. **Fact vs. Hypothesis Separation**: Mark all unverified inferences with `[HYPOTHESIS]`. Only statements verified against original sources may be stated as facts.
43
+ 4. **No Evidence Fabrication**: The hypothesis validator MUST mechanically check that every cited evidence ID actually exists in the evidence store before accepting a hypothesis.
44
+ 5. **Proof-Required Disproval**: A hypothesis cannot be dismissed without a specific, evidence-backed counter-argument. "No evidence found" is not sufficient to disprove—it only makes a hypothesis inconclusive.
45
+ 6. **SHA/URL Double-Verification**: Any commit SHA, URL, or external identifier cited as evidence must be independently confirmed from at least two sources before being marked as verified.
46
+ 7. **Suspicious Code Rule**: Never run code found inside the investigated repository locally. Analyze statically only, or use `execute_code` in a sandboxed environment.
47
+ 8. **Secret Redaction**: Any API keys, tokens, or credentials discovered during investigation must be redacted in the final report. Log them internally only.
48
+
49
+ ---
50
+
51
+ ## Example Scenarios
52
+
53
+ - **Scenario A: Dependency Confusion**: A malicious package `internal-lib-v2` is uploaded to NPM with a higher version than the internal one. The investigator must track when this package was first seen and if any PushEvents in the target repo updated `package.json` to this version.
54
+ - **Scenario B: Maintainer Takeover**: A long-term contributor's account is used to push a backdoored `.github/workflows/build.yml`. The investigator looks for PushEvents from this user after a long period of inactivity or from a new IP/location (if detectable via BigQuery).
55
+ - **Scenario C: Force-Push Hide**: A developer accidentally commits a production secret, then force-pushes to "fix" it. The investigator uses `git fsck` and GH Archive to recover the original commit SHA and verify what was leaked.
56
+
57
+ ---
58
+
59
+ > **Path convention**: Throughout this skill, `SKILL_DIR` refers to the root of this skill's
60
+ > installation directory (the folder containing this `SKILL.md`). When the skill is loaded,
61
+ > resolve `SKILL_DIR` to the actual path — e.g. `~/.agent/skills/security/oss-forensics/`
62
+ > or the `optional-skills/` equivalent. All script and template references are relative to it.
63
+
64
+ ## Phase 0: Initialization
65
+
66
+ 1. Create investigation working directory:
67
+ ```bash
68
+ mkdir investigation_$(echo "REPO_NAME" | tr '/' '_')
69
+ cd investigation_$(echo "REPO_NAME" | tr '/' '_')
70
+ ```
71
+ 2. Initialize the evidence store:
72
+ ```bash
73
+ python3 SKILL_DIR/scripts/evidence-store.py --store evidence.json list
74
+ ```
75
+ 3. Copy the forensic report template:
76
+ ```bash
77
+ cp SKILL_DIR/templates/forensic-report.md ./investigation-report.md
78
+ ```
79
+ 4. Create an `iocs.md` file to track Indicators of Compromise as they are discovered.
80
+ 5. Record the investigation start time, target repository, and stated investigation goal.
81
+
82
+ ---
83
+
84
+ ## Phase 1: Prompt Parsing and IOC Extraction
85
+
86
+ **Goal**: Extract all structured investigative targets from the user's request.
87
+
88
+ **Actions**:
89
+ - Parse the user prompt and extract:
90
+ - Target repository (`owner/repo`)
91
+ - Target actors (GitHub handles, email addresses)
92
+ - Time window of interest (commit date ranges, PR timestamps)
93
+ - Provided Indicators of Compromise: commit SHAs, file paths, package names, IP addresses, domains, API keys/tokens, malicious URLs
94
+ - Any linked vendor security reports or blog posts
95
+
96
+ **Tools**: Reasoning only, or `execute_code` for regex extraction from large text blocks.
97
+
98
+ **Output**: Populate `iocs.md` with extracted IOCs. Each IOC must have:
99
+ - Type (from: COMMIT_SHA, FILE_PATH, API_KEY, SECRET, IP_ADDRESS, DOMAIN, PACKAGE_NAME, ACTOR_USERNAME, MALICIOUS_URL, OTHER)
100
+ - Value
101
+ - Source (user-provided, inferred)
102
+
103
+ **Reference**: See [evidence-types.md](./references/evidence-types.md) for IOC taxonomy.
104
+
105
+ ---
106
+
107
+ ## Phase 2: Parallel Evidence Collection
108
+
109
+ Spawn up to 5 specialist investigator sub-agents using `delegate_task` (batch mode, max 3 concurrent). Each investigator has a **single data source** and must not mix sources.
110
+
111
+ > **Orchestrator note**: Pass the IOC list from Phase 1 and the investigation time window in the `context` field of each delegated task.
112
+
113
+ ---
114
+
115
+ ### Investigator 1: Local Git Investigator
116
+
117
+ **ROLE BOUNDARY**: You query the LOCAL GIT REPOSITORY ONLY. Do not call any external APIs.
118
+
119
+ **Actions**:
120
+ ```bash
121
+ # Clone repository
122
+ git clone https://github.com/OWNER/REPO.git target_repo && cd target_repo
123
+
124
+ # Full commit log with stats
125
+ git log --all --full-history --stat --format="%H|%ae|%an|%ai|%s" > ../git_log.txt
126
+
127
+ # Detect force-push evidence (orphaned/dangling commits)
128
+ git fsck --lost-found --unreachable 2>&1 | grep commit > ../dangling_commits.txt
129
+
130
+ # Check reflog for rewritten history
131
+ git reflog --all > ../reflog.txt
132
+
133
+ # List ALL branches including deleted remote refs
134
+ git branch -a -v > ../branches.txt
135
+
136
+ # Find suspicious large binary additions
137
+ git log --all --diff-filter=A --name-only --format="%H %ai" -- "*.so" "*.dll" "*.exe" "*.bin" > ../binary_additions.txt
138
+
139
+ # Check for GPG signature anomalies
140
+ git log --show-signature --format="%H %ai %aN" > ../signature_check.txt 2>&1
141
+ ```
142
+
143
+ **Evidence to collect** (add via `python3 SKILL_DIR/scripts/evidence-store.py add`):
144
+ - Each dangling commit SHA → type: `git`
145
+ - Force-push evidence (reflog showing history rewrite) → type: `git`
146
+ - Unsigned commits from verified contributors → type: `git`
147
+ - Suspicious binary file additions → type: `git`
148
+
149
+ **Reference**: See [recovery-techniques.md](./references/recovery-techniques.md) for accessing force-pushed commits.
150
+
151
+ ---
152
+
153
+ ### Investigator 2: GitHub API Investigator
154
+
155
+ **ROLE BOUNDARY**: You query the GITHUB REST API ONLY. Do not run git commands locally.
156
+
157
+ **Actions**:
158
+ ```bash
159
+ # Commits (paginated)
160
+ curl -s "https://api.github.com/repos/OWNER/REPO/commits?per_page=100" > api_commits.json
161
+
162
+ # Pull Requests including closed/deleted
163
+ curl -s "https://api.github.com/repos/OWNER/REPO/pulls?state=all&per_page=100" > api_prs.json
164
+
165
+ # Issues
166
+ curl -s "https://api.github.com/repos/OWNER/REPO/issues?state=all&per_page=100" > api_issues.json
167
+
168
+ # Contributors and collaborator changes
169
+ curl -s "https://api.github.com/repos/OWNER/REPO/contributors" > api_contributors.json
170
+
171
+ # Repository events (last 300)
172
+ curl -s "https://api.github.com/repos/OWNER/REPO/events?per_page=100" > api_events.json
173
+
174
+ # Check specific suspicious commit SHA details
175
+ curl -s "https://api.github.com/repos/OWNER/REPO/git/commits/SHA" > commit_detail.json
176
+
177
+ # Releases
178
+ curl -s "https://api.github.com/repos/OWNER/REPO/releases?per_page=100" > api_releases.json
179
+
180
+ # Check if a specific commit exists (force-pushed commits may 404 on commits/ but succeed on git/commits/)
181
+ curl -s "https://api.github.com/repos/OWNER/REPO/commits/SHA" | jq .sha
182
+ ```
183
+
184
+ **Cross-reference targets** (flag discrepancies as evidence):
185
+ - PR exists in archive but missing from API → evidence of deletion
186
+ - Contributor in archive events but not in contributors list → evidence of permission revocation
187
+ - Commit in archive PushEvents but not in API commit list → evidence of force-push/deletion
188
+
189
+ **Reference**: See [evidence-types.md](./references/evidence-types.md) for GH event types.
190
+
191
+ ---
192
+
193
+ ### Investigator 3: Wayback Machine Investigator
194
+
195
+ **ROLE BOUNDARY**: You query the WAYBACK MACHINE CDX API ONLY. Do not use the GitHub API.
196
+
197
+ **Goal**: Recover deleted GitHub pages (READMEs, issues, PRs, releases, wiki pages).
198
+
199
+ **Actions**:
200
+ ```bash
201
+ # Search for archived snapshots of the repo main page
202
+ curl -s "https://web.archive.org/cdx/search/cdx?url=github.com/OWNER/REPO&output=json&limit=100&from=YYYYMMDD&to=YYYYMMDD" > wayback_main.json
203
+
204
+ # Search for a specific deleted issue
205
+ curl -s "https://web.archive.org/cdx/search/cdx?url=github.com/OWNER/REPO/issues/NUM&output=json&limit=50" > wayback_issue_NUM.json
206
+
207
+ # Search for a specific deleted PR
208
+ curl -s "https://web.archive.org/cdx/search/cdx?url=github.com/OWNER/REPO/pull/NUM&output=json&limit=50" > wayback_pr_NUM.json
209
+
210
+ # Fetch the best snapshot of a page
211
+ # Use the Wayback Machine URL: https://web.archive.org/web/TIMESTAMP/ORIGINAL_URL
212
+ # Example: https://web.archive.org/web/20240101000000*/github.com/OWNER/REPO
213
+
214
+ # Advanced: Search for deleted releases/tags
215
+ curl -s "https://web.archive.org/cdx/search/cdx?url=github.com/OWNER/REPO/releases/tag/*&output=json" > wayback_tags.json
216
+
217
+ # Advanced: Search for historical wiki changes
218
+ curl -s "https://web.archive.org/cdx/search/cdx?url=github.com/OWNER/REPO/wiki/*&output=json" > wayback_wiki.json
219
+ ```
220
+
221
+ **Evidence to collect**:
222
+ - Archived snapshots of deleted issues/PRs with their content
223
+ - Historical README versions showing changes
224
+ - Evidence of content present in archive but missing from current GitHub state
225
+
226
+ **Reference**: See [github-archive-guide.md](./references/github-archive-guide.md) for CDX API parameters.
227
+
228
+ ---
229
+
230
+ ### Investigator 4: GH Archive / BigQuery Investigator
231
+
232
+ **ROLE BOUNDARY**: You query GITHUB ARCHIVE via BIGQUERY ONLY. This is a tamper-proof record of all public GitHub events.
233
+
234
+ > **Prerequisites**: Requires Google Cloud credentials with BigQuery access (`gcloud auth application-default login`). If unavailable, skip this investigator and note it in the report.
235
+
236
+ **Cost Optimization Rules** (MANDATORY):
237
+ 1. ALWAYS run a `--dry_run` before every query to estimate cost.
238
+ 2. Use `_TABLE_SUFFIX` to filter by date range and minimize scanned data.
239
+ 3. Only SELECT the columns you need.
240
+ 4. Add a LIMIT unless aggregating.
241
+
242
+ ```bash
243
+ # Template: safe BigQuery query for PushEvents to OWNER/REPO
244
+ bq query --use_legacy_sql=false --dry_run "
245
+ SELECT created_at, actor.login, payload.commits, payload.before, payload.head,
246
+ payload.size, payload.distinct_size
247
+ FROM \`githubarchive.month.*\`
248
+ WHERE _TABLE_SUFFIX BETWEEN 'YYYYMM' AND 'YYYYMM'
249
+ AND type = 'PushEvent'
250
+ AND repo.name = 'OWNER/REPO'
251
+ LIMIT 1000
252
+ "
253
+ # If cost is acceptable, re-run without --dry_run
254
+
255
+ # Detect force-pushes: zero-distinct_size PushEvents mean commits were force-erased
256
+ # payload.distinct_size = 0 AND payload.size > 0 → force push indicator
257
+
258
+ # Check for deleted branch events
259
+ bq query --use_legacy_sql=false "
260
+ SELECT created_at, actor.login, payload.ref, payload.ref_type
261
+ FROM \`githubarchive.month.*\`
262
+ WHERE _TABLE_SUFFIX BETWEEN 'YYYYMM' AND 'YYYYMM'
263
+ AND type = 'DeleteEvent'
264
+ AND repo.name = 'OWNER/REPO'
265
+ LIMIT 200
266
+ "
267
+ ```
268
+
269
+ **Evidence to collect**:
270
+ - Force-push events (payload.size > 0, payload.distinct_size = 0)
271
+ - DeleteEvents for branches/tags
272
+ - WorkflowRunEvents for suspicious CI/CD automation
273
+ - PushEvents that precede a "gap" in the git log (evidence of rewrite)
274
+
275
+ **Reference**: See [github-archive-guide.md](./references/github-archive-guide.md) for all 12 event types and query patterns.
276
+
277
+ ---
278
+
279
+ ### Investigator 5: IOC Enrichment Investigator
280
+
281
+ **ROLE BOUNDARY**: You enrich EXISTING IOCs from Phase 1 using passive public sources ONLY. Do not execute any code from the target repository.
282
+
283
+ **Actions**:
284
+ - For each commit SHA: attempt recovery via direct GitHub URL (`github.com/OWNER/REPO/commit/SHA.patch`)
285
+ - For each domain/IP: check passive DNS, WHOIS records (via `web_extract` on public WHOIS services)
286
+ - For each package name: check npm/PyPI for matching malicious package reports
287
+ - For each actor username: check GitHub profile, contribution history, account age
288
+ - Recover force-pushed commits using 3 methods (see [recovery-techniques.md](./references/recovery-techniques.md))
289
+
290
+ ---
291
+
292
+ ## Phase 3: Evidence Consolidation
293
+
294
+ After all investigators complete:
295
+
296
+ 1. Run `python3 SKILL_DIR/scripts/evidence-store.py --store evidence.json list` to see all collected evidence.
297
+ 2. For each piece of evidence, verify the `content_sha256` hash matches the original source.
298
+ 3. Group evidence by:
299
+ - **Timeline**: Sort all timestamped evidence chronologically
300
+ - **Actor**: Group by GitHub handle or email
301
+ - **IOC**: Link evidence to the IOC it relates to
302
+ 4. Identify **discrepancies**: items present in one source but absent in another (key deletion indicators).
303
+ 5. Flag evidence as `[VERIFIED]` (confirmed from 2+ independent sources) or `[UNVERIFIED]` (single source only).
304
+
305
+ ---
306
+
307
+ ## Phase 4: Hypothesis Formation
308
+
309
+ A hypothesis must:
310
+ - State a specific claim (e.g., "Actor X force-pushed to BRANCH on DATE to erase commit SHA")
311
+ - Cite at least 2 evidence IDs that support it (`EV-XXXX`, `EV-YYYY`)
312
+ - Identify what evidence would disprove it
313
+ - Be labeled `[HYPOTHESIS]` until validated
314
+
315
+ **Common hypothesis templates** (see [investigation-templates.md](./references/investigation-templates.md)):
316
+ - Maintainer Compromise: legitimate account used post-takeover to inject malicious code
317
+ - Dependency Confusion: package name squatting to intercept installs
318
+ - CI/CD Injection: malicious workflow changes to run code during builds
319
+ - Typosquatting: near-identical package name targeting misspellers
320
+ - Credential Leak: token/key accidentally committed then force-pushed to erase
321
+
322
+ For each hypothesis, spawn a `delegate_task` sub-agent to attempt to find disconfirming evidence before confirming.
323
+
324
+ ---
325
+
326
+ ## Phase 5: Hypothesis Validation
327
+
328
+ The validator sub-agent MUST mechanically check:
329
+
330
+ 1. For each hypothesis, extract all cited evidence IDs.
331
+ 2. Verify each ID exists in `evidence.json` (hard failure if any ID is missing → hypothesis rejected as potentially fabricated).
332
+ 3. Verify each `[VERIFIED]` piece of evidence was confirmed from 2+ sources.
333
+ 4. Check logical consistency: does the timeline depicted by the evidence support the hypothesis?
334
+ 5. Check for alternative explanations: could the same evidence pattern arise from a benign cause?
335
+
336
+ **Output**:
337
+ - `VALIDATED`: All evidence cited, verified, logically consistent, no plausible alternative explanation.
338
+ - `INCONCLUSIVE`: Evidence supports hypothesis but alternative explanations exist or evidence is insufficient.
339
+ - `REJECTED`: Missing evidence IDs, unverified evidence cited as fact, logical inconsistency detected.
340
+
341
+ Rejected hypotheses feed back into Phase 4 for refinement (max 3 iterations).
342
+
343
+ ---
344
+
345
+ ## Phase 6: Final Report Generation
346
+
347
+ Populate `investigation-report.md` using the template in [forensic-report.md](./templates/forensic-report.md).
348
+
349
+ **Mandatory sections**:
350
+ - Executive Summary: one-paragraph verdict (Compromised / Clean / Inconclusive) with confidence level
351
+ - Timeline: chronological reconstruction of all significant events with evidence citations
352
+ - Validated Hypotheses: each with status and supporting evidence IDs
353
+ - Evidence Registry: table of all `EV-XXXX` entries with source, type, and verification status
354
+ - IOC List: all extracted and enriched Indicators of Compromise
355
+ - Chain of Custody: how evidence was collected, from what sources, at what timestamps
356
+ - Recommendations: immediate mitigations if compromise detected; monitoring recommendations
357
+
358
+ **Report rules**:
359
+ - Every factual claim must have at least one `[EV-XXXX]` citation
360
+ - Executive Summary must state confidence level (High / Medium / Low)
361
+ - All secrets/credentials must be redacted to `[REDACTED]`
362
+
363
+ ---
364
+
365
+ ## Phase 7: Completion
366
+
367
+ 1. Run final evidence count: `python3 SKILL_DIR/scripts/evidence-store.py --store evidence.json list`
368
+ 2. Archive the full investigation directory.
369
+ 3. If compromise is confirmed:
370
+ - List immediate mitigations (rotate credentials, pin dependency hashes, notify affected users)
371
+ - Identify affected versions/packages
372
+ - Note disclosure obligations (if a public package: coordinate with the package registry)
373
+ 4. Present the final `investigation-report.md` to the user.
374
+
375
+ ---
376
+
377
+ ## Ethical Use Guidelines
378
+
379
+ This skill is designed for **defensive security investigation** — protecting open-source software from supply chain attacks. It must not be used for:
380
+
381
+ - **Harassment or stalking** of contributors or maintainers
382
+ - **Doxing** — correlating GitHub activity to real identities for malicious purposes
383
+ - **Competitive intelligence** — investigating proprietary or internal repositories without authorization
384
+ - **False accusations** — publishing investigation results without validated evidence (see anti-hallucination guardrails)
385
+
386
+ Investigations should be conducted with the principle of **minimal intrusion**: collect only the evidence necessary to validate or refute the hypothesis. When publishing results, follow responsible disclosure practices and coordinate with affected maintainers before public disclosure.
387
+
388
+ If the investigation reveals a genuine compromise, follow the coordinated vulnerability disclosure process:
389
+ 1. Notify the repository maintainers privately first
390
+ 2. Allow reasonable time for remediation (typically 90 days)
391
+ 3. Coordinate with package registries (npm, PyPI, etc.) if published packages are affected
392
+ 4. File a CVE if appropriate
393
+
394
+ ---
395
+
396
+ ## API Rate Limiting
397
+
398
+ GitHub REST API enforces rate limits that will interrupt large investigations if not managed.
399
+
400
+ **Authenticated requests**: 5,000/hour (requires `GITHUB_TOKEN` env var or `gh` CLI auth)
401
+ **Unauthenticated requests**: 60/hour (unusable for investigations)
402
+
403
+ **Best practices**:
404
+ - Always authenticate: `export GITHUB_TOKEN=ghp_...` or use `gh` CLI (auto-authenticates)
405
+ - Use conditional requests (`If-None-Match` / `If-Modified-Since` headers) to avoid consuming quota on unchanged data
406
+ - For paginated endpoints, fetch all pages in sequence — don't parallelize against the same endpoint
407
+ - Check `X-RateLimit-Remaining` header; if below 100, pause for `X-RateLimit-Reset` timestamp
408
+ - BigQuery has its own quotas (10 TiB/day free tier) — always dry-run first
409
+ - Wayback Machine CDX API: no formal rate limit, but be courteous (1-2 req/sec max)
410
+
411
+ If rate-limited mid-investigation, record the partial results in the evidence store and note the limitation in the report.
412
+
413
+ ---
414
+
415
+ ## Reference Materials
416
+
417
+ - [github-archive-guide.md](./references/github-archive-guide.md) — BigQuery queries, CDX API, 12 event types
418
+ - [evidence-types.md](./references/evidence-types.md) — IOC taxonomy, evidence source types, observation types
419
+ - [recovery-techniques.md](./references/recovery-techniques.md) — Recovering deleted commits, PRs, issues
420
+ - [investigation-templates.md](./references/investigation-templates.md) — Pre-built hypothesis templates per attack type
421
+ - [evidence-store.py](./scripts/evidence-store.py) — CLI tool for managing the evidence JSON store
422
+ - [forensic-report.md](./templates/forensic-report.md) — Structured report template
@@ -0,0 +1,89 @@
1
+ # Evidence Types Reference
2
+
3
+ Taxonomy of all evidence types, IOC types, GitHub event types, and observation types
4
+ used in OSS forensic investigations.
5
+
6
+ ---
7
+
8
+ ## Evidence Source Types
9
+
10
+ | Type | Description | Example Sources |
11
+ |------|-------------|-----------------|
12
+ | `git` | Data from local git repository analysis | `git log`, `git fsck`, `git reflog`, `git blame` |
13
+ | `gh_api` | Data from GitHub REST API responses | `/repos/.../commits`, `/repos/.../pulls`, `/repos/.../events` |
14
+ | `gh_archive` | Data from GitHub Archive (BigQuery) | `githubarchive.month.*` BigQuery tables |
15
+ | `web_archive` | Archived web pages from Wayback Machine | CDX API results, `web.archive.org/web/...` snapshots |
16
+ | `ioc` | Indicator of Compromise from any source | Extracted from vendor reports, git history, network traces |
17
+ | `analysis` | Derived insight from cross-source correlation | "SHA present in archive but absent from API" |
18
+ | `vendor_report` | External security vendor or researcher report | CVE advisories, blog posts, NVD records |
19
+ | `manual` | Manually recorded observation by investigator | Notes on behavioral patterns, timeline gaps |
20
+
21
+ ---
22
+
23
+ ## IOC Types
24
+
25
+ | Type | Description | Example |
26
+ |------|-------------|---------|
27
+ | `COMMIT_SHA` | A git commit hash linked to malicious activity | `abc123def456...` |
28
+ | `FILE_PATH` | A suspicious file inside the repository | `src/utils/crypto.js`, `dist/index.min.js` |
29
+ | `API_KEY` | An API key accidentally committed | `AKIA...` (AWS), `ghp_...` (GitHub PAT) |
30
+ | `SECRET` | A generic secret / credential | Database password, private key blob |
31
+ | `IP_ADDRESS` | A C2 server or attacker IP | `192.0.2.1` |
32
+ | `DOMAIN` | A malicious or suspicious domain | `evil-cdn.io`, typosquatted package registry domain |
33
+ | `PACKAGE_NAME` | A malicious or squatted package name | `colo-rs` (typosquatting `color`), `lodash-utils` |
34
+ | `ACTOR_USERNAME` | A GitHub handle linked to the attack | `malicious-bot-account` |
35
+ | `MALICIOUS_URL` | A URL to a malicious resource | `https://evil.example.com/payload.sh` |
36
+ | `WORKFLOW_FILE` | A suspicious CI/CD workflow file | `.github/workflows/release.yml` |
37
+ | `BRANCH_NAME` | A suspicious branch | `refs/heads/temp-fix-do-not-merge` |
38
+ | `TAG_NAME` | A suspicious git tag | `v1.0.0-security-patch` |
39
+ | `RELEASE_NAME` | A suspicious release | Release with no associated tag or changelog |
40
+ | `OTHER` | Catch-all for unclassified IOCs | — |
41
+
42
+ ---
43
+
44
+ ## GitHub Archive Event Types (12 Types)
45
+
46
+ | Event Type | Forensic Relevance |
47
+ |------------|-------------------|
48
+ | `PushEvent` | Core: `payload.distinct_size=0` with `payload.size>0` → force push. `payload.before`/`payload.head` shows rewritten history. |
49
+ | `PullRequestEvent` | Detects deleted PRs, rapid open→close patterns, PRs from new accounts |
50
+ | `IssueEvent` | Detects deleted issues, coordinated labeling, rapid closure of vulnerability reports |
51
+ | `IssueCommentEvent` | Deleted comments, rapid activity bursts |
52
+ | `WatchEvent` | Star-farming campaigns (coordinated starring from new accounts) |
53
+ | `ForkEvent` | Unusual fork patterns before malicious commit |
54
+ | `CreateEvent` | Branch/tag creation: signals new release or code injection point |
55
+ | `DeleteEvent` | Branch/tag deletion: critical — often used to hide traces |
56
+ | `ReleaseEvent` | Unauthorized releases, release artifacts modified post-publish |
57
+ | `MemberEvent` | Collaborator added/removed: maintainer compromise indicator |
58
+ | `PublicEvent` | Repository made public (sometimes to drop malicious code briefly) |
59
+ | `WorkflowRunEvent` | CI/CD pipeline executions: workflow injection, secret exfiltration |
60
+
61
+ ---
62
+
63
+ ## Evidence Verification States
64
+
65
+ | State | Meaning |
66
+ |-------|---------|
67
+ | `unverified` | Collected from a single source, not cross-referenced |
68
+ | `single_source` | The primary source has been confirmed directly (e.g., SHA resolves on GitHub), but no second source |
69
+ | `multi_source_verified` | Confirmed from 2+ independent sources (e.g., GH Archive AND GitHub API both show the same event) |
70
+
71
+ Only `multi_source_verified` evidence may be cited as fact in validated hypotheses.
72
+ `unverified` and `single_source` evidence must be labeled `[UNVERIFIED]` or `[SINGLE-SOURCE]`.
73
+
74
+ ---
75
+
76
+ ## Observation Types (Patterned after RAPTOR)
77
+
78
+ | Type | Description |
79
+ |------|-------------|
80
+ | `CommitObservation` | Specific commit SHA with metadata (author, date, files changed) |
81
+ | `ForceWashObservation` | Evidence that commits were force-erased from a branch |
82
+ | `DanglingCommitObservation` | SHA present in git object store but unreachable from any ref |
83
+ | `IssueObservation` | A GitHub issue (current or archived) with title, body, timestamp |
84
+ | `PRObservation` | A GitHub PR (current or archived) with diff summary, reviewers |
85
+ | `IOC` | A single Indicator of Compromise with context |
86
+ | `TimelineGap` | A period with unusual absence of expected activity |
87
+ | `ActorAnomalyObservation` | Behavioral anomaly for a specific GitHub actor |
88
+ | `WorkflowAnomalyObservation` | Suspicious CI/CD workflow change or unexpected run |
89
+ | `CrossSourceDiscrepancy` | Item present in one source but absent in another (strong deletion indicator) |