oh-my-customcode 0.31.0 → 0.31.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "oh-my-customcode",
-  "version": "0.31.0",
+  "version": "0.31.1",
   "description": "Batteries-included agent harness for Claude Code",
   "type": "module",
   "bin": {

package/templates/.claude/agents/lang-golang-expert.md

@@ -4,6 +4,7 @@ description: Expert Go developer for writing idiomatic, performant Go code. Use
 model: sonnet
 memory: project
 effort: high
+soul: true
 skills:
   - go-best-practices
 tools:

package/templates/.claude/agents/souls/lang-golang-expert.soul.md

@@ -0,0 +1,21 @@
+---
+agent: lang-golang-expert
+version: 1.0.0
+---
+
+## Personality
+- Direct and concise — lead with the answer, explain after
+- Always provide runnable code examples, never pseudo-code
+- Treat Go idioms as non-negotiable (Effective Go is gospel)
+
+## Style
+- Error handling first — check errors before happy path
+- Prefer stdlib over third-party when possible
+- Name variables for clarity, not brevity (userCount > uc)
+- Use table-driven tests as default test pattern
+
+## Anti-patterns
+- Never use interface{}/any without a compelling reason
+- Avoid init() functions — explicit initialization preferred
+- No global mutable state
+- Avoid premature abstraction — 3 concrete cases before extracting

package/templates/.claude/agents/sys-memory-keeper.md

@@ -1,6 +1,6 @@
 ---
 name: sys-memory-keeper
-description: Use when you need to manage session memory persistence using claude-mem, save context before compaction, restore context on session start, query past memories, or perform session-end dual-system auto-save
+description: Use when you need to manage session memory persistence via native auto-memory, save context before compaction, restore context on session start, collect session summaries, or perform session-end memory operations
 model: sonnet
 memory: project
 effort: medium
@@ -47,12 +47,19 @@ Provider: claude-mem | Collection: claude_memories | Archive: ~/.claude-mem/arch
 When triggered by session-end signal from orchestrator:
 
 1. **Collect** session summary: completed tasks, key decisions, open items
-2. **Save to claude-mem** (if available): `mcp__plugin_claude-mem_mcp-search__save_memory` with project name, session date, and summary
-3. **Verify episodic-memory** (if available): `mcp__plugin_episodic-memory_episodic-memory__search` to confirm session is indexed
-4. **Report** results to orchestrator: saved/skipped/failed per system
+2. **Extract behaviors**: analyze conversation for repeated user preferences
+   - Communication patterns (verbosity, format, language preferences)
+   - Workflow patterns (tool usage, review habits, branching conventions)
+   - Domain priorities (security-first, performance-first, etc.)
+   - New behaviors → `[confidence: low]` in `## Behaviors` section
+   - Existing behaviors observed again → promote confidence level
+   - Contradicted behaviors → flag for review or demote
+3. **Update native auto-memory** (MEMORY.md) with session learnings + behaviors
+4. **Return formatted summary** to orchestrator for MCP persistence (claude-mem, episodic-memory)
+
+> **Note**: MCP tools (claude-mem, episodic-memory) are orchestrator-scoped and cannot be called from subagents. The orchestrator handles MCP saves directly after receiving the formatted summary.
 
 ### Failure Handling
 
-- claude-mem unavailable → skip, report warning
-- episodic-memory unavailable → skip, report warning
-- Both unavailable → warn orchestrator, do not block session end
+- MEMORY.md update failure → report error to orchestrator
+- MCP persistence is orchestrator's responsibility — not handled here

package/templates/.claude/rules/MUST-agent-design.md

@@ -30,6 +30,7 @@ escalation:              # Model escalation policy (optional)
   enabled: true          # Enable auto-escalation advisory
   path: haiku → sonnet → opus  # Escalation sequence
   threshold: 2           # Failures before advisory
+soul: true                 # Enable SOUL.md identity injection
 isolation: worktree        # Run in isolated git worktree
 background: true           # Run in background
 maxTurns: 10               # Max conversation turns
@@ -64,6 +65,54 @@ When `escalation.enabled: true`, the model-escalation hooks will track outcomes
 
 When enabled: first 200 lines of MEMORY.md loaded into system prompt.
 
+## Soul Identity
+
+Optional per-agent identity layer that separates personality/style from capabilities.
+
+| Aspect | Location | Purpose |
+|--------|----------|---------|
+| Capabilities | `.claude/agents/{name}.md` | WHAT the agent does |
+| Identity | `.claude/agents/souls/{name}.soul.md` | HOW the agent communicates |
+
+### Soul File Format
+
+Location: `.claude/agents/souls/{name}.soul.md`
+
+```yaml
+---
+agent: {agent-name}        # Must match agent filename
+version: 1.0.0
+---
+```
+
+Sections: `## Personality`, `## Style`, `## Anti-patterns`
+
+### Activation
+
+1. Agent frontmatter includes `soul: true`
+2. Routing skill reads `souls/{name}.soul.md` at spawn time (Step 5)
+3. Soul content prepended to agent prompt as identity context
+4. Missing soul file → graceful fallback (no error)
+
+### Precedence
+
+Behavioral memory observations (R011) override soul defaults when they conflict. Behaviors are user-specific; souls are template defaults.
+
+## Artifact Output Convention
+
+Skills that produce significant output can persist results to local storage.
+
+**Location**: `.claude/outputs/sessions/{YYYY-MM-DD}/{skill-name}-{HHmmss}.md`
+
+**Format**: Metadata header with `skill`, `date`, `query` fields, followed by skill output content.
+
+**Rules**:
+- Opt-in per skill — not mandatory
+- The final subagent in the skill's pipeline writes the artifact (R010 compliance)
+- Skills create the directory (`mkdir -p`) before writing
+- `.claude/outputs/` is git-untracked (under `.claude/` gitignore)
+- No indexing required — date-based directory browsing is sufficient
+
 ## Separation of Concerns
 
 | Location | Purpose | Contains |
@@ -74,6 +123,42 @@ When enabled: first 200 lines of MEMORY.md loaded into system prompt.
 
 Agent body: purpose, capabilities overview, workflow. NOT detailed instructions or reference docs.
 
+## Skill Frontmatter
+
+Location: `.claude/skills/{name}/SKILL.md`
+
+### Required Fields
+
+```yaml
+name: skill-name           # Unique identifier (kebab-case)
+description: Brief desc    # One-line summary
+```
+
+### Optional Fields
+
+```yaml
+context: fork              # Forked context for isolated execution
+version: 1.0.0             # Semantic version
+user-invocable: false      # Whether user can invoke directly
+disable-model-invocation: true  # Prevent model from auto-invoking
+```
+
+### Context Fork Criteria
+
+Use `context: fork` for skills that orchestrate multi-agent workflows. Cap at **10 total** across the project.
+
+| Use `context: fork` | Do NOT use `context: fork` |
+|---------------------|---------------------------|
+| Routing skills (secretary, dev-lead, etc.) | Best-practices skills |
+| Workflow orchestration (DAG, pipelines) | Hook/command skills |
+| Multi-agent coordination patterns | Single-agent reference skills |
+| Task decomposition/planning | External tool integrations |
+
+Current skills with `context: fork` (8/10 cap):
+- secretary-routing, dev-lead-routing, de-lead-routing, qa-lead-routing
+- dag-orchestration, task-decomposition, worker-reviewer-pipeline
+- pipeline-guards
+
 ## Naming
 
 | Type | Pattern | Example |

package/templates/.claude/rules/SHOULD-memory-integration.md

@@ -71,6 +71,58 @@ Memory entries in MEMORY.md should include confidence annotations to distinguish
 [any] → contradicted by evidence → demoted or removed
 ```
 
+## Behavioral Memory
+
+MEMORY.md supports an optional `## Behaviors` section for tracking user interaction preferences and workflow patterns.
+
+### Behaviors Section Format
+
+```markdown
+## Behaviors [confidence: medium]
+- User prefers concise responses — 3 sentences max
+- Commit messages always include issue number
+- Security-first review perspective
+
+## Behavior Lifecycle
+- New observation → [confidence: low]
+- Seen in 2+ sessions → [confidence: medium]
+- User-confirmed → [confidence: high]
+- Contradicted → demote or remove
+```
+
+### What Counts as a Behavior
+
+| Category | Examples |
+|----------|---------|
+| Communication | Verbosity preference, language, format |
+| Workflow | Tool preferences, review habits, branching patterns |
+| Domain priority | Security-first, performance-first, simplicity-first |
+
+### What Does NOT Count as a Behavior
+
+- Facts about the codebase (use existing sections)
+- One-time instructions (ephemeral, not persistent)
+- Tool configuration (belongs in CLAUDE.md or settings)
+
+### Extraction Guidelines
+
+sys-memory-keeper extracts behavioral patterns at session end:
+1. Analyze conversation for repeated user preferences
+2. New behaviors start at `[confidence: low]`
+3. Promote on repeated observation across sessions
+4. Demote or remove when contradicted
+
+### Budget Management
+
+Behaviors share the 200-line MEMORY.md budget with facts. When approaching the limit:
+1. Prune `[confidence: low]` behaviors first
+2. Then prune `[confidence: medium]` behaviors
+3. `[confidence: high]` behaviors are never auto-pruned
+
+### Precedence
+
+Behavioral memory observations override soul defaults (R006 Soul Identity) when they conflict. Behaviors are user-specific and session-derived; souls are template defaults.
+
 ### Rules
 
 | Rule | Detail |

package/templates/.claude/skills/de-lead-routing/SKILL.md

@@ -73,6 +73,29 @@ For **new pipeline code**, **DAG scaffolding**, or **SQL model generation**:
 ### Step 3: Expert Selection
 Route to appropriate DE expert based on tool/framework detection.
 
+### Step 4: Ontology-RAG Enrichment (R019)
+
+After agent selection, enrich the spawned agent's prompt with ontology context:
+
+1. Call `get_agent_for_task(original_query)` via MCP
+2. Extract `suggested_skills` from response
+3. If `suggested_skills` non-empty, prepend to spawned agent prompt:
+   `"Ontology context suggests these skills may be relevant: {suggested_skills}"`
+4. On MCP failure: skip silently, proceed with unmodified prompt
+
+**This step is advisory only — it never changes which agent is selected.**
+
+### Step 5: Soul Injection
+
+If the selected agent has `soul: true` in its frontmatter:
+
+1. Read `.claude/agents/souls/{agent-name}.soul.md`
+2. If file exists, prepend soul content to the agent's prompt:
+   `"Identity context:\n{soul content}\n\n---\n\n"`
+3. If file doesn't exist → skip silently (no error, no injection)
+
+**This step runs after ontology-RAG enrichment. Soul content is identity context, not capability instructions.**
+
 ## Command Routing
 
 ```
@@ -262,7 +285,7 @@ Delegate to mgr-creator with context:
   keywords: extracted tool names
   file_patterns: detected config patterns
   skills: auto-discover from .claude/skills/
-  guides: auto-discover from guides/
+  guides: auto-discover from templates/guides/
 ```
 
 **Examples of dynamic creation triggers:**

package/templates/.claude/skills/dev-lead-routing/SKILL.md

@@ -107,6 +107,29 @@ For **new file creation**, **boilerplate**, or **test code generation**:
 ### Step 3: Expert Agent Selection
 Route to appropriate language/framework expert based on file extension and keyword mapping.
 
+### Step 4: Ontology-RAG Enrichment (R019)
+
+After agent selection, enrich the spawned agent's prompt with ontology context:
+
+1. Call `get_agent_for_task(original_query)` via MCP
+2. Extract `suggested_skills` from response
+3. If `suggested_skills` non-empty, prepend to spawned agent prompt:
+   `"Ontology context suggests these skills may be relevant: {suggested_skills}"`
+4. On MCP failure: skip silently, proceed with unmodified prompt
+
+**This step is advisory only — it never changes which agent is selected.**
+
+### Step 5: Soul Injection
+
+If the selected agent has `soul: true` in its frontmatter:
+
+1. Read `.claude/agents/souls/{agent-name}.soul.md`
+2. If file exists, prepend soul content to the agent's prompt:
+   `"Identity context:\n{soul content}\n\n---\n\n"`
+3. If file doesn't exist → skip silently (no error, no injection)
+
+**This step runs after ontology-RAG enrichment. Soul content is identity context, not capability instructions.**
+
 ## Routing Rules
 
 Multi-language: detect all languages, route to parallel experts (max 4). Single-language: route to matching expert. Cross-layer (frontend + backend): multiple experts in parallel.
@@ -126,7 +149,7 @@ Delegate to mgr-creator with context:
   keywords: extracted from user input
   file_patterns: detected extensions
   skills: auto-discover from .claude/skills/
-  guides: auto-discover from guides/
+  guides: auto-discover from templates/guides/
 ```
 
 **Examples of dynamic creation triggers:**

package/templates/.claude/skills/dev-review/SKILL.md

@@ -32,6 +32,19 @@ Review code for best practices using language-specific expert agents.
 4. Analyze code against best practices
 5. Generate review report
 ```
+6. **Artifact persistence** (optional): Review agent saves findings to:
+   ```
+   .claude/outputs/sessions/{YYYY-MM-DD}/dev-review-{HHmmss}.md
+   ```
+   With metadata header:
+   ```markdown
+   ---
+   skill: dev-review
+   date: {ISO-8601 with timezone}
+   query: "{original user query}"
+   ---
+   ```
+   The review agent creates the directory and writes the artifact before returning results (R010 compliance).
 
 ## Agent Selection
 

package/templates/.claude/skills/qa-lead-routing/SKILL.md

@@ -44,6 +44,29 @@ quality_analysis   → qa-planner + qa-engineer (parallel)
 full_qa_cycle      → all agents (sequential)
 ```
 
+### Ontology-RAG Enrichment (R019)
+
+After agent selection, enrich the spawned agent's prompt with ontology context:
+
+1. Call `get_agent_for_task(original_query)` via MCP
+2. Extract `suggested_skills` from response
+3. If `suggested_skills` non-empty, prepend to spawned agent prompt:
+   `"Ontology context suggests these skills may be relevant: {suggested_skills}"`
+4. On MCP failure: skip silently, proceed with unmodified prompt
+
+**This step is advisory only — it never changes which agent is selected.**
+
+### Step 5: Soul Injection
+
+If the selected agent has `soul: true` in its frontmatter:
+
+1. Read `.claude/agents/souls/{agent-name}.soul.md`
+2. If file exists, prepend soul content to the agent's prompt:
+   `"Identity context:\n{soul content}\n\n---\n\n"`
+3. If file doesn't exist → skip silently (no error, no injection)
+
+**This step runs after ontology-RAG enrichment. Soul content is identity context, not capability instructions.**
+
 ## Routing Rules
 
 ### 1. Test Planning
@@ -293,7 +316,7 @@ Delegate to mgr-creator with context:
   type: qa-engineer
   keywords: extracted testing terms
   skills: auto-discover from .claude/skills/
-  guides: auto-discover from guides/
+  guides: auto-discover from templates/guides/
 ```
 
 **Examples of dynamic creation triggers:**

package/templates/.claude/skills/research/SKILL.md

@@ -45,7 +45,7 @@ Batch 2: T5, T6, T7, T8    (Integration + Comparative)
 Batch 3: T9, T10            (Innovation)
 ```
 
-### Phase 2: Cross-Verification Loop (min 2, max 5 rounds)
+### Phase 2: Cross-Verification Loop (min 2, max 30 rounds)
 
 ```
 Team findings ──→ opus 4.6 verification ──→ codex-exec xhigh verification
@@ -60,7 +60,7 @@ Each round:
 3. **Contradiction resolution**: Reconcile divergent findings between teams and verifiers
 4. **Convergence check**: All major claims verified with no outstanding contradictions → proceed
 
-Convergence expected by round 3. Hard stop at round 5.
+Convergence expected by round 3. Hard stop at round 30.
 
 ### Phase 3: Synthesis
 
@@ -71,8 +71,21 @@ Convergence expected by round 3. Hard stop at round 5.
 ### Phase 4: Output
 
 1. Structured markdown report (see Output Format below)
-2. GitHub issue auto-created with findings
-3. Action items with effort estimates
+2. **Artifact persistence**: The Phase 4 synthesis agent (opus) writes the report to:
+   ```
+   .claude/outputs/sessions/{YYYY-MM-DD}/research-{HHmmss}.md
+   ```
+   With metadata header:
+   ```markdown
+   ---
+   skill: research
+   date: {ISO-8601 with timezone}
+   query: "{original user query}"
+   ---
+   ```
+   The agent creates the directory (`mkdir -p`) before writing. This is a subagent operation (R010 compliance).
+3. GitHub issue auto-created with findings
+4. Action items with effort estimates
 
 ## Execution Rules
 

package/templates/.claude/skills/secretary-routing/SKILL.md

@@ -53,6 +53,29 @@ todo     → sys-naggy
 batch    → multiple (parallel)
 ```
 
+### Ontology-RAG Enrichment (R019)
+
+After agent selection, enrich the spawned agent's prompt with ontology context:
+
+1. Call `get_agent_for_task(original_query)` via MCP
+2. Extract `suggested_skills` from response
+3. If `suggested_skills` non-empty, prepend to spawned agent prompt:
+   `"Ontology context suggests these skills may be relevant: {suggested_skills}"`
+4. On MCP failure: skip silently, proceed with unmodified prompt
+
+**This step is advisory only — it never changes which agent is selected.**
+
+### Step 5: Soul Injection
+
+If the selected agent has `soul: true` in its frontmatter:
+
+1. Read `.claude/agents/souls/{agent-name}.soul.md`
+2. If file exists, prepend soul content to the agent's prompt:
+   `"Identity context:\n{soul content}\n\n---\n\n"`
+3. If file doesn't exist → skip silently (no error, no injection)
+
+**This step runs after ontology-RAG enrichment. Soul content is identity context, not capability instructions.**
+
 ## Routing Rules
 
 ### 1. Single Task Routing

package/templates/CLAUDE.md.en

@@ -186,7 +186,7 @@ project/
 |   +-- rules/                   # Global rules (R000-R018)
 |   +-- hooks/                   # Hook scripts (memory, HUD)
 |   +-- contexts/                # Context files (ecomode)
-+-- guides/                      # Reference docs (23 topics)
++-- guides/                      # Reference docs (25 topics)
 ```
 
 ## Orchestration

package/templates/CLAUDE.md.ko

@@ -186,7 +186,7 @@ project/
 |   +-- rules/                   # 전역 규칙 (R000-R018)
 |   +-- hooks/                   # 훅 스크립트 (메모리, HUD)
 |   +-- contexts/                # 컨텍스트 파일 (ecomode)
-+-- guides/                      # 레퍼런스 문서 (23 토픽)
++-- guides/                      # 레퍼런스 문서 (25 토픽)
 ```
 
 ## 오케스트레이션

package/templates/guides/flutter/security.md

@@ -0,0 +1,120 @@
+# Flutter Security Guide
+
+> Reference: OWASP Mobile Top 10 (2024), Flutter Official Documentation
+
+## OWASP Mobile Top 10 Mapping
+
+### M1 — Improper Credential Usage
+
+- Never hardcode API keys, tokens, or credentials in source code
+- Backend proxy pattern: route ALL sensitive API calls through server
+- `--dart-define-from-file=.env` is for NON-SECRET build config only (values are extractable from binary)
+- Credential rotation: implement token refresh with `dio` interceptor
+- OAuth2 flow: use `flutter_appauth` for PKCE-based authentication
+
+### M2 — Inadequate Supply Chain Security
+
+- Run `dart pub audit` before every release to check for known vulnerabilities
+- Pin exact versions in `pubspec.yaml` for production (`package: 1.2.3` not `package: ^1.2.3`)
+- Verify package publisher on pub.dev (look for verified publisher badge)
+- Review transitive dependencies: `dart pub deps --style=compact`
+- Avoid packages with no recent updates (> 12 months without commits)
+
+### M3 — Insecure Authentication/Authorization
+
+- Biometric authentication: `local_auth` package with `BiometricType.fingerprint` / `BiometricType.face`
+- Session management: implement token expiry checking before API calls
+- JWT client-side validation: verify `exp`, `aud`, `iss` claims before using tokens
+- Re-authentication: require biometric/PIN for sensitive operations (payment, profile changes)
+- Deep link auth: validate authentication state before processing deep link navigation
+
+### M4 — Insufficient Input/Output Validation
+
+- Validate ALL deep link URI parameters with RegExp allowlists
+- Sanitize user input before displaying in WebView (`flutter_inappwebview`)
+- Use `Uri.parse()` with try-catch, never trust raw string URLs
+- Output encoding: escape HTML entities when rendering user content
+- Form validation: use `TextFormField` validators, never trust client-side validation alone
+
+### M5 — Insecure Communication
+
+- Certificate pinning (SPKI): use `dio` with custom `SecurityContext`
+- Extract SPKI hash: `openssl s_client -connect host:443 | openssl x509 -pubkey | openssl pkey -pubin -outform DER | openssl dgst -sha256 -binary | base64`
+- Include backup pins for certificate rotation
+- Android: `network_security_config.xml` with `cleartextTrafficPermitted=false`
+- iOS: ATS enabled (`NSAllowsArbitraryLoads=false`), never override in production
+
+### M6 — Inadequate Privacy Controls
+
+- Request minimum platform permissions (camera, location, contacts)
+- iOS: provide usage description strings in Info.plist for every permission
+- Android: use runtime permissions, respect "Don't ask again"
+- Data minimization: only collect and store data that is necessary
+- GDPR/CCPA: implement data export and deletion capabilities
+
+### M7 — Insufficient Binary Protections
+
+- Release builds: `flutter build --obfuscate --split-debug-info=debug-info/`
+- Store debug symbols securely for crash reporting (Crashlytics, Sentry)
+- Android ProGuard: configure `android/app/proguard-rules.pro`
+- Note: `--obfuscate` does NOT apply to `flutter build web` (JS minification is the web equivalent)
+- Anti-tampering: consider `flutter_jailbreak_detection` for integrity checks
+
+### M8 — Security Misconfiguration
+
+- Android: set `android:debuggable="false"` in release manifest
+- Android: set `android:allowBackup="false"` to prevent ADB data extraction
+- iOS: enable data protection with `NSFileProtectionComplete`
+- Remove all debug logging in release: guard with `kDebugMode`
+- Firebase: secure `google-services.json` / `GoogleService-Info.plist` (add to .gitignore)
+
+### M9 — Insecure Data Storage
+
+- Sensitive data: `flutter_secure_storage` v10+ (iOS Keychain / Android EncryptedSharedPreferences)
+- iOS: `IOSOptions(accessibility: KeychainAccessibility.first_unlock_this_device)`
+- Android: `AndroidOptions(encryptedSharedPreferences: true)`
+- Web WARNING: `flutter_secure_storage` uses localStorage on Web (XSS vulnerable) — use HttpOnly cookies or in-memory storage
+- Never use `SharedPreferences` for tokens, PII, or credentials
+- Screenshot protection: Android `FLAG_SECURE` via `flutter_windowmanager`
+
+### M10 — Insufficient Cryptography
+
+- Use `pointycastle` or `cryptography` package for custom crypto operations
+- Avoid: MD5, SHA-1, DES, ECB mode, hardcoded IVs/keys
+- Prefer: AES-256-GCM for symmetric, RSA-OAEP or ECDSA for asymmetric
+- Key storage: always delegate to platform Keychain/Keystore, never store in app data
+- Random number generation: use `Random.secure()` for security-sensitive values
+
+## Platform-Specific Security
+
+### iOS
+
+- Keychain with Secure Enclave: `IOSOptions(useSecureEnclave: true)` for high-value data
+- ATS enforcement: never add `NSAllowsArbitraryLoads` exception for production
+- Jailbreak detection: `flutter_jailbreak_detection` package
+
+### Android
+
+- Keystore-backed encryption via `EncryptedSharedPreferences`
+- Network security config: pin certificates, block cleartext
+- Root detection: `flutter_jailbreak_detection` or `safe_device`
+- `allowBackup=false` in AndroidManifest.xml
+
+### Web
+
+- CSP headers: configure on the server hosting Flutter web app
+- Avoid storing sensitive data in localStorage or sessionStorage
+- Use HttpOnly, Secure, SameSite cookies for authentication tokens
+- XSS prevention: sanitize all user-generated content before rendering
+
+## Package Recommendations
+
+| Category | Package | Notes |
+|----------|---------|-------|
+| Secure Storage | `flutter_secure_storage` | Keychain/Keystore, v10+; Web: localStorage (XSS risk) |
+| OAuth2 / PKCE | `flutter_appauth` | PKCE-based auth flows |
+| Biometrics | `local_auth` | Fingerprint, Face ID |
+| HTTP (pinning) | `dio` | Custom `SecurityContext` for certificate pinning |
+| Crypto | `cryptography` | AES-GCM, RSA-OAEP, ECDSA |
+| Integrity check | `flutter_jailbreak_detection` | Root/jailbreak detection |
+| Screenshot protect | `flutter_windowmanager` | Android `FLAG_SECURE` |

package/templates/manifest.json

@@ -1,5 +1,5 @@
 {
-  "version": "0.31.0",
+  "version": "0.31.1",
   "lastUpdated": "2026-03-09T00:00:00.000Z",
   "components": [
     {