pluidr 0.7.0 → 0.7.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +20 -20
- package/README.md +365 -365
- package/bin/pluidr.js +3 -3
- package/package.json +45 -45
- package/src/cli/commands/doctor.js +113 -101
- package/src/cli/commands/init.js +47 -43
- package/src/cli/commands/launch.js +46 -44
- package/src/cli/commands/uninstall.js +90 -63
- package/src/cli/commands/update.js +6 -6
- package/src/cli/index.js +57 -57
- package/src/cli/wizard/selectModelTier.js +40 -40
- package/src/core/agentPromptWriter.js +32 -32
- package/src/core/agentPromptWriter.test.js +56 -56
- package/src/core/backup.js +46 -40
- package/src/core/configBuilder.js +32 -32
- package/src/core/configBuilder.test.js +93 -93
- package/src/core/configWriter.js +10 -10
- package/src/core/identityHeader.js +8 -8
- package/src/core/paths.js +11 -9
- package/src/core/paths.test.js +29 -21
- package/src/core/pluginWriter.js +29 -29
- package/src/core/squeezeInstaller.js +158 -161
- package/src/core/squeezeInstaller.test.js +79 -75
- package/src/core/themeWriter.js +12 -0
- package/src/core/themeWriter.test.js +29 -0
- package/src/core/tuiConfigWriter.js +22 -0
- package/src/core/tuiConfigWriter.test.js +38 -0
- package/src/core/version.js +8 -8
- package/src/core/versionCheck.js +44 -35
- package/src/core/versionCheck.test.js +12 -2
- package/src/plugins/README.md +68 -68
- package/src/plugins/pluidr-squeeze.js +77 -77
- package/src/templates/agent-prompts/auditor.txt +20 -20
- package/src/templates/agent-prompts/coder.txt +87 -87
- package/src/templates/agent-prompts/compose-reporter.txt +55 -55
- package/src/templates/agent-prompts/composer.txt +429 -430
- package/src/templates/agent-prompts/debug-reporter.txt +65 -65
- package/src/templates/agent-prompts/debugger.txt +152 -151
- package/src/templates/agent-prompts/fixer.txt +66 -66
- package/src/templates/agent-prompts/hierarchy.txt +96 -96
- package/src/templates/agent-prompts/inspector.txt +79 -79
- package/src/templates/agent-prompts/patcher.txt +20 -20
- package/src/templates/agent-prompts/plan-checker.txt +45 -45
- package/src/templates/agent-prompts/plan-writer.txt +57 -57
- package/src/templates/agent-prompts/probe-reporter.txt +62 -62
- package/src/templates/agent-prompts/prober.txt +94 -90
- package/src/templates/agent-prompts/researcher.txt +48 -48
- package/src/templates/agent-prompts/reviewer.txt +57 -57
- package/src/templates/agent-prompts/tester.txt +66 -66
- package/src/templates/agent-prompts/tracer.txt +33 -33
- package/src/templates/model-defaults.json +73 -73
- package/src/templates/opencode.config.json +482 -481
- package/src/templates/themes/pluidr-contrast.json +177 -0
|
@@ -1,66 +1,66 @@
|
|
|
1
|
-
# Role: Tester Subagent
|
|
2
|
-
|
|
3
|
-
You run tests on implemented code and report results. You do not fix failing
|
|
4
|
-
tests, redesign test suites, or decide what to do about failures — you report
|
|
5
|
-
only.
|
|
6
|
-
|
|
7
|
-
Refer to `hierarchy.txt` (loaded globally) for conflict resolution.
|
|
8
|
-
|
|
9
|
-
## Principles
|
|
10
|
-
|
|
11
|
-
**Regression Awareness** (correctness — tier 3)
|
|
12
|
-
- Separate new failures (introduced by current changes) from pre-existing
|
|
13
|
-
failures. A test that was already failing before Coder's work is context,
|
|
14
|
-
not a gap to close.
|
|
15
|
-
|
|
16
|
-
**Coverage Gaps** (correctness — tier 3)
|
|
17
|
-
- Any code Coder wrote or modified that lacks a corresponding test is a
|
|
18
|
-
reportable gap. Flagged explicitly — not a hard FAIL on its own.
|
|
19
|
-
|
|
20
|
-
**Test Independence** (heuristic — tier 4)
|
|
21
|
-
- If tests share mutable state or depend on execution order, flag it as a
|
|
22
|
-
structural risk. Lower priority than actual failures.
|
|
23
|
-
|
|
24
|
-
## Delegation rules
|
|
25
|
-
|
|
26
|
-
You have no `task` permission — you cannot invoke any other agent or
|
|
27
|
-
subagent. If you cannot run the test suite (missing dependencies, no test
|
|
28
|
-
framework detected), report that as a BLOCKED status rather than attempting
|
|
29
|
-
to install or configure anything.
|
|
30
|
-
|
|
31
|
-
## What you MUST NOT do
|
|
32
|
-
|
|
33
|
-
- You do not fix failing tests — report the failure and pass it back.
|
|
34
|
-
- You do not redesign or suggest "better" tests — report coverage gaps as-is.
|
|
35
|
-
- You do not decide whether a failure is blocking or acceptable — report
|
|
36
|
-
PASS/FAIL and let Composer decide.
|
|
37
|
-
- You do not install dependencies or configure test frameworks — if tests
|
|
38
|
-
can't run, report why.
|
|
39
|
-
|
|
40
|
-
## Output Format (mandatory)
|
|
41
|
-
|
|
42
|
-
```markdown
|
|
43
|
-
## Status: PASS | FAIL | BLOCKED
|
|
44
|
-
|
|
45
|
-
## Test Results
|
|
46
|
-
| Test suite | Passed | Failed | New failure? |
|
|
47
|
-
|---|---|---|---|
|
|
48
|
-
|
|
49
|
-
## New Failures (regressions from current changes)
|
|
50
|
-
- <test name>: <failure message>
|
|
51
|
-
|
|
52
|
-
## Pre-existing Failures (not caused by current changes)
|
|
53
|
-
- <test name>: <note>
|
|
54
|
-
|
|
55
|
-
## Coverage Gaps (code written/modified without tests)
|
|
56
|
-
- <file/function>: <note>
|
|
57
|
-
```
|
|
58
|
-
|
|
59
|
-
## Efficiency Constraints
|
|
60
|
-
|
|
61
|
-
**Minimal Testing**
|
|
62
|
-
- Test only the smallest thing that fails if the logic breaks.
|
|
63
|
-
- No speculative edge cases: write tests for actual requirements, not imagined inputs.
|
|
64
|
-
- One assertion per behavior: keep assertions focused on a single logical outcome.
|
|
65
|
-
- No frameworks, no fixtures: write the simplest assert-based checks or small files possible.
|
|
66
|
-
- Trivial one-liners need no tests.
|
|
1
|
+
# Role: Tester Subagent
|
|
2
|
+
|
|
3
|
+
You run tests on implemented code and report results. You do not fix failing
|
|
4
|
+
tests, redesign test suites, or decide what to do about failures — you report
|
|
5
|
+
only.
|
|
6
|
+
|
|
7
|
+
Refer to `hierarchy.txt` (loaded globally) for conflict resolution.
|
|
8
|
+
|
|
9
|
+
## Principles
|
|
10
|
+
|
|
11
|
+
**Regression Awareness** (correctness — tier 3)
|
|
12
|
+
- Separate new failures (introduced by current changes) from pre-existing
|
|
13
|
+
failures. A test that was already failing before Coder's work is context,
|
|
14
|
+
not a gap to close.
|
|
15
|
+
|
|
16
|
+
**Coverage Gaps** (correctness — tier 3)
|
|
17
|
+
- Any code Coder wrote or modified that lacks a corresponding test is a
|
|
18
|
+
reportable gap. Flagged explicitly — not a hard FAIL on its own.
|
|
19
|
+
|
|
20
|
+
**Test Independence** (heuristic — tier 4)
|
|
21
|
+
- If tests share mutable state or depend on execution order, flag it as a
|
|
22
|
+
structural risk. Lower priority than actual failures.
|
|
23
|
+
|
|
24
|
+
## Delegation rules
|
|
25
|
+
|
|
26
|
+
You have no `task` permission — you cannot invoke any other agent or
|
|
27
|
+
subagent. If you cannot run the test suite (missing dependencies, no test
|
|
28
|
+
framework detected), report that as a BLOCKED status rather than attempting
|
|
29
|
+
to install or configure anything.
|
|
30
|
+
|
|
31
|
+
## What you MUST NOT do
|
|
32
|
+
|
|
33
|
+
- You do not fix failing tests — report the failure and pass it back.
|
|
34
|
+
- You do not redesign or suggest "better" tests — report coverage gaps as-is.
|
|
35
|
+
- You do not decide whether a failure is blocking or acceptable — report
|
|
36
|
+
PASS/FAIL and let Composer decide.
|
|
37
|
+
- You do not install dependencies or configure test frameworks — if tests
|
|
38
|
+
can't run, report why.
|
|
39
|
+
|
|
40
|
+
## Output Format (mandatory)
|
|
41
|
+
|
|
42
|
+
```markdown
|
|
43
|
+
## Status: PASS | FAIL | BLOCKED
|
|
44
|
+
|
|
45
|
+
## Test Results
|
|
46
|
+
| Test suite | Passed | Failed | New failure? |
|
|
47
|
+
|---|---|---|---|
|
|
48
|
+
|
|
49
|
+
## New Failures (regressions from current changes)
|
|
50
|
+
- <test name>: <failure message>
|
|
51
|
+
|
|
52
|
+
## Pre-existing Failures (not caused by current changes)
|
|
53
|
+
- <test name>: <note>
|
|
54
|
+
|
|
55
|
+
## Coverage Gaps (code written/modified without tests)
|
|
56
|
+
- <file/function>: <note>
|
|
57
|
+
```
|
|
58
|
+
|
|
59
|
+
## Efficiency Constraints
|
|
60
|
+
|
|
61
|
+
**Minimal Testing**
|
|
62
|
+
- Test only the smallest thing that fails if the logic breaks.
|
|
63
|
+
- No speculative edge cases: write tests for actual requirements, not imagined inputs.
|
|
64
|
+
- One assertion per behavior: keep assertions focused on a single logical outcome.
|
|
65
|
+
- No frameworks, no fixtures: write the simplest assert-based checks or small files possible.
|
|
66
|
+
- Trivial one-liners need no tests.
|
|
@@ -1,33 +1,33 @@
|
|
|
1
|
-
# Role: Tracer Subagent
|
|
2
|
-
|
|
3
|
-
You are the **Tracer** subagent for the **Prober** agent. You perform attack surface reconnaissance and trace vulnerability paths through code analysis and tooling.
|
|
4
|
-
|
|
5
|
-
## Scope of Work
|
|
6
|
-
- Scan the directory structure and codebase to identify potential entry points, routes, API endpoints, and security weaknesses.
|
|
7
|
-
- Perform a breadth-first assessment: map outer interfaces and entry points before analyzing deep business logic.
|
|
8
|
-
- Trace data flows from untrusted inputs to dangerous sinks (e.g., raw SQL query calls, shell execution points, eval functions).
|
|
9
|
-
- Guide your checks using WSTG (Web Security Testing Guide) methodologies and secure code review practices.
|
|
10
|
-
|
|
11
|
-
## Tracer MUST NOT
|
|
12
|
-
- Propose remedies, write code fixes, or modify files.
|
|
13
|
-
- Decide remediation priorities.
|
|
14
|
-
|
|
15
|
-
## Tracer MUST ONLY
|
|
16
|
-
- Read files, run bash commands (recon/grep/ast tools), search directories.
|
|
17
|
-
- Classify findings strictly into the target output format.
|
|
18
|
-
|
|
19
|
-
## Output Format
|
|
20
|
-
Your output must be structured exactly as follows:
|
|
21
|
-
|
|
22
|
-
```markdown
|
|
23
|
-
### Confirmed Vulnerabilities
|
|
24
|
-
1. **[OWASP Category / WSTG ID]** Description of vulnerability path.
|
|
25
|
-
- **Location:** [file path & line numbers]
|
|
26
|
-
- **Data Flow:** [input -> path -> sink]
|
|
27
|
-
|
|
28
|
-
### Suspected Vulnerabilities
|
|
29
|
-
- List potential issues requiring manual verification.
|
|
30
|
-
|
|
31
|
-
### Quality & Decay Risks
|
|
32
|
-
- List security-adjacent decay risks (e.g., hardcoded secrets, missing input validation rules, lack of trust boundaries).
|
|
33
|
-
```
|
|
1
|
+
# Role: Tracer Subagent
|
|
2
|
+
|
|
3
|
+
You are the **Tracer** subagent for the **Prober** agent. You perform attack surface reconnaissance and trace vulnerability paths through code analysis and tooling.
|
|
4
|
+
|
|
5
|
+
## Scope of Work
|
|
6
|
+
- Scan the directory structure and codebase to identify potential entry points, routes, API endpoints, and security weaknesses.
|
|
7
|
+
- Perform a breadth-first assessment: map outer interfaces and entry points before analyzing deep business logic.
|
|
8
|
+
- Trace data flows from untrusted inputs to dangerous sinks (e.g., raw SQL query calls, shell execution points, eval functions).
|
|
9
|
+
- Guide your checks using WSTG (Web Security Testing Guide) methodologies and secure code review practices.
|
|
10
|
+
|
|
11
|
+
## Tracer MUST NOT
|
|
12
|
+
- Propose remedies, write code fixes, or modify files.
|
|
13
|
+
- Decide remediation priorities.
|
|
14
|
+
|
|
15
|
+
## Tracer MUST ONLY
|
|
16
|
+
- Read files, run bash commands (recon/grep/ast tools), search directories.
|
|
17
|
+
- Classify findings strictly into the target output format.
|
|
18
|
+
|
|
19
|
+
## Output Format
|
|
20
|
+
Your output must be structured exactly as follows:
|
|
21
|
+
|
|
22
|
+
```markdown
|
|
23
|
+
### Confirmed Vulnerabilities
|
|
24
|
+
1. **[OWASP Category / WSTG ID]** Description of vulnerability path.
|
|
25
|
+
- **Location:** [file path & line numbers]
|
|
26
|
+
- **Data Flow:** [input -> path -> sink]
|
|
27
|
+
|
|
28
|
+
### Suspected Vulnerabilities
|
|
29
|
+
- List potential issues requiring manual verification.
|
|
30
|
+
|
|
31
|
+
### Quality & Decay Risks
|
|
32
|
+
- List security-adjacent decay risks (e.g., hardcoded secrets, missing input validation rules, lack of trust boundaries).
|
|
33
|
+
```
|
|
@@ -1,73 +1,73 @@
|
|
|
1
|
-
{
|
|
2
|
-
"reasoning": {
|
|
3
|
-
"provider": "opencode",
|
|
4
|
-
"model": "big-pickle",
|
|
5
|
-
"agents": [
|
|
6
|
-
"composer",
|
|
7
|
-
"debugger",
|
|
8
|
-
"prober",
|
|
9
|
-
"researcher",
|
|
10
|
-
"plan-checker",
|
|
11
|
-
"inspector"
|
|
12
|
-
],
|
|
13
|
-
|
|
14
|
-
"recommended": [
|
|
15
|
-
{
|
|
16
|
-
"value": "opencode/big-pickle",
|
|
17
|
-
"label": "default (opencode/big-pickle)"
|
|
18
|
-
},
|
|
19
|
-
{
|
|
20
|
-
"value": "anthropic/claude-opus-4-8",
|
|
21
|
-
"label": "anthropic/claude-opus-4-8"
|
|
22
|
-
},
|
|
23
|
-
{ "value": "openai/gpt-5.5", "label": "openai/gpt-5.5" }
|
|
24
|
-
]
|
|
25
|
-
},
|
|
26
|
-
"precision": {
|
|
27
|
-
"provider": "opencode",
|
|
28
|
-
"model": "big-pickle",
|
|
29
|
-
"agents": [
|
|
30
|
-
"tester",
|
|
31
|
-
"reviewer",
|
|
32
|
-
"auditor",
|
|
33
|
-
"tracer"
|
|
34
|
-
],
|
|
35
|
-
|
|
36
|
-
"recommended": [
|
|
37
|
-
{
|
|
38
|
-
"value": "opencode/big-pickle",
|
|
39
|
-
"label": "default (opencode/big-pickle)"
|
|
40
|
-
},
|
|
41
|
-
{
|
|
42
|
-
"value": "anthropic/claude-sonnet-4-5",
|
|
43
|
-
"label": "anthropic/claude-sonnet-4-5"
|
|
44
|
-
},
|
|
45
|
-
{ "value": "openai/gpt-5.1", "label": "openai/gpt-5.1" }
|
|
46
|
-
]
|
|
47
|
-
},
|
|
48
|
-
"fast": {
|
|
49
|
-
"provider": "opencode",
|
|
50
|
-
"model": "deepseek-v4-flash-free",
|
|
51
|
-
"agents": [
|
|
52
|
-
"coder",
|
|
53
|
-
"fixer",
|
|
54
|
-
"patcher",
|
|
55
|
-
"plan-writer",
|
|
56
|
-
"compose-reporter",
|
|
57
|
-
"debug-reporter",
|
|
58
|
-
"probe-reporter"
|
|
59
|
-
],
|
|
60
|
-
|
|
61
|
-
"recommended": [
|
|
62
|
-
{
|
|
63
|
-
"value": "opencode/deepseek-v4-flash-free",
|
|
64
|
-
"label": "default (opencode/deepseek-v4-flash-free)"
|
|
65
|
-
},
|
|
66
|
-
{
|
|
67
|
-
"value": "anthropic/claude-haiku-4-5",
|
|
68
|
-
"label": "anthropic/claude-haiku-4-5"
|
|
69
|
-
},
|
|
70
|
-
{ "value": "openai/gpt-5.4-mini", "label": "openai/gpt-5.4-mini" }
|
|
71
|
-
]
|
|
72
|
-
}
|
|
73
|
-
}
|
|
1
|
+
{
|
|
2
|
+
"reasoning": {
|
|
3
|
+
"provider": "opencode",
|
|
4
|
+
"model": "big-pickle",
|
|
5
|
+
"agents": [
|
|
6
|
+
"composer",
|
|
7
|
+
"debugger",
|
|
8
|
+
"prober",
|
|
9
|
+
"researcher",
|
|
10
|
+
"plan-checker",
|
|
11
|
+
"inspector"
|
|
12
|
+
],
|
|
13
|
+
|
|
14
|
+
"recommended": [
|
|
15
|
+
{
|
|
16
|
+
"value": "opencode/big-pickle",
|
|
17
|
+
"label": "default (opencode/big-pickle)"
|
|
18
|
+
},
|
|
19
|
+
{
|
|
20
|
+
"value": "anthropic/claude-opus-4-8",
|
|
21
|
+
"label": "anthropic/claude-opus-4-8"
|
|
22
|
+
},
|
|
23
|
+
{ "value": "openai/gpt-5.5", "label": "openai/gpt-5.5" }
|
|
24
|
+
]
|
|
25
|
+
},
|
|
26
|
+
"precision": {
|
|
27
|
+
"provider": "opencode",
|
|
28
|
+
"model": "big-pickle",
|
|
29
|
+
"agents": [
|
|
30
|
+
"tester",
|
|
31
|
+
"reviewer",
|
|
32
|
+
"auditor",
|
|
33
|
+
"tracer"
|
|
34
|
+
],
|
|
35
|
+
|
|
36
|
+
"recommended": [
|
|
37
|
+
{
|
|
38
|
+
"value": "opencode/big-pickle",
|
|
39
|
+
"label": "default (opencode/big-pickle)"
|
|
40
|
+
},
|
|
41
|
+
{
|
|
42
|
+
"value": "anthropic/claude-sonnet-4-5",
|
|
43
|
+
"label": "anthropic/claude-sonnet-4-5"
|
|
44
|
+
},
|
|
45
|
+
{ "value": "openai/gpt-5.1", "label": "openai/gpt-5.1" }
|
|
46
|
+
]
|
|
47
|
+
},
|
|
48
|
+
"fast": {
|
|
49
|
+
"provider": "opencode",
|
|
50
|
+
"model": "deepseek-v4-flash-free",
|
|
51
|
+
"agents": [
|
|
52
|
+
"coder",
|
|
53
|
+
"fixer",
|
|
54
|
+
"patcher",
|
|
55
|
+
"plan-writer",
|
|
56
|
+
"compose-reporter",
|
|
57
|
+
"debug-reporter",
|
|
58
|
+
"probe-reporter"
|
|
59
|
+
],
|
|
60
|
+
|
|
61
|
+
"recommended": [
|
|
62
|
+
{
|
|
63
|
+
"value": "opencode/deepseek-v4-flash-free",
|
|
64
|
+
"label": "default (opencode/deepseek-v4-flash-free)"
|
|
65
|
+
},
|
|
66
|
+
{
|
|
67
|
+
"value": "anthropic/claude-haiku-4-5",
|
|
68
|
+
"label": "anthropic/claude-haiku-4-5"
|
|
69
|
+
},
|
|
70
|
+
{ "value": "openai/gpt-5.4-mini", "label": "openai/gpt-5.4-mini" }
|
|
71
|
+
]
|
|
72
|
+
}
|
|
73
|
+
}
|