promptgraph-mcp 2.4.6 → 2.4.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (87) hide show
  1. package/github-import.js +4 -4
  2. package/index.js +47 -14
  3. package/indexer.js +14 -7
  4. package/package.json +1 -1
  5. package/parser.js +21 -115
  6. package/registry/training/bad/accepts-HISTORY.md +250 -0
  7. package/registry/training/bad/argparse-CHANGELOG.md +185 -0
  8. package/registry/training/bad/balanced-match-LICENSE.md +23 -0
  9. package/registry/training/bad/better-sqlite3-README.md +99 -0
  10. package/registry/training/bad/bindings-LICENSE.md +22 -0
  11. package/registry/training/bad/bl-LICENSE.md +13 -0
  12. package/registry/training/bad/body-parser-README.md +494 -0
  13. package/registry/training/bad/bytes-HISTORY.md +97 -0
  14. package/registry/training/bad/camelcase-README.md +135 -0
  15. package/registry/training/bad/chai-README.md +162 -0
  16. package/registry/training/bad/cli-progress-LICENSE.md +24 -0
  17. package/registry/training/bad/content-type-HISTORY.md +29 -0
  18. package/registry/training/bad/cookie-SECURITY.md +25 -0
  19. package/registry/training/bad/cookie-signature-HISTORY.md +70 -0
  20. package/registry/training/bad/cors-README.md +277 -0
  21. package/registry/training/bad/cross-spawn-README.md +89 -0
  22. package/registry/training/bad/deep-extend-CHANGELOG.md +46 -0
  23. package/registry/training/bad/depd-HISTORY.md +103 -0
  24. package/registry/training/bad/esprima-README.md +46 -0
  25. package/registry/training/bad/etag-HISTORY.md +83 -0
  26. package/registry/training/bad/expect-type-SECURITY.md +14 -0
  27. package/registry/training/bad/finalhandler-HISTORY.md +239 -0
  28. package/registry/training/bad/fresh-HISTORY.md +80 -0
  29. package/registry/training/bad/glob-LICENSE.md +63 -0
  30. package/registry/training/bad/hono-README.md +85 -0
  31. package/registry/training/bad/http-errors-HISTORY.md +186 -0
  32. package/registry/training/bad/jose-LICENSE.md +21 -0
  33. package/registry/training/bad/jose-README.md +153 -0
  34. package/registry/training/bad/js-yaml-README.md +299 -0
  35. package/registry/training/bad/json-schema-typed-LICENSE.md +57 -0
  36. package/registry/training/bad/json-stringify-safe-CHANGELOG.md +14 -0
  37. package/registry/training/bad/lru-cache-LICENSE.md +55 -0
  38. package/registry/training/bad/media-typer-HISTORY.md +50 -0
  39. package/registry/training/bad/minimatch-LICENSE.md +55 -0
  40. package/registry/training/bad/minimist-CHANGELOG.md +298 -0
  41. package/registry/training/bad/minimist-README.md +121 -0
  42. package/registry/training/bad/ms-LICENSE.md +21 -0
  43. package/registry/training/bad/negotiator-HISTORY.md +114 -0
  44. package/registry/training/bad/on-finished-HISTORY.md +98 -0
  45. package/registry/training/bad/pkce-challenge-CHANGELOG.md +114 -0
  46. package/registry/training/bad/postcss-README.md +28 -0
  47. package/registry/training/bad/prebuild-install-CHANGELOG.md +131 -0
  48. package/registry/training/bad/proxy-addr-HISTORY.md +161 -0
  49. package/registry/training/bad/qs-CHANGELOG.md +822 -0
  50. package/registry/training/bad/rc-README.md +227 -0
  51. package/registry/training/bad/readable-stream-CONTRIBUTING.md +38 -0
  52. package/registry/training/bad/router-HISTORY.md +228 -0
  53. package/registry/training/bad/semver-README.md +680 -0
  54. package/registry/training/bad/send-README.md +317 -0
  55. package/registry/training/bad/serve-static-README.md +253 -0
  56. package/registry/training/bad/statuses-HISTORY.md +87 -0
  57. package/registry/training/bad/type-is-HISTORY.md +292 -0
  58. package/registry/training/bad/vary-HISTORY.md +39 -0
  59. package/registry/training/bad/vite-LICENSE.md +2230 -0
  60. package/registry/training/bad/which-CHANGELOG.md +166 -0
  61. package/registry/training/bad/zod-README.md +191 -0
  62. package/registry/training/good/skills-store-autopilot.md +85 -0
  63. package/registry/training/good/skills-store-bot-builder.md +70 -0
  64. package/registry/training/good/skills-store-chain.md +136 -0
  65. package/registry/training/good/skills-store-evolve.md +100 -0
  66. package/registry/training/good/skills-store-game.md +27 -0
  67. package/registry/training/good/skills-store-hunt.md +102 -0
  68. package/registry/training/good/skills-store-intel.md +56 -0
  69. package/registry/training/good/skills-store-memory-gc.md +58 -0
  70. package/registry/training/good/skills-store-pcsort.md +207 -0
  71. package/registry/training/good/skills-store-pickup.md +60 -0
  72. package/registry/training/good/skills-store-recon.md +141 -0
  73. package/registry/training/good/skills-store-remember.md +64 -0
  74. package/registry/training/good/skills-store-report.md +117 -0
  75. package/registry/training/good/skills-store-router.md +225 -0
  76. package/registry/training/good/skills-store-search.md +168 -0
  77. package/registry/training/good/skills-store-surface.md +53 -0
  78. package/registry/training/good/skills-store-token-scan.md +141 -0
  79. package/registry/training/good/skills-store-triage.md +97 -0
  80. package/registry/training/good/skills-store-unity.md +733 -0
  81. package/registry/training/good/skills-store-validate.md +135 -0
  82. package/registry/training/good/skills-store-web3-audit.md +217 -0
  83. package/src/filter/classifier.js +88 -0
  84. package/src/filter/cluster.js +52 -0
  85. package/src/filter/dedup.js +36 -0
  86. package/src/filter/hard-filter.js +57 -0
  87. package/src/filter/train.js +64 -0
@@ -0,0 +1,100 @@
1
+ # /evolve — Self-Evolution Loop for dev-os
2
+
3
+ Run the infinite self-improvement loop. Each cycle discovers new tech, analyzes the codebase, generates improvement proposals, runs experiments, and optionally applies safe changes.
4
+
5
+ ## Usage
6
+
7
+ ```
8
+ /evolve
9
+ ```
10
+
11
+ On first invocation, ask the user:
12
+
13
+ 1. **Mode**:
14
+ - `once` — Run one evolution cycle now
15
+ - `forever` — Infinite loop (runs every 6 hours)
16
+ - `status` — Show evolution history and stats
17
+ - `focus: llm` — Scan only new LLM models
18
+ - `focus: prompts` — Evolve agent prompts only
19
+ - `focus: features` — Discover new capabilities
20
+ - `focus: tech` — Scan new libraries/tools
21
+ - `focus: experimental` — Run strategy comparisons (ToT vs ReAct, MoA, Constitutional AI, prompt evolution)
22
+
23
+ 2. **Auto-apply safe improvements?** — yes / no
24
+
25
+ ## Execution by Mode
26
+
27
+ ### once
28
+ ```powershell
29
+ cd "C:\Users\Sasha\.claude\dev-os"
30
+ $env:PYTHONIOENCODING="utf-8"
31
+ python -c "
32
+ from dev_os.agents.evolution_loop import EvolutionLoop
33
+ loop = EvolutionLoop()
34
+ report = loop.run_once(focus='FOCUS_HERE')
35
+ import json
36
+ print(json.dumps(report, indent=2, ensure_ascii=False, default=str))
37
+ "
38
+ ```
39
+
40
+ ### forever
41
+ Start background process:
42
+ ```powershell
43
+ Start-Process python -ArgumentList '-m dev_os.cli evolve --forever --interval 6' -WorkingDirectory "C:\Users\Sasha\.claude\dev-os" -WindowStyle Hidden
44
+ ```
45
+
46
+ Alternatively, use `/loop` skill with this command to run every 6 hours:
47
+ ```
48
+ /loop 6h python -c "from dev_os.agents.evolution_loop import EvolutionLoop; loop = EvolutionLoop(); loop.run_cycle(auto_apply=False)"
49
+ ```
50
+
51
+ ### status
52
+ ```powershell
53
+ cd "C:\Users\Sasha\.claude\dev-os"
54
+ $env:PYTHONIOENCODING="utf-8"
55
+ python -c "
56
+ from dev_os.agents.evolution_loop import EvolutionLoop
57
+ import json
58
+ s = EvolutionLoop().status()
59
+ print(json.dumps(s, indent=2, ensure_ascii=False, default=str))
60
+ "
61
+ ```
62
+
63
+ ### what-changed
64
+ ```powershell
65
+ cd "C:\Users\Sasha\.claude\dev-os"
66
+ $env:PYTHONIOENCODING="utf-8"
67
+ python -c "
68
+ from dev_os.agents.evolution_loop import EvolutionLoop
69
+ import json
70
+ changes = EvolutionLoop().what_changed()
71
+ print(json.dumps(changes, indent=2, ensure_ascii=False, default=str))
72
+ "
73
+ ```
74
+
75
+ ## Focus: experimental — Strategy Details
76
+
77
+ When the user selects `focus: experimental`, Claude MUST run experiments comparing:
78
+
79
+ 1. **Tree of Thought vs ReAct** — Compare multi-step reasoning strategies on the LLM router agent
80
+ 2. **Mixture of Agents** — Test having multiple agent instances collaborate on a single task
81
+ 3. **Constitutional AI self-improvement** — Apply constitutional AI principles to the LLM router's prompt templates
82
+ 4. **Prompt evolution** — Evolve prompts on the market analysis agent using the experiment engine
83
+
84
+ Steps for experimental focus:
85
+ 1. Run `EvolutionLoop().run_once(focus="experimental")` which calls `ExperimentEngine.compare_strategies()`
86
+ 2. Show the comparison results to the user
87
+ 3. Recommend which strategy to integrate
88
+ 4. If user agrees, implement the winning strategy using `mcp__opencode__opencode_run` or by spawning an agent
89
+
90
+ ## Output
91
+
92
+ After any mode, display:
93
+
94
+ - What was discovered (new LLMs, trending repos, arxiv papers, free APIs)
95
+ - What proposals were generated
96
+ - What was applied (if auto_apply)
97
+ - What experiments ran and which ones passed
98
+ - Current system quality score
99
+ - Cycle number and next scheduled run (for `forever` mode)
100
+
@@ -0,0 +1,27 @@
1
+ # Game Dev Skill Router
2
+
3
+ Роутер для всех игровых скиллов из `C:\Users\Sasha\Desktop\SKILLS\`.
4
+
5
+ Invoke: `/game <skill>`
6
+
7
+ ## Скиллы
8
+
9
+ | Команда | Файл | Когда |
10
+ |---------|------|-------|
11
+ | `/game resume` | `game-resume.md` | Начало каждой сессии |
12
+ | `/game arch` | `game-architecture-define.md` | Новый проект или хаос |
13
+ | `/game progress` | `game-progress-check.md` | Глубокий анализ состояния |
14
+ | `/game milestone` | `game-milestone-check.md` | Проверка готовности фазы |
15
+ | `/game scope` | `game-scope-guard.md` | Новая идея — брать или нет |
16
+ | `/game velocity` | `game-velocity.md` | Прогноз даты релиза |
17
+ | `/game harvest` | `game-skill-harvest.md` | Создать скилл из фикса |
18
+ | `/game hooks` | `setup-git-hooks.md` | Настройка git хуков |
19
+ | `/game help` | `GUIDE.md` | Краткий гайд |
20
+
21
+ ## Выполнение
22
+
23
+ По аргументу `$ARGUMENTS` определи нужный файл из таблицы выше.
24
+ Прочитай `C:\Users\Sasha\Desktop\SKILLS\<файл>` и выполни инструкции.
25
+
26
+ Если аргумент не указан или не распознан → покажи таблицу выше.
27
+
@@ -0,0 +1,102 @@
1
+ ---
2
+ name: hunt
3
+ description: Active vulnerability hunting. Two-track dispatcher — asks Red Team vs WAPT, hands off to hunt-dispatch skill and sibling commands. Usage: /hunt target.com | /hunt *.target.com | /hunt targets.txt [--vuln-class X] [--source-code P] [--chrome]
4
+ ---
5
+
6
+ # /hunt
7
+
8
+ slim two-track dispatcher. one mode question, one branch, delegate. never asks about SOW — invoking `/hunt` implies SOW is signed.
9
+
10
+ ## step 0 — parse
11
+
12
+ ```
13
+ target.com single target
14
+ *.target.com wildcard — /recon <base> first, then hunt each live host
15
+ targets.txt multi-target — mode question once, applied per line
16
+ --vuln-class <X> skip mode question, load only hunt-<X>
17
+ --source-code <p|url> static + dynamic
18
+ --chrome browser MCP mode
19
+ ```
20
+
21
+ wildcard handler: if `$TARGET` begins with `*.`, strip prefix and invoke `/recon <base>` before continuing.
22
+
23
+ ## step 1 — mode dispatcher
24
+
25
+ skipped if `--vuln-class` is set.
26
+
27
+ ```
28
+ question: "what kind of engagement is this for {target}?"
29
+ header: "engagement"
30
+ options:
31
+ 1. Red Team Assessment — critical/high impact, chained findings, client deliverable
32
+ 2. WAPT / BugHunting — full OWASP coverage, platform/program report
33
+ ```
34
+
35
+ do not prompt for SOW, scope-of-work, engagement letter, or authorization.
36
+
37
+ ## step 2a — red team
38
+
39
+ ```
40
+ mode: redteam
41
+ severity gate: critical / high · medium only if it chains via /chain
42
+ report: redteam-report-template
43
+ ```
44
+
45
+ invoke `hunt-dispatch` skill with `mode=redteam`. hunt-dispatch fingerprints the target, loads platform skills + always-on (`redteam-mindset`, `mid-engagement-ir-detection`), and prints the taxonomy.
46
+
47
+ ## step 2b — wapt
48
+
49
+ ask again:
50
+
51
+ ```
52
+ question: "black box or grey box?"
53
+ header: "test mode"
54
+ options:
55
+ 1. Black Box — no credentials, external perspective
56
+ 2. Grey Box — test credentials provided (or skip)
57
+ ```
58
+
59
+ grey box → prompt `creds (user/pass or token), or "skip":`. creds live in session memory only — never written, never logged. late-bind: if user later says "now grey box with X/Y", capture creds, do NOT re-fire mode question.
60
+
61
+ ```
62
+ mode: wapt / {blackbox|greybox}
63
+ severity gate: all owasp-relevant
64
+ report: report-writing (bugcrowd-reporting if target on bugcrowd)
65
+ ```
66
+
67
+ invoke `hunt-dispatch` skill with `mode=wapt box=blackbox|greybox`.
68
+
69
+ ## step 3 — sibling delegation
70
+
71
+ ```
72
+ before any HTTP touch → /scope (mandatory pre-flight)
73
+ recon empty | wildcard → /recon <target>
74
+ 5+ live hosts surfaced → /surface (P1/P2/Kill list)
75
+ confirmed finding → /chain (A→B table lives here, NOT in /hunt)
76
+ before any report → /validate (7-Question Gate)
77
+ findings ready → /report (suggest, never auto)
78
+ session end → /remember (silent)
79
+ ```
80
+
81
+ ## step 4 — active testing
82
+
83
+ hand off to the loaded `hunt-*` skills. each skill has its own probes, payloads, validation. do not duplicate that logic here. on every confirmed finding, invoke `/chain` to check the A→B signal table.
84
+
85
+ ## modes
86
+
87
+ `--source-code <path|url>` — adds hardcoded-secret grep, route mapping, dangerous-function scan before live testing.
88
+ `--chrome` — browser MCP for SPA / OAuth / DOM-XSS / WebSocket / file upload.
89
+ `--vuln-class <X>` — load only `hunt-<X>`, skip mode question.
90
+
91
+ ## pacing & isolation
92
+
93
+ 20-min rotation: every 20 min ask "am i making progress?" no → rotate. stop signals: 403 everywhere · 20+ payloads identical response · 5+ preconditions · 30+ min stuck on one endpoint.
94
+
95
+ one session per target. for `targets.txt`, mode question fires once; findings scoped per-target in hunt memory.
96
+
97
+ ## privacy
98
+
99
+ never prompt for, log, or echo SOW / scope-of-work / engagement-letter content. never persist grey box credentials to disk. client data lives only in `.gitignore`d `targets/<target>/SESSION.md`.
100
+
101
+ at session end, invoke `/remember` silently (non-fatal).
102
+
@@ -0,0 +1,56 @@
1
+ ---
2
+ name: intel
3
+ description: On-demand intelligence fetch for a target — CVEs, disclosed reports, new features. Wraps learn.py + hunt memory context. Usage: /intel target.com
4
+ ---
5
+
6
+ # /intel
7
+
8
+ Fetch actionable intelligence for a target.
9
+
10
+ ## What This Does
11
+
12
+ 1. Runs `learn.py` for CVEs and advisories matching the target's tech stack
13
+ 2. Fetches HackerOne Hacktivity for the target (via HackerOne MCP if available)
14
+ 3. Cross-references with hunt memory — flags untested CVEs and new endpoints
15
+ 4. Outputs prioritized intel with hunt recommendations
16
+
17
+ ## Usage
18
+
19
+ ```
20
+ /intel target.com
21
+ ```
22
+
23
+ ## Output
24
+
25
+ ```
26
+ INTEL: target.com
27
+ ═══════════════════════════════════════
28
+
29
+ ALERTS:
30
+ [CRITICAL] CVE-2026-XXXX — Next.js middleware bypass (CVSS 9.1)
31
+ target.com runs Next.js 14.2.3 (vulnerable). Patch: 14.2.4.
32
+ → You haven't tested this endpoint yet. Hunt candidate.
33
+
34
+ [HIGH] New feature detected: /api/v3/billing/invoices
35
+ Not in your tested_endpoints list. 3 new paths.
36
+ → New = unreviewed. Priority hunt target.
37
+
38
+ [INFO] 2 new disclosed reports on HackerOne for target.com
39
+ → Read for methodology insights before hunting.
40
+
41
+ MEMORY CONTEXT:
42
+ Last hunted: 2026-03-24 (2 days ago)
43
+ Tech stack: Next.js 14.2.3, GraphQL, PostgreSQL
44
+ Untested CVEs: 1 critical, 0 high
45
+ ```
46
+
47
+ ## Data Sources
48
+
49
+ | Source | What | Auth required? |
50
+ |---|---|---|
51
+ | `learn.py` — NVD | CVEs matching tech stack | No |
52
+ | `learn.py` — GitHub Advisory | Security advisories | No |
53
+ | `learn.py` — HackerOne Hacktivity | Disclosed reports | No |
54
+ | HackerOne MCP (if connected) | Program stats, policy | No (public) |
55
+ | Hunt memory | Previously tested endpoints | Local files |
56
+
@@ -0,0 +1,58 @@
1
+ ---
2
+ name: memory-gc
3
+ description: Inspect or rotate hunt-memory JSONL files (audit.jsonl, patterns.jsonl, journal.jsonl). Caps file size and keeps N rotated backups so memory does not grow unbounded.
4
+ ---
5
+
6
+ # /memory-gc
7
+
8
+ Garbage-collect the hunt-memory directory. Reports current sizes, rotates oversized files past a configurable cap, or purges old backups.
9
+
10
+ ## Why This Exists
11
+
12
+ Append-only logs grow without bound. On active hunters:
13
+ - `audit.jsonl` can reach 100 MB+ in months (every outbound request)
14
+ - `patterns.jsonl` and `journal.jsonl` accumulate forever
15
+
16
+ This command surfaces that growth and gives you a one-shot fix.
17
+
18
+ ## Usage
19
+
20
+ ```
21
+ /memory-gc # report only
22
+ /memory-gc --rotate # rotate files above 10 MB (default cap)
23
+ /memory-gc --rotate --max-mb 5 # custom cap
24
+ /memory-gc --purge-backups # delete all .1/.2/.3 backups
25
+ /memory-gc --dir <path> # scan a non-default hunt-memory dir
26
+ ```
27
+
28
+ ## What It Does
29
+
30
+ 1. Walks the hunt-memory directory recursively.
31
+ 2. Finds `audit.jsonl`, `patterns.jsonl`, and `journal.jsonl` files at any depth.
32
+ 3. Prints a per-file table: live size, total (live + backups), backup count, status.
33
+ 4. With `--rotate`: renames oversize files to `<file>.1`, shifting older backups up to `<file>.{keep}`. The oldest is dropped.
34
+ 5. With `--purge-backups`: removes every `.1`/`.2`/`.3` backup, keeping only live files.
35
+
36
+ ## Implementation
37
+
38
+ The agent shells out to:
39
+
40
+ ```bash
41
+ python -m tools.memory_gc [args]
42
+ ```
43
+
44
+ from the repo root.
45
+
46
+ ## Defaults
47
+
48
+ - **Rotation cap:** 10 MB per file
49
+ - **Backups kept:** 3 (so `<file>.1` newest → `<file>.3` oldest)
50
+ - **Scope:** `hunt-memory/` and any nested target dirs
51
+
52
+ Auto-rotation fires automatically in two places:
53
+
54
+ 1. **On every write** — inside `AuditLog.log()` and `PatternDB.save()` when the next append would exceed the cap.
55
+ 2. **On session end** — a `Stop` hook in `.claude/settings.json` runs `python3 -m tools.memory_gc --rotate` so long sessions that wrote a lot but never crossed the cap mid-session still get cleaned up.
56
+
57
+ So this slash command is mainly for ad-hoc reporting (`/memory-gc` with no args) and manual cleanup of accumulated backups (`/memory-gc --purge-backups`).
58
+
@@ -0,0 +1,207 @@
1
+ # PC Organizer — File System Sorting
2
+ Activated by: `/pcsort`
3
+
4
+ You are the cognitive core of the PC Organizer. OpenCode agents scan, classify, and plan. You reason about organization strategy and make decisions. **Nothing is moved or deleted without explicit user confirmation.** Dry-run is always first.
5
+
6
+ ---
7
+
8
+ ## System Rules
9
+
10
+ 1. **Dry-run default:** all operations produce a plan and a preview script first. No files move until user types CONFIRM.
11
+ 2. **Never delete:** the system never deletes files — only moves, renames, or flags for user review. Deletion is always manual.
12
+ 3. **State file:** `.pcsort-state/SCAN_STATE.json` — disk-scanner is sole writer.
13
+ 4. **Backup manifest:** before any move operation, write `.pcsort-state/MOVE_MANIFEST.json` listing every source→destination pair. This enables rollback.
14
+ 5. **Single OpenCode CLI:** one process with Task subagents inside for parallel scanning.
15
+ 6. **Platform:** Windows-first. PowerShell commands. macOS/Linux alternatives noted where relevant.
16
+ 7. **User scope:** always confirm the target path(s) before scanning. Default: ask explicitly.
17
+
18
+ ---
19
+
20
+ ## PC Sort State Schema (`.pcsort-state/SCAN_STATE.json`)
21
+
22
+ ```json
23
+ {
24
+ "scanRoot": "",
25
+ "scanDate": "",
26
+ "totalFiles": 0,
27
+ "totalSizeGB": 0,
28
+ "duplicates": [],
29
+ "largeFiles": [],
30
+ "oldFiles": [],
31
+ "emptyDirs": [],
32
+ "tempFiles": [],
33
+ "misplacedFiles": [],
34
+ "folderStats": {},
35
+ "suggestions": []
36
+ }
37
+ ```
38
+
39
+ ---
40
+
41
+ ## Phase 0: Scope Definition
42
+
43
+ Ask user:
44
+ 1. **Target path(s):** which drives/folders to scan? (e.g., C:\Users\Name\Downloads, D:\)
45
+ 2. **Operation type:** what does "sort" mean here?
46
+ - `analyze` — report only, no changes
47
+ - `duplicates` — find and mark duplicate files
48
+ - `organize` — sort files into logical folders by type
49
+ - `cleanup` — identify junk/temp/old files for review
50
+ - `full` — all of the above
51
+ 3. **Exclusions:** folders to skip (node_modules, .git, Windows system folders)
52
+
53
+ Default exclusions: `C:\Windows`, `C:\Program Files`, `C:\Program Files (x86)`, `AppData\Local\Temp`, `node_modules`, `.git`
54
+
55
+ ---
56
+
57
+ ## Phase 1: Disk Scan
58
+
59
+ ```bash
60
+ opencode-cli run --attach http://localhost:4100 --agent disk-scanner \
61
+ "Scan <path(s)>. Exclude: <exclusions>. Collect: total file count, total size, top 20 largest files, files by extension, files by age (>1yr, >2yr, >5yr), empty directories, temp/cache file patterns. Write to .pcsort-state/SCAN_STATE.json. Do NOT use the Task tool."
62
+ ```
63
+
64
+ For multiple drives — dispatch parallel scanners via unity-orchestrator.
65
+
66
+ ---
67
+
68
+ ## Phase 2: Analysis
69
+
70
+ Run analysis agents in parallel based on operation type:
71
+
72
+ ### Duplicate detection:
73
+ ```bash
74
+ opencode-cli run --attach http://localhost:4100 --agent duplicate-detector \
75
+ "Find duplicate files in scan data from .pcsort-state/SCAN_STATE.json. Group by: exact hash match first, then size+name match. For each group: identify which copy to keep (most recently modified, or in most logical location), list others as duplicates. Write duplicates list to .pcsort-state/SCAN_STATE.json duplicates field. Do NOT use the Task tool."
76
+ ```
77
+
78
+ ### Organization planning:
79
+ ```bash
80
+ opencode-cli run --attach http://localhost:4100 --agent organization-planner \
81
+ "Read .pcsort-state/SCAN_STATE.json. Plan folder structure for <scanRoot>. Apply these classification rules: <rules>. Output a move plan — every source path → destination path. Write to .pcsort-state/MOVE_PLAN.json. Do NOT use the Task tool."
82
+ ```
83
+
84
+ ---
85
+
86
+ ## File Classification Rules
87
+
88
+ | Extension group | Target folder |
89
+ |----------------|---------------|
90
+ | `.jpg .jpeg .png .gif .webp .heic .raw` | `\Photos\<YYYY>\` |
91
+ | `.mp4 .mov .avi .mkv .wmv` | `\Videos\` |
92
+ | `.mp3 .flac .wav .aac .ogg` | `\Music\` |
93
+ | `.pdf` | `\Documents\PDFs\` |
94
+ | `.doc .docx .odt` | `\Documents\Word\` |
95
+ | `.xls .xlsx .csv` | `\Documents\Spreadsheets\` |
96
+ | `.ppt .pptx` | `\Documents\Presentations\` |
97
+ | `.zip .rar .7z .tar .gz` | `\Archives\` |
98
+ | `.exe .msi` | `\Installers\` |
99
+ | `.iso .img` | `\DiskImages\` |
100
+ | `.torrent` | `\Torrents\` |
101
+ | Dev files (`.py .js .ts .cs .cpp .go`) | `\Dev\<ext>\` |
102
+ | Unknown / no extension | `\Unsorted\` |
103
+
104
+ Photo date: read EXIF if available; fall back to file modified date for `\Photos\YYYY\` sorting.
105
+
106
+ ---
107
+
108
+ ## Temp / Junk File Patterns
109
+
110
+ Flag for user review (never auto-delete):
111
+ - `*.tmp`, `*.temp`, `~*`, `thumbs.db`, `.DS_Store`
112
+ - `*.log` older than 30 days outside `\Logs\` folders
113
+ - Folders named: `temp`, `tmp`, `cache`, `__pycache__`, `.pytest_cache`
114
+ - Chrome/Firefox cache: `AppData\Local\Google\Chrome\User Data\Default\Cache`
115
+ - Windows Update cache: `Windows\SoftwareDistribution\Download` (flag, don't touch)
116
+ - Downloaded installers older than 1 year in `Downloads\`
117
+
118
+ ---
119
+
120
+ ## Phase 3: Show Plan
121
+
122
+ Present to user:
123
+
124
+ ```
125
+ ## PC Organization Plan
126
+ Scan root: <path>
127
+ Scanned: <N> files (<GB>)
128
+
129
+ ### Summary
130
+ - Duplicates found: <N> files (<GB> recoverable)
131
+ - Largest files: top 5 listed
132
+ - Temp/junk: <N> files (<GB>)
133
+ - Files to move: <N> (<GB>)
134
+ - Empty dirs to remove: <N>
135
+
136
+ ### Duplicate Groups (<N> total, <GB> recoverable)
137
+ Group 1: <filename> — 3 copies
138
+ KEEP: C:\Users\...\file.jpg (newest, best location)
139
+ MOVE: C:\Users\...\Copy of file.jpg → .pcsort-state\duplicates-review\
140
+ MOVE: D:\Backup\...\file.jpg → .pcsort-state\duplicates-review\
141
+
142
+ ### Move Plan Preview (first 20 of <N>)
143
+ <scan_root>\Downloads\photo_2023.jpg → <scan_root>\Photos\2023\photo_2023.jpg
144
+ <scan_root>\Desktop\report.pdf → <scan_root>\Documents\PDFs\report.pdf
145
+ ...
146
+
147
+ ### Junk Files (for review only — will NOT be moved automatically)
148
+ <scan_root>\Downloads\installer_v1.0.msi (2 years old, 450MB)
149
+ ...
150
+
151
+ Type CONFIRM to generate move script, CANCEL to abort.
152
+ ```
153
+
154
+ ---
155
+
156
+ ## Phase 4: Generate Move Script
157
+
158
+ If CONFIRM → do NOT execute yet. First generate the PowerShell script:
159
+
160
+ ```bash
161
+ opencode-cli run --attach http://localhost:4100 --agent move-executor \
162
+ "Generate a PowerShell dry-run script from .pcsort-state/MOVE_PLAN.json. Script must: 1) Create destination directories if needed, 2) Move files with robocopy (not Move-Item — safer for large operations), 3) Log every operation to .pcsort-state/move-log.txt, 4) Skip if destination already exists (no overwrite). Output the .ps1 script to .pcsort-state/execute-moves.ps1. Do NOT use the Task tool."
163
+ ```
164
+
165
+ Show user the generated script path. Offer options:
166
+ - `EXECUTE` — run the script now (Claude uses Bash tool)
167
+ - `REVIEW` — open the script for inspection first
168
+ - `CANCEL` — abort
169
+
170
+ ---
171
+
172
+ ## Phase 5: Execute and Verify
173
+
174
+ If EXECUTE:
175
+ ```powershell
176
+ powershell -ExecutionPolicy Bypass -File ".pcsort-state\execute-moves.ps1"
177
+ ```
178
+
179
+ After execution:
180
+ - Read `.pcsort-state/move-log.txt`
181
+ - Report: files moved, errors, skipped
182
+ - Check for any errors — if any files failed, list them
183
+ - Write final report to `.pcsort-state/REPORT.md`
184
+
185
+ ---
186
+
187
+ ## Agent Routing Table
188
+
189
+ | Agent | Use for |
190
+ |-------|---------|
191
+ | `disk-scanner` | File system scanning, size analysis, age analysis |
192
+ | `duplicate-detector` | Hash-based duplicate finding, keep/remove decision |
193
+ | `organization-planner` | File classification, move plan generation |
194
+ | `move-executor` | PowerShell move script generation |
195
+ | `unity-orchestrator` | Parallel multi-drive scanning |
196
+
197
+ ---
198
+
199
+ ## Core Rules (never violate)
200
+
201
+ 1. Never delete files — only move to review folder or mark for user decision.
202
+ 2. Dry-run always comes before execution.
203
+ 3. Move manifest must be written before any moves execute — enables rollback.
204
+ 4. Never touch: `C:\Windows\*`, `C:\Program Files\*`, `AppData\Roaming\*` (system risk).
205
+ 5. If a destination file already exists — skip, do not overwrite. Log the conflict.
206
+ 6. After execution, provide explicit count of moved files vs. errors vs. skipped.
207
+
@@ -0,0 +1,60 @@
1
+ ---
2
+ name: pickup
3
+ description: Pick up a previous hunt on a target — shows hunt history, untested endpoints, and memory-informed suggestions. Usage: /pickup target.com
4
+ ---
5
+
6
+ # /pickup
7
+
8
+ Pick up where you left off on a target.
9
+
10
+ > **Renamed from `/resume`** — `/resume` is a reserved Claude Code command. Use `/pickup` to continue a previous hunt.
11
+
12
+ ## What This Does
13
+
14
+ 1. Reads the target profile from `hunt-memory/targets/<target>.json`
15
+ 2. Shows hunt history (sessions, findings, payouts)
16
+ 3. Lists untested endpoints from last recon
17
+ 4. Suggests techniques based on tech stack + pattern DB
18
+ 5. Asks: continue hunting or re-run recon?
19
+
20
+ ## Usage
21
+
22
+ ```
23
+ /pickup target.com
24
+ ```
25
+
26
+ ## Output
27
+
28
+ ```
29
+ PICKUP: target.com
30
+ ═══════════════════════════════════════
31
+
32
+ Hunt History:
33
+ Sessions: 3
34
+ Last hunt: 2026-03-24
35
+ Total time: 2h 00m
36
+ Findings: 1 confirmed (IDOR, $1500 paid)
37
+
38
+ Untested Surface:
39
+ 3 endpoints from last recon:
40
+ 1. /api/v2/users/{id}/export
41
+ 2. /api/v2/users/{id}/share
42
+ 3. /api/v2/users/{id}/history
43
+
44
+ Memory Suggestions:
45
+ Tech stack [Next.js, GraphQL, PostgreSQL] matches 2 targets
46
+ where you found auth bypass. Try introspection → mutation pattern.
47
+
48
+ Actions:
49
+ [r] Continue hunting untested endpoints
50
+ [n] Re-run recon first (surface may have changed)
51
+ [s] Show full hunt journal for this target
52
+ ```
53
+
54
+ ## If No Previous Hunt
55
+
56
+ ```
57
+ No previous hunt data for target.com.
58
+ Run /recon target.com first, then /hunt target.com.
59
+ ```
60
+