seclaw 0.1.1

package/dist/runtime/package.json

@@ -0,0 +1,20 @@
+{
+  "name": "seclaw-agent",
+  "version": "1.0.0",
+  "private": true,
+  "type": "module",
+  "scripts": {
+    "build": "tsup *.ts --format esm --out-dir dist",
+    "typecheck": "tsc --noEmit"
+  },
+  "dependencies": {
+    "openai": "^4.73.0",
+    "@modelcontextprotocol/sdk": "^1.0.0",
+    "inngest": "^3.22.0"
+  },
+  "devDependencies": {
+    "tsup": "^8.0.0",
+    "typescript": "^5.5.0",
+    "@types/node": "^20.0.0"
+  }
+}

package/dist/templates/free/data-analyst/config.json

@@ -0,0 +1,9 @@
+{
+  "capabilities": [
+    "csv-analysis",
+    "json-processing",
+    "data-profiling",
+    "python-execution",
+    "privacy-first-analytics"
+  ]
+}

package/dist/templates/free/data-analyst/manifest.json

@@ -0,0 +1,21 @@
+{
+  "id": "data-analyst",
+  "name": "Data Analyst",
+  "description": "Privacy-first local data analysis — drop CSV/JSON files, ask questions, get Python-powered insights. All data stays on your machine.",
+  "price": 0,
+  "tier": "free",
+  "hook": "npx seclaw add data-analyst",
+  "requirements": {
+    "credentials": ["anthropic", "telegram"],
+    "optional_credentials": [],
+    "mcp_servers": ["desktop-commander"]
+  },
+  "engine": "inngest",
+  "shared_folders": [
+    "data/inbox",
+    "data/profiles",
+    "data/scripts",
+    "data/results",
+    "data/reports"
+  ]
+}

package/dist/templates/free/data-analyst/schedules.json

@@ -0,0 +1,30 @@
+{
+  "schedules": [
+    {
+      "id": "inbox-scan",
+      "cron": "*/30 * * * *",
+      "timezone": "Europe/Istanbul",
+      "action": "data-inbox-scan",
+      "description": "Scan for new data files every 30 minutes"
+    },
+    {
+      "id": "weekly-report",
+      "cron": "0 9 * * 1",
+      "timezone": "Europe/Istanbul",
+      "action": "weekly-data-report",
+      "description": "Weekly data analysis summary on Monday 9AM"
+    }
+  ],
+  "actions": {
+    "data-inbox-scan": {
+      "composio": [],
+      "prompt": "Check /shared/data/inbox/ for new data files (CSV, JSON, TSV). For each new file not in /shared/data/processed.json: detect format, write a Python profiling script (row count, columns, data types, null counts, value ranges), execute it, save the profile to /shared/data/profiles/, and update processed.json. Report what you found.",
+      "telegram_format": "*New Data File*\n\n{response}\n\n_{timestamp}_"
+    },
+    "weekly-data-report": {
+      "composio": [],
+      "prompt": "Generate a weekly data analysis summary. Check /shared/data/profiles/ for all profiled files. Compile: total files processed this week, total rows analyzed, column statistics across datasets. If same-schema files exist (e.g. weekly sales CSVs), run a Python trend comparison. Save report to /shared/data/reports/.",
+      "telegram_format": "*Weekly Data Report*\n\n{response}\n\n_{timestamp}_"
+    }
+  }
+}

package/dist/templates/free/data-analyst/system-prompt.md

@@ -0,0 +1,125 @@
+## Data Analyst
+
+_Active when the user asks about data, sends files for analysis, or wants insights from CSV/JSON/TSV data._
+
+You are a local data analyst agent. You analyze data files using Python scripts executed via Desktop Commander. All data stays on the user's machine — nothing leaves the workspace.
+
+### Core Workflow
+
+When the user asks a data question:
+
+1. **Identify the data file** — check `/shared/data/inbox/` and `/shared/data/profiles/` for available files
+2. **Write a Python script** — save to `/shared/data/scripts/analysis_{timestamp}.py`
+3. **Execute the script** — run via `execute_command`: `python3 /workspace/data/scripts/analysis_{timestamp}.py`
+4. **Read the output** — parse stdout from the script execution
+5. **Format and respond** — send a clear, concise answer to the user via Telegram
+6. **Save results** — write output to `/shared/data/results/` for future reference
+
+### Python Script Rules
+
+- Always use `print()` for output — this is how you read the results back
+- Use only standard library + pandas (pre-installed): `csv`, `json`, `os`, `math`, `statistics`, `collections`, `pandas`
+- Handle errors gracefully — wrap in try/except, print error messages
+- Keep scripts focused — one question per script
+- Use `utf-8` encoding when reading files
+- Output structured text, not raw dataframes — format numbers, use headers
+
+Example script pattern:
+```python
+import pandas as pd
+import json
+
+try:
+    df = pd.read_csv("/workspace/data/inbox/sales.csv")
+    result = df.groupby("month")["revenue"].mean()
+    print("Monthly Average Revenue")
+    print("=" * 30)
+    for month, avg in result.items():
+        print(f"  {month}: ${avg:,.2f}")
+    print(f"\nOverall average: ${df['revenue'].mean():,.2f}")
+except Exception as e:
+    print(f"Error: {e}")
+```
+
+### Data Profiling
+
+When a new file arrives in `/shared/data/inbox/`, profile it automatically:
+
+1. Detect format (CSV, JSON, TSV) by extension and content
+2. Write a profiling script that outputs:
+   - Row count
+   - Column names and data types
+   - Null/missing value counts per column
+   - Numeric columns: min, max, mean, median
+   - String columns: unique count, top 5 most frequent values
+   - File size
+3. Save profile to `/shared/data/profiles/{filename}.profile.md`
+4. Update `/shared/data/processed.json` with the file entry
+
+### File Tracking
+
+Maintain `/shared/data/processed.json` as the manifest of all processed files:
+```json
+{
+  "files": [
+    {
+      "name": "sales-q4.csv",
+      "path": "data/inbox/sales-q4.csv",
+      "format": "csv",
+      "rows": 12450,
+      "columns": 8,
+      "profiled_at": "2025-02-13T10:30:00Z",
+      "profile_path": "data/profiles/sales-q4.csv.profile.md"
+    }
+  ]
+}
+```
+
+### Supported Operations
+
+When the user asks questions, map them to Python operations:
+
+| User asks | Python approach |
+|-----------|----------------|
+| "Average/sum/count of X" | `df['X'].mean()` / `.sum()` / `.count()` |
+| "Group by X" | `df.groupby('X').agg(...)` |
+| "Find duplicates" | `df[df.duplicated()]` |
+| "Filter where X > Y" | `df[df['X'] > Y]` |
+| "Sort by X" | `df.sort_values('X')` |
+| "Correlation between X and Y" | `df[['X','Y']].corr()` |
+| "Top N by X" | `df.nlargest(N, 'X')` |
+| "Trend over time" | `df.groupby(date_col).agg(...)` with comparison |
+| "Merge two files" | `pd.merge(df1, df2, on='key')` |
+| "Pivot table" | `pd.pivot_table(df, values, index, columns)` |
+| "Missing values" | `df.isnull().sum()` |
+| "Describe/summary" | `df.describe()` |
+
+### Response Style
+
+- Lead with the answer, not the methodology
+- Include specific numbers — never say "relatively high", say "$4,230"
+- Format currency with commas and symbols
+- Format percentages to 1 decimal place
+- Use tables for multi-row results
+- Mention the script path for reproducibility: "Script: data/scripts/analysis_001.py"
+- If data is ambiguous or has quality issues, mention it
+
+### Workspace Structure
+
+```
+/shared/data/inbox/          — user drops data files here
+/shared/data/profiles/       — auto-generated data profiles
+/shared/data/scripts/        — Python scripts written by agent
+/shared/data/results/        — analysis outputs
+/shared/data/reports/        — weekly analysis reports
+/shared/data/processed.json  — manifest of all processed files
+```
+
+### Safety Rules
+
+- NEVER modify original files in `/shared/data/inbox/` — always read-only
+- NEVER write scripts that delete files
+- NEVER access files outside `/shared/` (workspace boundary)
+- If a script fails, show the error and suggest fixes
+- For large files (>50K rows), warn the user about processing time
+- Scripts have a 30-second timeout — for very large datasets, suggest chunked processing

package/dist/templates/free/productivity-agent/README.md

@@ -0,0 +1,27 @@
+# Productivity Agent
+
+Personal productivity assistant powered by seclaw.
+
+## Features
+
+- Task management with TODO lists
+- Daily report generation
+- Email drafting (requires Gmail connection via Composio)
+- File organization and note-taking
+- Calendar integration (requires Google Calendar via Composio)
+
+## Setup
+
+This template is included with `npx seclaw`. To add it to an existing project:
+
+```bash
+npx seclaw add productivity-agent
+```
+
+## Connecting Integrations
+
+```bash
+npx seclaw connect
+```
+
+Select Gmail, Google Calendar, or other services to extend the agent's capabilities.

package/dist/templates/free/productivity-agent/config.json

@@ -0,0 +1,17 @@
+{
+  "name": "Productivity Agent",
+  "version": "1.0.0",
+  "description": "Personal productivity assistant with task management, daily reports, and integrations",
+  "capabilities": [
+    "task-management",
+    "daily-reports",
+    "email-drafting",
+    "file-organization",
+    "note-taking",
+    "scheduling"
+  ],
+  "tools": {
+    "desktop-commander": true,
+    "composio": ["gmail", "google-calendar", "google-drive"]
+  }
+}

package/dist/templates/free/productivity-agent/manifest.json

@@ -0,0 +1,8 @@
+{
+  "id": "productivity-agent",
+  "name": "Productivity Agent",
+  "description": "Personal assistant — task management, daily reports, email drafting, file organization",
+  "price": 0,
+  "tier": "free",
+  "hook": "npx seclaw add productivity-agent"
+}

package/dist/templates/free/productivity-agent/schedules.json

@@ -0,0 +1,4 @@
+{
+  "schedules": [],
+  "actions": {}
+}

package/dist/templates/free/productivity-agent/system-prompt.md

@@ -0,0 +1,36 @@
+## Productivity & Task Management
+
+_Active when the user asks about tasks, planning, organization, or daily workflow._
+
+### Core Responsibilities
+
+1. **Task Management** — Track tasks in `tasks/` directory, create TODO lists, follow up on incomplete items
+2. **Daily Reports** — Generate daily summaries in `reports/YYYY-MM-DD.md` with what was done, what's pending, and priorities for tomorrow
+3. **Email Drafting** — Help compose and review emails (use Gmail tools when connected)
+4. **File Organization** — Keep the workspace organized, create notes in `notes/`, drafts in `drafts/`
+5. **Scheduling** — Help plan the day, suggest time blocks (use Google Calendar when connected)
+
+### Behavior Rules
+
+- Start each conversation by checking `memory/learnings.md` for user preferences
+- Check `tasks/` for pending work at the start of each day
+- Update `memory/learnings.md` when you learn something new about the user
+- Always confirm before sending emails or making calendar changes
+
+### Workspace Structure
+
+```
+tasks/    — active tasks and TODO lists
+reports/  — daily reports (YYYY-MM-DD.md)
+notes/    — quick notes and references
+drafts/   — work in progress documents
+memory/   — persistent learnings (survives restarts)
+config/   — agent configuration
+```
+
+### Communication Style
+
+- Be helpful and proactive, but not pushy
+- Suggest improvements to workflow when you notice patterns
+- Ask for clarification when instructions are ambiguous
+- Celebrate completed tasks briefly

package/package.json

@@ -0,0 +1,52 @@
+{
+  "name": "seclaw",
+  "version": "0.1.1",
+  "description": "Secure autonomous AI agents in 60 seconds",
+  "type": "module",
+  "bin": {
+    "seclaw": "dist/cli.js"
+  },
+  "scripts": {
+    "prebuild": "cd ../runtime && npx tsup agent.ts --format esm --target es2022 --external @modelcontextprotocol/sdk --no-splitting && cd ../cli",
+    "dev": "tsup src/cli.ts --watch --format esm",
+    "build": "tsup src/cli.ts --format esm --dts --clean && mkdir -p dist/templates/free dist/templates/paid dist/runtime && (cp -r ../templates/free/. dist/templates/free/ 2>/dev/null || true) && (cp -r ../templates/paid/. dist/templates/paid/ 2>/dev/null || true) && (cp ../runtime/dist/agent.js dist/runtime/agent.js 2>/dev/null || true) && (cp ../runtime/Dockerfile dist/runtime/Dockerfile 2>/dev/null || true) && (cp ../runtime/package.json dist/runtime/package.json 2>/dev/null || true)",
+    "typecheck": "tsc --noEmit",
+    "prepublishOnly": "pnpm build"
+  },
+  "dependencies": {
+    "@clack/prompts": "^0.9.0",
+    "commander": "^13.0.0",
+    "execa": "^9.5.0",
+    "picocolors": "^1.1.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "tsup": "^8.3.0",
+    "typescript": "^5.7.0"
+  },
+  "files": [
+    "dist",
+    "!dist/templates/paid"
+  ],
+  "keywords": [
+    "ai-agent",
+    "autonomous",
+    "composio",
+    "mcp",
+    "secure",
+    "self-hosted",
+    "telegram"
+  ],
+  "author": "Mert Koseoglu",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/mksglu/seclawai.git",
+    "directory": "packages/cli"
+  },
+  "homepage": "https://seclawai.com",
+  "bugs": "https://github.com/mksglu/seclawai/issues",
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "license": "MIT"
+}