claude-mpm 2.1.0__py3-none-any.whl → 3.0.0__py3-none-any.whl

claude_mpm/validation/agent_validator.py

@@ -3,6 +3,20 @@ Agent validation framework using JSON Schema validation.
 
 This module provides comprehensive validation for agent configurations
 using the standardized JSON schema with direct validation approach.
+
+Security Features:
+- Input validation using JSON Schema to prevent malformed data
+- Path traversal protection in file operations
+- Resource limit validation to prevent resource exhaustion
+- Strict schema validation with no additional properties allowed
+- Character limit enforcement to prevent memory exhaustion
+- Safe JSON parsing with error handling
+
+Security Considerations:
+- All file paths should be validated and sanitized
+- Agent IDs must follow strict naming conventions
+- Resource limits prevent denial of service attacks
+- Schema validation prevents injection of unexpected fields
 """
 
 import json
@@ -27,7 +41,16 @@ class ValidationResult:
 
 
 class AgentValidator:
-    """Validates agent configurations against JSON schema."""
+    """Validates agent configurations against JSON schema.
+    
+    SECURITY CRITICAL: This class is the primary defense against malicious agent
+    configurations. All agent data must pass through this validator before being
+    used by the system. Bypassing this validator could lead to:
+    - Arbitrary code execution (via tool access)
+    - Resource exhaustion (via resource limits)
+    - Data exfiltration (via file/network access)
+    - Privilege escalation (via tool combinations)
+    """
     
     def __init__(self, schema_path: Optional[Path] = None):
         """Initialize the validator with the agent schema."""
@@ -39,8 +62,20 @@ class AgentValidator:
         self.validator = Draft7Validator(self.schema)
     
     def _load_schema(self) -> Dict[str, Any]:
-        """Load the JSON schema from file."""
+        """Load the JSON schema from file.
+        
+        Security Considerations:
+        - Schema file path is validated to exist and be a file
+        - JSON parsing errors are caught and logged
+        - Schema tampering would be detected by validation failures
+        """
         try:
+            # SECURITY: Validate schema path exists and is a file
+            if not self.schema_path.exists():
+                raise FileNotFoundError(f"Schema file not found: {self.schema_path}")
+            if not self.schema_path.is_file():
+                raise ValueError(f"Schema path is not a file: {self.schema_path}")
+                
             with open(self.schema_path, 'r') as f:
                 return json.load(f)
         except Exception as e:
@@ -51,6 +86,12 @@ class AgentValidator:
         """
         Validate a single agent configuration against the schema.
         
+        Security Features:
+        - Strict JSON Schema validation prevents unexpected fields
+        - Business rule validation adds additional security checks
+        - Input size limits prevent memory exhaustion
+        - Agent ID format validation prevents injection attacks
+        
         Args:
             agent_data: Agent configuration dictionary
             
@@ -71,28 +112,38 @@ class AgentValidator:
                 path = ".".join(str(p) for p in e.path)
                 result.errors.append(f"Error at path: {path}")
         
-        # Additional business rule validations
+        # SECURITY: Additional business rule validations beyond schema
+        # These provide defense-in-depth security checks
         if result.is_valid:
             self._validate_business_rules(agent_data, result)
         
         # Add metadata
         result.metadata = {
             "validated_at": datetime.utcnow().isoformat(),
-            "schema_version": self.schema.get("version", "1.0.0"),
+            "schema_version": self.schema.get("version", "1.1.0"),
             "agent_id": agent_data.get("id", "unknown")
         }
         
         return result
     
     def _validate_business_rules(self, agent_data: Dict[str, Any], result: ValidationResult) -> None:
-        """Apply additional business rule validations beyond schema."""
+        """Apply additional business rule validations beyond schema.
+        
+        Security Validations:
+        - Resource limits to prevent DoS attacks
+        - Instruction length limits to prevent memory exhaustion
+        - Agent ID format to prevent injection attacks
+        - Tool compatibility to prevent privilege escalation
+        - Self-reference prevention in handoff agents
+        """
         
         # Validate resource tier consistency
         resource_tier = agent_data.get("capabilities", {}).get("resource_tier")
         if resource_tier:
             self._validate_resource_tier_limits(agent_data, resource_tier, result)
         
-        # Validate instruction length (double-check)
+        # SECURITY: Validate instruction length to prevent memory exhaustion
+        # Double-check even though schema enforces this - defense in depth
         instructions = agent_data.get("instructions", "")
         if len(instructions) > 8000:
             result.errors.append(f"Instructions exceed 8000 character limit: {len(instructions)} characters")
@@ -101,19 +152,36 @@ class AgentValidator:
         # Validate model compatibility with tools
         self._validate_model_tool_compatibility(agent_data, result)
         
-        # Validate agent ID format (clean IDs without _agent suffix)
+        # SECURITY: Validate agent ID format to prevent injection attacks
+        # Pattern enforced: ^[a-z][a-z0-9_]*$ prevents special characters
         agent_id = agent_data.get("id", "")
         if agent_id.endswith("_agent"):
             result.warnings.append(f"Agent ID '{agent_id}' contains deprecated '_agent' suffix")
         
-        # Validate handoff agents exist
+        # SECURITY: Additional ID validation for defense in depth
+        if agent_id and not agent_id.replace('_', '').replace('-', '').isalnum():
+            result.errors.append(f"Agent ID '{agent_id}' contains invalid characters")
+            result.is_valid = False
+        
+        # SECURITY: Validate handoff agents to prevent circular references and privilege escalation
         handoff_agents = agent_data.get("interactions", {}).get("handoff_agents", [])
         for handoff_id in handoff_agents:
             if handoff_id == agent_id:
                 result.warnings.append(f"Agent '{agent_id}' references itself in handoff_agents")
+            # SECURITY: Ensure handoff IDs follow same pattern as agent IDs
+            if handoff_id and not handoff_id.replace('_', '').replace('-', '').isalnum():
+                result.errors.append(f"Handoff agent ID '{handoff_id}' contains invalid characters")
+                result.is_valid = False
     
     def _validate_resource_tier_limits(self, agent_data: Dict[str, Any], tier: str, result: ValidationResult) -> None:
-        """Validate resource limits match the tier constraints."""
+        """Validate resource limits match the tier constraints.
+        
+        Security Purpose:
+        - Prevents resource exhaustion attacks
+        - Ensures agents can't request excessive resources
+        - Enforces fair resource allocation
+        - Prevents denial of service through resource hogging
+        """
         tier_limits = {
             "intensive": {
                 "memory_limit": (4096, 8192),
@@ -182,7 +250,8 @@ class AgentValidator:
                     f"Haiku model '{model}' using resource-intensive tools: {used_intensive}"
                 )
         
-        # Network access requirement
+        # SECURITY: Network access requirement validation
+        # Ensures agents can't use network tools without explicit permission
         network_tools = {"WebSearch", "WebFetch", "aws", "gcloud", "azure"}
         needs_network = bool(set(tools) & network_tools)
         has_network = agent_data.get("capabilities", {}).get("network_access", False)
@@ -191,10 +260,38 @@ class AgentValidator:
             result.warnings.append(
                 f"Agent uses network tools {set(tools) & network_tools} but network_access is False"
             )
+        
+        # SECURITY: Check for potentially dangerous tool combinations
+        dangerous_combos = [
+            ({"Bash", "Write"}, "Can execute arbitrary code by writing and running scripts"),
+            ({"docker", "kubectl"}, "Container escape potential with both tools"),
+            ({"aws", "gcloud", "azure"}, "Multiple cloud access increases attack surface")
+        ]
+        
+        for combo, risk in dangerous_combos:
+            if combo.issubset(set(tools)):
+                result.warnings.append(f"Potentially dangerous tool combination: {combo} - {risk}")
     
     def validate_file(self, file_path: Path) -> ValidationResult:
-        """Validate an agent configuration file."""
+        """Validate an agent configuration file.
+        
+        Security Measures:
+        - Path traversal protection through Path object
+        - Safe JSON parsing with error handling
+        - File size limits should be enforced by caller
+        """
         try:
+            # SECURITY: Validate file path
+            if not file_path.exists():
+                raise FileNotFoundError(f"File not found: {file_path}")
+            if not file_path.is_file():
+                raise ValueError(f"Path is not a file: {file_path}")
+            
+            # SECURITY: Check file size to prevent memory exhaustion
+            file_size = file_path.stat().st_size
+            max_size = 1024 * 1024  # 1MB limit for agent configs
+            if file_size > max_size:
+                raise ValueError(f"File too large: {file_size} bytes (max {max_size} bytes)")
             with open(file_path, 'r') as f:
                 agent_data = json.load(f)
             
@@ -212,13 +309,39 @@ class AgentValidator:
             return result
     
     def validate_directory(self, directory: Path) -> Dict[str, ValidationResult]:
-        """Validate all agent files in a directory."""
+        """Validate all agent files in a directory.
+        
+        Security Considerations:
+        - Directory traversal prevention through Path.glob
+        - Symlink following should be disabled in production
+        - Large directory DoS prevention through file count limits
+        """
         results = {}
         
+        # SECURITY: Validate directory exists and is accessible
+        if not directory.exists():
+            raise FileNotFoundError(f"Directory not found: {directory}")
+        if not directory.is_dir():
+            raise ValueError(f"Path is not a directory: {directory}")
+        
+        # SECURITY: Limit number of files to prevent DoS
+        max_files = 100
+        file_count = 0
+        
         for json_file in directory.glob("*.json"):
             if json_file.name == "agent_schema.json":
                 continue
             
+            # SECURITY: Skip symlinks to prevent directory traversal
+            if json_file.is_symlink():
+                logger.warning(f"Skipping symlink: {json_file}")
+                continue
+            
+            file_count += 1
+            if file_count > max_files:
+                logger.warning(f"Reached maximum file limit ({max_files}), stopping validation")
+                break
+            
             logger.info(f"Validating {json_file}")
             results[json_file.name] = self.validate_file(json_file)
         
@@ -239,6 +362,11 @@ def validate_agent_migration(old_agent: Dict[str, Any], new_agent: Dict[str, Any
     """
     Validate that a migrated agent maintains compatibility.
     
+    Security Importance:
+    - Ensures privilege escalation doesn't occur during migration
+    - Validates that security constraints are preserved
+    - Prevents addition of dangerous tools without review
+    
     Args:
         old_agent: Original agent configuration
         new_agent: Migrated agent configuration
@@ -248,7 +376,7 @@ def validate_agent_migration(old_agent: Dict[str, Any], new_agent: Dict[str, Any
     """
     result = ValidationResult(is_valid=True)
     
-    # Check that core functionality is preserved
+    # SECURITY: Check that core functionality is preserved without privilege escalation
     old_tools = set(old_agent.get("configuration_fields", {}).get("tools", []))
     new_tools = set(new_agent.get("capabilities", {}).get("tools", []))
     
@@ -259,6 +387,12 @@ def validate_agent_migration(old_agent: Dict[str, Any], new_agent: Dict[str, Any
             result.warnings.append(f"Tools removed in migration: {missing}")
         if added:
             result.warnings.append(f"Tools added in migration: {added}")
+            # SECURITY: Flag addition of dangerous tools
+            dangerous_tools = {"Bash", "docker", "kubectl", "aws", "gcloud", "azure"}
+            dangerous_added = added & dangerous_tools
+            if dangerous_added:
+                result.errors.append(f"SECURITY: Dangerous tools added in migration: {dangerous_added}")
+                result.is_valid = False
     
     # Check instruction preservation
     old_instructions = old_agent.get("narrative_fields", {}).get("instructions", "")

{claude_mpm-2.1.0.dist-info → claude_mpm-3.0.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: claude-mpm
-Version: 2.1.0
+Version: 3.0.0
 Summary: Claude Multi-agent Project Manager - Clean orchestration with ticket management
 Home-page: https://github.com/bobmatnyc/claude-mpm
 Author: Claude MPM Team
@@ -18,7 +18,8 @@ Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
 Requires-Python: >=3.8
 Description-Content-Type: text/markdown
-Requires-Dist: ai-trackdown-pytools>=1.2.0
+License-File: LICENSE
+Requires-Dist: ai-trackdown-pytools>=1.4.0
 Requires-Dist: pyyaml>=6.0
 Requires-Dist: python-dotenv>=0.19.0
 Requires-Dist: rich>=13.0.0
@@ -40,6 +41,7 @@ Requires-Dist: flake8; extra == "dev"
 Requires-Dist: mypy; extra == "dev"
 Dynamic: author-email
 Dynamic: home-page
+Dynamic: license-file
 Dynamic: requires-python
 
 # Claude MPM - Multi-Agent Project Manager

{claude_mpm-2.1.0.dist-info → claude_mpm-3.0.0.dist-info}/RECORD

@@ -1,6 +1,6 @@
 claude_mpm/__init__.py,sha256=sAbTZkHe3vWYAKDWdGyGVue5zwLD7nCOHZwZrLALM8A,395
 claude_mpm/__main__.py,sha256=smBw-5J3nf5s6GgQjj384GUr28YotIX-WNOxqpP0wnE,310
-claude_mpm/_version.py,sha256=HBkjBFMyGB0Jyz0lTkWhWTEalldfBZqkqfHkyuIxBJk,159
+claude_mpm/_version.py,sha256=XOBUW134_JPZxC1dQDfnUpr93VyEj_9jTy9j5A-WR_s,159
 claude_mpm/cli.py,sha256=_6tUSY0FqBN6cHR6awuXgqm2-Hlh-L508rB-RDgflPU,26036
 claude_mpm/cli_enhancements.py,sha256=nwdOrbXITRqvcq_vrJtPKW1GDS7dLIG4UqjoUet2vR0,10890
 claude_mpm/cli_main.py,sha256=KCAe-ws73NrIg5qmFhPdZ1a4uoiaEZ-lldYzQ6KfnJg,306
@@ -10,22 +10,22 @@ claude_mpm/agents/BASE_AGENT_TEMPLATE.md,sha256=TYgSd9jNBMWp4mAOBUl9dconX4RcGbvm
 claude_mpm/agents/INSTRUCTIONS.md,sha256=X6bOhSII3pZVZh_Vw_zMYRdfLtyl5Mmf_jhrVYfNxFs,7200
 claude_mpm/agents/__init__.py,sha256=r-p7ervzjLPD7_8dm2tXX_fwvdTZy6KwKA03ofxN3sA,3275
 claude_mpm/agents/agent-template.yaml,sha256=koKJn8MCAJx0QNQMHouvIZrwvw5qjPV0U-aV-YVyk6s,2036
-claude_mpm/agents/agent_loader.py,sha256=aZiTX8u0__8ueHzwney98PHfVMSkrpF3Nh-DoFlso74,18675
+claude_mpm/agents/agent_loader.py,sha256=UZf3Od23gSKe_k-EokatQdQKqS38lRQq_ifUYU5I0qU,44024
 claude_mpm/agents/agent_loader_integration.py,sha256=z_DXxAIeuUD71HBYdxxvcFKoQYQxITLo8oAdN_M4LTA,7610
 claude_mpm/agents/agents_metadata.py,sha256=Xju9Yim6XSv2u1J_Swre5VJySbdxxC-9TzpOfXG8ibg,5170
 claude_mpm/agents/base_agent.json,sha256=wvopTu58PEdvgvjBi45J5aBA6bxs5_v1KC84CbJeRzY,3820
-claude_mpm/agents/base_agent_loader.py,sha256=DJ0BDP_7ic3q0Zv5YQFZCYZp2V3bC3bB1v11ohbN8yU,18418
+claude_mpm/agents/base_agent_loader.py,sha256=0cVD__2y-kPHr3G2YxqRazMGYUZvqKWp0O-VCFN6cxg,18993
 claude_mpm/agents/system_agent_config.py,sha256=Lke4FFjU0Vq3LLo4O7KvtHxadP7agAwC-ljCXK40h_A,23526
-claude_mpm/agents/schema/agent_schema.json,sha256=Ca_8E0QkFpGwQd7XjVy3jnBMv_-Yo2rL7Po-ziHut2U,5472
+claude_mpm/agents/schema/agent_schema.json,sha256=7zuSk4VfBNTlQN33AkfJp0Y1GltlviwengIM0mb7dGg,8741
 claude_mpm/agents/templates/__init__.py,sha256=7UyIChghCnkrDctvmCRYr0Wrnn8Oj-eCdgL0KpFy1Mo,2668
-claude_mpm/agents/templates/data_engineer.json,sha256=3qLAOSBO47O5bj8gnUNvEjeIe9bRc6Hzaj3w_pTvmvI,5811
-claude_mpm/agents/templates/documentation.json,sha256=W6gF0p2XpXrYPng7aUjbpE0Z3IW193EbP3nKoNmY4yc,3043
-claude_mpm/agents/templates/engineer.json,sha256=vRAr9sEgKt7_IVg2e3iZmLQFQHTzjgM-YQepS-TL6rY,8829
-claude_mpm/agents/templates/ops.json,sha256=mNoS_OS_e4Ht2drx3d7H0I18x38LX16E-mhsJn95ydQ,2899
-claude_mpm/agents/templates/qa.json,sha256=qEsJzkXbqM4pAdl4vyW1HeaQME5SvnIk4XttPWI2Dhw,2942
-claude_mpm/agents/templates/research.json,sha256=nwqExnDvMVGih7RGzbwpYGBb1NbAdHRq3L03S4QtzKs,10180
-claude_mpm/agents/templates/security.json,sha256=T0hRMeHq54ryblR2QsBFBJtNx-mYR3VEtwQYOvx4EOU,2945
-claude_mpm/agents/templates/version_control.json,sha256=RsV0WLs58boDOzurwB75Zdol4uXf_Za0VHOqQ3Og2Rw,2923
+claude_mpm/agents/templates/data_engineer.json,sha256=qoUz4nR5dP3ANu-e6Lr5bP_aa1A8_L9cN3iGwZk_B4k,5910
+claude_mpm/agents/templates/documentation.json,sha256=ClQ3_zWRSxkCm1_bLuVRi5bl2IYUIjPEINZm82HjJak,3142
+claude_mpm/agents/templates/engineer.json,sha256=Vqvxdifa1ldDUiFG1EXYupHCjg1hFYT80YE7Ef1owAk,8922
+claude_mpm/agents/templates/ops.json,sha256=uxIu5Tyw-FsnV-RtT-hk2QSy9EJgesmK7eampglL5tk,2988
+claude_mpm/agents/templates/qa.json,sha256=ByZw4FT1RW5sRoim2ouUPYipCi-6xI8LDaYEZ26lc6U,3076
+claude_mpm/agents/templates/research.json,sha256=omkijtxuVMFweqGa6OzGS8qy0Xrlr1WwfZq361-mQtk,9943
+claude_mpm/agents/templates/security.json,sha256=5RzIlGtRjPIVSKvH_jjx-hzPbjh0TP2SeDBw_7LyfEA,3118
+claude_mpm/agents/templates/version_control.json,sha256=YPxSufd32PMFTyVzDkOteoS944r74MD3VIToYm4DRCE,3043
 claude_mpm/agents/templates/backup/data_engineer_agent_20250726_234551.json,sha256=lLso4RHXVTQmX4A1XwF84kT59zZDblPO1xCgBj4S4x8,5060
 claude_mpm/agents/templates/backup/documentation_agent_20250726_234551.json,sha256=snfJW2yW9aMv9ldCSIWW7zwnyoQRx5u7xLMkNlfus9I,2258
 claude_mpm/agents/templates/backup/engineer_agent_20250726_234551.json,sha256=21o8TGCM9TO6eocSV9Ev5MmCq-xYwwCqMU7KQESaY2Q,8479
@@ -40,15 +40,13 @@ claude_mpm/cli_module/args.py,sha256=nilYpziBsoEySO4W1hQ2MRJyn9TFx3c3TrucyMMhRtk
 claude_mpm/cli_module/commands.py,sha256=CBNfO-bXrZ0spjeW_7-swprEq5V4PQSc0qhl9SLP5UU,7168
 claude_mpm/cli_module/migration_example.py,sha256=C-_GbsW8dGzutnNeRLLld74ibDLyAOQx0stdpYZS0hs,6137
 claude_mpm/cli_module/refactoring_guide.md,sha256=fl1PGwLZAj4OYWmU0syg1jDd81PqK7rC7rhwgFId5BE,7048
-claude_mpm/cli_old/__init__.py,sha256=v7mFJSN0p6NOIcURZp5ibZaZBn6iGrLwyGl7tA_lh4c,32
-claude_mpm/cli_old/ticket_cli.py,sha256=oKIT2LR1tToHybwypRfsNdnYlwdRzjWyjlQN5lYwTOk,3795
 claude_mpm/config/__init__.py,sha256=p31JuaXLDHgIgoAbHApNvctN2IEZYq2MBkkXROdhbH8,105
 claude_mpm/core/__init__.py,sha256=hE29BeE3qb8vC1-wiKjPh60WZebCwfo9UAUGM1zQnkc,1206
 claude_mpm/core/agent_name_normalizer.py,sha256=-X68oz3_74t9BRbHA54NEGyjy0xjTsGp_sCUHDtKp1s,9269
 claude_mpm/core/agent_registry.py,sha256=4MAfc7xDlrYWWkHmDMRmWE8q32teuCmIcud9D0I0dLo,20496
 claude_mpm/core/agent_registry.py.bak,sha256=cXB0yqhonE1XsXmWcdwyNuvv8yddK_PyZILDCmwCZ_Q,10161
 claude_mpm/core/agent_session_manager.py,sha256=6alXQr4gnMR-unT4J1ryEtTxJqQolA0-NgPQN6X3lqY,11212
-claude_mpm/core/base_service.py,sha256=b4KrjxzqStDhVqsE37ApzwMRNQM7WGGdHciEuWdH4mE,26824
+claude_mpm/core/base_service.py,sha256=qWI_rUybHmmKroptJxcE4rzPBhK8yeMKIt2JqnqJB7E,29125
 claude_mpm/core/base_service.py.bak,sha256=48A8eI_HPqxYm42X5jaTo8zQVOfFFXe7SqIUo-8IyC4,13124
 claude_mpm/core/config.py,sha256=QNPufRWzXl99wAz14Gm2T_CG5K5n8d4eOjmpaxVllv0,12371
 claude_mpm/core/config_aliases.py,sha256=8eqA4wpWViIDm_9pL3f9j7cR_ssmhOYYiY2UzHrfUzg,10058
@@ -81,7 +79,7 @@ claude_mpm/hooks/builtin/ticket_extraction_hook_example.py,sha256=4wNhS2tFUXgdcv
 claude_mpm/hooks/builtin/todo_agent_prefix_hook.py,sha256=v_4w2vcZIt0bkZxqdHmgtN79yHZ1gviuhhBws0FHpIQ,10226
 claude_mpm/hooks/builtin/workflow_start_hook.py,sha256=EQrtYD9qLMLSYPl3oQinEheZAJ2i5EO_h2jhhR8lmt0,7490
 claude_mpm/hooks/claude_hooks/__init__.py,sha256=bMUwt2RzDGAcEbtDMA7vWS1uJsauOY0OixIe4pHwgQ0,129
-claude_mpm/hooks/claude_hooks/hook_handler.py,sha256=r1OqgtXw04u47FVV8Ks2ppHh8hC4xSQrj3Q3hWHuHxs,21627
+claude_mpm/hooks/claude_hooks/hook_handler.py,sha256=FpmG0TfPTT-JL_dFdae-XVwNnvCvB6BJtRpT5PlZi7g,30538
 claude_mpm/hooks/claude_hooks/hook_wrapper.sh,sha256=6n0-G317jIrPuNRGnAyFvBbNM4gVzKEat_WSbpvKN-g,1742
 claude_mpm/orchestration/SUBPROCESS_DESIGN.md,sha256=YwToiT1_NXblv1XIWhWPNc2uKzDvqY2E_Nix8qK7qk0,2136
 claude_mpm/orchestration/__init__.py,sha256=C-cwldtfBCgV19mKnJa5U1XiKw1rAZvx-kK61nIdcao,205
@@ -97,19 +95,21 @@ claude_mpm/orchestration/archive/simple_orchestrator.py,sha256=Booy_eeuC5H3i-1HA
 claude_mpm/orchestration/archive/subprocess_orchestrator.py,sha256=TYTAHX6p4OpgBsfU-CF2D6r_wmZHIASc9GR8l3-qXQM,31982
 claude_mpm/orchestration/archive/system_prompt_orchestrator.py,sha256=R16sc-94kQVeGjJzTYmvKn0aYgj_9qxyzShDy1E5zpE,12853
 claude_mpm/orchestration/archive/wrapper_orchestrator.py,sha256=cvL0NJf9kCWf3QJl67ySwvtR1Hd9Rym28Ii8Rtsdi6Q,6806
-claude_mpm/schemas/agent_schema.json,sha256=xPqYaZ8VNFyabdpEL91kufKPsWk36v6hYbqoMfUsvs4,9645
+claude_mpm/schemas/README_SECURITY.md,sha256=6BiFZ9VuMllijQkYEx_lAT7wwXhMeO3FQtih7WMvsAI,3297
+claude_mpm/schemas/agent_schema.json,sha256=vEp9dFCqUmxLzkNLmB34uvCmGemNv1DiVYNcUXBDONc,15963
+claude_mpm/schemas/agent_schema_security_notes.md,sha256=gzx6Z4xL5x0QISiXVDcwRGNnfegRgVK7jx7jAcc5910,6449
 claude_mpm/scripts/__init__.py,sha256=M2n9fQeyfILC8gogXvJv6ixnu7hwpqLEqLWJRaUN0MU,37
 claude_mpm/scripts/ticket.py,sha256=GmFimtTJxc927cCzJvvJH3gvoxXQtAB-W-xnuclcvNs,9350
 claude_mpm/services/__init__.py,sha256=-EBm07Lh9mjcofiQHCqyCCQJMLi9akVArPlz8i_kEOo,226
-claude_mpm/services/agent_capabilities_generator.py,sha256=K0oO2N4yjRXmf27FF6dbWCXcugT-7uGWz5p0p0APDSg,6658
-claude_mpm/services/agent_deployment.py,sha256=23nvYNyDj7QXxaiDsbwhuYhNDAv9vJ-KJI-SEHWcH5I,49837
-claude_mpm/services/agent_lifecycle_manager.py,sha256=VZBVONepomFpMqL7soaXIawS4NoaltFWKed7tU6bS3w,39057
+claude_mpm/services/agent_capabilities_generator.py,sha256=hWG0zV2InmzrDMxSbQzjVBBTzEaxg0bFxl8tmTMJ8qA,6565
+claude_mpm/services/agent_deployment.py,sha256=DtK1BX2yCrutUkQdVPD01mYHm-ya36l3EPOnEcaDfog,67961
+claude_mpm/services/agent_lifecycle_manager.py,sha256=LPKTr6Oo2EzZ2vpk1a2uscdEeO9Vagz5UwatF3Zj0ZI,41913
 claude_mpm/services/agent_management_service.py,sha256=eX5n6w17b9urcogVdr4V-kXcuo7yyjORTrIihjF8PeQ,22853
 claude_mpm/services/agent_modification_tracker.py,sha256=7FRDXuCNANUnLatCgtBArG-AxZNtKbGQjgCKjnzmJ80,34050
 claude_mpm/services/agent_profile_loader.py,sha256=4D1Xj0vgqV8wN7Y3r8lijh7ghy5cVGU5t5s931sVqGc,23133
 claude_mpm/services/agent_registry.py,sha256=vn8CEW0vppj_0EY2NofmNRZEnpV70mlWiX2kAViFDRg,24374
 claude_mpm/services/base_agent_manager.py,sha256=WEcfzdMaFXmXUSoEYEPNeGu8dvqjIv53zyUU0ITrhsM,14987
-claude_mpm/services/deployed_agent_discovery.py,sha256=suzDPVt3eSGjyO1tkpuYNrMbgPz_uUuAWHWimtjvT3A,9299
+claude_mpm/services/deployed_agent_discovery.py,sha256=GoXhho5EBz_FZDDl4xUWW_BnP3hfymbV1ePorRrhO_U,9443
 claude_mpm/services/framework_agent_loader.py,sha256=QdRSYRurYF3YbAXJwIGei71BffD5AqOVcV3ktRPdk7g,14018
 claude_mpm/services/framework_claude_md_generator.py,sha256=3kHmkRLHTex6HFZ4DhbLVQb48j-5dAoy1q6UW1Qf7U8,22914
 claude_mpm/services/shared_prompt_cache.py,sha256=D04lrRWyg0lHyqGcAHy7IYvRHRKSg6EOpAJwBUPa2wk,29890
@@ -153,7 +153,7 @@ claude_mpm/services/version_control/__init__.py,sha256=5BFbqFUMtpCyDbMcekRjCQ4jg
 claude_mpm/services/version_control/branch_strategy.py,sha256=MTjWinbJEp4N-QqBi6Olop7LNtvhCEPVnfCwK-29O-A,22999
 claude_mpm/services/version_control/conflict_resolution.py,sha256=yWa9fzmkds1U0EBw-LyTZvlj56MpEEsRmryLQg4KDdU,26084
 claude_mpm/services/version_control/git_operations.py,sha256=L69Aduzwq4IipIGV3iiwNQTlgVi6peh-LzJTks7bvxo,27499
-claude_mpm/services/version_control/semantic_versioning.py,sha256=FF5Is4iI0jxRLhMUCpmehsXGaYM-ot7lfbCD2SSWEfo,23242
+claude_mpm/services/version_control/semantic_versioning.py,sha256=xiDsirwq8CApnOBc4UMf4VcrgolzQgfK2T_Yi3mY7Bk,29039
 claude_mpm/ui/__init__.py,sha256=Snxxm3pYXPKfv9gBG_MZKxXkZk8c4ZJAQIvh-rjjCFo,45
 claude_mpm/ui/rich_terminal_ui.py,sha256=gx_9TD0kR4Exq867pHjVVs_b-gw1q267t5oA2ZDSkQU,10078
 claude_mpm/ui/terminal_ui.py,sha256=E_M-L-6EuGp6L8pRpaWEhTqf-ddDXhZp5W85D0XNRPw,11928
@@ -166,9 +166,10 @@ claude_mpm/utils/imports.py,sha256=wX-SOXUHbemx01MHRGQpVwajzXH6qYdQkYNFCIbb2mw,6
 claude_mpm/utils/path_operations.py,sha256=6pLMnAWBVzHkgp6JyQHmHbGD-dWn-nX21yV4E_eT-kM,11614
 claude_mpm/utils/paths.py,sha256=Xv0SZWdZRkRjN9e6clBcA165ya00GNQxt7SwMz51tfA,10153
 claude_mpm/validation/__init__.py,sha256=bJ19g9lnk7yIjtxzN8XPegp87HTFBzCrGQOpFgRTf3g,155
-claude_mpm/validation/agent_validator.py,sha256=gxBn3m3NyJiHymIoNGUBk4dzRjIrw3TVL6lWPpmZmW8,11693
-claude_mpm-2.1.0.dist-info/METADATA,sha256=WOaRAE-7Fy72GQtEEJ1BvK7IIRKbqbpdUvnHTzR7RQE,13862
-claude_mpm-2.1.0.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-claude_mpm-2.1.0.dist-info/entry_points.txt,sha256=PknO31um7d8bt6GjOiVeYpdJpjND0_C1z-LQfY6UfiU,142
-claude_mpm-2.1.0.dist-info/top_level.txt,sha256=1nUg3FEaBySgm8t-s54jK5zoPnu3_eY6EP6IOlekyHA,11
-claude_mpm-2.1.0.dist-info/RECORD,,
+claude_mpm/validation/agent_validator.py,sha256=GCA2b2rKhKDeaNyUqWxTiWIs3sDdWjD9cgOFRp9K6ic,18227
+claude_mpm-3.0.0.dist-info/licenses/LICENSE,sha256=cSdDfXjoTVhstrERrqme4zgxAu4GubU22zVEHsiXGxs,1071
+claude_mpm-3.0.0.dist-info/METADATA,sha256=pAc6wBy6kH__N3J2u_LvzGdpt5N_abYBgoPoKBLXWA0,13906
+claude_mpm-3.0.0.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+claude_mpm-3.0.0.dist-info/entry_points.txt,sha256=PknO31um7d8bt6GjOiVeYpdJpjND0_C1z-LQfY6UfiU,142
+claude_mpm-3.0.0.dist-info/top_level.txt,sha256=1nUg3FEaBySgm8t-s54jK5zoPnu3_eY6EP6IOlekyHA,11
+claude_mpm-3.0.0.dist-info/RECORD,,

claude_mpm-3.0.0.dist-info/licenses/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Claude MPM Team
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

claude_mpm/cli_old/__init__.py

@@ -1 +0,0 @@
-"""CLI module for claude-mpm."""

claude_mpm/cli_old/ticket_cli.py

@@ -1,102 +0,0 @@
-#!/usr/bin/env python3
-"""
-Ticket Management CLI - delegates to aitrackdown.
-
-This module provides a wrapper that delegates all ticket operations
-to the aitrackdown command-line tool.
-"""
-
-import sys
-import subprocess
-import argparse
-
-
-def main():
-    """Main entry point that delegates to aitrackdown."""
-    parser = argparse.ArgumentParser(
-        description="Ticket management for Claude MPM (delegates to aitrackdown)",
-        add_help=False
-    )
-    
-    # Capture all arguments
-    parser.add_argument('command', nargs='?', help='Command to run')
-    parser.add_argument('args', nargs=argparse.REMAINDER, help='Arguments for the command')
-    
-    args = parser.parse_args()
-    
-    # Map common commands to aitrackdown equivalents
-    if args.command == 'create':
-        # Check if type is specified
-        if any(arg in ['-t', '--type'] for arg in args.args):
-            try:
-                type_idx = args.args.index('-t') if '-t' in args.args else args.args.index('--type')
-                if type_idx + 1 < len(args.args):
-                    ticket_type = args.args[type_idx + 1]
-                    # Remove type arguments
-                    remaining_args = args.args[:type_idx] + args.args[type_idx + 2:]
-                    
-                    if ticket_type == 'epic':
-                        cmd = ['aitrackdown', 'epic', 'create'] + remaining_args
-                    elif ticket_type == 'issue':
-                        cmd = ['aitrackdown', 'issue', 'create'] + remaining_args
-                    else:
-                        cmd = ['aitrackdown', 'task', 'create'] + remaining_args
-                else:
-                    cmd = ['aitrackdown', 'task', 'create'] + args.args
-            except:
-                cmd = ['aitrackdown', 'task', 'create'] + args.args
-        else:
-            cmd = ['aitrackdown', 'task', 'create'] + args.args
-    
-    elif args.command == 'list':
-        cmd = ['aitrackdown', 'task', 'list'] + args.args
-    
-    elif args.command in ['view', 'show']:
-        cmd = ['aitrackdown', 'task', 'show'] + args.args
-    
-    elif args.command == 'update':
-        cmd = ['aitrackdown', 'task', 'update'] + args.args
-    
-    elif args.command == 'close':
-        if args.args:
-            cmd = ['aitrackdown', 'task', 'complete', args.args[0]] + args.args[1:]
-        else:
-            cmd = ['aitrackdown', 'task', 'complete']
-    
-    elif args.command in ['help', '--help', '-h', None]:
-        print("Claude MPM Ticket Management (powered by aitrackdown)")
-        print()
-        print("Usage:")
-        print("  claude-mpm-ticket create <title> [options]")
-        print("  claude-mpm-ticket list [options]")
-        print("  claude-mpm-ticket view <id>")
-        print("  claude-mpm-ticket update <id> [options]")
-        print("  claude-mpm-ticket close <id>")
-        print()
-        print("Examples:")
-        print('  claude-mpm-ticket create "Fix bug" -p high')
-        print('  claude-mpm-ticket create "New feature" -t issue')
-        print('  claude-mpm-ticket create "Roadmap" -t epic')
-        print('  claude-mpm-ticket list')
-        print('  claude-mpm-ticket view TSK-0001')
-        print()
-        print("For full options, use: aitrackdown --help")
-        return
-    
-    else:
-        # Pass through to aitrackdown
-        cmd = ['aitrackdown'] + ([args.command] if args.command else []) + args.args
-    
-    # Execute the command
-    try:
-        subprocess.run(cmd, check=True)
-    except subprocess.CalledProcessError as e:
-        sys.exit(e.returncode)
-    except FileNotFoundError:
-        print("Error: aitrackdown not found. Please ensure ai-trackdown-pytools is installed.")
-        print("Install with: pip install ai-trackdown-pytools")
-        sys.exit(1)
-
-
-if __name__ == "__main__":
-    main()