claude-mpm 2.1.1__py3-none-any.whl → 3.0.0__py3-none-any.whl

claude_mpm/services/agent_lifecycle_manager.py

@@ -758,7 +758,36 @@ class AgentLifecycleManager(BaseService):
             return False
     
     async def _update_performance_metrics(self, result: LifecycleOperationResult) -> None:
-        """Update performance metrics with operation result."""
+        """Update performance metrics with operation result.
+        
+        METRICS COLLECTION:
+        This method demonstrates a simple ETL pipeline for operational metrics:
+        
+        1. EXTRACT: Pull raw data from operation results
+           - Success/failure status
+           - Operation duration
+           - Cache invalidation events
+           - Operation type and agent tier
+        
+        2. TRANSFORM: Calculate derived metrics
+           - Success rates and failure percentages
+           - Rolling averages for performance
+           - Operation distribution by type
+           - Performance by agent tier
+        
+        3. LOAD: Store in metrics structure
+           - In-memory storage for real-time access
+           - Could be extended to push to:
+             * Time-series databases (Prometheus, InfluxDB)
+             * AI observability platforms (Datadog, New Relic)
+             * Custom analytics pipelines
+        
+        OPTIMIZATION OPPORTUNITIES:
+        - Add percentile calculations (p50, p95, p99)
+        - Track operation queuing times
+        - Monitor resource usage per operation
+        - Implement sliding window metrics
+        """
         self.performance_metrics['total_operations'] += 1
         
         if result.success:
@@ -766,16 +795,45 @@ class AgentLifecycleManager(BaseService):
         else:
             self.performance_metrics['failed_operations'] += 1
         
-        # Update average duration
+        # Update average duration using incremental calculation
+        # This avoids storing all durations in memory
         total_ops = self.performance_metrics['total_operations']
         current_avg = self.performance_metrics['average_duration_ms']
         new_avg = ((current_avg * (total_ops - 1)) + result.duration_ms) / total_ops
         self.performance_metrics['average_duration_ms'] = new_avg
         
+        # METRICS: Track operation type distribution
+        # This helps identify which operations are most common
+        op_type = result.operation.value
+        if 'operation_distribution' not in self.performance_metrics:
+            self.performance_metrics['operation_distribution'] = {}
+        self.performance_metrics['operation_distribution'][op_type] = \
+            self.performance_metrics['operation_distribution'].get(op_type, 0) + 1
+        
+        # METRICS: Track performance by agent tier
+        # Useful for identifying tier-specific performance issues
+        if hasattr(result, 'tier') and result.tier:
+            if 'tier_performance' not in self.performance_metrics:
+                self.performance_metrics['tier_performance'] = {}
+            tier_name = result.tier.value if hasattr(result.tier, 'value') else str(result.tier)
+            if tier_name not in self.performance_metrics['tier_performance']:
+                self.performance_metrics['tier_performance'][tier_name] = {
+                    'count': 0,
+                    'total_duration_ms': 0,
+                    'average_duration_ms': 0
+                }
+            tier_metrics = self.performance_metrics['tier_performance'][tier_name]
+            tier_metrics['count'] += 1
+            tier_metrics['total_duration_ms'] += result.duration_ms
+            tier_metrics['average_duration_ms'] = \
+                tier_metrics['total_duration_ms'] / tier_metrics['count']
+        
         # Update cache hit rate if cache was involved
         if result.cache_invalidated:
-            # This would be more sophisticated in practice
-            pass
+            # Track cache invalidation frequency
+            if 'cache_invalidations' not in self.performance_metrics:
+                self.performance_metrics['cache_invalidations'] = 0
+            self.performance_metrics['cache_invalidations'] += 1
     
     async def _handle_modification_event(self, modification: AgentModification) -> None:
         """Handle modification events from tracker."""

claude_mpm/services/deployed_agent_discovery.py

@@ -61,7 +61,6 @@ class DeployedAgentDiscovery:
                     logger.error(f"Failed to extract info from agent {agent}: {e}")
                     continue
             
-            logger.info(f"Discovered {len(deployed_agents)} deployable agents from registry ({filtered_count} templates/base agents filtered out)")
             return deployed_agents
             
         except Exception as e:

claude_mpm/services/version_control/semantic_versioning.py

@@ -7,6 +7,34 @@ This module provides comprehensive semantic versioning management including:
 3. Changelog generation and management
 4. Tag creation and management
 5. Version metadata handling
+
+Semantic Versioning Strategy:
+- Follows semver.org specification 2.0.0
+- Format: MAJOR.MINOR.PATCH[-PRERELEASE][+BUILD]
+- MAJOR: Incompatible API changes
+- MINOR: Backwards-compatible functionality additions
+- PATCH: Backwards-compatible bug fixes
+- PRERELEASE: Optional pre-release identifiers (alpha, beta, rc)
+- BUILD: Optional build metadata
+
+Agent Version Management:
+- Agents use semantic versioning for consistency
+- Version stored in agent template JSON files
+- Automatic migration from old formats (serial, integer)
+- Version comparison for deployment decisions
+- Base and agent version tracking
+
+Version Detection:
+- Multiple file format support (package.json, pyproject.toml, etc.)
+- Git tag integration for version history
+- Changelog parsing for version tracking
+- Fallback mechanisms for missing version info
+
+Change Analysis:
+- Conventional commit pattern matching
+- Breaking change detection
+- Feature and bug fix classification
+- Confidence scoring for version bump suggestions
 """
 
 import re
@@ -32,7 +60,23 @@ class VersionBumpType(Enum):
 
 @dataclass
 class SemanticVersion:
-    """Represents a semantic version."""
+    """Represents a semantic version following semver.org specification.
+    
+    This class encapsulates a semantic version with support for:
+    - Major, minor, and patch version numbers
+    - Pre-release identifiers (alpha, beta, rc, etc.)
+    - Build metadata
+    - Version comparison and sorting
+    - Version bumping operations
+    
+    The comparison logic follows semver precedence rules:
+    1. Compare major, minor, patch numerically
+    2. Pre-release versions have lower precedence than normal versions
+    3. Pre-release identifiers are compared alphanumerically
+    4. Build metadata is ignored in comparisons
+    
+    This is used for both project versioning and agent version management.
+    """
 
     major: int
     minor: int
@@ -41,7 +85,14 @@ class SemanticVersion:
     build: Optional[str] = None
 
     def __str__(self) -> str:
-        """String representation of version."""
+        """String representation of version in semver format.
+        
+        Examples:
+        - 1.2.3
+        - 1.2.3-alpha.1
+        - 1.2.3-beta.2+build.123
+        - 1.2.3+20230615
+        """
         version = f"{self.major}.{self.minor}.{self.patch}"
         if self.prerelease:
             version += f"-{self.prerelease}"
@@ -50,7 +101,20 @@ class SemanticVersion:
         return version
 
     def __lt__(self, other: "SemanticVersion") -> bool:
-        """Compare versions for sorting."""
+        """Compare versions for sorting according to semver precedence.
+        
+        Comparison Rules:
+        1. Version core (major.minor.patch) compared numerically
+        2. Version with pre-release < same version without pre-release
+        3. Pre-release versions compared alphanumerically
+        4. Build metadata ignored (1.0.0+build1 == 1.0.0+build2)
+        
+        This enables proper version sorting for:
+        - Determining latest version
+        - Agent deployment decisions
+        - Version history display
+        """
+        # Compare version core components
         if self.major != other.major:
             return self.major < other.major
         if self.minor != other.minor:
@@ -58,34 +122,68 @@ class SemanticVersion:
         if self.patch != other.patch:
             return self.patch < other.patch
 
-        # Handle prerelease comparison
+        # Handle prerelease comparison per semver spec
+        # No prerelease > with prerelease (1.0.0 > 1.0.0-alpha)
         if self.prerelease is None and other.prerelease is not None:
             return False
         if self.prerelease is not None and other.prerelease is None:
             return True
+        # Both have prerelease - compare alphanumerically
         if self.prerelease is not None and other.prerelease is not None:
             return self.prerelease < other.prerelease
 
         return False
 
     def bump(self, bump_type: VersionBumpType) -> "SemanticVersion":
-        """Create a new version with the specified bump applied."""
+        """Create a new version with the specified bump applied.
+        
+        Version Bump Rules:
+        - MAJOR: Increment major, reset minor and patch to 0
+        - MINOR: Increment minor, reset patch to 0
+        - PATCH: Increment patch only
+        - PRERELEASE: Handle pre-release progression
+        
+        Pre-release Progression:
+        - No prerelease -> alpha.1
+        - alpha.1 -> alpha.2
+        - beta.1 -> beta.2
+        - rc.1 -> rc.2
+        - custom -> custom.1
+        
+        Examples:
+        - 1.2.3 + MAJOR -> 2.0.0
+        - 1.2.3 + MINOR -> 1.3.0
+        - 1.2.3 + PATCH -> 1.2.4
+        - 1.2.3 + PRERELEASE -> 1.2.3-alpha.1
+        - 1.2.3-alpha.1 + PRERELEASE -> 1.2.3-alpha.2
+        
+        Args:
+            bump_type: Type of version bump to apply
+            
+        Returns:
+            New SemanticVersion instance with bump applied
+        """
         if bump_type == VersionBumpType.MAJOR:
+            # Breaking changes - reset minor and patch
             return SemanticVersion(self.major + 1, 0, 0)
         elif bump_type == VersionBumpType.MINOR:
+            # New features - reset patch only
             return SemanticVersion(self.major, self.minor + 1, 0)
         elif bump_type == VersionBumpType.PATCH:
+            # Bug fixes - increment patch only
             return SemanticVersion(self.major, self.minor, self.patch + 1)
         elif bump_type == VersionBumpType.PRERELEASE:
             if self.prerelease:
-                # Increment prerelease number
+                # Increment existing prerelease number
                 match = re.match(r"(.+?)(\d+)$", self.prerelease)
                 if match:
                     prefix, num = match.groups()
                     new_prerelease = f"{prefix}{int(num) + 1}"
                 else:
+                    # Add .1 if no number present
                     new_prerelease = f"{self.prerelease}.1"
             else:
+                # Start new prerelease series
                 new_prerelease = "alpha.1"
 
             return SemanticVersion(self.major, self.minor, self.patch, prerelease=new_prerelease)
@@ -182,6 +280,26 @@ class SemanticVersionManager:
         """
         Parse a version string into a SemanticVersion object.
 
+        Version String Formats Supported:
+        - 1.2.3 (basic semantic version)
+        - v1.2.3 (with 'v' prefix - common in git tags)
+        - 1.2.3-alpha (with prerelease)
+        - 1.2.3-alpha.1 (with prerelease and number)
+        - 1.2.3-beta.2+build.123 (full format)
+        - 1.2.3+20230615 (with build metadata only)
+        
+        The parser is flexible and handles:
+        - Optional 'v' prefix (stripped automatically)
+        - Whitespace trimming
+        - Full semver specification compliance
+        - Graceful failure for invalid formats
+        
+        This is used for:
+        - Parsing versions from files (package.json, etc.)
+        - Converting git tags to versions
+        - Agent version parsing and migration
+        - User input validation
+
         Args:
             version_string: Version string to parse
 
@@ -189,10 +307,11 @@ class SemanticVersionManager:
             SemanticVersion object or None if parsing fails
         """
         try:
-            # Clean up version string
+            # Clean up version string - handle common variations
             version_string = version_string.strip().lstrip("v")
 
-            # Regex pattern for semantic version
+            # Regex pattern for semantic version per semver.org spec
+            # Captures: major.minor.patch[-prerelease][+build]
             pattern = r"^(\d+)\.(\d+)\.(\d+)(?:-([a-zA-Z0-9\-\.]+))?(?:\+([a-zA-Z0-9\-\.]+))?$"
             match = re.match(pattern, version_string)
 
@@ -327,20 +446,50 @@ class SemanticVersionManager:
         """
         Analyze changes to suggest version bump type.
 
+        Change Analysis Process:
+        1. Scan each change description for patterns
+        2. Categorize changes (breaking, feature, fix)
+        3. Determine highest priority change type
+        4. Suggest appropriate version bump
+        5. Calculate confidence score
+        
+        Pattern Matching:
+        - Breaking: "breaking", "breaking change", "remove api", etc.
+        - Features: "add", "new feature", "implement", "enhance"
+        - Fixes: "fix", "bug fix", "resolve", "correct"
+        
+        Version Bump Priority:
+        1. Breaking changes -> MAJOR (highest priority)
+        2. New features -> MINOR
+        3. Bug fixes -> PATCH
+        4. Other changes -> PATCH (default)
+        
+        Confidence Scoring:
+        - 0.9: Clear breaking changes detected
+        - 0.8: Clear new features detected
+        - 0.7: Clear bug fixes detected
+        - 0.5: No clear patterns (default to patch)
+        
+        This analysis is used for:
+        - Conventional commit integration
+        - Automated version bumping
+        - Release note generation
+        - Agent version updates
+
         Args:
             changes: List of change descriptions (e.g., commit messages)
 
         Returns:
-            ChangeAnalysis with suggested version bump
+            ChangeAnalysis with suggested version bump and confidence
         """
         analysis = ChangeAnalysis()
         analysis.change_descriptions = changes
 
-        # Analyze each change
+        # Analyze each change against defined patterns
         for change in changes:
             change_lower = change.lower()
 
-            # Check for breaking changes
+            # Check for breaking changes (highest priority)
             if any(re.search(pattern, change_lower) for pattern in self.breaking_change_patterns):
                 analysis.has_breaking_changes = True
 
@@ -352,19 +501,19 @@ class SemanticVersionManager:
             elif any(re.search(pattern, change_lower) for pattern in self.bug_fix_patterns):
                 analysis.has_bug_fixes = True
 
-        # Determine suggested bump
+        # Determine suggested bump based on priority
         if analysis.has_breaking_changes:
             analysis.suggested_bump = VersionBumpType.MAJOR
-            analysis.confidence = 0.9
+            analysis.confidence = 0.9  # High confidence for breaking changes
         elif analysis.has_new_features:
             analysis.suggested_bump = VersionBumpType.MINOR
-            analysis.confidence = 0.8
+            analysis.confidence = 0.8  # Good confidence for features
         elif analysis.has_bug_fixes:
             analysis.suggested_bump = VersionBumpType.PATCH
-            analysis.confidence = 0.7
+            analysis.confidence = 0.7  # Moderate confidence for fixes
         else:
             analysis.suggested_bump = VersionBumpType.PATCH
-            analysis.confidence = 0.5
+            analysis.confidence = 0.5  # Low confidence, default to safe patch
 
         return analysis
 

claude_mpm/validation/agent_validator.py

@@ -3,6 +3,20 @@ Agent validation framework using JSON Schema validation.
 
 This module provides comprehensive validation for agent configurations
 using the standardized JSON schema with direct validation approach.
+
+Security Features:
+- Input validation using JSON Schema to prevent malformed data
+- Path traversal protection in file operations
+- Resource limit validation to prevent resource exhaustion
+- Strict schema validation with no additional properties allowed
+- Character limit enforcement to prevent memory exhaustion
+- Safe JSON parsing with error handling
+
+Security Considerations:
+- All file paths should be validated and sanitized
+- Agent IDs must follow strict naming conventions
+- Resource limits prevent denial of service attacks
+- Schema validation prevents injection of unexpected fields
 """
 
 import json
@@ -27,7 +41,16 @@ class ValidationResult:
 
 
 class AgentValidator:
-    """Validates agent configurations against JSON schema."""
+    """Validates agent configurations against JSON schema.
+    
+    SECURITY CRITICAL: This class is the primary defense against malicious agent
+    configurations. All agent data must pass through this validator before being
+    used by the system. Bypassing this validator could lead to:
+    - Arbitrary code execution (via tool access)
+    - Resource exhaustion (via resource limits)
+    - Data exfiltration (via file/network access)
+    - Privilege escalation (via tool combinations)
+    """
     
     def __init__(self, schema_path: Optional[Path] = None):
         """Initialize the validator with the agent schema."""
@@ -39,8 +62,20 @@ class AgentValidator:
         self.validator = Draft7Validator(self.schema)
     
     def _load_schema(self) -> Dict[str, Any]:
-        """Load the JSON schema from file."""
+        """Load the JSON schema from file.
+        
+        Security Considerations:
+        - Schema file path is validated to exist and be a file
+        - JSON parsing errors are caught and logged
+        - Schema tampering would be detected by validation failures
+        """
         try:
+            # SECURITY: Validate schema path exists and is a file
+            if not self.schema_path.exists():
+                raise FileNotFoundError(f"Schema file not found: {self.schema_path}")
+            if not self.schema_path.is_file():
+                raise ValueError(f"Schema path is not a file: {self.schema_path}")
+                
             with open(self.schema_path, 'r') as f:
                 return json.load(f)
         except Exception as e:
@@ -51,6 +86,12 @@ class AgentValidator:
         """
         Validate a single agent configuration against the schema.
         
+        Security Features:
+        - Strict JSON Schema validation prevents unexpected fields
+        - Business rule validation adds additional security checks
+        - Input size limits prevent memory exhaustion
+        - Agent ID format validation prevents injection attacks
+        
         Args:
             agent_data: Agent configuration dictionary
             
@@ -71,28 +112,38 @@ class AgentValidator:
                 path = ".".join(str(p) for p in e.path)
                 result.errors.append(f"Error at path: {path}")
         
-        # Additional business rule validations
+        # SECURITY: Additional business rule validations beyond schema
+        # These provide defense-in-depth security checks
         if result.is_valid:
             self._validate_business_rules(agent_data, result)
         
         # Add metadata
         result.metadata = {
             "validated_at": datetime.utcnow().isoformat(),
-            "schema_version": self.schema.get("version", "1.0.0"),
+            "schema_version": self.schema.get("version", "1.1.0"),
             "agent_id": agent_data.get("id", "unknown")
         }
         
         return result
     
     def _validate_business_rules(self, agent_data: Dict[str, Any], result: ValidationResult) -> None:
-        """Apply additional business rule validations beyond schema."""
+        """Apply additional business rule validations beyond schema.
+        
+        Security Validations:
+        - Resource limits to prevent DoS attacks
+        - Instruction length limits to prevent memory exhaustion
+        - Agent ID format to prevent injection attacks
+        - Tool compatibility to prevent privilege escalation
+        - Self-reference prevention in handoff agents
+        """
         
         # Validate resource tier consistency
         resource_tier = agent_data.get("capabilities", {}).get("resource_tier")
         if resource_tier:
             self._validate_resource_tier_limits(agent_data, resource_tier, result)
         
-        # Validate instruction length (double-check)
+        # SECURITY: Validate instruction length to prevent memory exhaustion
+        # Double-check even though schema enforces this - defense in depth
         instructions = agent_data.get("instructions", "")
         if len(instructions) > 8000:
             result.errors.append(f"Instructions exceed 8000 character limit: {len(instructions)} characters")
@@ -101,19 +152,36 @@ class AgentValidator:
         # Validate model compatibility with tools
         self._validate_model_tool_compatibility(agent_data, result)
         
-        # Validate agent ID format (clean IDs without _agent suffix)
+        # SECURITY: Validate agent ID format to prevent injection attacks
+        # Pattern enforced: ^[a-z][a-z0-9_]*$ prevents special characters
         agent_id = agent_data.get("id", "")
         if agent_id.endswith("_agent"):
             result.warnings.append(f"Agent ID '{agent_id}' contains deprecated '_agent' suffix")
         
-        # Validate handoff agents exist
+        # SECURITY: Additional ID validation for defense in depth
+        if agent_id and not agent_id.replace('_', '').replace('-', '').isalnum():
+            result.errors.append(f"Agent ID '{agent_id}' contains invalid characters")
+            result.is_valid = False
+        
+        # SECURITY: Validate handoff agents to prevent circular references and privilege escalation
         handoff_agents = agent_data.get("interactions", {}).get("handoff_agents", [])
         for handoff_id in handoff_agents:
             if handoff_id == agent_id:
                 result.warnings.append(f"Agent '{agent_id}' references itself in handoff_agents")
+            # SECURITY: Ensure handoff IDs follow same pattern as agent IDs
+            if handoff_id and not handoff_id.replace('_', '').replace('-', '').isalnum():
+                result.errors.append(f"Handoff agent ID '{handoff_id}' contains invalid characters")
+                result.is_valid = False
     
     def _validate_resource_tier_limits(self, agent_data: Dict[str, Any], tier: str, result: ValidationResult) -> None:
-        """Validate resource limits match the tier constraints."""
+        """Validate resource limits match the tier constraints.
+        
+        Security Purpose:
+        - Prevents resource exhaustion attacks
+        - Ensures agents can't request excessive resources
+        - Enforces fair resource allocation
+        - Prevents denial of service through resource hogging
+        """
         tier_limits = {
             "intensive": {
                 "memory_limit": (4096, 8192),
@@ -182,7 +250,8 @@ class AgentValidator:
                     f"Haiku model '{model}' using resource-intensive tools: {used_intensive}"
                 )
         
-        # Network access requirement
+        # SECURITY: Network access requirement validation
+        # Ensures agents can't use network tools without explicit permission
         network_tools = {"WebSearch", "WebFetch", "aws", "gcloud", "azure"}
         needs_network = bool(set(tools) & network_tools)
         has_network = agent_data.get("capabilities", {}).get("network_access", False)
@@ -191,10 +260,38 @@ class AgentValidator:
             result.warnings.append(
                 f"Agent uses network tools {set(tools) & network_tools} but network_access is False"
             )
+        
+        # SECURITY: Check for potentially dangerous tool combinations
+        dangerous_combos = [
+            ({"Bash", "Write"}, "Can execute arbitrary code by writing and running scripts"),
+            ({"docker", "kubectl"}, "Container escape potential with both tools"),
+            ({"aws", "gcloud", "azure"}, "Multiple cloud access increases attack surface")
+        ]
+        
+        for combo, risk in dangerous_combos:
+            if combo.issubset(set(tools)):
+                result.warnings.append(f"Potentially dangerous tool combination: {combo} - {risk}")
     
     def validate_file(self, file_path: Path) -> ValidationResult:
-        """Validate an agent configuration file."""
+        """Validate an agent configuration file.
+        
+        Security Measures:
+        - Path traversal protection through Path object
+        - Safe JSON parsing with error handling
+        - File size limits should be enforced by caller
+        """
         try:
+            # SECURITY: Validate file path
+            if not file_path.exists():
+                raise FileNotFoundError(f"File not found: {file_path}")
+            if not file_path.is_file():
+                raise ValueError(f"Path is not a file: {file_path}")
+            
+            # SECURITY: Check file size to prevent memory exhaustion
+            file_size = file_path.stat().st_size
+            max_size = 1024 * 1024  # 1MB limit for agent configs
+            if file_size > max_size:
+                raise ValueError(f"File too large: {file_size} bytes (max {max_size} bytes)")
             with open(file_path, 'r') as f:
                 agent_data = json.load(f)
             
@@ -212,13 +309,39 @@ class AgentValidator:
             return result
     
     def validate_directory(self, directory: Path) -> Dict[str, ValidationResult]:
-        """Validate all agent files in a directory."""
+        """Validate all agent files in a directory.
+        
+        Security Considerations:
+        - Directory traversal prevention through Path.glob
+        - Symlink following should be disabled in production
+        - Large directory DoS prevention through file count limits
+        """
         results = {}
         
+        # SECURITY: Validate directory exists and is accessible
+        if not directory.exists():
+            raise FileNotFoundError(f"Directory not found: {directory}")
+        if not directory.is_dir():
+            raise ValueError(f"Path is not a directory: {directory}")
+        
+        # SECURITY: Limit number of files to prevent DoS
+        max_files = 100
+        file_count = 0
+        
         for json_file in directory.glob("*.json"):
             if json_file.name == "agent_schema.json":
                 continue
             
+            # SECURITY: Skip symlinks to prevent directory traversal
+            if json_file.is_symlink():
+                logger.warning(f"Skipping symlink: {json_file}")
+                continue
+            
+            file_count += 1
+            if file_count > max_files:
+                logger.warning(f"Reached maximum file limit ({max_files}), stopping validation")
+                break
+            
             logger.info(f"Validating {json_file}")
             results[json_file.name] = self.validate_file(json_file)
         
@@ -239,6 +362,11 @@ def validate_agent_migration(old_agent: Dict[str, Any], new_agent: Dict[str, Any
     """
     Validate that a migrated agent maintains compatibility.
     
+    Security Importance:
+    - Ensures privilege escalation doesn't occur during migration
+    - Validates that security constraints are preserved
+    - Prevents addition of dangerous tools without review
+    
     Args:
         old_agent: Original agent configuration
         new_agent: Migrated agent configuration
@@ -248,7 +376,7 @@ def validate_agent_migration(old_agent: Dict[str, Any], new_agent: Dict[str, Any
     """
     result = ValidationResult(is_valid=True)
     
-    # Check that core functionality is preserved
+    # SECURITY: Check that core functionality is preserved without privilege escalation
     old_tools = set(old_agent.get("configuration_fields", {}).get("tools", []))
     new_tools = set(new_agent.get("capabilities", {}).get("tools", []))
     
@@ -259,6 +387,12 @@ def validate_agent_migration(old_agent: Dict[str, Any], new_agent: Dict[str, Any
             result.warnings.append(f"Tools removed in migration: {missing}")
         if added:
             result.warnings.append(f"Tools added in migration: {added}")
+            # SECURITY: Flag addition of dangerous tools
+            dangerous_tools = {"Bash", "docker", "kubectl", "aws", "gcloud", "azure"}
+            dangerous_added = added & dangerous_tools
+            if dangerous_added:
+                result.errors.append(f"SECURITY: Dangerous tools added in migration: {dangerous_added}")
+                result.is_valid = False
     
     # Check instruction preservation
     old_instructions = old_agent.get("narrative_fields", {}).get("instructions", "")

{claude_mpm-2.1.1.dist-info → claude_mpm-3.0.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: claude-mpm
-Version: 2.1.1
+Version: 3.0.0
 Summary: Claude Multi-agent Project Manager - Clean orchestration with ticket management
 Home-page: https://github.com/bobmatnyc/claude-mpm
 Author: Claude MPM Team
@@ -19,7 +19,7 @@ Classifier: Programming Language :: Python :: 3.12
 Requires-Python: >=3.8
 Description-Content-Type: text/markdown
 License-File: LICENSE
-Requires-Dist: ai-trackdown-pytools>=1.2.0
+Requires-Dist: ai-trackdown-pytools>=1.4.0
 Requires-Dist: pyyaml>=6.0
 Requires-Dist: python-dotenv>=0.19.0
 Requires-Dist: rich>=13.0.0