PyPI - devsquad - Versions diffs - 3.6.0__py3-none-any.whl - Mend

devsquad 3.6.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (95) hide show

devsquad-3.6.0.dist-info/METADATA +944 -0
devsquad-3.6.0.dist-info/RECORD +95 -0
devsquad-3.6.0.dist-info/WHEEL +5 -0
devsquad-3.6.0.dist-info/entry_points.txt +2 -0
devsquad-3.6.0.dist-info/licenses/LICENSE +21 -0
devsquad-3.6.0.dist-info/top_level.txt +2 -0
scripts/__init__.py +0 -0
scripts/ai_semantic_matcher.py +512 -0
scripts/alert_manager.py +505 -0
scripts/api/__init__.py +43 -0
scripts/api/models.py +386 -0
scripts/api/routes/__init__.py +20 -0
scripts/api/routes/dispatch.py +348 -0
scripts/api/routes/lifecycle.py +330 -0
scripts/api/routes/metrics_gates.py +347 -0
scripts/api_server.py +318 -0
scripts/auth.py +451 -0
scripts/cli/__init__.py +1 -0
scripts/cli/cli_visual.py +642 -0
scripts/cli.py +1094 -0
scripts/collaboration/__init__.py +212 -0
scripts/collaboration/_version.py +1 -0
scripts/collaboration/agent_briefing.py +656 -0
scripts/collaboration/ai_semantic_matcher.py +260 -0
scripts/collaboration/anchor_checker.py +281 -0
scripts/collaboration/anti_rationalization.py +470 -0
scripts/collaboration/async_integration_example.py +255 -0
scripts/collaboration/batch_scheduler.py +149 -0
scripts/collaboration/checkpoint_manager.py +561 -0
scripts/collaboration/ci_feedback_adapter.py +351 -0
scripts/collaboration/code_map_generator.py +247 -0
scripts/collaboration/concern_pack_loader.py +352 -0
scripts/collaboration/confidence_score.py +496 -0
scripts/collaboration/config_loader.py +188 -0
scripts/collaboration/consensus.py +244 -0
scripts/collaboration/context_compressor.py +533 -0
scripts/collaboration/coordinator.py +668 -0
scripts/collaboration/dispatcher.py +1636 -0
scripts/collaboration/dual_layer_context.py +128 -0
scripts/collaboration/enhanced_worker.py +539 -0
scripts/collaboration/feature_usage_tracker.py +206 -0
scripts/collaboration/five_axis_consensus.py +334 -0
scripts/collaboration/input_validator.py +401 -0
scripts/collaboration/integration_example.py +287 -0
scripts/collaboration/intent_workflow_mapper.py +350 -0
scripts/collaboration/language_parsers.py +269 -0
scripts/collaboration/lifecycle_protocol.py +1446 -0
scripts/collaboration/llm_backend.py +453 -0
scripts/collaboration/llm_cache.py +448 -0
scripts/collaboration/llm_cache_async.py +347 -0
scripts/collaboration/llm_retry.py +387 -0
scripts/collaboration/llm_retry_async.py +389 -0
scripts/collaboration/mce_adapter.py +597 -0
scripts/collaboration/memory_bridge.py +1607 -0
scripts/collaboration/models.py +537 -0
scripts/collaboration/null_providers.py +297 -0
scripts/collaboration/operation_classifier.py +289 -0
scripts/collaboration/output_slicer.py +225 -0
scripts/collaboration/performance_monitor.py +462 -0
scripts/collaboration/permission_guard.py +865 -0
scripts/collaboration/prompt_assembler.py +756 -0
scripts/collaboration/prompt_variant_generator.py +483 -0
scripts/collaboration/protocols.py +267 -0
scripts/collaboration/report_formatter.py +352 -0
scripts/collaboration/retrospective.py +279 -0
scripts/collaboration/role_matcher.py +92 -0
scripts/collaboration/role_template_market.py +352 -0
scripts/collaboration/rule_collector.py +678 -0
scripts/collaboration/scratchpad.py +346 -0
scripts/collaboration/skill_registry.py +151 -0
scripts/collaboration/skillifier.py +878 -0
scripts/collaboration/standardized_role_template.py +317 -0
scripts/collaboration/task_completion_checker.py +237 -0
scripts/collaboration/test_quality_guard.py +695 -0
scripts/collaboration/unified_gate_engine.py +598 -0
scripts/collaboration/usage_tracker.py +309 -0
scripts/collaboration/user_friendly_error.py +176 -0
scripts/collaboration/verification_gate.py +312 -0
scripts/collaboration/warmup_manager.py +635 -0
scripts/collaboration/worker.py +513 -0
scripts/collaboration/workflow_engine.py +684 -0
scripts/dashboard.py +1088 -0
scripts/generate_benchmark_report.py +786 -0
scripts/history_manager.py +604 -0
scripts/mcp_server.py +289 -0
skills/__init__.py +32 -0
skills/dispatch/handler.py +52 -0
skills/intent/handler.py +59 -0
skills/registry.py +67 -0
skills/retrospective/__init__.py +0 -0
skills/retrospective/handler.py +125 -0
skills/review/handler.py +356 -0
skills/security/handler.py +454 -0
skills/test/__init__.py +0 -0
skills/test/handler.py +78 -0

skills/security/handler.py ADDED Viewed

@@ -0,0 +1,454 @@
+"""Security Audit Skill - V3.6.0
+Encapsulates security components for comprehensive task auditing:
+  - InputValidator: 21 pattern injection detection
+  - OperationClassifier: Three-tier operation classification
+  - PermissionGuard: Four-level permission control
+Provides unified audit interface for secure multi-agent collaboration.
+"""
+from typing import Any, Dict, List, Optional, Tuple
+from skills.registry import BaseSkill
+from scripts.collaboration.input_validator import InputValidator
+from scripts.collaboration.operation_classifier import (
+    OperationClassifier,
+    OperationCategory,
+)
+from scripts.collaboration.permission_guard import (
+    PermissionGuard,
+    PermissionLevel,
+    ActionType,
+    ProposedAction,
+)
+class SecuritySkill(BaseSkill):
+    """Security audit skill combining injection detection, operation classification, and permission control."""
+    name = "security"
+    description = "Security auditing: injection detection, operation classification, permission control (V3.6.0)"
+    version = "3.6.0"
+    INJECTION_PATTERNS_COUNT = 21
+    INJECTION_CATEGORIES = {
+        "instruction_override": [
+            "ignore previous instructions",
+            "forget previous context",
+            "disregard above",
+        ],
+        "role_jacking": [
+            "you are now a different role",
+            "new instructions",
+            "override settings",
+        ],
+        "system_prompt_leak": [
+            "reveal your instructions",
+            "show system prompt",
+            "what are your instructions",
+        ],
+        "persona_adoption": [
+            "pretend you are",
+            "act as if you are",
+            "jailbreak",
+        ],
+        "privilege_escalation": [
+            "developer mode",
+            "sudo mode",
+            "DAN mode",
+        ],
+        "multilingual_injection": [
+            "Chinese injection patterns",
+            "Japanese injection patterns",
+        ],
+    }
+    OPERATION_LEVELS = {
+        OperationCategory.ALWAYS_SAFE: {
+            "label": "ALWAYS_SAFE",
+            "description": "Read-only operations auto-approved at most levels",
+            "examples": ["read_config", "read_file", "query_status"],
+            "default_action": "Auto-approve",
+        },
+        OperationCategory.NEEDS_REVIEW: {
+            "label": "NEEDS_REVIEW",
+            "description": "Write operations requiring confirmation or AI risk assessment",
+            "examples": ["write_file", "call_llm", "git_operation"],
+            "default_action": "Request confirmation",
+        },
+        OperationCategory.FORBIDDEN: {
+            "label": "FORBIDDEN",
+            "description": "Dangerous operations blocked unless BYPASS level override",
+            "examples": ["delete_file", "execute_shell", "access_secrets"],
+            "default_action": "Block or escalate",
+        },
+    }
+    PERMISSION_LEVELS = {
+        PermissionLevel.PLAN: {
+            "order": 0,
+            "label": "PLAN",
+            "description": "Read-only mode - all write operations denied",
+            "use_case": "Analysis, research, design tasks",
+            "risk_tolerance": "Zero write risk",
+        },
+        PermissionLevel.DEFAULT: {
+            "order": 1,
+            "label": "DEFAULT",
+            "description": "Standard mode - dangerous operations require user confirmation",
+            "use_case": "Standard coding tasks",
+            "risk_tolerance": "Medium - confirmation required",
+        },
+        PermissionLevel.AUTO: {
+            "order": 2,
+            "label": "AUTO",
+            "description": "AI-judged safe operations with guardrails and whitelist",
+            "use_case": "Trusted contexts with automated safeguards",
+            "risk_tolerance": "Medium-high - AI assessment",
+        },
+        PermissionLevel.BYPASS: {
+            "order": 3,
+            "label": "BYPASS",
+            "description": "Skip all checks - highest trust level for controlled environments only",
+            "use_case": "Sensitive operations requiring manual auth",
+            "risk_tolerance": "Full trust - manual oversight",
+        },
+    }
+    def __init__(self):
+        self._validator = InputValidator(strict_mode=False)
+        self._classifier = OperationClassifier()
+        self._guard = PermissionGuard(current_level=PermissionLevel.DEFAULT)
+    def scan_input(self, text: str) -> Dict[str, Any]:
+        """
+        Scan input for prompt injection patterns using InputValidator.
+        Detects 21 injection patterns across categories:
+          - Instruction override attempts
+          - Role/persona jacking
+          - System prompt extraction
+          - Privilege escalation
+          - Multilingual injection vectors
+        Args:
+            text: Input text to scan for injection patterns
+        Returns:
+            Dict with detection results:
+                - is_safe: Boolean indicating if input passed validation
+                - injection_patterns: List of detected injection patterns
+                - suspicious_patterns: List of suspicious but non-blocking patterns
+                - risk_level: low/medium/high/critical
+                - details: Full validation result from InputValidator
+        """
+        if not text or not isinstance(text, str):
+            return {
+                "is_safe": False,
+                "injection_patterns": [],
+                "suspicious_patterns": [],
+                "risk_level": "critical",
+                "details": {"reason": "Invalid input type or empty text"},
+            }
+        injection_detected = self._validator.check_prompt_injection(text)
+        suspicious_detected = self._validator.check_suspicious_patterns(text)
+        full_validation = self._validator.validate_task(text)
+        pattern_count = len(injection_detected) + len(suspicious_detected)
+        if pattern_count == 0:
+            risk_level = "low"
+        elif len(injection_detected) == 0 and len(suspicious_detected) <= 2:
+            risk_level = "medium"
+        elif len(injection_detected) <= 3:
+            risk_level = "high"
+        else:
+            risk_level = "critical"
+        return {
+            "is_safe": full_validation.valid,
+            "injection_patterns": injection_detected,
+            "suspicious_patterns": suspicious_detected,
+            "pattern_count": pattern_count,
+            "total_patterns_available": self.INJECTION_PATTERNS_COUNT,
+            "risk_level": risk_level,
+            "sanitized_input": full_validation.sanitized_input,
+            "details": {
+                "valid": full_validation.valid,
+                "reason": full_validation.reason,
+            },
+        }
+    def classify_operation(
+        self,
+        operation: str,
+        target: Optional[str] = None,
+        context: Optional[Dict[str, Any]] = None,
+    ) -> Dict[str, Any]:
+        """
+        Classify an operation into three-tier category using OperationClassifier.
+        Categories:
+          - ALWAYS_SAFE: Auto-approved read-only ops
+          - NEEDS_REVIEW: Write ops needing confirmation
+          - FORBIDDEN: Dangerous blocked ops
+        Args:
+            operation: Operation identifier (e.g., "write_file", "delete_file")
+            target: Optional target path/URL for context
+            context: Additional context (source_role, etc.)
+        Returns:
+            Dict with classification result:
+                - category: ALWAYS_SAFE/NEEDS_REVIEW/FORBIDDEN
+                - description: Human-readable operation description
+                - risk_factors: List of identified risk factors
+                - requires_confirmation: Whether user must confirm
+                - override_allowed: Whether override is possible
+        """
+        classified = self._classifier.classify(
+            operation_id=operation,
+            target=target,
+            context=context,
+        )
+        return {
+            **classified.to_dict(),
+            "level_info": self.OPERATION_LEVELS.get(classified.category, {}),
+        }
+    def check_permissions(
+        self,
+        action: str,
+        user_role: str = "viewer",
+        target: Optional[str] = None,
+        description: str = "",
+    ) -> Dict[str, Any]:
+        """
+        Check permissions for an action using PermissionGuard four-level system.
+        Levels (low to high):
+          - PLAN (0): Read-only, writes denied
+          - DEFAULT (1): Confirmation required for dangerous ops
+          - AUTO (2): AI classifier + whitelist
+          - BYPASS (3): Skip all checks
+        Args:
+            action: Action type string (file_read/file_write/delete/shell/etc.)
+            user_role: User role identifier (default: "viewer")
+            target: Optional target path/URL
+            description: Action description for audit trail
+        Returns:
+            Dict with permission decision:
+                - outcome: ALLOWED/DENIED/PROMPT/ESCALATED
+                - reason: Decision explanation
+                - requires_confirmation: Whether user must confirm
+                - confidence: Decision confidence [0.1, 1.0]
+                - risk_score: Calculated risk [0.0, 1.0]
+                - current_level: Current permission level
+        """
+        action_type_map = {
+            "file_read": ActionType.FILE_READ,
+            "file_create": ActionType.FILE_CREATE,
+            "file_write": ActionType.FILE_MODIFY,
+            "file_modify": ActionType.FILE_MODIFY,
+            "file_delete": ActionType.FILE_DELETE,
+            "shell": ActionType.SHELL_EXECUTE,
+            "shell_execute": ActionType.SHELL_EXECUTE,
+            "network": ActionType.NETWORK_REQUEST,
+            "network_request": ActionType.NETWORK_REQUEST,
+            "git": ActionType.GIT_OPERATION,
+            "git_operation": ActionType.GIT_OPERATION,
+            "env": ActionType.ENVIRONMENT,
+            "environment": ActionType.ENVIRONMENT,
+            "process": ActionType.PROCESS_SPAWN,
+            "process_spawn": ActionType.PROCESS_SPAWN,
+        }
+        action_type = action_type_map.get(action.lower(), ActionType.FILE_READ)
+        proposed = ProposedAction(
+            action_type=action_type,
+            target=target or "",
+            description=description,
+            source_role_id=user_role,
+        )
+        decision = self._guard.check(proposed)
+        return {
+            **decision.to_dict(),
+            "current_level": self._guard.current_level.value,
+            "level_info": self.PERMISSION_LEVELS.get(self._guard.current_level, {}),
+        }
+    def audit_task(self, task_description: str) -> Dict[str, Any]:
+        """
+        Comprehensive security audit combining all three checks.
+        Performs:
+          1. Injection detection on task description
+          2. Operation classification (extracts operations from text)
+          3. Permission check simulation
+        Args:
+            task_description: Task description to audit comprehensively
+        Returns:
+            Dict with complete audit report:
+                - overall_status: PASS/WARN/FAIL/BLOCK
+                - injection_scan: Results from scan_input()
+                - operations_found: List of classified operations extracted from task
+                - permission_summary: Summary of permission requirements
+                - recommendations: List of security recommendations
+                - audit_metadata: Timestamp, version, etc.
+        """
+        from datetime import datetime
+        injection_result = self.scan_input(task_description)
+        operations_found = []
+        operation_keywords = {
+            "read_file": ["read", "open", "load", "view", "display"],
+            "write_file": ["write", "save", "create", "generate", "output"],
+            "modify_file": ["modify", "edit", "update", "change", "refactor"],
+            "delete_file": ["delete", "remove", "clean", "purge"],
+            "execute_shell": ["run", "execute", "command", "shell", "script"],
+            "network_request": ["fetch", "download", "upload", "api", "http", "request"],
+            "git_operation": ["commit", "push", "pull", "merge", "branch"],
+            "access_secrets": ["secret", "password", "credential", "api_key", "token"],
+        }
+        task_lower = task_description.lower()
+        for op_id, keywords in operation_keywords.items():
+            if any(kw in task_lower for kw in keywords):
+                classified = self.classify_operation(operation=op_id)
+                operations_found.append({
+                    "operation_id": op_id,
+                    **classified,
+                })
+        permission_summary = {
+            "min_required_level": "DEFAULT",
+            "requires_confirmation": any(
+                op.get("requires_confirmation") for op in operations_found
+            ),
+            "forbidden_operations": [
+                op["operation_id"] for op in operations_found
+                if op.get("category") == "forbidden"
+            ],
+            "safe_operations": [
+                op["operation_id"] for op in operations_found
+                if op.get("category") == "always_safe"
+            ],
+        }
+        if permission_summary["forbidden_operations"]:
+            permission_summary["min_required_level"] = "BYPASS"
+        recommendations = []
+        if not injection_result["is_safe"]:
+            recommendations.append(
+                f"⚠️ BLOCK: {len(injection_result['injection_patterns'])} injection pattern(s) detected - "
+                "task rejected for safety"
+            )
+            overall_status = "BLOCK"
+        elif injection_result["risk_level"] in ("high", "critical"):
+            recommendations.append(
+                f"⚠️ WARN: High-risk injection indicators found ({injection_result['pattern_count']} patterns)"
+            )
+            overall_status = "WARN"
+        elif permission_summary["forbidden_operations"]:
+            forbidden_list = ", ".join(permission_summary["forbidden_operations"])
+            recommendations.append(
+                f"🚫 FAIL: Forbidden operation(s) detected: {forbidden_list}"
+            )
+            overall_status = "FAIL"
+        elif permission_summary["requires_confirmation"]:
+            review_ops = [
+                op["operation_id"] for op in operations_found
+                if op.get("category") == "needs_review"
+            ]
+            if review_ops:
+                recommendations.append(
+                    f"✅ PASS: Task contains operations requiring confirmation: "
+                    f"{', '.join(review_ops[:5])}"
+                )
+            else:
+                recommendations.append("✅ PASS: No security issues detected")
+            overall_status = "PASS"
+        else:
+            recommendations.append("✅ PASS: Task appears safe for execution")
+            overall_status = "PASS"
+        if len(operations_found) == 0:
+            recommendations.append(
+                "ℹ️ INFO: No specific operations detected in task description"
+            )
+        return {
+            "overall_status": overall_status,
+            "injection_scan": injection_result,
+            "operations_found": operations_found,
+            "operation_count": len(operations_found),
+            "permission_summary": permission_summary,
+            "recommendations": recommendations,
+            "audit_metadata": {
+                "timestamp": datetime.now().isoformat(),
+                "skill_version": self.version,
+                "task_length": len(task_description),
+            },
+        }
+    def run(self, *args, **kwargs):
+        """
+        Main entry point for the security skill.
+        Supports multiple calling patterns:
+        1. Input scanning: run(mode="scan", text="...")
+        2. Operation classification: run(mode="classify", operation="...")
+        3. Permission check: run(mode="check", action="...", user_role="...")
+        4. Full audit: run(mode="audit", task_description="...") or default
+        """
+        mode = kwargs.get("mode", "audit")
+        if mode == "scan":
+            text = kwargs.get("text", "") or kwargs.get("input", "")
+            return self.scan_input(text)
+        elif mode == "classify":
+            operation = kwargs.get("operation", "")
+            target = kwargs.get("target")
+            context = kwargs.get("context")
+            return self.classify_operation(operation=operation, target=target, context=context)
+        elif mode == "check":
+            action = kwargs.get("action", "")
+            user_role = kwargs.get("user_role", "viewer")
+            target = kwargs.get("target")
+            description = kwargs.get("description", "")
+            return self.check_permissions(
+                action=action,
+                user_role=user_role,
+                target=target,
+                description=description,
+            )
+        else:
+            task = kwargs.get("task_description", "") or \
+                   kwargs.get("task", "") or \
+                   kwargs.get("text", "") or \
+                   (str(args[0]) if args else "")
+            return self.audit_task(task_description=task)

skills/test/__init__.py ADDED Viewed

File without changes

skills/test/handler.py ADDED Viewed

@@ -0,0 +1,78 @@
+"""Test Strategy Generation Skill - V3.6.0"""
+from skills.registry import BaseSkill
+from scripts.collaboration.test_quality_guard import (
+    TestQualityGuard,
+    TestDimension,
+    APISignature,
+)
+class TestSkill(BaseSkill):
+    name = "test"
+    description = "测试策略生成与质量审计 - API验证/反模式检测/维度覆盖"
+    version = "3.6.0"
+    SUPPORTED_TYPES = ["unit", "integration", "e2e"]
+    COVERAGE_DIMENSIONS = [
+        "API validation",
+        "Anti-pattern detection",
+        "Dimension coverage",
+    ]
+    def run(self, action="info", **kwargs):
+        actions = {
+            "generate_strategy": self.generate_strategy,
+            "audit_test_quality": self.audit_test_quality,
+            "suggest_cases": self.suggest_cases,
+            "coverage_dimensions": self.coverage_dimensions,
+        }
+        fn = actions.get(action)
+        if not fn:
+            return {"error": f"Unknown action: {action}. Available: {list(actions.keys())}"}
+        return fn(**kwargs)
+    def generate_strategy(self, code_context: str, test_type: str = "unit") -> dict:
+        if test_type not in self.SUPPORTED_TYPES:
+            return {"error": f"Unsupported test_type: {test_type}. Use: {self.SUPPORTED_TYPES}"}
+        dim_map = {
+            "unit": [TestDimension.HAPPY_PATH, TestDimension.ERROR_CASE, TestDimension.BOUNDARY],
+            "integration": [TestDimension.INTEGRATION, TestDimension.CONFIGURATION],
+            "e2e": [TestDimension.PERFORMANCE, TestDimension.SECURITY, TestDimension.INTEGRATION],
+        }
+        dims = dim_map.get(test_type, [TestDimension.HAPPY_PATH])
+        mock_sig = APISignature(name="target_function", kind="function", params=[
+            {"name": "param1", "type": "str"}, {"name": "param2", "type": "int"}
+        ])
+        template = TestQualityGuard("", "").generate_test_template(mock_sig, dims)
+        return {
+            "test_type": test_type,
+            "code_context_summary": code_context[:200] if code_context else "",
+            "dimensions": [d.value for d in dims],
+            "strategy_template": template,
+        }
+    def audit_test_quality(self, test_file: str) -> dict:
+        guard = TestQualityGuard(module_path="", test_path=test_file)
+        report = guard.audit()
+        return report.to_dict()
+    def suggest_cases(self, requirements: str) -> dict:
+        suggestions = []
+        keywords_map = {
+            "登录": ["valid_credentials", "invalid_password", "empty_fields", "account_locked", "session_timeout"],
+            "API": ["valid_request", "missing_params", "invalid_format", "rate_limit", "auth_failure"],
+            "数据库": ["insert_success", "duplicate_key", "connection_timeout", "transaction_rollback"],
+            "文件": ["normal_upload", "large_file", "invalid_type", "permission_denied"],
+        }
+        matched = False
+        for kw, cases in keywords_map.items():
+            if kw in requirements:
+                suggestions.extend(cases)
+                matched = True
+        if not matched:
+            suggestions = ["happy_path", "error_case", "boundary", "performance_baseline"]
+        return {"requirements": requirements, "suggested_cases": suggestions}
+    def coverage_dimensions(self) -> list:
+        return self.COVERAGE_DIMENSIONS