icdev 0.0.3__py3-none-any.whl

tools/manifest.md

@@ -0,0 +1,1066 @@
+# CUI // SP-CTI
+# Tools Manifest
+
+Master index of all CLI tools in the ICDEV/sparkpilot system. Auto-generated 2026-03-04.
+
+**Total:** 410+ Python files across 40+ subdirectories.
+
+Classification: CUI // SP-CTI | Impact Level: IL4 | Distribution: Authorized DoD Personnel Only
+
+---
+
+## Table of Contents
+
+- [A2A (Agent-to-Agent)](#a2a-agent-to-agent)
+- [Analysis (Code Intelligence)](#analysis-code-intelligence)
+- [Audit](#audit)
+- [CI/CD (Continuous Integration)](#cicd-continuous-integration)
+- [CLI Utilities](#cli-utilities)
+- [Compat (Compatibility Layer)](#compat-compatibility-layer)
+- [Compliance](#compliance)
+- [Dashboard](#dashboard)
+- [Decisions (DMN-Lite Engine)](#decisions-dmn-lite-engine)
+- [DataBridge (Data Integration)](#databridge-data-integration)
+- [Database](#database)
+- [DevSecOps and Zero Trust](#devsecops-and-zero-trust)
+- [Edge AI (TinyML)](#edge-ai-tinyml)
+- [Embedded (SparkPilot Firmware)](#embedded-sparkpilot-firmware)
+- [Fine-Tuning](#fine-tuning)
+- [Forge Studio (App Builder)](#forge-studio-app-builder)
+- [Fleet Management](#fleet-management)
+- [GovCon (Government Contracting)](#govcon-government-contracting)
+- [Infrastructure](#infrastructure)
+- [Knowledge](#knowledge)
+- [Knowledge Graph Engine](#knowledge-graph-engine)
+- [LLM Providers and Router](#llm-providers-and-router)
+- [Maintenance](#maintenance)
+- [Marketplace (Thin Client)](#marketplace-thin-client)
+- [MBSE (Model-Based Systems Engineering)](#mbse-model-based-systems-engineering)
+- [MCP Servers](#mcp-servers)
+- [Memory System](#memory-system)
+- [Missions (Gamified Learning)](#missions-gamified-learning)
+- [Monitor](#monitor)
+- [MOSA (Modular Open Systems Architecture)](#mosa-modular-open-systems-architecture)
+- [Observability and XAI](#observability-and-xai)
+- [Project Management](#project-management)
+- [RAG (Retrieval-Augmented Generation)](#rag-retrieval-augmented-generation)
+- [Requirements (RICOAS)](#requirements-ricoas)
+- [SaaS Licensing](#saas-licensing)
+- [Scaffold (Golden Path)](#scaffold-golden-path)
+- [Security](#security)
+- [Simulation (Digital Program Twin)](#simulation-digital-program-twin)
+- [Simulator (RTOS Browser Simulator)](#simulator-rtos-browser-simulator)
+- [Supply Chain](#supply-chain)
+- [Testing](#testing)
+- [Writing (WriteGuard)](#writing-writeguard)
+
+---
+
+## A2A (Agent-to-Agent)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| icdev_callback_client | `tools/a2a/icdev_callback_client.py` | A2A Callback Client - calls parent ICDEV for capabilities not included locally |
+
+---
+
+## Analysis (Code Intelligence)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| code_analyzer | `tools/analysis/code_analyzer.py` | Code Quality Analyzer - AST-based self-analysis, read-only, advisory-only (Phase 52, D331-D337) |
+| runtime_feedback | `tools/analysis/runtime_feedback.py` | Runtime Feedback Collector - test-to-source correlation, parses pytest JUnit XML (Phase 52, D332) |
+| vsm_engine | `tools/analytics/vsm_engine.py` | DORA metrics, pipeline stage tracking, bottleneck detection |
+| scorecard | `tools/analytics/scorecard.py` | Developer/project health scoring across 6 dimensions (code quality, security, compliance, test coverage, velocity, SbD posture) |
+
+---
+
+## Audit
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| audit_logger | `tools/audit/audit_logger.py` | Append-only audit trail writer satisfying NIST 800-53 AU controls; no UPDATE or DELETE |
+| audit_query | `tools/audit/audit_query.py` | Query and report on the immutable audit trail database |
+| decision_recorder | `tools/audit/decision_recorder.py` | Record AI/agent decisions for accountability and traceability (NIST AU-3) |
+
+---
+
+## Audit Engine (Compliance Report Card)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| engine | `tools/audit_engine/engine.py` | Core audit orchestrator — SCAN→EVALUATE→SCORE→ADVISE→REPORT pipeline |
+| scanner | `tools/audit_engine/scanner.py` | Multi-source evidence collector (SAST, secrets, deps, STIG, SBOM, SbD, code patterns) |
+| regime_loader | `tools/audit_engine/regime_loader.py` | Load compliance regime definitions from JSON/YAML files |
+| report_card | `tools/audit_engine/report_card.py` | Report card generator (JSON, Markdown, terminal) with score trends |
+| comparator | `tools/audit_engine/comparator.py` | Side-by-side regime gap analysis (e.g., 800-171 vs 800-53) |
+| ai_advisor | `tools/audit_engine/ai_advisor.py` | Dual-ranked recommendations by impact and effort with ROI scoring |
+| git_fetcher | `tools/audit_engine/git_fetcher.py` | Clone git repos for BYOS audit (SSH + HTTPS token auth) |
+| regime_updater | `tools/audit_engine/regime_updater.py` | Auto-fetch, validate, and apply regime definition updates |
+| eject_scaffolder | `tools/audit_engine/eject_scaffolder.py` | Package audit engine as standalone app (zero ICDEV dependency) |
+| cli | `tools/audit_engine/cli.py` | Unified CLI entry point for all audit engine operations |
+
+### Regime Definitions (`args/audit_regimes/`)
+
+| Regime | File | Controls |
+|--------|------|----------|
+| NIST SP 800-53 Rev 5 | `nist_800_53.json` | 41 |
+| NIST SP 800-171 Rev 2 | `nist_800_171.json` | 25 |
+| FedRAMP Moderate | `fedramp_moderate.json` | 26 |
+| CMMC Level 2 | `cmmc_l2.json` | 30 |
+| CISA Secure by Design | `cisa_sbd.json` | 14 |
+| DoD CSSP (DI 8530.01) | `dod_cssp.json` | 15 |
+| IEEE 1012 IV&V | `ieee_1012.json` | 15 |
+| DoDI 5000.87 DES | `dodi_5000_87.json` | 12 |
+
+---
+
+## CI/CD (Continuous Integration)
+
+### Core Engine
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| pipeline_config_generator | `tools/ci/pipeline_config_generator.py` | Generate CI/CD pipeline configuration files |
+
+### Connectors
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| base_connector | `tools/ci/connectors/base_connector.py` | Chat Connector ABC - base class for all chat platform connectors (D66, D136) |
+| connector_registry | `tools/ci/connectors/connector_registry.py` | Connector Registry - plugin registry and route registration (D66, D136) |
+| mattermost_connector | `tools/ci/connectors/mattermost_connector.py` | Mattermost Connector - built-in Mattermost integration (D136, D137) |
+| slack_connector | `tools/ci/connectors/slack_connector.py` | Slack Connector - built-in Slack integration (D136, D137) |
+
+### Core Components
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| air_gap_detector | `tools/ci/core/air_gap_detector.py` | Air-Gap Detector - network connectivity probe for webhook vs poll mode selection |
+| comment_handler | `tools/ci/core/comment_handler.py` | Comment Handler - cross-platform comment and message posting (D132, D136) |
+| conversation_manager | `tools/ci/core/conversation_manager.py` | Conversation Manager - conversational CI/CD sessions (D135) |
+| event_envelope | `tools/ci/core/event_envelope.py` | Event Envelope - unified event format for all CI/CD triggers (D132) |
+| event_router | `tools/ci/core/event_router.py` | Event Router - central routing with lane-aware session queue (D133) |
+| failure_parser | `tools/ci/core/failure_parser.py` | Failure Parser - structured failure extraction from tool output (D134) |
+| recovery_engine | `tools/ci/core/recovery_engine.py` | Recovery Engine - self-recovery from test and lint failures (D134) |
+
+### Modules
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| agent | `tools/ci/modules/agent.py` | Agent Executor - Claude Code CLI subprocess invocation |
+| git_ops | `tools/ci/modules/git_ops.py` | Git Operations - branch, commit, push, PR/MR management |
+| state | `tools/ci/modules/state.py` | Workflow State Management - tracks session and pipeline state |
+| vcs | `tools/ci/modules/vcs.py` | VCS Abstraction - unified GitHub and GitLab interface |
+| workflow_ops | `tools/ci/modules/workflow_ops.py` | Workflow Operations - classify, branch, commit, PR helpers |
+| worktree | `tools/ci/modules/worktree.py` | Git worktree management for isolated workflow execution |
+
+### Triggers
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| gitlab_task_monitor | `tools/ci/triggers/gitlab_task_monitor.py` | GitLab task/issue monitor for CI trigger events |
+| poll_trigger | `tools/ci/triggers/poll_trigger.py` | Poll Trigger - cron-based issue polling for GitHub and GitLab |
+| webhook_server | `tools/ci/triggers/webhook_server.py` | Webhook Server - GitHub, GitLab, Slack, and Mattermost webhook support |
+
+### Intelligence
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| pr_intelligence | `tools/ci/pr_intelligence.py` | PR compliance/security pre-check with diff analysis |
+
+### Workflows
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| icdev_build | `tools/ci/workflows/icdev_build.py` | Build workflow - implementation phase of the SDLC |
+| icdev_comply | `tools/ci/workflows/icdev_comply.py` | Comply workflow - compliance artifact generation |
+| icdev_document | `tools/ci/workflows/icdev_document.py` | Document workflow - documentation generation |
+| icdev_e2e | `tools/ci/workflows/icdev_e2e.py` | E2E workflow - Playwright browser verification |
+| icdev_patch | `tools/ci/workflows/icdev_patch.py` | Patch workflow - quick fix for single-issue patches |
+| icdev_plan | `tools/ci/workflows/icdev_plan.py` | Plan workflow - agentic planning phase |
+| icdev_plan_build | `tools/ci/workflows/icdev_plan_build.py` | Plan+Build combined workflow |
+| icdev_plan_build_test | `tools/ci/workflows/icdev_plan_build_test.py` | Plan+Build+Test combined workflow |
+| icdev_plan_build_test_review | `tools/ci/workflows/icdev_plan_build_test_review.py` | Plan+Build+Test+Review full pipeline workflow |
+| icdev_review | `tools/ci/workflows/icdev_review.py` | Review workflow - code review phase |
+| icdev_sdlc | `tools/ci/workflows/icdev_sdlc.py` | SDLC orchestrator - complete Software Development Life Cycle pipeline |
+| icdev_test | `tools/ci/workflows/icdev_test.py` | Test workflow - testing and validation phase |
+
+---
+
+## CLI Utilities
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| output_formatter | `tools/cli/output_formatter.py` | Standardized JSON and table output formatting for CLI tools |
+
+---
+
+## Compat (Compatibility Layer)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| cli_harmonizer | `tools/compat/cli_harmonizer.py` | Cross-platform CLI argument harmonization utilities |
+| datetime_utils | `tools/compat/datetime_utils.py` | Cross-platform datetime parsing and formatting utilities |
+| db_utils | `tools/compat/db_utils.py` | Cross-platform SQLite database connection utilities |
+| platform_utils | `tools/compat/platform_utils.py` | Platform detection constants (Windows/Linux/macOS) |
+
+---
+
+## Compliance
+
+### Core Compliance
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| base_assessor | `tools/compliance/base_assessor.py` | Base class for all compliance assessors; shared DB and scoring logic |
+| compliance_detector | `tools/compliance/compliance_detector.py` | Auto-detect applicable compliance frameworks for a project |
+| compliance_exporter | `tools/compliance/compliance_exporter.py` | Export compliance data in multiple formats (JSON, CSV, HTML) |
+| compliance_status | `tools/compliance/compliance_status.py` | Aggregate and display compliance posture across all frameworks |
+| control_mapper | `tools/compliance/control_mapper.py` | Map development activities to NIST 800-53 controls |
+| crosswalk_engine | `tools/compliance/crosswalk_engine.py` | Auto-populate FedRAMP/CMMC/800-171 from a NIST 800-53 control implementation |
+| cui_marker | `tools/compliance/cui_marker.py` | Apply CUI markings to source files in language-appropriate comment styles |
+| evidence_collector | `tools/compliance/evidence_collector.py` | Collect and catalog compliance evidence artifacts |
+| narrative_generator | `tools/compliance/narrative_generator.py` | Generate per-control implementation narratives |
+| nist_lookup | `tools/compliance/nist_lookup.py` | Look up NIST 800-53 Rev 5 control details and guidance |
+| oscal_catalog_adapter | `tools/compliance/oscal_catalog_adapter.py` | Adapt OSCAL catalogs for internal control database |
+| oscal_generator | `tools/compliance/oscal_generator.py` | Generate OSCAL-formatted compliance artifacts (SSP, SAP, SAR, POAM) |
+| oscal_tools | `tools/compliance/oscal_tools.py` | OSCAL utility functions and schema helpers |
+| poam_generator | `tools/compliance/poam_generator.py` | Generate a Plan of Action and Milestones (POAM) from open findings |
+| resolve_marking | `tools/compliance/resolve_marking.py` | Resolve and validate CUI marking strings to canonical form |
+| sbom_generator | `tools/compliance/sbom_generator.py` | Generate Software Bill of Materials in CycloneDX format (spec 1.4-1.7) |
+| ssp_generator | `tools/compliance/ssp_generator.py` | Generate a System Security Plan (SSP) from project data and control implementations |
+| stig_checker | `tools/compliance/stig_checker.py` | Check project against DISA STIG findings; blocks on CAT1 |
+| traceability_matrix | `tools/compliance/traceability_matrix.py` | Build and query requirements-to-controls traceability matrix |
+| universal_classification_manager | `tools/compliance/universal_classification_manager.py` | Manage data classification markings across all classification levels |
+
+### FIPS and Classification
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| classification_manager | `tools/compliance/classification_manager.py` | Manage impact level and classification markings (IL2-IL6) |
+| fips199_categorizer | `tools/compliance/fips199_categorizer.py` | Categorize system impact (Low/Moderate/High) per FIPS 199 |
+| fips200_validator | `tools/compliance/fips200_validator.py` | Validate minimum security requirements per FIPS 200 |
+
+### Federal Frameworks
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| fedramp_assessor | `tools/compliance/fedramp_assessor.py` | Assess FedRAMP Moderate or High authorization posture |
+| fedramp_authorization_packager | `tools/compliance/fedramp_authorization_packager.py` | Package all artifacts for FedRAMP authorization boundary |
+| fedramp_ksi_generator | `tools/compliance/fedramp_ksi_generator.py` | Generate FedRAMP Key Security Indicators report |
+| fedramp_report_generator | `tools/compliance/fedramp_report_generator.py` | Generate formatted FedRAMP assessment reports |
+| cmmc_assessor | `tools/compliance/cmmc_assessor.py` | Assess CMMC Level 2 or Level 3 maturity posture |
+| cmmc_report_generator | `tools/compliance/cmmc_report_generator.py` | Generate CMMC assessment reports with gap analysis |
+| cssp_assessor | `tools/compliance/cssp_assessor.py` | Assess DoD Cybersecurity Service Provider (CSSP/DoDI 8530.01) compliance |
+| cssp_evidence_collector | `tools/compliance/cssp_evidence_collector.py` | Collect evidence artifacts for CSSP assessment |
+| cssp_report_generator | `tools/compliance/cssp_report_generator.py` | Generate CSSP compliance reports by functional area |
+| cjis_assessor | `tools/compliance/cjis_assessor.py` | Assess FBI CJIS Security Policy compliance |
+| omb_m25_21_assessor | `tools/compliance/omb_m25_21_assessor.py` | Assess OMB M-25-21 AI policy compliance |
+| omb_m26_04_assessor | `tools/compliance/omb_m26_04_assessor.py` | Assess OMB M-26-04 AI accountability compliance |
+
+### NIST AI Frameworks
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| nist_ai_rmf_assessor | `tools/compliance/nist_ai_rmf_assessor.py` | Assess NIST AI Risk Management Framework (AI RMF) compliance |
+| nist_ai_600_1_assessor | `tools/compliance/nist_ai_600_1_assessor.py` | Assess NIST AI 600-1 generative AI safety compliance |
+| nist_800_207_assessor | `tools/compliance/nist_800_207_assessor.py` | Assess NIST SP 800-207 Zero Trust Architecture compliance |
+
+### AI Governance and Transparency
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| accountability_manager | `tools/compliance/accountability_manager.py` | Manage AI accountability plans, CAIO designation, and oversight structures |
+| ai_accountability_audit | `tools/compliance/ai_accountability_audit.py` | Audit AI system accountability artifacts and governance records |
+| ai_impact_assessor | `tools/compliance/ai_impact_assessor.py` | Assess AI system impact on rights, safety, and operations |
+| ai_incident_response | `tools/compliance/ai_incident_response.py` | AI-specific incident response plan generation and tracking |
+| ai_inventory_manager | `tools/compliance/ai_inventory_manager.py` | Maintain inventory of AI systems per OMB/CAIO requirements |
+| ai_reassessment_scheduler | `tools/compliance/ai_reassessment_scheduler.py` | Schedule periodic AI system reassessments and reviews |
+| ai_transparency_audit | `tools/compliance/ai_transparency_audit.py` | Audit AI transparency artifacts (model cards, system cards, disclosures) |
+| fairness_assessor | `tools/compliance/fairness_assessor.py` | Assess AI system fairness metrics and bias indicators |
+| gao_ai_assessor | `tools/compliance/gao_ai_assessor.py` | Assess compliance with GAO AI accountability framework |
+| gao_evidence_builder | `tools/compliance/gao_evidence_builder.py` | Build evidence packages for GAO AI accountability reviews |
+| model_card_generator | `tools/compliance/model_card_generator.py` | Generate model cards per Google/Hugging Face/NIST standards |
+| system_card_generator | `tools/compliance/system_card_generator.py` | Generate AI system cards for transparency disclosure |
+| pi_compliance_tracker | `tools/compliance/pi_compliance_tracker.py` | Track Program Increment (PI) compliance milestones and evidence |
+
+### AI Ethics and Explainability
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| xai_assessor | `tools/compliance/xai_assessor.py` | Assess Explainable AI (XAI) compliance across 10 checks |
+| eu_ai_act_classifier | `tools/compliance/eu_ai_act_classifier.py` | Classify AI systems under EU AI Act risk categories |
+| iso42001_assessor | `tools/compliance/iso42001_assessor.py` | Assess ISO 42001 AI Management System compliance |
+
+### OWASP Security
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| owasp_llm_assessor | `tools/compliance/owasp_llm_assessor.py` | Assess OWASP LLM Top 10 vulnerabilities |
+| owasp_agentic_assessor | `tools/compliance/owasp_agentic_assessor.py` | Assess OWASP Agentic AI security vulnerabilities |
+| owasp_asi_assessor | `tools/compliance/owasp_asi_assessor.py` | Assess OWASP AI Security Initiative compliance |
+
+### MITRE ATLAS
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| atlas_assessor | `tools/compliance/atlas_assessor.py` | Assess MITRE ATLAS AI threat coverage and defense posture |
+| atlas_report_generator | `tools/compliance/atlas_report_generator.py` | Generate MITRE ATLAS threat assessment reports |
+
+### Other Frameworks
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| hipaa_assessor | `tools/compliance/hipaa_assessor.py` | Assess HIPAA Security Rule compliance |
+| hitrust_assessor | `tools/compliance/hitrust_assessor.py` | Assess HITRUST CSF compliance |
+| iso27001_assessor | `tools/compliance/iso27001_assessor.py` | Assess ISO 27001 Information Security Management compliance |
+| ivv_assessor | `tools/compliance/ivv_assessor.py` | Assess IEEE 1012 Independent Verification and Validation compliance |
+| ivv_report_generator | `tools/compliance/ivv_report_generator.py` | Generate IEEE 1012 IV&V compliance reports |
+| mosa_assessor | `tools/compliance/mosa_assessor.py` | Assess DoD MOSA modularity and open architecture compliance |
+| multi_regime_assessor | `tools/compliance/multi_regime_assessor.py` | Run multiple compliance framework assessments in a single pass |
+| pci_dss_assessor | `tools/compliance/pci_dss_assessor.py` | Assess PCI DSS payment card security compliance |
+| sbd_assessor | `tools/compliance/sbd_assessor.py` | Assess CISA Secure by Design principles compliance, manage security exception registry (register, list, renew), Cloudyrion 8-pillar alignment |
+| sbd_report_generator | `tools/compliance/sbd_report_generator.py` | Generate CISA Secure by Design compliance reports |
+| siem_config_generator | `tools/compliance/siem_config_generator.py` | Generate SIEM configuration for compliance event collection |
+| slsa_attestation_generator | `tools/compliance/slsa_attestation_generator.py` | Generate SLSA supply chain provenance attestations |
+| soc2_assessor | `tools/compliance/soc2_assessor.py` | Assess SOC 2 Trust Services Criteria compliance |
+| swft_evidence_bundler | `tools/compliance/swft_evidence_bundler.py` | Bundle evidence artifacts for software factory authorization |
+
+### cATO Live Evidence
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| cato_live_engine | `tools/compliance/cato_live_engine.py` | Continuous OSCAL streaming, evidence freshness monitoring |
+| narrative_workflow | `tools/compliance/narrative_workflow.py` | AI narrative generation with approval workflow |
+| template_exchange | `tools/compliance/template_exchange.py` | Community compliance template sharing and rating |
+| firmware_sbom | `tools/compliance/firmware_sbom.py` | Firmware CycloneDX SBOM and VEX generation |
+
+### CY-CATO Monitoring
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| cato_monitor | `tools/compliance/cato_monitor.py` | Continuous ATO monitoring daemon for ongoing compliance |
+| cato_scheduler | `tools/compliance/cato_scheduler.py` | Schedule CATO assessment runs and compliance checks |
+| incident_response_plan | `tools/compliance/incident_response_plan.py` | Generate and manage incident response plans |
+
+### Diagram and Validation
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| diagram_validator | `tools/compliance/diagram_validator.py` | Validate network zone diagrams for compliance accuracy |
+
+### eMASS Integration
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| emass_client | `tools/compliance/emass/emass_client.py` | eMASS REST API client for DoD Risk Management Framework tool |
+| emass_export | `tools/compliance/emass/emass_export.py` | Export compliance data to eMASS-compatible format |
+| emass_sync | `tools/compliance/emass/emass_sync.py` | Bidirectional sync of controls and POAMs with eMASS |
+
+### Xacta Integration
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| xacta_client | `tools/compliance/xacta/xacta_client.py` | Xacta 360 REST API client for GRC platform |
+| xacta_export | `tools/compliance/xacta/xacta_export.py` | Export compliance data to Xacta 360 format |
+| xacta_sync | `tools/compliance/xacta/xacta_sync.py` | Sync controls and evidence with Xacta 360 |
+
+---
+
+## Dashboard
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| app | `tools/dashboard/app.py` | SparkPilot Flask web dashboard - missions, simulator, fleet, firmware, marketplace |
+
+---
+
+## Decisions (DMN-Lite Engine)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| dmn_engine | `tools/decisions/dmn_engine.py` | DMN-Lite decision table engine — YAML-defined tables, FEEL-subset expressions, 4 hit policies, audit trail, NIST control mapping |
+
+**Decision Tables** (in `args/decision_tables/`):
+
+| Table | File | Purpose |
+|-------|------|---------|
+| ato_boundary_impact | `args/decision_tables/ato_boundary_impact.yaml` | ATO boundary impact tier (GREEN/YELLOW/ORANGE/RED) based on data sensitivity, connections, auth |
+| deployment_approval | `args/decision_tables/deployment_approval.yaml` | Deployment approval level and required gates based on env, coverage, vulns, compliance |
+| agent_trust_decision | `args/decision_tables/agent_trust_decision.yaml` | AI agent trust-based autonomy decisions (quarantine/restrict/monitor/allow) |
+
+**Architecture Decisions:** D-DMN-1 through D-DMN-5
+
+---
+
+## DataBridge (Data Integration)
+
+### Core Engine
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| analytics | `tools/databridge/analytics.py` | DataBridge analytics - connection metrics, throughput, error rates |
+| arrow_pipeline | `tools/databridge/arrow_pipeline.py` | Apache Arrow-based high-performance data pipeline |
+| connection_manager | `tools/databridge/connection_manager.py` | Manage connector credentials and connection pooling (D-DB-13) |
+| connector | `tools/databridge/connector.py` | Base DataBridge connector interface and lifecycle management |
+| data_profiler | `tools/databridge/data_profiler.py` | Profile source data: schema, types, nulls, cardinality, distributions |
+| format_converter | `tools/databridge/format_converter.py` | Convert data between formats (JSON, CSV, Parquet, Avro, Arrow) |
+| mapping_engine | `tools/databridge/mapping_engine.py` | Field mapping and transformation rules engine |
+| pii_detector | `tools/databridge/pii_detector.py` | PII detection in data streams using Presidio (D-DB-18) |
+| registry | `tools/databridge/registry.py` | In-memory connector plugin registry |
+| relay_server | `tools/databridge/relay_server.py` | WebSocket relay server for agent-to-agent data streaming |
+| schema_engine | `tools/databridge/schema_engine.py` | Schema inference, validation, and evolution tracking |
+| stream_manager | `tools/databridge/stream_manager.py` | Manage active streaming sessions and backpressure |
+| sync_engine | `tools/databridge/sync_engine.py` | Bidirectional data sync with conflict resolution |
+| transforms | `tools/databridge/transforms.py` | Transform function registry (filter, map, aggregate, join) |
+
+### Harness Engineering (AI Agent Orchestration Scaffolding)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| exit_criteria_evaluator | `tools/harness/exit_criteria_evaluator.py` | Evaluate workflow completion against exit criteria registry |
+| trace_analyzer | `tools/harness/trace_analyzer.py` | Analyze hook events for patterns, suggest harness improvements |
+| maturity_assessor | `tools/harness/maturity_assessor.py` | Score project harness maturity 0-4 (None→Optimized) |
+| scaffold_harness | `tools/harness/scaffold_harness.py` | Generate baseline harness config for child apps |
+
+### Connector Forge (Dynamic Connector Generation)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| forge_agent | `tools/databridge/forge/forge_agent.py` | 6-stage pipeline orchestrator: spec→base→code→validate→sandbox→test |
+| spec_parser | `tools/databridge/forge/spec_parser.py` | Stage 1: Parse OpenAPI/WSDL/HTML/YAML into ForgeApiManifest |
+| base_selector | `tools/databridge/forge/base_selector.py` | Stage 2: Deterministic protocol→base class mapping |
+| code_generator | `tools/databridge/forge/code_generator.py` | Stage 3: Jinja2 template + two-tier LLM code generation |
+| static_validator | `tools/databridge/forge/static_validator.py` | Stage 4: 6-gate validation (compile, ruff, AST, bandit, secrets, imports) |
+| sandbox_manager | `tools/databridge/forge/sandbox_manager.py` | Stage 5: Docker/subprocess sandbox with test harness |
+| integration_tester | `tools/databridge/forge/integration_tester.py` | Stage 6: Integration test evaluation |
+| promoter | `tools/databridge/forge/promoter.py` | Promotion state machine (sandboxed→promoted→deprecated) |
+| marketplace_publisher | `tools/databridge/forge/marketplace_publisher.py` | Package and publish connectors to marketplace |
+| import_handler | `tools/databridge/forge/import_handler.py` | Import community connectors from marketplace |
+| community_hub | `tools/databridge/forge/community_hub.py` | Connector browsing, rating, trust scoring |
+| templates | `tools/databridge/forge/templates/__init__.py` | 8 inline Jinja2 connector templates (REST, GraphQL, SOAP, SQL, FTP, Messaging, Health, TCP) |
+
+### Scale Engine (Horizontal Scaling)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| worker_pool | `tools/databridge/scale/worker_pool.py` | ThreadPoolExecutor with semaphore-gated concurrency |
+| connection_pool | `tools/databridge/scale/connection_pool.py` | Per-connector-type reusable connection pools |
+| write_batcher | `tools/databridge/scale/write_batcher.py` | WAL + batch flush for sync log and audit writes |
+| backpressure | `tools/databridge/scale/backpressure.py` | Memory and queue-depth stream backpressure |
+| chunked_pipeline | `tools/databridge/scale/chunked_pipeline.py` | Chunked Arrow pipeline processing |
+| engine | `tools/databridge/scale/engine.py` | Scale engine orchestrator |
+
+### Agent Components
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| daemon | `tools/databridge/agent/daemon.py` | DataBridge background daemon for persistent connections |
+| tunnel | `tools/databridge/agent/tunnel.py` | Encrypted tunnel for cross-network data transfer |
+| ws_relay | `tools/databridge/agent/ws_relay.py` | WebSocket relay for real-time agent communication |
+
+### Messaging
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| agent_bridge | `tools/databridge/messaging/agent_bridge.py` | Bridge between DataBridge connectors and ICDEV agents |
+| message_envelope | `tools/databridge/messaging/message_envelope.py` | Standardized message envelope for cross-platform messaging |
+| message_logger | `tools/databridge/messaging/message_logger.py` | Audit-compliant message logging for all messaging connectors |
+| messaging_daemon | `tools/databridge/messaging/messaging_daemon.py` | Background daemon for persistent messaging connections |
+| oauth2_manager | `tools/databridge/messaging/oauth2_manager.py` | OAuth 2.0 token management for messaging platform auth |
+
+### Data Source Connectors
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| argocd_connector | `tools/databridge/connectors/argocd_connector.py` | ArgoCD GitOps deployment status connector |
+| avro_connector | `tools/databridge/connectors/avro_connector.py` | Apache Avro file format read/write connector |
+| azure_blob | `tools/databridge/connectors/azure_blob.py` | Azure Blob Storage connector |
+| cdc_connector | `tools/databridge/connectors/cdc_connector.py` | Change Data Capture (CDC) connector for real-time DB replication |
+| csv_connector | `tools/databridge/connectors/csv_connector.py` | CSV file read/write connector with schema detection |
+| datadog_connector | `tools/databridge/connectors/datadog_connector.py` | Datadog metrics and events connector |
+| discord_messaging | `tools/databridge/connectors/discord_messaging.py` | Discord messaging platform connector |
+| dynamics365 | `tools/databridge/connectors/dynamics365.py` | Microsoft Dynamics 365 CRM/ERP connector |
+| elasticsearch_connector | `tools/databridge/connectors/elasticsearch_connector.py` | Elasticsearch search and analytics connector |
+| email_base | `tools/databridge/connectors/email_base.py` | Base class for all email connectors |
+| excel_connector | `tools/databridge/connectors/excel_connector.py` | Microsoft Excel (.xlsx) read/write connector |
+| fsspec_base | `tools/databridge/connectors/fsspec_base.py` | fsspec-based filesystem abstraction base connector |
+| gcs | `tools/databridge/connectors/gcs.py` | Google Cloud Storage connector |
+| github_connector | `tools/databridge/connectors/github_connector.py` | GitHub repository, issues, and PR data connector |
+| gitlab_connector | `tools/databridge/connectors/gitlab_connector.py` | GitLab repository, issues, and MR data connector |
+| gmail_connector | `tools/databridge/connectors/gmail_connector.py` | Gmail API connector for email ingestion |
+| hdfs | `tools/databridge/connectors/hdfs.py` | Hadoop HDFS distributed filesystem connector |
+| hubspot | `tools/databridge/connectors/hubspot.py` | HubSpot CRM connector |
+| imap_connector | `tools/databridge/connectors/imap_connector.py` | Generic IMAP email protocol connector |
+| jenkins_connector | `tools/databridge/connectors/jenkins_connector.py` | Jenkins CI/CD build status and artifact connector |
+| jira_connector | `tools/databridge/connectors/jira_connector.py` | Jira issue tracking and project management connector |
+| json_connector | `tools/databridge/connectors/json_connector.py` | JSON file read/write connector with schema detection |
+| kafka_connector | `tools/databridge/connectors/kafka_connector.py` | Apache Kafka event streaming connector |
+| kinesis_connector | `tools/databridge/connectors/kinesis_connector.py` | AWS Kinesis data stream connector |
+| local_fs | `tools/databridge/connectors/local_fs.py` | Local filesystem connector for file-based data sources |
+| matrix | `tools/databridge/connectors/matrix.py` | Matrix protocol messaging connector |
+| mattermost_messaging | `tools/databridge/connectors/mattermost_messaging.py` | Mattermost team messaging connector |
+| messaging_base | `tools/databridge/connectors/messaging_base.py` | Base class for all messaging platform connectors |
+| mssql | `tools/databridge/connectors/mssql.py` | Microsoft SQL Server database connector |
+| mysql | `tools/databridge/connectors/mysql.py` | MySQL/MariaDB database connector |
+| netsuite | `tools/databridge/connectors/netsuite.py` | Oracle NetSuite ERP connector |
+| o365_mail | `tools/databridge/connectors/o365_mail.py` | Microsoft 365 Mail (Exchange Online) connector |
+| oracle | `tools/databridge/connectors/oracle.py` | Oracle Database connector |
+| pagerduty_connector | `tools/databridge/connectors/pagerduty_connector.py` | PagerDuty incident and alerting connector |
+| parquet_connector | `tools/databridge/connectors/parquet_connector.py` | Apache Parquet columnar file format connector |
+| postgresql | `tools/databridge/connectors/postgresql.py` | PostgreSQL database connector |
+| s3 | `tools/databridge/connectors/s3.py` | AWS S3 object storage connector |
+| saas_base | `tools/databridge/connectors/saas_base.py` | Base class for all SaaS API connectors |
+| salesforce | `tools/databridge/connectors/salesforce.py` | Salesforce CRM connector |
+| sap | `tools/databridge/connectors/sap.py` | SAP ERP connector |
+| servicenow | `tools/databridge/connectors/servicenow.py` | ServiceNow ITSM connector |
+| signal_messaging | `tools/databridge/connectors/signal_messaging.py` | Signal encrypted messaging connector |
+| slack_messaging | `tools/databridge/connectors/slack_messaging.py` | Slack team messaging connector |
+| smtp_connector | `tools/databridge/connectors/smtp_connector.py` | SMTP email send connector |
+| splunk_connector | `tools/databridge/connectors/splunk_connector.py` | Splunk SIEM search and HEC connector |
+| sql_base | `tools/databridge/connectors/sql_base.py` | Base class for all SQL database connectors |
+| sqlite_connector | `tools/databridge/connectors/sqlite_connector.py` | SQLite database connector |
+| teams | `tools/databridge/connectors/teams.py` | Microsoft Teams messaging connector |
+| telegram | `tools/databridge/connectors/telegram.py` | Telegram messaging connector |
+| whatsapp | `tools/databridge/connectors/whatsapp.py` | WhatsApp Business API connector |
+
+---
+
+## Database
+
+### Core DB Tools
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| backup | `tools/db/backup.py` | SQLite database backup utility |
+| backup_manager | `tools/db/backup_manager.py` | Scheduled backup management with retention policy |
+| storage | `tools/db/storage.py` | Storage abstraction layer (D-DB-20) — database-agnostic connection factory supporting SQLite and PostgreSQL with placeholder translation, pooling, and context managers. Config: `args/storage_config.yaml` |
+| init_icdev_db | `tools/db/init_icdev_db.py` | Initialize the main ICDEV operational database (icdev.db) |
+| init_sparkpilot_db | `tools/db/init_sparkpilot_db.py` | Initialize SparkPilot database with 32 tables; append-only audit tables |
+| migrate | `tools/db/migrate.py` | Run database schema migrations |
+| migration_runner | `tools/db/migration_runner.py` | Migration runner with rollback support |
+
+### Migrations
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| 001_baseline/up | `tools/db/migrations/001_baseline/up.py` | Baseline schema migration - initial table creation |
+| 002_memory_enhancements/up | `tools/db/migrations/002_memory_enhancements/up.py` | Memory system enhancements - embeddings, access log |
+| 003_dev_profiles/up | `tools/db/migrations/003_dev_profiles/up.py` | Developer profile tables |
+| 004_innovation_engine/up | `tools/db/migrations/004_innovation_engine/up.py` | Innovation engine tables |
+| 004_innovation_engine/down | `tools/db/migrations/004_innovation_engine/down.py` | Rollback innovation engine migration |
+| 005_phase_37_ai_security/up | `tools/db/migrations/005_phase_37_ai_security/up.py` | AI security tables (telemetry, ATLAS, prompt injection) |
+| 005_phase_37_ai_security/down | `tools/db/migrations/005_phase_37_ai_security/down.py` | Rollback AI security migration |
+| 006_phase_36_evolution/up | `tools/db/migrations/006_phase_36_evolution/up.py` | Phase 36 system evolution tables |
+| 006_phase_36_evolution/down | `tools/db/migrations/006_phase_36_evolution/down.py` | Rollback phase 36 evolution migration |
+| 007_phase_38_cloud/up | `tools/db/migrations/007_phase_38_cloud/up.py` | Cloud integration and SaaS tables |
+| 007_phase_38_cloud/down | `tools/db/migrations/007_phase_38_cloud/down.py` | Rollback cloud migration |
+| 008_phase36_37_integration/up | `tools/db/migrations/008_phase36_37_integration/up.py` | Add trust_level to child_learned_behaviors; integration fixup |
+
+---
+
+## DevSecOps and Zero Trust
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| attestation_manager | `tools/devsecops/attestation_manager.py` | Manage software supply chain attestations and provenance |
+| network_segmentation_generator | `tools/devsecops/network_segmentation_generator.py` | Generate network segmentation policies for Zero Trust |
+| pdp_config_generator | `tools/devsecops/pdp_config_generator.py` | Generate Policy Decision Point (PDP) configuration for ZTA |
+| pipeline_security_generator | `tools/devsecops/pipeline_security_generator.py` | Generate secure CI/CD pipeline configuration with gates |
+| policy_generator | `tools/devsecops/policy_generator.py` | Generate policy-as-code in Kyverno or OPA format |
+| profile_manager | `tools/devsecops/profile_manager.py` | Manage DevSecOps maturity profiles (5 levels) |
+| service_mesh_generator | `tools/devsecops/service_mesh_generator.py` | Generate Istio or Linkerd service mesh configuration |
+| zta_maturity_scorer | `tools/devsecops/zta_maturity_scorer.py` | Score Zero Trust Architecture maturity across 7 DoD pillars |
+| zta_terraform_generator | `tools/devsecops/zta_terraform_generator.py` | Generate Terraform IaC for Zero Trust network topology |
+
+---
+
+## Edge AI (TinyML)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| model_manager | `tools/edge_ai/model_manager.py` | TinyML model lifecycle: register, deploy to device, track inference |
+
+---
+
+## Embedded (SparkPilot Firmware)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| cmake_generator | `tools/embedded/cmake_generator.py` | Generate CMakeLists.txt and FreeRTOSConfig.h per target board |
+| crash_analyzer | `tools/embedded/crash_analyzer.py` | Analyze firmware crash dumps, match patterns, generate self-healing actions |
+| nl_to_firmware | `tools/embedded/nl_to_firmware.py` | Natural language command to FreeRTOS C firmware code generator |
+
+---
+
+## Fine-Tuning
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| pair_generator | `tools/finetune/pair_generator.py` | Generate prompt/completion training pairs from approved project artifacts. KARL pass-rate filtering for Goldilocks difficulty calibration (D-KARL-4) |
+
+---
+
+## Forge Studio (App Builder)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| component_registry | `tools/forge_studio/catalog/component_registry.py` | 34-component shadcn/ui catalog with props validation |
+| schema_validator | `tools/forge_studio/catalog/schema_validator.py` | Recursive component tree, page, and app validation |
+| json_render_engine | `tools/forge_studio/renderer/json_render_engine.py` | Deterministic JSON component tree → React JSX code generator |
+| layout_engine | `tools/forge_studio/renderer/layout_engine.py` | App layout, globals CSS, route structure generation |
+| app_generator | `tools/forge_studio/generator/app_generator.py` | Chat Mode entry point: description → full app (LLM or template) |
+| spec_builder | `tools/forge_studio/generator/spec_builder.py` | LLM output normalization, type aliases, ForgeApp construction |
+| prompt_templates | `tools/forge_studio/generator/prompt_templates.py` | Hardcoded prompt templates for two-tier LLM pipeline |
+| schema_generator | `tools/forge_studio/supabase/schema_generator.py` | PostgreSQL DDL with RLS policies from table specs |
+| auth_generator | `tools/forge_studio/supabase/auth_generator.py` | Supabase SSR auth files (context, middleware, login) |
+| migration_generator | `tools/forge_studio/supabase/migration_generator.py` | Supabase CLI migration files and config |
+| bpmn_adapter | `tools/forge_studio/workflow/bpmn_adapter.py` | Thin adapter to existing Runbook DAG + DMN + Saga engines |
+| nextjs_scaffolder | `tools/forge_studio/eject/nextjs_scaffolder.py` | Next.js project skeleton (package.json, tsconfig, tailwind, etc.) |
+| docker_compose_generator | `tools/forge_studio/eject/docker_compose_generator.py` | Docker Compose with full Supabase stack + app container |
+| eject_engine | `tools/forge_studio/eject/eject_engine.py` | Full code export: generate + render + scaffold + write to disk |
+| audit | `tools/forge_studio/audit.py` | Append-only forge audit trail (NIST AU compliant) |
+| models | `tools/forge_studio/models.py` | Domain models: ForgeComponent, ForgePage, ForgeApp, ForgeSchema |
+| compliance_wiring | `tools/forge_studio/compliance/compliance_wiring.py` | Auto-wire ICDEV 9-framework compliance to generated apps (assess, SBOM, CUI, bundles) |
+| complexity_detector | `tools/forge_studio/generator/complexity_detector.py` | Heuristic analysis of app descriptions — classifies simple vs complex + tier classification (local vs parent) |
+| intake_bridge | `tools/forge_studio/intake_bridge.py` | RICOAS ↔ Forge Studio bridge — multi-turn requirements intake → app generation |
+| tenant_manager | `tools/forge_studio/tenant_manager.py` | Multi-tenant provisioning, isolation, branding injection for ejected apps |
+| deploy_engine | `tools/forge_studio/deploy/deploy_engine.py` | Multi-cloud IaC generator (AWS, Azure, GCP, on-prem) with Terraform + CI/CD + K8s |
+| env_manager | `tools/forge_studio/deploy/env_manager.py` | Dev/staging/prod environment configs, feature flags, promotion pipeline |
+| airgap_packager | `tools/forge_studio/deploy/airgap_packager.py` | Air-gap deployment bundle with Docker images, compliance artifacts, SHA-256 checksums |
+| expression_engine | `tools/forge_studio/formula/expression_engine.py` | Safe AST-based expression evaluator (no eval()) for formula bar computed fields |
+| formula_registry | `tools/forge_studio/formula/formula_registry.py` | Named formula CRUD — create, list, evaluate, delete formulas per app |
+| process_miner | `tools/forge_studio/analytics/process_miner.py` | Process mining from audit trail — metrics, component usage, conformance checking |
+| component_hub | `tools/forge_studio/marketplace/component_hub.py` | Component/template marketplace — browse, publish, rate, install with trust scoring |
+| rn_component_map | `tools/forge_studio/renderer/rn_component_map.py` | Web-to-React Native component mapping with prop translation |
+| expo_scaffolder | `tools/forge_studio/eject/expo_scaffolder.py` | Expo/React Native project scaffolder for mobile app generation |
+| sso_manager | `tools/forge_studio/enterprise/sso_manager.py` | SSO/SAML/OIDC configuration per tenant — Keycloak, Azure AD, Okta presets, SAML assertion + OIDC token validation |
+| custom_frameworks | `tools/forge_studio/enterprise/custom_frameworks.py` | Custom compliance framework CRUD with NIST 800-53 crosswalk, assessment engine, 3 seed frameworks (HIPAA, SOC 2, PCI DSS) |
+| whitelabel_engine | `tools/forge_studio/enterprise/whitelabel_engine.py` | Full white-label theming — CSS compiler, custom domains, email templates, login page generation, eject injection |
+| hardening_engine | `tools/forge_studio/enterprise/hardening_engine.py` | IL4/IL5/FedRAMP High/DoD STIG hardening presets — Terraform + K8s config generation, FedRAMP package assembly |
+| export_engine | `tools/forge_studio/blueprint/export_engine.py` | Blueprint creation, tier classification, DB storage, and management (D-FS-TIER-2) |
+| parent_client | `tools/forge_studio/blueprint/parent_client.py` | Parent ICDEV HTTP handoff client — submit blueprints, poll builds, health check (D-FS-TIER-3) |
+| build_tracker | `tools/forge_studio/blueprint/build_tracker.py` | Full automated pipeline orchestrator — classify → route → build/submit → track (D-FS-TIER-4) |
+
+---
+
+## Fleet Management
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| device_registry | `tools/fleet/device_registry.py` | Device registry: register, heartbeat, health status, list devices |
+| ota_manager | `tools/fleet/ota_manager.py` | OTA firmware/model updates with canary deployment support |
+
+---
+
+## GovCon (Government Contracting)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| draft_orchestrator | `tools/govcon/draft_orchestrator.py` | Orchestrate proposal section drafting with RAG enrichment (Phase 67-68) |
+| engine_enrichment | `tools/govcon/engine_enrichment.py` | Enrich proposal content with keyword extraction and RAG sources |
+| knowledge_base | `tools/govcon/knowledge_base.py` | GovCon knowledge base: CRUD and hybrid search for proposal content (Phase 59) |
+| knowledge_ingestion | `tools/govcon/knowledge_ingestion.py` | Ingest documents into the proposal knowledge base (Phase 67) |
+| sam_scanner | `tools/govcon/sam_scanner.py` | SAM.gov opportunity scanner and competitive intelligence (Phase 59) |
+
+---
+
+## Infrastructure
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| ansible_generator | `tools/infra/ansible_generator.py` | Generate Ansible playbooks for configuration management |
+| dockerfile_generator | `tools/infra/dockerfile_generator.py` | Generate hardened Dockerfiles with non-root user and read-only filesystem |
+| infra_status | `tools/infra/infra_status.py` | Check infrastructure deployment status across environments |
+| ironbank_metadata_generator | `tools/infra/ironbank_metadata_generator.py` | Generate Iron Bank container metadata for DoD registry submission |
+| k8s_generator | `tools/infra/k8s_generator.py` | Generate Kubernetes manifests (Deployment, Service, NetworkPolicy, RBAC) |
+| pipeline_generator | `tools/infra/pipeline_generator.py` | Generate CI/CD pipeline YAML for GitHub Actions or GitLab CI |
+| rollback | `tools/infra/rollback.py` | Execute rollback to a previous deployment revision |
+| terraform_generator | `tools/infra/terraform_generator.py` | Generate Terraform IaC for AWS (us-gov-west-1 target) |
+| terraform_generator_azure | `tools/infra/terraform_generator_azure.py` | Generate Terraform IaC for Microsoft Azure |
+| terraform_generator_gcp | `tools/infra/terraform_generator_gcp.py` | Generate Terraform IaC for Google Cloud Platform |
+| terraform_generator_ibm | `tools/infra/terraform_generator_ibm.py` | Generate Terraform IaC for IBM Cloud |
+| terraform_generator_oci | `tools/infra/terraform_generator_oci.py` | Generate Terraform IaC for Oracle Cloud Infrastructure |
+| terraform_generator_onprem | `tools/infra/terraform_generator_onprem.py` | Generate Terraform IaC for on-premises Kubernetes clusters |
+
+---
+
+## Knowledge
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| knowledge_ingest | `tools/knowledge/knowledge_ingest.py` | Ingest artifacts (code, docs, patterns) into the knowledge base |
+| pattern_detector | `tools/knowledge/pattern_detector.py` | Detect recurring patterns and anti-patterns in project artifacts |
+| recommendation_engine | `tools/knowledge/recommendation_engine.py` | Recommend self-healing actions based on known patterns |
+| self_heal_analyzer | `tools/knowledge/self_heal_analyzer.py` | Analyze failures and produce root cause analysis with remediation |
+
+---
+
+## Knowledge Graph Engine
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| text_network | `tools/knowledge_graph/text_network.py` | Core text network analysis: co-occurrence graph, Louvain community detection, betweenness centrality, structural gap detection |
+| ingester | `tools/knowledge_graph/ingester.py` | Multi-source ingester: text, file, URL, YouTube, database, code directory |
+| graph_rag | `tools/knowledge_graph/graph_rag.py` | GraphRAG retrieval: overlay queries on knowledge graphs, BFS neighborhood expansion, KARL-inspired per-query-type scoring profiles (D-KARL-1), self-directed context compression (D-KARL-2) |
+| insight_generator | `tools/knowledge_graph/insight_generator.py` | AI insight generation: research questions, community summaries, gap bridging, layer peeling (scanner-tier LLM, zero Claude tokens) |
+
+**Dashboard:** `/knowledge-graph` — Interactive force-directed graph visualization with chat panel
+**Config:** `args/knowledge_graph_config.yaml`
+**Goal:** `goals/knowledge_graph.md`
+**Database tables:** `kg_graphs`, `kg_nodes`, `kg_edges`, `kg_gaps`, `kg_ingestions`
+**RAG sources:** `kg_concepts`, `kg_relationships`, `kg_structural_gaps`, `kg_graphs`
+**Portable:** Core engine has zero ICDEV-specific imports — usable by child apps
+
+---
+
+## LLM Providers and Router
+
+### Providers
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| anthropic_provider | `tools/llm/anthropic_provider.py` | Anthropic Claude API provider (Claude Sonnet, Opus, Haiku) |
+| azure_openai_provider | `tools/llm/azure_openai_provider.py` | Azure OpenAI Service provider (GPT-4o, GPT-4) |
+| bedrock_provider | `tools/llm/bedrock_provider.py` | AWS Bedrock provider (Claude, Titan, Llama, Mistral) |
+| embedding_provider | `tools/llm/embedding_provider.py` | Text embedding provider for semantic search (OpenAI text-embedding-3-small) |
+| gemini_provider | `tools/llm/gemini_provider.py` | Google Gemini API provider |
+| ibm_watsonx_provider | `tools/llm/ibm_watsonx_provider.py` | IBM watsonx.ai provider with graceful SDK import (D73) |
+| oci_genai_provider | `tools/llm/oci_genai_provider.py` | Oracle Cloud Infrastructure Generative AI provider |
+| ollama_provider | `tools/llm/ollama_provider.py` | Ollama local LLM provider via native /api/chat endpoint |
+| openai_provider | `tools/llm/openai_provider.py` | OpenAI API provider (GPT-4o, GPT-4 Turbo) |
+| vertex_ai_provider | `tools/llm/vertex_ai_provider.py` | Google Vertex AI provider (Gemini Pro, PaLM) |
+
+### Core Router
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| provider | `tools/llm/provider.py` | Vendor-agnostic LLM request/response interface (ABC) |
+| provider_sdk | `tools/llm/provider_sdk.py` | Provider SDK validation and test harness |
+| router | `tools/llm/router.py` | LLM router: fallback chain, availability probing, two-tier routing (Claude+qwen3) |
+
+---
+
+## Maintenance
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| dependency_scanner | `tools/maintenance/dependency_scanner.py` | Scan and audit project dependencies for outdated packages |
+| maintenance_auditor | `tools/maintenance/maintenance_auditor.py` | Audit system maintenance status: deps, vulns, SLA timelines |
+| remediation_engine | `tools/maintenance/remediation_engine.py` | Generate remediation plans for identified maintenance issues |
+| vulnerability_checker | `tools/maintenance/vulnerability_checker.py` | Check dependencies against CVE databases for known vulnerabilities |
+
+---
+
+## Marketplace (Thin Client)
+
+Commerce/payments/subscriptions extracted to standalone SaaS (marketplace.icdev.ai).
+ICDEV retains a thin client for module gating (~300 LOC).
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| module_runtime | `tools/marketplace/module_runtime.py` | Module enablement checks — OSS mode (all unlocked) or SaaS mode (token verification) |
+| license_client | `tools/marketplace/license_client.py` | Offline RSA-SHA256 token verification + SaaS API calls (sync, phone-home) |
+| token_store | `tools/marketplace/token_store.py` | Local JSON storage for synced license tokens |
+| asset_installer | `tools/marketplace/asset_installer.py` | CLI: install, uninstall, update, list, check-updates marketplace modules |
+| module_crypto | `tools/marketplace/module_crypto.py` | AES-256-GCM at-rest encryption for marketplace modules with HKDF key derivation and transparent import hook (D-MKT-E1–E8) |
+| feedback_validator | `tools/marketplace/feedback_validator.py` | Feedback quality validation for renewal — min 50 chars, category tags, duplicate detection, optional scanner-tier AI substance check (D-MKT-C3 v2) |
+
+---
+
+## MBSE (Model-Based Systems Engineering)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| des_assessor | `tools/mbse/des_assessor.py` | Assess Digital Engineering Strategy (DoDI 5000.87) compliance |
+| des_report_generator | `tools/mbse/des_report_generator.py` | Generate DES compliance reports by category |
+| diagram_extractor | `tools/mbse/diagram_extractor.py` | Extract system elements from architecture diagram screenshots |
+| digital_thread | `tools/mbse/digital_thread.py` | Digital thread: auto-link model elements to code, coverage analysis |
+| model_code_generator | `tools/mbse/model_code_generator.py` | Generate code from SysML model elements |
+| model_control_mapper | `tools/mbse/model_control_mapper.py` | Map SysML model blocks to NIST 800-53 controls |
+| pi_model_tracker | `tools/mbse/pi_model_tracker.py` | Track model-to-code alignment per Program Increment (PI) |
+| reqif_parser | `tools/mbse/reqif_parser.py` | Parse DOORS NG ReqIF requirements files into the digital thread |
+| sync_engine | `tools/mbse/sync_engine.py` | Detect drift between SysML models and source code |
+| xmi_parser | `tools/mbse/xmi_parser.py` | Parse SysML XMI model files and store elements in the digital thread |
+| thread_heatmap | `tools/mbse/thread_heatmap.py` | Digital thread traceability coverage heatmap |
+
+---
+
+## MCP Servers
+
+Stdio MCP servers that expose ICDEV capabilities to Claude Code.
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| builder_server | `tools/mcp/builder_server.py` | MCP server: scaffold, generate_code, write_tests, run_tests, lint, format |
+| compliance_server | `tools/mcp/compliance_server.py` | MCP server: ssp_generate, poam_generate, stig_check, sbom_generate, cui_mark |
+| core_server | `tools/mcp/core_server.py` | MCP server: project_create, project_list, project_status, task_dispatch, agent_status |
+| devsecops_zta_server | `tools/mcp/devsecops_zta_server.py` | MCP server: devsecops_profile_create, zta_maturity_score, pipeline_security_generate |
+| knowledge_server | `tools/mcp/knowledge_server.py` | MCP server: search_knowledge, add_pattern, get_recommendations, self_heal |
+| monitor_server | `tools/mcp/monitor_server.py` | MCP server: log_analyze, health_check, metrics_query, alert_manage |
+| requirements_analyst_server | `tools/mcp/requirements_analyst_server.py` | MCP server: create_intake_session, process_intake_turn, detect_gaps, score_readiness |
+| security_server | `tools/mcp/security_server.py` | MCP server: sast_scan, dep_audit, secret_detect, container_scan |
+| simulation_server | `tools/mcp/simulation_server.py` | MCP server: create_scenario, run_simulation, run_monte_carlo, generate_coas |
+| supply_chain_server | `tools/mcp/supply_chain_server.py` | MCP server: add_vendor, build_dependency_graph, assess_scrm, triage_cve |
+
+---
+
+## Memory System
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| auto_capture | `tools/memory/auto_capture.py` | Auto-capture session events and facts to memory (hooks into tool calls) |
+| embed_memory | `tools/memory/embed_memory.py` | Generate OpenAI text-embedding-3-small embeddings for all memory entries |
+| history_compressor | `tools/memory/history_compressor.py` | Compress conversation history to extract durable facts |
+| hybrid_search | `tools/memory/hybrid_search.py` | Hybrid search: 0.7 BM25 keyword + 0.3 semantic (configurable weights) |
+| maintenance_cron | `tools/memory/maintenance_cron.py` | Scheduled memory maintenance: time decay, deduplication, archiving |
+| memory_consolidation | `tools/memory/memory_consolidation.py` | Consolidate related memory entries into durable facts |
+| memory_db | `tools/memory/memory_db.py` | SQLite memory database operations (entries, daily_logs, access_log) |
+| memory_read | `tools/memory/memory_read.py` | Read all memory: MEMORY.md, recent daily logs, and DB entries |
+| memory_write | `tools/memory/memory_write.py` | Write to daily log and memory DB with SHA-256 deduplication (D179) |
+| semantic_search | `tools/memory/semantic_search.py` | Semantic vector search using OpenAI embeddings |
+| time_decay | `tools/memory/time_decay.py` | Apply time-based relevance decay to memory entries |
+
+---
+
+## Missions (Gamified Learning)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| mission_engine | `tools/missions/mission_engine.py` | Gamified mission engine: seed, list, start, complete, track XP and badges |
+
+---
+
+## Monitor
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| alert_correlator | `tools/monitor/alert_correlator.py` | Correlate alerts across services to identify root cause patterns |
+| auto_resolver | `tools/monitor/auto_resolver.py` | Automatically resolve known alert types using self-healing playbooks |
+| health_checker | `tools/monitor/health_checker.py` | HTTP health check for all agent services and dependencies |
+| heartbeat_daemon | `tools/monitor/heartbeat_daemon.py` | Background daemon sending periodic agent heartbeats |
+| log_analyzer | `tools/monitor/log_analyzer.py` | Analyze log streams for anomalies, errors, and patterns |
+| metric_collector | `tools/monitor/metric_collector.py` | Collect system and application metrics for monitoring dashboards |
+
+---
+
+## MOSA (Modular Open Systems Architecture)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| icd_generator | `tools/mosa/icd_generator.py` | Generate Interface Control Documents (ICDs) for module boundaries |
+| modular_design_analyzer | `tools/mosa/modular_design_analyzer.py` | Analyze codebase for MOSA modularity and coupling metrics |
+| mosa_code_enforcer | `tools/mosa/mosa_code_enforcer.py` | Enforce MOSA coding standards and interface discipline |
+| tsp_generator | `tools/mosa/tsp_generator.py` | Generate Technical Standard Profiles (TSPs) for open architecture |
+
+---
+
+## Observability and XAI
+
+### Core Tracing
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| genai_attributes | `tools/observability/genai_attributes.py` | GenAI semantic convention attributes for OTel traces |
+| instrumentation | `tools/observability/instrumentation.py` | Automatic LLM call instrumentation with attribute extraction |
+| mlflow_exporter | `tools/observability/mlflow_exporter.py` | Export traces and metrics to MLflow for experiment tracking |
+| otel_tracer | `tools/observability/otel_tracer.py` | OpenTelemetry tracer for production distributed tracing |
+| sqlite_tracer | `tools/observability/sqlite_tracer.py` | SQLite-backed tracer for air-gapped environments (D280) |
+| trace_context | `tools/observability/trace_context.py` | W3C Trace Context generation and propagation |
+| tracer | `tools/observability/tracer.py` | Pluggable tracer ABC with OTel/SQLite/Null implementations |
+
+### Provenance
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| prov_recorder | `tools/observability/provenance/prov_recorder.py` | Record W3C PROV-AGENT provenance in append-only SQLite (D287) |
+
+### AgentSHAP
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| agent_shap | `tools/observability/shap/agent_shap.py` | Monte Carlo Shapley values for tool attribution in agent decisions |
+
+---
+
+## Project Management
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| manifest_loader | `tools/project/manifest_loader.py` | Load and parse goals/manifest.md and tools/manifest.md |
+| project_create | `tools/project/project_create.py` | Create a new project record in icdev.db |
+| project_list | `tools/project/project_list.py` | List all projects with status summary |
+| project_scaffold | `tools/project/project_scaffold.py` | Scaffold new project directory structure from template |
+| project_status | `tools/project/project_status.py` | Show project health: tasks, compliance, agent status |
+| session_context_builder | `tools/project/session_context_builder.py` | Build session context from project, memory, and goals |
+| validate_manifest | `tools/project/validate_manifest.py` | Validate tools/manifest.md against actual files on disk |
+
+---
+
+## RAG (Retrieval-Augmented Generation)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| corrective_rag | `tools/rag/corrective_rag.py` | Corrective RAG pipeline: retrieve → evaluate → correct → return. KARL parallel multi-strategy retrieval with generative aggregation (D-KARL-3) |
+| source_registry | `tools/rag/source_registry.py` | Registry of all RAG-searchable sources: table/column mappings for hybrid search |
+
+---
+
+## Requirements (RICOAS)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| ai_governance_scorer | `tools/requirements/ai_governance_scorer.py` | Score AI governance readiness across accountability dimensions |
+| boundary_analyzer | `tools/requirements/boundary_analyzer.py` | ATO boundary impact analysis: GREEN/YELLOW/ORANGE/RED (4-tier) |
+| clarification_engine | `tools/requirements/clarification_engine.py` | Generate targeted clarification questions from ambiguous requirements |
+| complexity_scorer | `tools/requirements/complexity_scorer.py` | Score requirement complexity for estimation and risk |
+| consistency_analyzer | `tools/requirements/consistency_analyzer.py` | Detect contradictions and inconsistencies in requirement sets |
+| constitution_manager | `tools/requirements/constitution_manager.py` | Manage AI constitution constraints for requirement generation |
+| decomposition_engine | `tools/requirements/decomposition_engine.py` | SAFe decomposition: Epic -> Feature -> Story with BDD scenarios |
+| document_extractor | `tools/requirements/document_extractor.py` | Extract requirements from uploaded RFP/SOW/PWS documents |
+| elicitation_techniques | `tools/requirements/elicitation_techniques.py` | Apply elicitation techniques (interviews, workshops, use cases) |
+| gap_detector | `tools/requirements/gap_detector.py` | Detect requirement gaps in security, compliance, and functional coverage |
+| intake_engine | `tools/requirements/intake_engine.py` | 5-stage conversational requirements intake pipeline |
+| prd_generator | `tools/requirements/prd_generator.py` | Generate a Product Requirements Document (PRD) from intake session |
+| prd_validator | `tools/requirements/prd_validator.py` | Validate PRD completeness, clarity, and testability |
+| readiness_scorer | `tools/requirements/readiness_scorer.py` | Score requirements readiness across 7 dimensions (blocks < 0.7) |
+| spec_organizer | `tools/requirements/spec_organizer.py` | Organize raw requirements into structured specification hierarchy |
+| spec_quality_checker | `tools/requirements/spec_quality_checker.py` | Check requirement quality: SMART, unambiguous, verifiable |
+| traceability_builder | `tools/requirements/traceability_builder.py` | Build Requirements Traceability Matrix (RTM) for entire project |
+
+---
+
+## SaaS Licensing
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| license_validator | `tools/saas/licensing/license_validator.py` | Validate RSA-SHA256 signed module license tokens |
+
+---
+
+## Scaffold (Golden Path)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| golden_path | `tools/scaffold/golden_path.py` | Self-service project scaffolder with compliance bootstrap |
+
+---
+
+## Security
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| agent_output_validator | `tools/security/agent_output_validator.py` | Validate agent outputs for injection, data leakage, and policy violations |
+| agent_trust_scorer | `tools/security/agent_trust_scorer.py` | Score agent trust based on behavioral history and drift detection |
+| ai_bom_generator | `tools/security/ai_bom_generator.py` | Generate AI Bill of Materials: models, training data, fine-tunes, prompts |
+| ai_telemetry_logger | `tools/security/ai_telemetry_logger.py` | Privacy-preserving AI telemetry: SHA-256 hashed prompts and responses (D216) |
+| atlas_red_team | `tools/security/atlas_red_team.py` | MITRE ATLAS red team simulation: adversarial AI attack scenarios |
+| code_pattern_scanner | `tools/security/code_pattern_scanner.py` | Scan source code for insecure coding patterns |
+| confabulation_detector | `tools/security/confabulation_detector.py` | Detect AI hallucination/confabulation in generated outputs (advisory-only) |
+| container_scanner | `tools/security/container_scanner.py` | Scan container images and Dockerfiles for security vulnerabilities |
+| dependency_auditor | `tools/security/dependency_auditor.py` | Audit project dependencies across multiple language ecosystems |
+| endpoint_security_scanner | `tools/security/endpoint_security_scanner.py` | Scan API endpoints for security misconfigurations and exposure |
+| mcp_tool_authorizer | `tools/security/mcp_tool_authorizer.py` | Authorize MCP tool calls against RBAC policies |
+| prompt_injection_detector | `tools/security/prompt_injection_detector.py` | Detect prompt injection attacks across 5 categories (D215) |
+| sast_runner | `tools/security/sast_runner.py` | Run Bandit SAST scan across multiple language ecosystems |
+| secret_detector | `tools/security/secret_detector.py` | Detect secrets, keys, and credentials in source code |
+| tool_chain_validator | `tools/security/tool_chain_validator.py` | Validate agentic tool call chains against approved patterns |
+| vuln_scanner | `tools/security/vuln_scanner.py` | Comprehensive vulnerability scanner: SAST, deps, secrets, containers |
+| threat_modeler | `tools/security/threat_modeler.py` | STRIDE threat modeling with NIST mapping |
+
+---
+
+## Simulation (Digital Program Twin)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| coa_generator | `tools/simulation/coa_generator.py` | Generate 3 standard Courses of Action (COAs) for intake sessions |
+| monte_carlo | `tools/simulation/monte_carlo.py` | Monte Carlo simulation: 10,000 iterations across 6 risk dimensions |
+| scenario_manager | `tools/simulation/scenario_manager.py` | Manage what-if scenarios: fork, clone, compare |
+| simulation_engine | `tools/simulation/simulation_engine.py` | 6-dimension Digital Program Twin simulation engine |
+| ato_simulator | `tools/simulation/ato_simulator.py` | Monte Carlo ATO timeline prediction |
+
+---
+
+## Simulator (RTOS Browser Simulator)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| sim_runner | `tools/simulator/sim_runner.py` | POSIX/WASM FreeRTOS simulator: sessions, virtual peripherals, peripheral seeding |
+
+---
+
+## Supply Chain
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| cve_triager | `tools/supply_chain/cve_triager.py` | Triage CVEs against project SBOM with SLA enforcement |
+| dependency_graph | `tools/supply_chain/dependency_graph.py` | Build SQL adjacency list dependency graph for supply chain visibility (D27) |
+| isa_manager | `tools/supply_chain/isa_manager.py` | Manage Interconnection Security Agreements (ISA) lifecycle |
+| scrm_assessor | `tools/supply_chain/scrm_assessor.py` | Supply Chain Risk Management (SCRM) assessment per NIST SP 800-161 |
+
+---
+
+## Testing
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| acceptance_validator | `tools/testing/acceptance_validator.py` | Validate acceptance criteria (V&V) against test evidence |
+| api_surface_extractor | `tools/testing/api_surface_extractor.py` | Extract API surface (routes, args, return types) from Python modules |
+| claude_dir_validator | `tools/testing/claude_dir_validator.py` | Validate .claude/ directory structure and command files |
+| data_types | `tools/testing/data_types.py` | Shared testing data types and shared test fixtures |
+| e2e_runner | `tools/testing/e2e_runner.py` | E2E Test Runner - Playwright native and MCP integration |
+| fuzz_cli | `tools/testing/fuzz_cli.py` | CLI Argument Fuzzer - feed malformed inputs to CLI tools |
+| health_check | `tools/testing/health_check.py` | Full system health check across all tools and dependencies |
+| platform_check | `tools/testing/platform_check.py` | Check platform compatibility for tool execution |
+| production_audit | `tools/testing/production_audit.py` | Audit production deployment for drift and compliance |
+| production_remediate | `tools/testing/production_remediate.py` | Remediate production audit findings automatically |
+| screenshot_validator | `tools/testing/screenshot_validator.py` | Validate Playwright screenshots for visual regression |
+| smoke_test | `tools/testing/smoke_test.py` | Smoke test - verify all CLI tools are importable and --help works |
+| test_agent_models | `tools/testing/test_agent_models.py` | Agent Model Test - verify Claude Code models respond correctly |
+| test_orchestrator | `tools/testing/test_orchestrator.py` | Test Orchestrator - 7-step pipeline: compile, lint, pytest, BDD, SAST, gates |
+| utils | `tools/testing/utils.py` | Shared testing utilities: subprocess runner, output parser |
+
+---
+
+## Writing (WriteGuard)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| ai_content_detector | `tools/writing/ai_content_detector.py` | Detect AI-generated content via perplexity, burstiness, n-gram stats (advisory-only, D-WG-6) |
+| analysis_engine | `tools/writing/analysis_engine.py` | Orchestrate full WriteGuard analysis pipeline for a document |
+| batch_analyzer | `tools/writing/batch_analyzer.py` | Run WriteGuard analysis on multiple documents in batch (D-WG-9) |
+| coherence_analyzer | `tools/writing/coherence_analyzer.py` | Analyze document coherence: flow, transitions, argument structure |
+| govcon_bridge | `tools/writing/govcon_bridge.py` | Read-only bridge to GovProposal for proposal section analysis (D-WG-8) |
+| grammar_checker | `tools/writing/grammar_checker.py` | Deterministic grammar and mechanics checking (regex-first, D-WG-2) |
+| plagiarism_detector | `tools/writing/plagiarism_detector.py` | RAG-based plagiarism detection (0.85 cosine similarity threshold, D-WG-5) |
+| readability_scorer | `tools/writing/readability_scorer.py` | Score document readability: Flesch-Kincaid, Gunning Fog, SMOG |
+| rewriter | `tools/writing/rewriter.py` | Rewrite content to match style guide or improve clarity |
+| signal_registrar | `tools/writing/signal_registrar.py` | Register and manage writing quality signals for detection |
+| snippet_manager | `tools/writing/snippet_manager.py` | CRUD and hybrid search for approved writing snippets (D-WG-7) |
+| style_enforcer | `tools/writing/style_enforcer.py` | Enforce 5-layer style guide cascade (Platform/Tenant/Program/Project/User) |
+| style_guide_manager | `tools/writing/style_guide_manager.py` | Manage style guides with ISSO locks (D-WG-3) |
+| tone_profiler | `tools/writing/tone_profiler.py` | Profile document tone using keyword dictionaries (deterministic, D-WG-2) |
+
+---
+
+## Research (Industry Research Engine)
+
+| Tool | Path | Purpose |
+|------|------|---------|
+| research_manager | `tools/research/research_manager.py` | Session lifecycle, pipeline orchestration, dossier retrieval, HITL review |
+| vertical_loader | `tools/research/vertical_loader.py` | Load and manage industry vertical definitions from DB |
+| source_scanner | `tools/research/source_scanner.py` | Base scanning infrastructure: signal dedup, batch insert, session helpers |
+| landscape_scanner | `tools/research/landscape_scanner.py` | Competitive and commercial mapping — competitors, emerging players, trends |
+| regulatory_scanner | `tools/research/regulatory_scanner.py` | Regulatory landscape mapping with ICDEV crosswalk coverage analysis |
+| community_scanner | `tools/research/community_scanner.py` | Community pain point mining from forums and review sites |
+| academic_scanner | `tools/research/academic_scanner.py` | Academic papers, patents, and emerging tech signal discovery |
+| challenge_scorer | `tools/research/challenge_scorer.py` | 6-dimension challenge scoring (D-RES-7): market demand, regulatory pressure, etc. |
+| build_buy_analyzer | `tools/research/build_buy_analyzer.py` | Build-vs-buy-vs-partner decision matrix per challenge |
+| dossier_generator | `tools/research/dossier_generator.py` | 11-section research dossier generation from pipeline data |
+| cross_engine_bridge | `tools/research/cross_engine_bridge.py` | Cross-register findings to Innovation + Creative engines |
+
+---
+
+*CUI // SP-CTI | Generated: 2026-03-06 | Total tools: 425 Python files*