icdev 0.0.3__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1214) hide show
  1. args/agent_config.yaml +113 -0
  2. args/audit_regimes/cisa_sbd.json +381 -0
  3. args/audit_regimes/cmmc_l2.json +906 -0
  4. args/audit_regimes/dod_cssp.json +393 -0
  5. args/audit_regimes/dodi_5000_87.json +297 -0
  6. args/audit_regimes/fedramp_moderate.json +650 -0
  7. args/audit_regimes/ieee_1012.json +373 -0
  8. args/audit_regimes/nist_800_171.json +624 -0
  9. args/audit_regimes/nist_800_53.json +907 -0
  10. args/cloudforge_blueprints/aws_commercial.yaml +29 -0
  11. args/cloudforge_blueprints/aws_govcloud_il4.yaml +34 -0
  12. args/cloudforge_blueprints/aws_govcloud_il5.yaml +38 -0
  13. args/cloudforge_blueprints/azure_commercial.yaml +28 -0
  14. args/cloudforge_blueprints/azure_gov_il4.yaml +32 -0
  15. args/cloudforge_blueprints/azure_gov_il5.yaml +36 -0
  16. args/cloudforge_blueprints/gcp_commercial.yaml +28 -0
  17. args/cloudforge_blueprints/oci_commercial.yaml +28 -0
  18. args/cloudforge_config.yaml +231 -0
  19. args/cloudforge_runbook_templates/backup_verify.yaml +98 -0
  20. args/cloudforge_runbook_templates/dr_failover.yaml +107 -0
  21. args/cloudforge_runbook_templates/health_check.yaml +97 -0
  22. args/cloudforge_runbook_templates/incident_response.yaml +101 -0
  23. args/cloudforge_runbook_templates/migration_cutover.yaml +105 -0
  24. args/cloudforge_runbook_templates/patch_rollout.yaml +92 -0
  25. args/cloudforge_runbook_templates/zone_provision.yaml +93 -0
  26. args/code_pattern_config.yaml +151 -0
  27. args/code_quality_config.yaml +47 -0
  28. args/compliance_config.yaml +17 -0
  29. args/control_inheritance.yaml +177 -0
  30. args/csp_mcp_config.yaml +41 -0
  31. args/cui_markings.yaml +35 -0
  32. args/databridge_config.yaml +232 -0
  33. args/db_config.yaml +116 -0
  34. args/decision_tables/agent_trust_decision.yaml +143 -0
  35. args/decision_tables/ato_boundary_impact.yaml +132 -0
  36. args/decision_tables/deployment_approval.yaml +152 -0
  37. args/degradation_matrix.yaml +163 -0
  38. args/devsecops_config.yaml +286 -0
  39. args/endpoint_security_config.yaml +207 -0
  40. args/exit_criteria.yaml +102 -0
  41. args/feature_flags.yaml +235 -0
  42. args/file_access_tiers.yaml +88 -0
  43. args/forge_studio/blueprint_config.yaml +27 -0
  44. args/forge_studio/component_catalog.json +411 -0
  45. args/forge_studio/workflow_templates.yaml +103 -0
  46. args/govcon_config.yaml +41 -0
  47. args/harness_config.yaml +67 -0
  48. args/innovation_config.yaml +321 -0
  49. args/knowledge_graph_config.yaml +113 -0
  50. args/llm_config.yaml +222 -0
  51. args/marketplace_config.yaml +260 -0
  52. args/monitoring_config.yaml +127 -0
  53. args/mosa_config.yaml +190 -0
  54. args/observability_tracing_config.yaml +170 -0
  55. args/owasp_agentic_config.yaml +171 -0
  56. args/pipeline_gates.yaml +197 -0
  57. args/project_defaults.yaml +235 -0
  58. args/prompt_chains.yaml +163 -0
  59. args/rag_config.yaml +167 -0
  60. args/research_config.yaml +89 -0
  61. args/resilience_config.yaml +197 -0
  62. args/ricoas_config.yaml +191 -0
  63. args/security_gates.yaml +763 -0
  64. args/storage_config.yaml +63 -0
  65. args/writeguard_config.yaml +131 -0
  66. args/zta_config.yaml +247 -0
  67. context/__init__.py +6 -0
  68. context/agent/__init__.py +6 -0
  69. context/agent/response_schemas/__init__.py +6 -0
  70. context/agent/response_schemas/debate_position.json +46 -0
  71. context/agent/response_schemas/fitness_scorecard.json +74 -0
  72. context/agent/response_schemas/review_decision.json +39 -0
  73. context/agent/response_schemas/task_decomposition.json +82 -0
  74. context/agent/response_schemas/veto_decision.json +40 -0
  75. context/agentic/__init__.py +6 -0
  76. context/agentic/architecture_patterns.md +269 -0
  77. context/agentic/capability_registry.yaml +223 -0
  78. context/agentic/csp_integration.md +30 -0
  79. context/agentic/csp_mcp_registry.yaml +280 -0
  80. context/agentic/fitness_rubric.md +56 -0
  81. context/agentic/governance_baseline.md +205 -0
  82. context/ci/__init__.py +6 -0
  83. context/ci/worktree_templates.json +44 -0
  84. context/cloud/__init__.py +6 -0
  85. context/cloud/csp_service_registry.json +739 -0
  86. context/compliance/__init__.py +6 -0
  87. context/compliance/ai_rmf_crosswalk.yaml +226 -0
  88. context/compliance/atlas_mitigations.json +293 -0
  89. context/compliance/atlas_techniques.json +833 -0
  90. context/compliance/cisa_sbd_requirements.json +477 -0
  91. context/compliance/cjis_security_policy.json +522 -0
  92. context/compliance/cmmc_practices.json +2494 -0
  93. context/compliance/cmmc_report_template.md +142 -0
  94. context/compliance/cnssi_1253_overlay.json +109 -0
  95. context/compliance/control_crosswalk.json +1914 -0
  96. context/compliance/control_families/__init__.py +6 -0
  97. context/compliance/csp_certifications.json +251 -0
  98. context/compliance/cssp_report_template.md +193 -0
  99. context/compliance/cui_templates/__init__.py +6 -0
  100. context/compliance/cui_templates/banner_block.txt +4 -0
  101. context/compliance/cui_templates/code_header.txt +8 -0
  102. context/compliance/cui_templates/document_template.md +35 -0
  103. context/compliance/data_type_framework_map.json +321 -0
  104. context/compliance/data_type_registry.json +147 -0
  105. context/compliance/dod_cssp_8530.json +463 -0
  106. context/compliance/eu_ai_act_annex_iii.json +108 -0
  107. context/compliance/export_templates/__init__.py +6 -0
  108. context/compliance/export_templates/emass_controls.csv.j2 +4 -0
  109. context/compliance/export_templates/evidence_package.md.j2 +39 -0
  110. context/compliance/export_templates/executive_summary.md.j2 +55 -0
  111. context/compliance/export_templates/poam_tracking.csv.j2 +4 -0
  112. context/compliance/fedramp_20x_ksi_schemas.json +133 -0
  113. context/compliance/fedramp_high_baseline.json +4370 -0
  114. context/compliance/fedramp_moderate_baseline.json +2183 -0
  115. context/compliance/fedramp_report_template.md +181 -0
  116. context/compliance/fips_200_areas.json +362 -0
  117. context/compliance/gao_ai_accountability.json +262 -0
  118. context/compliance/hipaa_security_rule.json +720 -0
  119. context/compliance/hitrust_csf_v11.json +930 -0
  120. context/compliance/impact_level_profiles.json +251 -0
  121. context/compliance/incident_response_template.md +1110 -0
  122. context/compliance/iso27001_2022_controls.json +750 -0
  123. context/compliance/iso27001_nist_bridge.json +382 -0
  124. context/compliance/iso42001_controls.json +254 -0
  125. context/compliance/ivv_checklist_template.md +80 -0
  126. context/compliance/ivv_report_template.md +116 -0
  127. context/compliance/ivv_requirements.json +372 -0
  128. context/compliance/mosa_crosswalk.json +327 -0
  129. context/compliance/mosa_framework.json +250 -0
  130. context/compliance/narrative_templates/AC.md.j2 +101 -0
  131. context/compliance/narrative_templates/AU.md.j2 +106 -0
  132. context/compliance/narrative_templates/IA.md.j2 +104 -0
  133. context/compliance/narrative_templates/SC.md.j2 +102 -0
  134. context/compliance/narrative_templates/SI.md.j2 +111 -0
  135. context/compliance/narrative_templates/__init__.py +6 -0
  136. context/compliance/narrative_templates/default.md.j2 +50 -0
  137. context/compliance/narrative_templates/executive_summary.j2 +27 -0
  138. context/compliance/narrative_templates/poam_milestone.j2 +19 -0
  139. context/compliance/narrative_templates/ssp_section.j2 +11 -0
  140. context/compliance/nist_800_171_controls.json +1552 -0
  141. context/compliance/nist_800_207_crosswalk.json +399 -0
  142. context/compliance/nist_800_207_zta.json +258 -0
  143. context/compliance/nist_800_53.json +324 -0
  144. context/compliance/nist_ai_600_1_genai.json +326 -0
  145. context/compliance/nist_ai_rmf.json +206 -0
  146. context/compliance/nist_sp_800_60_types.json +1667 -0
  147. context/compliance/omb_m25_21_high_impact_ai.json +248 -0
  148. context/compliance/omb_m26_04_unbiased_ai.json +262 -0
  149. context/compliance/owasp_agentic_asi.json +133 -0
  150. context/compliance/owasp_agentic_threats.json +285 -0
  151. context/compliance/owasp_llm_top10.json +274 -0
  152. context/compliance/pci_dss_v4.json +510 -0
  153. context/compliance/poam_template.md +117 -0
  154. context/compliance/safeai_controls.json +512 -0
  155. context/compliance/sbd_report_template.md +77 -0
  156. context/compliance/siem_config_templates/__init__.py +6 -0
  157. context/compliance/siem_config_templates/filebeat.yml +213 -0
  158. context/compliance/siem_config_templates/log_sources.json +208 -0
  159. context/compliance/soc2_trust_criteria.json +661 -0
  160. context/compliance/ssp_template.md +432 -0
  161. context/compliance/stig_templates/__init__.py +6 -0
  162. context/compliance/stig_templates/webapp_stig.json +139 -0
  163. context/compliance/xai_requirements.json +108 -0
  164. context/dashboard/__init__.py +6 -0
  165. context/dashboard/nlq_examples.json +50 -0
  166. context/dashboard/schema_descriptions.json +23 -0
  167. context/icdev_methodology.md +100 -0
  168. context/integration/__init__.py +6 -0
  169. context/integration/approval_workflows.json +32 -0
  170. context/integration/gitlab_field_mappings.json +33 -0
  171. context/integration/jira_field_mappings.json +32 -0
  172. context/integration/reqif_export_schema.json +23 -0
  173. context/integration/servicenow_field_mappings.json +22 -0
  174. context/languages/__init__.py +6 -0
  175. context/languages/framework_patterns.json +205 -0
  176. context/languages/language_registry.json +279 -0
  177. context/llm/__init__.py +6 -0
  178. context/llm/example_provider.py +89 -0
  179. context/marketplace/assets/writeguard-core.yaml +100 -0
  180. context/marketplace/assets/writeguard-govcon.yaml +45 -0
  181. context/marketplace/assets/writeguard-style-guides.yaml +44 -0
  182. context/mbse/__init__.py +6 -0
  183. context/mbse/des_report_template.md +162 -0
  184. context/mbse/des_requirements.json +411 -0
  185. context/mbse/digital_thread_patterns.json +403 -0
  186. context/mbse/reqif_schema.json +280 -0
  187. context/mbse/sysml_element_types.json +432 -0
  188. context/oscal/NIST_SP-800-53_rev5_catalog.json +254987 -0
  189. context/oscal/README.md +43 -0
  190. context/patterns/__init__.py +6 -0
  191. context/profiles/__init__.py +6 -0
  192. context/profiles/dod_baseline_v1.yaml +145 -0
  193. context/profiles/fedramp_baseline_v1.yaml +143 -0
  194. context/profiles/financial_baseline_v1.yaml +142 -0
  195. context/profiles/healthcare_baseline_v1.yaml +135 -0
  196. context/profiles/law_enforcement_v1.yaml +129 -0
  197. context/profiles/startup_v1.yaml +134 -0
  198. context/rag/source_mappings.json +42 -0
  199. context/requirements/__init__.py +6 -0
  200. context/requirements/ambiguity_patterns.json +97 -0
  201. context/requirements/boundary_impact_rules.json +123 -0
  202. context/requirements/default_constitutions.json +67 -0
  203. context/requirements/document_extraction_rules.json +58 -0
  204. context/requirements/gap_patterns.json +108 -0
  205. context/requirements/readiness_rubric.json +78 -0
  206. context/requirements/red_alternative_patterns.json +210 -0
  207. context/requirements/safe_templates.json +72 -0
  208. context/requirements/spec_quality_checklist.json +122 -0
  209. context/research/regulatory_registry.json +114 -0
  210. context/research/verticals/cybersecurity.json +127 -0
  211. context/research/verticals/defense.json +104 -0
  212. context/research/verticals/fintech.json +125 -0
  213. context/research/verticals/healthcare.json +118 -0
  214. context/research/verticals/logistics.json +117 -0
  215. context/research/verticals/trading.json +145 -0
  216. context/simulation/__init__.py +6 -0
  217. context/simulation/architecture_patterns.json +36 -0
  218. context/simulation/coa_templates.json +38 -0
  219. context/simulation/cost_models.json +23 -0
  220. context/simulation/risk_categories.json +46 -0
  221. context/supply_chain/__init__.py +6 -0
  222. context/supply_chain/isa_templates.json +129 -0
  223. context/supply_chain/nist_800_161_controls.json +247 -0
  224. context/supply_chain/scrm_risk_matrix.json +147 -0
  225. context/templates/__init__.py +6 -0
  226. context/templates/ansible/__init__.py +6 -0
  227. context/templates/ansible/playbooks/__init__.py +6 -0
  228. context/templates/ansible/roles/__init__.py +6 -0
  229. context/templates/gitlab_ci/__init__.py +6 -0
  230. context/templates/grafana/__init__.py +6 -0
  231. context/templates/kubernetes/__init__.py +6 -0
  232. context/templates/project/__init__.py +6 -0
  233. context/templates/project/api/__init__.py +6 -0
  234. context/templates/project/cli/__init__.py +6 -0
  235. context/templates/project/data_pipeline/__init__.py +6 -0
  236. context/templates/project/iac/__init__.py +6 -0
  237. context/templates/project/javascript_frontend/__init__.py +6 -0
  238. context/templates/project/javascript_frontend/src/__init__.py +6 -0
  239. context/templates/project/javascript_frontend/tests/__init__.py +6 -0
  240. context/templates/project/microservice/__init__.py +6 -0
  241. context/templates/project/python_backend/__init__.py +6 -0
  242. context/templates/project/python_backend/src/__init__.py +6 -0
  243. context/templates/project/python_backend/tests/__init__.py +6 -0
  244. context/templates/project/python_backend/tests/features/__init__.py +6 -0
  245. context/templates/project/python_backend/tests/steps/__init__.py +6 -0
  246. context/templates/terraform/__init__.py +6 -0
  247. context/templates/terraform/govcloud_base/__init__.py +6 -0
  248. context/templates/terraform/modules/__init__.py +6 -0
  249. context/tone/__init__.py +6 -0
  250. context/writing/grammar_rules/common_errors.json +306 -0
  251. context/writing/grammar_rules/govcon_vocabulary.json +113 -0
  252. context/writing/style_guides/academic.yaml +43 -0
  253. context/writing/style_guides/business.yaml +42 -0
  254. context/writing/style_guides/government.yaml +59 -0
  255. context/writing/style_guides/proposal.yaml +58 -0
  256. context/writing/style_guides/technical.yaml +43 -0
  257. docs/adr/README.md +66 -0
  258. docs/adr/connector-forge-decisions.md +318 -0
  259. docs/adr/core-decisions.md +289 -0
  260. docs/adr/db-decisions.md +94 -0
  261. docs/adr/harness-decisions.md +122 -0
  262. docs/adr/innovation-decisions.md +262 -0
  263. docs/adr/marketplace-decisions.md +109 -0
  264. docs/adr/sbd-decisions.md +109 -0
  265. docs/adr/scale-engine-decisions.md +108 -0
  266. docs/adr/writeguard-decisions.md +136 -0
  267. docs/architecture/bounded-contexts.md +1032 -0
  268. docs/features/phase-65-writeguard.md +139 -0
  269. docs/features/phase-66-marketplace-commerce.md +79 -0
  270. docs/features/phase-67-knowledge-ingestion-rag-autodraft.md +97 -0
  271. docs/features/phase-68-enhanced-autodraft-pipeline.md +109 -0
  272. docs/features/phase-69-proposalai-marketplace-module.md +131 -0
  273. docs/features/phase-70-databridge.md +214 -0
  274. docs/features/phase-71-databridge-messaging.md +102 -0
  275. docs/implementation-plan-architecture-evolution.md +614 -0
  276. docs/marketplace/CONTRIBUTING.md +124 -0
  277. docs/marketplace/module_manifest_schema.yaml +83 -0
  278. docs/research/ai-architecture-patterns-2024-2026.md +1236 -0
  279. docs/research/app-builder-platform-analysis.md +582 -0
  280. docs/research/architecture-patterns-c4-ddd-agentic.md +871 -0
  281. docs/research/flowable-boat-competitive-analysis.md +426 -0
  282. docs/research/modern-dev-practices-2024-2026.md +1615 -0
  283. docs/research/secure-by-design-cloudyrion-adaptation.md +270 -0
  284. goals/agent_management.md +144 -0
  285. goals/ai_accountability.md +90 -0
  286. goals/ai_narratives.md +79 -0
  287. goals/ai_transparency.md +76 -0
  288. goals/ato_simulator.md +78 -0
  289. goals/audit_engine.md +177 -0
  290. goals/bite_sized_plans.md +225 -0
  291. goals/boundary_supply_chain.md +206 -0
  292. goals/brainstorming_gate.md +186 -0
  293. goals/build_app.md +604 -0
  294. goals/cato_live_evidence.md +77 -0
  295. goals/cloudforge.md +106 -0
  296. goals/code_intelligence.md +197 -0
  297. goals/compliance_workflow.md +858 -0
  298. goals/connector_forge.md +133 -0
  299. goals/databridge.md +128 -0
  300. goals/deploy_workflow.md +390 -0
  301. goals/developer_scorecard.md +78 -0
  302. goals/devsecops_workflow.md +408 -0
  303. goals/firmware_sbom.md +79 -0
  304. goals/forge_hub.md +78 -0
  305. goals/golden_path.md +77 -0
  306. goals/harness_engineering.md +91 -0
  307. goals/integration_testing.md +189 -0
  308. goals/knowledge_graph.md +128 -0
  309. goals/maintenance_audit.md +196 -0
  310. goals/manifest.md +50 -0
  311. goals/monitoring.md +126 -0
  312. goals/mosa_workflow.md +463 -0
  313. goals/multi_agent_orchestration.md +68 -0
  314. goals/observability_traceability_xai.md +154 -0
  315. goals/owasp_agentic_security.md +395 -0
  316. goals/pr_intelligence.md +78 -0
  317. goals/requirements_intake.md +213 -0
  318. goals/secure_by_design.md +135 -0
  319. goals/security_scan.md +381 -0
  320. goals/self_healing.md +120 -0
  321. goals/simulation_engine.md +111 -0
  322. goals/subagent_review.md +205 -0
  323. goals/systematic_debugging.md +257 -0
  324. goals/tdd_workflow.md +403 -0
  325. goals/template_exchange.md +77 -0
  326. goals/thread_heatmap.md +77 -0
  327. goals/threat_modeler.md +77 -0
  328. goals/verification_iron_law.md +192 -0
  329. goals/vsm_dashboard.md +76 -0
  330. goals/writeguard.md +89 -0
  331. goals/zero_trust_architecture.md +403 -0
  332. hardprompts/__init__.py +6 -0
  333. hardprompts/agent/__init__.py +6 -0
  334. hardprompts/agent/agentic_architect.md +100 -0
  335. hardprompts/agent/debate_prompt.md +32 -0
  336. hardprompts/agent/fitness_evaluation.md +48 -0
  337. hardprompts/agent/governance_review.md +214 -0
  338. hardprompts/agent/reviewer_prompt.md +34 -0
  339. hardprompts/agent/skill_design.md +172 -0
  340. hardprompts/agent/task_decomposition.md +275 -0
  341. hardprompts/agent/veto_check_prompt.md +33 -0
  342. hardprompts/architect/__init__.py +6 -0
  343. hardprompts/architect/api_design.md +283 -0
  344. hardprompts/architect/data_model.md +277 -0
  345. hardprompts/architect/system_design.md +180 -0
  346. hardprompts/builder/__init__.py +6 -0
  347. hardprompts/builder/code_generation.md +59 -0
  348. hardprompts/builder/refactor.md +58 -0
  349. hardprompts/builder/scaffold_project.md +69 -0
  350. hardprompts/builder/test_generation.md +87 -0
  351. hardprompts/ci/__init__.py +6 -0
  352. hardprompts/ci/worktree_setup.md +35 -0
  353. hardprompts/compliance/__init__.py +6 -0
  354. hardprompts/compliance/cmmc_assessment.md +63 -0
  355. hardprompts/compliance/cssp_assessment.md +75 -0
  356. hardprompts/compliance/cui_marking.md +86 -0
  357. hardprompts/compliance/fedramp_assessment.md +55 -0
  358. hardprompts/compliance/ivv_assessment.md +96 -0
  359. hardprompts/compliance/poam_generation.md +57 -0
  360. hardprompts/compliance/sbd_assessment.md +101 -0
  361. hardprompts/compliance/security_categorization.md +74 -0
  362. hardprompts/compliance/ssp_generation.md +56 -0
  363. hardprompts/compliance/stig_evaluation.md +63 -0
  364. hardprompts/dashboard/__init__.py +6 -0
  365. hardprompts/dashboard/nlq_system_prompt.md +26 -0
  366. hardprompts/infra/__init__.py +6 -0
  367. hardprompts/infra/k8s_manifests.md +118 -0
  368. hardprompts/infra/pipeline_generation.md +160 -0
  369. hardprompts/infra/terraform_generation.md +92 -0
  370. hardprompts/integration/__init__.py +6 -0
  371. hardprompts/integration/approval_review.md +17 -0
  372. hardprompts/integration/jira_mapping.md +25 -0
  373. hardprompts/integration/servicenow_mapping.md +14 -0
  374. hardprompts/knowledge/__init__.py +6 -0
  375. hardprompts/knowledge/pattern_detection.md +73 -0
  376. hardprompts/knowledge/recommendation_engine.md +90 -0
  377. hardprompts/knowledge/root_cause_analysis.md +91 -0
  378. hardprompts/maintenance/__init__.py +6 -0
  379. hardprompts/maintenance/maintenance_assessment.md +82 -0
  380. hardprompts/mbse/__init__.py +6 -0
  381. hardprompts/mbse/digital_thread.md +67 -0
  382. hardprompts/mbse/model_import.md +62 -0
  383. hardprompts/mbse/model_to_code.md +65 -0
  384. hardprompts/modernization/__init__.py +6 -0
  385. hardprompts/modernization/legacy_analysis.md +93 -0
  386. hardprompts/modernization/migration_planning.md +150 -0
  387. hardprompts/modernization/seven_r_assessment.md +107 -0
  388. hardprompts/proposal_draft.md +53 -0
  389. hardprompts/rag_citation.md +12 -0
  390. hardprompts/rag_rerank.md +31 -0
  391. hardprompts/requirements/__init__.py +6 -0
  392. hardprompts/requirements/bdd_generation.md +35 -0
  393. hardprompts/requirements/clarification_prioritization.md +29 -0
  394. hardprompts/requirements/decomposition.md +60 -0
  395. hardprompts/requirements/document_extraction.md +45 -0
  396. hardprompts/requirements/gap_detection.md +70 -0
  397. hardprompts/requirements/intake_conversation.md +101 -0
  398. hardprompts/requirements/readiness_assessment.md +39 -0
  399. hardprompts/requirements/spec_quality.md +33 -0
  400. hardprompts/requirements/traceability_analysis.md +23 -0
  401. hardprompts/security/__init__.py +6 -0
  402. hardprompts/security/endpoint_security.md +78 -0
  403. hardprompts/security/threat_model.md +70 -0
  404. hardprompts/security/vulnerability_assessment.md +81 -0
  405. hardprompts/simulation/__init__.py +6 -0
  406. hardprompts/simulation/architecture_impact.md +27 -0
  407. hardprompts/simulation/coa_alternative.md +27 -0
  408. hardprompts/simulation/coa_generation.md +25 -0
  409. hardprompts/simulation/compliance_impact.md +28 -0
  410. hardprompts/simulation/cost_estimation.md +33 -0
  411. hardprompts/simulation/risk_assessment.md +28 -0
  412. hardprompts/translation/code_translation.md +68 -0
  413. hardprompts/translation/dependency_suggestion.md +44 -0
  414. hardprompts/translation/test_translation.md +64 -0
  415. hardprompts/translation/translation_repair.md +59 -0
  416. icdev-0.0.3.dist-info/METADATA +909 -0
  417. icdev-0.0.3.dist-info/RECORD +1214 -0
  418. icdev-0.0.3.dist-info/WHEEL +5 -0
  419. icdev-0.0.3.dist-info/entry_points.txt +9 -0
  420. icdev-0.0.3.dist-info/licenses/LICENSE +201 -0
  421. icdev-0.0.3.dist-info/licenses/NOTICE +11 -0
  422. icdev-0.0.3.dist-info/top_level.txt +7 -0
  423. memory/MEMORY.md +52 -0
  424. memory/logs/2026-02-14.md +17 -0
  425. memory/logs/2026-03-03.md +2 -0
  426. memory/logs/__init__.py +1 -0
  427. tools/a2a/icdev_callback_client.py +210 -0
  428. tools/agent/cards/architect_card.json +29 -0
  429. tools/agent/cards/builder_card.json +34 -0
  430. tools/agent/cards/compliance_card.json +29 -0
  431. tools/agent/cards/connector_forge_card.json +49 -0
  432. tools/agent/cards/devsecops_zta_card.json +24 -0
  433. tools/agent/cards/knowledge_card.json +29 -0
  434. tools/agent/cards/monitor_card.json +29 -0
  435. tools/agent/cards/orchestrator_card.json +29 -0
  436. tools/agent/cards/requirements_analyst_card.json +24 -0
  437. tools/agent/cards/security_card.json +29 -0
  438. tools/agent/cards/simulation_card.json +24 -0
  439. tools/agent/cards/supply_chain_card.json +24 -0
  440. tools/analysis/__init__.py +1 -0
  441. tools/analysis/code_analyzer.py +770 -0
  442. tools/analysis/runtime_feedback.py +379 -0
  443. tools/analytics/__init__.py +2 -0
  444. tools/analytics/scorecard.py +538 -0
  445. tools/analytics/vsm_engine.py +612 -0
  446. tools/architecture/__init__.py +2 -0
  447. tools/architecture/adr_extractor.py +393 -0
  448. tools/audit/__init__.py +1 -0
  449. tools/audit/audit_logger.py +199 -0
  450. tools/audit/audit_query.py +153 -0
  451. tools/audit/decision_recorder.py +73 -0
  452. tools/audit_engine/__init__.py +12 -0
  453. tools/audit_engine/ai_advisor.py +906 -0
  454. tools/audit_engine/cli.py +286 -0
  455. tools/audit_engine/comparator.py +305 -0
  456. tools/audit_engine/eject_scaffolder.py +399 -0
  457. tools/audit_engine/engine.py +614 -0
  458. tools/audit_engine/git_fetcher.py +341 -0
  459. tools/audit_engine/regime_loader.py +200 -0
  460. tools/audit_engine/regime_updater.py +325 -0
  461. tools/audit_engine/report_card.py +289 -0
  462. tools/audit_engine/scanner.py +684 -0
  463. tools/audit_engine/self_heal.py +1042 -0
  464. tools/ci/__init__.py +2 -0
  465. tools/ci/connectors/__init__.py +2 -0
  466. tools/ci/connectors/base_connector.py +80 -0
  467. tools/ci/connectors/connector_registry.py +188 -0
  468. tools/ci/connectors/mattermost_connector.py +159 -0
  469. tools/ci/connectors/slack_connector.py +197 -0
  470. tools/ci/core/__init__.py +2 -0
  471. tools/ci/core/air_gap_detector.py +115 -0
  472. tools/ci/core/comment_handler.py +192 -0
  473. tools/ci/core/conversation_manager.py +480 -0
  474. tools/ci/core/event_envelope.py +500 -0
  475. tools/ci/core/event_router.py +444 -0
  476. tools/ci/core/failure_parser.py +397 -0
  477. tools/ci/core/recovery_engine.py +527 -0
  478. tools/ci/gate_enforcer.py +361 -0
  479. tools/ci/modules/__init__.py +2 -0
  480. tools/ci/modules/agent.py +271 -0
  481. tools/ci/modules/git_ops.py +175 -0
  482. tools/ci/modules/state.py +117 -0
  483. tools/ci/modules/vcs.py +303 -0
  484. tools/ci/modules/workflow_ops.py +295 -0
  485. tools/ci/modules/worktree.py +337 -0
  486. tools/ci/pipeline_config_generator.py +558 -0
  487. tools/ci/pr_intelligence.py +485 -0
  488. tools/ci/triggers/__init__.py +2 -0
  489. tools/ci/triggers/gitlab_task_monitor.py +327 -0
  490. tools/ci/triggers/poll_trigger.py +237 -0
  491. tools/ci/triggers/webhook_server.py +356 -0
  492. tools/ci/workflows/__init__.py +2 -0
  493. tools/ci/workflows/icdev_build.py +140 -0
  494. tools/ci/workflows/icdev_comply.py +284 -0
  495. tools/ci/workflows/icdev_document.py +152 -0
  496. tools/ci/workflows/icdev_e2e.py +188 -0
  497. tools/ci/workflows/icdev_patch.py +186 -0
  498. tools/ci/workflows/icdev_plan.py +202 -0
  499. tools/ci/workflows/icdev_plan_build.py +41 -0
  500. tools/ci/workflows/icdev_plan_build_test.py +46 -0
  501. tools/ci/workflows/icdev_plan_build_test_review.py +47 -0
  502. tools/ci/workflows/icdev_review.py +126 -0
  503. tools/ci/workflows/icdev_sdlc.py +261 -0
  504. tools/ci/workflows/icdev_test.py +240 -0
  505. tools/cli/__init__.py +1 -0
  506. tools/cli/output_formatter.py +756 -0
  507. tools/cloudforge/__init__.py +12 -0
  508. tools/cloudforge/airgap/__init__.py +2 -0
  509. tools/cloudforge/airgap/il_classifier.py +70 -0
  510. tools/cloudforge/airgap/offline_validator.py +42 -0
  511. tools/cloudforge/airgap/shift_emulator.py +155 -0
  512. tools/cloudforge/airgap/sneakernet.py +91 -0
  513. tools/cloudforge/cd_hub/__init__.py +2 -0
  514. tools/cloudforge/cd_hub/canary_deployer.py +88 -0
  515. tools/cloudforge/cd_hub/gitops_renderer.py +123 -0
  516. tools/cloudforge/cd_hub/hub_controller.py +143 -0
  517. tools/cloudforge/cd_hub/pipeline_bridge.py +30 -0
  518. tools/cloudforge/cd_hub/rollback_engine.py +29 -0
  519. tools/cloudforge/cd_hub/spoke_agent.py +51 -0
  520. tools/cloudforge/compliance/__init__.py +2 -0
  521. tools/cloudforge/compliance/ato_accelerator.py +272 -0
  522. tools/cloudforge/compliance/control_inheritor.py +127 -0
  523. tools/cloudforge/compliance/evidence_generator.py +129 -0
  524. tools/cloudforge/compliance/poam_bridge.py +41 -0
  525. tools/cloudforge/compliance/ssp_bridge.py +52 -0
  526. tools/cloudforge/compliance/stig_bridge.py +41 -0
  527. tools/cloudforge/container_forge/__init__.py +2 -0
  528. tools/cloudforge/container_forge/bigbang_renderer.py +85 -0
  529. tools/cloudforge/container_forge/hardener.py +169 -0
  530. tools/cloudforge/container_forge/image_scanner_bridge.py +33 -0
  531. tools/cloudforge/container_forge/runtime_policy.py +87 -0
  532. tools/cloudforge/container_forge/sbom_bridge.py +42 -0
  533. tools/cloudforge/finops/__init__.py +2 -0
  534. tools/cloudforge/finops/anomaly_detector.py +78 -0
  535. tools/cloudforge/finops/budget_tracker.py +96 -0
  536. tools/cloudforge/finops/chargeback.py +69 -0
  537. tools/cloudforge/finops/cost_collector.py +141 -0
  538. tools/cloudforge/finops/optimizer.py +55 -0
  539. tools/cloudforge/hybrid/__init__.py +2 -0
  540. tools/cloudforge/hybrid/connection_manager.py +141 -0
  541. tools/cloudforge/hybrid/dns_federator.py +56 -0
  542. tools/cloudforge/hybrid/health_monitor.py +108 -0
  543. tools/cloudforge/hybrid/identity_federator.py +53 -0
  544. tools/cloudforge/hybrid/network_bridge.py +68 -0
  545. tools/cloudforge/hybrid/topology_manager.py +147 -0
  546. tools/cloudforge/hybrid/workload_abstractor.py +92 -0
  547. tools/cloudforge/iac/__init__.py +2 -0
  548. tools/cloudforge/iac/drift_detector.py +154 -0
  549. tools/cloudforge/iac/module_library.py +265 -0
  550. tools/cloudforge/iac/opentofu_adapter.py +89 -0
  551. tools/cloudforge/iac/pulumi_renderer.py +292 -0
  552. tools/cloudforge/iac/state_backend.py +146 -0
  553. tools/cloudforge/iac/terraform_renderer.py +626 -0
  554. tools/cloudforge/landing_zone/__init__.py +2 -0
  555. tools/cloudforge/landing_zone/blueprint_loader.py +98 -0
  556. tools/cloudforge/landing_zone/blueprint_validator.py +113 -0
  557. tools/cloudforge/landing_zone/zone_provisioner.py +306 -0
  558. tools/cloudforge/landing_zone/zone_state.py +143 -0
  559. tools/cloudforge/mbse_thread/__init__.py +2 -0
  560. tools/cloudforge/mbse_thread/ato_thread_weaver.py +111 -0
  561. tools/cloudforge/mbse_thread/control_tracer.py +68 -0
  562. tools/cloudforge/mbse_thread/system_boundary.py +83 -0
  563. tools/cloudforge/metastore/__init__.py +2 -0
  564. tools/cloudforge/metastore/dependency_graph.py +202 -0
  565. tools/cloudforge/metastore/discovery.py +192 -0
  566. tools/cloudforge/metastore/registry.py +185 -0
  567. tools/cloudforge/metastore/rto_tracker.py +92 -0
  568. tools/cloudforge/metastore/runbook_linker.py +82 -0
  569. tools/cloudforge/migration/__init__.py +2 -0
  570. tools/cloudforge/migration/assessor.py +187 -0
  571. tools/cloudforge/migration/cutover_orchestrator.py +117 -0
  572. tools/cloudforge/migration/databridge_bridge.py +92 -0
  573. tools/cloudforge/migration/planner.py +98 -0
  574. tools/cloudforge/migration/risk_scorer.py +97 -0
  575. tools/cloudforge/migration/validation_runner.py +45 -0
  576. tools/cloudforge/migration/workload_inventory.py +107 -0
  577. tools/cloudforge/provider.py +319 -0
  578. tools/cloudforge/providers/__init__.py +2 -0
  579. tools/cloudforge/providers/aws_commercial.py +92 -0
  580. tools/cloudforge/providers/aws_govcloud.py +229 -0
  581. tools/cloudforge/providers/aws_secret.py +83 -0
  582. tools/cloudforge/providers/azure_commercial.py +80 -0
  583. tools/cloudforge/providers/azure_gov.py +91 -0
  584. tools/cloudforge/providers/azure_secret.py +71 -0
  585. tools/cloudforge/providers/gcp.py +102 -0
  586. tools/cloudforge/providers/oci.py +102 -0
  587. tools/cloudforge/registry.py +140 -0
  588. tools/cloudforge/runbooks/__init__.py +2 -0
  589. tools/cloudforge/runbooks/ai_generator.py +119 -0
  590. tools/cloudforge/runbooks/dag_validator.py +219 -0
  591. tools/cloudforge/runbooks/engine.py +470 -0
  592. tools/cloudforge/runbooks/models.py +99 -0
  593. tools/cloudforge/runbooks/snippet_library.py +158 -0
  594. tools/cloudforge/runbooks/template_loader.py +122 -0
  595. tools/cloudforge/runbooks/visualization.py +108 -0
  596. tools/cloudforge/siem/__init__.py +2 -0
  597. tools/cloudforge/siem/alert_rules.py +86 -0
  598. tools/cloudforge/siem/correlation_engine.py +61 -0
  599. tools/cloudforge/siem/log_aggregator.py +113 -0
  600. tools/cloudforge/siem/siem_dashboard_data.py +28 -0
  601. tools/cloudforge/supply_chain/__init__.py +2 -0
  602. tools/cloudforge/supply_chain/bridge.py +33 -0
  603. tools/cloudforge/supply_chain/iac_dependency_scanner.py +36 -0
  604. tools/cloudforge/supply_chain/provider_trust_scorer.py +54 -0
  605. tools/compat/__init__.py +21 -0
  606. tools/compat/cli_harmonizer.py +251 -0
  607. tools/compat/datetime_utils.py +18 -0
  608. tools/compat/db_utils.py +190 -0
  609. tools/compat/platform_utils.py +123 -0
  610. tools/compliance/__init__.py +1 -0
  611. tools/compliance/accountability_manager.py +391 -0
  612. tools/compliance/ai_accountability_audit.py +287 -0
  613. tools/compliance/ai_impact_assessor.py +267 -0
  614. tools/compliance/ai_incident_response.py +295 -0
  615. tools/compliance/ai_inventory_manager.py +233 -0
  616. tools/compliance/ai_reassessment_scheduler.py +250 -0
  617. tools/compliance/ai_transparency_audit.py +247 -0
  618. tools/compliance/atlas_assessor.py +276 -0
  619. tools/compliance/atlas_report_generator.py +1199 -0
  620. tools/compliance/base_assessor.py +591 -0
  621. tools/compliance/cato_live_engine.py +607 -0
  622. tools/compliance/cato_monitor.py +1371 -0
  623. tools/compliance/cato_scheduler.py +698 -0
  624. tools/compliance/cjis_assessor.py +76 -0
  625. tools/compliance/classification_manager.py +1340 -0
  626. tools/compliance/cmmc_assessor.py +1478 -0
  627. tools/compliance/cmmc_report_generator.py +1087 -0
  628. tools/compliance/compliance_detector.py +452 -0
  629. tools/compliance/compliance_exporter.py +418 -0
  630. tools/compliance/compliance_status.py +810 -0
  631. tools/compliance/control_mapper.py +488 -0
  632. tools/compliance/crosswalk_engine.py +1208 -0
  633. tools/compliance/cssp_assessor.py +1032 -0
  634. tools/compliance/cssp_evidence_collector.py +716 -0
  635. tools/compliance/cssp_report_generator.py +1103 -0
  636. tools/compliance/cui_marker.py +387 -0
  637. tools/compliance/diagram_validator.py +599 -0
  638. tools/compliance/emass/__init__.py +2 -0
  639. tools/compliance/emass/emass_client.py +822 -0
  640. tools/compliance/emass/emass_export.py +758 -0
  641. tools/compliance/emass/emass_sync.py +807 -0
  642. tools/compliance/eu_ai_act_classifier.py +193 -0
  643. tools/compliance/evidence_collector.py +459 -0
  644. tools/compliance/fairness_assessor.py +310 -0
  645. tools/compliance/fedramp_20x_ksi_emitter.py +692 -0
  646. tools/compliance/fedramp_assessor.py +1795 -0
  647. tools/compliance/fedramp_authorization_packager.py +137 -0
  648. tools/compliance/fedramp_ksi_generator.py +349 -0
  649. tools/compliance/fedramp_report_generator.py +1115 -0
  650. tools/compliance/fips199_categorizer.py +869 -0
  651. tools/compliance/fips200_validator.py +304 -0
  652. tools/compliance/firmware_sbom.py +646 -0
  653. tools/compliance/gao_ai_assessor.py +228 -0
  654. tools/compliance/gao_evidence_builder.py +302 -0
  655. tools/compliance/hipaa_assessor.py +78 -0
  656. tools/compliance/hitrust_assessor.py +49 -0
  657. tools/compliance/incident_response_plan.py +705 -0
  658. tools/compliance/inheritance_engine.py +693 -0
  659. tools/compliance/iso27001_assessor.py +92 -0
  660. tools/compliance/iso42001_assessor.py +114 -0
  661. tools/compliance/ivv_assessor.py +2314 -0
  662. tools/compliance/ivv_report_generator.py +1649 -0
  663. tools/compliance/model_card_generator.py +291 -0
  664. tools/compliance/mosa_assessor.py +117 -0
  665. tools/compliance/multi_regime_assessor.py +441 -0
  666. tools/compliance/narrative_generator.py +1012 -0
  667. tools/compliance/narrative_quality_gate.py +701 -0
  668. tools/compliance/narrative_workflow.py +814 -0
  669. tools/compliance/nist_800_207_assessor.py +191 -0
  670. tools/compliance/nist_ai_600_1_assessor.py +185 -0
  671. tools/compliance/nist_ai_rmf_assessor.py +110 -0
  672. tools/compliance/nist_lookup.py +244 -0
  673. tools/compliance/omb_m25_21_assessor.py +225 -0
  674. tools/compliance/omb_m26_04_assessor.py +185 -0
  675. tools/compliance/oscal_catalog_adapter.py +395 -0
  676. tools/compliance/oscal_generator.py +2157 -0
  677. tools/compliance/oscal_tools.py +1182 -0
  678. tools/compliance/oscal_validator.py +692 -0
  679. tools/compliance/owasp_agentic_assessor.py +227 -0
  680. tools/compliance/owasp_asi_assessor.py +197 -0
  681. tools/compliance/owasp_llm_assessor.py +245 -0
  682. tools/compliance/pci_dss_assessor.py +80 -0
  683. tools/compliance/pi_compliance_tracker.py +1447 -0
  684. tools/compliance/poam_generator.py +388 -0
  685. tools/compliance/resolve_marking.py +272 -0
  686. tools/compliance/sbd_assessor.py +2070 -0
  687. tools/compliance/sbd_report_generator.py +1223 -0
  688. tools/compliance/sbom_generator.py +993 -0
  689. tools/compliance/siem_config_generator.py +661 -0
  690. tools/compliance/slsa_attestation_generator.py +479 -0
  691. tools/compliance/soc2_assessor.py +77 -0
  692. tools/compliance/ssp_generator.py +556 -0
  693. tools/compliance/stig_checker.py +712 -0
  694. tools/compliance/swft_evidence_bundler.py +326 -0
  695. tools/compliance/system_card_generator.py +303 -0
  696. tools/compliance/template_exchange.py +513 -0
  697. tools/compliance/traceability_matrix.py +1268 -0
  698. tools/compliance/universal_classification_manager.py +1159 -0
  699. tools/compliance/xacta/__init__.py +2 -0
  700. tools/compliance/xacta/xacta_client.py +438 -0
  701. tools/compliance/xacta/xacta_export.py +546 -0
  702. tools/compliance/xacta/xacta_sync.py +322 -0
  703. tools/compliance/xai_assessor.py +231 -0
  704. tools/core/__init__.py +2 -0
  705. tools/core/circuit_breaker.py +353 -0
  706. tools/core/compliance_sidecar.py +344 -0
  707. tools/core/container.py +110 -0
  708. tools/core/errors.py +256 -0
  709. tools/core/feature_flags.py +311 -0
  710. tools/core/task_dlq.py +350 -0
  711. tools/dashboard/__init__.py +2 -0
  712. tools/dashboard/app.py +6288 -0
  713. tools/dashboard/templates/agent_evolution.html +287 -0
  714. tools/dashboard/templates/agents/list.html +71 -0
  715. tools/dashboard/templates/agents.html +132 -0
  716. tools/dashboard/templates/architecture.html +289 -0
  717. tools/dashboard/templates/ato_simulator.html +170 -0
  718. tools/dashboard/templates/audit_engine.html +844 -0
  719. tools/dashboard/templates/base.html +236 -0
  720. tools/dashboard/templates/cato_live.html +116 -0
  721. tools/dashboard/templates/cloudforge.html +195 -0
  722. tools/dashboard/templates/cloudforge_finops.html +111 -0
  723. tools/dashboard/templates/cloudforge_hybrid.html +122 -0
  724. tools/dashboard/templates/cloudforge_metastore.html +234 -0
  725. tools/dashboard/templates/cloudforge_migration.html +87 -0
  726. tools/dashboard/templates/cloudforge_runbooks.html +201 -0
  727. tools/dashboard/templates/cloudforge_siem.html +94 -0
  728. tools/dashboard/templates/compliance_accel.html +292 -0
  729. tools/dashboard/templates/crashes.html +122 -0
  730. tools/dashboard/templates/databridge.html +305 -0
  731. tools/dashboard/templates/databridge_analytics.html +195 -0
  732. tools/dashboard/templates/databridge_mapping.html +345 -0
  733. tools/dashboard/templates/databridge_messaging.html +321 -0
  734. tools/dashboard/templates/decisions.html +258 -0
  735. tools/dashboard/templates/devices.html +151 -0
  736. tools/dashboard/templates/devsecops_maturity.html +278 -0
  737. tools/dashboard/templates/edge_ai.html +128 -0
  738. tools/dashboard/templates/firmware.html +120 -0
  739. tools/dashboard/templates/firmware_sbom.html +193 -0
  740. tools/dashboard/templates/forge_hub.html +196 -0
  741. tools/dashboard/templates/forge_studio.html +379 -0
  742. tools/dashboard/templates/forge_studio_analytics.html +360 -0
  743. tools/dashboard/templates/forge_studio_builder.html +1637 -0
  744. tools/dashboard/templates/forge_studio_compliance.html +310 -0
  745. tools/dashboard/templates/forge_studio_deploy.html +573 -0
  746. tools/dashboard/templates/forge_studio_enterprise.html +888 -0
  747. tools/dashboard/templates/forge_studio_marketplace.html +502 -0
  748. tools/dashboard/templates/forge_studio_workflow.html +696 -0
  749. tools/dashboard/templates/golden_path.html +175 -0
  750. tools/dashboard/templates/govcon.html +280 -0
  751. tools/dashboard/templates/harness.html +148 -0
  752. tools/dashboard/templates/index.html +207 -0
  753. tools/dashboard/templates/intelligence.html +336 -0
  754. tools/dashboard/templates/knowledge/index.html +190 -0
  755. tools/dashboard/templates/knowledge_graph.html +739 -0
  756. tools/dashboard/templates/login.html +51 -0
  757. tools/dashboard/templates/marketplace.html +336 -0
  758. tools/dashboard/templates/marketplace_admin.html +247 -0
  759. tools/dashboard/templates/missions.html +403 -0
  760. tools/dashboard/templates/narratives.html +154 -0
  761. tools/dashboard/templates/pr_intelligence.html +151 -0
  762. tools/dashboard/templates/proposals/detail.html +300 -0
  763. tools/dashboard/templates/proposals/list.html +52 -0
  764. tools/dashboard/templates/proposals/sam_detail.html +132 -0
  765. tools/dashboard/templates/proposals/section_detail.html +375 -0
  766. tools/dashboard/templates/research.html +222 -0
  767. tools/dashboard/templates/resilience.html +300 -0
  768. tools/dashboard/templates/scorecard.html +162 -0
  769. tools/dashboard/templates/simulator.html +131 -0
  770. tools/dashboard/templates/template_exchange.html +147 -0
  771. tools/dashboard/templates/thread_heatmap.html +151 -0
  772. tools/dashboard/templates/threat_model.html +195 -0
  773. tools/dashboard/templates/vsm.html +141 -0
  774. tools/dashboard/templates/writeguard.html +277 -0
  775. tools/databridge/__init__.py +5 -0
  776. tools/databridge/agent/__init__.py +2 -0
  777. tools/databridge/agent/daemon.py +227 -0
  778. tools/databridge/agent/tunnel.py +101 -0
  779. tools/databridge/agent/ws_relay.py +91 -0
  780. tools/databridge/analytics.py +167 -0
  781. tools/databridge/arrow_pipeline.py +327 -0
  782. tools/databridge/connection_manager.py +424 -0
  783. tools/databridge/connector.py +331 -0
  784. tools/databridge/connectors/__init__.py +2 -0
  785. tools/databridge/connectors/argocd_connector.py +160 -0
  786. tools/databridge/connectors/avro_connector.py +203 -0
  787. tools/databridge/connectors/azure_blob.py +63 -0
  788. tools/databridge/connectors/cdc_connector.py +205 -0
  789. tools/databridge/connectors/csv_connector.py +172 -0
  790. tools/databridge/connectors/datadog_connector.py +153 -0
  791. tools/databridge/connectors/discord_messaging.py +215 -0
  792. tools/databridge/connectors/dynamics365.py +151 -0
  793. tools/databridge/connectors/elasticsearch_connector.py +145 -0
  794. tools/databridge/connectors/email_base.py +114 -0
  795. tools/databridge/connectors/excel_connector.py +175 -0
  796. tools/databridge/connectors/fsspec_base.py +300 -0
  797. tools/databridge/connectors/gcs.py +53 -0
  798. tools/databridge/connectors/github_connector.py +138 -0
  799. tools/databridge/connectors/gitlab_connector.py +132 -0
  800. tools/databridge/connectors/gmail_connector.py +182 -0
  801. tools/databridge/connectors/hdfs.py +57 -0
  802. tools/databridge/connectors/health_base.py +401 -0
  803. tools/databridge/connectors/hubspot.py +124 -0
  804. tools/databridge/connectors/imap_connector.py +171 -0
  805. tools/databridge/connectors/jenkins_connector.py +138 -0
  806. tools/databridge/connectors/jira_connector.py +86 -0
  807. tools/databridge/connectors/json_connector.py +184 -0
  808. tools/databridge/connectors/kafka_connector.py +246 -0
  809. tools/databridge/connectors/kinesis_connector.py +238 -0
  810. tools/databridge/connectors/local_fs.py +30 -0
  811. tools/databridge/connectors/matrix.py +197 -0
  812. tools/databridge/connectors/mattermost_messaging.py +184 -0
  813. tools/databridge/connectors/messaging_base.py +172 -0
  814. tools/databridge/connectors/mssql.py +63 -0
  815. tools/databridge/connectors/mysql.py +57 -0
  816. tools/databridge/connectors/netsuite.py +170 -0
  817. tools/databridge/connectors/o365_mail.py +196 -0
  818. tools/databridge/connectors/oracle.py +65 -0
  819. tools/databridge/connectors/pagerduty_connector.py +162 -0
  820. tools/databridge/connectors/parquet_connector.py +131 -0
  821. tools/databridge/connectors/postgresql.py +58 -0
  822. tools/databridge/connectors/s3.py +65 -0
  823. tools/databridge/connectors/saas_base.py +198 -0
  824. tools/databridge/connectors/salesforce.py +126 -0
  825. tools/databridge/connectors/sap.py +89 -0
  826. tools/databridge/connectors/servicenow.py +60 -0
  827. tools/databridge/connectors/signal_messaging.py +150 -0
  828. tools/databridge/connectors/slack_messaging.py +203 -0
  829. tools/databridge/connectors/smtp_connector.py +126 -0
  830. tools/databridge/connectors/soap_base.py +258 -0
  831. tools/databridge/connectors/splunk_connector.py +171 -0
  832. tools/databridge/connectors/sql_base.py +310 -0
  833. tools/databridge/connectors/sqlite_connector.py +76 -0
  834. tools/databridge/connectors/teams.py +148 -0
  835. tools/databridge/connectors/telegram.py +192 -0
  836. tools/databridge/connectors/whatsapp.py +137 -0
  837. tools/databridge/data_profiler.py +99 -0
  838. tools/databridge/forge/__init__.py +6 -0
  839. tools/databridge/forge/base_selector.py +150 -0
  840. tools/databridge/forge/code_generator.py +206 -0
  841. tools/databridge/forge/community_hub.py +539 -0
  842. tools/databridge/forge/forge_agent.py +306 -0
  843. tools/databridge/forge/import_handler.py +133 -0
  844. tools/databridge/forge/integration_tester.py +127 -0
  845. tools/databridge/forge/marketplace_publisher.py +164 -0
  846. tools/databridge/forge/promoter.py +159 -0
  847. tools/databridge/forge/sandbox_manager.py +257 -0
  848. tools/databridge/forge/spec_parser.py +358 -0
  849. tools/databridge/forge/static_validator.py +363 -0
  850. tools/databridge/forge/templates/__init__.py +591 -0
  851. tools/databridge/format_converter.py +188 -0
  852. tools/databridge/mapping_engine.py +348 -0
  853. tools/databridge/messaging/__init__.py +5 -0
  854. tools/databridge/messaging/agent_bridge.py +254 -0
  855. tools/databridge/messaging/message_envelope.py +111 -0
  856. tools/databridge/messaging/message_logger.py +204 -0
  857. tools/databridge/messaging/messaging_daemon.py +326 -0
  858. tools/databridge/messaging/oauth2_manager.py +411 -0
  859. tools/databridge/pii_detector.py +221 -0
  860. tools/databridge/registry.py +352 -0
  861. tools/databridge/relay_server.py +105 -0
  862. tools/databridge/scale/__init__.py +16 -0
  863. tools/databridge/scale/backpressure.py +134 -0
  864. tools/databridge/scale/chunked_pipeline.py +169 -0
  865. tools/databridge/scale/connection_pool.py +293 -0
  866. tools/databridge/scale/engine.py +492 -0
  867. tools/databridge/scale/worker_pool.py +140 -0
  868. tools/databridge/scale/write_batcher.py +250 -0
  869. tools/databridge/schema_engine.py +324 -0
  870. tools/databridge/stream_manager.py +225 -0
  871. tools/databridge/sync_engine.py +411 -0
  872. tools/databridge/transforms.py +302 -0
  873. tools/db/__init__.py +1 -0
  874. tools/db/backup.py +312 -0
  875. tools/db/backup_manager.py +832 -0
  876. tools/db/init_icdev_db.py +7753 -0
  877. tools/db/init_sparkpilot_db.py +431 -0
  878. tools/db/migrate.py +177 -0
  879. tools/db/migrate_innovation_audit.py +165 -0
  880. tools/db/migration_runner.py +548 -0
  881. tools/db/migrations/001_baseline/meta.json +9 -0
  882. tools/db/migrations/001_baseline/up.py +67 -0
  883. tools/db/migrations/002_memory_enhancements/down.sql +8 -0
  884. tools/db/migrations/002_memory_enhancements/meta.json +9 -0
  885. tools/db/migrations/002_memory_enhancements/up.py +119 -0
  886. tools/db/migrations/003_dev_profiles/meta.json +8 -0
  887. tools/db/migrations/003_dev_profiles/up.py +93 -0
  888. tools/db/migrations/004_innovation_engine/down.py +19 -0
  889. tools/db/migrations/004_innovation_engine/up.py +227 -0
  890. tools/db/migrations/005_phase_37_ai_security/down.py +19 -0
  891. tools/db/migrations/005_phase_37_ai_security/up.py +257 -0
  892. tools/db/migrations/006_phase_36_evolution/down.py +21 -0
  893. tools/db/migrations/006_phase_36_evolution/up.py +323 -0
  894. tools/db/migrations/007_phase_38_cloud/down.py +14 -0
  895. tools/db/migrations/007_phase_38_cloud/up.py +110 -0
  896. tools/db/migrations/008_phase36_37_integration/up.py +55 -0
  897. tools/db/migrations/__init__.py +2 -0
  898. tools/db/pg_migrate.py +642 -0
  899. tools/db/storage.py +1080 -0
  900. tools/decisions/__init__.py +2 -0
  901. tools/decisions/dmn_engine.py +695 -0
  902. tools/devsecops/__init__.py +2 -0
  903. tools/devsecops/attestation_manager.py +449 -0
  904. tools/devsecops/network_segmentation_generator.py +604 -0
  905. tools/devsecops/pdp_config_generator.py +1246 -0
  906. tools/devsecops/pipeline_security_generator.py +475 -0
  907. tools/devsecops/policy_generator.py +644 -0
  908. tools/devsecops/profile_manager.py +374 -0
  909. tools/devsecops/service_mesh_generator.py +1063 -0
  910. tools/devsecops/zta_maturity_scorer.py +355 -0
  911. tools/devsecops/zta_terraform_generator.py +1301 -0
  912. tools/edge_ai/__init__.py +2 -0
  913. tools/edge_ai/model_manager.py +200 -0
  914. tools/embedded/__init__.py +2 -0
  915. tools/embedded/cmake_generator.py +318 -0
  916. tools/embedded/crash_analyzer.py +191 -0
  917. tools/embedded/nl_to_firmware.py +277 -0
  918. tools/events/__init__.py +1 -0
  919. tools/events/event_bus.py +199 -0
  920. tools/finetune/pair_generator.py +832 -0
  921. tools/fleet/__init__.py +2 -0
  922. tools/fleet/device_registry.py +148 -0
  923. tools/fleet/ota_manager.py +153 -0
  924. tools/forge_studio/__init__.py +13 -0
  925. tools/forge_studio/analytics/__init__.py +0 -0
  926. tools/forge_studio/analytics/process_miner.py +383 -0
  927. tools/forge_studio/audit.py +183 -0
  928. tools/forge_studio/blueprint/__init__.py +2 -0
  929. tools/forge_studio/blueprint/build_tracker.py +317 -0
  930. tools/forge_studio/blueprint/export_engine.py +441 -0
  931. tools/forge_studio/blueprint/parent_client.py +335 -0
  932. tools/forge_studio/catalog/__init__.py +2 -0
  933. tools/forge_studio/catalog/component_registry.py +176 -0
  934. tools/forge_studio/catalog/schema_validator.py +193 -0
  935. tools/forge_studio/compliance/__init__.py +1 -0
  936. tools/forge_studio/compliance/compliance_wiring.py +554 -0
  937. tools/forge_studio/deploy/__init__.py +1 -0
  938. tools/forge_studio/deploy/airgap_packager.py +466 -0
  939. tools/forge_studio/deploy/deploy_engine.py +1792 -0
  940. tools/forge_studio/deploy/env_manager.py +431 -0
  941. tools/forge_studio/eject/__init__.py +2 -0
  942. tools/forge_studio/eject/docker_compose_generator.py +237 -0
  943. tools/forge_studio/eject/eject_engine.py +230 -0
  944. tools/forge_studio/eject/expo_scaffolder.py +303 -0
  945. tools/forge_studio/eject/nextjs_scaffolder.py +338 -0
  946. tools/forge_studio/enterprise/__init__.py +0 -0
  947. tools/forge_studio/enterprise/custom_frameworks.py +826 -0
  948. tools/forge_studio/enterprise/hardening_engine.py +1530 -0
  949. tools/forge_studio/enterprise/sso_manager.py +718 -0
  950. tools/forge_studio/enterprise/whitelabel_engine.py +887 -0
  951. tools/forge_studio/formula/__init__.py +0 -0
  952. tools/forge_studio/formula/expression_engine.py +562 -0
  953. tools/forge_studio/formula/formula_registry.py +265 -0
  954. tools/forge_studio/generator/__init__.py +2 -0
  955. tools/forge_studio/generator/app_generator.py +584 -0
  956. tools/forge_studio/generator/complexity_detector.py +368 -0
  957. tools/forge_studio/generator/prompt_templates.py +104 -0
  958. tools/forge_studio/generator/spec_builder.py +192 -0
  959. tools/forge_studio/intake_bridge.py +898 -0
  960. tools/forge_studio/marketplace/__init__.py +0 -0
  961. tools/forge_studio/marketplace/component_hub.py +428 -0
  962. tools/forge_studio/models.py +369 -0
  963. tools/forge_studio/renderer/__init__.py +2 -0
  964. tools/forge_studio/renderer/json_render_engine.py +623 -0
  965. tools/forge_studio/renderer/layout_engine.py +214 -0
  966. tools/forge_studio/renderer/rn_component_map.py +182 -0
  967. tools/forge_studio/supabase/__init__.py +2 -0
  968. tools/forge_studio/supabase/auth_generator.py +283 -0
  969. tools/forge_studio/supabase/migration_generator.py +93 -0
  970. tools/forge_studio/supabase/schema_generator.py +281 -0
  971. tools/forge_studio/tenant_manager.py +387 -0
  972. tools/forge_studio/workflow/__init__.py +2 -0
  973. tools/forge_studio/workflow/bpmn_adapter.py +489 -0
  974. tools/govcon/draft_orchestrator.py +1151 -0
  975. tools/govcon/engine_enrichment.py +373 -0
  976. tools/govcon/knowledge_base.py +487 -0
  977. tools/govcon/knowledge_ingestion.py +510 -0
  978. tools/govcon/sam_scanner.py +754 -0
  979. tools/harness/__init__.py +6 -0
  980. tools/harness/exit_criteria_evaluator.py +231 -0
  981. tools/harness/maturity_assessor.py +347 -0
  982. tools/harness/scaffold_harness.py +416 -0
  983. tools/harness/trace_analyzer.py +281 -0
  984. tools/infra/__init__.py +1 -0
  985. tools/infra/ansible_generator.py +867 -0
  986. tools/infra/dockerfile_generator.py +359 -0
  987. tools/infra/infra_status.py +384 -0
  988. tools/infra/ironbank_metadata_generator.py +403 -0
  989. tools/infra/k8s_generator.py +1000 -0
  990. tools/infra/pipeline_generator.py +830 -0
  991. tools/infra/rollback.py +389 -0
  992. tools/infra/terraform_generator.py +1140 -0
  993. tools/infra/terraform_generator_azure.py +1252 -0
  994. tools/infra/terraform_generator_gcp.py +951 -0
  995. tools/infra/terraform_generator_ibm.py +359 -0
  996. tools/infra/terraform_generator_oci.py +918 -0
  997. tools/infra/terraform_generator_onprem.py +318 -0
  998. tools/knowledge/__init__.py +1 -0
  999. tools/knowledge/knowledge_ingest.py +281 -0
  1000. tools/knowledge/pattern_detector.py +681 -0
  1001. tools/knowledge/recommendation_engine.py +449 -0
  1002. tools/knowledge/self_heal_analyzer.py +492 -0
  1003. tools/knowledge_graph/__init__.py +2 -0
  1004. tools/knowledge_graph/graph_rag.py +498 -0
  1005. tools/knowledge_graph/ingester.py +406 -0
  1006. tools/knowledge_graph/insight_generator.py +369 -0
  1007. tools/knowledge_graph/text_network.py +832 -0
  1008. tools/llm/__init__.py +72 -0
  1009. tools/llm/anthropic_provider.py +170 -0
  1010. tools/llm/azure_openai_provider.py +338 -0
  1011. tools/llm/bedrock_provider.py +315 -0
  1012. tools/llm/embedding_provider.py +438 -0
  1013. tools/llm/gemini_provider.py +381 -0
  1014. tools/llm/ibm_watsonx_provider.py +231 -0
  1015. tools/llm/oci_genai_provider.py +462 -0
  1016. tools/llm/ollama_provider.py +350 -0
  1017. tools/llm/openai_provider.py +225 -0
  1018. tools/llm/prompt_registry.py +447 -0
  1019. tools/llm/provider.py +355 -0
  1020. tools/llm/provider_sdk.py +175 -0
  1021. tools/llm/router.py +1124 -0
  1022. tools/llm/semantic_cache.py +394 -0
  1023. tools/llm/vertex_ai_provider.py +374 -0
  1024. tools/maintenance/__init__.py +2 -0
  1025. tools/maintenance/dependency_scanner.py +1016 -0
  1026. tools/maintenance/maintenance_auditor.py +804 -0
  1027. tools/maintenance/remediation_engine.py +957 -0
  1028. tools/maintenance/vulnerability_checker.py +978 -0
  1029. tools/manifest.md +1066 -0
  1030. tools/marketplace/asset_installer.py +639 -0
  1031. tools/marketplace/feedback_validator.py +359 -0
  1032. tools/marketplace/license_client.py +458 -0
  1033. tools/marketplace/module_crypto.py +544 -0
  1034. tools/marketplace/module_runtime.py +236 -0
  1035. tools/marketplace/token_store.py +264 -0
  1036. tools/mbse/__init__.py +3 -0
  1037. tools/mbse/des_assessor.py +1173 -0
  1038. tools/mbse/des_report_generator.py +787 -0
  1039. tools/mbse/diagram_extractor.py +792 -0
  1040. tools/mbse/digital_thread.py +1650 -0
  1041. tools/mbse/model_code_generator.py +1115 -0
  1042. tools/mbse/model_control_mapper.py +410 -0
  1043. tools/mbse/pi_model_tracker.py +1079 -0
  1044. tools/mbse/reqif_parser.py +1468 -0
  1045. tools/mbse/sync_engine.py +1789 -0
  1046. tools/mbse/thread_heatmap.py +445 -0
  1047. tools/mbse/xmi_parser.py +1558 -0
  1048. tools/mcp/builder_server.py +64 -0
  1049. tools/mcp/compliance_server.py +64 -0
  1050. tools/mcp/connector_forge_server.py +155 -0
  1051. tools/mcp/core_server.py +64 -0
  1052. tools/mcp/devsecops_server.py +11 -0
  1053. tools/mcp/devsecops_zta_server.py +64 -0
  1054. tools/mcp/knowledge_server.py +64 -0
  1055. tools/mcp/monitor_server.py +64 -0
  1056. tools/mcp/ops_server.py +300 -0
  1057. tools/mcp/requirements_analyst_server.py +64 -0
  1058. tools/mcp/requirements_server.py +11 -0
  1059. tools/mcp/security_server.py +64 -0
  1060. tools/mcp/simulation_server.py +64 -0
  1061. tools/mcp/supply_chain_server.py +64 -0
  1062. tools/mcp/tool_registry.py +299 -0
  1063. tools/memory/__init__.py +2 -0
  1064. tools/memory/auto_capture.py +346 -0
  1065. tools/memory/embed_memory.py +157 -0
  1066. tools/memory/history_compressor.py +334 -0
  1067. tools/memory/hybrid_search.py +235 -0
  1068. tools/memory/maintenance_cron.py +288 -0
  1069. tools/memory/memory_consolidation.py +439 -0
  1070. tools/memory/memory_db.py +132 -0
  1071. tools/memory/memory_read.py +101 -0
  1072. tools/memory/memory_write.py +221 -0
  1073. tools/memory/semantic_search.py +138 -0
  1074. tools/memory/time_decay.py +434 -0
  1075. tools/missions/__init__.py +2 -0
  1076. tools/missions/mission_engine.py +459 -0
  1077. tools/monitor/__init__.py +1 -0
  1078. tools/monitor/alert_correlator.py +486 -0
  1079. tools/monitor/auto_resolver.py +603 -0
  1080. tools/monitor/health_checker.py +507 -0
  1081. tools/monitor/heartbeat_daemon.py +779 -0
  1082. tools/monitor/log_analyzer.py +507 -0
  1083. tools/monitor/metric_collector.py +484 -0
  1084. tools/mosa/__init__.py +10 -0
  1085. tools/mosa/icd_generator.py +358 -0
  1086. tools/mosa/modular_design_analyzer.py +682 -0
  1087. tools/mosa/mosa_code_enforcer.py +348 -0
  1088. tools/mosa/tsp_generator.py +265 -0
  1089. tools/observability/__init__.py +100 -0
  1090. tools/observability/genai_attributes.py +88 -0
  1091. tools/observability/instrumentation.py +140 -0
  1092. tools/observability/mlflow_exporter.py +193 -0
  1093. tools/observability/otel_tracer.py +168 -0
  1094. tools/observability/provenance/__init__.py +3 -0
  1095. tools/observability/provenance/prov_recorder.py +322 -0
  1096. tools/observability/shap/__init__.py +3 -0
  1097. tools/observability/shap/agent_shap.py +274 -0
  1098. tools/observability/sqlite_tracer.py +360 -0
  1099. tools/observability/trace_context.py +205 -0
  1100. tools/observability/tracer.py +230 -0
  1101. tools/orchestration/__init__.py +1 -0
  1102. tools/orchestration/peer_channels.py +254 -0
  1103. tools/orchestration/saga_coordinator.py +390 -0
  1104. tools/project/__init__.py +1 -0
  1105. tools/project/manifest_loader.py +418 -0
  1106. tools/project/project_create.py +350 -0
  1107. tools/project/project_list.py +171 -0
  1108. tools/project/project_scaffold.py +1715 -0
  1109. tools/project/project_status.py +478 -0
  1110. tools/project/session_context_builder.py +752 -0
  1111. tools/project/validate_manifest.py +54 -0
  1112. tools/rag/corrective_rag.py +582 -0
  1113. tools/rag/source_registry.py +482 -0
  1114. tools/requirements/__init__.py +1 -0
  1115. tools/requirements/ai_governance_scorer.py +207 -0
  1116. tools/requirements/boundary_analyzer.py +1281 -0
  1117. tools/requirements/clarification_engine.py +605 -0
  1118. tools/requirements/complexity_scorer.py +369 -0
  1119. tools/requirements/consistency_analyzer.py +789 -0
  1120. tools/requirements/constitution_manager.py +592 -0
  1121. tools/requirements/decomposition_engine.py +764 -0
  1122. tools/requirements/document_extractor.py +1002 -0
  1123. tools/requirements/elicitation_techniques.py +508 -0
  1124. tools/requirements/gap_detector.py +260 -0
  1125. tools/requirements/intake_engine.py +2175 -0
  1126. tools/requirements/prd_generator.py +839 -0
  1127. tools/requirements/prd_validator.py +584 -0
  1128. tools/requirements/readiness_scorer.py +302 -0
  1129. tools/requirements/spec_organizer.py +1015 -0
  1130. tools/requirements/spec_quality_checker.py +1083 -0
  1131. tools/requirements/traceability_builder.py +566 -0
  1132. tools/research/__init__.py +3 -0
  1133. tools/research/academic_scanner.py +130 -0
  1134. tools/research/build_buy_analyzer.py +229 -0
  1135. tools/research/challenge_scorer.py +280 -0
  1136. tools/research/community_scanner.py +174 -0
  1137. tools/research/cross_engine_bridge.py +124 -0
  1138. tools/research/dossier_generator.py +305 -0
  1139. tools/research/landscape_scanner.py +315 -0
  1140. tools/research/regulatory_scanner.py +248 -0
  1141. tools/research/research_manager.py +469 -0
  1142. tools/research/source_scanner.py +150 -0
  1143. tools/research/vertical_loader.py +118 -0
  1144. tools/saas/__init__.py +0 -0
  1145. tools/saas/licensing/__init__.py +0 -0
  1146. tools/saas/licensing/license_validator.py +345 -0
  1147. tools/scaffold/__init__.py +2 -0
  1148. tools/scaffold/golden_path.py +504 -0
  1149. tools/security/__init__.py +1 -0
  1150. tools/security/agent_output_validator.py +330 -0
  1151. tools/security/agent_trust_scorer.py +652 -0
  1152. tools/security/ai_bom_generator.py +718 -0
  1153. tools/security/ai_telemetry_logger.py +469 -0
  1154. tools/security/atlas_red_team.py +541 -0
  1155. tools/security/code_pattern_scanner.py +382 -0
  1156. tools/security/confabulation_detector.py +265 -0
  1157. tools/security/container_scanner.py +489 -0
  1158. tools/security/dependency_auditor.py +942 -0
  1159. tools/security/endpoint_security_scanner.py +626 -0
  1160. tools/security/mcp_tool_authorizer.py +242 -0
  1161. tools/security/output_verifier.py +427 -0
  1162. tools/security/prompt_injection_detector.py +737 -0
  1163. tools/security/sast_runner.py +946 -0
  1164. tools/security/secret_detector.py +376 -0
  1165. tools/security/threat_modeler.py +678 -0
  1166. tools/security/tool_chain_validator.py +357 -0
  1167. tools/security/vuln_scanner.py +536 -0
  1168. tools/simulation/__init__.py +2 -0
  1169. tools/simulation/ato_simulator.py +517 -0
  1170. tools/simulation/coa_generator.py +1539 -0
  1171. tools/simulation/monte_carlo.py +745 -0
  1172. tools/simulation/scenario_manager.py +1060 -0
  1173. tools/simulation/simulation_engine.py +1091 -0
  1174. tools/simulator/__init__.py +2 -0
  1175. tools/simulator/sim_runner.py +272 -0
  1176. tools/supply_chain/__init__.py +2 -0
  1177. tools/supply_chain/cve_triager.py +690 -0
  1178. tools/supply_chain/dependency_graph.py +630 -0
  1179. tools/supply_chain/isa_manager.py +526 -0
  1180. tools/supply_chain/scrm_assessor.py +531 -0
  1181. tools/supply_chain/slsa_verifier.py +473 -0
  1182. tools/testing/__init__.py +2 -0
  1183. tools/testing/acceptance_validator.py +411 -0
  1184. tools/testing/api_surface_extractor.py +749 -0
  1185. tools/testing/claude_dir_validator.py +831 -0
  1186. tools/testing/data_types.py +199 -0
  1187. tools/testing/e2e_runner.py +715 -0
  1188. tools/testing/fuzz_cli.py +306 -0
  1189. tools/testing/health_check.py +483 -0
  1190. tools/testing/platform_check.py +143 -0
  1191. tools/testing/production_audit.py +1836 -0
  1192. tools/testing/production_remediate.py +803 -0
  1193. tools/testing/screenshot_validator.py +538 -0
  1194. tools/testing/smoke_test.py +283 -0
  1195. tools/testing/test_agent_models.py +117 -0
  1196. tools/testing/test_orchestrator.py +957 -0
  1197. tools/testing/utils.py +229 -0
  1198. tools/writeguard/__init__.py +1 -0
  1199. tools/writeguard/main.py +1 -0
  1200. tools/writing/__init__.py +7 -0
  1201. tools/writing/ai_content_detector.py +316 -0
  1202. tools/writing/analysis_engine.py +454 -0
  1203. tools/writing/batch_analyzer.py +276 -0
  1204. tools/writing/coherence_analyzer.py +221 -0
  1205. tools/writing/govcon_bridge.py +509 -0
  1206. tools/writing/grammar_checker.py +270 -0
  1207. tools/writing/plagiarism_detector.py +106 -0
  1208. tools/writing/readability_scorer.py +201 -0
  1209. tools/writing/rewriter.py +96 -0
  1210. tools/writing/signal_registrar.py +167 -0
  1211. tools/writing/snippet_manager.py +276 -0
  1212. tools/writing/style_enforcer.py +220 -0
  1213. tools/writing/style_guide_manager.py +438 -0
  1214. tools/writing/tone_profiler.py +168 -0
docs/adr/README.md ADDED
@@ -0,0 +1,66 @@
1
+ # CUI // SP-CTI
2
+ # Architecture Decision Records — Index
3
+
4
+ **Total decisions:** 104
5
+ **Last updated:** 2026-03-08
6
+
7
+ ## Decision Groups
8
+
9
+ | Group | File | Count | Description |
10
+ |-------|------|-------|-------------|
11
+ | Core Architecture | [core-decisions.md](core-decisions.md) | 20 | Foundational system decisions: protocols, data models, compliance, observability |
12
+ | Database & Storage | [db-decisions.md](db-decisions.md) | 6 | PostgreSQL migration, storage abstraction, schema versioning |
13
+ | Connector Forge & CloudForge | [connector-forge-decisions.md](connector-forge-decisions.md) | 22 | Dynamic connector generation, runbooks, metastore, ops server |
14
+ | Innovation Features | [innovation-decisions.md](innovation-decisions.md) | 18 | cATO, DORA, narratives, threat modeling, scorecard, golden path, SBOM |
15
+ | WriteGuard | [writeguard-decisions.md](writeguard-decisions.md) | 9 | AI writing assistant: deterministic pipeline, style guides, analysis |
16
+ | Marketplace | [marketplace-decisions.md](marketplace-decisions.md) | 7 | SaaS extraction, licensing, community model, sponsor tiers |
17
+ | Scale Engine | [scale-engine-decisions.md](scale-engine-decisions.md) | 7 | Parallel sync execution, connection pools, batch writes |
18
+ | Harness Engineering | [harness-decisions.md](harness-decisions.md) | 8 | Loop detection, maturity assessment, exit criteria, trace analysis |
19
+ | Secure by Design | [sbd-decisions.md](sbd-decisions.md) | 7 | CISA SbD, Cloudyrion 8-Pillar, exception registry, scorecard integration |
20
+
21
+ ## Summary by Status
22
+
23
+ | Status | Count |
24
+ |--------|-------|
25
+ | Accepted | 103 |
26
+ | Superseded | 1 |
27
+
28
+ ## Superseded Decisions
29
+
30
+ | ID | Superseded By | Original Decision |
31
+ |----|---------------|-------------------|
32
+ | D1 | D-DB-20 | SQLite for internal operational data (zero-config portability) |
33
+
34
+ ## How to Use
35
+
36
+ These ADRs are extracted from `CLAUDE.md` Key Architecture Decisions section.
37
+
38
+ To regenerate all ADR files:
39
+ ```bash
40
+ python tools/architecture/adr_extractor.py --extract --json
41
+ ```
42
+
43
+ To list all decisions:
44
+ ```bash
45
+ python tools/architecture/adr_extractor.py --list --json
46
+ ```
47
+
48
+ ## ADR Format
49
+
50
+ Each group file contains:
51
+ - **Summary table** — ID, status, and brief description for quick scanning
52
+ - **Individual sections** — Status, Date, Context, Decision, and Consequences for each ADR
53
+
54
+ ## Naming Convention
55
+
56
+ Decision IDs follow the pattern `D-{PREFIX}-{NUMBER}`:
57
+ - `D{N}` — Core architecture decisions (no prefix)
58
+ - `D-DB-{N}` — Database and storage layer
59
+ - `D-CF-{N}` — Connector Forge and CloudForge
60
+ - `D-INV-{N}` — Innovation features
61
+ - `D-WG-{N}` — WriteGuard writing assistant
62
+ - `D-MKT-{S|C}{N}` — Marketplace (S=SaaS, C=Community)
63
+ - `D-SC-{N}` — Scale Engine
64
+ - `D-HARNESS-{N}` — Harness Engineering
65
+ - `D-SBD-{N}` — Secure by Design
66
+ - `D-ARCH-{N}` — Architecture Patterns (reserved)
docs/adr/connector-forge-decisions.md ADDED
@@ -0,0 +1,318 @@
1
+ # CUI // SP-CTI
2
+ # Connector Forge & CloudForge — Architecture Decision Records
3
+
4
+ **Total decisions:** 22
5
+ **Last updated:** 2026-03-08
6
+
7
+ | ID | Status | Decision |
8
+ |----|--------|----------|
9
+ | D-CF-1 | Accepted | Connector Forge `forge/` is a subpackage of `tools/databridge/` -- imports from existing ABCs |
10
+ | D-CF-2 | Accepted | Two-tier LLM for code gen (qwen3 drafts connector skeleton, Claude reviews against ABC contract) |
11
+ | D-CF-3 | Accepted | Inline Jinja2 template strings with string-replacement fallback (air-gap safe) |
12
+ | D-CF-4 | Accepted | Docker sandbox primary (--network none, --memory 256m), subprocess fallback |
13
+ | D-CF-5 | Accepted | Two new ConnectorType enum values: SOAP, HEALTH |
14
+ | D-CF-6 | Accepted | Promotion state machine: sandboxed -> promoted -> published -> deprecated |
15
+ | D-CF-7 | Accepted | 8 new audit event types for forge lifecycle |
16
+ | D-CF-8 | Accepted | Marketplace install via ASSET_TYPE_DIRS["databridge_connector"] |
17
+ | D-CF-9 | Accepted | MCP server exposes 8 tools for forge operations |
18
+ | D-CF-10 | Accepted | Config in databridge_config.yaml under forge: block |
19
+ | D-CF-19 | Accepted | Runbooks stored as JSON DAG (tasks_json + edges_json) in SQLite -- air-gap safe |
20
+ | D-CF-20 | Accepted | Runbook executions are append-only with per-task log (NIST AU compliance) |
21
+ | D-CF-21 | Accepted | DAG execution uses Kahn's algorithm (topological sort) -- deterministic O(V+E), no LLM in critical path |
22
+ | D-CF-22 | Accepted | Snippets are self-contained sub-DAGs embedded by reference with usage count tracking |
23
+ | D-CF-23 | Accepted | Metastore uses adjacency list for dependency graph (matches D27 pattern, SQL joins) |
24
+ | D-CF-24 | Accepted | Auto-discovery pulls from db_connections, cf_landing_zones, devices -- idempotent upsert |
25
+ | D-CF-25 | Accepted | Conditional branching uses deterministic expression eval (key-operator-value triples, no eval()) |
26
+ | D-CF-26 | Accepted | AI runbook generation is non-critical-path, always outputs status='draft' |
27
+ | D-CF-27 | Accepted | RTO/RPO stored as hours (REAL) on cf_applications -- simple numeric comparison |
28
+ | D-CF-28 | Accepted | Single unified Ops MCP server with 18 tools (reduces MCP server proliferation) |
29
+ | D-CF-29 | Accepted | YAML runbook templates in args/cloudforge_runbook_templates/ (GOTCHA args layer) |
30
+ | D-CF-30 | Accepted | Community: 3 runbooks, no snippets/AI/discovery; Pro: unlimited |
31
+
32
+ ---
33
+
34
+ ## D-CF-1: Connector Forge as subpackage of tools/databridge/
35
+
36
+ **Status:** Accepted
37
+ **Date:** 2026-03-08
38
+ **Context:** Connector Forge needs to reuse existing DataBridge abstract base classes and connector patterns without duplication.
39
+ **Decision:** Connector Forge `forge/` is a subpackage of `tools/databridge/` -- imports from existing ABCs
40
+ **Consequences:**
41
+ - Forge connectors inherit from the same ABCs as built-in connectors.
42
+ - No code duplication of connector interfaces.
43
+ - Forge directory is self-contained within the DataBridge module.
44
+
45
+ ---
46
+
47
+ ## D-CF-2: Two-tier LLM for code gen
48
+
49
+ **Status:** Accepted
50
+ **Date:** 2026-03-08
51
+ **Context:** Connector code generation needs both speed (drafting) and accuracy (contract validation) at reasonable token cost.
52
+ **Decision:** Two-tier LLM for code gen (qwen3 drafts connector skeleton, Claude reviews against ABC contract)
53
+ **Consequences:**
54
+ - qwen3 handles initial code generation (fast, low cost).
55
+ - Claude reviews for ABC contract compliance (high accuracy).
56
+ - Reduced Claude token consumption (~40% savings).
57
+
58
+ ---
59
+
60
+ ## D-CF-3: Inline Jinja2 template strings with string-replacement fallback
61
+
62
+ **Status:** Accepted
63
+ **Date:** 2026-03-08
64
+ **Context:** The system must operate in air-gapped environments without external dependencies for template rendering.
65
+ **Decision:** Inline Jinja2 template strings with string-replacement fallback (air-gap safe)
66
+ **Consequences:**
67
+ - No external network dependencies required at runtime.
68
+ - Jinja2 used when available, string replacement as fallback.
69
+ - Templates are embedded in source code, not external files.
70
+
71
+ ---
72
+
73
+ ## D-CF-4: Docker sandbox primary, subprocess fallback
74
+
75
+ **Status:** Accepted
76
+ **Date:** 2026-03-08
77
+ **Context:** Generated connector code must be executed in isolation to prevent security risks from untrusted code.
78
+ **Decision:** Docker sandbox primary (--network none, --memory 256m), subprocess fallback
79
+ **Consequences:**
80
+ - Network-isolated Docker container for maximum security.
81
+ - Memory-limited to prevent resource exhaustion.
82
+ - Subprocess fallback when Docker is unavailable.
83
+
84
+ ---
85
+
86
+ ## D-CF-5: Two new ConnectorType enum values
87
+
88
+ **Status:** Accepted
89
+ **Date:** 2026-03-08
90
+ **Context:** The connector type system needed to support SOAP web services and health check endpoints.
91
+ **Decision:** Two new ConnectorType enum values: SOAP, HEALTH
92
+ **Consequences:**
93
+ - SOAP connectors can be properly categorized.
94
+ - Health check connectors have a distinct type.
95
+ - Enum extended without breaking existing connector types.
96
+
97
+ ---
98
+
99
+ ## D-CF-6: Promotion state machine
100
+
101
+ **Status:** Accepted
102
+ **Date:** 2026-03-08
103
+ **Context:** Generated connectors need a clear lifecycle from initial sandbox testing through production deployment and eventual retirement.
104
+ **Decision:** Promotion state machine: sandboxed -> promoted -> published -> deprecated
105
+ **Consequences:**
106
+ - Clear progression path for connector maturity.
107
+ - Each state has distinct permissions and visibility.
108
+ - Deprecated connectors are retained but not recommended.
109
+
110
+ ---
111
+
112
+ ## D-CF-7: 8 new audit event types for forge lifecycle
113
+
114
+ **Status:** Accepted
115
+ **Date:** 2026-03-08
116
+ **Context:** Federal compliance requirements (NIST 800-53 AU controls) mandate audit logging of forge lifecycle events.
117
+ **Decision:** 8 new audit event types for forge lifecycle
118
+ **Consequences:**
119
+ - Historical records cannot be modified or deleted.
120
+ - Complete audit trail of connector generation, validation, promotion, and deprecation.
121
+ - All forge operations are traceable.
122
+
123
+ ---
124
+
125
+ ## D-CF-8: Marketplace install via ASSET_TYPE_DIRS
126
+
127
+ **Status:** Accepted
128
+ **Date:** 2026-03-08
129
+ **Context:** The marketplace and community features require clear operational boundaries for installing forge connectors.
130
+ **Decision:** Marketplace install via ASSET_TYPE_DIRS["databridge_connector"]
131
+ **Consequences:**
132
+ - Connectors installed to a known directory path.
133
+ - Asset type directory mapping is consistent across marketplace.
134
+ - All components must conform to this architectural constraint.
135
+
136
+ ---
137
+
138
+ ## D-CF-9: MCP server exposes 8 tools for forge operations
139
+
140
+ **Status:** Accepted
141
+ **Date:** 2026-03-08
142
+ **Context:** Multi-agent communication requires well-defined protocols for Claude Code to interact with forge capabilities.
143
+ **Decision:** MCP server exposes 8 tools for forge operations
144
+ **Consequences:**
145
+ - Claude Code can invoke forge operations via MCP.
146
+ - Eight distinct tool functions for full forge lifecycle.
147
+ - Consistent with existing MCP server patterns.
148
+
149
+ ---
150
+
151
+ ## D-CF-10: Config in databridge_config.yaml under forge: block
152
+
153
+ **Status:** Accepted
154
+ **Date:** 2026-03-08
155
+ **Context:** Configuration and templates must follow GOTCHA separation of concerns.
156
+ **Decision:** Config in databridge_config.yaml under forge: block
157
+ **Consequences:**
158
+ - Forge configuration colocated with DataBridge config.
159
+ - Follows GOTCHA args layer pattern.
160
+ - Single config file for all DataBridge-related settings.
161
+
162
+ ---
163
+
164
+ ## D-CF-19: Runbooks stored as JSON DAG
165
+
166
+ **Status:** Accepted
167
+ **Date:** 2026-03-08
168
+ **Context:** The system must operate in air-gapped environments. Runbook task graphs need a portable representation.
169
+ **Decision:** Runbooks stored as JSON DAG (tasks_json + edges_json) in SQLite -- air-gap safe
170
+ **Consequences:**
171
+ - No external network dependencies required at runtime.
172
+ - DAG structure enables parallel task execution.
173
+ - SQLite storage provides portability.
174
+
175
+ ---
176
+
177
+ ## D-CF-20: Runbook executions are append-only with per-task log
178
+
179
+ **Status:** Accepted
180
+ **Date:** 2026-03-08
181
+ **Context:** Federal compliance requirements (NIST 800-53 AU controls) mandate immutable execution records.
182
+ **Decision:** Runbook executions are append-only with per-task log (NIST AU compliance)
183
+ **Consequences:**
184
+ - Historical records cannot be modified or deleted.
185
+ - Per-task log enables granular execution audit.
186
+ - Satisfies NIST AU compliance requirements.
187
+
188
+ ---
189
+
190
+ ## D-CF-21: DAG execution uses Kahn's algorithm
191
+
192
+ **Status:** Accepted
193
+ **Date:** 2026-03-08
194
+ **Context:** Probabilistic behavior in business logic leads to unreliable results. Runbook task ordering must be deterministic.
195
+ **Decision:** DAG execution uses Kahn's algorithm (topological sort) -- deterministic O(V+E), no LLM in critical path
196
+ **Consequences:**
197
+ - Results are reproducible across runs.
198
+ - O(V+E) time complexity for task ordering.
199
+ - No LLM involvement in execution critical path.
200
+
201
+ ---
202
+
203
+ ## D-CF-22: Snippets are self-contained sub-DAGs
204
+
205
+ **Status:** Accepted
206
+ **Date:** 2026-03-08
207
+ **Context:** Runbook composition requires reusable building blocks that can be embedded by reference.
208
+ **Decision:** Snippets are self-contained sub-DAGs embedded by reference with usage count tracking
209
+ **Consequences:**
210
+ - Reusable runbook fragments across multiple runbooks.
211
+ - Usage count tracking for impact analysis.
212
+ - Self-contained design prevents cross-snippet dependencies.
213
+
214
+ ---
215
+
216
+ ## D-CF-23: Metastore uses adjacency list for dependency graph
217
+
218
+ **Status:** Accepted
219
+ **Date:** 2026-03-08
220
+ **Context:** Data persistence strategy must support dependency graph traversal. Consistency with existing patterns (D27) is preferred.
221
+ **Decision:** Metastore uses adjacency list for dependency graph (matches D27 pattern, SQL joins)
222
+ **Consequences:**
223
+ - Consistent with supply chain graph pattern (D27).
224
+ - Standard SQL queries for dependency traversal.
225
+ - No additional database technology required.
226
+
227
+ ---
228
+
229
+ ## D-CF-24: Auto-discovery pulls from existing tables
230
+
231
+ **Status:** Accepted
232
+ **Date:** 2026-03-08
233
+ **Context:** Application metastore needs to discover existing infrastructure without manual registration.
234
+ **Decision:** Auto-discovery pulls from db_connections, cf_landing_zones, devices -- idempotent upsert
235
+ **Consequences:**
236
+ - Existing infrastructure is automatically registered.
237
+ - Idempotent upsert prevents duplicate entries.
238
+ - Discovery sources span DataBridge, CloudForge, and Fleet.
239
+
240
+ ---
241
+
242
+ ## D-CF-25: Conditional branching uses deterministic expression eval
243
+
244
+ **Status:** Accepted
245
+ **Date:** 2026-03-08
246
+ **Context:** Probabilistic behavior in business logic leads to unreliable results. Runbook branching must be deterministic and secure.
247
+ **Decision:** Conditional branching uses deterministic expression eval (key-operator-value triples, no eval())
248
+ **Consequences:**
249
+ - Results are reproducible across runs.
250
+ - No `eval()` prevents code injection attacks.
251
+ - Key-operator-value triples provide sufficient expressiveness.
252
+
253
+ ---
254
+
255
+ ## D-CF-26: AI runbook generation is non-critical-path
256
+
257
+ **Status:** Accepted
258
+ **Date:** 2026-03-08
259
+ **Context:** AI-generated runbooks need human review before execution. LLM output must not be directly executable.
260
+ **Decision:** AI runbook generation is non-critical-path, always outputs status='draft'
261
+ **Consequences:**
262
+ - Generated runbooks require human promotion to active status.
263
+ - LLM failures do not block runbook operations.
264
+ - Draft status clearly signals review needed.
265
+
266
+ ---
267
+
268
+ ## D-CF-27: RTO/RPO stored as hours (REAL) on cf_applications
269
+
270
+ **Status:** Accepted
271
+ **Date:** 2026-03-08
272
+ **Context:** Recovery time/point objectives need simple comparison for compliance checking.
273
+ **Decision:** RTO/RPO stored as hours (REAL) on cf_applications -- simple numeric comparison
274
+ **Consequences:**
275
+ - Simple SQL comparison for RTO/RPO threshold checks.
276
+ - Hours provide sufficient granularity for enterprise applications.
277
+ - Stored directly on application record for fast access.
278
+
279
+ ---
280
+
281
+ ## D-CF-28: Single unified Ops MCP server with 18 tools
282
+
283
+ **Status:** Accepted
284
+ **Date:** 2026-03-08
285
+ **Context:** Multi-agent communication requires well-defined protocols. Proliferation of MCP servers increases complexity.
286
+ **Decision:** Single unified Ops MCP server with 18 tools (reduces MCP server proliferation)
287
+ **Consequences:**
288
+ - One MCP server instead of multiple for ops domain.
289
+ - 18 tools cover runbooks, metastore, and cross-domain queries.
290
+ - Reduced configuration and maintenance overhead.
291
+
292
+ ---
293
+
294
+ ## D-CF-29: YAML runbook templates in args/cloudforge_runbook_templates/
295
+
296
+ **Status:** Accepted
297
+ **Date:** 2026-03-08
298
+ **Context:** Configuration and templates must follow GOTCHA separation of concerns.
299
+ **Decision:** YAML runbook templates in args/cloudforge_runbook_templates/ (GOTCHA args layer)
300
+ **Consequences:**
301
+ - Templates live in the GOTCHA args layer.
302
+ - Behavior changes without editing goals or tools.
303
+ - YAML format for human readability.
304
+
305
+ ---
306
+
307
+ ## D-CF-30: Community vs Pro feature split
308
+
309
+ **Status:** Accepted
310
+ **Date:** 2026-03-08
311
+ **Context:** The marketplace and community features require clear operational boundaries between free and paid tiers.
312
+ **Decision:** Community: 3 runbooks, no snippets/AI/discovery; Pro: unlimited
313
+ **Consequences:**
314
+ - Community tier has clear, documented limits.
315
+ - Pro tier removes all limits.
316
+ - Feature gating enforced at runtime.
317
+
318
+ ---
docs/adr/core-decisions.md ADDED
@@ -0,0 +1,289 @@
1
+ # CUI // SP-CTI
2
+ # Core Architecture — Architecture Decision Records
3
+
4
+ **Total decisions:** 20
5
+ **Last updated:** 2026-03-08
6
+
7
+ | ID | Status | Decision |
8
+ |----|--------|----------|
9
+ | D1 | Superseded | SQLite for internal operational data (zero-config portability) [SUPERSEDED] Superseded by D-DB-20 |
10
+ | D2 | Accepted | Stdio for MCP (Claude Code); HTTPS+mTLS for A2A (K8s inter-agent) |
11
+ | D4 | Accepted | Statistical methods for pattern detection; Bedrock LLM for root cause analysis |
12
+ | D5 | Accepted | CUI markings applied at generation time (inline, not post-processing) |
13
+ | D6 | Accepted | Audit trail is append-only/immutable (no UPDATE/DELETE -- NIST AU compliance) |
14
+ | D7 | Accepted | Python stdlib xml.etree.ElementTree for XMI/ReqIF parsing (zero deps, air-gap safe) |
15
+ | D8 | Accepted | Normalized DB tables for model elements (enables SQL joins across digital thread) |
16
+ | D9 | Accepted | M-ATLAS adds Model pre-phase to ATLAS (backward compatible -- skips if no model) |
17
+ | D12 | Accepted | N:M digital thread links (one block -> many code modules; one control -> many requirements) |
18
+ | D21 | Accepted | Readiness scoring uses deterministic weighted average (reproducible, not probabilistic) |
19
+ | D22 | Accepted | Monte Carlo uses Python stdlib random (zero deps, air-gap safe) |
20
+ | D27 | Accepted | Supply chain graph stored as SQL adjacency list (no graph DB needed) |
21
+ | D52 | Accepted | This is a generated child app -- grandchild app generation is disabled by design |
22
+ | D117 | Accepted | DevSecOps/ZTA Agent with hard veto on pipeline_configuration and zero_trust_policy |
23
+ | D120 | Accepted | ZTA maturity model uses DoD 7-pillar scoring (Traditional -> Advanced -> Optimal) |
24
+ | D215 | Accepted | Prompt injection detector uses 5 detection categories |
25
+ | D216 | Accepted | AI telemetry hashes prompts/responses with SHA-256 (privacy-preserving audit) |
26
+ | D280 | Accepted | Pluggable Tracer ABC: OTelTracer (production), SQLiteTracer (air-gapped), NullTracer (fallback) |
27
+ | D287 | Accepted | PROV-AGENT provenance in 3 append-only SQLite tables (W3C PROV standard) |
28
+ | D331 | Accepted | Code quality metrics are read-only, advisory-only -- never modifies source files |
29
+
30
+ ---
31
+
32
+ ## D1: SQLite for internal operational data
33
+
34
+ **Status:** Superseded
35
+ **Date:** 2026-03-08
36
+ **Context:** The system needed a lightweight, zero-configuration database for internal operational data storage that works in portable and air-gapped environments.
37
+ **Decision:** ~~SQLite for internal operational data (zero-config portability)~~ Superseded by D-DB-20
38
+ **Consequences:**
39
+ - This decision has been replaced by D-DB-20 (PostgreSQL as primary backend).
40
+ - SQLite is retained as a lightweight fallback for portable/browser scenarios.
41
+
42
+ ---
43
+
44
+ ## D2: Stdio for MCP; HTTPS+mTLS for A2A
45
+
46
+ **Status:** Accepted
47
+ **Date:** 2026-03-08
48
+ **Context:** Multi-agent communication requires well-defined protocols and boundaries between Claude Code MCP servers and inter-agent Kubernetes communication.
49
+ **Decision:** Stdio for MCP (Claude Code); HTTPS+mTLS for A2A (K8s inter-agent)
50
+ **Consequences:**
51
+ - MCP servers use stdio transport for Claude Code integration.
52
+ - Agent-to-agent communication uses HTTPS with mutual TLS within Kubernetes.
53
+ - Clear separation between local tool invocation and network-based agent communication.
54
+
55
+ ---
56
+
57
+ ## D4: Statistical methods for pattern detection
58
+
59
+ **Status:** Accepted
60
+ **Date:** 2026-03-08
61
+ **Context:** Pattern detection in monitoring and self-healing must balance accuracy with cost and latency.
62
+ **Decision:** Statistical methods for pattern detection; Bedrock LLM for root cause analysis
63
+ **Consequences:**
64
+ - Pattern detection runs locally without LLM token costs.
65
+ - Root cause analysis leverages LLM reasoning capabilities when needed.
66
+ - Two-tier approach optimizes cost vs. intelligence tradeoff.
67
+
68
+ ---
69
+
70
+ ## D5: CUI markings applied at generation time
71
+
72
+ **Status:** Accepted
73
+ **Date:** 2026-03-08
74
+ **Context:** Federal compliance requirements (NIST 800-53) mandate CUI markings on all generated artifacts at the appropriate impact level.
75
+ **Decision:** CUI markings applied at generation time (inline, not post-processing)
76
+ **Consequences:**
77
+ - All generated artifacts include classification markings from creation.
78
+ - No post-processing step required to add markings.
79
+ - Reduces risk of unmarked artifacts escaping the system.
80
+
81
+ ---
82
+
83
+ ## D6: Audit trail is append-only/immutable
84
+
85
+ **Status:** Accepted
86
+ **Date:** 2026-03-08
87
+ **Context:** Federal compliance requirements (NIST 800-53 AU controls) mandate immutable audit records that cannot be tampered with.
88
+ **Decision:** Audit trail is append-only/immutable (no UPDATE/DELETE -- NIST AU compliance)
89
+ **Consequences:**
90
+ - Historical records cannot be modified or deleted.
91
+ - All audit tables use INSERT only.
92
+ - Satisfies NIST 800-53 AU control family requirements.
93
+
94
+ ---
95
+
96
+ ## D7: Python stdlib xml.etree.ElementTree for XMI/ReqIF parsing
97
+
98
+ **Status:** Accepted
99
+ **Date:** 2026-03-08
100
+ **Context:** The system must operate in air-gapped environments without external dependencies for MBSE model parsing.
101
+ **Decision:** Python stdlib xml.etree.ElementTree for XMI/ReqIF parsing (zero deps, air-gap safe)
102
+ **Consequences:**
103
+ - No external network dependencies required at runtime.
104
+ - Works in air-gapped environments.
105
+ - Limited to stdlib XML capabilities (no lxml advanced features).
106
+
107
+ ---
108
+
109
+ ## D8: Normalized DB tables for model elements
110
+
111
+ **Status:** Accepted
112
+ **Date:** 2026-03-08
113
+ **Context:** Data persistence strategy must support cross-domain queries across the digital thread (models, requirements, code, compliance).
114
+ **Decision:** Normalized DB tables for model elements (enables SQL joins across digital thread)
115
+ **Consequences:**
116
+ - SQL joins enable cross-domain traceability queries.
117
+ - Standard relational patterns for model element storage.
118
+ - All components must conform to this architectural constraint.
119
+
120
+ ---
121
+
122
+ ## D9: M-ATLAS adds Model pre-phase to ATLAS
123
+
124
+ **Status:** Accepted
125
+ **Date:** 2026-03-08
126
+ **Context:** MBSE model import needed integration with the existing ATLAS build workflow without breaking backward compatibility.
127
+ **Decision:** M-ATLAS adds Model pre-phase to ATLAS (backward compatible -- skips if no model)
128
+ **Consequences:**
129
+ - Existing ATLAS workflows continue to work unchanged.
130
+ - Model import is optional and triggered only when SysML/ReqIF files are present.
131
+ - Backward compatible with all existing projects.
132
+
133
+ ---
134
+
135
+ ## D12: N:M digital thread links
136
+
137
+ **Status:** Accepted
138
+ **Date:** 2026-03-08
139
+ **Context:** Traceability between system artifacts requires many-to-many relationships (one block maps to multiple code modules, one control maps to multiple requirements).
140
+ **Decision:** N:M digital thread links (one block -> many code modules; one control -> many requirements)
141
+ **Consequences:**
142
+ - Full many-to-many traceability across artifact types.
143
+ - More complex queries but more accurate coverage reporting.
144
+ - All components must conform to this architectural constraint.
145
+
146
+ ---
147
+
148
+ ## D21: Readiness scoring uses deterministic weighted average
149
+
150
+ **Status:** Accepted
151
+ **Date:** 2026-03-08
152
+ **Context:** Probabilistic behavior in business logic leads to unreliable results across runs. Readiness scores must be reproducible.
153
+ **Decision:** Readiness scoring uses deterministic weighted average (reproducible, not probabilistic)
154
+ **Consequences:**
155
+ - Results are reproducible across runs.
156
+ - Same inputs always produce same readiness score.
157
+ - No LLM involvement in scoring calculation.
158
+
159
+ ---
160
+
161
+ ## D22: Monte Carlo uses Python stdlib random
162
+
163
+ **Status:** Accepted
164
+ **Date:** 2026-03-08
165
+ **Context:** The system must operate in air-gapped environments without external dependencies for simulation capabilities.
166
+ **Decision:** Monte Carlo uses Python stdlib random (zero deps, air-gap safe)
167
+ **Consequences:**
168
+ - No external network dependencies required at runtime.
169
+ - Works in air-gapped environments without numpy/scipy.
170
+ - Seeded runs are reproducible.
171
+
172
+ ---
173
+
174
+ ## D27: Supply chain graph stored as SQL adjacency list
175
+
176
+ **Status:** Accepted
177
+ **Date:** 2026-03-08
178
+ **Context:** Data persistence strategy must support dependency graph traversal without requiring a dedicated graph database.
179
+ **Decision:** Supply chain graph stored as SQL adjacency list (no graph DB needed)
180
+ **Consequences:**
181
+ - No additional database technology required.
182
+ - Standard SQL queries for graph traversal.
183
+ - Pattern reused by metastore (D-CF-23).
184
+
185
+ ---
186
+
187
+ ## D52: Generated child app — grandchild generation disabled
188
+
189
+ **Status:** Accepted
190
+ **Date:** 2026-03-08
191
+ **Context:** This application is a generated child app of ICDEV. Allowing it to generate further child apps would create uncontrolled proliferation.
192
+ **Decision:** This is a generated child app -- grandchild app generation is disabled by design
193
+ **Consequences:**
194
+ - Agentic fitness assessor, app blueprint engine, and child app generator are excluded.
195
+ - Prevents recursive app generation chains.
196
+ - All components must conform to this architectural constraint.
197
+
198
+ ---
199
+
200
+ ## D117: DevSecOps/ZTA Agent with hard veto
201
+
202
+ **Status:** Accepted
203
+ **Date:** 2026-03-08
204
+ **Context:** Security posture must be maintained across all system boundaries. Pipeline configuration and zero trust policy changes are high-risk operations.
205
+ **Decision:** DevSecOps/ZTA Agent with hard veto on pipeline_configuration and zero_trust_policy
206
+ **Consequences:**
207
+ - DevSecOps/ZTA agent can block pipeline and policy changes.
208
+ - Hard veto cannot be overridden by other agents.
209
+ - Ensures security review for all infrastructure changes.
210
+
211
+ ---
212
+
213
+ ## D120: ZTA maturity model uses DoD 7-pillar scoring
214
+
215
+ **Status:** Accepted
216
+ **Date:** 2026-03-08
217
+ **Context:** Zero Trust Architecture maturity must be assessed using the DoD ZTA Strategy framework across all seven pillars.
218
+ **Decision:** ZTA maturity model uses DoD 7-pillar scoring (Traditional -> Advanced -> Optimal)
219
+ **Consequences:**
220
+ - Three maturity levels per pillar: Traditional, Advanced, Optimal.
221
+ - IL4+ systems must achieve Advanced or higher.
222
+ - Aligned with DoD Zero Trust Strategy.
223
+
224
+ ---
225
+
226
+ ## D215: Prompt injection detector uses 5 detection categories
227
+
228
+ **Status:** Accepted
229
+ **Date:** 2026-03-08
230
+ **Context:** Security posture must be maintained across all system boundaries. AI prompt injection is a critical attack vector.
231
+ **Decision:** Prompt injection detector uses 5 detection categories
232
+ **Consequences:**
233
+ - Five distinct detection categories for comprehensive coverage.
234
+ - Gate-mode blocks deployment when injection defense is inactive.
235
+ - All components must conform to this architectural constraint.
236
+
237
+ ---
238
+
239
+ ## D216: AI telemetry hashes prompts/responses with SHA-256
240
+
241
+ **Status:** Accepted
242
+ **Date:** 2026-03-08
243
+ **Context:** AI telemetry must be auditable while preserving privacy of prompt and response content.
244
+ **Decision:** AI telemetry hashes prompts/responses with SHA-256 (privacy-preserving audit)
245
+ **Consequences:**
246
+ - Prompt and response content is never stored in plain text in telemetry.
247
+ - SHA-256 hashes enable tamper detection and deduplication.
248
+ - Satisfies privacy requirements while maintaining audit capability.
249
+
250
+ ---
251
+
252
+ ## D280: Pluggable Tracer ABC
253
+
254
+ **Status:** Accepted
255
+ **Date:** 2026-03-08
256
+ **Context:** Observability must work in both connected (production) and air-gapped environments with a consistent interface.
257
+ **Decision:** Pluggable Tracer ABC: OTelTracer (production), SQLiteTracer (air-gapped), NullTracer (fallback)
258
+ **Consequences:**
259
+ - Three tracer implementations behind a common abstract base class.
260
+ - Environment-appropriate tracing without code changes.
261
+ - NullTracer ensures graceful degradation when no tracing backend is available.
262
+
263
+ ---
264
+
265
+ ## D287: PROV-AGENT provenance in 3 append-only SQLite tables
266
+
267
+ **Status:** Accepted
268
+ **Date:** 2026-03-08
269
+ **Context:** Federal compliance requirements (NIST 800-53) mandate provenance tracking. W3C PROV standard provides interoperability.
270
+ **Decision:** PROV-AGENT provenance in 3 append-only SQLite tables (W3C PROV standard)
271
+ **Consequences:**
272
+ - Historical records cannot be modified or deleted.
273
+ - W3C PROV standard enables interoperability with external provenance systems.
274
+ - Three tables: entities, activities, derivations.
275
+
276
+ ---
277
+
278
+ ## D331: Code quality metrics are read-only, advisory-only
279
+
280
+ **Status:** Accepted
281
+ **Date:** 2026-03-08
282
+ **Context:** Code intelligence tools must never modify source files to prevent unintended side effects during analysis.
283
+ **Decision:** Code quality metrics are read-only, advisory-only -- never modifies source files
284
+ **Consequences:**
285
+ - Analysis tools only read source files, never write to them.
286
+ - Metrics are advisory and do not enforce changes.
287
+ - Safe to run in any environment without risk of code modification.
288
+
289
+ ---