PyPI - icdev - Versions diffs - 1.0.0__py3-none-any.whl - Mend

icdev 1.0.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1105) hide show

icdev/__init__.py +18 -0
icdev/_paths.py +85 -0
icdev/_version.py +3 -0
icdev/data/__init__.py +1 -0
icdev/data/args/__init__.py +1 -0
icdev/data/args/agent_authority.yaml +61 -0
icdev/data/args/agent_config.yaml +355 -0
icdev/data/args/agentic_fitness.yaml +31 -0
icdev/data/args/ai_governance_config.yaml +137 -0
icdev/data/args/atlas_critique_config.yaml +66 -0
icdev/data/args/bedrock_models.yaml +63 -0
icdev/data/args/cicd_config.yaml +82 -0
icdev/data/args/classification_config.yaml +232 -0
icdev/data/args/cli_config.yaml +154 -0
icdev/data/args/cloud_config.yaml +63 -0
icdev/data/args/code_pattern_config.yaml +151 -0
icdev/data/args/code_quality_config.yaml +47 -0
icdev/data/args/companion_registry.yaml +202 -0
icdev/data/args/context_config.yaml +82 -0
icdev/data/args/csp_monitor_config.yaml +268 -0
icdev/data/args/cui_markings.yaml +35 -0
icdev/data/args/db_config.yaml +40 -0
icdev/data/args/deployment_profiles.yaml +248 -0
icdev/data/args/dev_profile_config.yaml +144 -0
icdev/data/args/devsecops_config.yaml +286 -0
icdev/data/args/endpoint_security_config.yaml +137 -0
icdev/data/args/extension_config.yaml +79 -0
icdev/data/args/file_access_tiers.yaml +88 -0
icdev/data/args/framework_registry.yaml +415 -0
icdev/data/args/innovation_config.yaml +431 -0
icdev/data/args/installation_manifest.yaml +1087 -0
icdev/data/args/llm_config.yaml +495 -0
icdev/data/args/maintenance_config.yaml +55 -0
icdev/data/args/memory_config.yaml +83 -0
icdev/data/args/monitoring_config.yaml +127 -0
icdev/data/args/mosa_config.yaml +190 -0
icdev/data/args/nlq_config.yaml +35 -0
icdev/data/args/observability_config.yaml +39 -0
icdev/data/args/observability_tracing_config.yaml +170 -0
icdev/data/args/oscal_tools_config.yaml +43 -0
icdev/data/args/owasp_agentic_config.yaml +171 -0
icdev/data/args/phase_registry.yaml +618 -0
icdev/data/args/project_defaults.yaml +235 -0
icdev/data/args/prompt_chains.yaml +163 -0
icdev/data/args/resilience_config.yaml +50 -0
icdev/data/args/ricoas_config.yaml +191 -0
icdev/data/args/role_personas.yaml +362 -0
icdev/data/args/scaling_config.yaml +176 -0
icdev/data/args/security_gates.yaml +685 -0
icdev/data/args/skill_injection_config.yaml +322 -0
icdev/data/args/spec_config.yaml +53 -0
icdev/data/args/supply_chain_config.yaml +76 -0
icdev/data/args/translation_config.yaml +228 -0
icdev/data/args/workflow_templates/ato_acceleration.yaml +54 -0
icdev/data/args/workflow_templates/build_deploy.yaml +63 -0
icdev/data/args/workflow_templates/full_compliance.yaml +43 -0
icdev/data/args/workflow_templates/security_hardening.yaml +55 -0
icdev/data/args/worktree_config.yaml +34 -0
icdev/data/args/zta_config.yaml +247 -0
icdev/data/context/__init__.py +1 -0
icdev/data/context/agent/__init__.py +1 -0
icdev/data/context/agent/response_schemas/__init__.py +1 -0
icdev/data/context/agent/response_schemas/debate_position.json +46 -0
icdev/data/context/agent/response_schemas/fitness_scorecard.json +74 -0
icdev/data/context/agent/response_schemas/review_decision.json +39 -0
icdev/data/context/agent/response_schemas/task_decomposition.json +82 -0
icdev/data/context/agent/response_schemas/veto_decision.json +40 -0
icdev/data/context/agentic/__init__.py +1 -0
icdev/data/context/agentic/architecture_patterns.md +269 -0
icdev/data/context/agentic/capability_registry.yaml +202 -0
icdev/data/context/agentic/csp_mcp_registry.yaml +280 -0
icdev/data/context/agentic/fitness_rubric.md +56 -0
icdev/data/context/agentic/governance_baseline.md +205 -0
icdev/data/context/ci/__init__.py +1 -0
icdev/data/context/ci/worktree_templates.json +44 -0
icdev/data/context/cloud/__init__.py +1 -0
icdev/data/context/cloud/csp_service_registry.json +739 -0
icdev/data/context/compliance/__init__.py +1 -0
icdev/data/context/compliance/atlas_mitigations.json +293 -0
icdev/data/context/compliance/atlas_techniques.json +833 -0
icdev/data/context/compliance/cisa_sbd_requirements.json +432 -0
icdev/data/context/compliance/cjis_security_policy.json +522 -0
icdev/data/context/compliance/cmmc_practices.json +2494 -0
icdev/data/context/compliance/cmmc_report_template.md +142 -0
icdev/data/context/compliance/cnssi_1253_overlay.json +109 -0
icdev/data/context/compliance/control_crosswalk.json +1914 -0
icdev/data/context/compliance/control_families/__init__.py +1 -0
icdev/data/context/compliance/csp_certifications.json +251 -0
icdev/data/context/compliance/cssp_report_template.md +193 -0
icdev/data/context/compliance/cui_templates/__init__.py +1 -0
icdev/data/context/compliance/cui_templates/banner_block.txt +4 -0
icdev/data/context/compliance/cui_templates/code_header.txt +8 -0
icdev/data/context/compliance/cui_templates/document_template.md +35 -0
icdev/data/context/compliance/data_type_framework_map.json +321 -0
icdev/data/context/compliance/data_type_registry.json +147 -0
icdev/data/context/compliance/dod_cssp_8530.json +463 -0
icdev/data/context/compliance/eu_ai_act_annex_iii.json +108 -0
icdev/data/context/compliance/export_templates/__init__.py +1 -0
icdev/data/context/compliance/export_templates/emass_controls.csv.j2 +4 -0
icdev/data/context/compliance/export_templates/evidence_package.md.j2 +39 -0
icdev/data/context/compliance/export_templates/executive_summary.md.j2 +55 -0
icdev/data/context/compliance/export_templates/poam_tracking.csv.j2 +4 -0
icdev/data/context/compliance/fedramp_20x_ksi_schemas.json +133 -0
icdev/data/context/compliance/fedramp_high_baseline.json +4370 -0
icdev/data/context/compliance/fedramp_moderate_baseline.json +2183 -0
icdev/data/context/compliance/fedramp_report_template.md +181 -0
icdev/data/context/compliance/fips_200_areas.json +362 -0
icdev/data/context/compliance/gao_ai_accountability.json +262 -0
icdev/data/context/compliance/hipaa_security_rule.json +720 -0
icdev/data/context/compliance/hitrust_csf_v11.json +930 -0
icdev/data/context/compliance/impact_level_profiles.json +251 -0
icdev/data/context/compliance/incident_response_template.md +1110 -0
icdev/data/context/compliance/iso27001_2022_controls.json +750 -0
icdev/data/context/compliance/iso27001_nist_bridge.json +382 -0
icdev/data/context/compliance/iso42001_controls.json +254 -0
icdev/data/context/compliance/ivv_checklist_template.md +80 -0
icdev/data/context/compliance/ivv_report_template.md +116 -0
icdev/data/context/compliance/ivv_requirements.json +372 -0
icdev/data/context/compliance/mosa_crosswalk.json +327 -0
icdev/data/context/compliance/mosa_framework.json +250 -0
icdev/data/context/compliance/narrative_templates/AC.md.j2 +101 -0
icdev/data/context/compliance/narrative_templates/AU.md.j2 +106 -0
icdev/data/context/compliance/narrative_templates/IA.md.j2 +104 -0
icdev/data/context/compliance/narrative_templates/SC.md.j2 +102 -0
icdev/data/context/compliance/narrative_templates/SI.md.j2 +111 -0
icdev/data/context/compliance/narrative_templates/__init__.py +1 -0
icdev/data/context/compliance/narrative_templates/default.md.j2 +50 -0
icdev/data/context/compliance/narrative_templates/executive_summary.j2 +27 -0
icdev/data/context/compliance/narrative_templates/poam_milestone.j2 +19 -0
icdev/data/context/compliance/narrative_templates/ssp_section.j2 +11 -0
icdev/data/context/compliance/nist_800_171_controls.json +1552 -0
icdev/data/context/compliance/nist_800_207_crosswalk.json +399 -0
icdev/data/context/compliance/nist_800_207_zta.json +258 -0
icdev/data/context/compliance/nist_800_53.json +324 -0
icdev/data/context/compliance/nist_ai_600_1_genai.json +326 -0
icdev/data/context/compliance/nist_ai_rmf.json +206 -0
icdev/data/context/compliance/nist_sp_800_60_types.json +1667 -0
icdev/data/context/compliance/omb_m25_21_high_impact_ai.json +248 -0
icdev/data/context/compliance/omb_m26_04_unbiased_ai.json +262 -0
icdev/data/context/compliance/owasp_agentic_asi.json +133 -0
icdev/data/context/compliance/owasp_agentic_threats.json +285 -0
icdev/data/context/compliance/owasp_llm_top10.json +274 -0
icdev/data/context/compliance/pci_dss_v4.json +510 -0
icdev/data/context/compliance/poam_template.md +117 -0
icdev/data/context/compliance/safeai_controls.json +512 -0
icdev/data/context/compliance/sbd_report_template.md +77 -0
icdev/data/context/compliance/siem_config_templates/__init__.py +1 -0
icdev/data/context/compliance/siem_config_templates/filebeat.yml +213 -0
icdev/data/context/compliance/siem_config_templates/log_sources.json +208 -0
icdev/data/context/compliance/soc2_trust_criteria.json +661 -0
icdev/data/context/compliance/ssp_template.md +432 -0
icdev/data/context/compliance/stig_templates/__init__.py +1 -0
icdev/data/context/compliance/stig_templates/webapp_stig.json +139 -0
icdev/data/context/compliance/xai_requirements.json +108 -0
icdev/data/context/dashboard/__init__.py +1 -0
icdev/data/context/dashboard/nlq_examples.json +50 -0
icdev/data/context/dashboard/schema_descriptions.json +23 -0
icdev/data/context/integration/__init__.py +1 -0
icdev/data/context/integration/approval_workflows.json +32 -0
icdev/data/context/integration/gitlab_field_mappings.json +33 -0
icdev/data/context/integration/jira_field_mappings.json +32 -0
icdev/data/context/integration/reqif_export_schema.json +23 -0
icdev/data/context/integration/servicenow_field_mappings.json +22 -0
icdev/data/context/languages/__init__.py +1 -0
icdev/data/context/languages/framework_patterns.json +205 -0
icdev/data/context/languages/language_registry.json +279 -0
icdev/data/context/llm/__init__.py +1 -0
icdev/data/context/llm/example_provider.py +86 -0
icdev/data/context/mbse/__init__.py +1 -0
icdev/data/context/mbse/des_report_template.md +162 -0
icdev/data/context/mbse/des_requirements.json +411 -0
icdev/data/context/mbse/digital_thread_patterns.json +403 -0
icdev/data/context/mbse/reqif_schema.json +280 -0
icdev/data/context/mbse/sysml_element_types.json +432 -0
icdev/data/context/modernization/__init__.py +1 -0
icdev/data/context/modernization/db_type_mappings.json +148 -0
icdev/data/context/modernization/decomposition_patterns.json +284 -0
icdev/data/context/modernization/framework_migration_patterns.json +359 -0
icdev/data/context/modernization/migration_report_template.md +168 -0
icdev/data/context/modernization/seven_rs_catalog.json +369 -0
icdev/data/context/modernization/version_upgrade_rules.json +279 -0
icdev/data/context/oscal/NIST_SP-800-53_rev5_catalog.json +254987 -0
icdev/data/context/oscal/README.md +43 -0
icdev/data/context/patterns/__init__.py +1 -0
icdev/data/context/profiles/__init__.py +1 -0
icdev/data/context/profiles/dod_baseline_v1.yaml +145 -0
icdev/data/context/profiles/fedramp_baseline_v1.yaml +143 -0
icdev/data/context/profiles/financial_baseline_v1.yaml +142 -0
icdev/data/context/profiles/healthcare_baseline_v1.yaml +135 -0
icdev/data/context/profiles/law_enforcement_v1.yaml +129 -0
icdev/data/context/profiles/startup_v1.yaml +134 -0
icdev/data/context/requirements/__init__.py +1 -0
icdev/data/context/requirements/ambiguity_patterns.json +97 -0
icdev/data/context/requirements/boundary_impact_rules.json +123 -0
icdev/data/context/requirements/default_constitutions.json +67 -0
icdev/data/context/requirements/document_extraction_rules.json +58 -0
icdev/data/context/requirements/gap_patterns.json +108 -0
icdev/data/context/requirements/readiness_rubric.json +78 -0
icdev/data/context/requirements/red_alternative_patterns.json +210 -0
icdev/data/context/requirements/safe_templates.json +72 -0
icdev/data/context/requirements/spec_quality_checklist.json +122 -0
icdev/data/context/simulation/__init__.py +1 -0
icdev/data/context/simulation/architecture_patterns.json +36 -0
icdev/data/context/simulation/coa_templates.json +38 -0
icdev/data/context/simulation/cost_models.json +23 -0
icdev/data/context/simulation/risk_categories.json +46 -0
icdev/data/context/supply_chain/__init__.py +1 -0
icdev/data/context/supply_chain/isa_templates.json +129 -0
icdev/data/context/supply_chain/nist_800_161_controls.json +247 -0
icdev/data/context/supply_chain/scrm_risk_matrix.json +147 -0
icdev/data/context/templates/__init__.py +1 -0
icdev/data/context/templates/ansible/__init__.py +1 -0
icdev/data/context/templates/ansible/playbooks/__init__.py +1 -0
icdev/data/context/templates/ansible/roles/__init__.py +1 -0
icdev/data/context/templates/gitlab_ci/__init__.py +1 -0
icdev/data/context/templates/grafana/__init__.py +1 -0
icdev/data/context/templates/kubernetes/__init__.py +1 -0
icdev/data/context/templates/project/__init__.py +1 -0
icdev/data/context/templates/project/api/__init__.py +1 -0
icdev/data/context/templates/project/cli/__init__.py +1 -0
icdev/data/context/templates/project/data_pipeline/__init__.py +1 -0
icdev/data/context/templates/project/iac/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/src/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/tests/__init__.py +1 -0
icdev/data/context/templates/project/microservice/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/src/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/features/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/steps/__init__.py +1 -0
icdev/data/context/templates/terraform/__init__.py +1 -0
icdev/data/context/templates/terraform/govcloud_base/__init__.py +1 -0
icdev/data/context/templates/terraform/modules/__init__.py +1 -0
icdev/data/context/tone/__init__.py +1 -0
icdev/data/context/translation/dependency_mappings.json +186 -0
icdev/data/context/translation/type_mappings.json +149 -0
icdev/data/docs/README.md +187 -0
icdev/data/docs/__init__.py +1 -0
icdev/data/docs/admin/gateway-guide.md +338 -0
icdev/data/docs/admin/marketplace-guide.md +396 -0
icdev/data/docs/admin/monitoring-guide.md +509 -0
icdev/data/docs/architecture/compliance-framework.md +764 -0
icdev/data/docs/architecture/database-schema.md +689 -0
icdev/data/docs/architecture/gotcha-framework.md +518 -0
icdev/data/docs/architecture/multi-agent-system.md +603 -0
icdev/data/docs/dx/README.md +106 -0
icdev/data/docs/dx/__init__.py +1 -0
icdev/data/docs/dx/ci-cd-integration.md +378 -0
icdev/data/docs/dx/claude-code-guide.md +213 -0
icdev/data/docs/dx/companion-guide.md +232 -0
icdev/data/docs/dx/dev-profiles.md +309 -0
icdev/data/docs/dx/icdev-yaml-spec.md +219 -0
icdev/data/docs/dx/integration-tiers.md +279 -0
icdev/data/docs/dx/llm-routing-guide.md +456 -0
icdev/data/docs/dx/quickstart.md +192 -0
icdev/data/docs/dx/sdk-reference.md +356 -0
icdev/data/docs/dx/unified-mcp-setup.md +525 -0
icdev/data/docs/features/__init__.py +1 -0
icdev/data/docs/features/phase-01-gotcha-framework.md +249 -0
icdev/data/docs/features/phase-02-atlas-build-workflow.md +223 -0
icdev/data/docs/features/phase-03-tdd-bdd-testing.md +261 -0
icdev/data/docs/features/phase-04-nist-compliance.md +255 -0
icdev/data/docs/features/phase-05-security-scanning.md +229 -0
icdev/data/docs/features/phase-06-infrastructure-deployment.md +288 -0
icdev/data/docs/features/phase-07-code-review-gates.md +276 -0
icdev/data/docs/features/phase-08-self-healing.md +223 -0
icdev/data/docs/features/phase-09-monitoring-observability.md +230 -0
icdev/data/docs/features/phase-10-dashboard-web-ui.md +218 -0
icdev/data/docs/features/phase-11-multi-agent-architecture.md +272 -0
icdev/data/docs/features/phase-12-integration-testing.md +228 -0
icdev/data/docs/features/phase-13-cicd-integration.md +257 -0
icdev/data/docs/features/phase-14-secure-by-design-ivv.md +240 -0
icdev/data/docs/features/phase-15-maintenance-audit.md +192 -0
icdev/data/docs/features/phase-16-ato-acceleration.md +228 -0
icdev/data/docs/features/phase-17-multi-framework-compliance.md +223 -0
icdev/data/docs/features/phase-18-mbse-integration.md +242 -0
icdev/data/docs/features/phase-19-agentic-generation.md +202 -0
icdev/data/docs/features/phase-20-fips-security-categorization.md +198 -0
icdev/data/docs/features/phase-21-saas-multi-tenancy.md +273 -0
icdev/data/docs/features/phase-22-federated-gotcha-marketplace.md +242 -0
icdev/data/docs/features/phase-23-universal-compliance-platform.md +238 -0
icdev/data/docs/features/phase-24-devsecops-pipeline-security.md +198 -0
icdev/data/docs/features/phase-25-zero-trust-architecture.md +220 -0
icdev/data/docs/features/phase-26-dod-mosa.md +205 -0
icdev/data/docs/features/phase-27-cli-capabilities.md +222 -0
icdev/data/docs/features/phase-28-remote-command-gateway.md +235 -0
icdev/data/docs/features/phase-29-proactive-monitoring.md +212 -0
icdev/data/docs/features/phase-30-dashboard-auth.md +215 -0
icdev/data/docs/features/phase-31-dashboard-ux-low-impact.md +188 -0
icdev/data/docs/features/phase-32-dashboard-ux-medium-impact.md +223 -0
icdev/data/docs/features/phase-33-modular-installation.md +218 -0
icdev/data/docs/features/phase-34-dev-profiles.md +239 -0
icdev/data/docs/features/phase-35-innovation-engine.md +257 -0
icdev/data/docs/features/phase-36-evolutionary-intelligence.md +351 -0
icdev/data/docs/features/phase-37-mitre-atlas-integration.md +485 -0
icdev/data/docs/features/phase-38-cloud-agnostic-architecture.md +1033 -0
icdev/data/docs/features/phase-39-observability-operations.md +178 -0
icdev/data/docs/features/phase-40-nlq-compliance-queries.md +176 -0
icdev/data/docs/features/phase-41-parallel-cicd.md +169 -0
icdev/data/docs/features/phase-42-framework-planning.md +177 -0
icdev/data/docs/features/phase-43-cross-language-translation.md +225 -0
icdev/data/docs/features/phase-44-innovation-adaptation.md +227 -0
icdev/data/docs/features/phase-45-owasp-agentic-security.md +239 -0
icdev/data/docs/features/phase-46-observability-traceability-xai.md +240 -0
icdev/data/docs/features/phase-47-unified-mcp-gateway.md +257 -0
icdev/data/docs/features/phase-48-ai-transparency.md +203 -0
icdev/data/docs/features/phase-49-ai-accountability.md +243 -0
icdev/data/docs/features/phase-50-ai-governance-intake-chat.md +195 -0
icdev/data/docs/features/phase-51-unified-chat-dashboard.md +240 -0
icdev/data/docs/features/phase-52-code-intelligence.md +244 -0
icdev/data/docs/features/phase-53-fedramp-20x-owasp-asi.md +359 -0
icdev/data/docs/features/phase-54-slsa-swft-orchestration.md +379 -0
icdev/data/docs/features/phase-55-a2a-v03-mcp-oauth.md +322 -0
icdev/data/docs/features/phase-56-evidence-lineage.md +352 -0
icdev/data/docs/features/phase-57-eu-ai-act-iron-bank.md +319 -0
icdev/data/docs/features/phase-58-creative-engine.md +370 -0
icdev/data/docs/features/phase-59-govcon-intelligence.md +535 -0
icdev/data/docs/features/phase-60-cpmp.md +528 -0
icdev/data/docs/features/phase-61-orchestration-improvements.md +534 -0
icdev/data/docs/operations/dashboard-guide.md +354 -0
icdev/data/docs/operations/deployment-guide.md +556 -0
icdev/data/docs/operations/saas-admin-guide.md +439 -0
icdev/data/docs/operations/security-operations-guide.md +733 -0
icdev/data/docs/runbooks/backup-restore.md +412 -0
icdev/data/docs/runbooks/troubleshooting.md +499 -0
icdev/data/features/__init__.py +1 -0
icdev/data/features/cicd_integration.feature +41 -0
icdev/data/features/compliance_gates.feature +46 -0
icdev/data/features/dashboard.feature +72 -0
icdev/data/features/environment.py +25 -0
icdev/data/features/project_management.feature +32 -0
icdev/data/features/requirements_intake.feature +42 -0
icdev/data/features/saas_platform.feature +53 -0
icdev/data/features/security_scanning.feature +36 -0
icdev/data/features/steps/__init__.py +1 -0
icdev/data/features/steps/cicd_steps.py +465 -0
icdev/data/features/steps/compliance_steps.py +308 -0
icdev/data/features/steps/dashboard_steps.py +88 -0
icdev/data/features/steps/project_steps.py +126 -0
icdev/data/features/steps/requirements_intake_steps.py +689 -0
icdev/data/features/steps/saas_platform_steps.py +572 -0
icdev/data/features/steps/security_steps.py +236 -0
icdev/data/features/steps/testing_steps.py +226 -0
icdev/data/features/testing_pipeline.feature +42 -0
icdev/data/goals/__init__.py +1 -0
icdev/data/goals/agent_management.md +144 -0
icdev/data/goals/agentic_generation.md +345 -0
icdev/data/goals/agentic_threat_model.md +309 -0
icdev/data/goals/ai_accountability.md +90 -0
icdev/data/goals/ai_governance_intake.md +132 -0
icdev/data/goals/ai_transparency.md +76 -0
icdev/data/goals/atlas_integration.md +405 -0
icdev/data/goals/ato_acceleration.md +139 -0
icdev/data/goals/boundary_supply_chain.md +206 -0
icdev/data/goals/build_app.md +544 -0
icdev/data/goals/cicd_integration.md +86 -0
icdev/data/goals/claude_dir_maintenance.md +77 -0
icdev/data/goals/cli_capabilities.md +340 -0
icdev/data/goals/cloud_agnostic.md +312 -0
icdev/data/goals/code_intelligence.md +197 -0
icdev/data/goals/code_review.md +94 -0
icdev/data/goals/compliance_workflow.md +858 -0
icdev/data/goals/continuous_harmonization.md +140 -0
icdev/data/goals/cross_language_translation.md +171 -0
icdev/data/goals/dashboard.md +142 -0
icdev/data/goals/deploy_workflow.md +390 -0
icdev/data/goals/devsecops_workflow.md +408 -0
icdev/data/goals/evolutionary_intelligence.md +305 -0
icdev/data/goals/external_integration.md +113 -0
icdev/data/goals/framework_planning.md +63 -0
icdev/data/goals/init_project.md +235 -0
icdev/data/goals/innovation_engine.md +199 -0
icdev/data/goals/integration_testing.md +189 -0
icdev/data/goals/maintenance_audit.md +196 -0
icdev/data/goals/manifest.md +56 -0
icdev/data/goals/mbse_integration.md +504 -0
icdev/data/goals/modernization_workflow.md +618 -0
icdev/data/goals/monitoring.md +126 -0
icdev/data/goals/mosa_workflow.md +463 -0
icdev/data/goals/multi_agent_orchestration.md +68 -0
icdev/data/goals/nlq_compliance.md +63 -0
icdev/data/goals/observability.md +64 -0
icdev/data/goals/observability_traceability_xai.md +154 -0
icdev/data/goals/owasp_agentic_security.md +395 -0
icdev/data/goals/parallel_cicd.md +61 -0
icdev/data/goals/requirements_intake.md +213 -0
icdev/data/goals/sbd_ivv_workflow.md +195 -0
icdev/data/goals/security_categorization.md +133 -0
icdev/data/goals/security_scan.md +381 -0
icdev/data/goals/self_healing.md +120 -0
icdev/data/goals/simulation_engine.md +111 -0
icdev/data/goals/tdd_workflow.md +403 -0
icdev/data/goals/zero_trust_architecture.md +403 -0
icdev/data/hardprompts/__init__.py +1 -0
icdev/data/hardprompts/agent/__init__.py +1 -0
icdev/data/hardprompts/agent/agentic_architect.md +100 -0
icdev/data/hardprompts/agent/debate_prompt.md +32 -0
icdev/data/hardprompts/agent/fitness_evaluation.md +48 -0
icdev/data/hardprompts/agent/governance_review.md +214 -0
icdev/data/hardprompts/agent/reviewer_prompt.md +34 -0
icdev/data/hardprompts/agent/skill_design.md +172 -0
icdev/data/hardprompts/agent/task_decomposition.md +275 -0
icdev/data/hardprompts/agent/veto_check_prompt.md +33 -0
icdev/data/hardprompts/architect/__init__.py +1 -0
icdev/data/hardprompts/architect/api_design.md +283 -0
icdev/data/hardprompts/architect/data_model.md +277 -0
icdev/data/hardprompts/architect/system_design.md +180 -0
icdev/data/hardprompts/builder/__init__.py +1 -0
icdev/data/hardprompts/builder/code_generation.md +59 -0
icdev/data/hardprompts/builder/refactor.md +58 -0
icdev/data/hardprompts/builder/scaffold_project.md +69 -0
icdev/data/hardprompts/builder/test_generation.md +87 -0
icdev/data/hardprompts/ci/__init__.py +1 -0
icdev/data/hardprompts/ci/worktree_setup.md +35 -0
icdev/data/hardprompts/compliance/__init__.py +1 -0
icdev/data/hardprompts/compliance/cmmc_assessment.md +63 -0
icdev/data/hardprompts/compliance/cssp_assessment.md +75 -0
icdev/data/hardprompts/compliance/cui_marking.md +86 -0
icdev/data/hardprompts/compliance/fedramp_assessment.md +55 -0
icdev/data/hardprompts/compliance/ivv_assessment.md +96 -0
icdev/data/hardprompts/compliance/poam_generation.md +57 -0
icdev/data/hardprompts/compliance/sbd_assessment.md +101 -0
icdev/data/hardprompts/compliance/security_categorization.md +74 -0
icdev/data/hardprompts/compliance/ssp_generation.md +56 -0
icdev/data/hardprompts/compliance/stig_evaluation.md +63 -0
icdev/data/hardprompts/dashboard/__init__.py +1 -0
icdev/data/hardprompts/dashboard/nlq_system_prompt.md +26 -0
icdev/data/hardprompts/infra/__init__.py +1 -0
icdev/data/hardprompts/infra/k8s_manifests.md +118 -0
icdev/data/hardprompts/infra/pipeline_generation.md +160 -0
icdev/data/hardprompts/infra/terraform_generation.md +92 -0
icdev/data/hardprompts/integration/__init__.py +1 -0
icdev/data/hardprompts/integration/approval_review.md +17 -0
icdev/data/hardprompts/integration/jira_mapping.md +25 -0
icdev/data/hardprompts/integration/servicenow_mapping.md +14 -0
icdev/data/hardprompts/knowledge/__init__.py +1 -0
icdev/data/hardprompts/knowledge/pattern_detection.md +73 -0
icdev/data/hardprompts/knowledge/recommendation_engine.md +90 -0
icdev/data/hardprompts/knowledge/root_cause_analysis.md +91 -0
icdev/data/hardprompts/maintenance/__init__.py +1 -0
icdev/data/hardprompts/maintenance/maintenance_assessment.md +82 -0
icdev/data/hardprompts/mbse/__init__.py +1 -0
icdev/data/hardprompts/mbse/digital_thread.md +67 -0
icdev/data/hardprompts/mbse/model_import.md +62 -0
icdev/data/hardprompts/mbse/model_to_code.md +65 -0
icdev/data/hardprompts/modernization/__init__.py +1 -0
icdev/data/hardprompts/modernization/legacy_analysis.md +93 -0
icdev/data/hardprompts/modernization/migration_planning.md +150 -0
icdev/data/hardprompts/modernization/seven_r_assessment.md +107 -0
icdev/data/hardprompts/requirements/__init__.py +1 -0
icdev/data/hardprompts/requirements/bdd_generation.md +35 -0
icdev/data/hardprompts/requirements/clarification_prioritization.md +29 -0
icdev/data/hardprompts/requirements/decomposition.md +60 -0
icdev/data/hardprompts/requirements/document_extraction.md +45 -0
icdev/data/hardprompts/requirements/gap_detection.md +70 -0
icdev/data/hardprompts/requirements/intake_conversation.md +101 -0
icdev/data/hardprompts/requirements/readiness_assessment.md +39 -0
icdev/data/hardprompts/requirements/spec_quality.md +33 -0
icdev/data/hardprompts/requirements/traceability_analysis.md +23 -0
icdev/data/hardprompts/security/__init__.py +1 -0
icdev/data/hardprompts/security/endpoint_security.md +78 -0
icdev/data/hardprompts/security/threat_model.md +70 -0
icdev/data/hardprompts/security/vulnerability_assessment.md +81 -0
icdev/data/hardprompts/simulation/__init__.py +1 -0
icdev/data/hardprompts/simulation/architecture_impact.md +27 -0
icdev/data/hardprompts/simulation/coa_alternative.md +27 -0
icdev/data/hardprompts/simulation/coa_generation.md +25 -0
icdev/data/hardprompts/simulation/compliance_impact.md +28 -0
icdev/data/hardprompts/simulation/cost_estimation.md +33 -0
icdev/data/hardprompts/simulation/risk_assessment.md +28 -0
icdev/data/hardprompts/translation/code_translation.md +68 -0
icdev/data/hardprompts/translation/dependency_suggestion.md +44 -0
icdev/data/hardprompts/translation/test_translation.md +64 -0
icdev/data/hardprompts/translation/translation_repair.md +59 -0
icdev/py.typed +0 -0
icdev/tools/__init__.py +1 -0
icdev/tools/_gen_formatter.py +12 -0
icdev/tools/a2a/__init__.py +1 -0
icdev/tools/a2a/agent_cards/architect.json +43 -0
icdev/tools/a2a/agent_cards/builder.json +50 -0
icdev/tools/a2a/agent_cards/compliance.json +57 -0
icdev/tools/a2a/agent_cards/devsecops.json +71 -0
icdev/tools/a2a/agent_cards/infra.json +57 -0
icdev/tools/a2a/agent_cards/integration.json +57 -0
icdev/tools/a2a/agent_cards/knowledge.json +43 -0
icdev/tools/a2a/agent_cards/mbse.json +57 -0
icdev/tools/a2a/agent_cards/modernization.json +50 -0
icdev/tools/a2a/agent_cards/monitor.json +43 -0
icdev/tools/a2a/agent_cards/orchestrator.json +36 -0
icdev/tools/a2a/agent_cards/requirements_analyst.json +64 -0
icdev/tools/a2a/agent_cards/security.json +50 -0
icdev/tools/a2a/agent_cards/simulation.json +57 -0
icdev/tools/a2a/agent_cards/supply_chain.json +50 -0
icdev/tools/a2a/agent_client.py +349 -0
icdev/tools/a2a/agent_registry.py +412 -0
icdev/tools/a2a/agent_server.py +579 -0
icdev/tools/a2a/task.py +200 -0
icdev/tools/agent/__init__.py +2 -0
icdev/tools/agent/a2a_agent_card_generator.py +285 -0
icdev/tools/agent/a2a_discovery_server.py +250 -0
icdev/tools/agent/agent_executor.py +529 -0
icdev/tools/agent/agent_memory.py +557 -0
icdev/tools/agent/agent_models.py +51 -0
icdev/tools/agent/atlas_critique.py +908 -0
icdev/tools/agent/authority.py +443 -0
icdev/tools/agent/bedrock_client.py +1075 -0
icdev/tools/agent/collaboration.py +871 -0
icdev/tools/agent/dispatcher_mode.py +665 -0
icdev/tools/agent/mailbox.py +575 -0
icdev/tools/agent/prompt_chain_executor.py +1064 -0
icdev/tools/agent/session_purpose.py +350 -0
icdev/tools/agent/skill_router.py +638 -0
icdev/tools/agent/skill_selector.py +486 -0
icdev/tools/agent/team_orchestrator.py +1108 -0
icdev/tools/agent/token_tracker.py +290 -0
icdev/tools/analysis/__init__.py +1 -0
icdev/tools/analysis/code_analyzer.py +780 -0
icdev/tools/analysis/runtime_feedback.py +389 -0
icdev/tools/audit/__init__.py +1 -0
icdev/tools/audit/audit_logger.py +196 -0
icdev/tools/audit/audit_query.py +157 -0
icdev/tools/audit/decision_recorder.py +72 -0
icdev/tools/builder/__init__.py +1 -0
icdev/tools/builder/agentic_fitness.py +534 -0
icdev/tools/builder/agentic_test_templates/test_a2a_callback.py +117 -0
icdev/tools/builder/agentic_test_templates/test_a2a_lifecycle.feature +52 -0
icdev/tools/builder/agentic_test_templates/test_agent_card.feature +37 -0
icdev/tools/builder/agentic_test_templates/test_agent_health.py +128 -0
icdev/tools/builder/agentic_test_templates/test_memory_system.feature +50 -0
icdev/tools/builder/agentic_test_templates/test_skill_execution.feature +40 -0
icdev/tools/builder/app_blueprint.py +1583 -0
icdev/tools/builder/child_app_generator.py +2852 -0
icdev/tools/builder/claude_md_generator.py +1734 -0
icdev/tools/builder/code_generator.py +3703 -0
icdev/tools/builder/db_init_generator.py +1709 -0
icdev/tools/builder/dev_profile_manager.py +954 -0
icdev/tools/builder/formatter.py +768 -0
icdev/tools/builder/goal_adapter.py +592 -0
icdev/tools/builder/gotcha_validator.py +812 -0
icdev/tools/builder/language_support.py +441 -0
icdev/tools/builder/linter.py +976 -0
icdev/tools/builder/profile_detector.py +657 -0
icdev/tools/builder/profile_md_generator.py +723 -0
icdev/tools/builder/scaffolder.py +1590 -0
icdev/tools/builder/scaffolder_extended.py +1771 -0
icdev/tools/builder/test_writer.py +950 -0
icdev/tools/ci/__init__.py +2 -0
icdev/tools/ci/connectors/__init__.py +2 -0
icdev/tools/ci/connectors/base_connector.py +80 -0
icdev/tools/ci/connectors/connector_registry.py +188 -0
icdev/tools/ci/connectors/mattermost_connector.py +159 -0
icdev/tools/ci/connectors/slack_connector.py +197 -0
icdev/tools/ci/core/__init__.py +2 -0
icdev/tools/ci/core/air_gap_detector.py +115 -0
icdev/tools/ci/core/comment_handler.py +192 -0
icdev/tools/ci/core/conversation_manager.py +479 -0
icdev/tools/ci/core/event_envelope.py +500 -0
icdev/tools/ci/core/event_router.py +443 -0
icdev/tools/ci/core/failure_parser.py +397 -0
icdev/tools/ci/core/recovery_engine.py +527 -0
icdev/tools/ci/modules/__init__.py +2 -0
icdev/tools/ci/modules/agent.py +271 -0
icdev/tools/ci/modules/git_ops.py +175 -0
icdev/tools/ci/modules/state.py +117 -0
icdev/tools/ci/modules/vcs.py +303 -0
icdev/tools/ci/modules/workflow_ops.py +295 -0
icdev/tools/ci/modules/worktree.py +340 -0
icdev/tools/ci/pipeline_config_generator.py +558 -0
icdev/tools/ci/triggers/__init__.py +2 -0
icdev/tools/ci/triggers/gitlab_task_monitor.py +330 -0
icdev/tools/ci/triggers/poll_trigger.py +237 -0
icdev/tools/ci/triggers/webhook_server.py +356 -0
icdev/tools/ci/workflows/__init__.py +2 -0
icdev/tools/ci/workflows/icdev_build.py +140 -0
icdev/tools/ci/workflows/icdev_comply.py +284 -0
icdev/tools/ci/workflows/icdev_document.py +152 -0
icdev/tools/ci/workflows/icdev_e2e.py +188 -0
icdev/tools/ci/workflows/icdev_patch.py +186 -0
icdev/tools/ci/workflows/icdev_plan.py +202 -0
icdev/tools/ci/workflows/icdev_plan_build.py +41 -0
icdev/tools/ci/workflows/icdev_plan_build_test.py +46 -0
icdev/tools/ci/workflows/icdev_plan_build_test_review.py +47 -0
icdev/tools/ci/workflows/icdev_review.py +126 -0
icdev/tools/ci/workflows/icdev_sdlc.py +261 -0
icdev/tools/ci/workflows/icdev_test.py +240 -0
icdev/tools/cli/__init__.py +1 -0
icdev/tools/cli/output_formatter.py +756 -0
icdev/tools/cli_formatter.py +42 -0
icdev/tools/cloud/__init__.py +11 -0
icdev/tools/cloud/cloud_mode_manager.py +364 -0
icdev/tools/cloud/csp_changelog.py +383 -0
icdev/tools/cloud/csp_health_checker.py +268 -0
icdev/tools/cloud/csp_monitor.py +951 -0
icdev/tools/cloud/iam_provider.py +593 -0
icdev/tools/cloud/kms_provider.py +346 -0
icdev/tools/cloud/monitoring_provider.py +628 -0
icdev/tools/cloud/provider_factory.py +376 -0
icdev/tools/cloud/region_validator.py +345 -0
icdev/tools/cloud/registry_provider.py +563 -0
icdev/tools/cloud/secrets_provider.py +486 -0
icdev/tools/cloud/storage_provider.py +446 -0
icdev/tools/compat/__init__.py +21 -0
icdev/tools/compat/cli_harmonizer.py +251 -0
icdev/tools/compat/datetime_utils.py +18 -0
icdev/tools/compat/db_utils.py +160 -0
icdev/tools/compat/platform_utils.py +123 -0
icdev/tools/compliance/__init__.py +1 -0
icdev/tools/compliance/accountability_manager.py +397 -0
icdev/tools/compliance/ai_accountability_audit.py +294 -0
icdev/tools/compliance/ai_impact_assessor.py +273 -0
icdev/tools/compliance/ai_incident_response.py +301 -0
icdev/tools/compliance/ai_inventory_manager.py +239 -0
icdev/tools/compliance/ai_reassessment_scheduler.py +256 -0
icdev/tools/compliance/ai_transparency_audit.py +248 -0
icdev/tools/compliance/atlas_assessor.py +278 -0
icdev/tools/compliance/atlas_report_generator.py +1211 -0
icdev/tools/compliance/base_assessor.py +597 -0
icdev/tools/compliance/cato_monitor.py +1385 -0
icdev/tools/compliance/cato_scheduler.py +699 -0
icdev/tools/compliance/cjis_assessor.py +76 -0
icdev/tools/compliance/classification_manager.py +1353 -0
icdev/tools/compliance/cmmc_assessor.py +1491 -0
icdev/tools/compliance/cmmc_report_generator.py +1100 -0
icdev/tools/compliance/compliance_detector.py +463 -0
icdev/tools/compliance/compliance_exporter.py +427 -0
icdev/tools/compliance/compliance_status.py +825 -0
icdev/tools/compliance/control_mapper.py +505 -0
icdev/tools/compliance/crosswalk_engine.py +1203 -0
icdev/tools/compliance/cssp_assessor.py +1045 -0
icdev/tools/compliance/cssp_evidence_collector.py +729 -0
icdev/tools/compliance/cssp_report_generator.py +1116 -0
icdev/tools/compliance/cui_marker.py +388 -0
icdev/tools/compliance/diagram_validator.py +600 -0
icdev/tools/compliance/emass/__init__.py +2 -0
icdev/tools/compliance/emass/emass_client.py +840 -0
icdev/tools/compliance/emass/emass_export.py +777 -0
icdev/tools/compliance/emass/emass_sync.py +826 -0
icdev/tools/compliance/eu_ai_act_classifier.py +194 -0
icdev/tools/compliance/evidence_collector.py +468 -0
icdev/tools/compliance/fairness_assessor.py +316 -0
icdev/tools/compliance/fedramp_assessor.py +1808 -0
icdev/tools/compliance/fedramp_authorization_packager.py +137 -0
icdev/tools/compliance/fedramp_ksi_generator.py +355 -0
icdev/tools/compliance/fedramp_report_generator.py +1128 -0
icdev/tools/compliance/fips199_categorizer.py +881 -0
icdev/tools/compliance/fips200_validator.py +315 -0
icdev/tools/compliance/gao_ai_assessor.py +231 -0
icdev/tools/compliance/gao_evidence_builder.py +308 -0
icdev/tools/compliance/hipaa_assessor.py +78 -0
icdev/tools/compliance/hitrust_assessor.py +49 -0
icdev/tools/compliance/incident_response_plan.py +718 -0
icdev/tools/compliance/iso27001_assessor.py +92 -0
icdev/tools/compliance/iso42001_assessor.py +114 -0
icdev/tools/compliance/ivv_assessor.py +2327 -0
icdev/tools/compliance/ivv_report_generator.py +1662 -0
icdev/tools/compliance/model_card_generator.py +297 -0
icdev/tools/compliance/mosa_assessor.py +117 -0
icdev/tools/compliance/multi_regime_assessor.py +451 -0
icdev/tools/compliance/narrative_generator.py +1013 -0
icdev/tools/compliance/nist_800_207_assessor.py +191 -0
icdev/tools/compliance/nist_ai_600_1_assessor.py +188 -0
icdev/tools/compliance/nist_ai_rmf_assessor.py +110 -0
icdev/tools/compliance/nist_lookup.py +245 -0
icdev/tools/compliance/omb_m25_21_assessor.py +228 -0
icdev/tools/compliance/omb_m26_04_assessor.py +188 -0
icdev/tools/compliance/oscal_catalog_adapter.py +395 -0
icdev/tools/compliance/oscal_generator.py +2170 -0
icdev/tools/compliance/oscal_tools.py +1182 -0
icdev/tools/compliance/owasp_agentic_assessor.py +226 -0
icdev/tools/compliance/owasp_asi_assessor.py +200 -0
icdev/tools/compliance/owasp_llm_assessor.py +244 -0
icdev/tools/compliance/pci_dss_assessor.py +80 -0
icdev/tools/compliance/pi_compliance_tracker.py +1461 -0
icdev/tools/compliance/poam_generator.py +405 -0
icdev/tools/compliance/resolve_marking.py +283 -0
icdev/tools/compliance/sbd_assessor.py +2068 -0
icdev/tools/compliance/sbd_report_generator.py +1236 -0
icdev/tools/compliance/sbom_generator.py +1008 -0
icdev/tools/compliance/siem_config_generator.py +674 -0
icdev/tools/compliance/slsa_attestation_generator.py +490 -0
icdev/tools/compliance/soc2_assessor.py +77 -0
icdev/tools/compliance/ssp_generator.py +573 -0
icdev/tools/compliance/stig_checker.py +727 -0
icdev/tools/compliance/swft_evidence_bundler.py +337 -0
icdev/tools/compliance/system_card_generator.py +309 -0
icdev/tools/compliance/traceability_matrix.py +1281 -0
icdev/tools/compliance/universal_classification_manager.py +1172 -0
icdev/tools/compliance/xacta/__init__.py +2 -0
icdev/tools/compliance/xacta/xacta_client.py +449 -0
icdev/tools/compliance/xacta/xacta_export.py +557 -0
icdev/tools/compliance/xacta/xacta_sync.py +333 -0
icdev/tools/compliance/xai_assessor.py +231 -0
icdev/tools/dashboard/__init__.py +1 -0
icdev/tools/dashboard/api/__init__.py +1 -0
icdev/tools/dashboard/api/_pipeline_state.py +17 -0
icdev/tools/dashboard/api/activity.py +206 -0
icdev/tools/dashboard/api/admin.py +176 -0
icdev/tools/dashboard/api/agents.py +53 -0
icdev/tools/dashboard/api/ai_accountability.py +163 -0
icdev/tools/dashboard/api/ai_transparency.py +198 -0
icdev/tools/dashboard/api/audit.py +58 -0
icdev/tools/dashboard/api/batch.py +666 -0
icdev/tools/dashboard/api/chat.py +241 -0
icdev/tools/dashboard/api/cicd.py +219 -0
icdev/tools/dashboard/api/code_quality.py +223 -0
icdev/tools/dashboard/api/compliance.py +171 -0
icdev/tools/dashboard/api/cpmp.py +915 -0
icdev/tools/dashboard/api/diagrams.py +65 -0
icdev/tools/dashboard/api/events.py +250 -0
icdev/tools/dashboard/api/evidence.py +99 -0
icdev/tools/dashboard/api/fedramp_20x.py +77 -0
icdev/tools/dashboard/api/govcon.py +1095 -0
icdev/tools/dashboard/api/intake.py +1171 -0
icdev/tools/dashboard/api/lineage.py +163 -0
icdev/tools/dashboard/api/metrics.py +155 -0
icdev/tools/dashboard/api/nlq.py +72 -0
icdev/tools/dashboard/api/orchestration.py +472 -0
icdev/tools/dashboard/api/oscal.py +183 -0
icdev/tools/dashboard/api/prod_audit.py +183 -0
icdev/tools/dashboard/api/projects.py +191 -0
icdev/tools/dashboard/api/proposals.py +1084 -0
icdev/tools/dashboard/api/traces.py +363 -0
icdev/tools/dashboard/api/usage.py +234 -0
icdev/tools/dashboard/app.py +1986 -0
icdev/tools/dashboard/auth.py +500 -0
icdev/tools/dashboard/byok.py +245 -0
icdev/tools/dashboard/chat_manager.py +675 -0
icdev/tools/dashboard/config.py +116 -0
icdev/tools/dashboard/diagram_definitions.py +642 -0
icdev/tools/dashboard/nlq_processor.py +323 -0
icdev/tools/dashboard/phase_loader.py +136 -0
icdev/tools/dashboard/sse_manager.py +89 -0
icdev/tools/dashboard/state_tracker.py +267 -0
icdev/tools/dashboard/static/css/style.css +706 -0
icdev/tools/dashboard/static/css/ux.css +2047 -0
icdev/tools/dashboard/static/js/activity.js +322 -0
icdev/tools/dashboard/static/js/api.js +161 -0
icdev/tools/dashboard/static/js/batch.js +814 -0
icdev/tools/dashboard/static/js/charts.js +618 -0
icdev/tools/dashboard/static/js/chat.js +1514 -0
icdev/tools/dashboard/static/js/kanban.js +113 -0
icdev/tools/dashboard/static/js/live.js +569 -0
icdev/tools/dashboard/static/js/mermaid-icdev.js +332 -0
icdev/tools/dashboard/static/js/proposals.js +588 -0
icdev/tools/dashboard/static/js/shortcuts.js +544 -0
icdev/tools/dashboard/static/js/tables.js +652 -0
icdev/tools/dashboard/static/js/tour.js +524 -0
icdev/tools/dashboard/static/js/ux.js +942 -0
icdev/tools/dashboard/templates/404.html +10 -0
icdev/tools/dashboard/templates/activity.html +80 -0
icdev/tools/dashboard/templates/admin/users.html +144 -0
icdev/tools/dashboard/templates/ai_accountability.html +235 -0
icdev/tools/dashboard/templates/ai_transparency.html +263 -0
icdev/tools/dashboard/templates/base.html +104 -0
icdev/tools/dashboard/templates/batch.html +23 -0
icdev/tools/dashboard/templates/chat.html +332 -0
icdev/tools/dashboard/templates/children.html +149 -0
icdev/tools/dashboard/templates/cicd.html +253 -0
icdev/tools/dashboard/templates/code_quality.html +214 -0
icdev/tools/dashboard/templates/cpmp/cor_detail.html +220 -0
icdev/tools/dashboard/templates/cpmp/cor_portal.html +91 -0
icdev/tools/dashboard/templates/cpmp/deliverable_detail.html +197 -0
icdev/tools/dashboard/templates/cpmp/detail.html +578 -0
icdev/tools/dashboard/templates/cpmp/portfolio.html +202 -0
icdev/tools/dashboard/templates/dev_profiles.html +304 -0
icdev/tools/dashboard/templates/diagrams.html +224 -0
icdev/tools/dashboard/templates/events/timeline.html +232 -0
icdev/tools/dashboard/templates/evidence.html +134 -0
icdev/tools/dashboard/templates/fedramp_20x.html +207 -0
icdev/tools/dashboard/templates/gateway.html +244 -0
icdev/tools/dashboard/templates/govcon/capabilities.html +135 -0
icdev/tools/dashboard/templates/govcon/pipeline.html +214 -0
icdev/tools/dashboard/templates/govcon/requirements.html +120 -0
icdev/tools/dashboard/templates/index.html +254 -0
icdev/tools/dashboard/templates/lineage.html +141 -0
icdev/tools/dashboard/templates/login.html +51 -0
icdev/tools/dashboard/templates/monitoring/overview.html +193 -0
icdev/tools/dashboard/templates/orchestration/dashboard.html +545 -0
icdev/tools/dashboard/templates/oscal.html +263 -0
icdev/tools/dashboard/templates/phases.html +150 -0
icdev/tools/dashboard/templates/prod_audit.html +280 -0
icdev/tools/dashboard/templates/profile.html +183 -0
icdev/tools/dashboard/templates/projects/detail.html +583 -0
icdev/tools/dashboard/templates/projects/list.html +47 -0
icdev/tools/dashboard/templates/proposals/detail.html +1253 -0
icdev/tools/dashboard/templates/proposals/list.html +179 -0
icdev/tools/dashboard/templates/proposals/section_detail.html +193 -0
icdev/tools/dashboard/templates/provenance.html +181 -0
icdev/tools/dashboard/templates/query/nlq.html +234 -0
icdev/tools/dashboard/templates/quick_paths.html +69 -0
icdev/tools/dashboard/templates/traces.html +155 -0
icdev/tools/dashboard/templates/translation_detail.html +199 -0
icdev/tools/dashboard/templates/translations.html +162 -0
icdev/tools/dashboard/templates/usage.html +225 -0
icdev/tools/dashboard/templates/wizard.html +539 -0
icdev/tools/dashboard/templates/xai.html +208 -0
icdev/tools/dashboard/ux_helpers.py +962 -0
icdev/tools/dashboard/websocket.py +81 -0
icdev/tools/db/__init__.py +1 -0
icdev/tools/db/backup.py +312 -0
icdev/tools/db/backup_manager.py +832 -0
icdev/tools/db/init_icdev_db.py +5900 -0
icdev/tools/db/migrate.py +178 -0
icdev/tools/db/migration_runner.py +549 -0
icdev/tools/db/migrations/001_baseline/meta.json +9 -0
icdev/tools/db/migrations/001_baseline/up.py +68 -0
icdev/tools/db/migrations/002_memory_enhancements/down.sql +8 -0
icdev/tools/db/migrations/002_memory_enhancements/meta.json +9 -0
icdev/tools/db/migrations/002_memory_enhancements/up.py +118 -0
icdev/tools/db/migrations/003_dev_profiles/meta.json +8 -0
icdev/tools/db/migrations/003_dev_profiles/up.py +93 -0
icdev/tools/db/migrations/004_innovation_engine/down.py +19 -0
icdev/tools/db/migrations/004_innovation_engine/up.py +227 -0
icdev/tools/db/migrations/005_phase_37_ai_security/down.py +19 -0
icdev/tools/db/migrations/005_phase_37_ai_security/up.py +258 -0
icdev/tools/db/migrations/006_phase_36_evolution/down.py +21 -0
icdev/tools/db/migrations/006_phase_36_evolution/up.py +323 -0
icdev/tools/db/migrations/007_phase_38_cloud/down.py +14 -0
icdev/tools/db/migrations/007_phase_38_cloud/up.py +110 -0
icdev/tools/db/migrations/008_phase36_37_integration/up.py +55 -0
icdev/tools/db/migrations/__init__.py +2 -0
icdev/tools/devsecops/__init__.py +2 -0
icdev/tools/devsecops/attestation_manager.py +458 -0
icdev/tools/devsecops/network_segmentation_generator.py +614 -0
icdev/tools/devsecops/pdp_config_generator.py +1256 -0
icdev/tools/devsecops/pipeline_security_generator.py +484 -0
icdev/tools/devsecops/policy_generator.py +653 -0
icdev/tools/devsecops/profile_manager.py +388 -0
icdev/tools/devsecops/service_mesh_generator.py +1073 -0
icdev/tools/devsecops/zta_maturity_scorer.py +368 -0
icdev/tools/devsecops/zta_terraform_generator.py +1303 -0
icdev/tools/dx/__init__.py +3 -0
icdev/tools/dx/companion.py +266 -0
icdev/tools/dx/instruction_generator.py +753 -0
icdev/tools/dx/mcp_config_generator.py +282 -0
icdev/tools/dx/skill_translator.py +425 -0
icdev/tools/dx/tool_detector.py +144 -0
icdev/tools/extensions/__init__.py +21 -0
icdev/tools/extensions/builtins/010_ai_governance_chat.py +277 -0
icdev/tools/extensions/builtins/__init__.py +2 -0
icdev/tools/extensions/extension_manager.py +455 -0
icdev/tools/infra/__init__.py +1 -0
icdev/tools/infra/ansible_generator.py +869 -0
icdev/tools/infra/dockerfile_generator.py +361 -0
icdev/tools/infra/infra_status.py +393 -0
icdev/tools/infra/ironbank_metadata_generator.py +411 -0
icdev/tools/infra/k8s_generator.py +1002 -0
icdev/tools/infra/pipeline_generator.py +832 -0
icdev/tools/infra/rollback.py +400 -0
icdev/tools/infra/terraform_generator.py +1142 -0
icdev/tools/infra/terraform_generator_azure.py +1254 -0
icdev/tools/infra/terraform_generator_gcp.py +953 -0
icdev/tools/infra/terraform_generator_ibm.py +360 -0
icdev/tools/infra/terraform_generator_oci.py +919 -0
icdev/tools/infra/terraform_generator_onprem.py +319 -0
icdev/tools/innovation/__init__.py +8 -0
icdev/tools/innovation/competitive_intel.py +492 -0
icdev/tools/innovation/innovation_manager.py +681 -0
icdev/tools/innovation/introspective_analyzer.py +774 -0
icdev/tools/innovation/register_external_patterns.py +440 -0
icdev/tools/innovation/signal_ranker.py +1038 -0
icdev/tools/innovation/solution_generator.py +697 -0
icdev/tools/innovation/standards_monitor.py +466 -0
icdev/tools/innovation/trend_detector.py +1046 -0
icdev/tools/innovation/triage_engine.py +1149 -0
icdev/tools/innovation/web_scanner.py +894 -0
icdev/tools/installer/__init__.py +1 -0
icdev/tools/installer/compliance_configurator.py +637 -0
icdev/tools/installer/installer.py +1711 -0
icdev/tools/installer/module_registry.py +805 -0
icdev/tools/installer/platform_setup.py +961 -0
icdev/tools/integration/__init__.py +2 -0
icdev/tools/integration/approval_manager.py +561 -0
icdev/tools/integration/doors_exporter.py +627 -0
icdev/tools/integration/gitlab_connector.py +784 -0
icdev/tools/integration/jira_connector.py +774 -0
icdev/tools/integration/servicenow_connector.py +693 -0
icdev/tools/knowledge/__init__.py +1 -0
icdev/tools/knowledge/knowledge_ingest.py +293 -0
icdev/tools/knowledge/pattern_detector.py +693 -0
icdev/tools/knowledge/recommendation_engine.py +461 -0
icdev/tools/knowledge/self_heal_analyzer.py +504 -0
icdev/tools/llm/__init__.py +72 -0
icdev/tools/llm/anthropic_provider.py +170 -0
icdev/tools/llm/azure_openai_provider.py +338 -0
icdev/tools/llm/bedrock_provider.py +315 -0
icdev/tools/llm/embedding_provider.py +438 -0
icdev/tools/llm/gemini_provider.py +381 -0
icdev/tools/llm/ibm_watsonx_provider.py +232 -0
icdev/tools/llm/oci_genai_provider.py +462 -0
icdev/tools/llm/ollama_provider.py +340 -0
icdev/tools/llm/openai_provider.py +225 -0
icdev/tools/llm/provider.py +355 -0
icdev/tools/llm/provider_sdk.py +175 -0
icdev/tools/llm/router.py +780 -0
icdev/tools/llm/vertex_ai_provider.py +374 -0
icdev/tools/maintenance/__init__.py +2 -0
icdev/tools/maintenance/dependency_scanner.py +1030 -0
icdev/tools/maintenance/maintenance_auditor.py +815 -0
icdev/tools/maintenance/remediation_engine.py +966 -0
icdev/tools/maintenance/vulnerability_checker.py +987 -0
icdev/tools/mbse/__init__.py +3 -0
icdev/tools/mbse/des_assessor.py +1186 -0
icdev/tools/mbse/des_report_generator.py +800 -0
icdev/tools/mbse/diagram_extractor.py +811 -0
icdev/tools/mbse/digital_thread.py +1665 -0
icdev/tools/mbse/model_code_generator.py +1122 -0
icdev/tools/mbse/model_control_mapper.py +420 -0
icdev/tools/mbse/pi_model_tracker.py +1093 -0
icdev/tools/mbse/reqif_parser.py +1483 -0
icdev/tools/mbse/sync_engine.py +1805 -0
icdev/tools/mbse/xmi_parser.py +1573 -0
icdev/tools/mcp/__init__.py +1 -0
icdev/tools/mcp/base_server.py +535 -0
icdev/tools/mcp/builder_server.py +725 -0
icdev/tools/mcp/compliance_server.py +1407 -0
icdev/tools/mcp/context_indexer.py +199 -0
icdev/tools/mcp/context_server.py +305 -0
icdev/tools/mcp/core_server.py +679 -0
icdev/tools/mcp/devsecops_server.py +432 -0
icdev/tools/mcp/gap_handlers.py +1079 -0
icdev/tools/mcp/gateway_server.py +339 -0
icdev/tools/mcp/generate_registry.py +623 -0
icdev/tools/mcp/infra_server.py +264 -0
icdev/tools/mcp/innovation_server.py +316 -0
icdev/tools/mcp/integration_server.py +527 -0
icdev/tools/mcp/knowledge_server.py +429 -0
icdev/tools/mcp/maintenance_server.py +248 -0
icdev/tools/mcp/marketplace_server.py +499 -0
icdev/tools/mcp/mbse_server.py +398 -0
icdev/tools/mcp/modernization_server.py +496 -0
icdev/tools/mcp/observability_server.py +354 -0
icdev/tools/mcp/requirements_server.py +415 -0
icdev/tools/mcp/simulation_server.py +468 -0
icdev/tools/mcp/standalone/__init__.py +2 -0
icdev/tools/mcp/standalone/builder.py +59 -0
icdev/tools/mcp/standalone/compliance.py +59 -0
icdev/tools/mcp/standalone/core.py +59 -0
icdev/tools/mcp/standalone/knowledge.py +59 -0
icdev/tools/mcp/standalone/maintenance.py +59 -0
icdev/tools/mcp/supply_chain_server.py +476 -0
icdev/tools/mcp/tool_registry.py +2008 -0
icdev/tools/mcp/unified_server.py +158 -0
icdev/tools/memory/__init__.py +2 -0
icdev/tools/memory/auto_capture.py +347 -0
icdev/tools/memory/embed_memory.py +158 -0
icdev/tools/memory/history_compressor.py +334 -0
icdev/tools/memory/hybrid_search.py +236 -0
icdev/tools/memory/maintenance_cron.py +289 -0
icdev/tools/memory/memory_consolidation.py +444 -0
icdev/tools/memory/memory_db.py +133 -0
icdev/tools/memory/memory_read.py +102 -0
icdev/tools/memory/memory_write.py +222 -0
icdev/tools/memory/semantic_search.py +139 -0
icdev/tools/memory/time_decay.py +435 -0
icdev/tools/modernization/__init__.py +3 -0
icdev/tools/modernization/architecture_extractor.py +734 -0
icdev/tools/modernization/compliance_bridge.py +1499 -0
icdev/tools/modernization/db_migration_planner.py +1385 -0
icdev/tools/modernization/doc_generator.py +1428 -0
icdev/tools/modernization/framework_migrator.py +1525 -0
icdev/tools/modernization/legacy_analyzer.py +1948 -0
icdev/tools/modernization/migration_code_generator.py +1639 -0
icdev/tools/modernization/migration_report_generator.py +1653 -0
icdev/tools/modernization/migration_tracker.py +1726 -0
icdev/tools/modernization/monolith_decomposer.py +1508 -0
icdev/tools/modernization/seven_r_assessor.py +1658 -0
icdev/tools/modernization/strangler_fig_manager.py +1705 -0
icdev/tools/modernization/ui_analyzer.py +771 -0
icdev/tools/modernization/version_migrator.py +1392 -0
icdev/tools/monitor/__init__.py +1 -0
icdev/tools/monitor/alert_correlator.py +495 -0
icdev/tools/monitor/auto_resolver.py +612 -0
icdev/tools/monitor/health_checker.py +509 -0
icdev/tools/monitor/heartbeat_daemon.py +792 -0
icdev/tools/monitor/log_analyzer.py +516 -0
icdev/tools/monitor/metric_collector.py +496 -0
icdev/tools/mosa/__init__.py +10 -0
icdev/tools/mosa/icd_generator.py +370 -0
icdev/tools/mosa/modular_design_analyzer.py +683 -0
icdev/tools/mosa/mosa_code_enforcer.py +349 -0
icdev/tools/mosa/tsp_generator.py +265 -0
icdev/tools/observability/__init__.py +100 -0
icdev/tools/observability/genai_attributes.py +88 -0
icdev/tools/observability/instrumentation.py +140 -0
icdev/tools/observability/mlflow_exporter.py +194 -0
icdev/tools/observability/otel_tracer.py +168 -0
icdev/tools/observability/provenance/__init__.py +3 -0
icdev/tools/observability/provenance/prov_recorder.py +324 -0
icdev/tools/observability/shap/__init__.py +3 -0
icdev/tools/observability/shap/agent_shap.py +275 -0
icdev/tools/observability/sqlite_tracer.py +361 -0
icdev/tools/observability/trace_context.py +205 -0
icdev/tools/observability/tracer.py +230 -0
icdev/tools/orchestration/__init__.py +2 -0
icdev/tools/orchestration/workflow_composer.py +361 -0
icdev/tools/project/__init__.py +1 -0
icdev/tools/project/manifest_loader.py +418 -0
icdev/tools/project/project_create.py +350 -0
icdev/tools/project/project_list.py +174 -0
icdev/tools/project/project_scaffold.py +1715 -0
icdev/tools/project/project_status.py +479 -0
icdev/tools/project/session_context_builder.py +757 -0
icdev/tools/project/validate_manifest.py +55 -0
icdev/tools/registry/__init__.py +10 -0
icdev/tools/registry/absorption_engine.py +832 -0
icdev/tools/registry/capability_evaluator.py +668 -0
icdev/tools/registry/child_registry.py +617 -0
icdev/tools/registry/cross_pollinator.py +1065 -0
icdev/tools/registry/genome_manager.py +671 -0
icdev/tools/registry/learning_collector.py +912 -0
icdev/tools/registry/propagation_manager.py +942 -0
icdev/tools/registry/staging_manager.py +742 -0
icdev/tools/registry/telemetry_collector.py +423 -0
icdev/tools/requirements/__init__.py +1 -0
icdev/tools/requirements/ai_governance_scorer.py +208 -0
icdev/tools/requirements/boundary_analyzer.py +1293 -0
icdev/tools/requirements/clarification_engine.py +618 -0
icdev/tools/requirements/complexity_scorer.py +387 -0
icdev/tools/requirements/consistency_analyzer.py +803 -0
icdev/tools/requirements/constitution_manager.py +605 -0
icdev/tools/requirements/decomposition_engine.py +778 -0
icdev/tools/requirements/document_extractor.py +1016 -0
icdev/tools/requirements/elicitation_techniques.py +519 -0
icdev/tools/requirements/gap_detector.py +271 -0
icdev/tools/requirements/intake_engine.py +2188 -0
icdev/tools/requirements/prd_generator.py +847 -0
icdev/tools/requirements/prd_validator.py +595 -0
icdev/tools/requirements/readiness_scorer.py +313 -0
icdev/tools/requirements/spec_organizer.py +1029 -0
icdev/tools/requirements/spec_quality_checker.py +1097 -0
icdev/tools/requirements/traceability_builder.py +579 -0
icdev/tools/resilience/__init__.py +34 -0
icdev/tools/resilience/circuit_breaker.py +340 -0
icdev/tools/resilience/correlation.py +150 -0
icdev/tools/resilience/errors.py +81 -0
icdev/tools/resilience/retry.py +95 -0
icdev/tools/schemas/__init__.py +27 -0
icdev/tools/schemas/chat.py +61 -0
icdev/tools/schemas/compliance.py +56 -0
icdev/tools/schemas/core.py +85 -0
icdev/tools/schemas/innovation.py +37 -0
icdev/tools/schemas/validation.py +109 -0
icdev/tools/sdk/__init__.py +3 -0
icdev/tools/sdk/icdev_client.py +218 -0
icdev/tools/security/__init__.py +1 -0
icdev/tools/security/agent_output_validator.py +330 -0
icdev/tools/security/agent_trust_scorer.py +466 -0
icdev/tools/security/ai_bom_generator.py +725 -0
icdev/tools/security/ai_telemetry_logger.py +469 -0
icdev/tools/security/atlas_red_team.py +543 -0
icdev/tools/security/code_pattern_scanner.py +378 -0
icdev/tools/security/confabulation_detector.py +271 -0
icdev/tools/security/container_scanner.py +491 -0
icdev/tools/security/dependency_auditor.py +944 -0
icdev/tools/security/endpoint_security_scanner.py +579 -0
icdev/tools/security/mcp_tool_authorizer.py +243 -0
icdev/tools/security/prompt_injection_detector.py +737 -0
icdev/tools/security/sast_runner.py +948 -0
icdev/tools/security/secret_detector.py +378 -0
icdev/tools/security/tool_chain_validator.py +357 -0
icdev/tools/security/vuln_scanner.py +539 -0
icdev/tools/simulation/__init__.py +2 -0
icdev/tools/simulation/coa_generator.py +1552 -0
icdev/tools/simulation/monte_carlo.py +758 -0
icdev/tools/simulation/scenario_manager.py +1073 -0
icdev/tools/simulation/simulation_engine.py +1104 -0
icdev/tools/supply_chain/__init__.py +2 -0
icdev/tools/supply_chain/cve_triager.py +705 -0
icdev/tools/supply_chain/dependency_graph.py +645 -0
icdev/tools/supply_chain/isa_manager.py +540 -0
icdev/tools/supply_chain/scrm_assessor.py +546 -0
icdev/tools/testing/__init__.py +2 -0
icdev/tools/testing/acceptance_validator.py +411 -0
icdev/tools/testing/claude_dir_validator.py +831 -0
icdev/tools/testing/data_types.py +199 -0
icdev/tools/testing/e2e_runner.py +715 -0
icdev/tools/testing/fuzz_cli.py +306 -0
icdev/tools/testing/health_check.py +483 -0
icdev/tools/testing/platform_check.py +143 -0
icdev/tools/testing/production_audit.py +1862 -0
icdev/tools/testing/production_remediate.py +804 -0
icdev/tools/testing/screenshot_validator.py +539 -0
icdev/tools/testing/smoke_test.py +283 -0
icdev/tools/testing/test_agent_models.py +117 -0
icdev/tools/testing/test_orchestrator.py +957 -0
icdev/tools/testing/utils.py +229 -0
icdev/tools/translation/__init__.py +17 -0
icdev/tools/translation/code_translator.py +550 -0
icdev/tools/translation/dependency_mapper.py +277 -0
icdev/tools/translation/feature_map.py +395 -0
icdev/tools/translation/project_assembler.py +439 -0
icdev/tools/translation/source_extractor.py +609 -0
icdev/tools/translation/test_translator.py +333 -0
icdev/tools/translation/translation_manager.py +582 -0
icdev/tools/translation/translation_validator.py +662 -0
icdev/tools/translation/type_checker.py +371 -0
icdev-1.0.0.dist-info/METADATA +868 -0
icdev-1.0.0.dist-info/RECORD +1105 -0
icdev-1.0.0.dist-info/WHEEL +5 -0
icdev-1.0.0.dist-info/entry_points.txt +9 -0
icdev-1.0.0.dist-info/licenses/LICENSE +254 -0
icdev-1.0.0.dist-info/licenses/NOTICE +268 -0
icdev-1.0.0.dist-info/top_level.txt +1 -0

icdev/tools/builder/app_blueprint.py ADDED Viewed

@@ -0,0 +1,1583 @@
+#!/usr/bin/env python3
+# CUI // SP-CTI
+# Controlled by: Department of Defense
+# CUI Category: CTI
+# Distribution: D
+# POC: ICDEV System Administrator
+"""App Blueprint Engine - generates deployment blueprint from fitness scorecard.
+Consumes an agentic fitness scorecard (JSON output from tools/builder/agentic_fitness.py)
+and user decisions to produce a comprehensive blueprint JSON that drives all downstream
+child app generators.
+Architecture Decision D23: Blueprint-driven generation -- single config drives all
+generators; no hardcoded decisions.
+CLI: python tools/builder/app_blueprint.py \
+       --fitness-scorecard /path/to/scorecard.json \
+       --user-decisions '{"ato_required": true}' \
+       --app-name "my-child-app" \
+       --json
+"""
+import argparse
+import hashlib
+import json
+import logging
+import sys
+import uuid
+from datetime import datetime
+from pathlib import Path
+from typing import Any, Dict, List, Optional
+from icdev._paths import get_project_root
+BASE_DIR = get_project_root()
+DB_PATH = BASE_DIR / "data" / "icdev.db"
+CAPABILITY_REGISTRY_PATH = BASE_DIR / "context" / "agentic" / "capability_registry.yaml"
+CSP_REGISTRY_PATH = BASE_DIR / "context" / "agentic" / "csp_mcp_registry.yaml"
+logger = logging.getLogger("icdev.app_blueprint")
+try:
+    import yaml
+except ImportError:
+    yaml = None
+try:
+    from icdev.tools.audit.audit_logger import log_event as audit_log_event
+except ImportError:
+    def audit_log_event(**kwargs):
+        logger.debug("audit_logger unavailable — skipping audit event")
+# ============================================================
+# DEFAULT REGISTRIES — fallback when YAML files not available
+# ============================================================
+DEFAULT_CAPABILITY_REGISTRY: Dict[str, Any] = {
+    "capabilities": {
+        "core": {
+            "description": "Core agent framework (orchestration, A2A, audit)",
+            "always_on": True,
+            "condition": None,
+        },
+        "compliance": {
+            "description": "ATO artifacts, 9-framework compliance engine",
+            "always_on": False,
+            "condition": "compliance_sensitivity >= 6 OR user_decisions.ato_required",
+        },
+        "security": {
+            "description": "SAST, dependency audit, secret detection, container scan",
+            "always_on": False,
+            "condition": "overall_score >= 5 OR user_decisions.security_required",
+        },
+        "mbse": {
+            "description": "Model-Based Systems Engineering integration",
+            "always_on": False,
+            "condition": "user_decisions.mbse_enabled",
+        },
+        "cicd": {
+            "description": "CI/CD pipeline integration (GitHub + GitLab)",
+            "always_on": True,
+            "condition": None,
+        },
+        "testing": {
+            "description": "Testing framework (unit, BDD, E2E, gates)",
+            "always_on": True,
+            "condition": None,
+        },
+        "dashboard": {
+            "description": "Flask web dashboard for monitoring and status",
+            "always_on": False,
+            "condition": "user_interaction >= 4",
+        },
+        "knowledge": {
+            "description": "Self-healing patterns, ML, recommendations",
+            "always_on": True,
+            "condition": None,
+        },
+        "modernization": {
+            "description": "Legacy app modernization (excluded from child apps)",
+            "always_on": False,
+            "condition": "never",
+        },
+        "infra": {
+            "description": "Terraform, Ansible, K8s, pipeline generation",
+            "always_on": False,
+            "condition": "capabilities.cicd",
+        },
+        "db": {
+            "description": "Database initialization and management",
+            "always_on": True,
+            "condition": None,
+        },
+        "project": {
+            "description": "Project lifecycle management",
+            "always_on": True,
+            "condition": None,
+        },
+        "memory": {
+            "description": "Memory system (markdown + SQLite + embeddings)",
+            "always_on": True,
+            "condition": None,
+        },
+        # --- D-CHILD-1: Enterprise-grade child app capabilities ---
+        "ricoas": {
+            "description": "Requirements intake, gap detection, SAFe decomposition, boundary analysis",
+            "always_on": False,
+            "condition": "compliance_sensitivity >= 7 OR user_decisions.ricoas_enabled",
+        },
+        "supply_chain": {
+            "description": "Dependency graph, SBOM aggregation, ISA lifecycle, CVE triage",
+            "always_on": False,
+            "condition": "capabilities.ricoas",
+        },
+        "simulation": {
+            "description": "Digital Program Twin, Monte Carlo, COA generation",
+            "always_on": False,
+            "condition": "capabilities.ricoas",
+        },
+        "devsecops_zta": {
+            "description": "DevSecOps profile, ZTA maturity, service mesh, policy-as-code",
+            "always_on": False,
+            "condition": "compliance_sensitivity >= 6 OR user_decisions.devsecops_enabled",
+        },
+        "ai_security": {
+            "description": "ATLAS, OWASP Agentic, prompt injection, AI telemetry",
+            "always_on": False,
+            "condition": "overall_score >= 5 OR user_decisions.ai_security_required",
+        },
+        "ai_governance": {
+            "description": "AI Transparency, Accountability, model/system cards",
+            "always_on": False,
+            "condition": "user_decisions.ai_governance_enabled",
+        },
+        "observability": {
+            "description": "Distributed tracing, provenance, AgentSHAP, XAI",
+            "always_on": False,
+            "condition": "overall_score >= 4",
+        },
+        "code_intelligence": {
+            "description": "AST metrics, smell detection, maintainability scoring",
+            "always_on": False,
+            "condition": "overall_score >= 5 OR user_decisions.code_intelligence_enabled",
+        },
+        "govcon": {
+            "description": "GovProposal, CPMP, GovCon Intelligence (parent-only, D-CHILD-3)",
+            "always_on": False,
+            "condition": "never",
+        },
+    },
+}
+DEFAULT_CSP_REGISTRY: Dict[str, Any] = {
+    "providers": {
+        "aws": {
+            "display_name": "Amazon Web Services",
+            "govcloud_regions": ["us-gov-west-1", "us-gov-east-1"],
+            "commercial_regions": ["us-east-1", "us-west-2", "eu-west-1"],
+            "mcp_servers": {
+                "core": {
+                    "name": "aws-core",
+                    "description": "S3, SQS, SNS, CloudWatch",
+                    "always_on": True,
+                },
+                "bedrock": {
+                    "name": "aws-bedrock",
+                    "description": "Amazon Bedrock LLM inference",
+                    "always_on": True,
+                },
+                "secrets": {
+                    "name": "aws-secrets-manager",
+                    "description": "AWS Secrets Manager",
+                    "always_on": True,
+                },
+                "compliance": {
+                    "name": "aws-config",
+                    "description": "AWS Config for compliance monitoring",
+                    "requires_capability": "compliance",
+                },
+                "security": {
+                    "name": "aws-security-hub",
+                    "description": "AWS Security Hub findings",
+                    "requires_capability": "security",
+                },
+                "container": {
+                    "name": "aws-ecr",
+                    "description": "Elastic Container Registry",
+                    "requires_capability": "cicd",
+                },
+                "monitoring": {
+                    "name": "aws-cloudwatch",
+                    "description": "CloudWatch metrics and logs",
+                    "requires_capability": "knowledge",
+                },
+            },
+            "knowledge_bases": [
+                {"id": "kb-govcloud-patterns", "name": "GovCloud Architecture Patterns"},
+                {"id": "kb-nist-controls", "name": "NIST 800-53 Control Implementations"},
+            ],
+        },
+        "gcp": {
+            "display_name": "Google Cloud Platform",
+            "govcloud_regions": [],
+            "commercial_regions": ["us-central1", "us-east1", "europe-west1"],
+            "mcp_servers": {
+                "core": {
+                    "name": "gcp-core",
+                    "description": "GCS, Pub/Sub, Cloud Logging",
+                    "always_on": True,
+                },
+                "ai": {
+                    "name": "gcp-vertex-ai",
+                    "description": "Vertex AI LLM inference",
+                    "always_on": True,
+                },
+                "secrets": {
+                    "name": "gcp-secret-manager",
+                    "description": "GCP Secret Manager",
+                    "always_on": True,
+                },
+                "security": {
+                    "name": "gcp-security-command-center",
+                    "description": "Security Command Center",
+                    "requires_capability": "security",
+                },
+                "container": {
+                    "name": "gcp-artifact-registry",
+                    "description": "Artifact Registry",
+                    "requires_capability": "cicd",
+                },
+            },
+            "knowledge_bases": [
+                {"id": "kb-gcp-patterns", "name": "GCP Architecture Patterns"},
+            ],
+        },
+        "azure": {
+            "display_name": "Microsoft Azure",
+            "govcloud_regions": ["usgovvirginia", "usgovarizona"],
+            "commercial_regions": ["eastus", "westus2", "westeurope"],
+            "mcp_servers": {
+                "core": {
+                    "name": "azure-core",
+                    "description": "Blob Storage, Service Bus, Monitor",
+                    "always_on": True,
+                },
+                "ai": {
+                    "name": "azure-openai",
+                    "description": "Azure OpenAI Service",
+                    "always_on": True,
+                },
+                "secrets": {
+                    "name": "azure-key-vault",
+                    "description": "Azure Key Vault",
+                    "always_on": True,
+                },
+                "compliance": {
+                    "name": "azure-policy",
+                    "description": "Azure Policy for compliance",
+                    "requires_capability": "compliance",
+                },
+                "security": {
+                    "name": "azure-defender",
+                    "description": "Microsoft Defender for Cloud",
+                    "requires_capability": "security",
+                },
+                "container": {
+                    "name": "azure-acr",
+                    "description": "Azure Container Registry",
+                    "requires_capability": "cicd",
+                },
+            },
+            "knowledge_bases": [
+                {"id": "kb-azure-patterns", "name": "Azure Gov Architecture Patterns"},
+            ],
+        },
+        "oracle": {
+            "display_name": "Oracle Cloud Infrastructure",
+            "govcloud_regions": ["us-langley-1", "us-luke-1"],
+            "commercial_regions": ["us-ashburn-1", "us-phoenix-1"],
+            "mcp_servers": {
+                "core": {
+                    "name": "oci-core",
+                    "description": "Object Storage, Streaming, Logging",
+                    "always_on": True,
+                },
+                "ai": {
+                    "name": "oci-generative-ai",
+                    "description": "OCI Generative AI Service",
+                    "always_on": True,
+                },
+                "secrets": {
+                    "name": "oci-vault",
+                    "description": "OCI Vault",
+                    "always_on": True,
+                },
+                "security": {
+                    "name": "oci-cloud-guard",
+                    "description": "OCI Cloud Guard",
+                    "requires_capability": "security",
+                },
+            },
+            "knowledge_bases": [
+                {"id": "kb-oci-patterns", "name": "OCI Gov Architecture Patterns"},
+            ],
+        },
+        "ibm": {
+            "display_name": "IBM Cloud for Government (IC4G)",
+            "govcloud_regions": ["us-south", "us-east"],
+            "commercial_regions": ["us-south", "us-east", "eu-de", "eu-gb"],
+            "mcp_servers": {
+                "core": {
+                    "name": "ibm-cloud-core",
+                    "description": "IBM Cloud Object Storage, Event Streams, Logging",
+                    "always_on": True,
+                },
+                "ai": {
+                    "name": "ibm-watsonx-ai",
+                    "description": "IBM watsonx.ai (Granite, Llama)",
+                    "always_on": True,
+                },
+                "secrets": {
+                    "name": "ibm-key-protect",
+                    "description": "IBM Key Protect",
+                    "always_on": True,
+                },
+                "container": {
+                    "name": "ibm-iks",
+                    "description": "IBM Kubernetes Service / Red Hat OpenShift",
+                    "requires_capability": "cicd",
+                },
+                "security": {
+                    "name": "ibm-security-compliance",
+                    "description": "IBM Security and Compliance Center",
+                    "requires_capability": "security",
+                },
+            },
+            "knowledge_bases": [
+                {"id": "kb-ibm-patterns", "name": "IBM IC4G Architecture Patterns"},
+            ],
+        },
+    },
+}
+# ============================================================
+# CORE / CONDITIONAL AGENT DEFINITIONS
+# ============================================================
+CORE_AGENTS: List[Dict[str, Any]] = [
+    {
+        "name": "orchestrator",
+        "base_port": 8443,
+        "role": "Task routing, workflow management",
+    },
+    {
+        "name": "architect",
+        "base_port": 8444,
+        "role": "ATLAS A/T phases, system design",
+    },
+    {
+        "name": "builder",
+        "base_port": 8445,
+        "role": "TDD code gen (RED->GREEN->REFACTOR)",
+    },
+    {
+        "name": "knowledge",
+        "base_port": 8449,
+        "role": "Self-healing patterns, recommendations",
+    },
+    {
+        "name": "monitor",
+        "base_port": 8450,
+        "role": "Log analysis, metrics, alerts, health checks",
+    },
+]
+CONDITIONAL_AGENTS: List[Dict[str, Any]] = [
+    {
+        "name": "compliance",
+        "base_port": 8446,
+        "role": "ATO artifacts, 9-framework compliance",
+        "requires": "compliance",
+    },
+    {
+        "name": "security",
+        "base_port": 8447,
+        "role": "SAST, dep audit, secret detection",
+        "requires": "security",
+    },
+    # D-CHILD-1: Enterprise child app agents
+    {
+        "name": "requirements_analyst",
+        "base_port": 8453,
+        "role": "Conversational intake, gap detection, SAFe decomposition",
+        "requires": "ricoas",
+    },
+    {
+        "name": "supply_chain",
+        "base_port": 8454,
+        "role": "Dependency graph, SBOM aggregation, ISA lifecycle, CVE triage",
+        "requires": "supply_chain",
+    },
+    {
+        "name": "simulation",
+        "base_port": 8455,
+        "role": "Digital Program Twin, Monte Carlo, COA generation",
+        "requires": "simulation",
+    },
+    {
+        "name": "devsecops_zta",
+        "base_port": 8457,
+        "role": "DevSecOps pipeline security, Zero Trust, policy-as-code",
+        "requires": "devsecops_zta",
+    },
+]
+# ============================================================
+# ESSENTIAL GOALS (21 goals for enterprise child apps — D-CHILD-1)
+# ============================================================
+ESSENTIAL_GOALS: List[str] = [
+    # Core (always included)
+    "build_app",
+    "tdd_workflow",
+    "compliance_workflow",
+    "security_scan",
+    "deploy_workflow",
+    "monitoring",
+    "self_healing",
+    "agent_management",
+    # D-CHILD-1: Enterprise-grade additions
+    "integration_testing",
+    "maintenance_audit",
+    "requirements_intake",
+    "boundary_supply_chain",
+    "simulation_engine",
+    "devsecops_workflow",
+    "zero_trust_architecture",
+    "mosa_workflow",
+    "observability_traceability_xai",
+    "ai_transparency",
+    "ai_accountability",
+    "owasp_agentic_security",
+    "code_intelligence",
+]
+# ============================================================
+# CAPABILITY -> SOURCE DIRECTORY MAPPING
+# ============================================================
+CAPABILITY_SOURCES: Dict[str, List[str]] = {
+    "core": ["tools/audit"],  # Audit trail always included
+    "multi_agent": ["tools/agent", "tools/a2a"],  # ICDEV A2A infra (only when needed)
+    "memory": ["tools/memory"],
+    "knowledge": ["tools/knowledge", "tools/monitor"],
+    "compliance": ["tools/compliance"],
+    "security": ["tools/security"],
+    "ai_security": ["tools/security"],  # D-CHILD-7: shares dir with security
+    "maintenance": ["tools/maintenance"],
+    "mbse": ["tools/mbse"],
+    "cicd": ["tools/ci"],
+    "testing": ["tools/testing"],
+    "dashboard": [],  # Full dashboard copied by child_app_generator (D-CHILD-4)
+    "infrastructure": ["tools/infra", "k8s", "docker"],  # D-CHILD-8: fixed key + k8s/docker
+    "db": ["tools/db"],
+    "project": ["tools/project"],
+    "llm": ["tools/llm"],        # D-CHILD-9: LLM router is fundamental infra
+    "compat": ["tools/compat"],   # D-CHILD-9: platform compatibility
+    "cli": ["tools/cli"],         # D-CHILD-9: CLI output formatter
+    # D-CHILD-1: Enterprise capability sources
+    "ricoas": ["tools/requirements"],
+    "supply_chain": ["tools/supply_chain"],
+    "simulation": ["tools/simulation"],
+    "devsecops_zta": ["tools/devsecops"],
+    "observability": ["tools/observability"],
+    "code_intelligence": ["tools/analysis"],
+}
+# Adaptations applied per source directory
+DIRECTORY_ADAPTATIONS: Dict[str, List[str]] = {
+    "tools/agent": ["port_remap", "db_rename", "app_name_replace"],
+    "tools/a2a": ["port_remap", "tls_cert_path"],
+    "tools/audit": ["db_rename", "classification_update"],
+    "tools/memory": ["db_rename", "app_name_replace"],
+    "tools/knowledge": ["db_rename"],
+    "tools/monitor": ["endpoint_remap", "app_name_replace"],
+    "tools/compliance": ["db_rename", "classification_update", "impact_level_update"],
+    "tools/security": ["app_name_replace"],
+    "tools/mbse": ["db_rename"],
+    "tools/ci": ["bot_identifier_replace", "app_name_replace"],
+    "tools/testing": ["app_name_replace"],
+    "tools/dashboard": ["port_remap", "db_rename", "app_name_replace"],
+    "tools/infra": ["region_replace", "app_name_replace"],
+    "tools/maintenance": ["db_rename", "app_name_replace"],
+    "tools/db": ["db_rename"],
+    "tools/project": ["db_rename", "app_name_replace"],
+    # D-CHILD-1: Enterprise capability adaptations
+    "tools/requirements": ["db_rename", "app_name_replace"],
+    "tools/supply_chain": ["db_rename", "app_name_replace"],
+    "tools/simulation": ["db_rename", "app_name_replace"],
+    "tools/devsecops": ["db_rename", "app_name_replace"],
+    "tools/observability": ["db_rename", "app_name_replace"],
+    "tools/analysis": ["db_rename", "app_name_replace"],
+    # D-CHILD-9: Always-on infrastructure
+    "tools/llm": ["app_name_replace"],
+    "tools/compat": [],
+    "tools/cli": [],
+    "k8s": ["app_name_replace", "port_remap"],
+    "docker": ["app_name_replace"],
+}
+# ============================================================
+# HELPER FUNCTIONS
+# ============================================================
+def _load_yaml(path: Path, default: Dict[str, Any]) -> Dict[str, Any]:
+    """Load YAML configuration with fallback to hardcoded defaults.
+    Args:
+        path: Path to the YAML file.
+        default: Default dict to return if YAML unavailable.
+    Returns:
+        Parsed YAML content or default dict.
+    """
+    if yaml is None:
+        logger.debug("PyYAML not installed — using defaults for %s", path.name)
+        return default.copy()
+    if not path.exists():
+        logger.debug("YAML file not found: %s — using defaults", path)
+        return default.copy()
+    try:
+        with open(path, encoding="utf-8") as f:
+            data = yaml.safe_load(f)
+        if not data or not isinstance(data, dict):
+            logger.warning("Empty or invalid YAML in %s — using defaults", path)
+            return default.copy()
+        logger.info("Loaded configuration from %s", path)
+        return data
+    except Exception as e:
+        logger.warning("Failed to load %s: %s — using defaults", path, e)
+        return default.copy()
+def _compute_blueprint_hash(blueprint: Dict[str, Any]) -> str:
+    """Compute SHA-256 hash of the blueprint for integrity verification.
+    Excludes the hash field itself and timestamps from the computation
+    to ensure deterministic hashing.
+    Args:
+        blueprint: Blueprint dict (blueprint_hash field is excluded).
+    Returns:
+        Hex-encoded SHA-256 hash string.
+    """
+    hashable = {k: v for k, v in blueprint.items()
+                if k not in ("blueprint_hash", "generated_at")}
+    serialized = json.dumps(hashable, sort_keys=True, default=str)
+    return hashlib.sha256(serialized.encode("utf-8")).hexdigest()
+def _safe_get_score(scorecard: Dict[str, Any], dimension: str, default: int = 0) -> int:
+    """Safely extract a dimension score from the fitness scorecard.
+    Args:
+        scorecard: Fitness scorecard dict.
+        dimension: Name of the scoring dimension.
+        default: Default value if dimension not found.
+    Returns:
+        Integer score value.
+    """
+    scores = scorecard.get("scores", {})
+    value = scores.get(dimension, default)
+    try:
+        return int(value)
+    except (TypeError, ValueError):
+        logger.warning("Non-integer score for %s: %s — using default %d",
+                       dimension, value, default)
+        return default
+# ============================================================
+# CORE FUNCTIONS
+# ============================================================
+def resolve_capabilities(
+    scorecard: Dict[str, Any],
+    user_decisions: Dict[str, Any],
+) -> Dict[str, bool]:
+    """Resolve which capabilities are enabled for the child app.
+    Reads context/agentic/capability_registry.yaml (or uses defaults)
+    and maps scorecard dimensions + user decisions to a capability map.
+    Rules:
+        - core: Always on
+        - multi_agent: When overall_score >= 4 (hybrid/agentic range)
+        - compliance: When compliance_sensitivity >= 6 OR user_decisions.ato_required
+        - security: When overall_score >= 5 OR user_decisions.security_required
+        - mbse: When user_decisions.mbse_enabled
+        - cicd: Always on
+        - testing: Always on
+        - dashboard: When user_interaction >= 4
+        - knowledge: Always on
+        - modernization: Never (excluded from child apps)
+        - infra: On when cicd is on
+        - db: Always on
+        - project: Always on
+        - memory: Always on
+        - ricoas: When compliance_sensitivity >= 7 OR user_decisions.ricoas_enabled
+        - supply_chain: Auto-follows ricoas
+        - simulation: Auto-follows ricoas
+        - devsecops_zta: When compliance_sensitivity >= 6 OR user_decisions.devsecops_enabled
+        - ai_security: When overall_score >= 5 OR user_decisions.ai_security_required
+        - ai_governance: When user_decisions.ai_governance_enabled
+        - observability: When overall_score >= 4
+        - code_intelligence: When overall_score >= 5 OR user_decisions.code_intelligence_enabled
+        - govcon: Never (parent-only, D-CHILD-3)
+    Args:
+        scorecard: Fitness scorecard from agentic_fitness.py.
+        user_decisions: User-provided decision overrides.
+    Returns:
+        Dict mapping capability name to boolean enabled status.
+    """
+    registry = _load_yaml(CAPABILITY_REGISTRY_PATH, DEFAULT_CAPABILITY_REGISTRY)
+    caps_registry = registry.get("capabilities", DEFAULT_CAPABILITY_REGISTRY["capabilities"])
+    overall_score = scorecard.get("overall_score", 0.0)
+    compliance_score = _safe_get_score(scorecard, "compliance_sensitivity")
+    interaction_score = _safe_get_score(scorecard, "user_interaction")
+    capabilities: Dict[str, bool] = {}
+    for cap_name, cap_def in caps_registry.items():
+        if cap_def.get("always_on", False):
+            capabilities[cap_name] = True
+            continue
+        condition = cap_def.get("condition", "")
+        if condition == "never":
+            capabilities[cap_name] = False
+            continue
+        # Evaluate conditions based on scorecard and user decisions
+        enabled = False
+        if cap_name == "compliance":
+            enabled = (
+                compliance_score >= 6
+                or user_decisions.get("ato_required", False)
+            )
+        elif cap_name == "security":
+            enabled = (
+                overall_score >= 5
+                or user_decisions.get("security_required", False)
+            )
+        elif cap_name == "mbse":
+            enabled = user_decisions.get("mbse_enabled", False)
+        elif cap_name == "dashboard":
+            enabled = interaction_score >= 4
+        elif cap_name == "multi_agent":
+            # Multi-agent infra when overall score indicates hybrid/agentic
+            enabled = overall_score >= 4
+        elif cap_name == "infra":
+            # Infra is on whenever cicd is on (cicd is always on)
+            enabled = True
+        elif cap_name == "modernization":
+            enabled = False
+        # D-CHILD-1: Enterprise capability resolution
+        elif cap_name == "ricoas":
+            enabled = (
+                compliance_score >= 7
+                or user_decisions.get("ricoas_enabled", False)
+            )
+        elif cap_name == "supply_chain":
+            # Auto-follows RICOAS
+            enabled = capabilities.get("ricoas", False)
+        elif cap_name == "simulation":
+            # Auto-follows RICOAS
+            enabled = capabilities.get("ricoas", False)
+        elif cap_name == "devsecops_zta":
+            enabled = (
+                compliance_score >= 6
+                or user_decisions.get("devsecops_enabled", False)
+            )
+        elif cap_name == "ai_security":
+            enabled = (
+                overall_score >= 5
+                or user_decisions.get("ai_security_required", False)
+            )
+        elif cap_name == "ai_governance":
+            enabled = user_decisions.get("ai_governance_enabled", False)
+        elif cap_name == "observability":
+            enabled = overall_score >= 4
+        elif cap_name == "code_intelligence":
+            enabled = (
+                overall_score >= 5
+                or user_decisions.get("code_intelligence_enabled", False)
+            )
+        else:
+            # Unknown capabilities default to off unless always_on
+            enabled = False
+        capabilities[cap_name] = enabled
+    # Apply explicit user overrides — user can force capabilities on/off
+    explicit_overrides = user_decisions.get("capabilities_override", {})
+    for cap_name, override_value in explicit_overrides.items():
+        if cap_name in capabilities:
+            previous = capabilities[cap_name]
+            capabilities[cap_name] = bool(override_value)
+            if previous != capabilities[cap_name]:
+                logger.info("User override: %s %s -> %s",
+                            cap_name, previous, capabilities[cap_name])
+    # Parent-only capabilities — NEVER enabled in child apps regardless of overrides
+    capabilities["modernization"] = False
+    capabilities["govcon"] = False  # D-CHILD-3: GovProposal/CPMP/GovCon parent-only
+    logger.info("Resolved capabilities: %s",
+                {k: v for k, v in capabilities.items() if v})
+    return capabilities
+def build_agent_roster(
+    capabilities: Dict[str, bool],
+    port_offset: int = 1000,
+) -> List[Dict[str, Any]]:
+    """Build the list of agent specifications for the child app.
+    5 core agents are always included. Conditional agents are added
+    based on enabled capabilities.
+    Each agent spec includes: name, port, role, health_endpoint, agent_card_path.
+    Args:
+        capabilities: Resolved capability map from resolve_capabilities().
+        port_offset: Port offset from ICDEV base ports (default 1000).
+    Returns:
+        List of agent specification dicts.
+    """
+    roster: List[Dict[str, Any]] = []
+    # Always include core agents
+    for agent_def in CORE_AGENTS:
+        port = agent_def["base_port"] + port_offset
+        roster.append({
+            "name": agent_def["name"],
+            "port": port,
+            "role": agent_def["role"],
+            "health_endpoint": f"https://localhost:{port}/health",
+            "agent_card_path": "/.well-known/agent.json",
+            "core": True,
+        })
+    # Conditionally include domain agents
+    for agent_def in CONDITIONAL_AGENTS:
+        required_cap = agent_def.get("requires", "")
+        if capabilities.get(required_cap, False):
+            port = agent_def["base_port"] + port_offset
+            roster.append({
+                "name": agent_def["name"],
+                "port": port,
+                "role": agent_def["role"],
+                "health_endpoint": f"https://localhost:{port}/health",
+                "agent_card_path": "/.well-known/agent.json",
+                "core": False,
+            })
+            logger.debug("Added conditional agent: %s (port %d)", agent_def["name"], port)
+        else:
+            logger.debug("Skipped agent %s — capability '%s' not enabled",
+                         agent_def["name"], required_cap)
+    logger.info("Agent roster: %d agents (%d core, %d conditional)",
+                len(roster),
+                sum(1 for a in roster if a.get("core")),
+                sum(1 for a in roster if not a.get("core")))
+    return roster
+def build_file_manifest(blueprint: Dict[str, Any]) -> List[Dict[str, Any]]:
+    """Build the file manifest describing what to copy and adapt for the child app.
+    Does NOT scan the filesystem -- records directory patterns and adaptation
+    rules for the child_app_generator (Phase 3) to handle actual file copying.
+    Each manifest entry contains:
+        - source: Relative source directory or file pattern in ICDEV
+        - dest: Relative destination in child app
+        - adaptations: List of adaptation types to apply
+    Args:
+        blueprint: Partial blueprint dict with capabilities resolved.
+    Returns:
+        List of manifest entry dicts.
+    """
+    capabilities = blueprint.get("capabilities", {})
+    blueprint.get("app_name", "child-app")
+    manifest: List[Dict[str, Any]] = []
+    # Always-included directories
+    always_include = [
+        "core", "memory", "knowledge", "db", "project",
+        "infrastructure", "llm", "compat", "cli",  # D-CHILD-8/9: fundamental infra
+    ]
+    # Conditionally included based on capabilities
+    conditional = ["multi_agent", "compliance", "security", "ai_security",
+                    "mbse", "cicd", "testing", "dashboard", "maintenance",
+                    # D-CHILD-1: Enterprise capabilities
+                    "ricoas", "supply_chain", "simulation", "devsecops_zta",
+                    "observability", "code_intelligence"]
+    included_caps = always_include.copy()
+    for cap in conditional:
+        if capabilities.get(cap, False):
+            included_caps.append(cap)
+    for cap_name in included_caps:
+        source_dirs = CAPABILITY_SOURCES.get(cap_name, [])
+        for source_dir in source_dirs:
+            adaptations = DIRECTORY_ADAPTATIONS.get(source_dir, ["app_name_replace"])
+            manifest.append({
+                "source": source_dir,
+                "dest": source_dir,
+                "capability": cap_name,
+                "adaptations": adaptations,
+            })
+    # Always include top-level config files
+    config_files = [
+        {
+            "source": "args/project_defaults.yaml",
+            "dest": "args/project_defaults.yaml",
+            "capability": "core",
+            "adaptations": ["app_name_replace", "port_remap"],
+        },
+        {
+            "source": "args/agent_config.yaml",
+            "dest": "args/agent_config.yaml",
+            "capability": "core",
+            "adaptations": ["port_remap", "agent_filter"],
+        },
+        {
+            "source": "args/monitoring_config.yaml",
+            "dest": "args/monitoring_config.yaml",
+            "capability": "knowledge",
+            "adaptations": ["endpoint_remap", "app_name_replace"],
+        },
+    ]
+    # Conditionally include compliance/security config files
+    if capabilities.get("compliance", False):
+        config_files.extend([
+            {
+                "source": "args/cui_markings.yaml",
+                "dest": "args/cui_markings.yaml",
+                "capability": "compliance",
+                "adaptations": ["classification_update"],
+            },
+            {
+                "source": "args/security_gates.yaml",
+                "dest": "args/security_gates.yaml",
+                "capability": "compliance",
+                "adaptations": ["threshold_adjust"],
+            },
+        ])
+    manifest.extend(config_files)
+    # Goals directory — include essential goals that map to enabled capabilities
+    goals_to_include = _resolve_goals_for_capabilities(capabilities)
+    for goal_name in goals_to_include:
+        manifest.append({
+            "source": f"goals/{goal_name}.md",
+            "dest": f"goals/{goal_name}.md",
+            "capability": "core",
+            "adaptations": ["app_name_replace"],
+        })
+    # Always include goals/manifest.md
+    manifest.append({
+        "source": "goals/manifest.md",
+        "dest": "goals/manifest.md",
+        "capability": "core",
+        "adaptations": ["goal_filter", "app_name_replace"],
+    })
+    # Context files
+    manifest.append({
+        "source": "context/",
+        "dest": "context/",
+        "capability": "core",
+        "adaptations": ["selective_copy"],
+    })
+    # Hard prompts
+    manifest.append({
+        "source": "hardprompts/",
+        "dest": "hardprompts/",
+        "capability": "core",
+        "adaptations": ["selective_copy"],
+    })
+    logger.info("File manifest: %d entries for %d capabilities",
+                len(manifest), len(included_caps))
+    return manifest
+def _resolve_goals_for_capabilities(
+    capabilities: Dict[str, bool],
+) -> List[str]:
+    """Determine which essential goals to include based on capabilities.
+    Args:
+        capabilities: Resolved capability map.
+    Returns:
+        List of goal file names (without extension).
+    """
+    # Mapping from goal to required capability (None = always include)
+    goal_capability_map: Dict[str, Optional[str]] = {
+        "build_app": None,
+        "tdd_workflow": None,
+        "compliance_workflow": "compliance",
+        "security_scan": "security",
+        "deploy_workflow": "cicd",
+        "monitoring": None,
+        "self_healing": None,
+        "agent_management": None,
+        # D-CHILD-1: Enterprise-grade goal mappings
+        "integration_testing": "testing",
+        "maintenance_audit": None,  # Always useful
+        "requirements_intake": "ricoas",
+        "boundary_supply_chain": "supply_chain",
+        "simulation_engine": "simulation",
+        "devsecops_workflow": "devsecops_zta",
+        "zero_trust_architecture": "devsecops_zta",
+        "mosa_workflow": "compliance",
+        "observability_traceability_xai": "observability",
+        "ai_transparency": "ai_security",
+        "ai_accountability": "ai_security",
+        "owasp_agentic_security": "ai_security",
+        "code_intelligence": "code_intelligence",
+    }
+    goals: List[str] = []
+    for goal_name, required_cap in goal_capability_map.items():
+        if required_cap is None or capabilities.get(required_cap, False):
+            goals.append(goal_name)
+    return goals
+def resolve_csp_mcp_servers(
+    cloud_config: Dict[str, Any],
+    capabilities: Dict[str, bool],
+) -> List[Dict[str, Any]]:
+    """Resolve which CSP MCP servers to include based on cloud provider and capabilities.
+    Reads context/agentic/csp_mcp_registry.yaml (or uses defaults) and selects
+    servers based on the target cloud provider and enabled capabilities.
+    Args:
+        cloud_config: Cloud provider configuration from the blueprint.
+        capabilities: Resolved capability map.
+    Returns:
+        List of MCP server config dicts for .mcp.json generation.
+    """
+    registry = _load_yaml(CSP_REGISTRY_PATH, DEFAULT_CSP_REGISTRY)
+    providers = registry.get("providers", DEFAULT_CSP_REGISTRY["providers"])
+    provider_name = cloud_config.get("provider", "aws")
+    provider_def = providers.get(provider_name)
+    if not provider_def:
+        logger.warning("Unknown cloud provider '%s' — falling back to aws", provider_name)
+        provider_def = providers.get("aws", {})
+        provider_name = "aws"
+    mcp_servers_def = provider_def.get("mcp_servers", {})
+    capability_mapping = registry.get("capability_mapping", {})
+    selected_servers: List[Dict[str, Any]] = []
+    included_categories: set = set()
+    # Determine which server categories to include based on capabilities
+    # Always include "core" and "docs" categories
+    included_categories.add("core")
+    included_categories.add("docs")
+    for cap_name, cap_enabled in capabilities.items():
+        if not cap_enabled:
+            continue
+        cap_map = capability_mapping.get(cap_name, {})
+        provider_categories = cap_map.get(provider_name, [])
+        for cat in provider_categories:
+            included_categories.add(cat)
+    # Iterate through server categories and collect matching servers
+    for category, server_list in mcp_servers_def.items():
+        if category not in included_categories:
+            continue
+        # Each category maps to a list of server defs
+        if not isinstance(server_list, list):
+            server_list = [server_list]
+        for server_def in server_list:
+            if isinstance(server_def, dict):
+                server_name = server_def.get("name", category)
+                description = server_def.get("description", "")
+            else:
+                server_name = str(server_def)
+                description = ""
+            selected_servers.append({
+                "name": server_name,
+                "description": description,
+                "provider": provider_name,
+                "category": category,
+            })
+    logger.info("CSP MCP servers for %s: %d selected from %d categories",
+                provider_name,
+                len(selected_servers),
+                len(included_categories))
+    return selected_servers
+# ============================================================
+# MAIN ORCHESTRATOR
+# ============================================================
+def generate_blueprint(
+    scorecard: Dict[str, Any],
+    user_decisions: Dict[str, Any],
+    app_name: str,
+    port_offset: int = 1000,
+    cloud_provider: str = "aws",
+    cloud_region: str = "us-gov-west-1",
+    govcloud: bool = False,
+    parent_callback_url: Optional[str] = None,
+    impact_level: str = "IL4",
+) -> Dict[str, Any]:
+    """Generate a complete deployment blueprint from fitness scorecard and user decisions.
+    This is the main entry point that orchestrates all sub-functions to produce
+    a comprehensive blueprint JSON for downstream child app generators.
+    Args:
+        scorecard: Fitness scorecard from agentic_fitness.py (JSON dict).
+        user_decisions: User-provided decisions and overrides.
+        app_name: Name for the child application.
+        port_offset: Port offset from ICDEV base ports (default 1000).
+        cloud_provider: Target cloud provider (aws, gcp, azure, oracle, ibm).
+        cloud_region: Target deployment region.
+        govcloud: Whether to use GovCloud partition.
+        parent_callback_url: Optional URL for parent ICDEV callback.
+        impact_level: DoD Impact Level (IL2, IL4, IL5, IL6).
+    Returns:
+        Complete blueprint dict ready for serialization and downstream consumption.
+    """
+    blueprint_id = str(uuid.uuid4())
+    logger.info("Generating blueprint %s for app '%s'", blueprint_id, app_name)
+    # Step 1: Resolve capabilities from scorecard + user decisions
+    capabilities = resolve_capabilities(scorecard, user_decisions)
+    # Step 2: Build cloud provider configuration
+    csp_registry = _load_yaml(CSP_REGISTRY_PATH, DEFAULT_CSP_REGISTRY)
+    provider_data = csp_registry.get("providers", {}).get(cloud_provider, {})
+    knowledge_bases = provider_data.get("knowledge_bases", [])
+    cloud_config = {
+        "provider": cloud_provider,
+        "region": cloud_region,
+        "govcloud": govcloud,
+        "knowledge_bases": knowledge_bases,
+        "mcp_servers": [],  # Populated below
+    }
+    # Step 3: Resolve CSP MCP servers
+    csp_servers = resolve_csp_mcp_servers(cloud_config, capabilities)
+    cloud_config["mcp_servers"] = [s["name"] for s in csp_servers]
+    # Step 4: Build agent roster
+    agents = build_agent_roster(capabilities, port_offset)
+    # Step 5: Determine classification from impact level
+    demo_mode = user_decisions.get("demo_mode", False)
+    classification_map = {
+        "IL2": "PUBLIC",
+        "IL4": "CUI",
+        "IL5": "CUI",
+        "IL6": "SECRET",
+    }
+    if demo_mode:
+        # Demo apps are always PUBLIC/IL2 to avoid classification violations
+        classification = "PUBLIC"
+        impact_level = "IL2"
+        logger.info("Demo mode: forcing classification=PUBLIC, impact_level=IL2")
+    else:
+        classification = classification_map.get(impact_level, "CUI")
+    # Step 6: Build DB, memory, and CI/CD configs
+    db_config = {
+        "engine": "sqlite",
+        "name": f"{app_name}.db",
+        "path": f"data/{app_name}.db",
+        "initial_tables": "minimal",
+        "migration_supported": True,
+    }
+    memory_config = {
+        "memory_md": True,
+        "daily_logs": True,
+        "sqlite_db": True,
+        "semantic_search": True,
+        "embeddings": True,
+    }
+    cicd_config = {
+        "github": True,
+        "gitlab": True,
+        "webhooks": True,
+        "polling": True,
+        "slash_commands": True,
+        "bot_identifier": f"[{app_name.upper()}-BOT]",
+    }
+    # Step 7: Resolve goals
+    goals_config = _resolve_goals_for_capabilities(capabilities)
+    # Step 8: Build parent callback config
+    parent_callback = {
+        "enabled": parent_callback_url is not None,
+        "url": parent_callback_url or "",
+        "auth": "bearer_token" if parent_callback_url else "none",
+    }
+    # Step 9: ATLAS config — fitness step is disabled in child apps
+    atlas_config = {
+        "fitness_step": False,
+        "model_phase": capabilities.get("mbse", False),
+        "phases": ["architect", "trace", "link", "assemble", "stress_test"],
+    }
+    if atlas_config["model_phase"]:
+        atlas_config["phases"].insert(0, "model")
+    # Step 10: Grandchild prevention — prevents recursive child app generation
+    grandchild_prevention = {
+        "enabled": True,
+        "config_flag": True,
+        "scaffolder_strip": True,
+        "claude_md_doc": True,
+        "description": (
+            "Child apps MUST NOT generate their own child apps. "
+            "The agentic fitness assessor and app blueprint engine are "
+            "stripped from child app scaffolds. CLAUDE.md documents this restriction."
+        ),
+    }
+    # Assemble the blueprint (without hash — hash computed after assembly)
+    blueprint: Dict[str, Any] = {
+        "blueprint_id": blueprint_id,
+        "app_name": app_name,
+        "classification": classification,
+        "impact_level": impact_level,
+        "fitness_scorecard": {
+            "component": scorecard.get("component", "unknown"),
+            "overall_score": scorecard.get("overall_score", 0.0),
+            "scores": scorecard.get("scores", {}),
+            "architecture": scorecard.get("recommendations", {}).get(
+                "architecture", "traditional"
+            ),
+        },
+        "capabilities": capabilities,
+        "agents": agents,
+        "cloud_provider": cloud_config,
+        "csp_mcp_servers": csp_servers,
+        "db_config": db_config,
+        "memory_config": memory_config,
+        "cicd_config": cicd_config,
+        "goals_config": goals_config,
+        "parent_callback": parent_callback,
+        "atlas_config": atlas_config,
+        "grandchild_prevention": grandchild_prevention,
+        "file_manifest": [],  # Populated below
+        "generated_at": datetime.now(tz=__import__('datetime').timezone.utc).isoformat(),
+        "demo_mode": demo_mode,
+        "generated_by": "icdev/app_blueprint",
+        "blueprint_hash": "",  # Computed below
+    }
+    # Step 11: Build file manifest (needs partial blueprint for capability reference)
+    blueprint["file_manifest"] = build_file_manifest(blueprint)
+    # Step 12: Compute integrity hash
+    blueprint["blueprint_hash"] = _compute_blueprint_hash(blueprint)
+    # Step 13: Audit trail
+    _log_blueprint_audit(blueprint)
+    logger.info(
+        "Blueprint %s generated: %d capabilities, %d agents, %d manifest entries, hash=%s",
+        blueprint_id,
+        sum(1 for v in capabilities.values() if v),
+        len(agents),
+        len(blueprint["file_manifest"]),
+        blueprint["blueprint_hash"][:16] + "...",
+    )
+    return blueprint
+def _log_blueprint_audit(blueprint: Dict[str, Any]) -> None:
+    """Log blueprint generation to audit trail.
+    Args:
+        blueprint: Generated blueprint dict.
+    """
+    try:
+        audit_log_event(
+            event_type="blueprint.generated",
+            actor="builder/app_blueprint",
+            action=f"Generated blueprint for '{blueprint.get('app_name', 'unknown')}'",
+            project_id=blueprint.get("blueprint_id", ""),
+            details=json.dumps({
+                "blueprint_id": blueprint.get("blueprint_id"),
+                "app_name": blueprint.get("app_name"),
+                "impact_level": blueprint.get("impact_level"),
+                "capabilities_enabled": sum(
+                    1 for v in blueprint.get("capabilities", {}).values() if v
+                ),
+                "agent_count": len(blueprint.get("agents", [])),
+                "manifest_entries": len(blueprint.get("file_manifest", [])),
+                "cloud_provider": blueprint.get("cloud_provider", {}).get("provider"),
+                "blueprint_hash": blueprint.get("blueprint_hash", "")[:32],
+            }),
+        )
+    except Exception as e:
+        logger.debug("Audit log failed: %s", e)
+def _persist_blueprint(blueprint: Dict[str, Any]) -> bool:
+    """Persist blueprint to the ICDEV database.
+    Args:
+        blueprint: Generated blueprint dict.
+    Returns:
+        True if persisted successfully, False otherwise.
+    """
+    if not DB_PATH.exists():
+        logger.debug("Database not found at %s — skipping persistence", DB_PATH)
+        return False
+    try:
+        import sqlite3
+        conn = sqlite3.connect(str(DB_PATH))
+        conn.execute(
+            """INSERT OR REPLACE INTO app_blueprints
+               (id, app_name, classification, impact_level, capabilities,
+                agents, cloud_provider, blueprint_hash, generated_at, full_blueprint)
+               VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)""",
+            (
+                blueprint.get("blueprint_id"),
+                blueprint.get("app_name"),
+                blueprint.get("classification"),
+                blueprint.get("impact_level"),
+                json.dumps(blueprint.get("capabilities", {})),
+                json.dumps(blueprint.get("agents", [])),
+                blueprint.get("cloud_provider", {}).get("provider", "aws"),
+                blueprint.get("blueprint_hash", ""),
+                blueprint.get("generated_at", ""),
+                json.dumps(blueprint, default=str),
+            ),
+        )
+        conn.commit()
+        conn.close()
+        logger.info("Blueprint %s persisted to database", blueprint.get("blueprint_id"))
+        return True
+    except Exception as e:
+        logger.warning("Blueprint DB persistence failed: %s", e)
+        return False
+def _load_scorecard_file(path: str) -> Dict[str, Any]:
+    """Load a fitness scorecard from a JSON file.
+    Args:
+        path: Path to the scorecard JSON file.
+    Returns:
+        Parsed scorecard dict.
+    Raises:
+        FileNotFoundError: If the file does not exist.
+        json.JSONDecodeError: If the file is not valid JSON.
+    """
+    scorecard_path = Path(path)
+    if not scorecard_path.exists():
+        raise FileNotFoundError(f"Fitness scorecard not found: {path}")
+    with open(scorecard_path, encoding="utf-8") as f:
+        data = json.load(f)
+    if not isinstance(data, dict):
+        raise ValueError(f"Scorecard must be a JSON object, got {type(data).__name__}")
+    # Validate minimal required fields
+    if "scores" not in data and "overall_score" not in data:
+        logger.warning("Scorecard missing 'scores' and 'overall_score' fields")
+    return data
+def _parse_user_decisions(raw: str) -> Dict[str, Any]:
+    """Parse user decisions from a JSON string or file path.
+    Args:
+        raw: JSON string or path to a JSON file.
+    Returns:
+        Parsed user decisions dict.
+    Raises:
+        ValueError: If the input cannot be parsed as JSON.
+    """
+    # Try as file path first
+    path = Path(raw)
+    if path.exists() and path.is_file():
+        try:
+            with open(path, encoding="utf-8") as f:
+                data = json.load(f)
+            if isinstance(data, dict):
+                return data
+        except (json.JSONDecodeError, OSError):
+            pass  # Fall through to try as raw JSON string
+    # Try as raw JSON string
+    try:
+        data = json.loads(raw)
+        if isinstance(data, dict):
+            return data
+        raise ValueError(f"User decisions must be a JSON object, got {type(data).__name__}")
+    except json.JSONDecodeError as e:
+        raise ValueError(f"Failed to parse user decisions as JSON: {e}") from e
+# ============================================================
+# CLI ENTRY POINT
+# ============================================================
+def main():
+    """CLI entry point for the App Blueprint Engine."""
+    logging.basicConfig(
+        level=logging.INFO,
+        format="%(asctime)s [%(name)s] %(levelname)s: %(message)s",
+    )
+    parser = argparse.ArgumentParser(
+        description="App Blueprint Engine - generate deployment blueprint from fitness scorecard",
+    )
+    parser.add_argument(
+        "--fitness-scorecard",
+        required=True,
+        help="Path to fitness scorecard JSON file (output of agentic_fitness.py)",
+    )
+    parser.add_argument(
+        "--user-decisions",
+        required=True,
+        help='User decisions as JSON string or path to JSON file '
+             '(e.g., \'{"ato_required": true, "mbse_enabled": false}\')',
+    )
+    parser.add_argument(
+        "--app-name",
+        required=True,
+        help="Name for the child application",
+    )
+    parser.add_argument(
+        "--port-offset",
+        type=int,
+        default=1000,
+        help="Port offset from ICDEV base ports (default: 1000)",
+    )
+    parser.add_argument(
+        "--cloud-provider",
+        choices=["aws", "gcp", "azure", "oracle", "ibm"],
+        default="aws",
+        help="Target cloud service provider (default: aws)",
+    )
+    parser.add_argument(
+        "--cloud-region",
+        default="us-gov-west-1",
+        help="Target deployment region (default: us-gov-west-1)",
+    )
+    parser.add_argument(
+        "--govcloud",
+        action="store_true",
+        help="Use GovCloud partition",
+    )
+    parser.add_argument(
+        "--parent-callback-url",
+        default=None,
+        help="URL for parent ICDEV callback (optional)",
+    )
+    parser.add_argument(
+        "--impact-level",
+        choices=["IL2", "IL4", "IL5", "IL6"],
+        default="IL4",
+        help="DoD Impact Level (default: IL4)",
+    )
+    parser.add_argument(
+        "--json",
+        action="store_true",
+        dest="json_output",
+        help="Output blueprint as JSON",
+    )
+    parser.add_argument(
+        "--output",
+        default=None,
+        help="Write blueprint JSON to file path",
+    )
+    parser.add_argument(
+        "--persist",
+        action="store_true",
+        help="Persist blueprint to ICDEV database",
+    )
+    parser.add_argument(
+        "--verbose", "-v",
+        action="store_true",
+        help="Enable debug logging",
+    )
+    parser.add_argument(
+        "--demo",
+        action="store_true",
+        help="Mark child app as DEMONSTRATION ONLY (PUBLIC classification, IL2, banners)",
+    )
+    args = parser.parse_args()
+    if args.verbose:
+        logging.getLogger().setLevel(logging.DEBUG)
+    # Load inputs
+    try:
+        scorecard = _load_scorecard_file(args.fitness_scorecard)
+    except (FileNotFoundError, json.JSONDecodeError, ValueError) as e:
+        logger.error("Failed to load fitness scorecard: %s", e)
+        sys.exit(1)
+    try:
+        user_decisions = _parse_user_decisions(args.user_decisions)
+    except ValueError as e:
+        logger.error("Failed to parse user decisions: %s", e)
+        sys.exit(1)
+    # Merge --demo flag into user_decisions so generate_blueprint sees it
+    if args.demo:
+        user_decisions["demo_mode"] = True
+    # Generate blueprint
+    blueprint = generate_blueprint(
+        scorecard=scorecard,
+        user_decisions=user_decisions,
+        app_name=args.app_name,
+        port_offset=args.port_offset,
+        cloud_provider=args.cloud_provider,
+        cloud_region=args.cloud_region,
+        govcloud=args.govcloud,
+        parent_callback_url=args.parent_callback_url,
+        impact_level=args.impact_level,
+    )
+    # Persist to DB if requested
+    if args.persist:
+        success = _persist_blueprint(blueprint)
+        if not success:
+            logger.warning("Blueprint persistence requested but failed")
+    # Output
+    if args.json_output or args.output:
+        output_json = json.dumps(blueprint, indent=2, default=str)
+        if args.output:
+            output_path = Path(args.output)
+            output_path.parent.mkdir(parents=True, exist_ok=True)
+            output_path.write_text(output_json, encoding="utf-8")
+            logger.info("Blueprint written to %s", args.output)
+        if args.json_output:
+            print(output_json)
+    else:
+        # Human-readable summary
+        _print_blueprint_summary(blueprint)
+def _print_blueprint_summary(blueprint: Dict[str, Any]) -> None:
+    """Print a human-readable summary of the blueprint.
+    Args:
+        blueprint: Generated blueprint dict.
+    """
+    caps = blueprint.get("capabilities", {})
+    agents = blueprint.get("agents", [])
+    manifest = blueprint.get("file_manifest", [])
+    cloud = blueprint.get("cloud_provider", {})
+    scorecard = blueprint.get("fitness_scorecard", {})
+    print(f"\n{'='*70}")
+    print(f"  APP BLUEPRINT: {blueprint.get('app_name', 'unknown')}")
+    print(f"{'='*70}")
+    print(f"  Blueprint ID:    {blueprint.get('blueprint_id', 'N/A')}")
+    print(f"  Classification:  {blueprint.get('classification', 'N/A')}")
+    print(f"  Impact Level:    {blueprint.get('impact_level', 'N/A')}")
+    print(f"  Architecture:    {scorecard.get('architecture', 'N/A').upper()}")
+    print(f"  Overall Score:   {scorecard.get('overall_score', 0.0):.2f} / 10.0")
+    print(f"  Hash:            {blueprint.get('blueprint_hash', 'N/A')[:32]}...")
+    print(f"{'='*70}")
+    print(f"\n  Capabilities ({sum(1 for v in caps.values() if v)} enabled):")
+    for cap_name, enabled in sorted(caps.items()):
+        status = "[ON] " if enabled else "[OFF]"
+        print(f"    {status} {cap_name}")
+    print(f"\n  Agents ({len(agents)}):")
+    for agent in agents:
+        core_tag = " (core)" if agent.get("core") else ""
+        print(f"    - {agent['name']:<15s} port {agent['port']}{core_tag}")
+    print("\n  Cloud Provider:")
+    print(f"    Provider:  {cloud.get('provider', 'N/A')}")
+    print(f"    Region:    {cloud.get('region', 'N/A')}")
+    print(f"    GovCloud:  {cloud.get('govcloud', False)}")
+    mcp_names = cloud.get("mcp_servers", [])
+    if mcp_names:
+        print(f"    MCP Servers: {', '.join(mcp_names)}")
+    print(f"\n  Goals ({len(blueprint.get('goals_config', []))}):")
+    for goal in blueprint.get("goals_config", []):
+        print(f"    - {goal}")
+    print(f"\n  File Manifest: {len(manifest)} entries")
+    print(f"  Grandchild Prevention: "
+          f"{'ENABLED' if blueprint.get('grandchild_prevention', {}).get('enabled') else 'DISABLED'}")
+    print(f"  Parent Callback: "
+          f"{'ENABLED' if blueprint.get('parent_callback', {}).get('enabled') else 'DISABLED'}")
+    print(f"\n  Generated: {blueprint.get('generated_at', 'N/A')}")
+    print(f"{'='*70}\n")
+if __name__ == "__main__":
+    main()