PyPI - icdev - Versions diffs - 1.0.0__py3-none-any.whl - Mend

icdev 1.0.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1105) hide show

icdev/__init__.py +18 -0
icdev/_paths.py +85 -0
icdev/_version.py +3 -0
icdev/data/__init__.py +1 -0
icdev/data/args/__init__.py +1 -0
icdev/data/args/agent_authority.yaml +61 -0
icdev/data/args/agent_config.yaml +355 -0
icdev/data/args/agentic_fitness.yaml +31 -0
icdev/data/args/ai_governance_config.yaml +137 -0
icdev/data/args/atlas_critique_config.yaml +66 -0
icdev/data/args/bedrock_models.yaml +63 -0
icdev/data/args/cicd_config.yaml +82 -0
icdev/data/args/classification_config.yaml +232 -0
icdev/data/args/cli_config.yaml +154 -0
icdev/data/args/cloud_config.yaml +63 -0
icdev/data/args/code_pattern_config.yaml +151 -0
icdev/data/args/code_quality_config.yaml +47 -0
icdev/data/args/companion_registry.yaml +202 -0
icdev/data/args/context_config.yaml +82 -0
icdev/data/args/csp_monitor_config.yaml +268 -0
icdev/data/args/cui_markings.yaml +35 -0
icdev/data/args/db_config.yaml +40 -0
icdev/data/args/deployment_profiles.yaml +248 -0
icdev/data/args/dev_profile_config.yaml +144 -0
icdev/data/args/devsecops_config.yaml +286 -0
icdev/data/args/endpoint_security_config.yaml +137 -0
icdev/data/args/extension_config.yaml +79 -0
icdev/data/args/file_access_tiers.yaml +88 -0
icdev/data/args/framework_registry.yaml +415 -0
icdev/data/args/innovation_config.yaml +431 -0
icdev/data/args/installation_manifest.yaml +1087 -0
icdev/data/args/llm_config.yaml +495 -0
icdev/data/args/maintenance_config.yaml +55 -0
icdev/data/args/memory_config.yaml +83 -0
icdev/data/args/monitoring_config.yaml +127 -0
icdev/data/args/mosa_config.yaml +190 -0
icdev/data/args/nlq_config.yaml +35 -0
icdev/data/args/observability_config.yaml +39 -0
icdev/data/args/observability_tracing_config.yaml +170 -0
icdev/data/args/oscal_tools_config.yaml +43 -0
icdev/data/args/owasp_agentic_config.yaml +171 -0
icdev/data/args/phase_registry.yaml +618 -0
icdev/data/args/project_defaults.yaml +235 -0
icdev/data/args/prompt_chains.yaml +163 -0
icdev/data/args/resilience_config.yaml +50 -0
icdev/data/args/ricoas_config.yaml +191 -0
icdev/data/args/role_personas.yaml +362 -0
icdev/data/args/scaling_config.yaml +176 -0
icdev/data/args/security_gates.yaml +685 -0
icdev/data/args/skill_injection_config.yaml +322 -0
icdev/data/args/spec_config.yaml +53 -0
icdev/data/args/supply_chain_config.yaml +76 -0
icdev/data/args/translation_config.yaml +228 -0
icdev/data/args/workflow_templates/ato_acceleration.yaml +54 -0
icdev/data/args/workflow_templates/build_deploy.yaml +63 -0
icdev/data/args/workflow_templates/full_compliance.yaml +43 -0
icdev/data/args/workflow_templates/security_hardening.yaml +55 -0
icdev/data/args/worktree_config.yaml +34 -0
icdev/data/args/zta_config.yaml +247 -0
icdev/data/context/__init__.py +1 -0
icdev/data/context/agent/__init__.py +1 -0
icdev/data/context/agent/response_schemas/__init__.py +1 -0
icdev/data/context/agent/response_schemas/debate_position.json +46 -0
icdev/data/context/agent/response_schemas/fitness_scorecard.json +74 -0
icdev/data/context/agent/response_schemas/review_decision.json +39 -0
icdev/data/context/agent/response_schemas/task_decomposition.json +82 -0
icdev/data/context/agent/response_schemas/veto_decision.json +40 -0
icdev/data/context/agentic/__init__.py +1 -0
icdev/data/context/agentic/architecture_patterns.md +269 -0
icdev/data/context/agentic/capability_registry.yaml +202 -0
icdev/data/context/agentic/csp_mcp_registry.yaml +280 -0
icdev/data/context/agentic/fitness_rubric.md +56 -0
icdev/data/context/agentic/governance_baseline.md +205 -0
icdev/data/context/ci/__init__.py +1 -0
icdev/data/context/ci/worktree_templates.json +44 -0
icdev/data/context/cloud/__init__.py +1 -0
icdev/data/context/cloud/csp_service_registry.json +739 -0
icdev/data/context/compliance/__init__.py +1 -0
icdev/data/context/compliance/atlas_mitigations.json +293 -0
icdev/data/context/compliance/atlas_techniques.json +833 -0
icdev/data/context/compliance/cisa_sbd_requirements.json +432 -0
icdev/data/context/compliance/cjis_security_policy.json +522 -0
icdev/data/context/compliance/cmmc_practices.json +2494 -0
icdev/data/context/compliance/cmmc_report_template.md +142 -0
icdev/data/context/compliance/cnssi_1253_overlay.json +109 -0
icdev/data/context/compliance/control_crosswalk.json +1914 -0
icdev/data/context/compliance/control_families/__init__.py +1 -0
icdev/data/context/compliance/csp_certifications.json +251 -0
icdev/data/context/compliance/cssp_report_template.md +193 -0
icdev/data/context/compliance/cui_templates/__init__.py +1 -0
icdev/data/context/compliance/cui_templates/banner_block.txt +4 -0
icdev/data/context/compliance/cui_templates/code_header.txt +8 -0
icdev/data/context/compliance/cui_templates/document_template.md +35 -0
icdev/data/context/compliance/data_type_framework_map.json +321 -0
icdev/data/context/compliance/data_type_registry.json +147 -0
icdev/data/context/compliance/dod_cssp_8530.json +463 -0
icdev/data/context/compliance/eu_ai_act_annex_iii.json +108 -0
icdev/data/context/compliance/export_templates/__init__.py +1 -0
icdev/data/context/compliance/export_templates/emass_controls.csv.j2 +4 -0
icdev/data/context/compliance/export_templates/evidence_package.md.j2 +39 -0
icdev/data/context/compliance/export_templates/executive_summary.md.j2 +55 -0
icdev/data/context/compliance/export_templates/poam_tracking.csv.j2 +4 -0
icdev/data/context/compliance/fedramp_20x_ksi_schemas.json +133 -0
icdev/data/context/compliance/fedramp_high_baseline.json +4370 -0
icdev/data/context/compliance/fedramp_moderate_baseline.json +2183 -0
icdev/data/context/compliance/fedramp_report_template.md +181 -0
icdev/data/context/compliance/fips_200_areas.json +362 -0
icdev/data/context/compliance/gao_ai_accountability.json +262 -0
icdev/data/context/compliance/hipaa_security_rule.json +720 -0
icdev/data/context/compliance/hitrust_csf_v11.json +930 -0
icdev/data/context/compliance/impact_level_profiles.json +251 -0
icdev/data/context/compliance/incident_response_template.md +1110 -0
icdev/data/context/compliance/iso27001_2022_controls.json +750 -0
icdev/data/context/compliance/iso27001_nist_bridge.json +382 -0
icdev/data/context/compliance/iso42001_controls.json +254 -0
icdev/data/context/compliance/ivv_checklist_template.md +80 -0
icdev/data/context/compliance/ivv_report_template.md +116 -0
icdev/data/context/compliance/ivv_requirements.json +372 -0
icdev/data/context/compliance/mosa_crosswalk.json +327 -0
icdev/data/context/compliance/mosa_framework.json +250 -0
icdev/data/context/compliance/narrative_templates/AC.md.j2 +101 -0
icdev/data/context/compliance/narrative_templates/AU.md.j2 +106 -0
icdev/data/context/compliance/narrative_templates/IA.md.j2 +104 -0
icdev/data/context/compliance/narrative_templates/SC.md.j2 +102 -0
icdev/data/context/compliance/narrative_templates/SI.md.j2 +111 -0
icdev/data/context/compliance/narrative_templates/__init__.py +1 -0
icdev/data/context/compliance/narrative_templates/default.md.j2 +50 -0
icdev/data/context/compliance/narrative_templates/executive_summary.j2 +27 -0
icdev/data/context/compliance/narrative_templates/poam_milestone.j2 +19 -0
icdev/data/context/compliance/narrative_templates/ssp_section.j2 +11 -0
icdev/data/context/compliance/nist_800_171_controls.json +1552 -0
icdev/data/context/compliance/nist_800_207_crosswalk.json +399 -0
icdev/data/context/compliance/nist_800_207_zta.json +258 -0
icdev/data/context/compliance/nist_800_53.json +324 -0
icdev/data/context/compliance/nist_ai_600_1_genai.json +326 -0
icdev/data/context/compliance/nist_ai_rmf.json +206 -0
icdev/data/context/compliance/nist_sp_800_60_types.json +1667 -0
icdev/data/context/compliance/omb_m25_21_high_impact_ai.json +248 -0
icdev/data/context/compliance/omb_m26_04_unbiased_ai.json +262 -0
icdev/data/context/compliance/owasp_agentic_asi.json +133 -0
icdev/data/context/compliance/owasp_agentic_threats.json +285 -0
icdev/data/context/compliance/owasp_llm_top10.json +274 -0
icdev/data/context/compliance/pci_dss_v4.json +510 -0
icdev/data/context/compliance/poam_template.md +117 -0
icdev/data/context/compliance/safeai_controls.json +512 -0
icdev/data/context/compliance/sbd_report_template.md +77 -0
icdev/data/context/compliance/siem_config_templates/__init__.py +1 -0
icdev/data/context/compliance/siem_config_templates/filebeat.yml +213 -0
icdev/data/context/compliance/siem_config_templates/log_sources.json +208 -0
icdev/data/context/compliance/soc2_trust_criteria.json +661 -0
icdev/data/context/compliance/ssp_template.md +432 -0
icdev/data/context/compliance/stig_templates/__init__.py +1 -0
icdev/data/context/compliance/stig_templates/webapp_stig.json +139 -0
icdev/data/context/compliance/xai_requirements.json +108 -0
icdev/data/context/dashboard/__init__.py +1 -0
icdev/data/context/dashboard/nlq_examples.json +50 -0
icdev/data/context/dashboard/schema_descriptions.json +23 -0
icdev/data/context/integration/__init__.py +1 -0
icdev/data/context/integration/approval_workflows.json +32 -0
icdev/data/context/integration/gitlab_field_mappings.json +33 -0
icdev/data/context/integration/jira_field_mappings.json +32 -0
icdev/data/context/integration/reqif_export_schema.json +23 -0
icdev/data/context/integration/servicenow_field_mappings.json +22 -0
icdev/data/context/languages/__init__.py +1 -0
icdev/data/context/languages/framework_patterns.json +205 -0
icdev/data/context/languages/language_registry.json +279 -0
icdev/data/context/llm/__init__.py +1 -0
icdev/data/context/llm/example_provider.py +86 -0
icdev/data/context/mbse/__init__.py +1 -0
icdev/data/context/mbse/des_report_template.md +162 -0
icdev/data/context/mbse/des_requirements.json +411 -0
icdev/data/context/mbse/digital_thread_patterns.json +403 -0
icdev/data/context/mbse/reqif_schema.json +280 -0
icdev/data/context/mbse/sysml_element_types.json +432 -0
icdev/data/context/modernization/__init__.py +1 -0
icdev/data/context/modernization/db_type_mappings.json +148 -0
icdev/data/context/modernization/decomposition_patterns.json +284 -0
icdev/data/context/modernization/framework_migration_patterns.json +359 -0
icdev/data/context/modernization/migration_report_template.md +168 -0
icdev/data/context/modernization/seven_rs_catalog.json +369 -0
icdev/data/context/modernization/version_upgrade_rules.json +279 -0
icdev/data/context/oscal/NIST_SP-800-53_rev5_catalog.json +254987 -0
icdev/data/context/oscal/README.md +43 -0
icdev/data/context/patterns/__init__.py +1 -0
icdev/data/context/profiles/__init__.py +1 -0
icdev/data/context/profiles/dod_baseline_v1.yaml +145 -0
icdev/data/context/profiles/fedramp_baseline_v1.yaml +143 -0
icdev/data/context/profiles/financial_baseline_v1.yaml +142 -0
icdev/data/context/profiles/healthcare_baseline_v1.yaml +135 -0
icdev/data/context/profiles/law_enforcement_v1.yaml +129 -0
icdev/data/context/profiles/startup_v1.yaml +134 -0
icdev/data/context/requirements/__init__.py +1 -0
icdev/data/context/requirements/ambiguity_patterns.json +97 -0
icdev/data/context/requirements/boundary_impact_rules.json +123 -0
icdev/data/context/requirements/default_constitutions.json +67 -0
icdev/data/context/requirements/document_extraction_rules.json +58 -0
icdev/data/context/requirements/gap_patterns.json +108 -0
icdev/data/context/requirements/readiness_rubric.json +78 -0
icdev/data/context/requirements/red_alternative_patterns.json +210 -0
icdev/data/context/requirements/safe_templates.json +72 -0
icdev/data/context/requirements/spec_quality_checklist.json +122 -0
icdev/data/context/simulation/__init__.py +1 -0
icdev/data/context/simulation/architecture_patterns.json +36 -0
icdev/data/context/simulation/coa_templates.json +38 -0
icdev/data/context/simulation/cost_models.json +23 -0
icdev/data/context/simulation/risk_categories.json +46 -0
icdev/data/context/supply_chain/__init__.py +1 -0
icdev/data/context/supply_chain/isa_templates.json +129 -0
icdev/data/context/supply_chain/nist_800_161_controls.json +247 -0
icdev/data/context/supply_chain/scrm_risk_matrix.json +147 -0
icdev/data/context/templates/__init__.py +1 -0
icdev/data/context/templates/ansible/__init__.py +1 -0
icdev/data/context/templates/ansible/playbooks/__init__.py +1 -0
icdev/data/context/templates/ansible/roles/__init__.py +1 -0
icdev/data/context/templates/gitlab_ci/__init__.py +1 -0
icdev/data/context/templates/grafana/__init__.py +1 -0
icdev/data/context/templates/kubernetes/__init__.py +1 -0
icdev/data/context/templates/project/__init__.py +1 -0
icdev/data/context/templates/project/api/__init__.py +1 -0
icdev/data/context/templates/project/cli/__init__.py +1 -0
icdev/data/context/templates/project/data_pipeline/__init__.py +1 -0
icdev/data/context/templates/project/iac/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/src/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/tests/__init__.py +1 -0
icdev/data/context/templates/project/microservice/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/src/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/features/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/steps/__init__.py +1 -0
icdev/data/context/templates/terraform/__init__.py +1 -0
icdev/data/context/templates/terraform/govcloud_base/__init__.py +1 -0
icdev/data/context/templates/terraform/modules/__init__.py +1 -0
icdev/data/context/tone/__init__.py +1 -0
icdev/data/context/translation/dependency_mappings.json +186 -0
icdev/data/context/translation/type_mappings.json +149 -0
icdev/data/docs/README.md +187 -0
icdev/data/docs/__init__.py +1 -0
icdev/data/docs/admin/gateway-guide.md +338 -0
icdev/data/docs/admin/marketplace-guide.md +396 -0
icdev/data/docs/admin/monitoring-guide.md +509 -0
icdev/data/docs/architecture/compliance-framework.md +764 -0
icdev/data/docs/architecture/database-schema.md +689 -0
icdev/data/docs/architecture/gotcha-framework.md +518 -0
icdev/data/docs/architecture/multi-agent-system.md +603 -0
icdev/data/docs/dx/README.md +106 -0
icdev/data/docs/dx/__init__.py +1 -0
icdev/data/docs/dx/ci-cd-integration.md +378 -0
icdev/data/docs/dx/claude-code-guide.md +213 -0
icdev/data/docs/dx/companion-guide.md +232 -0
icdev/data/docs/dx/dev-profiles.md +309 -0
icdev/data/docs/dx/icdev-yaml-spec.md +219 -0
icdev/data/docs/dx/integration-tiers.md +279 -0
icdev/data/docs/dx/llm-routing-guide.md +456 -0
icdev/data/docs/dx/quickstart.md +192 -0
icdev/data/docs/dx/sdk-reference.md +356 -0
icdev/data/docs/dx/unified-mcp-setup.md +525 -0
icdev/data/docs/features/__init__.py +1 -0
icdev/data/docs/features/phase-01-gotcha-framework.md +249 -0
icdev/data/docs/features/phase-02-atlas-build-workflow.md +223 -0
icdev/data/docs/features/phase-03-tdd-bdd-testing.md +261 -0
icdev/data/docs/features/phase-04-nist-compliance.md +255 -0
icdev/data/docs/features/phase-05-security-scanning.md +229 -0
icdev/data/docs/features/phase-06-infrastructure-deployment.md +288 -0
icdev/data/docs/features/phase-07-code-review-gates.md +276 -0
icdev/data/docs/features/phase-08-self-healing.md +223 -0
icdev/data/docs/features/phase-09-monitoring-observability.md +230 -0
icdev/data/docs/features/phase-10-dashboard-web-ui.md +218 -0
icdev/data/docs/features/phase-11-multi-agent-architecture.md +272 -0
icdev/data/docs/features/phase-12-integration-testing.md +228 -0
icdev/data/docs/features/phase-13-cicd-integration.md +257 -0
icdev/data/docs/features/phase-14-secure-by-design-ivv.md +240 -0
icdev/data/docs/features/phase-15-maintenance-audit.md +192 -0
icdev/data/docs/features/phase-16-ato-acceleration.md +228 -0
icdev/data/docs/features/phase-17-multi-framework-compliance.md +223 -0
icdev/data/docs/features/phase-18-mbse-integration.md +242 -0
icdev/data/docs/features/phase-19-agentic-generation.md +202 -0
icdev/data/docs/features/phase-20-fips-security-categorization.md +198 -0
icdev/data/docs/features/phase-21-saas-multi-tenancy.md +273 -0
icdev/data/docs/features/phase-22-federated-gotcha-marketplace.md +242 -0
icdev/data/docs/features/phase-23-universal-compliance-platform.md +238 -0
icdev/data/docs/features/phase-24-devsecops-pipeline-security.md +198 -0
icdev/data/docs/features/phase-25-zero-trust-architecture.md +220 -0
icdev/data/docs/features/phase-26-dod-mosa.md +205 -0
icdev/data/docs/features/phase-27-cli-capabilities.md +222 -0
icdev/data/docs/features/phase-28-remote-command-gateway.md +235 -0
icdev/data/docs/features/phase-29-proactive-monitoring.md +212 -0
icdev/data/docs/features/phase-30-dashboard-auth.md +215 -0
icdev/data/docs/features/phase-31-dashboard-ux-low-impact.md +188 -0
icdev/data/docs/features/phase-32-dashboard-ux-medium-impact.md +223 -0
icdev/data/docs/features/phase-33-modular-installation.md +218 -0
icdev/data/docs/features/phase-34-dev-profiles.md +239 -0
icdev/data/docs/features/phase-35-innovation-engine.md +257 -0
icdev/data/docs/features/phase-36-evolutionary-intelligence.md +351 -0
icdev/data/docs/features/phase-37-mitre-atlas-integration.md +485 -0
icdev/data/docs/features/phase-38-cloud-agnostic-architecture.md +1033 -0
icdev/data/docs/features/phase-39-observability-operations.md +178 -0
icdev/data/docs/features/phase-40-nlq-compliance-queries.md +176 -0
icdev/data/docs/features/phase-41-parallel-cicd.md +169 -0
icdev/data/docs/features/phase-42-framework-planning.md +177 -0
icdev/data/docs/features/phase-43-cross-language-translation.md +225 -0
icdev/data/docs/features/phase-44-innovation-adaptation.md +227 -0
icdev/data/docs/features/phase-45-owasp-agentic-security.md +239 -0
icdev/data/docs/features/phase-46-observability-traceability-xai.md +240 -0
icdev/data/docs/features/phase-47-unified-mcp-gateway.md +257 -0
icdev/data/docs/features/phase-48-ai-transparency.md +203 -0
icdev/data/docs/features/phase-49-ai-accountability.md +243 -0
icdev/data/docs/features/phase-50-ai-governance-intake-chat.md +195 -0
icdev/data/docs/features/phase-51-unified-chat-dashboard.md +240 -0
icdev/data/docs/features/phase-52-code-intelligence.md +244 -0
icdev/data/docs/features/phase-53-fedramp-20x-owasp-asi.md +359 -0
icdev/data/docs/features/phase-54-slsa-swft-orchestration.md +379 -0
icdev/data/docs/features/phase-55-a2a-v03-mcp-oauth.md +322 -0
icdev/data/docs/features/phase-56-evidence-lineage.md +352 -0
icdev/data/docs/features/phase-57-eu-ai-act-iron-bank.md +319 -0
icdev/data/docs/features/phase-58-creative-engine.md +370 -0
icdev/data/docs/features/phase-59-govcon-intelligence.md +535 -0
icdev/data/docs/features/phase-60-cpmp.md +528 -0
icdev/data/docs/features/phase-61-orchestration-improvements.md +534 -0
icdev/data/docs/operations/dashboard-guide.md +354 -0
icdev/data/docs/operations/deployment-guide.md +556 -0
icdev/data/docs/operations/saas-admin-guide.md +439 -0
icdev/data/docs/operations/security-operations-guide.md +733 -0
icdev/data/docs/runbooks/backup-restore.md +412 -0
icdev/data/docs/runbooks/troubleshooting.md +499 -0
icdev/data/features/__init__.py +1 -0
icdev/data/features/cicd_integration.feature +41 -0
icdev/data/features/compliance_gates.feature +46 -0
icdev/data/features/dashboard.feature +72 -0
icdev/data/features/environment.py +25 -0
icdev/data/features/project_management.feature +32 -0
icdev/data/features/requirements_intake.feature +42 -0
icdev/data/features/saas_platform.feature +53 -0
icdev/data/features/security_scanning.feature +36 -0
icdev/data/features/steps/__init__.py +1 -0
icdev/data/features/steps/cicd_steps.py +465 -0
icdev/data/features/steps/compliance_steps.py +308 -0
icdev/data/features/steps/dashboard_steps.py +88 -0
icdev/data/features/steps/project_steps.py +126 -0
icdev/data/features/steps/requirements_intake_steps.py +689 -0
icdev/data/features/steps/saas_platform_steps.py +572 -0
icdev/data/features/steps/security_steps.py +236 -0
icdev/data/features/steps/testing_steps.py +226 -0
icdev/data/features/testing_pipeline.feature +42 -0
icdev/data/goals/__init__.py +1 -0
icdev/data/goals/agent_management.md +144 -0
icdev/data/goals/agentic_generation.md +345 -0
icdev/data/goals/agentic_threat_model.md +309 -0
icdev/data/goals/ai_accountability.md +90 -0
icdev/data/goals/ai_governance_intake.md +132 -0
icdev/data/goals/ai_transparency.md +76 -0
icdev/data/goals/atlas_integration.md +405 -0
icdev/data/goals/ato_acceleration.md +139 -0
icdev/data/goals/boundary_supply_chain.md +206 -0
icdev/data/goals/build_app.md +544 -0
icdev/data/goals/cicd_integration.md +86 -0
icdev/data/goals/claude_dir_maintenance.md +77 -0
icdev/data/goals/cli_capabilities.md +340 -0
icdev/data/goals/cloud_agnostic.md +312 -0
icdev/data/goals/code_intelligence.md +197 -0
icdev/data/goals/code_review.md +94 -0
icdev/data/goals/compliance_workflow.md +858 -0
icdev/data/goals/continuous_harmonization.md +140 -0
icdev/data/goals/cross_language_translation.md +171 -0
icdev/data/goals/dashboard.md +142 -0
icdev/data/goals/deploy_workflow.md +390 -0
icdev/data/goals/devsecops_workflow.md +408 -0
icdev/data/goals/evolutionary_intelligence.md +305 -0
icdev/data/goals/external_integration.md +113 -0
icdev/data/goals/framework_planning.md +63 -0
icdev/data/goals/init_project.md +235 -0
icdev/data/goals/innovation_engine.md +199 -0
icdev/data/goals/integration_testing.md +189 -0
icdev/data/goals/maintenance_audit.md +196 -0
icdev/data/goals/manifest.md +56 -0
icdev/data/goals/mbse_integration.md +504 -0
icdev/data/goals/modernization_workflow.md +618 -0
icdev/data/goals/monitoring.md +126 -0
icdev/data/goals/mosa_workflow.md +463 -0
icdev/data/goals/multi_agent_orchestration.md +68 -0
icdev/data/goals/nlq_compliance.md +63 -0
icdev/data/goals/observability.md +64 -0
icdev/data/goals/observability_traceability_xai.md +154 -0
icdev/data/goals/owasp_agentic_security.md +395 -0
icdev/data/goals/parallel_cicd.md +61 -0
icdev/data/goals/requirements_intake.md +213 -0
icdev/data/goals/sbd_ivv_workflow.md +195 -0
icdev/data/goals/security_categorization.md +133 -0
icdev/data/goals/security_scan.md +381 -0
icdev/data/goals/self_healing.md +120 -0
icdev/data/goals/simulation_engine.md +111 -0
icdev/data/goals/tdd_workflow.md +403 -0
icdev/data/goals/zero_trust_architecture.md +403 -0
icdev/data/hardprompts/__init__.py +1 -0
icdev/data/hardprompts/agent/__init__.py +1 -0
icdev/data/hardprompts/agent/agentic_architect.md +100 -0
icdev/data/hardprompts/agent/debate_prompt.md +32 -0
icdev/data/hardprompts/agent/fitness_evaluation.md +48 -0
icdev/data/hardprompts/agent/governance_review.md +214 -0
icdev/data/hardprompts/agent/reviewer_prompt.md +34 -0
icdev/data/hardprompts/agent/skill_design.md +172 -0
icdev/data/hardprompts/agent/task_decomposition.md +275 -0
icdev/data/hardprompts/agent/veto_check_prompt.md +33 -0
icdev/data/hardprompts/architect/__init__.py +1 -0
icdev/data/hardprompts/architect/api_design.md +283 -0
icdev/data/hardprompts/architect/data_model.md +277 -0
icdev/data/hardprompts/architect/system_design.md +180 -0
icdev/data/hardprompts/builder/__init__.py +1 -0
icdev/data/hardprompts/builder/code_generation.md +59 -0
icdev/data/hardprompts/builder/refactor.md +58 -0
icdev/data/hardprompts/builder/scaffold_project.md +69 -0
icdev/data/hardprompts/builder/test_generation.md +87 -0
icdev/data/hardprompts/ci/__init__.py +1 -0
icdev/data/hardprompts/ci/worktree_setup.md +35 -0
icdev/data/hardprompts/compliance/__init__.py +1 -0
icdev/data/hardprompts/compliance/cmmc_assessment.md +63 -0
icdev/data/hardprompts/compliance/cssp_assessment.md +75 -0
icdev/data/hardprompts/compliance/cui_marking.md +86 -0
icdev/data/hardprompts/compliance/fedramp_assessment.md +55 -0
icdev/data/hardprompts/compliance/ivv_assessment.md +96 -0
icdev/data/hardprompts/compliance/poam_generation.md +57 -0
icdev/data/hardprompts/compliance/sbd_assessment.md +101 -0
icdev/data/hardprompts/compliance/security_categorization.md +74 -0
icdev/data/hardprompts/compliance/ssp_generation.md +56 -0
icdev/data/hardprompts/compliance/stig_evaluation.md +63 -0
icdev/data/hardprompts/dashboard/__init__.py +1 -0
icdev/data/hardprompts/dashboard/nlq_system_prompt.md +26 -0
icdev/data/hardprompts/infra/__init__.py +1 -0
icdev/data/hardprompts/infra/k8s_manifests.md +118 -0
icdev/data/hardprompts/infra/pipeline_generation.md +160 -0
icdev/data/hardprompts/infra/terraform_generation.md +92 -0
icdev/data/hardprompts/integration/__init__.py +1 -0
icdev/data/hardprompts/integration/approval_review.md +17 -0
icdev/data/hardprompts/integration/jira_mapping.md +25 -0
icdev/data/hardprompts/integration/servicenow_mapping.md +14 -0
icdev/data/hardprompts/knowledge/__init__.py +1 -0
icdev/data/hardprompts/knowledge/pattern_detection.md +73 -0
icdev/data/hardprompts/knowledge/recommendation_engine.md +90 -0
icdev/data/hardprompts/knowledge/root_cause_analysis.md +91 -0
icdev/data/hardprompts/maintenance/__init__.py +1 -0
icdev/data/hardprompts/maintenance/maintenance_assessment.md +82 -0
icdev/data/hardprompts/mbse/__init__.py +1 -0
icdev/data/hardprompts/mbse/digital_thread.md +67 -0
icdev/data/hardprompts/mbse/model_import.md +62 -0
icdev/data/hardprompts/mbse/model_to_code.md +65 -0
icdev/data/hardprompts/modernization/__init__.py +1 -0
icdev/data/hardprompts/modernization/legacy_analysis.md +93 -0
icdev/data/hardprompts/modernization/migration_planning.md +150 -0
icdev/data/hardprompts/modernization/seven_r_assessment.md +107 -0
icdev/data/hardprompts/requirements/__init__.py +1 -0
icdev/data/hardprompts/requirements/bdd_generation.md +35 -0
icdev/data/hardprompts/requirements/clarification_prioritization.md +29 -0
icdev/data/hardprompts/requirements/decomposition.md +60 -0
icdev/data/hardprompts/requirements/document_extraction.md +45 -0
icdev/data/hardprompts/requirements/gap_detection.md +70 -0
icdev/data/hardprompts/requirements/intake_conversation.md +101 -0
icdev/data/hardprompts/requirements/readiness_assessment.md +39 -0
icdev/data/hardprompts/requirements/spec_quality.md +33 -0
icdev/data/hardprompts/requirements/traceability_analysis.md +23 -0
icdev/data/hardprompts/security/__init__.py +1 -0
icdev/data/hardprompts/security/endpoint_security.md +78 -0
icdev/data/hardprompts/security/threat_model.md +70 -0
icdev/data/hardprompts/security/vulnerability_assessment.md +81 -0
icdev/data/hardprompts/simulation/__init__.py +1 -0
icdev/data/hardprompts/simulation/architecture_impact.md +27 -0
icdev/data/hardprompts/simulation/coa_alternative.md +27 -0
icdev/data/hardprompts/simulation/coa_generation.md +25 -0
icdev/data/hardprompts/simulation/compliance_impact.md +28 -0
icdev/data/hardprompts/simulation/cost_estimation.md +33 -0
icdev/data/hardprompts/simulation/risk_assessment.md +28 -0
icdev/data/hardprompts/translation/code_translation.md +68 -0
icdev/data/hardprompts/translation/dependency_suggestion.md +44 -0
icdev/data/hardprompts/translation/test_translation.md +64 -0
icdev/data/hardprompts/translation/translation_repair.md +59 -0
icdev/py.typed +0 -0
icdev/tools/__init__.py +1 -0
icdev/tools/_gen_formatter.py +12 -0
icdev/tools/a2a/__init__.py +1 -0
icdev/tools/a2a/agent_cards/architect.json +43 -0
icdev/tools/a2a/agent_cards/builder.json +50 -0
icdev/tools/a2a/agent_cards/compliance.json +57 -0
icdev/tools/a2a/agent_cards/devsecops.json +71 -0
icdev/tools/a2a/agent_cards/infra.json +57 -0
icdev/tools/a2a/agent_cards/integration.json +57 -0
icdev/tools/a2a/agent_cards/knowledge.json +43 -0
icdev/tools/a2a/agent_cards/mbse.json +57 -0
icdev/tools/a2a/agent_cards/modernization.json +50 -0
icdev/tools/a2a/agent_cards/monitor.json +43 -0
icdev/tools/a2a/agent_cards/orchestrator.json +36 -0
icdev/tools/a2a/agent_cards/requirements_analyst.json +64 -0
icdev/tools/a2a/agent_cards/security.json +50 -0
icdev/tools/a2a/agent_cards/simulation.json +57 -0
icdev/tools/a2a/agent_cards/supply_chain.json +50 -0
icdev/tools/a2a/agent_client.py +349 -0
icdev/tools/a2a/agent_registry.py +412 -0
icdev/tools/a2a/agent_server.py +579 -0
icdev/tools/a2a/task.py +200 -0
icdev/tools/agent/__init__.py +2 -0
icdev/tools/agent/a2a_agent_card_generator.py +285 -0
icdev/tools/agent/a2a_discovery_server.py +250 -0
icdev/tools/agent/agent_executor.py +529 -0
icdev/tools/agent/agent_memory.py +557 -0
icdev/tools/agent/agent_models.py +51 -0
icdev/tools/agent/atlas_critique.py +908 -0
icdev/tools/agent/authority.py +443 -0
icdev/tools/agent/bedrock_client.py +1075 -0
icdev/tools/agent/collaboration.py +871 -0
icdev/tools/agent/dispatcher_mode.py +665 -0
icdev/tools/agent/mailbox.py +575 -0
icdev/tools/agent/prompt_chain_executor.py +1064 -0
icdev/tools/agent/session_purpose.py +350 -0
icdev/tools/agent/skill_router.py +638 -0
icdev/tools/agent/skill_selector.py +486 -0
icdev/tools/agent/team_orchestrator.py +1108 -0
icdev/tools/agent/token_tracker.py +290 -0
icdev/tools/analysis/__init__.py +1 -0
icdev/tools/analysis/code_analyzer.py +780 -0
icdev/tools/analysis/runtime_feedback.py +389 -0
icdev/tools/audit/__init__.py +1 -0
icdev/tools/audit/audit_logger.py +196 -0
icdev/tools/audit/audit_query.py +157 -0
icdev/tools/audit/decision_recorder.py +72 -0
icdev/tools/builder/__init__.py +1 -0
icdev/tools/builder/agentic_fitness.py +534 -0
icdev/tools/builder/agentic_test_templates/test_a2a_callback.py +117 -0
icdev/tools/builder/agentic_test_templates/test_a2a_lifecycle.feature +52 -0
icdev/tools/builder/agentic_test_templates/test_agent_card.feature +37 -0
icdev/tools/builder/agentic_test_templates/test_agent_health.py +128 -0
icdev/tools/builder/agentic_test_templates/test_memory_system.feature +50 -0
icdev/tools/builder/agentic_test_templates/test_skill_execution.feature +40 -0
icdev/tools/builder/app_blueprint.py +1583 -0
icdev/tools/builder/child_app_generator.py +2852 -0
icdev/tools/builder/claude_md_generator.py +1734 -0
icdev/tools/builder/code_generator.py +3703 -0
icdev/tools/builder/db_init_generator.py +1709 -0
icdev/tools/builder/dev_profile_manager.py +954 -0
icdev/tools/builder/formatter.py +768 -0
icdev/tools/builder/goal_adapter.py +592 -0
icdev/tools/builder/gotcha_validator.py +812 -0
icdev/tools/builder/language_support.py +441 -0
icdev/tools/builder/linter.py +976 -0
icdev/tools/builder/profile_detector.py +657 -0
icdev/tools/builder/profile_md_generator.py +723 -0
icdev/tools/builder/scaffolder.py +1590 -0
icdev/tools/builder/scaffolder_extended.py +1771 -0
icdev/tools/builder/test_writer.py +950 -0
icdev/tools/ci/__init__.py +2 -0
icdev/tools/ci/connectors/__init__.py +2 -0
icdev/tools/ci/connectors/base_connector.py +80 -0
icdev/tools/ci/connectors/connector_registry.py +188 -0
icdev/tools/ci/connectors/mattermost_connector.py +159 -0
icdev/tools/ci/connectors/slack_connector.py +197 -0
icdev/tools/ci/core/__init__.py +2 -0
icdev/tools/ci/core/air_gap_detector.py +115 -0
icdev/tools/ci/core/comment_handler.py +192 -0
icdev/tools/ci/core/conversation_manager.py +479 -0
icdev/tools/ci/core/event_envelope.py +500 -0
icdev/tools/ci/core/event_router.py +443 -0
icdev/tools/ci/core/failure_parser.py +397 -0
icdev/tools/ci/core/recovery_engine.py +527 -0
icdev/tools/ci/modules/__init__.py +2 -0
icdev/tools/ci/modules/agent.py +271 -0
icdev/tools/ci/modules/git_ops.py +175 -0
icdev/tools/ci/modules/state.py +117 -0
icdev/tools/ci/modules/vcs.py +303 -0
icdev/tools/ci/modules/workflow_ops.py +295 -0
icdev/tools/ci/modules/worktree.py +340 -0
icdev/tools/ci/pipeline_config_generator.py +558 -0
icdev/tools/ci/triggers/__init__.py +2 -0
icdev/tools/ci/triggers/gitlab_task_monitor.py +330 -0
icdev/tools/ci/triggers/poll_trigger.py +237 -0
icdev/tools/ci/triggers/webhook_server.py +356 -0
icdev/tools/ci/workflows/__init__.py +2 -0
icdev/tools/ci/workflows/icdev_build.py +140 -0
icdev/tools/ci/workflows/icdev_comply.py +284 -0
icdev/tools/ci/workflows/icdev_document.py +152 -0
icdev/tools/ci/workflows/icdev_e2e.py +188 -0
icdev/tools/ci/workflows/icdev_patch.py +186 -0
icdev/tools/ci/workflows/icdev_plan.py +202 -0
icdev/tools/ci/workflows/icdev_plan_build.py +41 -0
icdev/tools/ci/workflows/icdev_plan_build_test.py +46 -0
icdev/tools/ci/workflows/icdev_plan_build_test_review.py +47 -0
icdev/tools/ci/workflows/icdev_review.py +126 -0
icdev/tools/ci/workflows/icdev_sdlc.py +261 -0
icdev/tools/ci/workflows/icdev_test.py +240 -0
icdev/tools/cli/__init__.py +1 -0
icdev/tools/cli/output_formatter.py +756 -0
icdev/tools/cli_formatter.py +42 -0
icdev/tools/cloud/__init__.py +11 -0
icdev/tools/cloud/cloud_mode_manager.py +364 -0
icdev/tools/cloud/csp_changelog.py +383 -0
icdev/tools/cloud/csp_health_checker.py +268 -0
icdev/tools/cloud/csp_monitor.py +951 -0
icdev/tools/cloud/iam_provider.py +593 -0
icdev/tools/cloud/kms_provider.py +346 -0
icdev/tools/cloud/monitoring_provider.py +628 -0
icdev/tools/cloud/provider_factory.py +376 -0
icdev/tools/cloud/region_validator.py +345 -0
icdev/tools/cloud/registry_provider.py +563 -0
icdev/tools/cloud/secrets_provider.py +486 -0
icdev/tools/cloud/storage_provider.py +446 -0
icdev/tools/compat/__init__.py +21 -0
icdev/tools/compat/cli_harmonizer.py +251 -0
icdev/tools/compat/datetime_utils.py +18 -0
icdev/tools/compat/db_utils.py +160 -0
icdev/tools/compat/platform_utils.py +123 -0
icdev/tools/compliance/__init__.py +1 -0
icdev/tools/compliance/accountability_manager.py +397 -0
icdev/tools/compliance/ai_accountability_audit.py +294 -0
icdev/tools/compliance/ai_impact_assessor.py +273 -0
icdev/tools/compliance/ai_incident_response.py +301 -0
icdev/tools/compliance/ai_inventory_manager.py +239 -0
icdev/tools/compliance/ai_reassessment_scheduler.py +256 -0
icdev/tools/compliance/ai_transparency_audit.py +248 -0
icdev/tools/compliance/atlas_assessor.py +278 -0
icdev/tools/compliance/atlas_report_generator.py +1211 -0
icdev/tools/compliance/base_assessor.py +597 -0
icdev/tools/compliance/cato_monitor.py +1385 -0
icdev/tools/compliance/cato_scheduler.py +699 -0
icdev/tools/compliance/cjis_assessor.py +76 -0
icdev/tools/compliance/classification_manager.py +1353 -0
icdev/tools/compliance/cmmc_assessor.py +1491 -0
icdev/tools/compliance/cmmc_report_generator.py +1100 -0
icdev/tools/compliance/compliance_detector.py +463 -0
icdev/tools/compliance/compliance_exporter.py +427 -0
icdev/tools/compliance/compliance_status.py +825 -0
icdev/tools/compliance/control_mapper.py +505 -0
icdev/tools/compliance/crosswalk_engine.py +1203 -0
icdev/tools/compliance/cssp_assessor.py +1045 -0
icdev/tools/compliance/cssp_evidence_collector.py +729 -0
icdev/tools/compliance/cssp_report_generator.py +1116 -0
icdev/tools/compliance/cui_marker.py +388 -0
icdev/tools/compliance/diagram_validator.py +600 -0
icdev/tools/compliance/emass/__init__.py +2 -0
icdev/tools/compliance/emass/emass_client.py +840 -0
icdev/tools/compliance/emass/emass_export.py +777 -0
icdev/tools/compliance/emass/emass_sync.py +826 -0
icdev/tools/compliance/eu_ai_act_classifier.py +194 -0
icdev/tools/compliance/evidence_collector.py +468 -0
icdev/tools/compliance/fairness_assessor.py +316 -0
icdev/tools/compliance/fedramp_assessor.py +1808 -0
icdev/tools/compliance/fedramp_authorization_packager.py +137 -0
icdev/tools/compliance/fedramp_ksi_generator.py +355 -0
icdev/tools/compliance/fedramp_report_generator.py +1128 -0
icdev/tools/compliance/fips199_categorizer.py +881 -0
icdev/tools/compliance/fips200_validator.py +315 -0
icdev/tools/compliance/gao_ai_assessor.py +231 -0
icdev/tools/compliance/gao_evidence_builder.py +308 -0
icdev/tools/compliance/hipaa_assessor.py +78 -0
icdev/tools/compliance/hitrust_assessor.py +49 -0
icdev/tools/compliance/incident_response_plan.py +718 -0
icdev/tools/compliance/iso27001_assessor.py +92 -0
icdev/tools/compliance/iso42001_assessor.py +114 -0
icdev/tools/compliance/ivv_assessor.py +2327 -0
icdev/tools/compliance/ivv_report_generator.py +1662 -0
icdev/tools/compliance/model_card_generator.py +297 -0
icdev/tools/compliance/mosa_assessor.py +117 -0
icdev/tools/compliance/multi_regime_assessor.py +451 -0
icdev/tools/compliance/narrative_generator.py +1013 -0
icdev/tools/compliance/nist_800_207_assessor.py +191 -0
icdev/tools/compliance/nist_ai_600_1_assessor.py +188 -0
icdev/tools/compliance/nist_ai_rmf_assessor.py +110 -0
icdev/tools/compliance/nist_lookup.py +245 -0
icdev/tools/compliance/omb_m25_21_assessor.py +228 -0
icdev/tools/compliance/omb_m26_04_assessor.py +188 -0
icdev/tools/compliance/oscal_catalog_adapter.py +395 -0
icdev/tools/compliance/oscal_generator.py +2170 -0
icdev/tools/compliance/oscal_tools.py +1182 -0
icdev/tools/compliance/owasp_agentic_assessor.py +226 -0
icdev/tools/compliance/owasp_asi_assessor.py +200 -0
icdev/tools/compliance/owasp_llm_assessor.py +244 -0
icdev/tools/compliance/pci_dss_assessor.py +80 -0
icdev/tools/compliance/pi_compliance_tracker.py +1461 -0
icdev/tools/compliance/poam_generator.py +405 -0
icdev/tools/compliance/resolve_marking.py +283 -0
icdev/tools/compliance/sbd_assessor.py +2068 -0
icdev/tools/compliance/sbd_report_generator.py +1236 -0
icdev/tools/compliance/sbom_generator.py +1008 -0
icdev/tools/compliance/siem_config_generator.py +674 -0
icdev/tools/compliance/slsa_attestation_generator.py +490 -0
icdev/tools/compliance/soc2_assessor.py +77 -0
icdev/tools/compliance/ssp_generator.py +573 -0
icdev/tools/compliance/stig_checker.py +727 -0
icdev/tools/compliance/swft_evidence_bundler.py +337 -0
icdev/tools/compliance/system_card_generator.py +309 -0
icdev/tools/compliance/traceability_matrix.py +1281 -0
icdev/tools/compliance/universal_classification_manager.py +1172 -0
icdev/tools/compliance/xacta/__init__.py +2 -0
icdev/tools/compliance/xacta/xacta_client.py +449 -0
icdev/tools/compliance/xacta/xacta_export.py +557 -0
icdev/tools/compliance/xacta/xacta_sync.py +333 -0
icdev/tools/compliance/xai_assessor.py +231 -0
icdev/tools/dashboard/__init__.py +1 -0
icdev/tools/dashboard/api/__init__.py +1 -0
icdev/tools/dashboard/api/_pipeline_state.py +17 -0
icdev/tools/dashboard/api/activity.py +206 -0
icdev/tools/dashboard/api/admin.py +176 -0
icdev/tools/dashboard/api/agents.py +53 -0
icdev/tools/dashboard/api/ai_accountability.py +163 -0
icdev/tools/dashboard/api/ai_transparency.py +198 -0
icdev/tools/dashboard/api/audit.py +58 -0
icdev/tools/dashboard/api/batch.py +666 -0
icdev/tools/dashboard/api/chat.py +241 -0
icdev/tools/dashboard/api/cicd.py +219 -0
icdev/tools/dashboard/api/code_quality.py +223 -0
icdev/tools/dashboard/api/compliance.py +171 -0
icdev/tools/dashboard/api/cpmp.py +915 -0
icdev/tools/dashboard/api/diagrams.py +65 -0
icdev/tools/dashboard/api/events.py +250 -0
icdev/tools/dashboard/api/evidence.py +99 -0
icdev/tools/dashboard/api/fedramp_20x.py +77 -0
icdev/tools/dashboard/api/govcon.py +1095 -0
icdev/tools/dashboard/api/intake.py +1171 -0
icdev/tools/dashboard/api/lineage.py +163 -0
icdev/tools/dashboard/api/metrics.py +155 -0
icdev/tools/dashboard/api/nlq.py +72 -0
icdev/tools/dashboard/api/orchestration.py +472 -0
icdev/tools/dashboard/api/oscal.py +183 -0
icdev/tools/dashboard/api/prod_audit.py +183 -0
icdev/tools/dashboard/api/projects.py +191 -0
icdev/tools/dashboard/api/proposals.py +1084 -0
icdev/tools/dashboard/api/traces.py +363 -0
icdev/tools/dashboard/api/usage.py +234 -0
icdev/tools/dashboard/app.py +1986 -0
icdev/tools/dashboard/auth.py +500 -0
icdev/tools/dashboard/byok.py +245 -0
icdev/tools/dashboard/chat_manager.py +675 -0
icdev/tools/dashboard/config.py +116 -0
icdev/tools/dashboard/diagram_definitions.py +642 -0
icdev/tools/dashboard/nlq_processor.py +323 -0
icdev/tools/dashboard/phase_loader.py +136 -0
icdev/tools/dashboard/sse_manager.py +89 -0
icdev/tools/dashboard/state_tracker.py +267 -0
icdev/tools/dashboard/static/css/style.css +706 -0
icdev/tools/dashboard/static/css/ux.css +2047 -0
icdev/tools/dashboard/static/js/activity.js +322 -0
icdev/tools/dashboard/static/js/api.js +161 -0
icdev/tools/dashboard/static/js/batch.js +814 -0
icdev/tools/dashboard/static/js/charts.js +618 -0
icdev/tools/dashboard/static/js/chat.js +1514 -0
icdev/tools/dashboard/static/js/kanban.js +113 -0
icdev/tools/dashboard/static/js/live.js +569 -0
icdev/tools/dashboard/static/js/mermaid-icdev.js +332 -0
icdev/tools/dashboard/static/js/proposals.js +588 -0
icdev/tools/dashboard/static/js/shortcuts.js +544 -0
icdev/tools/dashboard/static/js/tables.js +652 -0
icdev/tools/dashboard/static/js/tour.js +524 -0
icdev/tools/dashboard/static/js/ux.js +942 -0
icdev/tools/dashboard/templates/404.html +10 -0
icdev/tools/dashboard/templates/activity.html +80 -0
icdev/tools/dashboard/templates/admin/users.html +144 -0
icdev/tools/dashboard/templates/ai_accountability.html +235 -0
icdev/tools/dashboard/templates/ai_transparency.html +263 -0
icdev/tools/dashboard/templates/base.html +104 -0
icdev/tools/dashboard/templates/batch.html +23 -0
icdev/tools/dashboard/templates/chat.html +332 -0
icdev/tools/dashboard/templates/children.html +149 -0
icdev/tools/dashboard/templates/cicd.html +253 -0
icdev/tools/dashboard/templates/code_quality.html +214 -0
icdev/tools/dashboard/templates/cpmp/cor_detail.html +220 -0
icdev/tools/dashboard/templates/cpmp/cor_portal.html +91 -0
icdev/tools/dashboard/templates/cpmp/deliverable_detail.html +197 -0
icdev/tools/dashboard/templates/cpmp/detail.html +578 -0
icdev/tools/dashboard/templates/cpmp/portfolio.html +202 -0
icdev/tools/dashboard/templates/dev_profiles.html +304 -0
icdev/tools/dashboard/templates/diagrams.html +224 -0
icdev/tools/dashboard/templates/events/timeline.html +232 -0
icdev/tools/dashboard/templates/evidence.html +134 -0
icdev/tools/dashboard/templates/fedramp_20x.html +207 -0
icdev/tools/dashboard/templates/gateway.html +244 -0
icdev/tools/dashboard/templates/govcon/capabilities.html +135 -0
icdev/tools/dashboard/templates/govcon/pipeline.html +214 -0
icdev/tools/dashboard/templates/govcon/requirements.html +120 -0
icdev/tools/dashboard/templates/index.html +254 -0
icdev/tools/dashboard/templates/lineage.html +141 -0
icdev/tools/dashboard/templates/login.html +51 -0
icdev/tools/dashboard/templates/monitoring/overview.html +193 -0
icdev/tools/dashboard/templates/orchestration/dashboard.html +545 -0
icdev/tools/dashboard/templates/oscal.html +263 -0
icdev/tools/dashboard/templates/phases.html +150 -0
icdev/tools/dashboard/templates/prod_audit.html +280 -0
icdev/tools/dashboard/templates/profile.html +183 -0
icdev/tools/dashboard/templates/projects/detail.html +583 -0
icdev/tools/dashboard/templates/projects/list.html +47 -0
icdev/tools/dashboard/templates/proposals/detail.html +1253 -0
icdev/tools/dashboard/templates/proposals/list.html +179 -0
icdev/tools/dashboard/templates/proposals/section_detail.html +193 -0
icdev/tools/dashboard/templates/provenance.html +181 -0
icdev/tools/dashboard/templates/query/nlq.html +234 -0
icdev/tools/dashboard/templates/quick_paths.html +69 -0
icdev/tools/dashboard/templates/traces.html +155 -0
icdev/tools/dashboard/templates/translation_detail.html +199 -0
icdev/tools/dashboard/templates/translations.html +162 -0
icdev/tools/dashboard/templates/usage.html +225 -0
icdev/tools/dashboard/templates/wizard.html +539 -0
icdev/tools/dashboard/templates/xai.html +208 -0
icdev/tools/dashboard/ux_helpers.py +962 -0
icdev/tools/dashboard/websocket.py +81 -0
icdev/tools/db/__init__.py +1 -0
icdev/tools/db/backup.py +312 -0
icdev/tools/db/backup_manager.py +832 -0
icdev/tools/db/init_icdev_db.py +5900 -0
icdev/tools/db/migrate.py +178 -0
icdev/tools/db/migration_runner.py +549 -0
icdev/tools/db/migrations/001_baseline/meta.json +9 -0
icdev/tools/db/migrations/001_baseline/up.py +68 -0
icdev/tools/db/migrations/002_memory_enhancements/down.sql +8 -0
icdev/tools/db/migrations/002_memory_enhancements/meta.json +9 -0
icdev/tools/db/migrations/002_memory_enhancements/up.py +118 -0
icdev/tools/db/migrations/003_dev_profiles/meta.json +8 -0
icdev/tools/db/migrations/003_dev_profiles/up.py +93 -0
icdev/tools/db/migrations/004_innovation_engine/down.py +19 -0
icdev/tools/db/migrations/004_innovation_engine/up.py +227 -0
icdev/tools/db/migrations/005_phase_37_ai_security/down.py +19 -0
icdev/tools/db/migrations/005_phase_37_ai_security/up.py +258 -0
icdev/tools/db/migrations/006_phase_36_evolution/down.py +21 -0
icdev/tools/db/migrations/006_phase_36_evolution/up.py +323 -0
icdev/tools/db/migrations/007_phase_38_cloud/down.py +14 -0
icdev/tools/db/migrations/007_phase_38_cloud/up.py +110 -0
icdev/tools/db/migrations/008_phase36_37_integration/up.py +55 -0
icdev/tools/db/migrations/__init__.py +2 -0
icdev/tools/devsecops/__init__.py +2 -0
icdev/tools/devsecops/attestation_manager.py +458 -0
icdev/tools/devsecops/network_segmentation_generator.py +614 -0
icdev/tools/devsecops/pdp_config_generator.py +1256 -0
icdev/tools/devsecops/pipeline_security_generator.py +484 -0
icdev/tools/devsecops/policy_generator.py +653 -0
icdev/tools/devsecops/profile_manager.py +388 -0
icdev/tools/devsecops/service_mesh_generator.py +1073 -0
icdev/tools/devsecops/zta_maturity_scorer.py +368 -0
icdev/tools/devsecops/zta_terraform_generator.py +1303 -0
icdev/tools/dx/__init__.py +3 -0
icdev/tools/dx/companion.py +266 -0
icdev/tools/dx/instruction_generator.py +753 -0
icdev/tools/dx/mcp_config_generator.py +282 -0
icdev/tools/dx/skill_translator.py +425 -0
icdev/tools/dx/tool_detector.py +144 -0
icdev/tools/extensions/__init__.py +21 -0
icdev/tools/extensions/builtins/010_ai_governance_chat.py +277 -0
icdev/tools/extensions/builtins/__init__.py +2 -0
icdev/tools/extensions/extension_manager.py +455 -0
icdev/tools/infra/__init__.py +1 -0
icdev/tools/infra/ansible_generator.py +869 -0
icdev/tools/infra/dockerfile_generator.py +361 -0
icdev/tools/infra/infra_status.py +393 -0
icdev/tools/infra/ironbank_metadata_generator.py +411 -0
icdev/tools/infra/k8s_generator.py +1002 -0
icdev/tools/infra/pipeline_generator.py +832 -0
icdev/tools/infra/rollback.py +400 -0
icdev/tools/infra/terraform_generator.py +1142 -0
icdev/tools/infra/terraform_generator_azure.py +1254 -0
icdev/tools/infra/terraform_generator_gcp.py +953 -0
icdev/tools/infra/terraform_generator_ibm.py +360 -0
icdev/tools/infra/terraform_generator_oci.py +919 -0
icdev/tools/infra/terraform_generator_onprem.py +319 -0
icdev/tools/innovation/__init__.py +8 -0
icdev/tools/innovation/competitive_intel.py +492 -0
icdev/tools/innovation/innovation_manager.py +681 -0
icdev/tools/innovation/introspective_analyzer.py +774 -0
icdev/tools/innovation/register_external_patterns.py +440 -0
icdev/tools/innovation/signal_ranker.py +1038 -0
icdev/tools/innovation/solution_generator.py +697 -0
icdev/tools/innovation/standards_monitor.py +466 -0
icdev/tools/innovation/trend_detector.py +1046 -0
icdev/tools/innovation/triage_engine.py +1149 -0
icdev/tools/innovation/web_scanner.py +894 -0
icdev/tools/installer/__init__.py +1 -0
icdev/tools/installer/compliance_configurator.py +637 -0
icdev/tools/installer/installer.py +1711 -0
icdev/tools/installer/module_registry.py +805 -0
icdev/tools/installer/platform_setup.py +961 -0
icdev/tools/integration/__init__.py +2 -0
icdev/tools/integration/approval_manager.py +561 -0
icdev/tools/integration/doors_exporter.py +627 -0
icdev/tools/integration/gitlab_connector.py +784 -0
icdev/tools/integration/jira_connector.py +774 -0
icdev/tools/integration/servicenow_connector.py +693 -0
icdev/tools/knowledge/__init__.py +1 -0
icdev/tools/knowledge/knowledge_ingest.py +293 -0
icdev/tools/knowledge/pattern_detector.py +693 -0
icdev/tools/knowledge/recommendation_engine.py +461 -0
icdev/tools/knowledge/self_heal_analyzer.py +504 -0
icdev/tools/llm/__init__.py +72 -0
icdev/tools/llm/anthropic_provider.py +170 -0
icdev/tools/llm/azure_openai_provider.py +338 -0
icdev/tools/llm/bedrock_provider.py +315 -0
icdev/tools/llm/embedding_provider.py +438 -0
icdev/tools/llm/gemini_provider.py +381 -0
icdev/tools/llm/ibm_watsonx_provider.py +232 -0
icdev/tools/llm/oci_genai_provider.py +462 -0
icdev/tools/llm/ollama_provider.py +340 -0
icdev/tools/llm/openai_provider.py +225 -0
icdev/tools/llm/provider.py +355 -0
icdev/tools/llm/provider_sdk.py +175 -0
icdev/tools/llm/router.py +780 -0
icdev/tools/llm/vertex_ai_provider.py +374 -0
icdev/tools/maintenance/__init__.py +2 -0
icdev/tools/maintenance/dependency_scanner.py +1030 -0
icdev/tools/maintenance/maintenance_auditor.py +815 -0
icdev/tools/maintenance/remediation_engine.py +966 -0
icdev/tools/maintenance/vulnerability_checker.py +987 -0
icdev/tools/mbse/__init__.py +3 -0
icdev/tools/mbse/des_assessor.py +1186 -0
icdev/tools/mbse/des_report_generator.py +800 -0
icdev/tools/mbse/diagram_extractor.py +811 -0
icdev/tools/mbse/digital_thread.py +1665 -0
icdev/tools/mbse/model_code_generator.py +1122 -0
icdev/tools/mbse/model_control_mapper.py +420 -0
icdev/tools/mbse/pi_model_tracker.py +1093 -0
icdev/tools/mbse/reqif_parser.py +1483 -0
icdev/tools/mbse/sync_engine.py +1805 -0
icdev/tools/mbse/xmi_parser.py +1573 -0
icdev/tools/mcp/__init__.py +1 -0
icdev/tools/mcp/base_server.py +535 -0
icdev/tools/mcp/builder_server.py +725 -0
icdev/tools/mcp/compliance_server.py +1407 -0
icdev/tools/mcp/context_indexer.py +199 -0
icdev/tools/mcp/context_server.py +305 -0
icdev/tools/mcp/core_server.py +679 -0
icdev/tools/mcp/devsecops_server.py +432 -0
icdev/tools/mcp/gap_handlers.py +1079 -0
icdev/tools/mcp/gateway_server.py +339 -0
icdev/tools/mcp/generate_registry.py +623 -0
icdev/tools/mcp/infra_server.py +264 -0
icdev/tools/mcp/innovation_server.py +316 -0
icdev/tools/mcp/integration_server.py +527 -0
icdev/tools/mcp/knowledge_server.py +429 -0
icdev/tools/mcp/maintenance_server.py +248 -0
icdev/tools/mcp/marketplace_server.py +499 -0
icdev/tools/mcp/mbse_server.py +398 -0
icdev/tools/mcp/modernization_server.py +496 -0
icdev/tools/mcp/observability_server.py +354 -0
icdev/tools/mcp/requirements_server.py +415 -0
icdev/tools/mcp/simulation_server.py +468 -0
icdev/tools/mcp/standalone/__init__.py +2 -0
icdev/tools/mcp/standalone/builder.py +59 -0
icdev/tools/mcp/standalone/compliance.py +59 -0
icdev/tools/mcp/standalone/core.py +59 -0
icdev/tools/mcp/standalone/knowledge.py +59 -0
icdev/tools/mcp/standalone/maintenance.py +59 -0
icdev/tools/mcp/supply_chain_server.py +476 -0
icdev/tools/mcp/tool_registry.py +2008 -0
icdev/tools/mcp/unified_server.py +158 -0
icdev/tools/memory/__init__.py +2 -0
icdev/tools/memory/auto_capture.py +347 -0
icdev/tools/memory/embed_memory.py +158 -0
icdev/tools/memory/history_compressor.py +334 -0
icdev/tools/memory/hybrid_search.py +236 -0
icdev/tools/memory/maintenance_cron.py +289 -0
icdev/tools/memory/memory_consolidation.py +444 -0
icdev/tools/memory/memory_db.py +133 -0
icdev/tools/memory/memory_read.py +102 -0
icdev/tools/memory/memory_write.py +222 -0
icdev/tools/memory/semantic_search.py +139 -0
icdev/tools/memory/time_decay.py +435 -0
icdev/tools/modernization/__init__.py +3 -0
icdev/tools/modernization/architecture_extractor.py +734 -0
icdev/tools/modernization/compliance_bridge.py +1499 -0
icdev/tools/modernization/db_migration_planner.py +1385 -0
icdev/tools/modernization/doc_generator.py +1428 -0
icdev/tools/modernization/framework_migrator.py +1525 -0
icdev/tools/modernization/legacy_analyzer.py +1948 -0
icdev/tools/modernization/migration_code_generator.py +1639 -0
icdev/tools/modernization/migration_report_generator.py +1653 -0
icdev/tools/modernization/migration_tracker.py +1726 -0
icdev/tools/modernization/monolith_decomposer.py +1508 -0
icdev/tools/modernization/seven_r_assessor.py +1658 -0
icdev/tools/modernization/strangler_fig_manager.py +1705 -0
icdev/tools/modernization/ui_analyzer.py +771 -0
icdev/tools/modernization/version_migrator.py +1392 -0
icdev/tools/monitor/__init__.py +1 -0
icdev/tools/monitor/alert_correlator.py +495 -0
icdev/tools/monitor/auto_resolver.py +612 -0
icdev/tools/monitor/health_checker.py +509 -0
icdev/tools/monitor/heartbeat_daemon.py +792 -0
icdev/tools/monitor/log_analyzer.py +516 -0
icdev/tools/monitor/metric_collector.py +496 -0
icdev/tools/mosa/__init__.py +10 -0
icdev/tools/mosa/icd_generator.py +370 -0
icdev/tools/mosa/modular_design_analyzer.py +683 -0
icdev/tools/mosa/mosa_code_enforcer.py +349 -0
icdev/tools/mosa/tsp_generator.py +265 -0
icdev/tools/observability/__init__.py +100 -0
icdev/tools/observability/genai_attributes.py +88 -0
icdev/tools/observability/instrumentation.py +140 -0
icdev/tools/observability/mlflow_exporter.py +194 -0
icdev/tools/observability/otel_tracer.py +168 -0
icdev/tools/observability/provenance/__init__.py +3 -0
icdev/tools/observability/provenance/prov_recorder.py +324 -0
icdev/tools/observability/shap/__init__.py +3 -0
icdev/tools/observability/shap/agent_shap.py +275 -0
icdev/tools/observability/sqlite_tracer.py +361 -0
icdev/tools/observability/trace_context.py +205 -0
icdev/tools/observability/tracer.py +230 -0
icdev/tools/orchestration/__init__.py +2 -0
icdev/tools/orchestration/workflow_composer.py +361 -0
icdev/tools/project/__init__.py +1 -0
icdev/tools/project/manifest_loader.py +418 -0
icdev/tools/project/project_create.py +350 -0
icdev/tools/project/project_list.py +174 -0
icdev/tools/project/project_scaffold.py +1715 -0
icdev/tools/project/project_status.py +479 -0
icdev/tools/project/session_context_builder.py +757 -0
icdev/tools/project/validate_manifest.py +55 -0
icdev/tools/registry/__init__.py +10 -0
icdev/tools/registry/absorption_engine.py +832 -0
icdev/tools/registry/capability_evaluator.py +668 -0
icdev/tools/registry/child_registry.py +617 -0
icdev/tools/registry/cross_pollinator.py +1065 -0
icdev/tools/registry/genome_manager.py +671 -0
icdev/tools/registry/learning_collector.py +912 -0
icdev/tools/registry/propagation_manager.py +942 -0
icdev/tools/registry/staging_manager.py +742 -0
icdev/tools/registry/telemetry_collector.py +423 -0
icdev/tools/requirements/__init__.py +1 -0
icdev/tools/requirements/ai_governance_scorer.py +208 -0
icdev/tools/requirements/boundary_analyzer.py +1293 -0
icdev/tools/requirements/clarification_engine.py +618 -0
icdev/tools/requirements/complexity_scorer.py +387 -0
icdev/tools/requirements/consistency_analyzer.py +803 -0
icdev/tools/requirements/constitution_manager.py +605 -0
icdev/tools/requirements/decomposition_engine.py +778 -0
icdev/tools/requirements/document_extractor.py +1016 -0
icdev/tools/requirements/elicitation_techniques.py +519 -0
icdev/tools/requirements/gap_detector.py +271 -0
icdev/tools/requirements/intake_engine.py +2188 -0
icdev/tools/requirements/prd_generator.py +847 -0
icdev/tools/requirements/prd_validator.py +595 -0
icdev/tools/requirements/readiness_scorer.py +313 -0
icdev/tools/requirements/spec_organizer.py +1029 -0
icdev/tools/requirements/spec_quality_checker.py +1097 -0
icdev/tools/requirements/traceability_builder.py +579 -0
icdev/tools/resilience/__init__.py +34 -0
icdev/tools/resilience/circuit_breaker.py +340 -0
icdev/tools/resilience/correlation.py +150 -0
icdev/tools/resilience/errors.py +81 -0
icdev/tools/resilience/retry.py +95 -0
icdev/tools/schemas/__init__.py +27 -0
icdev/tools/schemas/chat.py +61 -0
icdev/tools/schemas/compliance.py +56 -0
icdev/tools/schemas/core.py +85 -0
icdev/tools/schemas/innovation.py +37 -0
icdev/tools/schemas/validation.py +109 -0
icdev/tools/sdk/__init__.py +3 -0
icdev/tools/sdk/icdev_client.py +218 -0
icdev/tools/security/__init__.py +1 -0
icdev/tools/security/agent_output_validator.py +330 -0
icdev/tools/security/agent_trust_scorer.py +466 -0
icdev/tools/security/ai_bom_generator.py +725 -0
icdev/tools/security/ai_telemetry_logger.py +469 -0
icdev/tools/security/atlas_red_team.py +543 -0
icdev/tools/security/code_pattern_scanner.py +378 -0
icdev/tools/security/confabulation_detector.py +271 -0
icdev/tools/security/container_scanner.py +491 -0
icdev/tools/security/dependency_auditor.py +944 -0
icdev/tools/security/endpoint_security_scanner.py +579 -0
icdev/tools/security/mcp_tool_authorizer.py +243 -0
icdev/tools/security/prompt_injection_detector.py +737 -0
icdev/tools/security/sast_runner.py +948 -0
icdev/tools/security/secret_detector.py +378 -0
icdev/tools/security/tool_chain_validator.py +357 -0
icdev/tools/security/vuln_scanner.py +539 -0
icdev/tools/simulation/__init__.py +2 -0
icdev/tools/simulation/coa_generator.py +1552 -0
icdev/tools/simulation/monte_carlo.py +758 -0
icdev/tools/simulation/scenario_manager.py +1073 -0
icdev/tools/simulation/simulation_engine.py +1104 -0
icdev/tools/supply_chain/__init__.py +2 -0
icdev/tools/supply_chain/cve_triager.py +705 -0
icdev/tools/supply_chain/dependency_graph.py +645 -0
icdev/tools/supply_chain/isa_manager.py +540 -0
icdev/tools/supply_chain/scrm_assessor.py +546 -0
icdev/tools/testing/__init__.py +2 -0
icdev/tools/testing/acceptance_validator.py +411 -0
icdev/tools/testing/claude_dir_validator.py +831 -0
icdev/tools/testing/data_types.py +199 -0
icdev/tools/testing/e2e_runner.py +715 -0
icdev/tools/testing/fuzz_cli.py +306 -0
icdev/tools/testing/health_check.py +483 -0
icdev/tools/testing/platform_check.py +143 -0
icdev/tools/testing/production_audit.py +1862 -0
icdev/tools/testing/production_remediate.py +804 -0
icdev/tools/testing/screenshot_validator.py +539 -0
icdev/tools/testing/smoke_test.py +283 -0
icdev/tools/testing/test_agent_models.py +117 -0
icdev/tools/testing/test_orchestrator.py +957 -0
icdev/tools/testing/utils.py +229 -0
icdev/tools/translation/__init__.py +17 -0
icdev/tools/translation/code_translator.py +550 -0
icdev/tools/translation/dependency_mapper.py +277 -0
icdev/tools/translation/feature_map.py +395 -0
icdev/tools/translation/project_assembler.py +439 -0
icdev/tools/translation/source_extractor.py +609 -0
icdev/tools/translation/test_translator.py +333 -0
icdev/tools/translation/translation_manager.py +582 -0
icdev/tools/translation/translation_validator.py +662 -0
icdev/tools/translation/type_checker.py +371 -0
icdev-1.0.0.dist-info/METADATA +868 -0
icdev-1.0.0.dist-info/RECORD +1105 -0
icdev-1.0.0.dist-info/WHEEL +5 -0
icdev-1.0.0.dist-info/entry_points.txt +9 -0
icdev-1.0.0.dist-info/licenses/LICENSE +254 -0
icdev-1.0.0.dist-info/licenses/NOTICE +268 -0
icdev-1.0.0.dist-info/top_level.txt +1 -0

icdev/tools/compliance/universal_classification_manager.py ADDED Viewed

@@ -0,0 +1,1172 @@
+#!/usr/bin/env python3
+# CUI // SP-CTI
+# Controlled by: Department of Defense
+# CUI Category: CTI
+# Distribution: D
+# POC: ICDEV System Administrator
+"""Universal Data Classification and Marking Manager for ICDEV.
+Extends classification_manager.py to support multi-regime data categories
+(CUI, PHI, PCI, CJIS, PII, FTI, ITAR, SECRET) with composable markings.
+A single artifact can carry multiple category markings simultaneously
+(ADR D109).
+Loads configuration from args/classification_config.yaml and data type
+definitions from context/compliance/data_type_registry.json.
+Backward-compatible: all existing classification_manager.py functions
+continue to work. This module adds multi-category support on top.
+CLI:
+    # List all data categories
+    python tools/compliance/universal_classification_manager.py --list-categories
+    # Show marking for a single category
+    python tools/compliance/universal_classification_manager.py --category PHI --banner
+    # Composite marking for multiple categories
+    python tools/compliance/universal_classification_manager.py --categories CUI,PHI,PCI --banner
+    # Code header with composite markings
+    python tools/compliance/universal_classification_manager.py --categories CUI,PHI --code-header python
+    # Detect data categories from project metadata
+    python tools/compliance/universal_classification_manager.py --detect --project-id proj-123
+    # Validate project data markings
+    python tools/compliance/universal_classification_manager.py --validate --project-id proj-123
+    # JSON output
+    python tools/compliance/universal_classification_manager.py --categories CUI,PHI --banner --json
+"""
+import argparse
+import json
+import sqlite3
+import sys
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Dict, List, Optional
+from icdev._paths import get_project_root
+# ---------------------------------------------------------------------------
+# Paths
+# ---------------------------------------------------------------------------
+BASE_DIR = get_project_root()
+DB_PATH = BASE_DIR / "data" / "icdev.db"
+CONFIG_PATH = BASE_DIR / "args" / "classification_config.yaml"
+REGISTRY_PATH = BASE_DIR / "context" / "compliance" / "data_type_registry.json"
+FRAMEWORK_MAP_PATH = BASE_DIR / "context" / "compliance" / "data_type_framework_map.json"
+# Module-level caches
+_CONFIG_CACHE: Optional[Dict] = None
+_REGISTRY_CACHE: Optional[Dict] = None
+_FRAMEWORK_MAP_CACHE: Optional[Dict] = None
+# ---------------------------------------------------------------------------
+# Sensitivity ordering (highest to lowest)
+# ---------------------------------------------------------------------------
+SENSITIVITY_ORDER = [
+    "TOP_SECRET", "SECRET", "CUI", "ITAR", "FTI",
+    "CJIS", "PHI", "PCI", "PII", "PUBLIC",
+]
+# Backward-compatible aliases
+_CATEGORY_ALIASES = {
+    "TOP SECRET": "TOP_SECRET",
+    "TOP SECRET//SCI": "TOP_SECRET",
+    "TS": "TOP_SECRET",
+    "S": "SECRET",
+    "HIPAA": "PHI",
+    "PCI DSS": "PCI",
+    "PCI-DSS": "PCI",
+    "FBI CJIS": "CJIS",
+    "IRS 1075": "FTI",
+    "NIST 800-122": "PII",
+}
+# Comment style mapping
+_COMMENT_STYLES = {
+    "python": "hash", "ruby": "hash", "yaml": "hash",
+    "terraform": "hash", "dockerfile": "hash",
+    "java": "c_style", "go": "c_style", "rust": "c_style",
+    "csharp": "c_style", "c#": "c_style",
+    "typescript": "c_style", "javascript": "c_style",
+    "xml": "xml_style", "html": "xml_style",
+    "sql": "sql_style",
+}
+# ---------------------------------------------------------------------------
+# Config / registry loaders
+# ---------------------------------------------------------------------------
+def _load_yaml(path: Path) -> Dict:
+    """Load YAML file with fallback to simple parsing if PyYAML unavailable."""
+    if not path.exists():
+        return {}
+    try:
+        import yaml
+        with open(path, "r", encoding="utf-8") as f:
+            return yaml.safe_load(f) or {}
+    except ImportError:
+        return {}
+def load_config() -> Dict:
+    """Load and cache classification configuration from YAML."""
+    global _CONFIG_CACHE
+    if _CONFIG_CACHE is not None:
+        return _CONFIG_CACHE
+    _CONFIG_CACHE = _load_yaml(CONFIG_PATH)
+    return _CONFIG_CACHE
+def load_registry() -> List[Dict]:
+    """Load and cache data type registry from JSON."""
+    global _REGISTRY_CACHE
+    if _REGISTRY_CACHE is not None:
+        return _REGISTRY_CACHE
+    if not REGISTRY_PATH.exists():
+        _REGISTRY_CACHE = []
+        return _REGISTRY_CACHE
+    with open(REGISTRY_PATH, "r", encoding="utf-8") as f:
+        data = json.load(f)
+    _REGISTRY_CACHE = data.get("data_types", [])
+    return _REGISTRY_CACHE
+def load_framework_map() -> Dict:
+    """Load and cache data-type-to-framework mapping from JSON."""
+    global _FRAMEWORK_MAP_CACHE
+    if _FRAMEWORK_MAP_CACHE is not None:
+        return _FRAMEWORK_MAP_CACHE
+    if not FRAMEWORK_MAP_PATH.exists():
+        _FRAMEWORK_MAP_CACHE = {}
+        return _FRAMEWORK_MAP_CACHE
+    with open(FRAMEWORK_MAP_PATH, "r", encoding="utf-8") as f:
+        _FRAMEWORK_MAP_CACHE = json.load(f)
+    return _FRAMEWORK_MAP_CACHE
+def _normalize_category(category: str) -> str:
+    """Normalize a category string to its canonical form."""
+    upper = category.upper().strip()
+    return _CATEGORY_ALIASES.get(upper, upper)
+def get_category_config(category: str) -> Dict:
+    """Return the configuration dict for a single data category.
+    Args:
+        category: Data category identifier (e.g., CUI, PHI, PCI, CJIS).
+    Returns:
+        Dict with full_name, governing_framework, marking_prefix,
+        banner_template, portion_marking, distribution, controlled_by,
+        handling_requirements, etc.
+    """
+    norm = _normalize_category(category)
+    config = load_config()
+    categories = config.get("data_categories", {})
+    cat_config = categories.get(norm)
+    if cat_config is None:
+        return {
+            "full_name": norm,
+            "governing_framework": "Unknown",
+            "marking_prefix": norm,
+            "banner_template": f"{norm} // Custom",
+            "portion_marking": f"({norm})",
+            "distribution": "Restricted",
+            "controlled_by": "Data Owner",
+            "handling_requirements": [],
+        }
+    return cat_config
+def list_categories() -> List[Dict]:
+    """Return a list of all supported data categories with summary info."""
+    config = load_config()
+    categories = config.get("data_categories", {})
+    result = []
+    for cat_id, cat_config in categories.items():
+        result.append({
+            "id": cat_id,
+            "full_name": cat_config.get("full_name", cat_id),
+            "governing_framework": cat_config.get("governing_framework", ""),
+            "marking_prefix": cat_config.get("marking_prefix", cat_id),
+            "portion_marking": cat_config.get("portion_marking", ""),
+            "sensitivity_rank": SENSITIVITY_ORDER.index(cat_id)
+            if cat_id in SENSITIVITY_ORDER else 99,
+        })
+    result.sort(key=lambda x: x["sensitivity_rank"])
+    return result
+# ---------------------------------------------------------------------------
+# Composite marking functions (ADR D109)
+# ---------------------------------------------------------------------------
+def get_composite_banner(
+    categories: List[str],
+    subcategories: Optional[Dict[str, str]] = None,
+) -> str:
+    """Generate a composite document banner for multiple data categories.
+    Args:
+        categories: List of data category IDs (e.g., ["CUI", "PHI", "PCI"]).
+        subcategories: Optional dict mapping category to subcategory
+            (e.g., {"CUI": "CTI"}).
+    Returns:
+        Multi-line banner string with all applicable markings.
+    """
+    if not categories:
+        return ""
+    subcategories = subcategories or {}
+    normalized = [_normalize_category(c) for c in categories]
+    # Sort by sensitivity (highest first)
+    normalized.sort(
+        key=lambda c: SENSITIVITY_ORDER.index(c)
+        if c in SENSITIVITY_ORDER else 99
+    )
+    # Build banner lines for each category
+    banner_parts = []
+    distributions = []
+    controllers = []
+    for cat in normalized:
+        cat_config = get_category_config(cat)
+        template = cat_config.get("banner_template", f"{cat} // Custom")
+        # Substitute subcategory/dissemination if present
+        subcat = subcategories.get(cat, "")
+        banner_line = template.format(
+            subcategory=subcat or cat_config.get("marking_prefix", cat),
+            dissemination=subcat or "NOFORN",
+        )
+        banner_parts.append(banner_line)
+        dist = cat_config.get("distribution", "")
+        if dist and dist not in distributions:
+            distributions.append(dist)
+        ctrl = cat_config.get("controlled_by", "")
+        if ctrl and ctrl not in controllers:
+            controllers.append(ctrl)
+    # Compose the banner
+    separator = " | "
+    combined_marking = separator.join(banner_parts)
+    combined_dist = "; ".join(distributions) if distributions else "Restricted"
+    combined_ctrl = "; ".join(controllers) if controllers else "Data Owner"
+    return (
+        f"////////////////////////////////////////////////////////////////////\n"
+        f"{combined_marking}\n"
+        f"Distribution: {combined_dist}\n"
+        f"Controlled by: {combined_ctrl}\n"
+        f"////////////////////////////////////////////////////////////////////"
+    )
+def get_composite_footer(categories: List[str]) -> str:
+    """Generate a composite document footer for multiple data categories."""
+    if not categories:
+        return ""
+    normalized = [_normalize_category(c) for c in categories]
+    normalized.sort(
+        key=lambda c: SENSITIVITY_ORDER.index(c)
+        if c in SENSITIVITY_ORDER else 99
+    )
+    parts = []
+    controllers = []
+    for cat in normalized:
+        cat_config = get_category_config(cat)
+        parts.append(cat_config.get("marking_prefix", cat))
+        ctrl = cat_config.get("controlled_by", "")
+        if ctrl and ctrl not in controllers:
+            controllers.append(ctrl)
+    marking_line = " | ".join(parts)
+    ctrl_line = "; ".join(controllers) if controllers else "Data Owner"
+    return (
+        f"////////////////////////////////////////////////////////////////////\n"
+        f"{marking_line} | {ctrl_line}\n"
+        f"////////////////////////////////////////////////////////////////////"
+    )
+def get_composite_portion_marking(categories: List[str]) -> str:
+    """Generate an inline composite portion marking.
+    Returns something like "(CUI/PHI/PCI)".
+    """
+    if not categories:
+        return ""
+    normalized = [_normalize_category(c) for c in categories]
+    normalized.sort(
+        key=lambda c: SENSITIVITY_ORDER.index(c)
+        if c in SENSITIVITY_ORDER else 99
+    )
+    short_marks = []
+    for cat in normalized:
+        cat_config = get_category_config(cat)
+        portion = cat_config.get("portion_marking", f"({cat})")
+        # Strip parens for composition
+        inner = portion.strip("()")
+        if inner:
+            short_marks.append(inner)
+    return f"({'|'.join(short_marks)})" if short_marks else ""
+def get_composite_code_header(
+    categories: List[str],
+    language: str = "python",
+    subcategories: Optional[Dict[str, str]] = None,
+) -> str:
+    """Generate a code file header with composite markings.
+    Args:
+        categories: Data category list.
+        language: Programming language key.
+        subcategories: Optional subcategory overrides.
+    Returns:
+        Multi-line comment block for the top of a source file.
+    """
+    subcategories = subcategories or {}
+    normalized = [_normalize_category(c) for c in categories]
+    normalized.sort(
+        key=lambda c: SENSITIVITY_ORDER.index(c)
+        if c in SENSITIVITY_ORDER else 99
+    )
+    # Build header lines
+    header_lines = []
+    # First line: combined marking
+    parts = []
+    for cat in normalized:
+        cat_config = get_category_config(cat)
+        template = cat_config.get("banner_template", f"{cat} // Custom")
+        subcat = subcategories.get(cat, "")
+        line = template.format(
+            subcategory=subcat or cat_config.get("marking_prefix", cat),
+            dissemination=subcat or "NOFORN",
+        )
+        parts.append(line)
+    header_lines.append(" | ".join(parts))
+    # Controller lines
+    controllers = []
+    for cat in normalized:
+        cat_config = get_category_config(cat)
+        ctrl = cat_config.get("controlled_by", "")
+        if ctrl and ctrl not in controllers:
+            controllers.append(ctrl)
+    if controllers:
+        header_lines.append(f"Controlled by: {'; '.join(controllers)}")
+    # Category-specific lines
+    for cat in normalized:
+        cat_config = get_category_config(cat)
+        fw = cat_config.get("governing_framework", "")
+        if fw:
+            header_lines.append(f"{cat} Framework: {fw}")
+    header_lines.append("Distribution: Restricted -- See applicable framework policies")
+    header_lines.append("POC: ICDEV System Administrator")
+    # Apply comment style
+    lang_lower = language.lower()
+    style = _COMMENT_STYLES.get(lang_lower, "hash")
+    result_lines: List[str] = []
+    if style == "hash":
+        for line in header_lines:
+            result_lines.append(f"# {line}")
+    elif style == "c_style":
+        for line in header_lines:
+            result_lines.append(f"// {line}")
+    elif style == "xml_style":
+        result_lines.append("<!--")
+        for line in header_lines:
+            result_lines.append(f"  {line}")
+        result_lines.append("-->")
+    elif style == "sql_style":
+        for line in header_lines:
+            result_lines.append(f"-- {line}")
+    else:
+        for line in header_lines:
+            result_lines.append(f"# {line}")
+    return "\n".join(result_lines) + "\n"
+def get_composite_handling_requirements(categories: List[str]) -> List[str]:
+    """Return the union of all handling requirements for the given categories.
+    This is the set of ALL requirements from ALL categories -- the artifact
+    must satisfy every one.
+    """
+    requirements = []
+    seen = set()
+    for cat in categories:
+        cat_config = get_category_config(_normalize_category(cat))
+        for req in cat_config.get("handling_requirements", []):
+            if req not in seen:
+                requirements.append(req)
+                seen.add(req)
+    return requirements
+def get_highest_sensitivity(categories: List[str]) -> str:
+    """Return the highest-sensitivity category from the list."""
+    if not categories:
+        return "PUBLIC"
+    normalized = [_normalize_category(c) for c in categories]
+    best = "PUBLIC"
+    best_rank = len(SENSITIVITY_ORDER)
+    for cat in normalized:
+        rank = SENSITIVITY_ORDER.index(cat) if cat in SENSITIVITY_ORDER else 99
+        if rank < best_rank:
+            best = cat
+            best_rank = rank
+    return best
+# ---------------------------------------------------------------------------
+# Upgrade markings across categories
+# ---------------------------------------------------------------------------
+def upgrade_composite_markings(
+    content: str,
+    old_categories: List[str],
+    new_categories: List[str],
+) -> str:
+    """Replace composite markings in content when categories change.
+    Generates old and new banners/footers/portion markings and replaces
+    them in the content string.
+    Args:
+        content: Document or code content.
+        old_categories: Previous set of categories.
+        new_categories: New set of categories.
+    Returns:
+        Updated content with new markings.
+    """
+    if set(old_categories) == set(new_categories):
+        return content
+    result = content
+    # Replace banner
+    old_banner = get_composite_banner(old_categories)
+    new_banner = get_composite_banner(new_categories)
+    if old_banner:
+        result = result.replace(old_banner, new_banner)
+    # Replace footer
+    old_footer = get_composite_footer(old_categories)
+    new_footer = get_composite_footer(new_categories)
+    if old_footer:
+        result = result.replace(old_footer, new_footer)
+    # Replace portion markings
+    old_portion = get_composite_portion_marking(old_categories)
+    new_portion = get_composite_portion_marking(new_categories)
+    if old_portion and new_portion:
+        result = result.replace(old_portion, new_portion)
+    return result
+# ---------------------------------------------------------------------------
+# Database helpers
+# ---------------------------------------------------------------------------
+def _get_connection(db_path: Optional[Path] = None) -> sqlite3.Connection:
+    """Return a database connection with Row factory."""
+    path = db_path or DB_PATH
+    if not path.exists():
+        raise FileNotFoundError(
+            f"Database not found: {path}\n"
+            "Run: python tools/db/init_icdev_db.py"
+        )
+    conn = sqlite3.connect(str(path))
+    conn.row_factory = sqlite3.Row
+    return conn
+def _ensure_tables(conn: sqlite3.Connection) -> None:
+    """Ensure data_classifications table exists."""
+    conn.executescript("""
+        CREATE TABLE IF NOT EXISTS data_classifications (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            project_id TEXT NOT NULL,
+            data_category TEXT NOT NULL,
+            subcategory TEXT,
+            source TEXT DEFAULT 'manual',
+            confidence REAL DEFAULT 1.0,
+            added_by TEXT DEFAULT 'icdev-compliance-engine',
+            created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+            UNIQUE(project_id, data_category)
+        );
+        CREATE TABLE IF NOT EXISTS framework_applicability (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            project_id TEXT NOT NULL,
+            framework_id TEXT NOT NULL,
+            source TEXT DEFAULT 'auto_detected'
+                CHECK(source IN ('auto_detected', 'manual', 'inherited')),
+            confirmed INTEGER DEFAULT 0,
+            confirmed_by TEXT,
+            confirmed_at TIMESTAMP,
+            created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+            UNIQUE(project_id, framework_id)
+        );
+        CREATE INDEX IF NOT EXISTS idx_dc_project
+            ON data_classifications(project_id);
+        CREATE INDEX IF NOT EXISTS idx_fa_project
+            ON framework_applicability(project_id);
+    """)
+    conn.commit()
+def _log_audit_event(
+    conn: sqlite3.Connection,
+    project_id: str,
+    action: str,
+    details: Dict,
+) -> None:
+    """Log an append-only audit event."""
+    try:
+        conn.execute(
+            """INSERT INTO audit_trail
+               (project_id, event_type, actor, action, details,
+                affected_files, classification)
+               VALUES (?, ?, ?, ?, ?, ?, ?)""",
+            (
+                project_id,
+                "classification.validation",
+                "icdev-compliance-engine",
+                action,
+                json.dumps(details),
+                json.dumps([]),
+                "CUI",
+            ),
+        )
+        conn.commit()
+    except Exception as exc:
+        print(f"Warning: Could not log audit event: {exc}", file=sys.stderr)
+# ---------------------------------------------------------------------------
+# Project data category management
+# ---------------------------------------------------------------------------
+def add_project_data_category(
+    project_id: str,
+    data_category: str,
+    subcategory: Optional[str] = None,
+    source: str = "manual",
+    confidence: float = 1.0,
+    db_path: Optional[Path] = None,
+) -> Dict:
+    """Add a data category to a project.
+    Args:
+        project_id: Project identifier.
+        data_category: Category ID (CUI, PHI, PCI, CJIS, etc.).
+        subcategory: Optional subcategory (e.g., CTI for CUI).
+        source: How this was determined (manual, auto_detected).
+        confidence: Confidence score for auto-detected categories.
+        db_path: Optional database path override.
+    Returns:
+        Dict with status and the category record.
+    """
+    norm = _normalize_category(data_category)
+    conn = _get_connection(db_path)
+    try:
+        _ensure_tables(conn)
+        conn.execute(
+            """INSERT OR REPLACE INTO data_classifications
+               (project_id, data_category, subcategory, source, confidence)
+               VALUES (?, ?, ?, ?, ?)""",
+            (project_id, norm, subcategory, source, confidence),
+        )
+        conn.commit()
+        _log_audit_event(conn, project_id, "Data category added", {
+            "data_category": norm,
+            "subcategory": subcategory,
+            "source": source,
+            "confidence": confidence,
+            "timestamp": datetime.now(timezone.utc).isoformat(),
+        })
+        return {
+            "status": "added",
+            "project_id": project_id,
+            "data_category": norm,
+            "subcategory": subcategory,
+            "source": source,
+        }
+    finally:
+        conn.close()
+def get_project_data_categories(
+    project_id: str,
+    db_path: Optional[Path] = None,
+) -> List[Dict]:
+    """Return all data categories assigned to a project."""
+    conn = _get_connection(db_path)
+    try:
+        _ensure_tables(conn)
+        rows = conn.execute(
+            """SELECT data_category, subcategory, source, confidence, created_at
+               FROM data_classifications
+               WHERE project_id = ?
+               ORDER BY created_at""",
+            (project_id,),
+        ).fetchall()
+        return [dict(row) for row in rows]
+    finally:
+        conn.close()
+def _resolve_default_categories(
+    project_id: str,
+    db_path: Optional[Path] = None,
+) -> list:
+    """Resolve default data categories from project metadata (ADR D132).
+    Called when no explicit data_classifications exist for a project.
+    Resolution:
+      - Public / IL2 -> empty (no marking required)
+      - SECRET / IL6 -> SECRET
+      - IL4/IL5 or CUI -> CUI (backward compat per ADR D54)
+      - Unknown -> CUI (conservative default)
+    """
+    try:
+        conn = _get_connection(db_path)
+        row = conn.execute(
+            "SELECT classification, impact_level FROM projects WHERE id = ?",
+            (project_id,),
+        ).fetchone()
+        conn.close()
+        if row:
+            proj = dict(row)
+            cls = (proj.get("classification") or "").upper()
+            il = (proj.get("impact_level") or "").upper()
+            if cls == "PUBLIC" or il == "IL2":
+                return []  # No marking required
+            if cls in ("SECRET", "TOP SECRET", "TOP_SECRET") or il == "IL6":
+                return [{"data_category": "SECRET", "subcategory": "NSI"}]
+            # IL4/IL5 or CUI/FOUO -> CUI
+            return [{"data_category": "CUI", "subcategory": "CTI"}]
+    except Exception:
+        pass
+    # Ultimate fallback: CUI (backward compat)
+    return [{"data_category": "CUI", "subcategory": "CTI"}]
+def get_project_marking(
+    project_id: str,
+    db_path: Optional[Path] = None,
+) -> Dict:
+    """Generate the full composite marking for a project.
+    Reads all data categories from the database and generates
+    banner, footer, portion marking, and handling requirements.
+    Returns:
+        Dict with banner, footer, portion_marking, categories,
+        highest_sensitivity, and handling_requirements.
+    """
+    categories_data = get_project_data_categories(project_id, db_path)
+    if not categories_data:
+        # Resolve default from project metadata (ADR D132)
+        categories_data = _resolve_default_categories(project_id, db_path)
+    categories = [c["data_category"] for c in categories_data]
+    subcats = {
+        c["data_category"]: c.get("subcategory", "")
+        for c in categories_data
+        if c.get("subcategory")
+    }
+    marking_required = bool(categories) and categories != ["PUBLIC"]
+    return {
+        "marking_required": marking_required,
+        "categories": categories,
+        "highest_sensitivity": get_highest_sensitivity(categories) if categories else "PUBLIC",
+        "banner": get_composite_banner(categories, subcats),
+        "footer": get_composite_footer(categories),
+        "portion_marking": get_composite_portion_marking(categories),
+        "handling_requirements": get_composite_handling_requirements(categories),
+    }
+# ---------------------------------------------------------------------------
+# Auto-detection (ADR D110 -- advisory, not enforced)
+# ---------------------------------------------------------------------------
+def detect_data_categories(
+    project_id: str,
+    db_path: Optional[Path] = None,
+) -> Dict:
+    """Analyze project metadata and recommend applicable data categories.
+    Reads the project's description, type, impact_level, classification,
+    and target_frameworks to infer which data categories likely apply.
+    ADR D110: Results are advisory only -- the customer makes the final
+    selection.
+    Returns:
+        Dict with detected categories, confidence scores, and reasoning.
+    """
+    conn = _get_connection(db_path)
+    try:
+        _ensure_tables(conn)
+        row = conn.execute(
+            """SELECT id, name, description, type, classification,
+                      impact_level, target_frameworks
+               FROM projects WHERE id = ?""",
+            (project_id,),
+        ).fetchone()
+        if not row:
+            raise ValueError(f"Project '{project_id}' not found.")
+        project = dict(row)
+        desc = (project.get("description") or "").lower()
+        name = (project.get("name") or "").lower()
+        cls = (project.get("classification") or "").upper()
+        il = (project.get("impact_level") or "").upper()
+        frameworks = (project.get("target_frameworks") or "").lower()
+        combined_text = f"{name} {desc} {frameworks}"
+        detected = []
+        registry = load_registry()
+        for data_type in registry:
+            indicators = data_type.get("indicators", [])
+            matches = [ind for ind in indicators if ind.lower() in combined_text]
+            if matches:
+                confidence = min(0.5 + (len(matches) * 0.15), 0.95)
+                detected.append({
+                    "data_type_id": data_type["id"],
+                    "category": data_type["category"],
+                    "subcategory": data_type.get("subcategory", ""),
+                    "name": data_type["name"],
+                    "confidence": round(confidence, 2),
+                    "matched_indicators": matches,
+                    "required_frameworks": data_type.get("required_frameworks", []),
+                    "recommended_frameworks": data_type.get("recommended_frameworks", []),
+                })
+        # Always detect classification-based categories
+        if cls in ("CUI",) and not any(d["category"] == "CUI" for d in detected):
+            detected.append({
+                "data_type_id": "CUI_CTI",
+                "category": "CUI",
+                "subcategory": "CTI",
+                "name": "Controlled Technical Information",
+                "confidence": 0.9,
+                "matched_indicators": [f"classification={cls}"],
+                "required_frameworks": ["nist_800_171", "cmmc_level_2"],
+                "recommended_frameworks": ["fedramp_moderate"],
+            })
+        if cls == "SECRET" and not any(d["category"] == "SECRET" for d in detected):
+            detected.append({
+                "data_type_id": "SECRET_NSI",
+                "category": "SECRET",
+                "subcategory": "NSI",
+                "name": "Classified National Security Information",
+                "confidence": 0.95,
+                "matched_indicators": [f"classification={cls}"],
+                "required_frameworks": ["cnssi_1253"],
+                "recommended_frameworks": [],
+            })
+        # Impact level implications
+        if il in ("IL4", "IL5") and not any(d["category"] == "CUI" for d in detected):
+            detected.append({
+                "data_type_id": "CUI_CTI",
+                "category": "CUI",
+                "subcategory": "CTI",
+                "name": "Controlled Technical Information",
+                "confidence": 0.8,
+                "matched_indicators": [f"impact_level={il}"],
+                "required_frameworks": ["nist_800_171", "cmmc_level_2"],
+                "recommended_frameworks": ["fedramp_moderate"],
+            })
+        # Sort by confidence descending
+        detected.sort(key=lambda x: x["confidence"], reverse=True)
+        # Collect all required and recommended frameworks
+        all_required = set()
+        all_recommended = set()
+        for d in detected:
+            all_required.update(d.get("required_frameworks", []))
+            all_recommended.update(d.get("recommended_frameworks", []))
+        result = {
+            "project_id": project_id,
+            "detected_categories": detected,
+            "all_required_frameworks": sorted(all_required),
+            "all_recommended_frameworks": sorted(all_recommended - all_required),
+            "advisory_note": "Detection is advisory (ADR D110). "
+                             "Confirm categories before applying markings.",
+            "timestamp": datetime.now(timezone.utc).isoformat(),
+        }
+        _log_audit_event(conn, project_id, "Data category auto-detection", {
+            "detected_count": len(detected),
+            "categories": [d["category"] for d in detected],
+            "required_frameworks": sorted(all_required),
+        })
+        return result
+    finally:
+        conn.close()
+# ---------------------------------------------------------------------------
+# Validation
+# ---------------------------------------------------------------------------
+def validate_project_markings(
+    project_id: str,
+    db_path: Optional[Path] = None,
+) -> Dict:
+    """Validate that project markings are consistent with data categories.
+    Checks:
+    1. At least one data category is assigned.
+    2. All required frameworks for each category are tracked.
+    3. Marking banner matches assigned categories.
+    4. Handling requirements are documented.
+    Returns:
+        Dict with valid (bool), issues list, and recommendations.
+    """
+    conn = _get_connection(db_path)
+    try:
+        _ensure_tables(conn)
+        issues: List[str] = []
+        recommendations: List[str] = []
+        # Get project info
+        row = conn.execute(
+            "SELECT * FROM projects WHERE id = ?", (project_id,)
+        ).fetchone()
+        if not row:
+            raise ValueError(f"Project '{project_id}' not found.")
+        project = dict(row)
+        # Get assigned categories
+        cat_rows = conn.execute(
+            """SELECT data_category, subcategory, source, confidence
+               FROM data_classifications WHERE project_id = ?""",
+            (project_id,),
+        ).fetchall()
+        categories = [dict(r) for r in cat_rows]
+        if not categories:
+            issues.append(
+                "No data categories assigned. Run --detect to identify "
+                "applicable categories."
+            )
+            recommendations.append(
+                "Add at least one data category with --add-category."
+            )
+        # Check each category's required frameworks
+        for cat in categories:
+            registry = load_registry()
+            for dt in registry:
+                if dt["category"] == cat["data_category"]:
+                    required_fws = dt.get("required_frameworks", [])
+                    for fw in required_fws:
+                        # Check if framework is tracked in project_framework_status
+                        try:
+                            fw_row = conn.execute(
+                                """SELECT framework_id FROM project_framework_status
+                                   WHERE project_id = ? AND framework_id = ?""",
+                                (project_id, fw),
+                            ).fetchone()
+                            if not fw_row:
+                                issues.append(
+                                    f"Data category {cat['data_category']} requires "
+                                    f"framework '{fw}' but it is not tracked."
+                                )
+                        except Exception:
+                            pass  # Table may not exist
+        # Validate classification consistency
+        proj_cls = (project.get("classification") or "").upper()
+        cat_names = [c["data_category"] for c in categories]
+        highest = get_highest_sensitivity(cat_names) if cat_names else "PUBLIC"
+        if highest in ("SECRET", "TOP_SECRET") and proj_cls not in ("SECRET", "TOP SECRET", "TOP SECRET//SCI"):
+            issues.append(
+                f"Data categories include {highest} but project classification "
+                f"is '{proj_cls}'. Classification must be upgraded."
+            )
+        result = {
+            "valid": len(issues) == 0,
+            "project_id": project_id,
+            "assigned_categories": [c["data_category"] for c in categories],
+            "highest_sensitivity": highest,
+            "issues": issues,
+            "recommendations": recommendations,
+            "timestamp": datetime.now(timezone.utc).isoformat(),
+        }
+        _log_audit_event(conn, project_id, "Marking validation", {
+            "valid": result["valid"],
+            "issues_count": len(issues),
+            "categories": result["assigned_categories"],
+        })
+        return result
+    finally:
+        conn.close()
+# ---------------------------------------------------------------------------
+# CLI
+# ---------------------------------------------------------------------------
+def main() -> None:
+    parser = argparse.ArgumentParser(
+        description="Universal Data Classification & Marking Manager"
+    )
+    parser.add_argument(
+        "--list-categories", action="store_true",
+        help="List all supported data categories",
+    )
+    parser.add_argument(
+        "--category",
+        help="Single data category to display (e.g., PHI, PCI, CJIS)",
+    )
+    parser.add_argument(
+        "--categories",
+        help="Comma-separated data categories for composite marking (e.g., CUI,PHI,PCI)",
+    )
+    parser.add_argument(
+        "--banner", action="store_true",
+        help="Show document banner for the specified categories",
+    )
+    parser.add_argument(
+        "--code-header", metavar="LANGUAGE",
+        help="Show code header for a language (python, java, go, etc.)",
+    )
+    parser.add_argument(
+        "--handling", action="store_true",
+        help="Show handling requirements for the specified categories",
+    )
+    parser.add_argument(
+        "--detect", action="store_true",
+        help="Auto-detect data categories for a project (requires --project-id)",
+    )
+    parser.add_argument(
+        "--validate", action="store_true",
+        help="Validate project data markings (requires --project-id)",
+    )
+    parser.add_argument(
+        "--add-category",
+        help="Add a data category to a project (requires --project-id)",
+    )
+    parser.add_argument(
+        "--project-id",
+        help="Project ID for detection/validation/add operations",
+    )
+    parser.add_argument("--json", action="store_true", help="JSON output")
+    parser.add_argument(
+        "--db-path", type=Path, default=None,
+        help="Database path override",
+    )
+    args = parser.parse_args()
+    try:
+        # Parse categories
+        cats = []
+        if args.category:
+            cats = [args.category]
+        elif args.categories:
+            cats = [c.strip() for c in args.categories.split(",")]
+        # --list-categories
+        if args.list_categories:
+            result = list_categories()
+            if args.json:
+                print(json.dumps(result, indent=2))
+            else:
+                print(f"{'ID':<15} {'Name':<40} {'Framework':<20} {'Marking'}")
+                print("-" * 90)
+                for cat in result:
+                    print(
+                        f"{cat['id']:<15} {cat['full_name']:<40} "
+                        f"{cat['governing_framework']:<20} {cat['portion_marking']}"
+                    )
+            return
+        # --banner
+        if args.banner and cats:
+            banner = get_composite_banner(cats)
+            footer = get_composite_footer(cats)
+            portion = get_composite_portion_marking(cats)
+            if args.json:
+                print(json.dumps({
+                    "categories": cats,
+                    "banner": banner,
+                    "footer": footer,
+                    "portion_marking": portion,
+                    "highest_sensitivity": get_highest_sensitivity(cats),
+                }, indent=2))
+            else:
+                print(f"Banner for {', '.join(cats)}:\n")
+                print(banner)
+                print(f"\nFooter:\n{footer}")
+                print(f"\nPortion marking: {portion}")
+            return
+        # --code-header
+        if args.code_header and cats:
+            header = get_composite_code_header(cats, args.code_header)
+            if args.json:
+                print(json.dumps({
+                    "categories": cats,
+                    "language": args.code_header,
+                    "code_header": header,
+                }, indent=2))
+            else:
+                print(f"Code header for {', '.join(cats)} ({args.code_header}):\n")
+                print(header)
+            return
+        # --handling
+        if args.handling and cats:
+            reqs = get_composite_handling_requirements(cats)
+            if args.json:
+                print(json.dumps({
+                    "categories": cats,
+                    "handling_requirements": reqs,
+                }, indent=2))
+            else:
+                print(f"Handling requirements for {', '.join(cats)}:")
+                for i, req in enumerate(reqs, 1):
+                    print(f"  {i}. {req}")
+            return
+        # --detect
+        if args.detect:
+            if not args.project_id:
+                print("Error: --detect requires --project-id", file=sys.stderr)
+                sys.exit(1)
+            result = detect_data_categories(args.project_id, args.db_path)
+            if args.json:
+                print(json.dumps(result, indent=2))
+            else:
+                print(f"Data Category Detection: {args.project_id}")
+                print(f"{'=' * 60}")
+                for d in result["detected_categories"]:
+                    print(
+                        f"  [{d['confidence']:.0%}] {d['category']}/{d['subcategory']} "
+                        f"-- {d['name']}"
+                    )
+                    print(f"         Matched: {', '.join(d['matched_indicators'])}")
+                print(f"\nRequired frameworks: {', '.join(result['all_required_frameworks'])}")
+                print(f"Recommended: {', '.join(result['all_recommended_frameworks'])}")
+                print(f"\nNote: {result['advisory_note']}")
+            return
+        # --validate
+        if args.validate:
+            if not args.project_id:
+                print("Error: --validate requires --project-id", file=sys.stderr)
+                sys.exit(1)
+            result = validate_project_markings(args.project_id, args.db_path)
+            if args.json:
+                print(json.dumps(result, indent=2))
+            else:
+                status = "VALID" if result["valid"] else "INVALID"
+                print(f"Marking Validation: {status}")
+                print(f"  Categories: {', '.join(result['assigned_categories']) or 'none'}")
+                print(f"  Highest: {result['highest_sensitivity']}")
+                if result["issues"]:
+                    print(f"  Issues ({len(result['issues'])}):")
+                    for issue in result["issues"]:
+                        print(f"    - {issue}")
+                if result["recommendations"]:
+                    print("  Recommendations:")
+                    for rec in result["recommendations"]:
+                        print(f"    - {rec}")
+            return
+        # --add-category
+        if args.add_category:
+            if not args.project_id:
+                print("Error: --add-category requires --project-id", file=sys.stderr)
+                sys.exit(1)
+            result = add_project_data_category(
+                args.project_id, args.add_category, db_path=args.db_path,
+            )
+            if args.json:
+                print(json.dumps(result, indent=2))
+            else:
+                print(f"Added data category: {result['data_category']} to {result['project_id']}")
+            return
+        # Single category info
+        if cats and len(cats) == 1 and not (args.banner or args.code_header or args.handling):
+            cat_config = get_category_config(cats[0])
+            if args.json:
+                print(json.dumps({"category": cats[0], "config": cat_config}, indent=2))
+            else:
+                print(f"Data Category: {cats[0]}")
+                for k, v in cat_config.items():
+                    if isinstance(v, list):
+                        print(f"  {k}:")
+                        for item in v:
+                            print(f"    - {item}")
+                    else:
+                        print(f"  {k}: {v}")
+            return
+        parser.print_help()
+    except (ValueError, FileNotFoundError) as exc:
+        print(f"ERROR: {exc}", file=sys.stderr)
+        sys.exit(1)
+if __name__ == "__main__":
+    main()