PyPI - icdev - Versions diffs - 1.0.0__py3-none-any.whl - Mend

icdev 1.0.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1105) hide show

icdev/__init__.py +18 -0
icdev/_paths.py +85 -0
icdev/_version.py +3 -0
icdev/data/__init__.py +1 -0
icdev/data/args/__init__.py +1 -0
icdev/data/args/agent_authority.yaml +61 -0
icdev/data/args/agent_config.yaml +355 -0
icdev/data/args/agentic_fitness.yaml +31 -0
icdev/data/args/ai_governance_config.yaml +137 -0
icdev/data/args/atlas_critique_config.yaml +66 -0
icdev/data/args/bedrock_models.yaml +63 -0
icdev/data/args/cicd_config.yaml +82 -0
icdev/data/args/classification_config.yaml +232 -0
icdev/data/args/cli_config.yaml +154 -0
icdev/data/args/cloud_config.yaml +63 -0
icdev/data/args/code_pattern_config.yaml +151 -0
icdev/data/args/code_quality_config.yaml +47 -0
icdev/data/args/companion_registry.yaml +202 -0
icdev/data/args/context_config.yaml +82 -0
icdev/data/args/csp_monitor_config.yaml +268 -0
icdev/data/args/cui_markings.yaml +35 -0
icdev/data/args/db_config.yaml +40 -0
icdev/data/args/deployment_profiles.yaml +248 -0
icdev/data/args/dev_profile_config.yaml +144 -0
icdev/data/args/devsecops_config.yaml +286 -0
icdev/data/args/endpoint_security_config.yaml +137 -0
icdev/data/args/extension_config.yaml +79 -0
icdev/data/args/file_access_tiers.yaml +88 -0
icdev/data/args/framework_registry.yaml +415 -0
icdev/data/args/innovation_config.yaml +431 -0
icdev/data/args/installation_manifest.yaml +1087 -0
icdev/data/args/llm_config.yaml +495 -0
icdev/data/args/maintenance_config.yaml +55 -0
icdev/data/args/memory_config.yaml +83 -0
icdev/data/args/monitoring_config.yaml +127 -0
icdev/data/args/mosa_config.yaml +190 -0
icdev/data/args/nlq_config.yaml +35 -0
icdev/data/args/observability_config.yaml +39 -0
icdev/data/args/observability_tracing_config.yaml +170 -0
icdev/data/args/oscal_tools_config.yaml +43 -0
icdev/data/args/owasp_agentic_config.yaml +171 -0
icdev/data/args/phase_registry.yaml +618 -0
icdev/data/args/project_defaults.yaml +235 -0
icdev/data/args/prompt_chains.yaml +163 -0
icdev/data/args/resilience_config.yaml +50 -0
icdev/data/args/ricoas_config.yaml +191 -0
icdev/data/args/role_personas.yaml +362 -0
icdev/data/args/scaling_config.yaml +176 -0
icdev/data/args/security_gates.yaml +685 -0
icdev/data/args/skill_injection_config.yaml +322 -0
icdev/data/args/spec_config.yaml +53 -0
icdev/data/args/supply_chain_config.yaml +76 -0
icdev/data/args/translation_config.yaml +228 -0
icdev/data/args/workflow_templates/ato_acceleration.yaml +54 -0
icdev/data/args/workflow_templates/build_deploy.yaml +63 -0
icdev/data/args/workflow_templates/full_compliance.yaml +43 -0
icdev/data/args/workflow_templates/security_hardening.yaml +55 -0
icdev/data/args/worktree_config.yaml +34 -0
icdev/data/args/zta_config.yaml +247 -0
icdev/data/context/__init__.py +1 -0
icdev/data/context/agent/__init__.py +1 -0
icdev/data/context/agent/response_schemas/__init__.py +1 -0
icdev/data/context/agent/response_schemas/debate_position.json +46 -0
icdev/data/context/agent/response_schemas/fitness_scorecard.json +74 -0
icdev/data/context/agent/response_schemas/review_decision.json +39 -0
icdev/data/context/agent/response_schemas/task_decomposition.json +82 -0
icdev/data/context/agent/response_schemas/veto_decision.json +40 -0
icdev/data/context/agentic/__init__.py +1 -0
icdev/data/context/agentic/architecture_patterns.md +269 -0
icdev/data/context/agentic/capability_registry.yaml +202 -0
icdev/data/context/agentic/csp_mcp_registry.yaml +280 -0
icdev/data/context/agentic/fitness_rubric.md +56 -0
icdev/data/context/agentic/governance_baseline.md +205 -0
icdev/data/context/ci/__init__.py +1 -0
icdev/data/context/ci/worktree_templates.json +44 -0
icdev/data/context/cloud/__init__.py +1 -0
icdev/data/context/cloud/csp_service_registry.json +739 -0
icdev/data/context/compliance/__init__.py +1 -0
icdev/data/context/compliance/atlas_mitigations.json +293 -0
icdev/data/context/compliance/atlas_techniques.json +833 -0
icdev/data/context/compliance/cisa_sbd_requirements.json +432 -0
icdev/data/context/compliance/cjis_security_policy.json +522 -0
icdev/data/context/compliance/cmmc_practices.json +2494 -0
icdev/data/context/compliance/cmmc_report_template.md +142 -0
icdev/data/context/compliance/cnssi_1253_overlay.json +109 -0
icdev/data/context/compliance/control_crosswalk.json +1914 -0
icdev/data/context/compliance/control_families/__init__.py +1 -0
icdev/data/context/compliance/csp_certifications.json +251 -0
icdev/data/context/compliance/cssp_report_template.md +193 -0
icdev/data/context/compliance/cui_templates/__init__.py +1 -0
icdev/data/context/compliance/cui_templates/banner_block.txt +4 -0
icdev/data/context/compliance/cui_templates/code_header.txt +8 -0
icdev/data/context/compliance/cui_templates/document_template.md +35 -0
icdev/data/context/compliance/data_type_framework_map.json +321 -0
icdev/data/context/compliance/data_type_registry.json +147 -0
icdev/data/context/compliance/dod_cssp_8530.json +463 -0
icdev/data/context/compliance/eu_ai_act_annex_iii.json +108 -0
icdev/data/context/compliance/export_templates/__init__.py +1 -0
icdev/data/context/compliance/export_templates/emass_controls.csv.j2 +4 -0
icdev/data/context/compliance/export_templates/evidence_package.md.j2 +39 -0
icdev/data/context/compliance/export_templates/executive_summary.md.j2 +55 -0
icdev/data/context/compliance/export_templates/poam_tracking.csv.j2 +4 -0
icdev/data/context/compliance/fedramp_20x_ksi_schemas.json +133 -0
icdev/data/context/compliance/fedramp_high_baseline.json +4370 -0
icdev/data/context/compliance/fedramp_moderate_baseline.json +2183 -0
icdev/data/context/compliance/fedramp_report_template.md +181 -0
icdev/data/context/compliance/fips_200_areas.json +362 -0
icdev/data/context/compliance/gao_ai_accountability.json +262 -0
icdev/data/context/compliance/hipaa_security_rule.json +720 -0
icdev/data/context/compliance/hitrust_csf_v11.json +930 -0
icdev/data/context/compliance/impact_level_profiles.json +251 -0
icdev/data/context/compliance/incident_response_template.md +1110 -0
icdev/data/context/compliance/iso27001_2022_controls.json +750 -0
icdev/data/context/compliance/iso27001_nist_bridge.json +382 -0
icdev/data/context/compliance/iso42001_controls.json +254 -0
icdev/data/context/compliance/ivv_checklist_template.md +80 -0
icdev/data/context/compliance/ivv_report_template.md +116 -0
icdev/data/context/compliance/ivv_requirements.json +372 -0
icdev/data/context/compliance/mosa_crosswalk.json +327 -0
icdev/data/context/compliance/mosa_framework.json +250 -0
icdev/data/context/compliance/narrative_templates/AC.md.j2 +101 -0
icdev/data/context/compliance/narrative_templates/AU.md.j2 +106 -0
icdev/data/context/compliance/narrative_templates/IA.md.j2 +104 -0
icdev/data/context/compliance/narrative_templates/SC.md.j2 +102 -0
icdev/data/context/compliance/narrative_templates/SI.md.j2 +111 -0
icdev/data/context/compliance/narrative_templates/__init__.py +1 -0
icdev/data/context/compliance/narrative_templates/default.md.j2 +50 -0
icdev/data/context/compliance/narrative_templates/executive_summary.j2 +27 -0
icdev/data/context/compliance/narrative_templates/poam_milestone.j2 +19 -0
icdev/data/context/compliance/narrative_templates/ssp_section.j2 +11 -0
icdev/data/context/compliance/nist_800_171_controls.json +1552 -0
icdev/data/context/compliance/nist_800_207_crosswalk.json +399 -0
icdev/data/context/compliance/nist_800_207_zta.json +258 -0
icdev/data/context/compliance/nist_800_53.json +324 -0
icdev/data/context/compliance/nist_ai_600_1_genai.json +326 -0
icdev/data/context/compliance/nist_ai_rmf.json +206 -0
icdev/data/context/compliance/nist_sp_800_60_types.json +1667 -0
icdev/data/context/compliance/omb_m25_21_high_impact_ai.json +248 -0
icdev/data/context/compliance/omb_m26_04_unbiased_ai.json +262 -0
icdev/data/context/compliance/owasp_agentic_asi.json +133 -0
icdev/data/context/compliance/owasp_agentic_threats.json +285 -0
icdev/data/context/compliance/owasp_llm_top10.json +274 -0
icdev/data/context/compliance/pci_dss_v4.json +510 -0
icdev/data/context/compliance/poam_template.md +117 -0
icdev/data/context/compliance/safeai_controls.json +512 -0
icdev/data/context/compliance/sbd_report_template.md +77 -0
icdev/data/context/compliance/siem_config_templates/__init__.py +1 -0
icdev/data/context/compliance/siem_config_templates/filebeat.yml +213 -0
icdev/data/context/compliance/siem_config_templates/log_sources.json +208 -0
icdev/data/context/compliance/soc2_trust_criteria.json +661 -0
icdev/data/context/compliance/ssp_template.md +432 -0
icdev/data/context/compliance/stig_templates/__init__.py +1 -0
icdev/data/context/compliance/stig_templates/webapp_stig.json +139 -0
icdev/data/context/compliance/xai_requirements.json +108 -0
icdev/data/context/dashboard/__init__.py +1 -0
icdev/data/context/dashboard/nlq_examples.json +50 -0
icdev/data/context/dashboard/schema_descriptions.json +23 -0
icdev/data/context/integration/__init__.py +1 -0
icdev/data/context/integration/approval_workflows.json +32 -0
icdev/data/context/integration/gitlab_field_mappings.json +33 -0
icdev/data/context/integration/jira_field_mappings.json +32 -0
icdev/data/context/integration/reqif_export_schema.json +23 -0
icdev/data/context/integration/servicenow_field_mappings.json +22 -0
icdev/data/context/languages/__init__.py +1 -0
icdev/data/context/languages/framework_patterns.json +205 -0
icdev/data/context/languages/language_registry.json +279 -0
icdev/data/context/llm/__init__.py +1 -0
icdev/data/context/llm/example_provider.py +86 -0
icdev/data/context/mbse/__init__.py +1 -0
icdev/data/context/mbse/des_report_template.md +162 -0
icdev/data/context/mbse/des_requirements.json +411 -0
icdev/data/context/mbse/digital_thread_patterns.json +403 -0
icdev/data/context/mbse/reqif_schema.json +280 -0
icdev/data/context/mbse/sysml_element_types.json +432 -0
icdev/data/context/modernization/__init__.py +1 -0
icdev/data/context/modernization/db_type_mappings.json +148 -0
icdev/data/context/modernization/decomposition_patterns.json +284 -0
icdev/data/context/modernization/framework_migration_patterns.json +359 -0
icdev/data/context/modernization/migration_report_template.md +168 -0
icdev/data/context/modernization/seven_rs_catalog.json +369 -0
icdev/data/context/modernization/version_upgrade_rules.json +279 -0
icdev/data/context/oscal/NIST_SP-800-53_rev5_catalog.json +254987 -0
icdev/data/context/oscal/README.md +43 -0
icdev/data/context/patterns/__init__.py +1 -0
icdev/data/context/profiles/__init__.py +1 -0
icdev/data/context/profiles/dod_baseline_v1.yaml +145 -0
icdev/data/context/profiles/fedramp_baseline_v1.yaml +143 -0
icdev/data/context/profiles/financial_baseline_v1.yaml +142 -0
icdev/data/context/profiles/healthcare_baseline_v1.yaml +135 -0
icdev/data/context/profiles/law_enforcement_v1.yaml +129 -0
icdev/data/context/profiles/startup_v1.yaml +134 -0
icdev/data/context/requirements/__init__.py +1 -0
icdev/data/context/requirements/ambiguity_patterns.json +97 -0
icdev/data/context/requirements/boundary_impact_rules.json +123 -0
icdev/data/context/requirements/default_constitutions.json +67 -0
icdev/data/context/requirements/document_extraction_rules.json +58 -0
icdev/data/context/requirements/gap_patterns.json +108 -0
icdev/data/context/requirements/readiness_rubric.json +78 -0
icdev/data/context/requirements/red_alternative_patterns.json +210 -0
icdev/data/context/requirements/safe_templates.json +72 -0
icdev/data/context/requirements/spec_quality_checklist.json +122 -0
icdev/data/context/simulation/__init__.py +1 -0
icdev/data/context/simulation/architecture_patterns.json +36 -0
icdev/data/context/simulation/coa_templates.json +38 -0
icdev/data/context/simulation/cost_models.json +23 -0
icdev/data/context/simulation/risk_categories.json +46 -0
icdev/data/context/supply_chain/__init__.py +1 -0
icdev/data/context/supply_chain/isa_templates.json +129 -0
icdev/data/context/supply_chain/nist_800_161_controls.json +247 -0
icdev/data/context/supply_chain/scrm_risk_matrix.json +147 -0
icdev/data/context/templates/__init__.py +1 -0
icdev/data/context/templates/ansible/__init__.py +1 -0
icdev/data/context/templates/ansible/playbooks/__init__.py +1 -0
icdev/data/context/templates/ansible/roles/__init__.py +1 -0
icdev/data/context/templates/gitlab_ci/__init__.py +1 -0
icdev/data/context/templates/grafana/__init__.py +1 -0
icdev/data/context/templates/kubernetes/__init__.py +1 -0
icdev/data/context/templates/project/__init__.py +1 -0
icdev/data/context/templates/project/api/__init__.py +1 -0
icdev/data/context/templates/project/cli/__init__.py +1 -0
icdev/data/context/templates/project/data_pipeline/__init__.py +1 -0
icdev/data/context/templates/project/iac/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/src/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/tests/__init__.py +1 -0
icdev/data/context/templates/project/microservice/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/src/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/features/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/steps/__init__.py +1 -0
icdev/data/context/templates/terraform/__init__.py +1 -0
icdev/data/context/templates/terraform/govcloud_base/__init__.py +1 -0
icdev/data/context/templates/terraform/modules/__init__.py +1 -0
icdev/data/context/tone/__init__.py +1 -0
icdev/data/context/translation/dependency_mappings.json +186 -0
icdev/data/context/translation/type_mappings.json +149 -0
icdev/data/docs/README.md +187 -0
icdev/data/docs/__init__.py +1 -0
icdev/data/docs/admin/gateway-guide.md +338 -0
icdev/data/docs/admin/marketplace-guide.md +396 -0
icdev/data/docs/admin/monitoring-guide.md +509 -0
icdev/data/docs/architecture/compliance-framework.md +764 -0
icdev/data/docs/architecture/database-schema.md +689 -0
icdev/data/docs/architecture/gotcha-framework.md +518 -0
icdev/data/docs/architecture/multi-agent-system.md +603 -0
icdev/data/docs/dx/README.md +106 -0
icdev/data/docs/dx/__init__.py +1 -0
icdev/data/docs/dx/ci-cd-integration.md +378 -0
icdev/data/docs/dx/claude-code-guide.md +213 -0
icdev/data/docs/dx/companion-guide.md +232 -0
icdev/data/docs/dx/dev-profiles.md +309 -0
icdev/data/docs/dx/icdev-yaml-spec.md +219 -0
icdev/data/docs/dx/integration-tiers.md +279 -0
icdev/data/docs/dx/llm-routing-guide.md +456 -0
icdev/data/docs/dx/quickstart.md +192 -0
icdev/data/docs/dx/sdk-reference.md +356 -0
icdev/data/docs/dx/unified-mcp-setup.md +525 -0
icdev/data/docs/features/__init__.py +1 -0
icdev/data/docs/features/phase-01-gotcha-framework.md +249 -0
icdev/data/docs/features/phase-02-atlas-build-workflow.md +223 -0
icdev/data/docs/features/phase-03-tdd-bdd-testing.md +261 -0
icdev/data/docs/features/phase-04-nist-compliance.md +255 -0
icdev/data/docs/features/phase-05-security-scanning.md +229 -0
icdev/data/docs/features/phase-06-infrastructure-deployment.md +288 -0
icdev/data/docs/features/phase-07-code-review-gates.md +276 -0
icdev/data/docs/features/phase-08-self-healing.md +223 -0
icdev/data/docs/features/phase-09-monitoring-observability.md +230 -0
icdev/data/docs/features/phase-10-dashboard-web-ui.md +218 -0
icdev/data/docs/features/phase-11-multi-agent-architecture.md +272 -0
icdev/data/docs/features/phase-12-integration-testing.md +228 -0
icdev/data/docs/features/phase-13-cicd-integration.md +257 -0
icdev/data/docs/features/phase-14-secure-by-design-ivv.md +240 -0
icdev/data/docs/features/phase-15-maintenance-audit.md +192 -0
icdev/data/docs/features/phase-16-ato-acceleration.md +228 -0
icdev/data/docs/features/phase-17-multi-framework-compliance.md +223 -0
icdev/data/docs/features/phase-18-mbse-integration.md +242 -0
icdev/data/docs/features/phase-19-agentic-generation.md +202 -0
icdev/data/docs/features/phase-20-fips-security-categorization.md +198 -0
icdev/data/docs/features/phase-21-saas-multi-tenancy.md +273 -0
icdev/data/docs/features/phase-22-federated-gotcha-marketplace.md +242 -0
icdev/data/docs/features/phase-23-universal-compliance-platform.md +238 -0
icdev/data/docs/features/phase-24-devsecops-pipeline-security.md +198 -0
icdev/data/docs/features/phase-25-zero-trust-architecture.md +220 -0
icdev/data/docs/features/phase-26-dod-mosa.md +205 -0
icdev/data/docs/features/phase-27-cli-capabilities.md +222 -0
icdev/data/docs/features/phase-28-remote-command-gateway.md +235 -0
icdev/data/docs/features/phase-29-proactive-monitoring.md +212 -0
icdev/data/docs/features/phase-30-dashboard-auth.md +215 -0
icdev/data/docs/features/phase-31-dashboard-ux-low-impact.md +188 -0
icdev/data/docs/features/phase-32-dashboard-ux-medium-impact.md +223 -0
icdev/data/docs/features/phase-33-modular-installation.md +218 -0
icdev/data/docs/features/phase-34-dev-profiles.md +239 -0
icdev/data/docs/features/phase-35-innovation-engine.md +257 -0
icdev/data/docs/features/phase-36-evolutionary-intelligence.md +351 -0
icdev/data/docs/features/phase-37-mitre-atlas-integration.md +485 -0
icdev/data/docs/features/phase-38-cloud-agnostic-architecture.md +1033 -0
icdev/data/docs/features/phase-39-observability-operations.md +178 -0
icdev/data/docs/features/phase-40-nlq-compliance-queries.md +176 -0
icdev/data/docs/features/phase-41-parallel-cicd.md +169 -0
icdev/data/docs/features/phase-42-framework-planning.md +177 -0
icdev/data/docs/features/phase-43-cross-language-translation.md +225 -0
icdev/data/docs/features/phase-44-innovation-adaptation.md +227 -0
icdev/data/docs/features/phase-45-owasp-agentic-security.md +239 -0
icdev/data/docs/features/phase-46-observability-traceability-xai.md +240 -0
icdev/data/docs/features/phase-47-unified-mcp-gateway.md +257 -0
icdev/data/docs/features/phase-48-ai-transparency.md +203 -0
icdev/data/docs/features/phase-49-ai-accountability.md +243 -0
icdev/data/docs/features/phase-50-ai-governance-intake-chat.md +195 -0
icdev/data/docs/features/phase-51-unified-chat-dashboard.md +240 -0
icdev/data/docs/features/phase-52-code-intelligence.md +244 -0
icdev/data/docs/features/phase-53-fedramp-20x-owasp-asi.md +359 -0
icdev/data/docs/features/phase-54-slsa-swft-orchestration.md +379 -0
icdev/data/docs/features/phase-55-a2a-v03-mcp-oauth.md +322 -0
icdev/data/docs/features/phase-56-evidence-lineage.md +352 -0
icdev/data/docs/features/phase-57-eu-ai-act-iron-bank.md +319 -0
icdev/data/docs/features/phase-58-creative-engine.md +370 -0
icdev/data/docs/features/phase-59-govcon-intelligence.md +535 -0
icdev/data/docs/features/phase-60-cpmp.md +528 -0
icdev/data/docs/features/phase-61-orchestration-improvements.md +534 -0
icdev/data/docs/operations/dashboard-guide.md +354 -0
icdev/data/docs/operations/deployment-guide.md +556 -0
icdev/data/docs/operations/saas-admin-guide.md +439 -0
icdev/data/docs/operations/security-operations-guide.md +733 -0
icdev/data/docs/runbooks/backup-restore.md +412 -0
icdev/data/docs/runbooks/troubleshooting.md +499 -0
icdev/data/features/__init__.py +1 -0
icdev/data/features/cicd_integration.feature +41 -0
icdev/data/features/compliance_gates.feature +46 -0
icdev/data/features/dashboard.feature +72 -0
icdev/data/features/environment.py +25 -0
icdev/data/features/project_management.feature +32 -0
icdev/data/features/requirements_intake.feature +42 -0
icdev/data/features/saas_platform.feature +53 -0
icdev/data/features/security_scanning.feature +36 -0
icdev/data/features/steps/__init__.py +1 -0
icdev/data/features/steps/cicd_steps.py +465 -0
icdev/data/features/steps/compliance_steps.py +308 -0
icdev/data/features/steps/dashboard_steps.py +88 -0
icdev/data/features/steps/project_steps.py +126 -0
icdev/data/features/steps/requirements_intake_steps.py +689 -0
icdev/data/features/steps/saas_platform_steps.py +572 -0
icdev/data/features/steps/security_steps.py +236 -0
icdev/data/features/steps/testing_steps.py +226 -0
icdev/data/features/testing_pipeline.feature +42 -0
icdev/data/goals/__init__.py +1 -0
icdev/data/goals/agent_management.md +144 -0
icdev/data/goals/agentic_generation.md +345 -0
icdev/data/goals/agentic_threat_model.md +309 -0
icdev/data/goals/ai_accountability.md +90 -0
icdev/data/goals/ai_governance_intake.md +132 -0
icdev/data/goals/ai_transparency.md +76 -0
icdev/data/goals/atlas_integration.md +405 -0
icdev/data/goals/ato_acceleration.md +139 -0
icdev/data/goals/boundary_supply_chain.md +206 -0
icdev/data/goals/build_app.md +544 -0
icdev/data/goals/cicd_integration.md +86 -0
icdev/data/goals/claude_dir_maintenance.md +77 -0
icdev/data/goals/cli_capabilities.md +340 -0
icdev/data/goals/cloud_agnostic.md +312 -0
icdev/data/goals/code_intelligence.md +197 -0
icdev/data/goals/code_review.md +94 -0
icdev/data/goals/compliance_workflow.md +858 -0
icdev/data/goals/continuous_harmonization.md +140 -0
icdev/data/goals/cross_language_translation.md +171 -0
icdev/data/goals/dashboard.md +142 -0
icdev/data/goals/deploy_workflow.md +390 -0
icdev/data/goals/devsecops_workflow.md +408 -0
icdev/data/goals/evolutionary_intelligence.md +305 -0
icdev/data/goals/external_integration.md +113 -0
icdev/data/goals/framework_planning.md +63 -0
icdev/data/goals/init_project.md +235 -0
icdev/data/goals/innovation_engine.md +199 -0
icdev/data/goals/integration_testing.md +189 -0
icdev/data/goals/maintenance_audit.md +196 -0
icdev/data/goals/manifest.md +56 -0
icdev/data/goals/mbse_integration.md +504 -0
icdev/data/goals/modernization_workflow.md +618 -0
icdev/data/goals/monitoring.md +126 -0
icdev/data/goals/mosa_workflow.md +463 -0
icdev/data/goals/multi_agent_orchestration.md +68 -0
icdev/data/goals/nlq_compliance.md +63 -0
icdev/data/goals/observability.md +64 -0
icdev/data/goals/observability_traceability_xai.md +154 -0
icdev/data/goals/owasp_agentic_security.md +395 -0
icdev/data/goals/parallel_cicd.md +61 -0
icdev/data/goals/requirements_intake.md +213 -0
icdev/data/goals/sbd_ivv_workflow.md +195 -0
icdev/data/goals/security_categorization.md +133 -0
icdev/data/goals/security_scan.md +381 -0
icdev/data/goals/self_healing.md +120 -0
icdev/data/goals/simulation_engine.md +111 -0
icdev/data/goals/tdd_workflow.md +403 -0
icdev/data/goals/zero_trust_architecture.md +403 -0
icdev/data/hardprompts/__init__.py +1 -0
icdev/data/hardprompts/agent/__init__.py +1 -0
icdev/data/hardprompts/agent/agentic_architect.md +100 -0
icdev/data/hardprompts/agent/debate_prompt.md +32 -0
icdev/data/hardprompts/agent/fitness_evaluation.md +48 -0
icdev/data/hardprompts/agent/governance_review.md +214 -0
icdev/data/hardprompts/agent/reviewer_prompt.md +34 -0
icdev/data/hardprompts/agent/skill_design.md +172 -0
icdev/data/hardprompts/agent/task_decomposition.md +275 -0
icdev/data/hardprompts/agent/veto_check_prompt.md +33 -0
icdev/data/hardprompts/architect/__init__.py +1 -0
icdev/data/hardprompts/architect/api_design.md +283 -0
icdev/data/hardprompts/architect/data_model.md +277 -0
icdev/data/hardprompts/architect/system_design.md +180 -0
icdev/data/hardprompts/builder/__init__.py +1 -0
icdev/data/hardprompts/builder/code_generation.md +59 -0
icdev/data/hardprompts/builder/refactor.md +58 -0
icdev/data/hardprompts/builder/scaffold_project.md +69 -0
icdev/data/hardprompts/builder/test_generation.md +87 -0
icdev/data/hardprompts/ci/__init__.py +1 -0
icdev/data/hardprompts/ci/worktree_setup.md +35 -0
icdev/data/hardprompts/compliance/__init__.py +1 -0
icdev/data/hardprompts/compliance/cmmc_assessment.md +63 -0
icdev/data/hardprompts/compliance/cssp_assessment.md +75 -0
icdev/data/hardprompts/compliance/cui_marking.md +86 -0
icdev/data/hardprompts/compliance/fedramp_assessment.md +55 -0
icdev/data/hardprompts/compliance/ivv_assessment.md +96 -0
icdev/data/hardprompts/compliance/poam_generation.md +57 -0
icdev/data/hardprompts/compliance/sbd_assessment.md +101 -0
icdev/data/hardprompts/compliance/security_categorization.md +74 -0
icdev/data/hardprompts/compliance/ssp_generation.md +56 -0
icdev/data/hardprompts/compliance/stig_evaluation.md +63 -0
icdev/data/hardprompts/dashboard/__init__.py +1 -0
icdev/data/hardprompts/dashboard/nlq_system_prompt.md +26 -0
icdev/data/hardprompts/infra/__init__.py +1 -0
icdev/data/hardprompts/infra/k8s_manifests.md +118 -0
icdev/data/hardprompts/infra/pipeline_generation.md +160 -0
icdev/data/hardprompts/infra/terraform_generation.md +92 -0
icdev/data/hardprompts/integration/__init__.py +1 -0
icdev/data/hardprompts/integration/approval_review.md +17 -0
icdev/data/hardprompts/integration/jira_mapping.md +25 -0
icdev/data/hardprompts/integration/servicenow_mapping.md +14 -0
icdev/data/hardprompts/knowledge/__init__.py +1 -0
icdev/data/hardprompts/knowledge/pattern_detection.md +73 -0
icdev/data/hardprompts/knowledge/recommendation_engine.md +90 -0
icdev/data/hardprompts/knowledge/root_cause_analysis.md +91 -0
icdev/data/hardprompts/maintenance/__init__.py +1 -0
icdev/data/hardprompts/maintenance/maintenance_assessment.md +82 -0
icdev/data/hardprompts/mbse/__init__.py +1 -0
icdev/data/hardprompts/mbse/digital_thread.md +67 -0
icdev/data/hardprompts/mbse/model_import.md +62 -0
icdev/data/hardprompts/mbse/model_to_code.md +65 -0
icdev/data/hardprompts/modernization/__init__.py +1 -0
icdev/data/hardprompts/modernization/legacy_analysis.md +93 -0
icdev/data/hardprompts/modernization/migration_planning.md +150 -0
icdev/data/hardprompts/modernization/seven_r_assessment.md +107 -0
icdev/data/hardprompts/requirements/__init__.py +1 -0
icdev/data/hardprompts/requirements/bdd_generation.md +35 -0
icdev/data/hardprompts/requirements/clarification_prioritization.md +29 -0
icdev/data/hardprompts/requirements/decomposition.md +60 -0
icdev/data/hardprompts/requirements/document_extraction.md +45 -0
icdev/data/hardprompts/requirements/gap_detection.md +70 -0
icdev/data/hardprompts/requirements/intake_conversation.md +101 -0
icdev/data/hardprompts/requirements/readiness_assessment.md +39 -0
icdev/data/hardprompts/requirements/spec_quality.md +33 -0
icdev/data/hardprompts/requirements/traceability_analysis.md +23 -0
icdev/data/hardprompts/security/__init__.py +1 -0
icdev/data/hardprompts/security/endpoint_security.md +78 -0
icdev/data/hardprompts/security/threat_model.md +70 -0
icdev/data/hardprompts/security/vulnerability_assessment.md +81 -0
icdev/data/hardprompts/simulation/__init__.py +1 -0
icdev/data/hardprompts/simulation/architecture_impact.md +27 -0
icdev/data/hardprompts/simulation/coa_alternative.md +27 -0
icdev/data/hardprompts/simulation/coa_generation.md +25 -0
icdev/data/hardprompts/simulation/compliance_impact.md +28 -0
icdev/data/hardprompts/simulation/cost_estimation.md +33 -0
icdev/data/hardprompts/simulation/risk_assessment.md +28 -0
icdev/data/hardprompts/translation/code_translation.md +68 -0
icdev/data/hardprompts/translation/dependency_suggestion.md +44 -0
icdev/data/hardprompts/translation/test_translation.md +64 -0
icdev/data/hardprompts/translation/translation_repair.md +59 -0
icdev/py.typed +0 -0
icdev/tools/__init__.py +1 -0
icdev/tools/_gen_formatter.py +12 -0
icdev/tools/a2a/__init__.py +1 -0
icdev/tools/a2a/agent_cards/architect.json +43 -0
icdev/tools/a2a/agent_cards/builder.json +50 -0
icdev/tools/a2a/agent_cards/compliance.json +57 -0
icdev/tools/a2a/agent_cards/devsecops.json +71 -0
icdev/tools/a2a/agent_cards/infra.json +57 -0
icdev/tools/a2a/agent_cards/integration.json +57 -0
icdev/tools/a2a/agent_cards/knowledge.json +43 -0
icdev/tools/a2a/agent_cards/mbse.json +57 -0
icdev/tools/a2a/agent_cards/modernization.json +50 -0
icdev/tools/a2a/agent_cards/monitor.json +43 -0
icdev/tools/a2a/agent_cards/orchestrator.json +36 -0
icdev/tools/a2a/agent_cards/requirements_analyst.json +64 -0
icdev/tools/a2a/agent_cards/security.json +50 -0
icdev/tools/a2a/agent_cards/simulation.json +57 -0
icdev/tools/a2a/agent_cards/supply_chain.json +50 -0
icdev/tools/a2a/agent_client.py +349 -0
icdev/tools/a2a/agent_registry.py +412 -0
icdev/tools/a2a/agent_server.py +579 -0
icdev/tools/a2a/task.py +200 -0
icdev/tools/agent/__init__.py +2 -0
icdev/tools/agent/a2a_agent_card_generator.py +285 -0
icdev/tools/agent/a2a_discovery_server.py +250 -0
icdev/tools/agent/agent_executor.py +529 -0
icdev/tools/agent/agent_memory.py +557 -0
icdev/tools/agent/agent_models.py +51 -0
icdev/tools/agent/atlas_critique.py +908 -0
icdev/tools/agent/authority.py +443 -0
icdev/tools/agent/bedrock_client.py +1075 -0
icdev/tools/agent/collaboration.py +871 -0
icdev/tools/agent/dispatcher_mode.py +665 -0
icdev/tools/agent/mailbox.py +575 -0
icdev/tools/agent/prompt_chain_executor.py +1064 -0
icdev/tools/agent/session_purpose.py +350 -0
icdev/tools/agent/skill_router.py +638 -0
icdev/tools/agent/skill_selector.py +486 -0
icdev/tools/agent/team_orchestrator.py +1108 -0
icdev/tools/agent/token_tracker.py +290 -0
icdev/tools/analysis/__init__.py +1 -0
icdev/tools/analysis/code_analyzer.py +780 -0
icdev/tools/analysis/runtime_feedback.py +389 -0
icdev/tools/audit/__init__.py +1 -0
icdev/tools/audit/audit_logger.py +196 -0
icdev/tools/audit/audit_query.py +157 -0
icdev/tools/audit/decision_recorder.py +72 -0
icdev/tools/builder/__init__.py +1 -0
icdev/tools/builder/agentic_fitness.py +534 -0
icdev/tools/builder/agentic_test_templates/test_a2a_callback.py +117 -0
icdev/tools/builder/agentic_test_templates/test_a2a_lifecycle.feature +52 -0
icdev/tools/builder/agentic_test_templates/test_agent_card.feature +37 -0
icdev/tools/builder/agentic_test_templates/test_agent_health.py +128 -0
icdev/tools/builder/agentic_test_templates/test_memory_system.feature +50 -0
icdev/tools/builder/agentic_test_templates/test_skill_execution.feature +40 -0
icdev/tools/builder/app_blueprint.py +1583 -0
icdev/tools/builder/child_app_generator.py +2852 -0
icdev/tools/builder/claude_md_generator.py +1734 -0
icdev/tools/builder/code_generator.py +3703 -0
icdev/tools/builder/db_init_generator.py +1709 -0
icdev/tools/builder/dev_profile_manager.py +954 -0
icdev/tools/builder/formatter.py +768 -0
icdev/tools/builder/goal_adapter.py +592 -0
icdev/tools/builder/gotcha_validator.py +812 -0
icdev/tools/builder/language_support.py +441 -0
icdev/tools/builder/linter.py +976 -0
icdev/tools/builder/profile_detector.py +657 -0
icdev/tools/builder/profile_md_generator.py +723 -0
icdev/tools/builder/scaffolder.py +1590 -0
icdev/tools/builder/scaffolder_extended.py +1771 -0
icdev/tools/builder/test_writer.py +950 -0
icdev/tools/ci/__init__.py +2 -0
icdev/tools/ci/connectors/__init__.py +2 -0
icdev/tools/ci/connectors/base_connector.py +80 -0
icdev/tools/ci/connectors/connector_registry.py +188 -0
icdev/tools/ci/connectors/mattermost_connector.py +159 -0
icdev/tools/ci/connectors/slack_connector.py +197 -0
icdev/tools/ci/core/__init__.py +2 -0
icdev/tools/ci/core/air_gap_detector.py +115 -0
icdev/tools/ci/core/comment_handler.py +192 -0
icdev/tools/ci/core/conversation_manager.py +479 -0
icdev/tools/ci/core/event_envelope.py +500 -0
icdev/tools/ci/core/event_router.py +443 -0
icdev/tools/ci/core/failure_parser.py +397 -0
icdev/tools/ci/core/recovery_engine.py +527 -0
icdev/tools/ci/modules/__init__.py +2 -0
icdev/tools/ci/modules/agent.py +271 -0
icdev/tools/ci/modules/git_ops.py +175 -0
icdev/tools/ci/modules/state.py +117 -0
icdev/tools/ci/modules/vcs.py +303 -0
icdev/tools/ci/modules/workflow_ops.py +295 -0
icdev/tools/ci/modules/worktree.py +340 -0
icdev/tools/ci/pipeline_config_generator.py +558 -0
icdev/tools/ci/triggers/__init__.py +2 -0
icdev/tools/ci/triggers/gitlab_task_monitor.py +330 -0
icdev/tools/ci/triggers/poll_trigger.py +237 -0
icdev/tools/ci/triggers/webhook_server.py +356 -0
icdev/tools/ci/workflows/__init__.py +2 -0
icdev/tools/ci/workflows/icdev_build.py +140 -0
icdev/tools/ci/workflows/icdev_comply.py +284 -0
icdev/tools/ci/workflows/icdev_document.py +152 -0
icdev/tools/ci/workflows/icdev_e2e.py +188 -0
icdev/tools/ci/workflows/icdev_patch.py +186 -0
icdev/tools/ci/workflows/icdev_plan.py +202 -0
icdev/tools/ci/workflows/icdev_plan_build.py +41 -0
icdev/tools/ci/workflows/icdev_plan_build_test.py +46 -0
icdev/tools/ci/workflows/icdev_plan_build_test_review.py +47 -0
icdev/tools/ci/workflows/icdev_review.py +126 -0
icdev/tools/ci/workflows/icdev_sdlc.py +261 -0
icdev/tools/ci/workflows/icdev_test.py +240 -0
icdev/tools/cli/__init__.py +1 -0
icdev/tools/cli/output_formatter.py +756 -0
icdev/tools/cli_formatter.py +42 -0
icdev/tools/cloud/__init__.py +11 -0
icdev/tools/cloud/cloud_mode_manager.py +364 -0
icdev/tools/cloud/csp_changelog.py +383 -0
icdev/tools/cloud/csp_health_checker.py +268 -0
icdev/tools/cloud/csp_monitor.py +951 -0
icdev/tools/cloud/iam_provider.py +593 -0
icdev/tools/cloud/kms_provider.py +346 -0
icdev/tools/cloud/monitoring_provider.py +628 -0
icdev/tools/cloud/provider_factory.py +376 -0
icdev/tools/cloud/region_validator.py +345 -0
icdev/tools/cloud/registry_provider.py +563 -0
icdev/tools/cloud/secrets_provider.py +486 -0
icdev/tools/cloud/storage_provider.py +446 -0
icdev/tools/compat/__init__.py +21 -0
icdev/tools/compat/cli_harmonizer.py +251 -0
icdev/tools/compat/datetime_utils.py +18 -0
icdev/tools/compat/db_utils.py +160 -0
icdev/tools/compat/platform_utils.py +123 -0
icdev/tools/compliance/__init__.py +1 -0
icdev/tools/compliance/accountability_manager.py +397 -0
icdev/tools/compliance/ai_accountability_audit.py +294 -0
icdev/tools/compliance/ai_impact_assessor.py +273 -0
icdev/tools/compliance/ai_incident_response.py +301 -0
icdev/tools/compliance/ai_inventory_manager.py +239 -0
icdev/tools/compliance/ai_reassessment_scheduler.py +256 -0
icdev/tools/compliance/ai_transparency_audit.py +248 -0
icdev/tools/compliance/atlas_assessor.py +278 -0
icdev/tools/compliance/atlas_report_generator.py +1211 -0
icdev/tools/compliance/base_assessor.py +597 -0
icdev/tools/compliance/cato_monitor.py +1385 -0
icdev/tools/compliance/cato_scheduler.py +699 -0
icdev/tools/compliance/cjis_assessor.py +76 -0
icdev/tools/compliance/classification_manager.py +1353 -0
icdev/tools/compliance/cmmc_assessor.py +1491 -0
icdev/tools/compliance/cmmc_report_generator.py +1100 -0
icdev/tools/compliance/compliance_detector.py +463 -0
icdev/tools/compliance/compliance_exporter.py +427 -0
icdev/tools/compliance/compliance_status.py +825 -0
icdev/tools/compliance/control_mapper.py +505 -0
icdev/tools/compliance/crosswalk_engine.py +1203 -0
icdev/tools/compliance/cssp_assessor.py +1045 -0
icdev/tools/compliance/cssp_evidence_collector.py +729 -0
icdev/tools/compliance/cssp_report_generator.py +1116 -0
icdev/tools/compliance/cui_marker.py +388 -0
icdev/tools/compliance/diagram_validator.py +600 -0
icdev/tools/compliance/emass/__init__.py +2 -0
icdev/tools/compliance/emass/emass_client.py +840 -0
icdev/tools/compliance/emass/emass_export.py +777 -0
icdev/tools/compliance/emass/emass_sync.py +826 -0
icdev/tools/compliance/eu_ai_act_classifier.py +194 -0
icdev/tools/compliance/evidence_collector.py +468 -0
icdev/tools/compliance/fairness_assessor.py +316 -0
icdev/tools/compliance/fedramp_assessor.py +1808 -0
icdev/tools/compliance/fedramp_authorization_packager.py +137 -0
icdev/tools/compliance/fedramp_ksi_generator.py +355 -0
icdev/tools/compliance/fedramp_report_generator.py +1128 -0
icdev/tools/compliance/fips199_categorizer.py +881 -0
icdev/tools/compliance/fips200_validator.py +315 -0
icdev/tools/compliance/gao_ai_assessor.py +231 -0
icdev/tools/compliance/gao_evidence_builder.py +308 -0
icdev/tools/compliance/hipaa_assessor.py +78 -0
icdev/tools/compliance/hitrust_assessor.py +49 -0
icdev/tools/compliance/incident_response_plan.py +718 -0
icdev/tools/compliance/iso27001_assessor.py +92 -0
icdev/tools/compliance/iso42001_assessor.py +114 -0
icdev/tools/compliance/ivv_assessor.py +2327 -0
icdev/tools/compliance/ivv_report_generator.py +1662 -0
icdev/tools/compliance/model_card_generator.py +297 -0
icdev/tools/compliance/mosa_assessor.py +117 -0
icdev/tools/compliance/multi_regime_assessor.py +451 -0
icdev/tools/compliance/narrative_generator.py +1013 -0
icdev/tools/compliance/nist_800_207_assessor.py +191 -0
icdev/tools/compliance/nist_ai_600_1_assessor.py +188 -0
icdev/tools/compliance/nist_ai_rmf_assessor.py +110 -0
icdev/tools/compliance/nist_lookup.py +245 -0
icdev/tools/compliance/omb_m25_21_assessor.py +228 -0
icdev/tools/compliance/omb_m26_04_assessor.py +188 -0
icdev/tools/compliance/oscal_catalog_adapter.py +395 -0
icdev/tools/compliance/oscal_generator.py +2170 -0
icdev/tools/compliance/oscal_tools.py +1182 -0
icdev/tools/compliance/owasp_agentic_assessor.py +226 -0
icdev/tools/compliance/owasp_asi_assessor.py +200 -0
icdev/tools/compliance/owasp_llm_assessor.py +244 -0
icdev/tools/compliance/pci_dss_assessor.py +80 -0
icdev/tools/compliance/pi_compliance_tracker.py +1461 -0
icdev/tools/compliance/poam_generator.py +405 -0
icdev/tools/compliance/resolve_marking.py +283 -0
icdev/tools/compliance/sbd_assessor.py +2068 -0
icdev/tools/compliance/sbd_report_generator.py +1236 -0
icdev/tools/compliance/sbom_generator.py +1008 -0
icdev/tools/compliance/siem_config_generator.py +674 -0
icdev/tools/compliance/slsa_attestation_generator.py +490 -0
icdev/tools/compliance/soc2_assessor.py +77 -0
icdev/tools/compliance/ssp_generator.py +573 -0
icdev/tools/compliance/stig_checker.py +727 -0
icdev/tools/compliance/swft_evidence_bundler.py +337 -0
icdev/tools/compliance/system_card_generator.py +309 -0
icdev/tools/compliance/traceability_matrix.py +1281 -0
icdev/tools/compliance/universal_classification_manager.py +1172 -0
icdev/tools/compliance/xacta/__init__.py +2 -0
icdev/tools/compliance/xacta/xacta_client.py +449 -0
icdev/tools/compliance/xacta/xacta_export.py +557 -0
icdev/tools/compliance/xacta/xacta_sync.py +333 -0
icdev/tools/compliance/xai_assessor.py +231 -0
icdev/tools/dashboard/__init__.py +1 -0
icdev/tools/dashboard/api/__init__.py +1 -0
icdev/tools/dashboard/api/_pipeline_state.py +17 -0
icdev/tools/dashboard/api/activity.py +206 -0
icdev/tools/dashboard/api/admin.py +176 -0
icdev/tools/dashboard/api/agents.py +53 -0
icdev/tools/dashboard/api/ai_accountability.py +163 -0
icdev/tools/dashboard/api/ai_transparency.py +198 -0
icdev/tools/dashboard/api/audit.py +58 -0
icdev/tools/dashboard/api/batch.py +666 -0
icdev/tools/dashboard/api/chat.py +241 -0
icdev/tools/dashboard/api/cicd.py +219 -0
icdev/tools/dashboard/api/code_quality.py +223 -0
icdev/tools/dashboard/api/compliance.py +171 -0
icdev/tools/dashboard/api/cpmp.py +915 -0
icdev/tools/dashboard/api/diagrams.py +65 -0
icdev/tools/dashboard/api/events.py +250 -0
icdev/tools/dashboard/api/evidence.py +99 -0
icdev/tools/dashboard/api/fedramp_20x.py +77 -0
icdev/tools/dashboard/api/govcon.py +1095 -0
icdev/tools/dashboard/api/intake.py +1171 -0
icdev/tools/dashboard/api/lineage.py +163 -0
icdev/tools/dashboard/api/metrics.py +155 -0
icdev/tools/dashboard/api/nlq.py +72 -0
icdev/tools/dashboard/api/orchestration.py +472 -0
icdev/tools/dashboard/api/oscal.py +183 -0
icdev/tools/dashboard/api/prod_audit.py +183 -0
icdev/tools/dashboard/api/projects.py +191 -0
icdev/tools/dashboard/api/proposals.py +1084 -0
icdev/tools/dashboard/api/traces.py +363 -0
icdev/tools/dashboard/api/usage.py +234 -0
icdev/tools/dashboard/app.py +1986 -0
icdev/tools/dashboard/auth.py +500 -0
icdev/tools/dashboard/byok.py +245 -0
icdev/tools/dashboard/chat_manager.py +675 -0
icdev/tools/dashboard/config.py +116 -0
icdev/tools/dashboard/diagram_definitions.py +642 -0
icdev/tools/dashboard/nlq_processor.py +323 -0
icdev/tools/dashboard/phase_loader.py +136 -0
icdev/tools/dashboard/sse_manager.py +89 -0
icdev/tools/dashboard/state_tracker.py +267 -0
icdev/tools/dashboard/static/css/style.css +706 -0
icdev/tools/dashboard/static/css/ux.css +2047 -0
icdev/tools/dashboard/static/js/activity.js +322 -0
icdev/tools/dashboard/static/js/api.js +161 -0
icdev/tools/dashboard/static/js/batch.js +814 -0
icdev/tools/dashboard/static/js/charts.js +618 -0
icdev/tools/dashboard/static/js/chat.js +1514 -0
icdev/tools/dashboard/static/js/kanban.js +113 -0
icdev/tools/dashboard/static/js/live.js +569 -0
icdev/tools/dashboard/static/js/mermaid-icdev.js +332 -0
icdev/tools/dashboard/static/js/proposals.js +588 -0
icdev/tools/dashboard/static/js/shortcuts.js +544 -0
icdev/tools/dashboard/static/js/tables.js +652 -0
icdev/tools/dashboard/static/js/tour.js +524 -0
icdev/tools/dashboard/static/js/ux.js +942 -0
icdev/tools/dashboard/templates/404.html +10 -0
icdev/tools/dashboard/templates/activity.html +80 -0
icdev/tools/dashboard/templates/admin/users.html +144 -0
icdev/tools/dashboard/templates/ai_accountability.html +235 -0
icdev/tools/dashboard/templates/ai_transparency.html +263 -0
icdev/tools/dashboard/templates/base.html +104 -0
icdev/tools/dashboard/templates/batch.html +23 -0
icdev/tools/dashboard/templates/chat.html +332 -0
icdev/tools/dashboard/templates/children.html +149 -0
icdev/tools/dashboard/templates/cicd.html +253 -0
icdev/tools/dashboard/templates/code_quality.html +214 -0
icdev/tools/dashboard/templates/cpmp/cor_detail.html +220 -0
icdev/tools/dashboard/templates/cpmp/cor_portal.html +91 -0
icdev/tools/dashboard/templates/cpmp/deliverable_detail.html +197 -0
icdev/tools/dashboard/templates/cpmp/detail.html +578 -0
icdev/tools/dashboard/templates/cpmp/portfolio.html +202 -0
icdev/tools/dashboard/templates/dev_profiles.html +304 -0
icdev/tools/dashboard/templates/diagrams.html +224 -0
icdev/tools/dashboard/templates/events/timeline.html +232 -0
icdev/tools/dashboard/templates/evidence.html +134 -0
icdev/tools/dashboard/templates/fedramp_20x.html +207 -0
icdev/tools/dashboard/templates/gateway.html +244 -0
icdev/tools/dashboard/templates/govcon/capabilities.html +135 -0
icdev/tools/dashboard/templates/govcon/pipeline.html +214 -0
icdev/tools/dashboard/templates/govcon/requirements.html +120 -0
icdev/tools/dashboard/templates/index.html +254 -0
icdev/tools/dashboard/templates/lineage.html +141 -0
icdev/tools/dashboard/templates/login.html +51 -0
icdev/tools/dashboard/templates/monitoring/overview.html +193 -0
icdev/tools/dashboard/templates/orchestration/dashboard.html +545 -0
icdev/tools/dashboard/templates/oscal.html +263 -0
icdev/tools/dashboard/templates/phases.html +150 -0
icdev/tools/dashboard/templates/prod_audit.html +280 -0
icdev/tools/dashboard/templates/profile.html +183 -0
icdev/tools/dashboard/templates/projects/detail.html +583 -0
icdev/tools/dashboard/templates/projects/list.html +47 -0
icdev/tools/dashboard/templates/proposals/detail.html +1253 -0
icdev/tools/dashboard/templates/proposals/list.html +179 -0
icdev/tools/dashboard/templates/proposals/section_detail.html +193 -0
icdev/tools/dashboard/templates/provenance.html +181 -0
icdev/tools/dashboard/templates/query/nlq.html +234 -0
icdev/tools/dashboard/templates/quick_paths.html +69 -0
icdev/tools/dashboard/templates/traces.html +155 -0
icdev/tools/dashboard/templates/translation_detail.html +199 -0
icdev/tools/dashboard/templates/translations.html +162 -0
icdev/tools/dashboard/templates/usage.html +225 -0
icdev/tools/dashboard/templates/wizard.html +539 -0
icdev/tools/dashboard/templates/xai.html +208 -0
icdev/tools/dashboard/ux_helpers.py +962 -0
icdev/tools/dashboard/websocket.py +81 -0
icdev/tools/db/__init__.py +1 -0
icdev/tools/db/backup.py +312 -0
icdev/tools/db/backup_manager.py +832 -0
icdev/tools/db/init_icdev_db.py +5900 -0
icdev/tools/db/migrate.py +178 -0
icdev/tools/db/migration_runner.py +549 -0
icdev/tools/db/migrations/001_baseline/meta.json +9 -0
icdev/tools/db/migrations/001_baseline/up.py +68 -0
icdev/tools/db/migrations/002_memory_enhancements/down.sql +8 -0
icdev/tools/db/migrations/002_memory_enhancements/meta.json +9 -0
icdev/tools/db/migrations/002_memory_enhancements/up.py +118 -0
icdev/tools/db/migrations/003_dev_profiles/meta.json +8 -0
icdev/tools/db/migrations/003_dev_profiles/up.py +93 -0
icdev/tools/db/migrations/004_innovation_engine/down.py +19 -0
icdev/tools/db/migrations/004_innovation_engine/up.py +227 -0
icdev/tools/db/migrations/005_phase_37_ai_security/down.py +19 -0
icdev/tools/db/migrations/005_phase_37_ai_security/up.py +258 -0
icdev/tools/db/migrations/006_phase_36_evolution/down.py +21 -0
icdev/tools/db/migrations/006_phase_36_evolution/up.py +323 -0
icdev/tools/db/migrations/007_phase_38_cloud/down.py +14 -0
icdev/tools/db/migrations/007_phase_38_cloud/up.py +110 -0
icdev/tools/db/migrations/008_phase36_37_integration/up.py +55 -0
icdev/tools/db/migrations/__init__.py +2 -0
icdev/tools/devsecops/__init__.py +2 -0
icdev/tools/devsecops/attestation_manager.py +458 -0
icdev/tools/devsecops/network_segmentation_generator.py +614 -0
icdev/tools/devsecops/pdp_config_generator.py +1256 -0
icdev/tools/devsecops/pipeline_security_generator.py +484 -0
icdev/tools/devsecops/policy_generator.py +653 -0
icdev/tools/devsecops/profile_manager.py +388 -0
icdev/tools/devsecops/service_mesh_generator.py +1073 -0
icdev/tools/devsecops/zta_maturity_scorer.py +368 -0
icdev/tools/devsecops/zta_terraform_generator.py +1303 -0
icdev/tools/dx/__init__.py +3 -0
icdev/tools/dx/companion.py +266 -0
icdev/tools/dx/instruction_generator.py +753 -0
icdev/tools/dx/mcp_config_generator.py +282 -0
icdev/tools/dx/skill_translator.py +425 -0
icdev/tools/dx/tool_detector.py +144 -0
icdev/tools/extensions/__init__.py +21 -0
icdev/tools/extensions/builtins/010_ai_governance_chat.py +277 -0
icdev/tools/extensions/builtins/__init__.py +2 -0
icdev/tools/extensions/extension_manager.py +455 -0
icdev/tools/infra/__init__.py +1 -0
icdev/tools/infra/ansible_generator.py +869 -0
icdev/tools/infra/dockerfile_generator.py +361 -0
icdev/tools/infra/infra_status.py +393 -0
icdev/tools/infra/ironbank_metadata_generator.py +411 -0
icdev/tools/infra/k8s_generator.py +1002 -0
icdev/tools/infra/pipeline_generator.py +832 -0
icdev/tools/infra/rollback.py +400 -0
icdev/tools/infra/terraform_generator.py +1142 -0
icdev/tools/infra/terraform_generator_azure.py +1254 -0
icdev/tools/infra/terraform_generator_gcp.py +953 -0
icdev/tools/infra/terraform_generator_ibm.py +360 -0
icdev/tools/infra/terraform_generator_oci.py +919 -0
icdev/tools/infra/terraform_generator_onprem.py +319 -0
icdev/tools/innovation/__init__.py +8 -0
icdev/tools/innovation/competitive_intel.py +492 -0
icdev/tools/innovation/innovation_manager.py +681 -0
icdev/tools/innovation/introspective_analyzer.py +774 -0
icdev/tools/innovation/register_external_patterns.py +440 -0
icdev/tools/innovation/signal_ranker.py +1038 -0
icdev/tools/innovation/solution_generator.py +697 -0
icdev/tools/innovation/standards_monitor.py +466 -0
icdev/tools/innovation/trend_detector.py +1046 -0
icdev/tools/innovation/triage_engine.py +1149 -0
icdev/tools/innovation/web_scanner.py +894 -0
icdev/tools/installer/__init__.py +1 -0
icdev/tools/installer/compliance_configurator.py +637 -0
icdev/tools/installer/installer.py +1711 -0
icdev/tools/installer/module_registry.py +805 -0
icdev/tools/installer/platform_setup.py +961 -0
icdev/tools/integration/__init__.py +2 -0
icdev/tools/integration/approval_manager.py +561 -0
icdev/tools/integration/doors_exporter.py +627 -0
icdev/tools/integration/gitlab_connector.py +784 -0
icdev/tools/integration/jira_connector.py +774 -0
icdev/tools/integration/servicenow_connector.py +693 -0
icdev/tools/knowledge/__init__.py +1 -0
icdev/tools/knowledge/knowledge_ingest.py +293 -0
icdev/tools/knowledge/pattern_detector.py +693 -0
icdev/tools/knowledge/recommendation_engine.py +461 -0
icdev/tools/knowledge/self_heal_analyzer.py +504 -0
icdev/tools/llm/__init__.py +72 -0
icdev/tools/llm/anthropic_provider.py +170 -0
icdev/tools/llm/azure_openai_provider.py +338 -0
icdev/tools/llm/bedrock_provider.py +315 -0
icdev/tools/llm/embedding_provider.py +438 -0
icdev/tools/llm/gemini_provider.py +381 -0
icdev/tools/llm/ibm_watsonx_provider.py +232 -0
icdev/tools/llm/oci_genai_provider.py +462 -0
icdev/tools/llm/ollama_provider.py +340 -0
icdev/tools/llm/openai_provider.py +225 -0
icdev/tools/llm/provider.py +355 -0
icdev/tools/llm/provider_sdk.py +175 -0
icdev/tools/llm/router.py +780 -0
icdev/tools/llm/vertex_ai_provider.py +374 -0
icdev/tools/maintenance/__init__.py +2 -0
icdev/tools/maintenance/dependency_scanner.py +1030 -0
icdev/tools/maintenance/maintenance_auditor.py +815 -0
icdev/tools/maintenance/remediation_engine.py +966 -0
icdev/tools/maintenance/vulnerability_checker.py +987 -0
icdev/tools/mbse/__init__.py +3 -0
icdev/tools/mbse/des_assessor.py +1186 -0
icdev/tools/mbse/des_report_generator.py +800 -0
icdev/tools/mbse/diagram_extractor.py +811 -0
icdev/tools/mbse/digital_thread.py +1665 -0
icdev/tools/mbse/model_code_generator.py +1122 -0
icdev/tools/mbse/model_control_mapper.py +420 -0
icdev/tools/mbse/pi_model_tracker.py +1093 -0
icdev/tools/mbse/reqif_parser.py +1483 -0
icdev/tools/mbse/sync_engine.py +1805 -0
icdev/tools/mbse/xmi_parser.py +1573 -0
icdev/tools/mcp/__init__.py +1 -0
icdev/tools/mcp/base_server.py +535 -0
icdev/tools/mcp/builder_server.py +725 -0
icdev/tools/mcp/compliance_server.py +1407 -0
icdev/tools/mcp/context_indexer.py +199 -0
icdev/tools/mcp/context_server.py +305 -0
icdev/tools/mcp/core_server.py +679 -0
icdev/tools/mcp/devsecops_server.py +432 -0
icdev/tools/mcp/gap_handlers.py +1079 -0
icdev/tools/mcp/gateway_server.py +339 -0
icdev/tools/mcp/generate_registry.py +623 -0
icdev/tools/mcp/infra_server.py +264 -0
icdev/tools/mcp/innovation_server.py +316 -0
icdev/tools/mcp/integration_server.py +527 -0
icdev/tools/mcp/knowledge_server.py +429 -0
icdev/tools/mcp/maintenance_server.py +248 -0
icdev/tools/mcp/marketplace_server.py +499 -0
icdev/tools/mcp/mbse_server.py +398 -0
icdev/tools/mcp/modernization_server.py +496 -0
icdev/tools/mcp/observability_server.py +354 -0
icdev/tools/mcp/requirements_server.py +415 -0
icdev/tools/mcp/simulation_server.py +468 -0
icdev/tools/mcp/standalone/__init__.py +2 -0
icdev/tools/mcp/standalone/builder.py +59 -0
icdev/tools/mcp/standalone/compliance.py +59 -0
icdev/tools/mcp/standalone/core.py +59 -0
icdev/tools/mcp/standalone/knowledge.py +59 -0
icdev/tools/mcp/standalone/maintenance.py +59 -0
icdev/tools/mcp/supply_chain_server.py +476 -0
icdev/tools/mcp/tool_registry.py +2008 -0
icdev/tools/mcp/unified_server.py +158 -0
icdev/tools/memory/__init__.py +2 -0
icdev/tools/memory/auto_capture.py +347 -0
icdev/tools/memory/embed_memory.py +158 -0
icdev/tools/memory/history_compressor.py +334 -0
icdev/tools/memory/hybrid_search.py +236 -0
icdev/tools/memory/maintenance_cron.py +289 -0
icdev/tools/memory/memory_consolidation.py +444 -0
icdev/tools/memory/memory_db.py +133 -0
icdev/tools/memory/memory_read.py +102 -0
icdev/tools/memory/memory_write.py +222 -0
icdev/tools/memory/semantic_search.py +139 -0
icdev/tools/memory/time_decay.py +435 -0
icdev/tools/modernization/__init__.py +3 -0
icdev/tools/modernization/architecture_extractor.py +734 -0
icdev/tools/modernization/compliance_bridge.py +1499 -0
icdev/tools/modernization/db_migration_planner.py +1385 -0
icdev/tools/modernization/doc_generator.py +1428 -0
icdev/tools/modernization/framework_migrator.py +1525 -0
icdev/tools/modernization/legacy_analyzer.py +1948 -0
icdev/tools/modernization/migration_code_generator.py +1639 -0
icdev/tools/modernization/migration_report_generator.py +1653 -0
icdev/tools/modernization/migration_tracker.py +1726 -0
icdev/tools/modernization/monolith_decomposer.py +1508 -0
icdev/tools/modernization/seven_r_assessor.py +1658 -0
icdev/tools/modernization/strangler_fig_manager.py +1705 -0
icdev/tools/modernization/ui_analyzer.py +771 -0
icdev/tools/modernization/version_migrator.py +1392 -0
icdev/tools/monitor/__init__.py +1 -0
icdev/tools/monitor/alert_correlator.py +495 -0
icdev/tools/monitor/auto_resolver.py +612 -0
icdev/tools/monitor/health_checker.py +509 -0
icdev/tools/monitor/heartbeat_daemon.py +792 -0
icdev/tools/monitor/log_analyzer.py +516 -0
icdev/tools/monitor/metric_collector.py +496 -0
icdev/tools/mosa/__init__.py +10 -0
icdev/tools/mosa/icd_generator.py +370 -0
icdev/tools/mosa/modular_design_analyzer.py +683 -0
icdev/tools/mosa/mosa_code_enforcer.py +349 -0
icdev/tools/mosa/tsp_generator.py +265 -0
icdev/tools/observability/__init__.py +100 -0
icdev/tools/observability/genai_attributes.py +88 -0
icdev/tools/observability/instrumentation.py +140 -0
icdev/tools/observability/mlflow_exporter.py +194 -0
icdev/tools/observability/otel_tracer.py +168 -0
icdev/tools/observability/provenance/__init__.py +3 -0
icdev/tools/observability/provenance/prov_recorder.py +324 -0
icdev/tools/observability/shap/__init__.py +3 -0
icdev/tools/observability/shap/agent_shap.py +275 -0
icdev/tools/observability/sqlite_tracer.py +361 -0
icdev/tools/observability/trace_context.py +205 -0
icdev/tools/observability/tracer.py +230 -0
icdev/tools/orchestration/__init__.py +2 -0
icdev/tools/orchestration/workflow_composer.py +361 -0
icdev/tools/project/__init__.py +1 -0
icdev/tools/project/manifest_loader.py +418 -0
icdev/tools/project/project_create.py +350 -0
icdev/tools/project/project_list.py +174 -0
icdev/tools/project/project_scaffold.py +1715 -0
icdev/tools/project/project_status.py +479 -0
icdev/tools/project/session_context_builder.py +757 -0
icdev/tools/project/validate_manifest.py +55 -0
icdev/tools/registry/__init__.py +10 -0
icdev/tools/registry/absorption_engine.py +832 -0
icdev/tools/registry/capability_evaluator.py +668 -0
icdev/tools/registry/child_registry.py +617 -0
icdev/tools/registry/cross_pollinator.py +1065 -0
icdev/tools/registry/genome_manager.py +671 -0
icdev/tools/registry/learning_collector.py +912 -0
icdev/tools/registry/propagation_manager.py +942 -0
icdev/tools/registry/staging_manager.py +742 -0
icdev/tools/registry/telemetry_collector.py +423 -0
icdev/tools/requirements/__init__.py +1 -0
icdev/tools/requirements/ai_governance_scorer.py +208 -0
icdev/tools/requirements/boundary_analyzer.py +1293 -0
icdev/tools/requirements/clarification_engine.py +618 -0
icdev/tools/requirements/complexity_scorer.py +387 -0
icdev/tools/requirements/consistency_analyzer.py +803 -0
icdev/tools/requirements/constitution_manager.py +605 -0
icdev/tools/requirements/decomposition_engine.py +778 -0
icdev/tools/requirements/document_extractor.py +1016 -0
icdev/tools/requirements/elicitation_techniques.py +519 -0
icdev/tools/requirements/gap_detector.py +271 -0
icdev/tools/requirements/intake_engine.py +2188 -0
icdev/tools/requirements/prd_generator.py +847 -0
icdev/tools/requirements/prd_validator.py +595 -0
icdev/tools/requirements/readiness_scorer.py +313 -0
icdev/tools/requirements/spec_organizer.py +1029 -0
icdev/tools/requirements/spec_quality_checker.py +1097 -0
icdev/tools/requirements/traceability_builder.py +579 -0
icdev/tools/resilience/__init__.py +34 -0
icdev/tools/resilience/circuit_breaker.py +340 -0
icdev/tools/resilience/correlation.py +150 -0
icdev/tools/resilience/errors.py +81 -0
icdev/tools/resilience/retry.py +95 -0
icdev/tools/schemas/__init__.py +27 -0
icdev/tools/schemas/chat.py +61 -0
icdev/tools/schemas/compliance.py +56 -0
icdev/tools/schemas/core.py +85 -0
icdev/tools/schemas/innovation.py +37 -0
icdev/tools/schemas/validation.py +109 -0
icdev/tools/sdk/__init__.py +3 -0
icdev/tools/sdk/icdev_client.py +218 -0
icdev/tools/security/__init__.py +1 -0
icdev/tools/security/agent_output_validator.py +330 -0
icdev/tools/security/agent_trust_scorer.py +466 -0
icdev/tools/security/ai_bom_generator.py +725 -0
icdev/tools/security/ai_telemetry_logger.py +469 -0
icdev/tools/security/atlas_red_team.py +543 -0
icdev/tools/security/code_pattern_scanner.py +378 -0
icdev/tools/security/confabulation_detector.py +271 -0
icdev/tools/security/container_scanner.py +491 -0
icdev/tools/security/dependency_auditor.py +944 -0
icdev/tools/security/endpoint_security_scanner.py +579 -0
icdev/tools/security/mcp_tool_authorizer.py +243 -0
icdev/tools/security/prompt_injection_detector.py +737 -0
icdev/tools/security/sast_runner.py +948 -0
icdev/tools/security/secret_detector.py +378 -0
icdev/tools/security/tool_chain_validator.py +357 -0
icdev/tools/security/vuln_scanner.py +539 -0
icdev/tools/simulation/__init__.py +2 -0
icdev/tools/simulation/coa_generator.py +1552 -0
icdev/tools/simulation/monte_carlo.py +758 -0
icdev/tools/simulation/scenario_manager.py +1073 -0
icdev/tools/simulation/simulation_engine.py +1104 -0
icdev/tools/supply_chain/__init__.py +2 -0
icdev/tools/supply_chain/cve_triager.py +705 -0
icdev/tools/supply_chain/dependency_graph.py +645 -0
icdev/tools/supply_chain/isa_manager.py +540 -0
icdev/tools/supply_chain/scrm_assessor.py +546 -0
icdev/tools/testing/__init__.py +2 -0
icdev/tools/testing/acceptance_validator.py +411 -0
icdev/tools/testing/claude_dir_validator.py +831 -0
icdev/tools/testing/data_types.py +199 -0
icdev/tools/testing/e2e_runner.py +715 -0
icdev/tools/testing/fuzz_cli.py +306 -0
icdev/tools/testing/health_check.py +483 -0
icdev/tools/testing/platform_check.py +143 -0
icdev/tools/testing/production_audit.py +1862 -0
icdev/tools/testing/production_remediate.py +804 -0
icdev/tools/testing/screenshot_validator.py +539 -0
icdev/tools/testing/smoke_test.py +283 -0
icdev/tools/testing/test_agent_models.py +117 -0
icdev/tools/testing/test_orchestrator.py +957 -0
icdev/tools/testing/utils.py +229 -0
icdev/tools/translation/__init__.py +17 -0
icdev/tools/translation/code_translator.py +550 -0
icdev/tools/translation/dependency_mapper.py +277 -0
icdev/tools/translation/feature_map.py +395 -0
icdev/tools/translation/project_assembler.py +439 -0
icdev/tools/translation/source_extractor.py +609 -0
icdev/tools/translation/test_translator.py +333 -0
icdev/tools/translation/translation_manager.py +582 -0
icdev/tools/translation/translation_validator.py +662 -0
icdev/tools/translation/type_checker.py +371 -0
icdev-1.0.0.dist-info/METADATA +868 -0
icdev-1.0.0.dist-info/RECORD +1105 -0
icdev-1.0.0.dist-info/WHEEL +5 -0
icdev-1.0.0.dist-info/entry_points.txt +9 -0
icdev-1.0.0.dist-info/licenses/LICENSE +254 -0
icdev-1.0.0.dist-info/licenses/NOTICE +268 -0
icdev-1.0.0.dist-info/top_level.txt +1 -0

icdev/tools/installer/installer.py ADDED Viewed

@@ -0,0 +1,1711 @@
+# [TEMPLATE: CUI // SP-CTI]
+#!/usr/bin/env python3
+"""ICDEV Modular Installer — central CLI for configuring and installing ICDEV.
+Supports three modes of operation:
+1. **Interactive wizard** (``--interactive``):
+   Guided 6-step terminal wizard that walks users through organization type,
+   team size, compliance posture, deployment target, and optional modules.
+2. **Profile-based** (``--profile <name>``):
+   Non-interactive installation driven by a deployment profile from
+   ``args/deployment_profiles.yaml``, with optional CLI overrides for
+   compliance frameworks and platform.
+3. **Upgrade / add-module** (``--upgrade``, ``--add-module``, ``--add-compliance``,
+   ``--status``):
+   Post-install operations to extend an existing installation with additional
+   modules or compliance frameworks.
+All modes support ``--dry-run`` to preview changes without executing them,
+``--json`` for machine-readable output, and ``--human`` for colorized terminal
+output.
+Dependencies: Python stdlib only (json, pathlib, argparse, sqlite3, re,
+datetime).  PyYAML used when available but not required.
+CLI::
+    # Interactive wizard
+    python tools/installer/installer.py --interactive
+    # Profile-based
+    python tools/installer/installer.py --profile dod_team
+    python tools/installer/installer.py --profile dod_team --compliance fedramp_high,cmmc --platform k8s
+    # Upgrade / add
+    python tools/installer/installer.py --upgrade
+    python tools/installer/installer.py --add-module marketplace
+    python tools/installer/installer.py --add-compliance hipaa
+    python tools/installer/installer.py --status
+    python tools/installer/installer.py --status --json
+    # Dry run
+    python tools/installer/installer.py --profile dod_team --dry-run
+"""
+from __future__ import annotations
+import argparse
+import json
+import re
+import sqlite3
+import sys
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Any, Dict, List, Optional, Set, Tuple
+from icdev._paths import get_project_root
+# ---------------------------------------------------------------------------
+# Path resolution
+# ---------------------------------------------------------------------------
+BASE_DIR = get_project_root()
+DATA_DIR = BASE_DIR / "data"
+DB_PATH = DATA_DIR / "icdev.db"
+MANIFEST_PATH = BASE_DIR / "args" / "installation_manifest.yaml"
+PROFILES_PATH = BASE_DIR / "args" / "deployment_profiles.yaml"
+CUI_MARKINGS_PATH = BASE_DIR / "args" / "cui_markings.yaml"
+REGISTRY_PATH = DATA_DIR / "installation.json"
+# Ensure BASE_DIR is on sys.path so that ``from tools.xxx import ...`` works
+# when invoked directly (consistent with other ICDEV CLI tools).
+if str(BASE_DIR) not in sys.path:
+    sys.path.insert(0, str(BASE_DIR))
+# ---------------------------------------------------------------------------
+# Lazy imports — keep module-level import list minimal so that the installer
+# can be imported even when sibling modules are not yet installed.
+# ---------------------------------------------------------------------------
+def _get_module_registry():
+    """Import and return the ModuleRegistry class."""
+    from icdev.tools.installer.module_registry import ModuleRegistry
+    return ModuleRegistry
+def _get_compliance_configurator():
+    """Import and return the ComplianceConfigurator class."""
+    from icdev.tools.installer.compliance_configurator import ComplianceConfigurator
+    return ComplianceConfigurator
+# ---------------------------------------------------------------------------
+# Lightweight YAML loader (mirrors module_registry.py pattern)
+# ---------------------------------------------------------------------------
+def _load_yaml(path: Path) -> Dict[str, Any]:
+    """Load a YAML file, falling back to a minimal parser if PyYAML is absent."""
+    try:
+        import yaml  # type: ignore
+        with open(path, "r", encoding="utf-8") as fh:
+            return yaml.safe_load(fh) or {}
+    except ImportError:
+        pass
+    # Minimal fallback — sufficient for the flat/nested structures in the
+    # deployment_profiles and installation_manifest files.
+    result: Dict[str, Any] = {}
+    if not path.exists():
+        return result
+    with open(path, "r", encoding="utf-8") as fh:
+        lines = fh.readlines()
+    stack: List[Tuple[int, str, Dict]] = []  # (indent, key, dict_ref)
+    current: Dict[str, Any] = result
+    for line in lines:
+        stripped = line.rstrip()
+        if not stripped or stripped.lstrip().startswith("#"):
+            continue
+        indent = len(line) - len(line.lstrip())
+        content = stripped.lstrip()
+        # Pop stack to correct nesting level
+        while stack and stack[-1][0] >= indent:
+            stack.pop()
+        if stack:
+            current = stack[-1][2]
+        else:
+            current = result
+        # List item
+        if content.startswith("- "):
+            item = content[2:].strip()
+            # Find parent key
+            if stack:
+                parent_key = stack[-1][1]
+                parent_dict = stack[-2][2] if len(stack) > 1 else result
+                existing = parent_dict.get(parent_key)
+                if not isinstance(existing, list):
+                    parent_dict[parent_key] = []
+                parent_dict[parent_key].append(item)
+            continue
+        # Key: value pair
+        if ":" in content:
+            key, _, val = content.partition(":")
+            key = key.strip().strip('"').strip("'")
+            val = val.strip().strip('"').strip("'")
+            if val.startswith("[") and val.endswith("]"):
+                # Inline list: [a, b, c]
+                items = [
+                    v.strip().strip('"').strip("'")
+                    for v in val[1:-1].split(",")
+                    if v.strip()
+                ]
+                current[key] = items
+            elif val:
+                # Scalar value
+                if val.lower() == "true":
+                    current[key] = True
+                elif val.lower() == "false":
+                    current[key] = False
+                else:
+                    current[key] = val
+            else:
+                # Nested mapping — create empty dict and push to stack
+                current[key] = {}
+                stack.append((indent, key, current[key]))
+                current = current[key]
+                continue
+            # Non-nested key — still push for potential list children
+            stack.append((indent, key, current))
+    return result
+# ---------------------------------------------------------------------------
+# ModularDBInitializer
+# ---------------------------------------------------------------------------
+class ModularDBInitializer:
+    """Selectively initialize database tables based on installed modules.
+    Instead of running the full 143-table init_icdev_db.py monolith, this
+    class reads the ``db_table_groups`` mapping from the installation manifest
+    and creates only the tables required by the selected modules.
+    This is strictly additive — existing tables are never dropped.
+    """
+    def __init__(
+        self,
+        manifest_path: Optional[Path] = None,
+        db_path: Optional[Path] = None,
+    ) -> None:
+        self.manifest_path = manifest_path or MANIFEST_PATH
+        self.db_path = db_path or DB_PATH
+        self._manifest = _load_yaml(self.manifest_path) if self.manifest_path.exists() else {}
+        self._schema_sql: Optional[str] = None
+    # ------------------------------------------------------------------
+    # Schema SQL extraction
+    # ------------------------------------------------------------------
+    def _load_schema_sql(self) -> str:
+        """Load the full SCHEMA_SQL string from init_icdev_db.py."""
+        if self._schema_sql is not None:
+            return self._schema_sql
+        init_path = BASE_DIR / "tools" / "db" / "init_icdev_db.py"
+        if not init_path.exists():
+            self._schema_sql = ""
+            return self._schema_sql
+        # Import SCHEMA_SQL from the module
+        try:
+            import importlib.util
+            spec = importlib.util.spec_from_file_location("init_icdev_db", str(init_path))
+            if spec and spec.loader:
+                mod = importlib.util.module_from_spec(spec)
+                spec.loader.exec_module(mod)  # type: ignore[union-attr]
+                self._schema_sql = getattr(mod, "SCHEMA_SQL", "")
+            else:
+                self._schema_sql = ""
+        except Exception:
+            self._schema_sql = ""
+        return self._schema_sql
+    def _extract_create_statements(self, table_names: List[str]) -> List[str]:
+        """Extract CREATE TABLE IF NOT EXISTS statements for specific tables.
+        Parses the full SCHEMA_SQL to find the complete CREATE TABLE statement
+        for each requested table name.
+        """
+        schema = self._load_schema_sql()
+        if not schema:
+            return []
+        statements: List[str] = []
+        # Split on CREATE TABLE boundaries
+        pattern = re.compile(
+            r"(CREATE\s+TABLE\s+IF\s+NOT\s+EXISTS\s+(\w+)\s*\(.*?\);)",
+            re.DOTALL | re.IGNORECASE,
+        )
+        for match in pattern.finditer(schema):
+            full_stmt = match.group(1)
+            tbl_name = match.group(2)
+            if tbl_name in table_names:
+                statements.append(full_stmt)
+        # Also extract CREATE INDEX statements for matched tables
+        idx_pattern = re.compile(
+            r"(CREATE\s+INDEX\s+IF\s+NOT\s+EXISTS\s+\w+\s+ON\s+(\w+)\s*\(.*?\);)",
+            re.DOTALL | re.IGNORECASE,
+        )
+        for match in idx_pattern.finditer(schema):
+            idx_stmt = match.group(1)
+            idx_table = match.group(2)
+            if idx_table in table_names:
+                statements.append(idx_stmt)
+        return statements
+    def _resolve_table_groups(self, module_ids: List[str]) -> List[str]:
+        """Resolve module IDs to a deduplicated list of table names.
+        Uses the ``db_table_groups`` section of the installation manifest to
+        map module -> group IDs -> table names.
+        """
+        modules_cfg = self._manifest.get("modules", {})
+        table_groups_cfg = self._manifest.get("db_table_groups", {})
+        # Collect all group IDs needed
+        group_ids: List[str] = []
+        for mod_id in module_ids:
+            mod_def = modules_cfg.get(mod_id, {})
+            groups = mod_def.get("db_table_groups", [])
+            if isinstance(groups, str):
+                groups = [groups]
+            for g in groups:
+                if g and g not in group_ids:
+                    group_ids.append(g)
+        # Resolve group IDs to table names
+        table_names: List[str] = []
+        for gid in group_ids:
+            group_def = table_groups_cfg.get(gid, {})
+            tables = group_def.get("tables", [])
+            if isinstance(tables, str):
+                tables = [tables]
+            for t in tables:
+                if t and t not in table_names:
+                    table_names.append(t)
+        return table_names
+    def initialize(
+        self,
+        module_ids: List[str],
+        dry_run: bool = False,
+    ) -> Dict[str, Any]:
+        """Create database tables required by the given modules.
+        Args:
+            module_ids: List of module IDs to initialize tables for.
+            dry_run: If True, return the plan without executing.
+        Returns:
+            Dict with ``tables_created``, ``sql_statements`` (dry-run),
+            and ``db_path``.
+        """
+        table_names = self._resolve_table_groups(module_ids)
+        if not table_names:
+            return {
+                "tables_created": [],
+                "table_count": 0,
+                "db_path": str(self.db_path),
+                "dry_run": dry_run,
+            }
+        statements = self._extract_create_statements(table_names)
+        if dry_run:
+            return {
+                "tables_planned": table_names,
+                "table_count": len(table_names),
+                "sql_statement_count": len(statements),
+                "db_path": str(self.db_path),
+                "dry_run": True,
+            }
+        # Execute the SQL
+        self.db_path.parent.mkdir(parents=True, exist_ok=True)
+        conn = sqlite3.connect(str(self.db_path))
+        tables_created: List[str] = []
+        try:
+            for stmt in statements:
+                try:
+                    conn.execute(stmt)
+                except sqlite3.OperationalError:
+                    pass  # Table/index already exists or other benign error
+            conn.commit()
+            # Verify which tables now exist
+            cursor = conn.execute(
+                "SELECT name FROM sqlite_master WHERE type='table' ORDER BY name"
+            )
+            existing_tables = {row[0] for row in cursor.fetchall()}
+            tables_created = [t for t in table_names if t in existing_tables]
+        finally:
+            conn.close()
+        return {
+            "tables_created": tables_created,
+            "table_count": len(tables_created),
+            "db_path": str(self.db_path),
+            "dry_run": False,
+        }
+# ---------------------------------------------------------------------------
+# Profile and manifest loaders
+# ---------------------------------------------------------------------------
+def _load_profiles() -> Dict[str, Any]:
+    """Load deployment profiles from YAML."""
+    if not PROFILES_PATH.exists():
+        return {}
+    return _load_yaml(PROFILES_PATH)
+def _load_manifest() -> Dict[str, Any]:
+    """Load installation manifest from YAML."""
+    if not MANIFEST_PATH.exists():
+        return {}
+    return _load_yaml(MANIFEST_PATH)
+def _get_all_module_ids(manifest: Dict[str, Any]) -> List[str]:
+    """Return all module IDs from the manifest."""
+    modules = manifest.get("modules", {})
+    return list(modules.keys())
+def _get_all_compliance_ids(manifest: Dict[str, Any]) -> List[str]:
+    """Return module IDs that are compliance posture modules."""
+    modules = manifest.get("modules", {})
+    return [
+        mod_id for mod_id, mod_def in modules.items()
+        if isinstance(mod_def, dict) and mod_def.get("compliance_posture")
+    ]
+def _get_required_module_ids(manifest: Dict[str, Any]) -> List[str]:
+    """Return module IDs that are required (always installed)."""
+    modules = manifest.get("modules", {})
+    return [
+        mod_id for mod_id, mod_def in modules.items()
+        if isinstance(mod_def, dict) and mod_def.get("required")
+    ]
+# ---------------------------------------------------------------------------
+# Topological sort for dependency resolution
+# ---------------------------------------------------------------------------
+def _topological_sort(
+    module_ids: List[str],
+    manifest: Dict[str, Any],
+) -> List[str]:
+    """Resolve and topologically sort modules by their dependencies.
+    Automatically includes transitive dependencies.  Returns modules in
+    install order (dependencies first).
+    Raises:
+        ValueError: If a circular dependency is detected.
+    """
+    modules_cfg = manifest.get("modules", {})
+    # Build full set including transitive deps
+    required: Set[str] = set()
+    queue = list(module_ids)
+    while queue:
+        mod_id = queue.pop(0)
+        if mod_id in required:
+            continue
+        required.add(mod_id)
+        mod_def = modules_cfg.get(mod_id, {})
+        deps = mod_def.get("depends_on", []) or mod_def.get("dependencies", [])
+        if isinstance(deps, str):
+            deps = [deps]
+        for dep in deps:
+            if dep not in required:
+                queue.append(dep)
+    # Kahn's algorithm for topological sort
+    in_degree: Dict[str, int] = {m: 0 for m in required}
+    adj: Dict[str, List[str]] = {m: [] for m in required}
+    for mod_id in required:
+        mod_def = modules_cfg.get(mod_id, {})
+        deps = mod_def.get("depends_on", []) or mod_def.get("dependencies", [])
+        if isinstance(deps, str):
+            deps = [deps]
+        for dep in deps:
+            if dep in required:
+                adj[dep].append(mod_id)
+                in_degree[mod_id] += 1
+    queue = [m for m in required if in_degree[m] == 0]
+    queue.sort()  # deterministic ordering
+    sorted_list: List[str] = []
+    while queue:
+        node = queue.pop(0)
+        sorted_list.append(node)
+        for neighbor in sorted(adj.get(node, [])):
+            in_degree[neighbor] -= 1
+            if in_degree[neighbor] == 0:
+                queue.append(neighbor)
+    if len(sorted_list) != len(required):
+        missing = required - set(sorted_list)
+        raise ValueError(
+            f"Circular dependency detected among modules: {', '.join(sorted(missing))}"
+        )
+    return sorted_list
+# ---------------------------------------------------------------------------
+# CUI markings update
+# ---------------------------------------------------------------------------
+def _update_cui_markings(enabled: bool, dry_run: bool = False) -> Dict[str, Any]:
+    """Update the CUI markings YAML to enable or disable CUI banners.
+    This modifies the ``enabled`` field in ``args/cui_markings.yaml``.  If the
+    file does not have an ``enabled`` field, one is prepended.
+    """
+    if dry_run:
+        return {"cui_enabled": enabled, "dry_run": True, "path": str(CUI_MARKINGS_PATH)}
+    if not CUI_MARKINGS_PATH.exists():
+        return {"cui_enabled": enabled, "error": "cui_markings.yaml not found"}
+    with open(CUI_MARKINGS_PATH, "r", encoding="utf-8") as fh:
+        content = fh.read()
+    # Check if an `enabled:` key already exists
+    enabled_pattern = re.compile(r"^enabled:\s*(true|false)\s*$", re.MULTILINE | re.IGNORECASE)
+    new_value = "true" if enabled else "false"
+    if enabled_pattern.search(content):
+        content = enabled_pattern.sub(f"enabled: {new_value}", content)
+    else:
+        # Prepend at the top (after any initial comments)
+        lines = content.split("\n")
+        insert_idx = 0
+        for i, line in enumerate(lines):
+            if line.strip() and not line.strip().startswith("#"):
+                insert_idx = i
+                break
+        lines.insert(insert_idx, f"enabled: {new_value}\n")
+        content = "\n".join(lines)
+    with open(CUI_MARKINGS_PATH, "w", encoding="utf-8") as fh:
+        fh.write(content)
+    return {"cui_enabled": enabled, "dry_run": False, "path": str(CUI_MARKINGS_PATH)}
+# ---------------------------------------------------------------------------
+# Installation engine
+# ---------------------------------------------------------------------------
+def install(
+    modules: List[str],
+    compliance_frameworks: List[str],
+    profile_name: str,
+    platform_target: str,
+    team_size: str = "",
+    cui_enabled: bool = False,
+    dry_run: bool = False,
+) -> Dict[str, Any]:
+    """Execute the full installation sequence.
+    Steps:
+        1. Resolve all module dependencies (topological sort).
+        2. Create ``data/`` directory if needed.
+        3. Initialize database with required table groups.
+        4. Update ``data/installation.json`` via ModuleRegistry.
+        5. Update ``args/cui_markings.yaml``.
+        6. Return summary.
+    Args:
+        modules: List of module IDs to install.
+        compliance_frameworks: Compliance framework IDs to activate.
+        profile_name: Profile identifier used.
+        platform_target: Deployment platform (docker, k8s, etc.).
+        team_size: Team size range string.
+        cui_enabled: Whether CUI markings should be enabled.
+        dry_run: If True, preview without executing.
+    Returns:
+        Dict with full installation summary.
+    """
+    manifest = _load_manifest()
+    now = datetime.now(timezone.utc).isoformat()
+    # Merge compliance framework modules into the module list
+    ComplianceConfiguratorCls = _get_compliance_configurator()
+    configurator = ComplianceConfiguratorCls()
+    compliance_config = configurator.configure_posture(compliance_frameworks)
+    compliance_modules = compliance_config.get("required_modules", [])
+    # Combine explicit modules + compliance modules + always-required modules
+    required_modules = _get_required_module_ids(manifest)
+    all_module_ids: List[str] = list(required_modules)
+    for m in modules:
+        if m not in all_module_ids:
+            all_module_ids.append(m)
+    for m in compliance_modules:
+        if m not in all_module_ids:
+            all_module_ids.append(m)
+    # Resolve dependencies and topological sort
+    try:
+        sorted_modules = _topological_sort(all_module_ids, manifest)
+    except ValueError as e:
+        return {
+            "success": False,
+            "error": str(e),
+            "timestamp": now,
+        }
+    # Validate that all modules exist in manifest
+    modules_cfg = manifest.get("modules", {})
+    unknown = [m for m in sorted_modules if m not in modules_cfg]
+    if unknown:
+        return {
+            "success": False,
+            "error": f"Unknown modules: {', '.join(unknown)}",
+            "timestamp": now,
+        }
+    if dry_run:
+        # Build table list for preview
+        db_init = ModularDBInitializer()
+        db_result = db_init.initialize(sorted_modules, dry_run=True)
+        return {
+            "success": True,
+            "dry_run": True,
+            "profile": profile_name,
+            "platform": platform_target,
+            "team_size": team_size,
+            "modules": sorted_modules,
+            "module_count": len(sorted_modules),
+            "compliance_frameworks": compliance_frameworks,
+            "cui_enabled": cui_enabled or compliance_config.get("cui_enabled", False),
+            "impact_level": compliance_config.get("impact_level", "IL2"),
+            "db_tables_planned": db_result.get("tables_planned", []),
+            "db_table_count": db_result.get("table_count", 0),
+            "security_gate_overrides": compliance_config.get("security_gate_overrides", {}),
+            "timestamp": now,
+        }
+    # Step 1: Create data directory
+    DATA_DIR.mkdir(parents=True, exist_ok=True)
+    # Step 2: Initialize database tables
+    db_init = ModularDBInitializer()
+    db_result = db_init.initialize(sorted_modules, dry_run=False)
+    # Step 3: Update installation.json via ModuleRegistry
+    ModuleRegistryCls = _get_module_registry()
+    registry = ModuleRegistryCls()
+    install_results: List[Dict[str, Any]] = []
+    for mod_id in sorted_modules:
+        result = registry.install_module(mod_id)
+        install_results.append(result)
+    # Update registry metadata
+    registry_data = registry.export_config()
+    registry_data["profile"] = profile_name
+    registry_data["platform"] = platform_target
+    registry_data["team_size"] = team_size
+    registry_data["compliance_posture"] = compliance_frameworks
+    effective_cui = cui_enabled or compliance_config.get("cui_enabled", False)
+    registry_data["cui_enabled"] = effective_cui
+    registry_data["impact_level"] = compliance_config.get("impact_level", "IL2")
+    registry_data["security_gate_overrides"] = compliance_config.get(
+        "security_gate_overrides", {}
+    )
+    registry_data["last_updated"] = now
+    # Persist updated registry
+    REGISTRY_PATH.parent.mkdir(parents=True, exist_ok=True)
+    with open(REGISTRY_PATH, "w", encoding="utf-8") as fh:
+        json.dump(registry_data, fh, indent=2, default=str)
+    # Step 4: Update CUI markings
+    cui_result = _update_cui_markings(effective_cui)
+    # Build module summary
+    module_summary: List[Dict[str, str]] = []
+    for mod_id in sorted_modules:
+        mod_def = modules_cfg.get(mod_id, {})
+        module_summary.append({
+            "id": mod_id,
+            "name": mod_def.get("name", mod_id) if isinstance(mod_def, dict) else mod_id,
+            "category": mod_def.get("category", "") if isinstance(mod_def, dict) else "",
+        })
+    failed = [r for r in install_results if not r.get("success")]
+    return {
+        "success": len(failed) == 0,
+        "dry_run": False,
+        "profile": profile_name,
+        "platform": platform_target,
+        "team_size": team_size,
+        "modules_installed": sorted_modules,
+        "module_count": len(sorted_modules),
+        "module_summary": module_summary,
+        "compliance_frameworks": compliance_frameworks,
+        "cui_enabled": effective_cui,
+        "impact_level": compliance_config.get("impact_level", "IL2"),
+        "db_tables_created": db_result.get("tables_created", []),
+        "db_table_count": db_result.get("table_count", 0),
+        "security_gate_overrides": compliance_config.get("security_gate_overrides", {}),
+        "failures": failed if failed else [],
+        "registry_path": str(REGISTRY_PATH),
+        "db_path": str(DB_PATH),
+        "timestamp": now,
+    }
+# ---------------------------------------------------------------------------
+# Interactive wizard
+# ---------------------------------------------------------------------------
+def _prompt_choice(prompt: str, options: List[str], default: int = 0) -> int:
+    """Display a numbered list and prompt for a single selection.
+    Args:
+        prompt: Header text for the prompt.
+        options: List of option display strings.
+        default: Zero-based default selection index.
+    Returns:
+        Zero-based index of selected option.
+    """
+    print(f"\n{prompt}")
+    print("-" * 50)
+    for i, opt in enumerate(options):
+        marker = " *" if i == default else ""
+        print(f"  {i + 1}. {opt}{marker}")
+    print()
+    while True:
+        raw = input(f"Enter choice [1-{len(options)}] (default={default + 1}): ").strip()
+        if not raw:
+            return default
+        try:
+            choice = int(raw) - 1
+            if 0 <= choice < len(options):
+                return choice
+            print(f"  Please enter a number between 1 and {len(options)}.")
+        except ValueError:
+            print("  Please enter a valid number.")
+def _prompt_multi_choice(
+    prompt: str,
+    options: List[str],
+    defaults: Optional[List[int]] = None,
+) -> List[int]:
+    """Display a numbered list and prompt for multiple selections.
+    Args:
+        prompt: Header text.
+        options: List of option display strings.
+        defaults: Zero-based indices that are pre-selected.
+    Returns:
+        List of zero-based indices of selected options.
+    """
+    if defaults is None:
+        defaults = []
+    print(f"\n{prompt}")
+    print("-" * 50)
+    for i, opt in enumerate(options):
+        check = "[x]" if i in defaults else "[ ]"
+        print(f"  {i + 1}. {check} {opt}")
+    print()
+    print("  Enter numbers separated by commas (e.g., 1,3,5)")
+    print("  Press Enter to accept defaults, or 'none' to clear all.")
+    print()
+    while True:
+        raw = input("Your selection: ").strip()
+        if not raw:
+            return list(defaults)
+        if raw.lower() == "none":
+            return []
+        try:
+            indices = []
+            for part in raw.split(","):
+                part = part.strip()
+                if not part:
+                    continue
+                # Support ranges like 1-3
+                if "-" in part:
+                    start, end = part.split("-", 1)
+                    for n in range(int(start), int(end) + 1):
+                        idx = n - 1
+                        if 0 <= idx < len(options) and idx not in indices:
+                            indices.append(idx)
+                else:
+                    idx = int(part) - 1
+                    if 0 <= idx < len(options) and idx not in indices:
+                        indices.append(idx)
+            return indices
+        except ValueError:
+            print("  Please enter valid numbers separated by commas.")
+def _prompt_confirm(prompt: str, default: bool = True) -> bool:
+    """Prompt for yes/no confirmation.
+    Args:
+        prompt: Question text.
+        default: Default answer.
+    Returns:
+        True for yes, False for no.
+    """
+    suffix = "[Y/n]" if default else "[y/N]"
+    while True:
+        raw = input(f"\n{prompt} {suffix}: ").strip().lower()
+        if not raw:
+            return default
+        if raw in ("y", "yes"):
+            return True
+        if raw in ("n", "no"):
+            return False
+        print("  Please enter 'y' or 'n'.")
+def run_interactive(dry_run: bool = False) -> Dict[str, Any]:
+    """Run the 6-step interactive installation wizard.
+    Steps:
+        1. Organization type (profile selection)
+        2. Team size
+        3. Compliance posture (multi-select)
+        4. Deployment target
+        5. Additional capabilities (optional modules)
+        6. Review and confirm
+    Returns:
+        Installation result dict.
+    """
+    profiles_data = _load_profiles()
+    manifest = _load_manifest()
+    profiles = profiles_data.get("profiles", {})
+    platforms = profiles_data.get("platforms", {})
+    print()
+    print("=" * 60)
+    print("  ICDEV Modular Installer — Interactive Wizard")
+    print("=" * 60)
+    # ------------------------------------------------------------------
+    # Step 1: Organization Type (profile selection)
+    # ------------------------------------------------------------------
+    profile_ids = [pid for pid in profiles.keys() if pid != "custom"]
+    profile_ids.append("custom")
+    profile_options = []
+    for pid in profile_ids:
+        pdef = profiles.get(pid, {})
+        name = pdef.get("name", pid) if isinstance(pdef, dict) else pid
+        desc = pdef.get("description", "") if isinstance(pdef, dict) else ""
+        profile_options.append(f"{name} — {desc}" if desc else name)
+    choice_idx = _prompt_choice(
+        "Step 1/6: What type of organization are you?",
+        profile_options,
+        default=0,
+    )
+    selected_profile_id = profile_ids[choice_idx]
+    selected_profile = profiles.get(selected_profile_id, {})
+    if not isinstance(selected_profile, dict):
+        selected_profile = {}
+    # ------------------------------------------------------------------
+    # Step 2: Team Size
+    # ------------------------------------------------------------------
+    team_sizes = ["1-5", "5-15", "15-50", "50-200", "200+"]
+    default_team_size_idx = 0
+    profile_team = selected_profile.get("team_size", "")
+    for i, ts in enumerate(team_sizes):
+        if ts in str(profile_team):
+            default_team_size_idx = i
+            break
+    team_choice = _prompt_choice(
+        "Step 2/6: What is your team size?",
+        [
+            "1-5     (solo / small team)",
+            "5-15    (small team)",
+            "15-50   (medium team)",
+            "50-200  (large team)",
+            "200+    (enterprise)",
+        ],
+        default=default_team_size_idx,
+    )
+    team_size = team_sizes[team_choice]
+    # ------------------------------------------------------------------
+    # Step 3: Compliance Posture
+    # ------------------------------------------------------------------
+    all_compliance = _get_all_compliance_ids(manifest)
+    modules_cfg = manifest.get("modules", {})
+    compliance_options = []
+    for cid in all_compliance:
+        cdef = modules_cfg.get(cid, {})
+        name = cdef.get("name", cid) if isinstance(cdef, dict) else cid
+        compliance_options.append(f"{cid}: {name}")
+    # Pre-select from profile
+    profile_compliance = selected_profile.get("default_compliance", [])
+    if isinstance(profile_compliance, str):
+        if profile_compliance.upper() == "ALL":
+            profile_compliance = list(all_compliance)
+        else:
+            profile_compliance = [profile_compliance]
+    default_indices = []
+    for i, cid in enumerate(all_compliance):
+        if cid in profile_compliance:
+            default_indices.append(i)
+    compliance_indices = _prompt_multi_choice(
+        "Step 3/6: Which compliance frameworks do you need?",
+        compliance_options,
+        defaults=default_indices,
+    )
+    selected_compliance = [all_compliance[i] for i in compliance_indices]
+    # ------------------------------------------------------------------
+    # Step 4: Deployment Target
+    # ------------------------------------------------------------------
+    platform_ids = list(platforms.keys()) if isinstance(platforms, dict) else []
+    platform_options = []
+    for pid in platform_ids:
+        pdef = platforms.get(pid, {})
+        name = pdef.get("name", pid) if isinstance(pdef, dict) else pid
+        desc = pdef.get("description", "") if isinstance(pdef, dict) else ""
+        platform_options.append(f"{name} — {desc}" if desc else name)
+    default_platform_idx = 0
+    profile_platform = selected_profile.get("default_platform", "docker")
+    for i, pid in enumerate(platform_ids):
+        if pid == profile_platform:
+            default_platform_idx = i
+            break
+    if platform_options:
+        platform_choice = _prompt_choice(
+            "Step 4/6: Where will you deploy?",
+            platform_options,
+            default=default_platform_idx,
+        )
+        selected_platform = platform_ids[platform_choice]
+    else:
+        selected_platform = "docker"
+    # ------------------------------------------------------------------
+    # Step 5: Additional Capabilities
+    # ------------------------------------------------------------------
+    # Gather modules already included from profile + compliance
+    profile_modules = selected_profile.get("modules", [])
+    if isinstance(profile_modules, str):
+        if profile_modules.upper() == "ALL":
+            profile_modules = _get_all_module_ids(manifest)
+        else:
+            profile_modules = [profile_modules]
+    required_ids = set(_get_required_module_ids(manifest))
+    already_included = set(profile_modules) | required_ids
+    # Compliance modules
+    ComplianceConfiguratorCls = _get_compliance_configurator()
+    configurator = ComplianceConfiguratorCls()
+    comp_config = configurator.configure_posture(selected_compliance)
+    comp_modules = set(comp_config.get("required_modules", []))
+    already_included |= comp_modules
+    # Optional modules not yet selected
+    all_module_ids = _get_all_module_ids(manifest)
+    optional_ids = [
+        m for m in all_module_ids
+        if m not in already_included and not modules_cfg.get(m, {}).get("compliance_posture")
+    ]
+    optional_options = []
+    for mid in optional_ids:
+        mdef = modules_cfg.get(mid, {})
+        name = mdef.get("name", mid) if isinstance(mdef, dict) else mid
+        desc = mdef.get("description", "") if isinstance(mdef, dict) else ""
+        short_desc = desc[:60] + "..." if len(desc) > 60 else desc
+        optional_options.append(f"{mid}: {name} — {short_desc}")
+    # Pre-check recommended addons from profile
+    recommended = selected_profile.get("recommended_addons", [])
+    if isinstance(recommended, str):
+        recommended = [recommended]
+    optional_defaults = [i for i, mid in enumerate(optional_ids) if mid in recommended]
+    selected_addons: List[str] = []
+    if optional_options:
+        addon_indices = _prompt_multi_choice(
+            "Step 5/6: Select additional capabilities (optional):",
+            optional_options,
+            defaults=optional_defaults,
+        )
+        selected_addons = [optional_ids[i] for i in addon_indices]
+    # ------------------------------------------------------------------
+    # Build final module list
+    # ------------------------------------------------------------------
+    final_modules = list(profile_modules)
+    for m in selected_addons:
+        if m not in final_modules:
+            final_modules.append(m)
+    # Determine CUI from profile + compliance
+    cui_enabled = selected_profile.get("cui_enabled", False)
+    if comp_config.get("cui_enabled"):
+        cui_enabled = True
+    # ------------------------------------------------------------------
+    # Step 6: Review & Confirm
+    # ------------------------------------------------------------------
+    print()
+    print("=" * 60)
+    print("  Step 6/6: Review Your Installation")
+    print("=" * 60)
+    print()
+    print(f"  Profile:     {selected_profile.get('name', selected_profile_id)}")
+    print(f"  Team Size:   {team_size}")
+    print(f"  Platform:    {selected_platform}")
+    print(f"  CUI Markings: {'enabled' if cui_enabled else 'disabled'}")
+    print(f"  Impact Level: {comp_config.get('impact_level', 'IL2')}")
+    print()
+    print("  Compliance Frameworks:")
+    if selected_compliance:
+        for fw in selected_compliance:
+            print(f"    - {fw}")
+    else:
+        print("    (none)")
+    print()
+    print("  Modules to install:")
+    try:
+        sorted_preview = _topological_sort(final_modules, manifest)
+    except ValueError:
+        sorted_preview = final_modules
+    for mod_id in sorted_preview:
+        mdef = modules_cfg.get(mod_id, {})
+        name = mdef.get("name", mod_id) if isinstance(mdef, dict) else mod_id
+        print(f"    - {mod_id}: {name}")
+    print()
+    if dry_run:
+        print("  [DRY RUN] No changes will be made.")
+        print()
+    if not _prompt_confirm("Proceed with installation?"):
+        return {"success": False, "error": "Installation cancelled by user."}
+    return install(
+        modules=final_modules,
+        compliance_frameworks=selected_compliance,
+        profile_name=selected_profile_id,
+        platform_target=selected_platform,
+        team_size=team_size,
+        cui_enabled=cui_enabled,
+        dry_run=dry_run,
+    )
+# ---------------------------------------------------------------------------
+# Profile-based (non-interactive) installation
+# ---------------------------------------------------------------------------
+def run_profile(
+    profile_name: str,
+    compliance_override: Optional[List[str]] = None,
+    platform_override: Optional[str] = None,
+    dry_run: bool = False,
+) -> Dict[str, Any]:
+    """Run installation from a named deployment profile.
+    Args:
+        profile_name: Profile ID from deployment_profiles.yaml.
+        compliance_override: Override the profile's default_compliance.
+        platform_override: Override the profile's default_platform.
+        dry_run: If True, preview without executing.
+    Returns:
+        Installation result dict.
+    """
+    profiles_data = _load_profiles()
+    manifest = _load_manifest()
+    profiles = profiles_data.get("profiles", {})
+    if profile_name not in profiles:
+        available = ", ".join(sorted(profiles.keys()))
+        return {
+            "success": False,
+            "error": f"Unknown profile: '{profile_name}'. Available: {available}",
+        }
+    profile = profiles[profile_name]
+    if not isinstance(profile, dict):
+        profile = {}
+    # Resolve modules
+    profile_modules = profile.get("modules", [])
+    if isinstance(profile_modules, str):
+        if profile_modules.upper() == "ALL":
+            profile_modules = _get_all_module_ids(manifest)
+        else:
+            profile_modules = [profile_modules]
+    # Resolve compliance
+    compliance = compliance_override
+    if compliance is None:
+        compliance = profile.get("default_compliance", [])
+        if isinstance(compliance, str):
+            if compliance.upper() == "ALL":
+                compliance = _get_all_compliance_ids(manifest)
+            else:
+                compliance = [compliance]
+    # Resolve platform
+    platform = platform_override or profile.get("default_platform", "docker")
+    # CUI
+    cui_enabled = profile.get("cui_enabled", False)
+    # Team size
+    team_size = profile.get("team_size", "")
+    return install(
+        modules=profile_modules,
+        compliance_frameworks=compliance,
+        profile_name=profile_name,
+        platform_target=platform,
+        team_size=team_size,
+        cui_enabled=cui_enabled,
+        dry_run=dry_run,
+    )
+# ---------------------------------------------------------------------------
+# Upgrade / add-module operations
+# ---------------------------------------------------------------------------
+def show_upgrade_options() -> Dict[str, Any]:
+    """Show modules that can be added to the current installation.
+    Returns:
+        Dict with available modules grouped by category.
+    """
+    ModuleRegistryCls = _get_module_registry()
+    registry = ModuleRegistryCls()
+    available = registry.get_available()
+    upgrade_path = registry.get_upgrade_path()
+    installed = registry.get_installed()
+    installed_count = sum(1 for v in installed.values() if v.get("installed"))
+    return {
+        "installed_count": installed_count,
+        "available_now": available,
+        "available_now_count": len(available),
+        "full_upgrade_path": upgrade_path,
+        "full_upgrade_count": len(upgrade_path),
+    }
+def add_module(
+    module_id: str,
+    dry_run: bool = False,
+) -> Dict[str, Any]:
+    """Add a single module to an existing installation.
+    Resolves dependencies and initializes required DB tables.
+    Args:
+        module_id: The module to add.
+        dry_run: Preview without executing.
+    Returns:
+        Dict with result summary.
+    """
+    manifest = _load_manifest()
+    modules_cfg = manifest.get("modules", {})
+    if module_id not in modules_cfg:
+        return {
+            "success": False,
+            "error": f"Unknown module: '{module_id}'",
+            "available": list(modules_cfg.keys()),
+        }
+    # Load current installation
+    ModuleRegistryCls = _get_module_registry()
+    registry = ModuleRegistryCls()
+    installed = registry.get_installed()
+    installed_ids = [k for k, v in installed.items() if v.get("installed")]
+    if module_id in installed_ids:
+        return {
+            "success": True,
+            "module_id": module_id,
+            "note": "Module is already installed.",
+        }
+    # Resolve what needs to be installed (module + deps)
+    try:
+        sorted_new = _topological_sort([module_id], manifest)
+    except ValueError as e:
+        return {"success": False, "error": str(e)}
+    # Filter out already installed
+    to_install = [m for m in sorted_new if m not in installed_ids]
+    if dry_run:
+        db_init = ModularDBInitializer()
+        db_result = db_init.initialize(to_install, dry_run=True)
+        return {
+            "success": True,
+            "dry_run": True,
+            "module_id": module_id,
+            "modules_to_install": to_install,
+            "db_tables_planned": db_result.get("tables_planned", []),
+        }
+    # Initialize DB tables for new modules
+    db_init = ModularDBInitializer()
+    db_result = db_init.initialize(to_install, dry_run=False)
+    # Register modules
+    results = []
+    for mid in to_install:
+        r = registry.install_module(mid)
+        results.append(r)
+    failed = [r for r in results if not r.get("success")]
+    return {
+        "success": len(failed) == 0,
+        "dry_run": False,
+        "module_id": module_id,
+        "modules_installed": to_install,
+        "db_tables_created": db_result.get("tables_created", []),
+        "failures": failed if failed else [],
+    }
+def add_compliance(
+    framework_id: str,
+    dry_run: bool = False,
+) -> Dict[str, Any]:
+    """Add a compliance framework to an existing installation.
+    Resolves required modules, initializes DB tables, and updates the
+    compliance posture in the registry.
+    Args:
+        framework_id: Compliance framework ID (e.g., hipaa, cmmc).
+        dry_run: Preview without executing.
+    Returns:
+        Dict with result summary.
+    """
+    ComplianceConfiguratorCls = _get_compliance_configurator()
+    configurator = ComplianceConfiguratorCls()
+    # Validate framework
+    posture_config = configurator.configure_posture([framework_id])
+    if posture_config.get("unknown_frameworks"):
+        available_postures = configurator.list_postures()
+        return {
+            "success": False,
+            "error": f"Unknown framework: '{framework_id}'",
+            "available": [p["id"] for p in available_postures],
+        }
+    required_modules = posture_config.get("required_modules", [])
+    cui_needed = posture_config.get("cui_enabled", False)
+    # Load current state
+    ModuleRegistryCls = _get_module_registry()
+    registry = ModuleRegistryCls()
+    installed = registry.get_installed()
+    installed_ids = [k for k, v in installed.items() if v.get("installed")]
+    current_config = registry.export_config()
+    current_posture = current_config.get("compliance_posture", [])
+    if framework_id in current_posture:
+        return {
+            "success": True,
+            "framework_id": framework_id,
+            "note": "Framework is already in the compliance posture.",
+        }
+    # Determine new modules needed
+    to_install = [m for m in required_modules if m not in installed_ids]
+    if dry_run:
+        db_init = ModularDBInitializer()
+        db_result = db_init.initialize(to_install, dry_run=True) if to_install else {}
+        return {
+            "success": True,
+            "dry_run": True,
+            "framework_id": framework_id,
+            "modules_to_install": to_install,
+            "cui_enabled": cui_needed,
+            "db_tables_planned": db_result.get("tables_planned", []) if db_result else [],
+            "security_gate_overrides": posture_config.get("security_gate_overrides", {}),
+        }
+    # Install new modules
+    manifest = _load_manifest()
+    if to_install:
+        try:
+            sorted_new = _topological_sort(to_install, manifest)
+        except ValueError as e:
+            return {"success": False, "error": str(e)}
+        to_install = [m for m in sorted_new if m not in installed_ids]
+        db_init = ModularDBInitializer()
+        db_init.initialize(to_install, dry_run=False)
+        for mid in to_install:
+            registry.install_module(mid)
+    # Update compliance posture in registry
+    updated_posture = list(current_posture)
+    if framework_id not in updated_posture:
+        updated_posture.append(framework_id)
+    # Update CUI if needed
+    effective_cui = current_config.get("cui_enabled", False)
+    if cui_needed:
+        effective_cui = True
+        _update_cui_markings(True)
+    # Merge gate overrides
+    existing_gates = current_config.get("security_gate_overrides", {})
+    existing_gates.update(posture_config.get("security_gate_overrides", {}))
+    # Persist registry
+    current_config["compliance_posture"] = updated_posture
+    current_config["cui_enabled"] = effective_cui
+    current_config["security_gate_overrides"] = existing_gates
+    current_config["last_updated"] = datetime.now(timezone.utc).isoformat()
+    REGISTRY_PATH.parent.mkdir(parents=True, exist_ok=True)
+    with open(REGISTRY_PATH, "w", encoding="utf-8") as fh:
+        json.dump(current_config, fh, indent=2, default=str)
+    return {
+        "success": True,
+        "dry_run": False,
+        "framework_id": framework_id,
+        "modules_installed": to_install,
+        "compliance_posture": updated_posture,
+        "cui_enabled": effective_cui,
+        "security_gate_overrides": existing_gates,
+    }
+def show_status() -> Dict[str, Any]:
+    """Return the current installation status.
+    Returns:
+        Dict with installed modules, compliance posture, platform, etc.
+    """
+    ModuleRegistryCls = _get_module_registry()
+    registry = ModuleRegistryCls()
+    installed = registry.get_installed()
+    config = registry.export_config()
+    validation = registry.validate()
+    installed_count = sum(1 for v in installed.values() if v.get("installed"))
+    total_available = len(_get_all_module_ids(_load_manifest()))
+    return {
+        "profile": config.get("profile", "default"),
+        "platform": config.get("platform", "unknown"),
+        "team_size": config.get("team_size", ""),
+        "installed_modules": installed,
+        "installed_count": installed_count,
+        "total_available": total_available,
+        "coverage": f"{installed_count}/{total_available}",
+        "compliance_posture": config.get("compliance_posture", []),
+        "cui_enabled": config.get("cui_enabled", False),
+        "impact_level": config.get("impact_level", "IL2"),
+        "security_gate_overrides": config.get("security_gate_overrides", {}),
+        "validation": validation,
+        "installed_at": config.get("installed_at", ""),
+        "last_updated": config.get("last_updated", ""),
+        "registry_path": str(REGISTRY_PATH),
+        "db_path": str(DB_PATH),
+    }
+# ---------------------------------------------------------------------------
+# Human-readable output formatting
+# ---------------------------------------------------------------------------
+def _format_install_result_human(result: Dict[str, Any]) -> str:
+    """Format installation result for terminal display."""
+    lines = [
+        "",
+        "=" * 60,
+        "  ICDEV Installation Summary",
+        "=" * 60,
+        "",
+    ]
+    if result.get("dry_run"):
+        lines.append("  *** DRY RUN — no changes were made ***")
+        lines.append("")
+    success = result.get("success", False)
+    lines.append(f"  Status:       {'SUCCESS' if success else 'FAILED'}")
+    if result.get("error"):
+        lines.append(f"  Error:        {result['error']}")
+    lines.append(f"  Profile:      {result.get('profile', 'N/A')}")
+    lines.append(f"  Platform:     {result.get('platform', 'N/A')}")
+    lines.append(f"  Team Size:    {result.get('team_size', 'N/A')}")
+    lines.append(f"  CUI Markings: {'enabled' if result.get('cui_enabled') else 'disabled'}")
+    lines.append(f"  Impact Level: {result.get('impact_level', 'IL2')}")
+    lines.append("")
+    # Modules
+    modules = result.get("modules_installed") or result.get("modules", [])
+    lines.append(f"  Modules ({len(modules)}):")
+    for mod_id in modules:
+        lines.append(f"    - {mod_id}")
+    lines.append("")
+    # Compliance
+    compliance = result.get("compliance_frameworks", [])
+    lines.append(f"  Compliance Frameworks ({len(compliance)}):")
+    if compliance:
+        for fw in compliance:
+            lines.append(f"    - {fw}")
+    else:
+        lines.append("    (none)")
+    lines.append("")
+    # DB tables
+    tables_key = "db_tables_created" if not result.get("dry_run") else "db_tables_planned"
+    tables = result.get(tables_key, [])
+    table_count = result.get("db_table_count", len(tables))
+    lines.append(f"  Database Tables: {table_count}")
+    lines.append("")
+    # Failures
+    failures = result.get("failures", [])
+    if failures:
+        lines.append("  Failures:")
+        for f in failures:
+            lines.append(f"    - {f.get('module_id', '?')}: {f.get('error', '?')}")
+        lines.append("")
+    # Paths
+    if result.get("registry_path"):
+        lines.append(f"  Registry:     {result['registry_path']}")
+    if result.get("db_path"):
+        lines.append(f"  Database:     {result['db_path']}")
+    lines.append("")
+    return "\n".join(lines)
+def _format_status_human(result: Dict[str, Any]) -> str:
+    """Format status output for terminal display."""
+    lines = [
+        "",
+        "=" * 60,
+        "  ICDEV Installation Status",
+        "=" * 60,
+        "",
+        f"  Profile:       {result.get('profile', 'default')}",
+        f"  Platform:      {result.get('platform', 'unknown')}",
+        f"  Team Size:     {result.get('team_size', 'N/A')}",
+        f"  Coverage:      {result.get('coverage', '0/0')}",
+        f"  CUI Markings:  {'enabled' if result.get('cui_enabled') else 'disabled'}",
+        f"  Impact Level:  {result.get('impact_level', 'IL2')}",
+        f"  Installed At:  {result.get('installed_at', 'N/A')}",
+        f"  Last Updated:  {result.get('last_updated', 'N/A')}",
+        "",
+    ]
+    # Installed modules
+    installed = result.get("installed_modules", {})
+    lines.append(f"  Installed Modules ({result.get('installed_count', 0)}):")
+    if installed:
+        lines.append(f"    {'Module':<25} {'Version':<10} {'Installed At'}")
+        lines.append(f"    {'-' * 25} {'-' * 10} {'-' * 25}")
+        for mod_id, info in sorted(installed.items()):
+            if isinstance(info, dict) and info.get("installed"):
+                name = info.get("name", mod_id)
+                ver = info.get("version", "?")
+                ts = info.get("installed_at", "?")
+                lines.append(f"    {name:<25} {ver:<10} {ts}")
+    else:
+        lines.append("    (none)")
+    lines.append("")
+    # Compliance posture
+    posture = result.get("compliance_posture", [])
+    lines.append(f"  Compliance Posture ({len(posture)}):")
+    if posture:
+        for fw in posture:
+            lines.append(f"    - {fw}")
+    else:
+        lines.append("    (none)")
+    lines.append("")
+    # Validation
+    validation = result.get("validation", {})
+    valid = validation.get("valid", True)
+    lines.append(f"  Validation:    {'VALID' if valid else 'ISSUES FOUND'}")
+    issues = validation.get("issues", [])
+    if issues:
+        for issue in issues:
+            lines.append(f"    - {issue}")
+    lines.append("")
+    return "\n".join(lines)
+def _format_upgrade_human(result: Dict[str, Any]) -> str:
+    """Format upgrade options for terminal display."""
+    lines = [
+        "",
+        "=" * 60,
+        "  ICDEV — Available Upgrades",
+        "=" * 60,
+        "",
+        f"  Currently installed: {result.get('installed_count', 0)} modules",
+        "",
+    ]
+    available = result.get("available_now", [])
+    lines.append(f"  Ready to install ({len(available)}):")
+    if available:
+        for mod in available:
+            lines.append(f"    {mod['module_id']:<25} {mod.get('name', '')}")
+            if mod.get("description"):
+                lines.append(f"      {mod['description'][:70]}")
+    else:
+        lines.append("    (none — all dependencies must be satisfied first)")
+    lines.append("")
+    blocked = [m for m in result.get("full_upgrade_path", []) if not m.get("deps_met")]
+    if blocked:
+        lines.append(f"  Blocked (dependencies unmet): {len(blocked)}")
+        for mod in blocked:
+            deps = ", ".join(mod.get("dependencies", []))
+            lines.append(f"    {mod['module_id']:<25} needs: {deps}")
+        lines.append("")
+    lines.append("  To add a module:")
+    lines.append("    python tools/installer/installer.py --add-module <module_id>")
+    lines.append("")
+    return "\n".join(lines)
+# ---------------------------------------------------------------------------
+# CLI entry point
+# ---------------------------------------------------------------------------
+def main() -> None:
+    """Parse CLI arguments and dispatch to the appropriate mode."""
+    parser = argparse.ArgumentParser(
+        description="ICDEV Modular Installer — configure and install ICDEV components",
+        formatter_class=argparse.RawDescriptionHelpFormatter,
+        epilog="""\
+Examples:
+  # Interactive wizard
+  python tools/installer/installer.py --interactive
+  # Install from profile
+  python tools/installer/installer.py --profile dod_team
+  python tools/installer/installer.py --profile healthcare --compliance hipaa,hitrust --platform k8s
+  # Add modules after install
+  python tools/installer/installer.py --add-module marketplace
+  python tools/installer/installer.py --add-compliance hipaa
+  # Check status
+  python tools/installer/installer.py --status
+  python tools/installer/installer.py --status --json
+  # Dry run
+  python tools/installer/installer.py --profile dod_team --dry-run
+""",
+    )
+    # Mode selection
+    mode_group = parser.add_argument_group("Installation Modes")
+    mode_group.add_argument(
+        "--interactive", action="store_true",
+        help="Run the interactive 6-step installation wizard",
+    )
+    mode_group.add_argument(
+        "--profile", metavar="NAME",
+        help="Install using a named deployment profile (e.g., dod_team, healthcare)",
+    )
+    mode_group.add_argument(
+        "--upgrade", action="store_true",
+        help="Show available modules that can be added to the current installation",
+    )
+    mode_group.add_argument(
+        "--add-module", metavar="MODULE_ID",
+        help="Add a single module (with dependencies) to the current installation",
+    )
+    mode_group.add_argument(
+        "--add-compliance", metavar="FRAMEWORK_ID",
+        help="Add a compliance framework (with required modules) to the installation",
+    )
+    mode_group.add_argument(
+        "--status", action="store_true",
+        help="Show the current installation status",
+    )
+    # Overrides for profile mode
+    override_group = parser.add_argument_group("Profile Overrides")
+    override_group.add_argument(
+        "--compliance", metavar="FRAMEWORKS",
+        help="Comma-separated compliance framework IDs (overrides profile default)",
+    )
+    override_group.add_argument(
+        "--platform", metavar="PLATFORM",
+        help="Deployment platform: docker, k8s, helm, aws_govcloud, azure_gov, on_prem",
+    )
+    # Output options
+    output_group = parser.add_argument_group("Output Options")
+    output_group.add_argument(
+        "--json", action="store_true",
+        help="Output results as JSON",
+    )
+    output_group.add_argument(
+        "--human", action="store_true",
+        help="Human-friendly colorized terminal output",
+    )
+    output_group.add_argument(
+        "--dry-run", action="store_true",
+        help="Preview what would be installed without executing",
+    )
+    args = parser.parse_args()
+    use_json = args.json
+    def _output(result: Dict[str, Any], formatter=None) -> None:
+        """Print result as JSON or human-readable."""
+        if use_json:
+            print(json.dumps(result, indent=2, default=str))
+        elif formatter:
+            print(formatter(result))
+        else:
+            # Fallback: try to use output_formatter if available
+            try:
+                from icdev.tools.cli.output_formatter import auto_format
+                print(auto_format(result, title="ICDEV Installer"))
+            except ImportError:
+                print(json.dumps(result, indent=2, default=str))
+    try:
+        # ------- Interactive mode -------
+        if args.interactive:
+            result = run_interactive(dry_run=args.dry_run)
+            _output(result, _format_install_result_human)
+        # ------- Profile mode -------
+        elif args.profile:
+            compliance_override = None
+            if args.compliance:
+                compliance_override = [
+                    f.strip() for f in args.compliance.split(",") if f.strip()
+                ]
+            result = run_profile(
+                profile_name=args.profile,
+                compliance_override=compliance_override,
+                platform_override=args.platform,
+                dry_run=args.dry_run,
+            )
+            _output(result, _format_install_result_human)
+            if not use_json and result.get("success") and not args.dry_run:
+                print("  Installation complete. Run --status to verify.")
+                print()
+        # ------- Upgrade -------
+        elif args.upgrade:
+            result = show_upgrade_options()
+            _output(result, _format_upgrade_human)
+        # ------- Add module -------
+        elif args.add_module:
+            result = add_module(args.add_module, dry_run=args.dry_run)
+            _output(result, _format_install_result_human)
+        # ------- Add compliance -------
+        elif args.add_compliance:
+            result = add_compliance(args.add_compliance, dry_run=args.dry_run)
+            _output(result, _format_install_result_human)
+        # ------- Status -------
+        elif args.status:
+            result = show_status()
+            _output(result, _format_status_human)
+        else:
+            parser.print_help()
+            sys.exit(0)
+    except KeyboardInterrupt:
+        print("\n\n  Installation cancelled.")
+        sys.exit(130)
+    except Exception as exc:
+        error_result = {
+            "success": False,
+            "error": str(exc),
+            "timestamp": datetime.now(timezone.utc).isoformat(),
+        }
+        if use_json:
+            print(json.dumps(error_result, indent=2, default=str))
+        else:
+            print(f"\nERROR: {exc}", file=sys.stderr)
+        sys.exit(1)
+if __name__ == "__main__":
+    main()