PyPI - icdev - Versions diffs - 1.0.0__py3-none-any.whl - Mend

icdev 1.0.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1105) hide show

icdev/__init__.py +18 -0
icdev/_paths.py +85 -0
icdev/_version.py +3 -0
icdev/data/__init__.py +1 -0
icdev/data/args/__init__.py +1 -0
icdev/data/args/agent_authority.yaml +61 -0
icdev/data/args/agent_config.yaml +355 -0
icdev/data/args/agentic_fitness.yaml +31 -0
icdev/data/args/ai_governance_config.yaml +137 -0
icdev/data/args/atlas_critique_config.yaml +66 -0
icdev/data/args/bedrock_models.yaml +63 -0
icdev/data/args/cicd_config.yaml +82 -0
icdev/data/args/classification_config.yaml +232 -0
icdev/data/args/cli_config.yaml +154 -0
icdev/data/args/cloud_config.yaml +63 -0
icdev/data/args/code_pattern_config.yaml +151 -0
icdev/data/args/code_quality_config.yaml +47 -0
icdev/data/args/companion_registry.yaml +202 -0
icdev/data/args/context_config.yaml +82 -0
icdev/data/args/csp_monitor_config.yaml +268 -0
icdev/data/args/cui_markings.yaml +35 -0
icdev/data/args/db_config.yaml +40 -0
icdev/data/args/deployment_profiles.yaml +248 -0
icdev/data/args/dev_profile_config.yaml +144 -0
icdev/data/args/devsecops_config.yaml +286 -0
icdev/data/args/endpoint_security_config.yaml +137 -0
icdev/data/args/extension_config.yaml +79 -0
icdev/data/args/file_access_tiers.yaml +88 -0
icdev/data/args/framework_registry.yaml +415 -0
icdev/data/args/innovation_config.yaml +431 -0
icdev/data/args/installation_manifest.yaml +1087 -0
icdev/data/args/llm_config.yaml +495 -0
icdev/data/args/maintenance_config.yaml +55 -0
icdev/data/args/memory_config.yaml +83 -0
icdev/data/args/monitoring_config.yaml +127 -0
icdev/data/args/mosa_config.yaml +190 -0
icdev/data/args/nlq_config.yaml +35 -0
icdev/data/args/observability_config.yaml +39 -0
icdev/data/args/observability_tracing_config.yaml +170 -0
icdev/data/args/oscal_tools_config.yaml +43 -0
icdev/data/args/owasp_agentic_config.yaml +171 -0
icdev/data/args/phase_registry.yaml +618 -0
icdev/data/args/project_defaults.yaml +235 -0
icdev/data/args/prompt_chains.yaml +163 -0
icdev/data/args/resilience_config.yaml +50 -0
icdev/data/args/ricoas_config.yaml +191 -0
icdev/data/args/role_personas.yaml +362 -0
icdev/data/args/scaling_config.yaml +176 -0
icdev/data/args/security_gates.yaml +685 -0
icdev/data/args/skill_injection_config.yaml +322 -0
icdev/data/args/spec_config.yaml +53 -0
icdev/data/args/supply_chain_config.yaml +76 -0
icdev/data/args/translation_config.yaml +228 -0
icdev/data/args/workflow_templates/ato_acceleration.yaml +54 -0
icdev/data/args/workflow_templates/build_deploy.yaml +63 -0
icdev/data/args/workflow_templates/full_compliance.yaml +43 -0
icdev/data/args/workflow_templates/security_hardening.yaml +55 -0
icdev/data/args/worktree_config.yaml +34 -0
icdev/data/args/zta_config.yaml +247 -0
icdev/data/context/__init__.py +1 -0
icdev/data/context/agent/__init__.py +1 -0
icdev/data/context/agent/response_schemas/__init__.py +1 -0
icdev/data/context/agent/response_schemas/debate_position.json +46 -0
icdev/data/context/agent/response_schemas/fitness_scorecard.json +74 -0
icdev/data/context/agent/response_schemas/review_decision.json +39 -0
icdev/data/context/agent/response_schemas/task_decomposition.json +82 -0
icdev/data/context/agent/response_schemas/veto_decision.json +40 -0
icdev/data/context/agentic/__init__.py +1 -0
icdev/data/context/agentic/architecture_patterns.md +269 -0
icdev/data/context/agentic/capability_registry.yaml +202 -0
icdev/data/context/agentic/csp_mcp_registry.yaml +280 -0
icdev/data/context/agentic/fitness_rubric.md +56 -0
icdev/data/context/agentic/governance_baseline.md +205 -0
icdev/data/context/ci/__init__.py +1 -0
icdev/data/context/ci/worktree_templates.json +44 -0
icdev/data/context/cloud/__init__.py +1 -0
icdev/data/context/cloud/csp_service_registry.json +739 -0
icdev/data/context/compliance/__init__.py +1 -0
icdev/data/context/compliance/atlas_mitigations.json +293 -0
icdev/data/context/compliance/atlas_techniques.json +833 -0
icdev/data/context/compliance/cisa_sbd_requirements.json +432 -0
icdev/data/context/compliance/cjis_security_policy.json +522 -0
icdev/data/context/compliance/cmmc_practices.json +2494 -0
icdev/data/context/compliance/cmmc_report_template.md +142 -0
icdev/data/context/compliance/cnssi_1253_overlay.json +109 -0
icdev/data/context/compliance/control_crosswalk.json +1914 -0
icdev/data/context/compliance/control_families/__init__.py +1 -0
icdev/data/context/compliance/csp_certifications.json +251 -0
icdev/data/context/compliance/cssp_report_template.md +193 -0
icdev/data/context/compliance/cui_templates/__init__.py +1 -0
icdev/data/context/compliance/cui_templates/banner_block.txt +4 -0
icdev/data/context/compliance/cui_templates/code_header.txt +8 -0
icdev/data/context/compliance/cui_templates/document_template.md +35 -0
icdev/data/context/compliance/data_type_framework_map.json +321 -0
icdev/data/context/compliance/data_type_registry.json +147 -0
icdev/data/context/compliance/dod_cssp_8530.json +463 -0
icdev/data/context/compliance/eu_ai_act_annex_iii.json +108 -0
icdev/data/context/compliance/export_templates/__init__.py +1 -0
icdev/data/context/compliance/export_templates/emass_controls.csv.j2 +4 -0
icdev/data/context/compliance/export_templates/evidence_package.md.j2 +39 -0
icdev/data/context/compliance/export_templates/executive_summary.md.j2 +55 -0
icdev/data/context/compliance/export_templates/poam_tracking.csv.j2 +4 -0
icdev/data/context/compliance/fedramp_20x_ksi_schemas.json +133 -0
icdev/data/context/compliance/fedramp_high_baseline.json +4370 -0
icdev/data/context/compliance/fedramp_moderate_baseline.json +2183 -0
icdev/data/context/compliance/fedramp_report_template.md +181 -0
icdev/data/context/compliance/fips_200_areas.json +362 -0
icdev/data/context/compliance/gao_ai_accountability.json +262 -0
icdev/data/context/compliance/hipaa_security_rule.json +720 -0
icdev/data/context/compliance/hitrust_csf_v11.json +930 -0
icdev/data/context/compliance/impact_level_profiles.json +251 -0
icdev/data/context/compliance/incident_response_template.md +1110 -0
icdev/data/context/compliance/iso27001_2022_controls.json +750 -0
icdev/data/context/compliance/iso27001_nist_bridge.json +382 -0
icdev/data/context/compliance/iso42001_controls.json +254 -0
icdev/data/context/compliance/ivv_checklist_template.md +80 -0
icdev/data/context/compliance/ivv_report_template.md +116 -0
icdev/data/context/compliance/ivv_requirements.json +372 -0
icdev/data/context/compliance/mosa_crosswalk.json +327 -0
icdev/data/context/compliance/mosa_framework.json +250 -0
icdev/data/context/compliance/narrative_templates/AC.md.j2 +101 -0
icdev/data/context/compliance/narrative_templates/AU.md.j2 +106 -0
icdev/data/context/compliance/narrative_templates/IA.md.j2 +104 -0
icdev/data/context/compliance/narrative_templates/SC.md.j2 +102 -0
icdev/data/context/compliance/narrative_templates/SI.md.j2 +111 -0
icdev/data/context/compliance/narrative_templates/__init__.py +1 -0
icdev/data/context/compliance/narrative_templates/default.md.j2 +50 -0
icdev/data/context/compliance/narrative_templates/executive_summary.j2 +27 -0
icdev/data/context/compliance/narrative_templates/poam_milestone.j2 +19 -0
icdev/data/context/compliance/narrative_templates/ssp_section.j2 +11 -0
icdev/data/context/compliance/nist_800_171_controls.json +1552 -0
icdev/data/context/compliance/nist_800_207_crosswalk.json +399 -0
icdev/data/context/compliance/nist_800_207_zta.json +258 -0
icdev/data/context/compliance/nist_800_53.json +324 -0
icdev/data/context/compliance/nist_ai_600_1_genai.json +326 -0
icdev/data/context/compliance/nist_ai_rmf.json +206 -0
icdev/data/context/compliance/nist_sp_800_60_types.json +1667 -0
icdev/data/context/compliance/omb_m25_21_high_impact_ai.json +248 -0
icdev/data/context/compliance/omb_m26_04_unbiased_ai.json +262 -0
icdev/data/context/compliance/owasp_agentic_asi.json +133 -0
icdev/data/context/compliance/owasp_agentic_threats.json +285 -0
icdev/data/context/compliance/owasp_llm_top10.json +274 -0
icdev/data/context/compliance/pci_dss_v4.json +510 -0
icdev/data/context/compliance/poam_template.md +117 -0
icdev/data/context/compliance/safeai_controls.json +512 -0
icdev/data/context/compliance/sbd_report_template.md +77 -0
icdev/data/context/compliance/siem_config_templates/__init__.py +1 -0
icdev/data/context/compliance/siem_config_templates/filebeat.yml +213 -0
icdev/data/context/compliance/siem_config_templates/log_sources.json +208 -0
icdev/data/context/compliance/soc2_trust_criteria.json +661 -0
icdev/data/context/compliance/ssp_template.md +432 -0
icdev/data/context/compliance/stig_templates/__init__.py +1 -0
icdev/data/context/compliance/stig_templates/webapp_stig.json +139 -0
icdev/data/context/compliance/xai_requirements.json +108 -0
icdev/data/context/dashboard/__init__.py +1 -0
icdev/data/context/dashboard/nlq_examples.json +50 -0
icdev/data/context/dashboard/schema_descriptions.json +23 -0
icdev/data/context/integration/__init__.py +1 -0
icdev/data/context/integration/approval_workflows.json +32 -0
icdev/data/context/integration/gitlab_field_mappings.json +33 -0
icdev/data/context/integration/jira_field_mappings.json +32 -0
icdev/data/context/integration/reqif_export_schema.json +23 -0
icdev/data/context/integration/servicenow_field_mappings.json +22 -0
icdev/data/context/languages/__init__.py +1 -0
icdev/data/context/languages/framework_patterns.json +205 -0
icdev/data/context/languages/language_registry.json +279 -0
icdev/data/context/llm/__init__.py +1 -0
icdev/data/context/llm/example_provider.py +86 -0
icdev/data/context/mbse/__init__.py +1 -0
icdev/data/context/mbse/des_report_template.md +162 -0
icdev/data/context/mbse/des_requirements.json +411 -0
icdev/data/context/mbse/digital_thread_patterns.json +403 -0
icdev/data/context/mbse/reqif_schema.json +280 -0
icdev/data/context/mbse/sysml_element_types.json +432 -0
icdev/data/context/modernization/__init__.py +1 -0
icdev/data/context/modernization/db_type_mappings.json +148 -0
icdev/data/context/modernization/decomposition_patterns.json +284 -0
icdev/data/context/modernization/framework_migration_patterns.json +359 -0
icdev/data/context/modernization/migration_report_template.md +168 -0
icdev/data/context/modernization/seven_rs_catalog.json +369 -0
icdev/data/context/modernization/version_upgrade_rules.json +279 -0
icdev/data/context/oscal/NIST_SP-800-53_rev5_catalog.json +254987 -0
icdev/data/context/oscal/README.md +43 -0
icdev/data/context/patterns/__init__.py +1 -0
icdev/data/context/profiles/__init__.py +1 -0
icdev/data/context/profiles/dod_baseline_v1.yaml +145 -0
icdev/data/context/profiles/fedramp_baseline_v1.yaml +143 -0
icdev/data/context/profiles/financial_baseline_v1.yaml +142 -0
icdev/data/context/profiles/healthcare_baseline_v1.yaml +135 -0
icdev/data/context/profiles/law_enforcement_v1.yaml +129 -0
icdev/data/context/profiles/startup_v1.yaml +134 -0
icdev/data/context/requirements/__init__.py +1 -0
icdev/data/context/requirements/ambiguity_patterns.json +97 -0
icdev/data/context/requirements/boundary_impact_rules.json +123 -0
icdev/data/context/requirements/default_constitutions.json +67 -0
icdev/data/context/requirements/document_extraction_rules.json +58 -0
icdev/data/context/requirements/gap_patterns.json +108 -0
icdev/data/context/requirements/readiness_rubric.json +78 -0
icdev/data/context/requirements/red_alternative_patterns.json +210 -0
icdev/data/context/requirements/safe_templates.json +72 -0
icdev/data/context/requirements/spec_quality_checklist.json +122 -0
icdev/data/context/simulation/__init__.py +1 -0
icdev/data/context/simulation/architecture_patterns.json +36 -0
icdev/data/context/simulation/coa_templates.json +38 -0
icdev/data/context/simulation/cost_models.json +23 -0
icdev/data/context/simulation/risk_categories.json +46 -0
icdev/data/context/supply_chain/__init__.py +1 -0
icdev/data/context/supply_chain/isa_templates.json +129 -0
icdev/data/context/supply_chain/nist_800_161_controls.json +247 -0
icdev/data/context/supply_chain/scrm_risk_matrix.json +147 -0
icdev/data/context/templates/__init__.py +1 -0
icdev/data/context/templates/ansible/__init__.py +1 -0
icdev/data/context/templates/ansible/playbooks/__init__.py +1 -0
icdev/data/context/templates/ansible/roles/__init__.py +1 -0
icdev/data/context/templates/gitlab_ci/__init__.py +1 -0
icdev/data/context/templates/grafana/__init__.py +1 -0
icdev/data/context/templates/kubernetes/__init__.py +1 -0
icdev/data/context/templates/project/__init__.py +1 -0
icdev/data/context/templates/project/api/__init__.py +1 -0
icdev/data/context/templates/project/cli/__init__.py +1 -0
icdev/data/context/templates/project/data_pipeline/__init__.py +1 -0
icdev/data/context/templates/project/iac/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/src/__init__.py +1 -0
icdev/data/context/templates/project/javascript_frontend/tests/__init__.py +1 -0
icdev/data/context/templates/project/microservice/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/src/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/features/__init__.py +1 -0
icdev/data/context/templates/project/python_backend/tests/steps/__init__.py +1 -0
icdev/data/context/templates/terraform/__init__.py +1 -0
icdev/data/context/templates/terraform/govcloud_base/__init__.py +1 -0
icdev/data/context/templates/terraform/modules/__init__.py +1 -0
icdev/data/context/tone/__init__.py +1 -0
icdev/data/context/translation/dependency_mappings.json +186 -0
icdev/data/context/translation/type_mappings.json +149 -0
icdev/data/docs/README.md +187 -0
icdev/data/docs/__init__.py +1 -0
icdev/data/docs/admin/gateway-guide.md +338 -0
icdev/data/docs/admin/marketplace-guide.md +396 -0
icdev/data/docs/admin/monitoring-guide.md +509 -0
icdev/data/docs/architecture/compliance-framework.md +764 -0
icdev/data/docs/architecture/database-schema.md +689 -0
icdev/data/docs/architecture/gotcha-framework.md +518 -0
icdev/data/docs/architecture/multi-agent-system.md +603 -0
icdev/data/docs/dx/README.md +106 -0
icdev/data/docs/dx/__init__.py +1 -0
icdev/data/docs/dx/ci-cd-integration.md +378 -0
icdev/data/docs/dx/claude-code-guide.md +213 -0
icdev/data/docs/dx/companion-guide.md +232 -0
icdev/data/docs/dx/dev-profiles.md +309 -0
icdev/data/docs/dx/icdev-yaml-spec.md +219 -0
icdev/data/docs/dx/integration-tiers.md +279 -0
icdev/data/docs/dx/llm-routing-guide.md +456 -0
icdev/data/docs/dx/quickstart.md +192 -0
icdev/data/docs/dx/sdk-reference.md +356 -0
icdev/data/docs/dx/unified-mcp-setup.md +525 -0
icdev/data/docs/features/__init__.py +1 -0
icdev/data/docs/features/phase-01-gotcha-framework.md +249 -0
icdev/data/docs/features/phase-02-atlas-build-workflow.md +223 -0
icdev/data/docs/features/phase-03-tdd-bdd-testing.md +261 -0
icdev/data/docs/features/phase-04-nist-compliance.md +255 -0
icdev/data/docs/features/phase-05-security-scanning.md +229 -0
icdev/data/docs/features/phase-06-infrastructure-deployment.md +288 -0
icdev/data/docs/features/phase-07-code-review-gates.md +276 -0
icdev/data/docs/features/phase-08-self-healing.md +223 -0
icdev/data/docs/features/phase-09-monitoring-observability.md +230 -0
icdev/data/docs/features/phase-10-dashboard-web-ui.md +218 -0
icdev/data/docs/features/phase-11-multi-agent-architecture.md +272 -0
icdev/data/docs/features/phase-12-integration-testing.md +228 -0
icdev/data/docs/features/phase-13-cicd-integration.md +257 -0
icdev/data/docs/features/phase-14-secure-by-design-ivv.md +240 -0
icdev/data/docs/features/phase-15-maintenance-audit.md +192 -0
icdev/data/docs/features/phase-16-ato-acceleration.md +228 -0
icdev/data/docs/features/phase-17-multi-framework-compliance.md +223 -0
icdev/data/docs/features/phase-18-mbse-integration.md +242 -0
icdev/data/docs/features/phase-19-agentic-generation.md +202 -0
icdev/data/docs/features/phase-20-fips-security-categorization.md +198 -0
icdev/data/docs/features/phase-21-saas-multi-tenancy.md +273 -0
icdev/data/docs/features/phase-22-federated-gotcha-marketplace.md +242 -0
icdev/data/docs/features/phase-23-universal-compliance-platform.md +238 -0
icdev/data/docs/features/phase-24-devsecops-pipeline-security.md +198 -0
icdev/data/docs/features/phase-25-zero-trust-architecture.md +220 -0
icdev/data/docs/features/phase-26-dod-mosa.md +205 -0
icdev/data/docs/features/phase-27-cli-capabilities.md +222 -0
icdev/data/docs/features/phase-28-remote-command-gateway.md +235 -0
icdev/data/docs/features/phase-29-proactive-monitoring.md +212 -0
icdev/data/docs/features/phase-30-dashboard-auth.md +215 -0
icdev/data/docs/features/phase-31-dashboard-ux-low-impact.md +188 -0
icdev/data/docs/features/phase-32-dashboard-ux-medium-impact.md +223 -0
icdev/data/docs/features/phase-33-modular-installation.md +218 -0
icdev/data/docs/features/phase-34-dev-profiles.md +239 -0
icdev/data/docs/features/phase-35-innovation-engine.md +257 -0
icdev/data/docs/features/phase-36-evolutionary-intelligence.md +351 -0
icdev/data/docs/features/phase-37-mitre-atlas-integration.md +485 -0
icdev/data/docs/features/phase-38-cloud-agnostic-architecture.md +1033 -0
icdev/data/docs/features/phase-39-observability-operations.md +178 -0
icdev/data/docs/features/phase-40-nlq-compliance-queries.md +176 -0
icdev/data/docs/features/phase-41-parallel-cicd.md +169 -0
icdev/data/docs/features/phase-42-framework-planning.md +177 -0
icdev/data/docs/features/phase-43-cross-language-translation.md +225 -0
icdev/data/docs/features/phase-44-innovation-adaptation.md +227 -0
icdev/data/docs/features/phase-45-owasp-agentic-security.md +239 -0
icdev/data/docs/features/phase-46-observability-traceability-xai.md +240 -0
icdev/data/docs/features/phase-47-unified-mcp-gateway.md +257 -0
icdev/data/docs/features/phase-48-ai-transparency.md +203 -0
icdev/data/docs/features/phase-49-ai-accountability.md +243 -0
icdev/data/docs/features/phase-50-ai-governance-intake-chat.md +195 -0
icdev/data/docs/features/phase-51-unified-chat-dashboard.md +240 -0
icdev/data/docs/features/phase-52-code-intelligence.md +244 -0
icdev/data/docs/features/phase-53-fedramp-20x-owasp-asi.md +359 -0
icdev/data/docs/features/phase-54-slsa-swft-orchestration.md +379 -0
icdev/data/docs/features/phase-55-a2a-v03-mcp-oauth.md +322 -0
icdev/data/docs/features/phase-56-evidence-lineage.md +352 -0
icdev/data/docs/features/phase-57-eu-ai-act-iron-bank.md +319 -0
icdev/data/docs/features/phase-58-creative-engine.md +370 -0
icdev/data/docs/features/phase-59-govcon-intelligence.md +535 -0
icdev/data/docs/features/phase-60-cpmp.md +528 -0
icdev/data/docs/features/phase-61-orchestration-improvements.md +534 -0
icdev/data/docs/operations/dashboard-guide.md +354 -0
icdev/data/docs/operations/deployment-guide.md +556 -0
icdev/data/docs/operations/saas-admin-guide.md +439 -0
icdev/data/docs/operations/security-operations-guide.md +733 -0
icdev/data/docs/runbooks/backup-restore.md +412 -0
icdev/data/docs/runbooks/troubleshooting.md +499 -0
icdev/data/features/__init__.py +1 -0
icdev/data/features/cicd_integration.feature +41 -0
icdev/data/features/compliance_gates.feature +46 -0
icdev/data/features/dashboard.feature +72 -0
icdev/data/features/environment.py +25 -0
icdev/data/features/project_management.feature +32 -0
icdev/data/features/requirements_intake.feature +42 -0
icdev/data/features/saas_platform.feature +53 -0
icdev/data/features/security_scanning.feature +36 -0
icdev/data/features/steps/__init__.py +1 -0
icdev/data/features/steps/cicd_steps.py +465 -0
icdev/data/features/steps/compliance_steps.py +308 -0
icdev/data/features/steps/dashboard_steps.py +88 -0
icdev/data/features/steps/project_steps.py +126 -0
icdev/data/features/steps/requirements_intake_steps.py +689 -0
icdev/data/features/steps/saas_platform_steps.py +572 -0
icdev/data/features/steps/security_steps.py +236 -0
icdev/data/features/steps/testing_steps.py +226 -0
icdev/data/features/testing_pipeline.feature +42 -0
icdev/data/goals/__init__.py +1 -0
icdev/data/goals/agent_management.md +144 -0
icdev/data/goals/agentic_generation.md +345 -0
icdev/data/goals/agentic_threat_model.md +309 -0
icdev/data/goals/ai_accountability.md +90 -0
icdev/data/goals/ai_governance_intake.md +132 -0
icdev/data/goals/ai_transparency.md +76 -0
icdev/data/goals/atlas_integration.md +405 -0
icdev/data/goals/ato_acceleration.md +139 -0
icdev/data/goals/boundary_supply_chain.md +206 -0
icdev/data/goals/build_app.md +544 -0
icdev/data/goals/cicd_integration.md +86 -0
icdev/data/goals/claude_dir_maintenance.md +77 -0
icdev/data/goals/cli_capabilities.md +340 -0
icdev/data/goals/cloud_agnostic.md +312 -0
icdev/data/goals/code_intelligence.md +197 -0
icdev/data/goals/code_review.md +94 -0
icdev/data/goals/compliance_workflow.md +858 -0
icdev/data/goals/continuous_harmonization.md +140 -0
icdev/data/goals/cross_language_translation.md +171 -0
icdev/data/goals/dashboard.md +142 -0
icdev/data/goals/deploy_workflow.md +390 -0
icdev/data/goals/devsecops_workflow.md +408 -0
icdev/data/goals/evolutionary_intelligence.md +305 -0
icdev/data/goals/external_integration.md +113 -0
icdev/data/goals/framework_planning.md +63 -0
icdev/data/goals/init_project.md +235 -0
icdev/data/goals/innovation_engine.md +199 -0
icdev/data/goals/integration_testing.md +189 -0
icdev/data/goals/maintenance_audit.md +196 -0
icdev/data/goals/manifest.md +56 -0
icdev/data/goals/mbse_integration.md +504 -0
icdev/data/goals/modernization_workflow.md +618 -0
icdev/data/goals/monitoring.md +126 -0
icdev/data/goals/mosa_workflow.md +463 -0
icdev/data/goals/multi_agent_orchestration.md +68 -0
icdev/data/goals/nlq_compliance.md +63 -0
icdev/data/goals/observability.md +64 -0
icdev/data/goals/observability_traceability_xai.md +154 -0
icdev/data/goals/owasp_agentic_security.md +395 -0
icdev/data/goals/parallel_cicd.md +61 -0
icdev/data/goals/requirements_intake.md +213 -0
icdev/data/goals/sbd_ivv_workflow.md +195 -0
icdev/data/goals/security_categorization.md +133 -0
icdev/data/goals/security_scan.md +381 -0
icdev/data/goals/self_healing.md +120 -0
icdev/data/goals/simulation_engine.md +111 -0
icdev/data/goals/tdd_workflow.md +403 -0
icdev/data/goals/zero_trust_architecture.md +403 -0
icdev/data/hardprompts/__init__.py +1 -0
icdev/data/hardprompts/agent/__init__.py +1 -0
icdev/data/hardprompts/agent/agentic_architect.md +100 -0
icdev/data/hardprompts/agent/debate_prompt.md +32 -0
icdev/data/hardprompts/agent/fitness_evaluation.md +48 -0
icdev/data/hardprompts/agent/governance_review.md +214 -0
icdev/data/hardprompts/agent/reviewer_prompt.md +34 -0
icdev/data/hardprompts/agent/skill_design.md +172 -0
icdev/data/hardprompts/agent/task_decomposition.md +275 -0
icdev/data/hardprompts/agent/veto_check_prompt.md +33 -0
icdev/data/hardprompts/architect/__init__.py +1 -0
icdev/data/hardprompts/architect/api_design.md +283 -0
icdev/data/hardprompts/architect/data_model.md +277 -0
icdev/data/hardprompts/architect/system_design.md +180 -0
icdev/data/hardprompts/builder/__init__.py +1 -0
icdev/data/hardprompts/builder/code_generation.md +59 -0
icdev/data/hardprompts/builder/refactor.md +58 -0
icdev/data/hardprompts/builder/scaffold_project.md +69 -0
icdev/data/hardprompts/builder/test_generation.md +87 -0
icdev/data/hardprompts/ci/__init__.py +1 -0
icdev/data/hardprompts/ci/worktree_setup.md +35 -0
icdev/data/hardprompts/compliance/__init__.py +1 -0
icdev/data/hardprompts/compliance/cmmc_assessment.md +63 -0
icdev/data/hardprompts/compliance/cssp_assessment.md +75 -0
icdev/data/hardprompts/compliance/cui_marking.md +86 -0
icdev/data/hardprompts/compliance/fedramp_assessment.md +55 -0
icdev/data/hardprompts/compliance/ivv_assessment.md +96 -0
icdev/data/hardprompts/compliance/poam_generation.md +57 -0
icdev/data/hardprompts/compliance/sbd_assessment.md +101 -0
icdev/data/hardprompts/compliance/security_categorization.md +74 -0
icdev/data/hardprompts/compliance/ssp_generation.md +56 -0
icdev/data/hardprompts/compliance/stig_evaluation.md +63 -0
icdev/data/hardprompts/dashboard/__init__.py +1 -0
icdev/data/hardprompts/dashboard/nlq_system_prompt.md +26 -0
icdev/data/hardprompts/infra/__init__.py +1 -0
icdev/data/hardprompts/infra/k8s_manifests.md +118 -0
icdev/data/hardprompts/infra/pipeline_generation.md +160 -0
icdev/data/hardprompts/infra/terraform_generation.md +92 -0
icdev/data/hardprompts/integration/__init__.py +1 -0
icdev/data/hardprompts/integration/approval_review.md +17 -0
icdev/data/hardprompts/integration/jira_mapping.md +25 -0
icdev/data/hardprompts/integration/servicenow_mapping.md +14 -0
icdev/data/hardprompts/knowledge/__init__.py +1 -0
icdev/data/hardprompts/knowledge/pattern_detection.md +73 -0
icdev/data/hardprompts/knowledge/recommendation_engine.md +90 -0
icdev/data/hardprompts/knowledge/root_cause_analysis.md +91 -0
icdev/data/hardprompts/maintenance/__init__.py +1 -0
icdev/data/hardprompts/maintenance/maintenance_assessment.md +82 -0
icdev/data/hardprompts/mbse/__init__.py +1 -0
icdev/data/hardprompts/mbse/digital_thread.md +67 -0
icdev/data/hardprompts/mbse/model_import.md +62 -0
icdev/data/hardprompts/mbse/model_to_code.md +65 -0
icdev/data/hardprompts/modernization/__init__.py +1 -0
icdev/data/hardprompts/modernization/legacy_analysis.md +93 -0
icdev/data/hardprompts/modernization/migration_planning.md +150 -0
icdev/data/hardprompts/modernization/seven_r_assessment.md +107 -0
icdev/data/hardprompts/requirements/__init__.py +1 -0
icdev/data/hardprompts/requirements/bdd_generation.md +35 -0
icdev/data/hardprompts/requirements/clarification_prioritization.md +29 -0
icdev/data/hardprompts/requirements/decomposition.md +60 -0
icdev/data/hardprompts/requirements/document_extraction.md +45 -0
icdev/data/hardprompts/requirements/gap_detection.md +70 -0
icdev/data/hardprompts/requirements/intake_conversation.md +101 -0
icdev/data/hardprompts/requirements/readiness_assessment.md +39 -0
icdev/data/hardprompts/requirements/spec_quality.md +33 -0
icdev/data/hardprompts/requirements/traceability_analysis.md +23 -0
icdev/data/hardprompts/security/__init__.py +1 -0
icdev/data/hardprompts/security/endpoint_security.md +78 -0
icdev/data/hardprompts/security/threat_model.md +70 -0
icdev/data/hardprompts/security/vulnerability_assessment.md +81 -0
icdev/data/hardprompts/simulation/__init__.py +1 -0
icdev/data/hardprompts/simulation/architecture_impact.md +27 -0
icdev/data/hardprompts/simulation/coa_alternative.md +27 -0
icdev/data/hardprompts/simulation/coa_generation.md +25 -0
icdev/data/hardprompts/simulation/compliance_impact.md +28 -0
icdev/data/hardprompts/simulation/cost_estimation.md +33 -0
icdev/data/hardprompts/simulation/risk_assessment.md +28 -0
icdev/data/hardprompts/translation/code_translation.md +68 -0
icdev/data/hardprompts/translation/dependency_suggestion.md +44 -0
icdev/data/hardprompts/translation/test_translation.md +64 -0
icdev/data/hardprompts/translation/translation_repair.md +59 -0
icdev/py.typed +0 -0
icdev/tools/__init__.py +1 -0
icdev/tools/_gen_formatter.py +12 -0
icdev/tools/a2a/__init__.py +1 -0
icdev/tools/a2a/agent_cards/architect.json +43 -0
icdev/tools/a2a/agent_cards/builder.json +50 -0
icdev/tools/a2a/agent_cards/compliance.json +57 -0
icdev/tools/a2a/agent_cards/devsecops.json +71 -0
icdev/tools/a2a/agent_cards/infra.json +57 -0
icdev/tools/a2a/agent_cards/integration.json +57 -0
icdev/tools/a2a/agent_cards/knowledge.json +43 -0
icdev/tools/a2a/agent_cards/mbse.json +57 -0
icdev/tools/a2a/agent_cards/modernization.json +50 -0
icdev/tools/a2a/agent_cards/monitor.json +43 -0
icdev/tools/a2a/agent_cards/orchestrator.json +36 -0
icdev/tools/a2a/agent_cards/requirements_analyst.json +64 -0
icdev/tools/a2a/agent_cards/security.json +50 -0
icdev/tools/a2a/agent_cards/simulation.json +57 -0
icdev/tools/a2a/agent_cards/supply_chain.json +50 -0
icdev/tools/a2a/agent_client.py +349 -0
icdev/tools/a2a/agent_registry.py +412 -0
icdev/tools/a2a/agent_server.py +579 -0
icdev/tools/a2a/task.py +200 -0
icdev/tools/agent/__init__.py +2 -0
icdev/tools/agent/a2a_agent_card_generator.py +285 -0
icdev/tools/agent/a2a_discovery_server.py +250 -0
icdev/tools/agent/agent_executor.py +529 -0
icdev/tools/agent/agent_memory.py +557 -0
icdev/tools/agent/agent_models.py +51 -0
icdev/tools/agent/atlas_critique.py +908 -0
icdev/tools/agent/authority.py +443 -0
icdev/tools/agent/bedrock_client.py +1075 -0
icdev/tools/agent/collaboration.py +871 -0
icdev/tools/agent/dispatcher_mode.py +665 -0
icdev/tools/agent/mailbox.py +575 -0
icdev/tools/agent/prompt_chain_executor.py +1064 -0
icdev/tools/agent/session_purpose.py +350 -0
icdev/tools/agent/skill_router.py +638 -0
icdev/tools/agent/skill_selector.py +486 -0
icdev/tools/agent/team_orchestrator.py +1108 -0
icdev/tools/agent/token_tracker.py +290 -0
icdev/tools/analysis/__init__.py +1 -0
icdev/tools/analysis/code_analyzer.py +780 -0
icdev/tools/analysis/runtime_feedback.py +389 -0
icdev/tools/audit/__init__.py +1 -0
icdev/tools/audit/audit_logger.py +196 -0
icdev/tools/audit/audit_query.py +157 -0
icdev/tools/audit/decision_recorder.py +72 -0
icdev/tools/builder/__init__.py +1 -0
icdev/tools/builder/agentic_fitness.py +534 -0
icdev/tools/builder/agentic_test_templates/test_a2a_callback.py +117 -0
icdev/tools/builder/agentic_test_templates/test_a2a_lifecycle.feature +52 -0
icdev/tools/builder/agentic_test_templates/test_agent_card.feature +37 -0
icdev/tools/builder/agentic_test_templates/test_agent_health.py +128 -0
icdev/tools/builder/agentic_test_templates/test_memory_system.feature +50 -0
icdev/tools/builder/agentic_test_templates/test_skill_execution.feature +40 -0
icdev/tools/builder/app_blueprint.py +1583 -0
icdev/tools/builder/child_app_generator.py +2852 -0
icdev/tools/builder/claude_md_generator.py +1734 -0
icdev/tools/builder/code_generator.py +3703 -0
icdev/tools/builder/db_init_generator.py +1709 -0
icdev/tools/builder/dev_profile_manager.py +954 -0
icdev/tools/builder/formatter.py +768 -0
icdev/tools/builder/goal_adapter.py +592 -0
icdev/tools/builder/gotcha_validator.py +812 -0
icdev/tools/builder/language_support.py +441 -0
icdev/tools/builder/linter.py +976 -0
icdev/tools/builder/profile_detector.py +657 -0
icdev/tools/builder/profile_md_generator.py +723 -0
icdev/tools/builder/scaffolder.py +1590 -0
icdev/tools/builder/scaffolder_extended.py +1771 -0
icdev/tools/builder/test_writer.py +950 -0
icdev/tools/ci/__init__.py +2 -0
icdev/tools/ci/connectors/__init__.py +2 -0
icdev/tools/ci/connectors/base_connector.py +80 -0
icdev/tools/ci/connectors/connector_registry.py +188 -0
icdev/tools/ci/connectors/mattermost_connector.py +159 -0
icdev/tools/ci/connectors/slack_connector.py +197 -0
icdev/tools/ci/core/__init__.py +2 -0
icdev/tools/ci/core/air_gap_detector.py +115 -0
icdev/tools/ci/core/comment_handler.py +192 -0
icdev/tools/ci/core/conversation_manager.py +479 -0
icdev/tools/ci/core/event_envelope.py +500 -0
icdev/tools/ci/core/event_router.py +443 -0
icdev/tools/ci/core/failure_parser.py +397 -0
icdev/tools/ci/core/recovery_engine.py +527 -0
icdev/tools/ci/modules/__init__.py +2 -0
icdev/tools/ci/modules/agent.py +271 -0
icdev/tools/ci/modules/git_ops.py +175 -0
icdev/tools/ci/modules/state.py +117 -0
icdev/tools/ci/modules/vcs.py +303 -0
icdev/tools/ci/modules/workflow_ops.py +295 -0
icdev/tools/ci/modules/worktree.py +340 -0
icdev/tools/ci/pipeline_config_generator.py +558 -0
icdev/tools/ci/triggers/__init__.py +2 -0
icdev/tools/ci/triggers/gitlab_task_monitor.py +330 -0
icdev/tools/ci/triggers/poll_trigger.py +237 -0
icdev/tools/ci/triggers/webhook_server.py +356 -0
icdev/tools/ci/workflows/__init__.py +2 -0
icdev/tools/ci/workflows/icdev_build.py +140 -0
icdev/tools/ci/workflows/icdev_comply.py +284 -0
icdev/tools/ci/workflows/icdev_document.py +152 -0
icdev/tools/ci/workflows/icdev_e2e.py +188 -0
icdev/tools/ci/workflows/icdev_patch.py +186 -0
icdev/tools/ci/workflows/icdev_plan.py +202 -0
icdev/tools/ci/workflows/icdev_plan_build.py +41 -0
icdev/tools/ci/workflows/icdev_plan_build_test.py +46 -0
icdev/tools/ci/workflows/icdev_plan_build_test_review.py +47 -0
icdev/tools/ci/workflows/icdev_review.py +126 -0
icdev/tools/ci/workflows/icdev_sdlc.py +261 -0
icdev/tools/ci/workflows/icdev_test.py +240 -0
icdev/tools/cli/__init__.py +1 -0
icdev/tools/cli/output_formatter.py +756 -0
icdev/tools/cli_formatter.py +42 -0
icdev/tools/cloud/__init__.py +11 -0
icdev/tools/cloud/cloud_mode_manager.py +364 -0
icdev/tools/cloud/csp_changelog.py +383 -0
icdev/tools/cloud/csp_health_checker.py +268 -0
icdev/tools/cloud/csp_monitor.py +951 -0
icdev/tools/cloud/iam_provider.py +593 -0
icdev/tools/cloud/kms_provider.py +346 -0
icdev/tools/cloud/monitoring_provider.py +628 -0
icdev/tools/cloud/provider_factory.py +376 -0
icdev/tools/cloud/region_validator.py +345 -0
icdev/tools/cloud/registry_provider.py +563 -0
icdev/tools/cloud/secrets_provider.py +486 -0
icdev/tools/cloud/storage_provider.py +446 -0
icdev/tools/compat/__init__.py +21 -0
icdev/tools/compat/cli_harmonizer.py +251 -0
icdev/tools/compat/datetime_utils.py +18 -0
icdev/tools/compat/db_utils.py +160 -0
icdev/tools/compat/platform_utils.py +123 -0
icdev/tools/compliance/__init__.py +1 -0
icdev/tools/compliance/accountability_manager.py +397 -0
icdev/tools/compliance/ai_accountability_audit.py +294 -0
icdev/tools/compliance/ai_impact_assessor.py +273 -0
icdev/tools/compliance/ai_incident_response.py +301 -0
icdev/tools/compliance/ai_inventory_manager.py +239 -0
icdev/tools/compliance/ai_reassessment_scheduler.py +256 -0
icdev/tools/compliance/ai_transparency_audit.py +248 -0
icdev/tools/compliance/atlas_assessor.py +278 -0
icdev/tools/compliance/atlas_report_generator.py +1211 -0
icdev/tools/compliance/base_assessor.py +597 -0
icdev/tools/compliance/cato_monitor.py +1385 -0
icdev/tools/compliance/cato_scheduler.py +699 -0
icdev/tools/compliance/cjis_assessor.py +76 -0
icdev/tools/compliance/classification_manager.py +1353 -0
icdev/tools/compliance/cmmc_assessor.py +1491 -0
icdev/tools/compliance/cmmc_report_generator.py +1100 -0
icdev/tools/compliance/compliance_detector.py +463 -0
icdev/tools/compliance/compliance_exporter.py +427 -0
icdev/tools/compliance/compliance_status.py +825 -0
icdev/tools/compliance/control_mapper.py +505 -0
icdev/tools/compliance/crosswalk_engine.py +1203 -0
icdev/tools/compliance/cssp_assessor.py +1045 -0
icdev/tools/compliance/cssp_evidence_collector.py +729 -0
icdev/tools/compliance/cssp_report_generator.py +1116 -0
icdev/tools/compliance/cui_marker.py +388 -0
icdev/tools/compliance/diagram_validator.py +600 -0
icdev/tools/compliance/emass/__init__.py +2 -0
icdev/tools/compliance/emass/emass_client.py +840 -0
icdev/tools/compliance/emass/emass_export.py +777 -0
icdev/tools/compliance/emass/emass_sync.py +826 -0
icdev/tools/compliance/eu_ai_act_classifier.py +194 -0
icdev/tools/compliance/evidence_collector.py +468 -0
icdev/tools/compliance/fairness_assessor.py +316 -0
icdev/tools/compliance/fedramp_assessor.py +1808 -0
icdev/tools/compliance/fedramp_authorization_packager.py +137 -0
icdev/tools/compliance/fedramp_ksi_generator.py +355 -0
icdev/tools/compliance/fedramp_report_generator.py +1128 -0
icdev/tools/compliance/fips199_categorizer.py +881 -0
icdev/tools/compliance/fips200_validator.py +315 -0
icdev/tools/compliance/gao_ai_assessor.py +231 -0
icdev/tools/compliance/gao_evidence_builder.py +308 -0
icdev/tools/compliance/hipaa_assessor.py +78 -0
icdev/tools/compliance/hitrust_assessor.py +49 -0
icdev/tools/compliance/incident_response_plan.py +718 -0
icdev/tools/compliance/iso27001_assessor.py +92 -0
icdev/tools/compliance/iso42001_assessor.py +114 -0
icdev/tools/compliance/ivv_assessor.py +2327 -0
icdev/tools/compliance/ivv_report_generator.py +1662 -0
icdev/tools/compliance/model_card_generator.py +297 -0
icdev/tools/compliance/mosa_assessor.py +117 -0
icdev/tools/compliance/multi_regime_assessor.py +451 -0
icdev/tools/compliance/narrative_generator.py +1013 -0
icdev/tools/compliance/nist_800_207_assessor.py +191 -0
icdev/tools/compliance/nist_ai_600_1_assessor.py +188 -0
icdev/tools/compliance/nist_ai_rmf_assessor.py +110 -0
icdev/tools/compliance/nist_lookup.py +245 -0
icdev/tools/compliance/omb_m25_21_assessor.py +228 -0
icdev/tools/compliance/omb_m26_04_assessor.py +188 -0
icdev/tools/compliance/oscal_catalog_adapter.py +395 -0
icdev/tools/compliance/oscal_generator.py +2170 -0
icdev/tools/compliance/oscal_tools.py +1182 -0
icdev/tools/compliance/owasp_agentic_assessor.py +226 -0
icdev/tools/compliance/owasp_asi_assessor.py +200 -0
icdev/tools/compliance/owasp_llm_assessor.py +244 -0
icdev/tools/compliance/pci_dss_assessor.py +80 -0
icdev/tools/compliance/pi_compliance_tracker.py +1461 -0
icdev/tools/compliance/poam_generator.py +405 -0
icdev/tools/compliance/resolve_marking.py +283 -0
icdev/tools/compliance/sbd_assessor.py +2068 -0
icdev/tools/compliance/sbd_report_generator.py +1236 -0
icdev/tools/compliance/sbom_generator.py +1008 -0
icdev/tools/compliance/siem_config_generator.py +674 -0
icdev/tools/compliance/slsa_attestation_generator.py +490 -0
icdev/tools/compliance/soc2_assessor.py +77 -0
icdev/tools/compliance/ssp_generator.py +573 -0
icdev/tools/compliance/stig_checker.py +727 -0
icdev/tools/compliance/swft_evidence_bundler.py +337 -0
icdev/tools/compliance/system_card_generator.py +309 -0
icdev/tools/compliance/traceability_matrix.py +1281 -0
icdev/tools/compliance/universal_classification_manager.py +1172 -0
icdev/tools/compliance/xacta/__init__.py +2 -0
icdev/tools/compliance/xacta/xacta_client.py +449 -0
icdev/tools/compliance/xacta/xacta_export.py +557 -0
icdev/tools/compliance/xacta/xacta_sync.py +333 -0
icdev/tools/compliance/xai_assessor.py +231 -0
icdev/tools/dashboard/__init__.py +1 -0
icdev/tools/dashboard/api/__init__.py +1 -0
icdev/tools/dashboard/api/_pipeline_state.py +17 -0
icdev/tools/dashboard/api/activity.py +206 -0
icdev/tools/dashboard/api/admin.py +176 -0
icdev/tools/dashboard/api/agents.py +53 -0
icdev/tools/dashboard/api/ai_accountability.py +163 -0
icdev/tools/dashboard/api/ai_transparency.py +198 -0
icdev/tools/dashboard/api/audit.py +58 -0
icdev/tools/dashboard/api/batch.py +666 -0
icdev/tools/dashboard/api/chat.py +241 -0
icdev/tools/dashboard/api/cicd.py +219 -0
icdev/tools/dashboard/api/code_quality.py +223 -0
icdev/tools/dashboard/api/compliance.py +171 -0
icdev/tools/dashboard/api/cpmp.py +915 -0
icdev/tools/dashboard/api/diagrams.py +65 -0
icdev/tools/dashboard/api/events.py +250 -0
icdev/tools/dashboard/api/evidence.py +99 -0
icdev/tools/dashboard/api/fedramp_20x.py +77 -0
icdev/tools/dashboard/api/govcon.py +1095 -0
icdev/tools/dashboard/api/intake.py +1171 -0
icdev/tools/dashboard/api/lineage.py +163 -0
icdev/tools/dashboard/api/metrics.py +155 -0
icdev/tools/dashboard/api/nlq.py +72 -0
icdev/tools/dashboard/api/orchestration.py +472 -0
icdev/tools/dashboard/api/oscal.py +183 -0
icdev/tools/dashboard/api/prod_audit.py +183 -0
icdev/tools/dashboard/api/projects.py +191 -0
icdev/tools/dashboard/api/proposals.py +1084 -0
icdev/tools/dashboard/api/traces.py +363 -0
icdev/tools/dashboard/api/usage.py +234 -0
icdev/tools/dashboard/app.py +1986 -0
icdev/tools/dashboard/auth.py +500 -0
icdev/tools/dashboard/byok.py +245 -0
icdev/tools/dashboard/chat_manager.py +675 -0
icdev/tools/dashboard/config.py +116 -0
icdev/tools/dashboard/diagram_definitions.py +642 -0
icdev/tools/dashboard/nlq_processor.py +323 -0
icdev/tools/dashboard/phase_loader.py +136 -0
icdev/tools/dashboard/sse_manager.py +89 -0
icdev/tools/dashboard/state_tracker.py +267 -0
icdev/tools/dashboard/static/css/style.css +706 -0
icdev/tools/dashboard/static/css/ux.css +2047 -0
icdev/tools/dashboard/static/js/activity.js +322 -0
icdev/tools/dashboard/static/js/api.js +161 -0
icdev/tools/dashboard/static/js/batch.js +814 -0
icdev/tools/dashboard/static/js/charts.js +618 -0
icdev/tools/dashboard/static/js/chat.js +1514 -0
icdev/tools/dashboard/static/js/kanban.js +113 -0
icdev/tools/dashboard/static/js/live.js +569 -0
icdev/tools/dashboard/static/js/mermaid-icdev.js +332 -0
icdev/tools/dashboard/static/js/proposals.js +588 -0
icdev/tools/dashboard/static/js/shortcuts.js +544 -0
icdev/tools/dashboard/static/js/tables.js +652 -0
icdev/tools/dashboard/static/js/tour.js +524 -0
icdev/tools/dashboard/static/js/ux.js +942 -0
icdev/tools/dashboard/templates/404.html +10 -0
icdev/tools/dashboard/templates/activity.html +80 -0
icdev/tools/dashboard/templates/admin/users.html +144 -0
icdev/tools/dashboard/templates/ai_accountability.html +235 -0
icdev/tools/dashboard/templates/ai_transparency.html +263 -0
icdev/tools/dashboard/templates/base.html +104 -0
icdev/tools/dashboard/templates/batch.html +23 -0
icdev/tools/dashboard/templates/chat.html +332 -0
icdev/tools/dashboard/templates/children.html +149 -0
icdev/tools/dashboard/templates/cicd.html +253 -0
icdev/tools/dashboard/templates/code_quality.html +214 -0
icdev/tools/dashboard/templates/cpmp/cor_detail.html +220 -0
icdev/tools/dashboard/templates/cpmp/cor_portal.html +91 -0
icdev/tools/dashboard/templates/cpmp/deliverable_detail.html +197 -0
icdev/tools/dashboard/templates/cpmp/detail.html +578 -0
icdev/tools/dashboard/templates/cpmp/portfolio.html +202 -0
icdev/tools/dashboard/templates/dev_profiles.html +304 -0
icdev/tools/dashboard/templates/diagrams.html +224 -0
icdev/tools/dashboard/templates/events/timeline.html +232 -0
icdev/tools/dashboard/templates/evidence.html +134 -0
icdev/tools/dashboard/templates/fedramp_20x.html +207 -0
icdev/tools/dashboard/templates/gateway.html +244 -0
icdev/tools/dashboard/templates/govcon/capabilities.html +135 -0
icdev/tools/dashboard/templates/govcon/pipeline.html +214 -0
icdev/tools/dashboard/templates/govcon/requirements.html +120 -0
icdev/tools/dashboard/templates/index.html +254 -0
icdev/tools/dashboard/templates/lineage.html +141 -0
icdev/tools/dashboard/templates/login.html +51 -0
icdev/tools/dashboard/templates/monitoring/overview.html +193 -0
icdev/tools/dashboard/templates/orchestration/dashboard.html +545 -0
icdev/tools/dashboard/templates/oscal.html +263 -0
icdev/tools/dashboard/templates/phases.html +150 -0
icdev/tools/dashboard/templates/prod_audit.html +280 -0
icdev/tools/dashboard/templates/profile.html +183 -0
icdev/tools/dashboard/templates/projects/detail.html +583 -0
icdev/tools/dashboard/templates/projects/list.html +47 -0
icdev/tools/dashboard/templates/proposals/detail.html +1253 -0
icdev/tools/dashboard/templates/proposals/list.html +179 -0
icdev/tools/dashboard/templates/proposals/section_detail.html +193 -0
icdev/tools/dashboard/templates/provenance.html +181 -0
icdev/tools/dashboard/templates/query/nlq.html +234 -0
icdev/tools/dashboard/templates/quick_paths.html +69 -0
icdev/tools/dashboard/templates/traces.html +155 -0
icdev/tools/dashboard/templates/translation_detail.html +199 -0
icdev/tools/dashboard/templates/translations.html +162 -0
icdev/tools/dashboard/templates/usage.html +225 -0
icdev/tools/dashboard/templates/wizard.html +539 -0
icdev/tools/dashboard/templates/xai.html +208 -0
icdev/tools/dashboard/ux_helpers.py +962 -0
icdev/tools/dashboard/websocket.py +81 -0
icdev/tools/db/__init__.py +1 -0
icdev/tools/db/backup.py +312 -0
icdev/tools/db/backup_manager.py +832 -0
icdev/tools/db/init_icdev_db.py +5900 -0
icdev/tools/db/migrate.py +178 -0
icdev/tools/db/migration_runner.py +549 -0
icdev/tools/db/migrations/001_baseline/meta.json +9 -0
icdev/tools/db/migrations/001_baseline/up.py +68 -0
icdev/tools/db/migrations/002_memory_enhancements/down.sql +8 -0
icdev/tools/db/migrations/002_memory_enhancements/meta.json +9 -0
icdev/tools/db/migrations/002_memory_enhancements/up.py +118 -0
icdev/tools/db/migrations/003_dev_profiles/meta.json +8 -0
icdev/tools/db/migrations/003_dev_profiles/up.py +93 -0
icdev/tools/db/migrations/004_innovation_engine/down.py +19 -0
icdev/tools/db/migrations/004_innovation_engine/up.py +227 -0
icdev/tools/db/migrations/005_phase_37_ai_security/down.py +19 -0
icdev/tools/db/migrations/005_phase_37_ai_security/up.py +258 -0
icdev/tools/db/migrations/006_phase_36_evolution/down.py +21 -0
icdev/tools/db/migrations/006_phase_36_evolution/up.py +323 -0
icdev/tools/db/migrations/007_phase_38_cloud/down.py +14 -0
icdev/tools/db/migrations/007_phase_38_cloud/up.py +110 -0
icdev/tools/db/migrations/008_phase36_37_integration/up.py +55 -0
icdev/tools/db/migrations/__init__.py +2 -0
icdev/tools/devsecops/__init__.py +2 -0
icdev/tools/devsecops/attestation_manager.py +458 -0
icdev/tools/devsecops/network_segmentation_generator.py +614 -0
icdev/tools/devsecops/pdp_config_generator.py +1256 -0
icdev/tools/devsecops/pipeline_security_generator.py +484 -0
icdev/tools/devsecops/policy_generator.py +653 -0
icdev/tools/devsecops/profile_manager.py +388 -0
icdev/tools/devsecops/service_mesh_generator.py +1073 -0
icdev/tools/devsecops/zta_maturity_scorer.py +368 -0
icdev/tools/devsecops/zta_terraform_generator.py +1303 -0
icdev/tools/dx/__init__.py +3 -0
icdev/tools/dx/companion.py +266 -0
icdev/tools/dx/instruction_generator.py +753 -0
icdev/tools/dx/mcp_config_generator.py +282 -0
icdev/tools/dx/skill_translator.py +425 -0
icdev/tools/dx/tool_detector.py +144 -0
icdev/tools/extensions/__init__.py +21 -0
icdev/tools/extensions/builtins/010_ai_governance_chat.py +277 -0
icdev/tools/extensions/builtins/__init__.py +2 -0
icdev/tools/extensions/extension_manager.py +455 -0
icdev/tools/infra/__init__.py +1 -0
icdev/tools/infra/ansible_generator.py +869 -0
icdev/tools/infra/dockerfile_generator.py +361 -0
icdev/tools/infra/infra_status.py +393 -0
icdev/tools/infra/ironbank_metadata_generator.py +411 -0
icdev/tools/infra/k8s_generator.py +1002 -0
icdev/tools/infra/pipeline_generator.py +832 -0
icdev/tools/infra/rollback.py +400 -0
icdev/tools/infra/terraform_generator.py +1142 -0
icdev/tools/infra/terraform_generator_azure.py +1254 -0
icdev/tools/infra/terraform_generator_gcp.py +953 -0
icdev/tools/infra/terraform_generator_ibm.py +360 -0
icdev/tools/infra/terraform_generator_oci.py +919 -0
icdev/tools/infra/terraform_generator_onprem.py +319 -0
icdev/tools/innovation/__init__.py +8 -0
icdev/tools/innovation/competitive_intel.py +492 -0
icdev/tools/innovation/innovation_manager.py +681 -0
icdev/tools/innovation/introspective_analyzer.py +774 -0
icdev/tools/innovation/register_external_patterns.py +440 -0
icdev/tools/innovation/signal_ranker.py +1038 -0
icdev/tools/innovation/solution_generator.py +697 -0
icdev/tools/innovation/standards_monitor.py +466 -0
icdev/tools/innovation/trend_detector.py +1046 -0
icdev/tools/innovation/triage_engine.py +1149 -0
icdev/tools/innovation/web_scanner.py +894 -0
icdev/tools/installer/__init__.py +1 -0
icdev/tools/installer/compliance_configurator.py +637 -0
icdev/tools/installer/installer.py +1711 -0
icdev/tools/installer/module_registry.py +805 -0
icdev/tools/installer/platform_setup.py +961 -0
icdev/tools/integration/__init__.py +2 -0
icdev/tools/integration/approval_manager.py +561 -0
icdev/tools/integration/doors_exporter.py +627 -0
icdev/tools/integration/gitlab_connector.py +784 -0
icdev/tools/integration/jira_connector.py +774 -0
icdev/tools/integration/servicenow_connector.py +693 -0
icdev/tools/knowledge/__init__.py +1 -0
icdev/tools/knowledge/knowledge_ingest.py +293 -0
icdev/tools/knowledge/pattern_detector.py +693 -0
icdev/tools/knowledge/recommendation_engine.py +461 -0
icdev/tools/knowledge/self_heal_analyzer.py +504 -0
icdev/tools/llm/__init__.py +72 -0
icdev/tools/llm/anthropic_provider.py +170 -0
icdev/tools/llm/azure_openai_provider.py +338 -0
icdev/tools/llm/bedrock_provider.py +315 -0
icdev/tools/llm/embedding_provider.py +438 -0
icdev/tools/llm/gemini_provider.py +381 -0
icdev/tools/llm/ibm_watsonx_provider.py +232 -0
icdev/tools/llm/oci_genai_provider.py +462 -0
icdev/tools/llm/ollama_provider.py +340 -0
icdev/tools/llm/openai_provider.py +225 -0
icdev/tools/llm/provider.py +355 -0
icdev/tools/llm/provider_sdk.py +175 -0
icdev/tools/llm/router.py +780 -0
icdev/tools/llm/vertex_ai_provider.py +374 -0
icdev/tools/maintenance/__init__.py +2 -0
icdev/tools/maintenance/dependency_scanner.py +1030 -0
icdev/tools/maintenance/maintenance_auditor.py +815 -0
icdev/tools/maintenance/remediation_engine.py +966 -0
icdev/tools/maintenance/vulnerability_checker.py +987 -0
icdev/tools/mbse/__init__.py +3 -0
icdev/tools/mbse/des_assessor.py +1186 -0
icdev/tools/mbse/des_report_generator.py +800 -0
icdev/tools/mbse/diagram_extractor.py +811 -0
icdev/tools/mbse/digital_thread.py +1665 -0
icdev/tools/mbse/model_code_generator.py +1122 -0
icdev/tools/mbse/model_control_mapper.py +420 -0
icdev/tools/mbse/pi_model_tracker.py +1093 -0
icdev/tools/mbse/reqif_parser.py +1483 -0
icdev/tools/mbse/sync_engine.py +1805 -0
icdev/tools/mbse/xmi_parser.py +1573 -0
icdev/tools/mcp/__init__.py +1 -0
icdev/tools/mcp/base_server.py +535 -0
icdev/tools/mcp/builder_server.py +725 -0
icdev/tools/mcp/compliance_server.py +1407 -0
icdev/tools/mcp/context_indexer.py +199 -0
icdev/tools/mcp/context_server.py +305 -0
icdev/tools/mcp/core_server.py +679 -0
icdev/tools/mcp/devsecops_server.py +432 -0
icdev/tools/mcp/gap_handlers.py +1079 -0
icdev/tools/mcp/gateway_server.py +339 -0
icdev/tools/mcp/generate_registry.py +623 -0
icdev/tools/mcp/infra_server.py +264 -0
icdev/tools/mcp/innovation_server.py +316 -0
icdev/tools/mcp/integration_server.py +527 -0
icdev/tools/mcp/knowledge_server.py +429 -0
icdev/tools/mcp/maintenance_server.py +248 -0
icdev/tools/mcp/marketplace_server.py +499 -0
icdev/tools/mcp/mbse_server.py +398 -0
icdev/tools/mcp/modernization_server.py +496 -0
icdev/tools/mcp/observability_server.py +354 -0
icdev/tools/mcp/requirements_server.py +415 -0
icdev/tools/mcp/simulation_server.py +468 -0
icdev/tools/mcp/standalone/__init__.py +2 -0
icdev/tools/mcp/standalone/builder.py +59 -0
icdev/tools/mcp/standalone/compliance.py +59 -0
icdev/tools/mcp/standalone/core.py +59 -0
icdev/tools/mcp/standalone/knowledge.py +59 -0
icdev/tools/mcp/standalone/maintenance.py +59 -0
icdev/tools/mcp/supply_chain_server.py +476 -0
icdev/tools/mcp/tool_registry.py +2008 -0
icdev/tools/mcp/unified_server.py +158 -0
icdev/tools/memory/__init__.py +2 -0
icdev/tools/memory/auto_capture.py +347 -0
icdev/tools/memory/embed_memory.py +158 -0
icdev/tools/memory/history_compressor.py +334 -0
icdev/tools/memory/hybrid_search.py +236 -0
icdev/tools/memory/maintenance_cron.py +289 -0
icdev/tools/memory/memory_consolidation.py +444 -0
icdev/tools/memory/memory_db.py +133 -0
icdev/tools/memory/memory_read.py +102 -0
icdev/tools/memory/memory_write.py +222 -0
icdev/tools/memory/semantic_search.py +139 -0
icdev/tools/memory/time_decay.py +435 -0
icdev/tools/modernization/__init__.py +3 -0
icdev/tools/modernization/architecture_extractor.py +734 -0
icdev/tools/modernization/compliance_bridge.py +1499 -0
icdev/tools/modernization/db_migration_planner.py +1385 -0
icdev/tools/modernization/doc_generator.py +1428 -0
icdev/tools/modernization/framework_migrator.py +1525 -0
icdev/tools/modernization/legacy_analyzer.py +1948 -0
icdev/tools/modernization/migration_code_generator.py +1639 -0
icdev/tools/modernization/migration_report_generator.py +1653 -0
icdev/tools/modernization/migration_tracker.py +1726 -0
icdev/tools/modernization/monolith_decomposer.py +1508 -0
icdev/tools/modernization/seven_r_assessor.py +1658 -0
icdev/tools/modernization/strangler_fig_manager.py +1705 -0
icdev/tools/modernization/ui_analyzer.py +771 -0
icdev/tools/modernization/version_migrator.py +1392 -0
icdev/tools/monitor/__init__.py +1 -0
icdev/tools/monitor/alert_correlator.py +495 -0
icdev/tools/monitor/auto_resolver.py +612 -0
icdev/tools/monitor/health_checker.py +509 -0
icdev/tools/monitor/heartbeat_daemon.py +792 -0
icdev/tools/monitor/log_analyzer.py +516 -0
icdev/tools/monitor/metric_collector.py +496 -0
icdev/tools/mosa/__init__.py +10 -0
icdev/tools/mosa/icd_generator.py +370 -0
icdev/tools/mosa/modular_design_analyzer.py +683 -0
icdev/tools/mosa/mosa_code_enforcer.py +349 -0
icdev/tools/mosa/tsp_generator.py +265 -0
icdev/tools/observability/__init__.py +100 -0
icdev/tools/observability/genai_attributes.py +88 -0
icdev/tools/observability/instrumentation.py +140 -0
icdev/tools/observability/mlflow_exporter.py +194 -0
icdev/tools/observability/otel_tracer.py +168 -0
icdev/tools/observability/provenance/__init__.py +3 -0
icdev/tools/observability/provenance/prov_recorder.py +324 -0
icdev/tools/observability/shap/__init__.py +3 -0
icdev/tools/observability/shap/agent_shap.py +275 -0
icdev/tools/observability/sqlite_tracer.py +361 -0
icdev/tools/observability/trace_context.py +205 -0
icdev/tools/observability/tracer.py +230 -0
icdev/tools/orchestration/__init__.py +2 -0
icdev/tools/orchestration/workflow_composer.py +361 -0
icdev/tools/project/__init__.py +1 -0
icdev/tools/project/manifest_loader.py +418 -0
icdev/tools/project/project_create.py +350 -0
icdev/tools/project/project_list.py +174 -0
icdev/tools/project/project_scaffold.py +1715 -0
icdev/tools/project/project_status.py +479 -0
icdev/tools/project/session_context_builder.py +757 -0
icdev/tools/project/validate_manifest.py +55 -0
icdev/tools/registry/__init__.py +10 -0
icdev/tools/registry/absorption_engine.py +832 -0
icdev/tools/registry/capability_evaluator.py +668 -0
icdev/tools/registry/child_registry.py +617 -0
icdev/tools/registry/cross_pollinator.py +1065 -0
icdev/tools/registry/genome_manager.py +671 -0
icdev/tools/registry/learning_collector.py +912 -0
icdev/tools/registry/propagation_manager.py +942 -0
icdev/tools/registry/staging_manager.py +742 -0
icdev/tools/registry/telemetry_collector.py +423 -0
icdev/tools/requirements/__init__.py +1 -0
icdev/tools/requirements/ai_governance_scorer.py +208 -0
icdev/tools/requirements/boundary_analyzer.py +1293 -0
icdev/tools/requirements/clarification_engine.py +618 -0
icdev/tools/requirements/complexity_scorer.py +387 -0
icdev/tools/requirements/consistency_analyzer.py +803 -0
icdev/tools/requirements/constitution_manager.py +605 -0
icdev/tools/requirements/decomposition_engine.py +778 -0
icdev/tools/requirements/document_extractor.py +1016 -0
icdev/tools/requirements/elicitation_techniques.py +519 -0
icdev/tools/requirements/gap_detector.py +271 -0
icdev/tools/requirements/intake_engine.py +2188 -0
icdev/tools/requirements/prd_generator.py +847 -0
icdev/tools/requirements/prd_validator.py +595 -0
icdev/tools/requirements/readiness_scorer.py +313 -0
icdev/tools/requirements/spec_organizer.py +1029 -0
icdev/tools/requirements/spec_quality_checker.py +1097 -0
icdev/tools/requirements/traceability_builder.py +579 -0
icdev/tools/resilience/__init__.py +34 -0
icdev/tools/resilience/circuit_breaker.py +340 -0
icdev/tools/resilience/correlation.py +150 -0
icdev/tools/resilience/errors.py +81 -0
icdev/tools/resilience/retry.py +95 -0
icdev/tools/schemas/__init__.py +27 -0
icdev/tools/schemas/chat.py +61 -0
icdev/tools/schemas/compliance.py +56 -0
icdev/tools/schemas/core.py +85 -0
icdev/tools/schemas/innovation.py +37 -0
icdev/tools/schemas/validation.py +109 -0
icdev/tools/sdk/__init__.py +3 -0
icdev/tools/sdk/icdev_client.py +218 -0
icdev/tools/security/__init__.py +1 -0
icdev/tools/security/agent_output_validator.py +330 -0
icdev/tools/security/agent_trust_scorer.py +466 -0
icdev/tools/security/ai_bom_generator.py +725 -0
icdev/tools/security/ai_telemetry_logger.py +469 -0
icdev/tools/security/atlas_red_team.py +543 -0
icdev/tools/security/code_pattern_scanner.py +378 -0
icdev/tools/security/confabulation_detector.py +271 -0
icdev/tools/security/container_scanner.py +491 -0
icdev/tools/security/dependency_auditor.py +944 -0
icdev/tools/security/endpoint_security_scanner.py +579 -0
icdev/tools/security/mcp_tool_authorizer.py +243 -0
icdev/tools/security/prompt_injection_detector.py +737 -0
icdev/tools/security/sast_runner.py +948 -0
icdev/tools/security/secret_detector.py +378 -0
icdev/tools/security/tool_chain_validator.py +357 -0
icdev/tools/security/vuln_scanner.py +539 -0
icdev/tools/simulation/__init__.py +2 -0
icdev/tools/simulation/coa_generator.py +1552 -0
icdev/tools/simulation/monte_carlo.py +758 -0
icdev/tools/simulation/scenario_manager.py +1073 -0
icdev/tools/simulation/simulation_engine.py +1104 -0
icdev/tools/supply_chain/__init__.py +2 -0
icdev/tools/supply_chain/cve_triager.py +705 -0
icdev/tools/supply_chain/dependency_graph.py +645 -0
icdev/tools/supply_chain/isa_manager.py +540 -0
icdev/tools/supply_chain/scrm_assessor.py +546 -0
icdev/tools/testing/__init__.py +2 -0
icdev/tools/testing/acceptance_validator.py +411 -0
icdev/tools/testing/claude_dir_validator.py +831 -0
icdev/tools/testing/data_types.py +199 -0
icdev/tools/testing/e2e_runner.py +715 -0
icdev/tools/testing/fuzz_cli.py +306 -0
icdev/tools/testing/health_check.py +483 -0
icdev/tools/testing/platform_check.py +143 -0
icdev/tools/testing/production_audit.py +1862 -0
icdev/tools/testing/production_remediate.py +804 -0
icdev/tools/testing/screenshot_validator.py +539 -0
icdev/tools/testing/smoke_test.py +283 -0
icdev/tools/testing/test_agent_models.py +117 -0
icdev/tools/testing/test_orchestrator.py +957 -0
icdev/tools/testing/utils.py +229 -0
icdev/tools/translation/__init__.py +17 -0
icdev/tools/translation/code_translator.py +550 -0
icdev/tools/translation/dependency_mapper.py +277 -0
icdev/tools/translation/feature_map.py +395 -0
icdev/tools/translation/project_assembler.py +439 -0
icdev/tools/translation/source_extractor.py +609 -0
icdev/tools/translation/test_translator.py +333 -0
icdev/tools/translation/translation_manager.py +582 -0
icdev/tools/translation/translation_validator.py +662 -0
icdev/tools/translation/type_checker.py +371 -0
icdev-1.0.0.dist-info/METADATA +868 -0
icdev-1.0.0.dist-info/RECORD +1105 -0
icdev-1.0.0.dist-info/WHEEL +5 -0
icdev-1.0.0.dist-info/entry_points.txt +9 -0
icdev-1.0.0.dist-info/licenses/LICENSE +254 -0
icdev-1.0.0.dist-info/licenses/NOTICE +268 -0
icdev-1.0.0.dist-info/top_level.txt +1 -0

icdev/tools/requirements/spec_quality_checker.py ADDED Viewed

@@ -0,0 +1,1097 @@
+#!/usr/bin/env python3
+# CUI // SP-CTI
+# Controlled by: Department of Defense
+# CUI Category: CTI
+# Distribution: D
+# POC: ICDEV System Administrator
+"""Spec quality checker -- 'unit tests for English'.
+Validates spec markdown files against quality criteria: required sections,
+ambiguity patterns, acceptance criteria testability, ATO coverage, task
+completeness, and project constitution compliance.
+Usage:
+    python tools/requirements/spec_quality_checker.py --spec-file specs/feat.md --json
+    python tools/requirements/spec_quality_checker.py --spec-dir specs/ --json
+    python tools/requirements/spec_quality_checker.py --spec-file specs/feat.md --annotate --output annotated.md
+    python tools/requirements/spec_quality_checker.py --spec-file specs/feat.md --strip-markers
+    python tools/requirements/spec_quality_checker.py --spec-file specs/feat.md --count-markers
+"""
+import argparse
+import dataclasses
+import json
+import re
+import sqlite3
+import uuid
+from datetime import datetime, timezone
+from pathlib import Path
+from icdev._paths import get_project_root
+BASE_DIR = get_project_root()
+DB_PATH = BASE_DIR / "data" / "icdev.db"
+# Graceful audit import (air-gap safe)
+try:
+    from icdev.tools.audit.audit_logger import log_event
+    _HAS_AUDIT = True
+except ImportError:
+    _HAS_AUDIT = False
+    def log_event(**kwargs):
+        return -1
+def _get_connection(db_path=None):
+    """Get database connection with dict-like row access."""
+    path = db_path or DB_PATH
+    if not path.exists():
+        raise FileNotFoundError(
+            f"Database not found: {path}\nRun: python tools/db/init_icdev_db.py"
+        )
+    conn = sqlite3.connect(str(path))
+    conn.row_factory = sqlite3.Row
+    return conn
+def _generate_id(prefix="sqc"):
+    """Generate a unique ID with prefix."""
+    return f"{prefix}-{uuid.uuid4().hex[:12]}"
+# ---------------------------------------------------------------------------
+# Data structures
+# ---------------------------------------------------------------------------
+@dataclasses.dataclass
+class CheckResult:
+    """Result of a single quality check."""
+    check_id: str
+    name: str
+    status: str       # "pass", "fail", "warn"
+    severity: str     # "critical", "high", "medium", "low"
+    message: str
+    suggestion: str = ""
+    section: str = ""
+    def to_dict(self):
+        return dataclasses.asdict(self)
+# ---------------------------------------------------------------------------
+# Markdown parsing
+# ---------------------------------------------------------------------------
+def parse_spec_sections(spec_path: Path) -> dict:
+    """Parse markdown by ``## Header`` into a dict.
+    ``### Subheader`` content is nested within the parent ``## `` section.
+    Returns ``{section_name_lower: content_string}``.
+    """
+    content = spec_path.read_text(encoding="utf-8")
+    sections: dict = {}
+    current_key = "_preamble"
+    buffer = []
+    for line in content.splitlines():
+        h2 = re.match(r"^##\s+(.+)$", line)
+        h3 = re.match(r"^###\s+(.+)$", line)
+        if h2 and not h3:
+            # Flush previous section
+            sections[current_key] = "\n".join(buffer)
+            current_key = h2.group(1).strip().lower()
+            buffer = []
+        else:
+            buffer.append(line)
+    # Flush final section
+    sections[current_key] = "\n".join(buffer)
+    return sections
+# ---------------------------------------------------------------------------
+# Loaders (context files with hardcoded fallbacks)
+# ---------------------------------------------------------------------------
+_DEFAULT_CHECKLIST = {
+    "required_sections": [
+        {"name": "Feature Description", "severity": "critical", "min_words": 20},
+        {"name": "User Story", "severity": "critical",
+         "pattern": r"(?i)as a .+ i want .+ so that .+"},
+        {"name": "Solution Statement", "severity": "critical", "min_words": 30},
+        {"name": "ATO Impact Assessment", "severity": "critical"},
+        {"name": "Acceptance Criteria", "severity": "critical", "min_items": 3},
+        {"name": "Implementation Plan", "severity": "high"},
+        {"name": "Step by Step Tasks", "severity": "high", "min_items": 3},
+        {"name": "Testing Strategy", "severity": "high"},
+        {"name": "Validation Commands", "severity": "medium"},
+        {"name": "NIST 800-53 Controls", "severity": "medium"},
+    ]
+}
+_DEFAULT_AMBIGUITY_PATTERNS = [
+    {"phrase": "as needed", "severity": "high",
+     "clarification": "Define the specific conditions that trigger this action."},
+    {"phrase": "appropriate", "severity": "high",
+     "clarification": "Define measurable criteria for 'appropriate'."},
+    {"phrase": "timely", "severity": "high",
+     "clarification": "Specify an exact time threshold."},
+    {"phrase": "user-friendly", "severity": "medium",
+     "clarification": "Define specific usability criteria."},
+    {"phrase": "fast", "severity": "high",
+     "clarification": "Specify a measurable target (e.g., <2s response time)."},
+    {"phrase": "secure", "severity": "critical",
+     "clarification": "Specify security requirements: FIPS, CAC, STIG, NIST controls."},
+    {"phrase": "scalable", "severity": "medium",
+     "clarification": "Define target scale: concurrent users, data volume."},
+    {"phrase": "efficient", "severity": "medium",
+     "clarification": "Define efficiency metric: CPU, memory, cost."},
+    {"phrase": "reasonable", "severity": "high",
+     "clarification": "Define the quantitative threshold."},
+    {"phrase": "adequate", "severity": "high",
+     "clarification": "Define the minimum acceptable criteria."},
+    {"phrase": "flexible", "severity": "medium",
+     "clarification": "Define what specifically needs to be configurable."},
+    {"phrase": "robust", "severity": "medium",
+     "clarification": "Define failure scenarios and recovery time objectives."},
+    {"phrase": "etc.", "severity": "high",
+     "clarification": "Enumerate all items explicitly."},
+    {"phrase": "and/or", "severity": "medium",
+     "clarification": "Clarify inclusive OR vs exclusive OR."},
+    {"phrase": "should", "severity": "medium",
+     "clarification": "Is this MUST (mandatory) or SHOULD (recommended)? Use RFC 2119."},
+]
+def _load_checklist() -> dict:
+    """Load spec quality checklist from context file, fallback to defaults."""
+    path = BASE_DIR / "context" / "requirements" / "spec_quality_checklist.json"
+    if path.exists():
+        try:
+            with open(path, "r", encoding="utf-8") as f:
+                return json.load(f)
+        except (json.JSONDecodeError, OSError):
+            pass
+    return _DEFAULT_CHECKLIST
+def _load_ambiguity_patterns() -> list:
+    """Load ambiguity patterns from context file, fallback to defaults."""
+    path = BASE_DIR / "context" / "requirements" / "ambiguity_patterns.json"
+    if path.exists():
+        try:
+            with open(path, "r", encoding="utf-8") as f:
+                data = json.load(f)
+                return data.get("ambiguity_patterns", _DEFAULT_AMBIGUITY_PATTERNS)
+        except (json.JSONDecodeError, OSError):
+            pass
+    return _DEFAULT_AMBIGUITY_PATTERNS
+def _load_constitutions(project_id: str = None, db_path=None) -> list:
+    """Load constitution principles.
+    If *project_id* is given and the DB is available, attempt to load
+    project-specific constitutions.  Otherwise fall back to the default
+    constitutions context file.
+    """
+    # Try DB first when project_id available
+    if project_id:
+        try:
+            conn = _get_connection(db_path)
+            rows = conn.execute(
+                "SELECT principles FROM project_constitutions WHERE project_id = ?",
+                (project_id,),
+            ).fetchone()
+            conn.close()
+            if rows:
+                return json.loads(rows["principles"])
+        except Exception:
+            pass
+    # Fallback to context file
+    path = BASE_DIR / "context" / "requirements" / "default_constitutions.json"
+    if path.exists():
+        try:
+            with open(path, "r", encoding="utf-8") as f:
+                data = json.load(f)
+                return data.get("default_principles", [])
+        except (json.JSONDecodeError, OSError):
+            pass
+    return []
+# ---------------------------------------------------------------------------
+# Individual check functions
+# ---------------------------------------------------------------------------
+def _count_list_items(text: str) -> int:
+    """Count markdown list items (``- `` or ``N. ``)."""
+    count = 0
+    for line in text.splitlines():
+        stripped = line.strip()
+        if re.match(r"^[-*]\s+", stripped) or re.match(r"^\d+\.\s+", stripped):
+            count += 1
+    return count
+def check_required_sections(sections: dict, checklist: dict) -> list:
+    """Check that all required sections exist and meet criteria."""
+    results = []
+    for req in checklist.get("required_sections", []):
+        name = req["name"]
+        key = name.lower()
+        severity = req.get("severity", "high")
+        # Case-insensitive section lookup
+        content = sections.get(key, "")
+        if not content:
+            # Try partial match
+            for sec_key, sec_val in sections.items():
+                if key in sec_key or sec_key in key:
+                    content = sec_val
+                    break
+        if not content or not content.strip():
+            results.append(CheckResult(
+                check_id=_generate_id("sec"),
+                name=f"Section: {name}",
+                status="fail",
+                severity=severity,
+                message=f"Required section '{name}' is missing.",
+                suggestion=f"Add a '## {name}' section to the spec.",
+                section=name,
+            ))
+            continue
+        # Min words check
+        min_words = req.get("min_words")
+        if min_words:
+            word_count = len(content.split())
+            if word_count < min_words:
+                results.append(CheckResult(
+                    check_id=_generate_id("sec"),
+                    name=f"Section: {name} (word count)",
+                    status="fail",
+                    severity=severity,
+                    message=f"Section '{name}' has {word_count} words, minimum is {min_words}.",
+                    suggestion=f"Expand '{name}' to at least {min_words} words.",
+                    section=name,
+                ))
+                continue
+        # Pattern check
+        pattern = req.get("pattern")
+        if pattern:
+            if not re.search(pattern, content):
+                results.append(CheckResult(
+                    check_id=_generate_id("sec"),
+                    name=f"Section: {name} (pattern)",
+                    status="fail",
+                    severity=severity,
+                    message=f"Section '{name}' does not match required pattern.",
+                    suggestion=f"Ensure '{name}' follows the expected format.",
+                    section=name,
+                ))
+                continue
+        # Min items check
+        min_items = req.get("min_items")
+        if min_items:
+            item_count = _count_list_items(content)
+            if item_count < min_items:
+                results.append(CheckResult(
+                    check_id=_generate_id("sec"),
+                    name=f"Section: {name} (items)",
+                    status="fail",
+                    severity=severity,
+                    message=f"Section '{name}' has {item_count} list items, minimum is {min_items}.",
+                    suggestion=f"Add at least {min_items} list items to '{name}'.",
+                    section=name,
+                ))
+                continue
+        # All checks passed for this section
+        results.append(CheckResult(
+            check_id=_generate_id("sec"),
+            name=f"Section: {name}",
+            status="pass",
+            severity=severity,
+            message=f"Section '{name}' present and meets criteria.",
+            section=name,
+        ))
+    return results
+def check_ambiguity(sections: dict, patterns: list) -> list:
+    """Scan all sections for ambiguity patterns."""
+    results = []
+    all_content = "\n".join(sections.values()).lower()
+    for pat in patterns:
+        phrase = pat.get("phrase", "")
+        if not phrase:
+            continue
+        # Use word boundary matching to avoid false positives inside words
+        escaped = re.escape(phrase)
+        regex = rf"\b{escaped}\b" if not phrase.endswith(".") else re.escape(phrase)
+        matches = list(re.finditer(regex, all_content, re.IGNORECASE))
+        if matches:
+            # Find which section(s) contain the match
+            match_sections = []
+            for sec_name, sec_content in sections.items():
+                if re.search(regex, sec_content, re.IGNORECASE):
+                    match_sections.append(sec_name)
+            results.append(CheckResult(
+                check_id=_generate_id("amb"),
+                name=f"Ambiguity: '{phrase}'",
+                status="fail",
+                severity=pat.get("severity", "medium"),
+                message=(
+                    f"Ambiguous phrase '{phrase}' found {len(matches)} time(s) "
+                    f"in section(s): {', '.join(match_sections)}."
+                ),
+                suggestion=pat.get("clarification", "Replace with specific, measurable language."),
+                section=", ".join(match_sections),
+            ))
+    return results
+# Verbs that indicate testable/observable assertions in acceptance criteria
+_TESTABLE_VERBS = re.compile(
+    r"\b(shows?|returns?|displays?|links?\s+to|loads?\s+without|"
+    r"renders?|navigates?\s+to|redirects?|creates?|updates?|deletes?|"
+    r"validates?|rejects?|accepts?|sends?|receives?|stores?|"
+    r"contains?|includes?|excludes?|matches?|equals?|is\s+visible|"
+    r"appears?|disappears?|enables?|disables?|triggers?|"
+    r"given|when|then|must|shall)\b",
+    re.IGNORECASE,
+)
+def check_acceptance_criteria(sections: dict) -> list:
+    """Validate acceptance criteria for testability."""
+    results = []
+    # Find acceptance criteria section
+    ac_content = ""
+    for key, content in sections.items():
+        if "acceptance" in key and "criteria" in key:
+            ac_content = content
+            break
+        if "acceptance criteria" in key:
+            ac_content = content
+            break
+    if not ac_content.strip():
+        results.append(CheckResult(
+            check_id=_generate_id("acc"),
+            name="Acceptance Criteria: presence",
+            status="fail",
+            severity="critical",
+            message="No acceptance criteria section found.",
+            suggestion="Add '## Acceptance Criteria' with at least 3 testable items.",
+            section="acceptance criteria",
+        ))
+        return results
+    # Count items
+    items = []
+    for line in ac_content.splitlines():
+        stripped = line.strip()
+        if re.match(r"^[-*]\s+", stripped) or re.match(r"^\d+\.\s+", stripped):
+            items.append(stripped)
+    if len(items) < 3:
+        results.append(CheckResult(
+            check_id=_generate_id("acc"),
+            name="Acceptance Criteria: count",
+            status="fail",
+            severity="critical",
+            message=f"Only {len(items)} acceptance criteria found, minimum is 3.",
+            suggestion="Add at least 3 specific, testable acceptance criteria.",
+            section="acceptance criteria",
+        ))
+    else:
+        results.append(CheckResult(
+            check_id=_generate_id("acc"),
+            name="Acceptance Criteria: count",
+            status="pass",
+            severity="critical",
+            message=f"{len(items)} acceptance criteria found.",
+            section="acceptance criteria",
+        ))
+    # Check each item for testable assertion
+    untestable = []
+    for item in items:
+        if not _TESTABLE_VERBS.search(item):
+            untestable.append(item[:80])
+    if untestable:
+        results.append(CheckResult(
+            check_id=_generate_id("acc"),
+            name="Acceptance Criteria: testability",
+            status="fail",
+            severity="high",
+            message=(
+                f"{len(untestable)} of {len(items)} criteria lack testable verbs: "
+                f"{untestable[0]}..."
+            ),
+            suggestion=(
+                "Each criterion should contain a measurable verb "
+                "(shows, returns, displays, loads without, etc.)."
+            ),
+            section="acceptance criteria",
+        ))
+    else:
+        results.append(CheckResult(
+            check_id=_generate_id("acc"),
+            name="Acceptance Criteria: testability",
+            status="pass",
+            severity="high",
+            message="All acceptance criteria contain testable assertions.",
+            section="acceptance criteria",
+        ))
+    # Check for Given/When/Then format
+    has_gwt = bool(re.search(r"\b(given|when|then)\b", ac_content, re.IGNORECASE))
+    results.append(CheckResult(
+        check_id=_generate_id("acc"),
+        name="Acceptance Criteria: BDD format",
+        status="pass" if has_gwt else "warn",
+        severity="low",
+        message=(
+            "BDD Given/When/Then format detected."
+            if has_gwt else
+            "No Given/When/Then BDD format found. Consider using BDD for clearer test mapping."
+        ),
+        suggestion="" if has_gwt else "Rewrite criteria in Given/When/Then format for BDD.",
+        section="acceptance criteria",
+    ))
+    return results
+def check_ato_coverage(sections: dict) -> list:
+    """Check ATO impact assessment completeness."""
+    results = []
+    # Find ATO section
+    ato_content = ""
+    for key, content in sections.items():
+        if "ato" in key and "impact" in key:
+            ato_content = content
+            break
+        if "ato impact" in key:
+            ato_content = content
+            break
+    if not ato_content.strip():
+        results.append(CheckResult(
+            check_id=_generate_id("ato"),
+            name="ATO: section presence",
+            status="fail",
+            severity="critical",
+            message="ATO Impact Assessment section is missing.",
+            suggestion="Add '## ATO Impact Assessment' with boundary tier, NIST controls, SSP impact.",
+            section="ato impact assessment",
+        ))
+        return results
+    # Boundary impact tier
+    tier_pattern = re.compile(r"\b(GREEN|YELLOW|ORANGE|RED)\b")
+    tier_match = tier_pattern.search(ato_content)
+    if tier_match:
+        results.append(CheckResult(
+            check_id=_generate_id("ato"),
+            name="ATO: boundary tier",
+            status="pass",
+            severity="critical",
+            message=f"Boundary impact tier specified: {tier_match.group(1)}.",
+            section="ato impact assessment",
+        ))
+    else:
+        results.append(CheckResult(
+            check_id=_generate_id("ato"),
+            name="ATO: boundary tier",
+            status="fail",
+            severity="critical",
+            message="No boundary impact tier (GREEN/YELLOW/ORANGE/RED) found.",
+            suggestion="Specify one of: GREEN (no impact), YELLOW (minor), ORANGE (significant), RED (ATO-invalidating).",
+            section="ato impact assessment",
+        ))
+    # NIST controls
+    nist_pattern = re.compile(r"\b[A-Z]{2}-\d+(?:\(\d+\))?\b")
+    nist_matches = nist_pattern.findall(ato_content)
+    if nist_matches:
+        results.append(CheckResult(
+            check_id=_generate_id("ato"),
+            name="ATO: NIST controls",
+            status="pass",
+            severity="high",
+            message=f"NIST controls referenced: {', '.join(nist_matches[:5])}.",
+            section="ato impact assessment",
+        ))
+    else:
+        results.append(CheckResult(
+            check_id=_generate_id("ato"),
+            name="ATO: NIST controls",
+            status="fail",
+            severity="high",
+            message="No NIST 800-53 control IDs found in ATO section.",
+            suggestion="Reference applicable controls (e.g., AC-2, AU-2, IA-2, SC-8).",
+            section="ato impact assessment",
+        ))
+    # SSP impact
+    ssp_mentioned = bool(re.search(r"\bSSP\b", ato_content, re.IGNORECASE))
+    results.append(CheckResult(
+        check_id=_generate_id("ato"),
+        name="ATO: SSP impact",
+        status="pass" if ssp_mentioned else "warn",
+        severity="medium",
+        message=(
+            "SSP impact noted." if ssp_mentioned
+            else "No mention of SSP impact. Consider documenting whether SSP requires update."
+        ),
+        suggestion="" if ssp_mentioned else "Add SSP impact statement (e.g., 'SSP addendum required').",
+        section="ato impact assessment",
+    ))
+    return results
+def check_testability(sections: dict) -> list:
+    """Check that testing strategy and validation commands exist with content."""
+    results = []
+    # Testing strategy
+    ts_content = ""
+    for key, content in sections.items():
+        if "testing" in key and "strategy" in key:
+            ts_content = content
+            break
+        if "testing strategy" in key:
+            ts_content = content
+            break
+    if ts_content.strip():
+        results.append(CheckResult(
+            check_id=_generate_id("tst"),
+            name="Testability: testing strategy",
+            status="pass",
+            severity="high",
+            message="Testing strategy section present with content.",
+            section="testing strategy",
+        ))
+    else:
+        results.append(CheckResult(
+            check_id=_generate_id("tst"),
+            name="Testability: testing strategy",
+            status="fail",
+            severity="high",
+            message="Testing strategy section is missing or empty.",
+            suggestion="Add '## Testing Strategy' describing unit, BDD, edge case, and E2E approaches.",
+            section="testing strategy",
+        ))
+    # Validation commands
+    vc_content = ""
+    for key, content in sections.items():
+        if "validation" in key and "command" in key:
+            vc_content = content
+            break
+        if "validation commands" in key:
+            vc_content = content
+            break
+    if vc_content.strip():
+        # Check for actual command-like content (backticks or bash patterns)
+        has_commands = bool(
+            re.search(r"(```|python |pytest |behave |curl |bash |npm |go |cargo )", vc_content)
+        )
+        results.append(CheckResult(
+            check_id=_generate_id("tst"),
+            name="Testability: validation commands",
+            status="pass" if has_commands else "warn",
+            severity="medium",
+            message=(
+                "Validation commands section has executable commands."
+                if has_commands else
+                "Validation commands section exists but may lack executable commands."
+            ),
+            suggestion="" if has_commands else "Include runnable bash/python commands to verify implementation.",
+            section="validation commands",
+        ))
+    else:
+        results.append(CheckResult(
+            check_id=_generate_id("tst"),
+            name="Testability: validation commands",
+            status="fail",
+            severity="medium",
+            message="Validation commands section is missing or empty.",
+            suggestion="Add '## Validation Commands' with bash commands to verify the implementation.",
+            section="validation commands",
+        ))
+    return results
+def check_task_completeness(sections: dict) -> list:
+    """Verify implementation plan phases are covered in step-by-step tasks."""
+    results = []
+    # Find implementation plan
+    plan_content = ""
+    for key, content in sections.items():
+        if "implementation" in key and "plan" in key:
+            plan_content = content
+            break
+        if "implementation plan" in key:
+            plan_content = content
+            break
+    if not plan_content.strip():
+        return results  # Cannot check without plan
+    # Find tasks section
+    tasks_content = ""
+    for key, content in sections.items():
+        if "step" in key and "task" in key:
+            tasks_content = content
+            break
+        if "step by step tasks" in key:
+            tasks_content = content
+            break
+    if not tasks_content.strip():
+        return results  # Already caught by required section check
+    # Extract phase names/numbers from plan
+    phase_pattern = re.compile(r"###?\s*Phase\s+(\d+)[:\s]*(.+)", re.IGNORECASE)
+    phases = phase_pattern.findall(plan_content)
+    if not phases:
+        # Try simpler pattern: numbered list with "Phase" or keywords
+        numbered = re.compile(r"^\s*\d+\.\s*(.+)", re.MULTILINE)
+        phase_items = numbered.findall(plan_content)
+        for idx, item in enumerate(phase_items, 1):
+            phases.append((str(idx), item.strip()))
+    if not phases:
+        results.append(CheckResult(
+            check_id=_generate_id("task"),
+            name="Task Completeness: phase extraction",
+            status="warn",
+            severity="medium",
+            message="Could not extract phases from implementation plan.",
+            suggestion="Use '### Phase N: Name' format in the Implementation Plan.",
+            section="implementation plan",
+        ))
+        return results
+    tasks_lower = tasks_content.lower()
+    uncovered = []
+    for num, name in phases:
+        # Check if phase number or key words appear in tasks
+        name_words = [w for w in name.lower().split() if len(w) > 3]
+        phase_ref = f"phase {num}"
+        found = phase_ref in tasks_lower
+        if not found and name_words:
+            found = any(w in tasks_lower for w in name_words[:3])
+        if not found:
+            uncovered.append(f"Phase {num}: {name.strip()}")
+    if uncovered:
+        results.append(CheckResult(
+            check_id=_generate_id("task"),
+            name="Task Completeness: phase coverage",
+            status="fail",
+            severity="high",
+            message=f"{len(uncovered)} phase(s) have no corresponding tasks: {'; '.join(uncovered[:3])}.",
+            suggestion="Ensure each implementation phase has detailed tasks in 'Step by Step Tasks'.",
+            section="step by step tasks",
+        ))
+    else:
+        results.append(CheckResult(
+            check_id=_generate_id("task"),
+            name="Task Completeness: phase coverage",
+            status="pass",
+            severity="high",
+            message=f"All {len(phases)} implementation phases are covered in tasks.",
+            section="step by step tasks",
+        ))
+    return results
+def check_constitution_compliance(sections: dict, principles: list) -> list:
+    """Check spec against project constitution principles."""
+    results = []
+    if not principles:
+        return results
+    all_content = "\n".join(sections.values()).lower()
+    for principle in principles:
+        p_text = principle.get("text", "")
+        keywords = principle.get("keywords", [])
+        priority = principle.get("priority", 3)
+        category = principle.get("category", "general")
+        if not keywords:
+            continue
+        # Check if any keyword appears in the spec
+        found_keywords = [kw for kw in keywords if kw.lower() in all_content]
+        if found_keywords:
+            results.append(CheckResult(
+                check_id=_generate_id("con"),
+                name=f"Constitution: {category}",
+                status="pass",
+                severity="critical" if priority == 1 else "high" if priority == 2 else "medium",
+                message=f"Principle addressed: '{p_text[:60]}...' (keywords: {', '.join(found_keywords[:3])}).",
+                section="constitution",
+            ))
+        else:
+            severity = "critical" if priority == 1 else "high" if priority == 2 else "medium"
+            status = "fail" if priority == 1 else "warn"
+            results.append(CheckResult(
+                check_id=_generate_id("con"),
+                name=f"Constitution: {category}",
+                status=status,
+                severity=severity,
+                message=f"Principle not addressed: '{p_text[:80]}'.",
+                suggestion=f"Ensure the spec addresses: {', '.join(keywords[:4])}.",
+                section="constitution",
+            ))
+    return results
+# ---------------------------------------------------------------------------
+# Orchestrator
+# ---------------------------------------------------------------------------
+def run_all_checks(spec_path: Path, project_id: str = None, db_path=None) -> dict:
+    """Run all quality checks on a spec file.
+    Returns a summary dict with quality score, check results, and suggestions.
+    """
+    spec_path = Path(spec_path)
+    if not spec_path.exists():
+        return {"status": "error", "error": f"Spec file not found: {spec_path}"}
+    sections = parse_spec_sections(spec_path)
+    checklist = _load_checklist()
+    patterns = _load_ambiguity_patterns()
+    principles = _load_constitutions(project_id, db_path)
+    all_checks = []
+    all_checks.extend(check_required_sections(sections, checklist))
+    all_checks.extend(check_ambiguity(sections, patterns))
+    all_checks.extend(check_acceptance_criteria(sections))
+    all_checks.extend(check_ato_coverage(sections))
+    all_checks.extend(check_testability(sections))
+    all_checks.extend(check_task_completeness(sections))
+    all_checks.extend(check_constitution_compliance(sections, principles))
+    passed = sum(1 for c in all_checks if c.status == "pass")
+    failed = sum(1 for c in all_checks if c.status == "fail")
+    warnings = sum(1 for c in all_checks if c.status == "warn")
+    total = len(all_checks)
+    # Quality score: pass_count / total * 100, cap at 50 if any critical failure
+    quality_score = (passed / max(total, 1)) * 100.0
+    critical_failures = [
+        c.to_dict() for c in all_checks
+        if c.status == "fail" and c.severity == "critical"
+    ]
+    if critical_failures:
+        quality_score = min(quality_score, 50.0)
+    quality_score = round(quality_score, 1)
+    suggestions = [
+        c.suggestion for c in all_checks
+        if c.suggestion and c.status in ("fail", "warn")
+    ]
+    if _HAS_AUDIT:
+        log_event(
+            event_type="spec_quality_check",
+            actor="icdev-requirements-analyst",
+            action=f"Quality check on {spec_path.name}: {quality_score}%",
+            project_id=project_id or "",
+            details={
+                "spec_file": str(spec_path),
+                "quality_score": quality_score,
+                "passed": passed,
+                "failed": failed,
+            },
+        )
+    return {
+        "status": "ok",
+        "spec_file": str(spec_path),
+        "quality_score": quality_score,
+        "total_checks": total,
+        "passed": passed,
+        "failed": failed,
+        "warnings": warnings,
+        "checks": [c.to_dict() for c in all_checks],
+        "critical_failures": critical_failures,
+        "suggestions": suggestions,
+    }
+# ---------------------------------------------------------------------------
+# Annotation helpers (inline markers)
+# ---------------------------------------------------------------------------
+_MARKER_PATTERN = re.compile(r"\[NEEDS CLARIFICATION:\s*[^\]]+\]")
+def annotate_spec(spec_path: Path, check_results: list, max_markers: int = 3) -> str:
+    """Insert ``[NEEDS CLARIFICATION: ...]`` markers inline for critical/high failures.
+    Only inserts up to *max_markers* markers.  Returns the annotated content string.
+    """
+    content = Path(spec_path).read_text(encoding="utf-8")
+    # Filter to critical/high failures only
+    failures = [
+        c for c in check_results
+        if c.get("status") == "fail" and c.get("severity") in ("critical", "high")
+    ]
+    inserted = 0
+    for fail in failures:
+        if inserted >= max_markers:
+            break
+        section = fail.get("section", "").lower()
+        message = fail.get("message", "")
+        check_id = fail.get("check_id", "unknown")
+        marker = f"[NEEDS CLARIFICATION: {check_id} -- {message[:80]}]"
+        # Try to insert after the section heading
+        if section:
+            # Look for ## Section heading (case-insensitive)
+            heading_re = re.compile(
+                rf"^(##\s+.*{re.escape(section.split(',')[0].strip())}.*$)",
+                re.IGNORECASE | re.MULTILINE,
+            )
+            match = heading_re.search(content)
+            if match:
+                insert_pos = match.end()
+                content = content[:insert_pos] + f"\n{marker}" + content[insert_pos:]
+                inserted += 1
+                continue
+        # Fallback: insert at end of file
+        content = content.rstrip() + f"\n\n{marker}\n"
+        inserted += 1
+    return content
+def strip_markers(spec_path: Path) -> str:
+    """Remove all ``[NEEDS CLARIFICATION: ...]`` markers from spec content."""
+    content = Path(spec_path).read_text(encoding="utf-8")
+    cleaned = _MARKER_PATTERN.sub("", content)
+    # Clean up any leftover blank lines from removed markers
+    cleaned = re.sub(r"\n{3,}", "\n\n", cleaned)
+    return cleaned
+def count_markers(spec_path: Path) -> int:
+    """Count existing ``[NEEDS CLARIFICATION: ...]`` markers."""
+    content = Path(spec_path).read_text(encoding="utf-8")
+    return len(_MARKER_PATTERN.findall(content))
+# ---------------------------------------------------------------------------
+# Human-readable output
+# ---------------------------------------------------------------------------
+def _format_human(result: dict) -> str:
+    """Format check results for terminal display."""
+    lines = []
+    score = result.get("quality_score", 0)
+    spec = result.get("spec_file", "unknown")
+    # Score color indicator
+    if score >= 80:
+        indicator = "[PASS]"
+    elif score >= 50:
+        indicator = "[WARN]"
+    else:
+        indicator = "[FAIL]"
+    lines.append(f"{'=' * 60}")
+    lines.append(f"Spec Quality Report: {spec}")
+    lines.append(f"{'=' * 60}")
+    lines.append(f"  Score: {score:.1f}% {indicator}")
+    lines.append(f"  Passed: {result.get('passed', 0)} | Failed: {result.get('failed', 0)} | Warnings: {result.get('warnings', 0)}")
+    lines.append("")
+    # Group by status
+    for check in result.get("checks", []):
+        status = check.get("status", "?").upper()
+        sev = check.get("severity", "?")
+        name = check.get("name", "")
+        msg = check.get("message", "")
+        tag = f"[{status}:{sev}]"
+        lines.append(f"  {tag:20s} {name}")
+        if status in ("FAIL", "WARN"):
+            lines.append(f"  {'':20s}   {msg}")
+            if check.get("suggestion"):
+                lines.append(f"  {'':20s}   -> {check['suggestion']}")
+    if result.get("critical_failures"):
+        lines.append("")
+        lines.append(f"CRITICAL FAILURES ({len(result['critical_failures'])}):")
+        for cf in result["critical_failures"]:
+            lines.append(f"  * {cf.get('name', '')}: {cf.get('message', '')}")
+    lines.append(f"{'=' * 60}")
+    return "\n".join(lines)
+# ---------------------------------------------------------------------------
+# CLI
+# ---------------------------------------------------------------------------
+def main():
+    parser = argparse.ArgumentParser(
+        description="ICDEV Spec Quality Checker -- 'unit tests for English'"
+    )
+    parser.add_argument("--spec-file", type=str, help="Check a single spec markdown file")
+    parser.add_argument("--spec-dir", type=str, help="Check all .md files in directory (recursive)")
+    parser.add_argument("--annotate", action="store_true", help="Output annotated spec with inline markers")
+    parser.add_argument("--output", type=str, help="Write annotated output to file instead of stdout")
+    parser.add_argument("--strip-markers", action="store_true", help="Remove markers from spec")
+    parser.add_argument("--count-markers", action="store_true", help="Count markers in spec")
+    parser.add_argument("--project-id", type=str, help="Project ID for constitution validation")
+    parser.add_argument("--json", action="store_true", help="JSON output")
+    parser.add_argument("--human", action="store_true", help="Colored terminal output")
+    args = parser.parse_args()
+    try:
+        # --- Strip markers mode ---
+        if args.strip_markers:
+            if not args.spec_file:
+                raise ValueError("--strip-markers requires --spec-file")
+            cleaned = strip_markers(Path(args.spec_file))
+            if args.output:
+                Path(args.output).write_text(cleaned, encoding="utf-8")
+                result = {"status": "ok", "message": f"Markers stripped, written to {args.output}"}
+            else:
+                result = {"status": "ok", "content": cleaned}
+            if args.json:
+                print(json.dumps(result, indent=2))
+            else:
+                print(cleaned if not args.output else result["message"])
+            return
+        # --- Count markers mode ---
+        if args.count_markers:
+            if not args.spec_file:
+                raise ValueError("--count-markers requires --spec-file")
+            count = count_markers(Path(args.spec_file))
+            result = {"status": "ok", "spec_file": args.spec_file, "marker_count": count}
+            if args.json:
+                print(json.dumps(result, indent=2))
+            else:
+                print(f"Markers found: {count}")
+            return
+        # --- Single file mode ---
+        if args.spec_file:
+            result = run_all_checks(
+                Path(args.spec_file),
+                project_id=args.project_id,
+            )
+            # Annotate mode
+            if args.annotate and result.get("status") == "ok":
+                annotated = annotate_spec(Path(args.spec_file), result.get("checks", []))
+                if args.output:
+                    Path(args.output).write_text(annotated, encoding="utf-8")
+                    result["annotated_output"] = args.output
+                    result["message"] = f"Annotated spec written to {args.output}"
+                else:
+                    if args.json:
+                        result["annotated_content"] = annotated
+                    else:
+                        print(annotated)
+                        return
+            if args.json:
+                print(json.dumps(result, indent=2, default=str))
+            elif args.human:
+                print(_format_human(result))
+            else:
+                print(json.dumps(result, indent=2, default=str))
+            return
+        # --- Batch mode ---
+        if args.spec_dir:
+            spec_dir = Path(args.spec_dir)
+            if not spec_dir.is_dir():
+                raise ValueError(f"Not a directory: {spec_dir}")
+            all_results = []
+            for md_file in sorted(spec_dir.rglob("*.md")):
+                r = run_all_checks(md_file, project_id=args.project_id)
+                all_results.append(r)
+            batch_result = {
+                "status": "ok",
+                "spec_dir": str(spec_dir),
+                "total_specs": len(all_results),
+                "average_score": round(
+                    sum(r.get("quality_score", 0) for r in all_results) / max(len(all_results), 1),
+                    1,
+                ),
+                "specs_passing": sum(1 for r in all_results if r.get("quality_score", 0) >= 70),
+                "specs_failing": sum(1 for r in all_results if r.get("quality_score", 0) < 70),
+                "results": all_results,
+            }
+            if args.json:
+                print(json.dumps(batch_result, indent=2, default=str))
+            elif args.human:
+                print(f"Batch Quality Report: {spec_dir}")
+                print(f"  Specs: {batch_result['total_specs']} | "
+                      f"Avg Score: {batch_result['average_score']}% | "
+                      f"Passing: {batch_result['specs_passing']} | "
+                      f"Failing: {batch_result['specs_failing']}")
+                print()
+                for r in all_results:
+                    print(_format_human(r))
+                    print()
+            else:
+                print(json.dumps(batch_result, indent=2, default=str))
+            return
+        # No action specified
+        parser.print_help()
+    except (ValueError, FileNotFoundError) as exc:
+        if args.json:
+            print(json.dumps({"status": "error", "error": str(exc)}, indent=2))
+        else:
+            print(f"Error: {exc}")
+        raise SystemExit(1)
+if __name__ == "__main__":
+    main()