lite-kits 0.1.1__py3-none-any.whl → 0.3.2__py3-none-any.whl

lite_kits/kits/dev/{claude/commands → commands/.claude}/audit.md

@@ -1,143 +1,143 @@
----
-description: Perform security analysis on dependencies and code patterns
----
-
-# Security Audit Helper
-
-**Purpose**: Quick security analysis for AI agents working on features involving authentication, data handling, or external dependencies.
-
-## Execution Steps
-
-Execute the following steps to perform a security audit:
-
-### 1. Detect Project Type and Dependencies
-
-```bash
-# Check for Python dependencies
-ls requirements.txt pyproject.toml setup.py 2>/dev/null
-
-# Check for Node.js dependencies
-ls package.json package-lock.json 2>/dev/null
-
-# Check for Rust dependencies
-ls Cargo.toml Cargo.lock 2>/dev/null
-
-# Check for Go dependencies
-ls go.mod go.sum 2>/dev/null
-```
-
-### 2. Run Dependency Vulnerability Scan
-
-**Python projects**:
-```bash
-# Check if pip-audit is available
-command -v pip-audit >/dev/null 2>&1
-
-# If available, run scan
-pip-audit
-
-# If not available, suggest installation
-echo "Install pip-audit: pip install pip-audit"
-```
-
-**Node.js projects**:
-```bash
-# npm audit is built-in
-npm audit
-
-# Or use yarn
-yarn audit
-```
-
-**Other languages**: Suggest appropriate tools (cargo audit, go list, etc.)
-
-### 3. Scan for Common Security Anti-Patterns
-
-Check source code for security issues:
-
-```bash
-# Look for potential hardcoded secrets
-grep -r "API_KEY\s*=\s*['\"]" src/ 2>/dev/null | head -5
-grep -r "PASSWORD\s*=\s*['\"]" src/ 2>/dev/null | head -5
-grep -r "SECRET\s*=\s*['\"]" src/ 2>/dev/null | head -5
-
-# Look for weak crypto patterns (Python)
-grep -r "md5\|sha1" src/ 2>/dev/null | head -5
-
-# Look for SQL injection risks
-grep -r "execute.*%\|execute.*+" src/ 2>/dev/null | head -5
-```
-
-**Common patterns to flag**:
-- Hardcoded API keys, passwords, tokens
-- Weak cryptographic algorithms (MD5, SHA1)
-- SQL string concatenation
-- Eval/exec with user input
-- Insecure file permissions
-
-### 4. Generate Concise Report
-
-Provide analysis in this format (~150 words max):
-
-```markdown
-## Security Audit
-
-**Dependencies**: N scanned, M vulnerabilities found
-
-**Vulnerabilities** (if any):
-- package-name==version: [SEVERITY] - Brief description
-- Link to advisory for details
-
-**Code Patterns** (if any):
-- file.py:line: [PATTERN] - Recommendation
-
-**Next Action**: [Fix CVE-XXXX / Update package / Review auth code]
-```
-
-## Important Notes
-
-- **Graceful fallbacks**: If audit tools not installed, do basic pattern checks only
-- **Be concise**: Target <150 words total output
-- **Prioritize**: Show highest severity issues first
-- **Avoid false positives**: Note that manual review may be needed
-- **No dependencies**: Report "No dependencies to audit" gracefully
-- **Cross-platform**: Use commands available on Windows, macOS, Linux
-
-## Edge Cases
-
-- **No dependency files**: "No dependencies found. This appears to be a dependency-free project."
-- **Tool not installed**: Provide installation command, run basic grep checks
-- **No vulnerabilities**: "✅ No known vulnerabilities found! Consider reviewing auth/data handling patterns."
-- **Too many issues**: Sample top 5, note total count
-
-## Example Output
-
-```markdown
-## Security Audit
-
-**Dependencies**: 12 scanned, 2 vulnerabilities found
-
-**Vulnerabilities**:
-- requests==2.25.0: MEDIUM - CVE-2023-32681 (Proxy-Auth header leak)
-  Update to: requests>=2.31.0
-
-**Code Patterns**:
-- src/auth.py:42: Hardcoded API key detected
-- src/db.py:103: SQL string concatenation (injection risk)
-
-**Next Action**: Update requests package, move API key to environment variables, use parameterized queries
-```
-
-```markdown
-## Security Audit
-
-**Dependencies**: pip-audit not installed
-
-**Tool Not Available**:
-Install pip-audit for vulnerability scanning:
-`pip install pip-audit`
-
-**Code Patterns**: Basic grep checks performed, no obvious issues found
-
-**Next Action**: Install pip-audit and re-run for comprehensive dependency scan
-```
+---
+description: Perform security analysis on dependencies and code patterns
+---
+
+# Security Audit Helper
+
+**Purpose**: Quick security analysis for AI agents working on features involving authentication, data handling, or external dependencies.
+
+## Execution Steps
+
+Execute the following steps to perform a security audit:
+
+### 1. Detect Project Type and Dependencies
+
+```bash
+# Check for Python dependencies
+ls requirements.txt pyproject.toml setup.py 2>/dev/null
+
+# Check for Node.js dependencies
+ls package.json package-lock.json 2>/dev/null
+
+# Check for Rust dependencies
+ls Cargo.toml Cargo.lock 2>/dev/null
+
+# Check for Go dependencies
+ls go.mod go.sum 2>/dev/null
+```
+
+### 2. Run Dependency Vulnerability Scan
+
+**Python projects**:
+```bash
+# Check if pip-audit is available
+command -v pip-audit >/dev/null 2>&1
+
+# If available, run scan
+pip-audit
+
+# If not available, suggest installation
+echo "Install pip-audit: pip install pip-audit"
+```
+
+**Node.js projects**:
+```bash
+# npm audit is built-in
+npm audit
+
+# Or use yarn
+yarn audit
+```
+
+**Other languages**: Suggest appropriate tools (cargo audit, go list, etc.)
+
+### 3. Scan for Common Security Anti-Patterns
+
+Check source code for security issues:
+
+```bash
+# Look for potential hardcoded secrets
+grep -r "API_KEY\s*=\s*['\"]" src/ 2>/dev/null | head -5
+grep -r "PASSWORD\s*=\s*['\"]" src/ 2>/dev/null | head -5
+grep -r "SECRET\s*=\s*['\"]" src/ 2>/dev/null | head -5
+
+# Look for weak crypto patterns (Python)
+grep -r "md5\|sha1" src/ 2>/dev/null | head -5
+
+# Look for SQL injection risks
+grep -r "execute.*%\|execute.*+" src/ 2>/dev/null | head -5
+```
+
+**Common patterns to flag**:
+- Hardcoded API keys, passwords, tokens
+- Weak cryptographic algorithms (MD5, SHA1)
+- SQL string concatenation
+- Eval/exec with user input
+- Insecure file permissions
+
+### 4. Generate Concise Report
+
+Provide analysis in this format (~150 words max):
+
+```markdown
+## Security Audit
+
+**Dependencies**: N scanned, M vulnerabilities found
+
+**Vulnerabilities** (if any):
+- package-name==version: [SEVERITY] - Brief description
+- Link to advisory for details
+
+**Code Patterns** (if any):
+- file.py:line: [PATTERN] - Recommendation
+
+**Next Action**: [Fix CVE-XXXX / Update package / Review auth code]
+```
+
+## Important Notes
+
+- **Graceful fallbacks**: If audit tools not installed, do basic pattern checks only
+- **Be concise**: Target <150 words total output
+- **Prioritize**: Show highest severity issues first
+- **Avoid false positives**: Note that manual review may be needed
+- **No dependencies**: Report "No dependencies to audit" gracefully
+- **Cross-platform**: Use commands available on Windows, macOS, Linux
+
+## Edge Cases
+
+- **No dependency files**: "No dependencies found. This appears to be a dependency-free project."
+- **Tool not installed**: Provide installation command, run basic grep checks
+- **No vulnerabilities**: "✅ No known vulnerabilities found! Consider reviewing auth/data handling patterns."
+- **Too many issues**: Sample top 5, note total count
+
+## Example Output
+
+```markdown
+## Security Audit
+
+**Dependencies**: 12 scanned, 2 vulnerabilities found
+
+**Vulnerabilities**:
+- requests==2.25.0: MEDIUM - CVE-2023-32681 (Proxy-Auth header leak)
+  Update to: requests>=2.31.0
+
+**Code Patterns**:
+- src/auth.py:42: Hardcoded API key detected
+- src/db.py:103: SQL string concatenation (injection risk)
+
+**Next Action**: Update requests package, move API key to environment variables, use parameterized queries
+```
+
+```markdown
+## Security Audit
+
+**Dependencies**: pip-audit not installed
+
+**Tool Not Available**:
+Install pip-audit for vulnerability scanning:
+`pip install pip-audit`
+
+**Code Patterns**: Basic grep checks performed, no obvious issues found
+
+**Next Action**: Install pip-audit and re-run for comprehensive dependency scan
+```

lite_kits/kits/dev/{claude/commands → commands/.claude}/cleanup.md

@@ -297,13 +297,13 @@ dev/004-cleanup-command
 $ git branch --merged develop
   dev/001-starter-kits
   dev/002-installer-polish
-  dev/003-git-kit-enhancements
+  dev/003-dev-kit-enhancements
 
 # Agent presents options
 Merged branches available for cleanup:
 1. dev/001-starter-kits (2 days ago)
 2. dev/002-installer-polish (1 day ago)
-3. dev/003-git-kit-enhancements (2 hours ago)
+3. dev/003-dev-kit-enhancements (2 hours ago)
 
 Delete which branches? (y/n/e): e
 

lite_kits/kits/{git/claude/commands → dev/commands/.claude}/commit.md

@@ -260,7 +260,7 @@ Message:
 9. ?? docs/new-guide.md
 
 Message:
-  docs(004): update documentation for git-kit
+  docs(004): update documentation for dev-kit
 
   Added git workflow documentation and updated README
   with new command examples.
@@ -274,7 +274,7 @@ Message:
 Message:
   chore(004): update implementation status tracking
 
-  Marked git-kit as complete in status docs.
+  Marked dev-kit as complete in status docs.
 
 ---
 

lite_kits/kits/{project/claude/commands → dev/commands/.claude}/orient.md

@@ -17,8 +17,7 @@ Check for kit marker files to determine what's installed:
 ```bash
 # Check all kits in one command
 KITS_INSTALLED=""
-[ -f .claude/commands/orient.md ] && KITS_INSTALLED="${KITS_INSTALLED}project "
-[ -f .claude/commands/commit.md ] && KITS_INSTALLED="${KITS_INSTALLED}git "
+[ -f .claude/commands/orient.md ] && KITS_INSTALLED="${KITS_INSTALLED}dev "
 [ -f .specify/memory/pr-workflow-guide.md ] && KITS_INSTALLED="${KITS_INSTALLED}multiagent "
 KITS_INSTALLED="${KITS_INSTALLED:-vanilla only}"
 ```
@@ -116,7 +115,7 @@ Based on the state you discovered, suggest the next logical action:
 - **Plan exists, no tasks** → "Run `/tasks` to break down into tasks"
 - **Tasks exist** → "Run `/implement` to start coding"
 - **Handoff detected** (multiagent) → "Review handoff in `specs/[feature]/collaboration/active/decisions/`"
-- **Uncommitted changes** → "Review changes and consider running `/commit`" (if git-kit installed)
+- **Uncommitted changes** → "Review changes and consider running `/commit`" (if dev-kit installed)
 
 ## Important Notes
 
@@ -131,7 +130,7 @@ Based on the state you discovered, suggest the next logical action:
 ```
 ## Orientation Complete
 
-**Installed Kits**: project, git
+**Installed Kits**: dev
 
 **I am**: claude-sonnet-4.5 @ Claude Code (Primary)
 **Project**: Blog Platform API (TypeScript/Node.js)

lite_kits/kits/{git/claude/commands → dev/commands/.claude}/pr.md

@@ -341,7 +341,7 @@ Implements Phase 1 MVP with `/orient` command and modular kit system for multi-a
 ## Changes
 
 ### Features
-- Add `/orient` command for agent orientation (project-kit)
+- Add `/orient` command for agent orientation (dev-kit)
 - Implement kit-aware installer with --kit flag support
 - Add modular kit structure (project, git, multiagent)
 - Auto-dependency inclusion (multiagent → project + git)