moai-adk 0.34.0__py3-none-any.whl → 1.1.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- moai_adk/__main__.py +136 -5
- moai_adk/astgrep/__init__.py +37 -0
- moai_adk/astgrep/analyzer.py +522 -0
- moai_adk/astgrep/models.py +124 -0
- moai_adk/astgrep/rules.py +179 -0
- moai_adk/cli/commands/analyze.py +11 -2
- moai_adk/cli/commands/doctor.py +7 -1
- moai_adk/cli/commands/init.py +321 -11
- moai_adk/cli/commands/language.py +7 -1
- moai_adk/cli/commands/rank.py +449 -0
- moai_adk/cli/commands/status.py +7 -1
- moai_adk/cli/commands/switch.py +325 -0
- moai_adk/cli/commands/update.py +296 -23
- moai_adk/cli/prompts/init_prompts.py +362 -66
- moai_adk/cli/prompts/translations/__init__.py +573 -0
- moai_adk/cli/ui/prompts.py +61 -2
- moai_adk/cli/worktree/cli.py +106 -1
- moai_adk/cli/worktree/manager.py +155 -0
- moai_adk/core/config/unified.py +244 -63
- moai_adk/core/credentials.py +264 -0
- moai_adk/core/error_recovery_system.py +22 -4
- moai_adk/core/git/conflict_detector.py +10 -1
- moai_adk/core/git/event_detector.py +16 -5
- moai_adk/core/integration/engine.py +2 -2
- moai_adk/core/integration/integration_tester.py +5 -5
- moai_adk/core/language_config_resolver.py +9 -3
- moai_adk/core/merge/analyzer.py +509 -324
- moai_adk/core/migration/alfred_to_moai_migrator.py +7 -1
- moai_adk/core/migration/backup_manager.py +54 -4
- moai_adk/core/migration/file_migrator.py +174 -2
- moai_adk/core/migration/interactive_checkbox_ui.py +42 -31
- moai_adk/core/migration/version_detector.py +123 -19
- moai_adk/core/migration/version_migrator.py +44 -9
- moai_adk/core/model_allocator.py +241 -0
- moai_adk/core/project/backup_utils.py +12 -2
- moai_adk/core/project/initializer.py +44 -87
- moai_adk/core/project/phase_executor.py +95 -33
- moai_adk/core/project/validator.py +16 -1
- moai_adk/core/quality/trust_checker.py +30 -10
- moai_adk/core/rollback_manager.py +60 -25
- moai_adk/core/template/backup.py +88 -6
- moai_adk/core/template/config.py +33 -9
- moai_adk/core/template/merger.py +34 -8
- moai_adk/core/template/processor.py +334 -11
- moai_adk/core/template_engine.py +10 -1
- moai_adk/core/template_variable_synchronizer.py +16 -2
- moai_adk/core/version_sync.py +54 -6
- moai_adk/foundation/__init__.py +1 -20
- moai_adk/foundation/testing.py +1 -1
- moai_adk/loop/__init__.py +54 -0
- moai_adk/loop/controller.py +305 -0
- moai_adk/loop/feedback.py +230 -0
- moai_adk/loop/state.py +209 -0
- moai_adk/loop/storage.py +220 -0
- moai_adk/lsp/__init__.py +70 -0
- moai_adk/lsp/client.py +320 -0
- moai_adk/lsp/models.py +261 -0
- moai_adk/lsp/protocol.py +404 -0
- moai_adk/lsp/server_manager.py +248 -0
- moai_adk/project/configuration.py +8 -1
- moai_adk/py.typed +0 -0
- moai_adk/ralph/__init__.py +37 -0
- moai_adk/ralph/engine.py +307 -0
- moai_adk/rank/__init__.py +21 -0
- moai_adk/rank/auth.py +425 -0
- moai_adk/rank/client.py +557 -0
- moai_adk/rank/config.py +147 -0
- moai_adk/rank/hook.py +1503 -0
- moai_adk/rank/py.typed +0 -0
- moai_adk/statusline/__init__.py +3 -0
- moai_adk/statusline/enhanced_output_style_detector.py +5 -5
- moai_adk/statusline/main.py +20 -1
- moai_adk/statusline/memory_collector.py +268 -0
- moai_adk/statusline/renderer.py +54 -38
- moai_adk/tag_system/__init__.py +48 -0
- moai_adk/tag_system/atomic_ops.py +117 -0
- moai_adk/tag_system/linkage.py +335 -0
- moai_adk/tag_system/parser.py +176 -0
- moai_adk/tag_system/validator.py +200 -0
- moai_adk/templates/.claude/agents/moai/builder-agent.md +19 -3
- moai_adk/templates/.claude/agents/moai/builder-command.md +62 -16
- moai_adk/templates/.claude/agents/moai/builder-plugin.md +763 -0
- moai_adk/templates/.claude/agents/moai/builder-skill.md +21 -5
- moai_adk/templates/.claude/agents/moai/expert-backend.md +103 -39
- moai_adk/templates/.claude/agents/moai/expert-debug.md +9 -3
- moai_adk/templates/.claude/agents/moai/expert-devops.md +16 -14
- moai_adk/templates/.claude/agents/moai/expert-frontend.md +45 -31
- moai_adk/templates/.claude/agents/moai/expert-performance.md +13 -9
- moai_adk/templates/.claude/agents/moai/expert-refactoring.md +228 -0
- moai_adk/templates/.claude/agents/moai/expert-security.md +19 -3
- moai_adk/templates/.claude/agents/moai/expert-testing.md +13 -9
- moai_adk/templates/.claude/agents/moai/manager-claude-code.md +8 -2
- moai_adk/templates/.claude/agents/moai/manager-docs.md +10 -5
- moai_adk/templates/.claude/agents/moai/manager-git.md +99 -27
- moai_adk/templates/.claude/agents/moai/manager-project.md +87 -7
- moai_adk/templates/.claude/agents/moai/manager-quality.md +22 -5
- moai_adk/templates/.claude/agents/moai/manager-spec.md +8 -2
- moai_adk/templates/.claude/agents/moai/manager-strategy.md +45 -14
- moai_adk/templates/.claude/agents/moai/manager-tdd.md +16 -3
- moai_adk/templates/.claude/commands/moai/0-project.md +239 -1185
- moai_adk/templates/.claude/commands/moai/1-plan.md +383 -363
- moai_adk/templates/.claude/commands/moai/2-run.md +254 -347
- moai_adk/templates/.claude/commands/moai/3-sync.md +174 -100
- moai_adk/templates/.claude/commands/moai/9-feedback.md +49 -33
- moai_adk/templates/.claude/commands/moai/alfred.md +339 -0
- moai_adk/templates/.claude/commands/moai/cancel-loop.md +163 -0
- moai_adk/templates/.claude/commands/moai/fix.md +264 -0
- moai_adk/templates/.claude/commands/moai/loop.md +363 -0
- moai_adk/templates/.claude/hooks/moai/lib/README.md +143 -0
- moai_adk/templates/.claude/hooks/moai/lib/__init__.py +37 -81
- moai_adk/templates/.claude/hooks/moai/lib/alfred_detector.py +105 -0
- moai_adk/templates/.claude/hooks/moai/lib/atomic_write.py +122 -0
- moai_adk/templates/.claude/hooks/moai/lib/checkpoint.py +4 -1
- moai_adk/templates/.claude/hooks/moai/lib/common.py +35 -5
- moai_adk/templates/.claude/hooks/moai/lib/config.py +376 -0
- moai_adk/templates/.claude/hooks/moai/lib/config_manager.py +24 -28
- moai_adk/templates/.claude/hooks/moai/lib/config_validator.py +14 -14
- moai_adk/templates/.claude/hooks/moai/lib/enhanced_output_style_detector.py +372 -0
- moai_adk/templates/.claude/hooks/moai/lib/exceptions.py +171 -0
- moai_adk/templates/.claude/hooks/moai/lib/file_utils.py +95 -0
- moai_adk/templates/.claude/hooks/moai/lib/git_collector.py +190 -0
- moai_adk/templates/.claude/hooks/moai/lib/git_operations_manager.py +15 -13
- moai_adk/templates/.claude/hooks/moai/lib/language_detector.py +298 -0
- moai_adk/templates/.claude/hooks/moai/lib/language_validator.py +125 -25
- moai_adk/templates/.claude/hooks/moai/lib/main.py +341 -0
- moai_adk/templates/.claude/hooks/moai/lib/memory_collector.py +268 -0
- moai_adk/templates/.claude/hooks/moai/lib/metrics_tracker.py +78 -0
- moai_adk/templates/.claude/hooks/moai/lib/models.py +9 -7
- moai_adk/templates/.claude/hooks/moai/lib/path_utils.py +204 -13
- moai_adk/templates/.claude/hooks/moai/lib/project.py +23 -14
- moai_adk/templates/.claude/hooks/moai/lib/renderer.py +359 -0
- moai_adk/templates/.claude/hooks/moai/lib/tag_linkage.py +333 -0
- moai_adk/templates/.claude/hooks/moai/lib/tag_parser.py +176 -0
- moai_adk/templates/.claude/hooks/moai/lib/tag_validator.py +200 -0
- moai_adk/templates/.claude/hooks/moai/lib/timeout.py +5 -5
- moai_adk/templates/.claude/hooks/moai/lib/tool_registry.py +896 -0
- moai_adk/templates/.claude/hooks/moai/lib/unified_timeout_manager.py +30 -18
- moai_adk/templates/.claude/hooks/moai/lib/update_checker.py +129 -0
- moai_adk/templates/.claude/hooks/moai/lib/version_reader.py +741 -0
- moai_adk/templates/.claude/hooks/moai/post_tool__ast_grep_scan.py +276 -0
- moai_adk/templates/.claude/hooks/moai/post_tool__code_formatter.py +255 -0
- moai_adk/templates/.claude/hooks/moai/post_tool__coverage_guard.py +325 -0
- moai_adk/templates/.claude/hooks/moai/post_tool__linter.py +315 -0
- moai_adk/templates/.claude/hooks/moai/post_tool__lsp_diagnostic.py +508 -0
- moai_adk/templates/.claude/hooks/moai/pre_commit__tag_validator.py +287 -0
- moai_adk/templates/.claude/hooks/moai/pre_tool__security_guard.py +268 -0
- moai_adk/templates/.claude/hooks/moai/pre_tool__tdd_enforcer.py +208 -0
- moai_adk/templates/.claude/hooks/moai/session_end__auto_cleanup.py +93 -61
- moai_adk/templates/.claude/hooks/moai/session_end__rank_submit.py +69 -0
- moai_adk/templates/.claude/hooks/moai/session_start__show_project_info.py +165 -70
- moai_adk/templates/.claude/hooks/moai/shared/utils/announcement_translator.py +206 -0
- moai_adk/templates/.claude/hooks/moai/stop__loop_controller.py +621 -0
- moai_adk/templates/.claude/output-styles/moai/alfred.md +758 -0
- moai_adk/templates/.claude/output-styles/moai/r2d2.md +86 -3
- moai_adk/templates/.claude/output-styles/moai/yoda.md +2 -2
- moai_adk/templates/.claude/settings.json +154 -77
- moai_adk/templates/.claude/skills/moai-docs-generation/SKILL.md +252 -198
- moai_adk/templates/.claude/skills/moai-docs-generation/examples.md +169 -323
- moai_adk/templates/.claude/skills/moai-docs-generation/modules/README.md +39 -27
- moai_adk/templates/.claude/skills/moai-docs-generation/modules/api-documentation.md +115 -125
- moai_adk/templates/.claude/skills/moai-docs-generation/modules/code-documentation.md +150 -150
- moai_adk/templates/.claude/skills/moai-docs-generation/modules/multi-format-output.md +182 -175
- moai_adk/templates/.claude/skills/moai-docs-generation/modules/user-guides.md +198 -138
- moai_adk/templates/.claude/skills/moai-docs-generation/reference.md +226 -320
- moai_adk/templates/.claude/skills/moai-domain-backend/SKILL.md +43 -222
- moai_adk/templates/.claude/skills/moai-domain-database/SKILL.md +75 -219
- moai_adk/templates/.claude/skills/moai-domain-frontend/SKILL.md +103 -463
- moai_adk/templates/.claude/skills/moai-domain-frontend/modules/component-architecture.md +723 -0
- moai_adk/templates/.claude/skills/moai-domain-frontend/modules/nextjs16-patterns.md +713 -0
- moai_adk/templates/.claude/skills/moai-domain-frontend/modules/performance-optimization.md +694 -0
- moai_adk/templates/.claude/skills/moai-domain-frontend/modules/react19-patterns.md +591 -0
- moai_adk/templates/.claude/skills/moai-domain-frontend/modules/state-management.md +680 -0
- moai_adk/templates/.claude/skills/moai-domain-frontend/modules/vue35-patterns.md +802 -0
- moai_adk/templates/.claude/skills/moai-domain-uiux/SKILL.md +118 -339
- moai_adk/templates/.claude/skills/moai-formats-data/SKILL.md +74 -377
- moai_adk/templates/.claude/skills/moai-formats-data/modules/README.md +299 -70
- moai_adk/templates/.claude/skills/moai-foundation-claude/SKILL.md +205 -182
- moai_adk/templates/.claude/skills/moai-foundation-claude/reference/advanced-agent-patterns.md +370 -0
- moai_adk/templates/.claude/skills/moai-foundation-claude/reference/claude-code-cli-reference-official.md +420 -0
- moai_adk/templates/.claude/skills/moai-foundation-claude/reference/claude-code-custom-slash-commands-official.md +32 -22
- moai_adk/templates/.claude/skills/moai-foundation-claude/reference/claude-code-devcontainers-official.md +381 -0
- moai_adk/templates/.claude/skills/moai-foundation-claude/reference/claude-code-discover-plugins-official.md +379 -0
- moai_adk/templates/.claude/skills/moai-foundation-claude/reference/claude-code-headless-official.md +378 -0
- moai_adk/templates/.claude/skills/moai-foundation-claude/reference/claude-code-hooks-official.md +110 -0
- moai_adk/templates/.claude/skills/moai-foundation-claude/reference/claude-code-plugin-marketplaces-official.md +308 -0
- moai_adk/templates/.claude/skills/moai-foundation-claude/reference/claude-code-plugins-official.md +640 -0
- moai_adk/templates/.claude/skills/moai-foundation-claude/reference/claude-code-sandboxing-official.md +282 -0
- moai_adk/templates/.claude/skills/moai-foundation-claude/reference/claude-code-skills-official.md +425 -71
- moai_adk/templates/.claude/skills/moai-foundation-claude/reference/claude-code-statusline-official.md +293 -0
- moai_adk/templates/.claude/skills/moai-foundation-claude/reference/claude-code-sub-agents-official.md +325 -143
- moai_adk/templates/.claude/skills/moai-foundation-context/SKILL.md +96 -316
- moai_adk/templates/.claude/skills/moai-foundation-core/SKILL.md +116 -294
- moai_adk/templates/.claude/skills/moai-foundation-core/modules/delegation-advanced.md +279 -0
- moai_adk/templates/.claude/skills/moai-foundation-core/modules/delegation-implementation.md +267 -0
- moai_adk/templates/.claude/skills/moai-foundation-core/modules/delegation-patterns.md +121 -650
- moai_adk/templates/.claude/skills/moai-foundation-core/modules/patterns.md +22 -0
- moai_adk/templates/.claude/skills/moai-foundation-core/modules/spec-ears-format.md +200 -0
- moai_adk/templates/.claude/skills/moai-foundation-core/modules/spec-first-tdd.md +37 -730
- moai_adk/templates/.claude/skills/moai-foundation-core/modules/spec-tdd-implementation.md +275 -0
- moai_adk/templates/.claude/skills/moai-foundation-core/modules/trust-5-framework.md +77 -819
- moai_adk/templates/.claude/skills/moai-foundation-core/modules/trust-5-implementation.md +244 -0
- moai_adk/templates/.claude/skills/moai-foundation-core/modules/trust-5-validation.md +219 -0
- moai_adk/templates/.claude/skills/moai-foundation-philosopher/SKILL.md +14 -18
- moai_adk/templates/.claude/skills/moai-foundation-quality/SKILL.md +86 -270
- moai_adk/templates/.claude/skills/moai-framework-electron/SKILL.md +288 -0
- moai_adk/templates/.claude/skills/moai-framework-electron/examples.md +2082 -0
- moai_adk/templates/.claude/skills/moai-framework-electron/reference.md +1649 -0
- moai_adk/templates/.claude/skills/moai-lang-cpp/SKILL.md +76 -582
- moai_adk/templates/.claude/skills/moai-lang-cpp/examples.md +1239 -0
- moai_adk/templates/.claude/skills/moai-lang-cpp/modules/advanced-patterns.md +401 -0
- moai_adk/templates/.claude/skills/moai-lang-cpp/reference.md +1136 -0
- moai_adk/templates/.claude/skills/moai-lang-csharp/SKILL.md +82 -436
- moai_adk/templates/.claude/skills/moai-lang-csharp/examples.md +585 -0
- moai_adk/templates/.claude/skills/moai-lang-csharp/modules/aspnet-core.md +627 -0
- moai_adk/templates/.claude/skills/moai-lang-csharp/modules/blazor-components.md +767 -0
- moai_adk/templates/.claude/skills/moai-lang-csharp/modules/cqrs-validation.md +626 -0
- moai_adk/templates/.claude/skills/moai-lang-csharp/modules/csharp12-features.md +580 -0
- moai_adk/templates/.claude/skills/moai-lang-csharp/modules/efcore-patterns.md +622 -0
- moai_adk/templates/.claude/skills/moai-lang-csharp/reference.md +403 -0
- moai_adk/templates/.claude/skills/moai-lang-elixir/SKILL.md +65 -542
- moai_adk/templates/.claude/skills/moai-lang-elixir/examples.md +1171 -0
- moai_adk/templates/.claude/skills/moai-lang-elixir/modules/advanced-patterns.md +531 -0
- moai_adk/templates/.claude/skills/moai-lang-elixir/reference.md +889 -0
- moai_adk/templates/.claude/skills/moai-lang-flutter/SKILL.md +32 -405
- moai_adk/templates/.claude/skills/moai-lang-go/SKILL.md +114 -293
- moai_adk/templates/.claude/skills/moai-lang-java/SKILL.md +83 -307
- moai_adk/templates/.claude/skills/moai-lang-javascript/SKILL.md +179 -0
- moai_adk/templates/.claude/skills/moai-lang-javascript/examples.md +973 -0
- moai_adk/templates/.claude/skills/moai-lang-javascript/reference.md +1543 -0
- moai_adk/templates/.claude/skills/moai-lang-kotlin/SKILL.md +42 -279
- moai_adk/templates/.claude/skills/moai-lang-php/SKILL.md +94 -556
- moai_adk/templates/.claude/skills/moai-lang-php/examples.md +1608 -0
- moai_adk/templates/.claude/skills/moai-lang-php/modules/advanced-patterns.md +538 -0
- moai_adk/templates/.claude/skills/moai-lang-php/reference.md +1323 -0
- moai_adk/templates/.claude/skills/moai-lang-python/SKILL.md +108 -358
- moai_adk/templates/.claude/skills/moai-lang-r/SKILL.md +84 -482
- moai_adk/templates/.claude/skills/moai-lang-r/examples.md +1154 -0
- moai_adk/templates/.claude/skills/moai-lang-r/modules/advanced-patterns.md +489 -0
- moai_adk/templates/.claude/skills/moai-lang-r/reference.md +1087 -0
- moai_adk/templates/.claude/skills/moai-lang-ruby/SKILL.md +106 -610
- moai_adk/templates/.claude/skills/moai-lang-ruby/examples.md +1106 -0
- moai_adk/templates/.claude/skills/moai-lang-ruby/modules/advanced-patterns.md +309 -0
- moai_adk/templates/.claude/skills/moai-lang-ruby/modules/testing-patterns.md +306 -0
- moai_adk/templates/.claude/skills/moai-lang-ruby/reference.md +1024 -0
- moai_adk/templates/.claude/skills/moai-lang-rust/SKILL.md +51 -265
- moai_adk/templates/.claude/skills/moai-lang-scala/SKILL.md +106 -442
- moai_adk/templates/.claude/skills/moai-lang-scala/modules/akka-actors.md +479 -0
- moai_adk/templates/.claude/skills/moai-lang-scala/modules/cats-effect.md +489 -0
- moai_adk/templates/.claude/skills/moai-lang-scala/modules/functional-programming.md +460 -0
- moai_adk/templates/.claude/skills/moai-lang-scala/modules/spark-data.md +498 -0
- moai_adk/templates/.claude/skills/moai-lang-scala/modules/zio-patterns.md +541 -0
- moai_adk/templates/.claude/skills/moai-lang-swift/SKILL.md +88 -457
- moai_adk/templates/.claude/skills/moai-lang-swift/modules/combine-reactive.md +256 -0
- moai_adk/templates/.claude/skills/moai-lang-swift/modules/concurrency.md +270 -0
- moai_adk/templates/.claude/skills/moai-lang-swift/modules/swift6-features.md +265 -0
- moai_adk/templates/.claude/skills/moai-lang-swift/modules/swiftui-patterns.md +314 -0
- moai_adk/templates/.claude/skills/moai-lang-typescript/SKILL.md +75 -283
- moai_adk/templates/.claude/skills/moai-library-mermaid/SKILL.md +97 -252
- moai_adk/templates/.claude/skills/moai-library-nextra/SKILL.md +64 -240
- moai_adk/templates/.claude/skills/moai-library-nextra/modules/advanced-patterns.md +331 -12
- moai_adk/templates/.claude/skills/moai-library-nextra/modules/configuration.md +330 -37
- moai_adk/templates/.claude/skills/moai-library-shadcn/SKILL.md +90 -287
- moai_adk/templates/.claude/skills/moai-platform-auth0/SKILL.md +200 -206
- moai_adk/templates/.claude/skills/moai-platform-auth0/examples.md +2446 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/adaptive-mfa.md +233 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/akamai-integration.md +214 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/application-credentials.md +280 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/attack-protection-log-events.md +224 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/attack-protection-overview.md +140 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/bot-detection.md +144 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/breached-password-detection.md +187 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/brute-force-protection.md +189 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/certifications.md +282 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/compliance-overview.md +263 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/continuous-session-protection.md +307 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/customize-mfa.md +177 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/dpop-implementation.md +283 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/fapi-implementation.md +259 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/gdpr-compliance.md +313 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/guardian-configuration.md +269 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/highly-regulated-identity.md +272 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/jwt-fundamentals.md +248 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/mdl-verification.md +210 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/mfa-api-management.md +278 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/mfa-factors.md +226 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/mfa-overview.md +174 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/mtls-sender-constraining.md +316 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/ropg-flow-mfa.md +216 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/security-center.md +325 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/security-guidance.md +277 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/state-parameters.md +177 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/step-up-authentication.md +251 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/suspicious-ip-throttling.md +240 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/tenant-access-control.md +179 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/modules/webauthn-fido.md +235 -0
- moai_adk/templates/.claude/skills/moai-platform-auth0/reference.md +224 -0
- moai_adk/templates/.claude/skills/moai-platform-clerk/SKILL.md +75 -330
- moai_adk/templates/.claude/skills/moai-platform-clerk/examples.md +1426 -0
- moai_adk/templates/.claude/skills/moai-platform-clerk/modules/advanced-patterns.md +417 -0
- moai_adk/templates/.claude/skills/moai-platform-clerk/reference.md +273 -0
- moai_adk/templates/.claude/skills/moai-platform-convex/SKILL.md +100 -340
- moai_adk/templates/.claude/skills/moai-platform-convex/examples.md +506 -0
- moai_adk/templates/.claude/skills/moai-platform-convex/modules/auth-integration.md +421 -0
- moai_adk/templates/.claude/skills/moai-platform-convex/modules/file-storage.md +474 -0
- moai_adk/templates/.claude/skills/moai-platform-convex/modules/reactive-queries.md +302 -0
- moai_adk/templates/.claude/skills/moai-platform-convex/modules/server-functions.md +452 -0
- moai_adk/templates/.claude/skills/moai-platform-convex/reference.md +385 -0
- moai_adk/templates/.claude/skills/moai-platform-firebase-auth/SKILL.md +113 -326
- moai_adk/templates/.claude/skills/moai-platform-firebase-auth/examples.md +514 -0
- moai_adk/templates/.claude/skills/moai-platform-firebase-auth/modules/custom-claims.md +374 -0
- moai_adk/templates/.claude/skills/moai-platform-firebase-auth/modules/phone-auth.md +372 -0
- moai_adk/templates/.claude/skills/moai-platform-firebase-auth/modules/social-auth.md +339 -0
- moai_adk/templates/.claude/skills/moai-platform-firebase-auth/reference.md +382 -0
- moai_adk/templates/.claude/skills/moai-platform-firestore/SKILL.md +71 -302
- moai_adk/templates/.claude/skills/moai-platform-firestore/examples.md +445 -0
- moai_adk/templates/.claude/skills/moai-platform-firestore/modules/offline-cache.md +392 -0
- moai_adk/templates/.claude/skills/moai-platform-firestore/modules/realtime-listeners.md +441 -0
- moai_adk/templates/.claude/skills/moai-platform-firestore/modules/security-rules.md +352 -0
- moai_adk/templates/.claude/skills/moai-platform-firestore/modules/transactions.md +452 -0
- moai_adk/templates/.claude/skills/moai-platform-firestore/reference.md +322 -0
- moai_adk/templates/.claude/skills/moai-platform-neon/SKILL.md +101 -412
- moai_adk/templates/.claude/skills/moai-platform-neon/examples.md +470 -0
- moai_adk/templates/.claude/skills/moai-platform-neon/modules/auto-scaling.md +349 -0
- moai_adk/templates/.claude/skills/moai-platform-neon/modules/branching-workflows.md +354 -0
- moai_adk/templates/.claude/skills/moai-platform-neon/modules/connection-pooling.md +412 -0
- moai_adk/templates/.claude/skills/moai-platform-neon/modules/pitr-backups.md +458 -0
- moai_adk/templates/.claude/skills/moai-platform-neon/reference.md +272 -0
- moai_adk/templates/.claude/skills/moai-platform-railway/SKILL.md +96 -327
- moai_adk/templates/.claude/skills/moai-platform-railway/examples.md +539 -0
- moai_adk/templates/.claude/skills/moai-platform-railway/modules/docker-deployment.md +261 -0
- moai_adk/templates/.claude/skills/moai-platform-railway/modules/multi-service.md +291 -0
- moai_adk/templates/.claude/skills/moai-platform-railway/modules/networking-domains.md +338 -0
- moai_adk/templates/.claude/skills/moai-platform-railway/modules/volumes-storage.md +353 -0
- moai_adk/templates/.claude/skills/moai-platform-railway/reference.md +374 -0
- moai_adk/templates/.claude/skills/moai-platform-supabase/SKILL.md +103 -428
- moai_adk/templates/.claude/skills/moai-platform-supabase/examples.md +502 -0
- moai_adk/templates/.claude/skills/moai-platform-supabase/modules/auth-integration.md +384 -0
- moai_adk/templates/.claude/skills/moai-platform-supabase/modules/edge-functions.md +371 -0
- moai_adk/templates/.claude/skills/moai-platform-supabase/modules/postgresql-pgvector.md +231 -0
- moai_adk/templates/.claude/skills/moai-platform-supabase/modules/realtime-presence.md +354 -0
- moai_adk/templates/.claude/skills/moai-platform-supabase/modules/row-level-security.md +286 -0
- moai_adk/templates/.claude/skills/moai-platform-supabase/modules/storage-cdn.md +319 -0
- moai_adk/templates/.claude/skills/moai-platform-supabase/modules/typescript-patterns.md +453 -0
- moai_adk/templates/.claude/skills/moai-platform-supabase/reference.md +284 -0
- moai_adk/templates/.claude/skills/moai-platform-vercel/SKILL.md +96 -446
- moai_adk/templates/.claude/skills/moai-platform-vercel/examples.md +502 -0
- moai_adk/templates/.claude/skills/moai-platform-vercel/modules/analytics-speed.md +348 -0
- moai_adk/templates/.claude/skills/moai-platform-vercel/modules/deployment-config.md +344 -0
- moai_adk/templates/.claude/skills/moai-platform-vercel/modules/edge-functions.md +222 -0
- moai_adk/templates/.claude/skills/moai-platform-vercel/modules/isr-caching.md +306 -0
- moai_adk/templates/.claude/skills/moai-platform-vercel/modules/kv-storage.md +399 -0
- moai_adk/templates/.claude/skills/moai-platform-vercel/reference.md +360 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/SKILL.md +193 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/examples.md +1099 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/modules/language-specific.md +307 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/modules/pattern-syntax.md +237 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/modules/refactoring-patterns.md +260 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/modules/security-rules.md +239 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/reference.md +288 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/rules/languages/go.yml +90 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/rules/languages/python.yml +101 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/rules/languages/typescript.yml +83 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/rules/quality/complexity-check.yml +94 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/rules/quality/deprecated-apis.yml +84 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/rules/security/secrets-detection.yml +89 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/rules/security/sql-injection.yml +45 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/rules/security/xss-prevention.yml +50 -0
- moai_adk/templates/.claude/skills/moai-tool-ast-grep/rules/sgconfig.yml +54 -0
- moai_adk/templates/.claude/skills/moai-workflow-jit-docs/SKILL.md +225 -423
- moai_adk/templates/.claude/skills/moai-workflow-loop/SKILL.md +197 -0
- moai_adk/templates/.claude/skills/moai-workflow-loop/examples.md +1063 -0
- moai_adk/templates/.claude/skills/moai-workflow-loop/reference.md +1414 -0
- moai_adk/templates/.claude/skills/moai-workflow-project/SKILL.md +211 -314
- moai_adk/templates/.claude/skills/moai-workflow-project/schemas/tab_schema.json +15 -43
- moai_adk/templates/.claude/skills/moai-workflow-spec/SKILL.md +119 -316
- moai_adk/templates/.claude/skills/moai-workflow-spec/modules/advanced-patterns.md +237 -0
- moai_adk/templates/.claude/skills/moai-workflow-templates/SKILL.md +96 -203
- moai_adk/templates/.claude/skills/moai-workflow-testing/SKILL.md +201 -388
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/README.md +52 -3
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/ai-debugging.md +263 -806
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/automated-code-review/context7-integration.md +286 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/automated-code-review/review-workflows.md +500 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/automated-code-review/trust5-framework/relevance-analysis.md +154 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/automated-code-review/trust5-framework/safety-analysis.md +148 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/automated-code-review/trust5-framework/scoring-algorithms.md +196 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/automated-code-review/trust5-framework/timeliness-analysis.md +168 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/automated-code-review/trust5-framework/truthfulness-analysis.md +136 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/automated-code-review/trust5-framework/usability-analysis.md +153 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/automated-code-review/trust5-framework.md +257 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/automated-code-review.md +191 -1344
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/code-review/analysis-patterns.md +340 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/code-review/core-classes.md +299 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/code-review/tool-integration.md +380 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/debugging/debugging-workflows.md +451 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/debugging/error-analysis.md +442 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/performance/optimization-patterns.md +473 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/performance/profiling-techniques.md +481 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/performance-optimization/ai-optimization.md +241 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/performance-optimization/bottleneck-detection.md +397 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/performance-optimization/optimization-plan.md +315 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/performance-optimization/profiler-core.md +277 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/performance-optimization/real-time-monitoring.md +187 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/performance-optimization.md +287 -1194
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/quality-metrics.md +415 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/refactoring/ai-workflows.md +620 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/refactoring/patterns.md +692 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/security-analysis.md +429 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/smart-refactoring.md +262 -1192
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/static-analysis.md +438 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/tdd/core-classes.md +397 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/tdd-context7/advanced-features.md +494 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/tdd-context7/red-green-refactor.md +316 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/tdd-context7/test-generation.md +471 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/tdd-context7/test-patterns.md +371 -0
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/tdd-context7.md +227 -1222
- moai_adk/templates/.claude/skills/moai-workflow-testing/modules/trust5-validation.md +428 -0
- moai_adk/templates/.claude/skills/moai-workflow-worktree/SKILL.md +228 -0
- moai_adk/templates/.claude/skills/moai-workflow-worktree/modules/integration-patterns.md +149 -0
- moai_adk/templates/.claude/skills/moai-workflow-worktree/modules/moai-adk-integration.md +245 -0
- moai_adk/templates/.claude/skills/moai-workflow-worktree/modules/parallel-advanced.md +310 -0
- moai_adk/templates/.claude/skills/moai-workflow-worktree/modules/parallel-development.md +202 -0
- moai_adk/templates/.claude/skills/moai-workflow-worktree/modules/parallel-workflows.md +302 -0
- moai_adk/templates/.claude/skills/moai-workflow-worktree/modules/registry-architecture.md +271 -0
- moai_adk/templates/.claude/skills/moai-workflow-worktree/modules/resource-optimization.md +300 -0
- moai_adk/templates/.claude/skills/moai-workflow-worktree/modules/tools-integration.md +280 -0
- moai_adk/templates/.claude/skills/moai-workflow-worktree/modules/troubleshooting.md +397 -0
- moai_adk/templates/.claude/skills/moai-workflow-worktree/modules/worktree-commands.md +296 -0
- moai_adk/templates/.claude/skills/moai-workflow-worktree/modules/worktree-management.md +217 -0
- moai_adk/templates/.git-hooks/pre-push +162 -59
- moai_adk/templates/.github/workflows/ci-universal.yml +934 -133
- moai_adk/templates/.gitignore +65 -107
- moai_adk/templates/.lsp.json +152 -0
- moai_adk/templates/.mcp.json +2 -20
- moai_adk/templates/.moai/announcements/en.json +18 -0
- moai_adk/templates/.moai/announcements/ja.json +18 -0
- moai_adk/templates/.moai/announcements/ko.json +18 -0
- moai_adk/templates/.moai/announcements/zh.json +18 -0
- moai_adk/templates/.moai/config/config.yaml +8 -2
- moai_adk/templates/.moai/config/multilingual-triggers.yaml +213 -0
- moai_adk/templates/.moai/config/sections/language.yaml +2 -2
- moai_adk/templates/.moai/config/sections/llm.yaml +41 -0
- moai_adk/templates/.moai/config/sections/pricing.yaml +30 -0
- moai_adk/templates/.moai/config/sections/project.yaml +2 -2
- moai_adk/templates/.moai/config/sections/quality.yaml +43 -5
- moai_adk/templates/.moai/config/sections/ralph.yaml +55 -0
- moai_adk/templates/.moai/config/sections/system.yaml +46 -1
- moai_adk/templates/.moai/config/sections/user.yaml +1 -1
- moai_adk/templates/.moai/config/statusline-config.yaml +2 -2
- moai_adk/templates/.moai/llm-configs/glm.json +22 -0
- moai_adk/templates/CLAUDE.ja.md +343 -0
- moai_adk/templates/CLAUDE.ko.md +343 -0
- moai_adk/templates/CLAUDE.md +200 -499
- moai_adk/templates/CLAUDE.zh.md +343 -0
- moai_adk/utils/common.py +37 -0
- moai_adk/version.py +1 -1
- moai_adk-1.1.0.dist-info/METADATA +2443 -0
- moai_adk-1.1.0.dist-info/RECORD +701 -0
- {moai_adk-0.34.0.dist-info → moai_adk-1.1.0.dist-info}/entry_points.txt +2 -0
- moai_adk-1.1.0.dist-info/licenses/LICENSE +99 -0
- moai_adk/core/config/auto_spec_config.py +0 -340
- moai_adk/core/hooks/post_tool_auto_spec_completion.py +0 -901
- moai_adk/core/spec/confidence_scoring.py +0 -680
- moai_adk/core/spec/ears_template_engine.py +0 -1247
- moai_adk/core/spec/quality_validator.py +0 -687
- moai_adk/templates/.claude/agents/moai/ai-nano-banana.md +0 -670
- moai_adk/templates/.claude/agents/moai/expert-database.md +0 -777
- moai_adk/templates/.claude/agents/moai/expert-uiux.md +0 -1041
- moai_adk/templates/.claude/agents/moai/mcp-context7.md +0 -458
- moai_adk/templates/.claude/agents/moai/mcp-figma.md +0 -1607
- moai_adk/templates/.claude/agents/moai/mcp-notion.md +0 -789
- moai_adk/templates/.claude/agents/moai/mcp-playwright.md +0 -469
- moai_adk/templates/.claude/agents/moai/mcp-sequential-thinking.md +0 -1032
- moai_adk/templates/.claude/skills/moai-ai-nano-banana/SKILL.md +0 -438
- moai_adk/templates/.claude/skills/moai-ai-nano-banana/examples.md +0 -431
- moai_adk/templates/.claude/skills/moai-domain-uiux/modules/design-system-tokens.md +0 -405
- moai_adk/templates/.claude/skills/moai-library-nextra/advanced-patterns.md +0 -336
- moai_adk/templates/.claude/skills/moai-mcp-figma/SKILL.md +0 -402
- moai_adk/templates/.claude/skills/moai-mcp-figma/advanced-patterns.md +0 -607
- moai_adk/templates/.claude/skills/moai-mcp-notion/SKILL.md +0 -300
- moai_adk/templates/.claude/skills/moai-mcp-notion/advanced-patterns.md +0 -537
- moai_adk/templates/.claude/skills/moai-workflow-project/__init__.py +0 -520
- moai_adk/templates/.claude/skills/moai-workflow-project/complete_workflow_demo_fixed.py +0 -574
- moai_adk/templates/.claude/skills/moai-workflow-project/examples/complete_project_setup.py +0 -317
- moai_adk/templates/.claude/skills/moai-workflow-project/examples/complete_workflow_demo.py +0 -663
- moai_adk/templates/.claude/skills/moai-workflow-project/examples/config-migration-example.json +0 -190
- moai_adk/templates/.claude/skills/moai-workflow-project/examples/question-examples.json +0 -175
- moai_adk/templates/.claude/skills/moai-workflow-project/examples/quick_start.py +0 -196
- moai_adk/templates/.claude/skills/moai-workflow-project/modules/__init__.py +0 -17
- moai_adk/templates/.claude/skills/moai-workflow-project/modules/advanced-patterns.md +0 -158
- moai_adk/templates/.claude/skills/moai-workflow-project/modules/ask_user_integration.py +0 -340
- moai_adk/templates/.claude/skills/moai-workflow-project/modules/batch_questions.py +0 -713
- moai_adk/templates/.claude/skills/moai-workflow-project/modules/config_manager.py +0 -538
- moai_adk/templates/.claude/skills/moai-workflow-project/modules/documentation_manager.py +0 -1336
- moai_adk/templates/.claude/skills/moai-workflow-project/modules/language_initializer.py +0 -730
- moai_adk/templates/.claude/skills/moai-workflow-project/modules/migration_manager.py +0 -608
- moai_adk/templates/.claude/skills/moai-workflow-project/modules/template_optimizer.py +0 -1005
- moai_adk/templates/.claude/skills/moai-workflow-project/test_integration_simple.py +0 -436
- moai_adk/templates/.claude/skills/moai-worktree/SKILL.md +0 -411
- moai_adk/templates/.claude/skills/moai-worktree/modules/integration-patterns.md +0 -982
- moai_adk/templates/.claude/skills/moai-worktree/modules/parallel-development.md +0 -778
- moai_adk/templates/.claude/skills/moai-worktree/modules/worktree-commands.md +0 -646
- moai_adk/templates/.claude/skills/moai-worktree/modules/worktree-management.md +0 -782
- moai_adk/templates/.moai/config/questions/_schema.yaml +0 -151
- moai_adk/templates/.moai/config/questions/tab0-init.yaml +0 -251
- moai_adk/templates/.moai/config/questions/tab1-user.yaml +0 -108
- moai_adk/templates/.moai/config/questions/tab2-project.yaml +0 -81
- moai_adk/templates/.moai/config/questions/tab3-git.yaml +0 -634
- moai_adk/templates/.moai/config/questions/tab4-quality.yaml +0 -170
- moai_adk/templates/.moai/config/questions/tab5-system.yaml +0 -87
- moai_adk/templates/.moai/scripts/setup-glm.py +0 -136
- moai_adk-0.34.0.dist-info/METADATA +0 -2999
- moai_adk-0.34.0.dist-info/RECORD +0 -463
- moai_adk-0.34.0.dist-info/licenses/LICENSE +0 -21
- /moai_adk/foundation/{git.py → git/__init__.py} +0 -0
- /moai_adk/templates/.claude/skills/moai-library-mermaid/{advanced-patterns.md → modules/advanced-patterns.md} +0 -0
- /moai_adk/templates/.claude/skills/moai-library-mermaid/{optimization.md → modules/optimization.md} +0 -0
- /moai_adk/templates/.claude/skills/moai-library-nextra/{optimization.md → modules/optimization.md} +0 -0
- /moai_adk/templates/.claude/skills/moai-workflow-jit-docs/{advanced-patterns.md → modules/advanced-patterns.md} +0 -0
- /moai_adk/templates/.claude/skills/moai-workflow-jit-docs/{optimization.md → modules/optimization.md} +0 -0
- /moai_adk/templates/.claude/skills/moai-workflow-testing/{advanced-patterns.md → modules/advanced-patterns.md} +0 -0
- /moai_adk/templates/.claude/skills/moai-workflow-testing/{optimization.md → modules/optimization.md} +0 -0
- /moai_adk/templates/.claude/skills/{moai-worktree → moai-workflow-worktree}/examples.md +0 -0
- /moai_adk/templates/.claude/skills/{moai-worktree → moai-workflow-worktree}/reference.md +0 -0
- {moai_adk-0.34.0.dist-info → moai_adk-1.1.0.dist-info}/WHEEL +0 -0
|
@@ -0,0 +1,429 @@
|
|
|
1
|
+
# Security Analysis with Context7
|
|
2
|
+
|
|
3
|
+
> Module: Context7-enhanced security pattern detection and vulnerability scanning
|
|
4
|
+
> Parent: [Automated Code Review](./automated-code-review.md)
|
|
5
|
+
> Complexity: Advanced
|
|
6
|
+
> Time: 20+ minutes
|
|
7
|
+
> Dependencies: Python 3.8+, Context7 MCP, re, ast, bandit
|
|
8
|
+
|
|
9
|
+
## Quick Reference
|
|
10
|
+
|
|
11
|
+
### Security Vulnerability Categories
|
|
12
|
+
|
|
13
|
+
Injection Attacks:
|
|
14
|
+
- SQL Injection: Parameterized query validation
|
|
15
|
+
- Command Injection: Shell command safety checks
|
|
16
|
+
- LDAP Injection: Directory service query safety
|
|
17
|
+
- XPath Injection: XML query validation
|
|
18
|
+
- NoSQL Injection: NoSQL query safety
|
|
19
|
+
|
|
20
|
+
Authentication & Authorization:
|
|
21
|
+
- Hardcoded credentials detection
|
|
22
|
+
- Weak password validation
|
|
23
|
+
- Session management issues
|
|
24
|
+
- Authorization bypass detection
|
|
25
|
+
- Multi-factor authentication gaps
|
|
26
|
+
|
|
27
|
+
Data Protection:
|
|
28
|
+
- Sensitive data exposure
|
|
29
|
+
- Cryptographic storage issues
|
|
30
|
+
- Insufficient encryption
|
|
31
|
+
- Key management problems
|
|
32
|
+
- Data leakage detection
|
|
33
|
+
|
|
34
|
+
API Security:
|
|
35
|
+
- Improper input validation
|
|
36
|
+
- Authentication token handling
|
|
37
|
+
- Rate limiting issues
|
|
38
|
+
- CORS misconfiguration
|
|
39
|
+
- API version management
|
|
40
|
+
|
|
41
|
+
Context7 Integration:
|
|
42
|
+
- OWASP Top 10 patterns
|
|
43
|
+
- Semgrep security rules
|
|
44
|
+
- Real-time vulnerability database
|
|
45
|
+
- Industry best practices
|
|
46
|
+
- Compliance frameworks
|
|
47
|
+
|
|
48
|
+
### Core Implementation
|
|
49
|
+
|
|
50
|
+
```python
|
|
51
|
+
import re
|
|
52
|
+
from typing import Dict, List, Any
|
|
53
|
+
|
|
54
|
+
class SecurityAnalyzer:
|
|
55
|
+
"""Security vulnerability analyzer with Context7 integration."""
|
|
56
|
+
|
|
57
|
+
def __init__(self, context7_client=None):
|
|
58
|
+
self.context7 = context7_client
|
|
59
|
+
self.security_patterns = {}
|
|
60
|
+
|
|
61
|
+
async def load_security_patterns(self) -> Dict[str, Any]:
|
|
62
|
+
"""Load security patterns from Context7."""
|
|
63
|
+
if not self.context7:
|
|
64
|
+
return self._get_default_security_patterns()
|
|
65
|
+
|
|
66
|
+
try:
|
|
67
|
+
# Load OWASP Top 10 patterns
|
|
68
|
+
owasp_patterns = await self.context7.get_library_docs(
|
|
69
|
+
context7_library_id="/security/owasp",
|
|
70
|
+
topic="OWASP Top 10 vulnerability patterns 2025",
|
|
71
|
+
tokens=5000
|
|
72
|
+
)
|
|
73
|
+
|
|
74
|
+
# Load Semgrep security rules
|
|
75
|
+
semgrep_patterns = await self.context7.get_library_docs(
|
|
76
|
+
context7_library_id="/security/semgrep",
|
|
77
|
+
topic="security vulnerability detection patterns",
|
|
78
|
+
tokens=4000
|
|
79
|
+
)
|
|
80
|
+
|
|
81
|
+
return {
|
|
82
|
+
'owasp': owasp_patterns,
|
|
83
|
+
'semgrep': semgrep_patterns
|
|
84
|
+
}
|
|
85
|
+
|
|
86
|
+
except Exception as e:
|
|
87
|
+
print(f"Failed to load Context7 security patterns: {e}")
|
|
88
|
+
return self._get_default_security_patterns()
|
|
89
|
+
```
|
|
90
|
+
|
|
91
|
+
---
|
|
92
|
+
|
|
93
|
+
## Implementation Guide
|
|
94
|
+
|
|
95
|
+
### SQL Injection Detection
|
|
96
|
+
|
|
97
|
+
```python
|
|
98
|
+
async def analyze_sql_injection(self, file_path: str, content: str) -> List[CodeIssue]:
|
|
99
|
+
"""Detect SQL injection vulnerabilities."""
|
|
100
|
+
|
|
101
|
+
issues = []
|
|
102
|
+
lines = content.split('\n')
|
|
103
|
+
|
|
104
|
+
# SQL injection patterns
|
|
105
|
+
sql_injection_patterns = [
|
|
106
|
+
r"execute\([^)]*\+[^)]*\)", # String concatenation
|
|
107
|
+
r"format\s*\(", # String formatting
|
|
108
|
+
r"%\s*[^,]*s", # Old-style formatting
|
|
109
|
+
r"\.execute\(.*\%.*\)", # Execute with formatting
|
|
110
|
+
r"\.exec\(.*\+.*\)", # Exec with concatenation
|
|
111
|
+
]
|
|
112
|
+
|
|
113
|
+
for line_num, line in enumerate(lines, 1):
|
|
114
|
+
for pattern in sql_injection_patterns:
|
|
115
|
+
if re.search(pattern, line, re.IGNORECASE):
|
|
116
|
+
issue = CodeIssue(
|
|
117
|
+
id=f"sql_injection_{line_num}",
|
|
118
|
+
category=TrustCategory.SAFETY,
|
|
119
|
+
severity="critical",
|
|
120
|
+
issue_type="security_vulnerability",
|
|
121
|
+
title="SQL Injection Risk",
|
|
122
|
+
description="Potential SQL injection vulnerability detected",
|
|
123
|
+
file_path=file_path,
|
|
124
|
+
line_number=line_num,
|
|
125
|
+
column_number=1,
|
|
126
|
+
code_snippet=line.strip(),
|
|
127
|
+
suggested_fix="Use parameterized queries or ORM to prevent SQL injection",
|
|
128
|
+
confidence=0.8,
|
|
129
|
+
rule_violated="SQL_INJECTION",
|
|
130
|
+
external_reference="OWASP SQL Injection Prevention Cheat Sheet"
|
|
131
|
+
)
|
|
132
|
+
issues.append(issue)
|
|
133
|
+
|
|
134
|
+
return issues
|
|
135
|
+
```
|
|
136
|
+
|
|
137
|
+
SQL Injection Best Practices:
|
|
138
|
+
- Use parameterized queries
|
|
139
|
+
- Implement ORM frameworks
|
|
140
|
+
- Validate and sanitize user input
|
|
141
|
+
- Apply principle of least privilege
|
|
142
|
+
- Use stored procedures when appropriate
|
|
143
|
+
|
|
144
|
+
### Command Injection Detection
|
|
145
|
+
|
|
146
|
+
```python
|
|
147
|
+
async def analyze_command_injection(self, file_path: str, content: str) -> List[CodeIssue]:
|
|
148
|
+
"""Detect command injection vulnerabilities."""
|
|
149
|
+
|
|
150
|
+
issues = []
|
|
151
|
+
lines = content.split('\n')
|
|
152
|
+
|
|
153
|
+
# Command injection patterns
|
|
154
|
+
command_injection_patterns = [
|
|
155
|
+
r"os\.system\(",
|
|
156
|
+
r"subprocess\.call\(",
|
|
157
|
+
r"subprocess\.Popen\(",
|
|
158
|
+
r"eval\(",
|
|
159
|
+
r"exec\(",
|
|
160
|
+
r"__import__\(.*os\.system",
|
|
161
|
+
]
|
|
162
|
+
|
|
163
|
+
for line_num, line in enumerate(lines, 1):
|
|
164
|
+
for pattern in command_injection_patterns:
|
|
165
|
+
if re.search(pattern, line):
|
|
166
|
+
# Check if using shell=True or user input
|
|
167
|
+
if 'shell=True' in line or '+' in line or '%' in line:
|
|
168
|
+
issue = CodeIssue(
|
|
169
|
+
id=f"command_injection_{line_num}",
|
|
170
|
+
category=TrustCategory.SAFETY,
|
|
171
|
+
severity="critical",
|
|
172
|
+
issue_type="security_vulnerability",
|
|
173
|
+
title="Command Injection Risk",
|
|
174
|
+
description="Potential command injection vulnerability",
|
|
175
|
+
file_path=file_path,
|
|
176
|
+
line_number=line_num,
|
|
177
|
+
column_number=1,
|
|
178
|
+
code_snippet=line.strip(),
|
|
179
|
+
suggested_fix="Use subprocess.run with proper argument lists or validate input",
|
|
180
|
+
confidence=0.9,
|
|
181
|
+
rule_violated="COMMAND_INJECTION",
|
|
182
|
+
external_reference="OWASP Command Injection Prevention"
|
|
183
|
+
)
|
|
184
|
+
issues.append(issue)
|
|
185
|
+
|
|
186
|
+
return issues
|
|
187
|
+
```
|
|
188
|
+
|
|
189
|
+
### Path Traversal Detection
|
|
190
|
+
|
|
191
|
+
```python
|
|
192
|
+
async def analyze_path_traversal(self, file_path: str, content: str) -> List[CodeIssue]:
|
|
193
|
+
"""Detect path traversal vulnerabilities."""
|
|
194
|
+
|
|
195
|
+
issues = []
|
|
196
|
+
lines = content.split('\n')
|
|
197
|
+
|
|
198
|
+
# Path traversal patterns
|
|
199
|
+
path_traversal_patterns = [
|
|
200
|
+
r"open\([^)]*\+[^)]*\)", # String concatenation in open
|
|
201
|
+
r"\.\.\/", # Parent directory reference
|
|
202
|
+
r"\.\.\\", # Windows parent directory
|
|
203
|
+
r"format\(.*\%.*\)", # String formatting in file path
|
|
204
|
+
]
|
|
205
|
+
|
|
206
|
+
for line_num, line in enumerate(lines, 1):
|
|
207
|
+
for pattern in path_traversal_patterns:
|
|
208
|
+
if re.search(pattern, line):
|
|
209
|
+
issue = CodeIssue(
|
|
210
|
+
id=f"path_traversal_{line_num}",
|
|
211
|
+
category=TrustCategory.SAFETY,
|
|
212
|
+
severity="high",
|
|
213
|
+
issue_type="security_vulnerability",
|
|
214
|
+
title="Path Traversal Risk",
|
|
215
|
+
description="Potential path traversal vulnerability",
|
|
216
|
+
file_path=file_path,
|
|
217
|
+
line_number=line_num,
|
|
218
|
+
column_number=1,
|
|
219
|
+
code_snippet=line.strip(),
|
|
220
|
+
suggested_fix="Validate and sanitize file paths, use absolute paths",
|
|
221
|
+
confidence=0.7,
|
|
222
|
+
rule_violated="PATH_TRAVERSAL",
|
|
223
|
+
external_reference="OWASP Path Traversal Prevention"
|
|
224
|
+
)
|
|
225
|
+
issues.append(issue)
|
|
226
|
+
|
|
227
|
+
return issues
|
|
228
|
+
```
|
|
229
|
+
|
|
230
|
+
### Hardcoded Credentials Detection
|
|
231
|
+
|
|
232
|
+
```python
|
|
233
|
+
async def analyze_hardcoded_credentials(self, file_path: str, content: str) -> List[CodeIssue]:
|
|
234
|
+
"""Detect hardcoded credentials."""
|
|
235
|
+
|
|
236
|
+
issues = []
|
|
237
|
+
lines = content.split('\n')
|
|
238
|
+
|
|
239
|
+
# Credential patterns
|
|
240
|
+
credential_patterns = [
|
|
241
|
+
r"password\s*=\s*['\"][^'\"]{8,}['\"]", # Hardcoded password
|
|
242
|
+
r"api_key\s*=\s*['\"][^'\"]{20,}['\"]", # Hardcoded API key
|
|
243
|
+
r"secret\s*=\s*['\"][^'\"]{16,}['\"]", # Hardcoded secret
|
|
244
|
+
r"token\s*=\s*['\"][^'\"]{20,}['\"]", # Hardcoded token
|
|
245
|
+
r"aws_access_key", # AWS credentials
|
|
246
|
+
r"private_key\s*=", # Private key
|
|
247
|
+
]
|
|
248
|
+
|
|
249
|
+
for line_num, line in enumerate(lines, 1):
|
|
250
|
+
for pattern in credential_patterns:
|
|
251
|
+
if re.search(pattern, line, re.IGNORECASE):
|
|
252
|
+
issue = CodeIssue(
|
|
253
|
+
id=f"hardcoded_credential_{line_num}",
|
|
254
|
+
category=TrustCategory.SAFETY,
|
|
255
|
+
severity="critical",
|
|
256
|
+
issue_type="security_vulnerability",
|
|
257
|
+
title="Hardcoded Credential",
|
|
258
|
+
description="Hardcoded credential detected in source code",
|
|
259
|
+
file_path=file_path,
|
|
260
|
+
line_number=line_num,
|
|
261
|
+
column_number=1,
|
|
262
|
+
code_snippet=line.strip()[:50] + "...", # Truncate for security
|
|
263
|
+
suggested_fix="Move credentials to environment variables or secure configuration",
|
|
264
|
+
confidence=0.9,
|
|
265
|
+
rule_violated="HARDCODED_CREDENTIALS",
|
|
266
|
+
external_reference="OWASP Key Management Cheat Sheet"
|
|
267
|
+
)
|
|
268
|
+
issues.append(issue)
|
|
269
|
+
|
|
270
|
+
return issues
|
|
271
|
+
```
|
|
272
|
+
|
|
273
|
+
### Weak Cryptography Detection
|
|
274
|
+
|
|
275
|
+
```python
|
|
276
|
+
async def analyze_weak_cryptography(self, file_path: str, content: str) -> List[CodeIssue]:
|
|
277
|
+
"""Detect weak cryptographic practices."""
|
|
278
|
+
|
|
279
|
+
issues = []
|
|
280
|
+
lines = content.split('\n')
|
|
281
|
+
|
|
282
|
+
# Weak cryptography patterns
|
|
283
|
+
weak_crypto_patterns = {
|
|
284
|
+
'md5': r"hashlib\.md5\(",
|
|
285
|
+
'sha1': r"hashlib\.sha1\(",
|
|
286
|
+
'des': r"Cipher\.algo\s*=\s*['\"]DES['\"]",
|
|
287
|
+
'rc4': r"Cipher\.algo\s*=\s*['\"]RC4['\"]",
|
|
288
|
+
}
|
|
289
|
+
|
|
290
|
+
for line_num, line in enumerate(lines, 1):
|
|
291
|
+
for crypto_type, pattern in weak_crypto_patterns.items():
|
|
292
|
+
if re.search(pattern, line):
|
|
293
|
+
issue = CodeIssue(
|
|
294
|
+
id=f"weak_crypto_{crypto_type}_{line_num}",
|
|
295
|
+
category=TrustCategory.SAFETY,
|
|
296
|
+
severity="high",
|
|
297
|
+
issue_type="security_vulnerability",
|
|
298
|
+
title=f"Weak Cryptography: {crypto_type.upper()}",
|
|
299
|
+
description=f"Use of weak cryptographic algorithm {crypto_type}",
|
|
300
|
+
file_path=file_path,
|
|
301
|
+
line_number=line_num,
|
|
302
|
+
column_number=1,
|
|
303
|
+
code_snippet=line.strip(),
|
|
304
|
+
suggested_fix=f"Replace {crypto_type} with stronger alternative (e.g., SHA-256, AES)",
|
|
305
|
+
confidence=0.9,
|
|
306
|
+
rule_violated="WEAK_CRYPTOGRAPHY",
|
|
307
|
+
external_reference="OWASP Cryptographic Storage Cheat Sheet"
|
|
308
|
+
)
|
|
309
|
+
issues.append(issue)
|
|
310
|
+
|
|
311
|
+
return issues
|
|
312
|
+
```
|
|
313
|
+
|
|
314
|
+
---
|
|
315
|
+
|
|
316
|
+
## Context7-Enhanced Analysis
|
|
317
|
+
|
|
318
|
+
### Real-Time Vulnerability Database
|
|
319
|
+
|
|
320
|
+
```python
|
|
321
|
+
async def analyze_with_context7_patterns(
|
|
322
|
+
self, file_path: str, content: str
|
|
323
|
+
) -> List[CodeIssue]:
|
|
324
|
+
"""Analyze code using Context7 security patterns."""
|
|
325
|
+
|
|
326
|
+
issues = []
|
|
327
|
+
|
|
328
|
+
# Load latest security patterns
|
|
329
|
+
security_patterns = await self.load_security_patterns()
|
|
330
|
+
|
|
331
|
+
# Analyze using OWASP patterns
|
|
332
|
+
if 'owasp' in security_patterns:
|
|
333
|
+
owasp_issues = await self._analyze_owasp_patterns(
|
|
334
|
+
file_path, content, security_patterns['owasp']
|
|
335
|
+
)
|
|
336
|
+
issues.extend(owasp_issues)
|
|
337
|
+
|
|
338
|
+
# Analyze using Semgrep rules
|
|
339
|
+
if 'semgrep' in security_patterns:
|
|
340
|
+
semgrep_issues = await self._analyze_semgrep_rules(
|
|
341
|
+
file_path, content, security_patterns['semgrep']
|
|
342
|
+
)
|
|
343
|
+
issues.extend(semgrep_issues)
|
|
344
|
+
|
|
345
|
+
return issues
|
|
346
|
+
```
|
|
347
|
+
|
|
348
|
+
### Business Logic Vulnerabilities
|
|
349
|
+
|
|
350
|
+
```python
|
|
351
|
+
async def analyze_business_logic_security(self, file_path: str, content: str) -> List[CodeIssue]:
|
|
352
|
+
"""Detect business logic security issues."""
|
|
353
|
+
|
|
354
|
+
issues = []
|
|
355
|
+
tree = ast.parse(content)
|
|
356
|
+
|
|
357
|
+
# Check for authentication bypass patterns
|
|
358
|
+
for node in ast.walk(tree):
|
|
359
|
+
if isinstance(node, ast.If):
|
|
360
|
+
# Check for weak authentication conditions
|
|
361
|
+
if self._is_weak_authentication(node):
|
|
362
|
+
issue = CodeIssue(
|
|
363
|
+
id=f"weak_auth_{node.lineno}",
|
|
364
|
+
category=TrustCategory.SAFETY,
|
|
365
|
+
severity="high",
|
|
366
|
+
issue_type="security_vulnerability",
|
|
367
|
+
title="Weak Authentication",
|
|
368
|
+
description="Potential authentication bypass vulnerability",
|
|
369
|
+
file_path=file_path,
|
|
370
|
+
line_number=node.lineno,
|
|
371
|
+
column_number=node.col_offset,
|
|
372
|
+
code_snippet=self._get_node_source(node, content),
|
|
373
|
+
suggested_fix="Implement proper authentication with strong session management",
|
|
374
|
+
confidence=0.7,
|
|
375
|
+
rule_violated="WEAK_AUTHENTICATION"
|
|
376
|
+
)
|
|
377
|
+
issues.append(issue)
|
|
378
|
+
|
|
379
|
+
return issues
|
|
380
|
+
```
|
|
381
|
+
|
|
382
|
+
---
|
|
383
|
+
|
|
384
|
+
## Security Fix Suggestions
|
|
385
|
+
|
|
386
|
+
```python
|
|
387
|
+
def get_security_fix_suggestion(self, vulnerability_type: str) -> str:
|
|
388
|
+
"""Get security fix suggestion."""
|
|
389
|
+
|
|
390
|
+
suggestions = {
|
|
391
|
+
'sql_injection': "Use parameterized queries or ORM to prevent SQL injection",
|
|
392
|
+
'command_injection': "Use subprocess.run with proper argument lists or validate input",
|
|
393
|
+
'path_traversal': "Validate and sanitize file paths, use absolute paths",
|
|
394
|
+
'hardcoded_credentials': "Move credentials to environment variables or secure configuration",
|
|
395
|
+
'weak_cryptography': "Replace with stronger cryptographic algorithms (e.g., SHA-256, AES)",
|
|
396
|
+
'xss': "Sanitize user input and use context-aware output encoding",
|
|
397
|
+
'csrf': "Implement CSRF tokens with unique, unpredictable values",
|
|
398
|
+
'authentication_bypass': "Implement proper authentication with multi-factor support",
|
|
399
|
+
}
|
|
400
|
+
|
|
401
|
+
return suggestions.get(vulnerability_type, "Review and fix security vulnerability")
|
|
402
|
+
```
|
|
403
|
+
|
|
404
|
+
---
|
|
405
|
+
|
|
406
|
+
## Best Practices
|
|
407
|
+
|
|
408
|
+
1. Context7 Integration: Leverage real-time vulnerability databases for latest threats
|
|
409
|
+
2. Comprehensive Coverage: Check all OWASP Top 10 vulnerability categories
|
|
410
|
+
3. Severity Accuracy: Use confidence scores to prioritize fixes
|
|
411
|
+
4. Actionable Guidance: Provide specific fix suggestions with code examples
|
|
412
|
+
5. Reference Documentation: Link to OWASP and industry best practices
|
|
413
|
+
6. Regular Updates: Keep security patterns current with evolving threats
|
|
414
|
+
7. False Positive Reduction: Use multiple detection methods for accuracy
|
|
415
|
+
8. Team Training: Educate team on common security pitfalls
|
|
416
|
+
|
|
417
|
+
---
|
|
418
|
+
|
|
419
|
+
## Related Modules
|
|
420
|
+
|
|
421
|
+
- [TRUST 5 Validation](./trust5-validation.md): Safety category analysis
|
|
422
|
+
- [static-analysis.md](./static-analysis.md): bandit integration for security scanning
|
|
423
|
+
- [automated-code-review/context7-integration.md](./automated-code-review/context7-integration.md): Context7 MCP patterns
|
|
424
|
+
|
|
425
|
+
---
|
|
426
|
+
|
|
427
|
+
Version: 1.0.0
|
|
428
|
+
Last Updated: 2026-01-06
|
|
429
|
+
Module: `modules/security-analysis.md`
|