xone-cli 0.1.0__tar.gz

xone_cli-0.1.0/CHANGELOG.md

@@ -0,0 +1,6 @@
+# Changelog
+
+## 0.1.0
+
+- Add the first X-One unified CLI foundation.
+

xone_cli-0.1.0/LICENSE

@@ -0,0 +1,22 @@
+MIT License
+
+Copyright (c) 2026 X-One-AI
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+

xone_cli-0.1.0/MANIFEST.in

@@ -0,0 +1,6 @@
+include README.zh-CN.md
+include CHANGELOG.md
+include LICENSE
+recursive-include docs *.md
+recursive-include fixtures *.json
+recursive-include ops *.md

xone_cli-0.1.0/PKG-INFO

@@ -0,0 +1,79 @@
+Metadata-Version: 2.4
+Name: xone-cli
+Version: 0.1.0
+Summary: Unified CLI entry point for X-One Agent Evidence Loop workflows.
+Author: X-One-AI
+License-Expression: MIT
+Project-URL: Homepage, https://github.com/X-One-AI/xone-cli
+Project-URL: Repository, https://github.com/X-One-AI/xone-cli
+Project-URL: Issues, https://github.com/X-One-AI/xone-cli/issues
+Keywords: ai,agents,devsecops,mcp,cli
+Classifier: Development Status :: 3 - Alpha
+Classifier: Environment :: Console
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: Information Technology
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Quality Assurance
+Requires-Python: >=3.11
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Provides-Extra: dev
+Requires-Dist: build>=1.2.2; extra == "dev"
+Requires-Dist: pytest>=8.0; extra == "dev"
+Dynamic: license-file
+
+# xone-cli
+
+Languages: English | [中文](./README.zh-CN.md)
+
+`xone-cli` is the unified local entry point for X-One Agent Evidence Loop workflows.
+
+It helps developers move from scattered tools to one clear path:
+
+```text
+collect PR evidence
+-> decide handoff
+-> create failure packet when needed
+-> attach MCP risk context when useful
+-> run safe-local training scenarios
+```
+
+## Install
+
+```bash
+python -m pip install xone-cli
+xone --version
+xone doctor
+```
+
+## First Run
+
+```bash
+xone doctor
+xone runbook --base main --head HEAD --dry-run
+```
+
+`xone-cli` orchestrates these X-One tools:
+
+- `agent-pr-evidence`
+- `agent-failure-packet`
+- `mcp-risk-index`
+- `ai-incident-lab`
+
+## Boundary
+
+- It does not replace the underlying tools.
+- It does not post GitHub comments.
+- It does not modify repositories automatically.
+- It does not make allow/deny runtime enforcement decisions.
+- It does not make hidden network calls.
+
+## Docs
+
+- [Product Foundation](./docs/product-foundation.md)
+- [Install](./docs/install.md)
+- [Release](./docs/release.md)
+- [Open-source Feedback Ledger](./docs/feedback/open-source-feedback-ledger.md)

xone_cli-0.1.0/README.md

@@ -0,0 +1,52 @@
+# xone-cli
+
+Languages: English | [中文](./README.zh-CN.md)
+
+`xone-cli` is the unified local entry point for X-One Agent Evidence Loop workflows.
+
+It helps developers move from scattered tools to one clear path:
+
+```text
+collect PR evidence
+-> decide handoff
+-> create failure packet when needed
+-> attach MCP risk context when useful
+-> run safe-local training scenarios
+```
+
+## Install
+
+```bash
+python -m pip install xone-cli
+xone --version
+xone doctor
+```
+
+## First Run
+
+```bash
+xone doctor
+xone runbook --base main --head HEAD --dry-run
+```
+
+`xone-cli` orchestrates these X-One tools:
+
+- `agent-pr-evidence`
+- `agent-failure-packet`
+- `mcp-risk-index`
+- `ai-incident-lab`
+
+## Boundary
+
+- It does not replace the underlying tools.
+- It does not post GitHub comments.
+- It does not modify repositories automatically.
+- It does not make allow/deny runtime enforcement decisions.
+- It does not make hidden network calls.
+
+## Docs
+
+- [Product Foundation](./docs/product-foundation.md)
+- [Install](./docs/install.md)
+- [Release](./docs/release.md)
+- [Open-source Feedback Ledger](./docs/feedback/open-source-feedback-ledger.md)

xone_cli-0.1.0/README.zh-CN.md

@@ -0,0 +1,52 @@
+# xone-cli
+
+语言：[English](./README.md) | 中文
+
+`xone-cli` 是 X-One Agent Evidence Loop 的统一本地入口。
+
+它把分散的工具串成一条清晰路径：
+
+```text
+收集 PR 证据
+-> 判断交接决策
+-> 需要时生成失败包
+-> 需要时附加 MCP 风险上下文
+-> 运行安全本地训练场景
+```
+
+## 安装
+
+```bash
+python -m pip install xone-cli
+xone --version
+xone doctor
+```
+
+## 首次运行
+
+```bash
+xone doctor
+xone runbook --base main --head HEAD --dry-run
+```
+
+`xone-cli` 编排这些 X-One 工具：
+
+- `agent-pr-evidence`
+- `agent-failure-packet`
+- `mcp-risk-index`
+- `ai-incident-lab`
+
+## 边界
+
+- 不替代底层工具。
+- 不自动发布 GitHub 评论。
+- 不自动修改仓库。
+- 不做 runtime allow/deny enforcement。
+- 不做隐藏网络调用。
+
+## 文档
+
+- [产品基础](./docs/product-foundation.md)
+- [安装](./docs/install.md)
+- [发布](./docs/release.md)
+- [开源反馈 Ledger](./docs/feedback/open-source-feedback-ledger.md)

xone_cli-0.1.0/docs/feedback/open-source-feedback-ledger.md

@@ -0,0 +1,28 @@
+# Open-Source Feedback Ledger
+
+This ledger substitutes early real-user feedback with public, sanitized open-source samples.
+
+Rules:
+
+- Record source URL and observation, not raw sensitive configuration.
+- Do not label third-party projects as safe or unsafe.
+- Classify observations as false-positive, false-negative, adapter-request, scenario-request, or catalog-update.
+
+## Samples
+
+The first ledger entries live in `fixtures/open-source-samples/`.
+
+| Source | Stars | Forks | Type | Feedback |
+| --- | ---: | ---: | --- | --- |
+| modelcontextprotocol/servers | 87186 | 10998 | mcp-server-examples | catalog-update |
+| github/github-mcp-server | 30650 | 4381 | mcp-server-examples | catalog-update |
+| microsoft/playwright-mcp | 33878 | 2798 | mcp-server-examples | scenario-request |
+| upstash/context7 | 57304 | 2706 | mcp-server-examples | catalog-update |
+| wonderwhy-er/DesktopCommanderMCP | 6165 | 729 | security-sensitive | scenario-request |
+| cline/cline | 63235 | 6677 | ai-coding-tool | adapter-request |
+| continuedev/continue | 33683 | 4654 | ai-coding-tool | adapter-request |
+| Aider-AI/aider | 46171 | 4580 | ai-coding-tool | scenario-request |
+| openai/codex | 90890 | 13410 | ai-coding-tool | scenario-request |
+| OpenHands/OpenHands | 76929 | 9771 | agent-workflow | adapter-request |
+| docker/mcp-gateway | 1452 | 246 | security-sensitive | catalog-update |
+| anthropics/claude-code | 132258 | 21413 | ai-coding-tool | scenario-request |

xone_cli-0.1.0/docs/install.md

@@ -0,0 +1,22 @@
+# Install
+
+## Local Development
+
+```bash
+python -m pip install -e '.[dev]'
+xone --version
+xone doctor
+xone runbook --base main --head HEAD --dry-run
+```
+
+## User Install
+
+```bash
+python -m pip install xone-cli
+xone doctor
+xone runbook --base main --head HEAD --dry-run
+```
+
+`xone doctor` reports missing X-One tools and shows install guidance.
+
+If `xone doctor` reports missing tools, install the suggested X-One packages and run it again before using `evidence`, `risk`, or `lab` commands.

xone_cli-0.1.0/docs/product-foundation.md

@@ -0,0 +1,8 @@
+# Product Foundation
+
+`xone-cli` is the local workflow entry point for X-One Agent Evidence Loop adoption.
+
+It is production-oriented, not a demo. Its first responsibility is to help a user understand whether the X-One toolchain is installed, then guide the user through evidence, packet, risk context, and lab workflows.
+
+It is a workflow layer, not a new rule engine.
+

xone_cli-0.1.0/docs/release.md

@@ -0,0 +1,15 @@
+# Release
+
+`xone-cli` uses a release candidate gate before public publishing.
+
+Required checks:
+
+```bash
+python -m pytest -q
+python -m pip install -e '.[dev]'
+xone release verify --build --install --smoke
+```
+
+`xone release verify` builds the package, installs the wheel into a temporary virtual environment, and runs smoke checks from the installed `xone` entry point.
+
+PyPI publishing must be tag-gated. TestPyPI publishing must use the `testpypi` environment.

xone_cli-0.1.0/fixtures/open-source-samples/aider.json

@@ -0,0 +1,12 @@
+{
+  "schema_version": "xone.open_source_sample.v1",
+  "source_url": "https://github.com/Aider-AI/aider",
+  "collected_at": "2026-06-14",
+  "stars": 46171,
+  "forks": 4580,
+  "sample_type": "ai-coding-tool",
+  "observed_pattern": "Terminal AI pair programming workflow that modifies local repositories.",
+  "expected_xone_behavior": "Exercise local git diff evidence collection and test-evidence expectations.",
+  "feedback_classification": "scenario-request"
+}
+

xone_cli-0.1.0/fixtures/open-source-samples/anthropics-claude-code.json

@@ -0,0 +1,12 @@
+{
+  "schema_version": "xone.open_source_sample.v1",
+  "source_url": "https://github.com/anthropics/claude-code",
+  "collected_at": "2026-06-14",
+  "stars": 132258,
+  "forks": 21413,
+  "sample_type": "ai-coding-tool",
+  "observed_pattern": "Agentic coding tool that operates in terminal and understands local codebases.",
+  "expected_xone_behavior": "Use for installation, local workflow, and failure handoff expectation comparisons.",
+  "feedback_classification": "scenario-request"
+}
+

xone_cli-0.1.0/fixtures/open-source-samples/cline.json

@@ -0,0 +1,12 @@
+{
+  "schema_version": "xone.open_source_sample.v1",
+  "source_url": "https://github.com/cline/cline",
+  "collected_at": "2026-06-14",
+  "stars": 63235,
+  "forks": 6677,
+  "sample_type": "ai-coding-tool",
+  "observed_pattern": "Autonomous coding agent distributed as SDK, IDE extension, and CLI assistant.",
+  "expected_xone_behavior": "Use for agent-generated PR evidence and failure packet workflow examples.",
+  "feedback_classification": "adapter-request"
+}
+

xone_cli-0.1.0/fixtures/open-source-samples/continue.json

@@ -0,0 +1,12 @@
+{
+  "schema_version": "xone.open_source_sample.v1",
+  "source_url": "https://github.com/continuedev/continue",
+  "collected_at": "2026-06-14",
+  "stars": 33683,
+  "forks": 4654,
+  "sample_type": "ai-coding-tool",
+  "observed_pattern": "Source-controlled AI checks and CLI workflows for coding assistants.",
+  "expected_xone_behavior": "Compare X-One evidence runbooks against AI check workflows and CI evidence expectations.",
+  "feedback_classification": "adapter-request"
+}
+

xone_cli-0.1.0/fixtures/open-source-samples/desktop-commander-mcp.json

@@ -0,0 +1,12 @@
+{
+  "schema_version": "xone.open_source_sample.v1",
+  "source_url": "https://github.com/wonderwhy-er/DesktopCommanderMCP",
+  "collected_at": "2026-06-14",
+  "stars": 6165,
+  "forks": 729,
+  "sample_type": "security-sensitive",
+  "observed_pattern": "MCP server offering terminal control, filesystem search, and file editing capabilities.",
+  "expected_xone_behavior": "Exercise filesystem, process execution, and local mutation rules with high reviewer attention.",
+  "feedback_classification": "scenario-request"
+}
+

xone_cli-0.1.0/fixtures/open-source-samples/docker-mcp-gateway.json

@@ -0,0 +1,12 @@
+{
+  "schema_version": "xone.open_source_sample.v1",
+  "source_url": "https://github.com/docker/mcp-gateway",
+  "collected_at": "2026-06-14",
+  "stars": 1452,
+  "forks": 246,
+  "sample_type": "security-sensitive",
+  "observed_pattern": "Docker MCP gateway and CLI plugin surface involving containerized tool routing.",
+  "expected_xone_behavior": "Exercise Docker, network, and gateway boundary review questions.",
+  "feedback_classification": "catalog-update"
+}
+

xone_cli-0.1.0/fixtures/open-source-samples/github-github-mcp-server.json

@@ -0,0 +1,12 @@
+{
+  "schema_version": "xone.open_source_sample.v1",
+  "source_url": "https://github.com/github/github-mcp-server",
+  "collected_at": "2026-06-14",
+  "stars": 30650,
+  "forks": 4381,
+  "sample_type": "mcp-server-examples",
+  "observed_pattern": "Official GitHub MCP server with token-mediated repository operations.",
+  "expected_xone_behavior": "Treat token scope and repository mutation capabilities as review questions, not safe/unsafe labels.",
+  "feedback_classification": "catalog-update"
+}
+

xone_cli-0.1.0/fixtures/open-source-samples/microsoft-playwright-mcp.json

@@ -0,0 +1,12 @@
+{
+  "schema_version": "xone.open_source_sample.v1",
+  "source_url": "https://github.com/microsoft/playwright-mcp",
+  "collected_at": "2026-06-14",
+  "stars": 33878,
+  "forks": 2798,
+  "sample_type": "mcp-server-examples",
+  "observed_pattern": "Browser automation MCP server with local browser control and network-facing workflows.",
+  "expected_xone_behavior": "Surface browser automation and network context as review evidence, especially in PR workflows.",
+  "feedback_classification": "scenario-request"
+}
+

xone_cli-0.1.0/fixtures/open-source-samples/modelcontextprotocol-servers.json

@@ -0,0 +1,12 @@
+{
+  "schema_version": "xone.open_source_sample.v1",
+  "source_url": "https://github.com/modelcontextprotocol/servers",
+  "collected_at": "2026-06-14",
+  "stars": 87186,
+  "forks": 10998,
+  "sample_type": "mcp-server-examples",
+  "observed_pattern": "Official MCP server collection with filesystem, fetch, git, memory, and other tool patterns.",
+  "expected_xone_behavior": "Use as broad MCP ecosystem fixture source; classify filesystem, network, process, and unpinned launch signals as review context.",
+  "feedback_classification": "catalog-update"
+}
+

xone_cli-0.1.0/fixtures/open-source-samples/openai-codex.json

@@ -0,0 +1,12 @@
+{
+  "schema_version": "xone.open_source_sample.v1",
+  "source_url": "https://github.com/openai/codex",
+  "collected_at": "2026-06-14",
+  "stars": 90890,
+  "forks": 13410,
+  "sample_type": "ai-coding-tool",
+  "observed_pattern": "Terminal coding agent with local codebase operations.",
+  "expected_xone_behavior": "Use for evidence loop messaging, failure packet examples, and installation experience comparisons.",
+  "feedback_classification": "scenario-request"
+}
+

xone_cli-0.1.0/fixtures/open-source-samples/openhands.json

@@ -0,0 +1,12 @@
+{
+  "schema_version": "xone.open_source_sample.v1",
+  "source_url": "https://github.com/OpenHands/OpenHands",
+  "collected_at": "2026-06-14",
+  "stars": 76929,
+  "forks": 9771,
+  "sample_type": "agent-workflow",
+  "observed_pattern": "AI-driven development agent platform with larger workflow surface area.",
+  "expected_xone_behavior": "Use for workflow-level evidence expectations, not single-command assumptions.",
+  "feedback_classification": "adapter-request"
+}
+

xone_cli-0.1.0/fixtures/open-source-samples/upstash-context7.json

@@ -0,0 +1,12 @@
+{
+  "schema_version": "xone.open_source_sample.v1",
+  "source_url": "https://github.com/upstash/context7",
+  "collected_at": "2026-06-14",
+  "stars": 57304,
+  "forks": 2706,
+  "sample_type": "mcp-server-examples",
+  "observed_pattern": "Documentation context MCP-style service used by AI coding tools.",
+  "expected_xone_behavior": "Classify documentation retrieval and network/context dependencies as review context.",
+  "feedback_classification": "catalog-update"
+}
+

xone_cli-0.1.0/ops/constraints/main-entry.md

@@ -0,0 +1,8 @@
+# Main Entry Constraints
+
+- Keep top-level commands small and intention-based.
+- Prefer `doctor`, `evidence`, `risk`, `lab`, `runbook`, and `release`.
+- Put specialized behavior behind subcommands.
+- Keep underlying tools directly usable.
+- Delete or move commands that make the main entry feel crowded.
+

xone_cli-0.1.0/ops/constraints/production.md

@@ -0,0 +1,10 @@
+# Production Constraints
+
+- Build production-usable workflows, not demos.
+- Prefer explicit artifacts over hidden side effects.
+- Do not post PR comments automatically.
+- Do not mutate user repositories automatically.
+- Do not make hidden network calls.
+- Preserve underlying tool errors.
+- Make missing dependencies actionable.
+

xone_cli-0.1.0/ops/opt-overlay.md

@@ -0,0 +1,12 @@
+# OPT Overlay
+
+`xone-cli` references One Person Team / OPT but does not modify OPT.
+
+Project-specific roles:
+
+- Product Manager: keep the main entry useful and uncluttered.
+- Developer Experience Reviewer: verify first-run ergonomics.
+- Release / Distribution Reviewer: verify package and installer readiness.
+- Security Reviewer: verify no hidden network calls or unsafe automation.
+- QA Engineer: verify local and release candidate paths.
+

xone_cli-0.1.0/ops/skills/evolution.md

@@ -0,0 +1,14 @@
+# Skill Evolution
+
+Keep constraints and workflow skills that improve actual first-run success.
+
+Delete or weaken rules that create:
+
+- noisy documentation
+- crowded command surfaces
+- false security confidence
+- hidden automation
+- unclear ownership
+
+Review this file before each release.
+

xone_cli-0.1.0/pyproject.toml

@@ -0,0 +1,52 @@
+[build-system]
+requires = ["setuptools>=69", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "xone-cli"
+version = "0.1.0"
+description = "Unified CLI entry point for X-One Agent Evidence Loop workflows."
+readme = "README.md"
+requires-python = ">=3.11"
+license = "MIT"
+authors = [
+  { name = "X-One-AI" }
+]
+keywords = ["ai", "agents", "devsecops", "mcp", "cli"]
+classifiers = [
+  "Development Status :: 3 - Alpha",
+  "Environment :: Console",
+  "Intended Audience :: Developers",
+  "Intended Audience :: Information Technology",
+  "Programming Language :: Python :: 3",
+  "Programming Language :: Python :: 3.11",
+  "Programming Language :: Python :: 3.12",
+  "Topic :: Security",
+  "Topic :: Software Development :: Quality Assurance",
+]
+dependencies = []
+
+[project.optional-dependencies]
+dev = [
+  "build>=1.2.2",
+  "pytest>=8.0",
+]
+
+[project.urls]
+Homepage = "https://github.com/X-One-AI/xone-cli"
+Repository = "https://github.com/X-One-AI/xone-cli"
+Issues = "https://github.com/X-One-AI/xone-cli/issues"
+
+[project.scripts]
+xone = "xone_cli.cli:entrypoint"
+
+[tool.setuptools]
+package-dir = {"" = "src"}
+
+[tool.setuptools.packages.find]
+where = ["src"]
+
+[tool.pytest.ini_options]
+pythonpath = ["src"]
+testpaths = ["tests"]
+

xone_cli-0.1.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

xone_cli-0.1.0/src/xone_cli/__init__.py

@@ -0,0 +1,4 @@
+from __future__ import annotations
+
+__version__ = "0.1.0"
+

xone_cli-0.1.0/src/xone_cli/__main__.py

@@ -0,0 +1,8 @@
+from __future__ import annotations
+
+from xone_cli.cli import entrypoint
+
+
+if __name__ == "__main__":
+    entrypoint()
+