mirror of
https://github.com/azaion/detections.git
synced 2026-04-23 06:16:33 +00:00
Enhance security auditing capabilities by introducing a comprehensive 5-phase OWASP-based security audit process, including dependency scanning, static analysis, and a consolidated report with severity-ranked findings. Update autopilot workflows to incorporate an optional security audit step before deployment, and refine documentation across related skills for clarity and usability.
This commit is contained in:
Oleksandr Bezdieniezhnykh
@@ -1,6 +1,6 @@
|
||||
# Greenfield Workflow
|
||||
|
||||
Workflow for new projects built from scratch. Flows linearly: Problem → Research → Plan → Decompose → Implement → Run Tests → Deploy.
|
||||
Workflow for new projects built from scratch. Flows linearly: Problem → Research → Plan → Decompose → Implement → Run Tests → Security Audit (optional) → Deploy.
|
||||
|
||||
## Step Reference Table
|
||||
|
||||
@@ -8,10 +8,11 @@ Workflow for new projects built from scratch. Flows linearly: Problem → Resear
|
||||
|------|-----------|------------------------|---------------------------------------|
|
||||
| 0 | Problem | problem/SKILL.md | Phase 1–4 |
|
||||
| 1 | Research | research/SKILL.md | Mode A: Phase 1–4 · Mode B: Step 0–8 |
|
||||
| 2 | Plan | plan/SKILL.md | Step 1–6 |
|
||||
| 2 | Plan | plan/SKILL.md | Step 1–6 + Final |
|
||||
| 3 | Decompose | decompose/SKILL.md | Step 1–4 |
|
||||
| 4 | Implement | implement/SKILL.md | (batch-driven, no fixed sub-steps) |
|
||||
| 5 | Run Tests | (autopilot-managed) | Unit tests → Integration/blackbox tests |
|
||||
| 5b | Security Audit | security/SKILL.md | Phase 1–5 (optional) |
|
||||
| 6 | Deploy | deploy/SKILL.md | Step 1–7 |
|
||||
|
||||
## Detection Rules
|
||||
@@ -76,7 +77,7 @@ If `_docs/02_document/` exists but is incomplete (has some artifacts but no `FIN
|
||||
---
|
||||
|
||||
**Step 3 — Decompose**
|
||||
Condition: `_docs/02_document/` contains `architecture.md` AND `_docs/02_document/components/` has at least one component AND `_docs/02_tasks/` does not exist or has no task files (excluding `_dependencies_table.md`) AND (workspace has no source code files OR the user explicitly chose normal workflow in Step 2c)
|
||||
Condition: `_docs/02_document/` contains `architecture.md` AND `_docs/02_document/components/` has at least one component AND `_docs/02_tasks/` does not exist or has no task files (excluding `_dependencies_table.md`)
|
||||
|
||||
Action: Read and execute `.cursor/skills/decompose/SKILL.md`
|
||||
|
||||
@@ -102,7 +103,7 @@ Action: Run the full test suite to verify the implementation before deployment.
|
||||
2. **Integration / blackbox tests**: if `docker-compose.test.yml` or an equivalent test environment exists, spin it up and run the integration test suite
|
||||
3. **Report results**: present a summary of passed/failed/skipped tests
|
||||
|
||||
If all tests pass → auto-chain to Step 6 (Deploy).
|
||||
If all tests pass → auto-chain to Step 5b (Security Audit).
|
||||
|
||||
If tests fail → present using Choose format:
|
||||
|
||||
@@ -120,8 +121,29 @@ If tests fail → present using Choose format:
|
||||
|
||||
---
|
||||
|
||||
**Step 5b — Security Audit (optional)**
|
||||
Condition: the autopilot state shows Step 5 (Run Tests) is completed AND the autopilot state does NOT show Step 5b (Security Audit) as completed or skipped AND (`_docs/04_deploy/` does not exist or is incomplete)
|
||||
|
||||
Action: Present using Choose format:
|
||||
|
||||
```
|
||||
══════════════════════════════════════
|
||||
DECISION REQUIRED: Run security audit before deploy?
|
||||
══════════════════════════════════════
|
||||
A) Run security audit (recommended for production deployments)
|
||||
B) Skip — proceed directly to deploy
|
||||
══════════════════════════════════════
|
||||
Recommendation: A — catches vulnerabilities before production
|
||||
══════════════════════════════════════
|
||||
```
|
||||
|
||||
- If user picks A → Read and execute `.cursor/skills/security/SKILL.md`. After completion, auto-chain to Step 6 (Deploy).
|
||||
- If user picks B → Mark Step 5b as `skipped` in the state file, auto-chain to Step 6 (Deploy).
|
||||
|
||||
---
|
||||
|
||||
**Step 6 — Deploy**
|
||||
Condition: the autopilot state shows Step 5 (Run Tests) is completed AND (`_docs/04_deploy/` does not exist or is incomplete)
|
||||
Condition: the autopilot state shows Step 5 (Run Tests) is completed AND (Step 5b is completed or skipped) AND (`_docs/04_deploy/` does not exist or is incomplete)
|
||||
|
||||
Action: Read and execute `.cursor/skills/deploy/SKILL.md`
|
||||
|
||||
@@ -142,5 +164,6 @@ Action: Report project completion with summary. If the user runs autopilot again
|
||||
| Plan | Auto-chain → Decompose |
|
||||
| Decompose | **Session boundary** — suggest new conversation before Implement |
|
||||
| Implement | Auto-chain → Run Tests (Step 5) |
|
||||
| Run Tests (all pass) | Auto-chain → Deploy (Step 6) |
|
||||
| Run Tests (all pass) | Auto-chain → Security Audit choice (Step 5b) |
|
||||
| Security Audit (done or skipped) | Auto-chain → Deploy (Step 6) |
|
||||
| Deploy | Report completion |
|
||||
|
||||
Reference in New Issue
Block a user