huanld
2fb067ecbf
checklocks / checklocks (push) Has been cancelled
CodeQL / Analyze (go) (push) Has been cancelled
natlab-integrationtest / natlab-integrationtest (push) Has been cancelled
CI / gomod-cache (push) Has been cancelled
CI / race-root-integration (1/4) (push) Has been cancelled
CI / race-root-integration (2/4) (push) Has been cancelled
CI / race-root-integration (3/4) (push) Has been cancelled
CI / race-root-integration (4/4) (push) Has been cancelled
CI / test (-race, amd64, 1/3) (push) Has been cancelled
CI / test (-race, amd64, 2/3) (push) Has been cancelled
CI / test (-race, amd64, 3/3) (push) Has been cancelled
CI / test (386) (push) Has been cancelled
CI / test (amd64) (push) Has been cancelled
CI / Windows (benchmarks) (push) Has been cancelled
CI / Windows (1/2) (push) Has been cancelled
CI / Windows (2/2) (push) Has been cancelled
CI / macos (push) Has been cancelled
CI / privileged (push) Has been cancelled
CI / vm (push) Has been cancelled
CI / cross (386, linux) (push) Has been cancelled
CI / cross (amd64, darwin) (push) Has been cancelled
CI / cross (amd64, freebsd) (push) Has been cancelled
CI / cross (amd64, openbsd) (push) Has been cancelled
CI / cross (amd64, windows) (push) Has been cancelled
CI / cross (arm, 5, linux) (push) Has been cancelled
CI / cross (arm, 7, linux) (push) Has been cancelled
CI / cross (arm64, darwin) (push) Has been cancelled
CI / cross (arm64, linux) (push) Has been cancelled
CI / cross (arm64, windows) (push) Has been cancelled
CI / cross (loong64, linux) (push) Has been cancelled
CI / ios (push) Has been cancelled
CI / crossmin (amd64, illumos) (push) Has been cancelled
CI / crossmin (amd64, plan9) (push) Has been cancelled
CI / crossmin (amd64, solaris) (push) Has been cancelled
CI / crossmin (ppc64, aix) (push) Has been cancelled
CI / android (push) Has been cancelled
CI / wasm (push) Has been cancelled
CI / tailscale_go (push) Has been cancelled
CI / fuzz (push) Has been cancelled
CI / depaware (push) Has been cancelled
CI / go_generate (push) Has been cancelled
CI / make_tidy (push) Has been cancelled
CI / licenses (push) Has been cancelled
CI / staticcheck (macOS) (push) Has been cancelled
CI / staticcheck (Linux) (push) Has been cancelled
CI / staticcheck (Windows) (push) Has been cancelled
CI / staticcheck (Portable (1/4)) (push) Has been cancelled
CI / staticcheck (Portable (2/4)) (push) Has been cancelled
CI / staticcheck (Portable (3/4)) (push) Has been cancelled
CI / staticcheck (Portable (4/4)) (push) Has been cancelled
CI / notify_slack (push) Has been cancelled
CI / merge_blocker (push) Has been cancelled
CI / check_mergeability_strict (push) Has been cancelled
CI / check_mergeability (push) Has been cancelled
Dockerfile build / deploy (push) Has been cancelled
test installer.sh / test (curl, alpine:3.21) (push) Has been cancelled
test installer.sh / test (curl, alpine:edge) (push) Has been cancelled
test installer.sh / test (curl, alpine:latest) (push) Has been cancelled
test installer.sh / test (curl, amazonlinux:latest) (push) Has been cancelled
test installer.sh / test (curl, archlinux:latest) (push) Has been cancelled
test installer.sh / test (curl, debian:oldstable-slim) (push) Has been cancelled
test installer.sh / test (curl, debian:sid-slim) (push) Has been cancelled
test installer.sh / test (curl, debian:stable-slim, 1.80.0) (push) Has been cancelled
test installer.sh / test (curl, debian:testing-slim) (push) Has been cancelled
test installer.sh / test (curl, elementary/docker:stable) (push) Has been cancelled
test installer.sh / test (curl, elementary/docker:unstable) (push) Has been cancelled
test installer.sh / test (curl, fedora:latest, 1.80.0) (push) Has been cancelled
test installer.sh / test (curl, kalilinux/kali-dev) (push) Has been cancelled
test installer.sh / test (curl, kalilinux/kali-rolling) (push) Has been cancelled
test installer.sh / test (curl, opensuse/leap:latest) (push) Has been cancelled
test installer.sh / test (curl, opensuse/tumbleweed:latest) (push) Has been cancelled
test installer.sh / test (curl, oraclelinux:8) (push) Has been cancelled
test installer.sh / test (curl, oraclelinux:9) (push) Has been cancelled
test installer.sh / test (curl, parrotsec/core:latest) (push) Has been cancelled
test installer.sh / test (curl, rockylinux:8.7) (push) Has been cancelled
test installer.sh / test (curl, rockylinux:9) (push) Has been cancelled
test installer.sh / test (curl, ubuntu:20.04) (push) Has been cancelled
test installer.sh / test (curl, ubuntu:22.04) (push) Has been cancelled
test installer.sh / test (curl, ubuntu:24.04, 1.80.0) (push) Has been cancelled
test installer.sh / test (wget, debian:oldstable-slim) (push) Has been cancelled
test installer.sh / test (wget, debian:sid-slim) (push) Has been cancelled
update-flake / update-flake (push) Has been cancelled
tailscale.com/cmd/vet / vet (push) Has been cancelled
test installer.sh / notify-slack (push) Has been cancelled
Client security fixes (cmd/tailscale-tray/main.go): - SSRF protection in Add Server dialog (validateControlURL): reject private/loopback/link-local/cloud-metadata IPs via DNS resolution - RCE gate on AuthURL/BrowseToURL exec paths (validateAuthURL) - Sanitized URL logging (sanitizeURLForLog drops query auth tokens) - Error handling on exec.Command with user-facing showError() Admin panel security (web-admin): - Bcrypt password hashing (replaces SHA256) - Rate limiting: 5 failed logins → 15-min lockout - Session + login attempt cleanup goroutine (hourly) - url.QueryEscape / encodeURIComponent for all API params - Fail-hard startup when no TLS and non-loopback bind - ADMIN_PASSWORD required (no default), password min 12 chars - Username regex whitelist Installer hardening (Setup.wxs): - util:PermissionEx restricts SCM access: only Administrators + SYSTEM can start/stop/reconfigure service. Authenticated Users limited to QueryStatus/QueryConfig/Interrogate - Vital="yes" on ServiceInstall Docs & roadmap: - PRODUCTION_ROADMAP.md: 5-milestone plan (security + features + distribution + ops) with granular tasks, effort, done-when - CLIENT_SECURITY_AUDIT.md, SECURITY_FIXES.md, DEPLOYMENT.md - AI assistant rules (.cursorrules, .antigravityrules, etc.) Build & distribution: - build-msi.ps1, deploy-and-sign.ps1, sign-release.ps1 - redeploy.ps1, tray-deploy.ps1, test-msi.ps1 - installer/msi/ alternative WXS setup - Restored .github/workflows/ removed in mirror cleanup .gitignore hardened: *.pfx, *.p12, *.key, *.pem, .env*
11 KiB
11 KiB
Antigravity Kit Architecture
Comprehensive AI Agent Capability Expansion Toolkit
📋 Overview
Antigravity Kit is a modular system consisting of:
- 20 Specialist Agents - Role-based AI personas
- 38 Skills - Domain-specific knowledge modules
- 16 Workflows - Slash command procedures
🏗️ Directory Structure
.agent/
├── ARCHITECTURE.md # This file
├── agents/ # 20 Specialist Agents
├── skills/ # 36 Skills
├── workflows/ # 12 Slash Commands
├── rules/ # Global Rules
└── scripts/ # Master Validation Scripts
🤖 Agents (20)
Specialist AI personas for different domains.
| Agent | Focus | Skills Used |
|---|---|---|
orchestrator |
Multi-agent coordination | parallel-agents, behavioral-modes |
project-planner |
Discovery, task planning | brainstorming, plan-writing, architecture |
frontend-specialist |
Web UI/UX | frontend-design, react-best-practices, tailwind-patterns |
backend-specialist |
API, business logic | api-patterns, nodejs-best-practices, database-design |
database-architect |
Schema, SQL | database-design, prisma-expert |
mobile-developer |
iOS, Android, RN | mobile-design |
game-developer |
Game logic, mechanics | game-development |
devops-engineer |
CI/CD, Docker | deployment-procedures, docker-expert |
security-auditor |
Security compliance | vulnerability-scanner, red-team-tactics |
penetration-tester |
Offensive security | red-team-tactics |
test-engineer |
Testing strategies | testing-patterns, tdd-workflow, webapp-testing |
debugger |
Root cause analysis | systematic-debugging |
performance-optimizer |
Speed, Web Vitals | performance-profiling |
seo-specialist |
Ranking, visibility | seo-fundamentals, geo-fundamentals |
documentation-writer |
Manuals, docs | documentation-templates |
product-manager |
Requirements, user stories | plan-writing, brainstorming |
product-owner |
Strategy, backlog, MVP | plan-writing, brainstorming |
qa-automation-engineer |
E2E testing, CI pipelines | webapp-testing, testing-patterns |
code-archaeologist |
Legacy code, refactoring | clean-code, code-review-checklist |
explorer-agent |
Codebase analysis | - |
🧩 Skills (36)
Modular knowledge domains that agents can load on-demand. based on task context.
Frontend & UI
| Skill | Description |
|---|---|
react-best-practices |
React & Next.js performance optimization (Vercel - 57 rules) |
web-design-guidelines |
Web UI audit - 100+ rules for accessibility, UX, performance (Vercel) |
tailwind-patterns |
Tailwind CSS v4 utilities |
frontend-design |
UI/UX patterns, design systems |
ui-ux-pro-max |
50 styles, 21 palettes, 50 fonts |
Backend & API
| Skill | Description |
|---|---|
api-patterns |
REST, GraphQL, tRPC |
nestjs-expert |
NestJS modules, DI, decorators |
nodejs-best-practices |
Node.js async, modules |
python-patterns |
Python standards, FastAPI |
Database
| Skill | Description |
|---|---|
database-design |
Schema design, optimization |
prisma-expert |
Prisma ORM, migrations |
TypeScript/JavaScript
| Skill | Description |
|---|---|
typescript-expert |
Type-level programming, performance |
Cloud & Infrastructure
| Skill | Description |
|---|---|
docker-expert |
Containerization, Compose |
deployment-procedures |
CI/CD, deploy workflows |
server-management |
Infrastructure management |
Testing & Quality
| Skill | Description |
|---|---|
testing-patterns |
Jest, Vitest, strategies |
webapp-testing |
E2E, Playwright |
tdd-workflow |
Test-driven development |
code-review-checklist |
Code review standards |
lint-and-validate |
Linting, validation |
Security
| Skill | Description |
|---|---|
vulnerability-scanner |
Security auditing, OWASP |
red-team-tactics |
Offensive security |
Architecture & Planning
| Skill | Description |
|---|---|
app-builder |
Full-stack app scaffolding |
architecture |
System design patterns |
plan-writing |
Task planning, breakdown |
brainstorming |
Socratic questioning |
Mobile
| Skill | Description |
|---|---|
mobile-design |
Mobile UI/UX patterns |
Game Development
| Skill | Description |
|---|---|
game-development |
Game logic, mechanics |
SEO & Growth
| Skill | Description |
|---|---|
seo-fundamentals |
SEO, E-E-A-T, Core Web Vitals |
geo-fundamentals |
GenAI optimization |
Shell/CLI
| Skill | Description |
|---|---|
bash-linux |
Linux commands, scripting |
powershell-windows |
Windows PowerShell |
Other
| Skill | Description |
|---|---|
clean-code |
Coding standards (Global) |
coding-levels |
Adaptive communication (0-5) |
behavioral-modes |
Agent personas |
parallel-agents |
Multi-agent patterns |
mcp-builder |
Model Context Protocol |
documentation-templates |
Doc formats |
i18n-localization |
Internationalization |
performance-profiling |
Web Vitals, optimization |
systematic-debugging |
Troubleshooting |
🔄 Workflows (12)
Slash command procedures. Invoke with /command.
| Command | Description |
|---|---|
/brainstorm |
Socratic discovery |
/create |
Create new features |
/debug |
Debug issues |
/deploy |
Deploy application |
/enhance |
Improve existing code |
/ins-develop |
INS Module development |
/orchestrate |
Multi-agent coordination |
/plan |
Task breakdown |
/preview |
Preview changes |
/status |
Check project status |
/test |
Run tests |
/ui-ux-pro-max |
Design with 50 styles |
🎯 Skill Loading Protocol
User Request → Skill Description Match → Load SKILL.md
↓
Read references/
↓
Read scripts/
Skill Structure
skill-name/
├── SKILL.md # (Required) Metadata & instructions
├── scripts/ # (Optional) Python/Bash scripts
├── references/ # (Optional) Templates, docs
└── assets/ # (Optional) Images, logos
Enhanced Skills (with scripts/references)
| Skill | Files | Coverage |
|---|---|---|
ui-ux-pro-max |
27 | 50 styles, 21 palettes, 50 fonts |
app-builder |
20 | Full-stack scaffolding |
� Scripts (2)
Master validation scripts that orchestrate skill-level scripts.
Master Scripts
| Script | Purpose | When to Use |
|---|---|---|
checklist.py |
Priority-based validation (Core checks) | Development, pre-commit |
verify_all.py |
Comprehensive verification (All checks) | Pre-deployment, releases |
Usage
# Quick validation during development
python .agent/scripts/checklist.py .
# Full verification before deployment
python .agent/scripts/verify_all.py . --url http://localhost:3000
What They Check
checklist.py (Core checks):
- Security (vulnerabilities, secrets)
- Code Quality (lint, types)
- Schema Validation
- Test Suite
- UX Audit
- SEO Check
verify_all.py (Full suite):
- Everything in checklist.py PLUS:
- Lighthouse (Core Web Vitals)
- Playwright E2E
- Bundle Analysis
- Mobile Audit
- i18n Check
For details, see scripts/README.md
📊 Statistics
| Metric | Value |
|---|---|
| Total Agents | 20 |
| Total Skills | 38 |
| Total Workflows | 16 |
| Total Scripts | 2 (master) + 18 (skill-level) |
| Coverage | ~90% web/mobile development |
🔗 Quick Reference
| Need | Agent | Skills |
|---|---|---|
| Web App | frontend-specialist |
react-best-practices, frontend-design |
| API | backend-specialist |
api-patterns, nodejs-best-practices |
| Mobile | mobile-developer |
mobile-design |
| Database | database-architect |
database-design, prisma-expert |
| Security | security-auditor |
vulnerability-scanner |
| Testing | test-engineer |
testing-patterns, webapp-testing |
| Debug | debugger |
systematic-debugging |
| Plan | project-planner |
brainstorming, plan-writing |