Commit Graph

4 Commits

Author SHA1 Message Date
bastien
051779e5ff feat(onboard): make cso security audit archetype-aware
STEP 4.5 extracts the archetype's "Implications" (Surface sécurité) and
"Typical pain points" sections into .onboard-audit/archetype-context.md.
STEP 6 cso dispatch reads it and filters checks per category: web vulns
(XSS/SQLi/CORS/CSP/CSRF/HTTPS) only on framework/api/ecommerce/cms,
embedded-specific checks (buffer overflow, secure boot, JTAG, OTA sig)
only on embedded; library/cli/infra/data-science/desktop each get their
own focused section. Previously the fallback prompt searched for web
vulnerabilities even on firmware projects.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 13:52:09 +02:00
bastien
dc9f037490 refactor(seo-analyzer): full rewrite — dual-depth audit, sub-agent orchestration, legal/GEO/competitive analysis
Complete rewrite of the SEO/GEO audit agent (317 → 868 lines):

- Two audit depths: LOCAL (code-only, 4 scored axes) and FULL (live site +
  external presence + competitors, 8 scored axes). Same rigor, user chooses.
- Plugin-advisor invoked at STEP 3 (after stack detection), not upfront.
  Only triggered for FULL depth. Offers downgrade to LOCAL if tools missing.
- Sub-agent orchestration: findings triaged into 6 batches (A-F), delegated
  to hotfixer (1-2 file fixes), feater (multi-file features), or direct Bash
  (image pipeline). No more raw edits from the orchestrator.
- New audit scopes: live HTTP audit, external presence (GMB, social, citations,
  NAP consistency), competitive analysis, legal compliance FR (LCEN, RGPD,
  DGCCRF), GEO/AI readiness (FAQPage, E-E-A-T, AI engine visibility).
- Scored report (/20 per axis, weighted by business type) with prioritized
  action plan (quick wins / medium / long term).
- SEO.md versioned document (15 sections, iterative updates, audit history).
- Landing page protection rule, confirmation gates for structural changes.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-16 16:03:34 +02:00
bastien
57309b80f8 feat(agents): add design gate for automatic ui-ux-pro-max detection
Lightweight skills (feat, hotfix, bugfix) had zero plugin awareness —
design tasks ran without ui-ux-pro-max even when relevant. Add a
design gate (lib/design-gate.md) that auto-detects UI/style signals
in task description and filesystem, then asks the user to activate
ui-ux-pro-max if inactive. Orchestrators already handle this via
their STEP 0 plugin-check.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-16 01:50:56 +02:00
bastien
3f69326c9a chore: switch CLAUDE_EFFORT env var to --effort alias, add task tracking
install-plugins.sh: replace 'export CLAUDE_EFFORT=max' with
'alias claude="claude --effort max"' (cleaner, uses CLI flag).
Cleans up old env var from shell profile on re-run.

Also adds tasks/ tracking files and fixes trailing whitespace in CLAUDE.md.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-15 23:21:57 +02:00