keisei/KeiSeiKit-1.0
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
KeiSeiKit-1.0/_primitives
History
Parfii-bot f77c1b7fdc fix(v0.15.1): RED-1 CVE + typed-handoff + schema minItems 
Security hotfix — v0.15.1 Wave 1 fixes from 4-parallel audit.

RED-1 (CVE): KEI_DISABLED_HOOKS tokenized match — was `*all*`
substring-glob (trivially bypassable via "install", "wall-clock", etc.),
now exact-token split on comma/space. Patched in all 9 hooks:
no-hand-edit-agents, assemble-agents, assemble-validate, tomd-preread,
agent-fork-logger, site-wysiwyd-check, error-spike-detector,
milestone-commit-hook, session-end-dump.

RED-2 (observability): minimal profile whitelist now includes
agent-fork-logger and session-end-dump (ledger + trace paths) so
observability is not silently lost on minimal installs.

HIGH: review.json schema minItems:1 on findings — rejects empty
reviews; new Rust test review_schema_rejects_empty_findings.

HIGH: typed-handoff wire-up — produces_artifact declared at top
level on 5 manifests (kei-security-auditor, kei-validator,
kei-architect, kei-code-implementer, kei-critic); duplicate
per-handoff declarations removed.

MED: kei-artifact validate.rs gains warn_unsupported_keywords —
non-fatal stderr warning when schema uses keywords outside the
hand-rolled 2020-12 subset.

LOW: CI Node matrix dropped 18, now ['20','22'].

Doc drift: skills/hooks-control/SKILL.md reflects tokenized-match
semantics and updated minimal-profile hook list.

Tests: 191 Rust workspace + 30 assembler (both pass). RED-1
reproducer 10/10 (4 former-CVE vectors blocked, 5 legit vectors
accepted, empty passes).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 15:08:51 +08:00
..
_rust fix(v0.15.1): RED-1 CVE + typed-handoff + schema minItems 2026-04-22 15:08:51 +08:00
templates fix: remove genesis-scan from public kit (internal tool, Bundle-only) 2026-04-22 14:11:22 +08:00
design-scrape.sh feat(primitives): 5 shell primitives — design-scrape, live-preview, figma-tokens, frontend-inspect, screenshot-decode 2026-04-21 21:07:45 +08:00
figma-tokens.sh feat(primitives): 5 shell primitives — design-scrape, live-preview, figma-tokens, frontend-inspect, screenshot-decode 2026-04-21 21:07:45 +08:00
frontend-inspect.sh feat(primitives): 5 shell primitives — design-scrape, live-preview, figma-tokens, frontend-inspect, screenshot-decode 2026-04-21 21:07:45 +08:00
harden-base.sh feat(primitives): 3 shell provisioning + hardening 2026-04-21 20:59:38 +08:00
kei-ci-lint.sh feat(primitives): kei-ci-lint workflow YAML validator 2026-04-21 20:56:24 +08:00
kei-docs-scaffold.sh feat(primitives): kei-docs-scaffold shell + kei-changelog Rust 2026-04-21 21:01:28 +08:00
kei-sleep-queue.sh fix: remove genesis-scan from public kit (internal tool, Bundle-only) 2026-04-22 14:11:22 +08:00
kei-sleep-setup.sh feat(primitives): kei-sleep-setup wizard + kei-sleep-sync helper + trigger template 2026-04-22 01:34:42 +08:00
kei-sleep-sync.sh feat(primitives): kei-sleep-setup wizard + kei-sleep-sync helper + trigger template 2026-04-22 01:34:42 +08:00
live-preview.sh feat(primitives): 5 shell primitives — design-scrape, live-preview, figma-tokens, frontend-inspect, screenshot-decode 2026-04-21 21:07:45 +08:00
log-ship.sh feat(primitives): metrics-scrape + log-ship shell primitives 2026-04-21 20:41:17 +08:00
MANIFEST.toml Merge branch 'feat/v0.15-artifact-handoff' — kei-artifact typed handoff pipeline 2026-04-22 14:15:17 +08:00
metrics-scrape.sh feat(primitives): metrics-scrape + log-ship shell primitives 2026-04-21 20:41:17 +08:00
provision-hetzner.sh feat(primitives): 3 shell provisioning + hardening 2026-04-21 20:59:38 +08:00
provision-vultr.sh feat(primitives): 3 shell provisioning + hardening 2026-04-21 20:59:38 +08:00
README.md fix(audit-m): tomd cache path-salt; bridges respects rollback; rollback rm-rf guard; placeholder URLs; research skill role-tag note; stack frontend-gap doc 2026-04-21 20:09:24 +08:00
screenshot-decode.sh feat(primitives): 5 shell primitives — design-scrape, live-preview, figma-tokens, frontend-inspect, screenshot-decode 2026-04-21 21:07:45 +08:00
tomd.sh fix(primitives): make pandoc a per-format dep, not a core prereq 2026-04-21 19:53:05 +08:00

README.md

_primitives — first-class building blocks

_primitives/ holds standalone utilities that agents, hooks, and skills (including /compose-solution) depend on. Unlike _blocks/ (behavioral markdown) or _manifests/ (agent TOML), primitives are executable shell programs installed at $HOME/.claude/agents/_primitives/ by install.sh.

Current primitives

Primitive Purpose Invocation
tomd.sh Universal non-native-format → markdown converter (PDF, DOCX, XLSX, PPTX, CSV, images, code). ~/.claude/agents/_primitives/tomd.sh <file>

tomd.sh is ported from the KeiAgent project (user's personal CLI predecessor) bin/keiagent-tomd — same format matrix, KeiSeiKit-style error tags ([tomd]), configurable cache directory (KEISEI_TOMD_CACHE).

Hook integration

hooks/tomd-preread.sh is a PreToolUse(Read) hook that auto-redirects Claude to the converted markdown when a Read targets .docx / .doc / .xlsx / .pptx / .csv. Cached under $KEISEI_TOMD_CACHE (default /tmp/keisei-tomd-cache).

/compose-solution discovery

Phase 3 prior-art sweep greps _primitives/ alongside _blocks/, _manifests/, skills/, _bridges/, hooks/. If a user task involves file-format parsing, the meta-composer surfaces tomd automatically — reuse over rewrite (RULE "No Patching").