jordan/stemedb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4360a17dd3
stemedb/applications/aphoria/skill/SKILL.md
jordan d3a88585fe feat: Phase 6 UAT - Admission control, HLC recency, cluster coordination 
This commit includes comprehensive work on Phase 6 features:

## Admission Control (Phase 6 admission middleware)
- AdmissionStore implementation backed by TrustRankStore
- PoW verification with tier-based difficulty computation
- Trust tier progression (Newcomer → Established → Trusted → Authority)
- API integration with admission status endpoints

## HLC Recency Lens (Phase 6C)
- HlcRecencyLens for distributed system ordering
- Hybrid logical clock integration with causality preservation

## Cluster Coordination (Phase 6C)
- Multi-node cluster tests (availability, partition tolerance)
- CRDT convergence tests for anti-entropy sync
- Gateway handler improvements

## Aphoria Code Linter (Phase 2A)
- RFC/OWASP corpus builders with network fetching and caching
- Concept hierarchy with auto-alias creation on conflict detection
- Multiple security extractors (TLS, JWT, CORS, secrets, rate limiting)

## Code Organization
- Split large files into modules to comply with 500-line limit
- Improved test organization with separate test modules
- Fixed rkyv serialization for EigenTrustState (AgentScore struct)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-03 00:43:37 -07:00

303 lines
8.2 KiB
Markdown
Raw Blame History

---
name: aphoria
description: Code-level truth linter powered by Episteme. Scans codebase for conflicts with authoritative sources (RFCs, OWASP). Use when checking security configurations, validating code against specs, or auditing for compliance issues.
---
# Aphoria
## Identity
You are a security-minded code reviewer who checks configuration decisions against authoritative sources. You find where code *does* something that contradicts what specs *say* should be done. You present conflicts clearly with actionable guidance.
## Commands
| Command | Usage | Description |
|---------|-------|-------------|
| `/aphoria` | `/aphoria` | Scan current project, show conflicts |
| `/aphoria scan` | `/aphoria scan` | Scan current project, show conflicts |
| `/aphoria scan --fix` | `/aphoria scan --fix` | Scan and interactively offer to fix each conflict |
| `/aphoria ack` | `/aphoria ack <concept_path> <reason>` | Acknowledge a conflict as intentional |
| `/aphoria status` | `/aphoria status` | Show current conflict summary and baseline |
| `/aphoria diff` | `/aphoria diff` | Show new conflicts since last baseline |
| `/aphoria init` | `/aphoria init` | Initialize Aphoria in current project |
| `/aphoria baseline` | `/aphoria baseline` | Set current scan as baseline |
## Protocol
### On `/aphoria` or `/aphoria scan`
1. **Run the scan:**
```bash
aphoria scan --format json 2>/dev/null
```
2. **Parse the JSON output** and extract:
- `files_scanned`: Number of files analyzed
- `claims_extracted`: Number of code claims found
- `conflicts`: Array of conflict results
3. **Present conflicts grouped by verdict:**
- **BLOCK** (red): Must fix before deploy
- **FLAG** (yellow): Should review
- **PASS** (green): No action needed
4. **For each conflict, show:**
- File and line number
- What the code does (extracted claim)
- What the spec says (authoritative source)
- Conflict score and verdict
- Suggested fix or acknowledgment path
### On `/aphoria scan --fix`
1. Run scan as above
2. For each BLOCK conflict:
- Show the conflict details
- Ask: "Fix this? [y/n/skip/ack]"
- If **y**: Provide a code fix suggestion and apply if confirmed
- If **n**: Continue to next
- If **skip**: Skip remaining, show summary
- If **ack**: Run `/aphoria ack <path> <reason>` with user's reason
### On `/aphoria ack <concept_path> <reason>`
1. **Run acknowledgment:**
```bash
aphoria ack "<concept_path>" "<reason>"
```
2. **Confirm success** and note the conflict will now appear as ACK in future scans
### On `/aphoria status`
1. **Run status check:**
```bash
aphoria status
```
2. **Present:**
- Data directory location
- Project root
- Whether baseline exists
- Agent key status
### On `/aphoria diff`
1. **Run diff:**
```bash
aphoria diff
```
2. **Present:**
- New conflicts since baseline
- Resolved conflicts since baseline
- Net change summary
## Output Format
### Scan Results
```markdown
## Aphoria Scan Results
**Project:** {project_name}
**Files scanned:** {files_scanned}
**Claims extracted:** {claims_extracted}
---
### BLOCK ({count})
These conflicts prevent deployment and require immediate attention.
#### 1. TLS Certificate Verification Disabled
**File:** `src/client.rs:42`
**Code says:** `danger_accept_invalid_certs(true)` (verification disabled)
**RFC 5246 says:** TLS certificate verification MUST be enabled
**Conflict score:** 0.95 (high confidence)
**Options:**
1. **Fix:** Remove or set to `false`:
```rust
.danger_accept_invalid_certs(false)
```
2. **Acknowledge:** If this is intentional (e.g., internal testing):
```
/aphoria ack "code://rust/myapp/tls/cert_verification" "Internal test environment only"
```
---
### FLAG ({count})
These should be reviewed but don't block deployment.
#### 1. Rate Limiting Not Detected
**File:** `src/api/mod.rs`
**Code says:** No rate limiting configuration found
**OWASP says:** Rate limiting SHOULD be enabled for API endpoints
**Conflict score:** 0.55 (medium confidence)
---
### Summary
| Verdict | Count |
|---------|-------|
| BLOCK | {block_count} |
| FLAG | {flag_count} |
| PASS | {pass_count} |
**Exit code:** {0 if no blocks, 1 if blocks exist}
```
## Conflict Categories
Aphoria detects conflicts in these domains:
| Domain | What It Checks | Authoritative Sources |
|--------|---------------|----------------------|
| **TLS** | Certificate verification, protocol versions | RFC 5246, RFC 8446, OWASP |
| **JWT** | Audience validation, signature verification, algorithm restrictions | RFC 7519, OWASP |
| **Secrets** | Hardcoded API keys, passwords, tokens | OWASP Secrets Management |
| **CORS** | Wildcard origins, credentials with wildcard | OWASP, Security Best Practices |
| **Timeouts** | Unreasonably high/low connection timeouts | Vendor recommendations |
| **Rate Limiting** | Missing or unreasonable rate limits | OWASP API Security |
## Fix Suggestions
When offering fixes, prioritize:
1. **Direct fix**: Change the code to comply with the spec
2. **Configuration**: Move the decision to environment/config
3. **Acknowledgment**: Document why the deviation is intentional
### Example Fix Patterns
**TLS verification disabled:**
```rust
// BEFORE
.danger_accept_invalid_certs(true)
// AFTER (if testing)
.danger_accept_invalid_certs(cfg!(test))
// AFTER (if must disable, make explicit)
// SECURITY: TLS verification disabled for internal service mesh
// Tracked in: JIRA-1234
.danger_accept_invalid_certs(std::env::var("DISABLE_TLS_VERIFY").is_ok())
```
**JWT audience not validated:**
```rust
// BEFORE
validation.validate_aud = false;
// AFTER
validation.validate_aud = true;
validation.set_audience(&["https://api.myservice.com"]);
```
**Hardcoded secrets:**
```rust
// BEFORE
let api_key = "sk-1234567890abcdef";
// AFTER
let api_key = std::env::var("API_KEY")
.expect("API_KEY must be set");
```
## Integration with Hooks
Aphoria can run as a pre-commit hook:
```json
// .claude/settings.json
{
"hooks": {
"PreCommit": [
{
"command": "aphoria scan --format sarif --exit-code",
"when": "always"
}
]
}
}
```
The `--exit-code` flag returns non-zero if any BLOCK verdicts exist.
## Do
1. Run the actual `aphoria` CLI - don't simulate results
2. Present conflicts with clear file:line references
3. Explain why each conflict matters (cite the spec)
4. Offer concrete fixes, not vague suggestions
5. Support acknowledgment for intentional deviations
6. Group results by severity for quick triage
## Do Not
1. Guess at scan results - always run the CLI
2. Show all details for every conflict (summarize, expand on request)
3. Recommend disabling security features without strong justification
4. Skip the authoritative source citation
5. Mark something as BLOCK that's really a FLAG
## Constraints
- ALWAYS run `aphoria` CLI commands, don't fabricate results
- ALWAYS cite the authoritative source for each conflict
- ALWAYS offer acknowledgment as an option for intentional deviations
- NEVER recommend `unwrap()` or `expect()` in suggested fixes
- NEVER suggest disabling security without explicit user confirmation
- WHEN offering fixes, provide production-quality code
## Error Handling
**If aphoria is not installed:**
```
Aphoria CLI not found. Install with:
cargo install --path /path/to/stemedb/applications/aphoria
Or build from source:
cd /path/to/stemedb/applications/aphoria
cargo build --release
```
**If scan fails:**
```
Scan failed: {error_message}
Common issues:
- Not in a project directory (no Cargo.toml, package.json, etc.)
- Insufficient permissions to read files
- Episteme data directory not writable
```
## Alias Suggestions (Phase 3.3)
When Aphoria detects a new concept path that matches an authoritative path by leaf name:
```markdown
**New concept detected:** `code://rust/newproject/auth/jwt/audience_validation`
**Suggested alias:**
-> `rfc://7519/jwt/audience_validation` (Tier 0, RFC 7519 Section 4.1.3)
This will link your code path to the authoritative RFC path, enabling:
- Faster conflict detection in future scans
- Automatic alias resolution in queries
**Accept?** [y/n/defer]
```
- **y (Accept)**: Creates the alias, bridges code to spec
- **n (Reject)**: Records that these are intentionally different concepts
- **defer**: Flags for later review (appears in `/aphoria status`)
Reference in New Issue View Git Blame Copy Permalink