feat: add Factory AI, OpenCode, Gemini targets + skill resource files with security#70
Open
feat: add Factory AI, OpenCode, Gemini targets + skill resource files with security#70
Conversation
Bundle ReportChanges will increase total bundle size by 70.95kB (8.64%) ⬆️
Affected Assets, Files, and Routes:view changes for bundle: promptscript-cliAssets Changed:
|
|
mrwogu
force-pushed
the
feature/factory-ai
branch
from
e684341 to
f1fa60c
Compare
mrwogu
changed the title
mrwogu
force-pushed
the
feature/factory-ai
branch
from
c396fb1 to
5d46e6a
Compare
…esource config - Add 'factory', 'opencode', 'gemini' to CompilationTarget union - Add SkillResource type to AST (relativePath + content) - Add additionalFiles to SkillManifest - Add skills.universalDir config option - Update JSON schema with new targets and skills section
- Factory AI: YAML-based AGENTS.md + .factory/ skills and commands - OpenCode: YAML-based agents.yaml with project rules - Gemini CLI: GEMINI.md with embedded skill instructions - Register new formatters in feature matrix and parity matrix - Export new formatters from package index
- Add sanitizeResourceFiles() and isSafeSkillName() to BaseFormatter - Output additionalFiles alongside skill files in all formatters - Validate paths against traversal and reject unsafe skill names - Defense-in-depth: path validation at both resolver and formatter layers
…ning - Discover resource files in skill directories (everything except SKILL.md) - Symlink detection with lstat() and realpath() verification - Path traversal validation with isSafeRelativePath() - Binary file rejection via null byte detection - Aggregate limits: 100 files max, 1MB per file, 10MB total - Skip known junk files (.env, .DS_Store) and dirs (node_modules, .git) - Support .agents/skills/ universal directory via skills.universalDir config - Verbose logging for all skipped resources
- Add factory, opencode, gemini to CLI compile command - Thread skills.universalDir config from promptscript.yaml to compiler - Add Factory AI detection in ai-tools-detector - Add skill migration template for Factory AI format - Support recursive additionalFiles in compiler output
mrwogu
force-pushed
the
feature/factory-ai
branch
from
5d46e6a to
a7da107
Compare
mrwogu
changed the title
- Add comprehensive Factory AI, OpenCode, Gemini formatter tests - Add skill resource discovery tests with security scenarios - Test symlink detection, binary rejection, path traversal prevention - Test aggregate limits (count, size), junk file skipping - Update parity matrix and feature coverage tests for new targets - Add normalize and CLI tests for new targets
mrwogu
force-pushed
the
feature/factory-ai
branch
from
a7da107 to
357c471
Compare
mrwogu
force-pushed
the
feature/factory-ai
branch
from
357c471 to
dad6a1e
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds three new compilation targets (Factory AI, OpenCode, Gemini CLI) and implements secure skill resource file discovery and output.
New Compilation Targets
AGENTS.md+.factory/skills and commandsagents.yamlwith project rulesGEMINI.mdwith embedded skill instructionsAll three formatters support the full feature matrix: identity, standards, restrictions, skills, shortcuts, agents, and resource files.
Skill Resource Files
Skills can now include additional files (scripts, templates, configs) alongside
SKILL.md. These are discovered automatically and output to the correct locations for each target.Security Hardening
lstat()rejects symlink files,realpath()catches symlinked directoriesisSafeRelativePath()with absolute path and..segment checks.env,.DS_Store,node_modules/,.git/, etc...,/,\in all formattersConfiguration
New
skills.universalDirconfig option enables reading from.agents/skills/directory:Commits
feat(core)feat(formatters)feat(formatters)feat(resolver)feat(cli)testfeat(playground)docschoreTest Results
update-check-smoke)