UNPKG

claude-flow

Version:

Ruflo - Enterprise AI agent orchestration for Claude Code. Deploy 60+ specialized agents in coordinated swarms with self-learning, fault-tolerant consensus, vector memory, and MCP integration

github.com/ruvnet/claude-flow

ruvnet/claude-flow

194 lines (167 loc) 5.24 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
/** * Security Application Service - Application Layer * * Orchestrates security operations and provides simplified interface. * * @module v3/security/application/services */ import { SecurityContext, PermissionLevel } from '../../domain/entities/security-context.js'; import { SecurityDomainService, ValidationResult, ThreatDetectionResult } from '../../domain/services/security-domain-service.js'; /** * Security audit result */ export interface SecurityAuditResult { passed: boolean; score: number; checks: Array<{ name: string; passed: boolean; severity: 'low' | 'medium' | 'high' | 'critical'; message: string; }>; recommendations: string[]; } /** * Security Application Service */ export class SecurityApplicationService { private readonly domainService: SecurityDomainService; private readonly contexts: Map<string, SecurityContext> = new Map(); constructor() { this.domainService = new SecurityDomainService(); } // ============================================================================ // Context Management // ============================================================================ /** * Create and register security context for agent */ createAgentContext(agentId: string, role: string): SecurityContext { const context = this.domainService.createAgentContext(agentId, role); this.contexts.set(agentId, context); return context; } /** * Get security context */ getContext(principalId: string): SecurityContext | undefined { return this.contexts.get(principalId); } /** * Remove security context */ removeContext(principalId: string): boolean { return this.contexts.delete(principalId); } // ============================================================================ // Validation // ============================================================================ /** * Validate path access */ validatePath(path: string, principalId: string): ValidationResult { const context = this.contexts.get(principalId); if (!context) { return { valid: false, errors: ['Security context not found'], warnings: [], }; } return this.domainService.validatePath(path, context); } /** * Validate command execution */ validateCommand(command: string, principalId: string): ValidationResult { const context = this.contexts.get(principalId); if (!context) { return { valid: false, errors: ['Security context not found'], warnings: [], }; } return this.domainService.validateCommand(command, context); } /** * Validate user input */ validateInput(input: string): ValidationResult { return this.domainService.validateInput(input); } /** * Detect threats in content */ detectThreats(content: string): ThreatDetectionResult { return this.domainService.detectThreats(content); } // ============================================================================ // Audit // ============================================================================ /** * Run security audit on codebase */ async auditCodebase(files: Array<{ path: string; content: string }>): Promise<SecurityAuditResult> { const checks: SecurityAuditResult['checks'] = []; const recommendations: string[] = []; let criticalCount = 0; let highCount = 0; for (const file of files) { const threats = this.domainService.detectThreats(file.content); for (const threat of threats.threats) { checks.push({ name: `${threat.type} in ${file.path}`, passed: false, severity: threat.severity, message: threat.description, }); if (threat.severity === 'critical') criticalCount++; if (threat.severity === 'high') highCount++; } if (threats.safe) { checks.push({ name: `Security check: ${file.path}`, passed: true, severity: 'low', message: 'No threats detected', }); } } // Generate recommendations if (criticalCount > 0) { recommendations.push('Address critical security issues immediately'); } if (highCount > 0) { recommendations.push('Review and fix high-severity findings'); } recommendations.push('Run regular security scans'); recommendations.push('Keep dependencies updated'); // Calculate score const totalChecks = checks.length; const passedChecks = checks.filter((c) => c.passed).length; const score = totalChecks > 0 ? Math.round((passedChecks / totalChecks) * 100) : 100; return { passed: criticalCount === 0 && highCount === 0, score, checks, recommendations, }; } /** * Check if operation is allowed */ isOperationAllowed( principalId: string, operation: 'path' | 'command', target: string ): boolean { const context = this.contexts.get(principalId); if (!context || context.isExpired()) return false; if (operation === 'path') { return context.canAccessPath(target); } else { return context.canExecuteCommand(target); } } }