southseact-3d/shopify-ai-backup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
23 Commits 2 Branches 0 Tags
638f9ae5d267a96b6e2be27ebb001de12425ccf9
Commit Graph

6 Commits

Author SHA1 Message Date
southseact-3d
638f9ae5d2 Add WordPress and WooCommerce validation tools for PluginCompass 
- Create wordpress-validate.cjs tool for WordPress plugin validation
- Create woocommerce-validate.cjs tool for WooCommerce-specific checks
- Create agent/wordpress.md system prompt for PluginCompass branding
- Update opencode.jsonc to enable new tools and agent configuration

Both tools are token-efficient:
- Success: minimal JSON output (~50 tokens)
- Failure: detailed issues with file paths, line numbers, and suggestions

wordpress-validate checks:
- Forbidden functions (eval, exec, shell_exec, etc.)
- SQL injection vulnerabilities
- XSS vulnerabilities (direct superglobal echo)
- CSRF protection (nonces)
- Capability checks
- Direct file access protection
- Deprecated WordPress functions
- AJAX security
- REST API security
- CSS overlap issues

woocommerce-validate checks:
- HPOS compatibility declaration
- Legacy database access patterns
- Deprecated WooCommerce code
- Version headers (WC tested up to, WC requires at least)
- Database safety (dbDelta usage)
- Blocks compatibility
- Payment gateway implementation
- Shipping method implementation
- AJAX security

All tools follow opencode AGENTS.md coding standards
 2026-02-08 13:40:56 +00:00
southseact-3d
0f631dc99a feat: implement prompt injection protection and OpenRouter paid API key support 
- Add comprehensive prompt injection security module with 160+ attack pattern detection
- Implement security checks in message handling with proper blocking and user feedback
- Add OpenRouter paid API key support (OPENROUTER_PAID_API_KEY) for premium models
- Update model discovery and chat functions to use paid API key for premium models
- Add comprehensive test suite with 434 test cases (98.39% accuracy)
- Tests cover legitimate WordPress development queries, injection attacks, obfuscated attempts
- Improve builder loading indicators with text-based progress (building/planning)
- Replace spinning animations with 'Starting build/planning process' messages
 2026-02-08 13:23:59 +00:00
cto-new[bot]
23d4c8d0e6 Refactor WordPress prompt system and add completion signal 2026-02-07 22:12:43 +00:00
cto-new[bot]
9ff3f5c489 Delete the github folder from opencode and remove related functionality 2026-02-07 21:53:18 +00:00
southseact-3d
efda260214 Vendor opencode source for docker build 2026-02-07 20:54:46 +00:00
southseact-3d
b30ff1cfa4 Add change summary and bundle opencode 2026-02-07 20:54:11 +00:00