GeneralBots/botbook
2
2
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs: update docs with new autonomous tasks and security

Browse source
This commit is contained in:
Rodrigo Rodriguez (Pragmatismo) 2026-03-14 16:35:40 -03:00
parent c312a30461
commit 2cbe5ecc88
13 changed files with 3440 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
src/06-gbdialog/templates/sales-pipeline.md
View file

@ -307,12 +307,30 @@ These conversations show how the sales pipeline template works in real-world sce
| Stage | Win Probability | Description |
|-------|-----------------|-------------|
| Lead | 20% | Initial contact, not yet qualified |
| Qualified | 40% | BANT criteria confirmed |
| Proposal | 50% | Quote or proposal sent |
| Negotiation | 80% | Active deal discussions |
| Closed Won | 100% | Deal successfully closed |
| Closed Lost | 0% | Deal lost or abandoned |
| new | 10% | Initial contact, not qualified |
| qualified | 30% | BANT criteria confirmed |
| proposal | 50% | Quote or proposal sent |
| negotiation | 70% | Active deal discussions |
| won | 100% | Deal successfully closed |
| lost | 0% | Deal lost or abandoned |
> **Note**: The new unified CRM uses `crm_deals` table with stages: `new`, `qualified`, `proposal`, `negotiation`, `won`, `lost`. Use `department_id` to filter by business unit (e.g., Comercial SP, Inside Sales, Enterprise).
## Department Filtering
Filter deals by business unit using `department_id`:
```basic
' Filter deals by department
deals = FIND "crm_deals", "department_id = '" + departmentId + "' AND stage != 'won' AND stage != 'lost'"
' Get department stats
SELECT pd.name, COUNT(cd.id) AS total_deals, COALESCE(SUM(cd.value), 0) AS total_value
FROM people_departments pd
LEFT JOIN crm_deals cd ON cd.department_id = pd.id
WHERE pd.org_id = $1
GROUP BY pd.id, pd.name
```
## Template Structure
@ -336,15 +354,23 @@ sales-pipeline.gbai/
## Create Deal Tool: create-deal.bas
> **Updated for CRM v2.5**: Uses unified `crm_deals` table. Include `department_id` to assign to business unit.
```basic
PARAM company AS STRING LIKE "Acme Corp" DESCRIPTION "Company or account name"
PARAM value AS NUMBER LIKE 50000 DESCRIPTION "Deal value in dollars"
PARAM close_date AS DATE LIKE "2025-03-31" DESCRIPTION "Expected close date"
PARAM department_id AS STRING DESCRIPTION "Business unit ID (e.g., Comercial SP)" OPTIONAL
PARAM contact AS STRING DESCRIPTION "Primary contact name" OPTIONAL
PARAM notes AS STRING DESCRIPTION "Deal notes" OPTIONAL
DESCRIPTION "Create a new deal in the sales pipeline"
' Get department if not provided
IF NOT department_id THEN
department_id = GET USER MEMORY("default_department")
END IF
' Generate deal ID
dealId = "DEAL-" + FORMAT(NOW(), "YYYY") + "-" + FORMAT(RANDOM(1000, 9999))

9
src/08-config/multimodal.md
View file

@ -17,6 +17,7 @@ General Bots integrates with botmodels—a Python service for multimodal AI task
│ - VIDEO │ - Zeroscope
│ - AUDIO │ - TTS/Whisper
│ - SEE │ - BLIP2
│ │ - Real-time Audio (S2S)
```
When a BASIC script calls a multimodal keyword, botserver forwards the request to botmodels, which runs the appropriate AI model and returns the generated content.
@ -58,6 +59,13 @@ Add these settings to your bot's `config.csv` file to enable multimodal capabili
| `video-generator-gpu-layers` | `15` | Layers to offload to GPU |
| `video-generator-batch-size` | `1` | Batch size for generation |
### Real-time Audio (S2S)
| Key | Default | Description |
|-----|---------|-------------|
| `realtime-audio-model` | — | Path to Real-time S2S model |
| `realtime-audio-enabled` | `false` | Enable real-time audio processing |
## Example Configuration
```csv
@ -160,6 +168,7 @@ The botmodels service exposes these REST endpoints:
| `/api/vision/describe` | POST | Describe an image |
| `/api/vision/describe_video` | POST | Describe a video |
| `/api/vision/vqa` | POST | Visual question answering |
| `/api/speech/realtime` | POST | Real-time speech-to-speech interaction |
| `/api/health` | GET | Health check |
All endpoints except `/api/health` require the `X-API-Key` header for authentication.

7
src/08-config/parameters.md
View file

@ -195,6 +195,13 @@ These parameters configure external database connections for use with BASIC keyw
| `video-generator-gpu-layers` | GPU offload layers | `15` | Number |
| `video-generator-batch-size` | Batch size | `1` | Number |
## Real-time Audio Parameters
| Parameter | Description | Default | Type |
|-----------|-------------|---------|------|
| `realtime-audio-model` | Real-time S2S audio model path | Not set | Path |
| `realtime-audio-enabled` | Enable real-time audio processing | `false` | Boolean |
## BotModels Service Parameters
| Parameter | Description | Default | Type |

14
src/17-autonomous-tasks/README.md
View file

@ -8,6 +8,20 @@ The AutoTask system uses an LLM-powered intent classifier to understand your req
---
## Vibe Mode
For a complete AI-powered development environment, use **Vibe** - the visual interface with multi-agent orchestration.
### Vibe Documentation
- [Vibe Guide](./vibe.md) - Main documentation
- [Vibe Terminal](./vibe-terminal.md) - Isolated container terminal
- [Vibe Editor](./vibe-editor.md) - Monaco editor
- [Vibe Database](./vibe-database.md) - PostgreSQL browser
- [Vibe Git](./vibe-git.md) - Git operations
- [Vibe MCP](./vibe-mcp.md) - MCP integrations
---
## Intent Types
| Type | Example | What Gets Created |

164
src/17-autonomous-tasks/vibe-database.md Normal file
View file

@ -0,0 +1,164 @@
# Vibe Database
Visual PostgreSQL schema browser and SQL editor.
![Vibe Database](./assets/vibe/database.png)
---
## Overview
Vibe Database provides a visual interface for exploring your bot's PostgreSQL database. View tables, relationships, run queries, and manage data.
---
## Quick Start
1. Click **Database** button in Vibe window
2. Browse tables in left panel
3. Click table to see schema
4. Run SQL queries in editor
---
## Features
### Schema Browser
- List all tables in database
- View column definitions
- See data types and constraints
- View indexes and foreign keys
### Table Viewer
- Browse table data
- Filter and sort
- Pagination controls
- Export to CSV
### SQL Editor
- Write and execute queries
- Syntax highlighting
- Query history
- Results visualization
### Relationship Viewer
- Visual foreign key relationships
- ER diagram view
- Click to navigate related tables
---
## Interface
### Left Panel - Tables List
```
📦 customers
├─ id (UUID, PK)
├─ name (VARCHAR)
├─ email (VARCHAR, UNIQUE)
├─ created_at (TIMESTAMP)
└─ updated_at (TIMESTAMP)
📦 orders
├─ id (UUID, PK)
├─ customer_id (UUID, FK → customers)
├─ total (DECIMAL)
├─ status (VARCHAR)
└─ created_at (TIMESTAMP)
```
### Main Panel - Table Data
| id | name | email | created_at |
|----|------|-------|------------|
| xxx | John | john@... | 2024-01-01 |
| xxx | Jane | jane@... | 2024-01-02 |
---
## SQL Query Examples
### Select All
```sql
SELECT * FROM customers;
```
### Join Tables
```sql
SELECT o.id, c.name, o.total
FROM orders o
JOIN customers c ON o.customer_id = c.id;
```
### Insert
```sql
INSERT INTO customers (name, email)
VALUES ('New Customer', 'new@example.com');
```
### Update
```sql
UPDATE customers
SET name = 'Updated Name'
WHERE id = 'xxx';
```
### Delete
```sql
DELETE FROM customers
WHERE id = 'xxx';
```
---
## Keyboard Shortcuts
| Shortcut | Action |
|----------|--------|
| `Ctrl+Enter` | Execute query |
| `Ctrl+S` | Save query |
| `Ctrl+L` | Clear editor |
| `Ctrl+H` | Toggle history |
---
## Configuration
### Connection Settings
The database connects using bot configuration:
- Host: PostgreSQL server
- Port: 5432
- Database: `{bot_id}_botserver`
- User: Configured in bot settings
### Query Limits
- Default: 100 rows
- Configurable: 10 - 10000 rows
- Export: Unlimited
---
## Security
- Read-only mode available
- SQL injection protection
- Query logging for audit
- Row-level access control
---
## Troubleshooting
### Connection Failed
- Check PostgreSQL is running
- Verify bot has database credentials
- Check network connectivity
### Query Error
- Check SQL syntax
- Verify table/column names
- Review error message details
### No Tables Visible
- Bot may have no tables yet
- AI hasn't generated database schema
- Try creating app first

147
src/17-autonomous-tasks/vibe-editor.md Normal file
View file

@ -0,0 +1,147 @@
# Vibe Editor
Monaco-powered code editor with full IDE features.
![Vibe Editor](./assets/vibe/editor.png)
---
## Overview
The Vibe Editor is based on Monaco (the same editor that powers VS Code). It provides a full IDE experience with syntax highlighting, IntelliSense, multi-file editing, and more.
---
## Features
### Syntax Highlighting
Supports 70+ languages including:
- JavaScript/TypeScript
- Python
- Rust
- Go
- HTML/CSS
- SQL
- JSON/YAML
- And many more
### IntelliSense
- Auto-completion
- Parameter hints
- Signature help
- Quick fixes
### Multi-Cursor Editing
- `Ctrl+D` - Select next occurrence
- `Alt+Click` - Add cursor
- `Ctrl+Alt+Down` - Add line below
### Search & Replace
- `Ctrl+F` - Find
- `Ctrl+H` - Replace
- `Ctrl+Shift+F` - Find in files
- Regex support enabled
### Minimap
- Code overview on right side
- Click to navigate
- Draggable viewport
---
## Keyboard Shortcuts
| Shortcut | Action |
|----------|--------|
| `Ctrl+S` | Save file |
| `Ctrl+P` | Quick open file |
| `Ctrl+Shift+P` | Command palette |
| `Ctrl+F` | Find |
| `Ctrl+H` | Replace |
| `Ctrl+Shift+F` | Find in files |
| `Ctrl+D` | Select next occurrence |
| `Alt+Up/Down` | Move line up/down |
| `Ctrl+/` | Toggle comment |
| `Ctrl+Shift+K` | Delete line |
| `Ctrl+Enter` | Insert line below |
| `Ctrl+Shift+Enter` | Insert line above |
| `F12` | Go to definition |
| `Ctrl+Space` | Trigger IntelliSense |
---
## File Operations
### Opening Files
- Click file in file tree
- `Ctrl+P` for quick open
- Drag and drop files
### Saving Files
- `Ctrl+S` to save
- Auto-save on focus loss
- Shows unsaved indicator (dot on tab)
### Creating Files
- Right-click in file tree
- New file button in toolbar
---
## Workspace
### File Tree
Located on the left side:
- Expand/collapse folders
- File icons by type
- Right-click context menu
### Supported File Types
| Icon | Type |
|------|------|
| 📄 | Generic file |
| 📜 | Script (js, ts, py) |
| 🎨 | Style (css, scss) |
| 📦 | Config (json, yaml, toml) |
| 🔷 | Component (vue, svelte) |
---
## Configuration
### Theme
- Dark (default)
- Light
- High contrast
### Font
- Fira Code (with ligatures)
- Customizable size
- Line height control
### Editor Settings
```json
{
"editor.fontSize": 14,
"editor.fontFamily": "Fira Code",
"editor.tabSize": 4,
"editor.minimap.enabled": true,
"editor.formatOnSave": true
}
```
---
## Integration
### With Vibe Pipeline
The editor integrates with the Vibe AI pipeline:
1. AI generates code in editor
2. Review agent checks code
3. You can edit manually
4. Changes tracked in Git
### With Terminal
- `Ctrl+`` - Toggle terminal panel
- Run code directly from editor
- See output in terminal

183
src/17-autonomous-tasks/vibe-git.md Normal file
View file

@ -0,0 +1,183 @@
# Vibe Git
Git operations integrated with Forgejo ALM.
![Vibe Git](./assets/vibe/git.png)
---
## Overview
Vibe Git provides visual Git operations for version control of your generated applications. Connect to Forgejo for remote operations.
---
## Features
### Local Operations
- Initialize repository
- Stage/unstage files
- Commit changes
- View diff
- Branch management
### Remote Operations
- Push to Forgejo
- Pull from remote
- Fetch updates
- Create pull requests
### History
- Commit log viewer
- Author and date display
- Message search
- File change history
---
## Interface
### Changes Panel
```
Changes:
M index.html
A styles.css
D old-file.js
Staged (2):
+ styles.css
M index.html
```
### Commit History
```
abc1234 (main) Add user authentication - John, 2h ago
def5678 Fix login validation - Jane, 5h ago
ghi9012 Initial commit - John, 1d ago
```
---
## Quick Start
### 1. Initialize Repository
```bash
git init
```
### 2. Add Files
```bash
git add .
```
### 3. Commit
```bash
git commit -m "Initial commit"
```
### 4. Connect to Remote
```bash
git remote add origin https://forgejo.example/user/repo.git
git push -u origin main
```
---
## Git Commands
### Status
```bash
git status
```
### Add Files
```bash
# Add specific file
git add file.txt
# Add all changes
git add -A
```
### Commit
```bash
git commit -m "Your message"
```
### Push
```bash
git push origin main
```
### Pull
```bash
git pull origin main
```
### Branch
```bash
# List branches
git branch
# Create branch
git branch feature-name
# Switch branch
git checkout feature-name
# Create and switch
git checkout -b feature-name
```
### Merge
```bash
git merge feature-name
```
---
## Forgejo Integration
### Configure Remote
```
Remote URL: https://forgejo.example/owner/repo.git
Username: Your Forgejo username
Token: Your API token
```
### Create Pull Request
1. Push branch to Forgejo
2. Click "Create PR" button
3. Fill title and description
4. Submit
---
## Keyboard Shortcuts
| Shortcut | Action |
|----------|--------|
| `Ctrl+S` | Stage current file |
| `Ctrl+Shift+S` | Stage all |
| `Ctrl+C` | Commit |
| `Ctrl+P` | Push |
| `Ctrl+U` | Pull |
---
## Troubleshooting
### Push Failed
- Check remote URL is correct
- Verify Forgejo credentials
- Check network connectivity
### Merge Conflicts
- View conflicting files
- Edit to resolve
- Stage and commit
### Empty History
- Repository may be new
- Check correct directory
- Verify .git exists

181
src/17-autonomous-tasks/vibe-mcp.md Normal file
View file

@ -0,0 +1,181 @@
# Vibe MCP
Model Context Protocol integrations for extended AI capabilities.
![Vibe MCP](./assets/vibe/mcp.png)
---
## Overview
MCP (Model Context Protocol) allows Vibe to connect to external tools and services. Extend AI capabilities with databases, APIs, and custom tools.
---
## What is MCP?
MCP is a protocol that lets AI models interact with external systems:
- **Filesystem** - Read/write local files
- **Database** - Query databases directly
- **HTTP** - Make API requests
- **Custom** - Your own tools
---
## Supported Integrations
### Filesystem
```json
{
"name": "filesystem",
"type": "stdio",
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-filesystem", "/path/to/dir"]
}
```
### PostgreSQL
```json
{
"name": "postgres",
"type": "stdio",
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-postgres", "postgres://user:pass@localhost/db"]
}
```
### Browser Automation
```json
{
"name": "browser",
"type": "stdio",
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-puppeteer"]
}
```
---
## Configuration
### Add MCP Server
1. Go to **Sources → MCP**
2. Click **Add Server**
3. Select server type or enter custom
4. Configure connection
5. Save and connect
### Server Types
| Type | Description |
|------|-------------|
| `stdio` | Local command-line tool |
| `sse` | Server-Sent Events endpoint |
| `websocket` | WebSocket connection |
---
## Using MCP Tools
### In Vibe Chat
```
User: Show me all orders from the database
AI: (uses postgres MCP to query)
Orders:
| id | customer | total |
|----|----------|-------|
| 1 | John | 99.00 |
```
### Available Actions
- **Read** - Query data
- **Write** - Insert/Update/Delete
- **Search** - Full-text search
- **Analyze** - Run computations
---
## MCP Panel
Access MCP panel in Vibe:
1. Click **MCP** button in toolbar
2. View connected servers
3. Test tools
4. View logs
---
## Creating Custom MCP Server
### 1. Create Server Script
```javascript
// my-server.js
const { Server } = require('@modelcontextprotocol/sdk/server');
const { StdioServerTransport } = require('@modelcontextprotocol/sdk/server/stdio');
const server = new Server({
name: 'my-custom-server',
version: '1.0.0'
}, {
capabilities: {
tools: {}
}
});
server.setRequestHandler('tools/list', async () => {
return {
tools: [{
name: 'my_tool',
description: 'Does something useful',
inputSchema: {
type: 'object',
properties: {
param: { type: 'string' }
}
}
}]
};
});
server.setRequestHandler('tools/call', async (request) => {
const { name, arguments: args } = request.params;
if (name === 'my_tool') {
return { content: [{ type: 'text', text: 'Result' }] };
}
});
const transport = new StdioServerTransport();
await server.connect(transport);
```
### 2. Register in Vibe
```json
{
"name": "my-server",
"type": "stdio",
"command": "node",
"args": ["/path/to/my-server.js"]
}
```
---
## Troubleshooting
### Connection Failed
- Check server is installed
- Verify command/path
- Check logs for errors
### Tool Not Working
- Verify input format
- Check server logs
- Test with simpler parameters
### Server Not Listed
- Restart Vibe
- Check configuration
- Review server status

113
src/17-autonomous-tasks/vibe-terminal.md Normal file
View file

@ -0,0 +1,113 @@
# Vibe Terminal
Full-featured terminal with isolated LXC containers for each session.
![Vibe Terminal](./assets/vibe/terminal.png)
---
## Overview
The Vibe terminal provides an isolated Ubuntu 22.04 container for each session. Your commands run in a secure, sandboxed environment that is automatically created on connect and destroyed on disconnect.
---
## Quick Start
1. Click **Terminal** icon on desktop or in Vibe window
2. Terminal connects to a new LXC container
3. Type commands as normal bash shell
```bash
$ pwd
/root
$ whoami
root
$ uname -a
Linux term-abc123 5.15.0 #1 SMP x86_64 GNU/Linux
```
---
## Features
### Isolated Containers
- Each terminal session gets its own Ubuntu 22.04 container
- Containers are ephemeral - destroyed on disconnect
- Full root access within container
### 256-Color Support
- Full xterm-256color support
- Works with vim, tmux, htop, etc.
### WebSocket Protocol
- Connects via WebSocket for real-time I/O
- Automatic reconnection on disconnect
- Session persistence during network issues
---
## API Endpoints
| Method | Endpoint | Description |
|--------|----------|-------------|
| `WS` | `/api/terminal/ws?session_id=xxx` | Terminal WebSocket |
| `GET` | `/api/terminal/list` | List active terminals |
| `POST` | `/api/terminal/create` | Create new terminal |
| `POST` | `/api/terminal/kill` | Kill terminal session |
### WebSocket Commands
Send text to execute commands:
```
ls -la
```
Special commands:
- `resize COLS ROWS` - Resize terminal
- `exit` - Close terminal session
---
## Configuration
### Container Settings
The terminal uses these LXC commands:
- `lxc launch ubuntu:22.04 {name}` - Create container
- `lxc exec {name} -- bash` - Execute shell
- `lxc stop {name} -f` - Stop container
- `lxc delete {name} -f` - Delete container
### Environment Variables
| Variable | Default | Description |
|----------|---------|-------------|
| `TERM` | `xterm-256color` | Terminal type |
---
## Troubleshooting
### Connection Failed
- Check that LXC is installed and running
- Verify network connectivity
- Check botserver logs for errors
### Container Won't Start
- Ensure LXC daemon is running: `systemctl status lxc`
- Check LXC configuration: `lxc list`
- Review container logs: `lxc info {name}`
### Commands Not Working
- Container may have been destroyed - reconnect
- Check WebSocket connection status
---
## Security
- Container names are sanitized (alphanumeric + dash only)
- Containers are isolated from host network by default
- Sessions are cleaned up on disconnect
- No persistent storage between sessions

148
src/17-autonomous-tasks/vibe.md Normal file
View file

@ -0,0 +1,148 @@
# Vibe - AI-Powered Development Environment
Vibe is the autonomous coding mode that transforms your development workflow. Describe what you want to build, and AI agents create it automatically.
![Vibe Architecture](./assets/vibe/vibe-architecture.png)
---
## Quick Start
1. Click **Vibe** icon on desktop
2. Describe your project in the chat
3. Watch agents build, review, and deploy
```bash
# Example: Create an e-commerce app
"Build an e-commerce app for handmade crafts with shopping cart"
```
---
## Pipeline Stages
| Stage | Agent | Description |
|-------|-------|-------------|
| **PLAN** | Architect | Analyzes requirements, creates spec |
| **BUILD** | Developer | Generates code, creates database |
| **REVIEW** | Reviewer | Security scan, quality checks |
| **DEPLOY** | DevOps | Pushes to Forgejo, deploys |
| **MONITOR** | QA | Runs tests, validates |
---
## Features
### Monaco Editor
- Full IDE editing with syntax highlighting
- Multi-file workspace support
- File tree navigation
### Database UI
- Visual PostgreSQL schema browser
- SQL query editor
- Table relationship viewer
### Git Operations
- Branch management
- Commit history
- Pull/push to Forgejo
### Terminal
- Isolated LXC container per session
- Full shell access
- Persistent workspace
### Browser Automation
- Chromiumoxide integration
- Visual test runner
- Screenshot capture
### MCP Integration
- Connect external tools
- AI model integration
- Custom tool definitions
---
## BYOK (Bring Your Own Key)
Configure your own LLM API keys in **Sources → API Keys**:
- OpenAI
- Anthropic (Claude)
- Google Gemini
- Azure OpenAI
- OpenAI Compatible
---
## Use Cases
### 1. Rapid Prototyping
```bash
"Create a CRM with contacts, leads, and deal pipeline"
```
### 2. Full-Stack Apps
```bash
"Build an e-commerce store with cart, checkout, and Stripe payments"
```
### 3. Internal Tools
```bash
"Make an employee onboarding checklist app with approvals"
```
### 4. Data Dashboards
```bash
"Create a sales analytics dashboard with charts and exports"
```
---
## Architecture
```
┌─────────────────────────────────────────────────────────┐
│ Vibe UI │
│ ┌─────────┐ ┌─────────┐ ┌─────────┐ ┌─────────┐ │
│ │ PLAN │→ │ BUILD │→ │ REVIEW │→ │ DEPLOY │ │
│ └─────────┘ └─────────┘ └─────────┘ └─────────┘ │
└─────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────┐
│ Orchestrator (5 Agents) │
│ Architect → Developer → Reviewer → QA → DevOps │
└─────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────┐
│ BotServer │
│ - AppGenerator (code gen) │
│ - Database Manager │
│ - File System │
└─────────────────────────────────────────────────────────┘
```
---
## Keyboard Shortcuts
| Shortcut | Action |
|----------|--------|
| `Ctrl+S` | Save file |
| `Ctrl+P` | Quick open |
| `Ctrl+Shift+P` | Command palette |
| `Ctrl+`` | Toggle terminal |
---
## Related Documentation
- [Vibe Terminal](./vibe-terminal.md) - Isolated container terminal
- [Vibe Editor](./vibe-editor.md) - Monaco editor guide
- [Vibe Database](./vibe-database.md) - Database UI
- [Vibe Git](./vibe-git.md) - Git operations
- [Vibe MCP](./vibe-mcp.md) - MCP integrations
- [Designer](./designer.md) - Visual app editor
- [App Generation](./app-generation.md) - Code generation

65
src/23-security/endpoint-checklist.md Normal file
View file

@ -0,0 +1,65 @@
# Endpoint Security Checklist
When adding new endpoints to the `.gbai` and BotServer APIs, ensure you adhere to this standard security checklist. All state-changing endpoints (those using `POST`, `PUT`, `PATCH`, or `DELETE` methods) must be protected against common Web vulnerabilities, including CSRF.
## 1. CSRF Protection for State-Changing Endpoints
Cross-Site Request Forgery (CSRF) protection must be applied to any endpoint that alters system state. Evaluate if the endpoint falls under one of the following exemptions:
* **Exemptions:**
* API endpoints exclusively utilizing **Bearer Token** authentication (stateless requests that do not rely on cookies).
* Webhooks from external systems that provide their own authentication mechanisms (e.g., HMAC signatures like WhatsApp/Meta).
* Publicly fully accessible endpoints that do not affect any user data or system state.
* **Requirements:**
* All web-facing or cookie-authenticated endpoints must enforce CSRF checks.
* Tokens must be bound to the user session.
* Utilize double-submit cookie pattern or header-based token verification via the `CsrfManager`.
## 2. Authentication & Authorization (RBAC) Requirements
Do not expose new endpoints without explicitly defining their necessary permissions.
* Ensure the endpoint is behind the `require_authentication_middleware` or similar authentication flow unless it is strictly intended to be public (e.g., `/api/auth/login`).
* Assign appropriate RBAC (Role-Based Access Control) permissions and ensure `require_role_middleware` is validated.
* Validate resource ownership. If a user tries to edit or delete an entity (e.g., a Bot, Document, or File), the backend must confirm they own the entity or possess tenant/admin privileges.
## 3. Strict Security Headers
All HTTP responses returning HTML content must include standard security headers.
* Ensure the router uses `security_headers_middleware`.
* Mandatory Headers:
* `Content-Security-Policy`: Must clearly restrict `script-src`, `connect-src`, and `frame-ancestors`.
* `X-Frame-Options: DENY` (or `SAMEORIGIN` if absolutely necessary for the suite).
* `X-Content-Type-Options: nosniff`.
* `Strict-Transport-Security` (HSTS).
* `Referrer-Policy: strict-origin-when-cross-origin`.
## 4. Input Validation & Sanitization
Do not rely exclusively on client-side validation.
* Validate the schema, length, and format of all incoming request payloads (`JSON`, `Query`, `Form`).
* Sanitize inputs that might be used inside SQL queries, though using ORMs (like Diesel) or parameterized queries safely mitigates straightforward SQL injection. Avoid dynamic SQL string formatting.
* Sanitize any output bound for HTML parsing to prevent Stored or Reflected XSS.
## 5. Rate Limiting
Endpoints must prevent brute force and DDoS abuse.
* Apply or ensure that globally the `rate_limit_middleware` covers the new route.
* Authentication endpoints (like login forms) should have significantly stricter rate limits.
* Consider adding secondary quotas per underlying resource if dealing with expensive generation tasks (like LLM interactions).
## 6. Secure Error Handling
Never leak internal traces or paths.
* Do not `unwrap()`, `expect()`, or `panic!()`. Use Rust's `?` operator.
* Use `ErrorSanitizer` logic, or return generalized application errors like `(StatusCode::INTERNAL_SERVER_ERROR, "An internal error occurred")` instead of specific database schema details.
---
### Process for Review
When submitting a PR incorporating new endpoints, mention that you have completed this checklist in your PR description.

2
src/SUMMARY.md
View file

@ -324,6 +324,7 @@
- [Hybrid RAG Search](./11-features/hybrid-search.md)
- [Transfer to Human](./11-features/transfer-to-human.md)
- [LLM-Assisted Attendant](./11-features/attendant-llm-assist.md)
- [Attendance Suite](./attendance.md)
# Part XI - Security
@ -352,6 +353,7 @@
- [Protection Tools](./23-security/protection-tools.md)
- [SOC 2 Compliance](./23-security/soc2-compliance.md)
- [Security Matrix Reference](./23-security/security-matrix.md)
- [Endpoint Security Checklist](./23-security/endpoint-checklist.md)
# Part XII - Device & Offline Deployment

2375
src/attendance.md Normal file
View file

File diff suppressed because it is too large Load diff