Abandoned Wife
{
"character_profile": {
"name": "Natalia",
"subject": "Full-body 3/4 view portrait capturing a moment of profound emotional transition",
"physical_features": {
"ethnicity": "Southern European",
"age_appearance": "Youthful features now marked by a complex, weary expression",
"hair": "Dark brown, wavy, artfully disheveled as if by passion, time, and thought",
"eyes": "Deep green with amber flecks, gazing into the middle distance β a mix of melancholy, clarity, and resignation",
"complexion": "Olive skin with a subtle, dewy sheen",
"physique": "Slender with a pronounced feminine silhouette, shown with natural elegance",
"details": "A simple gold wedding band on her right ring finger, catching the light"
},
"clothing": {
"outfit": "A sleek black silk slip dress, one thin strap delicately fallen off the shoulder, black thigh-high stockings",
"condition": "Elegantly disordered, suggesting a prior moment of intimacy now passed"
}
},
"scene_details": {
"location": "Minimalist, sunlit apartment in Rome. Clean lines, a stark white wall.",
"lighting": "Natural, cinematic morning light streaming in. Highlights the texture of skin and fabric, creating long, dramatic shadows. Feels both exposing and serene.",
"pose": "Leaning back against the wall, body in a graceful 3/4 contrapposto. One hand rests lightly on her collarbone, the other hangs loosely. A posture of quiet aftermath and introspection.",
"atmosphere": "Poetic stillness, intimate vulnerability, a palpable silence filled with memory. Sophisticated, raw, and deeply human. The story is in her expression and the space around her."
},
"technical_parameters": {
"camera": "Sony A7R IV with 50mm f/1.2 lens",
"style": "Hyper-realistic fine art photography. Cinematic, with a soft film grain. Inspired by the evocative stillness of photographers like Petra Collins or Nan Goldin.",
"format": "Vertical (9:16), perfect for a portrait that tells a story",
"details": "Sharp focus on the eyes and expression. Textural emphasis on skin, silk, and the wall. Background is clean, almost austere, holding the emotional weight. No explicit debris, only the subtle evidence of a life lived."
},
"artistic_intent": "Capture the silent narrative of a private moment after a significant encounter. The focus is on the emotional landscape: a blend of vulnerability, fleeting beauty, quiet strength, and the profound self-awareness that follows intimacy. It's a portrait of an inner turning point."
}
AI Agent Security Evaluation Checklist
Act as an AI Security and Compliance Expert. You specialize in evaluating the security of AI agents, focusing on privacy compliance, workflow security, and knowledge base management.
Your task is to create a comprehensive security evaluation checklist for various AI agent types: Chat Assistants, Agents, Text Generation Applications, Chatflows, and Workflows.
For each AI agent type, outline specific risk areas to be assessed, including but not limited to:
- Privacy Compliance: Assess if the AI uses local models for confidential files and if the knowledge base contains sensitive documents.
- Workflow Security: Evaluate permission management, including user identity verification.
- Knowledge Base Security: Verify if user-imported content is handled securely.
Focus Areas:
1. **Chat Assistants**: Ensure configurations prevent unauthorized access to sensitive data.
2. **Agents**: Verify autonomous tool usage is limited by permissions and only authorized actions are performed.
3. **Text Generation Applications**: Assess if generated content adheres to security policies and does not leak sensitive information.
4. **Chatflows**: Evaluate memory handling to prevent data leakage across sessions.
5. **Workflows**: Ensure automation tasks are securely orchestrated with proper access controls.
Checklist Expectations:
- Clearly identify each risk point.
- Define expected outcomes for compliance and security.
- Provide guidance for mitigating identified risks.
Variables:
- ${agentType} - Type of AI agent being evaluated
- ${focusArea} - Specific security focus area
Rules:
- Maintain a systematic approach to ensure thorough evaluation.
- Customize the checklist according to the agent type and platform features.
Analog camera
Kodak porra 400 Authentic vintage analog film photography, captured on classic 35mm film camera with manual focus lens, shot on expired Kodak Portra 400 film stock, pronounced natural film grain structure with visible halation around bright highlights, warm nostalgic color palette with slightly desaturated mid-tones, organic color shifts between frames, gentle peachy skin tones characteristic of Portra film, soft dreamy vignetting gradually darkening towards corners and edges, accidental light leaks with orange and red hues bleeding into frame edges, subtle lens flare from uncoated vintage optics, imperfect manual focus creating dreamy bokeh with swirly out-of-focus areas, chromatic aberration visible in high contrast edges, film dust particles and hair caught during scanning process, fine vertical scratches from film transport mechanism, authentic analog warmth with slightly lifted blacks and compressed highlights, natural color bleeding between adjacent film layers, gentle overexposure in bright areas creating soft glow, film edge artifacts and frame numbers barely visible, scanned from original negative with slight color cast, 1990s point-and-shoot disposable camera aesthetic, Fujifilm Superia or Agfa Vista alternative film characteristics, organic photographic imperfections and inconsistencies, slightly soft focus overall sharpness, date stamp in corner optional, double exposure ghost images subtle overlay, sprocket holes impression, cross-processed color shifts, pushed film development look with increased contrast and grain, natural lighting artifacts and lens imperfections, retro photo lab color correction style, authentic film emulsion texture, varying exposure between frames showing human photographer touch, mechanical shutter artifacts, slight motion blur from slower shutter speeds, nostalgic summer afternoon golden hour warmth, faded photograph found in old shoebox quality, memory lane aesthetic, tactile analog photography feel
AST Code Analysis Superpower
---
name: ast-code-analysis-superpower
description: AST-based code pattern analysis using ast-grep for security, performance, and structural issues. Use when (1) reviewing code for security vulnerabilities, (2) analyzing React hook dependencies or performance patterns, (3) detecting structural anti-patterns across large codebases, (4) needing systematic pattern matching beyond manual inspection.
---
# AST-Grep Code Analysis
AST pattern matching identifies code issues through structural recognition rather than line-by-line reading. Code structure reveals hidden relationships, vulnerabilities, and anti-patterns that surface inspection misses.
## Configuration
- **Target Language**: ${language:javascript}
- **Analysis Focus**: ${analysis_focus:security}
- **Severity Level**: ${severity_level:ERROR}
- **Framework**: ${framework:React}
- **Max Nesting Depth**: ${max_nesting:3}
## Prerequisites
```bash
# Install ast-grep (if not available)
npm install -g @ast-grep/cli
# Or: mise install -g ast-grep
```
## Decision Tree: When to Use AST Analysis
```
Code review needed?
|
+-- Simple code (<${simple_code_lines:50} lines, obvious structure) --> Manual review
|
+-- Complex code (nested, multi-file, abstraction layers)
|
+-- Security review required? --> Use security patterns
+-- Performance analysis? --> Use performance patterns
+-- Structural quality? --> Use structure patterns
+-- Cross-file patterns? --> Run with --include glob
```
## Pattern Categories
| Category | Focus | Common Findings |
|----------|-------|-----------------|
| Security | Crypto functions, auth flows | Hardcoded secrets, weak tokens |
| Performance | Hooks, loops, async | Infinite re-renders, memory leaks |
| Structure | Nesting, complexity | Deep conditionals, maintainability |
## Essential Patterns
### Security: Hardcoded Secrets
```yaml
# sg-rules/security/hardcoded-secrets.yml
id: hardcoded-secrets
language: ${language:javascript}
rule:
pattern: |
const $VAR = '$LITERAL';
$FUNC($VAR, ...)
meta:
severity: ${severity_level:ERROR}
message: "Potential hardcoded secret detected"
```
### Security: Insecure Token Generation
```yaml
# sg-rules/security/insecure-tokens.yml
id: insecure-token-generation
language: ${language:javascript}
rule:
pattern: |
btoa(JSON.stringify($OBJ) + '.' + $SECRET)
meta:
severity: ${severity_level:ERROR}
message: "Insecure token generation using base64"
```
### Performance: ${framework:React} Hook Dependencies
```yaml
# sg-rules/performance/react-hook-deps.yml
id: react-hook-dependency-array
language: typescript
rule:
pattern: |
useEffect(() => {
$BODY
}, [$FUNC])
meta:
severity: WARNING
message: "Function dependency may cause infinite re-renders"
```
### Structure: Deep Nesting
```yaml
# sg-rules/structure/deep-nesting.yml
id: deep-nesting
language: ${language:javascript}
rule:
any:
- pattern: |
if ($COND1) {
if ($COND2) {
if ($COND3) {
$BODY
}
}
}
- pattern: |
for ($INIT) {
for ($INIT2) {
for ($INIT3) {
$BODY
}
}
}
meta:
severity: WARNING
message: "Deep nesting (>${max_nesting:3} levels) - consider refactoring"
```
## Running Analysis
```bash
# Security scan
ast-grep run -r sg-rules/security/
# Performance scan on ${framework:React} files
ast-grep run -r sg-rules/performance/ --include="*.tsx,*.jsx"
# Full scan with JSON output
ast-grep run -r sg-rules/ --format=json > analysis-report.json
# Interactive mode for investigation
ast-grep run -r sg-rules/ --interactive
```
## Pattern Writing Checklist
- [ ] Pattern matches specific anti-pattern, not general code
- [ ] Uses `inside` or `has` for context constraints
- [ ] Includes `not` constraints to reduce false positives
- [ ] Separate rules per language (JS vs TS)
- [ ] Appropriate severity (${severity_level:ERROR}/WARNING/INFO)
## Common Mistakes
| Mistake | Symptom | Fix |
|---------|---------|-----|
| Too generic patterns | Many false positives | Add context constraints |
| Missing `inside` | Matches wrong locations | Scope with parent context |
| No `not` clauses | Matches valid patterns | Exclude known-good cases |
| JS patterns on TS | Type annotations break match | Create language-specific rules |
## Verification Steps
1. **Test pattern accuracy**: Run on known-vulnerable code samples
2. **Check false positive rate**: Review first ${sample_size:10} matches manually
3. **Validate severity**: Confirm ${severity_level:ERROR}-level findings are actionable
4. **Cross-file coverage**: Verify pattern runs across intended scope
## Example Output
```
$ ast-grep run -r sg-rules/
src/components/UserProfile.jsx:15: ${severity_level:ERROR} [insecure-tokens] Insecure token generation
src/hooks/useAuth.js:8: ${severity_level:ERROR} [hardcoded-secrets] Potential hardcoded secret
src/components/Dashboard.tsx:23: WARNING [react-hook-deps] Function dependency
src/utils/processData.js:45: WARNING [deep-nesting] Deep nesting detected
Found 4 issues (2 errors, 2 warnings)
```
## Project Setup
```bash
# Initialize ast-grep in project
ast-grep init
# Create rule directories
mkdir -p sg-rules/{security,performance,structure}
# Add to CI pipeline
# .github/workflows/lint.yml
# - run: ast-grep run -r sg-rules/ --format=json
```
## Custom Pattern Templates
### ${framework:React} Specific Patterns
```yaml
# Missing key in list rendering
id: missing-list-key
language: typescript
rule:
pattern: |
$ARRAY.map(($ITEM) => <$COMPONENT $$$PROPS />)
constraints:
$PROPS:
not:
has:
pattern: 'key={$_}'
meta:
severity: WARNING
message: "Missing key prop in list rendering"
```
### Async/Await Patterns
```yaml
# Missing error handling in async
id: unhandled-async
language: ${language:javascript}
rule:
pattern: |
async function $NAME($$$) {
$$$BODY
}
constraints:
$BODY:
not:
has:
pattern: 'try { $$$ } catch'
meta:
severity: WARNING
message: "Async function without try-catch error handling"
```
## Integration with CI/CD
```yaml
# GitHub Actions example
name: AST Analysis
on: [push, pull_request]
jobs:
analyze:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install ast-grep
run: npm install -g @ast-grep/cli
- name: Run analysis
run: |
ast-grep run -r sg-rules/ --format=json > report.json
if grep -q '"severity": "${severity_level:ERROR}"' report.json; then
echo "Critical issues found!"
exit 1
fi
```
