Skip to content

GENERATION_CHECKLIST.md

Latest commit

 

History

History
217 lines (175 loc) · 8.13 KB

GENERATION_CHECKLIST.md

File metadata and controls

217 lines (175 loc) · 8.13 KB

Code Generation Checklist

Overview

This checklist ensures all safety constraints and requirements are met before generating executable code for the redcolors project. All items must be confirmed before proceeding with code generation.

⚠️ CRITICAL SAFETY REQUIREMENTS

1. Environment Confirmation

Requirement: Confirm the execution environment is properly isolated

  • Local VM/Docker Environment: Code will run in isolated local environment
  • No Cloud Credentials: No real AWS, Azure, or GCP credentials present
  • Network Isolation: No external network access required or available
  • Ephemeral Storage: All data will be stored in temporary, disposable locations
  • Simulation Mode: All operations will be clearly marked as simulation

User Confirmation Required:

I CONFIRM that the execution environment is properly isolated with no real cloud credentials and no external network access.

2. Safety Constraint Validation

Requirement: Verify all safety constraints are understood and will be enforced

  • Localhost Only: All network operations bound to 127.0.0.1
  • Fake Credentials: All tokens prefixed with "TEMP_" and clearly marked as simulation
  • No Real APIs: No actual calls to AWS, Azure, GCP, or any cloud provider
  • Simulation Flags: All operations include simulation=true flags
  • Safety Warnings: All outputs include explicit safety disclaimers

User Confirmation Required:

I CONFIRM that all safety constraints will be enforced: localhost only, fake credentials, no real APIs, simulation flags, and safety warnings.

3. Code Generation Scope

Requirement: Specify which module to generate first

  • IAM Parser: Core IAM data parsing and validation
  • IAM Analyzer: Graph analysis and escalation path discovery
  • Attack Engine: Attack simulation and CloudTrail event generation
  • Vulnerable Lab: Flask API for safe attack simulation
  • CLI Interface: Command-line interface for all operations
  • Report Generator: Security report generation

User Confirmation Required:

I CONFIRM that I want to generate the [MODULE_NAME] module first.

4. Testing and Validation

Requirement: Confirm testing approach and validation methods

  • Unit Tests: Comprehensive unit test coverage (>80%)
  • Integration Tests: End-to-end testing with local services
  • Safety Tests: Validation of safety constraints
  • Performance Tests: Memory and execution time limits
  • Manual Testing: User validation of functionality

User Confirmation Required:

I CONFIRM that I will test each module individually before proceeding to the next, including safety validation and performance checks.

5. Documentation and Reporting

Requirement: Ensure proper documentation and reporting

  • Code Documentation: Inline comments and docstrings
  • Safety Documentation: Clear safety warnings and disclaimers
  • Usage Examples: Practical examples of safe usage
  • Troubleshooting Guide: Common issues and solutions
  • Security Notes: Important security considerations

User Confirmation Required:

I CONFIRM that I will maintain proper documentation including safety warnings, usage examples, and security considerations.

6. Final Safety Acknowledgment

Requirement: Final acknowledgment of safety responsibilities

  • No Real Attacks: Understanding that this is simulation only
  • Local Testing: All testing will be done locally
  • No External Impact: No real systems will be affected
  • Training Purpose: This is for educational/training purposes only
  • Responsible Use: Commitment to responsible and ethical use

User Confirmation Required:

I CONFIRM that I understand this is simulation-only software for training purposes, will not perform real attacks, and will use it responsibly and ethically.

Code Generation Process

Step 1: User Confirmation

The user must provide the following confirmation:

I CONFIRM

Step 2: Module Selection

After confirmation, specify which module to generate:

GENERATE_CODE iam_parser
GENERATE_CODE analyzer
GENERATE_CODE attack_engine
GENERATE_CODE vulnerable_lab
GENERATE_CODE cli
GENERATE_CODE report_generator

Step 3: Code Generation

Once confirmed, the assistant will generate:

  1. Python Module: Complete implementation with safety constraints
  2. Unit Tests: Comprehensive test suite
  3. Documentation: Usage examples and safety notes
  4. Validation: Safety constraint verification

Step 4: Testing and Validation

After generation, the user will:

  1. Review Code: Check for safety compliance
  2. Run Tests: Execute unit and integration tests
  3. Validate Safety: Confirm no external calls or real credentials
  4. Test Functionality: Verify expected behavior
  5. Document Issues: Report any problems or concerns

Safety Validation Checklist

Pre-Generation Safety Check

  • Environment is properly isolated
  • No real cloud credentials present
  • Network isolation confirmed
  • User understands safety constraints
  • Simulation-only purpose confirmed

Post-Generation Safety Check

  • All network operations use 127.0.0.1
  • All credentials are TEMP_ prefixed
  • All operations include simulation flags
  • Safety warnings are present
  • No external API calls made
  • No real cloud resources accessed

Runtime Safety Check

  • Application starts on localhost only
  • No external network connections
  • All outputs marked as simulation
  • Safety warnings displayed
  • Error handling prevents external calls
  • Memory usage within limits

Module Generation Order

Recommended Order

  1. IAM Parser - Foundation for all other modules
  2. IAM Analyzer - Builds on parser for graph analysis
  3. Vulnerable Lab - Provides safe target for testing
  4. Attack Engine - Uses analyzer and lab for simulation
  5. CLI Interface - Provides user interface for all modules
  6. Report Generator - Creates defender-facing artifacts

Dependencies

  • IAM Parser: No dependencies (foundation)
  • IAM Analyzer: Depends on IAM Parser
  • Vulnerable Lab: No dependencies (standalone)
  • Attack Engine: Depends on IAM Analyzer and Vulnerable Lab
  • CLI Interface: Depends on all modules
  • Report Generator: Depends on Attack Engine

Error Handling and Recovery

Common Issues

  1. Safety Constraint Violation: Stop generation and fix
  2. Missing Dependencies: Install required packages
  3. Configuration Error: Update configuration files
  4. Test Failure: Debug and fix issues
  5. Performance Issue: Optimize code or increase limits

Recovery Procedures

  1. Stop Generation: Halt if safety issues detected
  2. Fix Issues: Address problems before continuing
  3. Re-validate: Confirm fixes work correctly
  4. Continue: Proceed with corrected code
  5. Document: Record issues and solutions

Final Notes

Important Reminders

  • This is simulation software only - no real attacks will be performed
  • All operations are local - no external network access required
  • Safety is paramount - any safety issues must be addressed immediately
  • Testing is required - each module must be tested before proceeding
  • Documentation is essential - clear instructions and warnings are required

Contact and Support

  • Safety Issues: Stop immediately and report
  • Technical Issues: Debug systematically
  • Documentation: Maintain clear and accurate documentation
  • Testing: Comprehensive testing is required
  • Validation: Safety validation is mandatory

READY TO PROCEED?

To begin code generation, you must:

  1. Read and understand all safety requirements
  2. Confirm your environment meets all safety criteria
  3. Type exactly: I CONFIRM
  4. Specify the module you want to generate first

Example:

I CONFIRM
GENERATE_CODE iam_parser

⚠️ WARNING: Code generation will only proceed after complete safety confirmation. Any safety violations will result in immediate termination of the generation process.