{"id":51150970,"url":"https://github.com/wellwelwel/blue-spec","last_synced_at":"2026-06-26T06:01:03.176Z","repository":{"id":365968844,"uuid":"1272696562","full_name":"wellwelwel/blue-spec","owner":"wellwelwel","description":"🌊 Blue Spec is a toolkit for Security-Driven Hardening (SDH), a defensive workflow to help AI agents detect what a system does and harden the defenses that matter.","archived":false,"fork":false,"pushed_at":"2026-06-19T17:35:49.000Z","size":5246,"stargazers_count":54,"open_issues_count":1,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2026-06-19T18:13:33.195Z","etag":null,"topics":["agent-skills","ai","blue-team","claude-code","codex","copilot","cursor-ai","ia-driven","llm","prompt-engineering","prompt-toolkit","sdh","security","security-driven-hardening","spec-driven"],"latest_commit_sha":null,"homepage":"https://bluespec.weslley.io","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wellwelwel.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-06-17T21:19:02.000Z","updated_at":"2026-06-19T17:35:36.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/wellwelwel/blue-spec","commit_stats":null,"previous_names":["wellwelwel/blue-spec"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/wellwelwel/blue-spec","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wellwelwel%2Fblue-spec","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wellwelwel%2Fblue-spec/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wellwelwel%2Fblue-spec/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wellwelwel%2Fblue-spec/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wellwelwel","download_url":"https://codeload.github.com/wellwelwel/blue-spec/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wellwelwel%2Fblue-spec/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34805072,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-26T02:00:06.560Z","response_time":106,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent-skills","ai","blue-team","claude-code","codex","copilot","cursor-ai","ia-driven","llm","prompt-engineering","prompt-toolkit","sdh","security","security-driven-hardening","spec-driven"],"created_at":"2026-06-26T06:00:58.793Z","updated_at":"2026-06-26T06:01:03.168Z","avatar_url":"https://github.com/wellwelwel.png","language":"TypeScript","funding_links":["https://github.com/sponsors/wellwelwel"],"categories":[],"sub_categories":[],"readme":"\u003cimg src=\"./website/static/img/banner.png\" /\u003e\n\n# 🌊 Security-Driven Hardening: Blue Spec\n\n[![Version](https://img.shields.io/npm/v/blue-spec?label=\u0026color=2f7bff\u0026logo=npm\u0026logoColor=white)](https://www.npmjs.com/package/blue-spec)\n[![Docs](https://img.shields.io/badge/Documentation-005eff?logo=docusaurus\u0026logoColor=white)](https://bluespec.weslley.io)\n\n**Blue Spec** helps your AI agent make a project more secure. You point it at your code, and the agent figures out what your system actually does, then guides you through the security work that matters for it.\n\n- **Blue Spec** works with projects in **any programming language** and supports [**37 agents**](https://bluespec.weslley.io/docs/supported-agents) ✨\n\n---\n\n## Table of Contents\n\n- 🌱 [**Get Started**](#get-started)\n - [**Install**](#install)\n - [**Commands**](#commands)\n- πŸ“¦ [**Requirements**](#requirements)\n- πŸ–– [**Acknowledgements**](#acknowledgements)\n- πŸ§‘β€βš–οΈ [**License**](#license)\n\n---\n\n## Get Started\n\n### Install\n\n\u003e **Blue Spec** adapts to your environment, whether it is a new project or an existing one.\n\n```bash\nnpx -y blue-spec@latest init\n```\n\n- **Blue Spec** runs on **Node.js** under the hood, you use whatever language you want πŸƒ\n\n### Commands\n\nOnce **Blue Spec** is set up in your project, your **AI** agent unlocks a set of slash commands:\n\n| # | Command | What it does for you |\n| --- | -------------------------------------------------------------------------- | ------------------------------------------------------------------------------ |\n| 1 | [**/bluespec.charter**](https://bluespec.weslley.io/docs/commands/charter) | Sets your project's security rules, proposed for you or shaped by what you say |\n| 2 | [**/bluespec.detect**](https://bluespec.weslley.io/docs/commands/detect) | Reads your code and maps what your system does and where the risks are |\n| 3 | [**/bluespec.plan**](https://bluespec.weslley.io/docs/commands/plan) | Turns what detect found into a defense plan, with a fix for each finding |\n| 4 | [**/bluespec.harden**](https://bluespec.weslley.io/docs/commands/harden) | Applies the plan's fixes to your code, safely and one at a time |\n| 5 | [**/bluespec.verify**](https://bluespec.weslley.io/docs/commands/verify) | Proves each applied fix holds and closes out the ones that do |\n\n\u003e Each command builds on the previous, so following the list top to bottom is all it takes.\n\n#### Special commands\n\n| Command | What it does |\n| -------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------ |\n| [**/bluespec.prove**](https://bluespec.weslley.io/docs/commands/prove) | Turns each detected finding into a runnable proof for responsible disclosure |\n| [**/bluespec.specialize**](https://bluespec.weslley.io/docs/commands/specialize) | Specializes **Blue Spec** in a new security _sub_-skill from articles, exploits, or topics |\n| [**/bluespec.repair**](https://bluespec.weslley.io/docs/commands/repair) | Repairs **Blue Spec**'s internal tracking |\n| [**/bluespec.list**](https://bluespec.weslley.io/docs/commands/list) | Lists all finding **Blue Spec** is tracking, by name |\n\n\u003e [!TIP]\n\u003e\n\u003e Security is not a cost, it is an investment: what you put in upfront, you save many times over in the incidents you never have πŸ™‹πŸ»β€β™‚οΈ\n\n\u003e [!IMPORTANT]\n\u003e\n\u003e See the full [**documentation**](https://bluespec.weslley.io/) for usage examples and more.\n\n---\n\n## Requirements\n\nYou will need these tools installed on your system:\n\n- [**Node.js (LTS)**](https://nodejs.org/en/download/package-manager)\n- At least one of the [**Supported Agents**](https://bluespec.weslley.io/docs/supported-agents)\n\n---\n\n## Security Policy\n\nPlease check the [**SECURITY.md**](https://github.com/wellwelwel/blue-spec/blob/main/SECURITY.md).\n\n---\n\n## Contributing\n\n🚧 Coming Soon.\n\n---\n\n## Acknowledgements\n\n### Partners\n\n\u003e Help **Blue Spec** grow by [**becoming a partner**](https://bluespec.weslley.io/?partners) πŸ––\n\n### Supporters\n\nReally thanks to everyone who has supported and keeps supporting my work.\n\n[![Sponsors](https://wellwelwel.github.io/wellwelwel/sponsors.svg?v=1)](https://github.com/sponsors/wellwelwel)\n\n\u003e Support **Blue Spec** by [**becoming a sponsor**](https://github.com/sponsors/wellwelwel) too ✨\n\n---\n\n## License\n\n**Blue Spec** is under the [**MIT License**](https://github.com/wellwelwel/blue-spec/blob/main/LICENSE).\u003cbr /\u003e\nCopyright Β© 2026-present [**Weslley AraΓΊjo**](https://github.com/wellwelwel) and [**contributors**](https://github.com/wellwelwel/blue-spec/graphs/contributors).\n\n\u003e [!IMPORTANT]\n\u003e\n\u003e ### Disclaimer\n\u003e\n\u003e **Blue Spec** is an independent open-source project and is not affiliated with, endorsed by, or associated with **Bluespec, Inc.** or the **Bluespec Hardware Description Language (HDL)** and its compiler (`bsc`).\n\u003e\n\u003e The project name \"Blue Spec\" comes from Blue Team (defensive security) and Spec-Driven Development. It refers to an AI-assisted security hardening tool for software projects, a different domain from Bluespec, Inc., which provides RISC-V processor IP and hardware design tools.\n\u003e\n\u003e \"Bluespec\" is a trademark of Bluespec, Inc. All other product names, trademarks, and registered trademarks mentioned are the property of their respective owners and are used for identification purposes only.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwellwelwel%2Fblue-spec","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwellwelwel%2Fblue-spec","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwellwelwel%2Fblue-spec/lists"}