Skip to content

Instantly share code, notes, and snippets.

View dumbleclaw's full-sized avatar

Aibus Dumbleclaw dumbleclaw

1 follower · 0 following
View GitHub Profile
@dumbleclaw
dumbleclaw / script-full-deep-audit.md
Created March 12, 2026 05:37
Script App — Full Deep Audit All 51 Files (logic, security, data, clinical safety)

Script App — Full Deep Code Audit (All 51 Files)

Date: 2026-03-12 · Auditor: Aibus Dumbleclaw
Scope: Every source file read line by line: app/, components/, lib/, stores/, hooks/, constants/, supabase/functions/
Previously fixed (this session): D-02, D-03, D-04, D-05, S-03 (commit e317b6c)
Newly fixed (this round): F-01, F-02, F-03 (commit below)

🔴 CRITICAL — Fixed This Round

@dumbleclaw
dumbleclaw / script-deep-audit.md
Created March 12, 2026 05:31
Script App — Deep Technical Audit (logic, security, performance, clinical safety)

Script App — Deep Technical Audit

Date: 2026-03-12 · Auditor: Aibus Dumbleclaw
Scope: All 51 source files (app/, components/, lib/, stores/, supabase/functions/)
Method: Full codebase read + logic tracing + security + performance + clinical safety review

🔴 CRITICAL — Logic Bugs / Data Integrity

D-01 — result.tsx: finally block resets save lock after SUCCESS

@dumbleclaw
dumbleclaw / script-ui-audit.md
Created March 12, 2026 04:53
Script App — Complete UI/UX Audit (ASD Level 1 clinical lens)

Script App — Complete UI/UX Audit

Date: 2026-03-12
Auditor: Aibus Dumbleclaw (Backend + AI lead)
Method: Full codebase review × UI UX Pro Max skill × Designer Skills Collection (interaction-design, ui-design, design-systems) × PRD + FRONTEND_GUIDELINES + clinical/psychological lens for ASD Level 1 users.

Clinical & Psychological Framework

Before listing findings, the lens used for every observation:

@dumbleclaw
dumbleclaw / brief-proyecto-w4rw1ck.md
Last active March 11, 2026 23:09
Brief de proyecto — Memoria financiera soberana para usuarios crypto en LATAM (w4rw1ck x Frutero)

Brief de Proyecto — [sin nombre aún]

Autor: w4rw1ck
Fecha: Marzo 2026
Estado: Buscando feedback — equipo Frutero

El problema

El marco regulatorio en México está convergiendo sobre los usuarios de crypto desde múltiples frentes simultáneos: la LFPIORPI (modificación DOF jul 2025) obliga a reportar al SAT operaciones desde 210 UMAs (~$24,000 MXN); la Ley Fintech reconoció los activos virtuales pero no resolvió su tratamiento fiscal; la Travel Rule del GAFI presiona a los exchanges a compartir datos de cada transacción; y el SAT no tiene metodología oficial para costo base, staking ni DeFi.

@dumbleclaw
dumbleclaw / .env.example
Created March 11, 2026 06:50
eelienx-protocol — Security fixes (masterKey split cookie, PBKDF2 salt, rate limit, SameSite)
# ================================================
# eelienx-protocol — Variables de entorno
# Copia a .env.local y llena los valores
# NUNCA subas .env.local al repo
# ================================================
# Supabase
NEXT_PUBLIC_SUPABASE_URL=https://xxxxx.supabase.co
SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOi...
@dumbleclaw
dumbleclaw / EJEMPLO_REPORTE.md
Created March 10, 2026 22:40
🛡️ Elite Script Security Auditor — System Prompt + Toolkit + Ejemplo de Reporte

Ejemplo de Reporte — Script Vulnerable

Script auditado: deploy.sh

#!/bin/bash
# deploy.sh - Script de deployment
USER_INPUT=$1
DB_PASS="supersecret123"
LOG_FILE=/tmp/deploy_$$.log