Purpose: Track future features and improvements for the agentready tool.
Last Updated: 2025-12-04 Total Active Items: 10 Lines: ~800
The following features have been implemented and moved to production:
- ✅ Bootstrap Command -
agentready bootstrapsets up agent-ready infrastructure (v1.0+) - ✅ Align Subcommand -
agentready alignautomates remediation (v1.5+) - ✅ Report Schema Versioning -
migrate-report,validate-reportcommands (v1.8+) - ✅ Research Report Management -
agentready researchcommand suite (v1.10+) - ✅ Repomix Integration -
agentready repomix-generatecommand (v1.12+) - ✅ Automated Demo -
agentready democommand for presentations (v1.15+) - ✅ Bootstrap Quickstart in README - Prominent documentation added (v1.16+)
- ✅ Batch Assessment -
agentready assess-batchwith GitHub org scanning (v1.29+) - ✅ LLM-Powered Learning -
agentready extract-skillswith Claude enrichment (v2.0+) - ✅ SWE-bench Experiments -
agentready experimentfor validation (v2.6+) - ✅ Community Leaderboard - Public score tracking (v2.9+)
See CHANGELOG.md for detailed release notes.
Priority: P0 (Critical - Security & Correctness)
Description: Address critical bugs discovered in code review affecting security and assessment accuracy.
Issues:
-
XSS Vulnerability in HTML Reports -
src/agentready/templates/report.html.j2:579- Problem:
assessment_json|safedisables autoescaping for JSON in JavaScript - Risk: Repository names, commit messages could contain malicious content
- Fix: Replace with
JSON.parse({{ assessment_json|tojson }})
- Problem:
-
StandardLayoutAssessor Logic Bug -
src/agentready/assessors/structure.py:48- Problem:
(tests/) or (test/)always evaluates to first path - Impact: Projects with
test/scored incorrectly - Fix: Check both paths properly with existence validation
- Problem:
Acceptance Criteria:
- XSS vulnerability patched with
tojsonfilter - StandardLayoutAssessor recognizes both
tests/andtest/ - Tests added for XSS prevention and directory variations
Priority: P0 (Critical - Usability)
Description: Add prominent header showing what repository was assessed. Currently reports lack context.
Requirements:
- Repository name, path, and GitHub URL
- Assessment timestamp (human-readable)
- Branch name and commit hash
- AgentReady version used
- Username@hostname who ran assessment
- Command used
Implementation: Update all report formats (HTML, Markdown, JSON) with metadata header section positioned before score summary.
Acceptance Criteria:
- User can immediately identify assessed repository
- Timestamp shows when assessment was run
- Git context (branch, commit) visible
- AgentReady version tracked for reproducibility
Priority: P0 (Critical - User Experience)
Description: Redesign HTML report with professional dark color scheme and larger font sizes (+4pt minimum).
Problems:
- Current color scheme "hideous" (user feedback)
- Font sizes too small for modern displays
- Poor contrast in some areas
New Design:
- Dark blue/black base (
#0a0e27,#1a1f3a) - Purple accents only (
#8b5cf6) - 18px minimum body text (up from 14px)
- High contrast (WCAG 2.1 AA compliant)
Acceptance Criteria:
- All text easily readable (18px minimum)
- Professional color scheme (black, dark blue, purple, white)
- WCAG 2.1 AA contrast compliance
- Light/dark mode toggle (future enhancement)
Priority: P1 (High - Quality & Reliability)
Issues:
-
TOCTOU in File Operations - Multiple assessors check file existence then read separately
- Fix: Use try-except around file reads instead
-
Inaccurate Type Annotation Detection - Regex-based with false positives
- Fix: Use AST parsing instead of regex
-
Assessment Validation Semantic Confusion - Field
attributes_skippedincludes errors- Fix: Rename to
attributes_not_assessedor add separate counters
- Fix: Rename to
Acceptance Criteria:
- All file operations use try-except pattern
- Type annotation detection uses AST
- Assessment model fields clearly named
- Tests added for edge cases
Priority: P1 (High - Quality Assurance)
Description: Increase test coverage from 37% to >80% with edge case handling.
Critical Gaps:
- Error handling paths (OSError, PermissionError)
- Empty repositories, binary files, symlinks
- Security test cases (XSS, path traversal)
- Scorer edge cases (all attributes skipped, weight normalization)
Acceptance Criteria:
- Test coverage >80%
- All error paths tested
- Edge cases for malformed repos covered
- CI fails if coverage <75%
Priority: P2 (Medium - Polish)
Improvements:
- Warn when scanning sensitive directories (
/etc,/.ssh) - Confirm before scanning large repositories (>10k files)
- Add CSP headers to HTML reports for defense-in-depth
- Document scorer behavior when all attributes skipped
Acceptance Criteria:
- Warnings for sensitive directories
- CSP headers in HTML reports
- Scorer edge cases documented
- User guide updated with best practices
Priority: P2 (High Value)
Description: Transform static HTML report into interactive dashboard with one-click remediation via GitHub issues and draft PRs.
Vision: Click "Fix This" button → Creates GitHub issue → Generates draft PR with fixes
Core Features:
- Action buttons on each failing attribute
- Template-based fix generation (CLAUDE.md, .gitignore, pre-commit hooks)
- AI-powered fixes for complex issues (type annotations, refactoring)
- GitHub integration via OAuth or gh CLI
- Progress tracking and historical trends
Implementation Phases:
- Phase 1: Client-side with gh CLI - Generate commands users copy/paste
- Phase 2: Local dashboard server - Flask/FastAPI with WebSocket updates
- Phase 3: Cloud service - Hosted at agentready.dev (SaaS)
Acceptance Criteria:
- "Fix This" buttons functional in HTML report
- Template-based fixes generate valid files
- GitHub issue creation working
- Fix preview before applying
Priority: P2 (High Value)
Description: Create GitHub App providing badges, PR status checks, and automated assessment comments.
Core Features:
- Repository Badge - Shields.io SVG showing certification level
- GitHub Actions - Official
agentready/assess-action - PR Status Checks - Block merge if score below threshold
- PR Comments - Automated summaries with score deltas
Use Cases:
- Add badge to README:
[](...) - Enforce quality gates via
.agentready-config.yaml - Track organization progress via dashboard
Acceptance Criteria:
- GitHub Action published to marketplace
- Badge service deployed
- PR status checks functional
- Organization dashboard shows all repos
Priority: P2 (Medium - Developer Experience)
Description: Ensure documentation stays synchronized when source content changes via automatic cascade updates.
Problem: Changes to source docs (research reports, CLAUDE.md) don't propagate to derived docs (GitHub Pages), causing drift.
Requirements:
- Designate source-of-truth files (contracts/, specs/, CLAUDE.md)
- Track changes and identify affected derived docs
- Trigger regeneration when sources change
- Validate consistency and check cross-references
CLI Commands:
agentready docs check-drift # Calculate drift score
agentready docs cascade-update # Update derived docs from sources
agentready docs update docs/attributes.md # Update specific fileAcceptance Criteria:
- Source files explicitly designated
- Drift detection algorithm working
- Cascade update command functional
- GitHub Actions workflow for automation
- Pre-commit hook warns of high drift
Priority: P3 (Important)
Description: Create specialized Claude Code agent for AgentReady repository development.
Requirements:
- Deep knowledge of AgentReady architecture
- Can implement new assessors, write tests, debug issues
- Understands assessment workflow and scoring logic
- Pre-loaded context about codebase structure
Implementation: Create .claude/agents/agentready-dev.md with agent specification linking to key design docs.
Use Cases:
/agentready-dev implement new assessor for dependency security/agentready-dev debug type annotation detection/agentready-dev optimize assessment performance
Priority: P4 (Enhancement)
Description: Allow users to customize HTML report appearance with themes and color schemes.
Requirements:
- Pre-built themes (light, dark, high-contrast, colorblind-friendly)
- Custom theme support via
.agentready-config.yaml - WCAG 2.1 AA accessibility maintained
- Runtime theme switcher in HTML report (dropdown in top-right corner)
- Dark/light mode toggle button (one-click switching)
- Save preference to localStorage (persists across reports)
Configuration:
# .agentready-config.yaml
report_theme: dark # or 'light', 'high-contrast', 'custom'
custom_theme:
primary_color: "#2563eb"
background: "#1e293b"
text: "#e2e8f0"Implementation:
- CSS custom properties for theming
- JavaScript theme switcher (no page reload)
- Embed all themes in single HTML (offline-capable)
- Command:
agentready theme-preview dark
Created: 2025-11-21 Last Condensed: 2025-12-04 Original Lines: 2,190 Condensed Lines: ~800 (63% reduction) Completed Items Moved: 11
- P0 (Critical): 3 items - Security/Logic Bugs, Report Header, HTML Design
- P1 (High): 2 items - Code Quality Fixes, Test Coverage
- P2 (Medium): 4 items - Security Polish, Interactive Dashboard, GitHub App, Doc Cascade
- P3 (Important): 1 item - Repository Agent
- P4 (Enhancement): 1 item - Customizable Themes
Total Active: 11 items (down from 15 original)
- Completed items documented in CHANGELOG.md with version numbers
- Bootstrap & Align are production-ready, widely used commands
- Report schema versioning working with migrate/validate commands
- LLM-powered learning operational with Claude API integration
- SWE-bench experiments validate AgentReady impact on agent performance
- Community leaderboard tracks public repository scores
Focus Areas:
- Security fixes (P0 - XSS, logic bugs)
- Test coverage improvement (P1 - 37% → 80%)
- UX enhancements (P0 - report design, metadata header)
- GitHub integration (P2 - App, badges, status checks)
- Automation (P2 - Interactive dashboard, doc cascade)