Hugging Face's logo

Spaces:
S-Dreamer
/
codewatcher
Running

App Files Community
S-Dreamer commited on
Commit
b0a728d
·
verified ·
1 Parent(s): 509108d

Creating a GitHub Actions bot named CodeWatcher, inspired by Copal, that runs static analysis tools (pylint, bandit, semgrep), comments inline suggestions on pull requests (PRs), and adopts a mentor-like or red-team assistant tone is a solid idea for improving code quality and security in a supportive way. Below is a step-by-step guide to build this bot, ensuring actionable output aligned with offensive security workflows and real-world methodologies. CodeWatcher GitHub Actions Bot Overview CodeWatcher will: • Trigger on pull request events. • Run pylint (code style), bandit (security issues), and semgrep (advanced static analysis) on Python code. • Parse tool outputs and post inline comments on PRs with a mentor-like or red-team tone (e.g., constructive, slightly probing, encouraging critical thinking). • Use GitHub Actions to automate the workflow and the GitHub API to post comments. - Initial Deployment

Browse files
Files changed (3) hide show
  1. README.md +6 -4
  2. index.html +481 -19
  3. prompts.txt +1 -0
README.md CHANGED
@@ -1,10 +1,12 @@
1
  ---
2
- title: Codewatcher
3
- emoji: 😻
4
- colorFrom: indigo
5
  colorTo: yellow
6
  sdk: static
7
  pinned: false
 
 
8
  ---
9
 
10
- Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference
 
1
  ---
2
+ title: codewatcher
3
+ emoji: 🐳
4
+ colorFrom: green
5
  colorTo: yellow
6
  sdk: static
7
  pinned: false
8
+ tags:
9
+ - deepsite
10
  ---
11
 
12
+ Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference
index.html CHANGED
@@ -1,19 +1,481 @@
1
- <!doctype html>
2
- <html>
3
- <head>
4
- <meta charset="utf-8" />
5
- <meta name="viewport" content="width=device-width" />
6
- <title>My static Space</title>
7
- <link rel="stylesheet" href="style.css" />
8
- </head>
9
- <body>
10
- <div class="card">
11
- <h1>Welcome to your static Space!</h1>
12
- <p>You can modify this app directly by editing <i>index.html</i> in the Files and versions tab.</p>
13
- <p>
14
- Also don't forget to check the
15
- <a href="https://huggingface.co/docs/hub/spaces" target="_blank">Spaces documentation</a>.
16
- </p>
17
- </div>
18
- </body>
19
- </html>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <!DOCTYPE html>
2
+ <html lang="en">
3
+ <head>
4
+ <meta charset="UTF-8">
5
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
6
+ <title>CodeWatcher - Security Mentor Bot</title>
7
+ <script src="https://cdn.tailwindcss.com"></script>
8
+ <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css">
9
+ <style>
10
+ .sidebar {
11
+ transition: all 0.3s ease;
12
+ }
13
+ .bot-message {
14
+ animation: fadeIn 0.5s ease-in-out;
15
+ }
16
+ @keyframes fadeIn {
17
+ from { opacity: 0; transform: translateY(10px); }
18
+ to { opacity: 1; transform: translateY(0); }
19
+ }
20
+ .highlight {
21
+ position: relative;
22
+ z-index: 1;
23
+ }
24
+ .highlight::after {
25
+ content: '';
26
+ position: absolute;
27
+ left: 0;
28
+ right: 0;
29
+ bottom: 2px;
30
+ height: 30%;
31
+ background-color: rgba(236, 253, 245, 0.6);
32
+ z-index: -1;
33
+ }
34
+ </style>
35
+ </head>
36
+ <body class="bg-gray-50 min-h-screen">
37
+ <div class="flex h-screen">
38
+ <!-- Sidebar navigation -->
39
+ <div class="sidebar bg-indigo-900 text-white w-64 flex-shrink-0 hidden md:block">
40
+ <div class="p-4">
41
+ <h1 class="text-xl font-bold flex items-center">
42
+ <span class="bg-green-400 rounded-full w-6 h-6 mr-2 flex items-center justify-center">
43
+ <i class="fas fa-robot text-indigo-900 text-xs"></i>
44
+ </span>
45
+ CodeWatcher
46
+ </h1>
47
+ <p class="text-indigo-200 text-sm mt-2">Your security mentor bot</p>
48
+ </div>
49
+ <nav class="mt-6">
50
+ <a href="#" class="block py-2 px-4 bg-indigo-800 text-white font-medium">
51
+ <i class="fas fa-chart-line mr-2"></i> Dashboard
52
+ </a>
53
+ <a href="#" class="block py-2 px-4 hover:bg-indigo-800 text-white">
54
+ <i class="fas fa-list-check mr-2"></i> PR Analysis
55
+ </a>
56
+ <a href="#" class="block py-2 px-4 hover:bg-indigo-800 text-white">
57
+ <i class="fas fa-shield-virus mr-2"></i> Security Findings
58
+ </a>
59
+ <a href="#" class="block py-2 px-4 hover:bg-indigo-800 text-white">
60
+ <i class="fas fa-gear mr-2"></i> Configuration
61
+ </a>
62
+ <div class="border-t border-indigo-800 mt-4 pt-4 mx-4">
63
+ <div class="flex items-center pb-4">
64
+ <div class="w-10 h-10 rounded-full bg-indigo-700 flex items-center justify-center">
65
+ <i class="fas fa-user text-lg"></i>
66
+ </div>
67
+ <div class="ml-3">
68
+ <p class="font-medium">Developer</p>
69
+ <p class="text-xs text-indigo-300">admin</p>
70
+ </div>
71
+ </div>
72
+ <button class="bg-indigo-700 hover:bg-indigo-600 text-white py-2 px-4 rounded-full w-full text-sm font-medium">
73
+ <i class="fas fa-sign-out-alt mr-2"></i> Sign out
74
+ </button>
75
+ </div>
76
+ </nav>
77
+ </div>
78
+
79
+ <!-- Mobile sidebar toggle -->
80
+ <button id="sidebarToggle" class="md:hidden fixed top-4 left-4 bg-indigo-900 text-white p-2 rounded-lg z-50">
81
+ <i class="fas fa-bars"></i>
82
+ </button>
83
+
84
+ <!-- Mobile sidebar (hidden by default) -->
85
+ <div id="mobileSidebar" class="sidebar fixed inset-0 bg-indigo-900 text-white z-40 transform -translate-x-full md:hidden">
86
+ <div class="p-4">
87
+ <div class="flex justify-between items-center">
88
+ <h1 class="text-xl font-bold flex items-center">
89
+ <span class="bg-green-400 rounded-full w-6 h-6 mr-2 flex items-center justify-center">
90
+ <i class="fas fa-robot text-indigo-900 text-xs"></i>
91
+ </span>
92
+ CodeWatcher
93
+ </h1>
94
+ <button id="closeSidebar" class="text-white p-2">
95
+ <i class="fas fa-times"></i>
96
+ </button>
97
+ </div>
98
+ <p class="text-indigo-200 text-sm mt-2">Your security mentor bot</p>
99
+ </div>
100
+ <nav class="mt-6">
101
+ <a href="#" class="block py-2 px-4 bg-indigo-800 text-white font-medium">
102
+ <i class="fas fa-chart-line mr-2"></i> Dashboard
103
+ </a>
104
+ <a href="#" class="block py-2 px-4 hover:bg-indigo-800 text-white">
105
+ <i class="fas fa-list-check mr-2"></i> PR Analysis
106
+ </a>
107
+ <a href="#" class="block py-2 px-4 hover:bg-indigo-800 text-white">
108
+ <i class="fas fa-shield-virus mr-2"></i> Security Findings
109
+ </a>
110
+ <a href="#" class="block py-2 px-4 hover:bg-indigo-800 text-white">
111
+ <i class="fas fa-gear mr-2"></i> Configuration
112
+ </a>
113
+ <div class="border-t border-indigo-800 mt-12 pt-4 mx-4">
114
+ <button class="bg-indigo-700 hover:bg-indigo-600 text-white py-2 px-4 rounded-full w-full text-sm font-medium">
115
+ <i class="fas fa-sign-out-alt mr-2"></i> Sign out
116
+ </button>
117
+ </div>
118
+ </nav>
119
+ </div>
120
+
121
+ <!-- Main content -->
122
+ <div class="flex-1 overflow-y-auto">
123
+ <div class="max-w-6xl mx-auto p-6">
124
+ <!-- Header -->
125
+ <header class="bg-white rounded-xl shadow-sm p-6 mb-6">
126
+ <div class="flex justify-between items-start">
127
+ <div>
128
+ <h2 class="text-2xl font-bold text-gray-800">Pull Request Analysis</h2>
129
+ <p class="text-gray-600 mt-1">See CodeWatcher's automated reviews and suggestions</p>
130
+ </div>
131
+ <div class="flex space-x-3">
132
+ <button class="bg-indigo-600 hover:bg-indigo-700 text-white px-4 py-2 rounded-lg flex items-center">
133
+ <i class="fas fa-sync-alt mr-2"></i> Refresh
134
+ </button>
135
+ <button class="bg-green-600 hover:bg-green-700 text-white px-4 py-2 rounded-lg flex items-center">
136
+ <i class="fas fa-plus mr-2"></i> New Review
137
+ </button>
138
+ </div>
139
+ </div>
140
+ </header>
141
+
142
+ <!-- PR Info Card -->
143
+ <div class="bg-white rounded-xl shadow-sm p-6 mb-6">
144
+ <div class="flex flex-col md:flex-row md:items-center md:justify-between">
145
+ <div>
146
+ <div class="flex items-center">
147
+ <h3 class="text-xl font-semibold text-gray-800">PR #42: Implement auth middleware</h3>
148
+ <span class="ml-3 bg-yellow-100 text-yellow-800 text-xs px-2 py-1 rounded-full">Open</span>
149
+ </div>
150
+ <p class="text-gray-600 mt-1">Repository: <span class="font-medium">acme/webapp</span> • Author: <span class="font-medium">dev1</span></p>
151
+ </div>
152
+ <div class="mt-3 md:mt-0">
153
+ <div class="flex space-x-2">
154
+ <span class="bg-blue-100 text-blue-800 text-xs px-2 py-1 rounded-full">+327 −158</span>
155
+ <span class="bg-purple-100 text-purple-800 text-xs px-2 py-1 rounded-full">Python</span>
156
+ <span class="bg-green-100 text-green-800 text-xs px-2 py-1 rounded-full">3 Checks</span>
157
+ </div>
158
+ </div>
159
+ </div>
160
+ </div>
161
+
162
+ <!-- Analysis Results -->
163
+ <div class="mb-6">
164
+ <div class="flex items-center mb-4">
165
+ <h3 class="text-lg font-semibold text-gray-800">Static Analysis Results</h3>
166
+ <span class="ml-3 bg-indigo-100 text-indigo-800 text-xs px-2 py-1 rounded-full">3 Tools Run</span>
167
+ </div>
168
+
169
+ <!-- Tool Stats -->
170
+ <div class="grid grid-cols-1 md:grid-cols-3 gap-4 mb-6">
171
+ <div class="bg-white rounded-xl shadow-sm p-4">
172
+ <div class="flex justify-between items-center mb-2">
173
+ <div class="flex items-center">
174
+ <div class="w-8 h-8 bg-red-100 rounded-full flex items-center justify-center mr-2">
175
+ <i class="fas fa-exclamation-triangle text-red-500"></i>
176
+ </div>
177
+ <h4 class="font-medium">Pylint</h4>
178
+ </div>
179
+ <span class="text-sm text-gray-500">Style Guide</span>
180
+ </div>
181
+ <div class="mt-4">
182
+ <div class="flex items-center justify-between mb-1">
183
+ <span class="text-sm text-gray-600">Issues identified</span>
184
+ <span class="font-medium">12</span>
185
+ </div>
186
+ <div class="w-full bg-gray-200 rounded-full h-1.5">
187
+ <div class="bg-red-500 h-1.5 rounded-full" style="width: 80%"></div>
188
+ </div>
189
+ </div>
190
+ </div>
191
+
192
+ <div class="bg-white rounded-xl shadow-sm p-4">
193
+ <div class="flex justify-between items-center mb-2">
194
+ <div class="flex items-center">
195
+ <div class="w-8 h-8 bg-yellow-100 rounded-full flex items-center justify-center mr-2">
196
+ <i class="fas fa-shield-alt text-yellow-500"></i>
197
+ </div>
198
+ <h4 class="font-medium">Bandit</h4>
199
+ </div>
200
+ <span class="text-sm text-gray-500">Security</span>
201
+ </div>
202
+ <div class="mt-4">
203
+ <div class="flex items-center justify-between mb-1">
204
+ <span class="text-sm text-gray-600">Vulnerabilities</span>
205
+ <span class="font-medium">4</span>
206
+ </div>
207
+ <div class="w-full bg-gray-200 rounded-full h-1.5">
208
+ <div class="bg-yellow-500 h-1.5 rounded-full" style="width: 30%"></div>
209
+ </div>
210
+ </div>
211
+ </div>
212
+
213
+ <div class="bg-white rounded-xl shadow-sm p-4">
214
+ <div class="flex justify-between items-center mb-2">
215
+ <div class="flex items-center">
216
+ <div class="w-8 h-8 bg-blue-100 rounded-full flex items-center justify-center mr-2">
217
+ <i class="fas fa-search text-blue-500"></i>
218
+ </div>
219
+ <h4 class="font-medium">Semgrep</h4>
220
+ </div>
221
+ <span class="text-sm text-gray-500">Deep Analysis</span>
222
+ </div>
223
+ <div class="mt-4">
224
+ <div class="flex items-center justify-between mb-1">
225
+ <span class="text-sm text-gray-600">Pattern matches</span>
226
+ <span class="font-medium">7</span>
227
+ </div>
228
+ <div class="w-full bg-gray-200 rounded-full h-1.5">
229
+ <div class="bg-blue-500 h-1.5 rounded-full" style="width: 45%"></div>
230
+ </div>
231
+ </div>
232
+ </div>
233
+ </div>
234
+ </div>
235
+
236
+ <!-- Code Review Section -->
237
+ <div class="bg-white rounded-xl shadow-sm p-6 mb-6">
238
+ <div class="flex items-center justify-between mb-4">
239
+ <h3 class="text-lg font-semibold text-gray-800">Inline Comments</h3>
240
+ <div class="flex items-center space-x-2">
241
+ <select class="bg-gray-100 border-0 text-gray-700 rounded-lg px-3 py-2 text-sm focus:ring-indigo-500 focus:border-indigo-500">
242
+ <option>All Tools</option>
243
+ <option>Pylint</option>
244
+ <option>Bandit</option>
245
+ <option>Semgrep</option>
246
+ </select>
247
+ <select class="bg-gray-100 border-0 text-gray-700 rounded-lg px-3 py-2 text-sm focus:ring-indigo-500 focus:border-indigo-500">
248
+ <option>All Severity</option>
249
+ <option>Critical</option>
250
+ <option>High</option>
251
+ <option>Medium</option>
252
+ <option>Low</option>
253
+ </select>
254
+ </div>
255
+ </div>
256
+
257
+ <!-- Comment cards -->
258
+ <div class="space-y-4">
259
+ <!-- Critical issue -->
260
+ <div class="p-4 bg-red-50 rounded-lg border-l-4 border-red-500">
261
+ <div class="flex items-start">
262
+ <div class="w-10 h-10 rounded-full bg-red-100 flex items-center justify-center flex-shrink-0">
263
+ <i class="fas fa-exclamation-triangle text-red-500"></i>
264
+ </div>
265
+ <div class="ml-3">
266
+ <div class="flex items-center">
267
+ <h4 class="font-medium text-gray-800">Hard-coded secret</h4>
268
+ <span class="ml-3 bg-red-500 text-white text-xs px-2 py-0.5 rounded-full">Critical</span>
269
+ </div>
270
+ <p class="text-gray-600 mt-1">Bandit identified a hard-coded API key in auth.py line 42</p>
271
+ <div class="mt-2 bg-white p-3 rounded-lg border border-gray-200">
272
+ <div class="flex items-start">
273
+ <span class="text-gray-500 font-mono text-sm mr-2">42:</span>
274
+ <pre class="text-gray-800 text-sm font-mono overflow-x-auto">api_key = "sk_live_1234567890abcdef" # <span class="highlight text-red-500">Consider using environment variables instead</span></pre>
275
+ </div>
276
+ </div>
277
+ <div class="mt-3 text-sm flex items-center">
278
+ <span class="text-gray-500"><i class="fas fa-file-alt mr-1"></i> auth.py • Bandit (B105)</span>
279
+ <button class="ml-3 text-indigo-600 hover:text-indigo-800">
280
+ <i class="fas fa-reply mr-1"></i> Resolve
281
+ </button>
282
+ </div>
283
+ </div>
284
+ </div>
285
+ </div>
286
+
287
+ <!-- High severity issue -->
288
+ <div class="p-4 bg-orange-50 rounded-lg border-l-4 border-orange-500">
289
+ <div class="flex items-start">
290
+ <div class="w-10 h-10 rounded-full bg-orange-100 flex items-center justify-center flex-shrink-0">
291
+ <i class="fas fa-shield-alt text-orange-500"></i>
292
+ </div>
293
+ <div class="ml-3">
294
+ <div class="flex items-center">
295
+ <h4 class="font-medium text-gray-800">SQL injection risk</h4>
296
+ <span class="ml-3 bg-orange-500 text-white text-xs px-2 py-0.5 rounded-full">High</span>
297
+ </div>
298
+ <p class="text-gray-600 mt-1">Semgrep detected potential SQL injection in db_utils.py line 15</p>
299
+ <div class="mt-2 bg-white p-3 rounded-lg border border-gray-200">
300
+ <div class="flex items-start">
301
+ <span class="text-gray-500 font-mono text-sm mr-2">15:</span>
302
+ <pre class="text-gray-800 text-sm font-mono">query = f"SELECT * FROM users WHERE username = {user_input}" # <span class="highlight text-red-500">Use parameterized queries</span></pre>
303
+ </div>
304
+ </div>
305
+ <div class="mt-3">
306
+ <button class="text-sm bg-indigo-600 hover:bg-indigo-700 text-white px-3 py-1 rounded-full mr-2">
307
+ <i class="fas fa-lightbulb mr-1"></i> Show fix
308
+ </button>
309
+ </div>
310
+ <div class="mt-2 text-sm">
311
+ <span class="text-gray-500"><i class="fas fa-file-alt mr-1"></i> db_utils.py • Semgrep (python.sqlalchemy.security.sql-injection)</span>
312
+ </div>
313
+ </div>
314
+ </div>
315
+ </div>
316
+
317
+ <!-- Medium severity issue -->
318
+ <div class="p-4 bg-yellow-50 rounded-lg border-l-4 border-yellow-500">
319
+ <div class="flex items-start">
320
+ <div class="w-10 h-10 rounded-full bg-yellow-100 flex items-center justify-center flex-shrink-0">
321
+ <i class="fas fa-comment-dots text-yellow-500"></i>
322
+ </div>
323
+ <div class="ml-3">
324
+ <div class="flex items-center">
325
+ <h4 class="font-medium text-gray-800">Missing type hints</h4>
326
+ <span class="ml-3 bg-yellow-500 text-white text-xs px-2 py-0.5 rounded-full">Medium</span>
327
+ </div>
328
+ <p class="text-gray-600 mt-1">Pylint suggests adding type annotations to improve code clarity (utils.py)</p>
329
+ <div class="mt-2 bg-white p-3 rounded-lg border border-gray-200">
330
+ <div class="flex items-start">
331
+ <span class="text-gray-500 font-mono text-sm mr-2">32:</span>
332
+ <pre class="text-gray-800 text-sm font-mono">def process_data(data): # <span class="highlight text-yellow-700">Consider adding type hints here</span>
333
+ return data.upper()</pre>
334
+ </div>
335
+ </div>
336
+ <div class="mt-3 text-sm flex items-center space-x-3">
337
+ <button class="text-indigo-600 hover:text-indigo-800">
338
+ <i class="far fa-thumbs-up mr-1"></i> Will fix
339
+ </button>
340
+ <button class="text-indigo-600 hover:text-indigo-800">
341
+ <i class="far fa-comment mr-1"></i> Discuss
342
+ </button>
343
+ <button class="text-indigo-600 hover:text-indigo-800">
344
+ <i class="far fa-flag mr-1"></i> Flag
345
+ </button>
346
+ </div>
347
+ </div>
348
+ </div>
349
+ </div>
350
+
351
+ <!-- Low severity issue -->
352
+ <div class="p-4 bg-blue-50 rounded-lg border-l-4 border-blue-500">
353
+ <div class="flex items-start">
354
+ <div class="w-10 h-10 rounded-full bg-blue-100 flex items-center justify-center flex-shrink-0">
355
+ <i class="fas fa-info-circle text-blue-500"></i>
356
+ </div>
357
+ <div class="ml-3">
358
+ <div class="flex items-center">
359
+ <h4 class="font-medium text-gray-800">Unused import</h4>
360
+ <span class="ml-3 bg-blue-500 text-white text-xs px-2 py-0.5 rounded-full">Low</span>
361
+ </div>
362
+ <p class="text-gray-600 mt-1">Pylint found an unused import in middleware.py</p>
363
+ <div class="mt-2 bg-white p-3 rounded-lg border border-gray-200">
364
+ <div class="flex items-start">
365
+ <span class="text-gray-500 font-mono text-sm mr-2">3:</span>
366
+ <pre class="text-gray-800 text-sm font-mono">import hashlib # <span class="highlight text-blue-700">This import is unused</span>
367
+ import json</pre>
368
+ </div>
369
+ </div>
370
+ <div class="mt-3 text-sm flex items-center">
371
+ <button class="text-sm bg-indigo-600 hover:bg-indigo-700 text-white px-3 py-1 rounded-full">
372
+ <i class="fas fa-bolt mr-1"></i> Auto-fix
373
+ </button>
374
+ <button class="ml-3 text-gray-500 hover:text-gray-700">
375
+ <i class="fas fa-times mr-1"></i> Dismiss
376
+ </button>
377
+ </div>
378
+ </div>
379
+ </div>
380
+ </div>
381
+ </div>
382
+ </div>
383
+
384
+ <!-- Summary Card -->
385
+ <div class="bg-white rounded-xl shadow-sm p-6 mb-6">
386
+ <h3 class="text-lg font-semibold text-gray-800 mb-4">CodeWatcher's Summary</h3>
387
+ <div class="grid grid-cols-1 md:grid-cols-2 gap-6">
388
+ <div>
389
+ <div class="bg-indigo-50 rounded-lg p-4">
390
+ <h4 class="font-medium text-indigo-800 mb-2">General Feedback</h4>
391
+ <div class="text-gray-700 bot-message">
392
+ <p class="mb-2">👋 Hello there! I've reviewed your PR and overall, you're doing great work! Just a few constructive observations from my security mentor perspective:</p>
393
+ <ul class="list-disc pl-5 space-y-1">
394
+ <li>The auth middleware structure is well-designed, but we need to address a critical security issue with the hard-coded secret.</li>
395
+ <li>I notice you've implemented proper error handling in most places - that's excellent!</li>
396
+ <li>The SQL injection vulnerability in db_utils.py is a high-priority fix - let's collaborate on the solution.</li>
397
+ </ul>
398
+ </div>
399
+ </div>
400
+ </div>
401
+ <div>
402
+ <div class="bg-green-50 rounded-lg p-4">
403
+ <h4 class="font-medium text-green-800 mb-2">Security Score</h4>
404
+ <div class="flex items-center justify-between mb-3">
405
+ <span class="text-gray-700">Code Quality</span>
406
+ <span class="font-medium">72/100</span>
407
+ </div>
408
+ <div class="w-full bg-gray-200 rounded-full h-2 mb-4">
409
+ <div class="bg-green-500 h-2 rounded-full" style="width: 72%"></div>
410
+ </div>
411
+ <div class="flex items-center justify-between mb-3">
412
+ <span class="text-gray-700">Security</span>
413
+ <span class="font-medium">58/100</span>
414
+ </div>
415
+ <div class="w-full bg-gray-200 rounded-full h-2 mb-6">
416
+ <div class="bg-green-500 h-2 rounded-full" style="width: 58%"></div>
417
+ </div>
418
+ <p class="text-green-700 text-sm">
419
+ <i class="fas fa-lightbulb mr-1"></i> Addressing the critical and high severity issues could improve your security score significantly.
420
+ </p>
421
+ </div>
422
+ </div>
423
+ </div>
424
+ </div>
425
+
426
+ <!-- Action Buttons -->
427
+ <div class="flex justify-end space-x-4 mb-16">
428
+ <button class="border border-gray-300 bg-white hover:bg-gray-50 text-gray-700 px-6 py-2 rounded-lg">
429
+ Request Changes
430
+ </button>
431
+ <button class="bg-green-600 hover:bg-green-700 text-white px-6 py-2 rounded-lg">
432
+ Approve PR
433
+ </button>
434
+ </div>
435
+ </div>
436
+ </div>
437
+ </div>
438
+
439
+ <!-- Bottom mobile navigation (mobile only) -->
440
+ <div class="md:hidden fixed bottom-0 left-0 right-0 bg-white border-t border-gray-200 flex justify-around py-2">
441
+ <a href="#" class="text-indigo-600 p-2 flex flex-col items-center">
442
+ <i class="fas fa-home text-lg"></i>
443
+ <span class="text-xs mt-1">Home</span>
444
+ </a>
445
+ <a href="#" class="text-gray-500 p-2 flex flex-col items-center">
446
+ <i class="fas fa-list-check text-lg"></i>
447
+ <span class="text-xs mt-1">PRs</span>
448
+ </a>
449
+ <a href="#" class="text-gray-500 p-2 flex flex-col items-center">
450
+ <i class="fas fa-shield-virus text-lg"></i>
451
+ <span class="text-xs mt-1">Security</span>
452
+ </a>
453
+ <a href="#" class="text-gray-500 p-2 flex flex-col items-center">
454
+ <i class="fas fa-cog text-lg"></i>
455
+ <span class="text-xs mt-1">Settings</span>
456
+ </a>
457
+ </div>
458
+
459
+ <script>
460
+ // Mobile sidebar toggle
461
+ const sidebarToggle = document.getElementById('sidebarToggle');
462
+ const closeSidebar = document.getElementById('closeSidebar');
463
+ const mobileSidebar = document.getElementById('mobileSidebar');
464
+
465
+ sidebarToggle.addEventListener('click', () => {
466
+ mobileSidebar.classList.remove('-translate-x-full');
467
+ mobileSidebar.classList.add('translate-x-0');
468
+ });
469
+
470
+ closeSidebar.addEventListener('click', () => {
471
+ mobileSidebar.classList.remove('translate-x-0');
472
+ mobileSidebar.classList.add('-translate-x-full');
473
+ });
474
+
475
+ // Theme switcher (could be implemented)
476
+ // document.getElementById('themeToggle').addEventListener('click', () => {
477
+ // document.documentElement.classList.toggle('dark');
478
+ // });
479
+ </script>
480
+ <p style="border-radius: 8px; text-align: center; font-size: 12px; color: #fff; margin-top: 16px;position: fixed; left: 8px; bottom: 8px; z-index: 10; background: rgba(0, 0, 0, 0.8); padding: 4px 8px;">Made with <img src="https://enzostvs-deepsite.hf.space/logo.svg" alt="DeepSite Logo" style="width: 16px; height: 16px; vertical-align: middle;display:inline-block;margin-right:3px;filter:brightness(0) invert(1);"><a href="https://enzostvs-deepsite.hf.space" style="color: #fff;text-decoration: underline;" target="_blank" >DeepSite</a> - 🧬 <a href="https://enzostvs-deepsite.hf.space?remix=S-Dreamer/codewatcher" style="color: #fff;text-decoration: underline;" target="_blank" >Remix</a></p></body>
481
+ </html>
prompts.txt ADDED
@@ -0,0 +1 @@
 
 
1
+ Creating a GitHub Actions bot named CodeWatcher, inspired by Copal, that runs static analysis tools (pylint, bandit, semgrep), comments inline suggestions on pull requests (PRs), and adopts a mentor-like or red-team assistant tone is a solid idea for improving code quality and security in a supportive way. Below is a step-by-step guide to build this bot, ensuring actionable output aligned with offensive security workflows and real-world methodologies. CodeWatcher GitHub Actions Bot Overview CodeWatcher will: • Trigger on pull request events. • Run pylint (code style), bandit (security issues), and semgrep (advanced static analysis) on Python code. • Parse tool outputs and post inline comments on PRs with a mentor-like or red-team tone (e.g., constructive, slightly probing, encouraging critical thinking). • Use GitHub Actions to automate the workflow and the GitHub API to post comments.