Add TOML versions of formulas (gt-xmyha)

Converted all .formula.json files to .formula.toml using bd formula convert. TOML provides better ergonomics: - Multi-line strings without \n escaping - Human-readable diffs - Comments allowed Original JSON files retained for backwards compatibility. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-25 21:59:43 -08:00
parent db5134175c
commit 60556534da
13 changed files with 1275 additions and 0 deletions
--- a/.beads/formulas/security-audit.formula.toml
+++ b/.beads/formulas/security-audit.formula.toml
@@ -0,0 +1,38 @@
+description = "Cross-cutting security concern. Applies security scanning before and after implementation steps."
+formula = "security-audit"
+type = "aspect"
+version = 1
+
+[[advice]]
+target = "implement"
+[advice.around]
+
+[[advice.around.after]]
+description = "Post-implementation security scan. Scan new code for vulnerabilities (SAST). Check for hardcoded secrets. Review for OWASP Top 10 issues."
+id = "{step.id}-security-postscan"
+title = "Security postscan for {step.id}"
+
+[[advice.around.before]]
+description = "Pre-implementation security check. Review for secrets/credentials in scope. Check dependencies for known vulnerabilities."
+id = "{step.id}-security-prescan"
+title = "Security prescan for {step.id}"
+
+[[advice]]
+target = "submit"
+[advice.around]
+
+[[advice.around.after]]
+description = "Post-submission security verification. Confirm no new vulnerabilities introduced."
+id = "{step.id}-security-postscan"
+title = "Security postscan for {step.id}"
+
+[[advice.around.before]]
+description = "Pre-submission security check. Final vulnerability scan before merge."
+id = "{step.id}-security-prescan"
+title = "Security prescan for {step.id}"
+
+[[pointcuts]]
+glob = "implement"
+
+[[pointcuts]]
+glob = "submit"