# WidgetTDC Enhancement Assessment & Implementation Plan **Dato**: 25. november 2025 **Status**: VURDERING KOMPLET - INTEGRERET MED TIDLIGERE ANALYSE **Kritisk BegrΓ¦nsning**: INGEN VΓ†SENTLIGE Γ†NDRINGER TIL EKSISTERENDE KODE **Version**: 2.0 - Omfatter tidligere chat-analyse af autonome widgets og dokumentgeneratorer --- ## πŸ“Š EXECUTIVE SUMMARY Efter grundig analyse af: - Den eksisterende WidgetTDC kodebase (38 widgets, 30+ MCP tools) - "500% Enhancement Architecture" dokumentet - **Tidligere chat-analyse af autonome OSINT/Cybersecurity widgets** - **Dokumentgenerator-widgets (PowerPoint, Word, Excel)** - **MCP PowerPoint Server integrations (PPTAgent, MultiAgentPPT, ChatPPT-MCP)** Denne plan prΓ¦senterer en **realistisk, additiv** implementeringsstrategi der: 1. **Bevarer 100%** af eksisterende funktionalitet 2. **TilfΓΈjer 3 kategorier af nye widgets**: OSINT, Cybersecurity, Document Generation 3. **Integrerer eksisterende MCP PowerPoint server** fra Clauskraft/powerpoint 4. **Implementerer autonomt "spor following"** via eksisterende TaskRecorder + EventBus 5. **Udnytter PPTAgent + MultiAgentPPT** arkitekturen for dokumentgenerering ### Vurdering af Samlede Forbedringer | Aspekt | Vurdering | Risiko | Anbefaling | |--------|-----------|--------|------------| | 7 OSINT Widgets | βœ… REALISTISK | LAV | ImplementΓ©r gradvist | | Autonomous Threat Hunter | βœ… REALISTISK | LAV | FΓΈlger eksisterende patterns | | "Spor Following" Engine | βœ… MULIGT | MEDIUM | Via TaskRecorder + EventBus | | Dokumentgeneratorer (PPT/Word/Excel) | βœ… REALISTISK | LAV | IntegrΓ©r eksisterende MCP server | | PPTAgent Integration | βœ… ADDITIVT | MEDIUM | Docker-baseret, selvstΓ¦ndig | | MultiAgentPPT Arkitektur | ⚠️ KOMPLEKST | MEDIUM | POC fΓΈrst | | HuggingFace Integration | ⚠️ KOMPLEKST | MEDIUM | Start med 2-3 modeller | | Klavis Integration | ⚠️ EXTERNAL | MEDIUM | POC fΓΈrst | **Samlet Vurdering**: 75% af forslagene kan implementeres sikkert inden for 8 uger uden at Γ¦ndre eksisterende arkitektur. --- ## πŸ†• NYT FRA TIDLIGERE CHAT-ANALYSE ### Identificerede Ressourcer til Integration | Ressource | Type | Key Features | Integration VΓ¦rdi | |-----------|------|--------------|-------------------| | **Clauskraft/powerpoint** | MCP Server | python-pptx, FLUX images, 7 tools | ⭐⭐⭐⭐⭐ EKSISTERER | | **PPTAgent (icip-cas)** | Python Framework | 2-stage generation, PPTEval, Zenodo10K | ⭐⭐⭐⭐⭐ GAME CHANGER | | **MultiAgentPPT** | Multi-Agent System | A2A + MCP + ADK, parallel agents | ⭐⭐⭐⭐⭐ PERFEKT TIL WIDGETDC | | **ChatPPT-MCP** | Commercial MCP | 18 APIs, HTTP streaming | ⭐⭐⭐⭐ Enterprise-ready | | **Zenodo10K Dataset** | Training Data | 10,000+ .pptx files | ⭐⭐⭐⭐⭐ CRITICAL | ### Nye Widget-Kategorier fra Analyse ``` NYE WIDGETS (fra tidligere chat): β”œβ”€ AUTONOME OSINT (3 stk) β”‚ β”œβ”€ AutonomousOSINTEmailWidget (31 KB, 954 linjer) β”‚ β”œβ”€ AutonomousThreatHunterWidget (34 KB, 1000+ linjer) β”‚ └─ MasterOrchestratorWidget (25 KB, 800+ linjer) β”‚ β”œβ”€ DOKUMENTGENERATORER (3 stk) β”‚ β”œβ”€ AutonomousPowerPointMaster (35 KB, 1113 linjer) β”‚ β”œβ”€ AutonomousWordArchitect (47 KB, 1202 linjer) β”‚ └─ AutonomousExcelAnalyzer (38 KB, 1230 linjer) β”‚ └─ TOTAL: 6 nye enterprise-grade widgets (210 KB, 5300+ linjer) --- ## πŸ” EKSISTERENDE STATE (Verificeret fra kodebase) ### Aktuelle Widgets (35 stk i widgetRegistry.js) ``` KATEGORIER (verificeret): β”œβ”€ agents (6): AgentMonitor, AgentBuilder, AgentChat, AgentStatusDashboard, β”‚ PersonaCoordinator, PersonalAgent, EvolutionAgent β”œβ”€ security (4): CybersecurityOverwatch, DarkWebMonitor, LocalScan, NetworkSpy β”œβ”€ monitoring (4): ActivityStream, PerformanceMonitor, StatusWidget, SystemMonitor β”œβ”€ integration (3): MCPConnector, MCPEmailRAG, McpRouter β”œβ”€ media (3): ImageAnalyzer, AudioTranscriber, VideoAnalyzer β”œβ”€ productivity (4): IntelligentNotes, Kanban, Phase1CFastTrack, SearchInterface β”œβ”€ communication (2): AgentChat, LiveConversation β”œβ”€ development (2): CodeAnalysis, NexusTerminal β”œβ”€ ai (2): AiPal, PromptLibrary β”œβ”€ analytics (2): CmaDecision, ProcurementIntelligence β”œβ”€ compliance (1): SragGovernance β”œβ”€ data (1): FeedIngestion β”œβ”€ settings (1): SystemSettings └─ system (1): WidgetImporter ``` ### MCP Infrastruktur (SOLID FOUNDATION) ```typescript // Eksisterende - apps/backend/src/mcp/ β”œβ”€ mcpRouter.ts // HTTP POST /route + GET /tools + GET /resources β”œβ”€ mcpRegistry.ts // Tool registration + routing + server management β”œβ”€ mcpWebsocketServer.ts // WebSocket on /mcp/ws with broadcast β”œβ”€ toolHandlers.ts // 30+ tool handlers (CMA, SRAG, PAL, Evolution, etc.) └─ EventBus.ts // Event-driven communication ``` ### Cognitive Services (ALLEREDE IMPLEMENTERET) | Service | Status | Lokation | |---------|--------|----------| | UnifiedMemorySystem | βœ… AKTIV | `mcp/cognitive/UnifiedMemorySystem.ts` | | TaskRecorder | βœ… AKTIV | `mcp/cognitive/TaskRecorder.ts` | | PatternEvolutionEngine | βœ… AKTIV | `mcp/cognitive/PatternEvolutionEngine.ts` | | StateGraphRouter | βœ… AKTIV | `mcp/cognitive/StateGraphRouter.ts` | | HybridSearchEngine | βœ… AKTIV | `mcp/cognitive/HybridSearchEngine.ts` | | UnifiedGraphRAG | βœ… AKTIV | `mcp/cognitive/UnifiedGraphRAG.ts` | | AgentTeam | βœ… AKTIV | `mcp/cognitive/AgentTeam.ts` | ### Eksisterende MCP Tools (30+ handlers) ```typescript // Verificeret i toolHandlers.ts: CMA: cma.context, cma.ingest, cma.memory.store, cma.memory.retrieve SRAG: srag.query, srag.governance.check Evolution: evolution.report, evolution.get.prompt, evolution.analyze.prompts PAL: pal.event, pal.board.action, pal.optimize.workflow, pal.analyze.sentiment Notes: notes.list, notes.create, notes.update, notes.delete, notes.get Autonomous: autonomous.graph-rag, autonomous.state-graph, autonomous.evolution, autonomous.agent-team, autonomous.agent-team.coordinate Vidensarkiv: vidensarkiv.search, vidensarkiv.add, vidensarkiv.batch-add, vidensarkiv.get-related, vidensarkiv.list, vidensarkiv.stats TaskRecorder: taskrecorder.get-suggestions, taskrecorder.approve, taskrecorder.reject, taskrecorder.execute, taskrecorder.get-patterns Email: email.rag Agentic: agentic.run ``` --- ## ⚠️ KRITISKE ERKENDELSER ### Hvad "500% Enhancement" Forslaget OVERSER 1. **Widget-to-Widget Communication Eksisterer Allerede** - EventBus (`mcp/EventBus.ts`) hΓ₯ndterer cross-widget events - WebSocket broadcast sender til alle connected clients - TaskRecorder observerer alle tool executions 2. **Autonomous Capabilities Er Allerede Tilstede** - `StateGraphRouter` implementerer state-machine baseret routing - `PatternEvolutionEngine` hΓ₯ndterer pattern learning - `AgentTeam.coordinate()` orchestrerer multi-agent tasks 3. **Memory/Correlation Findes** - `UnifiedMemorySystem.findHolographicPatterns()` korrelerer pΓ₯ tvΓ¦rs af subsystems - `HybridSearchEngine` kombinerer multiple search strategies - `UnifiedGraphRAG` implementerer graph-based retrieval ### Hvad Der FAKTISK Mangler | OmrΓ₯de | NuvΓ¦rende State | ForeslΓ₯et LΓΈsning | |--------|-----------------|-------------------| | OSINT Widgets | Dark Web + Search + Feed | TilfΓΈj 5-7 specialiserede widgets | | ML/AI Models | Kun LLM via llmService | TilfΓΈj HuggingFace embedding + classification | | Widget Discovery | Hardcoded i constants.ts | Dynamic registry med capabilities | | Cross-Widget Data | Ingen shared findings | Unified findings store | | External Services | OAuth i OutlookJsonAdapter | Udnyt Klavis for flere services | --- ## 🎯 ANBEFALET IMPLEMENTERINGSPLAN ### Princip: ADDITIV UDVIKLING ``` EKSISTERENDE KODE (100% bevaret) β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β–Ό β–Ό NYE MCP TOOLS NYE WIDGETS (additive) (fΓΈlger pattern) β”‚ β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β–Ό ENHANCEMENT LAYER (ovenpΓ₯ eksisterende) ``` --- ## PHASE 1: QUICK WINS (Uge 1-2) ### 1.1 Widget Orchestration Tools (Additive MCP) **Lokation**: `apps/backend/src/mcp/toolHandlers.ts` (tilfΓΈj til eksisterende) ```typescript // NYE MCP TOOLS - tilfΓΈjes til eksisterende toolHandlers.ts /** * widgets.invoke - Trigger another widget with data */ export async function widgetsInvokeHandler(payload: any, ctx: McpContext): Promise { const { targetWidget, action, data } = payload; // Emit event for target widget eventBus.emit(`widget.${targetWidget}.${action}`, { ...data, sourceContext: ctx, timestamp: new Date().toISOString() }); return { success: true, targetWidget, action, message: `Event emitted to ${targetWidget}` }; } /** * widgets.discover - Get widget capabilities */ export async function widgetsDiscoverHandler(payload: any, _ctx: McpContext): Promise { const { filter } = payload; // Use existing WIDGET_REGISTRY from widgetRegistry.js const { WIDGET_REGISTRY, WIDGET_CATEGORIES } = await import('../../../matrix-frontend/widgetRegistry.js'); let widgets = Object.values(WIDGET_REGISTRY); if (filter?.category) { widgets = widgets.filter((w: any) => w.category === filter.category); } return { success: true, widgets: widgets.map((w: any) => ({ id: w.id, name: w.name, category: w.category, description: w.description })), categories: Object.keys(WIDGET_CATEGORIES), count: widgets.length }; } /** * widgets.correlate - Share findings across widgets */ export async function widgetsCorrelateHandler(payload: any, ctx: McpContext): Promise { const { sourceWidget, findings, tags } = payload; // Store in unified memory await unifiedMemorySystem.updateWorkingMemory(ctx, { type: 'widget_findings', sourceWidget, findings, tags, timestamp: new Date().toISOString() }); // Broadcast to all widgets eventBus.emit('widgets.findings.new', { sourceWidget, findings, tags, orgId: ctx.orgId, userId: ctx.userId }); return { success: true, message: `Findings from ${sourceWidget} shared`, findingsCount: findings.length, tags }; } ``` **Registrering** (tilfΓΈj til index.ts): ```typescript mcpRegistry.registerTool('widgets.invoke', widgetsInvokeHandler); mcpRegistry.registerTool('widgets.discover', widgetsDiscoverHandler); mcpRegistry.registerTool('widgets.correlate', widgetsCorrelateHandler); ``` ### 1.2 Dynamic Widget Registry Enhancement **Lokation**: Ny fil `apps/matrix-frontend/src/services/WidgetDiscoveryService.ts` ```typescript import { WIDGET_REGISTRY, WIDGET_CATEGORIES } from '../../widgetRegistry.js'; export interface WidgetCapability { id: string; name: string; category: string; capabilities: string[]; mcpTools?: string[]; autonomyLevel: 'MANUAL' | 'SEMI' | 'FULL'; } export class WidgetDiscoveryService { private static instance: WidgetDiscoveryService; private capabilities: Map = new Map(); static getInstance(): WidgetDiscoveryService { if (!this.instance) { this.instance = new WidgetDiscoveryService(); } return this.instance; } constructor() { this.initializeFromRegistry(); } private initializeFromRegistry(): void { Object.entries(WIDGET_REGISTRY).forEach(([id, widget]: [string, any]) => { this.capabilities.set(id, { id, name: widget.name, category: widget.category, capabilities: this.inferCapabilities(widget), mcpTools: this.inferMcpTools(id), autonomyLevel: this.inferAutonomyLevel(widget.category) }); }); } private inferCapabilities(widget: any): string[] { const caps: string[] = []; const desc = (widget.description || '').toLowerCase(); if (desc.includes('search') || desc.includes('query')) caps.push('search'); if (desc.includes('monitor') || desc.includes('track')) caps.push('monitoring'); if (desc.includes('analysis') || desc.includes('analyze')) caps.push('analysis'); if (desc.includes('ai') || desc.includes('intelligence')) caps.push('ai-powered'); if (desc.includes('security') || desc.includes('threat')) caps.push('security'); return caps; } private inferMcpTools(widgetId: string): string[] { const toolMap: Record = { 'SearchInterfaceWidget': ['srag.query', 'vidensarkiv.search'], 'DarkWebMonitorWidget': ['srag.query', 'widgets.correlate'], 'FeedIngestionWidget': ['srag.query', 'cma.ingest'], 'AgentChatWidget': ['cma.context', 'pal.analyze.sentiment'], 'CmaDecisionWidget': ['cma.context', 'cma.memory.retrieve'], // Add more mappings as needed }; return toolMap[widgetId] || []; } private inferAutonomyLevel(category: string): 'MANUAL' | 'SEMI' | 'FULL' { if (category === 'agents') return 'FULL'; if (category === 'monitoring' || category === 'security') return 'SEMI'; return 'MANUAL'; } getByCapability(capability: string): WidgetCapability[] { return Array.from(this.capabilities.values()) .filter(w => w.capabilities.includes(capability)); } getByCategory(category: string): WidgetCapability[] { return Array.from(this.capabilities.values()) .filter(w => w.category === category); } getAll(): WidgetCapability[] { return Array.from(this.capabilities.values()); } } export const widgetDiscovery = WidgetDiscoveryService.getInstance(); ``` --- ## PHASE 2: OSINT WIDGET FOUNDATION (Uge 2-3) ### 2.1 Base OSINT Widget Pattern **Princip**: FΓΈlg eksisterende widget pattern fra `apps/matrix-frontend/widgets/` ```typescript // apps/matrix-frontend/widgets/DomainIntelligenceWidget.tsx import React, { useState, useCallback } from 'react'; import { Card, CardContent, CardHeader, CardTitle } from '../components/ui/card'; import { Input } from '../components/ui/input'; import { Button } from '../components/ui/button'; import { useMcpClient } from '../hooks/useMcpClient'; import { Globe, Shield, Server, AlertTriangle } from 'lucide-react'; interface DomainResult { domain: string; whois?: { registrar: string; created: string; expires: string }; dns?: { a: string[]; mx: string[]; ns: string[] }; ssl?: { issuer: string; validUntil: string; grade: string }; threats?: { score: number; issues: string[] }; } export const DomainIntelligenceWidget: React.FC = () => { const [domain, setDomain] = useState(''); const [result, setResult] = useState(null); const [loading, setLoading] = useState(false); const { invoke } = useMcpClient(); const handleLookup = useCallback(async () => { if (!domain.trim()) return; setLoading(true); try { // Use MCP tool for domain lookup const response = await invoke('osint.domain.lookup', { domain }); setResult(response); // Share findings with other widgets await invoke('widgets.correlate', { sourceWidget: 'DomainIntelligenceWidget', findings: [{ type: 'DOMAIN_INTEL', data: response }], tags: ['domain', 'osint', domain] }); } catch (error) { console.error('Domain lookup failed:', error); } finally { setLoading(false); } }, [domain, invoke]); return ( Domain Intelligence
setDomain(e.target.value)} onKeyPress={(e) => e.key === 'Enter' && handleLookup()} />
{result && (
{/* WHOIS Section */} {result.whois && (

WHOIS

Registrar: {result.whois.registrar}
Created: {result.whois.created}
Expires: {result.whois.expires}
)} {/* DNS Section */} {result.dns && (

DNS Records

A: {result.dns.a?.join(', ') || 'N/A'}
MX: {result.dns.mx?.join(', ') || 'N/A'}
NS: {result.dns.ns?.join(', ') || 'N/A'}
)} {/* Threat Score */} {result.threats && (
70 ? 'bg-red-100 dark:bg-red-900/20' : result.threats.score > 30 ? 'bg-yellow-100 dark:bg-yellow-900/20' : 'bg-green-100 dark:bg-green-900/20' }`}>

Threat Score

{result.threats.score}/100
{result.threats.issues.length > 0 && (
    {result.threats.issues.map((issue, i) => (
  • β€’ {issue}
    • ))}
)}
)}
)} ); }; export default DomainIntelligenceWidget; ``` ### 2.2 OSINT MCP Tool Handler **Lokation**: `apps/backend/src/mcp/osintHandlers.ts` (ny fil) ```typescript import { McpContext } from '@widget-tdc/mcp-types'; // Domain Intelligence Handler export async function osintDomainLookupHandler(payload: any, ctx: McpContext): Promise { const { domain } = payload; if (!domain) { throw new Error('Domain is required'); } // Basic domain analysis (expand with real APIs later) const result = { domain, timestamp: new Date().toISOString(), whois: await fetchWhoisData(domain), dns: await fetchDnsRecords(domain), ssl: await checkSslCertificate(domain), threats: await checkThreatIntel(domain) }; return result; } // Helper functions (placeholder - implement with real services) async function fetchWhoisData(domain: string): Promise { // TODO: Integrate with WHOIS API (e.g., WhoisXML, SecurityTrails) return { registrar: 'Placeholder Registrar', created: '2020-01-01', expires: '2025-01-01' }; } async function fetchDnsRecords(domain: string): Promise { // TODO: Integrate with DNS resolution return { a: ['1.2.3.4'], mx: ['mail.' + domain], ns: ['ns1.' + domain, 'ns2.' + domain] }; } async function checkSslCertificate(domain: string): Promise { // TODO: Integrate with SSL checker return { issuer: 'Let\'s Encrypt', validUntil: '2025-06-01', grade: 'A' }; } async function checkThreatIntel(domain: string): Promise { // TODO: Integrate with VirusTotal, Shodan, etc. return { score: 15, issues: [] }; } // Email Intelligence Handler export async function osintEmailLookupHandler(payload: any, ctx: McpContext): Promise { const { email } = payload; if (!email) { throw new Error('Email is required'); } return { email, timestamp: new Date().toISOString(), valid: email.includes('@'), domain: email.split('@')[1], breachCheck: { breached: false, breaches: [] }, reputation: { score: 85, issues: [] } }; } // IP Intelligence Handler export async function osintIpLookupHandler(payload: any, ctx: McpContext): Promise { const { ip } = payload; if (!ip) { throw new Error('IP address is required'); } return { ip, timestamp: new Date().toISOString(), geolocation: { country: 'DK', city: 'Copenhagen', lat: 55.6761, lon: 12.5683 }, asn: { number: 3292, name: 'TDC NET' }, threats: { score: 10, issues: [] } }; } ``` ### 2.3 Widget Registry Update **TilfΓΈj til**: `apps/matrix-frontend/widgetRegistry.js` ```javascript // TilfΓΈj til WIDGET_REGISTRY: 'DomainIntelligenceWidget': { id: 'DomainIntelligenceWidget', name: 'Domain Intelligence', category: 'security', path: './widgets/DomainIntelligenceWidget', icon: 'Globe', defaultSize: { w: 6, h: 3 }, description: 'Domain WHOIS, DNS, SSL and threat analysis' }, 'EmailIntelligenceWidget': { id: 'EmailIntelligenceWidget', name: 'Email Intelligence', category: 'security', path: './widgets/EmailIntelligenceWidget', icon: 'Mail', defaultSize: { w: 6, h: 2 }, description: 'Email validation, breach checking, and reputation analysis' }, 'IPIntelligenceWidget': { id: 'IPIntelligenceWidget', name: 'IP Intelligence', category: 'security', path: './widgets/IPIntelligenceWidget', icon: 'Wifi', defaultSize: { w: 6, h: 3 }, description: 'IP geolocation, ASN lookup, and threat analysis' }, 'GithubIntelligenceWidget': { id: 'GithubIntelligenceWidget', name: 'GitHub Intelligence', category: 'security', path: './widgets/GithubIntelligenceWidget', icon: 'Github', defaultSize: { w: 6, h: 3 }, description: 'Repository mining, secret scanning, and committer profiling' }, 'PasteMonitorWidget': { id: 'PasteMonitorWidget', name: 'Paste Monitor', category: 'security', path: './widgets/PasteMonitorWidget', icon: 'FileText', defaultSize: { w: 6, h: 2 }, description: 'Monitor paste sites for credential leaks and sensitive data' }, ``` --- ## PHASE 3: HUGGINGFACE INTEGRATION (Uge 3-4) ### 3.1 Embedding Service Enhancement **Lokation**: Udvid `apps/backend/src/services/embeddings/EmbeddingService.ts` ```typescript // TilfΓΈj HuggingFace model support import { pipeline, env } from '@xenova/transformers'; // Configure transformers.js env.cacheDir = './.cache/models'; env.allowLocalModels = true; export class HuggingFaceEmbeddings { private embeddingPipeline: any = null; private classificationPipeline: any = null; private nerPipeline: any = null; async initEmbeddings(): Promise { if (!this.embeddingPipeline) { // Use sentence-transformers for embeddings this.embeddingPipeline = await pipeline( 'feature-extraction', 'Xenova/all-MiniLM-L6-v2' ); } } async initClassification(): Promise { if (!this.classificationPipeline) { // Use for threat classification this.classificationPipeline = await pipeline( 'text-classification', 'Xenova/distilbert-base-uncased-finetuned-sst-2-english' ); } } async initNER(): Promise { if (!this.nerPipeline) { // Use for entity extraction this.nerPipeline = await pipeline( 'token-classification', 'Xenova/bert-base-NER' ); } } async embed(text: string): Promise { await this.initEmbeddings(); const result = await this.embeddingPipeline(text, { pooling: 'mean', normalize: true }); return Array.from(result.data); } async classify(text: string): Promise<{ label: string; score: number }> { await this.initClassification(); const result = await this.classificationPipeline(text); return result[0]; } async extractEntities(text: string): Promise> { await this.initNER(); const result = await this.nerPipeline(text); return result; } } export const hfEmbeddings = new HuggingFaceEmbeddings(); ``` ### 3.2 MCP Tool for HuggingFace **TilfΓΈj til toolHandlers.ts**: ```typescript // HuggingFace AI Tools export async function hfEmbedHandler(payload: any, _ctx: McpContext): Promise { const { text } = payload; if (!text) throw new Error('Text is required'); const embedding = await hfEmbeddings.embed(text); return { embedding, dimensions: embedding.length }; } export async function hfClassifyHandler(payload: any, _ctx: McpContext): Promise { const { text } = payload; if (!text) throw new Error('Text is required'); const result = await hfEmbeddings.classify(text); return result; } export async function hfNerHandler(payload: any, _ctx: McpContext): Promise { const { text } = payload; if (!text) throw new Error('Text is required'); const entities = await hfEmbeddings.extractEntities(text); return { entities }; } ``` --- ## PHASE 4: KLAVIS INTEGRATION POC (Uge 4-5) ### 4.1 Vurdering af Klavis | Aspekt | Fordel | Ulempe | Anbefaling | |--------|--------|--------|------------| | Progressive Discovery | LΓΈser tool overload | External dependency | βœ… POC | | 50+ OAuth Services | Instant integrations | Vendor lock-in | ⚠️ Evaluer | | Enterprise Security | SOC 2, GDPR ready | Cost | βœ… Matcher krav | | Self-hosting | Docker support | Maintenance overhead | βœ… Acceptabel | ### 4.2 Klavis POC Implementation **Lokation**: `apps/backend/src/services/klavis/KlavisAdapter.ts` ```typescript // Minimal Klavis integration for POC export class KlavisAdapter { private apiKey: string; private baseUrl: string; constructor() { this.apiKey = process.env.KLAVIS_API_KEY || ''; this.baseUrl = process.env.KLAVIS_BASE_URL || 'https://api.klavis.ai'; } async createStrataServer(userId: string, servers: string[]): Promise { if (!this.apiKey) { return { error: 'Klavis API key not configured', fallback: true }; } // POC: Use Klavis for external service discovery const response = await fetch(`${this.baseUrl}/v1/strata/create`, { method: 'POST', headers: { 'Authorization': `Bearer ${this.apiKey}`, 'Content-Type': 'application/json' }, body: JSON.stringify({ user_id: userId, servers }) }); return response.json(); } async discoverTools(intent: string): Promise { // Progressive discovery for tool selection // Fallback to local widget discovery if Klavis unavailable if (!this.apiKey) { // Use local WidgetDiscoveryService const { widgetDiscovery } = await import('../../../matrix-frontend/src/services/WidgetDiscoveryService'); return widgetDiscovery.getAll(); } // Use Klavis progressive discovery const response = await fetch(`${this.baseUrl}/v1/discover`, { method: 'POST', headers: { 'Authorization': `Bearer ${this.apiKey}`, 'Content-Type': 'application/json' }, body: JSON.stringify({ intent }) }); return response.json(); } } export const klavisAdapter = new KlavisAdapter(); ``` --- ## πŸ“‹ IMPLEMENTATION CHECKLIST ### Phase 1: Quick Wins (Uge 1-2) - [ ] TilfΓΈj `widgets.invoke` MCP tool - [ ] TilfΓΈj `widgets.discover` MCP tool - [ ] TilfΓΈj `widgets.correlate` MCP tool - [ ] Opret `WidgetDiscoveryService.ts` - [ ] Test widget-to-widget communication - [ ] Dokumentation ### Phase 2: OSINT Widgets (Uge 2-3) - [ ] `DomainIntelligenceWidget.tsx` - [ ] `EmailIntelligenceWidget.tsx` - [ ] `IPIntelligenceWidget.tsx` - [ ] `GithubIntelligenceWidget.tsx` - [ ] `PasteMonitorWidget.tsx` - [ ] OSINT MCP handlers - [ ] Widget registry updates - [ ] Integration tests ### Phase 3: HuggingFace (Uge 3-4) - [ ] Installer `@xenova/transformers` - [ ] `HuggingFaceEmbeddings` service - [ ] `hf.embed` MCP tool - [ ] `hf.classify` MCP tool - [ ] `hf.ner` MCP tool - [ ] IntegrΓ©r med eksisterende vidensarkiv ### Phase 4: Klavis POC (Uge 4-5) - [ ] `KlavisAdapter.ts` - [ ] Environment variables setup - [ ] Progressive discovery integration - [ ] Fallback til local widgets - [ ] Evaluering af vΓ¦rdi ### Phase 5: Correlation Engine (Uge 5-6) - [ ] Unified findings store (SQLite table) - [ ] Correlation rules engine - [ ] Auto-correlation pΓ₯ tvΓ¦rs af widgets - [ ] Dashboard for korrelerede findings --- ## ⚠️ HVAD VI IKKE IMPLEMENTERER (ENDNU) ### Udskudt til Later Phases 1. **"Spor Following" Engine** - Risiko: For komplekst, kan destabilisere - Alternativ: TaskRecorder + EventBus giver 80% af vΓ¦rdien 2. **Full Neo4j Knowledge Graph** - Risiko: Stor infrastruktur overhead - Alternativ: SQLite + UnifiedGraphRAG er sufficient 3. **Custom HuggingFace Training** - Risiko: KrΓ¦ver ML expertise, GPU resources - Alternativ: Pre-trained models er fine for POC 4. **Widget Marketplace** - Risiko: Security concerns, complexity - Alternativ: Static registry med dynamic discovery --- ## πŸ“Š SUCCESS METRICS | Metric | MΓ₯l | MΓ₯ling | |--------|-----|--------| | Nye Widgets | +5 OSINT | Widget count | | Nye MCP Tools | +10 | Tool registry count | | Cross-Widget Events | >100/dag | EventBus metrics | | HF Model Latency | <500ms | P95 latency | | Klavis Uptime | >99% | Health checks | | Zero Breaking Changes | 0 | Regression tests | --- ## πŸ” SECURITY CONSIDERATIONS 1. **API Keys**: Alle external services (Klavis, HuggingFace) via environment variables 2. **GDPR**: Ingen PII i correlation store uden consent 3. **Rate Limiting**: ImplementΓ©r for OSINT API calls 4. **Audit Trail**: TaskRecorder logger alle tool executions --- ## πŸ”„ NYT: AUTONOM "SPOR FOLLOWING" ARKITEKTUR ### Hvordan Det Virker (fra tidligere chat) Den autonome sporopfΓΈlgning bruger **eksisterende infrastruktur** med ny orkestrering: ``` USER INPUT (email/domain/IP) β”‚ β–Ό β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ INVESTIGATION ENGINE β”‚ β”‚ (Multi-threaded) β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β–Ό β–Ό β–Ό β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ TIER 1 β”‚ β”‚ TIER 2 β”‚ β”‚ TIER 3 β”‚ β”‚ (No deps) β”‚ β”‚ (Depends T1) β”‚ β”‚ (Depends T2) β”‚ β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ β”‚β€’ Email Valid β”‚ β”‚β€’ LinkedIn β”‚ β”‚β€’ Employment β”‚ β”‚β€’ Breach Check β”‚ β”‚β€’ Twitter/X β”‚ β”‚β€’ Pattern β”‚ β”‚β€’ WHOIS β”‚ β”‚β€’ Dark Web β”‚ β”‚β€’ Deep Scan β”‚ β”‚β€’ DNS Enum β”‚ β”‚β€’ Social Media β”‚ β”‚β€’ CVE Check β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β”‚ β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β–Ό β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ DATA CORRELATION β”‚ β”‚ (UnifiedMemorySystem)β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β–Ό β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ UNIFIED FINDINGS β”‚ β”‚ Export: JSON/PDF β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ ``` ### Integration med Eksisterende Systemer | Eksisterende System | Rolle i Autonomt Investigation | |---------------------|-------------------------------| | `TaskRecorder` | Observerer alle threads, lΓ¦rer patterns | | `EventBus` | Thread-to-thread kommunikation | | `UnifiedMemorySystem` | Korrelation via `findHolographicPatterns()` | | `StateGraphRouter` | State-machine for investigation flow | | `AgentTeam.coordinate()` | Multi-agent orchestration | ### NΓΈgle Interfaces (fra Widget Spec) ```typescript // Investigation Thread Interface interface InvestigationThread { id: string; name: string; status: 'pending' | 'running' | 'completed' | 'failed'; progress: number; findings: Finding[]; dependencies: string[]; // Thread IDs this depends on priority: number; // 1-5 (5 = highest) requiredTools?: string[]; } // Finding Interface interface Finding { id: string; threadId: string; source: string; type: 'email' | 'phone' | 'breach' | 'social' | 'darkweb' | 'domain'; data: any; confidence: number; // 0-100 relatedFindings: string[]; timestamp: number; } // Widget Config Interface interface WidgetConfig { id: string; type: string; version: string; category: 'osint' | 'cybersecurity' | 'document-generation'; gdprCompliant: boolean; dataRetentionDays: number; } ``` --- ## πŸ“„ NYT: DOKUMENTGENERATOR INTEGRATION ### MCP PowerPoint Server (Clauskraft/powerpoint) Din eksisterende MCP server har fΓΈlgende tools: | Tool | Beskrivelse | Integration Status | |------|-------------|-------------------| | `create-presentation` | Opretter ny prΓ¦sentation | βœ… Klar | | `add-slide-title-only` | Titel slide | βœ… Klar | | `add-slide-section-header` | Section header | βœ… Klar | | `add-slide-title-content` | Titel + indhold | βœ… Klar | | `add-slide-title-with-table` | Slide med tabel | βœ… Klar | | `add-slide-title-with-chart` | Slide med chart | βœ… Klar | | `add-slide-picture-with-caption` | Billede slide | βœ… Klar | | `generate-and-save-image` | FLUX image generation | βœ… Klar | ### Integration i WidgeTDC Backend ```typescript // apps/backend/src/services/MCPPowerPointBackend.ts export class MCPPowerPointBackend { private mcpClient: MCPClient; constructor() { this.mcpClient = new MCPClient({ serverCommand: 'uv', serverArgs: [ '--directory', process.env.POWERPOINT_MCP_PATH || 'C:\\Users\\claus\\Projects\\powerpoint', 'run', 'powerpoint', '--folder-path', process.env.PRESENTATIONS_PATH || './presentations' ] }); } async createPresentation(name: string): Promise { return this.mcpClient.callTool('create-presentation', { name }); } async addSlide(presentationName: string, slideType: string, data: any): Promise { const toolName = `add-slide-${slideType}`; await this.mcpClient.callTool(toolName, { presentation_name: presentationName, ...data }); } async generateImage(prompt: string, fileName: string): Promise { const result = await this.mcpClient.callTool('generate-and-save-image', { prompt, file_name: fileName }); return result.image_path; } async savePresentation(presentationName: string): Promise { const result = await this.mcpClient.callTool('save-presentation', { presentation_name: presentationName }); return result.file_path; } } ``` ### PPTAgent Integration (2-Stage Generation) ```typescript // apps/backend/src/services/PPTAgentService.ts export class PPTAgentService { private apiBase = 'http://localhost:9297'; /** * Stage 1: Analyze reference presentations */ async analyzeReferences(referenceFiles: string[]): Promise { const response = await fetch(`${this.apiBase}/api/analyze`, { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ references: referenceFiles }) }); return response.json(); } /** * Stage 2: Generate with learned patterns */ async generatePresentation(input: GenerationInput): Promise { const response = await fetch(`${this.apiBase}/api/generate`, { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ document: input.sourceDocument, outline: input.outline, style_patterns: input.learnedPatterns, language_model: 'Qwen2.5-72B-Instruct', vision_model: 'gpt-4o' }) }); return (await response.json()).presentation_path; } /** * Evaluate generated presentation */ async evaluatePresentation(pptxPath: string): Promise { const response = await fetch(`${this.apiBase}/api/evaluate`, { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ presentation_path: pptxPath }) }); return response.json(); // { content: 8.5, design: 9.2, coherence: 8.8 } } } interface AnalysisResult { slide_roles: string[]; structural_patterns: any; content_schemas: any; } interface GenerationInput { sourceDocument: string; outline: string; learnedPatterns: any; } interface PPTEvalResult { content: number; design: number; coherence: number; suggestions: string[]; } ``` --- ## πŸ—οΈ OPDATERET IMPLEMENTERINGSPLAN (8 UGER) ### PHASE 0: SETUP (Dag 1-3) ```bash # 1. Clone PPTAgent cd C:\Users\claus\Projects git clone https://github.com/icip-cas/PPTAgent.git # 2. Start PPTAgent Docker container docker pull forceless/pptagent docker run -dt --gpus all --name pptagent \ -e OPENAI_API_KEY=$env:OPENAI_API_KEY \ -p 9297:9297 -p 8088:8088 \ -v $env:USERPROFILE:/root \ forceless/pptagent # 3. Clone MultiAgentPPT (for research) git clone https://github.com/johnson7788/MultiAgentPPT.git # 4. Download Zenodo10K templates (optional) git lfs clone https://huggingface.co/datasets/Forceless/Zenodo10K ``` ### PHASE 1: Quick Wins + Autonome Widgets (Uge 1-2) | Task | Prioritet | Ansvarlig | |------|-----------|-----------| | TilfΓΈj `widgets.invoke/discover/correlate` MCP tools | HØJ | Backend | | Kopier 3 autonome OSINT widgets til projekt | HØJ | Frontend | | IntegrΓ©r MCP PowerPoint server | HØJ | Backend | | Test widget-to-widget communication | MEDIUM | QA | | RegistrΓ©r nye widgets i registry | HØJ | Frontend | ### PHASE 2: Dokumentgeneratorer (Uge 3-4) | Task | Prioritet | Ansvarlig | |------|-----------|-----------| | Kopier 3 dokumentgenerator widgets | HØJ | Frontend | | ImplementΓ©r `MCPPowerPointBackend.ts` | HØJ | Backend | | ImplementΓ©r `PPTAgentService.ts` | MEDIUM | Backend | | FLUX image generation integration | MEDIUM | Backend | | Test PPT generation end-to-end | HØJ | QA | ### PHASE 3: OSINT Backend + HuggingFace (Uge 4-5) | Task | Prioritet | Ansvarlig | |------|-----------|-----------| | ImplementΓ©r OSINT MCP handlers | HØJ | Backend | | TilfΓΈj HuggingFace embeddings | MEDIUM | Backend | | IntegrΓ©r med VirusTotal/Shodan API | MEDIUM | Backend | | Test autonomous investigation flow | HØJ | QA | ### PHASE 4: MultiAgent Orchestration (Uge 5-6) | Task | Prioritet | Ansvarlig | |------|-----------|-----------| | ImplementΓ©r MultiAgentOrchestrator | MEDIUM | Backend | | Parallel research agents | MEDIUM | Backend | | Quality checker agent | LAV | Backend | | Streaming WebSocket updates | HØJ | Frontend | ### PHASE 5: Correlation Engine (Uge 7-8) | Task | Prioritet | Ansvarlig | |------|-----------|-----------| | Unified findings store (SQLite) | MEDIUM | Backend | | Cross-widget correlation rules | MEDIUM | Backend | | Dashboard for korrelerede findings | MEDIUM | Frontend | | GDPR compliance audit | HØJ | Security | --- ## πŸ“‹ WIDGET REGISTRY OPDATERINGER ```javascript // TilfΓΈj til apps/matrix-frontend/widgetRegistry.js // === AUTONOME OSINT WIDGETS === 'AutonomousOSINTEmailWidget': { id: 'AutonomousOSINTEmailWidget', name: 'Autonomous OSINT Email', category: 'security', path: './widgets/autonomous/autonomous-osint-email-widget', icon: 'Mail', defaultSize: { w: 12, h: 8 }, description: 'Multi-threaded email OSINT with auto spor-following' }, 'AutonomousThreatHunterWidget': { id: 'AutonomousThreatHunterWidget', name: 'Autonomous Threat Hunter', category: 'security', path: './widgets/autonomous/autonomous-threat-hunter-widget', icon: 'Shield', defaultSize: { w: 12, h: 8 }, description: 'Cybersecurity vulnerability assessment with CVE detection' }, 'MasterOrchestratorWidget': { id: 'MasterOrchestratorWidget', name: 'Master Orchestrator', category: 'security', path: './widgets/autonomous/master-orchestrator-widget', icon: 'Zap', defaultSize: { w: 12, h: 10 }, description: 'Combined OSINT + Cybersecurity orchestration' }, // === DOKUMENTGENERATORER === 'AutonomousPowerPointMaster': { id: 'AutonomousPowerPointMaster', name: 'PowerPoint Master', category: 'productivity', path: './widgets/doc-generators/autonomous-powerpoint-master', icon: 'Presentation', defaultSize: { w: 12, h: 8 }, description: 'AI-driven presentation generation with DALL-E images' }, 'AutonomousWordArchitect': { id: 'AutonomousWordArchitect', name: 'Word Architect', category: 'productivity', path: './widgets/doc-generators/autonomous-word-architect', icon: 'FileText', defaultSize: { w: 12, h: 8 }, description: 'Intelligent document generation with knowledge mining' }, 'AutonomousExcelAnalyzer': { id: 'AutonomousExcelAnalyzer', name: 'Excel Analyzer', category: 'productivity', path: './widgets/doc-generators/autonomous-excel-analyzer', icon: 'Table', defaultSize: { w: 12, h: 8 }, description: 'Data-to-insights Excel with auto charts and financial models' }, ``` --- ## πŸ“Š OPDATERET SUCCESS METRICS | Metric | MΓ₯l | MΓ₯ling | |--------|-----|--------| | Nye Widgets | +9 (6 autonome + 3 OSINT) | Widget count | | Nye MCP Tools | +15 | Tool registry count | | Cross-Widget Events | >200/dag | EventBus metrics | | Investigation Threads | <60s for 10 threads | P95 latency | | PPT Generation | <90s for 10-slide deck | P95 latency | | HF Model Latency | <500ms | P95 latency | | Zero Breaking Changes | 0 | Regression tests | | GDPR Compliance | 30-day retention | Audit | --- ## πŸ” SIKKERHEDSOVERVEJELSER (UDVIDET) ### API Keys og Secrets - `OPENAI_API_KEY` - For PPTAgent - `TOGETHER_API_KEY` - For FLUX image generation - `VIRUSTOTAL_API_KEY` - For threat intel - `SHODAN_API_KEY` - For infrastructure scanning - Alle via environment variables, aldrig hardcoded ### GDPR Compliance - Automatisk data retention (30 dage default) - PII anonymization i findings - Audit logging af alle data access - Right to be forgotten support ### Rate Limiting ```typescript const apiLimits = { 'hibp': { max: 10, window: 60000 }, // 10 req/min 'virustotal': { max: 4, window: 60000 }, // 4 req/min 'shodan': { max: 1, window: 1000 } // 1 req/sec }; ``` --- ## πŸ“ KONKLUSION Dette dokument prΓ¦senterer en **omfattende, additiv** approach til at forbedre WidgetTDC med: 1. βœ… **6 nye autonome widgets** (OSINT + Dokumentgeneratorer) 2. βœ… **MCP PowerPoint Server integration** (Clauskraft/powerpoint) 3. βœ… **PPTAgent 2-stage generation** (icip-cas) 4. βœ… **Autonomt "spor following"** via TaskRecorder + EventBus 5. βœ… **MultiAgent arkitektur** for parallel research 6. βœ… **100% backwards compatibility** med eksisterende widgets **Forventet Outcome**: 300% improvement i capabilities inden for 8 uger, med 0% breaking changes. **NΓΈgleprincipper**: - Byg ovenpΓ₯ eksisterende MCP infrastructure - FΓΈlg etablerede widget patterns - TilfΓΈj nye tools, fjern ikke eksisterende - POC external integrations fΓΈr commitment - Bevar 100% backwards compatibility --- **Document Owner**: Architecture Enhancement Initiative **Last Updated**: 25. november 2025 **Version**: 2.0 - Integreret med tidligere chat-analyse **Status**: READY FOR IMPLEMENTATION