Initial import – clean copy (no history)

Author: john-walkoe

.env.example

@@ -0,0 +1,27 @@
+# USPTO API Key (required)
+# Get your key at: https://developer.uspto.gov/api-catalog
+USPTO_API_KEY=your_uspto_api_key_here
+
+# Mistral API Key (required for OCR document content extraction)
+# Get your key at: https://console.mistral.ai/
+MISTRAL_API_KEY=your_mistral_api_key_here
+
+# Proxy Configuration
+# Local proxy port (PTAB proxy runs on this port)
+PTAB_PROXY_PORT=8083
+PROXY_PORT=8083
+
+# Centralized proxy port (set to "none" for standalone mode)
+# When using PFW centralized proxy, set to 8080
+CENTRALIZED_PROXY_PORT=none
+
+# Internal authentication secret (shared across PFW/FPD/PTAB/Citations MCPs)
+# Generate with: python -c "import secrets; print(secrets.token_urlsafe(32))"
+INTERNAL_AUTH_SECRET=your_shared_secret_here
+
+# Enable always-on proxy (start proxy server automatically on MCP startup)
+ENABLE_ALWAYS_ON_PROXY=true
+
+# Logging configuration
+LOG_LEVEL=INFO
+STRUCTURED_LOGGING=true

.gitignore

@@ -0,0 +1,140 @@
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# Virtual environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# OS
+.DS_Store
+.DS_Store?
+._*
+.Spotlight-V100
+.Trashes
+ehthumbs.db
+Thumbs.db
+
+# API Keys and Secrets (IMPORTANT!)
+*api_key*
+*API_KEY*
+# Exception for API key management scripts (no actual keys)
+!*manage_api_keys*
+# Exception for API key documentation (no actual keys)
+!API_KEY_GUIDE.md
+*.key
+secrets.json
+.env.local
+.env.production
+.env.*
+# Exception for .env.example (template file, no actual keys)
+!.env.example
+
+# Local Claude Desktop configs with real API keys
+claude_desktop_config_local.json
+config_with_keys.json
+
+# Test files with API keys
+test_with_real_keys.py
+
+# Backup files that might contain sensitive data
+*_backup.json
+*_backup.txt
+api_key_backup.txt
+
+# Logs that might contain API keys
+*.log
+logs/
+
+# Temporary files
+*.tmp
+*.temp
+.cache/
+*_clean_temp.py
+*_backup_*.py
+tmpclaude-*
+
+# Claude Code integration
+.claude/
+.mcp.json
+
+# Additional security patterns
+*local*.json
+*_with_keys*
+*_secrets*
+config_real.json
+
+# Project specific files to exclude (per user request)
+patent-data-schema.json
+CLAUDE.md
+
+# Session history and planning documents
+Claude_Documents/
+
+# Test artifacts and archives
+tests/archive/
+test_download.pdf
+
+# Debug and development scripts output
+scripts/debug/__pycache__/
+scripts/__pycache__/
+
+# Runtime generated databases and encryption keys
+proxy_link_cache.db
+.proxy_encryption_key
+*.db-journal
+*.db-wal
+fpd_documents.db
+test_fpd_documents.db
+ptab_documents.db
+test_ptab_documents.db
+
+# Audit reports (generated during development)
+audits/
+
+# Testing
+.tox/
+.coverage
+.coverage.*
+nosetests.xml
+coverage.xml
+*.cover
+.hypothesis/
+.pytest_cache/
+
+# Security
+.security/__pycache__/
+
+# uv lock file (can be regenerated)
+uv.lock

.pre-commit-config.yaml

@@ -0,0 +1,43 @@
+# Pre-commit hooks for PTAB MCP
+# Install: pip install pre-commit && pre-commit install
+# Run manually: pre-commit run --all-files
+
+repos:
+  - repo: https://github.com/Yelp/detect-secrets
+    rev: v1.5.0
+    hooks:
+      - id: detect-secrets
+        args:
+          - '--baseline'
+          - '.secrets.baseline'
+          - '--exclude-files'
+          - 'configs/.*\.json'
+          - '--exclude-files'
+          - '\.md$'
+          - '--exclude-files'
+          - 'package-lock\.json'
+        exclude: ^\.secrets\.baseline$
+
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.5.0
+    hooks:
+      - id: trailing-whitespace
+        exclude: ^\.secrets\.baseline$
+      - id: end-of-file-fixer
+        exclude: ^\.secrets\.baseline$
+      - id: check-yaml
+      - id: check-added-large-files
+        args: ['--maxkb=1000']
+      - id: check-json
+        exclude: ^configs/.*\.json$  # Allow placeholder keys in example configs
+      - id: check-merge-conflict
+      - id: detect-private-key
+
+  - repo: local
+    hooks:
+      - id: prompt-injection-check
+        name: Check for prompt injection patterns
+        entry: uv run python .security/check_prompt_injections.py
+        language: system
+        files: \.(py|txt|md|yml|yaml|json|js|ts|html|xml|csv)$
+        exclude: \.security/.*_detector\.py$

.prompt_injections.baseline

@@ -0,0 +1 @@
+{}

.secrets.baseline

@@ -0,0 +1,159 @@
+{
+  "version": "1.5.0",
+  "plugins_used": [
+    {
+      "name": "ArtifactoryDetector"
+    },
+    {
+      "name": "AWSKeyDetector"
+    },
+    {
+      "name": "AzureStorageKeyDetector"
+    },
+    {
+      "name": "Base64HighEntropyString",
+      "limit": 4.5
+    },
+    {
+      "name": "BasicAuthDetector"
+    },
+    {
+      "name": "CloudantDetector"
+    },
+    {
+      "name": "DiscordBotTokenDetector"
+    },
+    {
+      "name": "GitHubTokenDetector"
+    },
+    {
+      "name": "GitLabTokenDetector"
+    },
+    {
+      "name": "HexHighEntropyString",
+      "limit": 3.0
+    },
+    {
+      "name": "IbmCloudIamDetector"
+    },
+    {
+      "name": "IbmCosHmacDetector"
+    },
+    {
+      "name": "IPPublicDetector"
+    },
+    {
+      "name": "JwtTokenDetector"
+    },
+    {
+      "name": "KeywordDetector",
+      "keyword_exclude": ""
+    },
+    {
+      "name": "MailchimpDetector"
+    },
+    {
+      "name": "NpmDetector"
+    },
+    {
+      "name": "OpenAIDetector"
+    },
+    {
+      "name": "PrivateKeyDetector"
+    },
+    {
+      "name": "PypiTokenDetector"
+    },
+    {
+      "name": "SendGridDetector"
+    },
+    {
+      "name": "SlackDetector"
+    },
+    {
+      "name": "SoftlayerDetector"
+    },
+    {
+      "name": "SquareOAuthDetector"
+    },
+    {
+      "name": "StripeDetector"
+    },
+    {
+      "name": "TelegramBotTokenDetector"
+    },
+    {
+      "name": "TwilioKeyDetector"
+    }
+  ],
+  "filters_used": [
+    {
+      "path": "detect_secrets.filters.allowlist.is_line_allowlisted"
+    },
+    {
+      "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies",
+      "min_level": 2
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_indirect_reference"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_likely_id_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_lock_file"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_potential_uuid"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_sequential_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_swagger_file"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_templated_secret"
+    },
+    {
+      "path": "detect_secrets.filters.regex.should_exclude_file",
+      "pattern": [
+        "\\.secrets\\.baseline"
+      ]
+    }
+  ],
+  "results": {
+    "tests\\test_deployment.py": [
+      {
+        "type": "Base64 High Entropy String",
+        "filename": "tests\\test_deployment.py",
+        "hashed_secret": "e4b7bc9d337f4b83fbc9df8bb89a391a2546d1a3",
+        "is_verified": false,
+        "line_number": 39
+      }
+    ],
+    "tests\\test_proxy_integration.py": [
+      {
+        "type": "Secret Keyword",
+        "filename": "tests\\test_proxy_integration.py",
+        "hashed_secret": "3b979f2676df7070a7c8d6038463fa61759ee8fb",
+        "is_verified": false,
+        "line_number": 191
+      },
+      {
+        "type": "Secret Keyword",
+        "filename": "tests\\test_proxy_integration.py",
+        "hashed_secret": "00942f4668670f34c5943cf52c7ef3139fe2b8d6",
+        "is_verified": false,
+        "line_number": 210
+      }
+    ]
+  },
+  "generated_at": "2026-01-19T04:59:40Z"
+}