⚠️

重要前提

安装AI Skills的关键前提是：必须科学上网，且开启TUN模式，这一点至关重要，直接决定安装能否顺利完成，在此郑重提醒三遍：科学上网，科学上网，科学上网。查看完整安装教程 →

Geofeed Tuner：IP地理位置数据源优化工具，RFC 8805合规与最佳实践

geofeed-tuner by github/awesome-copilot

53 周安装量

27,000 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/github/awesome-copilot --skill geofeed-tuner

开发运维网络协议分析数据处理

🇨🇳中文介绍

Geofeed Tuner – 创建更优的 IP 地理位置数据源

此技能通过以下方式帮助您创建和改进 CSV 格式的 IP 地理位置数据源：

确保您的 CSV 格式正确且一致
检查是否符合 RFC 8805（行业标准）
应用从实际部署中总结出的最佳实践建议
为准确性、完整性和隐私性提供改进建议

何时使用此技能

当用户请求帮助创建、改进或发布 CSV 格式的 IP 地理位置数据源文件时，使用此技能。
用于调整和排查 CSV 地理位置数据源——捕获错误、提出改进建议，并确保在实际使用中的可用性，而不仅仅是符合 RFC 标准。
目标受众：
- 负责公共可路由 IP 地址空间的网络运营商、管理员和工程师
- 组织，如 ISP、移动运营商、云提供商、托管和主机托管公司、互联网交换运营商以及卫星互联网提供商
请勿将此技能用于私有或内部 IP 地址管理；它仅适用于公共可路由 IP 地址。

先决条件

需要 Python 3。

目录结构与文件管理

此技能在分发文件（只读）和工作文件（运行时生成）之间采用清晰的分离。

只读目录（请勿修改）

以下目录包含静态分发资源。请勿在这些目录中创建、修改或删除文件：

目录	用途

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

工作目录（生成的内容）

所有生成的文件、临时文件和输出文件都放在这些目录中：

目录	用途
`run/`	所有代理生成内容的工作目录
`run/data/`	从远程 URL 下载的 CSV 文件
`run/report/`	生成的 HTML 调整报告

切勿写入 assets/、references/ 或 scripts/ —— 这些是技能分发的一部分，必须保持不变。
所有下载的输入文件（来自远程 URL）必须保存到 ./run/data/。
所有生成的 HTML 报告必须保存到 ./run/report/。
所有生成的 Python 脚本必须保存到 ./run/。
run/ 目录可能在会话之间被清空；请勿在其中存储永久数据。
执行工作目录： 所有在 ./run/ 中生成的脚本必须以技能根目录（包含 SKILL.md 的目录）作为当前工作目录执行，以便像 assets/iso3166-1.json 和 ./run/data/report-data.json 这样的相对路径能够正确解析。在运行脚本之前，请勿 cd 进入 ./run/。

处理流程：顺序阶段执行

所有阶段必须按顺序执行，从阶段 1 到阶段 6。每个阶段都依赖于前一阶段的成功完成。例如，结构检查必须在质量分析运行之前完成。

各阶段总结如下。代理必须遵循每个阶段部分中概述的详细步骤。

阶段	名称	描述
1	理解标准	回顾 RFC 8805 对自发布 IP 地理位置数据源的关键要求
2	收集输入	从本地文件或远程 URL 收集 IP 子网数据
3	检查与建议	验证 CSV 结构、分析 IP 前缀并检查数据质量
4	调整数据查询	使用 Fastah 的 MCP 工具检索用于改进地理位置准确性的调整数据
5	生成调整报告	创建总结分析和建议的 HTML 报告
6	最终审查	验证报告数据的一致性和完整性

请勿跳过任何阶段。 每个阶段都提供了后续阶段所需的关键检查或数据转换。

在执行每个阶段之前，代理必须生成一个可见的待办事项清单。

出现在阶段的最开始
按顺序列出每个步骤
使用复选框格式
在步骤完成时实时更新

阶段 1：理解标准

RFC 8805 中此技能强制执行的关键要求总结如下。请将此摘要作为您的工作参考。 仅在处理边缘情况、模糊情况或用户提出此处未涵盖的标准问题时，才查阅完整的 RFC 8805 文本。

RFC 8805 关键要点

目的： 自发布的 IP 地理位置数据源允许网络运营商以简单的 CSV 格式发布其 IP 地址空间的权威位置数据，使地理位置提供商能够整合运营商提供的修正。

CSV 列顺序（第 2.1.1.1–2.1.1.5 节）：

列	字段	必需	备注
1	`ip_prefix`	是	CIDR 表示法；IPv4 或 IPv6；必须是网络地址
2	`alpha2code`	否	ISO 3166-1 alpha-2 国家代码；空或 "ZZ" = 请勿定位
3	`region`	否	ISO 3166-2 细分代码（例如 `US-CA`）
4	`city`	否	自由文本城市名称；无权威验证集
5	`postal_code`	否	已弃用 —— 必须留空或省略

文件可以包含以 # 开头的注释行（包括标题行，如果存在）。
标题行是可选的；如果存在且以 # 开头，则被视为注释。
文件必须使用 UTF-8 编码。
子网主机位不得设置（即 192.168.1.1/24 无效；应使用 192.168.1.0/24）。
仅适用于全局可路由单播地址 —— 不适用于私有、环回、链路本地或多播地址空间。

请勿定位： 如果条目的 alpha2code 为空或不区分大小写的 ZZ（无论 region/city 的值如何），则明确表示运营商不希望对该前缀应用地理位置定位。

邮政编码已弃用（第 2.1.1.5 节）： 第五列不得包含邮政编码或 ZIP 码。它们对于 IP 范围映射来说过于精细，并引发隐私担忧。

阶段 2：收集输入

如果用户尚未提供 IP 子网或范围列表（有时称为 inetnum 或 inet6num），请提示他们提供。接受的输入格式：
- 粘贴到聊天中的文本
- 本地 CSV 文件
- 指向 CSV 文件的远程 URL
如果输入是远程 URL：
- 在处理之前，尝试将 CSV 文件下载到 ./run/data/。
- 如果发生 HTTP 错误（4xx、5xx、超时或重定向循环），立即停止并向用户报告：数据源 URL 无法访问：HTTP {status_code}。请确认该 URL 是公开可访问的。
- 如果下载不完整或为空，请勿进入阶段 3。
如果输入是本地文件，则直接处理而无需下载。
编码检测和规范化：
1. 首先尝试以 UTF-8 读取文件。
2. 如果引发 UnicodeDecodeError，则尝试 utf-8-sig（带 BOM 的 UTF-8），然后是 latin-1。
3. 成功解码后，将工作副本重新编码并写为 UTF-8。
4. 如果没有编码成功，则停止并报告：无法解码输入文件。请将其保存为 UTF-8 格式后重试。

阶段 3：检查与建议

为此阶段生成一个脚本。
请勿将此阶段与其他阶段合并。
请勿预计算未来阶段的数据。
将输出存储为 JSON 文件，路径为：./run/data/report-data.json

以下 JSON 结构在阶段 3 期间是不可变的。阶段 4 稍后将在 Entries 中的每个对象上添加一个 TunedEntry 对象——这是唯一允许的模式扩展，并且发生在单独的阶段。

JSON 键直接映射到模板占位符，如 {{.CountryCode}}、{{.HasError}} 等。

{
  "InputFile": "",
  "Timestamp": 0,

  "TotalEntries": 0,
  "IpV4Entries": 0,
  "IpV6Entries": 0,
  "InvalidEntries": 0,

  "Errors": 0,
  "Warnings": 0,
  "OK": 0,
  "Suggestions": 0,

  "CityLevelAccuracy": 0,
  "RegionLevelAccuracy": 0,
  "CountryLevelAccuracy": 0,
  "DoNotGeolocate": 0,

  "Entries": [
    {
      "Line": 0,
      "IPPrefix": "",
      "CountryCode": "",
      "RegionCode": "",
      "City": "",

      "Status": "",
      "IPVersion": "",

      "Messages": [
        {
          "ID": "",
          "Type": "",
          "Text": "",
          "Checked": false
        }
      ],

      "HasError": false,
      "HasWarning": false,
      "HasSuggestion": false,
      "DoNotGeolocate": false,
      "GeocodingHint": "",
      "Tunable": false
    }
  ]
}

顶级元数据：

InputFile：原始输入源，可以是本地文件名或远程 URL。
Timestamp：执行调整时的 Unix 纪元毫秒数。
TotalEntries：处理的数据行总数（不包括注释行和空行）。
IpV4Entries：IPv4 子网条目的数量。
IpV6Entries：IPv6 子网条目的数量。
InvalidEntries：IP 前缀解析和 CSV 解析失败的条目数量。
Errors：Status 为 ERROR 的条目总数。
Warnings：Status 为 WARNING 的条目总数。
OK：Status 为 OK 的条目总数。
Suggestions：Status 为 SUGGESTION 的条目总数。
CityLevelAccuracy：City 非空的有效条目数量。
RegionLevelAccuracy：RegionCode 非空且 City 为空的条目数量。
CountryLevelAccuracy：CountryCode 非空、RegionCode 为空且 City 为空的条目数量。
DoNotGeolocate（元数据）：CountryCode、RegionCode 和 City 均为空的条目数量。

Entries：对象数组，每个数据行一个对象，包含以下每个条目的字段：
- Line：原始 CSV 中的 1 起始行号（包括注释和空行在内的所有行）。
- IPPrefix：CIDR 斜杠表示法中的规范化 IP 前缀。
- CountryCode：ISO 3166-1 alpha-2 国家代码，或空字符串。
- RegionCode：ISO 3166-2 区域代码（例如 US-CA），或空字符串。
- City：城市名称，或空字符串。
- Status：分配的最高严重性：ERROR > WARNING > SUGGESTION > OK。
- IPVersion：基于解析的 IP 前缀，为 "IPv4" 或 "IPv6"。
- Messages：消息对象数组，每个对象包含：
  - ID：来自下方验证规则参考表的字符串标识符（例如 "1101"、"3301"）。
  - Type：严重性类型："ERROR"、"WARNING" 或 "SUGGESTION"。
  - Text：人类可读的验证消息字符串。
  - Checked：如果验证规则可自动调整（参考表中 Tunable: true），则为，否则为。控制报告中复选框是还是。
- HasError：如果任何消息的 Type 为 "ERROR"，则为 true。
- HasWarning：如果任何消息的 Type 为 "WARNING"，则为 true。
- HasSuggestion：如果任何消息的 Type 为 "SUGGESTION"，则为 true。
- DoNotGeolocate（条目）：如果 CountryCode 为空或为 "ZZ"，则为 true——该条目是明确的请勿定位信号。
- GeocodingHint：在阶段 3 中始终为空字符串 ""。保留供将来使用。
- Tunable：如果条目中任何消息的 Checked: true，则为 true。计算为所有消息 Checked 值的逻辑或。此标志驱动报告中“调整”按钮的可见性。

向条目添加消息时，请使用此表中的 ID、Type、Text 和 Checked 值。

ID	类型	文本	Checked	条件参考
`1101`	`ERROR`	IP 前缀为空	`false`	IP 前缀分析：空
`1102`	`ERROR`	无效的 IP 前缀：无法解析为 IPv4 或 IPv6 网络	`false`	IP 前缀分析：语法无效
`1103`	`ERROR`	RFC 8805 数据源中不允许非公共 IP 范围	`false`	IP 前缀分析：非公共
`3101`	`SUGGESTION`	IPv4 前缀异常大，可能表示输入错误	`false`	IP 前缀分析：IPv4 < /22
`3102`	`SUGGESTION`	IPv6 前缀异常大，可能表示输入错误	`false`	IP 前缀分析：IPv6 < /64
`1201`	`ERROR`	无效的国家代码：不是有效的 ISO 3166-1 alpha-2 值	`true`	国家代码分析：无效
`1301`	`ERROR`	无效的区域格式；应为国家-细分（例如 US-CA）	`true`	区域代码分析：格式错误
`1302`	`ERROR`	无效的区域代码：不是有效的 ISO 3166-2 细分	`true`	区域代码分析：未知代码
`1303`	`ERROR`	区域代码与指定的国家代码不匹配	`true`	区域代码分析：不匹配
`1401`	`ERROR`	无效的城市名称：不允许使用占位符值	`false`	城市名称分析：占位符
`1402`	`ERROR`	无效的城市名称：检测到缩写或基于代码的值	`true`	城市名称分析：缩写
`2401`	`WARNING`	城市名称格式不一致；请考虑规范化该值	`true`	城市名称分析：格式
`1501`	`ERROR`	邮政编码已被 RFC 8805 弃用，出于隐私原因必须移除	`true`	邮政编码检查
`3301`	`SUGGESTION`	对于小领土，区域通常是不必要的；请考虑移除区域值	`true`	调整：小领土区域
`3402`	`SUGGESTION`	对于小领土，城市级别的粒度通常是不必要的；请考虑移除城市值	`true`	调整：小领土城市
`3303`	`SUGGESTION`	指定城市时建议提供区域代码；请从下拉列表中选择一个区域	`true`	调整：有城市但缺少区域
`3104`	`SUGGESTION`	请确认此子网是否被有意标记为请勿定位或缺少位置数据	`true`	调整：未指定的地理位置

当验证检查匹配时，使用参考表中的值向条目的 Messages 数组添加一条消息：

entry["Messages"].append({
    "ID": "1201",      # 来自表格
    "Type": "ERROR",   # 来自表格
    "Text": "Invalid country code: not a valid ISO 3166-1 alpha-2 value",  # 来自表格
    "Checked": True    # 来自表格 (True = 可调整)
})

填充条目的所有消息后，推导条目级别的标志：

entry["HasError"] = any(m["Type"] == "ERROR" for m in entry["Messages"])
entry["HasWarning"] = any(m["Type"] == "WARNING" for m in entry["Messages"])
entry["HasSuggestion"] = any(m["Type"] == "SUGGESTION" for m in entry["Messages"])
entry["Tunable"] = any(m["Checked"] for m in entry["Messages"])

准确性级别计数规则

准确性级别是互斥的。根据最细粒度的非空地理字段，将每个有效（非 ERROR、非无效）条目分配到恰好一个桶中：

条件	桶
`City` 非空	`CityLevelAccuracy`
`RegionCode` 非空且 `City` 为空	`RegionLevelAccuracy`
`CountryCode` 非空，`RegionCode` 和 `City` 为空	`CountryLevelAccuracy`
`DoNotGeolocate`（条目）为 `true`	`DoNotGeolocate`（元数据）

请勿将 HasError: true 的条目或 InvalidEntries 中的条目计入任何准确性桶。

重命名字段
添加或删除字段
更改数据类型
重新排序键
更改嵌套结构
包装对象
拆分为多个文件

如果某个值未知，请留空——切勿编造数据。

结构与格式检查

此阶段验证您的数据源格式是否正确且可解析。关键的结构性错误必须在调整器能够分析地理位置质量之前解决。

本小节定义了用于 IP 地理位置数据源的 CSV 格式输入文件的规则。目标是确保文件能够被可靠地解析并规范化为一致的内部表示。

CSV 结构检查
- 如果 pandas 可用，请使用它进行 CSV 解析。
- 否则，回退到 Python 内置的 csv 模块。
- 确保 CSV 包含恰好 4 或 5 个逻辑列。
- 允许注释行。
- 标题行可能存在也可能不存在。
- 如果不存在标题行，则假定隐式列顺序为：
```
ip_prefix, alpha2code, region, city, postal code (deprecated)
```
- 请参考示例输入文件：assets/example/01-user-input-rfc8805-feed.csv
CSV 清理和规范化
- 使用与以下操作等效的 Python 逻辑清理和规范化 CSV：
  - 仅选择前五列，丢弃第五列之后的任何列。
  - 使用 UTF-8 BOM 写入输出文件。
- 注释
  - 移除第一列以 # 开头的注释行。
  - 如果标题行以 # 开头，也会被移除。
  - 使用1 起始行号作为键，完整原始行作为值，创建注释映射。同时存储空行。
  - 将此映射存储在 JSON 文件中，路径为：./run/data/comments.json
  - 示例：{ "4": "# It's OK for small city states to leave state ISO2 code unspecified" }
注意事项
- 两种实现路径（pandas 和内置 csv）都必须使用 utf-8-sig 编码写入输出，以确保存在 UTF-8 BOM。

检查每个条目的 IPPrefix 字段是否存在且非空。
检查条目之间是否存在重复的 IPPrefix 值。
如果发现重复项，请停止技能并向用户报告消息：检测到重复的 IP 前缀：{ip_prefix_value} 出现在第 {line_numbers} 行
如果未发现重复项，则继续进行分析。
检查
- 每个子网必须使用 references/ 文件夹中的代码片段干净地解析为 IPv4 或 IPv6 网络。
- 子网必须规范化为 CIDR 斜杠表示法。
  - 单主机 IPv4 子网必须表示为 /32。
  - 单主机 IPv6 子网必须表示为 /128。
ERROR
- 将以下情况报告为 ERROR：
- 无效的子网语法
  - 消息 ID：1102
- 非公共地址空间
  - 适用于私有、环回、链路本地、多播或其他非公共的子网
    - 在 Python 中，使用 is_private 和相关地址属性检测非公共范围，如 ./references 中所示。
  - 消息 ID：1103
SUGGESTION
- 将以下情况报告为 SUGGESTION：
- 过大的 IPv6 子网
  - 前缀长度短于 /64
  - 消息 ID：3102
- 过大的 IPv4 子网
  - 前缀长度短于 /22
  - 消息 ID：3101

地理位置质量检查

分析地理位置数据的准确性和一致性：

国家代码
区域代码
城市名称
已弃用的字段

此阶段在结构检查通过后运行。

使用本地可用的数据表 ISO3166-1 进行检查。
- 包含 ISO 代码的国家和地区 JSON 数组
- 每个对象包括：
  - alpha_2：两位字母国家代码
  - name：简短国家名称
  - flag：旗帜表情符号
- 此文件代表 RFC 8805 CSV 中有效 CountryCode 值的超集。
将条目的 CountryCode（RFC 8805 第 2.1.1.2 节，列 alpha2code）与 alpha_2 属性进行比对。
示例代码可在 references/ 目录中找到。
如果在 assets/small-territories.json 中找到某个国家/地区，则在内部将该条目标记为小领土。此标志用于后续的检查和建议，但不存储在输出 JSON 中（它是临时的验证状态）。
注意： small-territories.json 包含一些历史/有争议的代码（AN、CS、XK），这些代码不存在于 iso3166-1.json 中。使用其中一个作为其 CountryCode 的条目将无法通过国家代码验证（ERROR），即使它作为小领土匹配。国家代码 ERROR 优先——请勿基于小领土标志抑制它。
ERROR
- 将以下情况报告为 ERROR：
- 无效的国家代码
  - 条件：CountryCode 存在但未在 alpha_2 集合中找到
  - 消息 ID：1201
SUGGESTION
- 将以下情况报告为 SUGGESTION：
- 子网未指定地理位置
  - 条件：子网的所有地理字段（CountryCode、RegionCode、City）均为空。
  - 操作：
    - 将条目的 DoNotGeolocate 设置为 true。
    - 将条目的 CountryCode 设置为 ZZ。
  - 消息 ID：3104

使用本地可用的数据表 ISO3166-2 进行检查。
- 包含 ISO 分配代码的国家细分 JSON 数组
- 每个对象包括：
  - code：以国家代码为前缀的细分代码（例如 US-CA）
  - name：简短的细分名称
- 此文件代表 RFC 8805 CSV 中有效 RegionCode 值的超集。
如果提供了 RegionCode 值（RFC 8805 第 2.1.1.3 节）：
- 检查格式是否匹配 {COUNTRY}-{SUBDIVISION}（例如 US-CA、AU-NSW）。
- 对照 code 属性（已带有国家代码前缀）检查该值。
小领土例外： 如果条目是小领土并且 RegionCode 值等于条目的 CountryCode（例如，新加坡的 SG 同时作为国家和区域），则将区域视为可接受的——跳过此条目的所有区域验证检查。小领土实际上是城邦，没有有意义的 ISO 3166-2 行政细分。
ERROR
- 将以下情况报告为 ERROR：
- 无效的区域格式
  - 条件：RegionCode 不匹配 {COUNTRY}-{SUBDIVISION} 并且小领土例外不适用
  - 消息 ID：1301
- 未知的区域代码
  - 条件：RegionCode 值未在 code 集合中找到并且小领土例外不适用
  - 消息 ID：1302
- 国家-区域不匹配
  - 条件：RegionCode 的国家部分与 CountryCode 不匹配

城市名称仅使用启发式检查进行验证。
目前没有权威数据集可用于验证城市名称。
ERROR
- 将以下情况报告为 ERROR：
- 占位符或无意义的值
  - 条件：占位符或无意义的值，包括但不限于：
    - undefined
    - Please select
    - null
    - N/A
    - TBD
    - unknown
  - 消息 ID：1401
- 截断的名称、缩写或机场代码
  - 条件：不代表有效城市名称的截断名称、缩写或机场代码：
    - LA
    - Frft
    - sin01
    - LHR
    - SIN
    - MAA
  - 消息 ID：1402
WARNING
- 将以下情况报告为 WARNING：
- 不一致的大小写或格式
  - 条件：可能降低数据质量的不一致大小写、间距或格式的城市名称，例如：
    - HongKong 与 Hong Kong
    - 混合大小写或意外的脚本使用
  - 消息 ID：2401

RFC 8805 第 2.1.1.5 节明确弃用邮政编码或 ZIP 码。
邮政编码可能代表非常小的人群，并且对于映射 IP 地址范围（本质上是统计性的）来说不被认为是隐私安全的。
ERROR
- 将以下情况报告为 ERROR：
- 存在邮政编码
  - 条件：邮政编码/ZIP 码字段中存在非空值。
  - 消息 ID：1501

此阶段应用超越 RFC 8805 的建议性推荐，这些推荐来自实际的地理数据源部署经验，旨在提高准确性和可用性。

SUGGESTION
- 将以下情况报告为 SUGGESTION：
- 为小领土指定了区域或城市
  - 条件：
    - 条目是小领土
    - RegionCode 非空或
    - City 非空。
  - 消息 ID：3301（针对区域），3402（针对城市）
- 指定城市时缺少区域代码
  - 条件：
    - City 非空
    - RegionCode 为空
    - 条目不是小领土
  - 消息 ID：3303

阶段 4：调整数据查询

使用 Fastah 的 rfc8805-row-place-search 工具查询所有 Entries。

仅为有效负载生成生成一个新的脚本（读取数据集并写入一个或多个有效负载 JSON 文件；请勿从此脚本调用 MCP）。
服务器每个请求只接受 1000 个条目，因此如果条目超过 1000 个，请拆分为多个请求。
代理必须读取生成的有效负载文件，从中构造请求，并将这些请求分批发送到 MCP 服务器，每批最多 1000 个条目。
MCP 失败时： 如果 MCP 服务器无法访问、返回错误或对任何批次没有返回结果，则记录警告并继续阶段 5。为所有受影响的条目设置 TunedEntry: {}。请勿阻止报告生成。明确通知用户：调整数据查询不可用；报告将仅显示验证结果。
建议仅供参考——切勿自动填充它们。

步骤 1：构建带去重的查询有效负载

从以下位置加载数据集：./run/data/report-data.json

读取 Entries 数组。每个条目将用于构建 MCP 查询有效负载。

通过去重相同的条目来减少服务器请求：

对于 Entries 中的每个条目，计算内容哈希（CountryCode + RegionCode + City 的哈希值）。
创建去重映射：{ contentHash -> { rowKey, payload, entryIndices: [] } }。rowKey 是发送到 MCP 服务器以匹配响应的 UUID。
如果条目的哈希已存在，则将其在 Entries 中的0 起始数组索引附加到该去重条目的 entryIndices 数组中。
如果哈希是新的，则生成一个 UUID (rowKey) 并创建一个新的去重条目。

构建请求批次：

从映射中提取唯一的去重条目，保持去重顺序。
构建最多 1000 个项目每个的请求批次。
对于每个批次，在内存中保留一个类似 [{ rowKey, payload, entryIndices }, ...] 的结构，以便通过 rowKey 将响应匹配回来。
写入 MCP 有效负载文件时，在每个有效负载对象中包含 rowKey 字段：

[
    {"rowKey": "550e8400-e29b-41d4-a716-446655440000", "countryCode":"CA","regionCode":"CA-ON","cityName":"Toronto"},
    {"rowKey": "6ba7b810-9dad-11d1-80b4-00c04fd430c8", "countryCode":"IN","regionCode":"IN-KA","cityName":"Bangalore"},
    {"rowKey": "6ba7b811-9dad-11d1-80b4-00c04fd430c8", "countryCode":"IN","regionCode":"IN-KA"}
]

读取响应时，将每个响应的 rowKey 字段与相应的去重条目匹配，以检索所有关联的 entryIndices。

将有效负载写入：./run/data/mcp-server-payload.json
写入有效负载后退出脚本。

步骤 2：调用 Fastah MCP 工具

Fastah MCP 服务器的示例 mcp.json 样式配置如下：

    "fastah-ip-geofeed": {
      "type": "http",
      "url": "https://mcp.fastah.ai/mcp"
    }

服务器：https://mcp.fastah.ai/mcp
工具及其模式：在第一次 tools/call 之前，代理必须发送一个 tools/list 请求来读取 rfc8805-row-place-search 的输入和输出模式。使用发现的模式作为字段名、类型和约束的权威来源。

以下仅为说明性示例；请始终遵循 tools/list 返回的模式：

[
    {"rowKey": "550e8400-...", "countryCode":"CA", ...},
    {"rowKey": "690e9301-...", "countryCode":"ZZ", ...}
]

打开 ./run/data/mcp-server-payload.json 并发送所有带有其 rowKey 的去重条目。
如果去重后条目超过 1000 个，请拆分为多个请求，每个请求 1000 个条目。
服务器将在每个响应中返回相同的 rowKey 字段，用于映射回来。
请勿使用本地数据。

步骤 3：将调整数据附加到条目

为附加调整数据生成一个新的脚本。
加载 ./run/data/report-data.json 和去重映射（从步骤 1 保存在内存中，或从有效负载文件重新推导）。
对于来自 MCP 服务器的每个响应：
- 从响应中提取 rowKey。
- 从去重映射中查找与该 rowKey 关联的 entryIndices 数组。
- 对于 entryIndices 中的每个索引，将最佳匹配附加到 Entries[index]。
当可用时，使用响应中的第一个（最佳）匹配。

如果受影响条目上不存在该字段，则创建该字段。将 MCP API 响应键重新映射到 Go 结构体字段名：

"TunedEntry": {
  "Name": "",
  "CountryCode": "",
  "RegionCode": "",
  "PlaceType": "",
  "H3Cells": [],
  "BoundingBox": []
}

🇺🇸English

Geofeed Tuner – Create Better IP Geolocation Feeds

This skill helps you create and improve IP geolocation feeds in CSV format by:

Ensuring your CSV is well-formed and consistent
Checking alignment with RFC 8805 (the industry standard)
Applying opinionated best practices learned from real-world deployments
Suggesting improvements for accuracy, completeness, and privacy

When to Use This Skill

Use this skill when a user asks for help creating, improving, or publishing an IP geolocation feed file in CSV format.
Use it to tune and troubleshoot CSV geolocation feeds — catching errors, suggesting improvements, and ensuring real-world usability beyond RFC compliance.
Intended audience:
- Network operators, administrators, and engineers responsible for publicly routable IP address space
- Organizations such as ISPs, mobile carriers, cloud providers, hosting and colocation companies, Internet Exchange operators, and satellite internet providers
Do not use this skill for private or internal IP address management; it applies only to publicly routable IP addresses.

Prerequisites

Python 3 is required.

Directory Structure and File Management

This skill uses a clear separation between distribution files (read-only) and working files (generated at runtime).

Read-Only Directories (Do Not Modify)

The following directories contain static distribution assets. Do not create, modify, or delete files in these directories:

Directory	Purpose
`assets/`	Static data files (ISO codes, examples)
`references/`	RFC specifications and code snippets for reference
`scripts/`	Executable code and HTML template files for reports

Working Directories (Generated Content)

All generated, temporary, and output files go in these directories:

Directory	Purpose
`run/`	Working directory for all agent-generated content
`run/data/`	Downloaded CSV files from remote URLs
`run/report/`	Generated HTML tuning reports

File Management Rules

Never write toassets/, references/, or scripts/ — these are part of the skill distribution and must remain unchanged.
All downloaded input files (from remote URLs) must be saved to ./run/data/.
All generated HTML reports must be saved to ./run/report/.
All generated Python scripts must be saved to ./run/.
The run/ directory may be cleared between sessions; do not store permanent data there.
Working directory for execution: All generated scripts in ./run/ must be executed with the skill root directory (the directory containing ) as the current working directory, so that relative paths like and resolve correctly. Do not into before running scripts.

Processing Pipeline: Sequential Phase Execution

All phases must be executed in order , from Phase 1 through Phase 6. Each phase depends on the successful completion of the previous phase. For example, structure checks must complete before quality analysis can run.

The phases are summarized below. The agent must follow the detailed steps outlined further in each phase section.

Phase	Name	Description
1	Understand the Standard	Review the key requirements of RFC 8805 for self-published IP geolocation feeds
2	Gather Input	Collect IP subnet data from local files or remote URLs
3	Checks & Suggestions	Validate CSV structure, analyze IP prefixes, and check data quality
4	Tuning Data Lookup	Use Fastah's MCP tool to retrieve tuning data for improving geolocation accuracy
5	Generate Tuning Report	Create an HTML report summarizing the analysis and suggestions
6	Final Review	Verify consistency and completeness of the report data

Do not skip phases. Each phase provides critical checks or data transformations required by subsequent stages.

Execution Plan Rules

Before executing each phase, the agent MUST generate a visible TODO checklist.

The plan MUST:

Appear at the very start of the phase
List every step in order
Use a checkbox format
Be updated live as steps complete

Phase 1: Understand the Standard

The key requirements from RFC 8805 that this skill enforces are summarized below. Use this summary as your working reference. Only consult the full RFC 8805 text for edge cases, ambiguous situations, or when the user asks a standards question not covered here.

RFC 8805 Key Facts

Purpose: A self-published IP geolocation feed lets network operators publish authoritative location data for their IP address space in a simple CSV format, allowing geolocation providers to incorporate operator-supplied corrections.

CSV Column Order (Sections 2.1.1.1–2.1.1.5):

Column	Field	Required	Notes
1	`ip_prefix`	Yes	CIDR notation; IPv4 or IPv6; must be a network address
2	`alpha2code`	No	ISO 3166-1 alpha-2 country code; empty or "ZZ" = do-not-geolocate
3	`region`	No	ISO 3166-2 subdivision code (e.g., `US-CA`)
4	`city`

Structural rules:

Files may contain comment lines beginning with # (including the header, if present).
A header row is optional; if present, it is treated as a comment if it starts with #.
Files must be encoded in UTF-8.
Subnet host bits must not be set (i.e., 192.168.1.1/24 is invalid; use 192.168.1.0/24).
Applies only to globally routable unicast addresses — not private, loopback, link-local, or multicast space.

Do-not-geolocate: An entry with an empty alpha2code or case-insensitive ZZ (irrespective of values of region/city) is an explicit signal that the operator does not want geolocation applied to that prefix.

Postal codes deprecated (Section 2.1.1.5): The fifth column must not contain postal or ZIP codes. They are too fine-grained for IP-range mapping and raise privacy concerns.

Phase 2: Gather Input

If the user has not already provided a list of IP subnets or ranges (sometimes referred to as inetnum or inet6num), prompt them to supply it. Accepted input formats:
- Text pasted into the chat
- A local CSV file
- A remote URL pointing to a CSV file
If the input is a remote URL :
- Attempt to download the CSV file to ./run/data/ before processing.
- On HTTP error (4xx, 5xx, timeout, or redirect loop), stop immediately and report to the user: Feed URL is not reachable: HTTP {status_code}. Please verify the URL is publicly accessible.
- Do not proceed to Phase 3 with an incomplete or empty download.
If the input is a local file , process it directly without downloading.
Encoding detection and normalization:
1. Attempt to read the file as UTF-8 first.
2. If a UnicodeDecodeError is raised, try (UTF-8 with BOM), then .

Phase 3: Checks & Suggestions

Execution Rules

Generate a script for this phase.
Do NOT combine this phase with others.
Do NOT precompute future-phase data.
Store the output as a JSON file at: ./run/data/report-data.json

Schema Definition

The JSON structure below is IMMUTABLE during Phase 3. Phase 4 will later add a TunedEntry object to each object in Entries — this is the only permitted schema extension and happens in a separate phase.

JSON keys map directly to template placeholders like {{.CountryCode}}, {{.HasError}}, etc.

{
  "InputFile": "",
  "Timestamp": 0,

  "TotalEntries": 0,
  "IpV4Entries": 0,
  "IpV6Entries": 0,
  "InvalidEntries": 0,

  "Errors": 0,
  "Warnings": 0,
  "OK": 0,
  "Suggestions": 0,

  "CityLevelAccuracy": 0,
  "RegionLevelAccuracy": 0,
  "CountryLevelAccuracy": 0,
  "DoNotGeolocate": 0,

  "Entries": [
    {
      "Line": 0,
      "IPPrefix": "",
      "CountryCode": "",
      "RegionCode": "",
      "City": "",

      "Status": "",
      "IPVersion": "",

      "Messages": [
        {
          "ID": "",
          "Type": "",
          "Text": "",
          "Checked": false
        }
      ],

      "HasError": false,
      "HasWarning": false,
      "HasSuggestion": false,
      "DoNotGeolocate": false,
      "GeocodingHint": "",
      "Tunable": false
    }
  ]
}

Field definitions:

Top-level metadata:

InputFile: The original input source, either a local filename or a remote URL.
Timestamp: Milliseconds since Unix epoch when the tuning was performed.
TotalEntries: Total number of data rows processed (excluding comment and blank lines).
IpV4Entries: Count of entries that are IPv4 subnets.
IpV6Entries: Count of entries that are IPv6 subnets.
InvalidEntries: Count of entries that failed IP prefix parsing and CSV parsing.
Errors: Total entries whose Status is ERROR.
Warnings: Total entries whose is .

Entry fields:

Entries: Array of objects, one per data row, with the following per-entry fields:
- Line: 1-based line number in the original CSV (counting all lines including comments and blanks).
- IPPrefix: The normalized IP prefix in CIDR slash notation.
- CountryCode: The ISO 3166-1 alpha-2 country code, or empty string.
- RegionCode: The ISO 3166-2 region code (e.g., US-CA), or empty string.
- City: The city name, or empty string.
- Status: Highest severity assigned: ERROR > > > .

Validation Rules Reference

When adding messages to an entry, use the ID, Type, Text, and Checked values from this table.

ID	Type	Text	Checked	Condition Reference
`1101`	`ERROR`	IP prefix is empty	`false`	IP Prefix Analysis: empty
`1102`	`ERROR`	Invalid IP prefix: unable to parse as IPv4 or IPv6 network	`false`	IP Prefix Analysis: invalid syntax

Populating Messages

When a validation check matches, add a message to the entry's Messages array using the values from the reference table:

entry["Messages"].append({
    "ID": "1201",      # From the table
    "Type": "ERROR",   # From the table
    "Text": "Invalid country code: not a valid ISO 3166-1 alpha-2 value",  # From the table
    "Checked": True    # From the table (True = tunable)
})

After populating all messages for an entry, derive the entry-level flags:

entry["HasError"] = any(m["Type"] == "ERROR" for m in entry["Messages"])
entry["HasWarning"] = any(m["Type"] == "WARNING" for m in entry["Messages"])
entry["HasSuggestion"] = any(m["Type"] == "SUGGESTION" for m in entry["Messages"])
entry["Tunable"] = any(m["Checked"] for m in entry["Messages"])

Accuracy Level Counting Rules

Accuracy levels are mutually exclusive. Assign each valid (non-ERROR, non-invalid) entry to exactly one bucket based on the most granular non-empty geo field:

Condition	Bucket
`City` is non-empty	`CityLevelAccuracy`
`RegionCode` non-empty AND `City` is empty	`RegionLevelAccuracy`
`CountryCode` non-empty, `RegionCode` and `City` empty	`CountryLevelAccuracy`

Do not count entries with HasError: true or entries in InvalidEntries in any accuracy bucket.

The agent MUST NOT:

Rename fields
Add or remove fields
Change data types
Reorder keys
Alter nesting
Wrap the object
Split into multiple files

If a value is unknown, leave it empty — never invent data.

Structure & Format Check

This phase verifies that your feed is well-formed and parseable. Critical structural errors must be resolved before the tuner can analyze geolocation quality.

CSV Structure

This subsection defines rules for CSV-formatted input files used for IP geolocation feeds. The goal is to ensure the file can be parsed reliably and normalized into a consistent internal representation.

CSV Structure Checks
- If pandas is available, use it for CSV parsing.
- Otherwise, fall back to Python's built-in csv module.
- Ensure the CSV contains exactly 4 or 5 logical columns.
- Comment lines are allowed.
- A header row may or may not be present.
- If no header row exists, assume the implicit column order:
```
ip_prefix, alpha2code, region, city, postal code (deprecated)
```
- Refer to the example input file: assets/example/01-user-input-rfc8805-feed.csv
CSV Cleansing and Normalization

IP Prefix Analysis

Check that the IPPrefix field is present and non-empty for each entry.
Check for duplicate IPPrefix values across entries.
If duplicates are found, stop the skill and report to the user with the message: Duplicate IP prefix detected: {ip_prefix_value} appears on lines {line_numbers}
If no duplicates are found, continue with the analysis.
Checks
- Each subnet must parse cleanly as either an IPv4 or IPv6 network using the code snippets in the references/ folder.
- Subnets must be normalized and displayed in CIDR slash notation.
  - Single-host IPv4 subnets must be represented as /32.
  - Single-host IPv6 subnets must be represented as /128.

Geolocation Quality Check

Analyze the accuracy and consistency of geolocation data:

Country codes
Region codes
City names
Deprecated fields

This phase runs after structural checks pass.

Country Code Analysis

Use the locally available data table ISO3166-1 for checking.
- JSON array of countries and territories with ISO codes
- Each object includes:
  - alpha_2: two-letter country code
  - name: short country name
  - flag: flag emoji
- This file represents the superset of validCountryCode values for an RFC 8805 CSV.
Check the entry's CountryCode (RFC 8805 Section 2.1.1.2, column alpha2code) against the alpha_2 attribute.

Region Code Analysis

Use the locally available data table ISO3166-2 for checking.
- JSON array of country subdivisions with ISO-assigned codes
- Each object includes:
  - code: subdivision code prefixed with country code (e.g., US-CA)
  - name: short subdivision name
- This file represents the superset of validRegionCode values for an RFC 8805 CSV.
If a RegionCode value is provided (RFC 8805 Section 2.1.1.3):
- Check that the format matches {COUNTRY}-{SUBDIVISION} (e.g., , ).

City Name Analysis

City names are validated using heuristic checks only.
There is currently no authoritative dataset available for validating city names.
ERROR
- Report the following conditions as ERROR :
- Placeholder or non-meaningful values
  - Condition: Placeholder or non-meaningful values including but not limited to:
    - undefined
    - Please select
    - null
    - N/A
    - TBD
    - unknown

Postal Code Check

RFC 8805 Section 2.1.1.5 explicitly deprecates postal or ZIP codes.
Postal codes can represent very small populations and are not considered privacy-safe for mapping IP address ranges, which are statistical in nature.
ERROR
- Report the following conditions as ERROR :
- Postal code present
  - Condition: A non-empty value is present in the postal/ZIP code field.
  - Message ID: 1501

Tuning & Recommendations

This phase applies opinionated recommendations beyond RFC 8805, learned from real-world geofeed deployments, that improve accuracy and usability.

SUGGESTION
- Report the following conditions as SUGGESTION :
- Region or city specified for small territory
  - Condition:
    - Entry is a small territory
    - RegionCode is non-empty OR
    - City is non-empty.
  - Message IDs: 3301 (for region), 3402 (for city)
- Missing region code when city is specified
  - Condition:
    - City is non-empty
    - RegionCode is empty

Phase 4: Tuning Data Lookup

Objective

Lookup all the Entries using Fastah's rfc8805-row-place-search tool.

Execution Rules

Generate a new script only for payload generation (read the dataset and write one or more payload JSON files; do not call MCP from this script).
Server only accepts 1000 entries per request, so if there are more than 1000 entries, split into multiple requests.
The agent must read the generated payload files, construct the requests from them, and send those requests to the MCP server in batches of at most 1000 entries each.
On MCP failure: If the MCP server is unreachable, returns an error, or returns no results for any batch, log a warning and continue to Phase 5. Set TunedEntry: {} for all affected entries. Do not block report generation. Notify the user clearly: Tuning data lookup unavailable; the report will show validation results only.
Suggestions are advisory only — never auto-populate them.

Step 1: Build Lookup Payload with Deduplication

Load the dataset from: ./run/data/report-data.json

Read the Entries array. Each entry will be used to build the MCP lookup payload.

Reduce server requests by deduplicating identical entries:

For each entry in Entries, compute a content hash (hash of CountryCode + RegionCode + City).
Create a deduplication map: { contentHash -> { rowKey, payload, entryIndices: [] } }. rowKey is a UUID that will be sent to the MCP server for matching responses.
If an entry's hash already exists, append its 0-based array index in Entries to that deduplication entry's entryIndices array.
If hash is new, generate a UUID (rowKey) and create a new deduplication entry.

Build request batches:

Extract unique deduplicated entries from the map, keeping them in deduplication order.
Build request batches of up to 1000 items each.
For each batch, keep an in-memory structure like [{ rowKey, payload, entryIndices }, ...] to match responses back by rowKey.
When writing the MCP payload file, include the rowKey field with each payload object:

[ {"rowKey": "550e8400-e29b-41d4-a716-446655440000", "countryCode":"CA","regionCode":"CA-ON","cityName":"Toronto"}, {"rowKey": "6ba7b810-9dad-11d1-80b4-00c04fd430c8", "countryCode":"IN","regionCode":"IN-KA","cityName":"Bangalore"}, {"rowKey": "6ba7b811-9dad-11d1-80b4-00c04fd430c8", "countryCode":"IN","regionCode":"IN-KA"} ]
When reading responses, match each response rowKey field to the corresponding deduplication entry to retrieve all associated entryIndices.

Rules:

Write payload to: ./run/data/mcp-server-payload.json
Exit the script after writing the payload.

Step 2: Invoke Fastah MCP Tool

An example mcp.json style configuration of Fastah MCP server is as follows:

"fastah-ip-geofeed": {
  "type": "http",
  "url": "https://mcp.fastah.ai/mcp"
}

Server: https://mcp.fastah.ai/mcp
Tool and its Schema: before the first tools/call, the agent MUST send a tools/list request to read the input and output schema for rfc8805-row-place-search. Use the discovered schema as the authoritative source for field names, types, and constraints.

The following is an illustrative example only; always defer to the schema returned by tools/list:

[
    {"rowKey": "550e8400-...", "countryCode":"CA", ...},
    {"rowKey": "690e9301-...", "countryCode":"ZZ", ...}
]

Step 3: Attach Tuned Data to Entries

Generate a new script for attaching tuned data.
Load both ./run/data/report-data.json and the deduplication map (held in memory from Step 1, or re-derived from the payload file).
For each response from the MCP server:
- Extract the rowKey from the response.
- Look up the entryIndices array associated with that rowKey from the deduplication map.
- For each index in entryIndices, attach the best match to Entries[index].
Use the first (best) match from the response when available.

Create the field on each affected entry if it does not exist. Remap the MCP API response keys to Go struct field names:

"TunedEntry": {
  "Name": "",
  "CountryCode": "",
  "RegionCode": "",
  "PlaceType": "",
  "H3Cells": [],
  "BoundingBox": []
}

The TunedEntry field is a single object (not an array). It holds the best match from the MCP server.

MCP response key → JSON key mapping :

MCP API response key	JSON key
`placeName`	`Name`
`countryCode`	`CountryCode`
`stateCode`	`RegionCode`
`placeType`	`PlaceType`

Entries with no UUID match (i.e. the MCP server returned no response for their UUID) must receive an empty TunedEntry: {} object — never leave the field absent.

Write the dataset back to: ./run/data/report-data.json
Rules:
- Maintain all existing validation flags.
- Do NOT create additional intermediate files.

Phase 5: Generate Tuning Report

Generate a self-contained HTML report by rendering the template at ./scripts/templates/index.html with data from ./run/data/report-data.json and ./run/data/comments.json.

Write the completed report to ./run/report/geofeed-report.html. After generating, attempt to open it in the system's default browser (e.g., webbrowser.open()). If running in a headless environment, CI pipeline, or remote container where no browser is available, skip the browser step and instead present the file path to the user so they can open or download it.

The template uses Gohtml/template syntax ({{.Field}}, {{range}}, {{if eq}}, etc.). Write a Python script that reads the template, builds a rendering context from the JSON data files, and processes the template placeholders to produce final HTML. Do not modify the template file itself — all processing happens in the Python script at render time.

Step 1: Replace Metadata Placeholders

Replace each {{.Metadata.X}} placeholder in the template with the corresponding value from report-data.json. Since JSON keys match the template placeholder, the mapping is direct — {{.Metadata.InputFile}} maps to the InputFile JSON key, etc.

Template placeholder	JSON key (`report-data.json`)
`{{.Metadata.InputFile}}`	`InputFile`
`{{.Metadata.Timestamp}}`	`Timestamp`
`{{.Metadata.TotalEntries}}`	`TotalEntries`
`{{.Metadata.IpV4Entries}}`

Note on{{.Metadata.Timestamp}}: This placeholder appears inside a JavaScript new Date(...) call. Replace it with the raw integer value (no HTML escaping needed for a numeric literal inside <script>). All other metadata values should be HTML-escaped since they appear inside HTML element text.

Step 2: Replace the Comment Map Placeholder

Locate this pattern in the template:

const commentMap = {{.Comments}};

Replace {{.Comments}} with the serialized JSON object from ./run/data/comments.json. The JSON is embedded directly as a JavaScript object literal (not inside a string), so no extra escaping is needed:

comments_json = json.dumps(comments)
template = template.replace("{{.Comments}}", comments_json)

Step 3: Expand the Entries Range Block

The template contains a {{range .Entries}}...{{end}} block inside <tbody id="entriesTableBody">. Process it as follows:

Extract the range block body using regex. Critical: The block contains nested {{end}} tags (from {{if eq .Status ...}}, {{if .Checked}}, and {{range .Messages}}). A naive non-greedy match like \{\{range \.Entries\}\}(.*?)\{\{end\}\} will match the first inner {{end}}, truncating the block. Instead, anchor the outer {{end}} to the </tbody> that follows it:
```
m = re.search(
    r'\{\{range \.Entries\}\}(.*?)\{\{end\}\}\s*</tbody>',
    template,
    re.DOTALL,
)
entry_body = m.group(1)  # template text for one entry iteration
```

This ensures you capture the full block body including all three <tr> rows and the nested {{range .Messages}}...{{end}}. 2. Iterate over each entry in report-data.json's Entries array. 3. Expand the block body for each entry using the processing order below. 4. Replace the entire match (from {{range .Entries}} through </tbody>) with the concatenated expanded HTML followed by </tbody>.

Processing order for each entry (innermost constructs first to avoid {{end}} confusion):

Evaluate {{if eq .Status ...}}...{{end}} conditionals (status badge class and icon).
Evaluate {{if .Checked}}...{{end}} conditional (message checkbox).
Expand {{range .Messages}}...{{end}} inner range.
Replace simple {{.Field}} placeholders.

Entry Field Mapping

Within the range block body, replace these placeholders for each entry. Since JSON keys match the template placeholder, the template placeholder {{.X}} maps directly to JSON key X:

Template placeholder	JSON key (`Entries[]`)	Notes
`{{.Line}}`	`Line`	Direct integer value
`{{.IPPrefix}}`	`IPPrefix`	HTML-escaped
`{{.CountryCode}}`	`CountryCode`	HTML-escaped

data-h3-cells and data-bounding-box format: These are NOT JSON arrays. They are bracket-wrapped, space-separated values. Do not use JSON serialization (no quotes around string elements, no commas between numbers). Examples:

[836752fffffffff 836755fffffffff] — correct
["836752fffffffff","836755fffffffff"] — WRONG , quotes will break parsing
[-71.70 10.73 -71.52 10.55] — correct
[] — correct for empty

Evaluating Status Conditionals

Process these BEFORE replacing simple{{.Field}} placeholders — otherwise the {{end}} markers get consumed and the regex won't match.

The template uses {{if eq .Status "..."}} conditionals for the status badge CSS class and icon. Evaluate these by checking the entry's status value and keeping only the matching branch text.

The status badge line contains two {{if eq .Status ...}}...{{end}} blocks on a single line — one for the CSS class, one for the icon. Use re.sub with a callback to resolve all occurrences:

STATUS_CSS = {"ERROR": "error", "WARNING": "warning", "SUGGESTION": "suggestion", "OK": "ok"}
STATUS_ICON = {
    "ERROR": "bi-x-circle-fill",
    "WARNING": "bi-exclamation-triangle-fill",
    "SUGGESTION": "bi-lightbulb-fill",
    "OK": "bi-check-circle-fill",
}

def resolve_status_if(match_obj, status):
    """Pick the branch matching `status` from a {{if eq .Status ...}}...{{end}} block."""
    block = match_obj.group(0)
    # Try each branch: {{if eq .Status "X"}}val{{else if ...}}val{{else}}val{{end}}
    for st, val in [("ERROR",), ("WARNING",), ("SUGGESTION",)]:
        # not needed to parse generically — just map from the known patterns
    ...

A simpler approach: since there are exactly two known patterns, replace them as literal strings:

css_class = STATUS_CSS.get(status, "ok")
icon_class = STATUS_ICON.get(status, "bi-check-circle-fill")
body = body.replace(
    '{{if eq .Status "ERROR"}}error{{else if eq .Status "WARNING"}}warning{{else if eq .Status "SUGGESTION"}}suggestion{{else}}ok{{end}}',
    css_class,
)
body = body.replace(
    '{{if eq .Status "ERROR"}}bi-x-circle-fill{{else if eq .Status "WARNING"}}bi-exclamation-triangle-fill{{else if eq .Status "SUGGESTION"}}bi-lightbulb-fill{{else}}bi-check-circle-fill{{end}}',
    icon_class,
)

This avoids regex entirely and is safe because these exact strings appear verbatim in the template.

Step 4: Expand the Nested Messages Range

The {{range .Messages}}...{{end}} block contains a nested {{if .Checked}} checked{{else}} disabled{{end}} conditional, so its inner {{end}} would cause a simple non-greedy regex to match too early. Anchor the regex to </td> (the tag immediately after the messages range closing {{end}}) to capture the full block body:

msg_match = re.search(
    r'\{\{range \.Messages\}\}(.*?)\{\{end\}\}\s*(?=</td>)',
    body, re.DOTALL
)

The lookahead (?=</td>) ensures the regex skips past the checkbox conditional's {{end}} (which is followed by >, not </td>) and matches only the range-closing {{end}} (which is followed by whitespace then </td>).

For each message in the entry's Messages array, clone the captured block body and expand it:

Resolve the checkbox conditional per message (must happen before simple placeholder replacement to remove the nested {{end}}):

if msg.get("Checked"):
    msg_body = msg_body.replace(
        '{{if .Checked}} checked{{else}} disabled{{end}}', ' checked'
    )
else:
    msg_body = msg_body.replace(
        '{{if .Checked}} checked{{else}} disabled{{end}}', ' disabled'
    )

Replace message field placeholders :

Template placeholder	Source	Notes
`{{.ID}}`	`Messages[i].ID`	Direct string value from JSON
`{{.Text}}`	`Messages[i].Text`	HTML-escaped

Concatenate all expanded message blocks and replace the original {{range .Messages}}...{{end}} match (msg_match.group(0)) with the result:
```
body = body[:msg_match.start()] + "".join(expanded_msgs) + body[msg_match.end():]
```

If Messages is empty, replace the entire matched region with an empty string (no message divs — only the issues header remains).

Output Guarantees

The report must be readable in any modern browser without extra network dependencies beyond the CDN links already in the template (leaflet, h3-js, bootstrap-icons, Raleway font).
All values embedded in HTML must be HTML-escaped (<, >, &, ") to prevent rendering issues.
commentMap is embedded as a direct JavaScript object literal (not inside a string), so no JS string escaping is needed — just emit valid JSON.
All values must be derived only from analysis output , not recomputed heuristically.

Phase 6: Final Review

Perform a final verification pass using concrete, checkable assertions before presenting results to the user.

Check 1 — Entry count integrity

Count non-comment, non-blank data rows in the original input CSV.
Assert: len(entries) in report-data.json == data_row_count
On failure: Row count mismatch: input has {N} data rows but report contains {M} entries.

Check 2 — Summary counter integrity

These counters use mutual exclusion based on the boolean flags, which mirrors the highest-severity Status field. An entry with both HasError: true and HasWarning: true is counted only in Errors, never in Warnings. This is equivalent to counting by the entry's Status field.
Assert all of the following; correct any that fail before generating the report:
- Errors == sum(1 for e in Entries if e['HasError'])
- Warnings == sum(1 for e in Entries if e['HasWarning'] and not e['HasError'])
- Suggestions == sum(1 for e in Entries if e['HasSuggestion'] and not e['HasError'] and not e['HasWarning'])

Check 3 — Accuracy bucket integrity

Assert: CityLevelAccuracy + RegionLevelAccuracy + CountryLevelAccuracy + DoNotGeolocate == TotalEntries - InvalidEntries
Note: The accuracy buckets defined in Phase 3 say "Do not count entries with HasError: true", but the Check 3 formula above uses TotalEntries - InvalidEntries (which still includes ERROR entries). This means ERROR entries (those that parsed as valid IPs but failed validation) are counted in accuracy buckets by their geo-field presence. Only InvalidEntries (unparsable IP prefixes) are excluded. Follow the Check 3 formula as the authoritative rule.
On failure, trace and fix the bucketing logic before proceeding.

Check 4 — No duplicate line numbers

Assert: all Line values in Entries are unique.
On failure, report the duplicated line numbers to the user.

Check 5 — TunedEntry completeness

Assert: every object in Entries has a TunedEntry key (even if its value is {}).
On failure, add "TunedEntry": {} to any entry missing the key, then re-save report-data.json.

Check 6 — Report file is present and non-empty

Confirm ./run/report/geofeed-report.html was written and has a file size greater than zero bytes.
On failure, regenerate the report before presenting to the user.

Weekly Installs

Repository

github/awesome-copilot

GitHub Stars

27.0K

First Seen

2 days ago

Security Audits

Gen Agent Trust HubWarn SocketPass SnykWarn

Installed on

codex51

claude-code50

gemini-cli50

opencode50

warp49

amp49

Azure 升级评估与自动化工具 - 轻松迁移 Functions 计划、托管层级和 SKU

124,500 周安装

assets/iso3166-1.json

./run/data/report-data.json

Once successfully decoded, re-encode and write the working copy as UTF-8.

If no encoding succeeds, stop and report: Unable to decode input file. Please save it as UTF-8 and try again.

OK: Total entries whose Status is OK.

Suggestions: Total entries whose Status is SUGGESTION.

CityLevelAccuracy: Count of valid entries where City is non-empty.

RegionLevelAccuracy: Count of valid entries where RegionCode is non-empty and City is empty.

CountryLevelAccuracy: Count of valid entries where CountryCode is non-empty, RegionCode is empty, and City is empty.

DoNotGeolocate (metadata): Count of valid entries where CountryCode, RegionCode, and City are all empty.

IPVersion: "IPv4" or "IPv6" based on the parsed IP prefix.

Messages: Array of message objects, each with:

ID: String identifier from the Validation Rules Reference table below (e.g., "1101", "3301").
Type: The severity type: "ERROR", "WARNING", or "SUGGESTION".
Text: The human-readable validation message string.
Checked: true if the validation rule is auto-tunable (Tunable: true in the reference table), false otherwise. Controls whether the checkbox in the report is checked or disabled.

HasError: true if any message has Type "ERROR".

HasWarning: true if any message has Type "WARNING".

HasSuggestion: true if any message has Type "SUGGESTION".

DoNotGeolocate (entry): true if CountryCode is empty or "ZZ" — the entry is an explicit do-not-geolocate signal.

GeocodingHint: Always empty string "" in Phase 3. Reserved for future use.

Tunable: true if any message in the entry has Checked: true. Computed as logical OR across all messages' Checked values. This flag drives the "Tune" button visibility in the report.

Clean and normalize the CSV using Python logic equivalent to the following operations:

Select only the first five columns , dropping any columns beyond the fifth.
Write the output file with a UTF-8 BOM.

Comments

Remove comment rows where the first column begins with#.
This also removes a header row if it begins with #.
Create a map of comments using the 1-based line number as the key and the full original line as the value. Also store blank lines.
Store this map in a JSON file at: ./run/data/comments.json
Example: { "4": "# It's OK for small city states to leave state ISO2 code unspecified" }

Notes

Both implementation paths (pandas and built-in csv) must write output using the utf-8-sig encoding to ensure a UTF-8 BOM is present.

ERROR

Report the following conditions as ERROR :
Invalid subnet syntax
- Message ID: 1102
Non-public address space
- Applies to subnets that are private, loopback, link-local, multicast, or otherwise non-public
  - In Python, detect non-public ranges using is_private and related address properties as shown in ./references.
- Message ID: 1103

SUGGESTION

Report the following conditions as SUGGESTION :
Overly large IPv6 subnets
- Prefixes shorter than /64
- Message ID: 3102
Overly large IPv4 subnets
- Prefixes shorter than /22
- Message ID: 3101

Sample code is available in the references/ directory.

If a country is found in assets/small-territories.json, mark the entry internally as a small territory. This flag is used in later checks and suggestions but is not stored in the output JSON (it is transient validation state).

Note: small-territories.json contains some historic/disputed codes (AN, CS, XK) that are not present in iso3166-1.json. An entry using one of these as its CountryCode will fail the country code validation (ERROR) even though it matches as a small territory. The country code ERROR takes precedence — do not suppress it based on the small-territory flag.

ERROR

Report the following conditions as ERROR :
Invalid country code
- Condition: CountryCode is present but not found in the alpha_2 set
- Message ID: 1201

SUGGESTION

Report the following conditions as SUGGESTION :
Unspecified geolocation for subnet
- Condition: All geographical fields (CountryCode, RegionCode, City) are empty for a subnet.
- Action:
  - Set DoNotGeolocate = true for the entry.
  - Set CountryCode to ZZ for the entry.
- Message ID: 3104

Check the value against the code attribute (already prefixed with the country code).

Small-territory exception: If the entry is a small territory and the RegionCode value equals the entry's CountryCode (e.g., SG as both country and region for Singapore), treat the region as acceptable — skip all region validation checks for this entry. Small territories are effectively city-states with no meaningful ISO 3166-2 administrative subdivisions.

ERROR

Report the following conditions as ERROR :
Invalid region format
- Condition: RegionCode does not match {COUNTRY}-{SUBDIVISION} and the small-territory exception does not apply
- Message ID: 1301
Unknown region code
- Condition: RegionCode value is not found in the code set and the small-territory exception does not apply
- Message ID: 1302
Country–region mismatch
- Condition: Country portion of RegionCode does not match CountryCode
- Message ID: 1303

Truncated names, abbreviations, or airport codes

Condition: Truncated names, abbreviations, or airport codes that do not represent valid city names:
- LA
- Frft
- sin01
- LHR
- SIN
- MAA
Message ID: 1402

WARNING

Report the following conditions as WARNING :
Inconsistent casing or formatting
- Condition: City names with inconsistent casing, spacing, or formatting that may reduce data quality, for example:
  - HongKong vs Hong Kong
  - Mixed casing or unexpected script usage
- Message ID: 2401

Entry is not a small territory

Open ./run/data/mcp-server-payload.json and send all deduplicated entries with their rowKeys.

If there are more than 1000 deduplicated entries after deduplication, split into multiple requests of 1000 entries each.

The server will respond with the same rowKey field in each response for mapping back.

Do NOT use local data.

OK == sum(1 for e in Entries if not e['HasError'] and not e['HasWarning'] and not e['HasSuggestion'])

Errors + Warnings + Suggestions + OK == TotalEntries - InvalidEntries

`assets/`	静态数据文件（ISO 代码、示例）
`references/`	参考用的 RFC 规范和代码片段
`scripts/`	可执行代码和报告的 HTML 模板文件

Geofeed Tuner：IP地理位置数据源优化工具，RFC 8805合规与最佳实践

🇨🇳中文介绍

Geofeed Tuner – 创建更优的 IP 地理位置数据源

何时使用此技能

先决条件

目录结构与文件管理

只读目录（请勿修改）

相关 Skills

工作目录（生成的内容）

文件管理规则

处理流程：顺序阶段执行

执行计划规则

阶段 1：理解标准

RFC 8805 关键要点

阶段 2：收集输入

阶段 3：检查与建议

执行规则

模式定义

验证规则参考

填充消息

准确性级别计数规则

结构与格式检查

CSV 结构

IP 前缀分析

地理位置质量检查

国家代码分析

区域代码分析

城市名称分析

邮政编码检查

调整与建议

阶段 4：调整数据查询

目标

执行规则

步骤 1：构建带去重的查询有效负载

步骤 2：调用 Fastah MCP 工具

步骤 3：将调整数据附加到条目

🇺🇸English

Geofeed Tuner – Create Better IP Geolocation Feeds

When to Use This Skill

Prerequisites

Directory Structure and File Management

Read-Only Directories (Do Not Modify)

Working Directories (Generated Content)

File Management Rules

Processing Pipeline: Sequential Phase Execution

Execution Plan Rules

Phase 1: Understand the Standard

RFC 8805 Key Facts

Phase 2: Gather Input

Phase 3: Checks & Suggestions

Execution Rules

Schema Definition

Validation Rules Reference

Populating Messages

Accuracy Level Counting Rules

Structure & Format Check

CSV Structure

IP Prefix Analysis

Geolocation Quality Check

Country Code Analysis

Region Code Analysis

City Name Analysis

Postal Code Check

Tuning & Recommendations

Phase 4: Tuning Data Lookup

Objective

Execution Rules

Step 1: Build Lookup Payload with Deduplication

Step 2: Invoke Fastah MCP Tool

Step 3: Attach Tuned Data to Entries

Phase 5: Generate Tuning Report

Step 1: Replace Metadata Placeholders

Step 2: Replace the Comment Map Placeholder

Step 3: Expand the Entries Range Block

Entry Field Mapping

Evaluating Status Conditionals

Step 4: Expand the Nested Messages Range

Output Guarantees

Phase 6: Final Review

最新 Skills