Initial commit - UCXL validator and browser tools

- Added UCXL validator implementation with error codes and response codes
- Created Docker-based development environment
- Implemented frontend browser interface with TypeScript/React
- Added backend validation service in Python
- Created comprehensive UCXL browser specification and validation tools

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

fail2ban-playbook.yml

@@ -0,0 +1,50 @@
+---
+- name: Harden Pop!_OS with Fail2Ban
+  hosts: all
+  become: true
+  vars:
+    fail2ban_default_jail:
+      name: sshd
+      enabled: true
+      port: ssh
+      filter: sshd
+      logpath: /var/log/auth.log
+      maxretry: 5
+      bantime: 600
+      findtime: 600
+
+  tasks:
+    - name: Ensure Fail2Ban is installed
+      apt:
+        name: fail2ban
+        state: present
+        update_cache: yes
+
+    - name: Create jail.local with default sshd jail
+      copy:
+        dest: /etc/fail2ban/jail.local
+        owner: root
+        group: root
+        mode: '0644'
+        content: |
+          [DEFAULT]
+          banaction = iptables-multiport
+          backend = systemd
+          destemail = root@localhost
+          sender = root@<hostname>
+          action = %(action_mwl)s
+
+          [{{ fail2ban_default_jail.name }}]
+          enabled = {{ fail2ban_default_jail.enabled | lower }}
+          port    = {{ fail2ban_default_jail.port }}
+          filter  = {{ fail2ban_default_jail.filter }}
+          logpath = {{ fail2ban_default_jail.logpath }}
+          maxretry = {{ fail2ban_default_jail.maxretry }}
+          bantime = {{ fail2ban_default_jail.bantime }}
+          findtime = {{ fail2ban_default_jail.findtime }}
+
+    - name: Ensure fail2ban is enabled and running
+      systemd:
+        name: fail2ban
+        enabled: yes
+        state: started