You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Feature ideas captured during initial development. These are brainstorming — not commitments. Ideas may be broken out into individual issues as they become concrete.
Security & Detection
Process ancestry tracking — Show parent PID chain for suspicious windows. A dialog spawned by svchost.exe vs a random unsigned binary tells a very different story. Use psutil.Process(pid).parents(). (high-value, medium effort)
Window age / creation time — Track how long a hidden window has been sitting there. Use process creation time as proxy. Could add as concern weight modifier. (high-value, medium effort)
Watch / monitor mode — Run continuously, alert on new suspicious windows. Turns wingather from one-shot scan into a sentinel. --watch flag with configurable interval. (high-value, large effort)
process-delta integration — Cross-reference with process-delta. "Suspicious window owned by a process that wasn't running 10 minutes ago." Same author owns both tools. (high-value, medium effort)
Extended signature verification — Beyond Microsoft: verify Adobe, Google, Mozilla signed binaries. Community-contributed trust lists. Trust JSON v2 already supports extensible verify field. (nice-to-have, medium effort)
Network correlation — Flag suspicious windows whose process has active network connections via psutil.net_connections(). Hidden window phoning home = red flag. (nice-to-have, medium effort)
Window transparency detection — Detect zero-alpha or near-invisible windows via GetLayeredWindowAttributes. Another hiding technique not currently caught. (nice-to-have, small effort)
Window Management & UX
Layout / arrangement options — Beyond centering: tiling, cascade, snap-to-grid. --arrange tile vs --arrange center (default). (nice-to-have, medium effort)
Interactive / TUI mode — Live table with window selection. Act on specific windows instead of gathering everything. textual or curses. (exploratory, large effort)
Profile / preset save/restore — Save current window arrangement, restore later. More productivity than security. (exploratory, medium effort)
Operational
Config file support — wingather.toml for default flags, persistent trust entries, custom concern weights. Reduces CLI friction. (high-value, small effort)
Configurable concern weights — Let users tune scoring. [weights] section in config file. (nice-to-have, small effort)
HTML report output — Shareable report beyond JSON. Could include window screenshots via PrintWindow API. (nice-to-have, medium effort)
Logging / audit trail — Append findings to a log file over time. JSONL format for trend analysis. (nice-to-have, small effort)
Unit tests — Zero pytest coverage. Need tests for scoring, trust verification, CLI parsing, table rendering. Mock Win32 layer. (high-value, medium effort)
Platform Expansion
macOS implementation — Fill in platform stub. pyobjc + NSApplication/CGWindow API. Core logic is platform-agnostic. (deferred, large effort)
Linux X11/Wayland — Fill in platform stub. X11 via python-xlib, Wayland via compositor protocols. (deferred, large effort)
Priority Recommendation
Unit tests — foundational, enables confident iteration
Config file — small effort, big usability win
Process ancestry — biggest security signal gap
Watch mode — multiplies the tool's value
process-delta integration — uniquely positioned, same author
Analysis
See 2026-02-12__00-26-42__idea_future-features-roadmap.md for detailed discussion context.
Future Features — Ideas & Feature Backlog
Feature ideas captured during initial development. These are brainstorming — not commitments. Ideas may be broken out into individual issues as they become concrete.
Security & Detection
svchost.exevs a random unsigned binary tells a very different story. Usepsutil.Process(pid).parents(). (high-value, medium effort)--watchflag with configurable interval. (high-value, large effort)verifyfield. (nice-to-have, medium effort)psutil.net_connections(). Hidden window phoning home = red flag. (nice-to-have, medium effort)GetLayeredWindowAttributes. Another hiding technique not currently caught. (nice-to-have, small effort)Window Management & UX
--arrange tilevs--arrange center(default). (nice-to-have, medium effort)textualorcurses. (exploratory, large effort)Operational
wingather.tomlfor default flags, persistent trust entries, custom concern weights. Reduces CLI friction. (high-value, small effort)[weights]section in config file. (nice-to-have, small effort)PrintWindowAPI. (nice-to-have, medium effort)Platform Expansion
pyobjc+ NSApplication/CGWindow API. Core logic is platform-agnostic. (deferred, large effort)python-xlib, Wayland via compositor protocols. (deferred, large effort)Priority Recommendation
Analysis
See
2026-02-12__00-26-42__idea_future-features-roadmap.mdfor detailed discussion context.Captured from development session 2026-02-12