@ainative/cody-cli 0.2.6 → 0.2.8

package/.claude/skills/git-workflow/SKILL.md

@@ -0,0 +1,116 @@
+---
+name: git-workflow
+description: Git commit, PR, and branching standards with ZERO TOLERANCE for AI attribution. Use when (1) Creating commits, (2) Writing commit messages, (3) Creating pull requests, (4) Writing PR descriptions, (5) Branching or merging code. ABSOLUTE RULE - NEVER include "Claude", "Anthropic", "AI-generated", emojis with "Generated with", or any AI tool attribution in commits, PRs, issues, or documentation.
+---
+
+# Git & PR Workflow Standards
+
+## Core Principles
+
+* **Small PRs:** <=300 LOC changed ideally
+* **Commit often:** Early, meaningful commits with clear messages
+* **Linear history:** Prefer rebase over merge commits
+* **Professional:** No AI attribution, no tool branding, clean descriptions
+
+## ABSOLUTE ZERO-TOLERANCE RULE: NO AI ATTRIBUTION
+
+**NEVER, UNDER ANY CIRCUMSTANCES, include ANY of the following in:**
+* Git commit messages
+* Pull request descriptions
+* Issue comments
+* GitHub discussions
+* Code comments
+* Documentation
+* ANY public-facing repository content
+
+### STRICTLY FORBIDDEN TEXT - NEVER USE
+
+* "Claude"
+* "Anthropic"
+* "claude.com"
+* "Claude Code"
+* "Generated with Claude"
+* "Co-Authored-By: Claude"
+* Any emoji followed by "Generated with" or "Powered by"
+* Any reference to AI assistants, AI code generation, or automated tools
+* Any branding, attribution, or links to third-party AI services
+
+### CORRECT FORMAT - ALWAYS USE
+
+* Clean, professional commit messages
+* Clear description of what changed
+* Explanation of why the change was made
+* No attribution, no branding, no tool references
+
+## Examples
+
+### FORBIDDEN COMMIT
+
+```
+Add multi-dimension vector support
+
+- Support for 384, 768, 1024, and 1536 dimensions
+
+Generated with [Claude Code](https://claude.com/claude-code)
+
+Co-Authored-By: Claude <noreply@anthropic.com>
+```
+
+### CORRECT COMMIT
+
+```
+Add multi-dimension vector support
+
+- Support for 384, 768, 1024, and 1536 dimensions
+- Update validation logic for new dimensions
+- Add comprehensive test coverage
+```
+
+### FORBIDDEN PR DESCRIPTION
+
+```markdown
+## Summary
+Implemented new authentication flow with JWT tokens.
+
+## Test Plan
+All tests passing.
+
+---
+Powered by Claude
+```
+
+### CORRECT PR DESCRIPTION
+
+```markdown
+## Summary
+Implemented new authentication flow with JWT tokens.
+
+## Test Plan
+All tests passing.
+```
+
+## Enforcement
+
+* **ZERO TOLERANCE** rule with **NO EXCEPTIONS**
+* Every commit must be verified before pushing
+* Every PR must be reviewed for attribution before creating
+* If attribution is found, it must be removed immediately via force push or amendment
+* This rule applies to ALL repositories, ALL projects, ALL commits
+
+## PR Requirements
+
+Every PR must include:
+
+* **Problem/Context:** What issue are we solving and why?
+* **Solution summary:** How does this change address the problem?
+* **Test plan:** Commands + results proving functionality
+* **Risk/rollback:** Potential issues and how to revert if needed
+* **Story link + Type + Estimate:** Link to issue/story with type (feature/bug/chore) and points
+
+## Reference Files
+
+See `references/ai-attribution-enforcement.md` for comprehensive forbidden text list and enforcement details.
+
+See `references/pr-templates.md` for complete PR templates for feature, bug, and chore PRs.
+
+See `references/branch-conventions.md` for branch naming patterns and examples.

package/.claude/skills/local-environment-check/SKILL.md

@@ -0,0 +1,78 @@
+---
+name: local-environment-check
+description: Verify local development environment is correctly configured. Use when (1) Setting up a new development machine, (2) Debugging environment issues, (3) Onboarding new team members, (4) Verifying tool versions, (5) Checking port availability.
+---
+
+# Local Environment Check
+
+## Purpose
+
+Verify that the local development environment has all required tools, correct versions, and proper configuration before starting work.
+
+## Checks to Perform
+
+### 1. Required Tools
+```bash
+# Check Node.js
+node --version    # Expected: v18+ or v20+
+
+# Check npm/bun/pnpm
+npm --version     # Expected: 9+
+bun --version     # If using bun
+pnpm --version    # If using pnpm
+
+# Check Python (if applicable)
+python3 --version # Expected: 3.10+
+pip --version
+
+# Check Git
+git --version     # Expected: 2.30+
+
+# Check GitHub CLI
+gh --version
+gh auth status    # Verify authenticated
+```
+
+### 2. Environment Variables
+```bash
+# Check required env vars are set
+env | grep -E "^(NODE_ENV|API_URL|DATABASE_URL)" || echo "Missing env vars"
+
+# Check .env file exists
+[ -f .env ] && echo ".env exists" || echo "WARNING: No .env file"
+```
+
+### 3. Port Availability
+```bash
+# Check if common dev ports are free
+lsof -i :3000 2>/dev/null && echo "Port 3000 in use" || echo "Port 3000 available"
+lsof -i :5432 2>/dev/null && echo "Port 5432 in use" || echo "Port 5432 available"
+lsof -i :8080 2>/dev/null && echo "Port 8080 in use" || echo "Port 8080 available"
+```
+
+### 4. Dependencies
+```bash
+# Install and verify dependencies
+npm install       # or bun install / pnpm install
+npm run build     # Verify build works
+npm test          # Verify tests pass
+```
+
+### 5. Git Configuration
+```bash
+# Verify git hooks are installed
+ls -la .git/hooks/pre-commit .git/hooks/commit-msg 2>/dev/null
+
+# If missing, install them
+bash .claude/hooks/install-hooks.sh
+```
+
+## Troubleshooting
+
+| Issue | Solution |
+|-------|---------|
+| Node version too old | Use `nvm install 20` |
+| Port already in use | Kill process: `kill $(lsof -t -i:3000)` |
+| Missing env vars | Copy from `.env.example`: `cp .env.example .env` |
+| Git hooks not installed | Run `bash .claude/hooks/install-hooks.sh` |
+| npm install fails | Delete `node_modules` and `package-lock.json`, retry |

package/.claude/skills/mandatory-tdd/SKILL.md

@@ -0,0 +1,112 @@
+---
+name: mandatory-tdd
+description: Enforces Test-Driven Development (TDD) with BDD-style tests and mandatory test execution. Use when (1) Writing any new code or feature, (2) Fixing bugs, (3) Refactoring existing code, (4) Creating pull requests, (5) Closing issues. CRITICAL RULE - Tests MUST be actually executed with proof of passing status and coverage >= 80% before ANY commit, PR, or issue closure.
+---
+
+# Mandatory TDD/BDD Testing Strategy
+
+## Core Principles
+
+* **BDD Style:** Use `describe/it` syntax for unit, integration, and functional/API tests
+* **Test-First:** Write failing tests before implementation
+* **Deterministic:** Use data-testid, role, or label selectors (never brittle CSS/XPath)
+* **Fast & Light:** Prefer fast unit/integration tests; save heavy e2e for nightly unless required
+
+## Example BDD Structure
+
+```js
+describe('Calculator', () => {
+  describe('addition', () => {
+    it('adds two positive numbers', () => {
+      expect(add(5, 7)).to.equal(12);
+    });
+  });
+});
+```
+
+## MANDATORY TEST EXECUTION REQUIREMENT
+
+**BEFORE claiming tests pass or closing any issue:**
+
+1. **ACTUALLY RUN THE TESTS** - Execute test suite with coverage
+2. **VERIFY THEY PASS** - Confirm all tests show green/passing status
+3. **CHECK COVERAGE** - Verify minimum 80% coverage requirement met
+4. **INCLUDE OUTPUT** - Paste actual test execution output in PR/commit/issue
+
+### ABSOLUTELY FORBIDDEN
+
+* Writing tests but NOT running them
+* Claiming "All tests passing" without proof
+* Stating "80%+ coverage" without actual coverage report
+* Closing issues without running test suite
+* Creating PRs without executing pytest/jest/etc.
+* Assuming tests work based on syntax checking alone
+
+### REQUIRED WORKFLOW
+
+**Backend (Python/FastAPI):**
+```bash
+cd /path/to/your/backend
+python3 -m pytest tests/test_your_feature.py -v --cov=app.your.module --cov-report=term-missing
+
+# Verify output shows:
+# - All tests passed (green checkmarks)
+# - Coverage >= 80%
+# - No import errors or test failures
+```
+
+**Frontend (TypeScript/React):**
+```bash
+cd /path/to/your/frontend
+npm test -- --coverage
+
+# Verify output shows:
+# - All tests passed
+# - Coverage >= 80% for statements, branches, functions, lines
+```
+
+### Evidence Requirement
+
+Every PR, commit, or issue closure involving tests MUST include:
+
+```
+## Test Execution Evidence
+
+### Command Run:
+`pytest tests/test_feature.py -v --cov=app.module`
+
+### Output:
+test_create_item PASSED                                        [  5%]
+test_validation PASSED                                         [ 10%]
+==================== 20 passed in 3.42s ====================
+Coverage: 87%
+
+### Coverage Report:
+app/api/v1/endpoints/feature.py    422    35    87%
+app/schemas/item.py                192    18    91%
+```
+
+## Why This Matters
+
+* **Prevents false confidence** - Tests may have import errors, assertion failures
+* **Catches infrastructure issues** - Broken test setup, missing dependencies
+* **Validates coverage claims** - Actual coverage may be lower than estimated
+* **Ensures production readiness** - Code that doesn't pass tests shouldn't ship
+* **Saves debugging time** - Finding test failures BEFORE merge, not after
+
+## Enforcement
+
+* **MANDATORY** requirement with **NO EXCEPTIONS**
+* Tests must be run LOCALLY before any git commit
+* Test output must be included in PR descriptions
+* Coverage reports must show actual percentages, not estimates
+* If tests cannot run due to infrastructure issues, **DOCUMENT THE ISSUE** and fix it before proceeding
+* Never claim "tests passing" without proving it with actual command output
+
+**THIS IS A ZERO-TOLERANCE RULE. ALWAYS RUN TESTS AND PROVIDE PROOF.**
+
+## Reference Files
+
+See `references/bdd-patterns.md` for detailed BDD test pattern examples across unit, integration, and API tests.
+
+See `references/coverage-requirements.md` for detailed coverage configuration, thresholds, and exclusion patterns.

package/.claude/skills/mcp-builder/SKILL.md

@@ -0,0 +1,150 @@
+---
+name: mcp-builder
+description: Guide for creating high-quality MCP (Model Context Protocol) servers that enable LLMs to interact with external services through well-designed tools. Use when building MCP servers to integrate external APIs or services, whether in Python (FastMCP) or Node.js (MCP SDK).
+---
+
+# MCP Builder Guide
+
+## What is an MCP Server?
+
+Model Context Protocol (MCP) servers expose tools that AI agents (Claude Code, Cursor, Windsurf, etc.) can call directly. You can build custom MCP servers to integrate any API or service.
+
+## Python -- FastMCP
+
+```bash
+pip install fastmcp
+```
+
+```python
+# my_mcp_server.py
+from fastmcp import FastMCP
+import requests
+
+mcp = FastMCP("my-tools")
+API_KEY = "your_api_key"
+BASE = "https://your-api.example.com"
+
+@mcp.tool()
+def get_status() -> dict:
+    """Get current service status."""
+    return requests.get(
+        f"{BASE}/api/v1/status",
+        headers={"X-API-Key": API_KEY}
+    ).json()
+
+@mcp.tool()
+def search_items(query: str, limit: int = 5) -> dict:
+    """Search items by query."""
+    return requests.post(
+        f"{BASE}/api/v1/search",
+        headers={"X-API-Key": API_KEY},
+        json={"query": query, "limit": limit}
+    ).json()
+
+if __name__ == "__main__":
+    mcp.run()
+```
+
+```bash
+python my_mcp_server.py
+```
+
+## Node.js -- MCP SDK
+
+```bash
+npm install @modelcontextprotocol/sdk
+```
+
+```typescript
+// server.ts
+import { Server } from '@modelcontextprotocol/sdk/server/index.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+
+const server = new Server(
+  { name: 'my-mcp-server', version: '1.0.0' },
+  { capabilities: { tools: {} } }
+);
+
+server.setRequestHandler('tools/list', async () => ({
+  tools: [{
+    name: 'get_status',
+    description: 'Get current service status',
+    inputSchema: { type: 'object', properties: {} }
+  }]
+}));
+
+server.setRequestHandler('tools/call', async (request) => {
+  if (request.params.name === 'get_status') {
+    const resp = await fetch('https://your-api.example.com/api/v1/status', {
+      headers: { 'X-API-Key': process.env.API_KEY! }
+    });
+    return { content: [{ type: 'text', text: JSON.stringify(await resp.json()) }] };
+  }
+});
+
+const transport = new StdioServerTransport();
+await server.connect(transport);
+```
+
+## Configure in Claude Code
+
+```json
+// .claude/mcp.json
+{
+  "mcpServers": {
+    "my-tools": {
+      "command": "python",
+      "args": ["my_mcp_server.py"],
+      "env": { "API_KEY": "your_api_key" }
+    }
+  }
+}
+```
+
+For a published npm package:
+```json
+{
+  "mcpServers": {
+    "my-tools": {
+      "command": "npx",
+      "args": ["my-mcp-package"],
+      "env": { "API_KEY": "your_api_key" }
+    }
+  }
+}
+```
+
+## SKILL.md Format
+
+Every MCP tool should have a matching skill file so agents know when to call it:
+
+```markdown
+---
+name: my-tool-name
+description: One-line description. Use when (1) scenario, (2) scenario, (3) scenario.
+---
+
+# Tool Name
+
+Brief description and usage examples.
+```
+
+Place in `.claude/skills/my-tool-name/SKILL.md`.
+
+## Publish to npm
+
+```bash
+# package.json
+{
+  "name": "my-mcp-server",
+  "version": "1.0.0",
+  "bin": { "my-mcp-server": "./dist/server.js" },
+  "main": "./dist/server.js"
+}
+
+npm publish
+```
+
+## References
+
+- MCP spec: `https://modelcontextprotocol.io`

package/.cody/CODY.md

@@ -0,0 +1,17 @@
+# Cody — Your AI Engineering Lead
+
+## Identity
+- **Name**: Cody
+- **Role**: Senior AI Engineer + Technical Advisor
+- **Style**: Direct, technically precise, no fluff
+
+## Mandate
+1. Lead technical architecture decisions
+2. Enforce TDD, code quality, and security standards
+3. Ship production-grade code with 90%+ test coverage
+4. Never break production — reversible changes, verify before merge
+
+## Communication
+- Responds as a senior engineer, not a chatbot
+- Gets to the point fast
+- When something is wrong, says so clearly and fixes it

package/.cody/hooks/commit-msg

@@ -0,0 +1,7 @@
+#!/bin/bash
+# Block AI attribution in commit messages
+if grep -qiE "(co-authored-by:.*claude|co-authored-by:.*chatgpt|generated with)" "$1"; then
+    echo "ERROR: Remove AI attribution from commit message"
+    exit 1
+fi
+echo "Commit message: PASS"

package/.cody/hooks/pre-commit

@@ -0,0 +1,8 @@
+#!/bin/bash
+# Check file placement
+VIOLATIONS=$(git diff --cached --name-only --diff-filter=A | grep -E '^[^/]+\.md$' | grep -v -E '^(README\.md)$' || true)
+if [ ! -z "$VIOLATIONS" ]; then
+    echo "ERROR: .md files must go in docs/ subdirectory"
+    exit 1
+fi
+echo "File placement: PASS"

package/.cody/mcp.json

@@ -0,0 +1,9 @@
+{
+  "mcpServers": {
+    "zerodb": {
+      "type": "http",
+      "url": "https://api.ainative.studio/v1/mcp/zerodb-mcp/messages",
+      "description": "ZeroDB vector database and storage"
+    }
+  }
+}

package/.cody/mcp.json.example

@@ -0,0 +1,9 @@
+{
+  "mcpServers": {
+    "example": {
+      "command": "npx",
+      "args": ["-y", "@modelcontextprotocol/server-filesystem", "."],
+      "description": "Local filesystem access"
+    }
+  }
+}

package/.cody/skills/ci-cd-compliance/SKILL.md

@@ -0,0 +1,12 @@
+---
+name: ci-cd-compliance
+description: CI/CD pipeline requirements and deployment standards
+---
+## CI/CD Standards
+- All commits must pass CI before merge
+- Staging deploys required before production
+- Use feature flags for risky changes
+- Rollback plan documented for every deploy
+- Environment variables managed via CI secrets, never hardcoded
+- Database migrations must be backward-compatible
+- Health checks required for all deployed services

package/.cody/skills/code-quality/SKILL.md

@@ -0,0 +1,10 @@
+---
+name: code-quality
+description: Coding style, security, and accessibility standards
+---
+## Standards
+- camelCase for vars/functions, PascalCase for classes
+- 4-space indentation
+- Never log secrets or PII
+- Validate all inputs
+- Explicit error types with actionable messages

package/.cody/skills/database-best-practices/SKILL.md

@@ -0,0 +1,13 @@
+---
+name: database-best-practices
+description: Database query safety and connection management
+---
+## Database Best Practices
+- Always use connection pooling — never raw connections
+- Close connections and sessions explicitly after use
+- Use parameterized queries — never string interpolation for SQL
+- Add indexes for frequently queried columns
+- Migrations must be idempotent and backward-compatible
+- Monitor connection pool usage in production
+- Use transactions for multi-step writes
+- Set query timeouts to prevent runaway queries

package/.cody/skills/delivery-checklist/SKILL.md

@@ -0,0 +1,13 @@
+---
+name: delivery-checklist
+description: Pre-delivery acceptance checklist before merge
+---
+## Delivery Checklist
+- [ ] All tests pass with >= 90% coverage
+- [ ] No linting errors or warnings
+- [ ] PR description includes summary, test plan, and risk/rollback
+- [ ] Issue linked and status updated
+- [ ] No secrets, credentials, or PII in code
+- [ ] Breaking changes documented
+- [ ] Reviewer approved
+- [ ] CI pipeline green

package/.cody/skills/file-placement/SKILL.md

@@ -0,0 +1,11 @@
+---
+name: file-placement
+description: File organization and placement rules
+---
+## File Placement Rules
+- Documentation (.md) files go in `docs/` subdirectories
+- Only `README.md` is allowed at project root
+- Scripts go in `scripts/` directory
+- Config files go in `config/` or project root
+- Tests mirror source directory structure in `tests/`
+- No orphan files — every file belongs in a designated directory

package/.cody/skills/git-workflow/SKILL.md

@@ -0,0 +1,9 @@
+---
+name: git-workflow
+description: Git commit, PR, and branching standards
+---
+## Git Workflow
+- Branch: `feature/{issue}-{slug}`, `bug/{issue}-{slug}`
+- Commits: reference issue numbers (`Refs #123`)
+- PRs: include summary, test plan, risk/rollback
+- No AI attribution in commits

package/.cody/skills/mandatory-tdd/SKILL.md

@@ -0,0 +1,10 @@
+---
+name: mandatory-tdd
+description: Test-Driven Development with BDD-style tests
+---
+## TDD Workflow
+1. RED: Write failing tests first
+2. GREEN: Minimal code to pass
+3. REFACTOR: Improve with tests green
+- Coverage >= 90%
+- Run tests before every commit