@appsforgood/next-supabase-kit 0.1.6 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@appsforgood/next-supabase-kit",
3
- "version": "0.1.6",
3
+ "version": "0.1.7",
4
4
  "description": "Open agent council, skills, prompts, checklists, and markdown templates for Next.js and Supabase projects.",
5
5
  "type": "module",
6
6
  "repository": {
@@ -0,0 +1,180 @@
1
+ # Lifecycle Command Index
2
+
3
+ Use this index for delivery lifecycle slash commands. These are command-like prompts for any assistant surface and the source of truth for native Antigravity runtime commands.
4
+
5
+ For UI-only workflows, see `.agent-kit/prompts/ui-command-index.md`.
6
+
7
+ Canonical sources:
8
+
9
+ - `AGENTS.md`
10
+ - `AGENT_ROSTER.md`
11
+ - `.agent-kit/agent-roster.json`
12
+ - `MODEL_ROUTING.md`
13
+ - `.agent-kit/model-routing.json`
14
+ - `SPEC.md`
15
+ - `QUALITY_GATES.md`
16
+ - `TESTING.md`
17
+ - `SECURITY.md`
18
+ - `COUNCIL.md`
19
+ - `.agent-kit/council-sessions/`
20
+
21
+ ## `/setup`
22
+
23
+ Onboard project context through Agent Office and project-context files.
24
+
25
+ Required steps:
26
+
27
+ 1. Run or resume `agent-kit setup --open` when the CLI is available.
28
+ 2. Load `.agent-kit/project-context.json`, `.agent-kit/project-context.md`, and active correction rules.
29
+ 3. Confirm stack, auth model, deployment target, and maturity target from `QUALITY_GATES.md`.
30
+ 4. Record gaps as follow-up context questions or correction rules.
31
+
32
+ Required outputs: context summary, unanswered questions, maturity target, next recommended command.
33
+
34
+ ## `/spec`
35
+
36
+ Define what to build in `SPEC.md` before implementation.
37
+
38
+ Required steps:
39
+
40
+ 1. Route through Planner and Documentation Maintainer.
41
+ 2. Read project context, corrections, and existing `SPEC.md`.
42
+ 3. Capture goal, user/workflow, acceptance criteria, preserved behavior, non-goals, and docs impact.
43
+ 4. Name affected layers: data, business logic, presentation, auth, deployment, tests.
44
+ 5. Record decision and handoff with `agent-kit session ...` when a session is active.
45
+
46
+ Required outputs: spec delta or draft, acceptance criteria, preserved capabilities, non-goals, verification plan, next handoff.
47
+
48
+ ## `/plan`
49
+
50
+ Create an implementation-ready plan through Planner and Lead Architect routing.
51
+
52
+ Required steps:
53
+
54
+ 1. Start with Planner.
55
+ 2. Name the active workflow and maturity target from `QUALITY_GATES.md`.
56
+ 3. Map affected layers and preserved behavior.
57
+ 4. Route core changes through Lead Architect before implementation.
58
+ 5. Record decision, risk, next handoff, and required outputs with `agent-kit session ...` when available.
59
+
60
+ Required outputs: goal, affected layers, preserved capabilities, implementation sequence, risks, tests, docs, handoffs, acceptance criteria.
61
+
62
+ ## `/handoff`
63
+
64
+ Route work explicitly between council agents with recorded evidence.
65
+
66
+ Required steps:
67
+
68
+ 1. Read `.agent-kit/agent-roster.json` and select the active workflow.
69
+ 2. State decision, risk, and required next agent from the roster sequence.
70
+ 3. Mark required outputs as missing, partial, complete, or not applicable.
71
+ 4. Record the handoff with `agent-kit session handoff` when the CLI is available.
72
+
73
+ Required outputs: from-agent, to-agent, decision, risk, required outputs status, evidence path.
74
+
75
+ ## `/frontend`
76
+
77
+ Run the frontend-change workflow with content-first design gates.
78
+
79
+ Required steps:
80
+
81
+ 1. Complete brand/content intake and creative-direction rationale.
82
+ 2. Load the matching design brief and `DESIGN.md` / `MESSAGING.md` when public-facing.
83
+ 3. Require reference-set evidence, distinctiveness benchmark, and product-quality scorecard for significant UI work.
84
+ 4. Route implementation through Next.js Engineer after design acceptance.
85
+ 5. Use UI commands from `.agent-kit/prompts/ui-command-index.md` when polishing or auditing.
86
+
87
+ Required outputs: creative direction, reference evidence, scorecard, UI rationale, visual QA plan, handoffs.
88
+
89
+ ## `/audit`
90
+
91
+ Run the Agent Kit maturity audit and convert findings into follow-up work.
92
+
93
+ Required steps:
94
+
95
+ 1. Run `agent-kit audit --json` when the CLI is available.
96
+ 2. Classify failures before warnings.
97
+ 3. Map each finding to the responsible council role.
98
+ 4. Record remediation tasks with `agent-kit session output` when a session is active.
99
+
100
+ Required outputs: readiness level, failures, warnings, owner/council role, remediation order, verification command.
101
+
102
+ ## `/test`
103
+
104
+ Add or run tests and produce acceptance evidence.
105
+
106
+ Required steps:
107
+
108
+ 1. Route through QA Engineer.
109
+ 2. Read `TESTING.md` and the maturity target from `QUALITY_GATES.md`.
110
+ 3. Name unit, regression, smoke, and visual QA gaps for the change scope.
111
+ 4. Run project test commands and capture results.
112
+ 5. Record verification with `agent-kit session verify` when a session is active.
113
+
114
+ Required outputs: test plan, commands run, pass/fail summary, coverage gaps, skipped-test rationale.
115
+
116
+ ## `/review`
117
+
118
+ Run pre-merge code health review before `/ship`.
119
+
120
+ Required steps:
121
+
122
+ 1. Route through QA Engineer for behavior, regression, and test evidence.
123
+ 2. Include Security Reviewer when auth, RLS, data mutation, dependency, secret, or external-call boundaries changed.
124
+ 3. Return findings by severity with concrete remediation.
125
+ 4. Distinguish this from release GO/NO-GO, which belongs to `/ship`.
126
+
127
+ Required outputs: reviewed scope, findings by severity, required fixes, security notes when applicable, merge recommendation.
128
+
129
+ ## `/security`
130
+
131
+ Run OWASP, auth, RLS, dependency, secret, and external-call review.
132
+
133
+ Required steps:
134
+
135
+ 1. Route through Security Reviewer.
136
+ 2. Check OWASP Top 10, IDOR, SSRF, injection, broken auth, unsafe output rendering, secret leakage, and vulnerable dependencies.
137
+ 3. Verify service-role access stays server-only.
138
+ 4. Record findings with severity, exploit path, affected behavior, and remediation.
139
+
140
+ Required outputs: reviewed boundaries, findings, severity, exploit path, mitigation, negative authorization tests or skipped rationale.
141
+
142
+ ## `/copy`
143
+
144
+ Run marketing and conversion copy discovery and review.
145
+
146
+ Required steps:
147
+
148
+ 1. Route through Marketing Copy Lead.
149
+ 2. Read or update `MESSAGING.md` for audience, pain, outcome, proof, objections, voice, and CTA.
150
+ 3. Reject vague SaaS copy, unsupported claims, and interchangeable headlines.
151
+ 4. Hand off public-facing copy to Frontend Design Lead for layout hierarchy review.
152
+
153
+ Required outputs: discovery answers, value proposition, proof status, voice/tone, copy inventory, CTA hierarchy, design handoff notes.
154
+
155
+ ## `/ship`
156
+
157
+ Make a GO/NO-GO release call from council, security, QA, docs, deployment, and rollback evidence.
158
+
159
+ Required steps:
160
+
161
+ 1. Confirm implementation scope and preserved behavior.
162
+ 2. Require code review, Security Reviewer signoff, QA/test evidence, accessibility evidence when UI changed, docs evidence, deployment review, and rollback plan.
163
+ 3. Run the project release gate, normally `npm run release:check` for this package or the project-specific equivalent.
164
+ 4. Record verification with `agent-kit session verify`.
165
+ 5. Return GO only when required outputs are complete or explicitly not applicable.
166
+
167
+ Required outputs: code review, security review, QA/test review, accessibility/doc/deployment checks, rollback plan, release command, GO/NO-GO verdict.
168
+
169
+ ## `/upgrade`
170
+
171
+ Upgrade Agent Kit, framework, or dependency versions safely.
172
+
173
+ Required steps:
174
+
175
+ 1. Read `UPGRADE.md` before accepting versioned behavior changes.
176
+ 2. Run `agent-kit diff` before accepting template changes.
177
+ 3. Preserve valid local overrides in `.agent-kit/overrides.json`.
178
+ 4. Record package versions, migration order, rollback notes, verification commands, owner, and date.
179
+
180
+ Required outputs: upgrade scope, diff summary, conflict risk, migration order, rollback plan, verification commands.
@@ -111,7 +111,7 @@
111
111
  "id": "qa-engineer",
112
112
  "name": "QA Engineer",
113
113
  "file": ".agent-kit/agents/qa-engineer.md",
114
- "defaultFor": ["testing", "regression", "smoke", "acceptance-evidence"],
114
+ "defaultFor": ["testing", "regression", "smoke", "acceptance-evidence", "test", "review", "code-review"],
115
115
  "skills": ["testing-qa", "best-practice-maturity-review", "visual-regression-qa", "accessibility-wcag"],
116
116
  "handsOffTo": ["docs-maintainer", "deployment-observability-engineer"]
117
117
  },
@@ -135,7 +135,7 @@
135
135
  "workflows": [
136
136
  {
137
137
  "id": "planning",
138
- "triggers": ["plan", "roadmap", "phase", "scope", "what should we do", "break this down"],
138
+ "triggers": ["plan", "roadmap", "phase", "scope", "spec", "specification", "acceptance criteria", "what should we do", "break this down"],
139
139
  "sequence": ["planner", "lead-architect", "qa-engineer", "docs-maintainer"],
140
140
  "council": ["planner", "lead-architect"],
141
141
  "requiredOutputs": ["phased checklist", "maturity target", "affected layers", "preserved capabilities", "verification plan", "docs impact"]
@@ -230,6 +230,20 @@
230
230
  "handoff notes for design and implementation"
231
231
  ]
232
232
  },
233
+ {
234
+ "id": "testing",
235
+ "triggers": ["test", "tests", "unit test", "regression test", "smoke test", "playwright", "acceptance test"],
236
+ "sequence": ["qa-engineer", "docs-maintainer"],
237
+ "council": ["qa-engineer"],
238
+ "requiredOutputs": ["test plan", "commands run", "pass/fail summary", "coverage gaps", "skipped-test rationale"]
239
+ },
240
+ {
241
+ "id": "code-review",
242
+ "triggers": ["review", "code review", "pre-merge", "pr review", "merge review"],
243
+ "sequence": ["qa-engineer", "security-reviewer", "docs-maintainer"],
244
+ "council": ["qa-engineer", "security-reviewer"],
245
+ "requiredOutputs": ["reviewed scope", "findings by severity", "required fixes", "security notes when applicable", "merge recommendation"]
246
+ },
233
247
  {
234
248
  "id": "security-review",
235
249
  "triggers": ["security", "owasp", "secret", "token", "permission", "ssrf", "idor", "dependency"],