npm - @biggora/claude-plugins - Versions diffs - 1.2.0 → 1.2.2 - Mend

@biggora/claude-plugins 1.2.0 → 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (185) hide show

package/gemini-cli-workspace/iteration-1/benchmark.json DELETED Viewed

@@ -1,86 +0,0 @@
-{
-  "skill_name": "gemini-cli",
-  "iteration": 1,
-  "configurations": [
-    {
-      "name": "with_skill",
-      "evals": [
-        {
-          "eval_name": "cicd-setup",
-          "pass_rate": 1.0,
-          "passed": 6,
-          "total": 6,
-          "tokens": 73417,
-          "duration_seconds": 92.4
-        },
-        {
-          "eval_name": "mcp-server-config",
-          "pass_rate": 1.0,
-          "passed": 6,
-          "total": 6,
-          "tokens": 67196,
-          "duration_seconds": 64.1
-        },
-        {
-          "eval_name": "custom-slash-command",
-          "pass_rate": 1.0,
-          "passed": 5,
-          "total": 5,
-          "tokens": 70530,
-          "duration_seconds": 49.5
-        }
-      ],
-      "aggregate": {
-        "mean_pass_rate": 1.0,
-        "mean_tokens": 70381,
-        "mean_duration_seconds": 68.7
-      }
-    },
-    {
-      "name": "without_skill",
-      "evals": [
-        {
-          "eval_name": "cicd-setup",
-          "pass_rate": 0.33,
-          "passed": 2,
-          "total": 6,
-          "tokens": 60035,
-          "duration_seconds": 77.9
-        },
-        {
-          "eval_name": "mcp-server-config",
-          "pass_rate": 0.33,
-          "passed": 2,
-          "total": 6,
-          "tokens": 59258,
-          "duration_seconds": 65.4
-        },
-        {
-          "eval_name": "custom-slash-command",
-          "pass_rate": 0.0,
-          "passed": 0,
-          "total": 5,
-          "tokens": 57648,
-          "duration_seconds": 56.7
-        }
-      ],
-      "aggregate": {
-        "mean_pass_rate": 0.22,
-        "mean_tokens": 58980,
-        "mean_duration_seconds": 66.7
-      }
-    }
-  ],
-  "delta": {
-    "pass_rate": "+0.78",
-    "tokens": "+11401 (19% more)",
-    "duration": "+2.0s (3% more)"
-  },
-  "analyst_observations": [
-    "The skill provides a massive accuracy improvement (100% vs 22% pass rate) with only marginal cost increase (~19% more tokens, ~3% more time).",
-    "Eval 3 (custom slash command) shows the largest gap: the baseline gets the entire mechanism wrong (uses extensions instead of .toml commands), scoring 0/5.",
-    "Eval 1 (CI/CD) baseline hallucinates non-existent flags (--api-key, --json) and even the wrong npm package name (@anthropic-ai/gemini-cli).",
-    "Eval 2 (MCP config) baseline doesn't know about includeTools/excludeTools and recommends hardcoding API keys, which is a security anti-pattern.",
-    "All assertions are discriminating - none pass for both configurations, confirming the skill provides genuine value over baseline knowledge."
-  ]
-}

package/gemini-cli-workspace/iteration-1/eval-1-cicd-setup/eval_metadata.json DELETED Viewed

@@ -1,37 +0,0 @@
-{
-  "eval_id": 1,
-  "eval_name": "cicd-setup",
-  "prompt": "I want to set up gemini cli in my CI/CD pipeline on GitHub Actions so it can automatically review PRs. We use an API key stored in GitHub secrets. How do I set this up with structured JSON output so I can parse the review?",
-  "assertions": [
-    {
-      "id": "mentions-p-flag",
-      "text": "Uses -p or --prompt flag for headless/non-interactive mode",
-      "type": "content_check"
-    },
-    {
-      "id": "mentions-json-output",
-      "text": "Includes --output-format json flag for structured output",
-      "type": "content_check"
-    },
-    {
-      "id": "mentions-api-key-env",
-      "text": "Shows how to set GEMINI_API_KEY from GitHub secrets",
-      "type": "content_check"
-    },
-    {
-      "id": "provides-workflow-yaml",
-      "text": "Provides a GitHub Actions workflow YAML snippet",
-      "type": "content_check"
-    },
-    {
-      "id": "mentions-jq-parsing",
-      "text": "Shows how to parse JSON response (e.g., with jq .response)",
-      "type": "content_check"
-    },
-    {
-      "id": "no-hallucinated-flags",
-      "text": "Does not invent non-existent CLI flags or options",
-      "type": "accuracy_check"
-    }
-  ]
-}

package/gemini-cli-workspace/iteration-1/eval-1-cicd-setup/with_skill/grading.json DELETED Viewed

@@ -1,37 +0,0 @@
-{
-  "eval_id": 1,
-  "eval_name": "cicd-setup",
-  "configuration": "with_skill",
-  "expectations": [
-    {
-      "text": "Uses -p or --prompt flag for headless/non-interactive mode",
-      "passed": true,
-      "evidence": "Uses `-p` flag throughout: `gemini -p \"...\" --output-format json`"
-    },
-    {
-      "text": "Includes --output-format json flag for structured output",
-      "passed": true,
-      "evidence": "Correctly uses `--output-format json` in all examples"
-    },
-    {
-      "text": "Shows how to set GEMINI_API_KEY from GitHub secrets",
-      "passed": true,
-      "evidence": "Shows `GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}` in workflow env block"
-    },
-    {
-      "text": "Provides a GitHub Actions workflow YAML snippet",
-      "passed": true,
-      "evidence": "Provides 3 complete workflows: basic, advanced, and minimal quick-start"
-    },
-    {
-      "text": "Shows how to parse JSON response (e.g., with jq .response)",
-      "passed": true,
-      "evidence": "Shows `jq -r '.response'` and detailed stats extraction with jq"
-    },
-    {
-      "text": "Does not invent non-existent CLI flags or options",
-      "passed": true,
-      "evidence": "All flags used (-p, --output-format json, -m, --yolo, --debug-log) are real Gemini CLI flags"
-    }
-  ]
-}

package/gemini-cli-workspace/iteration-1/eval-1-cicd-setup/with_skill/outputs/response.md DELETED Viewed

@@ -1,401 +0,0 @@
-# Setting Up Gemini CLI for Automated PR Reviews in GitHub Actions
-Here is a complete guide to configuring Gemini CLI in your CI/CD pipeline to automatically review pull requests with structured JSON output.
----
-## Prerequisites
-1. A Gemini API key (get one at https://aistudio.google.com/apikey).
-2. The API key stored as a GitHub Actions secret named `GEMINI_API_KEY`.
----
-## Step 1: Basic GitHub Actions Workflow
-Create `.github/workflows/gemini-pr-review.yml`:
-```yaml
-name: Gemini PR Review
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-permissions:
-  pull-requests: write
-  contents: read
-jobs:
-  review:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0  # Full history so we can diff against base
-      - name: Set up Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: '20'
-      - name: Install Gemini CLI
-        run: npm install -g @google/gemini-cli
-      - name: Get PR diff
-        id: diff
-        run: |
-          git fetch origin ${{ github.base_ref }}
-          git diff origin/${{ github.base_ref }}...HEAD > /tmp/pr-diff.txt
-          echo "diff_size=$(wc -c < /tmp/pr-diff.txt)" >> "$GITHUB_OUTPUT"
-      - name: Run Gemini PR Review
-        id: review
-        env:
-          GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
-        run: |
-          REVIEW_JSON=$(cat /tmp/pr-diff.txt | gemini -p "You are a senior code reviewer. Review the following pull request diff for:
-          1. Bugs and logical errors
-          2. Security vulnerabilities
-          3. Performance issues
-          4. Code style and best practices
-          Provide your review as structured text with sections for each category.
-          If no issues are found in a category, say 'No issues found.'
-          End with an overall summary and a verdict: APPROVE, REQUEST_CHANGES, or COMMENT." \
-            --output-format json)
-          # Extract the response text from the JSON envelope
-          REVIEW_TEXT=$(echo "$REVIEW_JSON" | jq -r '.response')
-          # Extract token stats for logging
-          TOTAL_TOKENS=$(echo "$REVIEW_JSON" | jq '.stats.models | to_entries[0].value.tokens.total // 0')
-          echo "Tokens used: $TOTAL_TOKENS"
-          # Save review to file (handles multi-line safely)
-          echo "$REVIEW_TEXT" > /tmp/review-output.txt
-          # Save for the summary
-          echo "$REVIEW_TEXT" >> "$GITHUB_STEP_SUMMARY"
-      - name: Post review as PR comment
-        uses: actions/github-script@v7
-        with:
-          script: |
-            const fs = require('fs');
-            const review = fs.readFileSync('/tmp/review-output.txt', 'utf8');
-            await github.rest.issues.createComment({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: context.issue.number,
-              body: `## Gemini Code Review\n\n${review}\n\n---\n*Automated review by Gemini CLI*`
-            });
-```
-This workflow triggers on every PR event, runs the diff through Gemini CLI with `--output-format json`, extracts the response with `jq`, and posts it as a PR comment.
----
-## Step 2: Advanced Workflow with Full JSON Parsing
-If you want to parse the structured JSON output more thoroughly -- for example, to extract token usage, check for errors, or conditionally fail the build -- use this expanded version:
-```yaml
-name: Gemini PR Review (Advanced)
-on:
-  pull_request:
-    types: [opened, synchronize]
-permissions:
-  pull-requests: write
-  contents: read
-jobs:
-  review:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: '20'
-      - name: Install Gemini CLI and jq
-        run: |
-          npm install -g @google/gemini-cli
-          # jq is pre-installed on ubuntu-latest, but just in case:
-          which jq || sudo apt-get install -y jq
-      - name: Run structured review
-        id: gemini
-        env:
-          GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
-        run: |
-          git fetch origin ${{ github.base_ref }}
-          DIFF=$(git diff origin/${{ github.base_ref }}...HEAD)
-          # Skip review if diff is empty
-          if [ -z "$DIFF" ]; then
-            echo "No changes to review."
-            echo "skip=true" >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
-          # Run Gemini with JSON output
-          RESULT=$(echo "$DIFF" | gemini -p "You are a code review bot. Analyze this PR diff and respond with ONLY a valid JSON object (no markdown fences) using this exact schema:
-          {
-            \"verdict\": \"APPROVE\" | \"REQUEST_CHANGES\" | \"COMMENT\",
-            \"summary\": \"Brief overall summary\",
-            \"bugs\": [{ \"file\": \"path\", \"line\": number, \"description\": \"...\" }],
-            \"security\": [{ \"file\": \"path\", \"severity\": \"low|medium|high|critical\", \"description\": \"...\" }],
-            \"performance\": [{ \"file\": \"path\", \"description\": \"...\" }],
-            \"suggestions\": [{ \"file\": \"path\", \"description\": \"...\" }]
-          }
-          Return empty arrays if no issues found in a category." \
-            --output-format json)
-          # The outer JSON has a .response field containing the model's text.
-          # The model's text itself is a JSON string we need to parse.
-          REVIEW_RESPONSE=$(echo "$RESULT" | jq -r '.response')
-          # Parse the inner JSON (the actual review)
-          echo "$REVIEW_RESPONSE" | jq '.' > /tmp/review.json
-          # Extract fields for downstream steps
-          VERDICT=$(cat /tmp/review.json | jq -r '.verdict')
-          SUMMARY=$(cat /tmp/review.json | jq -r '.summary')
-          BUG_COUNT=$(cat /tmp/review.json | jq '.bugs | length')
-          SECURITY_COUNT=$(cat /tmp/review.json | jq '.security | length')
-          CRITICAL_COUNT=$(cat /tmp/review.json | jq '[.security[] | select(.severity == "critical")] | length')
-          echo "verdict=$VERDICT" >> "$GITHUB_OUTPUT"
-          echo "bug_count=$BUG_COUNT" >> "$GITHUB_OUTPUT"
-          echo "security_count=$SECURITY_COUNT" >> "$GITHUB_OUTPUT"
-          echo "critical_count=$CRITICAL_COUNT" >> "$GITHUB_OUTPUT"
-          echo "skip=false" >> "$GITHUB_OUTPUT"
-          # Log token usage from the Gemini stats envelope
-          TOKENS=$(echo "$RESULT" | jq '.stats.models | to_entries[0].value.tokens.total // 0')
-          LATENCY=$(echo "$RESULT" | jq '.stats.models | to_entries[0].value.api.totalLatencyMs // 0')
-          echo "Tokens used: $TOKENS, Latency: ${LATENCY}ms"
-      - name: Format and post review comment
-        if: steps.gemini.outputs.skip != 'true'
-        uses: actions/github-script@v7
-        with:
-          script: |
-            const fs = require('fs');
-            const review = JSON.parse(fs.readFileSync('/tmp/review.json', 'utf8'));
-            let body = `## Gemini Code Review\n\n`;
-            body += `**Verdict:** ${review.verdict}\n\n`;
-            body += `**Summary:** ${review.summary}\n\n`;
-            if (review.bugs.length > 0) {
-              body += `### Bugs (${review.bugs.length})\n`;
-              for (const bug of review.bugs) {
-                body += `- **${bug.file}** (line ${bug.line}): ${bug.description}\n`;
-              }
-              body += '\n';
-            }
-            if (review.security.length > 0) {
-              body += `### Security Issues (${review.security.length})\n`;
-              for (const issue of review.security) {
-                const emoji = issue.severity === 'critical' ? '🔴' :
-                              issue.severity === 'high' ? '🟠' :
-                              issue.severity === 'medium' ? '🟡' : '🟢';
-                body += `- ${emoji} **[${issue.severity.toUpperCase()}]** ${issue.file}: ${issue.description}\n`;
-              }
-              body += '\n';
-            }
-            if (review.performance.length > 0) {
-              body += `### Performance (${review.performance.length})\n`;
-              for (const perf of review.performance) {
-                body += `- **${perf.file}**: ${perf.description}\n`;
-              }
-              body += '\n';
-            }
-            if (review.suggestions.length > 0) {
-              body += `### Suggestions (${review.suggestions.length})\n`;
-              for (const sug of review.suggestions) {
-                body += `- **${sug.file}**: ${sug.description}\n`;
-              }
-              body += '\n';
-            }
-            body += `---\n*Automated review by Gemini CLI*`;
-            await github.rest.issues.createComment({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: context.issue.number,
-              body
-            });
-      - name: Fail on critical security issues
-        if: steps.gemini.outputs.critical_count != '0' && steps.gemini.outputs.skip != 'true'
-        run: |
-          echo "::error::Gemini found ${{ steps.gemini.outputs.critical_count }} critical security issue(s). Review required."
-          exit 1
-```
----
-## Understanding the JSON Output
-Gemini CLI's `--output-format json` wraps the model's response in an envelope with this schema:
-```json
-{
-  "response": "The model's text response (string)",
-  "stats": {
-    "models": {
-      "gemini-2.5-pro": {
-        "api": {
-          "totalRequests": 2,
-          "totalErrors": 0,
-          "totalLatencyMs": 5053
-        },
-        "tokens": {
-          "prompt": 24939,
-          "candidates": 20,
-          "total": 25113,
-          "cached": 21263,
-          "thoughts": 154,
-          "tool": 0
-        }
-      }
-    },
-    "tools": {
-      "totalCalls": 1,
-      "totalSuccess": 1,
-      "totalFail": 0,
-      "totalDurationMs": 1881
-    },
-    "files": {
-      "totalLinesAdded": 5,
-      "totalLinesRemoved": 2
-    }
-  }
-}
-```
-To parse this in your pipeline:
-```bash
-# Get the model's text response
-echo "$RESULT" | jq -r '.response'
-# Get total tokens used
-echo "$RESULT" | jq '.stats.models | to_entries[0].value.tokens.total'
-# Get API latency
-echo "$RESULT" | jq '.stats.models | to_entries[0].value.api.totalLatencyMs'
-# Check for API errors
-echo "$RESULT" | jq '.stats.models | to_entries[0].value.api.totalErrors'
-```
----
-## Exit Codes for CI Logic
-Gemini CLI returns meaningful exit codes you can use for conditional logic:
-| Exit Code | Meaning |
-|-----------|---------|
-| 0 | Success |
-| 1 | General error |
-| 2 | Authentication error (bad or missing API key) |
-| 3 | Rate limit / quota exceeded |
-Example usage:
-```bash
-gemini -p "Review this code" --output-format json > /tmp/result.json 2>/dev/null
-EXIT_CODE=$?
-if [ $EXIT_CODE -eq 2 ]; then
-  echo "::error::Gemini API key is invalid or missing. Check your GEMINI_API_KEY secret."
-  exit 1
-elif [ $EXIT_CODE -eq 3 ]; then
-  echo "::warning::Gemini rate limit reached. Skipping review."
-  exit 0
-elif [ $EXIT_CODE -ne 0 ]; then
-  echo "::warning::Gemini CLI failed with exit code $EXIT_CODE. Skipping review."
-  exit 0
-fi
-```
----
-## Tips and Best Practices
-1. **Use `--output-format json` (not `stream-json`)** for CI. The `json` format gives you a single complete JSON object after all processing is done. The `stream-json` format emits newline-delimited JSON events in real-time, which is harder to parse in a script.
-2. **Authentication**: Set `GEMINI_API_KEY` as an environment variable. Gemini CLI picks it up automatically. No `settings.json` or `.env` file is needed in CI.
-3. **Model selection**: Add `-m gemini-2.5-flash` for faster, cheaper reviews or `-m gemini-2.5-pro` for deeper analysis:
-   ```bash
-   gemini -m gemini-2.5-flash -p "Review this diff" --output-format json
-   ```
-4. **Large diffs**: Gemini models support up to 1M tokens of context. For very large PRs, consider filtering the diff to only changed files that matter:
-   ```bash
-   git diff origin/main...HEAD -- '*.py' '*.js' '*.ts' | gemini -p "Review" --output-format json
-   ```
-5. **File references with `@` syntax**: You can reference specific files directly in your prompt:
-   ```bash
-   gemini -p "Review @./src/auth.py and @./src/middleware.py for security issues" --output-format json
-   ```
-6. **Do NOT use `--yolo` for reviews**. The `--yolo` flag auto-accepts all tool actions (file writes, shell commands). For a read-only review, you do not need it. Only use `--yolo` if you want Gemini to make actual code changes.
-7. **Rate limits on the free tier**: 60 requests/minute, 1,000 requests/day. For high-volume repos, consider using a paid API key or adding concurrency limits to your workflow.
-8. **Debug logging**: If reviews are producing unexpected output, add `--debug-log` to capture full API traces:
-   ```bash
-   gemini -p "Review this code" --output-format json --debug-log ./gemini-debug.jsonl
-   ```
-   Then upload `gemini-debug.jsonl` as a workflow artifact for inspection.
----
-## Minimal Quick-Start Example
-If you just want the simplest possible setup to get started:
-```yaml
-name: Gemini Review
-on: [pull_request]
-permissions:
-  pull-requests: write
-  contents: read
-jobs:
-  review:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - run: npm install -g @google/gemini-cli
-      - name: Review
-        env:
-          GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
-        run: |
-          git fetch origin ${{ github.base_ref }}
-          REVIEW=$(git diff origin/${{ github.base_ref }}...HEAD | gemini -p "Review these changes for bugs and issues" --output-format json | jq -r '.response')
-          echo "$REVIEW" >> $GITHUB_STEP_SUMMARY
-```
-This pipes the PR diff into Gemini CLI, extracts the review text from the JSON output with `jq`, and writes it to the GitHub Actions step summary where it is visible directly on the workflow run page.

package/gemini-cli-workspace/iteration-1/eval-1-cicd-setup/with_skill/timing.json DELETED Viewed

@@ -1,5 +0,0 @@
-{
-  "total_tokens": 73417,
-  "duration_ms": 92363,
-  "total_duration_seconds": 92.4
-}

package/gemini-cli-workspace/iteration-1/eval-1-cicd-setup/without_skill/grading.json DELETED Viewed

@@ -1,37 +0,0 @@
-{
-  "eval_id": 1,
-  "eval_name": "cicd-setup",
-  "configuration": "without_skill",
-  "expectations": [
-    {
-      "text": "Uses -p or --prompt flag for headless/non-interactive mode",
-      "passed": false,
-      "evidence": "Pipes prompt via stdin (`echo \"$PROMPT\" | gemini`) instead of using -p flag. Does not demonstrate the correct headless invocation."
-    },
-    {
-      "text": "Includes --output-format json flag for structured output",
-      "passed": false,
-      "evidence": "Mentions `--json` in Step 4 but says 'if supported' and 'check your version'. Does not use the correct `--output-format json` flag."
-    },
-    {
-      "text": "Shows how to set GEMINI_API_KEY from GitHub secrets",
-      "passed": true,
-      "evidence": "Shows `GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}` in env block"
-    },
-    {
-      "text": "Provides a GitHub Actions workflow YAML snippet",
-      "passed": true,
-      "evidence": "Provides multiple complete workflow YAML files"
-    },
-    {
-      "text": "Shows how to parse JSON response (e.g., with jq .response)",
-      "passed": false,
-      "evidence": "Parses the REST API response structure (candidates[0].content.parts[0].text) rather than Gemini CLI's JSON envelope (.response). Falls back to curl-based API calls."
-    },
-    {
-      "text": "Does not invent non-existent CLI flags or options",
-      "passed": false,
-      "evidence": "Uses `--api-key` flag (doesn't exist), `--json` flag (doesn't exist), and references wrong npm package `@anthropic-ai/gemini-cli`"
-    }
-  ]
-}