@codihaus/claude-skills 1.6.17 → 1.6.18

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@codihaus/claude-skills",
-  "version": "1.6.17",
+  "version": "1.6.18",
   "description": "Claude Code skills for software development workflow",
   "main": "src/index.js",
   "bin": {

package/skills/dev-review/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: dev-review
 description: Code review with focus on quality, security, and best practices
-version: 1.3.0
+version: 1.4.0
 ---
 
 # /dev-review - Code Review
@@ -80,12 +80,45 @@ Review report with verdict and categorized issues.
 - Positives (acknowledge good work)
 - Spec compliance (if UC provided)
 
+## Review Workflow
+
+**1. Load Context (once):**
+- Read `plans/brd/tech-context.md` → Identify stack(s)
+- Load `knowledge/stacks/{stack}/_index.md` → Focus on "For /dev-review" section
+- Read `_quality-attributes.md` → Get all level checklists
+- Read spec (if UC provided) → Get requirements
+- Get git diff or file list → Understand what changed
+
+**2. Analyze Changes:**
+- Review each changed file
+- Apply: Security + Quality + Conventions + Stack-Specific checks
+- Note issues by severity (critical/important/suggestion)
+- Acknowledge good practices
+
+**3. Verify Spec Compliance (if UC provided):**
+- Check all requirements met
+- Identify missing items
+- Flag unauthorized additions
+
+**4. Generate Report:**
+- Verdict (Approve/Request Changes/Needs Discussion)
+- Issues by severity
+- Issues by file
+- Spec compliance status
+- Positives
+
+**5. Offer Fix (if issues found):**
+- Critical/Important → Suggest auto-fix via `/dev-coding`
+- Suggestions → User decides
+
 ## Success Criteria
 
+- Stack knowledge loaded and applied
 - Security risks identified
 - Quality issues found
 - Spec compliance verified
 - Conventions checked
+- Framework patterns verified (from stack knowledge)
 - Constructive feedback with suggested fixes
 - Clear verdict given
 
@@ -116,12 +149,38 @@ Review report with verdict and categorized issues.
 - Not in spec (unauthorized additions)
 
 ### Stack-Specific
-Read stack knowledge files (knowledge/stacks/) for stack-specific review checklists.
 
-Examples:
-- Directus: Check for proper collection usage, field types, permissions
-- Nuxt: Check for composables, server routes, nitro patterns
-- Next.js: Check for App Router patterns, server components, actions
+**CRITICAL: Load framework-specific review checklists**
+
+After loading stack knowledge (from Context Sources → Step 1), apply framework-specific checks from the "For /dev-review" section:
+
+**React projects:**
+- Hooks follow Rules of Hooks (no conditional calls, correct order)
+- All dependencies included in useEffect/useCallback/useMemo
+- No infinite loops, no stale closures
+- State updates are immutable
+- Performance optimizations appropriate (memo, lazy)
+- Lists have stable keys
+
+**Next.js projects:**
+- Server vs Client Components used correctly
+- Server Actions have "use server" directive
+- Data fetching uses proper Next.js patterns
+- No client-side code in Server Components
+
+**Nuxt projects:**
+- Composables follow naming convention (useX)
+- Server routes in correct location
+- Auto-imports used correctly
+- SSR-safe code (no window access in setup)
+
+**Directus projects:**
+- Collections accessed properly
+- Permissions configured
+- Field types match requirements
+- Flows and hooks follow patterns
+
+**If stack knowledge file doesn't exist**, apply general best practices only.
 
 ## Context Sources
 
@@ -130,12 +189,22 @@ Examples:
 - Specific files (if provided)
 
 **Read to understand standards:**
-- tech-context.md - Project conventions
-- stack knowledge files - Stack-specific patterns
-- architecture.md - Architecture decisions
-- spec - Requirements (if UC provided)
-- _quality-attributes.md - ALL levels (Architecture, Specification, Implementation, Review)
-- Config files (.eslintrc, tsconfig.json)
+
+**Step 1: Load stack knowledge (CRITICAL)**
+- Read `plans/brd/tech-context.md` → Identify stack(s)
+- Extract stack names (look for "Primary Stack" or "Tech Stack" section)
+- Load corresponding knowledge files:
+  - If "React" → Read `knowledge/stacks/react/_index.md` → Focus on "For /dev-review" section
+  - If "Next.js" → Read `knowledge/stacks/nextjs/_index.md` → Focus on "For /dev-review" section
+  - If "Nuxt" → Read `knowledge/stacks/nuxt/_index.md` → Focus on "For /dev-review" section
+  - If "Directus" → Read `knowledge/stacks/directus/_index.md` → Focus on "For /dev-review" section
+
+**Step 2: Load project and spec context**
+- `tech-context.md` - Project conventions
+- `architecture.md` - Architecture decisions (if exists)
+- `spec` - Requirements (if UC provided)
+- `_quality-attributes.md` - ALL levels (Architecture, Specification, Implementation, Review)
+- Config files (`.eslintrc`, `tsconfig.json`, etc.)
 
 ## Severity Levels
 
@@ -225,17 +294,22 @@ const posts = await db.posts.findMany({
 ```
 User: /dev-review UC-AUTH-001
 
-Phase 1: Gather
-- Get git diff for UC-AUTH-001 files
-- Read scout conventions
-- Read UC-AUTH-001 spec
-
-Phase 2-6: Analyze
+Step 1: Load Context
+- Read tech-context.md → Stack: Next.js 14 + TypeScript
+- Read knowledge/stacks/nextjs/_index.md → "For /dev-review" section
+  → Check Server Actions, App Router, Server Components
+- Read knowledge/stacks/react/_index.md → "For /dev-review" section
+  → Check Hooks, state management, performance
+- Read _quality-attributes.md → All level checklists
+- Read UC-AUTH-001 spec → Requirements
+- Get git diff → Changed files
+
+Step 2: Analyze
 - src/api/auth/login.ts: Clean ✓
-- src/components/LoginForm.tsx: 1 issue
-- src/lib/api.ts: 1 suggestion
+- src/components/LoginForm.tsx: 1 issue (React hooks deps missing)
+- src/lib/api.ts: 1 suggestion (naming)
 
-Phase 7: Output
+Step 3: Generate Report
 
 ## Review Summary