@codyswann/lisa 1.40.0 → 1.41.0

package/expo/copy-overwrite/.claude/agents/ops-specialist.md

@@ -0,0 +1,124 @@
+---
+name: ops-specialist
+description: Operations specialist agent for Expo + serverless backend projects. Runs the full stack locally, deploys frontend (EAS) and backend (Serverless), checks logs (local, browser, device, CloudWatch), monitors errors (Sentry), runs browser UAT via Playwright MCP tools, manages database migrations, and performs performance analysis. Self-contained with all operational knowledge.
+tools: Read, Grep, Glob, Bash
+skills:
+  - ops-run-local
+  - ops-deploy
+  - ops-check-logs
+  - ops-verify-health
+  - ops-browser-uat
+  - ops-db-ops
+  - ops-monitor-errors
+  - ops-performance
+---
+
+# Ops Specialist Agent
+
+You are an operations specialist for an Expo + serverless backend application. Your mission is to **run, monitor, deploy, debug, and UAT the application** across local and remote environments. You operate with full operational knowledge embedded in this prompt — you do not need to search for setup instructions.
+
+## Architecture Summary
+
+| Layer | Stack | Key Tech |
+|-------|-------|----------|
+| Frontend | Expo (React Native for Web, iOS, Android) | bun, Apollo Client, Expo Router |
+| Backend | NestJS (Serverless Framework on AWS Lambda) | TypeORM, PostgreSQL, Cognito, Redis, GraphQL |
+| Auth | AWS Cognito | Phone + OTP flow |
+| CI/CD | GitHub Actions | EAS Update (OTA), Serverless deploy |
+| Monitoring | Sentry | Frontend + Backend projects |
+
+## Repository Paths
+
+- **Frontend**: The current project directory (this repo). Use `.` or `$CLAUDE_PROJECT_DIR` in commands.
+- **Backend**: Resolved via the `BACKEND_DIR` environment variable. Defaults to `../backend-v2` (sibling directory convention).
+
+### Path Resolution
+
+All skills use `${BACKEND_DIR:-../backend-v2}` in bash commands. This means:
+- If `BACKEND_DIR` is set, use that path.
+- Otherwise, assume the backend repo is at `../backend-v2` relative to the frontend root.
+
+### Developer Setup
+
+Each developer sets their backend path in `.claude/settings.local.json` (gitignored):
+
+```json
+{
+  "env": {
+    "BACKEND_DIR": "/path/to/your/backend"
+  }
+}
+```
+
+If the backend is a sibling directory named `backend-v2`, no configuration is needed — the default works.
+
+## Project Discovery
+
+On first invocation, discover project-specific values by reading these files:
+
+| Value | Source File | How to Extract |
+|-------|------------|----------------|
+| Environment URLs | `.env.localhost`, `.env.development`, `.env.staging`, `.env.production` | `EXPO_PUBLIC_GRAPHQL_BASE_URL` for backend; frontend URLs from `e2e/constants.ts` |
+| Test credentials | `e2e/constants.ts` | `PHONE_NUMBER` and `OTP` exports |
+| UI selectors | `e2e/selectors.ts` | `selectors` object with all `data-testid` values |
+| Login flow | `e2e/fixtures/auth.fixture.ts` | `createAuthFixture` function with step-by-step login |
+| AWS profiles | Backend `package.json` | Scripts matching `aws:signin:*` pattern |
+| Lambda functions | Backend `package.json` | Scripts matching `logs:*` and `deploy:function:*` patterns |
+| Deploy commands | Backend `package.json` | Scripts matching `deploy:*` pattern |
+| Migration commands | Backend `package.json` | Scripts matching `migration:*` pattern |
+| Sentry config | Frontend `package.json` | `@sentry/react-native` dependency; org/project from `.sentryclirc` or Sentry DSN in `.env.*` |
+| Frontend scripts | Frontend `package.json` | All available `scripts` |
+
+## App Routes
+
+Discover routes from the `app/` directory (Expo Router file-based routing):
+
+| Route | Purpose |
+|-------|---------|
+| `/signin` | Login page |
+| `/confirm-code` | OTP entry |
+| `/` | Home screen |
+
+Read `app/` directory structure to discover all available routes.
+
+## Skills Reference
+
+| Skill | Purpose |
+|-------|---------|
+| `ops-run-local` | Start, stop, restart, or check status of local dev environment |
+| `ops-deploy` | Deploy frontend (EAS) or backend (Serverless) to any environment |
+| `ops-check-logs` | View local, browser, device, or remote CloudWatch logs |
+| `ops-verify-health` | Health check all services across environments |
+| `ops-browser-uat` | Browser-based UAT via Playwright MCP tools |
+| `ops-db-ops` | Database migrations, reverts, schema generation, GraphQL codegen |
+| `ops-monitor-errors` | Monitor Sentry for unresolved errors |
+| `ops-performance` | Lighthouse audits, bundle analysis, k6 load tests |
+
+## Troubleshooting Quick Reference
+
+| Problem | Likely Cause | Fix |
+|---------|-------------|-----|
+| `port 8081 already in use` | Previous Metro bundler running | `lsof -ti :8081 \| xargs kill -9` |
+| `port 3000 already in use` | Previous backend running | `lsof -ti :3000 \| xargs kill -9` |
+| `ExpiredTokenException` | AWS SSO session expired | Run `aws:signin:{env}` script from backend dir |
+| Metro bundler crash | Cache corruption | `bun start:local --clear` |
+| `ECONNREFUSED localhost:3000` | Backend not running | Start backend first, then frontend |
+| Migration fails | Missing AWS credentials | Run `aws:signin:{env}` script before migration |
+| EAS CLI not found | Not installed globally | `npm install -g eas-cli` |
+| `sls` not found | Serverless not installed | `cd $BACKEND_DIR && bun install` |
+| GraphQL schema mismatch | Stale generated types | Run `generate:types:{env}` script |
+| `BACKEND_DIR` not set | Missing env config | Set in `.claude/settings.local.json` or use default `../backend-v2` |
+
+## Rules
+
+- Always verify empirically — never assume something works because the code looks correct
+- Always discover project-specific values from source files before operations
+- Always check prerequisites (ports, AWS credentials, running services) before operations
+- Always resolve `$BACKEND_DIR` before running backend commands — verify the directory exists
+- Never deploy to production without explicit human confirmation
+- Never run destructive database operations without explicit human confirmation
+- Always use test credentials from `e2e/constants.ts` for browser automation
+- Always use the correct `--profile` and `--region` for AWS CLI commands (discover from backend scripts)
+- Always start backend before frontend for full-stack local development
+- Always take screenshots at verification points during browser UAT
+- Always report results in structured tables

package/expo/copy-overwrite/.claude/skills/ops-browser-uat/SKILL.md

@@ -0,0 +1,124 @@
+---
+name: ops-browser-uat
+description: Browser-based user acceptance testing via Playwright MCP tools. Logs into the application, navigates through features, and captures visual proof with screenshots.
+allowed-tools:
+  - Bash
+  - Read
+---
+
+# Ops: Browser UAT
+
+Perform browser-based user acceptance testing using Playwright MCP tools.
+
+**Argument**: `$ARGUMENTS` — scenario and environment (e.g., `smoke-test dev`, `login staging`, `player-detail dev`, `custom production /path`)
+
+## Prerequisites
+
+1. **Load Playwright MCP tools** — use `ToolSearch` to search for `playwright browser` and load all browser tools.
+2. **Verify target environment is up** — curl check the frontend URL before launching the browser.
+3. **For localhost** — ensure the frontend is running on port 8081.
+
+## Discovery
+
+Before running any scenario, read these project files to discover configuration:
+
+1. **`e2e/constants.ts`** — environment URLs, test credentials (phone, OTP), timeouts, viewports
+2. **`e2e/selectors.ts`** — all `data-testid` values organized by feature area
+3. **`e2e/fixtures/auth.fixture.ts`** — exact login/logout flow to replicate via MCP tools
+4. **`playwright.config.ts`** — video/trace recording config, test directory
+
+## Authentication Procedure
+
+Replicate the login flow from `e2e/fixtures/auth.fixture.ts` using Playwright MCP tools. Read the file to get the exact steps, which typically follow this pattern:
+
+### Login
+
+1. `browser_navigate` to `{BASE_URL}/signin`
+2. `browser_snapshot` to discover page elements
+3. `browser_fill_form` — fill the phone input (discover placeholder text from auth fixture)
+4. Wait for form validation debounce (typically 500ms)
+5. `browser_click` — click the "Next" button
+6. `browser_wait_for` — wait for URL to contain `confirm-code` (timeout from constants)
+7. `browser_snapshot` to discover OTP input
+8. `browser_fill_form` — fill the OTP input (discover testid from selectors, value from constants)
+9. `browser_wait_for` — wait for URL to NOT contain `confirm-code`
+10. `browser_take_screenshot` — capture login proof
+
+### Dismiss Error Overlay
+
+Expo's development error overlay may appear. Dismiss it:
+
+1. `browser_evaluate` with script:
+   ```javascript
+   document.getElementById('error-overlay')?.remove();
+   document.querySelectorAll('[id*="error"]').forEach(el => el.remove());
+   ```
+2. `browser_press_key` — press "Escape" as backup
+
+### Check if Logged In
+
+```javascript
+// browser_evaluate
+localStorage.getItem("@authData") !== null
+```
+
+### Logout
+
+Discover the menu button and sign-out flow from `e2e/selectors.ts` and `e2e/fixtures/auth.fixture.ts`:
+
+1. `browser_click` — menu button element (discover testid from selectors)
+2. `browser_click` — element with text "Sign Out"
+3. `browser_wait_for` — URL contains `signin`
+
+## Selector Reference
+
+Read `e2e/selectors.ts` to get the complete `data-testid` reference for the project. The selectors object is organized by feature area (auth, nav, home sections, player detail, etc.).
+
+Use `[data-testid="{TESTID}"]` to target elements in Playwright MCP tools.
+
+## Built-in UAT Scenarios
+
+### 1. smoke-test
+
+Full app walkthrough. Read `e2e/selectors.ts` to identify which sections and elements to verify:
+
+1. **Login** (auth procedure above)
+2. **Home screen** — verify key sections exist using selectors from the project
+3. **Feature pages** — navigate to 2-3 key routes and verify content loads
+4. **Logout** → verify redirect to signin
+5. Screenshot at each step
+
+### 2. login
+
+Just the login flow with screenshot proof.
+
+### 3. home-screen
+
+Login → verify all home screen sections have data. Screenshot each section.
+
+### 4. custom
+
+Login → navigate to user-specified URL → interact as instructed → screenshot.
+
+## Proof Recording
+
+At each verification point:
+
+1. `browser_take_screenshot` — visual proof of current state
+2. `browser_console_messages` — check for JavaScript errors
+3. `browser_network_requests` — monitor for failed API calls (4xx, 5xx)
+
+## Output Format
+
+Report UAT results as a table:
+
+| Step | Action | Status | Notes |
+|------|--------|--------|-------|
+| 1 | Navigate to /signin | PASS | Page loaded in 1.2s |
+| 2 | Enter phone number | PASS | Input accepted |
+| 3 | Click Next | PASS | Navigated to /confirm-code |
+| 4 | Enter OTP | PASS | OTP accepted |
+| 5 | Verify home screen | PASS | All sections present |
+| 6 | Logout | PASS | Redirected to /signin |
+
+Include total PASS/FAIL count and any JS errors or failed network requests observed.

package/expo/copy-overwrite/.claude/skills/ops-check-logs/SKILL.md

@@ -0,0 +1,211 @@
+---
+name: ops-check-logs
+description: Check application logs from local processes, browser console, React Native device logs, or remote AWS CloudWatch. Supports log tailing, filtering, and error searching across all platforms.
+allowed-tools:
+  - Bash
+  - Read
+---
+
+# Ops: Check Logs
+
+View and search logs across all platforms and environments.
+
+**Argument**: `$ARGUMENTS` — target and optional filter (e.g., `dev errors`, `staging api`, `local`, `browser`, `device ios`, `production {function}`)
+
+## Path Convention
+
+- **Frontend**: Current project directory (`.`)
+- **Backend**: `${BACKEND_DIR:-../backend-v2}` — set `BACKEND_DIR` in `.claude/settings.local.json` if your backend is elsewhere
+
+## Discovery
+
+1. Read backend `package.json` to discover `logs:*`, `logs:watch:*`, and `aws:signin:*` scripts
+2. Extract function names from `logs:{env}` scripts (typically set via `FUNCTION_NAME` env var)
+3. Read `.env.{environment}` to find Sentry DSN for error correlation
+
+## Local Process Logs
+
+Local services run in foreground processes. Their logs are captured in the terminal where they were started.
+
+- **Frontend**: stdout from `bun start:local` or `bun start:dev` (Metro bundler)
+- **Backend**: stdout from `IS_OFFLINE=true bun run start:local` (Serverless Offline)
+
+If services were started via the `ops-run-local` skill with `run_in_background`, check the background task output file.
+
+## Browser Console Logs (Expo Web)
+
+For inspecting JavaScript errors, warnings, and `console.log` output in the browser at runtime.
+
+### Via Playwright MCP Tools (automated)
+
+Use when you need to capture browser logs programmatically during UAT or debugging.
+
+1. **Load Playwright tools** — use `ToolSearch` to search for `playwright browser`.
+
+2. **Navigate to the app**:
+   - `browser_navigate` to the target URL (discover from `e2e/constants.ts` or `.env.*` files)
+
+3. **Capture console messages**:
+   - `browser_console_messages` — returns all `console.log`, `console.warn`, `console.error` output
+
+4. **Check for failed network requests**:
+   - `browser_network_requests` — shows all HTTP requests including 4xx/5xx failures
+
+5. **Run custom JS to inspect state**:
+   - `browser_evaluate` with script: `JSON.stringify(performance.getEntriesByType('resource').filter(r => r.duration > 1000).map(r => ({name: r.name, duration: r.duration})))`
+
+### Via Browser DevTools (manual)
+
+When a developer is debugging interactively:
+
+1. Open the app in Chrome (`http://localhost:8081`)
+2. Open Chrome DevTools: `Cmd+Option+I` (macOS) or `F12`
+3. **Console tab** — JS errors, warnings, and log output
+4. **Network tab** — failed API requests (filter by `4xx` or `5xx`)
+5. **Performance tab** — runtime performance profiling
+
+## React Native Device Logs
+
+For inspecting logs on iOS and Android devices/simulators when running the native app.
+
+### React Native DevTools (primary — press `j`)
+
+The modern debugging tool for Expo apps (React Native 0.76+):
+
+1. Start the app: `bun start:local` or `bun start:dev`
+2. Press `j` in the Metro terminal to open React Native DevTools
+3. Available tabs:
+   - **Console** — interactive JS console connected to the app
+   - **Sources** — set breakpoints, step through code
+   - **Network** — inspect fetch requests and media loads
+   - **Memory** — heap snapshots and memory profiling
+
+### Expo Developer Menu (press `m`)
+
+Press `m` in the Metro terminal to open the Developer Menu on the connected device:
+- Toggle performance monitor (RAM, JS heap, Views, FPS)
+- Toggle element inspector
+- Open JS debugger
+- Reload app
+
+### iOS Logs
+
+```bash
+# Via Expo CLI (logs appear in Metro terminal automatically)
+# Just run the app — console.log output streams to the terminal
+
+# Via Xcode Console (native-level logs)
+# Open Xcode > Devices and Simulators (Shift+Cmd+2) > Open Console
+
+# Via macOS Console app (simulator logs)
+# Open Console.app > filter by process name
+```
+
+### Android Logs
+
+```bash
+# Via Expo CLI (logs appear in Metro terminal automatically)
+# Just run the app — console.log output streams to the terminal
+
+# Via adb logcat (native-level logs, verbose)
+adb logcat *:E  # Errors only
+adb logcat -s ReactNativeJS  # React Native JS logs only
+adb logcat -s ReactNativeJS:V *:S  # JS logs verbose, suppress everything else
+
+# Via Android Studio Logcat
+# Open Android Studio > View > Tool Windows > Logcat
+# Filter by package name or "ReactNativeJS"
+```
+
+### Production Crash Logs (Device)
+
+For production crash investigation on native platforms:
+- **iOS**: Xcode Crashes Organizer (TestFlight/App Store builds)
+- **Android**: Google Play Console > Crashes section
+- **Both**: Sentry captures JS-level crashes — use `ops-monitor-errors` skill
+
+## Remote Logs (CloudWatch via Serverless Framework)
+
+Discover available log scripts from the backend `package.json` (matching `logs:*` and `logs:watch:*`).
+
+### Prerequisites
+
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+bun run aws:signin:{env}
+```
+
+### View Recent Logs
+
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+FUNCTION_NAME={fn} bun run logs:{env}
+```
+
+### Tail Logs (follow mode)
+
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+FUNCTION_NAME={fn} bun run logs:watch:{env}
+```
+
+## Remote Logs (AWS CLI — Advanced Filtering)
+
+For more advanced filtering, use the AWS CLI directly. Discover the AWS profile from backend `package.json` `aws:signin:*` scripts.
+
+### Discover Log Groups
+
+```bash
+aws logs describe-log-groups \
+  --profile {aws-profile} \
+  --region us-east-1 \
+  --query 'logGroups[].logGroupName' \
+  --output text | tr '\t' '\n'
+```
+
+### Filter for Errors (last 30 minutes)
+
+```bash
+aws logs filter-log-events \
+  --profile {aws-profile} \
+  --region us-east-1 \
+  --log-group-name "{log-group}" \
+  --start-time $(date -v-30M +%s000) \
+  --filter-pattern "ERROR" \
+  --query 'events[].message' \
+  --output text
+```
+
+### Tail Live Logs
+
+```bash
+aws logs tail "{log-group}" \
+  --profile {aws-profile} \
+  --region us-east-1 \
+  --follow \
+  --since 10m
+```
+
+## EAS Build Logs
+
+For frontend build issues:
+
+```bash
+# List recent builds
+eas build:list --limit 5
+
+# View specific build details
+eas build:view {build-id}
+```
+
+## Output Format
+
+Report log findings as:
+
+| Source | Timestamp | Level | Context | Message |
+|--------|-----------|-------|---------|---------|
+| CloudWatch | 2024-01-15T10:30:00Z | ERROR | api | Connection timeout to RDS |
+| Browser | — | ERROR | console | TypeError: Cannot read property 'name' |
+| Device | — | WARN | ReactNativeJS | VirtualizedList: missing keys |
+
+Include a summary of findings: total errors, warnings, and any patterns observed.

package/expo/copy-overwrite/.claude/skills/ops-db-ops/SKILL.md

@@ -0,0 +1,119 @@
+---
+name: ops-db-ops
+description: Database migrations, reverts, schema generation, and GraphQL codegen for Expo + serverless backend projects. Operates on the backend (TypeORM) and frontend (GraphQL code generation).
+allowed-tools:
+  - Bash
+  - Read
+---
+
+# Ops: Database Operations
+
+Manage database migrations, schema generation, and GraphQL code generation.
+
+**Argument**: `$ARGUMENTS` — operation (`migrate`, `revert`, `generate`, `schema`, `codegen`) and optional environment (default: `dev`)
+
+## Path Convention
+
+- **Frontend**: Current project directory (`.`)
+- **Backend**: `${BACKEND_DIR:-../backend-v2}` — set `BACKEND_DIR` in `.claude/settings.local.json` if your backend is elsewhere
+
+## Safety
+
+**CRITICAL**: Never run migrations or reverts against production without explicit human confirmation.
+
+## Discovery
+
+Read the backend `package.json` to discover available migration and schema scripts:
+- `migration:run:*` — run pending migrations
+- `migration:revert:*` — revert last migration
+- `migration:generate:*` — generate new migration from entity changes
+- `migration:create` — create empty migration
+- `generate:sql-schema*` — regenerate SQL schema for MCP
+- `aws:signin:*` — AWS credential scripts
+
+Read the frontend `package.json` to discover codegen scripts:
+- `fetch:graphql:schema:*` — fetch GraphQL schema
+- `generate:types:*` — generate TypeScript types
+
+## AWS Prerequisite
+
+All database operations (except `codegen`) require AWS credentials. Run the backend's AWS signin script first:
+
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+bun run aws:signin:{env}
+```
+
+## Operations
+
+### migrate (run pending migrations)
+
+**Local database**:
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+STAGE={env} bun run migration:run:local
+```
+
+**Remote database**:
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+STAGE={env} bun run migration:run:remote:local
+```
+
+### revert (undo last migration)
+
+**Local database**:
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+STAGE={env} bun run migration:revert:local
+```
+
+**Remote database**:
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+STAGE={env} bun run migration:revert:remote:local
+```
+
+### generate (create new migration from entity changes)
+
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+NAME={migration_name} bun run migration:generate:{env}
+```
+
+### create (create empty migration)
+
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+NAME={migration_name} bun run migration:create
+```
+
+### schema (regenerate SQL schema for MCP)
+
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+STAGE={env} bun run generate:sql-schema
+```
+
+### codegen (regenerate GraphQL types in frontend)
+
+1. **Fetch schema**:
+   ```bash
+   bun run fetch:graphql:schema:{env}
+   ```
+
+2. **Generate types**:
+   ```bash
+   bun run generate:types:{env}
+   ```
+
+**Note**: The backend must be running (locally or deployed) for schema fetching to work.
+
+## Output Format
+
+Report operation result:
+
+| Operation | Environment | Target | Status | Details |
+|-----------|-------------|--------|--------|---------|
+| migrate | dev | local DB | SUCCESS | 2 migrations applied |
+| codegen | dev | frontend | SUCCESS | Types regenerated |

package/expo/copy-overwrite/.claude/skills/ops-deploy/SKILL.md

@@ -0,0 +1,119 @@
+---
+name: ops-deploy
+description: Deploy Expo frontend (EAS Update/Build) or serverless backend (Serverless Framework) to dev, staging, or production environments.
+allowed-tools:
+  - Bash
+  - Read
+---
+
+# Ops: Deploy
+
+Deploy the application to remote environments.
+
+**Argument**: `$ARGUMENTS` — environment (`dev`, `staging`, `production`) and optional target (`frontend`, `backend`, `both`; default: `both`)
+
+## Path Convention
+
+- **Frontend**: Current project directory (`.`)
+- **Backend**: `${BACKEND_DIR:-../backend-v2}` — set `BACKEND_DIR` in `.claude/settings.local.json` if your backend is elsewhere
+
+## Safety
+
+**CRITICAL**: Production deployments require explicit human confirmation before proceeding. Always ask for confirmation when `$ARGUMENTS` contains `production`.
+
+## Discovery
+
+1. Read backend `package.json` to discover `deploy:*`, `aws:signin:*` scripts
+2. Read frontend `package.json` to discover available scripts
+3. Read `.env.{environment}` files to find GraphQL URLs for post-deploy verification
+
+## CI/CD Path (Preferred)
+
+The standard deployment path is via CI/CD — pushing to environment branches triggers auto-deploy. Manual deployment instructions below are for when CI/CD is not suitable.
+
+## Frontend Deployment
+
+### EAS Update (OTA — over-the-air JavaScript update)
+
+Use for JS-only changes (no native module changes).
+
+1. Verify EAS CLI:
+   ```bash
+   eas whoami
+   ```
+   If not authenticated: `eas login`
+
+2. Copy environment file:
+   ```bash
+   cp .env.{environment} .env
+   ```
+
+3. Deploy OTA update:
+   ```bash
+   STAGE={env} NODE_OPTIONS="--max-old-space-size=8192" eas update --auto --channel={env} --message="Manual update"
+   ```
+
+4. Verify deployment:
+   ```bash
+   eas update:list --branch {env} --limit 3
+   ```
+
+### EAS Build (Native binary — only when `app.config.ts` or native modules change)
+
+1. ```bash
+   eas build --platform all --non-interactive --no-wait --profile={profile}
+   ```
+
+2. Check build status:
+   ```bash
+   eas build:list --limit 5
+   ```
+
+## Backend Deployment
+
+### Full Deploy (Serverless Framework)
+
+1. AWS signin (discover script name from backend `package.json`):
+   ```bash
+   cd "${BACKEND_DIR:-../backend-v2}"
+   bun run aws:signin:{env}
+   ```
+
+2. Deploy all functions:
+   ```bash
+   cd "${BACKEND_DIR:-../backend-v2}"
+   bun run deploy:{env}
+   ```
+
+3. Verify (use the GraphQL URL from `.env.{environment}`):
+   ```bash
+   curl -sf {graphql-url} -X POST \
+     -H "Content-Type: application/json" \
+     -d '{"query":"{ __typename }"}' \
+     -w "\nHTTP %{http_code} in %{time_total}s\n"
+   ```
+
+### Single Function Deploy
+
+Discover available function names from backend `package.json` `deploy:function:*` scripts:
+
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+FUNCTION_NAME={fn} bun run deploy:function:{env}
+```
+
+## Post-Deploy Verification
+
+After any deployment:
+
+1. **Health check** the deployed environment (use `ops-verify-health` skill)
+2. **Check logs** for errors in the first 5 minutes (use `ops-check-logs` skill)
+3. **Monitor Sentry** for new issues (use `ops-monitor-errors` skill)
+4. **Run browser UAT smoke test** against the deployed environment (use `ops-browser-uat` skill)
+
+Report deployment result as a table:
+
+| Target | Environment | Method | Status | Verification |
+|--------|-------------|--------|--------|-------------|
+| Frontend | dev | EAS Update | SUCCESS/FAIL | URL responds |
+| Backend | dev | Serverless | SUCCESS/FAIL | GraphQL responds |

package/expo/copy-overwrite/.claude/skills/ops-monitor-errors/SKILL.md

@@ -0,0 +1,99 @@
+---
+name: ops-monitor-errors
+description: Monitor Sentry for unresolved errors in frontend and backend projects. Supports filtering by project, environment, and time range.
+allowed-tools:
+  - Bash
+  - Read
+---
+
+# Ops: Monitor Errors
+
+Monitor Sentry for errors in the application.
+
+**Argument**: `$ARGUMENTS` — project (`frontend`, `backend`, `all`; default: `all`) and optional time range (default: `1h`)
+
+## Discovery
+
+Discover Sentry configuration from:
+1. `.sentryclirc` — org and project names
+2. `.env.*` files — `EXPO_PUBLIC_SENTRY_DSN` for DSN
+3. `package.json` — `@sentry/react-native` (frontend) or `@sentry/node` (backend) for project type
+
+## Sentry CLI
+
+### List Unresolved Issues
+
+```bash
+sentry-cli issues list \
+  --org {org} \
+  --project {project}
+```
+
+### Filter by Environment
+
+```bash
+sentry-cli issues list \
+  --org {org} \
+  --project {project} \
+  --query "is:unresolved environment:{env}"
+```
+
+### Post-Deploy Check (new issues since deploy)
+
+```bash
+sentry-cli issues list \
+  --org {org} \
+  --project {project} \
+  --query "is:unresolved firstSeen:-{time}"
+```
+
+Where `{time}` is a Sentry duration like `1h`, `30m`, `24h`.
+
+## Sentry API (Fallback)
+
+If `sentry-cli` is not installed or not authenticated, use the API directly:
+
+### List Unresolved Issues
+
+```bash
+curl -sf "https://sentry.io/api/0/projects/{org}/{project}/issues/?query=is:unresolved&sort=date" \
+  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" | \
+  jq '.[] | {id: .id, title: .title, count: .count, userCount: .userCount, firstSeen: .firstSeen, lastSeen: .lastSeen}'
+```
+
+### Filter by Environment
+
+```bash
+curl -sf "https://sentry.io/api/0/projects/{org}/{project}/issues/?query=is:unresolved+environment:{env}&sort=date" \
+  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" | \
+  jq '.[] | {id: .id, title: .title, count: .count, userCount: .userCount}'
+```
+
+## Post-Deploy Workflow
+
+After any deployment:
+
+1. Wait 5 minutes for errors to surface
+2. Check for new unresolved issues in the deployed environment
+3. Assess severity: are these new regressions or pre-existing?
+4. Report findings with severity assessment
+
+## Output Format
+
+Report errors as a table:
+
+| Issue ID | Title | Events | Users | First Seen | Severity |
+|----------|-------|--------|-------|------------|----------|
+| 12345 | TypeError: Cannot read property 'name' | 42 | 15 | 5m ago | HIGH |
+| 12346 | Network request failed | 3 | 2 | 2h ago | MEDIUM |
+
+### Severity Classification
+
+| Severity | Criteria |
+|----------|----------|
+| CRITICAL | > 100 events or > 50 users in last hour |
+| HIGH | > 10 events or > 5 users, appeared after deploy |
+| MEDIUM | Recurring issue, < 10 events |
+| LOW | < 3 events, no user impact |
+
+Include summary: total unresolved issues, new since last deploy, and recommendation (proceed / investigate / rollback).

package/expo/copy-overwrite/.claude/skills/ops-performance/SKILL.md

@@ -0,0 +1,165 @@
+---
+name: ops-performance
+description: Performance analysis for Expo + serverless backend projects. Runs Lighthouse audits, bundle size analysis, and k6 load tests.
+allowed-tools:
+  - Bash
+  - Read
+---
+
+# Ops: Performance
+
+Analyze application performance.
+
+**Argument**: `$ARGUMENTS` — analysis type (`lighthouse`, `bundle`, `k6`, `all`; default: `all`) and optional target environment
+
+## Path Convention
+
+- **Frontend**: Current project directory (`.`)
+- **Backend**: `${BACKEND_DIR:-../backend-v2}` — set `BACKEND_DIR` in `.claude/settings.local.json` if your backend is elsewhere
+
+## Discovery
+
+1. Read frontend `package.json` for `lighthouse:check`, `export:web`, `analyze:bundle` scripts
+2. Read backend `package.json` for `k6:*` scripts
+3. Read `e2e/constants.ts` or `.env.*` files for environment URLs
+
+## Lighthouse Audit
+
+### Against Local
+
+```bash
+npx lighthouse http://localhost:8081 \
+  --output=json \
+  --output-path=./lighthouse-local.json \
+  --chrome-flags='--headless --no-sandbox'
+```
+
+### Against Deployed Environment
+
+Discover frontend URLs from `e2e/constants.ts` or `.env.*` files:
+
+```bash
+npx lighthouse https://{env_url} \
+  --output=json \
+  --output-path=./lighthouse-{env}.json \
+  --chrome-flags='--headless --no-sandbox'
+```
+
+### LHCI (Lighthouse CI — uses project config)
+
+```bash
+bun run lighthouse:check
+```
+
+### Parse Lighthouse Results
+
+```bash
+cat lighthouse-{env}.json | jq '{
+  performance: .categories.performance.score,
+  accessibility: .categories.accessibility.score,
+  bestPractices: .categories["best-practices"].score,
+  seo: .categories.seo.score,
+  fcp: .audits["first-contentful-paint"].displayValue,
+  lcp: .audits["largest-contentful-paint"].displayValue,
+  tbt: .audits["total-blocking-time"].displayValue,
+  cls: .audits["cumulative-layout-shift"].displayValue,
+  si: .audits["speed-index"].displayValue
+}'
+```
+
+## Bundle Analysis
+
+### Full Analysis (export + source-map-explorer)
+
+```bash
+bun run export:web && bun run analyze:bundle
+```
+
+### Quick Size Check
+
+```bash
+bun run export:web
+echo "=== Total Bundle Size ==="
+du -sh dist/
+echo ""
+echo "=== Largest JS Files ==="
+find dist -name "*.js" -exec ls -lhS {} + 2>/dev/null | head -20
+```
+
+## k6 Load Tests
+
+Discover available k6 scripts from the backend `package.json` (matching `k6:*`).
+
+### Smoke Test (minimal load, verify endpoints work)
+
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+bun run k6:smoke
+```
+
+### Load Test (normal traffic simulation)
+
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+bun run k6:load
+```
+
+### Stress Test (push beyond normal capacity)
+
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+bun run k6:stress
+```
+
+### Spike Test (sudden traffic burst)
+
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+bun run k6:spike
+```
+
+### Docker-based k6 (no local k6 install needed)
+
+```bash
+cd "${BACKEND_DIR:-../backend-v2}"
+bun run k6:docker:smoke
+bun run k6:docker:load
+```
+
+## Output Format
+
+### Lighthouse Scores
+
+| Metric | Score | Rating |
+|--------|-------|--------|
+| Performance | 0.85 | GOOD |
+| Accessibility | 0.92 | GOOD |
+| Best Practices | 0.88 | GOOD |
+| SEO | 0.95 | GOOD |
+
+### Core Web Vitals
+
+| Metric | Value | Threshold | Status |
+|--------|-------|-----------|--------|
+| FCP (First Contentful Paint) | 1.2s | < 1.8s | PASS |
+| LCP (Largest Contentful Paint) | 2.1s | < 2.5s | PASS |
+| TBT (Total Blocking Time) | 150ms | < 200ms | PASS |
+| CLS (Cumulative Layout Shift) | 0.05 | < 0.1 | PASS |
+
+### Bundle Size
+
+| Category | Size | Notes |
+|----------|------|-------|
+| Total dist/ | 4.2 MB | |
+| Largest chunk | 1.1 MB | vendor.js |
+
+### k6 Results
+
+| Metric | Value |
+|--------|-------|
+| Requests/sec | 450 |
+| Avg response time | 120ms |
+| p95 response time | 350ms |
+| Error rate | 0.1% |
+
+Include recommendations for any metrics that fall below thresholds.

package/expo/copy-overwrite/.claude/skills/ops-run-local/SKILL.md

@@ -0,0 +1,166 @@
+---
+name: ops-run-local
+description: Manage the local development environment for Expo + serverless backend projects. Supports start, stop, restart, and status for the full stack or individual services.
+allowed-tools:
+  - Bash
+  - Read
+---
+
+# Ops: Run Local
+
+Manage the local development environment.
+
+**Argument**: `$ARGUMENTS` — `start`, `stop`, `restart`, `status`, `start-frontend`, `start-backend` (default: `start`)
+
+## Path Convention
+
+- **Frontend**: Current project directory (`.`)
+- **Backend**: `${BACKEND_DIR:-../backend-v2}` — set `BACKEND_DIR` in `.claude/settings.local.json` if your backend is elsewhere
+
+## Prerequisites (run before any operation)
+
+1. Verify backend directory exists:
+   ```bash
+   BACKEND_DIR="${BACKEND_DIR:-../backend-v2}"
+   test -d "$BACKEND_DIR" && echo "Backend dir OK: $BACKEND_DIR" || echo "ERROR: Backend dir not found at $BACKEND_DIR — set BACKEND_DIR"
+   ```
+2. Check port availability:
+   ```bash
+   lsof -i :8081 2>/dev/null | grep LISTEN
+   lsof -i :3000 2>/dev/null | grep LISTEN
+   ```
+3. Verify bun is installed:
+   ```bash
+   which bun && bun --version
+   ```
+
+## Discovery
+
+Read the frontend `package.json` to find available start scripts (e.g., `start:local`, `start:dev`, `start:staging`). Read the backend `package.json` to find backend start scripts (e.g., `start:local`, `start:dev`).
+
+## Operations
+
+### start (full stack)
+
+Start both backend and frontend for local development.
+
+1. **Start backend** (background):
+   ```bash
+   cd "${BACKEND_DIR:-../backend-v2}" && IS_OFFLINE=true bun run start:local
+   ```
+   Run this in the background using the Bash tool with `run_in_background: true`.
+
+2. **Wait for backend** (up to 30 seconds):
+   ```bash
+   for i in $(seq 1 30); do
+     curl -sf http://localhost:3000/graphql -X POST \
+       -H "Content-Type: application/json" \
+       -d '{"query":"{ __typename }"}' > /dev/null 2>&1 && echo "Backend ready" && break
+     sleep 1
+   done
+   ```
+
+3. **Start frontend** (background):
+   ```bash
+   bun run start:local
+   ```
+   Run this in the background using the Bash tool with `run_in_background: true`.
+
+4. **Verify frontend** (up to 60 seconds — Metro bundler can be slow):
+   ```bash
+   for i in $(seq 1 60); do
+     curl -sf http://localhost:8081 > /dev/null 2>&1 && echo "Frontend ready" && break
+     sleep 1
+   done
+   ```
+
+5. Report status table.
+
+### start-frontend (frontend only, pointing at remote backend)
+
+Use when the backend is already deployed and you only need the frontend.
+
+1. ```bash
+   bun run start:dev
+   ```
+   Run in background.
+
+2. Verify:
+   ```bash
+   for i in $(seq 1 60); do
+     curl -sf http://localhost:8081 > /dev/null 2>&1 && echo "Frontend ready" && break
+     sleep 1
+   done
+   ```
+
+### start-backend (backend only)
+
+1. Check AWS credentials (discover profile from backend `package.json` `aws:signin:*` scripts):
+   ```bash
+   aws sts get-caller-identity --profile {aws-profile} 2>/dev/null
+   ```
+   If expired, run the backend's `aws:signin:{env}` script.
+
+2. Start:
+   ```bash
+   cd "${BACKEND_DIR:-../backend-v2}" && IS_OFFLINE=true bun run start:local
+   ```
+   Run in background.
+
+3. Verify:
+   ```bash
+   for i in $(seq 1 30); do
+     curl -sf http://localhost:3000/graphql -X POST \
+       -H "Content-Type: application/json" \
+       -d '{"query":"{ __typename }"}' > /dev/null 2>&1 && echo "Backend ready" && break
+     sleep 1
+   done
+   ```
+
+### stop
+
+Kill all local services.
+
+```bash
+# Kill frontend (Metro bundler)
+lsof -ti :8081 | xargs kill -9 2>/dev/null || echo "No frontend process on :8081"
+
+# Kill backend (Serverless Offline)
+lsof -ti :3000 | xargs kill -9 2>/dev/null || echo "No backend process on :3000"
+
+# Stop Docker if running
+cd "${BACKEND_DIR:-../backend-v2}" && docker compose down 2>/dev/null || true
+```
+
+### restart
+
+1. Run **stop** (above).
+2. Wait 2 seconds: `sleep 2`
+3. Run **start** (above).
+4. Verify both services respond.
+
+### status
+
+Check what is currently running and responsive.
+
+```bash
+echo "=== Port Check ==="
+echo -n "Frontend :8081 — "; lsof -i :8081 2>/dev/null | grep LISTEN > /dev/null && echo "LISTENING" || echo "NOT LISTENING"
+echo -n "Backend  :3000 — "; lsof -i :3000 2>/dev/null | grep LISTEN > /dev/null && echo "LISTENING" || echo "NOT LISTENING"
+
+echo ""
+echo "=== Health Check ==="
+echo -n "Frontend :8081 — "; curl -sf -o /dev/null -w "%{http_code}" http://localhost:8081 2>/dev/null || echo "UNREACHABLE"
+echo -n "Backend  :3000 — "; curl -sf -o /dev/null -w "%{http_code}" http://localhost:3000/graphql -X POST -H "Content-Type: application/json" -d '{"query":"{ __typename }"}' 2>/dev/null || echo "UNREACHABLE"
+
+echo ""
+echo "=== Docker ==="
+docker compose -f "${BACKEND_DIR:-../backend-v2}/compose.yaml" ps 2>/dev/null || echo "No Docker services running"
+```
+
+Report results as a table:
+
+| Service | Port | Listening | Responsive |
+|---------|------|-----------|------------|
+| Frontend (Metro) | 8081 | YES/NO | YES/NO |
+| Backend (Serverless Offline) | 3000 | YES/NO | YES/NO |

package/expo/copy-overwrite/.claude/skills/ops-verify-health/SKILL.md

@@ -0,0 +1,101 @@
+---
+name: ops-verify-health
+description: Health check all services across environments. Checks frontend URLs, backend GraphQL endpoints, and reports response times.
+allowed-tools:
+  - Bash
+  - Read
+---
+
+# Ops: Verify Health
+
+Health check all services across environments.
+
+**Argument**: `$ARGUMENTS` — environment(s) to check (default: `all`). Options: `local`, `dev`, `staging`, `production`, `all`
+
+## Discovery
+
+Read these files to build the environment URL table:
+
+1. `e2e/constants.ts` — frontend URLs per environment
+2. `.env.localhost`, `.env.development`, `.env.staging`, `.env.production` — `EXPO_PUBLIC_GRAPHQL_BASE_URL` for backend GraphQL URLs
+
+## Health Checks
+
+For each environment, run these checks:
+
+### Frontend Check
+
+```bash
+curl -sf -o /dev/null -w "HTTP %{http_code} in %{time_total}s" {frontend_url}
+```
+
+Verify the response contains Expo/React markers:
+```bash
+curl -sf {frontend_url} | head -20
+```
+
+### Backend GraphQL Check
+
+```bash
+curl -sf {graphql_url} -X POST \
+  -H "Content-Type: application/json" \
+  -d '{"query":"{ __typename }"}' \
+  -w "\nHTTP %{http_code} in %{time_total}s\n"
+```
+
+### GraphQL Introspection (detailed check)
+
+```bash
+curl -sf {graphql_url} -X POST \
+  -H "Content-Type: application/json" \
+  -d '{"query":"{ __schema { queryType { name } } }"}' \
+  -w "\nHTTP %{http_code} in %{time_total}s\n"
+```
+
+## Full Health Check Script
+
+Run all checks for the specified environment(s):
+
+```bash
+check_env() {
+  local ENV=$1
+  local FE_URL=$2
+  local BE_URL=$3
+
+  echo "=== $ENV ==="
+
+  # Frontend
+  FE_STATUS=$(curl -sf -o /dev/null -w "%{http_code}" --max-time 10 "$FE_URL" 2>/dev/null || echo "000")
+  FE_TIME=$(curl -sf -o /dev/null -w "%{time_total}" --max-time 10 "$FE_URL" 2>/dev/null || echo "timeout")
+  echo "Frontend: HTTP $FE_STATUS ($FE_TIME s)"
+
+  # Backend
+  BE_RESULT=$(curl -sf --max-time 10 "$BE_URL" -X POST \
+    -H "Content-Type: application/json" \
+    -d '{"query":"{ __typename }"}' \
+    -w "\n%{http_code} %{time_total}" 2>/dev/null || echo -e "\n000 timeout")
+  BE_STATUS=$(echo "$BE_RESULT" | tail -1 | awk '{print $1}')
+  BE_TIME=$(echo "$BE_RESULT" | tail -1 | awk '{print $2}')
+  echo "Backend:  HTTP $BE_STATUS ($BE_TIME s)"
+  echo ""
+}
+```
+
+## EAS Update Status
+
+Check the latest OTA updates deployed to each branch:
+
+```bash
+eas update:list --branch {env} --limit 3
+```
+
+## Output Format
+
+Report results as a table:
+
+| Service | Environment | Status | Response Time | Details |
+|---------|-------------|--------|---------------|---------|
+| Frontend | dev | UP (200) | 0.45s | HTML contains React root |
+| Backend | dev | UP (200) | 0.32s | GraphQL responds `__typename` |
+
+Flag any service with status != 200 or response time > 5s as a concern.

package/package.json

@@ -89,7 +89,7 @@
     "@isaacs/brace-expansion": "^5.0.1"
   },
   "name": "@codyswann/lisa",
-  "version": "1.40.0",
+  "version": "1.41.0",
   "description": "Claude Code governance framework that applies guardrails, guidance, and automated enforcement to projects",
   "main": "dist/index.js",
   "bin": {