@dezycro-ai/agent-plugin 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/plugin.json +7 -0
- package/LICENSE +18 -0
- package/PERSONAS.md +309 -0
- package/README.md +125 -0
- package/bin/resolve-auth.js +112 -0
- package/dist/hooks/lib/authoring.d.ts +118 -0
- package/dist/hooks/lib/authoring.js +277 -0
- package/dist/hooks/lib/config.d.ts +28 -0
- package/dist/hooks/lib/config.js +175 -0
- package/dist/hooks/lib/controller-match.d.ts +16 -0
- package/dist/hooks/lib/controller-match.js +96 -0
- package/dist/hooks/lib/coverage.d.ts +17 -0
- package/dist/hooks/lib/coverage.js +66 -0
- package/dist/hooks/lib/hashing.d.ts +8 -0
- package/dist/hooks/lib/hashing.js +49 -0
- package/dist/hooks/lib/logging.d.ts +13 -0
- package/dist/hooks/lib/logging.js +72 -0
- package/dist/hooks/lib/publish-spec.d.ts +17 -0
- package/dist/hooks/lib/publish-spec.js +64 -0
- package/dist/hooks/lib/quality-gate.d.ts +67 -0
- package/dist/hooks/lib/quality-gate.js +187 -0
- package/dist/hooks/lib/router.d.ts +32 -0
- package/dist/hooks/lib/router.js +717 -0
- package/dist/hooks/lib/state.d.ts +34 -0
- package/dist/hooks/lib/state.js +238 -0
- package/dist/hooks/lib/undo.d.ts +11 -0
- package/dist/hooks/lib/undo.js +71 -0
- package/dist/hooks/lib/verify.d.ts +28 -0
- package/dist/hooks/lib/verify.js +94 -0
- package/dist/hooks/lib/workbook.d.ts +21 -0
- package/dist/hooks/lib/workbook.js +77 -0
- package/dist/hooks/types.d.ts +249 -0
- package/dist/hooks/types.js +14 -0
- package/hooks/companion-runner +108 -0
- package/hooks/hooks.json +74 -0
- package/install.js +84 -0
- package/package.json +50 -0
- package/prompts/existing-work-ranker.md +47 -0
- package/prompts/prd-drafter.md +53 -0
- package/prompts/prd-question.md +66 -0
- package/prompts/trd-context-gate.md +57 -0
- package/prompts/trd-discovery.md +71 -0
- package/prompts/trd-drafter.md +63 -0
- package/prompts/trd-question.md +61 -0
- package/prompts/trd-reviewer.md +74 -0
- package/prompts/workbook-sweep.md +89 -0
- package/setup.js +35 -0
- package/skills/author/SKILL.md +285 -0
- package/skills/import-features/SKILL.md +428 -0
- package/skills/init/SKILL.md +133 -0
- package/skills/publish-spec/SKILL.md +101 -0
- package/skills/status/SKILL.md +76 -0
- package/skills/sync/SKILL.md +76 -0
- package/skills/verify/SKILL.md +248 -0
- package/skills/work/SKILL.md +201 -0
|
@@ -0,0 +1,428 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: import-features
|
|
3
|
+
description: Reverse-engineers a codebase into Dezycro features with user-behavior PRDs and matching TRDs. Use when user asks to import, scan, or analyze a codebase into Dezycro, extract product requirements, or generate PRDs and TRDs from code.
|
|
4
|
+
allowed-tools:
|
|
5
|
+
- AskUserQuestion
|
|
6
|
+
- mcp__dezycro__*
|
|
7
|
+
- Read
|
|
8
|
+
- Glob
|
|
9
|
+
- Grep
|
|
10
|
+
- Agent
|
|
11
|
+
- TaskCreate
|
|
12
|
+
- TaskUpdate
|
|
13
|
+
---
|
|
14
|
+
|
|
15
|
+
# Import Codebase into Dezycro
|
|
16
|
+
|
|
17
|
+
Analyze this codebase and create **user-facing features** in Dezycro with PRDs describing user behavior and experience. Then generate TRDs describing how those features are implemented technically.
|
|
18
|
+
|
|
19
|
+
**Your primary role**: You are a product manager documenting what users experience — not a developer documenting how code works.
|
|
20
|
+
|
|
21
|
+
> **⛔ DUPLICATION GATE — READ THIS FIRST**
|
|
22
|
+
>
|
|
23
|
+
> You MUST call `list_features` and `search` to check for existing features BEFORE calling `create_feature` even once.
|
|
24
|
+
> If you call `create_feature` without first completing Step 3 (deduplication), you are violating this skill.
|
|
25
|
+
> There are NO exceptions — not "the project looks empty", not "the user said create", not "I'll check later."
|
|
26
|
+
> Step 3 is as mandatory as Step 1. You cannot skip it.
|
|
27
|
+
|
|
28
|
+
## What is a feature?
|
|
29
|
+
|
|
30
|
+
A product capability that a distinct type of user interacts with. Not an internal service, not infrastructure.
|
|
31
|
+
|
|
32
|
+
| Good features | Bad features |
|
|
33
|
+
|---|---|
|
|
34
|
+
| Login & Registration | Kafka Consumer |
|
|
35
|
+
| Project Dashboard | Redis Cache |
|
|
36
|
+
| Document Editor | Flyway Migrations |
|
|
37
|
+
| Team Management | Editing Documents (verb) |
|
|
38
|
+
|
|
39
|
+
---
|
|
40
|
+
|
|
41
|
+
## Prerequisites
|
|
42
|
+
|
|
43
|
+
Verify the Dezycro MCP server is connected by calling `list_workspaces`. If it fails, tell the user to run: `npx dezycro-setup`
|
|
44
|
+
|
|
45
|
+
---
|
|
46
|
+
|
|
47
|
+
## Process
|
|
48
|
+
|
|
49
|
+
Follow these steps **in order**. Do NOT skip steps.
|
|
50
|
+
|
|
51
|
+
### Step 1: Select Workspace and Project
|
|
52
|
+
|
|
53
|
+
1. Call `list_workspaces`.
|
|
54
|
+
2. Use `AskUserQuestion` with workspace names as `options` to let the user pick.
|
|
55
|
+
If only one workspace, confirm: question "Use workspace 'X'?", options: ["Yes", "No, cancel"]
|
|
56
|
+
3. Call `list_projects` with the chosen workspaceId.
|
|
57
|
+
4. Use `AskUserQuestion` with project names + "Create new project" as options.
|
|
58
|
+
If creating: ask for name via `AskUserQuestion`, then call `create_project`.
|
|
59
|
+
5. Store workspaceId and projectId.
|
|
60
|
+
|
|
61
|
+
**IMPORTANT**: Always use `AskUserQuestion` with `options` — never ask the user to type numbers or text.
|
|
62
|
+
|
|
63
|
+
---
|
|
64
|
+
|
|
65
|
+
### Step 2: Discover User Flows
|
|
66
|
+
|
|
67
|
+
Your goal is to find **what users can do** in this application. Focus on user-facing flows, not internal architecture.
|
|
68
|
+
|
|
69
|
+
**How to find user flows:**
|
|
70
|
+
|
|
71
|
+
1. **Start with routes/pages** — entry points to user flows:
|
|
72
|
+
- Frontend: route definitions, page components, navigation menus
|
|
73
|
+
- Backend: REST controllers, API route files, GraphQL resolvers
|
|
74
|
+
|
|
75
|
+
2. **Map each route to a user flow**:
|
|
76
|
+
- `/login`, `/register` → "Authentication & Onboarding"
|
|
77
|
+
- `/dashboard` → "Dashboard"
|
|
78
|
+
- `/settings/team` → "Team Management"
|
|
79
|
+
|
|
80
|
+
3. **Read actual UI/API code** to understand what users do — don't guess from filenames.
|
|
81
|
+
|
|
82
|
+
4. **Group related routes into features**:
|
|
83
|
+
- `/settings/profile`, `/settings/password`, `/settings/notifications` → "User Settings"
|
|
84
|
+
- `/projects`, `/projects/new`, `/projects/:id` → "Project Management"
|
|
85
|
+
|
|
86
|
+
**What to SKIP:**
|
|
87
|
+
- Infrastructure: databases, caching, queues, CI/CD, deployment
|
|
88
|
+
- Internal services: background workers, schedulers, migrations
|
|
89
|
+
- Libraries: utility functions, shared components without user-facing purpose
|
|
90
|
+
- Configuration: env files, build config, linters
|
|
91
|
+
|
|
92
|
+
---
|
|
93
|
+
|
|
94
|
+
### Step 2.5: Design the Folder Structure
|
|
95
|
+
|
|
96
|
+
> **Why this matters:** Dezycro uses **folder-scoped knowledge** — features in the same folder share context at full weight when the AI answers chat questions, generates TRDs, detects conflicts, or guides an AI coding agent. Folders outside the current one are deprioritized and drafts outside the folder are excluded entirely. **Bad folder grouping degrades the quality of every AI-assisted action in the product.** Good folder grouping compounds value.
|
|
97
|
+
>
|
|
98
|
+
> Treat folders as **domain boundaries**, not visual categorization. Two features belong in the same folder only if you would want the AI to automatically use one as context when working on the other.
|
|
99
|
+
|
|
100
|
+
#### Folder design principles
|
|
101
|
+
|
|
102
|
+
**1. Cohesion over neatness.** Group features that share a domain model, user flow surface, or data. "Cart Management" and "Payment Processing" belong together because editing one affects how you think about the other. "Cart Management" and "User Profile Settings" do not — they live in different mental models.
|
|
103
|
+
|
|
104
|
+
**2. Use hierarchy when it reflects real containment.** Don't create nested folders just to feel organized. A folder hierarchy is meaningful only when the parent feature governs or scopes its children. For example, `Checkout/Cart Management` is meaningful if there will eventually be a parent-level PRD about checkout policies. Otherwise, flat grouping is better.
|
|
105
|
+
|
|
106
|
+
**3. Aim for 3–8 features per folder.** Fewer than 3 and the folder adds no value (a lone feature may as well be at root). More than 8 and cohesion breaks down — split it. Hard cap: don't put more than 12 features in one folder.
|
|
107
|
+
|
|
108
|
+
**4. Folders should be stable, not fashionable.** Name folders after enduring product areas ("Authentication", "Billing", "Project Management"), not current initiatives ("Q4 Revamp", "Phase 2 Features"). The folder tree will outlive any single project timeline.
|
|
109
|
+
|
|
110
|
+
**5. Deep nesting is mostly unnecessary.** For most projects, 1 or 2 levels of folders are enough. 3 levels is rare and should be justified. Deep nesting fragments the knowledge base without adding real cohesion.
|
|
111
|
+
|
|
112
|
+
**6. The project root is just another folder.** Features at root are treated as siblings of each other. Cross-cutting features (like "Admin Dashboard" or "System Settings") that touch many domains often belong at root rather than forced into a category.
|
|
113
|
+
|
|
114
|
+
#### How to derive folders from the codebase
|
|
115
|
+
|
|
116
|
+
Use the code's structure as a hint, but translate to the product domain:
|
|
117
|
+
|
|
118
|
+
| Code signal | Folder candidate |
|
|
119
|
+
|---|---|
|
|
120
|
+
| A backend module / microservice boundary (e.g., `payment-service`) | A folder for that domain |
|
|
121
|
+
| A frontend route prefix (e.g., `/admin/*`) | A folder for that area |
|
|
122
|
+
| A natural user journey (e.g., checkout flow across several pages) | A folder containing the flow's features |
|
|
123
|
+
| A permission boundary (e.g., "admin-only" features) | Often a folder |
|
|
124
|
+
|
|
125
|
+
**Don't mirror the code structure 1:1.** Code organization often reflects technical concerns (one module per team, one service per deployment unit) that don't match product domains. Always ask: "Would a product manager put these together?"
|
|
126
|
+
|
|
127
|
+
#### Cohesion check before proposing
|
|
128
|
+
|
|
129
|
+
For each folder you plan to propose, ask:
|
|
130
|
+
|
|
131
|
+
1. **"If I'm writing the PRD for Feature A in this folder, would knowing about Feature B genuinely help me?"** If no → they don't belong in the same folder.
|
|
132
|
+
2. **"If A and B have conflicting requirements, is that something I'd want flagged?"** If yes → same folder. If no → different folders.
|
|
133
|
+
3. **"Would it make sense for an AI coding agent working on Feature A to automatically read Feature B's docs?"** If yes → same folder.
|
|
134
|
+
|
|
135
|
+
If you can't answer "yes" to all three for a given pair, they probably belong in separate folders.
|
|
136
|
+
|
|
137
|
+
#### Edge cases
|
|
138
|
+
|
|
139
|
+
- **Single-feature folder:** Avoid. If only one feature fits a domain, leave it at root until more join.
|
|
140
|
+
- **Cross-cutting features:** Features that touch multiple domains (e.g., "Search", "Notifications") usually belong at root, not forced into a specific category.
|
|
141
|
+
- **Orphan candidates:** If a feature doesn't fit any natural group, place it at root. Don't invent a "Miscellaneous" folder — it defeats the purpose of folder scoping.
|
|
142
|
+
|
|
143
|
+
---
|
|
144
|
+
|
|
145
|
+
### Step 3: Deduplicate Against Existing Features
|
|
146
|
+
|
|
147
|
+
> **This step is MANDATORY. You must complete 3a and 3b before proposing anything.**
|
|
148
|
+
> Do NOT rationalize skipping it ("project looks empty", "user just wants to create", "I'll check later").
|
|
149
|
+
> The `list_features` and `search` calls are required — no exceptions.
|
|
150
|
+
|
|
151
|
+
#### 3a: Inventory Existing Features
|
|
152
|
+
|
|
153
|
+
**Required API calls — you must make these:**
|
|
154
|
+
|
|
155
|
+
```
|
|
156
|
+
list_features(workspaceId, projectId) // root level
|
|
157
|
+
list_features(workspaceId, projectId, parentDirectoryId=X) // for EACH directory returned
|
|
158
|
+
// repeat recursively until all directories are traversed
|
|
159
|
+
```
|
|
160
|
+
|
|
161
|
+
Build a complete list of existing features: `id`, `name`, directory path, and whether PRD/TRD have content (from `documentSummaries`).
|
|
162
|
+
|
|
163
|
+
**If the project has zero existing features:** Say "No existing features found — all proposals will be NEW." then skip to Step 3c.
|
|
164
|
+
|
|
165
|
+
**If the project has existing features:** You MUST proceed to Step 3b. Do NOT skip it.
|
|
166
|
+
|
|
167
|
+
#### 3b: Semantic Match Against Existing Features
|
|
168
|
+
|
|
169
|
+
**Required API calls — you must make at least one `search` call per proposed feature:**
|
|
170
|
+
|
|
171
|
+
```
|
|
172
|
+
search(workspaceId, projectId, query="<feature's core user flows>", maxResults="5")
|
|
173
|
+
```
|
|
174
|
+
|
|
175
|
+
For example:
|
|
176
|
+
- Proposed "Document Editor" → `search(... query="document editing creating saving draft")`
|
|
177
|
+
- Proposed "Team Management" → `search(... query="invite team member roles permissions")`
|
|
178
|
+
|
|
179
|
+
For each proposed feature, combine the name comparison + search results to classify it:
|
|
180
|
+
|
|
181
|
+
| Classification | Criteria | Action |
|
|
182
|
+
|---|---|---|
|
|
183
|
+
| **🆕 NEW** | No name match AND no meaningful search results | Will be created |
|
|
184
|
+
| **✅ EXACT MATCH** | Existing feature covers the same scope | Skip — do not recreate |
|
|
185
|
+
| **🔄 PARTIAL MATCH** | Existing feature covers some but not all flows | Suggest updating existing feature |
|
|
186
|
+
|
|
187
|
+
**Matching rules:**
|
|
188
|
+
- A search result is "meaningful" if it describes the same user flows — not just keyword overlap.
|
|
189
|
+
- When in doubt, classify as PARTIAL MATCH rather than NEW.
|
|
190
|
+
- Different names can still be duplicates (e.g., "Authentication" and "Login & Sign Up").
|
|
191
|
+
|
|
192
|
+
#### 3c: Propose the Feature Structure
|
|
193
|
+
|
|
194
|
+
Present the full picture — what's new, what already exists, and what needs updating:
|
|
195
|
+
|
|
196
|
+
```
|
|
197
|
+
📁 Authentication & Onboarding
|
|
198
|
+
✅ Login & Registration — ALREADY EXISTS (feature: "User Authentication", has PRD + TRD)
|
|
199
|
+
🆕 Password Recovery — NEW (flows: forgot password, reset link, new password)
|
|
200
|
+
|
|
201
|
+
📁 Projects
|
|
202
|
+
🔄 Project Dashboard — PARTIAL MATCH (existing "Projects" covers create/list but not filtering or stats)
|
|
203
|
+
→ Suggest: update existing "Projects" feature PRD to add filter, sort, stats flows
|
|
204
|
+
🆕 Project Setup — NEW (flows: create project, edit settings, archive)
|
|
205
|
+
|
|
206
|
+
📁 Documents
|
|
207
|
+
🆕 Document Editor — NEW (flows: create, edit, save, AI chat, version history)
|
|
208
|
+
✅ Knowledge Base — ALREADY EXISTS (feature: "Knowledge Base", has PRD)
|
|
209
|
+
|
|
210
|
+
📁 Team
|
|
211
|
+
🔄 Team Management — PARTIAL MATCH (existing "Team" covers invites but not role changes)
|
|
212
|
+
→ Suggest: update existing "Team" feature PRD to add role management flows
|
|
213
|
+
🆕 Organization Settings — NEW (flows: rename org, billing, API keys)
|
|
214
|
+
|
|
215
|
+
Summary: 3 new · 2 already exist · 2 need updates
|
|
216
|
+
```
|
|
217
|
+
|
|
218
|
+
**Rules:**
|
|
219
|
+
- Every feature must represent something a user DOES
|
|
220
|
+
- Feature names should read like product capabilities, not code modules
|
|
221
|
+
- Group by product area, not by code structure
|
|
222
|
+
- Aim for 8–25 features total (including existing ones) — be selective, not exhaustive
|
|
223
|
+
- For EXACT MATCH features, clearly state which existing feature covers it and whether it has PRD/TRD content
|
|
224
|
+
- For PARTIAL MATCH features, describe specifically what's missing from the existing feature
|
|
225
|
+
|
|
226
|
+
Use `AskUserQuestion` to confirm:
|
|
227
|
+
question "Does this look right?",
|
|
228
|
+
options: ["Yes, create new and update existing", "Yes, but only create new (skip updates)", "I want to make changes"]
|
|
229
|
+
|
|
230
|
+
If they want changes, ask what to add/remove/reclassify, iterate, then confirm again.
|
|
231
|
+
|
|
232
|
+
---
|
|
233
|
+
|
|
234
|
+
### Step 4: Create and Update in Dezycro
|
|
235
|
+
|
|
236
|
+
> **⛔ STOP — Before calling `create_feature`, verify ALL of these are true:**
|
|
237
|
+
> 1. You called `list_features` to inventory existing features (Step 3a) — if you didn't, go back and do it NOW
|
|
238
|
+
> 2. You called `search` for at least the first 3 proposed features (Step 3b) — if you didn't, go back and do it NOW
|
|
239
|
+
> 3. You showed the user a proposal with ✅/🆕/🔄 classifications (Step 3c)
|
|
240
|
+
> 4. The user approved the proposal via `AskUserQuestion`
|
|
241
|
+
>
|
|
242
|
+
> If ANY of these are false, STOP and complete the missing step before proceeding.
|
|
243
|
+
|
|
244
|
+
Once approved, handle each classification differently:
|
|
245
|
+
|
|
246
|
+
**For NEW features:**
|
|
247
|
+
1. Create directories (top-down, parents first) via `create_directory`
|
|
248
|
+
2. Create features via `create_feature`, then `move_feature` into directories
|
|
249
|
+
3. For EACH feature, call `list_feature_documents` to get the PRD and TRD docIds
|
|
250
|
+
4. Track all featureIds and their PRD docIds — you need them for Step 5
|
|
251
|
+
|
|
252
|
+
**For EXACT MATCH features:**
|
|
253
|
+
- Do nothing. Do NOT recreate them.
|
|
254
|
+
- If a PRD/TRD exists but is empty (check `documentSummaries`), note it for Step 5 — the user may want to write/rewrite the content.
|
|
255
|
+
|
|
256
|
+
**For PARTIAL MATCH features (if user chose to update):**
|
|
257
|
+
1. Retrieve the existing feature's `featureId` from the inventory in Step 3a.
|
|
258
|
+
2. Call `list_feature_documents` to get the existing PRD/TRD docIds.
|
|
259
|
+
3. Track these for Step 5 — the PRD will be updated (not replaced) to cover the missing flows.
|
|
260
|
+
4. Do NOT create a new feature or move anything.
|
|
261
|
+
|
|
262
|
+
Report progress: "Created 3/8 new features... Queued 2 existing features for update..."
|
|
263
|
+
|
|
264
|
+
---
|
|
265
|
+
|
|
266
|
+
### Step 5: Write PRDs
|
|
267
|
+
|
|
268
|
+
For each feature (both NEW and PARTIAL MATCH), read the relevant code and write or update a PRD.
|
|
269
|
+
|
|
270
|
+
**For NEW features:** Write a full PRD covering all user flows within the feature.
|
|
271
|
+
|
|
272
|
+
**For PARTIAL MATCH features (updating existing PRDs):**
|
|
273
|
+
1. First, read the existing PRD content by calling `list_feature_documents` then reading the document.
|
|
274
|
+
2. Identify which flows are already documented and which are missing.
|
|
275
|
+
3. Write an updated PRD that **preserves all existing content** and **adds the missing flows**.
|
|
276
|
+
4. Do NOT rewrite or rephrase existing sections unless they are factually wrong — only add what's missing.
|
|
277
|
+
5. If the existing PRD uses a different structure than the template below, follow the existing structure for consistency.
|
|
278
|
+
|
|
279
|
+
**For EXACT MATCH features:** Skip unless the PRD is empty (no content). If empty, write a full PRD as if it were new.
|
|
280
|
+
|
|
281
|
+
#### Your mindset while writing PRDs
|
|
282
|
+
|
|
283
|
+
You are a product manager who has watched users interact with the product. You are describing what users see, click, enter, and experience. You have no idea how the backend works — and that's intentional.
|
|
284
|
+
|
|
285
|
+
**Before writing each PRD, ask yourself:**
|
|
286
|
+
> "Would a product manager say this? Or is this something only a developer would know?"
|
|
287
|
+
|
|
288
|
+
If only a developer would say it — leave it out of the PRD. It belongs in the TRD.
|
|
289
|
+
|
|
290
|
+
#### PRD Structure
|
|
291
|
+
|
|
292
|
+
Each PRD must contain these sections:
|
|
293
|
+
|
|
294
|
+
**Overview**
|
|
295
|
+
- What is this feature?
|
|
296
|
+
- Why does it exist? What user problem does it solve?
|
|
297
|
+
- Who uses it?
|
|
298
|
+
|
|
299
|
+
**User Flows**
|
|
300
|
+
For each flow within this feature:
|
|
301
|
+
- Flow name (e.g., "Create New Document")
|
|
302
|
+
- Step-by-step from the USER's perspective
|
|
303
|
+
- Include: happy path + key error/edge cases
|
|
304
|
+
|
|
305
|
+
**Business Rules**
|
|
306
|
+
- Validation rules the user encounters (e.g., "email must be unique")
|
|
307
|
+
- Permission constraints (e.g., "only admins can delete")
|
|
308
|
+
- Tier/plan limits (e.g., "free tier limited to 3 projects")
|
|
309
|
+
- Character limits, file size limits, etc.
|
|
310
|
+
|
|
311
|
+
**Dependencies**
|
|
312
|
+
- Which other features does this connect to? (user-facing connections only)
|
|
313
|
+
|
|
314
|
+
---
|
|
315
|
+
|
|
316
|
+
#### PRD Quality Rules — CRITICAL
|
|
317
|
+
|
|
318
|
+
**INCLUDE in PRDs:**
|
|
319
|
+
- What the user sees on screen
|
|
320
|
+
- What the user clicks, types, selects
|
|
321
|
+
- What happens after each action
|
|
322
|
+
- What errors or messages the user sees
|
|
323
|
+
- What permissions control who can do what
|
|
324
|
+
- What limits or constraints the user encounters
|
|
325
|
+
|
|
326
|
+
**NEVER include in PRDs:**
|
|
327
|
+
- API endpoints or HTTP methods
|
|
328
|
+
- Database table or column names
|
|
329
|
+
- Class names, file paths, or component names
|
|
330
|
+
- Request/response JSON formats
|
|
331
|
+
- Backend validation logic or algorithms
|
|
332
|
+
- Service names, repository names, or method calls
|
|
333
|
+
- Infrastructure or architecture details
|
|
334
|
+
|
|
335
|
+
---
|
|
336
|
+
|
|
337
|
+
#### PRD — Good vs. Bad Examples
|
|
338
|
+
|
|
339
|
+
**❌ BAD PRD paragraph** (technical contamination):
|
|
340
|
+
> When the user submits the login form, the frontend calls `POST /api/v1/auth/login` with `{email, password}`. The `AuthController` validates credentials against the `users` table using bcrypt comparison. On success, a JWT is issued and stored in `localStorage`.
|
|
341
|
+
|
|
342
|
+
**✅ GOOD PRD paragraph** (user behavior only):
|
|
343
|
+
> The user enters their email address and password on the Login screen, then clicks "Sign In." If the credentials are correct, they are taken to their Dashboard. If not, they see an error message: "Invalid email or password." After 5 failed attempts, the account is temporarily locked and the user is shown instructions to reset their password.
|
|
344
|
+
|
|
345
|
+
---
|
|
346
|
+
|
|
347
|
+
**❌ BAD PRD paragraph** (technical contamination):
|
|
348
|
+
> The `DocumentService.create()` method creates a new `Document` entity in PostgreSQL with `status=DRAFT`. The S3 key is generated from the workspace UUID.
|
|
349
|
+
|
|
350
|
+
**✅ GOOD PRD paragraph** (user behavior only):
|
|
351
|
+
> When the user clicks "New Document," a blank document is created and they are taken to the editor. The document is saved automatically as a draft every 30 seconds. A "Saving..." indicator appears in the top bar while saving is in progress.
|
|
352
|
+
|
|
353
|
+
---
|
|
354
|
+
|
|
355
|
+
#### PRD Writing Process (Per Feature)
|
|
356
|
+
|
|
357
|
+
Follow this chain of thought before writing:
|
|
358
|
+
|
|
359
|
+
1. **Identify users**: Who interacts with this feature? (admin, member, guest, etc.)
|
|
360
|
+
2. **List flows**: What distinct tasks can each user type perform?
|
|
361
|
+
3. **Walk each flow as a user**: Step through it as if you're clicking through the UI
|
|
362
|
+
4. **Extract business rules**: What limits, permissions, or validations does the user encounter?
|
|
363
|
+
5. **Write the PRD**: Use the structure above, user language only
|
|
364
|
+
6. **Self-check**: Read each sentence and ask "Does this describe what a user sees/does, or what code does?" — remove any sentence that describes code
|
|
365
|
+
|
|
366
|
+
**Target length**: 500–2000 words per PRD depending on feature complexity.
|
|
367
|
+
|
|
368
|
+
Upload each PRD via `update_document(workspaceId, featureId, prdDocId, content)`, then immediately mark it complete via `change_document_status(workspaceId, featureId, prdDocId, status="COMPLETE")`.
|
|
369
|
+
|
|
370
|
+
Report progress: "Writing PRD 3/15: Document Editor..."
|
|
371
|
+
|
|
372
|
+
---
|
|
373
|
+
|
|
374
|
+
### Step 6: Write TRDs
|
|
375
|
+
|
|
376
|
+
After ALL PRDs are written, use `AskUserQuestion`:
|
|
377
|
+
question "All PRDs written. Write TRDs from the code?",
|
|
378
|
+
options: ["Yes, write TRDs from code", "No, I'm done for now"]
|
|
379
|
+
|
|
380
|
+
**If "Write TRDs from code"** (the only auto path now — guided per-feature TRD authoring is done via `/dezycro:author --doc trd` after import):
|
|
381
|
+
|
|
382
|
+
For each feature (NEW, PARTIAL MATCH, and EXACT MATCH with empty TRDs), read the backend code and write or update a TRD.
|
|
383
|
+
|
|
384
|
+
**For PARTIAL MATCH features:** Read the existing TRD first. Preserve existing content and add sections covering the newly documented flows. Do NOT rewrite existing sections unless factually wrong.
|
|
385
|
+
|
|
386
|
+
The TRD is the technical complement to the PRD. Where the PRD says "user sees an error", the TRD says "the endpoint returns HTTP 401 with `{error: 'INVALID_CREDENTIALS'}` and the frontend renders the error message from `auth/errors.ts`."
|
|
387
|
+
|
|
388
|
+
#### TRD Structure
|
|
389
|
+
|
|
390
|
+
- **Architecture Overview**: How this feature is structured technically
|
|
391
|
+
- **Components**: Services, controllers, repositories, entities involved (with file paths)
|
|
392
|
+
- **API Contracts**: Request/response shapes, status codes, auth requirements
|
|
393
|
+
- **Data Model**: Database tables, columns, relationships, migrations
|
|
394
|
+
- **Business Logic**: Core algorithms, validation rules, state machines in the code
|
|
395
|
+
- **External Dependencies**: Third-party services, queues, caches, gRPC calls
|
|
396
|
+
- **Error Handling**: How failures are handled, retry strategies, fallbacks
|
|
397
|
+
- **Security**: Auth checks, tenant scoping, permission enforcement
|
|
398
|
+
|
|
399
|
+
#### TRD Quality Rules
|
|
400
|
+
|
|
401
|
+
- Write from the DEVELOPER's perspective — this is for engineers
|
|
402
|
+
- Reference specific classes, methods, SQL, and config
|
|
403
|
+
- Include actual API request/response examples from the code
|
|
404
|
+
- Document the implementation as-is, not as it should be
|
|
405
|
+
- 800–3000 words per TRD depending on complexity
|
|
406
|
+
|
|
407
|
+
Get the TRD docId via `list_feature_documents` (type "TRD"). If no TRD document exists, create one first with `create_document(workspaceId, featureId, "TRD")`. Then upload content via `update_document`, then mark it complete via `change_document_status(workspaceId, featureId, trdDocId, status="COMPLETE")`.
|
|
408
|
+
|
|
409
|
+
Report progress: "Writing TRD 3/15: Document Editor..."
|
|
410
|
+
|
|
411
|
+
---
|
|
412
|
+
|
|
413
|
+
## Rules
|
|
414
|
+
|
|
415
|
+
- **Never create duplicates** — always inventory existing features and deduplicate before creating
|
|
416
|
+
- **Prefer updating over recreating** — if a feature partially exists, update it rather than making a new one
|
|
417
|
+
- **Preserve existing content** — when updating PRDs/TRDs, add missing flows without rewriting existing sections
|
|
418
|
+
- **Folders are domain boundaries, not categorization** — features in the same folder must share a domain model, user flow surface, or data; bad folder grouping degrades every AI-assisted action in the product
|
|
419
|
+
- **Apply the cohesion check** — for every folder, verify you'd want the AI to use one feature as context when working on another
|
|
420
|
+
- **Avoid single-feature folders and deep nesting** — a folder with one feature adds nothing; more than 2 levels of nesting is rarely justified
|
|
421
|
+
- **Don't mirror code structure** — code organization reflects technical concerns that often don't match product domains
|
|
422
|
+
- **User flows only in PRDs** — skip infrastructure, internal services, background jobs
|
|
423
|
+
- **Technical details only in TRDs** — endpoints, schemas, components, algorithms
|
|
424
|
+
- **Always use AskUserQuestion** with options for any user choice
|
|
425
|
+
- **Always wait for approval** before creating anything
|
|
426
|
+
- **Write from code** — read the actual source, don't invent
|
|
427
|
+
- **Handle errors gracefully** — log and continue
|
|
428
|
+
- **Report progress** at each step
|
|
@@ -0,0 +1,133 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: init
|
|
3
|
+
description: Set up a repository for Dezycro — connects to workspace/project, detects environment, writes .dezycro/config.json. Run once per repo.
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# Dezycro Repository Setup
|
|
7
|
+
|
|
8
|
+
You are setting up this repository to work with Dezycro. This is a one-time setup that creates `.dezycro/config.json`.
|
|
9
|
+
|
|
10
|
+
## Prerequisites
|
|
11
|
+
|
|
12
|
+
Before starting, verify the Dezycro MCP server is connected by calling `list_workspaces`. If it fails, tell the user:
|
|
13
|
+
|
|
14
|
+
> The Dezycro MCP server is not configured. Add it to your Claude Code MCP settings:
|
|
15
|
+
>
|
|
16
|
+
> ```json
|
|
17
|
+
> {
|
|
18
|
+
> "mcpServers": {
|
|
19
|
+
> "dezycro": {
|
|
20
|
+
> "url": "https://mcp.dezycro.ai/mcp",
|
|
21
|
+
> "headers": {
|
|
22
|
+
> "Authorization": "Bearer dzy_YOUR_API_KEY"
|
|
23
|
+
> }
|
|
24
|
+
> }
|
|
25
|
+
> }
|
|
26
|
+
> }
|
|
27
|
+
> ```
|
|
28
|
+
>
|
|
29
|
+
> Get your API key from **Dezycro > Settings > API Keys**.
|
|
30
|
+
|
|
31
|
+
Then stop. Do not proceed without a working MCP connection.
|
|
32
|
+
|
|
33
|
+
## Step 1: Select Workspace
|
|
34
|
+
|
|
35
|
+
1. Call `list_workspaces`.
|
|
36
|
+
2. If only one workspace, auto-select it and confirm with the user.
|
|
37
|
+
3. If multiple, list them and ask the user to pick.
|
|
38
|
+
4. Store the `workspaceId`.
|
|
39
|
+
|
|
40
|
+
## Step 2: Select Project
|
|
41
|
+
|
|
42
|
+
1. Call `list_projects` with the chosen `workspaceId`.
|
|
43
|
+
2. If the user wants an existing project, list them and ask to pick.
|
|
44
|
+
3. If the user wants a new project, ask for a name and call `create_project`.
|
|
45
|
+
4. Store the `projectId`.
|
|
46
|
+
|
|
47
|
+
## Step 3: Detect Environment Setup
|
|
48
|
+
|
|
49
|
+
Scan the repository root for common patterns. Use the Glob tool to check for these files:
|
|
50
|
+
|
|
51
|
+
1. **docker-compose.yml** or **docker-compose.yaml** — suggest `docker-compose up -d` as setup command
|
|
52
|
+
2. **package.json** — read it, check for `dev` or `start` scripts. If found, suggest `npm run dev` or `yarn dev`.
|
|
53
|
+
3. **Makefile** — read it, check for `run`, `dev`, or `serve` targets.
|
|
54
|
+
|
|
55
|
+
Present what you found to the user:
|
|
56
|
+
|
|
57
|
+
> I detected the following in your repo:
|
|
58
|
+
> - `docker-compose.yml` found — setup: `docker-compose up -d`, teardown: `docker-compose down`
|
|
59
|
+
>
|
|
60
|
+
> Does this look right? You can also enter a custom command or skip environment setup.
|
|
61
|
+
|
|
62
|
+
If nothing detected, ask:
|
|
63
|
+
|
|
64
|
+
> How do you start your local dev environment? Enter a command (e.g., `docker-compose up -d`) or type "skip" to configure later.
|
|
65
|
+
|
|
66
|
+
## Step 4: API URL and Health Check
|
|
67
|
+
|
|
68
|
+
Ask the user:
|
|
69
|
+
|
|
70
|
+
> What is your local API URL? (default: `http://localhost:3000`)
|
|
71
|
+
|
|
72
|
+
Then:
|
|
73
|
+
|
|
74
|
+
> Health check endpoint? (default: `/health`)
|
|
75
|
+
|
|
76
|
+
Combine the API URL + health check path into a full health check command: `curl -sf {apiUrl}{healthPath}`
|
|
77
|
+
|
|
78
|
+
## Step 5: Remote Environment (Optional)
|
|
79
|
+
|
|
80
|
+
Ask:
|
|
81
|
+
|
|
82
|
+
> Do you want to configure a remote dev environment too? (e.g., a shared dev/staging server)
|
|
83
|
+
|
|
84
|
+
If yes, ask for:
|
|
85
|
+
- Environment name (e.g., `dev`, `staging`)
|
|
86
|
+
- API URL (e.g., `https://api.dev.example.com`)
|
|
87
|
+
- Health check endpoint (default: same as local)
|
|
88
|
+
|
|
89
|
+
## Step 6: Write Config
|
|
90
|
+
|
|
91
|
+
Create the `.dezycro/` directory and write `.dezycro/config.json`:
|
|
92
|
+
|
|
93
|
+
```json
|
|
94
|
+
{
|
|
95
|
+
"version": 1,
|
|
96
|
+
"projectId": "<selected projectId>",
|
|
97
|
+
"workspaceId": "<selected workspaceId>",
|
|
98
|
+
"environments": {
|
|
99
|
+
"local": {
|
|
100
|
+
"setup": "<detected or entered setup command>",
|
|
101
|
+
"apiUrl": "<entered API URL>",
|
|
102
|
+
"teardown": "<detected or entered teardown command>",
|
|
103
|
+
"healthCheck": "curl -sf <apiUrl><healthPath>",
|
|
104
|
+
"default": true
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
}
|
|
108
|
+
```
|
|
109
|
+
|
|
110
|
+
Omit `setup` and `teardown` keys if the user skipped environment setup. Include remote environments if configured (without `default: true`).
|
|
111
|
+
|
|
112
|
+
Use the Bash tool to create the directory: `mkdir -p .dezycro`
|
|
113
|
+
Use the Write tool to write the config file.
|
|
114
|
+
|
|
115
|
+
## Step 7: Gitignore Check
|
|
116
|
+
|
|
117
|
+
Read `.gitignore` (if it exists) and check if it already covers `.dezycro/`. If not, suggest adding:
|
|
118
|
+
|
|
119
|
+
```
|
|
120
|
+
# Dezycro local state
|
|
121
|
+
.dezycro/active-feature.json
|
|
122
|
+
.dezycro/bin/
|
|
123
|
+
```
|
|
124
|
+
|
|
125
|
+
Ask the user if they want `.dezycro/config.json` committed (recommended) or gitignored too. If they want it gitignored, add `.dezycro/` instead.
|
|
126
|
+
|
|
127
|
+
## Done
|
|
128
|
+
|
|
129
|
+
Tell the user:
|
|
130
|
+
|
|
131
|
+
> Dezycro setup complete! Your config is at `.dezycro/config.json`.
|
|
132
|
+
>
|
|
133
|
+
> Next: run `/dezycro:work <feature-name>` to start working on a feature.
|
|
@@ -0,0 +1,101 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: publish-spec
|
|
3
|
+
description: Auto-detect and upload an OpenAPI spec for the active feature. Triggers JEP generation. Requires an active feature (run /dezycro:work first).
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# Publish Feature API Spec
|
|
7
|
+
|
|
8
|
+
You are detecting the project's OpenAPI spec, optionally filtering it to feature-relevant endpoints, and uploading it to trigger JEP generation.
|
|
9
|
+
|
|
10
|
+
## Step 1: Read Active Feature
|
|
11
|
+
|
|
12
|
+
Read `.dezycro/active-feature.json` using the Read tool. If the file does not exist, tell the user:
|
|
13
|
+
|
|
14
|
+
> No active feature. Run `/dezycro:work <feature-name>` first to select a feature.
|
|
15
|
+
|
|
16
|
+
Then stop.
|
|
17
|
+
|
|
18
|
+
Extract `featureId`, `featureName`.
|
|
19
|
+
|
|
20
|
+
## Step 2: Read Config
|
|
21
|
+
|
|
22
|
+
Read `.dezycro/config.json` to get `workspaceId`.
|
|
23
|
+
|
|
24
|
+
## Step 3: Auto-Detect OpenAPI Spec
|
|
25
|
+
|
|
26
|
+
Search for OpenAPI spec files in this order. Use Glob to find files, then Read to check their content:
|
|
27
|
+
|
|
28
|
+
1. **Spring Boot / Java / Kotlin**:
|
|
29
|
+
- Glob: `**/build/generated/openapi/*.json`
|
|
30
|
+
- Glob: `**/target/generated-docs/openapi*.json`
|
|
31
|
+
- Glob: `**/src/main/resources/openapi*.json`
|
|
32
|
+
- Glob: `**/src/main/resources/openapi*.yaml`
|
|
33
|
+
|
|
34
|
+
2. **Express / Node.js**:
|
|
35
|
+
- Glob: `**/swagger-output.json`
|
|
36
|
+
- Glob: `**/openapi.json`
|
|
37
|
+
- Glob: `**/openapi.yaml`
|
|
38
|
+
- Glob: `**/docs/openapi*.{json,yaml}`
|
|
39
|
+
|
|
40
|
+
3. **Go**:
|
|
41
|
+
- Glob: `**/docs/swagger.json`
|
|
42
|
+
- Glob: `**/api/openapi*.{json,yaml}`
|
|
43
|
+
|
|
44
|
+
4. **Generic**:
|
|
45
|
+
- Glob: `**/*openapi*.{json,yaml,yml}`
|
|
46
|
+
- Glob: `**/*swagger*.{json,yaml,yml}`
|
|
47
|
+
|
|
48
|
+
5. **Live endpoint** (if an environment is running):
|
|
49
|
+
- Read `.dezycro/config.json` for the default environment's `apiUrl`
|
|
50
|
+
- Try: `curl -sf <apiUrl>/v3/api-docs` via Bash
|
|
51
|
+
- Try: `curl -sf <apiUrl>/swagger.json` via Bash
|
|
52
|
+
|
|
53
|
+
If **multiple files found**, list them and ask the user to pick.
|
|
54
|
+
|
|
55
|
+
If **no files found**, tell the user:
|
|
56
|
+
> No OpenAPI spec detected. You can:
|
|
57
|
+
> 1. Provide a file path to your spec
|
|
58
|
+
> 2. Provide a URL to fetch the spec from
|
|
59
|
+
> 3. Start your server and I'll try to fetch it from `/v3/api-docs`
|
|
60
|
+
|
|
61
|
+
## Step 4: Validate Spec
|
|
62
|
+
|
|
63
|
+
Read the selected file. Check that it contains either:
|
|
64
|
+
- `"openapi"` key (OpenAPI 3.x)
|
|
65
|
+
- `"swagger"` key (Swagger 2.x)
|
|
66
|
+
|
|
67
|
+
If it's YAML, note that `publish_feature_spec` expects JSON — you will need to mention this to the user if conversion is needed.
|
|
68
|
+
|
|
69
|
+
If invalid, tell the user:
|
|
70
|
+
> This doesn't look like a valid OpenAPI spec (no `openapi` or `swagger` key found). Please check the file.
|
|
71
|
+
|
|
72
|
+
## Step 5: Filter (Optional)
|
|
73
|
+
|
|
74
|
+
Ask the user:
|
|
75
|
+
|
|
76
|
+
> The spec contains N endpoints. Want to:
|
|
77
|
+
> 1. Upload the full spec (recommended for most cases)
|
|
78
|
+
> 2. Filter to specific path prefixes (e.g., `/api/otp/*`)
|
|
79
|
+
> 3. Filter by tag
|
|
80
|
+
|
|
81
|
+
If they choose to filter, extract only the matching paths and their referenced schemas. Construct a valid OpenAPI document with just the filtered content.
|
|
82
|
+
|
|
83
|
+
## Step 6: Upload
|
|
84
|
+
|
|
85
|
+
Upload via the MCP tool. The tool handles multipart upload internally:
|
|
86
|
+
|
|
87
|
+
```
|
|
88
|
+
publish_feature_spec(workspaceId, featureId, openApiFragment)
|
|
89
|
+
```
|
|
90
|
+
|
|
91
|
+
Where `openApiFragment` is the JSON string of the spec. The MCP tool uploads it as a multipart file to the backend (max 5 MB).
|
|
92
|
+
|
|
93
|
+
## Step 7: Report
|
|
94
|
+
|
|
95
|
+
Tell the user:
|
|
96
|
+
|
|
97
|
+
> Spec published for "<featureName>". JEP generation workflow has been triggered — this typically takes 2-5 minutes.
|
|
98
|
+
>
|
|
99
|
+
> Once complete, run `/dezycro:verify` to pull the verifier binary and test your implementation.
|
|
100
|
+
>
|
|
101
|
+
> You can check generation status by running `/dezycro:status`.
|