@fredericboyer/dev-team 0.5.0 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/init.js +22 -1
- package/dist/init.js.map +1 -1
- package/dist/parallel.d.ts +127 -0
- package/dist/parallel.js +323 -0
- package/dist/parallel.js.map +1 -0
- package/package.json +2 -2
- package/templates/CLAUDE.md +7 -5
- package/templates/agent-memory/dev-team-hamilton/MEMORY.md +12 -0
- package/templates/agents/dev-team-brooks.md +42 -5
- package/templates/agents/dev-team-deming.md +1 -0
- package/templates/agents/dev-team-drucker.md +5 -3
- package/templates/agents/dev-team-hamilton.md +69 -0
- package/templates/agents/dev-team-mori.md +1 -0
- package/templates/agents/dev-team-tufte.md +17 -0
- package/templates/agents/dev-team-voss.md +2 -1
- package/templates/hooks/dev-team-parallel-loop.js +188 -0
- package/templates/hooks/dev-team-post-change-review.js +68 -15
- package/templates/hooks/dev-team-pre-commit-gate.js +27 -6
- package/templates/hooks/dev-team-tdd-enforce.js +27 -6
- package/templates/settings.json +4 -0
- package/templates/skills/dev-team-security-status/SKILL.md +43 -0
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: security-status
|
|
3
|
+
description: Check GitHub security signals — code scanning, Dependabot, secret scanning, and compliance status. Use at session start and before releases.
|
|
4
|
+
user_invocable: true
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
# Security Status Check
|
|
8
|
+
|
|
9
|
+
Proactively monitor all GitHub Advanced Security signals for this repository.
|
|
10
|
+
|
|
11
|
+
## Steps
|
|
12
|
+
|
|
13
|
+
1. **Run all checks in parallel** using the Bash tool with `gh api`. Derive {owner}/{repo} from `gh repo view --json nameWithOwner --jq .nameWithOwner`:
|
|
14
|
+
|
|
15
|
+
- Code scanning alerts (CodeQL, code quality): `gh api --paginate repos/{owner}/{repo}/code-scanning/alerts?state=open`
|
|
16
|
+
- Dependabot alerts (vulnerable dependencies): `gh api --paginate repos/{owner}/{repo}/dependabot/alerts?state=open`
|
|
17
|
+
- Secret scanning alerts: `gh api --paginate repos/{owner}/{repo}/secret-scanning/alerts?state=open`
|
|
18
|
+
- Pending Dependabot PRs: `gh pr list --label dependencies`
|
|
19
|
+
- Copilot review status on open PRs: check reviews on each open PR
|
|
20
|
+
|
|
21
|
+
2. **Report findings** in a summary table:
|
|
22
|
+
|
|
23
|
+
| Signal | Status | Details |
|
|
24
|
+
|--------|--------|---------|
|
|
25
|
+
| Code Scanning (CodeQL) | X open alerts | severity breakdown |
|
|
26
|
+
| Dependabot Security | X open alerts | affected packages |
|
|
27
|
+
| Dependabot Updates | X pending PRs | age of oldest |
|
|
28
|
+
| Secret Scanning | X open alerts | types |
|
|
29
|
+
| Copilot Review | X comments on open PRs | blocking? |
|
|
30
|
+
|
|
31
|
+
3. **Classify findings:**
|
|
32
|
+
- `[DEFECT]` — Critical/high severity security alerts, exposed secrets
|
|
33
|
+
- `[RISK]` — Medium severity alerts, stale Dependabot PRs (>7 days)
|
|
34
|
+
- `[SUGGESTION]` — Low severity, informational
|
|
35
|
+
|
|
36
|
+
4. **Recommend actions** for any open alerts — who should fix, urgency, and whether it blocks the current work.
|
|
37
|
+
|
|
38
|
+
## When to run
|
|
39
|
+
|
|
40
|
+
- **Every session start** — quick baseline check
|
|
41
|
+
- **Before creating a release** — compliance gate
|
|
42
|
+
- **After merging Dependabot PRs** — verify alerts resolved
|
|
43
|
+
- **On request** — `/dev-team:security-status`
|