@geraldmaron/construct 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (352) hide show
  1. package/.env.example +69 -0
  2. package/LICENSE +21 -0
  3. package/README.md +344 -0
  4. package/agents/prompts/cx-accessibility.md +29 -0
  5. package/agents/prompts/cx-ai-engineer.md +31 -0
  6. package/agents/prompts/cx-architect.md +40 -0
  7. package/agents/prompts/cx-business-strategist.md +25 -0
  8. package/agents/prompts/cx-data-analyst.md +30 -0
  9. package/agents/prompts/cx-data-engineer.md +32 -0
  10. package/agents/prompts/cx-debugger.md +27 -0
  11. package/agents/prompts/cx-designer.md +33 -0
  12. package/agents/prompts/cx-devil-advocate.md +36 -0
  13. package/agents/prompts/cx-docs-keeper.md +50 -0
  14. package/agents/prompts/cx-engineer.md +36 -0
  15. package/agents/prompts/cx-evaluator.md +26 -0
  16. package/agents/prompts/cx-explorer.md +38 -0
  17. package/agents/prompts/cx-legal-compliance.md +25 -0
  18. package/agents/prompts/cx-operations.md +28 -0
  19. package/agents/prompts/cx-orchestrator.md +30 -0
  20. package/agents/prompts/cx-platform-engineer.md +25 -0
  21. package/agents/prompts/cx-product-manager.md +30 -0
  22. package/agents/prompts/cx-qa.md +42 -0
  23. package/agents/prompts/cx-rd-lead.md +25 -0
  24. package/agents/prompts/cx-release-manager.md +31 -0
  25. package/agents/prompts/cx-researcher.md +31 -0
  26. package/agents/prompts/cx-reviewer.md +36 -0
  27. package/agents/prompts/cx-security.md +37 -0
  28. package/agents/prompts/cx-sre.md +26 -0
  29. package/agents/prompts/cx-test-automation.md +35 -0
  30. package/agents/prompts/cx-trace-reviewer.md +76 -0
  31. package/agents/prompts/cx-ux-researcher.md +30 -0
  32. package/agents/registry.json +879 -0
  33. package/agents/teams.json +94 -0
  34. package/bin/construct +613 -0
  35. package/commands/build/feature.md +21 -0
  36. package/commands/build/fix.md +20 -0
  37. package/commands/design/access.md +19 -0
  38. package/commands/design/flow.md +16 -0
  39. package/commands/design/ui.md +18 -0
  40. package/commands/measure/experiment.md +18 -0
  41. package/commands/measure/metrics.md +18 -0
  42. package/commands/measure/results.md +18 -0
  43. package/commands/plan/api.md +19 -0
  44. package/commands/plan/challenge.md +18 -0
  45. package/commands/plan/decide.md +20 -0
  46. package/commands/plan/feature.md +49 -0
  47. package/commands/plan/requirements.md +24 -0
  48. package/commands/remember/context.md +26 -0
  49. package/commands/remember/handoff.md +19 -0
  50. package/commands/remember/runbook.md +20 -0
  51. package/commands/review/code.md +21 -0
  52. package/commands/review/quality.md +19 -0
  53. package/commands/review/security.md +16 -0
  54. package/commands/ship/ready.md +19 -0
  55. package/commands/ship/release.md +19 -0
  56. package/commands/ship/status.md +18 -0
  57. package/commands/understand/docs.md +22 -0
  58. package/commands/understand/research.md +22 -0
  59. package/commands/understand/this.md +23 -0
  60. package/commands/understand/why.md +18 -0
  61. package/commands/work/clean.md +32 -0
  62. package/commands/work/drive.md +69 -0
  63. package/commands/work/optimize-prompts.md +46 -0
  64. package/commands/work/parallel-review.md +40 -0
  65. package/db/migrations/001_init.sql +38 -0
  66. package/langfuse/docker-compose.yml +82 -0
  67. package/lib/audit-skills.mjs +118 -0
  68. package/lib/auto-docs.mjs +293 -0
  69. package/lib/cli-commands.mjs +409 -0
  70. package/lib/codex-config.mjs +114 -0
  71. package/lib/comment-lint.mjs +191 -0
  72. package/lib/completions.mjs +170 -0
  73. package/lib/context-state.mjs +99 -0
  74. package/lib/cost.mjs +213 -0
  75. package/lib/distill.mjs +403 -0
  76. package/lib/efficiency.mjs +139 -0
  77. package/lib/env-config.mjs +53 -0
  78. package/lib/eval-harness.mjs +59 -0
  79. package/lib/features.mjs +209 -0
  80. package/lib/headhunt.mjs +597 -0
  81. package/lib/hooks/adaptive-lint.mjs +112 -0
  82. package/lib/hooks/agent-tracker.mjs +50 -0
  83. package/lib/hooks/bootstrap-guard.mjs +90 -0
  84. package/lib/hooks/comment-lint.mjs +26 -0
  85. package/lib/hooks/config-protection.mjs +52 -0
  86. package/lib/hooks/console-warn.mjs +43 -0
  87. package/lib/hooks/context-window-recovery.mjs +90 -0
  88. package/lib/hooks/continuation-enforcer.mjs +72 -0
  89. package/lib/hooks/dep-audit.mjs +155 -0
  90. package/lib/hooks/drive-guard.mjs +89 -0
  91. package/lib/hooks/edit-accumulator.mjs +36 -0
  92. package/lib/hooks/edit-error-recovery.mjs +46 -0
  93. package/lib/hooks/edit-guard.mjs +109 -0
  94. package/lib/hooks/env-check.mjs +80 -0
  95. package/lib/hooks/guard-bash.mjs +83 -0
  96. package/lib/hooks/mcp-audit.mjs +57 -0
  97. package/lib/hooks/mcp-health-check.mjs +51 -0
  98. package/lib/hooks/mcp-task-scope.mjs +47 -0
  99. package/lib/hooks/model-fallback.mjs +105 -0
  100. package/lib/hooks/pre-compact.mjs +212 -0
  101. package/lib/hooks/pre-push-gate.mjs +129 -0
  102. package/lib/hooks/read-tracker.mjs +129 -0
  103. package/lib/hooks/registry-sync.mjs +23 -0
  104. package/lib/hooks/scan-secrets.mjs +76 -0
  105. package/lib/hooks/session-start.mjs +95 -0
  106. package/lib/hooks/stop-notify.mjs +191 -0
  107. package/lib/hooks/stop-typecheck.mjs +83 -0
  108. package/lib/hooks/task-completed-guard.mjs +43 -0
  109. package/lib/hooks/teammate-idle-guard.mjs +54 -0
  110. package/lib/hooks/workflow-guard.mjs +62 -0
  111. package/lib/host-capabilities.mjs +123 -0
  112. package/lib/init-docs.mjs +382 -0
  113. package/lib/mcp/server.mjs +1123 -0
  114. package/lib/mcp-catalog.json +243 -0
  115. package/lib/mcp-manager.mjs +433 -0
  116. package/lib/mcp-platform-config.mjs +104 -0
  117. package/lib/model-router.mjs +810 -0
  118. package/lib/opencode-config.mjs +44 -0
  119. package/lib/opencode-runtime-plugin.mjs +909 -0
  120. package/lib/opencode-telemetry.mjs +433 -0
  121. package/lib/orchestration-policy.mjs +258 -0
  122. package/lib/prompt-composer.mjs +196 -0
  123. package/lib/prompt-metadata.mjs +68 -0
  124. package/lib/review.mjs +429 -0
  125. package/lib/role-preload.mjs +52 -0
  126. package/lib/schemas/decision.json +50 -0
  127. package/lib/schemas/implementation.json +51 -0
  128. package/lib/schemas/review-report.json +32 -0
  129. package/lib/schemas/test-report.json +43 -0
  130. package/lib/server/index.mjs +334 -0
  131. package/lib/server/static/app.js +841 -0
  132. package/lib/server/static/index.html +820 -0
  133. package/lib/service-manager.mjs +225 -0
  134. package/lib/setup.mjs +319 -0
  135. package/lib/status.mjs +707 -0
  136. package/lib/storage/backend.mjs +44 -0
  137. package/lib/storage/embeddings.mjs +70 -0
  138. package/lib/storage/hybrid-query.mjs +184 -0
  139. package/lib/storage/sql-store.mjs +55 -0
  140. package/lib/storage/state-source.mjs +101 -0
  141. package/lib/storage/sync.mjs +164 -0
  142. package/lib/storage/vector-store.mjs +59 -0
  143. package/lib/telemetry/backends/langfuse.mjs +58 -0
  144. package/lib/telemetry/backends/noop.mjs +16 -0
  145. package/lib/telemetry/langfuse-ingest.mjs +108 -0
  146. package/lib/telemetry/langfuse-model-sync.mjs +270 -0
  147. package/lib/telemetry/team-rollup.mjs +143 -0
  148. package/lib/toolkit-env.mjs +30 -0
  149. package/lib/validator.mjs +181 -0
  150. package/lib/workflow-state.mjs +794 -0
  151. package/package.json +53 -0
  152. package/personas/construct.md +94 -0
  153. package/platforms/claude/CLAUDE.md +30 -0
  154. package/platforms/claude/settings.template.json +472 -0
  155. package/platforms/opencode/config.template.json +65 -0
  156. package/platforms/opencode/plugins/construct-fallback.js +5 -0
  157. package/platforms/opencode/sync-config.mjs +69 -0
  158. package/rules/common/agents.md +55 -0
  159. package/rules/common/code-review.md +129 -0
  160. package/rules/common/coding-style.md +95 -0
  161. package/rules/common/comments.md +139 -0
  162. package/rules/common/cx-agent-routing.md +61 -0
  163. package/rules/common/cx-skill-routing.md +11 -0
  164. package/rules/common/development-workflow.md +49 -0
  165. package/rules/common/git-workflow.md +29 -0
  166. package/rules/common/hooks.md +35 -0
  167. package/rules/common/patterns.md +36 -0
  168. package/rules/common/performance.md +71 -0
  169. package/rules/common/security.md +34 -0
  170. package/rules/common/testing.md +62 -0
  171. package/rules/golang/coding-style.md +37 -0
  172. package/rules/golang/hooks.md +22 -0
  173. package/rules/golang/patterns.md +50 -0
  174. package/rules/golang/security.md +39 -0
  175. package/rules/golang/testing.md +36 -0
  176. package/rules/python/coding-style.md +47 -0
  177. package/rules/python/hooks.md +24 -0
  178. package/rules/python/patterns.md +44 -0
  179. package/rules/python/security.md +35 -0
  180. package/rules/python/testing.md +43 -0
  181. package/rules/swift/coding-style.md +52 -0
  182. package/rules/swift/hooks.md +25 -0
  183. package/rules/swift/patterns.md +71 -0
  184. package/rules/swift/security.md +38 -0
  185. package/rules/swift/testing.md +50 -0
  186. package/rules/typescript/coding-style.md +204 -0
  187. package/rules/typescript/hooks.md +27 -0
  188. package/rules/typescript/patterns.md +57 -0
  189. package/rules/typescript/security.md +33 -0
  190. package/rules/typescript/testing.md +23 -0
  191. package/rules/web/coding-style.md +101 -0
  192. package/rules/web/design-quality.md +68 -0
  193. package/rules/web/hooks.md +125 -0
  194. package/rules/web/patterns.md +84 -0
  195. package/rules/web/performance.md +69 -0
  196. package/rules/web/security.md +62 -0
  197. package/rules/web/testing.md +60 -0
  198. package/rules/zh/README.md +113 -0
  199. package/rules/zh/agents.md +55 -0
  200. package/rules/zh/code-review.md +129 -0
  201. package/rules/zh/coding-style.md +53 -0
  202. package/rules/zh/development-workflow.md +49 -0
  203. package/rules/zh/git-workflow.md +29 -0
  204. package/rules/zh/hooks.md +35 -0
  205. package/rules/zh/patterns.md +36 -0
  206. package/rules/zh/performance.md +60 -0
  207. package/rules/zh/security.md +34 -0
  208. package/rules/zh/testing.md +34 -0
  209. package/skills/ai/agent-dev.md +102 -0
  210. package/skills/ai/llm-security.md +105 -0
  211. package/skills/ai/ml-ops.md +169 -0
  212. package/skills/ai/orchestration-workflow.md +87 -0
  213. package/skills/ai/prompt-and-eval.md +114 -0
  214. package/skills/ai/prompt-optimizer.md +114 -0
  215. package/skills/ai/rag-system.md +104 -0
  216. package/skills/architecture/api-design.md +100 -0
  217. package/skills/architecture/caching.md +101 -0
  218. package/skills/architecture/cloud-native.md +97 -0
  219. package/skills/architecture/message-queue.md +100 -0
  220. package/skills/architecture/security-arch.md +105 -0
  221. package/skills/development/cpp.md +127 -0
  222. package/skills/development/go.md +129 -0
  223. package/skills/development/java.md +134 -0
  224. package/skills/development/kotlin.md +140 -0
  225. package/skills/development/mobile-crossplatform.md +144 -0
  226. package/skills/development/python.md +109 -0
  227. package/skills/development/rust.md +127 -0
  228. package/skills/development/shell.md +127 -0
  229. package/skills/development/swift.md +129 -0
  230. package/skills/development/typescript.md +129 -0
  231. package/skills/devops/ci-cd.md +108 -0
  232. package/skills/devops/containerization.md +106 -0
  233. package/skills/devops/cost-optimization.md +105 -0
  234. package/skills/devops/data-engineering.md +181 -0
  235. package/skills/devops/database.md +95 -0
  236. package/skills/devops/dependency-management.md +91 -0
  237. package/skills/devops/devsecops.md +96 -0
  238. package/skills/devops/git-workflow.md +100 -0
  239. package/skills/devops/incident-response.md +167 -0
  240. package/skills/devops/monorepo.md +87 -0
  241. package/skills/devops/observability.md +103 -0
  242. package/skills/devops/performance.md +104 -0
  243. package/skills/devops/testing.md +104 -0
  244. package/skills/docs/adr-workflow.md +32 -0
  245. package/skills/docs/backlog-proposal-workflow.md +19 -0
  246. package/skills/docs/customer-profile-workflow.md +22 -0
  247. package/skills/docs/evidence-ingest-workflow.md +23 -0
  248. package/skills/docs/init-docs.md +160 -0
  249. package/skills/docs/init-project.md +50 -0
  250. package/skills/docs/prd-workflow.md +57 -0
  251. package/skills/docs/prfaq-workflow.md +25 -0
  252. package/skills/docs/product-intelligence-review.md +22 -0
  253. package/skills/docs/product-intelligence-workflow.md +62 -0
  254. package/skills/docs/product-signal-workflow.md +27 -0
  255. package/skills/docs/research-workflow.md +28 -0
  256. package/skills/docs/runbook-workflow.md +24 -0
  257. package/skills/exploration/repo-map.md +297 -0
  258. package/skills/frameworks/django.md +159 -0
  259. package/skills/frameworks/nextjs.md +148 -0
  260. package/skills/frameworks/react.md +132 -0
  261. package/skills/frameworks/spring-boot.md +165 -0
  262. package/skills/frontend-design/accessibility.md +153 -0
  263. package/skills/frontend-design/component-patterns.md +111 -0
  264. package/skills/frontend-design/engineering.md +122 -0
  265. package/skills/frontend-design/state-management.md +118 -0
  266. package/skills/frontend-design/ui-aesthetics.md +102 -0
  267. package/skills/frontend-design/ux-principles.md +126 -0
  268. package/skills/quality-gates/review-work.md +90 -0
  269. package/skills/quality-gates/verify-change.md +94 -0
  270. package/skills/quality-gates/verify-module.md +96 -0
  271. package/skills/quality-gates/verify-quality.md +93 -0
  272. package/skills/quality-gates/verify-security.md +95 -0
  273. package/skills/roles/architect.ai-systems.md +37 -0
  274. package/skills/roles/architect.data.md +37 -0
  275. package/skills/roles/architect.enterprise.md +37 -0
  276. package/skills/roles/architect.integration.md +37 -0
  277. package/skills/roles/architect.md +68 -0
  278. package/skills/roles/architect.platform.md +37 -0
  279. package/skills/roles/data-analyst.experiment.md +37 -0
  280. package/skills/roles/data-analyst.md +68 -0
  281. package/skills/roles/data-analyst.product-intelligence.md +37 -0
  282. package/skills/roles/data-analyst.product.md +37 -0
  283. package/skills/roles/data-analyst.telemetry.md +37 -0
  284. package/skills/roles/data-engineer.pipeline.md +37 -0
  285. package/skills/roles/data-engineer.vector-retrieval.md +37 -0
  286. package/skills/roles/data-engineer.warehouse.md +37 -0
  287. package/skills/roles/debugger.md +68 -0
  288. package/skills/roles/designer.accessibility.md +43 -0
  289. package/skills/roles/designer.md +68 -0
  290. package/skills/roles/engineer.ai.md +49 -0
  291. package/skills/roles/engineer.data.md +49 -0
  292. package/skills/roles/engineer.md +85 -0
  293. package/skills/roles/engineer.platform.md +49 -0
  294. package/skills/roles/operator.docs.md +43 -0
  295. package/skills/roles/operator.md +68 -0
  296. package/skills/roles/operator.release.md +43 -0
  297. package/skills/roles/operator.sre.md +43 -0
  298. package/skills/roles/orchestrator.md +66 -0
  299. package/skills/roles/product-manager.ai-product.md +37 -0
  300. package/skills/roles/product-manager.business-strategy.md +43 -0
  301. package/skills/roles/product-manager.enterprise.md +37 -0
  302. package/skills/roles/product-manager.growth.md +37 -0
  303. package/skills/roles/product-manager.md +67 -0
  304. package/skills/roles/product-manager.platform.md +37 -0
  305. package/skills/roles/product-manager.product.md +37 -0
  306. package/skills/roles/qa.ai-eval.md +37 -0
  307. package/skills/roles/qa.api-contract.md +37 -0
  308. package/skills/roles/qa.data-pipeline.md +37 -0
  309. package/skills/roles/qa.md +68 -0
  310. package/skills/roles/qa.test-automation.md +49 -0
  311. package/skills/roles/qa.web-ui.md +37 -0
  312. package/skills/roles/researcher.explorer.md +43 -0
  313. package/skills/roles/researcher.md +68 -0
  314. package/skills/roles/researcher.ux.md +43 -0
  315. package/skills/roles/reviewer.devil-advocate.md +43 -0
  316. package/skills/roles/reviewer.evaluator.md +43 -0
  317. package/skills/roles/reviewer.md +68 -0
  318. package/skills/roles/reviewer.trace.md +43 -0
  319. package/skills/roles/security.ai.md +37 -0
  320. package/skills/roles/security.appsec.md +37 -0
  321. package/skills/roles/security.cloud.md +37 -0
  322. package/skills/roles/security.legal-compliance.md +49 -0
  323. package/skills/roles/security.md +68 -0
  324. package/skills/roles/security.privacy.md +37 -0
  325. package/skills/roles/security.supply-chain.md +37 -0
  326. package/skills/routing.md +139 -0
  327. package/skills/security/blue-team.md +83 -0
  328. package/skills/security/code-audit.md +94 -0
  329. package/skills/security/pentest.md +84 -0
  330. package/skills/security/red-team.md +81 -0
  331. package/skills/security/threat-intel.md +89 -0
  332. package/skills/security/vuln-research.md +87 -0
  333. package/skills/utility/clean-code.md +165 -0
  334. package/sync-agents.mjs +899 -0
  335. package/templates/docs/adr.md +27 -0
  336. package/templates/docs/backlog-proposal.md +26 -0
  337. package/templates/docs/customer-profile.md +34 -0
  338. package/templates/docs/evidence-brief.md +37 -0
  339. package/templates/docs/incident-report.md +46 -0
  340. package/templates/docs/memo.md +27 -0
  341. package/templates/docs/meta-prd.md +56 -0
  342. package/templates/docs/one-pager.md +24 -0
  343. package/templates/docs/prd-business.md +61 -0
  344. package/templates/docs/prd-platform.md +62 -0
  345. package/templates/docs/prd.md +47 -0
  346. package/templates/docs/prfaq.md +31 -0
  347. package/templates/docs/product-intelligence-report.md +31 -0
  348. package/templates/docs/research-brief.md +29 -0
  349. package/templates/docs/rfc-platform.md +60 -0
  350. package/templates/docs/rfc.md +46 -0
  351. package/templates/docs/runbook.md +33 -0
  352. package/templates/docs/signal-brief.md +25 -0
@@ -0,0 +1,29 @@
1
+ <!--
2
+ rules/common/git-workflow.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ # Git Workflow
7
+
8
+ ## Commit Message Format
9
+ ```
10
+ <type>: <description>
11
+
12
+ <optional body>
13
+ ```
14
+
15
+ Types: feat, fix, refactor, docs, test, chore, perf, ci
16
+
17
+ Note: Attribution disabled globally via ~/.claude/settings.json.
18
+
19
+ ## Pull Request Workflow
20
+
21
+ When creating PRs:
22
+ 1. Analyze full commit history (not just latest commit)
23
+ 2. Use `git diff [base-branch]...HEAD` to see all changes
24
+ 3. Draft comprehensive PR summary
25
+ 4. Include test plan with TODOs
26
+ 5. Push with `-u` flag if new branch
27
+
28
+ > For the full development process (planning, TDD, code review) before git operations,
29
+ > see [development-workflow.md](./development-workflow.md).
@@ -0,0 +1,35 @@
1
+ <!--
2
+ rules/common/hooks.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ # Hooks System
7
+
8
+ ## Hook Types
9
+
10
+ - **PreToolUse**: Before tool execution (validation, parameter modification)
11
+ - **PostToolUse**: After tool execution (auto-format, checks)
12
+ - **Stop**: When session ends (final verification)
13
+
14
+ ## Auto-Accept Permissions
15
+
16
+ Use with caution:
17
+ - Enable for trusted, well-defined plans
18
+ - Disable for exploratory work
19
+ - Never use dangerously-skip-permissions flag
20
+ - Configure `allowedTools` in `~/.claude.json` instead
21
+
22
+ ## TodoWrite Best Practices
23
+
24
+ Use TodoWrite tool to:
25
+ - Track progress on multi-step tasks
26
+ - Verify understanding of instructions
27
+ - Enable real-time steering
28
+ - Show granular implementation steps
29
+
30
+ Todo list reveals:
31
+ - Out of order steps
32
+ - Missing items
33
+ - Extra unnecessary items
34
+ - Wrong granularity
35
+ - Misinterpreted requirements
@@ -0,0 +1,36 @@
1
+ <!--
2
+ rules/common/patterns.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ # Common Patterns
7
+
8
+ ## Skeleton Projects
9
+
10
+ When implementing new functionality:
11
+ 1. Search for battle-tested skeleton projects
12
+ 2. Use parallel agents to evaluate options:
13
+ - Security assessment
14
+ - Extensibility analysis
15
+ - Relevance scoring
16
+ - Implementation planning
17
+ 3. Clone best match as foundation
18
+ 4. Iterate within proven structure
19
+
20
+ ## Design Patterns
21
+
22
+ ### Repository Pattern
23
+
24
+ Encapsulate data access behind a consistent interface:
25
+ - Define standard operations: findAll, findById, create, update, delete
26
+ - Concrete implementations handle storage details (database, API, file, etc.)
27
+ - Business logic depends on the abstract interface, not the storage mechanism
28
+ - Enables easy swapping of data sources and simplifies testing with mocks
29
+
30
+ ### API Response Format
31
+
32
+ Use a consistent envelope for all API responses:
33
+ - Include a success/status indicator
34
+ - Include the data payload (nullable on error)
35
+ - Include an error message field (nullable on success)
36
+ - Include metadata for paginated responses (total, page, limit)
@@ -0,0 +1,71 @@
1
+ <!--
2
+ rules/common/performance.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ # Performance Optimization
7
+
8
+ ## Model Selection Strategy
9
+
10
+ **Haiku 4.5** (90% of Sonnet capability, 3x cost savings):
11
+ - Lightweight agents with frequent invocation
12
+ - Pair programming and code generation
13
+ - Worker agents in multi-agent systems
14
+
15
+ **Sonnet 4.6** (Best coding model):
16
+ - Main development work
17
+ - Orchestrating multi-agent workflows
18
+ - Complex coding tasks
19
+
20
+ **Opus 4.5** (Deepest reasoning):
21
+ - Complex architectural decisions
22
+ - Maximum reasoning requirements
23
+ - Research and analysis tasks
24
+
25
+ ## Context Window Management
26
+
27
+ Avoid last 20% of context window for:
28
+ - Large-scale refactoring
29
+ - Feature implementation spanning multiple files
30
+ - Debugging complex interactions
31
+
32
+ Prefer this retrieval ladder before loading more context:
33
+ 1. `Grep` / `Glob` to narrow candidate files
34
+ 2. targeted `Read` windows (aim for <400 lines)
35
+ 3. parallel reads for the minimum necessary file set
36
+ 4. summarize to `.cx/context.md` before broad re-exploration or compaction
37
+
38
+ Heuristics:
39
+ - Re-reading the same file multiple times without a state change is usually a retrieval smell.
40
+ - Large reads should be reserved for files where local structure matters more than symbol search.
41
+ - Use workflow/context artifacts as cached state instead of rediscovering the same background repeatedly.
42
+
43
+ Lower context sensitivity tasks:
44
+ - Single-file edits
45
+ - Independent utility creation
46
+ - Documentation updates
47
+ - Simple bug fixes
48
+
49
+ ## Extended Thinking + Plan Mode
50
+
51
+ Extended thinking is enabled by default, reserving up to 31,999 tokens for internal reasoning.
52
+
53
+ Control extended thinking via:
54
+ - **Toggle**: Option+T (macOS) / Alt+T (Windows/Linux)
55
+ - **Config**: Set `alwaysThinkingEnabled` in `~/.claude/settings.json`
56
+ - **Budget cap**: `export MAX_THINKING_TOKENS=10000`
57
+ - **Verbose mode**: Ctrl+O to see thinking output
58
+
59
+ For complex tasks requiring deep reasoning:
60
+ 1. Ensure extended thinking is enabled (on by default)
61
+ 2. Enable **Plan Mode** for structured approach
62
+ 3. Use multiple critique rounds for thorough analysis
63
+ 4. Use split role sub-agents for diverse perspectives
64
+
65
+ ## Build Troubleshooting
66
+
67
+ If build fails:
68
+ 1. Use **build-error-resolver** agent
69
+ 2. Analyze error messages
70
+ 3. Fix incrementally
71
+ 4. Verify after each fix
@@ -0,0 +1,34 @@
1
+ <!--
2
+ rules/common/security.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ # Security Guidelines
7
+
8
+ ## Mandatory Security Checks
9
+
10
+ Before ANY commit:
11
+ - [ ] No hardcoded secrets (API keys, passwords, tokens)
12
+ - [ ] All user inputs validated
13
+ - [ ] SQL injection prevention (parameterized queries)
14
+ - [ ] XSS prevention (sanitized HTML)
15
+ - [ ] CSRF protection enabled
16
+ - [ ] Authentication/authorization verified
17
+ - [ ] Rate limiting on all endpoints
18
+ - [ ] Error messages don't leak sensitive data
19
+
20
+ ## Secret Management
21
+
22
+ - NEVER hardcode secrets in source code
23
+ - ALWAYS use environment variables or a secret manager
24
+ - Validate that required secrets are present at startup
25
+ - Rotate any secrets that may have been exposed
26
+
27
+ ## Security Response Protocol
28
+
29
+ If security issue found:
30
+ 1. STOP immediately
31
+ 2. Use **security-reviewer** agent
32
+ 3. Fix CRITICAL issues before continuing
33
+ 4. Rotate any exposed secrets
34
+ 5. Review entire codebase for similar issues
@@ -0,0 +1,62 @@
1
+ <!--
2
+ rules/common/testing.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ # Testing Requirements
7
+
8
+ ## Minimum Test Coverage: 80%
9
+
10
+ Test Types (ALL required):
11
+ 1. **Unit Tests** - Individual functions, utilities, components
12
+ 2. **Integration Tests** - API endpoints, database operations
13
+ 3. **E2E Tests** - Critical user flows (framework chosen per language)
14
+
15
+ ## Test-Driven Development
16
+
17
+ MANDATORY workflow:
18
+ 1. Write test first (RED)
19
+ 2. Run test - it should FAIL
20
+ 3. Write minimal implementation (GREEN)
21
+ 4. Run test - it should PASS
22
+ 5. Refactor (IMPROVE)
23
+ 6. Verify coverage (80%+)
24
+
25
+ ## Troubleshooting Test Failures
26
+
27
+ 1. Use **tdd-guide** agent
28
+ 2. Check test isolation
29
+ 3. Verify mocks are correct
30
+ 4. Fix implementation, not tests (unless tests are wrong)
31
+
32
+ ## Agent Support
33
+
34
+ - **tdd-guide** - Use PROACTIVELY for new features, enforces write-tests-first
35
+
36
+ ## Test Structure (AAA Pattern)
37
+
38
+ Prefer Arrange-Act-Assert structure for tests:
39
+
40
+ ```typescript
41
+ test('calculates similarity correctly', () => {
42
+ // Arrange
43
+ const vector1 = [1, 0, 0]
44
+ const vector2 = [0, 1, 0]
45
+
46
+ // Act
47
+ const similarity = calculateCosineSimilarity(vector1, vector2)
48
+
49
+ // Assert
50
+ expect(similarity).toBe(0)
51
+ })
52
+ ```
53
+
54
+ ### Test Naming
55
+
56
+ Use descriptive names that explain the behavior under test:
57
+
58
+ ```typescript
59
+ test('returns empty array when no markets match query', () => {})
60
+ test('throws error when API key is missing', () => {})
61
+ test('falls back to substring search when Redis is unavailable', () => {})
62
+ ```
@@ -0,0 +1,37 @@
1
+ <!--
2
+ rules/golang/coding-style.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ ---
7
+ paths:
8
+ - "**/*.go"
9
+ - "**/go.mod"
10
+ - "**/go.sum"
11
+ ---
12
+ # Go Coding Style
13
+
14
+ > This file extends [common/coding-style.md](../common/coding-style.md) with Go specific content.
15
+
16
+ ## Formatting
17
+
18
+ - **gofmt** and **goimports** are mandatory — no style debates
19
+
20
+ ## Design Principles
21
+
22
+ - Accept interfaces, return structs
23
+ - Keep interfaces small (1-3 methods)
24
+
25
+ ## Error Handling
26
+
27
+ Always wrap errors with context:
28
+
29
+ ```go
30
+ if err != nil {
31
+ return fmt.Errorf("failed to create user: %w", err)
32
+ }
33
+ ```
34
+
35
+ ## Reference
36
+
37
+ See skill: `golang-patterns` for comprehensive Go idioms and patterns.
@@ -0,0 +1,22 @@
1
+ <!--
2
+ rules/golang/hooks.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ ---
7
+ paths:
8
+ - "**/*.go"
9
+ - "**/go.mod"
10
+ - "**/go.sum"
11
+ ---
12
+ # Go Hooks
13
+
14
+ > This file extends [common/hooks.md](../common/hooks.md) with Go specific content.
15
+
16
+ ## PostToolUse Hooks
17
+
18
+ Configure in `~/.claude/settings.json`:
19
+
20
+ - **gofmt/goimports**: Auto-format `.go` files after edit
21
+ - **go vet**: Run static analysis after editing `.go` files
22
+ - **staticcheck**: Run extended static checks on modified packages
@@ -0,0 +1,50 @@
1
+ <!--
2
+ rules/golang/patterns.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ ---
7
+ paths:
8
+ - "**/*.go"
9
+ - "**/go.mod"
10
+ - "**/go.sum"
11
+ ---
12
+ # Go Patterns
13
+
14
+ > This file extends [common/patterns.md](../common/patterns.md) with Go specific content.
15
+
16
+ ## Functional Options
17
+
18
+ ```go
19
+ type Option func(*Server)
20
+
21
+ func WithPort(port int) Option {
22
+ return func(s *Server) { s.port = port }
23
+ }
24
+
25
+ func NewServer(opts ...Option) *Server {
26
+ s := &Server{port: 8080}
27
+ for _, opt := range opts {
28
+ opt(s)
29
+ }
30
+ return s
31
+ }
32
+ ```
33
+
34
+ ## Small Interfaces
35
+
36
+ Define interfaces where they are used, not where they are implemented.
37
+
38
+ ## Dependency Injection
39
+
40
+ Use constructor functions to inject dependencies:
41
+
42
+ ```go
43
+ func NewUserService(repo UserRepository, logger Logger) *UserService {
44
+ return &UserService{repo: repo, logger: logger}
45
+ }
46
+ ```
47
+
48
+ ## Reference
49
+
50
+ See skill: `golang-patterns` for comprehensive Go patterns including concurrency, error handling, and package organization.
@@ -0,0 +1,39 @@
1
+ <!--
2
+ rules/golang/security.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ ---
7
+ paths:
8
+ - "**/*.go"
9
+ - "**/go.mod"
10
+ - "**/go.sum"
11
+ ---
12
+ # Go Security
13
+
14
+ > This file extends [common/security.md](../common/security.md) with Go specific content.
15
+
16
+ ## Secret Management
17
+
18
+ ```go
19
+ apiKey := os.Getenv("OPENAI_API_KEY")
20
+ if apiKey == "" {
21
+ log.Fatal("OPENAI_API_KEY not configured")
22
+ }
23
+ ```
24
+
25
+ ## Security Scanning
26
+
27
+ - Use **gosec** for static security analysis:
28
+ ```bash
29
+ gosec ./...
30
+ ```
31
+
32
+ ## Context & Timeouts
33
+
34
+ Always use `context.Context` for timeout control:
35
+
36
+ ```go
37
+ ctx, cancel := context.WithTimeout(ctx, 5*time.Second)
38
+ defer cancel()
39
+ ```
@@ -0,0 +1,36 @@
1
+ <!--
2
+ rules/golang/testing.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ ---
7
+ paths:
8
+ - "**/*.go"
9
+ - "**/go.mod"
10
+ - "**/go.sum"
11
+ ---
12
+ # Go Testing
13
+
14
+ > This file extends [common/testing.md](../common/testing.md) with Go specific content.
15
+
16
+ ## Framework
17
+
18
+ Use the standard `go test` with **table-driven tests**.
19
+
20
+ ## Race Detection
21
+
22
+ Always run with the `-race` flag:
23
+
24
+ ```bash
25
+ go test -race ./...
26
+ ```
27
+
28
+ ## Coverage
29
+
30
+ ```bash
31
+ go test -cover ./...
32
+ ```
33
+
34
+ ## Reference
35
+
36
+ See skill: `golang-testing` for detailed Go testing patterns and helpers.
@@ -0,0 +1,47 @@
1
+ <!--
2
+ rules/python/coding-style.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ ---
7
+ paths:
8
+ - "**/*.py"
9
+ - "**/*.pyi"
10
+ ---
11
+ # Python Coding Style
12
+
13
+ > This file extends [common/coding-style.md](../common/coding-style.md) with Python specific content.
14
+
15
+ ## Standards
16
+
17
+ - Follow **PEP 8** conventions
18
+ - Use **type annotations** on all function signatures
19
+
20
+ ## Immutability
21
+
22
+ Prefer immutable data structures:
23
+
24
+ ```python
25
+ from dataclasses import dataclass
26
+
27
+ @dataclass(frozen=True)
28
+ class User:
29
+ name: str
30
+ email: str
31
+
32
+ from typing import NamedTuple
33
+
34
+ class Point(NamedTuple):
35
+ x: float
36
+ y: float
37
+ ```
38
+
39
+ ## Formatting
40
+
41
+ - **black** for code formatting
42
+ - **isort** for import sorting
43
+ - **ruff** for linting
44
+
45
+ ## Reference
46
+
47
+ See skill: `python-patterns` for comprehensive Python idioms and patterns.
@@ -0,0 +1,24 @@
1
+ <!--
2
+ rules/python/hooks.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ ---
7
+ paths:
8
+ - "**/*.py"
9
+ - "**/*.pyi"
10
+ ---
11
+ # Python Hooks
12
+
13
+ > This file extends [common/hooks.md](../common/hooks.md) with Python specific content.
14
+
15
+ ## PostToolUse Hooks
16
+
17
+ Configure in `~/.claude/settings.json`:
18
+
19
+ - **black/ruff**: Auto-format `.py` files after edit
20
+ - **mypy/pyright**: Run type checking after editing `.py` files
21
+
22
+ ## Warnings
23
+
24
+ - Warn about `print()` statements in edited files (use `logging` module instead)
@@ -0,0 +1,44 @@
1
+ <!--
2
+ rules/python/patterns.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ ---
7
+ paths:
8
+ - "**/*.py"
9
+ - "**/*.pyi"
10
+ ---
11
+ # Python Patterns
12
+
13
+ > This file extends [common/patterns.md](../common/patterns.md) with Python specific content.
14
+
15
+ ## Protocol (Duck Typing)
16
+
17
+ ```python
18
+ from typing import Protocol
19
+
20
+ class Repository(Protocol):
21
+ def find_by_id(self, id: str) -> dict | None: ...
22
+ def save(self, entity: dict) -> dict: ...
23
+ ```
24
+
25
+ ## Dataclasses as DTOs
26
+
27
+ ```python
28
+ from dataclasses import dataclass
29
+
30
+ @dataclass
31
+ class CreateUserRequest:
32
+ name: str
33
+ email: str
34
+ age: int | None = None
35
+ ```
36
+
37
+ ## Context Managers & Generators
38
+
39
+ - Use context managers (`with` statement) for resource management
40
+ - Use generators for lazy evaluation and memory-efficient iteration
41
+
42
+ ## Reference
43
+
44
+ See skill: `python-patterns` for comprehensive patterns including decorators, concurrency, and package organization.
@@ -0,0 +1,35 @@
1
+ <!--
2
+ rules/python/security.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ ---
7
+ paths:
8
+ - "**/*.py"
9
+ - "**/*.pyi"
10
+ ---
11
+ # Python Security
12
+
13
+ > This file extends [common/security.md](../common/security.md) with Python specific content.
14
+
15
+ ## Secret Management
16
+
17
+ ```python
18
+ import os
19
+ from dotenv import load_dotenv
20
+
21
+ load_dotenv()
22
+
23
+ api_key = os.environ["OPENAI_API_KEY"] # Raises KeyError if missing
24
+ ```
25
+
26
+ ## Security Scanning
27
+
28
+ - Use **bandit** for static security analysis:
29
+ ```bash
30
+ bandit -r src/
31
+ ```
32
+
33
+ ## Reference
34
+
35
+ See skill: `django-security` for Django-specific security guidelines (if applicable).
@@ -0,0 +1,43 @@
1
+ <!--
2
+ rules/python/testing.md — <one-line purpose>
3
+
4
+ <2–6 line summary.>
5
+ -->
6
+ ---
7
+ paths:
8
+ - "**/*.py"
9
+ - "**/*.pyi"
10
+ ---
11
+ # Python Testing
12
+
13
+ > This file extends [common/testing.md](../common/testing.md) with Python specific content.
14
+
15
+ ## Framework
16
+
17
+ Use **pytest** as the testing framework.
18
+
19
+ ## Coverage
20
+
21
+ ```bash
22
+ pytest --cov=src --cov-report=term-missing
23
+ ```
24
+
25
+ ## Test Organization
26
+
27
+ Use `pytest.mark` for test categorization:
28
+
29
+ ```python
30
+ import pytest
31
+
32
+ @pytest.mark.unit
33
+ def test_calculate_total():
34
+ ...
35
+
36
+ @pytest.mark.integration
37
+ def test_database_connection():
38
+ ...
39
+ ```
40
+
41
+ ## Reference
42
+
43
+ See skill: `python-testing` for detailed pytest patterns and fixtures.