@geraldmaron/construct 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (352) hide show
  1. package/.env.example +69 -0
  2. package/LICENSE +21 -0
  3. package/README.md +344 -0
  4. package/agents/prompts/cx-accessibility.md +29 -0
  5. package/agents/prompts/cx-ai-engineer.md +31 -0
  6. package/agents/prompts/cx-architect.md +40 -0
  7. package/agents/prompts/cx-business-strategist.md +25 -0
  8. package/agents/prompts/cx-data-analyst.md +30 -0
  9. package/agents/prompts/cx-data-engineer.md +32 -0
  10. package/agents/prompts/cx-debugger.md +27 -0
  11. package/agents/prompts/cx-designer.md +33 -0
  12. package/agents/prompts/cx-devil-advocate.md +36 -0
  13. package/agents/prompts/cx-docs-keeper.md +50 -0
  14. package/agents/prompts/cx-engineer.md +36 -0
  15. package/agents/prompts/cx-evaluator.md +26 -0
  16. package/agents/prompts/cx-explorer.md +38 -0
  17. package/agents/prompts/cx-legal-compliance.md +25 -0
  18. package/agents/prompts/cx-operations.md +28 -0
  19. package/agents/prompts/cx-orchestrator.md +30 -0
  20. package/agents/prompts/cx-platform-engineer.md +25 -0
  21. package/agents/prompts/cx-product-manager.md +30 -0
  22. package/agents/prompts/cx-qa.md +42 -0
  23. package/agents/prompts/cx-rd-lead.md +25 -0
  24. package/agents/prompts/cx-release-manager.md +31 -0
  25. package/agents/prompts/cx-researcher.md +31 -0
  26. package/agents/prompts/cx-reviewer.md +36 -0
  27. package/agents/prompts/cx-security.md +37 -0
  28. package/agents/prompts/cx-sre.md +26 -0
  29. package/agents/prompts/cx-test-automation.md +35 -0
  30. package/agents/prompts/cx-trace-reviewer.md +76 -0
  31. package/agents/prompts/cx-ux-researcher.md +30 -0
  32. package/agents/registry.json +879 -0
  33. package/agents/teams.json +94 -0
  34. package/bin/construct +613 -0
  35. package/commands/build/feature.md +21 -0
  36. package/commands/build/fix.md +20 -0
  37. package/commands/design/access.md +19 -0
  38. package/commands/design/flow.md +16 -0
  39. package/commands/design/ui.md +18 -0
  40. package/commands/measure/experiment.md +18 -0
  41. package/commands/measure/metrics.md +18 -0
  42. package/commands/measure/results.md +18 -0
  43. package/commands/plan/api.md +19 -0
  44. package/commands/plan/challenge.md +18 -0
  45. package/commands/plan/decide.md +20 -0
  46. package/commands/plan/feature.md +49 -0
  47. package/commands/plan/requirements.md +24 -0
  48. package/commands/remember/context.md +26 -0
  49. package/commands/remember/handoff.md +19 -0
  50. package/commands/remember/runbook.md +20 -0
  51. package/commands/review/code.md +21 -0
  52. package/commands/review/quality.md +19 -0
  53. package/commands/review/security.md +16 -0
  54. package/commands/ship/ready.md +19 -0
  55. package/commands/ship/release.md +19 -0
  56. package/commands/ship/status.md +18 -0
  57. package/commands/understand/docs.md +22 -0
  58. package/commands/understand/research.md +22 -0
  59. package/commands/understand/this.md +23 -0
  60. package/commands/understand/why.md +18 -0
  61. package/commands/work/clean.md +32 -0
  62. package/commands/work/drive.md +69 -0
  63. package/commands/work/optimize-prompts.md +46 -0
  64. package/commands/work/parallel-review.md +40 -0
  65. package/db/migrations/001_init.sql +38 -0
  66. package/langfuse/docker-compose.yml +82 -0
  67. package/lib/audit-skills.mjs +118 -0
  68. package/lib/auto-docs.mjs +293 -0
  69. package/lib/cli-commands.mjs +409 -0
  70. package/lib/codex-config.mjs +114 -0
  71. package/lib/comment-lint.mjs +191 -0
  72. package/lib/completions.mjs +170 -0
  73. package/lib/context-state.mjs +99 -0
  74. package/lib/cost.mjs +213 -0
  75. package/lib/distill.mjs +403 -0
  76. package/lib/efficiency.mjs +139 -0
  77. package/lib/env-config.mjs +53 -0
  78. package/lib/eval-harness.mjs +59 -0
  79. package/lib/features.mjs +209 -0
  80. package/lib/headhunt.mjs +597 -0
  81. package/lib/hooks/adaptive-lint.mjs +112 -0
  82. package/lib/hooks/agent-tracker.mjs +50 -0
  83. package/lib/hooks/bootstrap-guard.mjs +90 -0
  84. package/lib/hooks/comment-lint.mjs +26 -0
  85. package/lib/hooks/config-protection.mjs +52 -0
  86. package/lib/hooks/console-warn.mjs +43 -0
  87. package/lib/hooks/context-window-recovery.mjs +90 -0
  88. package/lib/hooks/continuation-enforcer.mjs +72 -0
  89. package/lib/hooks/dep-audit.mjs +155 -0
  90. package/lib/hooks/drive-guard.mjs +89 -0
  91. package/lib/hooks/edit-accumulator.mjs +36 -0
  92. package/lib/hooks/edit-error-recovery.mjs +46 -0
  93. package/lib/hooks/edit-guard.mjs +109 -0
  94. package/lib/hooks/env-check.mjs +80 -0
  95. package/lib/hooks/guard-bash.mjs +83 -0
  96. package/lib/hooks/mcp-audit.mjs +57 -0
  97. package/lib/hooks/mcp-health-check.mjs +51 -0
  98. package/lib/hooks/mcp-task-scope.mjs +47 -0
  99. package/lib/hooks/model-fallback.mjs +105 -0
  100. package/lib/hooks/pre-compact.mjs +212 -0
  101. package/lib/hooks/pre-push-gate.mjs +129 -0
  102. package/lib/hooks/read-tracker.mjs +129 -0
  103. package/lib/hooks/registry-sync.mjs +23 -0
  104. package/lib/hooks/scan-secrets.mjs +76 -0
  105. package/lib/hooks/session-start.mjs +95 -0
  106. package/lib/hooks/stop-notify.mjs +191 -0
  107. package/lib/hooks/stop-typecheck.mjs +83 -0
  108. package/lib/hooks/task-completed-guard.mjs +43 -0
  109. package/lib/hooks/teammate-idle-guard.mjs +54 -0
  110. package/lib/hooks/workflow-guard.mjs +62 -0
  111. package/lib/host-capabilities.mjs +123 -0
  112. package/lib/init-docs.mjs +382 -0
  113. package/lib/mcp/server.mjs +1123 -0
  114. package/lib/mcp-catalog.json +243 -0
  115. package/lib/mcp-manager.mjs +433 -0
  116. package/lib/mcp-platform-config.mjs +104 -0
  117. package/lib/model-router.mjs +810 -0
  118. package/lib/opencode-config.mjs +44 -0
  119. package/lib/opencode-runtime-plugin.mjs +909 -0
  120. package/lib/opencode-telemetry.mjs +433 -0
  121. package/lib/orchestration-policy.mjs +258 -0
  122. package/lib/prompt-composer.mjs +196 -0
  123. package/lib/prompt-metadata.mjs +68 -0
  124. package/lib/review.mjs +429 -0
  125. package/lib/role-preload.mjs +52 -0
  126. package/lib/schemas/decision.json +50 -0
  127. package/lib/schemas/implementation.json +51 -0
  128. package/lib/schemas/review-report.json +32 -0
  129. package/lib/schemas/test-report.json +43 -0
  130. package/lib/server/index.mjs +334 -0
  131. package/lib/server/static/app.js +841 -0
  132. package/lib/server/static/index.html +820 -0
  133. package/lib/service-manager.mjs +225 -0
  134. package/lib/setup.mjs +319 -0
  135. package/lib/status.mjs +707 -0
  136. package/lib/storage/backend.mjs +44 -0
  137. package/lib/storage/embeddings.mjs +70 -0
  138. package/lib/storage/hybrid-query.mjs +184 -0
  139. package/lib/storage/sql-store.mjs +55 -0
  140. package/lib/storage/state-source.mjs +101 -0
  141. package/lib/storage/sync.mjs +164 -0
  142. package/lib/storage/vector-store.mjs +59 -0
  143. package/lib/telemetry/backends/langfuse.mjs +58 -0
  144. package/lib/telemetry/backends/noop.mjs +16 -0
  145. package/lib/telemetry/langfuse-ingest.mjs +108 -0
  146. package/lib/telemetry/langfuse-model-sync.mjs +270 -0
  147. package/lib/telemetry/team-rollup.mjs +143 -0
  148. package/lib/toolkit-env.mjs +30 -0
  149. package/lib/validator.mjs +181 -0
  150. package/lib/workflow-state.mjs +794 -0
  151. package/package.json +53 -0
  152. package/personas/construct.md +94 -0
  153. package/platforms/claude/CLAUDE.md +30 -0
  154. package/platforms/claude/settings.template.json +472 -0
  155. package/platforms/opencode/config.template.json +65 -0
  156. package/platforms/opencode/plugins/construct-fallback.js +5 -0
  157. package/platforms/opencode/sync-config.mjs +69 -0
  158. package/rules/common/agents.md +55 -0
  159. package/rules/common/code-review.md +129 -0
  160. package/rules/common/coding-style.md +95 -0
  161. package/rules/common/comments.md +139 -0
  162. package/rules/common/cx-agent-routing.md +61 -0
  163. package/rules/common/cx-skill-routing.md +11 -0
  164. package/rules/common/development-workflow.md +49 -0
  165. package/rules/common/git-workflow.md +29 -0
  166. package/rules/common/hooks.md +35 -0
  167. package/rules/common/patterns.md +36 -0
  168. package/rules/common/performance.md +71 -0
  169. package/rules/common/security.md +34 -0
  170. package/rules/common/testing.md +62 -0
  171. package/rules/golang/coding-style.md +37 -0
  172. package/rules/golang/hooks.md +22 -0
  173. package/rules/golang/patterns.md +50 -0
  174. package/rules/golang/security.md +39 -0
  175. package/rules/golang/testing.md +36 -0
  176. package/rules/python/coding-style.md +47 -0
  177. package/rules/python/hooks.md +24 -0
  178. package/rules/python/patterns.md +44 -0
  179. package/rules/python/security.md +35 -0
  180. package/rules/python/testing.md +43 -0
  181. package/rules/swift/coding-style.md +52 -0
  182. package/rules/swift/hooks.md +25 -0
  183. package/rules/swift/patterns.md +71 -0
  184. package/rules/swift/security.md +38 -0
  185. package/rules/swift/testing.md +50 -0
  186. package/rules/typescript/coding-style.md +204 -0
  187. package/rules/typescript/hooks.md +27 -0
  188. package/rules/typescript/patterns.md +57 -0
  189. package/rules/typescript/security.md +33 -0
  190. package/rules/typescript/testing.md +23 -0
  191. package/rules/web/coding-style.md +101 -0
  192. package/rules/web/design-quality.md +68 -0
  193. package/rules/web/hooks.md +125 -0
  194. package/rules/web/patterns.md +84 -0
  195. package/rules/web/performance.md +69 -0
  196. package/rules/web/security.md +62 -0
  197. package/rules/web/testing.md +60 -0
  198. package/rules/zh/README.md +113 -0
  199. package/rules/zh/agents.md +55 -0
  200. package/rules/zh/code-review.md +129 -0
  201. package/rules/zh/coding-style.md +53 -0
  202. package/rules/zh/development-workflow.md +49 -0
  203. package/rules/zh/git-workflow.md +29 -0
  204. package/rules/zh/hooks.md +35 -0
  205. package/rules/zh/patterns.md +36 -0
  206. package/rules/zh/performance.md +60 -0
  207. package/rules/zh/security.md +34 -0
  208. package/rules/zh/testing.md +34 -0
  209. package/skills/ai/agent-dev.md +102 -0
  210. package/skills/ai/llm-security.md +105 -0
  211. package/skills/ai/ml-ops.md +169 -0
  212. package/skills/ai/orchestration-workflow.md +87 -0
  213. package/skills/ai/prompt-and-eval.md +114 -0
  214. package/skills/ai/prompt-optimizer.md +114 -0
  215. package/skills/ai/rag-system.md +104 -0
  216. package/skills/architecture/api-design.md +100 -0
  217. package/skills/architecture/caching.md +101 -0
  218. package/skills/architecture/cloud-native.md +97 -0
  219. package/skills/architecture/message-queue.md +100 -0
  220. package/skills/architecture/security-arch.md +105 -0
  221. package/skills/development/cpp.md +127 -0
  222. package/skills/development/go.md +129 -0
  223. package/skills/development/java.md +134 -0
  224. package/skills/development/kotlin.md +140 -0
  225. package/skills/development/mobile-crossplatform.md +144 -0
  226. package/skills/development/python.md +109 -0
  227. package/skills/development/rust.md +127 -0
  228. package/skills/development/shell.md +127 -0
  229. package/skills/development/swift.md +129 -0
  230. package/skills/development/typescript.md +129 -0
  231. package/skills/devops/ci-cd.md +108 -0
  232. package/skills/devops/containerization.md +106 -0
  233. package/skills/devops/cost-optimization.md +105 -0
  234. package/skills/devops/data-engineering.md +181 -0
  235. package/skills/devops/database.md +95 -0
  236. package/skills/devops/dependency-management.md +91 -0
  237. package/skills/devops/devsecops.md +96 -0
  238. package/skills/devops/git-workflow.md +100 -0
  239. package/skills/devops/incident-response.md +167 -0
  240. package/skills/devops/monorepo.md +87 -0
  241. package/skills/devops/observability.md +103 -0
  242. package/skills/devops/performance.md +104 -0
  243. package/skills/devops/testing.md +104 -0
  244. package/skills/docs/adr-workflow.md +32 -0
  245. package/skills/docs/backlog-proposal-workflow.md +19 -0
  246. package/skills/docs/customer-profile-workflow.md +22 -0
  247. package/skills/docs/evidence-ingest-workflow.md +23 -0
  248. package/skills/docs/init-docs.md +160 -0
  249. package/skills/docs/init-project.md +50 -0
  250. package/skills/docs/prd-workflow.md +57 -0
  251. package/skills/docs/prfaq-workflow.md +25 -0
  252. package/skills/docs/product-intelligence-review.md +22 -0
  253. package/skills/docs/product-intelligence-workflow.md +62 -0
  254. package/skills/docs/product-signal-workflow.md +27 -0
  255. package/skills/docs/research-workflow.md +28 -0
  256. package/skills/docs/runbook-workflow.md +24 -0
  257. package/skills/exploration/repo-map.md +297 -0
  258. package/skills/frameworks/django.md +159 -0
  259. package/skills/frameworks/nextjs.md +148 -0
  260. package/skills/frameworks/react.md +132 -0
  261. package/skills/frameworks/spring-boot.md +165 -0
  262. package/skills/frontend-design/accessibility.md +153 -0
  263. package/skills/frontend-design/component-patterns.md +111 -0
  264. package/skills/frontend-design/engineering.md +122 -0
  265. package/skills/frontend-design/state-management.md +118 -0
  266. package/skills/frontend-design/ui-aesthetics.md +102 -0
  267. package/skills/frontend-design/ux-principles.md +126 -0
  268. package/skills/quality-gates/review-work.md +90 -0
  269. package/skills/quality-gates/verify-change.md +94 -0
  270. package/skills/quality-gates/verify-module.md +96 -0
  271. package/skills/quality-gates/verify-quality.md +93 -0
  272. package/skills/quality-gates/verify-security.md +95 -0
  273. package/skills/roles/architect.ai-systems.md +37 -0
  274. package/skills/roles/architect.data.md +37 -0
  275. package/skills/roles/architect.enterprise.md +37 -0
  276. package/skills/roles/architect.integration.md +37 -0
  277. package/skills/roles/architect.md +68 -0
  278. package/skills/roles/architect.platform.md +37 -0
  279. package/skills/roles/data-analyst.experiment.md +37 -0
  280. package/skills/roles/data-analyst.md +68 -0
  281. package/skills/roles/data-analyst.product-intelligence.md +37 -0
  282. package/skills/roles/data-analyst.product.md +37 -0
  283. package/skills/roles/data-analyst.telemetry.md +37 -0
  284. package/skills/roles/data-engineer.pipeline.md +37 -0
  285. package/skills/roles/data-engineer.vector-retrieval.md +37 -0
  286. package/skills/roles/data-engineer.warehouse.md +37 -0
  287. package/skills/roles/debugger.md +68 -0
  288. package/skills/roles/designer.accessibility.md +43 -0
  289. package/skills/roles/designer.md +68 -0
  290. package/skills/roles/engineer.ai.md +49 -0
  291. package/skills/roles/engineer.data.md +49 -0
  292. package/skills/roles/engineer.md +85 -0
  293. package/skills/roles/engineer.platform.md +49 -0
  294. package/skills/roles/operator.docs.md +43 -0
  295. package/skills/roles/operator.md +68 -0
  296. package/skills/roles/operator.release.md +43 -0
  297. package/skills/roles/operator.sre.md +43 -0
  298. package/skills/roles/orchestrator.md +66 -0
  299. package/skills/roles/product-manager.ai-product.md +37 -0
  300. package/skills/roles/product-manager.business-strategy.md +43 -0
  301. package/skills/roles/product-manager.enterprise.md +37 -0
  302. package/skills/roles/product-manager.growth.md +37 -0
  303. package/skills/roles/product-manager.md +67 -0
  304. package/skills/roles/product-manager.platform.md +37 -0
  305. package/skills/roles/product-manager.product.md +37 -0
  306. package/skills/roles/qa.ai-eval.md +37 -0
  307. package/skills/roles/qa.api-contract.md +37 -0
  308. package/skills/roles/qa.data-pipeline.md +37 -0
  309. package/skills/roles/qa.md +68 -0
  310. package/skills/roles/qa.test-automation.md +49 -0
  311. package/skills/roles/qa.web-ui.md +37 -0
  312. package/skills/roles/researcher.explorer.md +43 -0
  313. package/skills/roles/researcher.md +68 -0
  314. package/skills/roles/researcher.ux.md +43 -0
  315. package/skills/roles/reviewer.devil-advocate.md +43 -0
  316. package/skills/roles/reviewer.evaluator.md +43 -0
  317. package/skills/roles/reviewer.md +68 -0
  318. package/skills/roles/reviewer.trace.md +43 -0
  319. package/skills/roles/security.ai.md +37 -0
  320. package/skills/roles/security.appsec.md +37 -0
  321. package/skills/roles/security.cloud.md +37 -0
  322. package/skills/roles/security.legal-compliance.md +49 -0
  323. package/skills/roles/security.md +68 -0
  324. package/skills/roles/security.privacy.md +37 -0
  325. package/skills/roles/security.supply-chain.md +37 -0
  326. package/skills/routing.md +139 -0
  327. package/skills/security/blue-team.md +83 -0
  328. package/skills/security/code-audit.md +94 -0
  329. package/skills/security/pentest.md +84 -0
  330. package/skills/security/red-team.md +81 -0
  331. package/skills/security/threat-intel.md +89 -0
  332. package/skills/security/vuln-research.md +87 -0
  333. package/skills/utility/clean-code.md +165 -0
  334. package/sync-agents.mjs +899 -0
  335. package/templates/docs/adr.md +27 -0
  336. package/templates/docs/backlog-proposal.md +26 -0
  337. package/templates/docs/customer-profile.md +34 -0
  338. package/templates/docs/evidence-brief.md +37 -0
  339. package/templates/docs/incident-report.md +46 -0
  340. package/templates/docs/memo.md +27 -0
  341. package/templates/docs/meta-prd.md +56 -0
  342. package/templates/docs/one-pager.md +24 -0
  343. package/templates/docs/prd-business.md +61 -0
  344. package/templates/docs/prd-platform.md +62 -0
  345. package/templates/docs/prd.md +47 -0
  346. package/templates/docs/prfaq.md +31 -0
  347. package/templates/docs/product-intelligence-report.md +31 -0
  348. package/templates/docs/research-brief.md +29 -0
  349. package/templates/docs/rfc-platform.md +60 -0
  350. package/templates/docs/rfc.md +46 -0
  351. package/templates/docs/runbook.md +33 -0
  352. package/templates/docs/signal-brief.md +25 -0
@@ -0,0 +1,118 @@
1
+ <!--
2
+ skills/frontend-design/state-management.md — Frontend State Management — Use this skill when choosing state management tools, structuring application sta
3
+
4
+ Use this skill when choosing state management tools, structuring application state, or debugging state issues. ## State Categories
5
+ -->
6
+ # Frontend State Management
7
+
8
+ Use this skill when choosing state management tools, structuring application state, or debugging state issues.
9
+
10
+ ## State Categories
11
+
12
+ | Category | Examples | Recommended Approach |
13
+ |---|---|---|
14
+ | Server state | API data, cached queries | TanStack Query, SWR, tRPC |
15
+ | Client state | Theme, sidebar open, wizard step | Zustand, Jotai, signals, context |
16
+ | URL state | Filters, sort, page, active tab | Router / URL search params |
17
+ | Form state | Input values, validation, dirty | React Hook Form, Formik, native |
18
+ | Transient state | Hover, focus, animation progress | Component-local useState/ref |
19
+
20
+ - Do not duplicate server state into client stores
21
+ - Do not store derived values; compute them
22
+
23
+ ## Server State
24
+
25
+ ### Stale-While-Revalidate
26
+ - Return cached data immediately; refetch in the background
27
+ - Configurable stale time and cache time
28
+ - Background refetch on window focus, reconnect, and intervals
29
+ - Optimistic updates for responsive UI
30
+
31
+ ### Query Keys
32
+ - Structured keys that include all variables: `['users', { page, filter }]`
33
+ - Invalidate related queries after mutations
34
+ - Prefetch data for likely next actions (hover, pagination)
35
+
36
+ ### Error and Loading States
37
+ - Distinguish: idle, loading, error, success
38
+ - Show skeleton or placeholder during initial load
39
+ - Show stale data with background indicator during refetch
40
+ - Retry failed requests with exponential backoff
41
+
42
+ ## Client State
43
+
44
+ ### Zustand
45
+ - Small, focused stores per domain
46
+ - Actions colocated with state in the store
47
+ - Selectors for derived data and render optimization
48
+ - Middleware: persist, devtools, immer for immutable updates
49
+
50
+ ### Jotai / Signals
51
+ - Atomic state: each piece of state is an independent atom
52
+ - Derived atoms compute from other atoms
53
+ - Fine-grained reactivity: only re-renders components that use changed atoms
54
+ - Good for: settings, preferences, feature flags
55
+
56
+ ### Context
57
+ - Use for low-frequency updates: theme, locale, user identity
58
+ - Avoid for high-frequency updates (causes re-renders of entire subtree)
59
+ - Split contexts by concern; do not put everything in one provider
60
+ - Combine with `useMemo` to prevent unnecessary re-renders
61
+
62
+ ## URL State
63
+
64
+ ### What Belongs in the URL
65
+ - Filters, search query, sort order, pagination
66
+ - Active tab, selected item, modal open state
67
+ - Anything a user should be able to share or bookmark
68
+
69
+ ### Implementation
70
+ - Read from URL search params; write updates to the URL
71
+ - Treat the URL as the source of truth
72
+ - Validate URL params; fall back to defaults for invalid values
73
+ - Use `URLSearchParams` API or a routing library's hooks
74
+
75
+ ## Form State
76
+
77
+ ### Controlled vs Uncontrolled
78
+ - Controlled: React state drives the input value; use for complex validation
79
+ - Uncontrolled: DOM owns the value; access via ref on submit; simpler, faster
80
+ - Form libraries (React Hook Form) offer uncontrolled performance with controlled DX
81
+
82
+ ### Validation
83
+ - Client-side for immediate feedback; server-side for security
84
+ - Validate on blur for individual fields; on submit for the full form
85
+ - Zod or Yup for schema-based validation shared with backend
86
+ - Show errors inline, next to the field, in context
87
+
88
+ ## State Synchronization
89
+
90
+ ### Optimistic Updates
91
+ 1. Snapshot current state
92
+ 2. Apply the expected change immediately
93
+ 3. Send the mutation to the server
94
+ 4. On success: confirm or refetch
95
+ 5. On failure: rollback to snapshot and show error
96
+
97
+ ### Pessimistic Updates
98
+ 1. Send the mutation
99
+ 2. Show loading indicator
100
+ 3. Update UI with server response
101
+ - Use when: the operation is complex, the server may reject, or correctness is critical
102
+
103
+ ## Debugging State
104
+
105
+ - React DevTools for component state and context
106
+ - Zustand/Jotai devtools middleware
107
+ - TanStack Query DevTools for server state
108
+ - `console.trace` to find where state changes originate
109
+ - Time-travel debugging with Redux DevTools protocol
110
+
111
+ ## Anti-Patterns
112
+
113
+ - Global store for everything (mixing server, client, form, and URL state)
114
+ - Duplicating server data into client stores (stale data, sync bugs)
115
+ - Storing derived data instead of computing it
116
+ - Context for high-frequency state (causes unnecessary re-renders)
117
+ - Prop drilling through many levels instead of lifting state or using context
118
+ - Mutating state directly instead of creating new references
@@ -0,0 +1,102 @@
1
+ <!--
2
+ skills/frontend-design/ui-aesthetics.md — UI Aesthetics — Use this skill when making visual design decisions: color, typography, layout, s
3
+
4
+ Use this skill when making visual design decisions: color, typography, layout, spacing, and visual hierarchy. ## Color
5
+ -->
6
+ # UI Aesthetics
7
+
8
+ Use this skill when making visual design decisions: color, typography, layout, spacing, and visual hierarchy.
9
+
10
+ ## Color
11
+
12
+ ### System Design
13
+ - Define a palette with semantic roles: primary, secondary, surface, text, error, warning, success
14
+ - Use perceptually uniform color spaces (OKLCH, OKLAB) for consistent contrast and harmony
15
+ - 60-30-10 rule: dominant surface, secondary accent, tertiary highlight
16
+ - Ensure WCAG AA contrast ratios: 4.5:1 for normal text, 3:1 for large text
17
+
18
+ ### Application
19
+ - Color communicates hierarchy: brightest/most saturated draws attention first
20
+ - Limit palette to 3-5 hues; vary lightness and saturation for range
21
+ - Use opacity and surface layering to create depth
22
+ - Test both light and dark themes if both are supported; do not auto-invert
23
+ - Avoid pure black (#000) on white (#fff); reduce contrast slightly for comfort
24
+
25
+ ## Typography
26
+
27
+ ### Selection
28
+ - Maximum two typeface families per project
29
+ - Pair a serif and sans-serif, or two weights of one family
30
+ - Ensure readability at body size (16px minimum for body text)
31
+ - License fonts correctly; subset to used glyphs for performance
32
+
33
+ ### Scale
34
+ - Use a modular scale (1.25, 1.333, 1.5 ratio) for consistent sizing
35
+ - Fluid type with `clamp()`: `font-size: clamp(1rem, 0.9rem + 0.5vw, 1.25rem)`
36
+ - Limit to 5-6 distinct sizes
37
+ - Line height: 1.4-1.6 for body, 1.1-1.2 for headings
38
+ - Measure (line length): 45-75 characters for body text
39
+
40
+ ### Hierarchy
41
+ - Size contrast between heading levels: at least 1.25x step
42
+ - Weight contrast: regular body, semibold subheads, bold headlines
43
+ - Use case, spacing, and color as secondary hierarchy signals
44
+ - Avoid all-caps for more than short labels
45
+
46
+ ## Spacing
47
+
48
+ ### System
49
+ - Define a spacing scale: 4, 8, 12, 16, 24, 32, 48, 64, 96 (or similar)
50
+ - Use consistent spacing tokens throughout
51
+ - Larger spacing between unrelated groups; tighter within related items
52
+ - White space is a design element, not wasted space
53
+
54
+ ### Rhythm
55
+ - Vertical rhythm: consistent baseline grid for text and components
56
+ - Horizontal rhythm: align to a column grid (8, 12, or 16 columns)
57
+ - Irregular spacing breaks rhythm intentionally for emphasis
58
+
59
+ ## Layout
60
+
61
+ ### Hierarchy
62
+ - Visual weight: size, color, contrast, whitespace, and position create hierarchy
63
+ - Most important element is largest, highest contrast, or most isolated
64
+ - Progressive disclosure: show overview first, detail on demand
65
+ - F-pattern or Z-pattern for content scanning
66
+
67
+ ### Grid
68
+ - CSS Grid for two-dimensional layouts
69
+ - Flexbox for one-dimensional alignment
70
+ - Break the grid intentionally for editorial emphasis
71
+ - Responsive: define breakpoints by content, not by device
72
+
73
+ ### Composition
74
+ - Bento layouts for dashboard-style content
75
+ - Asymmetric layouts for editorial content
76
+ - Card-based layouts for scannable collections
77
+ - Full-bleed sections for immersive moments
78
+
79
+ ## Depth and Surface
80
+
81
+ - Layer surfaces with elevation: background < card < modal < toast
82
+ - Shadows should be soft, directional, and consistent with a single light source
83
+ - Blur and transparency for glassmorphic surfaces (use sparingly)
84
+ - Border and divider lines: thin (1px), low contrast, used to separate not decorate
85
+
86
+ ## Motion
87
+
88
+ - Motion clarifies transitions and relationships
89
+ - Duration: 150ms for micro-interactions, 300ms for transitions, 500ms+ for choreographed sequences
90
+ - Easing: ease-out for entrances, ease-in for exits, ease-in-out for state changes
91
+ - Animate compositor-friendly properties: transform, opacity, clip-path
92
+ - Respect `prefers-reduced-motion`
93
+
94
+ ## Quality Checklist
95
+
96
+ - [ ] Clear visual hierarchy: can you identify primary, secondary, and tertiary elements?
97
+ - [ ] Consistent spacing rhythm throughout
98
+ - [ ] Color palette is cohesive with semantic meaning
99
+ - [ ] Typography pairing is intentional and readable
100
+ - [ ] Depth and surface use supports hierarchy
101
+ - [ ] No orphaned or floating elements without visual anchoring
102
+ - [ ] Design looks intentional, not templated
@@ -0,0 +1,126 @@
1
+ <!--
2
+ skills/frontend-design/ux-principles.md — UX Principles — Use this skill when designing user flows, evaluating usability, or planning info
3
+
4
+ Use this skill when designing user flows, evaluating usability, or planning information architecture. ## Core Heuristics
5
+ -->
6
+ # UX Principles
7
+
8
+ Use this skill when designing user flows, evaluating usability, or planning information architecture.
9
+
10
+ ## Core Heuristics
11
+
12
+ ### Visibility of System Status
13
+ - Users should always know what is happening
14
+ - Loading states, progress indicators, success/error feedback
15
+ - Show the current state of interactive elements (selected, disabled, active)
16
+
17
+ ### Match Between System and Real World
18
+ - Use language and concepts familiar to the user
19
+ - Follow real-world conventions for order and grouping
20
+ - Icons and metaphors should be universally understood or labeled
21
+
22
+ ### User Control and Freedom
23
+ - Undo and redo for destructive actions
24
+ - Clear exit points from flows and modals
25
+ - Back navigation that preserves state
26
+ - Confirmation for irreversible actions; skip confirmation for reversible ones
27
+
28
+ ### Consistency and Standards
29
+ - Same action, same result, every time
30
+ - Follow platform conventions (native app vs web vs mobile)
31
+ - Internal consistency: identical patterns across your own product
32
+
33
+ ### Error Prevention
34
+ - Constraints: disable invalid actions, limit input ranges
35
+ - Defaults: prefill with safe, common values
36
+ - Confirmation: warn before destructive actions
37
+ - Inline validation: immediate feedback on input errors
38
+
39
+ ### Recognition Over Recall
40
+ - Visible options and actions; do not require memorization
41
+ - Recently used items, search suggestions, autocomplete
42
+ - Breadcrumbs and navigation landmarks
43
+
44
+ ### Flexibility and Efficiency
45
+ - Keyboard shortcuts for power users
46
+ - Customizable workflows where users have varying needs
47
+ - Progressive disclosure: simple by default, advanced on demand
48
+
49
+ ### Aesthetic and Minimalist Design
50
+ - Remove elements that do not serve the user's task
51
+ - Information hierarchy: most important content first
52
+ - White space directs attention; clutter diffuses it
53
+
54
+ ### Help Users Recognize and Recover from Errors
55
+ - Error messages in plain language, not codes
56
+ - Identify what went wrong and suggest next steps
57
+ - Preserve user input after errors; do not clear the form
58
+
59
+ ### Help and Documentation
60
+ - Contextual help at the point of need
61
+ - Searchable documentation
62
+ - Onboarding for first-time users; dismissable for returning users
63
+
64
+ ## Information Architecture
65
+
66
+ ### Organization
67
+ - Group related items; separate unrelated items
68
+ - Use familiar categories and labels
69
+ - Card sorting (open and closed) to validate groupings
70
+ - Tree testing to validate navigation structure
71
+
72
+ ### Navigation
73
+ - Primary navigation: 5-7 top-level items maximum
74
+ - Breadcrumbs for hierarchical content
75
+ - Search for content-heavy applications
76
+ - Consistent navigation across all pages
77
+
78
+ ### Labeling
79
+ - Action labels describe the outcome: "Save Changes" not "Submit"
80
+ - Navigation labels match page titles
81
+ - Avoid jargon; test labels with real users
82
+
83
+ ## User Flows
84
+
85
+ ### Flow Design
86
+ - Map the happy path first, then error and edge cases
87
+ - Minimize steps to complete the primary task
88
+ - Show progress in multi-step flows
89
+ - Allow saving and resuming long flows
90
+ - Exit points should not lose work
91
+
92
+ ### Forms
93
+ - One column layout for most forms
94
+ - Group related fields with visual separation
95
+ - Label above input for scannability
96
+ - Required vs optional clearly marked
97
+ - Inline validation on blur, not on every keystroke
98
+ - Smart defaults reduce input effort
99
+
100
+ ## Responsive Design
101
+
102
+ - Content-first: design for the content, then adapt to viewports
103
+ - Mobile-first: start with the smallest viewport, enhance upward
104
+ - Touch targets: minimum 44x44px on mobile
105
+ - Thumb zone: primary actions within easy reach on mobile
106
+ - Test at real breakpoints: 320, 375, 768, 1024, 1440
107
+
108
+ ## Accessibility as UX
109
+
110
+ - Keyboard navigation for all interactive elements
111
+ - Focus indicators that are visible and intentional
112
+ - Color is never the only way to convey information
113
+ - Text alternatives for non-text content
114
+ - Reduced motion mode respected
115
+ - Screen reader testing with VoiceOver and NVDA
116
+
117
+ ## Research Methods
118
+
119
+ | Method | When |
120
+ |---|---|
121
+ | User interviews | Understanding needs and context |
122
+ | Usability testing | Validating a design with real users |
123
+ | A/B testing | Choosing between design variants with data |
124
+ | Analytics | Understanding actual usage patterns |
125
+ | Card sorting | Organizing content and navigation |
126
+ | Heuristic evaluation | Expert review against known principles |
@@ -0,0 +1,90 @@
1
+ <!--
2
+ skills/quality-gates/review-work.md — Parallel Adversarial Review — Use this methodology when a change needs rigorous pre-merge validation. Five ind
3
+
4
+ Use this methodology when a change needs rigorous pre-merge validation. Five independent review roles run concurrently. All must pass. ## When to use
5
+ -->
6
+ # Parallel Adversarial Review
7
+
8
+ Use this methodology when a change needs rigorous pre-merge validation. Five independent review roles run concurrently. All must pass.
9
+
10
+ ## When to use
11
+
12
+ - Changes to auth, payments, or security-sensitive paths
13
+ - New public APIs or external integrations
14
+ - Architecture changes touching multiple modules
15
+ - Any change requested via `/work:parallel-review`
16
+ - When the `cx-reviewer` determines a change warrants deeper scrutiny
17
+
18
+ ## The 5 Review Roles
19
+
20
+ ### 1. Correctness (cx-reviewer)
21
+ - Does the code do what it claims?
22
+ - Are there logic bugs, off-by-ones, or incorrect control flow?
23
+ - Does it handle nil/null/empty/zero correctly?
24
+ - Are error paths exercised?
25
+
26
+ ### 2. Security (cx-security)
27
+ - Injection risks (SQL, command, LDAP, XPath)
28
+ - Authentication and authorization gaps
29
+ - Sensitive data in logs, responses, or error messages
30
+ - Unvalidated external input
31
+ - Secret exposure (hardcoded keys, environment leakage)
32
+ - SSRF, path traversal, CSRF
33
+
34
+ ### 3. Test Coverage (cx-qa)
35
+ - What behaviors have no test coverage?
36
+ - Which edge cases are untested?
37
+ - Are tests verifying behavior or just implementation?
38
+ - Would these tests catch a regression if the implementation changed?
39
+
40
+ ### 4. Assumptions (cx-devil-advocate)
41
+ - What are we assuming that could be wrong?
42
+ - What happens at scale or under load?
43
+ - What external dependencies could fail?
44
+ - What invariants does this break?
45
+ - What's the blast radius if this is wrong?
46
+
47
+ ### 5. Quality (cx-accessibility for UI; cx-trace-reviewer for non-UI)
48
+
49
+ **UI changes — cx-accessibility:**
50
+ - Keyboard navigation
51
+ - Screen reader compatibility
52
+ - Color contrast and focus visibility
53
+ - Reduced motion support
54
+
55
+ **Non-UI changes — cx-trace-reviewer:**
56
+ - N+1 queries or unbounded loops
57
+ - Memory or connection leaks
58
+ - Missing caching for expensive operations
59
+ - Latency impact on hot paths
60
+
61
+ ## Merge Gate Rules
62
+
63
+ | Severity | Action |
64
+ |---|---|
65
+ | CRITICAL | Block. Fix before proceeding. |
66
+ | HIGH | Block. Fix before proceeding. |
67
+ | MEDIUM | Acknowledge. Document why it's acceptable or fix it. |
68
+ | LOW | Informational. No action required. |
69
+
70
+ ## Output Format
71
+
72
+ ```
73
+ [CORRECTNESS] PASS | FAIL
74
+ - [HIGH] description of finding
75
+
76
+ [SECURITY] PASS | FAIL
77
+ - [CRITICAL] description of finding
78
+
79
+ [COVERAGE] PASS | FAIL
80
+ - [MEDIUM] description of finding
81
+
82
+ [ASSUMPTIONS] PASS | FAIL
83
+ - [LOW] description of finding
84
+
85
+ [ACCESSIBILITY|PERFORMANCE] PASS | FAIL
86
+ - [MEDIUM] description of finding
87
+
88
+ VERDICT: MERGE READY | BLOCKED
89
+ Blocking findings: (list if BLOCKED)
90
+ ```
@@ -0,0 +1,94 @@
1
+ <!--
2
+ skills/quality-gates/verify-change.md — Verify Change — Use this skill to analyze the impact of code changes and verify documentation an
3
+
4
+ Use this skill to analyze the impact of code changes and verify documentation and tests are in sync. ## Change Inventory
5
+ -->
6
+ # Verify Change
7
+
8
+ Use this skill to analyze the impact of code changes and verify documentation and tests are in sync.
9
+
10
+ ## Change Inventory
11
+
12
+ 1. List all files modified, added, or deleted
13
+ 2. Categorize each change: feature, fix, refactor, config, test, docs
14
+ 3. Identify the blast radius: what modules, APIs, or surfaces are affected
15
+
16
+ ## Breaking Change Detection
17
+
18
+ - [ ] Public API signatures unchanged or versioned
19
+ - [ ] Database schema changes have a migration
20
+ - [ ] Configuration keys unchanged or explicitly migrated
21
+ - [ ] Environment variables documented if added or renamed
22
+ - [ ] Event/message contracts unchanged or versioned
23
+ - [ ] CLI flags and arguments preserved or deprecated gracefully
24
+
25
+ **Severity**: Silent breaking change = Critical. Undocumented migration = High.
26
+
27
+ ## Dependency Impact
28
+
29
+ - [ ] No circular dependency introduced
30
+ - [ ] Import graph depth not significantly increased
31
+ - [ ] Shared utilities not modified in ways that affect other consumers
32
+ - [ ] New dependencies justified and audited
33
+ - [ ] Lock file updated consistently with manifest
34
+
35
+ **Severity**: Circular dependency = High. Unjustified new dependency = Medium.
36
+
37
+ ## Test Sync
38
+
39
+ - [ ] New code paths have corresponding tests
40
+ - [ ] Modified code paths have updated tests
41
+ - [ ] Deleted code has corresponding test removal
42
+ - [ ] No tests reference removed or renamed identifiers
43
+ - [ ] Edge cases from the change are covered
44
+ - [ ] Test coverage did not decrease
45
+
46
+ **Severity**: New path without test = High. Stale test = Medium.
47
+
48
+ ## Documentation Sync
49
+
50
+ - [ ] README updated if public interface changed
51
+ - [ ] API documentation reflects new or modified endpoints
52
+ - [ ] Inline comments updated if behavior changed
53
+ - [ ] Migration guides written for breaking changes
54
+ - [ ] Core docs updated for user-visible or architectural changes (`.cx/context.*`, `.cx/workflow.json`, `docs/README.md`, `docs/architecture.md`)
55
+ - [ ] Architecture decision records created for significant shifts
56
+
57
+ **Severity**: Stale API docs = High. Missing core-doc update for project reality changes = High. Stale comment = Low.
58
+
59
+ ## Configuration Sync
60
+
61
+ - [ ] Environment variable additions documented
62
+ - [ ] Default values are safe for all environments
63
+ - [ ] Feature flags added for risky changes
64
+ - [ ] CI/CD pipeline updated if build steps changed
65
+
66
+ **Severity**: Missing env var docs = High. Unsafe default = High.
67
+
68
+ ## Rollback Safety
69
+
70
+ - [ ] Database migrations are reversible
71
+ - [ ] Feature flags allow disabling the change in production
72
+ - [ ] No destructive data operations without confirmation
73
+ - [ ] Deployment can be rolled back without data loss
74
+
75
+ **Severity**: Irreversible migration = Critical. No rollback path = High.
76
+
77
+ ## Review Checklist
78
+
79
+ Before approving the change:
80
+
81
+ 1. Run `git diff` against the base branch to see the full scope
82
+ 2. Verify each category above
83
+ 3. Flag any item that is not addressed
84
+ 4. Confirm all CI checks pass
85
+ 5. Verify the change works in a representative environment
86
+
87
+ ## Severity Reference
88
+
89
+ | Level | Meaning | Action |
90
+ |---|---|---|
91
+ | Critical | Breaking change or data risk | Must fix before merge |
92
+ | High | Missing coverage or stale docs | Should fix before merge |
93
+ | Medium | Minor drift or gap | Fix when practical |
94
+ | Low | Suggestion | Optional |
@@ -0,0 +1,96 @@
1
+ <!--
2
+ skills/quality-gates/verify-module.md — Verify Module — Use this skill to check that a module or package is structurally complete and re
3
+
4
+ Use this skill to check that a module or package is structurally complete and ready for use. ## Exports
5
+ -->
6
+ # Verify Module
7
+
8
+ Use this skill to check that a module or package is structurally complete and ready for use.
9
+
10
+ ## Exports
11
+
12
+ - [ ] Public API is explicitly exported (barrel file, `__init__.py`, `mod.rs`, etc.)
13
+ - [ ] Internal helpers are not exposed in the public surface
14
+ - [ ] Export names are stable and follow project naming conventions
15
+ - [ ] Re-exports are intentional, not accidental leaks
16
+
17
+ **Severity**: Accidental internal export = High. Missing public export = High.
18
+
19
+ ## Types
20
+
21
+ - [ ] All public functions have typed parameters and return values
22
+ - [ ] Shared data structures have explicit type definitions
23
+ - [ ] No use of `any` or equivalent without documented justification
24
+ - [ ] Nullable fields are explicitly marked and handled
25
+ - [ ] Generic types are constrained appropriately
26
+
27
+ **Severity**: Untyped public API = High. Unconstrained generic = Medium.
28
+
29
+ ## Tests
30
+
31
+ - [ ] Unit tests exist for all public functions
32
+ - [ ] Edge cases covered: empty input, null, boundary values, error paths
33
+ - [ ] Tests are colocated or clearly mapped to the module
34
+ - [ ] Test file naming follows project convention
35
+ - [ ] Coverage meets minimum threshold (80%)
36
+ - [ ] Tests run independently without shared mutable state
37
+
38
+ **Severity**: No tests for public function = High. Below coverage = Medium.
39
+
40
+ ## Error Handling
41
+
42
+ - [ ] All error conditions documented or typed (error types, result types)
43
+ - [ ] Errors include enough context for callers to act
44
+ - [ ] No panics or unhandled exceptions in library code
45
+ - [ ] Async errors propagated correctly
46
+ - [ ] Resource cleanup handled in all exit paths
47
+
48
+ **Severity**: Unhandled panic in library = Critical. Missing error context = Medium.
49
+
50
+ ## Documentation
51
+
52
+ - [ ] README exists with: purpose, installation, usage example, API summary
53
+ - [ ] Public functions have doc comments explaining behavior, not implementation
54
+ - [ ] Parameters and return values described
55
+ - [ ] Side effects documented
56
+ - [ ] Examples are runnable and correct
57
+
58
+ **Severity**: No README = Medium. No doc comments on public API = Medium.
59
+
60
+ ## Dependencies
61
+
62
+ - [ ] Only necessary dependencies imported
63
+ - [ ] No circular dependencies with sibling modules
64
+ - [ ] External dependencies pinned to compatible ranges
65
+ - [ ] No vendored code without justification
66
+
67
+ **Severity**: Circular dependency = High. Unnecessary dependency = Low.
68
+
69
+ ## Structure
70
+
71
+ - [ ] Single responsibility: module does one coherent thing
72
+ - [ ] Files within the module are organized by concern
73
+ - [ ] No file exceeds 800 lines
74
+ - [ ] Entry point is obvious (index, main, mod, __init__)
75
+ - [ ] Internal structure matches project conventions
76
+
77
+ **Severity**: Mixed responsibilities = High. Oversized file = Medium.
78
+
79
+ ## Configuration
80
+
81
+ - [ ] Configurable values externalized (not hardcoded)
82
+ - [ ] Defaults are safe and documented
83
+ - [ ] Required configuration fails fast with clear error on missing values
84
+
85
+ **Severity**: Hardcoded config = Medium. Silent missing config = High.
86
+
87
+ ## Completeness Checklist
88
+
89
+ A module is ready when all of these are true:
90
+
91
+ 1. Public API is typed, exported, and documented
92
+ 2. Tests exist and pass with adequate coverage
93
+ 3. Errors are handled and propagated correctly
94
+ 4. Dependencies are minimal and justified
95
+ 5. Structure follows project conventions
96
+ 6. README provides enough context to use the module without reading source