npm - @heyai-rules/pilo-masterkit - Versions diffs - 1.2.2 → 2.2.0 - Mend

@heyai-rules/pilo-masterkit 1.2.2 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (709) hide show

package/.agent/agents/PILO_MASTER.md +77 -77
package/.agent/agents/backend-specialist.md +263 -263
package/.agent/agents/code-archaeologist.md +106 -106
package/.agent/agents/csharp-reviewer.md +101 -0
package/.agent/agents/dart-build-resolver.md +201 -0
package/.agent/agents/database-architect.md +226 -226
package/.agent/agents/debugger.md +225 -225
package/.agent/agents/devops-engineer.md +242 -242
package/.agent/agents/documentation-writer.md +104 -104
package/.agent/agents/explorer-agent.md +73 -73
package/.agent/agents/frontend-specialist.md +593 -593
package/.agent/agents/game-developer.md +162 -162
package/.agent/agents/gan-evaluator.md +209 -0
package/.agent/agents/gan-generator.md +131 -0
package/.agent/agents/gan-planner.md +99 -0
package/.agent/agents/healthcare-reviewer.md +83 -0
package/.agent/agents/mobile-developer.md +377 -377
package/.agent/agents/opensource-forker.md +198 -0
package/.agent/agents/opensource-packager.md +249 -0
package/.agent/agents/opensource-sanitizer.md +188 -0
package/.agent/agents/orchestrator.md +416 -416
package/.agent/agents/penetration-tester.md +188 -188
package/.agent/agents/performance-optimizer.md +446 -187
package/.agent/agents/personas/athena-agent/agent.json +10 -0
package/.agent/agents/personas/athena-agent/athena-backend-logic-architecture-profile.md +189 -0
package/.agent/agents/personas/athena-agent/context-files/agents.md +55 -0
package/.agent/agents/personas/athena-agent/context-files/identity.md +23 -0
package/.agent/agents/personas/athena-agent/context-files/soul.md +51 -0
package/.agent/agents/personas/athena-agent/context-files/user-predefined.md +15 -0
package/.agent/agents/personas/athena-agent/user-context-files/system/bootstrap.md +37 -0
package/.agent/agents/personas/athena-agent/user-context-files/system/user.md +45 -0
package/.agent/agents/personas/da-vinci-agent/agent.json +10 -0
package/.agent/agents/personas/da-vinci-agent/context-files/agents.md +55 -0
package/.agent/agents/personas/da-vinci-agent/context-files/identity.md +23 -0
package/.agent/agents/personas/da-vinci-agent/context-files/soul.md +51 -0
package/.agent/agents/personas/da-vinci-agent/context-files/user-predefined.md +15 -0
package/.agent/agents/personas/da-vinci-agent/da-vinci-frontend-ui-ux-design-profile.md +189 -0
package/.agent/agents/personas/da-vinci-agent/user-context-files/system/bootstrap.md +37 -0
package/.agent/agents/personas/da-vinci-agent/user-context-files/system/user.md +45 -0
package/.agent/agents/personas/duong-tang-agent/agent.json +10 -0
package/.agent/agents/personas/duong-tang-agent/context-files/agents.md +55 -0
package/.agent/agents/personas/duong-tang-agent/context-files/identity.md +23 -0
package/.agent/agents/personas/duong-tang-agent/context-files/soul.md +51 -0
package/.agent/agents/personas/duong-tang-agent/context-files/user-predefined.md +15 -0
package/.agent/agents/personas/duong-tang-agent/tang-monk-quality-testing-documentation-profile.md +189 -0
package/.agent/agents/personas/duong-tang-agent/user-context-files/system/bootstrap.md +37 -0
package/.agent/agents/personas/duong-tang-agent/user-context-files/system/user.md +45 -0
package/.agent/agents/personas/gia-cat-luong-agent/agent.json +10 -0
package/.agent/agents/personas/gia-cat-luong-agent/context-files/agents.md +55 -0
package/.agent/agents/personas/gia-cat-luong-agent/context-files/identity.md +23 -0
package/.agent/agents/personas/gia-cat-luong-agent/context-files/soul.md +51 -0
package/.agent/agents/personas/gia-cat-luong-agent/context-files/user-predefined.md +15 -0
package/.agent/agents/personas/gia-cat-luong-agent/kongming-research-strategy-analysis-profile.md +189 -0
package/.agent/agents/personas/gia-cat-luong-agent/user-context-files/system/bootstrap.md +37 -0
package/.agent/agents/personas/gia-cat-luong-agent/user-context-files/system/user.md +45 -0
package/.agent/agents/personas/mihata-agent/agent.json +10 -0
package/.agent/agents/personas/mihata-agent/context-files/agents.md +55 -0
package/.agent/agents/personas/mihata-agent/context-files/identity.md +23 -0
package/.agent/agents/personas/mihata-agent/context-files/soul.md +51 -0
package/.agent/agents/personas/mihata-agent/context-files/user-predefined.md +15 -0
package/.agent/agents/personas/mihata-agent/mihata-multi-agent-orchestration-profile.md +189 -0
package/.agent/agents/personas/mihata-agent/user-context-files/system/bootstrap.md +37 -0
package/.agent/agents/personas/mihata-agent/user-context-files/system/user.md +45 -0
package/.agent/agents/personas/tesla-agent/agent.json +10 -0
package/.agent/agents/personas/tesla-agent/context-files/agents.md +55 -0
package/.agent/agents/personas/tesla-agent/context-files/identity.md +23 -0
package/.agent/agents/personas/tesla-agent/context-files/soul.md +51 -0
package/.agent/agents/personas/tesla-agent/context-files/user-predefined.md +15 -0
package/.agent/agents/personas/tesla-agent/tesla-fullstack-system-optimization-profile.md +189 -0
package/.agent/agents/personas/tesla-agent/user-context-files/system/bootstrap.md +37 -0
package/.agent/agents/personas/tesla-agent/user-context-files/system/user.md +45 -0
package/.agent/agents/personas/tu-ma-y-agent/agent.json +10 -0
package/.agent/agents/personas/tu-ma-y-agent/context-files/agents.md +55 -0
package/.agent/agents/personas/tu-ma-y-agent/context-files/identity.md +23 -0
package/.agent/agents/personas/tu-ma-y-agent/context-files/soul.md +51 -0
package/.agent/agents/personas/tu-ma-y-agent/context-files/user-predefined.md +15 -0
package/.agent/agents/personas/tu-ma-y-agent/simayi-feasibility-risk-control-profile.md +189 -0
package/.agent/agents/personas/tu-ma-y-agent/user-context-files/system/bootstrap.md +37 -0
package/.agent/agents/personas/tu-ma-y-agent/user-context-files/system/user.md +45 -0
package/.agent/agents/personas/venti-agent/agent.json +10 -0
package/.agent/agents/personas/venti-agent/context-files/agents.md +55 -0
package/.agent/agents/personas/venti-agent/context-files/identity.md +23 -0
package/.agent/agents/personas/venti-agent/context-files/soul.md +51 -0
package/.agent/agents/personas/venti-agent/context-files/user-predefined.md +15 -0
package/.agent/agents/personas/venti-agent/user-context-files/system/bootstrap.md +37 -0
package/.agent/agents/personas/venti-agent/user-context-files/system/user.md +45 -0
package/.agent/agents/personas/venti-agent/venti-learning-communication-mentoring-profile.md +189 -0
package/.agent/agents/product-manager.md +112 -112
package/.agent/agents/product-owner.md +95 -95
package/.agent/agents/project-planner.md +406 -406
package/.agent/agents/qa-automation-engineer.md +103 -103
package/.agent/agents/security-auditor.md +170 -170
package/.agent/agents/seo-specialist.md +111 -111
package/.agent/agents/test-engineer.md +158 -158
package/.agent/contexts/dev.md +20 -0
package/.agent/contexts/research.md +26 -0
package/.agent/contexts/review.md +22 -0
package/.agent/hooks/hooks.json +395 -0
package/.agent/hooks/readme.md +222 -0
package/.agent/mcp-configs/mcp-servers.json +181 -0
package/.agent/rules/ARCHITECTURAL_BLUEPRINTS.md +62 -62
package/.agent/rules/CODE_CRAFTSMANSHIP.md +69 -69
package/.agent/rules/CORE_RULES.md +72 -72
package/.agent/rules/PROJECT_MAP.md +58 -58
package/.agent/rules/QUALITY_ASSURANCE.md +54 -54
package/.agent/rules/SECURITY_ARMOR.md +44 -44
package/.agent/rules/VERSION_ORCHESTRATION.md +64 -64
package/.agent/rules/WORKFLOW_ORCHESTRATION.md +55 -55
package/.agent/rules/common/agents.md +50 -0
package/.agent/rules/common/code-review.md +124 -0
package/.agent/rules/common/coding-style.md +48 -0
package/.agent/rules/common/development-workflow.md +44 -0
package/.agent/rules/common/git-workflow.md +24 -0
package/.agent/rules/common/hooks.md +30 -0
package/.agent/rules/common/patterns.md +31 -0
package/.agent/rules/common/performance.md +55 -0
package/.agent/rules/common/security.md +29 -0
package/.agent/rules/common/testing.md +29 -0
package/.agent/rules/cpp/coding-style.md +44 -0
package/.agent/rules/cpp/hooks.md +39 -0
package/.agent/rules/cpp/patterns.md +51 -0
package/.agent/rules/cpp/security.md +51 -0
package/.agent/rules/cpp/testing.md +44 -0
package/.agent/rules/csharp/coding-style.md +72 -0
package/.agent/rules/csharp/hooks.md +25 -0
package/.agent/rules/csharp/patterns.md +50 -0
package/.agent/rules/csharp/security.md +58 -0
package/.agent/rules/csharp/testing.md +46 -0
package/.agent/rules/dart/coding-style.md +159 -0
package/.agent/rules/dart/hooks.md +66 -0
package/.agent/rules/dart/patterns.md +261 -0
package/.agent/rules/dart/security.md +135 -0
package/.agent/rules/dart/testing.md +215 -0
package/.agent/rules/golang/coding-style.md +32 -0
package/.agent/rules/golang/hooks.md +17 -0
package/.agent/rules/golang/patterns.md +45 -0
package/.agent/rules/golang/security.md +34 -0
package/.agent/rules/golang/testing.md +31 -0
package/.agent/rules/java/coding-style.md +114 -0
package/.agent/rules/java/hooks.md +18 -0
package/.agent/rules/java/patterns.md +146 -0
package/.agent/rules/java/security.md +100 -0
package/.agent/rules/java/testing.md +131 -0
package/.agent/rules/kotlin/coding-style.md +86 -0
package/.agent/rules/kotlin/hooks.md +17 -0
package/.agent/rules/kotlin/patterns.md +146 -0
package/.agent/rules/kotlin/security.md +82 -0
package/.agent/rules/kotlin/testing.md +128 -0
package/.agent/rules/perl/coding-style.md +46 -0
package/.agent/rules/perl/hooks.md +22 -0
package/.agent/rules/perl/patterns.md +76 -0
package/.agent/rules/perl/security.md +69 -0
package/.agent/rules/perl/testing.md +54 -0
package/.agent/rules/php/coding-style.md +40 -0
package/.agent/rules/php/hooks.md +24 -0
package/.agent/rules/php/patterns.md +33 -0
package/.agent/rules/php/security.md +37 -0
package/.agent/rules/php/testing.md +39 -0
package/.agent/rules/python/coding-style.md +42 -0
package/.agent/rules/python/hooks.md +19 -0
package/.agent/rules/python/patterns.md +39 -0
package/.agent/rules/python/security.md +30 -0
package/.agent/rules/python/testing.md +38 -0
package/.agent/rules/readme.md +111 -0
package/.agent/rules/rust/coding-style.md +151 -0
package/.agent/rules/rust/hooks.md +16 -0
package/.agent/rules/rust/patterns.md +168 -0
package/.agent/rules/rust/security.md +141 -0
package/.agent/rules/rust/testing.md +154 -0
package/.agent/rules/swift/coding-style.md +47 -0
package/.agent/rules/swift/hooks.md +20 -0
package/.agent/rules/swift/patterns.md +66 -0
package/.agent/rules/swift/security.md +33 -0
package/.agent/rules/swift/testing.md +45 -0
package/.agent/rules/typescript/coding-style.md +199 -0
package/.agent/rules/typescript/hooks.md +22 -0
package/.agent/rules/typescript/patterns.md +52 -0
package/.agent/rules/typescript/security.md +28 -0
package/.agent/rules/typescript/testing.md +18 -0
package/.agent/rules/web/coding-style.md +96 -0
package/.agent/rules/web/design-quality.md +63 -0
package/.agent/rules/web/hooks.md +120 -0
package/.agent/rules/web/patterns.md +79 -0
package/.agent/rules/web/performance.md +64 -0
package/.agent/rules/web/security.md +57 -0
package/.agent/rules/web/testing.md +55 -0
package/.agent/rules/zh/agents.md +50 -0
package/.agent/rules/zh/code-review.md +124 -0
package/.agent/rules/zh/coding-style.md +48 -0
package/.agent/rules/zh/development-workflow.md +44 -0
package/.agent/rules/zh/git-workflow.md +24 -0
package/.agent/rules/zh/hooks.md +30 -0
package/.agent/rules/zh/patterns.md +31 -0
package/.agent/rules/zh/performance.md +55 -0
package/.agent/rules/zh/readme.md +108 -0
package/.agent/rules/zh/security.md +29 -0
package/.agent/rules/zh/testing.md +29 -0
package/.agent/scripts/auto_preview.py +148 -148
package/.agent/scripts/checklist.py +217 -217
package/.agent/scripts/session_manager.py +120 -120
package/.agent/scripts/verify_all.py +327 -327
package/.agent/skills/agent-eval/SKILL.md +145 -0
package/.agent/skills/agent-harness-construction/SKILL.md +73 -0
package/.agent/skills/agent-payment-x402/SKILL.md +178 -0
package/.agent/skills/agentic-engineering/SKILL.md +63 -0
package/.agent/skills/ai-first-engineering/SKILL.md +51 -0
package/.agent/skills/ai-regression-testing/SKILL.md +385 -0
package/.agent/skills/android-clean-architecture/SKILL.md +339 -0
package/.agent/skills/api-design/SKILL.md +523 -0
package/.agent/skills/api-patterns/SKILL.md +81 -81
package/.agent/skills/api-patterns/api-style.md +42 -42
package/.agent/skills/api-patterns/auth.md +24 -24
package/.agent/skills/api-patterns/documentation.md +26 -26
package/.agent/skills/api-patterns/graphql.md +41 -41
package/.agent/skills/api-patterns/rate-limiting.md +31 -31
package/.agent/skills/api-patterns/response.md +37 -37
package/.agent/skills/api-patterns/rest.md +40 -40
package/.agent/skills/api-patterns/scripts/api_validator.py +211 -211
package/.agent/skills/api-patterns/security-testing.md +122 -122
package/.agent/skills/api-patterns/trpc.md +41 -41
package/.agent/skills/api-patterns/versioning.md +22 -22
package/.agent/skills/app-builder/SKILL.md +75 -75
package/.agent/skills/app-builder/agent-coordination.md +71 -71
package/.agent/skills/app-builder/feature-building.md +53 -53
package/.agent/skills/app-builder/project-detection.md +34 -34
package/.agent/skills/app-builder/scaffolding.md +118 -118
package/.agent/skills/app-builder/tech-stack.md +41 -41
package/.agent/skills/app-builder/templates/SKILL.md +39 -39
package/.agent/skills/app-builder/templates/astro-static/TEMPLATE.md +76 -76
package/.agent/skills/app-builder/templates/chrome-extension/TEMPLATE.md +92 -92
package/.agent/skills/app-builder/templates/cli-tool/TEMPLATE.md +88 -88
package/.agent/skills/app-builder/templates/electron-desktop/TEMPLATE.md +88 -88
package/.agent/skills/app-builder/templates/express-api/TEMPLATE.md +83 -83
package/.agent/skills/app-builder/templates/flutter-app/TEMPLATE.md +90 -90
package/.agent/skills/app-builder/templates/monorepo-turborepo/TEMPLATE.md +90 -90
package/.agent/skills/app-builder/templates/nextjs-fullstack/TEMPLATE.md +122 -122
package/.agent/skills/app-builder/templates/nextjs-saas/TEMPLATE.md +122 -122
package/.agent/skills/app-builder/templates/nextjs-static/TEMPLATE.md +169 -169
package/.agent/skills/app-builder/templates/nuxt-app/TEMPLATE.md +134 -134
package/.agent/skills/app-builder/templates/python-fastapi/TEMPLATE.md +83 -83
package/.agent/skills/app-builder/templates/react-native-app/TEMPLATE.md +119 -119
package/.agent/skills/architecture/SKILL.md +55 -55
package/.agent/skills/architecture/context-discovery.md +43 -43
package/.agent/skills/architecture/examples.md +94 -94
package/.agent/skills/architecture/pattern-selection.md +68 -68
package/.agent/skills/architecture/patterns-reference.md +50 -50
package/.agent/skills/architecture/trade-off-analysis.md +77 -77
package/.agent/skills/architecture-decision-records/SKILL.md +179 -0
package/.agent/skills/article-writing/SKILL.md +79 -0
package/.agent/skills/autonomous-agent-harness/SKILL.md +267 -0
package/.agent/skills/autonomous-loops/SKILL.md +610 -0
package/.agent/skills/backend-patterns/SKILL.md +598 -0
package/.agent/skills/bash-linux/SKILL.md +199 -199
package/.agent/skills/behavioral-modes/SKILL.md +242 -242
package/.agent/skills/benchmark/SKILL.md +93 -0
package/.agent/skills/blueprint/SKILL.md +105 -0
package/.agent/skills/brainstorming/SKILL.md +163 -163
package/.agent/skills/brainstorming/dynamic-questioning.md +350 -350
package/.agent/skills/brand-voice/SKILL.md +97 -0
package/.agent/skills/brand-voice/references/voice-profile-schema.md +55 -0
package/.agent/skills/browser-qa/SKILL.md +87 -0
package/.agent/skills/bun-runtime/SKILL.md +84 -0
package/.agent/skills/canary-watch/SKILL.md +99 -0
package/.agent/skills/carrier-relationship-management/SKILL.md +212 -0
package/.agent/skills/ck/SKILL.md +147 -0
package/.agent/skills/ck/commands/forget.mjs +44 -0
package/.agent/skills/ck/commands/info.mjs +24 -0
package/.agent/skills/ck/commands/init.mjs +143 -0
package/.agent/skills/ck/commands/list.mjs +40 -0
package/.agent/skills/ck/commands/migrate.mjs +202 -0
package/.agent/skills/ck/commands/resume.mjs +36 -0
package/.agent/skills/ck/commands/save.mjs +210 -0
package/.agent/skills/ck/commands/shared.mjs +387 -0
package/.agent/skills/ck/hooks/session-start.mjs +224 -0
package/.agent/skills/claude-api/SKILL.md +337 -0
package/.agent/skills/claude-devfleet/SKILL.md +103 -0
package/.agent/skills/clean-code/SKILL.md +201 -201
package/.agent/skills/click-path-audit/SKILL.md +244 -0
package/.agent/skills/clickhouse-io/SKILL.md +439 -0
package/.agent/skills/code-review-checklist/SKILL.md +109 -109
package/.agent/skills/codebase-onboarding/SKILL.md +233 -0
package/.agent/skills/coding-standards/SKILL.md +530 -0
package/.agent/skills/compose-multiplatform-patterns/SKILL.md +299 -0
package/.agent/skills/configure-ecc/SKILL.md +367 -0
package/.agent/skills/connections-optimizer/SKILL.md +189 -0
package/.agent/skills/content-engine/SKILL.md +131 -0
package/.agent/skills/content-hash-cache-pattern/SKILL.md +161 -0
package/.agent/skills/context-budget/SKILL.md +135 -0
package/.agent/skills/continuous-agent-loop/SKILL.md +45 -0
package/.agent/skills/continuous-learning/SKILL.md +119 -0
package/.agent/skills/continuous-learning/config.json +18 -0
package/.agent/skills/continuous-learning/evaluate-session.sh +69 -0
package/.agent/skills/continuous-learning-v2/SKILL.md +365 -0
package/.agent/skills/continuous-learning-v2/agents/observer-loop.sh +271 -0
package/.agent/skills/continuous-learning-v2/agents/observer.md +198 -0
package/.agent/skills/continuous-learning-v2/agents/session-guardian.sh +150 -0
package/.agent/skills/continuous-learning-v2/agents/start-observer.sh +244 -0
package/.agent/skills/continuous-learning-v2/config.json +8 -0
package/.agent/skills/continuous-learning-v2/hooks/observe.sh +428 -0
package/.agent/skills/continuous-learning-v2/scripts/detect-project.sh +228 -0
package/.agent/skills/continuous-learning-v2/scripts/instinct-cli.py +1426 -0
package/.agent/skills/continuous-learning-v2/scripts/test-parse-instinct.py +984 -0
package/.agent/skills/cost-aware-llm-pipeline/SKILL.md +183 -0
package/.agent/skills/cpp-coding-standards/SKILL.md +723 -0
package/.agent/skills/cpp-testing/SKILL.md +324 -0
package/.agent/skills/crosspost/SKILL.md +111 -0
package/.agent/skills/csharp-testing/SKILL.md +321 -0
package/.agent/skills/customer-billing-ops/SKILL.md +140 -0
package/.agent/skills/customs-trade-compliance/SKILL.md +263 -0
package/.agent/skills/dart-flutter-patterns/SKILL.md +563 -0
package/.agent/skills/data-scraper-agent/SKILL.md +764 -0
package/.agent/skills/database-design/SKILL.md +52 -52
package/.agent/skills/database-design/database-selection.md +43 -43
package/.agent/skills/database-design/indexing.md +39 -39
package/.agent/skills/database-design/migrations.md +48 -48
package/.agent/skills/database-design/optimization.md +36 -36
package/.agent/skills/database-design/orm-selection.md +30 -30
package/.agent/skills/database-design/schema-design.md +56 -56
package/.agent/skills/database-design/scripts/schema_validator.py +172 -172
package/.agent/skills/database-migrations/SKILL.md +429 -0
package/.agent/skills/deep-research/SKILL.md +155 -0
package/.agent/skills/deployment-patterns/SKILL.md +427 -0
package/.agent/skills/deployment-procedures/SKILL.md +241 -241
package/.agent/skills/design-system/SKILL.md +82 -0
package/.agent/skills/django-patterns/SKILL.md +734 -0
package/.agent/skills/django-security/SKILL.md +593 -0
package/.agent/skills/django-tdd/SKILL.md +729 -0
package/.agent/skills/django-verification/SKILL.md +469 -0
package/.agent/skills/dmux-workflows/SKILL.md +191 -0
package/.agent/skills/doc.md +177 -177
package/.agent/skills/docker-patterns/SKILL.md +364 -0
package/.agent/skills/documentation-lookup/SKILL.md +90 -0
package/.agent/skills/documentation-templates/SKILL.md +194 -194
package/.agent/skills/dotnet-patterns/SKILL.md +321 -0
package/.agent/skills/e2e-testing/SKILL.md +326 -0
package/.agent/skills/energy-procurement/SKILL.md +228 -0
package/.agent/skills/enterprise-agent-ops/SKILL.md +50 -0
package/.agent/skills/eval-harness/SKILL.md +270 -0
package/.agent/skills/exa-search/SKILL.md +103 -0
package/.agent/skills/fal-ai-media/SKILL.md +284 -0
package/.agent/skills/flutter-dart-code-review/SKILL.md +435 -0
package/.agent/skills/foundation-models-on-device/SKILL.md +243 -0
package/.agent/skills/frontend-design/SKILL.md +452 -452
package/.agent/skills/frontend-design/animation-guide.md +331 -331
package/.agent/skills/frontend-design/color-system.md +311 -311
package/.agent/skills/frontend-design/decision-trees.md +418 -418
package/.agent/skills/frontend-design/motion-graphics.md +306 -306
package/.agent/skills/frontend-design/scripts/accessibility_checker.py +183 -183
package/.agent/skills/frontend-design/scripts/ux_audit.py +722 -722
package/.agent/skills/frontend-design/typography-system.md +345 -345
package/.agent/skills/frontend-design/ux-psychology.md +1116 -1116
package/.agent/skills/frontend-design/visual-effects.md +383 -383
package/.agent/skills/frontend-patterns/SKILL.md +642 -0
package/.agent/skills/frontend-slides/SKILL.md +184 -0
package/.agent/skills/frontend-slides/style-presets.md +330 -0
package/.agent/skills/game-development/2d-games/SKILL.md +119 -119
package/.agent/skills/game-development/3d-games/SKILL.md +135 -135
package/.agent/skills/game-development/SKILL.md +167 -167
package/.agent/skills/game-development/game-art/SKILL.md +185 -185
package/.agent/skills/game-development/game-audio/SKILL.md +190 -190
package/.agent/skills/game-development/game-design/SKILL.md +129 -129
package/.agent/skills/game-development/mobile-games/SKILL.md +108 -108
package/.agent/skills/game-development/multiplayer/SKILL.md +132 -132
package/.agent/skills/game-development/pc-games/SKILL.md +144 -144
package/.agent/skills/game-development/vr-ar/SKILL.md +123 -123
package/.agent/skills/game-development/web-games/SKILL.md +150 -150
package/.agent/skills/gan-style-harness/SKILL.md +278 -0
package/.agent/skills/geo-fundamentals/SKILL.md +156 -156
package/.agent/skills/geo-fundamentals/scripts/geo_checker.py +289 -289
package/.agent/skills/git-workflow/SKILL.md +715 -0
package/.agent/skills/golang-patterns/SKILL.md +674 -0
package/.agent/skills/golang-testing/SKILL.md +720 -0
package/.agent/skills/google-workspace-ops/SKILL.md +95 -0
package/.agent/skills/healthcare-cdss-patterns/SKILL.md +245 -0
package/.agent/skills/healthcare-emr-patterns/SKILL.md +159 -0
package/.agent/skills/healthcare-eval-harness/SKILL.md +207 -0
package/.agent/skills/healthcare-phi-compliance/SKILL.md +145 -0
package/.agent/skills/hexagonal-architecture/SKILL.md +276 -0
package/.agent/skills/i18n-localization/SKILL.md +154 -154
package/.agent/skills/i18n-localization/scripts/i18n_checker.py +241 -241
package/.agent/skills/intelligent-routing/SKILL.md +335 -335
package/.agent/skills/inventory-demand-planning/SKILL.md +247 -0
package/.agent/skills/investor-materials/SKILL.md +96 -0
package/.agent/skills/investor-outreach/SKILL.md +91 -0
package/.agent/skills/iterative-retrieval/SKILL.md +211 -0
package/.agent/skills/java-coding-standards/SKILL.md +147 -0
package/.agent/skills/jira-integration/SKILL.md +293 -0
package/.agent/skills/jpa-patterns/SKILL.md +151 -0
package/.agent/skills/kotlin-coroutines-flows/SKILL.md +284 -0
package/.agent/skills/kotlin-exposed-patterns/SKILL.md +719 -0
package/.agent/skills/kotlin-ktor-patterns/SKILL.md +689 -0
package/.agent/skills/kotlin-patterns/SKILL.md +711 -0
package/.agent/skills/kotlin-testing/SKILL.md +824 -0
package/.agent/skills/laravel-patterns/SKILL.md +415 -0
package/.agent/skills/laravel-plugin-discovery/SKILL.md +229 -0
package/.agent/skills/laravel-security/SKILL.md +285 -0
package/.agent/skills/laravel-tdd/SKILL.md +283 -0
package/.agent/skills/laravel-verification/SKILL.md +179 -0
package/.agent/skills/lead-intelligence/SKILL.md +321 -0
package/.agent/skills/lead-intelligence/agents/enrichment-agent.md +85 -0
package/.agent/skills/lead-intelligence/agents/mutual-mapper.md +75 -0
package/.agent/skills/lead-intelligence/agents/outreach-drafter.md +98 -0
package/.agent/skills/lead-intelligence/agents/signal-scorer.md +60 -0
package/.agent/skills/lint-and-validate/SKILL.md +45 -45
package/.agent/skills/lint-and-validate/scripts/lint_runner.py +184 -184
package/.agent/skills/lint-and-validate/scripts/type_coverage.py +173 -173
package/.agent/skills/liquid-glass-design/SKILL.md +279 -0
package/.agent/skills/logistics-exception-management/SKILL.md +222 -0
package/.agent/skills/manim-video/SKILL.md +89 -0
package/.agent/skills/manim-video/assets/network-graph-scene.py +52 -0
package/.agent/skills/market-research/SKILL.md +75 -0
package/.agent/skills/mcp-builder/SKILL.md +173 -113
package/.agent/skills/mcp-builder/license.txt +202 -0
package/.agent/skills/mcp-builder/reference/evaluation.md +602 -0
package/.agent/skills/mcp-builder/reference/mcp-best-practices.md +249 -0
package/.agent/skills/mcp-builder/reference/node-mcp-server.md +970 -0
package/.agent/skills/mcp-builder/reference/python-mcp-server.md +719 -0
package/.agent/skills/mcp-builder/scripts/connections.py +151 -0
package/.agent/skills/mcp-builder/scripts/evaluation.py +373 -0
package/.agent/skills/mcp-builder/scripts/example-evaluation.xml +22 -0
package/.agent/skills/mcp-builder/scripts/requirements.txt +2 -0
package/.agent/skills/mcp-server-patterns/SKILL.md +67 -0
package/.agent/skills/mobile-design/SKILL.md +394 -394
package/.agent/skills/mobile-design/decision-trees.md +516 -516
package/.agent/skills/mobile-design/mobile-backend.md +491 -491
package/.agent/skills/mobile-design/mobile-color-system.md +420 -420
package/.agent/skills/mobile-design/mobile-debugging.md +122 -122
package/.agent/skills/mobile-design/mobile-design-thinking.md +357 -357
package/.agent/skills/mobile-design/mobile-navigation.md +458 -458
package/.agent/skills/mobile-design/mobile-performance.md +767 -767
package/.agent/skills/mobile-design/mobile-testing.md +356 -356
package/.agent/skills/mobile-design/mobile-typography.md +433 -433
package/.agent/skills/mobile-design/platform-android.md +666 -666
package/.agent/skills/mobile-design/platform-ios.md +561 -561
package/.agent/skills/mobile-design/scripts/mobile_audit.py +670 -670
package/.agent/skills/mobile-design/touch-psychology.md +537 -537
package/.agent/skills/nanoclaw-repl/SKILL.md +33 -0
package/.agent/skills/nestjs-patterns/SKILL.md +230 -0
package/.agent/skills/nextjs-react-expert/1-async-eliminating-waterfalls.md +351 -351
package/.agent/skills/nextjs-react-expert/2-bundle-bundle-size-optimization.md +240 -240
package/.agent/skills/nextjs-react-expert/3-server-server-side-performance.md +490 -490
package/.agent/skills/nextjs-react-expert/4-client-client-side-data-fetching.md +264 -264
package/.agent/skills/nextjs-react-expert/5-rerender-re-render-optimization.md +581 -581
package/.agent/skills/nextjs-react-expert/6-rendering-rendering-performance.md +432 -432
package/.agent/skills/nextjs-react-expert/7-js-javascript-performance.md +684 -684
package/.agent/skills/nextjs-react-expert/8-advanced-advanced-patterns.md +150 -150
package/.agent/skills/nextjs-react-expert/9-cache-components.md +103 -103
package/.agent/skills/nextjs-react-expert/SKILL.md +293 -293
package/.agent/skills/nextjs-react-expert/scripts/convert_rules.py +222 -222
package/.agent/skills/nextjs-react-expert/scripts/react_performance_checker.py +252 -252
package/.agent/skills/nextjs-turbopack/SKILL.md +44 -0
package/.agent/skills/nodejs-best-practices/SKILL.md +333 -333
package/.agent/skills/nutrient-document-processing/SKILL.md +167 -0
package/.agent/skills/nuxt4-patterns/SKILL.md +100 -0
package/.agent/skills/openclaw-persona-forge/SKILL.md +296 -0
package/.agent/skills/openclaw-persona-forge/gacha.py +224 -0
package/.agent/skills/openclaw-persona-forge/gacha.sh +5 -0
package/.agent/skills/openclaw-persona-forge/references/avatar-style.md +124 -0
package/.agent/skills/openclaw-persona-forge/references/boundary-rules.md +53 -0
package/.agent/skills/openclaw-persona-forge/references/error-handling.md +53 -0
package/.agent/skills/openclaw-persona-forge/references/identity-tension.md +48 -0
package/.agent/skills/openclaw-persona-forge/references/naming-system.md +39 -0
package/.agent/skills/openclaw-persona-forge/references/output-template.md +166 -0
package/.agent/skills/opensource-pipeline/SKILL.md +255 -0
package/.agent/skills/parallel-agents/SKILL.md +175 -175
package/.agent/skills/performance-profiling/SKILL.md +143 -143
package/.agent/skills/performance-profiling/scripts/lighthouse_audit.py +76 -76
package/.agent/skills/perl-patterns/SKILL.md +504 -0
package/.agent/skills/perl-security/SKILL.md +503 -0
package/.agent/skills/perl-testing/SKILL.md +475 -0
package/.agent/skills/plan-writing/SKILL.md +152 -152
package/.agent/skills/plankton-code-quality/SKILL.md +236 -0
package/.agent/skills/postgres-patterns/SKILL.md +147 -0
package/.agent/skills/powershell-windows/SKILL.md +167 -167
package/.agent/skills/product-lens/SKILL.md +85 -0
package/.agent/skills/production-scheduling/SKILL.md +238 -0
package/.agent/skills/project-flow-ops/SKILL.md +111 -0
package/.agent/skills/project-guidelines-example/SKILL.md +349 -0
package/.agent/skills/prompt-optimizer/SKILL.md +397 -0
package/.agent/skills/python-patterns/SKILL.md +750 -441
package/.agent/skills/python-testing/SKILL.md +816 -0
package/.agent/skills/pytorch-patterns/SKILL.md +396 -0
package/.agent/skills/quality-nonconformance/SKILL.md +260 -0
package/.agent/skills/ralphinho-rfc-pipeline/SKILL.md +67 -0
package/.agent/skills/red-team-tactics/SKILL.md +199 -199
package/.agent/skills/regex-vs-llm-structured-text/SKILL.md +220 -0
package/.agent/skills/remotion-video-creation/SKILL.md +43 -0
package/.agent/skills/remotion-video-creation/rules/3d.md +86 -0
package/.agent/skills/remotion-video-creation/rules/animations.md +29 -0
package/.agent/skills/remotion-video-creation/rules/assets/charts-bar-chart.tsx +173 -0
package/.agent/skills/remotion-video-creation/rules/assets/text-animations-typewriter.tsx +100 -0
package/.agent/skills/remotion-video-creation/rules/assets/text-animations-word-highlight.tsx +108 -0
package/.agent/skills/remotion-video-creation/rules/assets.md +78 -0
package/.agent/skills/remotion-video-creation/rules/audio.md +172 -0
package/.agent/skills/remotion-video-creation/rules/calculate-metadata.md +104 -0
package/.agent/skills/remotion-video-creation/rules/can-decode.md +75 -0
package/.agent/skills/remotion-video-creation/rules/charts.md +58 -0
package/.agent/skills/remotion-video-creation/rules/compositions.md +146 -0
package/.agent/skills/remotion-video-creation/rules/display-captions.md +126 -0
package/.agent/skills/remotion-video-creation/rules/extract-frames.md +229 -0
package/.agent/skills/remotion-video-creation/rules/fonts.md +152 -0
package/.agent/skills/remotion-video-creation/rules/get-audio-duration.md +58 -0
package/.agent/skills/remotion-video-creation/rules/get-video-dimensions.md +68 -0
package/.agent/skills/remotion-video-creation/rules/get-video-duration.md +58 -0
package/.agent/skills/remotion-video-creation/rules/gifs.md +138 -0
package/.agent/skills/remotion-video-creation/rules/images.md +130 -0
package/.agent/skills/remotion-video-creation/rules/import-srt-captions.md +67 -0
package/.agent/skills/remotion-video-creation/rules/lottie.md +67 -0
package/.agent/skills/remotion-video-creation/rules/measuring-dom-nodes.md +34 -0
package/.agent/skills/remotion-video-creation/rules/measuring-text.md +143 -0
package/.agent/skills/remotion-video-creation/rules/sequencing.md +106 -0
package/.agent/skills/remotion-video-creation/rules/tailwind.md +11 -0
package/.agent/skills/remotion-video-creation/rules/text-animations.md +20 -0
package/.agent/skills/remotion-video-creation/rules/timing.md +179 -0
package/.agent/skills/remotion-video-creation/rules/transcribe-captions.md +19 -0
package/.agent/skills/remotion-video-creation/rules/transitions.md +122 -0
package/.agent/skills/remotion-video-creation/rules/trimming.md +52 -0
package/.agent/skills/remotion-video-creation/rules/videos.md +171 -0
package/.agent/skills/repo-scan/SKILL.md +78 -0
package/.agent/skills/returns-reverse-logistics/SKILL.md +240 -0
package/.agent/skills/rules-distill/SKILL.md +264 -0
package/.agent/skills/rules-distill/scripts/scan-rules.sh +58 -0
package/.agent/skills/rules-distill/scripts/scan-skills.sh +129 -0
package/.agent/skills/rust-patterns/SKILL.md +499 -0
package/.agent/skills/rust-pro/SKILL.md +175 -175
package/.agent/skills/rust-testing/SKILL.md +500 -0
package/.agent/skills/safety-guard/SKILL.md +75 -0
package/.agent/skills/santa-method/SKILL.md +306 -0
package/.agent/skills/search-first/SKILL.md +161 -0
package/.agent/skills/security-review/SKILL.md +495 -0
package/.agent/skills/security-review/cloud-infrastructure-security.md +361 -0
package/.agent/skills/security-scan/SKILL.md +165 -0
package/.agent/skills/seo-fundamentals/SKILL.md +129 -129
package/.agent/skills/seo-fundamentals/scripts/seo_checker.py +219 -219
package/.agent/skills/server-management/SKILL.md +161 -161
package/.agent/skills/skill-comply/SKILL.md +58 -0
package/.agent/skills/skill-comply/fixtures/compliant-trace.jsonl +5 -0
package/.agent/skills/skill-comply/fixtures/noncompliant-trace.jsonl +3 -0
package/.agent/skills/skill-comply/fixtures/tdd-spec.yaml +44 -0
package/.agent/skills/skill-comply/prompts/classifier.md +24 -0
package/.agent/skills/skill-comply/prompts/scenario-generator.md +62 -0
package/.agent/skills/skill-comply/prompts/spec-generator.md +42 -0
package/.agent/skills/skill-comply/pyproject.toml +15 -0
package/.agent/skills/skill-comply/scripts/classifier.py +85 -0
package/.agent/skills/skill-comply/scripts/grader.py +122 -0
package/.agent/skills/skill-comply/scripts/init.py +0 -0
package/.agent/skills/skill-comply/scripts/parser.py +107 -0
package/.agent/skills/skill-comply/scripts/report.py +170 -0
package/.agent/skills/skill-comply/scripts/run.py +127 -0
package/.agent/skills/skill-comply/scripts/runner.py +161 -0
package/.agent/skills/skill-comply/scripts/scenario-generator.py +70 -0
package/.agent/skills/skill-comply/scripts/spec-generator.py +72 -0
package/.agent/skills/skill-comply/scripts/utils.py +13 -0
package/.agent/skills/skill-comply/tests/test-grader.py +137 -0
package/.agent/skills/skill-comply/tests/test-parser.py +90 -0
package/.agent/skills/skill-creator/SKILL.md +485 -0
package/.agent/skills/skill-creator/agents/analyzer.md +274 -0
package/.agent/skills/skill-creator/agents/comparator.md +202 -0
package/.agent/skills/skill-creator/agents/grader.md +223 -0
package/.agent/skills/skill-creator/assets/eval-review.html +146 -0
package/.agent/skills/skill-creator/eval-viewer/generate-review.py +471 -0
package/.agent/skills/skill-creator/eval-viewer/viewer.html +1325 -0
package/.agent/skills/skill-creator/license.txt +202 -0
package/.agent/skills/skill-creator/references/schemas.md +430 -0
package/.agent/skills/skill-creator/scripts/aggregate-benchmark.py +401 -0
package/.agent/skills/skill-creator/scripts/generate-report.py +326 -0
package/.agent/skills/skill-creator/scripts/improve-description.py +247 -0
package/.agent/skills/skill-creator/scripts/init.py +0 -0
package/.agent/skills/skill-creator/scripts/package-skill.py +136 -0
package/.agent/skills/skill-creator/scripts/quick-validate.py +103 -0
package/.agent/skills/skill-creator/scripts/run-eval.py +310 -0
package/.agent/skills/skill-creator/scripts/run-loop.py +328 -0
package/.agent/skills/skill-creator/scripts/utils.py +47 -0
package/.agent/skills/skill-stocktake/SKILL.md +193 -0
package/.agent/skills/skill-stocktake/scripts/quick-diff.sh +87 -0
package/.agent/skills/skill-stocktake/scripts/save-results.sh +56 -0
package/.agent/skills/skill-stocktake/scripts/scan.sh +170 -0
package/.agent/skills/social-graph-ranker/SKILL.md +154 -0
package/.agent/skills/springboot-patterns/SKILL.md +314 -0
package/.agent/skills/springboot-security/SKILL.md +272 -0
package/.agent/skills/springboot-tdd/SKILL.md +158 -0
package/.agent/skills/springboot-verification/SKILL.md +231 -0
package/.agent/skills/strategic-compact/SKILL.md +131 -0
package/.agent/skills/strategic-compact/suggest-compact.sh +54 -0
package/.agent/skills/swift-actor-persistence/SKILL.md +143 -0
package/.agent/skills/swift-concurrency-6-2/SKILL.md +216 -0
package/.agent/skills/swift-protocol-di-testing/SKILL.md +190 -0
package/.agent/skills/swiftui-patterns/SKILL.md +259 -0
package/.agent/skills/systematic-debugging/SKILL.md +109 -109
package/.agent/skills/tailwind-patterns/SKILL.md +269 -269
package/.agent/skills/tdd-workflow/SKILL.md +463 -149
package/.agent/skills/team-builder/SKILL.md +168 -0
package/.agent/skills/testing-patterns/SKILL.md +178 -178
package/.agent/skills/testing-patterns/scripts/test_runner.py +219 -219
package/.agent/skills/token-budget-advisor/SKILL.md +133 -0
package/.agent/skills/ui-demo/SKILL.md +465 -0
package/.agent/skills/ui-ux-pro-max/SKILL.md +292 -292
package/.agent/skills/ui-ux-pro-max/data/icons.csv +101 -101
package/.agent/skills/ui-ux-pro-max/data/landing.csv +3 -3
package/.agent/skills/ui-ux-pro-max/data/react-performance.csv +45 -45
package/.agent/skills/ui-ux-pro-max/data/stacks/astro.csv +54 -54
package/.agent/skills/ui-ux-pro-max/data/stacks/jetpack-compose.csv +53 -53
package/.agent/skills/ui-ux-pro-max/data/stacks/nuxt-ui.csv +51 -51
package/.agent/skills/ui-ux-pro-max/data/stacks/nuxtjs.csv +59 -59
package/.agent/skills/ui-ux-pro-max/data/stacks/shadcn.csv +61 -61
package/.agent/skills/ui-ux-pro-max/data/typography.csv +57 -57
package/.agent/skills/ui-ux-pro-max/data/ui-reasoning.csv +101 -101
package/.agent/skills/ui-ux-pro-max/data/web-interface.csv +31 -31
package/.agent/skills/ui-ux-pro-max/scripts/core.py +253 -253
package/.agent/skills/ui-ux-pro-max/scripts/design_system.py +1067 -1067
package/.agent/skills/verification-loop/SKILL.md +126 -0
package/.agent/skills/video-editing/SKILL.md +310 -0
package/.agent/skills/videodb/SKILL.md +374 -0
package/.agent/skills/videodb/reference/api-reference.md +550 -0
package/.agent/skills/videodb/reference/capture-reference.md +407 -0
package/.agent/skills/videodb/reference/capture.md +101 -0
package/.agent/skills/videodb/reference/editor.md +443 -0
package/.agent/skills/videodb/reference/generative.md +331 -0
package/.agent/skills/videodb/reference/rtstream-reference.md +564 -0
package/.agent/skills/videodb/reference/rtstream.md +65 -0
package/.agent/skills/videodb/reference/search.md +230 -0
package/.agent/skills/videodb/reference/streaming.md +406 -0
package/.agent/skills/videodb/reference/use-cases.md +118 -0
package/.agent/skills/videodb/scripts/ws-listener.py +282 -0
package/.agent/skills/visa-doc-translate/SKILL.md +117 -0
package/.agent/skills/visa-doc-translate/readme.md +86 -0
package/.agent/skills/vulnerability-scanner/SKILL.md +276 -276
package/.agent/skills/vulnerability-scanner/checklists.md +121 -121
package/.agent/skills/vulnerability-scanner/scripts/security_scan.py +458 -458
package/.agent/skills/web-design-guidelines/SKILL.md +57 -57
package/.agent/skills/webapp-testing/SKILL.md +187 -187
package/.agent/skills/webapp-testing/scripts/playwright_runner.py +173 -173
package/.agent/skills/workspace-surface-audit/SKILL.md +125 -0
package/.agent/skills/x-api/SKILL.md +230 -0
package/.agent/tasks/lessons.md +40 -40
package/.agent/tasks/todo.md +33 -33
package/.agent/tasks/two-track-merge-contract.md +29 -0
package/.agent/workflows/aside.md +3 -3
package/.agent/workflows/brainstorm.md +113 -113
package/.agent/workflows/claw.md +13 -41
package/.agent/workflows/clean-memory.md +34 -0
package/.agent/workflows/code-review.md +260 -11
package/.agent/workflows/context-budget.md +12 -18
package/.agent/workflows/cpp-build.md +1 -1
package/.agent/workflows/cpp-review.md +4 -4
package/.agent/workflows/create.md +59 -59
package/.agent/workflows/debug.md +103 -103
package/.agent/workflows/deploy.md +176 -176
package/.agent/workflows/devfleet.md +13 -82
package/.agent/workflows/docs.md +13 -21
package/.agent/workflows/e2e.md +38 -135
package/.agent/workflows/enhance.md +63 -63
package/.agent/workflows/eval.md +15 -112
package/.agent/workflows/flutter-build.md +164 -0
package/.agent/workflows/flutter-review.md +116 -0
package/.agent/workflows/flutter-test.md +144 -0
package/.agent/workflows/gan-build.md +99 -0
package/.agent/workflows/gan-design.md +35 -0
package/.agent/workflows/go-build.md +1 -1
package/.agent/workflows/go-review.md +4 -4
package/.agent/workflows/harness-audit.md +5 -3
package/.agent/workflows/init-docs.md +46 -46
package/.agent/workflows/instinct-import.md +4 -4
package/.agent/workflows/jira.md +106 -0
package/.agent/workflows/kotlin-build.md +1 -1
package/.agent/workflows/kotlin-review.md +5 -5
package/.agent/workflows/learn-eval.md +9 -9
package/.agent/workflows/multi-plan.md +10 -10
package/.agent/workflows/orchestrate.md +23 -119
package/.agent/workflows/plan.md +2 -0
package/.agent/workflows/preview.md +81 -81
package/.agent/workflows/prompt-optimize.md +13 -28
package/.agent/workflows/prp-commit.md +112 -0
package/.agent/workflows/prp-implement.md +385 -0
package/.agent/workflows/prp-plan.md +502 -0
package/.agent/workflows/prp-pr.md +184 -0
package/.agent/workflows/prp-prd.md +447 -0
package/.agent/workflows/python-review.md +5 -5
package/.agent/workflows/refactor-clean.md +1 -1
package/.agent/workflows/resume-session.md +10 -10
package/.agent/workflows/rules-distill.md +14 -5
package/.agent/workflows/santa-loop.md +175 -0
package/.agent/workflows/save-session.md +9 -9
package/.agent/workflows/status.md +86 -86
package/.agent/workflows/tdd.md +30 -127
package/.agent/workflows/test-coverage.md +1 -1
package/.agent/workflows/test.md +144 -144
package/.agent/workflows/ui-ux-pro-max.md +295 -295
package/.agent/workflows/verify.md +15 -51
package/README.md +163 -136
package/RELEASE.md +32 -36
package/SLASH_COMMANDS.md +121 -0
package/package.json +12 -3
package/scripts/release-check.js +1 -1
package/src/bin/cli.js +399 -53
package/src/lib/installer.js +360 -114
package/src/lib/manifests/stacks.js +122 -0
package/src/lib/slash-commands.js +28 -0
package/src/templates/claude/CLAUDE.en.md +42 -0
package/src/templates/claude/CLAUDE.md +42 -0
package/src/templates/claude/CLAUDE.vi.md +42 -0
package/src/templates/codex/AGENTS.en.md +40 -0
package/src/templates/codex/AGENTS.md +40 -0
package/src/templates/codex/AGENTS.vi.md +40 -0
package/src/templates/cursor/pilo-masterkit.mdc +20 -0
package/src/templates/gemini/GEMINI.en.md +56 -0
package/src/templates/gemini/GEMINI.md +56 -0
package/src/templates/gemini/GEMINI.vi.md +56 -0
package/src/templates/github/copilot-instructions.md +16 -0

package/.agent/skills/springboot-security/SKILL.md ADDED Viewed

@@ -0,0 +1,272 @@
+---
+name: springboot-security
+description: Spring Security best practices for authn/authz, validation, CSRF, secrets, headers, rate limiting, and dependency security in Java Spring Boot services.
+origin: ECC
+---
+# Spring Boot Security Review
+Use when adding auth, handling input, creating endpoints, or dealing with secrets.
+## When to Activate
+- Adding authentication (JWT, OAuth2, session-based)
+- Implementing authorization (@PreAuthorize, role-based access)
+- Validating user input (Bean Validation, custom validators)
+- Configuring CORS, CSRF, or security headers
+- Managing secrets (Vault, environment variables)
+- Adding rate limiting or brute-force protection
+- Scanning dependencies for CVEs
+## Authentication
+- Prefer stateless JWT or opaque tokens with revocation list
+- Use `httpOnly`, `Secure`, `SameSite=Strict` cookies for sessions
+- Validate tokens with `OncePerRequestFilter` or resource server
+```java
+@Component
+public class JwtAuthFilter extends OncePerRequestFilter {
+  private final JwtService jwtService;
+  public JwtAuthFilter(JwtService jwtService) {
+    this.jwtService = jwtService;
+  }
+  @Override
+  protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
+      FilterChain chain) throws ServletException, IOException {
+    String header = request.getHeader(HttpHeaders.AUTHORIZATION);
+    if (header != null && header.startsWith("Bearer ")) {
+      String token = header.substring(7);
+      Authentication auth = jwtService.authenticate(token);
+      SecurityContextHolder.getContext().setAuthentication(auth);
+    }
+    chain.doFilter(request, response);
+  }
+}
+```
+## Authorization
+- Enable method security: `@EnableMethodSecurity`
+- Use `@PreAuthorize("hasRole('ADMIN')")` or `@PreAuthorize("@authz.canEdit(#id)")`
+- Deny by default; expose only required scopes
+```java
+@RestController
+@RequestMapping("/api/admin")
+public class AdminController {
+  @PreAuthorize("hasRole('ADMIN')")
+  @GetMapping("/users")
+  public List<UserDto> listUsers() {
+    return userService.findAll();
+  }
+  @PreAuthorize("@authz.isOwner(#id, authentication)")
+  @DeleteMapping("/users/{id}")
+  public ResponseEntity<Void> deleteUser(@PathVariable Long id) {
+    userService.delete(id);
+    return ResponseEntity.noContent().build();
+  }
+}
+```
+## Input Validation
+- Use Bean Validation with `@Valid` on controllers
+- Apply constraints on DTOs: `@NotBlank`, `@Email`, `@Size`, custom validators
+- Sanitize any HTML with a whitelist before rendering
+```java
+// BAD: No validation
+@PostMapping("/users")
+public User createUser(@RequestBody UserDto dto) {
+  return userService.create(dto);
+}
+// GOOD: Validated DTO
+public record CreateUserDto(
+    @NotBlank @Size(max = 100) String name,
+    @NotBlank @Email String email,
+    @NotNull @Min(0) @Max(150) Integer age
+) {}
+@PostMapping("/users")
+public ResponseEntity<UserDto> createUser(@Valid @RequestBody CreateUserDto dto) {
+  return ResponseEntity.status(HttpStatus.CREATED)
+      .body(userService.create(dto));
+}
+```
+## SQL Injection Prevention
+- Use Spring Data repositories or parameterized queries
+- For native queries, use `:param` bindings; never concatenate strings
+```java
+// BAD: String concatenation in native query
+@Query(value = "SELECT * FROM users WHERE name = '" + name + "'", nativeQuery = true)
+// GOOD: Parameterized native query
+@Query(value = "SELECT * FROM users WHERE name = :name", nativeQuery = true)
+List<User> findByName(@Param("name") String name);
+// GOOD: Spring Data derived query (auto-parameterized)
+List<User> findByEmailAndActiveTrue(String email);
+```
+## Password Encoding
+- Always hash passwords with BCrypt or Argon2 — never store plaintext
+- Use `PasswordEncoder` bean, not manual hashing
+```java
+@Bean
+public PasswordEncoder passwordEncoder() {
+  return new BCryptPasswordEncoder(12); // cost factor 12
+}
+// In service
+public User register(CreateUserDto dto) {
+  String hashedPassword = passwordEncoder.encode(dto.password());
+  return userRepository.save(new User(dto.email(), hashedPassword));
+}
+```
+## CSRF Protection
+- For browser session apps, keep CSRF enabled; include token in forms/headers
+- For pure APIs with Bearer tokens, disable CSRF and rely on stateless auth
+```java
+http
+  .csrf(csrf -> csrf.disable())
+  .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
+```
+## Secrets Management
+- No secrets in source; load from env or vault
+- Keep `application.yml` free of credentials; use placeholders
+- Rotate tokens and DB credentials regularly
+```yaml
+# BAD: Hardcoded in application.yml
+spring:
+  datasource:
+    password: mySecretPassword123
+# GOOD: Environment variable placeholder
+spring:
+  datasource:
+    password: ${DB_PASSWORD}
+# GOOD: Spring Cloud Vault integration
+spring:
+  cloud:
+    vault:
+      uri: https://vault.example.com
+      token: ${VAULT_TOKEN}
+```
+## Security Headers
+```java
+http
+  .headers(headers -> headers
+    .contentSecurityPolicy(csp -> csp
+      .policyDirectives("default-src 'self'"))
+    .frameOptions(HeadersConfigurer.FrameOptionsConfig::sameOrigin)
+    .xssProtection(Customizer.withDefaults())
+    .referrerPolicy(rp -> rp.policy(ReferrerPolicyHeaderWriter.ReferrerPolicy.NO_REFERRER)));
+```
+## CORS Configuration
+- Configure CORS at the security filter level, not per-controller
+- Restrict allowed origins — never use `*` in production
+```java
+@Bean
+public CorsConfigurationSource corsConfigurationSource() {
+  CorsConfiguration config = new CorsConfiguration();
+  config.setAllowedOrigins(List.of("https://app.example.com"));
+  config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE"));
+  config.setAllowedHeaders(List.of("Authorization", "Content-Type"));
+  config.setAllowCredentials(true);
+  config.setMaxAge(3600L);
+  UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+  source.registerCorsConfiguration("/api/**", config);
+  return source;
+}
+// In SecurityFilterChain:
+http.cors(cors -> cors.configurationSource(corsConfigurationSource()));
+```
+## Rate Limiting
+- Apply Bucket4j or gateway-level limits on expensive endpoints
+- Log and alert on bursts; return 429 with retry hints
+```java
+// Using Bucket4j for per-endpoint rate limiting
+@Component
+public class RateLimitFilter extends OncePerRequestFilter {
+  private final Map<String, Bucket> buckets = new ConcurrentHashMap<>();
+  private Bucket createBucket() {
+    return Bucket.builder()
+        .addLimit(Bandwidth.classic(100, Refill.intervally(100, Duration.ofMinutes(1))))
+        .build();
+  }
+  @Override
+  protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
+      FilterChain chain) throws ServletException, IOException {
+    String clientIp = request.getRemoteAddr();
+    Bucket bucket = buckets.computeIfAbsent(clientIp, k -> createBucket());
+    if (bucket.tryConsume(1)) {
+      chain.doFilter(request, response);
+    } else {
+      response.setStatus(HttpStatus.TOO_MANY_REQUESTS.value());
+      response.getWriter().write("{\"error\": \"Rate limit exceeded\"}");
+    }
+  }
+}
+```
+## Dependency Security
+- Run OWASP Dependency Check / Snyk in CI
+- Keep Spring Boot and Spring Security on supported versions
+- Fail builds on known CVEs
+## Logging and PII
+- Never log secrets, tokens, passwords, or full PAN data
+- Redact sensitive fields; use structured JSON logging
+## File Uploads
+- Validate size, content type, and extension
+- Store outside web root; scan if required
+## Checklist Before Release
+- [ ] Auth tokens validated and expired correctly
+- [ ] Authorization guards on every sensitive path
+- [ ] All inputs validated and sanitized
+- [ ] No string-concatenated SQL
+- [ ] CSRF posture correct for app type
+- [ ] Secrets externalized; none committed
+- [ ] Security headers configured
+- [ ] Rate limiting on APIs
+- [ ] Dependencies scanned and up to date
+- [ ] Logs free of sensitive data
+**Remember**: Deny by default, validate inputs, least privilege, and secure-by-configuration first.

package/.agent/skills/springboot-tdd/SKILL.md ADDED Viewed

@@ -0,0 +1,158 @@
+---
+name: springboot-tdd
+description: Test-driven development for Spring Boot using JUnit 5, Mockito, MockMvc, Testcontainers, and JaCoCo. Use when adding features, fixing bugs, or refactoring.
+origin: ECC
+---
+# Spring Boot TDD Workflow
+TDD guidance for Spring Boot services with 80%+ coverage (unit + integration).
+## When to Use
+- New features or endpoints
+- Bug fixes or refactors
+- Adding data access logic or security rules
+## Workflow
+1) Write tests first (they should fail)
+2) Implement minimal code to pass
+3) Refactor with tests green
+4) Enforce coverage (JaCoCo)
+## Unit Tests (JUnit 5 + Mockito)
+```java
+@ExtendWith(MockitoExtension.class)
+class MarketServiceTest {
+  @Mock MarketRepository repo;
+  @InjectMocks MarketService service;
+  @Test
+  void createsMarket() {
+    CreateMarketRequest req = new CreateMarketRequest("name", "desc", Instant.now(), List.of("cat"));
+    when(repo.save(any())).thenAnswer(inv -> inv.getArgument(0));
+    Market result = service.create(req);
+    assertThat(result.name()).isEqualTo("name");
+    verify(repo).save(any());
+  }
+}
+```
+Patterns:
+- Arrange-Act-Assert
+- Avoid partial mocks; prefer explicit stubbing
+- Use `@ParameterizedTest` for variants
+## Web Layer Tests (MockMvc)
+```java
+@WebMvcTest(MarketController.class)
+class MarketControllerTest {
+  @Autowired MockMvc mockMvc;
+  @MockBean MarketService marketService;
+  @Test
+  void returnsMarkets() throws Exception {
+    when(marketService.list(any())).thenReturn(Page.empty());
+    mockMvc.perform(get("/api/markets"))
+        .andExpect(status().isOk())
+        .andExpect(jsonPath("$.content").isArray());
+  }
+}
+```
+## Integration Tests (SpringBootTest)
+```java
+@SpringBootTest
+@AutoConfigureMockMvc
+@ActiveProfiles("test")
+class MarketIntegrationTest {
+  @Autowired MockMvc mockMvc;
+  @Test
+  void createsMarket() throws Exception {
+    mockMvc.perform(post("/api/markets")
+        .contentType(MediaType.APPLICATION_JSON)
+        .content("""
+          {"name":"Test","description":"Desc","endDate":"2030-01-01T00:00:00Z","categories":["general"]}
+        """))
+      .andExpect(status().isCreated());
+  }
+}
+```
+## Persistence Tests (DataJpaTest)
+```java
+@DataJpaTest
+@AutoConfigureTestDatabase(replace = AutoConfigureTestDatabase.Replace.NONE)
+@Import(TestContainersConfig.class)
+class MarketRepositoryTest {
+  @Autowired MarketRepository repo;
+  @Test
+  void savesAndFinds() {
+    MarketEntity entity = new MarketEntity();
+    entity.setName("Test");
+    repo.save(entity);
+    Optional<MarketEntity> found = repo.findByName("Test");
+    assertThat(found).isPresent();
+  }
+}
+```
+## Testcontainers
+- Use reusable containers for Postgres/Redis to mirror production
+- Wire via `@DynamicPropertySource` to inject JDBC URLs into Spring context
+## Coverage (JaCoCo)
+Maven snippet:
+```xml
+<plugin>
+  <groupId>org.jacoco</groupId>
+  <artifactId>jacoco-maven-plugin</artifactId>
+  <version>0.8.14</version>
+  <executions>
+    <execution>
+      <goals><goal>prepare-agent</goal></goals>
+    </execution>
+    <execution>
+      <id>report</id>
+      <phase>verify</phase>
+      <goals><goal>report</goal></goals>
+    </execution>
+  </executions>
+</plugin>
+```
+## Assertions
+- Prefer AssertJ (`assertThat`) for readability
+- For JSON responses, use `jsonPath`
+- For exceptions: `assertThatThrownBy(...)`
+## Test Data Builders
+```java
+class MarketBuilder {
+  private String name = "Test";
+  MarketBuilder withName(String name) { this.name = name; return this; }
+  Market build() { return new Market(null, name, MarketStatus.ACTIVE); }
+}
+```
+## CI Commands
+- Maven: `mvn -T 4 test` or `mvn verify`
+- Gradle: `./gradlew test jacocoTestReport`
+**Remember**: Keep tests fast, isolated, and deterministic. Test behavior, not implementation details.

package/.agent/skills/springboot-verification/SKILL.md ADDED Viewed

@@ -0,0 +1,231 @@
+---
+name: springboot-verification
+description: "Verification loop for Spring Boot projects: build, static analysis, tests with coverage, security scans, and diff review before release or PR."
+origin: ECC
+---
+# Spring Boot Verification Loop
+Run before PRs, after major changes, and pre-deploy.
+## When to Activate
+- Before opening a pull request for a Spring Boot service
+- After major refactoring or dependency upgrades
+- Pre-deployment verification for staging or production
+- Running full build → lint → test → security scan pipeline
+- Validating test coverage meets thresholds
+## Phase 1: Build
+```bash
+mvn -T 4 clean verify -DskipTests
+# or
+./gradlew clean assemble -x test
+```
+If build fails, stop and fix.
+## Phase 2: Static Analysis
+Maven (common plugins):
+```bash
+mvn -T 4 spotbugs:check pmd:check checkstyle:check
+```
+Gradle (if configured):
+```bash
+./gradlew checkstyleMain pmdMain spotbugsMain
+```
+## Phase 3: Tests + Coverage
+```bash
+mvn -T 4 test
+mvn jacoco:report   # verify 80%+ coverage
+# or
+./gradlew test jacocoTestReport
+```
+Report:
+- Total tests, passed/failed
+- Coverage % (lines/branches)
+### Unit Tests
+Test service logic in isolation with mocked dependencies:
+```java
+@ExtendWith(MockitoExtension.class)
+class UserServiceTest {
+  @Mock private UserRepository userRepository;
+  @InjectMocks private UserService userService;
+  @Test
+  void createUser_validInput_returnsUser() {
+    var dto = new CreateUserDto("Alice", "alice@example.com");
+    var expected = new User(1L, "Alice", "alice@example.com");
+    when(userRepository.save(any(User.class))).thenReturn(expected);
+    var result = userService.create(dto);
+    assertThat(result.name()).isEqualTo("Alice");
+    verify(userRepository).save(any(User.class));
+  }
+  @Test
+  void createUser_duplicateEmail_throwsException() {
+    var dto = new CreateUserDto("Alice", "existing@example.com");
+    when(userRepository.existsByEmail(dto.email())).thenReturn(true);
+    assertThatThrownBy(() -> userService.create(dto))
+        .isInstanceOf(DuplicateEmailException.class);
+  }
+}
+```
+### Integration Tests with Testcontainers
+Test against a real database instead of H2:
+```java
+@SpringBootTest
+@Testcontainers
+class UserRepositoryIntegrationTest {
+  @Container
+  static PostgreSQLContainer<?> postgres = new PostgreSQLContainer<>("postgres:16-alpine")
+      .withDatabaseName("testdb");
+  @DynamicPropertySource
+  static void configureProperties(DynamicPropertyRegistry registry) {
+    registry.add("spring.datasource.url", postgres::getJdbcUrl);
+    registry.add("spring.datasource.username", postgres::getUsername);
+    registry.add("spring.datasource.password", postgres::getPassword);
+  }
+  @Autowired private UserRepository userRepository;
+  @Test
+  void findByEmail_existingUser_returnsUser() {
+    userRepository.save(new User("Alice", "alice@example.com"));
+    var found = userRepository.findByEmail("alice@example.com");
+    assertThat(found).isPresent();
+    assertThat(found.get().getName()).isEqualTo("Alice");
+  }
+}
+```
+### API Tests with MockMvc
+Test controller layer with full Spring context:
+```java
+@WebMvcTest(UserController.class)
+class UserControllerTest {
+  @Autowired private MockMvc mockMvc;
+  @MockBean private UserService userService;
+  @Test
+  void createUser_validInput_returns201() throws Exception {
+    var user = new UserDto(1L, "Alice", "alice@example.com");
+    when(userService.create(any())).thenReturn(user);
+    mockMvc.perform(post("/api/users")
+            .contentType(MediaType.APPLICATION_JSON)
+            .content("""
+                {"name": "Alice", "email": "alice@example.com"}
+                """))
+        .andExpect(status().isCreated())
+        .andExpect(jsonPath("$.name").value("Alice"));
+  }
+  @Test
+  void createUser_invalidEmail_returns400() throws Exception {
+    mockMvc.perform(post("/api/users")
+            .contentType(MediaType.APPLICATION_JSON)
+            .content("""
+                {"name": "Alice", "email": "not-an-email"}
+                """))
+        .andExpect(status().isBadRequest());
+  }
+}
+```
+## Phase 4: Security Scan
+```bash
+# Dependency CVEs
+mvn org.owasp:dependency-check-maven:check
+# or
+./gradlew dependencyCheckAnalyze
+# Secrets in source
+grep -rn "password\s*=\s*\"" src/ --include="*.java" --include="*.yml" --include="*.properties"
+grep -rn "sk-\|api_key\|secret" src/ --include="*.java" --include="*.yml"
+# Secrets (git history)
+git secrets --scan  # if configured
+```
+### Common Security Findings
+```
+# Check for System.out.println (use logger instead)
+grep -rn "System\.out\.print" src/main/ --include="*.java"
+# Check for raw exception messages in responses
+grep -rn "e\.getMessage()" src/main/ --include="*.java"
+# Check for wildcard CORS
+grep -rn "allowedOrigins.*\*" src/main/ --include="*.java"
+```
+## Phase 5: Lint/Format (optional gate)
+```bash
+mvn spotless:apply   # if using Spotless plugin
+./gradlew spotlessApply
+```
+## Phase 6: Diff Review
+```bash
+git diff --stat
+git diff
+```
+Checklist:
+- No debugging logs left (`System.out`, `log.debug` without guards)
+- Meaningful errors and HTTP statuses
+- Transactions and validation present where needed
+- Config changes documented
+## Output Template
+```
+VERIFICATION REPORT
+===================
+Build:     [PASS/FAIL]
+Static:    [PASS/FAIL] (spotbugs/pmd/checkstyle)
+Tests:     [PASS/FAIL] (X/Y passed, Z% coverage)
+Security:  [PASS/FAIL] (CVE findings: N)
+Diff:      [X files changed]
+Overall:   [READY / NOT READY]
+Issues to Fix:
+1. ...
+2. ...
+```
+## Continuous Mode
+- Re-run phases on significant changes or every 30–60 minutes in long sessions
+- Keep a short loop: `mvn -T 4 test` + spotbugs for quick feedback
+**Remember**: Fast feedback beats late surprises. Keep the gate strict—treat warnings as defects in production systems.