@kood/claude-code 0.1.0

package/templates/hono/docs/mcp/sgrep.md

@@ -0,0 +1,105 @@
+# sgrep - Semantic Grep
+
+> AST 기반 시맨틱 코드 검색 도구
+
+---
+
+## ⛔ 필수 규칙
+
+```
+❌ grep, rg 등 기본 검색 도구 사용 금지
+❌ find 명령어로 코드 검색 금지
+✅ 코드베이스 검색 시 sgrep 사용 필수
+```
+
+---
+
+## 개요
+
+sgrep는 단순 텍스트 매칭이 아닌 AST(Abstract Syntax Tree) 기반의 시맨틱 검색을 수행합니다.
+
+### grep vs sgrep
+
+| 기능 | grep | sgrep |
+|------|------|-------|
+| 검색 방식 | 텍스트 매칭 | AST 기반 |
+| 코드 구조 인식 | ❌ | ✅ |
+| 언어별 최적화 | ❌ | ✅ |
+| False positive | 많음 | 적음 |
+
+---
+
+## 사용 시점
+
+### ✅ sgrep 사용
+- 함수 정의 찾기
+- 클래스 사용처 검색
+- 특정 패턴의 코드 찾기
+- import 문 검색
+- API 엔드포인트 검색
+
+### 예시 상황
+```
+"prisma.user.create 사용처를 찾아줘" → sgrep 사용
+"authMiddleware가 어디서 쓰이는지 찾아줘" → sgrep 사용
+"HTTPException을 throw하는 곳을 찾아줘" → sgrep 사용
+```
+
+---
+
+## 장점
+
+### 1. 정확한 코드 구조 인식
+```typescript
+// 주석 안의 function은 무시
+// function test() {}
+
+// 실제 함수만 찾음
+function test() {}
+```
+
+### 2. 언어별 최적화
+- TypeScript/JavaScript
+- Python
+- Go
+- 기타 주요 언어
+
+### 3. 패턴 매칭
+- 함수 호출 패턴
+- 클래스 정의 패턴
+- import/export 패턴
+
+---
+
+## 설치
+
+### Claude Code Plugin 설치 (권장)
+
+```bash
+# Plugin 추가
+/plugin marketplace add rika-labs/sgrep
+
+# 설치
+/plugin install sgrep
+```
+
+### 사용법
+
+```bash
+# 인증 처리 코드 찾기
+sgrep search for where we handle authentication
+
+# API 엔드포인트 검색
+sgrep search API routes definition
+
+# 에러 핸들링 패턴
+sgrep search error handling with HTTPException
+```
+
+---
+
+## 관련 문서
+
+- [MCP 개요](./index.md)
+- [Sequential Thinking](./sequential-thinking.md)
+- [Context7](./context7.md)

package/templates/hono/docs/skills/gemini-review/SKILL.md

@@ -0,0 +1,220 @@
+---
+name: gemini-review
+description: This skill orchestrates code review and plan validation using Google Gemini CLI. It should be used when users want to validate implementation plans, review completed code, or discuss architecture decisions with Gemini as a second opinion. Supports Hono, Cloudflare Workers, and general tech stacks with specialized checklists. Uses gemini-3-pro-preview model with free tier (60 req/min, 1000 req/day).
+---
+
+# Gemini Review Skill
+
+## Overview
+
+This skill enables a dual-AI review workflow where Claude prepares context and Gemini provides independent validation. The output always includes both Gemini's raw feedback and Claude's synthesized action plan.
+
+**Model**: `gemini-3-pro-preview` (fixed)
+**Cost**: Free tier (60 requests/min, 1000 requests/day)
+
+## When to Use
+
+- Validating implementation plans before coding
+- Reviewing completed code for bugs, security, and best practices
+- Discussing architecture decisions with a second AI perspective
+- Getting specialized feedback for Hono or Cloudflare Workers projects
+
+## Workflow Types
+
+| Type | Purpose | When to Use |
+|------|---------|-------------|
+| **plan** | Validate implementation plan | Before starting development |
+| **code** | Review completed code | After implementing features |
+| **architecture** | Discuss system design | During design phase or refactoring |
+
+## Execution Process
+
+### Step 1: Gather Context from User
+
+Before executing, collect:
+1. **Review type**: `plan`, `code`, or `architecture`
+2. **Tech stack** (optional): `hono`, `cloudflare`, or `general`
+3. **Content to review**: The actual plan, code, or architecture description
+
+### Step 2: Load Appropriate Checklist
+
+Based on tech stack, load the corresponding checklist from `references/checklists.md`:
+- Hono: API design, middleware patterns, validation, error handling
+- Cloudflare: Workers, KV, D1, R2, edge runtime considerations
+- General: Universal best practices
+
+### Step 3: Build and Execute Gemini Command
+
+Load the appropriate prompt template from `references/prompt-templates.md` and execute:
+
+**For inline prompts:**
+```bash
+gemini -m gemini-3-pro-preview -p "{constructed_prompt}" --output-format json
+```
+
+**For file content review:**
+```bash
+cat {file_path} | gemini -m gemini-3-pro-preview -p "{review_instructions}" --output-format json
+```
+
+**For multi-line prompts (heredoc):**
+```bash
+gemini -m gemini-3-pro-preview --output-format json -p "$(cat << 'EOF'
+{constructed_prompt}
+EOF
+)"
+```
+
+### Step 4: Parse JSON Response
+
+Gemini returns JSON with this structure:
+```json
+{
+  "response": "The actual review content",
+  "stats": {
+    "models": { ... },
+    "tools": { ... }
+  }
+}
+```
+
+Extract the review content from the `response` field. Use `jq` for parsing:
+```bash
+result=$(gemini -m gemini-3-pro-preview -p "..." --output-format json)
+echo "$result" | jq -r '.response'
+```
+
+### Step 5: Present Results in Two Sections
+
+**CRITICAL**: Always present results in two clearly separated sections:
+
+#### Section A: Gemini Raw Response
+Present Gemini's complete response without modification. This shows the user exactly what Gemini found.
+
+#### Section B: Claude's Analysis & Action Plan
+Based on Gemini's feedback, Claude provides:
+
+1. **Summary** (2-3 sentences)
+   - Key findings
+   - Overall assessment
+
+2. **Action Items** (prioritized list)
+   - 🔴 Critical: Must fix before proceeding
+   - 🟡 Important: Should address soon
+   - 🟢 Minor: Nice to have improvements
+
+3. **Ready-to-Apply Code** (when applicable)
+   - Provide actual code fixes for each issue
+   - Include before/after comparison when helpful
+
+## Output Format Template
+
+```markdown
+---
+## 📋 Gemini Review Results
+
+### A. Gemini Response (Raw)
+
+{gemini_response_verbatim}
+
+---
+
+### B. Claude's Analysis
+
+#### Summary
+{2-3 sentence overview}
+
+#### Action Items
+
+🔴 **Critical**
+- Issue: {description}
+- Fix: {solution}
+
+🟡 **Important**
+- Issue: {description}
+- Fix: {solution}
+
+🟢 **Minor**
+- Issue: {description}
+- Fix: {solution}
+
+#### Ready-to-Apply Code
+
+**{issue_name}**
+```{language}
+{fixed_code}
+```
+
+---
+```
+
+## Command Examples
+
+### Plan Review
+```bash
+gemini -m gemini-3-pro-preview --output-format json -p "$(cat << 'EOF'
+[PLAN REVIEW REQUEST]
+Review this implementation plan for completeness and potential issues:
+
+{plan_content}
+
+Check for: Logic errors, missing edge cases, architecture flaws, security concerns.
+Provide specific, actionable feedback.
+EOF
+)"
+```
+
+### Code Review (piping file)
+```bash
+cat src/routes/auth.ts | gemini -m gemini-3-pro-preview -p "Review this Hono authentication code for security issues, bugs, and best practices. Provide specific line-by-line feedback." --output-format json
+```
+
+### Architecture Review
+```bash
+gemini -m gemini-3-pro-preview --output-format json -p "$(cat << 'EOF'
+[ARCHITECTURE REVIEW]
+System: {system_name}
+Tech Stack: Hono + Cloudflare Workers + D1
+
+{architecture_description}
+
+Evaluate: Scalability, reliability, maintainability, security, cost efficiency.
+Suggest improvements with trade-off analysis.
+EOF
+)"
+```
+
+## Environment Compatibility
+
+| Environment | Execution Method |
+|-------------|------------------|
+| Claude Code | Direct bash execution |
+| Claude (Web/Desktop) | Use `bash_tool` |
+
+Command syntax remains identical across environments.
+
+## Error Handling
+
+If Gemini returns an error:
+1. Display the error message to user
+2. Check for common issues:
+   - Quota exceeded (60/min or 1000/day limit)
+   - Network connectivity
+   - Invalid prompt format
+3. Suggest retry or alternative approach
+
+## Quota Management
+
+Free tier limits:
+- 60 requests per minute
+- 1000 requests per day
+
+To conserve quota:
+- Combine related reviews into single prompts
+- Use specific, focused review requests
+- Avoid redundant re-reviews
+
+## References
+
+- `references/checklists.md`: Tech stack-specific review checklists
+- `references/prompt-templates.md`: Prompt templates for each review type

package/templates/hono/docs/skills/gemini-review/references/checklists.md

@@ -0,0 +1,136 @@
+# Review Checklists by Tech Stack
+
+## Hono Checklist
+
+### API Design
+- [ ] RESTful conventions followed (proper HTTP methods, status codes)
+- [ ] Consistent URL naming (kebab-case, plural nouns)
+- [ ] Proper use of path vs query parameters
+- [ ] Response format consistency (c.json, c.text, c.html)
+- [ ] Appropriate use of c.notFound() and error responses
+
+### Middleware
+- [ ] Middleware order is correct (auth before route handlers)
+- [ ] createMiddleware used for typed middleware
+- [ ] Middleware properly passes control with next()
+- [ ] Built-in middleware configured correctly (cors, logger, etc.)
+- [ ] Custom middleware is reusable and testable
+
+### Validation (zValidator)
+- [ ] All POST/PUT/PATCH routes have zValidator
+- [ ] Validation targets correct: json, query, param, header, form
+- [ ] Zod v4 syntax used (z.email(), z.url())
+- [ ] Custom error handling in zValidator callback
+- [ ] Schema reuse across related endpoints
+
+### Error Handling
+- [ ] HTTPException used for HTTP errors
+- [ ] Global onError handler configured
+- [ ] Error responses have consistent format
+- [ ] Sensitive information not leaked in errors
+- [ ] Custom error classes for business logic errors
+
+### Type Safety
+- [ ] Bindings type defined for environment variables
+- [ ] Variables type defined for request context
+- [ ] c.env and c.var properly typed
+- [ ] RPC types exported (AppType)
+- [ ] InferRequestType/InferResponseType used in clients
+
+### Security
+- [ ] Authentication middleware on protected routes
+- [ ] Bearer token or JWT validation implemented
+- [ ] CORS configured appropriately
+- [ ] Rate limiting considered
+- [ ] Secrets accessed via c.env, not hardcoded
+
+---
+
+## Cloudflare Workers Checklist
+
+### Bindings Configuration
+- [ ] wrangler.toml properly configured
+- [ ] All bindings declared (KV, D1, R2, etc.)
+- [ ] Binding types match wrangler.toml
+- [ ] Environment variables set for secrets
+- [ ] compatibility_flags includes nodejs_compat if needed
+
+### KV Namespace
+- [ ] Keys are properly namespaced
+- [ ] TTL (expirationTtl) set where appropriate
+- [ ] Metadata used for additional key info
+- [ ] List operations use prefix and cursor for pagination
+- [ ] Error handling for KV operations
+
+### D1 Database
+- [ ] Prepared statements used (no string concatenation)
+- [ ] Batch operations for multiple queries
+- [ ] Error handling for database operations
+- [ ] Schema migrations managed properly
+- [ ] Indexes created for frequently queried columns
+
+### R2 Bucket
+- [ ] Content-Type set on uploads
+- [ ] Proper error handling for missing objects
+- [ ] Multipart uploads for large files
+- [ ] Custom metadata used appropriately
+- [ ] Access control configured
+
+### Edge Runtime
+- [ ] No Node.js-specific APIs used
+- [ ] Web APIs used (fetch, Request, Response)
+- [ ] Memory limits considered (<128MB)
+- [ ] CPU time limits considered (<30s)
+- [ ] Subrequests limit considered (<50)
+
+### Deployment
+- [ ] Environment-specific wrangler.toml sections
+- [ ] Secrets set via wrangler secret put
+- [ ] Preview deployments working
+- [ ] Production deployment tested
+- [ ] Rollback strategy in place
+
+---
+
+## General Checklist
+
+### Code Quality
+- [ ] Single responsibility principle followed
+- [ ] DRY - no unnecessary duplication
+- [ ] Functions/methods are focused and small
+- [ ] Clear naming conventions
+- [ ] Comments explain "why", not "what"
+
+### Logic & Correctness
+- [ ] Edge cases handled (empty, null, boundary values)
+- [ ] Error handling comprehensive
+- [ ] Race conditions considered
+- [ ] Input validation present
+- [ ] Return values checked
+
+### Security
+- [ ] No hardcoded secrets
+- [ ] User input sanitized
+- [ ] SQL injection prevented (parameterized queries)
+- [ ] XSS prevention measures
+- [ ] Authentication/authorization proper
+
+### Performance
+- [ ] Time complexity acceptable for scale
+- [ ] Space complexity reasonable
+- [ ] No unnecessary loops or iterations
+- [ ] Database queries optimized
+- [ ] Caching considered where appropriate
+
+### Maintainability
+- [ ] Code is testable
+- [ ] Dependencies minimal and justified
+- [ ] Configuration externalized
+- [ ] Logging present for debugging
+- [ ] Error messages helpful
+
+### Documentation
+- [ ] Public APIs documented
+- [ ] Complex logic explained
+- [ ] Setup instructions clear
+- [ ] Environment variables documented