npm - @kood/claude-code - Versions diffs - 0.1.0 - Mend

@kood/claude-code 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (78) hide show

package/templates/tanstack-start/docs/mcp/sgrep.md ADDED Viewed

@@ -0,0 +1,174 @@
+# sgrep - 의미론적 코드 검색
+> 자연어로 코드베이스를 검색하는 로컬 시맨틱 검색 엔진
+---
+## 🚨 필수 사용 규칙
+```
+✅ 코드베이스 검색 시 기본 grep 대신 sgrep 사용
+✅ 자연어 쿼리로 코드 위치 파악
+✅ JSON 출력으로 결과 파싱
+❌ grep, rg 등 기존 검색 도구 사용 금지
+```
+---
+## 🚀 Quick Reference
+### 기본 검색
+```bash
+# 자연어로 코드 검색
+sgrep search "where do we handle authentication?"
+# 결과 수 제한
+sgrep search "user validation logic" -n 5
+# JSON 형식 출력
+sgrep search "database connection setup" --json
+# 전체 코드 청크 포함
+sgrep search "error handling patterns" -c
+```
+### 인덱싱
+```bash
+# 인덱스 강제 재구성
+sgrep index --force
+# 파일시스템 감시 (실시간 업데이트)
+sgrep watch . --debounce-ms 200
+```
+### 설정
+```bash
+# 기본 설정 초기화
+sgrep config --init
+```
+---
+## 주요 기능
+### 벡터 + 그래프 검색
+```
+장점:
+- 밀집 벡터 임베딩으로 의미 기반 검색
+- 구조적 코드 그래프 분석
+- 자연어 쿼리 지원
+- 정확한 코드 위치 파악
+```
+### 로컬 처리
+```
+특징:
+- 모든 처리가 로컬에서 수행
+- 프라이버시 보장
+- 외부 API 호출 없음
+- 오프라인 사용 가능
+```
+### 에이전트 친화적
+```
+통합:
+- 안정적인 CLI 인터페이스
+- JSON 출력 지원
+- Claude Code 플러그인 호환
+- 자동화 스크립트 연동
+```
+---
+## 사용 예시
+### 예시 1: 인증 로직 찾기
+```bash
+sgrep search "authentication middleware implementation"
+# 결과:
+# src/middleware/auth.ts:15 - authMiddleware function
+# src/functions/auth.ts:8 - session validation
+```
+### 예시 2: 에러 핸들링 패턴
+```bash
+sgrep search "how are API errors handled" --json
+# JSON 결과로 파싱하여 분석
+```
+### 예시 3: 데이터베이스 쿼리
+```bash
+sgrep search "user data fetching with prisma" -c
+# 전체 코드 블록 포함하여 컨텍스트 파악
+```
+---
+## 옵션 요약
+| 옵션 | 설명 | 기본값 |
+|------|------|--------|
+| `-n, --limit` | 반환 결과 수 | 10 |
+| `-c, --context` | 전체 청크 내용 포함 | false |
+| `--json` | JSON 형식 출력 | false |
+| `--force` | 인덱스 강제 재구성 | false |
+---
+## Sequential Thinking과 함께 사용
+```
+복잡한 코드 분석 시:
+1. sgrep로 관련 코드 위치 파악
+   ↓
+2. Sequential Thinking으로 코드 흐름 분석
+   ↓
+3. Context7로 라이브러리 API 확인
+   ↓
+4. 수정 구현
+```
+---
+## 설치
+### Claude Code Plugin 설치 (권장)
+```bash
+# Plugin 추가
+/plugin marketplace add rika-labs/sgrep
+# 설치
+/plugin install sgrep
+```
+### 수동 설치
+```bash
+# 간편 설치
+curl -fsSL https://raw.githubusercontent.com/rika-labs/sgrep/main/scripts/install.sh | sh
+# Cargo로 설치
+cargo install --path .
+```
+---
+## 참고
+- [sgrep GitHub](https://github.com/Rika-Labs/sgrep)
+- 로컬 처리로 프라이버시 보장
+- 자연어 쿼리로 직관적 검색

package/templates/tanstack-start/docs/skills/gemini-review/SKILL.md ADDED Viewed

@@ -0,0 +1,220 @@
+---
+name: gemini-review
+description: This skill orchestrates code review and plan validation using Google Gemini CLI. It should be used when users want to validate implementation plans, review completed code, or discuss architecture decisions with Gemini as a second opinion. Supports FastAPI, Next.js, and general tech stacks with specialized checklists. Uses gemini-3-pro-preview model with free tier (60 req/min, 1000 req/day).
+---
+# Gemini Review Skill
+## Overview
+This skill enables a dual-AI review workflow where Claude prepares context and Gemini provides independent validation. The output always includes both Gemini's raw feedback and Claude's synthesized action plan.
+**Model**: `gemini-3-pro-preview` (fixed)
+**Cost**: Free tier (60 requests/min, 1000 requests/day)
+## When to Use
+- Validating implementation plans before coding
+- Reviewing completed code for bugs, security, and best practices
+- Discussing architecture decisions with a second AI perspective
+- Getting specialized feedback for FastAPI or Next.js projects
+## Workflow Types
+| Type | Purpose | When to Use |
+|------|---------|-------------|
+| **plan** | Validate implementation plan | Before starting development |
+| **code** | Review completed code | After implementing features |
+| **architecture** | Discuss system design | During design phase or refactoring |
+## Execution Process
+### Step 1: Gather Context from User
+Before executing, collect:
+1. **Review type**: `plan`, `code`, or `architecture`
+2. **Tech stack** (optional): `fastapi`, `nextjs`, or `general`
+3. **Content to review**: The actual plan, code, or architecture description
+### Step 2: Load Appropriate Checklist
+Based on tech stack, load the corresponding checklist from `references/checklists.md`:
+- FastAPI: API design, Pydantic models, async patterns, security
+- Next.js: SSR/SSG, routing, state management, performance
+- General: Universal best practices
+### Step 3: Build and Execute Gemini Command
+Load the appropriate prompt template from `references/prompt-templates.md` and execute:
+**For inline prompts:**
+```bash
+gemini -m gemini-3-pro-preview -p "{constructed_prompt}" --output-format json
+```
+**For file content review:**
+```bash
+cat {file_path} | gemini -m gemini-3-pro-preview -p "{review_instructions}" --output-format json
+```
+**For multi-line prompts (heredoc):**
+```bash
+gemini -m gemini-3-pro-preview --output-format json -p "$(cat << 'EOF'
+{constructed_prompt}
+EOF
+)"
+```
+### Step 4: Parse JSON Response
+Gemini returns JSON with this structure:
+```json
+{
+  "response": "The actual review content",
+  "stats": {
+    "models": { ... },
+    "tools": { ... }
+  }
+}
+```
+Extract the review content from the `response` field. Use `jq` for parsing:
+```bash
+result=$(gemini -m gemini-3-pro-preview -p "..." --output-format json)
+echo "$result" | jq -r '.response'
+```
+### Step 5: Present Results in Two Sections
+**CRITICAL**: Always present results in two clearly separated sections:
+#### Section A: Gemini Raw Response
+Present Gemini's complete response without modification. This shows the user exactly what Gemini found.
+#### Section B: Claude's Analysis & Action Plan
+Based on Gemini's feedback, Claude provides:
+1. **Summary** (2-3 sentences)
+   - Key findings
+   - Overall assessment
+2. **Action Items** (prioritized list)
+   - 🔴 Critical: Must fix before proceeding
+   - 🟡 Important: Should address soon
+   - 🟢 Minor: Nice to have improvements
+3. **Ready-to-Apply Code** (when applicable)
+   - Provide actual code fixes for each issue
+   - Include before/after comparison when helpful
+## Output Format Template
+```markdown
+---
+## 📋 Gemini Review Results
+### A. Gemini Response (Raw)
+{gemini_response_verbatim}
+---
+### B. Claude's Analysis
+#### Summary
+{2-3 sentence overview}
+#### Action Items
+🔴 **Critical**
+- Issue: {description}
+- Fix: {solution}
+🟡 **Important**
+- Issue: {description}
+- Fix: {solution}
+🟢 **Minor**
+- Issue: {description}
+- Fix: {solution}
+#### Ready-to-Apply Code
+**{issue_name}**
+```{language}
+{fixed_code}
+```
+---
+```
+## Command Examples
+### Plan Review
+```bash
+gemini -m gemini-3-pro-preview --output-format json -p "$(cat << 'EOF'
+[PLAN REVIEW REQUEST]
+Review this implementation plan for completeness and potential issues:
+{plan_content}
+Check for: Logic errors, missing edge cases, architecture flaws, security concerns.
+Provide specific, actionable feedback.
+EOF
+)"
+```
+### Code Review (piping file)
+```bash
+cat src/api/auth.py | gemini -m gemini-3-pro-preview -p "Review this FastAPI authentication code for security issues, bugs, and best practices. Provide specific line-by-line feedback." --output-format json
+```
+### Architecture Review
+```bash
+gemini -m gemini-3-pro-preview --output-format json -p "$(cat << 'EOF'
+[ARCHITECTURE REVIEW]
+System: {system_name}
+Tech Stack: FastAPI + Next.js + AWS
+{architecture_description}
+Evaluate: Scalability, reliability, maintainability, security, cost efficiency.
+Suggest improvements with trade-off analysis.
+EOF
+)"
+```
+## Environment Compatibility
+| Environment | Execution Method |
+|-------------|------------------|
+| Claude Code | Direct bash execution |
+| Claude (Web/Desktop) | Use `bash_tool` |
+Command syntax remains identical across environments.
+## Error Handling
+If Gemini returns an error:
+1. Display the error message to user
+2. Check for common issues:
+   - Quota exceeded (60/min or 1000/day limit)
+   - Network connectivity
+   - Invalid prompt format
+3. Suggest retry or alternative approach
+## Quota Management
+Free tier limits:
+- 60 requests per minute
+- 1000 requests per day
+To conserve quota:
+- Combine related reviews into single prompts
+- Use specific, focused review requests
+- Avoid redundant re-reviews
+## References
+- `references/checklists.md`: Tech stack-specific review checklists
+- `references/prompt-templates.md`: Prompt templates for each review type

package/templates/tanstack-start/docs/skills/gemini-review/references/checklists.md ADDED Viewed

@@ -0,0 +1,150 @@
+# Review Checklists by Tech Stack
+## FastAPI Checklist
+### API Design
+- [ ] RESTful conventions followed (proper HTTP methods, status codes)
+- [ ] Consistent URL naming (kebab-case, plural nouns)
+- [ ] Proper use of path vs query parameters
+- [ ] API versioning strategy (if applicable)
+- [ ] Response model consistency across endpoints
+### Pydantic Models
+- [ ] Field validation with appropriate constraints (min, max, regex)
+- [ ] Optional vs required fields correctly defined
+- [ ] Proper use of `Field()` for metadata and examples
+- [ ] Config class settings (orm_mode, validate_assignment)
+- [ ] Custom validators where needed
+### Async Patterns
+- [ ] Async/await used consistently
+- [ ] No blocking I/O in async functions
+- [ ] Proper use of `asyncio.gather()` for concurrent operations
+- [ ] Background tasks for long-running operations
+- [ ] Connection pooling for databases
+### Security
+- [ ] Authentication implemented (OAuth2, JWT, API keys)
+- [ ] Authorization checks on protected endpoints
+- [ ] Input sanitization and validation
+- [ ] CORS configuration appropriate for use case
+- [ ] Rate limiting consideration
+- [ ] Secrets not hardcoded
+### Error Handling
+- [ ] Custom exception handlers defined
+- [ ] Consistent error response format
+- [ ] Proper HTTP status codes for errors
+- [ ] Sensitive information not leaked in errors
+### Performance
+- [ ] Database queries optimized (N+1 problem avoided)
+- [ ] Pagination for list endpoints
+- [ ] Caching strategy where appropriate
+- [ ] Response model excludes unnecessary fields
+### Testing
+- [ ] Test client setup with TestClient
+- [ ] Dependency overrides for mocking
+- [ ] Coverage of happy path and edge cases
+---
+## Next.js Checklist
+### Rendering Strategy
+- [ ] Appropriate use of SSR vs SSG vs ISR vs CSR
+- [ ] `getStaticProps` for static content
+- [ ] `getServerSideProps` only when necessary
+- [ ] ISR with proper revalidation intervals
+- [ ] Client-side fetching for user-specific data
+### Routing
+- [ ] File-based routing structure organized
+- [ ] Dynamic routes properly parameterized
+- [ ] Catch-all routes used appropriately
+- [ ] Route groups for organization (App Router)
+- [ ] Parallel routes if needed
+### Data Fetching
+- [ ] SWR or React Query for client-side
+- [ ] Proper loading and error states
+- [ ] Optimistic updates where appropriate
+- [ ] Cache invalidation strategy
+### State Management
+- [ ] Server state vs client state separated
+- [ ] Zustand/Jotai for simple state
+- [ ] Context used sparingly
+- [ ] State lifted appropriately
+### Performance
+- [ ] Image optimization with next/image
+- [ ] Font optimization with next/font
+- [ ] Code splitting and lazy loading
+- [ ] Bundle size monitored
+- [ ] Core Web Vitals considered
+### SEO
+- [ ] Metadata properly configured
+- [ ] Open Graph tags present
+- [ ] Structured data where appropriate
+- [ ] Sitemap generation
+- [ ] robots.txt configured
+### Security
+- [ ] API routes protected
+- [ ] Environment variables properly used
+- [ ] CSRF protection if needed
+- [ ] Content Security Policy headers
+### TypeScript
+- [ ] Strict mode enabled
+- [ ] Props interfaces defined
+- [ ] API response types defined
+- [ ] No `any` types without justification
+---
+## General Checklist
+### Code Quality
+- [ ] Single responsibility principle followed
+- [ ] DRY - no unnecessary duplication
+- [ ] Functions/methods are focused and small
+- [ ] Clear naming conventions
+- [ ] Comments explain "why", not "what"
+### Logic & Correctness
+- [ ] Edge cases handled (empty, null, boundary values)
+- [ ] Error handling comprehensive
+- [ ] Race conditions considered
+- [ ] Input validation present
+- [ ] Return values checked
+### Security
+- [ ] No hardcoded secrets
+- [ ] User input sanitized
+- [ ] SQL injection prevented (parameterized queries)
+- [ ] XSS prevention measures
+- [ ] Authentication/authorization proper
+### Performance
+- [ ] Time complexity acceptable for scale
+- [ ] Space complexity reasonable
+- [ ] No unnecessary loops or iterations
+- [ ] Database queries optimized
+- [ ] Caching considered where appropriate
+### Maintainability
+- [ ] Code is testable
+- [ ] Dependencies minimal and justified
+- [ ] Configuration externalized
+- [ ] Logging present for debugging
+- [ ] Error messages helpful
+### Documentation
+- [ ] Public APIs documented
+- [ ] Complex logic explained
+- [ ] Setup instructions clear
+- [ ] Environment variables documented