@paulduvall/claude-dev-toolkit 0.0.1-alpha.13 → 0.0.1-alpha.15

package/README.md

@@ -1,6 +1,6 @@
 # Claude Dev Toolkit
 
-**Transform Claude Code into a complete development platform** with 58 AI-powered custom commands that automate your entire software development workflow.
+**Transform Claude Code into a complete development platform** with 62 AI-powered custom commands that automate your entire software development workflow.
 
 ## 🚀 Quick Installation
 
@@ -15,8 +15,8 @@ claude
 
 ## 📦 What's Included
 
-- **13 Active Commands**: Production-ready commands for immediate use
-- **45 Experimental Commands**: Cutting-edge features for early adopters  
+- **16 Active Commands**: Production-ready commands for immediate use
+- **46 Experimental Commands**: Cutting-edge features for early adopters  
 - **Security Hooks**: Automated security validation and governance
 - **Configuration Templates**: Pre-configured settings for different workflows
 - **Interactive Setup Wizard**: Guided installation with customization options
@@ -33,9 +33,9 @@ npm install -g @paulduvall/claude-dev-toolkit
 ### Option 2: Manual Command Installation
 ```bash
 # Install specific command sets
-claude-commands install --active        # Install 13 production commands
-claude-commands install --experiments  # Install 45 experimental commands  
-claude-commands install --all           # Install all 58 commands
+claude-commands install --active        # Install 16 production commands
+claude-commands install --experiments  # Install 46 experimental commands
+claude-commands install --all           # Install all 62 commands
 ```
 
 ### Option 3: Custom Installation
@@ -68,7 +68,7 @@ claude-commands oidc --help             # Configure GitHub Actions OIDC with AWS
 - **`/xconfig`** - Configuration management
 - **`/xtdd`** - Test-driven development automation
 
-### 🧪 **Experimental Commands** (45 Additional)
+### 🧪 **Experimental Commands** (46 Additional)
 Advanced commands for specialized workflows:
 - **Planning & Analytics**: `/xplanning`, `/xanalytics`, `/xmetrics`
 - **Infrastructure**: `/xinfra`, `/xmonitoring`, `/xaws`
@@ -271,7 +271,7 @@ npm test
 - ✅ **Dependency Validation**: AWS CLI, Git, and GitHub CLI availability checking
 
 ### Version 0.0.1-alpha.8
-- ✅ **Documentation Consistency**: Fixed command counts (58) and subagent counts (26)
+- ✅ **Documentation Consistency**: Fixed command counts and subagent counts
 - ✅ **Test Infrastructure**: Enhanced test-results directory handling
 - ✅ **Repository Cleanup**: Removed outdated documentation and test artifacts
 - ✅ **Validation Logic**: Improved scenario-aware test validation
@@ -289,7 +289,7 @@ npm test
 - ✅ **JavaScript Migration**: Complete test suite migration from Python
 - ✅ **Enhanced Templates**: Fixed configuration template issues
 - ✅ **Test Suites**: Package structure and command validation
-- ✅ **58 Total Commands**: 13 active + 45 experimental commands
+- ✅ **62 Total Commands**: 16 active + 46 experimental commands
 - ✅ **Security Enhancements**: Comprehensive security hook system
 
 ## 📄 License

package/hooks/lib/argument-parser.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _ARGUMENT_PARSER_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/error-handler.sh"
 

package/hooks/lib/context-manager.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _CONTEXT_MANAGER_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/file-utils.sh"
 source "$SCRIPT_DIR/error-handler.sh"

package/hooks/lib/error-handler.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _ERROR_HANDLER_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/file-utils.sh"
 
@@ -40,7 +40,7 @@ log_message() {
 
 log_info() {
     local message="$1"
-    log_message "INFO" "$message"
+    log_message "INFO" "$message" >&2
 }
 
 log_warning() {

package/hooks/lib/execution-engine.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _EXECUTION_ENGINE_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/file-utils.sh"
 source "$SCRIPT_DIR/error-handler.sh"

package/hooks/lib/execution-results.sh

@@ -12,7 +12,7 @@ set -uo pipefail
 _EXECUTION_RESULTS_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/file-utils.sh"
 source "$SCRIPT_DIR/error-handler.sh"

package/hooks/lib/execution-simulation.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _EXECUTION_SIMULATION_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/file-utils.sh"
 source "$SCRIPT_DIR/error-handler.sh"

package/hooks/lib/field-validators.sh

@@ -12,7 +12,7 @@ set -uo pipefail
 _FIELD_VALIDATORS_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/error-handler.sh"
 

package/hooks/lib/file-utils.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _FILE_UTILS_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 
 ##################################

package/hooks/lib/subagent-discovery.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _SUBAGENT_DISCOVERY_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/file-utils.sh"
 source "$SCRIPT_DIR/error-handler.sh"

package/hooks/lib/subagent-validator.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _SUBAGENT_VALIDATOR_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/file-utils.sh"
 source "$SCRIPT_DIR/error-handler.sh"

package/hooks/lib/validation-reporter.sh

@@ -12,7 +12,7 @@ set -uo pipefail
 _VALIDATION_REPORTER_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/error-handler.sh"
 

package/hooks/pre-commit-test-runner.sh

@@ -51,7 +51,7 @@ is_commit_command() {
 # Framework Detection
 ##################################
 detect_framework() {
-    if [[ -f "pytest.ini" ]] || [[ -f "pyproject.toml" ]] && grep -q '\[tool.pytest' pyproject.toml 2>/dev/null; then
+    if [[ -f "pytest.ini" ]] || { [[ -f "pyproject.toml" ]] && grep -q '\[tool.pytest' pyproject.toml 2>/dev/null; }; then
         echo "pytest"
     elif [[ -f "package.json" ]] && grep -q '"test"' package.json 2>/dev/null; then
         if grep -qE '"(jest|vitest)' package.json 2>/dev/null; then

package/hooks/prevent-credential-exposure.sh

@@ -134,27 +134,31 @@ scan_file_content() {
         return 0
     fi
     
-    log "Scanning file: $file_path"
-    
+    # Redirect log output to stderr so it doesn't pollute stdout
+    # (callers capture stdout via command substitution for the violation count)
+    log "Scanning file: $file_path" >&2
+
     # Check each credential pattern
     for pattern_name in "${!CREDENTIAL_PATTERNS[@]}"; do
         local pattern="${CREDENTIAL_PATTERNS[$pattern_name]}"
-        
-        if echo "$content" | grep -qiP "$pattern"; then
-            log_violation "$pattern_name detected in $file_path"
+
+        if echo "$content" | grep -qiP -e "$pattern"; then
+            log_violation "$pattern_name detected in $file_path" >&2
             violations+=("$pattern_name")
-            
+
             # Extract the matched content for logging (but redact it)
-            local matched_line=$(echo "$content" | grep -iP "$pattern" | head -1)
-            local redacted_line=$(echo "$matched_line" | sed 's/[a-zA-Z0-9+/=]\{10,\}/[REDACTED]/g')
-            
-            log_violation "Pattern: $pattern_name, Line: $redacted_line"
-            
+            local matched_line
+            matched_line=$(echo "$content" | grep -iP -e "$pattern" | head -1)
+            local redacted_line
+            redacted_line=$(echo "$matched_line" | sed 's/[a-zA-Z0-9+/=]\{10,\}/[REDACTED]/g')
+
+            log_violation "Pattern: $pattern_name, Line: $redacted_line" >&2
+
             # Notify security team
             notify_security_team "$pattern_name" "$file_path" "$redacted_line"
         fi
     done
-    
+
     # Return violation count
     echo "${#violations[@]}"
 }
@@ -165,13 +169,13 @@ check_environment_leakage() {
     
     # Check for environment variable exposure patterns
     if echo "$content" | grep -qiP 'process\.env\.[A-Z_]*(?:KEY|SECRET|PASSWORD|TOKEN)'; then
-        log_violation "Environment variable credential exposure detected"
+        log_violation "Environment variable credential exposure detected" >&2
         ((violations++))
     fi
-    
+
     # Check for hardcoded production URLs with credentials
     if echo "$content" | grep -qiP 'https?://[^:]+:[^@]+@[^/]+'; then
-        log_violation "URL with embedded credentials detected"
+        log_violation "URL with embedded credentials detected" >&2
         ((violations++))
     fi
     

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@paulduvall/claude-dev-toolkit",
-  "version": "0.0.1-alpha.13",
+  "version": "0.0.1-alpha.15",
   "description": "Custom commands toolkit for Claude Code - streamline your development workflow",
   "author": "Paul Duvall",
   "license": "MIT",

package/subagents/debug-specialist.md

@@ -1,4 +1,5 @@
 ---
+name: debug-specialist
 description: "Specialized debugging assistant with expertise in root cause analysis, error interpretation, and systematic troubleshooting"
 tags: ["debugging", "error-analysis", "troubleshooting", "performance"]
 tools: ["Read", "Bash", "Grep", "Edit", "Glob"]

package/templates/basic-settings.json

@@ -1,22 +1,14 @@
 {
-  "// Basic Claude Code settings.json template": "Copy to ~/.claude/settings.json",
-  "// Based on official Claude Code documentation": "https://docs.anthropic.com/en/docs/claude-code/settings",
-  
-  "// Core tool permissions (replaces invalid 'allowedTools')": "",
   "permissions": {
     "allow": [
-      "Edit(*)",
       "Bash(*)",
       "Read(*)",
+      "Edit(*)",
       "Write(*)",
-      "MultiEdit(*)",
       "Glob(*)",
-      "Grep(*)",
-      "LS(*)"
+      "Grep(*)"
     ]
   },
-  
-  "// Basic hooks configuration": "",
   "hooks": {
     "PreToolUse": [
       {
@@ -30,15 +22,9 @@
       }
     ]
   },
-  
-  "// Standard Claude Code environment variables": "",
   "env": {
     "DISABLE_TELEMETRY": "1"
   },
-  
-  "// Optional: Include Claude co-authorship in git commits": "",
   "includeCoAuthoredBy": true,
-  
-  "// Optional: Custom retention for chat transcripts (days)": "",
   "cleanupPeriodDays": 30
-}
+}

package/templates/comprehensive-settings.json

@@ -1,25 +1,15 @@
 {
-  "// Comprehensive Claude Code settings.json template": "Copy to ~/.claude/settings.json",
-  "// Based on official Claude Code documentation": "https://docs.anthropic.com/en/docs/claude-code/settings",
-  "// Includes all advanced features and hook events": "",
-  
-  "// Comprehensive tool permissions": "",
   "permissions": {
     "allow": [
-      "Edit(*)",
       "Bash(*)",
       "Read(*)",
+      "Edit(*)",
       "Write(*)",
-      "MultiEdit(*)",
       "Glob(*)",
       "Grep(*)",
-      "LS(*)",
-      "Task(*)",
       "WebFetch(*)",
       "WebSearch(*)",
-      "NotebookEdit(*)",
-      "BashOutput(*)",
-      "KillBash(*)"
+      "NotebookEdit(*)"
     ],
     "ask": [
       "Bash(sudo *)",
@@ -34,12 +24,10 @@
       "Edit(/etc/passwd)"
     ]
   },
-  
-  "// Comprehensive hooks covering all supported events": "",
   "hooks": {
     "PreToolUse": [
       {
-        "matcher": "Edit|Write|MultiEdit",
+        "matcher": "Edit|Write",
         "hooks": [
           {
             "type": "command",
@@ -63,41 +51,12 @@
     ],
     "PostToolUse": []
   },
-  
-  "// Standard Claude Code environment variables": "",
   "env": {
-    "// DO NOT commit real API keys. Set via: export ANTHROPIC_API_KEY=sk-ant-...": "",
-    "ANTHROPIC_API_KEY": "${ANTHROPIC_API_KEY}",
     "DISABLE_TELEMETRY": "1",
-    "ANTHROPIC_LOG": "info",
-    "CLAUDE_PROJECT_DIR": "."
+    "ANTHROPIC_LOG": "info"
   },
-  
-  "// Advanced Claude Code configuration": "",
   "includeCoAuthoredBy": true,
   "cleanupPeriodDays": 30,
-  "// Model options: claude-sonnet-4-6 (default), claude-opus-4-6 (most capable), claude-haiku-4-5-20251001 (fastest)": "",
   "model": "claude-sonnet-4-6",
-  
-  "// MCP server configuration": "",
-  "enableAllProjectMcpServers": false,
-  "enabledMcpjsonServers": [
-    "approved-server-1",
-    "approved-server-2"
-  ],
-  "disabledMcpjsonServers": [
-    "blocked-server-1"
-  ],
-  
-  "// Optional: Custom API key helper script": "",
-  "apiKeyHelper": "~/.claude/scripts/get-api-key.sh",
-  
-  "// Optional: Force specific login method": "",
-  "forceLoginMethod": "api-key",
-  
-  "// Optional: Custom status line configuration": "",
-  "statusLine": {
-    "enabled": true,
-    "format": "Claude Code - Project: {project} | Model: {model} | Tools: {tools_count}"
-  }
-}
+  "enableAllProjectMcpServers": false
+}

package/templates/security-focused-settings.json

@@ -1,9 +1,4 @@
 {
-  "// Security-focused Claude Code settings.json template": "Copy to ~/.claude/settings.json",
-  "// Based on official Claude Code documentation": "https://docs.anthropic.com/en/docs/claude-code/settings",
-  "// Includes comprehensive security controls and governance": "",
-  
-  "// Restrictive tool permissions for security": "",
   "permissions": {
     "allow": [
       "Read(*)",
@@ -16,7 +11,8 @@
       "Bash(npm run *)",
       "Bash(python -m *)",
       "Bash(node *)",
-      "MultiEdit(*)"
+      "Glob(*)",
+      "Grep(*)"
     ],
     "deny": [
       "Bash(curl *)",
@@ -35,12 +31,10 @@
       "Read(~/.ssh/id_*)"
     ]
   },
-  
-  "// Comprehensive security hooks": "",
   "hooks": {
     "PreToolUse": [
       {
-        "matcher": "Edit|Write|MultiEdit",
+        "matcher": "Edit|Write",
         "hooks": [
           {
             "type": "command",
@@ -63,17 +57,11 @@
       }
     ]
   },
-  
-  "// Standard Claude Code environment variables": "",
   "env": {
     "DISABLE_TELEMETRY": "1",
     "ANTHROPIC_LOG": "error"
   },
-  
-  "// Security-focused settings": "",
   "includeCoAuthoredBy": false,
   "cleanupPeriodDays": 7,
-  
-  "// Disable auto-approval of MCP servers for security": "",
   "enableAllProjectMcpServers": false
-}
+}