npm - @pigcloud/skills - Versions diffs - 1.0.11 → 1.1.2 - Mend

@pigcloud/skills 1.0.11 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (298) hide show

package/CHANGELOG.md +25 -20
package/README.en.md +41 -75
package/README.md +26 -39
package/bin/cli.js +260 -151
package/bin/rules-loader.js +271 -484
package/codex-commands/README.md +25 -23
package/codex-commands/commands/analyze.md +21 -22
package/codex-commands/commands/build.md +22 -22
package/codex-commands/commands/design.md +21 -22
package/codex-commands/commands/distill.md +21 -21
package/codex-commands/commands/doc.md +21 -22
package/codex-commands/commands/infra.md +21 -21
package/codex-commands/commands/init.md +20 -20
package/codex-commands/commands/kb.md +21 -20
package/codex-commands/commands/perf.md +21 -21
package/codex-commands/commands/prd.md +21 -22
package/codex-commands/commands/review.md +21 -22
package/codex-commands/commands/security.md +21 -22
package/codex-commands/commands/test.md +21 -21
package/codex-commands/commands/workflow.md +21 -20
package/package.json +5 -2
package/rules/core/index.md +26 -41
package/rules/delivery/index.md +25 -0
package/rules/design/index.md +25 -0
package/rules/discovery/index.md +25 -0
package/rules/implementation/index.md +25 -0
package/rules/index.md +24 -39
package/rules/overlays/index.md +19 -19
package/rules/overlays/pig-cloud.md +20 -45
package/rules/shared/index.md +25 -0
package/rules/skill-stage-map.json +26 -0
package/rules/stages.json +48 -0
package/rules/validation/index.md +25 -0
package/scripts/add-skill-reference-nav.js +3 -0
package/scripts/bootstrap-skill-specs.js +96 -0
package/scripts/ci-validator.sh +51 -114
package/scripts/generate-skill-prompt-library.js +3 -0
package/scripts/golden-prompt-suite.current.js +211 -0
package/scripts/migrate-skill-packages.js +309 -0
package/scripts/run-golden-replays.js +110 -79
package/scripts/validate-rules.js +128 -125
package/scripts/validate-skill-replay-signals.js +45 -57
package/scripts/validate-skill-shapes.js +153 -127
package/scripts/validate-skill-stop-rules.js +54 -46
package/skills/01-discovery/ambiguity-detection/SKILL.md +30 -0
package/skills/01-discovery/ambiguity-detection/assets/golden-prompt-suite.current.js +22 -0
package/skills/01-discovery/ambiguity-detection/references/README.md +17 -0
package/skills/01-discovery/ambiguity-detection/references/cases.md +26 -0
package/skills/01-discovery/ambiguity-detection/references/prompt-template.md +18 -0
package/skills/01-discovery/ambiguity-detection/skill-spec.json +26 -0
package/skills/01-discovery/business-analysis/SKILL.md +30 -0
package/skills/01-discovery/business-analysis/assets/golden-prompt-suite.current.js +22 -0
package/skills/01-discovery/business-analysis/references/README.md +17 -0
package/skills/01-discovery/business-analysis/references/cases.md +26 -0
package/skills/01-discovery/business-analysis/references/prompt-template.md +18 -0
package/skills/01-discovery/business-analysis/skill-spec.json +26 -0
package/skills/01-discovery/impact-analysis/SKILL.md +30 -0
package/skills/01-discovery/impact-analysis/assets/golden-prompt-suite.current.js +22 -0
package/skills/01-discovery/impact-analysis/references/README.md +17 -0
package/skills/01-discovery/impact-analysis/references/cases.md +26 -0
package/skills/01-discovery/impact-analysis/references/prompt-template.md +18 -0
package/skills/01-discovery/impact-analysis/skill-spec.json +26 -0
package/skills/01-discovery/requirement-discovery/SKILL.md +30 -0
package/skills/01-discovery/requirement-discovery/assets/golden-prompt-suite.current.js +24 -0
package/skills/01-discovery/requirement-discovery/references/README.md +17 -0
package/skills/01-discovery/requirement-discovery/references/cases.md +28 -0
package/skills/01-discovery/requirement-discovery/references/prompt-template.md +18 -0
package/skills/01-discovery/requirement-discovery/skill-spec.json +26 -0
package/skills/02-design/api-design/SKILL.md +29 -0
package/skills/02-design/api-design/assets/golden-prompt-suite.current.js +22 -0
package/skills/02-design/api-design/references/README.md +17 -0
package/skills/02-design/api-design/references/cases.md +26 -0
package/skills/02-design/api-design/references/prompt-template.md +18 -0
package/skills/02-design/api-design/skill-spec.json +25 -0
package/skills/02-design/architecture-design/SKILL.md +29 -0
package/skills/02-design/architecture-design/assets/golden-prompt-suite.current.js +22 -0
package/skills/02-design/architecture-design/references/README.md +17 -0
package/skills/02-design/architecture-design/references/cases.md +26 -0
package/skills/02-design/architecture-design/references/prompt-template.md +18 -0
package/skills/02-design/architecture-design/skill-spec.json +25 -0
package/skills/02-design/database-design/SKILL.md +29 -0
package/skills/02-design/database-design/assets/golden-prompt-suite.current.js +22 -0
package/skills/02-design/database-design/references/README.md +17 -0
package/skills/02-design/database-design/references/cases.md +26 -0
package/skills/02-design/database-design/references/prompt-template.md +18 -0
package/skills/02-design/database-design/skill-spec.json +25 -0
package/skills/02-design/task-breakdown/SKILL.md +29 -0
package/skills/02-design/task-breakdown/assets/golden-prompt-suite.current.js +22 -0
package/skills/02-design/task-breakdown/references/README.md +17 -0
package/skills/02-design/task-breakdown/references/cases.md +26 -0
package/skills/02-design/task-breakdown/references/prompt-template.md +18 -0
package/skills/02-design/task-breakdown/skill-spec.json +25 -0
package/skills/03-implementation/backend-development/SKILL.md +29 -0
package/skills/03-implementation/backend-development/assets/golden-prompt-suite.current.js +22 -0
package/skills/03-implementation/backend-development/references/README.md +17 -0
package/skills/03-implementation/backend-development/references/cases.md +26 -0
package/skills/03-implementation/backend-development/references/prompt-template.md +18 -0
package/skills/03-implementation/backend-development/skill-spec.json +25 -0
package/skills/03-implementation/bug-fix/SKILL.md +29 -0
package/skills/03-implementation/bug-fix/assets/golden-prompt-suite.current.js +22 -0
package/skills/03-implementation/bug-fix/references/README.md +17 -0
package/skills/03-implementation/bug-fix/references/cases.md +26 -0
package/skills/03-implementation/bug-fix/references/prompt-template.md +18 -0
package/skills/03-implementation/bug-fix/skill-spec.json +25 -0
package/skills/03-implementation/database-change/SKILL.md +29 -0
package/skills/03-implementation/database-change/assets/golden-prompt-suite.current.js +22 -0
package/skills/03-implementation/database-change/references/README.md +17 -0
package/skills/03-implementation/database-change/references/cases.md +26 -0
package/skills/03-implementation/database-change/references/prompt-template.md +18 -0
package/skills/03-implementation/database-change/skill-spec.json +25 -0
package/skills/03-implementation/frontend-development/SKILL.md +29 -0
package/skills/03-implementation/frontend-development/assets/golden-prompt-suite.current.js +22 -0
package/skills/03-implementation/frontend-development/references/README.md +17 -0
package/skills/03-implementation/frontend-development/references/cases.md +26 -0
package/skills/03-implementation/frontend-development/references/prompt-template.md +18 -0
package/skills/03-implementation/frontend-development/skill-spec.json +25 -0
package/skills/04-validation/code-review/SKILL.md +29 -0
package/skills/04-validation/code-review/assets/golden-prompt-suite.current.js +22 -0
package/skills/04-validation/code-review/references/README.md +17 -0
package/skills/04-validation/code-review/references/cases.md +26 -0
package/skills/04-validation/code-review/references/prompt-template.md +18 -0
package/skills/04-validation/code-review/skill-spec.json +25 -0
package/skills/04-validation/performance-review/SKILL.md +29 -0
package/skills/04-validation/performance-review/assets/golden-prompt-suite.current.js +22 -0
package/skills/04-validation/performance-review/references/README.md +17 -0
package/skills/04-validation/performance-review/references/cases.md +26 -0
package/skills/04-validation/performance-review/references/prompt-template.md +18 -0
package/skills/04-validation/performance-review/skill-spec.json +25 -0
package/skills/04-validation/regression-check/SKILL.md +29 -0
package/skills/04-validation/regression-check/assets/golden-prompt-suite.current.js +22 -0
package/skills/04-validation/regression-check/references/README.md +17 -0
package/skills/04-validation/regression-check/references/cases.md +26 -0
package/skills/04-validation/regression-check/references/prompt-template.md +18 -0
package/skills/04-validation/regression-check/skill-spec.json +25 -0
package/skills/04-validation/security-review/SKILL.md +29 -0
package/skills/04-validation/security-review/assets/golden-prompt-suite.current.js +22 -0
package/skills/04-validation/security-review/references/README.md +17 -0
package/skills/04-validation/security-review/references/cases.md +26 -0
package/skills/04-validation/security-review/references/prompt-template.md +18 -0
package/skills/04-validation/security-review/skill-spec.json +25 -0
package/skills/04-validation/unit-test/SKILL.md +29 -0
package/skills/04-validation/unit-test/assets/golden-prompt-suite.current.js +22 -0
package/skills/04-validation/unit-test/references/README.md +17 -0
package/skills/04-validation/unit-test/references/cases.md +26 -0
package/skills/04-validation/unit-test/references/prompt-template.md +18 -0
package/skills/04-validation/unit-test/skill-spec.json +25 -0
package/skills/05-delivery/change-log/SKILL.md +29 -0
package/skills/05-delivery/change-log/assets/golden-prompt-suite.current.js +22 -0
package/skills/05-delivery/change-log/references/README.md +17 -0
package/skills/05-delivery/change-log/references/cases.md +26 -0
package/skills/05-delivery/change-log/references/prompt-template.md +18 -0
package/skills/05-delivery/change-log/skill-spec.json +25 -0
package/skills/05-delivery/deployment-guide/SKILL.md +29 -0
package/skills/05-delivery/deployment-guide/assets/golden-prompt-suite.current.js +22 -0
package/skills/05-delivery/deployment-guide/references/README.md +17 -0
package/skills/05-delivery/deployment-guide/references/cases.md +26 -0
package/skills/05-delivery/deployment-guide/references/prompt-template.md +18 -0
package/skills/05-delivery/deployment-guide/skill-spec.json +25 -0
package/skills/05-delivery/release-check/SKILL.md +29 -0
package/skills/05-delivery/release-check/assets/golden-prompt-suite.current.js +22 -0
package/skills/05-delivery/release-check/references/README.md +17 -0
package/skills/05-delivery/release-check/references/cases.md +26 -0
package/skills/05-delivery/release-check/references/prompt-template.md +18 -0
package/skills/05-delivery/release-check/skill-spec.json +25 -0
package/skills/05-delivery/release-validation/SKILL.md +29 -0
package/skills/05-delivery/release-validation/assets/golden-prompt-suite.current.js +22 -0
package/skills/05-delivery/release-validation/references/README.md +17 -0
package/skills/05-delivery/release-validation/references/cases.md +26 -0
package/skills/05-delivery/release-validation/references/prompt-template.md +18 -0
package/skills/05-delivery/release-validation/skill-spec.json +25 -0
package/skills/shared/codebase-learning/SKILL.md +29 -0
package/skills/shared/codebase-learning/assets/golden-prompt-suite.current.js +22 -0
package/skills/shared/codebase-learning/references/README.md +17 -0
package/skills/shared/codebase-learning/references/cases.md +26 -0
package/skills/shared/codebase-learning/references/prompt-template.md +18 -0
package/skills/shared/codebase-learning/skill-spec.json +25 -0
package/skills/shared/evidence-collector/SKILL.md +29 -0
package/skills/shared/evidence-collector/assets/golden-prompt-suite.current.js +22 -0
package/skills/shared/evidence-collector/references/README.md +17 -0
package/skills/shared/evidence-collector/references/cases.md +26 -0
package/skills/shared/evidence-collector/references/prompt-template.md +18 -0
package/skills/shared/evidence-collector/skill-spec.json +25 -0
package/skills/shared/framework-guide/SKILL.md +28 -0
package/skills/shared/framework-guide/assets/golden-prompt-suite.current.js +22 -0
package/skills/shared/framework-guide/references/README.md +17 -0
package/skills/shared/framework-guide/references/cases.md +26 -0
package/skills/shared/framework-guide/references/prompt-template.md +18 -0
package/skills/shared/framework-guide/skill-spec.json +24 -0
package/rules/bundles.json +0 -358
package/rules/coding/analysis.md +0 -27
package/rules/coding/backend/cache-invalidation.md +0 -30
package/rules/coding/backend/cache-keying.md +0 -30
package/rules/coding/backend/cache.md +0 -37
package/rules/coding/backend/database.md +0 -32
package/rules/coding/backend/feign.md +0 -30
package/rules/coding/backend/index.md +0 -42
package/rules/coding/backend/query.md +0 -32
package/rules/coding/backend/remote.md +0 -33
package/rules/coding/backend/transaction-boundary.md +0 -30
package/rules/coding/backend/transaction-rollback.md +0 -30
package/rules/coding/backend/transaction.md +0 -38
package/rules/coding/boundary.md +0 -25
package/rules/coding/implementation.md +0 -26
package/rules/coding/index.md +0 -38
package/rules/coding/scaffold.md +0 -28
package/rules/coding/testing.md +0 -29
package/rules/coding/validation.md +0 -29
package/rules/core/code-quality.md +0 -30
package/rules/core/evidence.md +0 -26
package/rules/core/interface.md +0 -26
package/rules/core/iteration.md +0 -26
package/rules/core/layer-boundary.md +0 -25
package/rules/core/logging.md +0 -26
package/rules/core/security.md +0 -26
package/rules/core/task-boundary.md +0 -27
package/rules/docs/api.md +0 -34
package/rules/docs/capture-summary.md +0 -29
package/rules/docs/capture.md +0 -34
package/rules/docs/contract.md +0 -30
package/rules/docs/decision-log.md +0 -32
package/rules/docs/examples.md +0 -28
package/rules/docs/index.md +0 -49
package/rules/docs/reference.md +0 -32
package/rules/overlays/pig-cloud/controller.md +0 -33
package/rules/overlays/pig-cloud/dto-vo.md +0 -33
package/rules/overlays/pig-cloud/entity.md +0 -32
package/rules/overlays/pig-cloud/exception.md +0 -32
package/rules/overlays/pig-cloud/layering.md +0 -31
package/rules/overlays/pig-cloud/mapper.md +0 -32
package/rules/overlays/pig-cloud/query-style.md +0 -32
package/rules/overlays/pig-cloud/rest-response.md +0 -33
package/rules/overlays/pig-cloud/service.md +0 -33
package/rules/overlays/pig-cloud/transactions.md +0 -32
package/rules/overlays/pig-cloud/validation.md +0 -33
package/rules/product/acceptance.md +0 -25
package/rules/product/briefing.md +0 -27
package/rules/product/index.md +0 -36
package/rules/product/intake.md +0 -27
package/rules/product/modeling.md +0 -25
package/rules/product/project-context.md +0 -29
package/rules/review/code.md +0 -35
package/rules/review/evidence.md +0 -31
package/rules/review/index.md +0 -50
package/rules/review/java.md +0 -42
package/rules/review/performance.md +0 -38
package/rules/review/rubric.md +0 -28
package/rules/review/security.md +0 -38
package/rules/review/ts.md +0 -33
package/rules/review/vue.md +0 -33
package/rules/skill-profile-map.json +0 -59
package/rules/skill-profile-map.md +0 -29
package/rules/workflow/handoff.md +0 -25
package/rules/workflow/index.md +0 -37
package/rules/workflow/refinement.md +0 -29
package/rules/workflow/router.md +0 -25
package/rules/workflow/selection.md +0 -25
package/rules/workflow/stop.md +0 -25
package/skills/api-contract-docs/SKILL.md +0 -77
package/skills/business-fact-extraction/SKILL.md +0 -337
package/skills/business-fact-extraction/scripts/write-knowledge-base.js +0 -228
package/skills/code-review/SKILL.md +0 -136
package/skills/code-review/references/findings-template.md +0 -51
package/skills/code-review/references/performance-checklist.md +0 -213
package/skills/code-review/references/rubric.md +0 -232
package/skills/code-review/references/rules.md +0 -32
package/skills/code-review/references/security-checklist.md +0 -178
package/skills/code-review/references/stack-notes.md +0 -25
package/skills/code-review/references/template-review.md +0 -39
package/skills/code-review/scripts/lint-code-review.mjs +0 -431
package/skills/domain-modeling/SKILL.md +0 -81
package/skills/domain-modeling/references/README.md +0 -134
package/skills/domain-modeling/references/distillation-checklist.md +0 -44
package/skills/domain-modeling/references/test-cases-template.md +0 -128
package/skills/environment-deploy/SKILL.md +0 -81
package/skills/feature-build/SKILL.md +0 -122
package/skills/feature-build/references/coding-checklist.md +0 -97
package/skills/feature-build/references/comment-specification.md +0 -89
package/skills/knowledge-capture/SKILL.md +0 -93
package/skills/performance-audit/SKILL.md +0 -118
package/skills/project-bootstrap/SKILL.md +0 -81
package/skills/references/anti-rationalization.md +0 -144
package/skills/references/business-fact-extraction.md +0 -415
package/skills/references/engineering-delivery-method.md +0 -64
package/skills/references/engineering-delivery-template.md +0 -81
package/skills/references/golden-prompt-suite.js +0 -436
package/skills/references/golden-prompt-suite.md +0 -33
package/skills/references/project-requirement-alignment.md +0 -42
package/skills/references/rule-loading-map.md +0 -117
package/skills/references/skill-authoring-standard.md +0 -74
package/skills/references/skill-boundary-template.md +0 -71
package/skills/references/skill-enhanced-template.md +0 -103
package/skills/references/skill-reference-matrix.md +0 -62
package/skills/security-audit/SKILL.md +0 -119
package/skills/spec-refinement/SKILL.md +0 -149
package/skills/technical-design/SKILL.md +0 -106
package/skills/technical-design/references/solid-checklist.md +0 -199
package/skills/test-design/SKILL.md +0 -92
package/skills/workflow-router/SKILL.md +0 -86

package/skills/code-review/references/findings-template.md DELETED Viewed

@@ -1,51 +0,0 @@
-# Code Review Findings Template
-## Shared Shape
-Use the same top-level fields for every finding:
-- `location`
-- `severity`
-- `evidence`
-- `why it matters`
-- `fix recommendation`
-## Rules
-- One finding should describe one issue.
-- Keep the location as small as possible.
-- Make the evidence concrete enough to verify.
-- Keep the fix recommendation specific enough to act on.
-- If there are no findings, explain what was checked and why the change is acceptable.
-## Section Hints
-### Java
-- Prefer controller, service, entity, mapper, DTO / VO, or MyBatis XML anchors.
-- Name the violated framework contract.
-- If the issue spans layers, name the first layer where the fix should land.
-### Vue
-- Prefer component, composable, state module, template, or build-file anchors.
-- State whether the issue is rendering, state flow, reactivity, or build configuration.
-- If the issue crosses files, name the owning frontend surface.
-### TypeScript
-- Prefer typed utility, module boundary, state module, or TS config anchors.
-- State whether the issue is type safety, module shape, async control flow, or shared utility determinism.
-- If the issue is config-related, name the entrypoint or build target that drifts.
-### Security
-- Prefer endpoint, auth flow, permission boundary, secret path, or exposure path anchors.
-- Call out the violated trust boundary.
-- State the attack path and impacted asset.
-### Performance
-- Prefer query, cache path, allocation path, concurrency path, or hot loop anchors.
-- State whether the pressure is CPU, memory, network, database, or allocation-related.
-- Name the slower path and the observable impact.

package/skills/code-review/references/performance-checklist.md DELETED Viewed

@@ -1,213 +0,0 @@
-# 性能检查清单
-> 基于当前规则基线的性能审查检查项
----
-## Database Operations (数据库操作)
-### N+1 Query
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 循环中查询 | for 循环中调用 mapper.select | 批量查询 |
-| 关联数据逐条获取 | 逐条获取关联数据 | JOIN 或 IN 查询 |
-| 分页后逐条处理 | 分页查询后循环处理 | 批量处理 |
-**示例**：
-```java
-// ❌ N+1 查询
-List<Order> orders = orderMapper.selectList(null);
-for (Order order : orders) {
-    User user = userMapper.selectById(order.getUserId());  // N 次查询
-}
-// ✅ 批量查询
-List<Order> orders = orderMapper.selectList(null);
-Set<Long> userIds = orders.stream().map(Order::getUserId).collect(Collectors.toSet());
-List<User> users = userMapper.selectBatchIds(userIds);  // 1 次查询
-```
-### Full Table Scan
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 无条件查询 | selectList(null) | 添加条件/分页 |
-| 无索引字段查询 | 非索引字段查询 | 添加索引 |
-| 大表全量查询 | 大表无分页 | 强制分页 |
-### Index Missing
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 高频查询字段 | 无索引 | 添加索引 |
-| 关联字段 | 外键无索引 | 添加索引 |
-| 排序字段 | ORDER BY 无索引 | 添加索引 |
-### Large Data Query
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 无分页查询 | selectList 无 limit | 强制分页 |
-| 大批量查询 | 批量查询无限制 | 分批查询 |
-| 全字段查询 | SELECT * | 指定必要字段 |
----
-## Cache Usage (缓存使用)
-### Cache Penetration (缓存穿透)
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 空值不缓存 | 查询空值不缓存 | 缓存空值（短过期） |
-| 持续查询不存在数据 | 反复查询不存在数据 | 布隆过滤器 |
-**示例**：
-```java
-// ❌ 缓存穿透
-public User getUser(Long id) {
-    User user = cache.get(id);
-    if (user == null) {
-        user = mapper.selectById(id);  // 空值不缓存，反复查询
-    }
-    return user;
-}
-// ✅ 缓存空值
-public User getUser(Long id) {
-    User user = cache.get(id);
-    if (user == null) {
-        user = mapper.selectById(id);
-        cache.set(id, user != null ? user : NULL_PLACEHOLDER, 60);  // 缓存空值
-    }
-    return user;
-}
-```
-### Cache Avalanche (缓存雪崩)
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 过期时间相同 | 所有缓存过期时间相同 | 过期时间分散 |
-| 大量缓存同时过期 | 批量缓存同时失效 | 过期时间随机化 |
-### Cache Stampede (缓存击穿)
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 热点数据无锁 | 热点数据并发查询 | 分布式锁 |
-| 缓存重建耗时 | 缓存重建时间长 | 异步重建 |
-### Cache Consistency (缓存一致性)
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 更新策略不一致 | 先删缓存后更新数据库 | 先更新数据库后删缓存 |
-| 双写不一致 | 并发双写 | 分布式锁/延迟双删 |
----
-## Memory & Concurrency (内存与并发)
-### Memory Leak
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 静态集合增长 | static Map/List 持续增长 | 使用缓存/定期清理 |
-| 未关闭资源 | Connection/Stream 未关闭 | 使用 try-with-resources |
-| ThreadLocal 未清理 | ThreadLocal 未 remove | 及时清理 |
-**示例**：
-```java
-// ❌ 内存泄漏
-public class Cache {
-    private static Map<String, Object> cache = new HashMap<>();  // 无限增长
-    public void put(String key, Object value) {
-        cache.put(key, value);
-    }
-}
-// ✅ 使用 Caffeine 缓存
-public class Cache {
-    private static Cache<String, Object> cache = Caffeine.newBuilder()
-        .maximumSize(1000)
-        .expireAfterWrite(10, TimeUnit.MINUTES)
-        .build();
-}
-```
-### Thread Safety
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 共享变量 | 多线程访问共享变量 | 使用同步/并发容器 |
-| 非线程安全容器 | HashMap 多线程使用 | ConcurrentHashMap |
-| 计数器竞争 | 多线程计数 | AtomicLong |
-### Connection Leak
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 数据库连接未关闭 | Connection 未 close | 连接池自动管理 |
-| Redis 连接未关闭 | Redis 连接未释放 | 连接池自动管理 |
-| HTTP 连接未关闭 | HttpClient 未 close | 连接池自动管理 |
----
-## Response Time (响应时间)
-### Slow API
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 响应时间 > 500ms | 接口响应慢 | 分析瓶颈 |
-| 响应时间 > 1s | 接口超慢 | 紧急优化 |
-| 响应时间波动 | 响应时间不稳定 | 分析原因 |
-### Batch Operations
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 批量插入逐条 | for 循环 insert | saveBatch |
-| 批量更新逐条 | for 循环 update | updateBatchById |
-| 批量删除逐条 | for 循环 delete | removeByIds |
----
-## Severity Classification
-| 等级 | 描述 | 处理要求 |
-|------|------|---------|
-| 🔴 Critical | 响应时间 > 5s 或内存泄漏 | 立即修复 |
-| 🟠 High | N+1 查询或响应时间 > 1s | 本次发布前修复 |
-| 🟡 Medium | 缓存使用不当或响应时间 > 500ms | 计划修复 |
-| 🟢 Low | 小优化建议 | 可接受 |
----
-## Anti-rationalization Table (Performance)
-| 常见借口 | 反驳理由 | 正确做法 |
-|---------|---------|---------|
-| "性能问题用户不会感知" | 用户感知是累积的 | 优化性能 |
-| "这个查询很快" | 快查询也会累积 | 批量优化 |
-| "缓存以后再加" | 无缓存的系统不可用 | 设计时考虑缓存 |
-| "这个数据量很小" | 数据量会增长 | 设计时考虑增长 |
-| "这个接口不常用" | 不常用接口也可能被频繁调用 | 所有接口优化 |
-| "性能优化太耗时" | 性能问题修复成本更高 | 设计时考虑性能 |
-| "这是数据库的问题" | 应用层也能优化 | 应用层优化 |
-| "测试环境性能够用" | 生产环境数据量更大 | 生产环境验证 |
----
-## Verification Gates
-| 门禁 | 检查方法 | 通过条件 | 失败处理 |
-|------|---------|---------|---------|
-| N+1 检查 | 循环查询扫描 | 无循环查询 | 批量查询 |
-| 分页检查 | 无分页查询扫描 | 大表强制分页 | 添加分页 |
-| 缓存检查 | 热点数据扫描 | 热点数据有缓存 | 添加缓存 |
-| 响应时间检查 | API 监控 | 响应时间 < 500ms | 分析优化 |
-| 内存检查 | 内存分析 | 无内存泄漏 | 修复泄漏 |

package/skills/code-review/references/rubric.md DELETED Viewed

@@ -1,232 +0,0 @@
-# Code Review Rubric 体系
-> 10 条可检测工程规范，用于评估 code-review Skill 质量
----
-## Rubric 定义
-| 规则 | 检查内容 | 标准 | 检测方式 |
-|------|----------|------|----------|
-| **R1** | 渐进式加载 | 每个 Bundle <= 10 文件 | 文件计数 |
-| **R2** | 规则覆盖率 | 覆盖 >= 90% MUST/NEVER | 规则计数 |
-| **R3** | 位置准确性 | 行号偏差 <= 3 行 | 位置比对 |
-| **R4** | 可解释性 | 100% 问题可追溯规则 | 规则ID检查 |
-| **R5** | 问题分级 | P0 必须修复 | 分级检查 |
-| **R6** | 跨模块影响 | 涉及跨模块时必须检查 | import分析 |
-| **R7** | 输出格式 | 符合 REVIEW.md 规范 | 格式验证 |
-| **R8** | 确认节点 | P0 问题修复前确认 | 流程检查 |
-| **R9** | Pre-Delivery | 无位置漂移、无遗漏 | 自检验证 |
-| **R10** | 反 Slop | 问题描述 <= 100 字 | 字数统计 |
----
-## 详细说明
-### R1: 渐进式加载
-**目的**：避免一次性加载过多文件导致 Token 超限
-**检查方式**：
-```javascript
-function checkR1(bundles) {
-  for (const bundle of bundles) {
-    if (bundle.files.length > 10) {
-      return { pass: false, message: `Bundle ${bundle.name} 超过 10 文件` };
-    }
-  }
-  return { pass: true };
-}
-```
----
-### R2: 规则覆盖率
-**目的**：确保所有 MUST/NEVER 规则都被检查
-**检查方式**：
-```javascript
-function checkR2(checkedRules, allRules) {
-  const coverage = checkedRules.length / allRules.length * 100;
-  if (coverage < 90) {
-    return { pass: false, coverage, missing: allRules.filter(r => !checkedRules.includes(r)) };
-  }
-  return { pass: true, coverage };
-}
-```
----
-### R3: 位置准确性
-**目的**：确保问题定位精确到行号
-**检查方式**：
-```javascript
-function checkR3(issues, actualLines) {
-  for (const issue of issues) {
-    const diff = Math.abs(issue.line - actualLines[issue.file][issue.ruleId]);
-    if (diff > 3) {
-      return { pass: false, issue, diff };
-    }
-  }
-  return { pass: true };
-}
-```
----
-### R4: 可解释性
-**目的**：每个问题必须有明确的规则依据
-**检查方式**：
-```javascript
-function checkR4(issues) {
-  for (const issue of issues) {
-    if (!issue.ruleId || !issue.ruleName) {
-      return { pass: false, issue, message: '缺少规则依据' };
-    }
-  }
-  return { pass: true };
-}
-```
----
-### R5: 问题分级
-**目的**：P0 问题必须修复，不能忽略
-**检查方式**：
-```javascript
-function checkR5(issues, fixedIssues) {
-  const p0Issues = issues.filter(i => i.level === 'P0');
-  const unfixedP0 = p0Issues.filter(i => !fixedIssues.includes(i.id));
-  if (unfixedP0.length > 0) {
-    return { pass: false, unfixed: unfixedP0 };
-  }
-  return { pass: true };
-}
-```
----
-### R6: 跨模块影响
-**目的**：涉及跨模块调用时必须检查影响
-**检查方式**：
-```javascript
-function checkR6(content, crossModuleImports) {
-  if (crossModuleImports.length > 0) {
-    // 必须有跨模块影响分析
-    return { pass: true, imports: crossModuleImports };
-  }
-  return { pass: true };
-}
-```
----
-### R7: 输出格式
-**目的**：报告格式符合规范，便于团队协作
-**检查方式**：
-```javascript
-function checkR7(report) {
-  const requiredSections = ['评审概要', '问题列表', '跨模块影响分析', '评审结论'];
-  for (const section of requiredSections) {
-    if (!report.includes(section)) {
-      return { pass: false, missing: section };
-    }
-  }
-  return { pass: true };
-}
-```
----
-### R8: 确认节点
-**目的**：P0 问题修复前必须请求用户确认
-**检查方式**：
-```javascript
-function checkR8(workflow) {
-  const p0Issues = workflow.issues.filter(i => i.level === 'P0');
-  if (p0Issues.length > 0 && !workflow.confirmationRequested) {
-    return { pass: false, message: 'P0 问题修复前未请求确认' };
-  }
-  return { pass: true };
-}
-```
----
-### R9: Pre-Delivery 自检
-**目的**：报告生成前自检，确保质量
-**检查方式**：
-```javascript
-function checkR9(report, sourceFiles) {
-  // 检查位置漂移
-  // 检查遗漏文件
-  const coveredFiles = report.issues.map(i => i.file);
-  const missingFiles = sourceFiles.filter(f => !coveredFiles.includes(f));
-  if (missingFiles.length > 0) {
-    return { pass: false, missing: missingFiles };
-  }
-  return { pass: true };
-}
-```
----
-### R10: 反 Slop
-**目的**：问题描述简洁，避免冗余
-**检查方式**：
-```javascript
-function checkR10(issues) {
-  for (const issue of issues) {
-    if (issue.message.length > 100) {
-      return { pass: false, issue, length: issue.message.length };
-    }
-  }
-  return { pass: true };
-}
-```
----
-## Rubric 评分
-| 评分 | 说明 |
-|------|------|
-| **10/10** | 所有规则通过 |
-| **8-9/10** | 1-2 条规则轻微偏离 |
-| **6-7/10** | 3-4 条规则偏离，需改进 |
-| **<6/10** | 多条规则失败，需重构 |
----
-## CI 集成
-```yaml
-# .github/workflows/rubric-check.yml
-name: Rubric Check
-on: [push]
-jobs:
-  check:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Run Rubric Check
-        run: |
-          node scripts/check-rubric.mjs --skill code-review
-```

package/skills/code-review/references/rules.md DELETED Viewed

@@ -1,32 +0,0 @@
-# Code Review Rules
-> This file keeps the shared rule IDs for `code-review`.
-> Finding templates live in `findings-template.md`.
-> Stack-specific notes live in `stack-notes.md`.
-> Generic review rules live in `rules/review/code.md`.
-> Stack overlays live in `rules/review/java.md`, `rules/review/vue.md`, and `rules/review/ts.md`.
-## MUST Rules
-- `MUST-001` Entity must extend the project delete base class.
-- `MUST-002` Primary key must use the project-assigned ID strategy.
-- `MUST-003` State fields must use the agreed enum code pattern.
-- `MUST-004` Controller must call Service, not Mapper.
-- `MUST-005` REST endpoints must return the unified response wrapper.
-- `MUST-006` Cross-table Service operations must use a transaction boundary.
-- `MUST-007` DTO / VO must use the shared conversion approach.
-- `MUST-008` Write endpoints must use the shared validation approach.
-## NEVER Rules
-- `NEVER-001` Controller must not access Mapper directly.
-- `NEVER-002` Transactional methods must not make remote calls.
-- `NEVER-003` Mapper must not contain business logic.
-- `NEVER-004` Do not query by raw string column names.
-- `NEVER-005` Do not use left-fuzzy LIKE.
-- `NEVER-006` Do not compare status with magic values.
-## Security Rules
-- `SEC-001` Do not hardcode sensitive values.
-- `SEC-002` Do not introduce SQL injection risk.

package/skills/code-review/references/security-checklist.md DELETED Viewed

@@ -1,178 +0,0 @@
-# 安全检查清单
-> 基于 OWASP Top 10 的安全审查检查项
----
-## Injection Vulnerabilities (注入漏洞)
-### SQL Injection
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| ${} 参数 | Mapper XML 使用 ${} | 使用 #{} 或 Lambda |
-| 动态 SQL 拼接 | 字符串拼接 SQL | 使用 MyBatis 动态 SQL |
-| ORDER BY 白名单 | ORDER BY 使用 ${} | 白名单验证字段名 |
-**示例**：
-```java
-// ❌ SQL 注入风险
-@Select("SELECT * FROM t_user WHERE name = '${name}'")
-List<User> findByName(String name);
-// ✅ 安全做法
-@Select("SELECT * FROM t_user WHERE name = #{name}")
-List<User> findByName(String name);
-// ✅ Lambda 查询
-lambdaQuery().eq(UserEntity::getName, name);
-```
-### Command Injection
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| Runtime.exec() | 直接执行用户输入 | 白名单验证命令 |
-| ProcessBuilder | 用户输入作为参数 | 参数校验 |
-### XSS (Cross-Site Scripting)
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 用户输入直接输出 | 无转义输出 | HTML 转义 |
-| 富文本存储 | 存储原始 HTML | 过滤危险标签 |
----
-## Sensitive Data (敏感数据)
-### Hardcoded Secrets
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 密码硬编码 | 源码中的密码 | 使用环境变量/配置中心 |
-| 密钥硬编码 | API Key 在代码中 | 使用密钥管理服务 |
-| Token 硬编码 | JWT Token 在代码中 | 动态获取 |
-**示例**：
-```java
-// ❌ 硬编码密码
-private String password = "123456";
-// ✅ 安全做法
-@Value("${app.password}")
-private String password;
-```
-### Logging Sensitive Data
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 密码日志 | log.info(password) | 不打印敏感数据 |
-| Token 日志 | log.debug(token) | 脱敏或移除 |
-| 身份证日志 | log.info(idCard) | 脱敏打印 |
-### Exception Information Leakage
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 异常堆栈暴露 | 返回完整堆栈 | 返回友好错误消息 |
-| 数据库错误暴露 | 返回 SQL 错误 | 返回通用错误 |
-| 内部路径暴露 | 返回文件路径 | 返回通用错误 |
----
-## Authentication & Authorization (认证授权)
-### Authentication Bypass
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 公开接口 | 无认证的敏感接口 | 添加认证 |
-| 默认密码 | 系统默认密码 | 强制修改 |
-| 弱密码 | 无密码复杂度要求 | 密码策略 |
-### Authorization Missing
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 无权限注解 | 缺少 @PreAuthorize | 添加权限控制 |
-| 权限绕过 | 接口权限不一致 | 统一权限配置 |
-| 越权访问 | 用户可访问他人数据 | 数据归属检查 |
-**示例**：
-```java
-// ❌ 无权限控制
-@GetMapping("/order/{id}")
-public Result<OrderVO> getOrder(@PathVariable Long id) {
-    return service.getById(id);  // 用户可访问任何订单
-}
-// ✅ 数据归属检查
-@GetMapping("/order/{id}")
-public Result<OrderVO> getOrder(@PathVariable Long id) {
-    OrderVO order = service.getById(id);
-    if (!order.getUserId().equals(SecurityUtils.getUserId())) {
-        throw new BusinessException("无权访问");
-    }
-    return Result.ok(order);
-}
-```
----
-## Data Protection (数据保护)
-### Data Masking
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 手机号脱敏 | 返回完整手机号 | @Sensitive(SensitiveType.PHONE) |
-| 身份证脱敏 | 返回完整身份证 | @Sensitive(SensitiveType.ID_CARD) |
-| 银行卡脱敏 | 返回完整银行卡 | @Sensitive(SensitiveType.BANK_CARD) |
-### Encryption
-| 检查项 | 问题信号 | 修复方案 |
-|--------|----------|----------|
-| 密码存储 | 明文存储密码 | BCrypt 加密 |
-| 敏感数据存储 | 明文存储敏感数据 | AES 加密 |
-| 传输加密 | HTTP 传输 | HTTPS |
----
-## Severity Classification
-| 等级 | 描述 | 处理要求 |
-|------|------|---------|
-| 🔴 Critical | 可被利用的漏洞 | 立即修复 |
-| 🟠 High | 高风险问题 | 本次发布前修复 |
-| 🟡 Medium | 中等风险 | 计划修复 |
-| 🟢 Low | 低风险/建议 | 可接受 |
----
-## Anti-rationalization Table (Security)
-| 常见借口 | 反驳理由 | 正确做法 |
-|---------|---------|---------|
-| "这个问题不会发生" | 所有可能的问题都会发生 | 处理问题 |
-| "这个漏洞很难利用" | 难利用不代表不会被利用 | 修复漏洞 |
-| "用户不会这样操作" | 用户总会找到边界情况 | 处理所有边界 |
-| "这只是内部系统" | 内部系统也可能被攻击 | 同样严格检查 |
-| "这个数据不重要" | 不重要数据也可能泄露 | 保护所有数据 |
-| "以后再修复" | 安全问题修复成本更高 | 立即修复 |
-| "这是框架的问题" | 使用框架也要遵守规范 | 检查框架使用 |
-| "测试环境不需要" | 测试环境也可能泄露 | 全环境检查 |
----
-## Verification Gates
-| 门禁 | 检查方法 | 通过条件 | 失败处理 |
-|------|---------|---------|---------|
-| SQL注入检查 | ${} 扫描 | 无 ${} 使用 | 替换为 #{} |
-| 硬编码检查 | 密码扫描 | 无密码硬编码 | 移除硬编码 |
-| 日志检查 | 日志扫描 | 无敏感数据日志 | 移除敏感日志 |
-| 权限检查 | 接口扫描 | 敏感接口有权限 | 添加权限 |
-| 脱敏检查 | VO扫描 | 敏感字段有 @Sensitive | 添加脱敏 |