@su-record/vibe 2.7.10 → 2.7.12

package/skills/parallel-research/SKILL.md

@@ -1,87 +1,87 @@
----
-name: parallel-research
-description: "Parallel research guide. Auto-activates for complex features, new technologies, security-critical work, architecture design, or technology selection decisions."
-triggers: [parallel research, complex feature, technology selection, architecture design, security critical]
-priority: 60
----
-# Parallel Research
-
-Parallel research patterns for solving complex problems.
-
-## When Parallel Research is Needed
-
-| Situation | Reason |
-|-----------|--------|
-| New technology adoption | Need best practices |
-| Security-related features | Multi-angle review needed |
-| Architecture design | Multiple perspectives needed |
-| Technology selection | Comparison analysis needed |
-| Complex bugs | Explore multiple causes |
-
-## Research Agents (4 Parallel)
-
-| Agent | Role | Tools |
-|-------|------|-------|
-| best-practices | Search best practices | Web Search, context7 |
-| framework-docs | Search official docs | context7 |
-| codebase-patterns | Analyze existing code patterns | Grep, Glob |
-| security-advisory | Search security advisories | Web Search |
-
-## Usage Methods
-
-### Method 1: Direct Orchestrator Call
-
-```bash
-node -e "import('{{VIBE_PATH_URL}}/node_modules/@su-record/vibe/dist/infra/orchestrator/index.js').then(o =>
-  o.research('passkey authentication', ['React', 'Supabase'])
-  .then(r => console.log(r.content[0].text))
-)"
-```
-
-### Method 2: Use /vibe.spec
-
-```
-/vibe.spec "feature-name"
-→ Parallel research runs automatically after requirements confirmed
-```
-
-### Method 3: Parallel Task Tool Execution
-
-```
-Task 1: "Search React auth best practices"
-Task 2: "Search Supabase Auth official docs" (concurrent)
-Task 3: "Analyze existing auth code patterns" (concurrent)
-Task 4: "Search auth security vulnerabilities" (concurrent)
-```
-
-## Using Research Results
-
-```
-Parallel research complete
-    ↓
-Synthesize results
-    ↓
-Reflect in SPEC Context section
-OR
-Reference during implementation
-```
-
-## When Research is NOT Needed
-
-- Simple CRUD operations
-- Already familiar patterns
-- Similar code exists in project
-- Time-critical (supplement with review later)
-
-## Notes
-
-- Research runs **after requirements confirmed**
-- Split overly broad topics
-- Research results are references, not absolute truth
-
-## Done Criteria (K4)
-
-- [ ] All 4 research agents returned results (or documented why not)
-- [ ] Results synthesized into actionable recommendations
-- [ ] Key findings reflected in SPEC Context section or implementation notes
-- [ ] Conflicting recommendations resolved with reasoning
+---
+name: parallel-research
+description: "Parallel research guide. Auto-activates for complex features, new technologies, security-critical work, architecture design, or technology selection decisions."
+triggers: [parallel research, complex feature, technology selection, architecture design, security critical]
+priority: 60
+---
+# Parallel Research
+
+Parallel research patterns for solving complex problems.
+
+## When Parallel Research is Needed
+
+| Situation | Reason |
+|-----------|--------|
+| New technology adoption | Need best practices |
+| Security-related features | Multi-angle review needed |
+| Architecture design | Multiple perspectives needed |
+| Technology selection | Comparison analysis needed |
+| Complex bugs | Explore multiple causes |
+
+## Research Agents (4 Parallel)
+
+| Agent | Role | Tools |
+|-------|------|-------|
+| best-practices | Search best practices | Web Search, context7 |
+| framework-docs | Search official docs | context7 |
+| codebase-patterns | Analyze existing code patterns | Grep, Glob |
+| security-advisory | Search security advisories | Web Search |
+
+## Usage Methods
+
+### Method 1: Direct Orchestrator Call
+
+```bash
+node -e "import('{{VIBE_PATH_URL}}/node_modules/@su-record/vibe/dist/infra/orchestrator/index.js').then(o =>
+  o.research('passkey authentication', ['React', 'Supabase'])
+  .then(r => console.log(r.content[0].text))
+)"
+```
+
+### Method 2: Use /vibe.spec
+
+```
+/vibe.spec "feature-name"
+→ Parallel research runs automatically after requirements confirmed
+```
+
+### Method 3: Parallel Task Tool Execution
+
+```
+Task 1: "Search React auth best practices"
+Task 2: "Search Supabase Auth official docs" (concurrent)
+Task 3: "Analyze existing auth code patterns" (concurrent)
+Task 4: "Search auth security vulnerabilities" (concurrent)
+```
+
+## Using Research Results
+
+```
+Parallel research complete
+    ↓
+Synthesize results
+    ↓
+Reflect in SPEC Context section
+OR
+Reference during implementation
+```
+
+## When Research is NOT Needed
+
+- Simple CRUD operations
+- Already familiar patterns
+- Similar code exists in project
+- Time-critical (supplement with review later)
+
+## Notes
+
+- Research runs **after requirements confirmed**
+- Split overly broad topics
+- Research results are references, not absolute truth
+
+## Done Criteria (K4)
+
+- [ ] All 4 research agents returned results (or documented why not)
+- [ ] Results synthesized into actionable recommendations
+- [ ] Key findings reflected in SPEC Context section or implementation notes
+- [ ] Conflicting recommendations resolved with reasoning

package/skills/priority-todos/SKILL.md

@@ -1,63 +1,63 @@
----
-name: priority-todos
-description: "Priority-based TODO management (P1/P2/P3). Auto-activates when managing tasks, reviewing issues, or organizing work by priority."
-triggers: [todo, priority, P1, P2, P3, task management, issue, organize]
-priority: 60
----
-
-# Priority-Based Todo Management
-
-## Pre-check (K1)
-
-> Do you need structured priority tracking? For 1-2 item task lists, use inline TODOs. This system is for multi-issue tracking across reviews and sessions.
-
-## Priority Definitions
-
-| Priority | Meaning | Action | Examples |
-|----------|---------|--------|----------|
-| P1 | **Blocks merge** | Fix immediately | Security vulnerability, data loss risk, production incident |
-| P2 | **Should fix** | Fix before PR | Performance issue, missing tests, architecture violation |
-| P3 | **Backlog** | Fix when time permits | Code style, refactoring suggestion, documentation |
-
-## Directory Structure
-
-```
-.claude/vibe/todos/
-├── P1-security-sql-injection.md
-├── P2-perf-n1-query.md
-├── P3-style-extract-helper.md
-├── index.md                      # Summary table with counts/status
-└── done/                         # Archived completed items
-```
-
-## Workflow
-
-```
-/vibe.review → Creates P1/P2/P3 todo files + updates index.md
-     ↓
-Fix P1 first (blocks merge)
-     ↓
-Fix P2 before PR (warning only)
-     ↓
-P3 → backlog (weekly review)
-     ↓
-Mark done → moves to done/ with date prefix
-```
-
-## Todo File Format
-
-Each file follows: `# [P1] Title` → Summary → Priority Justification → Location (file:line) → Suggested Fix → Checklist (fix, test, review, merge).
-
-## Rules
-
-- P1 exists → merge is **blocked**
-- P2 → warning only, recommended to resolve
-- P3 → no blocking, backlog
-- Weekly cleanup: review and archive completed items
-
-## Done Criteria (K4)
-
-- [ ] All P1 items resolved before merge
-- [ ] P2 items reviewed and either resolved or documented
-- [ ] index.md reflects current state
-- [ ] Completed items archived to `done/` directory
+---
+name: priority-todos
+description: "Priority-based TODO management (P1/P2/P3). Auto-activates when managing tasks, reviewing issues, or organizing work by priority."
+triggers: [todo, priority, P1, P2, P3, task management, issue, organize]
+priority: 60
+---
+
+# Priority-Based Todo Management
+
+## Pre-check (K1)
+
+> Do you need structured priority tracking? For 1-2 item task lists, use inline TODOs. This system is for multi-issue tracking across reviews and sessions.
+
+## Priority Definitions
+
+| Priority | Meaning | Action | Examples |
+|----------|---------|--------|----------|
+| P1 | **Blocks merge** | Fix immediately | Security vulnerability, data loss risk, production incident |
+| P2 | **Should fix** | Fix before PR | Performance issue, missing tests, architecture violation |
+| P3 | **Backlog** | Fix when time permits | Code style, refactoring suggestion, documentation |
+
+## Directory Structure
+
+```
+.claude/vibe/todos/
+├── P1-security-sql-injection.md
+├── P2-perf-n1-query.md
+├── P3-style-extract-helper.md
+├── index.md                      # Summary table with counts/status
+└── done/                         # Archived completed items
+```
+
+## Workflow
+
+```
+/vibe.review → Creates P1/P2/P3 todo files + updates index.md
+     ↓
+Fix P1 first (blocks merge)
+     ↓
+Fix P2 before PR (warning only)
+     ↓
+P3 → backlog (weekly review)
+     ↓
+Mark done → moves to done/ with date prefix
+```
+
+## Todo File Format
+
+Each file follows: `# [P1] Title` → Summary → Priority Justification → Location (file:line) → Suggested Fix → Checklist (fix, test, review, merge).
+
+## Rules
+
+- P1 exists → merge is **blocked**
+- P2 → warning only, recommended to resolve
+- P3 → no blocking, backlog
+- Weekly cleanup: review and archive completed items
+
+## Done Criteria (K4)
+
+- [ ] All P1 items resolved before merge
+- [ ] P2 items reviewed and either resolved or documented
+- [ ] index.md reflects current state
+- [ ] Completed items archived to `done/` directory

package/skills/seo-checklist/SKILL.md

@@ -1,57 +1,57 @@
----
-name: seo-checklist
-description: "SEO gotchas for web development - easy-to-miss items that hurt search ranking"
-triggers: [seo, search, meta, sitemap, schema, structured data, og, opengraph, google, naver]
-priority: 65
----
-
-# SEO Checklist
-
-## Pre-check (K1)
-
-> Is this a public-facing web page that needs search visibility? Internal tools, admin panels, and authenticated-only pages don't need SEO optimization.
-
-## Easy-to-Miss Gotchas
-
-### Meta & Social
-
-| Gotcha | Why It Hurts | Fix |
-|--------|-------------|-----|
-| Missing `<link rel="canonical">` | Duplicate content penalty from URL variants | Set canonical on every page, including paginated |
-| OG image wrong size | Cropped/pixelated on social share | Must be exactly **1200x630px** |
-| Same title/description on all pages | Google treats as duplicate content | Unique title (50-60 chars) + description (150-160 chars) per page |
-| Missing `og:type` | Defaults to "website" for articles | Set `article` for posts, `product` for products |
-
-### Technical
-
-| Gotcha | Why It Hurts | Fix |
-|--------|-------------|-----|
-| `robots.txt` blocks important pages | Pages not indexed | `Allow: /` for public, only block `/api/`, `/admin/` |
-| No sitemap or stale sitemap | Crawler misses new pages | Auto-generate, include `<lastmod>` with real dates |
-| `noindex` left in production | Entire site invisible | Verify `<meta name="robots">` in production build |
-| Images without `width`/`height` | CLS layout shift penalty | Always set dimensions + `loading="lazy"` for below-fold |
-
-### Core Web Vitals
-
-| Metric | Target | Common Miss |
-|--------|--------|-------------|
-| LCP | ≤2.5s | Hero image not preloaded — add `<link rel="preload">` |
-| INP | ≤200ms | Heavy JS on interaction — defer non-critical scripts |
-| CLS | ≤0.1 | Dynamic content without reserved space — set `min-height` |
-
-### Structured Data
-
-| Gotcha | Fix |
-|--------|-----|
-| JSON-LD not validated | Test with Google Rich Results Test before deploy |
-| Wrong `@type` | `Product` for products, `Article` for posts, `FAQPage` for FAQs |
-| Missing `BreadcrumbList` | Add breadcrumb schema for all non-root pages |
-
-## Done Criteria (K4)
-
-- [ ] Every page has unique title, description, canonical URL
-- [ ] OG images are 1200x630px on all shareable pages
-- [ ] `robots.txt` and `sitemap.xml` present and correct
-- [ ] Structured data validates in Rich Results Test
-- [ ] Core Web Vitals green (LCP ≤2.5s, INP ≤200ms, CLS ≤0.1)
-- [ ] No `noindex` tags in production
+---
+name: seo-checklist
+description: "SEO gotchas for web development - easy-to-miss items that hurt search ranking"
+triggers: [seo, search, meta, sitemap, schema, structured data, og, opengraph, google, naver]
+priority: 65
+---
+
+# SEO Checklist
+
+## Pre-check (K1)
+
+> Is this a public-facing web page that needs search visibility? Internal tools, admin panels, and authenticated-only pages don't need SEO optimization.
+
+## Easy-to-Miss Gotchas
+
+### Meta & Social
+
+| Gotcha | Why It Hurts | Fix |
+|--------|-------------|-----|
+| Missing `<link rel="canonical">` | Duplicate content penalty from URL variants | Set canonical on every page, including paginated |
+| OG image wrong size | Cropped/pixelated on social share | Must be exactly **1200x630px** |
+| Same title/description on all pages | Google treats as duplicate content | Unique title (50-60 chars) + description (150-160 chars) per page |
+| Missing `og:type` | Defaults to "website" for articles | Set `article` for posts, `product` for products |
+
+### Technical
+
+| Gotcha | Why It Hurts | Fix |
+|--------|-------------|-----|
+| `robots.txt` blocks important pages | Pages not indexed | `Allow: /` for public, only block `/api/`, `/admin/` |
+| No sitemap or stale sitemap | Crawler misses new pages | Auto-generate, include `<lastmod>` with real dates |
+| `noindex` left in production | Entire site invisible | Verify `<meta name="robots">` in production build |
+| Images without `width`/`height` | CLS layout shift penalty | Always set dimensions + `loading="lazy"` for below-fold |
+
+### Core Web Vitals
+
+| Metric | Target | Common Miss |
+|--------|--------|-------------|
+| LCP | ≤2.5s | Hero image not preloaded — add `<link rel="preload">` |
+| INP | ≤200ms | Heavy JS on interaction — defer non-critical scripts |
+| CLS | ≤0.1 | Dynamic content without reserved space — set `min-height` |
+
+### Structured Data
+
+| Gotcha | Fix |
+|--------|-----|
+| JSON-LD not validated | Test with Google Rich Results Test before deploy |
+| Wrong `@type` | `Product` for products, `Article` for posts, `FAQPage` for FAQs |
+| Missing `BreadcrumbList` | Add breadcrumb schema for all non-root pages |
+
+## Done Criteria (K4)
+
+- [ ] Every page has unique title, description, canonical URL
+- [ ] OG images are 1200x630px on all shareable pages
+- [ ] `robots.txt` and `sitemap.xml` present and correct
+- [ ] Structured data validates in Rich Results Test
+- [ ] Core Web Vitals green (LCP ≤2.5s, INP ≤200ms, CLS ≤0.1)
+- [ ] No `noindex` tags in production

package/skills/techdebt/SKILL.md

@@ -1,122 +1,122 @@
----
-name: techdebt
-description: "Technical debt cleanup — detect and fix duplicate code, console.log, unused imports, any types, etc. Recommended before session end. Activates on techdebt, cleanup, debt keywords."
-triggers: [techdebt, cleanup, debt, unused imports, console.log, dead code]
-priority: 60
----
-
-# Techdebt — Technical Debt Cleanup
-
-Detect and clean up technical debt in the codebase before session end or periodically.
-
-## Inspection Items
-
-### 1. Duplicate Code
-
-- Check for similar functions/logic across multiple files
-- Identify code extractable into common utilities
-- Method: Detect similar code with `core_analyze_complexity`
-
-### 2. Unused Code
-
-- Unused import statements
-- Unused variables/functions
-- Commented-out code blocks
-
-Detection tools:
-
-```
-# Detect unused imports (using Grep tool)
-Grep: pattern="^import .+ from" → cross-reference usage
-
-# Detect commented-out code blocks
-Grep: pattern="^\\s*//.*\\b(function|const|let|var|class|import)\\b"
-```
-
-### 3. Debug Code
-
-- `console.log` / `console.error` / `console.warn`
-- `debugger` statements
-- Temporary comments: `// TODO`, `// FIXME`, `// HACK`, `// XXX`
-
-Detection tools:
-
-```
-# Detect console statements (using Grep tool)
-Grep: pattern="console\\.(log|error|warn|debug)" glob="*.{ts,tsx}"
-
-# Detect TODO/FIXME
-Grep: pattern="(TODO|FIXME|HACK|XXX)" glob="*.{ts,tsx}"
-
-# Detect debugger statements
-Grep: pattern="\\bdebugger\\b" glob="*.{ts,tsx}"
-```
-
-### 4. Code Quality
-
-- `any` type usage (TypeScript)
-- Hardcoded values (magic numbers/strings)
-- Functions exceeding 50 lines
-- Nesting deeper than 4 levels
-
-Detection tools:
-
-```
-# Detect any types (using Grep tool)
-Grep: pattern=": any\\b|as any\\b" glob="*.{ts,tsx}"
-
-# Analyze complexity with built-in VIBE tools
-core_analyze_complexity: filePath="src/**/*.ts"
-core_validate_code_quality: filePath="src/**/*.ts"
-```
-
-## Output Format
-
-```markdown
-## Technical Debt Report
-
-### Duplicate Code (N items)
-- src/utils.ts:formatDate ↔ src/helpers.ts:formatDateTime
-
-### Unused Imports (N items)
-- src/components/Button.tsx:3 — React (unused)
-
-### Debug Code (N items)
-- src/api/auth.ts:23 — console.log
-
-### Code Quality Issues (N items)
-- src/services/user.ts:45 — any type usage
-- src/utils/calc.ts:10 — magic number (hardcoded 365)
-
-Total: N technical debt items found.
-```
-
-## Auto-fix Scope
-
-### Auto-fixable (Safe)
-
-| Item | Fix Method |
-|------|-----------|
-| Unused imports | Delete the import statement |
-| `console.log` / `debugger` | Delete the line |
-| Trailing whitespace / blank lines | Apply formatter |
-
-### Requires Manual Review (Safety Guard)
-
-| Item | Reason |
-|------|--------|
-| Duplicate code extraction | Need to verify logic equivalence |
-| `any` type fixes | Need proper type design |
-| Magic number extraction | Need to decide constant names and locations |
-| Long function splitting | Need to decide logic separation criteria |
-
-> Always show the scope of changes to the user and get confirmation before auto-fixing.
-
-## VIBE Tool Integration
-
-| Tool | Purpose |
-|------|---------|
-| `core_analyze_complexity` | Measure function complexity (nesting, line count) |
-| `core_validate_code_quality` | Detect code quality rule violations |
-| `core_suggest_improvements` | Generate improvement suggestions |
-| `core_check_coupling_cohesion` | Analyze module coupling/cohesion |
+---
+name: techdebt
+description: "Technical debt cleanup — detect and fix duplicate code, console.log, unused imports, any types, etc. Recommended before session end. Activates on techdebt, cleanup, debt keywords."
+triggers: [techdebt, cleanup, debt, unused imports, console.log, dead code]
+priority: 60
+---
+
+# Techdebt — Technical Debt Cleanup
+
+Detect and clean up technical debt in the codebase before session end or periodically.
+
+## Inspection Items
+
+### 1. Duplicate Code
+
+- Check for similar functions/logic across multiple files
+- Identify code extractable into common utilities
+- Method: Detect similar code with `core_analyze_complexity`
+
+### 2. Unused Code
+
+- Unused import statements
+- Unused variables/functions
+- Commented-out code blocks
+
+Detection tools:
+
+```
+# Detect unused imports (using Grep tool)
+Grep: pattern="^import .+ from" → cross-reference usage
+
+# Detect commented-out code blocks
+Grep: pattern="^\\s*//.*\\b(function|const|let|var|class|import)\\b"
+```
+
+### 3. Debug Code
+
+- `console.log` / `console.error` / `console.warn`
+- `debugger` statements
+- Temporary comments: `// TODO`, `// FIXME`, `// HACK`, `// XXX`
+
+Detection tools:
+
+```
+# Detect console statements (using Grep tool)
+Grep: pattern="console\\.(log|error|warn|debug)" glob="*.{ts,tsx}"
+
+# Detect TODO/FIXME
+Grep: pattern="(TODO|FIXME|HACK|XXX)" glob="*.{ts,tsx}"
+
+# Detect debugger statements
+Grep: pattern="\\bdebugger\\b" glob="*.{ts,tsx}"
+```
+
+### 4. Code Quality
+
+- `any` type usage (TypeScript)
+- Hardcoded values (magic numbers/strings)
+- Functions exceeding 50 lines
+- Nesting deeper than 4 levels
+
+Detection tools:
+
+```
+# Detect any types (using Grep tool)
+Grep: pattern=": any\\b|as any\\b" glob="*.{ts,tsx}"
+
+# Analyze complexity with built-in VIBE tools
+core_analyze_complexity: filePath="src/**/*.ts"
+core_validate_code_quality: filePath="src/**/*.ts"
+```
+
+## Output Format
+
+```markdown
+## Technical Debt Report
+
+### Duplicate Code (N items)
+- src/utils.ts:formatDate ↔ src/helpers.ts:formatDateTime
+
+### Unused Imports (N items)
+- src/components/Button.tsx:3 — React (unused)
+
+### Debug Code (N items)
+- src/api/auth.ts:23 — console.log
+
+### Code Quality Issues (N items)
+- src/services/user.ts:45 — any type usage
+- src/utils/calc.ts:10 — magic number (hardcoded 365)
+
+Total: N technical debt items found.
+```
+
+## Auto-fix Scope
+
+### Auto-fixable (Safe)
+
+| Item | Fix Method |
+|------|-----------|
+| Unused imports | Delete the import statement |
+| `console.log` / `debugger` | Delete the line |
+| Trailing whitespace / blank lines | Apply formatter |
+
+### Requires Manual Review (Safety Guard)
+
+| Item | Reason |
+|------|--------|
+| Duplicate code extraction | Need to verify logic equivalence |
+| `any` type fixes | Need proper type design |
+| Magic number extraction | Need to decide constant names and locations |
+| Long function splitting | Need to decide logic separation criteria |
+
+> Always show the scope of changes to the user and get confirmation before auto-fixing.
+
+## VIBE Tool Integration
+
+| Tool | Purpose |
+|------|---------|
+| `core_analyze_complexity` | Measure function complexity (nesting, line count) |
+| `core_validate_code_quality` | Detect code quality rule violations |
+| `core_suggest_improvements` | Generate improvement suggestions |
+| `core_check_coupling_cohesion` | Analyze module coupling/cohesion |