@sylix/coworker 2.0.11 → 2.0.12

package/dist/skills/defaults/devops/code-review-excellence.md

@@ -0,0 +1,299 @@
+---
+name: code-review-excellence
+description: Master effective code review practices to provide constructive feedback, catch bugs early, and foster knowledge sharing while maintaining team morale. Use when reviewing pull requests, establishing review standards, or mentoring developers.
+---
+
+# Code Review Excellence
+
+Transform code reviews from gatekeeping to knowledge sharing through constructive feedback, systematic analysis, and collaborative improvement.
+
+## When to Use This Skill
+
+- Reviewing pull requests and code changes
+- Establishing code review standards for teams
+- Mentoring junior developers through reviews
+- Conducting architecture reviews
+- Creating review checklists and guidelines
+- Improving team collaboration
+- Reducing code review cycle time
+- Maintaining code quality standards
+
+## Core Principles
+
+### 1. The Review Mindset
+
+**Goals of Code Review:**
+
+- Catch bugs and edge cases
+- Ensure code maintainability
+- Share knowledge across team
+- Enforce coding standards
+- Improve design and architecture
+- Build team culture
+
+**Not the Goals:**
+
+- Show off knowledge
+- Nitpick formatting (use linters)
+- Block progress unnecessarily
+- Rewrite to your preference
+
+### 2. Effective Feedback
+
+**Good Feedback is:**
+
+- Specific and actionable
+- Educational, not judgmental
+- Focused on the code, not the person
+- Balanced (praise good work too)
+- Prioritized (critical vs nice-to-have)
+
+```markdown
+❌ Bad: "This is wrong."
+✅ Good: "This could cause a race condition when multiple users
+access simultaneously. Consider using a mutex here."
+
+❌ Bad: "Why didn't you use X pattern?"
+✅ Good: "Have you considered the Repository pattern? It would
+make this easier to test. Here's an example."
+
+❌ Bad: "Rename this variable."
+✅ Good: "[nit] Consider `userCount` instead of `uc` for
+clarity. Not blocking if you prefer to keep it."
+```
+
+### 3. Review Scope
+
+**What to Review:**
+
+- Logic correctness and edge cases
+- Security vulnerabilities
+- Performance implications
+- Test coverage and quality
+- Error handling
+- Documentation and comments
+- API design and naming
+- Architectural fit
+
+**What Not to Review Manually:**
+
+- Code formatting (use Prettier, Black, etc.)
+- Import organization
+- Linting violations
+- Simple typos
+
+## Review Process
+
+### Phase 1: Context Gathering (2-3 minutes)
+
+1. Read PR description and linked issue
+2. Check PR size (>400 lines? Ask to split)
+3. Review CI/CD status (tests passing?)
+4. Understand the business requirement
+
+### Phase 2: High-Level Review (5-10 minutes)
+
+1. **Architecture & Design**
+   - Does the solution fit the problem?
+   - Are there simpler approaches?
+   - Is it consistent with existing patterns?
+
+2. **File Organization**
+   - Are new files in the right places?
+   - Is code grouped logically?
+
+3. **Testing Strategy**
+   - Are there tests?
+   - Do tests cover edge cases?
+
+### Phase 3: Line-by-Line Review (10-20 minutes)
+
+1. **Logic & Correctness**
+   - Edge cases handled?
+   - Off-by-one errors?
+   - Null/undefined checks?
+
+2. **Security**
+   - Input validation?
+   - SQL injection risks?
+
+3. **Performance**
+   - N+1 queries?
+   - Unnecessary loops?
+
+### Phase 4: Summary & Decision
+
+1. Summarize key concerns
+2. Highlight what you liked
+3. Make clear decision:
+   - ✅ Approve
+   - 💬 Comment (minor suggestions)
+   - 🔄 Request Changes (must address)
+
+## Review Techniques
+
+### Technique 1: The Checklist Method
+
+```markdown
+## Security Checklist
+
+- [ ] User input validated and sanitized
+- [ ] SQL queries use parameterization
+- [ ] Authentication/authorization checked
+- [ ] Secrets not hardcoded
+
+## Performance Checklist
+
+- [ ] No N+1 queries
+- [ ] Database queries indexed
+- [ ] Large lists paginated
+- [ ] Expensive operations cached
+```
+
+### Technique 2: The Question Approach
+
+```markdown
+❌ "This will fail if the list is empty."
+✅ "What happens if `items` is an empty array?"
+
+❌ "You need error handling here."
+✅ "How should this behave if the API call fails?"
+```
+
+### Technique 3: Suggest, Don't Command
+
+```markdown
+❌ "You must change this to use async/await"
+✅ "Suggestion: async/await might make this more readable:
+async function fetchUser(id: string) {
+    const user = await db.query('SELECT * FROM users WHERE id = ?', id);
+    return user;
+}
+What do you think?"
+```
+
+### Technique 4: Differentiate Severity
+
+```markdown
+🔴 [blocking] - Must fix before merge
+🟡 [important] - Should fix, discuss if disagree
+🟢 [nit] - Nice to have, not blocking
+💡 [suggestion] - Alternative approach to consider
+🎉 [praise] - Good work, keep it up!
+```
+
+## Language-Specific Patterns
+
+### Python Code Review
+
+```python
+# ❌ Mutable default arguments
+def add_item(item, items=[]):  # Bug! Shared across calls
+    items.append(item)
+    return items
+
+# ✅ Use None as default
+def add_item(item, items=None):
+    if items is None:
+        items = []
+    items.append(item)
+    return items
+
+# ❌ Catching too broad
+try:
+    result = risky_operation()
+except:  # Catches everything!
+    pass
+
+# ✅ Catch specific exceptions
+try:
+    result = risky_operation()
+except ValueError as e:
+    logger.error(f"Invalid value: {e}")
+    raise
+```
+
+### TypeScript/JavaScript Code Review
+
+```typescript
+// ❌ Using any defeats type safety
+function processData(data: any) {
+    return data.value;
+}
+
+// ✅ Use proper types
+interface DataPayload {
+    value: string;
+}
+function processData(data: DataPayload) {
+    return data.value;
+}
+
+// ❌ Not handling async errors
+async function fetchUser(id: string) {
+    const response = await fetch(`/api/users/${id}`);
+    return response.json();  // What if network fails?
+}
+
+// ✅ Handle errors properly
+async function fetchUser(id: string): Promise<User> {
+    try {
+        const response = await fetch(`/api/users/${id}`);
+        if (!response.ok) {
+            throw new Error(`HTTP ${response.status}`);
+        }
+        return await response.json();
+    } catch (error) {
+        console.error('Failed to fetch user:', error);
+        throw error;
+    }
+}
+```
+
+## Best Practices
+
+1. **Review Promptly**: Within 24 hours, ideally same day
+2. **Limit PR Size**: 200-400 lines max for effective review
+3. **Review in Time Blocks**: 60 minutes max, take breaks
+4. **Use Review Tools**: GitHub, GitLab, or dedicated tools
+5. **Automate What You Can**: Linters, formatters, security scans
+6. **Build Rapport**: Emoji, praise, and empathy matter
+7. **Be Available**: Offer to pair on complex issues
+8. **Learn from Others**: Review others' review comments
+
+## Common Pitfalls
+
+- **Perfectionism**: Blocking PRs for minor style preferences
+- **Scope Creep**: "While you're at it, can you also..."
+- **Inconsistency**: Different standards for different people
+- **Delayed Reviews**: Letting PRs sit for days
+- **Ghosting**: Requesting changes then disappearing
+- **Rubber Stamping**: Approving without actually reviewing
+- **Bike Shedding**: Debating trivial details extensively
+
+## Templates
+
+### PR Review Comment Template
+
+```markdown
+## Summary
+
+[Brief overview of what was reviewed]
+
+## Strengths
+
+- [What was done well]
+
+## Required Changes
+
+🔴 [Blocking issue 1]
+🔴 [Blocking issue 2]
+
+## Suggestions
+
+💡 [Improvement 1]
+
+## Verdict
+
+✅ Approve after addressing required changes
+```

package/dist/skills/defaults/devops/cost-optimization.md

@@ -0,0 +1,295 @@
+---
+name: cost-optimization
+description: Optimize cloud costs through resource rightsizing, tagging strategies, reserved instances, and spending analysis. Use when reducing cloud expenses, analyzing infrastructure costs, or implementing cost governance policies.
+---
+
+# Cloud Cost Optimization
+
+Strategies and patterns for optimizing cloud costs across AWS, Azure, and GCP.
+
+## Purpose
+
+Implement systematic cost optimization strategies to reduce cloud spending while maintaining performance and reliability.
+
+## When to Use
+
+- Reduce cloud spending
+- Right-size resources
+- Implement cost governance
+- Optimize multi-cloud costs
+- Meet budget constraints
+
+## Cost Optimization Framework
+
+### 1. Visibility
+
+- Implement cost allocation tags
+- Use cloud cost management tools
+- Set up budget alerts
+- Create cost dashboards
+
+### 2. Right-Sizing
+
+- Analyze resource utilization
+- Downsize over-provisioned resources
+- Use auto-scaling
+- Remove idle resources
+
+### 3. Pricing Models
+
+- Use reserved capacity
+- Leverage spot/preemptible instances
+- Implement savings plans
+- Use committed use discounts
+
+### 4. Architecture Optimization
+
+- Use managed services
+- Implement caching
+- Optimize data transfer
+- Use lifecycle policies
+
+## AWS Cost Optimization
+
+### Reserved Instances
+
+```
+Savings: 30-72% vs On-Demand
+Term: 1 or 3 years
+Payment: All/Partial/No upfront
+Flexibility: Standard or Convertible
+```
+
+### Savings Plans
+
+```
+Compute Savings Plans: 66% savings
+EC2 Instance Savings Plans: 72% savings
+Applies to: EC2, Fargate, Lambda
+Flexible across: Instance families, regions, OS
+```
+
+### Spot Instances
+
+```
+Savings: Up to 90% vs On-Demand
+Best for: Batch jobs, CI/CD, stateless workloads
+Risk: 2-minute interruption notice
+Strategy: Mix with On-Demand for resilience
+```
+
+### S3 Cost Optimization
+
+```hcl
+resource "aws_s3_bucket_lifecycle_configuration" "example" {
+  bucket = aws_s3_bucket.example.id
+
+  rule {
+    id     = "transition-to-ia"
+    status = "Enabled"
+
+    transition {
+      days          = 30
+      storage_class = "STANDARD_IA"
+    }
+
+    transition {
+      days          = 90
+      storage_class = "GLACIER"
+    }
+
+    expiration {
+      days = 365
+    }
+  }
+}
+```
+
+## Azure Cost Optimization
+
+### Reserved VM Instances
+
+- 1 or 3 year terms
+- Up to 72% savings
+- Flexible sizing
+- Exchangeable
+
+### Azure Hybrid Benefit
+
+- Use existing Windows Server licenses
+- Up to 80% savings with RI
+- Available for Windows and SQL Server
+
+### Azure Advisor Recommendations
+
+- Right-size VMs
+- Delete unused resources
+- Use reserved capacity
+- Optimize storage
+
+## GCP Cost Optimization
+
+### Committed Use Discounts
+
+- 1 or 3 year commitment
+- Up to 57% savings
+- Applies to vCPUs and memory
+- Resource-based or spend-based
+
+### Sustained Use Discounts
+
+- Automatic discounts
+- Up to 30% for running instances
+- No commitment required
+- Applies to Compute Engine, GKE
+
+### Preemptible VMs
+
+- Up to 80% savings
+- 24-hour maximum runtime
+- Best for batch workloads
+
+## Tagging Strategy
+
+### AWS Tagging
+
+```hcl
+locals {
+  common_tags = {
+    Environment = "production"
+    Project     = "my-project"
+    CostCenter  = "engineering"
+    Owner       = "team@example.com"
+    ManagedBy   = "terraform"
+  }
+}
+
+resource "aws_instance" "example" {
+  ami           = "ami-12345678"
+  instance_type = "t3.medium"
+
+  tags = merge(
+    local.common_tags,
+    {
+      Name = "web-server"
+    }
+  )
+}
+```
+
+**Reference:** See `references/tagging-standards.md`
+
+## Cost Monitoring
+
+### Budget Alerts
+
+```hcl
+# AWS Budget
+resource "aws_budgets_budget" "monthly" {
+  name              = "monthly-budget"
+  budget_type       = "COST"
+  limit_amount      = "1000"
+  limit_unit        = "USD"
+  time_period_start = "2024-01-01_00:00"
+  time_unit         = "MONTHLY"
+
+  notification {
+    comparison_operator        = "GREATER_THAN"
+    threshold                  = 80
+    threshold_type            = "PERCENTAGE"
+    notification_type         = "ACTUAL"
+    subscriber_email_addresses = ["team@example.com"]
+  }
+}
+```
+
+### Cost Anomaly Detection
+
+- AWS Cost Anomaly Detection
+- Azure Cost Management alerts
+- GCP Budget alerts
+
+## Architecture Patterns
+
+### Pattern 1: Serverless First
+
+- Use Lambda/Functions for event-driven
+- Pay only for execution time
+- Auto-scaling included
+- No idle costs
+
+### Pattern 2: Right-Sized Databases
+
+```
+Development: t3.small RDS
+Staging: t3.large RDS
+Production: r6g.2xlarge RDS with read replicas
+```
+
+### Pattern 3: Multi-Tier Storage
+
+```
+Hot data: S3 Standard
+Warm data: S3 Standard-IA (30 days)
+Cold data: S3 Glacier (90 days)
+Archive: S3 Deep Archive (365 days)
+```
+
+### Pattern 4: Auto-Scaling
+
+```hcl
+resource "aws_autoscaling_policy" "scale_up" {
+  name                   = "scale-up"
+  scaling_adjustment     = 2
+  adjustment_type        = "ChangeInCapacity"
+  cooldown              = 300
+  autoscaling_group_name = aws_autoscaling_group.main.name
+}
+
+resource "aws_cloudwatch_metric_alarm" "cpu_high" {
+  alarm_name          = "cpu-high"
+  comparison_operator = "GreaterThanThreshold"
+  evaluation_periods  = "2"
+  metric_name         = "CPUUtilization"
+  namespace           = "AWS/EC2"
+  period              = "60"
+  statistic           = "Average"
+  threshold           = "80"
+  alarm_actions       = [aws_autoscaling_policy.scale_up.arn]
+}
+```
+
+## Cost Optimization Checklist
+
+- [ ] Implement cost allocation tags
+- [ ] Delete unused resources (EBS, EIPs, snapshots)
+- [ ] Right-size instances based on utilization
+- [ ] Use reserved capacity for steady workloads
+- [ ] Implement auto-scaling
+- [ ] Optimize storage classes
+- [ ] Use lifecycle policies
+- [ ] Enable cost anomaly detection
+- [ ] Set budget alerts
+- [ ] Review costs weekly
+- [ ] Use spot/preemptible instances
+- [ ] Optimize data transfer costs
+- [ ] Implement caching layers
+- [ ] Use managed services
+- [ ] Monitor and optimize continuously
+
+## Tools
+
+- **AWS:** Cost Explorer, Cost Anomaly Detection, Compute Optimizer
+- **Azure:** Cost Management, Advisor
+- **GCP:** Cost Management, Recommender
+- **Multi-cloud:** CloudHealth, Cloudability, Kubecost
+
+## Reference Files
+
+- `references/tagging-standards.md` - Tagging conventions
+- `assets/cost-analysis-template.xlsx` - Cost analysis spreadsheet
+
+## Related Skills
+
+- `terraform-module-library` - For resource provisioning
+- `multi-cloud-architecture` - For cloud selection