@sylphx/flow 2.30.0 → 3.0.1

package/assets/slash-commands/continue.md

@@ -1,94 +0,0 @@
----
-name: continue
-description: Trigger autonomous product iteration - think, improve, ship
----
-
-# Continue
-
-Continuously commit.
-
-The entire system — not limited to data — must strictly obey a Single Source of Truth (SSOT) principle.
-Every state, behavior, flow, permission, architecture decision, UI behavior, and side effect
-must have exactly one authoritative source, one interpretation, and one correct path.
-
-The system must be fully reason-able end to end.
-There must be no implicit behavior, hidden assumptions, magic defaults, or silent fallbacks.
-
-Continuously and repeatedly review, validate, and correct the entire system:
-- Membership and identity correctness and completeness
-- Consistency across state, permissions, flows, and lifecycle
-- Architectural boundaries, modularity, and separation of responsibilities
-- UI behavior matching system intent, state, and permissions
-- Alignment with modern industry standards and best practices
-
-No workarounds.
-No hacks.
-No temporary solutions.
-No backward compatibility.
-No deprecated logic.
-No TODOs.
-No dead code.
-No unused code.
-No incorrect or misleading code.
-
-Every feature must be built intent-first:
-- The correct model must exist before implementation
-- No duplicated concepts, parallel truths, or shadow logic
-- Any feature must be removable or refactorable without destabilizing the system
-
-Continuously perform:
-- Deduplication
-- Refactoring
-- Polishing
-- Modularity enforcement
-- Responsibility separation
-- Architectural correction
-
-The system must remain:
-- Stateless
-- Serverless-friendly
-- Scalable
-- Reasonable
-- Testable
-- Observable
-
-## Radix UI (Mandatory)
-
-If Radix has a primitive for it, you MUST use it. No exceptions. No custom implementations.
-Any custom implementation of something Radix already provides is a bug.
-
-## Bootstrap
-
-Admin bootstrap via INITIAL_SUPERADMIN_EMAIL only. One-time, non-reentrant, non-bypassable.
-
-## Platform-Led Integrations
-
-Platform is source of truth. Third-party services sync FROM platform, never reverse.
-All configuration in code. No manual third-party dashboard configuration.
-Platform can switch providers without architectural change.
-
-## Re-authentication
-
-Sensitive actions require step-up re-authentication (password or email OTP).
-Verified session state must be scoped, time-bound, never implicitly reused.
-
-## Technologies
-
-tRPC, Next.js (with Turbopack), Radix UI, next-intl, Drizzle,
-Better Auth, Stripe, Upstash, Neon, Vercel,
-Resend (email), Vercel Blob (storage),
-AI SDK with OpenRouter provider,
-Tailwind CSS (styling), @iconify-icon/react (icons),
-Bun, Biome, Bun test,
-Responsive Web Design.
-
----
-
-Any ambiguity, inconsistency, incompleteness, or undefined behavior
-must be treated as a bug, not a feature.
-
-The system must withstand repeated review, rejection, refactor, and redesign,
-and after every correction,
-become simpler, more consistent, and closer to the correct model.
-
-Ultrathink.

package/assets/slash-commands/continue2.md

@@ -1,61 +0,0 @@
----
-name: continue2
-description: Iterative codebase review - apply each skill guideline to audit and fix the project
----
-
-# Continue2: Guideline-Driven Codebase Review
-
-Use skill guidelines to audit and improve the project codebase.
-
-**Important**: You are reviewing the PROJECT CODE against the guidelines, NOT reviewing the guidelines themselves.
-
-## Process
-
-### Phase 1: Sequential Audit
-
-For each skill guideline:
-
-1. Use the Skill tool to load the guideline (e.g., `skill: "auth"`)
-2. Audit the project codebase against that guideline's non-negotiables
-3. Fix any violations found in the project code
-4. Move to next skill
-
-Skills to audit against (25 total):
-- auth, account-security, admin, appsec
-- billing, pricing, ledger
-- database, data-modeling
-- delivery, deployments, observability
-- privacy, seo, performance, pwa
-- uiux, i18n, growth
-- storage, support, referral
-- abuse-prevention, competitive-analysis, code-quality
-
-### Phase 2: Delegate Full Audit
-
-After Phase 1, delegate a comprehensive review to a worker agent:
-
-```
-Task: Audit the project codebase against all 25 skill guidelines.
-
-For each skill:
-1. Load the guideline using Skill tool (e.g., skill: "auth")
-2. Check if the project code complies with the non-negotiables
-3. Report any violations found
-
-Return: List of specific violations in the codebase, or "No violations found."
-```
-
-### Phase 3: Fix and Repeat
-
-If reviewer found violations:
-1. Fix all violations in the project code
-2. Return to Phase 2
-
-If no violations found:
-- Done. Commit and release.
-
-## Exit Condition
-
-The loop terminates when:
-- A reviewer agent returns "No violations found"
-- The project codebase fully complies with all skill guidelines

package/assets/slash-commands/improve.md

@@ -1,153 +0,0 @@
----
-name: improve
-description: Proactively discover and implement improvements
----
-
-# Proactive Improvement
-
-Analyze project comprehensively. Discover improvement opportunities. Prioritize and execute.
-
-## Discovery Areas
-
-**Code Quality:**
-- Code complexity hotspots
-- Duplication patterns
-- Test coverage gaps
-- Error handling weaknesses
-- Type safety improvements
-- Naming inconsistencies
-
-**Architecture:**
-- Tight coupling
-- Missing abstractions
-- Scalability bottlenecks
-- State management issues
-- API design improvements
-- Module organization
-
-**Performance:**
-- Slow algorithms (profiling data)
-- Database query inefficiencies
-- Bundle size optimization
-- Memory usage patterns
-- Network request optimization
-- Caching opportunities
-
-**Security:**
-- Vulnerability scan (dependencies)
-- Input validation gaps
-- Authentication/authorization weaknesses
-- Sensitive data exposure
-- OWASP top 10 check
-- Security best practices
-
-**Developer Experience:**
-- Development setup complexity
-- Build time optimization
-- Testing speed
-- Debugging capabilities
-- Error messages clarity
-- Documentation gaps
-
-**Maintenance:**
-- Outdated dependencies
-- Deprecated API usage
-- Missing tests
-- Incomplete documentation
-- Configuration complexity
-- Technical debt accumulation
-
-**Features:**
-- Missing functionality (user feedback)
-- Integration opportunities
-- Automation potential
-- Monitoring/observability
-- Error recovery
-- User experience improvements
-
-## Analysis Process
-
-1. **Scan** codebase comprehensively
-2. **Profile** performance bottlenecks
-3. **Check** security vulnerabilities
-4. **Review** dependencies for updates
-5. **Analyze** test coverage
-6. **Assess** documentation completeness
-7. **Evaluate** architectural patterns
-8. **Identify** missing features
-
-## Prioritization Matrix
-
-**Impact vs Effort:**
-- **High Impact + Low Effort** → Do first
-- **High Impact + High Effort** → Plan carefully
-- **Low Impact + Low Effort** → Quick wins
-- **Low Impact + High Effort** → Skip or defer
-
-**Categories:**
-- **Critical:** Security, data loss, crashes
-- **High:** Performance degradation, poor UX
-- **Medium:** Code quality, maintainability
-- **Low:** Nice-to-haves, polish
-
-## Execution Plan
-
-For each improvement:
-1. **Describe** what and why
-2. **Estimate** effort (small/medium/large)
-3. **Assess** impact (low/medium/high)
-4. **Prioritize** using matrix
-5. **Create** implementation plan
-
-Then execute top priorities:
-- Start with high-impact, low-effort
-- Make atomic commits
-- Test thoroughly
-- Document changes
-
-## Output Format
-
-```markdown
-## Improvement Opportunities
-
-### Critical (Do Now)
-1. [Security] Update vulnerable dependency X (CVE-XXXX)
-   - Impact: High (prevents exploit)
-   - Effort: Low (5 min)
-   - Action: `npm update X`
-
-### High Priority
-1. [Performance] Optimize user query (N+1 problem)
-   - Impact: High (10x speedup)
-   - Effort: Medium (2 hrs)
-   - Action: Batch queries with JOIN
-
-### Quick Wins
-1. [DX] Add pre-commit hooks
-   - Impact: Medium (catch errors early)
-   - Effort: Low (30 min)
-   - Action: Setup husky + lint-staged
-
-### Planned Improvements
-1. [Feature] Add caching layer
-   - Impact: High (reduce server load)
-   - Effort: High (1 week)
-   - Action: Design cache strategy, implement Redis
-
-## Execution Plan
-1. Fix security vulnerability (now)
-2. Optimize query performance (today)
-3. Add pre-commit hooks (today)
-4. Plan caching implementation (next sprint)
-```
-
-## Exit Criteria
-
-- [ ] Comprehensive analysis completed
-- [ ] Opportunities prioritized
-- [ ] High-priority improvements implemented
-- [ ] Tests pass
-- [ ] Impact measured
-- [ ] Documentation updated
-
-Report: Improvements discovered, implemented, impact metrics.

package/assets/slash-commands/init.md

@@ -1,34 +0,0 @@
----
-name: init
-description: Initialize project docs - create PRODUCT.md and ARCHITECTURE.md
----
-
-# Init Project Docs
-
-Create project documentation if missing:
-
-1. **Check** if `PRODUCT.md` exists in project root
-   - If missing → Create with structure:
-     - Vision / Mission
-     - Success Metrics (revenue, users, growth)
-     - Target Users
-     - Value Propositions
-     - Key Features
-     - Competitive Landscape
-     - Roadmap (Now / Next / Later)
-
-2. **Check** if `ARCHITECTURE.md` exists in project root
-   - If missing → Create with structure:
-     - Tech Stack (with rationale)
-     - System Design
-     - Key Patterns
-     - Data Models
-     - Integrations
-     - Technical Decisions
-     - Known Limitations
-
-3. **If files exist**, read them and suggest improvements based on current codebase.
-
-**Fill in details** based on what you can learn from the codebase. Ask user for what you can't infer.
-
-Product = WHAT and WHY. Architecture = HOW.

package/assets/slash-commands/polish.md

@@ -1,87 +0,0 @@
----
-name: polish
-description: Polish project presentation - docs, README, packaging, metadata
----
-
-# Polish Project
-
-Make project professional, welcoming, and well-documented.
-
-## Scope
-
-**README:**
-- Clear project description (what, why, how)
-- Installation instructions (tested)
-- Quick start example (copy-paste ready)
-- Key features (3-5 bullet points)
-- API overview
-- Links to full docs
-- Badges (build status, coverage, version, license)
-- Contributing guidelines link
-- License
-
-**Documentation:**
-- API reference (all public functions)
-- Usage examples (common scenarios)
-- Tutorials (step-by-step guides)
-- Architecture overview
-- Troubleshooting guide
-- FAQ
-- Migration guides (if applicable)
-
-**Code Comments:**
-- JSDoc for public APIs
-- Complex logic explained (WHY not WHAT)
-- Non-obvious decisions documented
-- Examples in comments where helpful
-
-**Packaging (package.json):**
-- Accurate description
-- Relevant keywords (10-15)
-- Repository URL
-- Homepage URL
-- Bug tracker URL
-- Author info
-- License
-- Engines specified
-- Files field (only ship necessary)
-
-**GitHub Metadata:**
-- Topics/tags (10-20 relevant tags)
-- Description (concise, searchable)
-- Website URL
-- Social preview image (if applicable)
-
-**Changelog:**
-- Update CHANGELOG.md
-- Clear version history
-- Breaking changes highlighted
-- Migration instructions
-
-**Contributing:**
-- CONTRIBUTING.md
-- Code of conduct
-- Development setup
-- Testing guidelines
-- PR process
-
-## Execution
-
-1. **Audit** what exists vs what's missing
-2. **Update** outdated content
-3. **Create** missing documentation
-4. **Test** all code examples
-5. **Verify** all links work
-6. **Ensure** consistency across docs
-
-## Quality Checks
-
-- [ ] README explains project in <5 min read
-- [ ] New user can get started in <10 min
-- [ ] All examples tested and work
-- [ ] No broken links
-- [ ] Search-friendly keywords
-- [ ] Professional presentation
-- [ ] Beginner-friendly
-
-Report: What was added/updated, coverage improved.

package/assets/slash-commands/quality.md

@@ -1,181 +0,0 @@
----
-name: quality
-description: Improve test coverage, fix tests, optimize performance, reduce bundle size
----
-
-# Quality Assurance
-
-Maximize quality metrics: tests, coverage, performance, bundle size.
-
-## Scope
-
-**Testing:**
-- Fix failing tests
-- Add missing tests (.test.ts for all modules)
-- Improve coverage (critical paths 100%, business logic 80%+)
-- Test edge cases
-- Test error paths
-- Integration tests
-- E2E tests (if applicable)
-
-**Benchmarking:**
-- Add benchmarks (.bench.ts for critical functions)
-- Measure performance
-- Identify regressions
-- Optimize slow operations
-
-**Performance:**
-- Profile hot paths
-- Optimize algorithms (reduce complexity)
-- Fix memory leaks
-- Reduce allocations
-- Cache expensive operations
-- Lazy load where possible
-
-**Bundle Size:**
-- Analyze bundle composition
-- Remove unused dependencies
-- Tree-shake effectively
-- Code split strategically
-- Compress assets
-- Use dynamic imports
-
-**Code Quality:**
-- Fix lint errors/warnings
-- Improve type safety (no `any`)
-- Reduce complexity
-- Improve maintainability
-- Follow code standards
-
-**Security:**
-- Fix vulnerabilities
-- Update dependencies
-- Validate inputs
-- Sanitize outputs
-- Secure defaults
-
-## Execution
-
-### 1. Test Coverage
-
-```bash
-# Run tests with coverage
-npm run test:coverage
-
-# Identify gaps
-# Add tests for uncovered code
-# Focus on critical paths first
-```
-
-**Priority:**
-- Critical business logic (100%)
-- Error handling (100%)
-- Edge cases (90%)
-- Happy paths (100%)
-- Integration points (80%)
-
-### 2. Benchmarking
-
-```bash
-# Run benchmarks
-npm run bench
-
-# Compare against baseline
-# Identify regressions
-# Optimize bottlenecks
-```
-
-**Add benchmarks for:**
-- Algorithm complexity (O(n) vs O(n²))
-- Database queries
-- API calls
-- Data processing
-- Rendering (if UI)
-
-### 3. Performance Profiling
-
-```bash
-# Profile application
-node --inspect ...
-# Or use Clinic.js, 0x, etc.
-
-# Identify bottlenecks
-# Optimize hot paths
-# Measure improvements
-```
-
-**Check:**
-- CPU usage
-- Memory usage
-- I/O operations
-- Network calls
-- Rendering time
-
-### 4. Bundle Analysis
-
-```bash
-# Analyze bundle
-npm run build -- --analyze
-
-# Check size
-ls -lh dist/
-
-# Identify large dependencies
-# Remove unnecessary code
-```
-
-**Optimize:**
-- Remove unused dependencies
-- Use smaller alternatives
-- Dynamic imports for large modules
-- Tree-shake effectively
-- Minify properly
-
-### 5. Quality Metrics
-
-**Track:**
-- Test coverage: `npm run test:coverage`
-- Bundle size: `ls -lh dist/`
-- Performance: `npm run bench`
-- Security: `npm audit`
-- Type coverage: TypeScript strict mode
-- Lint score: `npm run lint`
-
-## Targets
-
-**Tests:**
-- Coverage: ≥80% (business logic ≥90%)
-- All critical paths: 100%
-- Build time: <30s
-- Test time: <10s
-
-**Performance:**
-- Page load: <3s
-- API response: <200ms
-- Time to interactive: <5s
-- Bundle size: <100KB (gzipped)
-
-**Quality:**
-- Zero lint errors
-- Zero `any` types (unless justified)
-- Zero security vulnerabilities (high/critical)
-- Complexity score: <10 per function
-
-## Commit Strategy
-
-Atomic commits per improvement:
-- `test(auth): add tests for token validation`
-- `perf(db): optimize user query with batch loading`
-- `build: reduce bundle size by 40% with code splitting`
-
-## Exit Criteria
-
-- [ ] All tests pass
-- [ ] Coverage meets targets
-- [ ] Benchmarks added for critical functions
-- [ ] Performance optimized
-- [ ] Bundle size reduced
-- [ ] No security vulnerabilities
-- [ ] Quality metrics improved
-
-Report: Coverage %, bundle size reduction, performance gains, benchmarks added.

package/assets/slash-commands/release.md

@@ -1,103 +0,0 @@
----
-name: release
-description: Publish new version and monitor release process
----
-
-# Release & Publish
-
-Prepare, publish, and monitor package release.
-
-## Pre-Release Checks
-
-**Quality Gates:**
-- [ ] All tests pass
-- [ ] No lint errors
-- [ ] Build successful
-- [ ] No security vulnerabilities
-- [ ] Dependencies up to date
-- [ ] CHANGELOG updated
-- [ ] README accurate
-- [ ] Breaking changes documented
-
-**Version Decision:**
-- Breaking changes → `major`
-- New features → `minor` (default)
-- Bug fixes → `patch`
-
-## Release Process
-
-### For TypeScript/JavaScript Projects
-
-1. **Create Changeset:**
-   ```bash
-   bunx changeset
-   ```
-   - Select package
-   - Choose version bump type
-   - Write clear summary
-
-2. **Version Bump:**
-   ```bash
-   bunx changeset version
-   ```
-   - Updates package.json
-   - Updates CHANGELOG.md
-   - Consumes changeset
-
-3. **Commit & Push:**
-   ```bash
-   git add -A
-   git commit -m "chore(release): <package>@<version>"
-   git push
-   ```
-
-4. **Monitor CI:**
-   ```bash
-   gh run list --workflow=release --limit 5
-   gh run watch <run-id>
-   ```
-
-5. **Verify Publication:**
-   ```bash
-   npm view <package>@<version>
-   ```
-
-### For Other Projects
-
-1. Update version in manifest (package.json, setup.py, etc.)
-2. Update CHANGELOG
-3. Create git tag
-4. Push tag to trigger release
-5. Monitor CI/CD
-
-## Post-Release
-
-- [ ] Verify package published
-- [ ] Test installation: `npm install <package>@latest`
-- [ ] Create GitHub release with notes
-- [ ] Announce (if public package)
-- [ ] Close related issues/PRs
-
-## Troubleshooting
-
-**CI fails on install:**
-- Update lockfile locally: `bun install`
-- Commit and push
-
-**Tests fail in CI:**
-- Run tests locally: `npm test`
-- Fix issues, commit, push
-
-**Build fails:**
-- Check build locally: `npm run build`
-- Fix errors, commit, push
-
-## Exit Criteria
-
-- [ ] Package published successfully
-- [ ] CI workflow completed
-- [ ] GitHub release created
-- [ ] Version verified on registry
-- [ ] Installation tested
-
-Report: Version number, publish time, registry URL.