@synapta/skills 0.1.1 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +11 -4
- package/package.json +3 -4
- package/skills/ATTRIBUTION.md +80 -0
- package/skills/accessibility-audit/SKILL.md +325 -0
- package/skills/accessibility-audit/reference/wcag-checklist.md +103 -0
- package/skills/apns-notifier/SKILL.md +86 -0
- package/skills/approval-policy-enforcer/SKILL.md +66 -0
- package/skills/apps-sdk-builder/LICENSE.txt +201 -0
- package/skills/apps-sdk-builder/SKILL.md +328 -0
- package/skills/apps-sdk-builder/agents/openai.yaml +13 -0
- package/skills/apps-sdk-builder/references/app-archetypes.md +132 -0
- package/skills/apps-sdk-builder/references/apps-sdk-docs-workflow.md +135 -0
- package/skills/apps-sdk-builder/references/interactive-state-sync-patterns.md +113 -0
- package/skills/apps-sdk-builder/references/repo-contract-and-validation.md +93 -0
- package/skills/apps-sdk-builder/references/search-fetch-standard.md +67 -0
- package/skills/apps-sdk-builder/references/upstream-example-workflow.md +79 -0
- package/skills/apps-sdk-builder/references/window-openai-patterns.md +79 -0
- package/skills/apps-sdk-builder/scripts/scaffold_node_ext_apps.mjs +606 -0
- package/skills/architecture-selector/SKILL.md +64 -0
- package/skills/backlog-planner/SKILL.md +68 -0
- package/skills/carplay-entitlement-checker/SKILL.md +82 -0
- package/skills/concept-deepener/SKILL.md +86 -0
- package/skills/concept-discovery/SKILL.md +517 -0
- package/skills/concept-discovery/assets/sample-analysis.json +81 -0
- package/skills/concept-discovery/expected_outputs/sample-enum-dictionary.md +25 -0
- package/skills/concept-discovery/expected_outputs/sample-page-user-list.md +83 -0
- package/skills/concept-discovery/expected_outputs/sample-prd-readme.md +43 -0
- package/skills/concept-discovery/references/framework-patterns.md +228 -0
- package/skills/concept-discovery/references/prd-quality-checklist.md +65 -0
- package/skills/concept-discovery/scripts/codebase_analyzer.py +732 -0
- package/skills/concept-discovery/scripts/prd_scaffolder.py +435 -0
- package/skills/dast-zap/SKILL.md +453 -0
- package/skills/dast-zap/assets/.gitkeep +9 -0
- package/skills/dast-zap/assets/github_action.yml +207 -0
- package/skills/dast-zap/assets/gitlab_ci.yml +226 -0
- package/skills/dast-zap/assets/zap_automation.yaml +196 -0
- package/skills/dast-zap/assets/zap_context.xml +192 -0
- package/skills/dast-zap/references/EXAMPLE.md +40 -0
- package/skills/dast-zap/references/api_testing_guide.md +475 -0
- package/skills/dast-zap/references/authentication_guide.md +431 -0
- package/skills/dast-zap/references/false_positive_handling.md +427 -0
- package/skills/dast-zap/references/owasp_mapping.md +255 -0
- package/skills/dep-sbom-scan/SKILL.md +466 -0
- package/skills/deploy-cloudflare/SKILL.md +930 -0
- package/skills/deploy-docker/SKILL.md +55 -0
- package/skills/deploy-fly/SKILL.md +228 -0
- package/skills/deploy-k8s/SKILL.md +108 -0
- package/skills/deploy-k8s/assets/logo.png +0 -0
- package/skills/deploy-k8s/docs/README.md +29 -0
- package/skills/deploy-k8s/docs/SUMMARY.md +56 -0
- package/skills/deploy-k8s/docs/advanced/token-efficiency.md +61 -0
- package/skills/deploy-k8s/docs/architecture/multi-tenancy.md +96 -0
- package/skills/deploy-k8s/docs/architecture/storage-and-state.md +102 -0
- package/skills/deploy-k8s/docs/architecture/workload-patterns.md +87 -0
- package/skills/deploy-k8s/docs/book.json +16 -0
- package/skills/deploy-k8s/docs/community/changelog.md +34 -0
- package/skills/deploy-k8s/docs/community/contributing.md +67 -0
- package/skills/deploy-k8s/docs/core-concepts/failure-modes.md +153 -0
- package/skills/deploy-k8s/docs/core-concepts/philosophy.md +83 -0
- package/skills/deploy-k8s/docs/core-concepts/workflow.md +124 -0
- package/skills/deploy-k8s/docs/examples/bad-patterns.md +47 -0
- package/skills/deploy-k8s/docs/examples/do-dont-checklist.md +37 -0
- package/skills/deploy-k8s/docs/examples/good-patterns.md +49 -0
- package/skills/deploy-k8s/docs/failure-modes/api-drift.md +104 -0
- package/skills/deploy-k8s/docs/failure-modes/fragile-rollouts.md +99 -0
- package/skills/deploy-k8s/docs/failure-modes/insecure-workload-defaults.md +80 -0
- package/skills/deploy-k8s/docs/failure-modes/network-exposure.md +98 -0
- package/skills/deploy-k8s/docs/failure-modes/privilege-sprawl.md +91 -0
- package/skills/deploy-k8s/docs/failure-modes/resource-starvation.md +85 -0
- package/skills/deploy-k8s/docs/getting-started/installation.md +152 -0
- package/skills/deploy-k8s/docs/getting-started/quick-start.md +115 -0
- package/skills/deploy-k8s/docs/guides/helm-patterns.md +71 -0
- package/skills/deploy-k8s/docs/guides/kustomize-patterns.md +65 -0
- package/skills/deploy-k8s/docs/guides/observability.md +67 -0
- package/skills/deploy-k8s/docs/guides/security-hardening.md +59 -0
- package/skills/deploy-k8s/docs/guides/validation-and-policy.md +66 -0
- package/skills/deploy-k8s/docs/integrations/mcp-integration.md +52 -0
- package/skills/deploy-k8s/docs/package-lock.json +2892 -0
- package/skills/deploy-k8s/docs/package.json +13 -0
- package/skills/deploy-k8s/references/api-drift.md +298 -0
- package/skills/deploy-k8s/references/conditional/aks-patterns.md +70 -0
- package/skills/deploy-k8s/references/conditional/eks-patterns.md +79 -0
- package/skills/deploy-k8s/references/conditional/gitops-controllers.md +71 -0
- package/skills/deploy-k8s/references/conditional/gke-patterns.md +74 -0
- package/skills/deploy-k8s/references/conditional/observability-stacks.md +80 -0
- package/skills/deploy-k8s/references/conditional/openshift-patterns.md +67 -0
- package/skills/deploy-k8s/references/daemonset-operator-patterns.md +155 -0
- package/skills/deploy-k8s/references/deployment-patterns.md +146 -0
- package/skills/deploy-k8s/references/do-dont-patterns.md +87 -0
- package/skills/deploy-k8s/references/examples-bad.md +282 -0
- package/skills/deploy-k8s/references/examples-good.md +440 -0
- package/skills/deploy-k8s/references/fragile-rollouts.md +303 -0
- package/skills/deploy-k8s/references/helm-patterns.md +203 -0
- package/skills/deploy-k8s/references/insecure-workload-defaults.md +300 -0
- package/skills/deploy-k8s/references/job-patterns.md +120 -0
- package/skills/deploy-k8s/references/kustomize-patterns.md +239 -0
- package/skills/deploy-k8s/references/multi-tenancy.md +343 -0
- package/skills/deploy-k8s/references/network-exposure.md +481 -0
- package/skills/deploy-k8s/references/observability.md +302 -0
- package/skills/deploy-k8s/references/privilege-sprawl.md +273 -0
- package/skills/deploy-k8s/references/resource-starvation.md +374 -0
- package/skills/deploy-k8s/references/security-hardening.md +209 -0
- package/skills/deploy-k8s/references/stateful-patterns.md +130 -0
- package/skills/deploy-k8s/references/storage-and-state.md +330 -0
- package/skills/deploy-k8s/references/validation-and-policy.md +242 -0
- package/skills/deploy-railway/SKILL.md +235 -0
- package/skills/deploy-railway/references/analyze-db-mongo.md +84 -0
- package/skills/deploy-railway/references/analyze-db-mysql.md +254 -0
- package/skills/deploy-railway/references/analyze-db-postgres.md +479 -0
- package/skills/deploy-railway/references/analyze-db-redis.md +208 -0
- package/skills/deploy-railway/references/analyze-db.md +344 -0
- package/skills/deploy-railway/references/configure.md +309 -0
- package/skills/deploy-railway/references/deploy.md +195 -0
- package/skills/deploy-railway/references/operate.md +214 -0
- package/skills/deploy-railway/references/request.md +248 -0
- package/skills/deploy-railway/references/setup.md +312 -0
- package/skills/deploy-railway/scripts/analyze-mongo.py +1549 -0
- package/skills/deploy-railway/scripts/analyze-mysql.py +1195 -0
- package/skills/deploy-railway/scripts/analyze-postgres.py +3058 -0
- package/skills/deploy-railway/scripts/analyze-redis.py +1090 -0
- package/skills/deploy-railway/scripts/dal.py +671 -0
- package/skills/deploy-railway/scripts/enable-pg-stats.py +170 -0
- package/skills/deploy-railway/scripts/pg-extensions.py +370 -0
- package/skills/deploy-railway/scripts/railway-api.sh +52 -0
- package/skills/deploy-ssh/SKILL.md +91 -0
- package/skills/deploy-vercel/SKILL.md +304 -0
- package/skills/deploy-vercel/resources/deploy-codex.sh +301 -0
- package/skills/deploy-vercel/resources/deploy.sh +301 -0
- package/skills/docs-runbooks/SKILL.md +399 -0
- package/skills/drive-status-renderer/SKILL.md +62 -0
- package/skills/iac-scan/SKILL.md +680 -0
- package/skills/iac-scan/assets/.gitkeep +9 -0
- package/skills/iac-scan/assets/checkov_config.yaml +94 -0
- package/skills/iac-scan/assets/github_actions.yml +199 -0
- package/skills/iac-scan/assets/gitlab_ci.yml +218 -0
- package/skills/iac-scan/assets/pre_commit_config.yaml +92 -0
- package/skills/iac-scan/references/EXAMPLE.md +40 -0
- package/skills/iac-scan/references/compliance_mapping.md +237 -0
- package/skills/iac-scan/references/custom_policies.md +460 -0
- package/skills/iac-scan/references/suppression_guide.md +431 -0
- package/skills/incident-briefing/SKILL.md +66 -0
- package/skills/incident-triage/SKILL.md +481 -0
- package/{LICENSE → skills/mcp-builder/LICENSE.txt} +15 -14
- package/skills/mcp-builder/SKILL.md +244 -0
- package/skills/mcp-builder/reference/evaluation.md +602 -0
- package/skills/mcp-builder/reference/mcp_best_practices.md +249 -0
- package/skills/mcp-builder/reference/node_mcp_server.md +970 -0
- package/skills/mcp-builder/reference/python_mcp_server.md +719 -0
- package/skills/mcp-builder/scripts/connections.py +151 -0
- package/skills/mcp-builder/scripts/evaluation.py +373 -0
- package/skills/mcp-builder/scripts/example_evaluation.xml +22 -0
- package/skills/mcp-builder/scripts/requirements.txt +2 -0
- package/skills/mobile-pairing/SKILL.md +52 -0
- package/skills/ops-sre/SKILL.md +297 -0
- package/skills/playwright-qa/LICENSE.txt +201 -0
- package/skills/playwright-qa/NOTICE.txt +14 -0
- package/skills/playwright-qa/SKILL.md +156 -0
- package/skills/playwright-qa/agents/openai.yaml +6 -0
- package/skills/playwright-qa/assets/playwright-small.svg +3 -0
- package/skills/playwright-qa/assets/playwright.png +0 -0
- package/skills/playwright-qa/references/cli.md +116 -0
- package/skills/playwright-qa/references/workflows.md +95 -0
- package/skills/playwright-qa/scripts/playwright_cli.sh +25 -0
- package/skills/release-publish/SKILL.md +85 -0
- package/skills/repo-bootstrap/SKILL.md +92 -0
- package/skills/repo-bootstrap/assets/example-workflows/validate-agents.yml +89 -0
- package/skills/repo-bootstrap/assets/root-thin.md +141 -0
- package/skills/repo-bootstrap/assets/root-verbose.md +149 -0
- package/skills/repo-bootstrap/assets/scoped/backend-go.md +107 -0
- package/skills/repo-bootstrap/assets/scoped/backend-php.md +94 -0
- package/skills/repo-bootstrap/assets/scoped/backend-python.md +84 -0
- package/skills/repo-bootstrap/assets/scoped/backend-typescript.md +89 -0
- package/skills/repo-bootstrap/assets/scoped/claude-code-skill.md +101 -0
- package/skills/repo-bootstrap/assets/scoped/cli.md +83 -0
- package/skills/repo-bootstrap/assets/scoped/concourse.md +196 -0
- package/skills/repo-bootstrap/assets/scoped/ddev.md +68 -0
- package/skills/repo-bootstrap/assets/scoped/docker.md +160 -0
- package/skills/repo-bootstrap/assets/scoped/documentation.md +98 -0
- package/skills/repo-bootstrap/assets/scoped/examples.md +96 -0
- package/skills/repo-bootstrap/assets/scoped/frontend-typescript.md +88 -0
- package/skills/repo-bootstrap/assets/scoped/github-actions.md +174 -0
- package/skills/repo-bootstrap/assets/scoped/gitlab-ci.md +174 -0
- package/skills/repo-bootstrap/assets/scoped/oro-bundle.md +209 -0
- package/skills/repo-bootstrap/assets/scoped/oro-project.md +170 -0
- package/skills/repo-bootstrap/assets/scoped/python-modern.md +170 -0
- package/skills/repo-bootstrap/assets/scoped/resources.md +96 -0
- package/skills/repo-bootstrap/assets/scoped/skill-repo.md +139 -0
- package/skills/repo-bootstrap/assets/scoped/symfony.md +168 -0
- package/skills/repo-bootstrap/assets/scoped/testing.md +87 -0
- package/skills/repo-bootstrap/assets/scoped/typo3-docs.md +103 -0
- package/skills/repo-bootstrap/assets/scoped/typo3-extension.md +133 -0
- package/skills/repo-bootstrap/assets/scoped/typo3-project.md +137 -0
- package/skills/repo-bootstrap/assets/scoped/typo3-testing.md +80 -0
- package/skills/repo-bootstrap/checkpoints.yaml +279 -0
- package/skills/repo-bootstrap/evals/evals.json +385 -0
- package/skills/repo-bootstrap/references/ai-contribution-guidelines.md +63 -0
- package/skills/repo-bootstrap/references/ai-tool-compatibility.md +223 -0
- package/skills/repo-bootstrap/references/directory-coverage.md +82 -0
- package/skills/repo-bootstrap/references/examples/coding-agent-cli/AGENTS.md +70 -0
- package/skills/repo-bootstrap/references/examples/coding-agent-cli/go.mod +3 -0
- package/skills/repo-bootstrap/references/examples/coding-agent-cli/scripts-AGENTS.md +389 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/.env.example +13 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/AGENTS.md +91 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/package.json +33 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/pnpm-lock.yaml +3 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/src/AGENTS.md +91 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/src/config.ts +28 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/src/controllers/userController.ts +74 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/src/index.ts +26 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/src/middleware/errorHandler.ts +45 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/src/middleware/requestLogger.ts +18 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/src/routes/health.ts +18 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/src/routes/users.ts +13 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/src/utils/errors.ts +40 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/src/utils/logger.ts +14 -0
- package/skills/repo-bootstrap/references/examples/express-api-ts/tsconfig.json +24 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/.env.example +19 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/AGENTS.md +92 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/pyproject.toml +88 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/src/AGENTS.md +85 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/src/__init__.py +3 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/src/config.py +49 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/src/main.py +66 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/src/models/__init__.py +13 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/src/models/item.py +43 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/src/models/user.py +40 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/src/routes/__init__.py +5 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/src/routes/health.py +20 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/src/routes/items.py +61 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/src/routes/users.py +55 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/src/services/__init__.py +6 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/src/services/item_service.py +77 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/src/services/user_service.py +69 -0
- package/skills/repo-bootstrap/references/examples/fastapi-app/uv.lock +4 -0
- package/skills/repo-bootstrap/references/examples/go-api-with-react-admin/.scopes +3 -0
- package/skills/repo-bootstrap/references/examples/go-api-with-react-admin/AGENTS.md +86 -0
- package/skills/repo-bootstrap/references/examples/go-api-with-react-admin/admin/package.json +20 -0
- package/skills/repo-bootstrap/references/examples/go-api-with-react-admin/admin/src/App.tsx +5 -0
- package/skills/repo-bootstrap/references/examples/go-api-with-react-admin/cmd/api/main.go +7 -0
- package/skills/repo-bootstrap/references/examples/go-api-with-react-admin/go.mod +2 -0
- package/skills/repo-bootstrap/references/examples/go-api-with-react-admin/main.go +7 -0
- package/skills/repo-bootstrap/references/examples/go-with-internal-web-tsx/.scopes +3 -0
- package/skills/repo-bootstrap/references/examples/go-with-internal-web-tsx/AGENTS.md +89 -0
- package/skills/repo-bootstrap/references/examples/go-with-internal-web-tsx/go.mod +2 -0
- package/skills/repo-bootstrap/references/examples/go-with-internal-web-tsx/internal/web/AGENTS.md +90 -0
- package/skills/repo-bootstrap/references/examples/go-with-internal-web-tsx/internal/web/package.json +17 -0
- package/skills/repo-bootstrap/references/examples/go-with-internal-web-tsx/internal/web/src/App.tsx +1 -0
- package/skills/repo-bootstrap/references/examples/go-with-internal-web-tsx/internal/web/src/Button.tsx +1 -0
- package/skills/repo-bootstrap/references/examples/go-with-internal-web-tsx/internal/web/src/Footer.tsx +1 -0
- package/skills/repo-bootstrap/references/examples/go-with-internal-web-tsx/internal/web/src/Header.tsx +1 -0
- package/skills/repo-bootstrap/references/examples/go-with-internal-web-tsx/internal/web/src/Sidebar.tsx +1 -0
- package/skills/repo-bootstrap/references/examples/go-with-internal-web-tsx/main.go +7 -0
- package/skills/repo-bootstrap/references/examples/go-with-internal-web-tsx/package-lock.json +0 -0
- package/skills/repo-bootstrap/references/examples/go-with-internal-web-tsx/package.json +12 -0
- package/skills/repo-bootstrap/references/examples/ldap-selfservice/AGENTS.md +70 -0
- package/skills/repo-bootstrap/references/examples/ldap-selfservice/go.mod +3 -0
- package/skills/repo-bootstrap/references/examples/ldap-selfservice/internal-AGENTS.md +371 -0
- package/skills/repo-bootstrap/references/examples/ldap-selfservice/internal-web-AGENTS.md +448 -0
- package/skills/repo-bootstrap/references/examples/php-with-frontend/.scopes +3 -0
- package/skills/repo-bootstrap/references/examples/php-with-frontend/AGENTS.md +91 -0
- package/skills/repo-bootstrap/references/examples/php-with-frontend/composer.json +8 -0
- package/skills/repo-bootstrap/references/examples/php-with-frontend/package.json +15 -0
- package/skills/repo-bootstrap/references/examples/php-with-frontend/pnpm-lock.yaml +0 -0
- package/skills/repo-bootstrap/references/examples/php-with-frontend/src/Controller.php +3 -0
- package/skills/repo-bootstrap/references/examples/php-with-frontend/web/AGENTS.md +92 -0
- package/skills/repo-bootstrap/references/examples/php-with-frontend/web/package.json +26 -0
- package/skills/repo-bootstrap/references/examples/php-with-frontend/web/src/App.tsx +3 -0
- package/skills/repo-bootstrap/references/examples/php-with-frontend/web/src/Button.tsx +10 -0
- package/skills/repo-bootstrap/references/examples/php-with-frontend/web/src/Footer.tsx +9 -0
- package/skills/repo-bootstrap/references/examples/php-with-frontend/web/src/Header.tsx +9 -0
- package/skills/repo-bootstrap/references/examples/php-with-frontend/web/src/main.tsx +3 -0
- package/skills/repo-bootstrap/references/examples/php-with-frontend/web/tsconfig.json +13 -0
- package/skills/repo-bootstrap/references/examples/pnpm-workspace/AGENTS.md +75 -0
- package/skills/repo-bootstrap/references/examples/pnpm-workspace/package.json +7 -0
- package/skills/repo-bootstrap/references/examples/pnpm-workspace/packages/web/package.json +11 -0
- package/skills/repo-bootstrap/references/examples/pnpm-workspace/packages/web/src/index.ts +11 -0
- package/skills/repo-bootstrap/references/examples/pnpm-workspace/pnpm-lock.yaml +42 -0
- package/skills/repo-bootstrap/references/examples/pnpm-workspace/pnpm-workspace.yaml +2 -0
- package/skills/repo-bootstrap/references/examples/simple-ldap-go/AGENTS.md +70 -0
- package/skills/repo-bootstrap/references/examples/simple-ldap-go/examples-AGENTS.md +45 -0
- package/skills/repo-bootstrap/references/examples/simple-ldap-go/go.mod +3 -0
- package/skills/repo-bootstrap/references/examples/t3x-rte-ckeditor-image/AGENTS.md +70 -0
- package/skills/repo-bootstrap/references/examples/t3x-rte-ckeditor-image/Classes-AGENTS.md +392 -0
- package/skills/repo-bootstrap/references/examples/t3x-rte-ckeditor-image/composer.json +8 -0
- package/skills/repo-bootstrap/references/feedback-memory-schema.md +135 -0
- package/skills/repo-bootstrap/references/git-hooks-setup.md +79 -0
- package/skills/repo-bootstrap/references/output-structure.md +124 -0
- package/skills/repo-bootstrap/references/scripts-guide.md +175 -0
- package/skills/repo-bootstrap/references/verification-guide.md +137 -0
- package/skills/repo-bootstrap/scripts/analyze-git-history.sh +315 -0
- package/skills/repo-bootstrap/scripts/check-freshness.sh +230 -0
- package/skills/repo-bootstrap/scripts/detect-golden-samples.sh +161 -0
- package/skills/repo-bootstrap/scripts/detect-heuristics.sh +93 -0
- package/skills/repo-bootstrap/scripts/detect-project.sh +486 -0
- package/skills/repo-bootstrap/scripts/detect-scopes.sh +330 -0
- package/skills/repo-bootstrap/scripts/detect-utilities.sh +133 -0
- package/skills/repo-bootstrap/scripts/extract-adrs.sh +194 -0
- package/skills/repo-bootstrap/scripts/extract-agent-configs.sh +331 -0
- package/skills/repo-bootstrap/scripts/extract-architecture-rules.sh +522 -0
- package/skills/repo-bootstrap/scripts/extract-ci-commands.sh +385 -0
- package/skills/repo-bootstrap/scripts/extract-ci-rules.sh +384 -0
- package/skills/repo-bootstrap/scripts/extract-commands.sh +358 -0
- package/skills/repo-bootstrap/scripts/extract-documentation.sh +308 -0
- package/skills/repo-bootstrap/scripts/extract-github-rulesets.sh +96 -0
- package/skills/repo-bootstrap/scripts/extract-github-settings.sh +88 -0
- package/skills/repo-bootstrap/scripts/extract-ide-settings.sh +228 -0
- package/skills/repo-bootstrap/scripts/extract-platform-files.sh +290 -0
- package/skills/repo-bootstrap/scripts/extract-quality-configs.sh +442 -0
- package/skills/repo-bootstrap/scripts/generate-agents.sh +2424 -0
- package/skills/repo-bootstrap/scripts/generate-file-map.sh +153 -0
- package/skills/repo-bootstrap/scripts/lib/config-root.sh +211 -0
- package/skills/repo-bootstrap/scripts/lib/summary.sh +244 -0
- package/skills/repo-bootstrap/scripts/lib/template.sh +397 -0
- package/skills/repo-bootstrap/scripts/validate-structure.sh +324 -0
- package/skills/repo-bootstrap/scripts/verify-commands.sh +615 -0
- package/skills/repo-bootstrap/scripts/verify-content.sh +302 -0
- package/skills/schema-api-contracts/SKILL.md +56 -0
- package/skills/secret-hygiene/SKILL.md +511 -0
- package/skills/secret-hygiene/assets/.gitkeep +9 -0
- package/skills/secret-hygiene/assets/config-balanced.toml +81 -0
- package/skills/secret-hygiene/assets/config-custom.toml +178 -0
- package/skills/secret-hygiene/assets/config-strict.toml +48 -0
- package/skills/secret-hygiene/assets/github-action.yml +181 -0
- package/skills/secret-hygiene/assets/gitlab-ci.yml +257 -0
- package/skills/secret-hygiene/assets/precommit-config.yaml +70 -0
- package/skills/secret-hygiene/references/EXAMPLE.md +40 -0
- package/skills/secret-hygiene/references/compliance_mapping.md +538 -0
- package/skills/secret-hygiene/references/detection_rules.md +276 -0
- package/skills/secret-hygiene/references/false_positives.md +598 -0
- package/skills/secret-hygiene/references/remediation_guide.md +530 -0
- package/skills/stack-selector/SKILL.md +56 -0
- package/skills/telegram-control/SKILL.md +110 -0
- package/skills/telegram-control/references/architecture.md +184 -0
- package/skills/telegram-control/references/convex.md +173 -0
- package/skills/telegram-control/references/error_handling.md +212 -0
- package/skills/telegram-control/references/initial_setup.md +165 -0
- package/skills/telegram-control/references/telegram_api.md +156 -0
- package/skills/telegram-control/scripts/cancel_message.ts +53 -0
- package/skills/telegram-control/scripts/list_scheduled.ts +103 -0
- package/skills/telegram-control/scripts/logger.ts +121 -0
- package/skills/telegram-control/scripts/proxy-util.ts +11 -0
- package/skills/telegram-control/scripts/schedule_message.ts +216 -0
- package/skills/telegram-control/scripts/send_message.ts +115 -0
- package/skills/telegram-control/scripts/setup.ts +185 -0
- package/skills/telegram-control/scripts/types.ts +75 -0
- package/skills/telegram-control/scripts/view_history.ts +74 -0
- package/skills/test-strategy/SKILL.md +352 -0
- package/skills/threat-model/SKILL.md +303 -0
- package/skills/threat-model/examples/example-output.md +196 -0
- package/skills/threat-model/template.md +96 -0
- package/skills/ts-lint/SKILL.md +80 -0
- package/skills/ui-flow/SKILL.md +668 -0
- package/skills/voice-command-router/SKILL.md +51 -0
- package/skills/widget-live-activity-sync/SKILL.md +66 -0
|
@@ -0,0 +1,196 @@
|
|
|
1
|
+
# Example: STRIDE Analysis for Freelancer Project Sharing Feature
|
|
2
|
+
|
|
3
|
+
## System Overview
|
|
4
|
+
|
|
5
|
+
**System Name**: Project Invite & Permissions System (for Freelancer Marketplace)
|
|
6
|
+
|
|
7
|
+
**Description**: Feature allows freelancers to invite clients to a project workspace. Clients can view project files, updates, and billing, but permissions are granular (view-only, comment, edit).
|
|
8
|
+
|
|
9
|
+
**Scope**:
|
|
10
|
+
|
|
11
|
+
- In scope: Invite mechanism, permission checks, role-based access control
|
|
12
|
+
- Out of scope: File storage encryption (handled by separate system), client authentication (SSO/SAML)
|
|
13
|
+
|
|
14
|
+
---
|
|
15
|
+
|
|
16
|
+
## Data Flow Diagram
|
|
17
|
+
|
|
18
|
+
```
|
|
19
|
+
Freelancer Web App
|
|
20
|
+
↓
|
|
21
|
+
→ [Invite Service]
|
|
22
|
+
↓
|
|
23
|
+
[Database: Invites]
|
|
24
|
+
[Database: Permissions]
|
|
25
|
+
↓
|
|
26
|
+
← [Permission Check]
|
|
27
|
+
↓
|
|
28
|
+
Client Web App
|
|
29
|
+
↓
|
|
30
|
+
[File Storage API]
|
|
31
|
+
[Billing API]
|
|
32
|
+
```
|
|
33
|
+
|
|
34
|
+
**Trust Boundaries**:
|
|
35
|
+
|
|
36
|
+
- Public internet ↔ Application server
|
|
37
|
+
- Application server ↔ Database
|
|
38
|
+
|
|
39
|
+
---
|
|
40
|
+
|
|
41
|
+
## Threat Analysis by STRIDE Category
|
|
42
|
+
|
|
43
|
+
### S - Spoofing Identity
|
|
44
|
+
|
|
45
|
+
| Threat | Asset | Likelihood | Impact | Mitigation |
|
|
46
|
+
| ----------------------------------------------------------------------------- | -------------------------- | ---------- | -------- | ----------------------------------------------------------------------------------------------------------------------------- |
|
|
47
|
+
| Attacker forges invite link and access project as fake client | Project data, billing info | Medium | High | Use cryptographically random invite tokens (UUID v4); expire after 7 days or first use; verify token integrity with HMAC |
|
|
48
|
+
| Freelancer impersonates another freelancer to invite someone to their project | Project data | Low | High | Verify freelancer ownership before allowing invite; check freelancer ID matches project owner |
|
|
49
|
+
| Client brute-forces invite link to guess other projects | Multiple projects | Medium | Critical | Rate-limit invite endpoint (10 requests/min/IP); implement exponential backoff after failed attempts; log all failed attempts |
|
|
50
|
+
|
|
51
|
+
---
|
|
52
|
+
|
|
53
|
+
### T - Tampering with Data
|
|
54
|
+
|
|
55
|
+
| Threat | Asset | Likelihood | Impact | Mitigation |
|
|
56
|
+
| --------------------------------------------------------------------------------------- | --------------------------- | ---------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------- |
|
|
57
|
+
| Attacker modifies invite to grant higher privileges (view-only → admin) | Permissions, project access | Low | Critical | Sign invites with HMAC-SHA256; verify signature before processing; store permissions in database (not in invite token) |
|
|
58
|
+
| Client intercepts and modifies permission string in API call (role: "viewer" → "admin") | Permissions | Medium | High | Validate all permission changes server-side; don't trust client-submitted permissions; enforce role hierarchy; log permission changes |
|
|
59
|
+
| Attacker changes their own role after invitation accepted | Permissions | Medium | High | Permission checks must happen server-side on every API call; no client-side permission checks; use role claim from signed JWT |
|
|
60
|
+
|
|
61
|
+
---
|
|
62
|
+
|
|
63
|
+
### R - Repudiation
|
|
64
|
+
|
|
65
|
+
| Threat | Asset | Likelihood | Impact | Mitigation |
|
|
66
|
+
| -------------------------------------------------------------------------- | ---------------------------------- | ---------- | ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------ |
|
|
67
|
+
| Client denies they accepted project invite; claims access was unauthorized | Project data access, audit trail | Low | Medium | Log all invite acceptance events (timestamp, IP, user agent); require explicit accept action; email confirmation of acceptance; retain logs for 1 year |
|
|
68
|
+
| Freelancer claims they didn't remove client's access (removes then denies) | Project permissions, client access | Low | Medium | Immutable audit log of all permission changes (created, modified, revoked); log who made change and when; client receives email on removal |
|
|
69
|
+
|
|
70
|
+
---
|
|
71
|
+
|
|
72
|
+
### I - Information Disclosure
|
|
73
|
+
|
|
74
|
+
| Threat | Asset | Likelihood | Impact | Mitigation |
|
|
75
|
+
| -------------------------------------------------------------------------------------------------------- | --------------------------------------- | ---------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ |
|
|
76
|
+
| Invite token leaked in logs or error messages; attacker uses to access project | Project data | Medium | Critical | Never log full invite tokens; log only first 8 chars; don't expose tokens in error messages; sanitize stack traces in production |
|
|
77
|
+
| Client email exposed in invite link or API response; attacker learns which clients use which freelancers | Client identity, privacy | Medium | Medium | Use invite tokens instead of email addresses in URLs; don't return client email in API responses unless authenticated; encrypt email in transit (HTTPS only) |
|
|
78
|
+
| Attacker enumerates projects by guessing project IDs | Project existence, client relationships | High | Medium | Use UUID (not sequential IDs) for project IDs; don't expose project IDs in API; require authentication for all project endpoints |
|
|
79
|
+
| Permission checks bypass; client can see other projects they shouldn't | Project data, privacy | Low | Critical | Check user permissions on every API call; whitelist allowed actions; default to deny; test permission checks with automated security tests |
|
|
80
|
+
|
|
81
|
+
---
|
|
82
|
+
|
|
83
|
+
### D - Denial of Service
|
|
84
|
+
|
|
85
|
+
| Threat | Asset | Likelihood | Impact | Mitigation |
|
|
86
|
+
| ------------------------------------------------------------------------------ | -------------------- | ---------- | ------ | ---------------------------------------------------------------------------------------------------------------------------- |
|
|
87
|
+
| Attacker sends millions of invite requests; overloads service | Service availability | Medium | High | Rate limit: 100 invites/hour per freelancer; queue requests; implement circuit breaker for overload; monitor queue depth |
|
|
88
|
+
| Attacker brute-forces permission endpoint; kills service with invalid requests | Service availability | Medium | High | Rate limit: 1000 API calls/hour per user; implement exponential backoff (10s, 100s, 1000s); block for 1 hour after threshold |
|
|
89
|
+
| Attacker creates massive invite list; database query slow | Service performance | Low | Medium | Index permission queries (user_id, project_id); paginate results; cache permission checks (5-min TTL) |
|
|
90
|
+
|
|
91
|
+
---
|
|
92
|
+
|
|
93
|
+
### E - Elevation of Privilege
|
|
94
|
+
|
|
95
|
+
| Threat | Asset | Likelihood | Impact | Mitigation |
|
|
96
|
+
| ----------------------------------------------------------------------------------------------------- | ------------------------------- | ---------- | -------- | ----------------------------------------------------------------------------------------------------------------------------------- |
|
|
97
|
+
| Client with "viewer" role tricks API to grant themselves "editor" role | Project edit access | Low | Critical | No client-side role selection; server always determines role based on invite; reject API calls with role claims from client |
|
|
98
|
+
| Freelancer with "editor" role grants themselves "admin" on someone else's project | Admin access, project ownership | Low | Critical | Check freelancer owns project before allowing role changes; only project owner can grant admin; log all admin actions |
|
|
99
|
+
| Attacker discovers permission API; calls it directly to assign themselves "editor" on random projects | Unauthorized access | Medium | Critical | Implement CSRF tokens on all state-changing endpoints; verify request origin; require authentication with valid session; rate limit |
|
|
100
|
+
|
|
101
|
+
---
|
|
102
|
+
|
|
103
|
+
## Risk Summary
|
|
104
|
+
|
|
105
|
+
| Threat ID | Threat Name | Category | Severity | Status |
|
|
106
|
+
| --------- | ----------------------------- | -------- | -------- | ------ |
|
|
107
|
+
| S-1 | Invite link forgery | S | Critical | New |
|
|
108
|
+
| S-2 | Freelancer impersonation | S | Critical | New |
|
|
109
|
+
| S-3 | Invite brute-force | S | Critical | New |
|
|
110
|
+
| T-1 | Invite tampering | T | Critical | New |
|
|
111
|
+
| T-2 | Permission escalation via API | T | Critical | New |
|
|
112
|
+
| T-3 | Client modifies own role | T | Critical | New |
|
|
113
|
+
| R-1 | Repudiation of acceptance | R | Medium | New |
|
|
114
|
+
| R-2 | Repudiation of removal | R | Medium | New |
|
|
115
|
+
| I-1 | Token in logs | I | Critical | New |
|
|
116
|
+
| I-2 | Email exposure | I | Medium | New |
|
|
117
|
+
| I-3 | Project enumeration | I | Medium | New |
|
|
118
|
+
| I-4 | Permission bypass | I | Critical | New |
|
|
119
|
+
| D-1 | Invite spam DoS | D | High | New |
|
|
120
|
+
| D-2 | API brute-force DoS | D | High | New |
|
|
121
|
+
| D-3 | Slow queries | D | Medium | New |
|
|
122
|
+
| E-1 | Client role elevation | E | Critical | New |
|
|
123
|
+
| E-2 | Freelancer admin escalation | E | Critical | New |
|
|
124
|
+
| E-3 | Unauthorized permission API | E | Critical | New |
|
|
125
|
+
|
|
126
|
+
---
|
|
127
|
+
|
|
128
|
+
## Mitigation Roadmap
|
|
129
|
+
|
|
130
|
+
### Phase 1 (Next 30 days): Critical Issues
|
|
131
|
+
|
|
132
|
+
- Implement HMAC signing for invite tokens (S-1, T-1)
|
|
133
|
+
- Add server-side permission validation (T-2, E-1)
|
|
134
|
+
- Implement rate limiting on invite & permission endpoints (S-3, D-1, D-2)
|
|
135
|
+
- Sanitize token logging (I-1)
|
|
136
|
+
- Add CSRF protection (E-3)
|
|
137
|
+
|
|
138
|
+
**Success Criteria**: All Critical-severity threats have mitigations in place; tests added for each mitigation
|
|
139
|
+
|
|
140
|
+
### Phase 2 (Next 90 days): High Severity + Audit
|
|
141
|
+
|
|
142
|
+
- Add audit logging for invite/permission changes (R-1, R-2)
|
|
143
|
+
- Implement permission query caching (D-3)
|
|
144
|
+
- Automated security tests for permission checks
|
|
145
|
+
- User education: how invites work, what permissions mean
|
|
146
|
+
- Penetration test by external firm
|
|
147
|
+
|
|
148
|
+
### Phase 3 (Next 6 months): Hardening + Monitoring
|
|
149
|
+
|
|
150
|
+
- Real-time alerting for permission anomalies
|
|
151
|
+
- Monthly threat review and update
|
|
152
|
+
- Customer communication about security features
|
|
153
|
+
- Consider implementing invite verification codes (SMS/email confirmation)
|
|
154
|
+
|
|
155
|
+
---
|
|
156
|
+
|
|
157
|
+
## Implementation Notes
|
|
158
|
+
|
|
159
|
+
### Development Checklist
|
|
160
|
+
|
|
161
|
+
- [ ] Generate invites as `secrets.token_urlsafe(32)` (cryptographically secure)
|
|
162
|
+
- [ ] Store hash of token in database: `hashlib.sha256(token.encode()).hexdigest()`
|
|
163
|
+
- [ ] Expire tokens: 7 days or on first use
|
|
164
|
+
- [ ] All permission checks server-side: `if not user_has_permission(user_id, project_id, 'edit'): return 403`
|
|
165
|
+
- [ ] Audit logging on every permission change: log timestamp, user, action, old value, new value
|
|
166
|
+
- [ ] Rate limiting: implement with Redis + sliding window
|
|
167
|
+
- [ ] CSRF protection: `flask-wtf` or equivalent; validate X-CSRF-Token
|
|
168
|
+
- [ ] Logging: never log full tokens, only first 8 chars
|
|
169
|
+
- [ ] Tests: 100+ test cases covering permission boundaries, role escalation attempts, expired tokens
|
|
170
|
+
|
|
171
|
+
### Testing Plan
|
|
172
|
+
|
|
173
|
+
- **Unit tests**: Permission check logic (pass/fail for each role)
|
|
174
|
+
- **Integration tests**: Full invite flow (freelancer invite → client accept → access check)
|
|
175
|
+
- **Security tests**: Attempt role escalation, token forgery, brute-force
|
|
176
|
+
- **Load tests**: Invite endpoint under 10K requests/min
|
|
177
|
+
|
|
178
|
+
---
|
|
179
|
+
|
|
180
|
+
## Review & Sign-Off
|
|
181
|
+
|
|
182
|
+
| Role | Name | Date | Sign-Off |
|
|
183
|
+
| ---------------- | ------ | ------ | -------- |
|
|
184
|
+
| Security Lead | [Name] | [Date] | [ ] |
|
|
185
|
+
| Product Owner | [Name] | [Date] | [ ] |
|
|
186
|
+
| Engineering Lead | [Name] | [Date] | [ ] |
|
|
187
|
+
|
|
188
|
+
---
|
|
189
|
+
|
|
190
|
+
## Next Steps
|
|
191
|
+
|
|
192
|
+
1. **Implement Phase 1 mitigations** (assign by end of week)
|
|
193
|
+
2. **Schedule security review** with team (45 min)
|
|
194
|
+
3. **Add threat tests to CI/CD** (ensure no regression)
|
|
195
|
+
4. **Plan external pentest** for Phase 2
|
|
196
|
+
5. **Communicate with customers** (security feature release notes)
|
|
@@ -0,0 +1,96 @@
|
|
|
1
|
+
# STRIDE Threat Analysis Template
|
|
2
|
+
|
|
3
|
+
## System Overview
|
|
4
|
+
|
|
5
|
+
**System Name**: [Name of system being analyzed]
|
|
6
|
+
|
|
7
|
+
**Description**: [High-level description of what the system does and who uses it]
|
|
8
|
+
|
|
9
|
+
**Scope**: [What's in scope? What's out of scope?]
|
|
10
|
+
|
|
11
|
+
---
|
|
12
|
+
|
|
13
|
+
## Data Flow Diagram
|
|
14
|
+
|
|
15
|
+
```
|
|
16
|
+
[ASCII or description of DFD showing:
|
|
17
|
+
- External entities (users, external systems)
|
|
18
|
+
- Processes (services, functions)
|
|
19
|
+
- Data stores (databases, caches)
|
|
20
|
+
- Data flows (arrows between components)
|
|
21
|
+
- Trust boundaries (dashed lines)]
|
|
22
|
+
```
|
|
23
|
+
|
|
24
|
+
---
|
|
25
|
+
|
|
26
|
+
## Threat Analysis by STRIDE Category
|
|
27
|
+
|
|
28
|
+
### S - Spoofing Identity
|
|
29
|
+
|
|
30
|
+
| Threat | Asset | Likelihood | Impact | Mitigation |
|
|
31
|
+
| -------------------- | ----------------- | ----------------- | ---------- | --------------------------- |
|
|
32
|
+
| [Threat description] | [What's at risk?] | [High/Medium/Low] | [Severity] | [How do we prevent/detect?] |
|
|
33
|
+
|
|
34
|
+
### T - Tampering with Data
|
|
35
|
+
|
|
36
|
+
| Threat | Asset | Likelihood | Impact | Mitigation |
|
|
37
|
+
| -------------------- | ----------------- | ----------------- | ---------- | --------------------------- |
|
|
38
|
+
| [Threat description] | [What's at risk?] | [High/Medium/Low] | [Severity] | [How do we prevent/detect?] |
|
|
39
|
+
|
|
40
|
+
### R - Repudiation
|
|
41
|
+
|
|
42
|
+
| Threat | Asset | Likelihood | Impact | Mitigation |
|
|
43
|
+
| -------------------- | ----------------- | ----------------- | ---------- | --------------------------- |
|
|
44
|
+
| [Threat description] | [What's at risk?] | [High/Medium/Low] | [Severity] | [How do we prevent/detect?] |
|
|
45
|
+
|
|
46
|
+
### I - Information Disclosure
|
|
47
|
+
|
|
48
|
+
| Threat | Asset | Likelihood | Impact | Mitigation |
|
|
49
|
+
| -------------------- | ----------------- | ----------------- | ---------- | --------------------------- |
|
|
50
|
+
| [Threat description] | [What's at risk?] | [High/Medium/Low] | [Severity] | [How do we prevent/detect?] |
|
|
51
|
+
|
|
52
|
+
### D - Denial of Service
|
|
53
|
+
|
|
54
|
+
| Threat | Asset | Likelihood | Impact | Mitigation |
|
|
55
|
+
| -------------------- | ----------------- | ----------------- | ---------- | --------------------------- |
|
|
56
|
+
| [Threat description] | [What's at risk?] | [High/Medium/Low] | [Severity] | [How do we prevent/detect?] |
|
|
57
|
+
|
|
58
|
+
### E - Elevation of Privilege
|
|
59
|
+
|
|
60
|
+
| Threat | Asset | Likelihood | Impact | Mitigation |
|
|
61
|
+
| -------------------- | ----------------- | ----------------- | ---------- | --------------------------- |
|
|
62
|
+
| [Threat description] | [What's at risk?] | [High/Medium/Low] | [Severity] | [How do we prevent/detect?] |
|
|
63
|
+
|
|
64
|
+
---
|
|
65
|
+
|
|
66
|
+
## Risk Summary
|
|
67
|
+
|
|
68
|
+
| Threat ID | Threat Name | Category | Severity | Status |
|
|
69
|
+
| --------- | ----------- | ------------- | -------------------------- | --------------------------- |
|
|
70
|
+
| [ID] | [Name] | [S/T/R/I/D/E] | [Critical/High/Medium/Low] | [New/In Progress/Mitigated] |
|
|
71
|
+
|
|
72
|
+
---
|
|
73
|
+
|
|
74
|
+
## Mitigation Roadmap
|
|
75
|
+
|
|
76
|
+
**Phase 1 (Next 30 days)**: [Critical/High severity mitigations]
|
|
77
|
+
|
|
78
|
+
**Phase 2 (Next 90 days)**: [Medium severity mitigations]
|
|
79
|
+
|
|
80
|
+
**Phase 3 (Next 6 months)**: [Low severity mitigations, long-term hardening]
|
|
81
|
+
|
|
82
|
+
---
|
|
83
|
+
|
|
84
|
+
## Review & Sign-Off
|
|
85
|
+
|
|
86
|
+
| Role | Name | Date | Sign-Off |
|
|
87
|
+
| ---------------- | ---- | ---- | -------- |
|
|
88
|
+
| Security Lead | | | |
|
|
89
|
+
| Product Owner | | | |
|
|
90
|
+
| Engineering Lead | | | |
|
|
91
|
+
|
|
92
|
+
---
|
|
93
|
+
|
|
94
|
+
## Appendix: Asset Register
|
|
95
|
+
|
|
96
|
+
[List all valuable assets: user data, API keys, databases, payment information, intellectual property, etc.]
|
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: ts-lint
|
|
3
|
+
description: Configure typescript-eslint + Prettier + strict tsc for TypeScript projects. Runs the gates, surfaces findings, proposes minimal fixes. Enforces `noUncheckedIndexedAccess` and friends.
|
|
4
|
+
triggers: [synapta lint, ESLint, Prettier, tsc strict, typescript-eslint]
|
|
5
|
+
network: off
|
|
6
|
+
tools: [Bash, Read, Edit]
|
|
7
|
+
source:
|
|
8
|
+
origin: authored-by-synapta
|
|
9
|
+
reason: "No quality community SKILL.md found for strict-mode TypeScript lint configuration."
|
|
10
|
+
citation_patterns:
|
|
11
|
+
- "typescript-eslint (https://typescript-eslint.io)"
|
|
12
|
+
- "Prettier (https://prettier.io)"
|
|
13
|
+
- "TypeScript handbook tsconfig reference"
|
|
14
|
+
---
|
|
15
|
+
|
|
16
|
+
# TS Lint
|
|
17
|
+
|
|
18
|
+
Set up and enforce TypeScript code quality gates. Synapta's monorepo uses these settings; this skill applies the same to any TS project.
|
|
19
|
+
|
|
20
|
+
## Strict tsc settings (non-negotiable)
|
|
21
|
+
|
|
22
|
+
```jsonc
|
|
23
|
+
{
|
|
24
|
+
"compilerOptions": {
|
|
25
|
+
"strict": true,
|
|
26
|
+
"noUncheckedIndexedAccess": true,
|
|
27
|
+
"noImplicitOverride": true,
|
|
28
|
+
"exactOptionalPropertyTypes": true,
|
|
29
|
+
"isolatedModules": true,
|
|
30
|
+
"verbatimModuleSyntax": true,
|
|
31
|
+
"moduleResolution": "NodeNext",
|
|
32
|
+
"module": "NodeNext",
|
|
33
|
+
"target": "ES2023"
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
```
|
|
37
|
+
|
|
38
|
+
These catch the bulk of real bugs at compile time. Don't turn them off; fix the code.
|
|
39
|
+
|
|
40
|
+
## ESLint config (flat config, eslint 9+)
|
|
41
|
+
|
|
42
|
+
Use `@typescript-eslint/parser` + `@typescript-eslint/eslint-plugin`. Recommended rule sets:
|
|
43
|
+
- `typescript-eslint/recommended-type-checked`
|
|
44
|
+
- `typescript-eslint/stylistic-type-checked`
|
|
45
|
+
|
|
46
|
+
Avoid `@typescript-eslint/no-explicit-any` set to `error` repo-wide if it produces excessive churn; downgrade to `warn` and own the cleanup with a separate skill.
|
|
47
|
+
|
|
48
|
+
## Prettier
|
|
49
|
+
|
|
50
|
+
Single config at repo root. No per-package overrides. Run `prettier --write` as a pre-commit hook (lint-staged or husky). Avoid Prettier rules that fight ESLint — prefer `eslint-config-prettier` to disable formatting rules in ESLint.
|
|
51
|
+
|
|
52
|
+
## Process
|
|
53
|
+
|
|
54
|
+
1. Detect existing config (`eslint.config.js`, `.eslintrc*`, `tsconfig.json`, `.prettierrc*`).
|
|
55
|
+
2. If missing: install + create minimal configs that satisfy the strict-tsc table above.
|
|
56
|
+
3. Run `tsc --noEmit`, `eslint .`, `prettier --check .` — surface the top 10 findings.
|
|
57
|
+
4. Propose minimal fixes; never auto-disable rules to "make it green."
|
|
58
|
+
|
|
59
|
+
## Output
|
|
60
|
+
|
|
61
|
+
A working `package.json` script set:
|
|
62
|
+
```json
|
|
63
|
+
{
|
|
64
|
+
"scripts": {
|
|
65
|
+
"lint": "eslint .",
|
|
66
|
+
"lint:fix": "eslint . --fix",
|
|
67
|
+
"format": "prettier --write .",
|
|
68
|
+
"format:check": "prettier --check .",
|
|
69
|
+
"typecheck": "tsc --noEmit"
|
|
70
|
+
}
|
|
71
|
+
}
|
|
72
|
+
```
|
|
73
|
+
|
|
74
|
+
Plus a single ADR for any rule that's intentionally relaxed.
|
|
75
|
+
|
|
76
|
+
## Anti-patterns
|
|
77
|
+
|
|
78
|
+
- Per-file `// eslint-disable-next-line` to dodge a rule the codebase should respect
|
|
79
|
+
- Disabling `noUncheckedIndexedAccess` because "it's annoying" — that's the rule doing its job
|
|
80
|
+
- Custom rule plugins for stylistic preferences — Prettier handles formatting
|