@tinkcarlos/skillora 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (234) hide show
  1. package/.claude/skills/.temp-skill-index.md +245 -0
  2. package/.claude/skills/SKILL.md +264 -0
  3. package/.claude/skills/api-scaffolding/SKILL.md +431 -0
  4. package/.claude/skills/api-scaffolding/agents/backend-architect.md +282 -0
  5. package/.claude/skills/api-scaffolding/agents/django-pro.md +144 -0
  6. package/.claude/skills/api-scaffolding/agents/fastapi-pro.md +156 -0
  7. package/.claude/skills/api-scaffolding/agents/graphql-architect.md +146 -0
  8. package/.claude/skills/api-scaffolding/skills/fastapi-templates/SKILL.md +171 -0
  9. package/.claude/skills/api-testing-observability/SKILL.md +583 -0
  10. package/.claude/skills/api-testing-observability/agents/api-documenter.md +146 -0
  11. package/.claude/skills/api-testing-observability/commands/api-mock.md +1320 -0
  12. package/.claude/skills/brainstorming/SKILL.md +283 -0
  13. package/.claude/skills/bug-fixing/SKILL.md +382 -0
  14. package/.claude/skills/bug-fixing/references/backend-guide.md +132 -0
  15. package/.claude/skills/bug-fixing/references/bug-guide.md +354 -0
  16. package/.claude/skills/bug-fixing/references/bug-record-template.md +134 -0
  17. package/.claude/skills/bug-fixing/references/bug-records.md +88 -0
  18. package/.claude/skills/bug-fixing/references/code-review-gate.md +81 -0
  19. package/.claude/skills/bug-fixing/references/common-bugs.md +140 -0
  20. package/.claude/skills/bug-fixing/references/complete-workflow.md +361 -0
  21. package/.claude/skills/bug-fixing/references/config-driven-fixes.md +136 -0
  22. package/.claude/skills/bug-fixing/references/context-isolation-protocol.md +268 -0
  23. package/.claude/skills/bug-fixing/references/cross-surface-regression.md +120 -0
  24. package/.claude/skills/bug-fixing/references/database-investigation.md +129 -0
  25. package/.claude/skills/bug-fixing/references/dependency-and-integrity-protocol.md +369 -0
  26. package/.claude/skills/bug-fixing/references/fix-completeness-checklist.md +239 -0
  27. package/.claude/skills/bug-fixing/references/frontend-guide.md +219 -0
  28. package/.claude/skills/bug-fixing/references/fullstack-joint-guide.md +123 -0
  29. package/.claude/skills/bug-fixing/references/functional-breakage.md +117 -0
  30. package/.claude/skills/bug-fixing/references/ide-lint-errors-guide.md +176 -0
  31. package/.claude/skills/bug-fixing/references/impact-analysis.md +511 -0
  32. package/.claude/skills/bug-fixing/references/investigation-checklist.md +263 -0
  33. package/.claude/skills/bug-fixing/references/knowledge-extraction-guide.md +531 -0
  34. package/.claude/skills/bug-fixing/references/knowledge-workflow.md +212 -0
  35. package/.claude/skills/bug-fixing/references/post-edit-quality-gate.md +30 -0
  36. package/.claude/skills/bug-fixing/references/python-env-and-testing.md +126 -0
  37. package/.claude/skills/bug-fixing/references/rca-guide.md +428 -0
  38. package/.claude/skills/bug-fixing/references/similar-bug-patterns.md +113 -0
  39. package/.claude/skills/bug-fixing/references/skill-delegation-guide.md +350 -0
  40. package/.claude/skills/bug-fixing/references/skill-orchestration.md +155 -0
  41. package/.claude/skills/bug-fixing/references/testing-strategy.md +350 -0
  42. package/.claude/skills/bug-fixing/references/tooling-build-scripts.md +162 -0
  43. package/.claude/skills/bug-fixing/references/user-input-validation.md +77 -0
  44. package/.claude/skills/bug-fixing/references/ux-patterns.md +158 -0
  45. package/.claude/skills/bug-fixing/references/windows-terminal-hygiene.md +106 -0
  46. package/.claude/skills/bug-fixing/references/zero-regression-matrix.md +239 -0
  47. package/.claude/skills/bug-fixing/references/zero-risk-protocol.md +102 -0
  48. package/.claude/skills/bug-fixing/scripts/format_code.py +611 -0
  49. package/.claude/skills/bug-fixing/scripts/generate_report_template.py +74 -0
  50. package/.claude/skills/bug-fixing/scripts/lint_check.py +816 -0
  51. package/.claude/skills/bug-fixing/scripts/requirements.txt +36 -0
  52. package/.claude/skills/cicd-pipeline/SKILL.md +300 -0
  53. package/.claude/skills/code-review/SKILL.md +535 -0
  54. package/.claude/skills/code-review/references/anti-pattern-scan.md +102 -0
  55. package/.claude/skills/code-review/references/automated-analysis.md +456 -0
  56. package/.claude/skills/code-review/references/backend-common-issues.md +589 -0
  57. package/.claude/skills/code-review/references/backend-expert-guide.md +415 -0
  58. package/.claude/skills/code-review/references/backend-review.md +868 -0
  59. package/.claude/skills/code-review/references/batch-processing-strategy.md +198 -0
  60. package/.claude/skills/code-review/references/call-chain-analysis-protocol.md +166 -0
  61. package/.claude/skills/code-review/references/common-patterns.md +321 -0
  62. package/.claude/skills/code-review/references/configuration-review.md +425 -0
  63. package/.claude/skills/code-review/references/control-flow-completeness.md +114 -0
  64. package/.claude/skills/code-review/references/database-review.md +298 -0
  65. package/.claude/skills/code-review/references/dependency-and-integrity-protocol.md +313 -0
  66. package/.claude/skills/code-review/references/external-standards.md +51 -0
  67. package/.claude/skills/code-review/references/feature-review.md +329 -0
  68. package/.claude/skills/code-review/references/file-review-template.md +326 -0
  69. package/.claude/skills/code-review/references/frontend-advanced.md +654 -0
  70. package/.claude/skills/code-review/references/frontend-common-issues.md +482 -0
  71. package/.claude/skills/code-review/references/frontend-expert-guide.md +342 -0
  72. package/.claude/skills/code-review/references/frontend-review.md +783 -0
  73. package/.claude/skills/code-review/references/fullstack-consistency.md +418 -0
  74. package/.claude/skills/code-review/references/fullstack-review.md +477 -0
  75. package/.claude/skills/code-review/references/functional-completeness.md +386 -0
  76. package/.claude/skills/code-review/references/hidden-bugs-detection.md +473 -0
  77. package/.claude/skills/code-review/references/ide-lint-errors-guide.md +173 -0
  78. package/.claude/skills/code-review/references/infrastructure-review.md +453 -0
  79. package/.claude/skills/code-review/references/iteration-review.md +264 -0
  80. package/.claude/skills/code-review/references/job-review.md +335 -0
  81. package/.claude/skills/code-review/references/layered-checklist-protocol.md +157 -0
  82. package/.claude/skills/code-review/references/logic-completeness.md +535 -0
  83. package/.claude/skills/code-review/references/mandatory-checklist.md +288 -0
  84. package/.claude/skills/code-review/references/multi-language-guide.md +800 -0
  85. package/.claude/skills/code-review/references/new-project-review.md +226 -0
  86. package/.claude/skills/code-review/references/non-code-files-review.md +451 -0
  87. package/.claude/skills/code-review/references/overlooked-issues.md +657 -0
  88. package/.claude/skills/code-review/references/platform-specific-review.md +195 -0
  89. package/.claude/skills/code-review/references/precision-analysis-protocol.md +260 -0
  90. package/.claude/skills/code-review/references/python-patterns.md +494 -0
  91. package/.claude/skills/code-review/references/rca-techniques.md +362 -0
  92. package/.claude/skills/code-review/references/report-template.md +430 -0
  93. package/.claude/skills/code-review/references/resource-limits-and-degradation.md +137 -0
  94. package/.claude/skills/code-review/references/review-dimensions.md +311 -0
  95. package/.claude/skills/code-review/references/review-guide.md +202 -0
  96. package/.claude/skills/code-review/references/review-knowledge-workflow.md +257 -0
  97. package/.claude/skills/code-review/references/review-progress-tracker-protocol.md +172 -0
  98. package/.claude/skills/code-review/references/review-record-template.md +195 -0
  99. package/.claude/skills/code-review/references/skill-orchestration.md +143 -0
  100. package/.claude/skills/code-review/references/ui-ux-review.md +470 -0
  101. package/.claude/skills/containerization/SKILL.md +313 -0
  102. package/.claude/skills/database-migrations/agents/database-admin.md +142 -0
  103. package/.claude/skills/database-migrations/agents/database-optimizer.md +144 -0
  104. package/.claude/skills/database-migrations/commands/migration-observability.md +408 -0
  105. package/.claude/skills/database-migrations/commands/sql-migrations.md +492 -0
  106. package/.claude/skills/finishing-a-development-branch/SKILL.md +319 -0
  107. package/.claude/skills/frontend-design/LICENSE.txt +177 -0
  108. package/.claude/skills/frontend-design/SKILL.md +587 -0
  109. package/.claude/skills/frontend-design/references/color-consistency.md +487 -0
  110. package/.claude/skills/frontend-design/references/color-palettes-full.md +657 -0
  111. package/.claude/skills/frontend-design/references/design-system-generator.md +285 -0
  112. package/.claude/skills/frontend-design/references/font-pairings-full.md +705 -0
  113. package/.claude/skills/frontend-design/references/industry-anti-patterns.md +281 -0
  114. package/.claude/skills/frontend-design/references/layout-anti-patterns.md +582 -0
  115. package/.claude/skills/frontend-design/references/motion-patterns.md +659 -0
  116. package/.claude/skills/frontend-design/references/pre-delivery-checklist.md +153 -0
  117. package/.claude/skills/frontend-design/references/responsive-design.md +555 -0
  118. package/.claude/skills/frontend-design/references/style-modification-rules.md +335 -0
  119. package/.claude/skills/frontend-design/references/ui-styles-full.md +383 -0
  120. package/.claude/skills/frontend-design/references/ui-styles-rating.md +191 -0
  121. package/.claude/skills/frontend-design/references/ux-guidelines.md +640 -0
  122. package/.claude/skills/fullstack-developer/SKILL.md +512 -0
  123. package/.claude/skills/fullstack-developer/references/api-contract-guide.md +312 -0
  124. package/.claude/skills/fullstack-developer/references/api-response-patterns.md +223 -0
  125. package/.claude/skills/fullstack-developer/references/async-patterns.md +220 -0
  126. package/.claude/skills/fullstack-developer/references/bug-prevention.md +914 -0
  127. package/.claude/skills/fullstack-developer/references/code-quality-checklist.md +271 -0
  128. package/.claude/skills/fullstack-developer/references/complete-development-workflow.md +278 -0
  129. package/.claude/skills/fullstack-developer/references/context-isolation-protocol.md +256 -0
  130. package/.claude/skills/fullstack-developer/references/database-migration.md +331 -0
  131. package/.claude/skills/fullstack-developer/references/dependency-and-integrity-protocol.md +390 -0
  132. package/.claude/skills/fullstack-developer/references/development-phases.md +333 -0
  133. package/.claude/skills/fullstack-developer/references/expert-guide.md +214 -0
  134. package/.claude/skills/fullstack-developer/references/file-import-patterns.md +114 -0
  135. package/.claude/skills/fullstack-developer/references/graceful-degradation-patterns.md +78 -0
  136. package/.claude/skills/fullstack-developer/references/ide-lint-errors-guide.md +183 -0
  137. package/.claude/skills/fullstack-developer/references/integration-testing.md +301 -0
  138. package/.claude/skills/fullstack-developer/references/mock-api-patterns.md +307 -0
  139. package/.claude/skills/fullstack-developer/references/phase-gate-template.md +249 -0
  140. package/.claude/skills/fullstack-developer/references/post-edit-quality-gate.md +30 -0
  141. package/.claude/skills/fullstack-developer/references/python-engineering.md +79 -0
  142. package/.claude/skills/fullstack-developer/references/skill-orchestration.md +214 -0
  143. package/.claude/skills/fullstack-developer/references/skill-router-table.md +304 -0
  144. package/.claude/skills/fullstack-developer/references/state-sync.md +217 -0
  145. package/.claude/skills/fullstack-developer/references/ui-testing-checklist.md +292 -0
  146. package/.claude/skills/fullstack-developer/scripts/format_code.py +611 -0
  147. package/.claude/skills/fullstack-developer/scripts/lint_check.py +816 -0
  148. package/.claude/skills/fullstack-developer/scripts/requirements.txt +36 -0
  149. package/.claude/skills/performance-optimization/SKILL.md +250 -0
  150. package/.claude/skills/product-requirements/SKILL.md +357 -0
  151. package/.claude/skills/product-requirements/references/acceptance-criteria.md +335 -0
  152. package/.claude/skills/product-requirements/references/answer-first-questioning-protocol.md +299 -0
  153. package/.claude/skills/product-requirements/references/competitive-analysis-guide.md +183 -0
  154. package/.claude/skills/product-requirements/references/document-accuracy-protocol.md +253 -0
  155. package/.claude/skills/product-requirements/references/document-management-protocol.md +278 -0
  156. package/.claude/skills/product-requirements/references/external-standards.md +62 -0
  157. package/.claude/skills/product-requirements/references/feature-spec-template.md +359 -0
  158. package/.claude/skills/product-requirements/references/knowledge-acquisition-protocol.md +251 -0
  159. package/.claude/skills/product-requirements/references/plan-execution-protocol.md +334 -0
  160. package/.claude/skills/product-requirements/references/plan-generation-protocol.md +264 -0
  161. package/.claude/skills/product-requirements/references/prioritization-frameworks.md +80 -0
  162. package/.claude/skills/product-requirements/references/requirement-decomposition-protocol.md +291 -0
  163. package/.claude/skills/product-requirements/references/user-story-examples.md +297 -0
  164. package/.claude/skills/product-requirements/references/workflow-templates.md +266 -0
  165. package/.claude/skills/react-best-practices/SKILL.md +198 -0
  166. package/.claude/skills/react-best-practices/references/advanced-patterns.md +94 -0
  167. package/.claude/skills/react-best-practices/references/bundle-optimization.md +182 -0
  168. package/.claude/skills/react-best-practices/references/client-data-fetching.md +112 -0
  169. package/.claude/skills/react-best-practices/references/complete-guide.md +2249 -0
  170. package/.claude/skills/react-best-practices/references/eliminating-waterfalls.md +169 -0
  171. package/.claude/skills/react-best-practices/references/javascript-performance.md +256 -0
  172. package/.claude/skills/react-best-practices/references/rendering-performance.md +230 -0
  173. package/.claude/skills/react-best-practices/references/rerender-optimization.md +214 -0
  174. package/.claude/skills/react-best-practices/references/server-performance.md +182 -0
  175. package/.claude/skills/security-audit/SKILL.md +226 -0
  176. package/.claude/skills/shared-references/advanced-debugging-techniques.md +186 -0
  177. package/.claude/skills/shared-references/code-quality-checklist.md +218 -0
  178. package/.claude/skills/shared-references/code-review-efficiency-guide.md +125 -0
  179. package/.claude/skills/shared-references/mcp-dependency-compatibility-protocol.md +276 -0
  180. package/.claude/skills/shared-references/skill-call-graph.md +230 -0
  181. package/.claude/skills/shared-references/skill-orchestration-protocol.md +281 -0
  182. package/.claude/skills/shared-references/subagent-dispatch-templates.md +199 -0
  183. package/.claude/skills/skill-expert-skills/LICENSE.txt +204 -0
  184. package/.claude/skills/skill-expert-skills/QUICK_NAVIGATION.md +374 -0
  185. package/.claude/skills/skill-expert-skills/SKILL.md +247 -0
  186. package/.claude/skills/skill-expert-skills/docs/_index.md +91 -0
  187. package/.claude/skills/skill-expert-skills/references/deep-research-methodology.md +389 -0
  188. package/.claude/skills/skill-expert-skills/references/docs-generation-workflow.md +398 -0
  189. package/.claude/skills/skill-expert-skills/references/domain-expertise-protocol.md +343 -0
  190. package/.claude/skills/skill-expert-skills/references/domain-knowledge/_index.md +54 -0
  191. package/.claude/skills/skill-expert-skills/references/domain-knowledge/backend-expertise.md +517 -0
  192. package/.claude/skills/skill-expert-skills/references/domain-knowledge/bug-fixing-expertise.md +363 -0
  193. package/.claude/skills/skill-expert-skills/references/domain-knowledge/code-review-expertise.md +392 -0
  194. package/.claude/skills/skill-expert-skills/references/domain-knowledge/frontend-expertise.md +410 -0
  195. package/.claude/skills/skill-expert-skills/references/domain-knowledge-template.md +503 -0
  196. package/.claude/skills/skill-expert-skills/references/examples.md +782 -0
  197. package/.claude/skills/skill-expert-skills/references/integration-examples.md +655 -0
  198. package/.claude/skills/skill-expert-skills/references/knowledge-validation-checklist.md +246 -0
  199. package/.claude/skills/skill-expert-skills/references/latest-knowledge-acquisition.md +461 -0
  200. package/.claude/skills/skill-expert-skills/references/mcp-tools-guide.md +439 -0
  201. package/.claude/skills/skill-expert-skills/references/official-best-practices.md +616 -0
  202. package/.claude/skills/skill-expert-skills/references/patterns.md +218 -0
  203. package/.claude/skills/skill-expert-skills/references/plugin-skills-guide.md +432 -0
  204. package/.claude/skills/skill-expert-skills/references/requirement-elicitation-protocol.md +290 -0
  205. package/.claude/skills/skill-expert-skills/references/skill-creator-SKILL.md +353 -0
  206. package/.claude/skills/skill-expert-skills/references/skill-templates.md +583 -0
  207. package/.claude/skills/skill-expert-skills/references/skills-knowledge-base.md +561 -0
  208. package/.claude/skills/skill-expert-skills/references/tools-guide.md +379 -0
  209. package/.claude/skills/skill-expert-skills/references/troubleshooting.md +378 -0
  210. package/.claude/skills/skill-expert-skills/references/universality-guide.md +205 -0
  211. package/.claude/skills/skill-expert-skills/references/writing-style-guide.md +466 -0
  212. package/.claude/skills/skill-expert-skills/scripts/__pycache__/quick_validate.cpython-313.pyc +0 -0
  213. package/.claude/skills/skill-expert-skills/scripts/__pycache__/universal_validate.cpython-313.pyc +0 -0
  214. package/.claude/skills/skill-expert-skills/scripts/analyze_trigger.py +425 -0
  215. package/.claude/skills/skill-expert-skills/scripts/diff_with_official.py +188 -0
  216. package/.claude/skills/skill-expert-skills/scripts/init_skill.py +349 -0
  217. package/.claude/skills/skill-expert-skills/scripts/package_skill.py +156 -0
  218. package/.claude/skills/skill-expert-skills/scripts/quick_validate.py +493 -0
  219. package/.claude/skills/skill-expert-skills/scripts/requirements.txt +2 -0
  220. package/.claude/skills/skill-expert-skills/scripts/universal_validate.py +182 -0
  221. package/.claude/skills/skill-expert-skills/scripts/upgrade_skill.py +431 -0
  222. package/.claude/skills/subagent-driven-development/SKILL.md +268 -0
  223. package/.claude/skills/test-driven-development/SKILL.md +246 -0
  224. package/.claude/skills/test-driven-development/references/testing-anti-patterns.md +192 -0
  225. package/.claude/skills/using-git-worktrees/SKILL.md +266 -0
  226. package/.claude/skills/using-skillstack/SKILL.md +127 -0
  227. package/.claude/skills/vercel-deploy/SKILL.md +166 -0
  228. package/.claude/skills/vercel-deploy/scripts/deploy.sh +249 -0
  229. package/.claude/skills/verification-before-completion/SKILL.md +305 -0
  230. package/.claude/skills/writing-plans/SKILL.md +259 -0
  231. package/README.md +69 -0
  232. package/bin/cli.js +468 -0
  233. package/lib/init.js +333 -0
  234. package/package.json +29 -0
package/.claude/skills/code-review/references/platform-specific-review.md ADDED
@@ -0,0 +1,195 @@
1
+ # Platform-Specific Review Guide
2
+
3
+ This guide contains detailed checklists for reviewing native/desktop/hybrid applications.
4
+ Use this as a reference when the main SKILL.md indicates platform-specific review is needed.
5
+
6
+ ## General Native/Desktop App Checklist
7
+
8
+ | Area | Key Questions |
9
+ |------|---------------|
10
+ | **RPC/IPC Registration** | Every frontend call has matching backend handler? |
11
+ | **Plugin Configuration** | Plugins installed AND initialized? |
12
+ | **Security Permissions** | Required permissions configured? |
13
+ | **API Verification** | APIs exist in framework version? Work in target platform? |
14
+ | **Path Handling** | Using platform-appropriate paths? |
15
+ | **Binary File Handling** | Binary files use proper encoding/protocol? |
16
+ | **Asset Loading** | Local assets loaded correctly with proper protocol? |
17
+ | 🔴 **Native Module Compatibility** | Native modules compatible with runtime? Need rebuild? |
18
+
19
+ ---
20
+
21
+ ## 🔴 Native Module Compatibility Check (MANDATORY for Electron/React Native)
22
+
23
+ **原生模块是导致 Desktop App 启动失败的头号杀手!**
24
+
25
+ ### 什么是原生模块?
26
+
27
+ 原生模块是指使用 C/C++/Rust 编写并编译为 `.node` 文件的 Node.js 模块。它们:
28
+ - 需要针对特定 Node.js ABI 版本编译
29
+ - Electron 使用不同的 V8 版本,需要重新编译
30
+ - 在不同操作系统上需要不同的二进制文件
31
+
32
+ ### 常见原生模块列表 (P0 风险)
33
+
34
+ | 模块名 | 功能 | 纯 JS 替代方案 |
35
+ |--------|------|----------------|
36
+ | `better-sqlite3` | SQLite 数据库 | `sql.js` (推荐) |
37
+ | `sqlite3` | SQLite 数据库 | `sql.js` |
38
+ | `sharp` | 图片处理 | `jimp`, `canvas` (浏览器) |
39
+ | `bcrypt` | 密码哈希 | `bcryptjs` |
40
+ | `node-sass` | SCSS 编译 | `sass` (dart-sass) |
41
+ | `canvas` | 画布渲染 | HTML Canvas API |
42
+ | `serialport` | 串口通信 | Web Serial API (浏览器) |
43
+ | `usb` | USB 设备 | WebUSB API (浏览器) |
44
+ | `fsevents` | macOS 文件监听 | `chokidar` (跨平台) |
45
+ | `leveldown` | LevelDB | `level-js` |
46
+
47
+ ### 原生模块检查流程
48
+
49
+ ```
50
+ 新增依赖
51
+
52
+
53
+ ┌──────────────────────────────────────────────────────┐
54
+ │ Step 1: 识别是否为原生模块 │
55
+ │ ─────────────────────────────────────────────────────│
56
+ │ 方法 1: 检查是否有 binding.gyp 文件 │
57
+ │ 方法 2: npm info <package> | grep "C++" │
58
+ │ 方法 3: 检查 node_modules/<pkg> 是否有 .node 文件 │
59
+ └──────────────────────────────────────────────────────┘
60
+
61
+ ▼ 是原生模块
62
+ ┌──────────────────────────────────────────────────────┐
63
+ │ Step 2: 评估兼容性风险 │
64
+ │ ─────────────────────────────────────────────────────│
65
+ │ Electron 项目? → 🔴 高风险 → 优先考虑纯 JS 替代 │
66
+ │ React Native? → 🔴 高风险 → 需要链接原生代码 │
67
+ │ 纯 Node.js? → 🟡 中风险 → 检查 Node 版本兼容 │
68
+ └──────────────────────────────────────────────────────┘
69
+
70
+ ▼ 必须使用原生模块
71
+ ┌──────────────────────────────────────────────────────┐
72
+ │ Step 3: 配置编译环境 │
73
+ │ ─────────────────────────────────────────────────────│
74
+ │ Electron: electron-rebuild / @electron/rebuild │
75
+ │ 配置 package.json postinstall 脚本 │
76
+ │ 配置 electron-builder asarUnpack │
77
+ └──────────────────────────────────────────────────────┘
78
+
79
+
80
+ ┌──────────────────────────────────────────────────────┐
81
+ │ Step 4: 运行时验证 (MANDATORY) │
82
+ │ ─────────────────────────────────────────────────────│
83
+ │ npm run dev → 确保应用正常启动 │
84
+ │ 测试原生模块功能 → 确保功能正常 │
85
+ └──────────────────────────────────────────────────────┘
86
+ ```
87
+
88
+ ### Electron 原生模块配置清单
89
+
90
+ | 配置项 | 文件 | 示例 |
91
+ |--------|------|------|
92
+ | **electron-rebuild** | `package.json` | `"postinstall": "electron-rebuild"` |
93
+ | **asarUnpack** | `electron-builder.json5` | `"asarUnpack": ["**/node_modules/better-sqlite3/**"]` |
94
+ | **external** | `vite.config.ts` | `external: ['better-sqlite3']` |
95
+ | **optimizeDeps.exclude** | `vite.config.ts` | `exclude: ['better-sqlite3']` |
96
+
97
+ ### 原生模块审查报告模板
98
+
99
+ ```markdown
100
+ ## 原生模块兼容性报告
101
+
102
+ ### 新增依赖类型分析
103
+ | 依赖名 | 类型 | 风险等级 | 处理方式 |
104
+ |--------|------|----------|----------|
105
+ | xxx | 原生模块 | 🔴 高 | 替换为 yyy |
106
+ | zzz | 纯 JS | 🟢 低 | 直接使用 |
107
+
108
+ ### Electron 配置检查
109
+ - [ ] electron-rebuild 已配置
110
+ - [ ] asarUnpack 已配置
111
+ - [ ] vite external 已配置
112
+ - [ ] 🔴 运行时启动测试通过
113
+ ```
114
+
115
+ ## API Availability Verification
116
+
117
+ **For EVERY external API call in the code under review:**
118
+
119
+ | Question | How to Answer | Action if "No" |
120
+ |----------|---------------|----------------|
121
+ | Does this API exist in the framework version used? | Check official docs for the exact version | P1: Find alternative or upgrade |
122
+ | Does this API work in the target environment? | Web vs Desktop vs Mobile constraints | P1: Use platform-appropriate API |
123
+ | Is required configuration in place? | Check config files | P1: Add missing config |
124
+ | Are security permissions configured? | Check capabilities, CSP, permissions | P0: Security misconfiguration |
125
+ | Is there a working example in the codebase? | Search for similar usage | P2: Add test to verify |
126
+
127
+ ## Common Issues by Category
128
+
129
+ ### RPC/IPC Issues
130
+
131
+ | Issue | Symptoms | Prevention |
132
+ |-------|----------|------------|
133
+ | Handler not registered | "command not found" or "no handler" errors | Verify backend registration |
134
+ | Wrong import path | "module not found" errors | Check plugin/extension import paths |
135
+ | Type mismatch | Serialization errors | Verify frontend/backend types match |
136
+
137
+ ### Security Issues
138
+
139
+ | Issue | Symptoms | Prevention |
140
+ |-------|----------|------------|
141
+ | Missing permissions | "permission denied" errors | Check security configuration |
142
+ | Overly permissive config | Security vulnerabilities | Follow principle of least privilege |
143
+ | Improper context isolation | Data leakage between contexts | Verify isolation settings |
144
+
145
+ ### Asset/Resource Issues
146
+
147
+ | Issue | Symptoms | Prevention |
148
+ |-------|----------|------------|
149
+ | Wrong protocol | 404 errors, broken images | Use platform-appropriate protocol |
150
+ | Binary handling | Corrupted data, empty content | Use proper encoding (base64, etc.) |
151
+ | Path separators | Works on dev, fails cross-platform | Use platform-aware path handling |
152
+
153
+ ## Platform Review Output Template
154
+
155
+ ```markdown
156
+ ## Platform-Specific Findings
157
+
158
+ ### RPC/IPC Commands
159
+ | Command | Frontend Usage | Backend Registration | Status |
160
+ |---------|----------------|----------------------|--------|
161
+ | ... | ... | ... | ✅/P0/P1 |
162
+
163
+ ### Plugin/Extension Configuration
164
+ | Plugin | Installed | Initialized | Config | Status |
165
+ |--------|-----------|-------------|--------|--------|
166
+ | ... | ✅/❌ | ✅/❌ | ... | ✅/P1 |
167
+
168
+ ### Security / Permissions
169
+ | Permission | Required By | Configured | Status |
170
+ |------------|-------------|------------|--------|
171
+ | ... | ... | ✅/❌ | ✅/P0/P1 |
172
+
173
+ ### API Verification
174
+ | API | Docs Verified | Platform Works | Config Ready | Status |
175
+ |-----|---------------|----------------|--------------|--------|
176
+ | ... | ✅/❌ | ✅/❌ | ✅/❌ | ✅/P1 |
177
+ ```
178
+
179
+ ## Framework-Specific Guides
180
+
181
+ For detailed framework-specific checklists, consult official documentation:
182
+
183
+ - **Tauri**: https://tauri.app/
184
+ - **Electron**: https://www.electronjs.org/
185
+ - **React Native**: https://reactnative.dev/
186
+ - **Flutter**: https://flutter.dev/
187
+ - **Qt**: https://doc.qt.io/
188
+
189
+ Each framework has unique patterns for:
190
+ - IPC/RPC mechanisms
191
+ - Plugin/extension systems
192
+ - Security models
193
+ - Asset handling
194
+ - Build configuration
195
+
package/.claude/skills/code-review/references/precision-analysis-protocol.md ADDED
@@ -0,0 +1,260 @@
1
+ # 精准代码分析协议 (Precision Analysis Protocol)
2
+
3
+ ## 核心原则
4
+
5
+ ```
6
+ 分析计划先行 → 逻辑优先 → 证据驱动 → 逐文件验证
7
+ ```
8
+
9
+ **Iron Law**: 没有分析计划不开始审查,没有证据不报告问题
10
+
11
+ ---
12
+
13
+ ## 🔴 Phase A: 分析计划制定 (MANDATORY FIRST)
14
+
15
+ ### Step 1: 代码范围扫描
16
+
17
+ ```markdown
18
+ ## 代码范围扫描
19
+
20
+ **变更文件清单:**
21
+ | # | 文件路径 | 变更类型 | 行数 | 复杂度预估 |
22
+ |---|----------|----------|------|-----------|
23
+ | 1 | src/auth/login.py | Modified | +50/-10 | 高 |
24
+ | 2 | src/api/users.py | New | +120 | 中 |
25
+ | 3 | tests/test_auth.py | Modified | +30 | 低 |
26
+
27
+ **总计**: X 个文件, +Y/-Z 行
28
+ ```
29
+
30
+ ### Step 2: 依赖关系分析
31
+
32
+ ```markdown
33
+ ## 依赖关系图
34
+
35
+ ```
36
+ login.py
37
+ ├── imports: users.py (直接依赖)
38
+ ├── imports: db/session.py (间接依赖)
39
+ └── called by: routes/auth.py (调用方)
40
+
41
+ users.py
42
+ ├── imports: models/user.py
43
+ └── called by: login.py, admin.py
44
+ ```
45
+
46
+ **关键路径**: login.py → users.py → models/user.py
47
+ ```
48
+
49
+ ### Step 3: 制定分析计划
50
+
51
+ ```markdown
52
+ ## 详细分析计划
53
+
54
+ ### 分析顺序 (按依赖关系)
55
+ 1. **models/user.py** - 基础模型,其他文件依赖
56
+ 2. **users.py** - 核心业务逻辑
57
+ 3. **login.py** - 入口逻辑
58
+ 4. **test_auth.py** - 测试覆盖
59
+
60
+ ### 每个文件的分析重点
61
+
62
+ | 文件 | 逻辑分析重点 | 预期耗时 |
63
+ |------|-------------|---------|
64
+ | models/user.py | 数据模型完整性、字段约束 | 5min |
65
+ | users.py | 🔴 核心业务逻辑、边界条件、错误处理 | 15min |
66
+ | login.py | 🔴 认证流程、状态转换、异常路径 | 10min |
67
+ | test_auth.py | 测试覆盖率、边界用例 | 5min |
68
+
69
+ ### 逻辑分析检查清单 (每个文件必须回答)
70
+
71
+ - [ ] 所有条件分支是否都有处理?
72
+ - [ ] 循环是否有正确的终止条件?
73
+ - [ ] 异常情况是否都被捕获和处理?
74
+ - [ ] 边界值是否正确处理?
75
+ - [ ] 状态转换是否完整?
76
+ - [ ] 返回值是否在所有路径上都有定义?
77
+ ```
78
+
79
+ ---
80
+
81
+ ## 🔴 Phase B: 逻辑优先分析 (LOGIC FIRST)
82
+
83
+ ### 逻辑问题优先级
84
+
85
+ | 优先级 | 问题类型 | 示例 |
86
+ |--------|---------|------|
87
+ | **L0** | 逻辑错误 | 条件判断错误、循环逻辑错误 |
88
+ | **L1** | 边界问题 | 空值未处理、数组越界、off-by-one |
89
+ | **L2** | 状态问题 | 状态不一致、竞态条件 |
90
+ | **L3** | 流程问题 | 异常路径未处理、资源未释放 |
91
+
92
+ ### 逻辑分析模板 (每个函数/方法)
93
+
94
+ ```markdown
95
+ ### 函数: `authenticate_user(username, password)`
96
+
97
+ **1. 输入分析**
98
+ - username: string | None? → 需要检查空值
99
+ - password: string | None? → 需要检查空值
100
+
101
+ **2. 条件分支追踪**
102
+ ```
103
+ Line 10: if not username: → 处理: return None ✅
104
+ Line 12: if not password: → 处理: return None ✅
105
+ Line 15: if user is None: → 处理: return None ✅
106
+ Line 18: if not verify_pwd(): → 处理: ❌ 未处理! 直接 fall through
107
+ Line 22: return user → 正常路径 ✅
108
+ ```
109
+
110
+ **3. 发现的逻辑问题**
111
+ | 行号 | 问题 | 严重度 |
112
+ |------|------|--------|
113
+ | 18 | 密码验证失败时没有 return,会继续执行到 line 22 | **L0** |
114
+
115
+ **4. 证据截图/代码片段**
116
+ ```python
117
+ # Line 15-22 原始代码
118
+ if user is None:
119
+ return None
120
+ if not verify_password(password, user.hashed_password):
121
+ logger.warning("Invalid password") # ❌ 没有 return!
122
+ return user # ❌ 密码错误也会返回 user
123
+ ```
124
+ ```
125
+
126
+ ---
127
+
128
+ ## 🔴 Phase C: 证据驱动报告 (EVIDENCE REQUIRED)
129
+
130
+ ### 证据要求
131
+
132
+ **每个发现必须包含:**
133
+
134
+ 1. **文件路径 + 行号**: `src/auth/login.py:18`
135
+ 2. **原始代码片段**: 至少 3-5 行上下文
136
+ 3. **问题描述**: 具体说明什么逻辑有问题
137
+ 4. **影响分析**: 这个问题会导致什么后果
138
+ 5. **修复建议**: 具体的修复方案
139
+
140
+ ### 证据模板
141
+
142
+ ```markdown
143
+ ## 发现 #1: 密码验证逻辑缺陷
144
+
145
+ **位置**: `src/auth/login.py:18-22`
146
+
147
+ **证据 (原始代码)**:
148
+ ```python
149
+ 15 | if user is None:
150
+ 16 | return None
151
+ 17 | if not verify_password(password, user.hashed_password):
152
+ 18 | logger.warning("Invalid password")
153
+ 19 | # ❌ 缺少 return 语句
154
+ 20 | return user # ❌ 即使密码错误也会执行到这里
155
+ ```
156
+
157
+ **问题分析**:
158
+ - Line 17-18: 密码验证失败后只记录日志,没有 return
159
+ - Line 20: 无论密码是否正确都会返回 user 对象
160
+ - 这是一个 **认证绕过漏洞**
161
+
162
+ **影响**:
163
+ - 任何用户只要知道用户名就能登录
164
+ - 严重度: **P0 (安全漏洞)**
165
+
166
+ **修复建议**:
167
+ ```python
168
+ if not verify_password(password, user.hashed_password):
169
+ logger.warning("Invalid password")
170
+ return None # 添加 return
171
+ return user
172
+ ```
173
+
174
+ **验证方法**:
175
+ - 单元测试: 使用错误密码登录应返回 None
176
+ - 集成测试: 错误密码应返回 401
177
+ ```
178
+
179
+ ---
180
+
181
+ ## 🔴 Phase D: 分析完成确认 (COMPLETION VERIFICATION)
182
+
183
+ ### 文件分析完成检查清单
184
+
185
+ ```markdown
186
+ ## 文件分析完成确认: `src/auth/login.py`
187
+
188
+ ### 分析覆盖证明
189
+
190
+ | 检查项 | 状态 | 证据 |
191
+ |--------|------|------|
192
+ | 所有函数已分析 | ✅ | 分析了 3/3 个函数 |
193
+ | 所有条件分支已追踪 | ✅ | 追踪了 8 个 if/else |
194
+ | 所有循环已检查 | ✅ | 检查了 2 个 for 循环 |
195
+ | 所有异常处理已审查 | ✅ | 审查了 3 个 try/except |
196
+ | 所有返回路径已验证 | ✅ | 验证了 5 个 return |
197
+
198
+ ### 分析的函数清单
199
+
200
+ | 函数名 | 行号 | 逻辑问题 | 其他问题 |
201
+ |--------|------|---------|---------|
202
+ | `authenticate_user` | 10-25 | 1 个 L0 | 0 |
203
+ | `create_session` | 27-45 | 0 | 1 个 P2 |
204
+ | `logout` | 47-55 | 0 | 0 |
205
+
206
+ ### 本文件发现汇总
207
+
208
+ | 严重度 | 数量 | 行号 |
209
+ |--------|------|------|
210
+ | L0 (逻辑错误) | 1 | 18 |
211
+ | L1 (边界问题) | 0 | - |
212
+ | P2 (其他) | 1 | 35 |
213
+
214
+ **文件分析状态**: ✅ 完成
215
+ ```
216
+
217
+ ---
218
+
219
+ ## 输出契约
220
+
221
+ ### 分析报告结构
222
+
223
+ ```markdown
224
+ # Code Review Report
225
+
226
+ ## 1. 分析计划
227
+ [Phase A 的输出]
228
+
229
+ ## 2. 逐文件分析
230
+
231
+ ### 文件 1: src/auth/login.py
232
+ [Phase B + C 的输出]
233
+ [Phase D 的完成确认]
234
+
235
+ ### 文件 2: src/api/users.py
236
+ [Phase B + C 的输出]
237
+ [Phase D 的完成确认]
238
+
239
+ ## 3. 发现汇总
240
+
241
+ ### 逻辑问题 (优先处理)
242
+ | # | 文件:行号 | 问题 | 严重度 |
243
+ |---|-----------|------|--------|
244
+ | 1 | login.py:18 | 密码验证逻辑缺陷 | L0 |
245
+
246
+ ### 其他问题
247
+ | # | 文件:行号 | 问题 | 严重度 |
248
+ |---|-----------|------|--------|
249
+ | 1 | users.py:35 | 缺少输入验证 | P2 |
250
+
251
+ ## 4. 分析完成确认
252
+
253
+ | 文件 | 分析状态 | 逻辑问题 | 其他问题 |
254
+ |------|---------|---------|---------|
255
+ | login.py | ✅ 完成 | 1 | 0 |
256
+ | users.py | ✅ 完成 | 0 | 1 |
257
+ | test_auth.py | ✅ 完成 | 0 | 0 |
258
+
259
+ **总计**: 3/3 文件已分析, 1 个逻辑问题, 1 个其他问题
260
+ ```