@uluops/setup 0.2.0

package/assets/commands/agents/public-interface.md

@@ -0,0 +1,134 @@
+---
+name: public-interface
+description: Validates public-facing quality - README accuracy, unused imports, dead code, export hygiene, error messages. Use AFTER test-architect passes.
+---
+
+# Public Interface Validator
+Validates public-facing quality - README accuracy, unused imports, dead code, export hygiene, error messages. Use AFTER test-architect passes.
+
+## Arguments
+
+**Usage:** `/agents:public-interface <directory>`
+
+**Examples:**
+- `/agents:public-interface ./packages/sdk`
+- `/agents:public-interface ./lib`
+- `/agents:public-interface .`
+
+**Target Directory:** $ARGUMENTS
+
+---
+
+## Pre-Flight
+
+```bash
+echo "Running public interface validation on $ARGUMENTS..."
+echo "===================================================="
+```
+
+Verify the target directory exists:
+
+```bash
+test -d "$ARGUMENTS" && echo "✓ Directory exists: $ARGUMENTS" || echo "ERROR: Directory '$ARGUMENTS' not found"
+```
+
+Enter and confirm location:
+
+```bash
+cd "$ARGUMENTS" && pwd
+```
+
+Check path exists:
+
+```bash
+[ -e "$ARGUMENTS" ] && echo "✓ $ARGUMENTS exists" || echo "Target directory does not exist"
+```
+
+
+---
+
+## Agent Invocation
+
+Run the Public Interface Validator agent on the validated target directory:
+
+**Agent:** public-interface-validator-agent.md
+**Model:** Sonnet
+**Target:** $ARGUMENTS
+
+The agent performs code quality validation across 5 categories (100 points total):
+
+| Category | Points | Focus |
+|----------|--------|-------|
+| Feature Completeness | 30 | All major capabilities documented in README with examples |
+| Documentation Accuracy | 25 | README examples work and match current API |
+| Code Hygiene | 20 | Clean code without dead weight |
+| Export Quality | 15 | Public exports are documented and intentional |
+| Consumer Experience | 10 | Library is pleasant to use |
+
+---
+
+## Auto-Fail Conditions
+
+Critical issues that trigger immediate FAIL regardless of score:
+
+| ID | Condition |
+|----|-----------|
+| **AF-001** | No README.md exists |
+| **AF-002** | Major feature completely missing from README |
+| **AF-003** | README examples reference non-existent exports |
+| **AF-004** | README title/description misleading about capabilities |
+
+---
+
+## Decision Thresholds
+
+| Score | Decision | Meaning |
+|-------|----------|---------|
+| **>=75** | ✅ PASS | Validation passed, proceed to next phase |
+| **<75** | ❌ FAIL | Validation failed, fix issues before proceeding |
+
+**Note:** Any critical issue triggers FAIL regardless of score.
+
+---
+
+
+## PERSIST TO TRACKER (Required)
+
+> **IMPORTANT:** Save to tracker IMMEDIATELY after agent completes, BEFORE presenting the summary to the user. The workflow is not complete until results are persisted.
+**1. Get token metrics from buffer:**
+```bash
+agent-metrics buffer list --since 5m -f tracker
+```
+
+**2. Save to tracker (DO THIS FIRST):**
+
+mcp__uluops-tracker__save_features_list
+
+**3. Verify saved:** Compare `json.summary.total_issues` with saved count.
+
+**4. THEN present summary to user.**
+
+### Field Mappings
+
+**From JSON OUTPUT to Tracker:**
+| Source | Tracker Field | Notes |
+|--------|---------------|-------|
+| `json.result.score` | `validators[].score` | Total score |
+| `json.result.decision` | `validators[].status` | PASS/FAIL |
+| `buffer.model` | `validators[].model` | From agent-metrics buffer |
+| `buffer.tokens.input_tokens` | `input_tokens` | Raw input tokens |
+| `buffer.tokens.output_tokens` | `output_tokens` | Output tokens |
+| `buffer.tokens.cache_creation_tokens` | `cache_creation_tokens` | Cache creation |
+| `buffer.tokens.cache_read_tokens` | `cache_read_tokens` | Cache reads |
+| `buffer.tokens.total_effective_tokens` | `total_effective_tokens` | Effective total |
+| `json.categories[].findings[].issues[]` | `recommendations[]` | Flatten nested structure |
+
+**Note:** `json` = agent's JSON OUTPUT, `buffer` = `agent-metrics buffer list -f tracker`
+
+---
+
+## Source
+
+**CDL Schema:** `udl/definition-languages/cdl-schema-v1.1.0.json`
+**CDL Source:** `/home/alexs/uluops/uluops-agent-workflows/udl/cdl/v1/public-interface.command.yaml`
+**Agent:** `agents/public-interface-validator-agent.md`

package/assets/commands/agents/release.md

@@ -0,0 +1,135 @@
+---
+name: release
+description: Final release gate for packages and CLI tools. Validates version consistency, CLI --version, package.json, and docs. Detects semantic-release CI/CD vs manual publishing.
+---
+
+# Release Readiness
+Final release gate for packages and CLI tools. Validates version consistency, CLI --version, package.json, and docs. Detects semantic-release CI/CD vs manual publishing.
+
+## Arguments
+
+**Usage:** `/agents:release <directory>`
+
+**Examples:**
+- `/agents:release ./packages/sdk`
+- `/agents:release .`
+- `/agents:release ./lib`
+
+**Target Directory:** $ARGUMENTS
+
+---
+
+## Pre-Flight
+
+```bash
+echo "Running release readiness check on $ARGUMENTS..."
+echo "================================================"
+```
+
+Verify the target directory exists:
+
+```bash
+test -d "$ARGUMENTS" && echo "✓ Directory exists: $ARGUMENTS" || echo "ERROR: Directory '$ARGUMENTS' not found"
+```
+
+Enter and confirm location:
+
+```bash
+cd "$ARGUMENTS" && pwd
+```
+
+Check path exists:
+
+```bash
+[ -e "$ARGUMENTS" ] && echo "✓ $ARGUMENTS exists" || echo "Target directory does not exist"
+```
+
+
+---
+
+## Agent Invocation
+
+Run the Release Readiness agent on the validated target directory:
+
+**Agent:** release-readiness-agent.md
+**Model:** Sonnet
+**Target:** $ARGUMENTS
+
+The agent performs code quality validation across 4 categories (100 points total):
+
+| Category | Points | Focus |
+|----------|--------|-------|
+| Version Consistency | 25 | Validates package.json version matches CLI output and CHANGELOG |
+| Package Configuration | 25 | Validates package.json fields, exports, and entry points |
+| Documentation | 25 | Validates README, CHANGELOG, and API documentation |
+| Release Hygiene | 25 | Validates no debug code, no secrets, fresh build |
+
+---
+
+## Auto-Fail Conditions
+
+Critical issues that trigger immediate FAIL regardless of score:
+
+| ID | Condition |
+|----|-----------|
+| **** | CLI --version does not match package.json version |
+| **** | Missing CHANGELOG entry for current version |
+| **** | Secrets or API keys in codebase |
+| **** | README.md is missing |
+| **** | Build artifacts stale or missing |
+| **** | console.log in production paths (for libraries) |
+
+---
+
+## Decision Thresholds
+
+| Score | Decision | Meaning |
+|-------|----------|---------|
+| **>=80** | ✅ PASS | Validation passed, proceed to next phase |
+| **<80** | ❌ FAIL | Validation failed, fix issues before proceeding |
+
+**Note:** Any critical issue triggers FAIL regardless of score.
+
+---
+
+
+## PERSIST TO TRACKER (Required)
+
+> **IMPORTANT:** Save to tracker IMMEDIATELY after agent completes, BEFORE presenting the summary to the user. The workflow is not complete until results are persisted.
+**1. Get token metrics from buffer:**
+```bash
+agent-metrics buffer list --since 5m -f tracker
+```
+
+**2. Save to tracker (DO THIS FIRST):**
+
+mcp__uluops-tracker__save_features_list
+
+**3. Verify saved:** Compare `json.summary.total_issues` with saved count.
+
+**4. THEN present summary to user.**
+
+### Field Mappings
+
+**From JSON OUTPUT to Tracker:**
+| Source | Tracker Field | Notes |
+|--------|---------------|-------|
+| `json.result.score` | `validators[].score` | Total score |
+| `json.result.decision` | `validators[].status` | PASS/FAIL |
+| `buffer.model` | `validators[].model` | From agent-metrics buffer |
+| `buffer.tokens.input_tokens` | `input_tokens` | Raw input tokens |
+| `buffer.tokens.output_tokens` | `output_tokens` | Output tokens |
+| `buffer.tokens.cache_creation_tokens` | `cache_creation_tokens` | Cache creation |
+| `buffer.tokens.cache_read_tokens` | `cache_read_tokens` | Cache reads |
+| `buffer.tokens.total_effective_tokens` | `total_effective_tokens` | Effective total |
+| `json.categories[].findings[].issues[]` | `recommendations[]` | Flatten nested structure |
+
+**Note:** `json` = agent's JSON OUTPUT, `buffer` = `agent-metrics buffer list -f tracker`
+
+---
+
+## Source
+
+**CDL Schema:** `udl/definition-languages/cdl-schema-v1.1.0.json`
+**CDL Source:** `/home/alexs/uluops/uluops-agent-workflows/udl/cdl/v1/release.command.yaml`
+**Agent:** `agents/release-readiness-agent.md`

package/assets/commands/agents/security.md

@@ -0,0 +1,137 @@
+---
+name: security
+description: Run comprehensive security audit on a project. Use as FINAL gate before deployment. Scans for vulnerabilities, OWASP compliance, and security best practices.
+---
+
+# Security Analyst
+Run comprehensive security audit on a project. Use as FINAL gate before deployment. Scans for vulnerabilities, OWASP compliance, and security best practices.
+
+## Arguments
+
+**Usage:** `/agents:security <directory>`
+
+**Examples:**
+- `/agents:security ./src`
+- `/agents:security ./services/auth`
+- `/agents:security .`
+
+**Target Directory:** $ARGUMENTS
+
+---
+
+## Pre-Flight
+
+```bash
+echo "Running security audit on $ARGUMENTS..."
+echo "======================================="
+```
+
+Verify the target directory exists:
+
+```bash
+test -d "$ARGUMENTS" && echo "✓ Directory exists: $ARGUMENTS" || echo "ERROR: Directory '$ARGUMENTS' not found"
+```
+
+Enter and confirm location:
+
+```bash
+cd "$ARGUMENTS" && pwd
+```
+
+Check path exists:
+
+```bash
+[ -e "$ARGUMENTS" ] && echo "✓ $ARGUMENTS exists" || echo "Target directory does not exist"
+```
+
+
+---
+
+## Agent Invocation
+
+Run the Security Analyst agent on the validated target directory:
+
+**Agent:** security-analyst-agent.md
+**Model:** Sonnet
+**Target:** $ARGUMENTS
+
+The agent performs code quality validation across 6 categories (100 points total):
+
+| Category | Points | Focus |
+|----------|--------|-------|
+| Secrets & Credentials | 20 | No hardcoded keys, passwords, or tokens in code |
+| Injection Prevention | 20 | SQL, command, XSS, and path traversal prevention |
+| Authentication & Authorization | 20 | JWT handling, password hashing, and access control |
+| Data Protection | 15 | Secure cookies, encryption, and PII handling |
+| Dependencies | 15 | npm audit clean and no known vulnerabilities |
+| Security Configuration | 10 | Headers, CORS, error handling, debug mode |
+
+---
+
+## Auto-Fail Conditions
+
+Critical issues that trigger immediate FAIL regardless of score:
+
+| ID | Condition |
+|----|-----------|
+| **AF-001** | Hardcoded secrets or API keys in source code |
+| **AF-002** | SQL injection or command injection confirmed |
+| **AF-003** | Authentication bypass possible |
+| **AF-004** | Critical npm vulnerability (CVSS >= 9.0) |
+| **AF-005** | Secrets committed in git history |
+| **AF-006** | RCE (Remote Code Execution) vector identified |
+
+---
+
+## Decision Thresholds
+
+| Score | Decision | Meaning |
+|-------|----------|---------|
+| **>=85** | ✅ PASS | Validation passed, proceed to next phase |
+| **<85** | ❌ FAIL | Validation failed, fix issues before proceeding |
+
+**Note:** Any critical issue triggers FAIL regardless of score.
+
+---
+
+
+## PERSIST TO TRACKER (Required)
+
+> **IMPORTANT:** Save to tracker IMMEDIATELY after agent completes, BEFORE presenting the summary to the user. The workflow is not complete until results are persisted.
+**1. Get token metrics from buffer:**
+```bash
+agent-metrics buffer list --since 5m -f tracker
+```
+
+**2. Save to tracker (DO THIS FIRST):**
+
+mcp__uluops-tracker__save_features_list
+
+**3. Verify saved:** Compare `json.summary.total_issues` with saved count.
+
+**4. THEN present summary to user.**
+
+### Field Mappings
+
+**From JSON OUTPUT to Tracker:**
+| Source | Tracker Field | Notes |
+|--------|---------------|-------|
+| `json.result.score` | `validators[].score` | Total score |
+| `json.result.decision` | `validators[].status` | PASS/FAIL |
+| `buffer.model` | `validators[].model` | From agent-metrics buffer |
+| `buffer.tokens.input_tokens` | `input_tokens` | Raw input tokens |
+| `buffer.tokens.output_tokens` | `output_tokens` | Output tokens |
+| `buffer.tokens.cache_creation_tokens` | `cache_creation_tokens` | Cache creation |
+| `buffer.tokens.cache_read_tokens` | `cache_read_tokens` | Cache reads |
+| `buffer.tokens.total_effective_tokens` | `total_effective_tokens` | Effective total |
+| `json.categories[].findings[].issues[]` | `recommendations[]` | Flatten nested structure |
+
+**Note:** `json` = agent's JSON OUTPUT, `buffer` = `agent-metrics buffer list -f tracker`
+
+---
+
+## Source
+
+**CDL Schema:** `udl/definition-languages/cdl-schema-v1.1.0.json`
+**CDL Source:** `/home/alexs/uluops/uluops-agent-workflows/udl/cdl/v1/security.command.yaml`
+**Agent:** `agents/security-analyst-agent.md`

package/assets/commands/agents/test-review.md

@@ -0,0 +1,136 @@
+---
+name: test-review
+description: Run Test Architect agent to validate test quality and coverage. Use after implementation passes code validator.
+---
+
+# Test Architect
+Run Test Architect agent to validate test quality and coverage. Use after implementation passes code validator.
+
+## Arguments
+
+**Usage:** `/agents:test-review <directory>`
+
+**Examples:**
+- `/agents:test-review ./tests`
+- `/agents:test-review ./src`
+- `/agents:test-review .`
+
+**Target Directory:** $ARGUMENTS
+
+---
+
+## Pre-Flight
+
+```bash
+echo "Running test architecture review on $ARGUMENTS..."
+echo "================================================="
+```
+
+Verify the target directory exists:
+
+```bash
+test -d "$ARGUMENTS" && echo "✓ Directory exists: $ARGUMENTS" || echo "ERROR: Directory '$ARGUMENTS' not found"
+```
+
+Enter and confirm location:
+
+```bash
+cd "$ARGUMENTS" && pwd
+```
+
+Check path exists:
+
+```bash
+[ -e "$ARGUMENTS" ] && echo "✓ $ARGUMENTS exists" || echo "Target directory does not exist"
+```
+
+
+---
+
+## Agent Invocation
+
+Run the Test Architect agent on the validated target directory:
+
+**Agent:** test-architect-agent.md
+**Model:** Sonnet
+**Target:** $ARGUMENTS
+
+The agent performs code quality validation across 5 categories (100 points total):
+
+| Category | Points | Focus |
+|----------|--------|-------|
+| Coverage Quality | 30 | Public function coverage, edge cases, error conditions, boundaries |
+| Test Design | 25 | Behavior verification, single purpose, naming, AAA pattern |
+| Test Independence | 20 | Order independence, no shared state, isolation, proper scoping |
+| Mutation Resistance | 15 | Tests catch logic inversions, boundary errors, removed validation |
+| Maintainability | 10 | No magic values, meaningful test data, appropriate DRY |
+
+---
+
+## Auto-Fail Conditions
+
+Critical issues that trigger immediate FAIL regardless of score:
+
+| ID | Condition |
+|----|-----------|
+| **AF-001** | Core functionality has no tests |
+| **AF-002** | Tests pass regardless of implementation correctness |
+| **AF-003** | Tests are coupled to implementation details |
+| **AF-004** | Non-deterministic (flaky) tests detected |
+| **AF-005** | Shared state causing test interference |
+| **AF-006** | Error paths completely untested |
+
+---
+
+## Decision Thresholds
+
+| Score | Decision | Meaning |
+|-------|----------|---------|
+| **>=70** | ✅ PASS | Validation passed, proceed to next phase |
+| **<70** | ❌ FAIL | Validation failed, fix issues before proceeding |
+
+**Note:** Any critical issue triggers FAIL regardless of score.
+
+---
+
+
+## PERSIST TO TRACKER (Required)
+
+> **IMPORTANT:** Save to tracker IMMEDIATELY after agent completes, BEFORE presenting the summary to the user. The workflow is not complete until results are persisted.
+**1. Get token metrics from buffer:**
+```bash
+agent-metrics buffer list --since 5m -f tracker
+```
+
+**2. Save to tracker (DO THIS FIRST):**
+
+mcp__uluops-tracker__save_features_list
+
+**3. Verify saved:** Compare `json.summary.total_issues` with saved count.
+
+**4. THEN present summary to user.**
+
+### Field Mappings
+
+**From JSON OUTPUT to Tracker:**
+| Source | Tracker Field | Notes |
+|--------|---------------|-------|
+| `json.result.score` | `validators[].score` | Total score |
+| `json.result.decision` | `validators[].status` | PASS/FAIL |
+| `buffer.model` | `validators[].model` | From agent-metrics buffer |
+| `buffer.tokens.input_tokens` | `input_tokens` | Raw input tokens |
+| `buffer.tokens.output_tokens` | `output_tokens` | Output tokens |
+| `buffer.tokens.cache_creation_tokens` | `cache_creation_tokens` | Cache creation |
+| `buffer.tokens.cache_read_tokens` | `cache_read_tokens` | Cache reads |
+| `buffer.tokens.total_effective_tokens` | `total_effective_tokens` | Effective total |
+| `json.categories[].findings[].issues[]` | `recommendations[]` | Flatten nested structure |
+
+**Note:** `json` = agent's JSON OUTPUT, `buffer` = `agent-metrics buffer list -f tracker`
+
+---
+
+## Source
+
+**CDL Schema:** `udl/definition-languages/cdl-schema-v1.1.0.json`
+**CDL Source:** `/home/alexs/uluops/uluops-agent-workflows/udl/cdl/v1/test-review.command.yaml`
+**Agent:** `agents/test-architect-agent.md`

package/assets/commands/agents/type-safety.md

@@ -0,0 +1,135 @@
+---
+name: type-safety
+description: Run Type Safety Validator on TypeScript projects. Validates beyond tsc—catches any abuse, unsafe assertions, type holes that pass compilation but cause runtime failures.
+---
+
+# Type Safety Validator
+Run Type Safety Validator on TypeScript projects. Validates beyond tsc—catches any abuse, unsafe assertions, type holes that pass compilation but cause runtime failures.
+
+## Arguments
+
+**Usage:** `/agents:type-safety <directory>`
+
+**Examples:**
+- `/agents:type-safety ./src`
+- `/agents:type-safety ./packages/api`
+- `/agents:type-safety .`
+
+**Target Directory:** $ARGUMENTS
+
+---
+
+## Pre-Flight
+
+```bash
+echo "Running type safety validation on $ARGUMENTS..."
+echo "==============================================="
+```
+
+Verify the target directory exists:
+
+```bash
+test -d "$ARGUMENTS" && echo "✓ Directory exists: $ARGUMENTS" || echo "ERROR: Directory '$ARGUMENTS' not found"
+```
+
+Enter and confirm location:
+
+```bash
+cd "$ARGUMENTS" && pwd
+```
+
+Check path exists:
+
+```bash
+[ -e "$ARGUMENTS" ] && echo "✓ $ARGUMENTS exists" || echo "Target directory does not exist"
+```
+
+
+---
+
+## Agent Invocation
+
+Run the Type Safety Validator agent on the validated target directory:
+
+**Agent:** type-safety-validator-agent.md
+**Model:** Sonnet
+**Target:** $ARGUMENTS
+
+The agent performs code quality validation across 5 categories (100 points total):
+
+| Category | Points | Focus |
+|----------|--------|-------|
+| Any Usage | 25 | Tracks explicit any, implicit any, and any isolation at boundaries |
+| Type Assertions | 25 | Validates safe use of as casts, non-null assertions, and suppressions |
+| Strict Mode Compliance | 20 | Validates strictNullChecks patterns, optional handling, union narrowing |
+| Generic & Complex Types | 15 | Validates generic constraints, type complexity, utility type usage |
+| Export Type Quality | 15 | Validates public API type accuracy, explicitness, and consumer safety |
+
+---
+
+## Auto-Fail Conditions
+
+Critical issues that trigger immediate FAIL regardless of score:
+
+| ID | Condition |
+|----|-----------|
+| **AF-001** | any in exported function signatures |
+| **AF-002** | Double assertions (as unknown as Type) |
+| **AF-003** | @ts-ignore on security/auth code without justification |
+| **AF-004** | strict: false in tsconfig for library code |
+| **AF-005** | Non-null assertions on untrusted/external data |
+
+---
+
+## Decision Thresholds
+
+| Score | Decision | Meaning |
+|-------|----------|---------|
+| **>=80** | ✅ PASS | Validation passed, proceed to next phase |
+| **<80** | ❌ FAIL | Validation failed, fix issues before proceeding |
+
+**Note:** Any critical issue triggers FAIL regardless of score.
+
+---
+
+
+## PERSIST TO TRACKER (Required)
+
+> **IMPORTANT:** Save to tracker IMMEDIATELY after agent completes, BEFORE presenting the summary to the user. The workflow is not complete until results are persisted.
+**1. Get token metrics from buffer:**
+```bash
+agent-metrics buffer list --since 5m -f tracker
+```
+
+**2. Save to tracker (DO THIS FIRST):**
+
+mcp__uluops-tracker__save_features_list
+
+**3. Verify saved:** Compare `json.summary.total_issues` with saved count.
+
+**4. THEN present summary to user.**
+
+### Field Mappings
+
+**From JSON OUTPUT to Tracker:**
+| Source | Tracker Field | Notes |
+|--------|---------------|-------|
+| `json.result.score` | `validators[].score` | Total score |
+| `json.result.decision` | `validators[].status` | PASS/FAIL |
+| `buffer.model` | `validators[].model` | From agent-metrics buffer |
+| `buffer.tokens.input_tokens` | `input_tokens` | Raw input tokens |
+| `buffer.tokens.output_tokens` | `output_tokens` | Output tokens |
+| `buffer.tokens.cache_creation_tokens` | `cache_creation_tokens` | Cache creation |
+| `buffer.tokens.cache_read_tokens` | `cache_read_tokens` | Cache reads |
+| `buffer.tokens.total_effective_tokens` | `total_effective_tokens` | Effective total |
+| `json.categories[].findings[].issues[]` | `recommendations[]` | Flatten nested structure |
+
+**Note:** `json` = agent's JSON OUTPUT, `buffer` = `agent-metrics buffer list -f tracker`
+
+---
+
+## Source
+
+**CDL Schema:** `udl/definition-languages/cdl-schema-v1.1.0.json`
+**CDL Source:** `/home/alexs/uluops/uluops-agent-workflows/udl/cdl/v1/type-safety.command.yaml`
+**Agent:** `agents/type-safety-validator-agent.md`