ada-agent 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (339) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +256 -0
  3. package/bench/README.md +88 -0
  4. package/bench/swebench.mjs +242 -0
  5. package/bin/ada-server.mjs +6 -0
  6. package/bin/ada.mjs +7 -0
  7. package/docs/agent-loop.svg +66 -0
  8. package/docs/architecture.md +139 -0
  9. package/docs/architecture.svg +73 -0
  10. package/docs/connectors.md +48 -0
  11. package/docs/integrations.md +59 -0
  12. package/docs/login-flow.svg +56 -0
  13. package/docs/orchestration.md +45 -0
  14. package/package.json +64 -0
  15. package/skills/accessibility/SKILL.md +23 -0
  16. package/skills/add-logging/SKILL.md +23 -0
  17. package/skills/add-metrics/SKILL.md +23 -0
  18. package/skills/adr/SKILL.md +24 -0
  19. package/skills/aesthetic-direction/SKILL.md +24 -0
  20. package/skills/agent-loop/SKILL.md +23 -0
  21. package/skills/alerting/SKILL.md +23 -0
  22. package/skills/alpha-compositing/SKILL.md +23 -0
  23. package/skills/android-compose/SKILL.md +23 -0
  24. package/skills/angular-module/SKILL.md +23 -0
  25. package/skills/ansible-playbook/SKILL.md +24 -0
  26. package/skills/api-docs/SKILL.md +24 -0
  27. package/skills/app-store-prep/SKILL.md +23 -0
  28. package/skills/architecture-diagram/SKILL.md +21 -0
  29. package/skills/architecture-doc/SKILL.md +24 -0
  30. package/skills/audit-log/SKILL.md +23 -0
  31. package/skills/authz-review/SKILL.md +23 -0
  32. package/skills/aws-lambda/SKILL.md +24 -0
  33. package/skills/bash-script/SKILL.md +23 -0
  34. package/skills/batch/SKILL.md +23 -0
  35. package/skills/bisect/SKILL.md +23 -0
  36. package/skills/bounding-box/SKILL.md +24 -0
  37. package/skills/branch-cleanup/SKILL.md +23 -0
  38. package/skills/bundle-analyze/SKILL.md +23 -0
  39. package/skills/cache/SKILL.md +23 -0
  40. package/skills/call-graph/SKILL.md +23 -0
  41. package/skills/canvas-debug/SKILL.md +23 -0
  42. package/skills/cdn-setup/SKILL.md +23 -0
  43. package/skills/changelog/SKILL.md +24 -0
  44. package/skills/cherry-pick/SKILL.md +23 -0
  45. package/skills/ci-setup/SKILL.md +23 -0
  46. package/skills/cleanup/SKILL.md +23 -0
  47. package/skills/cli-tool/SKILL.md +23 -0
  48. package/skills/cloudformation/SKILL.md +23 -0
  49. package/skills/code-examples/SKILL.md +24 -0
  50. package/skills/code-review/SKILL.md +23 -0
  51. package/skills/color-palette/SKILL.md +24 -0
  52. package/skills/color-space/SKILL.md +24 -0
  53. package/skills/comment-why/SKILL.md +23 -0
  54. package/skills/commit/SKILL.md +26 -0
  55. package/skills/complexity-audit/SKILL.md +23 -0
  56. package/skills/component/SKILL.md +23 -0
  57. package/skills/component-library/SKILL.md +23 -0
  58. package/skills/connect-github/SKILL.md +20 -0
  59. package/skills/connect-mcp/SKILL.md +21 -0
  60. package/skills/connect-postgres/SKILL.md +20 -0
  61. package/skills/connect-remote/SKILL.md +23 -0
  62. package/skills/connect-slack/SKILL.md +20 -0
  63. package/skills/contract-audit/SKILL.md +25 -0
  64. package/skills/contributing/SKILL.md +23 -0
  65. package/skills/cpp-raii/SKILL.md +23 -0
  66. package/skills/cron-job/SKILL.md +23 -0
  67. package/skills/cv-preprocess/SKILL.md +24 -0
  68. package/skills/dark-mode/SKILL.md +24 -0
  69. package/skills/dashboard/SKILL.md +23 -0
  70. package/skills/dashboard-ui/SKILL.md +23 -0
  71. package/skills/data-export/SKILL.md +23 -0
  72. package/skills/data-validation/SKILL.md +23 -0
  73. package/skills/dataframe/SKILL.md +23 -0
  74. package/skills/db-index/SKILL.md +24 -0
  75. package/skills/dead-code/SKILL.md +23 -0
  76. package/skills/debug/SKILL.md +24 -0
  77. package/skills/deck-review/SKILL.md +24 -0
  78. package/skills/dedupe/SKILL.md +23 -0
  79. package/skills/dedupe-deps/SKILL.md +23 -0
  80. package/skills/dependency-audit/SKILL.md +23 -0
  81. package/skills/dependency-update/SKILL.md +23 -0
  82. package/skills/deploy/SKILL.md +23 -0
  83. package/skills/design-system/SKILL.md +24 -0
  84. package/skills/design-tokens/SKILL.md +24 -0
  85. package/skills/diagram-as-code/SKILL.md +24 -0
  86. package/skills/diff-explain/SKILL.md +23 -0
  87. package/skills/django-view/SKILL.md +23 -0
  88. package/skills/doc-lint/SKILL.md +24 -0
  89. package/skills/docker-compose/SKILL.md +23 -0
  90. package/skills/dockerize/SKILL.md +23 -0
  91. package/skills/docstrings/SKILL.md +23 -0
  92. package/skills/dotfiles/SKILL.md +23 -0
  93. package/skills/dpi-scaling/SKILL.md +23 -0
  94. package/skills/e2e-test/SKILL.md +23 -0
  95. package/skills/embeddings/SKILL.md +23 -0
  96. package/skills/empty-states/SKILL.md +23 -0
  97. package/skills/env-setup/SKILL.md +23 -0
  98. package/skills/erc20/SKILL.md +24 -0
  99. package/skills/error-tracking/SKILL.md +23 -0
  100. package/skills/estimate/SKILL.md +23 -0
  101. package/skills/etl-pipeline/SKILL.md +24 -0
  102. package/skills/eval-harness/SKILL.md +23 -0
  103. package/skills/exif-orientation/SKILL.md +23 -0
  104. package/skills/explain-code/SKILL.md +23 -0
  105. package/skills/express-middleware/SKILL.md +23 -0
  106. package/skills/extract-function/SKILL.md +23 -0
  107. package/skills/faq/SKILL.md +24 -0
  108. package/skills/fastapi-endpoint/SKILL.md +23 -0
  109. package/skills/favicon/SKILL.md +23 -0
  110. package/skills/feature-engineering/SKILL.md +23 -0
  111. package/skills/few-shot/SKILL.md +23 -0
  112. package/skills/find-owner/SKILL.md +23 -0
  113. package/skills/firmware-driver/SKILL.md +23 -0
  114. package/skills/fix-flaky-tests/SKILL.md +23 -0
  115. package/skills/flutter-widget/SKILL.md +23 -0
  116. package/skills/font-rendering/SKILL.md +23 -0
  117. package/skills/form-validation/SKILL.md +23 -0
  118. package/skills/format/SKILL.md +23 -0
  119. package/skills/game-loop/SKILL.md +23 -0
  120. package/skills/gas-optimize/SKILL.md +25 -0
  121. package/skills/gdpr-review/SKILL.md +24 -0
  122. package/skills/github-actions/SKILL.md +23 -0
  123. package/skills/glossary/SKILL.md +24 -0
  124. package/skills/go-idioms/SKILL.md +23 -0
  125. package/skills/gpu-profile/SKILL.md +23 -0
  126. package/skills/graphify/SKILL.md +21 -0
  127. package/skills/graphql-resolver/SKILL.md +23 -0
  128. package/skills/grpc-service/SKILL.md +23 -0
  129. package/skills/guardrails/SKILL.md +23 -0
  130. package/skills/healthcheck/SKILL.md +23 -0
  131. package/skills/heisenbug/SKILL.md +23 -0
  132. package/skills/helm-chart/SKILL.md +24 -0
  133. package/skills/hero-section/SKILL.md +23 -0
  134. package/skills/html-email/SKILL.md +24 -0
  135. package/skills/html-form/SKILL.md +23 -0
  136. package/skills/html-sanitize/SKILL.md +23 -0
  137. package/skills/html-table/SKILL.md +23 -0
  138. package/skills/html-to-pdf/SKILL.md +23 -0
  139. package/skills/http-client/SKILL.md +23 -0
  140. package/skills/i18n/SKILL.md +23 -0
  141. package/skills/i2c-spi/SKILL.md +23 -0
  142. package/skills/image-decode/SKILL.md +24 -0
  143. package/skills/image-memory/SKILL.md +24 -0
  144. package/skills/image-perf/SKILL.md +24 -0
  145. package/skills/image-pipeline/SKILL.md +24 -0
  146. package/skills/image-upload/SKILL.md +24 -0
  147. package/skills/infra-cost/SKILL.md +24 -0
  148. package/skills/input-validation/SKILL.md +23 -0
  149. package/skills/issue-template/SKILL.md +23 -0
  150. package/skills/java-streams/SKILL.md +23 -0
  151. package/skills/k8s-manifest/SKILL.md +23 -0
  152. package/skills/kotlin-coroutines/SKILL.md +23 -0
  153. package/skills/landing-page/SKILL.md +24 -0
  154. package/skills/laravel-controller/SKILL.md +23 -0
  155. package/skills/lazy-load/SKILL.md +23 -0
  156. package/skills/license-check/SKILL.md +23 -0
  157. package/skills/license-header/SKILL.md +23 -0
  158. package/skills/lint-fix/SKILL.md +23 -0
  159. package/skills/llm-cost/SKILL.md +23 -0
  160. package/skills/lockfile-fix/SKILL.md +23 -0
  161. package/skills/low-power/SKILL.md +23 -0
  162. package/skills/makefile/SKILL.md +23 -0
  163. package/skills/man-page/SKILL.md +24 -0
  164. package/skills/mcp-server/SKILL.md +23 -0
  165. package/skills/memory-leak/SKILL.md +23 -0
  166. package/skills/mermaid-diagram/SKILL.md +23 -0
  167. package/skills/meta-tags/SKILL.md +23 -0
  168. package/skills/micro-interactions/SKILL.md +23 -0
  169. package/skills/migration/SKILL.md +23 -0
  170. package/skills/migration-guide/SKILL.md +24 -0
  171. package/skills/mkdocs-setup/SKILL.md +24 -0
  172. package/skills/mobile-permissions/SKILL.md +23 -0
  173. package/skills/mock-api/SKILL.md +23 -0
  174. package/skills/modernize/SKILL.md +23 -0
  175. package/skills/monorepo-setup/SKILL.md +23 -0
  176. package/skills/motion-design/SKILL.md +23 -0
  177. package/skills/n-plus-one/SKILL.md +23 -0
  178. package/skills/naming-review/SKILL.md +23 -0
  179. package/skills/nextjs-route/SKILL.md +23 -0
  180. package/skills/nginx-config/SKILL.md +23 -0
  181. package/skills/ocr-debug/SKILL.md +24 -0
  182. package/skills/onboard/SKILL.md +23 -0
  183. package/skills/onboarding-map/SKILL.md +23 -0
  184. package/skills/open-pr/SKILL.md +24 -0
  185. package/skills/openapi/SKILL.md +23 -0
  186. package/skills/opencv-debug/SKILL.md +24 -0
  187. package/skills/orm-model/SKILL.md +23 -0
  188. package/skills/owasp-check/SKILL.md +24 -0
  189. package/skills/page-transitions/SKILL.md +23 -0
  190. package/skills/pagination/SKILL.md +23 -0
  191. package/skills/perf-optimize/SKILL.md +23 -0
  192. package/skills/perf-profile/SKILL.md +23 -0
  193. package/skills/physics/SKILL.md +23 -0
  194. package/skills/pitch-deck/SKILL.md +24 -0
  195. package/skills/pixel-diff/SKILL.md +23 -0
  196. package/skills/ponytail/SKILL.md +46 -0
  197. package/skills/postmortem/SKILL.md +24 -0
  198. package/skills/pptx-deck/SKILL.md +23 -0
  199. package/skills/pptx-export/SKILL.md +23 -0
  200. package/skills/pptx-from-markdown/SKILL.md +23 -0
  201. package/skills/pptx-template/SKILL.md +24 -0
  202. package/skills/pr-review/SKILL.md +24 -0
  203. package/skills/precommit/SKILL.md +23 -0
  204. package/skills/pricing-page/SKILL.md +23 -0
  205. package/skills/project-overview/SKILL.md +22 -0
  206. package/skills/prompt-template/SKILL.md +23 -0
  207. package/skills/property-test/SKILL.md +23 -0
  208. package/skills/protobuf/SKILL.md +23 -0
  209. package/skills/py-async/SKILL.md +23 -0
  210. package/skills/py-typing/SKILL.md +23 -0
  211. package/skills/query-optimize/SKILL.md +23 -0
  212. package/skills/rag-pipeline/SKILL.md +23 -0
  213. package/skills/rails-resource/SKILL.md +23 -0
  214. package/skills/rate-limit/SKILL.md +23 -0
  215. package/skills/react-hooks/SKILL.md +23 -0
  216. package/skills/react-native-screen/SKILL.md +23 -0
  217. package/skills/react-perf/SKILL.md +23 -0
  218. package/skills/readme/SKILL.md +24 -0
  219. package/skills/rebase/SKILL.md +24 -0
  220. package/skills/refactor/SKILL.md +23 -0
  221. package/skills/regression-test/SKILL.md +23 -0
  222. package/skills/release-notes/SKILL.md +24 -0
  223. package/skills/rename-symbol/SKILL.md +23 -0
  224. package/skills/repro/SKILL.md +23 -0
  225. package/skills/resolve-conflicts/SKILL.md +23 -0
  226. package/skills/responsive/SKILL.md +23 -0
  227. package/skills/rest-endpoint/SKILL.md +23 -0
  228. package/skills/retro/SKILL.md +23 -0
  229. package/skills/rtos-task/SKILL.md +23 -0
  230. package/skills/runbook/SKILL.md +25 -0
  231. package/skills/rust-borrow/SKILL.md +23 -0
  232. package/skills/rust-unsafe-audit/SKILL.md +23 -0
  233. package/skills/sanitize/SKILL.md +23 -0
  234. package/skills/schema-design/SKILL.md +23 -0
  235. package/skills/screenshot-debug/SKILL.md +22 -0
  236. package/skills/scroll-animation/SKILL.md +23 -0
  237. package/skills/secret-scan/SKILL.md +23 -0
  238. package/skills/security-audit/SKILL.md +23 -0
  239. package/skills/security-review/SKILL.md +23 -0
  240. package/skills/seed-data/SKILL.md +23 -0
  241. package/skills/self-review/SKILL.md +23 -0
  242. package/skills/semantic-html/SKILL.md +23 -0
  243. package/skills/semver-bump/SKILL.md +24 -0
  244. package/skills/shader/SKILL.md +23 -0
  245. package/skills/shader-debug/SKILL.md +23 -0
  246. package/skills/simplify-conditionals/SKILL.md +23 -0
  247. package/skills/sitemap/SKILL.md +23 -0
  248. package/skills/skeleton-loader/SKILL.md +23 -0
  249. package/skills/slide-charts/SKILL.md +24 -0
  250. package/skills/slide-outline/SKILL.md +23 -0
  251. package/skills/snapshot-update/SKILL.md +23 -0
  252. package/skills/solidity-contract/SKILL.md +25 -0
  253. package/skills/speaker-notes/SKILL.md +23 -0
  254. package/skills/spike/SKILL.md +23 -0
  255. package/skills/split-file/SKILL.md +23 -0
  256. package/skills/spring-controller/SKILL.md +23 -0
  257. package/skills/sprite-anim/SKILL.md +23 -0
  258. package/skills/sql-report/SKILL.md +23 -0
  259. package/skills/squash/SKILL.md +24 -0
  260. package/skills/ssl-setup/SKILL.md +23 -0
  261. package/skills/stacktrace/SKILL.md +23 -0
  262. package/skills/static-site/SKILL.md +24 -0
  263. package/skills/structured-logging/SKILL.md +23 -0
  264. package/skills/svelte-store/SKILL.md +23 -0
  265. package/skills/swiftui-view/SKILL.md +23 -0
  266. package/skills/tailwind-theme/SKILL.md +24 -0
  267. package/skills/tcp-server/SKILL.md +23 -0
  268. package/skills/tdd/SKILL.md +23 -0
  269. package/skills/terraform-module/SKILL.md +24 -0
  270. package/skills/test-coverage/SKILL.md +23 -0
  271. package/skills/texture-debug/SKILL.md +23 -0
  272. package/skills/threat-model/SKILL.md +23 -0
  273. package/skills/thumbnail/SKILL.md +24 -0
  274. package/skills/todo-scan/SKILL.md +23 -0
  275. package/skills/tool-definition/SKILL.md +23 -0
  276. package/skills/trace-flow/SKILL.md +23 -0
  277. package/skills/tracing/SKILL.md +23 -0
  278. package/skills/train-model/SKILL.md +24 -0
  279. package/skills/tree-shake/SKILL.md +23 -0
  280. package/skills/ts-generics/SKILL.md +23 -0
  281. package/skills/ts-strict/SKILL.md +23 -0
  282. package/skills/tui-app/SKILL.md +23 -0
  283. package/skills/tutorial/SKILL.md +24 -0
  284. package/skills/type-tighten/SKILL.md +23 -0
  285. package/skills/typography/SKILL.md +24 -0
  286. package/skills/ui-bug-repro/SKILL.md +23 -0
  287. package/skills/ui-polish/SKILL.md +24 -0
  288. package/skills/ui-review/SKILL.md +24 -0
  289. package/skills/vendor/SKILL.md +23 -0
  290. package/skills/visual-diff-ci/SKILL.md +24 -0
  291. package/skills/visual-regression/SKILL.md +23 -0
  292. package/skills/vue-composition/SKILL.md +23 -0
  293. package/skills/web-component/SKILL.md +23 -0
  294. package/skills/web-fonts/SKILL.md +24 -0
  295. package/skills/web3-frontend/SKILL.md +25 -0
  296. package/skills/webgl-debug/SKILL.md +23 -0
  297. package/skills/webhook/SKILL.md +23 -0
  298. package/skills/websocket/SKILL.md +23 -0
  299. package/skills/write-tests/SKILL.md +19 -0
  300. package/src/client/agent.ts +803 -0
  301. package/src/client/background.ts +39 -0
  302. package/src/client/checkpoint.ts +48 -0
  303. package/src/client/cli.ts +1253 -0
  304. package/src/client/compaction.ts +86 -0
  305. package/src/client/extensions.ts +83 -0
  306. package/src/client/hooks.ts +40 -0
  307. package/src/client/image.ts +26 -0
  308. package/src/client/lsp.ts +0 -0
  309. package/src/client/mcp.ts +276 -0
  310. package/src/client/models-dev.ts +52 -0
  311. package/src/client/pkg.ts +41 -0
  312. package/src/client/platform.ts +94 -0
  313. package/src/client/prompts.ts +47 -0
  314. package/src/client/render.ts +138 -0
  315. package/src/client/session.ts +107 -0
  316. package/src/client/settings.ts +86 -0
  317. package/src/client/skill-router.ts +79 -0
  318. package/src/client/skills.ts +199 -0
  319. package/src/client/snapshot.ts +56 -0
  320. package/src/client/telemetry.ts +24 -0
  321. package/src/client/todos.ts +23 -0
  322. package/src/client/tools.ts +756 -0
  323. package/src/client/tui-mode.ts +41 -0
  324. package/src/client/tui.ts +224 -0
  325. package/src/sdk/index.ts +36 -0
  326. package/src/selfcheck.ts +364 -0
  327. package/src/server/config.ts +58 -0
  328. package/src/server/credentials.ts +89 -0
  329. package/src/server/identity.ts +58 -0
  330. package/src/server/index.ts +113 -0
  331. package/src/server/oauth.ts +93 -0
  332. package/src/server/providers/adapter.ts +25 -0
  333. package/src/server/providers/anthropic.ts +189 -0
  334. package/src/server/providers/openai-compat.ts +76 -0
  335. package/src/server/providers/registry.ts +31 -0
  336. package/src/server/router.ts +29 -0
  337. package/src/server/sse.ts +20 -0
  338. package/src/shared/types.ts +20 -0
  339. package/tsconfig.json +15 -0
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: self-review
3
+ description: Run a pre-PR self-review checklist over your own changes before opening the PR
4
+ category: review
5
+ ---
6
+
7
+ # Self Review
8
+
9
+ Use this right before you open a PR or hand off work — read your own diff as a skeptical reviewer would, catching the obvious stuff before someone else does.
10
+
11
+ 1. Run `git diff main...HEAD` and read every hunk top to bottom as if you'd never seen it.
12
+ 2. Confirm the diff is scoped: no stray debug prints, commented-out code, leftover TODOs, or unrelated reformatting.
13
+ 3. Check the change actually does what the task asked — re-read the requirements and map each one to a line in the diff.
14
+ 4. Verify edge cases and error paths are handled (empty input, nulls, failures, concurrency) and that new behavior has tests.
15
+ 5. Run the build, linter, formatter, and test suite; fix anything red before proceeding.
16
+ 6. Review the commit messages and PR description for clarity, then list any follow-ups you're deliberately deferring.
17
+
18
+ ## Rules
19
+ - Read the whole diff, not just the files you remember editing — staging mistakes hide in the rest.
20
+ - Be your own harshest reviewer; if a line would draw a comment from a teammate, fix it now.
21
+ - Don't claim tests pass without actually running them and seeing green output.
22
+ - Keep unrelated cleanups out of the PR — file them separately so the diff stays reviewable.
23
+ - If something is intentionally incomplete, call it out explicitly rather than hoping nobody notices.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: semantic-html
3
+ description: Audit and fix HTML for semantic structure and accessibility — landmarks, headings, ARIA, and keyboard support.
4
+ category: html
5
+ ---
6
+
7
+ # Semantic HTML
8
+
9
+ Use when markup is a soup of `<div>`s, screen-reader output is broken, or an accessibility audit failed. The goal is meaning-bearing elements over generic containers.
10
+
11
+ 1. Replace `<div>`-as-everything with landmarks: `<header> <nav> <main> <article> <section> <aside> <footer>`; exactly one `<main>` per page.
12
+ 2. Fix the heading outline: a single `<h1>`, no skipped levels, headings chosen by document hierarchy not font size.
13
+ 3. Swap fake interactive elements (`<div onclick>`) for real `<button>` / `<a>`; ensure everything actionable is keyboard-focusable and has a visible focus ring.
14
+ 4. Add accessible names: `alt` on images (empty `alt=""` for decorative), `<label>` tied to every input, `aria-label` only where no visible text exists.
15
+ 5. Use ARIA sparingly — prefer native semantics; only add roles/states the platform can't express, and never override correct native roles.
16
+ 6. Validate: run an axe / Lighthouse / WAVE pass, tab through the page, and check with a screen reader (NVDA/VoiceOver) for sensible reading order.
17
+
18
+ ## Rules
19
+ - Native element first, ARIA last; a `<button>` beats `role="button"` every time.
20
+ - No `alt`-less images, no unlabeled form controls, no positive `tabindex`.
21
+ - Don't use heading tags or lists for visual styling; style with CSS instead.
22
+ - Maintain logical DOM order so reading/tab order matches the visual layout.
23
+ - Every interactive control must be operable by keyboard and have a focus indicator (don't `outline:none` without a replacement).
@@ -0,0 +1,24 @@
1
+ ---
2
+ name: semver-bump
3
+ description: Bump the project version per semver, update changelog, and create the release tag
4
+ category: compliance
5
+ ---
6
+
7
+ # Semver Bump
8
+
9
+ Reach for this when cutting a release and you need to choose the right version increment and tag it consistently.
10
+
11
+ 1. Determine the bump from the changes since the last tag: MAJOR for breaking API changes, MINOR for backward-compatible features, PATCH for backward-compatible fixes (`git log <lastTag>..HEAD`).
12
+ 2. Update the version in the source of truth (`package.json`, `pyproject.toml`, `Cargo.toml`, `VERSION`, etc.) and any places that mirror it.
13
+ 3. Update `CHANGELOG.md`: move Unreleased entries under the new version with the date, grouped by Added/Changed/Fixed/Removed.
14
+ 4. Commit with a clear message (e.g. `chore(release): v1.4.0`) on a release branch, not directly on a protected default branch.
15
+ 5. Create an annotated, prefixed tag matching the repo convention: `git tag -a v1.4.0 -m "v1.4.0"`.
16
+ 6. Push the commit and tag (`git push && git push --tags`) and open the PR / trigger the release pipeline.
17
+
18
+ ## Rules
19
+ - A breaking change is MAJOR even if it feels small; never hide it in a MINOR/PATCH.
20
+ - Pre-1.0.0: treat MINOR as the place for breaking changes (the 0.y.z special case) per semver.
21
+ - Keep the tag format consistent with existing tags (`v`-prefixed or not) — check `git tag` first.
22
+ - Use annotated tags (`-a`) so the tag carries metadata; lightweight tags break some release tooling.
23
+ - Don't reuse or move a published tag; if wrong, cut a new version rather than rewriting history.
24
+ - Bump the version and changelog in the same commit so the tag points at a coherent state.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: shader
3
+ description: Write and wire up a GLSL or WGSL shader with correct varyings and uniforms
4
+ category: gamedev
5
+ ---
6
+
7
+ # Shader
8
+
9
+ Use when authoring a vertex/fragment (or compute) shader and binding it to geometry, uniforms, and textures.
10
+
11
+ 1. Decide the stage and language target (GLSL ES 3.0, GLSL 4.x core, or WGSL) and match it to your graphics API.
12
+ 2. Declare inputs explicitly: vertex attributes by location, varyings (`out`/`in`) matching between stages by name and type.
13
+ 3. Pass per-draw data via uniforms / uniform buffers / push constants; keep the layout in sync with host-side structs.
14
+ 4. In the vertex stage output clip-space position; in the fragment stage compute color, sampling textures with a bound sampler.
15
+ 5. Compile and check the info log; fail loudly on shader compile and program link errors before first draw.
16
+ 6. Verify output with a flat color or UV-visualization pass before adding lighting or effects.
17
+
18
+ ## Rules
19
+ - Varying names and types must match exactly across vertex→fragment, or linking silently mismatches.
20
+ - Watch precision qualifiers in GLSL ES (`highp`/`mediump`) — defaults differ between desktop and mobile.
21
+ - Respect uniform buffer std140/std430 alignment; a `vec3` is padded to 16 bytes and will corrupt later fields.
22
+ - Y axis and clip-space depth range differ between OpenGL, Vulkan/WGSL, and D3D — flip UVs/viewport as needed.
23
+ - Avoid dynamic branching and unbounded loops in fragment shaders on mobile GPUs; prefer `mix`/`step`.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: shader-debug
3
+ description: Debug a GLSL/WGSL shader: black/garbage output, NaNs, wrong UVs, precision and uniform mismatches
4
+ category: graphics
5
+ ---
6
+
7
+ # Shader Debug
8
+
9
+ Reach for this when geometry draws but the shading is wrong: solid black, blown-out white, banding, flicker, or NaN holes.
10
+
11
+ 1. Reproduce with a constant: replace the fragment output with `gl_FragColor = vec4(1.0,0.0,1.0,1.0)` (or `return vec4(1,0,1,1)`). If magenta shows, the pixeling pipeline is fine and the bug is in your math/inputs.
12
+ 2. Visualize inputs as color instead of guessing: output `vec4(uv, 0, 1)`, then `vec4(normal*0.5+0.5,1)`, then each uniform. Wrong gradients pinpoint bad UVs, un-normalized normals, or a uniform stuck at 0.
13
+ 3. Hunt NaN/Inf: they propagate to black or weird pixels. Guard `pow`, `log`, `sqrt`, `normalize(vec3(0))`, and divides by length/dot that can hit zero. Add `if (isnan(x)) out = vec4(1,0,0,1);` to see where.
14
+ 4. Check uniforms actually arrive: confirm the uniform location is valid (not -1), the value is set every frame after binding the program, and the CPU/GPU types match (a `float` sent to a `vec3`, or an int/float mismatch, silently misbehaves).
15
+ 5. For mobile-only or GPU-specific breakage, add explicit `precision highp float;` and test — default `mediump` overflows on large coords/times, causing banding or jitter that desktop hides.
16
+ 6. Confirm UV orientation: many pipelines flip V. If textures appear upside-down or mirrored, try `uv.y = 1.0 - uv.y` and fix at the source (texcoord upload or sampler), not per-shader hacks.
17
+
18
+ ## Rules
19
+ - A uniform location of -1 means the name is wrong OR the compiler dead-stripped it because it's unused — verify it's actually referenced.
20
+ - `normalize` of a zero vector is NaN; guard any vector that can degenerate.
21
+ - Don't trust `mediump` for world-space positions or `time` — promote to `highp` and confirm the artifact moves.
22
+ - GLSL has no debugger; debug by writing intermediate values to the output color, one at a time.
23
+ - Match CPU and GPU types and component counts exactly — silent mismatches are the most common "looks fine but wrong" bug.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: simplify-conditionals
3
+ description: Flatten nested or complex branches using guard clauses and early returns
4
+ category: refactoring
5
+ ---
6
+
7
+ # Simplify Conditionals
8
+
9
+ Use when branching is deeply nested, hard to follow, or buried in negations. The aim is to make the happy path obvious and edge cases explicit.
10
+
11
+ 1. Identify the failure/edge conditions and convert them into guard clauses that return early at the top.
12
+ 2. Flatten the remaining nesting so the main logic sits at the lowest indentation level.
13
+ 3. Replace negated and compound conditions with positively-named boolean variables or small predicates.
14
+ 4. Collapse redundant branches (duplicate arms, dead `else`, unreachable cases) and consider a lookup table for long if/else chains.
15
+ 5. Confirm the truth table is unchanged — every input still hits the same outcome.
16
+ 6. Run tests, especially around boundary and short-circuit cases.
17
+
18
+ ## Rules
19
+ - Early returns must preserve any cleanup that ran in the original tail — watch for finally/teardown.
20
+ - Don't change short-circuit order if conditions have side effects or guard against null/undefined.
21
+ - Keep guard clauses for true exceptions only; don't shove core logic into early returns.
22
+ - Extract a complex condition into a well-named helper rather than commenting it.
23
+ - Re-verify de Morgan transforms (`!(a && b)` ↔ `!a || !b`) — these are an easy place to flip behavior.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: sitemap
3
+ description: Generate a valid sitemap.xml and robots.txt so crawlers discover and correctly index every public URL.
4
+ category: html
5
+ ---
6
+
7
+ # Sitemap
8
+
9
+ Use when launching or growing a site and you want search engines to find all pages and respect crawl rules.
10
+
11
+ 1. Enumerate canonical, indexable URLs (skip noindex, redirects, auth-only, and duplicate query-string variants); use absolute https URLs.
12
+ 2. Emit `sitemap.xml` with the `urlset` schema: one `<url>` per page with `<loc>` and accurate `<lastmod>` (ISO 8601); `changefreq`/`priority` are optional and largely ignored.
13
+ 3. If over 50,000 URLs or 50MB uncompressed, split into multiple sitemaps and reference them from a `sitemapindex` file.
14
+ 4. Write `robots.txt` at the site root: allow crawlers to public content, `Disallow` admin/private paths, and add a `Sitemap: https://.../sitemap.xml` line.
15
+ 5. Automate generation in the build (crawl the route table or filesystem) so the sitemap never drifts from the real pages.
16
+ 6. Validate the XML, then submit the sitemap in Google Search Console / Bing Webmaster Tools and confirm it's fetched without errors.
17
+
18
+ ## Rules
19
+ - Only list canonical, 200-status, indexable URLs; broken or redirected entries hurt trust.
20
+ - `robots.txt` blocks crawling, not indexing — use `<meta robots noindex>` to keep a page out of results.
21
+ - Keep `lastmod` honest; faking recent dates can get the sitemap ignored.
22
+ - Both files live at the domain root (`/sitemap.xml`, `/robots.txt`) and must be publicly fetchable.
23
+ - Don't `Disallow` resources (CSS/JS) the page needs to render — Google penalizes blocked rendering.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: skeleton-loader
3
+ description: Build loading skeletons and shimmer that mirror the final layout to reduce perceived wait and CLS.
4
+ category: ui-design
5
+ ---
6
+
7
+ # Skeleton Loader
8
+
9
+ Reach for this when content takes a beat to load and a spinner would feel slow or cause layout shift — skeletons preview structure so the page feels fast and stable.
10
+
11
+ 1. Mirror the real layout: build the skeleton from the same component with placeholder blocks at the actual sizes/positions, so swapping in data causes zero shift (protects CLS).
12
+ 2. Skeleton-ize structure, not pixels: a few grey rounded blocks for title/avatar/lines — vary line widths (last line ~60%) so it reads as text, not a wireframe of every glyph.
13
+ 3. Animate with a restrained shimmer: a slow gradient sweep (~1.5–2s linear, looping) or a gentle opacity pulse — subtle, low-contrast, never a strobing distraction.
14
+ 4. Use the skeleton only past a perception threshold: render instantly when content is likely <~200ms? show nothing or the cached value; show the skeleton when you expect a real wait, and avoid flash-of-skeleton for sub-100ms loads.
15
+ 5. Transition out smoothly: crossfade skeleton → content (~150ms) rather than a hard pop, and stagger if many items resolve together.
16
+ 6. Honor `prefers-reduced-motion` by replacing the sweep with a static muted block, and keep the skeleton color derived from your surface/muted tokens for theme + dark-mode correctness.
17
+
18
+ ## Rules
19
+ - Skeleton dimensions must equal final dimensions — if the content reflows on load, the skeleton failed its one job.
20
+ - Keep shimmer low-contrast and slow; a fast, high-contrast sweep is more annoying than a spinner.
21
+ - Don't skeleton a whole page when only one region is async — load shell + chrome instantly, skeleton just the pending part.
22
+ - Avoid skeleton flicker: gate on a short delay so fast responses never flash a placeholder.
23
+ - Build from muted/surface tokens so it adapts to light/dark automatically — no hard-coded greys.
@@ -0,0 +1,24 @@
1
+ ---
2
+ name: slide-charts
3
+ description: Add native charts and tables to slides from data using python-pptx chart and table APIs.
4
+ category: pptx
5
+ ---
6
+
7
+ # Slide Charts
8
+
9
+ Use when a slide needs to visualize numbers — trends, comparisons, breakdowns — or present structured rows of data.
10
+
11
+ 1. Get the data into a clean structure (lists/dict or a DataFrame) and decide the message the chart must make obvious.
12
+ 2. Pick the chart type for that message: line for trend, bar/column for comparison, pie/doughnut sparingly for parts-of-whole.
13
+ 3. Build a `CategoryChartData` with `.categories` and one or more `.add_series(name, values)`.
14
+ 4. Place it with `slide.shapes.add_chart(XL_CHART_TYPE.<TYPE>, x, y, cx, cy, chart_data)` using `Inches(...)` coordinates.
15
+ 5. Style for clarity: title, data labels where useful, legend only if multi-series, and brand colors on the series fill.
16
+ 6. For tabular data use `shapes.add_table(rows, cols, ...)`, bold the header row, and keep it to the columns that matter.
17
+
18
+ ## Rules
19
+ - Native python-pptx charts stay editable in PowerPoint; only fall back to an image (matplotlib export) when a chart type isn't supported.
20
+ - One chart, one message — don't overload axes or stack unrelated series.
21
+ - Label axes and units; never show a bare number with no context.
22
+ - Avoid 3-D effects and chart junk; they distort perception and hurt readability.
23
+ - Keep tables small (rough max ~6 columns, ~8 rows) — dense grids belong in an appendix or handout.
24
+ - Sort categories meaningfully (by value or time), not alphabetically by default.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: slide-outline
3
+ description: Outline a presentation as one idea per slide before building any actual slides.
4
+ category: pptx
5
+ ---
6
+
7
+ # Slide Outline
8
+
9
+ Always reach for this before generating a deck. A tight outline prevents bloated, unfocused slides and makes the build step mechanical.
10
+
11
+ 1. Pin down the single goal of the talk and the one action or belief you want the audience to leave with.
12
+ 2. Identify the audience and time budget (roughly 1-2 minutes per content slide) to bound the slide count.
13
+ 3. List each slide as a one-line takeaway headline — the assertion, not the topic ("Churn dropped 30% after onboarding redesign", not "Churn").
14
+ 4. Under each headline note the supporting evidence: a stat, chart, image, or 2-3 bullets — nothing more.
15
+ 5. Order for narrative flow (hook → context → core argument → evidence → call to action) and check each slide earns its place.
16
+ 6. Review the outline with the user, then hand it to pptx-deck or pptx-from-markdown to build.
17
+
18
+ ## Rules
19
+ - One idea per slide; if a headline contains "and", split it into two slides.
20
+ - Headlines are full assertions, not topic labels.
21
+ - Keep supporting points to 3 or fewer per slide at the outline stage.
22
+ - Cut any slide that doesn't advance the single goal.
23
+ - Settle structure and message in the outline; defer all visual styling to the build.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: snapshot-update
3
+ description: Review snapshot test diffs and update them intentionally, never blindly accepting all
4
+ category: testing
5
+ ---
6
+
7
+ # Snapshot Update
8
+
9
+ Use when snapshot tests fail after a change and you need to decide which diffs are intended versus regressions.
10
+
11
+ 1. Run the snapshot tests and read each failing diff in full before touching the snapshot files.
12
+ 2. For every diff, decide deliberately: is this the change I intended, or did I break something I didn't mean to?
13
+ 3. Fix the code for any unintended diff; only update the snapshot for diffs that reflect intended behavior.
14
+ 4. Update accepted snapshots (e.g. `--update`/`-u`) and re-run to confirm the suite is green.
15
+ 5. Open the snapshot file changes in the diff and review them like any other code change before committing.
16
+ 6. Commit the snapshot updates alongside the code change that justifies them, with a message explaining why.
17
+
18
+ ## Rules
19
+ - Never run a blanket "update all snapshots" without reading every diff — that turns the test into a rubber stamp.
20
+ - A snapshot diff you can't explain is a regression until proven otherwise; investigate, don't accept.
21
+ - Keep snapshots small and focused; giant snapshots hide meaningful diffs in noise — prefer targeted assertions for logic.
22
+ - Commit snapshot updates with the change that caused them, never as a separate "fix snapshots" cleanup later.
23
+ - Scrub nondeterministic values (timestamps, ids, paths) from snapshots so they don't churn on every run.
@@ -0,0 +1,25 @@
1
+ ---
2
+ name: solidity-contract
3
+ description: Write a production-ready Solidity smart contract with tests, access control, and a deploy script
4
+ category: web3
5
+ ---
6
+
7
+ # Solidity Contract
8
+
9
+ Reach for this when implementing a new on-chain contract from scratch. Favor battle-tested libraries over hand-rolled logic.
10
+
11
+ 1. Pin a compiler: set an exact `pragma solidity 0.8.x;` and lock it in `foundry.toml`/`hardhat.config` (`evmVersion`, `optimizer`).
12
+ 2. Scaffold from OpenZeppelin: import vetted bases (`Ownable`/`AccessControl`, `ReentrancyGuard`, `Pausable`, `SafeERC20`) instead of writing your own.
13
+ 3. Define state and the external interface first: storage layout, events for every state change, custom errors instead of `require` strings.
14
+ 4. Implement with checks-effects-interactions order; mark functions `external`/`view`/`pure` correctly and add `onlyRole`/`onlyOwner` guards.
15
+ 5. Write tests (`forge test` or Hardhat): cover happy path, revert paths, access control, and at least one fuzz/invariant test.
16
+ 6. Add a deploy script (`forge script` or Hardhat deploy) that reads addresses/params from env, never hardcoded keys.
17
+ 7. Run `forge build`/`compile`, the test suite, and a linter (`solhint`) before declaring done.
18
+
19
+ ## Rules
20
+ - Never use `tx.origin` for auth; use `msg.sender` with explicit roles.
21
+ - Emit an event for every meaningful state mutation so off-chain indexers can follow.
22
+ - Validate all external inputs; reject zero addresses and zero amounts explicitly.
23
+ - Avoid `delegatecall`, `selfdestruct`, and assembly unless you can justify and test them.
24
+ - Keep funds-handling functions `nonReentrant` and follow checks-effects-interactions.
25
+ - Pin dependency versions (no floating `^`) for reproducible bytecode.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: speaker-notes
3
+ description: Write per-slide speaker notes that a presenter can deliver, added to each slide's notes pane.
4
+ category: pptx
5
+ ---
6
+
7
+ # Speaker Notes
8
+
9
+ Use when a deck needs a spoken script or presenter guidance — slides carry the headline, notes carry what the presenter actually says.
10
+
11
+ 1. Read each slide's headline and visuals to understand the point that slide must land.
12
+ 2. Write the notes as spoken language: the opening line, the key point, and a transition into the next slide.
13
+ 3. Keep each slide's notes to roughly 30-90 seconds of speech (about 75-200 words); trim anything the slide already shows.
14
+ 4. Add timing cues, the "so what" for any chart, and reminders for demos or audience questions.
15
+ 5. Write notes into `slide.notes_slide.notes_text_frame.text` in python-pptx (this auto-creates the notes slide).
16
+ 6. Read the notes end-to-end as a continuous script to check the narrative flows between slides.
17
+
18
+ ## Rules
19
+ - Notes are a script to speak, not bullet points to read aloud — write in full, natural sentences.
20
+ - Never just restate the slide text; add the context, story, or data interpretation behind it.
21
+ - Match the speaker's voice and the talk's time budget; cut ruthlessly if over.
22
+ - Always end a slide's notes with a one-line bridge to the next slide.
23
+ - Flag any claim that needs a source or a number the presenter must confirm.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: spike
3
+ description: Run a timeboxed exploration of an unknown and write up findings, a recommendation, and next steps
4
+ category: productivity
5
+ ---
6
+
7
+ # Spike
8
+
9
+ Use this when a task is too uncertain to estimate or plan — you need to learn something (a library, an API, a feasibility question) within a fixed time budget and report back, not ship production code.
10
+
11
+ 1. State the question the spike must answer and the timebox (e.g. "Can we stream this API's responses? — 60 min") before touching anything.
12
+ 2. List 2-4 concrete things to try or check, ordered cheapest-to-prove-first.
13
+ 3. Explore: prototype throwaway code, read docs/source, run experiments — keep notes on what you tried and what happened.
14
+ 4. Stop when the timebox ends OR the question is answered, whichever comes first; do not let scope creep into building the real thing.
15
+ 5. Write up findings: the answer, the evidence behind it, surprises/risks discovered, and a clear recommendation (do it / don't / need another spike).
16
+ 6. List the follow-up tasks the spike unblocked, and explicitly mark prototype code as throwaway.
17
+
18
+ ## Rules
19
+ - Honor the timebox — a spike that runs long has failed its own purpose; report partial findings instead.
20
+ - Optimize for learning, not quality: no tests, no polish, no refactors on spike code.
21
+ - Always end with a decision or recommendation; "it's complicated" is not an output.
22
+ - Keep prototype code on a scratch branch or clearly labeled dir so it never merges by accident.
23
+ - If you cannot answer within the box, say so and propose a narrower follow-up spike.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: split-file
3
+ description: Break a large file into focused modules without changing behavior
4
+ category: refactoring
5
+ ---
6
+
7
+ # Split File
8
+
9
+ Use when a file has grown to mix several responsibilities and is hard to navigate or test. Split along seams that already exist, not arbitrary line counts.
10
+
11
+ 1. Map the file's contents into groups by responsibility (types, helpers, one cohesive feature each).
12
+ 2. Identify the dependency direction between groups so new modules don't create import cycles.
13
+ 3. Move one group at a time into a new module, keeping names intact to minimize churn.
14
+ 4. Add imports/exports; update every external reference to point at the new location.
15
+ 5. Optionally keep the original file as a thin barrel that re-exports, to avoid touching many call sites at once.
16
+ 6. Build and run tests after each move; commit per extracted module.
17
+
18
+ ## Rules
19
+ - Split by responsibility, not by size — a 600-line file with one clear job may be fine as is.
20
+ - Watch for circular imports; if two new modules need each other, the seam is wrong — extract shared parts to a third.
21
+ - Keep public exports stable, or update all importers in the same change.
22
+ - Don't relocate code and edit its logic in the same step; move first, then refactor.
23
+ - Preserve file-level side effects (registration, init order) — moving them can change runtime behavior.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: spring-controller
3
+ description: Add a Spring Boot REST controller backed by a service and DTOs
4
+ category: frameworks
5
+ ---
6
+
7
+ # Spring Controller
8
+
9
+ Use to expose a new REST endpoint in a Spring Boot app, layering controller → service → repository with proper DTOs and status codes.
10
+
11
+ 1. Define request/response DTOs (records work well) and validation annotations (`@NotNull`, `@Size`, …) — don't expose entities directly.
12
+ 2. Create a `@RestController` with a class-level `@RequestMapping("/api/...")`; inject the service via constructor.
13
+ 3. Add handler methods with `@GetMapping`/`@PostMapping`/etc., binding `@RequestBody`/`@PathVariable`/`@RequestParam` and `@Valid` on bodies.
14
+ 4. Put business logic in a `@Service` bean; keep the controller to mapping, validation, and response shaping.
15
+ 5. Return `ResponseEntity<T>` with correct status codes; handle errors centrally via `@ControllerAdvice`/`@ExceptionHandler`.
16
+ 6. Run the app (`./mvnw spring-boot:run` or `./gradlew bootRun`) and exercise the endpoint with curl/HTTP client.
17
+
18
+ ## Rules
19
+ - Never serialize JPA entities over the wire — map to DTOs to avoid lazy-loading and over-exposure bugs.
20
+ - Use constructor injection (final fields), not field `@Autowired`.
21
+ - Validate input with `@Valid` and surface failures as 400s via a global exception handler, not stack traces.
22
+ - Keep controllers free of persistence/transaction logic; `@Transactional` belongs in the service layer.
23
+ - Choose accurate status codes (201 + `Location` on create, 404 on missing, 204 on delete).
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: sprite-anim
3
+ description: Build a frame-based sprite animation system driven by a texture atlas
4
+ category: gamedev
5
+ ---
6
+
7
+ # Sprite Animation
8
+
9
+ Use to play named animation clips (idle, run, attack) from a sprite sheet with correct timing and state transitions.
10
+
11
+ 1. Pack frames into an atlas and record each frame's source rect (x, y, w, h) plus pivot/origin.
12
+ 2. Define clips as ordered frame lists with per-clip frame duration (or per-frame durations) and a loop flag.
13
+ 3. Track playback state per entity: current clip, elapsed time, current frame index, playing/paused.
14
+ 4. Each update, advance elapsed by `dt`; while it exceeds the frame duration, subtract and step the frame index.
15
+ 5. At clip end, loop back to frame 0 or hold the last frame and fire an "animation finished" event.
16
+ 6. On render, draw the current frame's source rect to the destination, honoring the pivot for flips and rotation.
17
+
18
+ ## Rules
19
+ - Drive timing by accumulated `dt`, never by frame count, so speed is constant across frame rates.
20
+ - Keep animation state separate from gameplay state; a state machine decides which clip, the player just plays it.
21
+ - Use the pivot/origin for horizontal flips so the sprite does not visually jump on direction change.
22
+ - Disable texture filtering (use nearest) for pixel art to avoid bleeding between atlas frames; add padding/extrusion.
23
+ - Make non-looping clips emit a completion signal so transitions (attack→idle) are event-driven, not polled.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: sql-report
3
+ description: Write a correct, readable analytics SQL query or report
4
+ category: data-ml
5
+ ---
6
+
7
+ # SQL Report
8
+
9
+ Use when answering an analytics question with SQL — metrics, cohorts, funnels, time series — where correctness of grain and joins matters more than cleverness.
10
+
11
+ 1. State the question precisely: what's one row in the output (the grain), over what time window, and filtered how.
12
+ 2. Identify the base tables and their grain; confirm join keys are unique on at least one side to avoid fan-out.
13
+ 3. Build incrementally with CTEs — one logical step per CTE (filter, join, aggregate) — instead of nested subqueries.
14
+ 4. Aggregate with explicit GROUP BY matching the SELECT, and use window functions for running totals, ranks, and period-over-period.
15
+ 5. Guard against double counting from many-to-many joins; pre-aggregate to the right grain before joining.
16
+ 6. Sanity-check totals against a known number, check for NULLs in keys, and review the row count.
17
+
18
+ ## Rules
19
+ - Define the output grain first; most SQL bugs are a join that silently multiplies rows.
20
+ - Filter dates with half-open ranges (`>= start AND < end`) to avoid boundary and timezone errors.
21
+ - Beware aggregates over LEFT-joined NULLs — `COUNT(col)` skips NULLs, `SUM` treats them as zero; be intentional.
22
+ - Name CTEs for what they represent; avoid `SELECT *` in reports so the contract is explicit.
23
+ - Verify with a small spot-check (a single known entity) before trusting the aggregate.
@@ -0,0 +1,24 @@
1
+ ---
2
+ name: squash
3
+ description: Squash a feature branch into one clean commit before merging
4
+ category: git
5
+ ---
6
+
7
+ # Squash
8
+
9
+ Reach for this when a feature branch has many WIP/fixup commits and you want a single, well-described commit on the main history before merge.
10
+
11
+ 1. Update the base so the squash sits on current code: `git fetch origin` then `git rebase origin/main` (resolve conflicts if any).
12
+ 2. Count the commits to combine: `git log --oneline origin/main..HEAD`.
13
+ 3. Squash interactively: `git rebase -i origin/main`, keep the first as `pick`, change the rest to `squash` (keeps their messages) or `fixup` (discards them).
14
+ 4. Write one clear commit message in the editor that summarizes the whole change — subject line plus a body explaining the "why".
15
+ 5. Alternatively, for a no-rebase squash: `git reset --soft origin/main` then a single `git commit` — collapses all changes into one staged commit.
16
+ 6. Verify the tree is unchanged (`git diff origin/main` should match the branch's net effect) and tests pass, then `git push --force-with-lease`.
17
+ 7. Or skip local squashing entirely and use GitHub's "Squash and merge" button if the repo enables it.
18
+
19
+ ## Rules
20
+ - Squash only commits unique to your branch; never squash across commits others have based work on.
21
+ - Force-push the rewritten branch with `--force-with-lease`, never plain `--force`.
22
+ - Preserve the meaningful detail in the final message — don't reduce a real change to "fix stuff".
23
+ - `git reset --soft origin/main` is the simplest path when you just want everything as one commit and don't need to reorder.
24
+ - If the platform offers squash-merge, prefer it for shared branches so local history stays untouched.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: ssl-setup
3
+ description: Set up TLS certificates with Let's Encrypt and automate renewal
4
+ category: cloud
5
+ ---
6
+
7
+ # SSL Setup
8
+
9
+ Use this to get a domain onto HTTPS with a free, auto-renewing Let's Encrypt certificate — and to make sure renewal won't silently lapse.
10
+
11
+ 1. Confirm the domain's DNS A/AAAA record points at the server and ports 80/443 are reachable.
12
+ 2. Pick a challenge: HTTP-01 (certbot --webroot/--nginx) for a public server, or DNS-01 for wildcards and private hosts.
13
+ 3. Issue the cert with certbot (e.g. `certbot --nginx -d example.com -d www.example.com`), supplying a contact email.
14
+ 4. Wire the cert into the server (nginx/apache) and force HTTP→HTTPS redirects.
15
+ 5. Verify the chain and expiry with `openssl s_client -connect host:443` or an SSL Labs scan.
16
+ 6. Confirm auto-renewal: `certbot renew --dry-run` and ensure the systemd timer / cron job is active.
17
+
18
+ ## Rules
19
+ - Let's Encrypt certs last 90 days — renewal MUST be automated; a manual process will eventually expire.
20
+ - Test against the staging ACME endpoint first to avoid hitting rate limits on bad attempts.
21
+ - Use DNS-01 for wildcard (`*.example.com`) certs; HTTP-01 can't issue wildcards.
22
+ - Keep private keys `600` and owned by the service user; never commit them to git.
23
+ - After renewal, reload (not restart) the web server so it picks up the new cert with zero downtime.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: stacktrace
3
+ description: Read a stack trace and locate the root cause frame instead of fixing where the error surfaced
4
+ category: debugging
5
+ ---
6
+
7
+ # Stacktrace
8
+
9
+ Use when you have an exception, panic, or crash trace and need to find what actually went wrong. The top of the trace is where it blew up, not always where the bug lives.
10
+
11
+ 1. Read the exception type and message first — they often tell you the category (null/undefined, type mismatch, index, IO, timeout).
12
+ 2. Find the deepest frame that belongs to your code (skip framework/library frames) — that's usually where to start looking.
13
+ 3. Identify the exact line and the values involved: which variable was null, which index was out of range, which call failed.
14
+ 4. Walk up the trace to see how that bad value got there — trace the argument back to its origin (caller, config, input, prior call).
15
+ 5. Reproduce the failing call in isolation if possible, or add a log just above the failing line to inspect the inputs.
16
+ 6. Fix at the origin of the bad value, not merely at the line that threw.
17
+
18
+ ## Rules
19
+ - "Caused by" / chained exceptions matter most — read to the bottom of the chain for the original failure.
20
+ - Async/promise traces can be truncated or misleading; enable async stack traces or long-stack support when frames look orphaned.
21
+ - A line number can drift if the source was transpiled/minified — map back through source maps before trusting it.
22
+ - Don't wrap the throw site in try/catch to make the trace disappear; that hides the bug.
23
+ - If the trace is all library frames, the trigger is almost always the data or arguments you passed in.
@@ -0,0 +1,24 @@
1
+ ---
2
+ name: static-site
3
+ description: Scaffold a fast, framework-free static site with shared partials, clean URLs, and a simple build step.
4
+ category: html
5
+ ---
6
+
7
+ # Static Site
8
+
9
+ Reach for this when a site is mostly content (docs, blog, brochure) and a framework would be overkill. Plain HTML/CSS/JS deploys anywhere and stays fast for years.
10
+
11
+ 1. Lay out the tree: `index.html`, `/assets` (css, js, img), `/pages` for additional routes, and a `404.html`; keep one shared stylesheet.
12
+ 2. Factor repeated chrome (head, header, footer) into partials; assemble with a tiny tool (`eleventy`, `npx serve` + includes, or a 20-line build script) rather than copy-pasting.
13
+ 3. Write semantic, accessible markup with shared meta defaults; set `<html lang>`, viewport, and a single design-token CSS file using custom properties.
14
+ 4. Use clean URLs via directory `index.html` files (`/about/index.html` -> `/about/`); keep relative links portable.
15
+ 5. Optimize assets: minify CSS/JS, compress and size images, add `loading="lazy"`, and set long cache headers for hashed assets.
16
+ 6. Add a local dev loop (`python -m http.server` or `npx serve`) and a one-command build; output to a `dist/` folder for deploy.
17
+ 7. Generate `sitemap.xml` + `robots.txt` (see `sitemap` skill) and deploy to any static host (Netlify, Pages, S3, Cloudflare).
18
+
19
+ ## Rules
20
+ - No framework unless a real need appears; ship HTML/CSS and progressively enhance with vanilla JS.
21
+ - Keep the build reproducible and dependency-light; a script you can read beats a config you can't.
22
+ - Use relative or root-absolute links consistently so the site works under any subpath.
23
+ - Don't inline large data or base64 images into HTML; reference real asset files for caching.
24
+ - Always include `<meta name="viewport">` and a `lang` attribute; test with JS disabled.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: structured-logging
3
+ description: Adopt structured, leveled JSON logging with consistent fields and correlation IDs
4
+ category: observability
5
+ ---
6
+
7
+ # Structured Logging
8
+
9
+ Reach for this when grep-on-plaintext logs stop scaling — you need to filter, aggregate, and correlate logs in a log backend.
10
+
11
+ 1. Pick a structured logger (pino, zap, structlog, slog) and configure JSON output to stdout; let the platform handle shipping.
12
+ 2. Define a base logger with always-present fields: `service`, `env`, `version`, and a `level`.
13
+ 3. Bind request-scoped context (`request_id`, `trace_id`, `user_id` if non-PII) via child loggers / context so every line in a request shares correlation keys.
14
+ 4. Use levels deliberately: `error` for actionable failures, `warn` for recoverable anomalies, `info` for lifecycle events, `debug` for diagnostics off by default in prod.
15
+ 5. Log events as `message` + structured fields, never string-concatenated values (`log.info('order placed', { order_id, amount })`).
16
+ 6. Set log level from an env var and confirm JSON parses and correlation IDs thread through a sample request.
17
+
18
+ ## Rules
19
+ - Never log secrets, tokens, passwords, full card/PII; add a redaction list and apply it at the logger, not per call site.
20
+ - One event per log line; don't split a single event across multiple lines.
21
+ - Reuse field names consistently across the codebase (`user_id` everywhere, not `userId`/`uid`).
22
+ - Don't log inside hot loops at `info`; guard expensive payloads behind level checks.
23
+ - Include `trace_id` so logs join traces; emit it from the same context source.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: svelte-store
3
+ description: Create and consume Svelte stores for shared cross-component state
4
+ category: frameworks
5
+ ---
6
+
7
+ # Svelte Store
8
+
9
+ Use when state must be shared across components or live outside the component tree — reach for a store instead of prop-drilling.
10
+
11
+ 1. Create a module (e.g. `src/lib/stores.js`) and export a `writable(initial)` for mutable state or `readable` for external/read-only sources.
12
+ 2. For derived state, use `derived(source, ($source) => ...)` so it recomputes automatically.
13
+ 3. In components, subscribe with the `$store` auto-subscription in markup and script — Svelte handles unsubscribe.
14
+ 4. Update state via `store.set(value)` or `store.update(prev => next)`; for `$store = x` shorthand, ensure you're in a component.
15
+ 5. For encapsulated logic, wrap the store in a factory returning `{ subscribe, ...customMethods }` (the custom-store pattern).
16
+ 6. Verify reactivity across components and that no manual subscription leaks (prefer `$` over `.subscribe` in components).
17
+
18
+ ## Rules
19
+ - Use the `$` prefix in components to auto-subscribe and auto-unsubscribe; only call `.subscribe()` manually outside components, and always clean it up.
20
+ - `readable` needs a stop/cleanup function returned from its start callback for timers/listeners.
21
+ - Don't put non-serializable or per-request state in a module-level store in SSR contexts — it's shared across requests.
22
+ - Keep store mutation logic in the store module (custom stores), not scattered across components.
23
+ - `derived` is read-only; never try to `set` a derived store.
@@ -0,0 +1,23 @@
1
+ ---
2
+ name: swiftui-view
3
+ description: Build a SwiftUI view with state and two-way bindings
4
+ category: mobile
5
+ ---
6
+
7
+ # SwiftUI View
8
+
9
+ Reach for this when building a SwiftUI view that holds local state and drives child controls through two-way `Binding`s (toggles, text fields, sliders, sheets).
10
+
11
+ 1. Define a `struct` conforming to `View` and implement the `var body: some View` computed property.
12
+ 2. Pick the right property wrapper: `@State` for value-type state owned by this view, `@Binding` for state owned by a parent, `@Observable`/`@StateObject` for reference-type models.
13
+ 3. Pass mutable state down with the `$` projected value (e.g. `Toggle("On", isOn: $isOn)`) so child controls write back.
14
+ 4. Compose layout with `VStack`/`HStack`/`ZStack` and modifiers; keep `body` declarative and free of side effects.
15
+ 5. Add a `#Preview` (or `PreviewProvider`) covering the key states so you can iterate in the canvas without a full build.
16
+ 6. Drive side effects with `.task`, `.onAppear`, or `.onChange(of:)` — not from inside `body`.
17
+
18
+ ## Rules
19
+ - Own a piece of state in exactly one place: `@State` at the source, `@Binding` for children — never duplicate it.
20
+ - `@State` properties should be `private`; expose mutation through bindings, not public vars.
21
+ - Keep `body` a pure function of state; do networking and persistence in `.task`/model methods.
22
+ - Break large `body` blocks into smaller subviews or `@ViewBuilder` computed properties to keep the type-checker fast.
23
+ - Use `@StateObject` to create an observable model once; use `@ObservedObject`/`@Bindable` only when it's injected from outside.