agentic-qe 1.6.0 → 1.7.0

package/.claude/skills/brutal-honesty-review/resources/assessment-rubrics.md

@@ -0,0 +1,295 @@
+# Assessment Rubrics for Brutal Honesty Reviews
+
+## Code Quality Rubric (Linus Mode)
+
+### Correctness
+| Level | Criteria | Example |
+|-------|----------|---------|
+| 🔴 **Failing** | Wrong algorithm, logic errors, crashes | `null` pointer dereference, off-by-one errors |
+| 🟡 **Passing** | Works in tested cases, no obvious bugs | Handles expected inputs correctly |
+| 🟢 **Excellent** | Proven correct across edge cases | Property-based tests, formal verification |
+
+### Performance
+| Level | Criteria | Example |
+|-------|----------|---------|
+| 🔴 **Failing** | Naive O(n²) where O(n) exists | Nested loops for searchable data |
+| 🟡 **Passing** | Acceptable complexity for scale | O(n log n) for reasonable n |
+| 🟢 **Excellent** | Optimal algorithm + profiled | Cached, indexed, benchmarked |
+
+### Error Handling
+| Level | Criteria | Example |
+|-------|----------|---------|
+| 🔴 **Failing** | Crashes on invalid input | Uncaught exceptions, panics |
+| 🟡 **Passing** | Returns error codes/exceptions | `try/catch`, error returns |
+| 🟢 **Excellent** | Graceful degradation + logging | Circuit breakers, retry logic |
+
+### Concurrency Safety
+| Level | Criteria | Example |
+|-------|----------|---------|
+| 🔴 **Failing** | Race conditions, deadlocks | Shared mutable state, no locks |
+| 🟡 **Passing** | Thread-safe with locks | Proper mutex usage |
+| 🟢 **Excellent** | Lock-free or proven safe | Immutable data, atomic operations |
+
+### Testability
+| Level | Criteria | Example |
+|-------|----------|---------|
+| 🔴 **Failing** | Impossible to unit test | Hard-coded dependencies, global state |
+| 🟡 **Passing** | Can be tested with mocks | Dependency injection |
+| 🟢 **Excellent** | Self-testing design | Pure functions, property-based |
+
+### Maintainability
+| Level | Criteria | Example |
+|-------|----------|---------|
+| 🔴 **Failing** | "Clever" code, unclear intent | Obfuscated logic, magic numbers |
+| 🟡 **Passing** | Clear intent, reasonable | Named variables, comments |
+| 🟢 **Excellent** | Self-documenting + simple | Obvious code, minimal complexity |
+
+**Passing Threshold**: Minimum 🟡 on ALL criteria
+**Ship-Ready**: Minimum 🟢 on Correctness, Performance, Error Handling
+
+---
+
+## Test Quality Rubric (Ramsay Mode)
+
+### Coverage
+| Level | Criteria | Acceptable % |
+|-------|----------|--------------|
+| 🔴 **Raw** | Only happy path | <50% branch |
+| 🟡 **Acceptable** | Common failures covered | 80%+ branch |
+| 🟢 **Michelin Star** | Complete boundary analysis | 95%+ branch + mutation tested |
+
+### Edge Case Testing
+| Level | Criteria | Example |
+|-------|----------|---------|
+| 🔴 **Raw** | Only happy path tested | `test('adds 2+2')` |
+| 🟡 **Acceptable** | Common failures tested | Null, empty, invalid input |
+| 🟢 **Michelin Star** | Boundary analysis complete | Min/max values, overflow, underflow |
+
+### Test Clarity
+| Level | Criteria | Example |
+|-------|----------|---------|
+| 🔴 **Raw** | Unclear what's being tested | `test('test1')` |
+| 🟡 **Acceptable** | Clear test names | `test('handles null input')` |
+| 🟢 **Michelin Star** | Self-documenting test pyramid | Given-When-Then, BDD style |
+
+### Speed
+| Level | Criteria | Example |
+|-------|----------|---------|
+| 🔴 **Raw** | Minutes to run unit tests | Calls real database/network |
+| 🟡 **Acceptable** | <10s for unit tests | Mocked dependencies |
+| 🟢 **Michelin Star** | <1s, parallelized | Pure functions, in-memory |
+
+### Stability
+| Level | Criteria | Flake Rate |
+|-------|----------|------------|
+| 🔴 **Raw** | Flaky, timing-dependent | >1% failure rate |
+| 🟡 **Acceptable** | Stable but potentially slow | 0% flake, deterministic |
+| 🟢 **Michelin Star** | Deterministic + fast | 0% flake, <100ms per test |
+
+### Isolation
+| Level | Criteria | Example |
+|-------|----------|---------|
+| 🔴 **Raw** | Tests depend on each other | Shared state, execution order matters |
+| 🟡 **Acceptable** | Independent tests | Each test sets up own state |
+| 🟢 **Michelin Star** | Pure functions, no shared state | Immutable, stateless |
+
+**Merge Threshold**: Minimum 🟡 on ALL criteria
+**Production-Ready**: Minimum 🟢 on Coverage, Stability, Isolation
+
+---
+
+## BS Detection Rubric (Bach Mode)
+
+### Red Flags in Testing Practices
+
+| Red Flag | Evidence | Impact | Harshness Level |
+|----------|----------|--------|-----------------|
+| **Cargo Cult Practice** | "Best practice" with no context | Wasted effort, false confidence | 🟡 Harsh |
+| **Certification Theater** | Required cert unrelated to actual skills | Filters out critical thinkers | 🟢 Brutal |
+| **Vendor Lock-In** | Tool solves problem it created | Expensive dependency | 🟡 Harsh |
+| **False Automation** | "AI testing" still needs human verification | Automation debt | 🟡 Harsh |
+| **Checkbox Quality** | Compliance without outcome measurement | Audit passes, customers suffer | 🟢 Brutal |
+| **Hype Cycle** | Promises 10x improvement without evidence | Budget waste, disillusionment | 🟡 Harsh |
+| **Coverage Theater** | 100% coverage of trivial code | False sense of quality | 🟡 Harsh |
+| **Test Script Slavery** | Following test cases without thinking | Misses actual bugs | 🟢 Brutal |
+| **Magic Tool Thinking** | Tool will solve all problems | Dependency without skill growth | 🟡 Harsh |
+| **Certification Over Competence** | Hiring based on credentials, not ability | Weak team, strong resumes | 🟢 Brutal |
+
+### Green Flag Test
+
+Ask these questions about any practice/tool/certification:
+
+1. **Does this help testers/developers do better work in THIS context?**
+   - If yes → Worth considering
+   - If no → BS alert
+
+2. **Who benefits economically from this?**
+   - Vendor/Consultant more than users → BS alert
+   - Users demonstrably benefit → Potentially useful
+
+3. **Can you measure the impact?**
+   - Measurable outcomes → Worth evaluating
+   - Vague claims → BS alert
+
+4. **Does this promote thinking or compliance?**
+   - Critical thinking → Good
+   - Checkbox compliance → BS alert
+
+5. **What happens if you don't adopt this?**
+   - Concrete negative consequence → Worth considering
+   - FOMO, vendor says so → BS alert
+
+---
+
+## Calibration Matrix
+
+### When to Be Brutal
+
+| Scenario | Linus | Ramsay | Bach | Notes |
+|----------|-------|--------|------|-------|
+| **Senior engineer, repeated mistake** | ✅ | ✅ | ✅ | They should know better |
+| **Critical security bug** | ✅ | ✅ | ❌ | Technical precision needed |
+| **Production incident** | ✅ | ✅ | ❌ | No time for sugar-coating |
+| **Vendor evaluating claims** | ❌ | ❌ | ✅ | BS detection prevents waste |
+| **Team explicitly requests no-BS** | ✅ | ✅ | ✅ | Permission granted |
+| **Certification/process evaluation** | ❌ | ❌ | ✅ | Bach's specialty |
+
+### When to Dial Back
+
+| Scenario | Instead Use | Reason |
+|----------|-------------|--------|
+| **Junior dev, first PR** | Constructive mentoring | Build confidence |
+| **Demoralized team** | Supportive guidance | Rebuild trust |
+| **Public forum** | Private feedback | Avoid humiliation |
+| **Unclear if fixable** | Collaborative problem-solving | Avoid frustration |
+| **Personal, not technical** | Empathy + support | Not a code issue |
+
+---
+
+## Scoring Guide
+
+### Overall Code Review Score (Linus Mode)
+
+```
+Score = (Correctness × 3) + (Performance × 2) + (Error Handling × 3) +
+        (Concurrency × 2) + (Testability × 1) + (Maintainability × 1)
+
+Maximum: 60 points (all Excellent)
+Passing: 36 points (all Passing)
+Failing: <36 points
+
+Harshness Level:
+- 0-24 points: 🔴 Brutal ("This is fundamentally broken")
+- 25-35 points: 🟡 Harsh ("Multiple issues need addressing")
+- 36-48 points: 🟢 Direct ("Some improvements needed")
+- 49-60 points: ⚪ Professional ("Minor suggestions")
+```
+
+### Test Suite Score (Ramsay Mode)
+
+```
+Score = (Coverage × 3) + (Edge Cases × 3) + (Clarity × 1) +
+        (Speed × 1) + (Stability × 3) + (Isolation × 1)
+
+Maximum: 60 points (all Michelin Star)
+Merge Threshold: 36 points (all Acceptable)
+Failing: <36 points
+
+Harshness Level:
+- 0-24 points: 🔴 Brutal ("This is RAW. Don't serve it.")
+- 25-35 points: 🟡 Harsh ("You know what good looks like.")
+- 36-48 points: 🟢 Direct ("Close, but needs refinement.")
+- 49-60 points: ⚪ Professional ("Well done, minor polish.")
+```
+
+### BS Detection Score (Bach Mode)
+
+```
+Red Flags: Count from BS Detection Rubric
+Green Flags: Passes all 5 Green Flag Tests
+
+Score = (Green Flags × 20) - (Red Flags × 10)
+
+Maximum: 100 (all green flags, no red flags)
+Acceptable: 50+ (more green than red)
+BS Alert: <50 (more red than green)
+
+Harshness Level:
+- Negative score: 🔴 Brutal ("This is harmful")
+- 0-40: 🟡 Harsh ("This is questionable")
+- 41-70: 🟢 Direct ("Some concerns")
+- 71-100: ⚪ Professional ("Reasonable approach")
+```
+
+---
+
+## Example Assessments
+
+### Code Review Example (Linus Mode)
+
+**Code**: Database query in HTTP handler without connection pooling
+
+**Assessment**:
+- Correctness: 🔴 Failing (connection leak)
+- Performance: 🔴 Failing (O(n) connections)
+- Error Handling: 🟡 Passing (has try/catch)
+- Concurrency: 🔴 Failing (connection exhaustion)
+- Testability: 🟡 Passing (can mock)
+- Maintainability: 🟡 Passing (clear intent)
+
+**Score**: (0×3) + (0×2) + (1×3) + (0×2) + (1×1) + (1×1) = 5/60
+
+**Harshness**: 🔴 Brutal
+
+**Feedback**:
+> "This is fundamentally broken. You're creating a new database connection
+> for every HTTP request without pooling. Under load, you'll exhaust
+> connections in seconds. Did you even test this with concurrent users?
+>
+> Use a connection pool. This is Database 101."
+
+---
+
+### Test Suite Example (Ramsay Mode)
+
+**Tests**: 15 tests, all happy path, no edge cases
+
+**Assessment**:
+- Coverage: 🔴 Raw (35% branch)
+- Edge Cases: 🔴 Raw (none tested)
+- Clarity: 🟡 Acceptable (clear names)
+- Speed: 🟢 Michelin (fast)
+- Stability: 🟢 Michelin (no flakes)
+- Isolation: 🟡 Acceptable (independent)
+
+**Score**: (0×3) + (0×3) + (1×1) + (2×1) + (2×3) + (1×1) = 9/60
+
+**Harshness**: 🔴 Brutal
+
+**Feedback**:
+> "Look at this. You've got 15 tests and 14 of them are happy path.
+> Where's the validation testing? Where's the error handling?
+>
+> This is RAW. You're testing if the code runs, not if it's correct.
+> Don't merge this."
+
+---
+
+### BS Detection Example (Bach Mode)
+
+**Claim**: "Our AI-powered test automation eliminates manual testing"
+
+**Assessment**:
+- Red Flags: Hype Cycle, Magic Tool Thinking, False Automation
+- Green Flags: 0/5 (fails all tests)
+
+**Score**: (0×20) - (3×10) = -30/100
+
+**Harshness**: 🔴 Brutal
+
+**Feedback**:
+> "This is vendor hype. 'AI-powered' doesn't eliminate the need for humans
+> to define test oracles, handle edge cases, or investigate failures.
+>
+> The real question: Does this tool help YOUR testers on YOUR product
+> in YOUR context? If you can't answer specifically, you're buying hype."

package/.claude/skills/brutal-honesty-review/resources/review-template.md

@@ -0,0 +1,102 @@
+# Brutal Honesty Review Template
+
+## Review Type
+- [ ] Linus Mode (Technical Precision)
+- [ ] Ramsay Mode (Standards-Driven Quality)
+- [ ] Bach Mode (BS Detection)
+
+---
+
+## What's Broken
+
+[Surgical description of the problem - be specific, not vague]
+
+**Evidence**:
+```
+[Code snippet, claim, or practice being reviewed]
+```
+
+---
+
+## Why It's Wrong
+
+[Technical/logical explanation - facts, not opinions]
+
+**Fundamental Issue**:
+- Root cause:
+- Why this matters:
+- When it breaks:
+
+---
+
+## What Correct Looks Like
+
+[Clear model of excellence - show, don't just tell]
+
+**Best Practice**:
+```
+[Example of correct approach]
+```
+
+**Why This Works**:
+- Reason 1:
+- Reason 2:
+- Reason 3:
+
+---
+
+## How to Fix It
+
+[Actionable steps - specific to context]
+
+1. **Immediate Fix**:
+   ```bash
+   [Command or code change]
+   ```
+
+2. **Verify Fix**:
+   ```bash
+   [How to test the fix]
+   ```
+
+3. **Prevent Recurrence**:
+   - [ ] Add test coverage
+   - [ ] Update documentation
+   - [ ] Review similar code
+
+---
+
+## Why This Matters
+
+**Impact if Not Fixed**:
+- [ ] Security vulnerability
+- [ ] Performance degradation
+- [ ] Data corruption
+- [ ] User experience failure
+- [ ] Technical debt
+- [ ] Team velocity reduction
+
+**Priority**: 🔴 Critical | 🟡 High | 🟢 Medium | ⚪ Low
+
+---
+
+## Harshness Calibration
+
+**Audience**: [Junior/Mid/Senior]
+**Context**: [First offense/Repeated mistake/Critical bug]
+**Delivery**: [Private/Team review/Public]
+
+**Tone Level**:
+- [ ] Level 1 - Direct (experienced engineers)
+- [ ] Level 2 - Harsh (repeated mistakes)
+- [ ] Level 3 - Brutal (critical issues/willful ignorance)
+
+---
+
+## Follow-Up
+
+- [ ] Reviewed by recipient
+- [ ] Fix implemented
+- [ ] Tests added
+- [ ] Documentation updated
+- [ ] Knowledge shared with team

package/.claude/skills/brutal-honesty-review/scripts/assess-code.sh

@@ -0,0 +1,179 @@
+#!/bin/bash
+# Brutal Honesty Code Assessment Script (Linus Mode)
+
+set -e
+
+# Colors
+RED='\033[0;31m'
+YELLOW='\033[1;33m'
+GREEN='\033[0;32m'
+NC='\033[0m' # No Color
+
+echo "🔥 BRUTAL HONESTY CODE ASSESSMENT (Linus Mode)"
+echo "================================================"
+echo ""
+
+# Check if file argument provided
+if [ -z "$1" ]; then
+    echo "Usage: $0 <file-or-directory>"
+    exit 1
+fi
+
+TARGET="$1"
+
+# Function to assess correctness
+assess_correctness() {
+    echo "📊 CORRECTNESS CHECK"
+    echo "-------------------"
+
+    # Check for common bug patterns
+    if grep -r "TODO\|FIXME\|BUG\|HACK" "$TARGET" 2>/dev/null; then
+        echo -e "${RED}🔴 FAILING: Found TODO/FIXME/BUG/HACK comments${NC}"
+        echo "   → This code admits it's broken. Fix it before review."
+        return 0
+    fi
+
+    # Check for error-prone patterns
+    if grep -r "null\|undefined" "$TARGET" 2>/dev/null | grep -v "!== null" | grep -v "!== undefined" > /dev/null; then
+        echo -e "${YELLOW}🟡 WARNING: Potential null/undefined issues${NC}"
+        echo "   → Are you handling null cases properly?"
+    fi
+
+    echo -e "${GREEN}✓ No obvious correctness issues${NC}"
+}
+
+# Function to assess performance
+assess_performance() {
+    echo ""
+    echo "⚡ PERFORMANCE CHECK"
+    echo "-------------------"
+
+    # Check for nested loops (potential O(n²))
+    nested_loops=$(grep -r "for.*{" "$TARGET" | wc -l)
+    if [ "$nested_loops" -gt 5 ]; then
+        echo -e "${RED}🔴 FAILING: Found $nested_loops loops${NC}"
+        echo "   → Are you creating O(n²) complexity where O(n) exists?"
+        echo "   → Use hash maps, sets, or better algorithms."
+    fi
+
+    # Check for synchronous I/O in hot paths
+    if grep -r "readFileSync\|writeFileSync" "$TARGET" 2>/dev/null; then
+        echo -e "${RED}🔴 FAILING: Synchronous file I/O detected${NC}"
+        echo "   → You're blocking the event loop. Use async operations."
+    fi
+
+    echo -e "${GREEN}✓ No obvious performance issues${NC}"
+}
+
+# Function to assess error handling
+assess_error_handling() {
+    echo ""
+    echo "🛡️  ERROR HANDLING CHECK"
+    echo "----------------------"
+
+    # Check for try/catch usage
+    try_count=$(grep -r "try\|catch" "$TARGET" 2>/dev/null | wc -l)
+    if [ "$try_count" -eq 0 ]; then
+        echo -e "${RED}🔴 FAILING: No error handling found${NC}"
+        echo "   → What happens when this code fails? It crashes."
+    else
+        echo -e "${GREEN}✓ Found error handling (verify it's sufficient)${NC}"
+    fi
+
+    # Check for empty catch blocks
+    if grep -A 1 "catch" "$TARGET" 2>/dev/null | grep -q "^\s*}"; then
+        echo -e "${RED}🔴 FAILING: Empty catch blocks detected${NC}"
+        echo "   → Swallowing errors silently is worse than crashing."
+    fi
+}
+
+# Function to assess concurrency
+assess_concurrency() {
+    echo ""
+    echo "🔀 CONCURRENCY CHECK"
+    echo "-------------------"
+
+    # Check for global state mutations
+    if grep -r "global\.\|window\." "$TARGET" 2>/dev/null; then
+        echo -e "${YELLOW}🟡 WARNING: Global state mutations detected${NC}"
+        echo "   → Are you handling concurrent access safely?"
+    fi
+
+    # Check for race condition patterns
+    if grep -r "setTimeout\|setInterval" "$TARGET" 2>/dev/null; then
+        echo -e "${YELLOW}🟡 WARNING: Timing-based code detected${NC}"
+        echo "   → Are you creating race conditions?"
+    fi
+
+    echo -e "${GREEN}✓ Review concurrency manually${NC}"
+}
+
+# Function to assess testability
+assess_testability() {
+    echo ""
+    echo "🧪 TESTABILITY CHECK"
+    echo "-------------------"
+
+    # Check if tests exist
+    if [ -d "tests" ] || [ -d "test" ] || [ -d "__tests__" ]; then
+        echo -e "${GREEN}✓ Test directory exists${NC}"
+    else
+        echo -e "${RED}🔴 FAILING: No test directory found${NC}"
+        echo "   → Where are the tests? Did you even test this?"
+    fi
+
+    # Check for dependency injection
+    if grep -r "new\s\+\w\+(" "$TARGET" 2>/dev/null | grep -v "Error\|Date" > /dev/null; then
+        echo -e "${YELLOW}🟡 WARNING: Hard-coded dependencies detected${NC}"
+        echo "   → Use dependency injection for testability."
+    fi
+}
+
+# Function to assess maintainability
+assess_maintainability() {
+    echo ""
+    echo "🔧 MAINTAINABILITY CHECK"
+    echo "-----------------------"
+
+    # Check function length (should be <50 lines)
+    if [ -f "$TARGET" ]; then
+        long_functions=$(awk '/^function|^const.*=>/ {start=NR} /^}/ {if(NR-start>50) print "Line",start}' "$TARGET" | wc -l)
+        if [ "$long_functions" -gt 0 ]; then
+            echo -e "${YELLOW}🟡 WARNING: Found $long_functions functions >50 lines${NC}"
+            echo "   → Break down complex functions."
+        fi
+    fi
+
+    # Check for magic numbers
+    if grep -rE "\s[0-9]{3,}" "$TARGET" 2>/dev/null | grep -v "1000\|2000" > /dev/null; then
+        echo -e "${YELLOW}🟡 WARNING: Magic numbers detected${NC}"
+        echo "   → Use named constants."
+    fi
+
+    echo -e "${GREEN}✓ Review code clarity manually${NC}"
+}
+
+# Run all assessments
+assess_correctness
+assess_performance
+assess_error_handling
+assess_concurrency
+assess_testability
+assess_maintainability
+
+# Final verdict
+echo ""
+echo "================================================"
+echo "🎯 FINAL VERDICT"
+echo "================================================"
+echo ""
+echo "Review the findings above. If you see multiple 🔴 FAILING marks,"
+echo "this code is NOT ready for review."
+echo ""
+echo "Expected standards:"
+echo "  - All error paths handled"
+echo "  - No obvious performance issues"
+echo "  - Tests exist and pass"
+echo "  - Code is clear and maintainable"
+echo ""
+echo "If you wouldn't deploy this to production, don't submit it for review."