anchi-kit 1.1.9 → 1.2.0

package/.antigravity/agent-skill-index.yaml

@@ -1,4 +1,4 @@
-# Agent-Skill Index
+# Agent-Skill Index (v1.2.0 - Pack Based)
 # Reference mapping for agent capabilities and skill assignments
 # ═══════════════════════════════════════════════════════════════
 
@@ -7,432 +7,109 @@
 # ═══════════════════════════════════════════════════════════════
 
 agents:
-  # ─────────────────────── Development ───────────────────────
+  # ... (Agents definitions remain largely same, but simplified primary_skills)
   fullstack-developer:
-    capabilities:
-      - frontend_development
-      - backend_development
-      - api_design
-      - database_queries
-    boundaries:
-      - NOT: security_audit → security-auditor
-      - NOT: infrastructure → devops-engineer
-      - NOT: pure_ui_design → ui-ux-designer
-    primary_skills:
-      - frontend-development
-      - backend-development
-
-      - web-frameworks
-      - engineering-discipline
-    secondary_skills:
-      - databases
-      - testing
-    confidence:
-      frontend: 0.9
-      backend: 0.85
-      devops: 0.3
-    typical_commands:
-      - /do
-      - /generate
-      
-  debugger:
-    capabilities:
-      - error_analysis
-      - performance_diagnosis
-      - log_analysis
-      - interactive_probing # Inject logs -> Test -> Analyze
-    boundaries:
-      - NOT: code_writing → fullstack-developer
-    primary_skills:
-      - debugging
-      - chrome-devtools
-    typical_commands:
-      - /do "fix"
-      
-  tester:
-    capabilities:
-      - unit_testing
-      - integration_testing
-      - e2e_testing
-    primary_skills:
-      - testing
-    typical_commands:
-      - /test
-
-  # ─────────────────────── Design ───────────────────────
+    capabilities: [frontend, backend, api_design, database]
+    primary_skills: [pack-frontend, pack-backend]
+  
   ui-ux-designer:
-    capabilities:
-      - ui_design
-      - ux_flow
-      - design_system
-    boundaries:
-      - NOT: backend_logic → fullstack-developer
-      - NOT: database → database-admin
-    primary_skills:
-      - ui-styling
-      - frontend-development
-    never_skills:
-      - databases
-      - devops
-    typical_commands:
-      - /design
-      
-  design-system-architect:
-    capabilities:
-      - component_library
-      - design_tokens
-      - theming
-    primary_skills:
-      - ui-styling
-      - frontend-development
-    typical_commands:
-      - /theme
-      - /design --library
-
-  # ─────────────────────── Architecture ───────────────────────
-  ddd-architect:
-    capabilities:
-      - domain_modeling
-      - bounded_contexts
-      - event_storming
-    boundaries:
-      - NOT: implementation → fullstack-developer
-    primary_skills:
-      - backend-development
-      - databases
-    escalation_from:
-      - fullstack-developer
-    typical_commands:
-      - /design --domain
-      
+    capabilities: [ui_design, ux_flow]
+    primary_skills: [pack-frontend]
+    
   database-admin:
-    capabilities:
-      - schema_design
-      - query_optimization
-      - migration_planning
-    primary_skills:
-      - databases
-    escalation_from:
-      - fullstack-developer
-    typical_commands:
-      - /do (database-related)
+    capabilities: [schema_design, optimization]
+    primary_skills: [pack-backend]
 
-  # ─────────────────────── Security ───────────────────────
-  security-auditor:
-    capabilities:
-      - security_review
-      - vulnerability_scan
-      - auth_audit
-    primary_skills:
-      - security-best-practices
-      - authentication
-    never_skills:
-      - shopify
-    escalation_from:
-      - fullstack-developer
-      - database-admin
-    typical_commands:
-      - /review --security
-      
-  # ─────────────────────── Operations ───────────────────────
   devops-engineer:
-    capabilities:
-      - deployment
-      - ci_cd
-      - infrastructure
-    primary_skills:
-      - devops
-    typical_commands:
-      - /do (deployment-related)
-      - /demo
-      
-  git-manager:
-    capabilities:
-      - git_operations
-      - branch_management
-      - pr_creation
-    primary_skills:
-      - git
-    typical_commands:
-      - /commit
+    capabilities: [deployment, ci_cd]
+    primary_skills: [pack-devops]
 
-  # ─────────────────────── Content ───────────────────────
-  docs-manager:
-    capabilities:
-      - documentation
-      - api_docs
-      - readme
-    primary_skills:
-      - document-skills
-    typical_commands:
-      - /docs
-      
-  copywriter:
-    capabilities:
-      - content_writing
-      - ux_copy
-      - error_messages
-    primary_skills:
-      - document-skills
-    typical_commands:
-      - /do (content-related)
+  security-auditor:
+    capabilities: [security_review]
+    primary_skills: [pack-quality, pack-backend]
 
-  # ─────────────────────── Research ───────────────────────
-  researcher:
-    capabilities:
-      - technology_research
-      - best_practices
-      - comparison
-    primary_skills:
-      - web-search
-    typical_commands:
-      - /scout --external
-      - /skill-learn
-      
-  scout:
-    capabilities:
-      - codebase_exploration
-      - pattern_recognition
-    typical_commands:
-      - /scout
+  tester:
+    capabilities: [testing]
+    primary_skills: [pack-quality]
 
-  # ─────────────────────── Planning ───────────────────────
-  planner:
-    capabilities:
-      - task_breakdown
-      - estimation
-      - dependency_analysis
+  ddd-architect:
+    capabilities: [architecture]
+    primary_skills: [pack-architecture, pack-backend]
 
-      - parallel_workstream_planning
-    primary_skills:
-      - engineering-discipline # Planner must follow rules too
-    typical_commands:
-      - /do --plan-only
-      
-  project-manager:
-    capabilities:
-      - project_overview
-      - status_reporting
-      - team_coordination
-    typical_commands:
-      - /status
-      
-  # ─────────────────────── Optimization ───────────────────────
-  failure-analyst:
-    capabilities:
-      - root_cause_analysis
-      - pattern_recognition
-    typical_commands:
-      - /audit
-      
-  rules-architect:
-    capabilities:
-      - rule_definition
-      - failure_mode_prevention
-    escalation_from:
-      - failure-analyst
+  scout:
+    capabilities: [research]
+    primary_skills: [pack-ai, pack-productivity]
 
+  planner:
+    capabilities: [planning]
+    primary_skills: [pack-architecture]
+    
 # ═══════════════════════════════════════════════════════════════
-# SKILL INDEX
+# SKILL SHORTCUTS (Mapping to Packs)
 # ═══════════════════════════════════════════════════════════════
 
 skills:
-  frontend-development:
-    agents: [fullstack-developer, ui-ux-designer]
-    activation:
-      - file_pattern: ["*.tsx", "*.jsx", "*.vue"]
-      - folder: ["components/", "pages/", "app/"]
-      
-  backend-development:
-    agents: [fullstack-developer, database-admin]
-    activation:
-      - file_pattern: ["*.ts", "*.js"]
-      - folder: ["api/", "server/", "src/lib/"]
-      
-  databases:
-    agents: [fullstack-developer, database-admin, ddd-architect]
-    activation:
-      - file: ["prisma/schema.prisma", "drizzle.config.ts"]
-      - keyword: ["database", "query", "migration"]
-      
-  payment-integration:
-    agents: [fullstack-developer]
-    activation:
-      - keyword: ["payment", "stripe", "checkout"]
-      - package: ["stripe", "@stripe/stripe-js"]
-    requires_security_review: true
-    
-  better-auth:
-    agents: [fullstack-developer, security-auditor]
-    activation:
-      - keyword: ["auth", "login", "session"]
-      - package: ["next-auth", "better-auth"]
-      
-  testing:
-    agents: [tester, fullstack-developer]
-    activation:
-      - command: ["/test"]
-      - file_pattern: ["*.test.ts", "*.spec.ts"]
-      
-  ui-styling:
-    agents: [ui-ux-designer, design-system-architect]
-    activation:
-      - keyword: ["style", "theme", "css"]
-      - package: ["tailwindcss", "styled-components"]
-
-  # ─────────────────────── Engineering Discipline (Enforced) ───────────────────────
-  engineering-discipline:
-    agents: [fullstack-developer, ddd-architect, git-manager]
-    activation:
-      - command: ["/do", "/integrate", "/commit"]
-    rules:
-      - planning-first
-      - incremental-change
-      - verify-before-commit
-
-  # ─────────────────────── Comprehensive Review ───────────────────────
-  comprehensive-review:
-    agents: [code-reviewer]
-    activation:
-      - command: ["/review"]
-    rules:
-      - readability
-      - maintainability
-      - complexity
+  # Frontend
+  frontend-development: { pack: frontend }
+  ui-styling: { pack: frontend }
+  react: { pack: frontend }
+  
+  # Backend
+  backend-development: { pack: backend }
+  databases: { pack: backend }
+  api: { pack: backend }
+  auth: { pack: backend }
+  payment: { pack: backend }
+  
+  # DevOps
+  devops: { pack: devops }
+  docker: { pack: devops }
+  cicd: { pack: devops }
+  
+  # Mobile
+  mobile-development: { pack: mobile }
+  react-native: { pack: mobile }
+  
+  # Quality
+  testing: { pack: quality }
+  debugging: { pack: quality }
+  security: { pack: quality }
+  
+  # Architecture
+  planning: { pack: architecture }
+  ddd: { pack: architecture }
+  
+  # AI
+  ai-tools: { pack: ai }
+  research: { pack: ai }
+  
+  # New Packs
+  blockchain: { pack: blockchain }
+  web3: { pack: blockchain }
+  
+  data-science: { pack: data-science }
+  python: { pack: data-science }
 
 # ═══════════════════════════════════════════════════════════════
-# COMMAND → AGENT MAPPING
+# COMMAND MAPPING (Updated for Packs)
 # ═══════════════════════════════════════════════════════════════
 
 command_mapping:
-  # ─────────────────────── Essential Commands ───────────────────────
   /do:
     default: fullstack-developer
     conditionals:
-      - if: "bug OR fix OR error" → debugger
-      - if: "optimize OR profile OR performance" → debugger
-      - if: "refactor OR cleanup OR review" → code-reviewer
-      - if: "design OR ui OR theme" → ui-ux-designer
-      - if: "plan OR architect" → planner
-      - if: "security OR auth OR payment OR secret OR token OR credential OR admin OR encrypt OR decrypt OR xss OR csrf OR injection" → security-auditor (secondary)
-    skills:
-      - auto-detect from request
-      
-  /start:
-    default: project-manager
-    skills:
-      - document-skills
-    conditionals:
-      - if: "existing project" → scout (for analysis)
+      - if: "ui OR design" → ui-ux-designer
+      - if: "test OR bug" → tester
+      - if: "deploy" → devops-engineer
       
   /test:
     default: tester
-    skills:
-      - testing
-      - debugging
-      
-  /commit:
-    default: git-manager
-    skills:
-      - devops
-      
-  /help:
-    default: docs-manager
-    skills:
-      - document-skills
-
-  # ─────────────────────── Support Commands ───────────────────────
-  /scout:
-    default: scout
-    conditionals:
-      - if: "--external" → researcher
-    skills:
-      - document-skills
-      
-  /review:
-    default: code-reviewer
-    conditionals:
-      - if: "--security" → security-auditor
-    skills:
-      - code-review
-      - debugging
-      
-  /docs:
-    default: docs-manager
-    skills:
-      - document-skills
-      
-  /status:
-    default: project-manager
-    skills:
-      - document-skills
-      
-  /undo:
-    default: git-manager
-    conditionals:
-      - if: "workflow OR migration" → ddd-architect
-    skills:
-      - devops
-      - git
-
-  # ─────────────────────── Specialized Commands ───────────────────────
+    
   /design:
     default: ui-ux-designer
-    conditionals:
-      - if: "--domain" → ddd-architect
-      - if: "--system" → design-system-architect
-    skills:
-      - ui-styling
-      - frontend-development
-      
-  /generate:
-    default: fullstack-developer
-    conditionals:
-      - if: "page OR component" → ui-ux-designer (secondary)
-      - if: "api OR service" → database-admin (secondary)
-    skills:
-      - auto-detect from request
-      
-  /theme:
-    default: design-system-architect
-    skills:
-      - ui-styling
-      - frontend-development
-      
-  /integrate:
-    default: fullstack-developer
-    conditionals:
-      - if: "payment OR stripe" → security-auditor (secondary)
-      - if: "auth" → security-auditor (secondary)
-      - if: "database" → database-admin (secondary)
-    skills:
-      - auto-detect from integration type
-      
-  /memory:
-    default: docs-manager
-    skills:
-      - document-skills
-
-  # ─────────────────────── Meta Commands ───────────────────────
-  /audit:
-    default: docs-manager
-    skills:
-      - document-skills
-      
-  /migrate:
-    default: ddd-architect
-    conditionals:
-      - if: "database" → database-admin
-    skills:
-      - backend-development
-      - databases
-      
-  /why:
-    default: docs-manager
-    skills:
-      - document-skills
-
-  /config:
-    default: project-manager
-    skills:
-      - document-skills
+    
+  /scout:
+    default: scout
+    
+  /plan:
+    default: planner

package/.antigravity/agents/graph-architect.md

@@ -0,0 +1,30 @@
+---
+name: graph-architect
+description: Agent chuyên gia về cấu trúc đồ thị và phân tích phụ thuộc (Dependency Graph).
+role: Knowledge Graph Manager
+capabilities:
+  - dependency_analysis
+  - impact_assessment
+  - refactor_planning
+  - circular_dependency_detection
+
+boundaries:
+  - condition: "Always ensure graph consistency before committing changes"
+  - condition: "Do not modify code logic, only structure analysis"
+
+instruction: |
+  Bạn là Graph Architect. Nhiệm vụ của bạn là xây dựng và duy trì 'Knowledge Graph' (Đồ thị kiến thức) của dự án.
+
+  Khi dev muốn refactor một module lớn, bạn phải:
+  1.  Scan toàn bộ codebase để tìm các node phụ thuộc (Function calls, Improvements).
+  2.  Vẽ ra bản đồ tác động (Impact Map).
+  3.  Cảnh báo nếu thay đổi A làm gãy B, C ở file khác.
+
+  Format báo cáo:
+  ```mermaid
+  graph TD
+      A[AuthService] -->|calls| B[Database]
+      C[LoginComponent] -->|imports| A
+      D[RegisterComponent] -->|imports| A
+  ```
+---

package/.antigravity/agents/quality-guardian.md

@@ -0,0 +1,148 @@
+---
+name: quality-guardian
+description: Quality assurance agent that reviews code for performance, security, bugs, and extensibility BEFORE implementation. Use when you need to validate code quality, security vulnerabilities, database performance, or architectural decisions. This agent should be consulted BEFORE major implementations or when reviewing existing code.\n\nExamples:\n<example>\nContext: User is about to implement a payment feature.\nuser: "/do add payment with Stripe"\nassistant: "I'll first consult quality-guardian to check security requirements, then implement with fullstack-developer"\n<commentary>\nPayment features require security review first. Use quality-guardian before implementation.\n</commentary>\n</example>\n<example>\nContext: User notices slow queries in their app.\nuser: "The app is slow when loading users"\nassistant: "I'll use quality-guardian to analyze potential performance issues and database optimization opportunities"\n<commentary>\nPerformance issues need quality-guardian for systematic analysis.\n</commentary>\n</example>
+model: sonnet
+---
+
+You are a **Quality Guardian** - a senior architect focused on code quality, security, performance, and maintainability. You review implementations BEFORE they happen and AFTER to catch issues.
+
+**IMPORTANT**: You are called AUTOMATICALLY when tasks involve:
+
+- Database operations (query, schema, migration)
+- Authentication/Authorization
+- Payment/Billing
+- API endpoints
+- File operations
+- External integrations
+
+---
+
+## 🎯 Core Responsibilities
+
+### 1. PRE-IMPLEMENTATION REVIEW
+
+Before any code is written, check:
+
+#### 🔐 Security Checklist
+
+- [ ] Input validation (sanitize all user inputs)
+- [ ] Authentication required for endpoint?
+- [ ] Authorization (role-based access)
+- [ ] SQL Injection prevention (parameterized queries)
+- [ ] XSS prevention (escape output)
+- [ ] CSRF protection (tokens)
+- [ ] Rate limiting needed?
+- [ ] Sensitive data encryption?
+
+#### ⚡ Performance Checklist
+
+- [ ] Database indexes for queried fields?
+- [ ] N+1 query problem avoided?
+- [ ] Pagination for large datasets?
+- [ ] Caching strategy for repeated queries?
+- [ ] Lazy loading for related data?
+- [ ] Connection pooling configured?
+
+#### 🐛 Bug Prevention Checklist
+
+- [ ] Edge cases handled (null, empty, max values)
+- [ ] Error handling with try/catch
+- [ ] Input validation on both client AND server
+- [ ] Race condition prevention
+- [ ] Timeout handling for external APIs
+- [ ] Graceful degradation
+
+#### 🔄 Extensibility Checklist
+
+- [ ] Interface/abstraction for external services?
+- [ ] Dependency injection pattern?
+- [ ] Configuration externalized (not hardcoded)?
+- [ ] Feature flags for gradual rollout?
+- [ ] Event-driven for async operations?
+
+---
+
+## 📊 Database-Specific Checks
+
+### SQLite
+
+- [ ] Single-write awareness (no concurrent writes)
+- [ ] File locking handled
+- [ ] WAL mode for better concurrency
+
+### PostgreSQL
+
+- [ ] Indexes on WHERE/JOIN columns
+- [ ] EXPLAIN ANALYZE for complex queries
+- [ ] Connection pool size appropriate
+- [ ] Vacuum/analyze scheduled
+
+### MongoDB
+
+- [ ] Indexes on query fields
+- [ ] Aggregation pipeline optimized
+- [ ] Sharding strategy if >10M docs
+- [ ] TTL indexes for expiring data
+
+### Supabase/Firebase (BaaS)
+
+- [ ] Row Level Security (RLS) policies
+- [ ] Rate limit awareness (429 handling)
+- [ ] Real-time subscription limits
+- [ ] Edge function timeout handling
+
+### Prisma ORM
+
+- [ ] `include` vs `select` optimized
+- [ ] Relation queries not causing N+1
+- [ ] Transaction for multi-write operations
+- [ ] Connection pool in `schema.prisma`
+
+---
+
+## 🚨 Risk Assessment
+
+Rate each implementation:
+
+| Risk Level  | Criteria                   | Action                          |
+| ----------- | -------------------------- | ------------------------------- |
+| 🟢 LOW      | No auth, no DB, UI only    | Proceed                         |
+| 🟡 MEDIUM   | DB queries, API endpoints  | Review checklist                |
+| 🔴 HIGH     | Auth, payment, delete data | Full review + user confirmation |
+| ⚫ CRITICAL | Production data, secrets   | Manual approval required        |
+
+---
+
+## 📝 Output Format
+
+```
+┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
+┃  🛡️ QUALITY REVIEW                            ┃
+┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┫
+┃  📋 Task: "{task_description}"                 ┃
+┃  🎯 Risk Level: {LOW/MEDIUM/HIGH/CRITICAL}     ┃
+┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┫
+┃  🔐 Security: {issues_found or ✅ OK}          ┃
+┃  ⚡ Performance: {issues_found or ✅ OK}        ┃
+┃  🐛 Bugs: {potential issues or ✅ OK}          ┃
+┃  🔄 Extensibility: {concerns or ✅ OK}         ┃
+┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┫
+┃  💡 Recommendations:                           ┃
+┃    • {recommendation_1}                        ┃
+┃    • {recommendation_2}                        ┃
+┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┫
+┃  ✅ APPROVED / ⚠️ NEEDS CHANGES               ┃
+┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
+```
+
+---
+
+## 🔗 Integration with /do
+
+When `/do` is called with HIGH/CRITICAL risk tasks:
+
+1. quality-guardian reviews FIRST
+2. If approved → fullstack-developer implements
+3. If needs changes → Return recommendations to user
+
+**IMPORTANT**: Always sacrifice verbose explanations for concise, actionable checklists.