autoworkflow 3.1.4 → 3.5.0

package/.claude/commands/analyze.md

@@ -1,3 +1,22 @@
+---
+role: Technical Analyst
+skills_required: []
+output_schema:
+  task_description: string
+  classification: {type: enum[feature,fix,refactor,style,docs,test,query], workflow: array, gates: array}
+  relevant_files: [{path: string, reason: string}]
+  existing_patterns: array
+  blueprint_requirements: array
+  dependencies: array
+  notes: array
+guardrails:
+  - Always read BLUEPRINT.md if it exists
+  - Always classify task type using system/router.md
+  - Never skip to implementation without analysis
+  - Identify all relevant files before planning
+  - Note existing patterns to maintain consistency
+---
+
 # /analyze - Analyze Command
 
 Analyze the codebase for a given task or question.

package/.claude/commands/audit.md

@@ -1,7 +1,33 @@
+---
+role: Senior Code Reviewer
+skills_required:
+  - security.md
+  - code-review.md
+output_schema:
+  feature_name: string
+  issues: [{severity: enum[critical,high,medium,low], category: enum[security,performance,maintainability,correctness], file: string, line: number, message: string, suggestion: string}]
+  summary: string
+  score: number (0-100)
+  approval: boolean
+  blocking_issues: number
+guardrails:
+  - Prioritize security issues above all else
+  - Fail immediately on critical issues
+  - Always provide actionable fix suggestions
+  - ONE FEATURE AT A TIME - never audit multiple features simultaneously
+  - Complete full cycle before moving to next feature
+  - Require user confirmation before proceeding to next feature
+---
+
 # /audit - Audit Command
 
 Run code quality, security, and architecture audits.
 
+## Prerequisites (LOAD FIRST)
+**Before executing this command, READ these skill files:**
+1. `.claude/skills/security.md` - Security patterns and vulnerabilities
+2. `.claude/skills/code-review.md` - Code review checklist and feedback
+
 ## Trigger
 - User invokes `/audit`
 - User invokes `/audit project` (full project scan)
@@ -19,10 +45,34 @@ Per `system/router.md`, audit is required for:
 ## Arguments
 - `/audit` - Run standard checks (UI + cycles)
 - `/audit project` - Full project scan (generates BLUEPRINT.md)
+- `/audit sync` - Compare BLUEPRINT vs code, one feature at a time
 - `/audit [feature name]` - Deep audit of specific feature
 
 ---
 
+## Core Principle: ONE FEATURE AT A TIME
+
+**NEVER audit multiple features simultaneously.** This prevents:
+- Information overload
+- Multiple incomplete features
+- User confusion
+
+```
+❌ WRONG: "Here are 15 features with gaps across your codebase..."
+✅ RIGHT: "Feature 1: User Auth. Here's what's missing. Fix now? → Done → Next feature..."
+```
+
+**Serial workflow:**
+```
+Feature 1 → Audit → Fix → Verify → ✅ Complete
+    ↓
+Feature 2 → Audit → Fix → Verify → ✅ Complete
+    ↓
+Feature 3 → ...
+```
+
+---
+
 ## Audit Types
 
 ### Type 1: Feature Audit (`/audit [feature]`)
@@ -207,7 +257,99 @@ Update both files with discovered information.
 
 ---
 
-### Type 3: Standard Audit (`/audit`)
+### Type 3: Blueprint Sync (`/audit sync`)
+
+Compare BLUEPRINT.md against actual code, **one feature at a time**.
+
+#### Step 1: Parse BLUEPRINT.md
+Extract features list from the Features section.
+
+#### Step 2: For EACH Feature (Serial)
+
+```
+Feature 1: [Name]
+    ↓
+Read BLUEPRINT requirements for this feature
+    ↓
+Scan code for this feature's implementation
+    ↓
+Compare: BLUEPRINT ↔ Code
+    ↓
+Report gaps (one feature only)
+    ↓
+Offer fixes
+    ↓
+Wait for user
+    ↓
+Fix if approved
+    ↓
+THEN → Feature 2
+```
+
+#### Step 3: Report Format (Per Feature)
+
+```
+## Blueprint Sync: Feature 1 of 5
+
+### 📘 User Authentication
+
+**BLUEPRINT says:**
+- Login with email/password
+- OAuth (Google, GitHub)
+- Password reset flow
+- Session management
+
+**Code has:**
+- ✅ Login with email/password (`src/auth/login.ts`)
+- ✅ OAuth Google (`src/auth/oauth.ts`)
+- ❌ OAuth GitHub - NOT FOUND
+- ⚠️ Password reset - Partial (no email sending)
+- ✅ Session management (`src/auth/session.ts`)
+
+**Sync Status:** 75% aligned
+
+---
+
+### Gap Analysis
+
+| Gap | Direction | Action |
+|-----|-----------|--------|
+| OAuth GitHub | 📘→💻 | In BLUEPRINT, not in code |
+| Password reset email | 📘→💻 | Incomplete implementation |
+
+### Suggested Actions
+
+1. **Implement OAuth GitHub** - Add GitHub provider to oauth.ts
+2. **Complete password reset** - Add email sending to reset flow
+
+---
+
+**Options:**
+- `implement` - Build missing code
+- `remove` - Remove from BLUEPRINT (if not needed)
+- `skip` - Move to next feature
+- `1` - Only action 1
+```
+
+#### Step 4: After User Action
+- If `implement`: Build the missing parts, verify, re-check
+- If `remove`: Update BLUEPRINT.md to remove the item
+- If `skip`: Log as skipped, move to next feature
+
+#### Step 5: Next Feature
+Only after current feature is resolved (fixed/skipped/removed), show next:
+
+```
+✅ Feature 1: User Authentication - SYNCED
+
+## Blueprint Sync: Feature 2 of 5
+
+### 📘 Dashboard...
+```
+
+---
+
+### Type 4: Standard Audit (`/audit`)
 
 Quick check for UI enforcement and circular dependencies.
 
@@ -275,21 +417,42 @@ Ready to proceed to COMMIT.
 
 ---
 
-## Critical Rule: Always Offer to Fix
+## Critical Rule: Complete Cycle Per Feature
 
-**NEVER** just report issues and move on. The workflow is:
+**NEVER** move to the next feature until the current one is FULLY resolved.
 
+**Complete cycle for ONE feature:**
+```
+1. AUDIT      → Find issues in Feature X
+2. REPORT     → Show issues with severity
+3. SUGGEST    → Offer specific fixes
+4. WAIT       → Get user approval
+5. IMPLEMENT  → Make the approved changes
+6. VERIFY     → Run npm run verify
+7. RE-AUDIT   → Check Feature X again
+8. CONFIRM    → Feature X is now complete? ✅
+9. THEN       → Move to Feature X+1
 ```
-1. AUDIT → Find issues
-2. REPORT → Show issues with severity
-3. SUGGEST → Offer specific fixes
-4. WAIT → Get user approval
-5. FIX → Implement approved fixes
-6. RE-AUDIT → Verify fixes worked
-7. THEN → Proceed to next item
+
+**What "complete" means:**
+- All approved fixes implemented
+- Verification passes (no TS/ESLint errors)
+- Re-audit shows no remaining issues
+- User confirms ready to move on
+
+**If user says "skip":**
+- Log as skipped with reason
+- Mark feature as incomplete in tracking
+- Move to next feature
+- DO NOT leave silently
+
 ```
+❌ WRONG:
+"Found 3 issues in Auth. Found 2 issues in Dashboard. Found 5 issues in Settings..."
 
-If user says "no" to fixes, log it and proceed. But ALWAYS offer.
+✅ RIGHT:
+"Found 3 issues in Auth. Fix? → [fixes] → Verify → Pass → Auth complete ✅ → Dashboard?"
+```
 
 ---
 

package/.claude/commands/build.md

@@ -1,7 +1,46 @@
+---
+role: Senior Full-Stack Engineer
+skills_required: []
+dynamic_skills:
+  - Detect project tech stack and load relevant skills
+  - React projects: react.md, nextjs-app-router.md or nextjs-pages.md
+  - Vue projects: vue.md, nuxt.md
+  - Backend: express.md, fastapi.md, etc.
+  - Database: prisma.md, postgresql.md, mongodb.md
+output_schema:
+  feature_name: string
+  workflow_phases: [analyze, plan, confirm, implement, verify, audit, commit]
+  current_phase: string
+  phase_outputs: object
+  final_status: enum[completed,blocked,pending_approval]
+guardrails:
+  - Execute FULL workflow: ANALYZE → PLAN → CONFIRM → IMPLEMENT → VERIFY → AUDIT → COMMIT
+  - NEVER skip the CONFIRM phase - always wait for user approval
+  - Handle loading, error, and empty states for all UI components
+  - Use TypeScript with proper type definitions
+  - Ensure accessibility (WCAG 2.1 AA minimum)
+  - Follow existing code patterns in the project
+---
+
 # /build - Build Feature Command
 
 Execute the full workflow to build a feature from start to finish.
 
+## Prerequisites (LOAD FIRST - Dynamic)
+**Before executing, detect project tech stack and load relevant skills:**
+
+1. **Check package.json** for dependencies
+2. **Load matching skills from `.claude/skills/`:**
+   - React → `react.md`
+   - Next.js (app router) → `nextjs-app-router.md`
+   - Next.js (pages) → `nextjs-pages.md`
+   - Vue → `vue.md`
+   - Prisma → `prisma.md`
+   - Express → `express.md`
+   - TypeScript → Check `tsconfig.json` patterns
+
+3. **Always load:** `security.md` for security awareness
+
 ## Trigger
 - User invokes `/build [feature description]`
 

package/.claude/commands/commit.md

@@ -1,7 +1,32 @@
+---
+role: Git Operations Specialist
+skills_required:
+  - git.md
+output_schema:
+  files_changed: array
+  commit_type: enum[feat,fix,docs,style,refactor,perf,test,build,ci,chore,revert]
+  commit_scope: string
+  commit_message: string
+  gate_status: {typescript: boolean, eslint: boolean, todo_check: boolean, console_check: boolean, format_valid: boolean}
+  commit_hash: string
+guardrails:
+  - ALWAYS use conventional commit format: type(scope): description
+  - NEVER commit with failing TypeScript or ESLint checks
+  - NEVER commit files containing TODO/FIXME comments
+  - NEVER commit files containing console.log statements
+  - NEVER force push to main/master branch
+  - ALWAYS run verification before committing
+  - ALWAYS ask for confirmation before executing commit
+---
+
 # /commit - Commit Command
 
 Run pre-commit gate and create a conventional commit.
 
+## Prerequisites (LOAD FIRST)
+**Before executing this command, READ these skill files:**
+1. `.claude/skills/git.md` - Git conventions, commit formats, and best practices
+
 ## Trigger
 - User invokes `/commit [message]`
 - Or: After AUDIT phase passes

package/.claude/commands/fix.md

@@ -1,7 +1,30 @@
+---
+role: Senior Debug Engineer
+skills_required:
+  - debugging.md
+output_schema:
+  diagnosis: {root_cause: string, error_type: string, affected_files: array}
+  fix: {approach: string, changes: [{file: string, description: string}], verification_steps: array}
+  prevention: {regression_test: string, recommendations: array}
+  iteration: number
+  status: enum[fixed,in_progress,stuck]
+guardrails:
+  - Make minimal, targeted changes only
+  - Always verify fix with npm run verify
+  - Never make destructive changes without confirmation
+  - Add regression test recommendation for each fix
+  - Follow systematic debugging: REPRODUCE → ISOLATE → IDENTIFY → FIX → VERIFY
+  - Max 10 fix iterations before asking for help
+---
+
 # /fix - Fix Command
 
 Fix verification errors and re-verify.
 
+## Prerequisites (LOAD FIRST)
+**Before executing this command, READ these skill files:**
+1. `.claude/skills/debugging.md` - Systematic debugging approach and techniques
+
 ## Trigger
 - User invokes `/fix`
 - Or: Automatically when `verify_loop` detects errors

package/.claude/commands/plan.md

@@ -1,3 +1,21 @@
+---
+role: Senior Technical Project Manager
+skills_required: []
+output_schema:
+  feature_name: string
+  classification: {type: string, workflow: string}
+  phases: [{name: string, tasks: array}]
+  tasks: [{id: string, description: string, effort: enum[S,M,L,XL], depends_on: array}]
+  risks: [{risk: string, mitigation: string}]
+  definition_of_done: array
+guardrails:
+  - Maximum 10 tasks per phase
+  - Always include effort estimates (S/M/L/XL)
+  - Always identify task dependencies
+  - Never implement without explicit user approval
+  - Break complex tasks into smaller steps
+---
+
 # /plan - Plan Command
 
 Create an implementation plan with suggestions.

package/.claude/commands/suggest.md

@@ -1,7 +1,30 @@
+---
+role: Technical Advisor
+skills_required:
+  - code-review.md
+output_schema:
+  task_name: string
+  suggestions:
+    required: [{description: string, reason: string}]
+    recommended: [{description: string, reason: string}]
+    optional: [{description: string, reason: string}]
+  user_selection: array
+guardrails:
+  - Categorize all suggestions by priority (required/recommended/optional)
+  - Always explain the "why" for each suggestion
+  - Required items are non-negotiable for feature completeness
+  - Let user select which suggestions to implement
+  - Never implement suggestions without user approval
+---
+
 # /suggest - Suggest Command
 
 Generate feature completeness suggestions for a task.
 
+## Prerequisites (LOAD FIRST)
+**Before executing this command, READ these skill files:**
+1. `.claude/skills/code-review.md` - Code review patterns and feedback templates
+
 ## Trigger
 - User invokes `/suggest [task]`
 - Or: Automatically during PLAN phase for features

package/.claude/commands/verify.md

@@ -1,3 +1,21 @@
+---
+role: Quality Assurance Engineer
+skills_required: []
+output_schema:
+  typescript: {status: enum[pass,fail], error_count: number, errors: array}
+  eslint: {status: enum[pass,fail], warning_count: number, warnings: array}
+  gate_passed: boolean
+  iteration: number
+  max_iterations: 10
+guardrails:
+  - Always run full verification (typecheck + lint)
+  - Report every error with file path and line number
+  - Auto-enter fix loop on any failure
+  - Maximum 10 fix iterations before escalating to user
+  - Never skip verification steps
+  - Clear reporting of gate status
+---
+
 # /verify - Verify Command
 
 Run TypeScript and ESLint verification with fix loop.

package/.claude/hooks/post-bash-router.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+# AutoWorkflow Post-Bash Router Hook
+# Runs on: PostToolUse for Bash
+# Purpose: Route bash commands to appropriate post-action hooks
+#
+# Routes:
+# - git commit → post-commit.sh (BLUEPRINT update reminder)
+
+# Get the command that was executed
+TOOL_INPUT="$1"
+
+# Check if this was a git commit command
+if echo "$TOOL_INPUT" | grep -qE "git\s+commit"; then
+    # Route to post-commit hook
+    ./.claude/hooks/post-commit.sh
+    exit $?
+fi
+
+# No routing needed for other commands
+exit 0

package/.claude/hooks/post-commit.sh

@@ -0,0 +1,140 @@
+#!/bin/bash
+# AutoWorkflow Post-Commit Hook
+# Runs on: PostToolUse for Bash (when git commit detected)
+# Purpose: Trigger BLUEPRINT.md update reminder after feature commits
+#
+# This hook implements the on:feature_complete trigger
+# It reminds Claude to update BLUEPRINT.md after successful commits
+
+# Colors
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+CYAN='\033[0;36m'
+BOLD='\033[1m'
+DIM='\033[2m'
+NC='\033[0m'
+
+# State directory
+STATE_DIR=".claude/.autoworkflow"
+
+# State files
+PHASE_FILE="$STATE_DIR/phase"
+TASK_TYPE_FILE="$STATE_DIR/task-type"
+
+# Get task type
+get_task_type() {
+    if [ -f "$TASK_TYPE_FILE" ]; then
+        cat "$TASK_TYPE_FILE"
+    else
+        echo "unknown"
+    fi
+}
+
+# Check if task type requires BLUEPRINT update
+requires_blueprint_update() {
+    local task_type="$1"
+    case "$task_type" in
+        feature|refactor)
+            return 0
+            ;;
+        *)
+            return 1
+            ;;
+    esac
+}
+
+# Reset workflow state after commit
+reset_workflow() {
+    echo "IDLE" > "$PHASE_FILE"
+    rm -f "$STATE_DIR/verify-iteration" 2>/dev/null
+    rm -f "$STATE_DIR/verify-status" 2>/dev/null
+    rm -f "$STATE_DIR/plan-approved" 2>/dev/null
+    rm -f "$STATE_DIR/changed-files" 2>/dev/null
+    rm -f "$STATE_DIR/session-resumed" 2>/dev/null
+}
+
+# Get last commit info
+get_commit_info() {
+    local commit_type=$(git log -1 --pretty=%s 2>/dev/null | cut -d'(' -f1 | cut -d':' -f1)
+    local commit_scope=$(git log -1 --pretty=%s 2>/dev/null | sed -n 's/.*(\([^)]*\)).*/\1/p')
+    local commit_msg=$(git log -1 --pretty=%s 2>/dev/null)
+    local commit_hash=$(git log -1 --pretty=%h 2>/dev/null)
+    local files_changed=$(git diff-tree --no-commit-id --name-only -r HEAD 2>/dev/null | wc -l | tr -d ' ')
+
+    echo "$commit_type|$commit_scope|$commit_msg|$commit_hash|$files_changed"
+}
+
+# Main execution
+main() {
+    local task_type=$(get_task_type)
+    local commit_info=$(get_commit_info)
+    local commit_type=$(echo "$commit_info" | cut -d'|' -f1)
+    local commit_scope=$(echo "$commit_info" | cut -d'|' -f2)
+    local commit_msg=$(echo "$commit_info" | cut -d'|' -f3)
+    local commit_hash=$(echo "$commit_info" | cut -d'|' -f4)
+    local files_changed=$(echo "$commit_info" | cut -d'|' -f5)
+
+    echo ""
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    echo -e "${GREEN}${BOLD}✅ AUTOWORKFLOW: COMMIT COMPLETE${NC}"
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    echo ""
+    echo -e "  ${CYAN}Hash:${NC}    $commit_hash"
+    echo -e "  ${CYAN}Message:${NC} $commit_msg"
+    echo -e "  ${CYAN}Files:${NC}   $files_changed changed"
+    echo ""
+
+    # Check if BLUEPRINT update is needed
+    if requires_blueprint_update "$task_type" || [ "$commit_type" = "feat" ] || [ "$commit_type" = "refactor" ]; then
+        echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+        echo -e "${YELLOW}${BOLD}📘 AUTOWORKFLOW: UPDATE PHASE${NC}"
+        echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+        echo ""
+        echo "This commit may have added new features/routes/APIs."
+        echo ""
+        echo -e "${BOLD}Check if BLUEPRINT.md needs updating:${NC}"
+        echo ""
+        echo "  1. New routes/pages added?"
+        echo "  2. New API endpoints added?"
+        echo "  3. New features/components added?"
+        echo "  4. Existing features modified?"
+        echo ""
+
+        # Check what might have changed
+        local new_routes=$(git diff-tree --no-commit-id --name-only -r HEAD 2>/dev/null | grep -E "(pages|app|routes)" | head -3)
+        local new_apis=$(git diff-tree --no-commit-id --name-only -r HEAD 2>/dev/null | grep -E "(api|endpoints|routes)" | head -3)
+        local new_components=$(git diff-tree --no-commit-id --name-only -r HEAD 2>/dev/null | grep -E "components" | head -3)
+
+        if [ -n "$new_routes" ]; then
+            echo -e "${DIM}Potential new routes:${NC}"
+            echo "$new_routes" | while read f; do echo -e "  ${DIM}- $f${NC}"; done
+            echo ""
+        fi
+
+        if [ -n "$new_apis" ]; then
+            echo -e "${DIM}Potential new APIs:${NC}"
+            echo "$new_apis" | while read f; do echo -e "  ${DIM}- $f${NC}"; done
+            echo ""
+        fi
+
+        if [ -n "$new_components" ]; then
+            echo -e "${DIM}Potential new components:${NC}"
+            echo "$new_components" | while read f; do echo -e "  ${DIM}- $f${NC}"; done
+            echo ""
+        fi
+
+        echo -e "${BOLD}Action:${NC} Review and update instructions/BLUEPRINT.md if needed."
+        echo ""
+        echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    fi
+
+    # Reset workflow state
+    reset_workflow
+
+    echo ""
+    echo -e "${GREEN}Workflow complete. Ready for next task.${NC}"
+    echo ""
+}
+
+main