autoworkflow 3.1.5 → 3.6.0

package/.claude/skills/mcp-database.md

@@ -0,0 +1,219 @@
+# MCP Database Skill
+
+## PostgreSQL Server Configuration
+\`\`\`json
+// claude_desktop_config.json or .claude/settings.json
+{
+  "mcpServers": {
+    "postgres": {
+      "command": "npx",
+      "args": ["-y", "@modelcontextprotocol/server-postgres"],
+      "env": {
+        "POSTGRES_CONNECTION_STRING": "postgresql://user:password@localhost:5432/dbname"
+      }
+    }
+  }
+}
+\`\`\`
+
+## SQLite Server Configuration
+\`\`\`json
+{
+  "mcpServers": {
+    "sqlite": {
+      "command": "npx",
+      "args": ["-y", "@modelcontextprotocol/server-sqlite", "/path/to/database.db"]
+    }
+  }
+}
+\`\`\`
+
+## MySQL Server Configuration
+\`\`\`json
+{
+  "mcpServers": {
+    "mysql": {
+      "command": "npx",
+      "args": ["-y", "@benborla29/mcp-server-mysql"],
+      "env": {
+        "MYSQL_HOST": "localhost",
+        "MYSQL_PORT": "3306",
+        "MYSQL_USER": "root",
+        "MYSQL_PASSWORD": "password",
+        "MYSQL_DATABASE": "mydb"
+      }
+    }
+  }
+}
+\`\`\`
+
+## Available Tools
+
+### Query Operations
+\`\`\`
+query
+- sql: string (SELECT query)
+- Returns: array of rows
+
+execute
+- sql: string (INSERT, UPDATE, DELETE)
+- Returns: affected rows count
+
+describe_table
+- table_name: string
+- Returns: column definitions
+
+list_tables
+- Returns: array of table names
+\`\`\`
+
+### Schema Inspection
+\`\`\`
+get_schema
+- Returns full database schema
+
+list_indexes
+- table_name?: string
+- Returns: index definitions
+
+list_foreign_keys
+- table_name: string
+- Returns: foreign key constraints
+\`\`\`
+
+## Common Query Patterns
+
+### Schema Exploration
+\`\`\`sql
+-- List all tables with row counts (PostgreSQL)
+SELECT schemaname, tablename,
+       n_live_tup as row_count
+FROM pg_stat_user_tables
+ORDER BY n_live_tup DESC;
+
+-- Get column info for a table
+SELECT column_name, data_type, is_nullable, column_default
+FROM information_schema.columns
+WHERE table_name = 'users';
+
+-- Find foreign key relationships
+SELECT tc.table_name, kcu.column_name,
+       ccu.table_name AS foreign_table,
+       ccu.column_name AS foreign_column
+FROM information_schema.table_constraints AS tc
+JOIN information_schema.key_column_usage AS kcu
+  ON tc.constraint_name = kcu.constraint_name
+JOIN information_schema.constraint_column_usage AS ccu
+  ON ccu.constraint_name = tc.constraint_name
+WHERE constraint_type = 'FOREIGN KEY';
+\`\`\`
+
+### Data Analysis
+\`\`\`sql
+-- Recent records with pagination
+SELECT * FROM orders
+ORDER BY created_at DESC
+LIMIT 20 OFFSET 0;
+
+-- Aggregate statistics
+SELECT
+  DATE_TRUNC('day', created_at) as date,
+  COUNT(*) as count,
+  SUM(amount) as total
+FROM orders
+WHERE created_at > NOW() - INTERVAL '30 days'
+GROUP BY DATE_TRUNC('day', created_at)
+ORDER BY date DESC;
+
+-- Find duplicates
+SELECT email, COUNT(*) as count
+FROM users
+GROUP BY email
+HAVING COUNT(*) > 1;
+\`\`\`
+
+### Safe Data Modifications
+\`\`\`sql
+-- Preview before UPDATE
+SELECT * FROM users
+WHERE last_login < NOW() - INTERVAL '1 year';
+
+-- Soft delete pattern
+UPDATE users
+SET deleted_at = NOW()
+WHERE id = 123;
+
+-- Batch update with limit
+UPDATE products
+SET price = price * 1.1
+WHERE category = 'electronics'
+  AND updated_at < NOW() - INTERVAL '1 month'
+LIMIT 100;
+\`\`\`
+
+## Transaction Patterns
+\`\`\`sql
+-- Multi-step operation (run as single execute)
+BEGIN;
+UPDATE accounts SET balance = balance - 100 WHERE id = 1;
+UPDATE accounts SET balance = balance + 100 WHERE id = 2;
+INSERT INTO transfers (from_id, to_id, amount) VALUES (1, 2, 100);
+COMMIT;
+
+-- Rollback on error
+BEGIN;
+-- operations here
+ROLLBACK; -- if something goes wrong
+\`\`\`
+
+## Performance Analysis
+\`\`\`sql
+-- PostgreSQL: Analyze query plan
+EXPLAIN ANALYZE SELECT * FROM orders
+WHERE user_id = 123;
+
+-- Find slow queries (PostgreSQL)
+SELECT query, mean_time, calls
+FROM pg_stat_statements
+ORDER BY mean_time DESC
+LIMIT 10;
+
+-- Find missing indexes
+SELECT relname, seq_scan, seq_tup_read,
+       idx_scan, idx_tup_fetch
+FROM pg_stat_user_tables
+WHERE seq_scan > idx_scan
+ORDER BY seq_tup_read DESC;
+\`\`\`
+
+## Security Best Practices
+\`\`\`bash
+# Connection string security
+# NEVER commit credentials to version control
+
+# Use environment variables
+export POSTGRES_CONNECTION_STRING="postgresql://..."
+
+# Use read-only user for exploration
+CREATE ROLE readonly_user WITH LOGIN PASSWORD 'xxx';
+GRANT CONNECT ON DATABASE mydb TO readonly_user;
+GRANT USAGE ON SCHEMA public TO readonly_user;
+GRANT SELECT ON ALL TABLES IN SCHEMA public TO readonly_user;
+\`\`\`
+
+## ❌ DON'T
+- Run DELETE or TRUNCATE without WHERE clause
+- Execute unverified queries on production
+- Expose connection strings in code
+- Use root/admin credentials for exploration
+- Run expensive queries without LIMIT
+- Forget to use transactions for multi-step operations
+
+## ✅ DO
+- Use read-only credentials when possible
+- Preview data before modifications (SELECT first)
+- Use LIMIT for exploratory queries
+- Analyze query plans for expensive operations
+- Use parameterized queries in applications
+- Back up data before major modifications
+- Use transactions for atomic operations

package/.claude/skills/mcp-fetch.md

@@ -0,0 +1,241 @@
+# MCP Fetch Skill
+
+## Server Configuration
+\`\`\`json
+// claude_desktop_config.json or .claude/settings.json
+{
+  "mcpServers": {
+    "fetch": {
+      "command": "npx",
+      "args": ["-y", "@modelcontextprotocol/server-fetch"]
+    }
+  }
+}
+\`\`\`
+
+## Available Tools
+
+### fetch
+\`\`\`
+fetch
+- url: string (URL to fetch)
+- method?: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE' | 'HEAD' | 'OPTIONS'
+- headers?: object (key-value pairs)
+- body?: string (request body for POST/PUT/PATCH)
+- Returns: {
+    status: number,
+    statusText: string,
+    headers: object,
+    body: string,
+    ok: boolean
+  }
+\`\`\`
+
+## HTTP Methods
+
+### GET Request
+\`\`\`
+fetch:
+  url: "https://api.example.com/users"
+  method: "GET"
+  headers:
+    Accept: "application/json"
+    Authorization: "Bearer token123"
+\`\`\`
+
+### POST Request with JSON
+\`\`\`
+fetch:
+  url: "https://api.example.com/users"
+  method: "POST"
+  headers:
+    Content-Type: "application/json"
+    Authorization: "Bearer token123"
+  body: '{"name": "John", "email": "john@example.com"}'
+\`\`\`
+
+### PUT Request (Update)
+\`\`\`
+fetch:
+  url: "https://api.example.com/users/123"
+  method: "PUT"
+  headers:
+    Content-Type: "application/json"
+  body: '{"name": "John Updated"}'
+\`\`\`
+
+### DELETE Request
+\`\`\`
+fetch:
+  url: "https://api.example.com/users/123"
+  method: "DELETE"
+  headers:
+    Authorization: "Bearer token123"
+\`\`\`
+
+## Authentication Patterns
+
+### Bearer Token
+\`\`\`
+headers:
+  Authorization: "Bearer eyJhbGciOiJIUzI1NiIs..."
+\`\`\`
+
+### API Key
+\`\`\`
+# In header
+headers:
+  X-API-Key: "your-api-key"
+
+# In query string
+url: "https://api.example.com/data?api_key=your-key"
+\`\`\`
+
+### Basic Auth
+\`\`\`
+headers:
+  Authorization: "Basic base64(username:password)"
+\`\`\`
+
+## Common Headers
+\`\`\`
+Content-Type: "application/json"        # JSON body
+Content-Type: "application/x-www-form-urlencoded"  # Form data
+Content-Type: "multipart/form-data"     # File uploads
+Accept: "application/json"              # Expect JSON response
+Accept: "text/html"                     # Expect HTML
+User-Agent: "MCP-Fetch/1.0"            # Custom user agent
+Cache-Control: "no-cache"               # Skip cache
+If-None-Match: "etag-value"            # Conditional request
+\`\`\`
+
+## Response Handling
+
+### Check Status
+\`\`\`
+Response:
+  ok: true/false (status 200-299)
+  status: 200, 201, 400, 401, 404, 500, etc.
+  statusText: "OK", "Not Found", etc.
+
+Common status codes:
+  200 - OK (GET success)
+  201 - Created (POST success)
+  204 - No Content (DELETE success)
+  400 - Bad Request (invalid input)
+  401 - Unauthorized (auth required)
+  403 - Forbidden (no permission)
+  404 - Not Found
+  429 - Too Many Requests (rate limited)
+  500 - Internal Server Error
+\`\`\`
+
+### Parse Response Body
+\`\`\`
+# JSON response
+body: '{"id": 1, "name": "John"}'
+Parse as JSON to access data
+
+# HTML response
+body: '<!DOCTYPE html>...'
+May need to extract specific content
+
+# Error response
+body: '{"error": "Invalid input", "code": "VALIDATION_ERROR"}'
+Check ok=false and parse error details
+\`\`\`
+
+## Common API Patterns
+
+### REST API CRUD
+\`\`\`
+# List resources
+GET /api/users
+
+# Get single resource
+GET /api/users/123
+
+# Create resource
+POST /api/users
+Body: {"name": "John"}
+
+# Update resource
+PUT /api/users/123 (full update)
+PATCH /api/users/123 (partial update)
+
+# Delete resource
+DELETE /api/users/123
+\`\`\`
+
+### Pagination
+\`\`\`
+# Offset-based
+GET /api/users?page=2&limit=20
+
+# Cursor-based
+GET /api/users?cursor=abc123&limit=20
+
+# Response headers
+Link: <url?page=3>; rel="next"
+X-Total-Count: 100
+\`\`\`
+
+### Query Parameters
+\`\`\`
+# Filtering
+GET /api/users?status=active&role=admin
+
+# Sorting
+GET /api/users?sort=created_at&order=desc
+
+# Field selection
+GET /api/users?fields=id,name,email
+
+# Search
+GET /api/users?q=john
+\`\`\`
+
+## Error Handling
+\`\`\`
+1. Check response.ok first
+2. If false, parse error body
+3. Handle specific status codes:
+   - 401: Refresh auth token
+   - 429: Wait and retry (check Retry-After header)
+   - 5xx: Retry with backoff
+
+Common error response formats:
+{
+  "error": "message",
+  "code": "ERROR_CODE",
+  "details": [...]
+}
+\`\`\`
+
+## Rate Limiting
+\`\`\`
+Check response headers:
+  X-RateLimit-Limit: 100
+  X-RateLimit-Remaining: 45
+  X-RateLimit-Reset: 1640000000
+
+If 429 status:
+  Retry-After: 60 (seconds to wait)
+\`\`\`
+
+## ❌ DON'T
+- Expose API keys in logs or output
+- Ignore rate limits
+- Skip error handling
+- Hardcode credentials in requests
+- Trust user input in URLs (injection risk)
+- Fetch from untrusted URLs
+
+## ✅ DO
+- Use HTTPS for all requests
+- Handle all response status codes
+- Respect rate limits and Retry-After
+- Validate URLs before fetching
+- Use appropriate Content-Type headers
+- Parse and validate response data
+- Log requests for debugging (without secrets)

package/.claude/skills/mcp-filesystem.md

@@ -0,0 +1,204 @@
+# MCP Filesystem Skill
+
+## Server Configuration
+\`\`\`json
+// claude_desktop_config.json or .claude/settings.json
+{
+  "mcpServers": {
+    "filesystem": {
+      "command": "npx",
+      "args": [
+        "-y",
+        "@modelcontextprotocol/server-filesystem",
+        "/Users/username/projects",
+        "/Users/username/documents"
+      ]
+    }
+  }
+}
+\`\`\`
+
+## Security: Allowed Directories
+\`\`\`bash
+# The server ONLY allows access to explicitly listed directories
+# Each path argument grants access to that directory and all subdirectories
+
+# Example: Grant access to multiple project folders
+"args": [
+  "-y",
+  "@modelcontextprotocol/server-filesystem",
+  "/Users/me/work/project-a",
+  "/Users/me/work/project-b",
+  "/Users/me/shared/configs"
+]
+
+# NEVER grant access to:
+# - Home directory root (~/)
+# - System directories (/etc, /usr, /System)
+# - Credential directories (~/.ssh, ~/.aws)
+\`\`\`
+
+## Available Tools
+
+### Read Operations
+\`\`\`
+read_file
+- path: string (absolute path to file)
+- Returns: file contents as string
+
+read_multiple_files
+- paths: string[] (array of file paths)
+- Returns: array of { path, content } or { path, error }
+
+get_file_info
+- path: string
+- Returns: {
+    size: number (bytes),
+    created: string (ISO date),
+    modified: string (ISO date),
+    accessed: string (ISO date),
+    isDirectory: boolean,
+    isFile: boolean,
+    permissions: string
+  }
+\`\`\`
+
+### Write Operations
+\`\`\`
+write_file
+- path: string (absolute path)
+- content: string (file content)
+- Returns: success confirmation
+
+edit_file
+- path: string
+- edits: array of {
+    oldText: string,
+    newText: string
+  }
+- dryRun?: boolean (preview changes without writing)
+- Returns: diff preview or success confirmation
+
+create_directory
+- path: string
+- Returns: success confirmation
+\`\`\`
+
+### Directory Operations
+\`\`\`
+list_directory
+- path: string (directory path)
+- Returns: array of entries with name, type (file/directory)
+
+list_allowed_directories
+- Returns: array of paths the server can access
+
+move_file
+- source: string
+- destination: string
+- Returns: success confirmation
+
+search_files
+- path: string (directory to search in)
+- pattern: string (glob pattern like "*.ts" or "**/*.json")
+- excludePatterns?: string[] (patterns to exclude)
+- Returns: array of matching file paths
+\`\`\`
+
+## Common Patterns
+
+### Project Structure Analysis
+\`\`\`
+1. list_directory on root to understand structure
+2. search_files for specific file types ("**/*.ts")
+3. read_multiple_files for key config files:
+   - package.json
+   - tsconfig.json
+   - .env.example
+\`\`\`
+
+### Safe File Editing
+\`\`\`
+1. read_file to get current content
+2. Use edit_file with dryRun: true to preview
+3. Review diff output
+4. Apply with dryRun: false
+\`\`\`
+
+### Batch File Operations
+\`\`\`
+// Read all TypeScript files in src/
+1. search_files with path: "/project/src", pattern: "**/*.ts"
+2. read_multiple_files with resulting paths
+3. Analyze contents
+
+// Create new component structure
+1. create_directory for component folder
+2. write_file for each file (index.ts, Component.tsx, styles.ts)
+\`\`\`
+
+### Configuration Updates
+\`\`\`
+1. read_file: package.json
+2. Parse JSON content
+3. Modify dependencies
+4. write_file with updated content
+\`\`\`
+
+## Glob Pattern Reference
+\`\`\`bash
+*           # Match any file in current directory
+**          # Match all files recursively
+*.ts        # All TypeScript files in current directory
+**/*.ts     # All TypeScript files recursively
+**/*.{ts,tsx}  # All .ts and .tsx files
+src/**/*    # All files in src/ subdirectories
+!node_modules  # Exclude (in excludePatterns)
+!**/*.test.ts  # Exclude test files
+\`\`\`
+
+## Path Handling
+\`\`\`bash
+# Always use absolute paths
+/Users/username/project/src/index.ts  # Correct
+./src/index.ts                         # Incorrect
+src/index.ts                           # Incorrect
+
+# Path traversal is blocked
+/allowed/path/../../../etc/passwd     # Blocked by server
+
+# Symlinks
+# Server follows symlinks but validates final path
+# is within allowed directories
+\`\`\`
+
+## File Size Considerations
+\`\`\`bash
+# Large files may be truncated or cause issues
+# For large files:
+# - Read in chunks if supported
+# - Use search_files to find specific files
+# - Consider streaming alternatives
+
+# Recommended limits:
+# - Text files: < 1MB ideal
+# - Log files: use tail/head in bash instead
+# - Binary files: not supported
+\`\`\`
+
+## ❌ DON'T
+- Grant access to home directory root
+- Include ~/.ssh, ~/.aws, or credential directories
+- Write to system directories
+- Overwrite files without reading first
+- Ignore the allowed directories restriction
+- Use relative paths
+
+## ✅ DO
+- Use minimal directory access grants
+- Preview edits with dryRun before applying
+- Use read_multiple_files for batch operations
+- Check file existence with get_file_info
+- Use search_files with exclusion patterns
+- Validate paths are within allowed directories
+- Use absolute paths in all operations