awesome-slash 2.4.2

package/README.md

@@ -0,0 +1,363 @@
+# Awesome Slash Commands
+
+> Professional-grade workflow automation for AI coding assistants
+
+A cross-platform plugin providing powerful, zero-configuration slash commands for development workflows. Works with **Claude Code**, **Codex CLI**, and **OpenCode**.
+
+[![npm](https://img.shields.io/npm/v/awesome-slash?color=red)](https://www.npmjs.com/package/awesome-slash)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+[![Version](https://img.shields.io/badge/version-2.4.2-blue)](https://github.com/avifenesh/awesome-slash/releases)
+[![GitHub stars](https://img.shields.io/github/stars/awesome-slash?style=flat&color=yellow)](https://github.com/avifenesh/awesome-slash/stargazers)
+[![Claude Code](https://img.shields.io/badge/Claude-Code%20Plugin-blue)](https://docs.anthropic.com/en/docs/claude-code)
+[![Codex CLI](https://img.shields.io/badge/Codex-CLI%20Compatible-green)](https://developers.openai.com/codex/cli)
+[![OpenCode](https://img.shields.io/badge/OpenCode-Compatible-orange)](https://opencode.ai)
+
+## What's New in v2.4.0
+
+- **Reality Check Plugin** - Deep repository analysis to detect plan drift and gaps
+- **Multi-Agent Parallel Scanning** - Issue scanner, doc analyzer, code explorer run simultaneously
+- **Prioritized Reconstruction Plans** - Automated drift detection with priority-weighted action items
+
+---
+
+## Installation
+
+### npm (Recommended)
+
+```bash
+npm install awesome-slash
+```
+
+### Claude Code
+
+```bash
+# Option 1: npm (recommended)
+claude plugin add npm:awesome-slash
+
+# Option 2: GitHub
+claude plugin add github:avifenesh/awesome-slash
+
+# Option 3: Local clone
+git clone https://github.com/avifenesh/awesome-slash.git
+./scripts/install/claude.sh
+```
+
+### OpenCode
+
+```bash
+npm install awesome-slash
+# or
+git clone https://github.com/avifenesh/awesome-slash.git
+cd awesome-slash
+./scripts/install/opencode.sh
+```
+
+### Codex CLI
+
+```bash
+npm install awesome-slash
+# or
+git clone https://github.com/avifenesh/awesome-slash.git
+cd awesome-slash
+./scripts/install/codex.sh
+```
+
+---
+
+## Available Commands
+
+### 📋 `/next-task:next-task` - Master Workflow Orchestrator
+
+Complete task-to-production automation with state management and resume capability.
+
+```bash
+/next-task:next-task                   # Start new workflow with policy selection
+/next-task:next-task --status          # Check current workflow state
+/next-task:next-task --resume          # Resume from last checkpoint
+/next-task:next-task --abort           # Cancel workflow and cleanup
+/next-task:next-task bug               # Filter by task type
+```
+
+**13-Phase Autonomous Workflow:**
+1. Policy Selection → Ask user preferences via checkboxes
+2. Task Discovery → Find and prioritize tasks from GitHub/Linear/PLAN.md
+3. Worktree Setup → Create isolated development environment [sonnet]
+4. Exploration → Deep codebase analysis [opus]
+5. Planning → Design implementation plan [opus]
+6. **User Approval → Get plan approval (LAST human interaction)**
+7. Implementation → Execute the plan [opus]
+8. **Pre-Review Gates → deslop-work + test-coverage-checker [sonnet]**
+9. Review Loop → Multi-agent review until approved [opus]
+10. **Delivery Validation → Autonomous task completion check [sonnet]**
+11. **Docs Update → Auto-update related documentation [sonnet]**
+12. Ship → PR creation, CI monitoring, merge
+13. Cleanup → Remove worktree, update state
+
+**Features:**
+- **Fully autonomous** after plan approval - no human in the loop
+- Resume capability with `.claude/.workflow-state.json`
+- 14 specialist agents with model optimization (opus/sonnet)
+- Quality gates: deslop-work, test-coverage-checker, delivery-validator, docs-updater
+- SubagentStop hooks for automatic workflow transitions
+- Policy-based stopping points (pr-created, merged, deployed, production)
+
+---
+
+### 🚀 `/ship:ship` - Complete PR Workflow
+
+Ship your code from commit to production with full validation and state integration.
+
+```bash
+/ship:ship                        # Default workflow
+/ship:ship --strategy rebase      # Rebase before merge
+/ship:ship --dry-run              # Show plan without executing
+/ship:ship --state-file PATH      # Integrate with next-task workflow
+```
+
+**12-Phase Workflow:**
+1. Pre-flight checks and platform detection
+2. Commit with AI-generated message
+3. Create PR with context
+4. Wait for CI
+5. Multi-agent review (code quality, silent failures, test coverage)
+6. Merge PR
+7. Deploy to development (if multi-branch)
+8. Validate development
+9. Deploy to production
+10. Validate production
+11. Cleanup
+12. Completion report
+
+**Platform Support:**
+- **CI:** GitHub Actions, GitLab CI, CircleCI, Jenkins, Travis CI
+- **Deployment:** Railway, Vercel, Netlify, Fly.io, Platform.sh, Render
+
+---
+
+### 🧹 `/deslop-around:deslop-around` - AI Slop Cleanup
+
+Remove debugging code, old TODOs, and AI slop from your codebase.
+
+```bash
+/deslop-around:deslop-around               # Report mode - analyze only
+/deslop-around:deslop-around apply         # Apply fixes with verification
+/deslop-around:deslop-around apply src/ 10 # Fix up to 10 issues in src/
+```
+
+**Detects:**
+- Console debugging (`console.log`, `print()`, `dbg!()`)
+- Old TODOs and commented code
+- Placeholder text, magic numbers
+- Empty catch blocks, disabled linters
+
+---
+
+### 🔍 `/project-review:project-review` - Multi-Agent Code Review
+
+Comprehensive code review with specialized agents that iterate until zero issues.
+
+```bash
+/project-review:project-review              # Full codebase review
+/project-review:project-review --recent     # Only recent changes
+/project-review:project-review --domain security
+```
+
+**8 Specialized Agents:**
+Security · Performance · Architecture · Testing · Error Handling · Code Quality · Type Safety · Documentation
+
+---
+
+### 📝 `/next-task:update-docs-around` - Documentation Sync
+
+Sync documentation with actual code state across the entire repository.
+
+```bash
+/next-task:update-docs-around               # Report mode - analyze only
+/next-task:update-docs-around --apply       # Apply safe fixes
+/next-task:update-docs-around docs/ --apply # Sync specific directory
+```
+
+**Checks:**
+- Outdated code references in documentation
+- Invalid syntax in code examples
+- Missing CHANGELOG entries
+- Version mismatches
+- Broken file/import paths
+
+---
+
+### ✅ `/next-task:delivery-approval` - Delivery Validation
+
+Validate task completion and approve for shipping (standalone or part of workflow).
+
+```bash
+/next-task:delivery-approval                # Validate current work
+/next-task:delivery-approval --task-id 142  # Validate specific task
+/next-task:delivery-approval --verbose      # Show detailed check output
+```
+
+**Validation Checks:**
+- Tests pass (npm test)
+- Build passes (npm run build)
+- Lint passes
+- Type check passes
+- Task requirements met
+
+---
+
+### 🎯 `/reality-check:scan` - Plan Drift Detection
+
+Deep repository analysis to identify where documented plans diverge from actual code reality.
+
+```bash
+/reality-check:scan           # Full reality check scan
+/reality-check:set            # Configure scan settings
+```
+
+**Multi-Agent Parallel Scan:**
+1. **Issue Scanner** - Analyzes GitHub issues, PRs, milestones
+2. **Doc Analyzer** - Examines README, PLAN.md, CLAUDE.md, docs/
+3. **Code Explorer** - Deep codebase structure and feature analysis
+4. **Plan Synthesizer** - Combines findings and creates prioritized plan
+
+**Detects:**
+- Plan stagnation (low completion rates)
+- Priority neglect (stale high-priority issues)
+- Documentation lag (features not documented)
+- Scope overcommit (documented but not implemented)
+- Missing tests, outdated docs, overdue milestones
+
+**Output:**
+- Drift analysis with severity ratings
+- Gap identification (missing tests, docs, CI)
+- Cross-reference: documented vs implemented features
+- Prioritized reconstruction plan (immediate, short-term, medium-term)
+
+**First-Run Setup:**
+Interactive checkboxes configure:
+- Data sources (GitHub, Linear, docs, code)
+- Scan depth (quick, medium, thorough)
+- Output format (file, display, both)
+
+---
+
+## Cross-Platform Integration
+
+All platforms share the same workflow tools via MCP (Model Context Protocol):
+
+| Tool | Description |
+|------|-------------|
+| `workflow_status` | Get current workflow state |
+| `workflow_start` | Start a new workflow |
+| `workflow_resume` | Resume from checkpoint |
+| `workflow_abort` | Cancel and cleanup |
+| `task_discover` | Find and prioritize tasks |
+| `review_code` | Run multi-agent review |
+
+See [docs/CROSS_PLATFORM.md](./docs/CROSS_PLATFORM.md) for details.
+
+---
+
+## Architecture
+
+### State Management
+
+Workflows persist state in `.claude/.workflow-state.json`:
+
+```json
+{
+  "workflow": { "id": "...", "status": "in_progress" },
+  "policy": { "taskSource": "gh-issues", "stoppingPoint": "merged" },
+  "task": { "id": "142", "title": "Fix auth timeout" },
+  "phases": { "current": "implementation", "history": [...] },
+  "checkpoints": { "canResume": true, "resumeFrom": "implementation" }
+}
+```
+
+### Specialist Agents (12 Total)
+
+**Core Workflow (Opus - Complex Tasks):**
+| Agent | Purpose |
+|-------|---------|
+| exploration-agent | Deep codebase analysis |
+| planning-agent | Design implementation plans |
+| implementation-agent | Execute plans with quality code |
+| review-orchestrator | Multi-agent code review with iteration |
+
+**Quality Gates (Sonnet - Side Reviewers):**
+| Agent | Purpose |
+|-------|---------|
+| deslop-work | Clean AI slop from new work (committed but unpushed) |
+| test-coverage-checker | Validate new work has test coverage |
+| delivery-validator | Autonomous delivery validation (NOT manual) |
+| docs-updater | Update docs related to changes |
+
+**Operational (Sonnet - Infrastructure):**
+| Agent | Purpose |
+|-------|---------|
+| policy-selector | Configure workflow policy |
+| task-discoverer | Find and prioritize tasks |
+| worktree-manager | Create isolated worktrees |
+| ci-monitor | Monitor CI/PR status with sleep loops |
+
+---
+
+## Repository Structure
+
+```
+awesome-slash/
+├── .claude-plugin/
+│   └── marketplace.json      # Claude Code marketplace manifest
+├── plugins/
+│   ├── next-task/           # Master workflow orchestrator
+│   │   ├── commands/        # next-task, update-docs-around, delivery-approval
+│   │   ├── agents/          # 14 specialist agents
+│   │   └── hooks/           # SubagentStop hooks for workflow automation
+│   ├── ship/                # PR workflow
+│   ├── deslop-around/       # AI slop cleanup
+│   └── project-review/      # Multi-agent review
+├── lib/
+│   ├── state/               # Workflow state management
+│   ├── platform/            # Auto-detection
+│   └── patterns/            # Code analysis patterns
+├── mcp-server/              # Cross-platform MCP server
+├── scripts/install/         # Platform installers
+└── docs/
+```
+
+---
+
+## Requirements
+
+**Required:**
+- Git
+- Node.js 18+
+- GitHub CLI (`gh`) with authentication
+
+**For Claude Code:**
+- Claude Code CLI
+
+**For OpenCode:**
+- OpenCode CLI (`opencode`)
+
+**For Codex CLI:**
+- Codex CLI (`codex`)
+
+---
+
+## Contributing
+
+Contributions welcome! See [CONTRIBUTING.md](./CONTRIBUTING.md).
+
+## License
+
+MIT © [Avi Fenesh](https://github.com/avifenesh)
+
+## Support
+
+- **Issues:** https://github.com/avifenesh/awesome-slash/issues
+- **Discussions:** https://github.com/avifenesh/awesome-slash/discussions
+
+---
+
+Made with ❤️ for the AI coding community

package/SECURITY.md

@@ -0,0 +1,101 @@
+# Security Policy
+
+## Supported Versions
+
+We release patches for security vulnerabilities. Currently supported versions:
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 1.x.x   | :white_check_mark: |
+| < 1.0   | :x:                |
+
+## Reporting a Vulnerability
+
+We take security seriously. If you discover a security vulnerability, please follow these steps:
+
+### 1. Do Not Publicly Disclose
+
+Please **do not** open a public issue. Security vulnerabilities should be reported privately.
+
+### 2. Report Via GitHub Security Advisories
+
+Use GitHub's Security Advisory feature:
+1. Go to the [Security tab](https://github.com/avifenesh/awesome-slash/security/advisories)
+2. Click "Report a vulnerability"
+3. Provide detailed information about the vulnerability
+
+### 3. Or Email Directly
+
+If you prefer, you can email security reports to:
+- **Email:** Create a private security advisory on GitHub instead (preferred method)
+
+### 4. Include in Your Report
+
+Please include:
+- Description of the vulnerability
+- Steps to reproduce
+- Potential impact
+- Suggested fix (if you have one)
+- Your contact information
+
+## What to Expect
+
+- **Acknowledgment:** Within 48 hours
+- **Initial Assessment:** Within 1 week
+- **Status Updates:** We'll keep you informed of our progress
+- **Disclosure:** We'll coordinate disclosure timing with you
+
+## Security Best Practices for Users
+
+### When Using Commands
+
+1. **Review Generated Code:** Always review code changes made by agents before committing
+2. **Check Credentials:** Never commit secrets, API keys, or credentials
+3. **Deployment Caution:** Validate deployments before shipping to production
+4. **PR Reviews:** Use `/project-review` quality gates to catch security issues
+
+### Platform Detection Scripts
+
+The platform detection scripts in `lib/` execute shell commands. They:
+- Do not execute arbitrary user input
+- Only read configuration files
+- Do not modify system files
+- Run in the project directory only
+
+### Command Safety
+
+Commands that modify your repository:
+- `/ship` - Commits, pushes code, creates and merges PRs
+- `/next-task` - Full workflow automation including code changes
+- `/deslop-around --apply` - Modifies source files
+
+Always review changes with `git status` and `git diff` before running commands that commit or push.
+
+## Scope
+
+This security policy covers:
+- Awesome Slash Commands plugin code
+- Platform detection scripts
+- Command implementations
+- Dependencies
+
+Does not cover:
+- Vulnerabilities in Claude Code itself (report to Anthropic)
+- Vulnerabilities in external tools (gh, git, npm, etc.)
+- Issues with deployment platforms (Railway, Vercel, etc.)
+
+## Dependencies
+
+We regularly update dependencies to patch security vulnerabilities. If you find a vulnerability in one of our dependencies:
+1. Check if we're using the latest version
+2. If not, please report it
+3. If we are, please report to the dependency maintainer
+
+## Recognition
+
+We appreciate security researchers who responsibly disclose vulnerabilities. With your permission, we'll acknowledge your contribution in:
+- Our CHANGELOG.md
+- The security advisory
+- This SECURITY.md file
+
+Thank you for helping keep Awesome Slash Commands secure!

package/adapters/README.md

@@ -0,0 +1,256 @@
+# Multi-Tool Adapters
+
+This directory contains adapters for using awesome-slash commands with different AI coding tools.
+
+## Supported Tools
+
+### ✅ Claude Code (Native)
+The primary target. Install via marketplace:
+```bash
+claude plugin marketplace add avifenesh/awesome-slash
+claude plugin install deslop-around@awesome-slash
+```
+
+See main [README.md](../README.md) for details.
+
+---
+
+### 🤖 Codex CLI
+OpenAI's Codex command-line interface.
+
+**Installation:**
+```bash
+git clone https://github.com/avifenesh/awesome-slash.git
+cd awesome-slash
+./adapters/codex/install.sh
+```
+
+**Usage:**
+```bash
+codex
+> /deslop-around
+> /next-task
+> /ship
+```
+
+**Documentation**: [adapters/codex/README.md](./codex/README.md)
+
+---
+
+### 🔓 OpenCode
+Open-source AI coding assistant.
+
+**Installation:**
+```bash
+git clone https://github.com/avifenesh/awesome-slash.git
+cd awesome-slash
+./adapters/opencode/install.sh
+```
+
+**Usage:**
+```bash
+opencode
+> /deslop-around
+> /next-task bug
+> /ship --strategy rebase
+```
+
+**Documentation**: [adapters/opencode/README.md](./opencode/README.md)
+
+---
+
+## Architecture
+
+All three tools use **markdown-based slash commands**, making adaptation straightforward:
+
+```
+Source: plugins/*/commands/*.md
+         ↓
+Adapters: Copy + path variable substitution
+         ↓
+Install: Tool-specific command directory
+```
+
+### Path Variable Substitution
+
+Commands reference shared libraries using path variables:
+
+**Claude Code:**
+```bash
+node ${CLAUDE_PLUGIN_ROOT}/lib/platform/detect-platform.js
+```
+
+**Codex CLI:**
+```bash
+node ~/.codex/prompts/awesome-slash/lib/platform/detect-platform.js
+```
+
+**OpenCode:**
+```bash
+node ~/.opencode/commands/awesome-slash/lib/platform/detect-platform.js
+```
+
+Installers automatically handle these substitutions.
+
+---
+
+## Feature Compatibility
+
+| Feature | Claude Code | Codex CLI | OpenCode |
+|---------|-------------|-----------|----------|
+| Platform Detection | ✅ | ✅ | ✅ |
+| Git Operations | ✅ | ✅ | ✅ |
+| CI/CD Detection | ✅ | ✅ | ✅ |
+| GitHub CLI Integration | ✅ | ✅ | ✅ |
+| Multi-agent Workflows | ✅ | ⚠️ Varies | ⚠️ Varies |
+| File Includes | ✅ | ✅ | ✅ (@filename) |
+| Bash Command Output | ✅ | ✅ | ✅ (!command) |
+
+**Legend:**
+- ✅ Full support
+- ⚠️ Partial support (may vary by tool version)
+- ❌ Not supported
+
+---
+
+## Commands Compatibility
+
+| Command | Claude Code | Codex CLI | OpenCode | Notes |
+|---------|-------------|-----------|----------|-------|
+| `/deslop-around` | ✅ Full | ✅ Full | ✅ Full | Pure bash, 100% compatible |
+| `/next-task` | ✅ Full | ✅ Full | ✅ Full | Requires `gh` CLI |
+| `/project-review` | ✅ Full | ⚠️ Partial | ⚠️ Partial | Multi-agent may differ |
+| `/ship` | ✅ Full | ⚠️ Partial | ⚠️ Partial | CI/CD works, agents may vary |
+
+---
+
+## Installation Comparison
+
+### Claude Code
+```bash
+# Via marketplace (easiest)
+claude plugin marketplace add avifenesh/awesome-slash
+claude plugin install deslop-around@awesome-slash
+```
+
+**Pros:**
+- Official marketplace
+- Automatic updates
+- Per-plugin installation
+
+**Cons:**
+- Claude-only
+
+### Codex CLI
+```bash
+# Via installer script
+./adapters/codex/install.sh
+```
+
+**Pros:**
+- One-command installation
+- All commands at once
+- Easy updates (re-run installer)
+
+**Cons:**
+- Requires git clone first
+- Manual updates
+
+### OpenCode
+```bash
+# Via installer script
+./adapters/opencode/install.sh
+```
+
+**Pros:**
+- One-command installation
+- OpenCode-specific features (@, !)
+- Easy updates (re-run installer)
+
+**Cons:**
+- Requires git clone first
+- Manual updates
+
+---
+
+## Prerequisites
+
+All tools require:
+- **Git** - Version control
+- **Node.js 18+** - For platform detection scripts
+- **GitHub CLI (`gh`)** - For PR-related commands (`/ship`)
+
+Optional (enables additional features):
+- Railway CLI, Vercel CLI, Netlify CLI - For deployment detection
+- Linear integration - For `/next-task`
+
+---
+
+## Updating Commands
+
+### Claude Code
+Automatic via marketplace updates.
+
+### Codex CLI & OpenCode
+```bash
+cd /path/to/awesome-slash
+git pull origin main
+./adapters/codex/install.sh    # Or ./adapters/opencode/install.sh
+```
+
+---
+
+## Troubleshooting
+
+### Command not found
+**Codex CLI:**
+- Check `~/.codex/prompts/awesome-slash/commands/`
+- Restart Codex CLI
+
+**OpenCode:**
+- Check `~/.opencode/commands/awesome-slash/`
+- Restart OpenCode TUI
+
+### Path errors in commands
+Re-run the installer to fix path substitutions:
+```bash
+./adapters/[tool]/install.sh
+```
+
+### Node.js errors
+Ensure Node.js 18+ is installed:
+```bash
+node --version  # Should be v18.0.0 or higher
+```
+
+### GitHub CLI errors
+Install and authenticate:
+```bash
+gh auth login
+```
+
+---
+
+## Contributing
+
+Found a bug or want to add support for another tool?
+
+1. Open an issue: https://github.com/avifenesh/awesome-slash/issues
+2. Submit a PR with:
+   - New adapter directory: `adapters/[tool-name]/`
+   - Installation script: `install.sh`
+   - Documentation: `README.md`
+   - Update this file
+
+---
+
+## Resources
+
+- [Claude Code Documentation](https://code.claude.com/docs)
+- [Codex CLI Documentation](https://developers.openai.com/codex/cli)
+- [OpenCode Documentation](https://opencode.ai/docs)
+- [awesome-slash Repository](https://github.com/avifenesh/awesome-slash)
+
+---
+
+Made with ❤️ for the AI coding tools community