claude-autopm 3.2.3 → 3.2.4

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "claude-autopm",
-  "version": "3.2.3",
+  "version": "3.2.4",
   "description": "Autonomous Project Management Framework for Claude Code - Advanced AI-powered development automation",
   "main": "bin/autopm.js",
   "workspaces": [

package/packages/plugin-core/plugin.json

@@ -168,6 +168,34 @@
       "priority": "low",
       "description": "Frontmatter stripping utility patterns",
       "tags": ["frontmatter", "utilities"]
+    },
+    {
+      "name": "agent-mandatory-optimized",
+      "file": "rules/agent-mandatory-optimized.md",
+      "priority": "critical",
+      "description": "Mandatory agent usage (optimized version)",
+      "tags": ["agents", "enforcement", "optimized"]
+    },
+    {
+      "name": "context7-enforcement-optimized",
+      "file": "rules/context7-enforcement-optimized.md",
+      "priority": "critical",
+      "description": "Context7 documentation enforcement (optimized version)",
+      "tags": ["context7", "enforcement", "optimized"]
+    },
+    {
+      "name": "github-operations",
+      "file": "rules/github-operations.md",
+      "priority": "high",
+      "description": "GitHub CLI operations and repository protection",
+      "tags": ["github", "operations", "safety"]
+    },
+    {
+      "name": "test-execution",
+      "file": "rules/test-execution.md",
+      "priority": "high",
+      "description": "Test execution patterns and standards",
+      "tags": ["testing", "execution"]
     }
   ],
   "hooks": [

package/packages/plugin-core/rules/agent-mandatory-optimized.md

@@ -0,0 +1,91 @@
+# Agent Usage - MANDATORY (Optimized)
+
+<priority>HIGHEST - ZERO TOLERANCE</priority>
+
+<core_requirement>
+YOU MUST USE SPECIALIZED AGENTS FOR ALL NON-TRIVIAL TASKS
+Do NOT perform complex tasks yourself
+Use Task tool to delegate
+</core_requirement>
+
+<when_to_use>
+<always>
+Code writing|Testing|Infrastructure|Database|Analysis|GitHub ops|Large files
+</always>
+
+<mapping>
+Python → python-backend-engineer
+React → react-frontend-engineer
+Node.js → nodejs-backend-engineer
+Tests → test-runner|frontend-testing-engineer|e2e-test-engineer
+K8s → kubernetes-orchestrator
+Docker → docker-containerization-expert
+Database → postgresql-expert|mongodb-expert|bigquery-expert
+Review → code-analyzer
+Logs → file-analyzer
+GitHub → github-operations-specialist
+Azure → azure-devops-specialist
+</mapping>
+
+<can_do_yourself>
+Simple file reads (1-2 files)|Basic bash (ls, pwd, git)|Answering questions|TodoWrite
+</can_do_yourself>
+</when_to_use>
+
+<violations>
+<wrong>
+User: "Create FastAPI endpoint"
+You: *writes code directly*
+</wrong>
+
+<correct>
+User: "Create FastAPI endpoint"
+You: "Using @python-backend-engineer"
+*Invokes Task tool*
+</correct>
+</violations>
+
+<usage_patterns>
+<single>
+Task tool:
+- subagent_type: "python-backend-engineer"
+- description: "Create user endpoint"
+- prompt: "Detailed requirements..."
+</single>
+
+<parallel>
+Launch multiple agents IN SINGLE MESSAGE:
+- python-backend-engineer (API)
+- react-frontend-engineer (UI)
+- postgresql-expert (schema)
+</parallel>
+</usage_patterns>
+
+<decision_rule>
+Before ANY complex task:
+1. Is there a specialized agent?
+2. Would agent do better?
+3. Am I trying to do what I should delegate?
+
+YES to any? → USE THE AGENT
+When in doubt? → USE THE AGENT
+</decision_rule>
+
+<common_mistakes>
+❌ Not checking Active Team Agents
+❌ Writing code for non-trivial tasks
+❌ Not using parallel agents
+❌ Wrong agent for task
+❌ Not using file-analyzer for large files
+</common_mistakes>
+
+<enforcement>
+Git hooks|Code review|Self-monitoring
+Default: YES use agent|Over-use better than under-use
+</enforcement>
+
+<ref>
+Full version: .claude/rules/agent-mandatory.md
+Quick ref: .claude/quick-ref/agent-quick-ref.md
+Registry: .claude/agents/AGENT-REGISTRY.md
+</ref>

package/packages/plugin-core/rules/context7-enforcement-optimized.md

@@ -0,0 +1,221 @@
+# Context7 Documentation Enforcement (Optimized)
+
+<priority>HIGHEST - ZERO TOLERANCE</priority>
+
+<visual_reminder>
+WHEN YOU SEE: `/pm:command` or `@agent-name`
+
+YOU MUST:
+1. 📖 ANNOUNCE: "Querying Context7..."
+2. 🔍 READ command/agent file → extract Documentation Queries
+3. 🌐 QUERY Context7 MCP for EACH listed topic
+4. 📝 SUMMARIZE key findings
+5. ✅ CONFIRM: "Context7 complete. Proceeding..."
+
+<output>
+🔒 Context7 Enforcement Active
+
+📋 Command: /pm:epic-decompose
+📚 Querying Context7...
+
+   ➜ mcp://context7/agile/epic-decomposition
+   ➜ mcp://context7/agile/task-sizing
+   ➜ mcp://context7/agile/user-stories
+
+✅ Context7 complete
+📖 Key findings: [summary]
+
+Proceeding with Context7 best practices...
+</output>
+</visual_reminder>
+
+<prime_directive>
+Query live documentation from Context7 BEFORE implementing
+No implementation without Context7 query
+No reliance on training data for technical specifics
+No shortcuts
+</prime_directive>
+
+<why_critical>
+<problems>
+Hallucinations|API changes|Best practices drift|Version conflicts
+Training data stale|Frameworks evolve|Deprecated patterns
+</problems>
+
+<benefits>
+Always current|Verified patterns|API accuracy|Breaking changes awareness
+Live documentation|Real examples|Current signatures|No guesswork
+</benefits>
+</why_critical>
+
+<context7_cycle>
+<query_phase>
+1. Read command/agent file → extract Documentation Queries
+2. Query EACH Context7 MCP link
+3. Analyze: patterns|APIs|best practices|anti-patterns
+4. Summarize findings before proceeding
+</query_phase>
+
+<implement_phase>
+Apply Context7 patterns EXACTLY as documented
+Use API signatures from Context7 (NOT training data)
+Follow architectural recommendations
+Reference Context7 in comments
+</implement_phase>
+
+<validate_phase>
+Implementation matches Context7
+No hallucinations
+Latest conventions followed
+Deprecation warnings addressed
+</validate_phase>
+</context7_cycle>
+
+<absolute_requirements>
+<commands>
+MUST read "Required Documentation Access"
+MUST query EVERY mcp:// link before execution
+MUST summarize Context7 findings
+MUST apply Context7 guidance
+</commands>
+
+<agents>
+MUST read "Documentation Queries"
+MUST query before technical decisions
+MUST verify API signatures
+MUST flag training data conflicts
+</agents>
+
+<implementations>
+NO code from training data alone
+NO assumptions without Context7
+NO "I think this works" - VERIFY
+NO skip for "small changes"
+</implementations>
+</absolute_requirements>
+
+<prohibited>
+❌ Implementing without querying
+❌ "I remember" - training data stale
+❌ Skip for "simple" tasks
+❌ Cached knowledge vs live docs
+❌ Proceed when query fails
+❌ Ignore Context7 guidance
+</prohibited>
+
+<query_quality>
+<do>
+✅ Query ALL listed links
+✅ Request specific topics
+✅ Ask for examples + patterns
+✅ Verify API signatures
+✅ Check breaking changes
+</do>
+
+<dont>
+❌ Skip assuming training data sufficient
+❌ Query only one link
+❌ Accept generic results
+❌ Ignore version mismatches
+</dont>
+
+<coverage>
+100% query rate|Complete coverage|Result validation|Stop if fails
+</coverage>
+</query_quality>
+
+<command_flow>
+User: /pm:epic-decompose feature-name
+
+BEFORE:
+1. Read .claude/commands/pm/epic-decompose.md
+2. Extract Documentation Queries
+3. Query Context7 for EACH link
+4. Summarize: "Context7 confirms INVEST criteria..."
+5. PROCEED with Context7 guidance
+
+DURING:
+Apply Context7 patterns|Reference examples|Follow best practices
+
+AFTER:
+Validate against Context7|Flag deviations
+</command_flow>
+
+<agent_flow>
+User: @aws-cloud-architect design VPC
+
+BEFORE:
+1. Read .claude/agents/cloud/aws-cloud-architect.md
+2. Extract Documentation Queries
+3. Query Context7 for EACH link
+4. Summarize: "Context7 shows VPC /16 for staging..."
+5. PROCEED with Context7 knowledge
+
+DURING:
+Current AWS API patterns|Terraform patterns|Networking best practices
+
+AFTER:
+Cross-check design|No deprecated patterns
+</agent_flow>
+
+<violations>
+<immediate>
+STOP execution|IDENTIFY unverified code|DELETE stale implementation|
+QUERY Context7|REIMPLEMENT|DOCUMENT violation
+</immediate>
+
+<severity>
+Level 1 (Minor): Partial queries → Complete + validate
+Level 2 (Moderate): No queries → Stop + query + review
+Level 3 (Critical): Contradicts Context7 → Delete + redo
+</severity>
+
+<no_exceptions>
+NO "small changes"|NO "I'm confident"|NO "Context7 slow"|NO assumptions
+</no_exceptions>
+</violations>
+
+<success_metrics>
+✅ 100% commands query Context7
+✅ 100% agents query Context7
+✅ Zero training-data-only implementations
+✅ All API signatures verified
+✅ No deprecated patterns
+✅ Findings documented
+</success_metrics>
+
+<automation>
+<hooks>
+.claude/hooks/pre-command-context7.js - Extract + query before commands
+.claude/hooks/pre-agent-context7.js - Extract + query before agents
+</hooks>
+
+<validation>
+.claude/rules/context7-enforcement.md - Highest priority rule
+Read on every session|Zero tolerance
+</validation>
+</automation>
+
+<emergency_fallback>
+If Context7 unavailable:
+1. ALERT: "⚠️ Context7 MCP unavailable"
+2. REQUEST user decision: WAIT (recommended) or PROCEED (risky)
+3. DOCUMENT: // WARNING: No Context7 verification - MCP unavailable
+4. FLAG: TODO re-verify when available
+
+DO NOT:
+❌ Silently proceed
+❌ Assume training data sufficient
+❌ Skip queries
+</emergency_fallback>
+
+<final_reminder>
+Context7 is MANDATORY for EVERY command and agent execution.
+Training data becomes stale. APIs change. Best practices evolve.
+Context7 keeps us current. Query it. Every. Single. Time.
+</final_reminder>
+
+<ref>
+Full version: .claude/rules/context7-enforcement.md
+Quick ref: .claude/quick-ref/context7-queries.md
+</ref>

package/packages/plugin-core/rules/github-operations.md

@@ -0,0 +1,92 @@
+# GitHub Operations Rule
+
+Standard patterns for GitHub CLI operations across all commands.
+
+## CRITICAL: Repository Protection
+
+**Before ANY GitHub operation that creates/modifies issues or PRs:**
+
+```bash
+# Check if remote origin is the AutoPM template repository
+remote_url=$(git remote get-url origin 2>/dev/null || echo "")
+if [[ "$remote_url" == *"rlagowski/autopm"* ]] || [[ "$remote_url" == *"rlagowski/autopm.git"* ]]; then
+  echo "❌ ERROR: You're trying to sync with the AutoPM template repository!"
+  echo ""
+  echo "This repository (rlagowski/autopm) is a template for others to use."
+  echo "You should NOT create issues or PRs here."
+  echo ""
+  echo "To fix this:"
+  echo "1. Fork this repository to your own GitHub account"
+  echo "2. Update your remote origin:"
+  echo "   git remote set-url origin https://github.com/YOUR_USERNAME/YOUR_REPO.git"
+  echo ""
+  echo "Or if this is a new project:"
+  echo "1. Create a new repository on GitHub"
+  echo "2. Update your remote origin:"
+  echo "   git remote set-url origin https://github.com/YOUR_USERNAME/YOUR_REPO.git"
+  echo ""
+  echo "Current remote: $remote_url"
+  exit 1
+fi
+```
+
+This check MUST be performed in ALL commands that:
+
+- Create issues (`gh issue create`)
+- Edit issues (`gh issue edit`)
+- Comment on issues (`gh issue comment`)
+- Create PRs (`gh pr create`)
+- Any other operation that modifies the GitHub repository
+
+## Authentication
+
+**Don't pre-check authentication.** Just run the command and handle failure:
+
+```bash
+gh {command} || echo "❌ GitHub CLI failed. Run: gh auth login"
+```
+
+## Common Operations
+
+### Get Issue Details
+
+```bash
+gh issue view {number} --json state,title,labels,body
+```
+
+### Create Issue
+
+```bash
+# ALWAYS check remote origin first!
+gh issue create --title "{title}" --body-file {file} --label "{labels}"
+```
+
+### Update Issue
+
+```bash
+# ALWAYS check remote origin first!
+gh issue edit {number} --add-label "{label}" --add-assignee @me
+```
+
+### Add Comment
+
+```bash
+# ALWAYS check remote origin first!
+gh issue comment {number} --body-file {file}
+```
+
+## Error Handling
+
+If any gh command fails:
+
+1. Show clear error: "❌ GitHub operation failed: {command}"
+2. Suggest fix: "Run: gh auth login" or check issue number
+3. Don't retry automatically
+
+## Important Notes
+
+- **ALWAYS** check remote origin before ANY write operation to GitHub
+- Trust that gh CLI is installed and authenticated
+- Use --json for structured output when parsing
+- Keep operations atomic - one gh command per action
+- Don't check rate limits preemptively

package/packages/plugin-core/rules/test-execution.md

@@ -0,0 +1,65 @@
+# Test Execution Rule
+
+Standard patterns for running tests across all testing commands.
+
+## Core Principles
+
+1. **Always use test-runner agent** from `.claude/agents/test-runner.md`
+2. **No mocking** - use real services for accurate results
+3. **Verbose output** - capture everything for debugging
+4. **Check test structure first** - before assuming code bugs
+
+## Execution Pattern
+
+```markdown
+Execute tests for: {target}
+
+Requirements:
+- Run with verbose output
+- No mock services
+- Capture full stack traces
+- Analyze test structure if failures occur
+```
+
+## Output Focus
+
+### Success
+
+Keep it simple:
+
+```
+✅ All tests passed ({count} tests in {time}s)
+```
+
+### Failure
+
+Focus on what failed:
+
+```
+❌ Test failures: {count}
+
+{test_name} - {file}:{line}
+  Error: {message}
+  Fix: {suggestion}
+```
+
+## Common Issues
+
+- Test not found → Check file path
+- Timeout → Kill process, report incomplete
+- Framework missing → Install dependencies
+
+## Cleanup
+
+Always clean up after tests:
+
+```bash
+pkill -f "jest|mocha|pytest" 2>/dev/null || true
+```
+
+## Important Notes
+
+- Don't parallelize tests (avoid conflicts)
+- Let each test complete fully
+- Report failures with actionable fixes
+- Focus output on failures, not successes