claude-code-pilot 2.0.0 → 3.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (514) hide show
  1. package/README.md +76 -97
  2. package/bin/install.js +267 -250
  3. package/manifest.json +5 -18
  4. package/package.json +5 -7
  5. package/src/agents/build-error-resolver.md +114 -0
  6. package/src/agents/ccp-advisor-researcher.md +104 -0
  7. package/src/agents/ccp-assumptions-analyzer.md +105 -0
  8. package/{gsd/agents/gsd-codebase-mapper.md → src/agents/ccp-codebase-mapper.md} +7 -7
  9. package/{gsd/agents/gsd-debugger.md → src/agents/ccp-debugger.md} +125 -8
  10. package/{gsd/agents/gsd-executor.md → src/agents/ccp-executor.md} +31 -20
  11. package/{gsd/agents/gsd-integration-checker.md → src/agents/ccp-integration-checker.md} +2 -2
  12. package/{gsd/agents/gsd-nyquist-auditor.md → src/agents/ccp-nyquist-auditor.md} +3 -3
  13. package/{gsd/agents/gsd-phase-researcher.md → src/agents/ccp-phase-researcher.md} +127 -13
  14. package/{gsd/agents/gsd-plan-checker.md → src/agents/ccp-plan-checker.md} +57 -21
  15. package/{gsd/agents/gsd-planner.md → src/agents/ccp-planner.md} +61 -23
  16. package/{gsd/agents/gsd-project-researcher.md → src/agents/ccp-project-researcher.md} +33 -6
  17. package/{gsd/agents/gsd-research-synthesizer.md → src/agents/ccp-research-synthesizer.md} +11 -11
  18. package/{gsd/agents/gsd-roadmapper.md → src/agents/ccp-roadmapper.md} +39 -10
  19. package/src/agents/ccp-ui-auditor.md +439 -0
  20. package/src/agents/ccp-ui-checker.md +300 -0
  21. package/src/agents/ccp-ui-researcher.md +357 -0
  22. package/{gsd/agents/gsd-verifier.md → src/agents/ccp-verifier.md} +81 -15
  23. package/src/agents/cpp-build-resolver.md +90 -0
  24. package/src/agents/cpp-reviewer.md +72 -0
  25. package/src/agents/database-reviewer.md +91 -0
  26. package/{ecc → src}/agents/doc-updater.md +1 -1
  27. package/src/agents/docs-lookup.md +68 -0
  28. package/src/agents/flutter-reviewer.md +243 -0
  29. package/src/agents/gan-evaluator.md +209 -0
  30. package/src/agents/gan-generator.md +131 -0
  31. package/src/agents/gan-planner.md +99 -0
  32. package/src/agents/go-build-resolver.md +94 -0
  33. package/src/agents/go-reviewer.md +76 -0
  34. package/src/agents/harness-optimizer.md +35 -0
  35. package/src/agents/java-build-resolver.md +153 -0
  36. package/src/agents/java-reviewer.md +92 -0
  37. package/src/agents/kotlin-build-resolver.md +118 -0
  38. package/src/agents/kotlin-reviewer.md +159 -0
  39. package/src/agents/loop-operator.md +36 -0
  40. package/src/agents/opensource-forker.md +198 -0
  41. package/src/agents/opensource-packager.md +249 -0
  42. package/src/agents/opensource-sanitizer.md +188 -0
  43. package/src/agents/performance-optimizer.md +446 -0
  44. package/src/agents/planner.md +212 -0
  45. package/src/agents/python-reviewer.md +98 -0
  46. package/src/agents/pytorch-build-resolver.md +120 -0
  47. package/src/agents/refactor-cleaner.md +85 -0
  48. package/src/agents/rust-build-resolver.md +148 -0
  49. package/src/agents/rust-reviewer.md +94 -0
  50. package/src/agents/typescript-reviewer.md +112 -0
  51. package/src/available-rules/README.md +80 -0
  52. package/src/available-rules/cpp/coding-style.md +44 -0
  53. package/src/available-rules/cpp/hooks.md +39 -0
  54. package/src/available-rules/cpp/patterns.md +51 -0
  55. package/src/available-rules/cpp/security.md +51 -0
  56. package/src/available-rules/cpp/testing.md +44 -0
  57. package/src/available-rules/csharp/coding-style.md +72 -0
  58. package/src/available-rules/csharp/hooks.md +25 -0
  59. package/src/available-rules/csharp/patterns.md +50 -0
  60. package/src/available-rules/csharp/security.md +58 -0
  61. package/src/available-rules/csharp/testing.md +46 -0
  62. package/src/available-rules/java/coding-style.md +114 -0
  63. package/src/available-rules/java/hooks.md +18 -0
  64. package/src/available-rules/java/patterns.md +146 -0
  65. package/src/available-rules/java/security.md +100 -0
  66. package/src/available-rules/java/testing.md +131 -0
  67. package/src/available-rules/kotlin/hooks.md +17 -0
  68. package/src/available-rules/rust/coding-style.md +151 -0
  69. package/src/available-rules/rust/hooks.md +16 -0
  70. package/src/available-rules/rust/patterns.md +168 -0
  71. package/src/available-rules/rust/security.md +141 -0
  72. package/src/available-rules/rust/testing.md +154 -0
  73. package/src/commands/ccp/add-backlog.md +76 -0
  74. package/{gsd/commands-gsd → src/commands/ccp}/add-phase.md +3 -3
  75. package/{gsd/commands-gsd → src/commands/ccp}/add-tests.md +5 -5
  76. package/{gsd/commands-gsd → src/commands/ccp}/add-todo.md +4 -4
  77. package/src/commands/ccp/aside.md +165 -0
  78. package/{gsd/commands-gsd → src/commands/ccp}/audit-milestone.md +3 -3
  79. package/src/commands/ccp/audit-uat.md +24 -0
  80. package/src/commands/ccp/autonomous.md +41 -0
  81. package/src/commands/ccp/build-fix.md +67 -0
  82. package/{gsd/commands-gsd → src/commands/ccp}/check-todos.md +3 -3
  83. package/{ecc/commands → src/commands/ccp}/checkpoint.md +12 -7
  84. package/{gsd/commands-gsd → src/commands/ccp}/cleanup.md +3 -3
  85. package/src/commands/ccp/code-review.md +45 -0
  86. package/{gsd/commands-gsd → src/commands/ccp}/complete-milestone.md +9 -9
  87. package/src/commands/ccp/context-budget.md +30 -0
  88. package/src/commands/ccp/cpp-build.md +174 -0
  89. package/src/commands/ccp/cpp-review.md +133 -0
  90. package/src/commands/ccp/cpp-test.md +252 -0
  91. package/{gsd/commands-gsd → src/commands/ccp}/debug.md +14 -9
  92. package/src/commands/ccp/discuss-phase.md +64 -0
  93. package/src/commands/ccp/do.md +30 -0
  94. package/src/commands/ccp/docs-update.md +48 -0
  95. package/src/commands/ccp/docs.md +32 -0
  96. package/src/commands/ccp/e2e.md +365 -0
  97. package/src/commands/ccp/eval.md +125 -0
  98. package/{ecc/commands → src/commands/ccp}/evolve.md +5 -5
  99. package/src/commands/ccp/execute-phase.md +59 -0
  100. package/src/commands/ccp/fast.md +30 -0
  101. package/src/commands/ccp/forensics.md +56 -0
  102. package/src/commands/ccp/go-build.md +184 -0
  103. package/src/commands/ccp/go-review.md +149 -0
  104. package/src/commands/ccp/go-test.md +269 -0
  105. package/src/commands/ccp/gradle-build.md +71 -0
  106. package/src/commands/ccp/harness-audit.md +76 -0
  107. package/{gsd/commands-gsd → src/commands/ccp}/health.md +3 -3
  108. package/{gsd/commands-gsd → src/commands/ccp}/help.md +5 -5
  109. package/{gsd/commands-gsd → src/commands/ccp}/insert-phase.md +3 -3
  110. package/src/commands/ccp/kotlin-build.md +175 -0
  111. package/src/commands/ccp/kotlin-review.md +141 -0
  112. package/src/commands/ccp/kotlin-test.md +313 -0
  113. package/{ecc/commands → src/commands/ccp}/learn.md +7 -2
  114. package/{gsd/commands-gsd → src/commands/ccp}/list-phase-assumptions.md +2 -2
  115. package/src/commands/ccp/manager.md +39 -0
  116. package/{gsd/commands-gsd → src/commands/ccp}/map-codebase.md +7 -7
  117. package/src/commands/ccp/milestone-summary.md +51 -0
  118. package/{ecc/commands → src/commands/ccp}/model-route.md +6 -1
  119. package/{gsd/commands-gsd → src/commands/ccp}/new-milestone.md +8 -8
  120. package/{gsd/commands-gsd → src/commands/ccp}/new-project.md +8 -8
  121. package/src/commands/ccp/next.md +24 -0
  122. package/src/commands/ccp/note.md +34 -0
  123. package/src/commands/ccp/orchestrate.md +232 -0
  124. package/{gsd/commands-gsd → src/commands/ccp}/pause-work.md +3 -3
  125. package/{gsd/commands-gsd → src/commands/ccp}/plan-milestone-gaps.md +5 -5
  126. package/{gsd/commands-gsd → src/commands/ccp}/plan-phase.md +9 -7
  127. package/src/commands/ccp/plan.md +115 -0
  128. package/src/commands/ccp/plant-seed.md +28 -0
  129. package/src/commands/ccp/pr-branch.md +25 -0
  130. package/src/commands/ccp/profile-user.md +46 -0
  131. package/{gsd/commands-gsd → src/commands/ccp}/progress.md +3 -3
  132. package/src/commands/ccp/prompt-optimize.md +39 -0
  133. package/src/commands/ccp/prune.md +25 -0
  134. package/src/commands/ccp/python-review.md +298 -0
  135. package/{ecc/commands → src/commands/ccp}/quality-gate.md +7 -2
  136. package/{gsd/commands-gsd → src/commands/ccp}/quick.md +10 -8
  137. package/src/commands/ccp/refactor-clean.md +85 -0
  138. package/{gsd/commands-gsd → src/commands/ccp}/remove-phase.md +3 -3
  139. package/{gsd/commands-gsd → src/commands/ccp}/research-phase.md +17 -12
  140. package/{ecc/commands → src/commands/ccp}/resume-session.md +9 -8
  141. package/{gsd/commands-gsd → src/commands/ccp}/resume-work.md +3 -3
  142. package/src/commands/ccp/review-backlog.md +61 -0
  143. package/src/commands/ccp/review.md +37 -0
  144. package/src/commands/ccp/rules-distill.md +12 -0
  145. package/src/commands/ccp/rust-build.md +188 -0
  146. package/src/commands/ccp/rust-review.md +143 -0
  147. package/src/commands/ccp/rust-test.md +309 -0
  148. package/{ecc/commands → src/commands/ccp}/save-session.md +2 -1
  149. package/src/commands/ccp/secure-phase.md +35 -0
  150. package/src/commands/ccp/session-report.md +19 -0
  151. package/{ecc/commands → src/commands/ccp}/sessions.md +39 -34
  152. package/src/commands/ccp/set-profile.md +12 -0
  153. package/{gsd/commands-gsd → src/commands/ccp}/settings.md +5 -5
  154. package/src/commands/ccp/setup-pm.md +81 -0
  155. package/{kit/commands → src/commands/ccp}/setup-refresh.md +4 -3
  156. package/{kit/commands → src/commands/ccp}/setup.md +67 -40
  157. package/src/commands/ccp/ship.md +23 -0
  158. package/src/commands/ccp/skill-create.md +172 -0
  159. package/src/commands/ccp/skill-health.md +51 -0
  160. package/src/commands/ccp/stats.md +18 -0
  161. package/src/commands/ccp/tdd.md +329 -0
  162. package/src/commands/ccp/test-coverage.md +74 -0
  163. package/src/commands/ccp/thread.md +127 -0
  164. package/{kit/commands → src/commands/ccp}/tool-guide.md +2 -1
  165. package/src/commands/ccp/ui-phase.md +34 -0
  166. package/src/commands/ccp/ui-review.md +32 -0
  167. package/src/commands/ccp/update-codemaps.md +77 -0
  168. package/src/commands/ccp/update-docs.md +89 -0
  169. package/{gsd/commands-gsd → src/commands/ccp}/update.md +5 -5
  170. package/{gsd/commands-gsd → src/commands/ccp}/validate-phase.md +3 -3
  171. package/{gsd/commands-gsd → src/commands/ccp}/verify-work.md +5 -5
  172. package/{ecc/commands → src/commands/ccp}/verify.md +5 -0
  173. package/src/commands/ccp/workstreams.md +68 -0
  174. package/{ecc → src}/examples/CLAUDE.md +4 -4
  175. package/{ecc → src}/examples/django-api-CLAUDE.md +5 -5
  176. package/{ecc → src}/examples/go-microservice-CLAUDE.md +6 -6
  177. package/{ecc → src}/examples/rust-api-CLAUDE.md +4 -4
  178. package/{ecc → src}/examples/saas-nextjs-CLAUDE.md +8 -8
  179. package/{gsd/hooks/gsd-context-monitor.js → src/hooks/ccp-context-monitor.js} +3 -3
  180. package/src/hooks/ccp-prompt-guard.js +96 -0
  181. package/{gsd/hooks/gsd-statusline.js → src/hooks/ccp-statusline.js} +7 -7
  182. package/src/hooks/ccp-workflow-guard.js +94 -0
  183. package/src/hooks/config-protection.js +141 -0
  184. package/{kit → src}/hooks/kit-check-update.js +7 -4
  185. package/src/hooks/mcp-health-check.js +620 -0
  186. package/{ecc/scripts → src}/hooks/run-with-flags-shell.sh +1 -1
  187. package/{ecc/scripts → src}/hooks/run-with-flags.js +74 -13
  188. package/src/hooks/session-end-marker.js +29 -0
  189. package/{ecc/scripts → src}/hooks/session-end.js +83 -40
  190. package/{ecc/scripts → src}/hooks/session-start.js +76 -10
  191. package/{ecc/scripts → src}/lib/hook-flags.js +8 -4
  192. package/{ecc/scripts → src}/lib/project-detect.js +2 -1
  193. package/{ecc/scripts → src}/lib/session-manager.d.ts +5 -1
  194. package/{ecc/scripts → src}/lib/session-manager.js +202 -92
  195. package/{ecc/scripts → src}/lib/utils.d.ts +23 -1
  196. package/{ecc/scripts → src}/lib/utils.js +91 -3
  197. package/{gsd/get-shit-done/bin/gsd-tools.cjs → src/pilot/bin/ccp-tools.cjs} +257 -86
  198. package/{gsd/get-shit-done → src/pilot}/bin/lib/commands.cjs +1 -1
  199. package/src/pilot/bin/lib/config.cjs +444 -0
  200. package/src/pilot/bin/lib/core.cjs +1190 -0
  201. package/src/pilot/bin/lib/init.cjs +1281 -0
  202. package/src/pilot/bin/lib/model-profiles.cjs +67 -0
  203. package/{gsd/get-shit-done → src/pilot}/bin/lib/phase.cjs +2 -2
  204. package/src/pilot/bin/lib/security.cjs +382 -0
  205. package/{gsd/get-shit-done → src/pilot}/bin/lib/state.cjs +1 -1
  206. package/src/pilot/bin/lib/uat.cjs +282 -0
  207. package/{gsd/get-shit-done → src/pilot}/bin/lib/verify.cjs +10 -10
  208. package/{gsd/get-shit-done → src/pilot}/references/continuation-format.md +16 -16
  209. package/{gsd/get-shit-done → src/pilot}/references/decimal-phase-calculation.md +5 -5
  210. package/{gsd/get-shit-done → src/pilot}/references/git-integration.md +5 -5
  211. package/{gsd/get-shit-done → src/pilot}/references/git-planning-commit.md +4 -4
  212. package/src/pilot/references/mcp-servers.json +153 -0
  213. package/{gsd/get-shit-done → src/pilot}/references/model-profile-resolution.md +2 -2
  214. package/{gsd/get-shit-done → src/pilot}/references/model-profiles.md +20 -20
  215. package/{gsd/get-shit-done → src/pilot}/references/phase-argument-parsing.md +4 -4
  216. package/{gsd/get-shit-done → src/pilot}/references/planning-config.md +15 -15
  217. package/{gsd/get-shit-done → src/pilot}/references/ui-brand.md +5 -5
  218. package/{gsd/get-shit-done → src/pilot}/references/verification-patterns.md +1 -1
  219. package/{gsd/get-shit-done → src/pilot}/templates/DEBUG.md +1 -1
  220. package/{gsd/get-shit-done → src/pilot}/templates/UAT.md +3 -3
  221. package/src/pilot/templates/UI-SPEC.md +100 -0
  222. package/{gsd/get-shit-done → src/pilot}/templates/VALIDATION.md +1 -1
  223. package/src/pilot/templates/claude-md.md +122 -0
  224. package/{gsd/get-shit-done → src/pilot}/templates/codebase/architecture.md +2 -2
  225. package/{gsd/get-shit-done → src/pilot}/templates/codebase/structure.md +13 -13
  226. package/{gsd/get-shit-done → src/pilot}/templates/context.md +4 -4
  227. package/src/pilot/templates/copilot-instructions.md +7 -0
  228. package/{gsd/get-shit-done → src/pilot}/templates/debug-subagent-prompt.md +4 -4
  229. package/src/pilot/templates/dev-preferences.md +21 -0
  230. package/{gsd/get-shit-done → src/pilot}/templates/discovery.md +2 -2
  231. package/src/pilot/templates/discussion-log.md +63 -0
  232. package/{gsd/get-shit-done → src/pilot}/templates/phase-prompt.md +12 -12
  233. package/{gsd/get-shit-done → src/pilot}/templates/planner-subagent-prompt.md +7 -7
  234. package/{gsd/get-shit-done → src/pilot}/templates/project.md +1 -1
  235. package/{gsd/get-shit-done → src/pilot}/templates/research.md +2 -2
  236. package/{gsd/get-shit-done → src/pilot}/templates/state.md +2 -2
  237. package/{gsd/get-shit-done → src/pilot}/templates/summary-complex.md +1 -1
  238. package/{gsd/get-shit-done → src/pilot}/workflows/add-phase.md +11 -11
  239. package/{gsd/get-shit-done → src/pilot}/workflows/add-tests.md +15 -15
  240. package/{gsd/get-shit-done → src/pilot}/workflows/add-todo.md +7 -7
  241. package/{gsd/get-shit-done → src/pilot}/workflows/audit-milestone.md +24 -16
  242. package/src/pilot/workflows/audit-uat.md +109 -0
  243. package/src/pilot/workflows/autonomous.md +891 -0
  244. package/{gsd/get-shit-done → src/pilot}/workflows/check-todos.md +10 -10
  245. package/{gsd/get-shit-done → src/pilot}/workflows/cleanup.md +3 -3
  246. package/{gsd/get-shit-done → src/pilot}/workflows/complete-milestone.md +19 -16
  247. package/{gsd/get-shit-done → src/pilot}/workflows/diagnose-issues.md +9 -4
  248. package/{gsd/get-shit-done → src/pilot}/workflows/discovery-phase.md +8 -8
  249. package/src/pilot/workflows/discuss-phase-assumptions.md +653 -0
  250. package/{gsd/get-shit-done → src/pilot}/workflows/discuss-phase.md +407 -49
  251. package/src/pilot/workflows/do.md +104 -0
  252. package/src/pilot/workflows/docs-update.md +1165 -0
  253. package/src/pilot/workflows/execute-phase.md +821 -0
  254. package/{gsd/get-shit-done → src/pilot}/workflows/execute-plan.md +79 -28
  255. package/src/pilot/workflows/fast.md +105 -0
  256. package/src/pilot/workflows/forensics.md +265 -0
  257. package/{gsd/get-shit-done → src/pilot}/workflows/health.md +34 -11
  258. package/src/pilot/workflows/help.md +767 -0
  259. package/{gsd/get-shit-done → src/pilot}/workflows/insert-phase.md +10 -10
  260. package/{gsd/get-shit-done → src/pilot}/workflows/list-phase-assumptions.md +4 -4
  261. package/src/pilot/workflows/manager.md +362 -0
  262. package/{gsd/get-shit-done → src/pilot}/workflows/map-codebase.md +27 -17
  263. package/src/pilot/workflows/milestone-summary.md +223 -0
  264. package/{gsd/get-shit-done → src/pilot}/workflows/new-milestone.md +135 -33
  265. package/{gsd/get-shit-done → src/pilot}/workflows/new-project.md +152 -79
  266. package/src/pilot/workflows/next.md +97 -0
  267. package/src/pilot/workflows/node-repair.md +92 -0
  268. package/src/pilot/workflows/note.md +156 -0
  269. package/src/pilot/workflows/pause-work.md +177 -0
  270. package/{gsd/get-shit-done → src/pilot}/workflows/plan-milestone-gaps.md +10 -11
  271. package/src/pilot/workflows/plan-phase.md +859 -0
  272. package/src/pilot/workflows/plant-seed.md +169 -0
  273. package/src/pilot/workflows/pr-branch.md +129 -0
  274. package/src/pilot/workflows/profile-user.md +452 -0
  275. package/{gsd/get-shit-done → src/pilot}/workflows/progress.md +95 -34
  276. package/{gsd/get-shit-done → src/pilot}/workflows/quick.md +33 -21
  277. package/{gsd/get-shit-done → src/pilot}/workflows/remove-phase.md +14 -14
  278. package/{gsd/get-shit-done → src/pilot}/workflows/research-phase.md +18 -10
  279. package/{gsd/get-shit-done → src/pilot}/workflows/resume-project.md +37 -18
  280. package/src/pilot/workflows/review.md +244 -0
  281. package/src/pilot/workflows/secure-phase.md +164 -0
  282. package/src/pilot/workflows/session-report.md +146 -0
  283. package/{gsd/get-shit-done → src/pilot}/workflows/set-profile.md +7 -7
  284. package/{gsd/get-shit-done → src/pilot}/workflows/settings.md +75 -22
  285. package/src/pilot/workflows/ship.md +228 -0
  286. package/src/pilot/workflows/stats.md +60 -0
  287. package/{gsd/get-shit-done → src/pilot}/workflows/transition.md +57 -17
  288. package/src/pilot/workflows/ui-phase.md +302 -0
  289. package/src/pilot/workflows/ui-review.md +165 -0
  290. package/{gsd/get-shit-done → src/pilot}/workflows/update.md +88 -58
  291. package/{gsd/get-shit-done → src/pilot}/workflows/validate-phase.md +24 -17
  292. package/{gsd/get-shit-done → src/pilot}/workflows/verify-phase.md +26 -15
  293. package/{gsd/get-shit-done → src/pilot}/workflows/verify-work.md +89 -37
  294. package/{ecc → src}/rules/common/agents.md +1 -0
  295. package/src/rules/common/code-review.md +124 -0
  296. package/{ecc → src}/rules/common/coding-style.md +21 -0
  297. package/src/rules/zh/README.md +108 -0
  298. package/src/rules/zh/agents.md +50 -0
  299. package/src/rules/zh/code-review.md +124 -0
  300. package/src/rules/zh/coding-style.md +48 -0
  301. package/src/rules/zh/development-workflow.md +44 -0
  302. package/src/rules/zh/git-workflow.md +24 -0
  303. package/src/rules/zh/hooks.md +30 -0
  304. package/src/rules/zh/patterns.md +31 -0
  305. package/src/rules/zh/performance.md +55 -0
  306. package/src/rules/zh/security.md +29 -0
  307. package/src/rules/zh/testing.md +29 -0
  308. package/src/skills/agentic-engineering/SKILL.md +63 -0
  309. package/src/skills/ai-first-engineering/SKILL.md +51 -0
  310. package/src/skills/ai-regression-testing/SKILL.md +385 -0
  311. package/src/skills/api-design/SKILL.md +523 -0
  312. package/src/skills/architecture-decision-records/SKILL.md +179 -0
  313. package/src/skills/autonomous-agent-harness/SKILL.md +267 -0
  314. package/src/skills/autonomous-loops/SKILL.md +610 -0
  315. package/src/skills/backend-patterns/SKILL.md +598 -0
  316. package/src/skills/benchmark/SKILL.md +87 -0
  317. package/src/skills/blueprint/SKILL.md +90 -0
  318. package/src/skills/browser-qa/SKILL.md +81 -0
  319. package/src/skills/bun-runtime/SKILL.md +84 -0
  320. package/src/skills/claude-api/SKILL.md +337 -0
  321. package/src/skills/codebase-onboarding/SKILL.md +233 -0
  322. package/src/skills/coding-standards/SKILL.md +530 -0
  323. package/src/skills/content-hash-cache-pattern/SKILL.md +161 -0
  324. package/src/skills/context-budget/SKILL.md +135 -0
  325. package/{ecc → src}/skills/continuous-learning-v2/SKILL.md +6 -6
  326. package/{ecc → src}/skills/continuous-learning-v2/agents/observer-loop.sh +1 -1
  327. package/{ecc → src}/skills/continuous-learning-v2/agents/observer.md +1 -1
  328. package/src/skills/cost-aware-llm-pipeline/SKILL.md +183 -0
  329. package/src/skills/cpp-coding-standards/SKILL.md +723 -0
  330. package/src/skills/cpp-testing/SKILL.md +324 -0
  331. package/src/skills/database-migrations/SKILL.md +429 -0
  332. package/src/skills/deep-research/SKILL.md +155 -0
  333. package/src/skills/deployment-patterns/SKILL.md +427 -0
  334. package/src/skills/design-system/SKILL.md +82 -0
  335. package/src/skills/django-patterns/SKILL.md +734 -0
  336. package/src/skills/django-security/SKILL.md +593 -0
  337. package/src/skills/django-tdd/SKILL.md +729 -0
  338. package/src/skills/django-verification/SKILL.md +469 -0
  339. package/src/skills/docker-patterns/SKILL.md +364 -0
  340. package/src/skills/documentation-lookup/SKILL.md +90 -0
  341. package/src/skills/e2e-testing/SKILL.md +326 -0
  342. package/src/skills/eval-harness/SKILL.md +270 -0
  343. package/src/skills/exa-search/SKILL.md +103 -0
  344. package/src/skills/flutter-dart-code-review/SKILL.md +435 -0
  345. package/src/skills/frontend-patterns/SKILL.md +642 -0
  346. package/src/skills/gan-style-harness/SKILL.md +278 -0
  347. package/src/skills/git-workflow/SKILL.md +715 -0
  348. package/src/skills/golang-patterns/SKILL.md +674 -0
  349. package/src/skills/golang-testing/SKILL.md +720 -0
  350. package/src/skills/hexagonal-architecture/SKILL.md +276 -0
  351. package/src/skills/iterative-retrieval/SKILL.md +211 -0
  352. package/src/skills/java-coding-standards/SKILL.md +147 -0
  353. package/src/skills/jpa-patterns/SKILL.md +151 -0
  354. package/src/skills/kotlin-coroutines-flows/SKILL.md +284 -0
  355. package/src/skills/kotlin-exposed-patterns/SKILL.md +719 -0
  356. package/src/skills/kotlin-ktor-patterns/SKILL.md +689 -0
  357. package/src/skills/kotlin-patterns/SKILL.md +711 -0
  358. package/src/skills/kotlin-testing/SKILL.md +824 -0
  359. package/src/skills/laravel-patterns/SKILL.md +415 -0
  360. package/src/skills/laravel-plugin-discovery/SKILL.md +229 -0
  361. package/src/skills/laravel-security/SKILL.md +285 -0
  362. package/src/skills/laravel-tdd/SKILL.md +283 -0
  363. package/src/skills/laravel-verification/SKILL.md +179 -0
  364. package/src/skills/mcp-server-patterns/SKILL.md +67 -0
  365. package/src/skills/nextjs-turbopack/SKILL.md +44 -0
  366. package/src/skills/nuxt4-patterns/SKILL.md +100 -0
  367. package/src/skills/opensource-pipeline/SKILL.md +255 -0
  368. package/src/skills/perl-patterns/SKILL.md +504 -0
  369. package/src/skills/perl-security/SKILL.md +503 -0
  370. package/src/skills/perl-testing/SKILL.md +475 -0
  371. package/src/skills/postgres-patterns/SKILL.md +147 -0
  372. package/src/skills/project-flow-ops/SKILL.md +111 -0
  373. package/src/skills/project-guidelines-example/SKILL.md +349 -0
  374. package/src/skills/prompt-optimizer/SKILL.md +397 -0
  375. package/src/skills/python-patterns/SKILL.md +750 -0
  376. package/src/skills/python-testing/SKILL.md +816 -0
  377. package/src/skills/pytorch-patterns/SKILL.md +396 -0
  378. package/src/skills/regex-vs-llm-structured-text/SKILL.md +220 -0
  379. package/src/skills/repo-scan/SKILL.md +78 -0
  380. package/src/skills/rules-distill/SKILL.md +264 -0
  381. package/src/skills/rules-distill/scripts/scan-rules.sh +58 -0
  382. package/src/skills/rules-distill/scripts/scan-skills.sh +129 -0
  383. package/src/skills/rust-patterns/SKILL.md +499 -0
  384. package/src/skills/rust-testing/SKILL.md +500 -0
  385. package/src/skills/safety-guard/SKILL.md +69 -0
  386. package/src/skills/search-first/SKILL.md +161 -0
  387. package/src/skills/security-review/SKILL.md +495 -0
  388. package/src/skills/security-review/cloud-infrastructure-security.md +361 -0
  389. package/src/skills/security-scan/SKILL.md +165 -0
  390. package/src/skills/springboot-patterns/SKILL.md +314 -0
  391. package/src/skills/springboot-security/SKILL.md +272 -0
  392. package/src/skills/springboot-tdd/SKILL.md +158 -0
  393. package/src/skills/springboot-verification/SKILL.md +231 -0
  394. package/src/skills/swift-concurrency-6-2/SKILL.md +216 -0
  395. package/src/skills/tdd-workflow/SKILL.md +410 -0
  396. package/src/skills/token-budget-advisor/SKILL.md +133 -0
  397. package/{ecc/skills/verification-loop-SKILL.md → src/skills/verification-loop/SKILL.md} +1 -1
  398. package/src/skills/workspace-surface-audit/SKILL.md +125 -0
  399. package/ecc/scripts/hooks/session-end-marker.js +0 -15
  400. package/gsd/LICENSE +0 -21
  401. package/gsd/commands-gsd/discuss-phase.md +0 -90
  402. package/gsd/commands-gsd/execute-phase.md +0 -41
  403. package/gsd/commands-gsd/join-discord.md +0 -18
  404. package/gsd/commands-gsd/reapply-patches.md +0 -123
  405. package/gsd/commands-gsd/set-profile.md +0 -34
  406. package/gsd/get-shit-done/bin/lib/config.cjs +0 -169
  407. package/gsd/get-shit-done/bin/lib/core.cjs +0 -492
  408. package/gsd/get-shit-done/bin/lib/init.cjs +0 -710
  409. package/gsd/get-shit-done/workflows/execute-phase.md +0 -459
  410. package/gsd/get-shit-done/workflows/help.md +0 -489
  411. package/gsd/get-shit-done/workflows/pause-work.md +0 -122
  412. package/gsd/get-shit-done/workflows/plan-phase.md +0 -560
  413. package/gsd/hooks/gsd-check-update.js +0 -81
  414. package/kit/CLAUDE.md +0 -43
  415. package/kit/commands/kit/update.md +0 -46
  416. package/kit/mcp.json +0 -10
  417. package/kit/rules/code-style.md +0 -24
  418. /package/{ecc → src}/agents/architect.md +0 -0
  419. /package/{ecc → src}/agents/code-reviewer.md +0 -0
  420. /package/{ecc → src}/agents/e2e-runner.md +0 -0
  421. /package/{ecc → src}/agents/security-reviewer.md +0 -0
  422. /package/{ecc → src}/agents/tdd-guide.md +0 -0
  423. /package/{ecc/rules → src/available-rules}/golang/coding-style.md +0 -0
  424. /package/{ecc/rules → src/available-rules}/golang/hooks.md +0 -0
  425. /package/{ecc/rules → src/available-rules}/golang/patterns.md +0 -0
  426. /package/{ecc/rules → src/available-rules}/golang/security.md +0 -0
  427. /package/{ecc/rules → src/available-rules}/golang/testing.md +0 -0
  428. /package/{ecc/rules → src/available-rules}/kotlin/coding-style.md +0 -0
  429. /package/{ecc/rules → src/available-rules}/kotlin/patterns.md +0 -0
  430. /package/{ecc/rules → src/available-rules}/kotlin/security.md +0 -0
  431. /package/{ecc/rules → src/available-rules}/kotlin/testing.md +0 -0
  432. /package/{ecc/rules → src/available-rules}/perl/coding-style.md +0 -0
  433. /package/{ecc/rules → src/available-rules}/perl/hooks.md +0 -0
  434. /package/{ecc/rules → src/available-rules}/perl/patterns.md +0 -0
  435. /package/{ecc/rules → src/available-rules}/perl/security.md +0 -0
  436. /package/{ecc/rules → src/available-rules}/perl/testing.md +0 -0
  437. /package/{ecc/rules → src/available-rules}/php/coding-style.md +0 -0
  438. /package/{ecc/rules → src/available-rules}/php/hooks.md +0 -0
  439. /package/{ecc/rules → src/available-rules}/php/patterns.md +0 -0
  440. /package/{ecc/rules → src/available-rules}/php/security.md +0 -0
  441. /package/{ecc/rules → src/available-rules}/php/testing.md +0 -0
  442. /package/{ecc/rules → src/available-rules}/python/coding-style.md +0 -0
  443. /package/{ecc/rules → src/available-rules}/python/hooks.md +0 -0
  444. /package/{ecc/rules → src/available-rules}/python/patterns.md +0 -0
  445. /package/{ecc/rules → src/available-rules}/python/security.md +0 -0
  446. /package/{ecc/rules → src/available-rules}/python/testing.md +0 -0
  447. /package/{ecc/rules → src/available-rules}/swift/coding-style.md +0 -0
  448. /package/{ecc/rules → src/available-rules}/swift/hooks.md +0 -0
  449. /package/{ecc/rules → src/available-rules}/swift/patterns.md +0 -0
  450. /package/{ecc/rules → src/available-rules}/swift/security.md +0 -0
  451. /package/{ecc/rules → src/available-rules}/swift/testing.md +0 -0
  452. /package/{ecc/rules → src/available-rules}/typescript/coding-style.md +0 -0
  453. /package/{ecc/rules → src/available-rules}/typescript/hooks.md +0 -0
  454. /package/{ecc/rules → src/available-rules}/typescript/patterns.md +0 -0
  455. /package/{ecc/rules → src/available-rules}/typescript/security.md +0 -0
  456. /package/{ecc/rules → src/available-rules}/typescript/testing.md +0 -0
  457. /package/{ecc → src}/contexts/dev.md +0 -0
  458. /package/{ecc → src}/contexts/research.md +0 -0
  459. /package/{ecc → src}/contexts/review.md +0 -0
  460. /package/{ecc → src}/examples/user-CLAUDE.md +0 -0
  461. /package/{ecc/scripts → src}/hooks/check-hook-enabled.js +0 -0
  462. /package/{ecc/scripts → src}/hooks/evaluate-session.js +0 -0
  463. /package/{ecc/scripts → src}/hooks/pre-compact.js +0 -0
  464. /package/{ecc/scripts → src}/hooks/suggest-compact.js +0 -0
  465. /package/{ecc/scripts → src}/lib/package-manager.d.ts +0 -0
  466. /package/{ecc/scripts → src}/lib/package-manager.js +0 -0
  467. /package/{ecc/scripts → src}/lib/resolve-formatter.js +0 -0
  468. /package/{ecc/scripts → src}/lib/session-aliases.d.ts +0 -0
  469. /package/{ecc/scripts → src}/lib/session-aliases.js +0 -0
  470. /package/{ecc/scripts → src}/lib/shell-split.js +0 -0
  471. /package/{gsd/get-shit-done → src/pilot}/bin/lib/frontmatter.cjs +0 -0
  472. /package/{gsd/get-shit-done → src/pilot}/bin/lib/milestone.cjs +0 -0
  473. /package/{gsd/get-shit-done → src/pilot}/bin/lib/roadmap.cjs +0 -0
  474. /package/{gsd/get-shit-done → src/pilot}/bin/lib/template.cjs +0 -0
  475. /package/{gsd/get-shit-done → src/pilot}/references/checkpoints.md +0 -0
  476. /package/{gsd/get-shit-done → src/pilot}/references/questioning.md +0 -0
  477. /package/{gsd/get-shit-done → src/pilot}/references/tdd.md +0 -0
  478. /package/{gsd/get-shit-done → src/pilot}/templates/codebase/concerns.md +0 -0
  479. /package/{gsd/get-shit-done → src/pilot}/templates/codebase/conventions.md +0 -0
  480. /package/{gsd/get-shit-done → src/pilot}/templates/codebase/integrations.md +0 -0
  481. /package/{gsd/get-shit-done → src/pilot}/templates/codebase/stack.md +0 -0
  482. /package/{gsd/get-shit-done → src/pilot}/templates/codebase/testing.md +0 -0
  483. /package/{gsd/get-shit-done → src/pilot}/templates/config.json +0 -0
  484. /package/{gsd/get-shit-done → src/pilot}/templates/continue-here.md +0 -0
  485. /package/{gsd/get-shit-done → src/pilot}/templates/milestone-archive.md +0 -0
  486. /package/{gsd/get-shit-done → src/pilot}/templates/milestone.md +0 -0
  487. /package/{gsd/get-shit-done → src/pilot}/templates/requirements.md +0 -0
  488. /package/{gsd/get-shit-done → src/pilot}/templates/research-project/ARCHITECTURE.md +0 -0
  489. /package/{gsd/get-shit-done → src/pilot}/templates/research-project/FEATURES.md +0 -0
  490. /package/{gsd/get-shit-done → src/pilot}/templates/research-project/PITFALLS.md +0 -0
  491. /package/{gsd/get-shit-done → src/pilot}/templates/research-project/STACK.md +0 -0
  492. /package/{gsd/get-shit-done → src/pilot}/templates/research-project/SUMMARY.md +0 -0
  493. /package/{gsd/get-shit-done → src/pilot}/templates/retrospective.md +0 -0
  494. /package/{gsd/get-shit-done → src/pilot}/templates/roadmap.md +0 -0
  495. /package/{gsd/get-shit-done → src/pilot}/templates/summary-minimal.md +0 -0
  496. /package/{gsd/get-shit-done → src/pilot}/templates/summary-standard.md +0 -0
  497. /package/{gsd/get-shit-done → src/pilot}/templates/summary.md +0 -0
  498. /package/{gsd/get-shit-done → src/pilot}/templates/user-setup.md +0 -0
  499. /package/{gsd/get-shit-done → src/pilot}/templates/verification-report.md +0 -0
  500. /package/{ecc → src}/rules/common/development-workflow.md +0 -0
  501. /package/{ecc → src}/rules/common/git-workflow.md +0 -0
  502. /package/{ecc → src}/rules/common/hooks.md +0 -0
  503. /package/{ecc → src}/rules/common/patterns.md +0 -0
  504. /package/{ecc → src}/rules/common/performance.md +0 -0
  505. /package/{ecc → src}/rules/common/security.md +0 -0
  506. /package/{ecc → src}/rules/common/testing.md +0 -0
  507. /package/{ecc → src}/skills/continuous-learning-v2/agents/start-observer.sh +0 -0
  508. /package/{ecc → src}/skills/continuous-learning-v2/config.json +0 -0
  509. /package/{ecc → src}/skills/continuous-learning-v2/hooks/observe.sh +0 -0
  510. /package/{ecc → src}/skills/continuous-learning-v2/scripts/detect-project.sh +0 -0
  511. /package/{ecc → src}/skills/continuous-learning-v2/scripts/instinct-cli.py +0 -0
  512. /package/{ecc → src}/skills/continuous-learning-v2/scripts/test_parse_instinct.py +0 -0
  513. /package/{ecc → src}/skills/strategic-compact/SKILL.md +0 -0
  514. /package/{ecc → src}/skills/strategic-compact/suggest-compact.sh +0 -0
@@ -0,0 +1,94 @@
1
+ ---
2
+ name: rust-reviewer
3
+ description: Expert Rust code reviewer specializing in ownership, lifetimes, error handling, unsafe usage, and idiomatic patterns. Use for all Rust code changes. MUST BE USED for Rust projects.
4
+ tools: ["Read", "Grep", "Glob", "Bash"]
5
+ model: sonnet
6
+ ---
7
+
8
+ You are a senior Rust code reviewer ensuring high standards of safety, idiomatic patterns, and performance.
9
+
10
+ When invoked:
11
+ 1. Run `cargo check`, `cargo clippy -- -D warnings`, `cargo fmt --check`, and `cargo test` — if any fail, stop and report
12
+ 2. Run `git diff HEAD~1 -- '*.rs'` (or `git diff main...HEAD -- '*.rs'` for PR review) to see recent Rust file changes
13
+ 3. Focus on modified `.rs` files
14
+ 4. If the project has CI or merge requirements, note that review assumes a green CI and resolved merge conflicts where applicable; call out if the diff suggests otherwise.
15
+ 5. Begin review
16
+
17
+ ## Review Priorities
18
+
19
+ ### CRITICAL — Safety
20
+
21
+ - **Unchecked `unwrap()`/`expect()`**: In production code paths — use `?` or handle explicitly
22
+ - **Unsafe without justification**: Missing `// SAFETY:` comment documenting invariants
23
+ - **SQL injection**: String interpolation in queries — use parameterized queries
24
+ - **Command injection**: Unvalidated input in `std::process::Command`
25
+ - **Path traversal**: User-controlled paths without canonicalization and prefix check
26
+ - **Hardcoded secrets**: API keys, passwords, tokens in source
27
+ - **Insecure deserialization**: Deserializing untrusted data without size/depth limits
28
+ - **Use-after-free via raw pointers**: Unsafe pointer manipulation without lifetime guarantees
29
+
30
+ ### CRITICAL — Error Handling
31
+
32
+ - **Silenced errors**: Using `let _ = result;` on `#[must_use]` types
33
+ - **Missing error context**: `return Err(e)` without `.context()` or `.map_err()`
34
+ - **Panic for recoverable errors**: `panic!()`, `todo!()`, `unreachable!()` in production paths
35
+ - **`Box<dyn Error>` in libraries**: Use `thiserror` for typed errors instead
36
+
37
+ ### HIGH — Ownership and Lifetimes
38
+
39
+ - **Unnecessary cloning**: `.clone()` to satisfy borrow checker without understanding the root cause
40
+ - **String instead of &str**: Taking `String` when `&str` or `impl AsRef<str>` suffices
41
+ - **Vec instead of slice**: Taking `Vec<T>` when `&[T]` suffices
42
+ - **Missing `Cow`**: Allocating when `Cow<'_, str>` would avoid it
43
+ - **Lifetime over-annotation**: Explicit lifetimes where elision rules apply
44
+
45
+ ### HIGH — Concurrency
46
+
47
+ - **Blocking in async**: `std::thread::sleep`, `std::fs` in async context — use tokio equivalents
48
+ - **Unbounded channels**: `mpsc::channel()`/`tokio::sync::mpsc::unbounded_channel()` need justification — prefer bounded channels (`tokio::sync::mpsc::channel(n)` in async, `sync_channel(n)` in sync)
49
+ - **`Mutex` poisoning ignored**: Not handling `PoisonError` from `.lock()`
50
+ - **Missing `Send`/`Sync` bounds**: Types shared across threads without proper bounds
51
+ - **Deadlock patterns**: Nested lock acquisition without consistent ordering
52
+
53
+ ### HIGH — Code Quality
54
+
55
+ - **Large functions**: Over 50 lines
56
+ - **Deep nesting**: More than 4 levels
57
+ - **Wildcard match on business enums**: `_ =>` hiding new variants
58
+ - **Non-exhaustive matching**: Catch-all where explicit handling is needed
59
+ - **Dead code**: Unused functions, imports, or variables
60
+
61
+ ### MEDIUM — Performance
62
+
63
+ - **Unnecessary allocation**: `to_string()` / `to_owned()` in hot paths
64
+ - **Repeated allocation in loops**: String or Vec creation inside loops
65
+ - **Missing `with_capacity`**: `Vec::new()` when size is known — use `Vec::with_capacity(n)`
66
+ - **Excessive cloning in iterators**: `.cloned()` / `.clone()` when borrowing suffices
67
+ - **N+1 queries**: Database queries in loops
68
+
69
+ ### MEDIUM — Best Practices
70
+
71
+ - **Clippy warnings unaddressed**: Suppressed with `#[allow]` without justification
72
+ - **Missing `#[must_use]`**: On non-`must_use` return types where ignoring values is likely a bug
73
+ - **Derive order**: Should follow `Debug, Clone, PartialEq, Eq, Hash, Serialize, Deserialize`
74
+ - **Public API without docs**: `pub` items missing `///` documentation
75
+ - **`format!` for simple concatenation**: Use `push_str`, `concat!`, or `+` for simple cases
76
+
77
+ ## Diagnostic Commands
78
+
79
+ ```bash
80
+ cargo clippy -- -D warnings
81
+ cargo fmt --check
82
+ cargo test
83
+ if command -v cargo-audit >/dev/null; then cargo audit; else echo "cargo-audit not installed"; fi
84
+ if command -v cargo-deny >/dev/null; then cargo deny check; else echo "cargo-deny not installed"; fi
85
+ cargo build --release 2>&1 | head -50
86
+ ```
87
+
88
+ ## Approval Criteria
89
+
90
+ - **Approve**: No CRITICAL or HIGH issues
91
+ - **Warning**: MEDIUM issues only
92
+ - **Block**: CRITICAL or HIGH issues found
93
+
94
+ For detailed Rust code examples and anti-patterns, see `skill: rust-patterns`.
@@ -0,0 +1,112 @@
1
+ ---
2
+ name: typescript-reviewer
3
+ description: Expert TypeScript/JavaScript code reviewer specializing in type safety, async correctness, Node/web security, and idiomatic patterns. Use for all TypeScript and JavaScript code changes. MUST BE USED for TypeScript/JavaScript projects.
4
+ tools: ["Read", "Grep", "Glob", "Bash"]
5
+ model: sonnet
6
+ ---
7
+
8
+ You are a senior TypeScript engineer ensuring high standards of type-safe, idiomatic TypeScript and JavaScript.
9
+
10
+ When invoked:
11
+ 1. Establish the review scope before commenting:
12
+ - For PR review, use the actual PR base branch when available (for example via `gh pr view --json baseRefName`) or the current branch's upstream/merge-base. Do not hard-code `main`.
13
+ - For local review, prefer `git diff --staged` and `git diff` first.
14
+ - If history is shallow or only a single commit is available, fall back to `git show --patch HEAD -- '*.ts' '*.tsx' '*.js' '*.jsx'` so you still inspect code-level changes.
15
+ 2. Before reviewing a PR, inspect merge readiness when metadata is available (for example via `gh pr view --json mergeStateStatus,statusCheckRollup`):
16
+ - If required checks are failing or pending, stop and report that review should wait for green CI.
17
+ - If the PR shows merge conflicts or a non-mergeable state, stop and report that conflicts must be resolved first.
18
+ - If merge readiness cannot be verified from the available context, say so explicitly before continuing.
19
+ 3. Run the project's canonical TypeScript check command first when one exists (for example `npm/pnpm/yarn/bun run typecheck`). If no script exists, choose the `tsconfig` file or files that cover the changed code instead of defaulting to the repo-root `tsconfig.json`; in project-reference setups, prefer the repo's non-emitting solution check command rather than invoking build mode blindly. Otherwise use `tsc --noEmit -p <relevant-config>`. Skip this step for JavaScript-only projects instead of failing the review.
20
+ 4. Run `eslint . --ext .ts,.tsx,.js,.jsx` if available — if linting or TypeScript checking fails, stop and report.
21
+ 5. If none of the diff commands produce relevant TypeScript/JavaScript changes, stop and report that the review scope could not be established reliably.
22
+ 6. Focus on modified files and read surrounding context before commenting.
23
+ 7. Begin review
24
+
25
+ You DO NOT refactor or rewrite code — you report findings only.
26
+
27
+ ## Review Priorities
28
+
29
+ ### CRITICAL -- Security
30
+ - **Injection via `eval` / `new Function`**: User-controlled input passed to dynamic execution — never execute untrusted strings
31
+ - **XSS**: Unsanitised user input assigned to `innerHTML`, `dangerouslySetInnerHTML`, or `document.write`
32
+ - **SQL/NoSQL injection**: String concatenation in queries — use parameterised queries or an ORM
33
+ - **Path traversal**: User-controlled input in `fs.readFile`, `path.join` without `path.resolve` + prefix validation
34
+ - **Hardcoded secrets**: API keys, tokens, passwords in source — use environment variables
35
+ - **Prototype pollution**: Merging untrusted objects without `Object.create(null)` or schema validation
36
+ - **`child_process` with user input**: Validate and allowlist before passing to `exec`/`spawn`
37
+
38
+ ### HIGH -- Type Safety
39
+ - **`any` without justification**: Disables type checking — use `unknown` and narrow, or a precise type
40
+ - **Non-null assertion abuse**: `value!` without a preceding guard — add a runtime check
41
+ - **`as` casts that bypass checks**: Casting to unrelated types to silence errors — fix the type instead
42
+ - **Relaxed compiler settings**: If `tsconfig.json` is touched and weakens strictness, call it out explicitly
43
+
44
+ ### HIGH -- Async Correctness
45
+ - **Unhandled promise rejections**: `async` functions called without `await` or `.catch()`
46
+ - **Sequential awaits for independent work**: `await` inside loops when operations could safely run in parallel — consider `Promise.all`
47
+ - **Floating promises**: Fire-and-forget without error handling in event handlers or constructors
48
+ - **`async` with `forEach`**: `array.forEach(async fn)` does not await — use `for...of` or `Promise.all`
49
+
50
+ ### HIGH -- Error Handling
51
+ - **Swallowed errors**: Empty `catch` blocks or `catch (e) {}` with no action
52
+ - **`JSON.parse` without try/catch**: Throws on invalid input — always wrap
53
+ - **Throwing non-Error objects**: `throw "message"` — always `throw new Error("message")`
54
+ - **Missing error boundaries**: React trees without `<ErrorBoundary>` around async/data-fetching subtrees
55
+
56
+ ### HIGH -- Idiomatic Patterns
57
+ - **Mutable shared state**: Module-level mutable variables — prefer immutable data and pure functions
58
+ - **`var` usage**: Use `const` by default, `let` when reassignment is needed
59
+ - **Implicit `any` from missing return types**: Public functions should have explicit return types
60
+ - **Callback-style async**: Mixing callbacks with `async/await` — standardise on promises
61
+ - **`==` instead of `===`**: Use strict equality throughout
62
+
63
+ ### HIGH -- Node.js Specifics
64
+ - **Synchronous fs in request handlers**: `fs.readFileSync` blocks the event loop — use async variants
65
+ - **Missing input validation at boundaries**: No schema validation (zod, joi, yup) on external data
66
+ - **Unvalidated `process.env` access**: Access without fallback or startup validation
67
+ - **`require()` in ESM context**: Mixing module systems without clear intent
68
+
69
+ ### MEDIUM -- React / Next.js (when applicable)
70
+ - **Missing dependency arrays**: `useEffect`/`useCallback`/`useMemo` with incomplete deps — use exhaustive-deps lint rule
71
+ - **State mutation**: Mutating state directly instead of returning new objects
72
+ - **Key prop using index**: `key={index}` in dynamic lists — use stable unique IDs
73
+ - **`useEffect` for derived state**: Compute derived values during render, not in effects
74
+ - **Server/client boundary leaks**: Importing server-only modules into client components in Next.js
75
+
76
+ ### MEDIUM -- Performance
77
+ - **Object/array creation in render**: Inline objects as props cause unnecessary re-renders — hoist or memoize
78
+ - **N+1 queries**: Database or API calls inside loops — batch or use `Promise.all`
79
+ - **Missing `React.memo` / `useMemo`**: Expensive computations or components re-running on every render
80
+ - **Large bundle imports**: `import _ from 'lodash'` — use named imports or tree-shakeable alternatives
81
+
82
+ ### MEDIUM -- Best Practices
83
+ - **`console.log` left in production code**: Use a structured logger
84
+ - **Magic numbers/strings**: Use named constants or enums
85
+ - **Deep optional chaining without fallback**: `a?.b?.c?.d` with no default — add `?? fallback`
86
+ - **Inconsistent naming**: camelCase for variables/functions, PascalCase for types/classes/components
87
+
88
+ ## Diagnostic Commands
89
+
90
+ ```bash
91
+ npm run typecheck --if-present # Canonical TypeScript check when the project defines one
92
+ tsc --noEmit -p <relevant-config> # Fallback type check for the tsconfig that owns the changed files
93
+ eslint . --ext .ts,.tsx,.js,.jsx # Linting
94
+ prettier --check . # Format check
95
+ npm audit # Dependency vulnerabilities (or the equivalent yarn/pnpm/bun audit command)
96
+ vitest run # Tests (Vitest)
97
+ jest --ci # Tests (Jest)
98
+ ```
99
+
100
+ ## Approval Criteria
101
+
102
+ - **Approve**: No CRITICAL or HIGH issues
103
+ - **Warning**: MEDIUM issues only (can merge with caution)
104
+ - **Block**: CRITICAL or HIGH issues found
105
+
106
+ ## Reference
107
+
108
+ This repo does not yet ship a dedicated `typescript-patterns` skill. For detailed TypeScript and JavaScript patterns, use `coding-standards` plus `frontend-patterns` or `backend-patterns` based on the code being reviewed.
109
+
110
+ ---
111
+
112
+ Review with the mindset: "Would this code pass review at a top TypeScript shop or well-maintained open-source project?"
@@ -0,0 +1,80 @@
1
+ # Rules
2
+ ## Structure
3
+
4
+ Rules are organized into a **common** layer plus **language-specific** directories:
5
+
6
+ ```
7
+ available-rules/
8
+ ├── common/ # Language-agnostic principles (always installed)
9
+ │ ├── coding-style.md
10
+ │ ├── git-workflow.md
11
+ │ ├── testing.md
12
+ │ ├── performance.md
13
+ │ ├── patterns.md
14
+ │ ├── hooks.md
15
+ │ ├── agents.md
16
+ │ └── security.md
17
+ ├── cpp/ # C/C++ specific
18
+ ├── csharp/ # C# specific
19
+ ├── golang/ # Go specific
20
+ ├── java/ # Java specific
21
+ ├── kotlin/ # Kotlin specific
22
+ ├── perl/ # Perl specific
23
+ ├── php/ # PHP specific
24
+ ├── python/ # Python specific
25
+ ├── rust/ # Rust specific
26
+ ├── swift/ # Swift specific
27
+ └── typescript/ # TypeScript/JavaScript specific
28
+ ```
29
+
30
+ - **common/** contains universal principles — no language-specific code examples.
31
+ - **Language directories** extend the common rules with framework-specific patterns, tools, and code examples. Each file references its common counterpart.
32
+
33
+ ## Installation
34
+
35
+ Rules are installed automatically by Claude Code Pilot. The `/ccp:setup` wizard detects your project's tech stack and copies the appropriate common + language-specific rule directories into `.claude/rules/`.
36
+
37
+ > **Important:** Rules directories must maintain their structure (common/ and language-specific/ as separate directories). Do NOT flatten them -- common and language-specific directories contain files with the same names. Flattening causes language-specific files to overwrite common rules, and breaks the relative `../common/` references.
38
+
39
+ ## Rules vs Skills
40
+
41
+ - **Rules** define standards, conventions, and checklists that apply broadly (e.g., "80% test coverage", "no hardcoded secrets").
42
+ - **Skills** (`skills/` directory) provide deep, actionable reference material for specific tasks (e.g., `python-patterns`, `golang-testing`).
43
+
44
+ Language-specific rule files reference relevant skills where appropriate. Rules tell you *what* to do; skills tell you *how* to do it.
45
+
46
+ ## Adding a New Language
47
+
48
+ To add support for a new language (e.g., `elixir/`):
49
+
50
+ 1. Create an `available-rules/elixir/` directory
51
+ 2. Add files that extend the common rules:
52
+ - `coding-style.md` — formatting tools, idioms, error handling patterns
53
+ - `testing.md` — test framework, coverage tools, test organization
54
+ - `patterns.md` — language-specific design patterns
55
+ - `hooks.md` — PostToolUse hooks for formatters, linters, type checkers
56
+ - `security.md` — secret management, security scanning tools
57
+ 3. Each file should start with:
58
+ ```
59
+ > This file extends [common/xxx.md](../common/xxx.md) with <Language> specific content.
60
+ ```
61
+ 4. Reference existing skills if available, or create new ones under `skills/`.
62
+
63
+ ## Rule Priority
64
+
65
+ When language-specific rules and common rules conflict, **language-specific rules take precedence** (specific overrides general). This follows the standard layered configuration pattern (similar to CSS specificity or `.gitignore` precedence).
66
+
67
+ - `common/` defines universal defaults applicable to all projects.
68
+ - Language directories (`golang/`, `python/`, `rust/`, `typescript/`, etc.) override those defaults where language idioms differ.
69
+
70
+ ### Example
71
+
72
+ `common/coding-style.md` recommends immutability as a default principle. A language-specific `golang/coding-style.md` can override this:
73
+
74
+ > Idiomatic Go uses pointer receivers for struct mutation — see [common/coding-style.md](../common/coding-style.md) for the general principle, but Go-idiomatic mutation is preferred here.
75
+
76
+ ### Common rules with override notes
77
+
78
+ Rules in `common/` that may be overridden by language-specific files are marked with:
79
+
80
+ > **Language note**: This rule may be overridden by language-specific rules for languages where this pattern is not idiomatic.
@@ -0,0 +1,44 @@
1
+ ---
2
+ paths:
3
+ - "**/*.cpp"
4
+ - "**/*.hpp"
5
+ - "**/*.cc"
6
+ - "**/*.hh"
7
+ - "**/*.cxx"
8
+ - "**/*.h"
9
+ - "**/CMakeLists.txt"
10
+ ---
11
+ # C++ Coding Style
12
+
13
+ > This file extends [common/coding-style.md](../common/coding-style.md) with C++ specific content.
14
+
15
+ ## Modern C++ (C++17/20/23)
16
+
17
+ - Prefer **modern C++ features** over C-style constructs
18
+ - Use `auto` when the type is obvious from context
19
+ - Use `constexpr` for compile-time constants
20
+ - Use structured bindings: `auto [key, value] = map_entry;`
21
+
22
+ ## Resource Management
23
+
24
+ - **RAII everywhere** — no manual `new`/`delete`
25
+ - Use `std::unique_ptr` for exclusive ownership
26
+ - Use `std::shared_ptr` only when shared ownership is truly needed
27
+ - Use `std::make_unique` / `std::make_shared` over raw `new`
28
+
29
+ ## Naming Conventions
30
+
31
+ - Types/Classes: `PascalCase`
32
+ - Functions/Methods: `snake_case` or `camelCase` (follow project convention)
33
+ - Constants: `kPascalCase` or `UPPER_SNAKE_CASE`
34
+ - Namespaces: `lowercase`
35
+ - Member variables: `snake_case_` (trailing underscore) or `m_` prefix
36
+
37
+ ## Formatting
38
+
39
+ - Use **clang-format** — no style debates
40
+ - Run `clang-format -i <file>` before committing
41
+
42
+ ## Reference
43
+
44
+ See skill: `cpp-coding-standards` for comprehensive C++ coding standards and guidelines.
@@ -0,0 +1,39 @@
1
+ ---
2
+ paths:
3
+ - "**/*.cpp"
4
+ - "**/*.hpp"
5
+ - "**/*.cc"
6
+ - "**/*.hh"
7
+ - "**/*.cxx"
8
+ - "**/*.h"
9
+ - "**/CMakeLists.txt"
10
+ ---
11
+ # C++ Hooks
12
+
13
+ > This file extends [common/hooks.md](../common/hooks.md) with C++ specific content.
14
+
15
+ ## Build Hooks
16
+
17
+ Run these checks before committing C++ changes:
18
+
19
+ ```bash
20
+ # Format check
21
+ clang-format --dry-run --Werror src/*.cpp src/*.hpp
22
+
23
+ # Static analysis
24
+ clang-tidy src/*.cpp -- -std=c++17
25
+
26
+ # Build
27
+ cmake --build build
28
+
29
+ # Tests
30
+ ctest --test-dir build --output-on-failure
31
+ ```
32
+
33
+ ## Recommended CI Pipeline
34
+
35
+ 1. **clang-format** — formatting check
36
+ 2. **clang-tidy** — static analysis
37
+ 3. **cppcheck** — additional analysis
38
+ 4. **cmake build** — compilation
39
+ 5. **ctest** — test execution with sanitizers
@@ -0,0 +1,51 @@
1
+ ---
2
+ paths:
3
+ - "**/*.cpp"
4
+ - "**/*.hpp"
5
+ - "**/*.cc"
6
+ - "**/*.hh"
7
+ - "**/*.cxx"
8
+ - "**/*.h"
9
+ - "**/CMakeLists.txt"
10
+ ---
11
+ # C++ Patterns
12
+
13
+ > This file extends [common/patterns.md](../common/patterns.md) with C++ specific content.
14
+
15
+ ## RAII (Resource Acquisition Is Initialization)
16
+
17
+ Tie resource lifetime to object lifetime:
18
+
19
+ ```cpp
20
+ class FileHandle {
21
+ public:
22
+ explicit FileHandle(const std::string& path) : file_(std::fopen(path.c_str(), "r")) {}
23
+ ~FileHandle() { if (file_) std::fclose(file_); }
24
+ FileHandle(const FileHandle&) = delete;
25
+ FileHandle& operator=(const FileHandle&) = delete;
26
+ private:
27
+ std::FILE* file_;
28
+ };
29
+ ```
30
+
31
+ ## Rule of Five/Zero
32
+
33
+ - **Rule of Zero**: Prefer classes that need no custom destructor, copy/move constructors, or assignments
34
+ - **Rule of Five**: If you define any of destructor/copy-ctor/copy-assign/move-ctor/move-assign, define all five
35
+
36
+ ## Value Semantics
37
+
38
+ - Pass small/trivial types by value
39
+ - Pass large types by `const&`
40
+ - Return by value (rely on RVO/NRVO)
41
+ - Use move semantics for sink parameters
42
+
43
+ ## Error Handling
44
+
45
+ - Use exceptions for exceptional conditions
46
+ - Use `std::optional` for values that may not exist
47
+ - Use `std::expected` (C++23) or result types for expected failures
48
+
49
+ ## Reference
50
+
51
+ See skill: `cpp-coding-standards` for comprehensive C++ patterns and anti-patterns.
@@ -0,0 +1,51 @@
1
+ ---
2
+ paths:
3
+ - "**/*.cpp"
4
+ - "**/*.hpp"
5
+ - "**/*.cc"
6
+ - "**/*.hh"
7
+ - "**/*.cxx"
8
+ - "**/*.h"
9
+ - "**/CMakeLists.txt"
10
+ ---
11
+ # C++ Security
12
+
13
+ > This file extends [common/security.md](../common/security.md) with C++ specific content.
14
+
15
+ ## Memory Safety
16
+
17
+ - Never use raw `new`/`delete` — use smart pointers
18
+ - Never use C-style arrays — use `std::array` or `std::vector`
19
+ - Never use `malloc`/`free` — use C++ allocation
20
+ - Avoid `reinterpret_cast` unless absolutely necessary
21
+
22
+ ## Buffer Overflows
23
+
24
+ - Use `std::string` over `char*`
25
+ - Use `.at()` for bounds-checked access when safety matters
26
+ - Never use `strcpy`, `strcat`, `sprintf` — use `std::string` or `fmt::format`
27
+
28
+ ## Undefined Behavior
29
+
30
+ - Always initialize variables
31
+ - Avoid signed integer overflow
32
+ - Never dereference null or dangling pointers
33
+ - Use sanitizers in CI:
34
+ ```bash
35
+ cmake -DCMAKE_CXX_FLAGS="-fsanitize=address,undefined" ..
36
+ ```
37
+
38
+ ## Static Analysis
39
+
40
+ - Use **clang-tidy** for automated checks:
41
+ ```bash
42
+ clang-tidy --checks='*' src/*.cpp
43
+ ```
44
+ - Use **cppcheck** for additional analysis:
45
+ ```bash
46
+ cppcheck --enable=all src/
47
+ ```
48
+
49
+ ## Reference
50
+
51
+ See skill: `cpp-coding-standards` for detailed security guidelines.
@@ -0,0 +1,44 @@
1
+ ---
2
+ paths:
3
+ - "**/*.cpp"
4
+ - "**/*.hpp"
5
+ - "**/*.cc"
6
+ - "**/*.hh"
7
+ - "**/*.cxx"
8
+ - "**/*.h"
9
+ - "**/CMakeLists.txt"
10
+ ---
11
+ # C++ Testing
12
+
13
+ > This file extends [common/testing.md](../common/testing.md) with C++ specific content.
14
+
15
+ ## Framework
16
+
17
+ Use **GoogleTest** (gtest/gmock) with **CMake/CTest**.
18
+
19
+ ## Running Tests
20
+
21
+ ```bash
22
+ cmake --build build && ctest --test-dir build --output-on-failure
23
+ ```
24
+
25
+ ## Coverage
26
+
27
+ ```bash
28
+ cmake -DCMAKE_CXX_FLAGS="--coverage" -DCMAKE_EXE_LINKER_FLAGS="--coverage" ..
29
+ cmake --build .
30
+ ctest --output-on-failure
31
+ lcov --capture --directory . --output-file coverage.info
32
+ ```
33
+
34
+ ## Sanitizers
35
+
36
+ Always run tests with sanitizers in CI:
37
+
38
+ ```bash
39
+ cmake -DCMAKE_CXX_FLAGS="-fsanitize=address,undefined" ..
40
+ ```
41
+
42
+ ## Reference
43
+
44
+ See skill: `cpp-testing` for detailed C++ testing patterns, TDD workflow, and GoogleTest/GMock usage.
@@ -0,0 +1,72 @@
1
+ ---
2
+ paths:
3
+ - "**/*.cs"
4
+ - "**/*.csx"
5
+ ---
6
+ # C# Coding Style
7
+
8
+ > This file extends [common/coding-style.md](../common/coding-style.md) with C#-specific content.
9
+
10
+ ## Standards
11
+
12
+ - Follow current .NET conventions and enable nullable reference types
13
+ - Prefer explicit access modifiers on public and internal APIs
14
+ - Keep files aligned with the primary type they define
15
+
16
+ ## Types and Models
17
+
18
+ - Prefer `record` or `record struct` for immutable value-like models
19
+ - Use `class` for entities or types with identity and lifecycle
20
+ - Use `interface` for service boundaries and abstractions
21
+ - Avoid `dynamic` in application code; prefer generics or explicit models
22
+
23
+ ```csharp
24
+ public sealed record UserDto(Guid Id, string Email);
25
+
26
+ public interface IUserRepository
27
+ {
28
+ Task<UserDto?> FindByIdAsync(Guid id, CancellationToken cancellationToken);
29
+ }
30
+ ```
31
+
32
+ ## Immutability
33
+
34
+ - Prefer `init` setters, constructor parameters, and immutable collections for shared state
35
+ - Do not mutate input models in-place when producing updated state
36
+
37
+ ```csharp
38
+ public sealed record UserProfile(string Name, string Email);
39
+
40
+ public static UserProfile Rename(UserProfile profile, string name) =>
41
+ profile with { Name = name };
42
+ ```
43
+
44
+ ## Async and Error Handling
45
+
46
+ - Prefer `async`/`await` over blocking calls like `.Result` or `.Wait()`
47
+ - Pass `CancellationToken` through public async APIs
48
+ - Throw specific exceptions and log with structured properties
49
+
50
+ ```csharp
51
+ public async Task<Order> LoadOrderAsync(
52
+ Guid orderId,
53
+ CancellationToken cancellationToken)
54
+ {
55
+ try
56
+ {
57
+ return await repository.FindAsync(orderId, cancellationToken)
58
+ ?? throw new InvalidOperationException($"Order {orderId} was not found.");
59
+ }
60
+ catch (Exception ex)
61
+ {
62
+ logger.LogError(ex, "Failed to load order {OrderId}", orderId);
63
+ throw;
64
+ }
65
+ }
66
+ ```
67
+
68
+ ## Formatting
69
+
70
+ - Use `dotnet format` for formatting and analyzer fixes
71
+ - Keep `using` directives organized and remove unused imports
72
+ - Prefer expression-bodied members only when they stay readable
@@ -0,0 +1,25 @@
1
+ ---
2
+ paths:
3
+ - "**/*.cs"
4
+ - "**/*.csx"
5
+ - "**/*.csproj"
6
+ - "**/*.sln"
7
+ - "**/Directory.Build.props"
8
+ - "**/Directory.Build.targets"
9
+ ---
10
+ # C# Hooks
11
+
12
+ > This file extends [common/hooks.md](../common/hooks.md) with C#-specific content.
13
+
14
+ ## PostToolUse Hooks
15
+
16
+ Configure in `~/.claude/settings.json`:
17
+
18
+ - **dotnet format**: Auto-format edited C# files and apply analyzer fixes
19
+ - **dotnet build**: Verify the solution or project still compiles after edits
20
+ - **dotnet test --no-build**: Re-run the nearest relevant test project after behavior changes
21
+
22
+ ## Stop Hooks
23
+
24
+ - Run a final `dotnet build` before ending a session with broad C# changes
25
+ - Warn on modified `appsettings*.json` files so secrets do not get committed
@@ -0,0 +1,50 @@
1
+ ---
2
+ paths:
3
+ - "**/*.cs"
4
+ - "**/*.csx"
5
+ ---
6
+ # C# Patterns
7
+
8
+ > This file extends [common/patterns.md](../common/patterns.md) with C#-specific content.
9
+
10
+ ## API Response Pattern
11
+
12
+ ```csharp
13
+ public sealed record ApiResponse<T>(
14
+ bool Success,
15
+ T? Data = default,
16
+ string? Error = null,
17
+ object? Meta = null);
18
+ ```
19
+
20
+ ## Repository Pattern
21
+
22
+ ```csharp
23
+ public interface IRepository<T>
24
+ {
25
+ Task<IReadOnlyList<T>> FindAllAsync(CancellationToken cancellationToken);
26
+ Task<T?> FindByIdAsync(Guid id, CancellationToken cancellationToken);
27
+ Task<T> CreateAsync(T entity, CancellationToken cancellationToken);
28
+ Task<T> UpdateAsync(T entity, CancellationToken cancellationToken);
29
+ Task DeleteAsync(Guid id, CancellationToken cancellationToken);
30
+ }
31
+ ```
32
+
33
+ ## Options Pattern
34
+
35
+ Use strongly typed options for config instead of reading raw strings throughout the codebase.
36
+
37
+ ```csharp
38
+ public sealed class PaymentsOptions
39
+ {
40
+ public const string SectionName = "Payments";
41
+ public required string BaseUrl { get; init; }
42
+ public required string ApiKeySecretName { get; init; }
43
+ }
44
+ ```
45
+
46
+ ## Dependency Injection
47
+
48
+ - Depend on interfaces at service boundaries
49
+ - Keep constructors focused; if a service needs too many dependencies, split responsibilities
50
+ - Register lifetimes intentionally: singleton for stateless/shared services, scoped for request data, transient for lightweight pure workers