claude-code-pilot 3.0.0 → 3.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +76 -97
- package/bin/install.js +14 -14
- package/manifest.json +1 -1
- package/package.json +17 -5
- package/src/agents/doc-updater.md +1 -1
- package/src/agents/gan-evaluator.md +209 -0
- package/src/agents/gan-generator.md +131 -0
- package/src/agents/gan-planner.md +99 -0
- package/src/agents/harness-optimizer.md +35 -0
- package/src/agents/loop-operator.md +36 -0
- package/src/agents/opensource-forker.md +198 -0
- package/src/agents/opensource-packager.md +249 -0
- package/src/agents/opensource-sanitizer.md +188 -0
- package/src/agents/performance-optimizer.md +446 -0
- package/src/available-rules/README.md +1 -1
- package/src/commands/{aside.md → ccp/aside.md} +14 -13
- package/src/commands/{build-fix.md → ccp/build-fix.md} +5 -0
- package/src/commands/{checkpoint.md → ccp/checkpoint.md} +12 -7
- package/src/commands/{code-review.md → ccp/code-review.md} +5 -0
- package/src/commands/{context-budget.md → ccp/context-budget.md} +2 -1
- package/src/commands/{cpp-build.md → ccp/cpp-build.md} +6 -5
- package/src/commands/{cpp-review.md → ccp/cpp-review.md} +7 -6
- package/src/commands/{cpp-test.md → ccp/cpp-test.md} +6 -5
- package/src/commands/ccp/docs-update.md +48 -0
- package/src/commands/{docs.md → ccp/docs.md} +4 -3
- package/src/commands/{e2e.md → ccp/e2e.md} +7 -6
- package/src/commands/{eval.md → ccp/eval.md} +10 -5
- package/src/commands/{evolve.md → ccp/evolve.md} +3 -3
- package/src/commands/{go-build.md → ccp/go-build.md} +6 -5
- package/src/commands/{go-review.md → ccp/go-review.md} +7 -6
- package/src/commands/{go-test.md → ccp/go-test.md} +6 -5
- package/src/commands/{gradle-build.md → ccp/gradle-build.md} +1 -0
- package/src/commands/{harness-audit.md → ccp/harness-audit.md} +6 -1
- package/src/commands/{kotlin-build.md → ccp/kotlin-build.md} +6 -5
- package/src/commands/{kotlin-review.md → ccp/kotlin-review.md} +7 -6
- package/src/commands/{kotlin-test.md → ccp/kotlin-test.md} +6 -5
- package/src/commands/{learn.md → ccp/learn.md} +7 -2
- package/src/commands/{model-route.md → ccp/model-route.md} +6 -1
- package/src/commands/{orchestrate.md → ccp/orchestrate.md} +4 -3
- package/src/commands/{plan.md → ccp/plan.md} +6 -5
- package/src/commands/ccp/profile-user.md +46 -0
- package/src/commands/{prompt-optimize.md → ccp/prompt-optimize.md} +3 -2
- package/src/commands/{prune.md → ccp/prune.md} +4 -4
- package/src/commands/{python-review.md → ccp/python-review.md} +7 -6
- package/src/commands/{quality-gate.md → ccp/quality-gate.md} +6 -1
- package/src/commands/{refactor-clean.md → ccp/refactor-clean.md} +5 -0
- package/src/commands/{resume-session.md → ccp/resume-session.md} +9 -8
- package/src/commands/ccp/review.md +37 -0
- package/src/commands/{rules-distill.md → ccp/rules-distill.md} +2 -1
- package/src/commands/{rust-build.md → ccp/rust-build.md} +6 -5
- package/src/commands/{rust-review.md → ccp/rust-review.md} +7 -6
- package/src/commands/{rust-test.md → ccp/rust-test.md} +6 -5
- package/src/commands/{save-session.md → ccp/save-session.md} +2 -1
- package/src/commands/ccp/secure-phase.md +35 -0
- package/src/commands/{sessions.md → ccp/sessions.md} +29 -24
- package/src/commands/{setup-pm.md → ccp/setup-pm.md} +1 -0
- package/src/commands/{setup-refresh.md → ccp/setup-refresh.md} +4 -3
- package/src/commands/{setup.md → ccp/setup.md} +24 -23
- package/src/commands/{skill-create.md → ccp/skill-create.md} +8 -8
- package/src/commands/{skill-health.md → ccp/skill-health.md} +5 -5
- package/src/commands/{tdd.md → ccp/tdd.md} +9 -8
- package/src/commands/{test-coverage.md → ccp/test-coverage.md} +5 -0
- package/src/commands/{tool-guide.md → ccp/tool-guide.md} +2 -1
- package/src/commands/{update-codemaps.md → ccp/update-codemaps.md} +5 -0
- package/src/commands/{update-docs.md → ccp/update-docs.md} +5 -0
- package/src/commands/{verify.md → ccp/verify.md} +5 -0
- package/src/commands/ccp/workstreams.md +68 -0
- package/src/examples/CLAUDE.md +4 -4
- package/src/examples/django-api-CLAUDE.md +5 -5
- package/src/examples/go-microservice-CLAUDE.md +6 -6
- package/src/examples/rust-api-CLAUDE.md +4 -4
- package/src/examples/saas-nextjs-CLAUDE.md +8 -8
- package/src/hooks/session-start.js +1 -1
- package/src/pilot/references/mcp-servers.json +1 -1
- package/src/pilot/workflows/docs-update.md +1165 -0
- package/src/pilot/workflows/help.md +48 -56
- package/src/pilot/workflows/profile-user.md +452 -0
- package/src/pilot/workflows/review.md +244 -0
- package/src/pilot/workflows/secure-phase.md +164 -0
- package/src/rules/common/code-review.md +124 -0
- package/src/rules/zh/README.md +108 -0
- package/src/rules/zh/agents.md +50 -0
- package/src/rules/zh/code-review.md +124 -0
- package/src/rules/zh/coding-style.md +48 -0
- package/src/rules/zh/development-workflow.md +44 -0
- package/src/rules/zh/git-workflow.md +24 -0
- package/src/rules/zh/hooks.md +30 -0
- package/src/rules/zh/patterns.md +31 -0
- package/src/rules/zh/performance.md +55 -0
- package/src/rules/zh/security.md +29 -0
- package/src/rules/zh/testing.md +29 -0
- package/src/skills/autonomous-agent-harness/SKILL.md +267 -0
- package/src/skills/autonomous-loops/SKILL.md +610 -0
- package/src/skills/bun-runtime/SKILL.md +84 -0
- package/src/skills/content-hash-cache-pattern/SKILL.md +161 -0
- package/src/skills/context-budget/SKILL.md +3 -3
- package/src/skills/continuous-learning-v2/SKILL.md +4 -4
- package/src/skills/continuous-learning-v2/agents/observer.md +1 -1
- package/src/skills/cost-aware-llm-pipeline/SKILL.md +183 -0
- package/src/skills/design-system/SKILL.md +82 -0
- package/src/skills/eval-harness/SKILL.md +270 -0
- package/src/skills/flutter-dart-code-review/SKILL.md +435 -0
- package/src/skills/gan-style-harness/SKILL.md +278 -0
- package/src/skills/git-workflow/SKILL.md +715 -0
- package/src/skills/hexagonal-architecture/SKILL.md +276 -0
- package/src/skills/iterative-retrieval/SKILL.md +211 -0
- package/src/skills/laravel-plugin-discovery/SKILL.md +229 -0
- package/src/skills/nextjs-turbopack/SKILL.md +44 -0
- package/src/skills/nuxt4-patterns/SKILL.md +100 -0
- package/src/skills/opensource-pipeline/SKILL.md +255 -0
- package/src/skills/perl-security/SKILL.md +503 -0
- package/src/skills/project-flow-ops/SKILL.md +111 -0
- package/src/skills/project-guidelines-example/SKILL.md +349 -0
- package/src/skills/prompt-optimizer/SKILL.md +38 -38
- package/src/skills/pytorch-patterns/SKILL.md +396 -0
- package/src/skills/regex-vs-llm-structured-text/SKILL.md +220 -0
- package/src/skills/repo-scan/SKILL.md +78 -0
- package/src/skills/rules-distill/SKILL.md +264 -0
- package/src/skills/rules-distill/scripts/scan-rules.sh +58 -0
- package/src/skills/rules-distill/scripts/scan-skills.sh +129 -0
- package/src/skills/swift-concurrency-6-2/SKILL.md +216 -0
- package/src/skills/token-budget-advisor/SKILL.md +133 -0
- package/src/skills/verification-loop/SKILL.md +1 -1
- package/src/skills/workspace-surface-audit/SKILL.md +125 -0
|
@@ -0,0 +1,229 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: laravel-plugin-discovery
|
|
3
|
+
description: Discover and evaluate Laravel packages via LaraPlugins.io MCP. Use when the user wants to find plugins, check package health, or assess Laravel/PHP compatibility.
|
|
4
|
+
origin: ECC
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
# Laravel Plugin Discovery
|
|
8
|
+
|
|
9
|
+
Find, evaluate, and choose healthy Laravel packages using the LaraPlugins.io MCP server.
|
|
10
|
+
|
|
11
|
+
## When to Use
|
|
12
|
+
|
|
13
|
+
- User wants to find Laravel packages for a specific feature (e.g. "auth", "permissions", "admin panel")
|
|
14
|
+
- User asks "what package should I use for..." or "is there a Laravel package for..."
|
|
15
|
+
- User wants to check if a package is actively maintained
|
|
16
|
+
- User needs to verify Laravel version compatibility
|
|
17
|
+
- User wants to assess package health before adding to a project
|
|
18
|
+
|
|
19
|
+
## MCP Requirement
|
|
20
|
+
|
|
21
|
+
LaraPlugins MCP server must be configured. Add to your `~/.claude.json` mcpServers:
|
|
22
|
+
|
|
23
|
+
```json
|
|
24
|
+
"laraplugins": {
|
|
25
|
+
"type": "http",
|
|
26
|
+
"url": "https://laraplugins.io/mcp/plugins"
|
|
27
|
+
}
|
|
28
|
+
```
|
|
29
|
+
|
|
30
|
+
No API key required — the server is free for the Laravel community.
|
|
31
|
+
|
|
32
|
+
## MCP Tools
|
|
33
|
+
|
|
34
|
+
The LaraPlugins MCP provides two primary tools:
|
|
35
|
+
|
|
36
|
+
### SearchPluginTool
|
|
37
|
+
|
|
38
|
+
Search packages by keyword, health score, vendor, and version compatibility.
|
|
39
|
+
|
|
40
|
+
**Parameters:**
|
|
41
|
+
- `text_search` (string, optional): Keyword to search (e.g. "permission", "admin", "api")
|
|
42
|
+
- `health_score` (string, optional): Filter by health band — `Healthy`, `Medium`, `Unhealthy`, or `Unrated`
|
|
43
|
+
- `laravel_compatibility` (string, optional): Filter by Laravel version — `"5"`, `"6"`, `"7"`, `"8"`, `"9"`, `"10"`, `"11"`, `"12"`, `"13"`
|
|
44
|
+
- `php_compatibility` (string, optional): Filter by PHP version — `"7.4"`, `"8.0"`, `"8.1"`, `"8.2"`, `"8.3"`, `"8.4"`, `"8.5"`
|
|
45
|
+
- `vendor_filter` (string, optional): Filter by vendor name (e.g. "spatie", "laravel")
|
|
46
|
+
- `page` (number, optional): Page number for pagination
|
|
47
|
+
|
|
48
|
+
### GetPluginDetailsTool
|
|
49
|
+
|
|
50
|
+
Fetch detailed metrics, readme content, and version history for a specific package.
|
|
51
|
+
|
|
52
|
+
**Parameters:**
|
|
53
|
+
- `package` (string, required): Full Composer package name (e.g. "spatie/laravel-permission")
|
|
54
|
+
- `include_versions` (boolean, optional): Include version history in response
|
|
55
|
+
|
|
56
|
+
---
|
|
57
|
+
|
|
58
|
+
## How It Works
|
|
59
|
+
|
|
60
|
+
### Finding Packages
|
|
61
|
+
|
|
62
|
+
When the user wants to discover packages for a feature:
|
|
63
|
+
|
|
64
|
+
1. Use `SearchPluginTool` with relevant keywords
|
|
65
|
+
2. Apply filters for health score, Laravel version, or PHP version
|
|
66
|
+
3. Review the results with package names, descriptions, and health indicators
|
|
67
|
+
|
|
68
|
+
### Evaluating Packages
|
|
69
|
+
|
|
70
|
+
When the user wants to assess a specific package:
|
|
71
|
+
|
|
72
|
+
1. Use `GetPluginDetailsTool` with the package name
|
|
73
|
+
2. Review health score, last updated date, Laravel version support
|
|
74
|
+
3. Check vendor reputation and risk indicators
|
|
75
|
+
|
|
76
|
+
### Checking Compatibility
|
|
77
|
+
|
|
78
|
+
When the user needs Laravel or PHP version compatibility:
|
|
79
|
+
|
|
80
|
+
1. Search with `laravel_compatibility` filter set to their version
|
|
81
|
+
2. Or get details on a specific package to see its supported versions
|
|
82
|
+
|
|
83
|
+
---
|
|
84
|
+
|
|
85
|
+
## Examples
|
|
86
|
+
|
|
87
|
+
### Example: Find Authentication Packages
|
|
88
|
+
|
|
89
|
+
```
|
|
90
|
+
SearchPluginTool({
|
|
91
|
+
text_search: "authentication",
|
|
92
|
+
health_score: "Healthy"
|
|
93
|
+
})
|
|
94
|
+
```
|
|
95
|
+
|
|
96
|
+
Returns packages matching "authentication" with healthy status:
|
|
97
|
+
- spatie/laravel-permission
|
|
98
|
+
- laravel/breeze
|
|
99
|
+
- laravel/passport
|
|
100
|
+
- etc.
|
|
101
|
+
|
|
102
|
+
### Example: Find Laravel 12 Compatible Packages
|
|
103
|
+
|
|
104
|
+
```
|
|
105
|
+
SearchPluginTool({
|
|
106
|
+
text_search: "admin panel",
|
|
107
|
+
laravel_compatibility: "12"
|
|
108
|
+
})
|
|
109
|
+
```
|
|
110
|
+
|
|
111
|
+
Returns packages compatible with Laravel 12.
|
|
112
|
+
|
|
113
|
+
### Example: Get Package Details
|
|
114
|
+
|
|
115
|
+
```
|
|
116
|
+
GetPluginDetailsTool({
|
|
117
|
+
package: "spatie/laravel-permission",
|
|
118
|
+
include_versions: true
|
|
119
|
+
})
|
|
120
|
+
```
|
|
121
|
+
|
|
122
|
+
Returns:
|
|
123
|
+
- Health score and last activity
|
|
124
|
+
- Laravel/PHP version support
|
|
125
|
+
- Vendor reputation (risk score)
|
|
126
|
+
- Version history
|
|
127
|
+
- Brief description
|
|
128
|
+
|
|
129
|
+
### Example: Find Packages by Vendor
|
|
130
|
+
|
|
131
|
+
```
|
|
132
|
+
SearchPluginTool({
|
|
133
|
+
vendor_filter: "spatie",
|
|
134
|
+
health_score: "Healthy"
|
|
135
|
+
})
|
|
136
|
+
```
|
|
137
|
+
|
|
138
|
+
Returns all healthy packages from vendor "spatie".
|
|
139
|
+
|
|
140
|
+
---
|
|
141
|
+
|
|
142
|
+
## Filtering Best Practices
|
|
143
|
+
|
|
144
|
+
### By Health Score
|
|
145
|
+
|
|
146
|
+
| Health Band | Meaning |
|
|
147
|
+
|-------------|---------|
|
|
148
|
+
| `Healthy` | Active maintenance, recent updates |
|
|
149
|
+
| `Medium` | Occasional updates, may need attention |
|
|
150
|
+
| `Unhealthy` | Abandoned or infrequently maintained |
|
|
151
|
+
| `Unrated` | Not yet assessed |
|
|
152
|
+
|
|
153
|
+
**Recommendation**: Prefer `Healthy` packages for production applications.
|
|
154
|
+
|
|
155
|
+
### By Laravel Version
|
|
156
|
+
|
|
157
|
+
| Version | Notes |
|
|
158
|
+
|---------|-------|
|
|
159
|
+
| `13` | Latest Laravel |
|
|
160
|
+
| `12` | Current stable |
|
|
161
|
+
| `11` | Still widely used |
|
|
162
|
+
| `10` | Legacy but common |
|
|
163
|
+
| `5`-`9` | Deprecated |
|
|
164
|
+
|
|
165
|
+
**Recommendation**: Match the target project's Laravel version.
|
|
166
|
+
|
|
167
|
+
### Combining Filters
|
|
168
|
+
|
|
169
|
+
```typescript
|
|
170
|
+
// Find healthy, Laravel 12 compatible packages for permissions
|
|
171
|
+
SearchPluginTool({
|
|
172
|
+
text_search: "permission",
|
|
173
|
+
health_score: "Healthy",
|
|
174
|
+
laravel_compatibility: "12"
|
|
175
|
+
})
|
|
176
|
+
```
|
|
177
|
+
|
|
178
|
+
---
|
|
179
|
+
|
|
180
|
+
## Response Interpretation
|
|
181
|
+
|
|
182
|
+
### Search Results
|
|
183
|
+
|
|
184
|
+
Each result includes:
|
|
185
|
+
- Package name (e.g. `spatie/laravel-permission`)
|
|
186
|
+
- Brief description
|
|
187
|
+
- Health status indicator
|
|
188
|
+
- Laravel version support badges
|
|
189
|
+
|
|
190
|
+
### Package Details
|
|
191
|
+
|
|
192
|
+
The detailed response includes:
|
|
193
|
+
- **Health Score**: Numeric or band indicator
|
|
194
|
+
- **Last Activity**: When the package was last updated
|
|
195
|
+
- **Laravel Support**: Version compatibility matrix
|
|
196
|
+
- **PHP Support**: PHP version compatibility
|
|
197
|
+
- **Risk Score**: Vendor trust indicators
|
|
198
|
+
- **Version History**: Recent release timeline
|
|
199
|
+
|
|
200
|
+
---
|
|
201
|
+
|
|
202
|
+
## Common Use Cases
|
|
203
|
+
|
|
204
|
+
| Scenario | Recommended Approach |
|
|
205
|
+
|----------|---------------------|
|
|
206
|
+
| "What package for auth?" | Search "auth" with healthy filter |
|
|
207
|
+
| "Is spatie/package still maintained?" | Get details, check health score |
|
|
208
|
+
| "Need Laravel 12 packages" | Search with laravel_compatibility: "12" |
|
|
209
|
+
| "Find admin panel packages" | Search "admin panel", review results |
|
|
210
|
+
| "Check vendor reputation" | Search by vendor, check details |
|
|
211
|
+
|
|
212
|
+
---
|
|
213
|
+
|
|
214
|
+
## Best Practices
|
|
215
|
+
|
|
216
|
+
1. **Always filter by health** — Use `health_score: "Healthy"` for production projects
|
|
217
|
+
2. **Match Laravel version** — Always check `laravel_compatibility` matches the target project
|
|
218
|
+
3. **Check vendor reputation** — Prefer packages from known vendors (spatie, laravel, etc.)
|
|
219
|
+
4. **Review before recommending** — Use GetPluginDetailsTool for a comprehensive assessment
|
|
220
|
+
5. **No API key needed** — The MCP is free, no authentication required
|
|
221
|
+
|
|
222
|
+
---
|
|
223
|
+
|
|
224
|
+
## Related Skills
|
|
225
|
+
|
|
226
|
+
- `laravel-patterns` — Laravel architecture and patterns
|
|
227
|
+
- `laravel-tdd` — Test-driven development for Laravel
|
|
228
|
+
- `laravel-security` — Laravel security best practices
|
|
229
|
+
- `documentation-lookup` — General library documentation lookup (Context7)
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: nextjs-turbopack
|
|
3
|
+
description: Next.js 16+ and Turbopack — incremental bundling, FS caching, dev speed, and when to use Turbopack vs webpack.
|
|
4
|
+
origin: ECC
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
# Next.js and Turbopack
|
|
8
|
+
|
|
9
|
+
Next.js 16+ uses Turbopack by default for local development: an incremental bundler written in Rust that significantly speeds up dev startup and hot updates.
|
|
10
|
+
|
|
11
|
+
## When to Use
|
|
12
|
+
|
|
13
|
+
- **Turbopack (default dev)**: Use for day-to-day development. Faster cold start and HMR, especially in large apps.
|
|
14
|
+
- **Webpack (legacy dev)**: Use only if you hit a Turbopack bug or rely on a webpack-only plugin in dev. Disable with `--webpack` (or `--no-turbopack` depending on your Next.js version; check the docs for your release).
|
|
15
|
+
- **Production**: Production build behavior (`next build`) may use Turbopack or webpack depending on Next.js version; check the official Next.js docs for your version.
|
|
16
|
+
|
|
17
|
+
Use when: developing or debugging Next.js 16+ apps, diagnosing slow dev startup or HMR, or optimizing production bundles.
|
|
18
|
+
|
|
19
|
+
## How It Works
|
|
20
|
+
|
|
21
|
+
- **Turbopack**: Incremental bundler for Next.js dev. Uses file-system caching so restarts are much faster (e.g. 5–14x on large projects).
|
|
22
|
+
- **Default in dev**: From Next.js 16, `next dev` runs with Turbopack unless disabled.
|
|
23
|
+
- **File-system caching**: Restarts reuse previous work; cache is typically under `.next`; no extra config needed for basic use.
|
|
24
|
+
- **Bundle Analyzer (Next.js 16.1+)**: Experimental Bundle Analyzer to inspect output and find heavy dependencies; enable via config or experimental flag (see Next.js docs for your version).
|
|
25
|
+
|
|
26
|
+
## Examples
|
|
27
|
+
|
|
28
|
+
### Commands
|
|
29
|
+
|
|
30
|
+
```bash
|
|
31
|
+
next dev
|
|
32
|
+
next build
|
|
33
|
+
next start
|
|
34
|
+
```
|
|
35
|
+
|
|
36
|
+
### Usage
|
|
37
|
+
|
|
38
|
+
Run `next dev` for local development with Turbopack. Use the Bundle Analyzer (see Next.js docs) to optimize code-splitting and trim large dependencies. Prefer App Router and server components where possible.
|
|
39
|
+
|
|
40
|
+
## Best Practices
|
|
41
|
+
|
|
42
|
+
- Stay on a recent Next.js 16.x for stable Turbopack and caching behavior.
|
|
43
|
+
- If dev is slow, ensure you're on Turbopack (default) and that the cache isn't being cleared unnecessarily.
|
|
44
|
+
- For production bundle size issues, use the official Next.js bundle analysis tooling for your version.
|
|
@@ -0,0 +1,100 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: nuxt4-patterns
|
|
3
|
+
description: Nuxt 4 app patterns for hydration safety, performance, route rules, lazy loading, and SSR-safe data fetching with useFetch and useAsyncData.
|
|
4
|
+
origin: ECC
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
# Nuxt 4 Patterns
|
|
8
|
+
|
|
9
|
+
Use when building or debugging Nuxt 4 apps with SSR, hybrid rendering, route rules, or page-level data fetching.
|
|
10
|
+
|
|
11
|
+
## When to Activate
|
|
12
|
+
|
|
13
|
+
- Hydration mismatches between server HTML and client state
|
|
14
|
+
- Route-level rendering decisions such as prerender, SWR, ISR, or client-only sections
|
|
15
|
+
- Performance work around lazy loading, lazy hydration, or payload size
|
|
16
|
+
- Page or component data fetching with `useFetch`, `useAsyncData`, or `$fetch`
|
|
17
|
+
- Nuxt routing issues tied to route params, middleware, or SSR/client differences
|
|
18
|
+
|
|
19
|
+
## Hydration Safety
|
|
20
|
+
|
|
21
|
+
- Keep the first render deterministic. Do not put `Date.now()`, `Math.random()`, browser-only APIs, or storage reads directly into SSR-rendered template state.
|
|
22
|
+
- Move browser-only logic behind `onMounted()`, `import.meta.client`, `ClientOnly`, or a `.client.vue` component when the server cannot produce the same markup.
|
|
23
|
+
- Use Nuxt's `useRoute()` composable, not the one from `vue-router`.
|
|
24
|
+
- Do not use `route.fullPath` to drive SSR-rendered markup. URL fragments are client-only, which can create hydration mismatches.
|
|
25
|
+
- Treat `ssr: false` as an escape hatch for truly browser-only areas, not a default fix for mismatches.
|
|
26
|
+
|
|
27
|
+
## Data Fetching
|
|
28
|
+
|
|
29
|
+
- Prefer `await useFetch()` for SSR-safe API reads in pages and components. It forwards server-fetched data into the Nuxt payload and avoids a second fetch on hydration.
|
|
30
|
+
- Use `useAsyncData()` when the fetcher is not a simple `$fetch()` call, when you need a custom key, or when you are composing multiple async sources.
|
|
31
|
+
- Give `useAsyncData()` a stable key for cache reuse and predictable refresh behavior.
|
|
32
|
+
- Keep `useAsyncData()` handlers side-effect free. They can run during SSR and hydration.
|
|
33
|
+
- Use `$fetch()` for user-triggered writes or client-only actions, not top-level page data that should be hydrated from SSR.
|
|
34
|
+
- Use `lazy: true`, `useLazyFetch()`, or `useLazyAsyncData()` for non-critical data that should not block navigation. Handle `status === 'pending'` in the UI.
|
|
35
|
+
- Use `server: false` only for data that is not needed for SEO or the first paint.
|
|
36
|
+
- Trim payload size with `pick` and prefer shallower payloads when deep reactivity is unnecessary.
|
|
37
|
+
|
|
38
|
+
```ts
|
|
39
|
+
const route = useRoute()
|
|
40
|
+
|
|
41
|
+
const { data: article, status, error, refresh } = await useAsyncData(
|
|
42
|
+
() => `article:${route.params.slug}`,
|
|
43
|
+
() => $fetch(`/api/articles/${route.params.slug}`),
|
|
44
|
+
)
|
|
45
|
+
|
|
46
|
+
const { data: comments } = await useFetch(`/api/articles/${route.params.slug}/comments`, {
|
|
47
|
+
lazy: true,
|
|
48
|
+
server: false,
|
|
49
|
+
})
|
|
50
|
+
```
|
|
51
|
+
|
|
52
|
+
## Route Rules
|
|
53
|
+
|
|
54
|
+
Prefer `routeRules` in `nuxt.config.ts` for rendering and caching strategy:
|
|
55
|
+
|
|
56
|
+
```ts
|
|
57
|
+
export default defineNuxtConfig({
|
|
58
|
+
routeRules: {
|
|
59
|
+
'/': { prerender: true },
|
|
60
|
+
'/products/**': { swr: 3600 },
|
|
61
|
+
'/blog/**': { isr: true },
|
|
62
|
+
'/admin/**': { ssr: false },
|
|
63
|
+
'/api/**': { cache: { maxAge: 60 * 60 } },
|
|
64
|
+
},
|
|
65
|
+
})
|
|
66
|
+
```
|
|
67
|
+
|
|
68
|
+
- `prerender`: static HTML at build time
|
|
69
|
+
- `swr`: serve cached content and revalidate in the background
|
|
70
|
+
- `isr`: incremental static regeneration on supported platforms
|
|
71
|
+
- `ssr: false`: client-rendered route
|
|
72
|
+
- `cache` or `redirect`: Nitro-level response behavior
|
|
73
|
+
|
|
74
|
+
Pick route rules per route group, not globally. Marketing pages, catalogs, dashboards, and APIs usually need different strategies.
|
|
75
|
+
|
|
76
|
+
## Lazy Loading and Performance
|
|
77
|
+
|
|
78
|
+
- Nuxt already code-splits pages by route. Keep route boundaries meaningful before micro-optimizing component splits.
|
|
79
|
+
- Use the `Lazy` prefix to dynamically import non-critical components.
|
|
80
|
+
- Conditionally render lazy components with `v-if` so the chunk is not loaded until the UI actually needs it.
|
|
81
|
+
- Use lazy hydration for below-the-fold or non-critical interactive UI.
|
|
82
|
+
|
|
83
|
+
```vue
|
|
84
|
+
<template>
|
|
85
|
+
<LazyRecommendations v-if="showRecommendations" />
|
|
86
|
+
<LazyProductGallery hydrate-on-visible />
|
|
87
|
+
</template>
|
|
88
|
+
```
|
|
89
|
+
|
|
90
|
+
- For custom strategies, use `defineLazyHydrationComponent()` with a visibility or idle strategy.
|
|
91
|
+
- Nuxt lazy hydration works on single-file components. Passing new props to a lazily hydrated component will trigger hydration immediately.
|
|
92
|
+
- Use `NuxtLink` for internal navigation so Nuxt can prefetch route components and generated payloads.
|
|
93
|
+
|
|
94
|
+
## Review Checklist
|
|
95
|
+
|
|
96
|
+
- First SSR render and hydrated client render produce the same markup
|
|
97
|
+
- Page data uses `useFetch` or `useAsyncData`, not top-level `$fetch`
|
|
98
|
+
- Non-critical data is lazy and has explicit loading UI
|
|
99
|
+
- Route rules match the page's SEO and freshness requirements
|
|
100
|
+
- Heavy interactive islands are lazy-loaded or lazily hydrated
|
|
@@ -0,0 +1,255 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: opensource-pipeline
|
|
3
|
+
description: "Open-source pipeline: fork, sanitize, and package private projects for safe public release. Chains 3 agents (forker, sanitizer, packager). Triggers: '/opensource', 'open source this', 'make this public', 'prepare for open source'."
|
|
4
|
+
origin: ECC
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
# Open-Source Pipeline Skill
|
|
8
|
+
|
|
9
|
+
Safely open-source any project through a 3-stage pipeline: **Fork** (strip secrets) → **Sanitize** (verify clean) → **Package** (CLAUDE.md + setup.sh + README).
|
|
10
|
+
|
|
11
|
+
## When to Activate
|
|
12
|
+
|
|
13
|
+
- User says "open source this project" or "make this public"
|
|
14
|
+
- User wants to prepare a private repo for public release
|
|
15
|
+
- User needs to strip secrets before pushing to GitHub
|
|
16
|
+
- User invokes `/opensource fork`, `/opensource verify`, or `/opensource package`
|
|
17
|
+
|
|
18
|
+
## Commands
|
|
19
|
+
|
|
20
|
+
| Command | Action |
|
|
21
|
+
|---------|--------|
|
|
22
|
+
| `/opensource fork PROJECT` | Full pipeline: fork + sanitize + package |
|
|
23
|
+
| `/opensource verify PROJECT` | Run sanitizer on existing repo |
|
|
24
|
+
| `/opensource package PROJECT` | Generate CLAUDE.md + setup.sh + README |
|
|
25
|
+
| `/opensource list` | Show all staged projects |
|
|
26
|
+
| `/opensource status PROJECT` | Show reports for a staged project |
|
|
27
|
+
|
|
28
|
+
## Protocol
|
|
29
|
+
|
|
30
|
+
### /opensource fork PROJECT
|
|
31
|
+
|
|
32
|
+
**Full pipeline — the main workflow.**
|
|
33
|
+
|
|
34
|
+
#### Step 1: Gather Parameters
|
|
35
|
+
|
|
36
|
+
Resolve the project path. If PROJECT contains `/`, treat as a path (absolute or relative). Otherwise check: current working directory, `$HOME/PROJECT`, then ask the user.
|
|
37
|
+
|
|
38
|
+
```
|
|
39
|
+
SOURCE_PATH="<resolved absolute path>"
|
|
40
|
+
STAGING_PATH="$HOME/opensource-staging/${PROJECT_NAME}"
|
|
41
|
+
```
|
|
42
|
+
|
|
43
|
+
Ask the user:
|
|
44
|
+
1. "Which project?" (if not found)
|
|
45
|
+
2. "License? (MIT / Apache-2.0 / GPL-3.0 / BSD-3-Clause)"
|
|
46
|
+
3. "GitHub org or username?" (default: detect via `gh api user -q .login`)
|
|
47
|
+
4. "GitHub repo name?" (default: project name)
|
|
48
|
+
5. "Description for README?" (analyze project for suggestion)
|
|
49
|
+
|
|
50
|
+
#### Step 2: Create Staging Directory
|
|
51
|
+
|
|
52
|
+
```bash
|
|
53
|
+
mkdir -p $HOME/opensource-staging/
|
|
54
|
+
```
|
|
55
|
+
|
|
56
|
+
#### Step 3: Run Forker Agent
|
|
57
|
+
|
|
58
|
+
Spawn the `opensource-forker` agent:
|
|
59
|
+
|
|
60
|
+
```
|
|
61
|
+
Agent(
|
|
62
|
+
description="Fork {PROJECT} for open-source",
|
|
63
|
+
subagent_type="opensource-forker",
|
|
64
|
+
prompt="""
|
|
65
|
+
Fork project for open-source release.
|
|
66
|
+
|
|
67
|
+
Source: {SOURCE_PATH}
|
|
68
|
+
Target: {STAGING_PATH}
|
|
69
|
+
License: {chosen_license}
|
|
70
|
+
|
|
71
|
+
Follow the full forking protocol:
|
|
72
|
+
1. Copy files (exclude .git, node_modules, __pycache__, .venv)
|
|
73
|
+
2. Strip all secrets and credentials
|
|
74
|
+
3. Replace internal references with placeholders
|
|
75
|
+
4. Generate .env.example
|
|
76
|
+
5. Clean git history
|
|
77
|
+
6. Generate FORK_REPORT.md in {STAGING_PATH}/FORK_REPORT.md
|
|
78
|
+
"""
|
|
79
|
+
)
|
|
80
|
+
```
|
|
81
|
+
|
|
82
|
+
Wait for completion. Read `{STAGING_PATH}/FORK_REPORT.md`.
|
|
83
|
+
|
|
84
|
+
#### Step 4: Run Sanitizer Agent
|
|
85
|
+
|
|
86
|
+
Spawn the `opensource-sanitizer` agent:
|
|
87
|
+
|
|
88
|
+
```
|
|
89
|
+
Agent(
|
|
90
|
+
description="Verify {PROJECT} sanitization",
|
|
91
|
+
subagent_type="opensource-sanitizer",
|
|
92
|
+
prompt="""
|
|
93
|
+
Verify sanitization of open-source fork.
|
|
94
|
+
|
|
95
|
+
Project: {STAGING_PATH}
|
|
96
|
+
Source (for reference): {SOURCE_PATH}
|
|
97
|
+
|
|
98
|
+
Run ALL scan categories:
|
|
99
|
+
1. Secrets scan (CRITICAL)
|
|
100
|
+
2. PII scan (CRITICAL)
|
|
101
|
+
3. Internal references scan (CRITICAL)
|
|
102
|
+
4. Dangerous files check (CRITICAL)
|
|
103
|
+
5. Configuration completeness (WARNING)
|
|
104
|
+
6. Git history audit
|
|
105
|
+
|
|
106
|
+
Generate SANITIZATION_REPORT.md inside {STAGING_PATH}/ with PASS/FAIL verdict.
|
|
107
|
+
"""
|
|
108
|
+
)
|
|
109
|
+
```
|
|
110
|
+
|
|
111
|
+
Wait for completion. Read `{STAGING_PATH}/SANITIZATION_REPORT.md`.
|
|
112
|
+
|
|
113
|
+
**If FAIL:** Show findings to user. Ask: "Fix these and re-scan, or abort?"
|
|
114
|
+
- If fix: Apply fixes, re-run sanitizer (maximum 3 retry attempts — after 3 FAILs, present all findings and ask user to fix manually)
|
|
115
|
+
- If abort: Clean up staging directory
|
|
116
|
+
|
|
117
|
+
**If PASS or PASS WITH WARNINGS:** Continue to Step 5.
|
|
118
|
+
|
|
119
|
+
#### Step 5: Run Packager Agent
|
|
120
|
+
|
|
121
|
+
Spawn the `opensource-packager` agent:
|
|
122
|
+
|
|
123
|
+
```
|
|
124
|
+
Agent(
|
|
125
|
+
description="Package {PROJECT} for open-source",
|
|
126
|
+
subagent_type="opensource-packager",
|
|
127
|
+
prompt="""
|
|
128
|
+
Generate open-source packaging for project.
|
|
129
|
+
|
|
130
|
+
Project: {STAGING_PATH}
|
|
131
|
+
License: {chosen_license}
|
|
132
|
+
Project name: {PROJECT_NAME}
|
|
133
|
+
Description: {description}
|
|
134
|
+
GitHub repo: {github_repo}
|
|
135
|
+
|
|
136
|
+
Generate:
|
|
137
|
+
1. CLAUDE.md (commands, architecture, key files)
|
|
138
|
+
2. setup.sh (one-command bootstrap, make executable)
|
|
139
|
+
3. README.md (or enhance existing)
|
|
140
|
+
4. LICENSE
|
|
141
|
+
5. CONTRIBUTING.md
|
|
142
|
+
6. .github/ISSUE_TEMPLATE/ (bug_report.md, feature_request.md)
|
|
143
|
+
"""
|
|
144
|
+
)
|
|
145
|
+
```
|
|
146
|
+
|
|
147
|
+
#### Step 6: Final Review
|
|
148
|
+
|
|
149
|
+
Present to user:
|
|
150
|
+
```
|
|
151
|
+
Open-Source Fork Ready: {PROJECT_NAME}
|
|
152
|
+
|
|
153
|
+
Location: {STAGING_PATH}
|
|
154
|
+
License: {license}
|
|
155
|
+
Files generated:
|
|
156
|
+
- CLAUDE.md
|
|
157
|
+
- setup.sh (executable)
|
|
158
|
+
- README.md
|
|
159
|
+
- LICENSE
|
|
160
|
+
- CONTRIBUTING.md
|
|
161
|
+
- .env.example ({N} variables)
|
|
162
|
+
|
|
163
|
+
Sanitization: {sanitization_verdict}
|
|
164
|
+
|
|
165
|
+
Next steps:
|
|
166
|
+
1. Review: cd {STAGING_PATH}
|
|
167
|
+
2. Create repo: gh repo create {github_org}/{github_repo} --public
|
|
168
|
+
3. Push: git remote add origin ... && git push -u origin main
|
|
169
|
+
|
|
170
|
+
Proceed with GitHub creation? (yes/no/review first)
|
|
171
|
+
```
|
|
172
|
+
|
|
173
|
+
#### Step 7: GitHub Publish (on user approval)
|
|
174
|
+
|
|
175
|
+
```bash
|
|
176
|
+
cd "{STAGING_PATH}"
|
|
177
|
+
gh repo create "{github_org}/{github_repo}" --public --source=. --push --description "{description}"
|
|
178
|
+
```
|
|
179
|
+
|
|
180
|
+
---
|
|
181
|
+
|
|
182
|
+
### /opensource verify PROJECT
|
|
183
|
+
|
|
184
|
+
Run sanitizer independently. Resolve path: if PROJECT contains `/`, treat as a path. Otherwise check `$HOME/opensource-staging/PROJECT`, then `$HOME/PROJECT`, then current directory.
|
|
185
|
+
|
|
186
|
+
```
|
|
187
|
+
Agent(
|
|
188
|
+
subagent_type="opensource-sanitizer",
|
|
189
|
+
prompt="Verify sanitization of: {resolved_path}. Run all 6 scan categories and generate SANITIZATION_REPORT.md."
|
|
190
|
+
)
|
|
191
|
+
```
|
|
192
|
+
|
|
193
|
+
---
|
|
194
|
+
|
|
195
|
+
### /opensource package PROJECT
|
|
196
|
+
|
|
197
|
+
Run packager independently. Ask for "License?" and "Description?", then:
|
|
198
|
+
|
|
199
|
+
```
|
|
200
|
+
Agent(
|
|
201
|
+
subagent_type="opensource-packager",
|
|
202
|
+
prompt="Package: {resolved_path} ..."
|
|
203
|
+
)
|
|
204
|
+
```
|
|
205
|
+
|
|
206
|
+
---
|
|
207
|
+
|
|
208
|
+
### /opensource list
|
|
209
|
+
|
|
210
|
+
```bash
|
|
211
|
+
ls -d $HOME/opensource-staging/*/
|
|
212
|
+
```
|
|
213
|
+
|
|
214
|
+
Show each project with pipeline progress (FORK_REPORT.md, SANITIZATION_REPORT.md, CLAUDE.md presence).
|
|
215
|
+
|
|
216
|
+
---
|
|
217
|
+
|
|
218
|
+
### /opensource status PROJECT
|
|
219
|
+
|
|
220
|
+
```bash
|
|
221
|
+
cat $HOME/opensource-staging/${PROJECT}/SANITIZATION_REPORT.md
|
|
222
|
+
cat $HOME/opensource-staging/${PROJECT}/FORK_REPORT.md
|
|
223
|
+
```
|
|
224
|
+
|
|
225
|
+
## Staging Layout
|
|
226
|
+
|
|
227
|
+
```
|
|
228
|
+
$HOME/opensource-staging/
|
|
229
|
+
my-project/
|
|
230
|
+
FORK_REPORT.md # From forker agent
|
|
231
|
+
SANITIZATION_REPORT.md # From sanitizer agent
|
|
232
|
+
CLAUDE.md # From packager agent
|
|
233
|
+
setup.sh # From packager agent
|
|
234
|
+
README.md # From packager agent
|
|
235
|
+
.env.example # From forker agent
|
|
236
|
+
... # Sanitized project files
|
|
237
|
+
```
|
|
238
|
+
|
|
239
|
+
## Anti-Patterns
|
|
240
|
+
|
|
241
|
+
- **Never** push to GitHub without user approval
|
|
242
|
+
- **Never** skip the sanitizer — it is the safety gate
|
|
243
|
+
- **Never** proceed after a sanitizer FAIL without fixing all critical findings
|
|
244
|
+
- **Never** leave `.env`, `*.pem`, or `credentials.json` in the staging directory
|
|
245
|
+
|
|
246
|
+
## Best Practices
|
|
247
|
+
|
|
248
|
+
- Always run the full pipeline (fork → sanitize → package) for new releases
|
|
249
|
+
- The staging directory persists until explicitly cleaned up — use it for review
|
|
250
|
+
- Re-run the sanitizer after any manual fixes before publishing
|
|
251
|
+
- Parameterize secrets rather than deleting them — preserve project functionality
|
|
252
|
+
|
|
253
|
+
## Related Skills
|
|
254
|
+
|
|
255
|
+
See `security-review` for secret detection patterns used by the sanitizer.
|