claude-flow-novice 2.13.0 → 2.14.1

package/claude-assets/commands/cfn/cost-savings-status.md

@@ -0,0 +1,34 @@
+---
+description: Show current cost-savings mode status and configuration
+tags: [config, status, coordination]
+---
+
+Display current cost-savings mode status and coordinator configuration.
+
+**Usage:**
+- `/cost-savings-status` - Show mode status and details
+
+**What this shows:**
+- Current mode: CLI (cost-savings ON) or Task-tool (cost-savings OFF)
+- Active coordinator type sections in CLAUDE.md
+- Spawning method (spawn-workers.js vs Task tool)
+- Provider configuration for workers
+- Estimated cost savings percentage
+
+**Mode Indicators:**
+- **CLI Mode Active**: spawn-workers.js coordination, ~97% savings
+- **Task-tool Mode Active**: Task() coordination, full Claude quality
+
+**Execute status check:**
+
+```bash
+npx claude-flow-cost-savings status
+```
+
+**Output includes:**
+- Mode: CLI | Task-tool
+- CLAUDE.md sections: Active coordinator profiles
+- Spawning pattern: spawn-workers.js | Task()
+- Provider: z.ai | Claude Max
+- Cost savings: 0% | ~97%
+- Last toggled: timestamp

package/claude-assets/commands/cfn/custom-routing-activate.md

@@ -0,0 +1,55 @@
+---
+description: DEPRECATED - Use /switch-api zai instead
+tags: [deprecated, routing]
+---
+
+# ⚠️ DEPRECATED Command
+
+**This command is deprecated and no longer needed.**
+
+## Use Instead
+
+```bash
+/switch-api zai
+```
+
+## What Changed
+
+**Old system (custom-routing):**
+- Designed for per-agent profile routing
+- Required `tieredRouting` flag in settings.json
+- Never fully implemented
+
+**New system (switch-api):**
+- ✅ Simple env var configuration
+- ✅ Works with Main Chat + Task tool
+- ✅ CLI agents use separate routing (.env)
+- ✅ Fully operational
+
+## Migration
+
+**If you were using `/custom-routing-activate`:**
+```bash
+# Just run this instead:
+/switch-api zai
+```
+
+**Effect:**
+- Main Chat + Task() agents use Z.ai ($0.50/1M)
+- CLI agents use Z.ai (from .env)
+- Combined 97% cost savings
+
+## Why Deprecated
+
+The custom-routing system was designed but never fully implemented. The new switch-api provides:
+
+1. **Simpler configuration** - Just env vars
+2. **Actually works** - Complete implementation
+3. **Clear separation** - Main Chat vs CLI routing
+4. **Better documentation** - See `/switch-api` help
+
+## See Also
+
+- `/switch-api` - Current routing system
+- `/switch-api zai` - Enable Z.ai for Main Chat
+- `/switch-api max` - Use Anthropic for Main Chat

package/claude-assets/commands/cfn/custom-routing-deactivate.md

@@ -0,0 +1,46 @@
+---
+description: DEPRECATED - Use /switch-api max instead
+tags: [deprecated, routing]
+---
+
+# ⚠️ DEPRECATED Command
+
+**This command is deprecated and no longer needed.**
+
+## Use Instead
+
+```bash
+/switch-api max
+```
+
+## What This Does
+
+Switches Main Chat + Task tool back to Anthropic (default provider).
+
+**Note:** Requires running `claude login` after switching.
+
+## Migration
+
+**If you were using `/custom-routing-deactivate`:**
+```bash
+# Just run this instead:
+/switch-api max
+
+# Then re-authenticate:
+claude login
+```
+
+## Why Deprecated
+
+The custom-routing system was designed but never fully implemented. The new switch-api provides the same functionality with:
+
+1. **Simpler commands** - `/switch-api zai` or `/switch-api max`
+2. **Actually works** - Complete implementation
+3. **Clear behavior** - Explicit env var management
+4. **Better docs** - See `/switch-api` help
+
+## See Also
+
+- `/switch-api` - Current routing system
+- `/switch-api max` - Use Anthropic for Main Chat
+- `/switch-api zai` - Use Z.ai for cost savings

package/claude-assets/commands/cfn/dependency-recommendations.md

@@ -0,0 +1,171 @@
+---
+description: "Smart dependency analysis with security scanning and performance-focused updates"
+argument-hint: "[--security|--performance|--outdated|--audit|--interactive]"
+allowed-tools: ["Bash", "Read", "Grep", "mcp__claude-flow__dependency_analyze", "mcp__claude-flow__language_detect", "mcp__claude-flow__framework_detect", "mcp__claude-flow__memory_usage"]
+---
+
+# Smart Dependency Recommendations
+
+Analyze your project dependencies and provide intelligent recommendations for updates, security fixes, and performance improvements.
+
+**Analysis Type**: $ARGUMENTS
+
+## Analysis Options
+
+- `--security` - Focus on security vulnerabilities and CVE scanning
+- `--performance` - Analyze bundle size and performance impact
+- `--outdated` - Show outdated packages with safe update paths
+- `--audit` - Comprehensive security audit with risk assessment
+- `--interactive` - Interactive update wizard with explanations
+
+## What This Command Does
+
+### 🔍 Intelligent Dependency Analysis
+- **Multi-Language Support**: npm, Cargo, pip, composer, bundler
+- **Security Scanning**: CVE database integration and vulnerability detection
+- **Performance Impact**: Bundle size analysis and optimization opportunities
+- **Breaking Change Detection**: Semantic version analysis and migration guides
+- **License Compliance**: License compatibility and legal risk assessment
+
+### 🛡️ Security Analysis
+
+#### Vulnerability Scanning
+- **CVE Database**: Real-time vulnerability scanning
+- **Severity Assessment**: Critical, High, Medium, Low risk classification
+- **Exploit Availability**: Known exploits and proof-of-concept detection
+- **Patch Availability**: Available fixes and update recommendations
+
+#### Security Best Practices
+- **Minimal Dependencies**: Suggest lighter alternatives
+- **Trusted Sources**: Verify package maintainer reputation
+- **License Scanning**: Identify problematic licenses
+- **Supply Chain**: Analyze dependency chains for risks
+
+### 🚀 Performance Optimization
+
+#### Bundle Analysis
+- **Size Impact**: Before/after size comparison
+- **Tree Shaking**: Dead code elimination opportunities
+- **Alternative Packages**: Lighter alternatives with same functionality
+- **Lazy Loading**: Code splitting recommendations
+
+#### Runtime Performance
+- **Startup Time**: Dependency impact on application startup
+- **Memory Usage**: Memory footprint analysis
+- **CPU Impact**: Performance benchmarks and comparisons
+
+## Language-Specific Features
+
+### JavaScript/Node.js (npm/yarn/pnpm)
+```bash
+# Security audit with fix suggestions
+/dependency-recommendations --security
+# Output: npm audit fix, specific CVE details, manual update guides
+
+# Performance analysis
+/dependency-recommendations --performance
+# Output: Bundle analyzer results, tree-shaking opportunities
+```
+
+### Rust (Cargo)
+```bash
+# Cargo audit with vulnerability scanning
+/dependency-recommendations --audit
+# Output: cargo audit, rustsec advisory database
+
+# Outdated crates analysis
+/dependency-recommendations --outdated
+# Output: cargo outdated, semver compatibility, feature changes
+```
+
+### Python (pip/poetry/pipenv)
+```bash
+# Security scanning with safety
+/dependency-recommendations --security
+# Output: safety check, known vulnerabilities, update commands
+
+# Performance and compatibility
+/dependency-recommendations --performance
+# Output: Wheel vs source installs, Python version compatibility
+```
+
+## Sample Recommendation Output
+
+```markdown
+## 🚨 Critical Security Issues (2)
+
+### 1. lodash@4.17.15 → 4.17.21
+- **CVE-2021-23337**: Prototype pollution vulnerability
+- **Risk**: High - Remote code execution possible
+- **Fix**: `npm update lodash@^4.17.21`
+- **Breaking Changes**: None
+- **Affected Files**: src/utils/helpers.js, src/components/
+
+### 2. express@4.17.1 → 4.18.2
+- **Multiple CVEs**: Security vulnerabilities in older versions
+- **Risk**: Medium - Information disclosure
+- **Fix**: `npm install express@^4.18.2`
+- **Migration Guide**: Check middleware compatibility
+
+## 🚀 Performance Opportunities (3)
+
+### 1. moment.js → date-fns
+- **Bundle Size**: 67KB → 13KB (80% reduction)
+- **Tree Shaking**: Full support vs none
+- **Migration**: Auto-migration available
+- **Effort**: Medium (2-3 hours)
+
+### 2. lodash → Native ES6+ / lodash-es
+- **Bundle Size**: 71KB → 15KB (selective imports)
+- **Performance**: 15% faster with native methods
+- **Migration**: Gradual replacement possible
+
+## 🔄 Recommended Updates (5)
+
+### Safe Updates (No Breaking Changes)
+- react@18.2.0 → 18.2.45 (patch updates)
+- typescript@4.9.4 → 4.9.5 (bug fixes)
+- jest@29.3.1 → 29.5.0 (new features)
+
+### Major Version Updates (Review Required)
+- webpack@4.46.0 → 5.88.2
+  - **Breaking Changes**: Module federation, asset modules
+  - **Migration Guide**: https://webpack.js.org/migrate/5/
+  - **Estimated Effort**: 1-2 days
+```
+
+## Interactive Update Wizard
+
+```bash
+/dependency-recommendations --interactive
+```
+
+Provides step-by-step guidance:
+1. **Prioritization**: Security first, then performance, then features
+2. **Impact Assessment**: Explains what each update affects
+3. **Testing Strategy**: Suggests test scenarios after updates
+4. **Rollback Plan**: Provides rollback commands if issues occur
+5. **Documentation**: Updates package.json comments and documentation
+
+## Educational Features
+
+### Why Updates Matter
+- **Security**: Explains specific vulnerabilities and their impact
+- **Performance**: Shows measurable improvements with benchmarks
+- **Maintenance**: Discusses long-term maintenance benefits
+- **Ecosystem**: Explains how updates affect the broader ecosystem
+
+### Best Practices
+- **Update Strategy**: Guidance on when and how to update
+- **Testing**: Recommendations for testing after updates
+- **Monitoring**: Tools for tracking dependency health
+- **Documentation**: Keeping dependency decisions documented
+
+## Integration Features
+
+- **CI/CD Integration**: Generate update PRs with full analysis
+- **Team Notifications**: Share recommendations with team members
+- **Scheduled Analysis**: Regular dependency health checks
+- **Custom Policies**: Configure update policies and approval workflows
+
+Get intelligent, actionable dependency recommendations that balance security, performance, and stability.

package/claude-assets/commands/cfn/fullstack.md

@@ -0,0 +1,179 @@
+---
+description: "Launch autonomous self-correcting full-stack development team with CFN Loop"
+argument-hint: "<goal description>"
+allowed-tools: ["Task", "TodoWrite", "Read", "Write", "Edit", "Bash", "Glob", "Grep"]
+---
+
+# Autonomous Full-Stack Development Team (CFN Loop)
+
+Launch an autonomous self-correcting full-stack development team using the CFN Loop methodology.
+
+🚨 **AUTONOMOUS SELF-LOOPING PROCESS**
+
+**Goal**: $ARGUMENTS
+
+## Team Composition
+
+The fullstack team includes:
+- **Researcher**: Requirements analysis, pattern detection, architectural planning
+- **Coder**: Implementation of backend and frontend features
+- **Tester**: Comprehensive testing including unit, integration, and E2E tests
+- **Reviewer**: Code quality analysis, security review, performance optimization
+- **Architect** (for complex tasks): System design and architectural decisions
+
+## Autonomous CFN Loop Execution Pattern
+
+🚨 **CRITICAL: This is an AUTONOMOUS self-looping process**
+- Loop failures → IMMEDIATE retry with feedback (NO approval needed)
+- Consensus failures → IMMEDIATE Loop 3 relaunch (NO approval needed)
+- Phase completion → IMMEDIATE next phase transition (NO approval needed)
+- ONLY stop for: max iterations reached OR critical error
+
+### Loop 3: Primary Swarm (Execute)
+1. **Initialize Swarm** (MANDATORY)
+   - Use swarm_init with appropriate topology
+   - Configure for 3-8 agents based on complexity
+
+2. **Launch Primary Swarm** (3-8 agents in parallel using Claude Code's Task tool)
+   - All agents execute concurrently in a single message
+   - Each agent receives full context and specific responsibilities
+   - Agents produce deliverables with confidence scores
+   - Run post-edit hooks after EVERY file modification
+
+3. **Self-Assessment Gate**
+   - Collect confidence scores from all agents
+   - If confidence ≥75% → IMMEDIATELY proceed to Loop 2
+   - If confidence <75% → IMMEDIATELY relaunch Loop 3 with feedback (autonomous retry)
+   - Max iterations: 10
+
+### Loop 2: Consensus Swarm (Verify)
+1. **Launch Consensus Validators** (2-4 validators in parallel)
+   - Independent verification with Byzantine fault tolerance
+   - Comprehensive validation: tests, security, performance, architecture
+   - Voting mechanism with critical criteria checks
+
+2. **Byzantine Consensus Voting**
+   - Collect validator votes (approve/reject)
+   - Calculate approval rate and confidence
+
+3. **Decision Gate**
+   - **PASS Criteria** (≥90% agreement + all critical checks):
+     - All tests passing (100% for critical paths, ≥80% coverage overall)
+     - No security vulnerabilities
+     - Performance within acceptable thresholds
+     - Architecture review approved
+   - **FAIL Criteria**:
+     - <90% validator agreement OR critical criteria failed
+     - IMMEDIATELY inject feedback and return to Loop 3 (autonomous retry)
+   - Max iterations: 5
+
+### Loop 1: Phase Completion (Action)
+- **PASS**: Store results → Update documentation → Report completion
+- **FAIL (max iterations)**: Escalate to human with full history + recommendations
+
+**AUTONOMOUS RETRY BEHAVIOR:**
+- Loop 3 failures → IMMEDIATELY relaunch with feedback
+- Loop 2 failures → IMMEDIATELY return to Loop 3
+- NO approval needed for retries
+- Self-correcting process continues until success or max iterations
+
+## Consensus Validation Requirements
+
+**Validator Team** (4 agents for Byzantine fault tolerance):
+1. **Validator 1** - Test Coverage & Quality
+2. **Validator 2** - Security & Compliance
+3. **Validator 3** - Performance & Optimization
+4. **Validator 4** - Architecture & Design
+
+**Scoring System**:
+- Overall Score: 0-100 (weighted average)
+- Pass Threshold: ≥90/100 with unanimous approval
+- Tier 2: 85-94 (production-ready with minor issues)
+- Tier 3: 75-84 (needs improvements)
+- Fail: <75 (significant issues)
+
+**Critical Criteria** (all must pass):
+- Tests executing and passing
+- No critical security vulnerabilities
+- Code compiles/builds successfully
+- Core functionality working
+
+## Usage Examples
+
+```bash
+# Simple feature
+/fullstack Add user authentication with JWT tokens and password hashing
+
+# Complex feature with multiple components
+/fullstack Build a real-time chat system with user presence, typing indicators, message history, and file sharing
+
+# Backend API
+/fullstack Create REST API for product catalog with CRUD operations, search, filtering, and pagination
+
+# Frontend feature
+/fullstack Implement responsive dashboard with data visualization, real-time updates, and mobile support
+
+# Full-stack integration
+/fullstack Develop e-commerce checkout flow with payment processing, order management, and email notifications
+```
+
+## Execution Instructions
+
+When this command is invoked:
+
+🚨 **AUTONOMOUS EXECUTION - NO APPROVAL NEEDED FOR RETRIES**
+
+1. **Parse the goal** from $ARGUMENTS
+
+2. **Initialize Swarm** (MANDATORY for multi-agent tasks):
+   ```javascript
+   mcp__claude-flow-novice__swarm_init({
+     topology: "mesh",
+     maxAgents: 8,
+     strategy: "balanced"
+   })
+   ```
+
+3. **Launch Loop 3: Primary Swarm** in a SINGLE message:
+   ```
+   Task("Research and analyze requirements", "Analyze goal: [goal]. Research patterns, identify requirements, create detailed specifications...", "researcher")
+   Task("Implement core features", "Implement goal: [goal]. Write production code following best practices...", "coder")
+   Task("Create comprehensive tests", "Test goal: [goal]. Write unit, integration, and E2E tests...", "tester")
+   Task("Review and optimize", "Review implementation of goal: [goal]. Check security, performance, architecture...", "reviewer")
+   ```
+
+4. **Self-assess** and collect confidence scores
+   - If ≥75% → IMMEDIATELY proceed to Loop 2 (consensus)
+   - If <75% → IMMEDIATELY relaunch Loop 3 with feedback (NO approval needed)
+
+5. **Launch Loop 2: Consensus Swarm** in a SINGLE message:
+   ```
+   Task("Quality Validator", "Comprehensive quality review", "reviewer")
+   Task("Security Validator", "Security and performance audit", "security-specialist")
+   Task("Architecture Validator", "Architecture validation", "system-architect")
+   Task("Testing Validator", "Integration testing validation", "tester")
+   ```
+
+6. **Process Byzantine consensus voting**
+   - If ≥90% approval → Complete (Loop 1)
+   - If <90% approval → IMMEDIATELY return to Loop 3 with feedback (NO approval needed)
+
+7. **Autonomous iteration** until:
+   - Success achieved (consensus passes)
+   - Max iterations reached (escalate to human)
+   - Critical error encountered
+
+## Important Notes
+
+🚨 **AUTONOMOUS SELF-LOOPING PROCESS**
+
+- **Initialize swarm FIRST** - MANDATORY before spawning agents
+- **Always use Task tool in parallel** - spawn all agents in ONE message
+- **Run post-edit hooks** after EVERY file modification
+- **Store results in appropriate directories** - never save to root
+- **Follow file organization** - use /src, /tests, /docs structure
+- **NO approval needed for retries** - autonomous self-correction
+- **IMMEDIATE retry on failures** - continue until success or max iterations
+- **Enable consensus validation** - for production-ready code quality
+
+Execute the autonomous self-correcting fullstack development workflow NOW.