claude-flow-novice 2.14.0 → 2.14.2

package/claude-assets/commands/dependency-recommendations.md

@@ -0,0 +1,171 @@
+---
+description: "Smart dependency analysis with security scanning and performance-focused updates"
+argument-hint: "[--security|--performance|--outdated|--audit|--interactive]"
+allowed-tools: ["Bash", "Read", "Grep", "mcp__claude-flow__dependency_analyze", "mcp__claude-flow__language_detect", "mcp__claude-flow__framework_detect", "mcp__claude-flow__memory_usage"]
+---
+
+# Smart Dependency Recommendations
+
+Analyze your project dependencies and provide intelligent recommendations for updates, security fixes, and performance improvements.
+
+**Analysis Type**: $ARGUMENTS
+
+## Analysis Options
+
+- `--security` - Focus on security vulnerabilities and CVE scanning
+- `--performance` - Analyze bundle size and performance impact
+- `--outdated` - Show outdated packages with safe update paths
+- `--audit` - Comprehensive security audit with risk assessment
+- `--interactive` - Interactive update wizard with explanations
+
+## What This Command Does
+
+### 🔍 Intelligent Dependency Analysis
+- **Multi-Language Support**: npm, Cargo, pip, composer, bundler
+- **Security Scanning**: CVE database integration and vulnerability detection
+- **Performance Impact**: Bundle size analysis and optimization opportunities
+- **Breaking Change Detection**: Semantic version analysis and migration guides
+- **License Compliance**: License compatibility and legal risk assessment
+
+### 🛡️ Security Analysis
+
+#### Vulnerability Scanning
+- **CVE Database**: Real-time vulnerability scanning
+- **Severity Assessment**: Critical, High, Medium, Low risk classification
+- **Exploit Availability**: Known exploits and proof-of-concept detection
+- **Patch Availability**: Available fixes and update recommendations
+
+#### Security Best Practices
+- **Minimal Dependencies**: Suggest lighter alternatives
+- **Trusted Sources**: Verify package maintainer reputation
+- **License Scanning**: Identify problematic licenses
+- **Supply Chain**: Analyze dependency chains for risks
+
+### 🚀 Performance Optimization
+
+#### Bundle Analysis
+- **Size Impact**: Before/after size comparison
+- **Tree Shaking**: Dead code elimination opportunities
+- **Alternative Packages**: Lighter alternatives with same functionality
+- **Lazy Loading**: Code splitting recommendations
+
+#### Runtime Performance
+- **Startup Time**: Dependency impact on application startup
+- **Memory Usage**: Memory footprint analysis
+- **CPU Impact**: Performance benchmarks and comparisons
+
+## Language-Specific Features
+
+### JavaScript/Node.js (npm/yarn/pnpm)
+```bash
+# Security audit with fix suggestions
+/dependency-recommendations --security
+# Output: npm audit fix, specific CVE details, manual update guides
+
+# Performance analysis
+/dependency-recommendations --performance
+# Output: Bundle analyzer results, tree-shaking opportunities
+```
+
+### Rust (Cargo)
+```bash
+# Cargo audit with vulnerability scanning
+/dependency-recommendations --audit
+# Output: cargo audit, rustsec advisory database
+
+# Outdated crates analysis
+/dependency-recommendations --outdated
+# Output: cargo outdated, semver compatibility, feature changes
+```
+
+### Python (pip/poetry/pipenv)
+```bash
+# Security scanning with safety
+/dependency-recommendations --security
+# Output: safety check, known vulnerabilities, update commands
+
+# Performance and compatibility
+/dependency-recommendations --performance
+# Output: Wheel vs source installs, Python version compatibility
+```
+
+## Sample Recommendation Output
+
+```markdown
+## 🚨 Critical Security Issues (2)
+
+### 1. lodash@4.17.15 → 4.17.21
+- **CVE-2021-23337**: Prototype pollution vulnerability
+- **Risk**: High - Remote code execution possible
+- **Fix**: `npm update lodash@^4.17.21`
+- **Breaking Changes**: None
+- **Affected Files**: src/utils/helpers.js, src/components/
+
+### 2. express@4.17.1 → 4.18.2
+- **Multiple CVEs**: Security vulnerabilities in older versions
+- **Risk**: Medium - Information disclosure
+- **Fix**: `npm install express@^4.18.2`
+- **Migration Guide**: Check middleware compatibility
+
+## 🚀 Performance Opportunities (3)
+
+### 1. moment.js → date-fns
+- **Bundle Size**: 67KB → 13KB (80% reduction)
+- **Tree Shaking**: Full support vs none
+- **Migration**: Auto-migration available
+- **Effort**: Medium (2-3 hours)
+
+### 2. lodash → Native ES6+ / lodash-es
+- **Bundle Size**: 71KB → 15KB (selective imports)
+- **Performance**: 15% faster with native methods
+- **Migration**: Gradual replacement possible
+
+## 🔄 Recommended Updates (5)
+
+### Safe Updates (No Breaking Changes)
+- react@18.2.0 → 18.2.45 (patch updates)
+- typescript@4.9.4 → 4.9.5 (bug fixes)
+- jest@29.3.1 → 29.5.0 (new features)
+
+### Major Version Updates (Review Required)
+- webpack@4.46.0 → 5.88.2
+  - **Breaking Changes**: Module federation, asset modules
+  - **Migration Guide**: https://webpack.js.org/migrate/5/
+  - **Estimated Effort**: 1-2 days
+```
+
+## Interactive Update Wizard
+
+```bash
+/dependency-recommendations --interactive
+```
+
+Provides step-by-step guidance:
+1. **Prioritization**: Security first, then performance, then features
+2. **Impact Assessment**: Explains what each update affects
+3. **Testing Strategy**: Suggests test scenarios after updates
+4. **Rollback Plan**: Provides rollback commands if issues occur
+5. **Documentation**: Updates package.json comments and documentation
+
+## Educational Features
+
+### Why Updates Matter
+- **Security**: Explains specific vulnerabilities and their impact
+- **Performance**: Shows measurable improvements with benchmarks
+- **Maintenance**: Discusses long-term maintenance benefits
+- **Ecosystem**: Explains how updates affect the broader ecosystem
+
+### Best Practices
+- **Update Strategy**: Guidance on when and how to update
+- **Testing**: Recommendations for testing after updates
+- **Monitoring**: Tools for tracking dependency health
+- **Documentation**: Keeping dependency decisions documented
+
+## Integration Features
+
+- **CI/CD Integration**: Generate update PRs with full analysis
+- **Team Notifications**: Share recommendations with team members
+- **Scheduled Analysis**: Regular dependency health checks
+- **Custom Policies**: Configure update policies and approval workflows
+
+Get intelligent, actionable dependency recommendations that balance security, performance, and stability.

package/claude-assets/commands/fullstack.md

@@ -0,0 +1,179 @@
+---
+description: "Launch autonomous self-correcting full-stack development team with CFN Loop"
+argument-hint: "<goal description>"
+allowed-tools: ["Task", "TodoWrite", "Read", "Write", "Edit", "Bash", "Glob", "Grep"]
+---
+
+# Autonomous Full-Stack Development Team (CFN Loop)
+
+Launch an autonomous self-correcting full-stack development team using the CFN Loop methodology.
+
+🚨 **AUTONOMOUS SELF-LOOPING PROCESS**
+
+**Goal**: $ARGUMENTS
+
+## Team Composition
+
+The fullstack team includes:
+- **Researcher**: Requirements analysis, pattern detection, architectural planning
+- **Coder**: Implementation of backend and frontend features
+- **Tester**: Comprehensive testing including unit, integration, and E2E tests
+- **Reviewer**: Code quality analysis, security review, performance optimization
+- **Architect** (for complex tasks): System design and architectural decisions
+
+## Autonomous CFN Loop Execution Pattern
+
+🚨 **CRITICAL: This is an AUTONOMOUS self-looping process**
+- Loop failures → IMMEDIATE retry with feedback (NO approval needed)
+- Consensus failures → IMMEDIATE Loop 3 relaunch (NO approval needed)
+- Phase completion → IMMEDIATE next phase transition (NO approval needed)
+- ONLY stop for: max iterations reached OR critical error
+
+### Loop 3: Primary Swarm (Execute)
+1. **Initialize Swarm** (MANDATORY)
+   - Use swarm_init with appropriate topology
+   - Configure for 3-8 agents based on complexity
+
+2. **Launch Primary Swarm** (3-8 agents in parallel using Claude Code's Task tool)
+   - All agents execute concurrently in a single message
+   - Each agent receives full context and specific responsibilities
+   - Agents produce deliverables with confidence scores
+   - Run post-edit hooks after EVERY file modification
+
+3. **Self-Assessment Gate**
+   - Collect confidence scores from all agents
+   - If confidence ≥75% → IMMEDIATELY proceed to Loop 2
+   - If confidence <75% → IMMEDIATELY relaunch Loop 3 with feedback (autonomous retry)
+   - Max iterations: 10
+
+### Loop 2: Consensus Swarm (Verify)
+1. **Launch Consensus Validators** (2-4 validators in parallel)
+   - Independent verification with Byzantine fault tolerance
+   - Comprehensive validation: tests, security, performance, architecture
+   - Voting mechanism with critical criteria checks
+
+2. **Byzantine Consensus Voting**
+   - Collect validator votes (approve/reject)
+   - Calculate approval rate and confidence
+
+3. **Decision Gate**
+   - **PASS Criteria** (≥90% agreement + all critical checks):
+     - All tests passing (100% for critical paths, ≥80% coverage overall)
+     - No security vulnerabilities
+     - Performance within acceptable thresholds
+     - Architecture review approved
+   - **FAIL Criteria**:
+     - <90% validator agreement OR critical criteria failed
+     - IMMEDIATELY inject feedback and return to Loop 3 (autonomous retry)
+   - Max iterations: 5
+
+### Loop 1: Phase Completion (Action)
+- **PASS**: Store results → Update documentation → Report completion
+- **FAIL (max iterations)**: Escalate to human with full history + recommendations
+
+**AUTONOMOUS RETRY BEHAVIOR:**
+- Loop 3 failures → IMMEDIATELY relaunch with feedback
+- Loop 2 failures → IMMEDIATELY return to Loop 3
+- NO approval needed for retries
+- Self-correcting process continues until success or max iterations
+
+## Consensus Validation Requirements
+
+**Validator Team** (4 agents for Byzantine fault tolerance):
+1. **Validator 1** - Test Coverage & Quality
+2. **Validator 2** - Security & Compliance
+3. **Validator 3** - Performance & Optimization
+4. **Validator 4** - Architecture & Design
+
+**Scoring System**:
+- Overall Score: 0-100 (weighted average)
+- Pass Threshold: ≥90/100 with unanimous approval
+- Tier 2: 85-94 (production-ready with minor issues)
+- Tier 3: 75-84 (needs improvements)
+- Fail: <75 (significant issues)
+
+**Critical Criteria** (all must pass):
+- Tests executing and passing
+- No critical security vulnerabilities
+- Code compiles/builds successfully
+- Core functionality working
+
+## Usage Examples
+
+```bash
+# Simple feature
+/fullstack Add user authentication with JWT tokens and password hashing
+
+# Complex feature with multiple components
+/fullstack Build a real-time chat system with user presence, typing indicators, message history, and file sharing
+
+# Backend API
+/fullstack Create REST API for product catalog with CRUD operations, search, filtering, and pagination
+
+# Frontend feature
+/fullstack Implement responsive dashboard with data visualization, real-time updates, and mobile support
+
+# Full-stack integration
+/fullstack Develop e-commerce checkout flow with payment processing, order management, and email notifications
+```
+
+## Execution Instructions
+
+When this command is invoked:
+
+🚨 **AUTONOMOUS EXECUTION - NO APPROVAL NEEDED FOR RETRIES**
+
+1. **Parse the goal** from $ARGUMENTS
+
+2. **Initialize Swarm** (MANDATORY for multi-agent tasks):
+   ```javascript
+   mcp__claude-flow-novice__swarm_init({
+     topology: "mesh",
+     maxAgents: 8,
+     strategy: "balanced"
+   })
+   ```
+
+3. **Launch Loop 3: Primary Swarm** in a SINGLE message:
+   ```
+   Task("Research and analyze requirements", "Analyze goal: [goal]. Research patterns, identify requirements, create detailed specifications...", "researcher")
+   Task("Implement core features", "Implement goal: [goal]. Write production code following best practices...", "coder")
+   Task("Create comprehensive tests", "Test goal: [goal]. Write unit, integration, and E2E tests...", "tester")
+   Task("Review and optimize", "Review implementation of goal: [goal]. Check security, performance, architecture...", "reviewer")
+   ```
+
+4. **Self-assess** and collect confidence scores
+   - If ≥75% → IMMEDIATELY proceed to Loop 2 (consensus)
+   - If <75% → IMMEDIATELY relaunch Loop 3 with feedback (NO approval needed)
+
+5. **Launch Loop 2: Consensus Swarm** in a SINGLE message:
+   ```
+   Task("Quality Validator", "Comprehensive quality review", "reviewer")
+   Task("Security Validator", "Security and performance audit", "security-specialist")
+   Task("Architecture Validator", "Architecture validation", "system-architect")
+   Task("Testing Validator", "Integration testing validation", "tester")
+   ```
+
+6. **Process Byzantine consensus voting**
+   - If ≥90% approval → Complete (Loop 1)
+   - If <90% approval → IMMEDIATELY return to Loop 3 with feedback (NO approval needed)
+
+7. **Autonomous iteration** until:
+   - Success achieved (consensus passes)
+   - Max iterations reached (escalate to human)
+   - Critical error encountered
+
+## Important Notes
+
+🚨 **AUTONOMOUS SELF-LOOPING PROCESS**
+
+- **Initialize swarm FIRST** - MANDATORY before spawning agents
+- **Always use Task tool in parallel** - spawn all agents in ONE message
+- **Run post-edit hooks** after EVERY file modification
+- **Store results in appropriate directories** - never save to root
+- **Follow file organization** - use /src, /tests, /docs structure
+- **NO approval needed for retries** - autonomous self-correction
+- **IMMEDIATE retry on failures** - continue until success or max iterations
+- **Enable consensus validation** - for production-ready code quality
+
+Execute the autonomous self-correcting fullstack development workflow NOW.

package/claude-assets/commands/github.md

@@ -0,0 +1,221 @@
+---
+description: "GitHub integration for repository management, PR automation, and collaboration"
+argument-hint: "<action> [repository] [options]"
+allowed-tools: ["Bash", "Read", "Write", "Grep", "mcp__claude-flow__github_repo_analyze", "mcp__claude-flow__github_pr_manage", "mcp__claude-flow__github_release_coord", "mcp__claude-flow__github_issue_track", "mcp__claude-flow__github_workflow_auto", "mcp__claude-flow__github_metrics", "mcp__claude-flow__agent_spawn", "mcp__claude-flow__memory_usage"]
+---
+
+# GitHub Integration & Automation
+
+Comprehensive GitHub integration for repository management, automated workflows, and team collaboration.
+
+**Action**: $ARGUMENTS
+
+## Available Actions
+
+### Repository Management
+- `analyze <repo>` - Comprehensive repository analysis
+- `metrics <repo>` - Repository health and activity metrics
+- `security-scan <repo>` - Security vulnerability scanning
+- `performance-audit <repo>` - Performance and quality assessment
+
+### Pull Request Management
+- `pr create <title>` - Create PR with AI-generated description
+- `pr review <number>` - Automated code review with suggestions
+- `pr merge <number>` - Smart merge with conflict resolution
+- `pr status` - Show all open PRs with analysis
+
+### Issue Management
+- `issue create <title>` - Create issue with templates
+- `issue triage` - AI-powered issue triage and labeling
+- `issue assign` - Smart assignment based on expertise
+- `issue close <number>` - Close issue with summary
+
+### Release Management
+- `release create <version>` - Create release with changelog
+- `release notes <version>` - Generate release notes
+- `release deploy <version>` - Coordinate deployment
+
+### Workflow Automation
+- `workflow setup` - Configure GitHub Actions workflows
+- `workflow status` - Monitor workflow runs
+- `workflow optimize` - Optimize CI/CD performance
+
+## Key Features
+
+### 🔍 AI-Powered Repository Analysis
+
+#### Code Quality Assessment
+- **Architecture Analysis**: Design patterns, SOLID principles compliance
+- **Code Complexity**: Cyclomatic complexity, maintainability index
+- **Technical Debt**: Identification and prioritization
+- **Documentation Quality**: README, API docs, inline comments
+
+#### Security Analysis
+- **Vulnerability Scanning**: Dependencies, code patterns, configurations
+- **Secret Detection**: API keys, passwords, certificates
+- **Access Control**: Repository permissions and branch protection
+- **Supply Chain**: Dependency risk assessment
+
+#### Performance Metrics
+- **Build Performance**: CI/CD execution times, bottlenecks
+- **Code Performance**: Static analysis, performance patterns
+- **Repository Health**: Commit frequency, contributor activity
+- **Issue Resolution**: Response times, resolution rates
+
+### 🤖 Automated Code Review
+
+#### Intelligent PR Analysis
+- **Change Impact**: Affected components and systems
+- **Risk Assessment**: Breaking changes, security implications
+- **Test Coverage**: Missing tests, coverage impact
+- **Documentation**: Required documentation updates
+
+#### Review Automation
+- **Style Compliance**: Code formatting, naming conventions
+- **Best Practices**: Language-specific recommendations
+- **Performance Impact**: Bundle size, runtime performance
+- **Security Review**: Vulnerability patterns, secure coding
+
+### 📈 Advanced Metrics & Insights
+
+#### Team Productivity
+- **Contributor Analysis**: Activity patterns, expertise areas
+- **Collaboration Metrics**: PR review patterns, response times
+- **Knowledge Sharing**: Documentation contributions, mentoring
+- **Burnout Detection**: Workload analysis, health indicators
+
+#### Project Health
+- **Velocity Tracking**: Feature delivery, sprint performance
+- **Quality Trends**: Bug rates, test coverage over time
+- **Maintenance Load**: Technical debt, refactoring needs
+- **Community Growth**: Star/fork growth, issue engagement
+
+## Usage Examples
+
+### Repository Analysis
+```bash
+# Comprehensive repository analysis
+/github analyze myorg/myrepo
+
+# Output includes:
+# - Code quality score (1-10)
+# - Security vulnerability count
+# - Performance bottlenecks
+# - Improvement recommendations
+# - Contributor activity analysis
+```
+
+### PR Management
+```bash
+# Create PR with AI description
+/github pr create "Add user authentication"
+
+# Automated code review
+/github pr review 123
+
+# Output:
+# - Code quality assessment
+# - Security review
+# - Performance impact
+# - Test coverage analysis
+# - Suggested improvements
+```
+
+### Issue Triage
+```bash
+# AI-powered issue triage
+/github issue triage
+
+# Automatically:
+# - Labels issues by type/priority
+# - Assigns to appropriate team members
+# - Estimates effort/complexity
+# - Suggests related issues
+```
+
+### Release Management
+```bash
+# Create release with changelog
+/github release create v2.1.0
+
+# Automatically:
+# - Generates changelog from commits
+# - Identifies breaking changes
+# - Creates release notes
+# - Tags version and triggers deployment
+```
+
+## Sample Analysis Output
+
+```markdown
+# Repository Analysis: myorg/awesome-project
+
+## 🏆 Overall Health Score: 8.7/10
+
+### 🔍 Code Quality (9.2/10)
+- **Architecture**: Well-structured, follows SOLID principles
+- **Complexity**: Low average complexity (2.3/10)
+- **Documentation**: Comprehensive README, 85% API coverage
+- **Testing**: 94% code coverage, good test quality
+
+### 🛡️ Security (7.8/10)
+- **Vulnerabilities**: 2 medium-risk dependencies
+- **Secrets**: No exposed secrets detected
+- **Permissions**: Appropriate branch protection rules
+- **Recommendations**: Update lodash to v4.17.21
+
+### 🚀 Performance (8.5/10)
+- **Build Time**: 3.2 minutes (good)
+- **Bundle Size**: 245KB (acceptable)
+- **CI Efficiency**: 95% success rate
+- **Bottlenecks**: Database tests could be optimized
+
+### 📈 Team Metrics
+- **Active Contributors**: 12 (last 30 days)
+- **PR Response Time**: 4.2 hours average
+- **Issue Resolution**: 89% within SLA
+- **Knowledge Distribution**: Good (no single points of failure)
+
+## 📝 Recommendations
+1. **Security**: Update 2 vulnerable dependencies
+2. **Performance**: Optimize database test suite
+3. **Process**: Consider automated dependency updates
+4. **Documentation**: Add contribution guidelines
+```
+
+## Workflow Automation
+
+### CI/CD Optimization
+- **Pipeline Analysis**: Identify bottlenecks and optimization opportunities
+- **Parallel Execution**: Suggest parallelization strategies
+- **Caching**: Optimize build caches and artifact storage
+- **Resource Usage**: Monitor and optimize runner usage
+
+### Quality Gates
+- **Automated Testing**: Ensure comprehensive test coverage
+- **Security Scanning**: Integrate security checks into pipelines
+- **Performance Testing**: Monitor performance regressions
+- **Documentation**: Ensure documentation stays up-to-date
+
+## Multi-Repository Management
+
+### Organization Overview
+- **Repository Health Dashboard**: Cross-repo metrics and trends
+- **Dependency Management**: Shared dependency updates
+- **Security Compliance**: Organization-wide security policies
+- **Knowledge Sharing**: Cross-team learning and best practices
+
+### Release Coordination
+- **Multi-Repo Releases**: Coordinate releases across services
+- **Dependency Tracking**: Monitor inter-service dependencies
+- **Rollback Management**: Coordinate rollbacks across systems
+- **Communication**: Automated stakeholder notifications
+
+## Integration with Claude Flow
+
+- **Agent Coordination**: Deploy specialized GitHub agents
+- **Memory Persistence**: Remember repository context across sessions
+- **Learning**: Improve recommendations based on team patterns
+- **Automation**: Custom workflows based on team preferences
+
+Streamline your GitHub workflow with AI-powered automation and insights.

package/claude-assets/commands/hooks.md

@@ -0,0 +1,38 @@
+---
+description: "Automation hooks management"
+argument-hint: "<action> [parameters]"
+allowed-tools: ["Bash", "mcp__claude-flow-novice__memory_usage"]
+---
+
+# Automation Hooks Management
+
+Manage automation hooks for pre/post operations and session coordination.
+
+**Action**: $ARGUMENTS
+
+**Available Hook Actions**:
+- `enable` - Enable all automation hooks
+- `disable` - Disable automation hooks
+- `pre-task "<description>"` - Execute pre-task hook
+- `post-task "<task-id>"` - Execute post-task hook
+- `session-start` - Start coordination session
+- `session-end` - End session with summary
+- `notify "<message>"` - Send notification to swarm
+
+**Hook Types**:
+
+## Pre-Operation Hooks
+- **Pre-Command**: Validate commands for safety
+- **Pre-Edit**: Auto-assign agents by file type
+- **Pre-Task**: Prepare resources and context
+
+## Post-Operation Hooks
+- **Post-Command**: Track metrics and results
+- **Post-Edit**: Auto-format code and update memory
+- **Post-Task**: Store completion data
+
+## Session Hooks
+- **Session Start**: Initialize coordination context
+- **Session End**: Generate summaries and persist state
+
+Execute the specified hook action and coordinate with the claude-flow-novice system for automation.