claude-flow-novice 2.14.6 → 2.14.8

package/claude-assets/skills/cfn-test-runner/validate-redis-keys.sh

@@ -0,0 +1,143 @@
+#!/bin/bash
+# Redis Key Validator
+# Version: 1.0.0
+# Purpose: Validate Redis key consistency across codebase
+
+set -euo pipefail
+
+# Colors
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+PROJECT_ROOT="$(cd "$SCRIPT_DIR/../../.." && pwd)"
+
+VIOLATIONS=0
+WARNINGS=0
+
+echo -e "${GREEN}=========================================="
+echo "Redis Key Consistency Validator"
+echo -e "==========================================${NC}"
+echo ""
+
+# Standard patterns (from audit)
+VALID_PATTERNS=(
+  "swarm:\${TASK_ID}:\${AGENT_ID}:done"
+  "swarm:\${TASK_ID}:\${AGENT_ID}:confidence"
+  "swarm:\${TASK_ID}:\${AGENT_ID}:result"
+  "swarm:\${TASK_ID}:decision"
+  "swarm:\${TASK_ID}:gate-passed"
+  "swarm:\${TASK_ID}:gate-failed"
+  "swarm:\${TASK_ID}:loop2:consensus"
+  "swarm:metrics:decisions:*"
+)
+
+# Anti-patterns (non-standard)
+ANTI_PATTERNS=(
+  "swarm:\${TASK_ID}:\${AGENT_ID}:decision"  # Should be task-level
+)
+
+echo -e "${BLUE}[1/4] Checking for standard pattern usage...${NC}"
+
+# Find all redis-cli commands
+REDIS_FILES=$(grep -rl "redis-cli" "$PROJECT_ROOT/.claude" "$PROJECT_ROOT/tests" 2>/dev/null || true)
+
+for file in $REDIS_FILES; do
+  # Skip backup files
+  if [[ "$file" =~ \.backup ]]; then
+    continue
+  fi
+  
+  # Check for anti-patterns
+  for anti_pattern in "${ANTI_PATTERNS[@]}"; do
+    # Convert pattern to grep regex
+    grep_pattern=$(echo "$anti_pattern" | sed 's/\$/\\$/g' | sed 's/{[^}]*}/.*/g')
+    
+    if grep -qE "$grep_pattern" "$file" 2>/dev/null; then
+      echo -e "${YELLOW}⚠️  WARNING: Non-standard pattern in $file${NC}"
+      echo "   Found: $anti_pattern"
+      ((WARNINGS++))
+    fi
+  done
+done
+
+echo ""
+echo -e "${BLUE}[2/4] Validating Product Owner decision keys...${NC}"
+
+# Check execute-decision.sh uses correct pattern
+PO_SCRIPT="$PROJECT_ROOT/.claude/skills/cfn-product-owner-decision/execute-decision.sh"
+if [ -f "$PO_SCRIPT" ]; then
+  # Should have: SET "swarm:${TASK_ID}:decision"
+  if grep -q 'SET "swarm:${TASK_ID}:decision"' "$PO_SCRIPT"; then
+    echo -e "${GREEN}✅ Product Owner uses standard decision key${NC}"
+  else
+    echo -e "${RED}❌ VIOLATION: Product Owner decision key non-standard${NC}"
+    ((VIOLATIONS++))
+  fi
+  
+  # Should have TTL (EX 3600)
+  if grep -q 'EX 3600' "$PO_SCRIPT"; then
+    echo -e "${GREEN}✅ Product Owner decision has TTL${NC}"
+  else
+    echo -e "${YELLOW}⚠️  WARNING: Product Owner decision missing TTL${NC}"
+    ((WARNINGS++))
+  fi
+else
+  echo -e "${RED}❌ VIOLATION: Product Owner script not found${NC}"
+  ((VIOLATIONS++))
+fi
+
+echo ""
+echo -e "${BLUE}[3/4] Checking key namespace consistency...${NC}"
+
+# Find keys NOT starting with "swarm:"
+NON_SWARM_KEYS=$(grep -rh "redis-cli.*[\"']" "$PROJECT_ROOT/.claude" "$PROJECT_ROOT/tests" 2>/dev/null | \
+  grep -oE '"[^"]*"' | \
+  grep -v "swarm:" | \
+  grep -v "complete" | \
+  grep -v "^\"$" | \
+  sort -u || true)
+
+if [ -n "$NON_SWARM_KEYS" ]; then
+  echo -e "${YELLOW}⚠️  WARNING: Found keys outside 'swarm:' namespace:${NC}"
+  echo "$NON_SWARM_KEYS" | head -5
+  ((WARNINGS++))
+else
+  echo -e "${GREEN}✅ All keys use 'swarm:' namespace${NC}"
+fi
+
+echo ""
+echo -e "${BLUE}[4/4] Checking for missing TTLs...${NC}"
+
+# Find SET commands without EX/EXPIRE
+NO_TTL_COUNT=$(grep -rh "redis-cli.*SET" "$PROJECT_ROOT/.claude" 2>/dev/null | \
+  grep -v "EX\|EXPIRE" | \
+  wc -l || echo 0)
+
+if [ "$NO_TTL_COUNT" -gt 0 ]; then
+  echo -e "${YELLOW}⚠️  WARNING: $NO_TTL_COUNT SET commands without TTL${NC}"
+  ((WARNINGS++))
+else
+  echo -e "${GREEN}✅ All SET commands have TTL${NC}"
+fi
+
+echo ""
+echo -e "${GREEN}=========================================="
+echo "Validation Summary"
+echo -e "==========================================${NC}"
+echo "Violations: $VIOLATIONS"
+echo "Warnings: $WARNINGS"
+
+if [ $VIOLATIONS -eq 0 ] && [ $WARNINGS -eq 0 ]; then
+  echo -e "${GREEN}✅ PASS: All Redis keys follow standards${NC}"
+  exit 0
+elif [ $VIOLATIONS -eq 0 ]; then
+  echo -e "${YELLOW}⚠️  PASS WITH WARNINGS: $WARNINGS minor issues${NC}"
+  exit 0
+else
+  echo -e "${RED}❌ FAIL: $VIOLATIONS critical violations${NC}"
+  exit 1
+fi

package/claude-assets/skills/hook-pipeline/bash-dependency-checker.sh

@@ -0,0 +1,89 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Bash Dependency Checker
+# Validates script dependencies and checks for their existence
+
+# Check if a file path is provided
+if [[ $# -ne 1 ]]; then
+    echo "Usage: $0 <file_path>" >&2
+    exit 1
+fi
+
+FILE_PATH="$1"
+
+# Skip non-bash files
+if [[ ! "$FILE_PATH" =~ \.(sh|bash)$ ]]; then
+    exit 0
+fi
+
+# Skip empty files
+if [[ ! -s "$FILE_PATH" ]]; then
+    exit 0
+fi
+
+# Function to resolve relative paths
+resolve_path() {
+    local base_dir script_path="$1"
+
+    # If path is absolute, return as-is
+    if [[ "$script_path" =~ ^/ ]]; then
+        echo "$script_path"
+        return 0
+    fi
+
+    # Get base directory of the current script
+    base_dir="$(dirname "$(readlink -f "$FILE_PATH")")"
+
+    # Resolve relative paths
+    readlink -f "$base_dir/$script_path"
+}
+
+# Function to extract script dependencies
+extract_dependencies() {
+    local missing_deps=0
+
+    # Extract sourced scripts using source, ., or direct paths
+    while IFS= read -r line; do
+        local script_path=""
+
+        # Skip comments
+        [[ "$line" =~ ^[[:space:]]*# ]] && continue
+
+        # Match source, ., or sourced script patterns
+        if [[ "$line" =~ ^[[:space:]]*(source|\.)[[:space:]]+([^\;]+) ]]; then
+            script_path="${BASH_REMATCH[2]}"
+        elif [[ "$line" =~ ^[[:space:]]*bash[[:space:]]+([^\;]+) ]]; then
+            script_path="${BASH_REMATCH[1]}"
+        else
+            continue
+        fi
+
+        # Remove surrounding quotes and whitespace
+        script_path=$(echo "$script_path" | xargs)
+
+        # Skip variables and arithmetic expansions (after quote removal)
+        if [[ "$script_path" =~ ^\$ ]]; then
+            continue
+        fi
+
+        # Resolve path
+        local resolved_path
+        resolved_path=$(resolve_path "$script_path")
+
+        # Check if resolved script exists
+        if [[ ! -f "$resolved_path" ]]; then
+            echo "Missing dependency: $resolved_path" >&2
+            missing_deps=$((missing_deps + 1))
+        fi
+    done < "$FILE_PATH"
+
+    return $missing_deps
+}
+
+# Run dependency checks
+if ! extract_dependencies; then
+    exit 1
+fi
+
+exit 0

package/claude-assets/skills/hook-pipeline/bash-pipe-safety.sh

@@ -0,0 +1,69 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Bash Pipe Safety Validator
+# Checks for potential pipe safety issues in bash scripts
+
+# Risky commands list
+RISKY_COMMANDS=(
+    "redis-cli"
+    "curl"
+    "wget"
+    "npm"
+    "docker"
+    "git"
+    "mysql"
+    "psql"
+    "python"
+    "node"
+)
+
+# Check if a file path is provided
+if [[ $# -ne 1 ]]; then
+    echo "Usage: $0 <file_path>" >&2
+    exit 1
+fi
+
+FILE_PATH="$1"
+
+# Skip non-bash files
+if [[ ! "$FILE_PATH" =~ \.(sh|bash)$ ]]; then
+    exit 0
+fi
+
+# Skip empty files
+if [[ ! -s "$FILE_PATH" ]]; then
+    exit 0
+fi
+
+# Check for pipefail (either 'set -o pipefail' or 'set -euo pipefail' or similar)
+if ! grep -qE "set -(o pipefail|[a-z]*o[a-z]*)" "$FILE_PATH" || ! grep -q "pipefail" "$FILE_PATH"; then
+    echo "Warning: Missing 'set -o pipefail' in script" >&2
+    exit 2
+fi
+
+# Function to check for risky pipe usage
+check_pipe_safety() {
+    local line issues=0
+
+    while IFS= read -r line; do
+        # Check for pipe usage without stderr redirection
+        if [[ "$line" =~ \| ]]; then
+            for cmd in "${RISKY_COMMANDS[@]}"; do
+                if [[ "$line" =~ $cmd ]] && [[ ! "$line" =~ (2>/dev/null|2>&1) ]]; then
+                    echo "Potential pipe safety issue in line: $line" >&2
+                    ((issues++))
+                fi
+            done
+        fi
+    done < "$FILE_PATH"
+
+    return $issues
+}
+
+# Run safety checks
+if ! check_pipe_safety; then
+    exit 2
+fi
+
+exit 0

package/claude-assets/skills/hook-pipeline/enforce-lf.sh

@@ -0,0 +1,36 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Enforce Line Endings Validator
+# Converts CRLF to LF for text files
+
+# Check if a file path is provided
+if [[ $# -ne 1 ]]; then
+    echo "Usage: $0 <file_path>" >&2
+    exit 1
+fi
+
+FILE_PATH="$1"
+
+# Skip empty files
+if [[ ! -s "$FILE_PATH" ]]; then
+    exit 0
+fi
+
+# Check if file is binary
+if file --mime-type "$FILE_PATH" | grep -qE '(binary|application/)'; then
+    exit 0
+fi
+
+# Skip files that are already LF (check for carriage return)
+if ! grep -q $'\r' "$FILE_PATH"; then
+    exit 0
+fi
+
+# Convert CRLF to LF
+sed -i 's/\r$//' "$FILE_PATH"
+
+# Optional: Log the conversion
+echo "Converted $FILE_PATH to LF line endings" >&2
+
+exit 0

package/claude-assets/skills/hook-pipeline/js-promise-safety.sh

@@ -0,0 +1,110 @@
+#!/usr/bin/env bash
+# Manual check for unhandled promises (fallback if ESLint not available)
+
+set -euo pipefail
+
+FILE="${1:-}"
+if [[ ! "$FILE" =~ \.(js|ts|jsx|tsx|mjs|cjs)$ ]]; then
+  exit 0
+fi
+
+# Read file into array for context-aware checking
+mapfile -t FILE_LINES < "$FILE"
+
+# Check for async function calls without await/catch/then/return
+UNHANDLED=""
+
+for ((i=0; i<${#FILE_LINES[@]}; i++)); do
+  line_num=$((i + 1))
+  content="${FILE_LINES[$i]}"
+
+  # Skip empty lines and comments
+  if [[ -z "$content" ]] || [[ "$content" =~ ^[[:space:]]*// ]] || [[ "$content" =~ ^[[:space:]]*\* ]]; then
+    continue
+  fi
+
+  # Skip if line doesn't contain function calls
+  if ! echo "$content" | grep -qE '\w+\(\)'; then
+    continue
+  fi
+
+  # Skip function definitions (async function foo(), function foo(), const foo = async)
+  if echo "$content" | grep -qE '(async[[:space:]]+function|function[[:space:]]+|const[[:space:]]+\w+[[:space:]]*=[[:space:]]*async|let[[:space:]]+\w+[[:space:]]*=[[:space:]]*async|var[[:space:]]+\w+[[:space:]]*=[[:space:]]*async)'; then
+    continue
+  fi
+
+  # Skip if line contains await, catch, then, or return
+  if echo "$content" | grep -qE '(await|\.catch|\.then|return)'; then
+    continue
+  fi
+
+  # Check next line for .catch() or .then() chaining (within 2 lines)
+  has_chaining=false
+  for ((j=1; j<=2 && (i+j)<${#FILE_LINES[@]}; j++)); do
+    next_line="${FILE_LINES[$((i+j))]}"
+    if echo "$next_line" | grep -qE '^[[:space:]]*\.(catch|then)'; then
+      has_chaining=true
+      break
+    fi
+  done
+
+  if [[ "$has_chaining" == "true" ]]; then
+    continue
+  fi
+
+  # Check if inside try-catch block (look back up to 10 lines)
+  in_try_catch=false
+  try_depth=0
+  for ((j=1; j<=10 && (i-j)>=0; j++)); do
+    prev_line="${FILE_LINES[$((i-j))]}"
+
+    # Count braces to track depth
+    if echo "$prev_line" | grep -qE '\{'; then
+      ((try_depth++)) || true
+    fi
+    if echo "$prev_line" | grep -qE '\}'; then
+      ((try_depth--)) || true
+    fi
+
+    # Found a try block at same depth
+    if [[ $try_depth -gt 0 ]] && echo "$prev_line" | grep -qE '^[[:space:]]*try[[:space:]]*\{'; then
+      in_try_catch=true
+      break
+    fi
+  done
+
+  if [[ "$in_try_catch" == "true" ]]; then
+    continue
+  fi
+
+  # Extract function name and check if it's async
+  FUNC_NAME=$(echo "$content" | grep -oE '\w+\(\)' | head -1 | sed 's/()//')
+
+  if [[ -z "$FUNC_NAME" ]]; then
+    continue
+  fi
+
+  # Check if function is async (look for async function definition)
+  if grep -qE "async[[:space:]]+(function[[:space:]]+${FUNC_NAME}|const[[:space:]]+${FUNC_NAME}|let[[:space:]]+${FUNC_NAME}|var[[:space:]]+${FUNC_NAME})" "$FILE"; then
+    if [[ -n "$UNHANDLED" ]]; then
+      UNHANDLED="${UNHANDLED}"$'\n'"$line_num:$content"
+    else
+      UNHANDLED="$line_num:$content"
+    fi
+  fi
+done
+
+if [ -n "$UNHANDLED" ]; then
+  echo "⚠️  Promise Safety Warning: Potential unhandled async calls" >&2
+  echo "" >&2
+  echo "$UNHANDLED" | while IFS=: read -r line_num content; do
+    echo "   Line $line_num: ${content}" >&2
+  done
+  echo "" >&2
+  echo "   Recommendation: Add 'await' or '.catch()' to handle promise" >&2
+  echo "   Better: Run ESLint with @typescript-eslint/no-floating-promises" >&2
+  echo "" >&2
+  exit 2
+fi
+
+exit 0

package/claude-assets/skills/hook-pipeline/python-async-safety.py

@@ -0,0 +1,124 @@
+#!/usr/bin/env python3
+import ast
+import sys
+
+class AsyncSafetyVisitor(ast.NodeVisitor):
+    def __init__(self, debug=False):
+        self.async_functions = {}
+        self.unsafe_calls = []
+        self.node_parents = {}
+        self.debug = debug
+
+    def visit(self, node):
+        # Recursive parent tracking
+        for child in ast.iter_child_nodes(node):
+            self.node_parents[child] = node
+        super().visit(node)
+
+    def get_parent(self, node, node_type=None):
+        """Recursively find parent of specified type"""
+        current = self.node_parents.get(node)
+        while current:
+            if node_type is None or isinstance(current, node_type):
+                return current
+            current = self.node_parents.get(current)
+        return None
+
+    def is_awaited(self, node):
+        """Check if node is directly inside an Await context"""
+        # Parent chain traversal to find await
+        parent = self.get_parent(node)
+        while parent:
+            if isinstance(parent, ast.Await):
+                return True
+            parent = self.get_parent(parent)
+        return False
+
+    def is_safe_call(self, node):
+        """Detect safe async calls"""
+        safe_async_funcs = {'create_task', 'gather'}
+        safe_modules = {'asyncio'}
+
+        return (
+            isinstance(node.func, ast.Attribute) and
+            node.func.attr in safe_async_funcs and
+            (node.func.value.id if isinstance(node.func.value, ast.Name) else None) in safe_modules
+        )
+
+    def visit_AsyncFunctionDef(self, node):
+        """Track async function contexts"""
+        self.async_functions[node] = {
+            'name': node.name,
+            'context': node
+        }
+        self.generic_visit(node)
+
+    def visit_Call(self, node):
+        """Detect unsafe async calls"""
+        # Skip if not in async function
+        async_context = next(
+            (func for func, details in self.async_functions.items()
+             if node in ast.walk(details['context'])),
+            None
+        )
+        if not async_context:
+            return
+
+        # Skip if it's a known safe call
+        if self.is_safe_call(node):
+            return
+
+        # Detect function name
+        func_name = (
+            node.func.attr if isinstance(node.func, ast.Attribute)
+            else node.func.id if isinstance(node.func, ast.Name)
+            else 'Unknown'
+        )
+
+        # Detect if call is awaited
+        if not self.is_awaited(node):
+            if self.debug:
+                print(f"Debugging - Unsafe Call: {ast.dump(node)}")
+                print(f"Function: {func_name}, Awaited: False")
+
+            self.unsafe_calls.append(
+                f"Line {node.lineno}: Async function '{async_context.name}' calls '{func_name}' without await"
+            )
+
+        self.generic_visit(node)
+
+def validate_async_safety(file_path, debug=False):
+    try:
+        with open(file_path, 'r') as f:
+            content = f.read()
+            tree = ast.parse(content, filename=file_path)
+    except SyntaxError as e:
+        print(f"Syntax error in {file_path}: {e}")
+        return 1
+    except FileNotFoundError:
+        print(f"File not found: {file_path}")
+        return 1
+
+    visitor = AsyncSafetyVisitor(debug=debug)
+    visitor.visit(tree)
+
+    if visitor.unsafe_calls:
+        print("Async safety warnings:")
+        for call in visitor.unsafe_calls:
+            print(call)
+        return 2
+
+    return 0
+
+def main():
+    if len(sys.argv) < 2:
+        print("Usage: python3 python-async-safety.py <python_file>")
+        return 1
+
+    file_path = sys.argv[1]
+    debug = "--debug" in sys.argv
+    result = validate_async_safety(file_path, debug=debug)
+    sys.exit(result)
+
+if __name__ == '__main__':
+    main()

package/claude-assets/skills/hook-pipeline/python-import-checker.py

@@ -0,0 +1,114 @@
+#!/usr/bin/env python3
+import ast
+import sys
+import importlib.util
+import importlib.machinery
+
+class ImportChecker(ast.NodeVisitor):
+    def __init__(self, debug=False):
+        self.imported_modules = set()
+        self.used_modules = {}
+        self.debug = debug
+
+    def visit_Name(self, node):
+        if isinstance(node.ctx, ast.Load):
+            # Specific modules to check
+            specific_modules = {'json', 'requests', 'numpy', 'np'}
+
+            if node.id in specific_modules and node.id not in self.imported_modules:
+                self.used_modules[node.id] = node.lineno
+        self.generic_visit(node)
+
+    def visit_Import(self, node):
+        for alias in node.names:
+            module_name = alias.name.split('.')[0]
+            self.imported_modules.add(module_name)
+            if alias.asname:
+                self.imported_modules.add(alias.asname)
+            if self.debug:
+                print(f"Imported module: {module_name}")
+        self.generic_visit(node)
+
+    def visit_ImportFrom(self, node):
+        if node.module:
+            base_module = node.module.split('.')[0]
+            self.imported_modules.add(base_module)
+
+            # Capture aliases for modules like 'numpy as np'
+            for alias in node.names:
+                if alias.asname:
+                    self.imported_modules.add(alias.asname)
+
+            if self.debug:
+                print(f"Imported from module: {base_module}")
+        self.generic_visit(node)
+
+def is_module_resolvable(module_name, debug=False):
+    """Specific import detection for known modules"""
+
+    # Always check specific known modules
+    specific_modules = {
+        'json', 'requests', 'numpy', 'np',
+        'pandas', 'scipy', 'sklearn', 'matplotlib'
+    }
+
+    if module_name in specific_modules:
+        return False
+
+    # Standard library
+    standard_modules = {
+        'sys', 'os', 're', 'typing', 'collections', 'dataclasses',
+        'datetime', 'math', 'asyncio', 'argparse', 'random',
+        'functools', 'itertools', 'enum', 'pathlib', 'subprocess'
+    }
+
+    if module_name in standard_modules:
+        return True
+
+    # Fallback resolution strategies
+    try:
+        return importlib.util.find_spec(module_name) is not None
+    except (ImportError, AttributeError):
+        return False
+
+def validate_imports(file_path, debug=False):
+    try:
+        with open(file_path, 'r') as f:
+            tree = ast.parse(f.read(), filename=file_path)
+    except SyntaxError as e:
+        print(f"Syntax error in {file_path}: {e}")
+        return 1
+    except FileNotFoundError:
+        print(f"File not found: {file_path}")
+        return 1
+
+    visitor = ImportChecker(debug=debug)
+    visitor.visit(tree)
+
+    # Check for unresolved modules
+    unresolved_modules = [
+        (module, lineno) for module, lineno in visitor.used_modules.items()
+        if not is_module_resolvable(module, debug=debug)
+    ]
+
+    # Validation
+    if unresolved_modules:
+        print("Import resolution warnings:")
+        for module, lineno in unresolved_modules:
+            print(f"Line {lineno}: Unable to resolve import: {module}")
+        return 2
+
+    return 0
+
+def main():
+    if len(sys.argv) < 2:
+        print("Usage: python3 python-import-checker.py <python_file>")
+        return 1
+
+    file_path = sys.argv[1]
+    debug = "--debug" in sys.argv
+    result = validate_imports(file_path, debug=debug)
+    sys.exit(result)
+
+if __name__ == '__main__':
+    main()