claude-sfdx-iq 1.2.0

package/.claude-plugin/plugin.json

@@ -0,0 +1,27 @@
+{
+  "name": "claude-sfdx-iq",
+  "version": "1.2.0",
+  "description": "Complete Salesforce DX plugin for Claude Code — agents, skills, hooks, commands, and rules for Apex, LWC, SOQL, Flows, and SFDX CI/CD",
+  "author": {
+    "name": "Bhanu Vakati"
+  },
+  "homepage": "https://github.com/bhanu91221/claude-sfdx-iq",
+  "repository": "https://github.com/bhanu91221/claude-sfdx-iq",
+  "license": "MIT",
+  "keywords": [
+    "claude-code",
+    "salesforce",
+    "sfdx",
+    "apex",
+    "lwc",
+    "soql",
+    "flows",
+    "governor-limits",
+    "tdd",
+    "code-review",
+    "security",
+    "workflow",
+    "automation",
+    "best-practices"
+  ]
+}

package/.claude-project-template/CLAUDE.md

@@ -0,0 +1,148 @@
+# CLAUDE.md — Salesforce DX Project
+
+## Project Overview
+
+<!-- Describe your Salesforce project, org type, package namespace if any -->
+This is a Salesforce DX project using [org type: scratch/sandbox/production].
+- Namespace: [your namespace or empty]
+- API Version: 62.0
+- Package Type: [unlocked/managed/unmanaged]
+
+## claude-sfdx-iq Plugin
+
+This project uses the **claude-sfdx-iq** plugin for Salesforce development.
+
+### Plugin Configuration
+- **Installed**: v1.2.0
+- **Rules**: 44 rules in `.claude/rules/` (~43k tokens total)
+- **Token Optimization**: context-assigner agent loads only 5-8 rules per task (5k-15k tokens)
+- **Hook Profile**: `standard` (balanced checks)
+
+### Available Commands
+
+Run `/help` to see all 53 commands, including:
+- `/deploy` — Deploy to Salesforce org with validation
+- `/test` — Run Apex tests with coverage analysis
+- `/apex-review` — Review Apex code quality
+- `/lwc-review` — Review LWC components
+- `/security-scan` — CRUD/FLS/sharing/injection scan
+- `/governor-check` — Governor limit risk analysis
+- `/tdd` — Test-driven development workflow
+- `/scaffold-trigger` — Generate trigger + handler + test
+- `/scaffold-lwc` — Generate LWC component boilerplate
+- `/code-review` — Full code review with parallel agents
+
+### Context Loading (Skills & Rules) — CRITICAL
+
+Skills and rules are loaded dynamically based on each user task. This section defines how context loading works.
+
+#### Per-Message Context Analysis
+
+On EVERY user message that involves a Salesforce development task:
+
+1. **Invoke the context-assigner agent** with the user's message
+2. **Parse the recommendation** — the agent returns a `---CONTEXT-RECOMMENDATION---` block listing skills and rules to load
+3. **Load the recommended components** using the Read tool:
+   - Skills: `.claude/skills-available/<skill-name>/SKILL.md`
+   - Rules: `.claude/rules/<rule-path>.md`
+4. **Announce what was loaded** — ALWAYS display this summary to the user:
+
+```
+Context Loaded for: [Task description]
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+Skills ([count]): [comma-separated names]
+Rules ([count]): [comma-separated names]
+~Tokens: [estimated total]
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+```
+
+5. **Proceed with the task** using the loaded skill/rule knowledge
+
+#### Context Re-evaluation
+
+- If the user's next message **changes domain** (e.g., from Apex to LWC), re-invoke context-assigner and load fresh context
+- If the user **continues in the same domain**, reuse current context (no need to re-invoke)
+- If the user **explicitly asks** to reload context, re-invoke context-assigner
+
+#### Context Delegation to Subagents
+
+When delegating to specialized agents (e.g., apex-reviewer, lwc-reviewer, soql-optimizer):
+
+1. **Include loaded context in the agent prompt** — When invoking a subagent via the Agent tool, include the relevant skill/rule content directly in the prompt so the subagent has access to it. Subagents run in isolated contexts and cannot see what the main agent has loaded.
+2. **Domain-specific delegation** — When launching multiple agents (e.g., /code-review), each agent should receive ONLY the context relevant to its domain:
+   - apex-reviewer gets: apex skills + apex rules + common rules + soql rules (SOQL is part of Apex)
+   - lwc-reviewer gets: lwc skills + lwc rules + common rules
+   - soql-optimizer gets: soql skills + soql rules + common rules
+   - security-reviewer gets: security skills + all security rules across domains
+   - governor-limits-checker gets: governor-limits skill + apex/governor-limits rule + common rules
+3. **Token efficiency** — Only pass the loaded context that matches the agent's domain. Do not dump all loaded context into every agent.
+
+#### Handling --custom Mode
+
+If the user includes `--custom skills`, `--custom rules`, or `--custom skills rules`:
+
+1. The context-assigner returns CUSTOM_MODE with index table(s)
+2. **Display the index table(s)** to the user
+3. **Ask**: "Select by number (e.g., 1,3,5-7), domain name (e.g., apex), or 'all'"
+4. **Parse the user's selection** and load those items using Read tool:
+   - Skills: `.claude/skills-available/<name>/SKILL.md`
+   - Rules: `.claude/rules/<name>.md`
+5. **Display the context summary** as above
+6. **Proceed with the original task**
+
+#### On-demand: /context
+
+Use `/context` to inspect currently loaded context or browse available components.
+
+**Available components:**
+
+@.claude/rules/index.md
+
+## Development Workflow
+
+- Default org alias: [your-org-alias]
+- Scratch org duration: 7 days
+- Scratch org definition: config/project-scratch-def.json
+- Test minimum: 90% coverage
+- Deployment: validate first, then quick deploy
+
+## Architecture
+
+- **Trigger framework**: one-trigger-per-object with handler delegation
+- **Service layer**: `*Service.cls` for business logic (stateless, bulkified)
+- **Selector layer**: `*Selector.cls` for SOQL (centralized queries)
+- **Domain layer**: `*Domain.cls` for SObject validation/behavior
+- **Test data**: `TestDataFactory.cls` for reusable test data creation
+
+## Team Conventions
+
+<!-- Add your team's specific conventions here -->
+- Always use TestDataFactory for test data — no inline record creation
+- All triggers must go through TriggerHandler framework
+- Feature branches: `feature/TICKET-description`
+- Commit format: `feat|fix|refactor|test: description`
+- 90%+ test coverage required for all Apex classes
+
+## External Integrations
+
+<!-- List named credentials and their purposes -->
+- [NamedCredential] — [Purpose and target system]
+
+## Environment Notes
+
+<!-- Any org-specific notes, limitations, or known issues -->
+- [Document any org-specific configuration here]
+- [Note any managed packages installed and their impact]
+
+## Hook Configuration
+
+Current hook profile: **standard** (balanced checks)
+
+Available profiles:
+- `minimal` — Critical checks only (fastest)
+- `standard` — Balanced checks (default)
+- `strict` — All checks including style warnings
+
+To change: Set `CSIQ_HOOK_PROFILE=minimal` in `.claude/settings.json`
+
+To disable specific hooks: Set `CSIQ_DISABLED_HOOKS="post-edit-pmd-scan,post-edit-debug-warn"`

package/.claude-project-template/README.md

@@ -0,0 +1,130 @@
+# Claude SFDX IQ — Project Template
+
+This directory contains the project-level configuration template for claude-sfdx-iq.
+
+## What's Included
+
+- **settings.json** — Plugin configuration for this project
+- **CLAUDE.md** — Project documentation template with plugin guidance
+
+## How to Use
+
+### Option 1: Automated Setup (Recommended)
+
+From your Salesforce DX project root:
+
+```bash
+npx claude-sfdx-iq setup-project
+# Or if npm is blocked (corporate VPN): use /setup-project slash command in Claude Code
+```
+
+This will:
+1. Copy all 44 rules to `.claude/rules/`
+2. Copy settings.json and CLAUDE.md to `.claude/`
+3. Verify you're in an SFDX project (checks for sfdx-project.json)
+
+### Option 2: Manual Setup
+
+```bash
+cd /path/to/your/sfdx-project
+
+# Create .claude directory if it doesn't exist
+mkdir -p .claude
+
+# Copy rules from the plugin
+cp -r ~/.claude/plugins/claude-sfdx-iq/rules ./.claude/rules
+
+# Copy configuration templates
+cp ~/.claude/plugins/claude-sfdx-iq/.claude-project-template/settings.json ./.claude/settings.json
+cp ~/.claude/plugins/claude-sfdx-iq/.claude-project-template/CLAUDE.md ./CLAUDE.md
+```
+
+### Option 3: Copy from GitHub
+
+If you haven't installed the plugin yet:
+
+```bash
+# Clone the repo temporarily
+git clone https://github.com/bhanu91221/claude-sfdx-iq.git /tmp/claude-sfdx-iq
+
+cd /path/to/your/sfdx-project
+mkdir -p .claude
+
+# Copy rules
+cp -r /tmp/claude-sfdx-iq/rules ./.claude/rules
+
+# Copy templates
+cp /tmp/claude-sfdx-iq/.claude-project-template/settings.json ./.claude/settings.json
+cp /tmp/claude-sfdx-iq/.claude-project-template/CLAUDE.md ./CLAUDE.md
+```
+
+## What Gets Copied
+
+### Rules Directory (44 files, ~43k tokens total)
+
+```
+.claude/rules/
+├── index.md              # Rules catalog with token counts
+├── apex/                 # 9 Apex rules (~11k tokens)
+├── common/               # 9 Common rules (~6k tokens)
+├── lwc/                  # 6 LWC rules (~4.5k tokens)
+├── soql/                 # 6 SOQL rules (~6.7k tokens)
+├── flows/                # 6 Flow rules (~6.9k tokens)
+└── metadata/             # 8 Metadata rules (~8k tokens)
+```
+
+**Token Optimization**: The context-assigner agent loads only 5-8 rules per task, saving ~30,000 tokens per session.
+
+### Configuration Files
+
+- **settings.json** — Enables the plugin for this project, configures hook profile
+- **CLAUDE.md** — Project documentation with rule references and command list
+
+## Verification
+
+After setup, verify everything is configured:
+
+```bash
+# Check rules are installed
+ls .claude/rules/
+
+# Check settings exist
+cat .claude/settings.json
+
+# Check CLAUDE.md exists
+cat CLAUDE.md
+```
+
+## Customization
+
+### Adjust Hook Profile
+
+Edit `.claude/settings.json`:
+
+```json
+{
+  "environment": {
+    "CSIQ_HOOK_PROFILE": "minimal"  // or "standard" or "strict"
+  }
+}
+```
+
+### Disable Specific Hooks
+
+```json
+{
+  "environment": {
+    "CSIQ_DISABLED_HOOKS": "post-edit-pmd-scan,post-edit-debug-warn"
+  }
+}
+```
+
+### Custom Project Conventions
+
+Edit `CLAUDE.md` to add your team's conventions, integrations, and environment notes.
+
+## Need Help?
+
+- Run `/help` in Claude Code
+- Visit: https://github.com/bhanu91221/claude-sfdx-iq
+- Issues: https://github.com/bhanu91221/claude-sfdx-iq/issues

package/.claude-project-template/settings.json

@@ -0,0 +1,19 @@
+{
+  "plugins": {
+    "claude-sfdx-iq": {
+      "enabled": true,
+      "rulesPath": "./.claude/rules",
+      "contextAssignerEnabled": true,
+      "hookProfile": "standard"
+    }
+  },
+  "environment": {
+    "CSIQ_HOOK_PROFILE": "standard",
+    "CSIQ_DISABLED_HOOKS": ""
+  },
+  "metadata": {
+    "projectType": "sfdx",
+    "setupComplete": true,
+    "installedVersion": "1.2.0"
+  }
+}

package/AGENTS.md

@@ -0,0 +1,124 @@
+# Claude SFDX IQ — Agent Instructions
+
+This is a **Salesforce DX Claude Code plugin** providing 14 specialized agents, 36 skills, 53 commands, 44 rules across 6 categories, 16 hook scripts, 7 CLI tools, 5 mode contexts, and automated hook workflows for Salesforce development.
+
+## Core Principles
+
+1. **Governor-Limits-First** — Every code path evaluated for SOQL, DML, CPU, heap limits
+2. **Security-First** — CRUD/FLS enforcement, `with sharing`, no SOQL injection
+3. **Test-Driven** — 75% minimum (90%+ target), Apex test-first, LWC Jest
+4. **Bulkification Always** — Handle 200+ records in every trigger and batch context
+5. **Plan Before Execute** — Plan complex Salesforce features before writing code
+6. **Agent-First** — Delegate to specialized Salesforce agents for domain tasks
+
+## Available Agents
+
+| Agent | Purpose | When to Use |
+|-------|---------|-------------|
+| planner | SFDC implementation planning | Complex features, multi-object changes |
+| architect | Solution architecture | Data model, integration patterns, scalability |
+| apex-reviewer | Apex code quality review | After writing/modifying Apex code |
+| lwc-reviewer | LWC component review | After writing/modifying LWC components |
+| soql-optimizer | SOQL/SOSL query analysis | Query performance, selectivity issues |
+| security-reviewer | Security vulnerability scan | CRUD/FLS, sharing, injection, before commits |
+| governor-limits-checker | Governor limit analysis | Code with loops, queries, DML operations |
+| deployment-specialist | Deployment and packaging | sf deploy, package versions, destructive changes |
+| test-guide | Salesforce TDD workflow | New features, bug fixes, test coverage |
+| flow-analyst | Flow best practices review | Flow automation analysis |
+| integration-specialist | Integration patterns | REST/SOAP callouts, platform events, CDC |
+| metadata-analyst | Metadata analysis | Dependencies, unused components, org health |
+| data-modeler | Data model design | Object relationships, schema optimization |
+| admin-advisor | Declarative configuration | Permission sets, sharing rules, validation rules |
+
+## Agent Orchestration
+
+Use agents proactively without user prompt:
+- Complex feature requests → **planner**
+- Apex code written/modified → **apex-reviewer**
+- LWC code written/modified → **lwc-reviewer**
+- SOQL queries added/changed → **soql-optimizer**
+- Bug fix or new feature → **test-guide**
+- Architectural decision → **architect**
+- Security-sensitive code → **security-reviewer**
+- Code with loops/queries → **governor-limits-checker**
+- Deployment operations → **deployment-specialist**
+
+Use parallel execution for independent operations — launch multiple agents simultaneously.
+
+## Security Guidelines
+
+**Before ANY commit:**
+- [ ] All Apex uses `with sharing` (or explicit justification for `without sharing`)
+- [ ] All SOQL uses bind variables or `WITH SECURITY_ENFORCED`
+- [ ] No dynamic SOQL with string concatenation
+- [ ] `Security.stripInaccessible()` used for DML with user-provided data
+- [ ] No hardcoded credentials, API keys, or tokens
+- [ ] Connected App secrets in Named Credentials, not code
+- [ ] Error messages don't expose field names or object structure to unauthorized users
+
+**If security issue found:** STOP → use security-reviewer agent → fix CRITICAL issues → review codebase for similar issues.
+
+## Coding Style
+
+**Bulkification (CRITICAL):** All trigger handlers must process `Trigger.new` as a collection. No SOQL or DML inside for loops — ever. Use Maps for lookups.
+
+**File organization:** One trigger per object. Handler class per trigger. Service classes for reusable business logic. Selector classes for SOQL encapsulation. 200-400 lines typical, 800 max.
+
+**Naming:** PascalCase for classes, camelCase for methods/variables, UPPER_SNAKE for constants. Descriptive names — `AccountTriggerHandler` not `ATH`.
+
+## Testing Requirements
+
+**Minimum coverage: 75% (Salesforce requirement), target 90%+**
+
+Test types (all required for Apex):
+1. **Unit tests** — Individual methods, utility classes, trigger handlers
+2. **Integration tests** — DML operations, SOQL queries, callout mocks
+3. **Bulk tests** — Test with 200+ records to verify bulkification
+
+**TDD workflow:**
+1. Write test first (RED) — test should FAIL
+2. Write minimal Apex implementation (GREEN) — test should PASS
+3. Refactor (IMPROVE) — verify coverage 90%+
+
+**Test patterns:**
+- Use `@TestSetup` for shared test data
+- Use `TestDataFactory` pattern for reusable test data creation
+- Use `Test.startTest()`/`Test.stopTest()` for governor limit reset
+- Use `System.runAs()` for user context and sharing tests
+- Implement `HttpCalloutMock` for external callout tests
+
+## Development Workflow
+
+1. **Plan** — Use planner agent for complex features
+2. **TDD** — Use test-guide agent, write Apex tests first
+3. **Review** — Use apex-reviewer + security-reviewer agents
+4. **Deploy** — Use deployment-specialist agent for validation and deploy
+5. **Commit** — Conventional commits format
+
+## Git Workflow
+
+**Commit format:** `<type>: <description>` — Types: feat, fix, refactor, docs, test, chore, perf, ci
+
+**Branch naming:** `feature/TICKET-description`, `fix/TICKET-description`, `release/vX.Y.Z`
+
+## Project Structure
+
+```
+agents/          — 14 specialized Salesforce subagents
+skills/          — 36 Salesforce domain skills
+commands/        — 53 slash commands
+hooks/           — Trigger-based automations with 16 hook scripts
+rules/           — 44 always-follow guidelines (common + apex + lwc + soql + flows + metadata)
+contexts/        — 5 mode-specific context files (develop, review, debug, deploy, admin)
+scripts/         — Cross-platform Node.js utilities, 7 CLI tools (claude-sfdx-iq), 10 library scripts
+mcp-configs/     — MCP server configurations
+tests/           — Test suite
+```
+
+## Success Metrics
+
+- All Apex tests pass with 90%+ coverage
+- No security vulnerabilities (CRUD/FLS enforced, no injection)
+- No governor limit violations
+- All code handles 200+ records (bulkified)
+- Code is readable and follows Salesforce best practices

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Bhanu Vakati
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.