code-ai-installer 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (925) hide show
  1. package/.agents/a11y_baseline/SKILL.md +260 -41
  2. package/.agents/a11y_baseline/agents/claude.json +2 -2
  3. package/.agents/a11y_baseline/agents/copilot.json +2 -2
  4. package/.agents/a11y_baseline/agents/gemini.json +2 -2
  5. package/.agents/a11y_baseline/agents/openai.yaml +1 -1
  6. package/.agents/a11y_baseline/agents/qwen.json +2 -2
  7. package/.agents/a11y_baseline/agents/skill.yaml +2 -2
  8. package/.agents/adr_log/SKILL.md +369 -69
  9. package/.agents/adr_log/agents/claude.json +2 -2
  10. package/.agents/adr_log/agents/copilot.json +2 -2
  11. package/.agents/adr_log/agents/gemini.json +2 -2
  12. package/.agents/adr_log/agents/openai.yaml +1 -1
  13. package/.agents/adr_log/agents/qwen.json +2 -2
  14. package/.agents/adr_log/agents/skill.yaml +2 -2
  15. package/.agents/api_contract_compliance_review/SKILL.md +224 -18
  16. package/.agents/api_contract_compliance_review/agents/claude.json +2 -2
  17. package/.agents/api_contract_compliance_review/agents/copilot.json +2 -2
  18. package/.agents/api_contract_compliance_review/agents/gemini.json +2 -2
  19. package/.agents/api_contract_compliance_review/agents/openai.yaml +1 -1
  20. package/.agents/api_contract_compliance_review/agents/qwen.json +2 -2
  21. package/.agents/api_contract_compliance_review/agents/skill.yaml +2 -2
  22. package/.agents/api_contracts/SKILL.md +329 -42
  23. package/.agents/api_contracts/agents/claude.json +2 -2
  24. package/.agents/api_contracts/agents/copilot.json +2 -2
  25. package/.agents/api_contracts/agents/gemini.json +2 -2
  26. package/.agents/api_contracts/agents/openai.yaml +1 -1
  27. package/.agents/api_contracts/agents/qwen.json +2 -2
  28. package/.agents/api_contracts/agents/skill.yaml +2 -2
  29. package/.agents/architecture_compliance_review/SKILL.md +213 -17
  30. package/.agents/architecture_compliance_review/agents/claude.json +2 -2
  31. package/.agents/architecture_compliance_review/agents/copilot.json +2 -2
  32. package/.agents/architecture_compliance_review/agents/gemini.json +2 -2
  33. package/.agents/architecture_compliance_review/agents/openai.yaml +1 -1
  34. package/.agents/architecture_compliance_review/agents/qwen.json +2 -2
  35. package/.agents/architecture_compliance_review/agents/skill.yaml +2 -2
  36. package/.agents/architecture_doc/SKILL.md +384 -92
  37. package/.agents/architecture_doc/agents/claude.json +2 -2
  38. package/.agents/architecture_doc/agents/copilot.json +2 -2
  39. package/.agents/architecture_doc/agents/gemini.json +2 -2
  40. package/.agents/architecture_doc/agents/openai.yaml +1 -1
  41. package/.agents/architecture_doc/agents/qwen.json +2 -2
  42. package/.agents/architecture_doc/agents/skill.yaml +2 -2
  43. package/.agents/board/SKILL.md +232 -43
  44. package/.agents/board/agents/claude.json +2 -2
  45. package/.agents/board/agents/copilot.json +2 -2
  46. package/.agents/board/agents/gemini.json +2 -2
  47. package/.agents/board/agents/openai.yaml +1 -1
  48. package/.agents/board/agents/qwen.json +2 -2
  49. package/.agents/board/agents/skill.yaml +2 -2
  50. package/.agents/cloud_infrastructure_security/SKILL.md +277 -68
  51. package/.agents/cloud_infrastructure_security/agents/claude.json +2 -2
  52. package/.agents/cloud_infrastructure_security/agents/copilot.json +2 -2
  53. package/.agents/cloud_infrastructure_security/agents/gemini.json +2 -2
  54. package/.agents/cloud_infrastructure_security/agents/openai.yaml +1 -1
  55. package/.agents/cloud_infrastructure_security/agents/qwen.json +2 -2
  56. package/.agents/cloud_infrastructure_security/agents/skill.yaml +2 -2
  57. package/.agents/code_review_checklist/SKILL.md +200 -47
  58. package/.agents/code_review_checklist/agents/claude.json +2 -2
  59. package/.agents/code_review_checklist/agents/copilot.json +2 -2
  60. package/.agents/code_review_checklist/agents/gemini.json +2 -2
  61. package/.agents/code_review_checklist/agents/openai.yaml +1 -1
  62. package/.agents/code_review_checklist/agents/qwen.json +2 -2
  63. package/.agents/code_review_checklist/agents/skill.yaml +2 -2
  64. package/.agents/current_state_analysis/SKILL.md +225 -44
  65. package/.agents/current_state_analysis/agents/claude.json +2 -2
  66. package/.agents/current_state_analysis/agents/copilot.json +2 -2
  67. package/.agents/current_state_analysis/agents/gemini.json +2 -2
  68. package/.agents/current_state_analysis/agents/openai.yaml +1 -1
  69. package/.agents/current_state_analysis/agents/qwen.json +2 -2
  70. package/.agents/current_state_analysis/agents/skill.yaml +2 -2
  71. package/.agents/data_model/SKILL.md +285 -40
  72. package/.agents/data_model/agents/claude.json +2 -2
  73. package/.agents/data_model/agents/copilot.json +2 -2
  74. package/.agents/data_model/agents/gemini.json +2 -2
  75. package/.agents/data_model/agents/openai.yaml +1 -1
  76. package/.agents/data_model/agents/qwen.json +2 -2
  77. package/.agents/data_model/agents/skill.yaml +2 -2
  78. package/.agents/dependency_supply_chain_review/SKILL.md +300 -20
  79. package/.agents/dependency_supply_chain_review/agents/claude.json +2 -2
  80. package/.agents/dependency_supply_chain_review/agents/copilot.json +2 -2
  81. package/.agents/dependency_supply_chain_review/agents/gemini.json +2 -2
  82. package/.agents/dependency_supply_chain_review/agents/openai.yaml +1 -1
  83. package/.agents/dependency_supply_chain_review/agents/qwen.json +2 -2
  84. package/.agents/dependency_supply_chain_review/agents/skill.yaml +2 -2
  85. package/.agents/deployment_ci_plan/SKILL.md +410 -51
  86. package/.agents/deployment_ci_plan/agents/claude.json +3 -2
  87. package/.agents/deployment_ci_plan/agents/copilot.json +3 -2
  88. package/.agents/deployment_ci_plan/agents/gemini.json +3 -2
  89. package/.agents/deployment_ci_plan/agents/openai.yaml +1 -1
  90. package/.agents/deployment_ci_plan/agents/qwen.json +3 -2
  91. package/.agents/deployment_ci_plan/agents/skill.yaml +2 -1
  92. package/.agents/design_intake/SKILL.md +225 -71
  93. package/.agents/design_intake/agents/claude.json +2 -2
  94. package/.agents/design_intake/agents/copilot.json +2 -2
  95. package/.agents/design_intake/agents/gemini.json +2 -2
  96. package/.agents/design_intake/agents/openai.yaml +1 -1
  97. package/.agents/design_intake/agents/qwen.json +2 -2
  98. package/.agents/design_intake/agents/skill.yaml +2 -2
  99. package/.agents/design_parity_review/SKILL.md +216 -73
  100. package/.agents/design_systems/SKILL.md +432 -15
  101. package/.agents/design_systems/agents/claude.json +2 -2
  102. package/.agents/design_systems/agents/copilot.json +2 -2
  103. package/.agents/design_systems/agents/gemini.json +2 -2
  104. package/.agents/design_systems/agents/openai.yaml +1 -1
  105. package/.agents/design_systems/agents/qwen.json +2 -2
  106. package/.agents/design_systems/agents/skill.yaml +2 -2
  107. package/.agents/dev_reference_snippets/SKILL.md +305 -117
  108. package/.agents/dev_reference_snippets/agents/claude.json +2 -2
  109. package/.agents/dev_reference_snippets/agents/copilot.json +2 -2
  110. package/.agents/dev_reference_snippets/agents/gemini.json +2 -2
  111. package/.agents/dev_reference_snippets/agents/openai.yaml +1 -1
  112. package/.agents/dev_reference_snippets/agents/qwen.json +2 -2
  113. package/.agents/dev_reference_snippets/agents/skill.yaml +2 -2
  114. package/.agents/docker_kubernetes_architecture/SKILL.md +480 -145
  115. package/.agents/docker_kubernetes_architecture/agents/claude.json +2 -2
  116. package/.agents/docker_kubernetes_architecture/agents/copilot.json +2 -2
  117. package/.agents/docker_kubernetes_architecture/agents/gemini.json +2 -2
  118. package/.agents/docker_kubernetes_architecture/agents/openai.yaml +1 -1
  119. package/.agents/docker_kubernetes_architecture/agents/qwen.json +2 -2
  120. package/.agents/docker_kubernetes_architecture/agents/skill.yaml +2 -2
  121. package/.agents/es2025_beast_practices/SKILL.md +433 -8
  122. package/.agents/es2025_beast_practices/agents/claude.json +2 -2
  123. package/.agents/es2025_beast_practices/agents/copilot.json +2 -2
  124. package/.agents/es2025_beast_practices/agents/gemini.json +2 -2
  125. package/.agents/es2025_beast_practices/agents/openai.yaml +1 -1
  126. package/.agents/es2025_beast_practices/agents/qwen.json +2 -2
  127. package/.agents/es2025_beast_practices/agents/skill.yaml +2 -2
  128. package/.agents/gates/SKILL.md +134 -35
  129. package/.agents/gates/agents/claude.json +2 -2
  130. package/.agents/gates/agents/copilot.json +2 -2
  131. package/.agents/gates/agents/gemini.json +2 -2
  132. package/.agents/gates/agents/openai.yaml +1 -1
  133. package/.agents/gates/agents/qwen.json +2 -2
  134. package/.agents/gates/agents/skill.yaml +2 -2
  135. package/.agents/go_beast_practices/SKILL.md +557 -23
  136. package/.agents/go_beast_practices/agents/claude.json +2 -2
  137. package/.agents/go_beast_practices/agents/copilot.json +2 -2
  138. package/.agents/go_beast_practices/agents/gemini.json +2 -2
  139. package/.agents/go_beast_practices/agents/openai.yaml +1 -1
  140. package/.agents/go_beast_practices/agents/qwen.json +2 -2
  141. package/.agents/go_beast_practices/agents/skill.yaml +2 -2
  142. package/.agents/google_stitch_skill/SKILL.md +1 -1
  143. package/.agents/google_stitch_skill/agents/claude.json +5 -6
  144. package/.agents/google_stitch_skill/agents/copilot.json +5 -6
  145. package/.agents/google_stitch_skill/agents/gemini.json +5 -6
  146. package/.agents/google_stitch_skill/agents/openai.yaml +1 -1
  147. package/.agents/google_stitch_skill/agents/qwen.json +5 -6
  148. package/.agents/google_stitch_skill/agents/skill.yaml +4 -5
  149. package/.agents/handoff/SKILL.md +212 -52
  150. package/.agents/handoff/agents/claude.json +2 -2
  151. package/.agents/handoff/agents/copilot.json +2 -2
  152. package/.agents/handoff/agents/gemini.json +2 -2
  153. package/.agents/handoff/agents/openai.yaml +1 -1
  154. package/.agents/handoff/agents/qwen.json +2 -2
  155. package/.agents/handoff/agents/skill.yaml +2 -2
  156. package/.agents/k8s_manifests_conventions/SKILL.md +548 -176
  157. package/.agents/k8s_manifests_conventions/agents/claude.json +2 -2
  158. package/.agents/k8s_manifests_conventions/agents/copilot.json +2 -2
  159. package/.agents/k8s_manifests_conventions/agents/gemini.json +2 -2
  160. package/.agents/k8s_manifests_conventions/agents/openai.yaml +1 -1
  161. package/.agents/k8s_manifests_conventions/agents/qwen.json +2 -2
  162. package/.agents/k8s_manifests_conventions/agents/skill.yaml +2 -2
  163. package/.agents/memory/SKILL.md +219 -29
  164. package/.agents/memory/agents/claude.json +2 -2
  165. package/.agents/memory/agents/copilot.json +2 -2
  166. package/.agents/memory/agents/gemini.json +2 -2
  167. package/.agents/memory/agents/openai.yaml +1 -1
  168. package/.agents/memory/agents/qwen.json +2 -2
  169. package/.agents/memory/agents/skill.yaml +2 -2
  170. package/.agents/mongodb_mongoose_best_practices/SKILL.md +724 -236
  171. package/.agents/mongodb_mongoose_best_practices/agents/claude.json +2 -2
  172. package/.agents/mongodb_mongoose_best_practices/agents/copilot.json +2 -2
  173. package/.agents/mongodb_mongoose_best_practices/agents/gemini.json +2 -2
  174. package/.agents/mongodb_mongoose_best_practices/agents/openai.yaml +1 -1
  175. package/.agents/mongodb_mongoose_best_practices/agents/qwen.json +2 -2
  176. package/.agents/mongodb_mongoose_best_practices/agents/skill.yaml +2 -2
  177. package/.agents/n8n_pinecone_qdrant_supabase/SKILL.md +671 -59
  178. package/.agents/n8n_pinecone_qdrant_supabase/agents/claude.json +2 -2
  179. package/.agents/n8n_pinecone_qdrant_supabase/agents/copilot.json +2 -2
  180. package/.agents/n8n_pinecone_qdrant_supabase/agents/gemini.json +2 -2
  181. package/.agents/n8n_pinecone_qdrant_supabase/agents/openai.yaml +1 -1
  182. package/.agents/n8n_pinecone_qdrant_supabase/agents/qwen.json +2 -2
  183. package/.agents/n8n_pinecone_qdrant_supabase/agents/skill.yaml +2 -2
  184. package/.agents/node_express_beast_practices/SKILL.md +729 -30
  185. package/.agents/node_express_beast_practices/agents/claude.json +1 -1
  186. package/.agents/node_express_beast_practices/agents/copilot.json +1 -1
  187. package/.agents/node_express_beast_practices/agents/gemini.json +1 -1
  188. package/.agents/node_express_beast_practices/agents/openai.yaml +1 -1
  189. package/.agents/node_express_beast_practices/agents/qwen.json +1 -1
  190. package/.agents/node_express_beast_practices/agents/skill.yaml +1 -1
  191. package/.agents/observability_logging/SKILL.md +499 -16
  192. package/.agents/observability_logging/agents/claude.json +2 -2
  193. package/.agents/observability_logging/agents/copilot.json +2 -2
  194. package/.agents/observability_logging/agents/gemini.json +2 -2
  195. package/.agents/observability_logging/agents/openai.yaml +1 -1
  196. package/.agents/observability_logging/agents/qwen.json +2 -2
  197. package/.agents/observability_logging/agents/skill.yaml +2 -2
  198. package/.agents/observability_plan/SKILL.md +279 -38
  199. package/.agents/observability_plan/agents/claude.json +3 -2
  200. package/.agents/observability_plan/agents/copilot.json +3 -2
  201. package/.agents/observability_plan/agents/gemini.json +3 -2
  202. package/.agents/observability_plan/agents/openai.yaml +1 -1
  203. package/.agents/observability_plan/agents/qwen.json +3 -2
  204. package/.agents/observability_plan/agents/skill.yaml +2 -1
  205. package/.agents/observability_review/SKILL.md +254 -20
  206. package/.agents/observability_review/agents/claude.json +2 -2
  207. package/.agents/observability_review/agents/copilot.json +2 -2
  208. package/.agents/observability_review/agents/gemini.json +2 -2
  209. package/.agents/observability_review/agents/openai.yaml +1 -1
  210. package/.agents/observability_review/agents/qwen.json +2 -2
  211. package/.agents/observability_review/agents/skill.yaml +2 -2
  212. package/.agents/performance_review_baseline/SKILL.md +239 -17
  213. package/.agents/performance_review_baseline/agents/claude.json +2 -2
  214. package/.agents/performance_review_baseline/agents/copilot.json +2 -2
  215. package/.agents/performance_review_baseline/agents/gemini.json +2 -2
  216. package/.agents/performance_review_baseline/agents/openai.yaml +1 -1
  217. package/.agents/performance_review_baseline/agents/qwen.json +2 -2
  218. package/.agents/performance_review_baseline/agents/skill.yaml +2 -2
  219. package/.agents/pm_backlog/SKILL.md +250 -32
  220. package/.agents/pm_backlog/agents/claude.json +2 -2
  221. package/.agents/pm_backlog/agents/copilot.json +2 -2
  222. package/.agents/pm_backlog/agents/gemini.json +2 -2
  223. package/.agents/pm_backlog/agents/openai.yaml +1 -1
  224. package/.agents/pm_backlog/agents/qwen.json +2 -2
  225. package/.agents/pm_backlog/agents/skill.yaml +2 -2
  226. package/.agents/pm_interview/SKILL.md +197 -56
  227. package/.agents/pm_interview/agents/claude.json +2 -2
  228. package/.agents/pm_interview/agents/copilot.json +2 -2
  229. package/.agents/pm_interview/agents/gemini.json +2 -2
  230. package/.agents/pm_interview/agents/openai.yaml +1 -1
  231. package/.agents/pm_interview/agents/qwen.json +2 -2
  232. package/.agents/pm_interview/agents/skill.yaml +2 -2
  233. package/.agents/pm_prd/SKILL.md +215 -56
  234. package/.agents/pm_prd/agents/claude.json +2 -2
  235. package/.agents/pm_prd/agents/copilot.json +2 -2
  236. package/.agents/pm_prd/agents/gemini.json +2 -2
  237. package/.agents/pm_prd/agents/openai.yaml +1 -1
  238. package/.agents/pm_prd/agents/qwen.json +2 -2
  239. package/.agents/pm_prd/agents/skill.yaml +2 -2
  240. package/.agents/qa_api_contract_tests/SKILL.md +207 -16
  241. package/.agents/qa_api_contract_tests/agents/claude.json +2 -2
  242. package/.agents/qa_api_contract_tests/agents/copilot.json +2 -2
  243. package/.agents/qa_api_contract_tests/agents/gemini.json +2 -2
  244. package/.agents/qa_api_contract_tests/agents/openai.yaml +1 -1
  245. package/.agents/qa_api_contract_tests/agents/qwen.json +2 -2
  246. package/.agents/qa_api_contract_tests/agents/skill.yaml +2 -2
  247. package/.agents/qa_manual_run/SKILL.md +209 -16
  248. package/.agents/qa_manual_run/agents/claude.json +2 -2
  249. package/.agents/qa_manual_run/agents/copilot.json +2 -2
  250. package/.agents/qa_manual_run/agents/gemini.json +2 -2
  251. package/.agents/qa_manual_run/agents/openai.yaml +1 -1
  252. package/.agents/qa_manual_run/agents/qwen.json +2 -2
  253. package/.agents/qa_manual_run/agents/skill.yaml +2 -2
  254. package/.agents/qa_regression_baseline/SKILL.md +217 -0
  255. package/.agents/qa_regression_baseline/agents/claude.json +19 -0
  256. package/.agents/qa_regression_baseline/agents/copilot.json +19 -0
  257. package/.agents/qa_regression_baseline/agents/gemini.json +19 -0
  258. package/.agents/qa_regression_baseline/agents/openai.yaml +8 -0
  259. package/.agents/qa_regression_baseline/agents/qwen.json +19 -0
  260. package/.agents/qa_regression_baseline/agents/skill.yaml +23 -0
  261. package/.agents/qa_security_smoke_tests/SKILL.md +188 -14
  262. package/.agents/qa_security_smoke_tests/agents/claude.json +2 -2
  263. package/.agents/qa_security_smoke_tests/agents/copilot.json +2 -2
  264. package/.agents/qa_security_smoke_tests/agents/gemini.json +2 -2
  265. package/.agents/qa_security_smoke_tests/agents/openai.yaml +1 -1
  266. package/.agents/qa_security_smoke_tests/agents/qwen.json +2 -2
  267. package/.agents/qa_security_smoke_tests/agents/skill.yaml +2 -2
  268. package/.agents/qa_test_plan/SKILL.md +203 -20
  269. package/.agents/qa_test_plan/agents/claude.json +2 -2
  270. package/.agents/qa_test_plan/agents/copilot.json +2 -2
  271. package/.agents/qa_test_plan/agents/gemini.json +2 -2
  272. package/.agents/qa_test_plan/agents/openai.yaml +1 -1
  273. package/.agents/qa_test_plan/agents/qwen.json +2 -2
  274. package/.agents/qa_test_plan/agents/skill.yaml +2 -2
  275. package/.agents/qa_ui_a11y_smoke/SKILL.md +230 -12
  276. package/.agents/qa_ui_a11y_smoke/agents/claude.json +2 -2
  277. package/.agents/qa_ui_a11y_smoke/agents/copilot.json +2 -2
  278. package/.agents/qa_ui_a11y_smoke/agents/gemini.json +2 -2
  279. package/.agents/qa_ui_a11y_smoke/agents/openai.yaml +1 -1
  280. package/.agents/qa_ui_a11y_smoke/agents/qwen.json +2 -2
  281. package/.agents/qa_ui_a11y_smoke/agents/skill.yaml +2 -2
  282. package/.agents/react_15_3_wix_iframe/SKILL.md +411 -12
  283. package/.agents/react_15_3_wix_iframe/agents/claude.json +2 -2
  284. package/.agents/react_15_3_wix_iframe/agents/copilot.json +2 -2
  285. package/.agents/react_15_3_wix_iframe/agents/gemini.json +2 -2
  286. package/.agents/react_15_3_wix_iframe/agents/openai.yaml +1 -1
  287. package/.agents/react_15_3_wix_iframe/agents/qwen.json +2 -2
  288. package/.agents/react_15_3_wix_iframe/agents/skill.yaml +2 -2
  289. package/.agents/react_beast_practices/SKILL.md +285 -18
  290. package/.agents/react_beast_practices/agents/claude.json +2 -2
  291. package/.agents/react_beast_practices/agents/copilot.json +2 -2
  292. package/.agents/react_beast_practices/agents/gemini.json +2 -2
  293. package/.agents/react_beast_practices/agents/openai.yaml +1 -1
  294. package/.agents/react_beast_practices/agents/qwen.json +2 -2
  295. package/.agents/react_beast_practices/agents/skill.yaml +2 -2
  296. package/.agents/release_gate/SKILL.md +213 -77
  297. package/.agents/release_gate/agents/claude.json +2 -2
  298. package/.agents/release_gate/agents/copilot.json +2 -2
  299. package/.agents/release_gate/agents/gemini.json +2 -2
  300. package/.agents/release_gate/agents/openai.yaml +1 -1
  301. package/.agents/release_gate/agents/qwen.json +2 -2
  302. package/.agents/release_gate/agents/skill.yaml +2 -2
  303. package/.agents/release_gate_checklist_template/SKILL.md +182 -68
  304. package/.agents/review_reference_snippets/SKILL.md +116 -0
  305. package/.agents/security_baseline_dev/SKILL.md +496 -16
  306. package/.agents/security_baseline_dev/agents/claude.json +2 -2
  307. package/.agents/security_baseline_dev/agents/copilot.json +2 -2
  308. package/.agents/security_baseline_dev/agents/gemini.json +2 -2
  309. package/.agents/security_baseline_dev/agents/openai.yaml +1 -1
  310. package/.agents/security_baseline_dev/agents/qwen.json +2 -2
  311. package/.agents/security_baseline_dev/agents/skill.yaml +2 -2
  312. package/.agents/security_review/SKILL.md +277 -55
  313. package/.agents/security_review_baseline/SKILL.md +119 -25
  314. package/.agents/security_review_baseline/agents/claude.json +2 -2
  315. package/.agents/security_review_baseline/agents/copilot.json +2 -2
  316. package/.agents/security_review_baseline/agents/gemini.json +2 -2
  317. package/.agents/security_review_baseline/agents/openai.yaml +1 -1
  318. package/.agents/security_review_baseline/agents/qwen.json +2 -2
  319. package/.agents/security_review_baseline/agents/skill.yaml +2 -2
  320. package/.agents/state_rtk_beast_practices/SKILL.md +735 -15
  321. package/.agents/state_rtk_beast_practices/agents/claude.json +2 -2
  322. package/.agents/state_rtk_beast_practices/agents/copilot.json +2 -2
  323. package/.agents/state_rtk_beast_practices/agents/gemini.json +2 -2
  324. package/.agents/state_rtk_beast_practices/agents/openai.yaml +1 -1
  325. package/.agents/state_rtk_beast_practices/agents/qwen.json +2 -2
  326. package/.agents/state_rtk_beast_practices/agents/skill.yaml +2 -2
  327. package/.agents/state_zustand_beast_practices/SKILL.md +808 -11
  328. package/.agents/state_zustand_beast_practices/agents/claude.json +2 -2
  329. package/.agents/state_zustand_beast_practices/agents/copilot.json +2 -2
  330. package/.agents/state_zustand_beast_practices/agents/gemini.json +2 -2
  331. package/.agents/state_zustand_beast_practices/agents/openai.yaml +1 -1
  332. package/.agents/state_zustand_beast_practices/agents/qwen.json +2 -2
  333. package/.agents/state_zustand_beast_practices/agents/skill.yaml +2 -2
  334. package/.agents/styling_css_stack/SKILL.md +558 -12
  335. package/.agents/styling_css_stack/agents/claude.json +2 -2
  336. package/.agents/styling_css_stack/agents/copilot.json +2 -2
  337. package/.agents/styling_css_stack/agents/gemini.json +2 -2
  338. package/.agents/styling_css_stack/agents/openai.yaml +1 -1
  339. package/.agents/styling_css_stack/agents/qwen.json +2 -2
  340. package/.agents/styling_css_stack/agents/skill.yaml +2 -2
  341. package/.agents/system_design_checklist/SKILL.md +207 -48
  342. package/.agents/system_design_checklist/agents/claude.json +3 -2
  343. package/.agents/system_design_checklist/agents/copilot.json +3 -2
  344. package/.agents/system_design_checklist/agents/gemini.json +3 -2
  345. package/.agents/system_design_checklist/agents/openai.yaml +1 -1
  346. package/.agents/system_design_checklist/agents/qwen.json +3 -2
  347. package/.agents/system_design_checklist/agents/skill.yaml +2 -1
  348. package/.agents/tailwind_beast_practices/SKILL.md +512 -0
  349. package/.agents/tailwind_beast_practices/agents/claude.json +18 -0
  350. package/.agents/tailwind_beast_practices/agents/copilot.json +18 -0
  351. package/.agents/tailwind_beast_practices/agents/gemini.json +18 -0
  352. package/.agents/tailwind_beast_practices/agents/openai.yaml +8 -0
  353. package/.agents/tailwind_beast_practices/agents/qwen.json +18 -0
  354. package/.agents/tailwind_beast_practices/agents/skill.yaml +22 -0
  355. package/.agents/tanstack_beast_practices/SKILL.md +465 -11
  356. package/.agents/tanstack_beast_practices/agents/claude.json +2 -2
  357. package/.agents/tanstack_beast_practices/agents/copilot.json +2 -2
  358. package/.agents/tanstack_beast_practices/agents/gemini.json +2 -2
  359. package/.agents/tanstack_beast_practices/agents/openai.yaml +1 -1
  360. package/.agents/tanstack_beast_practices/agents/qwen.json +2 -2
  361. package/.agents/tanstack_beast_practices/agents/skill.yaml +2 -2
  362. package/.agents/tdd_workflow/SKILL.md +441 -22
  363. package/.agents/tdd_workflow/agents/claude.json +2 -2
  364. package/.agents/tdd_workflow/agents/copilot.json +2 -2
  365. package/.agents/tdd_workflow/agents/gemini.json +2 -2
  366. package/.agents/tdd_workflow/agents/openai.yaml +1 -1
  367. package/.agents/tdd_workflow/agents/qwen.json +2 -2
  368. package/.agents/tdd_workflow/agents/skill.yaml +2 -2
  369. package/.agents/testing_strategy_js/SKILL.md +636 -30
  370. package/.agents/testing_strategy_js/agents/claude.json +2 -2
  371. package/.agents/testing_strategy_js/agents/copilot.json +2 -2
  372. package/.agents/testing_strategy_js/agents/gemini.json +2 -2
  373. package/.agents/testing_strategy_js/agents/openai.yaml +1 -1
  374. package/.agents/testing_strategy_js/agents/qwen.json +2 -2
  375. package/.agents/testing_strategy_js/agents/skill.yaml +2 -2
  376. package/.agents/tests_quality_review/SKILL.md +279 -18
  377. package/.agents/tests_quality_review/agents/claude.json +2 -2
  378. package/.agents/tests_quality_review/agents/copilot.json +2 -2
  379. package/.agents/tests_quality_review/agents/gemini.json +2 -2
  380. package/.agents/tests_quality_review/agents/openai.yaml +1 -1
  381. package/.agents/tests_quality_review/agents/qwen.json +2 -2
  382. package/.agents/tests_quality_review/agents/skill.yaml +2 -2
  383. package/.agents/threat_model_baseline/SKILL.md +210 -57
  384. package/.agents/threat_model_baseline/agents/claude.json +2 -2
  385. package/.agents/threat_model_baseline/agents/copilot.json +2 -2
  386. package/.agents/threat_model_baseline/agents/gemini.json +2 -2
  387. package/.agents/threat_model_baseline/agents/openai.yaml +1 -1
  388. package/.agents/threat_model_baseline/agents/qwen.json +2 -2
  389. package/.agents/threat_model_baseline/agents/skill.yaml +2 -2
  390. package/.agents/tooling_bun_biome/SKILL.md +539 -17
  391. package/.agents/tooling_bun_biome/agents/claude.json +2 -2
  392. package/.agents/tooling_bun_biome/agents/copilot.json +2 -2
  393. package/.agents/tooling_bun_biome/agents/gemini.json +2 -2
  394. package/.agents/tooling_bun_biome/agents/openai.yaml +1 -1
  395. package/.agents/tooling_bun_biome/agents/qwen.json +2 -2
  396. package/.agents/tooling_bun_biome/agents/skill.yaml +2 -2
  397. package/.agents/typescript_beast_practices/SKILL.md +427 -8
  398. package/.agents/typescript_beast_practices/agents/claude.json +2 -2
  399. package/.agents/typescript_beast_practices/agents/copilot.json +2 -2
  400. package/.agents/typescript_beast_practices/agents/gemini.json +2 -2
  401. package/.agents/typescript_beast_practices/agents/openai.yaml +1 -1
  402. package/.agents/typescript_beast_practices/agents/qwen.json +2 -2
  403. package/.agents/typescript_beast_practices/agents/skill.yaml +2 -2
  404. package/.agents/ui_a11y_smoke_review/SKILL.md +195 -15
  405. package/.agents/ui_a11y_smoke_review/agents/claude.json +2 -2
  406. package/.agents/ui_a11y_smoke_review/agents/copilot.json +2 -2
  407. package/.agents/ui_a11y_smoke_review/agents/gemini.json +2 -2
  408. package/.agents/ui_a11y_smoke_review/agents/openai.yaml +1 -1
  409. package/.agents/ui_a11y_smoke_review/agents/qwen.json +2 -2
  410. package/.agents/ui_a11y_smoke_review/agents/skill.yaml +2 -2
  411. package/.agents/ui_inventory/SKILL.md +277 -50
  412. package/.agents/ui_inventory/agents/claude.json +2 -2
  413. package/.agents/ui_inventory/agents/copilot.json +2 -2
  414. package/.agents/ui_inventory/agents/gemini.json +2 -2
  415. package/.agents/ui_inventory/agents/openai.yaml +1 -1
  416. package/.agents/ui_inventory/agents/qwen.json +2 -2
  417. package/.agents/ui_inventory/agents/skill.yaml +2 -2
  418. package/.agents/ux_discovery/SKILL.md +214 -48
  419. package/.agents/ux_discovery/agents/claude.json +2 -2
  420. package/.agents/ux_discovery/agents/copilot.json +2 -2
  421. package/.agents/ux_discovery/agents/gemini.json +2 -2
  422. package/.agents/ux_discovery/agents/openai.yaml +1 -1
  423. package/.agents/ux_discovery/agents/qwen.json +2 -2
  424. package/.agents/ux_discovery/agents/skill.yaml +2 -2
  425. package/.agents/ux_spec/SKILL.md +282 -56
  426. package/.agents/ux_spec/agents/claude.json +2 -2
  427. package/.agents/ux_spec/agents/copilot.json +2 -2
  428. package/.agents/ux_spec/agents/gemini.json +2 -2
  429. package/.agents/ux_spec/agents/openai.yaml +1 -1
  430. package/.agents/ux_spec/agents/qwen.json +2 -2
  431. package/.agents/ux_spec/agents/skill.yaml +2 -2
  432. package/.agents/wix_iframe_sdk/SKILL.md +277 -48
  433. package/.agents/wix_iframe_sdk/agents/claude.json +2 -2
  434. package/.agents/wix_iframe_sdk/agents/copilot.json +2 -2
  435. package/.agents/wix_iframe_sdk/agents/gemini.json +2 -2
  436. package/.agents/wix_iframe_sdk/agents/openai.yaml +1 -1
  437. package/.agents/wix_iframe_sdk/agents/qwen.json +2 -2
  438. package/.agents/wix_iframe_sdk/agents/skill.yaml +2 -2
  439. package/.agents/wix_self_hosted_embedded_script/SKILL.md +605 -82
  440. package/.agents/wix_self_hosted_embedded_script/agents/claude.json +2 -2
  441. package/.agents/wix_self_hosted_embedded_script/agents/copilot.json +2 -2
  442. package/.agents/wix_self_hosted_embedded_script/agents/gemini.json +2 -2
  443. package/.agents/wix_self_hosted_embedded_script/agents/openai.yaml +1 -1
  444. package/.agents/wix_self_hosted_embedded_script/agents/qwen.json +2 -2
  445. package/.agents/wix_self_hosted_embedded_script/agents/skill.yaml +2 -2
  446. package/AGENTS.yaml +2 -0
  447. package/agents/conductor.md +50 -0
  448. package/agents/devops.md +31 -1
  449. package/agents/orchestrator.claude.json +2 -0
  450. package/agents/orchestrator.copilot.json +2 -0
  451. package/agents/orchestrator.gemini.json +2 -0
  452. package/agents/orchestrator.openai.yaml +2 -0
  453. package/agents/orchestrator.qwen.json +2 -0
  454. package/agents/reviewer.md +0 -1
  455. package/agents/senior_full_stack.md +1 -0
  456. package/agents/tester.md +1 -1
  457. package/agents/ux_ui_designer.md +2 -2
  458. package/locales/en/.agents/a11y_baseline/SKILL.md +260 -41
  459. package/locales/en/.agents/a11y_baseline/agents/claude.json +3 -2
  460. package/locales/en/.agents/a11y_baseline/agents/copilot.json +3 -2
  461. package/locales/en/.agents/a11y_baseline/agents/gemini.json +3 -2
  462. package/locales/en/.agents/a11y_baseline/agents/openai.yaml +1 -1
  463. package/locales/en/.agents/a11y_baseline/agents/qwen.json +3 -2
  464. package/locales/en/.agents/a11y_baseline/agents/skill.yaml +2 -1
  465. package/locales/en/.agents/adr_log/SKILL.md +330 -30
  466. package/locales/en/.agents/adr_log/agents/claude.json +5 -5
  467. package/locales/en/.agents/adr_log/agents/copilot.json +5 -5
  468. package/locales/en/.agents/adr_log/agents/gemini.json +5 -5
  469. package/locales/en/.agents/adr_log/agents/openai.yaml +3 -3
  470. package/locales/en/.agents/adr_log/agents/qwen.json +5 -5
  471. package/locales/en/.agents/adr_log/agents/skill.yaml +5 -5
  472. package/locales/en/.agents/api_contract_compliance_review/SKILL.md +218 -12
  473. package/locales/en/.agents/api_contract_compliance_review/agents/claude.json +2 -2
  474. package/locales/en/.agents/api_contract_compliance_review/agents/copilot.json +2 -2
  475. package/locales/en/.agents/api_contract_compliance_review/agents/gemini.json +2 -2
  476. package/locales/en/.agents/api_contract_compliance_review/agents/openai.yaml +1 -1
  477. package/locales/en/.agents/api_contract_compliance_review/agents/qwen.json +2 -2
  478. package/locales/en/.agents/api_contract_compliance_review/agents/skill.yaml +2 -2
  479. package/locales/en/.agents/api_contracts/SKILL.md +323 -36
  480. package/locales/en/.agents/api_contracts/agents/claude.json +2 -2
  481. package/locales/en/.agents/api_contracts/agents/copilot.json +2 -2
  482. package/locales/en/.agents/api_contracts/agents/gemini.json +2 -2
  483. package/locales/en/.agents/api_contracts/agents/openai.yaml +1 -1
  484. package/locales/en/.agents/api_contracts/agents/qwen.json +2 -2
  485. package/locales/en/.agents/api_contracts/agents/skill.yaml +2 -2
  486. package/locales/en/.agents/architecture_compliance_review/SKILL.md +206 -10
  487. package/locales/en/.agents/architecture_compliance_review/agents/claude.json +5 -4
  488. package/locales/en/.agents/architecture_compliance_review/agents/copilot.json +5 -4
  489. package/locales/en/.agents/architecture_compliance_review/agents/gemini.json +5 -4
  490. package/locales/en/.agents/architecture_compliance_review/agents/openai.yaml +3 -3
  491. package/locales/en/.agents/architecture_compliance_review/agents/qwen.json +5 -4
  492. package/locales/en/.agents/architecture_compliance_review/agents/skill.yaml +5 -4
  493. package/locales/en/.agents/architecture_doc/SKILL.md +374 -82
  494. package/locales/en/.agents/architecture_doc/agents/claude.json +2 -2
  495. package/locales/en/.agents/architecture_doc/agents/copilot.json +2 -2
  496. package/locales/en/.agents/architecture_doc/agents/gemini.json +2 -2
  497. package/locales/en/.agents/architecture_doc/agents/openai.yaml +1 -1
  498. package/locales/en/.agents/architecture_doc/agents/qwen.json +2 -2
  499. package/locales/en/.agents/architecture_doc/agents/skill.yaml +2 -2
  500. package/locales/en/.agents/board/SKILL.md +232 -43
  501. package/locales/en/.agents/board/agents/claude.json +2 -2
  502. package/locales/en/.agents/board/agents/copilot.json +2 -2
  503. package/locales/en/.agents/board/agents/gemini.json +2 -2
  504. package/locales/en/.agents/board/agents/openai.yaml +1 -1
  505. package/locales/en/.agents/board/agents/qwen.json +2 -2
  506. package/locales/en/.agents/board/agents/skill.yaml +2 -2
  507. package/locales/en/.agents/cloud_infrastructure_security/SKILL.md +277 -68
  508. package/locales/en/.agents/cloud_infrastructure_security/agents/claude.json +5 -4
  509. package/locales/en/.agents/cloud_infrastructure_security/agents/copilot.json +5 -4
  510. package/locales/en/.agents/cloud_infrastructure_security/agents/gemini.json +5 -4
  511. package/locales/en/.agents/cloud_infrastructure_security/agents/openai.yaml +3 -3
  512. package/locales/en/.agents/cloud_infrastructure_security/agents/qwen.json +5 -4
  513. package/locales/en/.agents/cloud_infrastructure_security/agents/skill.yaml +5 -4
  514. package/locales/en/.agents/code_review_checklist/SKILL.md +194 -41
  515. package/locales/en/.agents/code_review_checklist/agents/claude.json +2 -2
  516. package/locales/en/.agents/code_review_checklist/agents/copilot.json +2 -2
  517. package/locales/en/.agents/code_review_checklist/agents/gemini.json +2 -2
  518. package/locales/en/.agents/code_review_checklist/agents/openai.yaml +1 -1
  519. package/locales/en/.agents/code_review_checklist/agents/qwen.json +2 -2
  520. package/locales/en/.agents/code_review_checklist/agents/skill.yaml +2 -2
  521. package/locales/en/.agents/current_state_analysis/SKILL.md +225 -44
  522. package/locales/en/.agents/current_state_analysis/agents/claude.json +5 -4
  523. package/locales/en/.agents/current_state_analysis/agents/copilot.json +5 -4
  524. package/locales/en/.agents/current_state_analysis/agents/gemini.json +5 -4
  525. package/locales/en/.agents/current_state_analysis/agents/openai.yaml +3 -3
  526. package/locales/en/.agents/current_state_analysis/agents/qwen.json +5 -4
  527. package/locales/en/.agents/current_state_analysis/agents/skill.yaml +5 -4
  528. package/locales/en/.agents/data_model/SKILL.md +277 -32
  529. package/locales/en/.agents/data_model/agents/claude.json +2 -2
  530. package/locales/en/.agents/data_model/agents/copilot.json +2 -2
  531. package/locales/en/.agents/data_model/agents/gemini.json +2 -2
  532. package/locales/en/.agents/data_model/agents/openai.yaml +1 -1
  533. package/locales/en/.agents/data_model/agents/qwen.json +2 -2
  534. package/locales/en/.agents/data_model/agents/skill.yaml +2 -2
  535. package/locales/en/.agents/dependency_supply_chain_review/SKILL.md +291 -11
  536. package/locales/en/.agents/dependency_supply_chain_review/agents/claude.json +5 -4
  537. package/locales/en/.agents/dependency_supply_chain_review/agents/copilot.json +5 -4
  538. package/locales/en/.agents/dependency_supply_chain_review/agents/gemini.json +5 -4
  539. package/locales/en/.agents/dependency_supply_chain_review/agents/openai.yaml +3 -3
  540. package/locales/en/.agents/dependency_supply_chain_review/agents/qwen.json +5 -4
  541. package/locales/en/.agents/dependency_supply_chain_review/agents/skill.yaml +5 -4
  542. package/locales/en/.agents/deployment_ci_plan/SKILL.md +404 -45
  543. package/locales/en/.agents/deployment_ci_plan/agents/claude.json +2 -2
  544. package/locales/en/.agents/deployment_ci_plan/agents/copilot.json +2 -2
  545. package/locales/en/.agents/deployment_ci_plan/agents/gemini.json +2 -2
  546. package/locales/en/.agents/deployment_ci_plan/agents/openai.yaml +1 -1
  547. package/locales/en/.agents/deployment_ci_plan/agents/qwen.json +2 -2
  548. package/locales/en/.agents/deployment_ci_plan/agents/skill.yaml +2 -2
  549. package/locales/en/.agents/design_intake/SKILL.md +221 -67
  550. package/locales/en/.agents/design_intake/agents/claude.json +4 -5
  551. package/locales/en/.agents/design_intake/agents/copilot.json +4 -5
  552. package/locales/en/.agents/design_intake/agents/gemini.json +4 -5
  553. package/locales/en/.agents/design_intake/agents/openai.yaml +3 -3
  554. package/locales/en/.agents/design_intake/agents/qwen.json +4 -5
  555. package/locales/en/.agents/design_intake/agents/skill.yaml +4 -5
  556. package/locales/en/.agents/design_parity_review/SKILL.md +216 -60
  557. package/locales/en/.agents/design_parity_review/agents/claude.json +2 -3
  558. package/locales/en/.agents/design_parity_review/agents/copilot.json +2 -3
  559. package/locales/en/.agents/design_parity_review/agents/gemini.json +2 -3
  560. package/locales/en/.agents/design_parity_review/agents/openai.yaml +2 -2
  561. package/locales/en/.agents/design_parity_review/agents/qwen.json +2 -3
  562. package/locales/en/.agents/design_parity_review/agents/skill.yaml +2 -3
  563. package/locales/en/.agents/design_systems/SKILL.md +432 -15
  564. package/locales/en/.agents/design_systems/agents/claude.json +2 -2
  565. package/locales/en/.agents/design_systems/agents/copilot.json +2 -2
  566. package/locales/en/.agents/design_systems/agents/gemini.json +2 -2
  567. package/locales/en/.agents/design_systems/agents/openai.yaml +1 -1
  568. package/locales/en/.agents/design_systems/agents/qwen.json +2 -2
  569. package/locales/en/.agents/design_systems/agents/skill.yaml +2 -2
  570. package/locales/en/.agents/dev_reference_snippets/SKILL.md +585 -397
  571. package/locales/en/.agents/dev_reference_snippets/agents/claude.json +2 -2
  572. package/locales/en/.agents/dev_reference_snippets/agents/copilot.json +2 -2
  573. package/locales/en/.agents/dev_reference_snippets/agents/gemini.json +2 -2
  574. package/locales/en/.agents/dev_reference_snippets/agents/openai.yaml +1 -1
  575. package/locales/en/.agents/dev_reference_snippets/agents/qwen.json +2 -2
  576. package/locales/en/.agents/dev_reference_snippets/agents/skill.yaml +2 -2
  577. package/locales/en/.agents/docker_kubernetes_architecture/SKILL.md +473 -137
  578. package/locales/en/.agents/docker_kubernetes_architecture/agents/claude.json +5 -4
  579. package/locales/en/.agents/docker_kubernetes_architecture/agents/copilot.json +5 -4
  580. package/locales/en/.agents/docker_kubernetes_architecture/agents/gemini.json +5 -4
  581. package/locales/en/.agents/docker_kubernetes_architecture/agents/openai.yaml +3 -3
  582. package/locales/en/.agents/docker_kubernetes_architecture/agents/qwen.json +5 -4
  583. package/locales/en/.agents/docker_kubernetes_architecture/agents/skill.yaml +5 -4
  584. package/locales/en/.agents/es2025_beast_practices/SKILL.md +440 -15
  585. package/locales/en/.agents/es2025_beast_practices/agents/claude.json +4 -4
  586. package/locales/en/.agents/es2025_beast_practices/agents/copilot.json +4 -4
  587. package/locales/en/.agents/es2025_beast_practices/agents/gemini.json +4 -4
  588. package/locales/en/.agents/es2025_beast_practices/agents/openai.yaml +3 -3
  589. package/locales/en/.agents/es2025_beast_practices/agents/qwen.json +4 -4
  590. package/locales/en/.agents/es2025_beast_practices/agents/skill.yaml +4 -4
  591. package/locales/en/.agents/gates/SKILL.md +128 -29
  592. package/locales/en/.agents/gates/agents/claude.json +2 -2
  593. package/locales/en/.agents/gates/agents/copilot.json +2 -2
  594. package/locales/en/.agents/gates/agents/gemini.json +2 -2
  595. package/locales/en/.agents/gates/agents/openai.yaml +1 -1
  596. package/locales/en/.agents/gates/agents/qwen.json +2 -2
  597. package/locales/en/.agents/gates/agents/skill.yaml +2 -2
  598. package/locales/en/.agents/go_beast_practices/SKILL.md +557 -23
  599. package/locales/en/.agents/go_beast_practices/agents/claude.json +5 -4
  600. package/locales/en/.agents/go_beast_practices/agents/copilot.json +5 -4
  601. package/locales/en/.agents/go_beast_practices/agents/gemini.json +5 -4
  602. package/locales/en/.agents/go_beast_practices/agents/openai.yaml +3 -3
  603. package/locales/en/.agents/go_beast_practices/agents/qwen.json +5 -4
  604. package/locales/en/.agents/go_beast_practices/agents/skill.yaml +5 -4
  605. package/locales/en/.agents/google_stitch_skill/SKILL.md +507 -71
  606. package/locales/en/.agents/google_stitch_skill/agents/claude.json +5 -6
  607. package/locales/en/.agents/google_stitch_skill/agents/copilot.json +5 -6
  608. package/locales/en/.agents/google_stitch_skill/agents/gemini.json +5 -6
  609. package/locales/en/.agents/google_stitch_skill/agents/openai.yaml +1 -1
  610. package/locales/en/.agents/google_stitch_skill/agents/qwen.json +5 -6
  611. package/locales/en/.agents/google_stitch_skill/agents/skill.yaml +4 -5
  612. package/locales/en/.agents/handoff/SKILL.md +206 -46
  613. package/locales/en/.agents/handoff/agents/claude.json +5 -5
  614. package/locales/en/.agents/handoff/agents/copilot.json +5 -5
  615. package/locales/en/.agents/handoff/agents/gemini.json +5 -5
  616. package/locales/en/.agents/handoff/agents/openai.yaml +3 -3
  617. package/locales/en/.agents/handoff/agents/qwen.json +5 -5
  618. package/locales/en/.agents/handoff/agents/skill.yaml +5 -5
  619. package/locales/en/.agents/k8s_manifests_conventions/SKILL.md +540 -167
  620. package/locales/en/.agents/k8s_manifests_conventions/agents/claude.json +2 -2
  621. package/locales/en/.agents/k8s_manifests_conventions/agents/copilot.json +2 -2
  622. package/locales/en/.agents/k8s_manifests_conventions/agents/gemini.json +2 -2
  623. package/locales/en/.agents/k8s_manifests_conventions/agents/openai.yaml +1 -1
  624. package/locales/en/.agents/k8s_manifests_conventions/agents/qwen.json +2 -2
  625. package/locales/en/.agents/k8s_manifests_conventions/agents/skill.yaml +2 -2
  626. package/locales/en/.agents/memory/SKILL.md +211 -21
  627. package/locales/en/.agents/memory/agents/claude.json +5 -4
  628. package/locales/en/.agents/memory/agents/copilot.json +5 -4
  629. package/locales/en/.agents/memory/agents/gemini.json +5 -4
  630. package/locales/en/.agents/memory/agents/openai.yaml +3 -3
  631. package/locales/en/.agents/memory/agents/qwen.json +5 -4
  632. package/locales/en/.agents/memory/agents/skill.yaml +5 -4
  633. package/locales/en/.agents/mongodb_mongoose_best_practices/SKILL.md +669 -178
  634. package/locales/en/.agents/mongodb_mongoose_best_practices/agents/claude.json +4 -5
  635. package/locales/en/.agents/mongodb_mongoose_best_practices/agents/copilot.json +4 -5
  636. package/locales/en/.agents/mongodb_mongoose_best_practices/agents/gemini.json +4 -5
  637. package/locales/en/.agents/mongodb_mongoose_best_practices/agents/openai.yaml +3 -3
  638. package/locales/en/.agents/mongodb_mongoose_best_practices/agents/qwen.json +4 -5
  639. package/locales/en/.agents/mongodb_mongoose_best_practices/agents/skill.yaml +4 -5
  640. package/locales/en/.agents/n8n_pinecone_qdrant_supabase/SKILL.md +669 -57
  641. package/locales/en/.agents/n8n_pinecone_qdrant_supabase/agents/claude.json +5 -5
  642. package/locales/en/.agents/n8n_pinecone_qdrant_supabase/agents/copilot.json +5 -5
  643. package/locales/en/.agents/n8n_pinecone_qdrant_supabase/agents/gemini.json +5 -5
  644. package/locales/en/.agents/n8n_pinecone_qdrant_supabase/agents/openai.yaml +3 -3
  645. package/locales/en/.agents/n8n_pinecone_qdrant_supabase/agents/qwen.json +5 -5
  646. package/locales/en/.agents/n8n_pinecone_qdrant_supabase/agents/skill.yaml +5 -5
  647. package/locales/en/.agents/node_express_beast_practices/SKILL.md +718 -19
  648. package/locales/en/.agents/node_express_beast_practices/agents/claude.json +1 -1
  649. package/locales/en/.agents/node_express_beast_practices/agents/copilot.json +1 -1
  650. package/locales/en/.agents/node_express_beast_practices/agents/gemini.json +1 -1
  651. package/locales/en/.agents/node_express_beast_practices/agents/openai.yaml +1 -1
  652. package/locales/en/.agents/node_express_beast_practices/agents/qwen.json +1 -1
  653. package/locales/en/.agents/node_express_beast_practices/agents/skill.yaml +1 -1
  654. package/locales/en/.agents/observability_logging/SKILL.md +499 -16
  655. package/locales/en/.agents/observability_logging/agents/claude.json +4 -4
  656. package/locales/en/.agents/observability_logging/agents/copilot.json +4 -4
  657. package/locales/en/.agents/observability_logging/agents/gemini.json +4 -4
  658. package/locales/en/.agents/observability_logging/agents/openai.yaml +3 -3
  659. package/locales/en/.agents/observability_logging/agents/qwen.json +4 -4
  660. package/locales/en/.agents/observability_logging/agents/skill.yaml +4 -4
  661. package/locales/en/.agents/observability_plan/SKILL.md +273 -32
  662. package/locales/en/.agents/observability_plan/agents/claude.json +6 -4
  663. package/locales/en/.agents/observability_plan/agents/copilot.json +6 -4
  664. package/locales/en/.agents/observability_plan/agents/gemini.json +6 -4
  665. package/locales/en/.agents/observability_plan/agents/openai.yaml +3 -3
  666. package/locales/en/.agents/observability_plan/agents/qwen.json +6 -4
  667. package/locales/en/.agents/observability_plan/agents/skill.yaml +5 -3
  668. package/locales/en/.agents/observability_review/SKILL.md +245 -11
  669. package/locales/en/.agents/observability_review/agents/claude.json +6 -4
  670. package/locales/en/.agents/observability_review/agents/copilot.json +6 -4
  671. package/locales/en/.agents/observability_review/agents/gemini.json +6 -4
  672. package/locales/en/.agents/observability_review/agents/openai.yaml +3 -3
  673. package/locales/en/.agents/observability_review/agents/qwen.json +6 -4
  674. package/locales/en/.agents/observability_review/agents/skill.yaml +5 -3
  675. package/locales/en/.agents/performance_review_baseline/SKILL.md +232 -10
  676. package/locales/en/.agents/performance_review_baseline/agents/claude.json +5 -4
  677. package/locales/en/.agents/performance_review_baseline/agents/copilot.json +5 -4
  678. package/locales/en/.agents/performance_review_baseline/agents/gemini.json +5 -4
  679. package/locales/en/.agents/performance_review_baseline/agents/openai.yaml +3 -3
  680. package/locales/en/.agents/performance_review_baseline/agents/qwen.json +5 -4
  681. package/locales/en/.agents/performance_review_baseline/agents/skill.yaml +5 -4
  682. package/locales/en/.agents/pm_backlog/SKILL.md +239 -21
  683. package/locales/en/.agents/pm_backlog/agents/claude.json +2 -2
  684. package/locales/en/.agents/pm_backlog/agents/copilot.json +2 -2
  685. package/locales/en/.agents/pm_backlog/agents/gemini.json +2 -2
  686. package/locales/en/.agents/pm_backlog/agents/openai.yaml +1 -1
  687. package/locales/en/.agents/pm_backlog/agents/qwen.json +2 -2
  688. package/locales/en/.agents/pm_backlog/agents/skill.yaml +2 -2
  689. package/locales/en/.agents/pm_interview/SKILL.md +178 -37
  690. package/locales/en/.agents/pm_interview/agents/claude.json +5 -4
  691. package/locales/en/.agents/pm_interview/agents/copilot.json +5 -4
  692. package/locales/en/.agents/pm_interview/agents/gemini.json +5 -4
  693. package/locales/en/.agents/pm_interview/agents/openai.yaml +3 -3
  694. package/locales/en/.agents/pm_interview/agents/qwen.json +5 -4
  695. package/locales/en/.agents/pm_interview/agents/skill.yaml +5 -4
  696. package/locales/en/.agents/pm_prd/SKILL.md +197 -38
  697. package/locales/en/.agents/pm_prd/agents/claude.json +2 -2
  698. package/locales/en/.agents/pm_prd/agents/copilot.json +2 -2
  699. package/locales/en/.agents/pm_prd/agents/gemini.json +2 -2
  700. package/locales/en/.agents/pm_prd/agents/openai.yaml +1 -1
  701. package/locales/en/.agents/pm_prd/agents/qwen.json +2 -2
  702. package/locales/en/.agents/pm_prd/agents/skill.yaml +2 -2
  703. package/locales/en/.agents/qa_api_contract_tests/SKILL.md +207 -16
  704. package/locales/en/.agents/qa_api_contract_tests/agents/claude.json +2 -2
  705. package/locales/en/.agents/qa_api_contract_tests/agents/copilot.json +2 -2
  706. package/locales/en/.agents/qa_api_contract_tests/agents/gemini.json +2 -2
  707. package/locales/en/.agents/qa_api_contract_tests/agents/openai.yaml +1 -1
  708. package/locales/en/.agents/qa_api_contract_tests/agents/qwen.json +2 -2
  709. package/locales/en/.agents/qa_api_contract_tests/agents/skill.yaml +2 -2
  710. package/locales/en/.agents/qa_browser_testing/SKILL.md +254 -86
  711. package/locales/en/.agents/qa_e2e_playwright/SKILL.md +313 -116
  712. package/locales/en/.agents/qa_manual_run/SKILL.md +202 -9
  713. package/locales/en/.agents/qa_manual_run/agents/claude.json +2 -2
  714. package/locales/en/.agents/qa_manual_run/agents/copilot.json +2 -2
  715. package/locales/en/.agents/qa_manual_run/agents/gemini.json +2 -2
  716. package/locales/en/.agents/qa_manual_run/agents/openai.yaml +1 -1
  717. package/locales/en/.agents/qa_manual_run/agents/qwen.json +2 -2
  718. package/locales/en/.agents/qa_manual_run/agents/skill.yaml +2 -2
  719. package/locales/en/.agents/qa_regression_baseline/SKILL.md +217 -0
  720. package/locales/en/.agents/qa_regression_baseline/agents/claude.json +19 -0
  721. package/locales/en/.agents/qa_regression_baseline/agents/copilot.json +19 -0
  722. package/locales/en/.agents/qa_regression_baseline/agents/gemini.json +19 -0
  723. package/locales/en/.agents/qa_regression_baseline/agents/openai.yaml +8 -0
  724. package/locales/en/.agents/qa_regression_baseline/agents/qwen.json +19 -0
  725. package/locales/en/.agents/qa_regression_baseline/agents/skill.yaml +23 -0
  726. package/locales/en/.agents/qa_security_smoke_tests/SKILL.md +182 -8
  727. package/locales/en/.agents/qa_security_smoke_tests/agents/claude.json +2 -2
  728. package/locales/en/.agents/qa_security_smoke_tests/agents/copilot.json +2 -2
  729. package/locales/en/.agents/qa_security_smoke_tests/agents/gemini.json +2 -2
  730. package/locales/en/.agents/qa_security_smoke_tests/agents/openai.yaml +1 -1
  731. package/locales/en/.agents/qa_security_smoke_tests/agents/qwen.json +2 -2
  732. package/locales/en/.agents/qa_security_smoke_tests/agents/skill.yaml +2 -2
  733. package/locales/en/.agents/qa_test_plan/SKILL.md +197 -14
  734. package/locales/en/.agents/qa_test_plan/agents/claude.json +2 -2
  735. package/locales/en/.agents/qa_test_plan/agents/copilot.json +2 -2
  736. package/locales/en/.agents/qa_test_plan/agents/gemini.json +2 -2
  737. package/locales/en/.agents/qa_test_plan/agents/openai.yaml +1 -1
  738. package/locales/en/.agents/qa_test_plan/agents/qwen.json +2 -2
  739. package/locales/en/.agents/qa_test_plan/agents/skill.yaml +2 -2
  740. package/locales/en/.agents/qa_ui_a11y_smoke/SKILL.md +224 -6
  741. package/locales/en/.agents/qa_ui_a11y_smoke/agents/claude.json +5 -4
  742. package/locales/en/.agents/qa_ui_a11y_smoke/agents/copilot.json +5 -4
  743. package/locales/en/.agents/qa_ui_a11y_smoke/agents/gemini.json +5 -4
  744. package/locales/en/.agents/qa_ui_a11y_smoke/agents/openai.yaml +3 -3
  745. package/locales/en/.agents/qa_ui_a11y_smoke/agents/qwen.json +5 -4
  746. package/locales/en/.agents/qa_ui_a11y_smoke/agents/skill.yaml +5 -4
  747. package/locales/en/.agents/react_15_3_wix_iframe/SKILL.md +419 -20
  748. package/locales/en/.agents/react_15_3_wix_iframe/agents/claude.json +2 -2
  749. package/locales/en/.agents/react_15_3_wix_iframe/agents/copilot.json +2 -2
  750. package/locales/en/.agents/react_15_3_wix_iframe/agents/gemini.json +2 -2
  751. package/locales/en/.agents/react_15_3_wix_iframe/agents/openai.yaml +1 -1
  752. package/locales/en/.agents/react_15_3_wix_iframe/agents/qwen.json +2 -2
  753. package/locales/en/.agents/react_15_3_wix_iframe/agents/skill.yaml +2 -2
  754. package/locales/en/.agents/react_beast_practices/SKILL.md +285 -18
  755. package/locales/en/.agents/react_beast_practices/agents/claude.json +4 -4
  756. package/locales/en/.agents/react_beast_practices/agents/copilot.json +4 -4
  757. package/locales/en/.agents/react_beast_practices/agents/gemini.json +4 -4
  758. package/locales/en/.agents/react_beast_practices/agents/openai.yaml +3 -3
  759. package/locales/en/.agents/react_beast_practices/agents/qwen.json +4 -4
  760. package/locales/en/.agents/react_beast_practices/agents/skill.yaml +4 -4
  761. package/locales/en/.agents/release_gate/SKILL.md +205 -69
  762. package/locales/en/.agents/release_gate/agents/claude.json +5 -4
  763. package/locales/en/.agents/release_gate/agents/copilot.json +5 -4
  764. package/locales/en/.agents/release_gate/agents/gemini.json +5 -4
  765. package/locales/en/.agents/release_gate/agents/openai.yaml +3 -3
  766. package/locales/en/.agents/release_gate/agents/qwen.json +5 -4
  767. package/locales/en/.agents/release_gate/agents/skill.yaml +5 -4
  768. package/locales/en/.agents/release_gate_checklist_template/SKILL.md +175 -61
  769. package/locales/en/.agents/review_reference_snippets/SKILL.md +163 -46
  770. package/locales/en/.agents/security_baseline_dev/SKILL.md +496 -16
  771. package/locales/en/.agents/security_baseline_dev/agents/claude.json +2 -2
  772. package/locales/en/.agents/security_baseline_dev/agents/copilot.json +2 -2
  773. package/locales/en/.agents/security_baseline_dev/agents/gemini.json +2 -2
  774. package/locales/en/.agents/security_baseline_dev/agents/openai.yaml +1 -1
  775. package/locales/en/.agents/security_baseline_dev/agents/qwen.json +2 -2
  776. package/locales/en/.agents/security_baseline_dev/agents/skill.yaml +2 -2
  777. package/locales/en/.agents/security_review/SKILL.md +277 -55
  778. package/locales/en/.agents/security_review_baseline/SKILL.md +111 -17
  779. package/locales/en/.agents/security_review_baseline/agents/claude.json +2 -2
  780. package/locales/en/.agents/security_review_baseline/agents/copilot.json +2 -2
  781. package/locales/en/.agents/security_review_baseline/agents/gemini.json +2 -2
  782. package/locales/en/.agents/security_review_baseline/agents/openai.yaml +1 -1
  783. package/locales/en/.agents/security_review_baseline/agents/qwen.json +2 -2
  784. package/locales/en/.agents/security_review_baseline/agents/skill.yaml +2 -2
  785. package/locales/en/.agents/state_rtk_beast_practices/SKILL.md +735 -15
  786. package/locales/en/.agents/state_rtk_beast_practices/agents/claude.json +2 -2
  787. package/locales/en/.agents/state_rtk_beast_practices/agents/copilot.json +2 -2
  788. package/locales/en/.agents/state_rtk_beast_practices/agents/gemini.json +2 -2
  789. package/locales/en/.agents/state_rtk_beast_practices/agents/openai.yaml +1 -1
  790. package/locales/en/.agents/state_rtk_beast_practices/agents/qwen.json +2 -2
  791. package/locales/en/.agents/state_rtk_beast_practices/agents/skill.yaml +2 -2
  792. package/locales/en/.agents/state_zustand_beast_practices/SKILL.md +808 -11
  793. package/locales/en/.agents/state_zustand_beast_practices/agents/claude.json +2 -2
  794. package/locales/en/.agents/state_zustand_beast_practices/agents/copilot.json +2 -2
  795. package/locales/en/.agents/state_zustand_beast_practices/agents/gemini.json +2 -2
  796. package/locales/en/.agents/state_zustand_beast_practices/agents/openai.yaml +1 -1
  797. package/locales/en/.agents/state_zustand_beast_practices/agents/qwen.json +2 -2
  798. package/locales/en/.agents/state_zustand_beast_practices/agents/skill.yaml +2 -2
  799. package/locales/en/.agents/styling_css_stack/SKILL.md +558 -12
  800. package/locales/en/.agents/styling_css_stack/agents/claude.json +5 -5
  801. package/locales/en/.agents/styling_css_stack/agents/copilot.json +5 -5
  802. package/locales/en/.agents/styling_css_stack/agents/gemini.json +5 -5
  803. package/locales/en/.agents/styling_css_stack/agents/openai.yaml +3 -3
  804. package/locales/en/.agents/styling_css_stack/agents/qwen.json +5 -5
  805. package/locales/en/.agents/styling_css_stack/agents/skill.yaml +5 -5
  806. package/locales/en/.agents/system_design_checklist/SKILL.md +199 -40
  807. package/locales/en/.agents/system_design_checklist/agents/claude.json +3 -2
  808. package/locales/en/.agents/system_design_checklist/agents/copilot.json +3 -2
  809. package/locales/en/.agents/system_design_checklist/agents/gemini.json +3 -2
  810. package/locales/en/.agents/system_design_checklist/agents/openai.yaml +1 -1
  811. package/locales/en/.agents/system_design_checklist/agents/qwen.json +3 -2
  812. package/locales/en/.agents/system_design_checklist/agents/skill.yaml +2 -1
  813. package/locales/en/.agents/tailwind_beast_practices/SKILL.md +512 -0
  814. package/locales/en/.agents/tailwind_beast_practices/agents/claude.json +18 -0
  815. package/locales/en/.agents/tailwind_beast_practices/agents/copilot.json +18 -0
  816. package/locales/en/.agents/tailwind_beast_practices/agents/gemini.json +18 -0
  817. package/locales/en/.agents/tailwind_beast_practices/agents/openai.yaml +8 -0
  818. package/locales/en/.agents/tailwind_beast_practices/agents/qwen.json +18 -0
  819. package/locales/en/.agents/tailwind_beast_practices/agents/skill.yaml +22 -0
  820. package/locales/en/.agents/tanstack_beast_practices/SKILL.md +473 -19
  821. package/locales/en/.agents/tanstack_beast_practices/agents/claude.json +2 -2
  822. package/locales/en/.agents/tanstack_beast_practices/agents/copilot.json +2 -2
  823. package/locales/en/.agents/tanstack_beast_practices/agents/gemini.json +2 -2
  824. package/locales/en/.agents/tanstack_beast_practices/agents/openai.yaml +1 -1
  825. package/locales/en/.agents/tanstack_beast_practices/agents/qwen.json +2 -2
  826. package/locales/en/.agents/tanstack_beast_practices/agents/skill.yaml +2 -2
  827. package/locales/en/.agents/tdd_workflow/SKILL.md +453 -34
  828. package/locales/en/.agents/tdd_workflow/agents/claude.json +2 -2
  829. package/locales/en/.agents/tdd_workflow/agents/copilot.json +2 -2
  830. package/locales/en/.agents/tdd_workflow/agents/gemini.json +2 -2
  831. package/locales/en/.agents/tdd_workflow/agents/openai.yaml +1 -1
  832. package/locales/en/.agents/tdd_workflow/agents/qwen.json +2 -2
  833. package/locales/en/.agents/tdd_workflow/agents/skill.yaml +2 -2
  834. package/locales/en/.agents/testing_strategy_js/SKILL.md +636 -30
  835. package/locales/en/.agents/testing_strategy_js/agents/claude.json +2 -2
  836. package/locales/en/.agents/testing_strategy_js/agents/copilot.json +2 -2
  837. package/locales/en/.agents/testing_strategy_js/agents/gemini.json +2 -2
  838. package/locales/en/.agents/testing_strategy_js/agents/openai.yaml +1 -1
  839. package/locales/en/.agents/testing_strategy_js/agents/qwen.json +2 -2
  840. package/locales/en/.agents/testing_strategy_js/agents/skill.yaml +2 -2
  841. package/locales/en/.agents/tests_quality_review/SKILL.md +279 -18
  842. package/locales/en/.agents/tests_quality_review/agents/claude.json +2 -2
  843. package/locales/en/.agents/tests_quality_review/agents/copilot.json +2 -2
  844. package/locales/en/.agents/tests_quality_review/agents/gemini.json +2 -2
  845. package/locales/en/.agents/tests_quality_review/agents/openai.yaml +1 -1
  846. package/locales/en/.agents/tests_quality_review/agents/qwen.json +2 -2
  847. package/locales/en/.agents/tests_quality_review/agents/skill.yaml +2 -2
  848. package/locales/en/.agents/threat_model_baseline/SKILL.md +202 -49
  849. package/locales/en/.agents/threat_model_baseline/agents/claude.json +2 -2
  850. package/locales/en/.agents/threat_model_baseline/agents/copilot.json +2 -2
  851. package/locales/en/.agents/threat_model_baseline/agents/gemini.json +2 -2
  852. package/locales/en/.agents/threat_model_baseline/agents/openai.yaml +1 -1
  853. package/locales/en/.agents/threat_model_baseline/agents/qwen.json +2 -2
  854. package/locales/en/.agents/threat_model_baseline/agents/skill.yaml +2 -2
  855. package/locales/en/.agents/tooling_bun_biome/SKILL.md +531 -9
  856. package/locales/en/.agents/tooling_bun_biome/agents/claude.json +5 -5
  857. package/locales/en/.agents/tooling_bun_biome/agents/copilot.json +5 -5
  858. package/locales/en/.agents/tooling_bun_biome/agents/gemini.json +5 -5
  859. package/locales/en/.agents/tooling_bun_biome/agents/openai.yaml +3 -3
  860. package/locales/en/.agents/tooling_bun_biome/agents/qwen.json +5 -5
  861. package/locales/en/.agents/tooling_bun_biome/agents/skill.yaml +5 -5
  862. package/locales/en/.agents/typescript_beast_practices/SKILL.md +434 -15
  863. package/locales/en/.agents/typescript_beast_practices/agents/claude.json +2 -2
  864. package/locales/en/.agents/typescript_beast_practices/agents/copilot.json +2 -2
  865. package/locales/en/.agents/typescript_beast_practices/agents/gemini.json +2 -2
  866. package/locales/en/.agents/typescript_beast_practices/agents/openai.yaml +1 -1
  867. package/locales/en/.agents/typescript_beast_practices/agents/qwen.json +2 -2
  868. package/locales/en/.agents/typescript_beast_practices/agents/skill.yaml +2 -2
  869. package/locales/en/.agents/ui_a11y_smoke_review/SKILL.md +189 -9
  870. package/locales/en/.agents/ui_a11y_smoke_review/agents/claude.json +5 -5
  871. package/locales/en/.agents/ui_a11y_smoke_review/agents/copilot.json +5 -5
  872. package/locales/en/.agents/ui_a11y_smoke_review/agents/gemini.json +5 -5
  873. package/locales/en/.agents/ui_a11y_smoke_review/agents/openai.yaml +3 -3
  874. package/locales/en/.agents/ui_a11y_smoke_review/agents/qwen.json +5 -5
  875. package/locales/en/.agents/ui_a11y_smoke_review/agents/skill.yaml +5 -5
  876. package/locales/en/.agents/ui_inventory/SKILL.md +271 -44
  877. package/locales/en/.agents/ui_inventory/agents/claude.json +2 -2
  878. package/locales/en/.agents/ui_inventory/agents/copilot.json +2 -2
  879. package/locales/en/.agents/ui_inventory/agents/gemini.json +2 -2
  880. package/locales/en/.agents/ui_inventory/agents/openai.yaml +1 -1
  881. package/locales/en/.agents/ui_inventory/agents/qwen.json +2 -2
  882. package/locales/en/.agents/ui_inventory/agents/skill.yaml +2 -2
  883. package/locales/en/.agents/ux_discovery/SKILL.md +199 -33
  884. package/locales/en/.agents/ux_discovery/agents/claude.json +2 -2
  885. package/locales/en/.agents/ux_discovery/agents/copilot.json +2 -2
  886. package/locales/en/.agents/ux_discovery/agents/gemini.json +2 -2
  887. package/locales/en/.agents/ux_discovery/agents/openai.yaml +1 -1
  888. package/locales/en/.agents/ux_discovery/agents/qwen.json +2 -2
  889. package/locales/en/.agents/ux_discovery/agents/skill.yaml +2 -2
  890. package/locales/en/.agents/ux_spec/SKILL.md +276 -50
  891. package/locales/en/.agents/ux_spec/agents/claude.json +2 -2
  892. package/locales/en/.agents/ux_spec/agents/copilot.json +2 -2
  893. package/locales/en/.agents/ux_spec/agents/gemini.json +2 -2
  894. package/locales/en/.agents/ux_spec/agents/openai.yaml +1 -1
  895. package/locales/en/.agents/ux_spec/agents/qwen.json +2 -2
  896. package/locales/en/.agents/ux_spec/agents/skill.yaml +2 -2
  897. package/locales/en/.agents/wix_iframe_sdk/SKILL.md +271 -42
  898. package/locales/en/.agents/wix_iframe_sdk/agents/claude.json +4 -5
  899. package/locales/en/.agents/wix_iframe_sdk/agents/copilot.json +4 -5
  900. package/locales/en/.agents/wix_iframe_sdk/agents/gemini.json +4 -5
  901. package/locales/en/.agents/wix_iframe_sdk/agents/openai.yaml +3 -3
  902. package/locales/en/.agents/wix_iframe_sdk/agents/qwen.json +4 -5
  903. package/locales/en/.agents/wix_iframe_sdk/agents/skill.yaml +4 -5
  904. package/locales/en/.agents/wix_self_hosted_embedded_script/SKILL.md +611 -88
  905. package/locales/en/.agents/wix_self_hosted_embedded_script/agents/claude.json +2 -2
  906. package/locales/en/.agents/wix_self_hosted_embedded_script/agents/copilot.json +2 -2
  907. package/locales/en/.agents/wix_self_hosted_embedded_script/agents/gemini.json +2 -2
  908. package/locales/en/.agents/wix_self_hosted_embedded_script/agents/openai.yaml +1 -1
  909. package/locales/en/.agents/wix_self_hosted_embedded_script/agents/qwen.json +2 -2
  910. package/locales/en/.agents/wix_self_hosted_embedded_script/agents/skill.yaml +2 -2
  911. package/locales/en/AGENTS.yaml +2 -0
  912. package/locales/en/agents/architect.md +1 -1
  913. package/locales/en/agents/conductor.md +50 -0
  914. package/locales/en/agents/devops.md +34 -0
  915. package/locales/en/agents/orchestrator.claude.json +2 -0
  916. package/locales/en/agents/orchestrator.copilot.json +2 -0
  917. package/locales/en/agents/orchestrator.gemini.json +2 -0
  918. package/locales/en/agents/orchestrator.openai.yaml +2 -0
  919. package/locales/en/agents/orchestrator.qwen.json +2 -0
  920. package/locales/en/agents/product_manager.md +1 -5
  921. package/locales/en/agents/reviewer.md +69 -64
  922. package/locales/en/agents/senior_full_stack.md +2 -2
  923. package/locales/en/agents/tester.md +50 -11
  924. package/locales/en/agents/ux_ui_designer.md +3 -5
  925. package/package.json +1 -1
package/.agents/review_reference_snippets/SKILL.md CHANGED
@@ -113,6 +113,122 @@ await db.query("SELECT * FROM users WHERE email=$1", [email]);
113
113
 
114
114
  ---
115
115
 
116
+ ## E2) NoSQL Injection — MongoDB (P0)
117
+
118
+ ### ❌ DON'T: передавать req.query/req.body напрямую в Mongoose
119
+ ```ts
120
+ // Атака: ?email[$gt]= → объект { $gt: "" } → matches ALL documents
121
+ const user = await User.findOne({ email: req.query.email });
122
+
123
+ // Атака: body = { "role": { "$ne": null } } → обходит фильтр
124
+ const users = await User.find(req.body);
125
+ ```
126
+
127
+ ### ✅ DO: привести к типу + safe filter builder + strictQuery
128
+ ```ts
129
+ // Force string — strip operator injection
130
+ const email = String(req.query.email);
131
+ const user = await User.findOne({ email });
132
+
133
+ // Or Zod validation at boundary (best)
134
+ const { email } = emailSchema.parse(req.query);
135
+
136
+ // Global Mongoose defense
137
+ mongoose.set('strictQuery', true);
138
+ ```
139
+
140
+ ### ✅ Комментарий
141
+ - **P0:** NoSQL injection риск. Пользовательский ввод передаётся напрямую в Mongoose query. Привести к типу / Zod validation + `strictQuery: true`.
142
+
143
+ ---
144
+
145
+ ## E3) N+1 Query (P0)
146
+
147
+ ### ❌ DON'T: DB запрос в цикле
148
+ ```ts
149
+ const orders = await Order.find({ userId });
150
+ for (const order of orders) {
151
+ order.items = await Item.find({ orderId: order._id }); // N queries!
152
+ }
153
+ ```
154
+
155
+ ### ✅ DO: batch query с $in или $lookup
156
+ ```ts
157
+ const orders = await Order.find({ userId });
158
+ const orderIds = orders.map(o => o._id);
159
+ const items = await Item.find({ orderId: { $in: orderIds } }); // 1 query
160
+ // Map items to orders in memory
161
+ ```
162
+
163
+ ### ✅ Комментарий
164
+ - **P0:** N+1 запрос (DB call в цикле). Заменить на batch `$in` или `$lookup` в aggregation.
165
+
166
+ ---
167
+
168
+ ## E4) React Performance (P1)
169
+
170
+ ### ❌ DON'T: новый объект/функция на каждый render
171
+ ```tsx
172
+ function Parent() {
173
+ return (
174
+ <Child
175
+ style={{ color: 'red' }} // new object every render
176
+ onClick={() => doSomething()} // new function every render
177
+ data={items.filter(x => x.active)} // new array every render
178
+ />
179
+ );
180
+ }
181
+ ```
182
+
183
+ ### ✅ DO: стабильные ссылки через useMemo/useCallback
184
+ ```tsx
185
+ function Parent() {
186
+ const style = useMemo(() => ({ color: 'red' }), []);
187
+ const handleClick = useCallback(() => doSomething(), []);
188
+ const activeItems = useMemo(() => items.filter(x => x.active), [items]);
189
+
190
+ return <Child style={style} onClick={handleClick} data={activeItems} />;
191
+ }
192
+ ```
193
+
194
+ ### ✅ Комментарий
195
+ - **P1:** Инлайн объект/функция в JSX props вызывает лишние ре-рендеры. Использовать `useMemo`/`useCallback` для стабильных ссылок.
196
+
197
+ ---
198
+
199
+ ## E5) Layer Boundary Violation (P0/P1)
200
+
201
+ ### ❌ DON'T: DB вызов в route/controller
202
+ ```ts
203
+ // routes/coupons.js — route layer has direct DB access
204
+ router.get('/coupons', async (req, res) => {
205
+ const coupons = await Coupon.find({ appInstanceId: req.appInstanceId }); // P0!
206
+ res.json(coupons);
207
+ });
208
+ ```
209
+
210
+ ### ✅ DO: route → controller → service → repository
211
+ ```ts
212
+ // routes/coupons.js
213
+ router.get('/coupons', auth, couponController.list);
214
+
215
+ // controllers/coupon.js
216
+ async list(req, res) {
217
+ const coupons = await couponService.list(req.appInstanceId);
218
+ res.json({ data: coupons });
219
+ }
220
+
221
+ // services/coupon.js
222
+ async list(appInstanceId) {
223
+ return couponRepo.findByAppInstanceId(appInstanceId);
224
+ }
225
+ ```
226
+
227
+ ### ✅ Комментарий
228
+ - **P0/P1:** Нарушение слоёв — прямой DB вызов в route/controller. Вынести в service → repository.
229
+
230
+ ---
231
+
116
232
  ## F) Command/Path Injection (P0)
117
233
 
118
234
  ### ❌ DON'T: shell exec с пользовательским вводом
package/.agents/security_baseline_dev/SKILL.md CHANGED
@@ -1,16 +1,496 @@
1
- ---
2
- name: security_baseline_dev
3
- description: Базовая безопасность в реализации: валидация на границах, authz, безопасные ошибки, запрет секретов в коде/логах, гигиена зависимостей.
4
- ---
5
-
6
- # Skill: Security Baseline (Dev)
7
-
8
- ## Правила
9
- - Валидация входных данных на границе (API/forms)
10
- - Авторизация на сервере (не доверять клиенту)
11
- - Никаких секретов в репозитории и логах
12
- - Ошибки без утечки внутренностей
13
- - Зависимости: обновления и минимизация лишних пакетов
14
-
15
- ## См. также
16
- - Примеры: `$dev_reference_snippets`
1
+ ---
2
+ name: security_baseline_dev
3
+ description: Базовая безопасность в реализации валидация входных данных (Zod), secrets management, безопасные ошибки, auth/authz patterns, XSS/injection prevention, dependency audit, secure headers. DO/DON'T примеры. Активируй при написании любого кода, работающего с пользовательским вводом, auth, секретами, или при вопросах «как сделать безопасно».
4
+ ---
5
+
6
+ # Skill: Security Baseline (Dev)
7
+
8
+ Конкретные DO/DON'T паттерны безопасности для каждодневной разработки.
9
+
10
+ **Разделы:**
11
+ 1. [Input Validation](#1-input-validation)
12
+ 2. [Secrets Management](#2-secrets-management)
13
+ 3. [Безопасные ошибки](#3-безопасные-ошибки)
14
+ 4. [Auth/AuthZ](#4-authauthz)
15
+ 5. [XSS Prevention](#5-xss-prevention)
16
+ 6. [Injection Prevention](#6-injection-prevention)
17
+ 7. [Secure Headers](#7-secure-headers)
18
+ 8. [Dependency Security](#8-dependency-security)
19
+ 9. [Logging Security](#9-logging-security)
20
+ 10. [Anti-patterns](#10-anti-patterns)
21
+
22
+ ---
23
+
24
+ ## 1. Input Validation
25
+
26
+ ### ✅ DO: валидация на границе (API / form) через Zod
27
+
28
+ ```js
29
+ import { z } from 'zod';
30
+
31
+ // ✅ Whitelist schema — разрешаем только известные поля
32
+ const createUserSchema = z.object({
33
+ body: z.object({
34
+ name: z.string().min(1).max(100).trim(),
35
+ email: z.string().email().toLowerCase(),
36
+ age: z.number().int().min(13).max(150).optional(),
37
+ role: z.enum(['user', 'admin']).default('user'),
38
+ }),
39
+ });
40
+
41
+ // ✅ Парсим и получаем типизированные данные
42
+ const result = createUserSchema.safeParse({ body: req.body });
43
+ if (!result.success) {
44
+ return res.status(400).json({ errors: result.error.flatten().fieldErrors });
45
+ }
46
+ const { name, email, age, role } = result.data.body; // ← safe
47
+ ```
48
+
49
+ ### ❌ DON'T: доверять входным данным
50
+
51
+ ```js
52
+ // ❌ Нет валидации — любые данные попадают в DB
53
+ app.post('/api/users', (req, res) => {
54
+ db.users.insert(req.body); // ❌ req.body может содержать isAdmin: true
55
+ });
56
+
57
+ // ❌ Ручная валидация — неполная, ошибкоёмкая
58
+ if (req.body.email && typeof req.body.email === 'string') {
59
+ // ❌ не проверяет формат email, не trim, не lowercase
60
+ }
61
+
62
+ // ✅ Zod + validate middleware (см. $node_express_beast_practices)
63
+ app.post('/api/users', validate(createUserSchema), controller.create);
64
+ ```
65
+
66
+ ### ✅ DO: sanitize для HTML (если принимаете rich text)
67
+
68
+ ```js
69
+ import DOMPurify from 'isomorphic-dompurify';
70
+
71
+ /**
72
+ * Очищает HTML от XSS-векторов.
73
+ * @param {string} dirty - пользовательский HTML.
74
+ * @returns {string} безопасный HTML.
75
+ */
76
+ function sanitizeHtml(dirty) {
77
+ return DOMPurify.sanitize(dirty, {
78
+ ALLOWED_TAGS: ['b', 'i', 'em', 'strong', 'a', 'p', 'br', 'ul', 'ol', 'li'],
79
+ ALLOWED_ATTR: ['href', 'target'],
80
+ });
81
+ }
82
+ ```
83
+
84
+ ---
85
+
86
+ ## 2. Secrets Management
87
+
88
+ ### ✅ DO: env variables + validation
89
+
90
+ ```js
91
+ // config/env.js
92
+ import { z } from 'zod';
93
+
94
+ const envSchema = z.object({
95
+ DATABASE_URL: z.string().url(),
96
+ JWT_SECRET: z.string().min(32, 'JWT_SECRET must be at least 32 characters'),
97
+ API_KEY: z.string().min(16),
98
+ NODE_ENV: z.enum(['development', 'production', 'test']).default('development'),
99
+ });
100
+
101
+ const result = envSchema.safeParse(process.env);
102
+ if (!result.success) {
103
+ console.error('❌ Missing/invalid env vars:', result.error.flatten().fieldErrors);
104
+ process.exit(1);
105
+ }
106
+
107
+ export const config = Object.freeze(result.data);
108
+ ```
109
+
110
+ ### ✅ DO: .gitignore для секретов
111
+
112
+ ```gitignore
113
+ # Secrets — NEVER commit
114
+ .env
115
+ .env.local
116
+ .env.production
117
+ *.pem
118
+ *.key
119
+ credentials.json
120
+ service-account.json
121
+ ```
122
+
123
+ ### ❌ DON'T: секреты в коде
124
+
125
+ ```js
126
+ // ❌ Хардкод секретов
127
+ const API_KEY = 'sk-1234567890abcdef'; // ❌ НИКОГДА
128
+ const dbUrl = 'mongodb://user:password@host:27017/db'; // ❌
129
+
130
+ // ✅ Из env
131
+ const API_KEY = config.API_KEY;
132
+ const dbUrl = config.DATABASE_URL;
133
+
134
+ // ❌ Секреты в логах / ошибках
135
+ logger.info({ apiKey: config.API_KEY }); // ❌ утечка
136
+ throw new Error(`Auth failed for key: ${apiKey}`); // ❌ утечка
137
+ ```
138
+
139
+ ---
140
+
141
+ ## 3. Безопасные ошибки
142
+
143
+ ### ✅ DO: разделять operational и programmer errors
144
+
145
+ ```js
146
+ // ✅ Для клиента — безопасное сообщение
147
+ // Для логов — полная информация
148
+
149
+ export function errorHandler(logger) {
150
+ return (err, req, res, _next) => {
151
+ // Operational — показываем клиенту
152
+ if (err.isOperational) {
153
+ return res.status(err.statusCode).json({
154
+ error: err.message,
155
+ // ✅ Без stack trace, без SQL, без внутренних деталей
156
+ });
157
+ }
158
+
159
+ // Programmer error — скрываем от клиента
160
+ logger.error({
161
+ err, // ← полный stack trace в логи
162
+ requestId: req.id,
163
+ method: req.method,
164
+ url: req.originalUrl,
165
+ });
166
+
167
+ res.status(500).json({
168
+ error: 'Internal server error',
169
+ // ❌ NEVER: error: err.message, stack: err.stack
170
+ });
171
+ };
172
+ }
173
+ ```
174
+
175
+ ### ❌ DON'T: утекать внутренности
176
+
177
+ ```js
178
+ // ❌ SQL ошибка видна пользователю
179
+ res.status(500).json({
180
+ error: 'duplicate key value violates unique constraint "users_email_key"'
181
+ });
182
+
183
+ // ❌ Stack trace видна
184
+ res.status(500).json({
185
+ error: err.message,
186
+ stack: err.stack, // ❌ НИКОГДА
187
+ });
188
+
189
+ // ❌ Разная реакция на "user not found" vs "wrong password"
190
+ // → выдаёт информацию об аккаунтах (user enumeration)
191
+ if (!user) return res.status(404).json({ error: 'User not found' });
192
+ if (!passwordMatch) return res.status(401).json({ error: 'Wrong password' });
193
+
194
+ // ✅ Одинаковое сообщение
195
+ return res.status(401).json({ error: 'Invalid credentials' });
196
+ ```
197
+
198
+ ---
199
+
200
+ ## 4. Auth/AuthZ
201
+
202
+ ### ✅ DO: JWT в httpOnly cookie (не localStorage)
203
+
204
+ ```js
205
+ // ✅ Установка JWT в httpOnly cookie
206
+ res.cookie('token', jwt, {
207
+ httpOnly: true, // ✅ недоступна из JS (XSS protection)
208
+ secure: true, // ✅ только HTTPS
209
+ sameSite: 'lax', // ✅ CSRF protection
210
+ maxAge: 7 * 24 * 60 * 60 * 1000, // 7 days
211
+ path: '/',
212
+ });
213
+
214
+ // ❌ JWT в localStorage — уязвим к XSS
215
+ localStorage.setItem('token', jwt); // ❌ любой JS может прочитать
216
+ ```
217
+
218
+ ### ✅ DO: authZ проверки ДО операций
219
+
220
+ ```js
221
+ // ✅ Проверяем права ПЕРЕД выполнением операции
222
+ async function deleteCoupon(req, res) {
223
+ const coupon = await couponService.getById(req.params.id);
224
+
225
+ // AuthZ: только владелец или admin
226
+ if (coupon.ownerId !== req.user.id && req.user.role !== 'admin') {
227
+ throw new ForbiddenError('You can only delete your own coupons');
228
+ }
229
+
230
+ await couponService.remove(coupon.id);
231
+ res.status(204).end();
232
+ }
233
+
234
+ // ❌ IDOR — нет проверки владельца
235
+ async function deleteCoupon(req, res) {
236
+ await couponService.remove(req.params.id); // любой может удалить любой купон
237
+ }
238
+ ```
239
+
240
+ ### ✅ DO: password hashing
241
+
242
+ ```js
243
+ import bcrypt from 'bcrypt';
244
+
245
+ const SALT_ROUNDS = 12;
246
+
247
+ /**
248
+ * Хеширует пароль через bcrypt.
249
+ * @param {string} password - plain text пароль.
250
+ * @returns {Promise<string>} хеш.
251
+ */
252
+ async function hashPassword(password) {
253
+ return bcrypt.hash(password, SALT_ROUNDS);
254
+ }
255
+
256
+ /**
257
+ * Сравнивает пароль с хешем.
258
+ * @param {string} password - plain text.
259
+ * @param {string} hash - bcrypt хеш.
260
+ * @returns {Promise<boolean>}
261
+ */
262
+ async function verifyPassword(password, hash) {
263
+ return bcrypt.compare(password, hash);
264
+ }
265
+
266
+ // ❌ НИКОГДА: MD5, SHA-1, plain text
267
+ ```
268
+
269
+ ---
270
+
271
+ ## 5. XSS Prevention
272
+
273
+ ### ✅ DO: React автоматически escapes JSX
274
+
275
+ ```jsx
276
+ // ✅ React escapes по умолчанию — безопасно
277
+ return <p>{userInput}</p>; // <script>alert('xss')</script> → text
278
+
279
+ // ❌ dangerouslySetInnerHTML — XSS если input не sanitized
280
+ return <div dangerouslySetInnerHTML={{ __html: userInput }} />; // ❌
281
+
282
+ // ✅ Если НЕОБХОДИМО вставить HTML — sanitize через DOMPurify
283
+ import DOMPurify from 'dompurify';
284
+ return <div dangerouslySetInnerHTML={{ __html: DOMPurify.sanitize(userInput) }} />;
285
+ ```
286
+
287
+ ### ✅ DO: CSP header
288
+
289
+ ```js
290
+ // Helmet автоматически ставит CSP
291
+ import helmet from 'helmet';
292
+
293
+ app.use(helmet({
294
+ contentSecurityPolicy: {
295
+ directives: {
296
+ defaultSrc: ["'self'"],
297
+ scriptSrc: ["'self'"], // без 'unsafe-inline'!
298
+ styleSrc: ["'self'", "'unsafe-inline'"], // CSS может потребовать inline
299
+ imgSrc: ["'self'", "data:", "https:"],
300
+ connectSrc: ["'self'", "https://api.example.com"],
301
+ },
302
+ },
303
+ }));
304
+ ```
305
+
306
+ ---
307
+
308
+ ## 6. Injection Prevention
309
+
310
+ ### ✅ DO: параметризованные запросы
311
+
312
+ ```js
313
+ // ✅ SQL — параметризация (никогда конкатенация)
314
+ const user = await db.query('SELECT * FROM users WHERE email = $1', [email]);
315
+
316
+ // ❌ SQL injection
317
+ const user = await db.query(`SELECT * FROM users WHERE email = '${email}'`);
318
+ // email = "'; DROP TABLE users; --"
319
+
320
+ // ✅ MongoDB — не допускать операторы в пользовательском вводе
321
+ const user = await db.users.findOne({ email: String(email) }); // ✅ явное приведение
322
+
323
+ // ❌ NoSQL injection
324
+ const user = await db.users.findOne({ email: req.body.email });
325
+ // req.body.email = { $ne: "" } → возвращает первого пользователя
326
+
327
+ // ✅ Command injection prevention — никогда не exec(userInput)
328
+ import { execFile } from 'node:child_process';
329
+ execFile('convert', [inputPath, outputPath], callback); // ✅ args как массив
330
+
331
+ // ❌ Command injection
332
+ exec(`convert ${userInput} output.png`); // ❌ userInput = "; rm -rf /"
333
+ ```
334
+
335
+ ---
336
+
337
+ ## 7. Secure Headers
338
+
339
+ ### ✅ DO: helmet.js (минимальная настройка)
340
+
341
+ ```js
342
+ import helmet from 'helmet';
343
+
344
+ // ✅ Helmet устанавливает все необходимые security headers:
345
+ // - Content-Security-Policy
346
+ // - X-Content-Type-Options: nosniff
347
+ // - X-Frame-Options: SAMEORIGIN
348
+ // - Strict-Transport-Security (HSTS)
349
+ // - X-XSS-Protection (deprecated, но не мешает)
350
+ // - Referrer-Policy
351
+ app.use(helmet());
352
+ ```
353
+
354
+ ### ✅ DO: CORS — whitelist origins
355
+
356
+ ```js
357
+ import cors from 'cors';
358
+
359
+ // ✅ Whitelist конкретных origin
360
+ app.use(cors({
361
+ origin: ['https://myapp.com', 'https://admin.myapp.com'],
362
+ methods: ['GET', 'POST', 'PATCH', 'DELETE'],
363
+ credentials: true, // для httpOnly cookies
364
+ }));
365
+
366
+ // ❌ Открытый CORS в production
367
+ app.use(cors({ origin: '*' })); // ❌ любой сайт может делать запросы
368
+ ```
369
+
370
+ ---
371
+
372
+ ## 8. Dependency Security
373
+
374
+ ### ✅ DO: регулярный audit
375
+
376
+ ```bash
377
+ # npm
378
+ npm audit # проверить уязвимости
379
+ npm audit fix # автофикс
380
+ npm audit --production # только production deps
381
+
382
+ # package.json — lock versions
383
+ npm install --save-exact # точные версии, не ^
384
+ ```
385
+
386
+ ### ✅ DO: минимизировать зависимости
387
+
388
+ ```js
389
+ // ❌ Устанавливать lodash ради одной функции
390
+ import _ from 'lodash';
391
+ const unique = _.uniq(arr);
392
+
393
+ // ✅ Нативный JS
394
+ const unique = [...new Set(arr)];
395
+
396
+ // ❌ moment.js (300KB) для форматирования даты
397
+ import moment from 'moment';
398
+
399
+ // ✅ Intl.DateTimeFormat (встроенный, 0KB)
400
+ new Intl.DateTimeFormat('ru', { dateStyle: 'short' }).format(date);
401
+ ```
402
+
403
+ ### ✅ DO: lockfile в репозитории
404
+
405
+ ```gitignore
406
+ # ✅ Lockfile ДОЛЖЕН быть в git (reproducible builds)
407
+ # НЕ добавляй в .gitignore:
408
+ # package-lock.json ← НУЖЕН в git
409
+ # bun.lockb ← НУЖЕН в git
410
+ ```
411
+
412
+ ---
413
+
414
+ ## 9. Logging Security
415
+
416
+ ### ✅ DO: sanitize логи от PII и секретов
417
+
418
+ ```js
419
+ /**
420
+ * Фильтрует чувствительные поля из объекта для логирования.
421
+ * @param {object} obj - объект для логирования.
422
+ * @returns {object} очищенный объект.
423
+ */
424
+ function sanitizeForLog(obj) {
425
+ const SENSITIVE_KEYS = ['password', 'token', 'secret', 'apiKey', 'authorization',
426
+ 'cookie', 'ssn', 'creditCard', 'cardNumber', 'cvv'];
427
+
428
+ return Object.fromEntries(
429
+ Object.entries(obj).map(([key, value]) => {
430
+ if (SENSITIVE_KEYS.some((s) => key.toLowerCase().includes(s))) {
431
+ return [key, '[REDACTED]'];
432
+ }
433
+ if (typeof value === 'object' && value !== null) {
434
+ return [key, sanitizeForLog(value)];
435
+ }
436
+ return [key, value];
437
+ })
438
+ );
439
+ }
440
+
441
+ // Использование:
442
+ logger.info(sanitizeForLog({ email: 'user@example.com', password: '123', token: 'abc' }));
443
+ // { email: 'user@example.com', password: '[REDACTED]', token: '[REDACTED]' }
444
+ ```
445
+
446
+ ### ✅ DO: pino redact (автоматическая фильтрация)
447
+
448
+ ```js
449
+ import pino from 'pino';
450
+
451
+ const logger = pino({
452
+ redact: {
453
+ paths: ['req.headers.authorization', 'req.headers.cookie', '*.password', '*.token', '*.secret'],
454
+ censor: '[REDACTED]',
455
+ },
456
+ });
457
+ ```
458
+
459
+ ---
460
+
461
+ ## 10. Anti-patterns
462
+
463
+ | ❌ Anti-pattern | ✅ Решение |
464
+ |----------------|-----------|
465
+ | `req.body` без валидации | Zod schema + validate middleware |
466
+ | Секреты в коде / git | env vars + .gitignore + validation |
467
+ | Stack trace в response | Разные ответы для operational/programmer errors |
468
+ | JWT в localStorage | httpOnly + secure + sameSite cookie |
469
+ | `SELECT * WHERE id = '${id}'` | Параметризованные запросы |
470
+ | `exec(userInput)` | `execFile(cmd, [args])` |
471
+ | `cors({ origin: '*' })` в prod | Whitelist origins |
472
+ | PII в логах | Redact / sanitizeForLog |
473
+ | `lodash` ради 1 функции | Нативный JS/ES2025 |
474
+ | Нет npm audit | CI pipeline + регулярный audit |
475
+ | `md5(password)` | bcrypt/argon2 с salt |
476
+ | Разные ошибки для login | Единое «Invalid credentials» |
477
+
478
+ ---
479
+
480
+ ## Краткий чеклист (каждый PR)
481
+
482
+ - [ ] Input validated (Zod / whitelist schema)?
483
+ - [ ] No secrets in code / logs / errors?
484
+ - [ ] Errors don't leak internals?
485
+ - [ ] AuthZ checked before operation?
486
+ - [ ] No raw SQL/command concatenation?
487
+ - [ ] Dependencies audited?
488
+ - [ ] Sensitive data redacted from logs?
489
+
490
+ ---
491
+
492
+ ## См. также
493
+ - `$security_review` — полный security review чеклист (Reviewer gate)
494
+ - `$node_express_beast_practices` — Express middleware pipeline, error handler
495
+ - `$observability_logging` — structured logging с redaction
496
+ - `$es2025_beast_practices` — безопасная работа с данными
package/.agents/security_baseline_dev/agents/claude.json CHANGED
@@ -1,13 +1,13 @@
1
1
  {
2
2
  "name": "security_baseline_dev",
3
3
  "display_name": "Базовая безопасность разработки",
4
- "description": "Базовая безопасность в реализации: валидация на границах, authz, безопасные ошибки, запрет секретов в коде/логах, гигиена зависимостей.",
4
+ "description": "Базовая безопасность в реализации валидация входных данных (Zod), secrets management, безопасные ошибки, auth/authz patterns, XSS/injection prevention, dependency audit, secure headers. DO/DON'T примеры. Активируй при написании любого кода, работающего с пользовательским вводом, auth, секретами, или при вопросах «как сделать безопасно».",
5
5
  "default_prompt": "Используй $security_baseline_dev, когда задача относится к навыку \"Базовая безопасность разработки\".",
6
6
  "triggers": [
7
7
  "security_baseline_dev",
8
8
  "security baseline dev",
9
9
  "Базовая безопасность разработки",
10
- "Базовая безопасность в реализации"
10
+ "Базовая безопасность в реализации — валидация входных данных (Zod), secrets management, безопасные ошибки, auth/authz patterns, XSS/injection prevention, dependency audit, secure headers"
11
11
  ],
12
12
  "capabilities": [
13
13
  "security",
package/.agents/security_baseline_dev/agents/copilot.json CHANGED
@@ -1,13 +1,13 @@
1
1
  {
2
2
  "name": "security_baseline_dev",
3
3
  "display_name": "Базовая безопасность разработки",
4
- "description": "Базовая безопасность в реализации: валидация на границах, authz, безопасные ошибки, запрет секретов в коде/логах, гигиена зависимостей.",
4
+ "description": "Базовая безопасность в реализации валидация входных данных (Zod), secrets management, безопасные ошибки, auth/authz patterns, XSS/injection prevention, dependency audit, secure headers. DO/DON'T примеры. Активируй при написании любого кода, работающего с пользовательским вводом, auth, секретами, или при вопросах «как сделать безопасно».",
5
5
  "default_prompt": "Используй $security_baseline_dev, когда задача относится к навыку \"Базовая безопасность разработки\".",
6
6
  "triggers": [
7
7
  "security_baseline_dev",
8
8
  "security baseline dev",
9
9
  "Базовая безопасность разработки",
10
- "Базовая безопасность в реализации"
10
+ "Базовая безопасность в реализации — валидация входных данных (Zod), secrets management, безопасные ошибки, auth/authz patterns, XSS/injection prevention, dependency audit, secure headers"
11
11
  ],
12
12
  "capabilities": [
13
13
  "security",
package/.agents/security_baseline_dev/agents/gemini.json CHANGED
@@ -1,13 +1,13 @@
1
1
  {
2
2
  "name": "security_baseline_dev",
3
3
  "display_name": "Базовая безопасность разработки",
4
- "description": "Базовая безопасность в реализации: валидация на границах, authz, безопасные ошибки, запрет секретов в коде/логах, гигиена зависимостей.",
4
+ "description": "Базовая безопасность в реализации валидация входных данных (Zod), secrets management, безопасные ошибки, auth/authz patterns, XSS/injection prevention, dependency audit, secure headers. DO/DON'T примеры. Активируй при написании любого кода, работающего с пользовательским вводом, auth, секретами, или при вопросах «как сделать безопасно».",
5
5
  "default_prompt": "Используй $security_baseline_dev, когда задача относится к навыку \"Базовая безопасность разработки\".",
6
6
  "triggers": [
7
7
  "security_baseline_dev",
8
8
  "security baseline dev",
9
9
  "Базовая безопасность разработки",
10
- "Базовая безопасность в реализации"
10
+ "Базовая безопасность в реализации — валидация входных данных (Zod), secrets management, безопасные ошибки, auth/authz patterns, XSS/injection prevention, dependency audit, secure headers"
11
11
  ],
12
12
  "capabilities": [
13
13
  "security",