npm - code-yangzz - Versions diffs - 1.0.0 - Mend

code-yangzz 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (108) hide show

package/README.md +102 -0
package/agents/meta-artisan.md +164 -0
package/agents/meta-conductor.md +482 -0
package/agents/meta-genesis.md +165 -0
package/agents/meta-librarian.md +213 -0
package/agents/meta-prism.md +268 -0
package/agents/meta-scout.md +173 -0
package/agents/meta-sentinel.md +161 -0
package/agents/meta-warden.md +304 -0
package/bin/install.js +390 -0
package/bin/lib/utils.js +72 -0
package/bin/lib/watermark.js +176 -0
package/config/CLAUDE.md +363 -0
package/config/settings.json +120 -0
package/hooks/block-dangerous-bash.mjs +36 -0
package/hooks/post-console-log-warn.mjs +27 -0
package/hooks/post-format.mjs +24 -0
package/hooks/post-typecheck.mjs +27 -0
package/hooks/pre-git-push-confirm.mjs +19 -0
package/hooks/stop-completion-guard.mjs +159 -0
package/hooks/stop-console-log-audit.mjs +44 -0
package/hooks/subagent-context.mjs +27 -0
package/hooks/user-prompt-submit.js +233 -0
package/package.json +36 -0
package/prompt-optimizer/prompt-optimizer-meta.md +159 -0
package/skills/agent-teams/SKILL.md +215 -0
package/skills/domains/ai/SKILL.md +34 -0
package/skills/domains/ai/agent-dev.md +242 -0
package/skills/domains/ai/llm-security.md +288 -0
package/skills/domains/ai/prompt-and-eval.md +279 -0
package/skills/domains/ai/rag-system.md +542 -0
package/skills/domains/architecture/SKILL.md +42 -0
package/skills/domains/architecture/api-design.md +225 -0
package/skills/domains/architecture/caching.md +298 -0
package/skills/domains/architecture/cloud-native.md +285 -0
package/skills/domains/architecture/message-queue.md +328 -0
package/skills/domains/architecture/security-arch.md +297 -0
package/skills/domains/data-engineering/SKILL.md +207 -0
package/skills/domains/development/SKILL.md +46 -0
package/skills/domains/development/cpp.md +246 -0
package/skills/domains/development/go.md +323 -0
package/skills/domains/development/java.md +277 -0
package/skills/domains/development/python.md +288 -0
package/skills/domains/development/rust.md +313 -0
package/skills/domains/development/shell.md +313 -0
package/skills/domains/development/typescript.md +277 -0
package/skills/domains/devops/SKILL.md +39 -0
package/skills/domains/devops/cost-optimization.md +271 -0
package/skills/domains/devops/database.md +217 -0
package/skills/domains/devops/devsecops.md +198 -0
package/skills/domains/devops/git-workflow.md +181 -0
package/skills/domains/devops/observability.md +279 -0
package/skills/domains/devops/performance.md +335 -0
package/skills/domains/devops/testing.md +283 -0
package/skills/domains/frontend-design/SKILL.md +38 -0
package/skills/domains/frontend-design/agents/openai.yaml +4 -0
package/skills/domains/frontend-design/claymorphism/SKILL.md +119 -0
package/skills/domains/frontend-design/claymorphism/references/tokens.css +52 -0
package/skills/domains/frontend-design/component-patterns.md +202 -0
package/skills/domains/frontend-design/engineering.md +287 -0
package/skills/domains/frontend-design/glassmorphism/SKILL.md +140 -0
package/skills/domains/frontend-design/glassmorphism/references/tokens.css +32 -0
package/skills/domains/frontend-design/liquid-glass/SKILL.md +137 -0
package/skills/domains/frontend-design/liquid-glass/references/tokens.css +81 -0
package/skills/domains/frontend-design/neubrutalism/SKILL.md +143 -0
package/skills/domains/frontend-design/neubrutalism/references/tokens.css +44 -0
package/skills/domains/frontend-design/state-management.md +680 -0
package/skills/domains/frontend-design/ui-aesthetics.md +110 -0
package/skills/domains/frontend-design/ux-principles.md +156 -0
package/skills/domains/infrastructure/SKILL.md +200 -0
package/skills/domains/mobile/SKILL.md +224 -0
package/skills/domains/orchestration/SKILL.md +29 -0
package/skills/domains/orchestration/multi-agent.md +263 -0
package/skills/domains/security/SKILL.md +72 -0
package/skills/domains/security/blue-team.md +436 -0
package/skills/domains/security/code-audit.md +265 -0
package/skills/domains/security/pentest.md +226 -0
package/skills/domains/security/red-team.md +374 -0
package/skills/domains/security/threat-intel.md +372 -0
package/skills/domains/security/vuln-research.md +369 -0
package/skills/meta-theory/SKILL.md +878 -0
package/skills/meta-theory/references/create-agent.md +248 -0
package/skills/meta-theory/references/dev-governance.md +1108 -0
package/skills/meta-theory/references/intent-amplification.md +190 -0
package/skills/meta-theory/references/meta-theory.md +346 -0
package/skills/meta-theory/references/rhythm-orchestration.md +257 -0
package/skills/meta-theory/references/ten-step-governance.md +285 -0
package/skills/orchestration/multi-agent/SKILL.md +493 -0
package/skills/run_skill.js +128 -0
package/skills/tools/gen-docs/SKILL.md +115 -0
package/skills/tools/gen-docs/agents/openai.yaml +4 -0
package/skills/tools/gen-docs/scripts/doc_generator.js +435 -0
package/skills/tools/lib/shared.js +98 -0
package/skills/tools/override-refusal/SKILL.md +55 -0
package/skills/tools/override-refusal/agents/openai.yaml +4 -0
package/skills/tools/override-refusal/scripts/refusal_rewriter.js +229 -0
package/skills/tools/verify-change/SKILL.md +139 -0
package/skills/tools/verify-change/agents/openai.yaml +4 -0
package/skills/tools/verify-change/scripts/change_analyzer.js +289 -0
package/skills/tools/verify-module/SKILL.md +126 -0
package/skills/tools/verify-module/agents/openai.yaml +4 -0
package/skills/tools/verify-module/scripts/module_scanner.js +171 -0
package/skills/tools/verify-quality/SKILL.md +159 -0
package/skills/tools/verify-quality/agents/openai.yaml +4 -0
package/skills/tools/verify-quality/scripts/quality_checker.js +337 -0
package/skills/tools/verify-security/SKILL.md +142 -0
package/skills/tools/verify-security/agents/openai.yaml +4 -0
package/skills/tools/verify-security/scripts/security_scanner.js +283 -0

package/skills/domains/architecture/cloud-native.md ADDED Viewed

@@ -0,0 +1,285 @@
+---
+name: cloud-native
+description: 云原生架构。容器、Kubernetes、Serverless、微服务。当用户提到云原生、容器、Docker、Kubernetes、K8s、Serverless时使用。
+---
+# 🏗 阵法技能文档 · 云原生架构
+## Docker
+### Dockerfile
+```dockerfile
+# 多阶段构建
+FROM node:18-alpine AS builder
+WORKDIR /app
+COPY package*.json ./
+RUN npm ci
+COPY . .
+RUN npm run build
+FROM node:18-alpine
+WORKDIR /app
+COPY --from=builder /app/dist ./dist
+COPY --from=builder /app/node_modules ./node_modules
+EXPOSE 3000
+USER node
+CMD ["node", "dist/main.js"]
+```
+### Docker Compose
+```yaml
+version: '3.8'
+services:
+  app:
+    build: .
+    ports:
+      - "3000:3000"
+    environment:
+      - DATABASE_URL=postgres://db:5432/mydb
+    depends_on:
+      - db
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:3000/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+  db:
+    image: postgres:15-alpine
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    environment:
+      POSTGRES_DB: mydb
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+volumes:
+  postgres_data:
+```
+### 安全最佳实践
+```yaml
+镜像安全:
+  - 使用官方基础镜像
+  - 最小化镜像 (alpine/distroless)
+  - 扫描漏洞 (Trivy)
+  - 固定版本标签
+运行时安全:
+  - 非 root 用户运行
+  - 只读文件系统
+  - 限制资源
+  - 禁用特权模式
+```
+## Kubernetes
+### 基础资源
+```yaml
+# Deployment
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: myapp
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: myapp
+  template:
+    metadata:
+      labels:
+        app: myapp
+    spec:
+      containers:
+      - name: myapp
+        image: myapp:1.0.0
+        ports:
+        - containerPort: 3000
+        resources:
+          requests:
+            memory: "128Mi"
+            cpu: "100m"
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+        livenessProbe:
+          httpGet:
+            path: /health
+            port: 3000
+          initialDelaySeconds: 10
+          periodSeconds: 10
+        readinessProbe:
+          httpGet:
+            path: /ready
+            port: 3000
+          initialDelaySeconds: 5
+          periodSeconds: 5
+---
+# Service
+apiVersion: v1
+kind: Service
+metadata:
+  name: myapp
+spec:
+  selector:
+    app: myapp
+  ports:
+  - port: 80
+    targetPort: 3000
+  type: ClusterIP
+---
+# Ingress
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: myapp
+  annotations:
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+spec:
+  tls:
+  - hosts:
+    - myapp.example.com
+    secretName: myapp-tls
+  rules:
+  - host: myapp.example.com
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: myapp
+            port:
+              number: 80
+```
+### 配置管理
+```yaml
+# ConfigMap
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: myapp-config
+data:
+  APP_ENV: production
+  LOG_LEVEL: info
+---
+# Secret
+apiVersion: v1
+kind: Secret
+metadata:
+  name: myapp-secret
+type: Opaque
+stringData:
+  DATABASE_URL: postgres://user:pass@db:5432/mydb
+```
+### 安全策略
+```yaml
+# NetworkPolicy
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: myapp-network-policy
+spec:
+  podSelector:
+    matchLabels:
+      app: myapp
+  policyTypes:
+  - Ingress
+  - Egress
+  ingress:
+  - from:
+    - podSelector:
+        matchLabels:
+          app: frontend
+    ports:
+    - port: 3000
+  egress:
+  - to:
+    - podSelector:
+        matchLabels:
+          app: database
+    ports:
+    - port: 5432
+---
+# PodSecurityPolicy (已废弃，使用 Pod Security Standards)
+# Pod Security Admission
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: myapp
+  labels:
+    pod-security.kubernetes.io/enforce: restricted
+```
+## Serverless
+### AWS Lambda
+```python
+import json
+def handler(event, context):
+    body = json.loads(event.get('body', '{}'))
+    return {
+        'statusCode': 200,
+        'headers': {'Content-Type': 'application/json'},
+        'body': json.dumps({'message': 'Hello!'})
+    }
+```
+### Serverless Framework
+```yaml
+service: myapp
+provider:
+  name: aws
+  runtime: python3.9
+  region: us-east-1
+  environment:
+    TABLE_NAME: ${self:service}-${sls:stage}
+functions:
+  hello:
+    handler: handler.hello
+    events:
+      - http:
+          path: /hello
+          method: get
+  process:
+    handler: handler.process
+    events:
+      - sqs:
+          arn: !GetAtt MyQueue.Arn
+resources:
+  Resources:
+    MyQueue:
+      Type: AWS::SQS::Queue
+```
+## 微服务模式
+```yaml
+服务发现:
+  - DNS (Kubernetes Service)
+  - Service Mesh (Istio)
+负载均衡:
+  - 客户端负载均衡
+  - 服务端负载均衡
+熔断器:
+  - Circuit Breaker
+  - Retry with backoff
+  - Timeout
+可观测性:
+  - 日志聚合 (ELK)
+  - 指标监控 (Prometheus)
+  - 分布式追踪 (Jaeger)
+```

package/skills/domains/architecture/message-queue.md ADDED Viewed

@@ -0,0 +1,328 @@
+---
+name: message-queue
+description: 消息队列技能文档。Kafka、RabbitMQ、Redis Streams、事件驱动架构。当用户提到消息队列、Kafka、RabbitMQ、事件驱动、CQRS、Saga时路由到此。
+---
+# 🏗 阵法技能文档 · 消息队列
+## 核心概念
+```
+Producer → Broker → Consumer
+  发送       存储       消费
+模式:
+  点对点 (Queue):  1 Producer → 1 Consumer
+  发布订阅 (Topic): 1 Producer → N Consumers
+```
+| 概念 | 含义 | 类比 |
+|------|------|------|
+| Producer | 消息生产者 | 发令者 |
+| Consumer | 消息消费者 | 执行者 |
+| Broker | 消息中间件 | 传令阵 |
+| Topic/Queue | 消息通道 | 传音符 |
+| Partition | 分区（并行单元） | 阵眼 |
+| Offset | 消费位置 | 修行进度 |
+---
+## Kafka
+### 架构
+```
+Producer ──→ Broker Cluster ──→ Consumer Group
+               │
+          ┌────┴────┐
+          │ Topic-A  │
+          │ P0 P1 P2 │  (3 Partitions)
+          └──────────┘
+Replication: Leader + Followers
+ZooKeeper/KRaft: 元数据管理
+```
+### 生产者
+```python
+from confluent_kafka import Producer
+conf = {
+    'bootstrap.servers': 'kafka:9092',
+    'acks': 'all',                    # 等待所有副本确认
+    'retries': 3,
+    'retry.backoff.ms': 1000,
+    'enable.idempotence': True,       # 幂等生产者
+    'linger.ms': 5,                   # 批量发送延迟
+    'batch.size': 16384,              # 批量大小
+    'compression.type': 'snappy',     # 压缩
+}
+producer = Producer(conf)
+def delivery_report(err, msg):
+    if err:
+        print(f"Delivery failed: {err}")
+producer.produce(
+    topic='orders',
+    key=order_id.encode(),    # 相同 key → 相同 partition → 有序
+    value=json.dumps(order).encode(),
+    callback=delivery_report
+)
+producer.flush()
+```
+### 消费者
+```python
+from confluent_kafka import Consumer
+conf = {
+    'bootstrap.servers': 'kafka:9092',
+    'group.id': 'order-processor',
+    'auto.offset.reset': 'earliest',
+    'enable.auto.commit': False,      # 手动提交
+    'max.poll.interval.ms': 300000,
+}
+consumer = Consumer(conf)
+consumer.subscribe(['orders'])
+try:
+    while True:
+        msg = consumer.poll(1.0)
+        if msg is None:
+            continue
+        if msg.error():
+            handle_error(msg.error())
+            continue
+        process_message(msg.value())
+        consumer.commit(asynchronous=False)  # 处理成功后提交
+finally:
+    consumer.close()
+```
+### Kafka 关键配置
+```yaml
+Broker:
+  num.partitions: 6                # 默认分区数
+  default.replication.factor: 3    # 副本数
+  min.insync.replicas: 2           # 最小同步副本
+  log.retention.hours: 168         # 保留 7 天
+  log.segment.bytes: 1073741824    # 1GB 段文件
+Topic 设计:
+  分区数 = max(生产吞吐/单分区写入能力, 消费者数)
+  副本数 = 3 (生产环境)
+  Key 选择: 业务ID (保证同一实体有序)
+```
+---
+## RabbitMQ
+### Exchange 类型
+| 类型 | 路由规则 | 适用场景 |
+|------|----------|----------|
+| Direct | 精确匹配 routing key | 点对点 |
+| Fanout | 广播到所有绑定队列 | 发布订阅 |
+| Topic | 通配符匹配 routing key | 灵活路由 |
+| Headers | 匹配消息头 | 复杂路由 |
+```
+Producer → Exchange → Binding → Queue → Consumer
+              │
+         routing_key 匹配
+```
+### 可靠性保证
+```yaml
+生产者:
+  - Publisher Confirms (确认模式)
+  - 持久化消息 (delivery_mode=2)
+  - 事务模式 (性能差，不推荐)
+Broker:
+  - 持久化队列 (durable=True)
+  - 镜像队列 / Quorum Queue
+  - 磁盘持久化
+消费者:
+  - 手动 ACK (auto_ack=False)
+  - 预取限制 (prefetch_count)
+  - 死信队列 (DLX) 处理失败消息
+```
+### 死信队列 (DLQ)
+```
+正常队列 ──(消费失败/TTL过期/队列满)──→ 死信交换机 → 死信队列
+                                                        │
+                                              人工处理 / 重试
+```
+---
+## Redis Streams
+```bash
+# 生产
+XADD orders * user_id "123" amount "99.99"
+# 消费组
+XGROUP CREATE orders order-group $ MKSTREAM
+XREADGROUP GROUP order-group consumer-1 COUNT 10 BLOCK 5000 STREAMS orders >
+# 确认
+XACK orders order-group <message-id>
+# 查看待处理
+XPENDING orders order-group
+```
+| 特性 | 适用 | 不适用 |
+|------|------|--------|
+| 轻量级 | 中小规模、低延迟 | 海量数据持久化 |
+| 消费组 | 多消费者并行 | 复杂路由 |
+| 内存存储 | 实时处理 | 长期存储 |
+---
+## 事件驱动架构
+### Event Sourcing
+```
+传统: 只存最终状态
+  Account { balance: 100 }
+Event Sourcing: 存储所有事件
+  AccountCreated { initial: 0 }
+  MoneyDeposited { amount: 200 }
+  MoneyWithdrawn { amount: 100 }
+  → 重放得到 balance: 100
+```
+### CQRS (Command Query Responsibility Segregation)
+```
+Command (写) ──→ Write Model ──→ Event Store
+                                    │
+                              Event Bus
+                                    │
+Query (读) ←── Read Model ←── Projection
+```
+### Saga 模式
+```
+分布式事务编排:
+Choreography (编舞):
+  Order → Payment → Inventory → Shipping
+    每个服务监听事件，自主决策
+Orchestration (编排):
+  Saga Orchestrator
+    ├→ Order Service: 创建订单
+    ├→ Payment Service: 扣款
+    ├→ Inventory Service: 扣库存
+    └→ Shipping Service: 发货
+  失败补偿:
+    Shipping失败 → 补偿Inventory → 补偿Payment → 补偿Order
+```
+---
+## 选型对比
+| 维度 | Kafka | RabbitMQ | Redis Streams |
+|------|-------|----------|---------------|
+| 吞吐量 | 极高 (百万/s) | 高 (万/s) | 高 (十万/s) |
+| 延迟 | ms 级 | μs-ms 级 | μs 级 |
+| 持久化 | 磁盘 | 磁盘/内存 | 内存+AOF |
+| 消息顺序 | 分区内有序 | 队列内有序 | 流内有序 |
+| 消息回溯 | ✅ 支持 | ❌ 不支持 | ✅ 支持 |
+| 协议 | 自有协议 | AMQP | Redis协议 |
+| 适用 | 大数据/日志/流处理 | 业务消息/RPC | 轻量级实时 |
+### 选型决策树
+```
+需要消息回溯？
+  ├─ 是 → Kafka / Redis Streams
+  └─ 否 → 需要复杂路由？
+       ├─ 是 → RabbitMQ
+       └─ 否 → 吞吐量要求？
+            ├─ 极高 (>10万/s) → Kafka
+            ├─ 中等 → RabbitMQ
+            └─ 轻量 → Redis Streams
+```
+---
+## 常见问题
+### 消息丢失
+```yaml
+防丢三板斧:
+  生产端: acks=all + retries + 幂等
+  Broker: replication + 持久化 + min.insync.replicas
+  消费端: 手动提交 + 处理后确认
+```
+### 消息重复
+```yaml
+幂等处理:
+  - 数据库唯一约束 (message_id)
+  - Redis SETNX 去重
+  - 业务层幂等设计 (状态机)
+```
+### 消息积压
+```yaml
+应急:
+  - 增加消费者实例
+  - 临时扩大分区 (Kafka)
+  - 跳过非关键消息
+根治:
+  - 优化消费者处理速度
+  - 合理设置分区数
+  - 监控消费 lag 告警
+```
+---
+## 最佳实践
+```yaml
+设计:
+  - 消息体尽量小，大数据用引用
+  - 消息必须包含唯一ID和时间戳
+  - 定义清晰的消息 Schema (Avro/Protobuf)
+  - 版本兼容 (向后兼容)
+运维:
+  - 监控消费 lag
+  - 死信队列告警
+  - 定期清理过期消息
+  - 容量规划 (磁盘/内存)
+安全:
+  - TLS 加密传输
+  - SASL 认证
+  - ACL 授权
+  - 审计日志
+```