npm - codingbuddy-rules - Versions diffs - 2.4.2 → 3.0.2 - Mend

codingbuddy-rules 2.4.2 → 3.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (53) hide show

package/.ai-rules/agents/performance-specialist.json CHANGED Viewed

@@ -24,7 +24,30 @@
       "Plan and assess image optimization",
       "Plan and identify memory leaks",
       "Plan and optimize network requests"
-    ]
+    ],
+    "delegation_rules": {
+      "to_event_architecture_specialist": [
+        "When message queue throughput needs optimization analysis",
+        "When event processing latency impacts application performance",
+        "When consumer group scaling affects system resources",
+        "When event batching strategy needs performance tuning"
+      ],
+      "from_event_architecture_specialist": [
+        "When event handlers cause memory leaks or excessive CPU usage",
+        "When WebSocket connections impact Core Web Vitals",
+        "When real-time event rendering causes performance bottlenecks"
+      ],
+      "to_observability_specialist": [
+        "When observability infrastructure for performance metrics is needed",
+        "When custom metric collection for performance analysis is required",
+        "When latency tracing across services is needed"
+      ],
+      "from_observability_specialist": [
+        "When performance optimization requires metric analysis",
+        "When Core Web Vitals monitoring integration is needed",
+        "When application profiling beyond observability is required"
+      ]
+    }
   },
   "context_files": [
     ".ai-rules/rules/core.md",
@@ -509,7 +532,6 @@
     }
   },
   "communication": {
-    "language": "en",
     "approach": [
       "Start by understanding performance context (planning/implementation/evaluation)",
       "Plan/analyze bundle size and rendering",

package/.ai-rules/agents/plan-mode.json CHANGED Viewed

@@ -89,7 +89,6 @@
   },
   "communication": {
-    "language": "en",
     "style": "Systematic approach focused on planning",
     "format": "Clear section separation in structured markdown format"
   },

package/.ai-rules/agents/platform-engineer.json CHANGED Viewed

@@ -1197,7 +1197,6 @@
   },
   "communication": {
-    "language": "en",
     "approach": [
       "Start by understanding current infrastructure state",
       "Review existing IaC before making changes",

package/.ai-rules/agents/security-specialist.json CHANGED Viewed

@@ -5,20 +5,6 @@
     "preferred": "claude-sonnet-4-20250514",
     "reason": "Suitable model for security analysis"
   },
-  "delegation_rules": {
-    "to_integration_specialist": [
-      "When security review identifies external API integration concerns",
-      "When OAuth flow implementation details need verification beyond security scope",
-      "When webhook signature verification implementation is needed",
-      "When circuit breaker or retry pattern implementation is required"
-    ],
-    "from_integration_specialist": [
-      "When OAuth implementation requires vulnerability assessment or penetration testing",
-      "When authentication/authorization architecture needs security audit",
-      "When XSS/CSRF/SQL injection prevention review is needed beyond integration scope",
-      "When secrets management requires security policy review"
-    ]
-  },
   "role": {
     "title": "Security Engineer",
     "expertise": [
@@ -37,7 +23,33 @@
       "Plan and validate JWT token management and storage",
       "Plan and ensure CSRF/XSS protection mechanisms",
       "Plan and review rate limiting and input validation"
-    ]
+    ],
+    "delegation_rules": {
+      "to_integration_specialist": [
+        "When security review identifies external API integration concerns",
+        "When OAuth flow implementation details need verification beyond security scope",
+        "When webhook signature verification implementation is needed",
+        "When circuit breaker or retry pattern implementation is required"
+      ],
+      "from_integration_specialist": [
+        "When OAuth implementation requires vulnerability assessment or penetration testing",
+        "When authentication/authorization architecture needs security audit",
+        "When XSS/CSRF/SQL injection prevention review is needed beyond integration scope",
+        "When secrets management requires security policy review"
+      ],
+      "to_observability_specialist": [
+        "When security audit trails need observability infrastructure design",
+        "When security event logging requires structured logging patterns",
+        "When security metrics (failed logins, blocked requests) need monitoring setup",
+        "When security alerting thresholds and SLOs need definition"
+      ],
+      "from_observability_specialist": [
+        "When observability infrastructure needs security review (log access, PII in traces)",
+        "When metrics endpoints require authentication/authorization",
+        "When tracing data contains sensitive information needing protection",
+        "When log retention policies require compliance review"
+      ]
+    }
   },
   "context_files": [
     ".ai-rules/rules/core.md",
@@ -460,7 +472,6 @@
     }
   },
   "communication": {
-    "language": "en",
     "approach": [
       "Start by understanding security context (planning/implementation/evaluation)",
       "Plan/verify authentication implementation",

package/.ai-rules/agents/seo-specialist.json CHANGED Viewed

@@ -407,7 +407,6 @@
     }
   },
   "communication": {
-    "language": "en",
     "approach": [
       "Start by understanding SEO context (planning/implementation/evaluation)",
       "Plan/review metadata implementation",

package/.ai-rules/agents/solution-architect.json CHANGED Viewed

@@ -162,7 +162,6 @@
   },
   "communication": {
-    "language": "en",
     "style": "Systematic and clear approach, option-oriented design",
     "approach": [
       "Start with brainstorming skill",

package/.ai-rules/agents/technical-planner.json CHANGED Viewed

@@ -198,7 +198,6 @@
   },
   "communication": {
-    "language": "en",
     "style": "Detailed and actionable plans, TDD-focused",
     "approach": [
       "Start with writing-plans skill",

package/.ai-rules/agents/test-strategy-specialist.json CHANGED Viewed

@@ -24,7 +24,20 @@
       "Plan and verify edge case testing",
       "Plan and verify test organization",
       "Plan and verify no mocking approach"
-    ]
+    ],
+    "delegation_rules": {
+      "to_event_architecture_specialist": [
+        "When saga pattern tests need choreography/orchestration verification",
+        "When event schema contract tests need compatibility validation",
+        "When event replay tests need idempotency verification",
+        "When distributed transaction tests need compensation logic testing"
+      ],
+      "from_event_architecture_specialist": [
+        "When event consumer test coverage falls below 90%",
+        "When saga test structure needs TDD guidance",
+        "When contract test organization needs standardization"
+      ]
+    }
   },
   "context_files": [
     ".ai-rules/rules/core.md",
@@ -523,7 +536,6 @@
     }
   },
   "communication": {
-    "language": "en",
     "approach": [
       "Start by understanding test context (planning/implementation/evaluation)",
       "Plan/verify TDD vs Test-After approach",

package/.ai-rules/agents/ui-ux-designer.json CHANGED Viewed

@@ -493,7 +493,6 @@
   },
   "communication": {
-    "language": "en",
     "approach": [
       "Start by understanding user goals and context",
       "Apply universal design principles (not system-specific)",

package/.ai-rules/rules/core.md CHANGED Viewed

@@ -182,6 +182,15 @@ See `.ai-rules/rules/clarification-guide.md` for detailed question guidelines.
 - [Input validation planning]
 - [XSS/CSRF protection planning]
+## 📨 Event Architecture Planning
+(When event-driven architecture, message queues, or distributed transactions planning is needed)
+- Use Event Architecture Specialist Agent framework (`.ai-rules/agents/event-architecture-specialist.json`) modes.planning for comprehensive event architecture planning
+- [Message broker selection (Kafka, RabbitMQ, SQS)]
+- [Event schema and versioning planning]
+- [Delivery guarantees and idempotency planning]
+- [Saga pattern design (Choreography vs Orchestration)]
+- [Real-time communication planning (WebSocket, SSE)]
 ## ♿ Accessibility Planning
 (When accessibility planning is needed)
 - Use Accessibility Specialist Agent framework (`.ai-rules/agents/accessibility-specialist.json`) modes.planning for comprehensive accessibility planning
@@ -353,6 +362,14 @@ Execute implementation following TDD cycle, augmented coding principles, and qua
 - [Input validation verification]
 - [XSS/CSRF protection verification]
+## 📨 Event Architecture Implementation Verification
+(When event-driven architecture implementation verification is needed)
+- Use Event Architecture Specialist Agent framework (`.ai-rules/agents/event-architecture-specialist.json`) modes.implementation for comprehensive event architecture implementation verification
+- [Producer/consumer implementation verification]
+- [Idempotency and retry configuration verification]
+- [DLQ and error handling verification]
+- [Correlation ID tracking verification]
 ## ♿ Accessibility Implementation Verification
 (When accessibility implementation verification is needed)
 - Use Accessibility Specialist Agent framework (`.ai-rules/agents/accessibility-specialist.json`) modes.implementation for comprehensive accessibility implementation verification
@@ -591,6 +608,14 @@ Self-improvement through iterative refinement
 - [CSRF/XSS protection verification]
 - [Security vulnerabilities with risk assessment (Critical/High/Medium/Low)]
+## 📨 Event Architecture Assessment
+(When event-driven architecture or message queue code is present)
+- Use Event Architecture Specialist Agent framework (`.ai-rules/agents/event-architecture-specialist.json`) modes.evaluation for comprehensive event architecture review
+- [Reliability and delivery guarantees audit]
+- [Consistency and saga pattern verification]
+- [Scalability and partitioning assessment]
+- [Observability and correlation ID verification]
 ## ♿ Accessibility Assessment
 (When UI components are present)
 - Use Accessibility Specialist Agent framework (`.ai-rules/agents/accessibility-specialist.json`) for comprehensive accessibility review

package/.ai-rules/skills/README.md CHANGED Viewed

@@ -6,13 +6,20 @@ Reusable workflows for consistent development practices.
 | Skill | Description | When to Use |
 |-------|-------------|-------------|
+| api-design | REST/GraphQL API design with OpenAPI spec, versioning, and documentation | Designing new APIs |
 | brainstorming | Explores user intent, requirements and design before implementation | Before any creative work |
+| database-migration | Zero-downtime schema changes, large-scale data migrations, rollback planning | Schema changes, data migrations, production database modifications |
+| dependency-management | Systematic dependency updates, CVE response, and license compliance | Security vulnerabilities, major upgrades, license audits |
 | dispatching-parallel-agents | Handle 2+ independent tasks without shared state | Parallel task execution |
 | executing-plans | Execute implementation plans with review checkpoints | Following written plans |
 | frontend-design | Create distinctive, production-grade frontend interfaces | Building web components/pages |
+| incident-response | Systematic organizational response to production incidents | Production incidents, alerts, service degradation |
+| pr-review | Systematic, evidence-based PR review with anti-sycophancy principles | Conducting manual PR reviews |
+| refactoring | Structured, test-driven refactoring workflow with Tidy First principles | Improving code structure without changing behavior |
 | subagent-driven-development | Execute plans with independent tasks in current session | In-session plan execution |
 | systematic-debugging | Systematic approach before proposing fixes | Encountering bugs or failures |
 | test-driven-development | Write tests first, then minimal code to pass | Before implementing features |
+| performance-optimization | Profiling-first performance optimization workflow | Performance issues, bottleneck analysis, optimization |
 | writing-plans | Create implementation plans before coding | Multi-step tasks with specs |
 ## Skill Format
@@ -93,14 +100,42 @@ EOF
 ```
 .ai-rules/skills/
 ├── README.md                       # This file
+├── api-design/
+│   └── SKILL.md
 ├── brainstorming/
 │   └── SKILL.md
+├── database-migration/
+│   ├── SKILL.md
+│   ├── expand-contract-patterns.md
+│   ├── large-scale-migration.md
+│   ├── rollback-strategies.md
+│   └── validation-procedures.md
+├── dependency-management/
+│   ├── SKILL.md
+│   ├── security-vulnerability-response.md
+│   ├── major-upgrade-guide.md
+│   ├── lock-file-management.md
+│   └── license-compliance.md
 ├── dispatching-parallel-agents/
 │   └── SKILL.md
 ├── executing-plans/
 │   └── SKILL.md
 ├── frontend-design/
 │   └── SKILL.md
+├── incident-response/
+│   ├── SKILL.md
+│   ├── communication-templates.md
+│   ├── escalation-matrix.md
+│   ├── postmortem-template.md
+│   └── severity-classification.md
+├── performance-optimization/
+│   ├── SKILL.md
+│   └── documentation-template.md
+├── pr-review/
+│   └── SKILL.md
+├── refactoring/
+│   ├── SKILL.md
+│   └── refactoring-catalog.md
 ├── subagent-driven-development/
 │   └── SKILL.md
 ├── systematic-debugging/