cortexhawk 3.1.0

package/.cortexhawk-team.yml

@@ -0,0 +1,65 @@
+# .cortexhawk-team.yml
+# Generated from .cortexhawk-manifest by CortexHawk
+version: "1"
+profile: all
+skills:
+  - databases/schema-designer
+  - databases/sql-optimizer
+  - devops/ci-cd
+  - devops/deployment
+  - devops/docker
+  - frameworks/api-design
+  - frameworks/fastapi
+  - frameworks/nextjs
+  - frameworks/python
+  - frameworks/react
+  - frameworks/sveltekit
+  - frameworks/tailwindcss
+  - frameworks/typescript
+  - meta/mcp-builder
+  - meta/skill-creator
+  - optimization/performance
+  - quality/complexity-analyzer
+  - quality/error-handling
+  - quality/log-analyzer
+  - quality/pattern-detector
+  - security/auth-analyzer
+  - security/compliance-checker
+  - security/container-security
+  - security/dependency-auditor
+  - security/encryption
+  - security/incident-response
+  - security/secrets
+  - security/security-headers
+  - security/security-logging
+  - security/vulnerability-scanner
+  - testing/e2e-testing
+  - testing/tdd
+  - testing/test-generator
+  - workflow/commit
+  - workflow/confidence-check
+  - workflow/pr-review-comments
+hooks:
+  - agent-analytics
+  - branch-guard
+  - codex-dispatcher
+  - commit-guard
+  - dependency-check
+  - file-guard
+  - self-review
+  - session-start
+  - session-telemetry
+  - test-reminder
+modes:
+  - default
+  - fast
+  - learn
+  - orchestration
+  - pair
+  - research
+  - review
+git_workflow:
+  branching: direct-main
+  commit_convention: conventional
+  pr_preference: never
+  auto_push: after-commit

package/CHANGELOG.md

@@ -0,0 +1,268 @@
+# Changelog
+
+All notable changes to CortexHawk are documented here.
+Format: [Keep a Changelog](https://keepachangelog.com/)
+
+## [3.1.0] - 2026-02-14
+
+### Added
+- `cortexhawk` CLI wrapper: clean subcommands (init, install, update, doctor, search, snapshot, etc.) instead of `bash install.sh --flags`. Install via `./setup.sh`
+- `cortexhawk self-update`: git pull CortexHawk source and show version diff
+- `--target auto`: auto-detects installed CLIs (claude, kimi, codex) and installs for all found — no need to specify which CLIs are available
+- `cortexhawk validate [path]`: post-install diagnostic that verifies skills/agents/commands/hooks discovery per target — checks manifest, file counts, settings.json validity, .gitignore coverage
+- npm distribution: `npm install -g cortexhawk` installs the CLI globally — auto-resolves `CORTEXHAWK_HOME` from symlinked binary, `self-update` detects npm install and suggests `npm update -g`
+
+## [3.0.0] - 2026-02-14
+
+### Added
+- `--demo` flag: creates a sandbox project in `/tmp/` with Express.js app (intentional bugs + security vulns), CortexHawk pre-installed, and guided instructions to try `/scan`, `/debug`, `/check`, `/test`
+- `/upgrade` command + `--check-update` flag: detects installed version vs latest, shows changelog delta between versions, proposes `--update` if outdated
+- `--publish-skill <path>` flag: publish a local skill to GitHub — validates SKILL.md, creates repo via `gh` CLI, pushes content, auto-generates README, optionally notifies SkillsMP for indexation
+- README badges: GitHub stars, license, version, skill count (36 + 87k+ SkillsMP), component summary
+- `docs/TROUBLESHOOTING.md`: 10 common issues with solutions — hooks not triggering, SkillsMP setup, branch-guard, personas, snapshot restore, .env format
+- `--stats` flag: displays installation overview — version, target, profile, component counts (skills, hooks, agents, commands, modes, packs), SkillsMP status, snapshots
+- `--quickstart` flag: displays getting-started guide with 5 things to try after install (/check, /chain, /pulse, /context, --search)
+- `/bootstrap --smart` flag: scans project context files (roadmap, PRD), researches and compares tech stacks via researcher agent, recommends optimal stack, then scaffolds with user confirmation
+
+### Changed
+- README v3 sync: comprehensive update with all v2.1.0+ features — SkillsMP (87k+ skills), skill packs, hook catalog, agent personas, `/check`, `/context`, chain replay, agent delegation, `.env` support, config aliases
+- `--init` wizard UX refonte: reordered flow (git workflow before summary), descriptions on all options, "dev branch" branching strategy (fixed working branch with PR to main), complete summary showing all choices including git workflow
+- `--init` auto git setup: detects missing `.git/` and `.gitignore`, offers `git init` and creates a base `.gitignore` before installing
+- Post-install gitignore: auto-adds target directory (`.claude/`, `.kimi/`, `.codex/`, `.agents/`) to `.gitignore`, asks whether to track `docs/` in git
+- Default git workflow: installs without `--init` now write `git-workflow.conf` with sensible defaults (direct-main, conventional, on-demand, after-commit) instead of skipping git config entirely
+- `--update` now applies install improvements: gitignore (target dir + docs/ prompt), git-workflow.conf defaults — not just component sync
+- `--update` checksum-based detection: compares installed file checksums vs source files instead of just version number — detects changed files even when version is identical
+
+- Experimental CLI warning: Kimi and Codex targets marked as "experimental" in README, wizard, and print_usage — only Claude Code is fully supported
+- Post-install restart instructions: clear "exit (ctrl+c) and relaunch" message per target instead of vague "Restart X to activate"
+- Kimi CLI support overhaul: commands converted to skills (/skill:cmd-name), hooks converted to prompt-based skills (/skill:hook-name), agents converted to skills (/skill:agent-name), AGENTS.md generated in project root (auto-injected by Kimi as KIMI_AGENTS_MD), MCP made optional with reference doc instead of crashing, removed unused YAML agent wrappers
+- Kimi local install DX: auto-creates `.envrc` with `KIMI_SHARE_DIR`, auto-runs `direnv allow` if direnv is installed, adds `.envrc` to `.gitignore`
+
+### Removed
+- `--target cursor` support: Cursor CLI too unstable for maintained support — removed installer, wizard option, and all references
+
+## [2.1.0] - 2026-02-11
+
+### Changed
+- Shared conversion functions: extracted 5 reusable functions (`create_docs_workspace`, `generate_agents_md`, `convert_modes_to_skills`, `merge_mcp_json`, `merge_mcp_toml`) from duplicated inline code across Claude/Kimi/Codex installers
+- Snapshot rotation: `do_snapshot()` now keeps only the 10 most recent snapshots, automatically removing older ones to prevent accumulation
+- SkillsMP DX: install.sh auto-loads `.env` at startup, `.env.example` in repo, `--init` wizard prompts for optional SkillsMP API key and saves to `.env`
+- `--search` now queries SkillsMP API (87k+ skills) when `SKILLSMP_API_KEY` env var is set — shows name, author, stars, description; falls back to local REGISTRY.md without key
+- `--list-hooks`, `--enable-hook`, `--disable-hook` flags: hook catalog with toggle — lists all 9 hooks with event/status, disables via compose.yml comment, auto-regenerates settings.json
+- `/context` command: manage persistent project context (`set key=value`, `list`, `clear`) in `docs/.context/_user.md` — auto-merged into `_shared.md` at session start, readable by all 20 agents
+- `/chain --replay <slug>` flag: re-execute a previous chain from `docs/chains/` with fresh context — reads SUMMARY.md to extract the original agent sequence
+- `--pack <name>` flag: install skill pack bundles from `PACKS.md` (react-app, python-api, svelte-app, devops-full, security-suite, testing-full) — generates temporary profile, complementary to `--profile`
+- `/check` command: pre-commit quality gate running lint, tests, security scan, and code review in quick mode — outputs GO/NO-GO verdict table
+- `--export-config`/`--import-config` flags: aliases for `--export-team`/`--team` — portable config export/import with the same YAML format, simplified from deferred #32
+- Agent personas: custom agents in `.cortexhawk-agents/` at project root with `extends:` frontmatter — inherit from base agents with rule/style overrides, auto-copied to `.claude/agents/` on install/update
+- `--search <keyword>` flag: search community skill registry (REGISTRY.md) for matching skills — shows name, category, description, and install command; uses local file or fetches from GitHub
+- Agent delegation lite: `@delegate(agent, context, return)` convention in agent outputs — `/chain` detects and invokes sub-agents dynamically, saved as sub-steps (supersedes deferred #18)
+- Skill dependency graph: `requires:` frontmatter in SKILL.md declares dependencies between skills — validated by `validate.sh` and `--add-skill`, reported in `/pulse`
+- `/pulse --history Nd` flag: metrics trends over N days — reads `docs/.metrics/*.jsonl`, shows daily invocations/tokens/sessions table, top agents, and averages
+- Custom chain presets: `.cortexhawk-chains.yml` at project root defines reusable chain sequences (e.g., `qa: scan,test,review`) — custom presets override built-in, with optional `gate` and `description` fields; template in `templates/`
+- `--test-hooks` flag: dry-runs all installed hooks with synthetic inputs, reports OK/FAIL per hook with 10s timeout; exit 1 if any hook fails
+- `--dry-run` flag: simulates install/update without writing files — shows delta (added, updated, unchanged, skipped, conflicts) with per-file detail for changes
+- `--uninstall [--force]` flag: clean removal of CortexHawk installation with inventory, pre-uninstall snapshot, interactive confirmation; preserves snapshots and docs/
+- `--doctor` flag: diagnoses installation health — checks manifest, JSON validity, component counts, hook permissions, broken symlinks, version match; exit code 1 on errors
+- `--add-skill <url>` flag: install community skills from GitHub (`user/repo` or full URL) — validates SKILL.md, warns on scripts
+- Hook composer: `hooks/compose.yml` defines hook pipelines per event — edit YAML instead of JSON to add/remove hooks
+- `--snapshot --portable` flag: creates a self-contained `.tar.gz` archive with snapshot + all files — transferable between machines without CortexHawk source
+- Snapshot v2 with file contents: snapshots now store base64-encoded `git-workflow.conf` and `CLAUDE.md` in `"file_contents"` section — enables full restore without version coupling
+- `/chain --copy` flag: physical copy to `docs/plans/` with provenance header instead of symlink — useful for Windows native or network filesystems
+- `--target cursor` flag: installs CortexHawk for Cursor CLI (`.cursor/rules/*.mdc` + `AGENTS.md` + `.agents/skills/` + `.cursor/mcp.json`), agents and modes as .mdc rules with YAML frontmatter
+- `--diff <a> <b>` flag: semantic diff between two snapshots — compares metadata, git workflow, skills (+/-), and files (+/-/~)
+- `--target all` flag: installs CortexHawk for all supported CLIs simultaneously (claude + kimi + codex + cursor) in a single command
+- `--target codex` flag: installs CortexHawk for OpenAI Codex CLI (`.codex/config.toml` + `.agents/skills/` + `AGENTS.md`), with commands-as-skills (`$cmd-name`), modes-as-skills, and JSON→TOML MCP conversion
+- Codex hooks dispatcher: `codex-dispatcher.sh` bridges Codex `after_tool_use` events to 4 CortexHawk PostToolUse hooks (self-review, dependency-check, test-reminder, agent-analytics) with dual extraction strategy
+
+### Fixed
+- **Hooks exit code protocol**: blocking hooks (file-guard, branch-guard, commit-guard) now use exit 2 + stderr instead of exit 1 + stdout — fixes "hook error" displayed by Claude Code which expects exit 2 for blocking
+- **Hooks zero-dependency parsing**: replaced `python3` JSON parsing with pure `grep`/`sed` in all 8 hooks — eliminates external dependency that caused "hook error" in Claude Code's execution environment
+- **Hooks stdin protocol**: all 9 hooks now read `tool_input.file_path` / `tool_input.command` / `session_id` from stdin JSON instead of non-existent `$FILE_PATH`/`$COMMAND`/`$SESSION_ID` shell variables — fixes "PostToolUse hook error" on all installations
+- Hook paths in `settings.json`: corrected `hooks/` to `.claude/hooks/` — hooks were not triggering because paths didn't match install location
+- Benchmark Phase 2: expectations for all 20 agents (15 new), benchmark.sh validates 89/89 checks
+- `--export-team [file]` flag: converts a snapshot or manifest into a `.cortexhawk-team.yml` file for team sharing
+- Chain symlinks: `chain-post-save.sh` creates `docs/plans/{slug}-plan.md` symlink to chain planner output, regenerates INDEX.md
+- `/ci` command: generates CI/CD pipeline (GitHub Actions/GitLab CI) tailored to project stack and CortexHawk profile
+- `--diff [file]` flag: compares current installation against snapshot or manifest, reports MODIFIED/MISSING/NEW files with checksums
+- `generate-plans-index.sh` script: auto-generates `docs/plans/INDEX.md` listing all plans from standalone and chain sources
+- `--restore --latest` shortcut: restores from the most recent snapshot without specifying the file path
+- `--team` flag: installs from `.cortexhawk-team.yml` team config with minimal YAML parser, selective hooks/modes/skills, and `.cortexhawk-local.yml` override support
+- `--snapshot` flag: saves complete installation state (manifest, settings, git workflow, checksums) to `.cortexhawk-snapshots/`
+- `--restore <file>` flag: restores installation from a snapshot file with checksum verification
+- Automatic pre-update snapshot: `--update` now creates a snapshot before modifying files, with rollback command in summary
+- `/task` command: execute a backlog item end-to-end — reads `docs/backlog.md`, chains plan→build→test→review, then ships
+- `--snapshots` flag: lists all saved snapshots with date, version, and profile
+- Smart chain save: `/task` skips `docs/chains/` output for effort L items, saves for M/H, `--save` flag forces save
+- `pair` mode: 7th behavioral preset alternating implementer and reviewer on each change (max 2 review cycles)
+- `/chain` command: sequential agent execution with context passing via `docs/chains/`
+- 3 chain presets: `default` (plan→build→test→review), `security` (scan→review), `ship` (test→review→ship)
+- `--gate` flag for step-by-step confirmation between agents
+- `docs/chains/` output directory for chain run artifacts
+- `agent-analytics` hook: tracks agent invocations with estimated tokens and timestamps to `docs/.metrics/`
+- `docs/.metrics/` directory for daily JSONL analytics files
+- Session-start displays daily agent invocation count
+- `session-telemetry` hook: generates session summary (agents invoked, tokens, duration, files modified) on exit
+- `/pulse` now displays agent analytics section (invocations, tokens, session duration)
+
+## [2.0.0] - 2026-02-10
+
+### Added
+- `learn` mode: 6th behavioral preset with 3 teaching levels (guided, mentor, professor)
+- `/learn` command: activates learn mode with level and topic
+- `/export` command: saves current session as structured markdown to `docs/conversations/`
+- `codebase-mapper` agent: 19th agent that analyzes and maps codebase architecture, dependencies, entry points, and patterns
+- `/map` command: generates `CODEBASE.md` architectural map of the project
+- `/pulse` command: project health dashboard showing git health, code quality markers, dependency audit, backlog summary, and test status at a glance
+- Skill auto-detect: `--profile autodetect` scans project stack and installs relevant skills
+- `teacher` agent: 20th agent backing `/learn` with 3 teaching levels (guided, mentor, professor)
+- Skill auto-detect Phase 2: metadata-driven detection via `detect:` frontmatter in SKILL.md
+- Git workflow wizard: `install.sh --init` step 5 configures branching, commit convention, PR preference, and auto-push
+- Self-update: `install.sh --update` pulls latest version, detects user-modified files, interactive conflict resolution (overwrite/skip/diff), manifest-based checksum tracking
+
+## [1.9.0] - 2026-02-09
+
+### Added
+- Smart context loader: `session-start.sh` auto-generates `docs/.context/_shared.md` with backlog summary, last 5 commits, and active warnings
+- All 18 agents now read `_shared.md` in step 0 for project-wide awareness
+
+### Changed
+- 13 agents step 0: `_shared.md` + agent-specific context
+- 5 agents step 0: `_shared.md` + agent-specific context + last 3 docs/ files
+
+## [1.8.0] - 2026-02-09
+
+### Added
+- Prompt benchmarking framework (Phase 1): `scripts/benchmark.sh`
+- 3 synthetic repos in `tests/fixtures/` (Node/Express, Python/FastAPI, React/Next.js) with intentional bugs and security flaws
+- 5 agent expectation files in `tests/expectations/` (planner, implementer, reviewer, debugger, security-auditor)
+- Each fixture contains tagged `BUG:` and `VULN:` markers for validation
+- Benchmark validator checks fixture integrity and expectation JSON schema
+
+## [1.7.0] - 2026-02-09
+
+### Added
+- Agent memory: each agent reads/writes `docs/.context/{agent-name}.md` to persist patterns, decisions, and key files across sessions
+- `docs/.context/` directory created by `install.sh` alongside other docs subdirectories
+- `session-start` hook displays agent memory status (context file count)
+
+### Changed
+- 5 agents with existing context step now also read their `.context.md` file (planner, brainstormer, researcher, security-auditor, journal-writer)
+- 13 agents now have a context step (step 0) reading their `.context.md` file
+
+## [1.6.0] - 2026-02-09
+
+### Added
+- Interactive onboarding wizard: `install.sh --init`
+- 4-step setup: target CLI, scope, skill selection, confirmation
+- Custom skill category selection (pick from 9 categories)
+- `scripts/interactive-init.sh`: wizard logic sourced by install.sh
+- `PROFILE_FILE` support for custom/generated profiles
+
+### Changed
+- `copy_skills()` uses global `PROFILE_FILE` instead of reconstructing path
+- Profile validation supports both named profiles and custom file paths
+
+## [1.5.1] - 2026-02-09
+
+### Added
+- Post-install security audit: 5 checks run automatically after `install.sh`
+- `scripts/post-install-audit.sh`: .gitignore, committed .env, hardcoded secrets, dependency vulns, sensitive files
+- `--no-scan` flag to skip post-install audit
+
+## [1.5.0] - 2026-02-09
+
+### Added
+- `--profile` flag for install.sh: `fullstack`, `api`, `data`
+- `profiles/` directory with 3 JSON profile definitions
+- Profiles filter which skills are installed — agents remain universal
+- Without `--profile`, all skills are installed (unchanged behavior)
+
+## [1.4.1] - 2026-02-09
+
+### Added
+- `docs/` workspace created by install.sh (brainstorms, plans, decisions, research, audits)
+- Kimi CLI local install: direnv / KIMI_SHARE_DIR instructions
+- 5 agents now persist outputs to `docs/`: brainstormer, planner, journal-writer, researcher, security-auditor
+- 5 commands updated to reference `docs/` save paths
+
+### Changed
+- CLAUDE.md and README.md updated to document `docs/` workspace
+
+## [1.4.0] - 2026-02-08
+
+### Added
+- Multi-CLI install system: `install.sh --target kimi` for Kimi CLI support
+- Kimi agent wrappers: auto-generated `agent.yaml` + `system.md` per agent
+- Kimi AGENTS.md: auto-generated from CLAUDE.md (agents, skills, modes sections)
+- Kimi MCP: merged `mcp.json` with all 3 server configs
+- Kimi modes: converted to skills at `skills/modes/<name>/SKILL.md`
+- CLI argument parsing: `--target`, `--global`, `--help`
+
+### Changed
+- install.sh refactored into `install_claude()` and `install_kimi()` functions
+- Default behavior (no flags) remains identical to previous version
+
+## [1.3.0] - 2026-02-08
+
+### Added
+- Security skills: secrets, encryption, container-security, security-logging, incident-response (10 total security skills)
+- Full security coverage: auth, headers, vulns, deps, compliance, secrets, crypto, containers, logging, IR
+
+### Changed
+- Enriched existing security skills with content from security suite:
+  - auth-analyzer: added OAuth2 flows, PKCE pattern, key rotation
+  - security-headers: added CSRF protection strategies, COOP/CORP headers
+  - dependency-auditor: added CI/CD pipeline, supply chain threats, automated updates
+  - vulnerability-scanner: added SAST/DAST tool matrices, security test cases
+  - compliance-checker: added data classification tiers, PCI DSS section
+- security-auditor agent: now references all 10 security skills
+- Updated component counts (31→36 skills)
+
+## [1.2.0] - 2026-02-08
+
+### Added
+- Hooks: branch-guard, dependency-check, commit-guard, test-reminder (7 total)
+- branch-guard: prevents push to main/master/production/release + blocks force push
+- commit-guard: validates conventional commit format, scans staged files for secrets
+- dependency-check: alerts on package.json/requirements.txt/Cargo.toml/go.mod/Gemfile changes
+- test-reminder: checks for corresponding test files when source code is modified
+
+### Changed
+- settings.json: new PreToolUse (Bash) and PostToolUse (Write|Edit) hook registrations
+- Updated component counts across all docs and plugin metadata
+
+## [1.1.0] - 2026-02-08
+
+### Added
+- Skills: api-design, error-handling, e2e-testing (31 total)
+- Skills: confidence-check, pr-review-comments (workflow category)
+- MCP configs: context7, sequential-thinking, puppeteer
+- CONTRIBUTING.md, CHANGELOG.md
+- GitHub templates: bug report, feature request, PR template
+- Validation script: `scripts/validate.sh`
+
+### Changed
+- install.sh: now copies MCP configs, settings.json, and CLAUDE.md
+- All agents harmonized: consistent Process, Output Format, Rules sections
+- All commands: YAML frontmatter added
+- All skills: code examples added where missing
+- Hooks: file-guard (path normalization), self-review (actual checks), session-start (UUOC fix)
+- plugin.json: updated component counts
+- README.md: reflects all components
+
+### Removed
+- docs/principles.md (merged into CONTRIBUTING.md)
+
+## [1.0.0] - 2026-02-08
+
+### Added
+- 18 specialized agents
+- 21 slash commands
+- 26 skills across 8 categories
+- 3 lifecycle hooks: file-guard, self-review, session-start
+- 5 behavioral modes: default, fast, research, review, orchestration
+- Contribution templates
+- Plugin marketplace support (.claude-plugin)
+- Global and local install script
+- settings.json with permissions and hook configuration

package/CLAUDE.md

@@ -0,0 +1,96 @@
+# CortexHawk
+
+Open-source development toolkit for Claude Code — optimized agents, skills, commands, hooks, and modes.
+
+## Structure
+
+```
+agents/       — 20 specialized AI agents
+commands/     — 32 slash commands
+scripts/      — Validation and post-install audit scripts
+skills/       — 36 domain-specific knowledge modules
+hooks/        — 9 lifecycle hooks
+modes/        — 7 behavioral presets
+profiles/     — 3 install profiles (fullstack, api, data)
+mcp/          — Pre-configured MCP server configs
+docs/         — Agent outputs (brainstorms, plans, decisions, research, audits, conversations, chains)
+templates/    — Templates for contributing new components (agents, commands, skills, chain presets, personas)
+CONTRIBUTING.md — Contribution guidelines
+```
+
+## Agent Personas
+
+Custom agents in `.cortexhawk-agents/` at project root. Each `.md` file uses `extends:` frontmatter to inherit from a base agent and override rules/style. Copied to `.claude/agents/` on install/update.
+
+## Agents
+
+| Agent | Role |
+|---|---|
+| planner | Breaks features into executable tasks |
+| implementer | Writes production code from plans |
+| tester | Generates tests and validates coverage |
+| reviewer | Multi-pass code review |
+| debugger | Root cause analysis and fix |
+| security-auditor | OWASP Top 10, CVE scanning |
+| architect | System design and API decisions |
+| devops | CI/CD, Docker, deployment |
+| researcher | Tech research and comparison |
+| designer | UI/UX patterns, accessibility |
+| git-manager | Branching, commits, PR management |
+| docs-manager | Documentation generation |
+| project-manager | Progress tracking, roadmaps |
+| copywriter | Release notes, changelogs, comms |
+| journal-writer | Dev journals, decision logs |
+| brainstormer | Ideation, mind mapping, exploration |
+| code-simplifier | Complexity reduction, clarification |
+| codebase-mapper | Generates architectural map of the codebase |
+| fullstack-developer | Full-stack orchestration front+back |
+| teacher | Teaches concepts with 3 pedagogical levels (guided, mentor, professor) |
+
+## Commands
+
+`/plan` `/build` `/test` `/review` `/ship` `/debug` `/scan` `/check` `/refactor` `/research` `/doc` `/bootstrap` `/tdd` `/optimize` `/migrate` `/monitor` `/api-gen` `/changelog` `/journal` `/brainstorm` `/simplify` `/deploy` `/export` `/backlog` `/pulse` `/map` `/learn` `/chain` `/task` `/ci` `/context` `/upgrade`
+
+## Skills
+
+- **Security**: auth-analyzer, compliance-checker, container-security, dependency-auditor, encryption, incident-response, secrets, security-headers, security-logging, vulnerability-scanner
+- **DevOps**: ci-cd, deployment, docker
+- **Databases**: schema-designer, sql-optimizer
+- **Testing**: e2e-testing, tdd, test-generator
+- **Quality**: complexity-analyzer, error-handling, log-analyzer, pattern-detector
+- **Meta**: mcp-builder, skill-creator
+- **Frameworks**: api-design, fastapi, nextjs, react, sveltekit, tailwindcss, typescript, python
+- **Optimization**: performance
+- **Workflow**: commit, confidence-check, pr-review-comments
+
+## Modes
+
+| Mode | Behavior |
+|---|---|
+| default | Balanced, clear, actionable |
+| fast | Minimal tokens, direct answers |
+| research | Deep analysis, brainstorming |
+| review | Critical, thorough examination |
+| orchestration | Multi-agent coordination |
+| learn | Teaching mode with 3 levels (guided, mentor, professor) |
+| pair | Alternate implementer/reviewer on each change, max 2 cycles |
+
+## Hooks
+
+- `file-guard` (PreToolUse) — Blocks access to .env, secrets, keys
+- `branch-guard` (PreToolUse) — Prevents direct push to protected branches
+- `commit-guard` (PreToolUse) — Validates conventional commits, checks staged secrets
+- `self-review` (PostToolUse) — Checks for TODO/FIXME, secrets, debug artifacts
+- `dependency-check` (PostToolUse) — Alerts when dependency files are modified
+- `test-reminder` (PostToolUse) — Reminds to update tests for modified source files
+- `agent-analytics` (PostToolUse) — Tracks agent invocations, estimated tokens, and timestamps
+- `session-telemetry` (SessionEnd) — Generates session summary with agents, tokens, duration, and files modified
+- `session-start` (SessionStart) — Project context injection
+
+## Conventions
+
+- Max 100 lines per agent, 50 per command, 150 per skill
+- Every token must add value — no verbosity
+- Checklists > paragraphs, code examples > prose
+- One responsibility per component
+- All agents follow: frontmatter → description → Process → Output Format → Rules

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 CortexHawk Contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/PACKS.md

@@ -0,0 +1,14 @@
+# Skill Packs
+
+Pre-assembled skill bundles for common stacks. Install with `install.sh --pack <name>`.
+
+Packs are complementary to profiles (`--profile`): profiles are broad (fullstack, api, data), packs are stack-specific.
+
+| Pack | Skills | Description |
+|---|---|---|
+| react-app | frameworks/react, frameworks/nextjs, frameworks/tailwindcss, frameworks/typescript, testing/tdd, testing/e2e-testing | Modern React/Next.js app |
+| python-api | frameworks/python, frameworks/fastapi, frameworks/api-design, databases/schema-designer, databases/sql-optimizer, testing/tdd | Python API backend |
+| svelte-app | frameworks/sveltekit, frameworks/tailwindcss, frameworks/typescript, testing/tdd, testing/e2e-testing | SvelteKit app |
+| devops-full | devops/ci-cd, devops/deployment, devops/docker, security/container-security, quality/log-analyzer | Full DevOps pipeline |
+| security-suite | security/auth-analyzer, security/vulnerability-scanner, security/dependency-auditor, security/compliance-checker, security/secrets, security/encryption, security/container-security, security/security-headers, security/security-logging, security/incident-response | All 10 security skills |
+| testing-full | testing/tdd, testing/test-generator, testing/e2e-testing, quality/complexity-analyzer | Complete testing toolkit |