devflow-kit 0.8.1 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (395) hide show
  1. package/CHANGELOG.md +185 -29
  2. package/LICENSE +1 -1
  3. package/README.md +179 -308
  4. package/dist/cli.js +3 -1
  5. package/dist/commands/init.d.ts +21 -0
  6. package/dist/commands/init.js +311 -575
  7. package/dist/commands/list.d.ts +3 -0
  8. package/dist/commands/list.js +20 -0
  9. package/dist/commands/uninstall.d.ts +10 -0
  10. package/dist/commands/uninstall.js +351 -78
  11. package/dist/plugins.d.ts +46 -0
  12. package/dist/plugins.js +162 -0
  13. package/dist/utils/cli.d.ts +5 -0
  14. package/dist/utils/cli.js +14 -0
  15. package/dist/utils/installer.d.ts +41 -0
  16. package/dist/utils/installer.js +177 -0
  17. package/dist/utils/paths.d.ts +10 -0
  18. package/dist/utils/paths.js +23 -3
  19. package/dist/utils/post-install.d.ts +68 -0
  20. package/dist/utils/post-install.js +427 -0
  21. package/dist/utils/safe-delete-install.d.ts +22 -0
  22. package/dist/utils/safe-delete-install.js +156 -0
  23. package/dist/utils/safe-delete.d.ts +12 -0
  24. package/dist/utils/safe-delete.js +83 -0
  25. package/package.json +18 -8
  26. package/plugins/devflow-audit-claude/.claude-plugin/plugin.json +7 -0
  27. package/plugins/devflow-audit-claude/README.md +46 -0
  28. package/plugins/devflow-audit-claude/agents/claude-md-auditor.md +134 -0
  29. package/plugins/devflow-audit-claude/commands/audit-claude.md +85 -0
  30. package/plugins/devflow-code-review/.claude-plugin/plugin.json +31 -0
  31. package/plugins/devflow-code-review/README.md +73 -0
  32. package/plugins/devflow-code-review/agents/git.md +272 -0
  33. package/plugins/devflow-code-review/agents/reviewer.md +119 -0
  34. package/plugins/devflow-code-review/agents/synthesizer.md +204 -0
  35. package/plugins/devflow-code-review/commands/code-review-teams.md +262 -0
  36. package/plugins/devflow-code-review/commands/code-review.md +141 -0
  37. package/plugins/devflow-code-review/skills/accessibility/SKILL.md +229 -0
  38. package/plugins/devflow-code-review/skills/accessibility/references/detection.md +171 -0
  39. package/plugins/devflow-code-review/skills/accessibility/references/patterns.md +670 -0
  40. package/plugins/devflow-code-review/skills/accessibility/references/violations.md +419 -0
  41. package/plugins/devflow-code-review/skills/agent-teams/SKILL.md +124 -0
  42. package/plugins/devflow-code-review/skills/agent-teams/references/cleanup.md +104 -0
  43. package/plugins/devflow-code-review/skills/agent-teams/references/communication.md +122 -0
  44. package/plugins/devflow-code-review/skills/agent-teams/references/team-patterns.md +217 -0
  45. package/plugins/devflow-code-review/skills/architecture-patterns/SKILL.md +153 -0
  46. package/plugins/devflow-code-review/skills/architecture-patterns/references/detection.md +337 -0
  47. package/plugins/devflow-code-review/skills/architecture-patterns/references/patterns.md +873 -0
  48. package/plugins/devflow-code-review/skills/architecture-patterns/references/violations.md +575 -0
  49. package/plugins/devflow-code-review/skills/complexity-patterns/SKILL.md +143 -0
  50. package/plugins/devflow-code-review/skills/complexity-patterns/references/detection.md +264 -0
  51. package/plugins/devflow-code-review/skills/complexity-patterns/references/patterns.md +487 -0
  52. package/plugins/devflow-code-review/skills/complexity-patterns/references/violations.md +361 -0
  53. package/plugins/devflow-code-review/skills/consistency-patterns/SKILL.md +140 -0
  54. package/plugins/devflow-code-review/skills/consistency-patterns/references/detection.md +207 -0
  55. package/plugins/devflow-code-review/skills/consistency-patterns/references/patterns.md +202 -0
  56. package/plugins/devflow-code-review/skills/consistency-patterns/references/violations.md +213 -0
  57. package/plugins/devflow-code-review/skills/database-patterns/SKILL.md +134 -0
  58. package/plugins/devflow-code-review/skills/database-patterns/references/detection.md +208 -0
  59. package/plugins/devflow-code-review/skills/database-patterns/references/patterns.md +394 -0
  60. package/plugins/devflow-code-review/skills/database-patterns/references/violations.md +332 -0
  61. package/plugins/devflow-code-review/skills/dependencies-patterns/SKILL.md +141 -0
  62. package/plugins/devflow-code-review/skills/dependencies-patterns/references/detection.md +181 -0
  63. package/plugins/devflow-code-review/skills/dependencies-patterns/references/patterns.md +225 -0
  64. package/plugins/devflow-code-review/skills/dependencies-patterns/references/violations.md +247 -0
  65. package/plugins/devflow-code-review/skills/documentation-patterns/SKILL.md +125 -0
  66. package/plugins/devflow-code-review/skills/documentation-patterns/references/detection.md +190 -0
  67. package/plugins/devflow-code-review/skills/documentation-patterns/references/patterns.md +189 -0
  68. package/plugins/devflow-code-review/skills/documentation-patterns/references/violations.md +163 -0
  69. package/plugins/devflow-code-review/skills/frontend-design/SKILL.md +254 -0
  70. package/plugins/devflow-code-review/skills/frontend-design/references/detection.md +184 -0
  71. package/plugins/devflow-code-review/skills/frontend-design/references/patterns.md +511 -0
  72. package/plugins/devflow-code-review/skills/frontend-design/references/violations.md +453 -0
  73. package/plugins/devflow-code-review/skills/performance-patterns/SKILL.md +154 -0
  74. package/plugins/devflow-code-review/skills/performance-patterns/references/detection.md +351 -0
  75. package/plugins/devflow-code-review/skills/performance-patterns/references/patterns.md +503 -0
  76. package/plugins/devflow-code-review/skills/performance-patterns/references/violations.md +354 -0
  77. package/plugins/devflow-code-review/skills/react/SKILL.md +276 -0
  78. package/plugins/devflow-code-review/skills/react/references/patterns.md +1331 -0
  79. package/plugins/devflow-code-review/skills/react/references/violations.md +565 -0
  80. package/plugins/devflow-code-review/skills/regression-patterns/SKILL.md +146 -0
  81. package/plugins/devflow-code-review/skills/regression-patterns/references/detection.md +237 -0
  82. package/plugins/devflow-code-review/skills/regression-patterns/references/patterns.md +226 -0
  83. package/plugins/devflow-code-review/skills/regression-patterns/references/violations.md +225 -0
  84. package/plugins/devflow-code-review/skills/review-methodology/SKILL.md +119 -0
  85. package/plugins/devflow-code-review/skills/review-methodology/references/patterns.md +186 -0
  86. package/plugins/devflow-code-review/skills/review-methodology/references/report-template.md +142 -0
  87. package/plugins/devflow-code-review/skills/review-methodology/references/violations.md +125 -0
  88. package/plugins/devflow-code-review/skills/security-patterns/SKILL.md +156 -0
  89. package/plugins/devflow-code-review/skills/security-patterns/references/detection.md +287 -0
  90. package/plugins/devflow-code-review/skills/security-patterns/references/patterns.md +507 -0
  91. package/plugins/devflow-code-review/skills/security-patterns/references/violations.md +237 -0
  92. package/plugins/devflow-code-review/skills/test-patterns/SKILL.md +183 -0
  93. package/plugins/devflow-code-review/skills/test-patterns/references/detection.md +149 -0
  94. package/plugins/devflow-code-review/skills/test-patterns/references/patterns.md +220 -0
  95. package/plugins/devflow-code-review/skills/test-patterns/references/report-template.md +108 -0
  96. package/plugins/devflow-code-review/skills/test-patterns/references/violations.md +221 -0
  97. package/plugins/devflow-core-skills/.claude-plugin/plugin.json +27 -0
  98. package/plugins/devflow-core-skills/README.md +50 -0
  99. package/plugins/devflow-core-skills/skills/accessibility/SKILL.md +229 -0
  100. package/plugins/devflow-core-skills/skills/accessibility/references/detection.md +171 -0
  101. package/plugins/devflow-core-skills/skills/accessibility/references/patterns.md +670 -0
  102. package/plugins/devflow-core-skills/skills/accessibility/references/violations.md +419 -0
  103. package/plugins/devflow-core-skills/skills/core-patterns/SKILL.md +162 -0
  104. package/plugins/devflow-core-skills/skills/core-patterns/references/checklist.md +276 -0
  105. package/plugins/devflow-core-skills/skills/core-patterns/references/code-smell-violations.md +144 -0
  106. package/plugins/devflow-core-skills/skills/core-patterns/references/detection.md +303 -0
  107. package/plugins/devflow-core-skills/skills/core-patterns/references/patterns.md +576 -0
  108. package/plugins/devflow-core-skills/skills/core-patterns/references/violations.md +369 -0
  109. package/plugins/devflow-core-skills/skills/docs-framework/SKILL.md +134 -0
  110. package/plugins/devflow-core-skills/skills/docs-framework/references/patterns.md +346 -0
  111. package/plugins/devflow-core-skills/skills/docs-framework/references/violations.md +221 -0
  112. package/plugins/devflow-core-skills/skills/frontend-design/SKILL.md +254 -0
  113. package/plugins/devflow-core-skills/skills/frontend-design/references/detection.md +184 -0
  114. package/plugins/devflow-core-skills/skills/frontend-design/references/patterns.md +511 -0
  115. package/plugins/devflow-core-skills/skills/frontend-design/references/violations.md +453 -0
  116. package/plugins/devflow-core-skills/skills/git-safety/SKILL.md +122 -0
  117. package/plugins/devflow-core-skills/skills/git-safety/references/detection.md +290 -0
  118. package/plugins/devflow-core-skills/skills/git-safety/references/patterns.md +289 -0
  119. package/plugins/devflow-core-skills/skills/git-safety/references/violations.md +18 -0
  120. package/plugins/devflow-core-skills/skills/git-workflow/SKILL.md +158 -0
  121. package/plugins/devflow-core-skills/skills/git-workflow/references/commit-patterns.md +115 -0
  122. package/plugins/devflow-core-skills/skills/git-workflow/references/commit-violations.md +77 -0
  123. package/plugins/devflow-core-skills/skills/git-workflow/references/pr-patterns.md +127 -0
  124. package/plugins/devflow-core-skills/skills/git-workflow/references/pr-violations.md +96 -0
  125. package/plugins/devflow-core-skills/skills/github-patterns/SKILL.md +153 -0
  126. package/plugins/devflow-core-skills/skills/github-patterns/references/patterns.md +572 -0
  127. package/plugins/devflow-core-skills/skills/github-patterns/references/violations.md +298 -0
  128. package/plugins/devflow-core-skills/skills/input-validation/SKILL.md +148 -0
  129. package/plugins/devflow-core-skills/skills/input-validation/references/detection.md +283 -0
  130. package/plugins/devflow-core-skills/skills/input-validation/references/patterns.md +361 -0
  131. package/plugins/devflow-core-skills/skills/input-validation/references/violations.md +224 -0
  132. package/plugins/devflow-core-skills/skills/react/SKILL.md +276 -0
  133. package/plugins/devflow-core-skills/skills/react/references/patterns.md +1331 -0
  134. package/plugins/devflow-core-skills/skills/react/references/violations.md +565 -0
  135. package/plugins/devflow-core-skills/skills/test-patterns/SKILL.md +183 -0
  136. package/plugins/devflow-core-skills/skills/test-patterns/references/detection.md +149 -0
  137. package/plugins/devflow-core-skills/skills/test-patterns/references/patterns.md +220 -0
  138. package/plugins/devflow-core-skills/skills/test-patterns/references/report-template.md +108 -0
  139. package/plugins/devflow-core-skills/skills/test-patterns/references/violations.md +221 -0
  140. package/plugins/devflow-core-skills/skills/typescript/SKILL.md +176 -0
  141. package/plugins/devflow-core-skills/skills/typescript/references/patterns.md +1105 -0
  142. package/plugins/devflow-core-skills/skills/typescript/references/violations.md +433 -0
  143. package/plugins/devflow-debug/.claude-plugin/plugin.json +18 -0
  144. package/plugins/devflow-debug/README.md +65 -0
  145. package/plugins/devflow-debug/agents/git.md +272 -0
  146. package/plugins/devflow-debug/commands/debug-teams.md +231 -0
  147. package/plugins/devflow-debug/commands/debug.md +160 -0
  148. package/plugins/devflow-debug/skills/agent-teams/SKILL.md +124 -0
  149. package/plugins/devflow-debug/skills/agent-teams/references/cleanup.md +104 -0
  150. package/plugins/devflow-debug/skills/agent-teams/references/communication.md +122 -0
  151. package/plugins/devflow-debug/skills/agent-teams/references/team-patterns.md +217 -0
  152. package/plugins/devflow-debug/skills/git-safety/SKILL.md +122 -0
  153. package/plugins/devflow-debug/skills/git-safety/references/detection.md +290 -0
  154. package/plugins/devflow-debug/skills/git-safety/references/patterns.md +289 -0
  155. package/plugins/devflow-debug/skills/git-safety/references/violations.md +18 -0
  156. package/plugins/devflow-implement/.claude-plugin/plugin.json +21 -0
  157. package/plugins/devflow-implement/README.md +71 -0
  158. package/plugins/devflow-implement/agents/coder.md +122 -0
  159. package/plugins/devflow-implement/agents/git.md +272 -0
  160. package/plugins/devflow-implement/agents/scrutinizer.md +80 -0
  161. package/plugins/devflow-implement/agents/shepherd.md +94 -0
  162. package/plugins/devflow-implement/agents/simplifier.md +62 -0
  163. package/plugins/devflow-implement/agents/skimmer.md +88 -0
  164. package/plugins/devflow-implement/agents/synthesizer.md +204 -0
  165. package/plugins/devflow-implement/agents/validator.md +86 -0
  166. package/plugins/devflow-implement/commands/implement-teams.md +608 -0
  167. package/plugins/devflow-implement/commands/implement.md +426 -0
  168. package/plugins/devflow-implement/skills/accessibility/SKILL.md +229 -0
  169. package/plugins/devflow-implement/skills/accessibility/references/detection.md +171 -0
  170. package/plugins/devflow-implement/skills/accessibility/references/patterns.md +670 -0
  171. package/plugins/devflow-implement/skills/accessibility/references/violations.md +419 -0
  172. package/plugins/devflow-implement/skills/agent-teams/SKILL.md +124 -0
  173. package/plugins/devflow-implement/skills/agent-teams/references/cleanup.md +104 -0
  174. package/plugins/devflow-implement/skills/agent-teams/references/communication.md +122 -0
  175. package/plugins/devflow-implement/skills/agent-teams/references/team-patterns.md +217 -0
  176. package/plugins/devflow-implement/skills/frontend-design/SKILL.md +254 -0
  177. package/plugins/devflow-implement/skills/frontend-design/references/detection.md +184 -0
  178. package/plugins/devflow-implement/skills/frontend-design/references/patterns.md +511 -0
  179. package/plugins/devflow-implement/skills/frontend-design/references/violations.md +453 -0
  180. package/plugins/devflow-implement/skills/implementation-patterns/SKILL.md +162 -0
  181. package/plugins/devflow-implement/skills/implementation-patterns/references/patterns.md +1063 -0
  182. package/plugins/devflow-implement/skills/implementation-patterns/references/violations.md +483 -0
  183. package/plugins/devflow-implement/skills/self-review/SKILL.md +149 -0
  184. package/plugins/devflow-implement/skills/self-review/references/patterns.md +405 -0
  185. package/plugins/devflow-implement/skills/self-review/references/report-template.md +253 -0
  186. package/plugins/devflow-implement/skills/self-review/references/violations.md +308 -0
  187. package/plugins/devflow-resolve/.claude-plugin/plugin.json +19 -0
  188. package/plugins/devflow-resolve/README.md +65 -0
  189. package/plugins/devflow-resolve/agents/git.md +272 -0
  190. package/plugins/devflow-resolve/agents/resolver.md +131 -0
  191. package/plugins/devflow-resolve/agents/simplifier.md +62 -0
  192. package/plugins/devflow-resolve/commands/resolve-teams.md +298 -0
  193. package/plugins/devflow-resolve/commands/resolve.md +237 -0
  194. package/plugins/devflow-resolve/skills/agent-teams/SKILL.md +124 -0
  195. package/plugins/devflow-resolve/skills/agent-teams/references/cleanup.md +104 -0
  196. package/plugins/devflow-resolve/skills/agent-teams/references/communication.md +122 -0
  197. package/plugins/devflow-resolve/skills/agent-teams/references/team-patterns.md +217 -0
  198. package/plugins/devflow-resolve/skills/implementation-patterns/SKILL.md +162 -0
  199. package/plugins/devflow-resolve/skills/implementation-patterns/references/patterns.md +1063 -0
  200. package/plugins/devflow-resolve/skills/implementation-patterns/references/violations.md +483 -0
  201. package/plugins/devflow-resolve/skills/security-patterns/SKILL.md +156 -0
  202. package/plugins/devflow-resolve/skills/security-patterns/references/detection.md +287 -0
  203. package/plugins/devflow-resolve/skills/security-patterns/references/patterns.md +507 -0
  204. package/plugins/devflow-resolve/skills/security-patterns/references/violations.md +237 -0
  205. package/plugins/devflow-self-review/.claude-plugin/plugin.json +7 -0
  206. package/plugins/devflow-self-review/README.md +38 -0
  207. package/plugins/devflow-self-review/agents/scrutinizer.md +80 -0
  208. package/plugins/devflow-self-review/agents/simplifier.md +62 -0
  209. package/plugins/devflow-self-review/agents/validator.md +86 -0
  210. package/plugins/devflow-self-review/commands/self-review.md +126 -0
  211. package/plugins/devflow-self-review/skills/core-patterns/SKILL.md +162 -0
  212. package/plugins/devflow-self-review/skills/core-patterns/references/checklist.md +276 -0
  213. package/plugins/devflow-self-review/skills/core-patterns/references/code-smell-violations.md +144 -0
  214. package/plugins/devflow-self-review/skills/core-patterns/references/detection.md +303 -0
  215. package/plugins/devflow-self-review/skills/core-patterns/references/patterns.md +576 -0
  216. package/plugins/devflow-self-review/skills/core-patterns/references/violations.md +369 -0
  217. package/plugins/devflow-self-review/skills/self-review/SKILL.md +149 -0
  218. package/plugins/devflow-self-review/skills/self-review/references/patterns.md +405 -0
  219. package/plugins/devflow-self-review/skills/self-review/references/report-template.md +253 -0
  220. package/plugins/devflow-self-review/skills/self-review/references/violations.md +308 -0
  221. package/plugins/devflow-specify/.claude-plugin/plugin.json +15 -0
  222. package/plugins/devflow-specify/README.md +46 -0
  223. package/plugins/devflow-specify/agents/skimmer.md +88 -0
  224. package/plugins/devflow-specify/agents/synthesizer.md +204 -0
  225. package/plugins/devflow-specify/commands/specify-teams.md +314 -0
  226. package/plugins/devflow-specify/commands/specify.md +179 -0
  227. package/plugins/devflow-specify/skills/agent-teams/SKILL.md +124 -0
  228. package/plugins/devflow-specify/skills/agent-teams/references/cleanup.md +104 -0
  229. package/plugins/devflow-specify/skills/agent-teams/references/communication.md +122 -0
  230. package/plugins/devflow-specify/skills/agent-teams/references/team-patterns.md +217 -0
  231. package/scripts/hooks/background-memory-update.sh +167 -0
  232. package/scripts/hooks/pre-compact-memory.sh +81 -0
  233. package/scripts/hooks/session-start-memory.sh +84 -0
  234. package/scripts/hooks/stop-update-memory.sh +81 -0
  235. package/shared/agents/coder.md +122 -0
  236. package/shared/agents/git.md +272 -0
  237. package/shared/agents/resolver.md +131 -0
  238. package/shared/agents/reviewer.md +119 -0
  239. package/shared/agents/scrutinizer.md +80 -0
  240. package/shared/agents/shepherd.md +94 -0
  241. package/shared/agents/simplifier.md +62 -0
  242. package/shared/agents/skimmer.md +88 -0
  243. package/shared/agents/synthesizer.md +204 -0
  244. package/shared/agents/validator.md +86 -0
  245. package/shared/skills/accessibility/SKILL.md +229 -0
  246. package/shared/skills/accessibility/references/detection.md +171 -0
  247. package/shared/skills/accessibility/references/patterns.md +670 -0
  248. package/shared/skills/accessibility/references/violations.md +419 -0
  249. package/shared/skills/agent-teams/SKILL.md +124 -0
  250. package/shared/skills/agent-teams/references/cleanup.md +104 -0
  251. package/shared/skills/agent-teams/references/communication.md +122 -0
  252. package/shared/skills/agent-teams/references/team-patterns.md +217 -0
  253. package/shared/skills/architecture-patterns/SKILL.md +153 -0
  254. package/shared/skills/architecture-patterns/references/detection.md +337 -0
  255. package/shared/skills/architecture-patterns/references/patterns.md +873 -0
  256. package/shared/skills/architecture-patterns/references/violations.md +575 -0
  257. package/shared/skills/complexity-patterns/SKILL.md +143 -0
  258. package/shared/skills/complexity-patterns/references/detection.md +264 -0
  259. package/shared/skills/complexity-patterns/references/patterns.md +487 -0
  260. package/shared/skills/complexity-patterns/references/violations.md +361 -0
  261. package/shared/skills/consistency-patterns/SKILL.md +140 -0
  262. package/shared/skills/consistency-patterns/references/detection.md +207 -0
  263. package/shared/skills/consistency-patterns/references/patterns.md +202 -0
  264. package/shared/skills/consistency-patterns/references/violations.md +213 -0
  265. package/shared/skills/core-patterns/SKILL.md +162 -0
  266. package/shared/skills/core-patterns/references/checklist.md +276 -0
  267. package/shared/skills/core-patterns/references/code-smell-violations.md +144 -0
  268. package/shared/skills/core-patterns/references/detection.md +303 -0
  269. package/shared/skills/core-patterns/references/patterns.md +576 -0
  270. package/shared/skills/core-patterns/references/violations.md +369 -0
  271. package/shared/skills/database-patterns/SKILL.md +134 -0
  272. package/shared/skills/database-patterns/references/detection.md +208 -0
  273. package/shared/skills/database-patterns/references/patterns.md +394 -0
  274. package/shared/skills/database-patterns/references/violations.md +332 -0
  275. package/shared/skills/dependencies-patterns/SKILL.md +141 -0
  276. package/shared/skills/dependencies-patterns/references/detection.md +181 -0
  277. package/shared/skills/dependencies-patterns/references/patterns.md +225 -0
  278. package/shared/skills/dependencies-patterns/references/violations.md +247 -0
  279. package/shared/skills/docs-framework/SKILL.md +134 -0
  280. package/shared/skills/docs-framework/references/patterns.md +346 -0
  281. package/shared/skills/docs-framework/references/violations.md +221 -0
  282. package/shared/skills/documentation-patterns/SKILL.md +125 -0
  283. package/shared/skills/documentation-patterns/references/detection.md +190 -0
  284. package/shared/skills/documentation-patterns/references/patterns.md +189 -0
  285. package/shared/skills/documentation-patterns/references/violations.md +163 -0
  286. package/shared/skills/frontend-design/SKILL.md +254 -0
  287. package/shared/skills/frontend-design/references/detection.md +184 -0
  288. package/shared/skills/frontend-design/references/patterns.md +511 -0
  289. package/shared/skills/frontend-design/references/violations.md +453 -0
  290. package/shared/skills/git-safety/SKILL.md +122 -0
  291. package/shared/skills/git-safety/references/detection.md +290 -0
  292. package/shared/skills/git-safety/references/patterns.md +289 -0
  293. package/shared/skills/git-safety/references/violations.md +18 -0
  294. package/shared/skills/git-workflow/SKILL.md +158 -0
  295. package/shared/skills/git-workflow/references/commit-patterns.md +115 -0
  296. package/shared/skills/git-workflow/references/commit-violations.md +77 -0
  297. package/shared/skills/git-workflow/references/pr-patterns.md +127 -0
  298. package/shared/skills/git-workflow/references/pr-violations.md +96 -0
  299. package/shared/skills/github-patterns/SKILL.md +153 -0
  300. package/shared/skills/github-patterns/references/patterns.md +572 -0
  301. package/shared/skills/github-patterns/references/violations.md +298 -0
  302. package/shared/skills/implementation-patterns/SKILL.md +162 -0
  303. package/shared/skills/implementation-patterns/references/patterns.md +1063 -0
  304. package/shared/skills/implementation-patterns/references/violations.md +483 -0
  305. package/shared/skills/input-validation/SKILL.md +148 -0
  306. package/shared/skills/input-validation/references/detection.md +283 -0
  307. package/shared/skills/input-validation/references/patterns.md +361 -0
  308. package/shared/skills/input-validation/references/violations.md +224 -0
  309. package/shared/skills/performance-patterns/SKILL.md +154 -0
  310. package/shared/skills/performance-patterns/references/detection.md +351 -0
  311. package/shared/skills/performance-patterns/references/patterns.md +503 -0
  312. package/shared/skills/performance-patterns/references/violations.md +354 -0
  313. package/shared/skills/react/SKILL.md +276 -0
  314. package/shared/skills/react/references/patterns.md +1331 -0
  315. package/shared/skills/react/references/violations.md +565 -0
  316. package/shared/skills/regression-patterns/SKILL.md +146 -0
  317. package/shared/skills/regression-patterns/references/detection.md +237 -0
  318. package/shared/skills/regression-patterns/references/patterns.md +226 -0
  319. package/shared/skills/regression-patterns/references/violations.md +225 -0
  320. package/shared/skills/review-methodology/SKILL.md +119 -0
  321. package/shared/skills/review-methodology/references/patterns.md +186 -0
  322. package/shared/skills/review-methodology/references/report-template.md +142 -0
  323. package/shared/skills/review-methodology/references/violations.md +125 -0
  324. package/shared/skills/security-patterns/SKILL.md +156 -0
  325. package/shared/skills/security-patterns/references/detection.md +287 -0
  326. package/shared/skills/security-patterns/references/patterns.md +507 -0
  327. package/shared/skills/security-patterns/references/violations.md +237 -0
  328. package/shared/skills/self-review/SKILL.md +149 -0
  329. package/shared/skills/self-review/references/patterns.md +405 -0
  330. package/shared/skills/self-review/references/report-template.md +253 -0
  331. package/shared/skills/self-review/references/violations.md +308 -0
  332. package/shared/skills/test-patterns/SKILL.md +183 -0
  333. package/shared/skills/test-patterns/references/detection.md +149 -0
  334. package/shared/skills/test-patterns/references/patterns.md +220 -0
  335. package/shared/skills/test-patterns/references/report-template.md +108 -0
  336. package/shared/skills/test-patterns/references/violations.md +221 -0
  337. package/shared/skills/typescript/SKILL.md +176 -0
  338. package/shared/skills/typescript/references/patterns.md +1105 -0
  339. package/shared/skills/typescript/references/violations.md +433 -0
  340. package/src/templates/claudeignore.template +188 -0
  341. package/src/templates/managed-settings.json +146 -0
  342. package/src/templates/settings.json +59 -0
  343. package/dist/cli.d.ts.map +0 -1
  344. package/dist/cli.js.map +0 -1
  345. package/dist/commands/init.d.ts.map +0 -1
  346. package/dist/commands/init.js.map +0 -1
  347. package/dist/commands/uninstall.d.ts.map +0 -1
  348. package/dist/commands/uninstall.js.map +0 -1
  349. package/dist/utils/git.d.ts.map +0 -1
  350. package/dist/utils/git.js.map +0 -1
  351. package/dist/utils/paths.d.ts.map +0 -1
  352. package/dist/utils/paths.js.map +0 -1
  353. package/src/claude/CLAUDE.md +0 -400
  354. package/src/claude/agents/devflow/audit-architecture.md +0 -132
  355. package/src/claude/agents/devflow/audit-complexity.md +0 -132
  356. package/src/claude/agents/devflow/audit-database.md +0 -132
  357. package/src/claude/agents/devflow/audit-dependencies.md +0 -132
  358. package/src/claude/agents/devflow/audit-documentation.md +0 -132
  359. package/src/claude/agents/devflow/audit-performance.md +0 -256
  360. package/src/claude/agents/devflow/audit-security.md +0 -259
  361. package/src/claude/agents/devflow/audit-tests.md +0 -132
  362. package/src/claude/agents/devflow/audit-typescript.md +0 -132
  363. package/src/claude/agents/devflow/brainstorm.md +0 -279
  364. package/src/claude/agents/devflow/catch-up.md +0 -345
  365. package/src/claude/agents/devflow/code-review.md +0 -307
  366. package/src/claude/agents/devflow/commit.md +0 -380
  367. package/src/claude/agents/devflow/debug.md +0 -476
  368. package/src/claude/agents/devflow/design.md +0 -491
  369. package/src/claude/agents/devflow/pr-comments.md +0 -285
  370. package/src/claude/agents/devflow/project-state.md +0 -419
  371. package/src/claude/agents/devflow/pull-request.md +0 -423
  372. package/src/claude/agents/devflow/release.md +0 -1137
  373. package/src/claude/agents/devflow/tech-debt.md +0 -338
  374. package/src/claude/commands/devflow/brainstorm.md +0 -68
  375. package/src/claude/commands/devflow/breakdown.md +0 -125
  376. package/src/claude/commands/devflow/catch-up.md +0 -29
  377. package/src/claude/commands/devflow/code-review.md +0 -237
  378. package/src/claude/commands/devflow/commit.md +0 -17
  379. package/src/claude/commands/devflow/debug.md +0 -56
  380. package/src/claude/commands/devflow/design.md +0 -82
  381. package/src/claude/commands/devflow/devlog.md +0 -408
  382. package/src/claude/commands/devflow/implement.md +0 -100
  383. package/src/claude/commands/devflow/plan.md +0 -223
  384. package/src/claude/commands/devflow/pull-request.md +0 -269
  385. package/src/claude/commands/devflow/release.md +0 -251
  386. package/src/claude/commands/devflow/resolve-comments.md +0 -583
  387. package/src/claude/scripts/statusline.sh +0 -47
  388. package/src/claude/settings.json +0 -6
  389. package/src/claude/skills/devflow/code-smell/SKILL.md +0 -428
  390. package/src/claude/skills/devflow/debug/SKILL.md +0 -119
  391. package/src/claude/skills/devflow/error-handling/SKILL.md +0 -597
  392. package/src/claude/skills/devflow/input-validation/SKILL.md +0 -514
  393. package/src/claude/skills/devflow/pattern-check/SKILL.md +0 -238
  394. package/src/claude/skills/devflow/research/SKILL.md +0 -138
  395. package/src/claude/skills/devflow/test-design/SKILL.md +0 -384
package/shared/skills/input-validation/references/violations.md ADDED
@@ -0,0 +1,224 @@
1
+ # Input Validation Violations
2
+
3
+ Extended examples of validation violations to detect and fix.
4
+
5
+ ## Manual Validation Anti-Pattern
6
+
7
+ ```typescript
8
+ // VIOLATION: Manual validation scatters checks
9
+ function createUser(data: any): User {
10
+ if (!data.email || typeof data.email !== 'string') {
11
+ throw new Error('Invalid email');
12
+ }
13
+ if (!data.age || typeof data.age !== 'number' || data.age < 0) {
14
+ throw new Error('Invalid age');
15
+ }
16
+ if (!data.name || data.name.length > 100) {
17
+ throw new Error('Invalid name');
18
+ }
19
+ // ... more manual checks
20
+
21
+ return { email: data.email, age: data.age, name: data.name };
22
+ }
23
+ ```
24
+
25
+ **Problems**:
26
+ - Scattered validation logic
27
+ - Easy to miss edge cases
28
+ - No type inference
29
+ - Inconsistent error handling
30
+ - Hard to maintain
31
+
32
+ ---
33
+
34
+ ## Missing API Boundary Validation
35
+
36
+ ```typescript
37
+ // VIOLATION: No validation at API boundary
38
+ app.post('/api/users', async (req, res) => {
39
+ const user = await createUser(req.body); // Trusting external data!
40
+ res.json(user);
41
+ });
42
+ ```
43
+
44
+ **Security Risk**: HIGH - Injection attacks, data corruption possible
45
+
46
+ ---
47
+
48
+ ## Trusting External API Responses
49
+
50
+ ```typescript
51
+ // VIOLATION: Trusting external API response
52
+ async function fetchUserData(userId: string): Promise<UserData> {
53
+ const response = await fetch(`https://api.example.com/users/${userId}`);
54
+ const data = await response.json();
55
+ return data; // No validation!
56
+ }
57
+ ```
58
+
59
+ **Risk**: Application crash if API changes structure, type safety lost
60
+
61
+ ---
62
+
63
+ ## Unvalidated Environment Variables
64
+
65
+ ```typescript
66
+ // VIOLATION: Trusting environment variables
67
+ const config = {
68
+ port: process.env.PORT, // Could be undefined or invalid
69
+ dbUrl: process.env.DATABASE_URL, // No validation
70
+ apiKey: process.env.API_KEY // Could be empty or malformed
71
+ };
72
+ ```
73
+
74
+ **Risk**: Runtime crashes, security issues from malformed config
75
+
76
+ ---
77
+
78
+ ## SQL Injection Vulnerabilities
79
+
80
+ ```typescript
81
+ // VIOLATION: Direct string interpolation (SQL injection risk)
82
+ async function getUserByEmail(email: string): Promise<User> {
83
+ const query = `SELECT * FROM users WHERE email = '${email}'`;
84
+ return db.query(query);
85
+ }
86
+
87
+ // VIOLATION: No input validation before query
88
+ async function searchUsers(searchTerm: string): Promise<User[]> {
89
+ return db.query('SELECT * FROM users WHERE name LIKE $1', [`%${searchTerm}%`]);
90
+ }
91
+ ```
92
+
93
+ **Security Risk**: CRITICAL - SQL injection allows data theft, modification, deletion
94
+
95
+ ---
96
+
97
+ ## File Upload Without Validation
98
+
99
+ ```typescript
100
+ // VIOLATION: Accepting any file upload
101
+ app.post('/upload', async (req, res) => {
102
+ const file = req.files.document;
103
+ await file.mv(`./uploads/${file.name}`); // No validation!
104
+ res.send('Uploaded');
105
+ });
106
+ ```
107
+
108
+ **Risks**:
109
+ - Arbitrary file execution
110
+ - Path traversal attacks
111
+ - Storage exhaustion
112
+ - Malware upload
113
+
114
+ ---
115
+
116
+ ## URL Parameter Injection
117
+
118
+ ```typescript
119
+ // VIOLATION: Unvalidated path parameters
120
+ app.get('/users/:id', async (req, res) => {
121
+ const user = await db.users.findById(req.params.id); // No validation!
122
+ res.json(user);
123
+ });
124
+
125
+ // VIOLATION: Unvalidated query parameters
126
+ app.get('/search', async (req, res) => {
127
+ const results = await db.search(req.query.q); // No validation!
128
+ res.json(results);
129
+ });
130
+ ```
131
+
132
+ **Risks**: NoSQL injection, type coercion attacks, DoS via crafted input
133
+
134
+ ---
135
+
136
+ ## Header-Based Logic Without Validation
137
+
138
+ ```typescript
139
+ // VIOLATION: Trusting request headers
140
+ app.use((req, res, next) => {
141
+ const userId = req.headers['x-user-id'];
142
+ req.userId = userId; // No validation!
143
+ next();
144
+ });
145
+
146
+ // VIOLATION: Trusting JWT without proper validation
147
+ app.use((req, res, next) => {
148
+ const token = req.headers.authorization?.split(' ')[1];
149
+ const decoded = jwt.decode(token); // decode != verify!
150
+ req.user = decoded;
151
+ next();
152
+ });
153
+ ```
154
+
155
+ **Risks**: Authentication bypass, privilege escalation
156
+
157
+ ---
158
+
159
+ ## Webhook Payload Vulnerabilities
160
+
161
+ ```typescript
162
+ // VIOLATION: Trusting webhook payloads
163
+ app.post('/webhook', async (req, res) => {
164
+ const event = req.body;
165
+ await processPaymentEvent(event); // No signature verification!
166
+ res.sendStatus(200);
167
+ });
168
+ ```
169
+
170
+ **Risks**: Spoofed events, unauthorized actions, data manipulation
171
+
172
+ ---
173
+
174
+ ## GraphQL Input Vulnerabilities
175
+
176
+ ```typescript
177
+ // VIOLATION: No depth/complexity limits
178
+ const schema = buildSchema(`
179
+ type Query {
180
+ users(filter: UserFilter): [User]
181
+ }
182
+ `);
183
+
184
+ // No validation on nested input
185
+ resolvers.Query.users = (_, { filter }) => {
186
+ return db.users.find(filter); // filter passed directly to DB!
187
+ };
188
+ ```
189
+
190
+ **Risks**: Query complexity attacks, injection through nested objects
191
+
192
+ ---
193
+
194
+ ## Form Data Without Sanitization
195
+
196
+ ```typescript
197
+ // VIOLATION: Rendering user input without sanitization
198
+ app.post('/profile', async (req, res) => {
199
+ const bio = req.body.bio;
200
+ await db.users.update({ bio }); // Stored XSS!
201
+ res.send(`Profile updated: ${bio}`); // Reflected XSS!
202
+ });
203
+ ```
204
+
205
+ **Risks**: Cross-site scripting (XSS), stored attacks
206
+
207
+ ---
208
+
209
+ ## Detection Patterns
210
+
211
+ When reviewing code, look for these red flags:
212
+
213
+ | Pattern | Risk Level |
214
+ |---------|------------|
215
+ | `req.body` without schema validation | HIGH |
216
+ | `req.params` used directly | MEDIUM |
217
+ | `req.query` used directly | MEDIUM |
218
+ | `process.env` without validation | MEDIUM |
219
+ | String interpolation in SQL | CRITICAL |
220
+ | `JSON.parse` without schema | HIGH |
221
+ | `eval()` or `Function()` with user input | CRITICAL |
222
+ | File operations with user-provided paths | CRITICAL |
223
+ | `jwt.decode` instead of `jwt.verify` | CRITICAL |
224
+ | Missing webhook signature verification | HIGH |
package/shared/skills/performance-patterns/SKILL.md ADDED
@@ -0,0 +1,154 @@
1
+ ---
2
+ name: performance-patterns
3
+ description: Performance analysis patterns for code review. Detects N+1 queries, memory leaks, unbounded allocations, I/O bottlenecks, and missing caching opportunities. Loaded by Reviewer agent when focus=performance.
4
+ user-invocable: false
5
+ allowed-tools: Read, Grep, Glob
6
+ ---
7
+
8
+ # Performance Patterns
9
+
10
+ Domain expertise for performance optimization and bottleneck detection. Use alongside `review-methodology` for complete performance reviews.
11
+
12
+ ## Iron Law
13
+
14
+ > **MEASURE BEFORE OPTIMIZING**
15
+ >
16
+ > Premature optimization is the root of all evil. Profile first, then optimize. Every
17
+ > performance claim requires benchmarks. "It feels slow" is not a metric. O(n) with small n
18
+ > beats O(1) with huge constants. Optimize for the real bottleneck, not the imagined one.
19
+
20
+ ---
21
+
22
+ ## Performance Categories
23
+
24
+ ### 1. Algorithmic Issues
25
+
26
+ **N+1 Query Problem** - Database query inside a loop.
27
+
28
+ ```typescript
29
+ // VIOLATION: 1 + N queries
30
+ for (const user of users) {
31
+ user.orders = await db.orders.findByUserId(user.id);
32
+ }
33
+
34
+ // CORRECT: Batch query with Map lookup
35
+ const orders = await db.orders.findAll({ where: { userId: userIds } });
36
+ const ordersByUser = new Map(groupBy(orders, 'userId'));
37
+ users.forEach(u => u.orders = ordersByUser.get(u.id) || []);
38
+ ```
39
+
40
+ **O(n^2) Patterns** - Nested loops or linear search in loop.
41
+
42
+ ```typescript
43
+ // VIOLATION: includes() is O(n), called n times
44
+ items.filter(item => selected.includes(item.id));
45
+
46
+ // CORRECT: Use Set for O(1) lookup
47
+ const selectedSet = new Set(selected);
48
+ items.filter(item => selectedSet.has(item.id));
49
+ ```
50
+
51
+ ### 2. Memory Issues
52
+
53
+ **Memory Leaks** - Resources not cleaned up.
54
+
55
+ ```typescript
56
+ // VIOLATION: Listener never removed
57
+ window.addEventListener('resize', this.handleResize);
58
+
59
+ // CORRECT: Track and cleanup
60
+ this.cleanup = () => window.removeEventListener('resize', this.handleResize);
61
+ ```
62
+
63
+ **Unbounded Caches** - Collections that grow forever.
64
+
65
+ ```typescript
66
+ // VIOLATION: Cache grows indefinitely
67
+ const cache = new Map<string, Result>();
68
+
69
+ // CORRECT: LRU cache with limit
70
+ const cache = new LRU<string, Result>({ max: 1000 });
71
+ ```
72
+
73
+ ### 3. I/O Issues
74
+
75
+ **Blocking Operations** - Synchronous I/O in request path.
76
+
77
+ ```typescript
78
+ // VIOLATION: Blocks event loop
79
+ const config = fs.readFileSync('./config.json');
80
+
81
+ // CORRECT: Async I/O
82
+ const config = await fs.promises.readFile('./config.json');
83
+ ```
84
+
85
+ **Sequential When Parallel Possible** - Independent operations run serially.
86
+
87
+ ```typescript
88
+ // VIOLATION: Sequential execution
89
+ const user = await getUser(id);
90
+ const orders = await getOrders(id);
91
+
92
+ // CORRECT: Parallel execution
93
+ const [user, orders] = await Promise.all([getUser(id), getOrders(id)]);
94
+ ```
95
+
96
+ ### 4. Database Issues
97
+
98
+ Missing indexes, SELECT *, missing pagination. See `references/violations.md`.
99
+
100
+ ### 5. Frontend Issues
101
+
102
+ Unnecessary re-renders, missing virtualization, missing code splitting. See `references/violations.md`.
103
+
104
+ ---
105
+
106
+ ## Extended References
107
+
108
+ For comprehensive examples and detection techniques:
109
+
110
+ | Reference | Content |
111
+ |-----------|---------|
112
+ | `references/violations.md` | Extended violation examples by category |
113
+ | `references/patterns.md` | Correct implementation patterns |
114
+ | `references/detection.md` | Grep commands, profiling, CI integration |
115
+
116
+ ---
117
+
118
+ ## Severity Guidelines
119
+
120
+ | Severity | Criteria | Examples |
121
+ |----------|----------|----------|
122
+ | **CRITICAL** | Severe degradation, production risk | N+1 with unbounded data, memory leaks, blocking I/O in handlers |
123
+ | **HIGH** | Significant impact | Sequential async, SELECT *, unbounded caches, missing pagination |
124
+ | **MEDIUM** | Moderate concern | Suboptimal algorithm (small data), missing memoization |
125
+ | **LOW** | Minor opportunity | Micro-optimizations, premature optimization candidates |
126
+
127
+ ---
128
+
129
+ ## Performance Metrics Reference
130
+
131
+ | Operation | Good | Warning | Critical |
132
+ |-----------|------|---------|----------|
133
+ | API response | < 100ms | 100-500ms | > 500ms |
134
+ | Database query | < 10ms | 10-100ms | > 100ms |
135
+ | Page load (FCP) | < 1s | 1-2.5s | > 2.5s |
136
+ | Memory per request | < 10MB | 10-50MB | > 50MB |
137
+ | Bundle size | < 200KB | 200-500KB | > 500KB |
138
+
139
+ ---
140
+
141
+ ## Quick Detection
142
+
143
+ ```bash
144
+ # N+1 patterns (await in loop)
145
+ grep -rn "for.*await\|\.forEach.*async" --include="*.ts"
146
+
147
+ # Synchronous I/O
148
+ grep -rn "readFileSync\|writeFileSync" --include="*.ts"
149
+
150
+ # SELECT *
151
+ grep -rn "SELECT \*" --include="*.ts" --include="*.sql"
152
+ ```
153
+
154
+ See `references/detection.md` for comprehensive detection patterns.