mcp-ai-agent-guidelines 0.7.2 → 0.7.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (253) hide show
  1. package/README.md +236 -9
  2. package/dist/index.js +487 -5
  3. package/dist/index.js.map +1 -1
  4. package/dist/prompts/index.d.ts +18 -0
  5. package/dist/prompts/index.d.ts.map +1 -1
  6. package/dist/prompts/index.js +127 -492
  7. package/dist/prompts/index.js.map +1 -1
  8. package/dist/resources/structured.d.ts.map +1 -1
  9. package/dist/resources/structured.js +410 -0
  10. package/dist/resources/structured.js.map +1 -1
  11. package/dist/schemas/flow-tool-schemas.d.ts +167 -0
  12. package/dist/schemas/flow-tool-schemas.d.ts.map +1 -0
  13. package/dist/schemas/flow-tool-schemas.js +149 -0
  14. package/dist/schemas/flow-tool-schemas.js.map +1 -0
  15. package/dist/tools/bridge/index.d.ts +83 -0
  16. package/dist/tools/bridge/index.d.ts.map +1 -0
  17. package/dist/tools/bridge/index.js +85 -0
  18. package/dist/tools/bridge/index.js.map +1 -0
  19. package/dist/tools/bridge/project-onboarding-bridge.d.ts +54 -0
  20. package/dist/tools/bridge/project-onboarding-bridge.d.ts.map +1 -0
  21. package/dist/tools/bridge/project-onboarding-bridge.js +220 -0
  22. package/dist/tools/bridge/project-onboarding-bridge.js.map +1 -0
  23. package/dist/tools/bridge/semantic-analyzer-bridge.d.ts +47 -0
  24. package/dist/tools/bridge/semantic-analyzer-bridge.d.ts.map +1 -0
  25. package/dist/tools/bridge/semantic-analyzer-bridge.js +174 -0
  26. package/dist/tools/bridge/semantic-analyzer-bridge.js.map +1 -0
  27. package/dist/tools/clean-code-scorer.d.ts +7 -0
  28. package/dist/tools/clean-code-scorer.d.ts.map +1 -0
  29. package/dist/tools/clean-code-scorer.js +359 -0
  30. package/dist/tools/clean-code-scorer.js.map +1 -0
  31. package/dist/tools/code-hygiene-analyzer.js +181 -9
  32. package/dist/tools/code-hygiene-analyzer.js.map +1 -1
  33. package/dist/tools/config/guidelines-config.d.ts +2 -14
  34. package/dist/tools/config/guidelines-config.d.ts.map +1 -1
  35. package/dist/tools/config/guidelines-config.js +45 -6
  36. package/dist/tools/config/guidelines-config.js.map +1 -1
  37. package/dist/tools/config/model-config.d.ts +2 -23
  38. package/dist/tools/config/model-config.d.ts.map +1 -1
  39. package/dist/tools/config/model-config.js.map +1 -1
  40. package/dist/tools/config/types/guidelines.types.d.ts +15 -0
  41. package/dist/tools/config/types/guidelines.types.d.ts.map +1 -0
  42. package/dist/tools/config/types/guidelines.types.js +3 -0
  43. package/dist/tools/config/types/guidelines.types.js.map +1 -0
  44. package/dist/tools/config/types/index.d.ts +3 -0
  45. package/dist/tools/config/types/index.d.ts.map +1 -0
  46. package/dist/tools/config/types/index.js +3 -0
  47. package/dist/tools/config/types/index.js.map +1 -0
  48. package/dist/tools/config/types/model.types.d.ts +24 -0
  49. package/dist/tools/config/types/model.types.d.ts.map +1 -0
  50. package/dist/tools/config/types/model.types.js +3 -0
  51. package/dist/tools/config/types/model.types.js.map +1 -0
  52. package/dist/tools/design/adr-generator.d.ts +1 -1
  53. package/dist/tools/design/adr-generator.d.ts.map +1 -1
  54. package/dist/tools/design/adr-generator.js +5 -1
  55. package/dist/tools/design/adr-generator.js.map +1 -1
  56. package/dist/tools/design/confirmation-module.d.ts +1 -1
  57. package/dist/tools/design/confirmation-module.d.ts.map +1 -1
  58. package/dist/tools/design/confirmation-module.js +2 -0
  59. package/dist/tools/design/confirmation-module.js.map +1 -1
  60. package/dist/tools/design/confirmation-prompt-builder.d.ts +1 -1
  61. package/dist/tools/design/confirmation-prompt-builder.d.ts.map +1 -1
  62. package/dist/tools/design/confirmation-prompt-builder.js +5 -1
  63. package/dist/tools/design/confirmation-prompt-builder.js.map +1 -1
  64. package/dist/tools/design/constraint-consistency-enforcer.d.ts +1 -1
  65. package/dist/tools/design/constraint-consistency-enforcer.d.ts.map +1 -1
  66. package/dist/tools/design/constraint-consistency-enforcer.js +6 -1
  67. package/dist/tools/design/constraint-consistency-enforcer.js.map +1 -1
  68. package/dist/tools/design/constraint-manager.d.ts +9 -9
  69. package/dist/tools/design/constraint-manager.d.ts.map +1 -1
  70. package/dist/tools/design/coverage-enforcer.d.ts +1 -1
  71. package/dist/tools/design/coverage-enforcer.d.ts.map +1 -1
  72. package/dist/tools/design/cross-session-consistency-enforcer.d.ts +1 -1
  73. package/dist/tools/design/cross-session-consistency-enforcer.d.ts.map +1 -1
  74. package/dist/tools/design/design-assistant.d.ts +1 -15
  75. package/dist/tools/design/design-assistant.d.ts.map +1 -1
  76. package/dist/tools/design/design-assistant.js +29 -853
  77. package/dist/tools/design/design-assistant.js.map +1 -1
  78. package/dist/tools/design/design-phase-workflow.d.ts +1 -1
  79. package/dist/tools/design/design-phase-workflow.d.ts.map +1 -1
  80. package/dist/tools/design/design-phase-workflow.js +15 -8
  81. package/dist/tools/design/design-phase-workflow.js.map +1 -1
  82. package/dist/tools/design/index.d.ts +1 -1
  83. package/dist/tools/design/index.d.ts.map +1 -1
  84. package/dist/tools/design/methodology-selector.d.ts +1 -1
  85. package/dist/tools/design/methodology-selector.d.ts.map +1 -1
  86. package/dist/tools/design/pivot-module.d.ts +1 -1
  87. package/dist/tools/design/pivot-module.d.ts.map +1 -1
  88. package/dist/tools/design/roadmap-generator.d.ts +1 -1
  89. package/dist/tools/design/roadmap-generator.d.ts.map +1 -1
  90. package/dist/tools/design/roadmap-generator.js.map +1 -1
  91. package/dist/tools/design/services/additional-operations.service.d.ts +23 -0
  92. package/dist/tools/design/services/additional-operations.service.d.ts.map +1 -0
  93. package/dist/tools/design/services/additional-operations.service.js +215 -0
  94. package/dist/tools/design/services/additional-operations.service.js.map +1 -0
  95. package/dist/tools/design/services/artifact-generation.service.d.ts +19 -0
  96. package/dist/tools/design/services/artifact-generation.service.d.ts.map +1 -0
  97. package/dist/tools/design/services/artifact-generation.service.js +171 -0
  98. package/dist/tools/design/services/artifact-generation.service.js.map +1 -0
  99. package/dist/tools/design/services/consistency.service.d.ts +24 -0
  100. package/dist/tools/design/services/consistency.service.d.ts.map +1 -0
  101. package/dist/tools/design/services/consistency.service.js +196 -0
  102. package/dist/tools/design/services/consistency.service.js.map +1 -0
  103. package/dist/tools/design/services/index.d.ts +7 -0
  104. package/dist/tools/design/services/index.d.ts.map +1 -0
  105. package/dist/tools/design/services/index.js +9 -0
  106. package/dist/tools/design/services/index.js.map +1 -0
  107. package/dist/tools/design/services/phase-management.service.d.ts +25 -0
  108. package/dist/tools/design/services/phase-management.service.d.ts.map +1 -0
  109. package/dist/tools/design/services/phase-management.service.js +133 -0
  110. package/dist/tools/design/services/phase-management.service.js.map +1 -0
  111. package/dist/tools/design/services/session-management.service.d.ts +23 -0
  112. package/dist/tools/design/services/session-management.service.d.ts.map +1 -0
  113. package/dist/tools/design/services/session-management.service.js +190 -0
  114. package/dist/tools/design/services/session-management.service.js.map +1 -0
  115. package/dist/tools/design/spec-generator.d.ts +1 -1
  116. package/dist/tools/design/spec-generator.d.ts.map +1 -1
  117. package/dist/tools/design/spec-generator.js +3 -3
  118. package/dist/tools/design/spec-generator.js.map +1 -1
  119. package/dist/tools/design/strategic-pivot-prompt-builder.d.ts +1 -1
  120. package/dist/tools/design/strategic-pivot-prompt-builder.d.ts.map +1 -1
  121. package/dist/tools/design/types/artifact.types.d.ts +16 -0
  122. package/dist/tools/design/types/artifact.types.d.ts.map +1 -0
  123. package/dist/tools/design/types/artifact.types.js +3 -0
  124. package/dist/tools/design/types/artifact.types.js.map +1 -0
  125. package/dist/tools/design/types/common.types.d.ts +8 -0
  126. package/dist/tools/design/types/common.types.d.ts.map +1 -0
  127. package/dist/tools/design/types/common.types.js +3 -0
  128. package/dist/tools/design/types/common.types.js.map +1 -0
  129. package/dist/tools/design/types/consistency.types.d.ts +130 -0
  130. package/dist/tools/design/types/consistency.types.d.ts.map +1 -0
  131. package/dist/tools/design/types/consistency.types.js +3 -0
  132. package/dist/tools/design/types/consistency.types.js.map +1 -0
  133. package/dist/tools/design/types/constraint.types.d.ts +53 -0
  134. package/dist/tools/design/types/constraint.types.d.ts.map +1 -0
  135. package/dist/tools/design/types/constraint.types.js +3 -0
  136. package/dist/tools/design/types/constraint.types.js.map +1 -0
  137. package/dist/tools/design/types/coverage.types.d.ts +59 -0
  138. package/dist/tools/design/types/coverage.types.d.ts.map +1 -0
  139. package/dist/tools/design/types/coverage.types.js +3 -0
  140. package/dist/tools/design/types/coverage.types.js.map +1 -0
  141. package/dist/tools/design/types/index.d.ts +9 -0
  142. package/dist/tools/design/types/index.d.ts.map +1 -0
  143. package/dist/tools/design/types/index.js +4 -0
  144. package/dist/tools/design/types/index.js.map +1 -0
  145. package/dist/tools/design/types/methodology.types.d.ts +53 -0
  146. package/dist/tools/design/types/methodology.types.d.ts.map +1 -0
  147. package/dist/tools/design/types/methodology.types.js +3 -0
  148. package/dist/tools/design/types/methodology.types.js.map +1 -0
  149. package/dist/tools/design/types/pivot.types.d.ts +56 -0
  150. package/dist/tools/design/types/pivot.types.d.ts.map +1 -0
  151. package/dist/tools/design/types/pivot.types.js +3 -0
  152. package/dist/tools/design/types/pivot.types.js.map +1 -0
  153. package/dist/tools/design/types/session.types.d.ts +50 -0
  154. package/dist/tools/design/types/session.types.d.ts.map +1 -0
  155. package/dist/tools/design/types/session.types.js +3 -0
  156. package/dist/tools/design/types/session.types.js.map +1 -0
  157. package/dist/tools/design/types.d.ts +18 -401
  158. package/dist/tools/design/types.d.ts.map +1 -1
  159. package/dist/tools/design/types.js +17 -1
  160. package/dist/tools/design/types.js.map +1 -1
  161. package/dist/tools/guidelines-validator.js +3 -3
  162. package/dist/tools/mermaid-diagram-generator.d.ts.map +1 -1
  163. package/dist/tools/mermaid-diagram-generator.js +712 -58
  164. package/dist/tools/mermaid-diagram-generator.js.map +1 -1
  165. package/dist/tools/mode-switcher.d.ts +21 -0
  166. package/dist/tools/mode-switcher.d.ts.map +1 -0
  167. package/dist/tools/mode-switcher.js +383 -0
  168. package/dist/tools/mode-switcher.js.map +1 -0
  169. package/dist/tools/project-onboarding.d.ts +7 -0
  170. package/dist/tools/project-onboarding.d.ts.map +1 -0
  171. package/dist/tools/project-onboarding.js +344 -0
  172. package/dist/tools/project-onboarding.js.map +1 -0
  173. package/dist/tools/prompt/architecture-design-prompt-builder.d.ts +7 -0
  174. package/dist/tools/prompt/architecture-design-prompt-builder.d.ts.map +1 -0
  175. package/dist/tools/prompt/architecture-design-prompt-builder.js +143 -0
  176. package/dist/tools/prompt/architecture-design-prompt-builder.js.map +1 -0
  177. package/dist/tools/prompt/code-analysis-prompt-builder.d.ts +7 -0
  178. package/dist/tools/prompt/code-analysis-prompt-builder.d.ts.map +1 -0
  179. package/dist/tools/prompt/code-analysis-prompt-builder.js +292 -0
  180. package/dist/tools/prompt/code-analysis-prompt-builder.js.map +1 -0
  181. package/dist/tools/prompt/debugging-assistant-prompt-builder.d.ts +7 -0
  182. package/dist/tools/prompt/debugging-assistant-prompt-builder.d.ts.map +1 -0
  183. package/dist/tools/prompt/debugging-assistant-prompt-builder.js +360 -0
  184. package/dist/tools/prompt/debugging-assistant-prompt-builder.js.map +1 -0
  185. package/dist/tools/prompt/documentation-generator-prompt-builder.d.ts +7 -0
  186. package/dist/tools/prompt/documentation-generator-prompt-builder.d.ts.map +1 -0
  187. package/dist/tools/prompt/documentation-generator-prompt-builder.js +152 -0
  188. package/dist/tools/prompt/documentation-generator-prompt-builder.js.map +1 -0
  189. package/dist/tools/prompt/domain-neutral-prompt-builder.d.ts +39 -39
  190. package/dist/tools/prompt/hierarchical-prompt-builder.d.ts +20 -20
  191. package/dist/tools/prompt/hierarchical-prompt-builder.d.ts.map +1 -1
  192. package/dist/tools/prompt/hierarchical-prompt-builder.js +275 -17
  193. package/dist/tools/prompt/hierarchical-prompt-builder.js.map +1 -1
  194. package/dist/tools/prompt/hierarchy-level-selector.d.ts +7 -0
  195. package/dist/tools/prompt/hierarchy-level-selector.d.ts.map +1 -0
  196. package/dist/tools/prompt/hierarchy-level-selector.js +256 -0
  197. package/dist/tools/prompt/hierarchy-level-selector.js.map +1 -0
  198. package/dist/tools/prompt/prompt-chaining-builder.d.ts +29 -0
  199. package/dist/tools/prompt/prompt-chaining-builder.d.ts.map +1 -0
  200. package/dist/tools/prompt/prompt-chaining-builder.js +212 -0
  201. package/dist/tools/prompt/prompt-chaining-builder.js.map +1 -0
  202. package/dist/tools/prompt/prompt-flow-builder.d.ts +24 -0
  203. package/dist/tools/prompt/prompt-flow-builder.d.ts.map +1 -0
  204. package/dist/tools/prompt/prompt-flow-builder.js +426 -0
  205. package/dist/tools/prompt/prompt-flow-builder.js.map +1 -0
  206. package/dist/tools/prompt/prompting-hierarchy-evaluator.d.ts +13 -0
  207. package/dist/tools/prompt/prompting-hierarchy-evaluator.d.ts.map +1 -0
  208. package/dist/tools/prompt/prompting-hierarchy-evaluator.js +372 -0
  209. package/dist/tools/prompt/prompting-hierarchy-evaluator.js.map +1 -0
  210. package/dist/tools/prompt/spark-prompt-builder.d.ts +54 -54
  211. package/dist/tools/prompt/types/hierarchy.types.d.ts +42 -0
  212. package/dist/tools/prompt/types/hierarchy.types.d.ts.map +1 -0
  213. package/dist/tools/prompt/types/hierarchy.types.js +23 -0
  214. package/dist/tools/prompt/types/hierarchy.types.js.map +1 -0
  215. package/dist/tools/prompt/types/index.d.ts +2 -0
  216. package/dist/tools/prompt/types/index.d.ts.map +1 -0
  217. package/dist/tools/prompt/types/index.js +3 -0
  218. package/dist/tools/prompt/types/index.js.map +1 -0
  219. package/dist/tools/semantic-code-analyzer.d.ts +7 -0
  220. package/dist/tools/semantic-code-analyzer.d.ts.map +1 -0
  221. package/dist/tools/semantic-code-analyzer.js +380 -0
  222. package/dist/tools/semantic-code-analyzer.js.map +1 -0
  223. package/dist/tools/shared/errors.d.ts +101 -0
  224. package/dist/tools/shared/errors.d.ts.map +1 -0
  225. package/dist/tools/shared/errors.js +176 -0
  226. package/dist/tools/shared/errors.js.map +1 -0
  227. package/dist/tools/shared/logger.d.ts +40 -0
  228. package/dist/tools/shared/logger.d.ts.map +1 -0
  229. package/dist/tools/shared/logger.js +53 -0
  230. package/dist/tools/shared/logger.js.map +1 -0
  231. package/dist/tools/shared/prompt-sections.d.ts +3 -7
  232. package/dist/tools/shared/prompt-sections.d.ts.map +1 -1
  233. package/dist/tools/shared/prompt-sections.js +2 -26
  234. package/dist/tools/shared/prompt-sections.js.map +1 -1
  235. package/dist/tools/shared/prompt-utils.d.ts +2 -6
  236. package/dist/tools/shared/prompt-utils.d.ts.map +1 -1
  237. package/dist/tools/shared/prompt-utils.js.map +1 -1
  238. package/dist/tools/shared/types/index.d.ts +3 -0
  239. package/dist/tools/shared/types/index.d.ts.map +1 -0
  240. package/dist/tools/shared/types/index.js +3 -0
  241. package/dist/tools/shared/types/index.js.map +1 -0
  242. package/dist/tools/shared/types/prompt-sections.types.d.ts +8 -0
  243. package/dist/tools/shared/types/prompt-sections.types.d.ts.map +1 -0
  244. package/dist/tools/shared/types/prompt-sections.types.js +28 -0
  245. package/dist/tools/shared/types/prompt-sections.types.js.map +1 -0
  246. package/dist/tools/shared/types/prompt-utils.types.d.ts +7 -0
  247. package/dist/tools/shared/types/prompt-utils.types.d.ts.map +1 -0
  248. package/dist/tools/shared/types/prompt-utils.types.js +3 -0
  249. package/dist/tools/shared/types/prompt-utils.types.js.map +1 -0
  250. package/dist/tools/sprint-timeline-calculator.d.ts.map +1 -1
  251. package/dist/tools/sprint-timeline-calculator.js +134 -28
  252. package/dist/tools/sprint-timeline-calculator.js.map +1 -1
  253. package/package.json +9 -3
package/README.md CHANGED
@@ -130,14 +130,18 @@ After adding the server, open your chat client (e.g., Cline in VS Code). The too
130
130
 
131
131
  - Run a tool directly by name:
132
132
  - `hierarchical-prompt-builder` — Provide context, goal, and optional requirements.
133
+ - `clean-code-scorer` — Calculate comprehensive Clean Code score (0-100) with coverage metrics.
133
134
  - `code-hygiene-analyzer` — Paste code or point to a file and set language.
134
135
  - `mermaid-diagram-generator` — Describe the system and select a diagram type.
135
136
  - Ask in natural language and pick the suggested tool.
136
137
 
137
138
  Example prompts:
138
139
  - "Use hierarchical-prompt-builder to create a refactor plan for src/index.ts with outputFormat markdown."
140
+ - "Use clean-code-scorer to analyze my project with current coverage metrics and get a quality score."
139
141
  - "Analyze this Python file with code-hygiene-analyzer; highlight security issues."
140
- - "Generate a Mermaid diagram for our pipeline using mermaid-diagram-generator (flowchart)."
142
+ - "Generate a Mermaid sequence diagram showing: User sends request to API, API queries Database, Database returns data, API responds to User."
143
+ - "Create an ER diagram for: Customer has Orders, Order contains LineItems, Product referenced in LineItems."
144
+ - "Build a user journey map for our checkout flow using mermaid-diagram-generator."
141
145
 
142
146
  Tip: Most clients can pass file content automatically when you select a file and invoke a tool.
143
147
 
@@ -145,6 +149,140 @@ GitHub Chat (VS Code): In the chat, type your request and pick a tool suggestion
145
149
 
146
150
  ## Features
147
151
 
152
+ > **🏆 NEW: Clean Code 100/100 Initiative** — Comprehensive code quality scoring system with automated dashboard generation. Track and achieve perfect code quality across coverage, TypeScript, linting, and security. See [docs/CLEAN_CODE_INITIATIVE.md](./docs/CLEAN_CODE_INITIATIVE.md) for the complete guide.
153
+ > - **Dashboard**: Run `npm run clean-code-dashboard` to generate score report
154
+ > - **MCP Tool**: `clean-code-scorer` for on-demand quality analysis
155
+ > - **Automated Gates**: Lefthook quality gates enforce standards on every commit
156
+
157
+ > **🆕 NEW: Serena-Inspired Strategies** — We've integrated effective agent strategies from [@oraios/serena](https://github.com/oraios/serena) including semantic code analysis, project onboarding, and flexible mode switching. See [docs/SERENA_STRATEGIES.md](./docs/SERENA_STRATEGIES.md) for details.
158
+
159
+ > **🌊 NEW: Flow-Based Prompting** — Advanced prompting strategies inspired by [@ruvnet/claude-flow](https://github.com/ruvnet/claude-flow) including prompt chaining, declarative flows, and dynamic orchestration.
160
+ > - **Examples**: [docs/FLOW_PROMPTING_EXAMPLES.md](./docs/FLOW_PROMPTING_EXAMPLES.md)
161
+ > - **Integration Guide**: [docs/FLOW_SERENA_INTEGRATION.md](./docs/FLOW_SERENA_INTEGRATION.md) - Combining flow-based prompting with Serena memory patterns
162
+
163
+ <details>
164
+ <summary><strong>🔗 Prompt Chaining Builder</strong> — Multi-step prompts with output passing (NEW)</summary>
165
+
166
+ Usage: `prompt-chaining-builder`
167
+
168
+ | Parameter | Required | Description |
169
+ | -------------- | -------- | ------------------------------------- |
170
+ | `chainName` | ✅ | Name of the prompt chain |
171
+ | `steps` | ✅ | Array of chain steps with prompts |
172
+ | `description` | ❌ | Description of chain purpose |
173
+ | `context` | ❌ | Global context for the chain |
174
+ | `globalVariables` | ❌ | Variables accessible to all steps |
175
+ | `executionStrategy` | ❌ | sequential/parallel-where-possible |
176
+
177
+ Build sophisticated multi-step prompt workflows where each step can depend on outputs from previous steps. Supports error handling strategies (skip/retry/abort) and automatic Mermaid visualization.
178
+
179
+ **Example:**
180
+ ```typescript
181
+ {
182
+ chainName: "Security Analysis Pipeline",
183
+ steps: [
184
+ {
185
+ name: "Scan",
186
+ prompt: "Scan for vulnerabilities",
187
+ outputKey: "vulns"
188
+ },
189
+ {
190
+ name: "Assess",
191
+ prompt: "Assess severity of {{vulns}}",
192
+ dependencies: ["vulns"],
193
+ errorHandling: "retry"
194
+ }
195
+ ]
196
+ }
197
+ ```
198
+
199
+ </details>
200
+
201
+ <details>
202
+ <summary><strong>🌊 Prompt Flow Builder</strong> — Declarative flows with branching/loops (NEW)</summary>
203
+
204
+ Usage: `prompt-flow-builder`
205
+
206
+ | Parameter | Required | Description |
207
+ | -------------- | -------- | ------------------------------------- |
208
+ | `flowName` | ✅ | Name of the prompt flow |
209
+ | `nodes` | ✅ | Flow nodes (prompt/condition/loop/parallel/merge/transform) |
210
+ | `edges` | ❌ | Connections between nodes with conditions |
211
+ | `entryPoint` | ❌ | Starting node ID |
212
+ | `variables` | ❌ | Flow-level variables |
213
+ | `outputFormat` | ❌ | markdown/mermaid/both |
214
+
215
+ Create complex adaptive prompt flows with conditional branching, loops, parallel execution, and merge points. Automatically generates Mermaid flowcharts and execution guides.
216
+
217
+ **Example:**
218
+ ```typescript
219
+ {
220
+ flowName: "Adaptive Code Review",
221
+ nodes: [
222
+ { id: "analyze", type: "prompt", name: "Analyze" },
223
+ { id: "check", type: "condition", name: "Complex?",
224
+ config: { expression: "complexity > 10" } },
225
+ { id: "deep", type: "prompt", name: "Deep Review" },
226
+ { id: "quick", type: "prompt", name: "Quick Check" }
227
+ ],
228
+ edges: [
229
+ { from: "analyze", to: "check" },
230
+ { from: "check", to: "deep", condition: "true" },
231
+ { from: "check", to: "quick", condition: "false" }
232
+ ]
233
+ }
234
+ ```
235
+
236
+ </details>
237
+
238
+ <details>
239
+ <summary><strong>🔍 Semantic Code Analyzer</strong> — Symbol-based code understanding (NEW)</summary>
240
+
241
+ Usage: `semantic-code-analyzer`
242
+
243
+ | Parameter | Required | Description |
244
+ | -------------- | -------- | ------------------------------------- |
245
+ | `codeContent` | ✅ | Code content to analyze |
246
+ | `language` | ❌ | Programming language (auto-detected) |
247
+ | `analysisType` | ❌ | symbols/structure/dependencies/patterns/all |
248
+
249
+ Performs semantic analysis to identify symbols, dependencies, patterns, and structure. Inspired by Serena's language server approach.
250
+
251
+ </details>
252
+
253
+ <details>
254
+ <summary><strong>🚀 Project Onboarding</strong> — Comprehensive project familiarization (NEW)</summary>
255
+
256
+ Usage: `project-onboarding`
257
+
258
+ | Parameter | Required | Description |
259
+ | -------------- | -------- | ------------------------------------- |
260
+ | `projectPath` | ✅ | Path to project directory |
261
+ | `projectName` | ❌ | Name of the project |
262
+ | `projectType` | ❌ | library/application/service/tool/other |
263
+ | `analysisDepth`| ❌ | quick/standard/deep |
264
+ | `includeMemories` | ❌ | Generate project memories (default: true) |
265
+
266
+ Analyzes project structure, detects technologies, and generates memories for context retention. Based on Serena's onboarding system.
267
+
268
+ </details>
269
+
270
+ <details>
271
+ <summary><strong>🔄 Mode Switcher</strong> — Flexible agent operation modes (NEW)</summary>
272
+
273
+ Usage: `mode-switcher`
274
+
275
+ | Parameter | Required | Description |
276
+ | -------------- | -------- | ------------------------------------- |
277
+ | `targetMode` | ✅ | Mode to switch to (planning/editing/analysis/etc.) |
278
+ | `currentMode` | ❌ | Current active mode |
279
+ | `context` | ❌ | Operating context (desktop-app/ide-assistant/etc.) |
280
+ | `reason` | ❌ | Reason for mode switch |
281
+
282
+ Switches between operation modes with optimized tool sets and prompting strategies. Modes include: planning, editing, analysis, interactive, one-shot, debugging, refactoring, documentation.
283
+
284
+ </details>
285
+
148
286
  <details>
149
287
  <summary><strong>Hierarchical Prompt Builder</strong> — Build structured prompts with clear hierarchies</summary>
150
288
 
@@ -205,11 +343,75 @@ Usage: `security-hardening-prompt-builder`
205
343
 
206
344
  Usage: `mermaid-diagram-generator`
207
345
 
208
- | Parameter | Required | Description |
209
- | ------------- | -------- | ---------------------------------------------------------------- |
210
- | `description` | | Description of the system or process to diagram |
211
- | `diagramType` | | Type: `flowchart`, `sequence`, `class`, `state`, `gantt`, `pie` |
212
- | `theme` | | Visual theme for the diagram |
346
+ Generates Mermaid diagrams with intelligent parsing of descriptions for rich, customizable visualizations.
347
+
348
+ | Parameter | Required | Description |
349
+ | ------------------ | -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- |
350
+ | `description` | | Description of the system or process to diagram. Be detailed and specific for better diagram generation. |
351
+ | `diagramType` | ✅ | Type: `flowchart`, `sequence`, `class`, `state`, `gantt`, `pie`, `er`, `journey`, `quadrant`, `git-graph`, `mindmap`, `timeline` |
352
+ | `theme` | ❌ | Visual theme: `default`, `dark`, `forest`, `neutral` |
353
+ | `direction` | ❌ | Flowchart direction: `TD`/`TB` (top-down), `BT` (bottom-top), `LR` (left-right), `RL` (right-left) |
354
+ | `strict` | ❌ | If true, never emit invalid diagram; use fallback if needed (default: true) |
355
+ | `repair` | ❌ | Attempt auto-repair on validation failure (default: true) |
356
+ | `accTitle` | ❌ | Accessibility title (added as Mermaid comment) |
357
+ | `accDescr` | ❌ | Accessibility description (added as Mermaid comment) |
358
+ | `customStyles` | ❌ | Custom CSS/styling directives for advanced customization |
359
+ | `advancedFeatures` | ❌ | Type-specific advanced features (e.g., `{autonumber: true}` for sequence diagrams) |
360
+
361
+ **Enhanced Features:**
362
+
363
+ - **Intelligent Description Parsing**: All diagram types now parse descriptions to extract relevant entities, relationships, and structures
364
+ - **New Diagram Types**:
365
+ - `er` - Entity Relationship diagrams for database schemas
366
+ - `journey` - User journey maps for UX workflows
367
+ - `quadrant` - Quadrant/priority charts for decision matrices
368
+ - `git-graph` - Git commit history visualization
369
+ - `mindmap` - Hierarchical concept maps
370
+ - `timeline` - Event timelines and roadmaps
371
+ - **Advanced Customization**: Direction control, themes, custom styles, and type-specific features
372
+ - **Smart Fallbacks**: Generates sensible default diagrams when description parsing is ambiguous
373
+
374
+ **Examples:**
375
+
376
+ ```bash
377
+ # Sequence diagram with participants auto-detected from description
378
+ {
379
+ "description": "User sends login request to API. API queries Database for credentials. Database returns user data. API responds to User with token.",
380
+ "diagramType": "sequence",
381
+ "advancedFeatures": {"autonumber": true}
382
+ }
383
+
384
+ # Class diagram with relationships extracted
385
+ {
386
+ "description": "User has id and email. Order contains Product items. User places Order. Product has price and name.",
387
+ "diagramType": "class"
388
+ }
389
+
390
+ # ER diagram for database schema
391
+ {
392
+ "description": "Customer places Order. Order contains LineItem. Product is referenced in LineItem.",
393
+ "diagramType": "er"
394
+ }
395
+
396
+ # User journey map
397
+ {
398
+ "description": "Shopping Journey. Section Discovery: User finds product. User reads reviews. Section Purchase: User adds to cart. User completes checkout.",
399
+ "diagramType": "journey"
400
+ }
401
+
402
+ # Gantt chart with tasks from description
403
+ {
404
+ "description": "Project: Feature Development. Phase Planning: Research requirements. Design architecture. Phase Development: Implement backend. Create frontend. Phase Testing: QA validation.",
405
+ "diagramType": "gantt"
406
+ }
407
+
408
+ # Flowchart with custom direction
409
+ {
410
+ "description": "Receive request. Validate input. Process data. Return response.",
411
+ "diagramType": "flowchart",
412
+ "direction": "LR"
413
+ }
414
+ ```
213
415
 
214
416
  </details>
215
417
 
@@ -323,6 +525,9 @@ npm run test:demo # Demo runner
323
525
  npm run test:mcp # MCP smoke script
324
526
  npm run test:coverage:unit # Unit test coverage (text-summary, lcov, html)
325
527
  npm run quality # Type-check + Biome check
528
+ npm run audit # Security audit (production dependencies)
529
+ npm run audit:fix # Auto-fix vulnerabilities
530
+ npm run audit:production # Audit production dependencies only
326
531
  ```
327
532
 
328
533
  ### Git Hooks with Lefthook 🪝
@@ -346,6 +551,7 @@ npx lefthook run pre-push # Run pre-push checks manually
346
551
  - 🧹 **Code Hygiene**: Trailing whitespace & EOF fixes
347
552
 
348
553
  **Pre-push hooks** (comprehensive validation):
554
+ - 🔒 **Security Audit**: Dependency vulnerability scanning (moderate+ level)
349
555
  - 🧪 **Testing**: Full test suite (unit, integration, demo, MCP)
350
556
  - ⚡ **Quality**: Type checking + Biome validation
351
557
 
@@ -395,9 +601,30 @@ VS Code + Docker settings:
395
601
 
396
602
  ## Security
397
603
 
398
- - No secrets committed; releases use provenance where supported.
399
- - Docker images are signed (Cosign); supply‑chain security via Sigstore.
400
- - Report vulnerabilities via GitHub Security tab or Issues.
604
+ - **Dependency Scanning**: Automated vulnerability scanning runs on every PR and push to main
605
+ - Production dependencies: fails on moderate+ vulnerabilities
606
+ - All dependencies: audited and reported (dev dependencies don't block builds)
607
+ - Local audit: `npm run audit` or `npm audit --audit-level=moderate`
608
+ - Auto-fix: `npm run audit:fix` to automatically fix vulnerabilities when possible
609
+ - Pre-push hook: automatically checks for vulnerabilities before pushing code
610
+ - **Secrets Protection**: No secrets committed; releases use provenance where supported
611
+ - **Supply Chain Security**: Docker images are signed (Cosign); artifacts signed via Sigstore
612
+ - **Vulnerability Reporting**: Report security issues via [GitHub Security tab](https://github.com/Anselmoo/mcp-ai-agent-guidelines/security) or Issues
613
+
614
+ ### Remediation Steps for Maintainers
615
+
616
+ When vulnerabilities are detected:
617
+
618
+ 1. **Review the vulnerability**: `npm audit` provides details about affected packages
619
+ 2. **Update dependencies**: `npm run audit:fix` to apply automatic fixes
620
+ 3. **Manual updates**: If auto-fix doesn't work, update package.json manually:
621
+ ```bash
622
+ npm update <package-name>
623
+ # or for major version updates
624
+ npm install <package-name>@latest
625
+ ```
626
+ 4. **Test changes**: Run `npm run test:all` to ensure updates don't break functionality
627
+ 5. **Override if needed**: For false positives or accepted risks, document in security policy
401
628
 
402
629
  ## Documentation
403
630