musubi-sdd 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (91) hide show
  1. package/LICENSE +21 -0
  2. package/README.ja.md +531 -0
  3. package/README.md +531 -0
  4. package/bin/musubi-init.js +321 -0
  5. package/bin/musubi.js +359 -0
  6. package/package.json +55 -0
  7. package/src/agents/registry.js +242 -0
  8. package/src/templates/agents/claude-code/CLAUDE.md +232 -0
  9. package/src/templates/agents/claude-code/commands/sdd-design.md +673 -0
  10. package/src/templates/agents/claude-code/commands/sdd-implement.md +777 -0
  11. package/src/templates/agents/claude-code/commands/sdd-requirements.md +438 -0
  12. package/src/templates/agents/claude-code/commands/sdd-steering.md +334 -0
  13. package/src/templates/agents/claude-code/commands/sdd-tasks.md +582 -0
  14. package/src/templates/agents/claude-code/commands/sdd-validate.md +710 -0
  15. package/src/templates/agents/claude-code/skills/ai-ml-engineer/SKILL.md +3055 -0
  16. package/src/templates/agents/claude-code/skills/api-designer/SKILL.md +1364 -0
  17. package/src/templates/agents/claude-code/skills/bug-hunter/SKILL.md +482 -0
  18. package/src/templates/agents/claude-code/skills/change-impact-analyzer/SKILL.md +397 -0
  19. package/src/templates/agents/claude-code/skills/cloud-architect/SKILL.md +1468 -0
  20. package/src/templates/agents/claude-code/skills/code-reviewer/SKILL.md +906 -0
  21. package/src/templates/agents/claude-code/skills/constitution-enforcer/SKILL.md +466 -0
  22. package/src/templates/agents/claude-code/skills/database-administrator/SKILL.md +3522 -0
  23. package/src/templates/agents/claude-code/skills/database-schema-designer/SKILL.md +1158 -0
  24. package/src/templates/agents/claude-code/skills/devops-engineer/SKILL.md +647 -0
  25. package/src/templates/agents/claude-code/skills/orchestrator/SKILL.md +574 -0
  26. package/src/templates/agents/claude-code/skills/performance-optimizer/SKILL.md +464 -0
  27. package/src/templates/agents/claude-code/skills/project-manager/SKILL.md +769 -0
  28. package/src/templates/agents/claude-code/skills/quality-assurance/SKILL.md +1059 -0
  29. package/src/templates/agents/claude-code/skills/release-coordinator/SKILL.md +653 -0
  30. package/src/templates/agents/claude-code/skills/requirements-analyst/SKILL.md +1287 -0
  31. package/src/templates/agents/claude-code/skills/security-auditor/SKILL.md +1107 -0
  32. package/src/templates/agents/claude-code/skills/site-reliability-engineer/SKILL.md +404 -0
  33. package/src/templates/agents/claude-code/skills/software-developer/SKILL.md +1254 -0
  34. package/src/templates/agents/claude-code/skills/steering/SKILL.md +383 -0
  35. package/src/templates/agents/claude-code/skills/system-architect/SKILL.md +1288 -0
  36. package/src/templates/agents/claude-code/skills/technical-writer/SKILL.md +712 -0
  37. package/src/templates/agents/claude-code/skills/test-engineer/SKILL.md +1262 -0
  38. package/src/templates/agents/claude-code/skills/traceability-auditor/SKILL.md +298 -0
  39. package/src/templates/agents/claude-code/skills/ui-ux-designer/SKILL.md +1009 -0
  40. package/src/templates/agents/codex/AGENTS.md +138 -0
  41. package/src/templates/agents/codex/commands/sdd-design.md +673 -0
  42. package/src/templates/agents/codex/commands/sdd-implement.md +777 -0
  43. package/src/templates/agents/codex/commands/sdd-requirements.md +438 -0
  44. package/src/templates/agents/codex/commands/sdd-steering.md +334 -0
  45. package/src/templates/agents/codex/commands/sdd-tasks.md +582 -0
  46. package/src/templates/agents/codex/commands/sdd-validate.md +710 -0
  47. package/src/templates/agents/cursor/AGENTS.md +138 -0
  48. package/src/templates/agents/cursor/commands/sdd-design.md +673 -0
  49. package/src/templates/agents/cursor/commands/sdd-implement.md +777 -0
  50. package/src/templates/agents/cursor/commands/sdd-requirements.md +438 -0
  51. package/src/templates/agents/cursor/commands/sdd-steering.md +334 -0
  52. package/src/templates/agents/cursor/commands/sdd-tasks.md +582 -0
  53. package/src/templates/agents/cursor/commands/sdd-validate.md +710 -0
  54. package/src/templates/agents/gemini-cli/GEMINI.md +128 -0
  55. package/src/templates/agents/gemini-cli/commands/sdd-design.toml +359 -0
  56. package/src/templates/agents/gemini-cli/commands/sdd-implement.toml +484 -0
  57. package/src/templates/agents/gemini-cli/commands/sdd-requirements.toml +291 -0
  58. package/src/templates/agents/gemini-cli/commands/sdd-steering.toml +209 -0
  59. package/src/templates/agents/gemini-cli/commands/sdd-tasks.toml +441 -0
  60. package/src/templates/agents/gemini-cli/commands/sdd-validate.toml +553 -0
  61. package/src/templates/agents/github-copilot/AGENTS.md +138 -0
  62. package/src/templates/agents/github-copilot/commands/sdd-design.md +673 -0
  63. package/src/templates/agents/github-copilot/commands/sdd-implement.md +777 -0
  64. package/src/templates/agents/github-copilot/commands/sdd-requirements.md +438 -0
  65. package/src/templates/agents/github-copilot/commands/sdd-steering.md +334 -0
  66. package/src/templates/agents/github-copilot/commands/sdd-tasks.md +582 -0
  67. package/src/templates/agents/github-copilot/commands/sdd-validate.md +710 -0
  68. package/src/templates/agents/qwen-code/QWEN.md +128 -0
  69. package/src/templates/agents/qwen-code/commands/sdd-design.md +673 -0
  70. package/src/templates/agents/qwen-code/commands/sdd-implement.md +777 -0
  71. package/src/templates/agents/qwen-code/commands/sdd-requirements.md +438 -0
  72. package/src/templates/agents/qwen-code/commands/sdd-steering.md +334 -0
  73. package/src/templates/agents/qwen-code/commands/sdd-tasks.md +582 -0
  74. package/src/templates/agents/qwen-code/commands/sdd-validate.md +710 -0
  75. package/src/templates/agents/windsurf/AGENTS.md +138 -0
  76. package/src/templates/agents/windsurf/commands/sdd-design.md +673 -0
  77. package/src/templates/agents/windsurf/commands/sdd-implement.md +777 -0
  78. package/src/templates/agents/windsurf/commands/sdd-requirements.md +438 -0
  79. package/src/templates/agents/windsurf/commands/sdd-steering.md +334 -0
  80. package/src/templates/agents/windsurf/commands/sdd-tasks.md +582 -0
  81. package/src/templates/agents/windsurf/commands/sdd-validate.md +710 -0
  82. package/src/templates/shared/constitution/constitution.md +408 -0
  83. package/src/templates/shared/constitution/ears-format.md +613 -0
  84. package/src/templates/shared/constitution/workflow.md +653 -0
  85. package/src/templates/shared/documents/design.md +737 -0
  86. package/src/templates/shared/documents/requirements.md +329 -0
  87. package/src/templates/shared/documents/research.md +494 -0
  88. package/src/templates/shared/documents/tasks.md +781 -0
  89. package/src/templates/shared/steering/product.md +544 -0
  90. package/src/templates/shared/steering/structure.md +405 -0
  91. package/src/templates/shared/steering/tech.md +537 -0
@@ -0,0 +1,128 @@
1
+ # MUSUBI for Gemini CLI
2
+
3
+ **Ultimate Specification Driven Development**
4
+
5
+ This project uses **MUSUBI** (Ultimate Specification Driven Development) configured for Gemini CLI.
6
+
7
+ ## Features
8
+
9
+ - 📋 **Constitutional Governance** - 9 immutable articles + Phase -1 Gates
10
+ - 📝 **EARS Requirements Format** - Unambiguous requirements with complete traceability
11
+ - 🧭 **Auto-Updating Project Memory** - Steering system maintains architecture, tech stack, and product context
12
+ - 🌐 **Bilingual Documentation** - All documents created in both English and Japanese
13
+
14
+ ## Commands
15
+
16
+ Gemini CLI uses commands in `.gemini/commands/`:
17
+
18
+ ```bash
19
+ # Generate project memory
20
+ /sdd-steering
21
+
22
+ # Create requirements
23
+ /sdd-requirements <feature>
24
+
25
+ # Design architecture
26
+ /sdd-design <feature>
27
+
28
+ # Break down into tasks
29
+ /sdd-tasks <feature>
30
+
31
+ # Implement feature
32
+ /sdd-implement <feature>
33
+
34
+ # Validate constitutional compliance
35
+ /sdd-validate <feature>
36
+ ```
37
+
38
+ ## Project Memory (Steering System)
39
+
40
+ **IMPORTANT**: Before starting any task, check if steering files exist in `steering/` directory:
41
+
42
+ - `steering/structure.md` - Architecture patterns, directory organization, naming conventions
43
+ - `steering/tech.md` - Technology stack, frameworks, development tools
44
+ - `steering/product.md` - Business context, product purpose, users
45
+
46
+ If these files exist, ALWAYS read them first to understand project context.
47
+
48
+ ## SDD Workflow (8 Stages)
49
+
50
+ ```
51
+ Research → Requirements → Design → Tasks → Implementation → Testing → Deployment → Monitoring
52
+ ```
53
+
54
+ Each stage has:
55
+ - Quality gates
56
+ - Traceability requirements
57
+ - Constitutional validation
58
+
59
+ ## EARS Requirements Format
60
+
61
+ All requirements must use EARS patterns:
62
+
63
+ ```markdown
64
+ ### Requirement: User Login
65
+
66
+ WHEN user provides valid credentials,
67
+ THEN the system SHALL authenticate the user
68
+ AND the system SHALL create a session.
69
+ ```
70
+
71
+ ## Constitutional Governance
72
+
73
+ MUSUBI enforces 9 immutable constitutional articles:
74
+
75
+ 1. **Library-First Principle** - Features start as libraries
76
+ 2. **CLI Interface Mandate** - All libraries expose CLI
77
+ 3. **Test-First Imperative** - Tests before code (Red-Green-Blue)
78
+ 4. **EARS Requirements Format** - Unambiguous requirements
79
+ 5. **Traceability Mandate** - 100% coverage required
80
+ 6. **Project Memory** - All commands check steering first
81
+ 7. **Simplicity Gate** - Maximum 3 projects initially
82
+ 8. **Anti-Abstraction Gate** - Use framework features directly
83
+ 9. **Integration-First Testing** - Real services over mocks
84
+
85
+ ## Bilingual Documentation
86
+
87
+ **All agent-generated documents are created in both English and Japanese.**
88
+
89
+ ### Language Policy
90
+
91
+ - **English**: Reference/source documents (`.md`)
92
+ - **Japanese**: Translations (`.ja.md`)
93
+ - **Commands**: Always read English versions for work
94
+ - **Code References**: Requirement IDs, technical terms stay in English
95
+
96
+ ## Quick Start
97
+
98
+ ### First Time Setup
99
+
100
+ 1. Generate project memory:
101
+ ```
102
+ /sdd-steering
103
+ ```
104
+
105
+ 2. Review steering context in `steering/` directory
106
+
107
+ 3. Start development
108
+
109
+ ### Example Usage
110
+
111
+ ```bash
112
+ # Greenfield Project (0→1)
113
+ /sdd-steering
114
+ /sdd-requirements user-authentication
115
+ /sdd-design user-authentication
116
+ /sdd-tasks user-authentication
117
+ /sdd-implement user-authentication
118
+ ```
119
+
120
+ ## Learn More
121
+
122
+ - [MUSUBI Documentation](https://github.com/your-org/musubi)
123
+ - [Constitutional Governance](steering/rules/constitution.md)
124
+ - [8-Stage SDD Workflow](steering/rules/workflow.md)
125
+
126
+ ---
127
+
128
+ **MUSUBI for Gemini CLI** - むすび - Bringing specifications, design, and code together.
@@ -0,0 +1,359 @@
1
+ name = "sdd-design"
2
+ description = "Generate technical design with C4 model and ADR based on requirements"
3
+
4
+ [[instructions]]
5
+ role = "system"
6
+ content = """
7
+ You are executing the /sdd-design command to create a technical design specification.
8
+
9
+ # Command Format
10
+
11
+ /sdd-design <feature-name>
12
+
13
+ Example: /sdd-design authentication
14
+
15
+ # Your Task
16
+
17
+ Create a comprehensive technical design for the given feature based on requirements.
18
+
19
+ # Step 1: Read Project Memory and Requirements
20
+
21
+ **IMPORTANT: Read these files FIRST (English versions only):**
22
+
23
+ 1. **Steering Context**:
24
+ - `steering/structure.md` - Architecture patterns
25
+ - `steering/tech.md` - Technology stack
26
+ - `steering/product.md` - Product context
27
+
28
+ 2. **Requirements**:
29
+ - `storage/specs/{{feature-name}}-requirements.md` - Feature requirements
30
+
31
+ **Note**: Always read English versions (.md), not Japanese translations (.ja.md)
32
+
33
+ # Step 2: Design Approach
34
+
35
+ Follow this design methodology:
36
+
37
+ 1. **Understand Requirements**: Map all EARS requirements
38
+ 2. **Align with Architecture**: Follow patterns from steering/structure.md
39
+ 3. **Technology Alignment**: Use stack from steering/tech.md
40
+ 4. **C4 Model**: Create architecture diagrams
41
+ 5. **ADR**: Document architectural decisions
42
+ 6. **API Design**: Define interfaces
43
+ 7. **Data Model**: Design database schema
44
+ 8. **Integration**: Define component interactions
45
+
46
+ # Step 3: Design Document Structure
47
+
48
+ ## 1. Overview
49
+ - Feature name and version
50
+ - Link to requirements document
51
+ - Design goals
52
+ - Constraints from steering
53
+
54
+ ## 2. Architecture (C4 Model)
55
+
56
+ ### Context Diagram (Level 1)
57
+ - System boundary
58
+ - External actors
59
+ - External systems
60
+
61
+ ### Container Diagram (Level 2)
62
+ - Application components
63
+ - Databases
64
+ - Message queues
65
+ - External services
66
+
67
+ ### Component Diagram (Level 3)
68
+ - Internal components
69
+ - Responsibilities
70
+ - Dependencies
71
+ - Communication patterns
72
+
73
+ ### Code Organization (Level 4)
74
+ - Directory structure (aligned with steering/structure.md)
75
+ - Key classes/modules
76
+ - File organization
77
+
78
+ ## 3. Architectural Decision Records (ADRs)
79
+
80
+ For each major decision:
81
+
82
+ **ADR-NNN: [Decision Title]**
83
+
84
+ - **Status**: Proposed / Accepted / Deprecated
85
+ - **Context**: What problem are we solving?
86
+ - **Decision**: What did we decide?
87
+ - **Consequences**: What are the trade-offs?
88
+ - **Alternatives Considered**: What other options were evaluated?
89
+
90
+ Example:
91
+ ```
92
+ ADR-001: Use JWT for Authentication Tokens
93
+
94
+ Status: Accepted
95
+ Context: Need stateless authentication mechanism for API
96
+ Decision: Use JWT (RS256) with 24-hour expiry
97
+ Consequences:
98
+ + Stateless, scales horizontally
99
+ + Standard, well-supported
100
+ - Cannot revoke tokens before expiry
101
+ - Larger token size than session IDs
102
+ Alternatives: Session cookies, OAuth tokens
103
+ ```
104
+
105
+ ## 4. Requirements Mapping
106
+
107
+ Map each requirement to design components:
108
+
109
+ | Requirement ID | Component | Implementation |
110
+ |---------------|-----------|----------------|
111
+ | REQ-AUTH-001 | AuthService | EmailRegistration class |
112
+ | REQ-AUTH-002 | PasswordValidator | validatePassword() |
113
+ | REQ-AUTH-003 | AuthService | login() method |
114
+
115
+ ## 5. API Design
116
+
117
+ ### Endpoints
118
+
119
+ For each API endpoint:
120
+
121
+ **POST /api/auth/register**
122
+ - Request: { email: string, password: string }
123
+ - Response: { userId: string, status: string }
124
+ - Errors: 400 (validation), 409 (conflict)
125
+ - Requirements: REQ-AUTH-001, REQ-AUTH-002
126
+
127
+ **POST /api/auth/login**
128
+ - Request: { email: string, password: string }
129
+ - Response: { token: string, expiresAt: string }
130
+ - Errors: 401 (unauthorized), 429 (rate limit)
131
+ - Requirements: REQ-AUTH-003
132
+
133
+ ### GraphQL Schema (if applicable)
134
+ ```graphql
135
+ type User {
136
+ id: ID!
137
+ email: String!
138
+ createdAt: DateTime!
139
+ }
140
+
141
+ type Mutation {
142
+ register(email: String!, password: String!): User!
143
+ login(email: String!, password: String!): AuthPayload!
144
+ }
145
+ ```
146
+
147
+ ## 6. Data Model
148
+
149
+ ### Database Schema
150
+
151
+ **users table**
152
+ ```sql
153
+ CREATE TABLE users (
154
+ id UUID PRIMARY KEY,
155
+ email VARCHAR(255) UNIQUE NOT NULL,
156
+ password_hash VARCHAR(255) NOT NULL,
157
+ created_at TIMESTAMP DEFAULT NOW(),
158
+ updated_at TIMESTAMP DEFAULT NOW()
159
+ );
160
+ ```
161
+
162
+ **sessions table**
163
+ ```sql
164
+ CREATE TABLE sessions (
165
+ id UUID PRIMARY KEY,
166
+ user_id UUID REFERENCES users(id),
167
+ token VARCHAR(512) NOT NULL,
168
+ expires_at TIMESTAMP NOT NULL,
169
+ created_at TIMESTAMP DEFAULT NOW()
170
+ );
171
+ ```
172
+
173
+ ### ER Diagram
174
+ ```
175
+ [User] 1 ---- * [Session]
176
+ [User] 1 ---- * [RefreshToken]
177
+ ```
178
+
179
+ ## 7. Component Design
180
+
181
+ ### AuthService
182
+ ```typescript
183
+ class AuthService {
184
+ async register(email: string, password: string): Promise<User>
185
+ async login(email: string, password: string): Promise<AuthToken>
186
+ async logout(userId: string): Promise<void>
187
+ async refreshToken(token: string): Promise<AuthToken>
188
+ }
189
+ ```
190
+
191
+ ### PasswordValidator
192
+ ```typescript
193
+ class PasswordValidator {
194
+ validate(password: string): ValidationResult
195
+ hash(password: string): Promise<string>
196
+ verify(password: string, hash: string): Promise<boolean>
197
+ }
198
+ ```
199
+
200
+ ## 8. Integration Points
201
+
202
+ ### Internal Dependencies
203
+ - UserRepository (lib/users/)
204
+ - EmailService (lib/notifications/)
205
+ - TokenService (lib/auth/tokens/)
206
+
207
+ ### External Dependencies
208
+ - PostgreSQL database
209
+ - Redis cache (for rate limiting)
210
+ - Email SMTP service
211
+
212
+ ## 9. Security Design
213
+
214
+ Based on Constitutional Article (OWASP Top 10):
215
+
216
+ - **A01: Broken Access Control**: JWT validation on all protected routes
217
+ - **A02: Cryptographic Failures**: bcrypt for passwords, RS256 for JWT
218
+ - **A03: Injection**: Parameterized queries with Prisma ORM
219
+ - **A05: Security Misconfiguration**: Environment variables for secrets
220
+ - **A07: Authentication Failures**: Rate limiting, account lockout
221
+
222
+ ## 10. Performance Considerations
223
+
224
+ - **Caching**: Cache user sessions in Redis
225
+ - **Database**: Index on email, user_id
226
+ - **Rate Limiting**: 5 login attempts per IP per minute
227
+ - **Async Operations**: Email sending via background queue
228
+
229
+ ## 11. Error Handling
230
+
231
+ ### Error Codes
232
+ - AUTH_001: Invalid credentials
233
+ - AUTH_002: Account locked
234
+ - AUTH_003: Token expired
235
+ - AUTH_004: Validation failed
236
+
237
+ ### Error Response Format
238
+ ```json
239
+ {
240
+ "error": {
241
+ "code": "AUTH_001",
242
+ "message": "Invalid credentials",
243
+ "details": { ... }
244
+ }
245
+ }
246
+ ```
247
+
248
+ ## 12. Testing Strategy
249
+
250
+ ### Unit Tests
251
+ - PasswordValidator.validate()
252
+ - AuthService.register()
253
+ - AuthService.login()
254
+
255
+ ### Integration Tests
256
+ - POST /api/auth/register
257
+ - POST /api/auth/login
258
+ - Token validation flow
259
+
260
+ ### Test Coverage Requirements
261
+ - Minimum 80% code coverage
262
+ - All EARS requirements tested
263
+ - All error paths tested
264
+
265
+ ## 13. Deployment
266
+
267
+ ### Environment Variables
268
+ - DATABASE_URL
269
+ - JWT_SECRET
270
+ - JWT_EXPIRES_IN
271
+ - REDIS_URL
272
+
273
+ ### Infrastructure
274
+ - Database migrations (Prisma)
275
+ - Redis for sessions
276
+ - SMTP configuration
277
+
278
+ ## 14. Constitutional Compliance
279
+
280
+ Verify alignment with Constitutional Articles:
281
+
282
+ - ✅ **Article I: Library-First**: Implemented in lib/auth/
283
+ - ✅ **Article II: CLI Interface**: CLI tool for user management
284
+ - ✅ **Article III: Test-First**: Test strategy defined
285
+ - ✅ **Article IV: EARS Format**: All requirements mapped
286
+ - ✅ **Article V: Traceability**: Requirements → Design mapping complete
287
+ - ✅ **Article VIII: Anti-Abstraction**: Use Prisma directly, no custom ORM wrapper
288
+
289
+ # Step 4: Bilingual Output
290
+
291
+ **IMPORTANT**: Create BOTH English and Japanese versions.
292
+
293
+ **English version (Primary/Reference)**:
294
+ Save to: `storage/specs/{{feature-name}}-design.md`
295
+
296
+ **Japanese version (Translation)**:
297
+ Save to: `storage/specs/{{feature-name}}-design.ja.md`
298
+
299
+ Translation rules:
300
+ - Keep technical terms in English (API, JWT, bcrypt, etc.)
301
+ - Keep code examples unchanged
302
+ - Keep requirement IDs in English (REQ-AUTH-001)
303
+ - Keep ADR numbers in English (ADR-001)
304
+ - Translate explanations and descriptions to Japanese
305
+
306
+ # Example C4 Diagrams
307
+
308
+ Use Mermaid or ASCII art:
309
+
310
+ ```mermaid
311
+ graph TB
312
+ User[User] --> WebApp[Web Application]
313
+ WebApp --> AuthAPI[Auth API]
314
+ AuthAPI --> DB[(PostgreSQL)]
315
+ AuthAPI --> Cache[(Redis)]
316
+ AuthAPI --> EmailService[Email Service]
317
+ ```
318
+
319
+ # Validation Checklist
320
+
321
+ Before finalizing:
322
+
323
+ 1. **Requirements Coverage**:
324
+ - All requirements from requirements.md mapped
325
+ - No missing functionality
326
+
327
+ 2. **Architecture Alignment**:
328
+ - Follows patterns from steering/structure.md
329
+ - Uses tech stack from steering/tech.md
330
+ - Aligns with product goals from steering/product.md
331
+
332
+ 3. **Constitutional Compliance**:
333
+ - Library-first approach
334
+ - CLI interface designed
335
+ - Test strategy defined
336
+ - EARS requirements mapped
337
+ - No unnecessary abstractions
338
+
339
+ 4. **Completeness**:
340
+ - All major components designed
341
+ - API contracts defined
342
+ - Data model complete
343
+ - Security considerations included
344
+ - Performance strategy defined
345
+
346
+ 5. **Bilingual**:
347
+ - Both English and Japanese versions created
348
+ - Technical terms consistent
349
+ - Diagrams identical
350
+
351
+ # Next Steps
352
+
353
+ After design is complete:
354
+ 1. User reviews and approves design
355
+ 2. Proceed to tasks: /sdd-tasks {{feature-name}}
356
+ 3. Or validate compliance: /sdd-validate {{feature-name}}
357
+
358
+ **Execute design generation now.**
359
+ """