musubi-sdd 5.1.0 → 5.6.1

package/src/templates/agents/claude-code/skills/cloud-architect/azure-patterns.md

@@ -72,16 +72,16 @@ spec:
         app: my-api
     spec:
       containers:
-      - name: api
-        image: myregistry.azurecr.io/my-api:latest
-        ports:
-        - containerPort: 3000
-        env:
-        - name: DATABASE_URL
-          valueFrom:
-            secretKeyRef:
-              name: db-secret
-              key: connection-string
+        - name: api
+          image: myregistry.azurecr.io/my-api:latest
+          ports:
+            - containerPort: 3000
+          env:
+            - name: DATABASE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: db-secret
+                  key: connection-string
 ```
 
 ---
@@ -216,30 +216,35 @@ resource keyVaultAccessPolicy 'Microsoft.KeyVault/vaults/accessPolicies@2021-04-
 ## Azure Well-Architected
 
 ### Reliability
+
 - [ ] Availability zones used
 - [ ] Traffic Manager/Front Door configured
 - [ ] Geo-replication enabled
 - [ ] Backup and restore tested
 
 ### Security
+
 - [ ] Azure AD authentication
 - [ ] Managed identities used
 - [ ] Key Vault for secrets
 - [ ] Private endpoints configured
 
 ### Cost Optimization
+
 - [ ] Reserved instances evaluated
 - [ ] Right-sized resources
 - [ ] Auto-scaling configured
 - [ ] Cost alerts set up
 
 ### Operational Excellence
+
 - [ ] ARM/Bicep templates
 - [ ] Azure DevOps pipelines
 - [ ] Application Insights
 - [ ] Log Analytics workspace
 
 ### Performance
+
 - [ ] CDN for static content
 - [ ] Redis Cache configured
 - [ ] Appropriate service tiers
@@ -285,16 +290,16 @@ module compute './modules/compute.bicep' = {
 
 ## Service Selection Guide
 
-| Need | Service |
-|------|---------|
-| Simple web app | App Service |
-| Containers | AKS or Container Apps |
-| Serverless | Functions |
-| SQL database | Azure SQL |
-| NoSQL database | Cosmos DB |
-| Messaging | Service Bus |
-| Events | Event Grid |
-| Storage | Blob Storage |
-| CDN | Azure CDN / Front Door |
-| Secrets | Key Vault |
-| Monitoring | Application Insights |
+| Need           | Service                |
+| -------------- | ---------------------- |
+| Simple web app | App Service            |
+| Containers     | AKS or Container Apps  |
+| Serverless     | Functions              |
+| SQL database   | Azure SQL              |
+| NoSQL database | Cosmos DB              |
+| Messaging      | Service Bus            |
+| Events         | Event Grid             |
+| Storage        | Blob Storage           |
+| CDN            | Azure CDN / Front Door |
+| Secrets        | Key Vault              |
+| Monitoring     | Application Insights   |

package/src/templates/agents/claude-code/skills/code-reviewer/SKILL.md

@@ -96,11 +96,13 @@ musubi-workflow next testing
 ### レビュー結果に応じたアクション
 
 **レビュー承認の場合**:
+
 ```bash
 musubi-workflow next testing
 ```
 
 **修正が必要な場合（フィードバックループ）**:
+
 ```bash
 musubi-workflow feedback review implementation -r "コード品質の問題を発見"
 ```
@@ -118,6 +120,65 @@ musubi-workflow feedback review implementation -r "コード品質の問題を
 
 ---
 
+## MUSUBI ComplexityAnalyzer Module (v5.5.0+)
+
+**Available Module**: `src/analyzers/complexity-analyzer.js`
+
+The ComplexityAnalyzer module provides automated cyclomatic and cognitive complexity analysis.
+
+### Module Usage
+
+```javascript
+const { ComplexityAnalyzer, THRESHOLDS } = require('musubi-sdd');
+
+const analyzer = new ComplexityAnalyzer();
+
+// Cyclomatic complexity (McCabe)
+const cyclomatic = analyzer.calculateCyclomaticComplexity(code, 'javascript');
+
+// Cognitive complexity (SonarSource method)
+const cognitive = analyzer.calculateCognitiveComplexity(code, 'javascript');
+
+// Analyze entire file
+const fileAnalysis = await analyzer.analyzeFile('src/utils.js');
+console.log(`Cyclomatic: ${fileAnalysis.cyclomatic}`);
+console.log(`Cognitive: ${fileAnalysis.cognitive}`);
+console.log(`Severity: ${fileAnalysis.severity}`);
+```
+
+### Complexity Thresholds
+
+| Level        | Cyclomatic | Cognitive | Action               |
+| ------------ | ---------- | --------- | -------------------- |
+| **Ideal**    | ≤10        | ≤15       | No action needed     |
+| **Warning**  | 11-20      | 16-30     | Consider refactoring |
+| **Critical** | 21-50      | 31-60     | Refactoring required |
+| **Extreme**  | >50        | >60       | Urgent refactoring   |
+
+### Multi-Language Support
+
+- JavaScript, TypeScript
+- Python
+- Java
+- C, C++
+- Go
+- Rust
+
+### Integration with Code Review
+
+1. **Automated complexity check** before review
+2. **Identify complex functions** that need refactoring
+3. **Generate recommendations** for splitting functions
+4. **Track complexity trends** over time
+
+```javascript
+// Get recommendations
+const recommendations = analyzer.getRecommendations(fileAnalysis);
+// Example: "Consider splitting function processData into smaller functions"
+```
+
+---
+
 ## 3. Documentation Language Policy
 
 **CRITICAL: 英語版と日本語版の両方を必ず作成**

package/src/templates/agents/claude-code/skills/code-reviewer/best-practices.md

@@ -9,28 +9,33 @@ Guidelines for conducting effective and constructive code reviews.
 ## For Reviewers
 
 ### Be Constructive
+
 - Focus on the code, not the author
 - Explain the "why" behind suggestions
 - Offer alternatives, not just criticism
 - Acknowledge good work with praise
 
 ### Be Specific
+
 ```
 ❌ "This is confusing"
 ✅ "This function is doing too much. Consider splitting authentication and session creation."
 ```
 
 ### Be Timely
+
 - Review within 24 hours when possible
 - Small PRs should be reviewed within hours
 - Don't let reviews become bottlenecks
 
 ### Ask Questions
+
 - "Could you explain the reasoning here?"
 - "Have you considered using X instead?"
 - Use questions instead of commands when appropriate
 
 ### Prioritize Issues
+
 - Focus on correctness and security first
 - Style issues are lower priority
 - Don't nitpick on preferences
@@ -40,33 +45,41 @@ Guidelines for conducting effective and constructive code reviews.
 ## For Authors
 
 ### Keep PRs Small
+
 - Aim for < 400 lines of code
 - Split large changes into logical chunks
 - One logical change per PR
 
 ### Write Good Descriptions
+
 ```markdown
 ## What
+
 Brief description of the change
 
 ## Why
+
 Link to issue/requirement: REQ-AUTH-001
 
 ## How
+
 Technical approach taken
 
 ## Testing
+
 How this was tested
 
 ## Screenshots (if UI change)
 ```
 
 ### Self-Review First
+
 - Review your own code before requesting review
 - Check for obvious issues
 - Ensure CI passes
 
 ### Respond Constructively
+
 - Don't take feedback personally
 - Ask for clarification if needed
 - Explain your reasoning if you disagree
@@ -76,26 +89,31 @@ How this was tested
 ## Review Anti-Patterns
 
 ### ❌ Rubber Stamping
+
 Quick approval without thorough review.
 
 **Impact**: Bugs and issues slip through.
 
 ### ❌ Gatekeeping
+
 Blocking PRs for minor style preferences.
 
 **Impact**: Slows development, frustrates team.
 
 ### ❌ Inconsistency
+
 Different standards for different people.
 
 **Impact**: Unfair treatment, unclear expectations.
 
 ### ❌ Delayed Reviews
+
 Letting PRs sit for days without attention.
 
 **Impact**: Context lost, merge conflicts increase.
 
 ### ❌ Personal Attacks
+
 Criticizing the author instead of the code.
 
 **Impact**: Toxic culture, reduced productivity.
@@ -105,25 +123,31 @@ Criticizing the author instead of the code.
 ## Effective Feedback Examples
 
 ### Instead of
+
 ❌ "This is wrong"
 
 ### Say
+
 ✅ "This approach might cause issues when X happens. Consider handling that case by..."
 
 ---
 
 ### Instead of
+
 ❌ "Why did you do it this way?"
 
 ### Say
+
 ✅ "I see you chose approach X. I'm curious about the reasoning - was there a specific constraint? I was thinking Y might also work because..."
 
 ---
 
 ### Instead of
+
 ❌ "This is unreadable"
 
 ### Say
+
 ✅ "I had trouble following the logic here. Would extracting this into a named function with a descriptive name help clarify the intent?"
 
 ---
@@ -131,6 +155,7 @@ Criticizing the author instead of the code.
 ## Review Metrics (Optional)
 
 Track to improve process:
+
 - Average review turnaround time
 - Average PR size
 - Review comments per PR
@@ -141,6 +166,7 @@ Track to improve process:
 ## Automation
 
 Let automation handle:
+
 - Code formatting (Prettier, Black)
 - Linting (ESLint, Pylint)
 - Type checking (TypeScript, mypy)
@@ -148,6 +174,7 @@ Let automation handle:
 - Test coverage
 
 Focus human review on:
+
 - Logic and correctness
 - Architecture decisions
 - Maintainability

package/src/templates/agents/claude-code/skills/code-reviewer/review-checklist.md

@@ -9,6 +9,7 @@ A comprehensive checklist for conducting effective code reviews in MUSUBI SDD pr
 ## Pre-Review Checks
 
 ### Before Starting Review
+
 - [ ] PR/MR description clearly explains the change
 - [ ] Linked requirements/issues are referenced
 - [ ] CI/CD pipeline passes
@@ -20,6 +21,7 @@ A comprehensive checklist for conducting effective code reviews in MUSUBI SDD pr
 ## Code Quality Checklist
 
 ### 1. Functionality
+
 - [ ] Code implements the requirements correctly
 - [ ] Edge cases are handled
 - [ ] Error handling is appropriate
@@ -27,6 +29,7 @@ A comprehensive checklist for conducting effective code reviews in MUSUBI SDD pr
 - [ ] Code works as intended (manually verified if needed)
 
 ### 2. Design & Architecture
+
 - [ ] Follows existing architecture patterns (check `steering/structure.md`)
 - [ ] SOLID principles are applied appropriately
 - [ ] No unnecessary complexity (Article VII: Simplicity Gate)
@@ -34,6 +37,7 @@ A comprehensive checklist for conducting effective code reviews in MUSUBI SDD pr
 - [ ] Library-first principle followed (Article I)
 
 ### 3. Code Style
+
 - [ ] Consistent naming conventions
 - [ ] Proper indentation and formatting
 - [ ] Comments explain "why", not "what"
@@ -41,6 +45,7 @@ A comprehensive checklist for conducting effective code reviews in MUSUBI SDD pr
 - [ ] No debug/console statements left behind
 
 ### 4. Testing
+
 - [ ] Tests written before implementation (Article III)
 - [ ] Unit tests cover core logic
 - [ ] Integration tests verify component interaction
@@ -48,6 +53,7 @@ A comprehensive checklist for conducting effective code reviews in MUSUBI SDD pr
 - [ ] Edge cases and error paths are tested
 
 ### 5. Security
+
 - [ ] No hardcoded secrets or credentials
 - [ ] Input validation present
 - [ ] Output encoding for user-facing data
@@ -55,6 +61,7 @@ A comprehensive checklist for conducting effective code reviews in MUSUBI SDD pr
 - [ ] Authentication/authorization checked
 
 ### 6. Performance
+
 - [ ] No obvious performance issues
 - [ ] Database queries are optimized
 - [ ] No N+1 query problems
@@ -62,6 +69,7 @@ A comprehensive checklist for conducting effective code reviews in MUSUBI SDD pr
 - [ ] Large operations are async/background
 
 ### 7. Maintainability
+
 - [ ] Code is readable and self-documenting
 - [ ] Functions/methods are appropriately sized
 - [ ] No code duplication
@@ -72,21 +80,22 @@ A comprehensive checklist for conducting effective code reviews in MUSUBI SDD pr
 
 ## Review Severity Levels
 
-| Level | Description | Action |
-|-------|-------------|--------|
-| 🔴 **Blocker** | Critical issue, must fix | Request changes |
-| 🟠 **Major** | Significant issue, should fix | Request changes |
-| 🟡 **Minor** | Small issue, nice to fix | Approve with comments |
-| 🔵 **Suggestion** | Optional improvement | Approve with comments |
-| 💬 **Question** | Need clarification | Comment |
-| 👍 **Praise** | Good implementation | Comment |
+| Level             | Description                   | Action                |
+| ----------------- | ----------------------------- | --------------------- |
+| 🔴 **Blocker**    | Critical issue, must fix      | Request changes       |
+| 🟠 **Major**      | Significant issue, should fix | Request changes       |
+| 🟡 **Minor**      | Small issue, nice to fix      | Approve with comments |
+| 🔵 **Suggestion** | Optional improvement          | Approve with comments |
+| 💬 **Question**   | Need clarification            | Comment               |
+| 👍 **Praise**     | Good implementation           | Comment               |
 
 ---
 
 ## Review Comment Templates
 
 ### Blocker
-```
+
+````
 🔴 **Blocker**: [Description]
 
 This needs to be fixed before merge because [reason].
@@ -94,33 +103,42 @@ This needs to be fixed before merge because [reason].
 **Suggested fix:**
 ```code
 // Example fix
-```
+````
+
 ```
 
 ### Major Issue
 ```
+
 🟠 **Major**: [Description]
 
 This could cause [problem]. Consider [alternative approach].
+
 ```
 
 ### Minor Issue
 ```
+
 🟡 **Minor**: [Description]
 
 Not critical, but would improve [aspect].
+
 ```
 
 ### Suggestion
 ```
+
 🔵 **Suggestion**: [Description]
 
 Optional: This could be improved by [suggestion].
+
 ```
 
 ### Praise
 ```
+
 👍 Nice implementation of [feature]. Clean and readable!
+
 ```
 
 ---
@@ -182,3 +200,4 @@ During review, verify:
 - Need more information
 - Questions about approach
 - Discussion needed before decision
+```

package/src/templates/agents/claude-code/skills/code-reviewer/review-standards.md

@@ -11,6 +11,7 @@ Guidelines and checklists for conducting effective code reviews.
 ### 1. Preparation
 
 Before starting review:
+
 - [ ] Understand the context (ticket/issue)
 - [ ] Review related documentation
 - [ ] Check if tests are included
@@ -27,13 +28,13 @@ Before starting review:
 
 ### 3. Time Guidelines
 
-| PR Size | Max Review Time |
-|---------|-----------------|
-| XS (< 50 lines) | 10 minutes |
-| S (50-200 lines) | 30 minutes |
-| M (200-500 lines) | 1 hour |
-| L (500-1000 lines) | 2 hours |
-| XL (> 1000 lines) | Request split |
+| PR Size            | Max Review Time |
+| ------------------ | --------------- |
+| XS (< 50 lines)    | 10 minutes      |
+| S (50-200 lines)   | 30 minutes      |
+| M (200-500 lines)  | 1 hour          |
+| L (500-1000 lines) | 2 hours         |
+| XL (> 1000 lines)  | Request split   |
 
 ---
 
@@ -115,28 +116,28 @@ Before starting review:
 
 Use prefixes for clarity:
 
-| Prefix | Meaning |
-|--------|---------|
-| `[blocking]` | Must fix before merge |
-| `[suggestion]` | Optional improvement |
-| `[question]` | Seeking understanding |
-| `[nit]` | Minor style issue |
-| `[praise]` | Positive feedback |
+| Prefix         | Meaning               |
+| -------------- | --------------------- |
+| `[blocking]`   | Must fix before merge |
+| `[suggestion]` | Optional improvement  |
+| `[question]`   | Seeking understanding |
+| `[nit]`        | Minor style issue     |
+| `[praise]`     | Positive feedback     |
 
 ### Examples
 
 ```markdown
-[blocking] This SQL query is vulnerable to injection. 
+[blocking] This SQL query is vulnerable to injection.
 Please use parameterized queries.
 
-[suggestion] Consider extracting this into a separate function 
+[suggestion] Consider extracting this into a separate function
 for reusability.
 
 [question] What's the expected behavior when `userId` is null?
 
 [nit] Extra whitespace on line 42.
 
-[praise] Great use of the strategy pattern here! 
+[praise] Great use of the strategy pattern here!
 Makes the code very extensible.
 ```
 
@@ -221,32 +222,36 @@ with open('file.txt') as f:
 
 ### Automated Checks
 
-| Check | Tool |
-|-------|------|
-| Formatting | Prettier, Black |
-| Linting | ESLint, Ruff |
-| Type checking | TypeScript, mypy |
-| Security | npm audit, Bandit |
-| Test coverage | Jest, pytest-cov |
+| Check         | Tool              |
+| ------------- | ----------------- |
+| Formatting    | Prettier, Black   |
+| Linting       | ESLint, Ruff      |
+| Type checking | TypeScript, mypy  |
+| Security      | npm audit, Bandit |
+| Test coverage | Jest, pytest-cov  |
 
 ### GitHub PR Template
 
 ```markdown
 ## Description
+
 [Describe changes]
 
 ## Type of Change
+
 - [ ] Bug fix
 - [ ] New feature
 - [ ] Breaking change
 - [ ] Documentation
 
 ## Testing
+
 - [ ] Unit tests added/updated
 - [ ] Integration tests added/updated
 - [ ] Manual testing completed
 
 ## Checklist
+
 - [ ] Self-review completed
 - [ ] Code follows style guidelines
 - [ ] Documentation updated

package/src/templates/agents/claude-code/skills/constitution-enforcer/SKILL.md

@@ -575,20 +575,22 @@ Once all gates pass:
 
 Use these commands to enforce constitutional compliance programmatically:
 
-| Command | Purpose | Example |
-|---------|---------|---------|
-| `musubi-validate guardrails --type safety` | Validate content against safety rules | `npx musubi-validate guardrails "content" --type safety` |
-| `musubi-validate guardrails --type safety --constitutional` | Full constitutional validation | `npx musubi-validate guardrails "code" --type safety --constitutional` |
-| `musubi-validate guardrails --type input` | Validate input against injection attacks | `npx musubi-validate guardrails "input" --type input` |
-| `musubi-validate guardrails-chain` | Run full guardrail chain | `npx musubi-validate guardrails-chain "content" --parallel` |
+| Command                                                     | Purpose                                  | Example                                                                |
+| ----------------------------------------------------------- | ---------------------------------------- | ---------------------------------------------------------------------- |
+| `musubi-validate guardrails --type safety`                  | Validate content against safety rules    | `npx musubi-validate guardrails "content" --type safety`               |
+| `musubi-validate guardrails --type safety --constitutional` | Full constitutional validation           | `npx musubi-validate guardrails "code" --type safety --constitutional` |
+| `musubi-validate guardrails --type input`                   | Validate input against injection attacks | `npx musubi-validate guardrails "input" --type input`                  |
+| `musubi-validate guardrails-chain`                          | Run full guardrail chain                 | `npx musubi-validate guardrails-chain "content" --parallel`            |
 
 **Constitutional Safety Levels**:
+
 - `--level low` - Permissive (development)
 - `--level medium` - Balanced (default)
 - `--level high` - Strict (production)
 - `--level critical` - Maximum (security-critical)
 
 **Use with Constitution Validation**:
+
 ```bash
 # Validate code against constitutional articles
 npx musubi-validate guardrails "$(cat src/feature.js)" --type safety --constitutional --level high