omgkit 2.1.1 → 2.3.0

package/plugin/skills/omega/omega-sprint/SKILL.md

@@ -1,64 +1,226 @@
 ---
-name: omega-sprint
-description: Omega sprint management. Use for AI team sprint execution.
+name: managing-omega-sprints
+description: Orchestrates AI-native sprint management with autonomous agent coordination and continuous delivery. Use when running development sprints with AI agent teams or coordinating parallel task execution.
+category: omega
+triggers:
+  - omega sprint
+  - sprint planning
+  - AI team management
+  - agent orchestration
 ---
 
-# Omega Sprint Skill
+# Managing Omega Sprints
 
-## Sprint Lifecycle
+Execute **AI-native sprint management** with autonomous agent orchestration, intelligent task routing, and continuous delivery cycles.
+
+## Quick Start
+
+```yaml
+# 1. Define sprint vision
+Vision:
+  Objective: "Implement OAuth2 authentication"
+  Success: ["3 providers", "95% completion rate", "OWASP compliant"]
+
+# 2. Break into agent-executable tasks
+Tasks:
+  - { id: "types", agent: "architect", tokens: 5K }
+  - { id: "google-oauth", agent: "fullstack", tokens: 8K, depends: ["types"] }
+  - { id: "tests", agent: "tester", tokens: 6K, depends: ["google-oauth"] }
+
+# 3. Execute with autonomy level
+Execution:
+  Autonomy: "semi-auto"
+  Checkpoints: ["phase-complete", "error-threshold"]
+  QualityGates: ["coverage > 80%", "no-critical-bugs"]
 ```
-Vision → Backlog → Sprint → Execute → Retrospect
-   ↑                                      │
-   └──────────────────────────────────────┘
+
+## Features
+
+| Feature | Description | Guide |
+|---------|-------------|-------|
+| Sprint Lifecycle | Vision, Plan, Execute, Deliver, Retrospect | AI-native 5-phase cycle |
+| Task Breakdown | Atomic, testable, agent-sized tasks | Hours not days per task |
+| Agent Routing | Match tasks to optimal agents | Capability + load scoring |
+| Autonomy Levels | Full-auto to supervised modes | Balance speed and oversight |
+| Quality Gates | Automated checkpoints | Coverage, security, performance |
+| Parallel Execution | Swarm-based task processing | Maximize parallelization |
+| Sprint Analytics | Velocity, quality, efficiency metrics | Continuous improvement |
+
+## Common Patterns
+
+### Sprint Lifecycle
+
+```
+VISION ──> PLAN ──> EXECUTE ──> DELIVER ──> RETROSPECT
+   │         │         │           │             │
+   ▼         ▼         ▼           ▼             ▼
+ Define   Break into  Agents    Ship to      Learn and
+ success  agent-ready  work    production    improve
+ criteria   tasks    parallel
 ```
 
-## Vision Setting
-```yaml
-vision:
-  product: "What we're building"
-  users: "Who it's for"
-  goals: ["Goal 1", "Goal 2"]
-  success: "How we measure"
+### Vision Definition
+
+```typescript
+interface SprintVision {
+  objective: string;
+  businessValue: string;
+  successCriteria: SuccessCriterion[];
+  scope: {
+    included: string[];
+    excluded: string[];
+    risks: Risk[];
+  };
+  qualityGates: QualityGate[];
+}
+
+const vision: SprintVision = {
+  objective: "Implement user authentication with OAuth2",
+  businessValue: "Reduce signup friction by 60%",
+  successCriteria: [
+    { metric: "OAuth providers", target: 3 },
+    { metric: "Auth completion rate", target: "95%" },
+    { metric: "Security audit", target: "OWASP compliant" }
+  ],
+  qualityGates: [
+    { type: 'coverage', threshold: 80 },
+    { type: 'security-scan', threshold: 'no-critical' }
+  ]
+};
 ```
 
-## Sprint Planning
-1. Review backlog
-2. Select tasks for sprint
-3. Estimate (optional)
-4. Assign to agents
+### Task Breakdown
 
-## AI Team Execution
+```typescript
+interface SprintTask {
+  id: string;
+  title: string;
+  type: 'feature' | 'bugfix' | 'test' | 'docs';
+  priority: 'critical' | 'high' | 'medium';
+  estimatedTokens: number;
+  dependencies: string[];
+  suggestedAgent: AgentType;
+  acceptanceCriteria: string[];
+}
 
-### Autonomy Levels
-- **Full-Auto**: No human intervention
-- **Semi-Auto**: Review at checkpoints
-- **Manual**: Approve each step
+// Layer-based breakdown
+const tasks = [
+  // Layer 1: Foundation
+  { id: 'types', title: 'Define TypeScript interfaces', agent: 'architect' },
+  { id: 'schema', title: 'Create DB migrations', depends: ['types'] },
+
+  // Layer 2: Implementation (parallel)
+  { id: 'google', title: 'Google OAuth', depends: ['types'] },
+  { id: 'github', title: 'GitHub OAuth', depends: ['types'] },
+
+  // Layer 3: Quality
+  { id: 'tests', title: 'Integration tests', depends: ['google', 'github'] }
+];
+```
 
 ### Agent Routing
-| Task Type | Agent |
-|-----------|-------|
-| feature | fullstack-developer |
-| bugfix | debugger |
-| research | oracle |
-| docs | docs-manager |
-| test | tester |
-
-## Retrospective
-```markdown
-## What Went Well
-- [Success]
 
-## What Could Improve
-- [Learning]
+```typescript
+type AgentType = 'architect' | 'fullstack' | 'debugger' | 'tester' | 'reviewer';
 
-## Action Items
-- [Improvement for next sprint]
+const routingRules: Record<TaskType, AgentType[]> = {
+  feature: ['fullstack', 'frontend', 'backend'],
+  bugfix: ['debugger', 'fullstack'],
+  test: ['tester'],
+  docs: ['docs-manager'],
+  research: ['oracle', 'architect']
+};
+
+// Scoring algorithm
+function calculateFitScore(agent: Agent, task: Task): number {
+  let score = 0;
+  score += capabilityMatch * 40;      // Core capabilities
+  score += specializationMatch * 30;   // Domain expertise
+  score += (1 - loadFactor) * 20;      // Availability
+  score += hasContext ? 10 : 0;        // Context continuity
+  return score;
+}
+```
+
+### Autonomy Levels
+
+```typescript
+const autonomyConfigs = {
+  'full-auto': {
+    checkpoints: [{ trigger: 'phase-complete', action: 'notify' }],
+    approvalRequired: ['production-deploy']
+  },
+  'semi-auto': {
+    checkpoints: [
+      { trigger: 'task-complete', action: 'notify' },
+      { trigger: 'phase-complete', action: 'review', timeout: 3600 }
+    ],
+    approvalRequired: ['merge-to-main', 'production-deploy']
+  },
+  'supervised': {
+    checkpoints: [{ trigger: 'task-complete', action: 'review' }],
+    approvalRequired: ['all-merges', 'all-deploys']
+  }
+};
+```
+
+### Sprint Metrics
+
+```typescript
+interface SprintMetrics {
+  velocity: { completed: number; planned: number; ratio: number };
+  quality: { bugs: number; coverage: number; score: number };
+  efficiency: { totalTokens: number; parallelization: number };
+  agents: Map<AgentType, { tasks: number; efficiency: number }>;
+}
+
+// Dashboard template
+`
+SPRINT DASHBOARD: ${name}
+────────────────────────────────────
+PROGRESS         QUALITY         AGENTS
+████████░░ 80%   Coverage: 87%   arch: idle
+24/30 tasks      Bugs: 2         dev-1: working
+                 Security: OK    tester: queued
+`
 ```
 
-## Commands
-```bash
-/vision:set
-/sprint:new --propose
-/team:run --mode semi-auto
-/sprint:end
+### Retrospective Framework
+
+```markdown
+## Sprint Retrospective
+
+### Summary
+- Velocity: X/Y tasks (Z%)
+- Quality: Coverage %, Bugs introduced
+- Efficiency: Tokens used, Parallelization ratio
+
+### What Went Well
+1. [Success] - Why it worked - How to replicate
+
+### What Could Improve
+1. [Challenge] - Root cause - Proposed solution
+
+### Action Items
+| Action | Priority | Owner |
+|--------|----------|-------|
+| [Action] | High | [Agent] |
+
+### Learnings to Encode
+- [Pattern to add to agent prompts]
 ```
+
+## Best Practices
+
+| Do | Avoid |
+|----|-------|
+| Define clear success criteria before sprint | Starting without vision and scope |
+| Break tasks small enough for single-agent | Tasks with circular dependencies |
+| Enable maximum parallelization | Skipping quality gates under pressure |
+| Set appropriate autonomy based on risk | Ignoring retrospective insights |
+| Track metrics consistently | Over-committing capacity |
+| Run retrospectives after every sprint | Context-switching agents unnecessarily |
+| Encode learnings into agent prompts | Deploying without automated tests |
+| Use quality gates to prevent regressions | Letting blockers sit unaddressed |
+| Maintain sprint rhythm for predictability | Skipping the retrospective phase |
+| Celebrate wins to build momentum | Forgetting to update documentation |

package/plugin/skills/omega/omega-testing/SKILL.md

@@ -1,71 +1,282 @@
 ---
-name: omega-testing
-description: Comprehensive Omega testing. Use for thorough test coverage.
+name: testing-omega-quality
+description: Implements comprehensive testing across all quality dimensions - accuracy, performance, security, and accessibility. Use when building test strategies or ensuring production-grade quality assurance.
+category: omega
+triggers:
+  - omega testing
+  - comprehensive testing
+  - test strategy
+  - quality assurance
 ---
 
-# Omega Testing Skill
+# Testing Omega Quality
+
+Master **comprehensive testing strategies** covering all quality dimensions - accuracy, performance, security, and accessibility.
+
+## Quick Start
+
+```yaml
+# 1. Define test strategy with 4 dimensions
+TestStrategy:
+  Accuracy: { unit: 80%, integration: 60%, e2e: "critical paths" }
+  Performance: { p95: "<200ms", concurrent: 50 }
+  Security: { injection: true, auth: true, xss: true }
+  Accessibility: { wcag: "2.1 AA", keyboard: true }
+
+# 2. Follow the test pyramid
+Pyramid:
+  Unit: 80%        # Fast, isolated, business logic
+  Component: 70%   # UI components with mocks
+  Integration: 60% # API endpoints, data flow
+  E2E: "critical"  # Happy paths, auth, checkout
+
+# 3. Run quality gates in CI
+Gates: ["coverage > 80%", "no-security-issues", "a11y-pass"]
+```
+
+## Features
+
+| Feature | Description | Guide |
+|---------|-------------|-------|
+| 4D Testing | Accuracy, Performance, Security, Accessibility | Cover all quality dimensions |
+| Test Pyramid | Unit, Component, Integration, E2E layers | More units, fewer E2E |
+| Property-Based | Test with generated inputs | Catch edge cases automatically |
+| Performance | Response time, load, memory testing | Percentile-based thresholds |
+| Security | SQL injection, XSS, auth bypass tests | OWASP-aligned coverage |
+| Accessibility | WCAG compliance, keyboard, screen reader | Automated a11y scanning |
+| Visual Regression | Screenshot comparison testing | Catch UI regressions |
+
+## Common Patterns
+
+### The Omega Test Pyramid
 
-## Testing Pyramid
 ```
-        /\
-       /E2E\
-      /─────\
-     /Integ. \
-    /─────────\
-   /   Unit    \
-  /─────────────\
+            /\
+           /E2E\          <- Critical paths only (slowest)
+          /─────\
+         / Visual \       <- Screenshot comparisons
+        /───────────\
+       / Integration \    <- Service boundaries, APIs
+      /───────────────\
+     /   Component     \  <- UI components isolated
+    /───────────────────\
+   /        Unit         \ <- Fast, business logic (most)
+  /─────────────────────────\
 ```
 
-## Coverage Targets
-- Unit: 80%+
-- Integration: 60%+
-- E2E: Critical paths 100%
+### Four Quality Dimensions
+
+```typescript
+interface OmegaTestSuite {
+  accuracy: {
+    happyPath: Test[];    // Normal use cases
+    edgeCases: Test[];    // Boundary conditions
+    errorCases: Test[];   // Failure handling
+  };
+  performance: {
+    responseTime: Test[]; // p50, p95, p99 latency
+    throughput: Test[];   // Requests per second
+    memory: Test[];       // Leak detection
+  };
+  security: {
+    authentication: Test[];
+    authorization: Test[];
+    injection: Test[];    // SQL, XSS prevention
+  };
+  accessibility: {
+    wcag: Test[];         // WCAG 2.1 AA
+    keyboard: Test[];     // Tab navigation
+    screenReader: Test[]; // ARIA labels
+  };
+}
+```
 
-## Test Categories
+### Unit Testing Patterns
 
-### 1. Happy Path
 ```typescript
-it('creates user successfully', async () => {
-  const user = await createUser({ email: 'test@example.com' });
-  expect(user.email).toBe('test@example.com');
+// Arrange-Act-Assert pattern
+describe('calculateDiscount', () => {
+  it('applies 10% discount for orders over $100', () => {
+    // Arrange
+    const order = createOrder({ subtotal: 150 });
+
+    // Act
+    const result = calculateDiscount(order);
+
+    // Assert
+    expect(result.discount).toBe(15);
+    expect(result.total).toBe(135);
+  });
+});
+
+// Parameterized edge cases
+it.each([
+  ['missing @', 'userexample.com', false],
+  ['valid format', 'user@example.com', true],
+  ['empty string', '', false],
+])('validateEmail %s: %s -> %s', (_desc, email, expected) => {
+  expect(validateEmail(email)).toBe(expected);
+});
+
+// Property-based testing
+it('sorted array has same length as input', () => {
+  fc.assert(fc.property(fc.array(fc.nat()), (arr) => {
+    return sortArray(arr).length === arr.length;
+  }));
 });
 ```
 
-### 2. Edge Cases
+### Integration Testing
+
 ```typescript
-it('handles empty input', () => {
-  expect(() => createUser({ email: '' })).toThrow();
+describe('UserService Integration', () => {
+  let db: TestDatabase;
+
+  beforeAll(async () => { db = await createTestDatabase(); });
+  afterAll(async () => { await cleanupTestDatabase(db); });
+
+  it('persists user to database', async () => {
+    const user = await userService.createUser({
+      email: 'test@example.com', name: 'Test'
+    });
+
+    const dbUser = await db.query('SELECT * FROM users WHERE id = $1', [user.id]);
+    expect(dbUser.email).toBe('test@example.com');
+  });
+
+  it('rolls back transaction on failure', async () => {
+    vi.spyOn(db, 'commit').mockRejectedValueOnce(new Error('DB error'));
+
+    await expect(userService.transfer(from, to, 50)).rejects.toThrow();
+
+    // Verify no changes persisted
+    expect(await userService.getBalance(from)).toBe(originalBalance);
+  });
 });
 ```
 
-### 3. Error Cases
+### Performance Testing
+
 ```typescript
-it('handles database failure', async () => {
-  db.fail();
-  await expect(createUser({})).rejects.toThrow(DatabaseError);
+describe('API Performance', () => {
+  it('responds within SLA', async () => {
+    const times: number[] = [];
+    for (let i = 0; i < 100; i++) {
+      const start = performance.now();
+      await api.get('/users');
+      times.push(performance.now() - start);
+    }
+
+    expect(percentile(times, 50)).toBeLessThan(50);   // p50 < 50ms
+    expect(percentile(times, 95)).toBeLessThan(100);  // p95 < 100ms
+    expect(percentile(times, 99)).toBeLessThan(200);  // p99 < 200ms
+  });
+
+  it('handles concurrent load', async () => {
+    const requests = Array(50).fill(null).map(() => api.get('/users'));
+    const responses = await Promise.all(requests);
+
+    expect(responses.every(r => r.status === 200)).toBe(true);
+  });
 });
 ```
 
-### 4. Performance
+### Security Testing
+
 ```typescript
-it('responds within 100ms', async () => {
-  const start = Date.now();
-  await fetchUsers();
-  expect(Date.now() - start).toBeLessThan(100);
+describe('Security Tests', () => {
+  const sqlPayloads = ["'; DROP TABLE users; --", "' OR '1'='1"];
+  const xssPayloads = ['<script>alert("xss")</script>', '<img onerror=alert(1)>'];
+
+  it.each(sqlPayloads)('prevents SQL injection: %s', async (payload) => {
+    const response = await api.get(`/users?search=${encodeURIComponent(payload)}`);
+    expect(response.status).not.toBe(500);
+    expect(await db.query('SELECT * FROM users')).toBeDefined();
+  });
+
+  it.each(xssPayloads)('escapes XSS payload: %s', async (payload) => {
+    await api.post('/posts', { content: payload });
+    const html = (await api.get('/posts')).body.posts[0].content;
+    expect(html).not.toContain('<script>');
+  });
+
+  it('rate limits login attempts', async () => {
+    for (let i = 0; i < 10; i++) {
+      await api.post('/login', { email: 'x', password: 'wrong' });
+    }
+    const response = await api.post('/login', { email: 'x', password: 'wrong' });
+    expect(response.status).toBe(429);
+  });
 });
 ```
 
-### 5. Security
+### Accessibility Testing
+
 ```typescript
-it('rejects SQL injection', () => {
-  const input = "'; DROP TABLE users; --";
-  expect(() => query(input)).not.toThrow();
+test.describe('Accessibility', () => {
+  test('page has no WCAG violations', async ({ page }) => {
+    await page.goto('/');
+    const results = await new AxeBuilder({ page })
+      .withTags(['wcag2a', 'wcag2aa', 'wcag21aa'])
+      .analyze();
+    expect(results.violations).toEqual([]);
+  });
+
+  test('keyboard navigation works', async ({ page }) => {
+    await page.goto('/');
+    const focusable = 'a, button, input, [tabindex]:not([tabindex="-1"])';
+    const elements = await page.locator(focusable).all();
+
+    for (const _ of elements) {
+      await page.keyboard.press('Tab');
+      const focused = await page.evaluate(() => document.activeElement?.tagName);
+      expect(focused).toBeDefined();
+    }
+  });
+
+  test('images have alt text', async ({ page }) => {
+    const images = await page.locator('img').all();
+    for (const img of images) {
+      expect(await img.getAttribute('alt')).toBeTruthy();
+    }
+  });
 });
 ```
 
-## Omega Quality
-Test for ALL dimensions:
-- Accuracy
-- Performance
-- Security
-- Accessibility
+### E2E Critical Path
+
+```typescript
+test('complete purchase flow', async ({ page }) => {
+  // Login
+  await loginAsTestUser(page);
+
+  // Add to cart
+  await page.goto('/products/test-product');
+  await page.click('[data-testid="add-to-cart"]');
+
+  // Checkout
+  await page.click('[data-testid="checkout-button"]');
+  await page.fill('[data-testid="card-number"]', '4242424242424242');
+  await page.click('[data-testid="place-order"]');
+
+  // Verify
+  await expect(page).toHaveURL(/\/orders\/[a-z0-9-]+/);
+  await expect(page.locator('[data-testid="order-status"]'))
+    .toHaveText('Order Confirmed');
+});
+```
+
+## Best Practices
+
+| Do | Avoid |
+|----|-------|
+| Test all four quality dimensions | Testing only happy paths |
+| Follow the test pyramid (more units) | Relying heavily on E2E tests |
+| Use descriptive test names | Testing implementation details |
+| Test edge cases systematically | Writing flaky tests |
+| Keep tests independent (no shared state) | Using sleep/delays for timing |
+| Use factories for test data | Hardcoding test data |
+| Mock external dependencies in unit tests | Over-mocking in integration tests |
+| Run tests in CI on every commit | Ignoring failing tests |
+| Fix flaky tests immediately | Skipping tests without reason |
+| Chase meaningful coverage, not 100% | Testing framework code |