opencodekit 0.14.4 → 0.14.6

package/dist/template/.opencode/command/analyze-project.md

@@ -1,466 +1,295 @@
 ---
-description: Analyze project health, status, and ready work with metrics
-argument-hint: "[--quick|--deep|--health|--security]"
-agent: explore
-subtask: true
+description: Analyze project health, quality standards, and ready work
+argument-hint: "[--quick|--deep]"
+agent: build
 ---
 
 # Analyze Project
 
-## Load Beads Skill
+Comprehensive project analysis with stack-specific best practices.
 
-```typescript
-skill({ name: "beads" });
-```
+## Arguments
+
+$ARGUMENTS
 
-## Phase 1: Quick Status Dashboard
+---
 
-Run these checks in parallel for speed:
+## Phase 1: Environment Detection
 
-```
-# Git status
-!`git status --short`
-!`git branch --show-current`
-!`git log --oneline -3`
+Detect project type to determine analysis strategy:
 
-# Beads status
-!`bd status`
-!`bd list --status open --limit 5`
-!`bd list --status ready --limit 5`
+```bash
+# Check config files
+ls -la package.json pyproject.toml Cargo.toml go.mod pom.xml build.gradle 2>/dev/null || true
 
-# CI/CD status (GitHub Actions)
-!`gh run list --limit 5`
+# Check lock files for package manager
+ls -la bun.lockb yarn.lock pnpm-lock.yaml package-lock.json 2>/dev/null || true
 
-# Last commit info
-!`git log -1 --format="%h %s (%cr by %an)"`
+# Check for monorepo
+ls -la pnpm-workspace.yaml lerna.json nx.json turbo.json 2>/dev/null || true
 ```
 
-### Status Dashboard Output
+Read the main config file to detect framework:
 
-```markdown
-## Project Status Dashboard
-
-| Category         | Status                | Details                        |
-| ---------------- | --------------------- | ------------------------------ |
-| **Branch**       | `main`                | 3 commits ahead of origin      |
-| **Working Tree** | Clean / Dirty         | X files modified               |
-| **Last Commit**  | `abc123`              | "feat: add auth" (2 hours ago) |
-| **CI Status**    | Pass / Fail / Running | Last run: 2h ago               |
-| **Open Tasks**   | X beads               | Y ready, Z blocked             |
-| **Dependencies** | X outdated            | Y security issues              |
+```typescript
+read({ filePath: "package.json" }); // or pyproject.toml, Cargo.toml, etc.
 ```
 
 ---
 
-## Phase 2: Tech Stack Detection
+## Phase 2: Parallel Research & Discovery
 
-Detect project technology:
+Once stack is detected, launch parallel subagent tasks using the Task tool.
+Run all three in parallel (single message with multiple Task calls):
 
+```typescript
+// Scout: Research best practices for detected stack
+Task({
+  subagent_type: "scout",
+  description: "Best practices research",
+  prompt: `Research best practices for [DETECTED_STACK]:
+    - Code quality standards and linting rules
+    - Testing patterns and coverage expectations
+    - Project structure conventions
+    - Common anti-patterns to avoid
+    Return as actionable checklist with specific recommendations.`,
+});
+
+// Scout: Framework-specific quality standards
+Task({
+  subagent_type: "scout",
+  description: "Quality standards research",
+  prompt: `Research quality standards for [DETECTED_FRAMEWORK]:
+    - Recommended ESLint/Biome/Ruff rules
+    - Type safety requirements
+    - Performance best practices
+    - Security checklist
+    Return as comparison criteria checklist.`,
+});
+
+// Explore: Analyze codebase architecture
+Task({
+  subagent_type: "explore",
+  description: "Architecture analysis",
+  prompt: `Analyze this codebase architecture thoroughly:
+    - Directory structure pattern (feature-based, layer-based, etc.)
+    - Key modules and their responsibilities
+    - Entry points and data flow
+    - Test organization and coverage patterns
+    Return as detailed architecture summary with file paths.`,
+});
 ```
-# Package manager & framework
-!`ls package.json pyproject.toml Cargo.toml go.mod pom.xml build.gradle`
 
-# Read main config (instructional - agent must read this file)
-# Read package.json  # or equivalent
-```
+**Fallback:** If Task tool fails or network is unavailable, use local tools:
 
-### Tech Stack Analysis
-
-| Aspect                | Detection Method          | Example Output                   |
-| --------------------- | ------------------------- | -------------------------------- |
-| **Language**          | File extensions, config   | TypeScript, Python, Rust         |
-| **Framework**         | package.json dependencies | Next.js 14, FastAPI, Axum        |
-| **Package Manager**   | Lock file presence        | npm, pnpm, yarn, bun             |
-| **Testing**           | Test framework in deps    | Jest, Vitest, pytest, cargo test |
-| **Linting**           | Config files              | ESLint, Biome, Ruff              |
-| **Formatting**        | Config files              | Prettier, Biome, Black           |
-| **CI/CD**             | Workflow files            | GitHub Actions, GitLab CI        |
-| **Database**          | Dependencies, .env        | PostgreSQL, SQLite, MongoDB      |
-| **UI Framework**      | Dependencies              | React, Vue, Svelte               |
-| **Component Library** | components.json, deps     | shadcn/ui, MUI, Chakra           |
-
-```markdown
-## Tech Stack
-
-| Category        | Technology | Version |
-| --------------- | ---------- | ------- |
-| Language        | TypeScript | 5.3.x   |
-| Runtime         | Node.js    | 20.x    |
-| Framework       | Next.js    | 14.2    |
-| Package Manager | pnpm       | 8.x     |
-| Testing         | Vitest     | 1.x     |
-| Linting         | Biome      | 1.x     |
-| UI              | shadcn/ui  | latest  |
-| Database        | PostgreSQL | 16      |
-```
+- `repo-map` for architecture analysis
+- `memory-search` for existing project knowledge
+- Skip external research phases
 
 ---
 
-## Phase 3: Health Metrics
-
-### 3.1 Dependency Health
+## Phase 3: Git & Version Control Health
 
 ```bash
-# Node.js
-!`npm outdated --json || pnpm outdated --json`
-!`npm audit --json`
-
-# Python
-!`pip list --outdated`
-!`pip-audit`
-
-# Rust
-!`cargo outdated`
-cargo audit
-```
-
-**Dependency Dashboard:**
+# Current state
+git status --short
+git branch --show-current
+git log --oneline -5
 
-| Metric                   | Value | Status  | Threshold |
-| ------------------------ | ----- | ------- | --------- |
-| Total dependencies       | 45    | -       | -         |
-| Outdated (major)         | 3     | Warning | < 5       |
-| Outdated (minor)         | 8     | OK      | < 20      |
-| Security vulnerabilities | 0     | OK      | 0         |
-| High/Critical vulns      | 0     | OK      | 0         |
+# Commits ahead/behind
+git rev-list --left-right --count origin/main...HEAD 2>/dev/null || true
 
-### 3.2 Test Coverage
+# Recent activity
+git log -1 --format="%h %s (%cr by %an)"
 
-```bash
-# Node.js
-npm test -- --coverage --json
-
-# Python
-pytest --cov --cov-report=json
-
-# Check for coverage config (instructional - agent uses glob tool)
-glob({ pattern: "**/jest.config.*" })
-glob({ pattern: "**/vitest.config.*" })
-glob({ pattern: "**/pytest.ini" })
-glob({ pattern: "**/pyproject.toml" })
+# Uncommitted changes
+git diff --stat
 ```
 
-**Coverage Dashboard:**
+---
+
+## Phase 4: Code Quality Checks
 
-| Metric          | Value | Status  | Threshold |
-| --------------- | ----- | ------- | --------- |
-| Line coverage   | 78%   | Warning | > 80%     |
-| Branch coverage | 65%   | Warning | > 70%     |
-| Uncovered files | 12    | -       | -         |
-| Test count      | 156   | -       | -         |
-| Test pass rate  | 100%  | OK      | 100%      |
+Run quality checks based on detected stack:
 
-### 3.3 Code Quality
+### For TypeScript/JavaScript:
 
 ```bash
-# TypeScript type errors
-!`npx tsc --noEmit 2>&1 | wc -l`
+# Type errors
+npm run typecheck 2>/dev/null || npx tsc --noEmit 2>/dev/null || true
 
-# Linting issues
-!`npm run lint -- --format json 2>/dev/null || npx biome check --reporter=json`
+# Linting
+npm run lint 2>/dev/null || npx biome check . 2>/dev/null || npx eslint . 2>/dev/null || true
 
 # TODO/FIXME count
-!`grep -r "TODO\|FIXME\|HACK\|XXX" src/ --include="*.ts" --include="*.tsx" | wc -l`
+grep -r "TODO\|FIXME\|HACK\|XXX" src/ --include="*.ts" --include="*.tsx" 2>/dev/null | wc -l || echo "0"
 ```
 
-**Quality Dashboard:**
+### For Python:
 
-| Metric                 | Value | Status  | Threshold |
-| ---------------------- | ----- | ------- | --------- |
-| Type errors            | 0     | OK      | 0         |
-| Lint errors            | 5     | Warning | 0         |
-| Lint warnings          | 23    | OK      | < 50      |
-| TODO/FIXME             | 15    | Info    | < 30      |
-| Console.log statements | 3     | Warning | 0         |
+```bash
+# Type checking
+mypy . 2>/dev/null || true
 
-### 3.4 Documentation Status
+# Linting
+ruff check . 2>/dev/null || pylint **/*.py 2>/dev/null || true
 
+# TODO count
+grep -r "TODO\|FIXME" . --include="*.py" 2>/dev/null | wc -l || echo "0"
 ```
-# Check for docs
-!`ls README.md CHANGELOG.md CONTRIBUTING.md docs/ 2>/dev/null`
 
-# README freshness
-!`git log -1 --format="%cr" -- README.md`
+### For Rust:
 
-# API docs
-!`ls docs/api/ openapi.yaml swagger.json 2>/dev/null`
+```bash
+cargo check 2>/dev/null || true
+cargo clippy 2>/dev/null || true
 ```
 
-**Documentation Dashboard:**
-
-| Document        | Status  | Last Updated |
-| --------------- | ------- | ------------ |
-| README.md       | Present | 5 days ago   |
-| CHANGELOG.md    | Present | 2 days ago   |
-| CONTRIBUTING.md | Missing | -            |
-| API docs        | Present | 1 week ago   |
-| AGENTS.md       | Present | 3 days ago   |
-
 ---
 
-## Phase 4: Detailed Analysis (--deep)
-
-**For large codebases (>100KB of source):**
-
-skill({ name: "gemini-large-context" })
-
-### 4.1 Architecture Analysis
-
-```typescript
-gemini({ prompt: "@src/
-Describe:
-1. Overall architecture pattern (MVC, Clean, Hexagonal, etc.)
-2. Key modules and their responsibilities
-3. Data flow between components
-4. External dependencies and integrations
-5. Areas of high complexity" });
-```
-
-### 4.2 Test Gap Analysis
-
-```typescript
-gemini({ prompt: "@src/ @tests/
-Assess test coverage:
-- Which modules have tests?
-- Which are missing tests?
-- Test quality (unit vs integration)
-- Edge cases covered
-- Critical paths without tests" });
-```
-
-### 4.3 Code Smell Detection
-
-```typescript
-gemini({ prompt: "@src/
-Identify code smells:
-- Duplicated code
-- Long functions (>50 lines)
-- Deep nesting (>4 levels)
-- God objects/files
-- Overly complex conditions" });
-```
-
-### 4.4 Security Analysis (--security)
+## Phase 5: Test Health
 
 ```bash
-# Automated scans
-!`npm audit`
-!`npx snyk test 2>/dev/null || true`
-
-# Pattern-based detection
-!`grep -r "password\s*=" src/ --include="*.ts" || true`
-!`grep -r "api_key\s*=" src/ --include="*.ts" || true`
-!`grep -r "secret" src/ --include="*.ts" || true`
-
-# Deep analysis with Gemini
-gemini -p "@src/ @api/
-Security review:
-- Input validation practices
-- Authentication/authorization patterns
-- SQL injection protections
-- XSS prevention measures
-- Secrets in code
-- CORS configuration"
+# Run tests with coverage if available
+npm test -- --coverage 2>/dev/null || \
+bun test --coverage 2>/dev/null || \
+pytest --cov 2>/dev/null || \
+cargo test 2>/dev/null || \
+go test ./... 2>/dev/null || \
+echo "No test runner detected"
 ```
 
-**Security Dashboard:**
-
-| Check             | Status  | Issues                    |
-| ----------------- | ------- | ------------------------- |
-| npm audit         | Pass    | 0 vulnerabilities         |
-| Hardcoded secrets | Warning | 2 potential matches       |
-| Auth patterns     | OK      | Using established library |
-| Input validation  | Warning | 5 unvalidated endpoints   |
-| CORS              | OK      | Properly configured       |
-
 ---
 
-## Phase 5: Ready Work
+## Phase 6: Dependency & Security Health
 
-Find actionable tasks with no blockers:
-
-```
-!`bd list --status ready --limit 10`
-```
-
-### Ready Work Table
-
-| ID     | Title         | Type    | Priority | Tags        |
-| ------ | ------------- | ------- | -------- | ----------- |
-| bd-123 | Add user auth | feature | P1       | backend     |
-| bd-124 | Fix login bug | bug     | P0       | urgent      |
-| bd-125 | Update deps   | task    | P2       | maintenance |
-
-**Blocked Work:**
+```bash
+# Outdated dependencies
+npm outdated 2>/dev/null || pnpm outdated 2>/dev/null || pip list --outdated 2>/dev/null || true
 
-```
-!`bd list --status blocked --limit 5`
+# Security audit
+npm audit 2>/dev/null || pip-audit 2>/dev/null || cargo audit 2>/dev/null || true
 ```
 
-| ID     | Title          | Blocked By | Action Needed       |
-| ------ | -------------- | ---------- | ------------------- |
-| bd-130 | Deploy to prod | bd-124     | Fix login bug first |
-
 ---
 
-## Phase 6: Health Score
-
-Calculate overall project health:
+## Phase 7: CI/CD & Documentation Health
 
-```
-Health Score = 100 - (penalties)
-
-Penalties:
-- Each high/critical vulnerability: -10 (max -30)
-- Each major outdated dependency: -2 (max -10)
-- Type errors present: -15
-- Test coverage < 80%: -10
-- Test coverage < 60%: -20
-- CI failing: -20
-- No README: -5
-- No CHANGELOG: -3
-- Lint errors > 0: -5
-- TODO count > 50: -5
-
-Score interpretation:
-90-100: Excellent - Ship with confidence
-75-89: Good - Minor issues to address
-60-74: Fair - Technical debt accumulating
-< 60: Poor - Significant attention needed
-```
-
-### Health Score Output
-
-```markdown
-## Project Health Score: 82/100 (Good)
-
-### Score Breakdown
-
-| Category      | Score | Notes                    |
-| ------------- | ----- | ------------------------ |
-| Security      | 20/20 | No vulnerabilities       |
-| Dependencies  | 18/20 | 2 major outdated         |
-| Tests         | 15/20 | 78% coverage (below 80%) |
-| Code Quality  | 15/20 | 5 lint errors            |
-| CI/CD         | 10/10 | Passing                  |
-| Documentation | 4/10  | Missing CONTRIBUTING.md  |
+```bash
+# CI status (GitHub Actions)
+gh run list --limit 3 2>/dev/null || true
 
-### Priority Actions
+# Documentation presence
+ls -la README.md CHANGELOG.md CONTRIBUTING.md AGENTS.md docs/ 2>/dev/null || true
 
-1. **Fix 5 lint errors** → `npm run lint -- --fix`
-2. **Increase test coverage** → Focus on uncovered files
-3. **Update 2 major deps** → `npm update`
-4. **Add CONTRIBUTING.md** → Document contribution process
+# README freshness
+git log -1 --format="%cr" -- README.md 2>/dev/null || true
 ```
 
 ---
 
-## Phase 7: Recommendations & Actions
-
-Based on analysis, generate actionable recommendations:
-
-### Immediate Actions
+## Phase 8: Task/Work Health (if Beads configured)
 
-| Priority | Issue            | Command                 | Bead Created |
-| -------- | ---------------- | ----------------------- | ------------ |
-| P0       | CI failing       | Check `gh run view`     | -            |
-| P1       | 2 security vulns | `npm audit fix`         | bd-xxx       |
-| P2       | 5 lint errors    | `npm run lint -- --fix` | -            |
-
-### Create Beads for Issues
+```bash
+bd status 2>/dev/null || echo "Beads not configured"
+bd ready 2>/dev/null || true
+bd blocked 2>/dev/null || true
+```
 
-For significant findings, create tracking issues:
+---
 
-```bash
-# For security vulnerabilities
-bd create "[Security] Fix npm audit vulnerabilities" -t bug -p 1  # Keep as instructional
+## Phase 9: Integrate Research Results
 
-# For test coverage
-bd create "[Quality] Increase test coverage to 80%" -t task -p 2  # Keep as instructional
-```
+Task tool returns results directly - no collection needed.
+Integrate findings from Phase 2 subagents into the report:
 
-### Suggested Follow-up Commands
+1. **Best practices checklist** → Compare against Phase 4 quality results
+2. **Quality standards** → Use as criteria for Health Score calculation
+3. **Architecture summary** → Include in report Architecture section
 
-Based on findings:
+If subagents failed in Phase 2, use fallback data:
 
-| Finding               | Suggested Command                     |
-| --------------------- | ------------------------------------- |
-| Ready tasks available | `/implement <bead-id>`                |
-| Test coverage low     | `/research test coverage strategies`  |
-| Security issues       | `/fix security`                       |
-| Outdated deps         | `npm update` or `/research migration` |
-| Architecture unclear  | `/research architecture`              |
-| Design system issues  | `/design-audit codebase`              |
+- Check `memory-read({ file: "project/architecture" })` for cached architecture
+- Use `repo-map` output for structure analysis
+- Skip best practices comparison (mark as "N/A - offline mode")
 
 ---
 
-## Output Modes
+## Phase 10: Generate Report
 
-### --quick (Default)
+Compile all findings into a comprehensive report:
 
-- Status dashboard only
-- Ready work list
-- ~30 seconds
+```markdown
+# Project Analysis Report
 
-### --health
+**Generated:** [DATE]
+**Stack:** [DETECTED_STACK]
+**Framework:** [DETECTED_FRAMEWORK]
 
-- Quick status + health metrics
-- Dependency/security scan
-- Health score
-- ~2-3 minutes
+## Health Score: X/100
 
-### --deep
+| Category      | Score | Status  | Notes             |
+| ------------- | ----- | ------- | ----------------- |
+| Security      | X/20  | OK/Warn | X vulnerabilities |
+| Code Quality  | X/20  | OK/Warn | X lint errors     |
+| Test Coverage | X/20  | OK/Warn | X% coverage       |
+| Dependencies  | X/20  | OK/Warn | X outdated        |
+| Documentation | X/20  | OK/Warn | X missing         |
 
-- Full analysis including Gemini-powered insights
-- Architecture, test gaps, code smells
-- ~10-15 minutes
+## Current State vs Best Practices
 
-### --security
+Based on [FRAMEWORK] best practices research:
 
-- Security-focused analysis
-- npm audit, secret detection, pattern analysis
-- Gemini security review
-- ~5-10 minutes
+| Practice            | Expected    | Actual   | Status |
+| ------------------- | ----------- | -------- | ------ |
+| Type Safety         | Strict mode | ...      | ✓/✗    |
+| Test Coverage       | >80%        | X%       | ✓/✗    |
+| Linting             | Zero errors | X errors | ✓/✗    |
+| Dependency Security | No vulns    | X vulns  | ✓/✗    |
 
----
+## Architecture Summary
 
-## Examples
+[From explore agent]
 
-```bash
-# Quick status check
-/analyze-project
+## Priority Recommendations
 
-# Full health assessment
-/analyze-project --health
+1. **[HIGH]** [Action based on findings]
+2. **[MEDIUM]** [Action based on findings]
+3. **[LOW]** [Action based on findings]
 
-# Deep analysis for large codebase
-/analyze-project --deep
+## Ready Work
 
-# Security audit
-/analyze-project --security
+| ID  | Title | Priority | Type |
+| --- | ----- | -------- | ---- |
+| ... | ...   | ...      | ...  |
 ```
 
 ---
 
-## Storage
+## Phase 11: Save to Memory
 
-Save analysis to `.opencode/memory/project/analysis-[YYYY-MM-DD].md` for trend tracking.
-
-Compare with previous analysis:
+Save report for trend tracking:
 
 ```typescript
-glob({ pattern: ".opencode/memory/project/analysis-*.md" });
-// Then read each matched file
+memory_update({
+  file: "project/analysis-[YYYY-MM-DD]",
+  content: "[GENERATED_REPORT]",
+  mode: "replace",
+});
 ```
 
 ---
 
-## Related Commands
+## Output Modes
+
+### --quick (Default)
+
+- Phase 1, 3, 8 only
+- ~30 seconds
+- Basic status dashboard
+
+### --deep
 
-| Need                | Command                               |
-| ------------------- | ------------------------------------- |
-| Start ready work    | `/implement <bead-id>`                |
-| Review codebase     | `/review-codebase`                    |
-| Check design system | `/design-audit`                       |
-| Security deep dive  | `/research security best practices`   |
-| Dependency update   | `/research migration to [package] vX` |
+- All phases including subagent research
+- ~3-5 minutes
+- Full analysis with best practices comparison