openhermes 2.8.0 → 4.0.0

package/curator.mjs

@@ -1,482 +0,0 @@
-import path from "node:path"
-import fs from "node:fs"
-import { findUnsupportedSchemaKeywords, validateSchema } from "./lib/schema-validator.mjs"
-import { atomicWriteJson, buildEnvironmentFingerprint, fingerprintFile, readJson, redactSensitiveText, sanitizeRecord, truncateText } from "./lib/hardening.mjs"
-import { fileURLToPath } from "node:url"
-import { dirname } from "node:path"
-import { getDataRoot, getMemoryRoot } from "./lib/paths.mjs"
-
-const __dirname = dirname(fileURLToPath(import.meta.url))
-
-const CHECKPOINT_DEBOUNCE_MS = 300000
-const COMPACTION_CONTEXT_LIMIT = 12000
-const lastCheckpoint = { ts: 0 }
-const writtenThisSession = []
-const CURATOR_LOGS = /^(1|true|yes)$/i.test(process.env.OPENCODE_CURATOR_LOGS || "")
-
-const MEMORY_CLASSES = ["checkpoints", "mistakes", "audits", "verification_receipts", "constraints", "decisions", "instincts", "backlog"]
-
-function ensureConsistency(root) {
-  const memoryRoot = path.join(root, "memory")
-  const runtimeRoot = path.join(root, "runtime")
-
-  for (const cls of MEMORY_CLASSES) {
-    const dir = path.join(memoryRoot, cls)
-    fs.mkdirSync(dir, { recursive: true })
-    const indexPath = path.join(dir, "index.json")
-    if (!fs.existsSync(indexPath)) {
-      atomicWriteJson(indexPath, [])
-    }
-  }
-
-  fs.mkdirSync(runtimeRoot, { recursive: true })
-  const loopStatePath = path.join(runtimeRoot, "loop-state.json")
-  if (!fs.existsSync(loopStatePath)) {
-    atomicWriteJson(loopStatePath, { status: "idle", phase: "session.created" })
-  }
-}
-
-function curatorLog(message) {
-  if (!CURATOR_LOGS) return
-  process.stderr.write(`${message}\n`)
-}
-
-function isMeaningfulText(value) {
-  return typeof value === "string" && value.trim().length > 0 && !/^(n\/a|none|tbd|placeholder|pending|session in progress|no active checkpoint content)$/i.test(value.trim())
-}
-
-function safeLogMessage(message, limit = 160) {
-  return truncateText(redactSensitiveText(message || ""), limit)
-}
-
-function indexEntry(root, plural, record) {
-  const indexPath = path.join(root, "memory", plural, "index.json")
-  let index = readJson(indexPath, [])
-  if (!Array.isArray(index)) index = []
-  const entry = {
-    id: record.id,
-    summary: record.summary,
-    status: record.status,
-    updated_at: record.updated_at || record.created_at,
-    path: `openhermes/memory/${plural}/${record.id}.json`
-  }
-  const existing = index.findIndex(e => e.id === record.id)
-  if (existing >= 0) index[existing] = entry
-  else index.push(entry)
-  atomicWriteJson(indexPath, index)
-}
-
-function updateLoopState(root, patch) {
-  const statePath = path.join(root, "runtime", "loop-state.json")
-  const state = readJson(statePath, null) || {}
-  const next = {
-    ...state,
-    ...patch,
-    updated_at: patch.updated_at || new Date().toISOString(),
-  }
-  const schema = loadSchema("loop-state")
-  if (!schema) return false
-  const unsupported = findUnsupportedSchemaKeywords(schema)
-  if (unsupported.length) return false
-  const errors = validateSchema(schema, next, "$")
-  if (errors.length) return false
-  atomicWriteJson(statePath, next)
-  return true
-}
-
-function loadSchema(classId) {
-  const fp = path.join(__dirname, "schemas", `${classId}.schema.json`)
-  try { return JSON.parse(fs.readFileSync(fp, "utf8")) } catch { return null }
-}
-
-function validateRecordAgainstSchema(record) {
-  const schema = loadSchema(record.class)
-  if (!schema) {
-    curatorLog(`[curator] validation fallback: no schema for "${record.class}"`)
-    const required = record.class === "checkpoint"
-      ? ["id", "class", "summary", "mission", "current_state", "next_actions", "blockers", "risk_notes", "provenance", "created_at", "status"]
-      : ["id", "class", "summary", "provenance", "created_at", "status"]
-    const missing = required.filter(r => !record[r] && record[r] !== null)
-    if (missing.length) {
-      curatorLog(`[curator] validation failed: missing ${missing.join(", ")}`)
-      return false
-    }
-    if (record.class === "checkpoint" && record.provenance && !record.provenance.session_id) {
-      curatorLog(`[curator] validation failed: missing session_id`)
-      return false
-    }
-    return true
-  }
-  const unsupported = findUnsupportedSchemaKeywords(schema)
-  if (unsupported.length) {
-    curatorLog(`[curator] validation failed: unsupported fields ${unsupported.join(", ")}`)
-    return false
-  }
-  const errors = validateSchema(schema, record, "$")
-  if (errors.length) {
-    curatorLog(`[curator] validation failed: ${errors.join("; ")}`)
-    return false
-  }
-  if (record.class === "checkpoint") {
-    const requiredText = [record.mission, record.current_state]
-    if (!requiredText.every(isMeaningfulText)) return false
-    if (!Array.isArray(record.next_actions) || record.next_actions.length === 0) return false
-    if (!Array.isArray(record.blockers) || record.blockers.length === 0) return false
-    if (!Array.isArray(record.risk_notes) || record.risk_notes.length === 0) return false
-  }
-  return true
-}
-
-async function writeCheckpoint(root, project, directory, trigger, summary, options = {}) {
-  const now = Date.now()
-  if (!options.force && now - lastCheckpoint.ts < CHECKPOINT_DEBOUNCE_MS) return null
-  lastCheckpoint.ts = now
-
-  const ts = new Date().toISOString()
-  const id = `chk_${ts.replace(/[:.]/g, "-")}`
-  const environmentFingerprint = buildEnvironmentFingerprint(root, directory, project)
-  const isCompaction = trigger === "experimental.session.compacting"
-  const record = {
-    id,
-    class: "checkpoint",
-    scope: "session",
-    summary: summary || (isCompaction ? `Pre-compaction checkpoint for ${project?.name || path.basename(directory)}` : `Idle checkpoint for ${project?.name || path.basename(directory)}`),
-    mission: isCompaction
-      ? "Preserve the current OpenHermes runtime state before compaction trims working context."
-      : "Preserve the current OpenHermes session state so the next turn can resume safely.",
-    current_state: isCompaction
-      ? "A compaction run is starting; runtime memory, recall freshness, and loop-state validation are being hardened before context is reduced."
-      : "The session is idle and the curator is maintaining durable state, schema validation, and memory hygiene for the next turn.",
-    next_actions: isCompaction
-      ? [
-          "Verify the pre-compaction checkpoint was written and indexed.",
-          "Inject only fresh recall context into the compaction buffer.",
-          "Confirm loop-state writes remain schema-valid after compaction.",
-        ]
-      : [
-          "Keep loop-state and memory writes atomic.",
-          "Redact sensitive text before persisting new records.",
-          "Recheck stale recall cache handling on the next compaction pass.",
-        ],
-    blockers: [
-      "No blocking runtime failure is present; this checkpoint captures a safe handoff state.",
-    ],
-    risk_notes: isCompaction
-      ? [
-          "A stale recall cache can reintroduce outdated compaction context if fingerprints drift.",
-          "Loop-state writes must continue to satisfy the required status, phase, heartbeat_at, and updated_at fields.",
-        ]
-      : [
-          "Placeholder checkpoint content is no longer acceptable for durable handoff.",
-          "Sensitive text must be redacted before memory persistence.",
-        ],
-    provenance: {
-      session_id: project?.session_id || `session-${Date.now()}`,
-      harness_root: root,
-      project_root: directory,
-    },
-    description: `Auto-curated checkpoint from curator plugin on ${trigger}`,
-    source: "agent",
-    status: "active",
-    created_at: ts,
-    updated_at: ts,
-    project: project?.name || path.basename(directory),
-    environment_fingerprint: environmentFingerprint,
-  }
-  const safeRecord = sanitizeRecord(record, { maxStringLength: 4000 })
-  if (!validateRecordAgainstSchema(safeRecord)) return null
-  const dir = path.join(root, "memory", "checkpoints")
-  atomicWriteJson(path.join(dir, `${id}.json`), safeRecord)
-  indexEntry(root, "checkpoints", safeRecord)
-  updateLoopState(root, {
-    last_checkpoint_id: id,
-    phase: trigger,
-    heartbeat_at: ts,
-    updated_at: ts,
-    status: trigger === "experimental.session.compacting" ? "active" : "idle",
-  })
-  if (writtenThisSession.length >= 100) writtenThisSession.shift()
-  writtenThisSession.push(id)
-  curatorLog(`[curator] checkpoint written: ${id} (trigger: ${trigger})`)
-  return id
-}
-
-function writeMistakeRecord(root, project, directory, error) {
-  const ts = new Date().toISOString()
-  const errorMsg = typeof error === "object" && error !== null
-    ? (error.message || JSON.stringify(error).slice(0, 200))
-    : (error?.toString() || "Unknown error")
-  const safeErrorMsg = truncateText(redactSensitiveText(errorMsg), 200)
-  const id = `mist_${ts.replace(/[:.]/g, "-")}`
-  const environmentFingerprint = buildEnvironmentFingerprint(root, directory, project)
-  const record = {
-    id,
-    class: "mistake",
-    scope: "harness",
-    summary: `Session error: ${safeErrorMsg}`,
-    failure: `Session error: ${safeErrorMsg}`,
-    root_cause: safeErrorMsg,
-    provenance: {
-      session_id: project?.session_id || `session-${Date.now()}`,
-      harness_root: root,
-      project_root: directory,
-    },
-    source: "agent",
-    type: "other",
-    fix: `Auto-generated - investigate via session_id: ${project?.session_id || "unknown"}`,
-    prevention: "curator.js writeMistakeRecord must validate against mistake.schema.json",
-    strike: 1,
-    status: "active",
-    created_at: ts,
-    updated_at: ts,
-    project: project?.name || path.basename(directory),
-    environment_fingerprint: environmentFingerprint,
-  }
-  const dir = path.join(getMemoryRoot(), "mistakes")
-  fs.mkdirSync(dir, { recursive: true })
-  const fp = path.join(dir, "mistakes.jsonl")
-  const safeRecord = sanitizeRecord(record, { maxStringLength: 4000 })
-  let entries = []
-  try { entries = fs.readFileSync(fp, "utf8").trim().split("\n").filter(Boolean).map(l => JSON.parse(l)) } catch {}
-  const idx = entries.findIndex(e => e.id === safeRecord.id)
-  if (idx >= 0) entries[idx] = safeRecord; else entries.push(safeRecord)
-  const text = entries.map(e => JSON.stringify(e)).join("\n")
-  fs.writeFileSync(fp, text ? text + "\n" : "", "utf8")
-  curatorLog(`[curator] mistake logged: ${id} - ${safeLogMessage(errorMsg, 80)}`)
-  return id
-}
-
-function writeVerificationReceipt(root, project, directory, checkpointId) {
-  const ts = new Date().toISOString()
-  const id = `vr_${ts.replace(/[:.]/g, "-")}`
-  const artifactPath = path.join(root, "memory", "checkpoints", `${checkpointId}.json`)
-  const environmentFingerprint = buildEnvironmentFingerprint(root, directory, project)
-  const record = {
-    id,
-    class: "verification_receipt",
-    scope: "session",
-    summary: `Auto-verification receipt for checkpoint ${checkpointId}`,
-    artifact: `openhermes/memory/checkpoints/${checkpointId}.json`,
-    artifact_type: "file",
-    fingerprint: fingerprintFile(artifactPath) || { path: `openhermes/memory/checkpoints/${checkpointId}.json` },
-    environment: {
-      cwd: directory,
-      os: "win32",
-      shell: "cmd.exe",
-      provider: "lmstudio"
-    },
-    method: "manual-inspection",
-    command: `curator.js auto-verification on session.idle`,
-    result: "pass",
-    result_detail: `Checkpoint ${checkpointId} written and indexed. Session completed successfully.`,
-    provenance: {
-      session_id: project?.session_id || `session-${Date.now()}`,
-      harness_root: root,
-      project_root: directory,
-    },
-    confidence: 0.8,
-    source: "agent",
-    status: "active",
-    created_at: ts,
-    updated_at: ts,
-    project: project?.name || path.basename(directory),
-    environment_fingerprint: environmentFingerprint,
-  }
-  const dir = path.join(root, "memory", "verification_receipts")
-  const safeRecord = sanitizeRecord(record, { maxStringLength: 4000 })
-  atomicWriteJson(path.join(dir, `${id}.json`), safeRecord)
-  indexEntry(root, "verification_receipts", safeRecord)
-  curatorLog(`[curator] verification_receipt written: ${id}`)
-  return id
-}
-
-async function handleSessionIdle(directory, project) {
-  try {
-    const root = getDataRoot()
-    const checkpointId = await writeCheckpoint(root, project, directory, "session.idle", null)
-    if (checkpointId) {
-      writeVerificationReceipt(root, project, directory, checkpointId)
-    }
-  } catch (err) {
-    curatorLog(`[curator] handleSessionIdle error: ${safeLogMessage(err.message)}`)
-  }
-}
-
-async function handleSessionCompacted(directory, project) {
-  try {
-    const root = getDataRoot()
-    const ts = new Date().toISOString()
-    updateLoopState(root, {
-      status: "compacted",
-      last_gate_result: "compaction completed",
-      phase: "session.compacted",
-      heartbeat_at: ts,
-      updated_at: ts,
-    })
-  } catch (err) {
-    curatorLog(`[curator] handleSessionCompacted error: ${safeLogMessage(err.message)}`)
-  }
-}
-
-async function handleSessionError(directory, project, event) {
-  try {
-    const root = getDataRoot()
-    const ts = new Date().toISOString()
-    const errorMsg = typeof event?.error === "object" && event.error !== null
-      ? (event.error.message || JSON.stringify(event.error).slice(0, 200))
-      : (event?.error?.toString() || event?.message || "Unknown error")
-    const safeErrorMsg = safeLogMessage(errorMsg, 200)
-    updateLoopState(root, {
-      status: "error",
-      phase: "session.error",
-      last_error: safeErrorMsg,
-      heartbeat_at: ts,
-      updated_at: ts,
-    })
-    writeMistakeRecord(root, project, directory, event.error || event)
-  } catch (err) {
-    curatorLog(`[curator] handleSessionError error: ${safeLogMessage(err.message)}`)
-  }
-}
-
-async function handlePermissionReplied(directory, project, event) {
-  try {
-    const root = getDataRoot()
-    const ts = new Date().toISOString()
-    const id = `audit_perm_${ts.replace(/[:.]/g, "-")}`
-    const environmentFingerprint = buildEnvironmentFingerprint(root, directory, project)
-    const record = {
-      id,
-      class: "audit",
-      scope: "harness",
-      summary: `Permission reply: ${event.action || "?"} for ${event.tool || "?"}`,
-      target: event.tool || "unknown",
-      description: `Permission decision: ${event.action || "?"} - tool: ${event.tool || "?"}, pattern: ${event.pattern || "?"}`,
-      overall_score: 0,
-      checks: [
-        {
-          name: "permission decision audit",
-          status: "pass",
-          details: `Permission ${event.action || "?"} logged for tool ${event.tool || "?"}`,
-        },
-      ],
-      top_actions: [
-        "Auto-recorded permission event — no manual remediation needed.",
-      ],
-      integrity: {
-        refs_ok: true,
-        provenance_ok: true,
-        duplicates_ok: true,
-      },
-      provenance: {
-        session_id: project?.session_id || `session-${Date.now()}`,
-        harness_root: root,
-        project_root: directory,
-      },
-      source: "agent",
-      status: "closed",
-      created_at: ts,
-      updated_at: ts,
-      project: project?.name || path.basename(directory),
-      environment_fingerprint: environmentFingerprint,
-    }
-    const safeRecord = sanitizeRecord(record, { maxStringLength: 4000 })
-    const auditSchema = loadSchema("audit")
-    if (auditSchema) {
-      const unsupported = findUnsupportedSchemaKeywords(auditSchema)
-      if (!unsupported.length) {
-        const errors = validateSchema(auditSchema, safeRecord, "$")
-        if (errors.length) return
-      }
-    }
-    const dir = path.join(root, "memory", "audits")
-    atomicWriteJson(path.join(dir, `${id}.json`), safeRecord)
-    indexEntry(root, "audits", safeRecord)
-    curatorLog(`[curator] permission audit logged: ${event.tool} -> ${event.action}`)
-  } catch (err) {
-    curatorLog(`[curator] handlePermissionReplied error: ${safeLogMessage(err.message)}`)
-  }
-}
-
-export const CuratorPlugin = async ({ project, directory }) => {
-  return {
-    event: async ({ event }) => {
-      // A1: v1 migration owned by autorecall.mjs — removed to avoid race
-      if (event.type === "session.created") {
-        lastCheckpoint.ts = 0
-        writtenThisSession.length = 0
-        try {
-          const root = getDataRoot()
-          ensureConsistency(root)
-          curatorLog("[curator] consistency repair: all memory/runtime dirs verified")
-        } catch (err) {
-          curatorLog(`[curator] consistency repair failure: ${safeLogMessage(err.message)}`)
-        }
-      }
-      if (event.type === "session.idle") {
-        await handleSessionIdle(directory, project)
-      } else if (event.type === "session.compacted") {
-        await handleSessionCompacted(directory, project)
-      } else if (event.type === "session.error") {
-        await handleSessionError(directory, project, event)
-      } else if (event.type === "permission.replied") {
-        await handlePermissionReplied(directory, project, event)
-    } else if (event.type === "command.executed") {
-      curatorLog(`[curator] command executed: ${event.command || "?"}`)
-    }
-  },
-  "experimental.session.compacting": async (input, output) => {
-    try {
-      const root = getDataRoot()
-      const projectKey = project?.name || path.basename(directory)
-      const checkpointIndex = readJson(path.join(root, "memory", "checkpoints", "index.json"), [])
-      const constraintsIndex = readJson(path.join(root, "memory", "constraints", "index.json"), [])
-      const environmentFingerprint = buildEnvironmentFingerprint(root, directory, project)
-      const preCompactionCheckpointId = await writeCheckpoint(root, project, directory, "experimental.session.compacting", `Pre-compaction checkpoint for ${projectKey}`, { force: true })
-
-      const latestCheckpoint = Array.isArray(checkpointIndex) && checkpointIndex.length > 0
-        ? checkpointIndex.sort((a, b) => new Date(b.updated_at) - new Date(a.updated_at))[0]
-        : null
-
-      const activeConstraints = Array.isArray(constraintsIndex)
-        ? constraintsIndex.filter(c => c.status === "active")
-        : []
-
-      const inject = [
-        `## OpenHermes State`,
-        `- Project: ${projectKey}`,
-        `- Latest checkpoint: ${latestCheckpoint ? latestCheckpoint.summary : "none"}`,
-        preCompactionCheckpointId ? `- Pre-compaction checkpoint: ${preCompactionCheckpointId}` : null,
-        `- Active constraints: ${activeConstraints.length}`,
-        `- Memory writes this session: ${writtenThisSession.length}`,
-        writtenThisSession.length > 0 ? `- Recent writes: ${writtenThisSession.slice(-3).join(", ")}` : null,
-        `- Session hook: experimental.session.compacting`,
-      ].filter(Boolean).join("\n")
-
-      const recallCache = readJson(path.join(root, "memory", "recall", "cache.json"), null)
-      const cacheMatches = recallCache && recallCache.fingerprint && recallCache.fingerprint.sha256 === environmentFingerprint.sha256
-      const cacheFresh = cacheMatches && recallCache.freshness_marker && recallCache.freshness_marker.updated_at
-        ? (Date.now() - Date.parse(recallCache.freshness_marker.updated_at) <= (recallCache.freshness_marker.ttl_ms || 0))
-        : false
-      const contextSink = Array.isArray(output.context) ? output.context : (output.context = [])
-      if (recallCache && recallCache.context && cacheFresh) {
-        const merged = truncateText(`${inject}\n\n${recallCache.context}`, COMPACTION_CONTEXT_LIMIT)
-        contextSink.push(merged)
-        curatorLog(`[curator] compaction injected harness state + autorecall (${merged.length} chars)`)
-      } else {
-        contextSink.push(truncateText(inject, COMPACTION_CONTEXT_LIMIT))
-        curatorLog(`[curator] compaction injected harness state (stale or missing autorecall cache)`)
-      }
-      updateLoopState(root, {
-        phase: "compress",
-        heartbeat_at: new Date().toISOString(),
-        status: "active",
-      })
-    } catch (err) {
-      curatorLog(`[curator] compaction error: ${safeLogMessage(err.message)}`)
-      const contextSink = Array.isArray(output.context) ? output.context : (output.context = [])
-      contextSink.push(truncateText(`## OpenHermes State\n- Project: ${project?.name || path.basename(directory)}\n- Hook: experimental.session.compacting (error state)\n`, COMPACTION_CONTEXT_LIMIT))
-    }
-    },
-  }
-}

package/harness/commands/build-fix.md

@@ -1,60 +0,0 @@
----
-description: Fix build and TypeScript errors with minimal changes
-agent: build-error-resolver
-subtask: true
----
-
-# Build Fix Command
-
-Fix build and TypeScript errors with minimal changes: $ARGUMENTS
-
-## Current type errors
-
-!npx tsc --noEmit 2>&1 || echo "tsc not available or no errors"
-
-## Your Task
-
-1. **Run type check**: `npx tsc --noEmit`
-2. **Collect all errors**
-3. **Fix errors one by one** with minimal changes
-4. **Verify each fix** doesn't introduce new errors
-5. **Run final check** to confirm all errors resolved
-
-## Approach
-
-### DO:
-- PASS: Fix type errors with correct types
-- PASS: Add missing imports
-- PASS: Fix syntax errors
-- PASS: Make minimal changes
-- PASS: Preserve existing behavior
-- PASS: Run `tsc --noEmit` after each change
-
-### DON'T:
-- FAIL: Refactor code
-- FAIL: Add new features
-- FAIL: Change architecture
-- FAIL: Use `any` type (unless absolutely necessary)
-- FAIL: Add `@ts-ignore` comments
-- FAIL: Change business logic
-
-## Common Error Fixes
-
-| Error | Fix |
-|-------|-----|
-| Type 'X' is not assignable to type 'Y' | Add correct type annotation |
-| Property 'X' does not exist | Add property to interface or fix property name |
-| Cannot find module 'X' | Install package or fix import path |
-| Argument of type 'X' is not assignable | Cast or fix function signature |
-| Object is possibly 'undefined' | Add null check or optional chaining |
-
-## Verification Steps
-
-After fixes:
-1. `npx tsc --noEmit` - should show 0 errors
-2. `npm run build` - should succeed
-3. `npm test` - tests should still pass
-
----
-
-**IMPORTANT**: Focus on fixing errors only. No refactoring, no improvements, no architectural changes. Get the build green with minimal diff.

package/harness/commands/checkpoint.md

@@ -1,68 +0,0 @@
----
-description: Save verification state and progress checkpoint
-agent: OpenHermes
-subtask: true
----
-
-# Checkpoint Command
-
-Save current verification state and create progress checkpoint: $ARGUMENTS
-
-## Your Task
-
-Create a snapshot of current progress including:
-
-1. **Tests status** - Which tests pass/fail
-2. **Coverage** - Current coverage metrics
-3. **Build status** - Build succeeds or errors
-4. **Code changes** - Summary of modifications
-5. **Next steps** - What remains to be done
-
-## Checkpoint Format
-
-### Checkpoint: [Timestamp]
-
-**Tests**
-- Total: X
-- Passing: Y
-- Failing: Z
-- Coverage: XX%
-
-**Build**
-- Status: PASS: Passing / FAIL: Failing
-- Errors: [if any]
-
-**Changes Since Last Checkpoint**
-```
-git diff --stat [last-checkpoint-commit]
-```
-
-**Completed Tasks**
-- [x] Task 1
-- [x] Task 2
-- [ ] Task 3 (in progress)
-
-**Blocking Issues**
-- [Issue description]
-
-**Next Steps**
-1. Step 1
-2. Step 2
-
-## Usage with Verification Loop
-
-Checkpoints integrate with the verification loop:
-
-```
-/plan → implement → /checkpoint → /verify → /checkpoint → implement → ...
-```
-
-Use checkpoints to:
-- Save state before risky changes
-- Track progress through phases
-- Enable rollback if needed
-- Document verification points
-
----
-
-**TIP**: Create checkpoints at natural breakpoints: after each phase, before major refactoring, after fixing critical bugs.

package/harness/commands/code-review.md

@@ -1,71 +0,0 @@
----
-description: Review code for quality, security, and maintainability
-agent: code-reviewer
-subtask: true
----
-
-# Code Review Command
-
-Review code changes for quality, security, and maintainability: $ARGUMENTS
-
-## Changed files
-
-!git diff --name-only HEAD 2>&1 || echo "No git repo or no changes"
-
-## Your Task
-
-1. **Analyze each changed file** for issues
-3. **Generate structured report**
-4. **Provide actionable recommendations**
-
-## Check Categories
-
-### Security Issues (CRITICAL)
-- [ ] Hardcoded credentials, API keys, tokens
-- [ ] SQL injection vulnerabilities
-- [ ] XSS vulnerabilities
-- [ ] Missing input validation
-- [ ] Insecure dependencies
-- [ ] Path traversal risks
-- [ ] Authentication/authorization flaws
-
-### Code Quality (HIGH)
-- [ ] Functions > 50 lines
-- [ ] Files > 800 lines
-- [ ] Nesting depth > 4 levels
-- [ ] Missing error handling
-- [ ] console.log statements
-- [ ] TODO/FIXME comments
-- [ ] Missing JSDoc for public APIs
-
-### Best Practices (MEDIUM)
-- [ ] Mutation patterns (use immutable instead)
-- [ ] Unnecessary complexity
-- [ ] Missing tests for new code
-- [ ] Accessibility issues (a11y)
-- [ ] Performance concerns
-
-### Style (LOW)
-- [ ] Inconsistent naming
-- [ ] Missing type annotations
-- [ ] Formatting issues
-
-## Report Format
-
-For each issue found:
-
-```
-**[SEVERITY]** file.ts:123
-Issue: [Description]
-Fix: [How to fix]
-```
-
-## Decision
-
-- **CRITICAL or HIGH issues**: Block commit, require fixes
-- **MEDIUM issues**: Recommend fixes before merge
-- **LOW issues**: Optional improvements
-
----
-
-**IMPORTANT**: Never approve code with security vulnerabilities!