solmate-skills 2.0.5 → 2.0.6

package/AGENTS.md

@@ -56,6 +56,15 @@
 - **파일 네이밍**: 모든 파일명 앞에는 `01_`과 같은 **순번(Numbering)**을 반드시 붙여 생성 순서와 계층을 명확히 한다. (예: `01_VISION.md`, `02_UI_DESIGN.md`)
 - **Interactive Process**: 문서를 작성할 때 AI가 독단적으로 내용을 채우지 않는다. 초안 작성 전, **반드시 사용자에게 핵심 질문을 던지고 답변을 바탕으로 문서를 작성(Ask before Write)**한다.
 
+### 2.7. SVG 다이어그램 산출물 표준 (User Journey & Data Flow)
+- **사용자 동선 SVG 필수화**: 주요 기능·화면 흐름 문서에는 사용자 동선(User Journey / Screen Flow)을 설명하는 SVG 다이어그램을 포함한다.
+- **저장 위치**: 사용자 동선 SVG는 `docs/02_UI_Screens/assets/`에 저장하고, 관련 UI 스크린 문서에서 상대 경로로 참조한다.
+- **데이터 흐름 SVG 필수화**: 주요 기능의 기술 명세에는 데이터 흐름(Data Flow / API-DB-External Service Flow)을 설명하는 SVG 다이어그램을 포함한다.
+- **저장 위치**: 데이터 흐름 SVG는 `docs/03_Technical_Specs/assets/`에 저장하고, 관련 기술 명세 문서에서 상대 경로로 참조한다.
+- **작업 관리 위치**: SVG 작성·수정 작업은 `docs/04_Logic_Progress/00_BACKLOG.md` 또는 `docs/04_Logic_Progress/02_EXECUTION_PLAN.md`에 태스크로 관리한다.
+- **검증 위치**: SVG가 최신 UI·API·DB 구조와 일치하는지 여부는 `docs/05_QA_Validation/`의 QA 체크리스트 또는 검증 문서에서 확인한다.
+- **파일 네이밍**: SVG 파일명에도 순번과 목적을 포함한다. (예: `01_user_journey.svg`, `02_auth_data_flow.svg`)
+
 ## 3. 개발 표준 및 품질
 - **UI 중심 개발 전략 (UI-First)**: Concept_Design -> UI_Screens -> Technical_Specs -> Logic_Progress 순서를 따른다.
 - **git commit 필수**: 중요 작업 전 반드시 git commit을 수행한다.

package/README.md

@@ -2,17 +2,19 @@
 
 Curated skills for Solmate projects. Easily share and install AI tool skills across your team.
 
-## What's New in 2.0.4
+## What's New in 2.0.6
 
-`solmate-skills@2.0.4` keeps **Backlog Context Lock** as the current documentation guardrail, adds **UI-First Gate** expectations, and tightens package hygiene for Codex-local settings.
+`solmate-skills@2.0.6` keeps **Backlog Context Lock** as the current documentation guardrail, adds **UI-First Gate** expectations, formalizes SVG diagram outputs, and fixes package hygiene so installable skill scripts are included in the npm tarball.
 
 Key changes:
 
 - Every backlog task must link to related Concept, UI, Technical Spec, and QA documents.
 - UI, user paths, data flow, loading states, empty states, and error states must be confirmed before coding.
+- User journey SVG files belong in `docs/02_UI_Screens/assets/`.
+- Data flow SVG files belong in `docs/03_Technical_Specs/assets/`.
 - `/rules-workflow` now treats linked backlog documents as implementation inputs before coding starts.
 - `/verify-docs` fails backlog items that omit required related-document fields.
-- Local Codex settings under `.codex/` are excluded from the npm package.
+- Local Codex settings under `.codex/` are excluded from the npm package, while skill-owned shell scripts remain publishable.
 
 ## Installation
 

package/ext-k-skill/scripts/check-setup.sh

@@ -0,0 +1,29 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+secrets_file="${1:-$HOME/.config/k-skill/secrets.env}"
+
+missing=0
+
+if [[ ! -f "$secrets_file" ]]; then
+  echo "missing secrets file: $secrets_file"
+  missing=1
+else
+  perms=$(stat -f '%Lp' "$secrets_file" 2>/dev/null || stat -c '%a' "$secrets_file" 2>/dev/null)
+  if [[ "$perms" != "600" ]]; then
+    echo "insecure permissions on $secrets_file: $perms (expected 600)"
+    missing=1
+  fi
+fi
+
+if [[ "$missing" -ne 0 ]]; then
+  cat <<EOF
+next steps:
+  1. create ~/.config/k-skill/secrets.env with your credentials
+  2. chmod 0600 ~/.config/k-skill/secrets.env
+  3. run this check again
+EOF
+  exit 1
+fi
+
+echo "k-skill setup looks usable"

package/ext-k-skill/scripts/run-k-skill-proxy.sh

@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+SECRETS_FILE="${KSKILL_SECRETS_FILE:-$HOME/.config/k-skill/secrets.env}"
+
+if [[ -f "$SECRETS_FILE" ]]; then
+  set -a
+  # shellcheck disable=SC1090
+  source "$SECRETS_FILE"
+  set +a
+fi
+
+cd "$ROOT_DIR"
+exec node packages/k-skill-proxy/src/server.js

package/ext-k-skill/scripts/validate-skills.sh

@@ -0,0 +1,56 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+root="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+status=0
+
+while IFS= read -r -d '' skill_dir; do
+  skill_name="$(basename "$skill_dir")"
+  skill_file="$skill_dir/SKILL.md"
+
+  if [[ ! -f "$skill_file" ]]; then
+    echo "missing SKILL.md: $skill_name"
+    status=1
+    continue
+  fi
+
+  if ! head -n 1 "$skill_file" | grep -qx -- "---"; then
+    echo "missing frontmatter start: $skill_file"
+    status=1
+  fi
+
+  if ! grep -q '^name: ' "$skill_file"; then
+    echo "missing name field: $skill_file"
+    status=1
+  fi
+
+  if ! grep -q '^description: ' "$skill_file"; then
+    echo "missing description field: $skill_file"
+    status=1
+  fi
+
+  declared_name="$(sed -n 's/^name: //p' "$skill_file" | head -n 1 | tr -d '"')"
+  if [[ "$declared_name" != "$skill_name" ]]; then
+    echo "name mismatch: $skill_file declares '$declared_name' but directory is '$skill_name'"
+    status=1
+  fi
+done < <(
+  find "$root" -mindepth 1 -maxdepth 1 -type d \
+    ! -name .git \
+    ! -name .github \
+    ! -name .omx \
+    ! -name .changeset \
+    ! -name docs \
+    ! -name node_modules \
+    ! -name packages \
+    ! -name python-packages \
+    ! -name scripts \
+    ! -name examples \
+    -print0
+)
+
+if [[ "$status" -ne 0 ]]; then
+  exit "$status"
+fi
+
+echo "skill layout looks valid"

package/hooks/install.sh

@@ -0,0 +1,157 @@
+#!/usr/bin/env bash
+# solmate-skills: install.sh
+# Purpose: Install Solmate hook scripts into the current project's .claude/ directory
+#          and merge hook configuration into .claude/settings.json.
+# Usage:   bash .agent/skills/hooks/install.sh
+#          (or run from any location: bash <path-to-hooks>/install.sh)
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+PROJECT_ROOT="$(pwd)"
+CLAUDE_DIR="$PROJECT_ROOT/.claude"
+HOOKS_DIR="$CLAUDE_DIR/hooks"
+SETTINGS_FILE="$CLAUDE_DIR/settings.json"
+
+echo "Solmate Skills — Hook Installer"
+echo "Project: $PROJECT_ROOT"
+echo ""
+
+# --- Step 1: Create .claude/hooks/ ---
+mkdir -p "$HOOKS_DIR"
+echo "[1/4] Created $HOOKS_DIR"
+
+# --- Step 2: Copy hook scripts ---
+cp "$SCRIPT_DIR/suggest-skills.sh"   "$HOOKS_DIR/solmate-suggest.sh"
+cp "$SCRIPT_DIR/watch-files.sh"      "$HOOKS_DIR/solmate-watch.sh"
+cp "$SCRIPT_DIR/verify-suggest.sh"   "$HOOKS_DIR/solmate-verify-suggest.sh"
+chmod +x "$HOOKS_DIR/solmate-suggest.sh"
+chmod +x "$HOOKS_DIR/solmate-watch.sh"
+chmod +x "$HOOKS_DIR/solmate-verify-suggest.sh"
+echo "[2/4] Copied hook scripts:"
+echo "      .claude/hooks/solmate-suggest.sh         (UserPromptSubmit)"
+echo "      .claude/hooks/solmate-watch.sh           (PreToolUse)"
+echo "      .claude/hooks/solmate-verify-suggest.sh  (Stop)"
+
+# --- Step 3: Merge hook config into settings.json ---
+echo "[3/4] Merging hook config into $SETTINGS_FILE"
+
+python3 - "$SETTINGS_FILE" <<'PYEOF'
+import sys, json, os
+
+settings_path = sys.argv[1]
+
+# Load existing settings or start fresh
+if os.path.exists(settings_path):
+    with open(settings_path, 'r') as f:
+        try:
+            settings = json.load(f)
+        except json.JSONDecodeError:
+            print(f"  WARNING: {settings_path} has invalid JSON. Backing up and starting fresh.")
+            os.rename(settings_path, settings_path + '.bak')
+            settings = {}
+else:
+    settings = {}
+
+hooks = settings.setdefault('hooks', {})
+
+# --- UserPromptSubmit hook ---
+suggest_cmd = "bash .claude/hooks/solmate-suggest.sh"
+submit_hooks = hooks.setdefault('UserPromptSubmit', [])
+
+# Check for duplicate
+already_has_suggest = any(
+    h.get('command') == suggest_cmd
+    for entry in submit_hooks
+    for h in entry.get('hooks', [])
+)
+if not already_has_suggest:
+    submit_hooks.append({
+        "hooks": [{
+            "type": "command",
+            "command": suggest_cmd,
+            "timeout": 5
+        }]
+    })
+    print("  Added: UserPromptSubmit → solmate-suggest.sh")
+else:
+    print("  Skipped (already exists): UserPromptSubmit → solmate-suggest.sh")
+
+# --- PreToolUse hook ---
+watch_cmd = "bash .claude/hooks/solmate-watch.sh"
+pre_hooks = hooks.setdefault('PreToolUse', [])
+
+already_has_watch = any(
+    h.get('command') == watch_cmd
+    for entry in pre_hooks
+    for h in entry.get('hooks', [])
+)
+if not already_has_watch:
+    pre_hooks.append({
+        "matcher": "Read|Write|Edit|Bash",
+        "hooks": [{
+            "type": "command",
+            "command": watch_cmd,
+            "timeout": 5
+        }]
+    })
+    print("  Added: PreToolUse (Read|Write|Edit|Bash) → solmate-watch.sh")
+else:
+    print("  Skipped (already exists): PreToolUse → solmate-watch.sh")
+
+# --- Stop hook ---
+verify_cmd = "bash .claude/hooks/solmate-verify-suggest.sh"
+stop_hooks = hooks.setdefault('Stop', [])
+
+already_has_verify = any(
+    h.get('command') == verify_cmd
+    for entry in stop_hooks
+    for h in entry.get('hooks', [])
+)
+if not already_has_verify:
+    stop_hooks.append({
+        "hooks": [{
+            "type": "command",
+            "command": verify_cmd,
+            "timeout": 10,
+            "statusMessage": "변경 파일 분석 중..."
+        }]
+    })
+    print("  Added: Stop → solmate-verify-suggest.sh")
+else:
+    print("  Skipped (already exists): Stop → solmate-verify-suggest.sh")
+
+# Write back
+os.makedirs(os.path.dirname(settings_path), exist_ok=True)
+with open(settings_path, 'w') as f:
+    json.dump(settings, f, indent=2, ensure_ascii=False)
+    f.write('\n')
+
+print(f"  Saved: {settings_path}")
+PYEOF
+
+# --- Step 4: Add .claude/hooks/ to .gitignore if not already there ---
+GITIGNORE="$PROJECT_ROOT/.gitignore"
+if [ -f "$GITIGNORE" ]; then
+  if ! grep -q "\.claude/hooks/" "$GITIGNORE" 2>/dev/null; then
+    echo "" >> "$GITIGNORE"
+    echo "# Solmate hook scripts (project-local)" >> "$GITIGNORE"
+    echo ".claude/hooks/" >> "$GITIGNORE"
+    echo "[4/4] Added .claude/hooks/ to .gitignore"
+  else
+    echo "[4/4] .gitignore already excludes .claude/hooks/"
+  fi
+else
+  echo "[4/4] No .gitignore found — skipping"
+fi
+
+echo ""
+echo "Done. Hooks are active in this project."
+echo ""
+echo "What was installed:"
+echo "  UserPromptSubmit  → 프롬프트 키워드 감지 → 관련 스킬 제안"
+echo "  PreToolUse        → 편집 중인 파일 패턴 감지 → 관련 스킬 제안"
+echo "  Stop              → 작업 완료 후 변경 파일 분석 → verify-* 스킬 실행 시점 알림"
+echo ""
+echo "To review or disable hooks, open /hooks in Claude Code."
+echo "To uninstall, remove .claude/hooks/ and the 'hooks' section from .claude/settings.json."

package/hooks/suggest-skills.sh

@@ -0,0 +1,109 @@
+#!/usr/bin/env bash
+# solmate-skills: suggest-skills.sh
+# Event: UserPromptSubmit
+# Purpose: Detect keywords in user prompt and inject skill suggestions as context.
+# Output: JSON with hookSpecificOutput.additionalContext (non-blocking)
+
+set -euo pipefail
+
+# Read stdin JSON
+INPUT=$(cat)
+
+# Extract the user prompt text
+PROMPT=$(echo "$INPUT" | python3 -c "
+import sys, json
+data = json.load(sys.stdin)
+# UserPromptSubmit provides 'prompt' field
+print(data.get('prompt', ''))
+" 2>/dev/null || echo "")
+
+if [ -z "$PROMPT" ]; then
+  exit 0
+fi
+
+SUGGESTIONS=""
+
+# --- Keyword matching (Korean + English) ---
+
+# Decision / Design → manage-decisions
+if echo "$PROMPT" | grep -qiE '결정|설계|어떻게 할|어떤 방식|DB 스키마|테이블|API 구조|아키텍처|폴더 구조|기능 범위|MVP|스택|라이브러리|어떤 거|어떤게'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 결정이 필요한 상황입니다. \`/manage-decisions\`를 실행하면 유형별 질문 템플릿으로 대화를 통해 결정을 이끌어냅니다."
+fi
+
+# Security → verify-security
+if echo "$PROMPT" | grep -qiE '보안|security|취약|OWASP|인증|인가|token|jwt|secret|API ?key|sql|injection|xss|csrf'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 보안 관련 작업입니다. \`/verify-security\`로 OWASP Top 10 기준 점검을 실행하세요."
+fi
+
+# Performance → verify-performance
+if echo "$PROMPT" | grep -qiE '성능|performance|lighthouse|느리|느림|최적화|LCP|CLS|FID|번들|bundle|이미지 최적|lazy|loading'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 성능 관련 작업입니다. \`/verify-performance\`로 Lighthouse 및 Core Web Vitals 점검을 실행하세요."
+fi
+
+# PR / Commit / Code review → verify-code
+if echo "$PROMPT" | grep -qiE 'PR|pull ?request|코드 ?리뷰|review|commit|머지|merge|배포 전|pre-deploy'; then
+  SUGGESTIONS="$SUGGESTIONS\n- PR 또는 배포 전 점검입니다. \`/verify-code\`로 코드 품질을 종합 리뷰하고, \`/verify-implementation\`으로 전체 verify-* 스킬을 통합 실행하세요."
+fi
+
+# Documentation → verify-docs / docs-plan / docs-dev
+if echo "$PROMPT" | grep -qiE '문서|docs?|README|VISION|LEAN_CANVAS|PRODUCT_SPECS|API_SPECS|DB_SCHEMA|ROADMAP|백로그|backlog'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 문서 작업입니다. 기획·UI 문서는 \`/docs-plan\`, 기술·진행·QA 문서는 \`/docs-dev\`, 문서 구조 검증은 \`/verify-docs\`를 사용하세요."
+fi
+
+# Feature implementation / workflow → rules-workflow
+if echo "$PROMPT" | grep -qiE '기능 ?구현|구현|implement|feature|작업 ?시작|어디서 ?시작|어떻게 ?시작|개발 ?시작|시작할게'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 기능 구현을 시작하려 합니다. 먼저 \`/rules-product\`로 현재 Phase를 진단하고 Flow Status Block을 확인한 뒤, \`/rules-workflow\`로 18단계 구현 워크플로우를 진행하세요."
+fi
+
+# Flow position question → rules-product
+if echo "$PROMPT" | grep -qiE '지금.*어디|현재.*단계|현재.*위치|다음.*뭐|어느.*Phase|flow status|플로우.*상태|단계.*확인'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 현재 위치 확인 요청입니다. \`/rules-product\` 기준 Flow Status Block으로 현재 Phase, Gate, 다음 액션을 먼저 보고하세요."
+fi
+
+# React / UI component → rules-react
+if echo "$PROMPT" | grep -qiE 'React|컴포넌트|component|페이지|page|UI|화면|shadcn|tailwind'; then
+  SUGGESTIONS="$SUGGESTIONS\n- React/UI 작업입니다. \`/rules-react\`로 컴포넌트 설계 기준을 확인하고, 구현 후 \`/verify-ui\`로 화면 문서와 사용자 동선 정합성을 검증하세요."
+fi
+
+# UI verification explicit request → verify-ui
+if echo "$PROMPT" | grep -qiE 'UI ?검증|UX ?검증|화면 ?검증|화면.*맞|동선.*검증|상태별 UI|empty state|loading state|error state'; then
+  SUGGESTIONS="$SUGGESTIONS\n- UI 검증 요청입니다. \`/verify-ui\`로 화면 구조, 사용자 동선, 데이터 흐름, 상태별 UI를 점검하세요."
+fi
+
+# Skill package changes → verify-skills
+if echo "$PROMPT" | grep -qiE '스킬.*검증|skill.*verify|SKILL\.md|openai\.yaml|solmate-skills|npm pack|패키지.*검증'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 스킬 패키지 작업입니다. \`/verify-skills\`로 SKILL.md, agents/openai.yaml, CLI 목록, README/AGENTS, npm pack을 검증하세요."
+fi
+
+# Drizzle / DB schema → verify-drizzle-schema
+if echo "$PROMPT" | grep -qiE 'drizzle|schema\.ts|마이그레이션|migration|pgTable|sqliteTable'; then
+  SUGGESTIONS="$SUGGESTIONS\n- Drizzle 스키마 작업입니다. \`/verify-drizzle-schema\`로 스키마 정합성을 검증하세요."
+fi
+
+# New project / product pipeline → rules-product
+if echo "$PROMPT" | grep -qiE '새 프로젝트|신규 프로젝트|프로젝트 시작|어디서 시작|뭐부터|처음부터|from scratch'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 새 프로젝트입니다. \`/rules-product\`를 실행하면 현재 단계를 자동 진단하고 올바른 스킬로 안내합니다."
+fi
+
+# Pitch deck / business plan → docs-pitch / docs-business
+if echo "$PROMPT" | grep -qiE '피치|pitch|투자|investor|사업 ?계획|business ?plan|데모데이|해커톤'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 발표·투자 자료 작업입니다. 피치덱은 \`/docs-pitch\`, 사업계획서는 \`/docs-business\`를 사용하세요."
+fi
+
+# If no suggestions, exit silently
+if [ -z "$SUGGESTIONS" ]; then
+  exit 0
+fi
+
+# Output JSON with additionalContext (non-blocking)
+python3 -c "
+import json, sys
+suggestions = sys.argv[1]
+output = {
+    'hookSpecificOutput': {
+        'hookEventName': 'UserPromptSubmit',
+        'additionalContext': '[Solmate Skills 제안]\n' + suggestions.strip()
+    }
+}
+print(json.dumps(output))
+" "$SUGGESTIONS"

package/hooks/verify-suggest.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+# Claude Stop 훅: git 변경 파일을 분석하여 적절한 verify-* 스킬을 제안합니다
+
+python3 - <<'PYEOF'
+import subprocess, json
+
+r = subprocess.run(['git', 'diff', '--name-only', 'HEAD'], capture_output=True, text=True)
+files = [f for f in r.stdout.strip().split('\n') if f]
+
+if not files:
+    exit()
+
+s = []
+
+if any('schema' in f and (f.endswith('.ts') or f.endswith('.sql')) for f in files):
+    s.append('  DB 스키마 변경 감지    →  /verify-drizzle-schema')
+
+if any(f.endswith(('.tsx', '.jsx')) or f.startswith('docs/02_UI_Screens/') for f in files):
+    s.append('  UI/화면 변경 감지      →  /verify-ui')
+
+if any(any(k in f.lower() for k in ('auth', 'middleware', 'api', 'route', 'token', 'session'))
+       and (f.endswith('.ts') or f.endswith('.tsx')) for f in files):
+    s.append('  인증/API 파일 변경 감지 →  /verify-security')
+
+if any(f.endswith('.ts') or f.endswith('.tsx') for f in files):
+    s.append('  코드 파일 변경 감지    →  /verify-code')
+
+if any(f.endswith('.md') for f in files):
+    s.append('  문서 파일 변경 감지    →  /verify-docs')
+
+if any(
+    f.endswith('/SKILL.md')
+    or f.endswith('/agents/openai.yaml')
+    or f in ('bin/cli.js', 'package.json', 'README.md', 'AGENTS.md')
+    for f in files
+):
+    s.append('  스킬 패키지 변경 감지  →  /verify-skills')
+
+if s:
+    msg = '[ 검증 시점 알림 ]\n' + '\n'.join(s)
+    print(json.dumps({'systemMessage': msg}))
+PYEOF

package/hooks/watch-files.sh

@@ -0,0 +1,96 @@
+#!/usr/bin/env bash
+# solmate-skills: watch-files.sh
+# Event: PreToolUse (matcher: Read|Write|Edit|Bash)
+# Purpose: Detect file patterns being modified and inject relevant skill suggestions.
+# Output: JSON with hookSpecificOutput.additionalContext (non-blocking)
+
+set -euo pipefail
+
+INPUT=$(cat)
+
+# Extract file path and tool name
+FILE_PATH=$(echo "$INPUT" | python3 -c "
+import sys, json
+data = json.load(sys.stdin)
+inp = data.get('tool_input', {})
+# Write/Edit use file_path; Bash use command
+print(inp.get('file_path', inp.get('command', '')))" 2>/dev/null || echo "")
+
+TOOL_NAME=$(echo "$INPUT" | python3 -c "
+import sys, json
+data = json.load(sys.stdin)
+print(data.get('tool_name', ''))" 2>/dev/null || echo "")
+
+if [ -z "$FILE_PATH" ]; then
+  exit 0
+fi
+
+SUGGESTIONS=""
+
+# --- File pattern matching ---
+
+# Drizzle schema file → verify-drizzle-schema
+if echo "$FILE_PATH" | grep -qiE 'schema\.(ts|js)|drizzle'; then
+  SUGGESTIONS="$SUGGESTIONS\n- Drizzle 스키마 파일을 수정 중입니다. 작업 후 \`/verify-drizzle-schema\`로 스키마 정합성을 검증하세요."
+fi
+
+# .env files → verify-security
+if echo "$FILE_PATH" | grep -qiE '\.env|\.env\.local|\.env\.production|\.env\.example'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 환경변수 파일을 수정 중입니다. \`/verify-security\` Check 1(시크릿 노출)을 실행하여 민감 정보 노출 여부를 확인하세요."
+fi
+
+# SKILL.md files → manage-skills
+if echo "$FILE_PATH" | grep -qiE 'SKILL\.md'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 스킬 파일을 수정 중입니다. \`/manage-skills\`로 verify 스킬과의 정합성 드리프트를 점검하고, 작업 후 \`/verify-skills\`로 패키지 메타데이터를 검증하세요."
+fi
+
+# Skill metadata / package files → verify-skills
+if echo "$FILE_PATH" | grep -qiE 'agents/openai\.yaml|bin/cli\.js|package\.json|README\.md|AGENTS\.md'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 스킬 패키지 메타데이터 또는 배포 파일을 수정 중입니다. 작업 후 \`/verify-skills\`를 실행하세요."
+fi
+
+# UI implementation files → verify-ui
+if echo "$FILE_PATH" | grep -qiE '\.(tsx|jsx)$|docs/02_UI_Screens/.*\.md'; then
+  SUGGESTIONS="$SUGGESTIONS\n- UI 구현 또는 화면 문서를 수정 중입니다. 작업 후 \`/verify-ui\`로 화면 구조·동선·상태별 UI 정합성을 검증하세요."
+fi
+
+# Page/route files → verify-performance
+if echo "$FILE_PATH" | grep -qiE 'page\.(tsx|jsx|ts|js)|route\.(tsx|jsx|ts|js)|layout\.(tsx|jsx)'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 페이지·라우트 파일을 수정 중입니다. 작업 후 \`/verify-performance\`로 Core Web Vitals 및 렌더링 전략을 점검하세요."
+fi
+
+# API route files → verify-security
+if echo "$FILE_PATH" | grep -qiE 'api/.*route\.(ts|js)|api/.*index\.(ts|js)|\bapi\b.*\.(ts|js)'; then
+  SUGGESTIONS="$SUGGESTIONS\n- API 라우트 파일을 수정 중입니다. 작업 후 \`/verify-security\` Check 2(인증·인가) 및 Check 5(CSRF)를 점검하세요."
+fi
+
+# Auth-related files → verify-security
+if echo "$FILE_PATH" | grep -qiE 'auth\.(ts|js|tsx)|middleware\.(ts|js)|session\.(ts|js)'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 인증·미들웨어 파일을 수정 중입니다. \`/verify-security\`로 인증·인가 취약점을 점검하세요."
+fi
+
+# Documentation files → verify-docs
+if echo "$FILE_PATH" | grep -qiE 'docs/(01|02|03|04|05)_.*\.md'; then
+  SUGGESTIONS="$SUGGESTIONS\n- 문서 레이어 파일을 수정 중입니다. 작업 후 \`/verify-docs\`로 메타데이터 및 구조 정합성을 검증하세요."
+fi
+
+# AGENTS.md → remind about skill count
+if echo "$FILE_PATH" | grep -qiE 'AGENTS\.md'; then
+  SUGGESTIONS="$SUGGESTIONS\n- AGENTS.md를 수정 중입니다. 스킬 목록·개수가 변경된 경우 Section 4의 테이블과 개수를 함께 업데이트하세요."
+fi
+
+if [ -z "$SUGGESTIONS" ]; then
+  exit 0
+fi
+
+python3 -c "
+import json, sys
+suggestions = sys.argv[1]
+output = {
+    'hookSpecificOutput': {
+        'hookEventName': 'PreToolUse',
+        'additionalContext': '[Solmate Skills 파일 감지]\n' + suggestions.strip()
+    }
+}
+print(json.dumps(output))
+" "$SUGGESTIONS"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "solmate-skills",
-  "version": "2.0.5",
+  "version": "2.0.6",
   "description": "Curated skills for Solmate projects",
   "main": "bin/cli.js",
   "bin": {

package/rules-react/scripts/fetch-stitch.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+# Copyright 2026 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+URL=$1
+OUTPUT=$2
+if [ -z "$URL" ] || [ -z "$OUTPUT" ]; then
+  echo "Usage: $0 <url> <output_path>"
+  exit 1
+fi
+echo "Initiating high-reliability fetch for Stitch HTML..."
+curl -L -f -sS --connect-timeout 10 --compressed "$URL" -o "$OUTPUT"
+if [ $? -eq 0 ]; then
+  echo "✅ Successfully retrieved HTML at: $OUTPUT"
+  exit 0
+else
+  echo "❌ Error: Failed to retrieve content. Check TLS/SNI or URL expiration."
+  exit 1
+fi

package/tools-shadcn/scripts/verify-setup.sh

@@ -0,0 +1,134 @@
+#!/usr/bin/env bash
+# shadcn/ui Setup Verification Script
+# Validates that a project is correctly configured for shadcn/ui
+
+set -e
+
+GREEN='\033[0;32m'
+RED='\033[0;31m'
+YELLOW='\033[1;33m'
+NC='\033[0m' # No Color
+
+echo "🔍 Verifying shadcn/ui setup..."
+echo ""
+
+# Check if components.json exists
+if [ -f "components.json" ]; then
+    echo -e "${GREEN}✓${NC} components.json found"
+else
+    echo -e "${RED}✗${NC} components.json not found"
+    echo -e "  ${YELLOW}Run:${NC} npx shadcn@latest init"
+    exit 1
+fi
+
+# Check if tailwind.config exists
+if [ -f "tailwind.config.js" ] || [ -f "tailwind.config.ts" ]; then
+    echo -e "${GREEN}✓${NC} Tailwind config found"
+else
+    echo -e "${RED}✗${NC} tailwind.config.js not found"
+    echo -e "  ${YELLOW}Install Tailwind:${NC} npm install -D tailwindcss postcss autoprefixer"
+    exit 1
+fi
+
+# Check if tsconfig.json has path aliases
+if [ -f "tsconfig.json" ]; then
+    if grep -q '"@/\*"' tsconfig.json; then
+        echo -e "${GREEN}✓${NC} Path aliases configured in tsconfig.json"
+    else
+        echo -e "${YELLOW}⚠${NC} Path aliases not found in tsconfig.json"
+        echo "  Add to compilerOptions.paths:"
+        echo '  "@/*": ["./src/*"]'
+    fi
+else
+    echo -e "${YELLOW}⚠${NC} tsconfig.json not found (TypeScript not configured)"
+fi
+
+# Check if globals.css or equivalent exists
+if [ -f "src/index.css" ] || [ -f "src/globals.css" ] || [ -f "app/globals.css" ]; then
+    echo -e "${GREEN}✓${NC} Global CSS file found"
+    
+    # Check for Tailwind directives
+    CSS_FILE=$(find . -name "globals.css" -o -name "index.css" | head -n 1)
+    if grep -q "@tailwind base" "$CSS_FILE"; then
+        echo -e "${GREEN}✓${NC} Tailwind directives present"
+    else
+        echo -e "${RED}✗${NC} Tailwind directives missing"
+        echo "  Add to your CSS file:"
+        echo "  @tailwind base;"
+        echo "  @tailwind components;"
+        echo "  @tailwind utilities;"
+    fi
+    
+    # Check for CSS variables
+    if grep -q "^:root" "$CSS_FILE" || grep -q "@layer base" "$CSS_FILE"; then
+        echo -e "${GREEN}✓${NC} CSS variables defined"
+    else
+        echo -e "${YELLOW}⚠${NC} CSS variables not found"
+        echo "  shadcn/ui requires CSS variables for theming"
+    fi
+else
+    echo -e "${RED}✗${NC} Global CSS file not found"
+fi
+
+# Check if components/ui directory exists
+if [ -d "src/components/ui" ] || [ -d "components/ui" ]; then
+    echo -e "${GREEN}✓${NC} components/ui directory exists"
+    
+    # Count components
+    COMPONENT_COUNT=$(find . -path "*/components/ui/*.tsx" -o -path "*/components/ui/*.jsx" | wc -l)
+    echo -e "  ${COMPONENT_COUNT} components installed"
+else
+    echo -e "${YELLOW}⚠${NC} components/ui directory not found"
+    echo "  Add your first component: npx shadcn@latest add button"
+fi
+
+# Check if lib/utils exists
+if [ -f "src/lib/utils.ts" ] || [ -f "lib/utils.ts" ]; then
+    echo -e "${GREEN}✓${NC} lib/utils.ts exists"
+    
+    # Check for cn function
+    UTILS_FILE=$(find . -name "utils.ts" | grep "lib" | head -n 1)
+    if grep -q "export function cn" "$UTILS_FILE"; then
+        echo -e "${GREEN}✓${NC} cn() utility function present"
+    else
+        echo -e "${RED}✗${NC} cn() utility function missing"
+    fi
+else
+    echo -e "${RED}✗${NC} lib/utils.ts not found"
+fi
+
+# Check package.json dependencies
+if [ -f "package.json" ]; then
+    echo ""
+    echo "📦 Checking dependencies..."
+    
+    # Required dependencies
+    REQUIRED_DEPS=("react" "tailwindcss")
+    RECOMMENDED_DEPS=("class-variance-authority" "clsx" "tailwind-merge" "tailwindcss-animate")
+    
+    for dep in "${REQUIRED_DEPS[@]}"; do
+        if grep -q "\"$dep\"" package.json; then
+            echo -e "${GREEN}✓${NC} $dep installed"
+        else
+            echo -e "${RED}✗${NC} $dep not installed"
+        fi
+    done
+    
+    echo ""
+    echo "Recommended dependencies:"
+    for dep in "${RECOMMENDED_DEPS[@]}"; do
+        if grep -q "\"$dep\"" package.json; then
+            echo -e "${GREEN}✓${NC} $dep installed"
+        else
+            echo -e "${YELLOW}⚠${NC} $dep not installed (recommended)"
+        fi
+    done
+fi
+
+echo ""
+echo -e "${GREEN}✓${NC} Setup verification complete!"
+echo ""
+echo "Next steps:"
+echo "  1. Add components: npx shadcn@latest add [component]"
+echo "  2. View catalog: npx shadcn@latest add --help"
+echo "  3. Browse docs: https://ui.shadcn.com"