sumulige-claude 1.2.1 → 1.3.1

package/.claude/skills/quick-fix/metadata.yaml

@@ -0,0 +1,26 @@
+name: quick-fix
+version: 2.0.0
+description: |
+  快速修复者。专注于构建错误、lint 错误、类型错误的快速修复。
+  使用 haiku 模型确保响应快速、成本低。
+  遵循最小变更原则，不做复杂重构。
+
+triggers:
+  - build error
+  - compile error
+  - type error
+  - lint error
+  - tsc error
+  - 构建错误
+  - 编译错误
+  - 类型错误
+
+tools:
+  - Read
+  - Edit
+  - Bash
+  - Grep
+
+model: haiku
+
+source: optimized from build-error-resolver

package/.claude/skills/test-master/SKILL.md

@@ -0,0 +1,186 @@
+# Test Master
+
+> 测试大师 - 合并: tdd-workflow + e2e-runner
+
+## 核心职责
+
+统一处理所有测试相关工作：
+
+1. **单元测试** - TDD 流程、Jest/Vitest
+2. **E2E 测试** - Playwright、用户流程
+3. **覆盖率** - 分析和提升覆盖率
+
+## 工作模式
+
+### 模式 1：TDD 开发
+
+```
+触发：实现新功能或修复 bug
+流程：RED → GREEN → REFACTOR
+目标：测试先行，覆盖率 > 80%
+```
+
+### 模式 2：E2E 测试
+
+```
+触发：--e2e 或用户流程测试
+框架：Playwright + Page Object Model
+输出：测试文件 + 截图/视频
+```
+
+### 模式 3：覆盖率分析
+
+```
+触发：--coverage
+输出：覆盖率报告 + 未覆盖代码建议
+```
+
+## TDD 工作流
+
+### RED（写失败的测试）
+
+```typescript
+// 1. 先写测试，明确期望行为
+describe('calculateTotal', () => {
+  it('should sum all items with tax', () => {
+    const items = [{ price: 100 }, { price: 200 }]
+    expect(calculateTotal(items, 0.1)).toBe(330)
+  })
+})
+```
+
+### GREEN（最小实现）
+
+```typescript
+// 2. 写最少代码让测试通过
+function calculateTotal(items, taxRate) {
+  const subtotal = items.reduce((sum, item) => sum + item.price, 0)
+  return subtotal * (1 + taxRate)
+}
+```
+
+### REFACTOR（优化）
+
+```typescript
+// 3. 重构，保持测试通过
+function calculateTotal(items: Item[], taxRate: number): number {
+  const subtotal = items.reduce((sum, { price }) => sum + price, 0)
+  return Math.round(subtotal * (1 + taxRate) * 100) / 100
+}
+```
+
+## E2E 测试结构
+
+```
+tests/
+├── e2e/
+│   ├── pages/              # Page Objects
+│   │   ├── LoginPage.ts
+│   │   ├── DashboardPage.ts
+│   │   └── BasePage.ts
+│   ├── fixtures/           # 测试数据
+│   │   └── users.json
+│   ├── specs/              # 测试用例
+│   │   ├── auth.spec.ts
+│   │   └── dashboard.spec.ts
+│   └── playwright.config.ts
+```
+
+### Page Object 示例
+
+```typescript
+// pages/LoginPage.ts
+import { Page } from '@playwright/test'
+
+export class LoginPage {
+  constructor(private page: Page) {}
+
+  async goto() {
+    await this.page.goto('/login')
+  }
+
+  async login(email: string, password: string) {
+    await this.page.fill('[data-testid="email"]', email)
+    await this.page.fill('[data-testid="password"]', password)
+    await this.page.click('[data-testid="submit"]')
+  }
+
+  async expectError(message: string) {
+    await expect(this.page.locator('.error')).toContainText(message)
+  }
+}
+```
+
+## 覆盖率目标
+
+| 类型 | 目标 | 最低 |
+|------|------|------|
+| 语句覆盖 | 90% | 80% |
+| 分支覆盖 | 85% | 70% |
+| 函数覆盖 | 90% | 80% |
+| 行覆盖 | 90% | 80% |
+
+## 测试命令
+
+```bash
+# 运行单元测试
+npm test
+
+# 运行并生成覆盖率
+npm test -- --coverage
+
+# 运行 E2E 测试
+npx playwright test
+
+# 运行特定测试
+npm test -- --grep "calculateTotal"
+
+# 监视模式
+npm test -- --watch
+```
+
+## 输出格式
+
+```markdown
+# Test Report
+
+## Summary
+- Total: X tests
+- Passed: X ✅
+- Failed: X ❌
+- Skipped: X ⏭️
+
+## Coverage
+| Metric | Current | Target | Status |
+|--------|---------|--------|--------|
+| Statements | 85% | 80% | ✅ |
+| Branches | 72% | 70% | ✅ |
+| Functions | 88% | 80% | ✅ |
+| Lines | 85% | 80% | ✅ |
+
+## Failed Tests
+[详细失败信息]
+
+## Uncovered Code
+[建议添加测试的代码]
+```
+
+## 使用方式
+
+```bash
+# TDD 开发
+/test
+
+# E2E 测试
+/test --e2e
+
+# 覆盖率分析
+/test --coverage
+
+# 完整测试
+/test --all
+```
+
+---
+
+**原则**：没有测试的代码是不完整的。测试先行，覆盖率为王。

package/.claude/skills/test-master/metadata.yaml

@@ -0,0 +1,29 @@
+name: test-master
+version: 2.0.0
+description: |
+  测试大师。合并了 TDD 工作流和 E2E 测试功能。
+  支持单元测试、E2E 测试、覆盖率分析三种模式。
+  遵循 RED-GREEN-REFACTOR 循环，目标覆盖率 80%+。
+
+triggers:
+  - write test
+  - tdd
+  - test-driven
+  - e2e test
+  - playwright
+  - coverage
+  - unit test
+  - 写测试
+  - 测试覆盖
+
+tools:
+  - Read
+  - Write
+  - Edit
+  - Bash
+  - Grep
+  - Glob
+
+model: sonnet
+
+source: merged from tdd-workflow + e2e-runner

package/AGENTS.md

@@ -436,12 +436,6 @@ Usage notes:
 
 <available_skills>
 
-<skill>
-<name>123-skill</name>
-<description></description>
-<location>project</location>
-</skill>
-
 <skill>
 <name>algorithmic-art</name>
 <description>Creating algorithmic art using p5.js with seeded randomness and interactive parameter exploration. Use this when users request creating art using code, generative art, algorithmic art, flow fields, or particle systems. Create original algorithmic art rather than copying existing artists' work to avoid copyright violations.</description>
@@ -450,7 +444,7 @@ Usage notes:
 
 <skill>
 <name>api-tester</name>
-<description>API testing and HTTP request validation tool for REST/GraphQL endpoints</description>
+<description></description>
 <location>project</location>
 </skill>
 
@@ -472,6 +466,12 @@ Usage notes:
 <location>project</location>
 </skill>
 
+<skill>
+<name>design-brain</name>
+<description></description>
+<location>project</location>
+</skill>
+
 <skill>
 <name>doc-coauthoring</name>
 <description>Guide users through a structured workflow for co-authoring documentation. Use when user wants to write documentation, proposals, technical specs, decision docs, or similar structured content. This workflow helps users efficiently transfer context, refine content through iteration, and verify the doc works for readers. Trigger when user mentions writing docs, creating proposals, drafting specs, or similar documentation tasks.</description>
@@ -526,6 +526,18 @@ Usage notes:
 <location>project</location>
 </skill>
 
+<skill>
+<name>quality-guard</name>
+<description></description>
+<location>project</location>
+</skill>
+
+<skill>
+<name>quick-fix</name>
+<description></description>
+<location>project</location>
+</skill>
+
 <skill>
 <name>skill-creator</name>
 <description>Guide for creating effective skills. This skill should be used when users want to create a new skill (or update an existing skill) that extends Claude's capabilities with specialized knowledge, workflows, or tool integrations.</description>
@@ -544,6 +556,12 @@ Usage notes:
 <location>project</location>
 </skill>
 
+<skill>
+<name>test-master</name>
+<description></description>
+<location>project</location>
+</skill>
+
 <skill>
 <name>test-skill-name</name>
 <description></description>

package/CHANGELOG.md

@@ -1,8 +1,69 @@
-# Changelog
+## [1.3.1](https://github.com/sumulige/sumulige-claude/compare/v1.3.0...v1.3.1) (2026-01-22)
 
-All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
+### ✨ New Features
 
-### [1.2.1](https://github.com/sumulige/sumulige-claude/compare/v1.1.2...v1.2.1) (2026-01-18)
+- **System Prompt Optimization**: Token savings via MCP lazy-loading
+  - `ENABLE_TOOL_SEARCH=true` - MCP tools loaded on demand
+  - `DISABLE_AUTOUPDATER=1` - Reduce startup overhead
+  - ~50% token reduction for system prompts
+- **New Commands**:
+  - `/handoff` - Generate context handoff documents for session continuity
+  - `/gha` - Analyze GitHub Actions CI failures
+  - `/audit` - Security audit for approved commands (cc-safe style)
+- **Permission Audit**: Detect dangerous patterns in approved commands
+  - Critical: `rm -rf /`, disk overwrite, fork bombs
+  - High: `sudo`, `chmod 777`, privileged containers
+  - Medium: global installs, force push
+
+### 📝 Documentation
+
+- Add `/handoff` command guide
+- Add `/gha` CI analysis guide
+- Add `/audit` security audit guide
+
+---
+
+## [1.3.0](https://github.com/sumulige/sumulige-claude/compare/v1.2.1...v1.3.0) (2026-01-22)
+
+### ✨ New Features
+
+- **4 Core Skills System**: Cost-optimized skill architecture
+  - `quality-guard` (sonnet) - Code review + security + cleanup
+  - `test-master` (sonnet) - TDD + E2E + coverage
+  - `design-brain` (opus) - Planning + architecture
+  - `quick-fix` (haiku) - Fast error resolution
+- **Model Strategy**: Automatic model selection based on task complexity
+- **Workflow Engine**: 4-phase project workflow (research → approve → plan → develop)
+- **Usage Manual**: Comprehensive `.claude/USAGE.md` documentation
+
+### 🐛 Bug Fixes
+
+- make git hooks executable (e748915a)
+- fix pre-push hook for deleted files detection (46cccc6)
+
+### 📝 Documentation
+
+- add `.claude/USAGE.md` with complete skills guide
+- add Layer 5.5 Core Skills section to README
+- update CHANGELOG with test coverage improvements
+
+### ♻️ Refactor
+
+- **BREAKING**: merge 9 skills into 4 core skills (60-70% cost reduction)
+- delete 6 placeholder skills
+- streamline commands from 17 to 12
+
+### 🧪 Tests
+
+- improve test coverage to 63.53%
+- all 575 tests passing
+
+### 🧹 Chores
+
+- add workflows, templates, and development infrastructure
+- add hook templates for customization
+
+## [1.2.1](https://github.com/sumulige/sumulige-claude/compare/v1.1.2...v1.2.1) (2026-01-18)
 
 
 ### Fixed

package/README.md

@@ -261,6 +261,63 @@ smc kickoff
 
 ---
 
+## Layer 5.5: Core Skills / 核心技能系统
+
+### 4 Core Skills / 4 个核心技能
+
+> v2.0.0 优化：将 9 个技能合并为 4 个核心技能，成本降低 60-70%
+
+| Skill | 命令 | 模型 | 作用 |
+|-------|------|------|------|
+| `quality-guard` | `/review` | sonnet | 代码审查 + 安全检查 + 清理建议 |
+| `test-master` | `/test` | sonnet | TDD + E2E + 覆盖率分析 |
+| `design-brain` | `/plan` | opus | 规划 + 架构设计 |
+| `quick-fix` | `/fix` | haiku | 快速修复构建/类型/lint 错误 |
+
+### Quick Reference / 命令速查
+
+```bash
+# 代码审查
+/review              # 标准审查
+/review --security   # 安全深扫 (OWASP Top 10)
+/review --clean      # 死代码清理
+
+# 测试
+/test                # 运行测试
+/test --tdd          # TDD 模式
+/test --e2e          # E2E 测试
+/test --coverage     # 覆盖率
+
+# 规划
+/plan                # 快速规划
+/plan --deep         # 深度设计
+
+# 快速修复
+/fix                 # 自动检测修复
+/fix --build         # 构建错误
+/fix --type          # 类型错误
+
+# 重构
+/refactor            # 分析建议
+/refactor --execute  # 执行清理
+```
+
+### Model Cost Strategy / 模型成本策略
+
+```
+┌─────────┬─────────────────────┬──────────┬────────┐
+│  模型   │      使用场景        │ 相对成本 │  速度  │
+├─────────┼─────────────────────┼──────────┼────────┤
+│ haiku   │ /fix 快速修复        │   1x     │  最快  │
+│ sonnet  │ /review, /test      │   5x     │  中等  │
+│ opus    │ /plan --deep        │  15x     │  较慢  │
+└─────────┴─────────────────────┴──────────┴────────┘
+```
+
+详细使用指南: [.claude/USAGE.md](.claude/USAGE.md)
+
+---
+
 ## Layer 6: Advanced / 第六层：高级配置
 
 ### Multi-Agent Configuration / 多 Agent 配置

package/cli.js

@@ -175,6 +175,10 @@ const COMMANDS = {
   notebooklm: {
     help: 'NotebookLM browser automation',
     args: '<auth|ask|status|clear> [args...]'
+  },
+  audit: {
+    help: 'Audit approved commands for security risks',
+    args: '[--global] [--ci] [--report]'
   }
 };
 

package/config/official-skills.json

@@ -1,6 +1,6 @@
 {
   "version": "1.0.0",
-  "last_updated": "2026-01-18",
+  "last_updated": "2026-01-22",
   "source": "anthropics/skills",
   "categories": {
     "documents": {

package/development/knowledge-base/.index.clean.json

@@ -0,0 +1 @@
+{}

package/lib/commands.js

@@ -3332,6 +3332,57 @@ All notable changes to this project will be documented in this file.
     } = require("../.claude/workflow/notebooklm/browser");
     await handleNotebookLMCommand(args);
   },
+
+  // ==========================================================================
+  // Security Audit Commands
+  // ==========================================================================
+
+  audit: async (...args) => {
+    const { audit, generateReport, passes } = require("./permission-audit");
+
+    const isGlobal = args.includes("--global");
+    const isCi = args.includes("--ci");
+    const isReport = args.includes("--report");
+
+    console.log("🔍 Running permission audit...\n");
+
+    const results = audit({ global: isGlobal });
+
+    if (isReport) {
+      console.log(generateReport(results));
+    } else {
+      const { issues } = results;
+      const total = issues.critical.length + issues.high.length + issues.medium.length;
+
+      if (total === 0) {
+        console.log("✅ No security issues found!\n");
+        console.log(`Scanned ${results.scanned} settings file(s)`);
+      } else {
+        console.log(`Found ${total} potential issue(s):\n`);
+
+        if (issues.critical.length > 0) {
+          console.log(`🔴 Critical: ${issues.critical.length}`);
+          issues.critical.forEach(i => console.log(`   - ${i.desc}: ${i.permission}`));
+        }
+
+        if (issues.high.length > 0) {
+          console.log(`🟠 High: ${issues.high.length}`);
+          issues.high.forEach(i => console.log(`   - ${i.desc}: ${i.permission}`));
+        }
+
+        if (issues.medium.length > 0) {
+          console.log(`🟡 Medium: ${issues.medium.length}`);
+          issues.medium.forEach(i => console.log(`   - ${i.desc}: ${i.permission}`));
+        }
+
+        console.log("\nRun 'smc audit --report' for detailed analysis.");
+      }
+    }
+
+    if (isCi && !passes(results)) {
+      process.exit(1);
+    }
+  },
 };
 
 // ============================================================================