uv-suite 0.1.0

package/skills/map-codebase/SKILL.md

@@ -0,0 +1,50 @@
+---
+name: map-codebase
+description: >
+  Map a codebase or directory: build a knowledge graph (via Graphify if available),
+  then produce architecture overview, business domain map, sequence diagrams, and 
+  entry points. Use when entering a new codebase or unfamiliar area.
+argument-hint: "[directory-or-question]"
+user-invocable: true
+context: fork
+agent: cartographer
+model: claude-opus-4-6
+effort: high
+allowed-tools:
+  - Read(*)
+  - Grep(*)
+  - Glob(*)
+  - Bash(graphify *)
+  - Bash(find *)
+  - Bash(git log *)
+  - Bash(git ls-files *)
+  - Bash(wc *)
+  - Bash(head *)
+  - Bash(pip *)
+---
+
+## Target
+
+$ARGUMENTS
+
+If no target specified, map the current project root.
+
+## Graphify availability
+
+```!
+graphify --version 2>/dev/null || echo "NOT_INSTALLED"
+```
+
+## Existing knowledge graph (if previously generated)
+
+```!
+cat graphify-out/GRAPH_REPORT.md 2>/dev/null | head -80 || echo "No existing graph found"
+```
+
+## Project context
+
+!`cat CLAUDE.md 2>/dev/null || echo "No CLAUDE.md found"`
+
+## Danger zones
+
+!`cat DANGER-ZONES.md 2>/dev/null || echo "No DANGER-ZONES.md found"`

package/skills/persona/SKILL.md

@@ -0,0 +1,4 @@
+DELETED — this skill was removed because persona switching mid-session 
+does not fully work (hooks and permissions only load at session start).
+
+Use ./uv.sh [spike|sport|pro|auto] to start a new session with the right persona.

package/skills/prototype/SKILL.md

@@ -0,0 +1,27 @@
+---
+name: prototype
+description: >
+  Build an interactive prototype as a static React site. For concept exploration,
+  stakeholder demos, presentations, and documentation websites.
+argument-hint: "[concept-description]"
+user-invocable: true
+context: fork
+agent: prototype-builder
+model: claude-sonnet-4-6
+effort: high
+allowed-tools:
+  - Read(*)
+  - Grep(*)
+  - Glob(*)
+  - Write(*)
+  - Edit(*)
+  - Bash(npm *)
+  - Bash(npx *)
+  - Bash(node *)
+  - Bash(mkdir *)
+  - Bash(ls *)
+---
+
+## Concept
+
+$ARGUMENTS

package/skills/review/SKILL.md

@@ -0,0 +1,39 @@
+---
+name: review
+description: >
+  Code review for correctness, security, performance, maintainability, and AI slop.
+  Use before merging or as self-review.
+argument-hint: "[file-or-branch]"
+user-invocable: true
+context: fork
+agent: reviewer
+model: claude-opus-4-6
+effort: high
+allowed-tools:
+  - Read(*)
+  - Grep(*)
+  - Glob(*)
+  - Bash(git diff *)
+  - Bash(git log *)
+  - Bash(git show *)
+---
+
+## Changes to review
+
+!`git diff --cached --stat 2>/dev/null || git diff --stat 2>/dev/null || echo "No staged or unstaged changes found"`
+
+### Full diff
+
+!`git diff --cached 2>/dev/null || git diff 2>/dev/null || echo "No diff available"`
+
+## Additional target
+
+$ARGUMENTS
+
+## Project context
+
+!`cat CLAUDE.md 2>/dev/null || echo "No CLAUDE.md found"`
+
+## Danger zones
+
+!`cat DANGER-ZONES.md 2>/dev/null || echo "No DANGER-ZONES.md found"`

package/skills/security-review/SKILL.md

@@ -0,0 +1,73 @@
+---
+name: security-review
+description: >
+  OWASP-informed security review. Uses Semgrep, Gitleaks, and Trivy when available.
+  Falls back to AI-only analysis. Use on code touching auth, payments, data access,
+  or external inputs.
+argument-hint: "[file-or-directory]"
+user-invocable: true
+context: fork
+agent: security
+model: claude-opus-4-6
+effort: high
+allowed-tools:
+  - Read(*)
+  - Grep(*)
+  - Glob(*)
+  - Bash(git diff *)
+  - Bash(semgrep *)
+  - Bash(gitleaks *)
+  - Bash(trivy *)
+  - Bash(npm audit *)
+  - Bash(pip audit *)
+  - Bash(go vuln *)
+  - Bash(cargo audit *)
+---
+
+## Target
+
+$ARGUMENTS
+
+## Changes to review
+
+!`git diff --cached --stat 2>/dev/null || git diff --stat 2>/dev/null || echo "Reviewing full project"`
+
+### Full diff
+
+!`git diff --cached 2>/dev/null || git diff 2>/dev/null || echo ""`
+
+## Danger zones
+
+!`cat DANGER-ZONES.md 2>/dev/null || echo "No DANGER-ZONES.md found"`
+
+## Available security tools
+
+```!
+echo "=== Semgrep ===" && semgrep --version 2>/dev/null || echo "not installed (pip install semgrep)"
+echo "=== Gitleaks ===" && gitleaks version 2>/dev/null || echo "not installed (brew install gitleaks)"
+echo "=== Trivy ===" && trivy --version 2>/dev/null || echo "not installed (brew install trivy)"
+```
+
+## SAST scan (Semgrep, if available)
+
+```!
+semgrep --config auto --json --quiet . 2>/dev/null | head -100 || echo "Semgrep not available — will use AI-only analysis"
+```
+
+## Secret detection (Gitleaks, if available)
+
+```!
+gitleaks detect --source . --no-git --report-format json 2>/dev/null | head -50 || echo "Gitleaks not available — falling back to grep"
+```
+
+## Grep-based secret scan (fallback)
+
+```!
+grep -rn "password\s*=\|api_key\s*=\|secret\s*=\|token\s*=" --include="*.ts" --include="*.js" --include="*.py" --include="*.java" --include="*.go" . 2>/dev/null | head -20 || echo "No obvious secrets found"
+```
+
+## Dependency audit
+
+```!
+trivy fs --scanners vuln --format json . 2>/dev/null | head -80 || npm audit --json 2>/dev/null | head -50 || pip audit 2>/dev/null | head -50 || echo "No dependency scanner found"
+```

package/skills/slop-check/SKILL.md

@@ -0,0 +1,30 @@
+---
+name: slop-check
+description: >
+  Detect AI-generated slop in code, tests, docs, and architecture.
+  Run before merging any AI-generated changes.
+argument-hint: "[file-or-directory]"
+user-invocable: true
+context: fork
+agent: anti-slop-guard
+model: claude-opus-4-6
+effort: high
+allowed-tools:
+  - Read(*)
+  - Grep(*)
+  - Glob(*)
+  - Bash(git diff *)
+  - Bash(git log *)
+---
+
+## Target
+
+$ARGUMENTS
+
+## Changes to scan
+
+!`git diff --cached --stat 2>/dev/null || git diff --stat 2>/dev/null || echo "No changes — scan target files directly"`
+
+### Full diff
+
+!`git diff --cached 2>/dev/null || git diff 2>/dev/null || echo ""`

package/skills/spec/SKILL.md

@@ -0,0 +1,33 @@
+---
+name: spec
+description: >
+  Convert requirements into a structured technical specification. Use when starting a new feature
+  or receiving vague requirements.
+argument-hint: "[requirements-description]"
+user-invocable: true
+context: fork
+agent: spec-writer
+model: claude-opus-4-6
+effort: high
+allowed-tools:
+  - Read(*)
+  - Grep(*)
+  - Glob(*)
+  - Write(*)
+---
+
+## Requirements
+
+$ARGUMENTS
+
+## Project context
+
+!`cat CLAUDE.md 2>/dev/null || echo "No CLAUDE.md found"`
+
+## Existing architecture
+
+!`ls -la docs/architecture* 2>/dev/null || echo "No architecture docs found"`
+
+## Today's date
+
+!`date +%Y-%m-%d`

package/skills/write-evals/SKILL.md

@@ -0,0 +1,28 @@
+---
+name: write-evals
+description: >
+  Write evaluations for AI system prompts and inferencing layers.
+  Use when building or modifying LLM-powered features.
+argument-hint: "[prompt-file-or-description]"
+user-invocable: true
+context: fork
+agent: eval-writer
+model: claude-opus-4-6
+effort: high
+allowed-tools:
+  - Read(*)
+  - Grep(*)
+  - Glob(*)
+  - Write(*)
+  - Edit(*)
+  - Bash(npm run eval *)
+  - Bash(pytest *)
+---
+
+## Target
+
+$ARGUMENTS
+
+## Existing eval framework
+
+!`find . -name "*eval*" -o -name "*evals*" 2>/dev/null | head -10 || echo "No eval files found"`

package/skills/write-tests/SKILL.md

@@ -0,0 +1,40 @@
+---
+name: write-tests
+description: >
+  Generate meaningful tests that verify behavior. Use after implementing a feature or when
+  coverage is low. Matches project test conventions.
+argument-hint: "[file-or-module-to-test]"
+user-invocable: true
+context: fork
+agent: test-writer
+model: claude-sonnet-4-6
+effort: high
+allowed-tools:
+  - Read(*)
+  - Grep(*)
+  - Glob(*)
+  - Write(*)
+  - Edit(*)
+  - Bash(npm test *)
+  - Bash(npm run test *)
+  - Bash(npx jest *)
+  - Bash(npx vitest *)
+  - Bash(pytest *)
+  - Bash(go test *)
+  - Bash(cargo test *)
+  - Bash(mvn test *)
+---
+
+## Target
+
+$ARGUMENTS
+
+## Existing test patterns (match these)
+
+!`find . -name "*.test.*" -o -name "*.spec.*" -o -name "test_*" 2>/dev/null | head -5`
+
+!`cat $(find . -name "*.test.*" -o -name "*.spec.*" 2>/dev/null | head -1) 2>/dev/null | head -40 || echo "No existing tests found"`
+
+## Project test command
+
+!`cat package.json 2>/dev/null | grep -A2 '"test"' || echo "No package.json test script"`

package/uv.sh

@@ -0,0 +1,56 @@
+#!/bin/bash
+# UV Suite — Session launcher
+# Starts a Claude Code session with the specified persona.
+#
+# Usage:
+#   uv spike              Start a Spike session (research & docs)
+#   uv sport              Start a Sport session (fast, new projects)
+#   uv pro                Start a Professional session (production code)
+#   uv auto               Start an Auto session (fully autonomous)
+#   uv                    Start with default (Professional)
+
+PERSONA="${1:-pro}"
+shift 2>/dev/null  # consume the persona arg, pass the rest to claude
+
+# Resolve persona to settings file
+case "$PERSONA" in
+  spike)
+    SETTINGS=".claude/personas/spike.json"
+    LABEL="UV Spike — research & docs (Opus, max effort, doc-slop checked)"
+    ;;
+  sport)
+    SETTINGS=".claude/personas/sport.json"
+    LABEL="UV Sport — lightweight (Sonnet, high effort, lint only)"
+    ;;
+  pro|professional)
+    SETTINGS=".claude/personas/professional.json"
+    LABEL="UV Professional — full rigor (all hooks, all guardrails)"
+    ;;
+  auto)
+    SETTINGS=".claude/personas/auto.json"
+    LABEL="UV Auto — autonomous (max effort, everything approved)"
+    ;;
+  *)
+    echo "Unknown persona: $PERSONA"
+    echo ""
+    echo "Usage: uv [spike|sport|pro|auto]"
+    echo ""
+    echo "  spike   Research & documentation (Opus, max, doc-slop hook)"
+    echo "  sport   New projects, prototyping (Sonnet, high, lint only)"
+    echo "  pro     Production code (all hooks, all guardrails, human-gated)"
+    echo "  auto    Fully autonomous (max effort, everything auto-approved)"
+    echo ""
+    echo "  uv      Defaults to 'pro'"
+    exit 1
+    ;;
+esac
+
+if [ ! -f "$SETTINGS" ]; then
+  echo "Settings file not found: $SETTINGS"
+  echo "Run install.sh first to set up UV Suite in this project."
+  exit 1
+fi
+
+echo "$LABEL"
+echo ""
+exec claude --settings "$SETTINGS" "$@"