lite-kits 0.1.0__py3-none-any.whl → 0.3.1__py3-none-any.whl

lite_kits/kits/dev/commands/.claude/review.md

@@ -0,0 +1,202 @@
+---
+description: Review staged changes against best practices
+---
+
+# Code Review of Staged Changes
+
+**Purpose**: Review staged git changes for quality, best practices, and potential issues before committing.
+
+## Execution Steps
+
+Execute the following steps to review staged changes:
+
+### 1. Check Staged Files
+
+```bash
+# Get list of staged files with status
+git diff --staged --name-status
+```
+
+**If no files are staged**:
+- Inform user that nothing is staged
+- Suggest running `git add` or `/commit` to stage and commit together
+- Exit gracefully
+
+### 2. Analyze Staged Changes
+
+```bash
+# Get the actual diff with context
+git diff --staged
+```
+
+### 3. Review Changes
+
+Analyze the diff output for:
+
+**✅ Good Practices to Acknowledge**:
+- Clear, descriptive function/variable names
+- Appropriate comments where needed
+- Consistent formatting
+- Type hints (Python) or type annotations
+- Test coverage for new code
+- Error handling
+- Input validation
+
+**⚠️ Issues to Flag**:
+- **Security**:
+  - Hardcoded credentials or API keys
+  - SQL injection vulnerabilities
+  - XSS vulnerabilities
+  - Unsafe deserialization
+  - Missing authentication/authorization checks
+  
+- **Code Quality**:
+  - TODOs or FIXMEs (should be tracked in issues)
+  - Commented-out code blocks
+  - Magic numbers without explanation
+  - Overly complex functions (>50 lines)
+  - Duplicate code patterns
+  - Inconsistent naming conventions
+  
+- **Best Practices**:
+  - Missing error handling
+  - No logging for important operations
+  - Hardcoded configuration values
+  - Missing input validation
+  - Unused imports or variables
+  - Missing docstrings for public APIs
+
+### 4. Present Review Results
+
+Format output as follows:
+
+```
+## Code Review Results
+
+**Staged files**: [count]
+[list files with status: A=added, M=modified, D=deleted]
+
+**Summary of changes**:
+[brief description of what's being changed]
+
+===========================================================
+**✅ Good Practices Found:**
+===========================================================
+
+[List positive findings, grouped by file]
+- [file]: [specific good practice observed]
+
+===========================================================
+**⚠️ Suggestions for Improvement:**
+===========================================================
+
+[List issues/suggestions, grouped by file with line numbers if possible]
+- [file]:[line]: [specific issue and suggested fix]
+
+===========================================================
+**🔒 Security Check:**
+===========================================================
+
+[Report any security concerns or confirm none found]
+- ✓ No hardcoded credentials detected
+- ✓ No obvious security vulnerabilities
+- ⚠ [Any security concerns]
+
+===========================================================
+**📊 Overall Assessment:**
+===========================================================
+
+[One of: "Ready to commit", "Ready with minor suggestions", "Needs changes"]
+
+[Brief summary of overall code quality]
+
+**Recommendation**: [Approve / Address suggestions / Do not commit]
+```
+
+### 5. Handle User Response
+
+After presenting results, wait for user action. They may:
+- Proceed with commit anyway
+- Make changes and re-review
+- Cancel the review
+
+## Example Output
+
+```
+## Code Review Results
+
+**Staged files**: 3
+- A  src/auth.py (new file)
+- M  src/models.py (modified)
+- A  tests/test_auth.py (new file)
+
+**Summary of changes**:
+Adding user authentication system with bcrypt password hashing
+and JWT token generation.
+
+===========================================================
+**✅ Good Practices Found:**
+===========================================================
+
+- src/auth.py: Clear function names (hash_password, verify_password)
+- src/auth.py: Type hints used throughout
+- src/auth.py: Comprehensive docstrings for all functions
+- src/models.py: Proper SQLAlchemy relationship definitions
+- tests/test_auth.py: Good test coverage with fixtures
+
+===========================================================
+**⚠️ Suggestions for Improvement:**
+===========================================================
+
+- src/auth.py:45: Consider extracting hash_password to utils module
+  Current: Function in auth.py
+  Suggest: Move to src/utils/crypto.py for reusability
+
+- src/models.py:12: TODO comment present
+  Line: "# TODO: Add password reset functionality"
+  Suggest: Create GitHub issue and reference it in comment
+
+- tests/test_auth.py:67: Missing edge case test
+  Suggest: Add test for empty password input
+
+- src/auth.py:23: Magic number for token expiration
+  Current: expires_delta = timedelta(hours=24)
+  Suggest: Move to config file or environment variable
+
+===========================================================
+**🔒 Security Check:**
+===========================================================
+
+✓ No hardcoded credentials detected
+✓ Using bcrypt for password hashing (good choice!)
+✓ JWT tokens generated securely
+⚠ Consider adding rate limiting to prevent brute force attacks
+
+===========================================================
+**📊 Overall Assessment:**
+===========================================================
+
+**Status**: Ready with minor suggestions
+
+The code follows good practices with proper type hints, docstrings,
+and test coverage. The suggestions above are minor improvements that
+can be addressed now or in future iterations.
+
+**Recommendation**: Approve and commit - suggestions are non-blocking
+```
+
+## Important Notes
+
+- This command is **read-only** - it never modifies files
+- Focus on **actionable feedback** - be specific about what to change
+- Be **encouraging** - acknowledge good practices
+- **Security first** - always check for security issues
+- Keep review **concise** - don't overwhelm with minor issues
+- **Respect the agent's work** - balance critique with acknowledgment
+
+## Integration with Other Commands
+
+- Run `/review` before `/commit` to catch issues early
+- Use after making changes and staging them with `git add`
+- Combine with `/pr` workflow - review before creating PR
+- Works great in multi-agent workflows (one agent reviews another's work)

lite_kits/kits/dev/commands/.claude/stats.md

@@ -0,0 +1,162 @@
+---
+description: Generate concise project metrics for AI agent orientation
+---
+
+# Project Statistics
+
+**Purpose**: Provide quick project overview metrics for AI agents joining a project or assessing scope.
+
+## Execution Steps
+
+Execute the following steps to gather project statistics:
+
+### 1. Count Lines of Code
+
+**Preferred method** (if tokei installed):
+```bash
+# Check if tokei is available
+command -v tokei >/dev/null 2>&1
+
+# If available, use tokei for fast, accurate counts
+tokei --output json
+```
+
+**Fallback method** (if tokei not available):
+```bash
+# Python
+find . -name "*.py" -type f | xargs wc -l 2>/dev/null | tail -1
+
+# JavaScript/TypeScript
+find . -name "*.js" -o -name "*.ts" | xargs wc -l 2>/dev/null | tail -1
+
+# Markdown
+find . -name "*.md" -type f | xargs wc -l 2>/dev/null | tail -1
+
+# All files combined
+find . -type f -not -path "*/\.*" | xargs wc -l 2>/dev/null | tail -1
+```
+
+### 2. Count Files and Directories
+
+```bash
+# Count files (excluding hidden)
+find . -type f -not -path "*/\.*" | wc -l
+
+# Count directories (excluding hidden)
+find . -type d -not -path "*/\.*" | wc -l
+```
+
+### 3. Get Git History Summary
+
+```bash
+# Total commits
+git log --oneline | wc -l
+
+# Contributor count
+git log --format='%aN' | sort -u | wc -l
+
+# Recent activity
+git log --oneline -5
+```
+
+If not a git repository, skip this section.
+
+### 4. Check for Test Coverage
+
+Look for common coverage report files:
+```bash
+# Python coverage files
+ls .coverage coverage.xml htmlcov/ 2>/dev/null
+
+# JavaScript coverage
+ls coverage/ .nyc_output/ 2>/dev/null
+
+# If coverage files exist, try to extract percentage
+# Python: coverage report | grep TOTAL
+# JavaScript: cat coverage/coverage-summary.json
+```
+
+### 5. Generate Concise Table Output
+
+Provide stats in this format (~20 lines max):
+
+```markdown
+## Project Statistics
+
+**Code**:
+- Language1: X,XXX LOC (NN%)
+- Language2: XXX LOC (NN%)
+- Language3: XX LOC (NN%)
+
+**Structure**:
+- NN files, NN directories
+- NNN commits, N contributors
+
+**Testing**:
+- Coverage: NN% (or N/A)
+- Tests: NN files (or N/A)
+
+**Next Action**: [Explore src/ / Review tests / Check docs]
+```
+
+## Important Notes
+
+- **Be concise**: Keep output under 20 lines
+- **Use tables**: Well-formatted markdown tables or lists
+- **Handle missing tools**:
+  - No tokei → Use find/wc fallback, note "Basic LOC count"
+  - Not a git repo → Skip git section, note "No git history"
+  - No coverage → Show "N/A" gracefully
+
+- **Percentages**: Calculate language percentages from total LOC
+- **Large repos**: If >100k LOC, note "Large project" and consider sampling
+- **Speed**: Target <5 second execution time
+
+## Edge Cases
+
+- **No git repository**: Skip git section, show file/LOC stats only
+- **No test coverage reports**: Show "Coverage: N/A"
+- **Tokei not installed**: Use find/wc fallback, note in output
+- **Very large repo (1M+ LOC)**: Sample or provide high-level summary only
+- **No code files**: "Appears to be a documentation-only or data project"
+
+## Example Output
+
+```markdown
+## Project Statistics
+
+**Code**:
+- Python: 2,453 LOC (87%)
+- Markdown: 342 LOC (12%)
+- YAML: 28 LOC (1%)
+- Total: 2,823 LOC
+
+**Structure**:
+- 45 files, 12 directories
+- 127 commits, 3 contributors
+
+**Testing**:
+- Coverage: 78% (via pytest-cov)
+- Tests: 23 test files
+
+**Next Action**: Explore src/ directory to understand core modules
+```
+
+```markdown
+## Project Statistics
+
+**Code** (tokei not available, using basic count):
+- Python: ~1,200 lines
+- Markdown: ~400 lines
+- Total: ~1,600 lines (approximate)
+
+**Structure**:
+- 32 files, 8 directories
+- Not a git repository
+
+**Testing**:
+- Coverage: N/A
+- Tests: N/A
+
+**Next Action**: Check if this is a standalone library or tool
+```

lite_kits/kits/dev/commands/.github/audit.prompt.md

@@ -0,0 +1,143 @@
+---
+description: Perform security analysis on dependencies and code patterns
+---
+
+# Security Audit Helper
+
+**Purpose**: Quick security analysis for AI agents working on features involving authentication, data handling, or external dependencies.
+
+## Execution Steps
+
+Execute the following steps to perform a security audit:
+
+### 1. Detect Project Type and Dependencies
+
+```powershell
+# Check for Python dependencies
+Get-ChildItem -Path . -Include requirements.txt,pyproject.toml,setup.py -Recurse -ErrorAction SilentlyContinue
+
+# Check for Node.js dependencies
+Get-ChildItem -Path . -Include package.json,package-lock.json -Recurse -ErrorAction SilentlyContinue
+
+# Check for Rust dependencies
+Get-ChildItem -Path . -Include Cargo.toml,Cargo.lock -Recurse -ErrorAction SilentlyContinue
+
+# Check for Go dependencies
+Get-ChildItem -Path . -Include go.mod,go.sum -Recurse -ErrorAction SilentlyContinue
+```
+
+### 2. Run Dependency Vulnerability Scan
+
+**Python projects**:
+```powershell
+# Check if pip-audit is available
+Get-Command pip-audit -ErrorAction SilentlyContinue
+
+# If available, run scan
+pip-audit
+
+# If not available, suggest installation
+Write-Host "Install pip-audit: pip install pip-audit"
+```
+
+**Node.js projects**:
+```powershell
+# npm audit is built-in
+npm audit
+
+# Or use yarn
+yarn audit
+```
+
+**Other languages**: Suggest appropriate tools (cargo audit, go list, etc.)
+
+### 3. Scan for Common Security Anti-Patterns
+
+Check source code for security issues:
+
+```powershell
+# Look for potential hardcoded secrets
+Select-String -Path src\* -Pattern "API_KEY\s*=\s*['""]" -Recurse | Select-Object -First 5
+Select-String -Path src\* -Pattern "PASSWORD\s*=\s*['""]" -Recurse | Select-Object -First 5
+Select-String -Path src\* -Pattern "SECRET\s*=\s*['""]" -Recurse | Select-Object -First 5
+
+# Look for weak crypto patterns (Python)
+Select-String -Path src\* -Pattern "md5|sha1" -Recurse | Select-Object -First 5
+
+# Look for SQL injection risks
+Select-String -Path src\* -Pattern "execute.*%|execute.*\+" -Recurse | Select-Object -First 5
+```
+
+**Common patterns to flag**:
+- Hardcoded API keys, passwords, tokens
+- Weak cryptographic algorithms (MD5, SHA1)
+- SQL string concatenation
+- Eval/exec with user input
+- Insecure file permissions
+
+### 4. Generate Concise Report
+
+Provide analysis in this format (~150 words max):
+
+```markdown
+## Security Audit
+
+**Dependencies**: N scanned, M vulnerabilities found
+
+**Vulnerabilities** (if any):
+- package-name==version: [SEVERITY] - Brief description
+- Link to advisory for details
+
+**Code Patterns** (if any):
+- file.py:line: [PATTERN] - Recommendation
+
+**Next Action**: [Fix CVE-XXXX / Update package / Review auth code]
+```
+
+## Important Notes
+
+- **Graceful fallbacks**: If audit tools not installed, do basic pattern checks only
+- **Be concise**: Target <150 words total output
+- **Prioritize**: Show highest severity issues first
+- **Avoid false positives**: Note that manual review may be needed
+- **No dependencies**: Report "No dependencies to audit" gracefully
+- **Cross-platform**: Use commands available on Windows, macOS, Linux
+
+## Edge Cases
+
+- **No dependency files**: "No dependencies found. This appears to be a dependency-free project."
+- **Tool not installed**: Provide installation command, run basic grep checks
+- **No vulnerabilities**: "✅ No known vulnerabilities found! Consider reviewing auth/data handling patterns."
+- **Too many issues**: Sample top 5, note total count
+
+## Example Output
+
+```markdown
+## Security Audit
+
+**Dependencies**: 12 scanned, 2 vulnerabilities found
+
+**Vulnerabilities**:
+- requests==2.25.0: MEDIUM - CVE-2023-32681 (Proxy-Auth header leak)
+  Update to: requests>=2.31.0
+
+**Code Patterns**:
+- src/auth.py:42: Hardcoded API key detected
+- src/db.py:103: SQL string concatenation (injection risk)
+
+**Next Action**: Update requests package, move API key to environment variables, use parameterized queries
+```
+
+```markdown
+## Security Audit
+
+**Dependencies**: pip-audit not installed
+
+**Tool Not Available**:
+Install pip-audit for vulnerability scanning:
+`pip install pip-audit`
+
+**Code Patterns**: Basic grep checks performed, no obvious issues found
+
+**Next Action**: Install pip-audit and re-run for comprehensive dependency scan
+```

lite_kits/kits/{git/github/prompts → dev/commands/.github}/cleanup.prompt.md

@@ -318,13 +318,13 @@ dev/004-cleanup-command
 > git branch --merged develop
   dev/001-starter-kits
   dev/002-installer-polish
-  dev/003-git-kit-enhancements
+  dev/003-dev-kit-enhancements
 
 # Agent presents options
 Merged branches available for cleanup:
 1. dev/001-starter-kits (2 days ago)
 2. dev/002-installer-polish (1 day ago)
-3. dev/003-git-kit-enhancements (2 hours ago)
+3. dev/003-dev-kit-enhancements (2 hours ago)
 
 Delete which branches? (y/n/e): e
 

lite_kits/kits/{git/github/prompts → dev/commands/.github}/commit.prompt.md

@@ -240,7 +240,7 @@ Message:
 9. ?? docs/new-guide.md
 
 Message:
-  docs(004): update documentation for git-kit
+  docs(004): update documentation for dev-kit
 
   Added git workflow documentation and updated README
   with new command examples.
@@ -254,7 +254,7 @@ Message:
 Message:
   chore(004): update implementation status tracking
 
-  Marked git-kit as complete in status docs.
+  Marked dev-kit as complete in status docs.
 
 ---
 

lite_kits/kits/{project/github/prompts → dev/commands/.github}/orient.prompt.md

@@ -15,19 +15,11 @@ Execute the following steps to gather orientation information:
 Check for kit marker files to determine what's installed:
 
 ```powershell
-# Initialize kit detection variables
-$PROJECT_KIT = $false
-$GIT_KIT = $false
-$MULTIAGENT_KIT = $false
-
-# Check for project-kit markers
-if (Test-Path .github/prompts/review.prompt.md) { $PROJECT_KIT = $true }
-
-# Check for git-kit markers
-if (Test-Path .github/prompts/commit.prompt.md) { $GIT_KIT = $true }
-
-# Check for multiagent-kit markers
-if (Test-Path .specify/memory/pr-workflow-guide.md) { $MULTIAGENT_KIT = $true }
+# Check all kits in one efficient operation
+$KITS_INSTALLED = @()
+if (Test-Path .github/prompts/orient.prompt.md) { $KITS_INSTALLED += "dev" }
+if (Test-Path .specify/memory/pr-workflow-guide.md) { $KITS_INSTALLED += "multiagent" }
+$KITS_LIST = if ($KITS_INSTALLED.Count -gt 0) { $KITS_INSTALLED -join ", " } else { "vanilla only" }
 ```
 
 ### 2. Determine Agent Role
@@ -58,17 +50,12 @@ Extract:
 ### 4. Check Git State
 
 ```powershell
-# Current branch
-git branch --show-current
-
-# Recent commits (last 5)
-git log --oneline -5
-
-# Uncommitted changes
-git status --short
-
-# Untracked files count
-(git ls-files --others --exclude-standard).Count
+# Efficient single-command git status check
+# Get branch, recent commits, and changes in one go
+$CURRENT_BRANCH = git branch --show-current 2>$null
+if (-not $CURRENT_BRANCH) { $CURRENT_BRANCH = "not in git repo" }
+$RECENT_COMMITS = (git log --oneline -3 2>$null | Select-Object -First 1)
+$CHANGES = (git status --short 2>$null | Measure-Object).Count
 ```
 
 ### 5. Check Active Work
@@ -76,29 +63,28 @@ git status --short
 Look for active feature work:
 
 ```powershell
-# List specs directories
-Get-ChildItem -Path specs -Directory -ErrorAction SilentlyContinue | Select-Object -Last 3 -ExpandProperty Name
-
-# Check for current spec/plan/tasks
-$CURRENT_BRANCH = git branch --show-current
-if ($CURRENT_BRANCH -match '^\d+') {
-  $SPEC_DIR = "specs/$CURRENT_BRANCH"
-  if (Test-Path "$SPEC_DIR/spec.md") { Write-Host "✓ Spec exists" }
-  if (Test-Path "$SPEC_DIR/plan.md") { Write-Host "✓ Plan exists" }
-  if (Test-Path "$SPEC_DIR/tasks.md") { Write-Host "✓ Tasks exist" }
+# Check if current branch matches a spec directory
+if ($CURRENT_BRANCH -match '^\d+' -or $CURRENT_BRANCH -match '^dev/\d+') {
+  # Extract spec number from branch name
+  $SPEC_NUM = if ($CURRENT_BRANCH -match '\d+') { $Matches[0] } else { $null }
+  if ($SPEC_NUM) {
+    $SPEC_DIR = Get-ChildItem -Path "specs/$SPEC_NUM-*" -Directory -ErrorAction SilentlyContinue | Select-Object -First 1
+    if ($SPEC_DIR) {
+      $SPEC_FILES = @("spec.md", "plan.md", "tasks.md") | Where-Object { Test-Path "$($SPEC_DIR.FullName)/$_" }
+    }
+  }
 }
 ```
 
 ### 6. Check Multi-Agent Coordination (if multiagent-kit installed)
 
-If `$MULTIAGENT_KIT -eq $true`:
-
 ```powershell
-# Check for active sessions
-(Get-ChildItem -Path specs/*/collaboration/active/sessions/ -Filter *.md -Recurse -ErrorAction SilentlyContinue).Count
-
-# Check for pending handoffs
-Get-ChildItem -Path specs/*/collaboration/active/decisions/ -Filter handoff-*.md -Recurse -ErrorAction SilentlyContinue | Select-Object -First 1
+# Only check if multiagent kit is installed
+if ($KITS_INSTALLED -contains "multiagent") {
+  # Efficient check for collaboration activity
+  $ACTIVE_SESSIONS = (Get-ChildItem -Path specs/*/collaboration/active/sessions/ -Filter *.md -Recurse -ErrorAction SilentlyContinue).Count
+  $PENDING_HANDOFF = Get-ChildItem -Path specs/*/collaboration/active/decisions/ -Filter handoff-*.md -Recurse -ErrorAction SilentlyContinue | Select-Object -First 1
+}
 ```
 
 ### 7. Generate Concise Output
@@ -108,15 +94,15 @@ Provide a **concise summary** (~150 words max) in this format:
 ```
 ## Orientation Complete
 
-**Installed Kits**: [list detected kits or "vanilla only"]
+**Installed Kits**: [$KITS_LIST]
 
 **I am**: [$AGENT_ROLE from step 2]
 **Project**: [project name from docs]
 **Stack**: [main technologies]
-**Branch**: [current branch]
-**Recent work**: [summary of last 1-2 commits]
-**Uncommitted changes**: [count of modified files]
-**Active feature**: [current spec if on feature branch]
+**Branch**: [$CURRENT_BRANCH]
+**Recent work**: [$RECENT_COMMITS - just the message]
+**Uncommitted changes**: [$CHANGES count]
+**Active feature**: [current spec if $SPEC_FILES exists]
 **Coordination**: [solo work / handoff pending / etc]
 
 **Next suggested action**: [based on state analysis below]
@@ -133,7 +119,7 @@ Based on the state you discovered, suggest the next logical action:
 - **Plan exists, no tasks** → "Run `/tasks` to break down into tasks"
 - **Tasks exist** → "Run `/implement` to start coding"
 - **Handoff detected** (multiagent) → "Review handoff in `specs/[feature]/collaboration/active/decisions/`"
-- **Uncommitted changes** → "Review changes and consider running `/commit`" (if git-kit installed)
+- **Uncommitted changes** → "Review changes and consider running `/commit`" (if dev-kit installed)
 
 ## Important Notes
 
@@ -148,7 +134,7 @@ Based on the state you discovered, suggest the next logical action:
 ```
 ## Orientation Complete
 
-**Installed Kits**: project, git
+**Installed Kits**: dev
 
 **I am**: Grok Code Fast 1 @ GitHub Copilot (Specialist)
 **Project**: Blog Platform API (TypeScript/Node.js)

lite_kits/kits/{git/github/prompts → dev/commands/.github}/pr.prompt.md

@@ -342,7 +342,7 @@ Implements Phase 1 MVP with `/orient` command and modular kit system for multi-a
 ## Changes
 
 ### Features
-- Add `/orient` command for agent orientation (project-kit)
+- Add `/orient` command for agent orientation (dev-kit)
 - Implement kit-aware installer with --kit flag support
 - Add modular kit structure (project, git, multiagent)
 - Auto-dependency inclusion (multiagent → project + git)