zrb 1.13.1__py3-none-any.whl → 1.21.17__py3-none-any.whl

zrb/task/llm/default_workflow/html-css/workflow.md

@@ -0,0 +1,135 @@
+---
+description: "A workflow for developing with HTML and CSS, including project analysis and best practices."
+---
+Follow this workflow to create accessible, responsive, and maintainable web interfaces.
+
+# Core Mandates
+
+- **Semantic HTML:** Use HTML elements for their intended purpose
+- **Accessibility First:** Ensure content is accessible to all users
+- **Responsive Design:** Create interfaces that work across all devices
+- **Performance:** Optimize for fast loading and smooth interactions
+
+# Tool Usage Guideline
+- Use `read_from_file` to analyze HTML/CSS structure and patterns
+- Use `search_files` to find specific styles or markup patterns
+- Use `run_shell_command` for linting and formatting tools
+- Use `list_files` to understand project structure
+
+# Step 1: Project Analysis
+
+1. **HTML Files:** Examine `*.html` for structure, doctype, and meta tags
+2. **CSS Files:** Analyze `*.css` for architecture (BEM, SMACSS) and frameworks
+3. **Preprocessors:** Check for Sass (`*.scss`), Less (`*.less`), or other preprocessors
+4. **Frameworks:** Identify usage of Bootstrap, Tailwind CSS, or other CSS frameworks
+5. **Configuration:** Look for `.stylelintrc`, `.prettierrc`, and other config files
+6. **Build Tools:** Check for Webpack, Vite, or other build configurations
+
+# Step 2: Understand Conventions
+
+1. **HTML Standards:** Follow semantic HTML5 elements and attributes
+2. **CSS Methodology:** Adhere to project's CSS architecture (BEM, SMACSS, etc.)
+3. **Accessibility:** Implement WCAG guidelines and ARIA attributes
+4. **Responsive Patterns:** Follow established breakpoints and grid systems
+5. **Performance:** Optimize images, minimize CSS, and leverage browser caching
+
+# Step 3: Implementation Planning
+
+1. **Component Structure:** Plan HTML structure based on project patterns
+2. **Styling Approach:** Determine CSS organization and naming conventions
+3. **Responsive Strategy:** Plan breakpoints and adaptive layouts
+4. **Accessibility:** Identify required ARIA attributes and keyboard navigation
+5. **Browser Compatibility:** Consider cross-browser testing requirements
+
+# Step 4: Write Markup and Styles
+
+## HTML Best Practices
+- **Semantic Structure:** Use appropriate elements (`<nav>`, `<main>`, `<article>`, etc.)
+- **Accessibility:** Include `alt` attributes, proper headings, and ARIA labels
+- **SEO Optimization:** Use proper meta tags and semantic markup
+- **Performance:** Minimize DOM depth and avoid unnecessary elements
+
+## CSS Best Practices
+- **Methodology:** Follow established naming conventions (BEM, etc.)
+- **Organization:** Use logical grouping and consistent ordering
+- **Responsive Design:** Implement mobile-first media queries
+- **Performance:** Minimize specificity and avoid expensive selectors
+- **Maintainability:** Use variables and modular organization
+
+# Step 5: Testing and Verification
+
+1. **HTML Validation:** Validate markup using W3C validator
+2. **Accessibility Testing:** Test with screen readers and accessibility tools
+3. **Cross-Browser Testing:** Verify rendering across target browsers
+4. **Responsive Testing:** Test on different screen sizes and devices
+5. **Performance Testing:** Check load times and rendering performance
+
+# Step 6: Quality Assurance
+
+## Linting and Formatting
+- **HTML Linting:** Use tools like HTMLHint or validator
+- **CSS Linting:** Run `stylelint` with project configuration
+- **Formatting:** Use Prettier or project-specific formatters
+- **Code Quality:** Ensure consistent indentation and organization
+
+## Browser Compatibility
+- **Progressive Enhancement:** Ensure core functionality works everywhere
+- **Feature Detection:** Use modern features with fallbacks
+- **Vendor Prefixing:** Use Autoprefixer for cross-browser compatibility
+
+# Step 7: Optimization
+
+## Performance Optimization
+- **CSS Minification:** Use tools like cssnano for production
+- **Image Optimization:** Compress and use appropriate formats
+- **Critical CSS:** Inline above-the-fold styles for faster rendering
+- **Lazy Loading:** Defer non-critical resources
+
+## Accessibility Optimization
+- **Keyboard Navigation:** Ensure all interactive elements are keyboard accessible
+- **Screen Reader Compatibility:** Test with NVDA, VoiceOver, or JAWS
+- **Color Contrast:** Verify sufficient contrast ratios
+- **Focus Management:** Implement proper focus indicators and order
+
+# Step 8: Finalize and Deliver
+
+1. **Final Validation:** Run comprehensive validation and testing
+2. **Documentation:** Update style guides or component documentation
+3. **Performance Review:** Verify optimization targets are met
+4. **Accessibility Audit:** Complete final accessibility checks
+
+# Common Commands Reference
+
+## Development Tools
+- `stylelint "**/*.css"`: Lint CSS files
+- `prettier --check "**/*.html"`: Check HTML formatting
+- `prettier --write "**/*.{html,css}"`: Format HTML and CSS files
+- `npx htmlhint "**/*.html"`: Lint HTML files
+
+## Build and Optimization
+- `npm run build`: Build project (if using build tools)
+- `npm run dev`: Start development server
+- `npm run lint`: Run all linting
+- `npm run format`: Format all code
+
+## Testing
+- `npm test`: Run tests (if test framework configured)
+- Browser developer tools for manual testing
+- Lighthouse for performance and accessibility audits
+
+# Risk Assessment Guidelines
+
+## Low Risk (Proceed Directly)
+- Adding new CSS classes following established patterns
+- Creating new HTML components with semantic markup
+- Running linters and validators
+
+## Moderate Risk (Explain and Confirm)
+- Modifying core layout or grid systems
+- Changing established CSS architecture
+- Adding new dependencies or frameworks
+
+## High Risk (Refuse and Explain)
+- Breaking existing responsive layouts
+- Removing accessibility features
+- Changes that affect multiple pages or components

zrb/task/llm/default_workflow/java/workflow.md

@@ -0,0 +1,146 @@
+---
+description: "A workflow for developing with Java, including project analysis and best practices."
+---
+Follow this workflow to deliver robust, maintainable Java code that follows project conventions.
+
+# Core Mandates
+
+- **Object-Oriented Excellence:** Follow SOLID principles and design patterns
+- **Type Safety:** Leverage Java's strong typing system
+- **Tool Integration:** Use Maven/Gradle and IDE tools effectively
+- **Enterprise Standards:** Follow established Java enterprise patterns
+
+# Tool Usage Guideline
+- Use `read_from_file` to analyze build configurations and source code
+- Use `search_files` to find Java patterns and conventions
+- Use `run_shell_command` for build and test operations
+- Use `list_files` to understand project structure
+
+# Step 1: Project Analysis
+
+1. **Build System:** Examine `pom.xml` (Maven) or `build.gradle` (Gradle)
+2. **Java Version:** Check `.java-version` or build configuration
+3. **Style Configuration:** Look for `.checkstyle.xml`, `.pmd.xml`, `.editorconfig`
+4. **Testing Framework:** Analyze `src/test/java` and test dependencies
+5. **Project Structure:** Understand package organization and module boundaries
+6. **Dependencies:** Review dependency management and versioning
+
+# Step 2: Understand Conventions
+
+1. **Code Style:** Adhere to project's configured linter (Checkstyle, PMD)
+2. **Package Organization:** Follow established package naming and structure
+3. **Class Design:** Use appropriate design patterns and principles
+4. **Exception Handling:** Follow project's exception handling strategy
+5. **Testing Patterns:** Use established test frameworks and patterns
+
+# Step 3: Implementation Planning
+
+1. **Class Structure:** Plan new classes and interfaces based on project patterns
+2. **Package Placement:** Determine appropriate package for new code
+3. **Dependencies:** Identify required dependencies and verify compatibility
+4. **API Design:** Consider public interfaces and backward compatibility
+5. **Testing Strategy:** Plan comprehensive unit and integration tests
+
+# Step 4: Write Code
+
+## Code Quality Standards
+- **Formatting:** Follow project's code style configuration
+- **Documentation:** Add Javadoc for public APIs and complex logic
+- **Naming:** Use clear, descriptive names following Java conventions
+- **Immutability:** Prefer immutable objects where appropriate
+- **Composition:** Favor composition over inheritance
+
+## Implementation Patterns
+- **Exception Handling:** Use checked exceptions for recoverable errors, unchecked for programming errors
+- **Collections:** Use appropriate collection types and avoid raw types
+- **Streams:** Leverage Java Streams for functional-style operations
+- **Optional:** Use `Optional` for nullable return values
+- **Records:** Use records for data carrier classes (Java 14+)
+
+# Step 5: Testing and Verification
+
+1. **Write Unit Tests:** Create comprehensive tests for all new functionality
+2. **Run Tests:** Execute `mvn test` or `gradle test` to verify functionality
+3. **Static Analysis:** Run Checkstyle, PMD, or other configured linters
+4. **Build Verification:** Ensure code compiles without warnings
+5. **Integration Tests:** Add integration tests for cross-component functionality
+
+# Step 6: Quality Assurance
+
+## Testing Standards
+- **Test Structure:** Follow project's test organization patterns
+- **Mocking:** Use appropriate mocking frameworks (Mockito, etc.)
+- **Assertions:** Use fluent assertion libraries (AssertJ, Hamcrest)
+- **Coverage:** Aim for high test coverage of business logic
+
+## Code Review Checklist
+- [ ] Code follows project formatting standards
+- [ ] All tests pass with good coverage
+- [ ] No static analysis warnings
+- [ ] Exception handling is appropriate
+- [ ] Javadoc is complete for public APIs
+- [ ] Performance considerations addressed
+- [ ] Thread safety considered where needed
+
+# Step 7: Build and Deployment
+
+## Maven Commands
+- `mvn clean`: Clean build artifacts
+- `mvn compile`: Compile source code
+- `mvn test`: Run unit tests
+- `mvn package`: Create deployable package
+- `mvn install`: Install to local repository
+- `mvn verify`: Run integration tests
+
+## Gradle Commands
+- `./gradlew clean`: Clean build artifacts
+- `./gradlew build`: Build and test
+- `./gradlew test`: Run unit tests
+- `./gradlew check`: Run all checks
+
+# Step 8: Finalize and Deliver
+
+1. **Verify Dependencies:** Ensure dependency versions are consistent
+2. **Run Full Test Suite:** Verify all existing tests still pass
+3. **Static Analysis:** Address any remaining linting issues
+4. **Documentation:** Update relevant documentation and Javadoc
+5. **Performance Testing:** Verify performance characteristics
+
+# Advanced Java Features
+
+## Modern Java (8+)
+- **Lambdas:** Use for concise functional programming
+- **Streams:** Process collections efficiently
+- **Optional:** Handle null values safely
+- **Modules:** Use Java Platform Module System (JPMS) if configured
+
+## Concurrency
+- **CompletableFuture:** For asynchronous programming
+- **Executors:** Manage thread pools effectively
+- **Concurrent Collections:** Use thread-safe collections
+- **Synchronization:** Prefer higher-level concurrency utilities
+
+## Enterprise Patterns
+- **Dependency Injection:** Use Spring, CDI, or other DI frameworks
+- **AOP:** Implement cross-cutting concerns appropriately
+- **Persistence:** Follow established ORM patterns (JPA, Hibernate)
+- **REST APIs:** Use JAX-RS or Spring MVC consistently
+
+# Risk Assessment Guidelines
+
+## Low Risk (Proceed Directly)
+- Adding tests to existing test suites
+- Implementing utility methods in existing classes
+- Following established patterns in new classes
+
+## Moderate Risk (Explain and Confirm)
+- Modifying core business logic
+- Changing public API interfaces
+- Adding new dependencies
+- Modifying build configuration
+
+## High Risk (Refuse and Explain)
+- Breaking backward compatibility
+- Modifying critical security components
+- Changes affecting multiple modules
+- Operations that could break the build system

zrb/task/llm/default_workflow/javascript/workflow.md

@@ -0,0 +1,158 @@
+---
+description: "A workflow for developing with JavaScript and TypeScript, including project analysis and best practices."
+---
+Follow this workflow to deliver robust, maintainable JavaScript/TypeScript code that follows project conventions.
+
+# Core Mandates
+
+- **Type Safety First:** Use TypeScript when available, proper typing in JavaScript
+- **Modern Standards:** Follow ES6+ features and best practices
+- **Framework Consistency:** Adhere to project's framework conventions
+- **Tool Integration:** Leverage comprehensive JavaScript tooling ecosystem
+
+# Tool Usage Guideline
+- Use `read_from_file` to analyze package.json and configuration files
+- Use `search_files` to find JavaScript/TypeScript patterns
+- Use `run_shell_command` for npm/yarn/pnpm operations
+- Use `list_files` to understand project structure
+
+# Step 1: Project Analysis
+
+1. **Package Management:** Examine `package.json` and lock files (`package-lock.json`, `yarn.lock`, `pnpm-lock.yaml`)
+2. **TypeScript Configuration:** Check for `tsconfig.json` and TypeScript usage
+3. **Linting Configuration:** Look for `.eslintrc.js`, `.prettierrc`, ESLint config in `package.json`
+4. **Build Configuration:** Analyze `webpack.config.js`, `vite.config.ts`, `rollup.config.js`
+5. **Testing Framework:** Check for `jest.config.js`, `vitest.config.ts`, test directories
+6. **Framework Usage:** Identify React, Vue, Angular, or other framework usage
+
+# Step 2: Understand Conventions
+
+1. **Module System:** Determine ES Modules (`import/export`) vs CommonJS (`require/module.exports`)
+2. **TypeScript Strictness:** Adhere to project's TypeScript configuration
+3. **Framework Patterns:** Follow established component, state management, and routing patterns
+4. **Styling Approach:** Understand CSS-in-JS, CSS modules, or traditional CSS usage
+5. **Testing Strategy:** Follow established test patterns and mocking approaches
+
+# Step 3: Implementation Planning
+
+1. **File Structure:** Plan where new code should be placed based on project conventions
+2. **Type Definitions:** Plan TypeScript interfaces and types for new functionality
+3. **Component Design:** Design React/Vue/Angular components following established patterns
+4. **State Management:** Determine appropriate state management approach
+5. **Testing Strategy:** Plan comprehensive unit, integration, and end-to-end tests
+
+# Step 4: Write Code
+
+## Code Quality Standards
+- **Formatting:** Use Prettier with project configuration
+- **Linting:** Follow ESLint rules and address all warnings
+- **Type Safety:** Use TypeScript strictly when available
+- **Naming:** Use clear, descriptive names following project conventions
+- **Documentation:** Add JSDoc/TSDoc for complex functions and public APIs
+
+## Framework-Specific Patterns
+
+### React
+- **Functional Components:** Use hooks-based functional components
+- **State Management:** Follow established patterns (useState, useReducer, Redux, etc.)
+- **Performance:** Use React.memo, useMemo, useCallback appropriately
+- **Testing:** Use React Testing Library and established testing patterns
+
+### Vue
+- **Composition API:** Prefer Composition API over Options API
+- **State Management:** Use Pinia or Vuex following project patterns
+- **Component Structure:** Follow single-file component conventions
+- **Testing:** Use Vue Test Utils and established testing patterns
+
+### Angular
+- **Component Structure:** Follow Angular module and component conventions
+- **Dependency Injection:** Use Angular's DI system appropriately
+- **RxJS:** Follow established reactive programming patterns
+- **Testing:** Use Angular Testing utilities and established patterns
+
+# Step 5: Testing and Verification
+
+1. **Write Tests:** Create comprehensive tests for all new functionality
+2. **Run Tests:** Execute `npm test` or framework-specific test commands
+3. **Type Checking:** Run `npm run typecheck` or `tsc --noEmit`
+4. **Linting:** Run `npm run lint` to catch code quality issues
+5. **Build Verification:** Run `npm run build` to ensure code compiles correctly
+
+# Step 6: Quality Assurance
+
+## Testing Standards
+- **Unit Tests:** Test individual functions and components in isolation
+- **Integration Tests:** Test component interactions and API integrations
+- **End-to-End Tests:** Test complete user workflows (if configured)
+- **Mocking:** Use appropriate mocking libraries and patterns
+- **Coverage:** Aim for high test coverage of business logic
+
+## Code Review Checklist
+- [ ] Code follows project formatting and linting standards
+- [ ] All tests pass with good coverage
+- [ ] TypeScript compiles without errors (if applicable)
+- [ ] No ESLint warnings
+- [ ] Documentation is complete for complex logic
+- [ ] Performance considerations addressed
+- [ ] Accessibility requirements met
+
+# Step 7: Package Management
+
+## Dependency Management
+- **npm:** Use `npm install <package>` for new dependencies
+- **yarn:** Use `yarn add <package>` for new dependencies
+- **pnpm:** Use `pnpm add <package>` for new dependencies
+- **Version Management:** Follow project's versioning strategy
+
+## Script Execution
+- `npm install` / `yarn install` / `pnpm install`: Install dependencies
+- `npm run dev` / `yarn dev` / `pnpm dev`: Start development server
+- `npm run build` / `yarn build` / `pnpm build`: Build for production
+- `npm run lint` / `yarn lint` / `pnpm lint`: Run linting
+
+# Step 8: Finalize and Deliver
+
+1. **Verify Dependencies:** Ensure dependency versions are consistent
+2. **Run Full Test Suite:** Verify all existing tests still pass
+3. **Type Checking:** Ensure TypeScript compilation succeeds
+4. **Build Verification:** Confirm production build works correctly
+5. **Documentation:** Update relevant documentation and comments
+
+# Common Commands Reference
+
+## Development
+- `npm run dev`: Start development server
+- `npm run build`: Build for production
+- `npm run typecheck`: Type check TypeScript code
+- `npm run lint`: Run ESLint
+- `npm run format`: Format code with Prettier
+
+## Testing
+- `npm test`: Run tests
+- `npm run test:watch`: Run tests in watch mode
+- `npm run test:coverage`: Run tests with coverage
+- `npm run test:e2e`: Run end-to-end tests (if configured)
+
+## Debugging
+- Browser developer tools for frontend debugging
+- `node --inspect` for Node.js debugging
+- Framework-specific debugging tools
+
+# Risk Assessment Guidelines
+
+## Low Risk (Proceed Directly)
+- Adding tests to existing test suites
+- Implementing utility functions following established patterns
+- Creating new components in established patterns
+
+## Moderate Risk (Explain and Confirm)
+- Modifying core application state
+- Changing public API interfaces
+- Adding new dependencies
+- Modifying build configuration
+
+## High Risk (Refuse and Explain)
+- Breaking TypeScript strict mode compliance
+- Modifying critical security components
+- Changes affecting multiple applications
+- Operations that could break the build system

zrb/task/llm/default_workflow/python/workflow.md

@@ -0,0 +1,160 @@
+---
+description: "A workflow for developing with Python, including project analysis and best practices."
+---
+Follow this workflow to deliver clean, maintainable Python code that follows PEP standards and project conventions.
+
+# Core Mandates
+
+- **PEP 8 Compliance:** Follow Python style guide unless project specifies otherwise
+- **Type Safety:** Use type hints when project supports them
+- **Virtual Environments:** Always work within appropriate Python environments
+- **Testing Excellence:** Write comprehensive tests for all functionality
+
+# Tool Usage Guideline
+- Use `read_from_file` to analyze pyproject.toml, requirements.txt, and source code
+- Use `search_files` to find Python patterns and conventions
+- Use `run_shell_command` for Python toolchain operations
+- Use `list_files` to understand project structure
+
+# Step 1: Project Analysis
+
+1. **Dependency Management:** Examine `pyproject.toml`, `requirements.txt`, `setup.py`
+2. **Virtual Environment:** Check for `.venv`, `venv`, or other environment indicators
+3. **Python Version:** Look for `.python-version` or configuration in `pyproject.toml`
+4. **Linting Configuration:** Check for `ruff.toml`, `.flake8`, `.pylintrc`
+5. **Type Checking:** Look for `mypy.ini`, `pyrightconfig.json`
+6. **Testing Framework:** Analyze `tests/` directory, `pytest.ini`, `tox.ini`
+
+# Step 2: Environment Setup
+
+1. **Activate Virtual Environment:**
+   ```bash
+   source .venv/bin/activate  # Linux/Mac
+   .venv\Scripts\activate     # Windows
+   ```
+2. **Create Environment if Missing:**
+   ```bash
+   python -m venv .venv
+   source .venv/bin/activate
+   pip install -e .  # Install project in development mode
+   ```
+3. **Install Dependencies:** Use appropriate package manager (pip, poetry, pdm)
+
+# Step 3: Understand Conventions
+
+1. **Code Style:** Adhere to project's configured linter (ruff, flake8, pylint)
+2. **Type Hints:** Use type hints if project supports them, following existing patterns
+3. **Import Organization:** Follow project's import sorting (isort, ruff)
+4. **Docstring Format:** Match existing format (Google, NumPy, reStructuredText)
+5. **Testing Patterns:** Follow established pytest or unittest patterns
+
+# Step 4: Implementation Planning
+
+1. **Module Structure:** Plan where new code should be placed
+2. **Class Design:** Design classes following Pythonic principles
+3. **Function Design:** Create focused, single-responsibility functions
+4. **Type Annotations:** Plan appropriate type hints for new code
+5. **Testing Strategy:** Plan comprehensive unit and integration tests
+
+# Step 5: Write Code
+
+## Code Quality Standards
+- **Formatting:** Use black, autopep8, or ruff format with project configuration
+- **Linting:** Address all linter warnings (ruff, flake8, pylint)
+- **Type Hints:** Add comprehensive type annotations
+- **Documentation:** Write clear docstrings following project format
+- **Naming:** Use snake_case for variables/functions, PascalCase for classes
+
+## Pythonic Patterns
+- **List Comprehensions:** Use for simple transformations
+- **Context Managers:** Use `with` statements for resource management
+- **Generators:** Use for large datasets or streaming data
+- **Decorators:** Use for cross-cutting concerns
+- **Data Classes:** Use for simple data containers (Python 3.7+)
+
+# Step 6: Testing and Verification
+
+1. **Write Tests:** Create comprehensive tests using project's test framework
+2. **Run Tests:** Execute `pytest` or `python -m unittest`
+3. **Type Checking:** Run `mypy` or `pyright` if configured
+4. **Linting:** Run `ruff check` or project's linter
+5. **Formatting:** Run `black` or project's formatter
+
+# Step 7: Quality Assurance
+
+## Testing Standards
+- **Test Organization:** Follow project's test structure and naming
+- **Fixtures:** Use pytest fixtures for test setup
+- **Mocking:** Use unittest.mock or pytest-mock appropriately
+- **Coverage:** Aim for high test coverage of business logic
+- **Parametrized Tests:** Use for testing multiple input scenarios
+
+## Code Review Checklist
+- [ ] Code follows PEP 8 and project formatting standards
+- [ ] All tests pass with good coverage
+- [ ] Type checking passes (if configured)
+- [ ] No linter warnings
+- [ ] Docstrings are complete and follow project format
+- [ ] Error handling is appropriate
+- [ ] Performance considerations addressed
+
+# Step 8: Package Management
+
+## Dependency Management
+- **pip:** Add to `requirements.txt` and run `pip install -r requirements.txt`
+- **poetry:** Use `poetry add <package>` and `poetry install`
+- **pdm:** Use `pdm add <package>` and `pdm install`
+
+## Common Commands
+- `python -m pytest`: Run tests with pytest
+- `python -m mypy .`: Run type checking with mypy
+- `python -m black .`: Format code with black
+- `python -m ruff check .`: Lint code with ruff
+- `python -m isort .`: Sort imports with isort
+
+# Step 9: Finalize and Deliver
+
+1. **Verify Environment:** Ensure virtual environment is active and dependencies installed
+2. **Run Full Test Suite:** Verify all existing tests still pass
+3. **Static Analysis:** Address any remaining linting or type issues
+4. **Documentation:** Update relevant documentation, docstrings, and README
+5. **Packaging:** Verify package can be built and installed if applicable
+
+# Advanced Python Features
+
+## Modern Python (3.8+)
+- **Walrus Operator:** Use `:=` for assignment in expressions
+- **Structural Pattern Matching:** Use `match`/`case` for complex conditionals
+- **Positional-only Parameters:** Use `/` in function definitions
+- **Dataclasses:** Use for simple data containers
+
+## Performance Optimization
+- **Profiling:** Use cProfile for performance analysis
+- **Caching:** Use functools.lru_cache for expensive function calls
+- **Async/Await:** Use for I/O-bound operations
+- **C Extensions:** Consider for performance-critical code
+
+## Security Considerations
+- **Input Validation:** Validate and sanitize all user inputs
+- **Dependency Security:** Use tools like safety or bandit
+- **Secret Management:** Never hardcode secrets in code
+- **SQL Injection:** Use parameterized queries
+
+# Risk Assessment Guidelines
+
+## Low Risk (Proceed Directly)
+- Adding tests to existing test suites
+- Implementing utility functions following established patterns
+- Creating new modules in established patterns
+
+## Moderate Risk (Explain and Confirm)
+- Modifying core business logic
+- Changing public API interfaces
+- Adding new dependencies
+- Modifying virtual environment or dependency configuration
+
+## High Risk (Refuse and Explain)
+- Breaking backward compatibility
+- Modifying critical security components
+- Changes affecting multiple packages
+- Operations that could break the virtual environment