Commit Graph

70 Commits

  • Add React language track with agents, skills, rules, and commands (#2024)
    * feat(rules): add rules/react/ track
    
    Five rule files mirroring per-language convention (coding-style,
    hooks, patterns, security, testing). Each has `paths:` glob
    frontmatter for auto-activation when editing matching files.
    
    - coding-style.md: file extensions, naming, JSX, RSC boundary
    - hooks.md: React hooks (NOT Claude Code hooks) — rules-of-hooks,
      dep arrays, cleanup, memoization, React 19 additions
    - patterns.md: container/presentational split, state location
      decision tree, Suspense + error boundaries, forms, data fetching
    - security.md: dangerouslySetInnerHTML, unsafe URL schemes,
      server-action validation, env-var leaks, CSP
    - testing.md: RTL queries, userEvent, async, MSW, axe, anti-patterns
    
    Each file extends typescript/* and common/* rules.
    
    * feat(skills): add react-patterns, react-testing, react-performance
    
    Three new skills under skills/ following the SKILL.md convention.
    
    - react-patterns: React 18/19 idioms — hooks discipline, state
      location decision tree, server/client component boundary,
      Suspense + error boundaries, form actions (React 19), data
      fetching matrix, composition recipes, accessibility-first.
    - react-testing: React Testing Library + Vitest/Jest, query
      priority order, userEvent, MSW network mocking, axe a11y
      assertions, RTL vs Playwright CT boundary, TDD workflow.
    - react-performance: 70-rule performance ruleset adapted from
      Vercel Labs react-best-practices (MIT) across 8 priority
      categories — waterfalls, bundle size, server-side, client
      fetch, re-render, rendering, JS micro, advanced patterns.
      Includes Lighthouse / Web Vitals mapping and attribution to
      upstream.
    
    Cross-links between the three skills and out to frontend-patterns,
    accessibility, e2e-testing, tdd-workflow.
    
    * feat(agents): add react-reviewer and react-build-resolver
    
    Two new agents covering React-specific code review and build error
    resolution, plus matching .kiro/ mirrors and a routing pointer
    edit on typescript-reviewer.
    
    - react-reviewer: slim React-only lanes (hooks rules,
      dangerouslySetInnerHTML, unsafe URL schemes, key prop, state
      mutation, derived-state-in-effect, server/client component
      boundary, accessibility, render performance, Server Action
      validation, env-var leaks). Explicitly delegates generic
      TypeScript/async/Node concerns to typescript-reviewer. Both
      agents should be invoked together on .tsx/.jsx PRs.
    - react-build-resolver: React build/bundler/runtime hydration
      failures across Vite, webpack, Next.js, CRA, Parcel, esbuild,
      Bun, Rsbuild. Handles JSX/TSX compile errors, tsconfig fixes,
      Next.js App Router server/client boundary errors, hydration
      mismatches, duplicated React copies, Tailwind/PostCSS pipeline.
    - .kiro/agents/react-reviewer.json + react-build-resolver.json:
      Kiro IDE format mirrors following the per-language precedent.
    - typescript-reviewer: routing pointer added to its MEDIUM React
      block — defers to /react-review for React-specific concerns
      while keeping its block as fallback for repos that only invoke
      typescript-reviewer.
    
    All agents carry the standard Prompt Defense Baseline stanza.
    
    * feat(commands): add /react-review /react-build /react-test
    
    Three new slash commands invoking the React agents.
    
    - /react-review: invokes react-reviewer. Documents the routing
      rule with typescript-reviewer — both should run together on
      TSX/JSX PRs. Lists CRITICAL/HIGH/MEDIUM rule categories and
      the automated checks (eslint with react-hooks + jsx-a11y,
      tsc --noEmit, npm audit).
    - /react-build: invokes react-build-resolver. Documents bundler
      detection, common failure patterns, fix strategy, and stop
      conditions.
    - /react-test: enforces TDD with React Testing Library + Vitest
      or Jest, behavior-focused queries, userEvent + MSW patterns,
      axe accessibility assertions, coverage targets.
    
    Each command file has the required description: frontmatter and
    follows the per-language command convention (cpp-test, go-test,
    kotlin-test, etc.).
    
    * chore: wire react track into manifests and stack mappings
    
    - agent.yaml: add react-patterns, react-performance, react-testing
      to the skills array; add react-build, react-review, react-test to
      the commands array (alphabetically inserted to satisfy the
      ci/agent-yaml-surface sync test).
    - config/project-stack-mappings.json: extend the `react` stack
      entry — add "react" to rules array (was ["common","typescript",
      "web"]); add react-patterns, react-performance, react-testing,
      accessibility to the skills array.
    - docs/COMMAND-REGISTRY.json: bump totalCommands 75 -> 78; add
      three new entries (react-build, react-review, react-test) with
      primaryAgents / allAgents / skills wiring. react-review's
      allAgents includes typescript-reviewer to reflect the dual-agent
      routing convention.
    - CLAUDE.md: add Skills-table row mapping *.tsx / *.jsx /
      components/** to react-patterns + react-testing skills and
      the /react-review, /react-build, /react-test commands.
    
    * chore(catalog): sync counts to 62 agents / 78 commands / 235 skills
    
    Auto-generated via `node scripts/ci/catalog.js --write --text`
    after the react track additions:
    
    - 2 new agents: react-reviewer, react-build-resolver (60 -> 62)
    - 3 new commands: react-build, react-review, react-test (75 -> 78)
    - 3 new skills: react-patterns, react-performance, react-testing
      (232 -> 235)
    
    Files updated by the catalog sync:
    - .claude-plugin/plugin.json description string
    - .claude-plugin/marketplace.json plugin description
    - README.md quick-start summary, project tree, feature parity tables
    - README.zh-CN.md quick-start summary
    - AGENTS.md project structure summary
    - docs/zh-CN/README.md parity table
    - docs/zh-CN/AGENTS.md project structure summary
    
    All counts now match the filesystem catalog (verified by
    ci/catalog.test.js).
    
    * feat(kiro): add react agent markdown companions to JSON entries
    
    * feat(kiro): add react skills into manifests
    
    * fix(ci): sync catalog counts, registry, and package files for react track
    
    - .claude-plugin/{plugin,marketplace}.json: bump description counts to 62/235/78
    - docs/COMMAND-REGISTRY.json: regenerate to include quality-gate and react commands
    - package.json: add skills/react-{patterns,performance,testing}/ to files allowlist so npm-publish-surface aligns with install-modules manifest
    
    * fix(react): address PR #2024 review feedback
    
    Critical:
    - Remove undefined/.claude/session-aliases.json containing __proto__ prototype-pollution
      fixture committed by accident in a7333c14
    
    High:
    - agents/react-build-resolver.md: replace brittle `test -o $(grep -l ...)` and
      `test -a -n $(grep ...)` detection with explicit `{ ... || grep -q ...; }` so
      bundler detection no longer breaks when grep returns empty
    - agents/react-build-resolver.md: drop hardcoded `npm i react@^19 react-dom@^19`
      remediation; replace with version-agnostic pair-upgrade note that honors the
      project's installed major (17/18/19) — surgical fix principle
    - commands/react-review.md: guard `tsc --noEmit -p tsconfig.json` with
      `[ -f tsconfig.json ] &&` so the review skips cleanly on JS-only projects
    
    Medium:
    - rules/react/security.md: correct the React-18-blocks-javascript-URL claim
      (React only warns in dev; production navigation is not blocked)
    - rules/react/security.md: correct CRA env-var exposure row (CRA exposes
      REACT_APP_*, NODE_ENV, PUBLIC_URL — not 'all' variables)
    - skills/react-testing/SKILL.md: instantiate QueryClient once outside the
      wrapper closure so React Query cache survives re-renders (flaky-test fix)
    - skills/react-testing/SKILL.md: restore console.error spy with mockRestore()
      in a try/finally so the mock does not leak across tests
    - commands/react-test.md: switch outer example-session fence to 4 backticks
      so the inner ```tsx/```bash blocks don't prematurely terminate it
    
    * fix(kiro): mirror react-build-resolver react 19 conditional remediation
    
    Discussion r3272907106 flagged the kiro json variant still carrying the hardcoded
    'npm i react@^19 react-dom@^19' line that the .md companion already dropped.
    Replace with the same conditional, version-agnostic guidance so both variants
    stay in sync.
    
    * fix(react): bump react-build example session fence to 4 backticks
    
    Discussion r3272907144 flagged the same nested-fence issue in
    commands/react-build.md that we fixed earlier in commands/react-test.md.
    The outer triple-backtick text block was being prematurely terminated by
    the inner bash/tsx fences inside the Example Session.
    
    * fix(react): bump react-review example usage fence to 4 backticks
    
    Discussion r3272907201 flagged the same nested-fence issue in
    commands/react-review.md. The outer triple-backtick text block was
    being prematurely terminated by the inner tsx/ts fences inside the
    Example Usage transcript.
    
    * fix(docs): clarify commands row as legacy shims in feature parity table
    
    Discussion r3272912003: README comparison table said 'PASS: 78 commands'
    while the install-section and quick-start prose use 'legacy command shims'.
    Aligned the comparison-table cell to 'PASS: 78 commands (legacy shims)' so
    the count word survives the catalog-validator regex while making the legacy
    nature explicit.
    
    Widened the catalog comparison-table commands regex to tolerate an optional
    parenthetical after the count word, so both the existing 'X commands' and
    the new 'X commands (legacy shims)' phrasings validate without breaking
    older READMEs/translations.
    
    * Update rules/react/security.md
    
    Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
    
    * fix(react): guard tsc in react-build-resolver diagnostic commands
    
    Discussion r3288910205: the agent prompt instructed an unconditional
    'tsc --noEmit -p tsconfig.json', which adds noise (or hard-fails) on
    JavaScript-only projects with no tsconfig.json or no installed TypeScript.
    
    Replaced with 'test -f tsconfig.json && npx --yes tsc --noEmit -p tsconfig.json'
    in both variants:
    - agents/react-build-resolver.md
    - .kiro/agents/react-build-resolver.json (prompt string mirrored)
    
    Mirrors the same guard already applied to commands/react-review.md in de135f61.
    
    * fix(react): pin tsc resolution to local install in build resolver
    
    Discussion r3289054157: previous fix used 'npx --yes tsc' which auto-installs
    the latest TypeScript from npm when none is local, producing version drift
    and non-reproducible typecheck results across machines.
    
    Switched to 'npx --no-install tsc' in both variants so the diagnostic uses
    only the project's pinned TypeScript and fails fast if it isn't installed:
    - agents/react-build-resolver.md
    - .kiro/agents/react-build-resolver.json (prompt string mirrored)
    
    * feat(counts): resolve counts for agents, skills...
    
    * fix(ci): regen command registry for golang-testing entry
    
    Removes stale kotlin-patterns entry to satisfy command-registry:check.
    
    * fix: keep local Claude settings out of React track PR
    
    ---------
    
    Co-authored-by: AlexisLeDain <a.ledain@docoon.com>
    Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
    Co-authored-by: Affaan Mustafa <affaan@dcube.ai>
  • feat: add marketing campaign agent skill and command (#2031)
    Adds marketing-agent, marketing-campaign skill, and marketing-campaign command. Pre-validated in a synthetic current-main merge.
  • docs: tighten agent capability posture
    Remove shell access from two agents that do not need it and reword PyTorch autograd guidance that AgentShield flagged as encoded-payload-like text. AgentShield remains B/75 while findings drop 316->310 and high findings drop 26->21. Local tests passed 2369/2369; full GitHub Actions matrix green.
  • docs: add prompt defense baselines
    Add compact prompt-defense baselines to active ECC prompt surfaces and copied CLAUDE examples. AgentShield prompt-defense findings are now zero; local tests passed 2366/2366.
  • feat: salvage Django Celery workflow (#1812)
    Source: maintainer-owned salvage of useful Django reviewer/build-resolver/Celery work from stale PR #1310 by mrigank2seven.
    
    - add django-reviewer and django-build-resolver agents
    
    - add django-celery skill with timezone-aware scheduling example
    
    - update catalog counts to 60 agents / 221 skills and record the May 12 salvage gap pass
    
    Co-authored-by: MRIGANK GUPTA <mrigank2seven@users.noreply.github.com>
  • feat: add Quarkus handling
    Adds Quarkus handling across the Java skill/reviewer surface, with maintainer follow-up fixes for duplicate catalog entries, required skill sections, localized snippet structure, and current main alignment.\n\nValidation run locally on the final PR head:\n- NODE_PATH=/Users/affoon/GitHub/ECC/everything-claude-code/node_modules node scripts/ci/validate-install-manifests.js\n- NODE_PATH=/Users/affoon/GitHub/ECC/everything-claude-code/node_modules node scripts/ci/validate-skills.js\n- NODE_PATH=/Users/affoon/GitHub/ECC/everything-claude-code/node_modules node scripts/ci/catalog.js --text\n- npx --yes markdownlint-cli docs/ECC-2.0-GA-ROADMAP.md\n- git diff --check\n- NODE_PATH=/Users/affoon/GitHub/ECC/everything-claude-code/node_modules node tests/run-all.js (2324 passed, 0 failed)
  • docs: salvage focused stale PR contributions
    - add Vite and Redis pattern skills from closed stale PRs
    
    - add frontend-slides support assets
    
    - port skill-comply runner fixes and LLM prompt/provider regressions
    
    - harden agent frontmatter validation and sync catalog counts
  • Merge pull request #1445 from affaan-m/fix/plugin-installed-hook-root-resolution
    fix: resolve plugin-installed hook root on marketplace installs
  • Apply suggestion from @greptile-apps[bot]
    Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
  • fix: correct accessibility terminology and code fence in a11y skill and agent
    - Fix inverted focus trap terms: Keyboard Traps -> Uncontained Modal Focus with WCAG SC 2.1.2 reference
    - Fix Step 1 blocker example: missing keyboard traps -> missing focus containment in modals
    - Attach [language] placeholder to opening triple-backtick fence in agent implementation template
  • feat(agents,skills): add opensource-pipeline — 3-agent workflow for safe public releases (#1036)
    * feat(agents,skills): add opensource-pipeline — 3-agent open-source release workflow
    
    Adds a complete pipeline for safely preparing private projects for public
    release: secret stripping (20+ patterns), independent sanitization audit,
    and professional doc generation (CLAUDE.md, setup.sh, README, LICENSE).
    
    Agents added:
    - agents/opensource-forker.md    — copies project, strips secrets, generates .env.example
    - agents/opensource-sanitizer.md — independent PASS/FAIL audit, read-only, 20+ patterns
    - agents/opensource-packager.md  — generates CLAUDE.md, setup.sh, README, LICENSE, CONTRIBUTING
    
    Skill added:
    - skills/opensource-pipeline/SKILL.md — orchestrator: routes /opensource commands, chains agents
    
    Source: https://github.com/herakles-dev/opensource-pipeline (MIT)
    
    * fix: address P1/P2 review findings from Cubic, CodeRabbit, and Greptile
    
    - Collect GitHub org/username in Step 1, use quoted vars in publish command
    - Add 3-attempt retry cap on sanitizer FAIL loop
    - Use dynamic sanitization verdict in final review output
    - Broaden rsync exclusions: .env*, .claude/, .secrets/, secrets/
    - Fix JWT regex to match full 3-segment tokens (header.payload.signature)
    - Broaden GitHub token regex to cover gho_, ghu_ prefixes
    - Fix AWS regex to be case-insensitive, match env var formats
    - Tighten generic env regex: increase min length to 16, add non-secret lookaheads
    - Separate heuristic WARNING patterns from CRITICAL patterns in sanitizer
    - Broaden internal path detection: macOS /Users/, Windows C:\Users\
    - Clarify sanitizer is source-read-only (report writing is allowed)
    
    * fix: flag *.map files as dangerous instead of skipping them
    
    Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
    
    ---------
    
    Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
  • feat: add GAN-style generator-evaluator harness (#1029)
    Implements Anthropic's March 2026 harness design pattern — a multi-agent
    architecture that separates generation from evaluation, creating an
    adversarial feedback loop that produces production-quality applications.
    
    Components:
    - 3 agent definitions (planner, generator, evaluator)
    - 1 skill with full documentation (skills/gan-style-harness/)
    - 2 commands (gan-build for full apps, gan-design for frontend)
    - 1 shell orchestrator (scripts/gan-harness.sh)
    - Examples and configuration reference
    
    Based on: https://www.anthropic.com/engineering/harness-design-long-running-apps
    
    Co-authored-by: Hao Chen <haochen806@gmail.com>
  • Merge pull request #926 from xingzihai/feature/pre-commit-quality-hook
    feat(hooks): add pre-commit quality check hook
  • feat: add healthcare domain skills and agent
    New skills:
    - healthcare-emr-patterns: EMR/EHR encounter workflows, smart templates, medication safety, clinical UI patterns
    - healthcare-phi-compliance: PHI/PII protection patterns, RLS templates, leak vector checklist, audit trail patterns
    - healthcare-cdss-patterns: Drug interaction checking, dose validation, clinical scoring (NEWS2/qSOFA), alert severity
    - healthcare-eval-harness: Patient safety CI/CD gate — CDSS accuracy, PHI exposure, data integrity, clinical workflows
    
    New agent:
    - healthcare-reviewer: Clinical safety reviewer for CDSS accuracy, PHI compliance, medical data integrity
    
    All patterns are generalized and framework-agnostic. Applicable to any health-tech stack.
    Origin: Health1 Super Speciality Hospitals, Ahmedabad, India.
  • feat(agents): add flutter-reviewer agent and skill (#716)
    Library-agnostic Flutter/Dart code reviewer that adapts to the project's
    chosen state management solution (BLoC, Riverpod, Provider, GetX, MobX,
    Signals) and architecture pattern (Clean Architecture, MVVM, feature-first).
    
    Co-authored-by: Maciej Starosielec <maciej@code-snap.com>
    Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
  • feat(agents): add pytorch-build-resolver agent (#549)
    Adds pytorch-build-resolver agent for PyTorch runtime/CUDA error resolution, following established agent format.
  • feat(agents): add typescript-reviewer agent (#647)
    Adds typescript-reviewer agent following the established agent format, covering type safety, async correctness, security, and React/Next.js patterns.
  • feat: add C++ language support and hook tests (#539)
    - agents: cpp-build-resolver, cpp-reviewer
    - commands: cpp-build, cpp-review, cpp-test
    - rules: cpp/ (coding-style, hooks, patterns, security, testing)
    - tests: 9 new hook test files with comprehensive coverage
    
    Cherry-picked from PR #436.
  • feat(agents): add java-reviewer agent (#528)
    * Add java-reviewer agent for Java and Spring Boot code review
    
    * Fix java-reviewer: update tools format, git diff scope, diagnostic commands, AGENTS.md registration
    
    * Fix: correct skill reference, add command injection check, update agent count to 17
    
    * Fix: report-only disclaimer, path traversal, split ScriptEngine, escalation note, agent count 19
  • feat(commands): add /docs; feat(mcp-configs): document Context7 (#530)
    * feat(commands): add /docs; feat(agents): add docs-lookup; feat(mcp-configs): document Context7; docs: add MCP subsection to CONTRIBUTING
    
    Made-with: Cursor
    
    * fix: address PR review — use Context7 MCP tool names in docs-lookup agent; CONTRIBUTING Agent Fields + MCP wording; mcp-config description; /docs quoted example; treat fetched docs as untrusted
    
    Made-with: Cursor
    
    * docs-lookup: note that harness may expose Context7 tools under prefixed names
    
    Made-with: Cursor
    
    * docs-lookup: examples use prefixed tool names (mcp__context7__*) for resolution
    
    Made-with: Cursor
  • feat(agents): add Rust language support (#523)
    * feat(agents): add Rust language support — reviewer, build resolver, patterns, and testing
    
    Add Rust-specific agents and skills following the established Go/Kotlin pattern:
    - agents/rust-reviewer.md: ownership, lifetimes, unsafe audit, clippy, error handling
    - agents/rust-build-resolver.md: cargo build errors, borrow checker, dependency resolution
    - skills/rust-patterns/SKILL.md: idiomatic Rust patterns and best practices
    - skills/rust-testing/SKILL.md: TDD, unit/integration/async/property-based testing
    
    * fix(agents): correct Rust examples for accuracy and consistency
    
    - unsafe fn: add inner unsafe {} block for Rust 2024 edition compliance
    - edition: update from 2021 to 2024 as current default
    - rstest: add missing fixture import
    - mockall: add missing predicate::eq import
    - concurrency: use sync_channel (bounded) and expect() over unwrap()
      to align with rust-reviewer's HIGH-priority review checks
    
    * fix(skills): correct compilation issues in Rust code examples
    
    - collect: add .copied() for &str iterator into String
    - tokio import: remove unused sleep, keep Duration
    - async test: add missing Duration import
    
    * fix(skills): move --no-fail-fast before test-binary args
    
    --no-fail-fast is a Cargo option, not a test binary flag.
    Placing it after -- forwards it to the test harness where it is
    unrecognized.
    
    * fix(agents): distinguish missing cargo-audit from real audit failures
    
    Check if cargo-audit is installed before running it, so actual
    vulnerability findings are not suppressed by the fallback message.
    
    * fix: address automated review findings across all Rust files
    
    - build-resolver: prefer scoped cargo update over full refresh
    - testing: add Cargo.toml bench config with harness = false for criterion
    - testing: condense TDD example to stay under 500-line limit
    - patterns: use expect() over unwrap() on JoinHandle for consistency
    - patterns: add explicit lifetime to unsafe FFI return reference
    - reviewer: replace misleading "string interpolation" with concrete alternatives
    
    * fix: align with CONTRIBUTING.md conventions
    
    - skills: rename "When to Activate" to "When to Use" per template
    - reviewer: add cargo check gate before starting review
    
    * fix(agents): guard cargo-audit and cargo-deny with availability checks
    
    Match the pattern used in rust-build-resolver to avoid command-not-found
    errors when optional tools are not installed.
    
    * fix: address second round of automated review findings
    
    - testing: split TDD example into separate code blocks to avoid
      duplicate fn definition in single block
    - build-resolver/reviewer: use if/then/else instead of && ... ||
      chaining for cargo-audit/deny to avoid masking real failures
    - build-resolver: add MSRV caveat to edition upgrade guidance
    
    * feat: add Rust slash commands for build, review, and test
    
    Add commands/rust-build.md, commands/rust-review.md, and
    commands/rust-test.md to provide consistent user entrypoints
    matching the existing Go and Kotlin command patterns.
    
    * fix(commands): improve rust-build accuracy and tone
    
    - Restructure-first borrow fix example instead of clone-first
    - Realistic cargo test output format (per-test lines, not per-file)
    - Align "Parse Errors" step with actual resolver behavior
    - Prefer restructuring over cloning in common errors table
    
    * fix: address cubic-dev-ai review findings on commands
    
    - Gate review on all automated checks, not just cargo check
    - Use git diff HEAD~1 / git diff main...HEAD for PR file selection
    - Fix #[must_use] guidance: Result is already must_use by type
    - Remove error-masking fallback on cargo tree --duplicates
    
    * fix: address remaining review findings across all bots
    
    - Add rust-reviewer and rust-build-resolver to AGENTS.md registry
    - Update agent count from 16 to 18
    - Mark parse_config doctest as no_run (body is todo!())
    - Add "How It Works" section to both Rust skills
    - Replace cargo install with taiki-e/install-action in CI snippet
    - Trim tarpaulin section to stay under 500-line limit
    
    * fix(agents): align rust-reviewer invocation with command spec
    
    - Use git diff HEAD~1 / main...HEAD instead of bare git diff
    - Add cargo test as explicit step before review begins
    
    * fix(skills): address cubic review on patterns and testing
    
    - Remove Tokio-specific language from How It Works summary
    - Add cargo-llvm-cov install note in coverage section
    - Revert no_run on doctest examples (illustrative code, not compiled)
    
    * fix(skills): use expect on thread join for consistency
    
    Replace handle.join().unwrap() with .expect("worker thread panicked")
    to match the .expect("mutex poisoned") pattern used above.
    
    * fix(agents): gate review on all automated checks, not just cargo check
    
    Consolidate check/clippy/fmt/test into a single gate step that
    stops and reports if any fail, matching the command spec.
    
    * fix(skills): replace unwrap with expect in channel example
    
    Use .expect("receiver disconnected") on tx.send() for consistency
    with the .expect() convention used in all other concurrency examples.
    
    * fix: address final review round — OpenCode mirrors, counts, examples
    
    - Add .opencode/commands/rust-{build,review,test}.md mirrors
    - Add .opencode/prompts/agents/rust-{build-resolver,reviewer}.txt mirrors
    - Fix AGENTS.md count to 20 (add missing kotlin agents to table)
    - Fix review example: all checks pass (consistent with gate policy)
    - Replace should_panic doctest with is_err() (consistent with best practices)
    - Trim testing commands to stay at 500-line limit
    
    * fix: address cubic and greptile review on OpenCode files and agents
    
    - Fix crate::module import guidance (internal path, not Cargo.toml)
    - Add cargo fmt --check to verification steps
    - Fix TDD GREEN example to handle error path (validate(input)?)
    - Scope .context() guidance to anyhow/eyre application code
    - Update command count from 40 to 51
    - Add tokio channel variants to unbounded channel warning
    - Preserve JoinError context in spawned task panic message
    
    * fix: stale command count, channel guidance, cargo tree fallback
    
    - Fix stale command count in Project Structure section (40→51)
    - Clarify unbounded channel rule: context-appropriate bounded alternatives
    - Remove dead cargo tree fallback (exits 0 even with no duplicates)
    - Sync OpenCode reviewer mirror with tokio channel coverage