Commit Graph

58 Commits

  • docs: salvage focused stale PR contributions
    - add Vite and Redis pattern skills from closed stale PRs
    
    - add frontend-slides support assets
    
    - port skill-comply runner fixes and LLM prompt/provider regressions
    
    - harden agent frontmatter validation and sync catalog counts
  • Merge pull request #1445 from affaan-m/fix/plugin-installed-hook-root-resolution
    fix: resolve plugin-installed hook root on marketplace installs
  • Apply suggestion from @greptile-apps[bot]
    Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
  • fix: correct accessibility terminology and code fence in a11y skill and agent
    - Fix inverted focus trap terms: Keyboard Traps -> Uncontained Modal Focus with WCAG SC 2.1.2 reference
    - Fix Step 1 blocker example: missing keyboard traps -> missing focus containment in modals
    - Attach [language] placeholder to opening triple-backtick fence in agent implementation template
  • feat(agents,skills): add opensource-pipeline — 3-agent workflow for safe public releases (#1036)
    * feat(agents,skills): add opensource-pipeline — 3-agent open-source release workflow
    
    Adds a complete pipeline for safely preparing private projects for public
    release: secret stripping (20+ patterns), independent sanitization audit,
    and professional doc generation (CLAUDE.md, setup.sh, README, LICENSE).
    
    Agents added:
    - agents/opensource-forker.md    — copies project, strips secrets, generates .env.example
    - agents/opensource-sanitizer.md — independent PASS/FAIL audit, read-only, 20+ patterns
    - agents/opensource-packager.md  — generates CLAUDE.md, setup.sh, README, LICENSE, CONTRIBUTING
    
    Skill added:
    - skills/opensource-pipeline/SKILL.md — orchestrator: routes /opensource commands, chains agents
    
    Source: https://github.com/herakles-dev/opensource-pipeline (MIT)
    
    * fix: address P1/P2 review findings from Cubic, CodeRabbit, and Greptile
    
    - Collect GitHub org/username in Step 1, use quoted vars in publish command
    - Add 3-attempt retry cap on sanitizer FAIL loop
    - Use dynamic sanitization verdict in final review output
    - Broaden rsync exclusions: .env*, .claude/, .secrets/, secrets/
    - Fix JWT regex to match full 3-segment tokens (header.payload.signature)
    - Broaden GitHub token regex to cover gho_, ghu_ prefixes
    - Fix AWS regex to be case-insensitive, match env var formats
    - Tighten generic env regex: increase min length to 16, add non-secret lookaheads
    - Separate heuristic WARNING patterns from CRITICAL patterns in sanitizer
    - Broaden internal path detection: macOS /Users/, Windows C:\Users\
    - Clarify sanitizer is source-read-only (report writing is allowed)
    
    * fix: flag *.map files as dangerous instead of skipping them
    
    Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
    
    ---------
    
    Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
  • feat: add GAN-style generator-evaluator harness (#1029)
    Implements Anthropic's March 2026 harness design pattern — a multi-agent
    architecture that separates generation from evaluation, creating an
    adversarial feedback loop that produces production-quality applications.
    
    Components:
    - 3 agent definitions (planner, generator, evaluator)
    - 1 skill with full documentation (skills/gan-style-harness/)
    - 2 commands (gan-build for full apps, gan-design for frontend)
    - 1 shell orchestrator (scripts/gan-harness.sh)
    - Examples and configuration reference
    
    Based on: https://www.anthropic.com/engineering/harness-design-long-running-apps
    
    Co-authored-by: Hao Chen <haochen806@gmail.com>
  • Merge pull request #926 from xingzihai/feature/pre-commit-quality-hook
    feat(hooks): add pre-commit quality check hook
  • feat: add healthcare domain skills and agent
    New skills:
    - healthcare-emr-patterns: EMR/EHR encounter workflows, smart templates, medication safety, clinical UI patterns
    - healthcare-phi-compliance: PHI/PII protection patterns, RLS templates, leak vector checklist, audit trail patterns
    - healthcare-cdss-patterns: Drug interaction checking, dose validation, clinical scoring (NEWS2/qSOFA), alert severity
    - healthcare-eval-harness: Patient safety CI/CD gate — CDSS accuracy, PHI exposure, data integrity, clinical workflows
    
    New agent:
    - healthcare-reviewer: Clinical safety reviewer for CDSS accuracy, PHI compliance, medical data integrity
    
    All patterns are generalized and framework-agnostic. Applicable to any health-tech stack.
    Origin: Health1 Super Speciality Hospitals, Ahmedabad, India.
  • feat(agents): add flutter-reviewer agent and skill (#716)
    Library-agnostic Flutter/Dart code reviewer that adapts to the project's
    chosen state management solution (BLoC, Riverpod, Provider, GetX, MobX,
    Signals) and architecture pattern (Clean Architecture, MVVM, feature-first).
    
    Co-authored-by: Maciej Starosielec <maciej@code-snap.com>
    Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
  • feat(agents): add pytorch-build-resolver agent (#549)
    Adds pytorch-build-resolver agent for PyTorch runtime/CUDA error resolution, following established agent format.
  • feat(agents): add typescript-reviewer agent (#647)
    Adds typescript-reviewer agent following the established agent format, covering type safety, async correctness, security, and React/Next.js patterns.
  • feat: add C++ language support and hook tests (#539)
    - agents: cpp-build-resolver, cpp-reviewer
    - commands: cpp-build, cpp-review, cpp-test
    - rules: cpp/ (coding-style, hooks, patterns, security, testing)
    - tests: 9 new hook test files with comprehensive coverage
    
    Cherry-picked from PR #436.
  • feat(agents): add java-reviewer agent (#528)
    * Add java-reviewer agent for Java and Spring Boot code review
    
    * Fix java-reviewer: update tools format, git diff scope, diagnostic commands, AGENTS.md registration
    
    * Fix: correct skill reference, add command injection check, update agent count to 17
    
    * Fix: report-only disclaimer, path traversal, split ScriptEngine, escalation note, agent count 19
  • feat(commands): add /docs; feat(mcp-configs): document Context7 (#530)
    * feat(commands): add /docs; feat(agents): add docs-lookup; feat(mcp-configs): document Context7; docs: add MCP subsection to CONTRIBUTING
    
    Made-with: Cursor
    
    * fix: address PR review — use Context7 MCP tool names in docs-lookup agent; CONTRIBUTING Agent Fields + MCP wording; mcp-config description; /docs quoted example; treat fetched docs as untrusted
    
    Made-with: Cursor
    
    * docs-lookup: note that harness may expose Context7 tools under prefixed names
    
    Made-with: Cursor
    
    * docs-lookup: examples use prefixed tool names (mcp__context7__*) for resolution
    
    Made-with: Cursor
  • feat(agents): add Rust language support (#523)
    * feat(agents): add Rust language support — reviewer, build resolver, patterns, and testing
    
    Add Rust-specific agents and skills following the established Go/Kotlin pattern:
    - agents/rust-reviewer.md: ownership, lifetimes, unsafe audit, clippy, error handling
    - agents/rust-build-resolver.md: cargo build errors, borrow checker, dependency resolution
    - skills/rust-patterns/SKILL.md: idiomatic Rust patterns and best practices
    - skills/rust-testing/SKILL.md: TDD, unit/integration/async/property-based testing
    
    * fix(agents): correct Rust examples for accuracy and consistency
    
    - unsafe fn: add inner unsafe {} block for Rust 2024 edition compliance
    - edition: update from 2021 to 2024 as current default
    - rstest: add missing fixture import
    - mockall: add missing predicate::eq import
    - concurrency: use sync_channel (bounded) and expect() over unwrap()
      to align with rust-reviewer's HIGH-priority review checks
    
    * fix(skills): correct compilation issues in Rust code examples
    
    - collect: add .copied() for &str iterator into String
    - tokio import: remove unused sleep, keep Duration
    - async test: add missing Duration import
    
    * fix(skills): move --no-fail-fast before test-binary args
    
    --no-fail-fast is a Cargo option, not a test binary flag.
    Placing it after -- forwards it to the test harness where it is
    unrecognized.
    
    * fix(agents): distinguish missing cargo-audit from real audit failures
    
    Check if cargo-audit is installed before running it, so actual
    vulnerability findings are not suppressed by the fallback message.
    
    * fix: address automated review findings across all Rust files
    
    - build-resolver: prefer scoped cargo update over full refresh
    - testing: add Cargo.toml bench config with harness = false for criterion
    - testing: condense TDD example to stay under 500-line limit
    - patterns: use expect() over unwrap() on JoinHandle for consistency
    - patterns: add explicit lifetime to unsafe FFI return reference
    - reviewer: replace misleading "string interpolation" with concrete alternatives
    
    * fix: align with CONTRIBUTING.md conventions
    
    - skills: rename "When to Activate" to "When to Use" per template
    - reviewer: add cargo check gate before starting review
    
    * fix(agents): guard cargo-audit and cargo-deny with availability checks
    
    Match the pattern used in rust-build-resolver to avoid command-not-found
    errors when optional tools are not installed.
    
    * fix: address second round of automated review findings
    
    - testing: split TDD example into separate code blocks to avoid
      duplicate fn definition in single block
    - build-resolver/reviewer: use if/then/else instead of && ... ||
      chaining for cargo-audit/deny to avoid masking real failures
    - build-resolver: add MSRV caveat to edition upgrade guidance
    
    * feat: add Rust slash commands for build, review, and test
    
    Add commands/rust-build.md, commands/rust-review.md, and
    commands/rust-test.md to provide consistent user entrypoints
    matching the existing Go and Kotlin command patterns.
    
    * fix(commands): improve rust-build accuracy and tone
    
    - Restructure-first borrow fix example instead of clone-first
    - Realistic cargo test output format (per-test lines, not per-file)
    - Align "Parse Errors" step with actual resolver behavior
    - Prefer restructuring over cloning in common errors table
    
    * fix: address cubic-dev-ai review findings on commands
    
    - Gate review on all automated checks, not just cargo check
    - Use git diff HEAD~1 / git diff main...HEAD for PR file selection
    - Fix #[must_use] guidance: Result is already must_use by type
    - Remove error-masking fallback on cargo tree --duplicates
    
    * fix: address remaining review findings across all bots
    
    - Add rust-reviewer and rust-build-resolver to AGENTS.md registry
    - Update agent count from 16 to 18
    - Mark parse_config doctest as no_run (body is todo!())
    - Add "How It Works" section to both Rust skills
    - Replace cargo install with taiki-e/install-action in CI snippet
    - Trim tarpaulin section to stay under 500-line limit
    
    * fix(agents): align rust-reviewer invocation with command spec
    
    - Use git diff HEAD~1 / main...HEAD instead of bare git diff
    - Add cargo test as explicit step before review begins
    
    * fix(skills): address cubic review on patterns and testing
    
    - Remove Tokio-specific language from How It Works summary
    - Add cargo-llvm-cov install note in coverage section
    - Revert no_run on doctest examples (illustrative code, not compiled)
    
    * fix(skills): use expect on thread join for consistency
    
    Replace handle.join().unwrap() with .expect("worker thread panicked")
    to match the .expect("mutex poisoned") pattern used above.
    
    * fix(agents): gate review on all automated checks, not just cargo check
    
    Consolidate check/clippy/fmt/test into a single gate step that
    stops and reports if any fail, matching the command spec.
    
    * fix(skills): replace unwrap with expect in channel example
    
    Use .expect("receiver disconnected") on tx.send() for consistency
    with the .expect() convention used in all other concurrency examples.
    
    * fix: address final review round — OpenCode mirrors, counts, examples
    
    - Add .opencode/commands/rust-{build,review,test}.md mirrors
    - Add .opencode/prompts/agents/rust-{build-resolver,reviewer}.txt mirrors
    - Fix AGENTS.md count to 20 (add missing kotlin agents to table)
    - Fix review example: all checks pass (consistent with gate policy)
    - Replace should_panic doctest with is_err() (consistent with best practices)
    - Trim testing commands to stay at 500-line limit
    
    * fix: address cubic and greptile review on OpenCode files and agents
    
    - Fix crate::module import guidance (internal path, not Cargo.toml)
    - Add cargo fmt --check to verification steps
    - Fix TDD GREEN example to handle error path (validate(input)?)
    - Scope .context() guidance to anyhow/eyre application code
    - Update command count from 40 to 51
    - Add tokio channel variants to unbounded channel warning
    - Preserve JoinError context in spawned task panic message
    
    * fix: stale command count, channel guidance, cargo tree fallback
    
    - Fix stale command count in Project Structure section (40→51)
    - Clarify unbounded channel rule: context-appropriate bounded alternatives
    - Remove dead cargo tree fallback (exits 0 even with no duplicates)
    - Sync OpenCode reviewer mirror with tokio channel coverage
  • fix(docs): use namespaced /everything-claude-code:plan in README examples
    When installed as a plugin, /plan triggers Claude Code's built-in plan
    mode instead of the plugin's plan skill. Updated all 4 README files
    (EN, zh-CN, zh-TW, ja-JP) to show the plugin-namespaced form with a
    comment noting the shorter form works for manual installs.
    
    Also fixes markdownlint MD012 violation in chief-of-staff.md (trailing
    double blank line from #280 merge).
    
    Fixes #297
  • feat(agents): add chief-of-staff communication triage agent (#280)
    Merging chief-of-staff communication triage agent. Clean single-file addition.
  • feat(ecc): prune plugin 43→12 items, promote 7 rules to .claude/rules/ (#245)
    ECC community plugin pruning: removed 530+ non-essential files
    (.cursor/, .opencode/, docs/ja-JP, docs/zh-CN, docs/zh-TW,
    language-specific skills/agents/rules). Retained 4 agents,
    3 commands, 5 skills. Promoted 13 rule files (8 common + 5
    typescript) to .claude/rules/ for CC native loading. Extracted
    reusable patterns to EXTRACTED-PATTERNS.md.
  • refactor: slim down 4 remaining oversized agents (73% reduction)
    - go-build-resolver: 368 -> 94 lines (-74%), references golang-patterns skill
    - refactor-cleaner: 306 -> 85 lines (-72%), removed project-specific rules & templates
    - tdd-guide: 280 -> 80 lines (-71%), references tdd-workflow skill
    - go-reviewer: 267 -> 76 lines (-72%), references golang-patterns skill
    
    Combined with prior round: 10 agents optimized, 3,710 lines saved total.
    All agents now under 225 lines. Largest: code-reviewer (224).
  • refactor: move embedded patterns from agents to skills (#174)
    Reduces the 6 largest agent prompts by 79-87%, saving ~2,800 lines
    that loaded into subagent context on every invocation.
    
    Changes:
    - e2e-runner.md: 797 → 107 lines (-87%)
    - database-reviewer.md: 654 → 91 lines (-86%)
    - security-reviewer.md: 545 → 108 lines (-80%)
    - build-error-resolver.md: 532 → 114 lines (-79%)
    - doc-updater.md: 452 → 107 lines (-76%)
    - python-reviewer.md: 469 → 98 lines (-79%)
    
    Patterns moved to on-demand skills (loaded only when referenced):
    - New: skills/e2e-testing/SKILL.md (Playwright patterns, POM, CI/CD)
    - Existing: postgres-patterns, security-review, python-patterns
  • docs: add hooks guide, expand planner agent, add Django example
    - Add hooks/README.md: comprehensive hook documentation with input schema,
      customization guide, 4 ready-to-use hook recipes, and cross-platform notes
    - Expand planner agent with full worked example (Stripe subscriptions plan)
      and sizing/phasing guidance (119 → 212 lines)
    - Add Django REST API example config (DRF + Celery + pytest + Factory Boy)
    - Update README directory tree with new files
  • docs: improve README with agent guide, FAQ, and fix component counts
    - Fix inaccurate counts: 13 agents (was 15+), 34 skills (was 30+), 31 commands (was 30)
    - Add "Which Agent Should I Use?" decision table with common workflows
    - Add FAQ section addressing top recurring issues (hooks, context window, cross-platform)
    - Add 5 missing skills and 7 missing commands to directory tree listing
    - Expand code-reviewer agent with React/Next.js, Node.js patterns, and confidence filtering
    - Add real-world SaaS example (Next.js + Supabase + Stripe) in examples/
  • fix: resolve multiple reported issues (#205, #182, #188, #172, #173) (#207)
    * fix: resolve multiple reported issues (#205, #182, #188, #172, #173)
    
    - fix(observe.sh): replace triple-quote JSON parsing with stdin pipe to
      prevent ~49% parse failures on payloads with quotes/backslashes/unicode
    - fix(hooks.json): correct matcher syntax to use simple tool name regexes
      instead of unsupported logical expressions; move command/path filtering
      into hook scripts; use exit code 2 for blocking hooks
    - fix(skills): quote YAML descriptions containing colons in 3 skill files
      and add missing frontmatter to 2 skill files for Codex CLI compatibility
    - feat(rules): add paths: filters to all 15 language-specific rule files
      so they only load when working on matching file types
    - fix(agents): align model fields with CONTRIBUTING.md recommendations
      (opus for planner/architect, sonnet for reviewers/workers, haiku for
      doc-updater)
    
    * ci: use AgentShield GitHub Action instead of npx
    
    Switch from npx ecc-agentshield to uses: affaan-m/agentshield@v1
    for proper GitHub Action demo and marketplace visibility.
  • feat: add Python/Django support and enhance READMEs (#139)
    ## Python Support
    - **agents/python-reviewer.md**: Expert Python code review agent with PEP 8 compliance, type hints, security, and performance checks
    - **commands/python-review.md**: Slash command for automated Python code review with ruff, mypy, pylint, black, bandit
    - **skills/python-patterns/SKILL.md**: Python idioms, type hints, error handling, context managers, decorators, concurrency
    - **skills/python-testing/SKILL.md**: pytest configuration, fixtures, parametrization, mocking, async testing, TDD methodology
    
    ## Django Support
    - **skills/django-patterns/SKILL.md**: Django architecture, DRF patterns, project structure, QuerySets, serializers, ViewSets, service layer, caching
    - **skills/django-security/SKILL.md**: Django security best practices, authentication, CSRF, SQL injection, XSS prevention, production settings
    - **skills/django-tdd/SKILL.md**: Django testing with pytest-django, Factory Boy, model testing, API testing, integration testing
    - **skills/django-verification/SKILL.md**: Pre-deployment verification loop including migrations, tests, security scans, performance checks
    
    ## Documentation Enhancements
    - **Quick Start**: Added 3-step quick start guide to all READMEs (EN, zh-CN, zh-TW)
    - **Beautification**: Added emoji icons for better visual hierarchy across all READMEs
    - **.claude-plugin/plugin.json**: Added python-reviewer to agents list
    
    All files follow project conventions with proper frontmatter, markdown formatting, and comprehensive code examples.
    
    Co-authored-by: Freakz3z <freakk@FreakkdeMacBook-Air.local>
    Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>