mirror of
https://github.com/catlog22/Claude-Code-Workflow.git
synced 2026-03-01 14:53:54 +08:00
chore: move ccw-skill-hub to standalone repository
Migrated ccw-skill-hub to D:/ccw-skill-hub as independent git project. Removed nested git repos (ccw/frontend/ccw-skill-hub, skill-hub-repo, skill-hub-temp).
This commit is contained in:
82
.claude/skills/team-review/specs/dimensions.md
Normal file
82
.claude/skills/team-review/specs/dimensions.md
Normal file
@@ -0,0 +1,82 @@
|
||||
# Review Dimensions (4-Dimension System)
|
||||
|
||||
## Security (SEC)
|
||||
|
||||
Vulnerabilities, attack surfaces, and data protection issues.
|
||||
|
||||
**Categories**: injection, authentication, authorization, data-exposure, encryption, input-validation, access-control
|
||||
|
||||
**Tool Support**: Semgrep (`--config auto`), npm audit, tsc strict mode
|
||||
**LLM Focus**: Business logic vulnerabilities, privilege escalation paths, sensitive data flows
|
||||
|
||||
**Severity Mapping**:
|
||||
- Critical: RCE, SQL injection, auth bypass, data breach
|
||||
- High: XSS, CSRF, insecure deserialization, weak crypto
|
||||
- Medium: Missing input validation, overly permissive CORS
|
||||
- Low: Informational headers, minor config issues
|
||||
|
||||
---
|
||||
|
||||
## Correctness (COR)
|
||||
|
||||
Bugs, logic errors, and type safety issues.
|
||||
|
||||
**Categories**: bug, error-handling, edge-case, type-safety, race-condition, null-reference
|
||||
|
||||
**Tool Support**: tsc `--noEmit`, ESLint error-level rules
|
||||
**LLM Focus**: Logic errors, unhandled exception paths, state management bugs, race conditions
|
||||
|
||||
**Severity Mapping**:
|
||||
- Critical: Data corruption, crash in production path
|
||||
- High: Incorrect business logic, unhandled error in common path
|
||||
- Medium: Edge case not handled, missing null check
|
||||
- Low: Minor type inconsistency, unused variable
|
||||
|
||||
---
|
||||
|
||||
## Performance (PRF)
|
||||
|
||||
Inefficiencies, resource waste, and scalability issues.
|
||||
|
||||
**Categories**: n-plus-one, memory-leak, blocking-operation, complexity, resource-usage, caching
|
||||
|
||||
**Tool Support**: None (LLM-only dimension)
|
||||
**LLM Focus**: Algorithm complexity, N+1 queries, unnecessary sync operations, memory leaks, missing caching
|
||||
|
||||
**Severity Mapping**:
|
||||
- Critical: Memory leak in long-running process, O(n³) on user data
|
||||
- High: N+1 query in hot path, blocking I/O in async context
|
||||
- Medium: Suboptimal algorithm, missing obvious cache
|
||||
- Low: Minor inefficiency, premature optimization opportunity
|
||||
|
||||
---
|
||||
|
||||
## Maintainability (MNT)
|
||||
|
||||
Code quality, readability, and structural health.
|
||||
|
||||
**Categories**: code-smell, naming, complexity, duplication, dead-code, pattern-violation, coupling
|
||||
|
||||
**Tool Support**: ESLint warning-level rules, complexity metrics
|
||||
**LLM Focus**: Architectural coupling, abstraction leaks, project convention violations
|
||||
|
||||
**Severity Mapping**:
|
||||
- High: God class, circular dependency, copy-paste across modules
|
||||
- Medium: Long method, magic numbers, unclear naming
|
||||
- Low: Minor style inconsistency, commented-out code
|
||||
- Info: Pattern observation, refactoring suggestion
|
||||
|
||||
---
|
||||
|
||||
## Why 4 Dimensions (Not 7)
|
||||
|
||||
The original review-cycle used 7 dimensions with significant overlap:
|
||||
|
||||
| Original | Problem | Merged Into |
|
||||
|----------|---------|-------------|
|
||||
| Quality | Overlaps Maintainability + Best-Practices | **Maintainability** |
|
||||
| Best-Practices | Overlaps Quality + Maintainability | **Maintainability** |
|
||||
| Architecture | Overlaps Maintainability (coupling/layering) | **Maintainability** (structure) + **Security** (security architecture) |
|
||||
| Action-Items | Not a dimension — it's a report format | Standard field on every finding |
|
||||
|
||||
4 dimensions = clear ownership, no overlap, each maps to distinct tooling.
|
||||
82
.claude/skills/team-review/specs/finding-schema.json
Normal file
82
.claude/skills/team-review/specs/finding-schema.json
Normal file
@@ -0,0 +1,82 @@
|
||||
{
|
||||
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
||||
"title": "Finding",
|
||||
"description": "Standardized finding format for team-review pipeline",
|
||||
"type": "object",
|
||||
"required": ["id", "dimension", "category", "severity", "title", "description", "location", "source", "effort", "confidence"],
|
||||
"properties": {
|
||||
"id": {
|
||||
"type": "string",
|
||||
"pattern": "^(SEC|COR|PRF|MNT)-\\d{3}$",
|
||||
"description": "{DIM_PREFIX}-{SEQ}"
|
||||
},
|
||||
"dimension": {
|
||||
"type": "string",
|
||||
"enum": ["security", "correctness", "performance", "maintainability"]
|
||||
},
|
||||
"category": {
|
||||
"type": "string",
|
||||
"description": "Sub-category within the dimension"
|
||||
},
|
||||
"severity": {
|
||||
"type": "string",
|
||||
"enum": ["critical", "high", "medium", "low", "info"]
|
||||
},
|
||||
"title": { "type": "string" },
|
||||
"description": { "type": "string" },
|
||||
"location": {
|
||||
"type": "object",
|
||||
"required": ["file", "line"],
|
||||
"properties": {
|
||||
"file": { "type": "string" },
|
||||
"line": { "type": "integer" },
|
||||
"end_line": { "type": "integer" },
|
||||
"code_snippet": { "type": "string" }
|
||||
}
|
||||
},
|
||||
"source": {
|
||||
"type": "string",
|
||||
"description": "tool:eslint | tool:tsc | tool:semgrep | llm | tool+llm"
|
||||
},
|
||||
"tool_rule": { "type": ["string", "null"] },
|
||||
"suggested_fix": { "type": "string" },
|
||||
"references": {
|
||||
"type": "array",
|
||||
"items": { "type": "string" }
|
||||
},
|
||||
"effort": { "type": "string", "enum": ["low", "medium", "high"] },
|
||||
"confidence": { "type": "string", "enum": ["high", "medium", "low"] },
|
||||
"root_cause": {
|
||||
"type": ["object", "null"],
|
||||
"description": "Populated by reviewer role",
|
||||
"properties": {
|
||||
"description": { "type": "string" },
|
||||
"related_findings": { "type": "array", "items": { "type": "string" } },
|
||||
"is_symptom": { "type": "boolean" }
|
||||
}
|
||||
},
|
||||
"impact": {
|
||||
"type": ["object", "null"],
|
||||
"properties": {
|
||||
"scope": { "type": "string", "enum": ["low", "medium", "high"] },
|
||||
"affected_files": { "type": "array", "items": { "type": "string" } },
|
||||
"blast_radius": { "type": "string" }
|
||||
}
|
||||
},
|
||||
"optimization": {
|
||||
"type": ["object", "null"],
|
||||
"properties": {
|
||||
"approach": { "type": "string" },
|
||||
"alternative": { "type": "string" },
|
||||
"tradeoff": { "type": "string" }
|
||||
}
|
||||
},
|
||||
"fix_strategy": { "type": ["string", "null"], "enum": ["minimal", "refactor", "skip", null] },
|
||||
"fix_complexity": { "type": ["string", "null"], "enum": ["low", "medium", "high", null] },
|
||||
"fix_dependencies": {
|
||||
"type": "array",
|
||||
"items": { "type": "string" },
|
||||
"default": []
|
||||
}
|
||||
}
|
||||
}
|
||||
27
.claude/skills/team-review/specs/team-config.json
Normal file
27
.claude/skills/team-review/specs/team-config.json
Normal file
@@ -0,0 +1,27 @@
|
||||
{
|
||||
"name": "team-review",
|
||||
"description": "Code scanning, vulnerability review, optimization suggestions, and automated fix",
|
||||
"sessionDir": ".workflow/.team-review/",
|
||||
"msgDir": ".workflow/.team-msg/team-review/",
|
||||
"roles": {
|
||||
"coordinator": { "prefix": "RC", "type": "orchestration", "file": "roles/coordinator/role.md" },
|
||||
"scanner": { "prefix": "SCAN", "type": "read-only-analysis", "file": "roles/scanner/role.md" },
|
||||
"reviewer": { "prefix": "REV", "type": "read-only-analysis", "file": "roles/reviewer/role.md" },
|
||||
"fixer": { "prefix": "FIX", "type": "code-generation", "file": "roles/fixer/role.md" }
|
||||
},
|
||||
"collaboration_pattern": "CP-1",
|
||||
"pipeline": ["scanner", "reviewer", "fixer"],
|
||||
"dimensions": {
|
||||
"security": { "prefix": "SEC", "tools": ["semgrep", "npm-audit"] },
|
||||
"correctness": { "prefix": "COR", "tools": ["tsc", "eslint-error"] },
|
||||
"performance": { "prefix": "PRF", "tools": [] },
|
||||
"maintainability": { "prefix": "MNT", "tools": ["eslint-warning"] }
|
||||
},
|
||||
"severity_levels": ["critical", "high", "medium", "low", "info"],
|
||||
"defaults": {
|
||||
"max_deep_analysis": 15,
|
||||
"max_quick_findings": 20,
|
||||
"max_parallel_fixers": 3,
|
||||
"quick_fix_threshold": 5
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user