catlog22/Claude-Code-Workflow
1
0
Fork 0
mirror of https://github.com/catlog22/Claude-Code-Workflow.git synced 2026-02-13 02:41:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: add batch replan mode and comprehensive skill system

Browse Source 
- Add batch processing mode to /task:replan command
  - Support for verification report input
  - TodoWrite integration for progress tracking
  - Automatic backup management
- Enhance /workflow:action-plan-verify with batch remediation
  - Save verification report to .process directory
  - Provide batch replan command suggestions
- Add comprehensive skill documentation
  - Codex: autonomous development workflows
  - Gemini/Qwen: code analysis and documentation
  - Context-search: strategic context gathering
  - Prompt-enhancer: ambiguous prompt refinement
- Clean up CLAUDE.md strategy references

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
catlog22
2025-10-17 11:44:37 +08:00
parent 80196cc0a0
commit b366924ae6
24 changed files with 4231 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

363
.claude/skills/codex/SKILL.md Normal file
View File

@@ -0,0 +1,363 @@
---
name: Codex Development Tool
description: Autonomous development tool for implementation. Trigger keywords "use codex", "codex implement", "implement with codex". Use for feature implementation, bug fixes, testing, and automation. Requires explicit MODE specification (auto/write). Supports session management for multi-task workflows.
allowed-tools: Bash, Read, Write, Edit, Glob, Grep
---
# Codex Development Tool
## Core Execution
Codex executes autonomous development tasks with full file operations and session management.
**Trigger Keywords**: "use codex", "codex implement", "implement with codex", "codex fix bug"
**Execution Modes**:
- `auto`: Autonomous development with full file operations (requires explicit specification)
- `write`: Test generation and file modification (requires explicit specification)
**Command Pattern**:
```bash
codex -C [directory] --full-auto exec "
PURPOSE: [goal]
TASK: [specific task]
MODE: [auto|write]
CONTEXT: @{file/patterns}
EXPECTED: [deliverables]
RULES: [constraints]
" --skip-git-repo-check -s danger-full-access
```
**No Default Mode**: MODE must be explicitly specified in every command
## Universal Template Structure
Every Codex command should follow this detailed structure for best results:
```bash
codex -C [directory] --full-auto exec "
PURPOSE: [One clear sentence: what and why]
TASK: [Specific actionable task with deliverables]
MODE: [auto|write]
CONTEXT: @{file/patterns} [Previous session context, dependencies, requirements]
EXPECTED: [Concrete deliverables: files, tests, coverage, performance]
RULES: [Template reference] | [Constraints: standards, compatibility, testing]
" --skip-git-repo-check -s danger-full-access
```
**Session Resume Pattern**:
```bash
# First task: establish session
codex -C [directory] --full-auto exec "..." --skip-git-repo-check -s danger-full-access
# Subsequent tasks: continue session (add "resume --last" at END)
codex --full-auto exec "..." resume --last --skip-git-repo-check -s danger-full-access
```
### Template Field Guidelines
**PURPOSE**:
- One sentence combining goal + business driver
- Examples: "Implement auth system for enterprise SaaS", "Fix performance issue to meet SLA <200ms"
**TASK**:
- Break down into numbered sub-tasks with specific deliverables
- Include technical details: "Create JWT auth with RS256, 15min access token, 7d refresh token"
- Specify what to build, test, and document
**CONTEXT**:
- File patterns: `@{src/models/**/*.ts,src/services/**/*.ts}`
- Tech stack: "Express 4.18, PostgreSQL 14, Redis 7, TypeScript strict mode"
- Requirements: "Support 100k users, comply with OWASP guidelines"
- Session memory: "Previous auth implementation from current session"
**EXPECTED**:
- Numbered, concrete deliverables: "1) auth.service.ts, 2) auth.controller.ts, 3) auth.test.ts (>90% coverage)"
- Specific file names with purposes
- Test coverage requirements: ">90% coverage including security scenarios"
- Performance targets: "p95 <200ms", "Support 1000 req/min"
- Documentation requirements: "Update API.md with endpoints"
**RULES**:
- Template reference: `$(cat ~/.claude/workflows/cli-templates/prompts/development/feature.txt)`
- Multiple constraints separated by `|`: "Follow OWASP | Use bcrypt salt 12 | Rate limit 5/15min | Include audit logs"
- Compatibility: "Maintain backward compatibility", "Ensure zero downtime"
- Testing strategy: "Test all error cases", "Mock external dependencies", "Load test with Artillery"
- Security requirements: "Validate all inputs", "Parameterized queries only", "Log security events"
## Command Structure
### Universal Template
Every Codex command follows this structure:
```bash
codex -C [directory] --full-auto exec "
PURPOSE: [clear development goal]
TASK: [specific development task]
MODE: [auto|write]
CONTEXT: [file references and memory context]
EXPECTED: [expected deliverables]
RULES: [template reference and constraints]
" --skip-git-repo-check -s danger-full-access
```
**Parameter Position**: `--skip-git-repo-check -s danger-full-access` must be placed at command END
## Execution Modes
### Auto Mode (Full Development)
⚠️ Autonomous development with full file operations (requires explicit MODE=auto):
```bash
codex -C [directory] --full-auto exec "
PURPOSE: [development goal]
TASK: [implementation task]
MODE: auto
CONTEXT: @{file/patterns} [session memory]
EXPECTED: [deliverables]
RULES: [constraints]
" --skip-git-repo-check -s danger-full-access
```
**When to use**:
- Feature implementation
- Bug fixes requiring code changes
- Refactoring tasks
- Complex algorithm implementation
### Write Mode (Test Generation)
⚠️ Test generation and file modification (requires explicit MODE=write):
```bash
codex -C [directory] --full-auto exec "
PURPOSE: [test goal]
TASK: [test generation task]
MODE: write
CONTEXT: @{file/patterns}
EXPECTED: [test deliverables]
RULES: [constraints]
" --skip-git-repo-check -s danger-full-access
```
**When to use**:
- Test generation
- Test coverage improvement
- Documentation updates
**No Default Mode**: MODE must be explicitly specified in every command
## Session Management
Codex supports session continuity for multi-task workflows. See [session-management.md](session-management.md) for detailed patterns.
### Session Resume Patterns
**First Task** (establish session):
```bash
codex -C project --full-auto exec "
PURPOSE: [initial task]
TASK: [first implementation]
MODE: auto
CONTEXT: @{relevant/files}
EXPECTED: [deliverables]
RULES: [constraints]
" --skip-git-repo-check -s danger-full-access
```
**Subsequent Tasks** (continue session):
```bash
codex --full-auto exec "
PURPOSE: [next task]
TASK: [related implementation]
MODE: auto
CONTEXT: Previous implementation from current session
EXPECTED: [deliverables]
RULES: [constraints]
" resume --last --skip-git-repo-check -s danger-full-access
```
**Parameter Position**: `resume --last` must be placed AFTER the prompt string at command END
### Auto-Resume Decision Rules
**Use `resume --last` when**:
- Current task extends previous Codex task in conversation
- Current task requires context from previous implementation
- Multi-step workflow (implement → enhance → test)
- Session memory indicates recent Codex execution
**Do NOT use `resume --last` when**:
- First Codex task in conversation
- New independent task unrelated to previous work
- Switching to different module/feature area
- No recent Codex task in conversation memory
### Interactive Session Resume
```bash
# Resume with session picker
codex resume
# Resume most recent session directly
codex resume --last
```
### Image Attachment Support
```bash
# Attach images for UI/design implementation
codex -i screenshot.png -C project --full-auto exec "
PURPOSE: Implement UI from design
TASK: Create component matching screenshot
MODE: auto
CONTEXT: @{src/components/**}
EXPECTED: React component matching design
RULES: Follow design system
" --skip-git-repo-check -s danger-full-access
```
## File Pattern Reference
Common patterns for CONTEXT field:
```bash
@{**/*} # All files
@{src/**/*} # Source files
@{*.ts,*.tsx} # TypeScript files
@{src/**/*.test.*} # Test files
@{CLAUDE.md,**/*CLAUDE.md} # Documentation
```
## Template System
Templates are located in `~/.claude/workflows/cli-templates/prompts/`
### Available Templates
**Development Templates**:
- `development/feature.txt` - Feature implementation
- `development/refactor.txt` - Refactoring tasks
- `development/testing.txt` - Test generation
**Analysis Templates** (for planning):
- `analysis/pattern.txt` - Code pattern analysis
- `analysis/architecture.txt` - System architecture review
- `analysis/security.txt` - Security assessment
### Using Templates in RULES Field
```bash
# Single template
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/development/feature.txt) | Follow security best practices
# Multiple templates
RULES: $(cat template1.txt) $(cat template2.txt) | Maintain backward compatibility
# No template
RULES: Use Jest, follow existing patterns, 80%+ coverage
```
## Directory Context Configuration
Codex uses `-C` parameter for directory context:
```bash
# Focused on specific directory
codex -C src/auth --full-auto exec "..." --skip-git-repo-check -s danger-full-access
# Relative path
codex -C ../project --full-auto exec "..." --skip-git-repo-check -s danger-full-access
# Absolute path
codex -C /full/path/to/project --full-auto exec "..." --skip-git-repo-check -s danger-full-access
```
## Execution Configuration
### Timeout Allocation (Dynamic + Multiplier)
Codex uses 1.5x of base timeout due to development complexity:
- **Simple** (test generation): 30-60min (1800000-3600000ms)
- **Medium** (feature implementation): 60-90min (3600000-5400000ms)
- **Complex** (multi-module refactor): 90-180min (5400000-10800000ms)
Auto-detect from PURPOSE and TASK fields.
### Permission Framework
- ⚠️ **No Default Mode**: MODE must be explicitly specified
- 🔒 **Write Protection**: Requires explicit user instruction
-**Auto Mode**: Full file operations when MODE=auto specified
-**Write Mode**: Test generation when MODE=write specified
## Examples
Production-ready examples organized by scenario type:
- **[Feature Implementation](feature-examples.md)** - RESTful APIs and multi-task authentication systems with session resume patterns
- **[Bug Fix & Refactoring](bugfix-refactor-examples.md)** - Performance investigation workflows and large-scale DDD refactoring
- **[Advanced Development](advanced-examples.md)** - Graph algorithms, UI implementation from designs, and security-focused features
- **[Session Management](session-management.md)** - Interactive resume patterns and multi-phase development workflows
Each example follows the Universal Template Structure with detailed session continuity patterns.
## Best Practices
### Implementation Phase
- Always specify MODE (auto/write)
- Use `-C` for directory context
- Include file patterns in CONTEXT
- Reference templates in RULES
- Use session management for multi-step tasks
### Testing Phase
- Use MODE=write for test generation
- Reference implementation in CONTEXT
- Specify coverage requirements in RULES
- Use existing test patterns
### Multi-Task Workflows
- First task: establish session
- Subsequent tasks: use `resume --last`
- Maintain context continuity
- Keep related tasks in same session
## Error Handling
**If timeout occurs**:
- Reduce task scope
- Split into smaller subtasks
- Use session management for continuity
**If implementation blocked**:
- Check CONTEXT includes necessary files
- Verify MODE is specified
- Review RULES for conflicts
**If tests fail**:
- Use MODE=write to generate test fixes
- Reference failing tests in CONTEXT
- Specify fix requirements in RULES
**If session lost**:
- Use `codex resume` to restore session
- Reference previous work in CONTEXT
- Include session memory in prompt
## Security Considerations
### Permission Requirements
- `-s danger-full-access`: Full file system access
- `--skip-git-repo-check`: Skip git validation
- `--full-auto`: Autonomous execution mode
### Safety Guidelines
- Review generated code before committing
- Verify test coverage meets requirements
- Check for security vulnerabilities
- Validate backward compatibility
### Best Practices
- Use MODE=write for non-destructive operations
- Review RULES for security constraints
- Include security templates when relevant
- Test in isolated environment first

73
.claude/skills/codex/advanced-examples.md Normal file
View File

@@ -0,0 +1,73 @@
# Codex Advanced Examples
> **📖 Template Structure**: See [Universal Template Structure](SKILL.md#universal-template-structure) in SKILL.md for detailed field guidelines and session resume patterns.
## Algorithm Implementation with Tests and Benchmarks
```bash
codex -C src/algorithms --full-auto exec "
PURPOSE: Implement efficient graph algorithms for social network friend suggestion feature
TASK: Create graph data structure and algorithms: 1) Directed graph with adjacency list, 2) BFS for shortest path, 3) DFS for connected components, 4) Dijkstra for weighted paths, 5) PageRank-inspired algorithm for friend scoring, 6) Friend suggestion based on mutual connections and activity
MODE: auto
CONTEXT: @{src/models/user.ts,src/models/connection.ts} Social network with 100k users, avg 150 connections per user, need to suggest friends based on: mutual friends (weight 0.5), shared interests (0.3), activity overlap (0.2). Performance target: compute suggestions for user in <100ms.
EXPECTED: Deliverables: 1) graph.ts (DirectedGraph class with generic types), 2) graph-algorithms.ts (BFS, DFS, Dijkstra, shortest path), 3) friend-suggestion.ts (scoring algorithm using graph), 4) graph.test.ts (unit tests for all operations, edge cases), 5) friend-suggestion.test.ts (test accuracy and performance), 6) benchmark.ts (measure performance with production-scale data), 7) Algorithm complexity analysis in ALGORITHMS.md
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/development/feature.txt) | Use TypeScript generics for graph nodes | Implement efficient adjacency list (Map<NodeId, Set<NodeId>>) | Optimize for sparse graphs | Handle disconnected components | Implement early termination for BFS/DFS | Use priority queue (heap) for Dijkstra | Cache computation results with TTL | Test with graphs up to 10k nodes | Benchmark against target <100ms | Document time/space complexity (Big-O) | Include edge cases: empty graph, single node, cycles | Verify algorithm correctness with known test cases
" --skip-git-repo-check -s danger-full-access
```
**Key Points**:
- **Real-world application**: Social network friend suggestion
- **Performance targets**: <100ms with 100k users
- **Comprehensive deliverables**: Code + tests + benchmarks + docs
- **Algorithm rigor**: Complexity analysis, correctness verification
## UI Implementation from Design Screenshot
```bash
codex -i design-system.png -i dashboard-mockup.png -C src/components --full-auto exec "
PURPOSE: Implement dashboard UI matching design system for product launch
TASK: Create responsive dashboard component with: 1) Header with user menu and notifications, 2) Sidebar navigation with collapsible sections, 3) Main content area with widget grid, 4) Stat cards with icons and trend indicators, 5) Chart widgets (line, bar, pie), 6) Data table with sorting and pagination, 7) Loading states and error handling, 8) Dark mode support
MODE: auto
CONTEXT: @{src/components/**/*.tsx,src/styles/**/*.css,src/hooks/**/*.ts} React 18, TypeScript, Tailwind CSS, Recharts for charts, react-table for tables. Design system defined in design-system.png. Desktop-first responsive (breakpoints: 1024px, 768px, 640px).
EXPECTED: Deliverables: 1) Dashboard.tsx (main component), 2) Header.tsx, Sidebar.tsx, StatCard.tsx, ChartWidget.tsx, DataTable.tsx (sub-components), 3) useDashboard.ts (data fetching hook), 4) dashboard.test.tsx (component tests with React Testing Library), 5) dashboard.stories.tsx (Storybook stories for all variants), 6) Responsive behavior matches design at all breakpoints, 7) Accessibility compliance (ARIA labels, keyboard navigation), 8) Update design system docs
RULES: Match design pixel-perfect at 1024px | Use Tailwind utility classes (no custom CSS unless necessary) | Implement mobile-first responsive (collapse sidebar on mobile) | Use React.memo for performance | Implement virtual scrolling for large tables | Add loading skeletons (not spinners) | Support dark mode with CSS variables | Ensure WCAG 2.1 AA compliance | Test keyboard navigation | Add error boundaries | Use semantic HTML | Optimize images (lazy load, WebP format) | Test with real API data | Include empty states | Document component props with TypeScript interfaces
" --skip-git-repo-check -s danger-full-access
```
**Key Points**:
- **Image input**: Design files provided with -i flag
- **Comprehensive UI**: Multiple sub-components with state management
- **Quality focus**: Accessibility, performance, responsive design, testing
- **Production-ready**: Error handling, loading states, dark mode
## Security-Focused Implementation with Multiple Templates
```bash
codex -C src/api --full-auto exec "
PURPOSE: Implement admin API with security hardening for enterprise compliance
TASK: Create admin endpoints for user management: 1) List users with advanced filtering, 2) Update user roles and permissions, 3) Suspend/activate users, 4) Audit log viewing, 5) Export user data (GDPR compliance). Implement comprehensive security controls.
MODE: auto
CONTEXT: @{src/models/user.ts,src/middleware/auth.ts,src/middleware/rbac.ts} Admin users have 'admin' role in RBAC. Must comply with SOC 2, log all admin actions, implement IP whitelist, require MFA for admin access.
EXPECTED: Deliverables: 1) admin.controller.ts (5 endpoints), 2) admin.service.ts (business logic with security checks), 3) audit-log.service.ts (log all admin actions), 4) IP whitelist middleware, 5) MFA verification middleware for admin routes, 6) admin.test.ts (security tests >90% coverage), 7) Update SECURITY.md with admin security controls
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/development/feature.txt) $(cat ~/.claude/workflows/cli-templates/prompts/analysis/security.txt) | Implement defense in depth: auth + RBAC + MFA + IP whitelist | Log all admin actions with: timestamp, user, action, target, IP, result | Require MFA verification for sensitive operations | Validate IP against whitelist | Implement rate limiting: 20 req/min for admin endpoints | Sanitize all inputs | Use parameterized queries only | Implement audit log retention (7 years for SOC 2) | Add admin action confirmation for destructive ops | Test authorization bypass attempts | Verify no privilege escalation possible | Document security controls in code comments | Include security test scenarios: unauthorized access, role escalation, missing MFA, IP outside whitelist
" --skip-git-repo-check -s danger-full-access
```
**Key Points**:
- **Two templates**: Feature + Security combined
- **Compliance focus**: SOC 2 requirements, audit logging
- **Defense in depth**: Multiple security layers
- **Comprehensive testing**: Security scenarios explicitly tested
## Session Management Example
For interactive session resume patterns and decision rules, see [session-management.md](session-management.md).
**Quick Example**:
```bash
# Show all available sessions for selection
codex resume
# Resume most recent session directly
codex resume --last
```

114
.claude/skills/codex/bugfix-refactor-examples.md Normal file
View File

@@ -0,0 +1,114 @@
# Codex Bug Fix and Refactoring Examples
> **📖 Template Structure**: See [Universal Template Structure](SKILL.md#universal-template-structure) in SKILL.md for detailed field guidelines and session resume patterns.
## Bug Fix: Performance Issue Investigation and Resolution
Three-phase approach: Investigate → Fix → Verify
### Phase 1: Investigation (start session)
```bash
codex -C src/api --full-auto exec "
PURPOSE: Investigate and resolve API endpoint performance degradation (p95 from 200ms to 2.5s)
TASK: Analyze /api/dashboard endpoint performance: 1) Profile request execution (use Node.js profiler), 2) Identify slow database queries (enable query logging), 3) Check N+1 query problems, 4) Analyze serialization overhead, 5) Review caching effectiveness, 6) Examine memory allocation patterns
MODE: auto
CONTEXT: @{src/api/dashboard.controller.ts,src/services/dashboard.service.ts,src/repositories/**/*.ts} Endpoint aggregates data from 5 database tables, serves 1000 req/min peak, PostgreSQL 14, Redis cache enabled. Performance degraded after recent feature addition (user preferences).
EXPECTED: Deliverables: 1) Performance analysis report identifying bottlenecks with percentages (e.g., \"45% time in database queries, 30% in serialization\"), 2) Flame graph from profiling, 3) Query execution plans for slow queries, 4) Specific line numbers of problematic code, 5) Root cause summary with evidence, 6) Optimization recommendations prioritized by impact
RULES: Use Node.js --prof for profiling | Enable PostgreSQL query logging with execution times | Use Chrome DevTools for flame graph visualization | Check for N+1 queries with Prisma query logging | Analyze JSON serialization overhead | Review Redis cache hit rates | Identify memory leaks with heapdump | Compare current vs previous commit performance | Document findings in INVESTIGATION.md
" --skip-git-repo-check -s danger-full-access
```
### Phase 2: Fix Implementation (continue session)
```bash
codex --full-auto exec "
PURPOSE: Implement optimizations to restore API performance to <200ms p95
TASK: Apply fixes based on investigation findings: 1) Optimize database queries (add indexes, use joins instead of sequential queries), 2) Implement query result caching, 3) Use streaming for large responses, 4) Add database query batching, 5) Optimize serialization with selective field loading
MODE: auto
CONTEXT: Investigation results from current session showing: N+1 query in user preferences (40% of latency), missing index on user_settings.user_id (25%), inefficient JSON serialization of nested objects (20%). Current code performs 15 queries per request.
EXPECTED: Deliverables: 1) Optimized dashboard.service.ts reducing queries to max 3 per request, 2) Database migration adding indexes on user_settings.user_id and preferences.user_id, 3) Implement Redis caching with 5min TTL for dashboard data, 4) Add query batching using dataloader pattern, 5) Selective field loading (only fetch needed columns), 6) Update tests to verify optimizations, 7) Performance comparison report showing improvement
RULES: Maintain backward compatibility (same API contract) | Add database indexes without locking tables (CONCURRENTLY) | Implement cache invalidation on data updates | Use Prisma select for selective loading | Test with production-like data volume | Verify cache hit rate >80% | Ensure p95 <200ms under load | Add performance monitoring (APM integration) | Document optimization strategy | Update runbooks with new caching behavior
" resume --last --skip-git-repo-check -s danger-full-access
```
### Phase 3: Verification (continue session)
```bash
codex --full-auto exec "
PURPOSE: Verify performance fixes and ensure no regressions
TASK: Comprehensive validation: 1) Run load tests comparing before/after metrics, 2) Verify all functional tests pass, 3) Check for new memory leaks, 4) Validate cache behavior, 5) Measure database impact (connection pool usage, query counts)
MODE: write
CONTEXT: Optimizations from current session: reduced queries from 15 to 3, added 2 indexes, implemented Redis caching, added dataloader. Original p95: 2.5s, target: <200ms.
EXPECTED: Deliverables: 1) performance-test.ts (Artillery load test: 1000 req/min for 5min), 2) Performance report comparing metrics (latency p50/p95/p99, throughput, error rate, database connections, cache hit rate), 3) Regression test suite covering all dashboard functionality, 4) Memory profile comparison (before/after heap usage), 5) Go/No-Go recommendation with evidence
RULES: Load test must match production traffic pattern | Verify all existing tests pass (no regressions) | Check memory usage under load (no leaks) | Validate cache hit rate >80% | Ensure database connection pool <50% utilized | Verify error rate <0.1% | Test cache invalidation scenarios | Monitor for slow query logs | Document performance gains | Create performance dashboard for ongoing monitoring
" resume --last --skip-git-repo-check -s danger-full-access
```
**Key Points**:
- **Three-phase approach**: Investigate → Fix → Verify
- **Data-driven**: Specific metrics, percentages, targets
- **Evidence-based**: Profiling, flame graphs, query plans
- **Production-ready**: Load testing, monitoring, go/no-go decision
## Large-Scale Refactoring with Safety Nets
Four-phase DDD refactoring: Plan → Pilot → Scale → Cleanup
### Phase 1: Analysis and Planning (start session)
```bash
codex -C src --full-auto exec "
PURPOSE: Refactor monolithic service layer to modular domain-driven design for improved maintainability
TASK: Analyze current architecture for refactoring scope: 1) Identify domain boundaries (user, product, order, payment, notification), 2) Map current service dependencies, 3) Identify shared utilities, 4) Find circular dependencies, 5) Assess test coverage by module, 6) Estimate breaking changes
MODE: auto
CONTEXT: @{src/services/**/*.ts,src/models/**/*.ts,src/repositories/**/*.ts} Monolithic structure: single services/ directory with 45 service files, 80k LOC, shared database models, tight coupling. Team of 8 developers, 100k users in production.
EXPECTED: Deliverables: 1) Domain boundary map with proposed structure, 2) Dependency graph (current vs proposed), 3) Migration strategy (phase-by-phase plan), 4) Breaking changes catalog, 5) Test strategy to prevent regressions, 6) Risk assessment matrix, 7) Rollback plan, 8) Estimated timeline (sprints), 9) REFACTORING_PLAN.md document
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/development/refactor.txt) | Follow DDD principles (bounded contexts) | Minimize breaking changes | Plan for gradual migration | Maintain API compatibility during transition | Identify shared kernel carefully | Design anti-corruption layers | Consider team ownership per domain | Assess impact on deployment pipeline | Include database migration strategy | Define success metrics and exit criteria
" --skip-git-repo-check -s danger-full-access
```
### Phase 2: Extract First Domain (continue session)
```bash
codex --full-auto exec "
PURPOSE: Extract user domain as pilot for refactoring approach
TASK: Refactor user-related services into isolated domain: 1) Create src/domains/user structure, 2) Move user.service.ts, profile.service.ts, preferences.service.ts, 3) Extract user-specific models and repositories, 4) Define domain public API (facade pattern), 5) Update imports in consuming code, 6) Ensure zero functionality changes
MODE: auto
CONTEXT: Refactoring plan from current session. User domain identified as: 3 services, 2 models, 2 repositories. Currently consumed by 12 API controllers. No external domain dependencies (good isolation).
EXPECTED: Deliverables: 1) domains/user/ directory structure (services/, models/, repositories/, index.ts for public API), 2) Migrate 3 services with same API signatures, 3) Create UserDomain facade class, 4) Update 12 controller imports to use facade, 5) All existing tests pass unchanged, 6) Add integration tests for domain boundary, 7) Update architecture docs
RULES: Use barrel exports (index.ts) for public API | Hide implementation details | Maintain exact same function signatures | Run full test suite after each file move | Use git mv to preserve history | Add deprecation warnings to old imports | Create facade with same interface as direct service calls | Ensure no circular dependencies | Verify production build succeeds | Document domain public API with JSDoc
" resume --last --skip-git-repo-check -s danger-full-access
```
### Phase 3: Continue with Remaining Domains (continue session)
```bash
codex --full-auto exec "
PURPOSE: Complete domain extraction for product and order domains
TASK: Following user domain pattern, extract: 1) Product domain (4 services), 2) Order domain (6 services with product dependency). Handle cross-domain dependencies correctly.
MODE: auto
CONTEXT: User domain successfully extracted from current session. Product domain: 4 services, no external dependencies. Order domain: 6 services, depends on Product and User domains.
EXPECTED: Deliverables: 1) domains/product/ structure with facade, 2) domains/order/ structure with facades for User and Product, 3) Cross-domain communication through facades only, 4) Update all controller imports, 5) All tests pass, 6) Add domain integration tests, 7) Update dependency graph diagram
RULES: Domains communicate only through public APIs (facades) | No direct cross-domain model access | Use dependency injection for cross-domain calls | Maintain transactional boundaries | Verify no circular domain dependencies | Test cross-domain scenarios | Document domain relationships | Ensure performance not degraded | Run regression tests | Update team ownership docs
" resume --last --skip-git-repo-check -s danger-full-access
```
### Phase 4: Cleanup and Verification (continue session)
```bash
codex --full-auto exec "
PURPOSE: Finalize refactoring with cleanup and comprehensive verification
TASK: Complete migration: 1) Remove old services/ directory, 2) Update all import statements, 3) Clean up unused code, 4) Update build configuration, 5) Verify no broken imports, 6) Run full test suite, 7) Perform load test
MODE: auto
CONTEXT: All domains extracted from current session: user (3 services), product (4 services), order (6 services), payment (5 services), notification (3 services). Old services/ directory still exists for reference.
EXPECTED: Deliverables: 1) Delete old services/ directory, 2) Update tsconfig.json paths, 3) Update import statements across codebase, 4) Remove dead code (identified by unused exports), 5) All tests pass (unit + integration + e2e), 6) Load test confirms no performance regression, 7) Update ARCHITECTURE.md with new structure, 8) Create migration guide for other developers
RULES: Verify no imports from old paths | Run ESLint to catch broken imports | Ensure all tests pass | Load test must show <5% performance delta | Update CI/CD pipeline if needed | Document new domain structure | Create coding guidelines for domain boundaries | Update onboarding docs | Verify build artifacts are correct | Perform git commit with detailed message documenting refactoring scope
" resume --last --skip-git-repo-check -s danger-full-access
```
**Key Points**:
- **Four-phase refactoring**: Plan → Pilot → Scale → Cleanup
- **Safety-first**: Gradual migration, test coverage, rollback plan
- **Production awareness**: Zero downtime, performance monitoring
- **Team enablement**: Documentation, guidelines, ownership

86
.claude/skills/codex/feature-examples.md Normal file
View File

@@ -0,0 +1,86 @@
# Codex Feature Implementation Examples
> **📖 Template Structure**: See [Universal Template Structure](SKILL.md#universal-template-structure) in SKILL.md for detailed field guidelines and session resume patterns.
All examples demonstrate production-ready feature development with testing, security, and maintainability focus.
## Example 1: RESTful API with Validation and Tests
```bash
codex -C src/api --full-auto exec "
PURPOSE: Implement user profile API to support mobile app launch
TASK: Create RESTful CRUD endpoints for user profiles including: GET /users/:id (with query params for field filtering), POST /users (with validation), PUT /users/:id (partial updates), DELETE /users/:id (soft delete). Implement request validation with Joi/Zod, error handling middleware, rate limiting per endpoint, response pagination for list operations, OpenAPI documentation comments.
MODE: auto
CONTEXT: @{src/models/user.ts,src/middleware/**/*.ts,src/validators/**/*.ts,../database/schema.prisma} Existing patterns: Repository pattern, service layer, JWT auth middleware, Prisma ORM, Express 4.18, TypeScript strict mode. Database: PostgreSQL 14 with 50k users.
EXPECTED: Deliverables: 1) user.controller.ts (4 CRUD endpoints), 2) user.service.ts (business logic), 3) user.validator.ts (Joi schemas), 4) user.routes.ts (Express router config), 5) user.test.ts (integration tests with supertest, >90% coverage), 6) Update OpenAPI spec in api-docs.yaml. All endpoints must return consistent error format {code, message, details}.
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/development/feature.txt) | Follow REST conventions (proper HTTP verbs and status codes) | Validate all inputs at API boundary | Implement rate limiting: 100/min for GET, 20/min for write ops | Use repository pattern from existing code | Soft delete with deletedAt timestamp | Include request logging | Add JSDoc with OpenAPI annotations | Write integration tests for all endpoints including error cases | Ensure backward compatibility with v1 API | Run ESLint and Prettier before commit
" --skip-git-repo-check -s danger-full-access
```
**Key Points**:
- **TASK**: Detailed requirements with specific endpoints and features
- **CONTEXT**: Tech stack + existing patterns + constraints (50k users)
- **EXPECTED**: 6 concrete deliverables with test coverage requirement
- **RULES**: Template + REST conventions + validation + testing + compatibility
## Example 2: Multi-Task Authentication Feature with Session Resume
Complete authentication system built incrementally across multiple related tasks.
### Task 1: Core Authentication (establish session)
```bash
codex -C src/auth --full-auto exec "
PURPOSE: Implement secure authentication system for enterprise SaaS platform
TASK: Create JWT-based authentication supporting: 1) Email/password login with bcrypt (cost 12), 2) OAuth 2.0 integration (Google, GitHub), 3) Token generation with RS256 asymmetric signing, 4) Access token (15min TTL) and refresh token (7d TTL), 5) Token refresh endpoint, 6) Logout with token blacklist in Redis
MODE: auto
CONTEXT: @{src/models/user.ts,src/config/jwt.ts,../../keys/private.pem,../../keys/public.pem} Requirements: Support 100k users, Redis for session store, Passport.js for OAuth, must comply with OWASP authentication guidelines
EXPECTED: Deliverables: 1) auth.service.ts (login, OAuth, token generation/refresh/revoke), 2) auth.controller.ts (5 endpoints: login, OAuth callback, refresh, logout, verify), 3) jwt.middleware.ts (token verification for protected routes), 4) auth.validator.ts (input validation), 5) auth.test.ts (unit + integration tests, >90% coverage including security scenarios), 6) Update .env.example with new config
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/development/feature.txt) | Follow OWASP Authentication Cheat Sheet | Use bcrypt with salt rounds 12 | Implement rate limiting: 5 login attempts per 15min per IP | Store only refresh tokens (not access tokens) | Implement token rotation on refresh | Add brute force protection | Include security event logging | Validate OAuth state parameter | Test token expiration and invalid token scenarios | Document security considerations in SECURITY.md
" --skip-git-repo-check -s danger-full-access
```
### Task 2: Multi-Factor Authentication (continue session)
```bash
codex --full-auto exec "
PURPOSE: Add MFA layer to enhance security for enterprise accounts
TASK: Implement TOTP-based MFA: 1) MFA enrollment endpoint with QR code generation, 2) MFA verification during login, 3) Backup codes generation (10 one-time codes), 4) MFA status in user profile, 5) Admin can require MFA for user roles
MODE: auto
CONTEXT: Previous auth implementation from current session. Use speakeasy library for TOTP, qrcode for QR generation. MFA should be optional by default but enforceable per user role.
EXPECTED: Deliverables: 1) mfa.service.ts (enroll, verify, generate backup codes, validate backup code), 2) Update auth.controller.ts with MFA endpoints, 3) Update auth flow to check MFA status, 4) Database migration for MFA fields (secret, enabled, backup_codes), 5) mfa.test.ts (test enrollment, verification, backup codes, >85% coverage), 6) Update API docs with MFA flow
RULES: Use TOTP with 30s window, 6-digit codes | Encrypt MFA secret in database | Invalidate backup codes after use | Rate limit verification attempts (5/min) | Add MFA recovery flow | Log all MFA events | Test clock skew handling | Document MFA setup guide for users | Ensure backward compatibility (MFA optional)
" resume --last --skip-git-repo-check -s danger-full-access
```
### Task 3: Session Management Enhancement (continue session)
```bash
codex --full-auto exec "
PURPOSE: Implement session management UI for users to control active devices
TASK: Create session management system: 1) Track active sessions per user (device, location, IP, last activity), 2) List all active sessions endpoint, 3) Revoke specific session endpoint, 4) Revoke all sessions (logout everywhere), 5) Automatic session cleanup for expired tokens
MODE: auto
CONTEXT: Previous auth and MFA implementation from current session. Store session metadata in Redis with refresh token as key. Use GeoIP for location, UAParser for device detection.
EXPECTED: Deliverables: 1) session.service.ts (create, list, revoke, cleanup), 2) session.controller.ts (3 endpoints), 3) Update token refresh to update session activity, 4) Background job for session cleanup (runs hourly), 5) session.test.ts (>85% coverage), 6) Update user API with session endpoints
RULES: Store minimal session metadata (no PII) | Implement session limit per user (max 10 devices) | Include revocation in token validation middleware | Handle concurrent session updates | Add session activity logs | Test session cleanup job | Ensure revoked session can't refresh | Document session management in API docs | Consider GDPR session data retention (30 days)
" resume --last --skip-git-repo-check -s danger-full-access
```
### Task 4: Comprehensive Test Suite (continue session)
```bash
codex --full-auto exec "
PURPOSE: Ensure authentication security and reliability through comprehensive testing
TASK: Generate complete test suite covering: 1) Unit tests for all services, 2) Integration tests for all endpoints, 3) Security tests (injection, token tampering, brute force), 4) Performance tests (login throughput), 5) E2E tests for complete auth flows
MODE: write
CONTEXT: Complete auth implementation from current session including: login, OAuth, JWT, MFA, session management. Use Jest for unit/integration, Artillery for load testing.
EXPECTED: Deliverables: 1) Expand existing test files to >95% coverage, 2) security.test.ts (12 security scenarios), 3) performance.test.ts (load test: 100 req/s for 1min), 4) e2e/auth-flow.test.ts (full user journey), 5) Test report showing coverage by module, 6) Update CI pipeline config to enforce coverage thresholds
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/development/testing.txt) | Test all happy paths and error cases | Include security tests: SQL injection attempts, XSS in inputs, JWT tampering, expired tokens, invalid signatures | Mock external dependencies (OAuth providers, Redis) | Test rate limiting enforcement | Verify session isolation between users | Load test should achieve <200ms p95 latency | Use faker for test data generation | Clean up test data after each test | Document test scenarios in test file comments
" resume --last --skip-git-repo-check -s danger-full-access
```
**Key Points**:
- **Four-task sequence**: Core auth → MFA → Sessions → Tests
- **Session continuity**: Each task builds on previous using `resume --last`
- **Progressive complexity**: Features build incrementally
- **Final testing phase**: MODE=write for comprehensive test generation

475
.claude/skills/codex/session-management.md Normal file
View File

@@ -0,0 +1,475 @@
# Codex Session Management
## Overview
Codex supports session continuity for multi-task development workflows. Sessions maintain context across related tasks, enabling efficient multi-step implementations without repeating context.
## Core Concepts
### Session Types
**New Session** - Establishes fresh context:
```bash
codex -C directory --full-auto exec "task" --skip-git-repo-check -s danger-full-access
```
**Resume Session** - Continues with previous context:
```bash
codex --full-auto exec "task" resume --last --skip-git-repo-check -s danger-full-access
```
**Interactive Resume** - Picker or direct resume:
```bash
codex resume # Show session picker
codex resume --last # Resume most recent
```
## Session Resume Patterns
### Multi-Task Development Pattern
**Pattern Overview**:
1. First task: establish session with `-C`
2. Subsequent tasks: continue with `resume --last`
3. Related tasks: maintain context continuity
4. Unrelated tasks: start new session
**Example - Authentication Feature**:
```bash
# Task 1: Establish session - Implement auth module
codex -C project --full-auto exec "
PURPOSE: Implement user authentication
TASK: Create JWT-based authentication system
MODE: auto
CONTEXT: @{src/auth/**/*} Database schema from session memory
EXPECTED: Complete auth module with middleware
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/development/feature.txt) | Follow security best practices
" --skip-git-repo-check -s danger-full-access
# Task 2: Continue session - Add JWT validation
codex --full-auto exec "
PURPOSE: Enhance authentication security
TASK: Add JWT token validation and refresh logic
MODE: auto
CONTEXT: Previous auth implementation from current session
EXPECTED: JWT validation middleware and token refresh endpoints
RULES: Follow JWT best practices, maintain session context
" resume --last --skip-git-repo-check -s danger-full-access
# Task 3: Continue session - Generate tests
codex --full-auto exec "
PURPOSE: Increase test coverage
TASK: Generate comprehensive tests for auth module
MODE: write
CONTEXT: Auth implementation from current session
EXPECTED: Complete test suite with 80%+ coverage
RULES: Use Jest, follow existing patterns
" resume --last --skip-git-repo-check -s danger-full-access
```
### Auto-Resume Decision Tree
```
Is current task related to previous Codex task?
├─ YES → Does it extend/enhance previous implementation?
│ ├─ YES → Use `resume --last`
│ └─ NO → Check if it requires previous context
│ ├─ YES → Use `resume --last`
│ └─ NO → Start new session
└─ NO → Is this first Codex task in conversation?
├─ YES → Start new session
└─ NO → Different module/feature area?
├─ YES → Start new session
└─ NO → Check conversation memory for recent Codex execution
├─ FOUND → Use `resume --last`
└─ NOT FOUND → Start new session
```
## Auto-Resume Decision Rules
### Use `resume --last` When
**Related Work**:
- Current task extends previous Codex task
- Current task enhances previous implementation
- Current task fixes issues in previous work
**Example**:
```bash
# First: Implement feature
codex -C src --full-auto exec "Implement user profile" ...
# Later: Add validation to same feature
codex --full-auto exec "Add profile validation" resume --last ...
```
**Multi-Step Workflow**:
- Part of implement → enhance → test cycle
- Sequential improvements
- Incremental feature development
**Example**:
```bash
# Step 1: Basic implementation
codex -C src --full-auto exec "Create API endpoint" ...
# Step 2: Add error handling
codex --full-auto exec "Add error handling to endpoint" resume --last ...
# Step 3: Add tests
codex --full-auto exec "Generate endpoint tests" resume --last ...
```
**Context Dependency**:
- Requires understanding of previous implementation
- Builds on previous work
- References previous changes
**Example**:
```bash
# First: Database schema
codex -C db --full-auto exec "Create user table" ...
# Later: API using that schema
codex --full-auto exec "Create API for user table" resume --last ...
```
**Session Memory Indicates Recent Work**:
- Conversation history shows recent Codex execution
- Working on same module/feature
- Continuing interrupted work
### Do NOT Use `resume --last` When
**First Task in Conversation**:
```bash
# Always start fresh
codex -C project --full-auto exec "New feature" ...
```
**New Independent Task**:
```bash
# Unrelated to previous work
codex -C different-module --full-auto exec "Different feature" ...
```
**Different Module/Feature Area**:
```bash
# First: Auth module
codex -C src/auth --full-auto exec "Auth implementation" ...
# Later: Payment module (NEW SESSION)
codex -C src/payment --full-auto exec "Payment implementation" ...
```
**No Recent Codex Task**:
```bash
# No Codex work in conversation history
codex -C project --full-auto exec "Fresh start" ...
```
## Session Continuity Best Practices
### Context References
**Use Session Context**:
```bash
codex --full-auto exec "
PURPOSE: Enhance previous implementation
TASK: Add caching to API endpoints
MODE: auto
CONTEXT: Previous API implementation from current session
EXPECTED: Cached endpoints with Redis integration
RULES: Maintain existing patterns
" resume --last --skip-git-repo-check -s danger-full-access
```
**Combine with File Patterns**:
```bash
codex --full-auto exec "
PURPOSE: Extend authentication
TASK: Add OAuth2 support
MODE: auto
CONTEXT: @{src/auth/**/*} Previous JWT implementation
EXPECTED: OAuth2 integration with existing auth
RULES: Maintain backward compatibility
" resume --last --skip-git-repo-check -s danger-full-access
```
### Multi-Phase Development
**Phase 1: Core Implementation**:
```bash
codex -C src/features --full-auto exec "
PURPOSE: New feature foundation
TASK: Implement core feature logic
MODE: auto
CONTEXT: @{src/core/**/*}
EXPECTED: Feature foundation with basic functionality
RULES: Follow existing patterns
" --skip-git-repo-check -s danger-full-access
```
**Phase 2: Enhancement** (resume session):
```bash
codex --full-auto exec "
PURPOSE: Feature enhancement
TASK: Add validation and error handling
MODE: auto
CONTEXT: Previous core implementation
EXPECTED: Robust feature with validation
RULES: Handle edge cases
" resume --last --skip-git-repo-check -s danger-full-access
```
**Phase 3: Testing** (resume session):
```bash
codex --full-auto exec "
PURPOSE: Test coverage
TASK: Generate comprehensive tests
MODE: write
CONTEXT: Previous implementation with validations
EXPECTED: Test suite with 90%+ coverage
RULES: Test edge cases and error paths
" resume --last --skip-git-repo-check -s danger-full-access
```
**Phase 4: Documentation** (resume session):
```bash
codex --full-auto exec "
PURPOSE: Feature documentation
TASK: Generate API documentation and usage examples
MODE: write
CONTEXT: Complete implementation with tests
EXPECTED: Comprehensive documentation
RULES: Include code examples
" resume --last --skip-git-repo-check -s danger-full-access
```
## Interactive Session Management
### Session Picker
```bash
# Show all available sessions
codex resume
# User selects from list:
# 1. Feature X implementation (2024-10-17 14:30)
# 2. Bug fix Y (2024-10-17 13:15)
# 3. Test generation Z (2024-10-17 12:00)
```
### Direct Resume
```bash
# Resume most recent session immediately
codex resume --last
# Continue work without picker
```
## Session Context Optimization
### Effective Context References
**Good - Specific and Relevant**:
```bash
CONTEXT: @{src/auth/**/*} Previous JWT implementation, session management patterns
```
**Better - Combines Session and Files**:
```bash
CONTEXT: Previous auth implementation from current session, @{src/auth/**/*,src/middleware/**/*}
```
**Best - Precise and Memory-Aware**:
```bash
CONTEXT: JWT middleware from previous task, @{src/auth/jwt.ts,src/auth/middleware.ts} Token validation patterns
```
### Context Continuity Patterns
**Reference Previous Work**:
```bash
CONTEXT: Previous implementation of user registration
TASK: Add email verification to registration flow
```
**Build on Established Patterns**:
```bash
CONTEXT: Authentication patterns from session, existing middleware structure
TASK: Create authorization middleware following auth patterns
```
**Maintain Consistency**:
```bash
CONTEXT: API design from previous endpoints, established response format
TASK: Create new endpoint following existing design
```
## Common Session Patterns
### Feature Development Cycle
```bash
# 1. Implement → 2. Enhance → 3. Test → 4. Document
# Implement (start session)
codex -C src --full-auto exec "Implement feature" ...
# Enhance (resume)
codex --full-auto exec "Add validations" resume --last ...
# Test (resume)
codex --full-auto exec "Generate tests" resume --last ...
# Document (resume)
codex --full-auto exec "Write docs" resume --last ...
```
### Bug Fix Cycle
```bash
# 1. Identify → 2. Fix → 3. Test → 4. Verify
# Identify (start session)
codex -C src --full-auto exec "Analyze bug" ...
# Fix (resume)
codex --full-auto exec "Implement fix" resume --last ...
# Test (resume)
codex --full-auto exec "Add regression tests" resume --last ...
# Verify (resume)
codex --full-auto exec "Verify fix across codebase" resume --last ...
```
### Refactoring Cycle
```bash
# 1. Analyze → 2. Plan → 3. Refactor → 4. Test
# Analyze (start session)
codex -C src --full-auto exec "Analyze code for refactoring" ...
# Plan (resume)
codex --full-auto exec "Plan refactoring approach" resume --last ...
# Refactor (resume)
codex --full-auto exec "Execute refactoring" resume --last ...
# Test (resume)
codex --full-auto exec "Verify refactoring with tests" resume --last ...
```
## Session Memory Management
### What Gets Preserved
**Implementation Context**:
- Code changes made
- Files created/modified
- Patterns established
- Decisions made
**Design Context**:
- Architecture decisions
- Pattern choices
- Interface designs
- Integration points
**Problem Context**:
- Issues identified
- Solutions attempted
- Trade-offs considered
- Edge cases handled
### What Gets Lost
**Starting New Session**:
- Previous implementation details
- Design decisions
- Context from prior work
**When to Accept Context Loss**:
- Switching to unrelated module
- Starting independent feature
- Different problem domain
- Fresh approach needed
## Troubleshooting
### Session Not Found
**Symptom**: `resume --last` fails to find session
**Solutions**:
- Use `codex resume` to see available sessions
- Start new session if none relevant
- Check if previous task completed
### Wrong Session Resumed
**Symptom**: Resumed session from different feature
**Solutions**:
- Use `codex resume` for manual selection
- Check conversation history for last Codex task
- Start new session if incorrect context
### Context Mismatch
**Symptom**: Session context doesn't match current task
**Solutions**:
- Start new session for unrelated work
- Include explicit CONTEXT to override
- Use file patterns to focus context
## Advanced Patterns
### Parallel Session Management
```bash
# Feature A - Session 1
codex -C src/feature-a --full-auto exec "Implement A" ...
# Feature B - Session 2 (different session)
codex -C src/feature-b --full-auto exec "Implement B" ...
# Resume Feature A
codex --full-auto exec "Enhance A" resume --last ...
# Note: This resumes most recent (Feature B), not Feature A
# Use interactive picker: codex resume
```
### Session Branch Pattern
```bash
# Main implementation
codex -C src --full-auto exec "Main feature" ...
# Branch 1: Enhancement (resume)
codex --full-auto exec "Add feature X" resume --last ...
# Branch 2: Alternative approach (new session)
codex -C src --full-auto exec "Try approach Y" ...
```
### Session Merge Pattern
```bash
# Component A
codex -C src/components --full-auto exec "Create component A" ...
# Component B (new session)
codex -C src/components --full-auto exec "Create component B" ...
# Integration (new session, references both)
codex -C src --full-auto exec "
CONTEXT: Component A and B from previous work
TASK: Integrate components
" ...
```