marketing-shibata50/claude-code-ultimate-guide
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
375 commits 1 branch 0 tags 20 MiB
Commit graph

94 commits

Author SHA1 Message Date
Florian BRUNIAUX
d9187ba17b release: v3.30.0 - 10 advanced patterns documentation 
5 new files (plan-challenger, adr-writer, audit-codebase, first-principles, event-driven-agents),
4 workflow files enriched (iterative-refinement, agent-teams, ultimate-guide x3 sections),
reference.yaml updated with 9 new entries. Fact-checked via 9 Perplexity searches (March 2026).

Patterns covered: modular CLAUDE.md architecture, session invariants, auto-ADR, adversarial
plan review, worktree dependency coordination, auto-fix loops (Ralph Loop), Linear/Kanban
event-driven agents, codebase audit scoring, deployment automation (Vercel + Infisical).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-03 06:27:28 +01:00
Florian BRUNIAUX
01283fafec docs: SonnetPlan hack — budget Sonnet+Haiku hybrid via env var remap 
- guide/ultimate-guide.md §OpusPlan: new "Budget Variant: SonnetPlan"
  section with shell function, Plan/Act routing table, caveat on
  unreliable model self-report, link to GitHub issue #9749
- examples/scripts/sonnetplan.sh: new ready-to-use shell function
  with installation instructions and verification guidance

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-02 17:58:25 +01:00
Florian BRUNIAUX
252148fe75 release: v3.29.1 - Git MCP + GitHub MCP catalog entries 
Add Git MCP Server (12 tools, uvx setup) and GitHub MCP Server
(Issues/PRs/Projects, remote Copilot + self-hosted PAT-only) to §8.2
MCP Server Catalog. Document real-world fix for Incompatible auth
server error via gh auth token + manual header injection.

Also ships: CC v2.1.63 tracking, HTTP hooks, observability quality
patterns, config lifecycle §9.23, terminal personalization, tool
comparison table extensions, MCP server 3 new tools.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-02 16:10:19 +01:00
Florian BRUNIAUX
155b07a589 feat: threat-db v2.4.0 + MCP guide section + resource evals + ci 
## threat-db v2.4.0
- CVE-2026-27735: path traversal in mcp-server-git git_add (CVSS 6.4)
- Campaign: Clinejection (Cline CLI 2.3.0 supply chain, 4000 downloads)
- T012: AI Recommendation Poisoning (Microsoft research, 50+ prompts)
- 3 new sources (NVD, Snyk, Microsoft Security Blog, Hacker News)

## guide/ultimate-guide.md
- New section "This Guide as an MCP Server" (§10) — installation,
  tools list, dev mode, usage examples, slash commands

## docs/resource-evaluations
- eval #070: claude-code-best-practice .claude/ config (score 4/5)
- eval #071: Steven Ge technical writing workflow (score TBD)
- eval #072: Rippletide AI reliability platform (score 2/5, watch only)
- 2026-02-26: boristane SDLC dead post evaluation
- README: count 60→72 evals, add #072 entry

## ci + config
- .github/workflows/trigger-landing-deploy.yml — auto-trigger landing
  rebuild on push to main (guide content changes)
- .gitignore: add .claude/agents/ exception + mcp-server/dist/ ignore

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-28 21:35:03 +01:00
Florian BRUNIAUX
e62af76767 docs: spinner verbs + tips personalization — new example + guide section 
- New section §3.3 Terminal Personalization Settings (ultimate-guide.md:4978)
  spinnerVerbs (mode replace/add) + spinnerTipsOverride (excludeDefault)
- New examples/config/settings-personalization.json — 19 verbs, 113+ tips, 13 categories
- reference.yaml: new spinner_personalization entry + line number fix
- CHANGELOG updated

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-28 10:00:58 +01:00
Florian BRUNIAUX
4a0a0bf30e docs: complete factual audit pass 2 — 90+ corrections 
Second 10-agent parallel audit covering all remaining sections:
ultimate-guide.md (ch1-ch11), workflows/ (17 files), quiz/ (12 files),
examples/agents+skills+commands. Source of truth: official Anthropic docs.

Key corrections:

Hook system (+8 missing events):
- Complete 17-event list: PermissionRequest, PostToolUseFailure, SubagentStart,
  TeammateIdle, TaskCompleted, WorktreeCreate, WorktreeRemove, SessionEnd
- SessionStart confirmed valid (previous audit wrongly doubted it)
- Hook output format: hookSpecificOutput.permissionDecision (not {"decision":"block"})
- Missing common input fields added: transcript_path, cwd, permission_mode

Agent YAML frontmatter (13 valid fields restored/added):
- Restored: disallowedTools, memory, background, isolation, skills, permissionMode, hooks
- Added new: maxTurns, mcpServers
- Fixed: tools format is comma-separated (not space-separated)

Plan Mode (12 occurrences fixed):
- Ctrl+G = "open plan in text editor" (NOT "enter plan mode")
- Plan Mode = Shift+Tab × 2 (Normal → acceptEdits → plan)

Commands table (10.1) + built-in commands (6.1):
- Added 18+ missing commands: /copy, /doctor, /hooks, /memory, /model,
  /config, /permissions, /remote-control, /rename, /resume, /sandbox, etc.

Workflow files:
- agent-teams.md: removed fake --experimental-agent-teams flag
- hooks.yaml + post_edit event → settings.json + PostToolUse (2 files)
- TodoWrite → TaskCreate/TaskUpdate (3 files)
- task-management.md: removed fake "failed" task status

Quiz / examples:
- 01-010: Esc stops mid-action (not Ctrl+C)
- refactoring-specialist.md: removed MultiEdit (not a valid tool)
- ast-grep-patterns.md: name field (not title)
- validate-changes.md, diagnose.md: field name fixes

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-26 18:21:28 +01:00
Florian BRUNIAUX
8e63d84b47 docs: factual audit + reference sync — 260 findings corrected 
Parallel 6-agent audit against official Anthropic docs (llms-full.txt).
Key corrections applied across permissions, hooks, MCP, security, privacy, reference.yaml.

Highlights:
- Fix MCP config path (~/.claude.json), mcpServers key, variable substitution syntax
- Fix permission modes (5 not 3), :* syntax (×6), Stop event description
- Fix hook JSON field names (hook_event_name, tool_name, tool_input, session_id)
- Fix filesystem restriction docs (permission rules, not settings.json keys)
- Fix data-privacy: 4-tier retention, /bug 5yr warning, ZDR conditions, 5 telemetry opt-out vars
- Add official llms.txt/llms-full.txt references to CLAUDE.md + machine-readable/llms.txt
- Reference.yaml: 375 entries re-synced (92% had wrong line numbers — guide grew 15K→21K lines)
- New script: scripts/resync-reference-yaml.py for automated line number sync
- Quiz: corrected answers for hooks (07), memory settings (03), MCP servers (08)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-26 12:10:14 +01:00
Florian BRUNIAUX
ad735dfff4 docs(security): update threat-db v2.3.0 — CVE-2025-59536, CVE-2026-21852, +2 CVEs, T011 
New CVEs (4):
- CVE-2025-59536: Claude Code RCE via enableAllProjectMcpServers config (fixed 1.0.111)
- CVE-2026-21852: Claude Code API key theft via ANTHROPIC_BASE_URL redirect (fixed 2.0.65)
- CVE-2026-26029: sf-mcp-server command injection via child_process.exec
- CVE-2026-27203: eBay API MCP Server env variable injection

New attack technique:
- T011: Project Configuration Hijacking (.claude/settings.json / .mcp.json as attack surface)

New defensive resources:
- GuardFive AI Agent Security Scanner
- Palo Alto AI Runtime Security MCP Threat Detection

New sources (7): Check Point Research, The Hacker News, Trend Micro, 1Password, Red Hat, NVD x2

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-25 18:59:03 +01:00
Florian BRUNIAUX
97f9167a61 docs: add Kairn memory MCP + resource evaluations + guide updates 
- guide/ultimate-guide.md §10.2: Add Kairn (knowledge graph memory with biological decay)
  - Typed relationships (depends-on, resolves, causes), 18 MCP tools
  - Updated comparison table: Serena / grepai / doobidoo / Kairn
  - Added decision routing for long-term memory + causality tracking
- guide/ultimate-guide.md §5.1: Add real-world CLAUDE.md migration example (Avo, 600-line → 15 path-scoped files)
- guide/ai-ecosystem.md: Minor update
- machine-readable/reference.yaml: Add Kairn entries
- examples/config/mcp.json: Add Kairn MCP config
- docs/resource-evaluations/: Add 2 new evaluations (context-evaluator-packmind, kairn-memory-mcp)
- docs/resource-evaluations/agents-md-empirical-study: Add community reception section
- docs/resource-evaluations/2026-02-23-agentsview: Minor fix

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-25 17:39:20 +01:00
Florian BRUNIAUX
92643c1a6b docs(security): update threat-db v2.2.0 — CVE-2026-0755, mcp-run-python SSRF, 5 new scanners 
New CVEs:
- CVE-2026-0755 (gemini-mcp-tool, CVSS 9.8, RCE, no fix yet)
- SNYK-PYTHON-MCPRUNPYTHON-15250607 (mcp-run-python SSRF via Deno sandbox)

New entries:
- Attack technique T010: Agent-to-Agent Communication Injection
- 5 new scanning tools: Proximity, Enkrypt AI, Cisco MCP Scanner, NeuralTrust, MCPScan.ai
- 1 new defensive resource: Anthropic Claude Code Security (2026-02-21)
- 4 new sources (Lakera, Penligent AI, Snyk, THN)

Updated security-hardening.md: added CVE-2026-0755 and mcp-run-python SSRF to CVE table

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-22 16:14:34 +01:00
Florian BRUNIAUX
dbb62306d7 release: v3.28.1 - Visual Diagrams Series (40 Mermaid diagrams) 
guide/diagrams/: new directory with 40 interactive Mermaid diagrams
- 10 thematic files: foundations, context/sessions, configuration,
  architecture, MCP ecosystem, dev workflows, multi-agent patterns,
  security/production, cost/optimization, adoption/learning
- Each diagram: Mermaid (GitHub-native) + ASCII fallback + source link
- Bold Guy palette (6-color system) consistent across all diagrams
- README with index, visual palette legend, navigation by use case

Also includes (backlog from v3.28.0→v3.28.1):
- guide/ultimate-guide.md: Managing Large MCP Server Sets, AI Code
  Disclosure Policy, claude-mem Gemini alternative, observability
- guide/workflows/plan-driven.md: Boris Tane custom markdown plans (+172L)
- guide/security-hardening.md: Part 4 PR security review workflow
- examples/agents/security-patcher.md: new security agent
- examples/hooks/bash/security-gate.sh: PreToolUse security hook
- guide/observability.md: activity monitoring, external tools, proxying
- docs/resource-evaluations/: 4 new evaluations (Boris Cherny, Moigneu,
  Boris Tane, Aristote AI instructions)
- README.md: Visual Diagrams section in "What Makes This Guide Unique"

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-22 15:51:21 +01:00
Florian BRUNIAUX
9218ab37d6 feat: security scanning workflow (auditor + patcher + gate hook) 
- security-hardening.md Part 4: PR security review workflow
  3-agent pipeline: scan → data flow trace → patch
  Tableau par type de changement (auth, DB, upload, deps)
  Hook pre-push git pour alerter sur fichiers sensibles
- security-patcher agent: applique les findings du security-auditor
  Propose avant d'écrire, jamais en autonomie (human approval gate)
  Séparation nette detect vs patch
- security-gate.sh hook: PreToolUse, 7 patterns vulnérables bloqués
  SQLi, XSS innerHTML, secrets hardcodés, eval() dynamique,
  hash faible (MD5/SHA1 password), command injection, path traversal
  Complément de dangerous-actions-blocker.sh (ops système)
- Claude Code Security (research preview) documentée dans security-hardening.md
  Comparaison Security Auditor Agent vs feature Anthropic
- reference.yaml: 4 nouvelles entrées indexées

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-22 15:21:35 +01:00
Florian BRUNIAUX
6049bd99c2 release: v3.28.0 - Section 2.5 Model Selection & Thinking Guide 
Section canonique consolidée pour le choix de modèle :
- Section 2.5 (decision table, effort levels avec prompts, model-per-agent patterns, thinking guide)
- 3 nouveaux agents : planner (Opus), implementer (Haiku), architecture-reviewer (Opus)
- 7 nouvelles questions quiz (09-037→09-043, intermediate→power)
- 3 tables redondantes remplacées par cross-refs vers Section 2.5

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-21 18:25:50 +01:00
Florian BRUNIAUX
00cb973bdb docs: add Talk Preparation Pipeline workflow + skill templates 
6-stage pipeline: raw material → conference talk → Kimi AI slides.

New files:
- guide/workflows/talk-pipeline.md — Full workflow guide (REX vs Concept
  modes, stage-by-stage breakdown, CHECKPOINT mechanics, Kimi handoff,
  real-world DevWithAI example, 5 design patterns documented)
- examples/skills/talk-pipeline/ — 7 SKILL.md files + orchestrator + 2
  templates (feedback-draft.md, kimi-prompt-template.md)

Updated:
- README.md — badges 164→172 templates, Feb 20 date, 13→14 skills
- guide/workflows/README.md — Talk Pipeline entry under Design & Content
- machine-readable/reference.yaml — 16 new entries for pipeline components
- CHANGELOG.md — [Unreleased] entry

Design patterns showcased: skill chaining + file-based state, tool
permission scoping (Bash only Stage 2), human-in-the-loop CHECKPOINT
(Stage 4), AI-to-AI handoff (Claude → Kimi), dual execution modes
(REX/Concept).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-20 15:51:29 +01:00
Florian BRUNIAUX
6d847d24de docs: add Profile-Based Module Assembly pattern (Section 3.5) 
- Section 3.5 "Team Configuration at Scale" in ultimate-guide.md:
  profiles YAML + shared modules + skeleton + assembler script;
  59% context token reduction measured on 5-dev production team;
  includes CI drift detection, 5-step replication guide, trade-offs
- New workflow: guide/workflows/team-ai-instructions.md (6 phases,
  scaling thresholds, troubleshooting table)
- New templates: examples/team-config/ (profile-template.yaml,
  claude-skeleton.md, sync-script.ts)
- reference.yaml: 9 new entries for team_ai_instructions_*
- README: templates count 161 → 164, date Feb 19 → Feb 20
- CHANGELOG [Unreleased]: resource evaluations (AGENTS.md ETH Zürich
  4/5, Sylvain Chabaud 3/5), spec-first Task Granularity section,
  methodologies ATDD expansion

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-20 15:04:29 +01:00
Florian BRUNIAUX
46b5f39f52 docs: update examples README and reference.yaml for claude-code-review.yml 
- examples/README.md: github-actions count 3→4, add new workflow row
- machine-readable/reference.yaml: 6 new entries (workflow, prompt, pattern, tools, auth, cost)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-19 14:58:27 +01:00
Florian BRUNIAUX
9b75b5125e release: v3.27.8 - prompt-based GitHub Actions code review workflow 
New examples/github-actions/claude-code-review.yml with externalized prompt,
anti-hallucination protocol, /claude-review on-demand trigger. Templates 116→161.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-19 14:23:15 +01:00
Florian BRUNIAUX
267ce0ba86 chore: update guide content and add new examples 
- Update ultimate guide and cheatsheet
- Update llms.txt and reference YAML
- Add velocity-governor hook and cc-sessions script

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-18 18:48:19 +01:00
Florian BRUNIAUX
c3da456d3a release: v3.27.6 - Sonnet 4.6 default + 200K vs 1M context guide 
- Pricing table: Sonnet 4.6 now default (Feb 2026)
- New section: 200K vs 1M context decision guide (MRCR bench, cost table, use cases)
- threat-db.yaml v2.1.0: CVE-2026-23744, Slopsquatting T009, OWASP Agentic AI Top 10

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-18 09:33:55 +01:00
Florian BRUNIAUX
0d6a0c656e docs: add git-worktree suite, security kill switch, update reference.yaml + CC releases 
- Git worktree commands: overhauled main + 3 new (status, remove, clean)
- Security hardening: AI Kill Switch & Containment Architecture (§3.5)
- DevOps SRE: cross-reference to security-hardening for AI incidents
- CC releases: v2.1.43-v2.1.44 tracking
- reference.yaml: 12 new entries, evaluations count 67 → 74

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-17 10:20:57 +01:00
Florian BRUNIAUX
7d43b67bcd docs: add review-plan command + rules templates (inspired by Garry Tan) 
Structured plan review across 4 axes (architecture, code quality, tests,
performance) as a reusable custom command with separate rules files.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 20:34:33 +01:00
Florian BRUNIAUX
c955098cc7 docs: add plugin marketplace install for session-summary 
Link to FlorianBruniaux/claude-code-plugins in ecosystem section
and hooks README. Plugin system auto-wires hooks, no manual config.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 11:58:58 +01:00
Florian BRUNIAUX
9075b966ab fix: make session-summary-config.sh compatible with Bash 3.2+ (macOS) 
Replace all `declare -A` (associative arrays, Bash 4+ only) with simple
variables and helper functions. Fixes crash on macOS default Bash 3.2:
- "operand expected" at line 40
- "meta: unbound variable" at line 43

Reported by community user (Slack).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 11:42:20 +01:00
Florian BRUNIAUX
66ebec567a docs: add SkillHub badge and update skills listing to 13 
- Add SkillHub badge (9 skills) to README header
- Update examples/README.md with 5 new skill entries
- Link to SkillHub profile for installable skills

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 21:24:17 +01:00
Florian BRUNIAUX
52d76411e3 feat(skills): publish 5 new skills to SkillHub 
Add skill-creator, landing-page-generator, ccboard, guide-recap,
and release-notes-generator with genericized content (no personal
refs, FR→EN translation, placeholder URLs/paths).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 21:10:09 +01:00
Florian BRUNIAUX
e504f0d1bf feat: add session summary screenshot, skills, and GitHub templates 
- Add session-summary-v3.png screenshot for hook documentation
- Add GitHub issue templates (bug report, feature request, question)
- Add new skills: ccboard, guide-recap, landing-page-generator,
  release-notes-generator, skill-creator

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 20:55:16 +01:00
Florian BRUNIAUX
e60b24d27c docs(examples): add YAML frontmatter to 19 miscellaneous example files 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 19:21:00 +01:00
Florian BRUNIAUX
9170095320 docs(examples): add YAML frontmatter to 7 README files 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 19:20:57 +01:00
Florian BRUNIAUX
3029d1d3b8 docs(examples): add YAML frontmatter to 5 claude-md templates 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 19:20:37 +01:00
Florian BRUNIAUX
91d36f00dd docs(examples): add YAML frontmatter to 20 command templates 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 19:20:36 +01:00
Florian BRUNIAUX
d1182af4cf docs: v3.27.1 — fact-check corrections, grepai docs, RTK overhaul 
Fact-check (README positioning):
- Template count: 120/123 → 108 (ground truth recount)
- Ratio: 14× → 24× (19,000 ÷ 784 = 24.2×)
- everything-cc stars: 31.9k → 45k+ (verified Feb 15)
- Commands count: 20 → 23, hooks: 30 → 31

Added:
- Grepai MCP documentation (semantic search, call graphs)
- 3 hook templates (rtk-baseline, session-summary, session-summary-config)
- 2 resource evaluations (system-prompts update, qmd token savings)

Changed:
- RTK documentation overhaul (v0.7.0 → v0.16.0, rtk-ai org)
- Exports deprecated (kimi.pdf, notebooklm.pdf → deprecated/)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 18:41:45 +01:00
Florian BRUNIAUX
971a297db3 feat(security): add threat intelligence DB, security commands, and cheatsheet audit fixes (v3.26.0) 
- Add threat-db.yaml v2.0.0 with 63 malicious skills, 22 CVEs, 4 campaigns
- Add /security-check, /security-audit, /update-threat-db slash commands
- Add Snyk ToxicSkills evaluation (58th resource evaluation)
- Fix cheatsheet: add Alt+T to keyboard shortcuts table, add /fast and /debug commands
- Update Features Meconnues table with Agent Teams and Auto-Memories
- Clean up cheatsheet.md.bak
- Bump version to 3.26.0

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-11 16:12:36 +01:00
Florian BRUNIAUX
deb518ceff fix(security): fact-check corrections across threat-db and hardening guide 
- CVE-2025-53109/53110: fix version 0.6.4 → 0.6.3 (per NVD/Cymulate)
- CVE-2025-53967: CVSS 8.0 → 7.5 (per NVD)
- CVE-2026-25536: add missing fixed_in 1.26.0
- CVE-2026-25546: add missing fixed_in 0.1.1
- Rename pseudo-CVE "claude-code-v2.1.34" → ADVISORY-CC-2026-001
- Fix Flatt Security URL to specific blog post
- Fix SentinelOne URL to specific CVE page

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-11 15:11:13 +01:00
Florian BRUNIAUX
ef7cdd899e release: v3.24.0 - Agent Evaluation Framework 
Major addition: Complete agent evaluation framework with production-ready template.

## Added

- **Resource Evaluation**: nao framework (score 3/5)
  - Identified critical gap: agent evaluation not documented
  - Technical challenge adjusted score 2/5 → 3/5
  - All claims fact-checked (TypeScript 58.9%, Python 38.5%)

- **Guide Section**: Agent Evaluation (guide/agent-evaluation.md, ~3K tokens)
  - Metrics: response quality, tool usage, performance, satisfaction
  - Patterns: logging hooks, unit tests, A/B testing, feedback loops
  - Example: analytics agent with built-in metrics
  - Tools: nao framework reference, Claude Code hooks integration

- **AI Ecosystem**: Section 8.2 Domain-Specific Agent Frameworks
  - nao (Analytics Agents): Database-agnostic, built-in evaluation
  - Transposable patterns: context builder, evaluation hooks, DB integrations

- **Template**: Analytics Agent with Evaluation (5 files, ~1K lines)
  - README: setup, usage, troubleshooting
  - Agent: SQL generator with evaluation criteria, safety rules
  - Hook: automated metrics logging (safety, performance, errors)
  - Script: analysis with stats, safety reports, recommendations
  - Report template: monthly evaluation format

## Changed

- Agent Evaluation Guide: updated template references, verified links
- Landing Site: templates count 110 → 114
- Version: 3.23.5 → 3.24.0

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-10 11:52:13 +01:00
Florian BRUNIAUX
d0320f3e30 docs: add memory stack integration workflow example 
Real-world 5-day sprint example showing claude-mem + Serena + grepai integration.

Scenario: JWT migration across e-commerce API (50k lines, 200+ files)

Demonstrates:
- Day 1: Discovery with grepai + architectural decisions in Serena
- Day 2: Implementation with auto-capture via claude-mem
- Day 3: Integration with context retention across sessions
- Day 4: Testing with full memory stack
- Day 5: Deployment with comprehensive handoff docs

Key metrics:
- 85% reduction in file re-reads (1000 → 150)
- 90% token savings via progressive disclosure
- 4 Serena memories (arch decisions preserved)
- 312 observations captured automatically
- $4.68 total cost for 5 days of perfect memory
- Net ROI: $0.43 cost vs 425k tokens saved

Shows practical usage:
- When to use auto vs manual memory
- Progressive disclosure in action
- Memory search queries
- Handoff documentation generation
- Cost analysis and ROI

File: examples/workflows/memory-stack-integration.md

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-10 09:36:37 +01:00
Florian BRUNIAUX
d5c3a82cac docs: add claude-mem plugin documentation (automatic session memory) 
Integrate claude-mem (thedotmack/claude-mem) into the guide as Section 8.2.5.
Score: 4/5 (High Value - automatic session capture fills documentation gap).

Added:
- Section 8.2.5: claude-mem plugin (automatic session memory)
  * Automatic capture via lifecycle hooks
  * AI compression + progressive disclosure (10x tokens)
  * Web dashboard at localhost:37777
  * Natural language search
  * Privacy controls (<private> tags)
  * Cost analysis ($0.15/100 obs)
  * AGPL-3.0 licensing considerations

- Memory Tools Decision Matrix (claude-mem vs Serena vs grepai)
  * 4-layer memory stack pattern
  * Integrated workflow examples
  * When to use automatic vs manual memory

- Plugin template: examples/plugins/claude-mem.md
  * Installation, configuration, troubleshooting
  * Advanced features (progressive disclosure, endless mode)
  * Export/import, cost optimization

- Resource evaluation: docs/resource-evaluations/claude-mem-evaluation.md
  * Technical analysis (fact-checked stats)
  * Comparison to existing tools
  * Integration recommendations

- reference.yaml: 14 new claude-mem entries

Changed:
- Updated search tools comparison (5 tools: rg, grepai, Serena, ast-grep, claude-mem)
- Extended feature matrix with "Auto capture" and "Web dashboard" rows

Stats (verified 2026-02-10):
- 26.5k GitHub stars, 1.8k forks
- 181 releases, 46 contributors
- Latest: v9.1.1 (Feb 7, 2026)
- License: AGPL-3.0 + PolyForm Noncommercial

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-10 08:47:17 +01:00
Florian BRUNIAUX
191ff42741 release: v3.23.4 - Agent Anti-Patterns & Scope-Focused Refactoring 
Major conceptual refactoring based on Dex Horty's principle:
"Subagents are not for anthropomorphizing roles, they are for controlling context"

### Added (1 new section)
- Agent Anti-Patterns section (§9.17, line 3662)
  - Wrong vs Right table (anthropomorphizing vs context control)
  - When to use agents (context isolation, parallel processing, scope limitation)
  - When NOT to use agents (fake teams, roleplaying, mimicking org structure)

### Changed (18 files, 200+ lines)
- Section rename: "Split-Role Sub-Agents" → "Scope-Focused Agents"
- Agent definitions: "Specialized role" → "Context isolation tool"
- 8 custom agent examples refactored (guide + examples/agents/)
- 10+ prompt examples with explicit scope boundaries
- 4 workflow files updated (agent-teams, TDD, iterative refinement)
- Terminology replacements:
  * "Specialized agents" → "Scope-focused agents"
  * "Expert personas" → "Context boundaries"
  * "Multi-domain expertise" → "Multi-scope analysis"

### Fixed
- Methodologies: Clarification note for BMAD role-based naming

Breaking change: Conceptual shift from role-based to scope-based agent usage.
All examples now demonstrate context isolation instead of persona simulation.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-09 10:29:59 +01:00
Florian BRUNIAUX
9805b615c5 docs: correct Agent Teams architecture + add session handoff template 
## Agent Teams Architecture Corrections

Based on official sources (Addy Osmani blog, Feb 2026):

**Major changes**:
- Add mailbox system documentation (peer-to-peer messaging)
- Correct communication model: not only team lead synthesis
- Update diagrams to show peer-to-peer arrows
- Clarify context isolation vs message sharing
- Add 7 sections with source attribution
- Add documentation update note (2026-02-09)

**Key correction**: Agents communicate via mailbox system (direct
peer-to-peer + team lead synthesis), not only hierarchical reporting.

**Files modified**:
- guide/workflows/agent-teams.md (+72 -19): 7 major corrections
- CHANGELOG.md: Document session handoff template addition
- guide/architecture.md: Architecture clarifications
- guide/ultimate-guide.md: Cross-references updates

**Sources**:
- https://addyosmani.com/blog/claude-code-agent-teams/
- Perplexity research (sonar-reasoning-pro, Feb 2026)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-09 09:23:41 +01:00
Florian BRUNIAUX
b48d95c024 feat: add agent/skill quality audit tooling + Grenier evaluation 
AUDIT TOOLING (3 templates):
- Command: /audit-agents-skills (quick project audits)
  - 16-criteria framework (Identity 3x, Prompt 2x, Validation 1x, Design 2x)
  - Weighted scoring: 32 pts (agents/skills), 20 pts (commands)
  - Production grading (A-F, 80% threshold)
  - Fix mode with actionable suggestions
- Skill: audit-agents-skills (advanced audits)
  - 3 modes: Quick (top-5), Full (all 16), Comparative (vs templates)
  - JSON + Markdown output for CI/CD
- Scoring grids: criteria.yaml (externalized for reuse)

EVALUATION:
- Grenier agent/skill quality (3/5 - Moderate Value)
  - Gap: 29.5% deploy without evaluation (LangChang 2026)
  - Integration: Created audit command + skill + criteria
  - Industry context: 18% cite agent bugs as top challenge

DOCUMENTATION:
- Guide refs: 2 strategic call-outs (after Agent/Skill validation)
- CHANGELOG: New "Added" section + evaluation details
- README: Templates 106→107, Evaluations 49→24 (count corrections)
- reference.yaml: 10 new audit entries + updated counts

SYNC:
- Landing index.html: Templates 107, Evals 24, Quiz 257
- Landing examples/index.html: Templates 107

FILES: 14 changed, 4148 insertions (+1250 lines new audit content)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-07 15:40:18 +01:00
Florian BRUNIAUX
975b8019ac feat: add 4 ClaudeKit-inspired hooks (checkpoint, validation, file-guard) 
- Add auto-checkpoint.sh (Stop event, git stash automation)
- Add typecheck-on-save.sh (PostToolUse, TypeScript validation)
- Add test-on-change.sh (PostToolUse, smart test detection)
- Add file-guard.sh (PreToolUse, unified file protection)
- Add ClaudeKit evaluation (3/5, patterns extracted)
- Version bump 3.21.0 → 3.21.1 (sync across all docs)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-02 21:50:48 +01:00
Florian BRUNIAUX
6910c06981 docs: add Native Sandboxing comprehensive documentation (v3.21.1) 
Integration of official Anthropic sandboxing docs (5/5 CRITICAL):

Created (5 files):
- guide/sandbox-native.md (~3K words): Complete technical reference
  * OS primitives (Seatbelt/bubblewrap), filesystem/network isolation
  * Sandbox modes, escape hatch, security limitations
  * Decision trees, config examples, troubleshooting
- docs/resource-evaluations/native-sandbox-official-docs.md (5/5 score)
- examples/config/sandbox-native.json (production config)
- examples/commands/sandbox-status.md (sandbox inspection)
- examples/hooks/bash/sandbox-validation.sh (prod validation)

Updated (5 files):
- guide/sandbox-isolation.md: Section 4 "Native Claude Code Sandbox"
  * Comparison Native vs Docker (process-level vs microVM)
  * Updated TL;DR, comparison matrix, decision tree
- guide/architecture.md: Native Sandbox sub-section in Security Model
- machine-readable/reference.yaml: +24 sandbox entries
- VERSION: 3.21.0 → 3.21.1
- README.md: Templates 100→103, Evaluations 44→45
- CHANGELOG.md: v3.21.1 entry

Closes critical security documentation gap (~1800 words missing).
Fact-checked 100%, agent-challenged (technical-writer), production-ready.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-02 20:24:17 +01:00
Florian BRUNIAUX
0630fcd883 feat: add configuration management and MCP secrets workflows (closes #16204) 
Major additions to address critical gaps in Claude Code configuration:

## New Documentation Sections

1. Section 3.2.1 "Version Control & Backup" (guide/ultimate-guide.md:4085)
   - Configuration hierarchy: global → project → local
   - Git strategy for ~/.claude (symlinks approach)
   - Backup strategies: Git remote, cloud sync, cron
   - Multi-machine sync workflows
   - Disaster recovery procedures
   - Documented .claude/settings.local.json (previously undocumented)

2. Section 8.3.1 "MCP Secrets Management" (guide/ultimate-guide.md:8113)
   - Three practical approaches: OS Keychain, .env, Secret Vaults
   - Secrets rotation workflow
   - Pre-commit secret detection
   - Verification checklist
   - Best practices summary

## New Templates

1. sync-claude-config.sh (examples/scripts/)
   - Commands: setup, sync, backup, restore, validate
   - .env parsing + envsubst for variable substitution
   - Git repo creation with symlinks
   - Validation checks (secrets not in Git)

2. pre-commit-secrets.sh (examples/hooks/bash/)
   - Detects 10+ secret patterns (OpenAI, GitHub, AWS, etc.)
   - Whitelist system for false positives
   - Clear error messages with remediation steps

3. settings.local.json.example (examples/config/)
   - Machine-specific overrides template
   - Example use cases and patterns

## Resource Evaluation

- Added docs/resource-evaluations/ratinaud-config-management-evaluation.md
- Score: 5/5 (CRITICAL)
- Validated via 3 Perplexity searches + technical-writer agent challenge
- Community demand: GitHub #16204 + brianlovin/claude-config

## Updated References

- machine-readable/reference.yaml: 22 new entries
- Configuration management sections
- MCP secrets workflows
- Community resources (Ratinaud, brianlovin, GitHub issue)

## Impact

- Security: Pre-commit hook prevents secret leaks
- Productivity: Multi-machine sync reduces manual reconfig
- Team coordination: Onboarding workflow for ~/.claude setup
- Disaster recovery: Backup/restore strategies documented

Credits:
- Martin Ratinaud (504 sessions, LinkedIn post)
- brianlovin/claude-config (community example)
- GitHub Issue #16204 (community request)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-02 18:17:42 +01:00
Florian BRUNIAUX
fd4550cbd3 release: v3.20.0 - Multi-Agent Code Review Automation 
Integration of production-grade PR review patterns from Pat Cullen + Méthode Aristote.

New Features:
- Resource evaluation: Pat Cullen Final Review (5/5 - Critical)
- Enhanced /review-pr: +150 lines with Advanced Multi-Agent Review section
- Enhanced code-reviewer agent: +219 lines with anti-hallucination rules
- New workflow: Review Auto-Correction Loop in iterative-refinement.md
- Production example: Multi-Agent Code Review in ultimate-guide.md
- Reference updates: +3 entries (review_pr_advanced, review_anti_hallucination, review_auto_fix_loop)

Key Patterns:
- 3 specialized agents: Consistency, SOLID, Defensive Code Auditor
- Pre-flight check: git log Co-Authored-By detection
- Anti-hallucination: Grep/Glob verification before suggestions
- Severity classification: 🔴 Must Fix / 🟡 Should Fix / 🟢 Can Skip
- Convergence loop: review → fix → re-review (max 3 iterations)
- Conditional context loading: stack-agnostic decision table

Design Principles:
- Enrich existing files (no fragmentation)
- No breaking changes (review-pr.md template simple preserved)
- Complete attribution (Pat Cullen + Méthode Aristote with links)
- Audience-aware (beginner → advanced progression)

Files Modified:
- CHANGELOG.md, VERSION: bumped to 3.20.0
- docs/resource-evaluations/017-pat-cullen-final-review.md: NEW (120 lines)
- examples/commands/review-pr.md: 80 → 230 lines (+150)
- examples/agents/code-reviewer.md: 72 → 291 lines (+219)
- guide/workflows/iterative-refinement.md: 389 → 522 lines (+133)
- guide/ultimate-guide.md: +28 lines (Production Example section)
- machine-readable/reference.yaml: +3 entries
- README.md, guide/cheatsheet.md: version sync

Total: +537 insertions, 0 deletions (no breaking changes)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-30 16:07:09 +01:00
Florian BRUNIAUX
c28161dca8 docs: enrich RTK evaluation with T3 Stack production testing 
Real-World Testing Results (Méthode Aristote - T3 Stack):
- Project: Next.js 15 + tRPC + Prisma + pnpm
- Commands tested: 12 (git, pnpm, Vitest, TypeScript, Prisma)
- Git workflows validated: 85.6% avg reduction (up from 72.6%)

Critical Bug Discovered:
- git argument parsing broken (`--oneline`, `--graph` blocked)
- Workaround: `rtk git log -- -20` (works)
- Impact: CRITICAL - affects ALL git users

Modern Stack Gaps Identified:
- pnpm support MISSING (80-90% reduction possible, CRITICAL impact)
- Vitest support MISSING (90% reduction possible, HIGH impact)
- TypeScript support MISSING (70% reduction possible, MEDIUM impact)

ROI Analysis:
- Current v0.2.0: 40% command coverage, 55% token reduction
- Proposed v0.3.0 (pnpm + Vitest): 85% coverage, 80% reduction
- Dev effort: 1 week (7 days)

New Deliverables:
- Benchmark script: examples/scripts/rtk-benchmark.sh (reproductible tests)
- Test results: claudedocs/rtk-test-results-aristote.md (53KB, gitignored)
- Updated PR proposals: claudedocs/rtk-pr-proposals.md (P0-P2 ranking)
- GitHub issues: claudedocs/rtk-github-issue-template.md (ready for upstream)

Updated Evaluation:
- Score: Still 4/5 (GOOD) but clearer path to 5/5 (CRITICAL)
- Blockers: git args bug + pnpm/Vitest gaps
- Strength: 85.6% git reduction validated on production codebase

Full report: claudedocs/rtk-test-results-aristote.md (23K detailed analysis)
 2026-01-28 14:01:37 +01:00
Florian BRUNIAUX
1000cb6e85 docs: add RTK integration templates and evaluation 
- Evaluation: docs/resource-evaluations/rtk-evaluation.md (4/5 score, comprehensive benchmarks)
- CLAUDE.md template: examples/claude-md/rtk-optimized.md (manual usage instructions)
- Skill template: examples/skills/rtk-optimizer/SKILL.md (auto-suggestion)
- Hook template: examples/hooks/bash/rtk-auto-wrapper.sh (PreToolUse auto-wrapper)
- PR proposals: claudedocs/rtk-pr-proposals.md (7 upstream improvements)

These templates enable 3 RTK integration strategies referenced in guide:10478
 2026-01-28 13:03:10 +01:00
Florian BRUNIAUX
edf74b38c5 docs: add missing hook events from official CHANGELOG (v2.1.9-v2.1.10) 
- Add 3 missing events to Section 7.1: Setup, PermissionRequest, SubagentStop
- Document PreToolUse additionalContext feature (v2.1.9+)
- Create 3 production-ready hook templates (setup, permission, subagent)
- Add resource evaluation documenting rejection of secondary source

Source: Official Claude Code CHANGELOG, not external blog posts
Closes gap identified during resource evaluation process

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-27 12:45:47 +01:00
Florian BRUNIAUX
3a7671ac5e docs: update $ARGUMENTS syntax for v2.1.19 breaking change + evaluation 
Updated all documentation and examples to reflect Claude Code v2.1.19
breaking change: $ARGUMENTS.0 → $ARGUMENTS[0] (bracket syntax).

Changes:
- guide/ultimate-guide.md: 7 occurrences updated to bracket/shorthand syntax
- guide/cheatsheet.md: Command template updated
- Added migration note in § 6.2 Variable Interpolation
- Created migration scripts: migrate-arguments-syntax.{sh,ps1}
  • Automated detection + conversion with backups
  • Dry-run mode, cross-platform (macOS/Linux/Windows)
- Added formal evaluation: eval-claude-code-releases-jan2026.md
  • Score: 5/5 (Critical - Integrate Immediately)
  • Covers releases 2.1.0 to 2.1.19 (January 2026)
  • Technical accuracy verified against GitHub CHANGELOG

Files:
- guide/ultimate-guide.md (+23 lines, 7 occurrences fixed)
- guide/cheatsheet.md (+1 line)
- examples/scripts/migrate-arguments-syntax.sh (+152 lines)
- examples/scripts/migrate-arguments-syntax.ps1 (+143 lines)
- docs/resource-evaluations/eval-claude-code-releases-jan2026.md (+273 lines)
- CHANGELOG.md (+12 lines, Unreleased section)

Total: +605 lines

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-26 17:37:49 +01:00
Florian BRUNIAUX
257f2ff65d docs: add search tools guides and ast-grep patterns 
New documentation:
- guide/search-tools-cheatsheet.md: Quick reference for Grep/Glob/Read tools
- guide/workflows/README.md: Workflows directory index
- examples/skills/ast-grep-patterns.md: AST-based code search patterns

Updated:
- guide/architecture.md: MCP architecture visual diagram section

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-01-25 18:47:29 +01:00
Florian BRUNIAUX
96da6ebd7e feat: add bridge script for Claude Code → LM Studio execution (v3.12.1) 
Bridge script enables local execution of Claude Code plans via LM Studio:
- Python CLI with 5 components (DoobidooReader, LMStudioClient, Validator, StepExecutor, PlanExecutor)
- JSON Schema for plan validation (bridge-plan-schema.json)
- Cost optimization: Plan with Opus (~$0.50-2), execute free locally (80-90% savings)
- 4 validation types: json, syntax_check, contains_keys, non_empty
- CLI: --health, --list, --plan ID, -v verbose mode

Documentation:
- New section "Local Execution Bridge" in ultimate-guide.md §11.2
- scripts/README.md with full usage documentation
- machine-readable/reference.yaml entries for discoverability

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-01-25 18:43:05 +01:00
Florian BRUNIAUX
c84c56bfbd docs: add AI Traceability & Attribution guide 
Comprehensive documentation on AI code attribution and disclosure:

- New guide: guide/ai-traceability.md (~640 lines)
  - LLVM "Human-in-the-Loop" policy (Assisted-by trailer)
  - Ghostty mandatory disclosure pattern
  - Fedora contributor accountability framework
  - git-ai tool documentation
  - PromptPwnd security vulnerability
  - Four-level disclosure spectrum
  - Implementation guides (solo, team, enterprise)

- Templates: examples/config/
  - CONTRIBUTING-ai-disclosure.md
  - PULL_REQUEST_TEMPLATE-ai.md

- Cross-references added to:
  - ultimate-guide.md (after Co-Authored-By section)
  - learning-with-ai.md (after Vibe Coding Trap)
  - security-hardening.md (See Also)
  - guide/README.md (table of contents)

- reference.yaml: 14 new entries for AI traceability topics

Source: Vibe coding needs git blame (Piotr Migdał, Jan 2026)
+ Perplexity research on LLVM, Ghostty, Fedora policies

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-01-24 20:11:53 +01:00