fix: small clean up, fix skill

.coderabbit.yaml

@@ -0,0 +1,142 @@
+# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json
+
+language: "en-US"
+tone_instructions: "Be concise. Focus on actionable issues—broken paths, invalid JSON, shell bugs. Skip style nitpicks on markdown."
+early_access: false
+
+reviews:
+  profile: "chill"
+  request_changes_workflow: false
+  high_level_summary: true
+  review_status: true
+  collapse_walkthrough: false
+  poem: false
+  sequence_diagrams: true
+  estimate_code_review_effort: true
+  suggested_labels: true
+  auto_apply_labels: false
+  suggested_reviewers: false
+
+  auto_review:
+    enabled: true
+    auto_incremental_review: true
+    auto_pause_after_reviewed_commits: 5
+    ignore_title_keywords:
+      - "WIP"
+      - "DO NOT MERGE"
+      - "draft"
+    drafts: false
+
+  path_filters:
+    - "!**/node_modules/**"
+    - "!**/*.lock"
+    - "!**/package-lock.json"
+    - "!dev/active/**"
+    - "!doc-sync-logs/**"
+
+  path_instructions:
+    - path: "shared/agents/**/*.md"
+      instructions: |
+        Agent definition files for Claude Code. Check:
+        - YAML frontmatter has required fields: name, description, model
+        - Description is a SINGLE LINE with \n escapes (no actual newlines)
+        - Referenced file paths match the repo structure (shared/guidelines/*, etc.)
+        - No broken cross-references to guidelines or skills
+        - No product-specific content (this is a generic OSS orchestrator)
+
+    - path: "shared/copilot-agents/**/*.agent.md"
+      instructions: |
+        GitHub Copilot agent files. Check:
+        - YAML frontmatter has name and description fields
+        - Instructions are practical and implementation-ready
+        - No product-specific content
+
+    - path: "**/*.md"
+      instructions: |
+        Documentation/infrastructure repo. For markdown:
+        - CLI command examples should be syntactically correct
+        - File paths mentioned should match the repo structure
+        - Heading levels should not be skipped
+        - Code blocks should have a language tag
+
+    - path: "shared/hooks/**/*.sh"
+      instructions: |
+        Claude Code hook scripts that run automatically on every prompt or tool use.
+        Critical: these must NEVER crash or block the user.
+        - Should NOT use set -e (hooks must always exit 0)
+        - All variables must be properly quoted
+        - Must always exit 0 regardless of errors
+        - Check jq usage if parsing JSON
+        - Verify file path assumptions
+
+    - path: "shared/hooks/**/*.ts"
+      instructions: |
+        TypeScript hook code executed via tsx.
+        - No use of 'any' type
+        - Proper error handling with typed catch blocks
+        - Edge cases in file path handling
+        - Must handle missing files/dirs gracefully (hooks can't crash)
+
+    - path: "shared/skills/skill-rules.json"
+      instructions: |
+        Critical config controlling skill activation.
+        - JSON must be valid
+        - Glob patterns in file_patterns must be syntactically correct
+        - No duplicate skill names
+        - Version field should match skill system version
+
+    - path: "shared/settings/**/*.json"
+      instructions: |
+        Claude Code settings files.
+        - JSON must be valid
+        - Hook command paths must reference correct script locations
+        - Permission patterns must be valid Claude Code permission syntax
+
+    - path: "setup/**"
+      instructions: |
+        Setup wizard scripts. Check:
+        - Shell scripts are portable (POSIX where possible)
+        - File operations handle spaces in paths
+        - Symlink creation is correct for the documented structure
+
+  tools:
+    shellcheck:
+      enabled: true
+    markdownlint:
+      enabled: true
+    yamllint:
+      enabled: true
+    gitleaks:
+      enabled: true
+    trivy:
+      enabled: true
+    ruff:
+      enabled: false
+    pylint:
+      enabled: false
+    golangci-lint:
+      enabled: false
+
+  finishing_touches:
+    docstrings:
+      enabled: false
+    unit_tests:
+      enabled: false
+
+chat:
+  auto_reply: true
+
+knowledge_base:
+  opt_out: false
+  web_search:
+    enabled: true
+  code_guidelines:
+    enabled: true
+    filePatterns:
+      - "shared/guidelines/global/**/*.md"
+      - "shared/guidelines/orchestrator/**/*.md"
+      - "CLAUDE.md"
+  learnings:
+    scope: "local"
+  issues:
+    scope: "local"

shared/agents/global/auto-error-resolver.md

@@ -17,7 +17,7 @@ You are a specialized TypeScript error resolution agent. Your primary job is to
    - View real-time logs: `pm2 logs [service-name]`
    - View last 100 lines: `pm2 logs [service-name] --lines 100`
    - Check error logs: `tail -n 50 [service]/logs/[service]-error.log`
-   - Services: backend (FastAPI), frontend (Next.js)
+   - Check your project's services (e.g., backend, frontend)
 
 3. **Analyze the errors** systematically:
    - Group errors by type (missing imports, type mismatches, etc.)

shared/agents/global/plan-reviewer.md

@@ -33,7 +33,7 @@ When reviewing plans, verify alignment with organizational standards:
 - **Authentication/Authorization**: Verify compatibility with existing auth systems, token handling, session management
 - **Database Operations**: Check for proper migrations, indexing strategies, transaction handling, and data validation
 - **API Integrations**: Validate endpoint availability, rate limits, authentication requirements, and error handling
-- **Type Safety**: Ensure proper TypeScript types are defined for new data structures and API responses
+- **Type Safety**: Ensure proper type definitions for new data structures and API responses
 - **Error Handling**: Verify comprehensive error scenarios are addressed
 - **Performance**: Consider scalability, caching strategies, and potential bottlenecks
 - **Security**: Identify potential vulnerabilities or security gaps
@@ -81,4 +81,4 @@ Your review must be **concise and actionable**:
 - ❌ Bad: Reiterate all best practices from guidelines
 - ✅ Good: Reference guideline and note specific deviations
 
-Create your review as a comprehensive but **succinct** markdown report that saves the development team from costly implementation mistakes. Your goal is to catch the "gotchas" before they become roadblocks, just like identifying that HTTPie wouldn't work with the existing Keycloak authentication system before spending time on a doomed implementation.
+Create your review as a comprehensive but **succinct** markdown report that saves the development team from costly implementation mistakes. Your goal is to catch the "gotchas" before they become roadblocks — like identifying that a chosen library won't work with the existing authentication system before spending time on a doomed implementation.

shared/agents/global/ux-ui-designer.md

@@ -7,14 +7,16 @@ color: purple
 
 You are an expert UX/UI designer specializing in software interface design for developers. You provide practical, implementation-ready design guidance that bridges the gap between design thinking and code.
 
-**Tech Stack Awareness:**
-Before providing design guidance, check `CLAUDE.md` or project configuration for the design stack. Adapt recommendations to the project's actual technologies (Tailwind CSS, shadcn/ui, Material UI, Chakra, etc.).
+## Guidelines
 
-**Documentation References:**
-- `CLAUDE.md` - Discovery hub for project context and existing patterns
-- `guidelines/{repo-name}/architectural-principles.md` - Component organization patterns
-- Check existing components in `src/components/` before proposing new ones
-- Look for task context in `./dev/active/[task-name]/` if working on a specific feature
+Before providing design guidance, gather project context:
+
+1. **Check `CLAUDE.md`** for project overview, design stack, and existing patterns
+2. **Check `guidelines/{repo-name}/architectural-principles.md`** for component organization patterns
+3. **Check existing components** in `src/components/` before proposing new ones
+4. **Look for task context** in `./dev/active/[task-name]/` if working on a specific feature
+
+Adapt recommendations to the project's actual technologies (Tailwind CSS, shadcn/ui, Material UI, Chakra, etc.).
 
 ---
 
@@ -63,20 +65,18 @@ Before providing design guidance, check `CLAUDE.md` or project configuration for
 **Three-Tier Token System:**
 ```text
 Primitive Tokens (raw values)
-  → color.blue.500: #3B82F6
-  → spacing.4: 16px
+  → e.g., color.blue.500, spacing.4
 
 Semantic Tokens (meaning-based)
-  → color.primary: {color.blue.500}
-  → spacing.component-gap: {spacing.4}
+  → e.g., color.primary → {color.blue.500}
 
 Component Tokens (component-specific)
-  → button.background: {color.primary}
-  → card.padding: {spacing.component-gap}
+  → e.g., button.background → {color.primary}
 ```
+Adapt token naming to the project's existing design system conventions.
 
 **Design-Code Parity:**
-- Figma variables mapping to CSS custom properties
+- Design tool variables mapping to code-level tokens (CSS custom properties, theme objects, etc.)
 - Component APIs that match design specifications
 - Variant structures aligned between design and code
 

shared/agents/orchestrator/codebase-auditor.md

@@ -22,6 +22,19 @@ pwd && ls -la shared/ SETUP_CONFIG.json 2>/dev/null | head -5
 
 ---
 
+## Guidelines
+
+Before running an audit, gather orchestrator context:
+
+1. **Check `CLAUDE.md`** for repository overview and resource discovery map
+2. **Read `SETUP_CONFIG.json`** for repository configuration and structure
+3. **Review `shared/guidelines/`** for documented patterns and conventions
+4. **Check `shared/skills/skill-rules.json`** for skill metadata and file patterns
+
+Reference specific guideline violations or pattern mismatches in audit findings.
+
+---
+
 ## Operating Modes
 
 ### Mode 1: FULL AUDIT (Default)

shared/hooks/skill-activation-prompt.sh

@@ -20,26 +20,32 @@ SCRIPT_DIR="$(get_script_dir)"
 # Change to the script directory and run the TypeScript hook
 cd "$SCRIPT_DIR"
 
-# Capture stdin to a variable so we can pass it to tsx
+# Capture stdin (printf preserves payload shape, unlike echo which can mangle escapes)
 INPUT=$(cat)
 
-# Run the TypeScript hook and capture both stdout and stderr
-OUTPUT=$(echo "$INPUT" | NODE_NO_WARNINGS=1 npx tsx skill-activation-prompt.ts 2>&1)
+# Temp files for clean stdout/stderr separation
+STDOUT_FILE=$(mktemp)
+STDERR_FILE=$(mktemp)
+trap 'rm -f "$STDOUT_FILE" "$STDERR_FILE"' EXIT
+
+# Run the TypeScript hook with stdout and stderr captured separately
+printf '%s' "$INPUT" | NODE_NO_WARNINGS=1 npx tsx skill-activation-prompt.ts \
+    >"$STDOUT_FILE" 2>"$STDERR_FILE"
 EXIT_CODE=$?
 
-# If there was an error, log it but still output what we can
+# Parse stderr for skill activation info and relay to terminal
 if [ $EXIT_CODE -ne 0 ]; then
     echo "⚡ [Skills] Hook error (exit $EXIT_CODE)" >&2
 else
-    SKILL_LINE=$(echo "$OUTPUT" | grep -o '\[Skills\] Activated: [^"]*' | head -1)
+    SKILL_LINE=$(grep -o '\[Skills\] Activated: [^"]*' "$STDERR_FILE" | head -1)
     if [ -n "$SKILL_LINE" ]; then
         echo "⚡ $SKILL_LINE" >&2
     else
         echo "⚡ [Skills] No skills matched" >&2
     fi
 fi
 
-# Output to stdout (filter out any error messages for clean output)
-echo "$OUTPUT" | grep -v "^Error\|^Uncaught\|ExperimentalWarning"
+# Output pristine stdout only (no grep filtering needed)
+cat "$STDOUT_FILE"
 
 exit 0