Package Exports

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (devflow-kit) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

DevFlow - Agentic Development Toolkit

A comprehensive collection of Claude Code commands and configurations designed to enhance developer workflows when working with AI coding assistants.

Installation

# Run with npx (recommended - no global install needed)
npx devflow-kit init

That's it! DevFlow is now installed and ready to use in Claude Code.

What's Included

🎯 Skills (Auto-Activate)

Skills are model-invoked - Claude automatically activates them based on context, enforcing quality without manual invocation.

Skill	Purpose	Auto-Triggers When
`pattern-check`	Architectural pattern validation (Result types, DI, immutability)	Code changes are made, new functions added
`test-design`	Test quality enforcement (setup complexity, mocking, behavior vs implementation)	Tests are written or modified
`code-smell`	Anti-pattern detection (fake solutions, unlabeled workarounds, magic values)	Features are implemented, code is reviewed
`research`	Pre-implementation planning, documentation study, integration strategy	Unfamiliar features requested, architectural decisions needed
`debug`	Systematic debugging with hypothesis testing and root cause analysis	Errors occur, tests fail, performance issues detected
`input-validation`	Boundary validation enforcement (parse-don't-validate, SQL injection prevention)	API endpoints created, external data handled
`error-handling`	Result type consistency and exception boundary enforcement	Error handling code written, functions that can fail

How Skills Work:

Proactive enforcement - Catch issues during implementation, not after
No manual invocation - Model decides when skills are relevant
Quality gates - Block anti-patterns automatically
Context-aware - Activate based on what you're doing

IMPORTANT: Skills are automatically activated by Claude based on context. They cannot be manually invoked like slash commands.

Dual-Mode Pattern: The research and debug skills also exist as slash commands (/research, /debug) for manual control:

Skill mode (auto): Activates when Claude detects unfamiliar features or errors
Command mode (manual): Use /research or /debug when you want explicit control over the workflow

This gives you the best of both worlds: automatic assistance when needed, manual control when preferred.

📊 Slash Commands (User-Invoked)

Command	Purpose	When to Use
`/catch-up`	Smart summaries for starting new sessions with status validation	Starting a session
`/devlog`	Development log for comprehensive session documentation	Ending a session
`/plan-next-steps`	Extract actionable next steps from current discussion	After planning discussion
`/implement`	Smart interactive implementation orchestrator with todo triage	After planning, ready to implement todos
`/debug`	Systematic debugging workflow with hypothesis testing	When errors occur, tests fail, or investigating issues
`/research`	Pre-implementation research and approach analysis	Before implementing unfamiliar features or integrations
`/code-review`	Comprehensive code review using specialized sub-agents	Before committing or creating PR
`/commit`	Intelligent atomic commit creation with safety checks	When ready to commit
`/release`	Automated release workflow with version management and publishing	Creating a new release

🤖 Sub-Agents

Sub-Agent	Specialty	Purpose
`audit-security`	Security Analysis	Expert vulnerability detection and security code review
`audit-performance`	Performance	Optimization and bottleneck detection
`audit-architecture`	Architecture	Design pattern analysis and code structure review
`audit-tests`	Testing	Test quality, coverage, and effectiveness analysis (surgical execution)
`audit-complexity`	Complexity	Code complexity and maintainability assessment
`audit-dependencies`	Dependencies	Dependency management and security analysis
`audit-database`	Database	Database design and optimization review
`audit-documentation`	Documentation	Docs-code alignment, API accuracy, comment quality
`catch-up`	Context Restoration	Project status and context restoration with validation
`commit`	Git Operations	Intelligent commit creation with safety checks
`research`	Implementation Planning	Pre-implementation research, approach analysis, and planning
`release`	Release Automation	Project-agnostic release workflow with version management

How Sub-Agents Work:

Specialized AI assistants with deep expertise in specific domains
Separate context windows for focused analysis
Can be invoked explicitly or automatically by orchestrator commands
Restricted tool access appropriate to their domain

Invoking Sub-Agents:

# Explicit invocation
"Use the audit-security sub-agent to analyze this authentication code"

# Automatic delegation (Claude Code decides which sub-agent to use)
"Review this code for security issues"

📊 Smart Statusline

Real-time project context display showing:

Current model and session duration
Git branch and uncommitted changes indicator
Session cost tracking
Project context
Zero configuration - works immediately after installation

🔒 Security & Token Optimization

DevFlow automatically creates a comprehensive .claudeignore file at your git repository root to:

Protect Sensitive Data:

Environment files (.env, .env.*, .envrc)
Credentials & keys (*.key, *.pem, SSH keys)
Cloud configs (.aws/, .gcp/, .azure/)
Package tokens (.npmrc, .pypirc)
Database files (*.sql, *.db)

Optimize Token Usage:

Dependencies (node_modules/, vendor/, venv/)
Build artifacts (dist/, build/, .next/)
IDE files (.vscode/, .idea/)
Lock files (package-lock.json, yarn.lock)
Media and binaries

Covers patterns for all major languages and operating systems.

Development Workflow

Starting a Session

/catch-up - Review what was done previously
Check statusline for current model, git state, duration
Review recommended next actions

During Development

Skills auto-activate - research skill triggers for unfamiliar features, pattern-check validates architecture
Code with confidence - Skills catch anti-patterns and violations during implementation
/code-review - Review changes before committing
/commit - Create intelligent atomic commits

Ending a Session

/devlog - Document decisions and state
/code-review - Review branch before creating PR
/commit - Final commits with validation

Creating a Release

/code-review - Comprehensive branch review
/release - Automated release workflow
- Detects project type (Node.js, Rust, Python, Go, etc.)
- Analyzes commits and suggests version bump
- Generates changelog from git history
- Builds and tests before publishing
- Creates git tags and platform releases
Verify package in registry

When Things Go Wrong

Skills auto-activate - debug skill triggers on errors/failures with systematic approach
Check git log and recent commits
Revert changes using git
Document lessons learned in .docs/debug/

CLI Commands

Command	Purpose	Options
`devflow init`	Initialize DevFlow for Claude Code	`--skip-docs` - Skip creating `.docs/` structure
`devflow uninstall`	Remove DevFlow from Claude Code	`--keep-docs` - Keep `.docs/` directory

What devflow init does:

Installs commands to ~/.claude/commands/devflow/
Installs sub-agents to ~/.claude/agents/devflow/
Installs skills to ~/.claude/skills/devflow/
Installs scripts to ~/.devflow/scripts/
Updates ~/.claude/settings.json (statusline and model)
Creates .claudeignore at git repository root
Creates .docs/ structure for project documentation

First Run:

devflow init
/devlog      # Document your current project state
/catch-up    # Get oriented with the project

Advanced Usage

Custom Audit Rules

# Extend sub-agents for project-specific patterns
echo "Check for exposed API keys in config files" >> ~/.claude/agents/devflow/audit-security.md

Team Usage

# Share session documentation with team
/devlog
git add .docs/status/
git commit -m "Session status: completed user auth feature"

Integration Examples

# Skills auto-activate during development
"Add JWT authentication"  # research skill triggers automatically
"Fix this error"          # debug skill activates and guides systematic approach

# Manual command invocation
/code-review   # Review changes (uncommitted or full branch)
/commit        # Create atomic commits
/release       # Automated release workflow

Philosophy

Modern development increasingly involves AI agents that can read, write, and modify code autonomously. DevFlow provides:

Trust but Verify - Tools to catch AI agent mistakes
Context Preservation - Memory across long-term projects
Quality Gates - Automated checks for AI changes
Developer Empowerment - Enhance human judgment, not replace it

Building from Source

# Clone and build
git clone https://github.com/dean0x/devflow.git
cd devflow
npm install
npm run build

# Test locally
node dist/cli.js init

# Watch mode for development
npm run dev

Project Structure:

src/
├── cli/                   # CLI source code (TypeScript)
│   ├── commands/           # init.ts, uninstall.ts
│   └── cli.ts             # CLI entry point
└── claude/                # Claude Code configuration
    ├── agents/devflow/     # Sub-agent definitions (.md)
    ├── commands/devflow/   # Slash command definitions (.md)
    ├── skills/devflow/     # Auto-activate skill definitions (.md)
    ├── scripts/            # statusline.sh
    └── settings.json       # Claude Code settings

Support

Check installed command documentation
Review .docs/status/ for recent sessions
Skills auto-activate for systematic troubleshooting
Report issues at https://github.com/dean0x/devflow/issues

License

MIT