elias/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-06-13 23:03:34 +08:00
Code Issues Packages Projects Releases Wiki Activity
everything-claude-code/.kiro/README.md
Vu Thanh Tai 4ad5756899
feat: expand Kiro adapter to full language coverage (#2101) 
* feat: expand Kiro adapter to full language coverage

- Add 17 new agents (typescript, rust, kotlin, java, cpp, django, swift,
  fsharp, pytorch, mle, performance-optimizer) in both .md and .json formats
- Add 25 new skills (rust, kotlin, java/spring, django, fastapi, nestjs,
  react, nextjs, cpp, swift, mle/pytorch, deep-research, strategic-compact,
  autonomous-loops, content-hash-cache-pattern)
- Add 6 new language-specific steering files (rust, kotlin, java, cpp, php, ruby)
- Add 3 new hooks (rust-check-on-edit, python-lint-on-edit, security-check-on-create)
- Update README with expanded component inventory and documentation
- Fix install.sh line endings for macOS compatibility

Total Kiro components: 33 agents, 43 skills, 22 steering files, 13 hooks

* fix: resolve P1/P2 violations in Kiro agents, skills, and steering

- java-patterns.md: remove reference to non-existent quarkus-patterns skill
- kotlin-patterns.md: fix insecure BuildConfig recommendation for secrets
- swift-actor-persistence: fix Swift version claim (5.9+) and Dictionary crash
- java-reviewer.md: add recursive framework detection + robust diff chain
- kotlin-reviewer.md: replace unreliable diff detection with fallback chain
- rust-reviewer.md: add diff fallback + make CI gating mandatory
- jpa-patterns: add DISTINCT to fetch-join query to prevent duplicates
- django-reviewer.md: add migration safety check, narrow save() rule,
  fix pytest-django behavior description

* fix: resolve remaining violations in Kiro agents, skills, and docs

Agents:
- java-build-resolver.md: remove quarkus-patterns ref, fix 'Initialise' spelling
- java-reviewer.json: remove quarkus-patterns ref from prompt
- mle-reviewer.md, cpp-build-resolver.md, java-build-resolver.md,
  performance-optimizer.md: fix allowedTools 'read' -> 'fs_read'

Hooks:
- rust-check-on-edit: fix description to match askAgent behavior

Skills:
- content-hash-cache-pattern: hyphenate 'Content-Hash-Based'
- cpp-testing: hyphenate 'real-time'
- django-security: use placeholder secrets, fix CSRF_COOKIE_HTTPONLY=False
- nestjs-patterns: add Logger to HttpExceptionFilter for non-Http errors
- react-patterns: add React 19 compatibility note for useActionState
- rust-patterns: remove edition-specific 'Rust 2024+' reference
- springboot-patterns: cap exponential backoff, recommend Resilience4j
- springboot-security: fix invalid @Query SQL injection example
- swift-protocol-di-testing: add thread-safety doc comment to mock

Docs:
- README.md: fix Project Structure counts (33/43/22/13)

* fix: sync README tree with counts, restore local diff in kotlin-reviewer, correct django FK index guidance

- README.md: Project Structure tree now lists all 33 agents, 43 skills,
  22 steering files, and 13 hooks (was showing old subset)
- kotlin-reviewer.md: restore git diff --staged / git diff for local
  pre-commit review before falling back to HEAD~1
- django-reviewer.md: clarify that ForeignKey fields are indexed by
  default; only flag missing db_index on non-FK filter columns
2026-06-07 13:26:37 +08:00

639 lines
32 KiB
Markdown
Raw Blame History

# Everything Claude Code for Kiro
Bring [Everything Claude Code](https://github.com/anthropics/courses/tree/master/everything-claude-code) (ECC) workflows to [Kiro](https://kiro.dev). This repository provides custom agents, skills, hooks, steering files, and scripts that can be installed into any Kiro project with a single command.
## Quick Start
```bash
# Go to .kiro folder
cd .kiro
# Install to your project
./install.sh /path/to/your/project
# Or install to the current directory
./install.sh
# Or install globally (applies to all Kiro projects)
./install.sh ~
```
The installer uses non-destructive copy — it will not overwrite your existing files.
## Component Inventory
| Component | Count | Location |
|-----------|-------|----------|
| Agents (JSON) | 33 | `.kiro/agents/*.json` |
| Agents (MD) | 33 | `.kiro/agents/*.md` |
| Skills | 43 | `.kiro/skills/*/SKILL.md` |
| Steering Files | 22 | `.kiro/steering/*.md` |
| IDE Hooks | 13 | `.kiro/hooks/*.kiro.hook` |
| Scripts | 2 | `.kiro/scripts/*.sh` |
| MCP Examples | 1 | `.kiro/settings/mcp.json.example` |
| Documentation | 5 | `docs/*.md` |
## What's Included
### Agents
Agents are specialized AI assistants with specific tool configurations.
**Format:**
- **IDE**: Markdown files (`.md`) - Access via automatic selection or explicit invocation
- **CLI**: JSON files (`.json`) - Access via `/agent swap` command
Both formats are included for maximum compatibility.
> **Note:** Agent models are determined by your current model selection in Kiro, not by the agent configuration.
| Agent | Description |
|-------|-------------|
| `planner` | Expert planning specialist for complex features and refactoring. Read-only tools for safe analysis. |
| `code-reviewer` | Senior code reviewer ensuring quality and security. Reviews code for CRITICAL security issues, code quality, React/Next.js patterns, and performance. |
| `tdd-guide` | Test-Driven Development specialist enforcing write-tests-first methodology. Ensures 80%+ test coverage with comprehensive test suites. |
| `security-reviewer` | Security vulnerability detection and remediation specialist. Flags secrets, SSRF, injection, unsafe crypto, and OWASP Top 10 vulnerabilities. |
| `architect` | Software architecture specialist for system design, scalability, and technical decision-making. Read-only tools for safe analysis. |
| `build-error-resolver` | Build and TypeScript error resolution specialist. Fixes build/type errors with minimal diffs, no architectural changes. |
| `doc-updater` | Documentation and codemap specialist. Updates codemaps and documentation, generates docs/CODEMAPS/*, updates READMEs. |
| `refactor-cleaner` | Dead code cleanup and consolidation specialist. Removes unused code, duplicates, and refactors safely. |
| `go-reviewer` | Go code review specialist. Reviews Go code for idiomatic patterns, error handling, concurrency, and performance. |
| `python-reviewer` | Python code review specialist. Reviews Python code for PEP 8, type hints, error handling, and best practices. |
| `typescript-reviewer` | TypeScript/JavaScript code reviewer. Type safety, async correctness, Node/web security, and idiomatic patterns. |
| `rust-reviewer` | Rust code reviewer. Ownership, lifetimes, error handling, unsafe usage, and idiomatic patterns. |
| `rust-build-resolver` | Rust/Cargo build error resolution specialist. Fixes compilation, dependency, and linking errors. |
| `kotlin-reviewer` | Kotlin/Android/KMP code reviewer. Coroutine safety, Compose best practices, clean architecture. |
| `kotlin-build-resolver` | Kotlin/Gradle build error resolution specialist. Fixes Gradle, KSP, and dependency errors. |
| `java-reviewer` | Java/Spring Boot/Quarkus code reviewer. Enterprise patterns, security, and performance. |
| `java-build-resolver` | Java/Maven/Gradle build error resolution specialist. Fixes compilation and dependency errors. |
| `cpp-reviewer` | C++ code reviewer. Memory safety, modern C++, RAII, and performance patterns. |
| `cpp-build-resolver` | C++/CMake build error resolution specialist. Fixes compilation, linking, and CMake errors. |
| `django-reviewer` | Django code reviewer. ORM patterns, DRF, migrations, and Django security. |
| `swift-reviewer` | Swift code reviewer. Concurrency, ARC, protocols, and SwiftUI patterns. |
| `fsharp-reviewer` | F# functional code reviewer. Immutability, pattern matching, and type-driven design. |
| `react-reviewer` | React code reviewer. Component patterns, hooks, performance, and accessibility. |
| `react-build-resolver` | React/Next.js build error resolution specialist. Fixes bundler, SSR, and hydration errors. |
| `pytorch-build-resolver` | PyTorch runtime/CUDA/training error resolution specialist. |
| `mle-reviewer` | Production ML engineering reviewer. Pipelines, evals, serving, monitoring, and rollback. |
| `performance-optimizer` | Performance analysis and optimization specialist. Profiling, bottleneck detection, and tuning. |
| `database-reviewer` | Database and SQL specialist. Reviews schema design, queries, migrations, and database security. |
| `e2e-runner` | End-to-end testing specialist. Creates and maintains E2E tests using Playwright or Cypress. |
| `harness-optimizer` | Test harness optimization specialist. Improves test performance, reliability, and maintainability. |
| `loop-operator` | Verification loop operator. Runs comprehensive checks and iterates until all pass. |
| `chief-of-staff` | Executive assistant for project management, coordination, and strategic planning. |
| `go-build-resolver` | Go build error resolution specialist. Fixes Go compilation errors, dependency issues, and build problems. |
**Usage in IDE:**
- You can run an agent in `/` in a Kiro session, e.g., `/code-reviewer`.
- Kiro's Spec session has native planner, designer, and architects that can be used instead of `planner` and `architect` agents.
**Usage in CLI:**
1. Start a chat session
2. Type `/agent swap` to see available agents
3. Select an agent to switch (e.g., `code-reviewer` after writing code)
4. Or start with a specific agent: `kiro-cli --agent planner`
### Skills
Skills are on-demand workflows invocable via the `/` menu in chat.
| Skill | Description |
|-------|-------------|
| `tdd-workflow` | Enforces test-driven development with 80%+ coverage including unit, integration, and E2E tests. Use when writing new features or fixing bugs. |
| `coding-standards` | Universal coding standards and best practices for TypeScript, JavaScript, React, and Node.js. Use when starting projects, reviewing code, or refactoring. |
| `security-review` | Comprehensive security checklist and patterns. Use when adding authentication, handling user input, creating API endpoints, or working with secrets. |
| `verification-loop` | Comprehensive verification system that runs build, type check, lint, tests, security scan, and diff review. Use after completing features or before creating PRs. |
| `api-design` | RESTful API design patterns and best practices. Use when designing new APIs or refactoring existing endpoints. |
| `frontend-patterns` | React, Next.js, and frontend architecture patterns. Use when building UI components or optimizing frontend performance. |
| `backend-patterns` | Node.js, Express, and backend architecture patterns. Use when building APIs, services, or backend infrastructure. |
| `e2e-testing` | End-to-end testing with Playwright or Cypress. Use when adding E2E tests or improving test coverage. |
| `golang-patterns` | Go idioms, concurrency patterns, and best practices. Use when writing Go code or reviewing Go projects. |
| `golang-testing` | Go testing patterns with table-driven tests and benchmarks. Use when writing Go tests or improving test coverage. |
| `python-patterns` | Python idioms, type hints, and best practices. Use when writing Python code or reviewing Python projects. |
| `python-testing` | Python testing with pytest and coverage. Use when writing Python tests or improving test coverage. |
| `database-migrations` | Database schema design and migration patterns. Use when creating migrations or refactoring database schemas. |
| `postgres-patterns` | PostgreSQL-specific patterns and optimizations. Use when working with PostgreSQL databases. |
| `docker-patterns` | Docker and containerization best practices. Use when creating Dockerfiles or optimizing container builds. |
| `deployment-patterns` | Deployment strategies and CI/CD patterns. Use when setting up deployments or improving CI/CD pipelines. |
| `search-first` | Search-first development methodology. Use when exploring unfamiliar codebases or debugging issues. |
| `agentic-engineering` | Agentic software engineering patterns and workflows. Use when working with AI agents or building agentic systems. |
| `rust-patterns` | Idiomatic Rust patterns, ownership, error handling, traits, and concurrency. Use when writing Rust code. |
| `rust-testing` | Rust testing patterns including unit, integration, async, property-based testing, and coverage. |
| `kotlin-patterns` | Idiomatic Kotlin patterns, coroutines, null safety, and DSL builders. Use when writing Kotlin code. |
| `kotlin-testing` | Kotlin testing with Kotest, MockK, coroutine testing, and Kover coverage. |
| `java-coding-standards` | Java coding standards for Spring Boot and Quarkus services. |
| `jpa-patterns` | JPA/Hibernate patterns for entity design, relationships, and query optimization. |
| `springboot-patterns` | Spring Boot architecture patterns, REST API design, and layered services. |
| `springboot-security` | Spring Security best practices for authn/authz, validation, and secrets. |
| `django-patterns` | Django architecture patterns, REST API design with DRF, and ORM best practices. |
| `django-security` | Django security best practices, authentication, and CSRF/XSS prevention. |
| `fastapi-patterns` | FastAPI patterns for async APIs, dependency injection, and Pydantic models. |
| `nestjs-patterns` | NestJS architecture patterns for modules, controllers, and providers. |
| `react-patterns` | React 18/19 patterns including hooks, server/client components, and Suspense. |
| `react-testing` | React component testing with Testing Library, Vitest/Jest, and MSW. |
| `nextjs-turbopack` | Next.js 16+ and Turbopack incremental bundling patterns. |
| `cpp-coding-standards` | C++ coding standards based on C++ Core Guidelines. |
| `cpp-testing` | C++ testing with GoogleTest, CTest, and sanitizers. |
| `swift-actor-persistence` | Thread-safe data persistence in Swift using actors. |
| `swift-protocol-di-testing` | Protocol-based dependency injection for testable Swift code. |
| `mle-workflow` | Production ML engineering workflow for training, evaluation, deployment, and monitoring. |
| `pytorch-patterns` | PyTorch deep learning patterns for training pipelines and model architectures. |
| `deep-research` | Multi-source deep research with synthesis and source attribution. |
| `strategic-compact` | Context management and manual compaction suggestions at logical intervals. |
| `autonomous-loops` | Patterns for autonomous agent loops — sequential pipelines to multi-agent DAGs. |
| `content-hash-cache-pattern` | Cache expensive file processing using SHA-256 content hashes. |
**Usage:**
1. Type `/` in chat to open the skills menu
2. Select a skill (e.g., `tdd-workflow` when starting a new feature, `security-review` when adding auth)
3. The agent will guide you through the workflow with specific instructions and checklists
**Note:** For planning complex features, use the `planner` agent instead (see Agents section above).
### Steering Files
Steering files provide always-on rules and context that shape how the agent works with your code.
| File | Inclusion | Description |
|------|-----------|-------------|
| `coding-style.md` | auto | Core coding style rules: immutability, file organization, error handling, and code quality standards. Loaded in every conversation. |
| `security.md` | auto | Security best practices including mandatory checks, secret management, and security response protocol. Loaded in every conversation. |
| `testing.md` | auto | Testing requirements: 80% coverage minimum, TDD workflow, and test types (unit, integration, E2E). Loaded in every conversation. |
| `development-workflow.md` | auto | Development process, PR workflow, and collaboration patterns. Loaded in every conversation. |
| `git-workflow.md` | auto | Git commit conventions, branching strategies, and version control best practices. Loaded in every conversation. |
| `patterns.md` | auto | Common design patterns and architectural principles. Loaded in every conversation. |
| `performance.md` | auto | Performance optimization guidelines and profiling strategies. Loaded in every conversation. |
| `lessons-learned.md` | auto | Project-specific patterns and learnings. Edit this file to capture your team's conventions. Loaded in every conversation. |
| `typescript-patterns.md` | fileMatch: `*.ts,*.tsx` | TypeScript-specific patterns, type safety, and best practices. Loaded when editing TypeScript files. |
| `python-patterns.md` | fileMatch: `*.py` | Python-specific patterns, type hints, and best practices. Loaded when editing Python files. |
| `golang-patterns.md` | fileMatch: `*.go` | Go-specific patterns, concurrency, and best practices. Loaded when editing Go files. |
| `swift-patterns.md` | fileMatch: `*.swift` | Swift-specific patterns and best practices. Loaded when editing Swift files. |
| `rust-patterns.md` | fileMatch: `*.rs` | Rust ownership, lifetimes, error handling, and idiomatic patterns. Loaded when editing Rust files. |
| `kotlin-patterns.md` | fileMatch: `*.kt` | Kotlin coroutines, Compose, and Android/KMP best practices. Loaded when editing Kotlin files. |
| `java-patterns.md` | fileMatch: `*.java` | Java patterns, Spring Boot, and enterprise best practices. Loaded when editing Java files. |
| `cpp-patterns.md` | fileMatch: `*.cpp,*.hpp,*.h,*.cc,*.cxx` | C++ RAII, smart pointers, and modern C++ patterns. Loaded when editing C++ files. |
| `php-patterns.md` | fileMatch: `*.php` | PHP patterns, Laravel, and modern PHP best practices. Loaded when editing PHP files. |
| `ruby-patterns.md` | fileMatch: `*.rb` | Ruby patterns and Rails best practices. Loaded when editing Ruby files. |
| `typescript-security.md` | fileMatch: `*.ts,*.tsx` | TypeScript security patterns. Loaded when editing TypeScript files. |
| `dev-mode.md` | manual | Development context mode. Invoke with `#dev-mode` for focused development. |
| `review-mode.md` | manual | Code review context mode. Invoke with `#review-mode` for thorough reviews. |
| `research-mode.md` | manual | Research context mode. Invoke with `#research-mode` for exploration and learning. |
Steering files with `auto` inclusion are loaded automatically. No action needed — they apply as soon as you install them.
To create your own, add a markdown file to `.kiro/steering/` with YAML frontmatter:
```yaml
---
inclusion: auto # auto | fileMatch | manual
description: Brief explanation of what this steering file contains
fileMatchPattern: "*.ts" # required if inclusion is fileMatch
---
Your rules here...
```
### Hooks
Kiro supports two types of hooks:
1. **IDE Hooks** - Standalone JSON files in `.kiro/hooks/` (for Kiro IDE)
2. **CLI Hooks** - Embedded in agent configurations (for `kiro-cli`)
#### IDE Hooks (Standalone Files)
These hooks appear in the Agent Hooks panel in the Kiro IDE and can be toggled on/off. Hook files use the `.kiro.hook` extension.
| Hook | Trigger | Action | Description |
|------|---------|--------|-------------|
| `quality-gate` | Manual (`userTriggered`) | `runCommand` | Runs build, type check, lint, and tests via `quality-gate.sh`. Click to trigger comprehensive quality checks. |
| `typecheck-on-edit` | File edited (`*.ts`, `*.tsx`) | `askAgent` | Checks for type errors when TypeScript files are edited to catch issues early. |
| `console-log-check` | File edited (`*.js`, `*.ts`, `*.tsx`) | `askAgent` | Checks for console.log statements to prevent debug code from being committed. |
| `tdd-reminder` | File created (`*.ts`, `*.tsx`) | `askAgent` | Reminds you to write tests first when creating new TypeScript files. |
| `git-push-review` | Before shell command | `askAgent` | Reviews git push commands to ensure code quality before pushing. |
| `code-review-on-write` | After write operation | `askAgent` | Triggers code review after file modifications. |
| `auto-format` | File edited (`*.ts`, `*.tsx`, `*.js`) | `askAgent` | Checks for formatting issues and fixes them inline without spawning a terminal. |
| `extract-patterns` | Agent stops | `askAgent` | Suggests patterns to add to lessons-learned.md after completing work. |
| `session-summary` | Agent stops | `askAgent` | Provides a summary of work completed in the session. |
| `doc-file-warning` | Before write operation | `askAgent` | Warns before modifying documentation files to ensure intentional changes. |
| `rust-check-on-edit` | File edited (`*.rs`) | `askAgent` | Checks for compilation errors, ownership issues, or lifetime problems in Rust files. |
| `python-lint-on-edit` | File edited (`*.py`) | `askAgent` | Checks for type errors, PEP 8 violations, or common anti-patterns in Python files. |
| `security-check-on-create` | File created (`**/auth/**`, `**/api/**`, `**/middleware/**`) | `askAgent` | Runs a quick security check when new files are created in sensitive directories. |
**IDE Hook Format:**
```json
{
"version": "1.0.0",
"enabled": true,
"name": "hook-name",
"description": "What this hook does",
"when": {
"type": "fileEdited",
"patterns": ["*.ts"]
},
"then": {
"type": "runCommand",
"command": "npx tsc --noEmit"
}
}
```
**Required fields:** `version`, `enabled`, `name`, `description`, `when`, `then`
**Available trigger types:** `fileEdited`, `fileCreated`, `fileDeleted`, `userTriggered`, `promptSubmit`, `agentStop`, `preToolUse`, `postToolUse`
#### CLI Hooks (Embedded in Agents)
CLI hooks are embedded within agent configuration files for use with `kiro-cli`.
**Example:** See `.kiro/agents/tdd-guide-with-hooks.json` for an agent with embedded hooks.
**CLI Hook Format:**
```json
{
"name": "my-agent",
"hooks": {
"postToolUse": [
{
"matcher": "fs_write",
"command": "npx tsc --noEmit"
}
]
}
}
```
**Available triggers:** `agentSpawn`, `userPromptSubmit`, `preToolUse`, `postToolUse`, `stop`
See `.kiro/hooks/README.md` for complete documentation on both hook types.
### Scripts
Shell scripts used by hooks to perform quality checks and formatting.
| Script | Description |
|--------|-------------|
| `quality-gate.sh` | Detects your package manager (pnpm/yarn/bun/npm) and runs build, type check, lint, and test commands. Skips checks gracefully if tools are missing. |
| `format.sh` | Detects your formatter (biome or prettier) and auto-formats the specified file. Used by formatting hooks. |
## Project Structure
```
.kiro/
├── agents/ # 33 agents (JSON + MD formats)
│ ├── planner.json / .md # Planning specialist
│ ├── code-reviewer.json / .md # Code review specialist
│ ├── tdd-guide.json / .md # TDD specialist
│ ├── security-reviewer.json / .md # Security specialist
│ ├── architect.json / .md # Architecture specialist
│ ├── build-error-resolver.json / .md # Build error specialist
│ ├── typescript-reviewer.json / .md # TypeScript/JS reviewer
│ ├── rust-reviewer.json / .md # Rust reviewer
│ ├── kotlin-reviewer.json / .md # Kotlin/Android reviewer
│ ├── java-reviewer.json / .md # Java/Spring Boot reviewer
│ ├── cpp-reviewer.json / .md # C++ reviewer
│ ├── django-reviewer.json / .md # Django reviewer
│ ├── swift-reviewer.json / .md # Swift reviewer
│ ├── react-reviewer.json / .md # React reviewer
│ ├── mle-reviewer.json / .md # ML engineering reviewer
│ ├── performance-optimizer.json / .md # Performance specialist
│ ├── ... and 17 more # (build-resolvers, go, python, db, e2e, etc.)
│ └── (each agent has both .json for CLI and .md for IDE)
├── skills/ # 43 skills
│ ├── tdd-workflow/ # TDD workflow
│ ├── coding-standards/ # Universal coding standards
│ ├── security-review/ # Security checklist
│ ├── verification-loop/ # Build/test/lint verification
│ ├── api-design/ # REST API patterns
│ ├── frontend-patterns/ # React/Next.js patterns
│ ├── backend-patterns/ # Node.js/Express patterns
│ ├── react-patterns/ # React 18/19 patterns
│ ├── react-testing/ # React Testing Library
│ ├── rust-patterns/ # Rust idioms and ownership
│ ├── kotlin-patterns/ # Kotlin coroutines and KMP
│ ├── springboot-patterns/ # Spring Boot architecture
│ ├── django-patterns/ # Django ORM and DRF
│ ├── fastapi-patterns/ # FastAPI async APIs
│ ├── nestjs-patterns/ # NestJS modules and DI
│ ├── mle-workflow/ # ML engineering workflow
│ ├── pytorch-patterns/ # PyTorch training pipelines
│ ├── ... and 26 more # (testing, deployment, docker, etc.)
│ └── (each skill has a SKILL.md with YAML frontmatter)
├── steering/ # 22 steering files
│ ├── coding-style.md # Auto-loaded coding style rules
│ ├── security.md # Auto-loaded security rules
│ ├── testing.md # Auto-loaded testing rules
│ ├── development-workflow.md # Auto-loaded dev workflow
│ ├── git-workflow.md # Auto-loaded git workflow
│ ├── patterns.md # Auto-loaded design patterns
│ ├── performance.md # Auto-loaded performance rules
│ ├── lessons-learned.md # Auto-loaded project patterns
│ ├── typescript-patterns.md # Loaded for .ts/.tsx files
│ ├── typescript-security.md # Loaded for .ts/.tsx files
│ ├── python-patterns.md # Loaded for .py files
│ ├── golang-patterns.md # Loaded for .go files
│ ├── swift-patterns.md # Loaded for .swift files
│ ├── rust-patterns.md # Loaded for .rs files
│ ├── kotlin-patterns.md # Loaded for .kt files
│ ├── java-patterns.md # Loaded for .java files
│ ├── cpp-patterns.md # Loaded for .cpp/.hpp/.h files
│ ├── php-patterns.md # Loaded for .php files
│ ├── ruby-patterns.md # Loaded for .rb files
│ ├── dev-mode.md # Manual: #dev-mode
│ ├── review-mode.md # Manual: #review-mode
│ └── research-mode.md # Manual: #research-mode
├── hooks/ # 13 IDE hooks
│ ├── README.md # Documentation on IDE and CLI hooks
│ ├── quality-gate.kiro.hook # Manual quality gate hook
│ ├── typecheck-on-edit.kiro.hook # Auto typecheck on edit
│ ├── console-log-check.kiro.hook # Check for console.log
│ ├── tdd-reminder.kiro.hook # TDD reminder on file create
│ ├── git-push-review.kiro.hook # Review before git push
│ ├── code-review-on-write.kiro.hook # Review after write
│ ├── auto-format.kiro.hook # Auto-format on edit
│ ├── extract-patterns.kiro.hook # Extract patterns on stop
│ ├── session-summary.kiro.hook # Summary on stop
│ ├── doc-file-warning.kiro.hook # Warn before doc changes
│ ├── rust-check-on-edit.kiro.hook # Rust compilation check
│ ├── python-lint-on-edit.kiro.hook # Python lint on edit
│ └── security-check-on-create.kiro.hook # Security check on sensitive dirs
├── scripts/ # 2 shell scripts
│ ├── quality-gate.sh # Quality gate shell script
│ └── format.sh # Auto-format shell script
└── settings/ # MCP configuration
└── mcp.json.example # Example MCP server configs
docs/ # 5 documentation files
├── longform-guide.md # Deep dive on agentic workflows
├── shortform-guide.md # Quick reference guide
├── security-guide.md # Security best practices
├── migration-from-ecc.md # Migration guide from ECC
└── ECC-KIRO-INTEGRATION-PLAN.md # Integration plan and analysis
```
## Customization
All files are yours to modify after installation. The installer never overwrites existing files, so your customizations are safe across re-installs.
- **Edit agent prompts** in `.kiro/agents/*.json` to adjust behavior or add project-specific instructions
- **Modify skill workflows** in `.kiro/skills/*/SKILL.md` to match your team's processes
- **Adjust steering rules** in `.kiro/steering/*.md` to enforce your coding standards
- **Toggle or edit hooks** in `.kiro/hooks/*.json` to automate your workflow
- **Customize scripts** in `.kiro/scripts/*.sh` to match your tooling setup
## Recommended Workflow
1. **Start with planning**: Use the `planner` agent to break down complex features
2. **Write tests first**: Invoke the `tdd-workflow` skill before implementing
3. **Review your code**: Switch to `code-reviewer` agent after writing code
4. **Check security**: Use `security-reviewer` agent for auth, API endpoints, or sensitive data handling
5. **Run quality gate**: Trigger the `quality-gate` hook before committing
6. **Verify comprehensively**: Use the `verification-loop` skill before creating PRs
The auto-loaded steering files (coding-style, security, testing) ensure consistent standards throughout your session.
## Usage Examples
### Example 1: Building a New Feature with TDD
```bash
# 1. Start with the planner agent to break down the feature
kiro-cli --agent planner
> "I need to add user authentication with JWT tokens"
# 2. Invoke the TDD workflow skill
> /tdd-workflow
# 3. Follow the TDD cycle: write tests first, then implementation
# The tdd-workflow skill will guide you through:
# - Writing unit tests for auth logic
# - Writing integration tests for API endpoints
# - Writing E2E tests for login flow
# 4. Switch to code-reviewer after implementation
> /agent swap code-reviewer
> "Review the authentication implementation"
# 5. Run security review for auth-related code
> /agent swap security-reviewer
> "Check for security vulnerabilities in the auth system"
# 6. Trigger quality gate before committing
# (In IDE: Click the quality-gate hook in Agent Hooks panel)
```
### Example 2: Code Review Workflow
```bash
# 1. Switch to code-reviewer agent
kiro-cli --agent code-reviewer
# 2. Review specific files or directories
> "Review the changes in src/api/users.ts"
# 3. Use the verification-loop skill for comprehensive checks
> /verification-loop
# 4. The verification loop will:
# - Run build and type checks
# - Run linter
# - Run all tests
# - Perform security scan
# - Review git diff
# - Iterate until all checks pass
```
### Example 3: Security-First Development
```bash
# 1. Invoke security-review skill when working on sensitive features
> /security-review
# 2. The skill provides a comprehensive checklist:
# - Input validation and sanitization
# - Authentication and authorization
# - Secret management
# - SQL injection prevention
# - XSS prevention
# - CSRF protection
# 3. Switch to security-reviewer agent for deep analysis
> /agent swap security-reviewer
> "Analyze the API endpoints for security vulnerabilities"
# 4. The security.md steering file is auto-loaded, ensuring:
# - No hardcoded secrets
# - Proper error handling
# - Secure crypto usage
# - OWASP Top 10 compliance
```
### Example 4: Language-Specific Development
```bash
# For Go projects:
kiro-cli --agent go-reviewer
> "Review the concurrency patterns in this service"
> /golang-patterns # Invoke Go-specific patterns skill
# For Python projects:
kiro-cli --agent python-reviewer
> "Review the type hints and error handling"
> /python-patterns # Invoke Python-specific patterns skill
# Language-specific steering files are auto-loaded:
# - golang-patterns.md loads when editing .go files
# - python-patterns.md loads when editing .py files
# - typescript-patterns.md loads when editing .ts/.tsx files
```
### Example 5: Using Hooks for Automation
```bash
# Hooks run automatically based on triggers:
# 1. typecheck-on-edit hook
# - Triggers when you save .ts or .tsx files
# - Agent checks for type errors inline, no terminal spawned
# 2. console-log-check hook
# - Triggers when you save .js, .ts, or .tsx files
# - Agent flags console.log statements and offers to remove them
# 3. tdd-reminder hook
# - Triggers when you create a new .ts or .tsx file
# - Reminds you to write tests first
# - Reinforces TDD discipline
# 4. extract-patterns hook
# - Runs when agent stops working
# - Suggests patterns to add to lessons-learned.md
# - Builds your team's knowledge base over time
# Toggle hooks on/off in the Agent Hooks panel (IDE)
# or disable them in the hook JSON files
```
### Example 6: Manual Context Modes
```bash
# Use manual steering files for specific contexts:
# Development mode - focused on implementation
> #dev-mode
> "Implement the user registration endpoint"
# Review mode - thorough code review
> #review-mode
> "Review all changes in the current PR"
# Research mode - exploration and learning
> #research-mode
> "Explain how the authentication system works"
# Manual steering files provide context-specific instructions
# without cluttering every conversation
```
### Example 7: Database Work
```bash
# 1. Use database-reviewer agent for schema work
kiro-cli --agent database-reviewer
> "Review the database schema for the users table"
# 2. Invoke database-migrations skill
> /database-migrations
# 3. For PostgreSQL-specific work
> /postgres-patterns
> "Optimize this query for better performance"
# 4. The database-reviewer checks:
# - Schema design and normalization
# - Index usage and performance
# - Migration safety
# - SQL injection vulnerabilities
```
### Example 8: Building and Deploying
```bash
# 1. Fix build errors with build-error-resolver
kiro-cli --agent build-error-resolver
> "Fix the TypeScript compilation errors"
# 2. Use docker-patterns skill for containerization
> /docker-patterns
> "Create a production-ready Dockerfile"
# 3. Use deployment-patterns skill for CI/CD
> /deployment-patterns
> "Set up a GitHub Actions workflow for deployment"
# 4. Run quality gate before deployment
# (Trigger quality-gate hook to run all checks)
```
### Example 9: Refactoring and Cleanup
```bash
# 1. Use refactor-cleaner agent for safe refactoring
kiro-cli --agent refactor-cleaner
> "Remove unused code and consolidate duplicate functions"
# 2. The agent will:
# - Identify dead code
# - Find duplicate implementations
# - Suggest consolidation opportunities
# - Refactor safely without breaking changes
# 3. Use verification-loop after refactoring
> /verification-loop
# Ensures all tests still pass after refactoring
```
### Example 10: Documentation Updates
```bash
# 1. Use doc-updater agent for documentation work
kiro-cli --agent doc-updater
> "Update the README with the new API endpoints"
# 2. The agent will:
# - Update codemaps in docs/CODEMAPS/
# - Update README files
# - Generate API documentation
# - Keep docs in sync with code
# 3. doc-file-warning hook prevents accidental doc changes
# - Triggers before writing to documentation files
# - Asks for confirmation
# - Prevents unintentional modifications
```
## Documentation
For more detailed information, see the `docs/` directory:
- **[Longform Guide](docs/longform-guide.md)** - Deep dive on agentic workflows and best practices
- **[Shortform Guide](docs/shortform-guide.md)** - Quick reference for common tasks
- **[Security Guide](docs/security-guide.md)** - Comprehensive security best practices
## Contributers
- Himanshu Sharma [@ihimanss](https://github.com/ihimanss)
- Sungmin Hong [@aws-hsungmin](https://github.com/aws-hsungmin)
## License
MIT — see [LICENSE](LICENSE) for details.
Reference in New Issue View Git Blame Copy Permalink