elias/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-05-30 05:35:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
everything-claude-code/.kiro
History
Alexis Le Dain 04c68e483a
Add React language track with agents, skills, rules, and commands (#2024) 
* feat(rules): add rules/react/ track

Five rule files mirroring per-language convention (coding-style,
hooks, patterns, security, testing). Each has `paths:` glob
frontmatter for auto-activation when editing matching files.

- coding-style.md: file extensions, naming, JSX, RSC boundary
- hooks.md: React hooks (NOT Claude Code hooks) — rules-of-hooks,
  dep arrays, cleanup, memoization, React 19 additions
- patterns.md: container/presentational split, state location
  decision tree, Suspense + error boundaries, forms, data fetching
- security.md: dangerouslySetInnerHTML, unsafe URL schemes,
  server-action validation, env-var leaks, CSP
- testing.md: RTL queries, userEvent, async, MSW, axe, anti-patterns

Each file extends typescript/* and common/* rules.

* feat(skills): add react-patterns, react-testing, react-performance

Three new skills under skills/ following the SKILL.md convention.

- react-patterns: React 18/19 idioms — hooks discipline, state
  location decision tree, server/client component boundary,
  Suspense + error boundaries, form actions (React 19), data
  fetching matrix, composition recipes, accessibility-first.
- react-testing: React Testing Library + Vitest/Jest, query
  priority order, userEvent, MSW network mocking, axe a11y
  assertions, RTL vs Playwright CT boundary, TDD workflow.
- react-performance: 70-rule performance ruleset adapted from
  Vercel Labs react-best-practices (MIT) across 8 priority
  categories — waterfalls, bundle size, server-side, client
  fetch, re-render, rendering, JS micro, advanced patterns.
  Includes Lighthouse / Web Vitals mapping and attribution to
  upstream.

Cross-links between the three skills and out to frontend-patterns,
accessibility, e2e-testing, tdd-workflow.

* feat(agents): add react-reviewer and react-build-resolver

Two new agents covering React-specific code review and build error
resolution, plus matching .kiro/ mirrors and a routing pointer
edit on typescript-reviewer.

- react-reviewer: slim React-only lanes (hooks rules,
  dangerouslySetInnerHTML, unsafe URL schemes, key prop, state
  mutation, derived-state-in-effect, server/client component
  boundary, accessibility, render performance, Server Action
  validation, env-var leaks). Explicitly delegates generic
  TypeScript/async/Node concerns to typescript-reviewer. Both
  agents should be invoked together on .tsx/.jsx PRs.
- react-build-resolver: React build/bundler/runtime hydration
  failures across Vite, webpack, Next.js, CRA, Parcel, esbuild,
  Bun, Rsbuild. Handles JSX/TSX compile errors, tsconfig fixes,
  Next.js App Router server/client boundary errors, hydration
  mismatches, duplicated React copies, Tailwind/PostCSS pipeline.
- .kiro/agents/react-reviewer.json + react-build-resolver.json:
  Kiro IDE format mirrors following the per-language precedent.
- typescript-reviewer: routing pointer added to its MEDIUM React
  block — defers to /react-review for React-specific concerns
  while keeping its block as fallback for repos that only invoke
  typescript-reviewer.

All agents carry the standard Prompt Defense Baseline stanza.

* feat(commands): add /react-review /react-build /react-test

Three new slash commands invoking the React agents.

- /react-review: invokes react-reviewer. Documents the routing
  rule with typescript-reviewer — both should run together on
  TSX/JSX PRs. Lists CRITICAL/HIGH/MEDIUM rule categories and
  the automated checks (eslint with react-hooks + jsx-a11y,
  tsc --noEmit, npm audit).
- /react-build: invokes react-build-resolver. Documents bundler
  detection, common failure patterns, fix strategy, and stop
  conditions.
- /react-test: enforces TDD with React Testing Library + Vitest
  or Jest, behavior-focused queries, userEvent + MSW patterns,
  axe accessibility assertions, coverage targets.

Each command file has the required description: frontmatter and
follows the per-language command convention (cpp-test, go-test,
kotlin-test, etc.).

* chore: wire react track into manifests and stack mappings

- agent.yaml: add react-patterns, react-performance, react-testing
  to the skills array; add react-build, react-review, react-test to
  the commands array (alphabetically inserted to satisfy the
  ci/agent-yaml-surface sync test).
- config/project-stack-mappings.json: extend the `react` stack
  entry — add "react" to rules array (was ["common","typescript",
  "web"]); add react-patterns, react-performance, react-testing,
  accessibility to the skills array.
- docs/COMMAND-REGISTRY.json: bump totalCommands 75 -> 78; add
  three new entries (react-build, react-review, react-test) with
  primaryAgents / allAgents / skills wiring. react-review's
  allAgents includes typescript-reviewer to reflect the dual-agent
  routing convention.
- CLAUDE.md: add Skills-table row mapping *.tsx / *.jsx /
  components/** to react-patterns + react-testing skills and
  the /react-review, /react-build, /react-test commands.

* chore(catalog): sync counts to 62 agents / 78 commands / 235 skills

Auto-generated via `node scripts/ci/catalog.js --write --text`
after the react track additions:

- 2 new agents: react-reviewer, react-build-resolver (60 -> 62)
- 3 new commands: react-build, react-review, react-test (75 -> 78)
- 3 new skills: react-patterns, react-performance, react-testing
  (232 -> 235)

Files updated by the catalog sync:
- .claude-plugin/plugin.json description string
- .claude-plugin/marketplace.json plugin description
- README.md quick-start summary, project tree, feature parity tables
- README.zh-CN.md quick-start summary
- AGENTS.md project structure summary
- docs/zh-CN/README.md parity table
- docs/zh-CN/AGENTS.md project structure summary

All counts now match the filesystem catalog (verified by
ci/catalog.test.js).

* feat(kiro): add react agent markdown companions to JSON entries

* feat(kiro): add react skills into manifests

* fix(ci): sync catalog counts, registry, and package files for react track

- .claude-plugin/{plugin,marketplace}.json: bump description counts to 62/235/78
- docs/COMMAND-REGISTRY.json: regenerate to include quality-gate and react commands
- package.json: add skills/react-{patterns,performance,testing}/ to files allowlist so npm-publish-surface aligns with install-modules manifest

* fix(react): address PR #2024 review feedback

Critical:
- Remove undefined/.claude/session-aliases.json containing __proto__ prototype-pollution
  fixture committed by accident in a7333c14

High:
- agents/react-build-resolver.md: replace brittle `test -o $(grep -l ...)` and
  `test -a -n $(grep ...)` detection with explicit `{ ... || grep -q ...; }` so
  bundler detection no longer breaks when grep returns empty
- agents/react-build-resolver.md: drop hardcoded `npm i react@^19 react-dom@^19`
  remediation; replace with version-agnostic pair-upgrade note that honors the
  project's installed major (17/18/19) — surgical fix principle
- commands/react-review.md: guard `tsc --noEmit -p tsconfig.json` with
  `[ -f tsconfig.json ] &&` so the review skips cleanly on JS-only projects

Medium:
- rules/react/security.md: correct the React-18-blocks-javascript-URL claim
  (React only warns in dev; production navigation is not blocked)
- rules/react/security.md: correct CRA env-var exposure row (CRA exposes
  REACT_APP_*, NODE_ENV, PUBLIC_URL — not 'all' variables)
- skills/react-testing/SKILL.md: instantiate QueryClient once outside the
  wrapper closure so React Query cache survives re-renders (flaky-test fix)
- skills/react-testing/SKILL.md: restore console.error spy with mockRestore()
  in a try/finally so the mock does not leak across tests
- commands/react-test.md: switch outer example-session fence to 4 backticks
  so the inner ```tsx/```bash blocks don't prematurely terminate it

* fix(kiro): mirror react-build-resolver react 19 conditional remediation

Discussion r3272907106 flagged the kiro json variant still carrying the hardcoded
'npm i react@^19 react-dom@^19' line that the .md companion already dropped.
Replace with the same conditional, version-agnostic guidance so both variants
stay in sync.

* fix(react): bump react-build example session fence to 4 backticks

Discussion r3272907144 flagged the same nested-fence issue in
commands/react-build.md that we fixed earlier in commands/react-test.md.
The outer triple-backtick text block was being prematurely terminated by
the inner bash/tsx fences inside the Example Session.

* fix(react): bump react-review example usage fence to 4 backticks

Discussion r3272907201 flagged the same nested-fence issue in
commands/react-review.md. The outer triple-backtick text block was
being prematurely terminated by the inner tsx/ts fences inside the
Example Usage transcript.

* fix(docs): clarify commands row as legacy shims in feature parity table

Discussion r3272912003: README comparison table said 'PASS: 78 commands'
while the install-section and quick-start prose use 'legacy command shims'.
Aligned the comparison-table cell to 'PASS: 78 commands (legacy shims)' so
the count word survives the catalog-validator regex while making the legacy
nature explicit.

Widened the catalog comparison-table commands regex to tolerate an optional
parenthetical after the count word, so both the existing 'X commands' and
the new 'X commands (legacy shims)' phrasings validate without breaking
older READMEs/translations.

* Update rules/react/security.md

Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>

* fix(react): guard tsc in react-build-resolver diagnostic commands

Discussion r3288910205: the agent prompt instructed an unconditional
'tsc --noEmit -p tsconfig.json', which adds noise (or hard-fails) on
JavaScript-only projects with no tsconfig.json or no installed TypeScript.

Replaced with 'test -f tsconfig.json && npx --yes tsc --noEmit -p tsconfig.json'
in both variants:
- agents/react-build-resolver.md
- .kiro/agents/react-build-resolver.json (prompt string mirrored)

Mirrors the same guard already applied to commands/react-review.md in de135f61.

* fix(react): pin tsc resolution to local install in build resolver

Discussion r3289054157: previous fix used 'npx --yes tsc' which auto-installs
the latest TypeScript from npm when none is local, producing version drift
and non-reproducible typecheck results across machines.

Switched to 'npx --no-install tsc' in both variants so the diagnostic uses
only the project's pinned TypeScript and fails fast if it isn't installed:
- agents/react-build-resolver.md
- .kiro/agents/react-build-resolver.json (prompt string mirrored)

* feat(counts): resolve counts for agents, skills...

* fix(ci): regen command registry for golang-testing entry

Removes stale kotlin-patterns entry to satisfy command-registry:check.

* fix: keep local Claude settings out of React track PR

---------

Co-authored-by: AlexisLeDain <a.ledain@docoon.com>
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
Co-authored-by: Affaan Mustafa <affaan@dcube.ai>
2026-05-28 07:32:52 -04:00
..
agents
Add React language track with agents, skills, rules, and commands (#2024)
2026-05-28 07:32:52 -04:00
docs
Add Kiro base structure, install script, and docs (#809)
2026-03-22 21:55:40 -07:00
hooks
Add Kiro steering files, hooks, and scripts (#812)
2026-03-22 21:55:47 -07:00
scripts
fix: narrow unicode cleanup scope
2026-03-29 21:21:18 -04:00
settings
Add Kiro base structure, install script, and docs (#809)
2026-03-22 21:55:40 -07:00
skills
fix: gate search-first apply steps
2026-04-30 09:39:54 -04:00
steering
Add Kiro steering files, hooks, and scripts (#812)
2026-03-22 21:55:47 -07:00
install.sh
fix: correct SOURCE_KIRO path in Kiro installer (#1025)
2026-03-31 14:06:11 -07:00
README.md
fix: harden unicode safety checks
2026-03-29 21:21:18 -04:00

README.md

Everything Claude Code for Kiro

Bring Everything Claude Code (ECC) workflows to Kiro. This repository provides custom agents, skills, hooks, steering files, and scripts that can be installed into any Kiro project with a single command.

Quick Start

# Go to .kiro folder
cd .kiro

# Install to your project
./install.sh /path/to/your/project

# Or install to the current directory
./install.sh

# Or install globally (applies to all Kiro projects)
./install.sh ~

The installer uses non-destructive copy — it will not overwrite your existing files.

Component Inventory

Component Count Location
Agents (JSON) 16 .kiro/agents/*.json
Agents (MD) 16 .kiro/agents/*.md
Skills 18 .kiro/skills/*/SKILL.md
Steering Files 16 .kiro/steering/*.md
IDE Hooks 10 .kiro/hooks/*.kiro.hook
Scripts 2 .kiro/scripts/*.sh
MCP Examples 1 .kiro/settings/mcp.json.example
Documentation 5 docs/*.md

What's Included

Agents

Agents are specialized AI assistants with specific tool configurations.

Format:

  • IDE: Markdown files (.md) - Access via automatic selection or explicit invocation
  • CLI: JSON files (.json) - Access via /agent swap command

Both formats are included for maximum compatibility.

Note: Agent models are determined by your current model selection in Kiro, not by the agent configuration.

Agent Description
planner Expert planning specialist for complex features and refactoring. Read-only tools for safe analysis.
code-reviewer Senior code reviewer ensuring quality and security. Reviews code for CRITICAL security issues, code quality, React/Next.js patterns, and performance.
tdd-guide Test-Driven Development specialist enforcing write-tests-first methodology. Ensures 80%+ test coverage with comprehensive test suites.
security-reviewer Security vulnerability detection and remediation specialist. Flags secrets, SSRF, injection, unsafe crypto, and OWASP Top 10 vulnerabilities.
architect Software architecture specialist for system design, scalability, and technical decision-making. Read-only tools for safe analysis.
build-error-resolver Build and TypeScript error resolution specialist. Fixes build/type errors with minimal diffs, no architectural changes.
doc-updater Documentation and codemap specialist. Updates codemaps and documentation, generates docs/CODEMAPS/*, updates READMEs.
refactor-cleaner Dead code cleanup and consolidation specialist. Removes unused code, duplicates, and refactors safely.
go-reviewer Go code review specialist. Reviews Go code for idiomatic patterns, error handling, concurrency, and performance.
python-reviewer Python code review specialist. Reviews Python code for PEP 8, type hints, error handling, and best practices.
database-reviewer Database and SQL specialist. Reviews schema design, queries, migrations, and database security.
e2e-runner End-to-end testing specialist. Creates and maintains E2E tests using Playwright or Cypress.
harness-optimizer Test harness optimization specialist. Improves test performance, reliability, and maintainability.
loop-operator Verification loop operator. Runs comprehensive checks and iterates until all pass.
chief-of-staff Executive assistant for project management, coordination, and strategic planning.
go-build-resolver Go build error resolution specialist. Fixes Go compilation errors, dependency issues, and build problems.

Usage in IDE:

  • You can run an agent in / in a Kiro session, e.g., /code-reviewer.
  • Kiro's Spec session has native planner, designer, and architects that can be used instead of planner and architect agents.

Usage in CLI:

  1. Start a chat session
  2. Type /agent swap to see available agents
  3. Select an agent to switch (e.g., code-reviewer after writing code)
  4. Or start with a specific agent: kiro-cli --agent planner

Skills

Skills are on-demand workflows invocable via the / menu in chat.

Skill Description
tdd-workflow Enforces test-driven development with 80%+ coverage including unit, integration, and E2E tests. Use when writing new features or fixing bugs.
coding-standards Universal coding standards and best practices for TypeScript, JavaScript, React, and Node.js. Use when starting projects, reviewing code, or refactoring.
security-review Comprehensive security checklist and patterns. Use when adding authentication, handling user input, creating API endpoints, or working with secrets.
verification-loop Comprehensive verification system that runs build, type check, lint, tests, security scan, and diff review. Use after completing features or before creating PRs.
api-design RESTful API design patterns and best practices. Use when designing new APIs or refactoring existing endpoints.
frontend-patterns React, Next.js, and frontend architecture patterns. Use when building UI components or optimizing frontend performance.
backend-patterns Node.js, Express, and backend architecture patterns. Use when building APIs, services, or backend infrastructure.
e2e-testing End-to-end testing with Playwright or Cypress. Use when adding E2E tests or improving test coverage.
golang-patterns Go idioms, concurrency patterns, and best practices. Use when writing Go code or reviewing Go projects.
golang-testing Go testing patterns with table-driven tests and benchmarks. Use when writing Go tests or improving test coverage.
python-patterns Python idioms, type hints, and best practices. Use when writing Python code or reviewing Python projects.
python-testing Python testing with pytest and coverage. Use when writing Python tests or improving test coverage.
database-migrations Database schema design and migration patterns. Use when creating migrations or refactoring database schemas.
postgres-patterns PostgreSQL-specific patterns and optimizations. Use when working with PostgreSQL databases.
docker-patterns Docker and containerization best practices. Use when creating Dockerfiles or optimizing container builds.
deployment-patterns Deployment strategies and CI/CD patterns. Use when setting up deployments or improving CI/CD pipelines.
search-first Search-first development methodology. Use when exploring unfamiliar codebases or debugging issues.
agentic-engineering Agentic software engineering patterns and workflows. Use when working with AI agents or building agentic systems.

Usage:

  1. Type / in chat to open the skills menu
  2. Select a skill (e.g., tdd-workflow when starting a new feature, security-review when adding auth)
  3. The agent will guide you through the workflow with specific instructions and checklists

Note: For planning complex features, use the planner agent instead (see Agents section above).

Steering Files

Steering files provide always-on rules and context that shape how the agent works with your code.

File Inclusion Description
coding-style.md auto Core coding style rules: immutability, file organization, error handling, and code quality standards. Loaded in every conversation.
security.md auto Security best practices including mandatory checks, secret management, and security response protocol. Loaded in every conversation.
testing.md auto Testing requirements: 80% coverage minimum, TDD workflow, and test types (unit, integration, E2E). Loaded in every conversation.
development-workflow.md auto Development process, PR workflow, and collaboration patterns. Loaded in every conversation.
git-workflow.md auto Git commit conventions, branching strategies, and version control best practices. Loaded in every conversation.
patterns.md auto Common design patterns and architectural principles. Loaded in every conversation.
performance.md auto Performance optimization guidelines and profiling strategies. Loaded in every conversation.
lessons-learned.md auto Project-specific patterns and learnings. Edit this file to capture your team's conventions. Loaded in every conversation.
typescript-patterns.md fileMatch: *.ts,*.tsx TypeScript-specific patterns, type safety, and best practices. Loaded when editing TypeScript files.
python-patterns.md fileMatch: *.py Python-specific patterns, type hints, and best practices. Loaded when editing Python files.
golang-patterns.md fileMatch: *.go Go-specific patterns, concurrency, and best practices. Loaded when editing Go files.
swift-patterns.md fileMatch: *.swift Swift-specific patterns and best practices. Loaded when editing Swift files.
dev-mode.md manual Development context mode. Invoke with #dev-mode for focused development.
review-mode.md manual Code review context mode. Invoke with #review-mode for thorough reviews.
research-mode.md manual Research context mode. Invoke with #research-mode for exploration and learning.

Steering files with auto inclusion are loaded automatically. No action needed — they apply as soon as you install them.

To create your own, add a markdown file to .kiro/steering/ with YAML frontmatter:

---
inclusion: auto        # auto | fileMatch | manual
description: Brief explanation of what this steering file contains
fileMatchPattern: "*.ts"  # required if inclusion is fileMatch
---

Your rules here...

Hooks

Kiro supports two types of hooks:

  1. IDE Hooks - Standalone JSON files in .kiro/hooks/ (for Kiro IDE)
  2. CLI Hooks - Embedded in agent configurations (for kiro-cli)

IDE Hooks (Standalone Files)

These hooks appear in the Agent Hooks panel in the Kiro IDE and can be toggled on/off. Hook files use the .kiro.hook extension.

Hook Trigger Action Description
quality-gate Manual (userTriggered) runCommand Runs build, type check, lint, and tests via quality-gate.sh. Click to trigger comprehensive quality checks.
typecheck-on-edit File edited (*.ts, *.tsx) askAgent Checks for type errors when TypeScript files are edited to catch issues early.
console-log-check File edited (*.js, *.ts, *.tsx) askAgent Checks for console.log statements to prevent debug code from being committed.
tdd-reminder File created (*.ts, *.tsx) askAgent Reminds you to write tests first when creating new TypeScript files.
git-push-review Before shell command askAgent Reviews git push commands to ensure code quality before pushing.
code-review-on-write After write operation askAgent Triggers code review after file modifications.
auto-format File edited (*.ts, *.tsx, *.js) askAgent Checks for formatting issues and fixes them inline without spawning a terminal.
extract-patterns Agent stops askAgent Suggests patterns to add to lessons-learned.md after completing work.
session-summary Agent stops askAgent Provides a summary of work completed in the session.
doc-file-warning Before write operation askAgent Warns before modifying documentation files to ensure intentional changes.

IDE Hook Format:

{
  "version": "1.0.0",
  "enabled": true,
  "name": "hook-name",
  "description": "What this hook does",
  "when": {
    "type": "fileEdited",
    "patterns": ["*.ts"]
  },
  "then": {
    "type": "runCommand",
    "command": "npx tsc --noEmit"
  }
}

Required fields: version, enabled, name, description, when, then

Available trigger types: fileEdited, fileCreated, fileDeleted, userTriggered, promptSubmit, agentStop, preToolUse, postToolUse

CLI Hooks (Embedded in Agents)

CLI hooks are embedded within agent configuration files for use with kiro-cli.

Example: See .kiro/agents/tdd-guide-with-hooks.json for an agent with embedded hooks.

CLI Hook Format:

{
  "name": "my-agent",
  "hooks": {
    "postToolUse": [
      {
        "matcher": "fs_write",
        "command": "npx tsc --noEmit"
      }
    ]
  }
}

Available triggers: agentSpawn, userPromptSubmit, preToolUse, postToolUse, stop

See .kiro/hooks/README.md for complete documentation on both hook types.

Scripts

Shell scripts used by hooks to perform quality checks and formatting.

Script Description
quality-gate.sh Detects your package manager (pnpm/yarn/bun/npm) and runs build, type check, lint, and test commands. Skips checks gracefully if tools are missing.
format.sh Detects your formatter (biome or prettier) and auto-formats the specified file. Used by formatting hooks.

Project Structure

.kiro/
├── agents/                       # 16 agents (JSON + MD formats)
│   ├── planner.json              # Planning specialist (CLI)
│   ├── planner.md                # Planning specialist (IDE)
│   ├── code-reviewer.json        # Code review specialist (CLI)
│   ├── code-reviewer.md          # Code review specialist (IDE)
│   ├── tdd-guide.json            # TDD specialist (CLI)
│   ├── tdd-guide.md              # TDD specialist (IDE)
│   ├── security-reviewer.json    # Security specialist (CLI)
│   ├── security-reviewer.md      # Security specialist (IDE)
│   ├── architect.json            # Architecture specialist (CLI)
│   ├── architect.md              # Architecture specialist (IDE)
│   ├── build-error-resolver.json # Build error specialist (CLI)
│   ├── build-error-resolver.md   # Build error specialist (IDE)
│   ├── doc-updater.json          # Documentation specialist (CLI)
│   ├── doc-updater.md            # Documentation specialist (IDE)
│   ├── refactor-cleaner.json     # Refactoring specialist (CLI)
│   ├── refactor-cleaner.md       # Refactoring specialist (IDE)
│   ├── go-reviewer.json          # Go review specialist (CLI)
│   ├── go-reviewer.md            # Go review specialist (IDE)
│   ├── python-reviewer.json      # Python review specialist (CLI)
│   ├── python-reviewer.md        # Python review specialist (IDE)
│   ├── database-reviewer.json    # Database specialist (CLI)
│   ├── database-reviewer.md      # Database specialist (IDE)
│   ├── e2e-runner.json           # E2E testing specialist (CLI)
│   ├── e2e-runner.md             # E2E testing specialist (IDE)
│   ├── harness-optimizer.json    # Test harness specialist (CLI)
│   ├── harness-optimizer.md      # Test harness specialist (IDE)
│   ├── loop-operator.json        # Verification loop specialist (CLI)
│   ├── loop-operator.md          # Verification loop specialist (IDE)
│   ├── chief-of-staff.json       # Project management specialist (CLI)
│   ├── chief-of-staff.md         # Project management specialist (IDE)
│   ├── go-build-resolver.json    # Go build specialist (CLI)
│   └── go-build-resolver.md      # Go build specialist (IDE)
├── skills/                       # 18 skills
│   ├── tdd-workflow/
│   │   └── SKILL.md              # TDD workflow skill
│   ├── coding-standards/
│   │   └── SKILL.md              # Coding standards skill
│   ├── security-review/
│   │   └── SKILL.md              # Security review skill
│   ├── verification-loop/
│   │   └── SKILL.md              # Verification loop skill
│   ├── api-design/
│   │   └── SKILL.md              # API design skill
│   ├── frontend-patterns/
│   │   └── SKILL.md              # Frontend patterns skill
│   ├── backend-patterns/
│   │   └── SKILL.md              # Backend patterns skill
│   ├── e2e-testing/
│   │   └── SKILL.md              # E2E testing skill
│   ├── golang-patterns/
│   │   └── SKILL.md              # Go patterns skill
│   ├── golang-testing/
│   │   └── SKILL.md              # Go testing skill
│   ├── python-patterns/
│   │   └── SKILL.md              # Python patterns skill
│   ├── python-testing/
│   │   └── SKILL.md              # Python testing skill
│   ├── database-migrations/
│   │   └── SKILL.md              # Database migrations skill
│   ├── postgres-patterns/
│   │   └── SKILL.md              # PostgreSQL patterns skill
│   ├── docker-patterns/
│   │   └── SKILL.md              # Docker patterns skill
│   ├── deployment-patterns/
│   │   └── SKILL.md              # Deployment patterns skill
│   ├── search-first/
│   │   └── SKILL.md              # Search-first methodology skill
│   └── agentic-engineering/
│       └── SKILL.md              # Agentic engineering skill
├── steering/                     # 16 steering files
│   ├── coding-style.md           # Auto-loaded coding style rules
│   ├── security.md               # Auto-loaded security rules
│   ├── testing.md                # Auto-loaded testing rules
│   ├── development-workflow.md   # Auto-loaded dev workflow
│   ├── git-workflow.md           # Auto-loaded git workflow
│   ├── patterns.md               # Auto-loaded design patterns
│   ├── performance.md            # Auto-loaded performance rules
│   ├── lessons-learned.md        # Auto-loaded project patterns
│   ├── typescript-patterns.md    # Loaded for .ts/.tsx files
│   ├── python-patterns.md        # Loaded for .py files
│   ├── golang-patterns.md        # Loaded for .go files
│   ├── swift-patterns.md         # Loaded for .swift files
│   ├── dev-mode.md               # Manual: #dev-mode
│   ├── review-mode.md            # Manual: #review-mode
│   └── research-mode.md          # Manual: #research-mode
├── hooks/                        # 10 IDE hooks
│   ├── README.md                      # Documentation on IDE and CLI hooks
│   ├── quality-gate.kiro.hook         # Manual quality gate hook
│   ├── typecheck-on-edit.kiro.hook    # Auto typecheck on edit
│   ├── console-log-check.kiro.hook    # Check for console.log
│   ├── tdd-reminder.kiro.hook         # TDD reminder on file create
│   ├── git-push-review.kiro.hook      # Review before git push
│   ├── code-review-on-write.kiro.hook # Review after write
│   ├── auto-format.kiro.hook          # Auto-format on edit
│   ├── extract-patterns.kiro.hook     # Extract patterns on stop
│   ├── session-summary.kiro.hook      # Summary on stop
│   └── doc-file-warning.kiro.hook     # Warn before doc changes
├── scripts/                      # 2 shell scripts
│   ├── quality-gate.sh           # Quality gate shell script
│   └── format.sh                 # Auto-format shell script
└── settings/                     # MCP configuration
    └── mcp.json.example          # Example MCP server configs

docs/                             # 5 documentation files
├── longform-guide.md             # Deep dive on agentic workflows
├── shortform-guide.md            # Quick reference guide
├── security-guide.md             # Security best practices
├── migration-from-ecc.md         # Migration guide from ECC
└── ECC-KIRO-INTEGRATION-PLAN.md  # Integration plan and analysis

Customization

All files are yours to modify after installation. The installer never overwrites existing files, so your customizations are safe across re-installs.

  • Edit agent prompts in .kiro/agents/*.json to adjust behavior or add project-specific instructions
  • Modify skill workflows in .kiro/skills/*/SKILL.md to match your team's processes
  • Adjust steering rules in .kiro/steering/*.md to enforce your coding standards
  • Toggle or edit hooks in .kiro/hooks/*.json to automate your workflow
  • Customize scripts in .kiro/scripts/*.sh to match your tooling setup

Recommended Workflow

  1. Start with planning: Use the planner agent to break down complex features
  2. Write tests first: Invoke the tdd-workflow skill before implementing
  3. Review your code: Switch to code-reviewer agent after writing code
  4. Check security: Use security-reviewer agent for auth, API endpoints, or sensitive data handling
  5. Run quality gate: Trigger the quality-gate hook before committing
  6. Verify comprehensively: Use the verification-loop skill before creating PRs

The auto-loaded steering files (coding-style, security, testing) ensure consistent standards throughout your session.

Usage Examples

Example 1: Building a New Feature with TDD

# 1. Start with the planner agent to break down the feature
kiro-cli --agent planner
> "I need to add user authentication with JWT tokens"

# 2. Invoke the TDD workflow skill
> /tdd-workflow

# 3. Follow the TDD cycle: write tests first, then implementation
# The tdd-workflow skill will guide you through:
# - Writing unit tests for auth logic
# - Writing integration tests for API endpoints
# - Writing E2E tests for login flow

# 4. Switch to code-reviewer after implementation
> /agent swap code-reviewer
> "Review the authentication implementation"

# 5. Run security review for auth-related code
> /agent swap security-reviewer
> "Check for security vulnerabilities in the auth system"

# 6. Trigger quality gate before committing
# (In IDE: Click the quality-gate hook in Agent Hooks panel)

Example 2: Code Review Workflow

# 1. Switch to code-reviewer agent
kiro-cli --agent code-reviewer

# 2. Review specific files or directories
> "Review the changes in src/api/users.ts"

# 3. Use the verification-loop skill for comprehensive checks
> /verification-loop

# 4. The verification loop will:
# - Run build and type checks
# - Run linter
# - Run all tests
# - Perform security scan
# - Review git diff
# - Iterate until all checks pass

Example 3: Security-First Development

# 1. Invoke security-review skill when working on sensitive features
> /security-review

# 2. The skill provides a comprehensive checklist:
# - Input validation and sanitization
# - Authentication and authorization
# - Secret management
# - SQL injection prevention
# - XSS prevention
# - CSRF protection

# 3. Switch to security-reviewer agent for deep analysis
> /agent swap security-reviewer
> "Analyze the API endpoints for security vulnerabilities"

# 4. The security.md steering file is auto-loaded, ensuring:
# - No hardcoded secrets
# - Proper error handling
# - Secure crypto usage
# - OWASP Top 10 compliance

Example 4: Language-Specific Development

# For Go projects:
kiro-cli --agent go-reviewer
> "Review the concurrency patterns in this service"
> /golang-patterns  # Invoke Go-specific patterns skill

# For Python projects:
kiro-cli --agent python-reviewer
> "Review the type hints and error handling"
> /python-patterns  # Invoke Python-specific patterns skill

# Language-specific steering files are auto-loaded:
# - golang-patterns.md loads when editing .go files
# - python-patterns.md loads when editing .py files
# - typescript-patterns.md loads when editing .ts/.tsx files

Example 5: Using Hooks for Automation

# Hooks run automatically based on triggers:

# 1. typecheck-on-edit hook
# - Triggers when you save .ts or .tsx files
# - Agent checks for type errors inline, no terminal spawned

# 2. console-log-check hook
# - Triggers when you save .js, .ts, or .tsx files
# - Agent flags console.log statements and offers to remove them

# 3. tdd-reminder hook
# - Triggers when you create a new .ts or .tsx file
# - Reminds you to write tests first
# - Reinforces TDD discipline

# 4. extract-patterns hook
# - Runs when agent stops working
# - Suggests patterns to add to lessons-learned.md
# - Builds your team's knowledge base over time

# Toggle hooks on/off in the Agent Hooks panel (IDE)
# or disable them in the hook JSON files

Example 6: Manual Context Modes

# Use manual steering files for specific contexts:

# Development mode - focused on implementation
> #dev-mode
> "Implement the user registration endpoint"

# Review mode - thorough code review
> #review-mode
> "Review all changes in the current PR"

# Research mode - exploration and learning
> #research-mode
> "Explain how the authentication system works"

# Manual steering files provide context-specific instructions
# without cluttering every conversation

Example 7: Database Work

# 1. Use database-reviewer agent for schema work
kiro-cli --agent database-reviewer
> "Review the database schema for the users table"

# 2. Invoke database-migrations skill
> /database-migrations

# 3. For PostgreSQL-specific work
> /postgres-patterns
> "Optimize this query for better performance"

# 4. The database-reviewer checks:
# - Schema design and normalization
# - Index usage and performance
# - Migration safety
# - SQL injection vulnerabilities

Example 8: Building and Deploying

# 1. Fix build errors with build-error-resolver
kiro-cli --agent build-error-resolver
> "Fix the TypeScript compilation errors"

# 2. Use docker-patterns skill for containerization
> /docker-patterns
> "Create a production-ready Dockerfile"

# 3. Use deployment-patterns skill for CI/CD
> /deployment-patterns
> "Set up a GitHub Actions workflow for deployment"

# 4. Run quality gate before deployment
# (Trigger quality-gate hook to run all checks)

Example 9: Refactoring and Cleanup

# 1. Use refactor-cleaner agent for safe refactoring
kiro-cli --agent refactor-cleaner
> "Remove unused code and consolidate duplicate functions"

# 2. The agent will:
# - Identify dead code
# - Find duplicate implementations
# - Suggest consolidation opportunities
# - Refactor safely without breaking changes

# 3. Use verification-loop after refactoring
> /verification-loop
# Ensures all tests still pass after refactoring

Example 10: Documentation Updates

# 1. Use doc-updater agent for documentation work
kiro-cli --agent doc-updater
> "Update the README with the new API endpoints"

# 2. The agent will:
# - Update codemaps in docs/CODEMAPS/
# - Update README files
# - Generate API documentation
# - Keep docs in sync with code

# 3. doc-file-warning hook prevents accidental doc changes
# - Triggers before writing to documentation files
# - Asks for confirmation
# - Prevents unintentional modifications

Documentation

For more detailed information, see the docs/ directory:

Contributers

License

MIT — see LICENSE for details.