[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-1288":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":14,"subscribersCount":14,"size":14,"stars1d":15,"stars7d":15,"stars30d":13,"stars90d":14,"forks30d":14,"starsTrendScore":16,"compositeScore":17,"rankGlobal":9,"rankLanguage":9,"license":18,"archived":19,"fork":19,"defaultBranch":20,"hasWiki":21,"hasPages":19,"topics":22,"createdAt":9,"pushedAt":9,"updatedAt":35,"readmeContent":36,"aiSummary":37,"trendingCount":14,"starSnapshotCount":14,"syncStatus":38,"lastSyncTime":39,"discoverSource":40},1288,"my-claude-devteam","NYCU-Chung\u002Fmy-claude-devteam","NYCU-Chung","An engineering team in a box for Claude Code — 12 specialized agents, 15 automation hooks, and the P7\u002FP9\u002FP10 methodology.",null,"JavaScript",267,60,4,0,1,3,5.36,"MIT License",false,"main",true,[23,24,25,26,27,28,29,30,31,32,33,34],"ai-agents","ai-coding","automation","claude","claude-code","code-review","dev-team","developer-tools","hooks","methodology","plugin","subagents","2026-06-12 02:00:25","# Claude Code Dev Team\r\n\r\n**English · [繁體中文](.\u002FREADME.zh-TW.md)**\r\n\r\n> **An entire engineering team for Claude Code**\r\n> — 12 specialized agents, 15 automation hooks, and the P7\u002FP9\u002FP10 methodology that keeps them disciplined.\r\n\r\nMost people use Claude Code as a single coder. This config turns it into a full engineering org: **planner, fullstack-engineer, refactor-specialist, migration-engineer, frontend-designer, critic, vuln-verifier, debugger, db-expert, onboarder, tool-expert, web-researcher** — each agent owns a role, each has its own tool permissions, and a strict delegation rulebook decides who touches what.\r\n\r\nBacked by **corporate-culture-inspired discipline** (closure, fact-driven, exhaustiveness) and **battle-tested hooks** that catch debugger statements, hardcoded secrets, cost overruns, and MCP outages before they hit main.\r\n\r\n---\r\n\r\n## The Team\r\n\r\n| Role | Agent | What they do | When they ship |\r\n|------|-------|--------------|---------------|\r\n| 📋 **Tech Lead** | `planner` | Breaks down fuzzy requirements into parallelizable Task Prompts with a six-element contract (goal \u002F scope \u002F input \u002F output \u002F acceptance \u002F boundaries). Never writes code. | Task touches 3+ files or 2+ modules |\r\n| 🛠 **Senior Engineer** | `fullstack-engineer` | Ships features using the P7 methodology: read reality → design solution → impact analysis → implement → three-question self-review → `[P7-COMPLETION]` delivery. | Single-feature or cross-module implementation |\r\n| 🔄 **Refactor Lead** | `refactor-specialist` | Large-scale safe refactors. Atomic commits, full callsite verification, single-revert rollback. | Renames, file moves, module extraction across 10+ files |\r\n| 🚀 **Migration Lead** | `migration-engineer` | Framework \u002F library major-version upgrades. Reads upstream changelog, executes incrementally, verifies at every step. | Next.js 13→14, Vue 2→3, Tailwind 3→4, etc. |\r\n| 🎨 **Designer** | `frontend-designer` | Builds landing pages, dashboards, and UI that doesn't look like AI slop. Opinionated aesthetic direction, refuses generic output. | New pages, UI redesigns, visual upgrades |\r\n| 🔍 **Code Reviewer** | `critic` | Finds bugs, security holes, logic errors, edge cases, performance issues. Every finding with file path + line number. No \"looks good to me\". | Pre-commit, pre-deploy, pre-merge |\r\n| 🧪 **Pentester** | `vuln-verifier` | Takes the critic's findings and writes actual PoC tests to prove the vulnerability is real — no false positives, no hand-waving. | After critic flags a security issue |\r\n| 🐛 **Debug Engineer** | `debugger` | Reads logs, constructs hypotheses, verifies, fixes. Never guesses, always traces root cause. Includes log-analyzer. | Bug reports, service incidents, test failures |\r\n| 🗄 **DB Specialist** | `db-expert` | Reviews schemas, migrations, queries for safety, indexes, locks, race conditions. Paranoid about data loss. | Schema changes, migrations, query optimization |\r\n| 🗺 **Onboarder** | `onboarder` | First-time codebase exploration. Produces a structured mental model — architecture, entry points, suspicious areas. | Joining a new project, evaluating an open-source repo |\r\n| ⚙️ **Tool Expert** | `tool-expert` | Picks the right MCP tools, chains complex workflows, troubleshoots tool failures. Knows every integration in your stack. | MCP tool failures, complex tool chaining |\r\n| 📚 **Researcher** | `web-researcher` | Fetches and synthesizes official docs, API specs, error code meanings. The antidote to hallucination. | Uncertain API usage, error code lookups |\r\n\r\nEach agent is a markdown file under `agents\u002F` with its own system prompt, tool permissions, and model selection. **Customize them. Fork them. Replace the ones you don't need.**\r\n\r\n---\r\n\r\n## The Workflow\r\n\r\n```\r\n ┌─────────────┐\r\n │ Your Task │\r\n └──────┬──────┘\r\n │\r\n ┌────────▼────────┐\r\n │ 📋 planner │ ← Breaks into parallel subtasks\r\n │ (Tech Lead) │ if touches 3+ files\r\n └────────┬────────┘\r\n │\r\n ┌─────────┼─────────┐\r\n ▼ ▼ ▼\r\n ┌─────────┐ ┌─────────┐ ┌─────────┐\r\n │ fullstk │ │ fullstk │ │ fullstk │ ← Parallel execution\r\n │ × N │ │ × N │ │ × N │ P7 methodology\r\n └────┬────┘ └────┬────┘ └────┬────┘\r\n └───────────┼───────────┘\r\n ▼\r\n ┌──────────────┐\r\n │ 🔍 critic │ ← Mandatory pre-deploy review\r\n │ (reviewer) │\r\n └───────┬──────┘\r\n │\r\n ┌────────┴────────┐\r\n │ │\r\n ▼ ▼\r\n ┌──────────────┐ ┌─────────────┐\r\n │ 🐛 debugger │ │ Deploy │\r\n │ (if issues) │ │ │\r\n └──────────────┘ └─────────────┘\r\n```\r\n\r\n**Security-sensitive work** takes a detour: `critic` flags → `vuln-verifier` writes PoC → fix or file PR.\r\n\r\n---\r\n\r\n## The Methodology\r\n\r\n### Three Red Lines\r\n\r\nEvery agent enforces these. No exceptions. No \"close enough\".\r\n\r\n- **🔒 Closure Discipline** — Every task has a clear Definition of Done. \"This is probably enough\" is not an ending.\r\n- **📎 Fact-Driven** — Every judgment must cite actual code with paths and line numbers. \"I guess\" \u002F \"probably\" \u002F \"should be\" are violations.\r\n- **✅ Exhaustiveness** — Checklists cannot be skipped. Clean items must be explicitly marked \"checked, no problems\" — never silently ignored.\r\n\r\n### P7\u002FP9\u002FP10 Mode Switching\r\n\r\nNot role-play. **Operating modes** that Claude switches between based on task scope:\r\n\r\n| Scope | Mode | Behavior |\r\n|-------|------|----------|\r\n| Single feature | **P7** (Senior Engineer) | Design → Impact analysis → Implement → Three-question self-review → `[P7-COMPLETION]` |\r\n| Multi-module, 3+ files | **P9** (Tech Lead) | Decompose into Task Prompts with six elements. Coding is forbidden — your output is prompts, not code. |\r\n| Cross-team, 5+ sprints | **P10** (CTO) | Output strategy docs. Goals, success metrics, risks, timeline, resource allocation. |\r\n\r\n### PUA Mode (High-Pressure Triggers)\r\n\r\nThe team shifts into exhaustive mode when:\r\n\r\n- Same task failed 2+ times → write three new hypotheses, no retrying the old one\r\n- About to say \"I can't solve this\" → forbidden, check docs and source\r\n- Being passive, waiting for instructions → find the next step yourself\r\n- User says \"try harder\" \u002F \"why did it fail again\" → enter reflection mode\r\n- User says \"don't get slapped again\" → cross-verify every assumption 3 different ways\r\n\r\n> We don't keep idle agents. No half-finished work. No excuses.\r\n\r\n---\r\n\r\n## The Automation (Hooks)\r\n\r\nFifteen automation hooks wire up at `pre-commit`, `post-tool-use`, and `stop` events. They catch problems before they ship.\r\n\r\n| Hook | Trigger | What it catches |\r\n|------|---------|-----------------|\r\n| 💰 `cost-tracker.js` | After every response | Token usage + estimated cost per model (Opus \u002F Sonnet \u002F Haiku). Running tally in `~\u002F.claude\u002Fstats-cache.json` |\r\n| ✋ `commit-quality.js` | Pre-commit | Blocks commits with `debugger` statements or hardcoded secrets in JS\u002FTS\u002FPython files |\r\n| 🔧 `mcp-health.js` | MCP tool failures | Detects MCP server outages and suggests restart paths |\r\n| 🛡 `config-protection.js` | Edit\u002FWrite to critical files | Guards important config files from accidental overwrites |\r\n| 🎨 `design-quality.js` | Frontend changes | Checks for AI-slop indicators in UI code |\r\n| 📝 `check-console.js` | Pre-commit | Flags stray `console.log` in production paths |\r\n| 📊 `audit-log.js` | All tool calls | Keeps an audit trail of significant tool operations |\r\n| 🎯 `batch-format.js` | Multi-file edits | Runs formatter on modified files in batch |\r\n| 💡 `suggest-compact.js` | Context pressure | Suggests `\u002Fcompact` when context window fills up |\r\n| 📈 `accumulator.js` | Session tracking | Accumulates session metrics |\r\n| 🚨 `log-error.sh` | Any error | Unified error logging to `~\u002F.claude\u002Ferror-log.md` |\r\n| 🧪 `test-runner.js` | After file edit | Finds sibling test file, runs vitest\u002Fjest, reports failures (non-blocking) |\r\n| 🔒 `branch-protection.js` | Pre-Bash | Hard-blocks force pushes and direct commits to main \u002F master \u002F production \u002F release |\r\n| 📏 `large-file-warner.js` | Pre-Read | Warns at 500 KB, blocks at 2 MB to protect context window |\r\n| 📚 `session-summary.js` | Stop | Appends session summary to `~\u002F.claude\u002Fsessions\u002F` for later search |\r\n\r\nEach hook is a self-contained script. Enable \u002F disable \u002F customize in `settings.example.json`.\r\n\r\n---\r\n\r\n## From the Field\r\n\r\nReal observations from daily use. Your mileage may vary.\r\n\r\n### `critic` is the MVP\r\n\r\nOn mid-sized modules (500–2000 lines), `critic` routinely finds **20–30 issues** across all severity tiers. On large open-source codebases (tested against OpenClaw 352K⭐, Mermaid 87K⭐, Storybook 85K⭐, React Router 56K⭐), a single focused audit still surfaces **5–10 real bugs** that had not been reported in the issue tracker.\r\n\r\nNotable catches from real audits:\r\n- A CWE-208 timing-safe comparison gap in a 352K-star repo that **three prior security-hardening PRs had missed** (diffs store `!==` vs `safeEqualSecret`)\r\n- A non-atomic `writeFileSync` race in an auth-adjacent allowlist file that would corrupt state under concurrent access\r\n- An Ollama reasoning-model heuristic regex (`\u002Fr1\u002F`) that misidentified unrelated models as thinking models\r\n\r\nThe strictness (\"assume everything is broken until proven otherwise\") is what makes it work.\r\n\r\n### `debugger` saves you from face-plants\r\n\r\nTwice during one bug-hunting session, the author was about to submit PRs based on seemingly clear reproductions. Both times `debugger` traced the behavior on HEAD and found the bugs had **already been silently fixed** in recent commits — the original reporters were on outdated versions. Submitting would have been embarrassing.\r\n\r\n- **Svelte #18083** — infinite-loop reconcile bug. Turned out to be a regression introduced in 5.43.8 that was fixed in 5.44.0+ by #17191 \u002F #17240 \u002F #17550. `debugger` ran the repro on HEAD and the test passed.\r\n- **Mermaid #6953** — sequence diagram alias+type combo. Already shipped in 11.14.0 via PR #7136; the issue just hadn't been closed.\r\n\r\nThe slow methodology (\"reproduce, then hypothesize, then verify\") is the whole point.\r\n\r\n### `planner` replaces the clarification loop\r\n\r\nOn tasks touching 3+ files, dispatching to `planner` first turns a 30-message back-and-forth into one structured Task Prompt. The **six-element contract** (goal \u002F scope \u002F input \u002F output \u002F acceptance \u002F boundaries) forces you to state the Definition of Done before anyone writes code.\r\n\r\n### `vuln-verifier` is boring in the best way\r\n\r\nMost reported \"vulnerabilities\" are false positives or partially true. The **PoC-or-it-didn't-happen** protocol converts fuzzy \"I think this could be exploited\" reports into verdicts with actual program output. Every verdict comes with an attack input **and** a baseline control input — so you prove the vulnerable behavior is triggered by the attack and not by any input.\r\n\r\n---\r\n\r\n## Install (One Command)\r\n\r\n```\r\n\u002Fplugin marketplace add NYCU-Chung\u002Fmy-claude-devteam\r\n\u002Fplugin install devteam@my-claude-devteam\r\n```\r\n\r\nOnce installed, all 12 agents and 15 hooks register automatically. Restart Claude Code and your dev team is online.\r\n\r\n### Optional: install the methodology document\r\n\r\nThe plugin ships with the **P7\u002FP9\u002FP10 methodology + three red lines** baked into each agent, but for the strongest effect, also drop one of the `CLAUDE.md` files into `~\u002F.claude\u002FCLAUDE.md` so the whole session operates under the same discipline:\r\n\r\n```bash\r\n# English\r\ncurl -sL https:\u002F\u002Fraw.githubusercontent.com\u002FNYCU-Chung\u002Fmy-claude-devteam\u002Fmain\u002FCLAUDE.en.md -o ~\u002F.claude\u002FCLAUDE.md\r\n\r\n# Traditional Chinese\r\ncurl -sL https:\u002F\u002Fraw.githubusercontent.com\u002FNYCU-Chung\u002Fmy-claude-devteam\u002Fmain\u002FCLAUDE.zh-TW.md -o ~\u002F.claude\u002FCLAUDE.md\r\n```\r\n\r\n### Manual install (without plugin)\r\n\r\nIf you prefer not to use the plugin system:\r\n\r\n```bash\r\ngit clone https:\u002F\u002Fgithub.com\u002FNYCU-Chung\u002Fmy-claude-devteam ~\u002Fmy-claude-devteam\r\n\r\nmv ~\u002F.claude\u002Fagents ~\u002F.claude\u002Fagents.bak 2>\u002Fdev\u002Fnull\r\nmv ~\u002F.claude\u002Fhooks ~\u002F.claude\u002Fhooks.bak 2>\u002Fdev\u002Fnull\r\n\r\ncp -r ~\u002Fmy-claude-devteam\u002Fagents ~\u002F.claude\u002F\r\ncp -r ~\u002Fmy-claude-devteam\u002Fhooks ~\u002F.claude\u002F\r\ncp ~\u002Fmy-claude-devteam\u002Fsettings.example.json ~\u002F.claude\u002Fsettings.json\r\n# (optional) cp ~\u002Fmy-claude-devteam\u002FCLAUDE.en.md ~\u002F.claude\u002FCLAUDE.md\r\n```\r\n\r\n**Verify the install:**\r\n\r\n```\r\nYou: \"I need to add a POST endpoint for broadcast messages\"\r\nClaude: [spawns fullstack-engineer with P7 methodology]\r\n [designs → implements → three-question self-review]\r\n [spawns critic for pre-deploy review]\r\n```\r\n\r\n---\r\n\r\n## What's NOT Included\r\n\r\nThis repo is **opinionated methodology + tools**, not a kitchen sink. You still need to bring:\r\n\r\n- **Your own subagents** for project-specific roles (VPS ops, deployment automation, custom integrations)\r\n- **Your own hook configuration** for paths and thresholds\r\n- **Your own CLAUDE.md project sections** — infrastructure, repo lists, deployment commands (keep these out of the public repo for security)\r\n- **Third-party skill packs** — this repo doesn't redistribute other people's work\r\n\r\n---\r\n\r\n## Credits\r\n\r\n- **P7\u002FP9\u002FP10 methodology and PUA mode** are adapted from [**tanweai\u002Fpua**](https:\u002F\u002Fgithub.com\u002Ftanweai\u002Fpua) (MIT License) by 探微安全实验室 (Tanwei Security Lab). The original is a full Claude Code plugin with KPI reports, leaderboards, self-evolution tracking, and a Loop mode. If you want the full feature set, install it directly from [openpua.ai](https:\u002F\u002Fopenpua.ai).\r\n- **The 12-agent team structure and hooks** are the result of months of real-world iteration — shipping to production, getting burned, iterating again.\r\n- **Core philosophy** is inspired by Chinese big-tech engineering culture: P-level role ladders, closure-oriented task management, the \"three red lines\" discipline, and the corporate pressure culture that turns \"good enough\" into \"exhaust every option\".\r\n\r\n---\r\n\r\n## License\r\n\r\nMIT. Take it, fork it, ship it. Attribution appreciated but not required.\r\n\r\n---\r\n\r\n> Built by [@NYCU-Chung](https:\u002F\u002Fgithub.com\u002FNYCU-Chung).\r\n","NYCU-Chung\u002Fmy-claude-devteam 是一个为 Claude Code 提供的工程团队配置项目,包含12个专业代理、15个自动化钩子和P7\u002FP9\u002FP10方法论。该项目通过将Claude Code从单一编码者转变为一个完整的工程组织,每个代理负责特定角色并拥有自己的工具权限,实现了更高效的任务分配与执行。其核心功能包括需求分解、特性开发、重构、迁移、前端设计、代码审查等,并通过严格的规则确保代码质量和安全性。适用于需要快速构建高质量软件产品且希望提高开发效率与协作水平的场景。",2,"2026-06-11 02:42:49","CREATED_QUERY"]