fix: resolve multiple reported issues (#205, #182, #188, #172, #173) (#207)
* fix: resolve multiple reported issues (#205, #182, #188, #172, #173)
- fix(observe.sh): replace triple-quote JSON parsing with stdin pipe to
prevent ~49% parse failures on payloads with quotes/backslashes/unicode
- fix(hooks.json): correct matcher syntax to use simple tool name regexes
instead of unsupported logical expressions; move command/path filtering
into hook scripts; use exit code 2 for blocking hooks
- fix(skills): quote YAML descriptions containing colons in 3 skill files
and add missing frontmatter to 2 skill files for Codex CLI compatibility
- feat(rules): add paths: filters to all 15 language-specific rule files
so they only load when working on matching file types
- fix(agents): align model fields with CONTRIBUTING.md recommendations
(opus for planner/architect, sonnet for reviewers/workers, haiku for
doc-updater)
* ci: use AgentShield GitHub Action instead of npx
Switch from npx ecc-agentshield to uses: affaan-m/agentshield@v1
for proper GitHub Action demo and marketplace visibility.
2026-02-11 23:48:45 -08:00
|
|
|
---
|
|
|
|
|
paths:
|
|
|
|
|
- "**/*.ts"
|
|
|
|
|
- "**/*.tsx"
|
|
|
|
|
- "**/*.js"
|
|
|
|
|
- "**/*.jsx"
|
|
|
|
|
---
|
refactor(rules): restructure into common + language-specific directories
* refactor(rules): restructure rules into common + language-specific directories
- Split 8 flat rule files into common/, typescript/, python/, golang/
- common/ contains language-agnostic principles (no code examples)
- typescript/ extracts TS/JS specifics (Zod, Playwright, Prettier hooks, etc.)
- python/ adds Python rules (PEP 8, pytest, black/ruff, bandit)
- golang/ adds Go rules (gofmt, table-driven tests, gosec, functional options)
- Replace deprecated ultrathink with extended thinking documentation
- Add README.md with installation guide and new-language template
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Fix installation commands for rules
Updated installation instructions to copy all rules to a single directory.
* docs: update README.md to reflect new rules directory structure
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Hor1zonZzz <Hor1zonZzz@users.noreply.github.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-05 21:58:06 +08:00
|
|
|
# TypeScript/JavaScript Security
|
|
|
|
|
|
|
|
|
|
> This file extends [common/security.md](../common/security.md) with TypeScript/JavaScript specific content.
|
|
|
|
|
|
|
|
|
|
## Secret Management
|
|
|
|
|
|
|
|
|
|
```typescript
|
|
|
|
|
// NEVER: Hardcoded secrets
|
|
|
|
|
const apiKey = "sk-proj-xxxxx"
|
|
|
|
|
|
|
|
|
|
// ALWAYS: Environment variables
|
|
|
|
|
const apiKey = process.env.OPENAI_API_KEY
|
|
|
|
|
|
|
|
|
|
if (!apiKey) {
|
|
|
|
|
throw new Error('OPENAI_API_KEY not configured')
|
|
|
|
|
}
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
## Agent Support
|
|
|
|
|
|
|
|
|
|
- Use **security-reviewer** skill for comprehensive security audits
|