dean0x · dean0x · Oct 18, 2025 · Oct 18, 2025 · Oct 18, 2025 · Oct 18, 2025
@@ -93,14 +93,6 @@ ENFORCE these strictly:
 - Stick to ONE async pattern (don't mix callback/promise/async styles)
 - NO global state unless explicitly justified
 
-### Test Quality Standards
-
-Tests must validate BEHAVIOR, not work around BAD DESIGN:
-- If tests need complex setup, the design is probably wrong
-- If tests have repetitive boilerplate, the API is probably wrong
-- If mocking is difficult, dependencies are probably wrong
-- Tests should be SIMPLE when design is correct
-
 ### Change Process for Failing Tests
 
 1. **STOP** - Don't fix tests immediately
@@ -129,6 +121,82 @@ Before declaring work complete:
 
 ---
 
+### Production Build Optimization
+
+**CRITICAL**: Never ship test files, debug symbols, or sourcemaps to production.
+
+**Requirements:**
+1. **Separate configs** - Dev config (with debug info) vs prod config (optimized)
+2. **Exclude tests** - No test files in build output
+3. **Exclude debug artifacts** - No sourcemaps, debug symbols, or profiling data
+4. **Clean builds** - Remove old artifacts before building
+5. **Watch mode** - Fast rebuilds during development
+
+**Implementation checklist:**
+- [ ] Production build excludes test files
+- [ ] Production build excludes sourcemaps/debug symbols
+- [ ] Separate dev build with full debug info
+- [ ] Pre-build cleanup of old artifacts
+- [ ] Watch mode for development
+- [ ] Verify package contents before publishing
+
+**File patterns to exclude from production:**
+**/.test.
+**/.spec.
+**/_test.
+**/*.map
+**/debug/
+**/coverage/
+**/tests/
+**/tests/
+
+**Build script structure:**
+```json
+{
+  "prebuild": "clean artifacts",
+  "build": "production build (no debug)",
+  "build:dev": "development build (with debug)",
+  "build:watch": "watch mode for development"
+}
+```
+
+---
+
+## Testing & Build Standards
+
+### Test Quality Standards
+
+Tests must validate BEHAVIOR, not work around BAD DESIGN:
+- If tests need complex setup, the design is probably wrong
+- If tests have repetitive boilerplate, the API is probably wrong
+- If mocking is difficult, dependencies are probably wrong
+- Tests should be SIMPLE when design is correct
+
+### Test Suite Safety
+
+**CRITICAL**: Always configure tests to run sequentially to prevent resource
+exhaustion and crashes.
+
+**Requirements:**
+1. **Sequential execution** - One test at a time, no parallelism
+2. **Memory limits** - Set explicit limits for test processes
+3. **Resource cleanup** - Clean temp files/databases before and after tests
+4. **Isolation** - Separate unit/integration/e2e test suites
+
+**Implementation checklist:**
+- [ ] Test runner configured for sequential execution (maxWorkers=1, no parallel)
+- [ ] Memory limits set in test command (language-specific)
+- [ ] Cleanup hooks: before (clean temp files) and after (close connections)
+- [ ] Default `test` command runs safely (unit then integration, sequentially)
+
+**Framework-specific flags:**
+- **Vitest/Jest**: `maxWorkers: 1`, `--runInBand`, `fileParallelism: false`
+- **pytest**: `-n 0` (no xdist), `--maxprocesses=1`
+- **Go**: `-p 1` (parallel=1)
+- **Rust**: `-- --test-threads=1`
+
+---
+
 ## Architecture Documentation
 
 **MANDATORY**: Document ALL architectural decisions directly in code:

@@ -81,4 +81,70 @@ For each finding, include:
 - Example implementations
 - Migration strategies for large changes
 
-Focus on structural issues that affect long-term maintainability and team productivity.
+Focus on structural issues that affect long-term maintainability and team productivity.
+
+## Report Storage
+
+**IMPORTANT**: When invoked by `/code-review`, save your audit report to the standardized location:
+
+```bash
+# Expect these variables from the orchestrator:
+# - CURRENT_BRANCH: Current git branch name
+# - AUDIT_BASE_DIR: Base directory (.docs/audits/${CURRENT_BRANCH})
+# - TIMESTAMP: Timestamp for report filename
+
+# Save report to:
+REPORT_FILE="${AUDIT_BASE_DIR}/architecture-report.${TIMESTAMP}.md"
+
+# Create report
+cat > "$REPORT_FILE" <<'EOF'
+# Architecture Audit Report
+
+**Branch**: ${CURRENT_BRANCH}
+**Date**: $(date +%Y-%m-%d)
+**Time**: $(date +%H:%M:%S)
+**Auditor**: DevFlow Architecture Agent
+
+---
+
+## Executive Summary
+
+{Brief summary of architectural quality}
+
+---
+
+## Critical Issues
+
+{CRITICAL severity fundamental architectural flaws}
+
+---
+
+## High Priority Issues
+
+{HIGH severity significant design issues}
+
+---
+
+## Medium Priority Issues
+
+{MEDIUM severity pattern inconsistencies}
+
+---
+
+## Low Priority Issues
+
+{LOW severity minor organizational improvements}
+
+---
+
+## Architecture Score: {X}/10
+
+**Recommendation**: {BLOCK MERGE | REVIEW REQUIRED | APPROVED WITH CONDITIONS | APPROVED}
+
+EOF
+
+echo "✅ Architecture audit report saved to: $REPORT_FILE"
+```
+
+**If invoked standalone** (not by /code-review), use a simpler path:
+- `.docs/audits/standalone/architecture-report.${TIMESTAMP}.md`
@@ -99,4 +99,70 @@ For each finding, include:
 - Example improvements
 - Estimated effort for fixes
 
-Focus on complexity issues that significantly impact code maintainability, readability, and development velocity.
+Focus on complexity issues that significantly impact code maintainability, readability, and development velocity.
+
+## Report Storage
+
+**IMPORTANT**: When invoked by `/code-review`, save your audit report to the standardized location:
+
+```bash
+# Expect these variables from the orchestrator:
+# - CURRENT_BRANCH: Current git branch name
+# - AUDIT_BASE_DIR: Base directory (.docs/audits/${CURRENT_BRANCH})
+# - TIMESTAMP: Timestamp for report filename
+
+# Save report to:
+REPORT_FILE="${AUDIT_BASE_DIR}/complexity-report.${TIMESTAMP}.md"
+
+# Create report
+cat > "$REPORT_FILE" <<'EOF'
+# Complexity Audit Report
+
+**Branch**: ${CURRENT_BRANCH}
+**Date**: $(date +%Y-%m-%d)
+**Time**: $(date +%H:%M:%S)
+**Auditor**: DevFlow Complexity Agent
+
+---
+
+## Executive Summary
+
+{Brief summary of complexity and maintainability}
+
+---
+
+## Critical Issues
+
+{CRITICAL severity extremely complex code hampering development}
+
+---
+
+## High Priority Issues
+
+{HIGH severity significant complexity issues}
+
+---
+
+## Medium Priority Issues
+
+{MEDIUM severity moderate complexity improvements needed}
+
+---
+
+## Low Priority Issues
+
+{LOW severity minor complexity optimizations}
+
+---
+
+## Maintainability Score: {X}/10
+
+**Recommendation**: {BLOCK MERGE | REVIEW REQUIRED | APPROVED WITH CONDITIONS | APPROVED}
+
+EOF
+
+echo "✅ Complexity audit report saved to: $REPORT_FILE"
+```
+
+**If invoked standalone** (not by /code-review), use a simpler path:
+- `.docs/audits/standalone/complexity-report.${TIMESTAMP}.md`
@@ -104,4 +104,70 @@ For each finding, include:
 - Migration considerations
 - Monitoring suggestions
 
-Focus on database issues that affect data integrity, query performance, or system scalability.
+Focus on database issues that affect data integrity, query performance, or system scalability.
+
+## Report Storage
+
+**IMPORTANT**: When invoked by `/code-review`, save your audit report to the standardized location:
+
+```bash
+# Expect these variables from the orchestrator:
+# - CURRENT_BRANCH: Current git branch name
+# - AUDIT_BASE_DIR: Base directory (.docs/audits/${CURRENT_BRANCH})
+# - TIMESTAMP: Timestamp for report filename
+
+# Save report to:
+REPORT_FILE="${AUDIT_BASE_DIR}/database-report.${TIMESTAMP}.md"
+
+# Create report
+cat > "$REPORT_FILE" <<'EOF'
+# Database Audit Report
+
+**Branch**: ${CURRENT_BRANCH}
+**Date**: $(date +%Y-%m-%d)
+**Time**: $(date +%H:%M:%S)
+**Auditor**: DevFlow Database Agent
+
+---
+
+## Executive Summary
+
+{Brief summary of database design and performance}
+
+---
+
+## Critical Issues
+
+{CRITICAL severity data integrity or severe performance issues}
+
+---
+
+## High Priority Issues
+
+{HIGH severity significant performance or design problems}
+
+---
+
+## Medium Priority Issues
+
+{MEDIUM severity optimization opportunities}
+
+---
+
+## Low Priority Issues
+
+{LOW severity minor improvements}
+
+---
+
+## Database Health Score: {X}/10
+
+**Recommendation**: {BLOCK MERGE | REVIEW REQUIRED | APPROVED WITH CONDITIONS | APPROVED}
+
+EOF
+
+echo "✅ Database audit report saved to: $REPORT_FILE"
+```
+
+**If invoked standalone** (not by /code-review), use a simpler path:
+- `.docs/audits/standalone/database-report.${TIMESTAMP}.md`
@@ -105,4 +105,70 @@ For each finding, include:
 - Alternative package suggestions
 - Update compatibility notes
 
-Focus on dependency issues that pose security, legal, or maintenance risks to the project.
+Focus on dependency issues that pose security, legal, or maintenance risks to the project.
+
+## Report Storage
+
+**IMPORTANT**: When invoked by `/code-review`, save your audit report to the standardized location:
+
+```bash
+# Expect these variables from the orchestrator:
+# - CURRENT_BRANCH: Current git branch name
+# - AUDIT_BASE_DIR: Base directory (.docs/audits/${CURRENT_BRANCH})
+# - TIMESTAMP: Timestamp for report filename
+
+# Save report to:
+REPORT_FILE="${AUDIT_BASE_DIR}/dependencies-report.${TIMESTAMP}.md"
+
+# Create report
+cat > "$REPORT_FILE" <<'EOF'
+# Dependency Audit Report
+
+**Branch**: ${CURRENT_BRANCH}
+**Date**: $(date +%Y-%m-%d)
+**Time**: $(date +%H:%M:%S)
+**Auditor**: DevFlow Dependencies Agent
+
+---
+
+## Executive Summary
+
+{Brief summary of dependency health and security}
+
+---
+
+## Critical Issues
+
+{CRITICAL severity security vulnerabilities requiring immediate action}
+
+---
+
+## High Priority Issues
+
+{HIGH severity significant security or legal risks}
+
+---
+
+## Medium Priority Issues
+
+{MEDIUM severity maintenance or performance concerns}
+
+---
+
+## Low Priority Issues
+
+{LOW severity minor improvements or optimizations}
+
+---
+
+## Dependency Health Score: {X}/10
+
+**Recommendation**: {BLOCK MERGE | REVIEW REQUIRED | APPROVED WITH CONDITIONS | APPROVED}
+
+EOF
+
+echo "✅ Dependency audit report saved to: $REPORT_FILE"
+```
+
+**If invoked standalone** (not by /code-review), use a simpler path:
+- `.docs/audits/standalone/dependencies-report.${TIMESTAMP}.md`