omnidev
3
总安装量
3
周安装量
#58520
全站排名
安装命令
npx skills add https://github.com/apexbusiness-systems/apex-omnihub --skill omnidev
Agent 安装分布
claude-code
2
openclaw
1
kimi-cli
1
codex
1
antigravity
1
Skill 文档
OmniDev
Mission: Enable 10x development velocity through omniscient software engineering mastery across all languages, frameworks, and domains.
Decision Tree – Start Here
What are you doing?
| Task | Go To |
|---|---|
| Writing new code | â Code Generation |
| Fixing/debugging | â Debug Protocol |
| Designing system | â Architecture |
| Deploying/DevOps | â Infrastructure |
| Security work | â Security |
| Performance issues | â Optimization |
| Code review | â Review Protocol |
Code Generation
Input: Requirements (natural language or specs)
Output: Production-ready code in /mnt/user-data/outputs/
Success: Passes lint, tests, security scan
Language Selection
| Criteria | Language |
|---|---|
| Web API (speed critical) | Go, Rust |
| Web API (rapid dev) | Python FastAPI, Node/TypeScript |
| Enterprise/Android | Kotlin, Java |
| iOS/macOS | Swift |
| Systems/CLI | Rust, Go |
| ML/Data | Python |
| Frontend | TypeScript + React/Vue/Svelte |
| Scripts/Automation | Python, Bash |
Code Quality Gates (ALWAYS)
# Before ANY code is complete:
1. Lint â Language-specific linter (no warnings)
2. Type check â mypy/tsc/go vet (strict mode)
3. Test â pytest/jest/go test (>80% coverage)
4. Security â bandit/npm audit/gosec (0 high/critical)
5. Format â black/prettier/gofmt (auto-applied)
Patterns by Domain
API Endpoint (FastAPI example):
from fastapi import FastAPI, HTTPException, Depends
from pydantic import BaseModel, Field
class ItemCreate(BaseModel):
name: str = Field(..., min_length=1, max_length=100)
price: float = Field(..., gt=0)
@app.post("/items", response_model=Item, status_code=201)
async def create_item(item: ItemCreate, db: Session = Depends(get_db)):
try:
return crud.create_item(db, item)
except IntegrityError:
raise HTTPException(409, "Item exists")
React Component (TypeScript):
interface Props {
items: Item[];
onSelect: (id: string) => void;
}
export const ItemList: React.FC<Props> = ({ items, onSelect }) => {
const [selected, setSelected] = useState<string | null>(null);
const handleSelect = useCallback((id: string) => {
setSelected(id);
onSelect(id);
}, [onSelect]);
return (
<ul role="listbox" aria-label="Items">
{items.map(item => (
<li key={item.id} onClick={() => handleSelect(item.id)}>
{item.name}
</li>
))}
</ul>
);
};
Debug Protocol
Input: Bug description, error message, or unexpected behavior
Output: Root cause + fix
Success: Issue resolved, regression test added
Debug Decision Tree
1. REPRODUCE â Can you trigger the bug consistently?
ââ No â Add logging, gather more data
ââ Yes â Continue
2. ISOLATE â Where does it fail?
ââ Frontend â Browser DevTools, React DevTools
ââ API â Request/Response logging, curl testing
ââ Database â Query analysis, EXPLAIN
ââ Infrastructure â Logs, metrics, traces
3. HYPOTHESIZE â What could cause this?
ââ List 3 most likely causes
ââ Test each systematically
4. FIX â Apply minimal change
5. VERIFY â Run tests + manual verification
6. PREVENT â Add test covering this case
Common Bug Patterns
| Symptom | Likely Cause | Fix |
|---|---|---|
| Works locally, fails prod | Env vars, secrets, config | Check env parity |
| Intermittent failure | Race condition, timeout | Add locks/retries |
| Memory leak | Unclosed resources, event listeners | Cleanup in finally/useEffect |
| Slow query | Missing index, N+1 | EXPLAIN ANALYZE, add index |
| CORS error | Missing headers | Configure CORS middleware |
| 401/403 | Token expired, wrong scope | Check auth flow |
| 500 error | Unhandled exception | Add try/catch, logging |
Debug Commands
# Python
python -m pdb script.py # Interactive debugger
python -c "import traceback; traceback.print_exc()"
# Node
node --inspect script.js # Chrome DevTools debug
DEBUG=* node script.js # Enable debug logging
# Go
dlv debug ./main.go # Delve debugger
GODEBUG=gctrace=1 ./app # GC tracing
# Logs
journalctl -u service -f # Follow systemd logs
kubectl logs -f pod-name # K8s pod logs
docker logs -f container # Docker logs
Architecture
Input: Business requirements, constraints, scale expectations
Output: System design document, architecture diagram description
Success: Meets requirements, scalable, maintainable
Architecture Decision Tree
SCALE?
ââ <1K users â Monolith + PostgreSQL
ââ 1K-100K â Modular monolith or simple microservices
ââ 100K-1M â Microservices + caching + CDN
ââ >1M â See references/scale.md
TEAM SIZE?
ââ 1-3 devs â Monolith (always)
ââ 4-10 devs â Modular monolith
ââ >10 devs â Consider microservices
LATENCY?
ââ <50ms â Edge computing, caching, CDN
ââ <200ms â Regional deployment
ââ <1s â Standard architecture
Architecture Patterns
| Pattern | When | Example |
|---|---|---|
| Monolith | Small team, MVP, <100K users | Django/Rails app |
| Modular Monolith | Growing team, clear domains | Bounded contexts in one deploy |
| Microservices | Large team, independent scaling | Service per domain |
| Serverless | Event-driven, variable load | Lambda + API Gateway |
| Event Sourcing | Audit requirements, complex state | Banking, inventory |
| CQRS | Read/write asymmetry | High-read dashboards |
System Design Template
## [System Name]
### Requirements
- Functional: [What it must do]
- Non-functional: [Performance, scale, availability]
- Constraints: [Budget, timeline, team skills]
### High-Level Design
- Components: [List services/modules]
- Data flow: [How data moves]
- Storage: [Database choices]
### API Contracts
- [Endpoint definitions]
### Data Model
- [Entity relationships]
### Failure Modes
- [What can go wrong + mitigations]
Infrastructure
Input: Application to deploy, environment requirements
Output: Deployed, monitored, scalable infrastructure
Success: 99.9%+ uptime, <5min deploy, automated rollback
Deployment Decision Tree
WHERE?
ââ Static site â Vercel/Netlify/Cloudflare Pages
ââ Container app â K8s/ECS/Cloud Run
ââ Serverless â Lambda/Cloud Functions
ââ VM needed â EC2/GCE/Droplet
ââ Edge compute â Cloudflare Workers/Lambda@Edge
CI/CD?
ââ GitHub â GitHub Actions
ââ GitLab â GitLab CI
ââ Self-hosted â Jenkins/Drone
ââ Simple â scripts/deploy.sh
Docker (Always Use Multi-Stage)
# Build stage
FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
RUN npm run build
# Production stage
FROM node:20-alpine
WORKDIR /app
RUN addgroup -g 1001 app && adduser -u 1001 -G app -s /bin/sh -D app
COPY /app/dist ./dist
COPY /app/node_modules ./node_modules
USER app
EXPOSE 3000
CMD ["node", "dist/index.js"]
Kubernetes Essentials
apiVersion: apps/v1
kind: Deployment
metadata:
name: app
spec:
replicas: 3
selector:
matchLabels:
app: app
template:
spec:
containers:
- name: app
image: app:v1.0.0 # NEVER use :latest
resources:
requests: { memory: "128Mi", cpu: "100m" }
limits: { memory: "256Mi", cpu: "500m" }
livenessProbe:
httpGet: { path: /health, port: 8080 }
initialDelaySeconds: 10
readinessProbe:
httpGet: { path: /ready, port: 8080 }
securityContext:
runAsNonRoot: true
readOnlyRootFilesystem: true
Security
Input: System to secure, compliance requirements
Output: Hardened system, security report
Success: Passes security scan, meets compliance
Security Checklist (ALWAYS)
| Area | Requirements |
|---|---|
| Auth | OAuth2/OIDC, JWT <15min expiry, bcrypt costâ¥12, rate limiting |
| Input | Validate ALL, parameterized queries, escape output, CSRF tokens |
| Transport | TLS 1.3, HSTS, cert pinning for mobile |
| Secrets | Env vars or secrets manager, NEVER in code/logs, rotate regularly |
OWASP Top 10 Quick Reference
| Vulnerability | Prevention |
|---|---|
| Injection | Parameterized queries, ORM |
| Broken Auth | MFA, session management |
| Sensitive Data | Encrypt at rest/transit |
| XXE | Disable external entities |
| Broken Access | RBAC, deny by default |
| Misconfig | Hardening, security headers |
| XSS | Output encoding, CSP |
| Deserialization | Don’t deserialize untrusted |
| Vulnerable Deps | npm audit, Dependabot |
| Logging | Centralized, tamper-proof |
Optimization
Input: Slow system, performance requirements
Output: Optimized system with metrics
Success: Meets latency/throughput targets
Performance Decision Tree
WHERE IS IT SLOW?
ââ Frontend
â ââ Initial load â Bundle size, code splitting
â ââ Runtime â React profiler, memoization
â ââ Network â Caching, CDN, compression
ââ API
â ââ Database â Query optimization, indexing
â ââ Compute â Algorithm, caching, async
â ââ Network â Connection pooling, keep-alive
ââ Infrastructure
ââ CPU bound â Horizontal scaling, optimize code
ââ Memory bound â Reduce allocations, streaming
ââ I/O bound â Async, batching, caching
Caching Strategy
| Data Type | Cache | TTL |
|---|---|---|
| Static assets | CDN | 1 year (versioned) |
| API responses | Redis | 1-60 min |
| Session data | Redis | Session length |
| DB queries | Application | 1-5 min |
Review Protocol
Input: Code to review (PR/MR link or diff)
Output: Actionable feedback
Success: Issues caught, knowledge shared
Review Checklist
| Category | Check |
|---|---|
| Correctness | Does what it claims? Edge cases? Error handling? |
| Security | Input validated? Auth correct? Secrets exposed? |
| Performance | N+1 queries? Memory leaks? Unnecessary compute? |
| Maintainability | Clear naming? Tests? Docs updated? |
Critical Rules
| ALWAYS | NEVER |
|---|---|
| Run linters before commit | Commit secrets to git |
| Write tests for new code | Use eval() or dynamic code |
| Use env vars for secrets | Trust user input |
| Log errors with context | Ignore security warnings |
| Handle all error paths | Deploy without testing |
| Use typed/strict mode | Use SELECT * on large tables |
| Pin dependency versions | Swallow exceptions silently |
References
references/languages.md– Language-specific patterns for 20+ languagesreferences/databases.md– SQL/NoSQL design, optimization, migrationsreferences/cloud.md– AWS/GCP/Azure architecture patternsreferences/testing.md– Test strategies, TDD, coveragereferences/scale.md– High-scale architecture patterns