npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

devflow-kit

v0.9.0

Published

Agentic Development Toolkit for Claude Code - Enhance AI-assisted development with intelligent commands and workflows

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

dean0xdean0x

Keywords

claudeclaude-codeaidevelopmenttoolkitdevflowclideveloper-tools

Readme

DevFlow - Agentic Development Toolkit

A comprehensive collection of Claude Code commands and configurations designed to enhance developer workflows when working with AI coding assistants.

Installation

# Run with npx (recommended - no global install needed)
npx devflow-kit init

Installation Scopes

DevFlow supports two installation scopes:

User Scope (Default) - Install for all projects

npx devflow-kit init --scope user
# Or interactively: npx devflow-kit init (prompts for scope)
  • Installs to ~/.claude/ and ~/.devflow/
  • Available across all projects
  • Recommended for personal use

Local Scope - Install for current project only

npx devflow-kit init --scope local
  • Installs to <git-root>/.claude/ and <git-root>/.devflow/
  • Only available in the current project
  • Recommended for team projects where DevFlow should be project-specific
  • Requires a git repository (run git init first)
  • Add .claude/ and .devflow/ to .gitignore (done automatically)

That's it! DevFlow is now installed and ready to use in Claude Code.

What's Included

🎯 Skills (Auto-Activate)

Skills are model-invoked - Claude automatically activates them based on context, enforcing quality without manual invocation.

| Skill | Purpose | Auto-Triggers When | |-------|---------|---------------------| | pattern-check | Architectural pattern validation (Result types, DI, immutability) | Code changes are made, new functions added | | test-design | Test quality enforcement (setup complexity, mocking, behavior vs implementation) | Tests are written or modified | | code-smell | Anti-pattern detection (fake solutions, unlabeled workarounds, magic values) | Features are implemented, code is reviewed | | research | Pre-implementation planning, documentation study, integration strategy | Unfamiliar features requested, architectural decisions needed | | debug | Systematic debugging with hypothesis testing and root cause analysis | Errors occur, tests fail, performance issues detected | | input-validation | Boundary validation enforcement (parse-don't-validate, SQL injection prevention) | API endpoints created, external data handled | | error-handling | Result type consistency and exception boundary enforcement | Error handling code written, functions that can fail |

How Skills Work:

  • Proactive enforcement - Catch issues during implementation, not after
  • No manual invocation - Model decides when skills are relevant
  • Quality gates - Block anti-patterns automatically
  • Context-aware - Activate based on what you're doing

IMPORTANT: Skills are automatically activated by Claude based on context. They cannot be manually invoked like slash commands.

Dual-Mode Pattern: The debug skill also exists as a slash command (/debug) for manual control:

  • Skill mode (auto): Activates when Claude detects errors or failures
  • Command mode (manual): Use /debug when you want explicit control over the debugging workflow

This gives you the best of both worlds: automatic assistance when needed, manual control when preferred.

📊 Slash Commands (User-Invoked)

| Command | Purpose | When to Use | |---------|---------|-------------| | /catch-up | Smart summaries for starting new sessions with status validation | Starting a session | | /brainstorm | Explore design decisions and architectural approaches | Before implementation, evaluating options | | /design | Create detailed implementation plan with integration points | After brainstorming, ready for detailed design | | /plan | Triage issues - implement now, defer to GitHub issue, or skip | After code-review or discussion, deciding what to tackle | | /breakdown | Quickly break down discussion into actionable tasks | After planning discussion, quick task capture | | /get-issue | Fetch GitHub issue details and create working branch | Starting work on a GitHub issue | | /implement | Streamlined todo implementation, only stopping for design decisions | After planning, ready to implement todos | | /debug | Systematic debugging workflow with hypothesis testing | When errors occur, tests fail, or investigating issues | | /code-review | Comprehensive code review using specialized sub-agents | Before committing or creating PR | | /commit | Intelligent atomic commit creation with safety checks | When ready to commit | | /pull-request | Create PR with comprehensive analysis and smart description | After commits, ready to create PR | | /resolve-comments | Systematically address PR review feedback | After PR feedback, need to resolve comments | | /release | Automated release workflow with version management and publishing | Creating a new release | | /devlog | Development log for comprehensive session documentation | Ending a session |

🤖 Sub-Agents

| Sub-Agent | Specialty | Purpose | |-----------|-----------|---------| | audit-security | Security Analysis | Expert vulnerability detection and security code review | | audit-performance | Performance | Optimization and bottleneck detection | | audit-architecture | Architecture | Design pattern analysis and code structure review | | audit-tests | Testing | Test quality, coverage, and effectiveness analysis (surgical execution) | | audit-complexity | Complexity | Code complexity and maintainability assessment | | audit-dependencies | Dependencies | Dependency management and security analysis | | audit-database | Database | Database design and optimization review | | audit-documentation | Documentation | Docs-code alignment, API accuracy, comment quality | | audit-typescript | TypeScript | Type safety enforcement and TypeScript code quality | | brainstorm | Design Decisions | Explore architectural approaches and evaluate trade-offs | | design | Implementation Planning | Detailed implementation design with integration points and edge cases | | catch-up | Context Restoration | Project status and context restoration with validation | | commit | Git Operations | Intelligent commit creation with safety checks | | get-issue | GitHub Issues | Fetch issue details and create working branches | | pull-request | PR Creation | Analyze commits/changes and generate comprehensive PR descriptions | | release | Release Automation | Project-agnostic release workflow with version management | | debug | Debugging | Systematic debugging with hypothesis testing and issue tracking |

How Sub-Agents Work:

  • Specialized AI assistants with deep expertise in specific domains
  • Separate context windows for focused analysis
  • Can be invoked explicitly or automatically by orchestrator commands
  • Restricted tool access appropriate to their domain

Invoking Sub-Agents:

# Explicit invocation
"Use the audit-security sub-agent to analyze this authentication code"

# Automatic delegation (Claude Code decides which sub-agent to use)
"Review this code for security issues"

📊 Smart Statusline

Real-time project context display showing:

  • Current model and session duration
  • Git branch and uncommitted changes indicator
  • Session cost tracking
  • Project context
  • Zero configuration - works immediately after installation

🔒 Security & Token Optimization

DevFlow automatically creates a comprehensive .claudeignore file at your git repository root to:

Protect Sensitive Data:

  • Environment files (.env, .env.*, .envrc)
  • Credentials & keys (*.key, *.pem, SSH keys)
  • Cloud configs (.aws/, .gcp/, .azure/)
  • Package tokens (.npmrc, .pypirc)
  • Database files (*.sql, *.db)

Optimize Token Usage:

  • Dependencies (node_modules/, vendor/, venv/)
  • Build artifacts (dist/, build/, .next/)
  • IDE files (.vscode/, .idea/)
  • Lock files (package-lock.json, yarn.lock)
  • Media and binaries

Covers patterns for all major languages and operating systems.

Documentation Structure

DevFlow agents automatically create and maintain project documentation in the .docs/ directory with a consistent, predictable structure.

Directory Layout

.docs/
├── audits/{branch-slug}/       # Code review reports per branch
│   ├── {type}-report-{timestamp}.md
│   └── review-summary-{timestamp}.md
├── brainstorm/                 # Design explorations
│   └── {topic-slug}-{timestamp}.md
├── design/                     # Implementation plans
│   └── {topic-slug}-{timestamp}.md
├── debug/                      # Debug sessions
│   ├── debug-{timestamp}.md
│   └── KNOWLEDGE_BASE.md
├── releases/                   # Release notes
│   └── RELEASE_NOTES_v{version}.md
├── status/                     # Development logs
│   ├── {timestamp}.md
│   ├── compact/{timestamp}.md
│   └── INDEX.md
└── CATCH_UP.md                 # Latest summary

Naming Conventions

Timestamps: YYYY-MM-DD_HHMM (sortable, chronological)

  • Example: 2025-11-14_2030

Branch slugs: Sanitized branch names (slashes replaced with dashes)

  • feature/authfeature-auth

Topic slugs: Lowercase, alphanumeric with dashes

  • "JWT Authentication"jwt-authentication

What Gets Created

  • /catch-up.docs/CATCH_UP.md (overwritten each run)
  • /devlog.docs/status/{timestamp}.md + compact version + INDEX
  • /debug.docs/debug/debug-{timestamp}.md + KNOWLEDGE_BASE
  • /brainstorm.docs/brainstorm/{topic}-{timestamp}.md
  • /design.docs/design/{topic}-{timestamp}.md
  • /code-review.docs/audits/{branch}/ (9 audit reports + summary)
  • /release.docs/releases/RELEASE_NOTES_v{version}.md

Version Control

Recommended .gitignore:

# Exclude ephemeral catch-up summaries
.docs/CATCH_UP.md

# Optional: Exclude debug sessions (team preference)
.docs/debug/

# Keep everything else for project history

The .docs/ structure provides a searchable history of decisions, designs, and debugging sessions.

Development Workflow

Starting a Session

  1. /catch-up - Review what was done previously
  2. Check statusline for current model, git state, duration
  3. Review recommended next actions

During Development

  1. Skills auto-activate - research skill triggers for unfamiliar features, pattern-check validates architecture
  2. Plan your work - /plan to triage issues, or /breakdown for quick task capture
  3. Implement efficiently - /implement flows through todos automatically
  4. Code with confidence - Skills catch anti-patterns and violations during implementation
  5. /code-review - Review changes before committing
  6. /commit - Create intelligent atomic commits

Creating Pull Requests

  1. /code-review - Comprehensive branch review
  2. /commit - Final commits with validation
  3. /pull-request - Create PR with smart description
  4. Wait for review feedback
  5. /resolve-comments - Address feedback systematically
  6. Repeat steps 4-5 until approved

Ending a Session

  1. /devlog - Document decisions and state
  2. /code-review - Review branch before creating PR
  3. /commit - Final commits with validation
  4. /pull-request - Create PR if ready

Creating a Release

  1. /code-review - Comprehensive branch review
  2. /release - Automated release workflow
    • Detects project type (Node.js, Rust, Python, Go, etc.)
    • Analyzes commits and suggests version bump
    • Generates changelog from git history
    • Builds and tests before publishing
    • Creates git tags and platform releases
  3. Verify package in registry

When Things Go Wrong

  1. Skills auto-activate - debug skill triggers on errors/failures with systematic approach
  2. Check git log and recent commits
  3. Revert changes using git
  4. Document lessons learned in .docs/debug/

CLI Commands

| Command | Purpose | Options | |---------|---------|---------| | npx devflow-kit init | Initialize DevFlow for Claude Code | --scope <user\|local> - Installation scope (user: user-wide, local: project-only)--verbose - Show detailed installation output--skip-docs - Skip creating .docs/ structure | | npx devflow-kit uninstall | Remove DevFlow from Claude Code | --scope <user\|local> - Uninstall from specific scope only (default: auto-detect all)--keep-docs - Keep .docs/ directory |

What npx devflow-kit init does:

User Scope (default):

  • Installs commands to ~/.claude/commands/devflow/
  • Installs sub-agents to ~/.claude/agents/devflow/
  • Installs skills to ~/.claude/skills/
  • Installs scripts to ~/.devflow/scripts/
  • Updates ~/.claude/settings.json (statusline and model)
  • Creates .claudeignore at git repository root
  • Creates .docs/ structure for project documentation

Local Scope (--scope local):

  • Installs commands to <git-root>/.claude/commands/devflow/
  • Installs sub-agents to <git-root>/.claude/agents/devflow/
  • Installs skills to <git-root>/.claude/skills/
  • Installs scripts to <git-root>/.devflow/scripts/
  • Creates <git-root>/.claude/settings.json (statusline and model)
  • Creates .claudeignore at git repository root
  • Creates .docs/ structure for project documentation
  • Adds .claude/ and .devflow/ to .gitignore

First Run:

devflow init
/devlog      # Document your current project state
/catch-up    # Get oriented with the project

Advanced Usage

Custom Audit Rules

# Extend sub-agents for project-specific patterns
echo "Check for exposed API keys in config files" >> ~/.claude/agents/devflow/audit-security.md

Team Usage

# Share session documentation with team
/devlog
git add .docs/status/
git commit -m "Session status: completed user auth feature"

Integration Examples

# Skills auto-activate during development
"Add JWT authentication"  # research skill triggers for unfamiliar features
"Fix this error"          # debug skill activates and guides systematic approach

# Manual command invocation for structured workflows
/brainstorm user authentication  # Explore architectural approaches
/design JWT token system         # Create detailed implementation plan
/code-review                     # Review changes before committing
/commit                          # Create atomic commits
/release                         # Automated release workflow

Philosophy

Modern development increasingly involves AI agents that can read, write, and modify code autonomously. DevFlow provides:

  • Trust but Verify - Tools to catch AI agent mistakes
  • Context Preservation - Memory across long-term projects
  • Quality Gates - Automated checks for AI changes
  • Developer Empowerment - Enhance human judgment, not replace it

Building from Source

# Clone and build
git clone https://github.com/dean0x/devflow.git
cd devflow
npm install
npm run build

# Test locally
node dist/cli.js init

# Watch mode for development
npm run dev

Project Structure:

src/
├── cli/                   # CLI source code (TypeScript)
│   ├── commands/           # init.ts, uninstall.ts
│   └── cli.ts             # CLI entry point
└── claude/                # Claude Code configuration
    ├── agents/devflow/     # Sub-agent definitions (.md)
    ├── commands/devflow/   # Slash command definitions (.md)
    ├── skills/devflow/     # Skill source (installed flat to ~/.claude/skills/)
    ├── scripts/            # statusline.sh
    └── settings.json       # Claude Code settings

Support

  • Check installed command documentation
  • Review .docs/status/ for recent sessions
  • Skills auto-activate for systematic troubleshooting
  • Report issues at https://github.com/dean0x/devflow/issues

License

MIT