lt-dev

Clean up and optimize backend code quality for NestJS / @lenne.tech/nest-server projects

OWASP security audit for dependencies, config, and code

Perform security review of code changes

Generate comprehensive tests for changes

Update @lenne.tech/nest-server with automated migration and validation

Generate and post a testing comment on a Linear issue

Create a bug report ticket for Linear

Create a user story for TDD implementation

Create a technical task ticket for Linear

Create a Linear ticket (Story, Task, or Bug) with guided workflow

Adversarial debugging with competing hypotheses using Agent Teams - multiple investigators challenge each other to find root cause (requires CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS=1)

Generate Docker setup for development and production

Migrate Nuxt env variables to NUXT_ prefix convention with automatic useRuntimeConfig() mapping

Extract design system from Figma (colors, spacing, radius, fonts, global components) and configure NuxtUI + Tailwind v4 theme

Discover Figma file structure and generate project-local config for figma-to-code

Implement Figma designs as Nuxt 4 pages using project-local config

Add a Code Conventions section to the project's CLAUDE.md with sensible defaults for Nuxt 4 / TailwindCSS projects

Sync fullstack project with latest nest-server-starter and nuxt-base-starter

Generate commit message with alternatives

Generate MR description and save to clipboard

Generate Merge Request description

Batch rebase multiple MRs/PRs onto dev (with conflict resolution, linting, testing, review, commit and force push)

Rebase current branch onto dev (with conflict resolution, linting, testing and review)

Deep-dive interview about an architecture plan or specification to uncover gaps and refine details

Dry-run npm package analysis without changes

Post-feature npm maintenance and dependency optimization

Pre-release npm maintenance - zero-risk patches only

Security-only npm updates for vulnerable packages

Full npm package maintenance via npm-package-maintainer agent

Verify plugin elements against best practices

Create plugin element (skill, command, agent, hook, script)

Refactor entire frontend app to match frontend-dev agent guidelines using parallel agent teams

Resolve a Linear ticket or story file with TDD-based implementation

Comprehensive code review with content validation, security, documentation, tests, backend, frontend, UX, a11y, and devops reviewers. Small diffs use single-pass agent; larger diffs spawn parallel domain specialists with cross-domain challenge.

Optimize and validate Claude skill files

Plan + Build in one go (no interruption)

Execute IMPLEMENTATION_PLAN.md completely

Create detailed implementation plan from SPEC.md

Autonomous HTML quality review agent for lenne.tech fullstack projects. Audits accessibility (ARIA labels, roles, keyboard navigation, focus management, color contrast, screen reader support), form autocomplete attributes (email, password, name, tel, address, OTP), semantic HTML (heading hierarchy, landmark elements, interactive elements), SEO essentials (useHead, OG tags, lang attribute, structured headings), and crawlability (SSR content, robots.txt, sitemap). Combines static code analysis with Lighthouse audit via Chrome DevTools MCP. Produces structured report with fulfillment grades per dimension.

Architecture planning agent for lenne.tech fullstack projects with strict stack enforcement. Analyzes codebase, designs features with exact file paths, data models (MongoDB), API contracts (REST), permission hierarchies (@Restricted/@Roles/securityCheck), frontend state (useState/composables), and phased build sequences. Enforces CrudService inheritance, generated SDK types, Valibot forms, Better Auth, programmatic modals, semantic colors, and TDD workflow. Produces actionable blueprints directly executable by frontend-dev and backend-dev agents.

Autonomous backend development agent for NestJS / @lenne.tech/nest-server with strict security enforcement. Creates modules, services, controllers, models, DTOs with mandatory @Restricted/@Roles decorators, securityCheck() on every model, CrudService inheritance, alphabetical properties, and consistent bilingual descriptions. Enforces zero implicit any, options object pattern, least-privilege testing, and OWASP-aligned security. Operates in projects/api/ or packages/api/ monorepo structures.

Autonomous backend code review agent for NestJS / @lenne.tech/nest-server. Analyzes security decorators, CrudService patterns, model rules, controller conventions, input validation, service patterns, type strictness, and test coverage. Produces structured report with fulfillment grades per dimension. Enforces backend-dev agent guidelines as review baseline.

Autonomous agent for rebasing feature branches onto the development branch. Handles conflict resolution, Linear ticket analysis, code optimization, linting (oxfmt/oxlint), testing, and code review.

Autonomous single-pass code review agent for lenne.tech fullstack projects. Analyzes changes against 6 quality dimensions (content, security, code quality, tests, documentation, formatting). Produces structured report with fulfillment grades and remediation catalog. For parallel multi-reviewer reviews, use the /lt-dev:review command instead.

Autonomous DevOps code review agent for lenne.tech fullstack projects. Audits Docker configurations (multi-stage builds, non-root containers, health checks, pinned images), docker-compose setups (dev/production separation, volume mounts, port conventions), CI/CD pipelines (stage order, security gates, caching), environment management (.env isolation, secret handling, database naming), and .dockerignore completeness. Produces structured report with severity-classified findings.

Autonomous DevOps agent for lenne.tech fullstack projects with strict infrastructure enforcement. Manages Docker configurations (multi-stage builds, non-root containers, health checks), docker-compose setups (dev hot-reload, production hardening), CI/CD pipelines (lint/build/test/security/deploy), environment management (.env isolation, secret injection), and monitoring. Enforces pinned base images, layer caching, volume-based node_modules, port conventions (API 3000, App 3001, MongoDB 27017), lt CLI integration, and OWASP-aligned infrastructure security. Produces reproducible, secure, minimal configurations.

Autonomous documentation review agent for lenne.tech fullstack projects. Validates README completeness for new features, JSDoc/interface documentation, migration guide existence for breaking changes or new config options, INTEGRATION-CHECKLIST updates, inline comments for complex logic, and configuration documentation. Produces structured report with fulfillment grades per dimension.

Autonomous frontend development agent for Nuxt 4 / Vue applications with strict TypeScript enforcement. Builds components, pages, composables, forms (Valibot), layouts, and integrates APIs via generated types (types.gen.ts, sdk.gen.ts). Enforces zero implicit any, readonly state returns, semantic colors, programmatic modals, and SSR-safe patterns. Operates in projects/app/ or packages/app/ monorepo structures.

Autonomous frontend code review agent for Nuxt 4 / Vue applications. Analyzes component structure, TypeScript strictness, composable patterns, accessibility, SSR safety, performance, and styling conventions. Produces structured report with fulfillment grades per dimension. Enforces frontend-dev agent guidelines as review baseline.

Autonomous agent for updating a lenne.tech fullstack project. Synchronizes backend and frontend with latest nest-server-starter and nuxt-base-starter. Analyzes version drift, generates update plan with user approval, coordinates backend (nest-server-updater) and frontend updates, validates across subprojects.

Autonomous agent for updating @lenne.tech/nest-server to the latest version. Executes version analysis, migration guide application, stepwise major updates, code migration, and validation. Works fully automated.

Specialized agent for maintaining, updating, and auditing npm packages. Use when performing package maintenance, security audits, dependency optimization, or before/after releases.

Autonomous OWASP-aligned security review agent for lenne.tech fullstack projects. Audits 3-layer permission model (@Restricted/@Roles/securityCheck), injection vectors (NoSQL, command, path traversal), XSS (v-html, innerHTML, eval), CSRF (SameSite cookies, CORS), auth patterns (Better Auth, JWT, httpOnly cookies), input validation (class-validator, Valibot), dependency CVEs (npm audit), Docker security, and environment secrets. Produces structured report with severity classification and before/after remediation code.

Autonomous test quality review agent for lenne.tech fullstack projects. Analyzes test coverage gaps, test quality (assertions, edge cases, error paths), test isolation (parallel-safe data, cleanup), API-first testing patterns (REST/GraphQL via TestHelper, never direct Service/DB), permission testing (least-privilege users, @Restricted/@Roles verification), and test naming conventions. Produces structured report with fulfillment grades per dimension.

Autonomous UX pattern review agent for lenne.tech fullstack projects. Analyzes state handling (Loading/Empty/Error), user feedback (Toast consistency, German messages), navigation patterns (Breadcrumbs, Back-navigation, Dead Ends), form UX (live validation, disable during submit, success feedback), destructive action safety (confirm dialogs, red buttons), optimistic UI (loading indicators on all async actions), cross-page consistency (icon usage, button order, action patterns), error recovery (retry buttons, timeout handling), responsive behavior (table→card, touch targets, menu collapse), skeleton loading, keyboard navigation, pagination patterns, and onboarding empty states. Produces structured report with fulfillment grades per dimension.

Orchestrates Test-Driven Development (TDD) workflows for user stories and features. Creates story tests first in tests/stories/, then iteratively implements until all pass. Invoke directly when a developer requests "TDD", "test-driven", "test first", "story test", "write tests before code", or feature implementation with TDD. Coordinates with generating-nest-servers (backend) and developing-lt-frontend (frontend). NOT for direct NestJS coding without TDD (use generating-nest-servers). NOT for standalone test generation (use /test-generate).

Provides auto-detection heuristics, coordination patterns, and worktree isolation guidance for parallel Claude Code operations. Covers Agent Teams (independent sessions with messaging) and parallel subagent spawning (Agent tool with isolation worktree). Activates when user mentions "agent team", "parallel review", "parallel agents", "team debug", "parallel worktrees", "batch rebase", "parallel backend frontend", "implement in parallel", or when commands evaluate team suitability via CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS. Also activates when spawning multiple file-modifying subagents concurrently. NOT for single sequential subagent invocations.

Develops, optimizes, and validates Claude Code plugins, skills (SKILL.md), commands, agents, hooks (hooks.json), and scripts. Ensures consistency with official best practices. Activates when creating, editing, or reviewing files in plugins/ directory, .claude-plugin/, plugin.json, permissions.json, or marketplace.json. Covers YAML frontmatter, element structure, cross-references, naming conventions, and plugin manifest validation. NOT for application development (use domain-specific skills).

Handles ALL Nuxt 4 and Vue frontend development tasks including composables, forms (Valibot), API integration (types.gen.ts, sdk.gen.ts), authentication (Better Auth), SSR, and Playwright E2E testing. Supports monorepos (projects/app/, packages/app/). Activates when working with .vue files, nuxt.config.ts, Nuxt UI, TailwindCSS, or files in app/components/, app/composables/, app/pages/, app/interfaces/, app/layouts/. NOT for NestJS backend (use generating-nest-servers). NOT for security theory (use general-frontend-security).

Framework-agnostic frontend security guide based on OWASP Secure Coding Practices. Covers XSS prevention, CSRF protection, Content Security Policy (CSP), secure cookie configuration, client-side authentication patterns, input validation, secure storage, and security headers. Activates for security audits, vulnerability reviews, XSS, CSRF, CSP, injection, security headers, or browser security questions in any web application. NOT for backend/NestJS security (use generating-nest-servers). NOT for Nuxt-specific implementation (use developing-lt-frontend).

Handles ALL NestJS and @lenne.tech/nest-server development tasks including module creation, service implementation, controller/resolver development, model definition, and debugging. Covers lt server commands, @Roles/@Restricted security, CrudService patterns, and API tests. Supports monorepos (projects/api/, packages/api/). Activates when working with src/server/ files, NestJS modules, services, controllers, resolvers, models, DTOs, guards, decorators, or REST/GraphQL endpoints. NOT for Vue/Nuxt frontend (use developing-lt-frontend). NOT for nest-server version updates (use nest-server-updating). NOT for TDD workflow orchestration (use building-stories-with-tdd).

Analyzes and optimizes npm package dependencies across 5 maintenance modes: FULL (update all), DRY-RUN (analysis only), SECURITY-ONLY (urgent CVE fixes), PRE-RELEASE (conservative patch-only), POST-FEATURE (cleanup after development). Activates when user mentions "update packages", "pnpm audit", "npm audit", "check dependencies", "security fix", "outdated dependencies", "deprecated packages", "devDependencies", "pre-release cleanup", "post-feature housekeeping", "remove unused packages", or package.json optimization. NOT for @lenne.tech/nest-server version updates (use nest-server-updating).

Provides migration guides, release notes, and error solutions for updating @lenne.tech/nest-server to a newer version. Covers version-specific breaking changes, stepwise upgrade strategies, and starter project comparisons. Activates for nest-server version updates, upgrades, migrations, breaking changes between versions, "pnpm run update", TypeScript errors after upgrading, or stepwise migration planning. Delegates execution to the lt-dev:nest-server-updater agent. NOT for writing NestJS code or building features (use generating-nest-servers). NOT for general npm package updates (use maintaining-npm-packages).

Guides rebase workflows for updating feature branches onto the current development branch (dev/develop). Handles conflict resolution with priority ordering, extracts Linear ticket context from branch names for smarter conflict decisions, performs post-rebase optimization, and uses force-push-with-lease for safety. Activates when user mentions "rebase", "branch aktualisieren", "dev stand", "feature branch updaten", "merge conflicts", "rebase MRs", "force push", or "git rebase". NOT for merge request descriptions (use git:mr-description). NOT for general git operations.

Provides reference for the lenne.tech CLI tool (lt command). Covers lt fullstack init (workspace creation with local template symlinks), lt git get/reset (branch management), and lt server create (project scaffolding). Activates when user mentions "lt", "lt CLI", "lenne.tech CLI", "lt fullstack", "lt git", "fullstack workspace", "local templates", "--api-link", "--frontend-link", or any lt command syntax. NOT for NestJS module/object/property creation (use generating-nest-servers). NOT for Vue/Nuxt frontend code (use developing-lt-frontend).

11 hooks across 3 events