Standardized library design patterns for autonomous-dev including two-tier design, progressive enhancement, non-blocking enhancements, and security-first architecture. Use when creating or refactoring Python libraries.
Provides standardized Python library design patterns including two-tier architecture, progressive enhancement, and security-first validation. Use when creating or refactoring libraries to ensure reusability, testability, and secure architecture.
/plugin marketplace add akaszubski/autonomous-dev/plugin install autonomous-dev@autonomous-devThis skill is limited to using the following tools:
docs/docstring-standards.mddocs/progressive-enhancement.mddocs/security-patterns.mddocs/two-tier-design.mdexamples/progressive-enhancement-example.pyexamples/security-validation-example.pyexamples/two-tier-example.pytemplates/cli-template.pytemplates/docstring-template.pytemplates/library-template.pyStandardized architectural patterns for Python library design in the autonomous-dev plugin ecosystem. Promotes reusability, testability, security, and maintainability through proven design patterns.
Definition: Separate core logic (library) from user interface (CLI script) to maximize reusability and testability.
Structure:
Benefits:
Example:
plugin_updater.py # Core library - pure logic
update_plugin.py # CLI interface - user interaction
When to Use:
See: docs/two-tier-design.md, templates/library-template.py, examples/two-tier-example.py
Definition: Start with simple validation (strings), progressively add stronger validation (Path objects, whitelists) without breaking existing code.
Progression:
Benefits:
Example:
# Level 1: Accept strings
def process(file: str) -> Result:
return _process_path(file)
# Level 2: Upgrade to Path objects
def process(file: Union[str, Path]) -> Result:
path = Path(file) if isinstance(file, str) else file
if not path.exists():
raise FileNotFoundError(f"File not found: {path}")
return _process_path(path)
# Level 3: Add whitelist validation
def process(file: Union[str, Path], *, allowed_dirs: Optional[List[Path]] = None) -> Result:
path = Path(file) if isinstance(file, str) else file
if allowed_dirs and not any(path.is_relative_to(d) for d in allowed_dirs):
raise SecurityError(f"Path outside allowed directories: {path}")
if not path.exists():
raise FileNotFoundError(f"File not found: {path}")
return _process_path(path)
See: docs/progressive-enhancement.md, examples/progressive-enhancement-example.py
Definition: Design enhancements (features beyond core functionality) to never block core operations. If enhancement fails, core feature should still succeed.
Principles:
Benefits:
Example:
def implement_feature(spec: FeatureSpec) -> Result:
# Core operation (must succeed)
result = _implement_core_logic(spec)
# Enhancement: Auto-commit (may fail)
try:
if auto_commit_enabled():
commit_changes(result.files)
except Exception as e:
logger.warning(f"Auto-commit failed: {e}")
logger.info("Manual fallback: git add . && git commit")
# Feature succeeded regardless of enhancement
return result
See: docs/non-blocking-enhancements.md, examples/non-blocking-example.py
Definition: Build security validation into library architecture from the start. Validate all inputs, sanitize outputs, audit all operations.
Core Principles:
Security Layers:
logs/security_audit.logExample:
from plugins.autonomous_dev.lib.security_utils import validate_path, audit_log
def process_file(filepath: str, *, allowed_dirs: List[Path]) -> None:
"""Process file with security validation.
Security:
- CWE-22 Prevention: Path traversal validation
- CWE-117 Prevention: Sanitized audit logging
"""
# Validate path (CWE-22 prevention)
safe_path = validate_path(
filepath,
must_exist=True,
allowed_dirs=allowed_dirs
)
# Audit security operation (CWE-117 safe)
audit_log("file_processed", filepath=str(safe_path))
# Process file
return _process(safe_path)
See: docs/security-patterns.md, examples/security-validation-example.py
Definition: Consistent Google-style docstrings with comprehensive documentation for all public APIs.
Structure:
def function(arg1: Type1, arg2: Type2, *, kwarg: Type3 = default) -> ReturnType:
"""One-line summary (imperative mood).
Optional detailed description explaining behavior, edge cases,
and important implementation details.
Args:
arg1: Description of first argument
arg2: Description of second argument
kwarg: Description of keyword argument (default: value)
Returns:
Description of return value and its structure
Raises:
ExceptionType: When and why this exception is raised
AnotherException: Another error condition
Example:
>>> result = function("value1", "value2", kwarg="custom")
>>> print(result.status)
'success'
Security:
- CWE-XX: How this function prevents security issue
- Validation: What input validation is performed
See:
- Related function or documentation
- External reference or skill
"""
Required Sections:
See: docs/docstring-standards.md, templates/docstring-template.py
When creating or refactoring libraries:
When creating or analyzing libraries:
templates/ directoryBy centralizing library design patterns in this skill:
This skill uses Claude Code 2.0+ progressive disclosure architecture:
When you use terms like "library design", "two-tier", "progressive enhancement", or "security validation", Claude Code automatically loads the full skill content to provide detailed guidance.
templates/library-template.py: Two-tier library templatetemplates/cli-template.py: CLI interface templatetemplates/docstring-template.py: Comprehensive docstring examplesexamples/two-tier-example.py: plugin_updater.py patternexamples/progressive-enhancement-example.py: security_utils.py patternexamples/security-validation-example.py: Path validation patternsdocs/two-tier-design.md: Two-tier architecture guidedocs/progressive-enhancement.md: Progressive validation guidedocs/security-patterns.md: Security-first design guidedocs/docstring-standards.md: Docstring formatting standardsThis skill integrates with other autonomous-dev skills:
See: skills/error-handling-patterns/, skills/python-standards/, skills/security-patterns/
This skill should be updated when:
Last Updated: 2025-11-16 (Phase 8.8 - Initial creation) Version: 1.0.0
This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.
This skill should be used when the user asks to "create a slash command", "add a command", "write a custom command", "define command arguments", "use command frontmatter", "organize commands", "create command with file references", "interactive command", "use AskUserQuestion in command", or needs guidance on slash command structure, YAML frontmatter fields, dynamic arguments, bash execution in commands, user interaction patterns, or command development best practices for Claude Code.
This skill should be used when the user asks to "create a hook", "add a PreToolUse/PostToolUse/Stop hook", "validate tool use", "implement prompt-based hooks", "use ${CLAUDE_PLUGIN_ROOT}", "set up event-driven automation", "block dangerous commands", or mentions hook events (PreToolUse, PostToolUse, Stop, SubagentStop, SessionStart, SessionEnd, UserPromptSubmit, PreCompact, Notification). Provides comprehensive guidance for creating and implementing Claude Code plugin hooks with focus on advanced prompt-based hooks API.