Reviews ADVPL/TLPP code on TOTVS Protheus for best practices, performance bottlenecks, security vulnerabilities, and modernization opportunities.
From advpl-specialistnpx claudepluginhub thalysjuvenal/advpl-specialist --plugin advpl-specialistThis skill uses the workspace's default tool permissions.
rules-best-practices.mdrules-modernization.mdrules-performance.mdrules-security.mdProvides UI/UX resources: 50+ styles, color palettes, font pairings, guidelines, charts for web/mobile across React, Next.js, Vue, Svelte, Tailwind, React Native, Flutter. Aids planning, building, reviewing interfaces.
Fetches up-to-date documentation from Context7 for libraries and frameworks like React, Next.js, Prisma. Use for setup questions, API references, and code examples.
Fetches up-to-date documentation from Context7 for libraries and frameworks like React, Next.js, Prisma. Use for setup questions, API references, and code examples.
Systematic code review methodology for ADVPL/TLPP on TOTVS Protheus. This skill provides structured rules to identify issues related to best practices, performance bottlenecks, security vulnerabilities, and modernization opportunities in existing codebases.
| Category | File | Focus | Severity Range |
|---|---|---|---|
| Best Practices | rules-best-practices.md | RecLock/MsUnlock pairing, variable scope, area management, error handling, documentation | CRITICAL - INFO |
| Performance | rules-performance.md | Embedded SQL optimization, loop efficiency, string operations, index usage | CRITICAL - INFO |
| Security | rules-security.md | SQL injection, input validation, credential exposure, sensitive data logging | CRITICAL - WARNING |
| Modernization | rules-modernization.md | TLPP migration, namespace usage, OOP patterns, modern UI frameworks | INFO |
Each finding must include:
[RULE-ID] SEVERITY: Brief description
File: filename.prw (line XX)
Issue: What was found
Fix: How to correct it
| Level | Meaning | Action Required |
|---|---|---|
| CRITICAL | Data corruption, security breach, or system failure risk | Must fix before deploy |
| WARNING | Performance degradation, maintenance burden, or potential bugs | Should fix in current sprint |
| INFO | Improvement opportunity, style suggestion, or modernization hint | Fix when touching the code |
Protheus.ch vs TOTVS.CH), missing documentation headersLocal preferred), naming conventions (Hungarian notation)RecLock/MsUnlock pairing, GetArea/RestArea usage, error handling around DB opsSELECT *, proper macro usage (%exp:, %table:, %notDel%), index alignment| Prefix | Category | Example |
|---|---|---|
BP | Best Practices | [BP-001] RecLock without MsUnlock, [BP-008] Reserved system variables |
PERF | Performance | [PERF-001] SELECT * in Embedded SQL |
SEC | Security | [SEC-001] SQL injection, [SEC-005] Restricted TOTVS functions |
MOD | Modernization | [MOD-001] .prw class candidate for .tlpp |
rules-best-practices.md - Best practice rules with detection patterns and code examplesrules-performance.md - Performance rules with detection patterns and code examplesrules-security.md - Security rules with detection patterns and code examplesrules-modernization.md - Modernization rules with detection patterns and code examples