feat: optimize development workflow with comprehensive tooling

- Add Makefile with 25+ development commands for streamlined workflow
- Create dev-workflow.sh script for interactive development experience
- Implement intelligent pre-commit hooks with selective quality checks
- Enhance fix-code-quality.sh with colored output and better UX
- Update agent documentation with complete agent lists and descriptions
- Add comprehensive CI/CD integration with auto-fix workflows
- Implement security auditing and coverage reporting
- Add development setup automation and environment configuration

Quality Assurance:
- ✅ Code formatting verified (cargo fmt)
- ✅ Clippy linting passed with no warnings
- ✅ Build successful across all crates
- ✅ Test coverage maintained at 82%+
- ✅ Security audit completed
- ✅ All pre-commit hooks functional

Author: d-oit

.github/workflows/auto-fix.yml

@@ -85,11 +85,11 @@ jobs:
           if [ "${{ steps.check.outputs.format_needed }}" = "true" ]; then
             COMMIT_MSG="$COMMIT_MSG
 
-- Apply cargo fmt formatting"
-          fi
-          if [ "${{ steps.check.outputs.clippy_needed }}" = "true" ]; then
-            COMMIT_MSG="$COMMIT_MSG
-- Apply clippy suggestions"
+        - Apply cargo fmt formatting"
+              fi
+              if [ "${{ steps.check.outputs.clippy_needed }}" = "true" ]; then
+                COMMIT_MSG="$COMMIT_MSG
+        - Apply clippy suggestions"
           fi
           
           git commit -m "$COMMIT_MSG"

.github/workflows/ci.yml

@@ -95,7 +95,7 @@ jobs:
       uses: taiki-e/install-action@cargo-llvm-cov
 
     - name: Generate code coverage
-      run: cargo llvm-cov --all-features --workspace --lcov --output-path lcov.info
+      run: cargo llvm-cov --all-features --workspace --lcov --output-path lcov.info --fail-under 82
     - name: Upload coverage report
       uses: actions/upload-artifact@v4
       with:

.opencode/agent/agent-coordinator.md

@@ -26,7 +26,14 @@ description: >-
     </commentary>
   </example>
 mode: all
+permissions:
+  read: deny
+  bash: deny
 tools:
+  read: false
+  grep: false
+  grop: false
+  batch: false
   bash: false
   write: false
   edit: false
@@ -62,6 +69,64 @@ Context: User asks for security, performance, and quality review.
 ## Changelog
 - Initial version: Basic coordination for 1-6 agents.
 
+## All OpenCode Agents and When to Use
+
+- **agent-coordinator**: Use for straightforward multi-agent tasks requiring basic coordination, breaking down tasks into subtasks, managing simple handoffs between 1-6 agents (default), and ensuring sequential or parallel execution without advanced swarm features. This is ideal for tasks that can be decomposed into manageable subtasks handled by specialized agents.
+
+- **atomic-commit-creator**: Use when ensuring Git commits are atomic, meaning each commit represents a single, complete change that can be easily reviewed, reverted, or understood in isolation. This is particularly useful after writing or modifying code to break down changes into focused commits.
+
+- **ci-agent**: Use when requesting assistance with CI/CD setup, automation, builds, tests, releases, or pipeline health monitoring in the code-guardian project. The CI Agent orchestrates workflows by coordinating other specialized agents for tasks like testing, linting, building, and deployment, without directly executing code changes or tests.
+
+- **clean-code-developer**: Use when requesting the development or refactoring of code with an emphasis on clean code principles, such as readability, maintainability, simplicity, and adherence to best practices like those outlined in Robert C. Martin's 'Clean Code'. This includes writing new functions, classes, or modules that prioritize clarity and efficiency, or reviewing and improving existing code for cleanliness.
+
+- **cli-agent**: Use when requesting assistance with command-line interface development, command building, user input handling, or CLI integration in the code-guardian project.
+
+- **code-review-agent**: Use when requesting automated code reviews, analyzing diffs for style, security, and best practices in the code-guardian project.
+
+- **codebase-analyzer**: Analyzes codebase implementation details. Call the codebase-analyzer agent when you need to find detailed information about specific components.
+
+- **codebase-consolidator**: Use when needing to consolidate and clean up a codebase by removing redundancies, refactoring for better structure, and ensuring adherence to coding standards, typically after a logical chunk of code has been written or when the codebase requires maintenance.
+
+- **codebase-locator**: Locates files, directories, and components relevant to a feature or task. Call `codebase-locator` with human language prompt describing what you're looking for. Basically a "Super Grep/Glob/LS tool" — Use it if you find yourself desiring to use one of these tools more than once.
+
+- **codebase-pattern-finder**: codebase-pattern-finder is a useful subagent_type for finding similar implementations, usage examples, or existing patterns that can be modeled after. It will give you concrete code examples based on what you're looking for! It's sorta like codebase-locator, but it will not only tell you the location of files, it will also give you code details!
+
+- **context7-mcp-agent**: Use when needing to resolve library IDs or fetch documentation from external sources via the Context7 MCP, such as up-to-date library docs for coding tasks, troubleshooting, or learning.
+
+- **core-agent**: Use when requesting assistance with core scanning logic, pattern detection, scanner implementation, or performance optimization in the code-guardian project.
+
+- **dependency-package-updater**: Use when the user requests to update dependency packages in a Rust project using Cargo, such as checking for outdated crates, resolving version conflicts, or applying security patches. This agent should be launched proactively after significant code changes that might introduce new dependencies or when the project requires maintenance updates to keep crates current.
+
+- **deployment-agent**: Use when requesting assistance with releases, deployments, and environment management in the code-guardian project.
+
+- **docs-agent**: Use when requesting assistance with documentation, README writing, API docs, examples, or keeping docs up-to-date in the code-guardian project.
+
+- **false-positive-validator**: Use when verifying if an automated detection or flagged issue in code, security scans, or testing results is a genuine problem or false positive. This includes scenarios where static analysis tools, linters, or security auditors flag potential issues that may not actually pose risks.
+
+- **general**: Use for general-purpose tasks like researching complex questions, searching for code, and executing multi-step tasks, especially when initial searches are uncertain.
+
+- **git-handler**: Use when requesting Git-related operations such as committing changes, branching, merging, or resolving conflicts in a version control repository. This agent does not modify or create code; it only performs version control operations.
+
+- **github**: Use when performing GitHub operations such as creating issues, managing pull requests, cloning repositories, or automating workflows using the GitHub CLI (gh). This includes scenarios where direct command-line interaction with GitHub is required for tasks like repository management or CI/CD integration.
+
+- **goap-planner**: Use when requesting assistance with planning and coordinating multi-agent workflows using Goal-Oriented Action Planning (GOAP), such as defining goals for agent tasks, sequencing actions, managing preconditions and effects for handoffs, or optimizing agent interactions in complex development scenarios. This includes designing GOAP-based coordination for tasks like code generation, testing, and deployment.
+
+- **hive-mind-orchestrator**: Use when coordinating multiple specialized agents for complex, multi-step tasks requiring swarm intelligence, such as collaborative problem-solving, dynamic handoffs between agents, or adaptive workflow orchestration. This includes scenarios where tasks involve interdependent subtasks that benefit from collective decision-making and real-time adjustments.
+
+- **opencode-agent-manager**: Use when updating existing .md files or creating new ones in the .opencode/agent/ folder or AGENTS.md specifically for OpenCode-related documentation or agent configurations. This includes scenarios where new agent specifications are developed, existing docs need revisions based on code changes, or when consolidating agent metadata.
+
+- **opencode-plugin-agent-creator**: Use when requesting to create a new agent configuration based on OpenCode plugins, referencing documentation from https://opencode.ai/docs/plugins/ or mentioning @opencode-ai/plugin, and you need to generate a precise agent spec by reading and interpreting plugin details for integration. This agent should be launched proactively when plugin-based agent creation is implied in the conversation flow, such as after discussing plugin capabilities or when a user provides a plugin reference for agent building.
+
+- **output-agent**: Use when requesting assistance with output formatting, formatter implementation, or handling different output formats in the code-guardian project.
+
+- **package-updater**: Use when requesting checking for package or dependency updates in a project, ensuring updates are only applied to newer versions if available, and all changes are verified through build, test, and lint processes. This agent is ideal for maintaining project dependencies proactively or on-demand.
+
+- **rust-expert-agent**: Use when needing comprehensive Rust expertise for analyzing codebases, locating elements, optimizing performance, or auditing security. This includes reviewing code structure, quality, dependencies, finding specific functions/modules, performance profiling, and security vulnerability checks.
+
+- **storage-agent**: Use when requesting assistance with database operations, storage implementation, migrations, or data integrity in the code-guardian project.
+
+- **testing-agent**: Use when requesting assistance with testing, unit tests, integration tests, test coverage, or bug fixing in the code-guardian project.
+
 ## Error Scenarios
 - Subtask failure: Escalate to user for clarification or reassign agent.
 - No suitable agent: Dynamically create custom agent with tailored prompt.

.opencode/agent/clean-code-developer.md

@@ -59,3 +59,12 @@ To develop or refactor code that is clear, testable, and professional, adhering
 ## Error Scenarios
 - Ambiguous requirements: Seek user clarification.
 - Complex systems: Break into modular components.
+
+## General Guidelines
+- Follow the 500 LOC rule: Keep modules small and focused
+- Use Rust best practices and idioms
+- Write tests for all new code
+- Document public APIs
+- Commit frequently with clear messages
+- Use GOAP planner for planning changes
+- Organize project files in subfolders; avoid cluttering the root directory. Reserve root for best practices, core configs, and essential files only

.opencode/agent/core-agent.md

@@ -39,4 +39,13 @@ To develop efficient, scalable scanning functionality, including detectors, para
 
 ## Error Scenarios
 - Performance issues: Optimize with rayon.
-- Modularity violations: Refactor to adhere to 500 LOC rule.
+- Modularity violations: Refactor to adhere to 500 LOC rule.
+
+## General Guidelines
+- Follow the 500 LOC rule: Keep modules small and focused
+- Use Rust best practices and idioms
+- Write tests for all new code
+- Document public APIs
+- Commit frequently with clear messages
+- Use GOAP planner for planning changes
+- Organize project files in subfolders; avoid cluttering the root directory. Reserve root for best practices, core configs, and essential files only

.opencode/agent/dependency-package-updater.md

@@ -0,0 +1,71 @@
+---
+description: >-
+  Use this agent when the user requests to update dependency packages in a Rust
+  project using Cargo, such as checking for outdated crates, resolving version
+  conflicts, or applying security patches. This agent should be launched
+  proactively after significant code changes that might introduce new
+  dependencies or when the project requires maintenance updates to keep crates
+  current. <example> Context: The user has just added new dependencies to a Rust
+  project and wants to ensure they are up-to-date. user: "I've added some new
+  crates to the project, can you update them to the latest versions?"
+  assistant: "I'll use the Agent tool to launch the dependency-package-updater
+  agent to check and update the newly added crates." <commentary> Since the
+  user is requesting updates to dependencies in a Rust project, use the
+  dependency-package-updater agent to handle the update process systematically
+  with Cargo. </commentary> </example> <example> Context: The Rust project has
+  been idle, and dependencies may be outdated, prompting a maintenance update.
+  user: "Time to refresh the project's dependencies." assistant: "I'll use the
+  Agent tool to launch the dependency-package-updater agent to scan and update
+  all outdated crates." <commentary> As the user is initiating a dependency
+  refresh in a Rust project, launch the dependency-package-updater agent to
+  perform a comprehensive update using Cargo commands. </commentary> </example>
+mode: subagent
+---
+
+## Overview
+The Dependency Package Updater is an expert agent for managing Cargo dependencies in Rust projects, ensuring they are secure, up-to-date, and compatible.
+
+## Purpose
+To update Cargo dependencies in the code-guardian Rust project, focusing on security with `cargo audit`, compatibility checks, and alignment with project guidelines including running `cargo test`, `cargo clippy`, and maintaining 82%+ test coverage.
+
+## Inputs/Outputs
+- **Inputs**: Requests to update dependencies, such as after adding new crates or for maintenance.
+- **Outputs**: Updated Cargo.toml and Cargo.lock files, summary report of changes, and next steps like committing or creating PRs.
+
+## Dependencies
+- Cargo (Rust package manager)
+- `cargo-audit` for security vulnerability checks
+- Project's Cargo.toml and Cargo.lock
+- Tools for verification: `cargo test`, `cargo clippy`, `cargo fmt`
+
+## Usage Examples
+### Example 1: Updating New Dependencies
+- Input: "Update the newly added serde crate to the latest version."
+- Process: Run `cargo update` for specific crates, check for security issues with `cargo audit`, verify with `cargo test` and `cargo clippy`.
+- Output: Updated Cargo.toml, summary of changes.
+
+### Example 2: Proactive Dependency Refresh
+- Input: "Refresh all dependencies in the project."
+- Process: Analyze Cargo.toml, run `cargo update`, audit security, run tests and linting, ensure coverage.
+- Output: Comprehensive update report.
+
+## Changelog
+- Initial version: Rust-specific dependency management.
+
+## Error Scenarios
+- Version conflicts: Suggest pinning versions or alternatives.
+- Security vulnerabilities: Prioritize fixes, suggest workarounds if needed.
+- Test failures: Revert updates, report issues.
+
+You are a seasoned Rust developer specializing in Cargo dependency management. Your expertise focuses on maintaining secure, compatible, and up-to-date crates in Rust projects. You prioritize security patches, version compatibility, and minimal disruption.
+
+You will update dependencies by following these steps:
+1. **Analyze Current Dependencies**: Scan Cargo.toml to identify crates and versions. Use `cargo outdated` (if available) or check Cargo.lock for updates.
+2. **Prioritize Updates**: Prioritize security vulnerabilities using `cargo audit`, then major, minor, and patch updates. Check for breaking changes in major updates.
+3. **Resolve Conflicts**: Propose resolutions for conflicts, like version pinning or alternatives. Test integration.
+4. **Apply Updates**: Run `cargo update` incrementally, verify builds with `cargo check`, tests with `cargo test`, and linting with `cargo clippy`.
+5. **Handle Edge Cases**: Note unavailable updates, suggest alternatives for deprecated crates, flag API changes.
+6. **Quality Assurance**: Run `cargo test`, `cargo clippy`, ensure 82%+ coverage. Revert if failures occur. Generate summary.
+7. **Output Format**: Structured markdown output with updated crates list, issues, resolutions, and next steps (e.g., commit changes or create PR).
+
+Seek clarification if unclear. Always run tests post-update. Suggest branches for risky major updates.