Coding standards and review guidelines for Go backend and Vue 3 + TypeScript frontend development.
| Skill | Description | Use When |
|---|---|---|
| go-standards | Go coding standards | Writing or reviewing Go code |
| frontend-standards | Vue 3 + TypeScript standards | Writing or reviewing frontend code |
| review-standards | Code review process and checklists | Conducting code reviews |
| security-standards | Security standards | Security audits, auth, XSS/CSRF |
| testing-standards | Testing standards | Writing tests, coverage requirements |
在 ~/.claude/settings.json 中添加:
{
"extraKnownMarketplaces": {
"zenghur-skills": {
"source": {
"source": "github",
"repo": "zenghur/skills",
"path": ".claude-plugin"
},
"autoUpdate": true
}
},
"enabledPlugins": {
"go-standards@zenghur-skills": true,
"frontend-standards@zenghur-skills": true,
"review-standards@zenghur-skills": true,
"security-standards@zenghur-skills": true,
"testing-standards@zenghur-skills": true,
"verifier@zenghur-skills": true
}
}重启 Claude Code 即可自动安装。
git clone git@github.com:zenghur/skills.git ~/.claude/skills
cd ~/.claude/skills && ./sync-skills.shreview-standards + go-standards
review-standards + frontend-standards
review-standards + go-standards + frontend-standards + security-standards
Go coding standards organized into focused modules:
- naming.md — camelCase, verb prefix, no magic values
- error-handling.md — errors.Is(), zero-value, wrapping
- concurrency.md — SafeGo, channels, goroutine leak prevention
- database.md — GORM explicit column tags, NOT NULL
- function-design.md — Complexity ≤15, single responsibility, refactoring
Vue 3 + TypeScript standards:
- Backend owns business logic — frontend only displays
- Pure calculations allowed — math on existing data
- Vue 3 Composition API with
<script setup> - TypeScript strict mode, no
any
Three-phase review protocol:
- Full Blind Scan — Global regex search, no bias
- Structured Grouping — Classify findings by dimension
- Rule-Anchored Analysis — Apply rules one by one
- No speculative language (
probably...,likely...) - No early conclusions before full scan
- No reverse questioning — give conclusions, not ask
- No pending items — resolve through code analysis
Modules:
- defense-in-depth.md — Layered defense
- input-validation.md — SQL/NoSQL injection prevention
- authentication.md — Password hashing, session management
- authorization.md — RBAC access control
- xss.md — XSS prevention and CSP
- csrf.md — CSRF protection
- tls.md — TLS 1.3 configuration
- cryptography.md — Algorithms and key management
- logging.md — Security logging and audit
Modules:
- coverage.md — Unit ≥70%, Integration ≥50%, E2E ≥30%
- patterns.md — Table-driven tests
- sync.md — Test synchronization with code changes
go vet ./...
golangci-lint run ./...
gofmt -w .
goimports -w .