developer_rules
Access developer rules and checklists to maintain high-quality, secure code across security, performance, and maintainability categories.
Instructions
Provides comprehensive developer rules and checklists for maintaining high-quality, secure code.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| category | Yes | Category of rules |
Input Schema (JSON Schema)
{
"$schema": "http://json-schema.org/draft-07/schema#",
"additionalProperties": false,
"properties": {
"category": {
"description": "Category of rules",
"enum": [
"security",
"performance",
"maintainability",
"all"
],
"type": "string"
}
},
"required": [
"category"
],
"type": "object"
}
Implementation Reference
- src/tools/fullstack.ts:449-561 (handler)Main execution function for the 'developer_rules' tool. Generates markdown checklists for developer best practices in categories like security, performance, and maintainability.export function developerRulesHandler(args: any) { const { category } = args; const rules = `# Developer Rules & Best Practices ## Category: ${category} --- ${category === "security" || category === "all" ? ` ## π Security Rules ### Dependencies - [ ] Run \`npm audit\` before every release - [ ] Enable automated security updates (Dependabot) - [ ] Never use deprecated packages - [ ] Review dependency changelogs before updating - [ ] Pin production dependencies to exact versions ### Code Security - [ ] Validate ALL user inputs (server-side) - [ ] Use parameterized queries (prevent SQL injection) - [ ] Escape output (prevent XSS) - [ ] Implement proper authentication (OAuth, JWT) - [ ] Use HTTPS everywhere - [ ] Set security headers (CSP, HSTS, X-Frame-Options) ### Secrets - [ ] NEVER commit secrets to git - [ ] Use environment variables - [ ] Rotate keys regularly - [ ] Use secret managers (Vault, AWS Secrets) ### Docker Security - [ ] Scan images: \`docker scout cves <image>\` - [ ] Use official base images - [ ] Run as non-root user - [ ] Keep images minimal (Alpine) ` : ""} ${category === "performance" || category === "all" ? ` ## β‘ Performance Rules ### Code - [ ] Profile before optimizing - [ ] Use appropriate data structures - [ ] Avoid N+1 queries - [ ] Implement caching where appropriate - [ ] Lazy load heavy resources ### Frontend - [ ] Bundle & minify assets - [ ] Optimize images (WebP, lazy loading) - [ ] Use CDN for static assets - [ ] Implement code splitting - [ ] Add proper caching headers ### Backend - [ ] Use connection pooling - [ ] Implement request rate limiting - [ ] Add database indexes - [ ] Use async/await properly - [ ] Monitor memory usage ` : ""} ${category === "maintainability" || category === "all" ? ` ## π§ Maintainability Rules ### Code Quality - [ ] Follow language style guides - [ ] Use linters (ESLint, Pylint, etc.) - [ ] Write self-documenting code - [ ] Keep functions small (<50 lines) - [ ] DRY - Don't Repeat Yourself ### Documentation - [ ] Maintain README.md - [ ] Document public APIs - [ ] Write clear commit messages - [ ] Create Architecture Decision Records ### Testing - [ ] Write tests before/with code - [ ] Aim for >80% coverage - [ ] Test edge cases - [ ] Run tests in CI/CD ### Git - [ ] Use feature branches - [ ] Write descriptive PRs - [ ] Review code before merging - [ ] Keep commits atomic ` : ""} --- ## Automated Enforcement ### Pre-commit Hooks \`\`\`bash npx husky install npx husky add .husky/pre-commit "npm run lint && npm test" \`\`\` ### CI/CD Checks - Lint on every push - Test on every PR - Security scan weekly - Dependency updates automated `; return { content: [{ type: "text", text: rules }] }; }
- src/tools/fullstack.ts:441-447 (schema)Zod input schema definition for the 'developer_rules' tool, specifying the 'category' parameter.export const developerRulesSchema = { name: "developer_rules", description: "Provides comprehensive developer rules and checklists for maintaining high-quality, secure code.", inputSchema: z.object({ category: z.enum(["security", "performance", "maintainability", "all"]).describe("Category of rules") }) };
- src/server.ts:122-122 (registration)Registration of the 'developer_rules' tool in the HTTP server's tool registry map.["developer_rules", { schema: developerRulesSchema, handler: developerRulesHandler }],
- src/index.ts:117-117 (registration)Registration of the 'developer_rules' tool in the MCP server's tool registry map.["developer_rules", { schema: developerRulesSchema, handler: developerRulesHandler }],
- src/server.ts:56-61 (registration)Import statement bringing in the schema and handler for 'developer_rules' from fullstack.ts in the server file.trackProjectSchema, trackProjectHandler, checkDependenciesSchema, checkDependenciesHandler, generateGitHubActionsSchema, generateGitHubActionsHandler, fullStackScaffoldSchema, fullStackScaffoldHandler, developerRulesSchema, developerRulesHandler } from "./tools/fullstack.js";