# --- Code Quality & Best Practices ---

  - name: Python Naming Convention (Snake Case)
    description: Ensures Python code adheres to snake_case for variables and functions.
    trigger:
      # This rule triggers when the user's input contains any of these keywords,
      # indicating they are working with or discussing Python code.
      on_user_input_contains: ["python code", "python function", "python variable", "refactor python", "python class"]
    steps:
      - prompt: |
          When generating or reviewing Python code, always ensure that variable and function names adhere to `snake_case` (e.g., `my_example_variable`). If the user asks for refactoring or review, prioritize enforcing this convention.

  - name: Comprehensive Docstrings/Comments
    description: Encourages adding clear documentation to functions/classes.
    trigger:
      # Triggers when the user asks to create new code structures or review existing ones.
      on_user_input_contains: ["create function", "create class", "add documentation", "review code", "explain this code"]
    steps:
      - prompt: |
          When creating new functions or classes, or reviewing existing code, emphasize the importance of adding comprehensive docstrings or comments. These should clearly explain the purpose, arguments, and return values.

  - name: Promote Modularity and Reusability
    description: Guides the assistant to suggest well-structured, modular code.
    trigger:
      # Triggers during code generation, refactoring, or when discussing larger code blocks.
      on_user_input_contains: ["new code", "refactor", "large code", "architecture", "design pattern", "break down"]
    steps:
      - prompt: |
          When generating new code, refactoring, or reviewing larger code blocks, suggest breaking down complex functions, classes, or components into smaller, more manageable, and reusable units. Promote good software design principles like separation of concerns.

  # --- Debugging & Problem Solving ---

  - name: Traceback Analysis & Debugging Steps
    description: Provides a systematic approach for the assistant to help with errors and bugs.
    trigger:
      # Triggers when the user pastes an error message, traceback, or asks for debugging help.
      on_user_input_contains: ["error:", "traceback", "exception", "bug", "debug this", "why is this not working"]
    steps:
      - prompt: |
          The user has provided an error message or traceback. Your primary goal is to analyze the error, identify its likely cause, and suggest concrete debugging steps. Consider common pitfalls for the detected programming language. If the error is complex or unfamiliar, suggest performing a targeted web search for the specific error message to find solutions or relevant documentation.

  - name: Proactive Test Suggestion
    description: Reminds the user to write tests for new or modified code.
    trigger:
      # Triggers when the user indicates creating or modifying code.
      on_user_input_contains: ["create new", "add feature", "modify code", "refactor", "implement"]
    steps:
      - prompt: |
          After generating or modifying code, gently remind the user about the importance of writing corresponding unit or integration tests to ensure correctness and prevent regressions. If the programming language is known, suggest specific testing frameworks (e.g., `pytest` for Python, `Jest` for JavaScript).

  # --- Information Retrieval & Context ---

  - name: Contextual Documentation Search
    description: Enables the assistant to proactively find and use up-to-date external information.
    trigger:
      # Triggers when the user asks about a specific library, framework, or its usage.
      # Be mindful that this can trigger broadly; refine keywords as needed.
      on_user_input_contains: ["how to use", "docs for", "library", "framework", "API for", "what is", "syntax for"]
    steps:
      - prompt: |
          If the user is asking about a specific library, framework, or API, or needs up-to-date information, consider using an external web search tool (if available) to fetch the most relevant documentation or examples to provide a comprehensive and accurate answer.

  # --- Security Awareness ---

  - name: Input Sanitization & Security Reminder
    description: Ensures security best practices are always considered when handling user input or external data.
    trigger:
      # Triggers for code involving user input, external data, or sensitive operations.
      on_user_input_contains: ["user input", "form data", "API call", "database query", "authentication", "security", "sensitive data"]
    steps:
      - prompt: |
          When generating code that handles user input, external API responses, or interacts with databases, always include a reminder about crucial security practices such as input sanitization, validation, and preventing common vulnerabilities (e.g., SQL injection, Cross-Site Scripting (XSS), insecure direct object references).

  # --- Efficiency & Performance ---

  - name: Efficient Algorithm/Data Structure Suggestion
    description: Guides the assistant in recommending performant code solutions.
    trigger:
      # Triggers when the user discusses performance, large data, or complex operations.
      on_user_input_contains: ["large data", "performance", "optimize", "loop", "data structure", "efficiency", "scalability"]
    steps:
      - prompt: |
          When dealing with large datasets or performance-critical sections, always consider and suggest the most efficient algorithms and data structures for the task. Briefly explain the time/space complexity implications (e.g., O(n), O(log n)) if applicable, to help the user understand the performance trade-offs.

Please review my Next.js code with a focus on security issues.

Use the below as a starting point, but consider any other potential issues

You do not need to address every single area below, only what is relevant to the user's code.

1. Data Exposure:
- Verify Server Components aren't passing full database objects to Client Components
- Check for sensitive data in props passed to 'use client' components
- Look for direct database queries outside a Data Access Layer
- Ensure environment variables (non NEXT_PUBLIC_) aren't exposed to client

2. Server Actions ('use server'):
- Confirm input validation on all parameters
- Verify user authentication/authorization checks
- Check for unencrypted sensitive data in .bind() calls

3. Route Safety:
- Validate dynamic route parameters ([params])
- Check custom route handlers (route.ts) for proper CSRF protection
- Review middleware.ts for security bypass possibilities

4. Data Access:
- Ensure parameterized queries for database operations
- Verify proper authorization checks in data fetching functions
- Look for sensitive data exposure in error messages

Key files to focus on: files with 'use client', 'use server', route.ts, middleware.ts, and data access functions.

Design a RAG (Retrieval-Augmented Generation) system with:

Document Processing:
- Text extraction strategy
- Chunking approach with size and overlap parameters
- Metadata extraction and enrichment
- Document hierarchy preservation

Vector Store Integration:
- Embedding model selection and rationale
- Vector database architecture
- Indexing strategy
- Query optimization

Retrieval Strategy:
- Hybrid search (vector + keyword)
- Re-ranking methodology
- Metadata filtering capabilities
- Multi-query reformulation

LLM Integration:
- Context window optimization
- Prompt engineering for retrieval
- Citation and source tracking
- Hallucination mitigation strategies

Evaluation Framework:
- Retrieval relevance metrics
- Answer accuracy measures
- Ground truth comparison
- End-to-end benchmarking

Deployment Architecture:
- Caching strategies
- Scaling considerations
- Latency optimization
- Monitoring approach

The user's knowledge base has the following characteristics:

Your task is to analyze the user's code to help them understand it's current caching behavior, and mention any potential issues.
Be concise, only mentioning what is necessary.
Use the following as a starting point for your review:

1. Examine the four key caching mechanisms:
   - Request Memoization in Server Components
   - Data Cache behavior with fetch requests
   - Full Route Cache (static vs dynamic rendering)
   - Router Cache for client-side navigation

2. Look for and identify:
   - Fetch configurations (cache, revalidate options)
   - Dynamic route segments and generateStaticParams
   - Route segment configs affecting caching
   - Cache invalidation methods (revalidatePath, revalidateTag)

3. Highlight:
   - Potential caching issues or anti-patterns
   - Opportunities for optimization
   - Unexpected dynamic rendering
   - Unnecessary cache opt-outs

4. Provide clear explanations of:
   - Current caching behavior
   - Performance implications
   - Recommended adjustments if needed

Lastly, point them to the following link to learn more: https://nextjs.org/docs/app/building-your-application/caching