shinpr

technical-spec

@shinpr/technical-spec
shinpr
157
15 forks
Updated 1/18/2026
View on GitHub

frontend/technical-spec: Defines frontend environment variables, component design, and data flow patterns. Use when configuring React environment.

Installation

$skills install @shinpr/technical-spec
Claude Code
Cursor
Copilot
Codex
Antigravity

Details

Repositoryshinpr/ai-coding-project-boilerplate
Path.claude/skills-en/frontend/technical-spec/SKILL.md
Branchmain
Scoped Name@shinpr/technical-spec

Usage

After installing, this skill will be available to your AI coding assistant.

Verify installation:

skills list

Skill Instructions

name: frontend/technical-spec description: Defines frontend environment variables, component design, and data flow patterns. Use when configuring React environment.

Technical Design Rules (Frontend)

Basic Technology Stack Policy

TypeScript-based React application implementation. Architecture patterns should be selected according to project requirements and scale.

Environment Variable Management and Security

Environment Variable Management

  • Use build tool's environment variable system: process.env does not work in browser environments
  • Centrally manage environment variables through configuration layer
  • Implement proper type safety with TypeScript
  • Properly implement default value settings and mandatory checks
// Build tool environment variables (public values only)
const config = {
  apiUrl: import.meta.env.API_URL || 'http://localhost:3000',
  appName: import.meta.env.APP_NAME || 'My App'
}

// Does not work in frontend
const apiUrl = process.env.API_URL

Security (Client-side Constraints)

  • CRITICAL: All frontend code is public and visible in browser
  • Never store secrets client-side: No API keys, tokens, or secrets in environment variables
  • Do not include .env files in Git (same as backend)
  • Prohibit logging of sensitive information (passwords, tokens, personal data)
  • Do not include sensitive information in error messages

Correct Approach for Secrets:

// Security risk: API key exposed in browser
const apiKey = import.meta.env.API_KEY
const response = await fetch(`https://api.example.com/data?key=${apiKey}`)

// Correct: Backend manages secrets, frontend accesses via proxy
const response = await fetch('/api/data') // Backend handles API key authentication

Architecture Design

Frontend Architecture Patterns

React Component Architecture:

  • Function Components: Mandatory, class components deprecated
  • Custom Hooks: For logic reuse and dependency injection
  • Component Hierarchy: Atoms -> Molecules -> Organisms -> Templates -> Pages
  • Props-driven: Components receive all necessary data via props
  • Co-location: Place tests, styles, and related files alongside components

State Management Patterns:

  • Local State: useState for component-specific state
  • Context API: For sharing state across component tree (theme, auth, etc.)
  • Custom Hooks: Encapsulate state logic and side effects
  • Server State: React Query or SWR for API data caching

Unified Data Flow Principles

Client-side Data Flow

Maintain consistent data flow throughout the React application:

  • Single Source of Truth: Each piece of state has one authoritative source

    • UI state: Component state or Context
    • Server data: API responses cached in React Query/SWR
    • Form data: Controlled components with React Hook Form

  • Unidirectional Flow: Data flows top-down via props

    API Response -> State -> Props -> Render -> UI
User Input -> Event Handler -> State Update -> Re-render

  • Immutable Updates: Use immutable patterns for state updates

    // Immutable state update
setUsers(prev => [...prev, newUser])

// Mutable state update (avoid)
users.push(newUser)
setUsers(users)

Type Safety in Data Flow

  • Frontend -> Backend: Props/State (Type Guaranteed) -> API Request (Serialization)
  • Backend -> Frontend: API Response (unknown) -> Type Guard -> State (Type Guaranteed)
// Type-safe data flow
async function fetchUser(id: string): Promise<User> {
  const response = await fetch(`/api/users/${id}`)
  const data: unknown = await response.json()

  if (!isUser(data)) {
    throw new Error('Invalid user data')
  }

  return data // Type guaranteed as User
}

Build and Testing

Use the appropriate run command based on the packageManager field in package.json.

Build Commands

  • dev - Development server
  • build - Production build
  • preview - Preview production build
  • type-check - Type check (no emit)

Testing Commands

  • test - Run tests
  • test:coverage - Run tests with coverage
  • test:coverage:fresh - Run tests with coverage (fresh cache)
  • test:safe - Safe test execution (with auto cleanup)
  • cleanup:processes - Cleanup Vitest processes

Quality Check Requirements

Quality checks are mandatory upon implementation completion:

Phase 1-3: Basic Checks

  • check - Biome (lint + format)
  • build - TypeScript build

Phase 4-5: Tests and Final Confirmation

  • test - Test execution
  • test:coverage:fresh - Coverage measurement
  • check:all - Overall integrated check

Coverage Requirements

  • Mandatory: Unit test coverage must be 60% or higher
  • Component-specific targets:
    • Atoms: 70% or higher
    • Molecules: 65% or higher
    • Organisms: 60% or higher
    • Custom Hooks: 65% or higher
    • Utils: 70% or higher

Non-functional Requirements

  • Browser Compatibility: Chrome/Firefox/Safari/Edge (latest 2 versions)
  • Rendering Time: Within 5 seconds for major pages

More by shinpr

View all
commands-ja
157

ツール選択基準(測定可能な判断): ユーザーのスキル変更要求を精度最大化して実装

typescript-rules
157

frontend/typescript-rules: Applies React/TypeScript type safety, component design, and state management rules. Use when implementing React components.

commands-en
157

Tool selection criteria (measurable decisions): Implement user skill change requests with maximum precision optimization

integration-e2e-testing
157

統合テストとE2Eテストを設計。モック境界と振る舞い検証ルールを適用。E2Eテスト、統合テスト作成時に使用。