by alinaqi
Opinionated project initialization for Claude Code. Security-first, spec-driven, AI-native.
# Add to your Claude Code skills
git clone https://github.com/alinaqi/claude-bootstrapAn opinionated project initialization system for Claude Code. Agent teams by default, strict TDD pipeline, multi-engine code review, security-first.
The bottleneck has moved from code generation to code comprehension. AI can generate infinite code, but humans still need to review, understand, and maintain it. Claude Bootstrap provides guardrails that keep AI-generated code simple, secure, and verifiable.
New in v3.3.1: Mnemos two-layer post-compaction task restoration — guaranteed context recovery when Claude Code's compaction fires, crashes, or doesn't run. Typed memory graph (goals never evicted), 4-dimension fatigue monitoring, checkpoint/resume across sessions. iCPG intent-augmented code property graph — track why code exists, detect drift, prevent duplicate work.
┌────────────────────────────────────────────────────────────────┐
│ TDD LOOPS VIA STOP HOOKS │
│ ─────────────────────────────────────────────────────────────│
│ Stop hooks run tests after each Claude response. │
│ Failures feed back automatically. Claude iterates until green.│
│ Real Claude Code infrastructure — no plugins needed. │
├────────────────────────────────────────────────────────────────┤
│ TESTS FIRST, ALWAYS │
│ ─────────────────────────────────────────────────────────────│
│ Features: Write tests → Watch them fail → Implement → Pass │
│ Bugs: Find test gap → Write failing test → Fix → Pass │
│ No code ships without a test that failed first. │
├────────────────────────────────────────────────────────────────┤
│ SIMPLICITY IS THE GOAL │
│ ─────────────────────────────────────────────────────────────│
│ 20 lines per function │ 200 lines per file │ 3 params max │
│ Enforced via .claude/rules/ with paths: frontmatter. │
├────────────────────────────────────────────────────────────────┤
│ SECURITY BY DEFAULT │
│ ─────────────────────────────────────────────────────────────│
│ No secrets in code │ Permission deny rules for .env files │
│ Dependency scanning │ Pre-commit hooks │ CI enforcement │
├────────────────────────────────────────────────────────────────┤
│ AGENT TEAMS BY DEFAULT │
│ ─────────────────────────────────────────────────────────────│
│ Every project runs as a coordinated team of AI agents. │
│ Agent definitions use proper frontmatter: tools, model, │
│ maxTurns, effort, disallowedTools. │
├────────────────────────────────────────────────────────────────┤
│ CONDITIONAL RULES │
│ ─────────────────────────────────────────────────────────────│
│ Rules in .claude/rules/ activate based on file paths. │
│ React rules only load when editing .tsx files. │
│ Python rules only load when editing .py files. │
│ Saves tokens. Reduces noise. More targeted guidance. │
└────────────────────────────────────────────────────────────────┘
No comments yet. Be the first to share your thoughts!
# Clone and install (clone anywhere you like)
git clone https://github.com/alinaqi/claude-bootstrap.git
cd claude-bootstrap && ./install.sh
# In any project directory
claude
> /initialize-project
Claude will:
@include directives for modular skillsNo plugins. No fake commands. Claude Code's Stop hook runs a script when Claude finishes a response. Exit code 2 feeds stderr back to Claude and continues the conversation.
┌─────────────────────────────────────────────────────────────┐
│ 1. You say: "Add email validation to signup" │
│ 2. Claude writes tests + implementation │
│ 3. Claude finishes response │
│ 4. Stop hook runs: npm test && npm run lint │
│ 5a. All pass (exit 0) → Done! │
│ 5b. Failures (exit 2) → stderr fed back to Claude │
│ 6. Claude sees failures, fixes, finishes again │
│ 7. Stop hook runs again → repeat until green │
└─────────────────────────────────────────────────────────────┘
Configuration in .claude/settings.json:
{
"hooks": {
"Stop": [{
"hooks": [{
"type": "command",
"command": "scripts/tdd-loop-check.sh",
"timeout": 60,
"statusMessage": "Running tests..."
}]
}]
}
}
The tdd-loop-check.sh script runs tests, lint, and typecheck. It tracks iteration count (max 25) and distinguishes code errors (loop) from environment errors (stop).
CLAUDE.md uses @include to modularly load skills:
# CLAUDE.md
@.claude/skills/base/SKILL.md
@.claude/skills/iterative-development/SKILL.md
@.claude/skills/security/SKILL.md
These are resolved at load time by Claude Code — the content is recursively inlined (max depth 5, cycle detection built in). This means skills actually become part of the prompt instead of just being listed as text.
Rules in .claude/rules/ use YAML frontmatter with paths: to activate only when relevant files are being edited:
# .claude/rules/react.md
---
paths: ["src/components/**", "**/*.tsx"]
---
Prefer functional components with hooks...
# .claude/rules/python.md
---
paths: ["**/*.py"]
---
Use type hints, pytest, ruff...
Included rules:
| Rule | Activates When |
|------|----------------|
| quality-gates.md | Always (no paths: filter) |
| tdd-workflow.md | Always |
| security.md | Always |
| react.md | Editing .tsx/.jsx files |
| typescript.md | Editing .ts/.tsx files |
| python.md | Editing .py files |
| nodejs-backend.md | Editing api/routes/server files |
Claude Code's built-in compaction fires at ~83% context and summarizes everything into 20K tokens using a generic 9-section template. It doesn't know what YOUR project cares about.
The PreCompact hook fixes this by injecting project-specific preservation priorities into the summarizer:
┌─────────────────────────────────────────────────────────────┐
│ Built-in compaction: │
│ "Summarize this conversation" → generic summary │
├─────────────────────────────────────────────────────────────┤
│ With PreCompact hook: │
│ "Summarize, but preserve ALL schema decisions verbatim, │
│ keep exact error messages, keep API contract details, │
│ reference these Key Decisions by name, and here's the │
│ current git state to include" → project-aware summary │
└─────────────────────────────────────────────────────────────┘
The hook auto-detects:
Zero overhead during normal usage. Only runs when compaction actually fires.
Claude Code's built-in compaction is lossy and unreliable. It sometimes doesn't fire, /compact and /clear can fail (especially in multi-agent executions), and crashes/restarts lose all context. Mnemos provides disk-persistent structured state that survives all of these failure modes.
┌─────────────────────────────────────────────────────────────┐
│ DEFAULT CLAUDE CODE vs WITH MNEMOS │
├─────────────────────────────────────────────────────────────┤
│ Blind until 83.5% Continuous 4-dim monitoring│
│ Sudden hard compaction Graduated: 40→60→75→83% │
│ Uniform summarization Typed: goals never evict │
│ No cross-session memory Auto checkpoint/resume │
│ Crash = total context loss Crash = resume from disk │
│ Multi-agent: no shared state Per-agent structured state│
│ No behavioral awareness Detects re-reads, scatter │
└─────────────────────────────────────────────────────────────┘
When compaction fires, the built-in summarizer often drops task-specific state. Mnemos uses two independent layers to guarantee restoration:
BEFORE COMPACTION AFTER COMPACTION
PreCompact hook fires First tool call → PreToolUse fires
├── Write emergency checkpoint ├── Detect ".mnemos/just-compacted" marker
├── Build task narrative from ├── Read checkpoint-latest.json
│ signals.jsonl (files, tools) ├── Output full checkpoint into context
├── Output STRONG preservation ├── Delete marker (one-shot)
│ instructions to summarizer └── Claude now has: summary + checkpoint
└── Write ".mnemos/just-compacted"
marker file = Task fully restored
Layer 1 (best-effort): PreCompact tells the summarizer what to keep, including inline checkpoint conte