Development Guide

Creating commands

Command Development Guide

Overview

This guide covers advanced topics for developing effective Claude Code commands and agents, including testing strategies, performance optimization, and integration patterns.

Development Lifecycle

1. Planning Phase

Requirements Analysis

command_requirements:
  purpose: "What specific problem does this solve?"
  target_users: "Who will use this command?"
  frequency: "How often will it be used?"
  complexity: "Simple automation or complex reasoning?"
  dependencies: "What tools and context are needed?"
  success_criteria: "How will we measure effectiveness?"

Scope Definition

in_scope:
  - Primary functionality
  - Core use cases
  - Essential error handling

out_of_scope:
  - Edge cases for MVP
  - Advanced features
  - Integration with external systems

future_considerations:
  - Potential extensions
  - Integration opportunities
  - Performance optimizations

2. Design Phase

Command Architecture

## Command Structure Decision Tree

### Simple Command (< 5 steps)
- Use basic command template
- Single model (haiku/sonnet)
- Minimal tool requirements
- Direct input/output

### Complex Command (5+ steps)
- Consider agent template
- May need multiple models
- Comprehensive tool access
- Structured output format

### Workflow Command (Multiple domains)
- Use agent template with coordination
- Delegate to specialized sub-agents
- Define clear handoff protocols
- Implement quality gates

Tool Selection Matrix

tool_selection:
  read_only_analysis:
    tools: ["read", "grep", "glob"]
    examples: ["code review", "documentation analysis"]

  file_manipulation:
    tools: ["read", "write", "edit", "multiedit"]
    examples: ["refactoring", "code generation"]

  system_interaction:
    tools: ["bash", "read", "write"]
    examples: ["deployment", "testing", "git operations"]

  comprehensive_workflow:
    tools: ["bash", "read", "write", "edit", "multiedit", "glob", "grep"]
    examples: ["full feature implementation", "project setup"]

3. Implementation Phase

Command Template Selection

# For simple, focused tasks
cp docs/commands/templates/basic-command-template.md .claude/commands/my-command.md

# For complex, multi-step workflows
cp docs/commands/templates/agent-command-template.md .claude/agents/my-agent.md

Configuration Best Practices

frontmatter_guidelines:
  name:
    - Use title case
    - Keep under 25 characters
    - Action-oriented (verb + noun)

  description:
    - One clear sentence
    - Under 80 characters
    - Focuses on value delivered

  model:
    - haiku: Simple tasks, fast response
    - sonnet: Balanced capability (default)
    - opus: Complex reasoning, strategic thinking

  tools:
    - Minimal required set
    - Security implications considered
    - Match to actual needs

  color:
    - blue: General purpose
    - green: Success/creation
    - orange: Analysis/warning
    - red: Critical/security

4. Testing Strategy

Unit Testing for Commands

# Test command creation
touch .claude/commands/test-command.md

# Basic functionality test
/test-command valid-input

# Edge case testing
/test-command ""
/test-command --invalid-flag
/test-command non-existent-file.js

# Error handling verification
/test-command /etc/passwd  # Should handle permission errors

Integration Testing

integration_scenarios:
  command_chaining:
    - "/review src/auth.js"
    - "/test src/auth.js"
    - "/commit 'Fix auth vulnerabilities'"

  agent_collaboration:
    - Launch multiple agents in parallel
    - Verify context isolation
    - Check output compatibility

  hook_integration:
    - Configure test hooks
    - Verify trigger conditions
    - Validate hook execution

Performance Testing

# Measure command performance
import time

def test_command_performance():
    start_time = time.time()

    # Execute command
    result = execute_command("/my-command", "test-input")

    end_time = time.time()
    execution_time = end_time - start_time

    # Performance assertions
    assert execution_time < 30, f"Command took {execution_time}s, exceeds 30s limit"
    assert result.success, "Command failed to complete"
    assert len(result.output) > 0, "Command produced no output"

5. Documentation Phase

README Template for Commands

# Command Name

## Purpose
Brief description of what this command does and why it's useful.

## Usage

/command-name [arguments]


## Arguments
- `argument1`: Description and expected format
- `argument2`: Optional argument with default behavior

## Examples

### Basic Usage

/command-name src/component.js

Expected output: [description]

### Advanced Usage

/command-name --option value directory/

Expected output: [description]

## Error Handling
Common errors and solutions:
- **Error**: "File not found"
  **Solution**: Check file path and permissions
- **Error**: "Invalid format"
  **Solution**: Verify input format matches requirements

## Integration
Works well with:
- Other commands: [list compatible commands]
- Agents: [list relevant agents]
- Workflows: [describe integration patterns]

Advanced Patterns

1. Command Composition

Sequential Command Pattern

# In a coordination command
---
name: Full Feature Review
description: Complete feature analysis with multiple specialists
model: sonnet
tools: ["bash", "read", "write"]
---

You orchestrate a comprehensive feature review:

1. **Requirements Analysis**: Use Requirements Analyst agent
2. **Code Review**: Use Code Reviewer agent
3. **Security Audit**: Use Security Auditor agent
4. **Test Validation**: Use Test Writer agent
5. **Documentation Check**: Use Documentation agent

Synthesize all findings into an executive summary with:
- Overall readiness assessment
- Critical issues requiring immediate attention
- Recommendations for improvement
- Go/no-go decision for deployment

Parallel Execution Pattern

# In agent coordination
---
name: Parallel Analysis
description: Run multiple analyses simultaneously for efficiency
model: sonnet
tools: ["read", "write", "bash"]
---

Launch these agents in parallel for comprehensive analysis:

Parallel execution request

"Run these agents in parallel:

1. Security Auditor: Scan for vulnerabilities 2. Performance Analyzer: Identify bottlenecks 3. Code Quality Reviewer: Check maintainability 4. Documentation Auditor: Verify completeness"


Collect results and provide unified report.

2. Dynamic Command Generation

Context-Aware Command Selection

def select_appropriate_command(context):
    """Select command based on context analysis"""

    if context.file_type == 'javascript':
        return 'js-specific-reviewer'
    elif context.file_type == 'python':
        return 'python-linter'
    elif context.has_security_concerns:
        return 'security-auditor'
    else:
        return 'general-reviewer'

Adaptive Tool Selection

adaptive_tools:
  small_files: ["read", "edit"]
  large_codebase: ["read", "grep", "glob"]
  system_changes: ["bash", "read", "write"]
  security_focus: ["read", "grep", "bash"]

3. Error Recovery Patterns

Graceful Degradation

## Error Handling Strategy

### Level 1: Partial Success
If primary task fails:
1. Attempt alternative approach
2. Provide partial results
3. Explain what was accomplished
4. Suggest manual steps for completion

### Level 2: Graceful Failure
If alternative fails:
1. Document exact error conditions
2. Provide diagnostic information
3. Suggest next steps for user
4. Log for future improvement

### Level 3: Safe Termination
If all approaches fail:
1. Ensure no partial changes remain
2. Restore system to known good state
3. Provide clear error message
4. Include contact information for support

Retry Logic

def execute_with_retry(command, max_retries=3):
    """Execute command with exponential backoff retry"""

    for attempt in range(max_retries):
        try:
            result = execute_command(command)
            if result.success:
                return result
        except Exception as e:
            if attempt == max_retries - 1:
                raise

            wait_time = 2 ** attempt
            time.sleep(wait_time)

    raise CommandFailedException("Max retries exceeded")

Security Guidelines

Permission Management

Principle of Least Privilege

{
  "permissions": {
    "allow": [
      "Read(/project/src/**)",
      "Write(/project/docs/**)",
      "Bash(git:status|add|commit)"
    ],
    "deny": [
      "Bash(rm:*)",
      "Bash(sudo:*)",
      "Write(/etc/**)",
      "Write(/home/**/.ssh/**)"
    ],
    "ask": [
      "Bash(npm:install)",
      "Write(/project/package.json)",
      "Bash(docker:*)"
    ]
  }
}

Audit and Monitoring

# Enable command auditing
echo "PreToolUse hook: Log all bash commands" >> ~/.claude/audit.log

# Monitor unusual activity
grep "SECURITY" ~/.claude/audit.log | tail -10

# Review permissions monthly
cat .claude/settings.local.json | jq '.permissions'

Input Validation

Sanitization Patterns

def validate_file_path(path):
    """Validate file path for security"""

    # Prevent path traversal
    if '..' in path:
        raise SecurityError("Path traversal attempt detected")

    # Restrict to project directory
    if not path.startswith('/project/'):
        raise SecurityError("Access outside project directory denied")

    # Check file exists and is readable
    if not os.path.exists(path):
        raise FileNotFoundError(f"File not found: {path}")

    return path

Command Injection Prevention

def safe_bash_execution(command, args):
    """Execute bash command safely"""

    # Whitelist allowed commands
    allowed_commands = ['git', 'npm', 'docker', 'ls', 'cat']

    cmd_parts = command.split()
    if cmd_parts[0] not in allowed_commands:
        raise SecurityError(f"Command not allowed: {cmd_parts[0]}")

    # Escape arguments
    escaped_args = [shlex.quote(arg) for arg in args]

    return subprocess.run([cmd_parts[0]] + escaped_args,
                         capture_output=True, text=True)

Performance Optimization

Model Selection Optimization

Task Complexity Analysis

def select_optimal_model(task):
    """Select model based on task complexity"""

    complexity_indicators = {
        'simple': ['format', 'list', 'status', 'count'],
        'medium': ['analyze', 'review', 'generate', 'transform'],
        'complex': ['architect', 'strategize', 'optimize', 'debug']
    }

    for level, keywords in complexity_indicators.items():
        if any(keyword in task.lower() for keyword in keywords):
            return {
                'simple': 'haiku',
                'medium': 'sonnet',
                'complex': 'opus'
            }[level]

    return 'sonnet'  # Default

Context Window Management

Efficient Context Usage

def optimize_context(files, max_tokens=4000):
    """Optimize context for token efficiency"""

    # Prioritize by relevance
    sorted_files = sorted(files, key=lambda f: f.relevance, reverse=True)

    context = []
    token_count = 0

    for file in sorted_files:
        file_tokens = estimate_tokens(file.content)

        if token_count + file_tokens <= max_tokens:
            context.append(file)
            token_count += file_tokens
        else:
            # Include summary for remaining files
            context.append(file.summary)
            token_count += estimate_tokens(file.summary)

    return context

Caching Strategies

Result Caching

from functools import lru_cache
import hashlib

@lru_cache(maxsize=100)
def cached_analysis(file_hash, analysis_type):
    """Cache expensive analysis results"""
    return perform_analysis(file_hash, analysis_type)

def get_file_hash(filepath):
    """Generate hash for file content"""
    with open(filepath, 'rb') as f:
        return hashlib.sha256(f.read()).hexdigest()

Monitoring and Metrics

Performance Tracking

Command Metrics

class CommandMetrics:
    def __init__(self):
        self.execution_times = []
        self.success_rates = {}
        self.error_patterns = {}

    def track_execution(self, command, duration, success):
        self.execution_times.append({
            'command': command,
            'duration': duration,
            'success': success,
            'timestamp': datetime.now()
        })

    def analyze_performance(self):
        avg_time = np.mean([m['duration'] for m in self.execution_times])
        success_rate = np.mean([m['success'] for m in self.execution_times])

        return {
            'average_execution_time': avg_time,
            'success_rate': success_rate,
            'total_executions': len(self.execution_times)
        }

Quality Assurance

Automated Testing

#!/bin/bash
# test-commands.sh - Automated command testing

commands=(
    "review:src/auth.js"
    "test:src/UserService.js"
    "commit:"
    "api-docs:src/routes/"
)

for cmd in "${commands[@]}"; do
    echo "Testing command: $cmd"

    # Execute command and capture result
    result=$(claude-cli "/$cmd" 2>&1)

    if [[ $? -eq 0 ]]; then
        echo "✅ $cmd passed"
    else
        echo "❌ $cmd failed: $result"
    fi
done

Quality Gates

quality_checklist:
  functionality:
    - Command performs intended task
    - Error handling covers edge cases
    - Output format is consistent

  security:
    - Minimal required permissions
    - Input validation implemented
    - No sensitive data exposure

  performance:
    - Appropriate model selection
    - Efficient context usage
    - Reasonable execution time

  usability:
    - Clear documentation
    - Helpful error messages
    - Intuitive interface

Troubleshooting Guide

Common Issues

Command Not Found

# Check command file exists
ls -la .claude/commands/my-command.md

# Verify file syntax
head -20 .claude/commands/my-command.md

# Test command invocation
/my-command --help

Permission Denied

# Check permissions configuration
cat .claude/settings.local.json | jq '.permissions'

# Review audit log
tail -50 ~/.claude/audit.log

# Test with minimal permissions
echo '{"permissions": {"allow": ["Read(/project/**)"]}}'  > .claude/settings.local.json

Poor Performance

# Profile command execution
time /my-command test-input

# Check model selection
grep "model:" .claude/commands/my-command.md

# Analyze context usage
grep -E "(include|exclude)" .claude/commands/my-command.md

Debug Commands

Command Inspection

# List all available commands
/help

# Show command details
cat .claude/commands/my-command.md | head -20

# Test command parsing
/my-command --dry-run

Performance Analysis

# Check token usage
/cost

# Monitor agent status
/agents

# System health check
/doctor

This development guide provides the foundation for creating robust, secure, and efficient Claude Code commands that enhance development workflows while maintaining quality and security standards.