Add six new slash command categories with useful developer tools

- Add /documentation category with create-readme-section command
- Add /security category with security-audit and check-best-practices commands
- Add /architecture category with explain-architecture-pattern command
- Add /promptengineering category with convert-to-test-driven-prompt and batch-operations-prompt commands
- Update README.md to document all new slash commands
- Add Bash(mkdir:*) permission to settings.local.json

.claude/commands/security/check-best-practices.md

@@ -0,0 +1,136 @@
+# Check Best Practices
+
+Analyze code against language-specific best practices, coding standards, and community conventions to improve code quality and maintainability.
+
+## Usage Examples
+
+### Basic Usage
+"Check if this code follows Python best practices"
+"Review JavaScript code for ES6+ best practices"
+"Analyze React components for best practices"
+
+### Specific Checks
+"Check if this follows PEP 8 conventions"
+"Review TypeScript code for proper type usage"
+"Verify REST API design best practices"
+"Check Git commit message conventions"
+
+## Instructions for Claude
+
+When checking best practices:
+
+1. **Identify Language/Framework**: Detect the languages and frameworks being used
+2. **Apply Relevant Standards**: Use appropriate style guides and conventions
+3. **Context Awareness**: Consider project-specific patterns and existing conventions
+4. **Actionable Feedback**: Provide specific examples of improvements
+5. **Prioritize Issues**: Focus on impactful improvements over nitpicks
+
+### Language-Specific Guidelines
+
+#### Python
+- PEP 8 style guide compliance
+- PEP 484 type hints usage
+- Pythonic idioms and patterns
+- Proper exception handling
+- Module and package structure
+
+#### JavaScript/TypeScript
+- Modern ES6+ features usage
+- Async/await over callbacks
+- Proper error handling
+- Module organization
+- TypeScript strict mode compliance
+
+#### React/Vue/Angular
+- Component structure and organization
+- State management patterns
+- Performance optimizations
+- Accessibility considerations
+- Testing patterns
+
+#### API Design
+- RESTful conventions
+- Consistent naming patterns
+- Proper HTTP status codes
+- API versioning strategy
+- Documentation standards
+
+### Code Quality Aspects
+
+#### Naming Conventions
+- Variable and function names
+- Class and module names
+- Consistency across codebase
+- Meaningful and descriptive names
+
+#### Code Organization
+- File and folder structure
+- Separation of concerns
+- DRY (Don't Repeat Yourself)
+- Single Responsibility Principle
+- Modular design
+
+#### Error Handling
+- Comprehensive error catching
+- Meaningful error messages
+- Proper logging practices
+- Graceful degradation
+
+#### Performance
+- Efficient algorithms
+- Proper caching strategies
+- Lazy loading where appropriate
+- Database query optimization
+- Memory management
+
+#### Testing
+- Test coverage adequacy
+- Test naming conventions
+- Test organization
+- Mock usage patterns
+- Integration vs unit tests
+
+### Output Format
+
+Structure the analysis as:
+
+```markdown
+## Best Practices Review
+
+### Summary
+- Language/Framework: [Detected stack]
+- Overall Score: X/10
+- Key Areas for Improvement: [List]
+
+### Excellent Practices Found
+- [Practice 1]: Brief explanation
+- [Practice 2]: Brief explanation
+
+### Areas for Improvement
+
+#### High Priority
+1. **[Issue Name]**
+   - Current: `code example`
+   - Recommended: `improved code`
+   - Reason: Explanation of why this matters
+
+#### Medium Priority
+[Similar format]
+
+#### Low Priority
+[Similar format]
+
+### Quick Wins
+- [Easy improvement 1]
+- [Easy improvement 2]
+
+### Long-term Recommendations
+- [Strategic improvement 1]
+- [Strategic improvement 2]
+```
+
+Focus on:
+- Practical, implementable suggestions
+- Learning opportunities
+- Maintaining consistency with existing code
+- Balancing perfection with pragmatism

.claude/commands/security/security-audit.md

@@ -0,0 +1,102 @@
+# Security Audit
+
+Perform a comprehensive security audit of the codebase to identify potential vulnerabilities, insecure patterns, and security best practice violations.
+
+## Usage Examples
+
+### Basic Usage
+"Run a security audit on this project"
+"Check for security vulnerabilities in the authentication module"
+"Scan the API endpoints for security issues"
+
+### Specific Audits
+"Check for SQL injection vulnerabilities"
+"Audit the file upload functionality for security risks"
+"Review authentication and authorization implementation"
+"Check for hardcoded secrets and API keys"
+
+## Instructions for Claude
+
+When performing a security audit:
+
+1. **Systematic Scanning**: Examine the codebase systematically for common vulnerability patterns
+2. **Use OWASP Guidelines**: Reference OWASP Top 10 and other security standards
+3. **Check Multiple Layers**: Review frontend, backend, database, and infrastructure code
+4. **Prioritize Findings**: Categorize issues by severity (Critical, High, Medium, Low)
+5. **Provide Remediation**: Include specific fixes for each identified issue
+
+### Security Checklist
+
+#### Authentication & Authorization
+- Password storage and hashing methods
+- Session management security
+- JWT implementation and validation
+- Access control and permission checks
+- Multi-factor authentication support
+
+#### Input Validation & Sanitization
+- SQL injection prevention
+- XSS (Cross-Site Scripting) protection
+- Command injection safeguards
+- Path traversal prevention
+- File upload validation
+
+#### Data Protection
+- Encryption in transit (HTTPS/TLS)
+- Encryption at rest
+- Sensitive data exposure
+- API key and secret management
+- PII handling compliance
+
+#### Common Vulnerabilities
+- CSRF protection
+- Clickjacking prevention
+- Security headers configuration
+- Dependency vulnerabilities
+- Insecure direct object references
+
+#### API Security
+- Rate limiting implementation
+- API authentication methods
+- Input validation on endpoints
+- Error message information leakage
+- CORS configuration
+
+### Output Format
+
+Provide a structured security report with:
+
+```markdown
+## Security Audit Report
+
+### Summary
+- Total issues found: X
+- Critical: X, High: X, Medium: X, Low: X
+
+### Critical Issues
+#### 1. [Issue Name]
+- **Location**: file.js:line
+- **Description**: Detailed explanation
+- **Impact**: Potential consequences
+- **Remediation**: Specific fix with code example
+
+### High Priority Issues
+[Similar format]
+
+### Medium Priority Issues
+[Similar format]
+
+### Low Priority Issues
+[Similar format]
+
+### Recommendations
+- General security improvements
+- Best practices to implement
+- Tools and libraries to consider
+```
+
+Remember to:
+- Be specific about file locations and line numbers
+- Provide code examples for fixes
+- Explain the security impact clearly
+- Avoid false positives by understanding the context