update: added unit tests and skills

[cs-raj]

DX-5353 — Developer experience: tests, Jest coverage, and Cursor guidance

Summary

This branch expands automated test coverage across commands, core logic, utilities, and the Contentstack HTTP client, adds Jest coverage reporting with enforced global thresholds, and introduces repository documentation for contributors and AI-assisted workflows (root AGENTS.md, Cursor rules under .cursor/rules/, and project skills under .cursor/skills/). Dependency lockfile and a few dev dependency pins were refreshed to support the test and tooling setup.

What changed

Tests

• Commands (tests/commands/content-type/): list, details, audit, compare, compare-remote, diagram — parse, flags, and integration-style runs with mocked ContentTypeCommand / dependencies.
• Core (tests/core/): command.test.ts, content-type/* (audit, compare, details, diagram, formatting, list), contentstack/client.test.ts, contentstack/error.test.ts.
• Utils (tests/utils/index.test.ts): Management SDK helpers and error paths with mocks.

Tooling

• jest.config.js: collectCoverageFrom for src/**/*.ts, reporters (text, text-summary, lcov, html), global coverageThreshold at 80% for branches, functions, lines, and statements.
• package.json: test:coverage script; related dev dependency bumps; @contentstack/cli-utilities patch bump.

Documentation (contributor / IDE)

• AGENTS.md: Project role, stack, scripts, workflow, coverage notes, links to .cursor rules and skills, SECURITY.md.
• .cursor/rules/: Indexed in README.md — plugin, testing, review, TypeScript build, ESLint, oclif docs, dev workflow.
• .cursor/skills/: Plugin skill with references/architecture.md and commands.md; testing skill with conventions.md and jest-mocking.md; review skill with checklist.md.

Confirm test:coverage meets the 80% global thresholds. ESLint is invoked after Jest via posttest; ensure your install matches package-lock.json so @typescript-eslint rules resolve (same as CI).

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	10	1	25	✅ Passed
🟡 Medium Severity	5	5	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	1	90 / 365 days	⚠️ Warning
🔵 Low	0	0	180 / 365 days	✅ Passed

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

• Critical without fixes: 0
• High without fixes: 1
• Medium without fixes: 5
• Low without fixes: 0

⚠️ BUILD PASSED WITH WARNINGS - SLA breaches detected for issues without available fixes

Consider reviewing these vulnerabilities when fixes become available.