Batch 16 — Cursor/Cline/Roo/Windsurf Rule-Based Frameworks
Roster (10)
| slug | stars | distribution | cli_binary | local_ui | orchestration | multi_model | tier |
|---|---|---|---|---|---|---|---|
| cursor-coding-agent-os | 3 | standalone-repo | no | no | sequential | no | A |
| cline-max | 4 | vscode-extension | no | vscode-ext | sequential | yes (user-select) | A |
| cline-acp | 9 (archived) | npm-package | yes (cline-acp) | no | none | yes (delegated) | A |
| cline-spec-kit-workflows | 16 | methodology-doc | no | no | sequential | no | A |
| roo-commander | 725 (archived) | npm-package | yes (roocommander) | no | hierarchical | no | A |
| custom-modes-roo-code | 173 | template-bundle | no | no | none (aspirational) | no | A |
| rooflow | 1159 | bash-bundle | no | no | hierarchical | no | A |
| rules-template-stackable | 1059 | template-bundle | no | no | sequential | no | A |
| cursorrules-kinopeee | 1118 | template-bundle | no | no | none | no | A |
| windsurfrules-kinopeee | 364 | template-bundle | no | no | none | no | A |
Intra-batch patterns
All 10 frameworks in this batch are rule-file-driven — behavioral guidance lives in per-IDE rule files (.cursor/rules/*.mdc, .windsurf/rules/*.md, .clinerules/, .roo/) rather than in compiled code. The dominant architectural split is between behavior-only frameworks (cursorrules, windsurfrules — no memory, no workflow) and behavior + memory frameworks (rules-template-stackable, RooFlow, roo-commander — Memory Bank patterns). Three frameworks (roo-commander, cline-max, RooFlow) implement hierarchical mode delegation but via IDE-native mode switching rather than process-level multi-agent execution. The most common memory pattern across memory-having frameworks is the "five-file Memory Bank" (productContext, activeContext, systemPatterns, decisionLog, progress) — this pattern appears in both RooFlow and rules-template-stackable independently, suggesting convergent evolution. Two entries (cline-max, cline-acp) are IDE forks/adapters rather than rule-file frameworks, making them structurally distinct from the rest.
Most interesting finds
cursorrules/windsurfrules prompt-injection-guard.mdc: The only framework in the entire corpus (including seeds) with a dedicated stop-then-confirm rule for external context injection defense, including obfuscation detection patterns (Base64, ROT13, zero-width chars, RTL override). This is a production security concern that no other framework addresses.
custom-modes-roo-code: 225 agents compiled into a 2.6 MB
.roomodesfile using Python injection scripts that apply cross-cutting concerns (security playbook, engineering protocols, debugging playbook) across all agents at generation time — an aspect-oriented prompt engineering pattern not seen elsewhere in the corpus.
Items written as Tier C
None. All 10 frameworks had sufficient README and prompt/rule file content for full 11-file analysis.
Cross-references discovered
- cursor-coding-agent-os → direct fork of
agent-osseed (buildermethods/agent-os) - cline-max → fork of
cline/clineupstream; upstream later adopted Plan/Act natively, making fork obsolete - cline-acp → adapter for
cline/clineCLI; archived when Cline added native ACP support - cline-spec-kit-workflows → integration layer over
github/spec-kit(referenced as seed in spec-kit seed entry) - roo-commander → designed to bridge Claude Code skills to Roo Code; references Claude Code's skills ecosystem
- windsurfrules-kinopeee → direct port of
cursorrules-kinopeee; the two repos are the same content in different IDE formats - rules-template-stackable → Memory Bank pattern shares structure with RooFlow's Memory Bank (independent parallel evolution)
- custom-modes-roo-code → includes
CLAUDE.mdand Claude Code-specific guidance alongside Roo Code primary format (multi-tool awareness)