| name | deploy-check |
| description | Pre-deployment validation checklist. Verifies environment variables, build output, database migrations, and dependency security before shipping. |
Pre-Deploy Check
Run a comprehensive pre-deployment validation to catch issues before they hit production. This skill checks environment configuration, build integrity, database state, and dependency security.
When to Use
Use this skill when:
- About to deploy to staging or production
- After merging a large feature branch
- Before tagging a release
- When CI passes but you want extra confidence
Instructions
-
Read the project template at ../../_references/project-template.md to understand the expected deployment configuration.
-
Check environment variables:
- Parse
.env.example or .env.template for required variables
- Verify each required variable is set in the target environment
- For production deploys, verify these are NOT set:
DEBUG=true
LOG_LEVEL=debug (should be info or warn)
NODE_ENV=development
- Check that
DATABASE_URL uses SSL in production (?sslmode=require or ?ssl=true)
- Verify API keys are not test/sandbox keys (check for
sk_test_, pk_test_ prefixes)
- Ensure
CORS_ORIGIN is set to the actual domain, not * or localhost
-
Validate the build:
-
Check database migrations:
- List pending migrations:
npx prisma migrate status or equivalent
- Flag if there are unapplied migrations
- Warn if any migration is destructive (DROP TABLE, DROP COLUMN, ALTER TYPE)
- Verify migration order matches the expected sequence
- Check that rollback migrations exist for every forward migration
-
Check dependencies:
- Run
npm audit --production and flag any high/critical vulnerabilities
- Verify
package-lock.json or pnpm-lock.yaml is committed and up to date
- Check for outdated major versions of critical dependencies
- Verify no
file: or link: dependencies exist in production
-
Check git state:
- Verify working directory is clean (
git status --porcelain)
- Verify current branch is the expected deploy branch
- Check that the branch is up to date with remote
- Verify the latest commit is not a WIP or fixup commit
-
Output a deployment report:
## Deploy Check: {environment}
| Check | Status | Details |
|----------------|--------|-----------------|
| Env Vars | ✅ | 12/12 set |
| Build | ✅ | 342KB gzipped |
| Migrations | ⚠️ | 1 pending |
| Dependencies | ✅ | 0 vulnerabilities |
| Git State | ✅ | Clean, up to date |
### Ready to deploy: YES / NO
Example Usage
Run a deploy check for production
Check if we're ready to deploy to staging