Run any Skill in Manus with one click

rule-optimize

Stars1

Forks0

UpdatedApril 2, 2026 at 03:56

Use when adding or modifying rules in default_rules.yaml, when benchmarking rule performance against test corpuses, or when validating regex anchors and keyword choices. Detection rule edit-bench-compare workflow.

Installation

Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.

Run Skill in Manus

Source

ahrav

ahrav/Gossip-rs

View GitHub Repository View Creator Repositories

Download

Run Skill in Manus

Related occupationsSOC

Based on SOC occupation classification

Software DevelopersComputer and Mathematical Occupations·SOC 15-1252

SKILL.md

readonly

name	rule-optimize
description	Use when adding or modifying rules in default_rules.yaml, when benchmarking rule performance against test corpuses, or when validating regex anchors and keyword choices. Detection rule edit-bench-compare workflow.
user-invocable	true

Rule Optimization Workflow

Use after modifying rules in crates/scanner-engine/default_rules.yaml (loaded by crates/scanner-engine/src/rules/).

Checklist

Run cargo test to verify no regressions
Build release: RUSTFLAGS="-C target-cpu=native" cargo build --release
Benchmark against test repos (optional external corpuses):
```
./target/release/scanner-rs ../linux ../gitleaks ../tigerbeetle ../trufflehog
```
Note: ../linux, ../gitleaks, ../tigerbeetle, ../trufflehog are external test corpus directories. They are optional and must be cloned separately if not already present.
Compare throughput/findings against baseline
Document anchor/keyword choice if non-obvious (add inline comment)

Pattern Guidelines

When adding or modifying rules:

Anchors

Prefer structured prefixes (sgp_, hvs., AKIA) over service name keywords
Avoid generic patterns like [a-fA-F0-9]{40} that match git SHAs
Add inline comments explaining non-obvious anchor/keyword choices

Performance

Test rule isolation: cargo bench --bench rule_isolation -- <rule_id>
Check for backtracking: avoid .* followed by greedy quantifiers
Prefer character classes over alternation when possible

Validation

Ensure validators don't make network calls in hot paths
Use entropy checks for high-entropy secrets
Add checksum validation where applicable (AWS keys, etc.)

Baseline Comparison

Before making changes, capture baseline:

# Run 3x and record median throughput
for i in 1 2 3; do
  ./target/release/scanner-rs ../linux 2>&1 | tail -1
done

After changes, compare:

# Calculate % change
# Acceptable: <2% regression
# Investigate: 2-5% regression
# Block: >5% regression without justification

Key Paths

Item	Path
Default rules YAML	`crates/scanner-engine/default_rules.yaml`
Rules module	`crates/scanner-engine/src/rules/`
Release binary	`./target/release/scanner-rs` (from scanner-rs-cli)

Related Skills

/bench-compare - Criterion benchmark comparison
/perf-regression - Full performance regression workflow
/test-strategy - Choose testing approach for rule changes

More from this repository

same repository

merge-reviews

ahrav/Gossip-rs

Consolidate all /review-capture drop files for the current branch into a single verified, deduplicated, conflict-annotated merged plan. Verifies each finding against HEAD (discarding stale ones), merges duplicates across reviewers, flags conflicting suggested fixes, groups findings into execution waves by file ownership, and deletes the individual drop files on success. Run after all parallel review terminals have completed.

2026-04-221

review-capture

ahrav/Gossip-rs

Wrapper skill that invokes any review skill/command and captures its findings into a structured YAML drop file under .claude/review-drops/<branch>/. Use when running parallel code reviews across multiple terminals (each terminal captures one reviewer's output) so a later /merge-reviews pass can dedup, verify, and consolidate before execution. Accepts any target review skill (e.g. ce:review, multi-reviewer-patterns, asm-forge, review-pipeline, perf-pipeline, cache-correctness-review, security-reviewer, etc.).

2026-04-221

create-task

ahrav/Gossip-rs

Use when creating any beads task — auto-researches the codebase, links related tasks, and produces a rich self-contained description from a structured template. Accepts minimal intent and outputs a complete task ready for agent implementation.

2026-04-201

review-pipeline

ahrav/Gossip-rs

Use when you want review AND automated fixes in one pass, when /review-dispatch alone would leave findings unaddressed, or before merging a feature branch that needs thorough diagnosis and remediation. Two-phase diagnose-then-fix pipeline.

2026-04-201

review-task

ahrav/Gossip-rs

Use when a beads task exists and needs validation before implementation — verifies codebase references, identifies edge cases and design flaws, assesses scope and feasibility, splits oversized tasks, dispatches domain-specific skills (test-strategy, unsafe-review, dist-sys-auditor, simd-optimize, asm-forge, performance-analyzer, security-reviewer, interface-design-review, sim-review, safe-over-unsafe) for specialized enrichment, and dispatches /deep-research or /deeper-research for ambiguous areas. The complement of /create-task — ensures tasks are buttoned up and ready for mechanical implementation.

2026-04-201

task-forge

ahrav/Gossip-rs

Use when creating implementation-ready beads tasks that need testing strategy, optimal implementation approach, and documentation requirements baked in — composes /create-task with parallel enrichment agents that analyze the codebase and produce concrete test specifications, algorithm/data-structure guidance, and doc quality standards so implementing agents don't need to re-research

2026-04-201

name	rule-optimize
description	Use when adding or modifying rules in default_rules.yaml, when benchmarking rule performance against test corpuses, or when validating regex anchors and keyword choices. Detection rule edit-bench-compare workflow.
user-invocable	true

Rule Optimization Workflow

Use after modifying rules in crates/scanner-engine/default_rules.yaml (loaded by crates/scanner-engine/src/rules/).

Checklist

Run cargo test to verify no regressions
Build release: RUSTFLAGS="-C target-cpu=native" cargo build --release
Benchmark against test repos (optional external corpuses):
```
./target/release/scanner-rs ../linux ../gitleaks ../tigerbeetle ../trufflehog
```
Note: ../linux, ../gitleaks, ../tigerbeetle, ../trufflehog are external test corpus directories. They are optional and must be cloned separately if not already present.
Compare throughput/findings against baseline
Document anchor/keyword choice if non-obvious (add inline comment)

Pattern Guidelines

When adding or modifying rules:

Anchors

Prefer structured prefixes (sgp_, hvs., AKIA) over service name keywords
Avoid generic patterns like [a-fA-F0-9]{40} that match git SHAs
Add inline comments explaining non-obvious anchor/keyword choices

Performance

Test rule isolation: cargo bench --bench rule_isolation -- <rule_id>
Check for backtracking: avoid .* followed by greedy quantifiers
Prefer character classes over alternation when possible

Validation

Ensure validators don't make network calls in hot paths
Use entropy checks for high-entropy secrets
Add checksum validation where applicable (AWS keys, etc.)

Baseline Comparison

Before making changes, capture baseline:

# Run 3x and record median throughput
for i in 1 2 3; do
  ./target/release/scanner-rs ../linux 2>&1 | tail -1
done

After changes, compare:

# Calculate % change
# Acceptable: <2% regression
# Investigate: 2-5% regression
# Block: >5% regression without justification

Key Paths

Item	Path
Default rules YAML	`crates/scanner-engine/default_rules.yaml`
Rules module	`crates/scanner-engine/src/rules/`
Release binary	`./target/release/scanner-rs` (from scanner-rs-cli)

Related Skills

/bench-compare - Criterion benchmark comparison
/perf-regression - Full performance regression workflow
/test-strategy - Choose testing approach for rule changes