| name | pre-agent-task |
| description | Advisory pre-flight check before multi-step AI agent tasks that will modify code or infrastructure. Use before delegating any multi-step task to an AI agent (Claude subagent, Codex, CI automation, or similar) that will touch module source files, databases, queues, or shared resources. Also use when starting any agentic session that will write to production infrastructure, when the task plan includes deletion, recreation, or schema changes, or any time you hear "run an agent on", "have Claude handle", "automate this across modules", or "let the agent figure it out". Reads MODULE_MANIFEST.md for affected modules, cross-checks planned operations against permitted/restricted operations and DECISION_LOG.md warnings, and produces an advisory checklist before the task begins. Advisory only — does not block. Invoke as /pre-agent-task or /pre-agent-task --modules path/to/a path/to/b
|
/pre-agent-task
Advisory pre-flight check for multi-step agent tasks. This skill catches the obvious mismatches between what an agent plans to do and what the affected modules say is safe — before the agent runs, not after.
What this is catching
Structural dark code — agent-assembled runtime behavior nobody designed — is the hardest category to detect. But a meaningful subset of agent risk is knowable in advance: if a module's MODULE_MANIFEST.md says a resource is persistent and the agent's task plan includes deleting it, that conflict is detectable right now. This skill makes that check.
It cannot observe what the agent does at runtime. It catches declared intent mismatches, not emergent behavior. It is advisory — it will not stop the agent from running. But it gives the engineer the chance to catch the obvious problems before they become incidents.
Arguments
- (none) — asks for the task description interactively
--modules path/to/a path/to/b — pre-specify which modules the agent will touch
Phase 1: Get the task description
If --modules was not provided, ask:
Describe the agent task:
1. What will the agent do? (In plain language — create, modify, delete what?)
2. Which modules or directories will it touch?
3. Will it modify any databases, queues, caches, or other shared resources?
4. Is this a destructive or reversible operation?
If --modules was provided, still ask questions 1 and 3 to understand the operation types.
Phase 2: Read MODULE_MANIFEST.md for affected modules
For each mentioned module, read its MODULE_MANIFEST.md. Look specifically for:
- Agent Access section — what operations are permitted/restricted for agents
- Persistent resources table — resources that must not be deleted/recreated without confirmation
- Agent warning — free-text warning for AI agents
If MODULE_MANIFEST.md doesn't exist for a module, note this explicitly:
⚠ No MODULE_MANIFEST.md for [module]. Agent will operate on undocumented territory.
Run /context-layer-generator on this module before the agent task if possible.
Phase 3: Read DECISION_LOG.md Warning fields
For each module, read DECISION_LOG.md. Look for Warning fields that:
- Mention the type of operation the agent will perform
- Reference resources the agent will touch
- Include phrases like: "do not modify", "treat as load-bearing", "requires coordination", "original author departed", "any change"
If no DECISION_LOG.md exists: note it, but don't block.
Phase 4: Cross-check planned operations
For each module, compare the planned operations against:
- Permitted operations in the Agent Access section
- Restricted operations in the Agent Access section
- Persistent resources — does the plan include deleting or recreating any of them?
- DECISION_LOG.md warnings
Classify each finding:
- CONFLICT — the planned operation is explicitly restricted or would affect a listed persistent resource. Output with ⛔.
- WARNING — a DECISION_LOG.md warning is relevant to the planned operation. Output with ⚠.
- INFO — the module has no Agent Access section (operation is undeclared but not explicitly restricted). Output with ℹ.
Phase 5: Produce the advisory checklist
Pre-agent task check complete.
Modules reviewed: [list]
[For each CONFLICT:]
⛔ CONFLICT — [module]:
The planned task includes [operation].
MODULE_MANIFEST.md marks [resource] as persistent:
"[Why persistent field]"
Do not proceed without:
1. [specific action required]
2. Running /comprehension-gate on the planned changes
[For each WARNING:]
⚠ WARNING — [module]:
"[DECISION_LOG.md warning text]"
This warning is relevant because: [why it applies to this task]
[For each INFO:]
ℹ INFO — [module] has no Agent Access section in MODULE_MANIFEST.md.
The agent will operate without declared permissions for this module.
Consider adding an Agent Access section before this task.
[Summary:]
Planned operations: [list]
Conflicts: [N] — must resolve before proceeding
Warnings: [N] — review before proceeding
Undeclared modules: [N]
[If no conflicts or warnings:]
No conflicts or warnings detected. The planned task appears consistent with documented
module permissions and decision log entries.
After the check
If there are CONFLICTs, say explicitly:
Do not start the agent task until conflicts are resolved.
To resolve: modify the task plan to exclude the conflicting operations, or
update MODULE_MANIFEST.md to explicitly permit them after human review.
If there are no conflicts, end with:
You may proceed with the agent task.
After the task completes, run /comprehension-gate to review the changes before merging.
Limits
This skill is advisory only. It:
- Cannot prevent an agent from running
- Cannot observe what the agent actually does at runtime
- Only catches mismatches between the declared task plan and documented module expectations
- Does not catch emergent behavior the agent decides to take that wasn't in the original plan
