Menu
Pre-deployment verification checklist. Generates customized checklists based on tech-stack with rollback triggers. Auto-invoked by /draft:upload.
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Based on SOC occupation classification
| name | deploy-checklist |
| description | Pre-deployment verification checklist. Generates customized checklists based on tech-stack with rollback triggers. Auto-invoked by /draft:upload. |
You are generating a pre-deployment verification checklist customized to this project's technology stack.
When draft/graph/schema.yaml exists, this skill must follow the graph-first lookup contract in core/shared/graph-query.md §Mandatory Lookup Contract. Use the graph to validate module boundaries before the deploy:
scripts/tools/graph-impact.sh --repo . --file <path> to enumerate the modules affected — flag any module not declared in hld.md §Detailed Design as a deployment-scope miss.scripts/tools/cycle-detect.sh --repo . (and read draft/graph/architecture.json for the module overview) to ensure no fresh cycles were introduced after HLD sign-off.draft/graph/hotspots.jsonl — any hotspot in the diff escalates the Resiliency row of Phase 0.Filesystem grep is reserved for source-text scans (migration file names, flag-key strings). Module/impact discovery goes through the graph.
See shared red flags — applies to all code-touching skills.
Skill-specific:
Every deployment needs a rollback plan. No exceptions.
Before starting, capture the current git state:
git branch --show-current # Current branch name
git rev-parse --short HEAD # Current commit hash
Store this for the checklist header. The checklist is scoped to this specific branch/commit.
ls draft/ 2>/dev/null
If draft/ doesn't exist, this skill can still run standalone — generate a generic checklist.
Read and follow the base procedure in core/shared/draft-context-loading.md.
Canonical chain documented in core/shared/verification-gates.md. A single non-zero exit aborts the checklist and the output groups defects by validator.
TRACK_DIR="$1" # absolute path to track-under-deploy, or .
DRAFT_TOOLS="${DRAFT_PLUGIN_ROOT:-$HOME/.claude/plugins/draft}/scripts/tools"
[ -d "$DRAFT_TOOLS" ] || DRAFT_TOOLS="$HOME/.cursor/plugins/local/draft/scripts/tools"
[ -d "$DRAFT_TOOLS" ] || DRAFT_TOOLS="$PWD/scripts/tools"
"$DRAFT_TOOLS/check-track-hygiene.sh" "$TRACK_DIR" || rc=$?
"$DRAFT_TOOLS/verify-citations.sh" "$TRACK_DIR" || rc=$?
"$DRAFT_TOOLS/verify-doc-anchors.sh" "$TRACK_DIR" || rc=$?
"$DRAFT_TOOLS/check-graph-usage-report.sh" "$TRACK_DIR" || rc=$?
"$DRAFT_TOOLS/check-scope-conflicts.sh" "$TRACK_DIR/.." || rc=$?
"$DRAFT_TOOLS/diff-templates-vs-tracks.sh" "$TRACK_DIR" || rc=$?
After the chain runs, write the result into metadata.json:pre_deploy_status
(passing / failing / bypassed). The downstream checklist sections must
not be considered "ready to deploy" if pre_deploy_status != passing.
Check for arguments:
/draft:deploy-checklist — Interactive: detect active track or ask for service name/draft:deploy-checklist <service> — Generate checklist for named service/draft:deploy-checklist track <id> — Generate from track's change scopeIf a track is active: read draft/tracks/<id>/spec.md and plan.md for change scope.
draft/tech-stack.md — Identify deployment-relevant tech:
draft/workflow.md — Deployment conventions, toolchain (git)draft/.ai-context.md — Service topology, dependenciesdraft/tracks/<id>/hld.md and lld.md if present — these are the source of truth for HLD §Checklist (Performance, Scale, Security, Resiliency, Multi-tenancy, Upgrade, Cost, Flags), §Deployment, §Observability, and LLD §Alerting Thresholds. The deploy checklist validates they are populated.Generate a four-phase checklist customized to the project's tech stack. Adapt items based on what the project actually uses — omit irrelevant items (e.g., skip database items if there is no database) and add project-specific items discovered in context.
** blocker:** the HLD's §Checklist sections were the design-time commitment. If they are still empty at deploy time, the design was never validated against operational reality. This phase enforces that.
For criticality ∈ {high, mission-critical} (read from hld.md frontmatter classification.criticality), every row below MUST be checked before Phase 1 begins. For standard criticality, missing rows produce warnings but do not block. For low, this phase is informational.
HLD §Performance populated — QPS and p95 latency stated
HLD §Scale populated — horizontal scaling story documented; bottlenecks named
HLD §Security populated — credentials, RBAC, encryption answered
HLD §Resiliency populated — failure modes and graceful degradation described
HLD §Multi-tenancy populated — isolation, predictable performance, migration covered
HLD §Upgrade populated — backward compat, dependent service order, blast radius
HLD §Flags and Controlled Rollout populated — flag names, kill switches
HLD §Cost Implications populated — Cloud cost calculation included for SaaS deployments
HLD §Deployment populated — DP/CP platform call answered (on-prem / SaaS / Cloud Console / IBM cloud)
HLD §Observability populated — key metrics named with thresholds
HLD §Approvals table signed by Technical Leads and Architecture Review Board (and Cloud Operations if SaaS, QA if on-prem) — Date column populated
LLD §Alerting Thresholds table populated (when lld.md exists) — every metric has Threshold, Severity, Action
If any blocker row is empty for high/mission-critical: STOP. Do not generate Phases 1–3, do not run Step 5 (Save Output), and do not create the deploy-checklist.md file. Tell the developer: "HLD/LLD §[section] is empty for a [criticality] track. Fill it in hld.md / lld.md before deploy. Run /draft:decompose to refresh structural sections; author-driven sections must be filled manually."
If a partial file is needed for tracking, write it with status: BLOCKED in the frontmatter and _latest symlinks must NOT be updated — /draft:upload Step 2.5 detects status: BLOCKED and refuses to treat the file as a passing checklist.
npm audit / pip audit / equivalent)[specific rollback command] ready to executeInitiate rollback if ANY of these occur:
Present the checklist interactively. For each critical item (marked bold):
Allow the user to:
MANDATORY: Include YAML frontmatter with git metadata. Follow core/shared/git-report-metadata.md.
Include the report header table immediately after frontmatter:
| Field | Value |
|-------|-------|
| **Branch** | `{LOCAL_BRANCH}` → `{REMOTE/BRANCH}` |
| **Commit** | `{SHORT_SHA}` — {COMMIT_MESSAGE} |
| **Generated** | {ISO_TIMESTAMP} |
| **Synced To** | `{FULL_SHA}` |
Save to:
draft/tracks/<id>/deploy-checklist.mddraft/deploy-checklist-<timestamp>.md with symlink deploy-checklist-latest.mdTIMESTAMP=$(date +%Y-%m-%dT%H%M)
# Example: draft/deploy-checklist-2026-03-15T1430.md
ln -sf deploy-checklist-${TIMESTAMP}.md draft/deploy-checklist-latest.md
Before saving the checklist file, internally verify and report:
impact, cycles, modules).grep/find run, name the concept it searched for.If draft/graph/schema.yaml does not exist, set Graph files queried: NONE and use justification graph data unavailable.
Emit the canonical footer from core/shared/graph-usage-report.md §Canonical footer. The lint hook scripts/tools/check-graph-usage-report.sh validates the section on save.
/draft:upload (pre-upload verification)core/agents/ops.md for production-safety mindsetcore/shared/jira-sync.mdIf no tech-stack.md: Generate generic checklist with all items, note: "Customize after running /draft:init"
If no active track: Generate standalone checklist, ask which service/release
If no workflow.md: Use sensible defaults, recommend documenting deployment conventions
Performs an exhaustive 14-dimension bug hunt across the codebase using Draft context (architecture, tech-stack, product) for false-positive elimination. Generates a severity-ranked report with code evidence, data flow traces, and suggested fixes. Optionally writes regression tests. Use when the user asks to find bugs, audit code for defects, scan for vulnerabilities, or says 'hunt bugs', 'find bugs', or 'code audit'.
Structured debugging session. Reproduce, isolate, diagnose, and fix bugs using systematic investigation. Invoked by /draft:new-track for bug tracks or directly for ad-hoc debugging.
Decompose project or track into modules with dependency mapping. Project scope updates architecture.md and derives .ai-context.md. Track scope generates hld.md (always) and lld.md (when --lld or High-complexity module triggers it) — design-mandated artifacts that drive implement, deploy-checklist, and upload sign-off.
Single-module production readiness audit (ACID, resilience, observability). Use to audit one service/module end-to-end — NOT for diff/PR review (use review / quick-review) or bug-finding sweeps (use bughunt).
Lists Draft's canonical workflow commands, explains the Context-Driven Development flow (init, plan, implement, review), and recommends the appropriate next step. Use when the user asks about available Draft commands, needs help choosing a workflow step, or says 'what can Draft do', 'help', or 'show commands'.
Initialize or refresh the knowledge-graph snapshot for a repository. Ensures the codebase-memory-mcp engine is present (fetching it if needed), then builds draft/graph/ and reports engine, counts, hotspots, and cycles. Accepts an optional repo path.