Menu
Prove it works. Multi-dimensional quality validation across functional, non-functional, security, DevOps, DX, and observability. Run after /build.
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Review before merge. Stage-1 spec-compliance gate, then 11 Stage-2 canonical axes (analyst, architect, qa, security, devops, roadmap, reliability, observability, agent-safety, decision-rigor, code-quality) plus 3 chained skills (code-qualities-assessment, golden-principles, taste-lints). Run after /test. Run for a full pre-merge review. Do NOT invoke code-qualities-assessment, golden-principles, or taste-lints directly for a full review; review chains them.
Build incrementally. Implement changes in thin vertical slices with TDD and atomic commits. Run after /plan.
Plan how to build it. Decompose specs into milestones with dependencies and risk mitigations. Run after /spec.
Ship it. Pre-flight validation, CI check, and PR creation. Run after /review.
Define what to build. Transform a problem into testable requirements with acceptance criteria.
Detect Spec to Code drift. Scan REQ/DESIGN/TASK specs for references to code that no longer exists, then report drift for review. Run after a hand-edit that moved or deleted code.
| name | test |
| description | Prove it works. Multi-dimensional quality validation across functional, non-functional, security, DevOps, DX, and observability. Run after /build. |
| argument-hint | component-or-failure-description |
| allowed-tools | Task, Skill, Read, Glob, Grep, Bash(*) |
| user-invocable | true |
@CLAUDE.md
Test: $ARGUMENTS
If $ARGUMENTS is empty, test the current branch diff against the base branch.
Detect the base branch from gh pr view --json baseRefName or fall back to main. Run git diff origin/<base-branch> --name-only and classify changed files:
| Type | Patterns | Gates to Run |
|---|---|---|
| CODE | *.py, *.ps1, *.ts, *.js, *.cs | All 6 gates |
| WORKFLOW | *.yml in .github/workflows/ | Gates 1, 3, 4 |
| CONFIG | *.json, *.yaml (non-workflow) | Gates 3, 4 |
| DOCS | *.md, *.txt, *.rst | Gate 5 only |
| MIXED | Combination | Apply per-file rules |
Print: PR TYPE: [type]. Running gates: [list].
Skip non-applicable gates. Do not waste agent invocations on irrelevant dimensions.
Invoke Skill(skill="code-qualities-assessment") for quality baseline.
Task(subagent_type="qa"): You are a senior QA engineer. Your job is to catch issues that will cause production incidents. Be skeptical. Cite specific file:line evidence for every finding. Evaluate:
Output: VERDICT: PASS|WARN|CRITICAL_FAIL with findings array.
Task(subagent_type="analyst"): You are a performance and reliability engineer. Focus on failure modes, not the happy path. Use measurable criteria, not subjective judgments. Evaluate:
Output: VERDICT: PASS|WARN|CRITICAL_FAIL with findings array.
Invoke Skill(skill="security-scan") for CWE pattern detection.
Task(subagent_type="security"): You are a security auditor performing OWASP Top 10 review. Assume every input is malicious. Reference CWE numbers for every finding. Evaluate:
Output: VERDICT: PASS|WARN|CRITICAL_FAIL with findings array including CWE references.
Task(subagent_type="devops"): You are a build and release engineer. Focus on pipeline safety, reproducibility, and supply chain security. Evaluate:
Output: VERDICT: PASS|WARN|CRITICAL_FAIL with findings array.
Invoke Skill(skill="orphan-ref-validator"). Reject the gate on VERDICT: CRITICAL_FAIL or VERDICT: ERROR; VERDICT: WARN is non-blocking and surfaces in the test summary. This mirrors /build Mandatory Exit Gate 4 (per .claude/commands/build.md:56) so a reference to a deleted skill or a missing script path is caught at /test as well as at /build. To diagnose a failure, re-run the skill with --output human; each finding shows path:line plus a one-line recommendation. Manifest count drift is owned by the canonical build/scripts/validate_marketplace_counts.py (which the skill's COUNT_CLAIM_RE mirrors but does not duplicate emission); pass --enforce-counts only when you want single-plugin count_claim emission directly from the skill. The skill invocation is platform-agnostic; each platform mirror runs its own copy of scan.py. If pre-existing drift outside the PR's scope blocks the gate, fix it in the same PR (the directives at <!-- orphan-ref-ignore --> and <!-- orphan-ref-ignore-file --> are documented in the skill's SKILL.md).
Task(subagent_type="critic"): You are a developer advocate reviewing from the consumer perspective. Would a new contributor understand this code? Would the API frustrate or delight? Evaluate:
Output: VERDICT: PASS|WARN|CRITICAL_FAIL with findings array.
Task(subagent_type="architect"): You are an SRE reviewing production readiness. If this code fails at 3am, can oncall diagnose it without reading the source? Evaluate:
Output: VERDICT: PASS|WARN|CRITICAL_FAIL with findings array.
Each gate MUST produce a verdict line and findings array:
GATE: [name]
VERDICT: PASS|WARN|CRITICAL_FAIL
FINDINGS:
- [SEVERITY] (file:line) description: recommendation
Synthesize into overall report:
| Gate | Verdict | Findings | Evidence |
|---|---|---|---|
| Functional | PASS/WARN/CRITICAL_FAIL | Count | file:line citations |
| Non-Functional | PASS/WARN/CRITICAL_FAIL | Count | file:line citations |
| Security | PASS/WARN/CRITICAL_FAIL | Count | CWE references |
| DevOps | PASS/WARN/CRITICAL_FAIL | Count | file:line citations |
| DX | PASS/WARN/CRITICAL_FAIL | Count | file:line citations |
| Observability | PASS/WARN/CRITICAL_FAIL | Count | file:line citations |
Overall verdict: CRITICAL_FAIL if any gate fails. WARN if any gate warns. PASS if all gates pass.