ワンクリックで
rule-optimize
Workflow for modifying and benchmarking detection rules
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Workflow for modifying and benchmarking detection rules
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
Write-then-verify documentation pipeline. Use when a user asks to improve comments or docs, explain algorithms or design choices, write or upgrade docstrings, or raise documentation quality for a codebase (especially Rust crates). Writes docs, then automatically verifies every claim against code reality using a fresh agent to eliminate confirmation bias.
Use when you have code review findings, PR comments, or review reports that need to be systematically addressed — especially when there are multiple findings across different files and severities
Use when creating any beads task — auto-researches the codebase, links related tasks, and produces a rich self-contained description from a structured template. Accepts minimal intent and outputs a complete task ready for agent implementation.
Use when you have code review findings, PR comments, or review reports that need to be systematically addressed — especially when there are multiple findings across different files and severities
Use when a task needs an implementation plan that is iteratively created and stress-tested through review-and-revise cycles before implementation begins — catches blind spots, incorrect codebase assumptions, unnecessary complexity, and performance pitfalls while changes are still cheap
Use when a markdown plan file exists and needs validation before implementation — catches design flaws, logic holes, footguns, unnecessary complexity, and performance concerns while changes are still cheap
| name | rule-optimize |
| description | Workflow for modifying and benchmarking detection rules |
Use after modifying rules in default_rules.yaml (loaded by src/rules/).
cargo test to verify no regressionsRUSTFLAGS="-C target-cpu=native" cargo build --release./target/release/scanner-rs ../linux ../gitleaks ../tigerbeetle ../trufflehog
When adding or modifying rules:
sgp_, hvs., AKIA) over service name keywords[a-fA-F0-9]{40} that match git SHAscargo bench --bench rule_isolation -- <rule_id>.* followed by greedy quantifiersBefore making changes, capture baseline:
# Run 3x and record median throughput
for i in 1 2 3; do
./target/release/scanner-rs ../linux 2>&1 | tail -1
done
After changes, compare:
# Calculate % change
# Acceptable: <2% regression
# Investigate: 2-5% regression
# Block: >5% regression without justification
bench-compare - Criterion benchmark comparisonperf-regression - Full performance regression workflowtest-strategy - Choose testing approach for rule changes