원클릭으로
verify-layers
Audit import dependencies in packages/game to verify they comply with the layered architecture rules
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Audit import dependencies in packages/game to verify they comply with the layered architecture rules
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Write cutting-edge and modern native CSS. Apply this skill whenever writing, reviewing, or refactoring CSS for components, layouts, design systems, or theming, even if the user doesn't say "modern CSS" explicitly. Covers a self-contained design-token scale (color, size, shadow, ease, type), cascade layers (@layer), @scope for component isolation (donut scopes, :scope specificity, scoping proximity), container queries, :has(), OKLCH/color-mix, native nesting, subgrid, fluid typography via clamp(), scroll-driven animations, logical properties, and concrete native replacements for SCSS mixins, maps, and variables.
Apply this skill whenever the task involves web security: writing or auditing HTTP security headers, configuring CSP, CORS, HSTS, or Permissions-Policy, sanitising untrusted HTML (Sanitizer API / DOMPurify), implementing Trusted Types to prevent DOM-XSS, setting up the Reporting API to capture CSP/COEP/deprecation violations, hardening cookies (SameSite, HttpOnly, Secure, Partitioned), implementing WebAuthn / Credential Management, using Web Crypto for client-side cryptography, or auditing code for XSS, CSRF, clickjacking, MIME-sniffing, mixed content, or cross-origin data leakage. Triggers on keywords: XSS, CSRF, CSP, CORS, HSTS, SameSite, innerHTML, eval, Trusted Types, Sanitizer, ReportingObserver, WebAuthn, cross-origin, clickjacking, Content-Security-Policy, Referrer-Policy, Permissions-Policy, subresource integrity, cookie security, secure context, same-origin, mixed content.
Patterns for invoking the GitHub CLI (gh) from agents. Covers structured output, pagination, repo targeting, search vs list, gh api fallback.
Audit and update durable architecture guidance after a cross-layer implementation, file move, package boundary change, coverage config change, or SDTE feature. Use when agent needs to reconcile AGENTS.md, package AGENTS.md files, local .agents/skills, older specs, dynamic imports, and test or coverage configuration with the architecture that was actually implemented.
Run the Spec → Design → Tasks → Execution workflow for non-trivial work — produces /specs/<feature>/{spec,design,tasks}.md, drives atomic per-task execution, and ends with a Review phase. Invoke when starting a new package, new game system, GameState shape change, or any change touching > 3 files or crossing a layer boundary.
Best practices for building scalable plain Web Components without turning custom elements into “god objects”. Provides patterns that keep Web Components modular, reusable, maintainable, and focused on UI concerns.
| name | verify-layers |
| description | Audit import dependencies in packages/game to verify they comply with the layered architecture rules |
Use when you want to audit or enforce the layered architecture dependency rules before committing.
core/ — zero imports (fully dependency-free)
state/ — imports core/ only
input/ — imports core/ + state/ only
render/ — imports core/ + state/ only
effects/ — shell wiring over core/state/input/render plus allowed workspace utilities
No circular dependencies. No upward dependencies (e.g. core/ must never import from state/).
@bruff/utils imports are allowed from any layer for shared pure helpers and types. log() from @bruff/utils is shell-only: it may be imported by effects/ or the entry point, but not by core/, state/, input/, or render/. @bruff/utils/dom imports are browser-shell utilities and are allowed only from effects/ or tests for effects-layer code. Production code should not call console.* directly; console forwarding is handled by the logging event bus sink.
Search packages/game/lib/ (and sub-directories) for import violations:
# Check that core files import nothing from the project
grep -rn "from \"\.\." packages/game/lib/core/
# Check inner layers for upward imports
rg 'from "\\.\\.' packages/game/lib/state packages/game/lib/render packages/game/lib/input
# Check for circular dependencies using madge (if available)
npx madge --circular packages/game/lib/
For each violation found, report:
core/ imports from any project pathstate/ imports from input/, render/, or effects/core/, state/, input/, or render/ imports log from @bruff/utilscore/, state/, input/, or render/ imports from @bruff/utils/domrender/project-render-commands.ts projects GameState to RenderCommand values without DOM or Canvas accesseffects/execute-render-command.tseffects/clock.ts is the only production file that reads performance.now()window.__bruffTestApi is attached only behind the __BRUFF_TEST_MODE__ / isTestMode() gateconsole.* outside the event-bus console sink@bruff/utils root imports are universal helpers or shell-approved log() importseffects/, entry point)