// Prepares code for a pull request by running linting (ruff), tests, security scans (bandit), and dependency checks (pip-audit). Use when ready to create a PR or before committing changes. Use when this capability is needed.
[HINT] Download the complete skill directory including SKILL.md and all related files
| name | prepare-pr |
| description | Prepares code for a pull request by running linting (ruff), tests, security scans (bandit), and dependency checks (pip-audit). Use when ready to create a PR or before committing changes. Use when this capability is needed. |
| metadata | {"author":"partarstu"} |
This skill provides a comprehensive workflow to prepare your code for a pull request. It runs all CI checks locally, fixes any issues, and creates a well-documented pull request.
IMPORTANT: This workflow should proceed autonomously when steps complete successfully. Only stop and involve the user when:
When user intervention IS needed, you MUST:
Do NOT ask for confirmation on routine steps that complete successfully (e.g., linting fixes applied, tests passing).
The workflow:
main branch and updates README documentationtemp branch from main with all changes squashed into a single committemp branchEnsure the following tools are installed:
ruff - Python linterbandit - Security scannerpip-audit - Dependency vulnerability checkerpytest - Test runnergh - GitHub CLI (for creating PRs)Run the ruff linter to check for code style and quality issues:
# First, check for issues
ruff check . --output-format=github
# Auto-fix all fixable issues
ruff check . --fix
# Also run the formatter
ruff format .
If there are unfixable issues that ruff reports:
ruff check . until no issues remainRun the complete test suite:
pytest tests/ -v
If any tests fail:
pytest tests/ -v until all tests passFor running tests with coverage (as in CI):
pytest tests/ --cov=. --cov-report=term-missing -v
Run the bandit security scanner:
bandit -r . -x ./tests,./orchestrator/ui,./.venv -f txt
Review any security findings:
If any High or Medium severity issues are found:
# nosec comments based on user guidanceCommon fixes:
secrets module instead of randomCheck for known vulnerabilities in dependencies:
pip-audit --desc
If vulnerabilities are found:
requirements.txt and re-run pip-audit --descThis step ensures the README and other documentation accurately reflect the current state of the code.
# Fetch latest main branch
git fetch origin main
# Get the current branch name
git branch --show-current
# Generate comprehensive diff against main
git diff origin/main...HEAD
Review the diff thoroughly and categorize all changes into:
| Category | Description | Examples |
|---|---|---|
| Features | New functionality added | New endpoints, new agents, new commands |
| Bug Fixes | Issues that were resolved | Error handling fixes, logic corrections |
| Refactoring | Code improvements without behavior changes | Renaming, restructuring, optimization |
| Tests | New or updated tests | Unit tests, integration tests |
| Documentation | README, docstrings, comments | Updated docs, new examples |
| Dependencies | Added, removed, or updated packages | requirements.txt changes |
| Configuration | Changes to config files, CI/CD | cloudbuild.yaml, ci.yml changes |
Document this analysis - it will be used for both README updates and PR description.
Based on the analysis, update the README.md to reflect the current state of the code:
# View current README
cat README.md
If README updates are needed:
Note: Only stop and ask the user if there are complex documentation decisions (e.g., major restructuring, unclear how to document a feature).
If no README updates are needed (e.g., only internal refactoring), proceed to the next step.
Review the changes to determine if any existing skills in .agent/skills/ need to be updated:
# List all available skills
Get-ChildItem -Path ".agent/skills" -Directory | Select-Object Name
For each skill, consider whether the changes affect:
| Skill Component | When to Update |
|---|---|
| SKILL.md | Workflow steps changed, new prerequisites, updated commands |
| resources/ | Templates, configuration files, or reference docs changed |
| scripts/ | Helper scripts modified or new automation added |
| examples/ | Code patterns changed, new examples needed |
Skill Update Checklist:
Review affected skills: Identify which skills are impacted
Verify skill accuracy: For each potentially affected skill:
# View the skill's main instruction file
cat ".agent/skills/<skill-name>/SKILL.md"
# Check if skill has supporting directories
Get-ChildItem -Path ".agent/skills/<skill-name>" -Recurse
Update skill contents if needed:
If no skill updates are needed (e.g., changes don't affect documented patterns), explicitly note this and proceed.
After all checks pass and documentation is updated, show the user all modifications made:
# Show summary of changed files
git status
# Show detailed diff of all changes
git diff
# Show diff with staging area if files are already staged
git diff --cached
Present a summary of the changes made:
"I've made the following changes:
- [List of linting fixes]
- [List of test fixes, if any]
- [List of security fixes, if any]
- [List of documentation updates, if any]
Proceeding to commit these changes."
Note: Only stop and wait for user approval if there were significant manual fixes, controversial changes, or if the user previously indicated they want to review before committing.
If the user requests modifications:
After all checks pass, stage, commit, and push all changes:
# Stage all changes
git add -A
# Commit with a descriptive message
git commit -m "chore: fix linting errors and update code quality"
# Push the branch to remote (backup before branch manipulation)
git push -u origin HEAD
You may need separate commits for different types of changes:
chore: fix ruff linting errors - For pure formatting/linting fixesfix: resolve security issues detected by bandit - For security fixeschore: update dependencies for security patches - For dependency updatesfix: resolve failing unit tests - For test fixesdocs: update README with latest changes - For documentation updatesThis step creates a clean branch from main with all your changes squashed into a single commit. This ensures a clean PR history.
# Store the current branch name for later deletion
$currentBranch = git branch --show-current
# Fetch latest main branch
git fetch origin main
# Create and switch to a new temp branch from main
git checkout -b temp origin/main
# Squash merge all changes from the original branch
git merge --squash $currentBranch
# Commit with the standard PR preparation message (no description)
git commit -m "PR preparation"
# Push the temp branch to remote
git push -u origin temp
# Delete the original branch locally
git branch -D $currentBranch
# Delete the original branch from remote (if it was pushed)
git push origin --delete $currentBranch 2>$null
Note: From this point forward, all actions will be performed on the temp branch. The original branch has been deleted.
Using the change analysis from Step 4, create the pull request from the temp branch.
# Confirm current branch is temp
git branch --show-current
Create the PR using GitHub CLI:
# Create the PR with title and body
gh pr create --title "<short summary of changes>" --body "<detailed description>"
PR Title Guidelines:
feat: for new featuresfix: for bug fixesrefactor: for code refactoringchore: for maintenance tasksdocs: for documentation updatesPR Body Template (use the analysis from Step 4):
š Template: resources/pr_body_template.md
ruff check . --fix --select I for import-only fixespytest-asyncio, etc.)# nosec comment with justification if the finding is a false positivegh auth login to authenticate with GitHubgit push -u origin HEADgit rebase origin/main before creating PRBefore creating the PR, ensure:
ruff check . returns no errorsruff format . --check returns no formatting issuespytest tests/ -v - all tests passbandit - no high/medium security issues (or they're documented)pip-audit - no critical vulnerabilities (or they're documented)Converted and distributed by TomeVault ā claim your Tome and manage your conversions.