菜单
Use for Bash 5.2+/5.3 scripts, shell CLIs, entrypoints, CI jobs, cron, text-processing pipelines, ShellCheck remediation, and shell reviews. Enforces strict mode, dispatch-table routing, fork-minimal primitives, atomic I/O, signal-safe cleanup, and pragmatic functional shell patterns.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Enforces C# + LanguageExt functional/ROP style, type discipline, runtime-record effects, Scrutor composition, and module organization standards. Use when writing, editing, reviewing, refactoring, or debugging .cs modules, implementing domain models, sealed DU hierarchies, Eff/Fin/Validation pipelines, or configuring .csproj, analyzers, or DI.
Use for PostgreSQL 18 SQL, migrations, DDL, functions, RLS policies, indexes, query plans, extensions, and SQL embedded in TypeScript via @effect/sql-pg. Enforces set-algebraic queries, schema-level invariants, current PostgreSQL features, extension-first design, tenant security, observability, and migration safety.
Enforces Python + expression style, type discipline, error handling, concurrency, and module organization standards. Use when writing, editing, reviewing, refactoring, or debugging .py/.pyi modules, implementing domain models, ROP pipelines, Protocol-driven services, or configuring pyproject.toml, Ruff, or ty.
Enforces TypeScript + Effect functional/ROP style, type discipline, polymorphic surfaces, and module organization standards. Use when writing, editing, reviewing, refactoring, or debugging .ts/.tsx modules, implementing domain models, Effect services, persistence adapters, or boundary handlers, or configuring TypeScript, Effect, or lint/type-check posture.
Generates and validates project documentation: READMEs, ADRs, changelogs, ARCHITECTURE.md, and code documentation. Use when creating, updating, or reviewing any non-code markdown artifact, README file, architecture decision record, ARCHITECTURE document, CHANGELOG entry, or code documentation (docstrings, XML docs, TSDoc). Activates for: (1) scaffolding README, CHANGELOG, ADR, CONTRIBUTING, ARCHITECTURE, or SECURITY files; (2) writing or reviewing doc comments on exported APIs; (3) auditing documentation coverage or staleness; (4) generating release notes from commit history.
Generates dense law-driven test suites for Effect modules via algebraic PBT using Vitest, @effect/vitest, fast-check. Enforces 175 LOC cap, 95% per-file coverage, mutation kill-ratio via Stryker. Use when writing/reviewing spec files, adding coverage, generating property tests, debugging flakes, or scaffolding unit/integration/E2E tests from templates.
| name | coding-bash |
| description | Use for Bash 5.2+/5.3 scripts, shell CLIs, entrypoints, CI jobs, cron, text-processing pipelines, ShellCheck remediation, and shell reviews. Enforces strict mode, dispatch-table routing, fork-minimal primitives, atomic I/O, signal-safe cleanup, and pragmatic functional shell patterns. |
Dictum: Functional patterns and strict mode produce maintainable shell automation.
All code follows five governing principles:
printf -v, $(<file), EPOCHSECONDS, fork-free ${ } substitution (5.3), BASH_MONOSECONDS monotonic timing, mapfile over subshell patternsrg/fd/jq/sd/choose/mlr over sed/grep/find/cut when availablelocal -r for all non-mutating function locals, readonly for module-level constants. Mutable state only for argument parsing — frozen via readonly in _main before core logicdeclare -Ar for O(1) command routing, two-dimensional verb:resource keyed dispatch, option metadata, validation rules, log-level gating, env contract validation (regex patterns per env var). case/esac reserved exclusively for glob/regex pattern matching — never conditional routinglocal -n). No global reads except readonly constants. Side effects isolated to _main, trap handlers, cleanup registries, and explicitly marked shell boundary loops_OPT_META with short|long|desc|VALUE_NAME|default entries generates _usage programmatically. One table entry + one case branch per option_use() registers middleware functions into _MIDDLEWARE array; _run_with_middleware() executes the chain before handler dispatch. Argument parsing in 3 composable phases — subcommand dispatch (O(1) table lookup), flag parsing (case/esac), positional collection${var:-default} over if-empty checks, ${var:?message} over assert-not-empty, (( expr )) over test, parameter expansion over external commandsprintf -v var '%(%F %T)T' -1 over $(date), $(<file) over $(cat file), EPOCHSECONDS/EPOCHREALTIME over $(date +%s), mapfile over while read loops, BASH_REMATCH over grep -oPmktemp + write + mv (rename is atomic on same filesystem). umask 077 before mktemp for sensitive data. Dynamic FDs via exec {fd}>fileEcosystem tool selection — prefer modern alternatives when available:
| [TASK] | [PREFERRED] | [FALLBACK] | [NEVER] |
|---|---|---|---|
| File search | fd | find | ls -R |
| Content search | rg | grep -rn | find -exec grep |
| JSON | jq | python3 -c | sed/awk on JSON |
| YAML | yq eval | python3 -c | sed on YAML |
| CSV/TSV | mlr | awk -F | cut for multi-field |
| Stream edit | sd | sed | awk for simple sub |
| Column select | choose | awk '{print $N}' | cut -d |
| Interactive JSON | jnv | jq | -- |
Selection rules:
command -v before use; fall back gracefullyrg/fd integrate with .gitignore by default — prefer for repo-aware searchesjq is mandatory for JSON — never parse JSON with sed/awk/grepmlr handles format conversion (CSV to JSON, TSV to JSON) nativelyawk program over chained grep | sed | cutVariable discipline
local -r for all non-mutating function locals. readonly for all module-level constants.readonly in _main before core logic.declare -Ar for all dispatch tables, option metadata, and lookup maps.local -n (nameref) for passing arrays to functions — never eval or indirect expansion._ext "$item" key) and write via printf -v "$2" or local -n — callers pass a name, never $(). Multi-return via multiple namerefs (e.g., _project_meta "$slug" name created).UPPER_SNAKE for constants/env, lower_snake for locals/functions, _ prefix for internal functions.Control flow
case/esac for pattern matching (globs, regexes) only — never for if/elif-style routing.declare -Ar dispatch tables for command routing: "${_DISPATCH[${cmd}]}" "${args[@]}". Nest for subdomains: _CONFIG_SUBCMDS, _INIT_SUBCMDS.[[ ]] over [ ]. (( )) for arithmetic. &&/|| for short-circuit.mapfile -t / readarray -d '' over while read loops for collection. Streaming consumers may use while IFS= read -r with a comment naming the stream boundary.(( condition )) && action1 || action2 or ${var:+if_set}${var:-if_unset}.wait -n -p finished_pid with job-count gate (( ${#jobs[@]} >= MAX_JOBS )) — see _run_pool pattern in examples.case; cleanup stacks may use a static eval template over shell-quoted commands; bounded counters and polling loops may mutate when the mutation is the resource protocol.Error handling
set -Eeuo pipefail + shopt -s inherit_errexit in every script. No exceptions.BASH_COMMAND, BASH_LINENO, FUNCNAME context. Stack trace for multi-level call chains._CLEANUP_STACK LIFO registry invoked by EXIT trap. _CLEANING guard prevents re-entrant execution on cascading signals.EX_* constants._die() for fatal errors (log + exit). _die_usage() for argument errors (log + hint + exit 2).EPOCHREALTIME microsecond arithmetic: _bench() computes (end_s - start_s) * 1000000 + 10#end_us - 10#start_us — zero forks.Logging architecture
declare -Ar _LOG_EMIT=([json]=_log_json [text]=_log_text_emit) — format resolved once at startup via readonly _LOG_EMITTER="${_LOG_EMIT[${LOG_FORMAT:-text}]}"._log() gates on _LOG_LEVELS numeric threshold, then dispatches via "${_LOG_EMITTER}" — zero branching per call.jq -nc --arg for injection-safe serialization with EPOCHREALTIME microsecond timestamps and optional W3C trace context fields.FUNCNAME offset accounts for _info -> _log -> _LOG_EMITTER call chain depth (typically FUNCNAME[3], BASH_LINENO[2]).Surface
_ prefix for all internal functions. Public surface = _main entry point only.source only for test frameworks.--self-test flag runs embedded smoke tests and exits — validates dispatch tables, config parsing, and key pure functions.Resources
mktemp + _register_cleanup "rm -f -- $(printf '%q' "${tmp}")" or equivalent static quoted cleanup template. Work directories: mktemp -d with SRANDOM in path for uniqueness.kill -"${sig}" "${_CHILD_PID}", exit with signal code (143/130). Guard on (( _CHILD_PID > 0 )). On 5.3, BASH_TRAPSIG enables unified signal handler with dispatch-table routing by signal number. GLOBSORT controls glob ordering (e.g., -mtime for newest-first file discovery)._retry_exec max delay max_delay cmd... — exponential backoff delay=$(( delay * 2 > max_delay ? max_delay : delay * 2 )) with SRANDOM jitter.declare -Ar _ENV_CONTRACT=([VAR]='^regex$') validated at startup — dispatch table over env vars, regex per key.socat TCP-LISTEN:${port},reuseaddr,fork SYSTEM:"printf 'HTTP/1.1 200 OK\r\n...'" backgrounded with cleanup registration.TRACEPARENT via BASH_REMATCH, generate via printf -v TRACE_ID '%08x%08x%08x%08x' "${SRANDOM}"..., export for child propagation.Foundation (always):
| [REFERENCE] | [FOCUS] |
|---|---|
| bash-scripting-guide.md | Primitives, strict mode, expansion, arrays |
Task-routed references (load only when the task matches):
| [REFERENCE] | [FOCUS] |
|---|---|
| version-features.md | 5.2/5.3 features, fork-free substitution, version gating |
| variable-features.md | Call stacks, namerefs, traps, process lifecycle, 5.3 vars |
| array-operations.md | Set algebra, structural transforms, higher-order traversal |
| string-operations.md | Transform pipelines, regex extraction, codecs, templates |
| file-operations.md | Atomic writes, FD multiplexing, directory traversal |
| script-patterns.md | Arg parsing, help, ERR traps, parallel, retry |
| bash-logging.md | Structured logging, CI integration, tracing |
| bash-testing.md | bats-core 1.13+ suites, coverage, hypothesis PBT |
| bash-portability.md | Cross-shell compat, containers, POSIX |
| text-processing-guide.md | rg/awk/sd/jq/yq/mlr tool selection |
| validation.md | ShellCheck codes, static analysis, CI |
Examples (read one matching your target archetype before writing):
| [EXAMPLE] | [ARCHETYPE] |
|---|---|
| cli-tool.sh | Two-dimensional verb:resource dispatch CLI |
| data-pipeline.sh | File processing with jq pipelines, accumulation |
| service-wrapper.sh | Container entrypoint, signal dispatch, coproc |
State violations
let/global mutation outside declare -g config loading. Use local -r/readonly; freeze parsed args in _main.$(date), $(cat file), $(wc -l < file) in loops. Use printf -v, $(<file), EPOCHSECONDS, mapfile.Control-flow violations
if/elif/else chain for command routing. Use declare -Ar dispatch table + O(1) lookup.while IFS= read -r line loop to build arrays. Use mapfile -t arr < <(cmd).while read without a streaming-boundary comment. Streaming consumers are valid; collection loops are not.> or >> for output files. Use mktemp + mv atomic pattern.Safety violations
exec 3>file with literal FD numbers. Use exec {fd}>file for safe dynamic allocation.$var without quotes. Always "${var}" — exceptions only in (( )) arithmetic.eval "$user_string" with untrusted input. Only static cleanup/capture templates over shell-quoted values are allowed; otherwise use declare -Ar dispatch or case/esac pattern match.echo -e/echo -n for formatted output. Use printf — portable, no ambiguity, format strings.Organization violations
lib/utils.sh, common.sh helper files. Colocate all logic in the script.$RANDOM for security-relevant randomness (temp names, jitter, tokens). Use $SRANDOM (cryptographic entropy).bash -n script.sh (syntax check), ShellCheck 0.11.0+ clean (static analysis).--self-test when present.bash -n, ShellCheck, and --self-test when applicable.| [TOOL] | [VER] | [PROVIDES] |
|---|---|---|
bash | 5.2+/5.3 | Shell runtime, builtins, ${ } (5.3) |
shellcheck | 0.11.0+ | Static analysis, SC codes |
bats-core | 1.13+ | Test framework, TAP output |
kcov | 43+ | Coverage instrumentation |
rg | 15+ | Content search, .gitignore-aware |
fd | 10+ | File search, .gitignore-aware |
jq | 1.8+ | JSON processing, streaming, trim, skip |
yq | 4.46+ | YAML processing |
mlr | 6+ | CSV/TSV/JSON format transforms |
sd | 1+ | Stream editing (sed replacement) |
choose | 1.3+ | Column selection (cut replacement) |
gawk | 5.3+ | Text processing, inline programs |