菜单
Pre-deploy checklist with review, security, and test verification. Use when ready to deploy.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Show token / tool usage stats from the local telemetry log. Use when you want to know "which tools am I burning context on", "which skills are expensive", or "was yesterday's session mostly Read/Grep or actually productive".
Parallel quality audit with 7 specialized agents (Opus). Finds bugs, violations, and quality issues. Use audit for fixes, brainstorm for features.
Manage environment variables with Doppler — auto-install CLI, login, link projects, wrap commands with `doppler run`. Replaces scattered .env files with a hub/spoke architecture.
Scaffolds new projects or onboards existing ones. Detects stack, creates monorepo/single-app, configures strict tooling. Use for greenfield or first-time setup.
Archives completed stories from prd.json to reduce token usage.
Autonomous task execution with testing and security. Works through all tasks without stopping.
| name | ship |
| description | Pre-deploy checklist with review, security, and test verification. Use when ready to deploy. |
| triggers | ["ship"] |
| allowed-tools | Bash, Read, Grep, Glob, Task |
| model | opus |
| user-invocable | true |
Complete deployment pipeline: pre-flight → security → deploy → verify → report.
ALL must pass before deploying. Run in parallel:
npm run typecheck # BLOCKING — zero errors
npm run build # BLOCKING — zero errors
npm run test -- --watchAll=false # BLOCKING — all pass
npm audit --production 2>/dev/null | grep -E "critical|high" # BLOCKING — zero critical/high
git status --short # Warn if uncommitted changes
| Result | Action |
|---|---|
| Build fails | Stop — fix errors first |
| Typecheck fails | Stop — fix types first |
| Tests fail | Stop — fix tests first |
| npm audit critical/high | Stop — fix vulnerabilities first |
| Uncommitted changes | Warn user, ask if they want to commit (use git directly, do not invoke the commit skill) |
| All pass | Continue to Step 2 |
Run before every deploy (uses security skill):
.env files not committed (check .gitignore)dangerouslySetInnerHTML without sanitizationIf critical issues found, fix before deploying.
Check in order:
vercel.json or .vercel/ exists → Vercelnetlify.toml exists → Netlifysupabase/functions/ exists → Supabase Edge Functions (deploy alongside)Do not ask which platform — detect or default.
# Preview first (recommended)
npx vercel --yes
# If preview looks good, promote to production
npx vercel --prod --yes
npx netlify deploy --prod
# Single function
supabase functions deploy [function-name] --project-ref [ref]
# All functions
supabase functions deploy --project-ref [ref]
Before deploying, verify env vars are set on the platform:
# Vercel
vercel env ls
# Netlify
netlify env:list
# Supabase
supabase secrets list --project-ref [ref]
Missing env vars = broken deploy. Check before shipping.
A successful deploy does not mean the app works. Verify after deploying.
agent-browser open [DEPLOY_URL]
agent-browser snapshot -i
# Check mobile
agent-browser viewport 375 812
agent-browser snapshot -i
npx playwright open [DEPLOY_URL]
| Check | How | Pass Criteria |
|---|---|---|
| Page loads | Open deploy URL | No 404, no blank screen |
| No console errors | agent-browser snapshot | Zero errors in console |
| Auth flow | Login → protected page → logout | All transitions work |
| Critical path | Complete main user action | End-to-end success |
| API calls | Check network tab | No 500s, no CORS errors |
| Mobile layout | Resize to 375px width | Sidebar hidden, grids stacked, no overflow |
| App Type | Critical Paths |
|---|---|
| SaaS | Sign up → onboard → core action → billing |
| E-commerce | Browse → add to cart → checkout |
| Content | Load → search → read → interact |
| API | Health endpoint → auth → CRUD operations |
# Vercel - instant rollback to previous
vercel rollback
# Netlify
netlify rollback
# Supabase Edge Functions - redeploy previous version
git log --oneline supabase/functions/
git checkout [prev-commit] -- supabase/functions/
supabase functions deploy --project-ref [ref]
# Coverage (if available)
npm run test -- --coverage --watchAll=false 2>/dev/null | grep "All files" | head -1
# Bundle size
npm run build 2>&1 | grep -i "size\|chunk\|bundle" | head -5
Report these as informational — they don't block the deploy.
Update prd.json and report to user:
Shipped to: [URL]
Platform: Vercel/Netlify
Build: passed
Security: passed
Verification: [pass/fail]
- Page loads: ✓
- Console errors: none
- Auth flow: ✓
- Critical path: ✓
If any verification failed, list specific failures and next steps.
| Skill | Role in Ship |
|---|---|
review | Code quality check (auto-loaded via requires) |
security | Vulnerability scan (auto-loaded via requires) |
test | Run tests before deploy (auto-loaded via requires) |
deploy | Deploy patterns and CI/CD pipeline reference |