一键导入
pipeline-orchestrate
Merge scorer and PE signals to route PRs. Applies routing matrix (hitl-light / hitl-full) based on score thresholds and risk levels.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Merge scorer and PE signals to route PRs. Applies routing matrix (hitl-light / hitl-full) based on score thresholds and risk levels.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Validate all LLM-accelerated GitHub issues through systematic QA testing via Circuit Electron.
Human-in-the-loop QA loop for verifying a large feature or refactor against the locally-running app before merge/release. Use when automated tests (e2e, web-e2e) don't cover the behavioral/UX surface and you need a structured, interactive "you drive / I observe" verification pass with in-session bug fixes. Complements qa-pr (automated, Circuit) and qa-web (Playwright).
Automated QA testing for Prose PRs using Circuit Electron. Use when testing pull requests before merge.
Implement one solo-ist/prose GitHub issue end-to-end and open a PR ready for review. Use when an Oz child agent is assigned exactly one issue to fix or build in this repo.
Reference and checklist for building and maintaining CI/CD workflows, inter-workflow communication, dispatch scripts, and cloud agent infrastructure. Use when modifying any workflow YAML, dispatch script, or sentinel-based communication.
Principal Engineer architectural risk analysis for PRs. Assesses blast radius, hidden coupling, and privilege boundary concerns. Outputs LOW-CRITICAL risk rating.
| name | pipeline-orchestrate |
| description | Merge scorer and PE signals to route PRs. Applies routing matrix (hitl-light / hitl-full) based on score thresholds and risk levels. |
Auto-fix retired (#737). The pipeline reviews and triages; code mutation goes through a human or an Oz agent as a normal PR. All verdicts are
hitl-lightorhitl-full— no autonomous code changes.
Merges scorer and PE analysis signals to determine the final routing verdict for a PR.
/pipeline-orchestrate <pr-number>
Source of truth: run-orchestrator.mjs route() function.
| Score (1-10) | PE Risk | Route | Action |
|---|---|---|---|
| 1-3 | Any | hitl-light | Post analyses, label needs-review |
| 4-6 | LOW | hitl-light | Post analyses, label needs-review |
| 4-6 | MEDIUM+ | hitl-full | Full analyses, label complex, needs-review |
| 7+ | Any | hitl-full | Label complex, full human review |
| Any | CRITICAL | hitl-full | Always escalate |
| Any | privileged | hitl-full | Security hard gate — always escalate |
| Verdict | Labels Applied |
|---|---|
hitl-light | needs-review |
hitl-full | complex, needs-review |
PRs touching privilege-boundary paths auto-route to hitl-full regardless of score:
src/main/** — full system accesssrc/preload/** — context bridge / attack surfaceelectron-builder.*, electron.vite.config.* — build/packaging configWith the security-gate short-circuit (383-2), these PRs skip scorer+PE entirely — the pipeline-triage.yml security-gate-check job detects the <!-- security-gate: true --> sentinel in the review and posts hitl-full directly.
<!-- scorer-output: {...} --> and <!-- pe-output: {...} -->)<!-- orchestrator-verdict: hitl-light|hitl-full -->Given a PR that touches src/renderer/components/editor/Editor.tsx only:
{"score": 4, "threshold": "review"}{"risk": "LOW", "privileged": false, "concerns": 1}hitl-lightneeds-reviewIf the same PR also touched src/main/ipc.ts:
{"risk": "MEDIUM", "privileged": true, "concerns": 2}hitl-full (score doesn't matter)complex, needs-reviewMachine-readable sentinel:
<!-- orchestrator-verdict: hitl-light|hitl-full -->
Human-readable summary with routing rationale referencing scorer dimensions and PE risk assessment.