一键导入
kiro-validate-impl
Validate feature-level integration after all tasks are implemented. Checks cross-task consistency, full test suite, and overall spec coverage.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Validate feature-level integration after all tasks are implemented. Checks cross-task consistency, full test suite, and overall spec coverage.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
cc-sdd実装用統合ブランチのコミット群(ベースブランチとの差分)をreview slice単位のstacked PRに再構成する際に使用。「review sliceに分割」「stacked PRを作成」「PRをスタックして」「レビュー用にPRを分けて」「review slice stack」という依頼でトリガーする。dry-run(既定)でslice計画を提示し、apply指示で実際にブランチ・PRを作成する。
stacked PRの下位PRがマージされた後に上位branchをrestack(rebase/cherry-pick再構成)する際に使用。「restackして」「上位PRを更新して」「restack after merge」「PRのbaseを更新」「スタックを整理」という依頼でトリガーする。対象sliceの特定→rebase→変更ファイル確認と代表テスト実行→force-with-leaseでpush→PR base更新→auto-merge判定の順で進める。
リリース前の全ファイル静的解析スキル。プロジェクト構造を自動検出し、ソースモジュールごとのサブエージェントと依存関係スキャンを並列実行してコードベース全体の脆弱性を検出する。手動呼び出し専用: /sec-full-scan
ステージング環境にデプロイ済みのサーバーに対してランタイム検証を実行する。HTTPヘッダー・動的プローブ・認証テストに特化。手動呼び出し専用: /sec-runtime-scan [環境名]
PR・ブランチの変更差分(git diff)を静的解析してセキュリティ脆弱性を検出する。開発中・PRレビュー時に使用。手動呼び出し専用: /sec-diff-review
PRの未Resolveレビュー指摘に対応するスキル。「PRの指摘に対応して」「Resolveされていないスレッドを解消」「PR reviewの対応」「未解決のレビューコメントを修正」「Copilotの指摘を直して」「Codexの指摘に対応」「chatgpt-codex-connectorの指摘」「レビュー対応」で起動。PR URL or 番号 → 未Resolveスレッド取得 → 対象ファイル修正 → ユーザーへ最終ゲートとプッシュの実行手順を案内、の流れで進める。
| name | kiro-validate-impl |
| description | Validate feature-level integration after all tasks are implemented. Checks cross-task consistency, full test suite, and overall spec coverage. |
<background_information> Individual tasks have already been reviewed by the per-task reviewer during implementation. Your job is to catch problems that only become visible when looking across all tasks together.
Boundary terminology continuity:
discovery identifies Boundary Candidates
design fixes Boundary Commitments
tasks constrain execution with _Boundary:_
feature validation checks for cross-task Boundary Violations
Success Criteria:
[x] in tasks.mdWhat This Skill Does NOT Do: Per-task checks are the reviewer's responsibility during /kiro-impl. This skill does NOT re-check individual task acceptance criteria, per-file reality checks, or single-task spec alignment.
This skill's main question is: when the completed tasks are viewed together, do they still respect the designed boundary seams and dependency direction? </background_information>
## Execution StepsIf no arguments provided ($1 empty):
/kiro-impl <feature> [tasks] commandsdocs/specs/ for features with completed tasks [x]If feature provided ($1 present, $2 empty):
[x] in docs/specs/$1/tasks.mdIf both feature and tasks provided ($1 and $2 present):
user-auth 1.1,1.2)The following validation dimensions are independent and can be dispatched as sub-agents. The agent should decide the optimal decomposition based on feature scope — split, merge, or skip sub-agents as appropriate. Each sub-agent returns a structured findings summary to keep the main context clean for GO/NO-GO synthesis.
Typical validation dimensions (adjust as appropriate):
If multi-agent is not available, run checks sequentially in main context.
After all checks complete, synthesize findings for GO/NO-GO/MANUAL_VERIFY_REQUIRED assessment.
For each detected feature:
docs/specs/<feature>/spec.json for metadatadocs/specs/<feature>/requirements.md for requirementsdocs/specs/<feature>/design.md for design structuredocs/specs/<feature>/tasks.md for task list and Implementation Notesproduct.md, tech.md, structure.mdDiscover canonical validation commands:
package.json, pyproject.toml, go.mod, Cargo.toml, app manifests), task runners (Makefile, justfile), CI/workflow files, existing e2e/integration configs, then README*TEST_COMMANDS, BUILD_COMMANDS, and SMOKE_COMMANDSSMOKE_COMMANDS, choose the lightest trustworthy runtime-liveness check for the app shape (for example: root URL load, Electron launch, CLI --help, service health endpoint, mobile simulator/e2e harness if one already exists)A. Full Test Suite
MANUAL_VERIFY_REQUIREDB. Residual TBD/TODO/FIXME
grep -rn "TBD\|TODO\|FIXME\|HACK\|XXX" <files-in-feature-boundary>C. Residual Hardcoded Secrets
grep -rn "password\s*=\|api_key\s*=\|secret\s*=\|token\s*=" <files-in-feature-boundary> (case-insensitive)D. Runtime Liveness (Smoke Boot)
--help; start a service and hit its health endpoint.MANUAL_VERIFY_REQUIREDE. Cross-Task Integration
F. Requirements Coverage Gaps
requirements.md; do NOT invent REQ-* aliasesG. Design End-to-End Alignment
design.mdG.5 Boundary Audit
Boundary Commitments, Out of Boundary, Allowed Dependencies, and Revalidation TriggersH. Blocked Tasks & Implementation Notes
_Blocked:_ — report why and assess impact on feature completeness## Implementation Notes in tasks.md for cross-cutting insights that need attentionBefore returning GO, apply the kiro-verify-completion protocol to the feature-level claim. Tests alone are insufficient: include full-suite, runtime liveness, coverage, integration, design-alignment, and blocked-task status in the evidence.
Classify concrete failures by ownership before writing remediation:
LOCAL if the defect belongs to the feature being validatedUPSTREAM if the root cause belongs to a dependency, foundation, shared platform, or earlier specUNCLEAR if ownership cannot be established from the available evidenceIf ownership is UPSTREAM, do not collapse the issue into local remediation for this feature. Name the owning upstream spec and explain which dependent specs should be revalidated after that upstream fix lands.
Provide summary in the language specified in spec.json:
## Validation Report
- DECISION: GO | NO-GO | MANUAL_VERIFY_REQUIRED
- MECHANICAL_RESULTS:
- Tests: PASS | FAIL (command and exit code)
- TBD/TODO grep: CLEAN | <count> matches
- Secrets grep: CLEAN | <count> matches
- Smoke boot: PASS | FAIL | MANUAL_REQUIRED
- INTEGRATION:
- Cross-task contracts: <status>
- Shared state consistency: <status>
- Boundary audit: <status>
- COVERAGE:
- Requirements mapped: <X/Y sections covered>
- Coverage gaps: <list of uncovered requirement sections>
- DESIGN:
- Architecture drift: <findings>
- Dependency direction: <violations if any>
- File Structure Plan vs actual: <match/mismatch>
- OWNERSHIP: LOCAL | UPSTREAM | UNCLEAR
- UPSTREAM_SPEC: <feature-name | N/A>
- BLOCKED_TASKS: <list and impact assessment>
- REMEDIATION: <if NO-GO: specific, actionable steps to fix each issue>
If NO-GO, REMEDIATION is mandatory — identify the exact issue and what needs to change.
GO only when all integration checks passed; return NO-GO for concrete failures and MANUAL_VERIFY_REQUIRED when mandatory validation could not be completedGO if the feature only works by smearing responsibilities across boundaries, even when tests pass
/kiro-impl in history and no [x] tasks, report "No implementations detected"MANUAL_VERIFY_REQUIRED and explain which validation command is missing; do not return GOIf GO Decision:
If NO-GO Decision:
/kiro-impl <feature> [tasks] for targeted fixes/kiro-validate-impl [feature]Session Interrupted:
If MANUAL_VERIFY_REQUIRED: