// Pre-PR validation — working tree status, format, lint, TypeScript check, and protected file check. Workspace-aware: detects which of backend/, frontend/, services/apps/*, services/libs/* were changed and runs only the relevant scripts. Use before submitting any PR, to check if code is ready, or to validate a branch before review.
Scaffold a new sub-worker inside packages_worker (npm, deps.dev, osv, scorecard, etc.) following the single-service multi-entry-point structure. Use when: "add a new packages worker", "scaffold a sub-worker in packages_worker", "new worker for packages-db", "add npm worker", "add OSV worker", "add deps.dev worker".
Get packages_worker running locally — first time or resuming after a break. Spins up packages-db if not running, applies any pending migrations, and starts the worker. All steps are safe to re-run. Use when: "set up packages worker", "start packages worker", "resume packages worker", "get packages-db running", "packages-db stopped", "restart the worker".
Record an architecture decision as an ADR in docs/adr/. Use when choosing between frameworks, libraries, databases, or architectural patterns; stating a decision with reasoning ("we decided X instead of Y because..."); or querying past decisions ("why did we choose X?").
Generate a commit message and commit staged changes using git commit -s -S.
Recover from missing DCO sign-off on commits. Handles the single-commit amend, older-commit recovery via interactive rebase or cherry-pick, and explains the Probot DCO check that blocks PRs without sign-off. Use when a PR fails the DCO check, when a commit needs a Signed-off-by trailer added retroactively, or when sign-off was forgotten during rebase / cherry-pick / amend.
Review a pull request against CDP architecture standards — fetches PR diff, verifies previous comments are addressed, validates PR metadata (title, branch, JIRA key, size), runs a code-standards enforcer against every file in `.claude/rules/` and `.claude/hooks/guard-protected-files.sh`, and drafts inline review comments with suggested fixes. NEVER auto-posts comments or submits reviews — always presents a draft in the terminal for user approval before any comment lands on the PR. Use when reviewing PRs, checking PR quality, validating code changes, or when the user says "review", "check this PR", or "audit code".
| name | preflight |
| description | Pre-PR validation — working tree status, format, lint, TypeScript check, and protected file check. Workspace-aware: detects which of backend/, frontend/, services/apps/*, services/libs/* were changed and runs only the relevant scripts. Use before submitting any PR, to check if code is ready, or to validate a branch before review. |
| allowed-tools | Bash, Read, Glob, Grep, AskUserQuestion |
Run each check in order. Report results clearly and help fix any issues found.
git status
git diff --stat origin/main...HEAD
git log --format="%h %s%n%b" origin/main...HEAD
Evaluate:
CM-XXX reference.--signoff? — Flag any commits without Signed-off-by: lines.Resolve any issues before proceeding.
git diff --name-only origin/main...HEAD
Group changed files into workspaces:
| Workspace | Path prefix | Lint | Format check | Type check | Test |
|---|---|---|---|---|---|
| Backend | backend/ | cd backend && pnpm lint | cd backend && pnpm format-check | cd backend && pnpm tsc-check | cd backend && pnpm test (needs Docker) |
| Frontend | frontend/ | cd frontend && npm run lint | — | — | — |
| Each service | services/apps/<name>/ | cd services/apps/<name> && pnpm lint | cd services/apps/<name> && pnpm format-check | cd services/apps/<name> && pnpm tsc-check | cd services/apps/<name> && pnpm test if vitest present |
| Each lib | services/libs/<name>/ | cd services/libs/<name> && pnpm lint | cd services/libs/<name> && pnpm format-check | cd services/libs/<name> && pnpm tsc-check | cd services/libs/<name> && pnpm test if vitest present |
Run checks only for the workspaces that have changed files.
For each changed workspace, run its lint command. Fix any errors before proceeding. Common issues:
For each changed workspace that has a format-check script (backend, services), run it.
If there are format violations:
# Fix them
pnpm format
# Then stage the fixes
git add -p
Frontend does not have a format-check script — skip for frontend/.
For each changed workspace that has tsc-check (backend, services), run it. Fix all type errors before proceeding.
Frontend does not have a tsc-check script — skip for frontend/.
git diff --name-only origin/main...HEAD
Flag any changes to these protected files — they should NOT be modified without code owner approval:
services/libs/data-access-layer/** — shared DAL, high blast radiusservices/libs/common/** — shared utilities, affects all servicesbackend/src/database/migrations/** — append-only Flyway migrationsscripts/cli, scripts/scaffold.yaml, scripts/scaffold.insights.yaml.husky/*, commitlint.config.js.github/workflows/**, .github/actions/**tsconfig*.json, .eslintrc*, .prettierrc*pnpm-lock.yaml, package.json, */package.jsonCLAUDE.md, .claude/settings.jsonIf protected files appear in the diff, warn the contributor and ask them to revert or get code owner approval.
git log --format="%h %s%n%b" origin/main...HEAD
type: description (CM-XXX) format per commit-workflow.md.--signoff on all commits? — Every commit must have Signed-off-by:..github/workflows/pr-title-jira-key-lint.yml).git diff --stat origin/main...HEAD
List:
backend/src/api/Present a clear report:
PREFLIGHT RESULTS
─────────────────────────────────────────────────
✓ Working tree — Clean, N commits ahead of main
✓ Lint — backend: OK | frontend: OK | services/...: OK
✓ Format check — backend: OK
✓ TypeScript — backend: OK
✓ Protected files — None modified
✓ Commits — Conventions followed, signed off, CM-XXX present
─────────────────────────────────────────────────
READY FOR PR
Or if there are issues:
PREFLIGHT RESULTS
─────────────────────────────────────────────────
✓ Working tree — Clean, N commits ahead of main
✗ Lint — backend: 3 errors (see above)
✓ Format check — backend: OK
✗ TypeScript — backend: 1 error (see above)
✓ Protected files — None modified
✗ Commits — Missing Signed-off-by on 2 commits (run /dco)
─────────────────────────────────────────────────
ISSUES FOUND — Fix before submitting
Suggest creating the PR:
"All preflight checks passed! Ready to create a PR. Would you like me to create it with
gh pr create?"