AgentSkillsCN

pocket-brain-runtime-config-gate

利用项目配置门禁脚本,验证PocketBrain服务器与Worker运行时的配置。当用户要求运行配置检查、准备生产部署、调试身份验证或路由模式配置错误、验证密钥轮换的安全性,或排查因环境漂移导致的运行时就绪失败时使用此功能。

SKILL.md
--- frontmatter
name: pocket-brain-runtime-config-gate
description: Validate PocketBrain server and worker runtime configuration using the project config-gate scripts. Use when asked to run config checks, prepare a production deploy, debug auth or route-mode misconfiguration, verify secret-rotation safety, or troubleshoot runtime readiness failures caused by environment drift.

PocketBrain Runtime Config Gate

Validate runtime configuration before deploy and after incident remediations.

Workflow

  1. Select validation scope.
  • Choose server, worker, or all based on requested task or changed files.
  1. Prepare server env for production-style checks.
  • Run bash scripts/render-server-env.sh --mode production --source .env --output server/.env.
  • Stop immediately and report if render fails.
  1. Run runtime validators.
  • Run NODE_ENV=production npm run config:check:server for server-only checks.
  • Run NODE_ENV=production npm run config:check:worker for worker-only checks.
  • Run NODE_ENV=production npm run config:check for full checks.
  1. Classify and remediate failures.
  • Read references/required-checks.md for rule coverage.
  • Read references/remediation-map.md for failure-to-fix mappings.
  • Propose the smallest safe fix and rerun the same command.
  1. Confirm gate status.
  • Report pass/fail for each checked scope.
  • Provide the exact rerun command for reproducibility.

Reporting

Return:

  • Scope and commands run.
  • Validation errors grouped by server/worker.
  • Remediation steps.
  • Final gate verdict.

Safety

  • Never print raw secret values from .env, server/.env, or worker secrets.
  • Never commit generated server/.env.
  • Prefer route-mode safe defaults: declared routes or WORKER_ROUTE_MODE=dashboard.