AgentSkillsCN

project-setup

在环境配置、.gitignore规范以及发布版本管理方面,掌握一些不显而易见的项目设置模式。在初始化项目、审计已追踪文件、设置环境校验,或规划发布时使用此功能。重点关注Claude在缺乏指导时容易犯下的常见错误。

SKILL.md
--- frontmatter
name: project-setup
description: Non-obvious project setup patterns for environment config, gitignore hygiene, and release versioning. Use when initializing projects, auditing tracked files, setting up env validation, or planning releases. Focuses on common mistakes Claude makes without guidance.
metadata:
  version: "1.0"

Project Setup

Environment Config — The Non-Obvious Parts

Validate at startup, fail fast

Don't just read env vars — validate them on boot so missing config fails immediately, not at 3am when that code path runs.

typescript
const required = (key: string): string => {
  const val = process.env[key];
  if (!val) throw new Error(`Missing required env var: ${key}`);
  return val;
};

export const config = {
  port: parseInt(process.env.PORT || '3000'),
  databaseUrl: required('DATABASE_URL'),
  jwtSecret: required('JWT_SECRET'),
} as const;
python
from pydantic_settings import BaseSettings

class Settings(BaseSettings):
    database_url: str
    jwt_secret: str
    port: int = 8000

    class Config:
        env_file = ".env"

settings = Settings()  # Validates on import, raises if missing

Env anti-patterns

MistakeWhy it's badFix
Real secrets in .env.exampleGets committed, leakedFake/placeholder values only
No validation at startupFails at runtime, not bootValidate eagerly
Same secret across environmentsOne leak compromises allUnique per env
Secrets in Docker build argsCached in image layersRuntime env or Docker secrets
.env not in .gitignoreSecrets committedAdd immediately, rotate if exposed

Gitignore — The Mistakes

Claude generates fine .gitignore files. These are the mistakes to watch for:

MistakeFix
Committing .env then adding to .gitignoregit rm --cached .env + rotate all secrets
Ignoring lockfiles (package-lock.json)Commit lockfiles — reproducible builds
Ignoring .vscode entirelyOnly ignore settings.json, commit extensions.json
Not running an auditgit ls-files | grep -E '\.(env|pem|key)$'

Versioning — Decision Tree

Claude knows semver. This is for the edge cases:

code
What changed? → What bump?
    ├─ Removed/renamed public API → MAJOR
    ├─ Changed existing behavior (even if "fixed") → MAJOR
    ├─ Added new feature (backwards compatible) → MINOR
    ├─ Added optional parameter → MINOR
    ├─ Bug fix (same API contract) → PATCH
    ├─ Performance improvement (same API) → PATCH
    ├─ Dependency update (no API change) → PATCH
    └─ Pre-release (0.x.y) → No stability guarantee

Release process

bash
# 1. Update changelog
# 2. Bump version in package.json / pyproject.toml / etc.
git add -A && git commit -m "release: v2.1.0"
git tag -a v2.1.0 -m "Release v2.1.0"
git push && git push --tags

Automation tools

ToolEcosystemWhat It Does
semantic-releaseNodeAuto version + changelog from commits
python-semantic-releasePythonSame for Python
release-pleaseAny (GitHub Action)Auto PRs with version bumps + changelog