AgentSkillsCN

automated-standards-enforcement

当您创建或修改任意仓库时,可以使用此技能来建立自动化的质量保障机制(如Lint检查、拼写校验、测试执行、SAST扫描、安全检测)。除非用户明确拒绝,否则此技能将默认启用。它以最小化开发者摩擦为前提,确保构建过程始终干净利落。

SKILL.md
--- frontmatter
name: automated-standards-enforcement
description: Use when creating or modifying any repository to establish automated quality enforcement (linting, spelling, tests, SAST, security). Applies by default unless user explicitly refuses. Ensures clean build policy with minimal developer friction.
metadata:
  type: Platform
  priority: P2

Automated Standards Enforcement

Overview

P0 Foundational - Applies by default. Zero-warning clean builds. Baseline for brownfield.

REQUIRED: superpowers:verification-before-completion, superpowers:test-driven-development

Bootstrapping Skills Decision Matrix

Use this matrix to select the appropriate bootstrapping skill:

If You Need To...Use This Skill
Start a new project from scratchgreenfield-baseline
Add/audit quality tooling (linting, tests, SAST)automated-standards-enforcement (this)
Add/audit repo security (branch protection, secret scanning)repo-best-practices-bootstrap

Skill Scope Comparison

Aspectgreenfield-baselineautomated-standards-enforcementrepo-best-practices-bootstrap
Primary FocusProject foundationQuality toolingRepo security/compliance
Project StateNew (no existing code)New or existingNew or existing
OutputsRepo structure, CI/CD, docsLinting, tests, SAST configBranch rules, secrets config
TriggersEntry point for new projectsAuto-triggered or standaloneUse after structure exists

Invocation Context

  • Greenfield projects: Auto-triggered by greenfield-baseline
  • Brownfield projects: Invoke directly with brownfield approach
  • Existing repos: Invoke directly for quality tooling audit/addition

Do NOT Use This Skill When

  • Starting a brand new project (use greenfield-baseline, which triggers this skill)
  • Only need repo security/compliance (use repo-best-practices-bootstrap)
  • Quality tooling already exists and passes (no changes needed)

When to Use

  • Creating/modifying repository
  • Opt-out: User explicitly refuses

Core Workflow

  1. Announce skill (default for all repos)
  2. Identify: linting, spelling, tests, SAST, security
  3. Map to tools (Tool Comparison)
  4. Enforce: pre-commit hooks + CI
  5. Single-command local run (npm run validate)
  6. Document in README.md
  7. Clean build (zero warnings)
  8. Exceptions: docs/known-issues.md
  9. IDE integrations (IDE Integration)
  10. Brownfield: baseline, enforce on new code

Quick Reference

StandardTypical ToolsEnforcement
LintingESLint, Ruff, dotnet-formatPre-commit + CI
FormattingPrettier, BlackPre-commit
SpellingcspellPre-commit + CI
TestsJest, pytest, xUnitCI (coverage gates)
Securitynpm-audit, bandit, SASTCI

See Language Configs for ecosystem-specific setup.

Clean Build Policy

Zero warnings/errors required. Exceptions documented in docs/known-issues.md with justification and remediation plan. See Git Hooks Setup and CI Configuration for enforcement.

Brownfield Approach

  1. Run baseline to identify existing violations
  2. Document in docs/known-issues.md with counts
  3. Pre-commit: check modified files only
  4. CI: document baseline exceptions
  5. Incremental remediation over time

Red Flags - STOP

  • "Can add linting later"
  • "MVP doesn't need quality checks"
  • "Too many violations to fix"
  • "Hooks slow development"
  • "Clean build too strict"

All mean: Apply brownfield approach or document explicit opt-out.

See Tool Comparison for selection guidance.

Reference CI Workflow Templates

Use pre-built CI workflow templates for common platforms:

PlatformTemplateDescription
GitHub Actionstemplates/github-lint-workflow.yml.templateLint and format check
GitHub Actionstemplates/github-security-workflow.yml.templateSecurity scanning
Azure DevOpstemplates/azure-pipelines-lint.yml.templateLint pipeline

Using Templates

  1. Copy template to .github/workflows/ or pipeline directory
  2. Replace {LANGUAGE} with your primary language (node, dotnet, python)
  3. Adjust tool commands to match your package.json / Makefile scripts
  4. Commit and verify workflow runs