Stats
Actions
Tags
From attacca
Pre-push quality gate checklist. Use when: before any git push, before opening a PR, after implementing a full feature, when Manager says 'run quality gate'. Runs lint, type-check, tests, and a security scan as a single sequential gate. Fails fast — does not proceed past a failing stage.
How this skill is triggered — by the user, by Claude, or both
Slash command
/attacca:quality-gateThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
- Before every `git push` (mandatory)
git push (mandatory)This gate answers one question: Is this code safe to ship?
Run stages in this exact order. Stop on first failure. Do not report "gate passed" if any stage fails.
Stage 1: Lint
Stage 2: Type-Check
Stage 3: Tests
Stage 4: Security Scan
Stage 5: Final Verdict
Catch style violations, unused imports, and obvious errors before they reach review.
# JavaScript / TypeScript
npx eslint . --ext .ts,.tsx,.js,.jsx --max-warnings 0
# Python
ruff check .
# Go
golangci-lint run
# Ruby
rubocop
Adapt the command to the project's package.json scripts if a lint script exists (prefer npm run lint).
Fix all lint issues. Do not disable lint rules without explicit user approval. Do not proceed to Stage 2 until Stage 1 is clean.
Catch type errors that slip past lint.
# TypeScript
npx tsc --noEmit
# Python (mypy)
mypy .
# Go (built into build)
go build ./...
Adapt to the project's typecheck script if one exists in package.json.
--noEmit used (do not emit output files as a side effect)Fix all type errors. Do not use // @ts-ignore or any to silence errors without user approval. Do not proceed to Stage 3 until Stage 2 is clean.
Validate correctness end-to-end.
# Jest / Vitest
npm test -- --run --reporter=verbose
# pytest
pytest -v --tb=short
# Go
go test ./... -v
# RSpec
bundle exec rspec --format documentation
Use the project's test script if defined (prefer npm test, yarn test, etc.).
test.skip / xit / pending)Run the failing tests in isolation to diagnose. Fix the failure. Re-run the full suite. Do not proceed to Stage 4 until Stage 3 is clean.
Quick surface-level scan for critical issues introduced in this changeset.
# Node.js
npm audit --audit-level=high
# Python
pip-audit
# Ruby
bundle audit check --update
Check that no credentials, tokens, or keys were accidentally committed:
# If git-secrets or gitleaks is available
gitleaks detect --source . --no-git
# Otherwise: manual grep
grep -rn "password\s*=\s*['\"]" --include="*.ts" --include="*.js" --include="*.py" .
grep -rn "api_key\s*=\s*['\"]" --include="*.ts" --include="*.js" --include="*.py" .
grep -rn "secret\s*=\s*['\"]" --include="*.ts" --include="*.js" --include="*.py" .
If package.json / requirements.txt / Gemfile / go.mod changed, invoke @security agent BEFORE pushing.
Do NOT assume the quality gate audit is sufficient. Security performs:
For each file modified in this push, verify:
eval() or equivalent dynamic code executionFor a full audit, invoke the @security agent separately.
@security for a full audit if the scope is large.Only after all four stages pass:
## Quality Gate: PASSED ✅
| Stage | Result | Notes |
|:-------------|:--------|:-----------------------------|
| Lint | ✅ Pass | 0 errors, 0 warnings |
| Type-Check | ✅ Pass | 0 errors |
| Tests | ✅ Pass | 142 passed, 0 failed |
| Security | ✅ Pass | 0 vulns, 0 secrets |
**Safe to push.**
npx claudepluginhub adihebbalae/attacca --plugin attaccaEnforces quality gates in TypeScript/Node.js projects: pre-commit linting/formatting with ESLint/Prettier/tsc, tests/coverage with Vitest, builds, CI checks, security audits, E2E with Playwright, and Lighthouse performance.
Verifies code quality before PR submission using build, type, lint, test, security, and diff stages. Run via /verification-loop or auto-triggered for changes.
Pre-push safety gate that scans for secrets, forbidden files, oversized pushes, and divergence before allowing any git push. Blocks pushes on secret hits.