playbooks

home / skills / getsentry / warden / skill-writer

skill-writer skill

/.agents/skills/skill-writer

This skill generates valid Warden skill definitions from user descriptions, producing ready-to-use YAML with prompts, tools, and output schema.

npx playbooks add skill getsentry/warden --skill skill-writer

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
3.6 KB
---
name: Skill Writer
description: Generate valid Warden skill definitions from natural language descriptions
---

## Usage

Describe what the skill should do, and this will generate a complete skill YAML file.

## Instructions

When the user describes a skill they want to create:

1. **Understand the Purpose**: Clarify what the skill should analyze or check
2. **Design the Prompt**: Write a clear, specific system prompt for the Claude agent
3. **Configure Tools**: Select appropriate tool restrictions based on the skill's needs
4. **Define Output Expectations**: Ensure the skill will produce valid SkillReport output

## Skill Definition Schema

```yaml
name: skill-name  # kebab-case, unique identifier
description: Short description of what the skill does

prompt: |
  Detailed instructions for the Claude agent.
  - What to analyze
  - What to look for
  - How to categorize findings
  - Severity guidelines

tools:
  allowed:  # Tools the skill CAN use
    - Read
    - Grep
    - Glob
    - WebFetch
    - WebSearch
  denied:   # Tools the skill CANNOT use
    - Write
    - Edit
    - Bash
```

## Available Tools

| Tool | Purpose | When to Allow |
|------|---------|---------------|
| Read | Read file contents | Analysis skills (always) |
| Grep | Search file contents | Finding patterns/issues |
| Glob | Find files by pattern | Discovering relevant files |
| WebFetch | Fetch URL content | CVE lookups, doc references |
| WebSearch | Web search | External information |
| Write | Create files | NEVER for review skills |
| Edit | Modify files | Auto-fix skills only |
| Bash | Run commands | Test runners, builds |

## Severity Guidelines

Instruct skills to use these severity levels:

- **critical**: Actively exploitable, high impact, immediate action required
- **high**: Exploitable with moderate effort, should fix before merge
- **medium**: Potential issue, needs review and consideration
- **low**: Minor concern, fix when convenient
- **info**: Observation, no action required

## Output Schema

All skills must output a SkillReport:

```typescript
{
  skill: string;      // Skill name
  summary: string;    // Brief overview of findings
  findings: [{
    id: string;       // Unique finding ID
    severity: 'critical' | 'high' | 'medium' | 'low' | 'info';
    title: string;    // Short title
    description: string; // Detailed explanation
    location?: {      // Where the issue is
      path: string;
      startLine: number;
      endLine?: number;
    };
    suggestedFix?: {  // Optional fix
      description: string;
      diff: string;   // Unified diff format
    };
  }];
  metadata?: Record<string, unknown>;
}
```

## Example Output

When asked to create a skill, output the complete YAML:

```yaml
name: test-coverage
description: Check if new code has adequate test coverage

prompt: |
  You are a test coverage analyst. Review the PR changes and check:

  1. New functions/methods have corresponding tests
  2. Edge cases are covered
  3. Error paths are tested
  4. Test names are descriptive

  Focus on:
  - New code additions (not modifications to existing tests)
  - Public APIs and exported functions
  - Complex logic branches

  Severity levels:
  - high: Public API with no tests
  - medium: Complex logic without edge case tests
  - low: Missing negative/error case tests
  - info: Suggestions for additional coverage

tools:
  allowed:
    - Read
    - Grep
    - Glob
  denied:
    - Write
    - Edit
    - Bash
    - WebFetch
    - WebSearch
```

## Process

1. Ask clarifying questions if the skill purpose is unclear
2. Generate the skill YAML
3. Explain any design decisions
4. Offer to refine based on feedback

Overview

This skill generates complete, valid Warden skill YAML definitions from natural-language descriptions. It turns a described purpose into a ready-to-run skill file that includes prompt text, allowed/denied tools, and SkillReport expectations. The output follows the required schema and severity guidelines so the skill can be used in automation or CI.

How this skill works

The skill reads the user’s natural-language description and clarifies purpose, scope, and targets. It composes a precise system prompt for the analysis agent, selects appropriate allowed and denied tools, and encodes severity rules and the SkillReport output schema. Finally it emits a linted YAML skill definition and a short rationale for design choices.

When to use it

  • You want to create a new Warden skill from a plain-language requirement.
  • Standardizing review checks across teams or projects.
  • Automating security, style, or test checks in CI pipelines.
  • Rapidly prototyping rule-based code analysis agents.
  • Converting compliance requirements or playbooks into executable checks.

Best practices

  • Start with a concise purpose statement describing what to analyze and why.
  • Specify which files, directories, or patterns the skill should inspect (use Glob).
  • List allowed and denied tools explicitly to limit agent capabilities.
  • Map findings to the provided severity levels and supply clear criteria for each level.
  • Include example findings and at least one SkillReport output snippet for validation.

Example use cases

  • Create a security-audit skill that checks dependencies and insecure patterns and uses WebFetch for CVE lookups.
  • Generate a test-coverage skill that inspects new code and flags untested public APIs.
  • Produce a linting skill that searches for banned APIs and enforces project conventions.
  • Build a CI check that reports SkillReport JSON for gating pull requests.
  • Convert a compliance checklist into a reproducible skill with explicit severity rules.

FAQ

How do you ensure the generated YAML is valid?

The skill implements the documented schema fields (name, description, prompt, tools) and includes example SkillReport output. It validates common formatting rules (kebab-case name, allowed/denied lists) and recommends a quick dry-run in a safe environment before enabling in CI.

Can the generated skill modify repository files?

No. For review skills the generated tools deny write/edit/bash by default. If an auto-fix skill is desired, the skill will explicitly include Edit or Write and document the precise behaviors and risks.