playbooks

home / skills / git-fg / thecattoolkit / applying-code-standards

applying-code-standards skill

/plugins/sys-builder/skills/applying-code-standards

This skill helps you apply universal code standards for TDD, security, and quality across debugging, review, and implementation tasks.

npx playbooks add skill git-fg/thecattoolkit --skill applying-code-standards

Review the files below or copy the command above to add this skill to your agents.

Files (12)
SKILL.md
1.5 KB
---
name: applying-code-standards
description: "Provides Universal Standard for TDD, Security, and Code Quality. PROACTIVELY Use when writing code, debugging errors, or reviewing PRs. Modes: debug, review, refactor, implement."
context: fork
agent: worker
allowed-tools: [Read, Write, Edit, Bash, Glob, Grep]
---

# Applying Code Standards Protocol



## Workflow Selection

### Mode: Debugging
**Trigger**: "Fix this error", "Why is this failing?", "Debug...", crashes, test failures
**Protocol**: Load and apply the Debugging Workflow section from [core-engineering.md](references/core-engineering.md)

### Mode: Code Review
**Trigger**: "Review this", "Check for bugs", "PR review", assessing code quality
**Protocol**: Load and apply [review-workflow.md](references/review-workflow.md)

### Mode: Static Analysis
**Trigger**: "Static analysis", "Security scan", "Code quality check", "SAST", "Analyze code"
**Protocol**: Load and apply [static-analysis-workflow.md](references/static-analysis-workflow.md)

### Mode: Implementation (TDD)
**Trigger**: "Implement feature", "Write code", "Build..."
**Protocol**: Load and apply [tdd-protocol.md](references/tdd-protocol.md)

### Mode: Refactoring
**Trigger**: "Refactor", "Clean up", "Improve structure"
**Protocol**: Load and apply [refactoring-patterns.md](references/refactoring-patterns.md)

## Engineering Standards
Consult [core-engineering.md](references/core-engineering.md) for Universal Standards including TDD Protocol, Security (OWASP), Testing, and Debugging workflows.

Overview

This skill provides a universal protocol for Test-Driven Development, security, and code quality applied proactively during coding, debugging, and PR review. It guides engineers across four modes—debug, review, refactor, implement—so work stays consistent with TDD, OWASP-informed security, and static analysis best practices. The guidance is tuned for Python but is broadly applicable to other languages.

How this skill works

Select one of four modes depending on the task: Debugging, Code Review, Static Analysis, Implementation (TDD), or Refactoring. For each mode the skill runs a checklist-style workflow: detect triggers, run targeted inspections, propose concrete fixes or tests, and produce an actionable summary. Outputs include failing test diagnosis, prioritized security findings, refactor suggestions, and minimal passing test-driven implementations.

When to use it

  • When tests are failing or an exception trace appears (Debugging mode).
  • Before merging a pull request or when asked to review code (Code Review mode).
  • To run a security or quality scan across a codebase or directory (Static Analysis mode).
  • When adding features or implementing behavior—start with tests (Implementation/TDD mode).
  • When cleaning technical debt or improving code readability and design (Refactoring mode).

Best practices

  • Always begin feature work with a failing unit or integration test before implementation.
  • Prioritize security issues by exploitability and impact; recommend fixes aligned with OWASP guidance.
  • Produce minimal, well-scoped refactors that keep behavior unchanged and add tests where gaps exist.
  • Use automated static analysis and linters early; treat findings as tickets with severity and repro steps.
  • Provide small, actionable code diffs or patch suggestions rather than vague high-level comments.

Example use cases

  • Diagnose a test suite failure: identify the failing assertion, root cause, and propose a minimal fix plus a regression test.
  • Perform a PR review: check for logic bugs, missing tests, insecure patterns, and suggest concrete code changes.
  • Run a security scan: flag input validation, authentication, and dependency issues with remediation steps.
  • Implement a new API endpoint by writing failing tests, implementing the controller, and adding security checks.
  • Refactor a tangled function: split responsibilities, add unit tests, and measure before/after complexity.

FAQ

Is this Python-specific?

The protocols are language-agnostic but include Python-focused examples and recommendations for tooling and tests.

Will it fix code automatically?

It provides concrete diffs and step-by-step instructions; automation depends on your CI/tooling to apply patches.