playbooks

home / skills / multiversx / mx-ai-skills / project_culture

project_culture skill

/antigravity/skills/project_culture

This skill evaluates code maturity against MultiversX standards by inspecting docs, tests, linting, and dependency practices to boost reliability.

npx playbooks add skill multiversx/mx-ai-skills --skill project_culture

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
1.7 KB
---
name: project_culture
description: Assess code maturity based on MultiversX standards (docs presence, testing culture).
---

# Project Culture & Code Maturity Index

This skill helps you gauge the quality and reliability of a codebase based on "smells" and cultural indicators.

## 1. Documentation Quality
- **Docs Presence**: Is there a `README.md`? Does it explain *how* to build and test?
- **MultiversX Specifics**:
    - `mxpy.json`: Indicates use of standard build tools.
    - `snippets.sh` or `interaction/`: Scripts for deploying/interacting.
- **Specs**: Are there `.md` files in `specs/` or `whitepaper/`?

## 2. Testing Culture
- **Unit Tests**: Run `cargo test`. Are there tests? Do they cover edge cases or just "happy path"?
- **Integration Tests**: Look for `scenarios/` (Mandos).
    - *Gold Standard*: `scen.json` files covering every endpoint.
    - *Red Flag*: No scenarios, or only `deployment.scen.json`.
- **Simulation**: Is `mx-chain-simulator-go` mentioned in CI or scripts?

## 3. Code Hygiene
- **Linter**: Does `cargo clippy` pass?
- **Magic Numbers**: Are there raw integers (e.g., `86400`) instead of named constants (`SECONDS_PER_DAY`)?
- **Comments**: Are complex blocks explained?
- **Unwrap**: Excessive use of `unwrap()` instead of `sc_panic!` or checks.

## 4. Dependency Mangement
- **Lockfile**: Is `Cargo.lock` committed?
- **Version Pinning**: Are `multiversx-sc` versions pinned or wildcard `*`? (Wildcard is bad).

## Scoring (Mental Model)
- **High Maturity**: Full Mandos coverage, detailed specs, clean clippy, pinned versions. -> **Audit focus**: Business logic flaws.
- **Low Maturity**: No tests, spaghetti code, `unwrap()` everywhere. -> **Audit focus**: Basic safety, reentrancy, arithmetic overflow, DoS.

Overview

This skill evaluates code maturity and project culture against MultiversX standards to estimate reliability and audit priorities. It highlights documentation completeness, testing culture, code hygiene, and dependency management to produce actionable signals for developers and auditors. The goal is to quickly surface strengths and red flags so teams can prioritize fixes and reviewers can focus where risk is highest.

How this skill works

The skill inspects repository artifacts and CI scripts to detect presence and quality of documentation, build/deploy helpers, and formal specs. It examines test suites (unit, integration/Mandos scenarios, and simulator usage), linting results, unsafe patterns (magic numbers, unwraps), and dependency pinning/lockfile behavior. From these checks it synthesizes a maturity level and recommends audit focus areas.

When to use it

  • Before a security audit to scope effort and identify risky areas
  • During code review to enforce testing and documentation standards
  • When preparing a release to verify stability and repeatable builds
  • Onboarding new contributors to map project conventions and gaps
  • Periodic health checks to track technical debt and culture improvements

Best practices

  • Maintain clear build and test instructions and include deploy/interaction scripts for reproducible runs
  • Strive for Mandos/integration scenario coverage for every public endpoint; include simulator runs in CI
  • Run and fix linter complaints; replace magic numbers with named constants and reduce unchecked unwraps
  • Commit a lockfile and pin critical dependencies to avoid surprising upgrades
  • Document specs and design decisions in a dedicated specs or whitepaper folder

Example use cases

  • Assess a smart contract project to decide whether to hire an external auditor or run internal tests first
  • Prioritize remediation tasks after a preliminary scan flags missing tests and unpinned dependencies
  • Guide continuous integration setup by identifying missing simulator or scenario steps
  • Provide a checklist for maintainers to raise project maturity before token launches or audits

FAQ

What defines a high-maturity project?

High maturity shows full integration scenario coverage, detailed specs, clean linter output, and pinned dependencies; audit focus shifts to nuanced business logic.

What are the biggest red flags?

No integration scenarios, almost no unit tests, widespread unchecked unwraps, unpinned core dependencies, and absent specs — these suggest basic safety issues to fix first.