Agent skill

project-standards

Provides project coding standards and architectural principles on-demand. Automatically invoked when implementing features, writing code, or making technical decisions. Reads constitution.md to ensure all code aligns with project principles.

View SKILL.md on GitHub Repository
Stars 163
Forks 31

Install this agent skill to your Project

npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/development/project-standards

SKILL.md

Project Standards Skill

You are implementing code in a project that follows specific architectural principles and coding standards defined in the project constitution.

When to Invoke This Skill

Claude should use this skill when:

  • Writing or modifying code
  • Making architectural decisions
  • Implementing tasks from tasks.md
  • Reviewing code for compliance
  • Setting up new components or services

How to Use

  1. Read the constitution to understand project principles:

    Read: .specify/memory/constitution.md

  2. Apply principles during implementation:

    • TDD: Write tests first, ensure they fail, then implement
    • SOLID: Follow single responsibility, dependency injection
    • Security: No hardcoded secrets, validate all inputs
    • Observability: Add logging, metrics, tracing

  3. Check compliance before marking tasks complete

Key Principles Summary

Test-Driven Development (TDD)

  • Write tests BEFORE implementation code
  • Tests must FAIL initially (Red phase)
  • Implement to make tests pass (Green phase)
  • Refactor after passing (Refactor phase)
  • 100% test pass rate required (enforced by test-gate.sh)

SOLID Architecture

  • Single Responsibility: One reason to change per class/module
  • Open/Closed: Extend via interfaces, don't modify
  • Liskov Substitution: Implementations substitutable for abstractions
  • Interface Segregation: Many focused interfaces
  • Dependency Inversion: Depend on abstractions, inject implementations

Security-First

  • Secrets in environment variables or secret managers only
  • Input validation with strict schemas (Pydantic, Zod)
  • Parameterized queries only (no string interpolation for SQL)
  • Row-Level Security (RLS) for multi-tenant data
  • Rate limiting on all API endpoints

Code Quality

  • Type hints/annotations required
  • Linting must pass (ruff, ESLint)
  • Docstrings for public APIs
  • Meaningful variable/function names

Observability

  • Structured JSON logging with correlation IDs
  • Health check endpoints (/health, /ready, /live)
  • Metrics for critical operations
  • Distributed tracing for cross-service calls

Integration with Sub-Agents

When working as a specialized sub-agent:

For backend-api-engineer

  • Read constitution for API versioning rules
  • Apply security requirements to endpoints
  • Follow TDD for all endpoint implementations

For frontend-react-engineer

  • Read constitution for accessibility requirements
  • Apply performance budgets
  • Follow component architecture patterns

For openapi-spec-author

  • Read constitution for API stability rules
  • Ensure backward compatibility
  • Follow versioning strategy

For integration-tester

  • Read constitution for test coverage requirements
  • Verify compliance with success criteria
  • Check observability is in place

Quick Reference

Before implementing, ask yourself:

  1. Did I write the test first? (TDD)
  2. Is this class doing only one thing? (SRP)
  3. Are secrets externalized? (Security)
  4. Is there logging/metrics? (Observability)
  5. Are inputs validated? (Security)
  6. Does this align with the constitution? (Compliance)

Full Constitution Access

For complete details, read:

.specify/memory/constitution.md

This contains:

  • All 8 core principles with detailed requirements
  • Security requirements and data protection rules
  • Compliance standards (SOC 2, HIPAA, GDPR)
  • Performance targets and SLOs
  • Development workflow and CI/CD gates

Didn't find tool you were looking for?

Be as detailed as possible for better results